Saturday, April 29, 2017
Xerum 525 and Red Mercury
welcome back to war! "The compound represented "mercury antimony salt of the formula Hg2Sb2O7" and it was first produced in the USSR close to <"Research Institute In the field of physics and high energy ">in Dubna in 1968...Due to the presence of [Xerum-525] Bell SS was more than plasma machine with high voltage using the opposite rotation of the cylinders ...represents a reactor intended for release nuclear power caused by the rotation of very high speed plus constant ripple DC high voltage..Fuel Bell is particularly isotopes such as hafnium and tantalum which are izomeres. Most isomers have a very short half-life but tantalum with 180 atomic mass units is extremely long!10 quadrillion years! For tantalum is believed to be linked to exploding stars and with supernovae.Hafnium is 178 atomic mass units another isomer short half-life of 31 years but hyperexcitability. It gives quarter kiloton energy than a kilogram in the form of gamma rays. Research by DARPA as possible explosive.
What has?
-isomers release energy with a change in his spin.
-nuclear magnetic resonance and gravity are the the scientific sphere professor Walter Gerlach project manager of Bell.
-Bell has worked with heavy radioactive substance Xerum-525 pretty salty with isotopes radioactive compound partially based on mercury.
-Red mercury is explosive which exploded hydrogen bombs without the need for a nuclear bomb.
-Xerum-525 is enshrined in both cylinders Bell which rotates at tremendous speed.
-nowadays out materials on the Internet about US magnetic UFO TR-3B with the same propulsion system..
http://www.alienhub.com/threads/xerum-525-fuel-ufo.72766/
What has?
-isomers release energy with a change in his spin.
-nuclear magnetic resonance and gravity are the the scientific sphere professor Walter Gerlach project manager of Bell.
-Bell has worked with heavy radioactive substance Xerum-525 pretty salty with isotopes radioactive compound partially based on mercury.
-Red mercury is explosive which exploded hydrogen bombs without the need for a nuclear bomb.
-Xerum-525 is enshrined in both cylinders Bell which rotates at tremendous speed.
-nowadays out materials on the Internet about US magnetic UFO TR-3B with the same propulsion system..
http://www.alienhub.com/threads/xerum-525-fuel-ufo.72766/
Niobium, Hafnium, Tantalum, & Vanadium Alloys
WHAT ABOUT RDX WITH THESE AND ACETYLENE GAS?
Cracking safes with thermal imaging
(as a more viable alternative to mind reading)
Copyright (C) 2005 by Michal Zalewski (lcamtuf@coredump.cx)
The attacker can perform the aforementioned attack by deploying an uncooled microbolometer thermal imaging (far infrared) camera within up to approximately five to ten minutes after valid keycode entry. Although this may sound outlandish, the heat transferred during split-second contact of individual keys with human body (even through, for example, gloves) is significant enough and dissipates slowly enough to make this possible after the area has been cleared of all personnel.
(as a more viable alternative to mind reading)
Copyright (C) 2005 by Michal Zalewski (lcamtuf@coredump.cx)
This inexplicably brief "research" paper presents an interesting physical world attack that may be easily deployed by a determined attacker to compromise many high-security access control systems in use today. Although this paper's findings are hardly groundbreaking (and in some ways, are downright obvious), it includes some cool pictures of what should be most certainly taken into account in risk management, secure zone planning, and when drafting operating procedures for high-risk areas. But most of all, I just wanted to share ;-)
In short, virtually all keypad entry systems - as used in various applications, including building access control, alarm system control, electronic lock safes, ATM input, etc - are susceptible to a trivial low-profile passphrase snooping scheme. This attack enables the attacker to quickly and unobtrusively recover previously entered passphrases with a high degree of success. This is in contrast to previously documented methods of keypad snooping; these methods were in general either highly intrusive - required close presence or installation of specialized hardware - or difficult to carry out and not very reliable (e.g., examining deposited fingerprints - works in low-use situations only, and does not reveal the ordering of digits).
Furthermore, since the image can be acquired from a considerable distance (1-10 meters is easy to achieve), the attacker can afford to maintain a remarkably low profile through the process.
