Use PowerShell and SCOM to find file shares with weak permissions
Tags
attack-pattern: Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Vulnerabilities - T1588.006 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID 5c2b2028-1393-404c-8fcc-d048d0ee4d95
Fingerprint a250025af3758ead
Analysis status DONE
Considered CTI value 0
Text language
Published Oct. 27, 2017, 5:48 a.m.
Added to db Jan. 18, 2023, 8:03 p.m.
Last updated Nov. 12, 2024, 11:51 a.m.
Headline Use PowerShell and SCOM to find file shares with weak permissions
Title Use PowerShell and SCOM to find file shares with weak permissions
Detected Hints/Tags/Attributes 35/1/9
Source URLs
Redirection Url
Details Source https://4sysops.com/archives/use-powershell-and-scom-to-find-file-shares-with-weak-permissions/
URL Provider
Details Provider Source level domain
Details 4sysops.com 4sysops.com
Attributes
Details Type #Events CTI Value
Details Domain 5 
share.name
Details Domain 1 
shareitem.name
Details Domain 1 
abc.windows
Details Domain 67 
microsoft.windows
Details File 1 
shareaccesscontrolentry.ace
Details File 1 
myshareobject.ps
Details File 18 
system.log
Details File 1 
discoveradmininfoitems.ps1
Details Windows Registry Key 11 
HKLM\SOFTWARE\Microsoft