-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathTest-SharePermissions.psm1
126 lines (89 loc) · 3.42 KB
/
Test-SharePermissions.psm1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
Function Test-SharePermissions {
<#
.SYNOPSIS
Tests the current user's ability to read, write, and delete a file in a given share.
.DESCRIPTION
Tests the current user's ability to read, write, and delete a file in a given share. Supports piping in share paths.
.PARAMETER SharePath
A complete share path (e.g. \\Hostname\ShareName\).
.EXAMPLE
Test-SharePermissions "\\servername\share\"
Import-Csv c:\temp\shares.csv | ForEach-Object {"\\{0}\{1}\" -f $_.ComputerName, $_.Name} | Test-SharePermissions
.NOTES
Updated: 2018-08-05
Contributing Authors:
Anthony Phipps
LEGAL: Copyright (C) 2018
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
.LINK
https://github.com/TonyPhipps/THRecon
#>
[CmdletBinding()]
param(
[Parameter(ValueFromPipeline = $True, ValueFromPipelineByPropertyName = $True)]
$SharePath
)
begin{
$DateScanned = Get-Date -Format u
Write-Information -InformationAction Continue -MessageData ("Started {0} at {1}" -f $MyInvocation.MyCommand.Name, $DateScanned)
$stopwatch = New-Object System.Diagnostics.Stopwatch
$stopwatch.Start()
$total = 0
class Share {
[String] $SharePath
[string] $DateScanned
[String] $UserTested
[String] $FileTested
[String] $Read
[String] $Write
[String] $Delete
}
$RandomString = -join ((65..90) + (97..122) | Get-Random -Count 10 | Foreach-Object {[char]$_})
}
process{
$output = $null
$output = [Share]::new()
$output.SharePath = $SharePath
$output.UserTested = whoami
$output.FileTested = "$RandomString.txt"
$output.DateScanned = Get-Date -Format o
$output.Read = $False
$output.Write = $False
$output.Delete = $False
Write-Verbose "Testing Read Permission"
if (Get-ChildItem $SharePath -Name -ErrorAction SilentlyContinue) {
$output.Read = $True
}
Write-Verbose "Testing Write Permission"
if (($output.Read) -eq $True) {
New-Item -Path $SharePath -Name "$RandomString.txt" -ItemType "file" -Force -ErrorAction SilentlyContinue | Out-Null
if (Test-Path $SharePath\$RandomString.txt -PathType Leaf -ErrorAction SilentlyContinue) {
$output.Write = $True
}
}
Write-Verbose "Testing Delete Permission"
if (($output.Write) -eq $True) {
Remove-Item -path $SharePath\$RandomString.txt -ErrorAction SilentlyContinue | Out-Null
if (-NOT (Test-Path $SharePath\$RandomString.txt -ErrorAction SilentlyContinue)) {
$output.Delete = $True
}
}
$elapsed = $stopwatch.Elapsed
$total = $total + 1
Write-Verbose "System $total `t $ThisComputer `t Total Time Elapsed: $elapsed"
return $output
}
end{
$elapsed = $stopwatch.Elapsed
Write-Verbose "Total Systems: $total `t Total time elapsed: $elapsed"
}
}