To put things in perspective, portable (handheld) thermal imaging devices, such as the one pictured above, are commercially available without major restrictions from manufacturers such as Flir or Fluke. Prices begin at $5,000 to $10,000 for brand new units, and top-of-the-line models boast a 0.05 K thermal resolution at impressively low sensor noise levels. The "return on investment" can be quite high in most illicit uses, and indeed - historically, ATM phishers were known to be willing to spend money on specialized equipment such as custom assemblies that included high-end digital cameras with wireless access. As such, the scheme is not as outlandish as it might have seemed.
The following sequence of images demonstrates the feasibility of the attack; in this case, the target is LA GARD ComboGard 3035 electronic lock (with rubber keys) installed on an industrial-grade safe:
Keypad in idle state - in visible light (left) and in thermal imaging (right). Minimal ambient temperature variations are present due to different thermal characteristics of materials used in the safe.
A sequence of keys is being pressed (1-5-9). The difference in colors on the right is due to IR camera automatically adjusting to relatively high temperature of human body, to avoid overexposure and blooming.
Code entry complete. All pressed keys are still clearly readable in this thermogram; the sequence of digits can be infered from the relative temperature of these spots - ones with lower registered temperature (more faint color) were pressed earlier than others.
There are some real-world considerations, of course: reuse of digits in a code, very rapid code entry, vastly differing keypress times, and other code entry quirks (say, victim's habit of resting his palm on the keypad) may render the attack less successful, and may make results more ambiguous. That said, it's still nifty, and apparently not limited to bad science-fiction or computer games; civilian access to sufficiently advanced technology is possible. All in all, many airports, numerous bank branches, and various other entities, might want to reconsider the effectiveness of their defenses.
A proper defense against such techniques would be not to rely on keypad-only access control in easily accessible areas, unless additional advanced countermeasures can be implemented (well-implemented scrambling keypads originally intended to thwart fingerprint or key wear analysis, for example). Smart-card, biometric, or plain old key-based protection can be added to reduce exposure.
Side thought: in terms of safe cracking, another interesting area of research is differential power analysis (DPA) of electronic locks. High-security locks on small- and medium-size safes usually have external connectors that can be used to supply emergency battery power to the device; these usually directly connect to the same route that is used to supply primary power, and as such can be used to measure power consumption characteristics and/or capture CPU-generated feedback noise, and possibly to differentiate between valid and invalid keycodes as digits are entered. If you happen to have a good 'scope lying around, give it a try.
Oh - wanna buy a brick?
Thursday, April 27, 2017
[ RadSafe ] Dirty Bomb Material Report?
Robert D Gallagher rdgallagher at nssihouston.comTue Apr 4 11:54:07 CDT 2006
- Previous message: AW: [ RadSafe ] Dirty Bomb Material Report?
- Next message: [ RadSafe ] Contamination Monitoring of Sheep
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
How many Curies of Tritium were contained in exit signs in the 9/11 structures that fell? I feel certain at the time the release of Tritium was the least of everybodies worries. Bob Gallagher NSSI Houston -----Original Message----- From: radsafe-bounces at radlab.nl [mailto:radsafe-bounces at radlab.nl]On Behalf Of Flanigan, Floyd Sent: Tuesday, April 04, 2006 11:32 AM To: Mercado, Don; Robert Atkinson; John Jacobus; radsafe at radlab.nl Subject: RE: AW: [ RadSafe ] Dirty Bomb Material Report? I am assuming this is gaseous H3 which would be little threat upon postulated release except to someone right on top of them at the moment of breech? Once in the atmosphere, would the H3 not dissipate rapidly and be diluted to levels of non-concern in a very short period of time? Actually, Hydrogen-3 is usually produced as follows: Lithium-6 + neutron --> Tritium + Helium-4 Only the neutron (which is used up) and Tritium itself are radioactive or dangerous. In addition, Tritium decays as follows: Tritium --> Helium-3 + Electron + Electron anti-neutrino Again, all of these are harmless, Helium-3 is not radioactive. Anyone else see this issue this way? Floyd W. Flanigan B.S.Nuc.H.P. -----Original Message----- From: radsafe-bounces at radlab.nl [mailto:radsafe-bounces at radlab.nl] On Behalf Of Mercado, Don Sent: Tuesday, April 04, 2006 10:09 AM To: Robert Atkinson; John Jacobus; radsafe at radlab.nl Subject: RE: AW: [ RadSafe ] Dirty Bomb