Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[enhancement] Added acls command, show share ACLs #118

Merged
merged 1 commit into from
Nov 26, 2024
Merged

[enhancement] Added acls command, show share ACLs #118

merged 1 commit into from
Nov 26, 2024

Conversation

rtpt-romankarwacik
Copy link
Contributor

Example output:

               _          _ _            _                    
 ___ _ __ ___ | |__   ___| (_) ___ _ __ | |_      _ __   __ _ 
/ __| '_ ` _ \| '_ \ / __| | |/ _ \ '_ \| __|____| '_ \ / _` |
\__ \ | | | | | |_) | (__| | |  __/ | | | ||_____| | | | (_| |
|___/_| |_| |_|_.__/ \___|_|_|\___|_| |_|\__|    |_| |_|\__, |
    by @podalirius_                             v2.1.6  |___/  
    
[+] Successfully authenticated to '192.168.56.113' as '.\vagrant'!
[+] Successfully authenticated to '192.168.56.113' as '.\vagrant'!
■[\\192.168.56.113\]> use C$
■[\\192.168.56.113\C$\]> ls
d--h--s-     0.00 B  2024-11-26 09:00  $Recycle.Bin\
-a-h----     0.00 B  2024-10-15 08:04  $WINRE_BACKUP_PARTITION.MARKER
-a------  109.51 kB  2024-11-26 07:34  appverifUI.dll
d--h--s-     0.00 B  2024-11-26 09:00  Boot\
-a-h-rs-  434.32 kB  2024-11-19 14:06  bootmgr
-a-h--s-     1.00 B  2024-11-19 14:06  BOOTNXT
-a-h-rs-    8.00 kB  2024-09-25 22:48  BOOTSECT.BAK
d-------     0.00 B  2024-11-26 09:03  Coercer\
d--h--s-     0.00 B  2024-09-25 12:51  Documents and Settings\
-a-h--s-   12.00 kB  2024-11-26 09:03  DumpStack.log.tmp
-a------  123.50 kB  2024-11-25 14:59  mimilib.dll
-a-h--s-    2.25 GB  2024-11-26 09:03  pagefile.sys
d-------     0.00 B  2024-11-26 09:00  PerfLogs\
d----r--     0.00 B  2024-11-26 10:03  Program Files\
d----r--     0.00 B  2024-11-26 09:14  Program Files (x86)\
d--h----     0.00 B  2024-11-26 10:03  ProgramData\
d--h----     0.00 B  2024-10-15 07:45  Recovery\
-a-h--s-  256.00 MB  2024-11-26 09:03  swapfile.sys
d--h--s-     0.00 B  2024-11-26 10:24  System Volume Information\
d-------     0.00 B  2024-11-26 07:58  tmp\
d----r--     0.00 B  2024-11-26 10:03  Users\
d-------     0.00 B  2024-09-27 10:38  vagrant\
-a------   64.77 kB  2024-11-19 14:06  vfcompat.dll
d-------     0.00 B  2024-11-26 10:03  Windows\
■[\\192.168.56.113\C$\]> acls
d--h--s-     0.00 B  2024-11-26 09:00  $Recycle.Bin\
             Owner:   NT AUTHORITY\SYSTEM
             Group:   NT AUTHORITY\SYSTEM
             Allowed: BUILTIN\Users          READ_CONTROL | SYNCHRONIZE

-a-h----     0.00 B  2024-10-15 08:04  $WINRE_BACKUP_PARTITION.MARKER
             Owner:   NT AUTHORITY\SYSTEM
             Group:   NT AUTHORITY\SYSTEM
             Allowed: BUILTIN\Users                    READ_CONTROL | SYNCHRONIZE
             Allowed: NT AUTHORITY\Authenticated Users DELETE | READ_CONTROL | SYNCHRONIZE

