Sure.
My Computer --> %DRIVE/FOLDER --> right click --> properties -->
security tab --> advanced --> permissions or owner depending on what you
need to do long term.
/*
Thomas J. Brennan, CISSP, MCSA, C|EH
DATA SAFE SERVICES
T:(888)663-0079 | F:(973)428-0293 | PGP Key Id: 0x96924C97
Web: www.datasafeservices.com
*/
-----Original Message-----
From: chris@compucounts.com [mailto:chris@compucounts.com]
Sent: Friday, February 18, 2005 3:49 PM
To: pen-test@securityfocus.com
Subject: Bypassing NTFS ACL
I've got domain admin access to a Windows 2003 server, and
have encountered a series of directories that are protected
by custom ACLs which do not include any group I am a member
of and are not inheriting the ACL of their parent directory.
I know there are plenty of simple solutions to this problem
such as joining the group, taking ownership of the directory,
etc, however I'm looking for a slightly more difficult
solution that wouldn't be noticed.
I want to bypass the ACL.
I figured that if root can do it in UNIX, SYSTEM could do it
in Windows, but it looks like I'm wrong:
--
C:\> whoami
nt authority\system
C:\> cd somedir
Access is denied.
--
Is there any means of bypassing the ACL while the system is
online without rewriting it?
I'm going to reiterate: Yes there are plenty of other ways to
do this, but I want to be difficult :) This could come in
handy later on.
Thanks,
- Chris
DATA SAFE SERVICES: This email message is for the sole use of the intended
recipient(s) and may contain confidential and privileged information. Any
unauthorized review, use, disclosure or distribution is prohibited. If you are
not the intended recipient, please contact the sender by email or telephone and
destroy all copies of the original message.
