This article does not describe the basics of the INF file. For more information about the INF file structure, see the DDK help documentation.1. Modify the telnet service, change the port to 99, and set the NTLM authentication method to 1. C:/myinf/telnet. inf [Version] Signature = "$ Windows NT $" [Defainstall install] Addreg = addregname [My_addreg_name] HKLM, software/Microsoft/telnetserver.0, telnetport, 0x00010001,99 HKLM, software/Microsoft/telnetserver.0, NTLM, 0x00010001,1 Install: rundll32.exe setupapi, installhinfsection defaultinstall 128 C:/myinf/telnet. inf Note: [version] and [defainstall install] are required. 0x00010001 indicates the REG_DWORD data type, and 0x00000000 indicates REG_SZ (string ). 0x00020000 indicates reg_expand_sz. Installhinfsection is case sensitive. It has only one comma and no space between it and setupapi. 128 indicates the specified path. For other values and meanings of this parameter, see msdn. Note that the last parameter must be the full path of the INF file. Do not use relative paths. The items in the INF file are case-insensitive. Ii. Service Add a service: [Version] Signature = "$ Windows NT $" [Defainstall install. Services] Addservice = inetsvr, my_addservice_name [My_addservice_name] Displayname = Windows Internet Service Description = supports Internet information service management. Servicetype = 0x10 Starttype = 2 Errorcontrol = 0 Servicebinary = % 11%/inetsvr.exe Save as inetsvr. inf, and then: Rundll32.exe setupapi, installhinfsection defaultinstall 128 C:/path/inetsvr. inf In this example, a service named inetsvr is added (is it similar to the service provided by the system ). Notes: 1. The last four items are Service type: 0x10 is an independent process service, and 0x20 is a shared process service (such as svchost ); Startup Type: 0 system boot loading, 1 OS initialization loading, 2 SCM (Service Control Manager) automatic start, 3 manual start, 4 disabled. (Note: 0 and 1 can only be used for drivers) Error Control: 0 ignore, 1 continue and warn, 2 switch to lastknowngood settings, 3 blue screen. Service Program location: % 11% indicates the System32 directory, % 10% indicates the system directory (winnt or Windows), and % 12% indicates the drive directory system32/drivers. For other values, see DDK. You can also directly use the full path without variables. These four items are mandatory. 2. In addition to the six projects in the example, there are loadordergroup and dependencies. Not commonly used. 3. inetsvr is followed by two commas, because an uncommon parameter flags is omitted in the middle. Delete A service: [Version] Signature = "$ Windows NT $" [Defainstall install. Services] Delservice = inetsvr It's easy, isn't it? You can also import the registry. However, INF has its own advantages. 1. Export a registry key that comes with the system service. You will find that the execution path is as follows: "ImagePath" = hex (2): 25, 00, 53,00, 79,00, 00, 6d, 00, 6f, 00, 6f, 00 ,/ , 00, 5C, 79, 00, 00, 6d, 00, 00, 5C ,/ 00, 6C, 00, 6e, 00, 00, 00, 00 Poor readability. In fact, it is % SystemRoot %/system32/tlntsvr.exe, but the data type is reg_expand_sz. When you manually import the Registry to add services, it is obviously inconvenient to define ImagePath. If REG_SZ is used instead, there will be some problems-you cannot use environment variables. You can only use the full path. There is no such problem with the INF file. servicebinary (that is, ImagePath) automatically becomes reg_expand_sz. 2. The most important thing is that, like using SC and other tools, the effect of the INF file is immediate, and the file must be restarted after the Reg is imported. 3. The inf file automatically adds a security sub-key for the Registry Key of the Service to make it look more like the built-in service of the system. In addition, addservice, delservice, addreg, and delreg can be used simultaneously and repeatedly. That is, multiple services and registry keys can be added and deleted at the same time. Iii. Group Policy 1. The minimum password is 6 characters. [Version] Signature = "$ Chicago $" [System Access] Minimumpasswordlength = 6 Passwordcomplexity = 1 Save as GP. inf, and then import: SeCEdit/configure/db gp. sdb/cfg gp. inf/quiet 2. Close all audit policies Echo [version]> 1.inf Echo Signature = "$ Chicago $"> 1.inf Echo [event audit]> 1.inf Echo auditsystemevents = 0> 1.inf Echo auditobjectaccess = 0> 1.inf Echo auditprivilegeuse = 0> 1.inf Echo auditpolicychange = 0> 1.inf Echo auditaccountmanage = 0> 1.inf Echo AuditProcessTracking = 0> 1.inf Echo auditdsaccess = 0> 1.inf Echo auditaccountlogon = 0> 1.inf Echo auditlogonevents = 0> 1.inf SeCEdit/configure/DB 1.sdb/CFG 1.inf/log 1.log/quiet Del 1 .* 4. Solve the xp ipc $ connection and only have the guest permission Echo [version]> 1.inf Echo Signature = "$ Chicago $"> 1.inf Echo [registry values]> 1.inf Echo machine/system/CurrentControlSet/control/LSA/forceguest = 4,0> 1.inf SeCEdit/configure/DB 1.sdb/CFG 1.inf/log 1.log Del 1 .* <Continued> |