data URI proxy v1.0

En relación al anterior artículo sobre el URI data, Evadiendo Filtros de Contenido con URI data, he creado este pequeño applet portable que remplaza los hrefs links de extensiones de archivos especificados por su equivalente proxiada en data URI a traves de un uriproxy.php especificado.
<SARCASMO>
Le garantizo que esto NO funcionara con Internet Explorer
</SARCASMO>
Coloque un archivo uriproxy.php en un servidor web de su confianza con este código:

<?php // Pidele algo o sueltalo en banda if(!$_GET)exit; // Solo HTTP y FTP if((!strstr($_GET['url'],'http://'))&&(!strstr($_GET['url'],'ftp://')))exit; // Lee el URL $f=fopen($_GET['url'],"r"); while(!feof($f)) $s.=fgets($f,1024); fclose($f); // Damelo como data scheme URI print "<a href=\"data:application/octet-stream;base64,".base64_encode($s)."\">".$_GET['url']."</a>\n";

Así que cuando este en una red que filtre extensiones de su agrado (.exe, .zip, .mp3, etc...) le conviene tener aste URL en tu bookmark:

javascript:var uprx=document.createElement('div');uprx.innerHTML=unescape("%3Ccenter%3E%3Cdiv%20style%3D%27width%3A470px%3Bborder%3Asolid%201px%20%2300ff00%3Bbackground-color%3Ablack%3B%27%20id%3D%27duproxy%27%3E\n%3Cstyle%3E.i%7Bborder%3Asolid%201px%20%2300ff00%3Bbackground-color%3A%20%23303030%3Bcolor%3A%2300ff00%3B%7D%3C%2Fstyle%3E\n%3Ccenter%3E\n%3Cbr%3E%3Cdiv%20style%3D%27font-size%3A14px%3B%20font-family%3ACourier%3Bcolor%3A%2300ff00%3B%27%3E\n%3Cb%3EDATA%20URI%20Proxy%20v1.0%3C%2Fb%3E%20\nby%20%3Ca%20href%3D%27http%3A%2F%2Fxenomuta.blogspot.com%2F%27%3EXenoMuta%3C%2Fa%3E%20-%20%5B%3Ca%20onClick%3D%27var%20dd%3Ddocument.getElementById%28%5C%27duproxy%5C%27%29%3Bdd.style.display%3D%5C%27none%5C%27%3B%27%20href%3D%27%23%27%3EClose%3C%2Fa%3E%5D%3Cbr%3E\n%3Ctable%20border%3D0%3E%3Ctr%20valign%3D%27top%27%3E%3Ctd%3E\n%3Cimg%20border%3D1%20src%3D%27data%3Aapplication%2Foctet-stream%3Bbase64%2C%2F9j%2F4AAQSkZJRgABAQAAAQABAAD%2F2wBDAAkGBwgHBgkIBwgKCgkLDRYPDQwMDRsUFRAWIB0iIiAdHx8kKDQsJCYxJx8fLT0tMTU3Ojo6Iys%2FRD84QzQ5Ojf%2F2wBDAQoKCg0MDRoPDxo3JR8lNzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzf%2FwAARCAB4AG4DASIAAhEBAxEB%2F8QAGwAAAgIDAQAAAAAAAAAAAAAABAUDBgACBwH%2FxAA%2BEAACAQMCBAMFAwsEAgMAAAABAgMABBESIQUxQVETImEGcZGhsRQygQcjJDNCUmJykqLBFYLR8BbhU9Li%2F8QAGgEAAgMBAQAAAAAAAAAAAAAAAgQBAwUABv%2FEACoRAAICAgEDAwQBBQAAAAAAAAABAhEDITEEEkETIlEFM2Fx8BSBkcHx%2F9oADAMBAAIRAxEAPwAJz4cMUiEOZGI0jOQB1PQVvlQMkgUtAlJJZ8e45qaJQdiWbeqDDnjg6XBNLOo%2B6c5rVZZmVMjITOkkcs88VHfzCxtmuGTyqQMAjO5xSWXjMrE%2BGqr86FtF%2BDp5P7aHpDE%2BZ9uwo%2FhXErKzJWR1VmbOtt8DtVIe8uJfvytj317G2TucnPegnK1SNHp%2Blljl3No6Rxb2q4bd28NhahzlhmVlAGrl%2Fmg%2FBxszEj02qiF8AgNg8gR07GuoRW1rc%2BzdhxS0uC8k0aGaLUCUJGDsNxhgRXQvyxf6h005%2B%2BIrMYHJV9%2BM%2FWtQCTuSxHQb0U8ZxuoGP3z%2FAN%2BlQsp%2FackdlGP%2B%2FCrdGG7WmaFd9wBn941G6qAckn3DFSsqkbL%2BJYmoXGnGWwD0rg4OmQSEEbIAPXel0yBmAIz6CmrhtORC2MZy%2FX6UJM7ZwGKjsBp%2BlA0OwkyEYUclH8xrdZkaArGVafxAMtnATrgDrUbqMZ0%2F1nFBzXJi%2B6wHuGBRNkY1TtnntPxCKCxltQjF5l2z0GariOGRW7gHNE8YcXDxyS4mSNSCp5enKheEMuUDAEK2k5xjB9%2FvoOUa%2FSQUIa8k8auykohYDfIHKvYnw3cdQaczSNM%2BlmDAEjSgzpHcc%2F8AFCcOwiMfBYPE%2FnYjJPYciRyPagHQAkrgV038kb2V3a39pdRxm4tzqjdjv4cnMD%2Fcp%2BNc94kC8UTlmOklcEb985yevQ0d7GTxRe0Nol0zLbXJNtOVbSdL7A56ebTUoGSvR0ri9vDHcSLACQD05ClEi88sq%2B7c%2FwDHzq28ctrKK0EihwRsoY7kbd96q8ylm8kCoMbFuv8AV%2FirInmesw9mVgiIZJAkSs5zzJwoHc45fGh1uQZJltn1LE2h3VMDPbNb3Cg%2FrJifRBn64qKPJTEcUkgB5sSwHwwKLZXDsUWnz%2FPg1OZZAi4LMep%2BpobxA4JikVwpwSjbUS7ShcGVI1BzpX%2FhaFPgKAnmIHRcIPhvUU7Lcc4KO%2BQWaSMyKIkEieHl9yWLfhyFKuIFv2lVB2HOmEpx%2BsmJH7qjagb2MNHmOFuX32P%2FAEULQ3BqQinM8iuiBRkYFD2H5t3jOdxkUQ0jxTeVM7jNBQtKLlXlBUMSMcsZqUtGlhei0iQyRRHLHXgeGgwMgAj7223oPfUMYKXynAYXI8uZO555I55HbrQtl4sqPEruFA%2B6qg7HnueVTXyrDawKzEkFiA2ScbZyTjbYdO%2B9VVuhq9B05Bt5FnuAokQHSAARpzpUrz3I6Y51Lw72R49fQC5gspIITus87CIehGrf5VaPZyysOB8JHH%2BJWMEl5ODLYWTLnQo31tntkH02qt%2B1XELzi80N7e381zHcBmWNiVWPBwV0g4279abjhhj%2B6JSzzy6w1%2B2dR4TZJNak3vEI3upVBaKMgrCcbhSDk5OT06Ul4hFFBKYyzuw6YC0i%2FJ79svVPC7OK2kjik8WXxioKxNz0nGrUGXbBGNR71b%2BIpJYOYbovLbsNnB%2FOIPQ9R6GihDDPUH2v88GZ1%2BPOoqU0pfpU%2FwDZXyGU5WFE7Fx%2F9v8AFDz4IzLcFvRQSPicfSjeK2zxJataiCS3d8yXTMckdgOh%2FwDe%2FaAQy41R24RejuuPm3%2BKGUHB9skIUnFOLuwVEDbxQNJ6tkj5YHxrSSSRfLkoB0TYfLaiJg5GXlWRh01E4%2FHGKhIY7aGP8oz9KF0yFf8AwWynR9xETHUDJ%2BJ3pXfsXyzsWPcmmZ3jV543R2GTEWHl99A3Mp06VRFx1xk%2FE1U3ZoxXbKmyu3DrHJkjIzy70vvbjVMNA30qSe1NLwFmJY7%2BtBziFYTICM5w2fdy%2BtcqT4NHA%2FAfZvlyFCnxUwCy5weYI2o0RCS9srCaZma4uI0kTygBSRnIHpSi3YGFQBsNga34jxDw72C6gh8Lwp1kwGzy5AdgN8D1o8FetG%2BLGM1vE0uaL57acamHH7q2QFY7cLDGquQNIUHl7yaqs88lw5eU5OPwG%2Bade3CLLf2vFId4eIW6Sg%2FxKArfLSfxqvLnpVnVprK0xX6d2vpo0NfZviUnC%2BLQXETlAQYnIfRs3LJwdshTy6V0Zbw8f4anElhk8PJXw2JG45nbGQelcnRdSlQxUnk%2F7tdrsvaG24nwKzlE0JvZ4Brty%2B4YfeH4EGlNcjPUQU4NCCK6ltHPhIgjYYaIAgH8c5z61Ff2%2FhyJKrtJFMuuNm5%2BoPqKJuEj1HxGdmB3VF0%2FM%2F8AFSnS3BXZYkJguBp1gPpDL6%2BorSxz9bE4y5XB5DNj7Mncv7iZEaRysKPIeeEUt9K9a1fPneGM9nfJ%2Ftz86nmkmlGJJWYAfdJ8vw5VC4VGI1KV6EbA0rYXtXgSSRPqPiaUH8b7%2FAZPyoK4WFQ2pnkPTSAo%2BefpRUgAO52oWaGR1zGjFf3sYHxO1A0Pwk29IRXoRywCBR7yTS2S11xgqcBSTtTe9h0E6pUz2Q6vny%2BdKZPEQu2c4U4GK5X4NPC%2Fkzh5wzxe41JfpmFs9qDsS63SeISNW29XH2X9lp%2FaK5xI4t%2BGQ%2Ba7u5DpVEG5AJ6%2FSjjBuehuU4xhbD79G%2F8AAfZozg%2BKTIVzz0YH%2FwCar4G%2Bw37Cn3ttxOLiV5AvCykfDLWIw2qlTqKg%2BZiPXAPux61Tby8mgAkSd2KuGZRgKw7YFH1U1ly%2B0X6LG8WL3eW3%2FkaIShJxnNXv8l1nY8S4nc%2FaZJ%2Ftdkolt0WXCYY%2BY6evmA%2BIqkRlZl1KeYyDU%2FDOI3fBL9r3h8vhzrBImPEVSwxqwM%2Bqj1pRaY89o6vxoRvdsLdSxUHUFGce%2FtSdpL2BfDa3%2FQLw6VnDK3mjO5GDuBlgfXHrirWPEZuMcUWW7ikuprp%2FEit4WJSMajhWzgDYfAg9au%2FGL%2BC4a3TwQI7eMrHFEwWOIEg6RgbgAAZ2zue1X4Z9idcmJ1nTYoNzm7b4FTvbx7fnJO%2BWCKfwGT8xWL9oHmhtAqHkwhBB%2FwBzZz8akWSdz%2BhQhcDZoo8keuo5Pzoe4hZ2DXNzEH66nMh%2FtB%2BtTZl1X8oUGOfAaOBYhthmGPm2%2FwAKAvFkY5eVZD%2FMT9amfUTqydXfrUFwNeWPM0NjMZJ8ii8j0t5gQT060quHMTY0NkjGNNXm%2B9nL%2FwD0jh01hHe3L3cRmkaJfzMSk4C6v3tt84HKqzxm3EBQyRQJICUZIX1BSOrHJ3Pv6GhfOzUxRcSDgVlZXV3Ld8SlaOxtW1Pp5uewp%2Fx32hlvbeKzjVbHhMf6u2TYNjkX7n05VV%2BKGSHhMZDRqsszFlBAYsoU%2Fd5gefnyO%2Fahra3nv8yRIzHJyztgDqck7daclmUcShDS8sldP35fUyb%2BF4X5Gs9ytzA8UJ1Mu57Adf8AFLJoEZNM0oUEfsjV%2FwCqlWzjjP6ReRrj9mJTIR9B86JSSyhUaLI3Lb5e4kI%2BCqR8yaTuuBy%2FkBjlmWNIFkYhRgKvM0UOEXnhfaHiMMYwQ0pC5Oex3PwoiK%2BnbWImjtl05K28YTkR2o7g3Crjjk8ltaxytKYnkUuSWbSMkADriutkWi7ezptrfgcKxJK0rQqCquFwSM7k5PLGwFT27POxWK3DtzULF4rc%2FXPcDl0qf2atrONIrm4aEZUDCR5V1xnYHpnGc9DjepOL8QlvLp1heXwS3mjjOlfXYfWq486dinW44dt%2BQWeK5k8t3KEAOwmkxj%2FYMn5VAwtFwHmmkON9CBRn0LHPyFeNGzOWOhNTE4VcAe4csVslmHyMM34UwrMdYpN8CFtwSByG57VE0M0iM0cTsBzbGw955VOJtA%2FNRRx%2BuNTfFs%2FLFD3DSTHMrtIf4jmhCVIYwWdtB7OSX12hvgJ2Sa3juyFtxsFYqp8xJPPkKp%2FEXtAZPsZl8NwMxzKCRj1HOmUkQPvoRuHmRhhSdW4AG5GaBrdmhjzaSSGD8Nf2o4MgscG8iYeHDgL4o32A75z78jtVf4bwu6nvksFtpXuJHMYhUYLMOnxFdC%2FJ9w2PhN39vu0l1o%2BYUbluOZ9efOmt%2B8Vx7UpxzSY2SaOURqMZK46%2BoH1qV8DXrQilvZy6zs7uWdYoraNWZhGFfbLE4AJPqae8T9kPsnFHsLZpbx7c6J59GEMmPMFHYHbJ3ODV%2BF9w%2B3unvLHg1nayPIZDc3AMrKxOSQW2XftSm%2B43G8sktxc%2BJI7Fm8JdWSfXYfOp0VTz60R%2BzfDLezb7Jxqwsp7CU4dmhHjRfxK6jIIONqacDg4LwK8ivLF%2BI8QvISQhYLDGCQRyAyds7elIn4zlgIbfG33pWznbsMfWh14hdSl41ZssMKkA0HPfC7nrXKVeCn12%2FJZhbxW7zoBHbIyuY43bSYzzK99gD%2BGDQYvbKPcO8zfwAgfE4%2BlLorC6VWM6JaBhjNw4QnfsfN35CpYYbOMHxLiWdh%2BzDHoH9Tb%2FANtd3C05uyZ78sp8K3iT%2Bbzn57fKoxJeXYxG1xKFO6xBiF%2FBeVSrcRKw8CzhXs0uZW%2Bfl%2FtraWe4mAEs7so3C6iFHuA2FSKzkvLbK7uQSBkd69ERfA5ZHvzWVlTVDkMcaTJobNXYYVpd%2Bm%2FyoyN7azxrmiT%2BFfM3wGfnWVlC2HL2rRjccRECW8Lt%2FE50j4DP1oSfil%2FKQyMIgThfDXG%2F8xyeo69aysrvJUm2RCxvrlRM8UrL%2FwDLMcL%2FAFNtU%2F2O2UfpF4pOB5YELn4nA%2BBNZWUN06On7TdZLRP1Nn4jA%2FeuJCR%2FSuPqa2%2F1C7%2FVxzeBGf2LdRED79OCfxzWVlcwU22axpgkkb9fWpFYKwIOx51lZUx%2BCvLpk6mNLSa7urhILWEgNI25LHkoA3JOD8KntpIrm2juLeQSxSDyuuR7wQetZWVN7otn08P6dT8n%2F9k%3D%27%3E\n%3C%2Ftd%3E%3Ctd%3E\n%3Cdiv%20style%3D%27font-size%3A9px%3Bcolor%3A%2300ff00%3B%27%3E\n%3Cform%20name%3D%27urip%27%3E\nProxy%3A%20%3Cinput%20class%3D%27i%27%20name%3D%27proxy%27%20size%3D%2735%27%20value%3D%27http%3A%2F%2Fyour-uri-proxy%2Furiproxy.php%3Furl%3D%27%3E%3Cbr%3E\n%3Cinput%20class%3D%27i%27%20type%3D%27checkbox%27%20name%3D%27bin%27%3E%20Binaries%20%28exe%2Csh%2Cbat%2Cdll%2Cmsi%2Cscr...%29%3Cbr%3E\n%3Cinput%20class%3D%27i%27%20type%3D%27checkbox%27%20name%3D%27arc%27%3E%20Archives%20%28zip%2Crar%2Ctar%2Cgz...%29%3Cbr%3E\n%3Cinput%20class%3D%27i%27%20type%3D%27checkbox%27%20name%3D%27mov%27%3E%20Audio%2FVideo%20%28mp3%2Cwma%2Cwav%2Cmpg%2Cavi%2Cmov%2Cwmv...%29%3Cbr%3E\n%26nbsp%3BAdd%20extra%20extensions%20%28separted%20by%20%2C%29%20%3Cinput%20class%3D%27i%27%20name%3D%27extra%27%20size%3D%2710%27%3E%3Cbr%3E\n%3Cinput%20class%3D%27i%27%20type%3D%27checkbox%27%20name%3D%27todo%27%20onClick%3D%27var%20a%3Dthis.parentNode.getElementsByTagName%28%5C%27input%5C%27%29%3Bfor%28i%3D0%3Bi%3Ca.length%3Bi%2B%2B%29if%28%28a%5Bi%5D.type%3D%3D%5C%27checkbox%5C%27%29%26%26%28a%5Bi%5D%21%3Dthis%29%29a%5Bi%5D.checked%3Dthis.checked%3B%27%3E%20ALL%20-%20\n%3Cinput%20class%3D%27i%27%20type%3D%27button%27%20value%3D%27Proxy%5C%27em%27%20onClick%3D%27proxyem%28%29%3B%27%3E%3Cbr%3E\n%3C%2Fform%3E\n%3C%2Ftd%3E%3C%2Ftr%3E%3C%2Ftable%3E\n%3Cscript%3E\nfunction%20proxyem%28%29%20%7B\n%20var%20a%2Cd%2Ce%3D0%3B\n%20var%20b%3Dnew%20Array%3B\n%20var%20c%3Ddocument.getElementsByTagName%28%27a%27%29%3B\n%20a%3Ddocument.urip.extra.value%2B%27%2C%27.split%28%27%2C%27%29%3B\n%20a%2B%3D%28document.urip.bin.checked%3F%27%2C.exe%2C.bat%2C.sh%2C.dll%2C.scr%2C.msi%27%3A%27%27%29%3B\n%20a%2B%3D%28document.urip.arc.checked%3F%27%2C.tar%2C.rar%2C.zip%2C.gz%2C.tgz%2C.tar%2C.dmg%2C.lhx%2C.arj%2C.bz2%27%3A%27%27%29%3B\n%20a%2B%3D%28document.urip.mov.checked%3F%27%2C.mov%2C.mp3%2C.ogg%2C.wav%2C.wmv%2C.wma%2C.avi%2C.mpg%2C.mpeg%2C.asf%27%3A%27%27%29%3B\n%20b%3Da.split%28%27%2C%27%29%3B\n%20for%28j%3D0%3Bj%3Cc.length%3Bj%2B%2B%29%20%7B\n%20%20d%3D%28c%5Bj%5D.href%29%3B\n%20%20d%3Dd.substr%280%2Cd.indexOf%28%27%23%27%29%29%3B\n%20%20d%3Dd.substr%280%2Cd.indexOf%28%27%3F%27%29%29%3B\n%20%20for%28i%3D0%3Bi%3Cb.length%3Bi%2B%2B%29\n%20%20%20if%28%28b%5Bi%5D%21%3D%27%27%29%26%26%28c%5Bj%5D.href.indexOf%28b%5Bi%5D%29%3E-1%29%29%20%7B%09%20%20\n%20%20%20%20c%5Bj%5D.href%3Ddocument.urip.proxy.value%2Bc%5Bj%5D.href%3B\n%09%09e%2B%2B%3B\n%20%20%20%20break%3B\n%20%20%20%7D\n%20%7D\n%20if%28e%29alert%28%27DATA%20URI%20Proxy%20v1.0%3A%5C%5Cn%27%2Be%2B%27%20elementos%20transformados%21%27%29%3B\n%20return%20true%3B\n%7D\n%3C%2Fscript%3E\n%3C%2Fdiv%3E%3C%2Fdiv%3E%3C%2fcenter%3E");document.body.appendChild(uprx);document.urip.proxy.focus();window.scrollBy(0,5000);

Disfrute con ética y responsabilidad :)

Mosca!

juega un poco con esta MOSCA!

mosca.js
window.scrollBy(0,-2000);var body=document.getElementsByTagName('body');var fly=new Image(), ofly=new Image(), ifly=new Image();ifly.src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAEgAAABhCAYAAAB1Tue5AAAABmJLR0QA/wD/AP+gvaeTAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAB3RJTUUH1wQWBRQ308WYBQAAAB10RVh0Q29tbWVudABDcmVhdGVkIHdpdGggVGhlIEdJTVDvZCVuAAAb+ElEQVR42u2ceazc13Xfv3f5rbPPvHkrSUmUqF2iRNmyrMBLLNexVSNGXKBJWsdt4LSpo6YrmqLtXykQ1HHQFmlr1OieBEiANkbUWF4lW95kW5JlU6JEiavE5e1882b7rXc5/WN+Qw2fKMkxH/noRpf44c2becT87ud37jnnnnPuAd4ab423xlvjL/l4/NGvON/65uPB1Xhvcie+9JN/++PB2trawr137X/5wL3v+IfLZ87eNr9nz58AeOwtQACstu8iQ//qG9/+3leXF5f/xdm1jWx+YddvX40SxK70F+675ppmNSz9vlb6Y9ZYtOp1REmqZucXnjTWfCJNo2Nf//736CL3RzsBSFzpL9w1PftbUsi/3x8MmdI54uEQmVIiy9QexvDAO+6991S/23vF933WG/Q5gPGF/28Bvf/+dy3snp375WalcoMU7j8T0m3EWYpMa4BzCOFAW4swDNphUHrfubXVe/Zdt/e2n7n33t0/euH5o8V9sp2QpMu6xO67/a4pY+27tNb/yFh1v1KaZZrEwsJudPs9rKyuQHIOKSW0VtizZw+qpRLWV1cgGFAOw1Xpuo8MsvQ/PPXswVcA5AAUAHulQF0WCep3us2Th4/O9nrd/5okyT8dRsMbkjThSinOmMAgTgDGQNYCgsNYgjEWWlsMBgPkaQKHA0apMmfsQOAFQabyHwziKCvAXDEpuixre2Pj3L9kDI9FUfxzwzgK8jwDWQPPkQh9F0rlyFQOAmCMhecHEMIBFw6k48NzPFTDEmqVMhzBIaz+xQcfeP9nbrhubw2AWzzYK6KbxGVSxEvf/uY3f2kw7LeUHj30WqmMchDAdUP4pQq0sQjCMiwBe/feiFq9iTvu2I8P/pUP4PTJk6iUyiBLqAQeKqXQ8f1gV6XVfPjFo0eGW9QD+6kD9OjjX1urlytNa/W7QcQEF5DSgZQuktwgyTXIANVaE1GcIMsU/CDEYNDFyRMn4QchNjd7EILBEQyGKApr1ed/7iM/3/uzhx8+XUgOuxJuymX7gjv33Xyz4zj/M4qi+7SxCIMAaRoj1xZhWEG5Usf03C7ESQwOhmajibOnjyFLIkRxDM4I1UoVWZqeW++c+++VZuPoi0ePnAYQFVdcXGmhvHMAZrsV+GV9Avfeuf+fJHH0e9YYXg591Coh1jpdZAowlmOYZiDGwcHgCYZm1cdsq4J2q45d11yL9txC+tVvPPE/HvnKV54uAGQFkKSAE01cSfG53k5I27bVqNfrNQDU7Xb74/f8wHti0O91w6DU1MRw4tQyDDhcv4RyrQHD+xCOg2a9BTIag+4a4pwhzhlW1zropvoL3/redw8VqsArfjrFa7+4vGIebMLC0VUHSHBe41zsBvDE+L3OIAtyOC4pBm0MhppjYX4PGvUWNjodKGVBzIKIgwkPhpewvJlhan4aGQR96xvfPTHdnilrpeM4SfICwhiSW1xjOLZYYpPLjK4aJV0pV4ZSOO8MgvBMHEeZ75bqQsjf0obeobVBmudgDNDaYLPbRb/fh7UGWucYRkP0eh1keQalDTq9PsJSjU23Z2//+K987B0zM9PeD5555tiEaZ+8xnDUhCM5hnT1WLEojsjz/TP9Xm8fEVtvNRq/US6V/7FSSpRKFXDOoXSOPE9hrQERgbHRg9ZGQakUnAFSCBhtcG5jA1me+0mSiEe+9Of/JYoiM6E3J7cdYzhpcY310NUlQQCQJHEWeMEt5TD459Vy9aNJmk4TMTiuhzRLkWVJMTMGEEFKMZotEUAExhgE52CMwRgDIiCKYlatVg4vLZ/tbDEqtgCRFQp6rKwnFfXV5wftu37vWprkDc8PHsxVXhZCQlsCyIIRQXAGC4LkHK7rQToOpOOAM44gCMGFA4BDKQUiQpamfN/1N06f21h9IU7ibEJyTAEjAjAorrh4z2yXkt52QIvLZ4L3vu99IiiVf+HFwy9VCQyccQjhghiDKZaXlA6EdCClhJQufC8A5wKO64ExAWs1GGNwXQ/lUtgYRr0nu93N/oT0qEJyhgD6E4Dy7QS07RHFJE69NE0+6QfuQpImqJTriJIYxuQjOJYAAqwxyPMMSuUQwgFjvFg/KRzXBWMjVdNqNhF6AfIsU1vCHWMpUhOO4rb6QJdls1qrN9a73f7Jr371Uaa1QbfbgcozCM7BGQNjo7kRWTAQBOcQHCiHPqQcuTJZlsIYDSE4kiSDlE602e30L+LcsglFPXltG6BtXWLz7Tl3EA/N6VfO/PXjx469baxofS+E43hQeQZrdKGMJYSQEMKBwxk8x4UjBRgXo/CHzkEgOI6Lchi6ucrXO5vnzryO9ZrccpirDtBf+8hH7u93ur8J4MDtt94xOxwO/p7KsoYhCykkfL+EXCloncOSgZQSnAsIIVEpV9FutzE3NwvBJRjj4FwizRKQNWCMo9Vqso989MM37d61cPrgswfXJyDpie1HOuEDXT27+Uceflj84OmnP9rvdq/XKp8TQj6Uq3zBlYLFSQbhuPD8EFkWw5IBkYXrOHCkg0qlgVqtiZ994P344F/9MBqNaQwHCZIkRZxEsMagFJYxPdOmQ88f/Owrp15eXF1dTbfooHwC0LZL0CUr6V6vx7M46U+3W4zQugnMncqVZkvLi7DWwmgNazRABLIEzgQEl3BcH450YS1wx133YO/NN6MxNYuXXjqOqSxFFPfR62vkeY40SalaKr3zmt3zwdrKyh8vr66ubdl2jC9Z6NVt00OXrKS//fjXKfTdw7fdfFP12muuvbXZaAjJORzpggEwehRCtmQBBjDGwDmHEBKWCFwIEBikdGAsRq8dF0EYgnMBBtCpl488M+h3b+isr7WqlcoMY2y8xeAFlEk42xqhuGRAn/1ff6CPHj3qzc7ODHfvXsisVcjzBEmaAJyDQFB5XugXAcY4LI2Ur5ACc3PzKJWr6G4OkOUGFkAax+BMgIjD81wYlduls6dO1ms1maZpLoRgE4BEAUdOZD/YVbPEAOCB9z0w0NpsxoPBtwfdzVut0XstGcACRADjHL70IKRAnibQWoNxhixLwQXH2loHLzz/EtrTM+h2O8hUCksWjAG1agWs7JTifmc47G2+GMdxxxpDEyC2AhKF8mZXxV7s/v13MCISoe+///ixI/kgimc5F1NKG+RGA4zDdX1obaCVKrZhhCSNoZWGMRbNVhvlchmPPvplvHLyJWxsrJz3haYa9SyNuqdbU00qlcsbLx49tpQpFU9sRvVEMC3boqh3HtCZ1TW875333RZ47v48S5329PSCtdQka5njBNBKI8tTMA6US2UwSBDRaDMKQq+7iRMnjuP06VN48YWDGAw7iKI+lM7hSAkJ3c/zeH12ZpYbQmd9Y+PsMIrSicnbCUjjcIe6ajarv/rLf1Pump+/o1qt3cZAnAnOQOwaBsGtBdIsQ5ZnEELCdTyUK1W4rldAGvlGWuXYWF+FMRk4Axq1JhgTmJ1uAybzlMo6xuQqLJXM4aPHjiqtt/o6Y0hqYsuxLVJ0yUp6z55ruVuqTd93/3ulF1RYfxBf0x8MRBD48FwH1hp4vg+jFQbDPs5trKE/6CNNYyg1SgkxzuC6zuiJSRdEHCU/BOkcnit5u9VwymEJHFCNWi2cmPRYUTtF+DUofjrb5QRfMqDf/t3fyW+55TY7jBPthWURJ2k1TRMYa1Cv1+AIAaMUjDUwRsEYDaVGQTPOOKR0ceONt+Od978HrhtA5dko08GBSjlEtVJFuVL1p6amWLM15dbrdY+Nd7IXmnpvIkbtbok47hyg//unD7vTszNJUCqxSrUOpRSyJAEjjGJADLBkz/s+DAJU2CAuBIKgggcf/Hl87G99Anv37kO1UgGgEfgewjCEsQZambrrl3DvvT9TrdbqAeecbZmDmPCHnInM685L0FS7bRut1ubU9DSfmZ2t+35Yn56dR6lUBghoNVvwHQ9hUIIQEp7njnyiIk4Ulsq44aabMLewgIVde5DlGlJItJoNMLIw1sKAKdcPsb7RGdRrDTLG2Iukr9iWhOK2+EKX7AcduOsuM4ii1uLZRSOkwNTUFGVZBs/zIR0fjEn0egPkxgBkoXUGISUsiZEGtQbra+uo11uIohjS8cBIw3MdQOdI4xiVep3KlRqCUklwyY0jHa602gqJJrYYV09eLE0zx2jNGRAuLS1dFwSB4zgOXC+ANQxxlCIMSkh6m7DWQukcQVBCKQyQ5QrD4RBf/PzDaE1N4diRw/AcgWqpBKMUKuUQEDPkuO76/Pw8TbXbTpKmqSVLF4FDW+BcHYCyLLPG2ODU6TMzZ86evUm6DgvCEGACjElkucbM7AwsBza7XWiTI46HkMKB5/kgUnjuuR/AGAMpOchq1EseypUKGo0awiy0YbmcC+mwKInS2ZlZn+jK1VBdMqCV1VXa7HZvPXH82N2D/oCHoY/m1BS0JsztaqFUqUI6DjzXR6MxhROvHEeepbDWYhj1IbiA6+bQxsJYjXq5ikqpgjAsoVqvI09dHpZKkjPoaqXicc6YlJLleU4T2wk2YbXEdm5aLxlQp3Nu6tQrp8pxHAe1egN5FsP3A/R6fQShj/bMNKwFtCVw14e7uAgQ4LgeZudmcPTIi1B5Ds/zwLmD2elZLOzag/n5OTBOcKVgmkyrP+gv1ltTwnN9aa2l1zE4YrshXRKg//YfP8O+98R3ar1e//ZqreYCFu2ZGRhj4fsBlNIIwgC79uyG47oYDmIcPX4CjuMijiPsmt0N0hbLKyvw/QCe42Hfvltw6x23wfUcpMkA5TDEqVde9jrpBqba07Zaq4b2NUYMW3f3W60Z7YiZ/7XffMg7evL4r2Z5dsAYy0AA5xK+HxRqchTvmZ6ZRqVSRaM5hbvuvAthUMH83C50znWwb+/NENwB5w5uufVO3HzbnbjplttRb9QhxCg1BI6k0ZqCMdpJoshrtpruG9zWthZW/cSAfN9njuO8pznVfk97ds4ZDIY4deYMWq0mhJRQSkFIOQqQCQnuOgADbrzxJizMzWFuZg5plGBmehpcSOy97gbcdfcBXLf3ehAsoihCuVRGkqSYn9+tiQwE5wzGzEohZOFNX0yKtg3OJS8xIcT32632xyWX3zy7uDTfqNdHaeY0g+v5YOBgjCNXOVxXIoLGtdddi+FwgF6ng0a5isFgiN0Lu3D3/v2Ym5uB50sM4z6M0SAieJ6HLEtlr9dflNJxhRT5VKtVWlldjS4iNds+fmIJStOU0jTtLS6udqI4G+zbtw+z83NQepTWgbWvVhgYg+WlZaysLsEyjQNvuxt7b9iLvftuQLlSxp233Y6F+VmAWYAZpGkMLgXSNIPvB6jXa8kzzx48tLy2eirJ1dJmtxddKTN/yVuNU6dO3xbH0Z7du3aBYZRvBxFWVlaKchcNbS3iOEF/0Mfy0lkMhz0YrRAEHq7Zsxv777oT2igIDgwGfbDiXxCGYIwhLJejer3GXzp6ZL3VmqptdDayN5CebZWmSw8JGNTuffvbPuEI4XLO4fkelFbg4Gg22yDGwISA73uIhjE21jewtrQGV7poNOvYe8P1cDwHZ0+fxsrqKsIghHQkTK5BhhCEARzfWTdG01Sr5a6dWzv3/PPPb5pR2BUXyZGNaxcTbEPR+SVLUJald0eDQZhleZEplQiCEPO7doFLAelIAKN0j9UEMkCz1cL03AwaU02UKiVkaQLf99Dv9QFGsJaQZxkWz54FESVhqZTUKrX5A3ffc5PjOMx1Xf4GFmxbFfUlO4qtRj3ubfbsVGtKCCnAGIO1hOZUE1mWQ2uNc6sriKMEgnHML8xjbmEOtVoNfuCBQEiSGO3pabCiXJgxDsYFKpWKBqNVYzRaU1NuEidZvVYvRcOheQM4W3f1O5zVsPak4BhkaVYPK2VYY8GLshWVa1hj0J5uQyuLcrkC13PgBT6kK2Fh0e/3UCqXUa5W4ZdDRHECKQQc18H87vmNSr26OpbMQb+fDwaDlAsBq/XrOYrbWkN9yYA++KEPHrt7/4F/S2B/ozcc3CLEyLS70kHEALIWnhfC8zjACAwMlUoFnDMolWMQ9+H7HowZxX6kEIAleI6DerNxTumcwBgcx4HruN762nruui7Xr41Lb5WebVlml6yDHnroH2R37N//rJQO9zy/iBoyOJ4LYwyE4PB9H+VKGbVqFZVyBUEQwhiDXr+PJE2R5QpWawguIAQHkUWtUVsSkg8wSqKySqXsxXHMXClbWZbRj+FF76wnPR7PHTyo0jRrNlqNI57rJL7nIQxL0GpU34Oi3hBERTxIIY4jDKMhVK5grQUDQ5Zl4IxBMJ4HoXcsKAdnAMBxJECWXNfzKuVSzDiPiszqxQZtiQ/tPKA4S4JerzftB0HiSCeXQsJxHGR5BsfxADBYbZBnGYwZARoMh4iiGARAOu4oFe26cIQwpVp4xA/8DQDEhUCe5rCWEJZKvD0zO90b9PuvM3m6SDSRdhyQNqYZxUNjjTELe3a95HlubLSGyjI4UsAREmQJZAEhJVzXBYEBTBQxIAIVasMP/E0hRDS5VhzXBecc/X6/u76+vlkpVXyl1BtFFOmqkqBf/JVfOhu4/loYhnl7pn1sem72qVK5dNaSNWAo4jwcnDO4jgMCg1IaQrool6qQYgRNqVwTo3MggtYaXMoJQ2lBRBBSiEqlUvZcj7/BEiMA9Hu/8+nrrwpAX//C16SUjsMYJ8YE1RqNxbk9C9+97oa9j1aqlcNhGPTIGpJyVFrXHwxBGJXcSUdCOiJzXXa21qg8JyTvkhmliDjjEIyPaotAcD0XIDhpllK1VnXfxFFknPGbPvufPrt/54P2WSa5EEtKKy4dB7nWIAI5rptWauXT0hXrxKnCwNrJMGpzzqXnOaYUeh3GWSa5ux6EoeGcg4igrYHjuiCyMGTPh0y0ymGMTvq9XrS2tpa8iaPI/vCP//Cx9777vemOS9CDH30wZZznjuuZPM3AwEa+DAOBMWKcG9d1YjA6056qHZxuVw/OzjQOVmulU5VKuOJ6ntG5ejVvo/XIcgHgnI/jbmP3hhzHZRexYlsrX/GhD3yo+eAHHvzgjgP68899QSij25aMZZxhVNxCxBk/rxWEI4lG5Xjkuq5mjBEAjGNeRKP9l9Ea0nEvmCsRgYCxJDmr66uRFJK9jnk///pT/+53VxZXltY+9a8/5e8oID/w4TjOc3mWcy5GFWTjSbNRAhqjwrpR6EOICwMIjuPA0KjSymgDIcWrmpZGddQMDCrLSWkdG2Nslmf2dRT0ZK00pqdnem9/29tbOwroAw8+YNI0ZUKIPEtTMAYIIcDY5FMdhTwsERgvdgI0ljWClBIqz0dAJgByPirXs2TBOGPaKKrVasFFwq0XNfVLy0uraZbdt6OAAEAwbhhY19qiMMpYjOsLqAAkHQeO4xQ1eaNaexqdiYIQYlSWt2W1jBOEbAzYWHbs+LHOG9zKBYD+7kN/Zw2MHf/aV77BdxSQBdZ7/b4Y+TsjxTpOXTHGztsWxjm00sVy0nbMaCwpnF+Yyjq/xBiQZ5nNsiwr3qfX0T8X/L4wv8As2XKe51M7CiiOkqGUzoZSo4ICzjnIjkpf2PlbHoVR0zQFEWFjY2NzOBhGY7XuOA6E4wATq4fzUWzJWAuyxDa7mz1jLL2J5Jwfi0uLZHK1KBhv7CggKTjzPO+oVpqstSBrJ++WRvXSGkqpkU+jtV1eXtpYP7e2CSKrlR5JD9saahpZMM4YGGeUZTnf7HayN7mdC2Bt9nodbXSwo4DAmdronHvKgqy1o7jOJCFrDJRSI4/YdZHnef7Y1x47cfjFw0vGWkrT9LyETXp8RKPgGwAMB8O01+sN4ig2b2LBLjjUm2d5mqXK2VFAH/6FD5GQkgnBNwpLRNZa4pxbALBEJIUgz/fAhaCNzkb36JGXBivLy1Gv34sYY1BKQWs9sm6TYkAES4Q0TfXZxTOdN/F/xsWb5yGdOHlMCY6dVdIjf0akRulFAMS5IKMNcc6Jc2aJLAk5KoI31pjjx48tr6yupD/84TMbnY1OTzrSAgSlFKwxF0zZWgNrrdVGmx/+6Jl1bTT9GBJ0HtCn//2nrTKa/emf/Jmzo4Ae+MDPnvM8x4CIrDGQUlqylqyxxLkAL6xREkfR008/tZSmqV1ZXclOnX5lA4DxfA+Cc1j7qg9ojQEbvUerqyvnGOeMLl4c9HpLbKQDhRgKKYMdBQQAQjg5CBlAVGwniEAkBCfGORFAJ18+ufTEE985V2RnzZEjL633+v0BwCCkgLGj6CMDoFWRpSViZ8+e6WRZat4gigi8tgSPACBX+SBTmb/jgOIk/nyu8qdBIKM0hJCWMW6FkDRyB6Lo8ce//nJR/AStNR0+fLi7srK0QWTNqBJWwBhzXnrIWCilFGOMNjc38zexXBeNIs5OT6d33XHH9TsO6MDb9y/3h/1HLVFkiShPM5JCEOfcWmP1iRPHzzz55PfPTRZAnThxPDp06NBSnuc5GCPOORXLiBhjZMmi2+32lVLmxzDtF61PrJTLw1qt1t