|
|
|
@ -32,6 +32,32 @@ function Takeown-Registry($key) {
|
|
|
|
|
$key.SetAccessControl($acl)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function Takeown-File($path) {
|
|
|
|
|
takeown.exe /A /F $path
|
|
|
|
|
$acl = Get-Acl $path
|
|
|
|
|
|
|
|
|
|
# get administraor group
|
|
|
|
|
$admins = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544")
|
|
|
|
|
$admins = $admins.Translate([System.Security.Principal.NTAccount])
|
|
|
|
|
|
|
|
|
|
# add NT Authority\SYSTEM
|
|
|
|
|
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule($admins, "FullControl", "None", "None", "Allow")
|
|
|
|
|
$acl.AddAccessRule($rule)
|
|
|
|
|
|
|
|
|
|
Set-Acl -Path $path -AclObject $acl
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function Takeown-Folder($path) {
|
|
|
|
|
Takeown-File $path
|
|
|
|
|
foreach ($item in Get-ChildItem $path) {
|
|
|
|
|
if (Test-Path $item -PathType Container) {
|
|
|
|
|
Takeown-Folder $item.FullName
|
|
|
|
|
} else {
|
|
|
|
|
Takeown-File $item.FullName
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function Elevate-Privileges {
|
|
|
|
|
param($Privilege)
|
|
|
|
|
$Definition = @"
|
|
|
|
|