Firefox uses a function called PR_Write to write data into a TCP socket. This function is located inside a DLL module called nss3.dll. For this demonstration, we need to prepare a Twitter account. Once that account is created and you are logged in, sign out of the account and then log in again. Since we use LastPass, the login credentials will already have been entered by LastPass. Once we click on the Log in button, what will happen behind the scenes?
Behind the scenes, Firefox will load the nss3.dll library and call the PR_Write function to submit the data (login ID and password). Once Firefox performs these steps, we'll set up a breakpoint and intercept traffic. Let's start by installing the Immunity Debugger software from https://debugger.immunityinc.com/ID_register.py. The installation part is quite...