2. Tech
  3. Detecting a certain account for the default permission directory to be writable

Detecting a certain account for the default permission directory to be writable

xiaoxiao2021-03-05  20

Detecting a certain account for the default permission directory to be writable

Author: Invincible most lonely [EST] After the invasion web, often find a writable directory to upload webshell or anything else, this is a critical issue for most administrators made changes to some of the system catalog set permissions, however. There are very little administrators to change the permissions for all directories (it's time to work, at least I will not). So how do I determine the default authority of an account to write permissions? Black virus brother is estimated in the article Is it hand-trial? In fact, when we installed a system, each folder under the system has the default permission. So how do you detect what kind of permissions on these folders? We can try Each directory under the system is written to a file. If success, this account has the ability to write permissions to a certain directory under the default right. The manual trial fee is expensive, we can easily implement it with the following script: This is a batch file, which is simple. The content is as follows:

@Echo find Writable DireTory by Invincible Loned @ Est @ Echo Now Search Root Directiory IS% 1 @ Echo Offfor / D %% I in (% 1 /*] DO ECHO AAA> %% I / Superlone.txt for / D %% J in (% 1 /*] DO if EXIST %% J / Superlone.txt Echo %% J IS WRITABLE for / D %% K in (% 1 /*] DO if EXIST %% K /usuperlone.txt del "%% k / superlone.txt" is very simple code, which stores it .bat or .cmd is a batch file for the suffix, then follow:

1. Suppose you want to test the guest account for all subdirectors in the C: / Winnt directory. You first use the runas command to start a cmd as a guest account. The command is as follows:

RunaS / Profile / User: Guest CMD

2. Find the batch file of the above content you saved under this CMD window (I am scanwrite.cmd), then enter:

ScanWrite.cmd C: / Winnt

The output is as follows:

C: /> ScanWrite.cmd C: / Winnt

Find Writable DireTory by Invincible Lonety @EST

Now Search Root Directiory IS C: / WinNT

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

access denied.

C: / Winnt / Tasks IS Writable

C: /winnt/tasks/superlone.txt

access denied.

Have you seen it? There is a C: / Winnt / Tasks to be writable for the Guest account. Is it very simple? So a lot of trouble. So if you want to test the web account, change Guest to IUSR_ account Can also be found.

It's so simple, a tip skill. I hope to help some friends.

转载请注明原文地址:https://www.9cbs.com/read-39037.html

9cbs

New Post(0)