Prasanna K

Agenda Setting Up the Environment Introduction Extension Essentials Building a Extension Demo Users Build a Banking a Trojan Building the Trojan

Environment Create a Separate Profile Fill with command for creating a firefox profile and use profile folder

Development Preferences Some of the Development config on fire for ease of development and bug fix. javascript.options.showInConsole = true. Logs errors in chrome files to the Error Console. nglayout.debug.disable_xul_cache = true. Disables the XUL cache so that changes to windows and dialogs do not require a restart. This assumes you're using directories rather than JARs. Changes to XUL overlays will still require reloading of the document overlaid. browser.dom.window.dump.enabled = true. Enables the use of the dump() statement to print to the standard console. See window. dump for more info. You can use nsIConsoleService instead of dump() from a privileged script. javascript.options.strict = true. Enables strict JavaScript warnings in the Error Console. Note that since many people have this setting turned off when developing, you will see lots of warnings for problems with their code in addition to warnings for your own extension. You can filter those with Console 2. extensions.logging.enabled = true. This will send more detailed information about installation and update problems to the Error Console. (Note that the extension manager automatically restarts the application at startup sometimes, which may mean you won't have time to see the messages logged before the automatic restart happens. To see them, prevent the automatic restart by setting the environment NO_EM_RESTART to 1 before starting the application.) nglayout.debug.disable_xul_fastload = true. For Gecko 2.0+ (Firefox 4.0+). See this bug for more information. dom.report_all_js_exceptions = true. See JavaScript Exception Logging

Tools of Trade Komodo Edit IDE (My Fav): Development Environment DOM Inspector: used to inspect and edit the live DOM of any web document or XUL application (Firefox and Thunderbird) Venkman: JavaScript Debugger Console² : Enhanced JavaScript console Firebug : XPCOM Viewer: Exploring XPCOM Components

Firefox extension proxy file Create a file in the extensions folder of the profile of the Firefox File name should match the ID of extension mentioned in the “install.rdf” The content of the file should be the location of the files were the extension is stored.

Getting Started – Extension Development The File layout format is very essential in extension development. Step 1 Create 2 Blank files in the folder(ext root) you in folder you intend to create the extension (install.rdf, chrome. manifest) Step 2 Create 2 Folders (chrome, content): (ext root)-->(Chrome) -->(content)

Extension Development - Contd Step 3 Create 2 files in the content folder (browsers.xul, simple.js) End Result \ install.rdf, chrome. manifest \ browsers.xul simple.js

Install.rdf {ec8030f7-c20a-464f- 9b0e-13a3a9e97384} * hello ISEA IIT Guwahati  XML based format  Directs the Firefox environment about itself and environment the extension can work  Distinct 3 zones  First the ID of the extension  Second Talks about the environment and the version supported  {ec8030f7-c20a-464f-9b0e- 13a3a9e97384} is the ID of Firefox  The last Section is more information on the extension and its creator

chrome. Manifest & Overlay Insert this line in the chrome manifest file “content heloo chrome/content/ “ this line says that for a chrome package hello, we can find its content files at the location chrome/content which is a path relative to the location of “chrome. manifest”. Overlay overlay chrome://browser/content/browser.xul chrome://hello/content/browsersxul This tells Firefox to merge browsers.xul into browser.xul when browser.xul loads. Browser.xul is the main window that we see. Multiple windows exist like preferances, bookmark manager add- ons management, etc… Overlay can be used to display our Xul superimposed in any of these windows.

Browsers.xul <button id="helloWorldButton" label="hello“ insertafter="statusbar- display" oncommand="HelloWorld.onCommand(event)" style="color: blue"/> xul is a XML based User Interface language used by Mozilla. User actions are glued together by JavaScript. The main browser is a xul document. This code will create a blue submit button with label “submit” in the status bar.

browser.js Let HelloWorld ={ onCommand: function(event){ alert(‘Hello World’); } }; Anonymous Function call. Such calls is back bone in extension development

Testing Place the Firefox proxy file in the extensions folder inside the profile we created or in the program files- >Mozzila->Extensions folder. Restart your browser and you sud have your new shiny new extension installed. Welcome to the exciting world of Mozzila Extensions.

Real World Scenario. I had a problem : I was following some friends in Twitter who were Japanese Obviously They tweeted in Japanese, I was no way able to understand what they said. There was only 1 existing solution and it was not meeting my requirement. I decided to write my own extension which translated any foreign language to English at hit of a button.

Work Shop I will help you create a very basic Banking Trojan. Some these concepts can be effectively used to create use real world useful extensions. We will create a extension that would get activated when some one tries to connect to specific URL. It then copies the User Name Password sent in the post and sends to a malicious site.

Trojan We will create the basic structure of the extension as discussed just now. This is a Trojan so we don’t want any user interfaces so we keep the XUL blank but overlay the XUL with browser window. We create Event Listener for window load. The event listener when fired registers a “observe” This observer functionality can be used to intercept all HTTP/s requests.

Trojan – Contd If the url being requested is the one we are looking for we move to the next step. The next step is to copy the POST parameters being sent to the web site We send this content to a malicious website