InfoSec LAB

Chatterbox_Administrator

Created: 1 min read

Administrator

PEAS has showed that the alfred user is able to access the home directory of the administrator user

c:\Users>icacls C:\Users\Administrator
icacls c:\Users\Administrator
c:\Users\Administrator NT AUTHORITY\SYSTEM:(OI)(CI)(F)
                       chatterbox\administrator:(OI)(CI)(F)
                       builtin\administrators:(OI)(CI)(F)
                       chatterbox\alfred:(OI)(CI)(F)
 
Successfully processed 1 files; Failed processing 0 files

It wasn’t just the access The alfred user has FULL control over the home directory of the administrator user

Why would it be configured this way? unless.. the user is the administrator?

Interactive Graph View

Backlinks