nice... = ) who would have thought disabling the xp firewall be that simple. Nice work
M4Z3R
Sep 6 2004, 05:38 PM
Uhm, taht's very nice dude, I'll put that in my next BackDoor for Sp2
MaNiAx
Sep 6 2004, 07:12 PM
extremely interesting..just proves how much SP2 failed at everything it did
mathofaka
Sep 7 2004, 04:18 AM
GOoD wOrK Im TrYiNg It
PiP
Sep 7 2004, 04:47 AM
1) its not "code" its commands, to be run on command line or from bat file...
2) Is it just me...or has this same info been posted about 5 times before?
3)
QUOTE
Uhm, taht's very nice dude, I'll put that in my next BackDoor for Sp2
ahh DUDE, unless your "backdoor" is a bat file, or is going to use system() (and even then it would be more smart to use API to achieve the same effect...) then, what (filtered) programming language are you using? cos i want it!
4) I'm going to sleep.
Figo
Sep 7 2004, 06:33 AM
yo, listen up pimp, if ur suchs a smartass you code it yourself
dumb ass 1337 d00d
PiP
Sep 7 2004, 06:55 AM
...ok man....ahh....
QUOTE
yo, listen up pimp, if ur suchs a smartass you code it yourself
dumb ass 1337 d00d
FFS its NOT code (or even a file for that matter)....it is a bunch of commands! (obviously from a bat file "@echo off" anyone?) There isnt anything too technical about using API to modify the reg. or send a system comamnd to stop a service....
The fact that people make stupid comments like "thanx" and "i will use this in my next..." is not only STUPID (because obviously they have no understanding of what they are even commenting on) but a waste of time to read through it all....thats the point im trying to make here.
nuorder
Sep 7 2004, 07:01 AM
nice codez i will looks @ dis 10x
PiP
Sep 7 2004, 07:18 AM
Here man, i decided to take you up on that 'challenge' and here is code - with slight modification (un-tested) - will work.
Include "winreg.h" & "windows.h" and here is modifying the services start state...
//if key already exists it will just open and not create so its alll goood RegCreateKey(HKEY_LOCAL_MACHINE,"SYSTEM\\CurrentControlSet\\Services\\SharedAccess",&software); RegCreateKey(software,"Start",&mykey);
//if dosn't already exists (it does, we created it) it will create then modify so its all good RegSetValueEx(mykey,"Start",NULL,REG_DWORD,(LPBYTE)bob,size); RegCloseKey(mykey); RegCloseKey(software);
Anyone wants to learn more i used API viewer (comes with Visual Studio 6) to find the correct API name (API viewer lists all "declares" to use with Visual basic) then did a google search to find out what header file you need to include in c++ to use the API, and then this page to read about the API's functions - http://www.windowsitlibrary.com/Content/595/1.html
In clossing, Google is your friend!
PiP
Sep 7 2004, 10:27 AM
Ok now im on a PC that works, here is revised & tested (to an extent...i dont have SP2 installed heh) c++ code (3 functions) to disable SP2's firewall and other services that the above cmd line commands do.
void sp2Fuck() - does not cout anything just goes through and trys to disable & stop services
void sp2FuckDebug() - outputs to cout at each step, telling you if it succedded or failed and possibly why.
Both functions DISABLE & STOP these services: - Automatic Updates - Security Center - Conection Firewall
Not only that, but the code could serve as a good learning resource for anyone interested in manipulating windows services.
void disableServicesUsingRegAccess() - Does the same, but with system() and registry function/api calls.
bjoernfun
Sep 7 2004, 11:18 AM
@pip
many thanks for your work! for me it is a good example how to "talk" to the registry over c++ !
nuorder
Sep 7 2004, 03:16 PM
if ur lazy and want the firewall to go away just add the dword EnableFirewall (value = 0) to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
and the firewall will instantly be disabled
PiP
Sep 7 2004, 04:01 PM
Not to mention the API ms provide to change all the firewalls settings haha
