如何编程得到远程机器的用户名列表?

windows下如何实现?unix主机没开放figer如何实现?谢谢,请尽量详细,因为我太菜:) 最好有源码~
---------------------------------------------------------------

探测WIN2000下的NETBIOS.建立空会话,好像还有UNICODE的编码.

以下是我拷的一份代码.
/*
=====[ T-SMB Scan, by TOo2y ]=====
=====[ E-mail: [email protected] ]=====
=====[ HomePage: www.safechina.net ]=====
=====[ Date: 12-12-2002 ]=====
*/

#define UNICODE
#define _UNICODE

#include

  1<windows.h>   
  2#include <winnetwk.h>   
  3#include <tchar.h>   
  4#include "..\include\lmaccess.h"   
  5#include "..\include\lmserver.h"   
  6#include "..\include\lmshare.h"   
  7#include <lm.h>   
  8  
  9#pragma comment (lib,"mpr")   
 10#pragma comment (lib,"netapi32")   
 11  
 12void start();   
 13void usage();   
 14int datetime(PTSTR server);   
 15int fingerprint(PTSTR server);   
 16int netbios(PTSTR server);   
 17int users(PTSTR server);   
 18int localgroup(PTSTR server);   
 19int globalgroup(PTSTR server);   
 20int transport(PTSTR server);   
 21int session(PTSTR server);   
 22  
 23int wmain(int argc,TCHAR *argv[])   
 24{   
 25NETRESOURCE nr;   
 26DWORD ret;   
 27TCHAR username[100]=_T("");   
 28TCHAR password[100]=_T("");   
 29TCHAR ipc[100]=_T("");   
 30  
 31system("cls.exe");   
 32start();   
 33if(argc!=2)   
 34{   
 35usage();   
 36return -1;   
 37}   
 38swprintf(ipc,_T("\\\\\\\%s\\\ipc$"),argv[1]);   
 39nr.lpLocalName=NULL;   
 40nr.lpProvider=NULL;   
 41nr.dwType=RESOURCETYPE_ANY;   
 42nr.lpRemoteName=ipc;   
 43ret=WNetAddConnection2(&amp;nr,username,password,0);   
 44if(ret!=ERROR_SUCCESS)   
 45{   
 46_tprintf(_T("\nIPC$ Connect Failed.\n"));   
 47return -1;   
 48}   
 49  
 50datetime(argv[1]);   
 51fingerprint(argv[1]);   
 52netbios(argv[1]);   
 53users(argv[1]);   
 54localgroup(argv[1]);   
 55globalgroup(argv[1]);   
 56transport(argv[1]);   
 57session(argv[1]);   
 58  
 59ret=WNetCancelConnection2(ipc,0,TRUE);   
 60if(ret!=ERROR_SUCCESS)   
 61{   
 62_tprintf(_T("IPC$ Disconnect Failed.\n"));   
 63return -1;   
 64}   
 65return 0;   
 66}   
 67  
 68void start()   
 69{   
 70_tprintf(_T("=====[ T-SMB Scan, by TOo2y ]=====\n"));   
 71_tprintf(_T("=====[ E-mail: [email protected] ]=====\n"));   
 72_tprintf(_T("=====[ HomePage: www.safechina.net ]=====\n"));   
 73_tprintf(_T("=====[ Date: 12-12-2002 ]=====\n"));   
 74}   
 75  
 76void usage()   
 77{   
 78_tprintf(_T("\nUsage:\t T-SMB Remoteip"));   
 79_tprintf(_T("\nRequest: Remote host must be opening port 445/tcp of Microsoft-DS.\n"));   
 80}   
 81  
 82int datetime(PTSTR server)   
 83{   
 84PTIME_OF_DAY_INFO pBuf=NULL;   
 85NET_API_STATUS nStatus;   
 86DWORD lerror;   
 87  
 88_tprintf(_T("\n*** Date and Time ***\n"));   
 89nStatus=NetRemoteTOD(server,(PBYTE*)&amp;pBuf);   
 90if(nStatus==NERR_Success)   
 91{   
 92if(pBuf!=NULL)   
 93{   
 94_tprintf(_T("\nCurrent date:\t%.2d-%.2d-%d"),pBuf-&gt;tod_month,pBuf-&gt;tod_day,pBuf-&gt;tod_year);   
 95_tprintf(_T("\nCurrent time:\t%.2d:%.2d:%.2d.%.2d (GMT)"),pBuf-&gt;tod_hours,pBuf-&gt;tod_mins,pBuf-&gt;tod_secs,pBuf-&gt;tod_hunds);   
 96pBuf-&gt;tod_hours=(pBuf-&gt;tod_hours+8)%24;   
 97_tprintf(_T("\nCurrent time:\t%.2d:%.2d:%.2d.%.2d (GMT+08:00)\n"),pBuf-&gt;tod_hours,pBuf-&gt;tod_mins,pBuf-&gt;tod_secs,pBuf-&gt;tod_hunds);   
 98}   
 99}   
100else   
101{   
102lerror=GetLastError();   
103if(lerror==997)   
104{   
105_tprintf(_T("\nDateTime:\tOverlapped I/O operation is in progress. \n"));   
106}   
107else   
108{   
109_tprintf(_T("\nDatetime Error:\t%d\n"),lerror);   
110}   
111}   
112if(pBuf!=NULL)   
113{   
114NetApiBufferFree(pBuf);   
115}   
116return 0;   
117}   
118  
119int fingerprint(PTSTR server)   
120{   
121DWORD dwlength;   
122DWORD dwLevel;   
123NET_API_STATUS nStatus;   
124PSERVER_INFO_101 pBuf;   
125DWORD lerror;   
126  
127dwLevel=101;   
128pBuf=NULL;   
129dwlength=_tcslen(server);   
130  
131_tprintf(_T("\n**** Fingerprint ****\n"));   
132nStatus=NetServerGetInfo(server,dwLevel,(PBYTE *)&amp;pBuf);   
133if(nStatus==NERR_Success)   
134{   
135_tprintf(_T("\nComputername:\t%s"),pBuf-&gt;sv101_name);   
136_tprintf(_T("\nComment:\t%s"),pBuf-&gt;sv101_comment);   
137_tprintf(_T("\nPlatform:\t%d"),pBuf-&gt;sv101_platform_id);   
138_tprintf(_T("\nVersion:\t%d.%d"),pBuf-&gt;sv101_version_major,pBuf-&gt;sv101_version_minor);   
139_tprintf(_T("\nType:"));   
140if(pBuf-&gt;sv101_type &amp; SV_TYPE_NOVELL)   
141{   
142_tprintf(_T("\t\tNovell server.\n"));   
143}   
144if(pBuf-&gt;sv101_type &amp; SV_TYPE_XENIX_SERVER)   
145{   
146_tprintf(_T("\t\tXenix server.\n"));   
147}   
148if(pBuf-&gt;sv101_type &amp; SV_TYPE_DOMAIN_ENUM)   
149{   
150_tprintf(_T("\t\tPrimary domain .\n"));   
151}   
152if(pBuf-&gt;sv101_type &amp; SV_TYPE_TERMINALSERVER)   
153{   
154_tprintf(_T("\t\tTerminal Server.\n"));   
155}   
156if(pBuf-&gt;sv101_type &amp; SV_TYPE_WINDOWS)   
157{   
158_tprintf(_T("\t\tWindows 95 or later.\n"));   
159}   
160if(pBuf-&gt;sv101_type &amp; SV_TYPE_SERVER)   
161{   
162_tprintf(_T("\t\tA LAN Manager server.\n"));   
163}   
164if(pBuf-&gt;sv101_type &amp; SV_TYPE_WORKSTATION)   
165{   
166_tprintf(_T("\t\tA LAN Manager workstation.\n"));   
167}   
168if(pBuf-&gt;sv101_type &amp; SV_TYPE_PRINTQ_SERVER)   
169{   
170_tprintf(_T("\t\tServer sharing print queue.\n"));   
171}   
172if(pBuf-&gt;sv101_type &amp; SV_TYPE_DOMAIN_CTRL)   
173{   
174_tprintf(_T("\t\tPrimary domain controller.\n"));   
