虚拟主机C盘权限设置 for IIS

出自sebug security vulnerability(SSV) DB
跳转到: 导航, 搜索
  1. @ECHO OFF
  2. setlocal
  3. REM =======================================
  4. REM VH_Gh0st For IIS V1.4
  5. REM 虚拟主机C盘权限设置 [IIS]  V1.4
  6. REM C.Rufus Security Team
  7. REM www.wolfexp.net 
  8. REM www.sebug.net
  9. REM =======================================
  10. REM
  11. REM CHANGELOG --
  12. REM by amxku&自在轮回, C.Rufus S.T
  13. REM 2006-12-10
  14.  
  15. REM add some tips ;)
  16. REM by amxku, C.Rufus S.T
  17. REM 2007-07-10
  18.  
  19. REM VH_Gh0st For IIS V1.4
  20. REM 鬼仔说被权限弄挂过一次,所以加个还原的 ;)
  21. REM by amxku, C.Rufus S.T
  22. REM 2008-06-23
  23.  
  24. title VH_Gh0st For IIS V1.4 - 红狼安全小组
  25. echo.
  26. echo "+++++++++++++++++++++++++++++++++++++"
  27. echo "+  VH_Gh0st For IIS V1.4            +"
  28. echo "+  虚拟主机C盘权限设置[IIS] V1.4    +" 
  29. echo "+                                   +"
  30. echo "+  www.wolfexp.net                  +"
  31. echo "+  红狼安全小组                     +"
  32. echo "+                                   +"
  33. echo "+  amxku   自在轮回                 +"
  34. echo "+++++++++++++++++++++++++++++++++++++"
  35. :menu
  36. echo.
  37. echo [1]     删除C盘的everyone的权限
  38. echo [2]     删除C盘的所有的users的访问权限
  39. echo [3]     添加iis_wpg的访问权限
  40. echo [4]     添加iis_wpg的访问权限[.net专用]
  41. echo [5]     添加iis_wpg的访问权限[装了MACFEE的软件专用]
  42. echo [6]     添加users的访问权限
  43. echo [7]     删除C盘Windows下的所有的危险文件夹
  44. echo [8]     删除系统危险文件的访问权限,只留管理组成员
  45. echo [9]     注册表相关设定
  46. echo [10]    将C盘权限还原为默认[需重启]
  47. echo [0]     退出
  48. echo.
  49. @echo 请选择?
  50. @echo 输入上面的选项回车
  51. @echo off
  52. set /p menu=
  53.  
  54. if %menu% == 0 goto exit
  55. if %menu% == 1 goto 1
  56. if %menu% == 2 goto 2
  57. if %menu% == 3 goto 3
  58. if %menu% == 4 goto 4
  59. if %menu% == 5 goto 5
  60. if %menu% == 6 goto 6
  61. if %menu% == 7 goto 7
  62. if %menu% == 8 goto 8
  63. if %menu% == 9 goto 9
  64. if %menu% == 10 goto 10
  65.  
  66. :1
  67. echo 删除C盘的everyone的权限 
  68. cacls "%SystemDrive%" /r "CREATOR OWNER" /e
  69. cacls "%SystemDrive%" /r "everyone" /e 
  70. cacls "%SystemRoot%" /r "everyone" /e 
  71. cacls "%SystemDrive%/Documents and Settings" /r "everyone" /e 
  72. cacls "%SystemDrive%/Documents and Settings/All Users" /r "everyone" /e 
  73. cacls "%SystemDrive%/Documents and Settings/All Users/Documents"  /r "everyone" /e 
  74. echo.
  75. echo 删除C盘的everyone的权限 ………………ok!
  76. echo.
  77. goto menu
  78.  
