From b1c354a6fba80152b431b2c30fe7074eb0ab8cca Mon Sep 17 00:00:00 2001
From: hrtowii <68852354+hrtowii@users.noreply.github.com>
Date: Wed, 17 Jul 2024 03:34:39 +0800
Subject: [PATCH] removed unnecessary files, progress in xpcproxyhook
---
Makefile | 40 +-
.../launchdshim/SpringBoardShim/Makefile | 18 -
.../SpringBoardEntsBedtime.plist | 1023 -----------------
.../SpringBoardHook/.gitignore | 3 -
.../SpringBoardShim/SpringBoardHook/Makefile | 16 -
.../SpringBoardHook/SpringBoardHook.plist | 1 -
.../SpringBoardShim/SpringBoardHook/Tweak.x | 198 ----
.../SpringBoardShim/SpringBoardHook/build.sh | 3 -
.../SpringBoardShim/SpringBoardHook/control | 9 -
.../launchdshim/SpringBoardShim/build.sh | 4 -
.../launchdshim/SpringBoardShim/main.m | 357 ------
.../springboardshimsignedinjected | Bin 178941 -> 0 bytes
.../launchdshim/SpringBoardShim/utils.h | 20 -
.../launchdshim/SpringBoardShim/utils.m | 138 ---
.../launchdshim/cfprefsdshim/cfprefsdshim.m | 6 +-
.../cfprefsdshim/cfprefsdshimsignedinjected | Bin 112637 -> 112685 bytes
.../launchdshim/generalhook}/MRUIents.plist | 0
.../launchdshim/generalhook/Makefile | 2 +-
.../SpringBoardEnts.plist | 0
.../launchdshim/generalhook/main.m | 40 +-
.../launchdshim/hideConfidentialText/Makefile | 15 -
.../hideConfidentialText/README.md | 6 -
.../launchdshim/hideConfidentialText/Tweak.x | 24 -
.../launchdshim/hideConfidentialText/build.sh | 2 -
.../launchdshim/hideConfidentialText/control | 9 -
.../hideconfidentialtext.plist | 1 -
.../launchdshim/launchdhook/main.m | 25 +-
.../launchdshim/xpcproxyhook/Makefile | 15 +
.../launchdshim/xpcproxyhook/build.sh | 1 +
.../launchdshim/xpcproxyhook/fishhook.c | 277 +++++
.../launchdshim/xpcproxyhook/fishhook.h | 76 ++
.../xpcproxyhook/xpcproxydents.plist | 28 +
.../launchdshim/xpcproxyhook/xpcproxyhook.m | 69 ++
RootHelperSample/main.m | 52 +-
Serotonin.xcodeproj/project.pbxproj | 20 +-
launchd | Bin 0 -> 12 bytes
36 files changed, 550 insertions(+), 1948 deletions(-)
delete mode 100644 RootHelperSample/launchdshim/SpringBoardShim/Makefile
delete mode 100644 RootHelperSample/launchdshim/SpringBoardShim/SpringBoardEntsBedtime.plist
delete mode 100644 RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/.gitignore
delete mode 100644 RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/Makefile
delete mode 100644 RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/SpringBoardHook.plist
delete mode 100644 RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/Tweak.x
delete mode 100755 RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/build.sh
delete mode 100644 RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/control
delete mode 100755 RootHelperSample/launchdshim/SpringBoardShim/build.sh
delete mode 100644 RootHelperSample/launchdshim/SpringBoardShim/main.m
delete mode 100755 RootHelperSample/launchdshim/SpringBoardShim/springboardshimsignedinjected
delete mode 100644 RootHelperSample/launchdshim/SpringBoardShim/utils.h
delete mode 100644 RootHelperSample/launchdshim/SpringBoardShim/utils.m
rename {usprebooter => RootHelperSample/launchdshim/generalhook}/MRUIents.plist (100%)
rename RootHelperSample/launchdshim/{SpringBoardShim => generalhook}/SpringBoardEnts.plist (100%)
delete mode 100644 RootHelperSample/launchdshim/hideConfidentialText/Makefile
delete mode 100644 RootHelperSample/launchdshim/hideConfidentialText/README.md
delete mode 100644 RootHelperSample/launchdshim/hideConfidentialText/Tweak.x
delete mode 100755 RootHelperSample/launchdshim/hideConfidentialText/build.sh
delete mode 100644 RootHelperSample/launchdshim/hideConfidentialText/control
delete mode 100644 RootHelperSample/launchdshim/hideConfidentialText/hideconfidentialtext.plist
create mode 100644 RootHelperSample/launchdshim/xpcproxyhook/Makefile
create mode 100755 RootHelperSample/launchdshim/xpcproxyhook/build.sh
create mode 100644 RootHelperSample/launchdshim/xpcproxyhook/fishhook.c
create mode 100644 RootHelperSample/launchdshim/xpcproxyhook/fishhook.h
create mode 100644 RootHelperSample/launchdshim/xpcproxyhook/xpcproxydents.plist
create mode 100644 RootHelperSample/launchdshim/xpcproxyhook/xpcproxyhook.m
create mode 100644 launchd
diff --git a/Makefile b/Makefile
index dcfedeb4..673c24c1 100644
--- a/Makefile
+++ b/Makefile
@@ -3,21 +3,17 @@ SHELL = /usr/bin/env bash
LDID = ldid
MACOSX_SYSROOT = $(shell xcrun -sdk macosx --show-sdk-path)
TARGET_SYSROOT = $(shell xcrun -sdk iphoneos --show-sdk-path)
-SB_SHIM = RootHelperSample/launchdshim/SpringBoardShim/
CFPREFSD_SHIM = RootHelperSample/launchdshim/cfprefsdshim/
+LDID = /Users/ibarahime/Downloads/ldid_macosx_arm64
+CTBYPASS = ./ChOma_host/output/tests/ct_bypass
all: Serotonin.tipa
shims:
echo "[*] Building cfprefsdshim"
$(MAKE) -C $(CFPREFSD_SHIM)
- /Users/ibarahime/Downloads/ldid_macosx_arm64 -S$(CFPREFSD_SHIM)ent.plist $(CFPREFSD_SHIM).theos/obj/debug/cfprefsdshim
- /Users/ibarahime/dev/ChOma/ct_bypass -i $(CFPREFSD_SHIM).theos/obj/debug/cfprefsdshim -r -o $(CFPREFSD_SHIM)cfprefsdshimsignedinjected
- echo "[*] Building springboardshim"
- $(MAKE) -C $(SB_SHIM)
- /Users/ibarahime/Downloads/ldid_macosx_arm64 -S$(SB_SHIM)SpringBoardEnts.plist $(SB_SHIM).theos/obj/debug/springboardshim
- /Users/ibarahime/dev/ChOma/ct_bypass -i $(SB_SHIM).theos/obj/debug/springboardshim -r -o $(SB_SHIM)springboardshimsignedinjected
-
+ $(LDID) -S$(CFPREFSD_SHIM)ent.plist $(CFPREFSD_SHIM).theos/obj/debug/cfprefsdshim
+ $(CTBYPASS) -i $(CFPREFSD_SHIM).theos/obj/debug/cfprefsdshim -r -o $(CFPREFSD_SHIM)cfprefsdshimsignedinjected
Serotonin.tipa: $(wildcard **/*.c **/*.m **/*.swift **/*.plist **/*.xml)
echo "[*] Building ChOma for host"
@@ -34,26 +30,22 @@ Serotonin.tipa: $(wildcard **/*.c **/*.m **/*.swift **/*.plist **/*.xml)
$(MAKE) -C RootHelperSample/launchdshim/launchdhook
echo "[*] Signing launchd hook"
- ./ChOma_host/output/tests/ct_bypass -i RootHelperSample/launchdshim/launchdhook/.theos/obj/debug/launchdhook.dylib -r -o RootHelperSample/launchdshim/launchdhook/launchdhooksigned.dylib
-
- echo "[*] Building SpringBoard Hook"
- $(MAKE) -C RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook
-
- echo "[*] Signing SB hook"
- ./ChOma_host/output/tests/ct_bypass -i RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/.theos/obj/debug/SpringBoardHook.dylib -r -o RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/springboardhooksigned.dylib
-
+ $(CTBYPASS) -i RootHelperSample/launchdshim/launchdhook/.theos/obj/debug/launchdhook.dylib -r -o RootHelperSample/launchdshim/launchdhook/launchdhooksigned.dylib
+
echo "[*] Building general hook"
$(MAKE) -C RootHelperSample/launchdshim/generalhook
echo "[*] Signing general hook"
- ./ChOma_host/output/tests/ct_bypass -i RootHelperSample/launchdshim/generalhook/.theos/obj/debug/generalhook.dylib -r -o RootHelperSample/launchdshim/generalhook/generalhook.dylib
+ $(CTBYPASS) -i RootHelperSample/launchdshim/generalhook/.theos/obj/debug/generalhook.dylib -r -o RootHelperSample/launchdshim/generalhook/generalhook.dylib
- echo "[*] Building hideconfidentiatext"
- $(MAKE) -C RootHelperSample/launchdshim/hideConfidentialText/
+ echo "[*] Building xpcproxyhook"
+ $(MAKE) -C RootHelperSample/launchdshim/xpcproxyhook
+ # ./RootHelperSample/launchdshim/xpcproxyhook/build.sh
+
+ echo "[*] Signing xpcproxyhook"
+ $(LDID) -SRootHelperSample/launchdshim/xpcproxyhook/.theos/obj/debug/xpcproxyhook.dylib
+ $(CTBYPASS) -i RootHelperSample/launchdshim/xpcproxyhook/.theos/obj/debug/xpcproxyhook.dylib -r -o RootHelperSample/launchdshim/xpcproxyhook/xpcproxyhook.dylib
- echo "[*] Signing hideconfidentialtext"
- ./ChOma_host/output/tests/ct_bypass -i RootHelperSample/launchdshim/hideConfidentialText/.theos/obj/debug/hideConfidentialText.dylib -r -o RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/hideConfidentialText.dylib
-
# jank workaround at best, can someone else please fix this weird file dependency? – bomberfish
echo "[*] Copying fastPathSign"
cp RootHelperSample/Exploits/fastPathSign/fastPathSign ChOma/output/ios/tests
@@ -70,10 +62,8 @@ Serotonin.tipa: $(wildcard **/*.c **/*.m **/*.swift **/*.plist **/*.xml)
rm -rf Payload/Serotonin.app/Frameworks
cp RootHelperSample/.theos/obj/debug/arm64/serotoninroothelper Payload/Serotonin.app/serotoninroothelper
install -m755 RootHelperSample/launchdshim/launchdhook/launchdhooksigned.dylib Payload/Serotonin.app/launchdhooksigned.dylib
- install -m755 RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/springboardhooksigned.dylib Payload/Serotonin.app/springboardhooksigned.dylib
install -m755 RootHelperSample/launchdshim/generalhook/generalhook.dylib Payload/Serotonin.app/generalhooksigned.dylib
- install -m755 RootHelperSample/launchdshim/hideConfidentialText/.theos/obj/debug/hideConfidentialText.dylib Payload/Serotonin.app/hideconfidentialtext.dylib
- cp RootHelperSample/launchdshim/hideConfidentialText/hideconfidentialtext.plist Payload/Serotonin.app/hideconfidentialtext.plist
+ install -m755 RootHelperSample/launchdshim/xpcproxyhook/xpcproxyhook.dylib Payload/Serotonin.app/xpcproxyhooksigned.dylib
$(LDID) -S./RootHelperSample/entitlements.plist -Cadhoc Payload/Serotonin.app/{fastPathSign,ldid,serotoninroothelper}
$(LDID) -Sent.plist -Cadhoc Payload/Serotonin.app/Serotonin
zip -vr9 Serotonin.tipa Payload/ -x "*.DS_Store"
diff --git a/RootHelperSample/launchdshim/SpringBoardShim/Makefile b/RootHelperSample/launchdshim/SpringBoardShim/Makefile
deleted file mode 100644
index 7824acb5..00000000
--- a/RootHelperSample/launchdshim/SpringBoardShim/Makefile
+++ /dev/null
@@ -1,18 +0,0 @@
-TARGET := iphone:clang:16.5
-ARCHS = arm64
-
-include $(THEOS)/makefiles/common.mk
-
-TOOL_NAME = springboardshim
-
-springboardshim_FILES = $(wildcard *.c) $(wildcard *.m)
-springboardshim_CFLAGS = -fobjc-arc -isystem -Wno-error
-springboardshim_LDFLAGS = -L./ -lbsm
-springboardshim_CODESIGN_FLAGS = -SSpringBoardEnts.plist
-#springboardshim_PRIVATE_FRAMEWORKS = SpringBoard SpringBoardServices Foundation // adding SpringBoard to privateframeworks here will add it into load command before the tweak dylib is loaded, which causes the platform check to fail - thanks DuyKhanhTran
-
-# EDIT THE LIBHOOKER TBD TO USE @loader_path/.jbroot/usr/lib/libhooker.dylib in $THEOS/vendor/lib/libhooker.tbd
-after-package::
- ct_bypass -i .theos/obj/debug/springboardshim -o springboardshimsigned
-
-include $(THEOS_MAKE_PATH)/tool.mk
diff --git a/RootHelperSample/launchdshim/SpringBoardShim/SpringBoardEntsBedtime.plist b/RootHelperSample/launchdshim/SpringBoardShim/SpringBoardEntsBedtime.plist
deleted file mode 100644
index 9753656f..00000000
--- a/RootHelperSample/launchdshim/SpringBoardShim/SpringBoardEntsBedtime.plist
+++ /dev/null
@@ -1,1023 +0,0 @@
-
-
-
-
-
- platform-application
-
- com.apple.private.security.container-required
-
- allow-obliterate-device
-
- application-identifier
- com.apple.springboard
- aps-connection-initiate
-
- backupd-connection-initiate
-
- checklessPersistentURLTranslation
-
- com.apple.BTServer.allowRestrictedServices
-
- com.apple.BTServer.programmaticPairing
-
- com.apple.CallHistory.sync.allow
-
- com.apple.CommCenter.StormBreaker
-
- com.apple.CommCenter.fine-grained
-
- spi
- preferences-reset
- voice
- identity
- phone
- carrier-settings
-
- com.apple.CompanionLink
-
- com.apple.Contacts.database-allow
-
- com.apple.CoreRoutine.LocationOfInterest
-
- com.apple.MobileInternetSharing.allow
-
- com.apple.ModeEntityScorer
-
- com.apple.Pasteboard.trusted-authentication-message-request
-
- com.apple.PerformanceTrace.Tracing
-
- com.apple.QuartzCore.cache-asynchronous
-
- com.apple.QuartzCore.debug
-
- com.apple.QuartzCore.displayable-context
-
- com.apple.QuartzCore.flipbook
-
- com.apple.QuartzCore.global-capture
-
- com.apple.QuartzCore.occlusion-override
-
- com.apple.QuartzCore.secure-capture
-
- com.apple.QuartzCore.secure-mode
-
- com.apple.QuartzCore.system-layers
-
- com.apple.SystemConfiguration.SCDynamicStore-write-access
-
- com.apple.SystemConfiguration.SCPreferences-write-access
-
- com.apple.AutoWake.xml
- preferences.plist
- com.apple.radios.plist
-
- com.apple.TapToRadarKit.service-access
-
- com.apple.abm.helper.mobile.allow
-
- com.apple.accounts.appleaccount.fullaccess
-
- com.apple.assistant.announcement_state
-
- com.apple.assistant.client
-
- com.apple.assistant.settings
-
- com.apple.authkit.client.private
-
- com.apple.authkit.writer.internal
-
- com.apple.avfoundation.allow-identifying-output-device-details
-
- com.apple.avfoundation.allow-still-image-capture-shutter-sound-manipulation
-
- com.apple.avfoundation.allow-system-wide-context
-
- com.apple.avfoundation.allows-access-to-device-list
-
- com.apple.avfoundation.allows-set-output-device
-
- com.apple.backboard.client
-
- com.apple.backboard.display.archive
-
- com.apple.backboard.displaybrightness
-
- com.apple.backboardd.cancelsTouchesInHostedContent
-
- com.apple.backboardd.displayArrangement
-
- com.apple.backboardd.eventAuthenticationVerification
-
- com.apple.backboardd.global-pointer-event-routing
-
- com.apple.backboardd.hostCanRequireTouchesFromHostedContent
-
- com.apple.backboardd.lastUserEventTime
-
- com.apple.backboardd.launchapplications
-
- com.apple.backboardd.pointerAutomation
-
- com.apple.backboardd.pointerRepositioning
-
- com.apple.backboardd.touchDeliveryObservation
-
- com.apple.backboardd.transferTouches
-
- com.apple.backboardd.virtualDisplay
-
- com.apple.bannerkit.post
-
- com.apple.biome.PublicStreamAccessService
-
- com.apple.bluetooth.system
-
- com.apple.bulletinboard
-
- com.apple.bulletinboard.dataprovider
-
- com.apple.bulletinboard.observer
-
- com.apple.bulletinboard.serverconduit
-
- com.apple.bulletinboard.settings
-
- com.apple.bulletinboard.systemstate
-
- com.apple.bulletinboard.utilities
-
- com.apple.cards.all-access
-
- com.apple.chronod.toolservices
-
- com.apple.chronoservices
-
- com.apple.coreaudio.CanRecordPastData
-
- com.apple.coreaudio.allow-amr-decode
-
- com.apple.coreaudio.allow-opus-codec
-
- com.apple.coreaudio.allow-speex-codec
-
- com.apple.coreduetd.allow
-
- com.apple.coreduetd.batterysaver.allow
-
- com.apple.coreduetd.context
-
- com.apple.coreduetd.knowledge
-
- com.apple.coremedia.allow-pre-wiring-pixel-buffers
-
- com.apple.coremedia.allow-protected-content-playback
-
- com.apple.coremedia.virtualdisplaysession
-
- com.apple.developer.extension-host.widget-extension
-
- com.apple.developer.homekit
-
- com.apple.developer.ubiquity-kvstore-identifier
- com.apple.springboard
- com.apple.duet.activityscheduler.allow
-
- com.apple.duet.expertcenter.consumer
-
- com.apple.extensionkit.host.extension-point-identifiers
-
- com.apple.SoundScapesViewServices.ViewService
-
- com.apple.fileprovider.acl-write
-
- com.apple.fileprovider.enumerate
-
- com.apple.fileprovider.fetch-url
-
- com.apple.frontboard.app-badge-value-access
-
- com.apple.frontboard.launchapplications
-
- com.apple.frontboard.shutdown
-
- com.apple.frontboardservices.display-layout-monitor
-
- com.apple.geoservices.navigation_info
-
- com.apple.homekit.private-spi-access
-
- com.apple.iapd.accessibility
-
- com.apple.icloud.findmydeviced.access
-
- com.apple.icloud.findmydeviced.findmydevice-user-agent.access
-
- com.apple.icloud.fmfd.access
-
- com.apple.icloud.searchpartyd.beaconmanager
-
- com.apple.idle-timer-services
-
- com.apple.imagent
-
- com.apple.imagent.av
-
- com.apple.imagent.chat
-
- com.apple.intents.extension.discovery
-
- com.apple.intents.uiextension.discovery
-
- com.apple.internal.seserviced.all.endpoints.and.cas
-
- com.apple.internal.seserviced.ptattestation
-
- com.apple.itunesstored.private
-
- com.apple.keystore.device
-
- com.apple.keystore.lockassertion
-
- com.apple.keystore.stash.access
-
- com.apple.launchservices.clearadvertisingid
-
- com.apple.localizationswitcher
-
- com.apple.locationd.activity
-
- com.apple.locationd.asmanager
-
- com.apple.locationd.authorizeapplications
-
- com.apple.locationd.effective_bundle
-
- com.apple.locationd.motion_alarms
-
- com.apple.locationd.place_inference
-
- com.apple.locationd.prompt_behavior
-
- com.apple.locationd.region_proxy_service
-
- com.apple.locationd.status
-
- com.apple.locationd.usage_oracle
-
- com.apple.locationd.vehicle_data
-
- com.apple.logind.client.entitlement
-
- com.apple.lsapplicationproxy.deviceidentifierforvendor
-
- com.apple.managedconfiguration.mdmd-access
-
- com.apple.managedconfiguration.profiled-access
-
- com.apple.mediaremote.ui-control
-
- com.apple.mediastream.mstreamd-access
-
- com.apple.messages.composeclient
-
- com.apple.mkb.usersession.info
-
- com.apple.mkb.usersession.loginwindow
-
- com.apple.mobile.deleted.AllowFreeSpace
-
- com.apple.mobile.keybagd.UserManager.logoutcritical
-
- com.apple.mobilemail.mailservices
-
- com.apple.multitasking.systemappassertions
-
- com.apple.multitasking.termination
-
- com.apple.nano.nanoregistry.generalaccess
-
- com.apple.nfcd.hwmanager
-
- com.apple.nfcd.radio.powertoggle
-
- com.apple.nfcd.seshat
-
- com.apple.nfcd.session.ecommerce
-
- com.apple.nfcd.session.fieldOperations
-
- com.apple.nfcd.session.peerpayment
-
- com.apple.nfcd.session.reader.internal
-
- com.apple.nfcd.session.se
-
- com.apple.nfcd.session.trust
-
- com.apple.nfcd.singleUser
-
- com.apple.notificationcenter.widgetcontrollerhascontent
-
- com.apple.osanalytics.otatasking-service-access
-
- com.apple.payment.configuration
-
- com.apple.payment.presentation
-
- com.apple.photos.bourgeoisie
-
- com.apple.pointerui.persistentlyHidePointer
-
- com.apple.pointerui.service-keep-alive-assertion
-
- com.apple.pointerui.set-system-cursor-interaction-context
-
- com.apple.posterboardservices.data-store
-
- com.apple.posterboardservices.data-store.accessSwitcherConfiguration
-
- com.apple.powerd.lowpowermode.allow
-
- com.apple.private.CallHistory.read
-
- com.apple.private.ClipServices
-
- com.apple.private.CoreAuthentication.SPI
-
- com.apple.private.InstallCoordination.allowed
-
- com.apple.private.MobileContainerManager.otherIdLookup
-
- com.apple.private.MobileGestalt.AllowedProtectedKeys
-
- InverseDeviceID
-
- com.apple.private.ReplayKitAngel.client
-
- com.apple.private.SafariServices.PasswordPicker.setRemoteAppProperties
-
- com.apple.private.ShazamKit
-
- com.apple.private.WebClips.read-write
-
- com.apple.private.accessories.showallconnections
-
- com.apple.private.accounts.allaccounts
-
- com.apple.private.activitykit.activityAuthorizer
-
- com.apple.private.activitykit.activityEnder
-
- com.apple.private.activitykit.alertPresenter
-
- com.apple.private.activitykit.assertionRequester
-
- com.apple.private.activitykit.listener
-
- com.apple.private.activitykit.presentationAssertionRequester
-
- com.apple.private.activitykit.prominenceObserver
-
- com.apple.private.airdrop.settings
-
- com.apple.private.appleaccount.app-hidden-from-icloud-settings
-
- com.apple.private.applecredentialmanager.allow
-
- com.apple.private.appstored
-
- Repair
- TestFlightFeedback
- StoreKitExternalNotification
- Update
-
- com.apple.private.assets.accessible-asset-types
-
- com.apple.MobileAsset.DuetExpertCenterAsset
-
- com.apple.private.attentionawareness
-
- com.apple.private.attentionawareness.poll
-
- com.apple.private.attribution.implicitly-assumed-identity
-
- type
- path
- value
- /System/Library/CoreServices/SpringBoard.app/SpringBoard
-
- com.apple.private.barcodesupport.allowNotifications
-
- com.apple.private.biome.read-only
-
- AppLaunch
- InferredMode
- Notification
- ScreenSharing
- HomeKitClientAccessoryControl
- HomeKitClientMediaAccessoryControl
- HomeKitClientActionSet
-
- com.apple.private.biome.read-write
-
- SiriUI
- Device.Display.Appearance
- Device.Display.AlwaysOn
- OSAnalytics.Hardware.Reliability
-
- com.apple.private.biome.realTimeSensorSession
-
- com.apple.private.bmk.allow
-
- com.apple.private.calendar.allow-suggestions
-
- com.apple.private.canGetAppLinkInfo
-
- com.apple.private.canModifyAppLinkPermissions
-
- com.apple.private.carkit
-
- com.apple.private.carkit.app
-
- com.apple.private.carkit.dnd
-
- com.apple.private.clouddocs.can-grant-access-to-document
-
- com.apple.private.contactsui
-
- com.apple.private.coordination.alarms
-
- com.apple.private.coordination.timers
-
- com.apple.private.coreaudio.borrowaudiosession.allow
-
- com.apple.private.coreaudio.mxsessionPropertyPipe
-
- com.apple.private.coremedia.interruptions.phonecallpriority.allow
-
- com.apple.private.corerecents
-
- com.apple.private.coreservices.canmaplsdatabase
-
- com.apple.private.coreservices.canopenactivity
-
- com.apple.private.coreservices.lsuseractivityd.bestappsuggestion
-
- com.apple.private.corespotlight.internal
-
- com.apple.private.corespotlight.search.internal
-
- com.apple.private.corewifi.internal
-
- com.apple.private.dmd.policy
-
- com.apple.private.donotdisturb.behavior.resolution.client-identifiers
-
- com.apple.springboard.SBBulletinSpokenObserverGateway
- com.apple.springboard.NCBulletinNotificationSource
-
- com.apple.private.donotdisturb.mode.assertion.client-identifiers
-
- com.apple.donotdisturb.control-center.module
- com.apple.springboard.donotdisturb.notifications
- com.apple.springboard.donotdisturb.hid
- com.apple.focus.activity-manager
-
- com.apple.private.donotdisturb.mode.assertion.user-requested.client-identifiers
-
- com.apple.donotdisturb.control-center.module
- com.apple.springboard.donotdisturb.notifications
- com.apple.springboard.donotdisturb.hid
- com.apple.focus.activity-manager
-
- com.apple.private.donotdisturb.modeconfiguration.modify.client-identifiers
-
- com.apple.focus.activity-manager
- com.apple.focussettingsui.activity-config
- com.apple.springboard.donotdisturb.notifications
- com.apple.springboard.NCModeManager
-
- com.apple.private.donotdisturb.modeconfiguration.request.client-identifiers
-
- com.apple.focus.activity-manager
- com.apple.focussettingsui.activity-config
- com.apple.springboard.donotdisturb.notifications
- com.apple.springboard.NCModeManager
- com.apple.proactive.AppPredictionClient
- com.apple.springboard.focusappconfigurationcontextmonitor
-
- com.apple.private.donotdisturb.modeconfiguration.updates.client-identifiers
-
- com.apple.focus.activity-manager
- com.apple.focussettingsui.activity-config
- com.apple.springboard.donotdisturb.notifications
- com.apple.proactive.AppPredictionClient
- com.apple.springboard.SBIconController
- com.apple.springboard.NCModeManager
- com.apple.springboard.focusappconfigurationcontextmonitor
- com.apple.FocusSettings
-
- com.apple.private.donotdisturb.settings.request.client-identifiers
-
- com.apple.springboard.donotdisturb.notifications
- com.apple.donotdisturb.control-center.module
- com.apple.focus.activity-manager
- com.apple.springboard.SBIconController
- com.apple.proactive.AppPredictionClient
-
- com.apple.private.donotdisturb.settings.updates.client-identifiers
-
- com.apple.springboard.donotdisturb.notifications
-
- com.apple.private.donotdisturb.state.request.client-identifiers
-
- com.apple.springboard.SBIconController
- com.apple.springboard.SBDashBoardCombinedListViewController
- com.apple.donotdisturb.control-center.module
- com.apple.springboard.donotdisturb.notifications
- com.apple.springboard.donotdisturb.awdmetrics
- com.apple.springboard.dashboard.bedtime
- com.apple.accessibility.visual.alerts
- com.apple.springboard.donotdisturb.hid
- com.apple.springboard.SBDoNotDisturbMetric
- com.apple.focus.activity-manager
- com.apple.springboard.NCModeManager
- com.apple.springboard.dndstatemonitor
- com.apple.springboard.CoverSheetDiscoveryProvider
-
- com.apple.private.donotdisturb.state.updates.client-identifiers
-
- com.apple.springboard.SBIconController
- com.apple.springboard.SBDashBoardCombinedListViewController
- com.apple.donotdisturb.control-center.module
- com.apple.springboard.donotdisturb.notifications
- com.apple.springboard.donotdisturb.awdmetrics
- com.apple.springboard.dashboard.bedtime
- com.apple.accessibility.visual.alerts
- com.apple.springboard.donotdisturb.hid
- com.apple.springboard.SBDoNotDisturbMetric
- com.apple.focus.activity-manager
- com.apple.springboard.NCModeManager
- com.apple.springboard.dndstatemonitor
- com.apple.springboard.CoverSheetDiscoveryProvider
-
- com.apple.private.externalaccessory.showallaccessories
-
- com.apple.private.followup
-
- com.apple.private.game-center
-
- Account
- Games
-
- com.apple.private.game-center.bypass-authentication
-
- com.apple.private.healthkit
-
- com.apple.private.healthkit.feature-availability.read
-
- SleepCoaching
-
- com.apple.private.healthkit.read_authorization_override
-
- HKCategoryTypeIdentifierSleepAnalysis
-
- com.apple.private.healthkit.source_override
- com.apple.mobiletimer
- com.apple.private.healthkit.write_authorization_override
-
- HKCategoryTypeIdentifierSleepAnalysis
-
- com.apple.private.hid.client.event-dispatch
-
- com.apple.private.hid.client.service-protected
-
- com.apple.private.hid.manager.client
-
- com.apple.private.homekit
-
- com.apple.private.homekit.allow-secure-access
-
- com.apple.private.icfcallserver
-
- com.apple.private.ids.idsquery
-
- com.apple.private.ids.messaging
-
- com.apple.private.alloy.bulletinboard
- com.apple.private.alloy.donotdisturb
- com.apple.madrid
- com.apple.private.alloy.siri.phrasespotter
-
- com.apple.private.ids.messaging.urgent-priority
-
- com.apple.private.alloy.bulletinboard
- com.apple.private.alloy.donotdisturb
- com.apple.private.alloy.siri.phrasespotter
-
- com.apple.private.ids.registration-reset
-
- com.apple.private.imavcore.imavagent
-
- com.apple.private.imcore.imdpersistence.database-access
-
- com.apple.private.imcore.imremoteurlconnection
-
- com.apple.private.imcore.spi.database-access
-
- com.apple.private.in-app-payments
-
- com.apple.private.iokit.powersource-control
-
- com.apple.private.kernel.darkboot
-
- com.apple.private.kernel.jetsam
-
- com.apple.private.librarian.can-get-application-info
-
- com.apple.private.lockdown.finegrained-get
-
- NULL/ActivationState
- NULL/BrickState
- NULL/SBLockdownEverRegisteredKey
- com.apple.xcode.developerdomain/DeveloperStatus
- NULL/BuildExpireTime
-
- com.apple.private.lockdown.finegrained-remove
-
- com.apple.mobile.iTunes.store/AppleID
- com.apple.mobile.data_sync/Contacts
- com.apple.mobile.data_sync/Calendars
- com.apple.mobile.data_sync/Bookmarks
- com.apple.mobile.data_sync/Mail Accounts
-
- com.apple.private.mediaexperience.allowemergencyalertpriority
-
- com.apple.private.mediasafetynet.exception.notificationappex
-
- com.apple.private.mis.online_auth_agent
-
- com.apple.private.mobileinstall.allowedSPI
-
- UninstallForLaunchServices
- SetCapabilities
- Lookup
-
- com.apple.private.mobilesafari.searchengine
-
- com.apple.private.mobilestoredemo.enabledemo
-
- Manage
-
- com.apple.private.mobiletimerd
-
- com.apple.private.nearbyinteraction.system-shutdown
-
- com.apple.private.network.socket-delegate
-
- com.apple.private.networkextension.configuration
-
- com.apple.private.persona.read
-
- com.apple.private.photos.service.demo
-
- com.apple.private.photos.service.multilibrary
-
- com.apple.private.ppm.superclient
-
- com.apple.private.replay-kit
-
- com.apple.private.rtcreportingd
-
- com.apple.private.screen-time
-
- com.apple.private.security.container-manager
-
- com.apple.private.security.storage.AppDataContainers
-
- com.apple.private.security.storage.Calendar
-
- com.apple.private.security.storage.Photos
-
- com.apple.private.security.storage.clipserviced
-
- com.apple.private.security.storage.familycircled
-
- com.apple.private.security.storage.triald
-
- com.apple.private.sessionkit.alertPresenter
-
- com.apple.private.sessionkit.assertionRequester
-
- com.apple.private.sessionkit.custom-platter-target
-
- com.apple.private.sessionkit.listener
-
- com.apple.private.sessionkit.permitMultipleProcessInputs
-
- com.apple.private.sessionkit.presentationAssertionRequester
-
- com.apple.private.sessionkit.prominenceObserver
-
- com.apple.private.sessionkit.sessionFinisher
-
- com.apple.private.sessionkit.sessionRequest
-
- com.apple.private.sharing.unlock-manager
-
- com.apple.private.shazamkit.allow-external-audio-recording
-
- com.apple.private.shazamkit.allow-internal-audio-recording
-
- com.apple.private.sleepd
-
- com.apple.private.suggestions.contacts
-
- com.apple.private.suggestions.events
-
- com.apple.private.system-keychain
-
- com.apple.private.tcc.allow
-
- kTCCServiceAddressBook
- kTCCServiceCalendar
- kTCCServiceReminders
- kTCCServicePhotos
- kTCCServicePhotosAdd
- kTCCServiceMediaLibrary
- kTCCServiceMicrophone
- kTCCServiceCamera
- kTCCServiceWillow
- kTCCServiceFaceID
- kTCCServiceBluetoothAlways
-
- com.apple.private.tcc.manager.access.read
-
- kTCCServiceFocusStatus
-
- com.apple.private.tipsd.discoverability
-
- com.apple.private.tty.settings
-
- com.apple.private.ubiquity-kvstore-access
-
- com.apple.weather
- com.apple.stocks
- com.apple.backboardd
- com.apple.Accessibility
- com.apple.Accessibility.SwitchControl
- com.apple.Accessibility.TouchAccommodations
- com.apple.AssistiveTouch
- com.apple.HearingAids
- com.apple.SpeakSelection
- com.apple.VoiceOverTouch
- com.apple.ZoomTouch
-
- com.apple.private.usernotifications.bundle-identifiers
-
- com.apple.donotdisturb
- com.apple.mobiletimer
- com.apple.usernotifications.example
-
- com.apple.private.usernotifications.settings
-
- read
-
- com.apple.private.vfs.allow-low-space-writes
-
- com.apple.private.vfs.open-by-id
-
- com.apple.private.wallpaperkit.service.migration
-
- com.apple.private.xpc.launchd.app-server
-
- com.apple.proactive.ActionPrediction.predictions
-
- com.apple.proactive.AppPrediction.predictions
-
- com.apple.proactive.DefaultWidgetSuggester
-
- com.apple.proactive.NotificationDigest.xpc
-
- com.apple.proactive.ProactiveSuggestionClientModel.xpc
-
- com.apple.proactive.SuggestedPages
-
- com.apple.proactive.UserEducationSuggestion.server-listener.xpc
-
- com.apple.proactive.appDirectory
-
- com.apple.proactive.eventtracker
-
- com.apple.proactive.hero.AppPrediction.predictions
-
- com.apple.proactive.infoSuggestion.xpc
-
- com.apple.purplebuddy.budd.access
-
- com.apple.remotenotification.access
-
- com.apple.remotenotification.preferences
-
- com.apple.rootless.storage.com.apple.MobileAsset.DuetExpertCenterAsset
-
- com.apple.rootless.storage.coreduet_knowledge_store
-
- com.apple.rootless.storage.proactivepredictions
-
- com.apple.runningboard.hereditarygrantoriginator
-
- com.apple.runningboard.posterkit.host
-
- com.apple.runningboard.primitiveattribute
-
- com.apple.runningboard.process-state
-
- com.apple.runningboard.request.identity
-
- com.apple.runningboard.terminateprocess
-
- com.apple.runningboard.underlyingassertion
-
- com.apple.securebackupd.access
-
- com.apple.security.application-groups
-
- group.com.apple.weather
- group.com.apple.stocks
- com.apple.Home.group
-
- com.apple.security.enterprise-volume-access
-
- com.apple.security.exception.files.absolute-path.read-only
-
- /private/var/mobile/Library/Trial/NamespaceDescriptors/
- /private/var/mobile/Library/Trial/Treatments/180/
-
- com.apple.security.exception.mach-lookup.global-name
-
- com.apple.sirittsd
- com.apple.proactive.UserEducationSuggestion.server-listener.xpc
- com.apple.Photos.MultiLibrary
- com.apple.abm.helper.mobile
- com.apple.siri.activation.service
- com.apple.springboard.SBRendererService
- com.apple.appstored.xpc
- com.apple.appstored.xpc.request
- com.apple.PointerUI.pointeruid.service-launching
- com.apple.proactive.appDirectory
- com.apple.CarPlayApp.service
- com.apple.sleepd.sleepserver
- com.apple.donotdisturb.service
- com.apple.coordination.alarms
- com.apple.coordination.timers
- com.apple.tipsd
- com.apple.ModeEntityScorer
- com.apple.proactive.NotificationDigest.xpc
- com.apple.assistant.announcement_state.service
- com.apple.icloud.searchpartyd.beaconmanager
- com.apple.server.bluetooth.general.xpc
- com.apple.powerd.smartpowernap
- com.apple.biomesyncd.realTimeSession
- com.apple.sessionservices
- aps-connection-initiate
- com.apple.mobileassetd.v2
- com.apple.HearingApp
-
- com.apple.security.exception.shared-preference.read-only
-
- com.apple.appstored
- com.apple.itunesstored
- com.apple.suggestions
-
- com.apple.security.iokit-user-client-class
-
- IOUserClient
-
- com.apple.security.system-container
-
- com.apple.security.system-groups
-
- systemgroup.com.apple.sharedpclogging
- systemgroup.com.apple.regulatory_images
- systemgroup.com.apple.userimagecache
-
- com.apple.seld.tsmamnager
-
- com.apple.seserviced.key
-
- com.apple.seserviced.kmlXpcService
-
- com.apple.sharing.Client
-
- com.apple.sharing.CoordinatedAlerts
-
- com.apple.sharing.Diagnostics
-
- com.apple.sharing.Session
-
- com.apple.siri.VoiceShortcuts.xpc
-
- com.apple.siri.activation.assertion
-
- com.apple.siri.activation.button-event.listener
-
- com.apple.siri.activation.service
-
- com.apple.siri.client_lite
-
- com.apple.siri.external_request
-
- com.apple.sos.trigger
-
- com.apple.soundscapes.picker
-
- com.apple.splashboard.launch-image-capture
-
- com.apple.springboard-ui.client
-
- com.apple.springboard.activateRemoteAlert
-
- com.apple.springboard.activateawayviewplugins
-
- com.apple.springboard.allowallcallurls
-
- com.apple.springboard.application-removability.proxy
-
- com.apple.springboard.display-lookup
-
- com.apple.springboard.lockScreenContentAssertion
-
- com.apple.springboard.multiwindow.triggerShowAllWindows
-
- com.apple.springboard.opensensitiveurl
-
- com.apple.springboard.openurlswhenlocked
-
- com.apple.springboard.setbadgestring
-
- com.apple.springboard.shortcutitems.fullaccess
-
- com.apple.springboard.statusbarstyleoverrides
-
- com.apple.springboard.statusbarstyleoverrides.coordinator
-
- UIStatusBarStyleOverrideAutoAirPlayReady
- UIStatusBarStyleOverrideAutoAirPlayPlaying
-
- com.apple.symptom_analytics.query
-
- com.apple.symptom_analytics.refresh
-
- com.apple.symptoms.NetworkOfInterest
-
- com.apple.telephonyutilities.callservicesd
-
- access-calls
- modify-calls
- access-call-providers
- access-moments
-
- com.apple.timed
-
- com.apple.trial.client
-
- 962
-
- com.apple.tzlink.allow
-
- com.apple.ui-services-discovery
-
- com.apple.videoconference.allow-conferencing
-
- com.apple.visualvoicemail.client
-
- com.apple.voiceservices.tts.customvoice
-
- com.apple.voicetrigger.voicetriggerservice
-
- com.apple.wallet.banner
-
- com.apple.watchlist.private
-
- com.apple.wifi.manager-access
-
- com.apple.wipedevice
-
- fairplay-client
- 1172857363
- get-task-allow
-
- keychain-access-groups
-
- apple
- com.apple.preferences
-
- vm-pressure-level
-
-
-
diff --git a/RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/.gitignore b/RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/.gitignore
deleted file mode 100644
index faf8687f..00000000
--- a/RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/.gitignore
+++ /dev/null
@@ -1,3 +0,0 @@
-.theos/
-packages/
-.DS_Store
diff --git a/RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/Makefile b/RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/Makefile
deleted file mode 100644
index 24bd6f6c..00000000
--- a/RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/Makefile
+++ /dev/null
@@ -1,16 +0,0 @@
-TARGET := iphone:clang:latest:15.0
-ARCHS = arm64
-THEOS_PACKAGE_SCHEME=roothide
-INSTALL_TARGET_PROCESSES = SpringBoard
-
-include $(THEOS)/makefiles/common.mk
-
-TWEAK_NAME = SpringBoardHook
-
-SpringBoardHook_FILES = Tweak.x
-SpringBoardHook_CFLAGS = -fobjc-arc -lbsm
-
-after-package::
- echo "[*] Signing SB hook"
- ct_bypass -i .theos/obj/debug/springboardhook.dylib -o springboardhooksigned.dylib
-include $(THEOS_MAKE_PATH)/tweak.mk
diff --git a/RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/SpringBoardHook.plist b/RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/SpringBoardHook.plist
deleted file mode 100644
index 10dc6547..00000000
--- a/RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/SpringBoardHook.plist
+++ /dev/null
@@ -1 +0,0 @@
-{ Filter = { Bundles = ( "com.apple.springboard" ); }; }
diff --git a/RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/Tweak.x b/RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/Tweak.x
deleted file mode 100644
index 14b63bf1..00000000
--- a/RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/Tweak.x
+++ /dev/null
@@ -1,198 +0,0 @@
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-
-#define POSIX_SPAWN_PERSONA_FLAGS_OVERRIDE 1
-
-int posix_spawnattr_set_persona_np(const posix_spawnattr_t* __restrict, uid_t, uint32_t);
-int posix_spawnattr_set_persona_uid_np(const posix_spawnattr_t* __restrict, uid_t);
-int posix_spawnattr_set_persona_gid_np(const posix_spawnattr_t* __restrict, uid_t);
-
-int fd_is_valid(int fd)
-{
- return fcntl(fd, F_GETFD) != -1 || errno != EBADF;
-}
-
-NSString* getNSStringFromFile(int fd)
-{
- NSMutableString* ms = [NSMutableString new];
- ssize_t num_read;
- char c;
- if(!fd_is_valid(fd)) return @"";
- while((num_read = read(fd, &c, sizeof(c))))
- {
- [ms appendString:[NSString stringWithFormat:@"%c", c]];
- if(c == '\n') break;
- }
- return ms.copy;
-}
-
-int spawnRoot(NSString* path, NSArray* args, NSString** stdOut, NSString** stdErr)
-{
- NSMutableArray* argsM = args.mutableCopy ?: [NSMutableArray new];
- [argsM insertObject:path.lastPathComponent atIndex:0];
-
- NSUInteger argCount = [argsM count];
- char **argsC = (char **)malloc((argCount + 1) * sizeof(char*));
-
- for (NSUInteger i = 0; i < argCount; i++)
- {
- argsC[i] = strdup([[argsM objectAtIndex:i] UTF8String]);
- }
- argsC[argCount] = NULL;
-
- posix_spawnattr_t attr;
- posix_spawnattr_init(&attr);
-
- posix_spawnattr_set_persona_np(&attr, 99, POSIX_SPAWN_PERSONA_FLAGS_OVERRIDE);
- posix_spawnattr_set_persona_uid_np(&attr, 0);
- posix_spawnattr_set_persona_gid_np(&attr, 0);
-
- posix_spawn_file_actions_t action;
- posix_spawn_file_actions_init(&action);
-
- int outErr[2];
- if(stdErr)
- {
- pipe(outErr);
- posix_spawn_file_actions_adddup2(&action, outErr[1], STDERR_FILENO);
- posix_spawn_file_actions_addclose(&action, outErr[0]);
- }
-
- int out[2];
- if(stdOut)
- {
- pipe(out);
- posix_spawn_file_actions_adddup2(&action, out[1], STDOUT_FILENO);
- posix_spawn_file_actions_addclose(&action, out[0]);
- }
-
- pid_t task_pid;
- int status = -200;
- int spawnError = posix_spawn(&task_pid, [path UTF8String], &action, &attr, (char* const*)argsC, NULL);
- posix_spawnattr_destroy(&attr);
- for (NSUInteger i = 0; i < argCount; i++)
- {
- free(argsC[i]);
- }
- free(argsC);
-
- if(spawnError != 0)
- {
- NSLog(@"posix_spawn error %d\n", spawnError);
- return spawnError;
- }
-
- do
- {
- if (waitpid(task_pid, &status, 0) != -1) {
- NSLog(@"Child status %d", WEXITSTATUS(status));
- } else
- {
- perror("waitpid");
- return -222;
- }
- } while (!WIFEXITED(status) && !WIFSIGNALED(status));
-
- if(stdOut)
- {
- close(out[1]);
- NSString* output = getNSStringFromFile(out[0]);
- *stdOut = output;
- }
-
- if(stdErr)
- {
- close(outErr[1]);
- NSString* errorOutput = getNSStringFromFile(outErr[0]);
- *stdErr = errorOutput;
- }
-
- return WEXITSTATUS(status);
-}
-
-%hook CSStatusTextView
-- (void)setInternalLegalText:(NSString *)string {
- %orig(@":troll:");
-}
-%end
-
-bool isarm64e(void) {
- int ptrAuthVal = 0;
- size_t len = sizeof(ptrAuthVal);
- assert(sysctlbyname("hw.optional.arm.FEAT_PAuth", &ptrAuthVal, &len, NULL, 0) != -1);
- if(ptrAuthVal != 0)
- return true;
- return false;
-}
-
-bool OpenedTweaks = false;
-bool os_variant_has_internal_content(const char* subsystem);
-%hookf(bool, os_variant_has_internal_content, const char* subsystem) {
- if (OpenedTweaks == false) {
- spawnRoot(jbroot(@"/basebin/bootstrapd"), @[@"daemon",@"-f"], nil, nil);
- if (isarm64e()) {
- dlopen(jbroot(@"/basebin/bootstrap.dylib").UTF8String, RTLD_GLOBAL | RTLD_NOW);
- } else {
- NSLog(@"[mineek's supporttweak] loading actual tweaks");
- NSString *tweakFolderPath = jbroot(@"/Library/MobileSubstrate/DynamicLibraries");
- NSFileManager *fileManager = [NSFileManager defaultManager];
- NSArray *tweakFolderContents = [fileManager contentsOfDirectoryAtPath:tweakFolderPath error:nil];
- for (NSString *tweak in tweakFolderContents) {
- if ([tweak hasSuffix:@".dylib"]) {
- NSString *tweakPath = [tweakFolderPath stringByAppendingPathComponent:tweak];
- NSString *plistPath = [tweakPath stringByReplacingOccurrencesOfString:@".dylib" withString:@".plist"];
- if ([fileManager fileExistsAtPath:plistPath]) {
- NSString *plistContents = [NSString stringWithContentsOfFile:plistPath encoding:NSUTF8StringEncoding error:nil];
- if ([plistContents containsString:@"com.apple.springboard"]) {
- NSLog(@"[mineek's supporttweak] loading tweak: %@", tweakPath);
- dispatch_async(dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0), ^{
- void *handle = dlopen([tweakPath UTF8String], RTLD_NOW);
- if (handle) {
- NSLog(@"[mineek's supporttweak] loaded tweak");
- } else {
- NSLog(@"[mineek's supporttweak] failed to load tweak");
- }
- });
- }
- }
- }
- }
- }
- OpenedTweaks = true;
- return true;
- } else {
- return true;
- }
-}
-
-#define CS_DEBUGGED 0x10000000
-int csops(pid_t pid, unsigned int ops, void *useraddr, size_t usersize);
-int fork();
-int ptrace(int, int, int, int);
-int isJITEnabled() {
- int flags;
- csops(getpid(), 0, &flags, sizeof(flags));
- return (flags & CS_DEBUGGED) != 0;
-}
-
-%ctor {
- if (!isJITEnabled()) {
- // Enable JIT
- int pid = fork();
- if (pid == 0) {
- ptrace(0, 0, 0, 0);
- exit(0);
- } else if (pid > 0) {
- while (wait(NULL) > 0) {
- usleep(1000);
- }
- }
- }
-}
diff --git a/RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/build.sh b/RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/build.sh
deleted file mode 100755
index 3fd2ed57..00000000
--- a/RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/build.sh
+++ /dev/null
@@ -1,3 +0,0 @@
-make
-ldid -S../../launchdentitlements.plist -Cadhoc .theos/obj/debug/SpringBoardHook.dylib
-/Users/ibarahime/ChOma/ct_bypass -i .theos/obj/debug/SpringBoardHook.dylib -r -o springboardhooksigned.dylib
\ No newline at end of file
diff --git a/RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/control b/RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/control
deleted file mode 100644
index fa001b44..00000000
--- a/RootHelperSample/launchdshim/SpringBoardShim/SpringBoardHook/control
+++ /dev/null
@@ -1,9 +0,0 @@
-Package: com.yourcompany.springboardhook
-Name: SpringBoardHook
-Version: 0.0.1
-Architecture: iphoneos-arm
-Description: An awesome MobileSubstrate tweak!
