Mrs. King - School Year 2010-2011

Friday, May 1, 2020

Runequest’s Glorantha LARP At SaltCon




This year at the SaltCon 2020 Main Event (website) we had the opportunity to playtest a live action role play (LARP) in the RuneQuest setting of Glorantha. I know people who will scoff at the idea of doing a LARP, especially at a convention. They picture people running around in homemade armor and smacking each other with foam swords. This isn't one of those events.

If you are not familiar with RuneQuest or Glorantha, you need to know at least a little about the world.

RuneQuest (Wikipedia) is one of the roleplaying game (RPG) systems that has been around as long as Dungeons and Dragons. The world of Glorantha (Wikipedia) started as a board game in the mid-1970s. It is a world where people of all walks of life have the ability to interact with the gods to make things happen. It is a place where runes have power. It is where the people have strong ties with their homeland, their tribe, their people. It isn't a world of adventures, just killing "monsters" because they are different and evil. It is a place where your actions have consequences. For roleplaying, it means there is opportunity for deeper and grander experiences, besides the fight. This is a basic statement and there is much more to the world that set it apart.

Because it is a world where action has consequences and not just swinging a sword, it's a great setting for a LARP. This one was about questing for ruins, trading with other tribes, and the greater battle taking place against chaos.

The Game

We were treated to this LARP by John Wick (Wikipedia). Recently he took a position with Chaosium (webpage) and has been involved in developing new material for RuneQuest and Glorantha. This was a prototype he is working on.

I'll give the setting in basic details for those who aren't familiar with the lore of Glorantha. We were five groups of people in a mountain pass a few years after a dragon had been brought forth. In Glorantha dragons aren't fought by normal people, these creatures have wingspans measured in leagues. We were rebuilding in the pass as members of five different nations.

We were given the option to create any character background we wanted. Every person of the world can interact as the adventures of other systems. We were given the option to create goals for ourselves and we were given goals for our group. There was also conflict set up between the groups.

One of the groups being played were the Lunars. They are known to work with chaos. Because of this tie, every other nation had a goal of limiting their power and control of the Glowline.


There was a battle map set up on one table. Each group appointed one player as their general of the forces represented on the table. Strategy was played as the forces were moved to gain control of resources, and to keep others from gaining more. One location, the Glowline, was a place of magic the Lunars wanted to build up, while everyone else wanted it to diminish.

Thus we began, through several seasons. We collected resources, bartered, traded, made alliances, broke alliances, and quested. An epic story was created.

In the end, one tribe sacrificed themselves in a quest involving their entire group. They called upon their god to battle another god to save the world from chaos. Battles against chaos beasts were fought to banish them before they could destroy people and places in the mountains. And above all else, everyone had fun.

I can't relate many of the smaller details because there was so much going on in the room. Groups would huddle up and plan, then divide up to negotiate with others. Everything happened in one room, no secret meeting taking place someplace else. This also led to spying as people would get close enough to hear what was being negotiated.

Overall

If you've never experienced a LARP because you didn't want to be running around doing hack and slash, this was the type of event you need to play. There are also other systems that play this style of LARP, in case you want to get a feel for it.

If you've haven't had the opportunity to experience RuneQuest and Glorantha, keep an eye out for this event at upcoming conventions. It was worth the time. During the rest of the convention, and even afterwards on social media, people who played the LARP were talking about it. They greeted comrades, and sneered at their enemies.

I send forth a thank you to John Wick, those who helped in the presentation of this game, and Chaosium for giving them the opportunity of hosting this LARP. I look forward to seeing what he comes up with for Glorantha and RuneQuest.

By the way, I have some food supplies I'm looking to trade for herd animals.

I'm working at keeping my material free of subscription charges by supplementing costs by being an Amazon Associate and having advertising appear. I earn a fee when people make purchases of qualified products from Amazon when they enter the site from a link on Guild Master Gaming and when people click on an ad. If you do either, thank you.

If you have a comment, suggestion, or critique please leave a comment here or send an email to guildmastergaming@gmail.com.

