渗透测试时用到的注册表键值

it2022-05-07  4

编辑器加载中...平时收集的,一般服务器对注册表的读取 很少限制的,往往从注册表中能获取不少信息

HKEY_LOCAL_MACHINE\SYSTEM\Control001\Services\ #获取一些服务信息

HKEY_LOCAL_MACHINE\SOFTWARE\Cat Soft\Serv-U\Domains\1\UserList\ #server-u

HKEY_LOCAL_MACHINE\software\hzhost\config\settings\mysqlpass

HKEY_LOCAL_MACHINE\software\hzhost\config\settings\mastersvrpass HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSQLServer\MSSQLServer\SuperSocketNetLib\Tcp #mssql port HKEY_LOCAL_MACHINE\SYSTEM\RAdmin\v2.0\Server\Parameters\ #radmin

HKEY_LOCAL_MACHINE\SYSTEM\LIWEIWENSOFT\INSTALLFREEADMIN\11

HKEY_LOCAL_MACHINE\SOFTWARE\hzhost\config\settings #华众

HKEY_CURRENT_USER\Software\PremiumSoft\Navicat\Servers #navicat

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip tcpip筛选1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip #tcpip筛选2

HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp #远程终端端口

HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server #fDenyTSConnections 远程终端 值为0 即为开启 为以关闭

HKLM\software #查看安装了那些 软件

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon DefaultUserName DefaultPassword #自动登录密码 HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\

HKEY_LOCAL_MACHINE\SOFTWARE\MySQL AB\ HKEY_LOCAL_MACHINE\SYSTEM\Control001\Services\W3SVC\Parameters\Virtual Roots

转载于:https://www.cnblogs.com/amwld/archive/2011/04/28/2031833.html


最新回复(0)