Dos命令来恢复远程终端连接。附上远程端口开启的命令:
echo Windows Registry Editor Version 5.00>>3389.reg
echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal Server]>>3389.reg
echo "fDenyTSConnections"=dword:00000000>>3389.reg
echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal ServerWdsrdpwdTdstcp]>>3389.reg
echo "PortNumber"=dword:00000d3e>>3389.reg
echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal ServerWinStationsRDP-Tcp]>>3389.reg
echo "PortNumber"=dword:00000d3e>>3389.reg
regedit /s 3389.reg
del 3389.reg
|
还提供一个方法,修改注册表开启,什么版本的都适用的,且不会重启。附上命令:
reg delete "HKLMSOFTWAREPoliciesMicrosoftWindows NTTerminal Services" /F
reg add "HKLMSOFTWAREPoliciesMicrosoftWindows NTTerminal Services" /v fDenyTSConnections /t REG_DWORD /d 0
|
Cmd、Dos 下开 3389:
echo Windows Registry Editor Version 5.00 >>3389.reg
echo [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionnetcache] >>3389.reg
echo "Enabled"="0" >>3389.reg
echo [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon] >>3389.reg
echo "ShutdownWithoutLogon"="0" >>3389.reg
echo [HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsInstaller] >>3389.reg
echo "EnableAdminTSRemote"=dword:00000001 >>3389.reg
echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal Server] >>3389.reg
echo "TSEnabled"=dword:00000001 >>3389.reg
echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTermDD] >>3389.reg
echo "Start"=dword:00000002 >>3389.reg
echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTermService] >>3389.reg
echo "Start"=dword:00000002 >>3389.reg
echo [HKEY_USERS.DEFAULTKeyboard LayoutToggle] >>3389.reg
echo "Hotkey"="1" >>3389.reg
echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal ServerWdsrdpwdTdstcp] >>3389.reg
echo "ortNumber"=dword:00000D3D >>3389.reg
echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal ServerWinStationsRDP-Tcp] >>3389.reg
echo "ortNumber"=dword:00000D3D >>3389.reg
|
把这些ECHO代码到CMDSHELL下贴粘就可以生成3389.reg文件,接着regedit /s 3389.reg导入注册表:
echo Windows Registry Editor Version 5.00 >>3389.reg
echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal Server] >>3389.reg
echo "fDenyTSConnections"=dword:00000000 >>3389.reg
echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal ServerWdsrdpwdTdstcp] >>3389.reg
echo "ortNumber"=dword:00000D3D >>3389.reg
echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal ServerWinStationsRDP-Tcp] >>3389.reg
echo "PortNumber"=dword:00000D3D >>3389.reg
|
把这些ECHO代码到CMDSHELL下贴粘就可以生成3389.reg文件,接着regedit /s 3389.reg导入注册表。
Dos、Cmd命令来恢复远程终端3389连接,Dos、Cmd命令来恢复远程终端连接,Dos、Cmd命令来恢复远程3389连接,Dos、Cmd命令来恢复终端3389连接,Dos、Cmd命令来恢复3389连接,Dos、Cmd命令来恢复远程终端,Dos、Cmd命令来恢复远程3389,Dos、Cmd命令来恢复3389,Dos、Cmd命令恢复3389连接,Dos、Cmd命令恢复远程终端,Dos、Cmd命令恢复远程3389,Dos、Cmd命令恢复3389,Dos、Cmd恢复3389连接,Dos、Cmd恢复远程终端,Dos、Cmd恢复远程3389,Dos、Cmd恢复3389,Dos恢复3389连接,Cmd恢复3389连接,Dos恢复远程终端,Cmd恢复远程终端,Dos恢复远程3389,Cmd恢复远程3389,Dos恢复3389,Cmd恢复3389,Dos 3389,Cmd 3389,dos命令来恢复远程终端连接,附上远程端口开启的命令,Windows Registry Editor Version 5.00,3389.reg ,[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal Server] ,fDenyTSConnections"=dword:00000000 ,[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal ServerWdsrdpwdTdstcp] ,"PortNumber"=dword:00000d3e,[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal ServerWinStationsRDP-Tcp] ,"PortNumber"=dword:00000d3e ,regedit /s 3389.reg ,del 3389.reg,修改注册表开启3389,不重启开启3389命令,Cmd、Dos下开3389,regedit /s 3389.reg导入注册表。
文章来源于lcx.cc:【技巧】Dos,Cmd命令来恢复远程终端3389连接
相关推荐: 利用 Appcache 和 ServiceWorker 进行持久型session hijacking 和 XSS
利用 Appcache 和 ServiceWorker 进行持久型session hijacking 和 XSS 小饼仔 | 2015-08-20 14:52 看了篇文章 Using Appcache and ServiceWorker for Evil,讲的…
评论