OTR interception

BM-2cW67GEKkHGonXKZLCzouLLxnLym3azS8r
May 17 15:58 [raw]

u fucken troll ask the wrong question. the question is: why would nsa put in a false statement like "OTR is not deciphereable" into that secret document ? answer that , u fucken idiot.

BM-2D8hw9EzzMMJUYV44txMFqbtq3T7MCvyz7
May 17 16:10 [raw]

There is no such statement in leaked documents, sorry. Of course you can have any religion you need to feel better.

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 17 16:14 [raw]

Both documents are probably honest and accurate. My reading is that OTR is most likely not breakable via a frontal attack, but may still be partially recoverable via other methods, including: - exploits on client software (base layer), escalated to exfiltrate OTR keys from memory - exploits and/or implants at OS level, once again used to exfiltrate keys - corruption of cryptographic libraries at OS level - other flank attacks These and other similar methods are documented to have been used by both NSA and CIA (vault 7) to attack secure communication protocols, including OTR and Axolotl. If the protocol itself is too strong, find a weaker point nearby and work through there. Keyhole surgery. Not a protocol bug, though.

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 17 16:26 [raw]

I concur. of course exploiting those avenues may prove too much work or unattainable even for fucking NSA

BM-2D8hw9EzzMMJUYV44txMFqbtq3T7MCvyz7
May 17 16:34 [raw]

My thought exactly. As Bruce Schneier once said, bad implementation or insecure environment is like placing steel vault doors in tent.

BM-2D8hw9EzzMMJUYV44txMFqbtq3T7MCvyz7
May 19 00:36 [raw]

Unless the client using OTR is based on libpurple (Pidgin, Adium) - that shit is exploitable as fuck. OTR is old. Fails at multidevice. OMEMO is much better, although it's not agnostic to the underlying protocol the way OTR is. OMEMO is for XMPP only; it uses axolotl/ratchet from Signal as its crypto scheme.

BM-2D8hw9EzzMMJUYV44txMFqbtq3T7MCvyz7
May 19 00:45 [raw]

Suddenly we can see that OTR is breakable. You can call me troll now.

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 19 02:34 [raw]

Please read your parent message again. All that it claims it that "libpurple is exploitable" and "OTR is old". If this means to you that "OTR is breakable", you are either failing reading comprehension, or grasping at straws to support your FUD effort. What the message actually says has been said before in this thread: > (...) OTR is most likely not breakable via a frontal attack, but may still be partially recoverable via other methods, including: > - exploits on client software Libpurple is "client software", not part of the OTR protocol and libraries.

BM-2D8hw9EzzMMJUYV44txMFqbtq3T7MCvyz7
May 19 03:34 [raw]

OTR is solid crypto. Some of the more popular messaging clients it's implemented in - not so solid. Any crypto can potentially be bypssed with a sidechannel attack - that does not mean all crypto is broken.

BM-2cT2N7i85pycSmd4eLzFoPjR1XwN98GE5c
May 19 06:04 [raw]

"Implementation is everything" - if so, then OTR is breakable. NSA expresses its gratitude to homebrew crypto developers.

BM-2D8hw9EzzMMJUYV44txMFqbtq3T7MCvyz7
May 19 06:04 [raw]

As security specialists say, "implementation is everything". So, OTR is breakable.

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 19 07:07 [raw]

Do any of you know how to create cryptographic algorithms? It seems the thing to do would be to be developing and attacking new algorithms and protocols rather than arguing over stuff like OTR or PGP. We should be sharing tips and tricks on how to design algorithms and peer review them anonymously. No such thing is happening in the "crypto anarchist" community. But it should be a major effort with lots of visibility. You complain about NSA and mainstream crypto, but don't offer alternative.

BM-2D8hw9EzzMMJUYV44txMFqbtq3T7MCvyz7
May 19 07:36 [raw]

Tox protocol is OK.

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 19 10:57 [raw]

A concept doesn't become broken because you implemented it wrong. Even the most well designed ciphers fall apart if you implement key exchange idiotically.

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 19 11:05 [raw]

Exactly. *IF* keys are exchanged securely then breaking OTR requires processing beyond current technology. That's a big *IF* by the way. Sloppiness in key delivery is the weakness of any OTR setup. Compromise the key delivery and no cracking is necessary.

BM-2D8hw9EzzMMJUYV44txMFqbtq3T7MCvyz7
May 19 11:51 [raw]

Yes, in platonic ideal word all broken ciphers are unbreakable, because this platonic worlds knows nothing about implementation errors, backdoored CPUs, infected firmware, side channel attacks and limitless incompetence of programmers.

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 19 11:59 [raw]

That doesn't address the point at all. You're still going directly from "people are too dumb to implement OTR correctly" to "OTR is broken", which is exactly the opposite of what was said. By your logic, there is not a single non-broken cipher in the world, because every cipher can be broken when implemented incorrectly.

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 19 12:01 [raw]

if I get you fucking nsa fud troll , I will fucking shoot u . all u do is fud bullshitting there is zero point of doing it here u fucen asshole

BM-2D8hw9EzzMMJUYV44txMFqbtq3T7MCvyz7
May 19 12:08 [raw]

"You're still going directly from "people are too dumb to implement OTR correctly" to "OTR is broken"" No, sir. My line of reasoning is: "OTR is not implemented correctly, so the thing called OTR is breakable". Analogy to OpenSSL troubles.

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 19 12:14 [raw]

this motherfucker will keep fud trolling even tho he was refuted ages ago

BM-2D8hw9EzzMMJUYV44txMFqbtq3T7MCvyz7
May 19 12:25 [raw]

Nobody forbids you to believe into your platonic religion of perfectly implemented cryptography implemented in perfectly clean computer environment.

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 19 12:30 [raw]

Why don't you just say that all crypto is breakable (nice nitpicking earlier, btw), instead of trying to say that JUST OTR is breakable? What you say applies equally to all ciphers.

BM-2D8hw9EzzMMJUYV44txMFqbtq3T7MCvyz7
May 19 12:50 [raw]

"What you say applies equally to all ciphers." Exactly. I was pointing at OTR because I saw some kind of OTR cult emerging.

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 19 12:55 [raw]

Soo, basically, your statement is "all ciphers can be broken, just give up?", i.e. completely useless to the discussion?

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 19 12:57 [raw]

shoot this nsa fud troll already

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 19 12:57 [raw]

what a motherfucker

BM-2D8hw9EzzMMJUYV44txMFqbtq3T7MCvyz7
May 19 13:00 [raw]

"your statement is "all ciphers can be broken, just give up?"" No, sir. My statement is "all ciphers can be broken because of bad thinking of security, start thinking and acting correctly".

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 19 14:44 [raw]

OK, so the cult police is in the house, I like this. Along with the annotated traffic dump posted earlier on in this channel (OTRv2 spoken between Alice and Bob), there was also a challenge to decrypt a specific message from that conversation. Has anyone attempted this at all, or at least (more likely) reduce the problem to a known unknown? I have. Would anyone be interested in a guided walk-through for the above?

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 19 15:55 [raw]

ya I find it inetresting. and itz fun to refute the nsa fud troll moron

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 19 16:11 [raw]

Lay down the guide monseur.

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 19 16:38 [raw]

> Nobody forbids you to believe into your platonic religion I forbid it.

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 21 05:12 [raw]