-Maintainer: LL
-Author: LL
-Section: Tweaks
-Depends: mobilesubstrate (>= 0.9.5000)
diff --git a/RootHelperSample/launchdshim/SpringBoardShim/build.sh b/RootHelperSample/launchdshim/SpringBoardShim/build.sh
deleted file mode 100755
index 1b3d6a21..00000000
--- a/RootHelperSample/launchdshim/SpringBoardShim/build.sh
+++ /dev/null
@@ -1,4 +0,0 @@
-make
-/Users/ibarahime/Downloads/ldid_macosx_arm64 -SSpringBoardEnts.plist springboardshiminjected
-/Users/ibarahime/dev/ChOma/ct_bypass -i springboardshiminjected -r -o springboardshimsignedinjected
-
diff --git a/RootHelperSample/launchdshim/SpringBoardShim/main.m b/RootHelperSample/launchdshim/SpringBoardShim/main.m
deleted file mode 100644
index e83ff39d..00000000
--- a/RootHelperSample/launchdshim/SpringBoardShim/main.m
+++ /dev/null
@@ -1,357 +0,0 @@
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#import
-#include
-#include
-#include
-#include
-#include "utils.h"
-#include
-#define JB_ROOT_PREFIX ".jbroot-"
-#define JB_RAND_LENGTH (sizeof(uint64_t)*sizeof(char)*2)
-
-int is_jbrand_value(uint64_t value)
-{
- uint8_t check = value>>8 ^ value >> 16 ^ value>>24 ^ value>>32 ^ value>>40 ^ value>>48 ^ value>>56;
- return check == (uint8_t)value;
-}
-
-int is_jbroot_name(const char* name)
-{
- if(strlen(name) != (sizeof(JB_ROOT_PREFIX)-1+JB_RAND_LENGTH))
- return 0;
-
- if(strncmp(name, JB_ROOT_PREFIX, sizeof(JB_ROOT_PREFIX)-1) != 0)
- return 0;
-
- char* endp=NULL;
- uint64_t value = strtoull(name+sizeof(JB_ROOT_PREFIX)-1, &endp, 16);
- if(!endp || *endp!='\0')
- return 0;
-
- if(!is_jbrand_value(value))
- return 0;
-
- return 1;
-}
-
-uint64_t resolve_jbrand_value(const char* name)
-{
- if(strlen(name) != (sizeof(JB_ROOT_PREFIX)-1+JB_RAND_LENGTH))
- return 0;
-
- if(strncmp(name, JB_ROOT_PREFIX, sizeof(JB_ROOT_PREFIX)-1) != 0)
- return 0;
-
- char* endp=NULL;
- uint64_t value = strtoull(name+sizeof(JB_ROOT_PREFIX)-1, &endp, 16);
- if(!endp || *endp!='\0')
- return 0;
-
- if(!is_jbrand_value(value))
- return 0;
-
- return value;
-}
-
-
-NSString* find_jbroot()
-{
- //jbroot path may change when re-randomize it
- NSString * jbroot = nil;
- NSArray *subItems = [[NSFileManager defaultManager] contentsOfDirectoryAtPath:@"/var/containers/Bundle/Application/" error:nil];
- for (NSString *subItem in subItems) {
- if (is_jbroot_name(subItem.UTF8String))
- {
- NSString* path = [@"/var/containers/Bundle/Application/" stringByAppendingPathComponent:subItem];
- jbroot = path;
- break;
- }
- }
- return jbroot;
-}
-
-NSString *jbroot(NSString *path)
-{
- NSString* jbroot = find_jbroot();
- return [jbroot stringByAppendingPathComponent:path];
-}
-#define POSIX_SPAWN_PERSONA_FLAGS_OVERRIDE 1
-
-int posix_spawnattr_set_persona_np(const posix_spawnattr_t* __restrict, uid_t, uint32_t);
-int posix_spawnattr_set_persona_uid_np(const posix_spawnattr_t* __restrict, uid_t);
-int posix_spawnattr_set_persona_gid_np(const posix_spawnattr_t* __restrict, uid_t);
-
-int fd_is_valid(int fd)
-{
- return fcntl(fd, F_GETFD) != -1 || errno != EBADF;
-}
-
-NSString* getNSStringFromFile(int fd)
-{
- NSMutableString* ms = [NSMutableString new];
- ssize_t num_read;
- char c;
- if(!fd_is_valid(fd)) return @"";
- while((num_read = read(fd, &c, sizeof(c))))
- {
- [ms appendString:[NSString stringWithFormat:@"%c", c]];
- if(c == '\n') break;
- }
- return ms.copy;
-}
-
-int spawnRoot(NSString* path, NSArray* args, NSString** stdOut, NSString** stdErr)
-{
- NSMutableArray* argsM = args.mutableCopy ?: [NSMutableArray new];
- [argsM insertObject:path.lastPathComponent atIndex:0];
-
- NSUInteger argCount = [argsM count];
- char **argsC = (char **)malloc((argCount + 1) * sizeof(char*));
-
- for (NSUInteger i = 0; i < argCount; i++)
- {
- argsC[i] = strdup([[argsM objectAtIndex:i] UTF8String]);
- }
- argsC[argCount] = NULL;
-
- posix_spawnattr_t attr;
- posix_spawnattr_init(&attr);
-
- posix_spawnattr_set_persona_np(&attr, 99, POSIX_SPAWN_PERSONA_FLAGS_OVERRIDE);
- posix_spawnattr_set_persona_uid_np(&attr, 0);
- posix_spawnattr_set_persona_gid_np(&attr, 0);
-
- posix_spawn_file_actions_t action;
- posix_spawn_file_actions_init(&action);
-
- int outErr[2];
- if(stdErr)
- {
- pipe(outErr);
- posix_spawn_file_actions_adddup2(&action, outErr[1], STDERR_FILENO);
- posix_spawn_file_actions_addclose(&action, outErr[0]);
- }
-
- int out[2];
- if(stdOut)
- {
- pipe(out);
- posix_spawn_file_actions_adddup2(&action, out[1], STDOUT_FILENO);
- posix_spawn_file_actions_addclose(&action, out[0]);
- }
-
- pid_t task_pid;
- int status = -200;
- int spawnError = posix_spawn(&task_pid, [path UTF8String], &action, &attr, (char* const*)argsC, NULL);
- posix_spawnattr_destroy(&attr);
- for (NSUInteger i = 0; i < argCount; i++)
- {
- free(argsC[i]);
- }
- free(argsC);
-
- if(spawnError != 0)
- {
- NSLog(@"posix_spawn error %d\n", spawnError);
- return spawnError;
- }
-
- do
- {
- if (waitpid(task_pid, &status, 0) != -1) {
- NSLog(@"Child status %d", WEXITSTATUS(status));
- } else
- {
- perror("waitpid");
- return -222;
- }
- } while (!WIFEXITED(status) && !WIFSIGNALED(status));
-
- if(stdOut)
- {
- close(out[1]);
- NSString* output = getNSStringFromFile(out[0]);
- *stdOut = output;
- }
-
- if(stdErr)
- {
- close(outErr[1]);
- NSString* errorOutput = getNSStringFromFile(outErr[0]);
- *stdErr = errorOutput;
- }
-
- return WEXITSTATUS(status);
-}
-
-@interface NSBundle(private)
-- (id)_cfBundle;
-@end
-
-@implementation NSBundle (Loaded)
-
-- (BOOL)isLoaded {
- return YES;
-}
-
-@end
-
-int (*orig_csops)(pid_t pid, unsigned int ops, void * useraddr, size_t usersize);
-int (*orig_csops_audittoken)(pid_t pid, unsigned int ops, void * useraddr, size_t usersize, audit_token_t * token);
-int csops_audittoken(pid_t pid, unsigned int ops, void * useraddr, size_t usersize, audit_token_t * token);
-int csops(pid_t pid, unsigned int ops, void *useraddr, size_t usersize);
-int ptrace(int, int, int, int);
-
-int hooked_csops(pid_t pid, unsigned int ops, void *useraddr, size_t usersize) {
- int result = orig_csops(pid, ops, useraddr, usersize);
- if (result != 0) return result;
- if (ops == 0) {
- *((uint32_t *)useraddr) |= 0x4000000;
- }
- return result;
-}
-
-void customLog(NSString *format, ...) {
- va_list args;
- va_start(args, format);
- NSString *message = [[NSString alloc] initWithFormat:format arguments:args];
- va_end(args);
- NSLog(@"%@", message);
- NSString *logPath = @"/var/mobile/sbhook.log";
- NSFileHandle *fileHandle = [NSFileHandle fileHandleForWritingAtPath:logPath];
- if (!fileHandle) {
- [[NSFileManager defaultManager] createFileAtPath:logPath contents:nil attributes:nil];
- fileHandle = [NSFileHandle fileHandleForWritingAtPath:logPath];
- }
- [fileHandle seekToEndOfFile];
- [fileHandle writeData:[[message stringByAppendingString:@"\n"] dataUsingEncoding:NSUTF8StringEncoding]];
- [fileHandle closeFile];
-}
-
-void load_tweaks(void) {
- unsetenv("DYLD_INSERT_LIBRARIES");
- customLog(@"springboard - loading tweaks for pid %d", getpid());
- customLog(@"[springboardhook] dlopening bootstrap.dylib...");
- customLog(@"jbroot: %@", jbroot(@"/"));
-// spawnRoot(jbroot(@"/basebin/bootstrapd"), @[@"daemon",@"-f"], nil, nil);
- dlopen(jbroot(@"/basebin/bootstrap.dylib").UTF8String, RTLD_GLOBAL | RTLD_NOW);
-}
-
-int hooked_csops_audittoken(pid_t pid, unsigned int ops, void * useraddr, size_t usersize, audit_token_t * token) {
- int result = orig_csops_audittoken(pid, ops, useraddr, usersize, token);
- if (result != 0) return result;
- if (ops == 0) {
- *((uint32_t *)useraddr) |= 0x4000000;
- }
- return result;
-}
-
-int (*SBSystemAppMain)(int argc, char *argv[], char *envp[], char* apple[]);
-
-static void overwriteMainCFBundle() {
- // Overwrite CFBundleGetMainBundle
- uint32_t *pc = (uint32_t *)CFBundleGetMainBundle;
- void **mainBundleAddr = 0;
- while (true) {
- uint64_t addr = aarch64_get_tbnz_jump_address(*pc, (uint64_t)pc);
- if (addr) {
- // adrp <- pc-1
- // tbnz <- pc
- // ...
- // ldr <- addr
- mainBundleAddr = (void **)aarch64_emulate_adrp_ldr(*(pc-1), *(uint32_t *)addr, (uint64_t)(pc-1));
- break;
- }
- ++pc;
- }
- assert(mainBundleAddr != NULL);
- *mainBundleAddr = (__bridge void *)NSBundle.mainBundle._cfBundle;
-}
-
-static void overwriteMainNSBundle(NSBundle *newBundle) {
- // Overwrite NSBundle.mainBundle
- // iOS 16: x19 is _MergedGlobals
- // iOS 17: x19 is _MergedGlobals+4
-
-// NSString *oldPath = NSBundle.mainBundle.executablePath;
- uint32_t *mainBundleImpl = (uint32_t *)method_getImplementation(class_getClassMethod(NSBundle.class, @selector(mainBundle)));
- for (int i = 0; i < 20; i++) {
- void **_MergedGlobals = (void **)aarch64_emulate_adrp_add(mainBundleImpl[i], mainBundleImpl[i+1], (uint64_t)&mainBundleImpl[i]);
