Leaderboard

Aici sunt. A fost busit forumul si nu se mai putea posta, plus ca am fost prins cu munca mea de corporatist sarac care nu am macar un Urus amarat in garajul plin de teancuri de cryptomonede Muie Pax. Se stie. P.S. Voi va dati seama ca @paxxx a schimbat prefixul de la 2 la 3? Atat de batrani suntem, in plm.

Va salut si ma bucur sa vad ca inca mai exista aceasta comunitate si ca Nytro e tot aici. Am activat si eu in perioada 2010-2015 dar nu mai stiu mailul si parola. Cunosc doar userul.. M-am uitat la post-urile mele din copilarie si m-am amuzat . Observ ca s-au schimbat si rank-urile. Inainte era pe bautura 🤣

Pai as fii vrut sa incerci tu daca tot ai instalat , sa nu ma chinui degeaba , vreau sa stiu daca merge , atat. nu am un laptop performant , asa daca stiu ca merge ma duc si imi iau unul

ce naiba sa inveti ma de la astia. pana si builder.ai care au angajat 700 sa mimeze AI au dat faliment .

retete culinare bre si reviewuri la filme

Know Your Customer Ma gandesc ca sunt frameworks sau companii care ofera acest serviciu. Le trimiti selfie si se ocupa ei. Procesul pare similar la mai multe aplicatii, banuiesc ca in spate au acelasi provider. Nu am idee care e, dar probabil e ceva "cunoscut".

Astazi am avut nevoie sa trimit niste notificari la 1000 de persoane si am scris prostia asta pentru trimis: package main import ( "bufio" "encoding/json" "errors" "fmt" "log" "math/rand" "net/http" "net/smtp" "os" "path/filepath" "strings" "time" "mime/multipart" "github.com/gorilla/mux" ) type spaHandler struct { staticPath string indexPath string } // ServeHTTP inspects the URL path to locate a file within the static dir // on the SPA handler. If a file is found, it will be served. func (h spaHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { path := filepath.Join(h.staticPath, r.URL.Path) fi, err := os.Stat(path) if os.IsNotExist(err) || fi.IsDir() { http.ServeFile(w, r, filepath.Join(h.staticPath, h.indexPath)) return } if err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) return } http.FileServer(http.Dir(h.staticPath)).ServeHTTP(w, r) } type loginAuth struct { username, password string } // LoginAuth is used for smtp login auth func LoginAuth(username, password string) smtp.Auth { return &loginAuth{username, password} } func (a *loginAuth) Start(server *smtp.ServerInfo) (string, []byte, error) { return "LOGIN", []byte(a.username), nil } func (a *loginAuth) Next(fromServer []byte, more bool) ([]byte, error) { if more { switch string(fromServer) { case "Username:": return []byte(a.username), nil case "Password:": return []byte(a.password), nil default: return nil, errors.New("Unknown from server") } } return nil, nil } // Function to read email credentials from the file func readEmailCredentials(filename string) ([]string, error) { file, err := os.Open(filename) if err != nil { return nil, err } defer file.Close() var credentials []string scanner := bufio.NewScanner(file) for scanner.Scan() { credentials = append(credentials, scanner.Text()) } if err := scanner.Err(); err != nil { return nil, err } return credentials, nil } // Function to read email addresses from an uploaded file func readEmailAddressesFromFile(file multipart.File) ([]string, error) { var emailAddresses []string scanner := bufio.NewScanner(file) for scanner.Scan() { emailAddresses = append(emailAddresses, scanner.Text()) } if err := scanner.Err(); err != nil { return nil, err } return emailAddresses, nil } // Function to send an email using random credentials func sendEmail(fromAddr, password, smtpServer, port, toAddr, subject, body string) error { smtpAddr := fmt.Sprintf("%s:%s", smtpServer, port) // Use the custom LOGIN authentication method auth := LoginAuth(fromAddr, password) msg := []byte(fmt.Sprintf("From: %s\r\nTo: %s\r\nSubject: %s\r\n\r\n%s\r\n", fromAddr, toAddr, subject, body)) err := smtp.SendMail(smtpAddr, auth, fromAddr, []string{toAddr}, msg) return err } func main() { router := mux.NewRouter() router.HandleFunc("/api/health", func(w http.ResponseWriter, r *http.Request) { json.NewEncoder(w).Encode(map[string]bool{"ok": true}) }) // New API endpoint for sending email using email addresses from the uploaded file and the user-written message router.HandleFunc("/api/send-email", func(w http.ResponseWriter, r *http.Request) { // Parse the form data err := r.ParseMultipartForm(10 << 20) // Limit the file size to 10MB if err != nil { http.Error(w, "Error parsing form", http.StatusBadRequest) return } // Get the uploaded file file, _, err := r.FormFile("emails") if err != nil { http.Error(w, "Error getting file", http.StatusBadRequest) return } defer file.Close() // Read email addresses from the uploaded file emailAddresses, err := readEmailAddressesFromFile(file) if err != nil { http.Error(w, fmt.Sprintf("Error reading email addresses: %v", err), http.StatusInternalServerError) return } // Read the credentials from the file credentials, err := readEmailCredentials("smtps.txt") if err != nil { http.Error(w, fmt.Sprintf("Error reading credentials: %v", err), http.StatusInternalServerError) return } // Select a random credential line credential := credentials[rand.Intn(len(credentials))] parts := strings.Split(credential, "|") if len(parts) != 4 { http.Error(w, "Invalid credential format", http.StatusInternalServerError) return } // Extract the SMTP server, port, and email credentials smtpServer := parts[0] port := parts[1] fromAddr := parts[2] password := parts[3] // Use a random email from the uploaded file if len(emailAddresses) == 0 { http.Error(w, "No email addresses found in the uploaded file", http.StatusBadRequest) return } // Get the user-written message from the form message := r.FormValue("message") // Loop through all email addresses and send an email to each for _, email := range emailAddresses { err = sendEmail(fromAddr, password, smtpServer, port, email, "Sorry :( I'm not sure what to do with the information I've found !", message) if err != nil { // If an email fails, log the error and continue with the next email log.Printf("Failed to send email to %s: %v\n", email, err) } else { log.Printf("Successfully sent email to %s\n", email) } } // Return success w.Write([]byte("Emails sent successfully")) }) // Serve SPA (static) files spa := spaHandler{staticPath: "build", indexPath: "index.html"} router.PathPrefix("/").Handler(spa) // Start the server srv := &http.Server{ Handler: router, Addr: "0.0.0.0:8001", WriteTimeout: 15 * time.Second, ReadTimeout: 15 * time.Second, } log.Fatal(srv.ListenAndServe()) } Si pentru verificat liste prostia asta: package main import ( "bufio" "errors" "fmt" "net" "net/smtp" "os" "strings" "sync" "time" ) const maxWorkers = 2 // Limit the number of concurrent workers type loginAuth struct { username, password string } // LoginAuth is used for smtp login auth func LoginAuth(username, password string) smtp.Auth { return &loginAuth{username, password} } func (a *loginAuth) Start(server *smtp.ServerInfo) (string, []byte, error) { return "LOGIN", []byte(a.username), nil } func (a *loginAuth) Next(fromServer []byte, more bool) ([]byte, error) { if more { switch string(fromServer) { case "Username:": return []byte(a.username), nil case "Password:": return []byte(a.password), nil default: return nil, errors.New("Unknown from server") } } return nil, nil } func processCredential(line string, successChan chan<- string, failedChan chan<- string, wg *sync.WaitGroup) { defer wg.Done() // Split the line based on the pipe delimiter "|" parts := strings.Split(line, "|") if len(parts) != 4 { fmt.Printf("Invalid line format: %s\n", line) failedChan <- line return } // Extract the SMTP server, port, email address, and password smtpServer := parts[0] port := parts[1] fromAddr := parts[2] password := parts[3] smtpAddr := smtpServer + ":" + port // Check port availability with a timeout fmt.Printf("Trying to connect to %s for %s\n", smtpAddr, fromAddr) conn, err := net.DialTimeout("tcp", smtpAddr, 5*time.Second) if err != nil { fmt.Printf("Connection to %s failed: %v\n", smtpAddr, err) failedChan <- line return } conn.Close() fmt.Printf("Connection to %s succeeded for %s\n", smtpAddr, fromAddr) // Prepare SMTP authentication using LOGIN method auth := LoginAuth(fromAddr, password) // Message msg := []byte("From: " + fromAddr + "\r\n" + "To: stefan@izdrail.com\r\n" + "Subject: Test Email\r\n" + "\r\n" + "This is a test email.\r\n") // Attempt to send the email err = smtp.SendMail(smtpAddr, auth, fromAddr, []string{"stefan@izdrail.com"}, msg) if err != nil { fmt.Printf("Failed to send email for %s using server %s: %v\n", fromAddr, smtpServer, err) failedChan <- line } else { fmt.Printf("Email sent successfully for %s using server %s\n", fromAddr, smtpServer) successChan <- line } } func main() { // Open the credentials file file, err := os.Open("verify.txt") if err != nil { fmt.Println("Error opening file:", err) return } defer file.Close() // Open success log file for writing successFile, err := os.OpenFile("success.txt", os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644) if err != nil { fmt.Println("Error opening success file:", err) return } defer successFile.Close() // Open failed log file for writing failedFile, err := os.OpenFile("failed.txt", os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644) if err != nil { fmt.Println("Error opening failed file:", err) return } defer failedFile.Close() successChan := make(chan string, maxWorkers) failedChan := make(chan string, maxWorkers) var wg sync.WaitGroup // Worker to write successes go func() { for success := range successChan { if _, err := successFile.WriteString(success + "\n"); err != nil { fmt.Printf("Error writing to success file: %v\n", err) } } }() // Worker to write failures go func() { for failed := range failedChan { if _, err := failedFile.WriteString(failed + "\n"); err != nil { fmt.Printf("Error writing to failed file: %v\n", err) } } }() // Read the file line by line scanner := bufio.NewScanner(file) for scanner.Scan() { line := scanner.Text() wg.Add(1) go processCredential(line, successChan, failedChan, &wg) } if err := scanner.Err(); err != nil { fmt.Println("Error reading file:", err) } wg.Wait() close(successChan) // Close the channel when all work is done close(failedChan) // Close the channel when all work is done } formatul pentru smtp trebuie sa fie de tipul acesta : smtp.adress|port|email|password

