Multiple Logins of Gmail and Orkut through firefox

Just follow the following steps and you will be able to login in gmail and orkut with multiple accounts. Through this you will be able to make profiles in your firefox.

Step 1:
Open system properties(by right clicking my computer), choose tab advanced, click to environment variables button. in system variables section, click new. type this information to each textbox.

Step 2:
variable name: moz_no_remote (should be all small letter).

variable value: 1

Step 3:
open firefox icon's properties(from desktop and quick launch). add extension -p to command line(like "c:\program files\mozilla firefox\firefox.exe" -p). press ok.
When you will open firefox it will prompt for profile selection create a profile,open firefox login to orkut open once more use another profile login.

Read More

Google search tips for hacking

Google search engine can be used to hack into remote servers or gather confidential or sensitive information which are not visible through common searches.

Google is the world’s most popular and powerful search engine. It has the ability to accept pre-defined commands as inputs which then produces unbelievable results.

Google’s Advanced Search Query Syntax

Discussed below are various Google’s special commands and I shall be explaining each command in brief and will show how it can be used for getting confidential data.

[ intitle: ]

The “intitle:” syntax helps Google restrict the search results to pages containing that word in the title.

intitle: login password


will return links to those pages that has the word "login" in their title, and the word "password" anywhere in the page.

Similarly, if one has to query for more than one word in the page title then in that case “allintitle:” can be used instead of “intitle” to get the list of pages containing all those words in its title.

intitle: login intitle: password


is same as

allintitle: login password


[ inurl: ]

The “inurl:” syntax restricts the search results to those URLs containing the search keyword. For example: “inurl: passwd” (without quotes) will return only links to those pages that have "passwd" in the URL.

Similarly, if one has to query for more than one word in an URL then in that case “allinurl:” can be used instead of “inurl” to get the list of URLs containing all those search keywords in it.

allinurl: etc/passwd


will look for the URLs containing “etc” and “passwd”. The slash (“/”) between the words will be ignored by Google.

[ site: ]

The “site:” syntax restricts Google to query for certain keywords in a particular site or domain.

exploits site:hackingspirits.com


will look for the keyword “exploits” in those pages present in all the links of the domain “hackingspirits.com”. There should not be any space between “site:” and the “domain name”.

[ filetype: ]

This “filetype:” syntax restricts Google search for files on internet with particular extensions (i.e. doc, pdf or ppt etc).

filetype:doc site:gov confidential


will look for files with “.doc” extension in all government domains with “.gov” extension and containing the word “confidential” either in the pages or in the “.doc” file. i.e. the result will contain the links to all confidential word document files on the government sites.


[ link: ]

“link:” syntax will list down webpages that have links to the specified webpage.

link:www.expertsforge.com


will list webpages that have links pointing to the SecurityFocus homepage. Note there can be no space between the "link:" and the web page url.


[ related: ]

The “related:” will list web pages that are "similar" to a specified
web page.

related:www.expertsforge.com


will list web pages that are similar to the Securityfocus homepage. Note there can be no space between the "related:" and the web page url.


[ cache: ]

The query “cache:” will show the version of the web page that Google
has in its cache.

cache:www.hackingspirits.com


will show Google's cache of the Google homepage. Note there can be no space between the "cache:" and the web page url.

If you include other words in the query, Google will highlight those words within the cached document.

cache:www.hackingspirits.com guest


will show the cached content with the word "guest" highlighted.

[ intext: ]

The “intext:” syntax searches for words in a particular website. It ignores links or URLs and page titles.

intext:exploits


will return only links to those web pages that has the search keyword "exploits" in its webpage.


[ phonebook: ]

“phonebook” searches for U.S. street address and phone number information.

phonebook:Lisa+CA


will list down all names of person having “Lisa” in their names and located in “California (CA)”. This can be used as a great tool for hackers incase someone want to do dig personal information for social engineering.

Google Hacks

Well, the Google’s query syntaxes discussed above can really help people to precise their search and get what they are exactly looking for.

Now Google being so intelligent search engine, hackers don’t mind exploiting its ability to dig much confidential and secret information from the net which they are not supposed to know. Now I shall discuss those techniques in details how hackers dig information from the net using Google and how that information can be used to break into remote servers.

Index Of

Using “Index of ” syntax to find sites enabled with Index browsing

A webserver with Index browsing enabled means anyone can browse the webserver directories like ordinary local directories. The use of “index of” syntax to get a list links to webserver which has got directory browsing enabled will be discussd below. This becomes an easy source for information gathering for a hacker. Imagine if the get hold of password files or others sensitive files which are not normally visible to the internet. Below given are few examples using which one can get access to many sensitive information much easily.

Index of /admin
Index of /passwd
Index of /password
Index of /mail

"Index of /" +passwd
"Index of /" +password.txt
"Index of /" +.htaccess

"Index of /secret"
"Index of /confidential"
"Index of /root"
"Index of /cgi-bin"
"Index of /credit-card"
"Index of /logs"
"Index of /config"


Looking for vulnerable sites or servers using “inurl:” or “allinurl:”

a. Using “allinurl:winnt/system32/” (without quotes) will list down all the links to the server which gives access to restricted directories like “system32” through web. If you are lucky enough then you might get access to the cmd.exe in the “system32” directory. Once you have the access to “cmd.exe” and is able to execute it.


b. Using “allinurl:wwwboard/passwd.txt”(without quotes) in the Google search will list down all the links to the server which are vulnerable to “WWWBoard Password vulnerability”. To know more about this vulnerability you can have a look at the following link:

http://www.securiteam.com/exploits/2BUQ4S0SAW.html

c. Using “inurl:.bash_history” (without quotes) will list down all the links to the server which gives access to “.bash_history” file through web. This is a command history file. This file includes the list of command executed by the administrator, and sometimes includes sensitive information such as password typed in by the administrator. If this file is compromised and if contains the encrypted unix (or *nix) password then it can be easily cracked using “John The Ripper”.

d. Using “inurl:config.txt” (without quotes) will list down all the links to the servers which gives access to “config.txt” file through web. This file contains sensitive information, including the hash value of the administrative password and database authentication credentials.

For Example: Ingenium Learning Management System is a Web-based application for Windows based systems developed by Click2learn, Inc. Ingenium Learning Management System versions 5.1 and 6.1 stores sensitive information insecurely in the config.txt file. For more information refer the following
links: http://www.securiteam.com/securitynews/6M00H2K5PG.html

Other similar search using “inurl:” or “allinurl:” combined with other syntax


inurl:admin filetype:txt
inurl:admin filetype:db
inurl:admin filetype:cfg
inurl:mysql filetype:cfg
inurl:passwd filetype:txt
inurl:iisadmin
inurl:auth_user_file.txt
inurl:orders.txt
inurl:"wwwroot/*."
inurl:adpassword.txt
inurl:webeditor.php
inurl:file_upload.php

inurl:gov filetype:xls "restricted"
index of ftp +.mdb allinurl:/cgi-bin/ +mailto


Looking for vulnerable sites or servers using “intitle:” or “allintitle:”

a. Using [allintitle: "index of /root”] (without brackets) will list down the links to the web server which gives access to restricted directories like “root” through web. This directory sometimes contains sensitive information which can be easily retrieved through simple web requests.

b. Using [allintitle: "index of /admin”] (without brackets) will list down the links to the websites which has got index browsing enabled for restricted directories like “admin” through web. Most of the web application sometimes uses names like “admin” to store admin credentials in it. This directory sometimes contains sensitive information which can be easily retrieved through simple web requests.

Other similar search using “intitle:” or “allintitle:” combined with other syntax

intitle:"Index of" .sh_history
intitle:"Index of" .bash_history
intitle:"index of" passwd
intitle:"index of" people.lst
intitle:"index of" pwd.db
intitle:"index of" etc/shadow
intitle:"index of" spwd
intitle:"index of" master.passwd
intitle:"index of" htpasswd
intitle:"index of" members OR accounts
intitle:"index of" user_carts OR user_cart

allintitle: sensitive filetype:doc
allintitle: restricted filetype :mail
allintitle: restricted filetype:doc site:gov


Other interesting Search Queries

· To search for sites vulnerable to Cross-Sites Scripting (XSS) attacks:

allinurl:/scripts/cart32.exe
allinurl:/CuteNews/show_archives.php
allinurl:/phpinfo.php

To search for sites vulnerable to SQL Injection attacks:

allinurl:/privmsg.php
allinurl:/privmsg.php

Read More

Hack Passwords in Firefox

Whenever you log in to a website using your username and password, you'll be prompted by Firefox whether you'd like Firefox to remember this password.


