Paid Advertising
web application security lab

Mr-T smbenum and Firefox userprefs

I took a few minutes today to update the Master Recon Tool to include both the default Firefox preferences and the smbenum (enumeration of programs in Internet Explorer). This isn’t a big deal or anything, but it’s more that I think people aren’t really clued into all the stuff that can leak from a browser. Not that this is everything, mind you (for instance I didn’t include the IE decloaking stuff, etc…) but mr-t still includes a lot of stuff.

You can check out the latest version here or download the zip file here. Although this doesn’t include the logging functionality (intentionally) I hope this is still helpful to someone.

6 Responses to “Mr-T smbenum and Firefox userprefs”

  1. sebounet Says:

    There is a problem with chrome, not definitive, no? What is the content of the .class? thank for this

  2. jah Says:

    nice work! that’s a lot of information and I’d love to see reliable stats for the time it takes to gather it.

  3. sam Says:

    It’s not fully effective. Shows network.cookie.cookie.behavior = 0.
    I just double-checked about:config to make sure, and it’s set at 1 as it has been for a very long time. Missed several add-ons also — is it supposed to be able to detect *all* add-ons?

    Note: Java was not allowed for the demo — no offense ;) but that shouldn’t affect the above, right?

  4. RSnake Says:

    @sam - it’s just an example. The network.cookie.cookie.behavior is not relevant to this example. What you are seeing is default. You may not have it set to default.

    Also, I certainly haven’t tried to map out all the add-ons or all the places you’ve been or many other things. This is JUST an example.

  5. sam Says:

    Sorry I misunderstood - I thought it was a full, working demo. My bad.
    And yes, cookie.behavior has been changed from default.

    Thanks for clarifying.

  6. JJ Says:

    Haha, the image in the home page of Mr-T is funny. It’ll be helpful to my work, thanks for sharing:D