Ah, lasati fumatul si alcoolul excesiv. Sunt mai daunatoare ca orice. Si dormiti cat mai mult si mai bine (calitatea conteaza). Lasati telefoanele si laptopurile inainte de somn, sau lasati-le cat mai mult.

How I Also Hacked my Car 2024-01-30T22:14:07+00:00 • goncalomb • hacking,car,dacia,rpi This blog post is kind of inspired by another that I saw on HN some time ago, "How I Hacked my Car". After praising the infotainment system of the car, a Hyundai IONIQ, the author ends up hacking it and running custom software on the head unit. Well, my much cheaper 2023 Dacia Sandero also has a decent infotainment system with navigation and wireless Android Auto. Even before I got the car, I searched around to see if the system was hackable. I was not surprised to find that a simple USB drive with an autorun.sh script gets run as root. A classic. Various forums around the web use this method to change skins and side-load navigation maps. I was not interested in that, my goal was also to run some custom software. Well, there is more to the story, otherwise, I would just that autorun.sh "feature". The Infotainment System The system is a MediaNav Evolution from Renault (which Dacia is a subsidiary of), built by LG (FCC ID: BEJLAN5900WR). It's a Linux box. Over the years there have been various iterations of this system, the older devices used WinCE. The navigation part of the software is by a company called NNG (iGO?). Apparently, they provide navigation software for many other devices. MediaNav Evolution (unofficially called MediaNav 4) The autorun.sh Just by looking around on various forums, I knew of 3 special files that when placed on a USB drive would trigger some debug functions: autorun_bavn/autorun.sh: a script that gets run as root logfiles_bavn: a directory that gathers various system logs and files usb_logging: a directory where the system continually dumps dlt files (proprietary log system) One good thing about the log files is that they contain the Wi-Fi password for the AP. This password can be reset on the UI, but it's never visible. Knowing the password allows other devices to connect to it (e.g. PC). When using wireless Android Auto it connects automatically, I think it bootstraps using Bluetooth. I was most interested in the autorun.sh... But it was not working, I couldn't get the script to run. The Firmware At this point, I decided to start inspecting the firmware to see what was wrong, and if there was another way in. My device came with version 6.0.9.9. I wanted a recent update file, but the official website doesn't provide a direct download. It requires installing a desktop application, "Toolbox", which I ended up doing. The application can be used to buy map updates or download firmware/OS updates for free. The procedure starts with collecting some information about the system/car to a USB drive. After connecting it to a PC, the "Toolbox" software detects a new update and puts the new update file on the drive. I didn't update it, I just wanted the file, it was version 6.0.10.2: >: file upgrade.lgu upgrade.lgu: POSIX tar archive (GNU) I also had an older update file, version 6.0.9.7, that I found in some random forum. Sometimes even grep can be a great analysis tool. Just by running grep -RF autorun.sh on the contents of both the new and old firmware, I could see that the new one had no matches. Time to load Ghidra and see what's going on... Version 6.0.9.7 has the autorun.sh feature, but it is not present on version 6.0.10.2 Comparing the 2 files it was evident that they had removed the autorun.sh backdoor. Even though I didn't have the specific firmware for my installed version (6.0.9.9), it was clear that mine didn't have it and that's why I could never get it to work. This miscmanager file is also responsible for the other USB debug features, these are all still there. The core OS appears to be from GENIVI/COVESA (GitHub: GENIVI/COVESA). I'm not familiar with these systems at all. They have a fair bit of open-source stuff that will probably explore in the future. I decompiled other binaries to try to look for some other interesting stuff. Found a lot of D-Bus stuff, that will be useful for getting vehicle information when I can run my own software. But my goal was to get root access first. One way would be to craft a new update file with a backdoor, which would require reverse engineering the whole upgrade procedure, and as expected the update files do have some signature hashes that presumably need to match. Getting root access directly would be the preferred way. The Android Update App Something I noticed on the official website was that they were promoting a new way to update the maps, using an Android phone app. Could this be my way in? The description on Google Play promises to "Eliminate the Sneaker Network", an expression that I had never heard, in reference to not requiring a USB drive. Of course I didn't install it, there is no point in that. I just searched the id com.nng.pbmu.dacia on Google to find one of the many sites that offer the .apk file for download. I'm not an Android developer, I just know that deep inside there is some bytecode that traces its root back to Java, and I know Java. I don't care about Dalvik, ART, Zygote, or whatever. Just give me those Java classes. Over the years I've