{"id":88,"date":"2020-01-16T09:28:38","date_gmt":"2020-01-16T08:28:38","guid":{"rendered":"http:\/\/sys-code-alpha.com\/?p=88"},"modified":"2020-01-27T16:41:16","modified_gmt":"2020-01-27T15:41:16","slug":"tool-to-check-fileshare-permissions-on-old-systems","status":"publish","type":"post","link":"https:\/\/sys-code-alpha.com\/?p=88","title":{"rendered":"Tool to check fileshare permissions on old systems."},"content":{"rendered":"\n

I have been working on security project recently. One of the tasks covers checking file share permissions on older systems.<\/p>\n\n\n\n

function Get-ShareAccessPermissions{\n        <#\n        .SYNOPSIS\n        Gets share sccess permissions.\n        .DESCRIPTION\n        Gets share sccess permissions.\n        The tool is designed for older Windows systems as the new ones have a dedicated Get-SmbShareAccess Cmdlet\n        .EXAMPLE\n        PS C:\\TMP> Get-ShareAccessPermissions\n        \n        MachineName Share  Path                              Domain       ID                  Permission  ACEType\n        ----------- -----  ----                              ------       --                  ----------  -------\n        P1          print$ C:\\Windows\\system32\\spool\\drivers              Everyone            Read        Allow\n        P1          print$ C:\\Windows\\system32\\spool\\drivers BUILTIN      Administrators      FullControl Allow\n        P1          tmp    C:\\tmp                            P1           Admin               FullControl Allow\n        P1          tmp    C:\\tmp                            NT AUTHORITY Authenticated Users Change      Allow\n        P1          tmp    C:\\tmp                                         Everyone            Read        Allow\n        #> \n\n        [CmdLetBinding()]\n        Param(\n            [string[]]$ComputerName= $env:COMPUTERNAME\n        )\n\n\n        BEGIN{}\n        Process{\n            ForEach($Comp in $ComputerName){\n                \n                \n                $Info = Invoke-Command -ComputerName $Comp -EA 0 -ScriptBlock {\n\n                            $ShareSec = Get-WmiObject Win32_LogicalShareSecuritySetting\n\n                            ForEach ($ShareSecurity in ($ShareSec)) {\n                                $Path = Get-WmiObject win32_share -filter \"name='$($ShareSecurity.name)'\"  \n                                ForEach ($DACL in $ShareSecurity.GetSecurityDescriptor().Descriptor.DACL)  {    \n\n                                    [PSCustomObject]@{\n                                        MachineName = $ShareSecurity.PSComputerName\n                                        Share = $ShareSecurity.Name\n                                        Path = $Path.Path    \n                                        Domain = $DACL.Trustee.Domain    \n                                        ID = $DACL.Trustee.Name    \n                                        Permission = switch ( $DACL.AccessMask  ) { 1179817{ \"Read\" }; 1245631{ \"Change\" }; 2032127{\"FullControl\"}}  \n                                        ACEType = switch ( $DACL.AceType ) { 0{ \"Allow\" }; 1{ \"Deny\" }} \n\n                                    }\n                                }\n                            }\n                        } | Select-Object MachineName, Share, Path, Domain, ID, Permission, ACEType\n                \n                IF($Info){$Info}ELSE{                   \n                \n                        $ShareSec = Get-WmiObject Win32_LogicalShareSecuritySetting -Computername $Comp\n\n                        ForEach ($ShareSecurity in ($ShareSec)) { \n                            $Path = Get-WmiObject win32_share -filter \"name='$($ShareSecurity.name)'\"\n                            ForEach ($DACL in $ShareSecurity.GetSecurityDescriptor().Descriptor.DACL)  {    \n                                \n                                [PSCustomObject]@{\n                                    MachineName = $ShareSecurity.PSComputerName\n                                    Share = $ShareSecurity.Name\n                                    Path = $Path.Path      \n                                    Domain = $DACL.Trustee.Domain    \n                                    ID = $DACL.Trustee.Name    \n                                    Permission = switch ( $DACL.AccessMask  ) { 1179817{ \"Read\" }; 1245631{ \"Change\" }; 2032127{\"FullControl\"}}  \n                                    ACEType = switch ( $DACL.AceType ) { 0{ \"Allow\" }; 1{ \"Deny\" }}\n                                }\n                            }\n                        }\n                    }                                           \n            }\n        }\n        END{}\n}\n\n<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"
I have been working on security project recently. One of the tasks covers checking file share permissions on older systems.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/sys-code-alpha.com\/index.php?rest_route=\/wp\/v2\/posts\/88"}],"collection":[{"href":"https:\/\/sys-code-alpha.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sys-code-alpha.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sys-code-alpha.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/sys-code-alpha.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=88"}],"version-history":[{"count":2,"href":"https:\/\/sys-code-alpha.com\/index.php?rest_route=\/wp\/v2\/posts\/88\/revisions"}],"predecessor-version":[{"id":92,"href":"https:\/\/sys-code-alpha.com\/index.php?rest_route=\/wp\/v2\/posts\/88\/revisions\/92"}],"wp:attachment":[{"href":"https:\/\/sys-code-alpha.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=88"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sys-code-alpha.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=88"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sys-code-alpha.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=88"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}