FireBug Plugin for Mozilla FireFox

From Knowledge Database

Jump to: navigation, search

Contents

Overview

FireBug (Fire Bug) is an addon for Mozilla FireFox web browser. It can only be used inside of FireFox browser, can not use it seperately. It was developed by Joe Hewitt, johnjbarton, robcee and the FirebugWorkingGroup. Their website is http://getfirebug.com

Features

Can debug website's code and change it locally. Can be used to develop your own website, easily can access .css files and save you lot of time searching for the right place to edit your file. Can also manipulate websites in order to perform attacks against websites. Monitors and shows you all the data on the website you are browsing.

Usage

In this article, is used FireFox version 2.0.0.18 and FireBug 1.2.1

Download

It should be downloaded from developers website, because it can only be downloaded and installed into firefox, however there are alternative ways to download firebug.

Installation

  • If it was downloded from here, then first extract the .rar and then:
  1. you can drag and drop it inside of your opened firefox
  2. or click on File > Open File ... > and located the downloaded firebug.xpi
  3. click on install when window comes up
  4. once it is done, restart your firefox (make sure it is not running in tray), you must close whole process of firefox (firefox.exe)
  • If it was downloaded from on of the websites, then it automatically starts to install, simply follow their instructions. Not listed here, because they may change them.

Accessing and Launching FireBug

  • It will always be available inside of firefox
  • After installation, a small firebug icon appears at bottom of your firefox

Tutorials

Here are demonstrated how firebug can be used in different ways, either to collect information in order to develop your website or to exploit and attack another website.

Collecting Information

Here is used http://sethioz.co.uk first is showed how to find a color code for text, that is used on Sethioz's site.


  • Now is clicked on "HTML" button and then "Inspect" and finally on the desired area you want to inspect. Here is used "date and time" which is highlighted on screenshot.


  • Now on right side of firebug, is seen the color code of the text that has been used on "date and time". color code is #A4DFED
  • This method can be used to collect any kind of information
  1. Can be used to see fields that has been covered with *****, like password fields for example.
  2. can be used to find out where is file located (direct link and such)
  • Inspect can be used to find out details about any website.
  • It is possible to edit any of that data locally, to see how the website would look like with those changes, it will not hack into server, changes are only local (only user can see them).

Manipulating websites

  • Here is used [Main Page of Sethioz's site]
  • Page number is manipulated, to fool the site to load another page instead
  • Scroll down to the bottom of the page
  • There is seen "Go To Page"
  • Open up firebug
  • click on HTML
  • click on Inspect
  • click on page number's dropdown box
  • expand the highlighted part, by clicking on the + icon, so it turns into -
  • find the part that is before >2<
  • replace
news.php?default.0.10
  • with this
mediawiki
  • now on the site, select "Page 2"
  • It will take you to this wiki (encyclopedia) page, instead of actual page 2
  • This can be used on several websites for malicious attacks or manipulating

Example: on some websites, where is a "vote" function, it is possible to manipulate it, using this method, and vote 100 instead of 5. There are numerous things that can be done with firebug, this was just one example.


Sethioz 19:43, 4 May 2010 (UTC)

Personal tools