• Browse by Tags

Logo

Posted by Frames on 10:48 PM
No comments yet

When a company changes their logo, it's generally a group exercise in self pleasuring. It's rarely necessary. If you look at the Starbucks logo, the 1987 or 1992 logo is in color, a big transformation, but I personally wouldn't change my coffee drinking decisions based on any of their logos. As for 1971, I'm not sure what's more offensive nowadays, bare mermaid breasts or a black and white logo. And what in the hell is she holding? Are those her mermaid legs? What exactly does this imply?  Is this a coffee shop or a brothel? Sick bastards. Logos are ridiculous and nobody cares.


When I was told we needed to change our logo, my first concern was the circle jerk of pointless design and then cost. Clearly there's no financial benefit to the exercise. We've had the same logo for 15 years. Is it a good logo? It looks good. I like the colors. I like the knight. As for the design itself, I have to admit, it's a giant pain in the ass. Our original logo is terrible, practically speaking. It's an impediment to its very purpose.

The use of black means it looks great on screen with a white background, but it's problematic with other forms of media, which require a very light background. It's so difficult to use, we tend either not to use it at all, making the brand identity somewhat weak, or we reverse the colors to put it on a black background with the logo in white. We mutilate the logo to make it work. It's a problem. But is it worth fixing? Enter the business case.

When it came to staff shirts, we resorted to white embroidery on black shirts. originally I had white shirts with a full color logo, but those were loathed by everyone, and they were hard to keep clean. You may not know this but everything we sell sits in a dirty warehouse before getting to us and gets even dirtier as it sits on our shelves. Keeping a retail store clean is a major feat, as it starts dirty and only gets worse. White shirts were always getting stained and looking bad.

The black, embroidered shirts we currently use, with a boring plain white stitched logo, turned out to be incredibly expensive. Each shirt costs $70 with embroidery. They also need to be made in batches in various sizes, so we're almost always buying more than we need, in sizes we hope will be useful. Invariably, those sizes don't match our diverse staff. So over time, we've been stuck with a box of very expensive shirts in the wrong sizes. The cost of bad design turns out to be very high.




Our new shirt design features a full color patch that can be sewn onto a variety of shirts. We choose the shirt from the Work Wear store next door, grab a patch, and sew it on. No big batches of variable sized, expensive, embroidered, logo perverting shirts. Also, if I want one of my robust, tactical shirts from 5.11, I buy it in the right color and sew on the patch, something not available before. Total cost per shirt for employees will be $25 or so, with no waste.

Then there's the increased merchandising we tend to avoid with the old logo. We've already ordered new patches, pins, stickers, and more. We'll have hats and t-shirts eventually. These were difficult to design with the old logo requirements and they sold poorly.

Now let's get onto the minor controversy of our design choices. We spent about a month defining the needs of the new logo with half a dozen designers. We identified core requirements. It should maintain the design elements of the old logo: the knight, the horse, the lance, the direction it's all headed (very symbolic) and of course, a diamond. The logo needed to remain fairly simple. The name needed an updated font that was compact with the design. The previous font used long, horizontal text and has been nothing but trouble for 15 years. The color black is problematic. It goes with nothing but white. Those who use black in their logos hamstring themselves design wise, so we omitted that. In fact, I would probably pick a different store name without a color in the title if I were to do it over. I have few regrets, but "black" is one. Let's take a look at the new design:




I think it pops. Rather than black, we have a dark blue, which works much better and represents one of our colors. It's a darker blue than our original logo (which some say was purple, a color I love). The diamond color, away from black, represents a shift in store colors that came about with our big construction project, three years ago.



This orangish yellow is called Curry in Sherwin Williams colors, which is the color we painted our staircase. It's a color that matches our birch fixtures. It provides a pleasing blue and gold ambience, the colors of the local university, UC Berkeley. 



This shift in store colors came in a moment of crisis. The Curry color came from a decision I made with the architects when it was clear our paint color choices weren't working in practice. I was distracting myself at the time with another project, a used Jeep I was about to buy in Utah, because Utah was the closest location of a Jeep in this exact color I was smitten with. I had to have not only the features I was looking for, but it had to be in that color. It was clearly on my mind. Originally the Curry color was white, but when we painted it on on the staircase, it looked terrible.



