【技巧】Dos,Cmd命令来恢复远程终端3389连接

  • A+
所属分类:lcx

Dos命令来恢复远程终端连接。附上远程端口开启的命令:

echo Windows Registry Editor Version 5.00>>3389.reg
echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal Server]>>3389.reg
echo "fDenyTSConnections"=dword:00000000>>3389.reg
echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal ServerWdsrdpwdTdstcp]>>3389.reg
echo "PortNumber"=dword:00000d3e>>3389.reg
echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal ServerWinStationsRDP-Tcp]>>3389.reg
echo "PortNumber"=dword:00000d3e>>3389.reg
regedit /s 3389.reg
del 3389.reg

还提供一个方法,修改注册表开启,什么版本的都适用的,且不会重启。附上命令:

reg delete "HKLMSOFTWAREPoliciesMicrosoftWindows NTTerminal Services" /F
reg add     "HKLMSOFTWAREPoliciesMicrosoftWindows NTTerminal Services" /v fDenyTSConnections /t REG_DWORD /d 0

Cmd、Dos 下开 3389:

echo Windows Registry Editor Version 5.00 >>3389.reg
echo [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionnetcache] >>3389.reg
echo "Enabled"="0" >>3389.reg
echo [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon] >>3389.reg
echo "ShutdownWithoutLogon"="0" >>3389.reg
echo [HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsInstaller] >>3389.reg
echo "EnableAdminTSRemote"=dword:00000001 >>3389.reg
echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal Server] >>3389.reg
echo "TSEnabled"=dword:00000001 >>3389.reg
echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTermDD] >>3389.reg
echo "Start"=dword:00000002 >>3389.reg
echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTermService] >>3389.reg
echo "Start"=dword:00000002 >>3389.reg
echo [HKEY_USERS.DEFAULTKeyboard LayoutToggle] >>3389.reg
echo "Hotkey"="1" >>3389.reg
echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal ServerWdsrdpwdTdstcp] >>3389.reg
echo "ortNumber"=dword:00000D3D >>3389.reg
echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal ServerWinStationsRDP-Tcp] >>3389.reg
echo "ortNumber"=dword:00000D3D >>3389.reg

把这些ECHO代码到CMDSHELL下贴粘就可以生成3389.reg文件,接着regedit /s 3389.reg导入注册表:

echo Windows Registry Editor Version 5.00 >>3389.reg
echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal Server] >>3389.reg
echo "fDenyTSConnections"=dword:00000000 >>3389.reg
echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal ServerWdsrdpwdTdstcp] >>3389.reg
echo "ortNumber"=dword:00000D3D >>3389.reg
echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal ServerWinStationsRDP-Tcp] >>3389.reg
echo "PortNumber"=dword:00000D3D >>3389.reg

    把这些ECHO代码到CMDSHELL下贴粘就可以生成3389.reg文件,接着regedit /s 3389.reg导入注册表。

    Dos、Cmd命令来恢复远程终端3389连接,Dos、Cmd命令来恢复远程终端连接,Dos、Cmd命令来恢复远程3389连接,Dos、Cmd命令来恢复终端3389连接,Dos、Cmd命令来恢复3389连接,Dos、Cmd命令来恢复远程终端,Dos、Cmd命令来恢复远程3389,Dos、Cmd命令来恢复3389,Dos、Cmd命令恢复3389连接,Dos、Cmd命令恢复远程终端,Dos、Cmd命令恢复远程3389,Dos、Cmd命令恢复3389,Dos、Cmd恢复3389连接,Dos、Cmd恢复远程终端,Dos、Cmd恢复远程3389,Dos、Cmd恢复3389,Dos恢复3389连接,Cmd恢复3389连接,Dos恢复远程终端,Cmd恢复远程终端,Dos恢复远程3389,Cmd恢复远程3389,Dos恢复3389,Cmd恢复3389,Dos 3389,Cmd 3389,dos命令来恢复远程终端连接,附上远程端口开启的命令,Windows Registry Editor Version 5.00,3389.reg ,[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal Server] ,fDenyTSConnections"=dword:00000000 ,[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal ServerWdsrdpwdTdstcp] ,"PortNumber"=dword:00000d3e,[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal ServerWinStationsRDP-Tcp] ,"PortNumber"=dword:00000d3e ,regedit /s 3389.reg ,del 3389.reg,修改注册表开启3389,不重启开启3389命令,Cmd、Dos下开3389,regedit /s 3389.reg导入注册表。

文章来源于lcx.cc:【技巧】Dos,Cmd命令来恢复远程终端3389连接

相关推荐: 利用 Appcache 和 ServiceWorker 进行持久型session hijacking 和 XSS

利用 Appcache 和 ServiceWorker 进行持久型session hijacking 和 XSS 小饼仔 | 2015-08-20 14:52 看了篇文章 Using Appcache and ServiceWorker for Evil,讲的…

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: