This exploit grants full permission on C:\ drive for all users on the machine.
- Enables the privilege in the token
- Creates handle to \.\C: with SYNCHRONIZE | FILE_TRAVERSE
- Sends the FSCTL_SD_GLOBAL_CHANGE to replace S-1-5-32-544 with S-1-5-32-545
This exploit grants full permission on C:\ drive for all users on the machine.