/* AccessChecker is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. AccessChecker is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with AccessChecker. If not, see . */ using System; using System.IO; using System.Security.AccessControl; using System.Security.Principal; namespace AccessChecker { internal class Program { static void Main(string[] args) { string[] drives = new string[] { @"c:" }; foreach (string dr in drives) { System.IO.DriveInfo di = new System.IO.DriveInfo(dr); System.IO.DirectoryInfo rootDir = di.RootDirectory; WalkDirectoryTree(rootDir); } } private static bool HasWritePermission(string FilePath) { try { FileSystemSecurity security; if (File.Exists(FilePath)) { security = File.GetAccessControl(FilePath); } else { security = Directory.GetAccessControl(Path.GetDirectoryName(FilePath)); } var rules = security.GetAccessRules(true, true, typeof(NTAccount)); var currentuser = new WindowsPrincipal(WindowsIdentity.GetCurrent()); bool result = false; foreach (FileSystemAccessRule rule in rules) { if (0 == (rule.FileSystemRights & (FileSystemRights.WriteData | FileSystemRights.Write))) { continue; } if (rule.IdentityReference.Value.StartsWith("S-1-")) { var sid = new SecurityIdentifier(rule.IdentityReference.Value); if (!currentuser.IsInRole(sid)) { continue; } } else { if (!currentuser.IsInRole(rule.IdentityReference.Value)) { continue; } } if (rule.AccessControlType == AccessControlType.Deny) return false; if (rule.AccessControlType == AccessControlType.Allow) result = true; } return result; } catch { return false; } } static void WalkDirectoryTree(System.IO.DirectoryInfo root) { System.IO.FileInfo[] files = null; System.IO.DirectoryInfo[] subDirs = null; try { files = root.GetFiles("*.*"); } catch (UnauthorizedAccessException e) { } catch (System.IO.DirectoryNotFoundException e) { } if (files != null) { foreach (System.IO.FileInfo fi in files) { if (HasWritePermission(fi.FullName)) { try { File.AppendAllText(@"c:\Users\Public\icacls.out.txt", fi.FullName + "\n"); } catch (Exception) { Console.WriteLine("File cannot be created"); } Console.WriteLine(fi.FullName); } } subDirs = root.GetDirectories(); foreach (System.IO.DirectoryInfo dirInfo in subDirs) { if (HasWritePermission(dirInfo.FullName)) { try { File.AppendAllText(@"c:\Users\Public\icacls.out.txt", dirInfo.FullName + "\n"); } catch (Exception) { Console.WriteLine("File cannot be created"); } Console.WriteLine(dirInfo.FullName); } WalkDirectoryTree(dirInfo); } } } } }