comment on

use warnings;
use strict;
use Win32::NetAdmin qw(GetServers SV_TYPE_ALL );
use Win32::TieRegistry qw(KEY_READ);
use Data::Dumper;
use Fcntl;

my %bad_stuff = (
        KaZaA            => qr/kazaa/i,
        Gnucleus         => qr/gnucleus/i,
        Napster          => qr/napster/i,    #Most of these are guessw
+ork,
        BearShare        => qr/bearshare/i,  #pulled from http://www.g
+nutelliums.com/
        LimeWire         => qr/limewire/i,
        Morpheus         => qr/morpheus/i,
        Phex             => qr/phex/i,
        Swapper          => qr/swapper/i,
        XoloX            => qr/xolox/i,
        eDonkey          => qr/edonkey/i,
        BitTorrent       => qr/bittorrent/i,
        iMesh            => qr/imesh/i,
        "Comet Systems"  => qr/comet\s*systems/i,
        "Gator.com"      => qr/gator/i,
);

$Registry->Delimiter("/");

my $domain;
($domain = Win32::DomainName) or die "Unable to obtain the domain name
+";


my %machines;
my %installed_software;
GetServers("", $domain, SV_TYPE_ALL, \%machines) or die "GetServers fa
+iled: $!\n";

foreach my $machine (sort keys %machines) {
        #print "Attempting to connect to registry on $machine\n";
        my $remKey= $Registry->Connect($machine, "HKEY_USERS/", { Acce
+ss=>KEY_READ, Delimiter=>"/" } );
        unless($remKey) {
                warn "Couldn't connect to $machine: $^E\n";
                next;
        }

        foreach my $user_sid ($remKey->SubKeyNames) {
                next if($user_sid =~ /_classes$/i);   #There's always 
+a sid....._classes key - skip it.
                my $user_key = $Registry->Connect($machine, "HKEY_USER
+S/$user_sid/SOFTWARE/", { Access=>KEY_READ, Delimiter=>"/" } );
                unless($user_key) {
                        warn "Couldn't get a software key for sid $use
+r_sid on machine $machine\n";
                        next;
                }

                my $software_key = $Registry->Connect($machine, "HKEY_
+LOCAL_MACHINE/SOFTWARE/", { Access=>KEY_READ, Delimiter=>"/" } );
                unless($software_key) {
                        warn "Couldn't get a software key from HKEY_LO
+CAL_MACHINE on machine $machine\n";
                        next;
                }
                foreach my $subkey ($user_key->SubKeyNames, $software_
+key->SubKeyNames) {
                        foreach my $software (keys %bad_stuff) {
                                if($subkey =~ $bad_stuff{$software}) {
                                        next if($installed_software{$m
+achine.$software}++);
                                        print "Machine $machine could 
+have $software installed\n";
                                }
                        }
                }
        }
}
[download]

In reply to Scan Win32 Machines in domain for P2P software by davis

Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!

Titles consisting of a single word are discouraged, and in most cases are disallowed outright.

Read Where should I post X? if you're not absolutely sure you're posting in the right place.

Please read these before you post! —

Posts may use any of the Perl Monks Approved HTML tags:

a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr

You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)

	For:		Use:
	&		`&`
	<		`<`
	>		`>`
	[		`[`
	]		`]`

Link using PerlMonks shortcuts! What shortcuts can I use for linking?

See Writeup Formatting Tips and other pages linked from there for more info.