Listen to this Post
You Should Know:
Understanding and managing permissions is critical in cybersecurity, whether you’re a red teamer, blue teamer, or penetration tester. Below are key commands and techniques to analyze and manipulate permissions in Windows and Linux environments.
Windows Permissions Management
1. View User Permissions:
whoami /priv
Lists the privileges of the current user.
2. Check File/Folder Permissions:
icacls "C:\Path\To\File"
Displays Access Control Lists (ACLs) for a file or directory.
3. Modify Permissions (Grant Full Control):
icacls "C:\Target\Folder" /grant Username:(F)
Grants full control to a specified user.
4. Exploiting Weak Permissions:
Get-Acl -Path "C:\Program Files\Vulnerable" | Format-List
Retrieves and formats ACL details for privilege escalation checks.
5. Find Writable Directories:
Get-ChildItem "C:\" -Recurse | Where-Object { $<em>.Attributes -match "Directory" -and (Test-Path -Path "$($</em>.FullName)" -and (Test-Permission -Path "$($_.FullName)" -Permission Write) }
Searches for writable directories (requires custom `Test-Permission` function).
Linux Permissions Management
1. Check Current User Permissions:
id
Displays user and group information.
2. View File Permissions:
ls -la /path/to/file
Lists detailed permissions.
3. Change File Ownership:
chown user:group file.txt
Modifies ownership of a file.
4. Modify File Permissions:
chmod 755 script.sh
Sets read, write, and execute permissions.
5. Find SUID/SGID Binaries (Privilege Escalation):
find / -perm -4000 -type f 2>/dev/null
Locates SUID binaries that could be exploited.
6. Check Sudo Privileges:
sudo -l
Lists allowed sudo commands for the current user.
Active Directory Permissions (PowerShell)
1. Enumerate User Rights:
Get-ADUser -Identity "username" -Properties
Retrieves all properties of an AD user.
2. Check Group Membership:
Get-ADPrincipalGroupMembership "username"
Lists all groups a user belongs to.
3. Find Users with Admin Rights:
Get-ADGroupMember "Domain Admins" | Select-Object Name
Lists all Domain Admins.
What Undercode Say
Permissions are the backbone of security—misconfigured ACLs, excessive privileges, and weak file permissions are common attack vectors. Red teams exploit these weaknesses for lateral movement, while blue teams must continuously audit and harden permissions.
- For Defenders:
- Regularly audit permissions using tools like BloodHound for AD environments.
- Implement least privilege principles.
- Monitor for abnormal permission changes.
For Attackers:
- Always check `whoami /priv` and `sudo -l` in engagements.
- Exploit writable directories and misconfigured services.
Expected Output:
A well-structured analysis of permission-based vulnerabilities with actionable commands for both offensive and defensive security professionals.
References:
Reported By: Florian Hansemann – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅
