How To Find User's SIDs with WMIC

作者:Secer 发布时间:December 24, 2014 分类:黑客技巧

Follow these easy steps to display a table of user names and their corresponding SIDs:
Difficulty: Easy
Time Required: It'll take less than a minute to find a user's SID in Windows via WMIC:
Here's How:
Open Command Prompt.
Once Command Prompt is open, type the following command exactly as shown here, including spaces or lack thereof:

wmic useraccount get name,sid

and then press Enter.
You should see a table, similar to the following, displayed in the Command Prompt window:
Name SID

Administrator S-1-5-21-1180699209-877415012-3182924384-500

Guest S-1-5-21-1180699209-877415012-3182924384-501

HomeGroupUser$ S-1-5-21-1180699209-877415012-3182924384-1002

Tim S-1-5-21-1180699209-877415012-3182924384-1004

UpdatusUser S-1-5-21-1180699209-877415012-3182924384-1007

This is a list of each user account in Windows, listed by user name, followed by the account's corresponding SID.

Now that you're confident that a particular user name corresponds to a particular SID, you can make whatever changes you need to in the registry or do whatever else you needed this information for.



whoami /all



作者:Secer 发布时间:December 24, 2014 分类:Linux笔记,原创文章


apt-get install alien

[email protected]:~# alien jre-7u71-linux-i586.rpm

Warning: Skipping conversion of scripts in package jre: postinst postrm prerm

Warning: Use the --scripts parameter to include the scripts.

jre_1.7.071-1_i386.deb generated

[email protected]:~# ls

jre-7u71-linux-i586.rpm jre-7u71-linux-i586.tar.gz

[email protected]:~# dpkg -i jre_1.7.071-1_i386.deb

Selecting previously unselected package jre.

(正在读取数据库 ... 系统当前共安装有 362302 个文件和目录。)

正在解压缩 jre (从 jre_1.7.071-1_i386.deb) ...

正在设置 jre (1.7.071-1) ...


作者:Secer 发布时间:December 24, 2014 分类:Linux笔记,黑客技巧,原创文章

kali安装vmtools时,遇到Enter the path to the kernel header files for the 3.14-kali1-686-pae kernel?

the path "" is not a vaild path to the 3.14-kali1-686-pae kernel headers.



apt-get install linux-headers-$(uname -r)




用VM安装完kali linux后 如果用桥接的话 有线网络一直显示设备未托管 自己手动添加到网卡 也配过ip了 但是没点用。。如果用NAT的话能上网 但是也是显示有线网络设备未托管。。



关闭和开启Exchange 2010、2007、2003服务的命令脚本

作者:Secer 发布时间:December 19, 2014 分类:黑客技巧

关闭和开启Exchange 2010服务的命令脚本

net stop msexchangeadtopology /y
net stop msexchangefba /y
net stop msftesql-exchange /y
net stop msexchangeis /y
net stop msexchangesa /y
net stop iisadmin /y
net stop w3svc /y

#What does the script do?

net stop msexchangeadtopology /y
#Stops the "Microsoft Exchange Active Directory Topology Service" which will stop the following services

Microsoft Exchange Transport Log Search
Microsoft Exchange Transport
Microsoft Exchange Throttling
Microsoft Exchange Service Host
Microsoft Exchange Search Indexer
Microsoft Exchange RPC Client Access
Microsoft Exchange Replication
Microsoft Exchange Protected Service Host
Microsoft Exchange Mail Submission
Microsoft Exchange Mailbox Replication
Microsoft Exchange Mailbox Assistants
Microsoft Exchange File Distribution
Microsoft Exchange EdgeSync
Microsoft Exchange Anti-spam Update
Microsoft Exchange Address Book

It will also stop POP3, IMAP4 and Unified Messaging if those are enabled.

net stop msexchangefba /y
#stops the "Microsoft Exchange Forms-Based Authentication" service which does not have any dependencies

net stop msftesql-exchange /y
#stops the "Microsoft Search (Exchange)" service which does not have any dependencies

net stop msexchangeis /y
#stops the "Microsoft Exchange Information Store" service which does not have any dependencies

net stop msexchangesa /y
#stops the "Microsoft Exchange System Attendant" service which does not have any dependencies

net stop iisadmin /y
#stops the IIS admin service, which does not have any dependencies.

net stop w3svc /y
#stops the "World Wide Web Publishing" service, which may have any dependencies - on SBS this will also stop the Remote Desktop Gateway service, which could kick you out of the server if you are using the RWW to access the server.

If you are using a third party plug-in, then you may find that there is a dependency on that plug-in which can cause the script to fail. The /y at the end of each command should deal with it, but if you find that the third party service doesn't stop in time, adjust the script to include a delay. (Sleep is part of the Windows Resource Kit tools, if you don't have it installed on the server)

For example, this is a script used with an old version of McAfee Group Shield

net stop "McAfee GroupShield Exchange" /y
sleep 30
net stop msexchangefba /y
net stop msftesql-exchange /y
net stop msexchangeis /y
net stop msexchangesa /y
net stop iisadmin /y
net stop w3svc /y

Starting Exchange with a Script

Finally, you might also want a script to start Exchange again. This can be useful if you apply an update which requires a restart of the Exchange services, but don't need to restart the server. However starting the services is a little more complex as the less number of the services are dependant on other services. Therefore more services have to be started manually. Simply copy and paste it in to a new notepad document and save it as "start-exchange.cmd".

Remember to add POP3 and IMAP services if you are using those

net start "World Wide Web Publishing Service"
net start "Microsoft Exchange System Attendant"
net start "Microsoft Search  (Exchange)"
net start "Microsoft Exchange Information Store"
net start "Microsoft Exchange Unified Messaging"
net start "Microsoft Exchange Transport Log Search"
net start "Microsoft Exchange Transport"
net start "Microsoft Exchange Throttling"
net start "Microsoft Exchange Service Host"
net start "Microsoft Exchange Search Indexer"
net start "Microsoft Exchange RPC Client Access"
net start "Microsoft Exchange Replication"
net start "Microsoft Exchange Protected Service Host"
net start "Microsoft Exchange Mailbox Replication"
net start "Microsoft Exchange Mailbox Assistants"
net start "Microsoft Exchange Mail Submission"
net start "Microsoft Exchange Forms-Based Authentication service"
net start "Microsoft Exchange File Distribution"
net start "Microsoft Exchange EdgeSync"
net start "Microsoft Exchange Anti-spam Update"
net start "Microsoft Exchange Address Book"