Autofill - extension that will simplify your hunting

[Hamych]

Hello to all newcomers to the bounty hunters! In this mini-guide, I will share with you a very useful extension for chrome-based browsers, it is called Autofill. This extension will greatly simplify your life, completely filling out all the Google forms for you and more. This is not a program, but just an extension for your browser, so no garbage will be installed on your computer.

Install this extension, after installing it, it's lightning bolt icon will appear in the upper right, right-click on it and select "Settings".

1. The main settings window will open. (Form Fields).


2. In the lower left corner, click on the drop-down menu, select " Manage ... " and create a new profile.

*


3. After creating a new profile, click + , a new line for editing will appear at the top.

*


4. "Type" this is the type of field, do not touch anything, leave it as it is "Text"


5. "Name" this is the name of the field in google form, Username , ETH Address , Twitter Link , etc. Please note that for each filled field in Google form, you need to create a new editable field in this extension by clicking the plus sign in the lower left. In order for the extension to define the field, you need to write its name, for example Bitcointalk Username , if you call the field in the extension that way, then all fields with that name will be filled accordingly. If you simply name the field Bitcointalk , then all the fields containing this word will be filled in, for example, Bitcointalk Username / Bitcointalk Profile Link , etc. so I advise you to call each field the full name to which it corresponds, with the exception of the field where you enter ETH address or Email , in this case, one word is enough, and all the fields containing it will be automatically filled with the indicated option, not depending on their full name, be it ETH Address or ETH Wallet, Email Address or Account Email . It turns out that for common options and the same type, it is enough to use one word.

6. " Value " here we need to enter the response options entered in the field " Name ". If " Name " ETH Address then we enter the address of your wallet in " Value ", as an example 0xc00000000000000000000000 . If " Name " is Telegram username then we enter in " Value " @ your name


7. "Site" enter https://docs.google.com/forms/ here, this is necessary so that the extension works only on sites that contain part of this link, namely the forms themselves, if you leave this field empty, the extension will begin to fill you with anything on all sites.


8. In this bottom line, enter the same address https://docs.google.com/forms/


9. In " Hotkey " we hover and poke the mouse so that the field is active and press the key combination that is convenient for you, for example, Alt + `, because the hand is comfortable and the location of the finger under this key combination. After that, autofill will work only after they are pressed.

After all these manipulations, you can save the settings by clicking the button below "Save"


In general, you can make it so that when you open the form, it immediately filled itself well, or only by pressing a key combination, I think this is a very good thing
I would be very happy if, nevertheless, this guide is useful to someone. If you notice any mistakes or have ideas on how to make corrections to the procedure or something else, let me know. Thank.

[Velkro]

Install this extension. https://chrome.google.com/webstore/detail/autofill/nlmmgnhgdeffjkdckmikfpnddkbbfkkk, after installing it, it's lightning bolt icon will appear in the upper right, right-click on it and select "Settings".

When new member of forum asking you to install something take a step back.
There are malicious extensions that will steal your data/keys or replace copied bitcoin address to hacker address.

Always consider installing anything on your computer as very high risk often not worth taking.
#1 security advice out there

[Hamych]

Install this extension. https://chrome.google.com/webstore/detail/autofill/nlmmgnhgdeffjkdckmikfpnddkbbfkkk, after installing it, it's lightning bolt icon will appear in the upper right, right-click on it and select "Settings".

When new member of forum asking you to install something take a step back.
There are malicious extensions that will steal your data/keys or replace copied bitcoin address to hacker address.

Always consider installing anything on your computer as very high risk often not worth taking.
#1 security advice out there

I completely agree with you, but I did not notice the suspicious actions of this extension and many use it on this forum, in addition, Google checks the extensions in its store for hacker activity.
I just described how to use this extension, I am not its author and I am not trying to steal any information.  

There are malicious extensions that will steal your data/keys or replace copied bitcoin address to hacker address. - you need to check the data before submitting the form 

[BitMaxz]

Both of you are right but it still safe if we don't use any 3rd party extension in chrome browser if you use the browser mostly for Crypto(safety is our priority). I'm sure this extension are stealing personal information so for me this is not recommended to use.

Also, I noticed someone telling that this extension is a scam they have many bad reviews about this extension so I don't recommend to install this on your chrome.

[tbct_mt2]

Both of you are right but it still safe if we don't use any 3rd party extension in chrome browser if you use the browser mostly for Crypto(safety is our priority). I'm sure this extension are stealing personal information so for me this is not recommended to use.

Also, I noticed someone telling that this extension is a scam they have many bad reviews about this extension so I don't recommend to install this on your chrome.

Agreed with you about third-party extensions, but personally Chrome is not a safe one to, because it is a sort of G products, and you know Google will use user data for whichever purposes that we never know.

They can collect user data from their browser, connect users' dots and over time they have significant data; then someday sell them to get profits at acceptable deal, only Google knows. It is a serious potential threat by using Chrome. I would prefer to use FireFox or Brave browers, instead of Google Chrome.

[PrimeNumber7]

Most browsers have this functionality already built in. There is no reason to use a potentially unsafe extension built by a third party.

As Velkro said, the extension could possibly change displayed addresses. It could also submit a different address than what is input into a form, and it could transmit your 'saved' address to the creator of the extension so he can generate a 'vanity' address that looks similar to what you saved, making it difficult to detect the change.

[Hamych]

Delirium of persecution - a disorder of the thinking process, the delusional conviction of a person that a certain person or group of persons pursues him: spies, torments, scoffs, plans to do harm, rob, kill, etc.

what is stolen from you? Do they recognize your forum nickname? telegram name? your public wallet number? this is already in full view in the spreadsheets of any bounty campaign.
No need to scare users and come up with conspiracy theories and attempts to steal data. Whoever needs it, they will steal data from the Binance, and not from some unfortunate bounty hunter. All input information is publicly available.

It is everyone’s business to use some auxiliary extensions or not.
If you think that this is not safe for your data, then do not install, I do not insist, I just described a way to configure and use. Knowing some people, they will begin to attribute to me an attempt to steal user data from this forum. 

[elda34b]

If anybody decides to use this extension, just make sure you only use it on your personal computer. Don't log in to your Chrome on other devices as it would synchronize and possibly make your private data left in public.

Don't forget to not input any sensitive data there, such as a password.

[tranthidung]

If anybody decides to use this extension, just make sure you only use it on your personal computer. Don't log in to your Chrome on other devices as it would synchronize and possibly make your private data left in public.

Don't forget to not input any sensitive data there, such as a password.

Additionally, don't use computers in which crypto currencies stored to install and use extensions from third-parties.

If people don't use cold storage, computers in which they store crypto wallets should be used only for wallet upgrades (from official websites). Keeping those special computers as safely as possible will keep their crypto safely from threats. Only opening those computers to download wallet upgrades, and installing new versions of wallets. Then, when upgrades finished, shut down computers to avoid distractive interests (like web surfing, and others unsafe things).

[drwhobox]

Delirium of persecution - a disorder of the thinking process, the delusional conviction of a person that a certain person or group of persons pursues him: spies, torments, scoffs, plans to do harm, rob, kill, etc.

You are in a place where you have never seen, meet, no identity, have no idea of shape, race (human or alien) what I am meaning is that no clue about the other person. Every day you are seeing scam accusations where one has stole others money or failed attempt to steal, trashing each others is the regular practice. This is the reality of an anonymous forum. How would you not expect anything harmful from someone who never made any presences here but asking to install a piece of program that can alter the input system of the users device. What if there is a piece of code that will convert a string to something else without my knowledge and send out something else that I was not originally meant to send?

I do not blame you nor them. Let's say your initiative is a legit one but considering the environment of this forum, your work is a collateral damage for a group of people but fact is both you and them are not wrong from their own ground.

Peace!

[Stedsm]

Additionally, don't use computers in which crypto currencies stored to install and use extensions from third-parties.

If people don't use cold storage, computers in which they store crypto wallets should be used only for wallet upgrades (from official websites). Keeping those special computers as safely as possible will keep their crypto safely from threats. Only opening those computers to download wallet upgrades, and installing new versions of wallets. Then, when upgrades finished, shut down computers to avoid distractive interests (like web surfing, and others unsafe things).

We shouldn't use even smartphones if you ask me because it's one of the most vulnerable things to malicious viruses in general and most people don't even have anything like AV installed in their smartphones because either they are not aware or they are too over-smart. Most of the hacks nowadays take place through these Android applications and if such extension is installed in your chrome browser and you've allowed some permissions to your browser, I guess your coins are at stake because this extension will have some sort of code or patch injected in it that'll come with it after installation and it'll fetch all the data from your mobile and send it to hacker. So not only are your coins and privkeys, but your data also isn't so safe if you blindly download anything.

[tranthidung]

We shouldn't use even smartphones if you ask me because it's one of the most vulnerable things to malicious viruses in general and most people don't even have anything like AV installed in their smartphones because either they are not aware or they are too over-smart. Most of the hacks nowadays take place through these Android applications and if such extension is installed in your chrome browser and you've allowed some permissions to your browser, I guess your coins are at stake because this extension will have some sort of code or patch injected in it that'll come with it after installation and it'll fetch all the data from your mobile and send it to hacker. So not only are your coins and privkeys, but your data also isn't so safe if you blindly download anything.

People are safely use their smartphones if they don't store any crypto on their phones, don't log in exchange accounts, don't log in their important emails. Unfortunately, people tend to use their phones for important things (like above ones), and don't install AV softwares.
Even I don't log in my main emails or my exchange accounts on phones or other mobile devices (like tablets), I still feel unsafe. For apps, that need to use for daily expenses, I only store very limited funds. I am careful to make sure that just in case when worst things happen, I won't lose too much money.

With or without AV softwares, mobile devices (smartphones, tablets) or desktop computers/ laptops, having good and healthy web-surfing habit is the most important thing to protect our devices, identities and funds.

[bob123]

Auto-fill is highly risky.

A fake site could be set up where the login fields are basically 'the same' as on an original site, and the chrome auto-fill (not extension, but built-in auto-fill) will enter your username and password.
This is a known attack vector and one reason why auto-fill should never be used.

