use strict;
use Win32::Lanman;
use Net::Ping;

my @shares;
my ($err,$host);
my ($server);

my $subnet = shift || die "You must enter a subnet in dot format.\n";

for $host (2..254) {
 $server = $subnet.".$host";
 \&scan($server);
}

#-----------------------------------------------------
#  Scan the host
#-----------------------------------------------------
sub scan {
 my($server) = @_;
 print "Scanning $server...\n";
 if (ping($server)) {
  if (ConnectIPC($server,"","","")) {
   print "$server: Null connection successful.\n";
   @shares = GetShares($server);
   if (@shares) {
    map{print "$_\n";}@shares;
   }
   else {
    print "No shares available.\n";
   }

   Disconnect($server);
  }
  else {
   $err = Win32::FormatMessage Win32::Lanman::GetLastError();
     $err = Win32::Lanman::GetLastError() if ($err eq "");
     print "$server:  Null connection failure:  $err\n";
  }
 }
 else {
  print "$server: Could not contact host.\n";
 }
}

#-----------------------------------------------------
#  Ping the host
#-----------------------------------------------------
sub ping {
 my ($host) = @_;
 my $p = Net::Ping->new("icmp");
 return 1 if ($p->ping($host, 2));
 return 0;
}


#-----------------------------------------------------
# Attempt a connection to IPC$; used for null session
# connections, as well as checking passwords
#-----------------------------------------------------
sub ConnectIPC {
 my($server,$passwd,$user,$domain) = @_;
 my(%Hash) = (remote => "\\\\$server\\ipc\$",
        asg_type => &USE_IPC,
             password => $passwd,
             username => $user,
             domainname => $domain);

 (Win32::Lanman::NetUseAdd(\%Hash)) ? (return 1) : (return 0);

}

#-----------------------------------------------------
# Disconnect the IPC$ connection
#-----------------------------------------------------
sub Disconnect {
  my(@server) = @_;
  (Win32::Lanman::NetUseDel("\\\\$server\\ipc\$",&USE_FORCE)) ? (return
1) : (return 0);
}

#-----------------------------------------------------
# Get the available shares
#-----------------------------------------------------
sub GetShares {
 my($server) = @_;
 my(@stuff,$str);
 my(@shares) = ();
 if (Win32::Lanman::NetShareEnum("\\\\$server",\@stuff)) {
   foreach (@stuff) {
     $str = "${$_}{'netname'}";
     push (@shares,$str);
   }
 }
 else {
    $err = Win32::FormatMessage Win32::Lanman::GetLastError();
    $err = Win32::Lanman::GetLastError() if ($err eq "");
    print "Could not get shares.  $err\n";
 }
 return @shares;
}