___                  . .                            .  
    /   \                 |_|_                    o     _|_ 
   / O O \      .,-.  .-. | |  .-. .--..-.. .-.   .  .--.|  
  |   O   |     |   )(   )| | (.-' |  (   |(.-'   |  `--.|  
, |       | ,   |`-'  `-' `-`-'`--''   `-`| `--'-' `-`--'`-'
 \/(     )\/    |                      ._.'                 
  | )   ( |     ' th3 p0lt3rg31st squ4dr0n: p0ss3ss1ng b14tchz n34r j00
  |(     )|
  ||   | |'     Say it's the leaves, the way they rustle.
  `|   | |          Say it's a shadow, the scraping of a stick.
   |   | |              Childhood friends, dead and buried
   |   /-'                  they're out there now, small ghosts
   |_.'                         who never knew when enough was enough...

....... ...CEILING.. ...GHOST...... ..IS.. ......... ......... ......... ......
.. ......... ......... ......... ......... WATCHING..YOU....SELLING OUT........

                One who ran into a car, one who tripped
                on a stone and fell on a stick that poked
                through his heart. Lost and forgotten,
                they've gone into the world to become
                the snap of a branch, the skittering
                of leaves. What are they whispering?
                It's late and it's cold. THEY WANT TO COME IN...

 o.O MERRY CHRISTMAS... o.O   4nd unh4ppy 2008!       . . . .
                                                      ,`,`,`,`,
     Kevin Mitnick               . . . .               `\`\`\`\;
                                `\`\`\`\`,            ~|;!;!;\!
  Nate Lawson                    ~\;\;\;\|\          (--,!!!~`!       .
                                 (--,\\\===~\         (--,|||~`!     ./
    Pedtko D. Petkov              (--,\\\===~\         `,-,~,=,:. _,//
                                   (--,\\\==~`\        ~-=~-.---|\;/J,
      Tom Ferris                    ( --,\\\((```==.    ~'`~/       a |
                                      (-,.\\('('(`\\.  ~'=~|     \_.  \
    Thomas Ptacek                       (,--(,(,(,'\\. ~'=|       \\_;>
                                         (,-( ,(,(,;\\ ~=/        \
       OWASP                             (,-/ (.(.(,;\\,/          )
                                           (,--/,;,;,;,\\         ./------.
    Kurt Seifreid                            (==,-;-'`;'         /_,----`. \
                                     ,.--_,__.-'                    `--.  ` \
      Alan Shimel                   (='~-_,--/        ,       ,!,___--. \  \_)
                                   (-/~(     |         \   ,_-         | ) /_|
    Still(in)Secure                 (~/((\    )\._,      |-'         _,/ /
                                    \\))))  /   ./~.    |            \_\;
    Security Bloggers Network    ,__/////  /   /    )  /
                                  '===~'   |  |    (, <.
        Core Security                      / /       \. \  P0W3R3DBY4N4RMY
                                         _/ /          \_\  0FFUCK1NUN1K0RNZ
        ... AND YOU!                    /_!/            >_\

....... ........... .............. ...... ......... ......... ......... .......
Ho fucking ho, ho fucking ho, fuckin ho, fuckin ho, fuckin ho, fuckin ho ho ho!
....... ....OUT....TO....GET...JOO.... ...... .................. ......... ....

    "The whole IT security industry is an accident -- an artifact of how the
    computer industry developed." Bruce Schneier

o.Oo.O 1. THE HIT LIST: "R1d1n j00 Yah00"

    The Judge for Security Sellout Crimes hereby wages war against:

       |/| Tom Ferris                   @ adobe.com security-protocols.com
       |/| Matasano LLC                 @ matasano.com sockpuppet.org
       |/| Nate Lawson                  @ rootlabs.com
       |/| Joanna Rutkowska             @ trannyvideos.com
       |/| Petko D. Petkov              @ googlemail.com gnucitizen.org
       |/| Matt Richard                 @ idefense.com
       |/| /\) Toralv Dirro             @ mcafee.com AVERT Labs
       |/|/\/ Dan Kaminsky              @ ioactive.com arkham.wstn.ioactive.com
       |/|\/ Dror Shalev                @ sec.drorshalev.com
      (\\\) Dragos Riuiu                @ gaysecwest.com
      (\\\) Thorsten Holz               @ honeynet.org mwcollect.org
      (\\\) Andre Protas                @ eeye.com mwcollect.org (IDA leaker)
      (\\\) Gadi Evron                  @ linuxbox.org kosherobese.org
      (\\\) Valdis Kletnieks            @ vt.edu & his alcoholic mother
      /\\/\ Robert Lemos                @ securityfocus.com
     / ,^./\ Ryan Naraine               @ zdnet.com gmail.com
    / /   \/\ Beyond Security           @ Isreal, Gadi's bitch tits
   / /     \/\ SecReview                @ blogspot.com (gay reviews)
  ( (       )/) Juha-Matti Laurio       @ netti.fi & Isreal (blog moron)
  | |       |/| Sergio Alvarez          @ gmail.com nruns.com (AV rapist)
  | |  DIE  |/| Theo de Raadt           @ cvs.openbsd.org gaydate.com
  | |       |/| Alan Shimel             @ yahoo.com stillsecure.com
  ( (       )/) Lance M. Havok          @ dumb.lame.idiot.pl
   \ \     / / kingcope/kcope           @ gmx.net lame.idiot.de
    \ `---' / Jennifer Granick          @ whitefat.defender.lame
     `-----' David Maynor               @ gmail.com erratasec.com apple.com
            Andrew Cushman              @ microsoft.com gossip.sec

    On 4 l0ng 3n0f t1m3l1n3, th3 surv1v4l r4t3 f0 3v3ry0n3 dr0pz t0 z3r0.
    Th4t t1m3l1n3 3ndz 0n Xm4z 2007. G3t r34dy f0 t3 fuck1n rucku5.
    B14tch3z b3 g3tt1n r41d3d... 4bd1c8 or b3 n3zt 1n l1n3!

W3 4r3 v3rrry pr0ud 0f 0ur fr31ndz 4t Core Security f0r th3 Theo de Raadt
hum1l14t10n, y3t y0 4r3 s3ll1ng 0ut t00 m|_|ch. D0n b3 l4m3 thx!

...............................................................................
o.Oo.O 2. PETKO D. PETKOV EXPOSED: STUP1D INZ1D3, ARROG4NT OUTS1D3

W007 f1rz7 1n l1n3 1z Petko D. Petkov, pdp, th3 1337 wh1t3h47: l3tz z33 s0m
m41lz fr0m h1z m41lb0z (h4s b4ckup s1nc3 2005! uz3l3z h34d3rz ztr1p3d):

Delivered-To: pdp.gnucitizen@gmail.com
Received: by 10.35.34.18 with SMTP id m18cs29927pyj;
        Fri, 24 Mar 2006 11:24:20 -0800 (PST)
Received: by 10.65.181.7 with SMTP id i7mr885419qbp;
        Fri, 24 Mar 2006 11:24:00 -0800 (PST)
Return-Path: <full-disclosure-bounces@lists.grok.org.uk>
Received: from lists.grok.org.uk (lists.grok.org.uk [195.184.125.51])
        by mx.gmail.com with ESMTP id f15si768247qba.2006.03.24.11.23.48;
        Fri, 24 Mar 2006 11:24:00 -0800 (PST)
designates 195.184.125.51 as permitted sender)
Received: from lists.grok.org.uk (localhost [127.0.0.1])
        by lists.grok.org.uk (Postfix) with ESMTP id 30966F93;
        Fri, 24 Mar 2006 19:19:43 +0000 (GMT)
X-Original-To: full-disclosure@lists.grok.org.uk
Delivered-To: full-disclosure@lists.grok.org.uk
Received: from mail.atlasvanlines.ca (unknown [66.207.102.26])
        by lists.grok.org.uk (Postfix) with ESMTP id 439D01F2
        for <full-disclosure@lists.grok.org.uk>;
        Fri, 24 Mar 2006 14:53:15 +0000 (GMT)
Date: Fri, 24 Mar 2006 09:53:57 -0500
Message-ID: <517427E78F20CF4DB817BEB8504B002B013E69A9@mail.atlasvanlines.ca>
From: "Andrew Florjancic" <aflorjancic@atlasvanlines.ca>
To: "Theo de Raadt" <deraadt@cvs.openbsd.org>, "Gadi Evron" <ge@linuxbox.org>
Cc: full-disclosure@lists.grok.org.uk, bugtraq@securityfocus.com
Subject: [Full-disclosure] RE: SendGate: Sendmail Multiple Vulnerabilities
        (Race Condition DoS, Memory Jumps, Integer Overflow) 
Sender: full-disclosure-bounces@lists.grok.org.uk

Finally PEOPLE speak the TRUTH!!!! Well said!!=20

-----Original Message-----
From: Theo de Raadt [mailto:deraadt@cvs.openbsd.org]=20
Sent: Thursday, March 23, 2006 9:52 PM
To: Gadi Evron
Cc: bugtraq@securityfocus.com; full-disclosure@lists.grok.org.uk
Subject: Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition
DoS, Memory Jumps, Integer Overflow)=20

> Sendmail is, as we know, the most used daemon for SMTP in the world.=20
> This is an International Infrastructure vulnerability and should have=20
> been treated that way. It wasn't. It was handled not only poorly, but=20
> irresponsibly.

You would probably expect me to the be last person to say that Sendmail
is perfectly within their rights.  I have had a lot of problems with
what they are doing.

But what did you pay for Sendmail?  Was it a dollar, or was it more?
Let me guess.  It was much less than a dollar.  I bet you paid nothing.

So does anyone owe you anything, let alone a particular process which
you demand with such length?

Now, the same holds true with OpenSSH.  I'll tell you what.  If there is
ever a security problem (again :) in OpenSSH we will disclose it exactly
like we want, and in no other way, and quite frankly since noone has
ever paid a cent for it's development they have nothing they can say
about it.

Dear non-paying user -- please remember your place.

Or run something else.

OK?

Luckily within a few months you will be able to tell Sendmail how to
disclose their bugs because their next version is going to come out with
a much more commercial licence.  Then you can pay for it, and then you
can complain too.

    w007!  w007!  w007!  w007!  w007!  w007! G4D1 VS. TH30!!?????
                International Infrastructure vulnerability
                        DANGER DANGER DANGER DANGER
                           strcpy(burger,gadi);

Delivered-To: pdp.gnucitizen@gmail.com
Received: by 10.90.50.9 with SMTP id x9cs508025agx;
        Thu, 28 Jun 2007 07:09:33 -0700 (PDT)
Received: by 10.100.195.10 with SMTP id s10mr1111608anf.1183039772787;
        Thu, 28 Jun 2007 07:09:32 -0700 (PDT)
Return-Path: <david.kierznowski@gmail.com>
Received: from wr-out-0506.google.com (wr-out-0506.google.com [64.233.184.237])
        by mx.google.com with ESMTP id c4si9154299anc.2007.06.28.07.09.31;
        Thu, 28 Jun 2007 07:09:32 -0700 (PDT)
Received: by wr-out-0506.google.com with SMTP id i4so569430wra
        for <pdp.gnucitizen@googlemail.com>; Thu, 28 Jun 2007 07:09:31 -0700 (PDT)
Received: by 10.90.119.15 with SMTP id r15mr1685038agc.1183039771473;
        Thu, 28 Jun 2007 07:09:31 -0700 (PDT)
Received: by 10.90.104.12 with HTTP; Thu, 28 Jun 2007 07:09:31 -0700 (PDT)
Message-ID: <f4cd4c010706280709o25bec985kf7393272444d0cbd@mail.gmail.com>
Date: Thu, 28 Jun 2007 15:09:31 +0100
From: "David Kierznowski" <david.kierznowski@gmail.com>
To: "pdp (architect)" <pdp.gnucitizen@googlemail.com>
Subject: Re: blog security
In-Reply-To: <6905b1570706280658h2eb21bc4pe03528ef085c9af3@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; 
	boundary="----=_Part_44034_2752723.1183039771445"
References: <6905b1570706280625p48ff650blab35a5d471fcb8ad@mail.gmail.com>
	 <f4cd4c010706280630p3a5d517dyb6658d4323b4bc2e@mail.gmail.com>
	 <6905b1570706280658h2eb21bc4pe03528ef085c9af3@mail.gmail.com>

------=_Part_44034_2752723.1183039771445
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Let me think on it...