I have articles being published by others and you can find most of them on Guild Master Gaming on Facebookand Twitter(@GuildMstrGmng).



Website Updates

Over the last few years I've been trying to increase the accessibility of my site. I have 25 years of web pages that I maintain so it was a lot of work to do all at once. I split it up into multiple phases:

  1. Phase one: I converted 85% of my pages to use a "responsive layout", which takes into account the reader's browser size. I converted pages that had a 600px width and were relatively easy to convert to a variable px based layout. My focus was to write responsive CSS rules that smoothly varied the layout and font size based on browser width. I wrote my notes on how to do this.
  2. Phase two: I tackled the 15% of pages that were more difficult to convert, because of their use of non-standard layout, or interactive diagrams, or iframes, or anything else that made it difficult. I wrote a blog post about this. I still used a px based layout.
  3. Phase three: I'm ready to switch from a px based layout to a rem based layout.

This is how I often make progress past "analysis paralysis": I break the problem down into smaller, simpler ones and then work on them one at a time.

Browsers default to 16px fonts typically. Most people don't change the default. But some do. Around 3%. My site had overridden the reader's preferred font size and then set the layout based on my font size.

I have the page layout link the font size and the paragraph width.

  • For narrow browsers, below 550px, the paragraphs are the width of the browser, with a narrow margin. The font is 10px.
  • For medium width browsers, the paragraphs gain some space, but the margins also gain some space. The font grows along with the paragraph.
  • For wide browsers, above 1000px, the paragraphs are capped at 660px, and the rest goes to the margin. The font is capped at 20px.

I wanted to keep this variable font size but make it scale with the reader's preferred font size. Note that I'm not displaying at the browser font size, but instead scaling my variable font size (10px to 20px) based on the ratio of the browser font size to the default. If the reader has set the font size to be 20% larger than the default, then my font sizes will be 20% larger, so 10px becomes 12px and 20px becomes 24px. I made the layout match the font size change by changing the "breakpoint" sizes and the paragraph sizes to use rem units instead.

Since the browser defaults to 16px = 1rem, the simplest thing to do is to divide all px sizes by 16 to make them rem units. For example, the paragraph size of 660px becomes 660÷16 = 41.25rem. However, that doesn't handle all the corner cases.

Sizes inside diagrams, including font sizes and line widths, were already scaled to the diagram's size. And I made the diagram's size responsive to the browser size in phase two. So that means sizes inside diagrams should stay as px units.

Secondly, on some versions of Safari, @media queries work better with em sizes than with rem sizes. So I used em for those.

Third, I had picked sizes like 600px because it was a nice round number. Converting it to 34.375rem makes me wonder: does it really need to be 600px, or could it have been 35rem. This is similar to a problem with Metric vs English units. Why does Coca Cola have 12oz cans (355mL) but 2L bottles (67.6oz)? It's a "nice" number in one unit but not the other. I had previously used px so I picked sizes that were nice in that unit, but now that I'm using rem I may change the sizes slightly to be nice in that unit instead.

I first made this change on my main stylesheet that I share for all my pages, then went through hundreds of pages and made individual adjustments to them. Since my diagrams are generated in Javascript, I also had to adjust the code for some pages to work.

I tested this change by changing my browser's default font size and then browsing my pages. I think it works pretty well. If you see any layout issues, let me know!

Sunday, April 26, 2020

EasySploit: A Metasploit Automation Bash Scripts To Use Metasploit Framework Easier And Faster Than Ever


About EasySploit: EasySploit is Metasploit automation tool to use Metasploit Framework EASIER and FASTER than EVER.

