Windows Recovery–Load Registry

Ok, today I locked-out myself from one of my dedicated servers.. how? I changed the RDP-Port in the Registry:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp

WindowsRegistryRDPPortKey

And then, I FORGOT to add the new Port to the so called ‘Windows Firewall with Advanced Security’ .. it was like a lighting strike in my body when I clicked ‘restart Server’

Logo_winlogo

So, I used putty to open an SSH connection to the server. Easy I thought, REG ADD “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp” /t REG_DWORD /v PortNumber /d d3d /f

noooo, Access Denied .. ok, UAC is enabled .. tried to figure out if there’s a way to elevate the prompt .. but didn’t find a route/solution .. so I decided to reboot the server in Windows Recovery Mode, started regedit.exe and used load hive to load the SYSTEM Hive (found under C:\Windows\System32\Config). entered a name for the temporary hive, changed the PortNumber (always use CurrentControlSet1 – it’s the last successful config) and unloaded the hive.. then I remembered that I read an article about editing the registry ‘offline’ using reg.exe .. just to verify if the changed values have really been written in the SYSTEM Registry I used:

reg load HKLM\Win_SYSTEM C:\windows\system32\config\system
reg query "HKLM\Win_SYSTEM\ControlSet001\Control\Terminal Server\WinStations\RDP-Tcp"
reg unload HKLM\Win_SYSTEM

and see what I got:

WindowsRegistryLoad_Unload_RegQueryRDP_PortNumber

another option is to disable the Firewall completely using this bat/cmd file:

@echo off
:start
echo ****************************************************************
echo *                                                              *
echo *             1 : Disable Windows firewall on server           *
echo *                                                              *
echo *             2 : Enable Windows firewall on server            *
echo *                                                              *
echo ****************************************************************
 set /p choice= choose What to do:
 if not %choice%=='' set choice=%choice:~0,1%

 if %choice%==1 goto Menu1

 if %choice%==2 goto Menu2

 echo %choice% WRONG option, choose 1 or 2
 goto start

 :Menu1
reg load HKLM\Win_SYSTEM C:\windows\system32\config\system
reg.exe add "HKEY_LOCAL_MACHINE\Win_SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile" /v "EnableFirewall" /t REG_DWORD /d "0" /f
reg.exe add "HKEY_LOCAL_MACHINE\Win_SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile" /v "EnableFirewall" /t REG_DWORD /d "0" /f
reg.exe add "HKEY_LOCAL_MACHINE\Win_SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile" /v "EnableFirewall" /t REG_DWORD /d "0" /f
reg unload HKLM\Win_SYSTEM
@echo on
@echo Firewall Disabled !
@echo off
goto end

 :Menu2

reg load HKLM\Win_SYSTEM C:\windows\system32\config\system
reg.exe add "HKEY_LOCAL_MACHINE\Win_SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile" /v "EnableFirewall" /t REG_DWORD /d "1" /f
reg.exe add "HKEY_LOCAL_MACHINE\Win_SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile" /v "EnableFirewall" /t REG_DWORD /d "1" /f
reg.exe add "HKEY_LOCAL_MACHINE\Win_SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile" /v "EnableFirewall" /t REG_DWORD /d "1" /f
reg unload HKLM\Win_SYSTEM
@echo on
@echo Firewall Enabled !
@echo off
goto end

:end
pause

maybe this is of help for someone..

Leave a Reply

Your email address will not be published. Required fields are marked *