On 28/06/07, pdp (architect) <pdp.gnucitizen@googlemail.com> wrote:
>
> I am in winterflood ... do you like the idea of microblogging...
>
> I was thinking that we could have to types of blogs on gnucitizen...
> the standard one.. which is what we have atm and a micro blog which is
> actually another category called microblog which contains messages and
> interesting info but in very all in all very short format.
>
> what do u think... cuz guys, I don't know how they doit but guys like
> 0x000000 have more trafic ranking acording to alexa then us and rsnake
> is the king of the hill.... we need to truely combine forces and get
> them out from the top place... but we need to layout an attack...
> startey...
>
> any ideas?
>
> On 6/28/07, David Kierznowski <david.kierznowski@gmail.com> wrote:
> > Lets catch up tomorrow so we can plan the move and format and I have a
> > couple of other ideas around the project that I can fill you in on.
> >
> > Hows L2012?
> >
> > David
> >
> >
> > On 28/06/07, pdp (architect) <pdp.gnucitizen@googlemail.com> wrote:
> > > what's up
> > > we need to start thinking how we are going to move blogsecurity to
> > > gnucitizen. Do you mind if we follow the same theme... that will be
> > > the easiest way to do it. I have some cool ideas about how to graph
> > > the wp-scanner results via Flex.
> > > --
> > > pdp (architect) | petko d. petkov
> > > http://www.gnucitizen.org
> > >
> >
> >
>
>
> --
> pdp (architect) | petko d. petkov
> http://www.gnucitizen.org
>

    ALERT ALERT ALERT ALERT ALERT ALERT ALERT ALERT ALERT ALERT ALERT ALERT
    PDP & D4V1D K13RZ0ZKI W4NT TOP R4NKZ ON G0000GL3 4ND 4L3X4. Z0 TH31R 4DZ
    G3T M0R3 M0N3YZ!!11!!!1 RSNAKE FEAR! truely! PDP 1Z ZT1LL PL4NN1NG 4TT4CK!

Received: by 10.35.48.16 with HTTP; Sun, 3 Sep 2006 03:12:54 -0700 (PDT)
Message-ID: <6905b1570609030312n76367496p61debdbf3215ec09@mail.gmail.com>
Date: Sun, 3 Sep 2006 11:12:54 +0100
From: "pdp (architect)" <pdp.gnucitizen@googlemail.com>
To: pagvac <unknown.pentester@gmail.com>
Subject: have a look
MIME-Version: 1.0
Content-Type: multipart/mixed; 
	boundary="----=_Part_28854_31891556.1157278374496"
Delivered-To: pdp.gnucitizen@gmail.com

------=_Part_28854_31891556.1157278374496
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

hei, man
here is something that I wrote yesterday night. Can you have a look
through it and tell me what you think. I will put it on my blog but I
have some reservations so I need advice from true friend. If it is
lame, just tell me. :) Thanks man. Check the attachment.

-- 
pdp (architect)
http://www.gnucitizen.org

------=_Part_28854_31891556.1157278374496
Content-Type: application/vnd.oasis.opendocument.text; 
	name="Backdooring Flash Objects.odt"
Content-Transfer-Encoding: base64
X-Attachment-Id: f_ern9mek7
Content-Disposition: attachment; filename="Backdooring Flash Objects.odt"
L4M3 4TT4CHM3NT...
------=_Part_28854_31891556.1157278374496--

    PDP Y0 D0NT N33D T0 M41L UR H4CK3R FR31NDS T0 4SK 1F 1TZ L4M3! L34V3
    TH3 3M41L S0 THE GH0ZTZ C4N Z33 1T. 1ND33D, 1TZ L4M3. BUT Y0 P0ZT3D
    1T!!?? Th4nkz

From: "pdp (architect)" <pdp.gnucitizen@googlemail.com>
To: pagvac <unknown.pentester@gmail.com>
Subject: Re: have a look
In-Reply-To: <b7a807650609041500r5e5f067ah6541a7612b63b80a@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <6905b1570609030312n76367496p61debdbf3215ec09@mail.gmail.com>
	 <b7a807650609041500r5e5f067ah6541a7612b63b80a@mail.gmail.com>
Delivered-To: pdp.gnucitizen@gmail.com

well, :) too late... it is up now. The modified version is on
http://www.gnucitizen.org.
I am also working on some other cool stuff that you may find extremely
interesting.

On 9/4/06, pagvac <unknown.pentester@gmail.com> wrote:
> i like it, but a bit too heavy for my taste. it feels too long. my
> mind was only able to read about 60% of it. of course, this is just my
> opinion, so you shouldn't take it as the absolute truth ;-)
>
> if it took u testing X number of tools until u made it work u could
> have just said that in one line and then go straight to examples using
> the tool that finally worked. people like practical and quick things
> (again this is my opion).
>
> other than that, interesting topic (backdooring a flash file).
>
> On 9/3/06, pdp (architect) <pdp.gnucitizen@googlemail.com> wrote:
> > hei, man
> > here is something that I wrote yesterday night. Can you have a look
> > through it and tell me what you think. I will put it on my blog but I
> > have some reservations so I need advice from true friend. If it is
> > lame, just tell me. :) Thanks man. Check the attachment.
> >
> > --
> > pdp (architect)
> > http://www.gnucitizen.org
> >
> >
> >
>
>
> --
> pagvac
> [http://ikwt.com/]
>

-- 
pdp (architect)
http://www.gnucitizen.org

        N0W Y0R R34D3RZ C4N F1ND G00D PDP 0D4Y H3R3 T00. 4ND Y0 H4V3 FR33
        3M41L B4CKUPZ! HEHEHEHEHEHEHEHEHE

Date: Tue, 5 Sep 2006 17:38:48 +0100
From: "pdp (architect)" <pdp.gnucitizen@googlemail.com>
To: pagvac <unknown.pentester@gmail.com>
Subject: Re: have a look
In-Reply-To: <b7a807650609050859r23e3aa5x8364f48dfe224ea7@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <6905b1570609030312n76367496p61debdbf3215ec09@mail.gmail.com>
	 <b7a807650609041500r5e5f067ah6541a7612b63b80a@mail.gmail.com>
	 <6905b1570609050555s1be2e41eu1b4953cfe76dd2f1@mail.gmail.com>
	 <b7a807650609050859r23e3aa5x8364f48dfe224ea7@mail.gmail.com>
Delivered-To: pdp.gnucitizen@gmail.com

don't get you man

On 9/5/06, pagvac <unknown.pentester@gmail.com> wrote:
> On 9/5/06, pdp (architect) <pdp.gnucitizen@googlemail.com> wrote:
> > well, :) too late... it is up now. The modified version is on
> > http://www.gnucitizen.org.
> > I am also working on some other cool stuff that you may find extremely
> > interesting.
>
> "extremely interesting" tells me nothing unless you tell me what
> exactly you're talking about ;-D

PDP.... YO N33D T0 3ZPL41N TH1NGZ S0 P30PL3S D0NT TH1NK Y0 4R3 T4LK1NG BULLSH1TZ

Received: by 10.35.48.16 with HTTP; Tue, 5 Sep 2006 13:26:57 -0700 (PDT)
Message-ID: <6905b1570609051326q30d18acfn6669efc78d2a5d9c@mail.gmail.com>
Date: Tue, 5 Sep 2006 21:26:58 +0100
From: "pdp (architect)" <pdp.gnucitizen@googlemail.com>
To: pagvac <unknown.pentester@gmail.com>
Subject: Re: have a look
In-Reply-To: <b7a807650609051155q76da4047j36d423bf442fcc94@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <6905b1570609030312n76367496p61debdbf3215ec09@mail.gmail.com>
	 <b7a807650609041500r5e5f067ah6541a7612b63b80a@mail.gmail.com>
	 <6905b1570609050555s1be2e41eu1b4953cfe76dd2f1@mail.gmail.com>
	 <b7a807650609050859r23e3aa5x8364f48dfe224ea7@mail.gmail.com>
	 <6905b1570609050938l4f6c6a0fqe8826f2165f921ef@mail.gmail.com>
	 <b7a807650609051155q76da4047j36d423bf442fcc94@mail.gmail.com>
Delivered-To: pdp.gnucitizen@gmail.com

ieh, but sometimes I want it to be a surprise ;-)

On 9/5/06, pagvac <unknown.pentester@gmail.com> wrote:
> On 9/5/06, pdp (architect) <pdp.gnucitizen@googlemail.com> wrote:
> > don't get you man
>
> sorry, I'm tired. basically all I'm saying is that why tell me u're
> working on something interesting if you dont tell me what it is?!!!
> it'll only be interesting if i know what it is - you know what i mean
> ;-)
>
> u know me, im curious. do always tell me what ure working on!

 PDP.... M41L DISCL0ZUR3 SURP1Z3! H4PPY XM4Z HEHEHEHE W3 4R3 V3RY CUR10UZ T00

Received: by 10.35.48.16 with HTTP; Tue, 5 Sep 2006 18:07:02 -0700 (PDT)
Message-ID: <6905b1570609051807n5fef365epe9cdf3928c44868d@mail.gmail.com>
Date: Wed, 6 Sep 2006 02:07:02 +0100
From: "pdp (architect)" <pdp.gnucitizen@googlemail.com>
To: pagvac <unknown.pentester@gmail.com>
Subject: Re: have a look
In-Reply-To: <6905b1570609051326q30d18acfn6669efc78d2a5d9c@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <6905b1570609030312n76367496p61debdbf3215ec09@mail.gmail.com>
	 <b7a807650609041500r5e5f067ah6541a7612b63b80a@mail.gmail.com>
	 <6905b1570609050555s1be2e41eu1b4953cfe76dd2f1@mail.gmail.com>
	 <b7a807650609050859r23e3aa5x8364f48dfe224ea7@mail.gmail.com>
	 <6905b1570609050938l4f6c6a0fqe8826f2165f921ef@mail.gmail.com>
	 <b7a807650609051155q76da4047j36d423bf442fcc94@mail.gmail.com>
	 <6905b1570609051326q30d18acfn6669efc78d2a5d9c@mail.gmail.com>
Delivered-To: pdp.gnucitizen@gmail.com

so, you can check my new baby on my website :)

On 9/5/06, pdp (architect) <pdp.gnucitizen@googlemail.com> wrote:
> ieh, but sometimes I want it to be a surprise ;-)
>

 (S0, Y0U C4N CH3CK PDP EM41LZ ON 1NT3RN3TS) HEHEHEHEHEHE

Delivered-To: pdp.gnucitizen@gmail.com
Received: by 10.35.48.16 with SMTP id a16cs7553pyk;
        Mon, 4 Sep 2006 04:36:36 -0700 (PDT)
Received: by 10.35.39.2 with SMTP id r2mr9977768pyj;
        Mon, 04 Sep 2006 04:36:36 -0700 (PDT)
Return-Path: <petko.petkov@nta-monitor.com>
Received: from mercury.nta-monitor.com (dsl-62-3-105-225.zen.co.uk [62.3.105.225])
        by mx.gmail.com with ESMTP id v53si5193691pyv.2006.09.04.04.36.35;
        Mon, 04 Sep 2006 04:36:36 -0700 (PDT)
Received: from [192.168.124.33] (petko.nta-monitor.com [192.168.124.33])
	by mercury.nta-monitor.com (8.13.4/8.13.4/Debian-3sarge1) with ESMTP id k84BaY5G005589
	for <pdp.gnucitizen@gmail.com>; Mon, 4 Sep 2006 12:36:34 +0100
Message-ID: <44FC0FC2.7020006@nta-monitor.com>
Date: Mon, 04 Sep 2006 12:36:34 +0100
From: Petko Petkov <petko.petkov@nta-monitor.com>
User-Agent: Thunderbird 1.5.0.5 (Windows/20060719)
MIME-Version: 1.0
To: pdp.gnucitizen@gmail.com
Subject: good start
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Scanned-By: MIMEDefang 2.51 on 192.168.124.1
X-Virus-Scanned: ClamAV 0.88.4/1795/Sun Sep  3 23:48:24 2006 on mercury.nta-monitor.com
X-Virus-Status: Clean

Web browser flaws are nothing new, but the professional crooks are 
finding new ways to combine these flaws into a system for turning a 
quick profit. This post describes an example of how one web site is 
combining system fingerprinting, browser vulnerabilities, email spam, 
fake web forums, and buggy PHP applications into an automated malware 
installation system.

good start !!!!

