Just Let It Flow

April 2, 2010

QueryDACL

Filed under: — adeyblue @ 6:07 am

Download QueryDACL 1.7Download source codeBrowse source online

QueryDACL is a tool for querying the ACL’s (access control lists) and ACE’s (access control entries) of files, services, registry keys, printers, processes, threads, timers, mutexes, tokens, sections, events, and semaphores in Windows 2000 and later. QueryDACL allows you to quickly and easily see which accounts have what level of access to a particular securable Windows object without the need to open a GUI.

In an ordinary Windows installation, about the only tools you get to be able to view DACLs on the command line are cacls/icacls for files, and sc for services. Even then, the output is more or less cryptic unless you know what all the abbreviations mean. QueryDACL not only centralizes this functionality in a single application, it provides the results in plain English. Take a look at the difference:

Folder ACL output of icacls and cacls

Folder ACL output of icacls and cacls

QueryDACL's version of the same output

QueryDACL's version of the same output

QueryDACL can also investigate files, services and registry keys on other computers on the network. To download the latest version of the tool please visit the sourceforge download page. The source can be browsed online at http://aclutil.svn.sourceforge.net/viewvc/aclutil/QueryDACL/, or downloaded from here.

New in version 1.7:
Support for object manager directories and their entries (these are the objects you can see using WinObj) and job objects using the new kernel types ‘directory’ and ‘job’ respectively.

To visit the sourceforge project page, please click on the logo below:
Get QueryDACL at SourceForge.net.

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URL

Leave a comment

Powered by WordPress