- if (!_MergedGlobals) continue;
-
- // In iOS 17, adrp+add gives _MergedGlobals+4, so it uses ldur instruction instead of ldr
- if ((mainBundleImpl[i+4] & 0xFF000000) == 0xF8000000) {
- uint64_t ptr = (uint64_t)_MergedGlobals - 4;
- _MergedGlobals = (void **)ptr;
- }
-
- for (int mgIdx = 0; mgIdx < 20; mgIdx++) {
- if (_MergedGlobals[mgIdx] == (__bridge void *)NSBundle.mainBundle) {
- _MergedGlobals[mgIdx] = (__bridge void *)newBundle;
- break;
- }
- }
- }
-
-// assert(![NSBundle.mainBundle.executablePath isEqualToString:oldPath]);
-}
-
-int main(int argc, char *argv[], char *envp[], char* apple[]) {
- @autoreleasepool {
-
-// memorystatus_memlimit_properties_t props;
-// memset(&props, '\0', sizeof(props));
-// props.memlimit_active = -1;
-// props.memlimit_active_attr = MEMORYSTATUS_MEMLIMIT_ATTR_FATAL;
-// props.memlimit_inactive = -1;
-// props.memlimit_active_attr = MEMORYSTATUS_MEMLIMIT_ATTR_FATAL;
-// memorystatus_control(MEMORYSTATUS_CMD_SET_MEMLIMIT_PROPERTIES, getpid(), 0, &props, sizeof(props));
-
- if (argc > 1 && strcmp(argv[1], "--jit") == 0) {
-// NSLog(@"jit 1");
- ptrace(0, 0, 0, 0);
- exit(0);
- } else {
- pid_t pid;
- char *modified_argv[] = {argv[0], "--jit", NULL };
- int ret = posix_spawnp(&pid, argv[0], NULL, NULL, modified_argv, envp);
- if (ret == 0) {
-// NSLog(@"jit 2");
- waitpid(pid, NULL, WUNTRACED);
- ptrace(11, pid, 0, 0);
- kill(pid, SIGTERM);
- wait(NULL);
- }
- }
-
- NSString *bundlePath = @"/System/Library/CoreServices/SpringBoard.app";
- NSBundle *appBundle = [[NSBundle alloc] initWithPath:bundlePath];
-
- overwriteMainNSBundle(appBundle);
- overwriteMainCFBundle();
-
- NSMutableArray *objcArgv = NSProcessInfo.processInfo.arguments.mutableCopy;
- objcArgv[0] = appBundle.executablePath;
- [NSProcessInfo.processInfo performSelector:@selector(setArguments:) withObject:objcArgv];
- NSProcessInfo.processInfo.processName = appBundle.infoDictionary[@"CFBundleExecutable"];
- *_CFGetProgname() = NSProcessInfo.processInfo.processName.UTF8String;
-
- const struct LHFunctionHook hooks[] = {
- {(void *)csops, (void *)hooked_csops, (void *)&orig_csops, 0},
- {(void *)csops_audittoken, (void *)hooked_csops_audittoken, (void *)&orig_csops_audittoken, 0}
- };
- LHHookFunctions(hooks, 2);
- void *handle = dlopen("/System/Library/PrivateFrameworks/SpringBoard.framework/SpringBoard", RTLD_GLOBAL);
-// this needs to be done at a very specific time if not everything blows up
- load_tweaks();
- SBSystemAppMain = dlsym(handle, "SBSystemAppMain");
- return SBSystemAppMain(argc, argv, envp, apple);
- }
-}
diff --git a/RootHelperSample/launchdshim/SpringBoardShim/springboardshimsignedinjected b/RootHelperSample/launchdshim/SpringBoardShim/springboardshimsignedinjected
deleted file mode 100755
index ffb928f7f7f867be9c9409d424b54d06ae1cf3c6..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001
literal 178941
zcmeFa2UJr_^f!7EdQplf3W^9ykt#OCMlVVe5V1fAAwU$8m;@29pjfbr6+4Pzupo*G
zC<=mCQ9;FCks=7#E1&{z&&i2~;JyC8_ujYOTkAV#IhonBXYbkbn?2>sU~=pG+YVI>
zqhRn*A@qgdu8d*JF?~p3SU(8v5NI@C2RD})E`B~Jx9fuocg^ZXAw7L%ke&dSpn$Gy
zTt2C59!Ah|kd1;8!KTp!%=rR>fT){3dr@PAxchI(hwF=B3ZkM}d_lMN
zri6*~X%Y1!8esm{hel)Y1w0lzk|-f<-)=&mDq$3&B_AUDR~FG;Ml_wzXVYVt()xtq
zBKs5w2}Dai|Dq4I7pd#k-V=nrwS*v|C7=J$Cy3{E*Ebe`K>nvlC_%L3(_LRIJC4N;
zr?J=(94IK=US~pI8leQy(mEvdqjB*F44~1R9ReI^PCnlLqS28gvJ0~(N&}5Q_M!;&
zF$!pGs6(L9A~_Pn;$QVuiwA2`S3i*l9kvj}5BLd(4gMy6r0uI-BC^k(D1hj{_+5mg
z<4Nn&UrMx>01MIotq&g;47vax7TwybzpQJ&B3eoxg6-Es_%SPn9?3*qD{Y^Nls-fg
zrvB0)ndsWD5}abGegztT>_ri>5e3w*=n;=Eac79^67lfQ;;#LG0WH-|iNe41@tM&)
zW&})o()#QPefor-AX-u%*!3se@bQl{O6v=~)YU#jOX>sTr1UX3F)4ZMC
zPKh5$eT3O!7PK#n|9f`t-rjsdpLqNu!T-|tdp-2@@Sg1A>>(PhAVtCF5v*8jfhcZ2
zCyLRhn1kvVfniCahEp(K7<|JC+E<=}DS~4m-$HFnQKVoWA&%-t!J>L#m2L~gOjk_&?HTP{}tYN1&9$MXfu7%NX!7>~}2
zw{qpd>JrD{&EZ?Qa$?!xbODRQwu}(xN@V`l8`@3pHtaw2I&pZ+KkDwv_^sc%i++*E
z{OS{EV;Dci(wb3ggZ1=sZILPBVq7~^xyo8AN6Y(V?uJO3uI1n4tIM99!UY=q)r%`*K4*WMX
zP0*WKEJJ(HS&CJ*CsMQ8ld;rl6|AjV#lCH@0=7jl6#IzEreN4;_}^h#MWqAt%^*g6
zpl=W2DyLE@Nq1yXSqz&iT~;5;))-=`onU(-$Y6u8R4O&e?~^>XrCJ8^kp1vqCy^Y)
zcpaj=;xRyX(+B@APODnRzOAscb30z2LRZ^lfp3B(`3b>JWN&&YEx$d{F$>!FukCCG
zTe`I~d0^|G+Ibz7m2M}L{kL}J|KDjR=o7bd>7UvOeALcHz(ELUyq(Fk)-LUIlCS*9
z(avg5?3>jtBcE!5VH*{h2x}yx*Q$sm-Dxz&+KOcQw7LTiJ89oG1^TdEX26lzU~`?Z
zeOrx{eOt8|)@A^F$0Wtnegr=Z_>D5yk!mxft9Pp>YNHc1wR$)PK9S@{RZP0G0`k(6
zr?z@SjP%qF2VJAFwhRWfQkI%@M-OyWkHy+>J0_x7vZ1;c*Z_7Y$ziD`6zp}Q@jjguFu}0`zZc60TSPLQcwL|$}-TFnJyF9S`TH>SVZFn*_)n0twc80z&!94@nDSBz}RhubXIamtBHg!iLn;zZ^L!j
zx3wn*W&Pw#%j$HJPrW3EX>~eLV1AJWU!ML
zAYB9X3Z1aZMzAAYW+3zxt@Qx-`9uQ$VpImOtVO;E_8kDfhPrUpbjSj|qWL8mwNnoCQ&Q8N2IjjXpE+aSmWJD+*P8A`%YPyEG0+A5
zkJo|w7N(TC6fZXrFowP`!wM{k{z7v5S7Mb0&@Ycs85uN&MPsH+hVWCsKnU$c{)pFG
zVBdD+^K;uK87#F?M)?TTMT}*o)DCD9!kGiQP~YMhg3s1MUnl?%`Dh^UgdneIDr&d5
zkC6{O>+IAU=KnwwkzBTDK7)CV$XZt4Sb6U&5+Rrf0@-9j@mK}`I!hSCBStk1XJiYQ;M>3*5`h2y&<_KAvGrYT@nFX%&8+j`WSfF_4+jDhK&^8PH9IG_p^a
zJfpP{=EC&kS*_+oKlC7Yct40qq)0*s3Q(^jevmK
zT|L~sEh{;w^$3(Vi67cp31v`wkbYFR5bCQ3Ul5gn`oLyXF5Qq?S#5>2jR!r|Fn`ij
zll;JU{j3QZtrIoVumbRhEj82Z3s9MnkWP1^R_Z}4l$i;(i~3ARjFEI0yQutrr;vP9
zt{T=aN6@1RdDX`DZTn?H@+}~Z+n4+Y`3$Vm63Leai{xP~K{owF?T2+_e{yjC07Aa8
zZ<3}kxlcaoqjUn7VZcLk*FnG|-Je={0Bp#BcGkh%EeGv>3*~UkU|kYA^~wJMbP=qN
zB73HG>5nL)O+wI>1?waR>yi2|+oy`K1=&x4Z90^JwPK6VDKH-}!S_UEgnSm{HOeR*
zL1Wwm#0$d(|~+5E`?6L^JAdjkS*z@f%*Fx)JiJkAAoX-Xx@YMF6Ea^
zP|rfeUdjV7P06`KwEiil&IK9xo+m8~_J3HpO6nd|moDHXQI{W4moOQ0^}~2bKN@>Y
zqp^Z0VqGP8nu_fdyiGWNI9AX|jK^QHXwHRvWP9Uqd`?82;f$YU#UCf63{W8J$ej-DL)_MwXNr(LdT0gsv
zC6&}OP*&voDycgOIkf)bx-Ox;VMyyHkVot3F5ssp4*)&EqWKHjltRqCs6Jfgqy(S5wc0ZLp}?>4fPFZoeea?2Gt|XfPEAA
zAmTlR@^~Jk(VkDp03P^0TD$SRJ*JxaiO@MmY!CGBQn1CD$Y&Dy`1%CGa0{q7{9460Ke@xb5leWWhdHWPR?uxCeecn~TN;|$SL#rcL1KezGfKAm6lIqV5AIn?J^&LCmWRD>t!#K*Ne
zv9`dT#;DG?adQ;2dZr@(M*E>6
z7gEKI|f+8w|WYD`TcFn%+8I(oy#yUbC`KJ|;2kQ*36TO?Af;=?V
zt7YI_xRja->u6getS>Q82KnwBqAaQ_l8~QID71TRpco@$tPP+fZo
zo)7S9(OdvFRKt8#jOu`SV>INWIbtM=VV)Q+p##aUC*&tWJ}wJ;%~T@K4#}8dZ8ik2
z6w$_5n=8bP#(*Ef(G0CGSla-^v$Ai~g*d&GQYkvaz&;F0QbH*fOb*=Is-!Mp}5VkA;!nz5wH*DUu4^Bd{5E~E7*+kdf7|t
zO=+!7pr;x1p!Xg4YB+qJfODM!m=`r*eJ!Ylz56e$AWsO`okIJ0SnE)KZv&m;vkCkR
zR$}eI`_%({1Nx;1aL4r|)4*@+3-&_{`)e4BqITmL!u~qy*Zv*KU83b9OkkcY5JGt>
z-~?ash4&$R0ht!c1MFa49oX6oHX+QBo+i+P-Y3AHKA}CkJE0Tzdv%Reup?(slt!wf
z0h&9p9L6$@)IMMfvabd(6JxoEz;YVYiSp5zauaGV%yoVcXF+|)|4m>FjsqIaM|OxW
zxu;nT+PhAi8#X@~>Zc_)-#b;mkkVcs4gYQt_-FpepNDkGBJ;&ORUUXK5`cibZM{6ApWf1=Oz6~&j`F~S?
zqzCLn<-49AOYEm%{e?NRpayiqoLQh$or^G0R>Dqo#|Gx~{s>AP7tPtEqZNTlU5N!H|FVuzO3u{AX>F+ar
znC}Z}z$e7-C5>ia3+hY#-}W{VSi>0wv_W)^(^!O!f$zoB!pmFq0o#@R0nY-QmQx10
zkAI^T+?`n2k3oG6a&ytR5bMJCX=oor^d)>HvliG~&;(e6Zx`S`1GJ)-mcKX;%@xu%
zsEKXRfOl^2VI+&&fP4+*L4Tn<^ezuJXrh2@$MGt%AAXi+{@#XcgL6=P
zZk8A?NDpc!sss8C@z?yTul>c|;J?^AP{J0NSMp5(GgvzSBUmq_Y=VJ>)|Y(6A^Bkwki_M0$lpdbLD)y+nGGM0%S%Z_v{Dp7(7yh`v@a_M?cm50C{V#mazwmwk!VmZh
zKj=UCw+GF_`M3Y2|85To{R=<*FZ`&#@T332=l+E+_zQpjU-%3D!cY1Of7xI7DSzRw
z{R@BNU-(=8!cY4PfA?Sb>3`uL{0m?B?|ir$OM*QIRtCR^a2Wmwp{%L1llU593(RUB
zoo5B#M=zkW*i0VZ$`QV>IhtwZz~x4>;2YrKo13jLYzPD6a`>$IG(MLe$JS@^cpRSo
zkZ@(pDT);xuFn_H1+jd{z~bmE0hbky4Y3y~j^Tu{KpQ^{eaEq7G$#^M#+;{nI@3J7
z{ayS5Xr3O9ehz*fF8&ywi+(vFj6>&z>s#ofZ%hVKUl7Nn&*AGwKy{!N)i6_{AW|Bv
zA0Ex>Eqf7<{oZd=WmKYl(kvwWXycCi=EzJAGsjW)()~Gs9SHE2)B*g~e=^pxgIN
zqwkXTXY%H;7)-vEKW?8Rvd@yv|s?
zhb@td`8$ffSsL*7f*!#*^O(Fi9!tPPl(=<&e8jQ^qEE+o7dF(%1D|6@PGbq8{K2c3cJM{yAkDYKOM(=S
zi6Dg<2yNne?C1h8GAvfW1e@V2$LUk~pvQ&H;2=kWEM^2fHd^3CXTz@$@G$1DZbLR<
z2pV@f@_bhgZyMkYGDHO!`pE)k76Sna-);^hOMuLSf-!V~-LJOW{o>%Q1Pb+n4{kmf
z=fMtV&bPzhw>)qZoH#LD4jTZH=tL|=YU7sXNLR3&#EwZEUv%~
z<1%?LI%52p(KyI6a{@Rn>~Nn5
zyyu|%yIS3)KH&O_)FM?Njk|_pJUA?P1i*$`|EqO>;ESC`Bq)I-hWoiQbe$dMIBb-?
zwVkc#d;Q@(6+_>BZvp{5D2DS&^vJ@VNEW^9Gm?vbQfPO~?Jt!^tARVe$4=9RD
zQ$vBarec(0m=nw8F-oW^MqL1tWdMBLz9+nN1ZiV3h1wX#?Tg8p!yf`+`XFd65(bKV
zNCZd(NCZd(NCZd(NCZd(NCZd(NCZd(NCZd(NCZd(NCZd(NCZd(NCZd({*OgK9lv{p
zUvy0p-C3w7p?e5K!?gn*i++z!Sc8Z)iMSULqd!42se3(V|$7h~aO$a9W>;;qO!6QBN`;VnZSxOvFQo*ocUYiCA>sqn?C*
z{}#!k-#tdL84;Tku>}#s|GR}pJqa$X@z|P(hY>OQU1h|F--E{E5kw4szl_tPhPcgW*p7(D67e`9UVvXTsbj)RC_^95MIYnwlzNiT2PM?894Y<;oUfl$ChBnP
zP#DV4$3*yGm^A+y!NgW!w&sJnb`
z1~N<^qx_3~76f0^|J~)M5`0lVcjqr7_@Z&roxkBP^`{bik>7Wh&ms6Czw6F_PVhzJ
ztUG^xxTyUiKZbNM0R%+$zmsH&M1VwqM1VwqM1VwqM1VwqM1VwqM1VwqM1VwqM1Vwq
zM1VwqM1VwqM1VwqM1VwqM1VwqM1VwqM1VwqM1VwqM1VwqM1VwqM1VwqM1VwqM1Vwq
zM1VwqM1VwqM1VwqM1VwqM1VwqM1VwqM1VwqM1Vx#e**$S{Qvu^V-s=R>Pad1|Bnv+
zYfbh_hz}ES9ueOs;(8*MixkzPN5s}de1d4F
zJz~TE&vzhVM2RDg-?Ueh`*H
zxCr41gq{?PVh14r!ZHZEA-sfuQ8CJ32+mZDI-iQktblMGLNgVU>nnrFnLro?!4<-6
z2#X->gis9O4ulU7Fj-7a6@nfF8we91ctZ$*z=p5@!deKsAyh;74#8FqlXHd;0AUM+
zbO?7KbU<*G$K(Pb?1k_W!Z!%A3YeTa1U(3r5bP8%`AHB*Lr74-WcDgx)LIDYiWt=$
z!ZJln<`l$lAQ&iNGBcD!K+!m1vl+A)exyH>9gfjrn1U!yI4zPX@QC3?Gh>)+0bRi2
zurX0NdaQuMV@5OSe5Nml6Yb04c4zo81+hGKAU!&kNiYeC?nQAOvHU2E#)zi#`KVea
