In the injection of SA permissions, improve WebShell permissions!
Cacls
Display or modify the random access control list (DACL) on the specified file.
grammar
Cacls
Filename
[
/ t]
[
/ e [
/ r
User
[...]]]
[
/ c]
[
/ g
User
:
Permission
]
[
/ P
User
:
Permission
[...]]
[
/ d
User
[...]]
parameter
Filename
Required. Displays the DACL of the specified file.
/ t
Change the current directory and DACL specified in all subdirectors.
/ e
Edit DACL instead of replacing it.
/ r
User
Revocation of the designated user's access, no
/ e invalid.
/ c
Ignore the error and continue to modify DACL.
/ g
User
:
Permission
Give the access authority to the specified user. The following table is listed.
Valid value of Permission.
Value description
n
No suggestion
r
Read
w
Write
c
Change (write) F full control
/ P
User
:
Permission
Alternatively specifies the user's access. The following table is listed.
Valid value of Permission.
Value Description N No Suggested R Read W Write C Change (Writing) F Complete Control
/ d
User
Refuse to specify the user's access.
/?
Display help at the command prompt.
Comment
Use the following table to explain the output result.
Output ACE is suitable for OI this folder and file. CI This folder and subfolder. IOCE does not apply to the current file / directory. No output message is only this folder. (IO) (CI) This folder, subfolders, and files. (Ib) (io) (IO) only the child folder and file. (CI) (IO) only the child folder. (OI) (IO) only file. Use wildcards (? And *) to specify multiple files. You can specify more than one user.
EG: CACLS D: / TEST / T / E / G Everyone: F
