Jump to content

Leaderboard

Popular Content

Showing content with the highest reputation on 01/02/18 in all areas

  1. Hard forks? Soft forks? ICOs? Bombarded by no shortage of unfamiliar technical terms in 2017, consumers in the blockchain sector once again proved a ripe target for hackers and criminals. But, not all hacks and scams were created equal. Some rose above the froth – either due to their size or impact – as well as what they said about the state of blockchain technology and the industry itself. Still, the impacts of these incidents were far from academic. Whether it was a simple wallet hack, fraudulent ICO or a bug in a piece of software code, investors lost millions, with nearly $490 million taken in the incidents below. So far, none of the perpetrators of these crimes has been caught or even identified, and it's questionable whether most of these funds can be found or returned. 1. CoinDash ICO Hack Payment and shipment startup CoinDash launched an initial coin offering (ICO) campaign early this summer, but it quickly had to pump the brakes after its ethereum address was compromised. The startup raised $7.3 million before a hacker changed the address, causing donations to go to an unknown party. The company shut down the ICO, but promised to send its native token award, CDT, to those who attempted to donate. While the company stated that donations sent after it had released its statement would not be honored, some investors continued to show support by donating to the hacked address, inadvertently raising the amount of stolen funds from $7 million to $10 million at the time. All in all, the incident showcases the growing pains experienced by ICOs, which despite raising massive amounts of funds, still had to navigate the complexities of an early-stage technology. 2. Parity Wallet Breach It was a tough year for cryptocurrency wallet provider Parity, which has the rare distinction of being cited twice on our year-end list. Issues began in July when the U.K.-based startup discovered a vulnerability in version 1.5 of its wallet software, resulting in at least 150,000 ethers being stolen from user accounts. The bug was found in its multi-signature wallets, compromising several companies’ ICO fundraisers. At the time, the ethers were worth roughly $30 million, but they're worth closer to $105 million as of mid-December. The issue was deemed "critical," with the company's CTO, Gavin Wood, announcing at least three compromised addresses and saying efforts were being made to prevent further loss of funds. It was later found that more than 70,000 ethers were already cashed out or otherwise redeemed in some way, ensuring that their loss was permanent. 3. Enigma Project Scam Back in ICO-land, issues weren't limited to compromised addresses. Blockchain startup Enigma saw its website, mailing lists and an administrator account on its Slack channel compromised when fraudsters launched a fake token pre-sale in August, defrauding potential investors of more than 1,500 ethers. The hijacked accounts promised a large return on investment, and masquerading as the genuine operators of the project, those behind the effort were able to convince unsuspecting consumers to donate to the compromised website. While the team behind Enigma was able to recover control of the company’s accounts, the ether wallet used by the hacker was emptied, and the funds were not recovered. 4. Parity Wallet Freeze Perhaps the year's biggest security incident, this entry on the list is also distinguished by being one the few to take place without the apparent aid of a malicious party. Occurring suddenly this November, a Parity user accidentally found a bug in the software code, freezing more than $275 million in ether in the wallet’s second major incident of 2017. One of two widely used clients for ethereum, the miscue effectively called into question what was and is a central infrastructure component of the network, prompting some to doubt the company's offerings and renewing criticisms of ethereum itself. In subsequent updates, developers have pushed to restore the funds, though it's now believed that doing so would require all ethereum users to upgrade their software. 5. Tether Token Hack In another incident notable for its unresolved controversies, more than $30 million was stolen from the U.S. dollar-pegged cryptocurrency Tether in late November. At the time, Tether claimed that roughly $31 million’ worth of tokens were taken from their virtual treasury and sent to an unknown bitcoin address. Not a significant number in the cryptocurrency economy, the hack was more relevant as it effectively renewed long-standing criticisms of Tether the company, prompting scrutiny in the form of blog posts and mainstream news exposes. The company later moved to blacklist the tokens stolen through an update to the Omni protocol, the blockchain on which it is based. Still, Tether continues to be dogged by allegations the incident played no small part in stirring up. 6. Bitcoin Gold Scam Think forks were confusing? So did scammers, and those seeking to