The Pigstye

Code, Notes, Stuff

• Home
• PowerShell >>
  • Exchange
  • AD Commands
  • TimeZone Conversion
  • Directory Space
  • Enable WinRM
  • Long Paths
  • File List
  • Code Fragments
  • Useful Functions
  • Windows Logging
• Forensics >>
  • Forensic Acquisition
  • Volatility
  • Notes >>
    • Logon Failures on DC
    • Registry Keys
    • Logs and Logging
    • Mimikatz
    • Netcat
  • Investigations >>
    • Scheduled Task Job File
    • Volume Shadow Copies
    • Password Hacking
    • Prefetch Files
• Security >>
  • OpenSSL File Enc
• Code >>
  • VBA Subnetting
  • Remove Spaces
  • Batch String
• HowTo >>
  • Active Directory >>
    • Copy AD Users
    • GP Troubleshooting
    • Delete Old Computers
  • System Admin >>
    • Clean WINSXS
    • Fix RDP Disconnects
    • Remove efi Part
    • Speed Up Logons
    • Track Open Files
    • SQL Server Config Err
    • TS Commands
    • WMI Notes
  • Dos Commands
  • UAC Registry Settings
  • Enable CHM
  • Win8 Admin Shares
  • Recover SA Pass
  • Remove DOCX Pass
  • Win 8.1 HyperV
• Lamers

PowerShell Script to get the file permissions for directories and files in any path

PowerShell provides a wealth of information about the file system items. It is not always easy to get to however.

This PowerShell script will extract the following information about all files and directories in a path.

CreationTime, LastAccessTime, LastWriteTime, Path, Type, Owner, Group, Identity, Inherited, InheritanceFlags, PropagationFlags, AccessControlType, AccessMasks, Atrributes, Size

It returns this information as a PowerShell object so it can be exported to csv or xml easily.

Here are some examples of how it can be used:

• .\get-files.ps1 . This command gets the files in the current directory and below.
• .\get-files.ps1 d:\ | export-csv -notypeinformation files.csvThis command gets all the files on the d: drive and exports them to files.csv
• type .\drives.txt | .\get-files.ps1 d:\ | export-csv -notypeinformation files.csvThis command gets the files from the drives contained in drives.txt (one per line) and exports them to files.csv

Here is a listing of the Win32 ACE (Access Control Entry) definition for directories -- bit flags
1 = LIST_DIRECTORY Grants the right to list the contents of the directory.
2 = ADD_FILE Grants the right to create a file in the directory.
4 = ADD_SUBDIRECTORY Grants the right to create a subdirectory.
8 = READ_EA Grants the right to read extended attributes.
16 = WRITE_EA Grants the right to write extended attributes.
32 = TRAVERSE The directory can be traversed.
64 = DELETE_CHILD Grants the right to delete a directory and all the files it contains (its children), even if the files are read-only.
128 = READ_ATTRIBUTES Grants the right to read file attributes.
256 = WRITE_ATTRIBUTES Grants the right to change file attributes.
65536 = DELETE Grants delete access.
131072 = READ_CONTROL Grants read access to the security descriptor and owner.
262144 = WRITE_DAC Grants write access to the discretionary access control list (ACL).
524288 = WRITE_OWNER Assigns the write owner.
1048576 = SYNCHRONIZE Synchronizes access and allows a process to wait for an object to enter the signaled state.
268435456 = FullControl

Note there are other more complicated combinations for which there are no easy descriptions.

You can get this script here get-fileinfo.ps1

This Website made with hand crafted html and css.

Everything here is released under the MIT License.