 !! ALERT ALERT  ALERT  ALERT  ALERT  ALERT  ALERT  ALERT  ALERT  ALERT  ALERT
 PDP H4Z PSYCH0 PR0BL3MZ H3 M41LZ H1MZ3LF. PL1Z N0T3 TH33Z:
 
 mercury.nta-monitor.com (8.13.4/8.13.4/Debian-3sarge1)  D3B14N 0WN3D L0L!
 petko.nta-monitor.com [192.168.124.33]                  N0 J4V4ZCR1PT P0RT SC4N
 dsl-62-3-105-225.zen.co.uk [62.3.105.225]               N33D3D! HEHEHEHE
 
 0KZ, TH4NKZ F0R TH3 H0M3 1P 4ND C0RP0R4T3 3M41LZ! HEHEHEHEHEHEHEHE
 PL1Z FB1 CH3CK TH4T 4DSL F0R CH1LD PR0N 4ND 1LL3G4L SH1TZ!!!!!!!!
 !! ALERT  ALERT  ALERT  ALERT  ALERT  ALERT  ALERT  ALERT  ALERT  ALERT  ALERT

Received: by 10.35.54.8 with HTTP; Sat, 13 May 2006 10:52:00 -0700 (PDT)
Message-ID: <6905b1570605131052y77364439yada2a7187ad03884@mail.gmail.com>
Date: Sat, 13 May 2006 18:52:00 +0100
From: "Petko Petkov" <pdp.gnucitizen@googlemail.com>
To: "Nabil c.nabil" <c.nabil@gmail.com>
Subject: Re: he pedko
In-Reply-To: <6905b1570605130259j60531db6q8ae2275e9abe42d3@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
References: <eaef2e580605120932o7e6a992ag767497fe4afd7b9@mail.gmail.com>
	 <6905b1570605130259j60531db6q8ae2275e9abe42d3@mail.gmail.com>
Delivered-To: pdp.gnucitizen@gmail.com

Nabil,

I will look for LC5 latter but I don't know if I will be able to find
it or even send it. The best thing to do is to get it from bittorent.
It will take you less than 10 minutes.

I can write the software for you but I don't have any details. If you
tell me where you want to login to, what username and password (this
is for testing when developing the application) you have to use and
what information you are looking for I will be able to help you.

Cheers man,
Speek to you soon.

On 5/13/06, Petko Petkov <pdp.gnucitizen@googlemail.com> wrote:
> man, I will play arround with it latter on and I will send you LC5 if
> I can dig it up from the pile of cds I have... cheers.
>
> On 5/12/06, Nabil c.nabil <c.nabil@gmail.com> wrote:
> > hi pedko
> >
> > i just need this favor,
> >
> > it s very simple, i need a software which according to the time of the
> > computer, for example it checks the system time, 10am, 10 of may 2006, =
log
> > in to a website with username and password, click on inbox, click on 1 =
st
> > email, retrieve email content, log out.
> >
> > then again, 11 may 2006, at 10 am, same steps,
> >
> > if it is too much just give some hints of how to do it the simplest way=
ok
> >
> > or otherswise you can send me the program with sourcecode u already mad=
e, i
> > try to understand a nd change it the way i want
> >
> > and plus, the lc5 software please
> >
> > thank you so much i know i always ask thos kind of favors
> >
> > you have to come, and probably, joseph will be here as well.
> >
> > i just so adrian, yesterday in the graduation ceremony
> >
> > it was nice
> >
> > so let me know if everything is ok
> >
> > thanks again
> >
> > nabil
> >
> >
> >
> >
> >
>

 ALERT: PETKO D. PETKOV 1Z A CR4CK3R 4ND B4D H4CK3R H3Z D01NG TR0J4NZ!

Received: by 10.35.48.16 with HTTP; Sun, 11 Jun 2006 07:19:20 -0700 (PDT)
Message-ID: <6905b1570606110719j61183a76sde7dde0aa05ea641@mail.gmail.com>
Date: Sun, 11 Jun 2006 15:19:20 +0100
From: "Petko Petkov" <pdp.gnucitizen@googlemail.com>
To: "Halvar Flake" <halvar@gmx.de>
Subject: Re: [Dailydave] Statistical distinguisher for compression algorithms ?
In-Reply-To: <017901c68bb8$75cb0300$c7b2a8c0@D1NQ6Z1J>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <017901c68bb8$75cb0300$c7b2a8c0@D1NQ6Z1J>
Delivered-To: pdp.gnucitizen@gmail.com

Well, I am not an exprert, however this is what I think:
If the data is actually a file, which is probably what you are looking
at the moment, you can save it as such and run some of these signature
tools; like 'file' for UN/LIN. It is lame and stupid I know. :)

On 6/9/06, Halvar Flake <halvar@gmx.de> wrote:
>
>
> Hey all,
>
> I ran into a small problem today: Given a stream of data that I suspect to
> be compressed with
> a well-known lossless compression algorithm, is there a way of deciding
> which algorithm that
> might be ?
>
> It appears to be such a common problem that somebody else (who understands
> something about
> statistics, which I don't) would've run into -- can somebody give me
> pointers to existing work on
> this perhabs ?
>
> Cheers,
> Halvar

 PDP H3LPZ H4LV4R G3N1UZ T0 4DD F1L3 ID T0 BINDIFF 1N J4V4
 TW0 0F TH3 B3ZT WH1T3H4TZ W0RK1NG T0G3TH3RZ F0R B3TT3R W0RLDZ!!
 L1K3 CLAMAV-SCAN | RM -RF / | ECHO HEHEHEHEHEHEHEHEHEHEHE

Received: by 10.35.48.16 with HTTP; Tue, 13 Jun 2006 01:39:04 -0700 (PDT)
Message-ID: <6905b1570606130139y13b27808mc9a922139dd3d914@mail.gmail.com>
Date: Tue, 13 Jun 2006 09:39:04 +0100
From: "pdp (architect)" <pdp.gnucitizen@googlemail.com>
To: RSnake <h@ckers.org>
Subject: Re: [Full-disclosure] Hotbot XSS vulnerability
In-Reply-To: <448DB7DD.1060704@ckers.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <448C92D7.5060309@ckers.org>
	 <6905b1570606120556l48509e82q7380d134bb11554d@mail.gmail.com>
	 <448DB7DD.1060704@ckers.org>
Delivered-To: pdp.gnucitizen@gmail.com

Yeh, javascript is amazing... I am quite interested in XSS worms. Did
you have a look on the latest yahoo worm. After myspace incident, it
is getting quite attractive way of compromising online accounts and
generating network activity which could lead to ddos.

cheers

On 6/12/06, RSnake <h@ckers.org> wrote:
>
>     Thanks!  I'm giving it my best shot - trying to document all the
> known vectors... of course I'm not enumerating them, but this is about
> as close as it gets without writing an application to do that.  Alas,
> I'm pretty hindered by what HTML and JavaScript can do.  :)
>
> pdp (architect) wrote:
> > I like your website dude... you have nice collection of XSS going on
> > there. Keep on comming with good stuff.
> >
> > cheers
> >
> > P.S. indeed, this hotbot XSS is quite funny.
> >
> > On 6/11/06, RSnake <h@ckers.org> wrote:
> >> There's a vulnerability in the way Hotbot parses text to display on the
> >> page during search results.  The description of the flaw is located
> >> here:  http://ha.ckers.org/blog/20060611/hotbot-xss-vulnerability/
> >>
> >> -RSnake
> >> Home: http://ha.ckers.org/
> >> RSS: http://ha.ckers.org/blog/feed/
> >>
> >> _______________________________________________
> >> Full-Disclosure - We believe in it.
> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> Hosted and sponsored by Secunia - http://secunia.com/
> >>
> >
> >
>
>


-- 
pdp (architect)
http://www.gnucitizen.org


 FULL-DICLOSURE: WE BELIEVE IN IT! HEHEHEHEHEHEHEHEHEHE (W1TH 3M41LZ!)
 0KZ, Z0 P3RTY XSS C0LL3CT10N! N0W Y0 C4N WR1T3 W0RMZ 4ND B4D SH1TZ!
 RSNAKE T34CH3Z MICROSOFT HOW TO H4CK 1N W3BZ W1TH J4V4SCR1P7!!!
 willey note: th3y s3cr3tly w4nt t0 ddos pr0n starz myspaces

Delivered-To: pdp.gnucitizen@gmail.com
Received: by 10.35.48.16 with SMTP id a16cs81080pyk;
        Mon, 19 Jun 2006 01:12:39 -0700 (PDT)
Received: by 10.49.28.14 with SMTP id f14mr5099255nfj;
        Mon, 19 Jun 2006 01:12:38 -0700 (PDT)
Return-Path: <Zone-H@zone-h.org>
Received: from zone-h.org (www.zone-h.org [213.219.122.11])
        by mx.gmail.com with ESMTP id p45si5399516nfa.2006.06.19.01.12.38;
        Mon, 19 Jun 2006 01:12:38 -0700 (PDT)
Received-SPF: pass (gmail.com: best guess record for domain of Zone-H@zone-h.org
designates 213.219.122.11 as permitted sender)
Received: from www.zone-h.org (localhost [127.0.0.1])
	by zone-h.org (Postfix) with ESMTP id 8A8C53D396
	for <pdp.gnucitizen@gmail.com>; Mon, 19 Jun 2006 11:13:05 +0300 (EEST)
Date: Mon, 19 Jun 2006 11:13:05 +0300
To: pdp.gnucitizen@gmail.com
From: Zone-H <Zone-H@zone-h.org>
Subject: Account details for pdp (architect) at www.zone-h.org
Message-ID: <8d0c69819c373a2249efda3fc0367609@www.zone-h.org>
X-Priority: 3
X-Mailer: PHPMailer [version 1.73]
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="iso-8859-1"

Hello pdp (architect),

Thank you for registering at www.zone-h.org. Your account is created and must be activated before you can use it.
To activate the account click on the following link or copy-paste it in your browser:
http://www.zone-h.org/index.php?option=com_registration&task=activate&activation=313f0d99f776607a892a7abf1874483b

After activation you may login to http://www.zone-h.org using the following username and password:

Username - pdp
Password - pe123_ter

 TH4NKZ PDP N0W C4N SUBM1T H1Z D3F4C3M3NTZ TO ZONE-H (N0W YOU C4N T00) HEHEHE

Received: by 10.35.48.16 with HTTP; Wed, 28 Jun 2006 07:18:45 -0700 (PDT)
Message-ID: <6905b1570606280718v46e1bd23q47c7a687607ba5e7@mail.gmail.com>
Date: Wed, 28 Jun 2006 15:18:45 +0100
From: "pdp (architect)" <pdp.gnucitizen@googlemail.com>
To: "Matthew Franz" <mdfranz@gmail.com>
Subject: Re: Jython Shell
In-Reply-To: <33acb3db0606280705s1a8d5b76m42493e5476791cb1@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <6905b1570606261323o5801bf6fn4225549238d8924c@mail.gmail.com>
	 <33acb3db0606272134w50f800e5v66c96ec84b70628c@mail.gmail.com>
	 <6905b1570606272311g7c459672n44d659b33a512cb9@mail.gmail.com>
	 <33acb3db0606280705s1a8d5b76m42493e5476791cb1@mail.gmail.com>
Delivered-To: pdp.gnucitizen@gmail.com

