| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 08 Aug 2008 16:43:06 +0200
From: "Great Council of Internet Superheros" <internetsuperheros@...hmail.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Internet Justice #1 August 2008 (Part 1/7)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
___ . . .
/ \ |_|_ o _|_
/ O O \ .,-. .-. | | .-. .--..-.. .-. . .--.|
| O | | )( )| | (.-' | ( |(.-' | `--.|
, | | , |`-' `-' `-`-'`--'' `-`| `--'-' `-`--'`-'
\/( )\/ | ._.'
| ) ( | ' th3 p0lt3rg31st squ4dr0n: p0ss3ss1ng b14tchz n34r
j00
|( )|
|| | |' Say it's the leaves, the way they rustle.
`| | | Say it's a shadow, the scraping of a stick.
| | | Childhood friends, dead and buried
| /-' they're out there now, small ghosts
|_.' who never knew when enough was
enough...
....... ...CEILING.. ...GHOST...... ..IS.. ......... .........
......... ......
.. ......... ......... ......... ......... WATCHING..YOU....SELLING
OUT........
One who ran into a car, one who tripped
on a stone and fell on a stick that poked
through his heart. Lost and forgotten,
they've gone into the world to become
the snap of a branch, the skittering
of leaves. What are they whispering?
It's late and it's cold. THEY WANT TO COME IN...
o.O MERRY CHRISTMAS... o.O 4nd unh4ppy 2008! . . . .
,`,`,`,`,
Kevin Mitnick . . . . `\`\`\`\;
`\`\`\`\`, ~|;!;!;\!
Nate Lawson ~\;\;\;\|\ (--,!!!~`!
.
(--,\\\===~\ (--,|||~`!
./
Pedtko D. Petkov (--,\\\===~\ `,-,~,=,:.
_,//
(--,\\\==~`\ ~-=~-.---
|\;/J,
Tom Ferris ( --,\\\((```==. ~'`~/
a |
(-,.\\('('(`\\. ~'=~|
\_. \
Thomas Ptacek (,--(,(,(,'\\. ~'=|
\\_;>
(,-( ,(,(,;\\ ~=/ \
OWASP (,-/ (.(.(,;\\,/ )
(,--/,;,;,;,\\
./------.
Kurt Seifreid (==,-;-'`;'
/_,----`. \
,.--_,__.-'
`--. ` \
Alan Shimel (='~-_,--/ ,
,!,___--. \ \_)
(-/~( | \ ,_-
| ) /_|
Still(in)Secure (~/((\ )\._, |-'
_,/ /
\\)))) / ./~. |
\_\;
Security Bloggers Network ,__///// / / ) /
'===~' | | (, <.
Core Security / / \. \
P0W3R3DBY4N4RMY
_/ / \_\
0FFUCK1NUN1K0RNZ
... AND YOU! /_!/ >_\
....... ........... .............. ...... ......... .........
......... .......
Ho fucking ho, ho fucking ho, fuckin ho, fuckin ho, fuckin ho,
fuckin ho ho ho!
....... ....OUT....TO....GET...JOO.... ...... ..................
......... ....
"The whole IT security industry is an accident -- an artifact
of how the
computer industry developed." Bruce Schneier
o.Oo.O 1. THE HIT LIST: "R1d1n j00 Yah00"
The Judge for Security Sellout Crimes hereby wages war against:
|/| Tom Ferris @ adobe.com security-
protocols.com
|/| Matasano LLC @ matasano.com
sockpuppet.org
|/| Nate Lawson @ rootlabs.com
|/| Joanna Rutkowska @ trannyvideos.com
|/| Petko D. Petkov @ googlemail.com
gnucitizen.org
|/| Matt Richard @ idefense.com
|/| /\) Toralv Dirro @ mcafee.com AVERT Labs
|/|/\/ Dan Kaminsky @ ioactive.com
arkham.wstn.ioactive.com
|/|\/ Dror Shalev @ sec.drorshalev.com
(\\\) Dragos Riuiu @ gaysecwest.com
(\\\) Thorsten Holz @ honeynet.org mwcollect.org
(\\\) Andre Protas @ eeye.com mwcollect.org
(IDA leaker)
(\\\) Gadi Evron @ linuxbox.org
kosherobese.org
(\\\) Valdis Kletnieks @ vt.edu & his alcoholic
mother
/\\/\ Robert Lemos @ securityfocus.com
/ ,^./\ Ryan Naraine @ zdnet.com gmail.com
/ / \/\ Beyond Security @ Isreal, Gadi's bitch tits
/ / \/\ SecReview @ blogspot.com (gay reviews)
( ( )/) Juha-Matti Laurio @ netti.fi & Isreal (blog
moron)
| | |/| Sergio Alvarez @ gmail.com nruns.com (AV
rapist)
| | DIE |/| Theo de Raadt @ cvs.openbsd.org
gaydate.com
| | |/| Alan Shimel @ yahoo.com stillsecure.com
( ( )/) Lance M. Havok @ dumb.lame.idiot.pl
\ \ / / kingcope/kcope @ gmx.net lame.idiot.de
\ `---' / Jennifer Granick @ whitefat.defender.lame
`-----' David Maynor @ gmail.com erratasec.com
apple.com
Andrew Cushman @ microsoft.com gossip.sec
On 4 l0ng 3n0f t1m3l1n3, th3 surv1v4l r4t3 f0 3v3ry0n3 dr0pz t0
z3r0.
Th4t t1m3l1n3 3ndz 0n Xm4z 2007. G3t r34dy f0 t3 fuck1n rucku5.
B14tch3z b3 g3tt1n r41d3d... 4bd1c8 or b3 n3zt 1n l1n3!
W3 4r3 v3rrry pr0ud 0f 0ur fr31ndz 4t Core Security f0r th3 Theo de
Raadt
hum1l14t10n, y3t y0 4r3 s3ll1ng 0ut t00 m|_|ch. D0n b3 l4m3 thx!
....................................................................
...........
o.Oo.O 2. PETKO D. PETKOV EXPOSED: STUP1D INZ1D3, ARROG4NT OUTS1D3
W007 f1rz7 1n l1n3 1z Petko D. Petkov, pdp, th3 1337 wh1t3h47: l3tz
z33 s0m
m41lz fr0m h1z m41lb0z (h4s b4ckup s1nc3 2005! uz3l3z h34d3rz
ztr1p3d):
Delivered-To: pdp.gnucitizen@...il.com
Received: by 10.35.34.18 with SMTP id m18cs29927pyj;
Fri, 24 Mar 2006 11:24:20 -0800 (PST)
Received: by 10.65.181.7 with SMTP id i7mr885419qbp;
Fri, 24 Mar 2006 11:24:00 -0800 (PST)
Return-Path: <full-disclosure-bounces@...ts.grok.org.uk>
Received: from lists.grok.org.uk (lists.grok.org.uk
[195.184.125.51])
by mx.gmail.com with ESMTP id
f15si768247qba.2006.03.24.11.23.48;
Fri, 24 Mar 2006 11:24:00 -0800 (PST)
designates 195.184.125.51 as permitted sender)
Received: from lists.grok.org.uk (localhost [127.0.0.1])
by lists.grok.org.uk (Postfix) with ESMTP id 30966F93;
Fri, 24 Mar 2006 19:19:43 +0000 (GMT)
X-Original-To: full-disclosure@...ts.grok.org.uk
Delivered-To: full-disclosure@...ts.grok.org.uk
Received: from mail.atlasvanlines.ca (unknown [66.207.102.26])
by lists.grok.org.uk (Postfix) with ESMTP id 439D01F2
for <full-disclosure@...ts.grok.org.uk>;
Fri, 24 Mar 2006 14:53:15 +0000 (GMT)
Date: Fri, 24 Mar 2006 09:53:57 -0500
Message-ID:
<517427E78F20CF4DB817BEB8504B002B013E69A9@...l.atlasvanlines.ca>
From: "Andrew Florjancic" <aflorjancic@...asvanlines.ca>
To: "Theo de Raadt" <deraadt@....openbsd.org>, "Gadi Evron"
<ge@...uxbox.org>
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: [Full-disclosure] RE: SendGate: Sendmail Multiple
Vulnerabilities
(Race Condition DoS, Memory Jumps, Integer Overflow)
Sender: full-disclosure-bounces@...ts.grok.org.uk
Finally PEOPLE speak the TRUTH!!!! Well said!!=20
- -----Original Message-----
From: Theo de Raadt [mailto:deraadt@....openbsd.org]=20
Sent: Thursday, March 23, 2006 9:52 PM
To: Gadi Evron
Cc: bugtraq@...urityfocus.com; full-disclosure@...ts.grok.org.uk
Subject: Re: SendGate: Sendmail Multiple Vulnerabilities (Race
Condition
DoS, Memory Jumps, Integer Overflow)=20
> Sendmail is, as we know, the most used daemon for SMTP in the
world.=20
> This is an International Infrastructure vulnerability and should
have=20
> been treated that way. It wasn't. It was handled not only poorly,
but=20
> irresponsibly.
You would probably expect me to the be last person to say that
Sendmail
is perfectly within their rights. I have had a lot of problems with
what they are doing.
But what did you pay for Sendmail? Was it a dollar, or was it more?
Let me guess. It was much less than a dollar. I bet you paid
nothing.
So does anyone owe you anything, let alone a particular process
which
you demand with such length?
Now, the same holds true with OpenSSH. I'll tell you what. If
there is
ever a security problem (again :) in OpenSSH we will disclose it
exactly
like we want, and in no other way, and quite frankly since noone has
ever paid a cent for it's development they have nothing they can say
about it.
Dear non-paying user -- please remember your place.
Or run something else.
OK?
Luckily within a few months you will be able to tell Sendmail how to
disclose their bugs because their next version is going to come out
with
a much more commercial licence. Then you can pay for it, and then
you
can complain too.
w007! w007! w007! w007! w007! w007! G4D1 VS. TH30!!?????
International Infrastructure vulnerability
DANGER DANGER DANGER DANGER
strcpy(burger,gadi);
Delivered-To: pdp.gnucitizen@...il.com
Received: by 10.90.50.9 with SMTP id x9cs508025agx;
Thu, 28 Jun 2007 07:09:33 -0700 (PDT)
Received: by 10.100.195.10 with SMTP id
s10mr1111608anf.1183039772787;
Thu, 28 Jun 2007 07:09:32 -0700 (PDT)
Return-Path: <david.kierznowski@...il.com>
Received: from wr-out-0506.google.com (wr-out-0506.google.com
[64.233.184.237])
by mx.google.com with ESMTP id
c4si9154299anc.2007.06.28.07.09.31;
Thu, 28 Jun 2007 07:09:32 -0700 (PDT)
Received: by wr-out-0506.google.com with SMTP id i4so569430wra
for <pdp.gnucitizen@...glemail.com>; Thu, 28 Jun 2007
07:09:31 -0700 (PDT)
Received: by 10.90.119.15 with SMTP id
r15mr1685038agc.1183039771473;
Thu, 28 Jun 2007 07:09:31 -0700 (PDT)
Received: by 10.90.104.12 with HTTP; Thu, 28 Jun 2007 07:09:31 -
0700 (PDT)
Message-ID:
<f4cd4c010706280709o25bec985kf7393272444d0cbd@...l.gmail.com>
Date: Thu, 28 Jun 2007 15:09:31 +0100
From: "David Kierznowski" <david.kierznowski@...il.com>
To: "pdp (architect)" <pdp.gnucitizen@...glemail.com>
Subject: Re: blog security
In-Reply-To:
<6905b1570706280658h2eb21bc4pe03528ef085c9af3@...l.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_Part_44034_2752723.1183039771445"
References:
<6905b1570706280625p48ff650blab35a5d471fcb8ad@...l.gmail.com>
<f4cd4c010706280630p3a5d517dyb6658d4323b4bc2e@...l.gmail.com>
<6905b1570706280658h2eb21bc4pe03528ef085c9af3@...l.gmail.com>
- ------=_Part_44034_2752723.1183039771445
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Let me think on it...
On 28/06/07, pdp (architect) <pdp.gnucitizen@...glemail.com> wrote:
>
> I am in winterflood ... do you like the idea of microblogging...
>
> I was thinking that we could have to types of blogs on
gnucitizen...
> the standard one.. which is what we have atm and a micro blog
which is
> actually another category called microblog which contains
messages and
> interesting info but in very all in all very short format.
