AOH :: P48-04.TXT

Line Noise (Part II)


                         ==Phrack Magazine==

              Volume Seven, Issue Forty-Eight, File 4 of 18


                           //   //  /\   //   ====
                          //   //  //\\ //   ====
                         ==== //  //  \\/   ====

                     /\   //  // \\    //  /===   ====
                    //\\ //  //   //  //   \=\   ====
                   //  \\/    \\ //  //   ===/  ====

                                 PART II

------------------------------------------------------------------------------

 +===================================+      
 |     CONSTRUCTING AN FM BUG        |
 |      --------------------         |
 |                                   |
 |       written by                  |
 |    +         Obi-1                |
 |       *  edjjs@cc.newcastle.edu.au|
 | *   *                             |
 |                                   |
 |   $     Written for Phrack        |
 |  x$x    if any other magazine     |
 |   $     wishes to print this      |
 |  x$x    article they must let the |
 |         author know in advance    |
 +===================================+


INTRODUCTION

        Before anything this article sole purpose is to teach everyone
out there about electronics. If you do build it use it at your own risk.
You will need a decent knowledge of electronics and how to solder some
components. So if you dont know how to build electronic kits and want a
bug you can buy one ready-made from me, just write to the e-mail address
above. Ok enough crap.. so you ask what is an FM bug, well an FM bug is
like a tiny microphone that can transmit crystal clear audio to a near
by Walkman/stereo etc. The range of the bug we are making is about 800
meters, and the battery life is about 100hrs on a normal alkaline
battery. This bug however is not to be moved while in use, so you cant
put it in your pocket and walk around. There are other bugs on the
market but this I found to be the most reliable and relatively easy to
build. The actual size of the PCB is only 2cm X 2cm! However the battery
is actually the biggest component. Some parts like the Surface Mount
resistors, air trimmer and electret microphone maybe hard to find. I
find mail-order catalogs are the best source of parts as they have a
bigger range than a store like Dick Smith. I did not actually design
this circuit, Talking Electronics did, but felt everyone out there might
like to know how to build one of these. The surface mount resistors can
be replaced with normal resistors but I recommend using the surface
mount resistors as they give more of an educational experience to this
project <puke> <puke> If you dont have a clue how to build a bug and
have no knowledge of electronics whatsoever e-mail me and you can
purchase one pre-built from me.

						
COMPONENT LIST

Resistors
 1- 470 R surface mount
 1- 10k surface mount
 1- 47k surface mount
 1- 68k surface mount
 1- 1M surface mount

Capacitors
 1- 10p disc ceramic
 1- 39p disc ceramic
 1- 1n disc ceramic
 2- 22n disc ceramics
 1- 100n monoblock (monolithic)
 1- Air trimmer 2p-10p

Other
 2- BC 547 transistors
 1- 5 turn coil 0.5mm enameled wire
 1- electret mic insert- high sensitivity
 1- 9V battery snap
 1- 15cm tinned copper wire
 1- 30cm fine solder
 1- 170cm antenna wire

NOTE: use 170cm of electrical wire for the antenna, this length will give
you maximum range, however since the antenna wire needs to be extended
when bugging the concealability might be a factor. You can shorten the
wire's length but this will shorten the range yet make it easier to
conceal. Weigh the factors and do whats right for you.


ASSEMBLY OF CIRCUIT

        First familiarize yourself with the layout of the components.
Now the only polarized (parts that have to put around the right way) are
the two transistors, the battery and the microphone. All other parts can
be soldered either way around. I recommend using this order for assembly
as it is the most practical and easiest way to build the bug.

                1.  5 surface mount resistors.
		2.  6 capacitors.
		3.  2 transistors.
		4.  air trimmer
		5.  5-turn coil.
		6.  battery snap.
		7.  microphone.
		8.  antenna wire.


READING RESISTOR AND CAPACITOR VALUES

        If you dont know how to read the value of a surface mount
resistor or disc ceramic capacitor read on.

Surface mount resistor: These have three numbers, with the first two
digits being multiplied by the third. The third digit represents how
many zeros after the first two. For example a surface mount resistor
with code 1-0-5 would mean that the first two digits (1-0) would be
multiplied by 5 zeros. To give the value 10 00000ohms or 1Mohm.

Capacitor: These are similar to the above but the base number is pF or
pico farads. eg a capacitor labeled 2-2-3 has the value of 22 000pF.


HOW IT WORKS

        The FM bug circuit consists of two stages: an audio amplifier 
	and a RF oscillator stage.

1.THE AUDIO AMPLIFIER STAGE

        The microphone detects audio in the form of air vibrations that
enter the hole at the end of the microphone and move the diaphragm. The
diaphragm is a thin piece of metalised plastic and is charged during
manufacture. Some of these vibrations pass down a lead which touches it
to and into a FET transistor. A FET transistor has a very high input
impedance and does not have a loading effect on the charges. The audio
then gets passed through a BC 547 transistor which amplifies the sound
around seventy times. The BC547 then passes it to the base of the
oscillator stage.

2.THE OSCILLATOR STAGE

        The 47k resistor picks up the pulse from the transistor and then
turns the second or oscillator transistor ON, but the 47k resistor has a
value so that it will not turn the transistor on fully. So the feedback
pulse from the 10p capacitor turns it ON fully.

        Normally a transistor is turned ON/OFF via the base, however it
can be also done by holding the base firm and differing the emitter
voltage. In the FM bug this is whats done, the 1p capacitor holds the
base firm and the 10p feedback capacitor differs the emitter voltage.
However for a capacitor to do this the emitter must have a DC voltage
that can be increased and decreased. The DC voltage is about 2V and the
base will be 0.6V higher than this so the base voltage is fixed at 2.6V
by the 1p capacitor. The voltage does not rise or fall when the
oscillator is operating only when the audio is injected into the base
via the 100n capacitor. This is how the circuit works and continues like
this at a rate of about 100 million times per second.

        The oscillator is designed to operate at around 100mhz, however
this figure is dependent on a lot of factors such as the 6 turn coil,
the 10p capacitor and 470R and 47k resistors also and the figure of
operation is about 90mhz (my FM bug operated at 88.5mhz). 


GETTING THE BUG READY FOR ACTION

        Ok so you have built the bug now and are ready to use it. Well
first of all you will need some sort of FM radio. Alright put the bug
next to or near the radio's antenna. Turn the bug and the radio on.
Alright starting from the bottom end of the radio's FM scale. Slowly
progress your way through the FM band. Usually your bug will tend to be
around the 85-95mhz range. Once you hear a beep (because your bug is
close to the radio) or any other strange static noise stop. Alright you
might have been lucky and your bug is exactly tuned already, however in
most cases you will need to adjust your bug slightly. Using a small
screwdriver slowly turn the air trimmer, whilst doing this babble out
some words, stop turning until the echo of your voice through the radio
becomes crystal clear. Your bug is now tuned and you are ready to put it
to use.

        You might have some problems with your bugs frequency being
exactly same as a radio stations. No problem, by compressing or
uncompressing the coil you can change your bugs frequency. Use the coil
method if your bug is in the middle of a few radio stations frequencies,
if you just need to move it up or down one or two mhz then use the air
trimmer. 


PUTTING THE BUG TO USE

        Many of you already have your ideas on how to use the bug.
Remember it might be illegal in your Country/State/city to use this bug
in the way you intend. Hey its up to you I dont mind, however I take no
responsibility if you get in trouble.

        Anyway here are a few "friendly methods":
	  
        1. CHRISTMAS. Yes it will soon be that time of year again, and
this time also brings a great opportunity to discover some of those
family secrets or maybe even find out what lame presents those relatives
have brought you and save you from the disappointed face they will see
when you open it.

        Okay put the bug either in the pot the tree is standing in or
fasten it to a branch relatively close to the bottom of the tree. We
place it at the bottom of the tree because the antenna needs to be
extended if we want really cool range. Okay put the bug in its position
and then unravel the wire all over the tree.

        2. TV listening. Okay if you are out in the backyard whether it
because you want to, or there is some chore that needs to be done. You
can listen to a favorite TV show, or a basketball game or such. I know
your saying why not listen to the radio, well you now have a choice of
listening to a radio station or one of the 10000000 TV channels your
state offers you.

        Set the bug up about 3-5m away from the TV, then adjust the TV
volume so that it is just right to hear on your radio.

        3. Bug-a-friend. Okay you can bug your friend to see what he/she
is up to. Okay you will need to know where your friend goes and then
previously go there and set up the bug and your listening point. Make
sure that you set up a place where conversation happens, it is very
boring listening to insects and such.

