.

Identifying Windows Home vs Pro?

<<

lorddicranius

User avatar

Sr. Member
Sr. Member

Posts: 448

Joined: Thu Mar 03, 2011 3:54 am

Post Wed Jan 18, 2012 11:24 am

Identifying Windows Home vs Pro?

I was wondering if there was a way to remotely differentiate between Windows Home and Windows Pro.  Scanning via, say nmap, only tells me if it's Windows XP vs Windows 7, etc.  The whole purpose of this is to not only create an updated and detailed database of all of PC's on the network, but to know which ones I need to upgrade to Pro so that they can be added to a Windows domain.
GSEC, eCPPT, Sec+
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Wed Jan 18, 2012 12:02 pm

Re: Identifying Windows Home vs Pro?

If you have a list of host names/IPs in a text file, you could loop through that and execute systeminfo via psexec and redirect the output to a text file. The info you're looking for would be in the "OS Name" and/or "OS Version" fields.

You might just want to check out OpenAudit, which will also inventory software, etc.
The day you stop learning is the day you start becoming obsolete.
<<

tturner

User avatar

Sr. Member
Sr. Member

Posts: 435

Joined: Thu Jun 26, 2008 4:50 pm

Post Wed Jan 18, 2012 12:14 pm

Re: Identifying Windows Home vs Pro?

How about

  Code:
wmic /node:machinename /user:username os get | find "Windows Home"


(or whatever the home string looks like, don't have access to one at the moment)

I did something similar in the past looking for a list of machines with specific hotfix (WMIC QFE) by creating a ping sweep and outputting results to a txt file containing just the ip addresses and using that as a source for the WMIC command by replacing machinename above with @ip_addresses.txt

*Edit* or Dynamik's solution would work too. Different strokes... I like WMIC a lot :)
Certifications:
CISSP, CISA, GPEN, GWAPT, GAWN, GCIA, GCIH, GSEC, GSSP-JAVA, OPSE, CSWAE, CSTP, VCP

WIP: Vendor WAF stuff

http://sentinel24.com/blog @tonylturner http://bsidesorlando.org
<<

lorddicranius

User avatar

Sr. Member
Sr. Member

Posts: 448

Joined: Thu Mar 03, 2011 3:54 am

Post Wed Jan 18, 2012 12:39 pm

Re: Identifying Windows Home vs Pro?

@dynamik: I've had the pstools downloaded for awhile, just obviously haven't looked through them enough haha.  Is "systeminfo via psexec" the same as the psinfo tool?  I ran a quick test with psinfo and it looks to give me what I need, but was wondering if psexec's systeminfo gives more/different info.

Thanks for the suggestions dynamik and tturner!  I think either one of these will suit my needs, and I'll look into OpenAudit as well.  An updated software inventory is something else I need too as I'm working my way through SANS 20 critical security controls.
GSEC, eCPPT, Sec+
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Wed Jan 18, 2012 5:28 pm

Re: Identifying Windows Home vs Pro?

tturner wrote:I like WMIC a lot :)


Yea, for sure. I just couldn't remember what the query was and didn't feel like searching :P

lorddicranius wrote:Is "systeminfo via psexec" the same as the psinfo tool? 


It certainly appears very close. I guess that simplifies things a bit...

lorddicranius wrote:I ran a quick test with psinfo and it looks to give me what I need, but was wondering if psexec's systeminfo gives more/different info.


systeminfo is a built in utility. Just type it in at the command prompt and see what you get. psexec was only recommended in conjunction in order to execute it on remote systems.

Now that I look at it, systeminfo /? shows that you can use it on remote systems too. I guess I failed all over this thread :o
The day you stop learning is the day you start becoming obsolete.
<<

hell_razor

User avatar

Jr. Member
Jr. Member

Posts: 90

Joined: Wed Jul 14, 2010 10:44 am

Post Wed Jan 18, 2012 5:34 pm

Re: Identifying Windows Home vs Pro?

nmap -sS -p 445 --script=smb-os-discovery.nse target_ip
A+, Network+, Server+, CISSP, GSEC, GCIH, GPEN, GCIA, GISP, GCFW
<<

lorddicranius

User avatar

Sr. Member
Sr. Member

Posts: 448

Joined: Thu Mar 03, 2011 3:54 am

Post Wed Jan 18, 2012 5:56 pm

Re: Identifying Windows Home vs Pro?

dynamik wrote:I guess I failed all over this thread :o


lol Noo, you got me going on my way :)  I've been playing around with psexec/systeminfo all day and will probably go this route as I'm more comfortable with this than WMIC.  JGamblin replied on Twitter as well:

psexec systeminfo | findstr /B /C:"OS Name" /C:"OS Version"


Now my issue is that the network didn't have any standard in configuring new PC's so there is no standard/common admin account to use to query machines for system information.  That's over 200 machines :-\

While writing this reply, hell_razor replied...

...thanks!  I gave that a shot on some of the machines here and it works pretty well!  There were a few that it wouldn't report whether it was Home or Pro, but most did.  This will help a lot until I can get around to all of the computers and setup a standard admin account (unless there's another way??)...
Last edited by lorddicranius on Wed Jan 18, 2012 5:58 pm, edited 1 time in total.
GSEC, eCPPT, Sec+
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Wed Jan 18, 2012 6:04 pm

Re: Identifying Windows Home vs Pro?

Are you not using Active Directory?
The day you stop learning is the day you start becoming obsolete.
<<

lorddicranius

User avatar

Sr. Member
Sr. Member

Posts: 448

Joined: Thu Mar 03, 2011 3:54 am

Post Wed Jan 18, 2012 6:28 pm

Re: Identifying Windows Home vs Pro?

Not presently :(  Updating the network is one of the reasons I was specifically hired for, but management doesn't want to play nice (if it's not broken, then why "fix" it).  So as I'm making plans for the upgrade to the network on paper, I'm showing my manager all the ways it'd save time and money as I go through my day to day duties (most recently an issue with an Excel update that caused most users issues when printing graphs).

I understand that each of these will float out of his memory as time goes, so at the same time I'm taking note of all these things I talk to him about so that I can present them all in one big presentation at a later date...for the bigger impact.
GSEC, eCPPT, Sec+

Return to Other

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software