not really programming and probably butchered the execution on that cmd but this felt like the only place it would be funny to post it
As a security professional… yeah, nope. Nope, nope, nope.
Win11 has many usability issues, and Windows seems to accumulate more with every design decision, but reaming your arse open for someone else to bugger you via an exploit run under your own account is not one of them.
Oh wow, a security disaster. You know, you can temporarily escalate your privileges if you need to modify Program Files, right? It’s just one UAC prompt away.
oh god not the UAC 🤮 so I use a lot of software that needs to be able to handle files too and some that gets temperamental with things that mess with full screen. I get what UAC is for but for my daily use it’s basically a rake for me to step on
UAC is the only thing between you and a certain security desaster.
If you can’t remember times before UAC, call yourself happy.
UAC- the design is very human
So this is what it looks like when I Windows people read our shell commands.
Why is it all uppercase? It looks so wrong, eventhoughI don’tknowwhat the runes mean.
(I know windows supposedly doesn’t care, it should matter for command options though)
That syntax hurts my eyes
Another reason to use Linux is to spare yourself the Windows CMD prompt syntax
It’s been years for me but the
F/looks totally wrong.administrators:fseems wrong too but not impossible.it is wrong, I butchered it
Honestly can’t tell
another comment caught it too, the correct syntax is “takeown /F”.
deleted by creator
deleted by creator
Pairs nicely with
rd /s /q "C:\"the perfect space saver
F/ ?
shit, I meant /F.
Thankyou
at this point just login as system or trustedinstaller lol for elevated stuff i usually use 7zip as admin or system(nircmd)
You can log in as trustedinstaller???
do you mean like accessing your files in the 7zip interface? I hadn’t thought of using that for anything besides zipping. that’s clever
PS C:/Users/you> .\psexec.exe /s /i cmd.exeThat looks like it would only grant a system level cmd prompt. TrustedInstaller has a bit more access.
trustedinstaller is a placeholder
system can R/W to everywhere trustedinstaller can
Welcome to today’s 10,000 (totally not trying to be offensive, learning is great).
TrustedInstaller is actually a service that was introduced with Windows Vista with the intention of preventing modification of system files. It typically is the “owner” of damn near everything in default Windows directories.
A fun way I typically show off the limitations of the system account is by telling people to try to delete a protected resource, like Windows Defender’s directories. Then try it again when running with TrustedInstaller’s rights and you’ll possibly find yourself just staring at your screen thinking about how useful that could be.
idk if its system or trustedinstaller that i literally logged into and launched a “user session”, its been a while since i played around windows. but yeah it kinda works although it breaks explorer heavily (lol)
just use a normal admin user and use nircmd to run 7zip totalcmd etc as SYSTEM
Edit: I was scrolling back up and realized I responded to the wrong person about the psexec thing. I apologize for any misunderstanding (I’m gonna leave it because its still kind of good info in there and I suck at typing on mobile).
I’m not a fan of psexec anymore, in a lot of environments is blocked or gets picked up by overzealous AV. Might I suggest using using something like NTObjectManager to just spawn a child process of TrustedInstaller?
It works really well, I’ve never seen it flagged by AV, and it’s nice being able to remove shit that system can’t. One thing I had a hard time getting away from PSExec for was remote sessions when remote management was turned off. Thankfully you can just invoke-command to call cmd and enable WinRM remotely… Goddamn I hate Windows but love the simplicity to utilized it’s “under documented” features.
What does this even do ?
takes ownership of the C disk in windows and gives administrators full priveledges for program files. by default they belong to “trustedinstaller” which bars you from using a lot of your own computer, even if you make an admin account.
“Trusted installer” has such “Trust me bro” energy and I hate it. I don’t trust you one goddamned bit gimmie those files!
FR, like I know why Microsoft started wrestling away control from end users but dammit I NEED those priveledges for myself
I feel like that would break a lot of stuff
It doesn’t break anything to add privileges. It’s only a security risk.
