by Richard Puckett, rpuckett (at) snl (dot) com [email concealed]
Platforms: Windows NT
Categories: Access Control, System Security Management, user privileges, Windows NT
CHOWN.ZIP is a GUI NT equivalent to the UNIX tool. Microsoft claims that the ownership process of NTFS file objects in NT is a two-part process, requiring that the user possess the right to take ownership (granted by the original object's owner/admin), then forcing them to execute the ownership right. This is to protect object ownership from "Rogue Administrators". This two-part ownership process is undesirable for administrators, who would prefer to just "give" ownership of file/directory objects to a particular user or group. This tool was written to show that the Owner ACL of a file/directory object can be overwritten with a modified replica Securirty Descriptor and elevated use of the SeRestorePrivilege (Tested to NT SP6). Source Code included with EXE.

Comments Mode:


Privacy Statement
Copyright 2010, SecurityFocus