decompiled a few Android apps, my preferred way is just to unpack the .apk as a .zip (that's all it is), get the .dex bytecode files, run them through dex2jar to get some .jar files and open them with good old JD-GUI. Recently I've discovered jadx which provides a better experience for decompiling apps. To my surprise the app was quite complex, it appears to include some sort of native bindings, and most of the functionality is implemented in some kind of proprietary .xs scripts (similar to JavaScript). These are found on the app's resources. Android APIs are exported as modules to be used in the .xs scripts Several native libraries and .xs scripts It appears that the liblib_nng_sdk.so library is responsible for running these scripts, but I didn't explore it further. My goal was just to focus on what kind of protocol was used to update the maps on the device. And I found it in the file nftp.xs. NFTP!? Is it standard FTP? No, it's not standard FTP or any other known protocol that I could find. It's a new binary protocol for transferring files, implemented on these .xs scripts. The app then uses Android Open Accessory (AOA) as the transport layer for the protocol. AOA was totally new to me, but after some reading, it was clear that it is just a way of establishing a standard for an accessory to talk USB with an Android device. The names are confusing, the "accessory" is actually the USB host (in this case, the head unit) and the Android device is the USB peripheral. The Other Side The new update file that I had was version 6.0.10.2, which, according to the website, was the version required for the new update app to work. That naturally means that there is some specific service/code on that file to handle the update on the head unit side. After some digging, I found it. It's another set of .xs scripts, these run on a native interpreter. There is also a native binary, aoa2sock, that bridges the gap between USB (AOA) and the .xs scripts by providing a pipe for the transfer protocol. It's clear that this phone update feature is an afterthought, the binaries/scripts are not part of the standard upgrade filesystem, they are installed separately from a .ipk package file (yellowtool.ipk) when the system is updated. The internal name they use is YellowTool / YellowBox. And this is the only part of the entire system that is coded with these .xs scripts, everything else is just native binaries. Most of the system uses native binaries and Qt applications The mobile update app feature uses .xs scripts Being plain text scripts, it was relatively easy to understand what the protocol does and what kind of access it provides, even though the coding style is atrocious. Constructing The Backdoor At this point, just by reading the code, I was pretty sure that it was possible to write arbitrary files under the /navi directory, and that would give me full access if I carefully modified some files. I just needed to create a fake Android update app and connect using AOA. Well, as I said before, I'm not an Android developer, so I went with the next best thing, the Linux Kernel. As it turns out I'm also not a kernel developer... But I knew that it has something called gadget mode, where a device running Linux can act as a USB peripheral (instead of a host). Could I make a Raspberry Pi act as an Android device in AOA mode? Gadget mode can be configured from userspace using configfs (just by writing specific /sys/kernel/config/ files), this way does not require writing any kernel code, but it's limited to specific "functions" already implemented in the kernel (e.g. serial port, mass storage, ethernet adapter etc). Not unsurprisingly, that's how the guys at Google implemented AOA, they added a new "accessory" function to the kernel. They even tried to push it upstream, but it went nowhere, currently, it's not part of the Linux Kernel. I don't think it will ever be, it's probably too specific, and it's kind of a weird protocol. After reading more about AOA, it was clear that it involved a kind of handshake where the accessory asks the Android device for AOA, and after that, the device just acts like a serial port (a "raw" data pipe), and it's up to the developer to do the rest (this is a simplification, and there are other modes, read more). So maybe I could use the serial gadget function to fake an Android device already in accessory mode, without implementing the handshake. I also found the talk where they first announced AOA, back in 2011. It's a nice talk if you are into USB stuff: The Testing Setup The system is something like this: Android side: Update App / "nftp" (.xs scripts) <=> AOA <=> USB Head unit side: USB (host) <=> aoa2sock <=> "nftp" (.xs scripts) <=> [reads/writes system files] For testing, I used 2 Raspberry Pies. Because the head unit is ARM-based as is the Raspberry Pi, I was able to run the aoa2sock binary and .xs interpreter from the firmware, this simulated the head unit and acted like a USB host. The other RPi was the USB peripheral (using the On-The-Go, OTG port), which when configured correctly using the gadget mode, acted like an Android device in AOA mode. The smaller Raspberry Pi Zero 2 W can be powered from the OTG port and will act as the Android device After messing about with multiple gadget configurations, I was seeing some promising debug messages from aoa2sock, that's the binary extracted from the firmware that creates a pipe between the USB AOA and the weird "nftp" protocol (.xs scripts), on the head unit side. But it was not working... "No AOA endpoint was found": My fake head unit was not recognizing my fake Android device >: file aoa2sock aoa2sock: ELF 32-bit LSB executable, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, for GNU/Linux 2.6.32, BuildID[sha1]=XXXXXXXX, with debug_info, not stripped After inspecting the aoa2sock binary in Ghidra (thanks for the debug info) and reading the kernel code, I finally found the issue. The kernel serial port gadget uses a different USB subclass from the one used by AOA, and it can't be changed from userspace. Is this a bug? I think AOA is correct in using USB_SUBCLASS_VENDOR_SPEC for a generic interface OK... Let's patch the kernel I ended up having to download the kernel source and patch the f_serial.c gadget function to change the USB subclass. After compiling the kernel module and loading it using modprobe, it finally worked and the aoa2sock binary recognized the device. My fake Android device was finally connected to my fake head unit Can I call myself a kernel developer now? All that was left to do was to somehow recreate that "nftp" protocol. I didn't really want to use the proprietary .xs files implementation, so I wrote my own in Python. At this point, I had all the pieces and the Raspberry Pi now replaced the Android app: Raspberry Pi side: Python Script ("nftp" implementation) <=> USB Gadget Mode (emulates AOA) Head unit side (same as before): USB (host) <=> aoa2sock <=> "nftp" (.xs scripts) <=> [reads/writes system files] Creating the backdoor involved issuing "nftp" commands to edit a specific file under the /navi directory and inject a call to a bash script, this bash script (also uploaded using "nftp") contains the payload that runs as root. H4cking Time After much testing with my dual RPi setup, I was confident that it was going to work... Raspberry Pi Zero 2 W (OTG port) connected to the infotainment head unit Setting up for an update... Ready to "Update with Phone", that option is only available after version 6.0.10.2 Waiting for a phone Time to put the RPi in gadget mode (I was connected to it using SSH)... Sorry, it's not a phone and we are not sending any maps Sending and running the payload... Got it! Success! I had root access. That payload is just call to a specific D-Bus method that I found while analyzing the firmware, it shows a popup with custom text and title. The text is the output of the id command. Finally, after replacing the payload with something more useful, a simple socat bind shell and connecting back to it using Wi-Fi, I had full access. Give me that root shell If you didn't follow it all the way, here's a summary: I used a Raspberry Pi in USB gadget mode to simulate an Android device connected to the head unit. The head unit thinks it's accepting a navigation maps update from the "phone", but because the update protocol allows for arbitrary file changes, I can issue commands to modify a specific file and inject a call to a bash script that gets run as root. Code Please Everything is on GitHub with more detailed instructions (it contains no proprietary code). The key pieces are my implementation of the "nftp" protocol and the gadget configuration. What's Next? This is just the beginning, now it's time to really explore the system. First, I'll probably end up restoring the autorun.sh functionality, with a custom service, because I think that's the easiest way to load software. That way I can keep all the new stuff on the drive and make as few changes to the system as possible. One of the main things I would like to do is record car parameters, stuff like speed, fuel, location etc. It remains to be seen if I can easily access that information through D-Bus, or if I need to go deeper. I'm not interested in adding anything that requires my attention while driving. But that's for another time... Some Extras (Could I have used SSH?) Two ports are open by default on the head unit, an SSH server, and some Apple service, probably related to CarPlay (Server: AirTunes/320.17.6), I didn't really explore that. But I tried cracking the /etc/shadow root password from the update file using hashcat / john with some rules and password lists. I'm not an expert doing this at all, I don't even know if I was doing it right, and was not successful. Not that it matters now, I could just change the root password or add a new user. SSH on port 22 / AirTunes/320.17.6 on port 7000 Sursa: https://goncalomb.com/blog/2024/01/30/f57cf19b-how-i-also-hacked-my-car

Cu putina inginerie sociala afli unde sta si de unde si cumpara electronice si alte chestii. Ii trimiti din partea acelui magazin un cadou cu ceva pentru pc care contine si un super mic programel care modifica hosts file . Poti sa i faci si un Evil Twin Attack. Vezi daca cel ce ti a furat contul se mai ocupa cu asa ceva sau alte prostii informatice. Poti sa creezi honeypoturi. Insa eu iti recomand sa vorbesti cu cei de la CERT. Ei se ocupa cu facebookuri furate.