EasySploit's options:
  • Windows --> test.exe (payload and listener)
  • Android --> test.apk (payload and listener)
  • Linux --> test.py (payload and listener)
  • MacOS --> test.jar (payload and listener)
  • Web --> test.php (payload and listener)
  • Scan if a target is vulnerable to ms17_010 (EnternalBlue)
  • Exploit Windows 7/2008 x64 ONLY by IP (ms17_010_eternalblue)
  • Exploit Windows Vista/XP/2000/2003 ONLY by IP (ms17_010_psexec)
  • Exploit Windows with a link (HTA Server)
  • Contact with me - My accounts

EasySploit's installation
   You must install Metasploit Framework first.
   For Arch Linux-based distros, enter this command: sudo pacman -S metasploit

   For other Linux distros, enter these command to install Metasploit Framework:    And then, enter these commands to install EasySploit:

How to use EasySploit? (EasySploit video series tutorials)

Disclaimer about EasySploit:
   Usage of EASYSPLOIT for attacking targets without prior mutual consent is ILLEGAL. Developers are not responsible for any damage caused by this script. EASYSPLOIT is intented ONLY FOR EDUCATIONAL PURPOSES!!! STAY LEGAL!!!

You might like these similar tools:

You can support KALI LINUX TRICKS from Patreon.


Related news


  1. Tecnicas De Ingenieria Social
  2. Que Significa Hat
  3. Python Desde 0 Hasta Hacking - Máster En Hacking Con Python
  4. Hacking Iphone
  5. Hacking Definicion

Deepin Or UbuntuDDE

I'm sure nowadays many Deepin users are thinking in changing to UbuntuDDE, so let's explain some differences between both Linux distros.




1. Community

At least in the main telegram channel Deepin has more than 2.000 users, but UbuntuDDE is new in beta version and have about 500 users.

    2. Boot

Despite de booting sound is the same in both distros, Deepin's animation is nicer than ubuntu's which uses a too bright background.


 



    3. Default memory and CPU usage

The CPU usage is similar, but Deepin by default is using more processes, more network connections and more drivers than UbuntuDDE.






  4.  Workspaces

UbuntuDDE allows up to 7 workspaces meanwhile Deepin right now only allows 4.
Is not only more workspaces for UbuntuDDE, it's also the more eficient way to display them.





    5.  Software Versions

Deepin is based on Debian so the program versions on store and apt are old but stable, and can have problems with the old libraries installed on the system when compiling new software.

We can see below that Ubuntu's compiler version is quite new, the 9.3.0 which is quite well, but Deepin's version is 6.3.0.





Regarding the kernels, UbuntuDDE has the 5.4.0.21 and Deepin the 4.15.0-30, the libc in both systems is updated.


    6.  The store

Deepin's store is fast and polished and contain the main software, but and the UbuntuDDE












   Conclussions

Deepin is the most used of both and it's the original one, but many users are trying the UbuntuDDE (which is beta for now) because the need of using recent versions, also the 4 workspaces on Deepin is another limitation for some Linux users. Probably Deepin v20 will overcome the limitations but the main decision is between Debian as base system or ubuntu, and for more users the trend in workstations is ubuntu.


   Gallery













Read more


Top Process Related Commands In Linux Distributions


Commands in Linux are just the keys to explore and close the Linux. As you can do things manually by simple clicking over the programs just like windows to open an applications. But if you don't have any idea about commands of Linux and definitely you also don't know about the Linux terminal. You cannot explore Linux deeply. Because terminal is the brain of the Linux and you can do everything by using Linux terminal in any Linux distribution. So, if you wanna work over the Linux distro then you should know about the commands as well. In this blog you will exactly get the content about Linux processes commands which are are given below.

ps

The "ps" command is used in Linux to display your currently active processes over the Linux based system. It will give you all the detail of the processes which are active on the system.

ps aux|grep

The "ps aux|grep" command is used in Linux distributions to find all the process id of particular process like if you wanna know about all the process ids related to telnet process then you just have to type a simple command like "ps aux|grep 'telnet'". This command will give you the details about telnet processes.

pmap

The "pmap" command in Linux operating system will display the map of processes running over the memory in Linux based system.

top

The "top" command is used in Linux operating system to display all the running processes over the system's background. It will display all the processes with process id (pid) by which you can easily kill/end the process.

