矛与盾:黑客攻防命令大曝光_命令行黑客:“终端服务器超过了允许的最大连接数”...
矛与盾:黑客攻防命令大曝光
If you’ve worked on a network with Windows servers, you’ve encountered this error message at least 37,000 times:
如果您使用Windows服务器在网络上工作,则至少会遇到此错误消息37,000次:
“The terminal server has exceeded the maximum number of allowed connections. The system can not log you on. The system has reached its licensed logon limit. Please try again later.”
“终端服务器已超出允许的最大连接数。 系统无法登录。 系统已达到其许可的登录限制。 请稍后再试。”
This problem happens because Windows only allows two remote terminal services connections when you are in administrative mode, and you’ve either got two people already on that server, or more likely, you’ve got a disconnected session that still thinks it is active.
发生此问题的原因是,当您处于管理模式时,Windows仅允许两个远程终端服务连接,并且该服务器上已经有两个人,或者更可能的是,您有一个断开的会话,仍然认为它处于活动状态。
The problem with this error is that you have to actually get on the server console to fix the problem if the server isn’t in a domain. (If you are in a domain, then just open Terminal Services Manager and log off or disconnect the sessions)
此错误的问题是,如果服务器不在域中,则必须实际进入服务器控制台才能解决该问题。 (如果您在域中,则只需打开终端服务管理器并注销或断开会话)
To use the command line hacks, you might need to run them from another server if your local operating system doesn’t include the commands. You will also need to make sure that you are logged onto that server with an administrative account. The easiest way to do that is just map a drive (you don’t have to use a drive letter unless you choose to)
要使用命令行黑客,如果您的本地操作系统不包含命令,则可能需要从另一台服务器运行它们。 您还需要确保使用管理帐户登录到该服务器。 最简单的方法是映射驱动器(除非选择,否则不必使用驱动器号)
net use /user:[username] \\servername\share
净使用/ user:[用户名] \\服务器名\ share
Here’s a command line hack that you can use to figure out what sessions are connected to the server. Note that you could substitute the IP address for the server name.
这是一个命令行技巧,您可以用来确定哪些会话已连接到服务器。 请注意,您可以用IP地址代替服务器名称。
query session /server:servername
查询会话/ server:服务器名
Sample output:
样本输出:
Now we know that the session ID of the offending session is 2. We can use that in the next step, which is using the reset command to log off that user.
现在我们知道有问题的会话的会话ID为2。我们可以在下一步中使用该ID,即使用reset命令注销该用户。
reset session [ID] /server:servername
重置会话[ID] / server:服务器名
Sample:
样品:
This command won’t display any output, but when we run the query command again, we should see that the session has now been disconnected:
该命令不会显示任何输出,但是当我们再次运行query命令时,我们应该看到该会话现在已断开连接:
Note: Thanks to my friend Todd for this one.
注意:感谢我的朋友托德。
矛与盾:黑客攻防命令大曝光