How To Hack Firefox To Become KeyLogger ~ DepoTech

Read: KEYLOGGERS: FUNCTIONING , USE AND PROTECTION

Is there any way to make Firefox auto save passwords without clicking the Remember button?.

In Firefox, even if you have the option “Remember passwords for sites” checked in
Tools > Options > Security, the browser will still ask the question “Would you like to remember the password for “Username” on website.com ?” with three selections which are “Remember Password”, “Never Remember Password for This Site” and “Not Now”.

The earlier version of Firefox 3 displays a notification bar at the top of the web browser, while from version 4 until the current version 21 displays a popup notification at the top left.

Modifying Firefox to auto save the login information to the Firefox Saved Passwords manager without prompting was easy for version 3 because you can directly edit the JS files from the program’s folder to apply the changes.

However, the file structure was a bit different starting from Firefox 4 up to and including the current versions. We researched and found that it is still possible to force Firefox to auto save the password without the popup notification. This can turn Firefox into a keylogger and no antivirus will even detect this as a threat.

For Firefox 3, all you need to do is edit the nsLoginManagerPrompter.js file with a text editor preferably Notepad++ located in C:\Program Files\Mozilla Firefox \components\ folder. Search for the _showSaveLoginNotification function and replace the whole code that is highlighted in yellow.

With the following code:

var pwmgr = this._pwmgr;

pwmgr.addLogin(aLogin);

The end result would look like the image below

Save the changes that you've made on the nsLoginManagerPrompter.js file and whenever you login to any website, Firefox will auto save the site, username and password to the login manager WITHOUT showing the notification bar. You can access the saved password area by going to

Tools > Options > Security and click the Saved Passwords button. There is one possible bug which is even when a user entered the wrong username or password, it will still be saved.

As for Firefox 4, it gets slightly difficult because the nsLoginManagerPrompter.js file is archived in an omni.jar file located at C:\Program Files\Mozilla Firefox\ folder.

Starting from Firefox 5, you may have noticed that editing the nsLoginManagerPrompter.js inside omni.jar file does not work.

The Firefox developing team did not fix the bug nor improve the security but instead they optimized it further by making Firefox load a compiled binary version of the nsLoginManagerPrompter.js file instead of the raw and editable JS file. Here is what you need to do to enable auto password saving on Firefox 5 and above.

Do take note that the omni.jar file has been renamed to omni.ja starting from Firefox 10.

1. Use WinRAR, PowerArchiver or WinZIP to open the omni.jar or omni.ja file from C:\Program Files\Mozilla Firefox\ folder.

2. Navigate to jsloader\resource\gre\components\ and delete the nsLoginManagerPrompter.js file.

3. Go back to the root of omni.jar or omni.jar, and navigate to components folder. Edit the nsLoginManagerPrompter.js file and replace the whole _showSaveLoginNotification function as shown earlier.

Save the changes and go back to the archiver. Click the Yes button when the archiver prompts you to update the archive with the updated file.