75
win 2k/2k3 system32下部分exe文件权限设置
“arp.exe”,”at.exe”,”atsvc.exe”,”attrib.exe”,”cacls.exe”,”cmd.exe”,”cscript.exe”,”debug.exe”,
“finger.exe”,”ftp.exe”,”net.exe”,”net1.exe”,”netstat.exe”,”nslookup.exe”,”ping.exe”,”posix.exe”,”qbasic.exe”,
“regedt32.exe”,”regedit.exe”,”rsh.exe”,”route.exe”,”runonce.exe”,”secfixup.exe”,”syskey.exe”,
“rcp.exe”,”rdisk.exe”,”rexec.exe”,”telnet.exe”,”tftp.exe”,”tracert.exe”,”xcopy.exe”,
“edit.com”,”edlin.exe”,”wscript.exe”,
搜索 :activeds.dll和activeds.tlb 只留administrators和system组权限 防止aspxspy遍历iis
“utilman.exe”,”osk.exe”,”sethc.exe”,”magnify.exe”,
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sethc.exe]
“Debugger”=”C:\\WINDOWS\\explorer.exe” 没事可以劫持下
文章来源于>> 站长天空
最后更新:2017-01-04 22:34:53