Full user folder access gain and take by "Security" nmspc.

  • 12 years ago

    If you don't want to study all case: how to gain full access to specified user above specified folder, and take it back away, not using cacls, but using VB Security namespace 

    Hi, this is not my chief fire me Q, it is just for fun. I created console app which may delete older restore points of all disks.

    Module Module1
      Sub Main()
        Console.WriteLine("Deleting restore points")
        Console.Write("Points to let, >=1: ")
        Dim letd% = CInt(Val(Console.ReadLine))
        Console.Write("Admin username: ")
        Dim user$ = Console.ReadLine
        If letd = 0 Then letd = 1
        Dim drives() As IO.DriveInfo = IO.DriveInfo.GetDrives
        Dim dir, rps(), tmp() As IO.DirectoryInfo, td#, tt#
        For i As Integer = 0 To UB(drives)
          If Not drives(i).Name.ToLower.StartsWith("a") Then
            If drives(i).IsReady Then
              tmp = drives(i).RootDirectory.GetDirectories("System Volume Information")
              If UB(tmp) = 0 Then
                dir = tmp(0)
                If drives(i).DriveFormat = "NTFS" Then Grant(drives(i).Name, user, True)
                rps = dir.GetDirectories("RP*", IO.SearchOption.AllDirectories)
                Array.Sort(rps, New dic)
                td = 0
                For j As Integer = 0 To UB(rps) - letd
                  td += dirSize(rps(j))
                If drives(i).DriveFormat = "NTFS" Then Grant(drives(i).Name, user, False)
              End If
              Console.WriteLine(td.ToString("C", System.Globalization.CultureInfo.InvariantCulture) & "kb")
              tt += td
            End If
          End If
        Console.Write("=" & tt.ToString("C", System.Globalization.CultureInfo.InvariantCulture) & "kb")
      End Sub

    #Region "Dir comparer"
      Class dic
        Implements IComparer

        Public Function Compare(ByVal x As Object, ByVal y As Object) As Integer Implements System.Collections.IComparer.Compare
          Return String.Compare(CType(x, IO.DirectoryInfo).Name, CType(y, IO.DirectoryInfo).Name)
        End Function
      End Class
    #End Region

      Sub Grant(ByVal volume$, ByVal user$, ByVal add%)
        Dim ac As System.Security.AccessControl.DirectorySecurity = New IO.DirectoryInfo(volume & "System Volume Information").GetAccessControl
        'Dim am As System.Security.AccessControl.AccessControlModification = Security.AccessControl.AccessControlModification.Remove
        With ac.GetAccessRules(True, True, GetType(System.Security.Principal.NTAccount))
          Dim a = .Item(0)

        End With

        If add Then
          Shell("cacls """ & volume & "System Volume Information"" /E /G " & user & ":F", 1, True, -1)
          Shell("cacls """ & volume & "System Volume Information"" /E /R " & user & "")
        End If

      End Sub

      Function UB%(ByVal arr As Object)
        If arr Is Nothing Then
          Return -2
        ElseIf arr.GetType.IsArray Then
          Return CType(arr, System.Array).GetUpperBound(0)
          Return -3
        End If
      End Function

      Function dirSize#(ByVal dir As IO.DirectoryInfo)
        Dim items() As IO.FileInfo = dir.GetFiles("*.*", IO.SearchOption.AllDirectories)
        For i As Integer = 0 To UB(items)
          dirSize += items(i).Length
        dirSize = dirSize / 1000
      End Function
    End Module


    So, if you look at bold section - it is allowing you to access these directiories, which are from installation disallowed for user to do anything. And after deletition it is by the second part of IF secured back. But If you look at italic section: I would like to rewrite the bold section with that italic slavery. I have totally lost in there. Do you someone have experiences with these structures? (By using shell and cacls I cannot get rid of "Proceeded Folder: C:System Volume". I tried >NULL and cmd /q /k. I Would be really glad to understand how is that DirectorySecurity class thought to be used...

  • 12 years ago

    Ok. I just found the way how to read permissions of user upon folder. But as appears in comments, it is not usefull at all. When you don't have permission to folder, you cannot determine it in any correct way, using DirectorySecurity class. So it stays: when you want to check your rights to execute or write directory, you must use Try-Catch - there is no "legal" way to do it. Anyway here is correct way to use DirectorySecurity class:

        Dim security As Security.AccessControl.DirectorySecurity 'C:\8e60d354588754b76f07744034512a\update
        Dim path0$
        path0 = "C:\8e60d354588754b76f07744034512a" 'parent, free access folder
        path0 = "C:\8e60d354588754b76f07744034512a\update\" 'access disalowed folder
        'path0 = "C:\download" 'test folder with free access
        'NONE = only sections possible to obtain on '\update\' folder
        security = New System.Security.AccessControl.DirectorySecurity(path0, System.Security.AccessControl.AccessControlSections.None)
        'this is priceless - with NONE getSecurity necessary for '\update\':
        'Dim owner = security.GetOwner(GetType(System.Security.Principal.NTAccount))
        Dim rules As System.Security.AccessControl.AuthorizationRuleCollection
        rules = security.GetAccessRules(True, True, GetType(System.Security.Principal.SecurityIdentifier))
        Dim fsar As System.Security.AccessControl.FileSystemAccessRule
        For Each rule As System.Security.AccessControl.AuthorizationRule In rules
          Console.WriteLine(rule.ToString) 'this tells nothing
          If rule.GetType.Equals(GetType(System.Security.AccessControl.FileSystemAccessRule)) Then
            'in my example this shown same fsar for both three folders
            fsar = rule
    	'in my example this shown Everyone for both check and disallowed directory
          End If

Post a reply

Enter your message below

Sign in or Join us (it's free).


Why not write for us? Or you could submit an event or a user group in your area. Alternatively just tell us what you think!

Our tools

We've got automatic conversion tools to convert C# to VB.NET, VB.NET to C#. Also you can compress javascript and compress css and generate sql connection strings.

“Computer Science is no more about computers than astronomy is about telescopes.” - E. W. Dijkstra