        Conceal the bug anywhere within a 3-5m radius of where your
friend talks and stuff. Now conceal yourself and then sit back and
listen.

        Now there are a few of the more "legally friendly" methods,
there are thousands more not-so-friendly and even malicious
methods <Oooooooo> that I will leave up to your imagination.


CONCLUSION

I hope the information contained can help you successfully build a bug,
and then good luck using it. If you have trouble just e-mail me. If you
can not get hold of some of the components, you can order them through
me. Also if you want a bug, but dont have the electronic skill to do it,
you can buy pre-built bugs through me.. just e-mail me. may the force be
with you

                        Obi-1.

------------------------------------------------------------------------------

My short time as a hacker.

by Kwoody
  
  I live in a small town in northern British Columbia where the city
  owns the phone company. All of BC is serviced by BCTel, except here in
  Prince Rupert. The phone company used, up until 1991, mechanical
  switches, no lie! Tech dating back to the 50's sometime. I know this
  because I know some of the workers of CityTel. (The name of the phone
  company). Because of this they were not able to offer all the goodies
  like Caller ID, Call Forward etc...and it was easy to hack then, not
  the phone company, but all the other systems in this small town of
  16000+ people.
  
  I got into hacking sort of accidently. I have had a computer and modem
  of one kind or other since about 1983. I moved here after high school
  in 1986 and found a good paying job I have worked at for the last 8
  years. One night night in 1990 I was sitting around with my roommate
  having a few beers and decided to call a buddy of ours to come over
  but I dialed the number wrong and got a computer tone. Cool I
  thought... I knew the numbers of the 2 local BBS's and that wasnt one
  of them.
  
  I fired up the computer and called it again. I got the prompt: 
   Xenix 386 Login:. 
  
  I had some knowledge of other OS's and knew this was some kind of Unix
  box. A friend of my roomie was going to university (UBC) and he
  happened to phone that night. I chatted with him for a bit and told
  him what I had found. He told me to try sysadm or root. I got in with
  sysadm, no password!
  
  I found that I had complete control of the system and it belonged to
  the local school board. I bought a book on Unix and learned as much as
  I could about the system and Unix in general. I guess being a rookie
  (read lamer?) and not knowing shit about how to cover my tracks they
  discovered the system had been hacked and shut down the dial-in. They
  went back online a few weeks later and left sysadm wide open no
  password again. I could not believe it! Even after being hacked they
  still left their system open like that.
  
  By now I was hooked and I wanted to see if there were any other
  systems in town. I could program a little in Pascal and basic (lame)
  and tried to write a dialer of some kind. No go...so instead I figured
  out the script language of Q-modem and wrote a 40 line script that
  worked. It dialed all numbers sequentially but I did not worry too
  much about being caught since the switch they used was so ancient
  because they didnt have caller ID or anything like that yet.
  
  I did not know at this time of the hacker community and some of the
  programs available that would do this already. And even if I did I
  wouldnt have known where to call and get them. At any rate I had two
  computers an XT and a 386 both with modems and two phone lines, one I
  used as my normal voice line and one for data. I setup the dialer on
  both and away I went. By the time I had finished scanning both the
  prefixes, 624 and 627, I found about 30 computers. Of those I was able
  to get into about 10. All of them used defaults and all except the one
  below were Unix boxes.
  
  Although I did find one number that connected at 1200 I think it
  belonged to the phone company. After I was connected nothing would
  happen. I tried for a while to get a prompt of some kind then suddenly
  a line of text appeared that listed two phone numbers and some other
  stuff that I cant remember. So I just left it alone for a while to see
  what came up. It soon became clear that the numbers in one column were
  always one of 4 numbers. RCMP, Fire Dept, Battered Womens Shelter and
  a second RCMP detachment. It looked like it recorded all calls coming
  into those 4 places.

  One hack I did was on a system that dispensed fuel. It was called a
  KardGuard 3000C. I knew of two places in town that had these systems.
  One was where I worked and the other was our competitor. And since I
  knew how it worked it was easy to get in. I saw their volume of fuel
  dispensed and such and could have done really nasty things like erase
  their transaction buffer or get free fuel from them. But I didnt since
  I did not see the point in hurting them or their system even if they
  were our competitor.
  
  For those of you who might find such a system I'll give a brief run
  down on it. The hardware is limited to 300 bps 7E1 and consists of a
  few things.
  
  You can tell the system as it announces it when you connect: 
  
  KardGuard 3000C Motor Fuel Dispensing System. 
  PASSWORD: 
  
  The system uses punch coded cards read by a card-reader. You have a 4
  digit security code that you need to activate the pump to dispense
  fuel. Everything is kept track of by a computer that reads the amount
  of fuel pumped, date, card number and a few other things depending on
  how the card is coded. Like odometer reading or car number.

  Now to get into this system via dial-in all you have to know is the
  Serial Number of the system. All of these type systems use the serial
  number as the default password to access it via dial-up. And its easy
  to get the serial number. If you know the location of the card-reader
  go and look on the side of it. Generally the actual card reader is
  housed in a metal box. On the side of the card reader itself near the
  back is a small sticker and the serial number will be written on the
  sticker. That was how I did it. I just went to their card reader and
  took the serial number off it and got in.

  Once in you can do any number of things. Shut off the pumps or
  manually activate them without a card and get free fuel, see how much
  of any product was dispensed. Products range from 0-15. 0 being
  regular gas, 1 regular unleaded etc. It is fairly limited of what you
  can do but you can do some nasty stuff to the company who owns it if
  you know how. A note to this all commands must be UPPERCASE. And all
  commands are one letter. Like E is for looking up the 4 digit code for
  individual cards. I dont remember all of them as we upgraded to the
  latest version of the KardGuard which supports up to 14.4k and is a
  faster system.

  After about 3 months of this sort of stuff I was at work one Saturday
  and got a phone call from a Constable Burke of the RCMP Special
  Investigation Unit.
  
  He informed me that he knew about my hacking and would like to take a
  look at my computers. I told him that I didnt know what he was talking
  about, he just said we could do this the hard way and he could get a
  warrant to search the place. He wanted to meet me at my place in 10
  minutes. I said ok. I was shitting bricks by this time. I phoned my
  roomie and told him to get all printouts and disks out of the house
  and take them away...anywhere. I took off home and got there to find
  my roomie gone with all printouts and disks. I fired up the computers
  and formatted both HD's. Formatting a hard drive had never taken so
  long before!!

  I waited for like an hour...no sign of the cops. My roomie came back
  and said where are the cops? I dont know I told him. I waited some
  more still no sign of them. I got a call about 3 hours later from a
  friend of my roomie and he asked if Constable Burke had showed up. I
  asked how he knew about that and all he did was laugh his ass off! Now
  I was thinking joke...bad joke...and it was. I managed to find out
  that this "friend" had gotten someone to pose as a police officer and
  call me to see my computers regarding hacking. Well the guy he got to
  pose as a cop did a good job at fooling me. I guess I was just over
  paranoid by this time. Plus I was really pissed as I lost a lot of
  info that I had acquired over the previous months when I formatted my
  hard drives.
  
  I guess my roommate had been telling a few people about what I was
  doing. I was more than a little pissed off at him as I had not told a
  soul of what I was doing since I knew it was illegal as hell. I got my
  disks back and burned the printouts and laid off the hacking for a few
  weeks. I started up again and was a tad more careful. I didnt keep any
  printouts and kept the info on disk to a minimum.
  
  Then about a month later my roommate, who worked for our landlord,
  came home one day and said that our landlord had been approached by
  some RCMP officer regarding me and my computers and what I might be
  doing with them. I said is this another joke? No he said, go talk to
  him yourself. I did but he wouldnt tell me much except that something
  was definitely going on regarding me, my phones and my computers. And
  the RCMP were involved.
  
  After asking around I found out that quite a few people knew what I
  had been up too. All they knew is that I was some guy who had been
  cracking systems in town. But word had spread and I still dont know
  how the cops found out or how much they knew.
  
  But after talking to my landlord I quit right there and then. I went
  home formatted the drives again, all floppies and got rid of
  everything. I had hacked my way through everything in town that I
  could in about 6 months. Also by this time CityTel had upgraded their
  switch to some of the latest tech and had Caller-ID installed along
  with all the other goodies you can get these days. It was definitely
  time to quit.
  
  Not long after I started a BBS that I still run to this day. I figured
  that was a way to kill the hacking urge and be legit. I dont live with
  that roommate anymore. I'm married now and still think about it now
  and again but have too much to lose if I do and get caught.
  