cash out new tokens awarded in blockchain splits often proved all too easy to target. Shortly after the launch of a bitcoin fork called bitcoin gold, for example, some bitcoin users had their cryptocurrency wallets drained after using a service seemingly endorsed by the project's development team. Marketed as a way to authenticate whether a user was eligible for bitcoin gold funds (effectively free money for bitcoin owners), the website’s operators instead stole more than $3 million in bitcoin, bitcoin gold, ethereum and litecoin. Bitcoin gold’s development team claimed no formal relationship with the website’s developer, arguing he reached out offering to build a wallet checking service and offering to make his code open-source. The site’s developer initially claimed the site was hacked, but later wiped his GitHub and ceased responding to users on the fork’s Slack channel. Overall, though, it was another case of consumers falling into traps over promises of free funds. 7. NiceHash Market Breach That's not to say that long-standing companies were spared by the year's attacks. This was the case when cryptocurrency mining marketplace NiceHash, a well-known marketplace for mining power, reported being hacked early in December, later confirming that about 4,700 in bitcoin was stolen. At the time, that was worth approximately $78 million. It was later revealed an employee’s computer was compromised, allowing the perpetrator to gain access to the marketplace’s systems and remove bitcoin from the company’s accounts. NiceHash CEO Marko Kobal later announced that his team was trying to determine how the hack occurred, but that it would take time to establish what happened. Disclosure: CoinDesk is a subsidiary of Digital Currency Group, which has an ownership stake in Enigma. Various images courtesy Shutterstock Via coindesk.com
    3 points
  2. CryptoTracker An easy way to setup and manage your crypto currency portfolio from the terminal. (Using the Coin Market Cap API) Compatible with Python 2 and Python 3 Install python setup.py install Usage View coin data cryptotracker -i bitcoin xrp dash Convert fiat output cryptotracker -i bitcoin -c eur Add to portfolio cryptotracker -a btc --amt 2000 cryptotracker --add ripple --amt 5352 Remove from portfolio cryptotracker -rm btc View Portfolio cryptotracker -p Screenshot Download: CryptoTracker-master.zip git clone https://github.com/Max00355/CryptoTracker.git Source: https://github.com/Max00355/CryptoTracker
    2 points
  3. A critical security vulnerability has been reported in phpMyAdmin—one of the most popular applications for managing the MySQL database—which could allow remote attackers to perform dangerous database operations just by tricking administrators into clicking a link. Discovered by an Indian security researcher, Ashutosh Barot, the vulnerability is a cross-site request forgery (CSRF) attack and affects phpMyAdmin versions 4.7.x (prior to 4.7.7). Cross-site request forgery vulnerability, also known as XSRF, is an attack wherein an attacker tricks an authenticated user into executing an unwanted action. According to an advisory released by phpMyAdmin, "by deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables, etc." phpMyAdmin is a free and open source administration tool for MySQL and MariaDB and is widely used to manage the database for websites created with WordPress, Joomla, and many other content management platforms. Moreover, a lot of hosting providers use phpMyAdmin to offer their customers a convenient way to organize their databases. Barot has also released a video, as shown above, demonstrating how a remote attacker can make database admins unknowingly delete (DROP) an entire table from the database just by tricking them into clicking a specially crafted link. However, performing this attack is not simple as it may sound. To prepare a CSRF attack URL, the attacker should be aware of the name of targeted database and table. Barot reported the vulnerability to phpMyAdmin developers, who confirmed his finding and released phpMyAdmin 4.7.7 to address this issue. So administrators are highly recommended to update their installations as soon as possible. Source: thehackernews.com
    2 points
  4. In my last post I discussed the basic implementation of Blockchain in Swift language. In this post I will take the Blockchain implementation to the cloud using server side Swift framework, Vapor. We will build the Blockchain Web API over the HTTP protocols, providing necessary functionality using different routes. This post assumes that you have installed Vapor framework on your computer and have basic knowledge of Swift Language. Implementing Models The first step is to create necessary models for the Blockchain Web API. These models will consist of the following. Block: A block class represents a single block which can contain inputs and outputs represented by transactions. class Block : Codable { var index :Int = 0 var dateCreated :String var previousHash :String! var hash :String! var nonce :Int var message :String = "" private (set) var transactions :[Transaction] = [Transaction]() var key :String { get { let transactionsData = try! JSONEncoder().encode(self.transactions) let transactionsJSONString = String(data: transactionsData, encoding: .utf8) return String(self.index) + self.dateCreated + self.previousHash + transactionsJSONString! + String(self.nonce) } } func addTransaction(transaction :Transaction) { self.transactions.append(transaction) } init() { self.dateCreated = Date().toString() self.nonce = 0 self.message = "Mined a New Block" } init(transaction :Transaction) { self.dateCreated = Date().toString() self.nonce = 0 self.addTransaction(transaction: transaction) } } The properties of Block class are explained below: index — The position of block in the blockchain. Index of 0 means that the block is the first block in the blockchain. Index of 1 means it is the second block in the blockchain.. you get the idea right! dateCreated — The date when the block was created previousHash — The hash value of the previous block hash — The current hash of the block message — Memo attached to each block. This is just for our purposes nonce — Auto incremented number which plays an important role for mining the hash transactions — An array of transactions. Each transaction represents a transfer of goods/value key — This is a computed property which is passed to the hashed function Transaction: Transaction consists of the sender, recipient and the amount being transferred. The implementation is shown below: class Transaction :Codable { var from :String var to :String var amount :Double init(from :String, to :String, amount :Double) { self.from = from self.to = to self.amount = amount } init?(request :Request) { guard let from = request.data["from"]?.string, let to = request.data["to"]?.string, let amount = request.data["amount"]?.double else { return nil } self.from = from self.to = to self.amount = amount } } The Transaction class is self explanatory. It consists of from, to and amount fields. For the sake of simplicity we will be using dummy names for from and to fields, in reality these fields will consist of wallet ID. Blockchain: Blockchain is the main class which represents a list of blocks. Each block points back to the previous block in the chain. Each block can contain multiple transactions, representing the credit or debit. class Blockchain : Codable { var blocks :[Block] = [Block]() init() { } init(_ genesisBlock :Block) { self.addBlock(genesisBlock) } func addBlock(_ block :Block) { if self.blocks.isEmpty { // add the genesis block // no previous has was found for the first block block.previousHash = "0" } else { let previousBlock = getPreviousBlock() block.previousHash = previousBlock.hash block.index = self.blocks.count } block.hash = generateHash(for: block) self.blocks.append(block) block.message = "Block added to the Blockchain" } private func getPreviousBlock() -> Block { return self.blocks[self.blocks.count - 1] } private func displayBlock(_ block :Block) { print("------ Block \(block.index) ---------") print("Date Created : \(block.dateCreated) ") //print("Data : \(block.data) ") print("Nonce : \(block.nonce) ") print("Previous Hash : \(block.previousHash!) ") print("Hash : \(block.hash!) ") } private func generateHash(for block: Block) -> String { var hash = block.key.sha256()! // setting the proof of work. // In "00" is good to start since "0000" will take forever and Playground will eventually crash :) while(!hash.hasPrefix(DIFFICULTY)) { block.nonce += 1 hash = block.key.sha256()! print(hash) } return hash } } Each model adheres to the Codable protocol which allows it to easily convert to JSON represented object. If you have followed the last article then the implementation above is very similar. Next step is to configure routes for our Web API, this is implemented in the new section using the Vapor framework. Implementing Web API Using Vapor There are several different ways of implementing the Web API using Vapor. Instead of adding all the code in the Routes class, I proceeded by adding a custom controller which will handle all Blockchain requests. The implementation of BlockchainController is shown below: class BlockchainController { private (set) var drop :Droplet private (set) var blockchainService :BlockchainService! init(drop :Droplet) { self.drop = drop self.blockchainService = BlockchainService() // setup the routes for the controller setupRoutes() } private func setupRoutes() { self.drop.get("mine") { request in let block = Block() self.blockchainService.addBlock(block) return try JSONEncoder().encode(block) } // adding a new transaction self.drop.post("transaction") { request in if let transaction = Transaction(request: request) { // add the transaction to the block // get the last mined block let block = self.blockchainService.getLastBlock() block.addTransaction(transaction: transaction) //let block = Block(transaction: transaction) //self.blockchainService.addBlock(block) return try JSONEncoder().encode(block) } return try JSONEncoder().encode(["message":"Something bad happend!"]) } // get the chain self.drop.get("blockchain") { request