.

Test network - Windows Firewall

<<

HaoleHero

Newbie
Newbie

Posts: 5

Joined: Sun Sep 11, 2011 1:58 pm

Post Wed Sep 28, 2011 9:23 pm

Test network - Windows Firewall

Got stuck on an issue hoping some of the ethicalhacker.net community would be willing to help me with.

I'm running a VMware test network with 2 xp machines and backtrack 5.  I'm going through the book : Metasploit: The Penetration Testers Guide 

http://www.amazon.com/Metasploit-Penetration-Testers-David-Kennedy/dp/159327288X/ref=sr_1_1?ie=UTF8&qid=1317262561&sr=8-1

I'm able to open a reverse_tcp connection and drop the payload successfully only when windows(xp) firewall is turned off.

My question is this: How can I exploit the system when windows firewall is turned on?  :-\

Anyone know of a good tutorial or book dealing with getting around the firewall?

Thanks!

HH
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Wed Sep 28, 2011 9:30 pm

Re: Test network - Windows Firewall

What exploit are you using?

Unless there is a local port exception made in the Windows firewall that allows the port to be opened and accessed remotely, your only option would be be to use a client side exploit.
<<

HaoleHero

Newbie
Newbie

Posts: 5

Joined: Sun Sep 11, 2011 1:58 pm

Post Wed Sep 28, 2011 9:47 pm

Re: Test network - Windows Firewall

Thanks for the reply!

I'm using the good o'l easy xp ms08_067_netapi with meterpreter payload.

Will a nmap scan like -sT or aggressive -A find the open ports through a firewall?
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Wed Sep 28, 2011 9:54 pm

Re: Test network - Windows Firewall

If the firewall is functioning as designed without any exceptions, then the port wont show up in portscan. That's what firewalls do...block stuff...

For 08 067 you'd have to have a firewall exception for SMB file sharing on port 445 (if I recall, it also works on port 139).
<<

Triban

User avatar

Hero Member
Hero Member

Posts: 620

Joined: Fri Feb 19, 2010 4:17 pm

Post Thu Sep 29, 2011 8:33 am

Re: Test network - Windows Firewall

By default Windows firewall blocks all incoming unless the user adds it as an exception.  So unless you made changes to the XP firewall configuration, you will probably not be successful with the attack.  And even a client-side attack might prove difficult since user interaction may be required to OK the outgoing traffic.  Then again if the user is local admin, you may be able to sneak in the OK through the payload.
Certs: GCWN
(@)Dewser
<<

HaoleHero

Newbie
Newbie

Posts: 5

Joined: Sun Sep 11, 2011 1:58 pm

Post Thu Sep 29, 2011 1:56 pm

Re: Test network - Windows Firewall

Thanks guys, cleared this up for me!  ;)

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 2 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software