Thursday, 22 November 2012

Customizing Firefox to Always Auto Save Password Without Showing Notification



Hello To all The Mindbenders,
While I was screening through the new posts in my blog to see if there are any spam and also any key-logger topic that I can help, I saw an interesting question asked by Karan. He wanted to know if there is anyway to make Firefox auto save password without clicking the Remember button. In Firefox, even if you have the option “Remember passwords for sites” checked in Tools > Options > Security, the browser will still ask the question “Would you like to remember the password for “Username” on website.com?” with three selections which are “Remember Password”, “Never Remember Password for This Site” and “Not Now”. The earlier version of Firefox 3 displays a notification bar at the top of the web browser while from version 4 until the current version 17 displays a popup notification at the top left.



Modifying Firefox to auto save the login information to the Firefox Saved Passwords manager without prompting was easy for version 3 because you can directly edit the JS files from the program’s folder to apply the changes. However, the file structure was a bit different starting from Firefox 4 until the current version . We researched and found that it is still possible to force Firefox to auto save the password without the popup notification.

For Firefox 3, all you need to do is edit the nsLoginManagerPrompter.js file with a text editor preferably Notepad++ located in C:\Program Files\Mozilla Firefox\componenets\ folder. Search for the showSaveLoginNotification : function and replace the whole code that is highlighted in yellow…

nsLoginManagerPrompter



With the following code(text in red):

var pwmgr = this._pwmgr;
pwmgr.addLogin(aLogin);

The end result would look like the image below.

Firefox auto save password without notification bar


Save the changes that you’ve made on the nsLoginManagerPrompter.js file and whenever you login to any website, Firefox will auto save the site, username and password to the login manager WITHOUT showing the notification bar. You can access the saved password area by going to 
Tools > Options > Security and click the Saved Passwords button. There is one possible bug which is even when a user entered the wrong username or password, it will still be saved.

As for Firefox 4, it gets slightly difficult because the nsLoginManagerPrompter.js file is archived in an omni.jar file located at C:\Program Files\Mozilla Firefox\ folder.

Starting from Firefox 5, you may have noticed that editing the nsLoginManagerPrompter.js inside omni.jar file does not work. The Firefox developing team did not fix the bug nor improve the security but instead they optimized it further by making Firefox load a compiled binary version of the nsLoginManagerPrompter.js file instead of the raw and editable JS file. Here is what you need to do to enable auto password saving on Firefox 5 and above. Do take note that the omni.jar file has been renamed to omni.ja starting from Firefox 10.

1. Use WinRAR, PowerArchiver or WinZIP to open the omni.jar or omni.ja file from C:\Program Files\Mozilla Firefox\ folder.

2. Navigate to jsloader\resource\gre\components\ and delete the nsLoginManagerPrompter.js file.

Delete nsLoginManagerPrompter.js


3. Go back to the root of omni.jar or omni.jar, and navigate to components folder. Edit the nsLoginManagerPrompter.js file and replace the whole showSaveLoginNotification : function as shown earlier. Save the changes and go back to the archiver. Click the Yes button when the archiver prompts you to update the archive with the updated file.

If you are having difficulty in following all the steps above, we provide an already modified version of omni.ja file for Windows version of Firefox 17 which can be downloaded by clicking here or click here for Mac OS X. Simply download and save it to C:\Program Files\Mozilla Firefox\ folder in Windows. In Mac OS X, click Go at the Finder toolbar, select Applications, right click on Firefox and select Show Package Contents. Open Contents folder and copy the omni.ja to the MacOS folder. Remember to backup the original omni.ja file in case you want to restore back the changes.

Important Notes:
1. Whenever Firefox gets updated, most likely the omni.ja file will be reverted to the original





How to Install BackTrack 5 Proper Tutorial



For Security Researchers who wants to do penetration testing or some extra in Security Field then Backtrack 5 is a good choice...

First you need to download backtrack 5 from this link 

http://www.backtrack-linux.org/downloads/ 

and also download UNetbootin which is required For Creating Live Usb Of backtrack

http://unetbootin.sourceforge.net/ 

Requirement :
1. USB (Flash Drive) (Minimum USB Drive capacity 4 GB)
2. Backtrack 5 ISO file, md5sum verified(which is available on above link)
3. UNetbootin

Procedure to burn your USB.
> Plug in ur USB Drive
> Format the USB drive to FAT32
> Start Unetbootin and select the "diskimage" option, choose a BackTrack 5 ISO file which u've    
    downloaded at the first of this tutorial.
> Select the amount of space to use for persistence in MB (optional)
> Select your USB drive and click "OK" for creating a bootable BackTrack USB drive
> Once rebooted, remember that the default username is root and password toor

Your USB is ready to install BackTrack5...

first of all Boot the Backtrack Live Environment.
At the bash prompt, type startx to enter the GUI.
Double click the install-Backtrack.sh which u can see on the Desktop.

step by step Installation process...
Select the language and click on the forward button.
Select ur geographical location and time zone den click on the forward button.
Choose ur keyboard layout, or leave default.
now in the next screen choose the "Erase and use the entire disk" option If you Want To Format your whole hard drive and install only backtrack in a single partition, 
or  choose "manually advanced" option to select the drive you want to format and install backtrack.
and click Forward.
the next screen will show you the installation options, make sure everything is fine then click on forward button to start installation process.
when installation will finish you'll need to press the restart button and then enjoy Backtrack 5.

NOTE : default user name is : root and pass : toor

Dont forget to change it...
you can also use BackTrack 5 with different operating systems like Win XP, Win 7,etc with dual boot setup.
K33p growing, And K33p Yourself updated.

I Enjoyed the whole tutorial While Blogging.
Comments are welcomed...