>
> what do u think... cuz guys, I don't know how they doit but guys
like
> 0x000000 have more trafic ranking acording to alexa then us and
rsnake
> is the king of the hill.... we need to truely combine forces and
get
> them out from the top place... but we need to layout an attack...
> startey...
>
> any ideas?
>
> On 6/28/07, David Kierznowski <david.kierznowski@...il.com> wrote:
> > Lets catch up tomorrow so we can plan the move and format and I
have a
> > couple of other ideas around the project that I can fill you in
on.
> >
> > Hows L2012?
> >
> > David
> >
> >
> > On 28/06/07, pdp (architect) <pdp.gnucitizen@...glemail.com>
wrote:
> > > what's up
> > > we need to start thinking how we are going to move
blogsecurity to
> > > gnucitizen. Do you mind if we follow the same theme... that
will be
> > > the easiest way to do it. I have some cool ideas about how to
graph
> > > the wp-scanner results via Flex.
> > > --
> > > pdp (architect) | petko d. petkov
> > > http://www.gnucitizen.org
> > >
> >
> >
>
>
> --
> pdp (architect) | petko d. petkov
> http://www.gnucitizen.org
>
ALERT ALERT ALERT ALERT ALERT ALERT ALERT ALERT ALERT ALERT
ALERT ALERT
PDP & D4V1D K13RZ0ZKI W4NT TOP R4NKZ ON G0000GL3 4ND 4L3X4. Z0
TH31R 4DZ
G3T M0R3 M0N3YZ!!11!!!1 RSNAKE FEAR! truely! PDP 1Z ZT1LL
PL4NN1NG 4TT4CK!
Received: by 10.35.48.16 with HTTP; Sun, 3 Sep 2006 03:12:54 -0700
(PDT)
Message-ID:
<6905b1570609030312n76367496p61debdbf3215ec09@...l.gmail.com>
Date: Sun, 3 Sep 2006 11:12:54 +0100
From: "pdp (architect)" <pdp.gnucitizen@...glemail.com>
To: pagvac <unknown.pentester@...il.com>
Subject: have a look
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_Part_28854_31891556.1157278374496"
Delivered-To: pdp.gnucitizen@...il.com
- ------=_Part_28854_31891556.1157278374496
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
hei, man
here is something that I wrote yesterday night. Can you have a look
through it and tell me what you think. I will put it on my blog but
I
have some reservations so I need advice from true friend. If it is
lame, just tell me. :) Thanks man. Check the attachment.
- --
pdp (architect)
http://www.gnucitizen.org
- ------=_Part_28854_31891556.1157278374496
Content-Type: application/vnd.oasis.opendocument.text;
name="Backdooring Flash Objects.odt"
Content-Transfer-Encoding: base64
X-Attachment-Id: f_ern9mek7
Content-Disposition: attachment; filename="Backdooring Flash
Objects.odt"
L4M3 4TT4CHM3NT...
- ------=_Part_28854_31891556.1157278374496--
PDP Y0 D0NT N33D T0 M41L UR H4CK3R FR31NDS T0 4SK 1F 1TZ L4M3!
L34V3
TH3 3M41L S0 THE GH0ZTZ C4N Z33 1T. 1ND33D, 1TZ L4M3. BUT Y0
P0ZT3D
1T!!?? Th4nkz
From: "pdp (architect)" <pdp.gnucitizen@...glemail.com>
To: pagvac <unknown.pentester@...il.com>
Subject: Re: have a look
In-Reply-To:
<b7a807650609041500r5e5f067ah6541a7612b63b80a@...l.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References:
<6905b1570609030312n76367496p61debdbf3215ec09@...l.gmail.com>
<b7a807650609041500r5e5f067ah6541a7612b63b80a@...l.gmail.com>
Delivered-To: pdp.gnucitizen@...il.com
well, :) too late... it is up now. The modified version is on
http://www.gnucitizen.org.
I am also working on some other cool stuff that you may find
extremely
interesting.
On 9/4/06, pagvac <unknown.pentester@...il.com> wrote:
> i like it, but a bit too heavy for my taste. it feels too long. my
> mind was only able to read about 60% of it. of course, this is
just my
> opinion, so you shouldn't take it as the absolute truth ;-)
>
> if it took u testing X number of tools until u made it work u
could
> have just said that in one line and then go straight to examples
using
> the tool that finally worked. people like practical and quick
things
> (again this is my opion).
>
> other than that, interesting topic (backdooring a flash file).
>
> On 9/3/06, pdp (architect) <pdp.gnucitizen@...glemail.com> wrote:
> > hei, man
> > here is something that I wrote yesterday night. Can you have a
look
> > through it and tell me what you think. I will put it on my blog
but I
> > have some reservations so I need advice from true friend. If it
is
> > lame, just tell me. :) Thanks man. Check the attachment.
> >
> > --
> > pdp (architect)
> > http://www.gnucitizen.org
> >
> >
> >
>
>
> --
> pagvac
> [http://ikwt.com/]
>
- --
pdp (architect)
http://www.gnucitizen.org
N0W Y0R R34D3RZ C4N F1ND G00D PDP 0D4Y H3R3 T00. 4ND Y0
H4V3 FR33
3M41L B4CKUPZ! HEHEHEHEHEHEHEHEHE
Date: Tue, 5 Sep 2006 17:38:48 +0100
From: "pdp (architect)" <pdp.gnucitizen@...glemail.com>
To: pagvac <unknown.pentester@...il.com>
Subject: Re: have a look
In-Reply-To:
<b7a807650609050859r23e3aa5x8364f48dfe224ea7@...l.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References:
<6905b1570609030312n76367496p61debdbf3215ec09@...l.gmail.com>
<b7a807650609041500r5e5f067ah6541a7612b63b80a@...l.gmail.com>
<6905b1570609050555s1be2e41eu1b4953cfe76dd2f1@...l.gmail.com>
<b7a807650609050859r23e3aa5x8364f48dfe224ea7@...l.gmail.com>
Delivered-To: pdp.gnucitizen@...il.com
don't get you man
On 9/5/06, pagvac <unknown.pentester@...il.com> wrote:
> On 9/5/06, pdp (architect) <pdp.gnucitizen@...glemail.com> wrote:
> > well, :) too late... it is up now. The modified version is on
> > http://www.gnucitizen.org.
> > I am also working on some other cool stuff that you may find
extremely
> > interesting.
>
> "extremely interesting" tells me nothing unless you tell me what
> exactly you're talking about ;-D
PDP.... YO N33D T0 3ZPL41N TH1NGZ S0 P30PL3S D0NT TH1NK Y0 4R3
T4LK1NG BULLSH1TZ
Received: by 10.35.48.16 with HTTP; Tue, 5 Sep 2006 13:26:57 -0700
(PDT)
Message-ID:
<6905b1570609051326q30d18acfn6669efc78d2a5d9c@...l.gmail.com>
Date: Tue, 5 Sep 2006 21:26:58 +0100
From: "pdp (architect)" <pdp.gnucitizen@...glemail.com>
To: pagvac <unknown.pentester@...il.com>
Subject: Re: have a look
In-Reply-To:
<b7a807650609051155q76da4047j36d423bf442fcc94@...l.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References:
<6905b1570609030312n76367496p61debdbf3215ec09@...l.gmail.com>
<b7a807650609041500r5e5f067ah6541a7612b63b80a@...l.gmail.com>
<6905b1570609050555s1be2e41eu1b4953cfe76dd2f1@...l.gmail.com>
<b7a807650609050859r23e3aa5x8364f48dfe224ea7@...l.gmail.com>
<6905b1570609050938l4f6c6a0fqe8826f2165f921ef@...l.gmail.com>
<b7a807650609051155q76da4047j36d423bf442fcc94@...l.gmail.com>
Delivered-To: pdp.gnucitizen@...il.com
ieh, but sometimes I want it to be a surprise ;-)
On 9/5/06, pagvac <unknown.pentester@...il.com> wrote:
> On 9/5/06, pdp (architect) <pdp.gnucitizen@...glemail.com> wrote:
> > don't get you man
>
> sorry, I'm tired. basically all I'm saying is that why tell me
u're
> working on something interesting if you dont tell me what it
is?!!!
> it'll only be interesting if i know what it is - you know what i
mean
> ;-)
>
> u know me, im curious. do always tell me what ure working on!
PDP.... M41L DISCL0ZUR3 SURP1Z3! H4PPY XM4Z HEHEHEHE W3 4R3 V3RY
CUR10UZ T00
Received: by 10.35.48.16 with HTTP; Tue, 5 Sep 2006 18:07:02 -0700
(PDT)
Message-ID:
<6905b1570609051807n5fef365epe9cdf3928c44868d@...l.gmail.com>
Date: Wed, 6 Sep 2006 02:07:02 +0100
From: "pdp (architect)" <pdp.gnucitizen@...glemail.com>
To: pagvac <unknown.pentester@...il.com>
Subject: Re: have a look
In-Reply-To:
<6905b1570609051326q30d18acfn6669efc78d2a5d9c@...l.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References:
<6905b1570609030312n76367496p61debdbf3215ec09@...l.gmail.com>
<b7a807650609041500r5e5f067ah6541a7612b63b80a@...l.gmail.com>
<6905b1570609050555s1be2e41eu1b4953cfe76dd2f1@...l.gmail.com>
<b7a807650609050859r23e3aa5x8364f48dfe224ea7@...l.gmail.com>
<6905b1570609050938l4f6c6a0fqe8826f2165f921ef@...l.gmail.com>
<b7a807650609051155q76da4047j36d423bf442fcc94@...l.gmail.com>
<6905b1570609051326q30d18acfn6669efc78d2a5d9c@...l.gmail.com>
Delivered-To: pdp.gnucitizen@...il.com
so, you can check my new baby on my website :)
On 9/5/06, pdp (architect) <pdp.gnucitizen@...glemail.com> wrote:
> ieh, but sometimes I want it to be a surprise ;-)
>
(S0, Y0U C4N CH3CK PDP EM41LZ ON 1NT3RN3TS) HEHEHEHEHEHE
Delivered-To: pdp.gnucitizen@...il.com
Received: by 10.35.48.16 with SMTP id a16cs7553pyk;
Mon, 4 Sep 2006 04:36:36 -0700 (PDT)
Received: by 10.35.39.2 with SMTP id r2mr9977768pyj;
Mon, 04 Sep 2006 04:36:36 -0700 (PDT)
Return-Path: <petko.petkov@...-monitor.com>
Received: from mercury.nta-monitor.com (dsl-62-3-105-225.zen.co.uk
[62.3.105.225])
by mx.gmail.com with ESMTP id
v53si5193691pyv.2006.09.04.04.36.35;
Mon, 04 Sep 2006 04:36:36 -0700 (PDT)
Received: from [192.168.124.33] (petko.nta-monitor.com
[192.168.124.33])
by mercury.nta-monitor.com (8.13.4/8.13.4/Debian-3sarge1) with
ESMTP id k84BaY5G005589
for <pdp.gnucitizen@...il.com>; Mon, 4 Sep 2006 12:36:34 +0100
Message-ID: <44FC0FC2.7020006@...-monitor.com>
Date: Mon, 04 Sep 2006 12:36:34 +0100
From: Petko Petkov <petko.petkov@...-monitor.com>
User-Agent: Thunderbird 1.5.0.5 (Windows/20060719)
MIME-Version: 1.0
To: pdp.gnucitizen@...il.com
Subject: good start
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Scanned-By: MIMEDefang 2.51 on 192.168.124.1
X-Virus-Scanned: ClamAV 0.88.4/1795/Sun Sep 3 23:48:24 2006 on
mercury.nta-monitor.com
X-Virus-Status: Clean
Web browser flaws are nothing new, but the professional crooks are
finding new ways to combine these flaws into a system for turning a
quick profit. This post describes an example of how one web site is
combining system fingerprinting, browser vulnerabilities, email
spam,
fake web forums, and buggy PHP applications into an automated
malware
installation system.
good start !!!!
!! ALERT ALERT ALERT ALERT ALERT ALERT ALERT ALERT ALERT
ALERT ALERT
PDP H4Z PSYCH0 PR0BL3MZ H3 M41LZ H1MZ3LF. PL1Z N0T3 TH33Z:
mercury.nta-monitor.com (8.13.4/8.13.4/Debian-3sarge1) D3B14N
0WN3D L0L!
petko.nta-monitor.com [192.168.124.33] N0
J4V4ZCR1PT P0RT SC4N
dsl-62-3-105-225.zen.co.uk [62.3.105.225] N33D3D!
HEHEHEHE
0KZ, TH4NKZ F0R TH3 H0M3 1P 4ND C0RP0R4T3 3M41LZ! HEHEHEHEHEHEHEHE
PL1Z FB1 CH3CK TH4T 4DSL F0R CH1LD PR0N 4ND 1LL3G4L SH1TZ!!!!!!!!
!! ALERT ALERT ALERT ALERT ALERT ALERT ALERT ALERT ALERT
ALERT ALERT
Received: by 10.35.54.8 with HTTP; Sat, 13 May 2006 10:52:00 -0700
(PDT)
Message-ID:
<6905b1570605131052y77364439yada2a7187ad03884@...l.gmail.com>
Date: Sat, 13 May 2006 18:52:00 +0100
From: "Petko Petkov" <pdp.gnucitizen@...glemail.com>
To: "Nabil c.nabil" <c.nabil@...il.com>
Subject: Re: he pedko
In-Reply-To:
<6905b1570605130259j60531db6q8ae2275e9abe42d3@...l.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
References:
<eaef2e580605120932o7e6a992ag767497fe4afd7b9@...l.gmail.com>
<6905b1570605130259j60531db6q8ae2275e9abe42d3@...l.gmail.com>
Delivered-To: pdp.gnucitizen@...il.com
Nabil,
I will look for LC5 latter but I don't know if I will be able to
find
it or even send it. The best thing to do is to get it from
bittorent.
It will take you less than 10 minutes.
I can write the software for you but I don't have any details. If
you
tell me where you want to login to, what username and password (this
is for testing when developing the application) you have to use and
what information you are looking for I will be able to help you.
Cheers man,
Speek to you soon.
On 5/13/06, Petko Petkov <pdp.gnucitizen@...glemail.com> wrote:
> man, I will play arround with it latter on and I will send you
LC5 if
> I can dig it up from the pile of cds I have... cheers.
>
> On 5/12/06, Nabil c.nabil <c.nabil@...il.com> wrote:
> > hi pedko
> >
> > i just need this favor,
> >
> > it s very simple, i need a software which according to the time
of the
> > computer, for example it checks the system time, 10am, 10 of
may 2006, =
log
> > in to a website with username and password, click on inbox,
click on 1 =
st
> > email, retrieve email content, log out.
> >
> > then again, 11 may 2006, at 10 am, same steps,
> >
> > if it is too much just give some hints of how to do it the
simplest way=
ok
> >
> > or otherswise you can send me the program with sourcecode u
already mad=
e, i
> > try to understand a nd change it the way i want
> >
> > and plus, the lc5 software please
> >
> > thank you so much i know i always ask thos kind of favors
> >
> > you have to come, and probably, joseph will be here as well.
> >
> > i just so adrian, yesterday in the graduation ceremony
> >
> > it was nice
> >
> > so let me know if everything is ok
> >
> > thanks again
> >
> > nabil
> >
> >
> >
> >
> >
>
ALERT: PETKO D. PETKOV 1Z A CR4CK3R 4ND B4D H4CK3R H3Z D01NG
TR0J4NZ!
Received: by 10.35.48.16 with HTTP; Sun, 11 Jun 2006 07:19:20 -0700
(PDT)
Message-ID:
<6905b1570606110719j61183a76sde7dde0aa05ea641@...l.gmail.com>
Date: Sun, 11 Jun 2006 15:19:20 +0100
From: "Petko Petkov" <pdp.gnucitizen@...glemail.com>
To: "Halvar Flake" <halvar@....de>
Subject: Re: [Dailydave] Statistical distinguisher for compression
algorithms ?
In-Reply-To: <017901c68bb8$75cb0300$c7b2a8c0@...Q6Z1J>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <017901c68bb8$75cb0300$c7b2a8c0@...Q6Z1J>
Delivered-To: pdp.gnucitizen@...il.com
Well, I am not an exprert, however this is what I think:
If the data is actually a file, which is probably what you are
looking
at the moment, you can save it as such and run some of these
signature
tools; like 'file' for UN/LIN. It is lame and stupid I know. :)
On 6/9/06, Halvar Flake <halvar@....de> wrote:
>
>
> Hey all,
>
> I ran into a small problem today: Given a stream of data that I
suspect to
> be compressed with
> a well-known lossless compression algorithm, is there a way of
deciding
> which algorithm that
> might be ?
>
> It appears to be such a common problem that somebody else (who
understands
> something about
> statistics, which I don't) would've run into -- can somebody give
me
> pointers to existing work on
> this perhabs ?
>
> Cheers,
> Halvar
PDP H3LPZ H4LV4R G3N1UZ T0 4DD F1L3 ID T0 BINDIFF 1N J4V4
TW0 0F TH3 B3ZT WH1T3H4TZ W0RK1NG T0G3TH3RZ F0R B3TT3R W0RLDZ!!
L1K3 CLAMAV-SCAN | RM -RF / | ECHO HEHEHEHEHEHEHEHEHEHEHE
Received: by 10.35.48.16 with HTTP; Tue, 13 Jun 2006 01:39:04 -0700
(PDT)
Message-ID:
<6905b1570606130139y13b27808mc9a922139dd3d914@...l.gmail.com>
Date: Tue, 13 Jun 2006 09:39:04 +0100
From: "pdp (architect)" <pdp.gnucitizen@...glemail.com>
To: RSnake <h@...rs.org>
Subject: Re: [Full-disclosure] Hotbot XSS vulnerability
In-Reply-To: <448DB7DD.1060704@...rs.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <448C92D7.5060309@...rs.org>
<6905b1570606120556l48509e82q7380d134bb11554d@...l.gmail.com>
<448DB7DD.1060704@...rs.org>
Delivered-To: pdp.gnucitizen@...il.com
Yeh, javascript is amazing... I am quite interested in XSS worms.
Did
you have a look on the latest yahoo worm. After myspace incident, it
is getting quite attractive way of compromising online accounts and
generating network activity which could lead to ddos.
cheers
On 6/12/06, RSnake <h@...rs.org> wrote:
>
> Thanks! I'm giving it my best shot - trying to document all
the
> known vectors... of course I'm not enumerating them, but this is
about
> as close as it gets without writing an application to do that.
Alas,
> I'm pretty hindered by what HTML and JavaScript can do. :)
>
> pdp (architect) wrote:
> > I like your website dude... you have nice collection of XSS
going on
> > there. Keep on comming with good stuff.
> >
> > cheers
> >
> > P.S. indeed, this hotbot XSS is quite funny.
> >
> > On 6/11/06, RSnake <h@...rs.org> wrote:
> >> There's a vulnerability in the way Hotbot parses text to
display on the
> >> page during search results. The description of the flaw is
located
> >> here: http://ha.ckers.org/blog/20060611/hotbot-xss-
vulnerability/
> >>
> >> -RSnake
> >> Home: http://ha.ckers.org/
> >> RSS: http://ha.ckers.org/blog/feed/
> >>
> >> _______________________________________________
> >> Full-Disclosure - We believe in it.
> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> Hosted and sponsored by Secunia - http://secunia.com/
> >>
> >
> >
>
>
- --
pdp (architect)
http://www.gnucitizen.org
FULL-DICLOSURE: WE BELIEVE IN IT! HEHEHEHEHEHEHEHEHEHE (W1TH
3M41LZ!)
0KZ, Z0 P3RTY XSS C0LL3CT10N! N0W Y0 C4N WR1T3 W0RMZ 4ND B4D SH1TZ!
RSNAKE T34CH3Z MICROSOFT HOW TO H4CK 1N W3BZ W1TH J4V4SCR1P7!!!
willey note: th3y s3cr3tly w4nt t0 ddos pr0n starz myspaces
Delivered-To: pdp.gnucitizen@...il.com
Received: by 10.35.48.16 with SMTP id a16cs81080pyk;
Mon, 19 Jun 2006 01:12:39 -0700 (PDT)
Received: by 10.49.28.14 with SMTP id f14mr5099255nfj;
Mon, 19 Jun 2006 01:12:38 -0700 (PDT)
Return-Path: <Zone-H@...e-h.org>
Received: from zone-h.org (www.zone-h.org [213.219.122.11])
by mx.gmail.com with ESMTP id
p45si5399516nfa.2006.06.19.01.12.38;
Mon, 19 Jun 2006 01:12:38 -0700 (PDT)
Received-SPF: pass (gmail.com: best guess record for domain of Zone-
H@...e-h.org
designates 213.219.122.11 as permitted sender)
Received: from www.zone-h.org (localhost [127.0.0.1])
by zone-h.org (Postfix) with ESMTP id 8A8C53D396
for <pdp.gnucitizen@...il.com>; Mon, 19 Jun 2006 11:13:05 +0300
(EEST)
Date: Mon, 19 Jun 2006 11:13:05 +0300
To: pdp.gnucitizen@...il.com
From: Zone-H <Zone-H@...e-h.org>
Subject: Account details for pdp (architect) at www.zone-h.org
Message-ID: <8d0c69819c373a2249efda3fc0367609@....zone-h.org>
X-Priority: 3
X-Mailer: PHPMailer [version 1.73]
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="iso-8859-1"
Hello pdp (architect),
Thank you for registering at www.zone-h.org. Your account is
created and must be activated before you can use it.
To activate the account click on the following link or copy-paste
it in your browser:
http://www.zone-
h.org/index.php?option=com_registration&task=activate&activation=313
f0d99f776607a892a7abf1874483b
After activation you may login to http://www.zone-h.org using the
following username and password:
Username - pdp
Password - pe123_ter
TH4NKZ PDP N0W C4N SUBM1T H1Z D3F4C3M3NTZ TO ZONE-H (N0W YOU C4N
T00) HEHEHE
Received: by 10.35.48.16 with HTTP; Wed, 28 Jun 2006 07:18:45 -0700
(PDT)
Message-ID:
<6905b1570606280718v46e1bd23q47c7a687607ba5e7@...l.gmail.com>
Date: Wed, 28 Jun 2006 15:18:45 +0100
From: "pdp (architect)" <pdp.gnucitizen@...glemail.com>
To: "Matthew Franz" <mdfranz@...il.com>
Subject: Re: Jython Shell
In-Reply-To:
<33acb3db0606280705s1a8d5b76m42493e5476791cb1@...l.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References:
<6905b1570606261323o5801bf6fn4225549238d8924c@...l.gmail.com>
<33acb3db0606272134w50f800e5v66c96ec84b70628c@...l.gmail.com>
<6905b1570606272311g7c459672n44d659b33a512cb9@...l.gmail.com>
<33acb3db0606280705s1a8d5b76m42493e5476791cb1@...l.gmail.com>
Delivered-To: pdp.gnucitizen@...il.com
I will do that soon :) check my website in a week time or subscribe
to the feed
cheers
On 6/28/06, Matthew Franz <mdfranz@...il.com> wrote:
> Exactly, and for some of the stuff I've been using there were no
> Python APIs or the Java ones were much better :)
>
> Do you have the complete source/build instructions up anywhere?
>
> On 6/28/06, pdp (architect) <pdp.gnucitizen@...glemail.com> wrote:
> > I am happy that you like it... since java has so much good API,
why
> > not reuse it?
> >
> > cheers
> >
> > On 6/28/06, Matthew Franz <mdfranz@...il.com> wrote:
> > > This great, thanks for posting to dd!
> > >
> > > I too have gotten hooked on jython over the last few months.
> > >
> > > - mdf
> > >
> > > On 6/26/06, pdp (architect) <pdp.gnucitizen@...glemail.com>
wrote:
> > > > In the last couple of days I've been doing some Java
programming. :)
> > > > that was funny, anyway this is a simple jython shell that
can run of
> > > > the browser. Of course in order to that you have to give
jython some
> > > > extra privileges but this is not the point.
> > > >
> > > > The purpose of my little experiment is to make python a bit
more
> > > > modular so I can run my scripts on every machine that has
Java
> > > > installed (no Java Mobile unfortunately). I am also using
the shell to
> > > > code python on the fly which is sometimes very handy.
> > > >
> > > > Now, some people may ask why a tool like this is posted on
security
> > > > mail lists. Well, I guess you don't know python. IMHO
python can come
> > > > very handy if you know it. It saved the day many times in my
> > > > professional career.
> > > >
> > > > If you have any problems with the applet bash me an email.
I am kind
> > > > of constantly improving it. I am also building a small
collection of
> > > > security related scripts that will come as a module which
you guys can
> > > > execute whenever you need.
> > > >
> > > > thanks.
> > > >
> > > > P.S. btw, this is the URL
<http://www.gnucitizen.org/projects/jython-shell/>
> > > >
> > > > --
> > > > pdp (architect)
> > > > http://www.gnucitizen.org
> > > >
> > > > ------------------------------------------------------------
- -------------
> > > > Sponsored by: Watchfire
> > > >
> > > > As web applications become increasingly complex, tremendous
amounts of
> > > > sensitive data - personal, medical and financial - are
exchanged, and
> > > > stored. Consumers expect and demand security for this
information. This
> > > > whitepaper examines a few vulnerability detection methods -
specifically
> > > > comparing and contrasting manual penetration testing with
automated
> > > > scanning tools. Download "Automated Scanning or Manual
Penetration
> > > > Testing?" today!
> > > >
> > > >
https://www.watchfire.com/securearea/whitepapers.aspx?id=70130000000
8BOQ
> > > > ------------------------------------------------------------
- --------------
> > > >
> > > >
> > >
> > >
> > > --
> > > Matthew Franz
> > > http://www.threatmind.net
> > >
> >
> >
> > --
> > pdp (architect)
> > http://www.gnucitizen.org
> >
>
>
> --
> Matthew Franz
> http://www.threatmind.net
>
- --
pdp (architect)
http://www.gnucitizen.org
ALERT ALERT ALERT ALERT ALERT ALERT ALERT ALERT ALERT ALERT
ALERT ALERT
MDFRANZ MDFRANZ MDFRANZ MDFRANZ MDFRANZ CISCO MDFRANZ MDFRANZ
MDFRANZ
pdp f1ndz j4v4 funny!
'It saved the day many times in my professional career.' Petko
D. Petkov
(t4lk1ng 0n Pyth0n 0r cr0ss l1s7 p0st1ngz (CLP) ???????)
hehehehe
To: full-disclosure@...ts.grok.org.uk,
dailydave@...ts.immunitysec.com,
pen-test@...urityfocus.com, webappsec@...urityfocus.com,
P0LT3RG31S7@PDP
Date: Tue, 27 Jun 2006 16:04:32 +0100
From: "pdp (architect)" <pdp.gnucitizen@...glemail.com>
To: unknown.pentester@...il.com
Subject: bug me free
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Delivered-To: pdp.gnucitizen@...il.com
man you are like ghost... people cannot find you... what's going on
man
:) anyway I am completely bored that's why I am bugging you
- --
pdp (architect)
http://www.gnucitizen.org
HE HE HE HE HE HE 'man you are like ghost' HE HE HE HE HE HE!
Received: by 10.35.48.16 with HTTP; Tue, 27 Jun 2006 08:38:21 -0700
(PDT)
Message-ID:
<6905b1570606270838pdb45090w2074401762c05f1c@...l.gmail.com>
Date: Tue, 27 Jun 2006 16:38:21 +0100
From: "pdp (architect)" <pdp.gnucitizen@...glemail.com>
To: pagvacito <unknown.pentester@...il.com>
Subject: Re: bug me free
In-Reply-To:
<b7a807650606270836w1d48e1f7oc82a4b8fdb43521f@...l.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References:
<6905b1570606270804w5b77200bn9db69000432a160c@...l.gmail.com>
<b7a807650606270823s3f992187n7a2066f2a2339b89@...l.gmail.com>
<6905b1570606270830m1097af4dhdc5273c62d1b1ba8@...l.gmail.com>
<b7a807650606270836w1d48e1f7oc82a4b8fdb43521f@...l.gmail.com>
Delivered-To: pdp.gnucitizen@...il.com
sure... 700 m4ny 53(r375
On 6/27/06, pagvacito <unknown.pentester@...il.com> wrote:
> I'll tell you more about the PPTP thing in person or via PGP
>
> On 6/27/06, pdp (architect) <pdp.gnucitizen@...glemail.com> wrote:
> > man... sometimes I cannot follow your thought :) you are so
random man.
> >
> > everything sounds good. it seems that you have a lot of fun.
cool stuff man.
> >
> > I am not sure if I will be able to come to london tonight but
> > definitely I would like to do something some day.
> >
> > Today I released my JythonShell and posted my website on a
couple of
> > places. :) on the other side nothing interesting is happening.
Tell me
> > a bit more about your PPTP thing. It sounds interesting
> >
> > On 6/27/06, pagvacito <unknown.pentester@...il.com> wrote:
> > > Check this out man, unbelievable:
> > >
> > >
http://www.youtube.com/watch?v=9QuMASPj6Fg&search=new%20coke%20and%2
0mentos
> > >
> > > I'm watching Spain VS France tonight at a pub in London, you
should
> > > come! I might also be meeting Shawn on Friday so join us if
you want!
> > > He got an internship for Summer in a company located near the
Saint
> > > Paul station. Monsy is also working as a Barrista for the
Costa coffee
> > > shop in Bromley. the cool thing is that she gets free coffees
and
> > > sandwiches!
> > >
> > > I've just been playing around lately, doing vulnerability
research and
> > > also a wardrive survey in the London area for Procheckup.
listen, we
> > > found APs with the encryption key set as the SSID! do u
understand?!!
> > > the ssid were 32 hex values (128 bits - sounds familiar? like
128
> > > keys). the SSIDs looked something like \021\043\12\033 etc...
> > >
> > > other highlights is an onsite test for 3 days in Dublin for
next
> > > month, so I'm looking forward to that.
> > >
> > > other than that, ive been walking around london, making weird
noises
> > > in the office :-) and did my first VPN PPTP hack:
> > >
> > > vulnerable VNC 4.11 (auth bypass) -> local administrator
account with
> > > no password -> hushes from DC -> come back via VPN PPTP
> > >
> > > why set up a backdoor when PPTP is there for you and you have
all the
> > > usernames and passwords? PPTP is the backdoor!!!!
> > >
> > >
> > >
> > > On 6/27/06, pdp (architect) <pdp.gnucitizen@...glemail.com>
wrote:
> > > > man you are like ghost... people cannot find you... what's
going on man
> > > >
> > > > :) anyway I am completely bored that's why I am bugging you
> > > >
> > > > --
> > > > pdp (architect)
> > > > http://www.gnucitizen.org
> > > >
> > >
> > >
> > > --
> > > pagvac
> > > [http://ikwt.com]
> > >
> >
> >
> > --
> > pdp (architect)
> > http://www.gnucitizen.org
> >
>
>
> --
> pagvac
> [http://ikwt.com]
>
- --
pdp (architect)
http://www.gnucitizen.org
ALERT ALERT EMPLOYER ALERT ALERT ALERT ALERT ALERT ALERT 700
m4ny 53(r375
ALERT ALERT EMPLOYER ALERT ALERT ALERT ALERT ALERT ALERT 700
m4ny 53(r375
ALERT ALERT EMPLOYER ALERT ALERT ALERT ALERT ALERT ALERT 700
m4ny 53(r375
ALERT ALERT EMPLOYER ALERT ALERT ALERT ALERT ALERT ALERT 700
m4ny 53(r375
PDP 1N D4 UK D01NG W4RDR1V1NG????? TH4TZ N0T L3G4L
PDP 1Z G1V1NG 1NF0Z 0N H1Z J0B TO P30PL3Z? PL34S3 PDP'S
3MPL0Y3R, D1D TH1Z
GUY S1GN ND4 AGR33M3NTZ? N0t s0 pr0 0f y0u PDP!
> > > vulnerable VNC 4.11 (auth bypass) -> local administrator
account with
> > > no password -> hushes from DC -> come back via VPN PPTP
PL1Z SC0TL4ND Y4RD, TH4NK UZ F0R PR0V1D1NG 3V1D3NZ3 0F H4CKZ BY
PDP 4ND H1Z
G4NG
Message-ID:
<6905b1570607100921x12c9741di11eaa499eb1cb55d@...l.gmail.com>
Date: Mon, 10 Jul 2006 17:21:26 +0100
From: "pdp (architect)" <pdp.gnucitizen@...glemail.com>
To: unknown.pentester@...il.com
Subject: some words
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Delivered-To: pdp.gnucitizen@...il.com
hei man, I might need to leave the country in a couple of days... I
don't know. If everything is fine I could stay a bit more. There are
some complications around my visa. I just wanted to let you know
and I
will speak to you soon.
cheers
- --
pdp (architect)
http://www.gnucitizen.org
ALERT ALERT ALERT ALERT ALERT ALERT ALERT! PDP ESCAPES UNITED
KINGDOM!
C4LL SCOTL4ND Y4RD! C4LL SCOTL4ND Y4RD! C4LL SCOTL4ND Y4RD!
!!!!!!
J41L PDP! J41L PDP! J41L PDP! J41L PDP! J41L PDP! J41L PDP!
J41L PDP!
Received: by 10.35.48.16 with HTTP; Wed, 9 Aug 2006 07:25:59 -0700
(PDT)
Message-ID:
<6905b1570608090725w6c73e698h19c3d7657f0fde1@...l.gmail.com>
Date: Wed, 9 Aug 2006 15:25:59 +0100
From: "pdp (architect)" <pdp.gnucitizen@...glemail.com>
To: "Daniel Bartlett" <dan@...ox.org>
Subject: Re: [Full-disclosure] XSSing the Lan 3 (web trojans.. not
a new idea)
In-Reply-To: <44D9E9FC.8060703@...ox.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References:
<6905b1570608080618p2276dd39ta72da68e6c397318@...l.gmail.com>
<44D9B24E.3010903@...ox.org>
<6905b1570608090346pfeefdf0sac3506a6d5127e36@...l.gmail.com>
<44D9C2F2.2050301@...ox.org>
<6905b1570608090632i43139493uf36b623b53d2e645@...l.gmail.com>
<44D9E9FC.8060703@...ox.org>
Delivered-To: pdp.gnucitizen@...il.com
cool,
I've put your code into AttackaAPI.js together with credits... If we
can make all these working from a single Js file it will be great. I
am also putting cidrToRange and rangeToArray Util functions and
other
stuff that might be helpful just as a proof of concept.
I will mail you the code as soon as I finish it.
On 8/9/06, Daniel Bartlett <dan@...ox.org> wrote:
> Hi PP,
>
> pdp (architect) wrote:
> > my name is petko not petco (this is American pet company)
anyway. call
> > me pdp or pp, it doesnt matter. these are my initials anyway.
>
> OK, noted. For the record I'm Dan / Daniel, and my general
nickname
> online is DanBUK.
>
> >
> > your code is using LiveConnect. apparently this is the name of
the
> > technology firefox, opera and a dozen of other browsers are
> > implementing to make JavaScript communicate with Java.
Unfortunately
> > IE6 and IE7 does no have this facility, which means that a true
cross
> > platformed code like the one you provided requires embed Java
Object.
> > I must say your code is much neater but again cross platform
> > capabilities are also desirable.
>
> Ok that all makes sense, I was trying to stay away from "real"
Java I
> wanted all in Javascript.
>
> Actually there might be something in IE, it was not available in
Moz but
> there is a chance with IE.
>
> document.location.hostaddress
>
> >
> > cheers
> >
> > BTW, http://www.gnucitizen.org/blog/xssing-the-lan-4 thats the
forth one.
> >
>
> I just read it, well from the link you posted to FD. Should
really get
> your RSS into my aggregator...
>
> Cheers,
> Dan.
>
- --
pdp (architect)
http://www.gnucitizen.org
AMERICAN PET COMPANY AMERICAN PET COMPANY AMERICAN PET COMPANY
PDP L1KZ B3ZT14L1TY?
Received: by 10.35.48.16 with HTTP; Sun, 20 Aug 2006 05:19:34 -0700
(PDT)
Message-ID:
<6905b1570608200519s23274d91y86f34def3ada38b0@...l.gmail.com>
Date: Sun, 20 Aug 2006 13:19:34 +0100
From: "pdp (architect)" <pdp.gnucitizen@...glemail.com>
To: pdp@...citizen.org
Subject: test
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Delivered-To: pdp.gnucitizen@...il.com
test
- --
pdp (architect)
http://www.gnucitizen.org
1nd33d 1t w0rkz, gr8. l0lz.
Received: by 10.35.48.2 with HTTP; Sat, 9 Sep 2006 09:25:31 -0700
(PDT)
Message-ID:
<6905b1570609090925i51a8349cn74d1035709cbaa5d@...l.gmail.com>
Date: Sat, 9 Sep 2006 17:25:31 +0100
From: "pdp (architect)" <pdp.gnucitizen@...glemail.com>
To: "David Kierznowski" <david.kierznowski@...il.com>
Subject: Re: this is it
In-Reply-To:
<f4cd4c010609090920tc7cc812v8664a3176d8676e@...l.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References:
<6905b1570609090647l1e091afekf283089743d4e8ef@...l.gmail.com>
<f4cd4c010609090649r35ff0c45q3e162e60fbaf6cef@...l.gmail.com>
<6905b1570609090651i3d977215pb3abeffbcf46175a@...l.gmail.com>
<f4cd4c010609090653w39e2f2c2p40f6b49a6fba1e40@...l.gmail.com>
<6905b1570609090657k5d3af7cdvbf882589f5839360@...l.gmail.com>
<6905b1570609090705w4dafc798i1eb0fbdf5b89cf4c@...l.gmail.com>
<f4cd4c010609090709w4eea5814kba0169e248991277@...l.gmail.com>
<f4cd4c010609090714n2aa6f019hce7152b9c25b6b6e@...l.gmail.com>
<6905b1570609090919o2d91d9dcr77bf789785d0509b@...l.gmail.com>
<f4cd4c010609090920tc7cc812v8664a3176d8676e@...l.gmail.com>
Delivered-To: pdp.gnucitizen@...il.com
the one that you already wrote or which one
On 9/9/06, David Kierznowski <david.kierznowski@...il.com> wrote:
> did u read the introduction? :)
>
> On 09/09/06, pdp (architect) <pdp.gnucitizen@...glemail.com>
wrote:
> > this is cool
> >
> > On 9/9/06, David Kierznowski <david.kierznowski@...il.com>
wrote:
> > > Well I was thinking we can keep the table of contents but
then have
> > > generic links like:
> > > IntroductionContent
> > > Chapter1Content
> > > etc etc
> > >
> > > On 09/09/06, David Kierznowski <david.kierznowski@...il.com>
wrote:
> > > > :D
> > > >
> > > > On 09/09/06, pdp (architect)
<pdp.gnucitizen@...glemail.com> wrote:
> > > > > sorry man,
> > > > > I am paranoid :) can you change the password to something
else and sms
> > > > > it to me. :) also we should break down the structure so
it is easier
> > > > > to work but it is wiki after all :) should be easy, couse
it is not
> > > > > nice to have the book in a single page :) haha...
> > > > >
> > > > > On 9/9/06, pdp (architect)
<pdp.gnucitizen@...glemail.com> wrote:
> > > > > > ok, I'v got it... you should of actually sms me the
creds.. I don't trust google
> > > > > >
> > > > > >
> > > > > > On 9/9/06, David Kierznowski
<david.kierznowski@...il.com> wrote:
> > > > > > > stop looking at your girl and read your email
properly man, its there :)
> > > > > > >
> > > > > > > On 09/09/06, pdp (architect)
<pdp.gnucitizen@...glemail.com> wrote:
> > > > > > > > this is pretty god but I have no creds :)
> > > > > > > >
> > > > > > > > On 9/9/06, David Kierznowski
<david.kierznowski@...il.com> wrote:
> > > > > > > > > Here we go man:
> > > > > > > > >
> > > > > > > > > https://dk.strangled.net/kcgi-bin/view
> > > > > > > > > projects:xss%0wns
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > On 09/09/06, pdp (architect)
<pdp.gnucitizen@...glemail.com> wrote:
> > > > > > > > > > --
1t d03snt m4773r d00d, w3 0wn y0ur ph0n3 t00. H0wz y0 m4m4?
Message-ID:
<6905b1570609210418s79425ca0q190804d2c8a49336@...l.gmail.com>
Date: Thu, 21 Sep 2006 12:18:41 +0100
From: "pdp (architect)" <pdp.gnucitizen@...glemail.com>
To: "Naraine, Ryan" <Ryan_Naraine@...fdavis.com>
Subject: Re: eWEEK media query (Backdooring MP3 files)
In-Reply-To:
<BD2A69C91E3CF846A653B716872B0BBD0291C240@...SGVS02.media.ziffdavis.
com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References:
<BD2A69C91E3CF846A653B716872B0BBD0291C240@...SGVS02.media.ziffdavis.
com>
Delivered-To: pdp.gnucitizen@...il.com
Hi Ryan,
How are you? I will try to answer your questions as promptly as
possible. I don' t mind at all.
1. have you reported this to apple? Have they acknowledged
receiving
a report and said anything about a possible fix?
The short answer is no. Vendors are not interested in fixing issues
related to features in their products. Fixing it means removing it
or
restricting it and that is not what they want.
It is quite interesting to be a security researcher today. You can
see
patterns in the way various companies mitigate security problems
found
in their products. I don't blame them. They are quite right from
their
business point of you.
This is a quote from an article I wrote a month ago about disclosing
security vulnerabilities:
[quote]
For me and other people that I know, it is crucial to stay ahead of
the game. After all we are the good guys. It is not that we want to
satisfy our ego and that is the reason why we continue researching
these topics. All this research, could be valuable to professional
attackers but the tendency is that it will take some time until it
gets into mainstream exploitation. This gives us a couple of months
technological benefit that we will use for the good.
Now here is something that I learned from Mario Puzo's "The
Godfather". When the heads of all families gathered to discuss about
the potentials in the drug business there was only one of them that
made any sense. This dude, sorry I forgot his name, reasoned that
after all, although he don't believe in drugs, he will take part of
the business because then he can control it. As such he will do more
good than evil by not allowing drug lords to go to schools or other
public places.
[quote]
2. do you think this can be expanded in live attack scenarios? Can
you
provide a few examples of what's maliciously possible?
Yes, IMHO this issue can be exploited on a massive scale. This is
the
reason why I posted this security notice to full-disclosure and
other
security related mailing lists.
Let's put it this way; media formats are the essence of today's
Internet. Youtube, Apple's Movie Trailers are just two of many other
websites that deals with media content.
iTunes and QuickTime are standard part of many business and home
workstations. QuickTime is widely spread technology in the business
sector due to its functionality. Also it is the default player in
Mac
environments. Macs are getting quite popular today and this makes it
even worse.
Attackers can exploit the issues I found in many different ways with
various degree of success. This all depends on how skillful they
are.
JavaScript and mainly browser related exploitation attacks are not
as
mature as traditional buffer overflow attacks. It will take some
time
for the bad guys to realise the potentials.
A skillful attacker can get complete access to the local filesystem
via this vulnerability. This effects all home users. In corporate
environments attackers are able to break into network devices and
hijack network interfaces and all this can be done through a simple
mp3, mp4, m4a, mov, avi, etc... file. You can see the potential
problems. Keep in mind that WEB traffic is usually allowed by many
firewall setups. This enables attackers to sneak into any network
they
want totally unnoticed.
3. what triggered your interest in researching these backdoors?
understand you also worked closely on the pdf backdoor issue...
Yes, I participated in David's research although "Backdooring PDF"
is
his own work. I am glad this issue was well covered by the media. We
were looking into backdooing PDF documents for quite a while and
there
is a lot more to be said.
I have been researching client side security for quite a while. I
truly believe that this will be the next generation of attacks;
high-end hacking.
There are many other issue found in HTML, Flash, QuickTime files as
well. I welcome you to check my website. It is really hard for me to
summarize all issues in this correspondence. :)
4. is this an implementation vulnerability? Or just a feature that
can be manipulated maliciously?
It is quite useful feature actually. I guess it can be quite handy
when dealing with DVD content. Actually when I found this issue I
realised that I can use it to organize some media files I had
hanging
around my home folder. It is quite handy feature.
5. do you think we'll start seeing actual attacks using these
backdoors in popular file formats? Why?
Yes. You will see more of them I guarantee. I know for sure that
this
issue can be used to create worms similar to Yamaner and Samy but
with
much higher degree of impact. As I said earlier Word Documents,
MP3s,
AVIs, MOVs can bypass firewalls and other network based protection
mechanisms. They can carry malicious payloads that upon execution
will
bring attackers into your network.
6. lastly, is there a real name I can use? Can you identify
yourself?
Are you affiliated with a research company or working independently?
Well... my name is Petko D. Petkov. "pdp" is my initials. My other
nickname, "architect" was the result of a research I conducted years
ago based around passive hacking and information gathering attacks.
A
lot of people started to reffer me as information architect since I
was dealing with quite a lot of information.
I am security research from UK. My research is independent while my
day work is based around non-standard penetration testing for
various
companies in the London area.
If you have more questions please bash me an email.
Petko
- --
pdp (architect)
http://www.gnucitizen.org
I AM SECURITY REESEARCH! I AM SECURITY REESEARCH! I AM SECURITY
REESEARCH!
Petk0 r3pl1s t0 Ry4n N4r41n3 f0r gr347 1nt3rv13w 4nd f4m3
HIGH END HACKING HIGH END HACKING
I AM GLAD THIS ISSUE WAS WELL COVERED BY THE MEDIA! (n0w c0v3r3d
h3r3)
Received: by 10.35.48.16 with HTTP; Thu, 5 Oct 2006 00:51:16 -0700
(PDT)
Message-ID:
<6905b1570610050051y252e4415vaad6ba32114c040d@...l.gmail.com>
Date: Thu, 5 Oct 2006 15:51:16 +0800
From: "pdp (architect)" <pdp.gnucitizen@...glemail.com>
To: "cy lim" <cylim1@...il.com>
Subject: Re: recommendation
In-Reply-To:
<6905b1570610040032k2c2d611y48d339d73ea38db4@...l.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References:
<6905b1570609250156w5a2fa25eude38dffc49e628d8@...l.gmail.com>
<510d0e480610030423v192ca79bnf36d398c353c3fea@...l.gmail.com>
<6905b1570610040032k2c2d611y48d339d73ea38db4@...l.gmail.com>
Delivered-To: pdp.gnucitizen@...il.com
ALEXANDER Ltd
ALEXANDER Study Centre
26 Targovska Street, 2900 Goce Delchev
BULGARIA
Telephone +359 +751 24043
E-mail: alschool@...e.net
http://asc.search.bg
The address is still the name but my parents changed the name. Is
that
a problem?
On 10/4/06, pdp (architect) <pdp.gnucitizen@...glemail.com> wrote:
> I will send it to you tomorrow cuz I don't have it here with me.
thanks
>
> On 10/3/06, cy lim <cylim1@...il.com> wrote:
> > can you get me the letter head with company details etc,
please, it is
> > urgent as we will try to submit the application asap, pending
this as
> > the only outstanding item, many thanks, cy.
> >
> > On 25/09/06, pdp (architect) <pdp.gnucitizen@...glemail.com>
wrote:
> > > recommendation document
> > >
> > > thanks CY,
> > > Petko
> > >
> > > --
> > > pdp (architect)
> > > http://www.gnucitizen.org
> > >
> > >
> > >
> >
>
>
> --
> pdp (architect)
> http://www.gnucitizen.org
>
P4R3NTZ ADDR3SS! P4R3NTZ ADDR3SS! P4R3NTZ ADDR3SS! P4R3NTZ
ADDR3SS!
b1g b0mb l3tt3r 0n 1tz w4y!
Received: by 10.35.48.2 with HTTP; Mon, 6 Nov 2006 00:53:49 -0800
(PST)
Message-ID:
<6905b1570611060053u510ef49cs56c9bfedcce9ddf0@...l.gmail.com>
Date: Mon, 6 Nov 2006 16:53:49 +0800
From: "pdp (architect)" <pdp.gnucitizen@...glemail.com>
Subject: pictures from Singapore
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_Part_55755_20420625.1162803229520"
Bcc: anna@...ssbg.com, pagvac <unknown.pentester@...il.com>,
pdp.gnucitizen@...il.com
Delivered-To: pdp.gnucitizen@...il.com
- ------=_Part_55755_20420625.1162803229520
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
pictures from Singapore
- --
pdp (architect) | petko d. petkov
http://www.gnucitizen.org
- ------=_Part_55755_20420625.1162803229520
Content-Type: image/jpeg; name=IMGP0841.JPG.JPG
Content-Transfer-Encoding: base64
X-Attachment-Id: f_eu6mtej6
Content-Disposition: attachment; filename="IMGP0841.JPG.JPG"
/9j/4AAQSkZJRgABAQEASABIAAD/4YgtRXhpZgAASUkqAAgAAAALAA8BAgATAAAAkgAA
ABABAgAQ
AAAApgAAABIBAwABAAAAAQAAABoBBQABAAAAtgAAABsBBQABAAAAvgAAACgBAwABAAAA
AgAAADEB
AgASAAAAxgAAADIBAgAUAAAA2AAAABMCAwABAAAAAgAAAGmHBAABAAAASgIAAKXEBwBe
AQAA7AAA
AGZ5AABQRU5UQVggQ29ycG9yYXRpb24AAFBFTlRBWCBPcHRpbyBTNgBIAAAAAQAAAEgA
AAABAAAA
T3B0aW8gUzYgVmVyIDEuMDAAMjAwNjowOToyMyAwODowNjozNQBQcmludElNADAzMDAA
ACEAAQAW
ABYAAgABAAAAAwDWAAAABwAAAAAACAAAAAAACQAAAAAACgAAAAAACwAeAQAADAAAAAAA
DQAAAAAA
DgA2AQAAAAEFAAAAAQH/AAAAAgGDAAAAAwGDAAAABAGDAAAABQGDAAAABgGDAAAABwGD
g4MAEAGA
AAAAAAIAAAAABwIAAAAACAIAAAAACQIAAAAACgIAAAAACwJGAQAADQIAAAAAAAMFAAAA
AQP/AAAA
AgODAAAAAwODAAAABgODAAAAEAOAAAAACREAABAnAAALDwAAECcAAJcFAAAQJwAAsAgA
ABAnAAAB
HAAAECcAAF4CAAAQJwAAiwAAABAnAADLAwAAECcAAOUbAAAQJwAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AmoIF
AAEAAAC4
AwAAnYIFAAEAAADAAwAAIogDAAEAAAACAAAAJ4gDAAEAAADIAAAAAJAHAAQAAAAwMjIw
A5ACABQA
AADIAwAABJACABQAAADcAwAAAZEHAAQAAAABAgMAApEFAAEAAADwAwAABJIKAAEAAAD4
AwAABZIF
AAEAAAAABAAAB5IDAAEAAAAFAAAACZIDAAEAAAAJAAAACpIFAAEAAAAIBAAAfJIHADB1
AAAQBAAA
AKAHAAQAAAAwMTAwAaADAAEAAAABAAAAAqAEAAEAAAAACwAAA6AEAAEAAABACAAABaAE
AAEAAABI
eQAAAaQDAAEAAAAAAAAAAqQDAAEAAAAAAAAAA6QDAAEAAAAAAAAABKQFAAEAAABAeQAA
BaQDAAEA
AAAmAAAABqQDAAEAAAAAAAAACKQDAAEAAAAAAAAACaQDAAEAAAAAAAAACqQDAAEAAAAA
AAAADKQD
AAEAAAADAAAAAAAAAAEAAAAoAAAADgEAAGQAAAAyMDA2OjA5OjIzIDA4OjA2OjM1ADIw
MDY6MDk6
MjMgMDg6MDY6MzUAwKO3AADAWgAAAAAACgAAABsAAAAKAAAAPgAAAAoAAABBT0MASUk5
AAEAAwAB
AAAAAwAAAAIAAwACAAAAQAHwAAMABAABAAAAtSYAAAQABAABAAAABAcAAAUABAABAAAA
OCsBAAYA
BwAEAAAAB9YJFwcABwADAAAACAYhAAgAAwABAAAAAgAAAAkAAwABAAAAGQAAAAsAAwAB
AAAAAAAA
AAwAAwABAAAACAEAAA0AAwABAAAAAAAAAA4AAwABAAAA//8AAA8AAwABAAAA//8AABAA
AwABAAAA
AgAAABIABAABAAAAxAkAABMAAwABAAAAGwAAABQAAwABAAAACQAAABUAAwABAAAAEAAA
ABYAAwAB
AAAAMgAAABcAAwABAAAAAAAAABkAAwABAAAAAAAAABoAAwABAAAABAAAABsAAwABAAAA
4BoAABwA
AwABAAAAQCUAAB0ABAABAAAA+AIAAB4AAwABAAAAZAAAAB8AAwABAAAAAQAAACAAAwAB
AAAAAQAA
ACEAAwABAAAAAQAAACIAAwABAAAAAAAAACMAAwABAAAAFAAAACQAAwABAAAADAAAACUA
AwABAAAA
AAAAACYAAwABAAAAAAAAACcABwAEAAAA/v/69yoABAABAAAAAH0AACsABAABAAAAY1gA
ACwABAAB
AAAA2P8AAC0ABAABAAAAABIAAC4ABAABAAAAAHgAAC8AAwABAAAAAAAAADEABAABAAAA
JQAAADIA
BwAEAAAAAAAAAEEAAwABAAAAAAAAAEIACAABAAAA+A8AAEMACAABAAAA/wEAAEQACAAB
AAAAAAAA
AEUABAABAAAAAAAAAEYAAwABAAAA6wAAAEcABgABAAAAGQAAAEkAAwABAAAAAAAAAEoA
AwACAAAA
ACcgF0sABAABAAAAoL4BABUCBAAFAAAAyAYAABcCAwAEAAAA3AYAAP8DAwAQAAAA5AYA
AAAAAAA4
KwEAAAAAAAEAAAACAAAA5ehYHk0dryMAI14PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAD/2P/bAIQADAgICBAIDAoKDBIMCgwSFhAMDBAWGBQUFhQUGCAYGBgYGBggHBwcHBwc
HBwcHBwc
HBwcHBwcHBwcHBwcHBwcHAEODg4aGBowICAwKBwcHCgoHBwcHCgiHBwcHBwiIhwcHBwc
HCIcHBwc
HBwcHBwcHBwcHBwcHBwcHBwcHBwcHBwc/8QBogAAAQUBAQEBAQEAAAAAAAAAAAECAwQF
BgcICQoL
AQADAQEBAQEBAQEBAAAAAAAAAQIDBAUGBwgJCgsQAAIBAwMCBAMFBQQEAAABfQECAwAE
EQUSITFB
BhNRYQcicRQygZGhCCNCscEVUtHwJDNicoIJChYXGBkaJSYnKCkqNDU2Nzg5OkNERUZH
SElKU1RV
VldYWVpjZGVmZ2hpanN0dXZ3eHl6g4SFhoeIiYqSk5SVlpeYmZqio6Slpqeoqaqys7S1
tre4ubrC
w8TFxsfIycrS09TV1tfY2drh4uPk5ebn6Onq8fLz9PX29/j5+hEAAgECBAQDBAcFBAQA
AQJ3AAEC
AxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2
Nzg5OkNE
RUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOk
paanqKmq
srO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/8AAEQgA
8AFAAwEh
AAIRAQMRAf/aAAwDAQACEQMRAD8A8tooKFooAUEg5BwR3qZLy5XpIfx5/nRYC1DrM6kb
0Vx37H+o
/St9QCoPrzWc1Y1g7i7KULWZaQFaAtIY4LVqBfk/GpZSQ6RP3b+4P8q5XURzGfYj9aqm
TVKOKQ1s
ZBScUCCimAKjE4UFj6Dk1Ktjen7sEhz32nH50BYmTR9SbpAR9SB/MipU8P6geoRP95v8
M0XHyslT
w3dFv3kqKvquWP5ED+dSjw0M/NcEjuAmP6mlcOUkHh207ySfmv8AhT10KwHVWb6sf6Yo
uFiRdJ08
dIQfqSf5mniytB0hQf8AARRcCQRqBhQAPQcUhWgQwrTWWgCNlpjLTAjZajZaAMGlqiAo
oAKWgBa7
C1GYIz6qp/Ss6mxrTJdlLsrG5rYTZzRtoHYcFqzbr8h+tS3oVHcmMeQR61zN3pd/JsEc
DEjOc4Xr
j+9inTdhVItkUfhrVG5ZUj9mb/4ndU6eE7gj95Oin/ZBb+e2tPaL1IVJk6eFIB/rJ2b1
2gL/ADzU
6eG9OByweT2Zv/icUvaD9miVNE0xW3LApP8AtEsPyYkVMllaKdyQRq3qFAP6CjmYcqJN
o7CkK0xC
EUFaYhMU3FMkTbSEUxCYppFMQhFNIoENIphFMBrLUZFAEbLUbLQBztLVEBRQAtFAxRXZ
6eubOA+s
af8AoIrOpsa0ty35VBj4rnub2G7KTZTuFhwWrNqnyn61MnoOO5OEpdlZ3NBNlIVppiGl
aaVrREMa
VppFUiGNIpCKokQikIqiRMUhFMQhFIRTENIpCKYhpFIRQIaRTCKYDSvNMK0ARstMZaAO
YpaogKWg
ApRQMcBXcaZHmwtv+uSf+gisaz0NqK1NJIMjpSPBgdK4+bU67ELR0zZWiZLQBKtWicN+
FKT0CO5Z
CUbKyuaWEKU0rVIloYVphWtEQxhFNK1oiGIRTcVSJYhFIRVEMTFJimA3FIRTJEIppFMT
EIppFMBC
KaRQIYRTCKAGMtRstAjlqKokKWgBRTgKQxwFd9oiZ0+2P/TNR+QxWFd6fM6KC1NyC246
UTW3fFeY
56ndy6FKSLmoDHXTFmTQmyrVmn3vwpyegJalkJRsrK5dhpSmFapMTQxlqMrWqZmxjCmE
VoiGNIpp
FWiGIRSEVSJExSYpkiEU0imIQikIpiGkU0imAmKaRQIaRTSKBEbCmMKYHJUUyRaWgYop
wFIaJFWv
QvDUZbSrY/7JH5MRXLiX7vzOrDrU6a1QBeRTriMFeK8aUveO4zJrc5qq8VdlORnJEeyr
Nmn3/wAP
61rJ6ERWpa2UFKxuaWGlajZatMloiZajZa2izNkbCmEVojNjCKQitEQxpFIRVIljSKMU
yRCKaRTE
IRSEUxDSKQimA0imkUCEIphFMBrCo2FAjj6KZItKKBjgKeBUspInjXmvTfB1uDolscf3
/wD0Y1cO
NlaHz/zOzD7/ACOrgsV2gtVuOxiIH7tTjoSATXzMpSqS5Y6eYqlVjb20L2kiEZwDtHuO
RXJTw4Nd
uChKDcX3uvvcX+SLoyun5fqVWTmrNkv3/wAP616cnoaLct7aQpWNzQaUqNkq0yWiF0qJ
1reLM5ET
CoyK2RixpFNIq0QxpFNIq0SxCKTFMkQikIpiEIppFMQhFNIpgIRTSKBCEU0imIaRUbL7
UAcZS0yQ
pwoGOFSoKllxLEK9K9Y8DRA6Ha+2/wD9GNXl5i/3Z1U3ZP0OvgjB57dqtKgArnynDJx5
n11OSpIX
YvPvXGapb+XcSR4wFY4+nb9K7MVRUbNd2n/283L9Gb4SWrXlf7v+HMtxzU9iOX/Csnsd
a3LeKXFY
mgm2mslNMCCRKrOK3gZSIWFRkV0IxYwimkVojNjSKQ1aIYhFJimJiYpMUxDSKQimIQim
4piEIppF
ACEU3FMQjCo2FAjiaWmIUUooGPFSJUMuJahPNeq+Aph/Y8a/3Xcfrn+tebmEb02dUNn6
HZW7jpVk
OKyyuulTSfTT7mcc1qBdc4zXM+JUAuRIOjryfccfyxXViqsZK3VS/wDbb/kzTDaT9U/6
/A59+tT2
R+ZvoKwex3rct5ozWVjQM0jEUJAQSEVWkreCMpMgaozXTEwY000irRDGkUhFWiGNIoxT
EJikIpkj
SKQimAhFNIpiEIppFACEUmKYhpFNK0AcNRTJFpRQNDhUiVLLiWI2r0PwLdY0twTjEzY/
75WuLFRv
B/11Oui9TtLa/jwAzYPY1bNwFQOzEKehr5qcJwl7t0n27k1KWvrsVP7dsGkwk4bYcScN
x19vUVm6
1f20qoIm3MpPOCBg9euPauilSquak72vd3t2t67DhScXfYxGaprNv3h+lexbQ2vqXN1G
6sbGlxC1
MZ6pITZC7VC5raKMpETUw1sjJjSKaa0RDGkUlUiGJikxVEsMUhFMQ0ikIoATFIRTENIp
pFACEUmK
YhpFIRQI4OlpiClFAxwp60mUiVDXa+DHP2CQD/nsf/QVrnrL3WdFJ6ne6VHGMO/J7ZrT
eaMqQeQe
1fO4hNy8jSsm36HHxtIbm/DdEnOzgD5eg6fTHPpUUjV6dNaL0j/6SmaJ6ff+ZCWqa0b9
4fpW7Wgk
y2Gpd1ZWNLjS1MZqaRLZXuLiKOJpZWCxoMsx7Vyt74zO8raxfID99zyfw7fnW8I3Mpys
W9L8T29x
KIZU8mVuE5yrH0zxgnsP1zWwa05bGfNcaaQ1SJYhFJVksSkpkiYpMUxCGkIoAaRSEUxC
GmkUAIRT
cUxCEU3HNAHBUUyRaUUDHCnA0mND1Ndp4GYG3mX0kB/Mf/WrCt8LN6XxHdRTAKAD0qQz
8da8SUdT
ucbnP2MudQ1VSeBKuPxXP9abMeTXbBfkv/SUQ9vm/wA2Q7qltW/eH6VvbQzLe6jdWVjS
4hamFqpI
lnLeLb/lbQHCgb5Pc9h/n2rnrTTjLuJbaoP41009EY1NRbq0ERDxkgrjPP612WlXhnsI
Zj98jD/7
y8H8zzVPVEbMtUUIGNpDVIhhikpiCkxTENNIRQISmmmAhppFMBDTaBCGm0wOBooJFpRQ
MUU4Uhjg
a67wNJxdj0MZH47v8KyrL3WbUn7yOg1fXTZ2qzCPzSzBNu7b1BOc4PpWDL4+1E/6qCJR
/tbmP6EV
xQw/NrsdUqttDOfxDqQlluIpBE9ywMu1VIJVQBjcGx3qtLrOpu2WuZM/7J2j8lwK6o0o
r5afcYOo
yfRLmZtVi3uzZ3Z3En+E+tdjbN8/4UqisODLJak3Vz2NrgWppaqSEzgPEkrHVZxnoQB+
AFLYJOkC
SdFJ5HqD0/z9K6Y/CYPWQ94SyM7HIIOe5z9fQVpeEJW8m5gPIjcMD/vDH/so/OjoJ7nQ
UUITEpDV
IkKSmISkNMQhFIaYhppDQAhFNNMBppM0CGmmEUCOCpaYgFKKBi0ooGOFdP4LfDXY9RGf
y3VnUWjN
Kb1L3iwk6eP9lwf5iuQDVnSWhdR6krH9yh/z1P8AhUYNaITNDRCRqkHH97/0E12Vu/zi
s6hcC1uo
3Vz2NhomjLlAwLjkrnn8qC1UhM891pw2pTuvI3nk+3FXbe432yiPBPGQe2K3+yjFP3mL
JK6wsHxk
ZOBVfw9qq207h0LpKMELjORyDz+NNLRim9TrLfU7aQAjKk9AwP8A+qreRihCYlJVEsKS
mSFIaBDT
SGmAlIaAG000xDTTaAGmmmgRwdFMQtAoGSRxSOcRoXPoozWpZaBM5Vrg+Wh6qOW/wH6/
SonNIuEL
k+qaFBFama3MjOpG5TgjB7jAB496k8JSYup19UB/I/8A16iMrxZo42kjT8SHOmSexX/0
IVx5NFPY
VTcstj7FG3fcR/M1teFWHlXgPONmPxDUpLRlRdmvQWQk69bEnojZP0D1sLPIHyi7se/r
UvYbdtdy
aC8kaUI6bdwJHrxj0zVvdxg1k1bfcuErowAZBfyXEcn76QypyBj5VbaOnYov5c1sWjym
1jMxDS7c
SEdCw4OOnertoVOV36afdY4XWRjUZwO7k/nzUVjku2DhlUkY747VtH4Tnl8RdupM2zYX
BYDOao6e
im+jV/ugkn6AZ/pREJm0AX3Oev8AnitnSbxnQxOcsnQ+o9z/AJz+dQtynsaFFaEMSkpk
iUlAhDSU
wENNNACGmmmIaaaaAGmmGgDi0sLojITA9yAfyPP6VYj0ic8sygfif8KTkgUWWY9DXPzy
E/QY/wAa
uw6TZrg+WGP+1k/oeP0qHNmigi9FGoGFUAegqwtZtGiZKpPHOMVh6M7f29eFuGPmbh7+
YM0Q6+jC
b29TR1/nTZfwP5MK5eC0MibhKg4JKk4IA/znjNaQdkRJXZYmjthp8SCQm5Ej71HK7MLt
ORx13Z5J
4HA6m3oF1HE00bsAJgvztwBtz6ZJ69AM8Um9CktTSkiiWUXDXtsTnasfzK7Bj/CWRcYz
znHT3rUs
YykAV50dhnLgrzkmstdLpr8fyukXddHt8vzK13cqJhI06hlBVUzye56fl/kVn/2yMyF5
ypYAM4ID
Af7Ab/63rQ4K9+woydvzKB1iKObMTPNH8zEyABsspBxj1zk+/T32NF1h7gTIIggjGU5z
ncT1rSUf
kKMv+Cc1fpKZ5JJQQ5bvSabDI02UGSozgdTz0HvjPFOL0JktS7dgGBwpB29+2AabpdqD
K8xBJcOI
gOcHaSd3ocA4HU9enNERSL0DDaQOlW9GJF447FD/ADFSinsbdLWhmIabTEGaQ0CG5pDT
AQmmmgBC
aaTTENNNJoAaaYxoArDTzt3A5FPjtI+7c9xU8pXMWFtYR15oe2XnYDxQ4oSkRhSPanis
2jVMeKoR
2Xlav9pjH7udWD85w5O4/gcZ+ufYVK0f4FPVempNqpLWU4/2Cfy5rloGxDJ/tDb/AOPA
/wBK0WxD
3I6eCexx60MpDvMlxjecHtmlWWVRhXKjrgGi4NEMksjPuZizHqSaj3GqM2wFdB4SP76c
f7I/nSls
OO5o65pYmgLwr+/U5+vFZGmwoGkWQESKcr7FDn/H/A9s4s0krmlP5JgeRQrou0BiN3BO
GJC43e3b
pVjzbeNMqxDYDbRzz7n8OmentWiMWUm2faJNgwpwQBwOQDU+kn/Tv+Amo6mnQ3M0ZqyA
zTSaYhCa
QmmIQmkJoAaTSE0ANJppNMQ0mmk0AMJpjGmIsAIhz39BUvlQMN3/AOugRHtXPyZwPxpy
NIGzkY6E
VLKQyXluRyBimqpzgcn0qGaIle2lCgkdeMCkMTqMlSB64qJRLjJFe6t5JIZI4xkyKyjP
QEjHNc/c
aLeQxyEgOqgszrnaAGA6kDnrwMkAZ6c0KaWjBwe66GdThVsSFzSZoG2RN1pKpGTCtzwu
+LmX3T+o
oY0dGLmLdt3jcegzzWLfZi1B2UfLKN2P97hh+eT+IrOxpcaZ1aP93GSF270OMEknPHTp
ipZJScAQ
kOD948jB5ByCfpnr+FWjNkKZ8x8nnjP5CrWkk/b/AG2mo6l9DczRmrIYZpM0xCZpCaYh
CabmgBKa
TTAQmmE0CGk00mgBhNNJpiLbQDG5AB6+h/CmBSDzx6//AK6BXJ1AI4XHv2p8UeWwaQ0x
5jXaOMEc
ZoVAoPyj3Pek0NMcZlIGMk/1ptysrbUHC9WPTgdcUmUtyLyQMhSRjpnvTVRcEPhuvykc
cjH8uKwn
D8TohK5BNZ2Mq/vLdDxgYAU/mMEfn61Ul0HTCBtDx467G6/99bqlXX/BG2n/AMAqnwyh
BKzkZPy5
UHj8x/T6VRudEuUcqHWTuAobdj1IAOPzrRT1JcepWbSrw4KKHznAUjPy9cA4Jx7ZqL7B
e97eX/vh
v8K0UkZOLI2hlVQzIyq33SQQD9K2PDli8sx++qHhnCkjA5xnpk+9D2CO51R8N2TKNzSg
Dvhefz6V
j6voyW8ocuTDJwhbkgjqD/j/AJK5Rqd2U4lRCTGy84yCMj9anE87MFVIyT0AXJyfxqU2
U0mbFh4Y
d3aa7lyAo/dpgcjsTjt0459xjnYh0vTY48xQKsnTcck4+p/xrRR7mUpdCpdWxQB1+4f0
qvmiwXEz
SZoATNITTEITSE0AJmmk0xCE00mgBpNNJoAYTTCaYi+Cep5+tToBzjv1B70yQK8fKNp7
+lPQYwQQ
fXFIY9cHryKGBHJ7dfpSARIQSGPBPQnr+VPcYUK2MDoc/wD6qGUiJkOeOuMcjFZ1zqmm
o5jecLIO
owSB7ZAIqGiuaw9XVlVxyrAFcehpskkgYBYWkY/dAwB+JPSs2bR1+fUX/SW++REPQfM3
5ngfkfrV
C70x2uBcwnEgGMsT29+SPwqYoqb00Gv9vdfJkgXzOgn3H14ONvOB0yQe4IJrUtoZiiqc
uygAsB1P
rV8qI5vka9vYW4UecvznrnpmrsdvEvKgD8a0jGxlKTY59uNudxbjAqne2EDqFnG9ANwH
Ug/XjH51
TJuY02i2rAMF5JwI1GD9SRyf8/hd0vw+kDvMwJc8LuPQe319+w7ZIqEi3I243QREDlm4
A9vf0pjl
dgVjnPRR/P6fWtDMikdDHs/M9qzDblm+UgfXgUmNCvYXIGdu4e1VmyCQRgjqDSsO4xmA
BJOAOpqJ
rqEKWLfKOpwSKEAwX1oRkSrj64p32mHGQ4PvnimNxa3HBgRkHIPekJoJG5ppNADSaaTQ
IYTTCaYG
mQ+08cU1JGJO0hQOrGmSO83n7zN744pfO9Ac984qblWJVuU28Kdw9OlWY41YhmOWPRf8
KEFrFr5F
+vemzovlAZyabEQKpJ29e6tWTP4Ws5JWkMrrvJZkBXqTnjjgfnUtDkrllLcRRRwsfljU
Kp+gxnHv
14qxGYFI+YZ9SM/qOKVio3sWDbwucFVyed3I/Uf403+yUJ/1gUemQf60OI1IBpsKyAls
kfwtyPxx
VqNGP3CCvqBxRGNglK5KfM//AFDmhYnPGWz9AKokeYCAfmIY98ZP5io2V9hHG7++2R+H
+TQIS1dV
+ST5iMkkDJGee3UVYaRSCMEDuTQBD9ohy0UZUsvBUHp35qC5lUKfmHmHkgfy/AUAiKIy
kZBJP1/p
U5iLY3HDY4IAFJFMIlnH7tCBjht3r7fhVTUbGQ/OzDd+hptCTMWW3Ybg2XPdTwMf57kZ
qEQuigRj
aMYKk7uPx5/H8OwoQ2zOns8S7lQEZyy9vw/z0q9btGxELIAAMqvrjrke3p0ppWuXKbkk
u2/6Mmll
2LuUEAcZ60gu4SPvfoam5FhRcQkcOPx4/nR5iHowP0NO4gJppNMQwmmk0AXUnfsMfjxU
qQTbd7Lt
UnjPBP4df0piFWCYA4QnPTFKY5QRuUp6Ag1LGh3ljy9v6irlqV2YcjK8ZoiOQ8yQ7sBw
2e1RX+q2
NtFm5kCuR8sY5b8AP5nj3qiTLh1q0mkKrKULYCKQRnHbkdauRq5cCMsSfXHH+feoZaRb
WCDPzKc9
yeamRLYcYHPbFFhXK5QCTNvIKsQ+aw/eSMe3YfpQl9xTat5loW6Km4nOeAD61LFgKB0p
pENkhaAA
BmGfbmjIVg3LKaYh0k0ZUkEnH4VTeV2OM8emf8/560MaIoNU08XDWokQTrjdHkZ5GeB3
49KtG7sQ
6LJMkbyHEauwBYjsAev4UIGNuYYQvmuyhE5LlsAe+en51hw6tp76hJZxSCSVRuUjBVj1
KqwPJA6/
j1wcDQJm7bQRFVyWBYZUjgU9otsipncCeKEDYSgh3GM4UEiqTiR25VlQdBj+X+RTEQTW
yseLdie7
cc/nmoH098f6pUHqzD/61S0UmV5dNODlRz6Hj+tVxZsjZEeWznOc/lQMCTnGMZ6g9DWb
PEQ5x0NS
xkJB79R+f/16THp/iP8AP61IxCzfwMQfb/P5VPbTllIb7y4z+NUmJrQlJphNWQdFawWq
DKnzJB/F
159vT8Ksx24J8yX73bPb6Z6f5zTJLUO3ngAjqe1SMEf5SuV96BFWWyAPCbgemKgezcji
Mj3pWKTB
doXZKnHQMP8APFUptPsHkaR4oWc8lnUFj7n1pDIhpVisgdbdVcdGUAY9x0FXTBtUFhkH
16/pmgYL
CN2UQ/lTBO+WVgeuBjr+vNIe5LBblgHEWE9SeT/SrSIw4BwRyKYEzO3G4cD055pS2Vwn
JPU5ximS
NVe2Nx7/AOc/0p6lx0PHcEYpDEMyF9jbQ5HC55xTJWtkQvMQidNzHAz6f/W70xHGazoT
zyy3mnwS
iLLPNLcMsaepKq+1wPc4HpwK5pnkKqrMWCjCgnoCc4HpySfqc0CLZ1bUzY/YGnY2nH7o
4PCnIGcZ
wD0GcfkKrJkEMp2uDkMOOaYzpNH8bX8GyG/BurdcAOMCRQPQ9G/4FyT/ABV2WnanZXXl
y2kokTd8
w6MuM8EHkfj17ZFAizdOgncHPzKOn5VTMkg4TJ/3j/hj+dAICk7AHa/uUY/yPH6037OA
c8hz3kGf
1BNIY3fOvBYEepwy/n/jikLuchkQke1AEMsQYfcXPpjBrPubCMjoRj86TQ0yhLYd8/Ke
/wDnpUBs
5sbhhvp3/wDr1PKVcqucZJ6j+tR2kmLoKf4gQf50IOhoE0wmrIOrUEKBGAOwqzEjBcE/
N/e96ZA2
WfYjGRcAfxD1/n+VSW85blc468jH86ALaMOn5in+WpoGNe2iPLAVWm0+LG5MZByAPX+t
KwJkH2Nt
27I7khufbP8AgKhninCKCuSP5HpSKK8kzkKCCCvRu4/GrcCOQDICSPu8fMfx4/XmgZKP
NXIAwvp/
+rpTxgAHHytyO4/+tTEP3L6YHbuDR+6J5BB68jj8+lAC+UpGd6kHv0pDbSj5lO5frmlY
dzC13w+8
9xHfxhmkg2hoASA6K24qDwVY5POcfTrUCWepyz+YpmtMN+73zGUqgxxsYtuZjydzYUcb
SRktMTIt
V0DV54znUDMwHMLr5anHThMgn6r+Nc1PoerRnD2shPbYN4/8dzRcRUkt7iMjz4mjLcqH
BUnHHQ1G
X7UwEJY8DkVs+Fb63t9SMlxK8UZRhuUgDIGcNwTjjjHO7HqaQHeJcwyAOWLL/CUA2kHk
YYnnjv36
gCpRcQgfJER/tNj/ABoAja4Zj+6xu77Tj8zx+n50x0lAzIJcd8MCKBjV3EZQlx0II+Yf
hzke9MZp
EP3ckdMcH8uh/SgAF/bk4kUqR6in+ZbMMK4PtTFYq3Fn1aPv1Xsf/r1QwoJGMf3l7/h/
hSGZeqxY
Am4YE8n1+v8An+VZVsT9rj+v6YqWilsapNMY1RJ1f2yLOAAPduKDdR5GJFz/AHgf0I5z
TJGowMxd
5Qy9gegP04q9FLGOrD8Dn/P5/nQIka4iPGT7MAaYLtlbAJYf57UDJBeMesZI96sRyoRk
gKfx/wAB
QAuFMg3HgjgfQ1HdDEobswx+IoAia1h4bb8x7+5oMbA/Ic49f/rUh3G+aQzbz5ee59B6
E8VGl6oJ
VAWQfdJ7nufof89eC47A9wzEM+1PYYyfzH8qjM0hztOU9+M0gsSJIWGCSOPU02S2x82c
Z5BFA9h0
MMhIKyN+DGrSxkjaxKuPU5z+eaEDYCPB+ZVbHXIwfzH+FO8u1I+eNlP+ycj/AB/SmSVN
Q0HSbuEQ
zHOOUPR1PqO/1zwe44rkPDvhSxvJrmczE2UEpjhXo7qOQW4+UFcdsnn7uOSwHYWmlaVb
x7LS1RX6
bx8zf99Hn9a53xR4ZaUtc2seLocyRqMBx65/vfz+tOwjlLfVdSt8xxSsiqcGNuQCOvB6
e/Sr9n4o
1RZVeVFuIidpUrjJPZWUdfTr9DQM7CzuTc2yz28Z8t8/eHII4IOe4PB6+1P8q8ByqY9u
36UhjZDc
Zzs247g/ypy3s4G2WPzF98UXAY7afIcOGjb8/wDP5VG2nqeYZVceh4P59f0osF7ETC8i
6ggdweR+
dRTkSLuC4ceh6n09j6flQBlXnzWkg7kkf8CUbh+eSKwoJokuFeQ4UZ5684xSY0aC3tqf
uyr+dO8x
SMggj2oA6iOxsx998n06D9KsJDZgcYqrEXHebbDgDJ9hT1aVv9XHgercUASC2fG6Rz9B
xUyxRqM7
ce+M0BccJY/f8qcZ0x3FAArEncwx6fSllJZQPTpQAwMeM9ulPCEj5XwDQMgntjtOPm9Q
TVGNCHHY
cg1LRSY4pluOTUqu4GGUA9qQ2CS4YAcsegHrWhHprOA0rDb1EYPy5piZcgtLRvkaJUkX
0GM+4xSy
aeuMKzfz/U807E3IlgLMUY4cd/WkNpKOMfjQA02bnrwKri1sInZkQq7HLMi4yfU4HP40
ARyxyN/q
5Jee2z+uKq3Wmaq8DrbzNHLj92z4ZM+4Ofp0OOuD0p3CxzN14L16Wdprpo2dhy6Y7DA4
AUVDD4Y8
QGaJJ2kjgtTut3ypIOQflAY7emfbA4pXA3rO0nhiEW+TGSWZ3Ykljkk47k8mrHlkHO5H
PcZ/x5oG
KGg6PHtPqKDFbnooP0oAje1jI+X5fpUJLL8sy7k7OOooAY6SqPMt5SydxnP6e1VZZWzg
j5iOCOM/
lwfw980AU53zEXP8bgn6kYP61zF0gErRn+En+eKGNFcx+9JtYdDSA9IQEnCjJqzHZnrI
2B6CqsQW
Y0t06AZp/wBoQdKYg+0SHhRSgyfxH8OppDAv6cD9agd33AAY9f8AJoAnWRto4OfYf5FO
89geVO31
IoGSiaI8ZGacE7oaAHAt3FV5rQNlo/v9dvr/AJ7UgRSeTadpUq47UGbIwAS36VJY+3Qh
t5+961bh
aTfw2z3B/wABTQmWzNMAN7B8dG6EfiP8Ks2mohm8uQYPZuxqiSe7hGwOhw45BqGG8Xbi
bhh37GgQ
83MJ+Xdx7cUoeHooFABvXsKQnPQUAN2GmmJT1oAY1tEeoqvLp9s3UUWC5XfSl/gdl/X+
dQSaZOOR
tf6jB/OgdyAwzpnfCxHqhzSLLC2QH2sOoccD6+n4mgCKaIR7nCYXvtOR+XGKy75lUoy/
KVYZHpzg
/wCe4xQBm3TbUMQP3ZCB+Bz/AFrAvz/p8vvg/oKTGQUhNIZ6ehAGFGKcA5qyCRYalECg
ZNAXHqD2
GBTiB9fYdKQEMiykHAwOwA60xbe4+/nB/wB0/wAv/rUDJo5LodQH/wCAkfyqVZ5e8Le/
FFwHF4zx
JE312mjbbA/K5j/MfzoAkRj2dZB9RmnFo+c8EdRQAx4rdwBIQV7MTgj8aiXSIM8Trt9O
Cfzz/Sk1
caY/+zLcdJAfbIprlkGDH8vZlxj9KLWC4BtwypyPam/OG+XGPU0ATJqUyjY+JFPVf/ri
nfbbM9bU
k98kH+YpisPF3Yf8+7A/7qmpFuNOP8O36of6UABn04EDPP8Aut/hTJLqzH8Bcevb9aAK
kt5D/BAm
ffB/Pgfzpq6jECA8EY/3QB+vNFx2LC3tk33t0Z9ecfmpH8qd5lt0SfH1Yj/0KgkQpIRl
JmI7EYYf
yqFkvf4ZyfZk/wABQBE8upr1RJB7ZU/rVaW6iLgXUBibtIOo/Tp+dAxknyjBYNE/SQfd
OezD+o/H
FYer8Im0n5TtP4dP0I5pgjNv2BvHA6A5/QVgXkga8Zh7D9KljIzSZpDPVFxUqFc4UFj6
CrMyYIQP
mIX26mmtcwDo+7/PtQA37QGGR07Zpq3RBOGH0I//AFfpQBYS9ixzjd3IFK95Gfu5B7jj
+tIZItxH
tzvwfdeP0qWO4U9JEP1yKALCiQ9Ch+hp3kS/3FP40AOEL94gfpil8jjmEge2KAHbYx1j
I/ClCwf3
P0oAc0EAwdoGacYVK7SBjtRYClJpsO4tHmN/b/Cq02nT9VIPsRSHcqPaOv31IPqOn6Ux
YkP3XIb6
n+tAxpjnBwXPsaQCY8CQg+hNGoxP9JXhQD685prGU/f/ACP+QKQDxG3R3EYP+zn9RTxb
2BHzXDEn
uFJH8jTsK402S/8ALK6jYHsx2/pThp13jqh9wT/hRYLjWsbvsq/n/wDWqvJY3w52j/gJ
/pT1C5Vl
Fwn39w/OlW/n24Lb17q3P86VwK8l2o3eV8qkfvYuq4P8Q/zx+NUL5s2sZJyc4/z+BH5V
QjG1Cfb5
kmew2/Ujj/GsRcls9+9SxklJSGenIw6k7vwqX7XgbVBz6AYqzMZJK5GCcA9QKh2d1P4U
gLMRUj5f
xJ61IUQ9QKBgII+3H0pwjA/iNADXiJGS/HYGo0ERbacqf72eKBlpbW4xmOXPpUijUF/j
B/OjUNBW
udSHOePY06LVrxcBlJ/Wi4WJTr0448vJ96swarvH7yIj1ODj86LoLFsTwuBg49Knj5OP
yNAiKUfO
cU+NQRzQANEh4IqvLp1u3JUZ9aAK0mkgZ2H8Dz/9f9aZ9iUf6yHcPVTn+eP60WHcaXsV
O3y2B+mK
XdakcQsR9KLIBB9kHSEjPorf4VHI9gDloyMdyCP50aARNc6Z08rd+R/rTBLpX/PHH1FF
kA7OmHAw
vPuv+NONlbMMomQO64P8qdhEbQygYGJF7o/X8D/jn8KzbqzgYny8xy94zwfw9fwPPTIp
AmYqsV1B
o36MNrfjVa+kKwiLuj4P4/8A1gKYzmtQnLSbAchTk/X/AOtUCDjPc1LGO/lTTSGf/9kA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAA
-----BEGIN PGP SIGNATURE-----
Charset: UTF8
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 3.0
wpwEAQMCAAYFAkicW4MACgkQ5g5u/REitpbfYwP9HzyGCrUt+sLkLv/f8RI0cUqlwMiR
5Rw4AwZo6ZnZdKN8cdCaJg3JALW6M64WPHNi9c61JvYAdl464TC1Z5hl0l++GVU4/Mzo
UyKNqJKiCGoOoPsHSc7e7ocNEZJWib66zog7FWN7u3dWoanHTZ6Ckf6n0IOecdK/Rm5y
dP212e4=
=froV
-----END PGP SIGNATURE-----
--
Explore all of Europe's beauty! Click now for great vacation packages!
http://tagline.hushmail.com/fc/Ioyw6h4ePhlzKqardkUZYpL5APyNlhD9bWl9yateV3jeBxOTbtOJD6/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists