 I hand over to Mr. Avasthi who is going to talk about, so I just give you an introduction to his talk. He is going to talk about a tool called Firebug. So during the last 5 day workshop there were many questions on what are cookies and how are they used and how can you see them and where are they stored and you know do you have session information in them, how is authentication done and so on and so forth. I thought these were substantially important issues that we needed a tool so that in the lab you can go and see and then later on when you go to your class you can actually show it to your students, you can show Firebug which is an extension to Firefox and you can inspect all of these things. You can look at the different cookies that are stored on your machine, how many different cookies from the Google site or from the Microsoft site or from the IITB site etc. make some sense of the cookies, see whether these cookies are encrypted or encoded in some way using base 64 encoding. When you send your username and password to your LDAB server in your college or in your university is it encoded in some way, what is base 64 encoding, can I hack into your password and get it out from there etc etc etc. So there are tens of questions that could be asked on this and the lab tomorrow will actually address them. The lab today is on Wireshark, the lab tomorrow is on Firebug and also the beginnings of DBWA. So Abhishek Abhishek is over here to tell you how to use this tool, this tool called Firebug which is an extension to Firefox, how to use it and what all information you can get from this very interesting tool. I will be presenting about Firebug which is an extension of Mojla Firefox browser. So using it we can do many things like debugging and other basic security analysis like cookie analysis and network traffic analysis and some headers we can check what is going like what cookies are going and what cookies are coming from the server side. So let us start with installing the Firebug, how to install it. So we just need to use Google search engine and just type Firebug Mojla add-on. Actually it is for Mojla Firefox so we need to message Mojla add-on. So it is showing these links, these results. So the first link is our Firebug link. So this is the page where you can get this plugin. So let us try to install it, here it is a button, this is add to Firefox, we just need to pass it. Now we can see it is being downloaded, after downloading it is asking for installation. So we just need to click this button, install now and here we can see it is successful installed. So before going further, actually as we know STTP protocol is a stateless protocol. So if a verification want to know about the user to authenticate or identify a user, so it needs some kind of approaches, some kind of methods to track the user to identify the user or authenticate the user. So for this there are some approaches, I will be covering three approaches out of them. So first one is basic access authentication, second one is using hidden fields, third one is using cookies. So let us start with basic access authentication. So in basic access authentication when we need it, like if I want to share a file with particular specific number of users like the participants which are involved in this workshop. So I would like to get some kind of information from the user which is trying to access it, like I can provide them some kind of username passwords. So that I can, that verification can get to know that authenticated user is accessing the file not everybody else. So let us check it one example for that. First of all before going to that we need to know how to start Firework. It is just a simple process, we just need to press the function key F12, it will open this kind of panel below the page. So this is our Firework, I will explain all these tabs which are there. Like this first tab, this is written as cookies. So this is all about cookies, I will be covering this cookie further. So let us, as we have installed, just installed this Firework tool. So first we need to enable this panel, this is the cookie panel, so we need to enable it. This after pressing the enable button, it is being enabled. So we can see some data here, I will explain it later what is it. So let us go to other tab, this is NetTab. We also need to enable this tab also. So this NetTab is all about seeing the traffic between the browser and the server, communication between the browser and the server. That is it DOM, document object model, here we can see the whole document object model of the website, the page. And then it is skip tab, which is all about JavaScript used by that website or that web page. So we need to enable this panel also. Then we will switch to CSS, it is all about style sheet, the styling of that web page. An HTML of that web page and this next manager of console. Here we can use it as kind of terminal, we provide some JavaScript code here and can run it here on the fly. So we need to enable it also. So these are some tabs which are available on Firework. Now we will go to basic access authentication like just I talked about. So I am using a URL of ITB, which asks for username and password whenever we try to access it. So it is asking for username and password, so that only students of ITB can access it. So I will try dummy username and password, which is my name, the sub shape. So I just entered a dummy username and password, which was not correct. So it is not authenticating me. So we do not need to concern about that. We just need to check what is happening behind the scene. So we will open this net tab using firebug and we will check this first, this information what is happening behind. I will enlarge this so that we can see it easily. So here we can see there are some kind of headers. This is response header and there are some data like connection, content length and like that and this is request header. So as we can see in request header there is authorization, this one. So this authorization is the main thing. It is containing our username and password we just entered in some encoded form and it actually uses base 64 encoding. So we will check are we correct. So let us try to decode it. I will first copy this. We need some kind of base 64 decoder. So we can use some online tool for that. So I am searching for that on Google base 64 online decoder. So we can use this first link. It is providing an online tool for decoding. We can decode any base 64 string. So it will provide us the plain text data corresponding to that encoded string. So here I am copying that data. That encoded data we have just seen there. Let us recheck it. The data is same or not. So this was the data, y, w, j, o, a like that. So this is the same string. Now I am going to decode it, just pressing the decode button. So now we can see it has been decoded as this abyssaic, then colon, then abyssaic. Actually it was containing username and password separated by a colon. So I have provided as I provided that my name abyssaic as username as well as password. So it is this abyssaic, colon abyssaic. So it means we have successfully decoded it and it was actually a base 64 encoding. So we can verify using this method. So that was about base 64 encoded basic access authentication. Now we will switch to hidden fields based authentication methods or identification methods. So I am going to demonstrate URL using a URL like this is csc.itb.ac.in. So first we want to know how to see hidden fields. So we cannot see them like in using this browser UI. So we need to go into the HTML. So we will use firebug for that. As we can see here there are only two fields we are able to see like username and password. So we will get into HTML using firebug. This is a HTML tab, we just need to press it. Now we need to search for hidden fields. So let us use the search tab, search field. So I will type here hidden so that I can identify the hidden fields. Now here we can see this is HTML data of the web page. So we can see here this is showing input type equals to hidden. It means this is a hidden field which is containing some data but it is not visible to normal users. There are two like search hidden fields. So this is containing some kind of data which will be used by web site, web application to authenticate or identify the user. But a normal user can see only two fields are there username and password but actually behind the scene they are more than two fields. So let us try to check when we click this kind of form which is containing some hidden data so how the data is travelling what are the other parameters of values are going to the server side. So there is another approach like if you want to see the HTML code of a particular field or a division on that page, view page. So we just need to right click on that like we just need to right click here and it will show the firebug option to see the HTML data of that input field. So here at the last menu option is inspect element with firebug. So I will just press it and now it is showing the HTML tag, HTML data of that input field. So as we can see input and then ID then type because to text like that but we are more concerned about hidden fields not the normal fields. So we will see the that those hidden fields which are available there behind the scene. So like this there are around 3 and even 6 hidden fields are there which are containing some value and having some name like this is action having a action name then time zone and like that this data will be used by the verification and it was inserted by the verification so that it can identify authenticate the user. So we will see another field which is password which is which is visible to a normal user this is named as underscore pass. So now we will submit this form using some dummy user name and password it is same as my name Abhishek and we will click the login button. So for if we see it normally so the data which is going to the server side should contain only 2 data user name and password but it is containing some hidden fields also. So the actual data which is going to the server side is containing more than 2 fields let us check it out. We will go to the net tab of firewall and we will go to the post request for that header to see what data is going to the server side and we will press that post tab it is showing these many fields are going to the server side but for now normally user there were only 2 fields user name and password but it is actually sending around 8 fields like first ejection then password, task, time zone, token you are like that. So as we can see I have had entered this password as Abhishek and user name as Abhishek so we can see that data. So this is a token some kind of identification random string used by verification. So let us check it out whether it is the same string or not. So we will just verify it this is the user name I had entered. So let us verify that token which was a hidden field this was the token and let us check the STML data. So this was the input field which was containing that token value this is 91C5FB1C1 like that and here in STML form it is the same 91C5FB1 like that. So using this the verification is trying to authenticate that the valid or legitimate form has been submitted by the client by the user. So this was the hidden fields using this verification then also identify or authenticate the users. So we have just completed 2 approaches first was basic access authentication which was using base 64 encoding for sending user name and password then second one was hidden fields and now we will cover the third one is cookies. Cookie is a very important term so let us talk about cookie what is actually a cookie. Cookie is nothing just a key value pair which has been which is used by the applications and which it is stored by the application on the user side on the user's browser. So that it can know whether it is user the user is visiting their site first time or second or third time and based on that they can provide some good interactive services and some user friendly services also. So let us check it out we will try to visit a site first time. So we need to check when we are visiting a website first time then what is happening behind the scene and when we are visiting the same site again then what is happening let us visit this URL www.eduhat.com so we can see using the fire bug in the cookie tab there are some name and value these are the key and value pair of cookie these name are containing the parameters or identifier