Kill pid

Basically the kill command is used to kill or end the process or processes by simply giving the process id to the kill command and it will end the process or processes. Just type kill and gave the particular process id or different process ids by putting the space in between all of them. kill 456 567 5673 etc.

killall proc

The "killall proc" is the command used in Linux operating system to kill all the processes named proc in the system. Killall command just require a parameter as name which is common in some of the processes in the system.

bg

The "bg" is the command used in Linux distributions to resume suspended jobs without bringing them to foreground.

fg

The "fg" command is used in Linux operating system to brings the most recent job to foreground. The fg command also requires parameters to do some actions like "fg n" n is as a parameter to fg command that brings job n to the foreground.More articles
  1. Como Hackear
  2. Amiibo Hacking
  3. Como Aprender A Hackear
  4. What Is Growth Hacking
  5. Hacking Hardware
  6. Hacking Usb
  7. Curso Seguridad Informatica
  8. Que Hace Un Hacker

Ganglia Monitoring System LFI


Awhile back when doing a pentest I ran into an interesting web application on a server that was acting as a gateway into a juicy environment *cough*pci*cough*, the application was "Ganglia Monitoring System" http://ganglia.sourceforge.net
The scope of the test was extremely limited and it wasn't looking good....the host that was in scope had a ton of little stuff but nothing that looked like it would give me a solid foothold into the target network. After spending some time looking for obvious ways into the system I figured it would be worth looking at the Ganglia application, especially since I could find no public exploits for the app in the usual places....

First step was to build a lab up on a VM (ubuntu)
apt-get install ganglia-webfrontend

After apt was done doing its thing I went ahead and started poking around in the web front end files (/usr/share/ganglia-webfrontend). I looked to see if the application had any sort of admin functionality that I could abuse or some sort of insecure direct object reference issues. Nothing looked good. I moved on to auditing the php.

Started out with a simple grep looking for php includes that used a variable....bingo.

steponequit@steponequit-desktop:/usr/share/ganglia-webfrontend$ egrep 'include.*\$' *
class.TemplatePower.inc.php: if( isset( $this->tpl_include[ $regs[2] ]) )
class.TemplatePower.inc.php: $tpl_file = $this->tpl_include[ $regs[2] ][0];
class.TemplatePower.inc.php: $type = $this->tpl_include[ $regs[2] ][1];
class.TemplatePower.inc.php: if( isset( $this->tpl_include[ $regs[2] ]) )
class.TemplatePower.inc.php: $include_file = $this->tpl_include[ $regs[2] ][0];
class.TemplatePower.inc.php: $type = $this->tpl_include[ $regs[2] ][1];
class.TemplatePower.inc.php: $include_file = $regs[2];
class.TemplatePower.inc.php: if( !@include_once( $include_file ) )
class.TemplatePower.inc.php: $this->__errorAlert( 'TemplatePower Error: Couldn\'t include script [ '. $include_file .' ]!' );
class.TemplatePower.inc.php: $this->tpl_include["$iblockname"] = Array( $value, $type );
graph.php: include_once($graph_file);
The graph.php line jumped out at me. Looking into the file it was obvious this variable was built from user input :)
$graph = isset($_GET["g"]) ? sanitize ( $_GET["g"] ) : NULL;
....
....
....
$graph_file = "$graphdir/$graph.php";


Taking at look at the "sanitize" function I can see this shouldn't upset any file include fun

function sanitize ( $string ) {
return escapeshellcmd( clean_string( rawurldecode( $string ) ) ) ;
}

#-------------------------------------------------------------------------------
# If arg is a valid number, return it. Otherwise, return null.
function clean_number( $value )
{
return is_numeric( $value ) ? $value : null;
}
Going back to the graph.php file

$graph_file = "$graphdir/$graph.php";

if ( is_readable($graph_file) ) {
include_once($graph_file);

$graph_function = "graph_${graph}";
$graph_function($rrdtool_graph); // Pass by reference call, $rrdtool_graph modified inplace
} else {
/* Bad stuff happened. */
error_log("Tried to load graph file [$graph_file], but failed. Invalid graph, aborting.");
exit();
}

We can see here that our $graph value is inserted into the target string $graph_file with a directory on the front and a php extension on the end. The script then checks to make sure it can read the file that has been specified and finally includes it, looks good to me :).
The start of our string is defined in conf.php as "$graphdir='./graph.d'", this poses no issue as we can traverse back to the root of the file system using "../../../../../../../../". The part that does pose some annoyance is that our target file must end with ".php". So on my lab box I put a php file (phpinfo) in "/tmp" and tried including it...


Win. Not ideal, but it could work....

Going back to the real environment with this it was possible to leverage this seemingly limited vulnerability by putting a file (php shell) on the nfs server that was being used by the target server, this information was gathered from a seemingly low vuln - "public" snmp string. Once the file was placed on nfs it was only a matter of making the include call. All in a hard days work.

I have also briefly looked at the latest version of the Ganglia web front end code and it appears that this vuln still exists (graph.php)

$graph = isset($_GET["g"]) ? sanitize ( $_GET["g"] ) : "metric";
...
...
...
$php_report_file = $conf['graphdir'] . "/" . $graph . ".php";
$json_report_file = $conf['graphdir'] . "/" . $graph . ".json";
if( is_file( $php_report_file ) ) {
include_once $php_report_file;


tl;dr; wrap up - "Ganglia Monitoring System" http://ganglia.sourceforge.net contains a LFI vulnerability in the "graph.php" file. Any local php files can be included by passing its location to the "g" parameter - http://example.com/ganglia/graph.php?g=../../../../../../../tmp/shell
Related links

BEST PASSWORD MANAGERS FOR IOS

As I said, Apple's iOS is also prone to cyber attacks, so you can use some of the best password managers for iOS to secure your online accounts.

BEST PASSWORD MANAGERS FOR IOS

Here I have streamlined few of the best password managers for iOS including Keeper, OneSafe, Enpass, mSecure, LastPass, RoboForm, SplashID Safe and LoginBox Pro.

1. ONESAFE PASSWORD MANAGER (CROSS-PLATFORM)

OneSafe is one of the best Password Manager apps for iOS devices that lets you store not only your accounts' passwords but also sensitive documents, credit card details, photos, and more.
OneSafe password manager app for iOS encrypts your data behind a master password, with AES-256 encryption — the highest level available on mobile — and Touch ID. There is also an option for additional passwords for given folders.
OneSafe password manager for iOS also offers an in-app browser that supports autofill of logins, so that you don't need to enter your login details every time.
Besides this, OneSafe also provides advanced security for your accounts' passwords with features like auto-lock, intrusion detection, self-destruct mode, decoy safe and double protection.
Download OneSafe Password Manager: iOS | Mac | Android | Windows

2. SPLASHID SAFE PASSWORD MANAGER (CROSS-PLATFORM)

SplashID Safe is one of the oldest and best password management tools for iOS that allows users to securely store their login data and other sensitive information in an encrypted record.
All your information, including website logins, credit card and social security data, photos and file attachments, are protected with 256-bit encryption.
SplashID Safe Password Manager app for iOS also provides web autofill option, meaning you will not have to bother copy-pasting your passwords in login.
The free version of SplashID Safe app comes with basic record storage functionality, though you can opt for premium subscriptions that provide cross-device syncing among other premium features.
Download SplashID Safe Password Manager: Windows and Mac | iOS | Android

3. LOGIN BOX PRO PASSWORD MANAGER

LoginBox Pro is another great password manager app for iOS devices. The app provides a single tap login to any website you visit, making the password manager app as the safest and fastest way to sign in to password-protected internet sites.
LoginBox Password Manager app for iOS combines a password manager as well as a browser.
From the moment you download it, all your login actions, including entering information, tapping buttons, checking boxes, or answering security questions, automatically completes by the login box Password Manager app.
For security, the login box Password Manager app uses hardware-accelerated AES encryption and passcode to encrypt your data and save it on your device itself.
Download LoginBox Password Manager: iOS | Android

Continue reading


  1. Google Hacking Search
  2. Aprender Hacking Etico
  3. Hacking Wifi
  4. Cómo Se Escribe Hacker

Blog Archive