| Open-AudIT https://www.open-audit.org/phpBB3/ |
|
| Audit_Windows.vbs on a certain Windows 2003 SP2 Fails/hangs https://www.open-audit.org/phpBB3/viewtopic.php?f=20&t=6318 |
Page 1 of 1 |
| Author: | augrunt [ Tue Apr 15, 2014 10:38 am ] |
| Post subject: | Audit_Windows.vbs on a certain Windows 2003 SP2 Fails/hangs |
Hey guys, Encountered an issue with the script on a Windows Server 2003 (SP2), 32-bit. Specifically, this portion: [code]if (cint(local_windows_build_number) > 2222 and not local_windows_build_number = "3000") then for each oProc in getObject( "winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2").instancesOf("Win32_Process") if lcase(oProc.name) = "wscript.exe" _ or lcase(oProc.name) = "cscript.exe" Then sCmdLine = oProc.commandLine if instr(1, sCmdLine, "\" & sScriptName, vbTextCompare) > 0 _ or instr(1, sCmdLine, " " & sScriptName, vbTextCompare) > 0 _ or instr(1, sCmdLine, """" & sScriptName, vbTextCompare) > 0 then nPID = oProc.processId end if end if next end if[/code] The output hangs on: [code]C:\audit>cscript audit_windows.vbs Microsoft (R) Windows Script Host Version 5.6 Copyright (C) Microsoft Corporation 1996-2001. All rights reserved. starting audit - . Not pinging target, attempting to audit.[/code] I am not particularly sure why it hangs, but removing the code block fixes the issue and it proceeds as normal. I tried to echo in the foreach loop and nothing would spit out, so it seems it isn't actually finding anything to loop through. Any ideas? |
|
| Author: | jpa [ Wed Apr 16, 2014 1:30 am ] |
| Post subject: | Re: Audit_Windows.vbs on a certain Windows 2003 SP2 Fails/ha |
This may be indicative of WMI being corrupt on the affected machine. The script could probably handle this better but the code you've removed is not really useful so you won't notice it's gone. |
|
| Page 1 of 1 | All times are UTC + 10 hours |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|