From 965c2f02b2fcaa20d02a741e0d6c957fb51cbddc Mon Sep 17 00:00:00 2001
From: Lev Demidov <lev.demidov@contrastsecurity.com>
Date: Thu, 7 Jan 2016 13:52:51 -0500
Subject: [PATCH 1/2] Fixed rebuild script by taking account of mysql.exe path
 for IIS Updated readme with better instructions. Regex bug fix in Proxy page
 Broken Rebuild Database link in master page

---
 README                                        |  10 +-
 UpgradeLog.htm                                | Bin 0 -> 461916 bytes
 WebGoat.NET.sln                               |  38 ++------
 WebGoat/App_Code/DB/MySqlDbProvider.cs        |  12 ++-
 WebGoat/Configuration/Default.config          |   8 +-
 WebGoat/ProxySetup.aspx                       |   2 +-
 WebGoat/ProxySetup.aspx.designer.cs           |  92 ++++++++++++------
 WebGoat/Resources/Master-Pages/Site.Master.cs |   2 +-
 WebGoat/WebGoat.NET.csproj                    |  46 +++++++--
 WebGoat/WebGoat.NET.csproj.user               |  25 ++++-
 10 files changed, 154 insertions(+), 81 deletions(-)
 create mode 100644 UpgradeLog.htm

diff --git a/README b/README
index a5ce616c..a30ac35b 100644
--- a/README
+++ b/README
@@ -47,18 +47,16 @@ How To Build And Run under Mac OS X and Linux:
   9. Click on 'Test Configuration', followed by 'Rebuild Database' and
      hopefully you should be good go! Enjoy your hackathon!
 
