Burp Suite : Configuring the browser and redirecting traffic

1.   Vide my last post about installing Burp Suite here ,now I move ahead to configure your browser in order to redirect all HTTP/S requests through Burp Proxy, instead of the actual target website. In my case here I am configuring a Mozilla Browser with proxy host address to 127.0.0.1 and the proxy port to 8080 , for both HTTP and HTTPS.The typical configuring of browsers is more or less common with major browsers with minor differences in interfaces.Here next I place you screen shots as I surfed a redirected traffic both for http and https via Burp Suite.First steps to configure Mozilla followed by screen shots :

Configuring Mozilla Firefox

- Click Firefox menu and then Preferences.
- In the Advanced options, under the Network tab, click on connection Settings.
- Select Manual proxy configuration.
- Enter the proxy host address as 127.0.0.1 and the proxy port as 8080.
- Select Use this proxy server for all protocols.
- Make sure to remove all exceptions from the No Proxy for field.
- Click OK and close.

2.   So now you have a working installation of Burp Suite and your browser is properly configured to intercept all requests.Now to test go to the browser, enter any http://www.****** site in the address bar and press Enter . If all is well, Burp Proxy should intercept this request. In Burp Suite,go to the Proxy and Intercept tab and verify that the web request is waiting for your approval.Ensure tha the Intercept on button is enabled; click on it and allow the request to transit through Burp by pressing Forward in Burp Suite Interface. Now in the browser, you should see the http page you entered in address bar.

Now try a https site and you are bound to see this warning as seen below in the screenshot.You will be presented with a This Connection is Untrusted page.In such a case, you are required to manually approve the connection by clicking on I Understand The Risks, then Add Exceptions... and Confirm Security Exception. To make sure that Burp Proxy is actually causing the warning, you click on the certificate status View... and see that the certificate belongs to PortSwigger CA as seen below in one screenshot.

 PortSwigger CA certificate

This setup means that Burp Suite is now ready for use as the traffic is being redirected as desired as per configuration....

Harden PRIVACY : PRIVACY BADGER Tool

1.    Till few years back PRIVACY as a word meant the state of being free from unsanctioned intrusion in physical life from your peers/friends/strangers but the whole meaning has taken a new dimension since Snowden released his HIDDEN FILES last year around June.Today not only NSA but a plethora of third party agencies are after you all to track you..profile you...read you.Though in my earlier posts here,I had given a mention of few tools like disconnect.me,Adblock Plus,Ghostery etc but with time technology has further improved and here in this post I discuss about PRIVACY BADGER that is a browser add-on that stops advertisers and other third-party trackers from secretly tracking where you go and what pages you look at on the web.  If an advertiser seems to be tracking you across multiple websites without your permission, Privacy Badger automatically blocks that advertiser from loading any more content in your browser.  To the advertiser, it's like you suddenly disappeared.Looks Interesting..!!!

3.   Once installed as seen above we get a red hexagon..indicating installed and this has color indicators as follows :

• Green means there's a third party domain, but it hasn't yet been observed tracking you across multiple sites, so it might be unobjectionable. When you first install Privacy Badger every domain will be in this green state but as you browse, domains will quickly be classified as trackers.

• Yellow means that the thirty party domain appears to be trying to track you, but it is on Privacy Badger's cookie-blocking "whitelist" of third party domains that, when analyzed, seemed to be necessary for Web functionality. In that case, Privacy Badger will load content from the domain but will try to screen out third party cookies and supercookies from it.

• Red means that content from this third party tracker has been completely disallowed.

4.   Currently available for CHROME,here I have used the beta for Mozilla browser ...though the site says they will soon release the extension for other browsers incl opera and safari too.....!!!!

Installing Enigmail Add-on on Thunderbird Email Client

This post only brings you the screen shots once you have installed Thunderbird and wish to use Enigmail with OpenPGP encryption..Enigmail is a security extension to Mozilla Thunderbird and Seamonkey. It enables you to write and receive email messages signed and/or encrypted with the OpenPGP standard.Sending and receiving encrypted and digitally signed email is simple using Enigmail.

