Jump to content
Sign in to follow this  
  • entries
    5
  • comments
    2
  • views
    8,264

Entries in this blog

 

Let's talk about Media 101.

I'm currently visiting Italy, to be more specific Rome. Rome is quite an amazing city with loads of things to see, however I took this opportunity to mess a bit around with my Phone (One plus 3t) and take a few pictures and go in to details regarding the scenes and how you can create better cinematics & pictures. So let's start off with some basic knowledge regarding Pictures.   In Denmark (The country which is better than Sweden, just ask @PirateCaptain) we got a few words for the different kinds of Focal length (Works a bit like FOV/Field Of View for the Dank Gamurs out there) (Link for the Danish Wikipedia) We got: "Super Total" This image section gives a panoramic view of Copenhagen's skyline from the top of "Rundetårnet" (Danish building). It is also an established shot (e-shot) of Copenhagen, as the image both starts a new scene (or sequence) and marks the geography of the place. "Total" This crop's function is to show the girl in full shape and to visualize the whole environment around her. A total image can also be used as an initial creation shot. "Half Total" Now it's focused on the girls hips. This crop, also called a medium shot, is suitable for the start of a dialog scene.  "Half Close" Only the head and upper body of the girl can be seen in this cropping, which is suitable for situations where a person is to be interviewed, or for dramatic sequences happening to a person "Close" The "close" also called close-up, shows the girl's face and is the optional cut that expresses a person's facial expressions and emotions the best. This is also optimal for making the views notice a specific action or event. This could be a Character hiding a gun, bottle falling over, motion in water or something else. "Ultra Close" Here, only the eyes of the girl are in focus. This detailed image crop is also called an extremely close-up and used to highlight a particular detail of a person or object. Now I will be working with these terms throughout this post. Here is a few pictures I took when out in Rome today: Make sure to read it all through. So I talked a tiny bit about colors, and there is an entire science scene behind it, however I will not spend 400 hours going in to details regarding the history of colors and such. A quick quick video explaining this can be found here: TO BE CONTINUED BY ME WHEN I'M NOT SO FUCKING LAZY!

Hastabrand

Hastabrand

 

80s stuff

that's it bois, we are going full 80's. Case any other members want to add any creations, I'll post some pretty cool stuff here in the 80s theme: 80's Computers for SFM http://steamcommunity.com/sharedfiles/filedetails/?id=943877474 80's premium text I paid for https://mega.nz/#!IeBywapQ!ck16EJ3PkEMo27H6Eb1tk7Lt8IYDBPDU7gIue9qslcc 80's VCR font http://www.dafont.com/vcr-osd-mono.font Saber (Free after effects plugin) https://www.videocopilot.net/blog/2016/03/new-plug-in-saber-now-available-100-free/ Use Magic bullet looks for CC (color correction) Music Pretty cool Semi retro metal space stuff https://www.youtube.com/user/celldweller Really nice loops! I tend to dislike using others work but this is amazing https://www.youtube.com/channel/UC3Y4vKAzTCqSdOt0ZeYWvTg More to come Then of course do your own research. Watch 80s stuff, find other peoples creations and reverse engineer them and so on.

Hastabrand

Hastabrand

 

My account (And the fucking blog option) was (and is) broken.

So my account was broken What now? well the first step is of course to understand what went wrong. Looking at the error message at the bottom of my screen: [[Template core/front/global/footer is throwing an error. This theme may be out of date. Run the support tool in the AdminCP to restore the default theme.]] So this looks bad, but nothing too bad right? Surely I could just manually change the theme, considering that's what the error message is mentioning, right? looks like luck isn't on my side, and I can't exactly just go "Change the theme'", which is usually located at the bottom of the page. Damn. I could surely just write a message to @PirateCaptain and get this fixed right? Buut then again on second though: Maybe not.   So this means taking matters in to my own hands! First step is of course to Logout, then log back in. Considering how websites store data, it's worth figuring out weather or not data, such as themes, is stored locally or in the cookies. The cookies does not look like the contain any theme related data or data outside of regular security/authentication data, and flushing the browser cache did nothing either, leaving only one option!
Reversing the network protocols! Now I spent a good amount of time writing bots and scripting network requests. Primarily for CTF related matters, but also at times for personal reasons. Forums tend to be a tad bit annoying to script however, due to their security related matters.  For example every request has a time stamp in the header request, different session cookies, sometimes JavaScript challenges as well, making it tedious and annoying to script, but definitely not impossible! Now considering I couldn't change the theme on my own account, I decided to make a new temporary account (thanks to @SomeUsernameLol) But giving myself a break, I decided to simply just use the developer tools in firefox to capture the network of the "change theme" under my temporary account: Looking at the network request made when changing theme, 3 things are apparent. 1. It's a POST network request 2. it contains the cookies (like every request does, but noteworthy anyway) and 3. it has a csrfKey! However looking from the earlier screenshot with the cookies, there is no direct value containing the csrfKey, and neither is itapparent in the source code. Bummer.   Now finding the csrfKey is the next difficult thing to do. Since my account was broken, the majority of it's functionality was down as well. This meant no posting in threads, no settings, no voting, changing anything and so on. Basically all functionality was down, except for one! the MONEY one !! Turns out, one of the only things working in my account was the store page (coincidence? I think not). But looking aside from this suspicious coincidence, this meant that there must be binding information in those requests (due to the nature of purchasing things that has to go to your account). Next thing to do was getting the CSRF!   Now that we have everything we need, we can just copy the cookies and the csrfkey over to the previous request from the temporary account and be done, right?   as it turns out, you can't.   So due to the nature of the security implemented in most forums, tokens are either bound to a timestamp, and or are single time use. This means, that you can't just copy the cookies and call it a day, which means that we have to get a fresh set of network requests (ideally containing the CSRF token, just to make sure all the cookies are there). To do so, we fire up burp suite and go back to the store page, and capture the request. What makes BurpSuite different from regular network requests, is that BurpSuite allows us to make a Man in the Middle attack, meaning we can fabricate a legit networking request, change out a few things and bam, it's done! Now to do so, we configure firefox to use 127.0.0.1:8080 as proxy, and capture the packge.   Looking at the HTTP history, I marked out the POST request to change the theme with red, and send it to the intruder.   Now, we send the request again, and under intercept, we copy the data from intercept over to the repeater tab, replacing the identifying information!   Now all there was left was simply to press go, and voila! Theme now got changed in the broken account, and I regained access to shitpost, using the prettiest theme of them all!

Hastabrand

Hastabrand

Sign in to follow this  
×