I will do that soon :) check my website in a week time or subscribe to the feed

cheers

On 6/28/06, Matthew Franz <mdfranz@gmail.com> wrote:
> Exactly, and for some of the stuff I've been using there were no
> Python APIs or the Java ones were much better :)
>
> Do you have the complete source/build instructions up anywhere?
>
> On 6/28/06, pdp (architect) <pdp.gnucitizen@googlemail.com> wrote:
> > I am happy that you like it... since java has so much good API, why
> > not reuse it?
> >
> > cheers
> >
> > On 6/28/06, Matthew Franz <mdfranz@gmail.com> wrote:
> > > This great, thanks for posting to dd!
> > >
> > > I too have gotten hooked on jython over the last few months.
> > >
> > > - mdf
> > >
> > > On 6/26/06, pdp (architect) <pdp.gnucitizen@googlemail.com> wrote:
> > > > In the last couple of days I've been doing some Java programming. :)
> > > > that was funny, anyway this is a simple jython shell that can run of
> > > > the browser. Of course in order to that you have to give jython some
> > > > extra privileges but this is not the point.
> > > >
> > > > The purpose of my little experiment is to make python a bit more
> > > > modular so I can run my scripts on every machine that has Java
> > > > installed (no Java Mobile unfortunately). I am also using the shell to
> > > > code python on the fly which is sometimes very handy.
> > > >
> > > > Now, some people may ask why a tool like this is posted on security
> > > > mail lists. Well, I guess you don't know python. IMHO python can come
> > > > very handy if you know it. It saved the day many times in my
> > > > professional career.
> > > >
> > > > If you have any problems with the applet bash me an email. I am kind
> > > > of constantly improving it. I am also building a small collection of
> > > > security related scripts that will come as a module which you guys can
> > > > execute whenever you need.
> > > >
> > > > thanks.
> > > >
> > > > P.S. btw, this is the URL <http://www.gnucitizen.org/projects/jython-shell/>
> > > >
> > > > --
> > > > pdp (architect)
> > > > http://www.gnucitizen.org
> > > >
> > > > -------------------------------------------------------------------------
> > > > Sponsored by: Watchfire
> > > >
> > > > As web applications become increasingly complex, tremendous amounts of
> > > > sensitive data - personal, medical and financial - are exchanged, and
> > > > stored. Consumers expect and demand security for this information. This
> > > > whitepaper examines a few vulnerability detection methods - specifically
> > > > comparing and contrasting manual penetration testing with automated
> > > > scanning tools. Download "Automated Scanning or Manual Penetration
> > > > Testing?" today!
> > > >
> > > > https://www.watchfire.com/securearea/whitepapers.aspx?id=701300000008BOQ
> > > > --------------------------------------------------------------------------
> > > >
> > > >
> > >
> > >
> > > --
> > > Matthew Franz
> > > http://www.threatmind.net
> > >
> >
> >
> > --
> > pdp (architect)
> > http://www.gnucitizen.org
> >
>
>
> --
> Matthew Franz
> http://www.threatmind.net
>


-- 
pdp (architect)
http://www.gnucitizen.org

    ALERT ALERT ALERT ALERT ALERT ALERT ALERT ALERT ALERT ALERT ALERT ALERT
    MDFRANZ MDFRANZ MDFRANZ MDFRANZ MDFRANZ CISCO MDFRANZ MDFRANZ MDFRANZ
    pdp f1ndz j4v4 funny!
    
    'It saved the day many times in my professional career.' Petko D. Petkov
    (t4lk1ng 0n Pyth0n 0r cr0ss l1s7 p0st1ngz (CLP) ???????) hehehehe

    To: full-disclosure@lists.grok.org.uk, dailydave@lists.immunitysec.com, 
    pen-test@securityfocus.com, webappsec@securityfocus.com, P0LT3RG31S7@PDP
    
Date: Tue, 27 Jun 2006 16:04:32 +0100
From: "pdp (architect)" <pdp.gnucitizen@googlemail.com>
To: unknown.pentester@gmail.com
Subject: bug me free
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Delivered-To: pdp.gnucitizen@gmail.com

man you are like ghost... people cannot find you... what's going on man

:) anyway I am completely bored that's why I am bugging you

-- 
pdp (architect)
http://www.gnucitizen.org

    HE HE HE HE HE HE 'man you are like ghost' HE HE HE HE HE HE!

Received: by 10.35.48.16 with HTTP; Tue, 27 Jun 2006 08:38:21 -0700 (PDT)
Message-ID: <6905b1570606270838pdb45090w2074401762c05f1c@mail.gmail.com>
Date: Tue, 27 Jun 2006 16:38:21 +0100
From: "pdp (architect)" <pdp.gnucitizen@googlemail.com>
To: pagvacito <unknown.pentester@gmail.com>
Subject: Re: bug me free
In-Reply-To: <b7a807650606270836w1d48e1f7oc82a4b8fdb43521f@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <6905b1570606270804w5b77200bn9db69000432a160c@mail.gmail.com>
	 <b7a807650606270823s3f992187n7a2066f2a2339b89@mail.gmail.com>
	 <6905b1570606270830m1097af4dhdc5273c62d1b1ba8@mail.gmail.com>
	 <b7a807650606270836w1d48e1f7oc82a4b8fdb43521f@mail.gmail.com>
Delivered-To: pdp.gnucitizen@gmail.com

sure... 700 m4ny 53(r375

On 6/27/06, pagvacito <unknown.pentester@gmail.com> wrote:
> I'll tell you more about the PPTP thing in person or via PGP
>
> On 6/27/06, pdp (architect) <pdp.gnucitizen@googlemail.com> wrote:
> > man... sometimes I cannot follow your thought :) you are so random man.
> >
> > everything sounds good. it seems that you have a lot of fun. cool stuff man.
> >
> > I am not sure if I will be able to come to london tonight but
> > definitely I would like to do something some day.
> >
> > Today I released my JythonShell and posted my website on a couple of
> > places. :) on the other side nothing interesting is happening. Tell me
> > a bit more about your PPTP thing. It sounds interesting
> >
> > On 6/27/06, pagvacito <unknown.pentester@gmail.com> wrote:
> > > Check this out man, unbelievable:
> > >
> > > http://www.youtube.com/watch?v=9QuMASPj6Fg&search=new%20coke%20and%20mentos
> > >
> > > I'm watching Spain VS France tonight at a pub in London, you should
> > > come! I might also be meeting Shawn on Friday so join us if you want!
> > > He got an internship for Summer in a company located near the Saint
> > > Paul station. Monsy is also working as a Barrista for the Costa coffee
> > > shop in Bromley. the cool thing is that she gets free coffees and
> > > sandwiches!
> > >
> > > I've just been playing around lately, doing vulnerability research and
> > > also a wardrive survey in the London area for Procheckup. listen, we
> > > found APs with the encryption key set as the SSID! do u understand?!!
> > > the ssid were 32 hex values (128 bits - sounds familiar? like 128
> > > keys). the SSIDs looked something like \021\043\12\033 etc...
> > >
> > > other highlights is an onsite test for 3 days in Dublin for next
> > > month, so I'm looking forward to that.
> > >
> > > other than that, ive been walking around london, making weird noises
> > > in the office :-) and did my first VPN PPTP hack:
> > >
> > > vulnerable VNC 4.11 (auth bypass) -> local administrator account with
> > > no password -> hushes from DC -> come back via VPN PPTP
> > >
> > > why set up a backdoor when PPTP is there for you and you have all the
> > > usernames and passwords? PPTP is the backdoor!!!!
> > >
> > >
> > >
> > > On 6/27/06, pdp (architect) <pdp.gnucitizen@googlemail.com> wrote:
> > > > man you are like ghost... people cannot find you... what's going on man
> > > >
> > > > :) anyway I am completely bored that's why I am bugging you
> > > >
> > > > --
> > > > pdp (architect)
> > > > http://www.gnucitizen.org
> > > >
> > >
> > >
> > > --
> > > pagvac
> > > [http://ikwt.com]
> > >
> >
> >
> > --
> > pdp (architect)
> > http://www.gnucitizen.org
> >
>
>
> --
> pagvac
> [http://ikwt.com]
>


-- 
pdp (architect)
http://www.gnucitizen.org

    ALERT ALERT EMPLOYER ALERT ALERT ALERT ALERT ALERT ALERT 700 m4ny 53(r375
    ALERT ALERT EMPLOYER ALERT ALERT ALERT ALERT ALERT ALERT 700 m4ny 53(r375
    ALERT ALERT EMPLOYER ALERT ALERT ALERT ALERT ALERT ALERT 700 m4ny 53(r375
    ALERT ALERT EMPLOYER ALERT ALERT ALERT ALERT ALERT ALERT 700 m4ny 53(r375
    
    PDP 1N D4 UK D01NG W4RDR1V1NG????? TH4TZ N0T L3G4L
    PDP 1Z G1V1NG 1NF0Z 0N H1Z J0B TO P30PL3Z? PL34S3 PDP'S 3MPL0Y3R, D1D TH1Z
    GUY S1GN ND4 AGR33M3NTZ? N0t s0 pr0 0f y0u PDP!

> > > vulnerable VNC 4.11 (auth bypass) -> local administrator account with
> > > no password -> hushes from DC -> come back via VPN PPTP

   PL1Z SC0TL4ND Y4RD, TH4NK UZ F0R PR0V1D1NG 3V1D3NZ3 0F H4CKZ BY PDP 4ND H1Z
   G4NG

Message-ID: <6905b1570607100921x12c9741di11eaa499eb1cb55d@mail.gmail.com>
Date: Mon, 10 Jul 2006 17:21:26 +0100
From: "pdp (architect)" <pdp.gnucitizen@googlemail.com>
To: unknown.pentester@gmail.com
Subject: some words
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Delivered-To: pdp.gnucitizen@gmail.com

hei man, I might need to leave the country in a couple of days... I
don't know. If everything is fine I could stay a bit more. There are
some complications around my visa. I just wanted to let you know and I
will speak to you soon.

cheers

-- 
pdp (architect)
http://www.gnucitizen.org

  ALERT ALERT ALERT ALERT ALERT ALERT ALERT! PDP ESCAPES UNITED KINGDOM!
  C4LL SCOTL4ND Y4RD!  C4LL SCOTL4ND Y4RD!  C4LL SCOTL4ND Y4RD! !!!!!!
  J41L PDP!  J41L PDP!  J41L PDP!  J41L PDP!  J41L PDP!  J41L PDP!  J41L PDP!

Received: by 10.35.48.16 with HTTP; Wed, 9 Aug 2006 07:25:59 -0700 (PDT)
Message-ID: <6905b1570608090725w6c73e698h19c3d7657f0fde1@mail.gmail.com>
Date: Wed, 9 Aug 2006 15:25:59 +0100
From: "pdp (architect)" <pdp.gnucitizen@googlemail.com>
To: "Daniel Bartlett" <dan@f-box.org>
Subject: Re: [Full-disclosure] XSSing the Lan 3 (web trojans.. not a new idea)
In-Reply-To: <44D9E9FC.8060703@f-box.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <6905b1570608080618p2276dd39ta72da68e6c397318@mail.gmail.com>
	 <44D9B24E.3010903@f-box.org>
	 <6905b1570608090346pfeefdf0sac3506a6d5127e36@mail.gmail.com>
	 <44D9C2F2.2050301@f-box.org>
	 <6905b1570608090632i43139493uf36b623b53d2e645@mail.gmail.com>
	 <44D9E9FC.8060703@f-box.org>
Delivered-To: pdp.gnucitizen@gmail.com

cool,

I've put your code into AttackaAPI.js together with credits... If we
can make all these working from a single Js file it will be great. I
am also putting cidrToRange and rangeToArray Util functions and other
stuff that might be helpful just as a proof of concept.

I will mail you the code as soon as I finish it.

On 8/9/06, Daniel Bartlett <dan@f-box.org> wrote:
> Hi PP,
>
> pdp (architect) wrote:
> > my name is petko not petco (this is American pet company) anyway. call
> > me pdp or pp, it doesnt matter. these are my initials anyway.
>
> OK, noted. For the record I'm Dan / Daniel, and my general nickname
> online is DanBUK.
>
> >
> > your code is using LiveConnect. apparently this is the name of the
> > technology firefox, opera and a dozen of other browsers are
> > implementing to make JavaScript communicate with Java. Unfortunately
> > IE6 and IE7 does no have this facility, which means that a true cross
> > platformed code like the one you provided requires embed Java Object.
> > I must say your code is much neater but again cross platform
> > capabilities are also desirable.
>
> Ok that all makes sense, I was trying to stay away from "real" Java I
> wanted all in Javascript.
>
> Actually there might be something in IE, it was not available in Moz but
> there is a chance with IE.
>
> document.location.hostaddress
>
> >
> > cheers
> >
> > BTW, http://www.gnucitizen.org/blog/xssing-the-lan-4 thats the forth one.
> >
>
> I just read it, well from the link you posted to FD. Should really get
> your RSS into my aggregator...
>
> Cheers,
> Dan.
>


-- 
pdp (architect)
http://www.gnucitizen.org

    AMERICAN PET COMPANY AMERICAN PET COMPANY AMERICAN PET COMPANY
    PDP L1KZ B3ZT14L1TY?