Reduce Tracking/Increase Privacy : Start Mozilla in PRIVATE MODE by default

1.   Earlier in one of my posts I had shown on how to start chrome in "INCOGNITO" mode to avoid any cache storing and also at the same time remove cookies at the end of the session....the following steps make way to start the mozilla browser by default in a private mode.

2.   As shown in the screen shot below...go to the Edit drop down menu and select preferences and then go to the privacy tab and select NEVER REMEMBER HISTORY

(Click on the image to enlarge)

(Click on the image to enlarge)

(Click on the image to enlarge)

 3.     The video cast below :

Pirate Bay Web browser : Yess!!! it's here....

1.   This is another tool to make you access that you cannot.Majorly known for allowing movie downloads,the pirate bay has launched this browser to celebrate its 10th anniversary....PirateBrowser is a bundle package of the Tor client (Vidalia), FireFox Portable browser (with foxyproxy addon) and some custom configs that allows you to circumvent censorship that certain countries such as Iran, North Korea, United Kingdom, The Netherlands, Belgium, Finland, Denmark, Italy and Ireland impose onto their citizens...

The website at http://piratebrowser.com/ says "PirateBrowser - No more censorship!"

2.  We all have heard of TOR...so you configure that TOR more tightly and should be able to access what is not allowed....while it uses Tor network, which is designed for anonymous surfing, this browser is intended just to circumvent censorship — to remove limits on accessing websites your government doesn't want you to know about....

3.   But except for few of security guys and some extended circle of those guys...the general crowd would still keep using the chrome and Internet browser.....because most of them do not understand the long term effects of invasion of privacy and neither anyone is interested!!!!

CARRY ON....SURFING!!!!!!more at http://piratebrowser.com/

"Terms & Conditions Apply" : Bon Voyage to your Privacy

1.   How many of you actually read the complete word set of "Terms and Conditions" of an application like Chrome browser ,Facebook or some thing like WhatsApp,Truecaller etc.....m sure no one hardly has time for that....ok...just for info please read the excerpt below :

Google's terms of service, for instance, clocks in at 1,711 words, according to an AFP count, not including a separate 2,382-word privacy policy that is still about 1,000 words shorter than the Google Chrome browser policy

Facebook's terms of service clocks in at 4525 words....(I did a word count with a libre office)

WhatsApp terms of service clocks in at 6549 words....(I did a word count with a libre office for this too :-)

2.    So at the above rate for a typical Internet user who installs the regular OS,Word ,PDF,VLC, it would take about 200 hours the equivalent of about one full month of work a year to fully read all the terms and conditions attached to his or her favorite websites.Will any person on earth do it?Now think over the fact that why would a company legally bind every user with thousand of words of legal agreement...what could be the motive...the motive of any company on the web is not just to save its own credibility and ass but the real motive is mining data...that's why most of it is free...why would chrome be free or for that matter why so many applications are free?...I am not trying to demean the OPENSOURCE community here who are doing a great job and I am a strict FOSS for that matter...but I would like to focus on other applications like WhatsApp,Truecaller...and so many uncountable Android,Gaba,Windows mobile applications etc....

3.   A simple click by you on Accepting the Terms and Conditions of the the application company allows your consent to online lives being archived, shared with third parties or passed on to government agencies without notice....and that's a very very serious privacy breach today when we know that in another about 4-5 years to come when our digital dependence would be like never before...this can mean havoc....for example a school student who has a home computer based on pirated or for this matter even genuine OS with loads of software's with separate set of terms and conditions.....will have his/her literally whole life profile including his FB posts,his/her preferences,his phone calls,his phone contacts,audio recordings,photographs,his/her secrets of life and anything that can be his/her privacy attribute known to the third parties with whom he has no concern...and these third parties will have their ways and means to effect his/her life in so many ways then....!!!!!

Browser Updates

1.   Without emphasizing on the need of why we should always keep our browsers updated,I am briefly bringing out here how to check and update your browsers.These browsers are invariably the most commonly used one's ...so I just updated few of them although the browsers exists in plenty!!!!

Firstly

To check the version of your Web Browser, Open the  Browser 

and do the following actions :

For Opera Browser

Click on “Main Menu > Help > About Opera”.

