Network scan for finding fully accessible folders

Could you please suggest a tool that scans the network and finds shared folder which can be accessed full rights. I need this bacuse, you know, fully accessible folders are in dangerous to be infected by virus, malware etc.
Thank you
certuranAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

McKnifeCommented:
Full rights should never be used, only modify rights. Scan for modify rights and full, both are as dangerous.

You can scan using pretty impressive tools but I recommend a rather simple approach: create a new domain account, "anybody" who is in no domain groups apart from "domain users". Now let user "anybody" execute this script for each server
for /f %a in ('net view \\servername /all') do md \\servername\%a\writetest && echo \\servername\%a is writable for anybody>>%temp%\writable_shares.txt

Open in new window


This will give you what you need as output in %temp%\writable_shares.txt. It will however not look into subfolders, therefore, you'd need more. Tell us if you need that.
1

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
NVITCommented:
Two free Microsoft tools to help with this are AccessChk and AccessEnum

https://technet.microsoft.com/en-us/sysinternals/bb795534
0
certuranAuthor Commented:
Hi McKnife,
with the command where will I see the result text file?
0
What were the top attacks of Q1 2018?

The Threat Lab team analyzes data from WatchGuard’s Firebox Feed, internal and partner threat intelligence, and a research honeynet, to provide insightful analysis about the top threats on the Internet. Check out our Q1 2018 report for smart, practical security advice today!

McKnifeCommented:
I wrote:  output in %temp%\writable_shares.txt
To see it, press winkey+r and enter  %temp%\writable_shares.txt
0
certuranAuthor Commented:
Hi NVIT,
This tool is scanning a drive for 1 computer. I need to scan the all computers which shared their folders in the network.
0
certuranAuthor Commented:
Hi McKnife,
I reached the %temp% folder. it is ok. However, writable_shares.txt is not there. When I pasted the command that you have given me, into a batch file named SC1.bat. I have run it. Please see the result in attachment. Server name ABC.
SC1-result1.JPG
0
McKnifeCommented:
With any command it's like this: if we paste it into a batch file, we need to write "%%a" instead of each "%a".
So do that or simply paste that command into a command shell that "anybody" has opened.
0
McKnifeCommented:
Did you try that? I just corrected my last comment, if you use a batch, use %%a instead of %a, but not %%temp%% instead of %temp%.
0
certuranAuthor Commented:
Hello Dear McKnife,
Thank you for the detail correction. I got it. It worked. I've started to collect the information I need. But if the server or client that I am scanning is not available, the command waiting for response. Is there any parameter to skip next. For example Wait:1 (only 1 second waits)
I am using this:

@echo off
for /F "usebackq delims==" %%I in ("Machines.txt") do Call :begin %%I
goto :EOF

:begin
set srv=%1
:get info

@echo %srv%

for /f %%a in ('net view \\%srv% /all') do md \\%srv%\%%a\writetest1 && echo \\%srv%\%%a is writable for anybody>>c:\z\writable_shares1.txt
0
McKnifeCommented:
Servers are available, always, that's what they live for ;-)
0
certuranAuthor Commented:
Actually I am scanning throuhout the network. All Clients and Servers. Machine is alive. But somehow there are some errors. Such as;
Error 53
Network name could not be found
Access denied
System could not find the file
etc.
For some machines command waiting for response.
Can we put any parameter not to wait and skip it?
0
McKnifeCommented:
If we assume that the machine has the smb port 445 open when shares are accessible, you can do
for /f %%a in (serverlist.txt) do portping %%a 445 -s && echo %%a>%temp%\ListOfAvailableServers.txt

Open in new window

Use portping.exe from http://www.tkolb.de/portping-screenshots-13-34.html
This will generate a list of servers that you can definitely work with.
1
certuranAuthor Commented:
command is giving this error:
'portping' is not recognized as an internal or external command, operable program or batch file.
0
certuranAuthor Commented:
excuse me, understand now. downloaded. it worked :)
0
certuranAuthor Commented:
Very useful solution. Thank you McKnife. You are great.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Analysis

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.