Received: by 10.35.48.16 with HTTP; Sun, 20 Aug 2006 05:19:34 -0700 (PDT)
Message-ID: <6905b1570608200519s23274d91y86f34def3ada38b0@mail.gmail.com>
Date: Sun, 20 Aug 2006 13:19:34 +0100
From: "pdp (architect)" <pdp.gnucitizen@googlemail.com>
To: pdp@gnucitizen.org
Subject: test
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Delivered-To: pdp.gnucitizen@gmail.com

test

-- 
pdp (architect)
http://www.gnucitizen.org

    1nd33d 1t w0rkz, gr8. l0lz.

Received: by 10.35.48.2 with HTTP; Sat, 9 Sep 2006 09:25:31 -0700 (PDT)
Message-ID: <6905b1570609090925i51a8349cn74d1035709cbaa5d@mail.gmail.com>
Date: Sat, 9 Sep 2006 17:25:31 +0100
From: "pdp (architect)" <pdp.gnucitizen@googlemail.com>
To: "David Kierznowski" <david.kierznowski@gmail.com>
Subject: Re: this is it
In-Reply-To: <f4cd4c010609090920tc7cc812v8664a3176d8676e@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <6905b1570609090647l1e091afekf283089743d4e8ef@mail.gmail.com>
	 <f4cd4c010609090649r35ff0c45q3e162e60fbaf6cef@mail.gmail.com>
	 <6905b1570609090651i3d977215pb3abeffbcf46175a@mail.gmail.com>
	 <f4cd4c010609090653w39e2f2c2p40f6b49a6fba1e40@mail.gmail.com>
	 <6905b1570609090657k5d3af7cdvbf882589f5839360@mail.gmail.com>
	 <6905b1570609090705w4dafc798i1eb0fbdf5b89cf4c@mail.gmail.com>
	 <f4cd4c010609090709w4eea5814kba0169e248991277@mail.gmail.com>
	 <f4cd4c010609090714n2aa6f019hce7152b9c25b6b6e@mail.gmail.com>
	 <6905b1570609090919o2d91d9dcr77bf789785d0509b@mail.gmail.com>
	 <f4cd4c010609090920tc7cc812v8664a3176d8676e@mail.gmail.com>
Delivered-To: pdp.gnucitizen@gmail.com

the one that you already wrote or which one

On 9/9/06, David Kierznowski <david.kierznowski@gmail.com> wrote:
> did u read the introduction? :)
>
> On 09/09/06, pdp (architect) <pdp.gnucitizen@googlemail.com> wrote:
> > this is cool
> >
> > On 9/9/06, David Kierznowski <david.kierznowski@gmail.com> wrote:
> > > Well I was thinking we can keep the table of contents but then have
> > > generic links like:
> > > IntroductionContent
> > > Chapter1Content
> > > etc etc
> > >
> > > On 09/09/06, David Kierznowski <david.kierznowski@gmail.com> wrote:
> > > > :D
> > > >
> > > > On 09/09/06, pdp (architect) <pdp.gnucitizen@googlemail.com> wrote:
> > > > > sorry man,
> > > > > I am paranoid :) can you change the password to something else and sms
> > > > > it to me. :) also we should break down the structure so it is easier
> > > > > to work but it is wiki after all :) should be easy, couse it is not
> > > > > nice to have the book in a single page :) haha...
> > > > >
> > > > > On 9/9/06, pdp (architect) <pdp.gnucitizen@googlemail.com> wrote:
> > > > > > ok, I'v got it... you should of actually sms me the creds.. I don't trust google
> > > > > >
> > > > > >
> > > > > > On 9/9/06, David Kierznowski <david.kierznowski@gmail.com> wrote:
> > > > > > > stop looking at your girl and read your email properly man, its there :)
> > > > > > >
> > > > > > > On 09/09/06, pdp (architect) <pdp.gnucitizen@googlemail.com> wrote:
> > > > > > > > this is pretty god but I have no creds :)
> > > > > > > >
> > > > > > > > On 9/9/06, David Kierznowski <david.kierznowski@gmail.com> wrote:
> > > > > > > > > Here we go man:
> > > > > > > > >
> > > > > > > > > https://dk.strangled.net/kcgi-bin/view
> > > > > > > > > projects:xss%0wns
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > On 09/09/06, pdp (architect) <pdp.gnucitizen@googlemail.com> wrote:
> > > > > > > > > > --

 1t d03snt m4773r d00d, w3 0wn y0ur ph0n3 t00. H0wz y0 m4m4?

Message-ID: <6905b1570609210418s79425ca0q190804d2c8a49336@mail.gmail.com>
Date: Thu, 21 Sep 2006 12:18:41 +0100
From: "pdp (architect)" <pdp.gnucitizen@googlemail.com>
To: "Naraine, Ryan" <Ryan_Naraine@ziffdavis.com>
Subject: Re: eWEEK media query (Backdooring MP3 files)
In-Reply-To: <BD2A69C91E3CF846A653B716872B0BBD0291C240@NYMSGVS02.media.ziffdavis.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <BD2A69C91E3CF846A653B716872B0BBD0291C240@NYMSGVS02.media.ziffdavis.com>
Delivered-To: pdp.gnucitizen@gmail.com

Hi Ryan,
How are you? I will try to answer your questions as promptly as
possible. I don' t mind at all.


1. have you reported this to apple?  Have they acknowledged receiving
a report and said anything about a possible fix?

The short answer is no. Vendors are not interested in fixing issues
related to features in their products. Fixing it means removing it or
restricting it and that is not what they want.

It is quite interesting to be a security researcher today. You can see
patterns in the way various companies mitigate security problems found
in their products. I don't blame them. They are quite right from their
business point of you.

This is a quote from an article I wrote a month ago about disclosing
security vulnerabilities:

[quote]
For me and other people that I know, it is crucial to stay ahead of
the game. After all we are the good guys. It is not that we want to
satisfy our ego and that is the reason why we continue researching
these topics. All this research, could be valuable to professional
attackers but the tendency is that it will take some time until it
gets into mainstream exploitation. This gives us a couple of months
technological benefit that we will use for the good.

Now here is something that I learned from Mario Puzo's "The
Godfather". When the heads of all families gathered to discuss about
the potentials in the drug business there was only one of them that
made any sense. This dude, sorry I forgot his name, reasoned that
after all, although he don't believe in drugs, he will take part of
the business because then he can control it. As such he will do more
good than evil by not allowing drug lords to go to schools or other
public places.
[quote]

2. do you think this can be expanded in live attack scenarios? Can you
provide a few examples of what's maliciously possible?

Yes, IMHO this issue can be exploited on a massive scale. This is the
reason why I posted this security notice to full-disclosure and other
security related mailing lists.

Let's put it this way; media formats are the essence of today's
Internet. Youtube, Apple's Movie Trailers are just two of many other
websites that deals with media content.

iTunes and QuickTime are standard part of many business and home
workstations. QuickTime is widely spread technology in the business
sector due to its functionality. Also it is the default player in Mac
environments. Macs are getting quite popular today and this makes it
even worse.

Attackers can exploit the issues I found in many different ways with
various degree of success. This all depends on how skillful they are.
JavaScript and mainly browser related exploitation attacks are not as
mature as traditional buffer overflow attacks. It will take some time
for the bad guys to realise the potentials.

A skillful attacker can get complete access to the local filesystem
via this vulnerability. This effects all home users. In corporate
environments attackers are able to break into network devices and
hijack network interfaces and all this can be done through a simple
mp3, mp4, m4a, mov, avi, etc... file. You can see the potential
problems. Keep in mind that WEB traffic is usually allowed by many
firewall setups. This enables attackers to sneak into any network they
want totally unnoticed.

3. what triggered your interest in researching these backdoors?
understand you also worked closely on the pdf backdoor issue...

Yes, I participated in David's research although "Backdooring PDF" is
his own work. I am glad this issue was well covered by the media. We
were looking into backdooing PDF documents for quite a while and there
is a lot more to be said.

I have been researching client side security for quite a while. I
truly believe that this will be the next generation of attacks;
high-end hacking.

There are many other issue found in HTML, Flash, QuickTime files as
well. I welcome you to check my website. It is really hard for me to
summarize all issues in this correspondence. :)

4.  is this an implementation vulnerability?  Or just a feature that
can be manipulated maliciously?

It is quite useful feature actually. I guess it can be quite handy
when dealing with DVD content. Actually when I found this issue I
realised that I can use it to organize some media files I had hanging
around my home folder. It is quite handy feature.


5.  do you think we'll start seeing actual attacks using these
backdoors in popular file formats? Why?

Yes. You will see more of them I guarantee. I know for sure that this
issue can be used to create worms similar to Yamaner and Samy but with
much higher degree of impact. As I said earlier Word Documents, MP3s,
AVIs, MOVs can bypass firewalls and other network based protection
mechanisms. They can carry malicious payloads that upon execution will
bring attackers into your network.


6. lastly, is there a real name I can use?  Can you identify yourself?
Are you affiliated with a research company or working independently?

Well... my name is Petko D. Petkov. "pdp" is my initials. My other
nickname, "architect" was the result of a research I conducted years
ago based around passive hacking and information gathering attacks. A
lot of people started to reffer me as information architect since I
was dealing with quite a lot of information.

I am security research from UK. My research is independent while my
day work is based around non-standard penetration testing for various
companies in the London area.

If you have more questions please bash me an email.

Petko

-- 
pdp (architect)
http://www.gnucitizen.org

   I AM SECURITY REESEARCH! I AM SECURITY REESEARCH! I AM SECURITY REESEARCH!
   Petk0 r3pl1s t0 Ry4n N4r41n3 f0r gr347 1nt3rv13w 4nd f4m3
   HIGH END HACKING HIGH END HACKING
   I AM GLAD THIS ISSUE WAS WELL COVERED BY THE MEDIA! (n0w c0v3r3d h3r3)

Received: by 10.35.48.16 with HTTP; Thu, 5 Oct 2006 00:51:16 -0700 (PDT)
Message-ID: <6905b1570610050051y252e4415vaad6ba32114c040d@mail.gmail.com>
Date: Thu, 5 Oct 2006 15:51:16 +0800
From: "pdp (architect)" <pdp.gnucitizen@googlemail.com>
To: "cy lim" <cylim1@gmail.com>
Subject: Re: recommendation
In-Reply-To: <6905b1570610040032k2c2d611y48d339d73ea38db4@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <6905b1570609250156w5a2fa25eude38dffc49e628d8@mail.gmail.com>
	 <510d0e480610030423v192ca79bnf36d398c353c3fea@mail.gmail.com>
	 <6905b1570610040032k2c2d611y48d339d73ea38db4@mail.gmail.com>
Delivered-To: pdp.gnucitizen@gmail.com

ALEXANDER Ltd
ALEXANDER Study Centre
26 Targovska Street, 2900 Goce Delchev
BULGARIA
Telephone +359 +751 24043
E-mail: alschool@goce.net
http://asc.search.bg


The address is still the name but my parents changed the name. Is that
a problem?

On 10/4/06, pdp (architect) <pdp.gnucitizen@googlemail.com> wrote:
> I will send it to you tomorrow cuz I don't have it here with me. thanks
>
> On 10/3/06, cy lim <cylim1@gmail.com> wrote:
> > can you get me the letter head with company details etc, please, it is
> > urgent as we will try to submit the application asap, pending this as
> > the only outstanding item, many thanks, cy.
> >
> > On 25/09/06, pdp (architect) <pdp.gnucitizen@googlemail.com> wrote:
> > > recommendation document
> > >
> > > thanks CY,
> > > Petko
> > >
> > > --
> > > pdp (architect)
> > > http://www.gnucitizen.org
> > >
> > >
> > >
> >
>
>
> --
> pdp (architect)
> http://www.gnucitizen.org
>

    P4R3NTZ ADDR3SS! P4R3NTZ ADDR3SS! P4R3NTZ ADDR3SS! P4R3NTZ ADDR3SS!
    b1g b0mb l3tt3r 0n 1tz w4y!