For Firefox

Click “Main Menu >Help> About Firefox.

For Internet Explorer

Press Alt+H and Click on “About Internet Explorer”.

For Apple Safari

Press Alt+H and Click on “About Safari”.

Secondly

To check whats the latest version doing the surfing....i advise two options...either you can simply ask google or check form the respective websites of the web browser...or another easy(but third party) way out is to check the latest versions available for download at http://www.filehippo.com/software/internet/browsers/

Browser fight continues : CHROME continues topping too!!!

1.    Not long back we all have seen or might have experienced when violent and pornographic images were fed across facebook profiles of FB friends without the knowledge of the online FB user when he used to simply click on a tempting link!!!!All that happened owing to so many malwares but the exact launching vulnerability was indeed in the BROWSER!!!!!

2.    The openweb is full of options for seemingly good browsers viz Mozilla Firefox, Google Chrome, and Microsoft’s Internet Explorer. But who is the best?.....though when u google u find so may individual claims but third party tests are always welcome on such issues...specially when they have huge evidence to support....like few years back I posted on ACID3 test for the browsers...this one comes from Accuvant...and its actually huge in terms of a conclusive report that's 139 pages in toto......:-)

3.   The full report can be accessed by clicking here...so the Accuvant study revealed that Chrome ranks as the most secure web browser when compared to Internet Explorer and Firefox. Interestingly, German government named Chrome the most secure browser, perhaps lending weight to the study. 

4.   The criteria to test these browsers included factors like ASLR,GS,Sandboxing,JIT Security etc as shown below :

(CLICK ON THE IMAGE TO ENLARGE)

5.   Please google if you wish to know the criteria factors mentioned above in the image.Thanks http://www.accuvant.com/

The Lightest Browser : BROWZAR

1.  In the world of browsers when we have chrome...mozilla...safari...opera..and many others.fight it out at ACID3 benchmarking levels...we have a small browser here....thats only in KBs....by the name of BROWZAR.Few good things and features are mentioned below :

-  Takes seconds to download

-  No installation

-  No registration

-  One of the smallest, fastest browsers in the world

-   Just download and go

-   Doesn't save Cookies, History, Temp files, Passwords, Cache

-   Secure delete

-   Great for Banking and Cloud applications

-   Carry it with you on a USB stick

-   Great for shared computers

-   Use it on a friend's PC, Internet Cafe, Work PC, on Holiday

-   Automatically cleans up when you've finished

-   Only 222Kb...u read that right!!!only 222Kb

2.   Test and Download at http://www.browzar.com/.

Full stop from being tracked online :An attempt from FIREFOX

1.  Firefox is working on a system which will provision web surfers to stop from being tracked online.We all know how  behemoths viz Google,Facebook and a plethora of OWMs use such information to sell targeted adverts and make money without ever asking the consent of the user.Such a move would be welcomed by privacy campaigners who have long complained that Google & Facebook are taking indecorums with the information .Currently these information seeking companies make use of 'cookies' that automatically save themselves onto users computer when they surf the web, and then keep a track of the browsing history.This data is then sold on to advertisers who put highly lucrative targeted ads on the individual's screen, depending on what internet pages they have recently been looking at. 

2.  Vice president of engineering at Mozilla,Mike Shaver,summed up the plan by saying the aim was to "put the user in control but not overwhelm them".And this would not only be a welcome step being used against information thefts but also actually be a booon for users who have been taken on a ride for so long on which they never ever desired to also......

Mozilla @ Prone again!!!!

1.    Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware.

2.    Thanks http://www.us-cert.gov

Here comes Trojan-PWS-Nslogm to steal Passwords and credentials from Mozilla

1. I am sure we all endeavor to keep the antivirus updated,keep the OS patch updated,keep cleaning registries,keep cleaning browser history at regular intervals,keep ensuring regular complete scan of the precious PC Machine that we own....we all do this to ensure that we r safe while we browse...now read further to find out how it all goes in vain even with the best and leading browser company......