-a------  109.51 kB  2024-11-26 07:34  appverifUI.dll
             Owner:   NT AUTHORITY\SYSTEM
             Group:   NT AUTHORITY\SYSTEM
             Allowed: BUILTIN\Users                    READ_CONTROL | SYNCHRONIZE
             Allowed: NT AUTHORITY\Authenticated Users DELETE | READ_CONTROL | SYNCHRONIZE

d--h--s-     0.00 B  2024-11-26 09:00  Boot\
             Owner:   NT SERVICE\TrustedInstaller
             Group:   NT SERVICE\TrustedInstaller
             Allowed: NT SERVICE\TrustedInstaller      WRITE_OWNER | WRITE_DACL | DELETE | READ_CONTROL | SYNCHRONIZE
             Allowed: NT SERVICE\TrustedInstaller      GENERIC_ALL
             Allowed: BUILTIN\Users                    READ_CONTROL | SYNCHRONIZE
             Allowed: BUILTIN\Users                    GENERIC_READ | GENERIC_EXECUTE
             Allowed: CREATOR OWNER                    GENERIC_ALL

-a-h-rs-  434.32 kB  2024-11-19 14:06  bootmgr
             Owner:   NT SERVICE\TrustedInstaller
             Group:   NT SERVICE\TrustedInstaller
             Allowed: NT SERVICE\TrustedInstaller      WRITE_OWNER | WRITE_DACL | DELETE | READ_CONTROL | SYNCHRONIZE
             Allowed: BUILTIN\Users                    READ_CONTROL | SYNCHRONIZE

-a-h--s-     1.00 B  2024-11-19 14:06  BOOTNXT
             Owner:   NT AUTHORITY\SYSTEM
             Group:   NT AUTHORITY\SYSTEM
             Allowed: BUILTIN\Users                    READ_CONTROL | SYNCHRONIZE

-a-h-rs-    8.00 kB  2024-09-25 22:48  BOOTSECT.BAK
             Owner:   NT AUTHORITY\SYSTEM
             Group:   NT AUTHORITY\SYSTEM
             Allowed: BUILTIN\Users                    READ_CONTROL | SYNCHRONIZE
             Allowed: NT AUTHORITY\Authenticated Users DELETE | READ_CONTROL | SYNCHRONIZE

d-------     0.00 B  2024-11-26 09:03  Coercer\
             Owner:   BUILTIN\Administrators
             Group:   WIN10VM\None
             Allowed: BUILTIN\Users                    READ_CONTROL | SYNCHRONIZE
             Allowed: NT AUTHORITY\Authenticated Users DELETE | READ_CONTROL | SYNCHRONIZE
             Allowed: NT AUTHORITY\Authenticated Users GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE | DELETE

d--h--s-     0.00 B  2024-09-25 12:51  Documents and Settings\
             Owner:   NT AUTHORITY\SYSTEM
             Group:   NT AUTHORITY\SYSTEM
             Allowed: BUILTIN\Users                                                                                         READ_CONTROL | SYNCHRONIZE
             Allowed: BUILTIN\Users                                                                                         GENERIC_READ | GENERIC_EXECUTE
             Allowed: Everyone                                                                                              READ_CONTROL | SYNCHRONIZE
             Allowed: Everyone                                                                                              GENERIC_READ | GENERIC_EXECUTE
             Allowed: S-1-15-3-65536-3323407561-2172269196-3486974656-4132058316-2250862433-3856296919-434318741-3760235072 SYNCHRONIZE

-a-h--s-   12.00 kB  2024-11-26 09:03  DumpStack.log.tmp
-a------  123.50 kB  2024-11-25 14:59  mimilib.dll
             Owner:   BUILTIN\Administrators
             Group:   WIN10VM\None
             Allowed: BUILTIN\Users                                                                                         READ_CONTROL | SYNCHRONIZE
             Allowed: NT AUTHORITY\Authenticated Users                                                                      DELETE | READ_CONTROL | SYNCHRONIZE

