Discussions

Hacking Windows Firewall

+
1 Votes
Locked

Hacking Windows Firewall

sean
Recently I was presented with a problem,
having been orphaned from the domain (this was intentional as we dont have the
network connectivity where I am) the systems that we are using, now have the
Windows Firewall enabled, this prevents a required application from being able
to scan documents from the scanner to the computer.</span></p>

<p class=MsoNormal><span lang=EN-CA>?</span></p>

<p class=MsoNormal><span lang=EN-CA>After various unsuccessful tries at finding
an article on the internet that would show me how to add items to the firewall
I decided that it could not be that difficult, and tackled the problem myself.</span></p>

<p class=MsoNormal><span lang=EN-CA>?</span></p>

<p class=MsoNormal><span lang=EN-CA>The hack listed below should work if you
are able to get into the registry. Please note that this is not designed to
assist you in bypassing a legitimate block on the firewall, it is intended to
help you if there are defined business reasons for wanting to get through the
firewall.</span></p>

<p class=MsoNormal><span lang=EN-CA>?</span></p>

<p class=MsoNormal><span lang=EN-CA>?</span></p>

<p class=MsoHeader><span lang=EN-CA>?</span></p>

<h6><span lang=EN-CA style='font-size:11.0pt;color:white;background:black;
text-decoration:none'>PART 1:? </span><span lang=EN-CA style='font-size:11.0pt;
color:red;background:black;text-decoration:none'>Warnings</span></h6>

<p class=MsoNormal align=center style='text-align:center'><b><u><span
lang=EN-CA style='font-size:9.0pt;font-family:Tahoma;color:black'><span
style='text-decoration:none'>?</span></span></u></b></p>

<p class=MsoNormal style='margin-left:49.5pt;text-indent:-27.0pt'><span
lang=EN-CA style='font-size:9.0pt;font-family:Tahoma;color:black'>1.<span
style='font:7.0pt "Times New Roman"'>????????????
</span></span><span lang=EN-CA style='font-size:9.0pt;font-family:Tahoma;
color:black'>As always when editing the Registry it is prudent to make a backup
before making any changes. If you do not know how to make a backup then you
should not be making any changes.<br>
<br>
</span></p>

<p class=MsoNormal style='margin-left:49.5pt;text-indent:-27.0pt'><span
lang=EN-CA style='font-size:9.0pt;font-family:Tahoma;color:black'>2.<span
style='font:7.0pt "Times New Roman"'>????????????
</span></span><span lang=EN-CA style='font-size:9.0pt;font-family:Tahoma;
color:black'>Creating exceptions in the Firewall could put your system at risk,
make sure that the changes you make are permitted in the environment the system
resides.<br>
<br>
</span></p>

<p class=MsoNormal style='margin-left:49.5pt;text-indent:-27.0pt'><span
lang=EN-CA style='font-size:9.0pt;font-family:Tahoma;color:black'>3.<span
style='font:7.0pt "Times New Roman"'>????????????
</span></span><span lang=EN-CA style='font-size:9.0pt;font-family:Tahoma;
color:black'>Lastly ? if you do this and somehow wreck the system, don?t blame
me </span><span lang=EN-CA style='font-size:9.0pt;font-family:Wingdings;
color:black'>J</span></p>

<p class=MsoNormal><span lang=EN-CA style='font-size:9.0pt;font-family:Tahoma;
color:black'>?</span></p>

<p class=MsoNormal align=center style='text-align:center'><b><u><span
lang=EN-CA style='font-size:9.0pt;font-family:Tahoma;color:black'><span
style='text-decoration:none'>?</span></span></u></b></p>

<p class=MsoHeader><span lang=EN-CA style='font-size:9.0pt;font-family:Tahoma'>?</span></p>

<h6><span lang=EN-CA style='font-size:11.0pt;color:white;background:black;
text-decoration:none'>PART 2:? Application/Hardware Configuration</span></h6>

<p class=MsoNormal><span lang=EN-CA style='font-family:Tahoma'>?</span></p>

<p class=MsoNormal><span lang=EN-CA style='font-size:9.0pt;font-family:Tahoma'>?</span></p>

<p class=MsoNormal style='margin-left:.75in;text-indent:-31.5pt'><span
lang=EN-CA style='font-size:9.0pt;font-family:Tahoma'>1.<span style='font:7.0pt "Times New Roman"'>????????????
</span></span><span lang=EN-CA style='font-size:9.0pt;font-family:Tahoma;
color:black'>Click <b>Start>Run</b>, type <b>Regedit</b>, press <b>Enter</b>
(if you did not know how to do this, then maybe you should reconsider doing
this.<br>
<br>
</span></p>

<p class=MsoNormal style='margin-left:.75in;text-indent:-31.5pt'><span
lang=EN-CA style='font-size:9.0pt;font-family:Tahoma'>2.<span style='font:7.0pt "Times New Roman"'>????????????
</span></span><span lang=EN-CA style='font-size:9.0pt;font-family:Tahoma'>Click
<b>File>Export</b>, make sure to select <b>All</b>, type in a file name to
an appropriate location and click <b>Save</b>.<br>
<br>
</span></p>