9xQIU72Iuj4cEsTZS1xkgpDQA7HA77X/ryF1/a3NxUkxOw1uKpp55cP3X61AoRWc5FsRvhMEpD5Sr77ne/c+RLX/7i6R8Djr0YpHvuOxDN7Zl94aoA9Ed/9Ae906dPfW4w6D/WHw5O50pt9HrdM88devb59bW1iHNOFzqDll5++eTw4MEfnR70B30wZqUUNs9z0kabldWVc49/8/GzK6sr6RvAGR8PV7jwnAYA4NCzh51Dz77wE6WBtr2xwDM/fIb+z+f+dzo7PXvqyPEjh+qNhsMZq/36r//aN1bXVomIXnPoTWtt4yhK9+27sdyebtcF54iiKO90OsPvP/m9I88dem4jy9LX23ONOzDEGDUXGOLCwgX8xicfuhlg+X/+7Geyv/iKuDyDFeFcH0AVwBSANoA6gBJGxwXOO8ycc2q3p/l73v2e2j33vG2m0WyWlhcXk+efP7Tx2NcfW+v1emSt3ZoMnDzUOwSwAWAdQKcAlWMbCsovJyCO0aGSCoBmAahZ/D4+bMJw4aG4+FP/5tO3nzh5YvmRRz6/1u/33CiKPLzaXGkS0tjnSQH0AJwrAHULadqWM2OXs0XX+BROWEhOG0ALQK2QLDkhCXmxLMZNSlQhZZXiCvHaI05U/F1UQFkvIPULaHo7cmOXsxvw2LJMtrBJCjhi4gGNl0k8ASgvpIzhtSd4JttRjJXz+DjmWEnb7ZrE5e7lurUsRU68povA6RU/0+Izjtc/4jT+v+P2OP3i9bbonisF6KI5q4vAGbe4GU8yKyY5hjq+JvXPuG/HGM4YrNpOCbrcDbfHSyHfIjnZxBLSeG0HqfGGc3yScCxB4/downpt7Ty1rb1er0RH8sluUTQBxNmyVMa9NyYnmeDV8/AoPncmII8lL8aF/YPw0wbITkx8DItvMdcaF3avoy1/pzA6tDspQfGEY7ituudKmPk3UthbO9lt3WhOdlUY90z08WonYExYrxSXqfvUlQa09Tu3dhh/vSNOk4d2xRbJ01skjy7XzV7N4y8iefjLCOgnkby3xlvjrfHTMf4fCZ7PHn5pLkcAAAAASUVORK5CYII=';ofly.src='data:application/octet-stream;base64,iVBORw0KGgoAAAANSUhEUgAAAEgAAABhCAYAAAB1Tue5AAAABmJLR0QA/wD/AP+gvaeTAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAB3RJTUUH1wQWBRYGsC36vQAAAB10RVh0Q29tbWVudABDcmVhdGVkIHdpdGggVGhlIEdJTVDvZCVuAAAgAElEQVR42u18eZAc133e966+59wDC+wusLs4SPCESAqkaCu2JVmiaUWOJVuxE8WJZFeqnErFTlxW4liJY0e2rJIqsWxJjh3bUVyKLlsUdUXiJYqkSIgkSJEgAQLYxeJYXHvNzs5MT1/vyB8zAzbXC2ABLCkkYVe9mj2qpl9//ft9v/sBr1+vX69fr1//n18PP3CfePSRh92rcW/8h3HTX/1nv+TOzc0N795189Fbdt/+a2dmTl6/afPmzwN48HWAAGip32yU+e3vPrbn/jOnzvzWybnFZNPwyO9ejRJEXusbbt+ypVr0/E/ITL5PK42+chlhFGdDm4afVFr9chyHk9/5/h6zyv7MDwMg9lrfcGRw6IOc8X/ZaLZIJlO0Wy0kWcaSJNtMCN56++7dxxv15WOO45DlZoMC6C38PwvQ2+588/Do0MZfrBYK2zizfpNxq9JOYiRSApSCMQGpNTzPHfBc/y0Lc7O3bh+fuP5Hdu8e/cH+Fw9390l+GJL0qqrYHTfs6ldav1lK+etKZ3dmmSSJNGx4eBT1xjLOzp4FpxScc0iZYfPmzSj6PuZnz4IRIPC8WW5Z32gm8R8/9fxzxwCkADIA+rUC6lWRoEatXp0+cHhoebn+36Mo+o1W2NoWxRHNsowSwtBsRwAhMFoDjEJpA6U0pNRoNptI4wiCAirLAkrILa7tukmW7m22w6QLzGsmRa+Kbi8uLvx7QvBgGLbf0WqHbpomMFrBFhyeYyHLUiRZCgNAKQ3bccGYAGUCXDiwhY2i56NUCCAYBdPyH9791rd9atv4RAmA1X2xrwk3sVeJiE8/9sgjv9BsNfoy2XnpJT9A4LqwLA+OX4BUGq4XQBtgYmIHSuUqbrzxZtz1k2/HielpFPwARhsUXBsF3xOO444U+qr3vnT4UGsFPZD/6wB64OGH5spBoaq1/HswhjDKwLkA5xaiVCFKJYwCiqUqwnaEJMnguB6azTqmj0zDcT0sLS2DMQLBCJQxoVcqvviOn3nX8lfuvfdEV3LIa+GmvGo3uGn7tdcKIf5HGIZ3SKXhuS7iuI1UanheAUGhjMGNI2hHbVAQVCtVnDwxiSQKEbbboMSgWCgiieOF+drCXxaqlcMvHT50AkDYXe3uirvknQJQ603gr+ob2H3Tzf8maocf00rRwHNQKniYq9WRZIDSFK04gSEUFAQ2I6gWHQz1FTDQV8bIljEMbByO7//u43/1jfvue7oLQNIFJOqCE+ZW1P2/XE+Q1i3UKJfLJQCmXq83en9zXPvxZmO57rl+VRqCI8fPQIHCcnwEpQoUbYAJgWq5D0ZJNOtzaKcE7ZRgdq6Geiy/+eieJ17oUoHd/RTdn53usrvPQXIWzlx1ADFKS5SyUQCP9/5WayZuCmGZjEAqhZakGN60GZVyHxZrNWSZhiEaxlAQZkNRH2eWEvRvGkQCZh797hNHBgc2BDKT7XYUpV0QeiBZ3dUDR3dVLK9m5qoh6UJQaHEm3uS63ky7HSaO5ZcZ4x+UytwupUKcpiAEkFJhqV5Ho9GA1gpSpmiFLSwv15CkCTKpUFtuwPNLZHBg6IZf+ifvu33DhkF77zPPTOZMe371wMlyjmQPpKvHioXt0NiOM9NYXt5uDJnvq1T+ReAH/zrLMub7BVBKkckUaRpDawVjDAjpvGipMmRZDEoAzhiUVFhYXESSpk4URewb3/ran4dhqHK8mQ87euDE3dXjoatLggAgitqJa7s7A8/9t8Wg+O4ojgeNIRCWjTiJkSRR98kIYAw4Z52nNQYwBoQQMEpBCIFSCsYAYdgmxWLhwOkzJ2srjIruApF0CbpH1nmivvr8oO1bJ+biKK3Yjnt3mqUBYxxSG8BoEGPAKIGGAacUlmWDCwEuBCihcF0PlAkAFFmWwRiDJI7p9q07BhcWZ/e3o3aSkxzVBSME0Oyudvdvar1Iet0BOnVmxv3xt7yFuX7wsy8dOFg0IKCEgjELhhCornpxLsC4AOccnFtwbBeUMgjLBiEMWksQQmBZNgLfq7TC5Sfr9aVGTnqyruS0ADRyAKXrCdC6ZxSjdmzHcfSrjmsNR3GEQlBGGLWhVNoBRxvAAFoppGmCLEvBmAAhtKs/MYRlgZAO1fRVq/BsF2mSZCvSHT0pynKO4rr6QK9KsFoqV+br9cb0/fc/QKRUqNdryNIEjFJQQkBI59mM0SAwYJSCUSDwHHDecWWSJIZSEoxRRFECzkW4VK81VnFuSY6o82vdAHpVYrETx2beOzU5eVuPaB3bgxA2sjSBVrJLxhyMcTAmICiBLSwIzkAo66Q/ZAoDAyEsBJ5npVk6X1tamDmP9cqHHOqqBugX3vsLN546eeq3sziuKKMhuIDrBkjTFFKm0EaBcw5KGRjjKARFDAwMYOPGITDKQQgFpRxxEsFoBUIoyuUS+Zl3v/OazaMjJ557/rn5HEgyF37EOR/o6ozmR0dHC4Lze2qLC9fZQpB2lEBYDhw3QBSH0EbBGA1LCAguUChUUCpV8RNvfRvu+ul3olIZRKsZIYpitKMQWin4XgDbFmbPnsceW1yc33/27NlwBQelOYCuXgm6956vimql8mtJmv58bX5RhFG7689o2LbT5ZWORFjCgmW7cB0fjFv4B+/5OWzbuRN9/QM4eOAQjNGIohBploAQBkswGC2tN+6+7Zpms/lSrVaLz+MkpuvpJK4rSReKwbYtY1t+nRHqJnGCSqkMLTMYLZFlMbTRAAEIIaCUgjEObQwoYzAg4FxAaXR+FhZczwOlDEYbMz93ZqpcDILpycn+wYGB4Zw3TbuWWHQ/6XpnKNYNoC1jW5a2bdu6ZNuiE1JkKRglIEYD2oBTAUIYCKHQpkO+jDNs3LgJflBEfamJJFXQAOJ2G5QwGEPBKIVSqnn48KFp17J4Gsf9OQtGu1rAu4utdyJt3QCybXtWa/2L83NznzUACp6LwHMhuICwLNi2A8dxQGAgpQShBEkSgzKKubkaHn9sD2bPzqNeryHpSpwxGq7nYkP/QGpzkSJLpjYO9m3OgUBWAWhdQeLrSNAGwHO7b7ltyXMdbBjoQxy1USoPIJUG4dIypMwASqG1xsLCLDizcfzYNKaPHEa12o+vf+0eHD8+ibBV7ziOBAiCoFUt2scby/NbDIzaMrol4JR6UutWLqLn3dSHyCX018UfWlcr9uHf+898fHzirrDZvGVs8yg9dvw4HMdHrV5HKlMEfgACDmNMJxiFwXJ9CUeOTOHEieN4af9zaLZqCMMGMpnCEhbarcbJ2dmTBwb6qkNRFOHW226zDxw8eKQZhq0VQWsv47iuHvW6AvSdhx/WH3j/B6wTx6bfW1tcoK1Wx5KdnZ8HYxyWsBEUirAsuwtSBilTyCzF4vwslEpACVApVUEIw9CGDZBZUpifO/vstonxoampSYSNZcd3Xf/k7OxkDgCVA6kHkLrqAPrnH3g/mT11+iNxs3Hd4YMHAUqQSYVUaygpkWYZojhCmmVIkwhSdpJoXFgQXEBpBSFscGaBUQqZJWg16xTGHPNsUcpkir5KSV2z45rg5NnZo60wjHImPQ9QPqI3VwVJA4DMZH/SDndlaYK+/iqqlXInWFIKSisolUGprtnXCpRQcG5hx44b8KY7fwyW5SJLE7SjNjKVYblRByGUjI6MVhzXxZbRzRjYMKQLhWL1nXfd/Ubf872cJbO6+em8yb+6gtVNG4bfdP31N3uu48Nxffieh8AP4DjOOd+HgMGYjo2hjMF1C7j77nfhff/0lzExsR3FQgFKp9AaMAawLI4NA4PXE1D4foBTp88abrvRHbvftGXj0JC7wpKJHFnT9fCL1hWgiYmtN7aarUqjFSKKYihlMDg4BJtb8BwPjHHYttWJubp5Is8PsO2aa7BxeBjDI5uRpBKUMtgWh+AMWhu02m1drlRACIWUCidmTkXtKCrefNOuPkLISktmrafjuG4AffVv7904Ojo6sbRUN6qb83FsF6VSBTKToCCA0ZAyAeMUhLIOQWiF+bl5NJebCMM2uLAhuAXOGBzbBiEEjUZTbt4yjjSJEUVtBIVAEUKyt//k2+8QQvR8nh5AvXKQtR4V2PWTIEK3nzpzZrfru4JQgjSNQQg9x5KplNBad/PSGr7ngjKGVquF//31e/HZ//kXmDx0AIJTFAIXRkkYI6GUNGE7fMroTqMDCIEGQDltDW8a9t6w6w2lnATZANzusnOqRn6oVuybX/2G1Wg2f/P48eN3ZUlMT8ycQH/fACjlqNeXMbswD9fzYYyBVCnSNIWSEoJzAAbz83M4MnUIWqdot5uIohC+70GmCXzPTaKk/XjBDzaWK1WMTUwgSVIMj4yQwC+WRzePyvsfuP+EMcbkInzZDWKzK/WJ1gWgN962+y6t9IfazZYXtpqI4xgjI5tBCMfc3ByaYRvjY1tRKpXRDFuA6WQU4ySCkhlgFNIsQTtqwSgFxjg814UQHJ5tUdt2jjiOWxkbn8DQhg3QWkMrDcd11dj4eLD3mb3TCwsL6Yo8UZoD6bJ9oitWsReefZFOjE/c2mq2/OX6EpRU2Dg0BC4saGPAhUCpWEa93oDrFWAJF5bloFCsYOd1NwAEyNIUFmewuIBtOaiUqigVSojjGFEUU6PMdk45GBXgwsLG4WEsLC7g9MkTmoIMvOvvv2t7zpr1eMjNlaUvW82uSII+9fH/Shph8xpj8K9mjh2dOPjSATKxdaJTrWACjeUm0jhDsdKPat8AduzYicmpqW5+KMF111wHzjmSNIPnF0CpBdcvYXhkM2qLS7BsgcH+DQCwXK0OJFu2jqNUKcO2Bfr6+/HM3qf12Ni43d/f509NTs7Nzs+1ViTzE7yybe+1laDJI1NDP3jmmT946cD+25XRxPM9VPr7wS0b/RuGsHHTMDw/wIbBjWi1M2wcncANN98Kymxs2jiC2kIN2yeuBaMCaaYxPLoN49vfgJt33QHLctBXGUCzGYJS1hqbmMCOnTsRlIrIMoWx8a2gnCOVWWtpYbH/hmuvvb1ULK5scLhix/GyAXIch5w4ffIfVSuVO8a2bBbNxjJ2Xn8DlNSglKFQDLBxZAR9AwNI0ghz83N44vtP4o47fwKOW8Tg4BDarTaGNmyAIRT9Axtx0xvuwPU37MLCwgKW6jX4fgGNZhNBENBNIyPwAg/lcgUAkEmJN73pR3D86LFobHxrfPOuXaUgCHqmXeQ86ytSsyuSoLe95W3P3P3T7/zME3uePJylGsPDo4jjGJ7jgnMLQTFAqVxGGLaRphEOH3wRjFHsvPEmMG5jfGwr0lSiWCjhR9/84ygWSwiXFzB5+EWkMkOSJiCEICgUg1KlDEIIbMeGY7toNVsYm9iK/QcPTH/sjz5+76bhUWdiYmt1FS5amQYhrwlAf/xfPmFff/1N14VR8oV9+w4ujk2MAzBQUsF2HTBOYVs2PN+DY1sg0AibC3jowa9j68QoPM/BzbfegqHhEey6cRcKnosTxw5iuX4Gc3OnQDlBO45QLpdRrVREUPCgtQahBExQpHEE27Zx1zt+qrD32Wfm973wwjM/euedY7nYLN9HdNlSdNkJs5/52XdLGNP80Id+Z2jb1vFdwyMjaDY6tT3X80AIhed5sG0LjuPCsR1kWYzJwwcwvGEARGcoFgsolysgRuPFl/ZDK4nJyUlQShDYPgIvgFUommKpnApLdJxOA5QqVczPziFshxgY2jD43ne/54ZCseBWqlVOKSVaa5oDyMvVzfI+kXlVATJGb6Ygu3duG7eF41IACMN2N73qglEOy3bBLAue76NcLiNKIqRJgjMzp1BwXJyeOYEgCFCrLeL0zAyWlutotdtwXR+u7UFwG6ViQKr9fdIA3XI04PkBLFHD0mIN49u2Fd7xjp+65cyp0+y6ndc727dt33vo8KHGCs/aW1H1WLPjeFkq9uz3nyFpnNx5+uTpgusHO0ulspMmCeJ2CCEECKXgXMAYAyE4yuUCyoUCLGGBEIqleh1JmuH0mbNYXq5j5sQJxFG7Ey8wBkoFCGWgMCiXS1H/QLU1O3tmIU2TDCAwxCCKIxx66QAYAds0MuIrpVWr0cxu3717cAUPeQD87uclq9plAXTDjTdyzvjA0SNHybZt21MDg8WFBUxNToExCqM1KGPY9/wLOHhoEn2DAxjo70MpKHRaXSwbfqUKwhnaUYT52TmMbBrByNAwLMsGYRyVUgnVakVu3T4x65cK2e/+3n966Ik9T7xgYGCUhpIKpVIZp06fDo02/sTWrcHycsPdfdvtY5RSmrNmPTVzu3zELyWAvSwVOzJ1ZEttcWl7X38fKgN94dz8fBgEQbBlbAy243ZCa8Zx4IWXoIiCF/jYumNbp4g4YyOjDIRRRHGE6anDGNkyCicIcPzYMRhCUQkCjI2OYPv28cVNYyOzgGbCstipUyeXCQDCGIZGRgClIJUycZLM+cUilpcbVl+les3tt+2e3PPU90+sSKSt9InWVKK+ZE/6Q7/577ylhdqvFEuloeEto8Tz/cT1vBnGGEuSpC8IAnDeqbn/4NnnUK6UsHXbBBzXhbAdCMbh2w6kUmg0lnF85hgoYQChmF9cQCUIsGXzCCa2bcXw2PBxz3cSQgjGx8e9HTt29Fcq1ZI2GhbnUJ14DGmaglAKy7KUjBP7xf0vnpo+fnQhV33Nd6LFlxKfXTJA93zhHjI8PHwLZWyo0t8HrQ1klmUyk6ON5Xqf6/uwhI1iuYTBDf2oVsuoVPtguw5c20WhUACjDEtLNbxwYD/aUQSZZij6AZgBNg4NYfPmzdgyPnraL7rzlDMQEDq8aWhDqVzxOWcwxoBSijhOUCqV0GqHsG0Htm1BcOGNDI+E337gvmNaa6wAKF+iXhNRXzIHtZN4tBG2t5WqFUipYLSG4zoYHBqctCw7ti0LjuNASQXXdcAtDm10R+GJhue7CAoBbMuCMQbNVohMSSwuLKJYKGBgoD8d3rxp0iu6M4RQUEKhtTK27dggBAYElDFQxqCVAmEMjDAYpSE700NhuVy5cWJ8Isg9I8upV74Cu74k/a0vf4OdPXP2xwyM7wUBtNYIwzZc14OwrMh13dQSFiwhkCQJGGMQ3IJRGlmadgAlBpZtwfU99A9sABce4kTC9334nptVB6vPV/sriyAwnTp+p+HTsl1a8IMARoPRTiKOcAbAwA98JEkCnUnYjiNt287ufvtP3VAqFgVe2Vtt4+Xe6jVZsksCqNFu/WiapbuLpSJkloESCsEF4YITrbXuGxw4IiwRd5ovI1BCYXHR7WDtmH7LssEEx4Gp45irheCWB2UENBgWFxef+9uvfOFewGQAAaOkK0EGrVaz3o7anWJh1x9ilEIbDcY7TEE5h1QSxXLZ2r59x47BgcFgFYDsXOhxUWt2SQBVi5UmpczxiwVIrZAkCSzbgjGGSCl130D/8UKptJ8LPk8oVR0JEmCUgxIC2+7kiJ4/cAjTx8+AMwuBX0C5XEZtabF1YOrAnmefe2Zx6sjkKUbpOSCM0Z2uEEJ7Xmo3y0uhZbelxrKQxjFkloFQxH2VvgJjXK8SelySFK2ZpL/zzYe4Yzvv7Bvs22w5FpRSUGkGL/CJMaD1pboAIAijKWFkSQg+D4pEScW1VpZlWSSVCgcOTuHRx/eCEQrBOQhkLWzVHpqa3