PATCHING NETSCAPE
(Cookies begone!)
by ACP
(04 July 1997, slightly edited by Fravia)
Courtesy of Fravia's page of reverse engineering
Well, here it goes... another VERY interesting reverse engineering project! Are you not fed up
with having continuously to eliminate annoying cookies-requests from stupid commercial
ads and useless counters that pop unterminately up on every slow-loading, image-heavy
site of the Web? YES, we hate them! Therefore the first "amelioration" of Netscape,
proposed by ACP, is rightly dedicated to the extirpation of the cookies-evil weed,
apply it immediately to your copy of Netscape and Enjoy!
Welcome to my new project, PATCHING NETSCAPE!
(Cookies begone!)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
by ACP, 04 July 1997
Why you ask?, COZ I WANT NETSCAPE TO WORK EXACTLY AS I WISH!
* I automatically assume you have knowlegde of Assembly, and some experience
in debugging Win32 Apps using WinICE.
IF NOT, STOP RIGHT THERE AND GO STUDY BASIC REVERSE ENGINEERING FIRST!
* Please ignore my lame english ;-]
* In this doc i will refer to (Netscape v3.0 GOLD), *ONLY*
but, if you read everything, and understand, you'll be able to patch
any version of Netscape YOURSELF!
* before patching, and in order for this patch to correctly work
you *MUST* enable the 'WARN BEFORE ACCEPTING A COOKIE' option.
in Options --> Network-Prefs --> Protocols
---------------------------------------------------------------------------
A. We want Netscape NOT TO ACCEPT COOKIES, NEVER... let's start:
- make sure you have WinICE ready and loaded
- make sure you have USER32.DLL loaded in WinICE's exports
- fire-up Netscape
- CTRL+D into WinICE,
- set a breakpoint on MessageBoxA
- exit WinICE's window.
B. Load the included HTML page, (netscape-patch.html) into Netscape.
WinICE should popup and you'll land smack inside the MessageBoxA Proc.
'P RET' *once!* and then press the 'CANCEL' button.
now, you're back in WinICE's window, keep 'P RET'ing back to Netscape until
you reach the following code:
Add ESP,8 Fravia:
F. Now we take a look at line #11 which is the jump out of the routine
in case the user pressed CANCEL.
we are going to jump from line #4 to the end of the routine.
at line #4, assemble with WinICE, 'JMP addr of --> DO_NOT_SAVE_COOKIE'
and that's IT!
Cookies will from now on be auto-killed, and the messagebox that annoyed
the user will not be shown anymore. Yet this was a "temporary" patch, in
fact we worked with Winice on our Netscape copy IN MEMORY, not on the
real program on our harddisk, duh?
I assume that you know how to write down the changes we have made to the
code above, in order to PERMANENTLY patch it, using an HexEditor (such
as HIEW).
In case you can't handle it, here is the file offset and the original and
"new" byte info:
Make sure that your NETSCAPE.EXE file is EXACTLY -> 3164672 bytes long, this
patch would not work on other versions!
Comparing files netscape.exe and netscape.new
Offset Old New
00095788: 50 E9
00095789: 8B 74
0009578A: 44 20
0009578B: 24 00
0009578C: 3C 00
After this patch, your Netscape (3.0 GOLD) will auto kill cookies.
If you have another version, just adapt the instructions I gave you
with this essay.
Email me acp@fear-me.com any comments about this document.
C'ya later, ACP.
You are deep inside fravia's page of reverse engineering,
choose your way out:
homepage
links
anonymity
+ORC
students' essays
tools cocktails
search_forms
mailFraVia
Is reverse engineering legal?