Is there a way that I can configure my Windows firewall from a Linux USB? I know you can change alot this way.
Forum Thread: Editing Windows Firewall from Linux
- Hot
- Active
-
Forum Thread:
How to Install VMWare Tools in Kali Linux Rolling 2016
1
Replies
3 hrs ago -
Forum Thread:
Hacking Android Problem!
6
Replies
11 hrs ago -
Forum Thread:
Does iCloud Tell Their Users Anything if You Change Their Password Through Security Questions?
0
Replies
14 hrs ago -
Forum Thread:
How to Remotely Control a Sony Bravia or View Its Contents
0
Replies
16 hrs ago -
Forum Thread:
Can We Send Apk File Which Install in Android without users notice and Then Send Us Audio File and Record Every Bit of
6
Replies
16 hrs ago -
Forum Thread:
DNS Spoofing Doesn't Work
2
Replies
20 hrs ago -
Forum Thread:
Why Do I Want to Be a Hacker? (For Newbies) 2017
4
Replies
1 day ago -
Forum Thread:
MSF Handler Failed Bind to External Ip
3
Replies
1 day ago -
Forum Thread:
How Can Hack Someones Android Phone in Same Wifi Network???
4
Replies
1 day ago -
Forum Thread:
Exploit Failed [Bad-Config] Rex::Bindfailed
2
Replies
1 day ago -
Forum Thread:
[Problem] Meterpreter, Migrate and Antivirus
3
Replies
1 day ago -
Forum Thread:
I Can't Hack Anything with Metasploit
5
Replies
1 day ago -
Forum Thread:
I'm Having Trouble with Metasploit
5
Replies
1 day ago -
Forum Thread:
Windows 10 Exploits
14
Replies
2 days ago -
Forum Thread:
Hacking into Whatsapp Series, Part 2: Phishing.
1
Replies
2 days ago -
Forum Thread:
Need Drivers for TP-Link TL-WN722N on Android.
1
Replies
3 days ago -
Forum Thread:
ZIP Files Sometimes Gives an Error
3
Replies
3 days ago -
Forum Thread:
Error When Opening Excel Files
0
Replies
3 days ago -
Forum Thread:
How to Encrypt a Shellcode ?
0
Replies
4 days ago -
Forum Thread:
Using a Wireless USB Adapter in Kali 2.0
6
Replies
5 days ago
-
How to Use PowerShell Empire:
Getting Started with Post-Exploitation of Windows Hosts
-
How To:
4 Ways to Crack a Facebook Password & How to Protect Yourself from Them
-
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
-
How To:
Simulate a RAT on Your Network with ShinoBOT
-
How To:
Get Unlimited Free Trials Using a "Real" Fake Credit Card Number
-
How To:
Set Up a Headless Raspberry Pi Hacking Platform Running Kali Linux
-
The Hacks of Mr. Robot:
How to Spy on Anyone's Smartphone Activity
-
How To:
Successfully Hack a Website in 2016!
-
How to Hack Wi-Fi:
Capturing WPA Passwords by Targeting Users with a Fluxion Attack
-
How To:
Hack WPA WiFi Passwords by Cracking the WPS PIN
-
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
-
How to Hack Wi-Fi:
Breaking a WPS PIN to Get the Password with Bully
-
How To:
Crack Any Master Combination Lock in 8 Tries or Less Using This Calculator
-
How To:
Hack Android Using Kali (Remotely)
-
How To:
Hack Windows 7 (Become Admin)
-
How To:
Install Kali Live on a USB Drive (With Persistence, Optional)
-
How To:
Locked Out of Your Phone? Here's How You Bypass the Android Pattern Lock Screen
-
How to Hack Wi-Fi:
Build a Software-Based Wi-Fi Jammer with Airgeddon
-
Hack Like a Pro:
How to Secretly Hack Into, Switch On, & Watch Anyone's Webcam Remotely
-
Advice from a Real Hacker:
How to Know if You've Been Hacked
6 Responses
Most Windows firewall settings are located in the registry so Yes, you can modify the firewall using a live Linux distro. You will need "hivexsh" and the hive located on a read/write mounted filesystem. Here is how you would enable File and printer sharing on the standard profile. There's public and domain profiles too.
for example:
mkdir /mnt/win
mount -o rw /dev/sda1 /mnt/win
hivexsh -w /mnt/win/Windows/System32/Config/SOFTWARE
Using HiveXSH:
cd \Policies\Microsoft\WindowsFirewall\StandardProfile\Services\FileAndPrint
ls
setval 3
@
Enabled
dword:0x01
RemoteAddresses
commit
quit
umount /mnt/win
Summary:
Mount Windows drive.
Load Software hive.
Navigate to Firewall profile path.
Add REG-DWORD named Enabled with a value of 1.
Add REG-SZ named RemoteAddresses with a blank value.
Commit changes.
Exit.
If you navigate to WindowsFirewall and there is no StandardProfile key simply create it like so:
cd \Policies\Microsoft\WindowsFirewall\
add StandardProfile
cd StandardProfile
add Services
cd Services
...
Please note the @ represent the "default" for that key space which is why theres a blank line after it. Default = nothing. Also using setval may delete all existing keys at that path so I suggest you do an "ls" to view before typing in setval....
good job sir!
-Phoenix750
With the fileandprint under services is that just an example or where the firewall is located?
This is the registry key created when using group policy to set file and printer sharing. The key and path does not exist by default. I was simply giving you a real world example though. The default list of items that you see in the management console are located at HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules. Take note its the system hive which is also located in the config folder with software. Take a poke around there it's quite obvious how it works.
Say you wanted to disable the firewall:
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile
and
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile
add a REG-DWORD called EnableFirewall with a value of 0x00.
Once again, Group Policy results in this key being set.
Ok thank you for your help! Kudos!
What if I am able to edit the windows firewall from regedit? Where would I find it within that? Are the paths you posted the same?
EDIT: Yes it is, I figured it out
Share Your Thoughts