|
|
|
|
about: license Here's another trick: type "C:" into the URI window. This changes to file:///c:/" and displays a directory listing of your hard drive. Some websites try to fool people by claiming to know what is on your hard drive. They do this by making a link to file:///c:/ on their website – click it and you'll see! This kind of website isn't really reading your entire hard drive, it's just making your browser display this information to you and you alone. Now try the same command of C:\ with the URI window of Internet Explorer (IE). Yes, it shows the contents of your C drive, and it does something really scary, too. From the URI window on Internet Explorer you can click through the contents of your hard drive and when you double click on a program it will automatically run. The reason this is scary is that it proves that IE can launch all sorts of programs, and this includes viruses, worms, Trojans, spyware and adware. Firefox is safer to use than IE because it doesn't carelessly launch programs. This makes it much safer to visit potentially malicious websites. You can find other fun things by typing commands into the URI window. Try About:plugins About:mozilla About: Here are yet more things you can type into the URI window to get interesting results: Resource: resource://gre/ chrome://global/ How did I discover these commands? I didn't find out about them from other hackers. OK, OK, long ago (1996) a friend told me to type in "about: Mozilla" into the URI window of a Netscape browser, which is the ancestor program to Firefox. All the rest was easy to discover once I got the basic idea. At first I just tried random things, but then a light bulb went on inside my head and I fired up a hex editor, muhahaha! If you are serious about hacking, you need a hex editor! Basically a hex editor is named after the hexadecimal number system, and when you use one to view a compiled program you will find out why right away. I use a hex editor to find things inside compiled programs that look like words, because they usually mean something important. I found all the above commands (except for about: Mozilla) that way. Newbie Note: A compiled program is, basically, a bunch of zeroes and ones that your computer's central processing unit (CPU) sees as the command for how to run a program. When you write a program in, for example, C or Java, you run your commands through a compiler and the result is a string of zeroes and ones that make sense to the CPU of your computer. A hex editor interprets those zeroes and ones in a way that makes the compiled program easier for us humans to understand. You can get free hex editors in many places, just make sure they don't hide malicious programs! For Windows, try download.com for safe hex editors. Once you get your hex editor running, you can find lots of fun things by opening the biggest file in the Firefox program directory: firefox.exe. That file, my friend, means happy hacking! Looking around at the text items in the editor, I saw several entries that included the term "resource:" So I tried simply giving the command "resource:" in the Firefox URI window. I hit enter and this turned into "resource:///" in the URI window and this gave a directory listing of everything in the program directory for Firefox. Next I found several instances of the word "transformiix" nothing in the URI window, so next I went to the Mozilla website, put in "transformiix" at their search box and got an answer at http://www.mozilla. (XSL Transformations) is a language used to transform XML document into other XML documents…. The implementation of XSLT in Mozilla is done in the TransforMiiX module. You can use it either as part of the lizard, or as standalone processor." |
|
|
|