in if let blockchain = self.blockchainService.getBlockchain() { return try JSONEncoder().encode(blockchain) } return try! JSONEncoder().encode(["message":"Blockchain is not initialized. Please mine a block"]) } } } We will start by three basic endpoints for the Web API. Mining: This endpoint will initiate the mining proess. Mining will allow us to satisfy the proof of work and add the block to the Blockchain. Transaction: This endpoint is used to add a new transaction. The transaction will contain information about sender, receiver and the amount. Blockchain: This endpoint returns the complete blockchain. The BlockchainController uses the BlockChainService to perform the required operations. The implementation of BlockChainService is shown below: // // BlockchainService.swift // Run // // Created by Mohammad Azam on 12/25/17. // import Foundation import Vapor class BlockchainService { typealias JSONDictionary = [String:String] private var blockchain :Blockchain = Blockchain() init() { } func addBlock(_ block :Block) { self.blockchain.addBlock(block) } func registerNode(_ blockchainNode :BlockchainNode) { self.blockchain.addNode(blockchainNode) } func getLastBlock() -> Block { return self.blockchain.blocks.last! } func getBlockchain() -> Blockchain? { return self.blockchain } } Let’s go ahead and check out out Web API end points. Start the Vapor server and send a request to “mine” end point. Mining a New Block The proof of work algorithm generates a hash value starting with “000”. Once, the block has been mined we return it by converting it into JSON format. This is performed by using the Swift 4.0 Codable Protocols. Now, we can add our transaction to the blockchain. Here is a simple transaction which transfers $10 from Alex to Mary. New Transaction The final step is to check out our blockchain with the newly added block. Visit the endpoint “blockchain” to view the complete chain. Blockchain Hooray! Our Blockchain Web API is now working correctly. Unfortunately, the whole point of blockchain is to be decentralized and currently, we don’t have any mechanism to add new nodes. In the next section we are going to update our blockchain implementation so it can support multiple nodes. Adding Nodes to Blockchain Before allows the blockchain to add new nodes, we must define what a node looks like. The implementation of a node model is shown below: class BlockchainNode :Codable { var address :String init(address :String) { self.address = address } init?(request :Request) { guard let address = request.data["address"]?.string else { return nil } self.address = address } } The BlockChainNode class simply consists of an address property which represents the URL of the node server. We update the BlockchainController to add the ability to register new nodes. This is shown below: self.drop.post("nodes/register") { request in guard let blockchainNode = BlockchainNode(request :request) else { return try JSONEncoder().encode(["message":"Error registering node"]) } self.blockchainService.registerNode(blockchainNode) return try JSONEncoder().encode(blockchainNode) } The BlockchainService also gets updated to accommodate registering of the new nodes. func getNodes() -> [BlockchainNode] { return self.blockchain.nodes } func registerNode(_ blockchainNode :BlockchainNode) { self.blockchain.addNode(blockchainNode) } Let’s go ahead and test it out. Start the new Vapor server and try to register new nodes. Register a New Node Once, the node(s) has been registered, you can fetch it using the nodes end point as shown below: Fetching All Nodes Now, that we can register new nodes we should focus on resolving the conflicts between the nodes. A conflict happens when the blockchain on one node gets larger as compared to the other nodes. In this scenario, we always takes the neighboring nodes and updates them with the larger blockchain. Resolving Conflicts Between Nodes In order to create a conflict we need to run a second server or run the server on a separate port. We are going to use the later approach and start the Vapor server on a different port. Once, the two nodes are initiated, we will create transactions on both nodes which will add blocks to the blockchain. Finally, we will call a resolve end point which will resolve the conflicts between nodes and update the node to the larger blockchain. The BlockchainController has been updated to add a new end point for resolving conflicts. self.drop.get("nodes/resolve") { request in return try Response.async { portal in self.blockchainService.resolve { blockchain in let blockchain = try! JSONEncoder().encode(blockchain) portal.close(with: blockchain.makeResponse()) } } } We have used the async response feature of Vapor framework which will allow us to process the response asyncronously. The BlockchainService has also been updated to support the conflict resolution. The implementation is shown below: func resolve(completion :@escaping (Blockchain) -> ()) { // get the nodes let nodes = self.blockchain.nodes for node in nodes { let url = URL(string :"http://\(node.address)/blockchain")! URLSession.shared.dataTask(with: url) { data, _, _ in if let data = data { let blockchain = try! JSONDecoder().decode(Blockchain.self, from: data) if self.blockchain.blocks.count > blockchain.blocks.count { completion(self.blockchain) } else { self.blockchain.blocks = blockchain.blocks completion(blockchain) } } }.resume() } } The resolve function goes through a list of nodes and fetches the blockchain of each node. If the blockchain is larger than the current blockchain then it replaces the blockchain with the larger one, otherwise it returns the current blockchain which is also the larger one. In order to test it out let’s start two servers on separate port and add two transactions on port 8080 and three on 8090. You can start a Vapor server using terminal by issuing the following command. vapor run serve -— port=8090 We added three transactions on port 8080 node as shown below: Blockchain on Port 8080 After that we added two transactions on port 8090 node as shown below: Blockchain on Port 8090 Make sure to register the node with the 8090 address as shown below: Registering a Node Finally, it is time to test our resolve conflict end point. Invoke the “resolve” end point by visiting it in your Postman as shown below: Resolve End Point Returning Larger Blockchain As you can see the resolve end point returns the larger blockchain and also updates the blockchain for the other nodes. This completes our conflict resolution scenario. [Github] This post is based on an amazing post by Daniel Van Flymen “Learn Blockchains by Building One”. I hope you like the post. I am currently in the process of making a Udemy course on “Blockchain Programming in iOS”. You can subscribe here to get notified when the course is released. If you want to support my writing and donate then please visit my courses page and buy my amazing courses on Udemy. Thanks and happy programming! Source: https://hackernoon.com/building-blockchain-web-api-using-swift-and-vapor-2daf599c8449
    2 points
  5. IOHIDeous A macOS kernel exploit based on an IOHIDFamily 0day. Write-up here. Notice The prefetch timing attack I'm using for hid for some reason doesn't work on High Sierra 10.13.2 anymore, and I don't feel like investigating that. Maybe patched, maybe just the consequence of a random change, I neither know nor care. The vuln is still there and my code does both info leak and kernel r/w, just not in the same binary - reason is explained in the write-up. If you want that feature, consider it an exercise for the reader. Usage The exploit consists of three parts: poc panics the kernel to demonstrate the present of a memory corruption, should work on all macOS versions. leak leaks the kernel slide, could be adapted to other versions but as-is works only on High Sierra. hid achieves full kernel r/w, tested only on Sierra and High Sierra (up to & including 10.13.1), might work on earlier versions too. poc and leak need to be run as the user that is currently logged in via the GUI, and they log you out in order to perform the exploit. hid on the other hand, gives you four options for a first argument: steal requires to be run as root and SIP to be disabled, but leaves you logged in the entire time. kill requires root and forces a dirty logout by killing WindowServer. logout if executed as root or the currently logged in user, logs you out via launchctl. Otherwise tries to log you out via AppleScript, and then falls back to wait. wait simply waits for a logout, shutdown or reboot to occur. Additionally you can specify a second argument persist. If given, hid will permanently disable SIP and AMFI, and install a root shell in /System/pwned. leak and hid should be run either via SSH or from a screen session, if you wish to observe their output. Building Should all be self-explanatory: make all make poc make leak make hid make clean Download: IOHIDeous-master.zip git clone https://github.com/Siguza/IOHIDeous.git Source: https://github.com/Siguza/IOHIDeous/
    2 points
  6. Ba, io am gasit doar cele de mai jos. Dupa blocat apar popup-uri dar se inchid singure si e relativ ok. Merge filmul sa mearga on-click, dupa cateva refresh-uri, pe langa asteptat cele 60 secunde pentru "update VLC". Iti recomand calduros un s-o fut pe ma-ta, daca tu crezi ca cineva o sa se uite pe bune la filme pe site-ul tau de cacat.
    2 points
  7. Descriere: The Nut Job 2: Nutty by Nature (2017) este doar unul din colectia noastra de filme in limba romana, pentru mai multe filme te poti uita in partea dreapta la sectiunea cu filme subtitrate, iar daca ai ceva probleme cu vizionarea acestui video "The Nut Job 2: Nutty by Nature (2017) online subtitrat in romana" te rog sa raportezi filmul in sectiunea report! Adica ce informatii concrete? Nu ai descriere, nu ai tipul filmului, nu ai niste stele sa stie omul daca filmul se merita. 2. Te dreq cu pop-up. Tre sa fii geniu sa navighezi pe site-ul tau. 9/10 clickuri deschid un popul sau un redirect sau un fake play-button. Calitatea video e 9.5/10, interfata grafica e 1/10, intoxicata cu ads si popups. PS: Eu nu as folosi site-ul.