Tutorial algoritmi

Uite aicia 5000 de numere de mobil romania. 0785218813 0781728797 0784001593 0783217669 0782230045 0789367328 0782052405 0786534736 0781577576 0784465142 0785013749 0788480294 0787372496 0784021502 0787367175 0785238494 0788425099 0784023046 0789659166 0786220768 0789123098 0784832579 0783932917 0787763177 0781016117 0789662679 0787107164 0783783748 0781971934 0786892945 0788348110 0787815382 0783858430 0788480075 0786463780 0788481791 0781258612 0783209979 0785937652 0787626716 0781241652 0783242875 0784967758 0785718413 0789754159 0788084859 0788073191 0782249526 0783150096 0786528893 0782743803 0785717090 0787471323 0788184788 0781164175 0781386234 0787795879 0786238414 0783201552 0782567365 0783260163 0788268655 0785562801 0784684629 0786117030 0787198365 0785621864 0788892419 0787557721 0788885383 0784979881 0786215119 0788085393 0783032449 0785979115 0786880223 0789864819 0788214502 0788009017 0782931256 0782589487 0785857638 0781633651 0785443040 0785149141 0783631020 0781344058 0785673640 0788315899 0786077546 0781685912 0785020196 0781008426 0784370286 0785366553 0782972996 0787680072 0781283129 0789601382 0783555793 0787972574 0785692729 0788788299 0782517437 0782595308 0784689272 0789863877 0781454140 0786736696 0781814615 0789932104 0786841767 0785166621 0787966998 0782499108 0781644332 0789849108 0783632716 0785775620 0787319228 0783863998 0781648212 0787326743 0783480651 0788329633 0781207327 0784433613 0783753707 0784444090 0789060417 0786927282 0789087668 0782389846 0784463218 0783642702 0788812876 0784618539 0782724702 0782603693 0783647075 0786833311 0786318883 0787763759 0783246255 0784334141 0781288066 0786529175 0786342738 0785400959 0785666786 0781180217 0786687960 0783886653 0781564167 0787915546 0787324362 0788365984 0786307648 0784187802 0782387980 0781255659 0787110170 0787010049 0787676278 0784887332 0781844435 0785451921 0781703402 0785324296 0783686230 0787025791 0788124406 0782029022 0783128544 0781485916 0787545113 0783884451 0785080488 0789146508 0788041566 0784678150 0788090873 0788352747 0788777303 0788880200 0781239321 0786201015 0781825678 0786547670 0786318338 0781446892 0788310889 0788536899 0781215712 0783391416 0789723140 0789308832 0781087481 0788358921 0783489706 0781726336 0789656661 0784575007 0781817204 0782960571 0789011214 0788675351 0785373543 0782895818 0788164088 0785850459 0785203241 0782960746 0782912494 0786631039 0787050169 0782273118 0783242385 0781892074 0788417687 0787604896 0787463843 0781720571 0788198123 0786643151 0781751975 0781760061 0783723667 0786916245 0782227890 0785506453 0781359955 0789921260 0789446360 0789821623 0789143962 0787978466 0782239425 0788269732 0788667433 0783424970 0789394891 0781559760 0789774095 0787914123 0783491273 0784985160 0781435951 0787651821 0784804678 0788616630 0787658829 0789301981 0783943545 0785666919 0784262491 0788936089 0786376882 0785174051 0782208595 0788251153 0785951684 0788457297 0781667927 0783657634 0785490504 0785281979 0783514384 0783090870 0787487076 0789071701 0781033693 0784972651 0783224639 0785992716 0788210003 0786904082 0781946474 0781284000 0784151878 0786766813 0781324110 0786071844 0783111566 0783611259 0787847622 0782057973 0786977714 0784779441 0786559131 0781207872 0782601584 0787065372 0787061137 0781416280 0787473285 0781937594 0789891832 0787116460 0783423619 0788778268 0781979826 0783070822 0788195984 0788262461 0785468077 0783454315 0784777788 0786941488 0782194801 0784138240 0785538284 0783567811 0782175693 0784463224 0786835319 0788913895 0786272059 0786764893 0786031303 0781149961 0782071445 0783593352 0789771483 0784074618 0785507975 0789348623 0787117154 0786902484 0786147126 0789763024 0789261580 0784833560 0785203868 0783857937 0789085005 0783883251 