When a Windows device has been configured in such a way that it is not possible to navigate through the file systems to identify any potentially interesting files, it is possible to use UNC Paths.

A UNC Path (Universal Naming Convention Path) is used by windows to refer to a location on a network. Typically this is used to provide access to shared network resources such as a shared folder in a format that all computers can understand.

Within the file explorer it is possible to navigate to a UNC location by using the \\ notation followed by either the name or IP address of the desired resource.

To bypass the restrictions stopping an attacker navigating the C:\ drive, it is possible to access \\127.0.0.1\c$

It is important to note the $ character. Without this, the UNC path will not work. This is because, in Windows, the $ character is used to denote a hidden administrative share. The c$ share is a hidden share that gives full access to the root of the C:\ drive of a computer. Removing the $ would result in an error of “Network path not found”

‍