  On another note about 3 months ago I was at work and dialed a wrong
  number. As fate would have it I got a blast of modem tone in my ear.
  My old hacker curiosity came alive and I made note of the number. We
  have a small lan at work that has a modem attached and when I had a
  free moment I dialed the number up. I got the banner:

  city telephones. No unauthorized use. 

  xxxxxxx <----a bunch of numbers
  username: 

  I hung up right there but it was interesting to see that I had found
  CityTel's switch or something of that nature.
  
  To this day I dont know if there were any other hackers in this small
  city where I live. As far as I know I was the only one that did any of
  this sort of thing. It was fun but near the end I could feel the noose
  around my neck. And I quit while the quitting was good.
  
  Today I help admin our small lan at work with 2 servers and 8
  workstations and the Unix I learned hacking helped me when my boss
  first started to get serious about computerizing the business. Since
  then I have been able to help setup and maintain the systems we have
  today.
  
  I'll give the specs on our new KardGuard if anyone is interested as I
  know they come from the States and there must be more than a few out
  there.
  
  kwoody

------------------------------------------------------------------------------

                          USING ALLTEL VMBs

                          By Leper Messiah
Ok. This is everything you need to know in hacking AllTel Mobile's
Voice Mail.  The default password on all their boxes is 9999.
Here are the docs, word for word.  Enjoy!

-----------------------------------------------------------------------------

Features
-=Basic=-
Accessing your mailbox
Changing your security code
Recording your name
Recording a personal greeting
Playing a message
Recovering deleted messages
Playback mode options

-=Enhanced=-
All of the Basic Features plus...
Setting up your greeting schedule
Replying to a message
Redirecting a message
Recording and sending a message
Creating a broadcast list
Personal greeting schedule

At a glance

VOICE MAIL SET UP                    Press

To change your security code        8 2 3
To record your name response        2 3 3
To record your personal greeting    2 2 3
To edit a greeting in your schedule 2 2 7
To activate your greeting schedule  2 2 8
To change your playback mode        8 8 3

SENDING AND RECEIVING MESSAGES

To play a message                   1
To save and play the next message   2
To reply to a message               3
To redirect a message               7
To create and send a message        3

Accessing your Voice Mail

1.  Access your Voice Mail.
    From a cellular phone press
    # 9 9 Send.
    From a landline phone dial your
    cellular phone number, which will
    automatically transfer to your voice
    mail and press # when greeting begins.

2.  Enter your security code.

Creating/Changing your security code

1.  Access your Voice Mail.
2.  Press 8 for Personal Options.
3.  Press 2 3 to change your security code.
        * Note: Your security code can contain 1 to 7 digits.

Recording your name

1.  Access your Voice Mail.
2.  Press 2 for your Greeting Menu.
3.  Press 3 3 to record your name.
4.  Record your name, finish by pressing #.
    Options
    Press 3 1 to play your name.
    Press 3 3 to erase and re-record your name.

Recording a personal greeting

1.  Access your Voice Mail.
2.  Press 2 for Greeting Menu.
3.  Press 2 1 to play your greeting.
4.  Press 2 3 to record your greeting,
    record your greeting, finish by pressing #.

Playing a message

1.  Access your Voice Mail.
2.  Press 1 to play your messages.
3.  Message will play.
    Options
    Press 1 to keep this message
    as new and play the next.
    Press 2 to save and play the
    next message.
    Press 3 to reply to a message.
    Press 4 4 to replay a message.
    Press 5 to erase a message.
    Press 7 to redirect the message.

Press 8 8 3 from the main
menu to choose a playback mode.*
Continue to press 8 3 until the
desired playback mode is selected.

        * Note: The system has three playback modes:
        normal, automatic, and simplified.

Recovering deleted messages

To recover a message that has been deleted: **
Press * 1 to go to the main menu,
Press * 4 to recover all deleted messages.

         ** Note: Deleted messages can only be recovered
         before you exit the mailbox.

Replying to a message
From the Play Menu:

1.  Press 3 during or after a message.
2.  Record your reply finish by pressing #.
3.  Press 3 to continue recording a voice message.
    Press 5 to erase a message.
    Press 7 to select a special delivery option.
4.  Press 9 to address the message.
    If sent from a subscriber's mailbox,
    the reply with be automatic.  If not, enter
    the mailbox number.

Redirecting a message
From the Play Menu:

1.  Press 7 during or after a message.
2.  Press 3 to continue recording a
    voice message.
    Press 5 to erase a voice comment.
    Press 7 to select a special delivery
    option.
    Press 8 to play the original message.
3.  Press 9 to address the redirected message.
    Enter:
    a. mailbox number
    b. broadcast list number.

Recording and sending a message

1.  Access your Voice Mail.
2.  Press 3 to record a message.
3.  Record your message finish by
    pressing #.
      Press 3 to continue recording a
      voice message.
        Press 4 4 to review the
          recorded message.
        Press 5 to erase a message.
        Press 7 to select a special
        delivery option.
          Press 1 to mark a message urgent.
          Press 2 to mark a message confidential.
          Press 3 to select notification of non-delivery.
          Press 4 for future delivery.
          Press 5 to delete special delivery tags.
4.  Press 9 to address a message.
    Enter:
    mailbox number
    broadcast list
    0 + last name - 0 + first name

Creating or editing a broadcast list

1.  Access your Voice Mail.
2.  Press 6 to access your broadcast list.
3.  Press 3 to create or edit a broadcast list.
4.  Enter a one- or two-digit broadcast
    list number.  If new list, select any one-
    or two- digit number.  If editing, enter
    the one- or two- digit number assigned.
5.  Enter all of the destinations.
    Press # after each destination entry.
    (destinations can be mailbox
    number or broadcast list numbers.)
6.  Press 7 3 to record a name for
    your broadcast list.
7.  Press # when finished.

Setting up your greeting schedule.

1.  Press 2 from main menu.
2.  Press 2 6 to select your active greeting.
3.  Enter the greeting number you want active.
4.  Press 2 7 to edit a greeting.
5.  Enter the greeting number to be edited.
     Press 1 to play the current greeting.
     Press 3 to record a greeting.
     Press 5 to erase the greeting.
     Press 7 to change the time
     interval for this greeting.
     Press 8 to review the time interval
     for greeting.
6.  Press 2 8 to activate/deactivate
    your greeting schedule.

Message waiting notification

1.  Press 8 for Personal Options menu.
2.  Press 6 for Notification Options.
3.  Press 1 to play notification telephone number.
    Options
         Press 6 to enable/disable
         message notification.

AT ANY TIME DURING A MESSAGE             PRESS

To rewind by 6 seconds                   4
To rewind to the beginning of a message  4 4
To fast forward by 6 seconds             6
To fast forward to the end               6 6
of the message
To replay the date and time stamp        8 8
To stop and function                     #
To return to the main menu               * 1
-----------------------------------------------------------------------------

Good luck hacking.
-- Leper Messiah

-----------------------------------------------------------------------------

Hacking At Ease for the Macintosh.................. By: Ace

Introduction:

        Some educational institutions and businesses use At Ease to
discourage the pirating of programs and access to sensitive files, and
generally screwing up any fun you would have!  Wouldn't it be nice to
know how to be rid of it??

How to:
        Well, this will tell you how to remove the password for At Ease
so you can gain access to the Finder, and also let you change the
password to one of your chosing, really screwing some one up.

        First off, the computer you will need a copy of Microsoft Word
5.1 or 6.0  (Norton Utilities Disk Editor will also work,  and I'm
trying my best to find other programs that will allow you to do this).
Launch Microsoft Word and go to the "File" menu,  and select "Open".
Now change the "File Type" to "All Files".  Navigate to the Preferences
folder and open At Ease Preferences. It should look like a giant mess.
Somewhere in there is the password.  It doesn't really matter where.
Select all of the text with Command-A and press the delete key,  and
save the now empty file.  Restart the computer.  Now you can select "Go
to finder" from At Ease's menu.

Other Programs:

        You can also use the following program called DisEase. There is
also a HyperCard stack that will bypass At Ease.  I have used them both,
although I feel that using the above method is better.

