Unable to see Scheduled Task even with access rights to SYSTEM32\Tasks

task-scheduler scheduled-task schtasks

Solution 1:

The security descriptor is stored in the registry, similar to what is done for services.

Key: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RPA
Value: SD

Probably also a value for each task.

Solution 2:

@OldGeezer @GregAskew thanks to your link to SD I was able to translate the binary SD to readable property with following Powershell: 

$PathToTask = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft"
$SDBin =  ( (get-itemProperty $PathToTask).sd )

ConvertFrom-SddlString ([wmiclass]"Win32_SecurityDescriptorHelper").BinarySDToSDDL($SDBin).SDDL

With the above you should be able to read what are the current ACLs, and if you work your way through methods from Win32_SecurityDescriptorHelper , you should be able to create your own ACL and replace it, giving you access to the task. I haven't tested that though

Related

CentOS 5.5 remote kickstart installation stalls at "Starting install process." How to debug?
HP RAID array - hpacucli
IIS 7 Backup Strategy
Zabbix server SELinux policy
Postfix- open relay. How to configure so it is not?
prevent X-Forwarded-For spoofing in haproxy
List all empty folders
Deleted and Re-Added Exchange User Failure to Send
Too Many ESTABLISHED connection from a single IP address in Apache
Minecraft, and how do i install it back? [duplicate]
In Settlers 2 (PC), is it possible to get food back from an exhausted mine or otherwise prevent food waste?
How can I keep track of the number of cards in my collection while drafting?