Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How do I write Firefox add-on that automatically enters proxy passwords?

Suppose someone worked for a company that put up an HTTP proxy preventing internet access without password authentication (NTLM, I think). Also suppose that this password rotated on a daily basis, which added very little security, but mostly served to annoy the employees. How would one get started writing a Firefox add-on that automatically entered these rotating passwords?

To clarify: This add-on would not just submit the password; the add-on would programmatically generate it with some knowledge of the password rotation scheme.

like image 829
Will Avatar asked Sep 03 '08 04:09

Will


People also ask

What is moz proxy?

Mozproxy let you launch an HTTP proxy when we need to run tests against third-part websites in a reliable and reproducible way. Mozproxy provides an interface to a proxy software, and the currently supported backend is mitmproxy for Desktop and Android.


2 Answers

This is built into Firefox. Open up about:config, search for 'ntlm'

The setting you're looking for is called network.automatic-ntlm-auth.trusted-uris and accepts a comma-space delimited list of your proxy server uris.

This will make FireFox automatically send hashed copies of your windows password to the proxy, which is disabled by default for obvious reasons. IE can do this automatically because it can use security zones to figure out whether a proxy server is trusted or not.

Blog post discussing this

like image 114
Adam Lassek Avatar answered Oct 07 '22 01:10

Adam Lassek


It's your lucky day - no need for an add-on!

How to configure Firefox for automatic NTLM authentication

  1. In Firefox, type about:config into the address bar and hit enter. You should see a huge list of configuration properties.
  2. Find the setting named network.negotiate-auth.delegation-uris (the easiest way to do this is to type that into the filter box at top).
  3. Double-click this line, and enter the names of all servers for which network authentication is desired, separated by commas. Then press ‘OK’ to confirm.
  4. Find the setting network.negotiate-auth.trusted-uris, and set it to the same value used in #3.
  5. Find the setting network.ntlm.send-lm-response, and set it to true.
  6. Skip steps 7 and 8 if you aren't using a proxy.
  7. Open the options dialog (Tools->Options menu), and on the Advanced page, Network tab, press the Connection Settings button to get the proxy configuration dialog:
  8. Make sure the correct proxy server is configured, and that the same list of servers is listed in the No Proxy for: entryfield as were set in step #3.
  9. Done.
like image 29
Shog9 Avatar answered Oct 07 '22 02:10

Shog9