0784620658 0783394506 0788577564 0782107366 0789970485 0788206440 0786283460 0786748982 0786768720 0789379152 0785388170 0789023440 0782753047 0786007429 0784573395 0788176493 0784489381 0781616224 0787706823 0788386472 0783299337 0785121366 0783754486 0786119452 0786337160 0787875302 0781794362 0782431776 0784876659 0781704723 0788363941 0788317754 0785378218 0783952068 0785293237 0783877552 0788187328 0784923937 0781179474 0783865004 0787309891 0784022501 0787305896 0786128821 0784960453 0788093712 0785149436 0781139696 0786189628 0782085086 0781344179 0784587643 0786151113 0781698532 0781583913 0789499290 0789640019 0783458111 0785770205 0783095182 0787412078 0784851684 0782872322 0782532030 0785943757 0787857528 0787495752 0788627724 0789790019 0782265789 0788697191 0783100610 0788544273 0789056595 0783899757 0781361935 0786121189 0788595156 0783241157 0781337906 0785881728 0782881347 0787129763 0784890859 0787887077 0786987179 0785488957 0782388136 0786052622 0786675071 0787087114 0789374639 0788314598 0788342195 0781533867 0783364976 0781187011 0781036859 0789416090 0787243178 0784135380 0789060546 0784597923 0787699025 0784046494 0782002442 0783811302 0781328965 0788971927 0787835137 0789481382 0782274304 0781890940 0784443843 0785544265 0784591822 0786868759 0788367596 0784644952 0788956577 0783368571 0786107615 0783575101 0784114947 0785178674 0789322550 0784786010 0781202078 0788522728 0781534781 0781174924 0786084329 0789179064 0785997978 0787202524 0786821181 0788283423 0789430737 0781844364 0786884635 0784175877 0785159992 0783416208 0788217484 0787193688 0785812809 0788483699 0784870754 0783797929 0786942043 0786496215 0782819414 0786391906 0781459512 0784874607 0788027763 0786485445 0781482975 0783520350 0784723942 0787216430 0783609223 0782806235 0785285791 0789907689 0783644235 0786795519 0788992986 0785111963 0781077263 0783616595 0788259730 0785893747 0784974951 0782261230 0788156059 0781066685 0783727088 0788646994 0782761915 0785491397 0787997800 0788228222 0788631757 0784702709 0781381006 0781206430 0789701653 0786597270 0784001520 0787057073 0782846796 0781482071 0786921366 0782806153 0781896392 0786170153 0787215780 0789747176 0781603106 0783650103 0785726587 0789618281 0784290684 0787122502 0784798442 0781339143 0784908947 0782175134 0786291121 0784574595 0784525166 0781028833 0782880257 0786515135 0781007151 0789248137 0786118968 0781583082 0789526682 0783437805 0787093865 0783395716 0782110443 0784020188 0781769799 0787777658 0788972379 0783168797 0781364838 0782985906 0783850904 0783979911 0788043887 0789111811 0789764809 0788379518 0784937538 0782509255 0789904265 0781041863 0786297482 0788526518 0781306148 0789426923 0783531906 0782817963 0788601813 0781406231 0782799001 0782648253 0781051185 0786632698 0781220493 0788165300 0786556237 0783330870 0788507838 0781270495 0786352703 0787020782 0782366762 0782740149 0783337725 0782230854 0782140050 0784174301 0785294878 0781568825 0784856226 0783020839 0783305401 0788924459 0783262732 0782596274 0788763124 0789329883 0781559274 0788432144 0789402692 0788521072 0783870621 0785841838 0782176822 0788310310 0783253788 0782779790 0787133119 0781353271 0782590083 0781450562 0782833035 0785401307 0782177938 0781707778 0785808691 0781927661 0781252095 0789688219 0786507889 0786031336 0789851360 0789528412 0782973080 0787698096 0782445123 0786848507 0783743805 0785452581 0781685114 0788526814 0785896785 0787977200 0789271056 0783429701 0788881662 0789793973 0782068273 0785027413 0788977065 0789360259 0787041180 0784941606 0788978741 0784405664 0781187804 0787904093 0787746521 0782554953 0786787581 0787835463 0789077788 0781871053 0782924254 0784371356 0788669711 0784342208 0783868758 0784478724 0786865187 0786405279 0789035983 0782680538 0789668156 0784063267 0785553775 0784855833 0786130250 0788748236 0782826115 0786014716 0789859386 0786224680 0781711153 0787147629 0788990155 0785909753 0781549670 0788567415 0787510291 0784541028 0789101985 0782188851 0786091485 0786194786 0786926757 0783474068 0785660141 0785890768 0783667700 0786940242 0788464522 0786273933 0788181087 0789957746 0786557249 0784275380 0785691205 0784837982 0781826703 0788130741 0788987074 0786940298 0785917720 0785125943 0786647614 0787497263 0785446637 0781897919 0788916530 0781420521 0785305190 0787568779 0789757108 0782980064 0784340107 0786910803 0787431016 0781019305 0789867817 0785546059 0786517401 0785548770 0788564739 0781774105 0785241123 0784376348 0787323787 0787655788 0789141098 0783620027 0788147648 0787115093 0787707470 0784400571 0785296991 0783173352 0788819645 0781965542 0789547170 0789429493 0788027429 0784762221 0786974236 0783247178 0782635052 0781895742 0786516823 0786201022 0786617639 0789646445 0786844363 0785671899 0784970164 0786280642 0782613340 0784438303 0788375558 0785143615 0789884818 0783271265 0781173475 0787790848 0782756820 0786296502 0783272872 0788190095 0789861308 0786356537 0787683072 0782166754 0788091157 0786465473 0781472133 0781438324 0787518628 0782755179 0788574533 0786317560 0789139052 0784345381 0787859524 0782122765 0784143419 0787517950 0785422572 0789852848 0781962032 0782347631 0787446663 0786344487 0783510193 0789304645 0786468867 0781292790 0787164314 0783538578 0783523390 0784623132 0788467480 0782160417 0784859894 0784553914 0788462784 0788733544 0788520395 0789070623 0782878104 0785653919 0787505093 0784814008 0785291429 0782488016 0785013680 0781881689 0788252406 0782668310 0781467330 0789960347 0785772601 0787927292 0781642174 0785458901 0787247134 0782349699 0782887804 0789885713 0786158646 0781933236 0784535090 0787572246 0789519267 0785063462 0785098269 0781315137 0784171503 0783719188 0784768950 0785409873 0788997553 0786351948 0787974744 0786308112 0784842536 0783632654 0782053057 0782022177 0785290965 0785587178 0783040383 0785496004 0783071248 0783563041 0788850529 0781540187 0781518242 0789400991 0787306778 0787113084 0786845739 0788634681 0783911976 0781944868 0782118828 0789932846 0785294740 0781227967 0787389745 0784698543 0787710185 0785533217 0787899358 0786057455 0781962794 0789420652 0789952547 0785334061 0781616365 0784614480 0781296641 0781865627 0785594747 0781571468 0786897180 0782481883 0781209279 0789152616 0782327295 0786669573 0786258137 0781263891 0788669314 0786654119 0782387223 0788654262 0784958439 0787484074 0787655322 0781028970 0789891489 0781770086 0789976347 0785652374 0783203683 0785549177 0782914223 0784788096 0781191622 0786198566 0784831542 0784783968 0787763584 0784655488 0783592851 0783153976 0786783822 0787651452 0787646251 0781291434 0789132528 0787442015 0787308214 0781479260 0783838794 0785425707 0785683805 0787413554 0789738627 0784136442 0782991075 0782665459 0782770130 0784201355 0783534683 0782286006 0789586831 0786098566 0782520323 0782348003 0789567659 0786421182 0788960993 0786128727 0782838031 0782474168 0783500305 0785013825 0784061267 0789233246 0782870440 0787306985 0789837821 0787363887 0781896440 0783449474 0784461870 0789497086 0782813579 0787777975 0789865370 0785500667 0785049467 0787055178 0784207491 0783166082 0783013837 0784562229 0782120804 0782306844 0783567143 0781685255 0786131129 0786298248 0781723774 0783711346 0788481020 0782179487 0788641228 0782364625 0782925401 0781669979 0784352287 0781505381 0789650941 0786445814 0785995985 0788452383 0782692557 0781991516 0785069610 0785183294 0784828435 0784003592 0787305578 0787015736 0782752564 0782429571 0782787254 0786434807 0782315499 0781379755 0786092801 0786750833 0786944581 0782364809 0786308049 0789505568