美文网首页
🤖开启3389常用终端命令

🤖开启3389常用终端命令

作者: 远方_6a9f | 来源:发表于2020-12-23 16:11 被阅读0次

    🤖开启3389常用终端命令

    1.查询终端端口

    xp&2003:REG query HKLM\SYSTEM\CurrentControlSet\Control\Terminal" "Server\WinStations\RDP-Tcp/v PortNumber通用:regedit/e tsp.reg"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal server\Wds\rdpwd\Tds\tcp"typetsp.reg

    2.开启XP&2003终端服务

    REG ADD HKLM\SYSTEM\CurrentControlSet\Control\Terminal" "Server /v fDenyTSConnections /t REG_DWORD /d 0 /fREG ADD HKLM\SYSTEM\CurrentControlSet\Control\Terminal" "Server /v fDenyTSConnections /t REG_DWORD /d 00000000 /f

    3.更改终端端口为20008(0x4E28)

    REG ADD HKLM\SYSTEM\CurrentControlSet\Control\Terminal" "Server\Wds\rdpwd\Tds\tcp /v PortNumber /t REG_DWORD /d 0x4E28 /fREG ADD HKLM\SYSTEM\CurrentControlSet\Control\Terminal" "Server\WinStations\RDP-Tcp /v PortNumber /t REG_DWORD /d 0x4E28 /f

    4.取消xp&2003系统防火墙对终端服务3389端口的限制及IP连接的限制

    REGADDHKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List/v3389:TCP/tREG_SZ/d3389:TCP:*:Enabled:@xpsp2res.dll,-22009/f

    5.开启Win2000的终端,端口为3389(需重启)

    echoWindows Registry Editor Version5.00>2000.regecho.>>2000.regecho[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\netcache]>>2000.regecho"Enabled"="0">>2000.regecho[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon]>>2000.regecho"ShutdownWithoutLogon"="0">>2000.regecho[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Installer]>>2000.regecho"EnableAdminTSRemote"=dword:00000001>>2000.regecho[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\TerminalServer]>>2000.regecho"TSEnabled"=dword:00000001>>2000.regecho[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TermDD]>>2000.regecho"Start"=dword:00000002>>2000.regecho[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TermService]>>2000.regecho"Start"=dword:00000002>>2000.regecho[HKEY_USERS\.DEFAULT\KeyboardLayout\Toggle]>>2000.regecho"Hotkey"="1">>2000.regecho[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\TerminalServer\Wds\rdpwd\Tds\tcp]>>2000.regecho"PortNumber"=dword:00000D3D>>2000.regecho[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp]>>2000.regecho"PortNumber"=dword:00000D3D>>2000.reg

    6.强行重启Win2000&Win2003系统(执行完最后一条一句后自动重启)

    @ECHO OFF & cd/d %temp% & echo [version] > restart.inf(set inf=InstallHinfSection DefaultInstall)echo signature=$chicago$ >> restart.infecho [defaultinstall] >> restart.infrundll32 setupapi,%inf% 1 %temp%\restart.inf

    7.禁用TCP/IP端口筛选 (需重启)

    REG ADD HKLM\SYSTEM\ControlSet001\Services\Tcpip\parameters /v EnableSecurityFilters /t REG_DWORD /d 0 /f

    8.终端超出最大连接数时可用下面的命令来连接

    mstsc/v:ip:3389/console

    9.调整NTFS分区权限

    cacls c:/e/t/g everyone:F(所有人对c盘都有一切权利)cacls%systemroot%\system32\*.exe/d everyone(拒绝所有人访问system32中exe文件)

    🤖3389.vbs cscript.exe

    On Error Resume NextconstHKEY_LOCAL_MACHINE=&H80000002strComputer="."Set StdOut=WScript.StdOutSet oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\"&_strComputer&"\root\default:StdRegProv")strKeyPath="SYSTEM\CurrentControlSet\Control\Terminal Server"oReg.CreateKeyHKEY_LOCAL_MACHINE,strKeyPathstrKeyPath="SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp"oReg.CreateKeyHKEY_LOCAL_MACHINE,strKeyPathstrKeyPath="SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp"strKeyPath="SYSTEM\CurrentControlSet\Control\Terminal Server"strValueName="fDenyTSConnections"dwValue=0oReg.SetDWORDValueHKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValuestrKeyPath="SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp"strValueName="PortNumber"dwValue=3389oReg.SetDWORDValueHKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValuestrKeyPath="SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp"strValueName="PortNumber"dwValue=3389oReg.SetDWORDValueHKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValueSetR=CreateObject("WScript.Shell")R.run("Shutdown.exe -r -t 0")

    🤖3389注册表开启完整流程

    echo Windows Registry Editor Version 5.00>>3389.reg

    echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server]>>3389.reg

    echo "fDenyTSConnections"=dword:00000000>>3389.reg

    echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp]>>3389.reg

    echo "PortNumber"=dword:00000d3d>>3389.reg

    echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp]>>3389.reg

    echo "PortNumber"=dword:00000d3d>>3389.reg

    regedit /s 3389.reg

    del 3389.reg

    转自作者:盖世船长_段公子

    来源:简书

    著作权归作者所有。商业转载请联系作者获得授权,非商业转载请注明出处。

    相关文章

      网友评论

          本文标题:🤖开启3389常用终端命令

          本文链接:https://www.haomeiwen.com/subject/ulqunktx.html