175}   
176if(pBuf-&gt;sv101_type &amp; SV_TYPE_DOMAIN_BAKCTRL)   
177{   
178_tprintf(_T("\t\tBackup domain controller.\n"));   
179}   
180if(pBuf-&gt;sv101_type &amp; SV_TYPE_AFP)   
181{   
182_tprintf(_T("\t\tApple File Protocol server.\n"));   
183}   
184if(pBuf-&gt;sv101_type &amp; SV_TYPE_DOMAIN_MEMBER)   
185{   
186_tprintf(_T("\t\tLAN Manager 2.x domain member.\n"));   
187}   
188if(pBuf-&gt;sv101_type &amp; SV_TYPE_LOCAL_LIST_ONLY)   
189{   
190_tprintf(_T("\t\tServers maintained by the browser.\n"));   
191}   
192if(pBuf-&gt;sv101_type &amp; SV_TYPE_DIALIN_SERVER)   
193{   
194_tprintf(_T("\t\tServer running dial-in service.\n"));   
195}   
196if(pBuf-&gt;sv101_type &amp; SV_TYPE_TIME_SOURCE)   
197{   
198_tprintf(_T("\t\tServer running the Timesource service.\n"));   
199}   
200if(pBuf-&gt;sv101_type &amp; SV_TYPE_SERVER_MFPN)   
201{   
202_tprintf(_T("\t\tMicrosoft File and Print for NetWare.\n"));   
203}   
204if(pBuf-&gt;sv101_type &amp; SV_TYPE_NT)   
205{   
206_tprintf(_T("\t\tWindows NT/2000/XP workstation or server.\n"));   
207}   
208if(pBuf-&gt;sv101_type &amp; SV_TYPE_WFW)   
209{   
210_tprintf(_T("\t\tServer running Windows for Workgroups.\n"));   
211}   
212if(pBuf-&gt;sv101_type &amp; SV_TYPE_POTENTIAL_BROWSER)   
213{   
214_tprintf(_T("\t\tServer that can run the browser service.\n"));   
215}   
216if(pBuf-&gt;sv101_type &amp; SV_TYPE_BACKUP_BROWSER)   
217{   
218_tprintf(_T("\t\tServer running a browser service as backup.\n"));   
219}   
220if(pBuf-&gt;sv101_type &amp; SV_TYPE_MASTER_BROWSER)   
221{   
222_tprintf(_T("\t\tServer running the master browser service.\n"));   
223}   
224if(pBuf-&gt;sv101_type &amp; SV_TYPE_DOMAIN_MASTER)   
225{   
226_tprintf(_T("\t\tServer running the domain master browser.\n"));   
227}   
228if(pBuf-&gt;sv101_type &amp; SV_TYPE_CLUSTER_NT)   
229{   
230_tprintf(_T("\t\tServer clusters available in the domain.\n"));   
231}   
232if(pBuf-&gt;sv101_type &amp; SV_TYPE_SQLSERVER)   
233{   
234_tprintf(_T("\t\tAny server running with Microsoft SQL Server.\n"));   
235}   
236if(pBuf-&gt;sv101_type &amp; SV_TYPE_SERVER_NT)   
237{   
238_tprintf(_T("\t\tWindows NT/2000 server that is not a domain controller.\n"));   
239}   
240}   
241else   
242{   
243lerror=GetLastError();   
244if(lerror==997)   
245{   
246_tprintf(_T("\nFingerprint:\tOverlapped I/O operation is in progress.\n"));   
247}   
248else   
249{   
250_tprintf(_T("\nFingerprint Error:\t%d\n"),lerror);   
251}   
252}   
253if(pBuf!=NULL)   
254{   
255NetApiBufferFree(pBuf);   
256}   
257return 0;   
258}</lm.h></tchar.h></winnetwk.h></windows.h>
Published At
Categories with 服务器类
Tagged with
comments powered by Disqus