zl<>l>_$4i%v&07Qn22!rZH8EBbTo(2ML?oVcz2UHTmg;Ej3XrYs8#*~9)}%C#?e^o
zK=4xGOhAAGCQ6Hos*ui=R2s<&#}z|A;Mn|E*;t~iM47HF0st7%96q#zMkBB!XfBHj
zxe*Mu0Q!?b7ddhSj|rJE1m)@O&f&~)jb)3_gkpRSmrq1AdTcmLAmGeF{X_%bast2w
zbhZE-n#GR92b3Q(g2@A?1f4#PlbmQyo(}&0w87xIV&9X>c7@LKqO<9dOz3ne9vT2)
z(P+GY`fl8R$tHvxcsx3EhLlEBn>!tih;A$xGz=!6@4=4XbmRRVVKAZ7up2Pf!_-@N
zf&!oE$ujWyZcP7LZ->?S1&oR=9+IPDV(i;r50eWwuZ-As+<(8Fnh
zI3|4#AKO8VLG|pTa(JvrLgpwHP~=3p4qUKfUN))>Ip6c^h$#E3=q+<BXAZ#-bUP6MlCFnAO_9N&0*
z3EGmN%LsY~K{pcge1cXC6V;zd&?W?3LD235{g$Ak2wGkR{6!Y_v;;jC(P|im6^r!I
z5Zw#I@-K;K3b4Y_2k~%$A1)>!u8^Yd0UZIJ>a}TG1S*C^EzyU)C_Na`D2Qp491I~8
z0(ubbEyYLjq4px)NJt}jF^!5M`9=unK{S$=0!V8DZDRKK`9qLF;Dvxw&cX(TVE5g*x~0s%dUM)Hz;B<~JifQ5KBA>j5C
zG|KxEe&X_okK~0!d4v;^7t>;Sl!qP^q538HNWR=v#M=RBR8~ww60aX#3GfHeNM4eU
zUy_gH7ZCGbJCsB9i)pd^K`D7jK9bk>64_r$$ct&Q{5_O_
z2Svz!Nj{SQ;w|ENK^oOBrXh*9|1=VY2hm7gl8@wtJ|dn9q>;Rsh9oY33<<-7Xe2Mm
zNAdx_BHj#0BY80mNnE}a<}mai8p%uYk-T`lK1Vt(lfe0>PwClt!+iwTIMrD!0#%s=zMf5Iio-<6`D
z0*&S$hF{nD=S!f-wt*mv>=)BWKeAt}6Vb?iNj_?S&@_?!K|)?k|C_udAITRI@@Ses
z^^0k-ytMyF@{v3@NL2p}LS9UZ<)!^cl8@y3PZ!BM5b|PLEHB-El6)j@4i%%aTtZ$<
zi{*15A3ccnmMD*CB>#+%Ukx;BznDgRgnu~%^dK6^i}`3hGWw782;r#)<;8d*|5DS$
zu=GnJU8uhiU)-M-IIRw!BEADo|HcR5i^_}fL+wShxV^}JM2qc1{(xw4f1~*Y(c<|7
z&DV$)&&O!}K(u&$K=U!8#q%wi-w-XHztDVv^NINbVTWkUUSvO74-p+o&}e-@w0QkM
z^A)1S^AVaq5G|e`LJP&Xb~xr0AQw~Xx?suPzd1$
zgk}gYAUuaq4FS#LuOPgHa1BBYgjxu75XvCbL#Tp~51|OcGYJ1cxB%e_gzFHFLbwaz
z|4AFsJ^;1z2!wxY>p9^4|E0b97)|0dhbDcR1LuVj=VCNk_k%H-_^{{qA(!X`><9IZ-E%UWe{Csh)@2-7cAoIn!nx8
zNnC^dPwwh|U%=tlfD$6zugv~<1=jWU5T~TC&bnT;b-fD|UFZGVz1_d%|KUEb%MG6R
zvPyKbB5@_tb2=(yo7)Y+0e&{X%6WK{v0r$ZUCTG9XLQ8A($Pp9s^E9xzWKi4N>LaQb-K{^0v?7fzT#;Q1eIfU?9Aj!fuQ4?cVycL;V@Ym9R9?CE!fhGyR
zk!l=1-8h5ugMQHlXE4plA;87W$8S2#!`nZ=!Q07&=H(LL?&IwL>n0p7#YL0WAB4p7
zmPDD~n`=uhx-Yew3U0`^VujIp^e9#g(<+=f&nkw+2B3k#5pdWnww3>{6x#o}Go!%+
z{ORcLZLFf{aLFGP&Ieg5e=cgEBM1JD!ynNY@=wc{|E+ac3Zj@Cz7=>7SRNJ|X+`J7
zj2dAjs@c+JBy;#k+mWL!IoN+r_y1c_h!wD+`TyU*KvXS>1H9{@=X;fEF-F;921$6M
z#-DNU38!0&H6VslfyG-PR=_A~S?Kp?FiPxsbTEKX;@Kbzgi6Ej^?t!r<(PqC(bNhrgw3^TYPESXTPdvn%5p{%p2d)
zkbULoPTv62z2h9Vo-#AZ=-=Ej{!35)0iTOb&GE^r*!m-}bHM*JZ{fx7Bf=L7wm<*L
z>)XQle(H?zLcZyo`-|S@4{GvW;!JzCYKz64qXzCB{abUK+T<^fI#%ql!rANA^}Lb=
z7p6NU#$PW`-O+exugN9NtgD`x8k8tjdG_@B(0
zWn=WMW!^4s7gb
zmi_QcETe{i&TmvNvjIM(ciJ+0M_5=hZflJGs^y&3^!)LYx_=CIuBlP|(nBSCT+IF<
zYXg@b9Fe^uclw$4ZP9BAS_I(-zy8=FJJ0|2$?Ro^KMH4jOSr#jYQlt9M*5*TM+~_B
zl`Cc6Xn8t5c}|@ryEra;qFqe&h~FSyWG&=ZKNANslIN*-X5J^pQHLDUbl*N
zn!kd%WiE3<{k2T?v!la2)Q?biq&>gmR^BowtwHwm-N6RAg$KV63%l^;lF7@p{@+Ss
z-77fRTA4#$-syK{MZ(-u*ZQk}m~#2Z?JU7RpT^Y4t3I)O&b4ygtIFR$B&&8sLEZiH
zeLZ|noeJ)!G+g6&@!k2K9v_Szl-KgK2aqw
zjW_f4Fhk=t1L_u=+-uvub=(G*96i-btNhE@@zcU%cAU3+wB?QO;ovbFqV1!<#73%>
zZ=_70m@`B9q}s(7o2^H@d12qMFVlHg@3mg7nkDbnT(8}6(xgxF%VSn1yG#~+?{zz%
z_;9x3G6U;Nnbo!}UI&bRj#;hMe~0nLrC;qgI_Dk_WZY4LNP3_jFl!=bd&hJdVGWOdYdV5G#)N9X)?FQr6
zX1#hc9P3&Jzfp~=o_+smv*qowq+Mrs#aAU&J*+Ujv$BqR*?US}-HFtZ!Q=K1u-
z`V&_U==l5OJFMvcGx~PF?-54AXZ6CD$`59=?lAnEo#oM%{lq0IuKDf7yiC2c5mTrS
zuL^F@@@lbI6l^_i;>PUj);;E4zBa91>j_g`vCd;<@~ss!ew@A_t2QQe^{v7Ods_}L
z1H7X)EqXbtpepkzbGha7Sx0rZ)x|D#t#`MZdhR>jRmW{@b+2>t-o=hQuxgR-*GU(O
z=YOkk+;utqam72IORQC|D@T1VNpmjHS=5+3g?jDQqbVD9mM&@LjN!h1=ekHR=DOe-
zV{AyHms5Q%+nI8N{c+sYo)-)sS8Y94o1yXQ!-}#wd!uKS-l%q4R(y4YZBwzi3U|1F
zxL|1I-VY6rgs&F%I2wH6=<=I8@^aqW>^8`-`{~nIyK9`S=JFp|m9!B<)5afgPk-|*
z*z?QHutV=m3VGGN_qX2(8Ge(Z`DDH;f1>%?fd{gF=3TWrZ8%vlBEKwX?P#wFa=rty
z=k;>=Dl?9fxX9f!uK%)L*f7%`p`Uv7eW}3gDRd3~miFStoWL))ohdza$H+Br-@9X+
z%cdQh_FZ7<SZhTffDyx{Q8crRZJ0ft=z6kc_s@0Bu^yN12GOFfvi)%@sVpTvPd&PyJ6Mk_Qg{9ts{
zXlhcPwVV5~&>0J2^WsZ=#|D<1H;p#wTdqB5&G@BpjiGO6Y#CMa)u&}j#f6{MH@@__
zd*@l_vh7y-Lypg0K7QJTwF6VuWO8%pk<+;{iI
zx7;l5>&FjQUza(Sytjl`W8?kL{>caR+j6eAw5UcW>&@BKl5qag((iuH78toE*~a9a
ze7SU4pO|Bgi=TRG*kr7anTK|L`y8h{?9;dqr=aNA
zU8SYmylD@k1N)BAG8o%u-jyJ;buUJ~4E0`PD$_pp^8K|IrQf`4g7|^qPuhD&j&680
z=E(Y&nlalhyQf?`SseJ>nrafEzmS(*(DQ|@$+5|4&OS%yHy8IArt8Gm-09TIA-c_Y
z`{`Lriaxpz_1eABxxORISEtAB5xS8wZ`ynl{qB0%hc_e{?MV*I*i*_|bH-NQa2dUD
zMA~K>cbW263o*fr9Uf+O3$Nab_xhk8pl&6cn9$3d;&9vA&huFOnOJpyA^oPhjj!+Y
zR}En~PX_Cjc}%=eVBYWa`?N(_3s1Zo<3E|!)NB
z-4|Ro^5tC;K2=Y8b+q@;mB|O!s0#;OW%X0~V7x11Bu(Q;o5%23!3PSf4!u=WuwF?w
zNWAU%#baK{)2-Kcre|C4JG*S&g0zdP0=CZXXMFWe$IHZ~!ZwwpW7wN#8g~6N=p*_a
zb5L>B>lu}Bx%7SR1GVx4g%qU)jq1mby?*RqUa&`bs@@1@-x-a&PukVS8P&E3!}IL?
zDc;w$Q*LEEZ}P60V!E$&;lNts$kMOH(OPF}(t32v-oL+S(vJZ5Max&LEw-{*YmxFX
zWVD&VzRkvh5W{iyukwlym-|iCHYRD6{bBYdEmU|BNTUUdGj-3b;-SR
z6o<|^k99t;+-z+`xj02>A0z(2MeSL~m%r3)atk+K!FW<~UDd|erPXVQa^J-xdvVs5
z7CaoD8S%WN@bFOM{b~sod0fode#mvR&6O2<^)u?!ljm!VkEtIlxSzY)f)SW0CJ6N7dcs|~J8ZTEC1MQ
zF6(nm$!dGQhsvLf);{w&rR%-XGOd^E=_iclqJG;?4Gny<$7a&A;`IibOLJ$9-FH|v
zs8i?kHM(s=u|GDgy>-q{C98}q=OwDm<)iwJw)*z)u=`V`KxLEqS6?O+Od407KkCAP
zQ>!qQ_p;|N4D$Tp!rWwhaFWRcQ`^EKmGjfS1?CJ}HAc^4<(D=5VNDrM*@g#8<9Z%{
zJ>t%XAqj7`9@cqsKz^q6`#_6`VQQ!I(pqpou%g*uuW&fgR!jKAi3;|
z*t0d-Mz`k36pS|;`1F-hg+uHr1>4oD!oRY64eHyves}4CrXBlpSxcXu)0mX8WlUm9
zi*1(wbot?GO1ATMZ_|5}9I&p$^F#r)sP>c5$PQL&ww3zRoZwBzho4iPac1`HnM0R(
zaijjJdawM$*WprZuJK`0qgUIxDdiLE?Tzm)2rK!#IJERfXRnGeZ(dl@YWHoJ&0DfV
zUQ3~};?XSCvpNZL{#mrJw$3P!IjHxfpaoe4G4Ci7M>=1aziz!v&$u69eU#QMcAv3f
zIcsNi%)z;K3#WQ5Po4H)$Cm{2>gZ8Z$DM62s+*|z{G_p_-I*+>;C*A?#!QwubE21f
z>OY5GTDy-d>1p|ldT>a&OogfEgNy8NwMXAJdF{O6(>BTIfo8;%+j+f)TBn~^IO)3K
z^vg8Ulj*A`HZL;p{OGZ%W8C&OPLF5bXPG^r4HRHUFYTSZI%cP$NA}x^hT-zN%x-W_
zKA^0K<4&71`m*dT4W}yQr83mpO{0G*SKl|B{Bf|t&iG?NyfodQT|KsQ=dQf-p~pw>
zr;A=68p~y#9&psQaOTbQK`q`^XUaXcj18=6&`EbRPtmv)W|jHmpnkY+zR%W!=>u{F
z%JpLd9`)bl_dfri%|qVz4ca?yc{|zuoZ!zqv$SdY`s|G-3>3CMXlR&OZgDrf0KFH4zJL
zSPr@W?A4ji)Vx+*!7S@u$IO@eiWlA=|6!9sLPQYrS$+JL68_*@v$t7|3k#0dx_Y5>
zOK5#eZ4Kk@i~bd~im`@XI$k;4xyh3UF8+MwL-p2aj=9h3$IGnqRXwcsnyS@0!L@vX
z+rr@|&Q0I#|8|o8jxUQpM)dq#zI*SnBxvwh>XBdvYF!|c-zCXh!YrL&p;oIN%t-k;DpVNCa
zaW>zaI6Jkvrq@@E8{64FM#e+3Ql_k#IxlkM^thJBl+o4q_BpurQwtoJS#`}wY3KvL
z=LO1NFANxUrc&o~p3_6D;!@}1l&|e3ubLhA9Br|}^!Bf>ntISD_ey1BSc1-~K!+D6
zUe1UJ-F85Io9er{D=sQzz3Nz39^+39J4m&f(pw#c26@VR|^*#XN-$!(a~yIS9|>Dk59$-74XP)OkSU(#=;gHzqZ>O=ho74#iS
z8Fx6gqR8*f^I*!1dqbXOtG!m65PUr3@#1xj*$EmuZw|Y3-+14`AD^FXxYobl)R>i9
zdSv!!-&ktdzeoO(HEWc|TNyd$4Blul>;8zP!py0SxkK|NY&osj8In?{(70sorlBi_
znJuMnn#S9xe&%bQsmWUICc<4f%*0(|x!L^7l^e~yHDoe_PnNxn9^YAUTBEJUtl%@+9jbYp4L$m{
zTW!7D(VVI_=GDQ%!n8HR_(PT`J#z?|qg~3;oxEy{A#JO+w_F`RQ)Xe&^66C>PupGJ
ze`zRkJdm0&EFVOrC3TlUJqpP4C&hx6Xf
ze#A4qJ#U;(-2CDtlLt-J>C@NYt(^RlNiSyhGpbvekP*J)ne1cz;Oz3#+lQ6UO>x-!
zD%<$zX`K@{*JZJlCkVXDjR*EEp6I&mNUo#Yi2}QjBacd23=aOhHrevLrpAGV>o5E~
z5W2Z|0i5S+vi2UBJZq!Vt`EZw*&LtU`*z*tv5r}VuVb`+PIBE|9DJgs*C^%>^|NzE
zd1l@18AW+oMQweEFZb|N3P*e6v`6KKE;kLU33p9g<{@ivZMw*YVzmO*K9LqeuLTOL0c@i$~`4yr^3@X-oUC^w>VM^@C4MId*ev
z@4UhhH@Op{W>@{QZ6w1=eY;ys+<=oag(hDkdR=FvWv8A0())G#tUX7Rwr)_qX!jwZ
z`oOs<*i$9d#}lU2y|S8D%nO`gK;-t(J7p3o3hO?Ml>q;N0`%_BfM)dj@C@${dhF_bb~O
zWV&|6&61iE@`DuQEg0!l^{XZozC7J=z2^lVmALY>9HWI=G_B8rQq(EhmZ`-zCLHcJ
zXkyjAKG*&4^uFXXV4~*UK)3ADBIUaqPI#Qz`BkY<-!E%f%(MR2I-V5IG}k>BS`(07
z^pBj|M$1+U6m*{yZkyOEl!kM&-ZQh((7>~UWYC!X0^zh)}mLFZPV0`d9dYN{Db;H;+a2TemYQadKltT*
z!Rw0gfrC}kx171M#=K(5wL5Cx_Kxf^!?kA2611{e-=Y236kkCA!|MREQue3*OTQvCU*U%9gimaX+DJ;oczUIe|;QGl0USW-#
zm4XRVS59or{BX03-i&SYu^cfWbX!1lmhk4t?WJQQ_D_qt6a1la#-)D8SI2$ZF))70
zvP(VY4`XZCa~k(qjJEO5G-x|#9y4Rfi~;!;)_E<@CYk)8FL;&Ma^_BC{rM+WhrZ|b
zzB=O3>*Xa&ran5DetlP=e(~-N8q?+quP$N@rk%;FJ>T<4)#M{8Uyj!?2Dv4zy6}z>
zAN%r@)AQ1mH$Lz_Wrl5Na63kAe>i0A?foG?wr9THJ;CK}qSx1I=23kW)tkES;vAOg
z?QYO>GEY3Sqkn$;)+6Cz)t`(OoZyymQhUF6^K+xyo74BGd*`k{nK5GSt{W%WSDZ%l
zK4q^SakHlJTltdM*UO6<#?JlNDs0p{Rv${<@SdK?}yI(#<|kFq(_j9($#?pW?zj)UiNizWqtDCwNJj4+BSZh(Um9m=NP%8
zVjs-hv}V}$yY7h{1IL@3oHCMDI5;Zv_|<>XGU71{t9rG0)nMNh
z&gM#I2QF$T*dOyy)8y6s6EZsSc^v(p!)iEpEi@BT4hqsEJJxS|z#3ttWwQ11g!1rx
ztb0FBJ2*Hm+cD>*e=p{?`F)y7J@2m>9%&c!V#lHkhUsa|jWdXRWxaqI#v$KHkXg*d3MnjlSUf!^!}s<9qsOKmO3acGqP_-unE&
zFqckQyNHUp+I>$P^WpW7|9ZL4pdFuiZ3iB&K4Wga!O$c5?ekrs5mO(#Kh=I(Fn>?A
ze8M;zgEb5L%XJ`I3?{tagf>)0k@~H}3MHNlNv%CygysyL@PWLY3^0QCs5^W}UYwD5W9n^&bbdd@^^Qgbcy@0uWitx&xX6wPHf4~X^~BcPezfNwn?s
z0S^0vp1xkXr!@Br|V#M$QgXSbn%BCbAC*^wX&|@@OQpl
z#c=G&kn`bZMR8ANej`?aU6pIXmARHLf`F1-k=wP|X7u!ZNSLfaEG~b=uylYm#a4nZ3si6<4UrPI`fAknBd`LMNIQPcZ
zB!}_MU%t|&Ty0ed8h`4B@iDH$x~2gY#Z_l7tSj!7c{#4~lGECu${Kyz&b(@OSCOT)
zD(o{>cA0RxbYF7tJKxKZ)R}h#F8i))wDeuMwRDDi%uusjXWfZ?Rwdg+syz77luA!*
zmbW)uI8yWI&z=^8nrW|ZWsK^$a^lgZe8n+WwyF1JMy>DHzNG!gqy?u=Td02Ww2_G@
z%3Bhme)QI8t+n%W)_<$>X&HWGdZF6JV+w~HL!Xo_I69VR;@tmO{7;MK2@~v|znpMy
zRCj33(kmDn>uGyXwa3Kg)VOkOE=Y?((PGU
zTk!R(X@|{gAM=ctsaxm1nZ%9Q&~VZ(l6go!3Z{<(p$W
z*&CN9g!-1#i@3NA>6ZJ<1^2?JC@Ak?_RuNZQAj;{U^pxQv7bn-;v%h>h{dgBYp3l+a71Q
zm=T)1d51~D=xr`_@8z$B8}yGInPx>(|2958x8KdGlWzoE=Ls7XO}V4;y@e&-(+X7M
zziNINb=TkHqnpXPq!YuZU*=x)<^>j5y*w5D*mlJR_O-3sU#Jb*8I#`I=j6`>^W(>&
z*ViX7de}dj^rmJ&Q2)#K?{m^xx7I#QSikPzgPYn%l?V1(c6!{G3tP42X|ZD%uQY^PXM?8DA4qR#~Qa<$LOM%}Rs)swEMvPA@NTKBu4U_xak-
zV^`A~LQfy9c@!p$+3fdrWbaC=yrdBsjza?atbD4Gq+6SkJ7LkstR|h$)WR&iA2ZZ!
