Sign in to follow this  
Followers 0
ripdad

Path_SecuritySettings

3 posts in this topic

Path_SecuritySettings

Released: February 03, 2011

This script exposes another world in WMI with $Obj.Get and Bit Switches

(native access not found in ScriptOmatic)

; Path_SecuritySettings
; Released: February 03, 2011
;
; [- Basic Info Example -]
;
; Refs: MSDN and 3 other sites

#RequireAdmin

Local $sPath = FileSelectFolder('Select Folder', '', 2, '')

MsgBox(8256, 'Results for Computer: ' & @ComputerName, Path_SecuritySettings($sPath))
Exit

Func Path_SecuritySettings($sPath)
    If StringInStr($sPath, '/') Then Return SetError(-1)
    If Not FileExists($sPath) Then Return SetError(-2)
    Local $oWS = ObjGet('winmgmts:{impersonationLevel = impersonate}!\\.\root\cimv2')
    If Not IsObj($oWS) Then Return SetError(-3)
    Local $oPath = $oWS.Get('Win32_LogicalFileSecuritySetting="' & StringReplace($sPath, '\', '\\') & '"')
    If Not IsObj($oPath) Then Return SetError(-4)
    Local $oPSD, $cnt = 0, $Output = 'Path: ' & $sPath & @CRLF & @CRLF
    If $oPath.GetSecurityDescriptor($oPSD) Then Return SetError(-5)
    For $oAce In $oPSD.DACL
        $cnt += 1
        If $oAce.AceType = 0 Then $Output &= 'ACE#' & $cnt & ' - ' & 'ACCESS ALLOWED - '
        If $oAce.AceType = 1 Then $Output &= 'ACE#' & $cnt & ' - ' & 'ACCESS DENIED - '
        $Output &= $oAce.Trustee.Domain & '\' & $oAce.Trustee.Name & @CRLF
        $Output &= _GetFlags($oAce.AceFlags)
        $Output &= _GetAccess($oAce.AccessMask) & @CRLF & @CRLF
    Next
    Return $Output
EndFunc

Func _GetFlags($oAF, $str = '')
    If BitAND($oAF, 1) Then $str &= '- Child objects that are not containers inherit permissions -' & @CRLF
    If BitAND($oAF, 2) Then $str &= '- Child objects inherit and pass on permissions -' & @CRLF
    If BitAND($oAF, 4) Then $str &= '- Child objects inherit but do not pass on permissions -' & @CRLF
    If BitAND($oAF, 8) Then $str &= '- Object is not affected by but passes on permissions -' & @CRLF
    If BitAND($oAF, 16) Then $str &= '- Permissions have been inherited -' & @CRLF
    Return $str
EndFunc

Func _GetAccess($oAM, $str = '')
    If BitAND($oAM, 1) Then $str &= 'Read, ';           Read
    If BitAND($oAM, 2) Then $str &= 'Write, ';          Write
    If BitAND($oAM, 4) Then $str &= 'Append, ';         Append
    If BitAND($oAM, 8) Then $str &= 'ReadEA, ';         Read extended attributes
    If BitAND($oAM, 16) Then $str &= 'WriteEA, ';       Write extended attributes
    If BitAND($oAM, 32) Then $str &= 'Execute, ';       Execute
    If BitAND($oAM, 64) Then $str &= 'DeleteD, ';       Delete dir
    If BitAND($oAM, 128) Then $str &= 'ReadA, ';        Read attributes
    If BitAND($oAM, 256) Then $str &= 'WriteA, ';       Write attributes
    If BitAND($oAM, 65536) Then $str &= 'Delete, ';     Delete
    If BitAND($oAM, 131072) Then $str &= 'ReadS, ';     Read security
    If BitAND($oAM, 262144) Then $str &= 'WriteACL, ';  Write ACL
    If BitAND($oAM, 524288) Then $str &= 'WriteO, ';    Write owner
    If BitAND($oAM, 1048576) Then $str &= 'Sync';       Synchronize
    If StringRight($str, 1) = ',' Then $str = StringTrimRight($str, 1)
    Return $str
EndFunc

"Today's scientists have substituted mathematics for experiments, and they wander off through equation after equation, and eventually build a structure which has no relation to reality." ~ Nikola Tesla

Share this post


Link to post
Share on other sites



What do you mean by 'path security'? Do you mean making some folders inaccessible without elevation???


ongoing projects:-firestorm: Largescale P2P Social NetworkCompleted Autoit Programs/Scripts: Variable Pickler | Networked Streaming Audio (in pure autoIT) | firenet p2p web messenger | Proxy Checker | Dynamic Execute() Code Generator | P2P UDF | Graph Theory Proof of Concept - Breadth First search

Share this post


Link to post
Share on other sites

hyperzap,

It makes no changes - It only gives security information about files and folders.


"Today's scientists have substituted mathematics for experiments, and they wander off through equation after equation, and eventually build a structure which has no relation to reality." ~ Nikola Tesla

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0