[ACCESSCHK]
Advanced permission auditing tool for Windows security assessments and privilege escalation analysis
Difficulty: Intermediate
Category: Security
Key Features
User Rights Analysis
Check user privileges and group memberships
Object Permissions
Audit file, registry, and service permissions
Vulnerability Scanning
Identify privilege escalation opportunities
Command Line Interface
Powerful scripting capabilities for automation
Basic Usage
User Rights and Privileges
# Check current user's privileges
accesschk -u
# Check specific user privileges
accesschk -u -c john
# Check if user can write to a service
accesschk -ucqv john Spooler
File and Directory Permissions
# Check directory permissions
accesschk -dqv "C:\\Program Files"
# Find writable directories
accesschk -uwdqs Users "C:\\Program Files"
# Check file permissions for specific user
accesschk -qv john "C:\\Windows\\System32\\config\\SAM"
Privilege Escalation Analysis
Service Vulnerabilities
# Find services writable by authenticated users
accesschk -uwcqv "Authenticated Users" *
# Check service permissions for Everyone group
accesschk -ucqv Everyone *
# Find unquoted service paths
accesschk -uwdq "C:\\Program Files (x86)"
Registry Analysis
# Check registry key permissions
accesschk -kqv HKLM\\SYSTEM\\CurrentControlSet\\Services
# Find writable registry keys
accesschk -kwus Users HKLM\\SOFTWARE
# Check auto-start registry locations
accesschk -kqv HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run
Security Use Cases
๐ Privilege Escalation
Identify paths for privilege escalation during security assessments.
# Find weak service permissions
accesschk -uwcqv "Users" *
๐ Compliance Auditing
Verify permissions align with security policies and compliance requirements.
# Audit sensitive directories
accesschk -dqv "C:\\Windows\\System32"
๐งช Penetration Testing
Enumerate attack paths and identify security weaknesses.
# Check current user access
accesschk -u -c %USERNAME%
๐ง System Hardening
Identify and remediate excessive permissions before deployment.
# Check Everyone group access
accesschk -uwdqs Everyone "C:\\"
Command Reference
| Option | Description | Example |
|---|---|---|
| -u | Show user rights | accesschk -u john |
| -c | Check service permissions | accesschk -ucqv john * |
| -d | Check directory permissions | accesschk -dqv "C:\\temp" |
| -k | Check registry key permissions | accesschk -kqv HKLM\\SOFTWARE |
| -w | Show write access only | accesschk -uwdqs Users "C:\\" |
| -s | Recurse subdirectories | accesschk -uwdqs Users "C:\\" |
Best Practices & Tips
Run with appropriate privileges: Some checks require administrative rights for complete results
Focus on service vulnerabilities: Services with weak permissions are common escalation vectors
Check unquoted service paths: Combine with directory write permissions for exploitation
Automate with scripts: Create batch files for repeated security assessments