System configuration
This section includes three aspects: registry, services and group policy.
Let’s talk about the registry first. Many tools for accessing the registry under the command line are interactive. The overflow shell generally cannot redirect the input/output stream again, so it cannot be used.
Fortunately, the system comes with enough.
1. Read the registry
First export the registry key you want to query, and then use type to view it, for example:
C:\>regedit /e "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp"
C:\>type | find "PortNumber"
"PortNumber"=dword:00000d3d
C:\>del
So the port of the terminal service is 3389 (hexadecimal d3d)
2. Modify/delete registry keys
First echo a reg file, and then import it, for example:
echo Windows Registry Editor Version 5.00 >
echo. >>
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\TelnetServer\1.0] >>
echo "TelnetPort"=dword:00000913 >>
echo "NTLM"=dword:00000001 >>
echo. >>
regedit /s
Change the telnet service port to 2323 (hexadecimal 913), and the NTLM authentication method is 1.
To delete an item, add or subtract the name, for example:
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Serv-U]
To delete a value, use a minus sign after the equal sign, for example:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KAVRun"=-
3. Use the inf file to access the registry
The above three x works in the registry can also be implemented using the following inf file:
[Version]
Signature="$WINDOWS NT$"
[DefaultInstall]
AddReg=My_AddReg_Name
DelReg=My_DelReg_Name
[My_AddReg_Name]
HKLM,SOFTWARE\Microsoft\TelnetServer\1.0,TelnetPort,0x00010001,2323
HKLM,SOFTWARE\Microsoft\TelnetServer\1.0,NTLM,0x00010001,1
[My_DelReg_Name]
HKLM,SYSTEM\CurrentControlSet\Services\Serv-U
HKLM,SOFTWARE\Microsoft\Windows\CurrentVersion\Run,KAVRun
Write it to c:\path\ and then use the following command to "install":
setupapi,InstallHinfSection DefaultInstall 128 c:\path\
A few explanations:
1. [Version] and [DefaultInstall] are required, and there must be at least one AddReg and DelReg. My_AddReg_Name and My_DelReg_Name can be customized.
0x00010001 represents the REG_DWORD data type, 0x00000000 or omitted (reserved commas) represents the REG_SZ (character string). 0x00020000 means REG_EXPAND_SZ.
2323 can also be replaced by 0x913.
For more information about inf files, please refer to the DDK help documentation.
2. InstallHinfSection is case sensitive. There is only one comma between it and setupapi, without spaces.
128 represents a given path. For other values and meanings of this parameter, please refer to MSDN.
Pay special attention that the last parameter must be the full path of the inf file, and do not use the relative path.
3. The items in the inf file are case-insensitive.
Previous page123456Next pageRead the full text