zLO<-8-r>1GX6%?dJ1=~=5YnfYV!r*7jOGZH+~kk33K~V@Z*C3oO}4*x$+g3Fo#y>2
z{xeytCzz#hxw)Eo-7Gt{>GC(#yN7B%U3z4B(Dv0bh4XyXU%cHM^^bw}R^^Z_#?!_u
z>j=1hIeyH@xQrG2%pFUu?!~#>R$FB@hO)zh3zx%#)QW;U%h!1p7wU8lExcKl@JirZ
z5`DtHsmH09%ZAkA1D&%Y)_%4fOt&m|mp2UFSgZNoulMtF@uiKJwy(uRzWoYJ?@sm$J8d5x
zYGdZ&H=FA$-|n!Hd$uj+9}U(y6W?B%9p_4;9~zyJNxME)#Ueg8Gv#6b1=A-)f%)US$r`N1(vRjKW
zZdP&h=*3MI*G(E8{1~L3yUkoBc5&D;ccrI^pk@&_w26?ob$5(nLgzvm-alFd+8I4-@I$?>BpO1aWgzV?5w^&=Ic65w}_8+Wi7n%
zch31TZfvINX{ERHQ)%%ot75BPS#N!P;cD3@i}??R2brmUi(D8!`fI={b+_;<8!d(p
zeBAP;SL3xu>E+c+l;$cMeZH=8=>KBxoPmX5U^RVg+qP}nwr$(CZQHhO+qUr?YyVqs
zb7!{Q)M=6?Gs*kBX+~0!4K;MW&R@sU|9fHQY;)W_tY
zzt;|*>&VG2%d!;F(W3jyX_%fqC|TaXq;zaD-E;!U<0jzb)vHrLzZ{t_8f|qo1Y}$2
z6vy$#2IRcSgWMtZ(uxOvzaVseu;(+h_W#w6F>7rzq`1L^_d9&1GWIU=370LpK!6UU
zLvP#4OH99VP)NW#gU&tvMJVskXmk9SW~s*e=4Wby>OP&?iflGBhfO%ygD@~dfP6u0
zYmIe!7N9IiVXA|CL$9T9(;xuM&$lWwB3=G#pQk;!Kk7}D=s&+glL#z-bA>lwhp(tm
zNAS2$)1PvtX9IxeWXJ3(b{2MZ_PajPuSGn+wWtJ31-MS#&_iR&1Mx9!c7`Mj&}JB)
zfISE`!NPS;F&oJjQ8P?puCtbA=cGE{@kPgrS=@uHzh!kRA&+sMaSXCac893I-)5{}
zdQsQoE?0m2QGVVg<6TdYR6Qk;jv??oRA|6bTQl)HW_zJErsaRNz(*-iet8oZWol=G
zyTx-MT6JRl-KUB;*>sh_KqQ))C`zMK)w}r_Er^D6`3-6594b>SZp4rS2nyiDwDm~*
zd1Rt&EiPwJu9<4x5_krxaAxhuu7wqn;Ql~QgH7W}rF@H@j@=ZJtJOqV848Y5>w3E;
z1s#QxmWaT44`U64-#*~Hsm`rtYk`Oq@QoFb)B1fS-R
z$jVKNbdb~wu)QW+J5~P#X3Cjp{JE|D(N$yMvG
zZ^diU>>>#&qA%kym=WBRi|f+ko(?g!j{K^5rIl>pxd)aL9)5(qA8Bry@r(b+y$!bl
zyc`uIo*Nd-8P*VCZT05gHI3AX9PIF;QSn4V;J8w>>V_?%7R0sn%
zenX7Dgl0N?@)KbAQJk@#vm%uY5o02sEM3Gi3(4DDViO`?GlYqkQ&MuM*SvC1OcmcnPC@U3}<|AApp9D?Q4PrqbK
z{j5okc!fXf!5C6s&U!iGY$dB_l&zwSo-+F0;-K|5&npln2}M#DOtGx9ISvtbzjoq%
z`o{owY{+5tPm~lr&FB45dz)(91DDhHR~YY{sI(%zp5xI_y_dUBsn5I%V+5IvfO5CH
z)erIqTl3t-3-&BQs`M}fH2zO!o%Z%DL`3~96aj?s03AIxFncKQDM3Z;XnObQ!fC?i1V;n(Jw_k;
z9y0;BJyqOXYsi$Q-JP>D@{)s*)+^CKDtR8MlORFz%*n-ZvPTuVehL}lU)32I5@|Kz
zJ68xw1OS}!LnHY>9N2Ni)}UD8RlkeH{NNksUF0UYQ(cRgmz#R9Ld$S(um~JcQwKQP
zSxyFp%=Qd|y{d%-F}v_f%k-3O$J6(0q+@;3{>C=#Bcs{(E7{U30UU~96ms%QUs|xP
zsP=S$rV3XhYZQfskT~k!cQ;KCZc8w2$xZ|;GPN*n42bgT%y?B8%m|eo&!%g9L{A;o
z+)VFmGA%VV3qNWdM4Xm&QkRsUz3$W~8B5`0Pm0$owbsRf*bx+m!k+=oc|1-Hfczh8
zB}5lU*KH_Cc69e4=D0u~y6ljb($Fa@Qd&+)dqV;w_F(kXQ*uIHwIdGtBQ)D5xolqc
zIzKbYvztCIIqXWEhAoy(QfbsDQG4}Wy9>aMP0mep$M1Qup6A3J>NjNFR}&
z8*;pvyf=#RYHOm_hcN?;mYiX17RW}GZr^z!8>>!TeOH#y=o5KOd+ygeG=irMb?#?k
zy+ILOIxCcx{=WgW|cAy2DZ|4rHjY0~C`fvN=e$Wk*X^j>2-~i%Cw8g;s{vn;G?n
z%1Q*^ZuqZeT#KMEvo@Gbyh(j#l&QMhYJeU`$w?B^xY_KrxO?`Ygz~1YQnr`=RIFoQ
z?KsgzU-wj(fQRsq8qZZ9R3Tw}RlG^mf(-}xjaYt~cQe>G3cO;3N@3>cYDXQ^hXhN^
zj!^20<~Ab}Yjrxy`-`bEI3u#JXlcmrzu?;b@8!klDA6!C*`E+}GMgS&9uaq<^N%{r
zVyE_M(X^y2D8%eMzV#Y_+W4SfSnbb%fI7wm*e^XI%D$L#qdh4n;Y!wBE+I6fG0QCL
zY)-kY(1eAtbjgG}_Ks1T03^))0{_WNQENr%EzD>L*%e;!NXdKNNRoK7POfA()RM&L
zE-OQ!u#kgQI+g8xNNTtu3e$RPut?^ehTch7<(WSqfS}nmSLVVi<%>NExN~Fpkn1}tMW2LW=@p^WII5zh}1H!w2iEQsAS3Myk
z#-E~G(l^t@cxKZ%F#m2LaF-{{^mF@B$*jJdeg(QJU~)$Ywm^Zqh|4g7ec62=4|bJc
zL-{CKWoirTtw_WuEc(`$yy$kOqRBSx)*zQp)gs+v$)1RE-PH9`TeqtXdF-sn@mjzy
zz~^syS@tvODy!Zf9N)rU`*##*91+BRw2Z@|Z9Zs(Ji{Z~>j6mfqrOUmZ3+QqF4fEu
z5z<-aA1{aClng-eFsTq#?RJ*>Fh_uEpuGG9{U}vQD0e_PevAhQh(KlO`dFEy9OwEA
zHLv$k~qujb_K4RlMQh`l^xpDW)s!_c2V
z-Att*CdoZcoh|REXrpsue*3=FyAvo*x8SzwoQSlRm6FW+?KDuB0;;N#bjE_ReFQHc
z>?$2gZf3o|KnSz|AoB#$T`kIzmwr^%0n&A%pj6juaquF8pUfP3KUS-}p8W{{<_dFr|CUm*e2O9T29e%crI~={3At*|}Qw2z2=1+Zswf={ELUm4t%KA>L@^J3Jb`hh
zHdc#w<~AqbUktfP5QzmSi_FTwW?T(fdq433sdZ#F*!R8DNv20$6zS(f7~)j$@r9b9IzAQGO$lFSBDMR9Cu!+F=oGF8Jk@
z&8T_otEgzm;ioHX_34UYCFqQk5CRp8E%J=)D4>oDti03l%!uacyr6vypLP$6Q)3bJUrk+mqtEF&nMo7QAE>e7;sq5?_oX-pMRXb}
zuuw^{M)WFc(B5Q0xS<66Ou5^Ur-(B;UKun~6&-d99C=bPjzrpHW46r+86x3skytvt
zjrLoSHwk^N+#
zz0~`o(GxDglud8qr2s}z04|x(TSOw#{fXW~!Cu>*?j@hS<|K^j91S
zEbL;}A~n2|!(4r@y^aSshV2`|T12I4MougZGIz3AS^Hx1lzwRE*eOYb{7SI`LRE>@
zp}t1D@_h~%l(C44wtqDbGH^oUD9VRTAa;Obs#ZOz&6`V;n%L4f&tkwK&sqD0A|Lpz
zKdO}?t@6>vU`_HVR|_IU7qvAoGd0ZmeHN!ucT>+5)Ry;ITY7GgBeP;3Q
zwgHC6VWIOVty+d#jFwBTYV6dB+w^mYqwoG1Q>wJ{z;Lf-G
zlce(E%{66xrN>Me({8bVCCFL|{Z>@lzKj%6RZf64=Y>h8H)!=!PF6IDAFmA6W&`Kr
zjmxp&)%_ERB&`uXW9PEWY1pcn>!d-tW9>2BSyOq*L(C%0TR=gzDz%n-%(vq2j~NSx
zkt$L)nxE?LOOGpr7KIPquMrb=OUqYRt>}^2T@Sfw
z$P0=_cuE+thAhc+1b04@?lPL*
zQts<1a_Y)R@HmHD*)Xg1brn{BdVm>}l#@#-FR|RDmJ&!(bniAZmUAqL{dbs385jCj<7otBX%R^h>C>CL;PlT{$_huO0r2c5RgBG
zv9bd~jM+~{*FzvF4_i^owaytf_R(+sSepz3o#Sr5=W#ry;N+*)L|$(lltMlzlM%7J
zEJ{O=w0&8g9@l1%LbNGy#vI!g{9y5Te%c)-3z?uv<7*ww&Q-IqS(yUo%k#70x`t>7
z@&uxH^4au^)m}8R>=oyNQk@Aai^a2(BX6W
z;?CfhoW*1cOeanKOcze-t5m%-GSnd=5d-{KItfk=d@{PuOclr-8gSzmjkB%-r^K0i
zV`SASj$)NB9%>B#K$2=J9#ZH~nf@K6TtvJHlVcc&R;R$XyC4kk?FK(gOk3&SzQr((
zB>{#3V)l(I4+AjSmuBQU@g2@!A=gy^sE%i0q38a3^EQ(#>YPQL|3%MmX>!C-MZ4R4SiWMbEE)-BK&I
zh=p{m@LAYvK$?b3e8fS841vV}tRSf667>ZhAeT?wA?C5XE<6AVWHS?G|C_u()wUr2
zRMq?=rc+=3nTUPJb5v4+2HFuo;r{3t7`+?A|5H03p7!?!fy{?Uv;CD8xwS%~V^b#k
z2mm4<0sPuIhP^!N!sTaj2y=c0xg;b$S`lgN5J4}Biz<@?fck@Adx&4fwBKy+*30fY
zO6S{H#&B#B-&fho8uE5Nkm`3wkJ`cPyU6Y;K1=vCq`fsS|%VlWi5uV2mA1o?ZLO{Md68C)(8IRiMSCm@BB?aUo>d&8
z@Ruh=`q>*JACj2}9`J95A`@)I1d$uz!Ln17O89*AE1T^}cuHXmXPt3g)Vc%Ikw82nfZ+vg}$Gm16OQGXuTz%+#xoiy4dmcvR2
zLxlaTDj;_?#y#IE`+*6CYsu0#T6`0PfW13;WKe)Y>njWu4P#ANZd>r4XLmhdZ6YKE
zJ0c*Vdbwl@Y#v?27~(Y>FHVrX2@5Y}Y%KfsGJ*cL_5T07|2<>;|9ka^`zl-BX2zg3
zU?YQA*lZUR)@(NyZbVDV3z@Gp@^)-?T7m+Uxk(JuOD*0hwQ>^3k2UURG8g
zk2*6UJaf04P22OB+FO6Q<;hxUEI7{ty6R>ZzXG9_W2VaodxHGFPW~KbBfba4??H1O6Pj2h0e$@}$n>f?txXNK(P
zg~=~QWgqQ?K!b_-e_;LpE84>f;(xjwV3WGHPvjy}#4Uj*{>KmR{|dk(1Dj~t2}K%@
zCQJcA2|u*_C%_yv6NP|gkm#LdugG=s&xSIf(gg$HmD9S|drj3GY#K6)5tqFXpPVm9
zpO2q0$)l0uM9MopOQ=9hLYn^<-o7m+<
z(X5+U@>D0hlDfBj>Pum-GXPJe6wJ;GGe~zLSs*{l78`|E)@Utd*w0B?
