I’m auditing a system in my company’s environment that dumps log files to a share location which apparently doesn’t have any object ownership settings. In the security tab there’s a message:
“No permissions have been assigned for this object.
Warning: this is a potential security risk because anyone who can access this object can take ownership of it. the object’s owner should assign permissions as soon as possible.”
How big of a risk are we talking here? I’m very much a newbie so the only thing I can think to use this for would be a staging ground for saving payloads while trying to hit other systems – not great obviously but not a five alarm fire either.
My other thought was maybe a target for a SMB relay attack but you’d need local admin creds on the file server for that right?