If you click on Remember, the next time you visit the website, it'll automatically enter the username and password for your convenience.

Now, back to the topic. Let's say you saved your GMail password in Firefox. After months or years gone by and you don't remember the password you set for my GMail. You started to panic and desperately need to get back your GMail password.

Don't worry, here's how you can find the hidden GMail password in Firefox.

Firefox is much better than Internet Explorer in terms of managing "remembered" logins. In Internet Explorer, there is no built-in feature where you can manage or view your saved login information. That's why you need third party tools to reveal the passwords hidden under asterisks. As for Firefox, you can access remembered passwords with a few clicks.


To view your remembered passwords in Firefox browser, go to Tools, and click on Options. Go to Security tab and click on the Show Passwords button. A remember password dialog box will appear. Click on the Show Passwords button again and a new column with password will appear.

Read More

Setup and Use PROXY with Firefox

This is a simple guide on how to use proxy with Mozilla Firefox Browser:

If you use proxies, you can:

a) download as many time you like using Rapidshare.de

b) Use Megaupload if your country slot is limited.

c) Enhance your privacy (no one can whois you)

d) Avoid hacker

e) Download faster (some proxies containe internet cache)

To get free proxies, go here

How to setup proxy:

Older Version: Go to tools>option>general>connection
Latest Version: Go to tools>options>advanced>network>settings


Enter setting like this screenshot: make sure that you change the proxy address.

Read More

28 Coolest Firefox About:Config Tricks

You may have installed countless add-on in Firefox to enhance your using experience, but if you want to get the most out of Firefox, you really have to hack your way into theabout:config.


The about:config page contains most (if not, all) of Firefox configuration options. It is so far the most effective, and the most powerful way to tweak and enhance your Firefox performance. Here are 28 of the popular tweaks.

Accessing your about:config page
In your Firefox, type about:config in the address bar.


You will be shown a warning page. Click the “I’ll be careful, I promise!” button to proceed.






On the main page, you will see a long list of configuration entries. Enter the name of the key you want to update in the “Filter” field. The list will narrow to only the entries that match your keyword as you type.

To modify the value, simply double click on the entry value field and update the entry. That’s all!

Isn’t that simple? Now, let’s get to the tweaking.
1) Adjust the Smart Location Bar’s Number of Suggestions

In Firefox 3, when you start typing in the location bar, a drop-down list of suggestion URLs will be shown. If you want it to show more than 12 suggestions (12 is the default), you can adjust the browser.urlbar.maxRichResults keys and get it to show the number you want.



Config name: browser.urlbar.maxRichResults
Default: 12

Modified value: Set to your desired number of suggestion. If you want to disable it all together, set it to -1

2) Disable the session restore function
Firefox 3 automatically saves your session every 10 secs so that whenever it crashes, it can restore all your tabs. While this is a useful feature, some of you might find it irritating. To disable this function, toggle the value of browser.sessionstore.enabled to False
Config name: browser.sessionstore.enabled

Default: True
Modified value: False if you want to disable the session restore function

3) Adjust the Session Restore Saving Frequency

Same as above, if you decided to keep the session restore feature on, but want to reduce the session saving frequency, change the value of browser.sessionstore.interval so that Firefox will save the session at a longer interval.


Config name: browser.sessionstore.interval
Default: 10000 (in msecs, equivalent to 10secs)

Modified value: Set it to your desired value. 1000 means 1 sec and 60000 means 1 minute.


4) Enable Advanced Color Profile Support


Firefox has this advanced color profile features that display higher image quality. It is not enabled by default as it has a negative effect on the performance of the browser. If you are concern with the image quality rather than the performance, you can activated it via the gfx.color_management.enabled setting


Config name: gfx.color_management.enabled
Default: False

Modified value: True (if you want to activate the color profile support feature)


5) Disable Antivirus Scanning


This is mainly for Windows users. By default, Firefox 3 automatically scan the downloaded file with the default anti-virus application to make sure it is free of virus. If you download a big file, it could take a long time for the whole scanning process to complete. To increase the performance of the browser, you might want to consider disabling the anti-virus scanning via the browser.download.manager.scanWhenDone key.


Config name: browser.download.manager.scanWhenDone

Default: True

Modified value: False (if you want to disable it)


6) Configuring The Scrolling Tabs


When you opened many tabs, Firefox will not keep on reducing the tab width. Instead, it shows a scrolling bar so that the min width (100px) is conserved and you can scroll to find your tabs. If you are those who don’t like the scrolling tab function and prefer Firefox to show all the tabs, regardless how small it is, you can set the value ofbrowser.tabs.tabMinWidth to 0 to disable it. Similarly, if you want Firefox to display more tabs before showing the scrolling button, you can reduce the default value to a lower value, say 75 pixels.





Config name: browser.tabs.tabMinWidth
Default: 100

Modified value: 0 if you want to disable the scrolling functions, other values to set the min width value


7) Show/Disable Close button on Tabs


Some people love to see the Close (the red X) button on every tabs, but some hate it. Whatever is it, you can configure it to your preferences via thebrowser.tabs.closeButtons setting.





Config name: browser.tabs.closeButtons
Default: 1

Modified values:
0 - display a close button on the active tab only
1- display close buttons on all tabs
2- don’t display any close buttons
3- display a single close button at the end of the tab strip


 Extend Scripts Execution Time


In Firefox 3, a script is only given 10 seconds to respond, after which it will issue a unresponsive script warning. If you are hooked on a slow network connection, you might want to increase the script execution time via dom.max_script_run_time to cut down on the frequency of the no script warning.


Config name: dom.max_script_run_time

Default:10 (in secs)

Modified value: 20, or any values greater than 10


9) Handling JavaScript Popups


When you come across a site that executes a javascript open new window function, and if the popup window is without all the usual window features, i.e. back/forward/reload buttons, status bar etc, Firefox will automatically treat it as a popup and will not open it as a new tab. However, if you find this to be a nuisance and wanted to open all new windows in a new tabs, you can specify it via thebrowser.link.open_newwindow.restriction setting.


Config name: browser.link.open_newwindow.restriction

Default: 2 - Open all JavaScript windows the same way as you have Firefox handle new windows unless the JavaScript call specifies how to display the window
Modified values:
0 – open all links as how you have Firefox handle new windows
1 – do not open any new windows
2- open all links as how you have Firefox handle new windows unless the Javascript specify how to display the window


10) Enable Spell Checking In All Text Fields


The default spell checking function only checks for multi-line text boxes. You can get it to spell-check for single line text box as well.


Config name: layout.spellcheckDefault

Default: 1 (spell checker for multi-lines text boxes only)

Modified values:
0 – disable the spell checker
2 – enable the spell checker for all text boxes


11) Open Search Box Results In New Tab


When you search using the search box at the top right hand corner of the browser, it will display the search results in the current tab. If you don’t want the search to interfere with your current tab, you can tweak the browser.search.openintab to make it open in a new tab.


Config Name: browser.search.openintab
Default: False

Modified value: True (open search box results in new tab)


12) Lower The Physical Memory Used When Minimized


This tweak is mainly for Windows users. When you minimize Firefox, it will send Firefox to your virtual memory and free up your physical memory for other programs to use. Firefox will reduce its physical memory usage, when minimized, to approximately 10MB (give or take some) and when you maximize Firefox it will take back the memory that it needs.


The preference name does not exist and needs to be created.


Right click on the background and select New->Boolean.


