as not very far as i understand, wishes that are sent (for example: by speaking them quietly, in Mind) are fulfilled in future, not neccessarily in the same life.
they form Karma, which 'chases' one through one life or through more of one's lives.
as not very far as i understand, Buddhism considers Miracles as possible, Supernatural powers are a fact.
when i've visited Stupas in Kuchary years ago, a few of times ... i wished for Enlightened Love as i walked around the Miracle Stupa.
i was advised to not go into details too much when sending a wish ... i did that, if i remember well enough.
there are tales of Great Yogis & Buddha performing Miracles as well, in past.
i think it is possible to learn Magicks & Miracle-works ... to use it as a tool for Enlightenment.
see also, if You wish or need, ... : Stupas.
Wednesday, December 30, 2015
Stupas.
Introduction.
A stupa (Sanskrit: m.,stūpa 'heap') is a mound-like or hemispherical structure containing relics (śarīra - typically the remains of Buddhist monks or nuns), and used as a place of meditation.
Tibetan stupas.
There are 8 different kinds of stupas in Tibetan Buddhism, each referring to major events in the Buddha's life:
A ninth kind of stupa exists,
> Source: [ Stupa ].
A stupa (Sanskrit: m.,stūpa 'heap') is a mound-like or hemispherical structure containing relics (śarīra - typically the remains of Buddhist monks or nuns), and used as a place of meditation.
Tibetan stupas.
There are 8 different kinds of stupas in Tibetan Buddhism, each referring to major events in the Buddha's life:
- Lotus Blossom Stupa.
- Enlightenment Stupa.
- Stupa of Many Doors.
- Stupa of Descent from the God Realm.
- Stupa of Great Miracles.
- Stupa of Reconciliation.
- Stupa of Complete Victory.
- Stupa of Nirvana.
A ninth kind of stupa exists,
- the Kalachakra stupa.
> Source: [ Stupa ].
Tuesday, December 29, 2015
Queen of Cups, The Card.
Richness of Feelings.
When we meet with richness of feelings, we often think that we had too much ... or that our soul was changing too often to enjoy, to form beneficial relationships with ourselves & with others.
Often this is not the truth, for generosity in feelings helps to see the natural limits of our empathy, where our individuity ends ... & where other people's territory is.
After seeing these limits, cup closes itself & we can start building relationships where both our personal distances, as well as shared thoughts & feelings can be experienced.
Need for spiritual wholeness.
On card we can see seemingly-contradiction: a closed cup & whole, solid throne representing both solid-wholeness & openess of the soul.
There's the message to not be too soft nor too hard, to be able to both open oneself & to see the limits of everyone involved.
If one succeeds in this, the one can feel as whole, is well tuned & solid ... can have good mood & can speak as one even when representing many.
See also, if You wish: Queen of Cups (Tarot card), my First Mandala TAROT Reading.
Data Mining against Terror?
'Data mining, also called knowledge discovery in databases, in computer sciences is the process of discovering interesting and useful patterns and relationships in large volumes of data.
The field combines tools from statistics and artificial intelligence with database management to analyze large digital collections, known as data sets.
Data mining is widely used in business (insurance, banking, retail), science research (astronomy, medicine), and government security (detection of criminals and terrorists).'
> Source: [ Data Mining ].
---
nm108's note: this can be combined with web crawling & nmap vulnerability search & hacking to find evidence against Terror.
The field combines tools from statistics and artificial intelligence with database management to analyze large digital collections, known as data sets.
Data mining is widely used in business (insurance, banking, retail), science research (astronomy, medicine), and government security (detection of criminals and terrorists).'
> Source: [ Data Mining ].
---
nm108's note: this can be combined with web crawling & nmap vulnerability search & hacking to find evidence against Terror.
Sunday, December 27, 2015
Dictionary SSH Hack.
Disclaimer.
this is technologically advanced article about hacking SSH password by writing SSH Client using Java Library for this.
to understand this article, one has to know a little about programming (preferably in Java), & a little about SSH.