Breaking OTR encryption, the guided tour. Best enjoyed in monospace font. (original challenge in message 5cc75391514371db8dd7e6379a7fb0823b2d0713a5efd1730cf38516a60cf6da) 0) Start with the intercepted OTR data packet, see original message for details. 1) Strip the OTR envelope (The ?OTR: prefix and the trailing full stop) to get a base64 object: AAIDAAAAAAEAAAACAAAAwPym...xXJWI/Dj9BIAAAAA 2) Convert the object from base64 to hex for easy handling. One would normally use hexdump or xxd, but in this case, since there’s no plaintext to eyeball, we’ll prefer a pure hex dump, using “base64 -d |xxd -p -c16”: 000203000000000100000002000000c0 fca6489e2f06f599be07cfb0970d2be7 [...skipped...] a259f4ba46ebeac0d5b58223956c9fa5 0000000000000001000000714976a10c fea1e7173941348db48b6188f8d78d93 [...skipped...] f9ec5559e197d2c3841f1232d5f8b510 7a3c3a3a859430359cc5725623f0e3f4 1200000000 3) First, identify the version of the OTR protocol that the message belongs to. The first two octets (0x0002) indicate the protocol version, in this case it’s version 2. 4) Open the OTRv2 spec on a secondary monitor for reference: https://otr.cypherpunks.ca/Protocol-v2-3.1.0.html 5) The third octet of the message (0x03) is the message type. In OTRv2, message type 3 is “Data Message”. We already suspected that, from the position in the protocol capture, and now we have a confirmation. Parse the message as an OTRv2 data message (search “Data Message format” in the spec): 0002 Protocol version: OTRv2 03 Message type: Data (0x03) 00 Flags: 0x00 (default) 00000001 Sender DH key ID: 1 00000002 Recipient DH key ID: 2 000000c0 DH public key length: 0xc0=192 fca648...6c9fa5 DH public key value (192 bytes) 0000000000000001 Top half of AES-CTR counter init 00000071 Encrypted Text length: 0x71=113 4976a1...1232d5 Encrypted Text (113 bytes) f8b510...e3f412 Authenticator: 20 bytes SHA1-HMAC 00000000 Old MAC keys: zero length record (none) 6) The 113-byte section “Encrypted Text” is the magic box containing the text that we’re trying to read. From the protocol specs and the message fields, we can infer some of the magic properties: - the protocol is OTRv2, so the encryption algorithm is AES128-CTR - the AES counter top-half is 1, usually indicating first use of the key - the cleartext message length is 112 bytes (OTR appends a zero byte at the end, and AES-CTR preserves message length) 7) In conclusion, the algorithm to extract the message cleartext is: clearText=AES128CTR(aesKey, aesCTR).decrypt(encryptedText) We know: aesCTR = 1 and encryptedText = ‘4976a10cfea1e7173941348db48b6188f8d78d937bdb88515e1381e5ccede65c73baddae36111c5f39cccd7a7e7d8602de1f7496f8ba5f8780c31b68f250adfd29eafa2fd4b39da3719dc18242339a166c474e46d9d1fa0dec88821ea5a2a4d4b7e80ca3f9ec5559e197d2c3841f1232d5’ What we DON’T know is the 128-bit encryption key aesKey. Only Alice and Bob can know that, and they don't tell. 8) Thus we have reduced the problem to solving AES128-CTR. Can anyone with NSA connections please give us a hand with this? Everybody else, if you have any questions, ask away :)

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 21 06:20 [raw]

I examined the structure of the OTR packet you demonstrated. It reveals a few things to me. 1. It is loaded with envelope metadata. This alone is an abysmal security implementation failure. There should be no metadata. All the metadata should be encrypted with the message. The fact that it is not, suggests the designers were either naive, or designed the protocol to succumb to attack. 2. The use of AES-128, when larger key sizes are available, also suggest either naivete or intentional design for weakness. There is no need to identify sender, receiver, protocol, or version in the envelope. All of that can be done after decryption of the object. This protocol is not secure at all. The metadata alone, including public keys, creates a clear record. And they call this "off the record."

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 21 09:00 [raw]

I have been creating cryptosystems since January 1989. The local NSA partner agency was too cheap to offer me a competitive salary, so they don't have my research helping them to do nothing in crypto development. The principle I use is that of over-engineering designs to allow for decades of use. I will be willing to open source the previous design once I have obtained funding for something much more valuable. However, I will not be open sourcing the current app design for the 4th generation blockchain, as I'd rather not allow cloning of that project.

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 21 12:55 [raw]

You raise two good points. 1) By design OTR is not a stand-alone communication protocol; it is a content encrypting overlay for existing protocols, most of which operate on a user account / session basis: IRC, XMPP, Office, Facebook etc. From this perspective, OTR does not disclose any addiitional information beyond what is unfortunately already disclosed at the base protocol level (see NSA intercepts). What OTR does is protect the content. Also, none of the OTR metadata is identifying, as the keys are generated individually for each message and not linkable across messages. You may be applying a common prejudgment "metadata is vulnerability" to the wrong type of metadata. :) 2) It's true that the protocols and key sizes are a bit outdated (the whitepaper was first released 14 years ago), this is being addressed in the version 4 of the protocol, currently in development: https://github.com/otrv4/otrv4/blob/master/otrv4.md Note, however, that neither DH group 5, nor AES-128-CTR are computationally breakable with current technology; they're just considered less future-proof than they were believed to be 14 years ago. Anyway, it's an interesting discussion, but I didn't hear the objection that I was hoping for. Anyone else want to try?