            ___
          /  _  \
         /  / \  \
        /  /___\  \ce
       /  _______  \
      /  /       \  \


(This file must be converted with BinHex 4.0)

:#d4TFd9KFf8ZFfPd!&0*9%46593K!3!!!#iE!!!!!"Dd8dP8)3!"!!!Z'h*-BA8
#r`!!!"Err`d!"d4TFd9KFf8!!kB8!0phS!!4QKS!!!#!!!!!!!$RQdl"G!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!rrrrrd&38%a&390&)3#SX5K#U,)ak!!!Ah8
!!!!!!!!YP3!!!!"j!`!!!!!!!!!!E$d1!&h(r2bZe8l@f@95I#BhbSpfRTQlBe[
GZRV*IQ9bSprES-Z&df[JCqmPT`0qRTYYSl9`F1ZHk'ffA-rG'BYZdmh@@Mc22B!
l$RR#(H@AF$pG#19#YJrZK,aL9`cbK5mm9V&0&mVGP(YHjbP3A8F[Z9m'0cbI,(Q
Jj1#41AcbN!$F3JD3!"')6q"h8PH-5Bba$`mcGJrH[PeSiT&&LDFRr84p'`Y1"`T
H-XZcQpSAV@Z[edU,Si45[DkYBqA5Q[!%i(X6Pji[IrK2h%jY*r0,JZVrURhm)I@
qG&NM4TfhhhBBFab8MT2Mj1"e831I@rZ*c4c'@MUhEVe8CEXkHc@(bj86S%Hrf3*
rjKa@cE)V9cXCUl&Nh[Lqp1D+fXC%G*kcE'qcNdVel4TMFPE#fE3J-Ijj6&9JDM'
ImQ&U!&1I5eGcj-m4HZ9cqB%2e6UCb[XU1cpPE`2c,BXHU'rTB!`-Kl3@PM0[%`X
i)kK8Cf`HZ$K$U#UFi95,-p6U2pELR&R)H$f%HJce@EFHAXM5KdU+@3ja*E6HQiR
Pam'bE9dMP!6$-HY3Vk%"imJ6M6Q%e9Y3&k!khCjU(YpEq9cfTV9lA'f@YL5hYA4
`E8Vb#j[(pjANpqSPqCA2qDhL6rG'#QXV1bYA-jC66+jTr#hV8+#B69rDYj!!pGj
49$[q#0ImNI6Q"EAMZphH&[3qZA!HIqqZI-jhSq$k@'TGbmDYpAI@lh#Y3%TP"1H
FHBb02l'kcfE[6cJ1&#J!Ef"qdYjQEZKSHQ"G"pN@H+`#hS%[8CAN3(e@q9cZPk(
TdbAPL)*ZG)p3PbC4IaV[ahSrC68Z,'IGm-6(hlH65H02eA!p2V1L[ReECpZ'qN9
YEG[D`1iVl(#UQ4hZI5Yr(P"k'Qk`EPPBlMMNQ'Mcq*-P1GDKG0hlDXGheJ9l[c%
jfpY+-aacC`0Mhih1'pqERf!jkaPl,RQHpIh`,CP9rN"N!r#kHqI#(`m"j5'ipI%
YM2hqQN4MpHDX&BR0UqYb9L8f-rC`AG`k4(Lp(rSI(T1HAEZRVJ+6F-$i!I6ZF([
$k-9)*HVhIVeZ$[!1Y$TpmmEr'AQimVQ-!B3!DRpG,["BR4qp64AcaTpUC*Q4bNl
RV*2#qaKr[q'FGXj8VXi-Pq4E,FjB&)N#$ImF'[kBkhCX`Fk"!@HB9fGj0E*Jjk2
h1ZFAl0bpfaRM9FBk"$IZXJkPYMY1lml#@UZapaR5)G@5'8Ph`2Zc5[,6l4bPqh"
q8DdcC+hK#,,@l!ceh&U5MdNC$Xm!F4MDIURh-kQY,&!bcaNk2$29l!`I"S2HAHL
FVh`Zkd[hlUR,KDrEJ$M@qpRm&LBjB`f$32KGcZFfMSZ8"2[fe(B@6Up(G90k3pd
F9j&jQGFA3QPdahSA@ifmrLDPZm!85B8N[DZqTG0XEGf+U+,%j1l)hj),Cf5*h(%
6MA!@0a(-"-i@hCq3!+6'i1BE9L5fA!Zfm',Qm4SS*hV1NCSpm-RmLcPDHpH1@Q,
L*RlUCllCFeTBS,#&j6r%SQTMhCElILI4Q,0jlGV%jTUkk"qICR,$XT+mG(Y*AUq
HfM,K&kiiCPbr6(ZJq&1pN6SG161AjA,2c#d[L'CY#5#Pj,TFfPfLcc2T)HRp5jL
kl+Hcqk"*"m[re-S1E)Z3!,8$#abc[T)j6AZ$-e55rb'H"V`DiGAj$e%Q$(f)dZ!
-ViBVJ0I)T$2D[-cT)dqcR!BQ[8(FZIY1TpXVjQ@HET`MNZ0`[TFC&iDdjXcT&$D
TN[c$-r(1J@0QHM23mh2TJeCMqP(+#1`(mpP59%[Br[3KGf13!+6T5)L(A$C2%XZ
D2BeCB(lfm#aJ202+![1!4,[%Pi"b9#3$9i1m-B3YDI(D2@jU#*Bl1-[Gll#%Jl0
QZbc,rcG,hmR,,$F`UMiRVEh)-JrZrCTJHIl(rj8PI#6p*jlE2ClN0BRe2ZpjlI`
M,[0E1229dYhT3eSq'1D8j00NqLaa5Mm+[ckEDXimRck,DJ$GiiF,h*QAq-b2d$f
*Q@+ifmh1[DYD0f,$Ueh9dY(8XE9qBkR)Y*(8cl,C(GM!bl&[4jHBTc+I[bhR8pM
$Si[08mkpa6Pld)0Z)`ZR4E2hEXml[*!!4DGP*D50U,1c%Z`T-C-qa"8fV%2B1B#
'A2Ka5EQ'J`AD3+aE8YXPGRK48@hQ0&*[%Z29+aLp)F)3EKKpJ()*Q`T9"FX'f8R
R0#Rjk@4E2C4Fdp5bFGZ$3X@KNQahhmm&,h",hfrG![A"%5lj5N8"FLm)(YqiiTU
k"`LYYbd+V#2BqaYbd6Q2cYR'HbmcZ,%LZf(fVcNm*0AGGJQViBD+l-CVIqh5KpJ
mm(@'V9Yk1i$c-($8Aq-)9Gl9X""Ek*'E@(ifNaU3!,dmNrbdNIYZUX0@a[[6H*p
hiE!hm$k&pmrG$IeKE1L2)X%C1cl"lLA"M[fTUqil'I,I(5)B6$RN(3l[1)4M[H1
3!%YBIqZ3!(G`,MY%+1$ZJ-8&2#IXECI6$UF[f!-2UpM2dhKr+IelVFkaj[%[,f5
mqpR*1HV`@FUfcr)-AiqC,q0pQ%p64b"1cK$fiI4RLIZMLp[@0GF[j@G4QGG,XR(
Zp'fF4$8l,r+6U1rbNkJrGBC4(A91SIUKFhVHcZD'M@h1kpJ+bpZE'PZJm1YJlLH
PSq8j0kH[[D1JBNP$"mf[UhqJSk6mrXkQ$Tl01#AKQ6S8,Fp6ACaPY%8l3hLISQd
$A8TCC'qdI-Ce,NBKa`!lfCqqePSM'%cd6SPHUe6A&Pe#*d'CebZIBdrQ,aPrBL*
p*%SEeM142M,[laAR3jRAN6bRm4kF1KrLh2k4-bXZcTcNZrabL'afZ)H+HQf`)&T
3)6Ak$bfZNlqiZ(Khj3mkC+efS9b5mj8h1eMPH@GBfmEm@JR,`4BaU09@9e8H)qI
IA995[V*Q4B4frGiH(4ZmT@J&MEU@d+UMXf0dMR$Yea,VJkeXTGQB&CMpJlkkXi(
!LN42FH9pB,'RmPM&G[Qa,AUdR1hpiQ)pKIU*3iZrr[h'J&kVe8B,5UEhl&fBB2l
+6Z+2D8P2e@Aj3RQba0!0[*CBQE$@,[qq-aE$CUpYPjmZfqPNQ*aIb"`f[G'U+'3
j,4TQ(#CcTY%bC"Rem[60"RSi4kfld@VLL$+`!SdjQ2*M+JZeMmQBpHI2Cl*8dT)
EQ#q9V%L%%LbEFjQC-jrjmr6'V""abXRI[Y#4(eX[ZY-$mq@Ec221Kf2B*BjSDrU
GX49QQFPb+qE,Rpdb1cKIZJ!*VmQAX(2N3VIMS8dXQmdSfbi(f-b+lEkcc6DBc`4
kZG@i(1KD9HRfh,9XGQ[1Nh804ZNQ&QIA2TRGF%0i%lZ(4F-l&keBHLHlX9A#G&E
C*RBYQeReeka,@kVAhPYear-rIk6b"cL9IK(E[53fZiG`AYEc@bZ@j#pKdj[2pQa
!RMbAENPRHS1pdGi"*-T(N!!l1,[@#RTLk@UJ"Gac3cUh[EpQ$dHHe[ac#qGYf*p
ZAl#6&BirLFl1pbA'HrMH1TG[iR,[mpJqRqAEjeIBNhc'afHq`8r(-)20k6DDmjh
k&CE[c5YBl[RD6CJk2S@%ma@D1HNKdBB($3f@LqTHCY&j3qBPp1Vja"qk%`1YqFH
