Page 1 of 1

testing the existence of restricted Subfolder without Admin

Posted: 25 Aug 2019 03:45
by Erzesel
I had to check the existence of a subfolder in all user profiles.
Usually i do this with admin rights via

Code: Select all

if exist "folder path"...
Of course, this does not work without admin rights.
...but!
To my surprise, I can however without admin:

Code: Select all

(call;>"restrictedPath\testSubFolder\nul")&&echo Folder exist||echo Errorlevel !errorlevel!
... write to the nul-device of all restricted folders and determine if a folder exists.

Here is my little experiment to this topic.

Code: Select all

chcp 65001>nul  & rem  i'm a German some Folder have vowel mutation chars
setlocal enableDelayedExpansion
set "testFolder=%~dp0test"
set "testSubFolder=%testFolder%\myFolder"
md "%testSubFolder%"
  rem show  the Folder in some ways
dir /b /a "%testFolder%\*"
  rem check normal for Folder
if exist "%testSubFolder%" (echo Folder exist) else (echo Folder not exist)
  rem Write to nul-"File" in the Folder (this works)
(call;>"%testSubFolder%\nul")&&echo Folder exist||echo Errorlevel !errorlevel!
  rem doe  the same into a nonexisting Folder (this can't work)
(call;>"%testFolder%\notExisting\nul")&&echo Folder exist||echo Errorlevel !errorlevel!
  rem as  above... write a real file (this also works)
(call;>"%testSubFolder%\realFile.txt")&&(echo Folder exist & del /q "%testSubFolder%\realFile.txt")||echo Errorlevel !errorlevel!

echo:
echo now removing  all access from %testFolder% and doe the same...

  rem now remove all access to the Testfolder (also for admins)   ( reset later  as well by owner)
icacls "%testFolder%"  /inheritance:r /t
  rem now  the same
  rem dir don't work
dir /b /a "%testFolder%\*"
  rem as expected, can't look behind the Testfolder 
if exist "%testSubFolder%" (echo Folder exist) else (echo Folder not exist)
  rem ...but i can write to the nul-file of the Subfolder  behind the restricted...
(call;>"%testSubFolder%\nul")&&echo Folder exist||echo Errorlevel !errorlevel!
  rem same as above ---normal reaction
(call;>"%testFolder%\notExisting\nul")&&echo Folder exist||echo Errorlevel !errorlevel!
  rem  ...but can't write to  a normal file of the Subfolder  behind 
(call;>"%testSubFolder%\realFile.txt")&&(echo Folder exist &del /q "%testSubFolder%\realFile.txt")||echo Errorlevel !errorlevel!

pause
  rem reset this  Demo
icacls "%testFolder%" /reset /t
rd /q /s "%testFolder%"

pause
exit /b
This demo works as user without Rights or as Admin
I do not need any special help here, but I found it strange that there are ways to look behind the restrictions without rights.
Possibly the whole thing is interesting for other users.

Re: testing the existence of restricted Subfolder without Admin

Posted: 04 Sep 2019 15:22
by Eureka!
Erzesel wrote:
25 Aug 2019 03:45
Possibly the whole thing is interesting for other users.
Yes it is! Thank you!
Did you test this with folder access over SMB too? (meaning a network folder; can't test it right now, but am very curious)

Nice discovery.