Getting Windows System details

chrislive

Hey everyone,

Im working on a network audit tool but wanted to be able to run an update script that would scan an IP range and get details about the client machine. I want this to happen at 2am and to compile a list of machines that have been added to the network during that day and to capture as much information as possible such as Operating System and Hardware details. I have seen windows programs that can do this but nothing built using PHP.

Any ideas?

thorpe

Php runs on the server, not the client. So no.... you wont be able to retrieve info about the client using php.

stevesweetland

as above.

you might find it possible to do some kind of local browser scripting to retreive details which you then post to php... i guess... maybe... but i doubt it.

chrislive

i have seen php scripts that run pings etc.. i thought there would be a way to do similar... i dont mind if the server has a series on sh scripts that run the commands and i execute them from php.. any one else??

thorpe

i dont mind if the server has a series on sh scripts that run the commands

Thats the whole point... Anything you run will be on the server, not the client.

chrislive

i think my post has been misunderstood..(not by anyones fault but my own I'm sure) what I wanted was a server that would be able to (through a PHP interface) scan an IP range and get information such as OS and IP. Something like what you can do with NMAP. I dont want those PC's to have to view the script on the server (I understand how a server/client environment works).

I found php nmap which I could probably customise and filter to get at least some of the details I want but to run this script I have to suid root nmap which is a huge security risk and is not worth the additional functionality I want to add into my audit logs.

to be more specific, I have an audit software I am writing on Server1. I want to run a command from the PHP frontend (through my browser on a client) and specify an ip or ip range. I will then ensure that the IP address is an internal IP address and not an outside one (to stop people using this to bombard a server with requests). Once confirmed the script will then run the scans, return a list of active Computers that are not already in my database or which seem to have changed IP's and give the user the option to add that into the database and enter more data for that machine.

I am NOT trying to have the clients request a page and give OS details etc.

If this cant be done without creating major security issues (as suid root nmap may do) I may consider building a small webserver to sit on each client PC that will gather their own OS, IP and Hostname and send that to my Audit Server through HTTP. This is not the best option as I dont want any installations required on the clients if possible.

Is that a bit clearer?