D-pr''6A9ck-H4[fL@q1NND2mL%pred9jbChq8lIq2U(Jp1ECRPY4IB0AahPeXZG
@D0'&pm2&a@,6rZ65PUD1TR9EQlSSHhYaAXV2+ri%fQ&,%GV4b4ek(k#kT0aHXAT
&ledF4q)iTcb0-Aq+F(Tr'bI$iY3Ufi,hm(k'YVE-9rQ')2%cNUq`IGK2F$kre3m
rhe"5RUj$'Mc(@QpLlfYa4M02SaV*2,0f6b"El(Tlee3Z@YUqY"N(JmdipklIk*l
BJH1KN[)epU,&#mYPeYXcVaERpP$ZMS,m*3j1lMMc)h9qU("%-2R%QNe0'cB4iL3
$1TNX+'Cjd1@6a#"DRRlL#iZr1ZL-VIkHRHeTm*QDYR@YjJ2VQVDZ@mm2(TR-cr2
arTbe2EIL$ip#33-Ee`j+Ua5fK03DE'D5IV[cDZ@r$$#YQ@fYh0XlI2HHN[*l&Uf
SJNipaKVUfQD059eYM9DYEjqHBkbSQaPlT5%hGN1GE&e2QIZYrSE"hLrfIT'MV9L
%hBr3HQl@UPp,'$2UXQ+cr``-XAf-p(i4'dTYE(CmpT'eb2Vc&9CMTR*)'h0R(Vm
iFpkGX9TbpjV0@FF5jK$1K3)dbaJf,(q*bI`k0Uf5@QMj-`U`19,+HZNlKH`f+EA
SqrrQ4hE+XUbq&iip[1bRV&`[!20h88Ya2XiqMrP2rphm6Nhk"i5jrc#I2mQJSR[
cM4@l0ZIEhIBZ6'US1QhD@UrP%jfBcH@6@CMU,1DlaGHk0f6TV*99GKjjG(eqp`Z
T4)aCL95LX[0VMkkrSCMhD#Uej!k@@[,B#p(Xe**BGQ8R1H+ehDpp!LJMh5rd24V
c[GKAl%XY1GUA@[,$4qYcpMfmhNqF9bEUAUqNBqBH[)mJ14j"[4G[MIRj1H)3fqI
@iPaaL$hReMm@Y83RpP62GHY+Yfi4Y9`SD[mh8FZp3p05SXlqT+Mcbphk@9&,Bfj
p305-SIC4cA*c6V)Xe26'dETh1BKm3Jqr)M9e,@VLqT!!1mrB,*`6apM6NSeYeB2
MGkPQXd*@+-ACN!!f0CJET4$Y[R)e+KYLj1#H8J$86rSF"`$5%b-,hqVa*kBr-ec
lCPUY[[A+QqCS2Zf[RTiHAXjlK%P[`UHh+p+[RfbcZRSCK%D,Uh2M)R2P)QSZAN%
,!kQd0&NC%4fm%p3Sk$[jXFa(-miEhh[MHaRRYHm-rM6cd@k`p%J9p!PMA(RFmAG
eCc01R$L"%K8pVq*pR0H$Jlr!Hr$%kB(6,jmHQ+TrJIIJL3(8!e3lU*h"9`HGFE`
c*dkm6"51!TSr[j,GFr6I2k2LQ@LZlYV4Y@1('"TcKeGe6I6(k0Qa@Y68[qfffmC
@V4,eIqPhG8hdrk+SU)Mk[%ErP5,('H[D)HUadI(aF9LSUd[8Bk0GA9fVGU!J99D
Y%U3[2[p0hPpj3(,kN!"a5'J@B#2XQUXMj-qlr(h15CEY$,R4Hc@"jcH-*bmkrY0
$kFAcbhe1$*`B1(lmf-6imCF(AXEM$TmiMZ'"P`FSi5MMMJr300i$aemq-A"8M#(
94(f8jJF'MJi-L2VSmH18D%G2[#aUc*mH'1LMH9krH[a5rmVmZhKZrf@h"Mm5M[U
m"Kr1'h`prTrQr41L4Vpm`(')$kr4[ichjiF22q1-RcJKkU-RALAGIJ(PH3fpi39
5'Li"*)K"mCH4hc!)pEd-rpXXrlm2PUfV46cZ5M'jFe`HAleU94HpmAX2J)q[S[F
1r0i"%*X+(ke#bB%ZNX8ZX30MH(CJ%0-##'5`AD!l0V(Pd%-F,r@"2iUGaAf`iQ$
*QHS$Ia3EMAL+X#+Y@Mh9VaSEhB%qYL!mc-1Il+m@q*2c9DZUhZPcrT0pN[LGrYJ
SmIdEIPeAjV&8AFB(hr1ZPc#rHMA`*[Y#RdQpi4R-Ap'IYMThR[1El'-Hr&j"LrB
86jq,r5[mi1mVr'JV&)ZK3dXUha+p2[QMDh)aK+GhV*lU%ckYN!!`I"@0dT)VXS4
ERIa2NR@YjYP44IKm&LJdmGlZq6phdDY!2$0a6U1bEdR0V0ZfMp$Tc16%`qi%A3D
KTj@0XNHNKAkjkNkai$'E98S,Gm[hLD1MD[6ASjr2l`KVPFrIVYe(ph9dGqAqHhc
IQ6T`TH0DN!$&K3&F*[ZC02Z1BKE%*FfCZ2DC[f8p,JVl@ZipPSJZB&Q9&m!JK8-
VRHAH[BFI#MmrTeE,DbcAlZbTZ291A!Z1iE,GpdUbF3#BU+kU-eEYi4I"jl)(dUG
`a8KYPHBPQ&SAp&#NIG99VBaQPJh1lRD'kES),M6Ndl86jpA8cpKX+*&[$MU[*Nq
cJ2B6l5GcYV+(YCA43TEeJaBJY$K[d&9`D6FkJqR(d`I5rccpjqLpQ[i#CrdIF1(
Up94IV0JjQATKlki5A#'(VVQT[K)FE%V2cdPSHH#V0JB)V552BriP,U(qK$V!2TA
UXlYaADmBPm&i*hf5)mePEHRM9,8kZ!$&d[ralMhT9qE8dJ63MjINY8TmMY!``I%
iVr5ri%VYKpl-q6%GIBZ,K"*GMXeThIU&Q`T6@RlMeQJ4bi*Z4EK!#0hDVMQfke4
h-IZ,2DR[BG+2b4$0k8b$Lq6m,p`d,i9,`cRDXTk#9PBAjGIiF&8j[He@A&*PmJH
AX#aY@I9Zr8lbN!!*,iN1A3",Yf[jh(hmfJ,8'#6I3Bemce1NE@&Y54'8,),fq@P
i,[h[m2l*45hIF0&ad9HJ`lNjdEPFaI*ZpQ+L8G@f-TPddUV[K4,k+rSVZ+l,9D%
HCi%%%0IjFHdHq(!#VXfQ2dV)23@NEL(dG*N1dCALFU39%LZh)3Zk-japJ[QF6C3
4b8&RZ'Bh-B0lchkfa6Q2HKMeL28dric"-+i`2e+Bd2,A9VRSAm28%2F0,L%63[S
X($+8EKIZ4TVPi5+hR2lhP$R12F)A1GQ-h9Z&DkCj`$f1#r*l8,p@8p8UpbeT[*d
`k0S$TZP#kA'U8Yq&%ZG6IAV@[ZlAGLf8@N95B,)N(pKrbC&qdZS(rZb5['M@AQL
(+bJ#"5`j"V+%qlE2i9Hpk1LH(p[,"R[T"Fdbk$*"AbVaBYq26,T)m)-AY4`$"rK
)rDr4)Y!Gi2Z!KTrhT0`h(90)lae9L!N2m9)A6`%1N4Fk6Ymr[8I`([[(0hK1[8I
SlI'('!Pk4jbaK-(Na-fV,&(Ab+*1A+kV48h[L226%FMTeeM*X-B+9BhGp[ZDla6
9H&1IjM4rJA25M`XR`hLM,TMJM`IEP(H-6bG5U'@U"`DBccfdJfZqp5h8dhEcKf8
pb"q@,GCIPQ2cKdhAqF1ZqFmlj$@6TiedUi#G%AMdP2bQ,`M[hZhf#aAhNDr@dGF
[qJ!1m26Q04!QqL6j9(qASJ6qTZmiPrUS[EjKAF+,a%3I@`1EiZ2bprajKQ#T$j2
[h[f*r@GL)%Rp"MbBQ-!MpcFdE[r%r[e2N!#H&rdY(1lliG8+8[[+NidXZ`DR+&G
,1"1rc2eU$(G5a(R-4'UlU5bl+HcE[jqRYhmr(Y66U0krRf8e02"q0YASjlKT2pe
0qe`hlI2FY-ph8hl'2k6k93!H#3%jC@fejJ2eeN4A85$U5M[X*QR`ZSff[AM*)Jc
&1jCdfTCk2ieGCbrKiah@GGH6Z[YXNkYZ@1VeT0kqHR-IbPXMX@Z[,pbpZa[cqf#
DkFB+9I56EKri["mAr8KXeL@m0VHrj(l4Mi@Zli0+qaBYrcc+kEH!$qII+IMI![l
rL[S2h[m(SKqk[RHrii$2ja#DScGMRZ-p-+(A4dqFq+PcVV%4"rf1!chE5,pE1KZ
j#cXXYG&HNPbpTV'KCSRGBG[@G3mqZ0*Hp0ZGMAC(`dVd*hFSelGA)AKb2Xl2k@l
%Zj,kANl"`kk0DDA&Na#hSIifmA-i[X+X!$RE8+f!T0LQ"41JDbTa@`dV'&A$c!r
r"a8c8+VDCXL1++CL"XfbH-`-+UA"'X8U8a1+U8C+`dSiSZK+5&'NH%K466XF$+X