Enter the name when prompted: config.trim_on_minimize

Enter the values: True


13) Speed up your Firefox


Several tweaks required for this


Config name: network.http.pipelining

Default: False

Modified value: True


Config name: network.http.proxy.pipelining

Default: False

Modified value: True


Config name: network.http.pipelining.maxrequests
Default: 4

Modified value: any value higher than 4, but not more than 8


Config name: network.http.max-connections

Default: 30

Modified value: 96


Config name: network.http.max-connections-per-server

Default: 15

Modified value: 32


14) Increase/Decrease the Amount of Disk Cache


When a page is loaded, Firefox will cache it into the hard disk so that it doesn’t need to be download again for redisplaying. The bigger the storage size you cater for Firefox, the more pages it can cache.


Before you increase the disk cache size, make sure that browser.cache.disk.enabledbrowser.cache.disk.enable is set to True.


Config name: browser.cache.disk.capacity

Default: 50000 (in KB)

Modified value:
0 – disable disk caching
any value lower than 50000 reduces the disk cache
any value higher than 50000 increases the disk cache.


15) Select all text when click on the URL bar


In Windows and Mac, Firefox highlights all text when you click on the URL bar. In Linux, it does not select all the text. Instead, it places the cursor at the insertion point. Regardless which platform you are using, you can now tweak it to either select all or place cursor at insertion point.





Config name: browser.urlbar.clickSelectsAll

Modified value:
False – place cursor at insertion point
True – select all text on click


16) Autofill Address in URL Bar


Other than the smart location feature, you can also get your URL bar to autofill the address as you type the URL.





Config name: browser.urlbar.autofill

Default: False

Modified value: True (Have Firefox autofill the address as you type in the URL bar)


17) Same Zoom Level For Every Site


Firefox remembers your zoom preference for each site and set it to your preferences whenever you load the page. If you want the zoom level to be consistent from site to site, you can toggle the value of browser.zoom.siteSpecific from True to False.


Config name: browser.zoom.siteSpecific

Default: True

Modified value: False (enable same zoom preferences for every sites)


18) Setting your zoom limit


If you find that the max/min zoom level is still not sufficient for your viewing, you can change the zoom limit to suit your viewing habits.


Config name: zoom.maxPercent

Default: 300 (percent)

Modified value: any value higher than 300


Config name: zoom.minPercent

Default: 30 (percent)
value: any value


19) Configure Your Backspace Button


In Firefox, you can set your backspace to better use by getting it to either go back to theprevious page or act as page up function.


Config name: browser.backspace_action

Default: 2 (does nothing)

Modified value:
0 – go back previous page
1- page up


20) Increase Offline Cache


If you do not have access to Internet most of the time, you might want to increase the offline cache so that you can continue to work offline. By default, Firefox 3 caches 500MB of data from supported offline Web apps. You can change that value to whatever amount of your choice.


Config name: browser.cache.offline.capacity

Default: 512000 (in KB)

Modified value: any value higher than 512000 will increase the cache value


21) Auto Export Firefox 3 bookmarks to bookmarks.html


Unlike the previous version, Firefox 3 backup the bookmarks file in places.sqlite rather than the usual bookmarks.html. Since bookmarks.html allows us to export and sync our bookmarks with other browser, it will be very useful if Firefox 3 can backup the bookmark to the bookmarks.html as well.


Config name: browser.bookmarks.autoExportHTML

Default: False

Modified value: True (auto export bookmarks file to bookmarks.html)


22) Disable Extension Compatibility Checks


This is useful if you want to use an extension that is not supported by your version of Firefox badly. It is not recommended, but you can still do it at your own risk.


Right click and select New->Boolean. Enter extensions.checkCompatibility in the field. Enter False in the next field.


Right click again and select New->Boolean. Enter extensions.checkUpdateSecurity into the field and enter False into the next field.


23) Disable Delay Time When Installing Add-on


Everytime you wanted to install a Firefox add-on, you will have to wait for several secs before the actual installation starts. If you are tired of waiting, you can turn the functionsecurity.dialog_enable_delay off so that the installation will start immediately upon clicking.





Config name: security.dialog_enable_delay

Default: 2000 (in msec)

Modified value:
0 – start installation immediately
any other value (in msec)

24) View Source in Your Favorite Editor

This is very useful for developers who are always using the ‘view source‘ function. This tweak allows you to view the source code in an external editor.

There are two configuration need to be made:

Config name: view_source.editor.external

Default: False

Modified value: True ( enable view source using external text editor)

Config name: view_source.editor.path

Default: blank

Modified value: insert the file path to your editor here.


