Suche senden
Hochladen
Pentru tine
•
Als PPS, PDF herunterladen
•
0 gefällt mir
•
278 views
Mircea Tivadar
Folgen
Unterhaltung & Humor
Melden
Teilen
Melden
Teilen
1 von 13
Jetzt herunterladen
Empfohlen
Does your organisation rely on AIS tracking services? Read our whitepaper on why sole reliance on AIS tracking information could be undermining your best practice programme.
Why AIS is not always enough
Why AIS is not always enough
Pole Star Space Applications
Презентація "Різдво" гарно доповнить урок англ.мови в молодших класах, присвячений святу Новий рік, або Різдво в США та Англії.
Christmas
Christmas
bogomolova1879
Презентація створювалась для учнів 3 класу.
Possessive adjectives
Possessive adjectives
bogomolova1879
Personal informatic v.2
Personal informatic
Personal informatic
Xavier Puig de las Heras
While input validation vulnerabilities such as XSS and SQL injection have been intensively studied, a new class of injection vulnerabilities called HTTP Parameter Pollution (HPP) has not received as much attention. HPP attacks consist of injecting encoded query string delimiters into other existing parameters. If a web application does not properly sanitize the user input, a malicious user can compromise the logic of the application to perform either client-side or server-side attacks. One consequence of HPP attacks is that the attacker can potentially override existing hard-coded HTTP parameters to modify the behavior of an application, bypass input validation checkpoints, and access and possibly exploit variables that may be out of direct reach. In the talk we present the first automated system for the detection of HPP vulnerabilities in real web applications. Our approach consists of injecting fuzzed parameters into the web application and a set of tests and heuristics to determine if the pages that are generated contain HPP vulnerabilities. We used this system to conduct a large-scale experiment by testing more than 5,000 popular websites and discovering unknown HPP flaws in many important and well-known sites such as Microsoft, Google, VMWare, Facebook, Symantec, Paypal and others. These sites have been all informed and many of them have acknowledged or fixed the problems. We will explain in details how to efficiently detect HPP bugs and how to prevent this novel class of injection vulnerabilities in future web applications.
HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)
HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)
Marco Balduzzi
Cloud services such as Amazon’s EC2 and IBM SmartCloud allow users to create and share virtual images (AMIs) with other users. In addition to these user-shared images, the cloud providers also provide AMIs that have been preconfigured with popular software such as open source databases and web servers. This talk explores both the privacy and the security risks associated with renting and using public AMIs from cloud computing providers. We will present SatanCloud, our automated system that we used to analyze and test over 5,000 server images provided by Amazon in its four data centers of US, Europe and Asia. From our analysis, we discovered that both the users and the providers of public AMIs are vulnerable to security risks such as data leakage, unauthorized access, malware infections, and loss of sensitive information.
HITB2012AMS - SatanCloud: A Journey Into the Privacy and Security Risks of Cl...
HITB2012AMS - SatanCloud: A Journey Into the Privacy and Security Risks of Cl...
Marco Balduzzi
Proposal of Rise-Program
Avian flu Type A-H5N1 epidemiological model: Puerto Rico as a case study
Avian flu Type A-H5N1 epidemiological model: Puerto Rico as a case study
Mariangeles Rivera
All content not indexed by traditional web-based search engines is known as the DeepWeb. Wrongly been associated only with the Onion Routing (TOR), the DeepWeb's ecosystem comprises a number of other anonymous and decentralized networks. The Invisible Internet Project (I2P), FreeNET, and Alternative Domain Names (like Name.Space and OpenNic) are examples of networks leveraged by bad actors to host malware, high-resilient botnets, underground forums and bitcoin-based cashout systems (e.g., for cryptolockers). We designed and implemented a prototype system called DeWA for the automated collection and analysis of the DeepWeb, with the goal of quickly identifying new threats as soon they appear. In this talk, we provide concrete examples of how using DeWA to detect, e.g., trading of illicit and counterfeit goods, underground forums, privacy leaks, hidden dropzones, malware hosting and TOR-based botnets.
Cybercrime in the Deep Web (BHEU 2015)
Cybercrime in the Deep Web (BHEU 2015)
Marco Balduzzi
Empfohlen
Does your organisation rely on AIS tracking services? Read our whitepaper on why sole reliance on AIS tracking information could be undermining your best practice programme.
Why AIS is not always enough
Why AIS is not always enough
Pole Star Space Applications
Презентація "Різдво" гарно доповнить урок англ.мови в молодших класах, присвячений святу Новий рік, або Різдво в США та Англії.
Christmas
Christmas
bogomolova1879
Презентація створювалась для учнів 3 класу.
Possessive adjectives
Possessive adjectives
bogomolova1879
Personal informatic v.2
Personal informatic
Personal informatic
Xavier Puig de las Heras
While input validation vulnerabilities such as XSS and SQL injection have been intensively studied, a new class of injection vulnerabilities called HTTP Parameter Pollution (HPP) has not received as much attention. HPP attacks consist of injecting encoded query string delimiters into other existing parameters. If a web application does not properly sanitize the user input, a malicious user can compromise the logic of the application to perform either client-side or server-side attacks. One consequence of HPP attacks is that the attacker can potentially override existing hard-coded HTTP parameters to modify the behavior of an application, bypass input validation checkpoints, and access and possibly exploit variables that may be out of direct reach. In the talk we present the first automated system for the detection of HPP vulnerabilities in real web applications. Our approach consists of injecting fuzzed parameters into the web application and a set of tests and heuristics to determine if the pages that are generated contain HPP vulnerabilities. We used this system to conduct a large-scale experiment by testing more than 5,000 popular websites and discovering unknown HPP flaws in many important and well-known sites such as Microsoft, Google, VMWare, Facebook, Symantec, Paypal and others. These sites have been all informed and many of them have acknowledged or fixed the problems. We will explain in details how to efficiently detect HPP bugs and how to prevent this novel class of injection vulnerabilities in future web applications.
HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)
HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)
Marco Balduzzi
Cloud services such as Amazon’s EC2 and IBM SmartCloud allow users to create and share virtual images (AMIs) with other users. In addition to these user-shared images, the cloud providers also provide AMIs that have been preconfigured with popular software such as open source databases and web servers. This talk explores both the privacy and the security risks associated with renting and using public AMIs from cloud computing providers. We will present SatanCloud, our automated system that we used to analyze and test over 5,000 server images provided by Amazon in its four data centers of US, Europe and Asia. From our analysis, we discovered that both the users and the providers of public AMIs are vulnerable to security risks such as data leakage, unauthorized access, malware infections, and loss of sensitive information.
HITB2012AMS - SatanCloud: A Journey Into the Privacy and Security Risks of Cl...
HITB2012AMS - SatanCloud: A Journey Into the Privacy and Security Risks of Cl...
Marco Balduzzi
Proposal of Rise-Program
Avian flu Type A-H5N1 epidemiological model: Puerto Rico as a case study
Avian flu Type A-H5N1 epidemiological model: Puerto Rico as a case study
Mariangeles Rivera
All content not indexed by traditional web-based search engines is known as the DeepWeb. Wrongly been associated only with the Onion Routing (TOR), the DeepWeb's ecosystem comprises a number of other anonymous and decentralized networks. The Invisible Internet Project (I2P), FreeNET, and Alternative Domain Names (like Name.Space and OpenNic) are examples of networks leveraged by bad actors to host malware, high-resilient botnets, underground forums and bitcoin-based cashout systems (e.g., for cryptolockers). We designed and implemented a prototype system called DeWA for the automated collection and analysis of the DeepWeb, with the goal of quickly identifying new threats as soon they appear. In this talk, we provide concrete examples of how using DeWA to detect, e.g., trading of illicit and counterfeit goods, underground forums, privacy leaks, hidden dropzones, malware hosting and TOR-based botnets.
Cybercrime in the Deep Web (BHEU 2015)
Cybercrime in the Deep Web (BHEU 2015)
Marco Balduzzi
The presentation we created at our class is going to be presented at the Musical school on the 14th of December. All city school will participate on this holiday which is devoted to our great writer.
чынгыз айтматов Small
чынгыз айтматов Small
Kamchibekova Rakia
CS 600.412 Security and Privacy in Cloud Computing
600.412.Lecture02
600.412.Lecture02
ragibhasan
A customizable Enterprise Asset Management presentation you can use to share your learnings with the rest of your team. For more information, visit http://softworx.co.za
Softworx Enterprise Asset Management 101 - Presentation Template
Softworx Enterprise Asset Management 101 - Presentation Template
Enterprise Softworx Solutions
ОО" Шоола Кол" презентация Результаты поиска Санкт-Петербург 14 октября
ОО" Шоола Кол" презентация Результаты поиска Санкт-Петербург 14 октября
ОО" Шоола Кол" презентация Результаты поиска Санкт-Петербург 14 октября
Асылбек Айтматов
A New Form of Dos attack in Cloud
A New Form of Dos attack in Cloud
Sanoj Kumar
My talk at RAID 2010 in Ottawa on a new common weakness of Social Networks that can be abused by running various sort of attacks.
Abusing Social Networks for Automated User Profiling
Abusing Social Networks for Automated User Profiling
Marco Balduzzi
TUGAS PTI IKA APRILIA
TUGAS PTI MOTHERBOARD DAN MODEM
TUGAS PTI MOTHERBOARD DAN MODEM
ika aprilia
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin Ahmed Backup-File Artifacts: The Underrated Web-Danger Testing and Exploiting Backup-File Artifacts with BFAC BFAC Homepage: https://github.com/mazen160 Blog Post: http://blog.mazinahmed.net/2016/08/backup-file-artifacts.html
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin Ahmed
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin Ahmed
Mazin Ahmed
Some examples how children can create their own project family tree
Family tree
Family tree
bogomolova1879
AIS, Automatic Identification System, is a promoted standard and implementation for vessels traffic safety and monitoring. With more than 400,000 installations worldwide, AIS is currently a mandatory installation for commercial vessels and a de-facto equipment for leisure crafts. AIS is largely used in ports worldwide -- Rotterdam alone monitors over 700 AIS-enabled vessels each day, serving 32,000 seagoing and 87,000 inland vessels a year. Back in October 2013, during HITB KUL, we showed that AIS is hardly broken, both at implementation and protocol level, and it suffers from severe vulnerabilities like spoofing and man-in-the-middle. In this talk, we extend our research by sharing with the audience several novel attacks that we recently discovered, for example how to extensively disable AIS communications or attack the software installed at back-end by port authorities. By doing so, we hope to raise the necessary awareness and lead the involved parties into calling for a more robust and secure AIS.
AIS Exposed. New vulnerabilities and attacks. (HITB AMS 2014)
AIS Exposed. New vulnerabilities and attacks. (HITB AMS 2014)
Marco Balduzzi
It's all in the title.
Cloud computing security policy framework for mitigating denial of service at...
Cloud computing security policy framework for mitigating denial of service at...
Venkatesh Prabhu
Adauga un text
Adauga un text
Codruta Ardelean
Presentation1
Presentation1
Nima Kamali
This presentation describe about a new feature added in CCTK 2.2 for setting HDD password.
Cctk support for setting hdd password
Cctk support for setting hdd password
artisriva
Over the past several years there has been a noticeable rise in the number of reported targeted attacks, which are also commonly referred to as advanced persistent threats (APTs). This is seen by security experts as a landscape shift from a world dominated by widespread malware that infect indiscriminately, to a more selectively targeted approach with higher gain. One thing that is clear about targeted attacks is that they are difficult to detect, and not much research has been conducted so far in detecting these attacks. In this paper, we propose a novel system called SPuNge that processes threat information collected on the users' side to detect potential targeted attacks for further investigation. We use a combination of clustering and correlation techniques to identify groups of machines that share a similar behavior with respect to the malicious resources they access and the industry in which they operate (e.g., oil & gas). We evaluated our system against real data collected by an antivirus vendor from over 20 million customers installations worldwide. Our results show that our approach works well in practice and is helpful in assisting security analysts in cybercrime investigations.
HTTP(S)-Based Clustering for Assisted Cybercrime Investigations
HTTP(S)-Based Clustering for Assisted Cybercrime Investigations
Marco Balduzzi
Clickjacking is a web-based attack that has recently received a wide media coverage. In a clickjacking attack, a malicious page is constructed such that it tricks victims into clicking on an element of a different page that is only barely (or not at all) visible. By stealing the victim's clicks, an attacker could force the user to perform an unintended action that is advantageous for the attacker (e.g., initiate an online money transaction). Although clickjacking has been the subject of many discussions and alarming reports, it is currently unclear to what extent clickjacking is being used by attackers in the wild, and how significant the attack is for the security of Internet users. In this paper, we propose a novel solution for the automated and efficient detection of clickjacking attacks. We describe the system that we designed, implemented and deployed to analyze over a million unique web pages. The experiments show that our approach is feasible in practice. Also, the empirical study that we conducted on a large number of popular websites suggests that clickjacking has not yet been largely adopted by attackers on the Internet.
Paper: A Solution for the Automated Detection of Clickjacking Attacks
Paper: A Solution for the Automated Detection of Clickjacking Attacks
Marco Balduzzi
OWASP Pune Chapter 18th Feb 2016 At - Avaya India, Pune.
