Firefox Profile in Dropbox

Posted on February 6, 2012 by morbo

Last week I had mentioned creating a Firefox profile in Dropbox, giving you all the benefits of a mobile and sync-able profile; this week I deliver! I will go through the process for both Mac and PC, talk a little bit about why this is cool, and some things to watch out for.

One word of warning. If you are concerned at all about the security of your profile, store sensitive information, or save passwords in your browser then I would tell you NOT TO FOLLOW THIS TUTORIAL. Dropbox provides little to no security for your data, so unless you are encrypting and decrypting on your own, know that your data is vulnerable and essentially open for people to see while it is syncing.

You will need a Dropbox account and Firefox for this, and also you need to be an administrator for some tasks. Also for both Mac and PC you need to have your hidden files on display: this will make editing some files later on much easier. With that let us begin!

A quick (and very brief) back story about how Firefox manages the user experience. When you start Firefox up, it loads all of your settings from a profile it manages and keeps tabs on. Your profile contains everything: browsing history, bookmarks, saved passwords, add-ons, style choices: you name it and it’s in there. For the everyday user one profile is fine, but when you’re a developer monkeying around with stuff, its nice to have a sandbox to play in and keep everything else safe. So to create a new profile we’ll have to start the Firefox Profile Manager.

Mozilla provides a good tutorial for getting this going, so I won’t re-invent the wheel for this section. Later I will show you an alternative method for starting the profile manager, but for now follow their guide. You can find Windows and Mac sections respectively. When you complete these steps, you should be presented with a screen similar to the one below.

Windows Profile Manager for Firefox

You will want to uncheck the “Don’t ask at startup” option, because you will want to switch between profiles in the future. Click “Create Profile” and click “Next.” The next screen should give you a text field to name your account and a default location for your profile. Write down or copy this location, you will need it later in this tutorial. Click the “Choose Folder” option and navigate to your Dropbox folder. Create a new folder to put your profile in and click “OK” for Windows, or “Open” for Mac. Write down this location as well, you will need it later too. Finally click finish. You’ve got a completely mobile profile now! No more tracking down addons!

Now that your profile is mobile, you must tell all your other browsers where this profile is. On your other machines, navigate to the default profile location you copied down earlier. It may not be 100% the same, but it will be very close.

For example on Windows, this location should be under your account (Users\YOUR-ACCOUNT-NAME) then AppData\Roaming\Mozilla\Firefox. (The default profile location is actually \mozilla\firefox\profiles, but we need to go up one folder level.)

The Mac structure is very different. You will still be under your account, but you need to go to Library\Application Support\Firefox. (Again the default profile location is actually \Library\Application Support\Firefox\Profiles, but we need to go up one folder level.)

For both systems however, a file called profiles.ini will exist here. Open this file in your favorite text editor (Mac will try to open in a Windows VM if installed, so drag it to TextEdit or some other text program.) You should see a file similar to the one below:

Profile.ini Text File

 

This file tells Firefox where to look for profiles. The initial machine you worked on should contain 2 entries like mine, where as your current machine should only have one. I won’t go into detail on this post what these lines do, so for now just take my word. Put your cursor after “Default=1″ and hit enter twice and enter the following text:

[Profile1]
Name=’Your-Profile-Name’
IsRelative=0 (IsRelative is equal to zero, not the letter ‘O’)
Path=’Path-To-Dropbox-Profile-Folder’

Where ‘Your-Profile-Name’ can be whatever you want your profile to be named, and ‘Path-To-Dropbox-Profile-Folder’ is the absolute path to your folder (C: and everything for Windows, User\ for Mac.) The last change to this file is to change the value of StartWithLastProfile from one to zero. This will start the profile manager so you can select from your profiles.

That’s it! Redo this last part for as many computers as you want to access your profile! This trick could also work if you wanted to put a profile on a Flash drive or other external media device.

Happy tinkering!
Until then,

Posted in Research - Browsers | Tagged , , | Leave a comment

New Post Coming Soon

Posted on February 3, 2012 by morbo

I’m working on a new post that will detail how to create a profile in Firefox that will sync with you dropbox account. You may be asking: why would you do that when it has built in features to sync content on its own? Well the simple answer is: because you want to.

Until then!

Posted in Research - Browsers | Tagged , , | Leave a comment

Recent Comments

Posted on December 6, 2011 by morbo

I’ve been getting a lot of action in the comments section. Now as much as I know EVERYONE is reading this, I’m reasonably certain these are just spammers. If any of you readers out there are leaving comments and not seeing them, let me know!

Keep reading, I know there has to be some of you out there hah.

Posted in Uncategorized | 2 Comments

Process

Posted on October 28, 2011 by morbo

I’ve been working on revising/reviewing my research and I believe I have a working model. The end goal of course is creation of a ‘program.’ To create this, one needs a vulnerability and code. The code is made up of the exploit, or shell code, and then the rest of the program. The vulnerability needs to be found using some sort of tool, such as a debugger, reverser, or source viewer.

The basic steps I came up with then are:
1.) Become familiar with tools
2.) Find vuln with tool
3.) Write shell and code
4.) Create program

A lot is involved in each step, and it is important not to get stuck in any one place for too long. You don’t need to become an expert in a tool to use it. With this I move forward!

Until then

Posted in Research - Malware | Leave a comment

Attention to Detail Harms Progress

Posted on October 28, 2011 by morbo

I’ve hit a major stumbling block these past couple weeks. Reversing programs is fun in its own right, but it is very easy to lose yourself in the code: tracking down every call, every meaning, every byte. You could spend weeks on one simple program.

This has been my problem, I’ve lost myself in weeks when only days were required. Additionally I’ve exhausted my immediate supply of ‘easy’ programs with clear vulnerabilities, so I have to step up to the challenge and dive into the next tier.

At any rate my next post will be less about updating and more discussion about what I’ve done.

Until then

Posted in Research - Malware | 1 Comment

Reverse Engineering; as Difficult as it Sounds

Posted on September 28, 2011 by morbo

Monday, approximately 11:10 AM I was able to reverse my first program. Granted it was a tutorial designed to introduce you to reversing so the program was simple, BUT non-the-less! I managed to follow through and complete the task! And actually had some fun doing it too =)

I was having a difficult time with my research last week. I couldn’t make progress on reversing anything, didn’t really understand HOW to reverse, and started having doubts about learning to reverse period. A friend of mine and I were discussing this, and eventually I was lead to the tutorial. I also received a book going over some of the features of the reversing program I’m using; IDAPro.

Enough of an update for today, have to get back to the grindstone!

Until then!

Posted in Research - Malware | Leave a comment

Hello world!

Posted on September 20, 2011 by morbo

This is my first new post on my new hosting site; finally off of GoDaddy hosting and loving it! I have lots of things in mind for my site, but my time is very limited this semester so we’ll see what I can do.

Until then!

Posted in General | Leave a comment

Woes of Transition

Posted on September 20, 2011 by morbo

I recently changed my hosting from GoDaddy to MediaTemple. The process was by no means easy; many times changing a setting and waiting days for it to take affect. But in the end MediaTemple is much more user friendly and useable compared to GoDaddy, which is one reason why I moved here.

At the same time I was switching hosting sites, I was switching laptops. I was using a school assigned PC over the summer to do all my work, both personal and school related. When school started this fall I was given the chance to use a MacBook pro, which I gladly accepted. Trying out something new is always fun right? Well almost always, there was one thing I forgot to do when switching from my PC to my Mac: move my website’s back up.

I didn’t have much on my site, but it was MY content that I wanted to keep, and now it’s gone. But its not all bad, I get to start fresh with a new hosting site, new laptop, and new website. Almost poetic. So with that I begin my new adventure filled with school, me, and all other sorts of things.

Until then!

Posted in General | Leave a comment