cartelera familiar: 2020

Wednesday, September 23, 2020

GGDA Meeting At KSU (And SIEGE Volunteer Meeting)

Presentation from Joe Cassavaugh: "How to Survive and Thrive in Game Dev." CGDD students faulty and chair attended.

https://ggda.org/blog/ggda-meeting-sept-10-at-ksu/

Tuesday, September 22, 2020

PUBG 0.14.0 APK+OBB Download

PUBG 0.14.0 APK+OBB

===============================================

How To Install PUBG 0.14.0 APK+OBB without Errors and Problems

===============================================
Screenshots

PUBG 0.14.0 APK+OBB :-

CLICK HERE

----------------------------------------------------------------------

THANK YOU SO MUCH FOR VISITING OUR SITE.

Sunday, September 13, 2020

Sometimes, that brokeness isn't money, but something intangible... like character, respect, or not being a ridiculous laughingstock.

Kiel "problematic" Chenier may be the latest self-flagellating woke-soldier hip-deep in culture war bullshit, grovelling before the other intolerant leftists, but somehow his failure is more delicious than usual. Perhaps it's something in the chocolate?

This is Kiel's apologetic post. It's so cringe that you just have to read it for yourself. I'm sure the social justice circle-jerk is ready to accept their soiled dove. "So brave and beautiful."

Kiel appeared on my radar years ago when I asked him to review The Islands of Purple-Haunted Putrescence. He's one of the few gamers who didn't like it.

Then a bit later, he agreed to review Alpha Blue, but then decided not to follow-through because it was too hetero-normative and sexist or some stupid bullshit (yes, hetero-phobia is real). Yeah, I know. I'm not allowed to love boobies because I'm a straight white male (actually, za'akier).

This is one of the many reasons why I have zero time for the ENnies. It's a reflection of the near constant revisionism based on identity politics, virtue signaling, and victim-ology. The ENnies are like the "woke awards", and in my humble opinion, those same radical leftists are trying to ruin this hobby... and the USA.

Privilege does exist. However, the privilege we have to worry about is entitled first-world busybody saviors and would-be authoritarians with more activism than brains, throwing themselves into perpetual revolution because they're bored, because they are too free, because their lives are too easy. Deep down, they know they'd actually be more or less satisfied with everything... if not for the gaping void of meaninglessness inside, exposed for all to see.

I desperately hope that November's election is not only a referendum on the Socialist "utopia" ideology ending with the death of freedom and millions of people, but also gamers who believe in being offended on behalf of everybody else, cancel culture, and the destruction of traditional / old-school RPGs.

VS

p.s. That's why I didn't submit Cha'alt for the ENnies. But you can still get a luxurious hardcover book of your very own. Ordering details here!

How To Paint Horses Using The Oil Paint Wipe Method

If you exclude "what are you doing in my back garden dressed as a chicken ?" one of the most common questions I get is how do you paint you horses. The other, how do you do your sea bases will be the subject of the Yarkshire TV treatment soon, however for now here is a video run through of painting horses in oils.

It's quite lengthy (45 mins plus) but I have covered everything, equipment, paints, techniques, figures etc so if you are interested in trying out the oil method give this video a go.

You can get through horses at a fair rate of knots too, any questions just ask.

Questions Answered

On the various formats this video has been posted on there have been a few common questions so to save me posting the same thing on different formats here they are,

How long is the drying time post wipe ?

The drying time post wipe is obviously variable around how much oil you use, room temperature etc but is considerably less than an unwiped figure.

I leave mine a minimum of a week before I start using acrylics for reins, saddle, white markings etc. I would give it a couple of days minimum in a warm room.

The problem area will often be the recesses around the harness as this is where the deepest amount of oil paint sits. If your unsure try a test patch.

It's never a problem for me, the big selling point of this method is speed of painting so I paint in batches of 50 to 100 horses so they sit around sometimes for over a year to be painted.

What are the best colour combinations ?

The first thing I would say on this is that another of the strong points of this method for me is the hundreds of different combinations of colours and the subtle effects you can achieve, even using the same oil colour but with a different consistency will give a different effect so it's very hard to quantify. My top tip is to find stuff out by trial and error.

Golden Rule number one is that the oil paint must be darker than the acrylic base otherwise their will be no contrast

If you want a colour combination to try as a test I would use a Vallejo 70856 Ochre Brown base with a Brown Madder (or Burnt Umber) oil layer.

The darkest oil paint is Vandyke Brown which is almost black. This works best with the dark base coats so try 70814 Burnt Cadmium Red as a base. Others to try are darker browns like 312 (Panzer Aces) Leather Belt, 70983 Flat Earth, 70921 English Uniform, 70879 Green Brown.

Going lighter next up would be Burnt Umber, this is a very dark but slightly redder colour than Vandyke Brown. It works best with dark ochre type colours so Ochre Brown, 70914 Green Ochre 70825 German Pale Brown are good.

In between Burnt Umber and the next colour is Raw Umber, this is a very earthy brown and doesn't have the sheen of other colours, I use it sparingly over German Pale Brown and 70874 USA Tan Earth.

