|28 Apr 2013||#42|
-I have notepad set to "Run as Administrator" on both windows 7 machines
-I can write to the root C: such as copying over a .exe file or something like that. The issue is editing a text file only.
I can edit a text file on the root C drive on a windows xp machine but not any windows 7 machines across network. I am guessing i must of missed some windows 7 permissions policy some where to enable this. Now i can edit a file on windows 7 machines if it's not on the root of the drive say C:\testfolder\testfile.txt
I know that you have already done some of these steps - so just check them instead of redoing them.
Computer A = local
Computer B = remote
Disconnect any mapped drive letters that you might have between computers.
Open Credential Manager on both computer A and computer B.
On computer A, remove any reference that you see to computer B.
On computer B, remove any reference that you see to computer A.
Set LocalAccountTokenFilterPolicy to 1 on computer B.
Restart both computers see if this works:
While sitting at computer A
Map a drive letter to \\computer B\C$
(Or use a UNC type of connection.)
When asked for credentials, enter any admin account info that resides on computer B.
You should now be able to do whatever you want to a file on computer B; even if the file of interest is in the system root of computer B.
When computer A uses a connection to the admin share on computer B that type of connection acts like an elevated process. Computer B uses its own unelevated explorer.exe to allow the remote connection to SILENTLY create/edit/rename/delete/infect files in areas that normally require an elevated process to access. (Scary huh? A malware writer's dream connection.)
Files can be created locally on computer A then moved to computer B's root.
Files can be created directly in computer B's root via an unelevated process like computer A's explorer.
(via right-click > New > Text Document)
Files can be created directly in computer B's root via computer A's unelevated notepad.
(via File > Save as > navigate to computer B's root)
So, unelevated malware can do stuff to Computer B that is cannot do to computer A. But if computer B has an admin share connection to computer A, then it can use computer B to further infect computer A.
As you found out, you need an elevated process on computer B to edit a file that was created by computer A and placed directly into computer B's root. That is perfectly normal and desired. The same is true for a local file that is created in the root by an elevated process.
And just to repeat what was said in an earlier post:
You can create a file on computer B's desktop
Move it to computer B's root
And edit it without an elevated process (forgot to demo in the video).
But such a file is limited in what it can do from within the root or elsewhere.
|My System Specs|
|Similar help and support threads|
Changing Setting Security on root folder returns 'access is denied'
Hi, Changing setting Security on root folder returns access is denied for some sub-folders. I have an external HHD assigned with 'G' driver letter under my Computer. I have removed 'everyone' from the 'Groups and user names' on the root folder by choosing 'security tab' from the property...
|Backup and Restore|
The root drive (C:\) is shared, nevertheless there is no access to sub
The root drive (C:\) is shared, nevertheless there is no access to subfolders, How come that the root drive (C:\) is shared but no access is permitted to a particular subfolder (attached)? How to force the sharing for the root and ALL the subfolders Thank you Best
|Network & Sharing|
Access denied when editing .ini files
All of a sudden when I'm trying to save an edited .ini file in a program folder (in C:\Program Files) I get blocked by an Access Denied message. First, on making the changes in the .ini using Notepad and then clicking File > Save, I get the "Save As" dialog instead. But even then when I click Save...
all my files are access denied
can anyone help me... all my files are access denied even im the admin. tnx!
.Log text files on root of "C" drive
After installing Nvidia drivers, Realtek drivers, and JMicron E-sata drivers, I now have .log text files on the root of my "C" drive. Are these accessed next time I update the driver or can I get rid of them? I can't seem to find anything about these. I know they are there for a reason but I like...
|Installation & Setup|
cant access root drive - lost admin rights
Hi; I installed Windows7 recently. I was changing permissions and accidently denied authenticated users to C drive. I was logged in as admin which is the only account. Now I cant access anythig in C Drive and cant execute any thing. I tried through safe mode as well but of no use. How can I...
© Designer Media Ltd
All times are GMT -5. The time now is 04:25.