Is there a way that I can configure my Windows firewall from a Linux USB? I know you can change alot this way.
Forum Thread: Editing Windows Firewall from Linux
- Hot
- Active
-
Forum Thread:
How to Train to Be an IT Security Professional (Ethical Hacker)
23
Replies
1 hr ago -
Forum Thread:
BlueBorne - Kali Linux Script?
3
Replies
11 hrs ago -
Forum Thread:
Auditing Worldwide with Masscan & Blockfinder by : [Mohamed Ahmed]
0
Replies
12 hrs ago -
Forum Thread:
Decrypting SSL or TLS Session Traffic with Wireshark
0
Replies
13 hrs ago -
Forum Thread:
If I Installed Metasploit on a Computer Not on the Same Wifi How Do I Get Their Ip Address?
6
Replies
15 hrs ago -
Forum Thread:
Xss for Beginners by [ Mohamed Ahmed ]
0
Replies
19 hrs ago -
Forum Thread:
Hack Whatsapp Account
2
Replies
21 hrs ago -
Forum Thread:
I forgot my fb id password and also email id password. What can i do?
0
Replies
1 day ago -
Forum Thread:
Metasploit with Windows Xp2
0
Replies
1 day ago -
Forum Thread:
How Could I Make a Backup of an Android Game with All of It's Data in an Apk File?
6
Replies
1 day ago -
Forum Thread:
I Need Help with C++
7
Replies
1 day ago -
Forum Thread:
Which Is the Best Premium VPN
2
Replies
1 day ago -
Forum Thread:
How to Hack Wifi Network with CMD
66
Replies
1 day ago -
Forum Thread:
In Microsoft Outlook Failed
0
Replies
1 day ago -
Forum Thread:
How to Install Kali Linux v2.0 Sana on Vmware
8
Replies
1 day ago -
Forum Thread:
How to move Kali Linux to Vmware ???
0
Replies
1 day ago -
Forum Thread:
How Would I Decrypt This?
0
Replies
1 day ago -
Forum Thread:
Whatsapp Mac Spoof
0
Replies
1 day ago -
Forum Thread:
How Is Penetration Testing Take Place Over WAN?
9
Replies
1 day ago -
Forum Thread:
What Does "LHost" and "RHost" Do?
10
Replies
1 day ago
-
How To:
Exploring Kali Linux Alternatives: How to Get Started with BlackArch, a More Up-to-Date Pentesting Distro
-
How To:
4 Ways to Crack a Facebook Password & How to Protect Yourself from Them
-
How To:
Hack Forum Accounts with Password-Stealing Pictures
-
How To:
Use a Virtual Burner Phone to Protect Your Identity & Security
-
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
-
How To:
Hack Windows 7 (Become Admin)
-
How to Hack Wi-Fi:
Capturing WPA Passwords by Targeting Users with a Fluxion Attack
-
How To:
Crack Any Master Combination Lock in 8 Tries or Less Using This Calculator
-
How To:
Set Up a Headless Raspberry Pi Hacking Platform Running Kali Linux
-
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
-
How To:
Successfully Hack a Website in 2016!
-
How To:
Use a Raspberry Pi as a Dead Drop for Anonymous Offline Communication
-
How To:
Crack Wi-Fi Passwords with Your Android Phone and Get Free Internet!
-
Hack Like a Pro:
How to Spy on Anyone, Part 1 (Hacking Computers)
-
How To:
Hack Android Using Kali (Remotely)
-
How To:
Hack a Windows 7/8/10 Admin Account Password with Windows Magnifier
-
Hack Like a Pro:
How to Crack Passwords, Part 1 (Principles & Technologies)
-
How To:
Hack WPA WiFi Passwords by Cracking the WPS PIN
-
The Hacks of Mr. Robot:
How to Spy on Anyone's Smartphone Activity
-
How To:
Get Unlimited Free Trials Using a "Real" Fake Credit Card Number
6 Responses
Most Windows firewall settings are located in the registry so Yes, you can modify the firewall using a live Linux distro. You will need "hivexsh" and the hive located on a read/write mounted filesystem. Here is how you would enable File and printer sharing on the standard profile. There's public and domain profiles too.
for example:
mkdir /mnt/win
mount -o rw /dev/sda1 /mnt/win
hivexsh -w /mnt/win/Windows/System32/Config/SOFTWARE
Using HiveXSH:
cd \Policies\Microsoft\WindowsFirewall\StandardProfile\Services\FileAndPrint
ls
setval 3
@
Enabled
dword:0x01
RemoteAddresses
commit
quit
umount /mnt/win
Summary:
Mount Windows drive.
Load Software hive.
Navigate to Firewall profile path.
Add REG-DWORD named Enabled with a value of 1.
Add REG-SZ named RemoteAddresses with a blank value.
Commit changes.
Exit.
If you navigate to WindowsFirewall and there is no StandardProfile key simply create it like so:
cd \Policies\Microsoft\WindowsFirewall\
add StandardProfile
cd StandardProfile
add Services
cd Services
...
Please note the @ represent the "default" for that key space which is why theres a blank line after it. Default = nothing. Also using setval may delete all existing keys at that path so I suggest you do an "ls" to view before typing in setval....
good job sir!
-Phoenix750
With the fileandprint under services is that just an example or where the firewall is located?
This is the registry key created when using group policy to set file and printer sharing. The key and path does not exist by default. I was simply giving you a real world example though. The default list of items that you see in the management console are located at HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules. Take note its the system hive which is also located in the config folder with software. Take a poke around there it's quite obvious how it works.
Say you wanted to disable the firewall:
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile
and
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile
add a REG-DWORD called EnableFirewall with a value of 0x00.
Once again, Group Policy results in this key being set.
Ok thank you for your help! Kudos!
What if I am able to edit the windows firewall from regedit? Where would I find it within that? Are the paths you posted the same?
EDIT: Yes it is, I figured it out
Share Your Thoughts