#1
|
|||
|
|||
Interesting Code for Windows XP SP2 Firewall
Hi Guys,
I found some juicy articles on the web on bypassing or programming with Windows XP SP2 Firewall hxxp://weblogs.asp.net/sjoshi/archive/2004/07/07/175309.aspx hxxp://danagonistes.blogspot.com/2004/06/windows-xp-service-pack-2-and-windows.html hxxp://www.unixwiz.net/techtips/xp-sp2.html Enjoy |
#2
|
||||
|
||||
The material collection and collation is not extremely easy, laborious. Extremely good material.
__________________
�����ԧ�ѧާާߧ�� ��ҧ֧��֧�֧ߧڧ� �ӧ�����ܧ� �� Windows Crack ���ҧ��֧ߧڧ� ���ѧ�-Dabei Guanyin ����է�ڧ�ѧ��ӧ� ���ѧ� �ҧ֧� �ާڧ�ѧҧ��
|
#3
|
|||
|
|||
Have a look at
Code:
HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile Code:
AuthorizedApplications\List Code:
GloballyOpenPorts\List I've found that even with your application name in AuthorizedApplications, the program will still be suspended if you do UDP broadcasting, that's why I also mentioned GloballyOpenPorts. Format of the keys are (for AuthorizedApplications): Code:
int nValueLen = wsprintf( szRegValue, "%s:*:Enabled:%s", szFileName, szProgBaseName ); RegSetValueEx( hKey, szFileName, 0, REG_SZ, (PBYTE) szRegValue, nValueLen ); Code:
const char* szEnableMe = "1234:UDP:*:Enabled:Happy Program"; RegSetValueEx( hKey, "1234:UDP", 0, REG_SZ, (PBYTE) szEnableMe, strlen(szEnableMe) ); If your program will always be at a specified location, you can even use a .REG file. |
#4
|
|||
|
|||
Nice. One more weak personal firewall - just like all personal firewalls. The good thing about the others is, that no one has to use them. This one is integrated into the operating system (althoug it can be turned off). I don't like the way Windows develops into an operating system for stupid dumbasses, with automated updates, integrated firewall, and all that crap. A software-engineer, developing a network-tool, has to cope with these "great features", has much more service-requests (because many of the super-intelligent customers deny all network-access for the program - "to be safe"), and in the end pays the bill for Microsoft - just because there are so many idiots out there, who continously turn their machines into virus-spreadings-engines...
|
#5
|
|||
|
|||
Very nice SGDT...
Windows XP firewall is a total joke! and with all personal firewalls all you have to do is inject your code directly into internet explorer's EXE and you will bypass mst of them anyway (cause people ignore trafic caused by IE) |
#6
|
||||
|
||||
Nice Information, Thanks!
|
#7
|
||||
|
||||
but you should not forget most new firewalls catches written memory into other processes and block them.
|
#8
|
|||
|
|||
hi,
as redbull said, bypass firewalls is very easy injecting code in browser process... so, below is my code for doing such, in c it create the default browser as a suspended process, overwrite entrypoint with a code to load all dlls our process will need (and that can be different from the ones the browser load), and then signal that we can continue, overwriting the whole browser memory image with out one so, with this routine, we dont need delta or similars hacks... any program (with a smaller memory image than browser) can run with browser inet permissions vecna ps: different of what MaRKuS-DJM said, i guess that some firewalls hook CreateRemoteThread(), and no memory writes... i still dont found problems with the code below |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Windows debugger that can run code on breakpoint? | jonwil | Community Tools | 5 | 01-17-2022 21:28 |
The Windows XP source code was allegedly leaked online | DARKER | General Discussion | 21 | 11-20-2020 02:30 |
(Q) .NET App Source Code Protection (Silverlight, Windows Phone, Windows 8) | delidolunet | General Discussion | 7 | 08-02-2013 10:33 |