Tuesday, 27 November 2012

Making BackTrack5 look like XP | Social Engineering

Hello to All The Mindbenders,
Okay, so the first thing you’re wondering is 
Why the hell would you want to do this?

Well the answer becomes more obvious when the scenario is set:
You’re on a social engineering job and you’ve managed to gain access to the target building, you walk around for a bit to see if any of the desks look free. After a while you decide to sit down at what seems like an unoccupied desk. You calmly pull out your laptop and turn it on. As the laptop is booting you start looking for an Ethernet cable to plug into your laptop, you find one and plug it in. Social engineering phase complete, pentest about to start. The hard work is over and the fun is about to begin…. until, someone walks past your laptop and sees you’re bright red coloured BackTrack wall paper.
this one is nice trick just keep it low. you know what i mean.
you dont want to have that Big red dragon logon on your screen. let them tought it was a noob OS lol :P

You’re no longer being stealthy, the wallpaper looks aggressive and the nature of your visit is becoming a concern to the other workers who realise they’ve never seen you before. Next thing you know you’ve been collared by security and before you know it you’ve kicked out of the building, all because of the wallpaper on your laptop!
This script originally came from here but I have neatened it up and got it working with BackTrack. So the idea of this script is to make it quick to turn your BackTrack5 gnome build into something that resembles Windows XP to help you blend in with the crowd.
The package can be downloaded from here (please don’t hotlink as I might move the file to a different server to cope with all the downloads….):



Sunday, 25 November 2012

Customizing Backtrack 5 by Devender Mahto



Thursday, 22 November 2012

Customizing Firefox to Always Auto Save Password Without Showing Notification

Hello To all The Mindbenders,
While I was screening through the new posts in my blog to see if there are any spam and also any key-logger topic that I can help, I saw an interesting question asked by Karan. He wanted to know if there is anyway to make Firefox auto save password without clicking the Remember button. In Firefox, even if you have the option “Remember passwords for sites” checked in Tools > Options > Security, the browser will still ask the question “Would you like to remember the password for “Username” on website.com?” with three selections which are “Remember Password”, “Never Remember Password for This Site” and “Not Now”. The earlier version of Firefox 3 displays a notification bar at the top of the web browser while from version 4 until the current version 17 displays a popup notification at the top left.

Modifying Firefox to auto save the login information to the Firefox Saved Passwords manager without prompting was easy for version 3 because you can directly edit the JS files from the program’s folder to apply the changes. However, the file structure was a bit different starting from Firefox 4 until the current version . We researched and found that it is still possible to force Firefox to auto save the password without the popup notification.

For Firefox 3, all you need to do is edit the nsLoginManagerPrompter.js file with a text editor preferably Notepad++ located in C:\Program Files\Mozilla Firefox\componenets\ folder. Search for the showSaveLoginNotification : function and replace the whole code that is highlighted in yellow…


With the following code(text in red):

var pwmgr = this._pwmgr;

The end result would look like the image below.

Firefox auto save password without notification bar

Save the changes that you’ve made on the nsLoginManagerPrompter.js file and whenever you login to any website, Firefox will auto save the site, username and password to the login manager WITHOUT showing the notification bar. You can access the saved password area by going to 
Tools > Options > Security and click the Saved Passwords button. There is one possible bug which is even when a user entered the wrong username or password, it will still be saved.

As for Firefox 4, it gets slightly difficult because the nsLoginManagerPrompter.js file is archived in an omni.jar file located at C:\Program Files\Mozilla Firefox\ folder.

Starting from Firefox 5, you may have noticed that editing the nsLoginManagerPrompter.js inside omni.jar file does not work. The Firefox developing team did not fix the bug nor improve the security but instead they optimized it further by making Firefox load a compiled binary version of the nsLoginManagerPrompter.js file instead of the raw and editable JS file. Here is what you need to do to enable auto password saving on Firefox 5 and above. Do take note that the omni.jar file has been renamed to omni.ja starting from Firefox 10.

1. Use WinRAR, PowerArchiver or WinZIP to open the omni.jar or omni.ja file from C:\Program Files\Mozilla Firefox\ folder.

2. Navigate to jsloader\resource\gre\components\ and delete the nsLoginManagerPrompter.js file.

Delete nsLoginManagerPrompter.js

3. Go back to the root of omni.jar or omni.jar, and navigate to components folder. Edit the nsLoginManagerPrompter.js file and replace the whole showSaveLoginNotification : function as shown earlier. Save the changes and go back to the archiver. Click the Yes button when the archiver prompts you to update the archive with the updated file.

If you are having difficulty in following all the steps above, we provide an already modified version of omni.ja file for Windows version of Firefox 17 which can be downloaded by clicking here or click here for Mac OS X. Simply download and save it to C:\Program Files\Mozilla Firefox\ folder in Windows. In Mac OS X, click Go at the Finder toolbar, select Applications, right click on Firefox and select Show Package Contents. Open Contents folder and copy the omni.ja to the MacOS folder. Remember to backup the original omni.ja file in case you want to restore back the changes.

Important Notes:
1. Whenever Firefox gets updated, most likely the omni.ja file will be reverted to the original