zYzK>vPsVKB3~UHRFYi+520866JZR%ent1n2g_%&#=NQ-?s!z2mRkGZ?O7c)|=Jj9K
zdF;0ZXzN%b!83v9Iuur_us#T=bIW(`QFa*|w
zO0im;ESi%}Eg+RUnpQ2nR3=CeYOW9_{u|G}GeQ&X?$Kbaj7X9`qHJt}j*V|krOWWn
zYbctwSw4s2my+2mqiT>At&#qJpM8q>Ii~Fu<4Gxc{Cp0>zMr$QO3FF04upd;!>A+3oI;l-Z0|LYaEPM{?ww7N7X+BS;!&?v|49$Z_Qv
zOeQvn;>WBE@_7LFTQ%AOXO<8ueVs#cY~H!`gKNJShbdv@-WXgrjGlI5SkY@f&qM4h*Z;%d{Ob1ISLcDCg8qo#
zb;>2Bq_scxwE`DTQ!piP9||T|FZx`=4LBBiaC~l~oYR|3$=S1V%CSHB?{+>4Ey}y4
z8gT`OgNIP3IVDL>;(1~i-YTbgMoZCTf|y^H*4rdd@8>w$04CT^YrZ`RdweOFBK$A-
znB@5_5_L!uR!AdD6nSe8;SWEJ@hRCYgJ_l>?>1mQMn{GwY?Vo5*iQwR#jm4h7umwy
z0flu@oP8NX5Lv1}Y8z()*__^KRUxJmUmQF{J_Y~vSn0z{_q5O*nuk`;G==4v5i51H-8^`4ABi!z9
zMl{;u(I+}v92_QO91W3V{p?;79s3+4U^DQyY|nuNTQhcMD`abT%N$-TrKA^@>>$7U
z$j~ruJbG&SQDE4R?3HFF?+RNO_H(lUWLyiVUBnp5sc$cZ^-;(_y76gPe&b>3{8UNRK-Y6_ahCa(94A*=F
zA3c@-=AS3JH{y9k5;)w<*%bgtjLb`fVGnfpIF8_tGPK6o~rd@G3*5cgj_it3&1}f`wCG)k6Aqnm|rApjb
z5sQp#N|@Dy+578(okaA{A0cwj6=$0Jc}{)hoO@Aqx|qz(fqy
zc-g2iUi-87P-!LzJbc1^e=M|J0)zn@VJBM7j8Jdz`XlYUN%39N^4aQmy#+xVuO=%#
zByl&`*&NzTx8JcqD)&gBda}NfdpX^`ZA9D)S(kXwpoMmrHE}};R89c>xjCWeK&PQo
z%b4uW{9XI90>GPH%$;zc32HwJmo2c@zvkc91_EeYjKa<{2EA!mKgON+$a?N2bmlwV$w@8gT`$HgDldkwL
zIL`<8`^hQ~9n}JgX^L{4;|L#~U6BWZx8i~=843|GzjCnGdRBt4T5|6Xq>wR<&OEGm
z4**N$-axX1uXlLnCtO*44foqcz7uh8Ro
zmegd3Vc4LLYK-wX#X9-ln~~dv!y0%opGE^$rcRQ6{1|=1DWev6OmrsJzeCdA%_GMn
z@tdzbuH5!vGv6vk2s_+VysgJ(U(a)AahODST~6f1!=2Tg(Wgm7gon%Coo6
z!uDjPLXGfAO7omb`rGySwW>Lr96PNcSc^?2)o
zDou-^Z;tKNO4N&lyiFsgwe36A&_dn9@B5tcmT5mIMmPi0V2;5w?P*0lO}^SFBr>3Y
zpRW#dZomK-FzNy@g!F$kggL5B`D^5)wiMg2jQ#<~lx-u9Y!yVdzbsuMb)!X{nF*vA
zI6P>!1(g?yE#qS96J@o4&NlY#iTTL(lUdg%=#y0Ht$15;jS=kCO!ef@%Eyqj0B)Qz^eO4#$$(J
z5-CXHJ>&>D7M%#jch_c*pe!#-64M1ywP<>
zqElP!b5m{rgEJ(*vTln+6;lMot@&`0V%=(Qxrcey@0;RDj;r_ByZPy#AXEjY)l@7R
z$_KX08vL(&7dgyPYWkBvWDsnvLa(zm?V5(=xPQAnxKoC
zcEQQKXd}u`zGKwzil_`$4TU-GLP$7)>2UESd~-jR&oghZGCjm__kKY#6IkoqcISGd
zHtt%4T$XDF@At6=aQcK*hi8Z)pWUVLfTaPXImY(>+Or6T;-Q)(K=lXbObz8`3_bwC-v_XAgWqq^
zVmzIjhkqfM&Kiw_+01UJwlC=$TJR(fk#Nng@0Dlw;MOLH)uc$|Fp~7zSc=8gv
zz}{r3a|zlHc|Co*=*E7NFD?vikGA!G+vOkkP{5z`r8A@rpl_duv1Q3#Ax_zobd97m
z@XyRa-i|Wz2IQqEjdbrs7{YJ#0tWUfZWhE;f3D@F
zWTlc80YSx2>DK5wpXNHZk?|VIX`(91wYmB%)RU*VRmZ2Ov4HUT8vrb3Pxmht#=BOF
zqJxD4IUe6*Ls0%RJO@YhR0FVMF+Gfs`KI{4y}j)+4yY!g7zVmR(Jg}^vyglHrMQY*
z8)&R@6TOT8@}n_$S&PF-6U|RKrK0cdRc`IK%ZP+P@LX1zt}75AQfE;emzMni&AC17W=A~#CId<{;UZdf(0S>5lkBh9vyfMFFY|*@%0pmCd?Z5>&(0-mtVD~t=C4{0&zaHB+UF@e)Py^9l%Rg;9cC_keKi#H8o|?z)YY_P
zPMKp)eHMN@@*ufawp|kbbV%0h0bI>)^j~qCm>7?WDzQ#v+5$2@27%ed5YC4QJZX(w
z0K8$iFY;C6QsoLkvHE68fXss_OkGLCAE!mlk*VT`|JJDrG~LfhQW!AaGm!!#@yS%;tXiwqNc_yyP-jkH!q^7
zFbsHU&AK-+pF(2g8Ng4Z>%#0LGKHewe=TAu*b7sQjVy1Vm-f2>yG}cFeI<1f=}|5h
zWLA43Ha@Tpvd3aKws_8UJX2Jo*xzMFe>|fj?n*fG0n!oM1fYpzWH{ti?iM-=Z*i%c
z14Kfl2*Zk5&V@p6Z8q^q8dD`UMJ=r;WM|>zxrFy{H(ThQ26=r2xt5$gglzG9$E^hpERj_ue
zyb1hJK_kk`iEA9g?*03`7aw5!O}jo4PB%@J7Q-a!KF>-UH9Ga{Y$L1Ywnz`#F3>vO
zig8Jvx-jilvc1>FqA*m%qq@-ZtfI?bWkJ50BIN}l>;no^N;*@F(-WLZ`^$*WyAac3
zt;HWX*+pHLyiRxw*AC#~BCxmV;@y
zz_{h*FIcpla}w&Rb2$u}SjG&pG1O~8;_h-Z=Ad>__C6~4^P|+L#q}?7
zpk&8b5H?MY=<3a!8ZN6nutgG+HN1EbAX>%}|o>m~qwzMRCLNBO)9Tl;OV^SkzO
z8G;3C$okz+p`y?pb1>4Il{limcgKXrl5R@P`h0iAj82=BKYagZhxZvmHt*U6#nC^~
zYJ5Tu7s&!6S3dQ2$Kd=V%{q$RN7_i$r&XpoYjJ@U}Emttn
zgJsYiQ~`R{M~b1#PE@^Thc+Dqe7M`T3k!6GRV*9H$Hn?#V+E2pnX$uHo7#W>k*XA)
zsfFX6U=kpIAf}wG8>>OG%YFJVK#|Rzr^i#J`q6v1Fjc`1_})-zr~3_g?ZARYfQ&4VlZe%{Xx8-po#*ra-
z1ncr`RZ~NRn=MxDZh7$634TdB@pWsw(hA7CIYn@jRxOYkAsb0z}q
zUP$6aug`NEO^RamZUxa{jS}e?7etat)<6bSKX#H4!Pk#Z^AM6_DpbGQJ2FTpPT?EV
z7M!V5w|&es?6ig3PDfMmX$qxFD5awfS%7_n0F$UAx>UKF*0G7B{X03S$bmBNS|^db
z1Jdga^2kF`bRM&WHQHI>{k=Ak0u+%1@4=dg?LM%aM_NNGy+9iFd4@jg2hd$SlsjR#
z^AIGC60f`Dfz2C;cwJesEEFQMMP=nvS
z&ml_wyf%i8%`
zT+`T(xBMI0?EBIV$4BnXS=#%yN!=peL`8Ok_YKYcptlE!e2Kv{1D@n<}qhlV`E#NS*&sR3wtNOB6pb!4^^EwUbNMvf_iwPEgL
z+D-N)$%q}b#RRS}F@&iY8;q+<~7;ykx3SCBSgU%ur#l!Oa-cOi}Y-o$^4`!Z7L0(7%C1-hhktv*?BayDb62)!h$=Rd*4s8p{=;
zq4B)gB+dIE6$l47=uUJy5VDwxkVSRQn#Nr~ngHSH$gvw68*a_)m1xt*y{^GfrS4a>
zeDwM&`Gfd|Q&yWqIP-Ge^j~Tbr49~-Vk-Sr++=71nY>q(O?Mg7ZDsuDO+J0}Tm3V+
z6e#UiGXdiG*baQll2d!^dbN>OLqfr+UbBpo%%O2xtnwT^+n$Jo#FqQxPwl=a*&J#^q>3c*giv@}3o?Dn9eNJ7R6AN^Hj*jE`wcd(XbA^hL4DW=Es9XvSGp$plwEg(=7)D6Nt<^HU$??u;~
zo_%Q=aL4#%lnmogBau=!FIeFXUAS+5D7~LW!J&ARYx$uYz2=y#g~%}3Y`w7H_|JK{(9IG|+>;VtHWf&NRr>y&4)36g2>C(*yEjXhT&w+ssHsWz6xQQ<`HZoW9cTHsjj1ZFODSF^8%=eaU;TZ7Rtsc*`Of_nmHJ7_|TA=8#Kjlxp=
zRTYUR)3a1Oolh36jxUkA6Sikpu<9@HYEh@T+lj`SAK9Gdk-kt9Vbsc?tFDQEqa87j
zl$hX)QNl{EZ5C)bq3sK8*(4x3Php>NiRQUCeV=e4fugKFJ0w$CG`X%;
zh2KiY&l=g6V1p7?{Lkgt@HeBu>4_0Xgl`1}7LOUsMS`Mx-sppYp=_`2ZOAs#CL!I(e`9em*pj*`s>!>ZW
zr`{@tNT0wJ`}k0!YECV?j?2ILmsuf0x3&i;*?=bThB%NyZoCl-Ql-pyQqh$IYe{zt&g*na@z;?@sCN$qzBVy8j7o+LY$PoFDiX
zL#l5&J>Lscz<)Ef5M#WagD&49)cIk#xVGXxM|aOfxqguSAuNDSpDqQds(q(DQ8#BS
z9cIxTQ~db2K*BrUo}`wP6XOGI;NcD)JNm-p+2C7_5}p(E&6K@k3XVm07H-qghl5Y&z(kxs&9_v#c!a)c-N=!h^upZ;H4-s
zM167wy{*(~yXfBn$g))$hy-DHGH6~WGcl}2g|%OnL())w^P{adiu-YKW|YP`q~Xkt
z;fyfKi|sj%6Xa5>GKzCaQqi9yXa3mp4+==M3S}8LF0+S~Akhy7$J@OSX5N|fKu2TZ
z_v{&g2!!ZQ!N}8^7FsMyt?Nc8ArZ&$ITlY;4BJ|p^x3d~qJI(|m0q+}Pw^;%)->-y
zxG-F{W$8V2kc=5@&HP}bB8d*pvoQe3`^CkpTIU5oU1>Oi73!0FulWw-nDRk1QkKvUbS9&kB`+K)0s1
zQ=JmnxgW#Ua*HB6*}Jt-fZ!!i%KG%_utONxl*MK`sb(p%;i_N*&ggx9<=KwH#zf@M
z^QleA6s@+i{18*NIB8smE%kBhbo^DXax2iM6pg(ZjwE-AZ+EQeC7DCRwXOO7w)fZ_
z*B^{rA0fuh(~(i_=CrJ$i(1;vS}(x_sEY}>InkpgFtI%QmJCc|BQXJL-Z^%&fJg}2
z-VrWiOSTm|;51ZCCI6=#lDjI4q{$WH_|y^X3ZgUxl|9~&AUF*%#DMygFN3J2d$fM>#NVyZSohkHgpX4Azf9jo5$ZsQwKLLquO<7kW~
zdc1JS(`UVpoxMYf@Qfnq|NPx_-{4SArsDD$-n+HjKyC`~%>hb9u17|qga>FZW0@w~
z1vBSI+qSCR3y)Ls`ieqRoOFETVbpMH>#DdjMk&|9_k
z+Gx>03=Y9Gy)sy~fwmYerELjfny=HBarhnYOVEXXl0nm}&YY$`i&*X7#2UANp#zs8
zU3dwv0f2ff@T438_i$S&#s}(MfPn*2AIoT;Wm2zkmoj2w{t3C;EkD`9+0p*P-i)-n
zAsp`opHcuds)Tq6o0LLb&;87}1=+TQ(&IfukH`!hmJ-;9d2@&1s@WegLZx%X4y~L#
ziS)s97twomkg)xD@LaQm(1xR!7==Vl8q
z9deo*nOkFmd&N0x+MKHT$}2p{I|Q$s4~-m~trNQow-taLqBc2W)91S~)#Gw^v6C_j
zc#!RLEopKz`C18-rm0pcS?
zavk6(*J>z*M16diT+1$
z=;pT@d-!Hm*`SS#n@9wN{nnSVp`{0XdzC-Lgn;;yzVFS6WJLFY8K}gqs!r7^3(<(b|MfQhq%%h05?BO5}*XM7OX3oYjIqh6RL^71pZy)($=3h=zhgOJ;1b
z7CNJDm-Yc-tk3iHmGeP?5JH@a9PfmOjL)f<{Tg*cFxNtHTA9%kdOL-@Ai{fNeHd6h
z77p!%NjwM7nf|wBQ9Xo~vQ~&(nTz|lAPCXvc~7jFW!tLx+s2g-Z()9qD0kKkLSQ05
zrln1?RGRN51~$QG%skc1$w)DT(PcljHsD8PUwZ>n%1n-9SKy)lr@({ejd{
z2{~m&14y9p$s!yrud1>V_sILMniDXZb@ZnHDxT#+qJ5??Rg8qK_Kc)8_35QUUrlC!
zn2kk27h=)g9k}Yps=vgy83+Gc9fNT8P_Qh-K6cJ)0c;WrPwM4f9kx$B!ygB7p
z#ddKw+p{7(x~RY_h6gc#hquPKcQ4C-bJ3-*K$LX1k}3i3>m`-VsXjAj-rCa>UMe>inOI`%juItay!*aN
zFJ(^JH*KR;h^OnSGp9;&;A7w;R{v}mp8gEzOjs`a_r)(h2K`LkQmwN`QpLjo{!vdzS!cw8qO>wOIbQsbM2QZ=ZmMk
z*p#xn*&N@{Rf-BfTzeVz@KN0Lx*MyUuANakVcKJ>e)`kjo`n@%@afMxe+Eunw5|I4
zWe09hE=4zE}Ot<;k&YIu$tB?tY;ihoAK7+pqtI;n9O~6lZ-`1YJDkGpOs3-Iv=&
zj@r3q!@ytqeZ2RuX!&=SGc%_9Rf#EGH@vrb(%J4OR)61MrDyu(7hPwh%xyaA0$
zzpU8wShKLukVVT2hxqEt->Y0;s57D{^G_e|rC
zQ#B)s<=j};dt%P2=qC}80Y0tgWOuFh%sfcj{hzc+kB#S6PW*e`1Cw9?!asf=^!|aLUuLEDO)IRO^Wc3S+nQ6S-?w{I
zVZ@9_Exg(v9#MPm{sBe1WQ{!A@k5I7uzJ9WkL%S7Hq_3T5cg!tlCDRe{q)i=_2@Te
zZrY12ZarvI{lbfHZT8*Tx=nfQ#-je~XI8CrGBNn^wq18l_8ULzhpZxVj=t=WFn-mz
z<&!R+?s0nSIj@X?Wo|t`pS~mXeTRhyyVc$FOO;ZK&OJ^l{5HIe=Yqk8MHzJtS3bNZ
zD7eq}8+%RlTejm>z4LoAr`SEZPI(aj>&rj-ENW2n`hD-)9a^9A9y`2aacil%Bd1jV
z^Z14D+g9@402bkBQ{CNbTi#zW&NpaYfugFdk0j$N^&L-LKpO%Ko1n!7JO^vv$Yli#(>TH`i8Cm!|IMb~Iq`tZxs8mOL>dDQE7g?rZP-^5e0nf=w$}%j~)r+;(+nj{Mx>r>*xC
z+Oggzc-dm&<(qDVr;l)?)(Z}XkE(tH27`9+i?-`(5h+kN8M&1D)HeFE+m|INPcOvyg;
z9<=s}e7Y`cWq9odlP7e{sr$>9NpCm5Y_`4i!fw}kchoC7owogbr|b9KGIc?b9X!fk
z?fI@jyLqFwoNs^Tw=UfW&V6ay8d+&mbZzfT%l1c)?)uM{%=15|H!Br>@I}56F>S-A
zHMNah+Ue@WpgRjz+wMI5`(FHeb*XWazR&!7cK=92Lf6j0bIijvFaH{3^scqy{E8#z
z>kS@Oa?-VxwYCplc_gt%hkZ-V-d)*sO8Ot?dK7AW?c#&O*D4;KF@NZ!{JU29KW@@_
z^q~*6ZmADV>=Pc4uBmF6(B|f-QLDcMUwZR*(QX}QR-G9*Y|ZN50^=fk{&Fp@o=?6S
zn_K3nlg`{a(d5qC*{^P%D^}!Srr%wQY5d@@{iQblef`mi?a9BEeNm_My8#tOT85q~
zS9ILU@c3D`MlJo@RHt$Mm#Q1K$8!6uo-b;e)Ac^Jty|4?Cv@lrX;P*ryuRIBwobD(
z2kr-*e)Qd%QeRH&tFGx@HypYD4-==To6UF+^TaOFs7+qTiY|0o-E_sIQ<WxR18(Jucs?8)Nqs=8`mtF8k_sahZQ
zIk^3L)qA~LFC8=RWKhqmy6!93;g9xzoLHd#bi===
zqSBa4Wj}s6xGk&G_48eu4a>JWUx%KPJqCCd|EIwPkLqwjC)>**g;tbf*+I{cYe4c$6ZlR77pr#GrIVod-0r>zT?L$rIZ&PRvX
zs)YA^H`ZFA#_d%J8@-=aJZ5P*^xT9yJJx-lIrE~AU(20714b-fbMaGgMb&-p{TH4I
z&0gNH*KtkBMY?B;$27jyyn=tti<^5tP@V2nYv-$c#fJIUA6(ne%Hz?kZaXgRt+UFU
zxF){yx%cm@w78NzDth*n&_<2sw=1LjxTN_rTZ!tMzkj%TQ~$l&jMoOe`C*&K=OCX-
zi{6#-pE|5tp`zNB!~T3xs6p7;0#ol)iMjRAqw$x7R<-IUcl_q^D*t`!u6}#_b%kEL
zDs(SCxBKV}YHDfa^Pz*67u&tK!Hn{LP0p$|UN%@VU#yxs{nq@4H4YEhQaU5G$D)-D
zXT_9P4-6^R_@8{y8)qEpcDLl^7f%95#9#T@1^)
zHy@&
zeZSlHx2K!B%vyXh{)eTvDZh!7vhtF`TdwA>7}3Z0u|dWU7d5lC^xjx+aPW+!gSJn9
zbcfp0zRUic$xB|fc~I}y!tIwWzEX2QvRAt^Z?~WNb!v32