Sign in to follow this  
Followers 0
Doppio

Disable Firewall

10 posts in this topic

Hi. I manage a network of about 500 PC's, after doing the windows updates, and running the DST patch I realized that the windows firewall is turned on! that's a problem in my network because most of my users connect to remote applications, and are getting connectivity errors.

Before I go crazy, does anyone know how to disable the firewall using AutoIT?

It would help me a lot.

Thanks

Share this post


Link to post
Share on other sites



An other magic tool is this :

#include <Array.au3>
#include <GUIConstants.au3>
#NoTrayIcon

;$vTarget is who we are getting so lets declare him as ourselfs for presentation sake
$vTarget = "Working As "&@IPAddress1

;The GUI is created here.
GUICreate("DFW-IR - " &$vTarget, 300, 140)

; Show the GUI
GUISetState()

;INPUTBOXES of IP Address for the Target and action button along with a status label
$Target = GuiCtrlCreateInput(@IPAddress1, 5, 20, 0, 0)
$button_1 = GUICtrlCreateButton("Execute", "5", "60", "80", "20", $BS_DEFPUSHBUTTON)
$Status = GUICtrlCreateLabel ("Ready", "90", "60", "100", "25")

;Enable and Disable options options for the firewall
$Radio1 = GUICtrlCreateRadio ("Disable", 205, 50, 120, 20)
$Radio2 = GUICtrlCreateRadio ("Enable", 205, 70, 120, 20)
GUICtrlSetState($Radio1,$GUI_CHECKED)
GUICtrlSetState($Target,$GUI_FOCUS)

;Creating ProgressBar
$ProgressBar = GUICtrlCreateProgress("5","100","180","0")

;This script is to bring down the RI Firewall on the Windows XP Images
Dim $aReg[6]

;Now the arrays are created
$aReg[0] = "\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile /v EnableFirewall /t reg_dword "
$aReg[1] = "\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile /v EnableFirewall /t reg_dword "
$aReg[2] = "/d 00000000 /F"
$aReg[3] = "/d 00000001 /F"
$aReg[4] = "on"
$aReg[5] = "off"

;While 1 keeps the application from stoping
While 1
    $msg = GUIGetMsg()
    $i = 0 ;$i is defined as 0 so the while loop that is later called, for DFW-IR, can be broken
    GUICtrlSetData($ProgressBar,0) ;Setting the progressbar to 0
    
    Select
        Case $msg = $GUI_EVENT_CLOSE
            Exit
        Case $msg = $GUI_EVENT_MINIMIZE
            
        Case $msg = $GUI_EVENT_MAXIMIZE
        
        Case $msg = $button_1
                $i = $i + 1
                While $i = 1
                    
                    ;Here is we get the state of the radio buttons
                    If GUICtrlRead($Radio1) = $GUI_CHECKED Then $x = $aReg[2]
                    If GUICtrlRead($Radio2) = $GUI_CHECKED Then $x = $aReg[3]
                    If GUICtrlRead($Radio1) = $GUI_CHECKED Then $q = $aReg[5]
                    If GUICtrlRead($Radio2) = $GUI_CHECKED Then $q = $aReg[4]
    
                    ;Now the games begin                    
                    $vTarget = GUICtrlRead($Target)
                    GUICtrlSetData($ProgressBar,18)
                    GUICtrlSetData($Status, "Enabling Remote Registry")
                    RunWait(@ComSpec & " /c sc \\" & $vTarget&" config RemoteRegistry start= auto", "C:\", @SW_HIDE)
                    GUICtrlSetData($ProgressBar,38)
                    GUICtrlSetData($Status, "Starting Remote Registry")
                    RunWait(@ComSpec & " /c sc \\" & $vTarget&" start RemoteRegistry", "C:\", @SW_HIDE)
                    GUICtrlSetData($ProgressBar,42)
                    GUICtrlSetData($Status, "Turning "& $q&" firewall for the user")
                    RunWait(@ComSpec & " /c reg add \\" & $vTarget&$aReg[0]&$x, "C:\", @SW_HIDE)
                    GUICtrlSetData($ProgressBar,64)
                    GUICtrlSetData($Status, "Turning "& $q&" firewall for the computer")
                    RunWait(@ComSpec & " /c reg add \\" & $vTarget&$aReg[1]&$x, "C:\", @SW_HIDE)
                    GUICtrlSetData($ProgressBar,79)
                    GUICtrlSetData($Status, "Stoping Remote Registry")
                    RunWait(@ComSpec & " /c sc \\" & $vTarget&" start RemoteRegistry", "C:\", @SW_HIDE)
                    GUICtrlSetData($ProgressBar,95)
                    GUICtrlSetData($Status, "Disabling Remote Registry")
                    RunWait(@ComSpec & " /c sc \\" & $vTarget&" config RemoteRegistry start= auto", "C:\", @SW_HIDE)
                    GUICtrlSetData($ProgressBar,100)
                    GUICtrlSetData($Status, "Process Complete on "&$vTarget)
                    $i = $i + 1
                WEnd
    
    EndSelect           
WEnd

You need to have admin rights on the remote PC to run it.

Regards,

ptrex

Share this post


Link to post
Share on other sites

thank you for your great help!

Share this post


Link to post
Share on other sites

I compiled run your program program and restarted, but I'm not seeing any results, the firewall still there.

Am I missing something?

Share this post


Link to post
Share on other sites

I typed the command but get an error:

the following command wasnot recognized netsh firewall set service REMOTEADMIN ENABLE SUBNET

what is the purpose of typing the command before running the code?

Share this post


Link to post
Share on other sites

Share this post


Link to post
Share on other sites

Hi. I manage a network of about 500 PC's, after doing the windows updates, and running the DST patch I realized that the windows firewall is turned on! that's a problem in my network because most of my users connect to remote applications, and are getting connectivity errors.

Before I go crazy, does anyone know how to disable the firewall using AutoIT?

It would help me a lot.

Thanks

Are you on a domain system (I assume, with 500 pc's)? If you are, then use Group Policy to apply a policy with Computer Configuration\Administrative Templates\Network\Network Connections\Windows Firewall\Domain Policy\Windows Firewall: Protect all network connections set to disabled.

Otherwise, use AutoIt to automate opening gpedit.msc and disabling the same key as above on each computer.


"There are 10 types of people in this world - those who can read binary, and those who can't.""We've heard that a million monkeys at a million keyboards could produce the complete works of Shakespeare; now, thanks to the Internet, we know that is not true." ~Robert Wilensky0101101 1001010 1100001 1101101 1100101 1110011 0110011 1001101 10001110000101 0000111 0001000 0001110 0001101 0010010 1010110 0100001 1101110

Share this post


Link to post
Share on other sites

I tried it on a different PC and worked perfect, thanks everyone for the valuable input.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0