So the color of the staircase and thus the logo got their color from a Jeep. The Jeep is in a Chrysler color called Amp'd. And thus our staircase became Amp'd, and our logo became Amp'd. And for the foreseeable future, we shall be Amp'd. Most people like the new logo, once they've accepted (or more often overlooked) the diamond isn't black. It's a tough ask, but if people can accept the Starbucks mermaid isn't holding up her legs suggestively any longer, I think this can be overlooked. Personally I love the direction of the logo. I especially love I won't be paying $70 each for a box of useless shirts. 




Continue reading...

The EverDrive N8 Pro - Second Time Perfection? A Review

Posted by Frames on 10:08 PM
No comments yet

Your Choices (courtesy of krikzz)
Krikzz has been a premier maker of flash cartridges for various systems for a decade.  Beginning with the Sega Genesis, he has made flash cartridges for just about every cartridge-based system from the Nintendo Entertainment System to the Game Boy Advance.  For many systems, his flash carts are the only flash carts of any quality available.  In 2013 he released his NES and Famicom flash cartridges, the EverDrive N8, in 72 and 60 pin editions to widespread acclaim and adoption.  Six years later, he brings an updated flash cartridge, the EverDrive N8 Pro.  In this review, I will look into the new flash cart's features, review some of the issues from the previous model and deliver a verdict on whether the cartridge is worth an upgrade for existing users and whether new users should choose it over the original N8.

Read more »
You say "obsessed" as if it is a bad thing.

Continue reading...

28Mm WW1 Mesopotamia Cavalry - British Unit Done

Posted by Frames on 6:10 PM
No comments yet



I've been detailing my search for suitable figures for my WW1 Mesopotamia collection and Cavalry have proved to be a particular challenge. Well there has actually been some progress and I've (shock) finished a unit !


These figures are Great War Miniatures with head swaps from Gripping Beast. The head swaps were done by my gaming chum Harry (cheers !) as my modelling skills are not the best. I have left some figures with the general service cap just to mix the look up a bit.


The unit is 24 figures strong which will operate as 4 squadrons of 6 figures each.


The unit is painted up to represent the Cheshire Yeomanry who fought in the later 1917 Palestine Campaign. The flags are hand painted copies of the mid war Yeomanry Standard, I have no evidence of these being carried in action but it adds something visually to the unit.


In the days when most people do Cavalry units in 12s, it's easy to forget how big 28mm Cavalry units are in line.


Currently on the paint table are some Arab Spearmen for the Crusades, next up will be my Kingdom of Jerusalem Knights before I go back to another WW1 unit.

Continue reading...

Square Tiling Of A Sphere, Part 1/3

Posted by Frames on 5:03 PM
No comments yet

I almost always work on 2D game maps, but occasionally I get intrigued by planetary maps. I'd like to make a planet that uses a grid. The topology of a sphere requires a few things:

  1. Moving east or west you eventually wrap around the world → easy
  2. Moving north/south you eventually reach a pole, and then all directions are south/north → medium
  3. Wrapping around the world east/west is shorter near the poles than near the equator → hard

wraparound.jpg

Some grid games like Civilization will let you wrap east/west but not north/south. That acts like a cylinder, not a sphere. And some grid games will let you wrap north/south just like you wrap east/west. That acts like a torus, not a sphere. A tile grid game that acts like a sphere is hard!

A few years ago I played with hexagons covering a sphere. The main idea was that although there are some pentagons scattered around, we can hide them by making the map generator produce impassable terrain (deep oceans, inaccessible mountains, lava, etc.) in those areas, so you can never get close to the pentagons. Also, we have to divide the planet into regions that get shuffled around as you move around. While I was working on that I found some other things I wanted to try, but I didn't try them right away. Why?

I have three kinds of projects:

  1. My "main" projects (hexagonal grids, pathfinding, etc.) are about making high quality explanations. I'll spend a lot of time on these. I usually understand the topic reasonably well.
  2. My "gamejam" projects like this one are about exploring new things. I'll spend a limited amount of time (hour, day, or week) on these. I usually don't understand the topic that well.
  3. My "art" projects are about making something that looks cool.

