Monday, March 10, 2014
This week's challenge is straight forward. "sc" is a Windows command that shows information about Windows services. Pick any service on a windows machine and run "sc sdshow
" on it (you can use "sc sdshow lanmanserver" if you want. The output of the command is called a "DACL" in "SDDL". Your challenge is to explain in its entirety what that jumble of letters and semicolons mean, as well as explaining DACLS and SDDLs.
Extra Credit: Explain how an attack can use this information.