像如图一样 [ Last edited by zeroten on 2008-2-23 at 10:26 PM ]

可以啊

Originally posted by everest79 at 2008-2-23 10:24 PM: 可以啊

怎么做？请教一下

setacl

Originally posted by abcd at 2008-2-24 12:29 AM: setacl

什么意思啊？

www.cn-dos.net/forum ... 请搜索论坛，关键词setacl

setacl不是系统自带的吧？ 用系统自带regini命令是不是也可以啊？

Originally posted by HAT at 2008-2-24 21:51: setacl不是系统自带的吧？ 用系统自带regini命令是不是也可以啊？

第一次知道还有regini这个命令　不过在命令行下键入regini/?没有任何提示 不知道HAT兄能否简单说明下此命令的用法

使用方法 C:\>regini regset.ini regset.ini 是你要修改的数据 regset.ini 文件内容 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run test = c:\windows\system32\fucktheworld.exe 就是在启动项加个键值 test 内容是启动 c:\windows\system32\fucktheworld.exe 很简单吧！ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [17] 把run项设为只允许system控制 其他用户不可控制 [17] 为控制参数 其他参数看帮助 1 - Administrators Full Access 2 - Administrators Read Access 3 - Administrators Read and Write Access 4 - Administrators Read, Write and Delete Access 5 - Creator Full Access 6 - Creator Read and Write Access 7 - World Full Access 8 - World Read Access 9 - World Read and Write Access 10 - World Read, Write and Delete Access 11 - Power Users Full Access 12 - Power Users Read and Write Access 13 - Power Users Read, Write and Delete Access 14 - System Operators Full Access 15 - System Operators Read and Write Access 16 - System Operators Read, Write and Delete Access 17 - System Full Access 18 - System Read and Write Access 19 - System Read Access 20 - Administrators Read, Write and Execute Access 21 - Interactive User Full Access 22 - Interactive User Read and Write Access 23 - Interactive User Read, Write and Delete Access

Originally posted by suntb at 2008-2-24 10:34 PM: 第一次知道还有regini这个命令　不过在命令行下键入regini/?没有任何提示 不知道HAT兄能否简单说明下此命令的用法

引用一下别人发过的帖子

使用方法: regini regset.ini regset.ini内容 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [17] 把run项设为只允许system控制 其他用户不可控制 [17] 为控制参数 其他参数看下面的帮助 usage: REGINI [-m machinename | -h hivefile hiveroot | -w Win95 Directory] [-i n] [-o outputWidth] [-b] textFiles... where: -m specifies a remote windows NT machine whose registry is to be manipula ted. -h specifies a specify local hive to manipulate. -w specifies the paths to a windows 95 system.dat and user.dat files -i n specifies the display indentation multiple. Default is 4 -o outputWidth specifies how wide the output is to be. By default the outputWidth is set to the width of the console window if standard output has not been redirected to a file. In the latter case, an outputWidth of 240 is used. -b specifies that REGINI should be backward compatible with older versions of REGINI that did not strictly enforce line continuations and quoted strings Specifically, REG_BINARY, REG_RESOURCE_LIST and REG_RESOURCE_REQUIREMENTS_LIST data types did not need line continuations after the first number that gave the size of the data. It just kept looking on following lines until it found enough data values to equal the data length or hit invalid input. Quoted strings were only allowed in REG_MULTI_SZ. They could not be specified around key or value names, or around values for REG_SZ or REG_EXPAND_SZ Finally, the old REGINI did not support the semicolon as an end of line comment character. textFiles is one or more ANSI or Unicode text files with registry data. The easiest way to understand the format of the input textFile is to use the REGDMP command with no arguments to dump the current contents of your NT Registry to standard out. Redirect standard out to a file and this file is acceptable as input to REGINI Some general rules are: Semicolon character is an end-of-line comment character, provided it is the first non-blank character on a line Backslash character is a line continuation character. All characters from the backslash up to but not including the first non-blank character of the next line are ignored. If there is more than one space before the line continuation character, it is replaced by a single space. Indentation is used to indicate the tree structure of registry keys The REGDMP program uses indentation in multiples of 4. You may use hard tab characters for indentation, but embedded hard tab characters are converted to a single space regardless of their position Values should come before child keys, as they are associated with the previous key at or above the value's indentation level. For key names, leading and trailing space characters are ignored and not included in the key name, unless the key name is surrounded by quotes. Imbedded spaces are part of a key name. Key names can be followed by an Access Control List (ACL) which is a series of decimal numbers, separated by spaces, bracketed by a square brackets (e.g. [8 4 17]). The valid numbers and their meanings are: 1 - Administrators Full Access 2 - Administrators Read Access 3 - Administrators Read and Write Access 4 - Administrators Read, Write and Delete Access 5 - Creator Full Access 6 - Creator Read and Write Access 7 - World Full Access 8 - World Read Access 9 - World Read and Write Access 10 - World Read, Write and Delete Access 11 - Power Users Full Access 12 - Power Users Read and Write Access 13 - Power Users Read, Write and Delete Access 14 - System Operators Full Access 15 - System Operators Read and Write Access 16 - System Operators Read, Write and Delete Access 17 - System Full Access 18 - System Read and Write Access 19 - System Read Access 20 - Administrators Read, Write and Execute Access 21 - Interactive User Full Access 22 - Interactive User Read and Write Access 23 - Interactive User Read, Write and Delete Access ========================= 用regini.exe系统自带 绝对ok 举个例子。。 rem 修改注册表sam的访问权限 echo HKEY_LOCAL_MACHINE\SAM\ [1] >1.txt echo HKEY_LOCAL_MACHINE\SAM\SAM\ [1] >>1.txt echo HKEY_LOCAL_MACHINE\SAM\SAM\Domains\ [1] >>1.txt echo HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\ [1] >>1.txt echo HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\ [1] >>1.txt echo HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\000001F4 [1] >>1.txt echo HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\000001F5 [1] >>1.txt regini.exe 1.txt

regini貌似没有。。。 read，write，delete 没有拒绝权限哦。

只有个。。。全拒绝。。

rem 修改注册表sam的访问权限 echo HKEY_LOCAL_MACHINE\SAM\ [1] >1.txt echo HKEY_LOCAL_MACHINE\SAM\SAM\ [1] >>1.txt echo HKEY_LOCAL_MACHINE\SAM\SAM\Domains\ [1] >>1.txt echo HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\ [1] >>1.txt echo HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\ [1] >>1.txt echo HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\000001F4 [1] >>1.txt echo HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\000001F5 [1] >>1.txt regini.exe 1.txt