4-f$DDSJTIP8T"4d$ND)'H++%3S'!EB5Pd+a`)""35Je,!8Y9X@+4J")X9Aaf4&+
@5iUN5P)3@ULUSKY"b94#)!+@08UB+B#1k*4LFSaQG1#VbNT&3K93N!"R%UMiiU8
kBNleQj!!ae*Y)US%`dSd%$#93"$L!LmJ"94E#8TK99(#DLJ3$"R*T+%%3bEkJ8"
F!l%DDhN5%iTFTTLQ,flUX!8J!dT))aFTBG-S09GLaZ,V!%d%)9%LU!C-96AMLT)
`3f&&Kc@3!+e)9`81X0&Ar,SD9p95+fbBm!Bdm'&Y0293Z03(H3a3+N@GM%"99B*
&bZ#pN!#ZP*@Uj!89#LU5U8,A)%5)5J(6$#Pf+)c(,Je*9J,18[5JDUV35j%N+45
dbjB(JRB)RLJeH-,$4$"3Z"4@$+0T,P)L5U68Y"8,4Sr"6CB5$2K9%eb83#3-3NU
TCBGJ&b9%8U[+,-Xd`U@K*+`9P",a3#NS+k8Q*X-"-!VCF"X%S&KKLJ4-#l1)'UJ
Q+D8"-kB`+3QbNXq#bp9`h%3@3EP5#B6#bXdDHQVB9')5'Gj80F@dV6*P9K$4B+)
"5D3B!)Ah`NJRf-8dlB!8$"S"#+F#%NNL+6AJ,)'k(T*#(0T5T9$!#UX)28KL+9B
bS*Kq+%F`a-%LIj5#6eJbQ336Ni%P0Bld3B*"*eK#a8B89fa%8!Jr9BA1#"$%Jk3
Q5@0l1EN)ZX#!!!r$ENSiVUL"L"%[JqGK$6H)%8Vq)#NPUc8f021[L#YQ'I3A34c
#GFd`@EPDY@0*NaQ3!*0F1a(%*LLS5SfK*'(D@@@aZ'AC%"#j*S)Bp&@BLVJVUQ@
'c4!*JZ`33Cb%aq'M**)HrJF%P#&aN!!F2)L43F&S++MB&K`"VP*Te)4UX*m)BPJ
32*!!8XKE-f3'N!$EDY+@CLPZ%*2e*"11Kdf$XP*'CN+kFlY4%)-YV+Y)-&%5[*!
!!#5!6`ql33`AKT8D&Ei#ja#NK9HJ&eL))%CQdaT!+3AFm!H3!([Fq+Dk3S%$3NJ
d#j%%Am'#55aZ%8Sq43dL)V(eK0A5F%#'@`+'S[KM5&4!"5LfH')(%9%f6%f#mb%
%H,Jd'E`CKLUe&6880%-@'L3Up)62`!fl%(F[l6Kaa3UTDS)BN6PXb)L)8J2"P8T
5LGd-J$)*X8lNJY`FJ3M(aP*$U`Ul@9d1)@L#PK-6HaQ-EbPf')ST5X3U0A8+9F`
+F`"9$G&HJ4d#HTJ4'pTL3k!pLXb"d$!45dUC'Jk&&-PBC',l-#e6Y3-4'`+TjLb
EGJ2`J)U5A`AK1)5dVE#PK-RqYNPkQH(P)@9@`N61@qDXB%$&,&GBKa8X"$TD#U8
H8S3XKEd![L#&I8JK*43h*GK-X,6ML#6NP-hY$`("!"4J%*2VDJ0"5CEL63UESG*
5*@c8b)Z849Jb6"YlT4@bJRB3lSA#38KLJ!b3!'0)$0U5b$i4+j3)NIe*$MJA)cE
F5C6K+L88,,86Y&!"VBB8T-H%!L&9YU%%9,()JEST*@4b)RQ%Ee%8JE38U9#5far
,@8#*)ecmN9Q8Z)MR)0Ba#-6Y$`[@m*49E&5'BGp-L`Mf-pKBE$X)FT8@+`42NPC
EV'`JLDLh9jTa1%i0"d,KU)MTQR!iC+T*``S##Lj@bLaP%E6!aMFV@4S*Blq46&P
4lD$URK"-Bic1SA!bKA0SIN+&FqMpqaXDk%5,prQ*&[SidD+65*`I2(5eJC-)24&
@%MJcN3dpT0Zf(Nr%$0h3rC'bT&qA)lVI-R`a1fMSL6*0el5B*ZXa24baBVTY*(6
!ahA9X+c5B0Lb)Z#4X!cEXJ,m(#B@#`B6LE!H5qM"B$#Lf6+B"8')aB)keSTiSM4
XK28`FPbApD"Z@4Uc*%2Ab`KF0b`Y(06dB#!US4rf%A00$PUkCF6#ZQlTY2$L-%#
AbT+3!%8,QMEQ$GP1J#K1JI3)@1Yk8!Bji'%VaP'4T!%BleK3MYVaD&+AicVk`9!
#a'cEEm4d14Efa3`MA'CVXKpU5+!B*5DkCQK*`b#$q'RCj3G28P!cJV+PkTBGXE"
`k9&GmaZ*-1%CPK(%GUVjpA"#6PT@dX#A'$6LDi9a,UeUFLb#KSaV)$V-)a[4'&3
e)E!["Zp&j8K86j)A,!JD0R659GB-(2HSKKicV#JXD56e8X-IK,-d@ECe'`JiIY"
MrQ4F$rU6TEB1ij($B3%b8!4He0!dB+qB"TdYJi`1raN`#Sj3$&)Z%!8K2@,i,5L
Lkh%Ui!qrPSMSm4L$l%E)#N&T13)F#`B#[6M)"r''Al"hi56HJ(h!(q!5p&8MFPJ
aiU42R&bHL0K3&jN3#F-6$&mT)K86X)*%@U'&f,&p-4hU3aBd$#52$%$Z23f8C!Y
1`,Q5,M0,KA!@+-K`ZT'd)$(&3DNH)fK$0[@BbJ!!CVBK'rjB%,X+0#8BF,"PF)k
J(d!N+6!a'6L-5!T%'GaNk6)XBGY`-I,GJT%JL`8)*!TTEm21NN(k'mJG-U!186'
N3Ae`5#DMF$@PNQA,#S95f)+5%-l'VU0,YXmb)P&b(JpL,"JD@GNIXT2qH$J!1A@
i9[H#'+P*3CU``R'B0PRQXreq+dbj)S+Br'2#)*B'MH"D3bmP0@AiP!Ga(%cK)d3
Ih!1lJLU*!fH+)%B'qB)a'Dk!DNMS5%3P9r%-S5"'XL%3iDX`j%,1),GYR-YC%6H
)35KX`2(N#%Q1a-K-&M3NZe%3J`UX#er"1(#$35&LK+2-#f)p!)dY+%UHLI[K2Kl
LB#'#'-+4Gf&*i-*L0V)#!#SPC'N3L,UIJ59mKG#)iiC!$-N(6#E,#)#!RY4d"@D
`!K!KL83PlA%+3EV#)FK$k!X[d"c2IEm@-@)XS8H`h@&hm1YaRf&a8@%1(ZJD!Sb
lPr,--Z5BC8-T5)&%J$()k9E3(c0L%3DRBahN'a*%iqB)d#d95L"%(8jES#Hrab+
6d2#4$6,)V!38#qSDZ'Xbl4V%J*Z$!M)1'8"+J['d1!,CaSD!2BUE!c'+@0)M@-4
LXE"QfeJk$-5qE3@4f@4rj#NN!!m'rMLeXT+dV0N-N8(f0fc5bi"4i&Kb0F!Y1BM
GMV`Be#3i@UESKMbd(e++36j,dc5ZX!*B@5qc-BKd)CC)k&)%T3jcN!$#%"#F+'f
`NA"G,5!BC4JJKIek@36ETfeL(8@N3)&%`T!!il,ImXPFB6qbhZ5QLIKTcB'jD9@
+qq*3'2DRI+(%3+4&i&QS6eNImaPfN!$X6fP$#T,)Y0r&L#KB3#YD$reK!dI&X"&
jK1KKA4*,83*V#pNIbjN9M'#l##H`+pJ!#b,ISBXPNrfa-B)JV8B'a0)5GS)[)N%
rI1GZ1`Kb'iX9JXHJ*4$,08K'))`GMpJ3(6Yd0%,"LDd!34$AlDJYqmY!$3FTF35
@E[PJ4EY-LaU'M#8'I#`SB,&i4,-XfX5B*5FK'16JUlSQilamm[D4Hq)JZAGTC2F
ZMFqp3q0hlp!`G[2N9d*`'HH#T%ihefrVl0#+LqP68%c#*jM&mhjT!JP!MTqq9HZ
R6pfaj@,U'LEP8emc1c6hihF6)j-IfEDCC&SlY)TYlCZde,DfG5h&-pDd0AAJ8p2
DJddGQl5D68dY@l5NpS(LD2'-hUVQVI9JJqpMYE@f0EAAYmr95Mri`6,`H*Y0ZmN
PUM@eDbhE1V6@Y[TfI%TVk`jY@fYp5h%CrqUZaMmVVI'EfX@H00U'ECeE0h,3pI8
Db$8hYH!$R4Z,2q4pr9QV&i!VYcAADq$&KpUeG@fBK%ceE9Tc8hYl8dZMKJ[J'lD
eYA@fGK3AH[3fV@X(-8MDhVN"X1d0R4$P)Xhj(Y#$!#)9IS-c9p[B#AQfDHYDA$h
`3C-Ej"ZihHEMTmK12RIMK)IRZfpkEX,a%&eV&eL2Gq2+PG[le9'5$#aaqAh'dPG
i,6hc*lM'K5mK2FSIaVj66Eq*DeY6MmH*erlK`kbALUHSf%Y&)SXGIRX9IArTUN'
PRr81ShL+LVe8*2"aIhJbC)I%%P$#[[jH1RbG6iURKcf-pf-A8i)`(qrqKYX6pD@
