Editing Windows Firewall from Linux
Is there a way that I can configure my Windows firewall from a Linux USB? I know you can change alot this way.
Forum Thread: Editing Windows Firewall from Linux
- Hot
- Active
-
Forum Thread:
Needing Help Setting Up Wifi on Linux
10
Replies
3 hrs ago -
Forum Thread:
Somebody Help Me to Hack SKM World Online Game
1
Replies
11 hrs ago -
Forum Thread:
TL WN722N Usb Not Detected in Kali Linux 2017.1
14
Replies
13 hrs ago -
Forum Thread:
I Am Being Hacked Like Mr. Robot.
9
Replies
14 hrs ago -
Forum Thread:
How Can I Install Ferret Sidejack in Kali?
1
Replies
16 hrs ago -
Forum Thread:
I Am Working on Hacking Facebook Account. I Need Members to Guide It for Me.
3
Replies
18 hrs ago -
Forum Thread:
instaBrute Help Required.
20
Replies
18 hrs ago -
Forum Thread:
I'm Not Able to Create a How-to Article
1
Replies
18 hrs ago -
Forum Thread:
Manipulating Packets in a Mitm Attack with Airbase-Ng
2
Replies
19 hrs ago -
Forum Thread:
Somebody help me to hack this online game. The apk name is SKM World and I need coin 1000B and gem 500000
3
Replies
22 hrs ago -
Forum Thread:
My Friends Facebook Hacked..
13
Replies
23 hrs ago -
Forum Thread:
Answer My Question Please!
9
Replies
1 day ago -
Forum Thread:
Problems with TL-WN722N V2 (Monitor Mode)
12
Replies
1 day ago -
Forum Thread:
How to Hack a Android Phone Connected on a Same Wifi Router
19
Replies
1 day ago -
Forum Thread:
Hack Cheating Wife's Windows 7 Admin Password
11
Replies
1 day ago -
Forum Thread:
Aireplay-Ng "No Such BSSID Available"
7
Replies
1 day ago -
Forum Thread:
Any IT-Experts Here?
7
Replies
2 days ago -
Forum Thread:
Hack a Smart Tv?
2
Replies
2 days ago -
Forum Thread:
How I Fixed My MITM Attack
6
Replies
2 days ago -
Forum Thread:
My First Website Scan with Nikto, I Need Help.
0
Replies
2 days ago
-
How To:
Exploit Routers on an Unrooted Android Phone
-
How To:
4 Ways to Crack a Facebook Password & How to Protect Yourself from Them
-
How to Hack Wi-Fi:
Automating Wi-Fi Hacking with Besside-ng
-
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
-
Hack Like a Pro:
How to Secretly Hack Into, Switch On, & Watch Anyone's Webcam Remotely
-
Recon:
How to Research a Person or Organization Using the Operative Framework
-
How to Hack Wi-Fi:
Capturing WPA Passwords by Targeting Users with a Fluxion Attack
-
How To:
Successfully Hack a Website in 2016!
-
How To:
Crack Any Master Combination Lock in 8 Tries or Less Using This Calculator
-
How To:
Set Up a Headless Raspberry Pi Hacking Platform Running Kali Linux
-
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2017
-
How To:
Get Unlimited Free Trials Using a "Real" Fake Credit Card Number
-
Hack Like a Pro:
How to Hack Facebook, Part 2 (Facebook Password Extractor)
-
How To:
Scrape Target Email Addresses with TheHarvester
-
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
-
How To:
Seize Control of a Router with RouterSploit
-
How To:
Hack Windows 7 (Become Admin)
-
How To:
Hack Android Using Kali (Remotely)
-
Hack Like a Pro:
How to Find Vulnerabilities for Any Website Using Nikto
-
Hack Like a Pro:
How to Spy on Anyone, Part 1 (Hacking Computers)
6 Responses
Most Windows firewall settings are located in the registry so Yes, you can modify the firewall using a live Linux distro. You will need "hivexsh" and the hive located on a read/write mounted filesystem. Here is how you would enable File and printer sharing on the standard profile. There's public and domain profiles too.
for example:
mkdir /mnt/win
mount -o rw /dev/sda1 /mnt/win
hivexsh -w /mnt/win/Windows/System32/Config/SOFTWARE
Using HiveXSH:
cd \Policies\Microsoft\WindowsFirewall\StandardProfile\Services\FileAndPrint
ls
setval 3
@
Enabled
dword:0x01
RemoteAddresses
commit
quit
umount /mnt/win
Summary:
Mount Windows drive.
Load Software hive.
Navigate to Firewall profile path.
Add REG-DWORD named Enabled with a value of 1.
Add REG-SZ named RemoteAddresses with a blank value.
Commit changes.
Exit.
If you navigate to WindowsFirewall and there is no StandardProfile key simply create it like so:
cd \Policies\Microsoft\WindowsFirewall\
add StandardProfile
cd StandardProfile
add Services
cd Services
...
Please note the @ represent the "default" for that key space which is why theres a blank line after it. Default = nothing. Also using setval may delete all existing keys at that path so I suggest you do an "ls" to view before typing in setval....
good job sir!
-Phoenix750
With the fileandprint under services is that just an example or where the firewall is located?
This is the registry key created when using group policy to set file and printer sharing. The key and path does not exist by default. I was simply giving you a real world example though. The default list of items that you see in the management console are located at HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules. Take note its the system hive which is also located in the config folder with software. Take a poke around there it's quite obvious how it works.
Say you wanted to disable the firewall:
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile
and
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile
add a REG-DWORD called EnableFirewall with a value of 0x00.
Once again, Group Policy results in this key being set.
Ok thank you for your help! Kudos!
What if I am able to edit the windows firewall from regedit? Where would I find it within that? Are the paths you posted the same?
EDIT: Yes it is, I figured it out
Share Your Thoughts