OWASP Pune Chapter : Dive Into The Profound Web Attacks
OWASP Pune Chapter : Dive Into The Profound Web Attacks
Narendra Bhati
Apt sharing tisa protalk 2-2554
Apt sharing tisa protalk 2-2554
TISA
Slides from my PHDays II talk
Hack an ASP .NET website? Hard, but possible!
Hack an ASP .NET website? Hard, but possible!
Vladimir Kochetkov
- Owasp AppSec Research 2010 - Over the past year, clickjacking received extensive media coverage. News portals and security forums have been overloaded by posts claiming clickjacking to be the upcoming security threat. In a clickjacking attack, a malicious page is constructed (or a benign page is hijacked) to trick the user into performing unintended clicks that are advantageous for the attacker, such as propagating a web worm, stealing confidential information or abusing of the user session. This presentation introduces a novel solution we designed and implemented for an automated detection of clickjacking attacks on web-pages. The presentation details the architecture of our detection and testing system and it presents the results we obtained from the analysis of over a million "possibly malicious" Internet pages.
New Insights into Clickjacking
New Insights into Clickjacking
Marco Balduzzi
Atentionare
Ambasada Azerbaigean
Ambasada Azerbaigean
Mircea Tivadar
Sculptures de gaylord_ho-julia_zappa
Sculptures de gaylord_ho-julia_zappa
Sculptures de gaylord_ho-julia_zappa
Mircea Tivadar
Weitere ähnliche Inhalte
Andere mochten auch
The presentation we created at our class is going to be presented at the Musical school on the 14th of December. All city school will participate on this holiday which is devoted to our great writer.
чынгыз айтматов Small
чынгыз айтматов Small
Kamchibekova Rakia
CS 600.412 Security and Privacy in Cloud Computing
600.412.Lecture02
600.412.Lecture02
ragibhasan
A customizable Enterprise Asset Management presentation you can use to share your learnings with the rest of your team. For more information, visit http://softworx.co.za
Softworx Enterprise Asset Management 101 - Presentation Template
Softworx Enterprise Asset Management 101 - Presentation Template
Enterprise Softworx Solutions
ОО" Шоола Кол" презентация Результаты поиска Санкт-Петербург 14 октября
ОО" Шоола Кол" презентация Результаты поиска Санкт-Петербург 14 октября
ОО" Шоола Кол" презентация Результаты поиска Санкт-Петербург 14 октября
Асылбек Айтматов
A New Form of Dos attack in Cloud
A New Form of Dos attack in Cloud
Sanoj Kumar
My talk at RAID 2010 in Ottawa on a new common weakness of Social Networks that can be abused by running various sort of attacks.
Abusing Social Networks for Automated User Profiling
Abusing Social Networks for Automated User Profiling
Marco Balduzzi
TUGAS PTI IKA APRILIA
TUGAS PTI MOTHERBOARD DAN MODEM
TUGAS PTI MOTHERBOARD DAN MODEM
ika aprilia
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin Ahmed Backup-File Artifacts: The Underrated Web-Danger Testing and Exploiting Backup-File Artifacts with BFAC BFAC Homepage: https://github.com/mazen160 Blog Post: http://blog.mazinahmed.net/2016/08/backup-file-artifacts.html
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin Ahmed
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin Ahmed
Mazin Ahmed
Some examples how children can create their own project family tree
Family tree
Family tree
bogomolova1879
AIS, Automatic Identification System, is a promoted standard and implementation for vessels traffic safety and monitoring. With more than 400,000 installations worldwide, AIS is currently a mandatory installation for commercial vessels and a de-facto equipment for leisure crafts. AIS is largely used in ports worldwide -- Rotterdam alone monitors over 700 AIS-enabled vessels each day, serving 32,000 seagoing and 87,000 inland vessels a year. Back in October 2013, during HITB KUL, we showed that AIS is hardly broken, both at implementation and protocol level, and it suffers from severe vulnerabilities like spoofing and man-in-the-middle. In this talk, we extend our research by sharing with the audience several novel attacks that we recently discovered, for example how to extensively disable AIS communications or attack the software installed at back-end by port authorities. By doing so, we hope to raise the necessary awareness and lead the involved parties into calling for a more robust and secure AIS.
AIS Exposed. New vulnerabilities and attacks. (HITB AMS 2014)
AIS Exposed. New vulnerabilities and attacks. (HITB AMS 2014)
Marco Balduzzi
It's all in the title.
Cloud computing security policy framework for mitigating denial of service at...
Cloud computing security policy framework for mitigating denial of service at...
Venkatesh Prabhu
Adauga un text
Adauga un text
Codruta Ardelean
Presentation1
Presentation1
Nima Kamali
This presentation describe about a new feature added in CCTK 2.2 for setting HDD password.
Cctk support for setting hdd password
Cctk support for setting hdd password
artisriva
Over the past several years there has been a noticeable rise in the number of reported targeted attacks, which are also commonly referred to as advanced persistent threats (APTs). This is seen by security experts as a landscape shift from a world dominated by widespread malware that infect indiscriminately, to a more selectively targeted approach with higher gain. One thing that is clear about targeted attacks is that they are difficult to detect, and not much research has been conducted so far in detecting these attacks. In this paper, we propose a novel system called SPuNge that processes threat information collected on the users' side to detect potential targeted attacks for further investigation. We use a combination of clustering and correlation techniques to identify groups of machines that share a similar behavior with respect to the malicious resources they access and the industry in which they operate (e.g., oil & gas). We evaluated our system against real data collected by an antivirus vendor from over 20 million customers installations worldwide. Our results show that our approach works well in practice and is helpful in assisting security analysts in cybercrime investigations.
HTTP(S)-Based Clustering for Assisted Cybercrime Investigations
HTTP(S)-Based Clustering for Assisted Cybercrime Investigations
Marco Balduzzi
Clickjacking is a web-based attack that has recently received a wide media coverage. In a clickjacking attack, a malicious page is constructed such that it tricks victims into clicking on an element of a different page that is only barely (or not at all) visible. By stealing the victim's clicks, an attacker could force the user to perform an unintended action that is advantageous for the attacker (e.g., initiate an online money transaction). Although clickjacking has been the subject of many discussions and alarming reports, it is currently unclear to what extent clickjacking is being used by attackers in the wild, and how significant the attack is for the security of Internet users. In this paper, we propose a novel solution for the automated and efficient detection of clickjacking attacks. We describe the system that we designed, implemented and deployed to analyze over a million unique web pages. The experiments show that our approach is feasible in practice. Also, the empirical study that we conducted on a large number of popular websites suggests that clickjacking has not yet been largely adopted by attackers on the Internet.
Paper: A Solution for the Automated Detection of Clickjacking Attacks
Paper: A Solution for the Automated Detection of Clickjacking Attacks
Marco Balduzzi
OWASP Pune Chapter 18th Feb 2016 At - Avaya India, Pune.
OWASP Pune Chapter : Dive Into The Profound Web Attacks
OWASP Pune Chapter : Dive Into The Profound Web Attacks
Narendra Bhati
Apt sharing tisa protalk 2-2554
Apt sharing tisa protalk 2-2554
TISA
Slides from my PHDays II talk
Hack an ASP .NET website? Hard, but possible!
Hack an ASP .NET website? Hard, but possible!
Vladimir Kochetkov
- Owasp AppSec Research 2010 - Over the past year, clickjacking received extensive media coverage. News portals and security forums have been overloaded by posts claiming clickjacking to be the upcoming security threat. In a clickjacking attack, a malicious page is constructed (or a benign page is hijacked) to trick the user into performing unintended clicks that are advantageous for the attacker, such as propagating a web worm, stealing confidential information or abusing of the user session. This presentation introduces a novel solution we designed and implemented for an automated detection of clickjacking attacks on web-pages. The presentation details the architecture of our detection and testing system and it presents the results we obtained from the analysis of over a million "possibly malicious" Internet pages.
New Insights into Clickjacking
New Insights into Clickjacking
Marco Balduzzi
Andere mochten auch
(20)
чынгыз айтматов Small
чынгыз айтматов Small
600.412.Lecture02
600.412.Lecture02
Softworx Enterprise Asset Management 101 - Presentation Template
Softworx Enterprise Asset Management 101 - Presentation Template
ОО" Шоола Кол" презентация Результаты поиска Санкт-Петербург 14 октября
ОО" Шоола Кол" презентация Результаты поиска Санкт-Петербург 14 октября
A New Form of Dos attack in Cloud
A New Form of Dos attack in Cloud
Abusing Social Networks for Automated User Profiling
Abusing Social Networks for Automated User Profiling
TUGAS PTI MOTHERBOARD DAN MODEM
TUGAS PTI MOTHERBOARD DAN MODEM
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin Ahmed
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin Ahmed
Family tree
Family tree
AIS Exposed. New vulnerabilities and attacks. (HITB AMS 2014)
AIS Exposed. New vulnerabilities and attacks. (HITB AMS 2014)
Cloud computing security policy framework for mitigating denial of service at...
Cloud computing security policy framework for mitigating denial of service at...
Adauga un text
Adauga un text
Presentation1
Presentation1
Cctk support for setting hdd password
Cctk support for setting hdd password
HTTP(S)-Based Clustering for Assisted Cybercrime Investigations
HTTP(S)-Based Clustering for Assisted Cybercrime Investigations
Paper: A Solution for the Automated Detection of Clickjacking Attacks
Paper: A Solution for the Automated Detection of Clickjacking Attacks
OWASP Pune Chapter : Dive Into The Profound Web Attacks
OWASP Pune Chapter : Dive Into The Profound Web Attacks
Apt sharing tisa protalk 2-2554
Apt sharing tisa protalk 2-2554
Hack an ASP .NET website? Hard, but possible!
Hack an ASP .NET website? Hard, but possible!
New Insights into Clickjacking
New Insights into Clickjacking
Mehr von Mircea Tivadar
Atentionare
Ambasada Azerbaigean
Ambasada Azerbaigean
Mircea Tivadar
Sculptures de gaylord_ho-julia_zappa
Sculptures de gaylord_ho-julia_zappa
Sculptures de gaylord_ho-julia_zappa
Mircea Tivadar
Papusi incredibile
Papusi incredibile
Papusi incredibile
Mircea Tivadar
Diaszpora21 2014 dec
Diaszpora21 2014 dec
Diaszpora21 2014 dec
Mircea Tivadar
Sergei prokudin gorskii
Sergei prokudin gorskii
Sergei prokudin gorskii
Mircea Tivadar
Supliment
Supliment scã‚nteia
Supliment scã‚nteia
Mircea Tivadar
.
Afis text nou
Afis text nou
Mircea Tivadar
.
Invitatie v3
Invitatie v3
Mircea Tivadar
.
Afis v3
Afis v3
Mircea Tivadar
.
Afis
Afis
Mircea Tivadar
.
Invitatie
Invitatie
Mircea Tivadar
.
Gyergyã³ tã¶rtã©nete
Gyergyã³ tã¶rtã©nete
Mircea Tivadar
.
Meghãvã³ szeptember_20
Meghãvã³ szeptember_20
Mircea Tivadar
........................
Veselie mare
Veselie mare
Mircea Tivadar
.....
1 une apocalypse-appele_islam11
1 une apocalypse-appele_islam11
Mircea Tivadar
1 une apocalypse-appele_islam11
1 une apocalypse-appele_islam11
Mircea Tivadar
.
Www.nicepps.ro 12702 great_old_bridges_hr
Www.nicepps.ro 12702 great_old_bridges_hr
Mircea Tivadar
Pareimposibil
Pareimposibil
Mircea Tivadar
Cainele prietenul meu
Cainele prietenul meu
Mircea Tivadar
Invitatie simpozion
Invitatie simpozion
Mircea Tivadar
Mehr von Mircea Tivadar
(20)
Ambasada Azerbaigean
Ambasada Azerbaigean
Sculptures de gaylord_ho-julia_zappa
Sculptures de gaylord_ho-julia_zappa
Papusi incredibile
Papusi incredibile
Diaszpora21 2014 dec
Diaszpora21 2014 dec
Sergei prokudin gorskii
Sergei prokudin gorskii
Supliment scã‚nteia
Supliment scã‚nteia
Afis text nou
Afis text nou
Invitatie v3
Invitatie v3
Afis v3
Afis v3
Afis
Afis
Invitatie
Invitatie
Gyergyã³ tã¶rtã©nete
Gyergyã³ tã¶rtã©nete
Meghãvã³ szeptember_20
Meghãvã³ szeptember_20
Veselie mare
Veselie mare
1 une apocalypse-appele_islam11
1 une apocalypse-appele_islam11
1 une apocalypse-appele_islam11
1 une apocalypse-appele_islam11
Www.nicepps.ro 12702 great_old_bridges_hr
Www.nicepps.ro 12702 great_old_bridges_hr
Pareimposibil
Pareimposibil
Cainele prietenul meu
Cainele prietenul meu
Invitatie simpozion
Invitatie simpozion
Jetzt herunterladen