0utsidethebox

DataCollection ACL

May 3rd, 2020
739
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Get-Acl -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\DataCollection | fl
  2.  
  3. Path   : Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Data
  4.          Collection
  5. Owner  : NT AUTHORITY\SYSTEM
  6. Group  : NT AUTHORITY\SYSTEM
  7. Access : BUILTIN\Пользователи Allow  ReadKey
  8.          BUILTIN\Пользователи Allow  -2147483648
  9.          BUILTIN\Администраторы Allow  FullControl
  10.          BUILTIN\Администраторы Allow  268435456
  11.          NT AUTHORITY\SYSTEM Allow  FullControl
  12.          NT AUTHORITY\SYSTEM Allow  268435456
  13.          CREATOR OWNER Allow  268435456
  14.          APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES Allow  ReadKey
  15.          APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES Allow  -2147483648
  16.          S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681 Allow  Re
  17.          adKey
  18.          S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681 Allow  -2
  19.          147483648
  20. Audit  :
  21. Sddl   : O:SYG:SYD:AI(A;ID;KR;;;BU)(A;CIIOID;GR;;;BU)(A;ID;KA;;;BA)(A;CIIOID;GA;;;BA)(A;ID;KA;;;SY)(A;CIIOID;GA;;;SY)(A
  22.          ;CIIOID;GA;;;CO)(A;ID;KR;;;AC)(A;CIIOID;GR;;;AC)(A;ID;KR;;;S-1-15-3-1024-1065365936-1281604716-3511738428-1654
  23.          721687-432734479-3232135806-4053264122-3456934681)(A;CIIOID;GR;;;S-1-15-3-1024-1065365936-1281604716-351173842
  24.          8-1654721687-432734479-3232135806-4053264122-3456934681)
RAW Paste Data