###  INFO  #####################################################################

my $scriptName = 'svcInfo.pl';
my $VERSION = '1.1.20060816';
my $scriptAuthor = 'Tim Johnson';
my $scriptContact = 'tojo2000@tojo2000.com';
my $scriptDescription = 'Enumerates services and prints all service permissions.';

###  INIT  #####################################################################

use strict;
use warnings;
use Win32::Service;
use Win32::SDDL;
use Net::Ping;
$| = 1;

my $p = Net::Ping->new('icmp',2);

#Print to a logfile because the output is very large.
open( LOG,">","svcInfo.log" ) or die("Couldn't open 'svcInfo.log' for writing!\n");

#Edit this line to perform this operation on a list of computers
my @computers = ( $ENV{COMPUTERNAME} );

###  MAIN  #####################################################################

#Cycle through the list
foreach my $computer(@computers){
    my %services;
    $computer =~ s/\$$//;

    Print("$computer...");

    #Ping it first to see if it exists
    unless($p->ping($computer)){
           Print("No Ping!\n\n");
           next;
    }

    #Get the service info
    unless(Win32::Service::GetServices("$computer",\%services)){
        Print("Failed!\n\n");
        next;
    }
    Print("\n\n");

    #cycle through the services and get permissions
    foreach my $service(sort keys %services){
        Print("SERVICE => $service\n");
        Print("-----------");
        Print("-") for 1..length($service);
        Print("\n\n");

        #This part is why you need XP or 2003
        my $SD = (`sc \\\\$computer sdshow $services{$service}`)[1];
        chomp $SD;

        #Initialize the Win32::SDDL object and import the SDDL string
        my $sddl = Win32::SDDL->new('service');
        my $return = $sddl->Import($SD) or die("Unable to import security descriptor '$SD'!\n");
        if($return == 2){
            Print("***EMPTY ACE***\n\n");
            Print("=================================================================\n\n\n");
            next;
        }

        #Cycle through the access control entries
        foreach my $ace(sort {$a->{Trustee} cmp $b->{Trustee}} @{$sddl->{ACL}}){
            Print("    Type                  => ".$ace->{Type}."\n\n");
            Print("    Trustee               => ".$ace->{Trustee}."\n\n");
            Print("    Access                => ".join("\n                             ",@{$ace->{AccessMask}})."\n\n");
            Print("    Flags                 => ".join("\n                             ",@{$ace->{Flags}})."\n\n");
            Print("    Object Type           => ".$ace->{ObjectType}."\n\n");
            Print("    Inherited Object Type => ".$ace->{InheritedObjectType}."\n");
            Print("\n");
            Print("    ---------------------\n\n");
        }
        Print("=================================================================\n\n\n");
    }
}

###  SUBS  #####################################################################

#Just to make it easier to keep a log of all output of the script.
sub Print{
    print @_;
    print LOG @_;
}