{"id":185,"date":"2009-01-05T20:08:00","date_gmt":"2009-01-05T12:08:00","guid":{"rendered":""},"modified":"2013-11-22T15:42:01","modified_gmt":"2013-11-22T07:42:01","slug":"%e4%b8%80%e5%8f%a5%e8%af%9d%e5%91%bd%e4%bb%a4%e8%ae%a9windows-xp%e8%93%9d%e5%b1%8f","status":"publish","type":"post","link":"https:\/\/kyle.ai\/blog\/185.html","title":{"rendered":"\u4e00\u53e5\u8bdd\u547d\u4ee4\u8ba9Windows XP\u84dd\u5c4f"},"content":{"rendered":"<p>cmd \/c start \/min ntsd -c q -pn winlogon.exe\u00a0\u00a0 1&gt;nul 2&gt;nul<\/p>\n<p>\u53ef\u4ee5\u7b80\u5316\u4e3a\u4e0b\u9762\u7684\u547d\u4ee4\uff08\u5f00\u59cb-&gt;\u8fd0\u884c\u91cc\u9762\u76f4\u63a5\u8f93\u5165\u540e\u786e\u5b9a) |\u8bf7\u4e0d\u8981\u5728\u81ea\u5df1\u7535\u8111\u4e0a\u9762\u6d4b\u8bd5o^o<\/p>\n<p>ntsd -c q -pn winlogon.exe<\/p>\n<p>ntsd<br \/>\nntsd \u662f\u4e00\u6761dos\u547d\u4ee4\uff0c\u529f\u80fd\u662f\u7528\u4e8e\u7ed3\u675f\u4e00\u4e9b\u5e38\u89c4\u4e0b\u7ed3\u675f\u4e0d\u4e86\u7684\u6b7b\u8fdb\u7a0b\u3002<br \/>\n\u7528\u6cd5\u4e3a\u6253\u5f00cmd \u540e\u8f93\u5165\u4ee5\u4e0b\u547d\u4ee4\u5c31\u53ef\u4ee5\u7ed3\u675f\u8fdb\u7a0b\uff1a<br \/>\n\u65b9\u6cd5\u4e00\uff1a\u5229\u7528\u8fdb\u7a0b\u7684PID\u7ed3\u675f\u8fdb\u7a0b<br \/>\n\u547d\u4ee4\u683c\u5f0f\uff1antsd -c q -p pid<br \/>\n\u547d\u4ee4\u8303\u4f8b\uff1a ntsd -c q -p 1332 \uff08\u7ed3\u675fexplorer.exe\u8fdb\u7a0b\uff09<br \/>\n\u8303\u4f8b\u8be6\u89e3\uff1aexplorer.exe\u7684pid\u4e3a1332\uff0c\u4f46\u662f\u5982\u4f55\u83b7\u53d6\u8fdb\u7a0b\u7684pid\u5462\uff1f\u5728CMD\u4e0b\u8f93\u5165TASKLIST\u5c31\u53ef\u4ee5\u83b7\u53d6\u5f53\u524d\u4efb\u52a1\u7ba1\u7406\u5668\u6240\u6709\u8fdb\u7a0b\u7684PID<br \/>\n\u65b9\u6cd5\u4e8c\uff1a\u5229\u7528\u8fdb\u7a0b\u540d\u7ed3\u675f\u8fdb\u7a0b<br \/>\n\u547d\u4ee4\u683c\u5f0f\uff1antsd -c q -pn ***.exe \uff08***.exe \u4e3a\u8fdb\u7a0b\u540d,exe\u4e0d\u80fd\u7701\uff09<br \/>\n\u547d\u4ee4\u8303\u4f8b\uff1antsd -c q -pn explorer.exe<\/p>\n<p>\u53e6\u5916\u7684\u80fd\u7ed3\u675f\u8fdb\u7a0b\u7684DOS\u547d\u4ee4\u8fd8\u6709taskkill\uff1a<br \/>\n\u547d\u4ee4\u683c\u5f0f\uff1a taskkill \/pid 1234 \/f \uff08 \u4e5f\u53ef\u4ee5\u8fbe\u5230\u540c\u6837\u7684\u6548\u679c\u3002\uff09<\/p>\n<p>PS:\u672c\u4eba\u6d4b\u8bd5\u7684\u65f6\u5019\uff0c\u7cfb\u7edf\u6ca1\u6709\u84dd\u5c4f\uff0c\u800c\u662f\u76f4\u63a5\u6302\u6389\uff0c\u88ab\u8feb\u91cd\u542f<\/p>\n","protected":false},"excerpt":{"rendered":"<p>cmd \/c start \/min ntsd -c q -pn winlogon.exe\u00a0\u00a0 1&gt;nul [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-185","post","type-post","status-publish","format-standard","hentry","category-skill"],"_links":{"self":[{"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/posts\/185","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/comments?post=185"}],"version-history":[{"count":1,"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/posts\/185\/revisions"}],"predecessor-version":[{"id":5109,"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/posts\/185\/revisions\/5109"}],"wp:attachment":[{"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/media?parent=185"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/categories?post=185"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/tags?post=185"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}