Gray Hat Hacking, Second Edition, 2nd Edition

How Windows Access Control Works

To fully understand the attack process described later in the chapter, it’s important to first understand how Windows Access Control works. This introductory section is large because access control is such a rich topic. But if you stick with it and fully understand each part of this, it will pay off with a deep understanding of this greatly misunderstood topic, allowing you to find more and more elaborate vulnerabilities.

This section will be a walkthrough of the four key foundational components you’ll need to understand to attack Windows Access Control: the security identifier (SID), the access token, the security descriptor (SD), and the access check.

Security Identifier (SID)

Every user and every entity for ...

Get Gray Hat Hacking, Second Edition, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Gray Hat Hacking, Second Edition, 2nd Edition by Shon Harris, Allen Harper, Chris Eagle, Jonathan Ness

How Windows Access Control Works

Security Identifier (SID)

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly