You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As far as I understand the goal of the share scanner is to find the interesting shares that have been overprivileged. I find myself often trying to filter out various common results such as NETLOGON and SYSVOL as well as other well-known Everyone allowed shares (by common best practices or software documentation). For this part maybe would be a great idea to add a column if a share is well-known to have a more easily filterable list.
The other part of the problem seems to be running the scanner with a user that has administrator access to some machines or the false-positive of a machine where the scanner is started. It seems that is not taken into account in the code
As far as I understand the goal of the share scanner is to find the interesting shares that have been overprivileged. I find myself often trying to filter out various common results such as NETLOGON and SYSVOL as well as other well-known Everyone allowed shares (by common best practices or software documentation). For this part maybe would be a great idea to add a column if a share is well-known to have a more easily filterable list.
The other part of the problem seems to be running the scanner with a user that has administrator access to some machines or the false-positive of a machine where the scanner is started. It seems that is not taken into account in the code
pingcastle/shares/ShareEnumerator.cs
Line 42 in 3e377c6
I think adding those would be an awesome addition to the tool.
The text was updated successfully, but these errors were encountered: