May 12, 2006

177 words 1 min read

How to P0wn Windows Security

So there are a number of folders on one of our servers that had their ownership changed so that the domain admin (me) couldn’t access them. It makes it very hard for me to backup files off the machine. Anyways, they had screwed up the permissions so badly I couldn’t take owndership back from the GUI. Luckly there is a way to do it from the command line:

subinacl /noverbose /subdirectories .\ /setowner="MyDomain\Domain Admins”

You can change the .\ to “C:\my\folder is\here” if you’d like (With the quotes). This will set ownership to the user listed. I doubt that this would work for anyone other than a domain admin (unless you had full controll already, which is a waste of time). After the command finishes, you can go in through the GUI and recursivly give yourself full controll to the files (I found that some files I didn’t have full controll of, for what ever reason).

Stupid windows, learn about chmod and the powers of root. Shouldn’t be any of this taking ownership crap as an administrator.