2. Antivirus company Webroot have identified an information extracting trojan, which alters a Firefox file, so that the browser stores passwords automatically.The trojan is named as Trojan-PWS-Nslogm and is capable of stealing usernames and passwords stored by both Internet Explorer and Firefox browsers.By default, whenever Firefox detects that login credentials are submitted through a Web form, it offers to remember them for future use.When this happens, the user is presented with several options which include "Remember", "Never for This Site" or "Not Now". If they choose remember, the browser stores the username and password in a local database.Since it's easier to steal credentials from this database instead of injecting the browser process and grabbing them as they are submitted, the author of this trojan thought it would make more sense to have Firefox remember all passwords without asking users for confirmation.To achieve this, he created a routine to patch the nsLoginManagerPrompter.js file in the Firefox installation by adding new code and commenting out some already existent lines."The Trojan then scrapes information from the registry, from the so-called Protected Storage area used by IE to store passwords, and from Firefox’s own password storage, and tries to pass the stolen information onward, once per minute," Andrew Brandt, a malware researcher at Webroot, explains.

3. The password stealer installs itself in the c:\windows\system32 folder as a file called Kernel.exe. The captured data is send to a command and control server via a deprecated ActiveX control called msinet.ocx.

4. So kya solution hai?...whats the solution to this?...simply stop using internet....just joking...solution being worked out still at FIREFOX labs.Thanks http://news.softpedia.com

MOZZILA Firefox & GERMANY

1. In another notable policy implementation involving IT aspect and signifying the importance of browser ,German government and administration has suggested computer users not to use Firefox and run an alternative browser instead, because of a critical security demerit. It has recommended that PC users stop using Firefox till Mozilla releases a fix.

2. The advice is based on studies and recommendations of BurgerCERT,a division of German Federal Office for Security in Information Technology. The reason why Germany is evoking such ostensibly forceful action is based on the presence of a critical vulnerability in currently available versions of Firefox that could be exploited by hackers to launch malicious code on users' computers.

3. For its part, Mozilla has acknowledged the security vulnerability, and has released the latest version of its Firefox web browser ahead of schedule because of security vulnerabilities found in earlier versions.Firefox 3.6.2 was due to launch at the end of March, but is already available to download from the Mozilla website.

4. Any advises or thoughts from the MOD(IT) INDIA.....none!!!!!!

5. Thanks http://www.computerweekly.com

Google Binged!!!! - My 100th Post

1. For so many days wanting to upload some post but just could'nt find anthing so interesting before I read about this.

2. From the time Bing was introduced and pitted against arch rival Google,there have been talks and forums across proving each others superiority over each other.Now for the first time some one Big has come up with this.....it follows down..please read!!!

3. A Mozilla official today advised Firefox users to the extension that adds Microsoft's Bing to the list of the browser's search engines after Google's CEO downplayed consumers' privacy concerns.

4. Citing a clip from a CNBC broadcast shown below, during which Google chief executive Eric Schmidt discussed online privacy, During the interview, Google chief executive Eric Schmidt was asked: "People are treating Google like their most trusted friend...should they be?" It was Schmidt's answer that motivated Dotzler to show users how to drop Google, Firefox's default search engine, for rival Bing.

"IF YOU HAVE SOMETHING THAT YOU DON'T WANT ANYONE TO KNOW, MAYBE YOU SHOULDN'T BE DOING IT IN THE FIRST PLACE," SCHMIDT TOLD CNBC. "IF YOU REALLY NEED THAT KIND OF PRIVACY, THE REALITY IS THAT SEARCH ENGINES, INCLUDING GOOGLE, DO RETAIN THIS INFORMATION FOR SOME TIME AND IT'S IMPORTANT, FOR EXAMPLE, THAT WE ARE ALL SUBJECT IN THE UNITED STATES TO THE PATRIOT ACT AND IT IS POSSIBLE THAT ALL THAT INFORMATION COULD BE MADE AVAILABLE TO THE AUTHORITIES," ADDED SCHMIDT.

5. Asa Dotzler, Mozilla's director of community development, then on provided a link to the Firefox extension that adds Bing to Firefox's search engine list.

6. Google chief executive Eric Schmidt would be now trying to undo his statement in some form but the arrow has been shot….and the dent on the google is seen……so googler’s Be ware now on!!!!!!

7. Thanks http://www.computerworld.com