vfZ02dnZrTW5qHvPHj8rW9920ixVPIoIVherkNrCdt1QLp91DAGWmkYAIwzMEqRpim44CCEKBgEfZWK9+jjj07lQot802c+HXvlflCcJGXLtnd6QWcYDgbgghMDQ5SSVGYZFZZgWitmjCGU0awdh7PSZHOMc1fYoi+qL/c9+fSzNA6XwyxLnm3GrYWzs9N7sixJ8hZFa22+9/j3Dv3ce36+qpWiff0DkFmGpdoiqtX+lzcvRKdTBABoh7yNBqTSYJaoM84lo4xIJfNloV7oEa2lArtmgIrFUskNPJdbAnGSIElTBIEPrTVRSlGtNQMBVUpRpRQNwxbhjKFQLSKK4kgbNTM9ffC+Z55+8HCjUW9prS7oh3zmM395eOPQkHfrLbe9oVgqQQhhCCWQWUa4ECCEgDOGLEnPqaLt2IiiCBwGnufya6/dee2O7TueOnDwwFJXnfLpWCfnE+kr4qCvffmbPM6StxeKRUdmEpSQbszFiDaaKqUooKmUihljKACSpRlxXe8cAgsLC43Pff6zL9bri3WtlVyLD/KFL37+kNJa9ljHth1EUWQoIYZQakAJDPQ5FqGMgYCCEYYsk5ntOOTWW24bzTVbiS4wvdDDuljosSaA/MDnjuOUXc+F0gppmoFzTrRWRKmOBEltmDGGaqVpFIbEcdxz8bcQQu/d+9Th6ekj7bUkCnrr6NHp8Nln9/6AEChKiKGUmsD3TZqmhhiAEmqMAci5dmnAsi2kWYZMSnieL7du27aJMUYukCe6YCJtTQDJLBsQljUGQmAMuv3LAh2uVDTLUma0oVprmiYJkVpDWOLc005OHjr2pb/54uRagUFu9utjH//oszMnZ04QQjVjTFmOo9M0NVmWGtKx+KZTRurac87PPamGzsZGt4xxxile2dO4Won68lWMU9Yf+D6XUoIQwBId066VpjLrcA6MZkpKGiUx8TyP9KqqSZIkn/vc/9o3NzebrAEcvaLXJ9Zah/fd9+0nGWeJsKyMC5FVqlWVJInuFgtBCDG9tkVCALDOY0mZScd1yW23vnFDrq+RrehI4xcqUV8UoG/c8y2igZuEbXOtNWQmwTgjWuvuUlRmkmVZRhuNBnUch4AQKC2JMVpPTU2e3PfCvsYagemVatroDKksA1j6+te/um96+sgjliUSzkUmLJGVKxXVboUmTVKDXijTUzMhYLSBVBqe5/ORkdFKDiC6SicIOx8WFwVISsWEsEqd7ngKQikY6/QPKqWolJJppWi7HVHX8wjjHD2RP33q9OyHP/y7e9rt8EKphR44PWAaAOoAagAWAMy32+3ZT3/6k1/T2pywbTvhjGecc1XuqyjX84zp9BebcyJCSTegJWCMyaHBoRJeOWefT4Nc0Gm8KECCM+77fmBggG6Pc9eZJUprqrSmUmvmeh5llBKtNNHGoNVqhX/75b95fnFxMbuA9OTBCXPAzAOY6wK0AGDx6aefOrX/xRc+J7iIGOOScSEpoZpQanrgdPUNhvTG9giU0aparQY5cFabexXnU7OLAmQohLBF0RjTcespISAgWne4RyrFtNHUGE200QQwkGkmpyYnTz799FO1NahWmpOcJQCL3VXr/t7oqlv46GOPvnT02PRfc8ZbFmeSUqYoIZqAGIAYSogBzLlmdW0MDIwulIo+6SW0Vw89xPki/ItLkGW5jPPAGAOlNRhjXedQE6MNMdoQLTXNMkmNMZBZph555OEXPvQffuv7FyHmfJ4mzKlWPQdKrxqRAMg+85m/Wv7gB3/j8aPHjtwDQluM0cxo3QXp5TCNdMMPYwyMMaZQKHiM8bx00BVSdN662cUBEsznlNqMdVpVKO16HUYRrSRNopi22yHppDOkeex7j+370z/79P40TfUapCc/Ndgbq+wdErAyXlIA1IED+6N//L5ffPD0mdMPccGlVFKFYajDZssAxBBCDOnOpRmlQSmF6zj24OCgcx41ExfKEV0wWG0sNpkx2EUYewNjnCip4DgOUVrTNElZo9HgYbstYAyngtHZs2fn//S/feoHZ86cvphJz4PT7FqrBl6eOb1gaSZNU0IpXdx57c6hcqU6xAVnBobGUUQ456TThE5IHCfgjIEzZrmO23rq6SfnVkhwbw/t7uffScVeUILSNKWU0JuIAdVKgTEGQgmUkiSKI0IopZ7nUmFZJInj6JOf+pMnpqYm22vwd2TOavWmlVeOM5kLgCs/+9m/nn/88e89mMl0kVKmHMdVruuaOI5NJz3SFQcDaKXlmTOno5U9cTmzf3medP/GviyM2k8SSqGkBueMaK1IFEWEUkYZY1RrQ8J2GH/l3i8/uW/fc401gKNyby7Mcc1ae5vPfcd//J0PvfTQdx78YiazRcaoEpatPM8zaZIYSogRloDWQL25XPd9j64AJ+8Xkcu2YoTRw8aYutEalmWjHbYJJZQwxogxhiRJnD7wwLef/tKXvnQ8TVOzBnAkXh6jbOakZ60nJrxiTuwPP/IHzz/88INfVlotU0YVY1xzYZkkyYwlLCNlhlptsV6v18NVJIjmCDsPEFkzQJQQopRkSmukaQqDzkEBSiuaJEn22GOP7v30pz91OI4jswZS7oHTm3VfTXrWVPnuuQhJkrQ/+ck/ee67Dz/8FZnJJmVMCcvSlFGTyRRZlpgwDNOvfv2rp88jPXxFMv8SPek0a9ZrtRkCDW0ULMsiWisis0zu2fP4Ex/96EdekFLiAqnL84GTl55LbbR8xXfWarXGxz7+0aee3vvUN5M4mmOUKmFZhoDoMAzbe5544iillKwiQfkGdL4aH1005frnf/Fn6pff/yt1TVAoFApDSmsatsPWA/ffd98ffvQjR5utZs9dXy0JnletBC8fAtDzdUJc/kkJ+fl5k2WZfuSRh88SQmbHtoxtVEphfmFu8RN/8kePlEol0Y6irNFoyPOAnOQyjK84ZW/NvTLP/WBf2bbdO1qtZuW++7594sO//3txHMd9AMrdBNTKtMFKi9ULPmtdgForMnqX04Waz/PY3SaF4tjY+FB/f/+Gs2fP2idPzpBVQokeOL19LXRDm8Xu7+eyjOQSN8O6mbgSgH4AgysAym8gb7HCHDhLePkYifUYW8pzSQ+kMoBK9zPoJsfEihfYm5hudoFZFaDLaV7In3Sw8jAjchFSXsk76zHTlb9X/kXmV/5IQXIeA7KqFPMr2IzMPaTqbsSs8FLjVcKIK1Wri+0rwerDvr2kPV2RZsk/y9/ZE7/ETeQ3kq6Il9h5eKexIpRY9+H/84AUrpCgHii9cnT+1Kr0fO157DL0fbV5dbbipuaPlusAAADUSURBVPGKCD1vsdZ18H8NFu68PlTOm2+u6GO8bIBWgpR/O2oFOPkgtHWZ/s6VgrOSL9UqoU7eYf070n0lHBR3v9x0b2jj5XHsfF65vc6kvNZ9ypWxW3dfvTa8/D7bK3qGLhug/A3TnOQkOTOqc5uJ8UM44jh3H7kiBkxyRG1WcNCqXWeXO2i22rEQNAeQXmHlXktwVgun8mOb+cRYXu1WNfVXMs9JVkkTkFUKgOaHCM759rpasXLVfZJ1uvlqDhiuAmDW8rxX2x5fv16/Xr9ev85d/wejd5v3TYN1MQAAAABJRU5ErkJggg==';ofly.onload=eval('var mv=setInterval(\'move()\',10);');fly.setAttribute('id','fly');fly.style.position='absolute;';fly.style.left='300';fly.style.top='100';body[0].appendChild(fly);var ang,s=2,xx,yy,cal,pi=3.1415926535,ala=true;function calma(){s=2;clearInterval(cal);}function move() {var x,y;x=(s*(Math.sin(ang)));y=(s*(Math.cos(ang)));ala=!ala;if(ala) fly.src=ifly.src;else fly.src=ofly.src;if(Math.round(100*Math.random())>96)ang+=ala?5:-5;if((xx+x>1024)||(xx+x<0)||(yy+y>800)||(yy+y<0)){ang=Math.round(360*Math.random());}else{xx+=x;yy+=y;}fly.style.left=xx+'px';fly.style.top=yy+'px';}function main(){ang=Math.round(360*Math.random());xx=620;yy=400;fly.onmouseover=function(){s=10;ang=Math.round(360*Math.random());clearInterval(cal);cal=setInterval('calma()',500);}}main();
trata de darle click :)
Nota: Como es usual, normalmente no funciona con IE

