Tuesday, 15 March 2011

How to change permissoin of $Extend directory? Python? C++? -



How to change permissoin of $Extend directory? Python? C++? -

i want hide text file moving $extend directory (what directory?). run cmd administrator , run below code :

c:\windows\system32>copy i:\tohide.txt i:\$extend access denied. 0 file(s) copied. c:\windows\system32>

as see, couldn't , received access denied error. tried takeown destination directory ($extend) , alter acls below :

c:\windows\system32>takeown /f i:\$extend success: file (or folder): "i:\$extend" owned user "abraham-vaio\abra ham". c:\windows\system32>cacls i:\$extend /g abraham:f sure (y/n)?y scheme cannot find file specified. c:\windows\system32>

q1: why cacls couldn't see directory, while takeown could!?

after that, utilize below python code :

import win32api import win32con import win32security filename = "i:\\$extend" open (filename, "w").close () print "i am", win32api.getusernameex (win32con.namesamcompatible) sd = win32security.getfilesecurity (filename, win32security.owner_security_information) owner_sid = sd.getsecuritydescriptorowner () name, domain, type = win32security.lookupaccountsid (none, owner_sid) print "file owned %s\\%s" % (domain, name)

and receive access denied 1 time again :

>>> ================================ restart ================================ >>> traceback (most recent phone call last): file "c:\users\abraham\desktop\teste.py", line 6, in <module> open (filename, "w").close () ioerror: [errno 13] permission denied: 'i:\\$extend' >>>

q2: python code equal takeown or alternative cacls?

q3: why receive access denied,while run idle (and after python in command-line) administrator?

last questions :

q4: why can't open directory using windows explorer, while can open using winrar? windows restrict apis explorer available other softwares?

by way, there way accomplish goal using python or c++ or ...? (hiding in $extend directory)

in general, can access mft straight opening \.\physicaldrivex - underlying physical disk (x number of disk want open) - , parse disk directly, i.e. find partition offset master boot record, parse first ntfs sector , there find location of mft.

there great open source sample of how parse mft in ntfsfastfind project, see here: http://home.comcast.net/~lang.dennis/console/ntfsfastfind/ntfsfastfind.html

i recommend read ntfs internals here: http://technet.microsoft.com/en-us/library/cc781134(v=ws.10).aspx http://ntfs.com/ntfs-mft.htm

c++ python-2.7 ntfs access-denied cacls

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)