Jump to content











Photo
- - - - -

Bypass NTFS Permissions


  • Please log in to reply
25 replies to this topic

#1 cdob

cdob

    Gold Member

  • Expert
  • 1438 posts

Posted 14 March 2010 - 07:21 PM

Ntfs security may prohibit access to files.
That's a draw back at data rescue.

Known approach: take ownership and change permíssion
This require addional write to hard disk.
Avoid writing to source disk at data rescue.

seseberg mentioned a solution: http://www.boot-land...?...ost&p=93201
AccessGain allows acess to files bypassing NTFS permission.

Boot PE, open a explorer, right click a drive and select "Bypass file system security checks".
x86 and x64 PE is possible.

Attached Files



#2 Nuno Brito

Nuno Brito

    Platinum Member

  • .script developer
  • 10545 posts
  • Location:boot.wim
  • Interests:I'm just a quiet simple person with a very quiet simple life living one day at a time..
  •  
    European Union

Posted 14 March 2010 - 09:10 PM

Very good. In linux it's "easy" to manage permissions from command line but in windows it seems a bit more complicated.

Thanks for sharing.

btw: the topic title should perhaps indicate that this is an app script to ease other readers to know what to find here.

:lol:

#3 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 14829 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 14 March 2010 - 09:16 PM

Nice find by seseberg, and very nice work by you. ;)

Wonko approves of this. :lol:

:cheers:

Wonko

#4 paraglider

paraglider

    Gold Member

  • .script developer
  • 1729 posts
  • Location:NC,USA
  •  
    United States

Posted 15 March 2010 - 02:55 AM

Windows gives you cacls / icacls command line programs. They give you full access to the file permissions.

#5 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 14829 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 15 March 2010 - 08:39 AM

Windows gives you cacls / icacls command line programs. They give you full access to the file permissions.

Yep, but do they do it actually writing on the hard disk or not? :cheers: ;)
(that is the point that Nuno appears to have missed :cheers:)

Known approach: take ownership and change permíssion
This require addional write to hard disk.
Avoid writing to source disk at data rescue.


And of course there is SETACL (but of course it WRITES):
http://setacl.sourceforge.net/
;)


:cheers:
Wonko

#6 paraglider

paraglider

    Gold Member

  • .script developer
  • 1729 posts
  • Location:NC,USA
  •  
    United States

Posted 15 March 2010 - 11:55 AM

Yes they do. They make a permanent change by updating header records in the filesystem.

#7 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 14829 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 15 March 2010 - 02:50 PM

Yes they do. They make a permanent change by updating header records in the filesystem.

Sure :cheers:, it was a rhetorical question, hence the ;).

;)

Wonko

#8 Lancelot

Lancelot

    Frequent Member

  • .script developer
  • 5013 posts
  • Location:Turkiye/Izmir
  • Interests:*Mechanical stuff and Physics,
    *LiveXP, BartPE, SherpyaXPE,
    *Basketball and Looong Walking,
    *Buying outwear for my girlf (Reason: Girls are stupid about buying bad stuff to make themselves uglier :))
    *Girls (Lyric: Girl,...., You will be a womann, Soon)
    *Answering questions for "Meaning of life",
    *Helping people,

    Kung with LiveXP, Fu with Peter :)
  •  
    Turkey

Posted 15 March 2010 - 03:31 PM

Hi cdob,

Thanks a lot for the script,

following lines in your script "If,%OS%%SourceArch%,Equal,XPx86...." but no info around,
Can you please clarify,
Does AccessGain Drivers not work on 2k3 based PE1 ?

edit: forgot to mention, on readme txt there is " - Windows Server 2003 32-bit and 64-bit" but I think if cdob add these lines there should be a reason.

#9 cdob

cdob

    Gold Member

  • Expert
  • 1438 posts

Posted 15 March 2010 - 03:50 PM

Does AccessGain Drivers not work on 2k3 based PE1 ?

on readme txt there is " - Windows Server 2003 32-bit and 64-bit"

I've no idea. Try 2003 32-bit and 64-bit and report the result.

Full list from readme.txt

Supported operating systems:

- Windows 2000 SP4 Rollup 1
- Windows XP SP2, SP3
- Windows Server 2003 32-bit and 64-bit
- Windows Vista RTM, SP1 32-bit and 64-bit
- Windows Server 2008 32-bit and 64-bit
- Windows 7 32-bit and 64-bit



#10 Lancelot

Lancelot

    Frequent Member

  • .script developer
  • 5013 posts
  • Location:Turkiye/Izmir
  • Interests:*Mechanical stuff and Physics,
    *LiveXP, BartPE, SherpyaXPE,
    *Basketball and Looong Walking,
    *Buying outwear for my girlf (Reason: Girls are stupid about buying bad stuff to make themselves uglier :))
    *Girls (Lyric: Girl,...., You will be a womann, Soon)
    *Answering questions for "Meaning of life",
    *Helping people,

    Kung with LiveXP, Fu with Peter :)
  •  
    Turkey

Posted 15 March 2010 - 04:17 PM

I confirm working properly on 2003 x64.

Well my confusion was "I think if cdob add these lines there should be a reason." :thumbup: Now everything clear. :thumbup:

Thanks a lot for the script again. With some small cosmetics I will upload to LiveXP server. :thumbup:

#11 Smoker

Smoker

    Newbie

  • Members
  • 11 posts
  •  
    Germany

Posted 18 March 2010 - 02:29 AM

i got a blue screen ( process1_initialization_failed ) with the AccessGain script :-(
and warnings during the compiling process (something like: script is overwriting existing reg values)

any ideas?


regards
Axel

#12 paraglider

paraglider

    Gold Member

  • .script developer
  • 1729 posts
  • Location:NC,USA
  •  
    United States

Posted 18 March 2010 - 03:02 AM

I get the blue screen as well with win7pe. Although after looking at the script I am not surprised. It was written for XP based PE.

#13 paraglider

paraglider

    Gold Member

  • .script developer
  • 1729 posts
  • Location:NC,USA
  •  
    United States

Posted 18 March 2010 - 04:07 AM

Its easy enough to get working in win7pe. Not sure that its actually needed in PE as the system user has full access to the drive anyway.

#14 MedEvil

MedEvil

    Platinum Member

  • .script developer
  • 7771 posts

Posted 18 March 2010 - 01:39 PM

You're right, to the allmighty system account, there should be no permissions to keep it out.
Has anyone ever had any problem accessing a drive?

:thumbup:

#15 patsch

patsch

    Silver Member

  • Advanced user
  • 785 posts
  •  
    Germany

Posted 18 March 2010 - 01:42 PM

yes, here:
http://www.boot-land...showtopic=10781

#16 cdob

cdob

    Gold Member

  • Expert
  • 1438 posts

Posted 18 March 2010 - 03:12 PM

i got a blue screen ( process1_initialization_failed ) with the AccessGain script

Which project do you use?

I get the blue screen as well with win7pe. Although after looking at the script I am not surprised. It was written for XP based PE.

Yes, that's a XP based script here at LiveXP section.

Not sure that its actually needed in PE as the system user has full access to the drive anyway.

System has access within NTFS permissions.
If a user remove system permission, then system account can't open files.

#17 patsch

patsch

    Silver Member

  • Advanced user
  • 785 posts
  •  
    Germany

Posted 18 March 2010 - 03:17 PM

Smoker tried to use this script because he had trouboe to access folders within his Win7PE-project and jaclaz (ähh, Wonko) pointed him to this script

#18 Lancelot

Lancelot

    Frequent Member

  • .script developer
  • 5013 posts
  • Location:Turkiye/Izmir
  • Interests:*Mechanical stuff and Physics,
    *LiveXP, BartPE, SherpyaXPE,
    *Basketball and Looong Walking,
    *Buying outwear for my girlf (Reason: Girls are stupid about buying bad stuff to make themselves uglier :))
    *Girls (Lyric: Girl,...., You will be a womann, Soon)
    *Answering questions for "Meaning of life",
    *Helping people,

    Kung with LiveXP, Fu with Peter :)
  •  
    Turkey

Posted 18 March 2010 - 03:32 PM

Hi cdob,

we had similar experiences before (pe2/3 users trying to use pe1 specific scripts)
to avoid we put txtsetup.sif check to the script
http://livexp.boot-l...nDrivers.script
untill an experienced user make the script compatible to pe2/3 world
http://livexp.boot-l...kCryptor.script
:thumbup:

#19 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 14829 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 18 March 2010 - 04:21 PM

.... and jaclaz (�hh, Wonko) pointed him to this script


Wonko did NOT point him to this .script.

Wonko suggested him that possibly the app may be useful, and pointed him to this thread where the app - reported to be working on:

Supported operating systems:

- Windows 2000 SP4 Rollup 1
- Windows XP SP2, SP3
- Windows Server 2003 32-bit and 64-bit
- Windows Vista RTM, SP1 32-bit and 64-bit
- Windows Server 2008 32-bit and 64-bit
- Windows 7 32-bit and 64-bit


is discussed, thanks to cdob who both "extracted" the info from an otherways most probably doomed to go unnoticed post by seseberg and provided a .script for it for LiveXP.

It was Smoker's initiative to assume that the .script would have worked in Win7PE.

Summing up:
  • Wonko (the Sane) is right (as always)
  • Smoker is wrong
  • patsch is a squealer Posted Image

:thumbup:

:)
Wonko

#20 patsch

patsch

    Silver Member

  • Advanced user
  • 785 posts
  •  
    Germany

Posted 18 March 2010 - 04:54 PM

yes Wonko, you are right and I'm wrong as always :)
:thumbup:

#21 Smoker

Smoker

    Newbie

  • Members
  • 11 posts
  •  
    Germany

Posted 18 March 2010 - 10:38 PM

thanks for all informations, I didn't know that liveXP scripts are so different to Win7PE scripts that they don't work under Win7PE as well. :thumbup:

#22 JanuszChmiel

JanuszChmiel

    Frequent Member

  • Advanced user
  • 201 posts
  •  
    Czech_ Republic

Posted 19 June 2012 - 10:05 AM

Dear users and developers.
I have tested The
AccessGainDrivers.script
And The script implementation is perfect, driver is being correctly loaded. BUt i Am disappointed because of The driver.
Somebody, who programmed it thought, that it is really able to issue all NTFS permissions. But i can write, that The driver can not be solution for reall access to all folders and files from WIndows PE, no matter on PE version.

I can not access The folder
users oshibadata aplikací
From real Windows7 installation or from PE live project which is using this driver.
I Am getting error message, that The folder refers to The place, which is not available, it is stored on other media.

So for now, if somebody want to access all folders and files on NTFS partition, user must use Linux live CD.
Sure, i have no encrypted files on NTFS, which i would like to access by using AccessGain Driver.

The idea is to talk with C language developer of this driver, if there is no some solution, but i think, that NT kernel is having much more bigger power as driver developer could think.
So we can dream about full NTFS access from running live PE projects.

#23 amalux

amalux

    Platinum Member

  • Tutorial Writer
  • 2813 posts
  •  
    United States

Posted 19 June 2012 - 02:32 PM

Hi Janusz,

Usually this situation is due to junction points used in Windows 7 http://pherricoxide....denied-problem/

where you try to open a folder that isn't an actual folder, it's a junction shortcut that redirects to a different location.

This particular junction probably points to "C:\Users\<username>\AppData\Roaming" or you can just type %appdata% in the Run dialog box.

:cheers:

#24 homes32

homes32

    Gold Member

  • .script developer
  • 1030 posts
  • Location:Minnesota
  •  
    United States

Posted 19 June 2012 - 02:44 PM

Dear users and developers.
I have tested The
AccessGainDrivers.script
And The script implementation is perfect, driver is being correctly loaded. BUt i Am disappointed because of The driver.
Somebody, who programmed it thought, that it is really able to issue all NTFS permissions. But i can write, that The driver can not be solution for reall access to all folders and files from WIndows PE, no matter on PE version.

I can not access The folder
users oshibadata aplikací
From real Windows7 installation or from PE live project which is using this driver.
I Am getting error message, that The folder refers to The place, which is not available, it is stored on other media.

So for now, if somebody want to access all folders and files on NTFS partition, user must use Linux live CD.
Sure, i have no encrypted files on NTFS, which i would like to access by using AccessGain Driver.

The idea is to talk with C language developer of this driver, if there is no some solution, but i think, that NT kernel is having much more bigger power as driver developer could think.
So we can dream about full NTFS access from running live PE projects.


I think you are missing the point of this driver.
  • It does not issue permissions. it simply instructions the filesystem to ignore the security descriptors
  • it can not decrypt NTFS encrypted files
  • your error message obviously has nothing to do with not having the correct permissions. you are most likely trying to access a hard-link/junction point.


#25 JanuszChmiel

JanuszChmiel

    Frequent Member

  • Advanced user
  • 201 posts
  •  
    Czech_ Republic

Posted 19 June 2012 - 03:10 PM

Dear developers,

IAM very sorry, thank You for Yours explanation.
I understand, The driver is The kernel driver and it is able to enable us to access files or folders no matter on The permissions set.
Thank You Mr Amalux for Yours explanation related to The junction points, so driver is really working and antivirus can access all files, folders and subfolders.

IAm very sorry again for my misunderstanding of The problem.
So it is not dream, but reality, Linux live CDS do not have to be used for virus removal.

IAM apologize to script developers and also to The kernel driver developer, he is very probably not presented here, so i will excuse him personally.

And Mr Amalux, thank You, that YOu are living on this world, You are very, very experienced developer.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users