Received: by 10.35.48.2 with HTTP; Mon, 6 Nov 2006 00:53:49 -0800 (PST)
Message-ID: <6905b1570611060053u510ef49cs56c9bfedcce9ddf0@mail.gmail.com>
Date: Mon, 6 Nov 2006 16:53:49 +0800
From: "pdp (architect)" <pdp.gnucitizen@googlemail.com>
Subject: pictures from Singapore
MIME-Version: 1.0
Content-Type: multipart/mixed; 
	boundary="----=_Part_55755_20420625.1162803229520"
Bcc: anna@classbg.com, pagvac <unknown.pentester@gmail.com>, 
	pdp.gnucitizen@gmail.com
Delivered-To: pdp.gnucitizen@gmail.com

------=_Part_55755_20420625.1162803229520
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

pictures from Singapore

-- 
pdp (architect) | petko d. petkov
http://www.gnucitizen.org

------=_Part_55755_20420625.1162803229520
Content-Type: image/jpeg; name=IMGP0841.JPG.JPG
Content-Transfer-Encoding: base64
X-Attachment-Id: f_eu6mtej6
Content-Disposition: attachment; filename="IMGP0841.JPG.JPG"

/9j/4AAQSkZJRgABAQEASABIAAD/4YgtRXhpZgAASUkqAAgAAAALAA8BAgATAAAAkgAAABABAgAQ
AAAApgAAABIBAwABAAAAAQAAABoBBQABAAAAtgAAABsBBQABAAAAvgAAACgBAwABAAAAAgAAADEB
AgASAAAAxgAAADIBAgAUAAAA2AAAABMCAwABAAAAAgAAAGmHBAABAAAASgIAAKXEBwBeAQAA7AAA
AGZ5AABQRU5UQVggQ29ycG9yYXRpb24AAFBFTlRBWCBPcHRpbyBTNgBIAAAAAQAAAEgAAAABAAAA
T3B0aW8gUzYgVmVyIDEuMDAAMjAwNjowOToyMyAwODowNjozNQBQcmludElNADAzMDAAACEAAQAW
ABYAAgABAAAAAwDWAAAABwAAAAAACAAAAAAACQAAAAAACgAAAAAACwAeAQAADAAAAAAADQAAAAAA
DgA2AQAAAAEFAAAAAQH/AAAAAgGDAAAAAwGDAAAABAGDAAAABQGDAAAABgGDAAAABwGDg4MAEAGA
AAAAAAIAAAAABwIAAAAACAIAAAAACQIAAAAACgIAAAAACwJGAQAADQIAAAAAAAMFAAAAAQP/AAAA
AgODAAAAAwODAAAABgODAAAAEAOAAAAACREAABAnAAALDwAAECcAAJcFAAAQJwAAsAgAABAnAAAB
HAAAECcAAF4CAAAQJwAAiwAAABAnAADLAwAAECcAAOUbAAAQJwAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AmoIFAAEAAAC4
AwAAnYIFAAEAAADAAwAAIogDAAEAAAACAAAAJ4gDAAEAAADIAAAAAJAHAAQAAAAwMjIwA5ACABQA
AADIAwAABJACABQAAADcAwAAAZEHAAQAAAABAgMAApEFAAEAAADwAwAABJIKAAEAAAD4AwAABZIF
AAEAAAAABAAAB5IDAAEAAAAFAAAACZIDAAEAAAAJAAAACpIFAAEAAAAIBAAAfJIHADB1AAAQBAAA
AKAHAAQAAAAwMTAwAaADAAEAAAABAAAAAqAEAAEAAAAACwAAA6AEAAEAAABACAAABaAEAAEAAABI
eQAAAaQDAAEAAAAAAAAAAqQDAAEAAAAAAAAAA6QDAAEAAAAAAAAABKQFAAEAAABAeQAABaQDAAEA
AAAmAAAABqQDAAEAAAAAAAAACKQDAAEAAAAAAAAACaQDAAEAAAAAAAAACqQDAAEAAAAAAAAADKQD
AAEAAAADAAAAAAAAAAEAAAAoAAAADgEAAGQAAAAyMDA2OjA5OjIzIDA4OjA2OjM1ADIwMDY6MDk6
MjMgMDg6MDY6MzUAwKO3AADAWgAAAAAACgAAABsAAAAKAAAAPgAAAAoAAABBT0MASUk5AAEAAwAB
AAAAAwAAAAIAAwACAAAAQAHwAAMABAABAAAAtSYAAAQABAABAAAABAcAAAUABAABAAAAOCsBAAYA
BwAEAAAAB9YJFwcABwADAAAACAYhAAgAAwABAAAAAgAAAAkAAwABAAAAGQAAAAsAAwABAAAAAAAA
AAwAAwABAAAACAEAAA0AAwABAAAAAAAAAA4AAwABAAAA//8AAA8AAwABAAAA//8AABAAAwABAAAA
AgAAABIABAABAAAAxAkAABMAAwABAAAAGwAAABQAAwABAAAACQAAABUAAwABAAAAEAAAABYAAwAB
AAAAMgAAABcAAwABAAAAAAAAABkAAwABAAAAAAAAABoAAwABAAAABAAAABsAAwABAAAA4BoAABwA
AwABAAAAQCUAAB0ABAABAAAA+AIAAB4AAwABAAAAZAAAAB8AAwABAAAAAQAAACAAAwABAAAAAQAA
ACEAAwABAAAAAQAAACIAAwABAAAAAAAAACMAAwABAAAAFAAAACQAAwABAAAADAAAACUAAwABAAAA
AAAAACYAAwABAAAAAAAAACcABwAEAAAA/v/69yoABAABAAAAAH0AACsABAABAAAAY1gAACwABAAB
AAAA2P8AAC0ABAABAAAAABIAAC4ABAABAAAAAHgAAC8AAwABAAAAAAAAADEABAABAAAAJQAAADIA
BwAEAAAAAAAAAEEAAwABAAAAAAAAAEIACAABAAAA+A8AAEMACAABAAAA/wEAAEQACAABAAAAAAAA
AEUABAABAAAAAAAAAEYAAwABAAAA6wAAAEcABgABAAAAGQAAAEkAAwABAAAAAAAAAEoAAwACAAAA
ACcgF0sABAABAAAAoL4BABUCBAAFAAAAyAYAABcCAwAEAAAA3AYAAP8DAwAQAAAA5AYAAAAAAAA4
KwEAAAAAAAEAAAACAAAA5ehYHk0dryMAI14PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAD/2P/bAIQADAgICBAIDAoKDBIMCgwSFhAMDBAWGBQUFhQUGCAYGBgYGBggHBwcHBwcHBwcHBwc
HBwcHBwcHBwcHBwcHBwcHAEODg4aGBowICAwKBwcHCgoHBwcHCgiHBwcHBwiIhwcHBwcHCIcHBwc
HBwcHBwcHBwcHBwcHBwcHBwcHBwcHBwc/8QBogAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL
AQADAQEBAQEBAQEBAAAAAAAAAQIDBAUGBwgJCgsQAAIBAwMCBAMFBQQEAAABfQECAwAEEQUSITFB
BhNRYQcicRQygZGhCCNCscEVUtHwJDNicoIJChYXGBkaJSYnKCkqNDU2Nzg5OkNERUZHSElKU1RV
VldYWVpjZGVmZ2hpanN0dXZ3eHl6g4SFhoeIiYqSk5SVlpeYmZqio6Slpqeoqaqys7S1tre4ubrC
w8TFxsfIycrS09TV1tfY2drh4uPk5ebn6Onq8fLz9PX29/j5+hEAAgECBAQDBAcFBAQAAQJ3AAEC
AxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNE
RUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmq
srO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/8AAEQgA8AFAAwEh
AAIRAQMRAf/aAAwDAQACEQMRAD8A8tooKFooAUEg5BwR3qZLy5XpIfx5/nRYC1DrM6kb0Vx37H+o
/St9QCoPrzWc1Y1g7i7KULWZaQFaAtIY4LVqBfk/GpZSQ6RP3b+4P8q5XURzGfYj9aqmTVKOKQ1s
ZBScUCCimAKjE4UFj6Dk1Ktjen7sEhz32nH50BYmTR9SbpAR9SB/MipU8P6geoRP95v8M0XHyslT
w3dFv3kqKvquWP5ED+dSjw0M/NcEjuAmP6mlcOUkHh207ySfmv8AhT10KwHVWb6sf6YouFiRdJ08
dIQfqSf5mniytB0hQf8AARRcCQRqBhQAPQcUhWgQwrTWWgCNlpjLTAjZajZaAMGlqiAooAKWgBa7
C1GYIz6qp/Ss6mxrTJdlLsrG5rYTZzRtoHYcFqzbr8h+tS3oVHcmMeQR61zN3pd/JsEcDEjOc4Xr
j+9inTdhVItkUfhrVG5ZUj9mb/4ndU6eE7gj95Oin/ZBb+e2tPaL1IVJk6eFIB/rJ2b12gL/ADzU
6eG9OByweT2Zv/icUvaD9miVNE0xW3LApP8AtEsPyYkVMllaKdyQRq3qFAP6CjmYcqJNo7CkK0xC
EUFaYhMU3FMkTbSEUxCYppFMQhFNIoENIphFMBrLUZFAEbLUbLQBztLVEBRQAtFAxRXZ6eubOA+s
af8AoIrOpsa0ty35VBj4rnub2G7KTZTuFhwWrNqnyn61MnoOO5OEpdlZ3NBNlIVppiGlaaVrREMa
VppFUiGNIpCKokQikIqiRMUhFMQhFIRTENIpCKYhpFIRQIaRTCKYDSvNMK0ARstMZaAOYpaogKWg
ApRQMcBXcaZHmwtv+uSf+gisaz0NqK1NJIMjpSPBgdK4+bU67ELR0zZWiZLQBKtWicN+FKT0CO5Z
CUbKyuaWEKU0rVIloYVphWtEQxhFNK1oiGIRTcVSJYhFIRVEMTFJimA3FIRTJEIppFMTEIppFMBC
KaRQIYRTCKAGMtRstAjlqKokKWgBRTgKQxwFd9oiZ0+2P/TNR+QxWFd6fM6KC1NyC246UTW3fFeY
56ndy6FKSLmoDHXTFmTQmyrVmn3vwpyegJalkJRsrK5dhpSmFapMTQxlqMrWqZmxjCmEVoiGNIpp
FWiGIRSEVSJExSYpkiEU0imIQikIpiGkU0imAmKaRQIaRTSKBEbCmMKYHJUUyRaWgYopwFIaJFWv
QvDUZbSrY/7JH5MRXLiX7vzOrDrU6a1QBeRTriMFeK8aUveO4zJrc5qq8VdlORnJEeyrNmn3/wAP
61rJ6ERWpa2UFKxuaWGlajZatMloiZajZa2izNkbCmEVojNjCKQitEQxpFIRVIljSKMUyRCKaRTE
IRSEUxDSKQimA0imkUCEIphFMBrCo2FAjj6KZItKKBjgKeBUspInjXmvTfB1uDolscf3/wD0Y1cO
NlaHz/zOzD7/ACOrgsV2gtVuOxiIH7tTjoSATXzMpSqS5Y6eYqlVjb20L2kiEZwDtHuORXJTw4Nd
uChKDcX3uvvcX+SLoyun5fqVWTmrNkv3/wAP616cnoaLct7aQpWNzQaUqNkq0yWiF0qJ1reLM5ET
CoyK2RixpFNIq0QxpFNIq0SxCKTFMkQikIpiEIppFMQhFNIpgIRTSKBCEU0imIaRUbL7UAcZS0yQ
pwoGOFSoKllxLEK9K9Y8DRA6Ha+2/wD9GNXl5i/3Z1U3ZP0OvgjB57dqtKgArnynDJx5n11OSpIX
YvPvXGapb+XcSR4wFY4+nb9K7MVRUbNd2n/283L9Gb4SWrXlf7v+HMtxzU9iOX/Csnsda3LeKXFY
mgm2mslNMCCRKrOK3gZSIWFRkV0IxYwimkVojNjSKQ1aIYhFJimJiYpMUxDSKQimIQim4piEIppF
ACEU3FMQjCo2FAjiaWmIUUooGPFSJUMuJahPNeq+Aph/Y8a/3Xcfrn+tebmEb02dUNn6HZW7jpVk
OKyyuulTSfTT7mcc1qBdc4zXM+JUAuRIOjryfccfyxXViqsZK3VS/wDbb/kzTDaT9U/6/A59+tT2
R+ZvoKwex3rct5ozWVjQM0jEUJAQSEVWkreCMpMgaozXTEwY000irRDGkUhFWiGNIoxTEJikIpkj
SKQimAhFNIpiEIppFACEUmKYhpFNK0AcNRTJFpRQNDhUiVLLiWI2r0PwLdY0twTjEzY/75WuLFRv
B/11Oui9TtLa/jwAzYPY1bNwFQOzEKehr5qcJwl7t0n27k1KWvrsVP7dsGkwk4bYcScNx19vUVm6
1f20qoIm3MpPOCBg9euPauilSquak72vd3t2t67DhScXfYxGaprNv3h+lexbQ2vqXN1G6sbGlxC1
MZ6pITZC7VC5raKMpETUw1sjJjSKaa0RDGkUlUiGJikxVEsMUhFMQ0ikIoATFIRTENIppFACEUmK
YhpFIRQI4OlpiClFAxwp60mUiVDXa+DHP2CQD/nsf/QVrnrL3WdFJ6ne6VHGMO/J7ZrTeaMqQeQe
1fO4hNy8jSsm36HHxtIbm/DdEnOzgD5eg6fTHPpUUjV6dNaL0j/6SmaJ6ff+ZCWqa0b94fpW7Wgk
y2Gpd1ZWNLjS1MZqaRLZXuLiKOJpZWCxoMsx7Vyt74zO8raxfID99zyfw7fnW8I3MpysW9L8T29x
KIZU8mVuE5yrH0zxgnsP1zWwa05bGfNcaaQ1SJYhFJVksSkpkiYpMUxCGkIoAaRSEUxCGmkUAIRT
cUxCEU3HNAHBUUyRaUUDHCnA0mND1Ndp4GYG3mX0kB/Mf/WrCt8LN6XxHdRTAKAD0qQz8da8SUdT
ucbnP2MudQ1VSeBKuPxXP9abMeTXbBfkv/SUQ9vm/wA2Q7qltW/eH6VvbQzLe6jdWVjS4hamFqpI
lnLeLb/lbQHCgb5Pc9h/n2rnrTTjLuJbaoP41009EY1NRbq0ERDxkgrjPP612WlXhnsIZj98jD/7
y8H8zzVPVEbMtUUIGNpDVIhhikpiCkxTENNIRQISmmmAhppFMBDTaBCGm0wOBooJFpRQMUU4Uhjg
a67wNJxdj0MZH47v8KyrL3WbUn7yOg1fXTZ2qzCPzSzBNu7b1BOc4PpWDL4+1E/6qCJR/tbmP6EV
xQw/NrsdUqttDOfxDqQlluIpBE9ywMu1VIJVQBjcGx3qtLrOpu2WuZM/7J2j8lwK6o0or5afcYOo
yfRLmZtVi3uzZ3Z3En+E+tdjbN8/4UqisODLJak3Vz2NrgWppaqSEzgPEkrHVZxnoQB+AFLYJOkC
SdFJ5HqD0/z9K6Y/CYPWQ94SyM7HIIOe5z9fQVpeEJW8m5gPIjcMD/vDH/so/OjoJ7nQUUITEpDV
IkKSmISkNMQhFIaYhppDQAhFNNMBppM0CGmmEUCOCpaYgFKKBi0ooGOFdP4LfDXY9RGfy3VnUWjN
Kb1L3iwk6eP9lwf5iuQDVnSWhdR6krH9yh/z1P8AhUYNaITNDRCRqkHH97/0E12Vu/zis6hcC1uo
3Vz2NhomjLlAwLjkrnn8qC1UhM891pw2pTuvI3nk+3FXbe432yiPBPGQe2K3+yjFP3mLJK6wsHxk
ZOBVfw9qq207h0LpKMELjORyDz+NNLRim9TrLfU7aQAjKk9AwP8A+qreRihCYlJVEsKSmSFIaBDT
SGmAlIaAG000xDTTaAGmmmgRwdFMQtAoGSRxSOcRoXPoozWpZaBM5Vrg+Wh6qOW/wH6/SonNIuEL
k+qaFBFama3MjOpG5TgjB7jAB496k8JSYup19UB/I/8A16iMrxZo42kjT8SHOmSexX/0IVx5NFPY
VTcstj7FG3fcR/M1teFWHlXgPONmPxDUpLRlRdmvQWQk69bEnojZP0D1sLPIHyi7se/rUvYbdtdy
aC8kaUI6bdwJHrxj0zVvdxg1k1bfcuErowAZBfyXEcn76QypyBj5VbaOnYov5c1sWjym1jMxDS7c
SEdCw4OOnertoVOV36afdY4XWRjUZwO7k/nzUVjku2DhlUkY747VtH4Tnl8RdupM2zYXBYDOao6e
im+jV/ugkn6AZ/pREJm0AX3Oev8AnitnSbxnQxOcsnQ+o9z/AJz+dQtynsaFFaEMSkpkiUlAhDSU
wENNNACGmmmIaaaaAGmmGgDi0sLojITA9yAfyPP6VYj0ic8sygfif8KTkgUWWY9DXPzyE/QY/wAa
uw6TZrg+WGP+1k/oeP0qHNmigi9FGoGFUAegqwtZtGiZKpPHOMVh6M7f29eFuGPmbh7+YM0Q6+jC
b29TR1/nTZfwP5MK5eC0MibhKg4JKk4IA/znjNaQdkRJXZYmjthp8SCQm5Ej71HK7MLtORx13Z5J
4HA6m3oF1HE00bsAJgvztwBtz6ZJ69AM8Um9CktTSkiiWUXDXtsTnasfzK7Bj/CWRcYzznHT3rUs
YykAV50dhnLgrzkmstdLpr8fyukXddHt8vzK13cqJhI06hlBVUzye56fl/kVn/2yMyF5ypYAM4ID
Af7Ab/63rQ4K9+woydvzKB1iKObMTPNH8zEyABsspBxj1zk+/T32NF1h7gTIIggjGU5zncT1rSUf
kKMv+Cc1fpKZ5JJQQ5bvSabDI02UGSozgdTz0HvjPFOL0JktS7dgGBwpB29+2AabpdqDK8xBJcOI
gOcHaSd3ocA4HU9enNERSL0DDaQOlW9GJF447FD/ADFSinsbdLWhmIabTEGaQ0CG5pDTAQmmmgBC
aaTTENNNJoAaaYxoArDTzt3A5FPjtI+7c9xU8pXMWFtYR15oe2XnYDxQ4oSkRhSPanis2jVMeKoR
2Xlav9pjH7udWD85w5O4/gcZ+ufYVK0f4FPVempNqpLWU4/2Cfy5rloGxDJ/tDb/AOPA/wBK0WxD
3I6eCexx60MpDvMlxjecHtmlWWVRhXKjrgGi4NEMksjPuZizHqSaj3GqM2wFdB4SP76cf7I/nSls
OO5o65pYmgLwr+/U5+vFZGmwoGkWQESKcr7FDn/H/A9s4s0krmlP5JgeRQrou0BiN3BOGJC43e3b
pVjzbeNMqxDYDbRzz7n8OmentWiMWUm2faJNgwpwQBwOQDU+kn/Tv+Amo6mnQ3M0ZqyAzTSaYhCa
QmmIQmkJoAaTSE0ANJppNMQ0mmk0AMJpjGmIsAIhz39BUvlQMN3/AOugRHtXPyZwPxpyNIGzkY6E
VLKQyXluRyBimqpzgcn0qGaIle2lCgkdeMCkMTqMlSB64qJRLjJFe6t5JIZI4xkyKyjPQEjHNc/c
aLeQxyEgOqgszrnaAGA6kDnrwMkAZ6c0KaWjBwe66GdThVsSFzSZoG2RN1pKpGTCtzwu+LmX3T+o
oY0dGLmLdt3jcegzzWLfZi1B2UfLKN2P97hh+eT+IrOxpcaZ1aP93GSF270OMEknPHTpipZJScAQ
kOD948jB5ByCfpnr+FWjNkKZ8x8nnjP5CrWkk/b/AG2mo6l9DczRmrIYZpM0xCZpCaYhCabmgBKa
TTAQmmE0CGk00mgBhNNJpiLbQDG5AB6+h/CmBSDzx6//AK6BXJ1AI4XHv2p8UeWwaQ0x5jXaOMEc
ZoVAoPyj3Pek0NMcZlIGMk/1ptysrbUHC9WPTgdcUmUtyLyQMhSRjpnvTVRcEPhuvykccjH8uKwn
D8TohK5BNZ2Mq/vLdDxgYAU/mMEfn61Ul0HTCBtDx467G6/99bqlXX/BG2n/AMAqnwyhBKzkZPy5
UHj8x/T6VRudEuUcqHWTuAobdj1IAOPzrRT1JcepWbSrw4KKHznAUjPy9cA4Jx7ZqL7Be97eX/vh
v8K0UkZOLI2hlVQzIyq33SQQD9K2PDli8sx++qHhnCkjA5xnpk+9D2CO51R8N2TKNzSgDvhefz6V
j6voyW8ocuTDJwhbkgjqD/j/AJK5Rqd2U4lRCTGy84yCMj9anE87MFVIyT0AXJyfxqU2U0mbFh4Y
d3aa7lyAo/dpgcjsTjt0459xjnYh0vTY48xQKsnTcck4+p/xrRR7mUpdCpdWxQB1+4f0qvmiwXEz
SZoATNITTEITSE0AJmmk0xCE00mgBpNNJoAYTTCaYi+Cep5+tToBzjv1B70yQK8fKNp7+lPQYwQQ
fXFIY9cHryKGBHJ7dfpSARIQSGPBPQnr+VPcYUK2MDoc/wD6qGUiJkOeOuMcjFZ1zqmmo5jecLIO
owSB7ZAIqGiuaw9XVlVxyrAFcehpskkgYBYWkY/dAwB+JPSs2bR1+fUX/SW++REPQfM35ngfkfrV
C70x2uBcwnEgGMsT29+SPwqYoqb00Gv9vdfJkgXzOgn3H14ONvOB0yQe4IJrUtoZiiqcuygAsB1P
rV8qI5vka9vYW4UecvznrnpmrsdvEvKgD8a0jGxlKTY59uNudxbjAqne2EDqFnG9ANwHUg/XjH51
TJuY02i2rAMF5JwI1GD9SRyf8/hd0vw+kDvMwJc8LuPQe319+w7ZIqEi3I243QREDlm4A9vf0pjl
dgVjnPRR/P6fWtDMikdDHs/M9qzDblm+UgfXgUmNCvYXIGdu4e1VmyCQRgjqDSsO4xmABJOAOpqJ
rqEKWLfKOpwSKEAwX1oRkSrj64p32mHGQ4PvnimNxa3HBgRkHIPekJoJG5ppNADSaaTQIYTTCaYG
mQ+08cU1JGJO0hQOrGmSO83n7zN744pfO9Ac984qblWJVuU28Kdw9OlWY41YhmOWPRf8KEFrFr5F
+vemzovlAZyabEQKpJ29e6tWTP4Ws5JWkMrrvJZkBXqTnjjgfnUtDkrllLcRRRwsfljUKp+gxnHv
14qxGYFI+YZ9SM/qOKVio3sWDbwucFVyed3I/Uf403+yUJ/1gUemQf60OI1IBpsKyAlskfwtyPxx
VqNGP3CCvqBxRGNglK5KfM//AFDmhYnPGWz9AKokeYCAfmIY98ZP5io2V9hHG7++2R+H+TQIS1dV
+ST5iMkkDJGee3UVYaRSCMEDuTQBD9ohy0UZUsvBUHp35qC5lUKfmHmHkgfy/AUAiKIykZBJP1/p
