#!/usr/bin/perl
#
# smbscan: a little perl wrapper around the adm samba client
#
# Copyright (c) 1999 Steve McNabb.  All rights reserved. This program
# is free software; you can redistribute it and/or modify it under the same terms
# as Perl itself.
# 
# You should have received a copy of the Perl license along with Perl; see the 
# file README in the Perl distribution
#
# author: Steve McNabb s.mcnabb@sympatico.ca
# 
# requirements: the slightly cooked samba client tweakedADM-SAMBA-CLIENT
# 
# I ripped out some of the more verbose messages - other than that, it's
# the same - see client.c.old for the original version.  Or, you could always
# tweak the messages for your own needs. If you want the from-the-horse's
# mouth original, you can FTP it from ftp://ADM.isp.at/ADM/
#
# installation:  plop this file somewhere in your path and make it executable
#
# usage: smbscan ip (or ip range like 123.123.123.0-200)
#
# DISCLAIMER:  I wrote this tool so that I could automatically monitor my
# employer's network for weeping security sores. 
#
# any use other than monitoring machines to which you have authorized access
# is, of course, strictly prohibited.  You assume all responsibility for your
# own actions. 
#
# and yes, I know my indenting style is weird.

$sambaclient = 'ADM-smb';
$logfile = './output.log'; 

@ARGV ? &start : eval { print "Usage: $0 (ip or range) \n"; exit };

sub start
{
	for(@ARGV)
	{
		if(/-/) { print "$_ is a range \n"; &scan_range($_) }
		elsif ( $_ !~ /\d/) { print "$_ : funny looking ip address.."}
		else	{ &scan_ip($_) }
	}
}

sub scan_ip
{
	$ip = shift;
	$out = `$sambaclient $ip`;
	
	if($out !~/GRANTED/i)
	{
		print "no open shares found on $ip\n";
		open (LOG, ">>$logfile") or die "cannot open $logfile: $!";
		print LOG "$ip - no shares\n";
		close LOG;
	} 
	else
	{
		print "looks like $ip has some shares...\n";
		open (LOG, ">>$logfile") or die "cannot open $logfile: $!";
		print LOG "\n---------------------------------\n";
		print LOG $out;
		print LOG "\n---------------------------------\n";
		close LOG;
	}
}

sub scan_range
{
	my $range = shift;
	my $_r = $range;
	my @range = split /\./,$range;
	$range[-1] =~ /(\d+)-(\d+)/;
	for($i=$1;$i<=$2;++$i)
	{
	    &scan_ip("$range[0].$range[1].$range[2].$i");
	}
}