Codigo de Barras + Libras = Inseguro

[root@localhost ~] wc -w
1001

Traduccion: Esta imagen habla más que 1,000 palabras...

En los establecimientos comerciales de mi pais, la inmensa mayoria de los productos de precios variables por su peso especifican el mismo en el codigo de barra EAN-13. Todos sabemos lo facil que son de generar... esto es un potencial peligro para los propietarios de establecimientos... pero no parecen preocuparles cuando se les advierte... :(

Evadiendo Filtros de Contenido con URI data:

"Brinca la tablita, ya yo la brinque... brincala tu ahora que yo me canse." Este ejemplo te lo dice todo... intenta esto detrás de un Proxy que filtre archivos .EXE utilizando un browser decente (osea, no Internet Explorer, el cual, no soporta URI correctamente)... este ejemplo te permitirá bajar el Archi-Famoso nc.exe en la mayoria de implementaciones de squid, isa y surf-control. http://xenomuta.coolinc.info/ejemplo-data-uri.html Más info sobre el data URI scheme aki -> rfc2397 Crea tus propios data-urls con esta simple, pero exelente utilidad... Gracias Hixie por esta cocina URI: http://software.hixie.ch/utilities/cgi/data/data

Vulnerabilidades en freePBX 2.2.x

He tenido una semana algo ocupada, pero fructífera.

Como veran, he descubierto un par de vulnerabilidades en freePBX 2.2.x y seguro en versiones mas viejas también.

Estoy casi seguro que hay muchas muchas más, aun sigo buscando. ) muy faciles de explotar, y (gracias al Señor) de parchar también...

La primera consiste en una forma de causar una entrada arbitraria al log /var/log/asterisk/full el cual puede contener código HTML, JavaScript, o lo que sea. El fin es, que si un admin lee los logs via web con freePBX (anteriormente amportal) podrías ejecutar códigos de su lado. He logrado incluso apagar el servidor asterisk, crear extensiones, etc...

La segunda vulnerabilidad es más crítica, pero difícil de explotar ( ya que necesitas tener acceso al portal web ) aunque hay esperanza si se combina con la primera. Se trata de un mal-filtro de parametros a un llamado exec() en el código del php modulo Music-on-Hold.

Para mayor detalles, Prueba del Concepto y Parchos:

[Full-disclosure] freePBX 2.2.x's Music-on-hold Remote Code Execution Injection

[Full-disclosure] XSS in freePBX 2.2.x portal's Asterisk Log tool

Aprueban en .DO Ley contra delitos electrónicos

Buenos, mis hijos... tranquilito y cuidadito, niños... hagan un rm -fr /usr/local/nessus/. ... jejejejejejeje, pues el día mas esperado de mucha gente ha llegado.... Esperemos que se hallan tomado en cuentas cuestiones muy puntuales del asunto y que sepan diferenciar a un pentester de un delincuente. Aqui hay copias del proyecto (ojo, no es la version promulgada...)


Otros Links: http://www.diariolibre.com/app/article.aspx?id=101909 http://www.hoy.com.do/article.aspx?id=18584