-a-h--s-    2.25 GB  2024-11-26 09:03  pagefile.sys
d-------     0.00 B  2024-11-26 09:00  PerfLogs\
             Owner:   NT AUTHORITY\SYSTEM
             Group:   NT AUTHORITY\SYSTEM
             Allowed: BUILTIN\Performance Log Users                                                                         READ_CONTROL | SYNCHRONIZE

d----r--     0.00 B  2024-11-26 10:03  Program Files\
             Owner:   NT SERVICE\TrustedInstaller
             Group:   NT SERVICE\TrustedInstaller
             Allowed: NT SERVICE\TrustedInstaller                                                                           WRITE_OWNER | WRITE_DACL | DELETE | READ_CONTROL | SYNCHRONIZE
             Allowed: NT SERVICE\TrustedInstaller                                                                           GENERIC_ALL
             Allowed: BUILTIN\Users                                                                                         READ_CONTROL | SYNCHRONIZE
             Allowed: BUILTIN\Users                                                                                         GENERIC_READ | GENERIC_EXECUTE
             Allowed: CREATOR OWNER                                                                                         GENERIC_ALL
             Allowed: APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES                                                READ_CONTROL | SYNCHRONIZE
             Allowed: APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES                                                GENERIC_READ | GENERIC_EXECUTE
             Allowed: APPLICATION PACKAGE AUTHORITY\ALL RESTRICTED APPLICATION PACKAGES                                     READ_CONTROL | SYNCHRONIZE
             Allowed: APPLICATION PACKAGE AUTHORITY\ALL RESTRICTED APPLICATION PACKAGES                                     GENERIC_READ | GENERIC_EXECUTE

d----r--     0.00 B  2024-11-26 09:14  Program Files (x86)\
             Owner:   NT SERVICE\TrustedInstaller
             Group:   NT SERVICE\TrustedInstaller
             Allowed: NT SERVICE\TrustedInstaller                                                                           WRITE_OWNER | WRITE_DACL | DELETE | READ_CONTROL | SYNCHRONIZE
             Allowed: NT SERVICE\TrustedInstaller                                                                           GENERIC_ALL
             Allowed: BUILTIN\Users                                                                                         READ_CONTROL | SYNCHRONIZE
             Allowed: BUILTIN\Users                                                                                         GENERIC_READ | GENERIC_EXECUTE
             Allowed: CREATOR OWNER                                                                                         GENERIC_ALL
             Allowed: APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES                                                READ_CONTROL | SYNCHRONIZE
             Allowed: APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES                                                GENERIC_READ | GENERIC_EXECUTE
             Allowed: APPLICATION PACKAGE AUTHORITY\ALL RESTRICTED APPLICATION PACKAGES                                     READ_CONTROL | SYNCHRONIZE
             Allowed: APPLICATION PACKAGE AUTHORITY\ALL RESTRICTED APPLICATION PACKAGES                                     GENERIC_READ | GENERIC_EXECUTE

d--h----     0.00 B  2024-11-26 10:03  ProgramData\
             Owner:   NT AUTHORITY\SYSTEM
             Group:   NT AUTHORITY\SYSTEM
             Allowed: CREATOR OWNER                                                                                         GENERIC_ALL
             Allowed: BUILTIN\Users                                                                                         READ_CONTROL | SYNCHRONIZE

d--h----     0.00 B  2024-10-15 07:45  Recovery\
             Owner:   BUILTIN\Administrators
             Group:   BUILTIN\Administrators

-a-h--s-  256.00 MB  2024-11-26 09:03  swapfile.sys
d--h--s-     0.00 B  2024-11-26 10:24  System Volume Information\
             Owner:   BUILTIN\Administrators
             Group:   NT AUTHORITY\SYSTEM

d-------     0.00 B  2024-11-26 07:58  tmp\
             Owner:   BUILTIN\Administrators
             Group:   WIN10VM\None
             Allowed: BUILTIN\Users                                                                                         READ_CONTROL | SYNCHRONIZE
             Allowed: NT AUTHORITY\Authenticated Users                                                                      DELETE | READ_CONTROL | SYNCHRONIZE
             Allowed: NT AUTHORITY\Authenticated Users                                                                      GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE | DELETE

d----r--     0.00 B  2024-11-26 10:03  Users\
             Owner:   NT AUTHORITY\SYSTEM
             Group:   NT AUTHORITY\SYSTEM
             Allowed: BUILTIN\Users                                                                                         READ_CONTROL | SYNCHRONIZE
             Allowed: BUILTIN\Users                                                                                         GENERIC_READ | GENERIC_EXECUTE
             Allowed: Everyone                                                                                              READ_CONTROL | SYNCHRONIZE
             Allowed: Everyone                                                                                              GENERIC_READ | GENERIC_EXECUTE
             Allowed: S-1-15-3-65536-3323407561-2172269196-3486974656-4132058316-2250862433-3856296919-434318741-3760235072 SYNCHRONIZE

d-------     0.00 B  2024-09-27 10:38  vagrant\
-a------   64.77 kB  2024-11-19 14:06  vfcompat.dll
             Owner:   NT AUTHORITY\SYSTEM
             Group:   NT AUTHORITY\SYSTEM
             Allowed: BUILTIN\Users                                                                                         READ_CONTROL | SYNCHRONIZE
             Allowed: NT AUTHORITY\Authenticated Users                                                                      DELETE | READ_CONTROL | SYNCHRONIZE

d-------     0.00 B  2024-11-26 10:03  Windows\
             Owner:   NT SERVICE\TrustedInstaller
             Group:   NT SERVICE\TrustedInstaller
             Allowed: NT SERVICE\TrustedInstaller                                                                           WRITE_OWNER | WRITE_DACL | DELETE | READ_CONTROL | SYNCHRONIZE
             Allowed: NT SERVICE\TrustedInstaller                                                                           GENERIC_ALL
             Allowed: BUILTIN\Users                                                                                         READ_CONTROL | SYNCHRONIZE
             Allowed: BUILTIN\Users                                                                                         GENERIC_READ | GENERIC_EXECUTE
             Allowed: CREATOR OWNER                                                                                         GENERIC_ALL
             Allowed: APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES                                                READ_CONTROL | SYNCHRONIZE
             Allowed: APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES                                                GENERIC_READ | GENERIC_EXECUTE
             Allowed: APPLICATION PACKAGE AUTHORITY\ALL RESTRICTED APPLICATION PACKAGES                                     READ_CONTROL | SYNCHRONIZE
             Allowed: APPLICATION PACKAGE AUTHORITY\ALL RESTRICTED APPLICATION PACKAGES                                     GENERIC_READ | GENERIC_EXECUTE

■[\\192.168.56.113\C$\]> shares
┏━━━━━━━━━━━━━┳━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
┃ Share       ┃ Visibility ┃ Type              ┃ Description   ┃ Security Descriptor                                                                                                         ┃
┡━━━━━━━━━━━━━╇━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┩
│ ADMIN$      │ Hidden     │ DISKTREE, SPECIAL │ Remote Admin  │                                                                                                                             │
│ C$          │ Hidden     │ DISKTREE, SPECIAL │ Default share │                                                                                                                             │
│ Camera Roll │ Visible    │ DISKTREE          │               │ Owner:   BUILTIN\Administrators                                                                                             │
│             │            │                   │               │ Group:   WIN10VM\None                                                                                                       │
│             │            │                   │               │ Allowed: Everyone                                                                                              READ_CONTROL │
│             │            │                   │               │ | SYNCHRONIZE                                                                                                               │
│             │            │                   │               │ Allowed: WIN10VM\vagrant                                                                                       WRITE_OWNER  │
│             │            │                   │               │ | WRITE_DACL | DELETE | READ_CONTROL | SYNCHRONIZE                                                                          │
│ IPC$        │ Hidden     │ IPC, SPECIAL      │ Remote IPC    │                                                                                                                             │
└─────────────┴────────────┴───────────────────┴───────────────┴─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┘
■[\\192.168.56.113\C$\]>

@p0dalirius p0dalirius self-assigned this Nov 26, 2024
@p0dalirius p0dalirius added the enhancement New feature or request label Nov 26, 2024
@p0dalirius p0dalirius changed the title Added acls command, show share ACLs [enhancement] Added acls command, show share ACLs Nov 26, 2024
@p0dalirius
Copy link
Owner

This is awesome, I wanted to do it but I had not the time to implement it lately!
Thank you for the PR @rtpt-romankarwacik

@p0dalirius p0dalirius merged commit 92a9f46 into p0dalirius:main Nov 26, 2024
2 checks passed
@dadevel dadevel mentioned this pull request Nov 26, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@p0dalirius p0dalirius p0dalirius approved these changes

Assignees

@p0dalirius p0dalirius

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@rtpt-romankarwacik @p0dalirius