Since I limit my time on each of the "gamejam" style projects (marked with an /x/ in the URL), once I run out of time, I'll stop, and make a list of things I want to explore later. For the hexagons-on-a-sphere project, I wanted to try squares-on-a-sphere, but didn't have time. I decided to explore that topic last week. I started with HEALPix, a layout used by NASA for placing quadrilaterals on a sphere, but I concluded that it's overkill for my needs. NASA also has the COBE quadrilateralized cube, and there are several other layouts to try. But I'm out of time, so those will be in a future "gamejam" style project. As often happens, I realize towards the end that I should've read more papers first, but sometimes I don't know what to look for until after I've tried implementing something.


Read about covering a sphere in square tiles

Continue reading...

(22MB) Download Subway Surfers For Free

Posted by Frames on 12:02 AM
No comments yet

(22MB) Download Subway Surfers for Free


SCREENSHOT




System Requirements Of Subway Surfers Download For Free

  • Tested on Window 7 64 Bit
  • Operating System: Window XP/ Vista/ Window 7/ Window 8 and 8.1/10
  • CPU: 2.0 GHz Intel Pentium 4 or later
  • RAM: 512 MB
  • Setup size: 22 MB
  • Hard Disk Space: 200 MB









Continue reading...

Difference Between Hacker, Programmer, And Developer

Posted by Frames on 12:28 AM
No comments yet

                There are numerous sprite debates and discussions on the differences between hackers, developers, and programmers. With most descriptions, however, there is usually a slight flaw in at least one or two serious ways. These terms are all traditionally misused and misunderstood, with many of us frequently mixing them up as an all-encompassing definition of anyone working on the Software realm.


However, if you are looking to clarify your project goals and business needs adequately, it is essential that you understand that all these terms do not all represent the same thing (although a person with the ability to program a computer can use different skills to accomplish various outcomes).

What's more, it is also quite important for you to differentiate between these three terms if you are working with software development groups and the fact that they cannot be interchanged.  This excerpt seeks to break it all down for you mainly-the vital difference between hackers, developers, and programmers, their actual tasks, as well as their relationship.

The Hacker

A hacker is a computer expert who uses his knowledge of computer networking, programming, cryptography, and databases to overcome a problem in the system. Hackers are more concerned with availing the concept as opposed to minding about the long-term quality. And although a hacker can conceptualize about how will ultimately be created while frantically writing code, the role is primarily about speed.

A hacker, as well as hacking,' are most useful in dealing with emergency circumstances or when prototyping an item. Hackers and the profession of hacking, in general, is not concerned with the ultimate effect of the code.

Hackers make things. They typically alter the things programmers create and transform them to function differently as well as also writing codes. While "hacker" can refer to any skilled technical person, the term has become associated with computer security, someone who, with their technical knowledge, uses bugs or exploits to break into computer systems.

The Programmer

programmer is an individual equipped with the expertise to write codes. Programmers usually master in a single or multiple programming languages and boast vast knowledge on related areas also. Their roles are relatively procedural and mandate for total concentration not to mention refined skills.

A programmer is solely focused both in writing codes as well as getting features appropriately performed so that these features are accessible for integration and later use. Programming is merely the process of swinging the hammer and adequately creating the software.

Usually, it is easy to identify that an individual is in programming mode since they often have a concentrated gaze and are deep in the zone.' Programmers are normally internalizing the system they are operating as well as editing and writing pieces of something that can only best be described as a long algebra problem.'

The Developer

Developers are typically creators. However, not anyone that is an expert at writing codes can be a developer. Developers are experts at identifying ways around various problems as well as plugging together components to fulfill some requirements. These professionals solve problems or create things by adhering to a specific set of principles (design and implementation).

This set of principles includes attributes such as maintainability, performance, robustness, security, and scale among others. They solve problems in a systematic manner. Ideally, this is what distinguishes programmers, developers, and hackers.

In A Nutshell:

In all simplicity, these three professionals solve various problems using code. A programmer is an encompassing term that means a problem solver, a developer is a trained programmer (formal) who besides resolving issues achieves it in an organized and methodical manner likely instilled in the course of their formal education, and a hacker is a tinkerer/creator.