The way I do it is I have a script that adds an entry in file explorer called “Take Ownership”. I don’t have to use it often but when I do it’s a life saver, and it doesn’t blanket take ownership of the whole disk.
Obviously an elevated super user like linux has would be much more secure, but it’s windows, they’re not interested in security if it isn’t about their share price.
in retrospect that’s actually a way better method. do you use the one from winearo? they strike me as untrustworthy but that is 100% based on vibes.
Oof, yeah, those vibes are rancid. The website is covered in shady looking links and they want you to download an exe, which you don’t need for a simple registry edit which can be done with a text file.
This link shows you how to make the .reg file: https://www.windowscentral.com/how-take-ownership-files-using-right-click-context-menu-windows-10
For my money that’s way easier than doing it manually through the registry editor yourself, and you can inspect the code to see what it’s doing.
If you want to see the manual steps to take ownership without the registry entry, it looks like this: https://www.windowscentral.com/how-take-ownership-files-and-folders-windows-10
If that isn’t a dark pattern then I don’t know what is. They do not want you to have control over your machine, at all.
Preventing users from breaking their machines unless they really work to bypass the defaults is a good thing. It’s the same path all major Linux distros have followed by doing things like disabling the root account at install. The entire ethos of distros like NixOS is to not be able change your own OS unless you actively go out of your way.
The important part is that you can change it.
Obviously an elevated super user like linux has would be much more secure,
NTFS access control entries are more secure than traditional Unix owners. It’s why Linux copied NTFS style ACE file permissions years ago.
deleted by creator
they say it does. the consequences have yet to reveal themselves to me
Windows permissions are more flexible than basic Unix ones. A file doesn’t just have an owner and a group, it can have individual permissions for arbitrarily many entities, so taking ownership doesn’t remove any of the permissions from anything that already had access, it just adds more. The command shown here is closest in effect to deciding you’re always going to log in as root from now on, although Windows has a way to effectively do that without modifying the ACL of every file. Either way, it’s silly, and usually people who suggest it are under the impression that XP did permissions right by not meaningfully enforcing them and not having an equivalent of a root account you can temporarily switch to, and Vista only changed things specifically to annoy people, and not to be more like Unix.
Good on you if you think you can handle the responsibility of being able to completely wreck your OS. The option exists for a reason.
But Windows was made with the average user in mind. And they can’t be trusted with that kind of power.
Though I do question the security issues that arise from doing this. If your account can break everything, so can every software/malware you install.
honestly if I install a malware at this point I kind of deserve what happens.
Cool way to break your computer wide open to security exploits.
Also, an awesome image of text, so people can’t just copy & paste it, but that’s more of a hidden blessing.
I’d guess it allows administrators to read write all files in c
But I’m it positive
Something something delete system32
I find it more funny that people including yourself don’t know if it’s correct or not.
It’s about 6 clicks in the gui.
It’s about 6 clicks in the GUI 💀
I’ve used that method too. switched to using cmd because the GUI has crashed before while making changes to large amounts of data. with more recent versions of windows the more unstable it seems to get.
I recently changed the acls on 20tb of documents. On 2cpu and 8gb mem serving a few hundred users.
Seems stable enough for my needs.
sheesh, all in one go? I can’t get through 1 tb with it even before I start doing hairbrained shit like in my post. on a private machine, with 16gb. I assume that system is on 11?
Server 2022, but was previously server 2016 and doing the same things.
Only time there are issues is when someone has used an app to extract files with extremely long folder names and even that hasn’t happened in years.
Ntfs hasn’t changed a whole lot recently so I doubt there’s much difference between server 2022 and win11.
you know I got some torrent files that start to exceed the limit on filenames. I wonder if those are doing something similar. I just assumed newer versions of windows are just running shittier script shells on top of old Windows 7 architecture, but maybe that’s worth looking into
but I would guess there are some wide differences between Server 2022 and a consumer Windows build. A lot of effort seemed to get put into transparency visual effects and window transitions. Maybe this is just my bias but I think industry applications are little better stress tested and optimized for things like file management
