Disable/ Enable Windows Firewall


After we have successfully exploited a system and have a shell, we may want to alter the host firewall so that we can leverage other services to further exploit or enumerate the system.

Usually this will not trigger any alarms and can be done on the Windows command line like so…..

(Be sure to clean up your tracks afterward and revert the firewall to it’s previous state)

Enable the Firewall:

netsh firewall set opmode enable

Disable the Firewall:

netsh firewall set opmode disable

Enable specific port examples:

netsh firewall add portopening TCP 3389 RDP - (enables RDP)
netsh firewall add portopening UDP 500 IKE ENABLE ALL

Disable specific port examples:

netsh firewall delete portopening TCP 80 -  (disables HTTP)
netsh firewall delete portopening UDP 500

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *