In Response to Sunbelt’s Saving Login Details in Firefox Without Notification

Posted: March 3rd, 2011 | Author: | Filed under: IT Related | Tags: , , , | No Comments »

Morning.. 🙂

If you have come across Sunbelt’s blog post today on “Saving login details in Firefox without notification“, where password can be force to be saved to the Firefox (password manager) without any notification to the user. Yeah, its bad. But whats the autocomplete=”off” on the form? 🙂

Here is my solution for that (sorry if I made things worse)

1) Open up nsLoginManager.js in the following directory (depending on your operating system)

  • Mac OS : /Applications/Firefox.app/Contents/MacOS/components/
  • Linux (in my case, Ubuntu) : /usr/lib/firefox-3.6.14/components/nsLoginManager.js  # <= where 3.6.14 is your Firefox version
  • Windows : C:\Program Files\Mozilla Firefox\components\

2) Look for this function : “_isAutocompleteDisabled : function (element)” and comment out the function body from the following code

  _isAutocompleteDisabled : function (element) {
    if (element && element.hasAttribute("autocomplete") &&
        element.getAttribute("autocomplete").toLowerCase() == "off")
        return true;
    return false;
  },

into something like this:

  _isAutocompleteDisabled : function (element) {
    // if (element && element.hasAttribute("autocomplete") &&
    //     element.getAttribute("autocomplete").toLowerCase() == "off")
    //     return true;
    return false;
  },

3) Restart your Firefox and wallaaa! 🙂

P/S: you can simply uncomment the lines to revert but remember that if you want to clear the saved password, you can do it from the Password Manager (Preferences > Security > Saved Passwords > Remove All)

Protected: Android Trojan : ADRD

Posted: February 18th, 2011 | Author: | Filed under: IT Related | Enter your password to view comments.

This content is password protected. To view it please enter your password below:

Route – Default Gateway

Posted: February 17th, 2011 | Author: | Filed under: IT Related | 4 Comments »

Its just the route you dumb ass! You change the route and you’ll get the heaven. I know nobody that is more stupid than your team 🙂

Windowshttp://www.aoddy.com/2007/11/10/how-to-change-default-gateway-on-windows-by-command-line/

BSDhttp://www.cyberciti.biz/faq/freebsd-setup-default-routing-with-route-command/

Linuxhttp://www.cyberciti.biz/faq/linux-setup-default-gateway-with-route-command/

Find Vulnerable SCADA Systems with Shodan

Posted: November 10th, 2010 | Author: | Filed under: IT Related | Tags: , | 5 Comments »

Here are some useful queries:

  • http://www.shodanhq.com/?q=port:161+country:US+simatic
  • http://www.shodanhq.com/?q=PLC
  • http://www.shodanhq.com/?q=allen+bradley
  • http://www.shodanhq.com/?q=fanuc
  • http://www.shodanhq.com/?q=Rockwell
  • http://www.shodanhq.com/?q=Cimplicity
  • http://www.shodanhq.com/?q=Omron
  • http://www.shodanhq.com/?q=Novatech
  • http://www.shodanhq.com/?q=Citect
  • http://www.shodanhq.com/?q=RTU
  • http://www.shodanhq.com/?q=Modbus+Bridge
  • http://www.shodanhq.com/?q=modicon
  • http://www.shodanhq.com/?q=bacnet
  • http://www.shodanhq.com/?q=telemetry+gateway
  • http://www.shodanhq.com/?q=SIMATIC
  • http://www.shodanhq.com/?q=hmi
  • http://www.shodanhq.com/?q=siemens+-…er+-Subscriber
  • http://www.shodanhq.com/?q=scada+RTS
  • http://www.shodanhq.com/?q=SCHNEIDER
  • http://www.shodanhq.com/?q=port%3A161+simatic
  • http://www.shodanhq.com/?q=telemetry+gateway
  • http://www.shodanhq.com/?q=%22cisco-ios%22%20%22last-modified%22

Erk.. How to exploit?

  1. Default password (uhukk uhukk WinCC)
  2. http://reversemode.com/index.php?option=com_content&task=view&id=65&Itemid=1
  3. http://www.elladodelmal.com/2010/05/shodan-y-sistemas-scada.html
  4. [..]

What else to exploit ?

MySQLTuner : High-performance MySQL optimization script

Posted: November 9th, 2010 | Author: | Filed under: IT Related | Tags: , , | No Comments »

MySQLTuner is a script written in Perl that will assist you with your MySQL configuration and make recommendations for increased performance and stability. Within seconds, it will display statistics about your MySQL installation and the areas where it can be improved.

It’s key to remember that MySQLTuner is a script which can assist you with your server, but it is not the solution to a badly performing MySQL server. The best performance gains come from a thorough review of the queries sent to the server, and an evaluation of the MySQL server itself. A qualified developer in your application’s programming or scripting language should be able to work with a MySQL database administrator to find improvements for your server. Once the server and application are optimized well, you may need to consider hardware upgrades to the physical server itself.

[Read more]

Seriously it would increase your MySQL performance and save your time!

« Older Entries
Newer Entries »