shell里注册表的一些重要位置

2010, September 13, 9:11 PM. 简单备忘
Submitted by admin

从BS牛和其他的webshell里提取出来的

===================================================

HKLM\SYSTEM\CurrentControlSet\Control\ComputerName\ComputerName\ComputerName
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AutoAdminLogon
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultUserName
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultPassword
HKLM\SYSTEM\CurrentControlSet\Services\Serv-U-Counters\Performance\Library
HKLM\SYSTEM\CurrentControlSet\Services\Serv-U\ImagePath
HKLM\SOFTWARE\Cat Soft\Serv-U\Domains\DomainList\DomainList
HKLM\SYSTEM\Radmin\v2.0\Server\Parameters\Parameter
HKLM\SYSTEM\Radmin\v2.0\Server\Parameters\Port
HKLM\SYSTEM\Radmin\v2.0\Server\Parameters\NTAuThenabled
HKLM\SYSTEM\Radmin\v2.0\Server\Parameters\FilterIp
HKLM\SYSTEM\Radmin\v2.0\Server\iplist\0
HKLM\SOFTWARE\ORL\WinVNC3\default\Password
HKLM\SOFTWARE\RealVNC\WinVNC4\Password
HKLM\SOFTWARE\hzhost\config\Settings\mysqlpass
HKLM\SOFTWARE\hzhost\config\Settings\mastersvrpass
HKLM\SOFTWARE\hzhost\config\Settings\sysdbpss

 

3389端口 

HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\PortNumber

pcany端口

HKLM\SOFTWARE\Symantec\pcAnywhere\CurrentVersion\System\TCPIPDataPort

 

Tags: 注册表

« 上一篇 | 下一篇 »

Trackbacks
点击获得Trackback地址,Encode: UTF-8 点击获得Trackback地址,Encode: GB2312 or GBK 点击获得Trackback地址,Encode: BIG5
发表评论

评论内容 (必填):