Thick Client Security-Improper File & Folder Permissions

  1. When the thick client application is installed majority of times files and folders are more permissive than required.
  2. Attacker can use these excessive files and folders permissions to perform malicious activities. Even these excessive permissions leads to DLL hijacking attack.
  3. At a time we can verify the given permissions for all files in a particular folder using “sysyinternals tool” — “AccessEnum” or We can manually check the assigned permissions for particular file or folder.
AccessEnum Tool

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store