  79. :2
  80. echo 删除C盘的所有的users的访问权限 
  81. cacls "%SystemDrive%" /r "users" /e 
  82. cacls "%SystemDrive%/Program Files" /r "users" /e 
  83. cacls "%SystemDrive%/Documents and Settings" /r "users" /e 
  84. cacls "%SystemRoot%" /r "users" /e 
  85. cacls "%SystemRoot%/addins" /r "users" /e 
  86. cacls "%SystemRoot%/AppPatch" /r "users" /e 
  87. cacls "%SystemRoot%/Connection Wizard" /r "users" /e 
  88. cacls "%SystemRoot%/Debug" /r "users" /e 
  89. cacls "%SystemRoot%/Driver Cache" /r "users" /e 
  90. cacls "%SystemRoot%/Help" /r "users" /e 
  91. cacls "%SystemRoot%/IIS Temporary Compressed Files" /r "users" /e 
  92. cacls "%SystemRoot%/java" /r "users" /e 
  93. cacls "%SystemRoot%/msagent" /r "users" /e 
  94. cacls "%SystemRoot%/mui" /r "users" /e 
  95. cacls "%SystemRoot%/repair" /r "users" /e 
  96. cacls "%SystemRoot%/Resources" /r "users" /e 
  97. cacls "%SystemRoot%/security" /r "users" /e 
  98. cacls "%SystemRoot%/system" /r "users" /e 
  99. cacls "%SystemRoot%/TAPI" /r "users" /e 
  100. cacls "%SystemRoot%/Temp" /r "users" /e 
  101. cacls "%SystemRoot%/twain_32" /r "users" /e 
  102. cacls "%SystemRoot%/Web" /r "users" /e 
  103. cacls "%SystemRoot%/WinSxS" /r "users" /e 
  104. cacls "%SystemRoot%/system32/3com_dmi" /r "users" /e 
  105. cacls "%SystemRoot%/system32/administration" /r "users" /e 
  106. cacls "%SystemRoot%/system32/Cache" /r "users" /e 
  107. cacls "%SystemRoot%/system32/CatRoot2" /r "users" /e 
  108. cacls "%SystemRoot%/system32/Com" /r "users" /e 
  109. cacls "%SystemRoot%/system32/config" /r "users" /e 
  110. cacls "%SystemRoot%/system32/dhcp" /r "users" /e 
  111. cacls "%SystemRoot%/system32/drivers" /r "users" /e 
  112. cacls "%SystemRoot%/system32/export" /r "users" /e 
  113. cacls "%SystemRoot%/system32/icsxml" /r "users" /e 
  114. cacls "%SystemRoot%/system32/lls" /r "users" /e 
  115. cacls "%SystemRoot%/system32/LogFiles" /r "users" /e 
  116. cacls "%SystemRoot%/system32/MicrosoftPassport" /r "users" /e 
  117. cacls "%SystemRoot%/system32/mui" /r "users" /e 
  118. cacls "%SystemRoot%/system32/oobe" /r "users" /e 
  119. cacls "%SystemRoot%/system32/ShellExt" /r "users" /e 
  120. cacls "%SystemRoot%/system32/wbem" /r "users" /e 
  121. echo.
  122. echo 删除C盘的所有的users的访问权限  ………………ok!
  123. echo.
  124. goto menu
  125.  
  126.  
  127. :7
  128. echo 删除C盘Windows下的所有的危险文件夹 
  129. attrib %SystemRoot%/Web/printers -s -r -h
  130. del %SystemRoot%\Web\printers\*.* /s /q /f
  131. rd %SystemRoot%\Web\printers /s /q
  132.  
  133. attrib %SystemRoot%\Help\iisHelp -s -r -h
  134. del %SystemRoot%\Help\iisHelp\*.* /s /q /f
  135. rd %SystemRoot%\Help\iisHelp /s /q
  136.  
  137. attrib %SystemRoot%\system32\inetsrv\iisadmpwd -s -r -h
  138. del %SystemRoot%\system32\inetsrv\iisadmpwd\*.* /s /q /f
  139. rd %SystemRoot%\system32\inetsrv\iisadmpwd /s /q
  140. echo.
  141. echo 删除C盘Windows下的所有的危险文件夹   ………………ok!
  142. echo.
  143. goto menu
  144.  
  145.  
  146. :8
  147. echo 给系统危险文件设置权限设定
  148. cacls "C:\boot.ini" /T /C /E /G Administrators:F
  149. cacls "C:\boot.ini" /D Guests:F /E
  150.  
  151. cacls "C:\AUTOEXEC.BAT" /T /C /E /G Administrators:F
  152. cacls "C:\AUTOEXEC.BAT" /D Guests:F /E
  153.  
  154. cacls "%SystemRoot%/system32/net.exe" /T /C /E /G Administrators:F
  155. cacls "%SystemRoot%/system32/net.exe" /D Guests:F /E
  156.  
