在内网渗透的过程中,经常会遇到需要查看域用户登陆了哪些机器,目前我们收集整理了三种方法,给大家分享出来。
使用vbs脚本来查询
' Script for getting current logged user name on Domain ' Author : mwpq ' www.sharecenter.net strDomainName = InputBox ("Please enter the internal Domain Name:","Script for getting current logged username","yourdomain.local") arrDomLevels = Split(strDomainName, ".") strADsPath = "dc=" & Join(arrDomLevels, ",dc=") Const ADS_SCOPE_SUBTREE = 2 Set objConnection = CreateObject("ADODB.Connection") Set objCommand = CreateObject("ADODB.Command") objConnection.Provider = "ADsDSOObject" objConnection.Open "Active Directory Provider"' Set objCOmmand.ActiveConnection = objConnection objCommand.CommandText = _ "Select Name, Location from 'LDAP://"&strADsPath&"' " _ & &#