25) Increasing ‘Save Link As‘ timeout value

When you right click and select the ‘Save Link As…‘, the browser will request the content disposition header from the URL so as to determine the filename. If the URL did not deliver the header within 1 sec, Firefox will issue a timeout value. This could happen very frequently in a slow network connection environment. To prevent this issue from happening frequently, you can increase the timeout value so as to reduce the possibility of a timeout.


Config name: Browser.download.saveLinkAsFilenameTimeout

Default: 1000 (1 sec)

Modified value: any value higher than 1000 (value is in msec)

26) Animate Fullscreen Toolbar Collapse mode

In Firefox’s fullscreen mode, toolbars and the tab strip are hidden at the top of the screen and only shown on mouseover. To draw attention to this, there is an animation of the toolbar sliding upwards and off-screen when fullscreen mode is toggled on. For performance issue, the animation of the collapse of the toolbar only appear for the first time. For some reason that you may love/hate the animation, you can adjustBrowser.fullscreen.animateUp to switch it on/off for every collapse.


Config name: Browser.fullscreen.animateUp

Default: 1 (animate the toolbar collapse only the first time)

Modified value:
0 -disable the animation
2- enable the animation for every collapse


27) Autohide Toolbar in Fullscreen mode

In fullscreen mode, the toolbar is set to autohide and appear upon mouseover. If you have a need to view the toolbar at all time, you can toggle the value ofbrowser.fullscreen.autohide to False to always show the toolbar.

Config name: browser.fullscreen.autohide

Default: True (always autohide)

Modified value: False (always show the toolbar)

28) Increase Add-On search result

If you go to Tools->Add-ons->Get Add-ons and perform a search there, Firefox will only fetch and display 5 matching results. If you want Firefox to show more than 5 results (say 10), you can adjust extensions.getAddons.maxResults to get it to display more results.

Config name: extensions.getAddons.maxResults

Default: 5

Modified value: any value more than 5
This list of about:config is definitely not the complete list. If you have any tricks not listed here, please add it in the comment.

Read More

Bing Tips & Tricks

Now that Bing is available for use outside Microsoft, here are some quick tips and tricks that will help you do more with Bing.com.

1. Use the full version of Bing

If you are using Bing outside North America, chances are that you seeing a localized version of Bing that may be missing some features. For instance, the Indian version of Bing.com doesn’t have search history and the image on the Bing home page here is not interactive as in the US version.

To explore the full version of Bing, go to this page  and set English - US as your default region. You can now enjoy all the Bing features from anywhere.

2. Track Companies from the IE Favorites Bar

If you search for a company stock (e.g. GOOG  or MSFT), Bing will automatically create aweb slice  for that company which you may then add to IE 8 and track the performance directly from the favorites bar. You need Internet Explorer 8 to try this feature.

3. Watch Preview of Hulu Videos outside US

Hulu hosts some popular popular TV shows but the problem is that you can only watch these videos if your computer has US based IP address.

However, Bing lets you watch shot previews of Hulu video even outside US. Just search for any TV show episode on Bing Videos (see example ) and hover the mouse over any of the video thumbnail to watch a short clip.

4. Save and Email search results

With Bing, you can save your search history on to a local folder inside Bing or to your Windows Skydrive account. Alternatively, you may send your search queries to a friend via email or publish them on your Facebook wall via Bing. You’ll need Silverlight to share queries in Bing.

5. RSS Feeds of Search Results

Unlike Google or Yahoo, Bing offers RSS feeds for their web search results that you can subscribe to inside any feed reader. Your browser should be able to auto-detect the RSS feed of Bing pages or you can append &format=rss to any Bing search URL and convert it into a feed.

This RSS feature  is not available for Image or Video search in Bing.

6. Find Pages That Link to MP3 Files or Documents

Bing (and Live Search) supports a unique "contains" search operator that lets you find web pages that contain links to particular file types.

For instance, a search like susan boyle contains:mp3  will show pages that are about the British singer and that also link to MP3 files. Replace mp3 with doc to search pages that contain links to Word Documents.

Read More