windows-permissions – Page 3

Create GPO for Bitlocker Enabled but Shouldn’t ask for Password [migrated]

Posted on September 29, 2020 by Deep Jadia

Due to the usability perspective, BitLocker should be enabled but it shouldn’t ask for the password. Is it possible? Please mention for both, with TPM and without TPM devices.

Continue reading Create GPO for Bitlocker Enabled but Shouldn’t ask for Password [migrated]→

mitigate token impersonation

Posted on October 8, 2019 by bypass1

Is there any mitigation to prevent a local administrator from impersonating other logged on user accounts by duplicating the security token?

Scenario:

AdminA is working on ServerA
AdminB grabs SYSTEM-User rights and imper… Continue reading mitigate token impersonation→

Bypassing windows security special permission lockout on a hard drive! [on hold]

Posted on September 27, 2019 by Boltik

Has anyone else tried this? I once locked my primary partition on my hard drive then reformatted the windows partition, obviously i was completely locked out of the partition containing all of my personal files store on said … Continue reading Bypassing windows security special permission lockout on a hard drive! [on hold]→

Upload failed on /metasploitblablabla.txt [303 See other] [on hold]

Posted on August 8, 2019 by Pamela Garcia

I am dealing with a website on Microsoft-IIS/8.5 (OS: Windows Server 2012). I found a module that can be used to execute a payload on IIS servers that have world-writeable directories. The payload is uploaded as an ASP script… Continue reading Upload failed on /metasploitblablabla.txt [303 See other] [on hold]→

Upload failed on /metasploitblablabla.txt [303 See other] [on hold]

Posted on August 8, 2019 by Pamela Garcia

Identifying Share Permission and File Permission on Hundreds of Servers

Posted on July 19, 2019 by Shakir

Objective

Identify and report on Windows hosts in the network which allow file/folder access (READ/WRITE/Execute) for Everyone.

Scenario:

Using agent based scanner, I extracted share permissions from 100 Windows 2012 Serv… Continue reading Identifying Share Permission and File Permission on Hundreds of Servers→

IIS Application – service account permissions

Posted on June 14, 2019 by deltzy

My company is looking to install a 3rd party application on our infrastructure and this application will be installed on an IIS Server with a connection to a SQL server. They require an AD service account with the following p… Continue reading IIS Application – service account permissions→

Differences in the result of the security tab of folders [on hold]

Posted on June 13, 2019 by KansaiRobot

Why is it that when I check the security tab of one folder I could see “Everyone” (but not authenticated users) and in other folders I see “Authenticated Users”?

My question is When is that set? and who sets it? (this is a g… Continue reading Differences in the result of the security tab of folders [on hold]→

Can a named pipe with a low integrity label have its SACL/DACL modified by a low integrity process?

Posted on February 22, 2019 by Polynomial

If a named pipe on Windows has a Low Mandatory Level label and SYSTEM_MANDATORY_LABEL_NO_WRITE_UP in its SACL, but the DACL has WRITE_DAC and WRITE_OWNER for the current user, can a low integrity process running under that us… Continue reading Can a named pipe with a low integrity label have its SACL/DACL modified by a low integrity process?→

Run as different user VS. Run as admin

Posted on January 10, 2019 by Matt

Can anyone explain what the security implications are between these options and how they should be used?

In windows (10)

Run as different user
Run as administrator

Continue reading Run as different user VS. Run as admin→