Despite their differences in individual meaning and professional capacities, these terms, however, can interrelate with each other quite effectively. In fact, it is possible for you to combine the skills to your benefit. In reality, all developers and hackers are programmers. However, despite their expertise, not many developers and programmers are creative enough to warrant an identity as hackers.

Finally, although hackers and programmers are quite impressive, they are however not experienced or educated enough to warrant consideration as developers. The similarity, however, is that all work to create code, each in their specified manner.

Ideally, anyone would work to be all the above-as creative as a hacker, though, somewhat better experienced and formally trained to design software as opposed to only hacking.

Nonetheless, even if you lack the creativity, experience, or education, or either to necessarily create a broad application, it is still worth noting that you are still ideally a programmer. And in case you did not know, solving a problem through code is by itself, a superpower!


@£√£RYTHING NT

More info


Continue reading...

Ufonet - Dos And Ddos Attack Tool | How To Install Bot

Posted by Frames on 4:00 PM
No comments yet

More articles

  1. Hacker Tools Windows
  2. Pentest Tools Tcp Port Scanner
  3. Hack And Tools
  4. Tools Used For Hacking
  5. Hacking Tools Hardware
  6. Pentest Tools Github
  7. Hacker Tools For Ios
  8. Hack And Tools
  9. Hack Website Online Tool
  10. What Are Hacking Tools
  11. Hacking Tools Mac
  12. Hack Tools For Windows
  13. Pentest Tools Download
  14. Hack Tools
  15. Hacking Apps
  16. Hacking Tools Kit
  17. World No 1 Hacker Software
  18. Hacker Tools Linux
  19. Pentest Tools Android
  20. Hacking Tools For Kali Linux
  21. Hack Tools For Games
  22. What Is Hacking Tools
  23. Hacking Tools Online
  24. Hacker Tools Hardware
  25. Hacking Tools
  26. Hacking Tools Free Download
  27. Hackrf Tools
  28. Ethical Hacker Tools
  29. Hackrf Tools
  30. Pentest Tools Download
  31. Pentest Tools Github
  32. Hacking Tools
  33. Hacking App
  34. Hacker Tools 2020
  35. Pentest Tools Find Subdomains
  36. Hacking Tools Usb
  37. Pentest Tools Review
  38. Pentest Tools For Android
  39. Hacks And Tools
  40. Hacking Tools For Beginners
  41. Pentest Tools Linux
  42. Hacker Tools Software
  43. Black Hat Hacker Tools
  44. Physical Pentest Tools
  45. Pentest Tools For Mac
  46. Hack Tools Online
  47. Android Hack Tools Github
  48. Hacking Tools For Windows Free Download
  49. Best Hacking Tools 2019
  50. Hacker Hardware Tools
  51. Growth Hacker Tools
  52. Hacker Tools Github
  53. Hacking Tools 2019
  54. Tools For Hacker
  55. How To Install Pentest Tools In Ubuntu
  56. Hacker Tools List
  57. Hackers Toolbox
  58. Hacking Tools Pc
  59. Pentest Box Tools Download
  60. Pentest Tools For Android
  61. Bluetooth Hacking Tools Kali
  62. New Hack Tools
  63. Hacking Tools Download
  64. Hacks And Tools
  65. Hacking Tools Windows 10
  66. Pentest Tools For Windows
  67. Hacker Tools Apk Download
  68. Nsa Hack Tools
  69. Pentest Tools Nmap
  70. Hacking App
  71. Hacking Tools Github
  72. Game Hacking
  73. Pentest Tools Apk
  74. Hacking Tools For Kali Linux
  75. Top Pentest Tools
  76. Hack Tools For Ubuntu
  77. Hacker Tools Linux
  78. Pentest Tools Framework
  79. Hack Tools Github
  80. Hacker Tools 2019
  81. Hacks And Tools
  82. Hack App
  83. Usb Pentest Tools
  84. Hacker Tools For Mac
  85. Hacker Tools Github
  86. Best Hacking Tools 2020
  87. What Are Hacking Tools
  88. Blackhat Hacker Tools
  89. Pentest Box Tools Download
  90. Pentest Automation Tools
  91. Ethical Hacker Tools
  92. Hack Tools For Pc
  93. Hacker Tools Linux
  94. Pentest Tools Url Fuzzer
  95. Hak5 Tools
  96. Hacking Apps
  97. Hack Tool Apk
  98. Pentest Tools Online
  99. Hack Tools Pc
  100. Hacking Tools For Pc
  101. Hack Tools For Games
  102. Pentest Tools Url Fuzzer
  103. Pentest Tools For Android
  104. Pentest Tools Online
  105. Growth Hacker Tools
  106. Hacker Techniques Tools And Incident Handling
  107. Hack App
  108. Hacking Tools For Mac
  109. Hacker Security Tools
  110. Hack Tools For Mac
  111. How To Install Pentest Tools In Ubuntu

Continue reading...

Learning Web Pentesting With DVWA Part 6: File Inclusion

Posted by Frames on 7:32 AM
No comments yet

In this article we are going to go through File Inclusion Vulnerability. Wikipedia defines File Inclusion Vulnerability as: "A file inclusion vulnerability is a type of web vulnerability that is most commonly found to affect web applications that rely on a scripting run time. This issue is caused when an application builds a path to executable code using an attacker-controlled variable in a way that allows the attacker to control which file is executed at run time. A file include vulnerability is distinct from a generic directory traversal attack, in that directory traversal is a way of gaining unauthorized file system access, and a file inclusion vulnerability subverts how an application loads code for execution. Successful exploitation of a file inclusion vulnerability will result in remote code execution on the web server that runs the affected web application."
There are two types of File Inclusion Vulnerabilities, LFI (Local File Inclusion) and RFI (Remote File Inclusion). Offensive Security's Metasploit Unleashed guide describes LFI and RFI as:
"LFI vulnerabilities allow an attacker to read (and sometimes execute) files on the victim machine. This can be very dangerous because if the web server is misconfigured and running with high privileges, the attacker may gain access to sensitive information. If the attacker is able to place code on the web server through other means, then they may be able to execute arbitrary commands.
RFI vulnerabilities are easier to exploit but less common. Instead of accessing a file on the local machine, the attacker is able to execute code hosted on their own machine."
In simpler terms LFI allows us to use the web application's execution engine (say php) to execute local files on the web server and RFI allows us to execute remote files, within the context of the target web server, which can be hosted anywhere remotely (given they can be accessed from the network on which web server is running).
To follow along, click on the File Inclusion navigation link of DVWA, you should see a page like this:
Lets start by doing an LFI attack on the web application.
Looking at the URL of the web application we can see a parameter named page which is used to load different php pages on the website.
http://localhost:9000/vulnerabilities/fi/?page=include.php
Since it is loading different pages we can guess that it is loading local pages from the server and executing them. Lets try to get the famous /etc/passwd file found on every linux, to do that we have to find a way to access it via our LFI. We will start with this:
../etc/passwd
entering the above payload in the page parameter of the URL:
http://localhost:9000/vulnerabilities/fi/?page=../etc/passwd
we get nothing back which means the page does not exist. Lets try to understand what we are trying to accomplish. We are asking for a file named passwd in a directory named etc which is one directory up from our current working directory. The etc directory lies at the root (/) of a linux file system. We tried to guess that we are in a directory (say www) which also lies at the root of the file system, that's why we tried to go up by one directory and then move to the etc directory which contains the passwd file. Our next guess will be that maybe we are two directories deeper, so we modify our payload to be like this:
../../etc/passwd
we get nothing back. We continue to modify our payload thinking we are one more directory deeper.
../../../etc/passwd
no luck again, lets try one more:
../../../../etc/passwd
nop nothing, we keep on going one directory deeper until we get seven directories deep and our payload becomes:
../../../../../../../etc/passwd
which returns the contents of passwd file as seen below:
This just means that we are currently working in a directory which is seven levels deep inside the root (/) directory. It also proves that our LFI is a success. We can also use php filters to get more and more information from the server. For example if we want to get the source code of the web server we can use php wrapper filter for that like this:
php://filter/convert.base64-encode/resource=index.php
We will get a base64 encoded string. Lets copy that base64 encoded string in a file and save it as index.php.b64 (name can be anything) and then decode it like this:
cat index.php.b64 | base64 -d > index.php
We will now be able to read the web application's source code. But you maybe thinking why didn't we simply try to get index.php file without using php filter. The reason is because if we try to get a php file with LFI, the php file will be executed by the php interpreter rather than displayed as a text file. As a workaround we first encode it as base64 which the interpreter won't interpret since it is not php and thus will display the text. Next we will try to get a shell. Before php version 5.2, allow_url_include setting was enabled by default however after version 5.2 it was disabled by default. Since the version of php on which our dvwa app is running on is 5.2+ we cannot use the older methods like input wrapper or RFI to get shell on dvwa unless we change the default settings (which I won't). We will use the file upload functionality to get shell. We will upload a reverse shell using the file upload functionality and then access that uploaded reverse shell via LFI.
Lets upload our reverse shell via File Upload functionality and then set up our netcat listener to listen for a connection coming from the server.
nc -lvnp 9999
Then using our LFI we will execute the uploaded reverse shell by accessing it using this url:
http://localhost:9000/vulnerabilities/fi/?page=../../hackable/uploads/revshell.php
Voila! We have a shell.
To learn more about File Upload Vulnerability and the reverse shell we have used here read Learning Web Pentesting With DVWA Part 5: Using File Upload to Get Shell. Attackers usually chain multiple vulnerabilities to get as much access as they can. This is a simple example of how multiple vulnerabilities (Unrestricted File Upload + LFI) can be used to scale up attacks. If you are interested in learning more about php wrappers then LFI CheetSheet is a good read and if you want to perform these attacks on the dvwa, then you'll have to enable allow_url_include setting by logging in to the dvwa server. That's it for today have fun.
Leave your questions and queries in the comments below.

References:

  1. FILE INCLUSION VULNERABILITIES: https://www.offensive-security.com/metasploit-unleashed/file-inclusion-vulnerabilities/
  2. php://: https://www.php.net/manual/en/wrappers.php.php
  3. LFI Cheat Sheet: https://highon.coffee/blog/lfi-cheat-sheet/
  4. File inclusion vulnerability: https://en.wikipedia.org/wiki/File_inclusion_vulnerability
  5. PHP 5.2.0 Release Announcement: https://www.php.net/releases/5_2_0.php


Related posts
  1. Pentest Tools Github
  2. Hack And Tools
  3. Best Pentesting Tools 2018
  4. Hacking Tools Windows
  5. Hackrf Tools
  6. Nsa Hacker Tools
  7. Hacking Tools For Mac
  8. Hacker Tools Windows
  9. Hacking Tools For Windows
  10. Pentest Tools For Android
  11. Hacker Tools Linux
  12. Hacking Tools For Games
  13. Hacker Tools For Mac
  14. Hack Tools For Ubuntu
  15. Hacking App
  16. Pentest Tools Website Vulnerability
  17. Nsa Hack Tools Download
  18. Pentest Tools Download
  19. Tools Used For Hacking
  20. Pentest Tools For Windows
  21. Hack Tool Apk
  22. Hacker Tools Windows
  23. Hacker Tools Online
  24. Tools For Hacker
  25. Hack Tools For Mac
  26. Hacker Tools For Pc
  27. Pentest Tools Online
  28. Hacker Tools For Ios
  29. Hacker Search Tools
  30. Hacking Tools Free Download
  31. Nsa Hack Tools Download
  32. Hacking Tools Online
  33. Hack And Tools
  34. Hacking Tools Software
  35. Android Hack Tools Github
  36. Hacking Tools Pc
  37. Pentest Tools For Android
  38. Hacking Tools Download
  39. Hacking Tools For Kali Linux
  40. Termux Hacking Tools 2019
  41. Hacker Tools Online
  42. Hacking Tools Online
  43. Tools For Hacker
  44. Pentest Recon Tools
  45. Hacking Tools
  46. Pentest Reporting Tools
  47. Hacking App
  48. Computer Hacker
  49. Physical Pentest Tools
  50. How To Install Pentest Tools In Ubuntu
  51. Hack Tool Apk No Root
  52. New Hack Tools
  53. Hacker Security Tools
  54. Pentest Tools Alternative
  55. Hacker
  56. Hack Tools For Mac
  57. Pentest Tools Android
  58. Hacking Tools For Windows Free Download
  59. Best Pentesting Tools 2018

Continue reading...