Dangers.
this method can be used to obtain root password of vulnerable systems, thus taking over computers.
... process of obtaining root password & installing a rootkit can be automated as well.
potential vulnerable systems can be found using a web crawler software that scans for open ports, like nmap does, looking for port 22.
not every ssh server allows for root login, but there's still the danger of escalating access privileges with other hacks.
not every ssh server runs on port 22 as well.
C0de.
C0de.
(click to enlarge image).
... this time i did dictionary attack on SSH password.
... c0de is available for download here.
(it requires Jsch library & it's dependencies).
As another way, a standard SSH client can be used ... with a script that performs many hack attempts in a loop, by executing ssh client many times.
Why ip address spoofing does not work with SSH hacks?
... because SSH service requires two-way communication.
Client sends requests, and awaits responses from the server.
Without 'knowing' the source IP address, response can't be sent to a proper computer (ssh client).
It's possible however to attack from a 'proxy' server, or from a different machine with different IP address controlled by a hacker, to bypass IP block or to misdirect.
TOR Anonymity for a SSH Hack.
it's still possible to perform an 'Anonymous SSH Hack' using 'The Onion Router' for example.
Saturday, December 26, 2015
Dictionary Webapp Hack.
Disclaimer.
this is technologically advanced article about hacking 'the Internet Applications' & other Tools.
to understand this article, one has to know a little about programming (preferably in Java), a little about web applications, & a little about HTTP Protocol.
HTTP Request analysis.
i've used Google Chrome's tool called 'HTTP Trace' to look at HTTP Request sent to a sample webapp i was running at my computer.
i've looked at a failed login attempt.
Failed Login Data.
(click on image to enlarge it).
C0de.
then i've downloaded Apache's HTTP Client Library & wrote a little of the code that 'forged' HTTP Requests & tried to login into an app in a loop.
i've looked at results of both failed & succesful login attempts, then came up with a final version of the code as follows:
C0de for a Hack.
(click on image to enlarge it).
it doesn't matter much that a succesful login attempt is with 'bad request' status, we've got the information that the password is correct still.
... presented code is very simple & can be refined in many ways ... but this all would only obscure the main idea that a program can be used to perform a Dictionary or Brute Force attacks on a webapp.
C0de without a 'Bad Request'.
... slightly refined code, without 'Bad Request' status message is available on a screenshot below & can be downloaded here as well.
C0de, slightly refined.
(click on image to enlarge it).
i've 'printed' first server hit (HTTP GET Request) on monitor screen, analyzed it, noticed the 'jsessionid' part & formed code that extracted it.
... a proper use of HTTP POST parameters, including 'jsessionid' was the key for overcoming 'Bad Request' problem & message as well.
then i've did part of the code responsible for extracting & comparing page's title to determine if we succesfully logged in or not.
... further c0de refinements could include loading passwords dictionary from a file, or generating it somehow & an option of performing more or less refined brute force attacks.
Security Measures.
how to protect against attacks as these?
... with captcha & account locking functionality, but this opens webapp to 'Account Lockout' vulnerability - any user might be prevented from logging in to app.
Other Considerations.
this is brutus / hydra software equivalent (hacks done more or less manually instead of using someone's complete tools).
this method can be used to hack tomcat webapp server's password, web services, routers, ssh, ... & other tools.
just download client library for a given service or app & write code that attacks passwords via the given protocol.
captcha won't protect all the time, but delays after failed login as well as use of strong passwords that change with time should.
this is technologically advanced article about hacking 'the Internet Applications' & other Tools.
to understand this article, one has to know a little about programming (preferably in Java), a little about web applications, & a little about HTTP Protocol.
HTTP Request analysis.
i've used Google Chrome's tool called 'HTTP Trace' to look at HTTP Request sent to a sample webapp i was running at my computer.
i've looked at a failed login attempt.
Failed Login Data.
(click on image to enlarge it).
C0de.
then i've downloaded Apache's HTTP Client Library & wrote a little of the code that 'forged' HTTP Requests & tried to login into an app in a loop.
i've looked at results of both failed & succesful login attempts, then came up with a final version of the code as follows:
C0de for a Hack.
(click on image to enlarge it).
it doesn't matter much that a succesful login attempt is with 'bad request' status, we've got the information that the password is correct still.
... presented code is very simple & can be refined in many ways ... but this all would only obscure the main idea that a program can be used to perform a Dictionary or Brute Force attacks on a webapp.
C0de without a 'Bad Request'.
... slightly refined code, without 'Bad Request' status message is available on a screenshot below & can be downloaded here as well.
C0de, slightly refined.
(click on image to enlarge it).
i've 'printed' first server hit (HTTP GET Request) on monitor screen, analyzed it, noticed the 'jsessionid' part & formed code that extracted it.
... a proper use of HTTP POST parameters, including 'jsessionid' was the key for overcoming 'Bad Request' problem & message as well.
then i've did part of the code responsible for extracting & comparing page's title to determine if we succesfully logged in or not.
... further c0de refinements could include loading passwords dictionary from a file, or generating it somehow & an option of performing more or less refined brute force attacks.
Security Measures.
how to protect against attacks as these?
... with captcha & account locking functionality, but this opens webapp to 'Account Lockout' vulnerability - any user might be prevented from logging in to app.
Other Considerations.
this is brutus / hydra software equivalent (hacks done more or less manually instead of using someone's complete tools).
this method can be used to hack tomcat webapp server's password, web services, routers, ssh, ... & other tools.
just download client library for a given service or app & write code that attacks passwords via the given protocol.
captcha won't protect all the time, but delays after failed login as well as use of strong passwords that change with time should.
Friday, December 25, 2015
Parapsychology by W. W. Hewitt.
William W. Hewitt.
'Psychic Development for Beginners:
An Easy Guide to Developing and Releasing Your Psychic Abilities'.
... it's an easy to read book about Parapsychology - took me more or less 3 days to read about 220 pages of it.
What i remember most is 'Cosmic Awareness, Higher Mind', an Absolute that author refers to when describing Psychic Abilities, Creativity, Intuition, 6th sense.
... with my understanding, this absolute might be Buddha, if i am not wrong.
There are practices of synchronizing with proper (Theta) brain-wave frequencies, visualization practices as well.
There are many of exercises for the reader that help to develop 'Psychic Tools' ... as well as giving Mind the direction(s) in which it develops.
Many of exercises are performed from either of 'Basic Parapsychology' level or 'Beach of Time' level, reached with exercise after a proper preparation.
Psychic powers are slightly described, along with simple exercises that help to develop & check progress along these lines.
Psychic powers included are:
- Sharpening 5-senses to degree useful in Parapsychology,
- Psychic Shield,
- Psychic Healing,
- Clairvoyance,
- Telepathy,
- Psychometry,
- Astral Travels,
- Communication with Human Subconscious,
- Communication with Ghosts,
- Communication with Animals,
- Finding Problems' Solutions with 'Higher Mind',
- Warning System against Dangers with 'Higher Mind',
- Mind's Alarm-Clock,
- Preventing one's own Sleepiness for a Time,
- Psychic Aid in Learning.
There are many relations of author's experiences, case studies as he put in text.
... with amount of exercises & author's advice, this book alone is about to last for years - if i go that route, at all.
Friday, December 18, 2015
... for Wiccan Witches ?
... had insight telling me that Wiccan Witches would be glad to participate in Ola AH Programming Language & it's success.
i don't mind, on condition that owners agree.
(owners are, if they accept: a Buddhist woman i Love & Lama Ole Nydahl).
> [ 'Ola AH' Programming Language. ],
> [ When 'Ola AH' will be Practical ? ].
i don't mind, on condition that owners agree.
(owners are, if they accept: a Buddhist woman i Love & Lama Ole Nydahl).
> [ 'Ola AH' Programming Language. ],
> [ When 'Ola AH' will be Practical ? ].
Saturday, December 5, 2015
Subscribe to:
Posts (Atom)