winfo 

What is winfo? 

"winfo" uses null sessions to remotely retrieve a list of user accounts, workstation trust accounts, interdomain trust accounts, server trust accounts, and shares, from Windows NT. It also identifies the built-in Administrator and Guest accounts, even if their names have been changed. Of course winfo will show all hidden shares. 

Name a feature that makes winfo extra useful. 

One of the features is the -n switch, which activates null session mode. Without this switch, winfo can be used to retrieve the information mentioned, but using an already established connection to the other computer. For example, if null sessions have been restricted but you have a valid user account, you can connect first and then use winfo to retrieve the information you need. 

How do I use this tool? 

Download the exe file and run it from the Command Prompt. It will give you the instructions you need. 

Which OS's are supported? 

Windows NT 4.0 and Windows 2000. 

The winfo FAQ 

Q: How do I redirect or stop the output? 
A: You can redirect the output to a file by appending for example "> file.txt" at the end of what you write at the Command Prompt. You can stop the output by appending "| more". 
Q: What makes winfo better than RedButton? 
A: One thing is the -n switch, described on the previous page. Another thing is that all user accounts are displayed, not only the built-in Administrator account. Yet another thing is that all trust accounts are displayed. 
Q: What makes winfo better than ntis? 
A: winfo won't try to log into the checked computer by trying passwords on all accounts. This can be both good or bad - good if you're not using winfo to break into the other computer, or test it's security - bad if you're trying to do just that. The thought is that winfo is supposed to be used as simply a useful NT tool, without putting a lot of entries in the security event log. Another thing is that winfo shows all trust accounts. 
