Is there a way that I can configure my Windows firewall from a Linux USB? I know you can change alot this way.
Forum Thread: Editing Windows Firewall from Linux
- Hot
- Active
-
Forum Thread:
Eml to PST Conversion
4
Replies
1 hr ago -
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
9
Replies
1 hr ago -
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
7
Replies
20 hrs ago -
Forum Thread:
Msfconsole Error After Msfupdate
7
Replies
2 days ago -
Forum Thread:
How to Track Who Is Sms Bombing Me .
2
Replies
3 days ago -
Forum Thread:
How to Hack CCTV Private Cameras
66
Replies
4 days ago -
Forum Thread:
Metasploit Reverse TCP Listener for Public IP Address
2
Replies
5 days ago -
Forum Thread:
How to Get Router PIN?
11
Replies
5 days ago -
Forum Thread:
Metasploit reverse_tcp Handler Problem
41
Replies
6 days ago -
Forum Thread:
Metasploit - Embedding an Android Payload into a PDF?
8
Replies
1 wk ago -
How to:
HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide]
174
Replies
1 wk ago -
Forum Thread:
How to Get Proxychains to Work?
14
Replies
2 wks ago -
Forum Thread:
Problem with .Apk Payloads
24
Replies
2 wks ago -
Forum Thread:
Create and Use Android/Meterpreter/reverse_tcp APK with Msfvenom?
118
Replies
2 wks ago -
Forum Thread:
Getting Error in Android Meterpreter Session
8
Replies
2 wks ago -
Forum Thread:
So...You Want to Be a Hacker?
23
Replies
2 wks ago -
Forum Thread:
Hacking Facebook,Twitter,Instagram Account Passwords with BruteForce
162
Replies
2 wks ago -
Forum Thread:
Deauth-Ing a Dual Band AP
1
Replies
3 wks ago -
Forum Thread:
PROBLEM After Installing KALI LINUX on MY LAPTOP WHICH Has NOW AFFECTED MY WINDOWS 7 OS (I Wanted to Dual Boot Kali Woth
4
Replies
3 wks ago -
Forum Thread:
How to Find Someones Location by Image
3
Replies
3 wks ago
-
How To:
Hack Android Using Kali (Remotely)
-
How To:
Perform Advanced Man-in-the-Middle Attacks with Xerosploit
-
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
-
How To:
Scan for Vulnerabilities on Any Website Using Nikto
-
How To:
Create a Persistent Back Door in Android Using Kali Linux:
-
How To:
Hunt Down Social Media Accounts by Usernames with Sherlock
-
How To:
Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
-
How To:
Run Kali Linux as a Windows Subsystem
-
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
-
How To:
Find Anyone's Private Phone Number Using Facebook
-
How To:
Hack Wi-Fi & Networks More Easily with Lazy Script
-
How To:
Top 10 Things to Do After Installing Kali Linux
-
How To:
Phish for Social Media & Other Account Passwords with BlackEye
-
How To:
Gain SSH Access to Servers by Brute-Forcing Credentials
-
BT Recon:
How to Snoop on Bluetooth Devices Using Kali Linux
-
How To:
Upgrade a Normal Command Shell to a Metasploit Meterpreter
-
How To:
4 Ways to Crack a Facebook Password & How to Protect Yourself from Them
-
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
-
How To:
Scan Websites for Interesting Directories & Files with Gobuster
-
How To:
Bypass File Upload Restrictions on Web Apps to Get a Shell
5 Responses
Most Windows firewall settings are located in the registry so Yes, you can modify the firewall using a live Linux distro. You will need "hivexsh" and the hive located on a read/write mounted filesystem. Here is how you would enable File and printer sharing on the standard profile. There's public and domain profiles too.
for example:
mkdir /mnt/win
mount -o rw /dev/sda1 /mnt/win
hivexsh -w /mnt/win/Windows/System32/Config/SOFTWARE
Using HiveXSH:
cd \Policies\Microsoft\WindowsFirewall\StandardProfile\Services\FileAndPrint
ls
setval 3
@
Enabled
dword:0x01
RemoteAddresses
commit
quit
umount /mnt/win
Summary:
Mount Windows drive.
Load Software hive.
Navigate to Firewall profile path.
Add REG-DWORD named Enabled with a value of 1.
Add REG-SZ named RemoteAddresses with a blank value.
Commit changes.
Exit.
If you navigate to WindowsFirewall and there is no StandardProfile key simply create it like so:
cd \Policies\Microsoft\WindowsFirewall\
add StandardProfile
cd StandardProfile
add Services
cd Services
...
Please note the @ represent the "default" for that key space which is why theres a blank line after it. Default = nothing. Also using setval may delete all existing keys at that path so I suggest you do an "ls" to view before typing in setval....
With the fileandprint under services is that just an example or where the firewall is located?
This is the registry key created when using group policy to set file and printer sharing. The key and path does not exist by default. I was simply giving you a real world example though. The default list of items that you see in the management console are located at HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules. Take note its the system hive which is also located in the config folder with software. Take a poke around there it's quite obvious how it works.
Say you wanted to disable the firewall:
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile
and
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile
add a REG-DWORD called EnableFirewall with a value of 0x00.
Once again, Group Policy results in this key being set.
Ok thank you for your help! Kudos!
What if I am able to edit the windows firewall from regedit? Where would I find it within that? Are the paths you posted the same?
EDIT: Yes it is, I figured it out
Share Your Thoughts