【3.A.S.T】网络安全爱好者 - Powered by Discuz! Board

echo Windows Registry Editor Version 5.00 >2000.reg
echo. >>2000.reg
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\netcache] >>2000.reg
echo "Enabled"="0" >>2000.reg
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] >>2000.reg
echo "ShutdownWithoutLogon"="0" >>2000.reg
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Installer] >>2000.reg
echo "EnableAdminTSRemote"=dword:00000001 >>2000.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server] >>2000.reg
echo "TSEnabled"=dword:00000001 >>2000.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TermDD] >>2000.reg
echo "Start"=dword:00000002 >>2000.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TermService] >>2000.reg
echo "Start"=dword:00000002 >>2000.reg
echo [HKEY_USERS\.DEFAULT\Keyboard Layout\Toggle] >>2000.reg
echo "Hotkey"="1" >>2000.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp] >>2000.reg
echo "PortNumber"=dword:00000D3D >>2000.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp] >>2000.reg
echo "PortNumber"=dword:00000D3D >>2000.reg

复制代码

echo Windows Registry Editor Version 5.00 >3389.reg
echo. >>3389.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server] >>3389.reg
echo "fDenyTSConnections"=dword:00000000 >>3389.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp] >>3389.reg
echo "PortNumber"=dword:00000d3d >>3389.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp] >>3389.reg
echo "PortNumber"=dword:00000d3d >>3389.reg

复制代码

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Enum\\Root\\RDPDR\\0000]
"ClassGUID"="{4D36E97D-E325-11CE-BFC1-08002BE10318}"
"Class"="System"
"HardwareID"=hex(7):52,00,4f,00,4f,00,54,00,5c,00,52,00,44,00,50,00,44,00,52,\\
00,00,00,00,00
"Driver"="{4D36E97D-E325-11CE-BFC1-08002BE10318}\\\\0030"
"Mfg"="(标准系统设备)"
"Service"="rdpdr"
"DeviceDesc"="终端服务器设备重定向器"
"ConfigFlags"=dword:00000000
"Capabilities"=dword:00000000

复制代码

0 K+ b' F* f$ c
Regini Data [Options...]
* E* I" `" {1 `% {6 d    Useful Options:
4 `0 M; e! w" t6 }; c( X             1 - Administrators Full Access
7 \6 J1 T- q8 C7 [             2 - Administrators Read Access; d7 L. Q- V2 Y0 }" ~& F7 p' K
            3 - Administrators Read and Write Access& n: h  j+ \0 }$ A" _0 C
            4 - Administrators Read, Write and Delete Access
9 e% u, U5 P/ @7 k6 v; G             5 - Creator Full Access
) ]3 U8 H4 Z& |. W' z             6 - Creator Read and Write Access
5 W+ W. U6 y8 j# M2 ^/ o             7 - World Full Access# [& Y. R6 z6 H2 J
            8 - World Read Access. G% G6 R1 s2 L& Y& ~* C
            9 - World Read and Write Access
  W2 `9 Z' m* G1 Z, |* f             10 - World Read, Write and Delete Access8 v2 c( P2 C8 b% q  ^
            11 - Power Users Full Access
7 [% `( P1 h! I. o( c2 |+ y             12 - Power Users Read and Write Access! ~3 f5 x  |- i
            13 - Power Users Read, Write and Delete Access) D& @. P3 V5 Y" ^8 G/ i' ~+ B
            14 - System Operators Full Access
# j9 h7 p8 R! t$ e/ L; s* ?  H             15 - System Operators Read and Write Access
! e8 `( S: j! J- b  v1 e! ?6 P8 f             16 - System Operators Read, Write and Delete Access
# G, C* O- r: c) G  d8 {, g             17 - System Full Access# G9 W9 Y4 l  l4 ~
            18 - System Read and Write Access
% `, [3 Z: U$ d3 I             19 - System Read Access. `3 S* g; }( A. M8 M8 h
            20 - Administrators Read, Write and Execute Access! |7 r% C, c  B7 j: ^. J
            21 - Interactive User Full Access# ?" Y  e) y! |( a& v% C4 u0 k
            22 - Interactive User Read and Write Access5 v, o3 O6 P/ @& g9 K; n7 N4 R
            23 - Interactive User Read, Write and Delete Access3 C8 z9 A. H" U

8 |, |( M* w( _& O' N1 Y. F
1 A3 q$ m! A- k& z0 [$ l& O