I don't know how this extension behaves, but rather be safe than sorry.

IMO this extension is definitely not worth the risk.

[ABCbits]

Agreed with you about third-party extensions, but personally Chrome is not a safe one to, because it is a sort of G products, and you know Google will use user data for whichever purposes that we never know.

They can collect user data from their browser, connect users' dots and over time they have significant data; then someday sell them to get profits at acceptable deal, only Google knows. It is a serious potential threat by using Chrome. I would prefer to use FireFox or Brave browers, instead of Google Chrome.

Most people who join "hunting" give their personal information (with/without KYC) on daily basis, so i doubt they care about privacy concern or possibility of misuse of their information when using google product.

We shouldn't use even smartphones if you ask me because it's one of the most vulnerable things to malicious viruses in general and most people don't even have anything like AV installed in their smartphones because either they are not aware or they are too over-smart. Most of the hacks nowadays take place through these Android applications and if such extension is installed in your chrome browser and you've allowed some permissions to your browser, I guess your coins are at stake because this extension will have some sort of code or patch injected in it that'll come with it after installation and it'll fetch all the data from your mobile and send it to hacker. So not only are your coins and privkeys, but your data also isn't so safe if you blindly download anything.

I disagree, smartphone these days generally more secure than desktop because sandboxing feature where an application can't access system, other application or user's files without user's permission.

Most of those hacks usually happen because outdated OS or user simply allow all permission request.

[Bountyhonter]

Filling forms for bounties and airdrops is something that shouldn't take more than 3 minutes so using a 3rd party extension is just being lazy and taking a serious risk.

Additionally different forms have different format at which they where made which may lead the extension filling the wrong info in the wrong place.

[terizla]

I think filling form is not difficult and it only take a few minutes.
Better i use Notepad in computer or ColorNote in my Smartphone.



Save your private wallet in that extension i think very risk.

[Hamych]

Save your private wallet in that extension i think very risk.

I do not think that there is some kind of a fool who will store his private keys in such extensions  It is used to fill out forms with public information.

[Stedsm]

--snip--

I disagree, smartphone these days generally more secure than desktop because sandboxing feature where an application can't access system, other application or user's files without user's permission.

Most of those hacks usually happen because outdated OS or user simply allow all permission request.

Trust me, when I said that, I knew it was all about permitting requests but many apps won't work without those permissions being given to them (or at least won't work properly. For eg.; Camera app needs your storage permission to view files and show them to you as well as store newly clicked images in your system only after permitted. This includes all the attributes set here for it to perform all these tasks - Read, Write and Execute. By saying outdated OS, do you point it towards the older versions of Android or anything similar? You meant that Android is also vulnerable to bugs which can help hackers steal our data just because it is old? For latest versions of Android nowadays, we need to spend at least $200 - 300  and more to get them in a smartphone. We don't need sandboxing because at the end of the day, you're sure to give those permissions to an application that needs it to do its job better.

[PrimeNumber7]

--snip--

I disagree, smartphone these days generally more secure than desktop because sandboxing feature where an application can't access system, other application or user's files without user's permission.

Most of those hacks usually happen because outdated OS or user simply allow all permission request.

Trust me, when I said that, I knew it was all about permitting requests but many apps won't work without those permissions being given to them (or at least won't work properly. For eg.; Camera app needs your storage permission to view files and show them to you as well as store newly clicked images in your system only after permitted. This includes all the attributes set here for it to perform all these tasks - Read, Write and Execute. By saying outdated OS, do you point it towards the older versions of Android or anything similar? You meant that Android is also vulnerable to bugs which can help hackers steal our data just because it is old? For latest versions of Android nowadays, we need to spend at least $200 - 300  and more to get them in a smartphone. We don't need sandboxing because at the end of the day, you're sure to give those permissions to an application that needs it to do its job better.

Modern smartphones prevent applications from interacting with each other and each other’s data. When permission is granted for example to allow an app to access and write to ‘photos’ this access is limited to the specific directory the photos are stored in, and there are safeguards that prevent a malicious app from doing something that apple or google (depending on the OP you are using) doesn’t want the app doing.

There are obviously bugs and zero day attacks, however a smartphone will generally be more safe than an internet connected computer. It will be less safe than a ‘cold storage’ computer that has never and will never be connected to the internet.

Internet connected computers for example will often automatically download files and will only earn you about opening a program downloaded from the internet.

[Stedsm]

Modern smartphones prevent applications from interacting with each other and each other’s data. When permission is granted for example to allow an app to access and write to ‘photos’ this access is limited to the specific directory the photos are stored in, and there are safeguards that prevent a malicious app from doing something that apple or google (depending on the OP you are using) doesn’t want the app doing.

Ok, I've got a question here again:

What IF:
- Let's say for eg.; I give Google Photos the permission to receive all my images in my smartphone (and I don't believe it's limited to a specific folder but all the images in my smartphone). Does Google save all the images in its Drive feature and shows through photos? Will my privkeys also be on stake if I use Google drive if I've saved my privkeys in Json format and it gets exposed to Drive which, if hacked, can be in the hands of that hacker with all other data that's saved there?