I'm currently visiting Italy, to be more specific Rome.
Rome is quite an amazing city with loads of things to see, however I took this opportunity to mess a bit around with my Phone (One plus 3t) and take a few pictures and go in to details regarding the scenes and how you can create better cinematics & pictures.
So let's start off with some basic knowledge regarding Pictures.
In Denmark (The country which is better than Sweden, just ask @PirateCaptain) we got a few words for the different kinds of Focal length (Works a bit like FOV/Field Of View for the Dank Gamurs out there)
(Link for the Danish Wikipedia)
This image section gives a panoramic view of Copenhagen's skyline from the top of "Rundetårnet" (Danish building). It is also an established shot (e-shot) of Copenhagen, as the image both starts a new scene (or sequence) and marks the geography of the place.
This crop's function is to show the girl in full shape and to visualize the whole environment around her. A total image can also be used as an initial creation shot.
Now it's focused on the girls hips. This crop, also called a medium shot, is suitable for the start of a dialog scene.
Only the head and upper body of the girl can be seen in this cropping, which is suitable for situations where a person is to be interviewed, or for dramatic sequences happening to a person
The "close" also called close-up, shows the girl's face and is the optional cut that expresses a person's facial expressions and emotions the best. This is also optimal for making the views notice a specific action or event. This could be a Character hiding a gun, bottle falling over, motion in water or something else.
Here, only the eyes of the girl are in focus. This detailed image crop is also called an extremely close-up and used to highlight a particular detail of a person or object.
Now I will be working with these terms throughout this post.
Here is a few pictures I took when out in Rome today:
Make sure to read it all through.
So I talked a tiny bit about colors, and there is an entire science scene behind it, however I will not spend 400 hours going in to details regarding the history of colors and such.
A quick quick video explaining this can be found here:
TO BE CONTINUED BY ME WHEN I'M NOT SO FUCKING LAZY!
that's it bois, we are going full 80's.
Case any other members want to add any creations, I'll post some pretty cool stuff here in the 80s theme:
80's Computers for SFM
80's premium text I paid for
80's VCR font
Saber (Free after effects plugin)
Use Magic bullet looks for CC (color correction)
Pretty cool Semi retro metal space stuff
Really nice loops! I tend to dislike using others work but this is amazing
More to come
Then of course do your own research. Watch 80s stuff, find other peoples creations and reverse engineer them and so on.
So my account was broken
well the first step is of course to understand what went wrong. Looking at the error message at the bottom of my screen:
[[Template core/front/global/footer is throwing an error. This theme may be out of date. Run the support tool in the AdminCP to restore the default theme.]]
So this looks bad, but nothing too bad right? Surely I could just manually change the theme, considering that's what the error message is mentioning, right?
looks like luck isn't on my side, and I can't exactly just go "Change the theme'", which is usually located at the bottom of the page. Damn.
I could surely just write a message to @PirateCaptain and get this fixed right? Buut then again on second though:
So this means taking matters in to my own hands!
First step is of course to Logout, then log back in. Considering how websites store data, it's worth figuring out weather or not data, such as themes, is stored locally or in the cookies.
The cookies does not look like the contain any theme related data or data outside of regular security/authentication data, and flushing the browser cache did nothing either, leaving only one option!
Reversing the network protocols!
Now considering I couldn't change the theme on my own account, I decided to make a new temporary account (thanks to @SomeUsernameLol)
But giving myself a break, I decided to simply just use the developer tools in firefox to capture the network of the "change theme" under my temporary account:
Looking at the network request made when changing theme, 3 things are apparent.
1. It's a POST network request
2. it contains the cookies (like every request does, but noteworthy anyway)
and 3. it has a csrfKey!
However looking from the earlier screenshot with the cookies, there is no direct value containing the csrfKey, and neither is itapparent in the source code. Bummer.
Now finding the csrfKey is the next difficult thing to do. Since my account was broken, the majority of it's functionality was down as well. This meant no posting in threads, no settings, no voting, changing anything and so on. Basically all functionality was down, except for one! the MONEY one !!
Turns out, one of the only things working in my account was the store page (coincidence? I think not).
But looking aside from this suspicious coincidence, this meant that there must be binding information in those requests (due to the nature of purchasing things that has to go to your account).
Next thing to do was getting the CSRF!
Now that we have everything we need, we can just copy the cookies and the csrfkey over to the previous request from the temporary account and be done, right?
as it turns out, you can't.
So due to the nature of the security implemented in most forums, tokens are either bound to a timestamp, and or are single time use. This means, that you can't just copy the cookies and call it a day, which means that we have to get a fresh set of network requests (ideally containing the CSRF token, just to make sure all the cookies are there).
To do so, we fire up burp suite and go back to the store page, and capture the request.
What makes BurpSuite different from regular network requests, is that BurpSuite allows us to make a Man in the Middle attack, meaning we can fabricate a legit networking request, change out a few things and bam, it's done!
Now to do so, we configure firefox to use 127.0.0.1:8080 as proxy, and capture the packge.
Looking at the HTTP history, I marked out the POST request to change the theme with red, and send it to the intruder.
Now, we send the request again, and under intercept, we copy the data from intercept over to the repeater tab, replacing the identifying information!
Now all there was left was simply to press go, and voila! Theme now got changed in the broken account, and I regained access to shitpost, using the prettiest theme of them all!