| Monday November 24th 2014

Feedburner

Subscribe by email:

We promise not to spam/sell you.


Search Amazon deals:

How to Turn Your Browser Into a Weapon


On Monday, I wrote about three of my favorite Firefox extensions that help me stay safe when I’m browsing the darker areas of the Web and incoming email. Today, let’s look at three other extensions: Those that can turn Firefox into a feature-filled, Web-hacking weapon. These extensions aren’t required to use Firefox for hacking Web applications, but they certainly make it a lot easier.

If I could only install one “offensive” extension, it would absolutely be Tamper Data. In the past, I used Paros Proxy and Burp Suite for intercepting requests and responses between my Web browser and the Web server. These tasks can now be done within Firefox via Tamper Data — without configuring the proxy settings.

If the Website you’re trying to break into requires a unique cookie, referrer, or user-agent, intercept the request with Tamper Data before it gets sent to the Web server. Then, add or modify the attributes you need and send it on. It’s even possible to modify the response from the Web server before the Web browser interprets it. It’s a very nice tool for anyone interested in Web application security.

Paros and Burp both have features not yet available in Tamper Data, such as site spidering and vulnerability scanning. Switching over to one of them as a proxy is much easier with SwitchProxy, which helps you quickly configure Firefox to use Paros and Proxy. It’s not a purely “offensive” extension, but SwitchProxy it makes the configuration of proxies for Firefox much quicker.

The Web Developer extension is another must-have. This extension has too many features to list, and I typically find a new one each time I use it. Some of the features include editing practically every aspect of the page (HTML, CSS, cookies), viewing all elements in the page in a sort of WYSIWIG way, and converting form submission methods from POSTs to GETs and vice versa. I use it primarily for dissecting Web pages, but it comes in handy to convert the POSTs to GETs in order to easily manipulate the values in the URL address bar.

User Agent Switcher makes Firefox appear to be another browser, version, or base OS. This is something that can be done manually with Tamper Data, but with User Agent Switcher, it’s a simple click of a menu option.

The ability to change the user agent — to make Firefox running on Mac OS X appear to be Internet Explorer on Windows XP, for example — can be handy when the Website limits what content is shown to Firefox users. The Storm worm was doing some user agent checking before sending exploit code to Internet Explorer clients. If I viewed the page with Firefox, I didn’t see the code, but when I changed the user agent to Internet Explorer, I was able to receive the exploit code — although it was ineffective against Firefox.

Firebug is an extension that’s designed to help Web developers debug their Javascript applications, but it is great when trying to get a handle on an AJAX site. I’ve found it useful primarily when I’m doing analysis of a Website that’s hosting malicious, obfuscated JavaScript. There is a command line interface in Firebug that allows me to enter different functions and obfuscated chunks of code in order to find out exactly what is taking place.

As with Monday’s list, this list is not meant to be comprehensive. All of these Firefox extensions are tools I use regularly when performing Web application assessments and malicious JavaScript analysis. If you’re interested in learning more about Web application security, try out these extensions and use them to explore sites you’re familiar with. This should help you get a feel for how they work before attempting to hack a particular Website. Good luck.

Related Posts: On this day...

Leave a Reply

You must be logged in to post a comment.