New Tool: Windows Permission Identifier v1.0


When on site for a client I needed to check the user permissions of certain user accounts on an EPOS system. I needed to know what users could and could not access. This tool goes a long way to answering the question of what access a user has to the system.

There are lots of tools for checking the settings but nothing that was good enough to check the rights, permissions and access that I needed to check. So here is the ?Windows Permission Identifier?. WPI. It?s an early version so please report any bugs and send any of your own policies you think would be useful.

Name: Windows Permission Identifier v1.0 (WPI)[ZIP 392 KB]

Released: 17th Jan 2006

System Requirements: Windows 2000 or higher

Credit: Nathan House

Abstract: This tool enables administrators and penetration testers to review and audit the permissions of users on a windows machine.

Windows Permission Identifier can check;
File ACLs
Folder ACLs
Registry ACLs
Services Permissions
Shares
Installation rights
Internet Access and so on.

The GUI enables the administrator to create policies that can be saved in XML format. The windows machines permissions are then checked against this policy. This enables administrators to run checks against existing organisational windows security baseline documents. Policies can be saved in XML format and all results can be exported for further use.
WARNING: The policy that is included is a sample of the functionality of the tool. It is not a security policy that should be followed.

Report Bugs & send your own policy files : nhouse[at]stationx.net

It would be very useful to the community if you send me any policies you create. For example, Firewall, Web server, desktop, domain controller or what ever you create. I will upload your policy files to the site and credit you.

You can also request new features. You may not get them though! :)

Download: http://www.stationx.net/windows_permission_identifier.php

http://www.stationx.net/
IT Security for Home and Business

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------------

Relevant Pages

  • New Tool: Windows Permission Identifier v1.0
    ... This tool enables administrators and penetration testers to review and audit the permissions of users on a windows machine. ...
    (Pen-Test)
  • RE: What server hardening are you doing these days?
    ... permissions on their data, and Microsoft encourages ISVs to minimize ... I've been able to discuss ACLs and other security issues in Windows with ... Control or DAC (which is what you're referring to by the "stupid ...
    (Focus-Microsoft)
  • Re: Unnown process... 5eplorer.exe
    ... do not remove the cause (a "super"-hidden .dll program) but only remove ... symptom files and registry settings. ... It has all permissions but 'copy' denied to everyone, ... then by using the Windows XP Recovery Console. ...
    (microsoft.public.win2000.general)
  • RE: dcom permissions and vista?
    ... user BLAH with Local Activation and Local Launch permissions. ... Windows Vista indeed do some changes in handling DCOM and you may need to ... Windows Vista introduces the notion of Mandatory Access Labels in security ... Microsoft Online Community Support ...
    (microsoft.public.vc.atl)
  • Re: Passwords on Folders
    ... domain computer [there is also a recovery agent for a domain]. ... > Windows under which those permissions were defined. ... use NTFS on your hard drives so you can then EFS ...
    (microsoft.public.win2000.security)