Material Report? I had a phone call last week from a guy who wanted to know about selling the H-3 exit signs on eBay. He had about 20 of them and wanted to know the relative hazard. He found my name through Radsafe. Anyway, that's about 200 Ci of H-3 going for sale to John Q. Public if he didn't heed my advice about returning them to the mfgr. -----Original Message----- From: radsafe-bounces at radlab.nl [mailto:radsafe-bounces at radlab.nl] On Behalf Of Robert Atkinson Sent: Friday, March 31, 2006 7:50 AM To: John Jacobus; radsafe at radlab.nl Subject: RE: AW: [ RadSafe ] Dirty Bomb Material Report? A few check sources is nothing. If I was looking for material for an RDD I'd visit the local construction site. A fairly common moisture density gauge contains 8mCi of Cs137 (50 times the amount suggested for the GAO case, plus a 40mCi Am241/Be neutron source. They lose about two or three a month according to the NRC reports. One (serial No.15636) was stolen in Virginia in1997 and turned up on eBay about a week ago! It was returned to its original licensee. The GAO report just shows that the system works, a minimal amount of material was detected and the identity of the persons involved was established. Robert Atkinson. _______________________________________________ You are currently subscribed to the RadSafe mailing list
http://health.phys.iit.edu/archives/2006-April/017025.html
Wednesday, April 26, 2017
Good afternoon welcome back to war! This is for a TNS Poison Attack, to Oracle Database Releases 12.1 or above...so, IF a sub string can be a IP address, THEN..you can legitimate yourself If False PRINT
In Oracle/PLSQL, the
instr
function returns the location of a sub-string in a string.
If the sub-string is not found, then
instr
will return 0
.
I want to search multiple sub-strings in a string and return the first non-zero value. This can be achieved using
regexp_instr
, but I'd like a non-regexp_
solution.
Example:
regexp_instr('500 Oracle Parkway, Redwood Shores, CA','(Apple|Park|Shores)')
should return 12 (the location of 'Park').
...
INSTR doesn't support regex ORs - you'd have to define INSTR function calls for each substring you want to check for. The equivalent of
regexp_instr('500 Oracle Parkway, Redwood Shores, CA','(Apple|Park|Shores)') would be:
Depending on your needs, full text search functionality might be more towards what you want?
ATTACK IS :
TNS Poison Attack vulnerability exploits Oracle listener’s database service registration functionality. Oracle database users connect to the database services through Oracle TNS Listener which acts as a traffic cop. A malicious attacker, residing on the same network as the database, registers a malicious service with the database listener with the same service name as legitimate database service. No credentials are required to register a database service with the listener. An attacker can use Oracle database software or easily available other tools to register a malicious database service.
After completion of the malicious database service registration with the same name as legitimate service name, Oracle listener has two services to choose from – a legitimate service and a malicious service. With two database services available, Oracle listener switches to the load balancing traffic cop mode, directing users alternatively to the legitimate service and the malicious service. At least, 50% of the user sessions are directed to the malicious service. Database user sessions, which are now communicating through the malicious service, can be hijacked by the attacker. An attacker is in the middle. All communication from the users to the database is now passing through the malicious attacker. Attack post stablished. Attacker has full purview of what users are communicating with the database. At a minimum, the attacker can view and steal the data. Additional SQL commands may be injected to broaden the scope or carry out additional attacks. If a database user communicating with the database happens to be a privileged user with the DBA role, then the attacker has complete control of the database. Database compromised. Mission accomplished.
|
Tuesday, April 25, 2017
So, why Dell Latitude D520, that got despize by the computer assholls expertize, and why is the favourite for terrorism? its because, either can or can not have dual core, if "it is the chipset, some have the 945GM which supports dual core and some have the 945GML which does not support dual core" however it supports an Intel adapter caled : "Intel Half Centrino Ultimate-n 6300 Pci-e Card 633anhmw 802.11a/b/g/n 2.4 Ghz and 5.0 Ghz Spectra 450Mbps wifiI" (link bellow) as you see, restritive buy , to Russia, Brazil and so on...
http://www.danallosso.me/products/intel-half-centrino-ultimate-n-6300-pci-e-card-633anhmw-802-11abgn-2-4-ghz-and-5-0-ghz-spectra-450mbps-wifii/
Alfa Network APA-M25 dual band 2.4GHz/5GHz 8 / 10dBi high gain directional indo
Sunday, April 23, 2017
Subscribe to:
Posts (Atom)