    2 points
  8. Daca n-ar fi atatea popupuri canceroase, la fel ca pe restul siturilor similare, chiar ar fi o vizionare placuta.
    2 points
  9. Modifica .exe-ul sa dezactivezi protectia.
    2 points
  10. Cum arată Eveline Cismaru, tânăra care a spart sistemul de securitate al Poliţiei din Washington GALERIE FOTO Publicat: Vineri, 29 Decembrie 2017 19:21 // Actualizat: Vineri, 29 Decembrie 2017 19:26 // Sursa: romaniatv.net Autor: Filip Stan Eveline Cismaru, tânăra care a spart sistemul de securitate al Poliției din Washington, publica poze provocatoare pe Facebook. Ea a fost arestată, alături de Mihai Alexandru Işvanca, pe 15 decembrie, la București, în cadrul unei operațiuni care viza mai mulți hackeri români. Comenteaza PrevNext Mihai Alexandru Işvanca și Eveline Cismaru sunt acuzați de procurorii americani că au piratat sistemul care gestionează camerele de supraveghere din Washington. Tinerii au accesat fraudulos aproape 123 de calculatoare care erau conectate la camerele de supraveghere ale Poliției Metropolitane din Washington. În ianuarie, cei doi hackeri români au reușit să scoată din funcțiune două treimi din numărul camerelor video ale Poliției, notează observator.tv. Secret Service a informat că un număr de computere conectate la camere de supraveghere ale Departamentului Poliției Metropolitane au fost afectate în perioada 9-12 ianuarie de virușii de tip ransomware "cerber" şi "dharma". Incidentul a avut loc chiar înaintea ceremoniei de învestire în funcție a președintelui Donald Trump, iar autoritățile americane au demarat imediat o investigație. Mihai Alexandru Işvanca și Eveline Cismaru ar fi vrut să obțină o sumă de bani pentru a debloca sistemul. În prezent, Mihai Alexandru Işvanca se află în arest preventiv, iar femeia în arest la domiciliu, în vederea extrădării. Curtea de Apel Bucureşti a judecat în 16 decembrie cazul lor, acordând termen 11 ianuarie 2018 pentru judecarea cererii de extrădare. Citeste mai mult pe RTV.NET: http://www.romaniatv.net/cum-arata-eveline-cismaru-tanara-care-a-spart-sistemul-de-securitate-al-politiei-din-washington_395508.html#ixzz533E5F9P9
    1 point
  11. http://prntscr.com/hva3qf x 30
    1 point
  12. cred ca toata lumea se astepta sa fie o dihanie de 150 de kile
    1 point
  13. 1 point
  14. Problema ar fi ca un astfel de program gandit anti sandbox / vm cel mai probabil are si o solutie anti debugging gandita. Cu toate astea ar fi o solutie insa dar poate scapa mai usor.
    1 point
  15. Bun, intai va trebui sa faci un test case ca mai apoi sa aplici o eventuala solutie custom tehnica. 1.) Setari VM -> Display -> debifeaza "automatically adjust user interface size in the virtual machine". 2.) Restrictioneaza complet accesul programului asupra cmd si powershell. (Extra: dai un systeminfo si uitate la "System Manufacturer" vezi daca e semnat VMWare sau altceva de genul asta decat marca de laptop sa alte bazaconii clasice des intalnite) 3.) Scrie un programel care sa simuleze constant miscari de cursor care totodata sa si porneasca programul, baga-l la startup si da un restart. 4.) Incearca sa-l rulezi in safe mode. 5.) Monitorizeaza cu atentie daca (si cand) are momente cand face abuz de procesor. Ai putea de exemplu sa faci miscari bruste cu mouse-ul, sa faci ceva text input / sa iesi cu mouse-ul de pe fereastra de VM complet, sa observi daca se schimba ceva in materie de cpu usage sau chiar ram. 6.) Monitorizeaza WinAPI si vezi ce functii acceseaza (si cand) concret.
    1 point
  16. https://github.com/hfiref0x/VBoxHardenedLoader
    1 point
  17. am avut si eu o oferta de dubai , dar dupa ce am vazut care sunt costurile de trait acolo , si plus fara bere ... mi-am bagat picioarele
    1 point
  18. Cu un IQ peste medie...acestia au fost prinsi. Tarfa proasta de Onesti, sta in Leu la Bucuresti. O pupaza botoxata si siliconata cu abdomen bine definit. Extraordinar! romaniatv, a scris chiar si in libertatea. Stire de interes national. Fain, sunt mai informat acum.
    0 points
  19. Daca o pitipoanca are creier pentru asa ceva si apoi face poze gen ... it's all fucked up!
    0 points
  20. Asta un singur lucru stie sa sparga... coaele celor cu bani
    0 points
  21. sa fii sanatos
    -1 points
  22. -3 points
×
×
  • Create New...