<p class=MsoNormal style='margin-left:.75in;text-indent:-31.5pt'><span
lang=EN-CA style='font-size:9.0pt;font-family:Tahoma'>3.<span style='font:7.0pt "Times New Roman"'>????????????
</span></span><span lang=EN-CA style='font-size:9.0pt;font-family:Tahoma'>Browse
to: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\<br>
<br>
</span></p>

<p class=MsoNormal style='margin-left:.75in;text-indent:-31.5pt'><span
lang=EN-CA style='font-size:9.0pt;font-family:Tahoma'>4.<span style='font:7.0pt "Times New Roman"'>????????????
</span></span><span lang=EN-CA style='font-size:9.0pt;font-family:Tahoma'>From
here browse to: DomainProfile\AutorizedApplications\List<br>
<br>
</span></p>

<p class=MsoNormal style='margin-left:.75in;text-indent:-31.5pt'><span
lang=EN-CA style='font-size:9.0pt;font-family:Tahoma'>5.<span style='font:7.0pt "Times New Roman"'>????????????
</span></span><span lang=EN-CA style='font-size:9.0pt;font-family:Tahoma'>This
is where you are going to make the first entry. You should already see some in
there, and this is where you will have to have an understanding of what you are
reading.</span></p>

<p class=MsoNormal style='margin-left:1.25in;text-indent:-.25in'><span
lang=EN-CA style='font-size:9.0pt;font-family:Tahoma'>a.<span style='font:7.0pt "Times New Roman"'>??????
</span></span><span lang=EN-CA style='font-size:9.0pt;font-family:Tahoma'>Create
a new String Value by right clicking on List and selecting New>String Value</span></p>

<p class=MsoNormal style='margin-left:1.25in;text-indent:-.25in'><span
lang=EN-CA style='font-size:9.0pt;font-family:Tahoma'>b.<span style='font:7.0pt "Times New Roman"'>??????
</span></span><span lang=EN-CA style='font-size:9.0pt;font-family:Tahoma'>Change
the Name of the String Value to point to the executable that you wish to have
allowed, as you will notice from the others listed, it is advisable to use
expressions such as %programfiles%, or %windir% as this will help to allow the
exceptions if the folder in which they are installed is not the default.</span></p>

<p class=MsoNormal style='margin-left:1.25in;text-indent:-.25in'><span
lang=EN-CA style='font-size:9.0pt;font-family:Tahoma'>c.<span style='font:7.0pt "Times New Roman"'>??????
</span></span><span lang=EN-CA style='font-size:9.0pt;font-family:Tahoma'>After
the path you need to insert the follow, leave no spaces. :*:ENABLED:<<i>name></i>,
where <i><name></i> is the name that you want to see in the actual
firewall settings.</span></p>

<p class=MsoNormal style='margin-left:1.25in;text-indent:-.25in'><span
lang=EN-CA style='font-size:9.0pt;font-family:Tahoma'>d.<span style='font:7.0pt "Times New Roman"'>??????
</span></span><span lang=EN-CA style='font-size:9.0pt;font-family:Tahoma'>Double
Click this String and add this as the Value Data for that string.<br>
<br>
</span></p>

<p class=MsoNormal style='margin-left:.75in;text-indent:-31.5pt'><span
lang=EN-CA style='font-size:9.0pt;font-family:Tahoma'>6.<span style='font:7.0pt "Times New Roman"'>????????????
</span></span><span lang=EN-CA style='font-size:9.0pt;font-family:Tahoma'>You
now need to make the same entry in the StandardProfile\List key.<br>
<br>
</span></p>

<p class=MsoNormal style='margin-left:.75in;text-indent:-31.5pt'><span
lang=EN-CA style='font-size:9.0pt;font-family:Tahoma'>7.<span style='font:7.0pt "Times New Roman"'>????????????
</span></span><span lang=EN-CA style='font-size:9.0pt;font-family:Tahoma'>Close
the Registry<br>
<br>
</span></p>

<p class=MsoNormal style='margin-left:.75in;text-indent:-31.5pt'><span
lang=EN-CA style='font-size:9.0pt;font-family:Tahoma'>8.<span style='font:7.0pt "Times New Roman"'>????????????
</span></span><span lang=EN-CA style='font-size:9.0pt;font-family:Tahoma'>Reboot
the Computer<br>
<br>
</span></p>

<p class=MsoNormal style='margin-left:.75in;text-indent:-31.5pt'><span
lang=EN-CA style='font-size:9.0pt;font-family:Tahoma'>9.<span style='font:7.0pt "Times New Roman"'>????????????
</span></span><span lang=EN-CA style='font-size:9.0pt;font-family:Tahoma'>Go to
the <b>Control Panel</b> and open the <b>Windows Firewall</b>.<br>
<br>
</span></p>

<p class=MsoNormal style='margin-left:.75in;text-indent:-31.5pt'><span
lang=EN-CA style='font-size:9.0pt;font-family:Tahoma'>10.<span
style='font:7.0pt "Times New Roman"'>????????
</span></span><span lang=EN-CA style='font-size:9.0pt;font-family:Tahoma'>You
should see the entries under the <b>Exceptions</b> tab.</span></p>

<p class=MsoNormal><span lang=EN-CA>?</span></p>

</div>