This page looks best with JavaScript enabled

SANS ISC Diary - Discovering contents of folders in Windows without permissions

 ·  β˜• 1 min read

A Diary of mine was published today on the SANS Internet Storm Center. This one deals with a strange side effect of the way in which Windows deals with file permissions, which enables any user, regardless of permissions, to brute-force contents of any local folder.

UPDATE 20. 5. 2020: I put together a shor video demonstrating the weakness/vulnerability while preparing materials for SANSFIRE 2020. You may find it here.

ISC diary
Share on