for that cookie and this value field is containing the value of particular cookie and these are some other fields I will talk about later. So we will go into the net tab to view what is happening behind the scene when we are visiting this website first time these are request and response headers and in this response header we can see a set cookie and which is containing some identifier then equal sign then some value. So this identify the key for that cookie and the right hand side of the equal sign it is containing the value of that cookie. So this is request header as we can see there is no cookie information the request header so what is happening actually when we are visiting this site first time. So verification came come to know that some new user is visiting their site. So they need to store some cookie to that user's browser so that they can track or they can identify when that particular user's user visits their site next time. So in request field there was no cookie value because we are visiting this site first time but in the response header there is a set cookie field which is trying to store the cookie in user's browser first time. So let us go further this is request header which was not containing any cookie information so let us try to enlarge it so that we can see view it clearly request and response headers are there and some header fields accept and like importing language host like that use agent Mozilla then response headers there are many fields. So we are more concerned about cookie things so this is set cookie which is storing our new cookie. So let us try to visit this site again so now we are not a new user for that site now we are visiting the site again so it should identify us. So let us see we will again use the net tab of firebug and we will check out so we can see response headers and request headers. So now we will check what are the changes compared to the last digit. So now we can see this request header is also containing cookie information and last time it was not there. So now what is happening is when we visited it first time the view site first time so it is stored some cookie information in our browsers in our browser. So now when we are visiting this view site second time so the browser is sending the cookie information to the view server so that the verification can identify me as I am a second time visitor not a first time visitor. So this request header is also containing cookie information this is the same value which was stored earlier as we can see that one was also 1f8 like that. Now we will check the response header now it is not containing any said cookie data because it has already stored the cookie it can add some more cookies but it is not using at the time. So now we will check about what are other fields are available there in the cookie tab of fire bug. So we will go one by one first one is name which is containing the identifier for cookie to identify a cookie this is name of the cookie then value of that cookie corresponding to that cookie then domain of that which view site is storing that particular cookie then raw size of that cookie then path and that domain then expires it is very important to know about it. So we can see there are two type of one is session and one is containing some expires on it. So actually cookies are of some many types so there are basically two types one is session cookie and second one is persistent cookie or tracking cookie. Persistent cookie is it is stored for a particular time means whenever we are closing the browser session cookies will be deleted but persistent cookie or tracking cookie should be there even after closing the browser and the expiry date of that persistent cookie can be defined using this expires and it like this is containing 78 2016 so it is containing more about more two years for expires and it. So even after we close this browser it will persist here so that it can track our activity and it can identify us next time. So persistent cookie if we talk about real time so we can take an example of e-commerce sites when we visit any e-commerce site then what we find is like we are exploring some laptops or mobiles so I like I checked some particular laptop models this time and when I am going to visit that particular site second time then it will be suggesting me that you have visited or seen these models of this particular laptop so how it is happening actually behind the scene it is using the cookie these persistent cookie which are there in our browser even after closing the browser. So using those cookie that your site is able to detect that I am the particular user which was visiting these many these models laptop models or mobile so this way this persistent cookie are very useful for any site. So now we will talk about this STTP only so actually STTP only cookie there is an advantage is that like in some kind of attacks like accesses attacks cross is scripting cross side is scripting attacks it uses javascript functions to fetch out the cookies so that it can use it like in session hijacking and other things. So using this STTP only we can restrict that no javascript function will be able to access these kind of cookies. So this is a security good security method approach and another one is security field so we will see another site so that we can get an and this is the value of that particular cookie see the security field to know about more the security field we will visit another site because it this site is not containing any secure cookie. So these were the expires and data and session difference between the session cookies and persistent cookie as we saw this was the STTP only so now we will visit another site like flipkart.com so to try to see the secure cookies. So here we can see in security field there is a secure keyword is used. So it is actually identifying it is actually mentioning that this kind of cookie whenever it will be sent to the server side it will be encrypted so that it cannot be stolen or like that so this is keyword secure that was all about cookies. So we have completed today three approaches one was basic access authentication using base 64 encoding second one was hidden fields and third one was cookies. So with this I would like to thank you.