Next lighter are Brown Madder and Brown Transparent Oxide, I have put these two together as they are very similar but give a subtle difference in effect, the transparent oxide being, well more transparent. These are the most versatile colours and work well with the Burnt Umber colours. Go to is Ochre Brown as mentioned above. Also good are 70977 Desert Yellow, 70912 Tan Yellow, 70913 Yellow Ochre.

Finally the lightest Oils Burnt Sienna and Brown Ochre, these only work with quite lighter colours and I sometimes mix a bit of Burnt Umber in to darken them up. Go with Desert Yellow, Tan Yellow, 70847 Dark Sand, Yellow Ochre, 70976 Buff.

Hope that sends you in the right direction. I encourage experimenting with the colours, try some of the light bases like Dark Sand with Brown Madder for example and see if you like it. So long as the oil paint is darker than than the base it will work, you will find the best combinations for your taste.

What consistency of oil paint should I use ?

Paint straight from the tube is too thick, get some distilled turpentine like in the video, put a small amount of oil paint on a none absorbent surface (size of your little finger nail) add a touch of turps to the brush, pick up some oil paint on the brush and mix them together on the surface.

You are looking for a consistency off oil, thin enough to flow easily over the horse and get into all the recesses but thick enough to give a full colour coverage.

Friday, September 04, 2020

AX-029, Crackpots!

Today's episode is about Crackpots, the Activision game that was the first 2600 game by Dan Kitchen, who went on to make many more (and is still making them!). I hope that you enjoy the episode.

Next on the podcast is Malagai, by Answer Software. If you have this game, I would love to see a photo of it on Facebook or Twitter, see the links below for those. If you have any thoughts on the game, please send them to me at 2600gamebygame@gmail.com by end of day 17 February. Just tell me what you think of it, I will take care of the nuts and bolts of the game. As always, I thank you for listening.

Crackpots on Random Terrain
Crackpots on Atari Protos
Dan Kitchen's web site
Dan Kitchen's Games site
Dan Kitchen interview by Classic Gamer 74
Atari Age thread on Keystone Kapers 2 discovery
Crackpots patch on Digital Press
...and accompanying letter
Crackpots commercial
Jim's Ferg Quest sprite hack
Ryan's Atari Age High Score Showdown post for Crackpots
Wilson Oyama's Crackpots playthrough video
No Swear Gamer 521 - Crackpots
Sean's Autobiography of a Schnook Podcast Chapter 5

Monday, August 31, 2020

BASICS OF METASPLOIT – BASIC COMMANDS OF METASPLOIT

Metasploit is an advanced hacking tool that comes itself with a complete lack of advanced penetration testing tools. Penetration testers and hackers are taking so much advantage of this tool. It's a complete hack pack for a hacker that he can play almost any attack with it. Here I am going to discuss the basics of Metasploit. I am not covering attacks in this article, as I am just making sure to share the basics of Metasploit and basic commands of Metasploit. So, we can get back to cover attacks of Metasploit in the next articles.

BASICS OF METASPLOIT

The Metasploit framework has three types of working environments.

msfconsole
msfcli interface
msfweb interface

However, the most preferred and used is the 'msfconsole'. It's a very efficient command-line interface that has its own set of commands and system's working environment.

First of all, it's most important to know and understand all the useful commands of Metasploit that are going to be used.

BASIC COMMANDS OF METASPLOIT

Metasploit have a huge number of command that we can use in different type of attacks, but I am just going to share the most used and useful commands here that a beginner can easily understand and follow 'em.

help (It will give the basic commands you need to launch an exploit.
search (Finds out the keywords in the selected attack method).
show exploits (Shows list of an available exploit in the selected option).
show payloads (It lists all the payloads available).
show options (It helps you to know all the options if you might have forgotten one).
info (This is used to get information about any exploit or payload).
use (It tells Metasploit to use the exploit with the specified name).
set RHOST (Sets the address of specified remote host).
set RPORT (Sets up a port that connects to on the remote host).
set PAYLOAD (It sets the payload that gives you a shell when a service is exploited).
set LPORT (Sets the port number that the payload will open on the server when an exploit is exploited).
exploit (It actually exploits the service).
rexploit (Reloads your exploit code and then executes the exploit without restarting the console).

These are the most used Metasploit commands which come in handy in most of the situations during any sort of attack. You must give all the commands a try and understand 'em how it works and then move to the next part of designing an attack.

More information

Tricks To Bypass Device Control Protection Solutions

Preface

As I wrote in a previous blog post, I had an engagement last year where my task was to exfiltrate data from a workstation on some sort of storage media. The twist in that task was Lumension Sanctuary Device Control, and the version was 4.3.2, but I am not sure how newer version work and this seems to be a more general problem with device control solution, for example with Symantec products.

But what is a device control solution? In short, they audit I/O device use and block the attempts to use unauthorized devices. This includes hardware such as USB, PS/2, FireWire, CD/DVD so basically every I/O port of a computer. In my opinion, these are pretty good things and they offer a better looking solution than de-soldering the I/O ports from the motherboards or hot-gluing them, but on the other hand, they can be bypassed.

Bypass

OK, so what is the problem? Well the way these device control solutions work is that they load a few kernel drivers to monitor the physical ports of the machine. However... when you boot up the protected computer in safe mode, depending on the device control solution software, some of these drivers are not loaded (or if you are lucky, none of those modules will be loaded...) and this opens up the possibility to exfiltrate data.

In theory, if you have admin (SYSTEM maybe?) privileges, you might as well try to unload the kernel drivers. Just do not forget, that these device control solutions also have a watchdog process, that checks the driver and automatically loads it back if it is unloaded, so look for that process and stop or suspend it first.

In my case with the Lumension Sanctuary Device Control, I have found that when I boot the Workstation protected by the device control software in Safe Mode where, software's key logger protection module is not running... so I was still unable to use a USB stick, or a storage media, but I could plug in a keyboard for example...hmmm :)

As some of you probably already figured it out, now it is possible to use a pre-programmed USB HID, for example a Teensy! : ) I know about three different project, that uses this trick like these two mentioned in a Hackaday post, or this one. Unfortunately, the site ob-security.info no longer seems to be available (well, at least it is no longer related to infosec :D ), but you can still find the blog post and the files with the Wayback Machine.

For the hardware part, the wiring of the Teensy and the SD card adaptor is the same as I showed in the post on Making a USB flash drive HW Trojan or in the Binary deployment with VBScript, PowerShell or .Net csc.exe compiler post, so I will not copy it here again.

I have to note here that there are other ways to bypass these device control solutions, like the method what Dr. Phil Polstra did with the USB Impersonator, which is basically looks for an authorized device VID/PID and then impersonates that devices with the VID/PID.

Mitigation

Most probably, you will not need safe mode for the users, so you can just disable it... I mean, it is not that easy, but luckily there is a great blog post on how to do that. BTW, the first page of the post is for Windows XP, but you are not using XP anymore, aren't you? ;)

Alternatively, as I mentioned at the beginning, you might as well use some physical countermeasure (de-soldering/hot-gluing ports). That shit is ugly, but it kinda works.

Conclusion

Next time you will face a device control solution, try out these tricks, maybe they will work, and if they do, well, that's a lot of fun. :)

But don't get me wrong, these device control solutions and similar countermeasures are a good thing and you should use something like this! I know that they make doing business a bit harder as you are not able to plugin whatever USB stick you want, but if you buy a pile of hardware encrypted flash drives, and only allow those to be plugged in, you are doing it right ;)

Sunday, August 30, 2020

macSubstrate - Tool For Interprocess Code Injection On macOS

macSubstrate is a platform tool for interprocess code injection on macOS, with the similar function to Cydia Substrate on iOS. Using macSubstrate, you can inject your plugins (.bundle or .framework) into a mac app (including sandboxed apps) to tweak it in the runtime.

All you need is to get or create plugins for your target app.
No trouble with modification and codesign for the original target app.
No more work after the target app is updated.
Super easy to install or uninstall a plugin.
Loading plugins automatically whenever the target app is relaunched.
Providing a GUI app to make injection much easier.

Prepare

Disable SIP
Why should disable SIP

System Integrity Protection is a new security policy that applies to every running process, including privileged code and code that runs out of the sandbox. The policy extends additional protections to components on disk and at run-time, only allowing system binaries to be modified by the system installer and software updates. Code injection and runtime attachments to system binaries are no longer permitted.

Usage

download macSubstrate.app, put into /Applications and launch it.
grant authorization if needed.
install a plugin by importing or dragging into macSubstrate.
launch the target app.
step 3 and step 4 can be switched
Once a plugin is installed by macSubstrate, it will take effect immediately. But if you want it to work whenever the target app is relaunched or macOS is restarted, you need to keep macSubstrate running and allow it to automatically launch at login.
uninstall a plugin when you do not need it anymore.

Plugin
macSubstrate supports plugins of .bundle or .framework, so you just need to create a valid .bundle or .framework file. The most important thing is to add a key macSubstratePlugin into the info.plist, with the dictionary value:

Key	Value
`TargetAppBundleID`	the target app's `CFBundleIdentifier`, this tells macSubstrate which app to inject.
`Description`	brief description of the plugin
`AuthorName`	author name of the plugin
`AuthorEmail`	author email of the plugin

Please check the demo plugins demo.bundle and demo.framework for details.

Xcode Templates
macSubstrate also provides Xcode Templates to help you create plugins conveniently:

ln -fhs ./macSubstratePluginTemplate ~/Library/Developer/Xcode/Templates/macSubstrate\ Plugin
Launch Xcode, and there will be 2 new plugin templates for you.

Security

SIP is a new security policy on macOS, which will help to keep you away from potential security risk. Disable it means you will lose the protection from SIP.
If you install a plugin from a developer, you should be responsible for the security of the plugin. If you do not trust it, please do not install it. macSubstrate will help to verify the code signature of a plugin, and I suggest you to scan it using VirusTotal. Anyway, macSubstrate is just a tool, and it is your choice to decide what plugin to install.

Download macSubstrate

cartelera familiar