  157. cacls "%SystemRoot%/system32/net1.exe" /T /C /E /G Administrators:F
  158. cacls "%SystemRoot%/system32/net1.exe" /D Guests:F /E
  159.  
  160. cacls "%SystemRoot%/system32/cmd.exe" /T /C /E /G Administrators:F
  161. cacls "%SystemRoot%/system32/cmd.exe" /D Guests:F /E
  162.  
  163. cacls "%SystemRoot%/system32/ftp.exe" /T /C /E /G Administrators:F
  164. cacls "%SystemRoot%/system32/ftp.exe" /D Guests:F /E
  165.  
  166. cacls "%SystemRoot%/system32/netstat.exe" /T /C /E /G Administrators:F
  167. cacls "%SystemRoot%/system32/netstat.exe" /D Guests:F /E
  168.  
  169. cacls "%SystemRoot%/system32/regedit.exe" /T /C /E /G Administrators:F
  170. cacls "%SystemRoot%/system32/regedit.exe" /D Guests:F /E
  171.  
  172. cacls "%SystemRoot%/system32/at.exe" /T /C /E /G Administrators:F
  173. cacls "%SystemRoot%/system32/at.exe" /D Guests:F /E
  174.  
  175. cacls "%SystemRoot%/system32/attrib.exe" /T /C /E /G Administrators:F
  176. cacls "%SystemRoot%/system32/attrib.exe" /D Guests:F /E
  177.  
  178. cacls "%SystemRoot%/system32/format.com" /T /C /E /G Administrators:F
  179. cacls "%SystemRoot%/system32/format.com" /D Guests:F /E
  180.  
  181. cacls "%SystemRoot%/system32/logoff.exe" /T /C /E /G Administrators:F
  182.  
  183. cacls "%SystemRoot%/system32/shutdown.exe" /G Administrators:F
  184. cacls "%SystemRoot%/system32/shutdown.exe" /D Guests:F /E
  185.  
  186. cacls "%SystemRoot%/system32/telnet.exe" /T /C /E /G Administrators:F
  187. cacls "%SystemRoot%/system32/telnet.exe" /D Guests:F /E
  188.  
  189. cacls "%SystemRoot%/system32/wscript.exe" /T /C /E /G Administrators:F
  190. cacls "%SystemRoot%/system32/wscript.exe" /D Guests:F /E
  191.  
  192. cacls "%SystemRoot%/system32/doskey.exe" /T /C /E /G Administrators:F
  193. cacls "%SystemRoot%/system32/doskey.exe" /D Guests:F /E
  194.  
  195. cacls "%SystemRoot%/system32/help.exe" /T /C /E /G Administrators:F
  196. cacls "%SystemRoot%/system32/help.exe" /D Guests:F /E
  197.  
  198. cacls "%SystemRoot%/system32/ipconfig.exe" /T /C /E /G Administrators:F
  199. cacls "%SystemRoot%/system32/ipconfig.exe" /D Guests:F /E
  200.  
  201. cacls "%SystemRoot%/system32/nbtstat.exe" /T /C /E /G Administrators:F
  202. cacls "%SystemRoot%/system32/nbtstat.exe" /D Guests:F /E
  203.  
  204. cacls "%SystemRoot%/system32/print.exe" /T /C /E /G Administrators:F
  205. cacls "%SystemRoot%/system32/print.exe" /D Guests:F /E
  206.  
  207. cacls "%SystemRoot%/system32/xcopy.exe" /T /C /E /G Administrators:F
  208. cacls "%SystemRoot%/system32/xcopy.exe" /D Guests:F /E
  209.  
  210. cacls "%SystemRoot%/system32/edit.com" /T /C /E /G Administrators:F
  211. cacls "%SystemRoot%/system32/edit.com" /D Guests:F /E
  212.  
  213. cacls "%SystemRoot%/system32/regedt32.exe" /T /C /E /G Administrators:F
  214. cacls "%SystemRoot%/system32/regedt32.exe" /D Guests:F /E
  215.  
  216. cacls "%SystemRoot%/system32/reg.exe" /T /C /E /G Administrators:F
  217. cacls "%SystemRoot%/system32/reg.exe" /D Guests:F /E
  218.  