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 21 19:18 [raw]

> 'I will be willing to open source the previous design once I have obtained funding for something much more valuable.' I share this sentiment. I want to open source my designs, but nobody who benefits from it will give me a thin dime. After I recoup my investment I will consider releasing open source libraries. It is sad that companies who might make millions or save millions using your design want it for free and don't want to pay. That is what Gnu/OSS is really all about--getting a million programmers to write free software for the government and big business. All the hype about freedom is bullshit. It's about the freedom of the big firms to use your stuff without paying you a cent.

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 21 19:20 [raw]

> Anyway, it's an interesting discussion, but I didn't hear the objection that I was hoping for. delve, delve

BM-2D8hw9EzzMMJUYV44txMFqbtq3T7MCvyz7
May 21 19:30 [raw]

Please read GNU license. More than once. With comprehension.

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 22 04:50 [raw]

I was thinking SHA1 would be a pretty juicy elephant-in-the-room, no? :)

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 22 06:27 [raw]

More exactly, which cryptocurrencies are based on SHA-x ? :-P

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 22 06:50 [raw]

juicy elephants make better barbecue good call i got sauce

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 22 06:55 [raw]

The previous design is reliable and well-spread over the last decade, however it is still considered competitive with current cryptography research. What I would rather profit from is how my research works as a new type of blockchain, however no company is willing to pay for the research at a fair rate, and they would rather just acquire buzzwords they don't understand for their ICO whitepaper. I've heard of lead blockchain programmers who barely know how to code, techical advisors to blockchain companies who don't know the first thing about cryptography or databases, even marketing types who want a technical review to be a glowing recommendation for a piece of crap. The there is all the idiots praising solidity as if it isn't a buggy piece of crap favoured by the smart contract crowd. Anyway, I should probably head to the toilet if I want to give a crap. :-)

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 22 06:56 [raw]

To heck with that, I choose what I do with my work.

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 22 07:14 [raw]

> crap favoured by the smart contract crowd. Smart contracts are an even bigger hasbarabot scam than ICOs.

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 22 07:36 [raw]

> no company is willing to pay for the research at a fair rate, and they would rather just acquire buzzwords Those having money, believe they are entitled to more money at the expense of those who do all the work.

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 22 07:45 [raw]

Exactly. Would rather just raise money the traditional way for something worthwhile than be associated with the global scam market.

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 22 07:57 [raw]

Now they're calling it "the ICO market." There is no market. It's people taking your money for a fantasy.

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 22 17:30 [raw]

But bashing it is so much more trolly fun. What do you expect to get from the hordes here?

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 23 01:33 [raw]

And you are not trolling us about leaving our hard work to go unrewarded ? Not everyone can afford to donate our efforts when we have little funds from other things.

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 29 11:28 [raw]

Public key shall exist outside the encryped data. data = [encrypted]+[pubK] What do you think about ricochet.im's protocol? Just curious.

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 29 12:16 [raw]

Guys, you're about 15 years behind the times. Welcome to 2003.

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 29 12:46 [raw]

Hey, it (OTR) keeps the NSA Utah facility ticking over with juicy decrypts.

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
May 29 14:23 [raw]

Source please?

BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE
Jun 2 05:59 [raw]

Oh, I'm pretty sure it was Washington post 2013. Don't have the URL to hand, the printout is in my office. You should be able to find mention of "AES decrypt facility in Utah" on "the intercept" website.

[chan] privacy
BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE

Subject Last Count
French Agency liberates the source code of the OS it uses for his security agency. Sep 20 19:25 1
Offizielle Informanten der Kanäle DOTU.RU und KOB (24) Sep 17 00:24 1
Raise Proof of Work Sep 16 12:09 4
Важная информация! Активным пидорам (двадцать четвертое напоминание) Sep 16 08:40 1
Offizielle Informanten der Kanäle DOTU.RU und KOB (23) Sep 16 08:24 1
Offizielle Informanten der Kanäle DOTU.RU und KOB (22) Sep 16 08:11 1
Жаждущим анальной нежности (двадцать третье уведомление) Sep 16 08:09 1
Жаждущим анальной нежности (двадцать второе уведомление) Sep 16 08:00 1
Важная информация! Активным пидорам (двадцать третье напоминание) Sep 16 07:59 1
Важная информация! Активным пидорам (двадцать второе напоминание) Sep 16 07:20 1
Offizielle Informanten der Kanäle DOTU.RU und KOB (21) Sep 16 07:12 1
Жаждущим анальной нежности (двадцать первое уведомление) Sep 16 07:01 1
Жаждущим анальной нежности (двадцатое уведомление) Sep 16 06:37 1
Важная информация! Активным пидорам (двадцать первое напоминание) Sep 16 06:37 1
Offizielle Informanten der Kanäle DOTU.RU und KOB (20) Sep 16 06:20 1
Важная информация! Активным пидорам (девятнадцатое напоминание) Sep 16 05:54 1
Важная информация! Активным пидорам (двадцатое напоминание) Sep 16 05:54 1
Offizielle Informanten der Kanäle DOTU.RU und KOB (18) Sep 16 05:54 1
Offizielle Informanten der Kanäle DOTU.RU und KOB (19) Sep 16 05:40 1
Жаждущим анальной нежности (девятнадцатое уведомление) Sep 16 05:25 1
Жаждущим анальной нежности (восемнадцатое уведомление) Sep 16 04:44 1
Важная информация! Активным пидорам (восемнадцатое напоминание) Sep 16 04:33 1
Offizielle Informanten der Kanäle DOTU.RU und KOB (17) Sep 16 04:18 1
Жаждущим анальной нежности (семнадцатое уведомление) Sep 16 04:10 1
Жаждущим анальной нежности (шестнадцатое уведомление) Sep 16 04:10 1
Важная информация! Активным пидорам (семнадцатое напоминание) Sep 16 03:50 1
Offizielle Informanten der Kanäle DOTU.RU und KOB (16) Sep 16 03:36 1
Важная информация! Активным пидорам (шестнадцатое напоминание) Sep 16 03:16 1
Offizielle Informanten der Kanäle DOTU.RU und KOB (15) Sep 16 02:56 1
Жаждущим анальной нежности (пятнадцатое уведомление) Sep 16 02:44 1
Offizielle Informanten der Kanäle DOTU.RU und KOB (14) Sep 16 02:29 1
Важная информация! Активным пидорам (пятнадцатое напоминание) Sep 16 02:28 1
Жаждущим анальной нежности (четырнадцатое уведомление) Sep 16 02:07 1
Важная информация! Активным пидорам (четырнадцатое напоминание) Sep 16 01:55 1
Offizielle Informanten der Kanäle DOTU.RU und KOB (13) Sep 16 01:35 1
Жаждущим анальной нежности (тринадцатое уведомление) Sep 16 01:28 1
Важная информация! Активным пидорам (тринадцатое напоминание) Sep 16 01:06 1
Жаждущим анальной нежности (двенадцатое уведомление) Sep 16 00:59 1
Offizielle Informanten der Kanäle DOTU.RU und KOB (12) Sep 16 00:52 1
Важная информация! Активным пидорам (двенадцатое напоминание) Sep 16 00:29 1
--- Farewell from the Star Wars GrafArchive --- Sep 16 00:27 1
Offizielle Informanten der Kanäle DOTU.RU und KOB (11) Sep 16 00:16 1
Жаждущим анальной нежности (одиннадцатое уведомление) Sep 16 00:05 1
Важная информация! Активным пидорам (одиннадцатое напоминание) Sep 15 23:44 1
Жаждущим анальной нежности (десятое уведомление) Sep 15 23:31 1
Offizielle Informanten der Kanäle DOTU.RU und KOB (10) Sep 15 23:30 1
Важная информация! Активным пидорам (девятое напоминание) Sep 15 23:15 1
Жаждущим анальной нежности (девятое уведомление) Sep 15 23:14 1
Offizielle Informanten der Kanäle DOTU.RU und KOB (9) Sep 15 23:13 1
Важная информация! Активным пидорам (десятое напоминание) Sep 15 23:03 1
Offizielle Informanten der Kanäle DOTU.RU und KOB (8) Sep 15 22:20 1
Жаждущим анальной нежности (восьмое уведомление) Sep 15 21:59 1
Важная информация! Активным пидорам (восьмое напоминание) Sep 15 21:41 1
Offizielle Informanten der Kanäle DOTU.RU und KOB (7) Sep 15 21:36 1
🙼🙼🙼🙼🙼🙼🙼🙼🙼🙼🙼🙼🙼🙼🙼 Sep 15 21:36 1
Жаждущим анальной нежности (седьмое уведомление) Sep 15 21:14 1
Важная информация! Активным пидорам (седьмое напоминание) Sep 15 21:07 1
Offizielle Informanten der Kanäle DOTU.RU und KOB (6) Sep 15 21:07 1
Жаждущим анальной нежности (шестое уведомление) Sep 15 20:34 1
Важная информация! Активным пидорам (шестое напоминание) Sep 15 20:32 1
Offizielle Informanten der Kanäle DOTU.RU und KOB (5) Sep 15 20:10 1
Жаждущим анальной нежности (пятое уведомление) Sep 15 20:02 1
Важная информация! Активным пидорам (пятое напоминание) Sep 15 19:43 1
Offizielle Informanten der Kanäle DOTU.RU und KOB (4) Sep 15 19:26 1
Жаждущим анальной нежности (четвертое уведомление) Sep 15 19:15 1
Важная информация! Активным пидорам (четвертое напоминание) Sep 15 19:04 1
Offizielle Informanten der Kanäle DOTU.RU und KOB (3) Sep 15 19:02 1
Жаждущим анальной нежности (третье уведомление) Sep 15 18:36 1
Важная информация! Активным пидорам (третье напоминание) Sep 15 18:26 1
Offizielle Informanten der Kanäle DOTU.RU und KOB (2) Sep 15 18:03 1
Offizielle Informanten der Kanäle DOTU.RU und KOB (1) Sep 15 17:41 1
Всем желающим получить свой первый анальный опыт (сорок восьмое напоминание) Sep 15 17:15 1
Профессионалам отсоса (сорок седьмое напоминание) Sep 15 17:03 1
Важно! Начинающим анальным долбильщикам (сорок седьмое напоминание) Sep 15 16:45 1
???UNSURE??? Re: Raise Proof of Work Sep 15 16:42 5
Всем желающим получить свой первый анальный опыт (сорок седьмое напоминание) Sep 15 16:31 1
Профессионалам отсоса (сорок шестое напоминание) Sep 15 16:17 1
Важно! Начинающим анальным долбильщикам (сорок шестое напоминание) Sep 15 15:55 1
Всем желающим получить свой первый анальный опыт (сорок шестое напоминание) Sep 15 15:40 1
Профессионалам отсоса (сорок пятое напоминание) Sep 15 15:33 1
Важно! Начинающим анальным долбильщикам (сорок пятое напоминание) Sep 15 15:14 1
Всем желающим получить свой первый анальный опыт (сорок пятое напоминание) Sep 15 15:12 1
Профессионалам отсоса (сорок четвертое напоминание) Sep 15 14:45 1
Важно! Начинающим анальным долбильщикам (сорок четвертое напоминание) Sep 15 14:34 1
Всем желающим получить свой первый анальный опыт (сорок четвертое напоминание) Sep 15 14:23 1
Профессионалам отсоса (сорок первое напоминание) Sep 15 14:11 1
Профессионалам отсоса (сорок третье напоминание) Sep 15 14:11 1
Важно! Начинающим анальным долбильщикам (сорок третье напоминание) Sep 15 14:01 1
Всем желающим получить свой первый анальный опыт (сорок третье напоминание) Sep 15 13:37 1
Профессионалам отсоса (сорок второе напоминание) Sep 15 13:24 1
Важно! Начинающим анальным долбильщикам (сорок второе напоминание) Sep 15 13:10 1
Всем желающим получить свой первый анальный опыт (сорок второе напоминание) Sep 15 13:07 1
Важно! Начинающим анальным долбильщикам (сорок первое напоминание) Sep 15 12:36 1
Всем желающим получить свой первый анальный опыт (сорок первое напоминание) Sep 15 12:18 1
Профессионалам отсоса (тридцать седьмое напоминание) Sep 15 11:57 1
Важно! Начинающим анальным долбильщикам (тридцать девятое напоминание) Sep 15 11:57 1
Всем желающим получить свой первый анальный опыт (тридцать девятое напоминание) Sep 15 11:54 1
Профессионалам отсоса (тридцать восьмое напоминание) Sep 15 11:08 1
Важно! Начинающим анальным долбильщикам (тридцать восьмое напоминание) Sep 15 11:02 1
Всем желающим получить свой первый анальный опыт (тридцать восьмое напоминание) Sep 15 10:40 1