403Webshell
Server IP : 127.0.0.1  /  Your IP : 216.73.216.109
Web Server : Apache/2.4.54 (Win64) OpenSSL/1.1.1q PHP/8.1.10
System : Windows NT DESKTOP-E5T4RUN 10.0 build 19045 (Windows 10) AMD64
User : SERVERWEB ( 0)
PHP Version : 8.1.10
Disable Function : NONE
MySQL : OFF |  cURL : ON |  WGET : OFF |  Perl : OFF |  Python : OFF |  Sudo : OFF |  Pkexec : OFF
Directory :  C:/Windows/diagnostics/system/Search/

Upload File :
current_dir [ Writeable] document_root [ Writeable]

 

Command :

[ Back ]     

Current File : C:/Windows/diagnostics/system/Search/TS_CheckPermissions.ps1
# Copyright © Microsoft Corporation. All rights reserved.

# Check permissions on the indexer data directories.

# Load utility library
. .\CL_Utility.ps1

Write-DiagProgress -activity $localizationString.progress_ts_checkPermissions

$dataDirectory = (Get-ItemProperty -path "HKLM:\SOFTWARE\Microsoft\Windows Search").DataDirectory

# Append a trailing slash to the dataDirectory if there isn't one
if (!$dataDirectory.EndsWith("\"))
{
    $dataDirectory += "\"
}
$applications = $dataDirectory + "Applications"
$windows = $applications + "\Windows"

$obj = ConvertStringToPSObject "dataDirectory" $dataDirectory
$obj | select-object -Property @{Name=$localizationString.dataDirectory_name; Expression={$_.dataDirectory}} | convertto-xml | Update-DiagReport -id DataDirectory -name $localizationString.dataDirectory_name -description $localizationString.dataDirectory_description -verbosity Informational

function Check-Permissions([string]$folderPath)
{
    # First check that owner is SYSTEM
    $acl = get-acl $folderPath
    [bool]$ownerOK = ($acl.Owner -eq  "NT AUTHORITY\SYSTEM")

    [bool]$accessOK = $true
    # Verify that Administrators have read and write access
    $accessOK = $accessOK -and (Get-AccessGranted $folderPath "S-1-5-32-544" $GENERIC_READ -bor $GENERIC_WRITE)
    # Verify that Users have neither read nor write access
    $accessOK = $accessOK -and -not(Get-AccessGranted $folderPath "S-1-5-32-545" $GENERIC_READ)
    $accessOK = $accessOK -and -not(Get-AccessGranted $folderPath "S-1-5-32-545" $GENERIC_WRITE)
    # Verify that LOCAL SYSTEM has full control
    $accessOK = $accessOK -and (Get-AccessGranted $folderPath "S-1-5-18" $GENERIC_ALL)

    if (-not ($ownerOK -and $accessOK))
    {
        Update-DiagRootCause -id "RC_BadPermissions" -Detected $true
        if (-not $ownerOK)
        {
            $acl.Owner  | convertto-xml | Update-DiagReport -id BadPermissions -name $localizationString.dataDirectoryPermissions_name -description $localizationString.dataDirectoryPermissions_description -verbosity Error -rid "RC_BadPermissions"
        }
        if (-not $accessOK)
        {
            $aces = $acl | foreach-object -process {$_.Access}
            $aces | convertto-xml | Update-DiagReport -id BadPermissions -name $localizationString.dataDirectoryPermissions_name -description $localizationString.dataDirectoryPermissions_description -verbosity Error -rid "RC_BadPermissions"
        }
        exit
    }
}

Check-Permissions $dataDirectory
Check-Permissions $applications
Check-Permissions $windows

Update-DiagRootCause -id "RC_BadPermissions" -Detected $false

Youez - 2016 - github.com/yon3zu
LinuXploit