U5iLY3HDY4IAFJFMIlnH7tCBjht3r7fhVTUbGQ/OzDd+hptCTMWW3Ybg2XPdTwMf57kZqEQuigRj
aMYKk7uPx5/H8OwoQ2zOns8S7lQEZyy9vw/z0q9btGxELIAAMqvrjrke3p0ppWuXKbkku2/6Mmll
2LuUEAcZ60gu4SPvfoam5FhRcQkcOPx4/nR5iHowP0NO4gJppNMQwmmk0AXUnfsMfjxUqQTbd7Lt
UnjPBP4df0piFWCYA4QnPTFKY5QRuUp6Ag1LGh3ljy9v6irlqV2YcjK8ZoiOQ8yQ7sBw2e1RX+q2
NtFm5kCuR8sY5b8AP5nj3qiTLh1q0mkKrKULYCKQRnHbkdauRq5cCMsSfXHH+feoZaRbWCDPzKc9
yeamRLYcYHPbFFhXK5QCTNvIKsQ+aw/eSMe3YfpQl9xTat5loW6Km4nOeAD61LFgKB0ppENkhaAA
BmGfbmjIVg3LKaYh0k0ZUkEnH4VTeV2OM8emf8/560MaIoNU08XDWokQTrjdHkZ5GeB349KtG7sQ
6LJMkbyHEauwBYjsAev4UIGNuYYQvmuyhE5LlsAe+en51hw6tp76hJZxSCSVRuUjBVj1KqwPJA6/
j1wcDQJm7bQRFVyWBYZUjgU9otsipncCeKEDYSgh3GM4UEiqTiR25VlQdBj+X+RTEQTWyseLdie7
cc/nmoH098f6pUHqzD/61S0UmV5dNODlRz6Hj+tVxZsjZEeWznOc/lQMCTnGMZ6g9DWbPEQ5x0NS
xkJB79R+f/16THp/iP8AP61IxCzfwMQfb/P5VPbTllIb7y4z+NUmJrQlJphNWQdFawWqDKnzJB/F
159vT8Ksx24J8yX73bPb6Z6f5zTJLUO3ngAjqe1SMEf5SuV96BFWWyAPCbgemKgezcjiMj3pWKTB
doXZKnHQMP8APFUptPsHkaR4oWc8lnUFj7n1pDIhpVisgdbdVcdGUAY9x0FXTBtUFhkH16/pmgYL
CN2UQ/lTBO+WVgeuBjr+vNIe5LBblgHEWE9SeT/SrSIw4BwRyKYEzO3G4cD055pS2VwnJPU5ximS
NVe2Nx7/AOc/0p6lx0PHcEYpDEMyF9jbQ5HC55xTJWtkQvMQidNzHAz6f/W70xHGazoTzyy3mnwS
iLLPNLcMsaepKq+1wPc4HpwK5pnkKqrMWCjCgnoCc4HpySfqc0CLZ1bUzY/YGnY2nH7o4PCnIGcZ
wD0GcfkKrJkEMp2uDkMOOaYzpNH8bX8GyG/BurdcAOMCRQPQ9G/4FyT/ABV2WnanZXXly2kokTd8
w6MuM8EHkfj17ZFAizdOgncHPzKOn5VTMkg4TJ/3j/hj+dAICk7AHa/uUY/yPH6037OAc8hz3kGf
1BNIY3fOvBYEepwy/n/jikLuchkQke1AEMsQYfcXPpjBrPubCMjoRj86TQ0yhLYd8/Ke/wDnpUBs
5sbhhvp3/wDr1PKVcqucZJ6j+tR2kmLoKf4gQf50IOhoE0wmrIOrUEKBGAOwqzEjBcE/N/e96ZA2
WfYjGRcAfxD1/n+VSW85blc468jH86ALaMOn5in+WpoGNe2iPLAVWm0+LG5MZByAPX+tKwJkH2Nt
27I7khufbP8AgKhninCKCuSP5HpSKK8kzkKCCCvRu4/GrcCOQDICSPu8fMfx4/XmgZKPNXIAwvp/
+rpTxgAHHytyO4/+tTEP3L6YHbuDR+6J5BB68jj8+lAC+UpGd6kHv0pDbSj5lO5frmlYdzC13w+8
9xHfxhmkg2hoASA6K24qDwVY5POcfTrUCWepyz+YpmtMN+73zGUqgxxsYtuZjydzYUcbSRktMTIt
V0DV54znUDMwHMLr5anHThMgn6r+Nc1PoerRnD2shPbYN4/8dzRcRUkt7iMjz4mjLcqHBUnHHQ1G
X7UwEJY8DkVs+Fb63t9SMlxK8UZRhuUgDIGcNwTjjjHO7HqaQHeJcwyAOWLL/CUA2kHkYYnnjv36
gCpRcQgfJER/tNj/ABoAja4Zj+6xu77Tj8zx+n50x0lAzIJcd8MCKBjV3EZQlx0II+Yfhzke9MZp
EP3ckdMcH8uh/SgAF/bk4kUqR6in+ZbMMK4PtTFYq3Fn1aPv1Xsf/r1QwoJGMf3l7/h/hSGZeqxY
Am4YE8n1+v8An+VZVsT9rj+v6YqWilsapNMY1RJ1f2yLOAAPduKDdR5GJFz/AHgf0I5zTJGowMxd
5Qy9gegP04q9FLGOrD8Dn/P5/nQIka4iPGT7MAaYLtlbAJYf57UDJBeMesZI96sRyoRkgKfx/wAB
QAuFMg3HgjgfQ1HdDEobswx+IoAia1h4bb8x7+5oMbA/Ic49f/rUh3G+aQzbz5ee59B6E8VGl6oJ
VAWQfdJ7nufof89eC47A9wzEM+1PYYyfzH8qjM0hztOU9+M0gsSJIWGCSOPU02S2x82cZ5BFA9h0
MMhIKyN+DGrSxkjaxKuPU5z+eaEDYCPB+ZVbHXIwfzH+FO8u1I+eNlP+ycj/AB/SmSVNQ0HSbuEQ
zHOOUPR1PqO/1zwe44rkPDvhSxvJrmczE2UEpjhXo7qOQW4+UFcdsnn7uOSwHYWmlaVbx7LS1RX6
bx8zf99Hn9a53xR4ZaUtc2seLocyRqMBx65/vfz+tOwjlLfVdSt8xxSsiqcGNuQCOvB6e/Sr9n4o
1RZVeVFuIidpUrjJPZWUdfTr9DQM7CzuTc2yz28Z8t8/eHII4IOe4PB6+1P8q8ByqY9u36UhjZDc
Zzs247g/ypy3s4G2WPzF98UXAY7afIcOGjb8/wDP5VG2nqeYZVceh4P59f0osF7ETC8i6ggdweR+
dRTkSLuC4ceh6n09j6flQBlXnzWkg7kkf8CUbh+eSKwoJokuFeQ4UZ5684xSY0aC3tqfuyr+dO8x
SMggj2oA6iOxsx998n06D9KsJDZgcYqrEXHebbDgDJ9hT1aVv9XHgercUASC2fG6Rz9BxUyxRqM7
ce+M0BccJY/f8qcZ0x3FAArEncwx6fSllJZQPTpQAwMeM9ulPCEj5XwDQMgntjtOPm9QTVGNCHHY
cg1LRSY4pluOTUqu4GGUA9qQ2CS4YAcsegHrWhHprOA0rDb1EYPy5piZcgtLRvkaJUkX0GM+4xSy
aeuMKzfz/U807E3IlgLMUY4cd/WkNpKOMfjQA02bnrwKri1sInZkQq7HLMi4yfU4HP40ARyxyN/q
5Jee2z+uKq3Wmaq8DrbzNHLj92z4ZM+4Ofp0OOuD0p3CxzN14L16Wdprpo2dhy6Y7DA4AUVDD4Y8
QGaJJ2kjgtTut3ypIOQflAY7emfbA4pXA3rO0nhiEW+TGSWZ3Ykljkk47k8mrHlkHO5HPcZ/x5oG
KGg6PHtPqKDFbnooP0oAje1jI+X5fpUJLL8sy7k7OOooAY6SqPMt5SydxnP6e1VZZWzgj5iOCOM/
lwfw980AU53zEXP8bgn6kYP61zF0gErRn+En+eKGNFcx+9JtYdDSA9IQEnCjJqzHZnrI2B6CqsQW
Y0t06AZp/wBoQdKYg+0SHhRSgyfxH8OppDAv6cD9agd33AAY9f8AJoAnWRto4OfYf5FO89geVO31
IoGSiaI8ZGacE7oaAHAt3FV5rQNlo/v9dvr/AJ7UgRSeTadpUq47UGbIwAS36VJY+3Qht5+961bh
aTfw2z3B/wABTQmWzNMAN7B8dG6EfiP8Ks2mohm8uQYPZuxqiSe7hGwOhw45BqGG8Xbibhh37GgQ
83MJ+Xdx7cUoeHooFABvXsKQnPQUAN2GmmJT1oAY1tEeoqvLp9s3UUWC5XfSl/gdl/X+dQSaZOOR
tf6jB/OgdyAwzpnfCxHqhzSLLC2QH2sOoccD6+n4mgCKaIR7nCYXvtOR+XGKy75lUoy/KVYZHpzg
/wCe4xQBm3TbUMQP3ZCB+Bz/AFrAvz/p8vvg/oKTGQUhNIZ6ehAGFGKcA5qyCRYalECgZNAXHqD2
GBTiB9fYdKQEMiykHAwOwA60xbe4+/nB/wB0/wAv/rUDJo5LodQH/wCAkfyqVZ5e8Le/FFwHF4zx
JE312mjbbA/K5j/MfzoAkRj2dZB9RmnFo+c8EdRQAx4rdwBIQV7MTgj8aiXSIM8Trt9OCfzz/Sk1
caY/+zLcdJAfbIprlkGDH8vZlxj9KLWC4BtwypyPam/OG+XGPU0ATJqUyjY+JFPVf/rinfbbM9bU
k98kH+YpisPF3Yf8+7A/7qmpFuNOP8O36of6UABn04EDPP8Aut/hTJLqzH8Bcevb9aAKkt5D/BAm
ffB/Pgfzpq6jECA8EY/3QB+vNFx2LC3tk33t0Z9ecfmpH8qd5lt0SfH1Yj/0KgkQpIRlJmI7EYYf
yqFkvf4ZyfZk/wABQBE8upr1RJB7ZU/rVaW6iLgXUBibtIOo/Tp+dAxknyjBYNE/SQfdOezD+o/H
FYer8Im0n5TtP4dP0I5pgjNv2BvHA6A5/QVgXkga8Zh7D9KljIzSZpDPVFxUqFc4UFj6CrMyYIQP
mIX26mmtcwDo+7/PtQA37QGGR07Zpq3RBOGH0I//AFfpQBYS9ixzjd3IFK95Gfu5B7jj+tIZItxH
tzvwfdeP0qWO4U9JEP1yKALCiQ9Ch+hp3kS/3FP40AOEL94gfpil8jjmEge2KAHbYx1jI/ClCwf3
P0oAc0EAwdoGacYVK7SBjtRYClJpsO4tHmN/b/Cq02nT9VIPsRSHcqPaOv31IPqOn6UxYkP3XIb6
n+tAxpjnBwXPsaQCY8CQg+hNGoxP9JXhQD685prGU/f/ACP+QKQDxG3R3EYP+zn9RTxb2BHzXDEn
uFJH8jTsK402S/8ALK6jYHsx2/pThp13jqh9wT/hRYLjWsbvsq/n/wDWqvJY3w52j/gJ/pT1C5Vl
Fwn39w/OlW/n24Lb17q3P86VwK8l2o3eV8qkfvYuq4P8Q/zx+NUL5s2sZJyc4/z+BH5VQjG1Cfb5
kmew2/Ujj/GsRcls9+9SxklJSGenIw6k7vwqX7XgbVBz6AYqzMZJK5GCcA9QKh2d1P4UgLMRUj5f
xJ61IUQ9QKBgII+3H0pwjA/iNADXiJGS/HYGo0ERbacqf72eKBlpbW4xmOXPpUijUF/jB/OjUNBW
udSHOePY06LVrxcBlJ/Wi4WJTr0448vJ96swarvH7yIj1ODj86LoLFsTwuBg49Knj5OPyNAiKUfO
cU+NQRzQANEh4IqvLp1u3JUZ9aAK0mkgZ2H8Dz/9f9aZ9iUf6yHcPVTn+eP60WHcaXsVO3y2B+mK
XdakcQsR9KLIBB9kHSEjPorf4VHI9gDloyMdyCP50aARNc6Z08rd+R/rTBLpX/PHH1FFkA7OmHAw
vPuv+NONlbMMomQO64P8qdhEbQygYGJF7o/X8D/jn8KzbqzgYny8xy94zwfw9fwPPTIpAmYqsV1B
o36MNrfjVa+kKwiLuj4P4/8A1gKYzmtQnLSbAchTk/X/AOtUCDjPc1LGO/lTTSGf/9kAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAA