Closed cnotin closed 3 years ago
Wow! Thank you for your PR!
I initially wondered how I should report something that does not exist.
But yeah, FullAccess for Everyone
is exactly what a NULL DACL yields.
So creating a list with a single ACE that represents such permission was a smart idea! 🙂
I'll just make some minor changes in the code you submitted so that I won't have to refactor it afterwards.
Thanks again! 🙏
Done!
Merci encore pour ton aide! It is very much appreciated. It saved me a lot of time. 🙂
Now, I'll just have to implement the same thing in every other DACL check. :/
Ahah good luck!
As discussed on Twitter NULL DACL is a very rare case which gives all access to everyone! I confirmed it by being able to remotely
sc \\dc.lab.lan query
with an unprivileged user (which wasn't possible before).Here's how to create this case:
And this is what it returns: