Editing Windows Firewall from Linux
Is there a way that I can configure my Windows firewall from a Linux USB? I know you can change alot this way.
Forum Thread: Editing Windows Firewall from Linux
- Hot
- Active
-
Forum Thread:
Script on Android?
0
Replies
3 hrs ago -
Forum Thread:
Beginner
0
Replies
4 hrs ago -
Forum Thread:
How to Crack Window Password with Kali Live Usb
7
Replies
8 hrs ago -
Forum Thread:
How to Hack a Website to Edit It
12
Replies
8 hrs ago -
Forum Thread:
What Do Professional Hackers Do When No Vulnerabilities Can Be Found
4
Replies
8 hrs ago -
Forum Thread:
Route HTTP Request Through Remote PC? WAN
0
Replies
13 hrs ago -
Forum Thread:
Tp-Link wn722n Usb Porblem with Kali Linux.
51
Replies
18 hrs ago -
Forum Thread:
Mobile Hotspot Port Forwarding
11
Replies
20 hrs ago -
Forum Thread:
Meterpreter with Proxy or TOR
8
Replies
20 hrs ago -
Forum Thread:
How to Run and Install Kali Linux on a Chromebook
7
Replies
1 day ago -
Forum Thread:
Hacking Devices Without Payload?!
3
Replies
1 day ago -
Forum Thread:
Can I Access Admin Page Through an Unauthorized IP ?
0
Replies
1 day ago -
Forum Thread:
This Is a Question I've Always Wanted to Ask(Need Answers from Experienced Hackers)
5
Replies
1 day ago -
Forum Thread:
How to Use Metasploit to Hack Android Phones Over WAN Using Your Own Android Hotspot. (Expert Hackers).
2
Replies
1 day ago -
Reverse Connection Fails:
Metasploit
8
Replies
1 day ago -
Forum Thread:
How to Test Payloads on the Same Computer on Different Networks (With Pictures)
0
Replies
2 days ago -
Forum Thread:
Dot Know What Is Actually Going on with My Kali System. I Think It's a Serious Issue with Terminal
2
Replies
2 days ago -
Forum Thread:
How To Know If an Open Ports is Vulnerable
4
Replies
3 days ago -
Forum Thread:
How to Hack Wifi Network with CMD
56
Replies
3 days ago -
Forum Thread:
Windows 10 Exploits
13
Replies
3 days ago
-
How To:
Sieze Control of a Router with Routersploit
-
How To:
4 Ways to Crack a Facebook Password & How to Protect Yourself from Them
-
How To:
Wardrive with the Kali Raspberry Pi to Map Wi-Fi Devices
-
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
-
How To:
Successfully Hack a Website in 2016!
-
Hack Like a Pro:
How to Spy on Anyone, Part 1 (Hacking Computers)
-
How To:
Hack Android Using Kali (Remotely)
-
How To:
The Hacks Behind Cracking, Part 1: How to Bypass Software Registration
-
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
-
How To:
Crack Any Master Combination Lock in 8 Tries or Less Using This Calculator
-
How To:
Get Unlimited Free Trials Using a "Real" Fake Credit Card Number
-
How to Hack Wi-Fi:
Capturing WPA Passwords by Targeting Users with a Fluxion Attack
-
How To:
Set Up a Headless Raspberry Pi Hacking Platform Running Kali Linux
-
Hack Like a Pro:
How to Crack Passwords, Part 4 (Creating a Custom Wordlist with Crunch)
-
Hack Like a Pro:
How to Secretly Hack Into, Switch On, & Watch Anyone's Webcam Remotely
-
Hack Like a Pro:
Getting Started with Kali, Your New Hacking System
-
How To:
Embed a Metasploit Payload in an Original .Apk File | Part 2 – Do It Manually
-
Hack Like a Pro:
How to Hack Facebook, Part 2 (Facebook Password Extractor)
-
How to Hack Wi-Fi:
Breaking a WPS PIN to Get the Password with Bully
-
How To:
Hack Windows 7 (Become Admin)
6 Responses
Most Windows firewall settings are located in the registry so Yes, you can modify the firewall using a live Linux distro. You will need "hivexsh" and the hive located on a read/write mounted filesystem. Here is how you would enable File and printer sharing on the standard profile. There's public and domain profiles too.
for example:
mkdir /mnt/win
mount -o rw /dev/sda1 /mnt/win
hivexsh -w /mnt/win/Windows/System32/Config/SOFTWARE
Using HiveXSH:
cd \Policies\Microsoft\WindowsFirewall\StandardProfile\Services\FileAndPrint
ls
setval 3
@
Enabled
dword:0x01
RemoteAddresses
commit
quit
umount /mnt/win
Summary:
Mount Windows drive.
Load Software hive.
Navigate to Firewall profile path.
Add REG-DWORD named Enabled with a value of 1.
Add REG-SZ named RemoteAddresses with a blank value.
Commit changes.
Exit.
If you navigate to WindowsFirewall and there is no StandardProfile key simply create it like so:
cd \Policies\Microsoft\WindowsFirewall\
add StandardProfile
cd StandardProfile
add Services
cd Services
...
Please note the @ represent the "default" for that key space which is why theres a blank line after it. Default = nothing. Also using setval may delete all existing keys at that path so I suggest you do an "ls" to view before typing in setval....
good job sir!
-Phoenix750
With the fileandprint under services is that just an example or where the firewall is located?
This is the registry key created when using group policy to set file and printer sharing. The key and path does not exist by default. I was simply giving you a real world example though. The default list of items that you see in the management console are located at HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules. Take note its the system hive which is also located in the config folder with software. Take a poke around there it's quite obvious how it works.
Say you wanted to disable the firewall:
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile
and
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile
add a REG-DWORD called EnableFirewall with a value of 0x00.
Once again, Group Policy results in this key being set.
Ok thank you for your help! Kudos!
What if I am able to edit the windows firewall from regedit? Where would I find it within that? Are the paths you posted the same?
EDIT: Yes it is, I figured it out
Share Your Thoughts