# 10.10.01 Sweeps a subnet for the status of DHCP and outputs to DHCPsweep.txt
# Usage DHCPsweep.pl [subnet] [outputfile]
# eg. DHCPsweep.pl 10.17.117 DHCPsweep81.txt [enter]

use strict;
use Net::Ping;
use Win32::TieRegistry;

my (%Hash, @accounts);
open OUT, ">$ARGV[1]" or die "can't open outfile\n";

for(10..239){
  my $clsid;
  my $ip="$ARGV[0].$_";
  my $p = Net::Ping->new("icmp",2);
  print OUT "$ip\t";
  print "$ip\t";
  if ($p->ping("$ip")){
      $Registry->Delimiter("/");
      my $NT=$Registry->{"//$ip/HKEY_LOCAL_MACHINE/Software/Microsoft/Windows NT/CurrentVersion//CurrentVersion"};
      my $W95=$Registry->{"//$ip/HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion//Version"};
      if ($W95){
          print "\t$W95\t";
          print OUT "\t$W95\t" or die "no print";
      }elsif($NT eq '4.0'){
          print "\tNT $NT\t";
          print OUT "\tNT $NT\t";
          my $services=$Registry->{"//$ip/HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/"};
          if ($services){
            for (keys %$services){
              if ((/CPQANC\d/)||(/AMDPCN\d/)||(/DC21X41/)){
                s/\///;
                $clsid=$_;
              }
            }
            my $dhcp=$Registry->{"//$ip/HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/$clsid/parameters/tcpip//enableDHCP"} or print "Can\'t access DHCPEnabled key";
            if ($dhcp eq '0x00000001'){ 
              print "enabled";
              print OUT "enabled";
            }
            if ($dhcp eq '0x00000000'){
              print "DISABLED";
              print OUT "DISABLED";
            }
          }else{
	    print OUT "Can\'t access Services Key";
            print "Can\'t access Services Key";
          }
      }elsif($NT eq '5.0'){
          my $machine=$Registry->{"//$ip/HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/ComputerName/ComputerName//ComputerName"};
          print "$machine\t";
          print OUT "$machine\t";
          print "NT $NT\t";
          print OUT "NT $NT\t";
          my $services=$Registry->{"//$ip/HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/"};
          if ($services){
            for (keys %$services){
              if (/{/){
                s/\///;
                $clsid=$_;
              }
            }
            my $dhcp=$Registry->{"//$ip/HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/$clsid/parameters/tcpip//enableDHCP"} or print "Can\'t access DHCPEnabled key";
            if ($dhcp eq '0x00000001'){ 
              print "enabled";
              print OUT "enabled";
            }
            if ($dhcp eq '0x00000000'){
              print "DISABLED";
              print OUT "DISABLED";
            }
          }else{
	    print OUT "Can\'t access Services Key";
            print "Can\'t access Services Key";
          }
      }else{
	  print OUT "--\tCan\'t access Registry";
          print "--\tCan\'t access Registry";
      }
            
      
  }else{
      print "--\tno ping response";
      print OUT "--\tno ping response";
  }
  $p->close();
  print "\n";
  print OUT "\n"
}