  219. cacls "%SystemRoot%/system32/register.exe" /T /C /E /G Administrators:F
  220. cacls "%SystemRoot%/system32/register.exe" /D Guests:F /E
  221.  
  222. cacls "%SystemRoot%/system32/replace.exe" /T /C /E /G Administrators:F
  223. cacls "%SystemRoot%/system32/replace.exe" /D Guests:F /E
  224.  
  225. cacls "%SystemRoot%/system32/nwscript.exe" /T /C /E /G Administrators:F
  226. cacls "%SystemRoot%/system32/nwscript.exe" /D Guests:F /E
  227.  
  228. cacls "%SystemRoot%/system32/share.exe" /T /C /E /G Administrators:F
  229. cacls "%SystemRoot%/system32/share.exe" /D Guests:F /E
  230.  
  231. cacls "%SystemRoot%/system32/ping.exe" /T /C /E /G Administrators:F
  232. cacls "%SystemRoot%/system32/ping.exe" /D Guests:F /E
  233.  
  234. cacls "%SystemRoot%/system32/ipsec6.exe" /T /C /E /G Administrators:F
  235. cacls "%SystemRoot%/system32/ipsec6.exe" /D Guests:F /E
  236.  
  237. cacls "%SystemRoot%/system32/netsh.exe" /T /C /E /G Administrators:F
  238. cacls "%SystemRoot%/system32/netsh.exe" /D Guests:F /E
  239.  
  240. cacls "%SystemRoot%/system32/debug.exe" /T /C /E /G Administrators:F
  241. cacls "%SystemRoot%/system32/debug.exe" /D Guests:F /E
  242.  
  243. cacls "%SystemRoot%/system32/route.exe" /T /C /E /G Administrators:F
  244. cacls "%SystemRoot%/system32/route.exe" /D Guests:F /E
  245.  
  246. cacls "%SystemRoot%/system32/tracert.exe" /T /C /E /G Administrators:F
  247. cacls "%SystemRoot%/system32/tracert.exe" /D Guests:F /E
  248.  
  249. cacls "%SystemRoot%/system32/powercfg.exe" /T /C /E /G Administrators:F
  250. cacls "%SystemRoot%/system32/powercfg.exe" /D Guests:F /E
  251.  
  252. cacls "%SystemRoot%/system32/nslookup.exe" /T /C /E /G Administrators:F
  253. cacls "%SystemRoot%/system32/nslookup.exe" /D Guests:F /E
  254.  
  255. cacls "%SystemRoot%/system32/arp.exe" /T /C /E /G Administrators:F
  256. cacls "%SystemRoot%/system32/arp.exe" /D Guests:F /E
  257.  
  258. cacls "%SystemRoot%/system32/rsh.exe" /T /C /E /G Administrators:F
  259. cacls "%SystemRoot%/system32/rsh.exe" /D Guests:F /E
  260.  
  261. cacls "%SystemRoot%/system32/netdde.exe" /T /C /E /G Administrators:F
  262. cacls "%SystemRoot%/system32/netdde.exe" /D Guests:F /E
  263.  
  264. cacls "%SystemRoot%/system32/mshta.exe" /T /C /E /G Administrators:F
  265. cacls "%SystemRoot%/system32/mshta.exe" /D Guests:F /E
  266.  
  267. cacls "%SystemRoot%/system32/mountvol.exe" /T /C /E /G Administrators:F
  268. cacls "%SystemRoot%/system32/mountvol.exe" /D Guests:F /E
  269.  
  270. cacls "%SystemRoot%/system32/tftp.exe" /T /C /E /G Administrators:F
  271. cacls "%SystemRoot%/system32/tftp.exe" /D Guests:F /E
  272.  
  273. cacls "%SystemRoot%/system32/setx.exe" /T /C /E /G Administrators:F
  274. cacls "%SystemRoot%/system32/setx.exe" /D Guests:F /E
  275.  
  276. cacls "%SystemRoot%/system32/find.exe" /T /C /E /G Administrators:F
  277. cacls "%SystemRoot%/system32/find.exe" /D Guests:F /E
  278.  
  279. cacls "%SystemRoot%/system32/finger.exe" /T /C /E /G Administrators:F
  280. cacls "%SystemRoot%/system32/finger.exe" /D Guests:F /E
  281.  
  282. cacls "%SystemRoot%/system32/where.exe" /T /C /E /G Administrators:F
  283. cacls "%SystemRoot%/system32/where.exe" /D Guests:F /E
  284.  
  285. cacls "%SystemRoot%/system32/regsvr32.exe" /T /C /E /G Administrators:F
  286. cacls "%SystemRoot%/system32/regsvr32.exe" /D Guests:F /E
  287.  
  288. cacls "%SystemRoot%/system32/cacls.exe" /T /C /E /G Administrators:F
  289. cacls "%SystemRoot%/system32/cacls.exe" /D Guests:F /E
  290.  
  291. cacls "%SystemRoot%/system32/sc.exe" /T /C /E /G Administrators:F
  292. cacls "%SystemRoot%/system32/sc.exe" /D Guests:F /E
  293.  
  294. cacls "%SystemRoot%/system32/shadow.exe" /T /C /E /G Administrators:F
  295. cacls "%SystemRoot%/system32/shadow.exe" /D Guests:F /E
  296.  
  297. cacls "%SystemRoot%/system32/runas.exe" /T /C /E /G Administrators:F
  298. cacls "%SystemRoot%/system32/runas.exe" /D Guests:F /E
  299.  
  300. cacls "%SystemRoot%/system32/wshom.ocx" /T /C /E /G Administrators:F
  301. cacls "%SystemRoot%/system32/wshom.ocx" /D Guests:F /E
  302.  
  303. cacls "%SystemRoot%/system32/wshext.dll" /T /C /E /G Administrators:F
  304. cacls "%SystemRoot%/system32/wshext.dll" /D Guests:F /E
  305.  
  306. cacls "%SystemRoot%/system32/shell32.dll" /T /C /E /G Administrators:F
  307. cacls "%SystemRoot%/system32/shell32.dll" /D Guests:F /E
  308.  
  309. cacls "%SystemRoot%/system32/zipfldr.dll" /T /C /E /G Administrators:F
  310. cacls "%SystemRoot%/system32/zipfldr.dll" /D Guests:F /E
  311.  
  312. cacls "%SystemRoot%/PCHealth/HelpCtr/Binaries/msconfig.exe" /T /C /E /G Administrators:F
  313. cacls "%SystemRoot%/PCHealth/HelpCtr/Binaries/msconfig.exe" /D Guests:F /E
  314.  
  315. cacls "%SystemRoot%/notepad.exe" /T /C /E /G Administrators:F
  316. cacls "%SystemRoot%/notepad.exe" /D Guests:F /E
  317.  
  318. cacls "%SystemRoot%/regedit.exe" /T /C /E /G Administrators:F
  319. cacls "%SystemRoot%/regedit.exe" /D Guests:F /E
  320.  
  321. cacls "%SystemRoot%/winhelp.exe" /T /C /E /G Administrators:F
  322. cacls "%SystemRoot%/winhelp.exe" /D Guests:F /E
  323.  
  324. cacls "%SystemRoot%/winhlp32.exe" /T /C /E /G Administrators:F
  325. cacls "%SystemRoot%/winhlp32.exe" /D Guests:F /E
  326.  
  327. cacls "%SystemRoot%/system32/notepad.exe" /T /C /E /G Administrators:F
  328. cacls "%SystemRoot%/system32/notepad.exe" /D Guests:F /E
  329.  
  330. cacls "%SystemRoot%/system32/edlin.exe" /T /C /E /G Administrators:F
  331. cacls "%SystemRoot%/system32/edlin.exe" /D Guests:F /E
  332.  
  333. cacls "%SystemRoot%/system32/posix.exe" /T /C /E /G Administrators:F
  334. cacls "%SystemRoot%/system32/posix.exe" /D Guests:F /E
  335.  
  336. cacls "%SystemRoot%/system32/atsvc.exe" /T /C /E /G Administrators:F
  337. cacls "%SystemRoot%/system32/atsvc.exe" /D Guests:F /E
  338.  
  339. cacls "%SystemRoot%/system32/qbasic.exe" /T /C /E /G Administrators:F
  340. cacls "%SystemRoot%/system32/qbasic.exe" /T /C /E /G Administrators:F
  341.  
  342. cacls "%SystemRoot%/system32/runonce.exe" /T /C /E /G Administrators:F
  343. cacls "%SystemRoot%/system32/runonce.exe" /D Guests:F /E
  344.  
  345. cacls "%SystemRoot%/system32/syskey.exe" /T /C /E /G Administrators:F
  346. cacls "%SystemRoot%/system32/syskey.exe" /D Guests:F /E
  347.  
  348. cacls "%SystemRoot%/system32/cscript.exe" /T /C /E /G Administrators:F
  349. cacls "%SystemRoot%/system32/cscript.exe" /D Guests:F /E
  350. echo.
  351. echo 给系统危险文件设置权限设定   ………………ok!
  352. echo.
  353. goto menu
  354.  
  355. :9
  356. echo 注册表相关设定
  357. reg delete HKEY_CLASSES_ROOT\WScript.Shell /f
  358. reg delete HKEY_CLASSES_ROOT\WScript.Shell.1 /f
  359. reg delete HKEY_CLASSES_ROOT\Shell.application /f
  360. reg delete HKEY_CLASSES_ROOT\Shell.application.1 /f
  361. reg delete HKEY_CLASSES_ROOT\WSCRIPT.NETWORK /f
  362. reg delete HKEY_CLASSES_ROOT\WSCRIPT.NETWORK.1 /f
  363. regsvr32 /s /u wshom.ocx
  364. regsvr32 /s /u wshext.dll
  365. regsvr32 /s /u shell32.dll
  366. regsvr32 /s /u zipfldr.dll
  367. echo.
  368. echo 注册表相关设定   ………………ok!
  369. echo.
  370. goto menu
  371.  
  372.  
  373. :3
  374. echo 添加iis_wpg的访问权限 
  375. cacls "%SystemRoot%" /g iis_wpg:r /e 
  376. cacls "%SystemDrive%/Program Files/Common Files" /g iis_wpg:r /e 
  377.  
  378. cacls "%SystemRoot%/Downloaded Program Files" /g iis_wpg:c /e 
  379. cacls "%SystemRoot%/Help" /g iis_wpg:c /e 
  380. cacls "%SystemRoot%/IIS Temporary Compressed Files" /g iis_wpg:c /e 
  381. cacls "%SystemRoot%/Offline Web Pages" /g iis_wpg:c /e 
  382. cacls "%SystemRoot%/System32" /g iis_wpg:c /e 
  383. cacls "%SystemRoot%/Tasks" /g iis_wpg:c /e 
  384. cacls "%SystemRoot%/Temp" /g iis_wpg:c /e 
  385. cacls "%SystemRoot%/Web" /g iis_wpg:c /e 
  386. echo.
  387. echo 添加iis_wpg的访问权限   ………………ok!
  388. echo.
  389. goto menu
  390.  
  391.  
  392. :4
  393. echo 添加iis_wpg的访问权限[.net专用] 
  394. cacls "%SystemRoot%/Assembly" /g iis_wpg:c /e 
  395. cacls "%SystemRoot%/Microsoft.NET" /g iis_wpg:c /e 
  396. echo.
  397. echo 添加iis_wpg的访问权限[.net专用]   ………………ok!
  398. echo.
  399. goto menu
  400.  
  401. :5
  402. echo 添加iis_wpg的访问权限[装了MACFEE的软件专用] 
  403. cacls "%SystemDrive%/Program Files/Network Associates" /g iis_wpg:r /e 
  404. echo.
  405. echo 添加iis_wpg的访问权限[装了MACFEE的软件专用]   ………………ok!
  406. echo.
  407. goto menu
  408.  
  409. :6
  410. echo 添加users的访问权限 
  411. cacls "%SystemRoot%/temp" /g users:c /e 
  412. echo.
  413. echo 添加users的访问权限   ………………ok!
  414. echo.
  415. goto menu
  416.  
  417. :10
  418. echo 将C盘权限还原为默认 
  419. Secedit /configure /db %SYSTEMROOT%\security\database\cvtfs.sdb /Cfg "%SYSTEMROOT%\security\templates\setup security.inf" /areas filestore
  420. goto menu
  421.  
  422. :exit
  423.  
  424. exit
个人工具
名字空间
变换
导航
工具箱