A python tool to parse and describe the contents of a SDDL string.
- Reads source value from option
--sddl
- Outputs a human readable summary of accesses with
--summary
- Parsing of Access Control Entries (ACE) of various types:
- ACE type
ACCESS_ALLOWED_ACE
- ACE type
ACCESS_ALLOWED_OBJECT_ACE
- ACE type
ACCESS_DENIED_ACE
- ACE type
ACCESS_DENIED_OBJECT_ACE
- ACE type
ACCESS_ALLOWED_CALLBACK_ACE
- ACE type
ACCESS_DENIED_CALLBACK_ACE
- ACE type
ACCESS_ALLOWED_CALLBACK_OBJECT_ACE
- ACE type
ACCESS_DENIED_CALLBACK_OBJECT_ACE
- ACE type
SYSTEM_AUDIT_ACE
- ACE type
SYSTEM_AUDIT_OBJECT_ACE
- ACE type
SYSTEM_AUDIT_CALLBACK_ACE
- ACE type
SYSTEM_MANDATORY_LABEL_ACE
- ACE type
SYSTEM_AUDIT_CALLBACK_OBJECT_ACE
- ACE type
SYSTEM_RESOURCE_ATTRIBUTE_ACE
- ACE type
SYSTEM_SCOPED_POLICY_ID_ACE
- ACE type
- Parsing of SID
- Resolve names of well known SIDs
- Parsing of GUID
- Resolve names of well known GUIDs
- Parsing of Access Control Lists (ACL):
- Print if ACL is in canonical form
usage: DescribeSDDL.py [-h] [-v] [-S SDDL] [--summary] [--describe]
Parse and describe the contents of a SDDL string
options:
-h, --help show this help message and exit
-v, --verbose Verbose mode. (default: False)
-S SDDL, --sddl SDDL SDDL string
--summary Generate a human readable summary of the rights.
--describe Describe the raw structure.