8b!'@q-bqrR@k,XCRN!!5r%[mJLP9@$"i63X'eA685A8CJY[6Je!%(Pp3H#h`"JB
%hX#!`+0TU[IMfTQS"CjBB+J@H2[h#cbqeU"ZD""i$3d#MeBH83ZmKJD"4efUbmS
%APQC`#XV%hKPC3+[$)qS[D0Dlbh`D1N5YF"M61!*Qj!!fJ*,+%Sei9&0H&36RR#
&1%S@H-)IlY%bV`@Hm)HBTPViJfU"*rcK(N(c@Z!*Ia!,J5Im3EA!%rkJ@Z!*Ia"
EJ5Im3EA!%rkJ@Z!*IhLH%&ML,I#%2kJ@H-)IT*l`N!$`"p@%4cAK88ei3Q@UK6r
F"CIA!NmS4VA!%`c*$3*26,J,-Um&R[#(ZaDM&[kJ@Z!*IhK(pe3,21%23KGi`Kp
8#ccK$kS&R[#(Pa@H*`5@H!Xmi3qK"Xd)Ie!Y2#6m36AK88ei3M@UK6qS&RM#(e3
,21%2S5l9`KrZ!3'["Cj3Q'U"*a3K&`Jm`B"UJ5Im3CA!%rkJVX!6rU"Di!Pr8#h
`K$qm$2@b`[1%`"*[J5Im3Ha%jJTr8#dm*2a"0H%*&DJ@rU"Di!Pr8#h`K$q%@P3
,Ie!Ym)3rU"Ci`Kp#9DU&2kJ@H-)I9!XmSE43RfUK$08#6c#K@Z!*IiKUFVI`-Y6
,#Xm6!NZm*dpY[-h,fkLm6FREJ+BZS8aY)Yk'i@d1hNEJ*EfAi&ibHiRV*DQAN!"
HmRQ*jL@9Pd"HXRL*i5@"jh$2ZCiM2DGj$[+Fi5RZ+HNTj$(h'$(QIA$-qliE[cU
1jr"K8H0L1Rp`NC`rq&`%Ilc$0Zq#-Ql1ZFr9,KKj(eN6AjmM,[33&hU)#ch%K4l
L3JpaSBHiL%[CiMEl1kG!G(i`8@I['[fhScJaR-j'Ga8G+rVr1h2Ck)8LGZ$YrXa
"kF#"m5jflUfLD50G"`pfMCc'h"P[lUX%&XBAciUNNB1$r6,QKiYBehJrkrSjMCc
Zj`JPE24Fd9Mr@*(rh,Q4VJ2Rqk@$)fH,f%(J($b&`I0&dmk0M(4e(F`)[%+"GjB
SA##`NBYJEaIj4Jlf#k"E"0!`!Bd4d+M,RS#'Lq34&mF9i*F61'!Xj#3JM2Ah2eq
8kFIRaITp4886!TbC`$[Z`AbV++qrU+LIr`#N#k#h""!l5$Kra#%1ASBBFL&'6Na
!G(N3e`Q)[bjL)d!i3!KI)0Q@LVP"U$r@2`)#d$FEZ[Ah3lN46,j40"eqS[k",MK
UB[B-T#FhN5'K$F-rD[#B%-14-G53!,[V!SNbdLmG',Q!k6I42A"@f-1E1qGf$Sj
!IXBf#akr`*YeC4!&9)m44UBrjf$AZA-N!'L4qpL"dD)mXLT%)0r$`D$a,KM2MNa
r&JD+-%'b`-m-(kpfUE)$!$j30)V"FB%&'Z0)!6"cQ5*"r-48#%F"m#i51CkdJ0*
mNSfm65cA6E#Nh$J)5FQN"mC&(f!b3)NPd%E3i0L))jib9e"FBU-H933BrRI,"--
4`9!S4"44RqFK4362L9a$lK+*Jq")H-6a)SbB23IHU!p`IY@6r-EkA881MT0"b3d
(!6U)0lF#1*d6e#HQ+3P)3P$#+#HdH),3Z5P#)S(2F$B5jIbNL1cJ,eePhUBT#Jh
'lK)d6Y-%`DpfkblLrNZHqPNLp5Faq1cEVL6B%%JYa-+N+"0)3QY8N!"ef,2Re,4
B-D!Gk(!&1BdU3B1G3a+k9L!`Z%!X'QIG2"NXNXj"M)Nj1!FT4%jh0aAb+rJXZXM
(XbYF`d11VcQ8dK5&Er&%2RpamMbirC9JBIq'"3m8MS82*#,VH6T2$PdSHJYl'$Z
3!"%159dN3B+I%b6B1Bii+K$(qNq*P2)IS2`P%hV$&!TrHA&AB#-JFS"-6E$X(-p
T6KaINHcr+e+$KmU9kBc(`e-92%K6JF2hL3XJ4541Hd&*qPkFT43H[b`',8I#J36
PVSBBi8RPdL#c8@l`@Gp)84&jpKb-FiN(6kVc[%[E+Ud`2"(2rE@Ei$$8j,#[#jX
D#FKj,2Gi$2%9L[YiV0m2V[d(N!#K2!`p-X+'&15A%(`(LiVi,X!ChHNbkJ)MGhe
`i4!1)ZFmh35G#rhqeC26`LYXj'G6kR5p*4BmE"&MrG1!GV!IS6bj''$"kJFb)4'
IDC!!H!)"K#!1K%95-(DIaqM-P-N)X!ZpLEJL"*F8bF&$JYBC#23ZPJZ!EC1a64k
pAhVd4$Y6*'1E`cE2Y4AmhZBl%!M#P,RZYYMIA`5%,,$$k%8m[Q1"*-*I41`f3C4
([,FC#J-4@CpB$-@L3-R%TrNq4RCi@eKfM"1GJZ,4#VIb$6FMGP#aD,5`89,m2#Q
&fD,*"IKXdAQ3!*V1pf+Z)CqL2H35@)B@R)2R4+45`pZ3!$NHcqdc3LF4EaI2B'L
$)T)B`$Tr32MK02K-*MM(m[Cl$X,Ai3qrHr"$b`[dKr`mZA$1J+AS`*[B3l,SY!&
X4iZ#hVP$dH4Ta*QTS`NFT2cMN911k$M-[i[4ajYlf"kmIjGZXdL$q(f(h50GB2[
`N3Ta38Bq*LFHCcQB@iZjalejVkE,13X[1+`[LfRiCQGI0Y2'm2pEh0VReYQS`f1
VT$@mIeKkjLT)r5`@%Dkm4C3PSR5YbXY*ahm96Rlc2FFI`Gb3!$I[eH6iM`'rfbf
cfFI'(#RMeQ0Z2B,k)5M4JrUM8+Ek+NMp,,B6!BabZbKE49NR5Qj912jU#$FT2l+
6ep*ArrArZ8N*F#UbU,L"LXhi#`Zi!(Mi+N)P[U%bM#+,LKZSf)clUV32I&[k0RI
LGHb0pp,K$EcGr`Kf-4eQBqlalTXQHYjcPrX',IlMkI"4ppE'l"AdZF3F0`fQrXA
B"!GHcaM(VBT"E#XC*XR*A(3,d"dDii-,d4V"S1mDkRi-h6(UrM4[R2h#B4RUrGl
&h['m$$LIaYpjNH32jSMH'*XFmTAQLKl)2*'2PZqdikF3qicEC0fSRjUD(+*Q0LD
K$qZGDYC-0CpfQhjmG9$k%M@[`H4*e(rX0[dR%D+lU&Q!b5(8clY02cj9+6p,cB@
BK0cX"FMd9iiI(IRe22UHpXmG(m6i,MNBImZ#ra-*(rl*f[[aRU[phAAb!GH9lm2
R)b[BYr[`CbliX`Vr4-h2[V2lMl3C'Ye0EmFYmff0q+XmG1PmF9Ypr4TF#5qHJ@&
kUVI@dkhZ4I2Z`RmUdA"cI&h(lHkS4J3Q(V0UfHeFM1Ce,61@NKiYp4fhEh-R%ZZ
fE5hHX+hCTHAGMemrG@fH4Yr6djAcmRpq#qdiA[J54Qk8-qakqQmQk2f3!2ka#HT
AkGqAS2jjXXTHK#hPl-UPpq!2BNKc0QlS`*m9Nf,fXUSP1-HiBfQb#KmCNPD,2ii
KV4Gr*%0UX5TYi%YG64[Dm6FbT)qMMU2HKaSlM(4!r,d-kA$6KUddpdh802HLZ@a
&$AJGYCI@,-1rkRK$r)-91AG$d`Em'brjfYE@G4fSLqpD9,N+p@,k,cc-*ppA[64
C`kE*Mce3hpB1["r6(P9)AJdp1*Gk50$Ed-1Re[RFI26L6(BFN!!Z4`mI'+AHc!E
d%[5CdKZC-KFprUp*#PRS2[6QLkaACI45E"I["9M`)h1a1&,2aTcUc[d1HM9ZE`G
kG5l'1(VhLK#CPB2H@M%hD`Ck'phH224DhGlpk(@i[EI4fb4keikLpkcSA8HF6SV
H$4*khd$!AD1aQkDKGachZ@HKGaek!jJV31p@&YTqA'KcMi(Hkm#i'A00k"f6S6G
kHi$A3j`dT[prk$e2H"UEX`#pl`ZZYbRSI9l`L2d"H[MI8h52I-(ldH[$B3QmXf!
aHLp*daQbB%%MHMZPA(BhHPhSECAb'2kZdi,2S,GAF&V`CqJG`EqpJiI,Mk,hCA$
k#'0hR#E(q%i4aSSiG$VLHj0k0A1!mC3%lc+fHMCkTi4qDhm,[66j@'0hMk!AQ&R
eB!Zqcq"pY'%Drr6$p15kPMrVd&CdYPcTjkrXf+M4AbE6jQRU04HEp)',GcjS-F2
lP!A[jZ'[MA8dEG"UkVGhC&FhEHMSE+[hk[m(4#S!!!:



------------------------------------------------------------------------------


Hackin' GIRLS 'n SYSTEMS - .... 

by SevenUp - sec@sec.de - http://www.sec.de/sec/


Hitting on girls and hitting on systems (I'll call them both "targets")
has quite some similarities. If you are good in hacking one of them,
it won't be too hard to enter the other one....
It also represents IRC channel #hack's current state of mind: 
Women's talk is taking over. 



THE GOALS
=========

- Biggest Challenge: 
  To get inside the first time

- Targets that have already been successfully hit by others lose a lot of
  their attraction

- The goal is to keep as many successfully (formerly virgin) targets as
  possible

- Different game: Hit one target from every region

- Mark every target you hit

- You don't really care much after you got your target, unless (in rare
  cases) you love it



TIPS FOR BECOMING SUCCESSFUL
============================

- Key to Success:
  The right "defaults", depending on situation and targets

- Be Cool:
  Don't care too much about the target. Don't get involved
  emotionally, but play a little with the target.

- Knowing different languages and keywords may be useful with targets
  of different origins

- Social Engineering and spending time (sometimes money) might lead to your
  goal easier

- The more targets you'll hit on, the more you'll succeed. Just ignore any
  failings. Remember: Better to have tried (and maybe lost) than not even
  have tried.

- Best time to find targets is at night

- Backdoors are always inviting (sometimes dangerous)

- Don't start with the top target. Start slow and easy and look for more
  difficult ones after some success

- If you get rejected on the first time, don't give up. There is always
  a second chance

- When you just got little time to hit on the target, don't hesitate -
  a quick first try is never wrong and leaves you more time to think about
  your second step.

- Scanning (and probing) is neccessary. Don't give up, even your rate of
  success lays somewhere between 1% and 50%



SELECT THE RIGHT ONE
====================

- Be selective about your targets!

- Try targets with tight openings

- Targets with many users have more experience

- Targets with shadows / shades are harder to enter

- From the inside it's easier to reach the root-climax than from the outside

- Many targets look uninviting from the outside, but welcome you deeply
  inside

- Some targets are leaking even before touching them

- If a target blows, it sucks



TECHNIQUES FOR MORE FUN
=======================

- After entering it, let the target become active too! Let it do some work
  and see what comes up.

- To protect your target, close all openings and save the key

- Even some targets that suck can be nice

- Sniffing Targets:
  For lamers and perverts

- Fingering Targets:
  Can be interesting...

- Leeching targets dry makes fun, takes time and let's them become
  kinda useless

- The right wrapper controls the intrusion and its consequences



WARNINGS
========

- Remember: The number of tries is limited. After unsuccessful hits, the 
  target and its environment will become aware - start searching in a new
  area

- NEVER just pay to get into a target

- Don't fall for booby traps!

- When calling up targets, make sure their owner doesn't notice

- Don't use crack on the target... it fucks up the brain

- Don't fuck (up) the targets without protection

- Be aware: Some targets with change-root-environments can fake the
  root-orgasm, or make you feel coming inside when you are not inside

- Penetrating a target too hard could use up or damage your tools

- Try to identify faked and "cross dressed" targets before totally unwrapping
  them and finding a bad surprise

- When entering a virgin target the first time, you have to wipe the tracks -
  this can often be messy

- Remember to get out of the target when you fall asleep

- Never lose your mind over the beauty of a target. Always check for guards.

- If you don't watch out, you may get a lifelong sentence after a 9 month trial.




AOH Site layout & design copyright © 2006 AOH