Results 1 to 8 of 8

Thread: Windows XP Services

  1. #1
    Just burned his ISO
    Join Date
    Jul 2009
    Posts
    1

    Question Windows XP Services

    I could be a Nub but I couldn't find anything on Google or on the forums on the subject. Is there a way to edit the default start-up state of a windows service in backtrack? Thanks heaps in advance

  2. #2
    Member kazalku's Avatar
    Join Date
    Feb 2009
    Posts
    416

    Default

    What the hell is that..
    If you can't explain it simply, you don't understand it well enough -- Albert Einstein

  3. #3
    Just burned his ISO
    Join Date
    Apr 2009
    Posts
    22

    Default

    Quote Originally Posted by signroe View Post
    I could be a Nub but I couldn't find anything on Google or on the forums on the subject. Is there a way to edit the default start-up state of a windows service in backtrack? Thanks heaps in advance
    No could about it!
    Beware the fury of a patient man.

  4. #4
    Senior Member Thorn's Avatar
    Join Date
    Jan 2010
    Location
    The Green Dome
    Posts
    1,509

    Default

    Quote Originally Posted by signroe View Post
    I could be a Nub but I couldn't find anything on Google or on the forums on the subject. Is there a way to edit the default start-up state of a windows service in backtrack? Thanks heaps in advance
    You'd have to use chntpw, and you'd better be an ace at editing the registry.
    Thorn
    Stop the TSA now! Boycott the airlines.

  5. #5
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    I assume you mean "Is there a way to boot a Windows machine using BackTrack and then change the startup state of a Windows service?"

    Its a fairly simple registry change, by editing the DWORD "Start" value under the following path in the SYSTEM hive

    Code:
    \ControlSet<controlset#>\Services\<service_name>\
    The SYSTEM hive file itself is stored under %SystemRoot%\system32\config\system

    This tool can do the registry modification under Linux
    Offline NT Password & Registry Editor
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  6. #6
    Member
    Join Date
    Jan 2010
    Posts
    81

    Default

    or you cann use sc.exe that is in windows
    DESCRIPTION:
    SC is a command line program used for communicating with the
    NT Service Controller and services.
    USAGE:
    sc <server> [command] [service name] <option1> <option2>...

    The option <server> has the form "\\ServerName"
    Further help on commands can be obtained by typing: "sc [command]"
    Commands:

    ozzy

  7. #7
    Senior Member Thorn's Avatar
    Join Date
    Jan 2010
    Location
    The Green Dome
    Posts
    1,509

    Default

    Quote Originally Posted by lupin View Post
    I assume you mean "Is there a way to boot a Windows machine using BackTrack and then change the startup state of a Windows service?"
    Yeah, that was the way I'd read it, too. Apparently, the others had not.

    Quote Originally Posted by lupin View Post
    Its a fairly simple registry change, by editing the DWORD "Start" value under the following path in the SYSTEM hive

    Code:
    \ControlSet<controlset#>\Services\<service_name>\
    The SYSTEM hive file itself is stored under %SystemRoot%\system32\config\system

    This tool can do the registry modification under Linux
    Offline NT Password & Registry Editor
    I still maintain that the person doing this had better have a damned good idea of what they're doing with the registry. One "simple" change can leave a Windows machine unbootable, if it's done in the wrong spot, or to the wrong entry.
    Thorn
    Stop the TSA now! Boycott the airlines.

  8. #8
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    Quote Originally Posted by Thorn View Post
    Yeah, that was the way I'd read it, too. Apparently, the others had not.
    Yes.... I had to think for a bit before I came to that conclusion though.

    Quote Originally Posted by Thorn View Post
    I still maintain that the person doing this had better have a damned good idea of what they're doing with the registry. One "simple" change can leave a Windows machine unbootable, if it's done in the wrong spot, or to the wrong entry.
    True, it is possible to hose windows by changing the wrong registry key. However as registry changes go, this particular one is fairly simple.

    Of course that doesnt mean that the potential consequences will be any less severe if the person making the change stuffs up.

    The System hive would be a particularly bad one to corrupt for example, it would be bad to accidentally delete some of the services keys or set them to disabled (some relate to system drivers), etc, etc. It comes with the territory when editing the registry though. Hopefully the OP is aware of that.

    I assume that if someone asks for a way to do something they are aware of the potential consequences of getting it wrong. That assumption may not be warranted for some people, but if the only potential downside is of them breaking their Windows machine then I generally wont go out of my way to provide a warning or otherwise baby-sit them. (Especially considering that Windows systems are quite capable of breaking all on their own anyway).

    That experience may even provide someone a valuable life lesson on taking backups before making important system changes.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •