Sometimes you may need to work without worrying about encountering access restrictions. You can overcome this scenario by using some automation tools or adopting other means of achieving your objective.
You’ll find some useful informations about Microsoft’s security vulnerability patch, coded CVE-2018-1036 | NTFS, which addresses the Elevation of Privilege Vulnerability.
You can assign “special permissions” to folders that allow users to create files inside the folders and deny them the rights to create folders.
For example, in the C:\Windows \Tasks\ folder, you can create files and fail to create a folder due to Access List Control (ACL) restrictions.
However, as an administrator, you can bypass this through setting permissions. You can also use specific programs that give such permissions and allow the creation of folders inside such files.
You can bypass the ACL immediately you create the files by adding “::$INDEX_ALLOCATION” after the filename.
This action will create a folder, and not a file, because Windows does not include checking names with corner cases.
It is evident that you can create a directory and let users create more files or folders within the same directory.
This action is possible because of privilege escalation, especially when the system administrator assumes there is no other way of bypassing the missing permissions.
The ::$INDEX_ALLOCATION code can delete directories, if the particular application allows file deletion.
Microsoft released a security vulnerability patch, coded CVE-2018-1036 | NTFS, which addresses the Elevation of Privilege Vulnerability.
This security patch is meant to counter an attacker who exploits a system’s weakness and attempts to run a process through it as an administrator.
Exploiting the system means the attacker would have to log into the system and run a specific crafted program that will take over the system.
The update addresses the vulnerability by correcting how the NTFS file system reviews its access credentials.
Protect yourself! Discover all security holes in the folder hierarchy on your Windows fileservers!
Get your free trial of the easiest and fastest NTFS Permission Reporter now!