0

Objective

Identify and report on Windows hosts in the network which allow file/folder access (READ/WRITE/Execute) for Everyone.

Scenario:

  • Using agent based scanner, I extracted share permissions from 100 Windows 2012 Servers where at least one file/folder was allowed for Everyone.
    Sample Permission Output:.
Share path : \\ip_address\file_name
Local path : drive_letter:\file_name

[*] Allow ACE for Everyone: 0x001f01ff
    FILE_GENERIC_READ:         YES
    FILE_GENERIC_WRITE:        YES
    FILE_GENERIC_EXECUTE:      YES
  • Among 100 Windows 2012 Servers, only 20 were actually accessible (shared file/folder were accessible from file explorer and this was checked by manual browsing) by Everyone in the network.

Question

I have Nessus and I can manage remote authentication:

  • How to identify more hosts like these using some automated method?
  • How to compare NTFS and sharing permissions using some automated method?
schroeder
  • 123,438
  • 55
  • 284
  • 319
Shakir
  • 185
  • 2
  • 13
  • Among 100 windows 2012 server only 20 were actually accessible (shared file/folder were accessible from file explorer). I was actually trying to say i manually visited those 100 and found only 20. I have hundreds more to check. So trying to get a non-manual way. Also edited the question clarifying this @schroeder – Shakir Jul 19 '19 at 15:19
  • I'm also thinking this might not end up being a security question. More of a Windows admin question. I'm also thinking Powershell is your friend. – schroeder Jul 19 '19 at 15:29
  • Actually it might be a security concern while trying to convert legacy network to a secured one. Shared files were shared long ago. – Shakir Jul 19 '19 at 15:36
  • There are security implications for these shares, but your question is not a security question (how to automate this Windows search). – schroeder Jul 19 '19 at 15:39
  • 1
    I made some edits to clarify based on what you said in comments. Please make sure I have represented your question well. – schroeder Jul 19 '19 at 15:42

0 Answers0