REG查询3389状态(0:ON、1:OFF)
REG query "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections
REG查询3389端口(16进制->10进制)
REG query "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds" /s REG query "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v PortNumber set /a Port=0xd3d
tasklist、netstat命令查询3389端口
tasklist /svc | findstr "TermService" netstat -ano | findstr "pid"
REG命令开启3389端口
REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
WMIC命令开启3389端口
wmic RDTOGGLE WHERE ServerName='%COMPUTERNAME%' call SetAllowTSConnections 1 前提条件是确保“Windows Management Instrumentation(Winmgmt)”服务已正常启动。
WMIC开启远程主机3389端口
wmic /node:192.168.0.103 /user:administrator /password:betasec PATH win32_terminalservicesetting WHERE (__Class!="") CALL SetAllowTSConnections 1
wmic /node:192.168.0.116 /user:administrator /password:betasec RDTOGGLE WHERE ServerName='WIN-TO2CN3V2VPR' call SetAllowTSConnections 1 wmic /node:192.168.0.116 /user:administrator /password:betasec process call create 'cmd.exe /c REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f'
MSSQL xp_regwrite开启3389端口
1、查询3389开启状态 exec master.dbo.xp_regread 'HKEY_LOCAL_MACHINE','SYSTEM\CurrentControlSet\Control\Terminal Server' ,'fDenyTSConnections' 2、查询3389远程桌面端口 exec master.dbo.xp_regread 'HKEY_LOCAL_MACHINE','SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp','PortNumber' 3、开启3389远程桌面端口(0:ON、1:OFF) exec master.dbo.xp_regwrite 'HKEY_LOCAL_MACHINE','SYSTEM\CurrentControlSet\Control\Terminal Server','fDenyTSConnections','REG_DWORD',0;
本文作者为潇湘信安,转载请注明。