-How to build and run under Windows:
+How to build and run under Windows with MySql:
   1. Prerequisites:
      a. Visual Studio 2010 and above.
-     b. Mysql database that's up and running with at least one user
-        aleady setup with full permissions.
+     b. Create a Mysql database with empty database and at least one user with full permissions.
   2. Open WebGoat.sln file via Visual Studio, and click on debug.
   3. You should see the WebGoat.NET page at which point click on
      'Set Up Database'.
   3. You should see a form with a bunch of setup information for the
      database. For 'Data Provider' choose MySql. You'll need to fill in
-     the respective data entries for your mysql db. 'Client Executable'
-     and 'Data File Path' are not necessary for MySql so you can leave
-     them empty.
+     the respective data entries for your mysql db. Data File Path is not necessary for MySql so you can leave
+     it empty.
   4. Click on 'Test Configuration', followed by 'Rebuild Database' and
      hopefully you should be good go! Enjoy your hackathon!
diff --git a/UpgradeLog.htm b/UpgradeLog.htm
new file mode 100644
index 0000000000000000000000000000000000000000..2c289d6d902b7b2040124e1389e2a8c782f13ba3
GIT binary patch
literal 461916
zcmeI5`*+*MlIQX3&N=fxXp)^t?q+0LcH&3wy_q9R@+0wEvYljfkB=VI!=fG`Dap#r
z?w`K9-%qz-5F`i!v@JH#b#x?=AP969K3!d1U0wbE{_o$Ce@T{;=gCsCmi(5yNLG@$
zWH0F@he<p6Df#E*pAycP*UwziO*WFVq?K&z^-j`Bj&;^ta;jJD<nPJ1$qoH1B;O~0
z(RrKt^i<dRG1*U!^uMLEj`X*uZ*Vn#?KxdNz1v*!!QJ&p_xVw;x_aMrSN_V~<48xl
z$(GJ<>C+9pp4b0<9ib#${qE@M^LkIYe!Tp4FZoLM;w~+HXWP9#bmiDkNjTS+j=z7`
zxh=h)*ZsPB?IqDmPIRP|{Gp@!sy}Bf<-RwcJkhm}l3ks#p}#Hn-RooTg;YN1zSlp>
z;IFPsd%8+TB|ut#*EM^p*}NosyH=Ujk_(l*zbrkKzbA>dbeDJff2{gH*3-{w#M9-@
z`>uYk^zKBjI{MZP-8+3|bNYV%=c&H2tMfK=rvL6-(*JEZ%723=f8Cw!OT;tk>ivZ)
z-%mQb=sSbgNZ(&i{+GUSUuE6a6(BXe(!cB7j;q6*jzPhketFvaDlhN0_34(R3>6%o
z)3vVGx;w0M-#R7!uUcoP_1u(%w~_-VYueY5?)#%k{B`mmxpn#bee&0du1#BjiO%H}
z7o-dP?}G`ih}@Cryq>^@YpZQZiSmAxtV-Iu`kW{5S`>bj@TAss-ky%qzIp%9J(HGN
zoqzvE?>nk9t<4`nC!sOs^~-1by4Pg&Khc%8^@G0Jb)~#9;gu+TN7vv=)VA(*{<nL6
zb!hVZKavEf19Di<ee<mVotEluo^sY6C@*E@NTwm`wt_v~vrd^OYXQSgX+iQmksd|P
z{(p8PeKi>o8NX=6KP5e$=1tY}M3S29nnf+x_gVdIZ$)=We<!^U&)Bmt?|S2&%Itf_
zIadQD_O*Jlh0EWYdQUIfR$aGMyLuWp)lh?4<ffj=f;1EVC#%V)wx+aX+0#7Nlcc}G
z^5BUcsn#8*bJ{h__&HjtmwSJIHQZ9al7;5`<};PNm7F_E0L_OjcC32Pv(ct$<6C;~
zd*QB*)NjW(ub>@gPouwWEhKk8p>1W?{CrP1rKd>m{P0ol%q7|D=}`VTNWA6vDJQWj
zt7G%Bx9#VQ-kQ&_&*#*iK;DUnJWk$U5=lG53ZTcY&*ZHuW%Bd$ld+lS9d0J=OFoxo
z{L*Y!>GOJG#anWe2Fo1Fv0hu6v<)zt^Sv+Rw)Mlv&ySuM+hQ9XIHIv<;Wz8$>a)CY
z1te$XqksEaJ@74Q)|=|-SFT8=Sn`{a9n#9|(6m3QXIu0>UhB)-myG2yyQ!<z$%w0e
zOi<sRPy3Mkwf!?{>-r~>khd)dkJaNpz0W9JgMIwv+f??n{0QSJp4q5T@k(+>#PfT%
zCikf<Qy<N|o)em2R~mpe1=;wUCVN8JRk6@{>ixcx)FwsOOm_W@fY0BP4fhte#1*57
z+n4|I@9Wi|z7EgxwtWTK)m!4&*jtW@K{gm?olN-T#!EM~H2wd2(oLxzwj6kZlU=J{
zt3fWKV`#|6lJr2I-V%$f2;aLsPz(3Jbz6CT+PtUbiJq{3_GkicAI#}L{TqJetjEi|
zkHr=RBR9OJ{nvpXzPInR%#ZR$@-yhI#^O%Lee|;4YT`PK2Pp|pAaASq^YPky3;i2u
zvuy19jgF_93BSJgl41?{?{Um~+2&-&<A3BG<ImJ@T;CeH=F013`Q%cPU%tl}wvRs5
z*EyQb6|wJsmM3gs=`)#k{+!R(Thyn&=xO~Zf>Q#f@#H48Y*Sr0`pG?zR^jKKekRk6
z;XFC7x0cjiY1Q6Wl$H)nlKGrcPq3dWNuTVT+PL>Tp;@+c1;$Cd&NLWga`n`k%visx
zA3rDNZ6-7Y8ijMchT$6c1L}<luDMz;d)8kk{M%oi!BlR8{XSAjrCX1e`Yq8v&o#9@
zH1MFL`=5`0o`Yv(R+H~3Xv3#^GWZku?7&_3RDF3iCT8~6TfzNfJ3m6A6m`8i*9OYX
zlZ2`-{{+v)^0w-^=WKaq32r3+TC<H$`pjNPhS@xm@3+&rysW29+fq6wx#30|X}k4L
zof(%&+RoRm^?6eHTd(E)mwP_{L*J_QGi=dj^E5XvZN&xoCepbZ|Eli%!=z6mZ9%D?
zOSPPD1*r#vd3x%BzuoIREUSznG$`*NiYH2o+;CQKb`EyZjy}03YxQ6CzrN1<T35)=
z0`!;is$0#5^aYk`Jx!M~<K;8oCqr!cJMyE`4(k#5sn0&I8~yW5H5~6!%NpHxu6GxX
zf%G}{KjFF>@aq8$n7{W`KT%(!de3uG*)KXxKc|_0uj#0HUFlu>`0Z7(xTPO&Z>*@D
za#egQ+b)hEJM*zV!#h%T&Rh4ykKAZvxAe>v`E8iv=nS0o<)0jpPedwZ^!=#bfZ4N2
z$MNYE>07ed(d?S_+GN_!i>&K;$&1J$q7|5dWel1>R*%8*dlA9JoJ%?<`lI9IYVEW<
zpLhy9^*$CUWA#h5fiKUaw@05z)>y~r@@2jDbL&_bv_*WTe44j%4xJA4cF3kX>sVA@
z(^-#ocIs8h#wXr8;`>3OeTes>-{rbUk{0Rb!113l{z!Y?^ek+uewpvP-kP|*Irm-s
zCPX!&Pv$g>LCGnTe~tF=kz?ug{5<Ej(?MB@IfokKY4LG4b@f}ywU_OGs*UjTtFG5p
zjo;|X_@0P{LaJys{u5`(C-aJj^Y^~3n9RJsd;GD+KaS9$U+ddMXrX1kmJEhH?DP7J
zUL3jcynP(#x0mJF(6Q|E>uT*pRsGdn33*Vaf7g{)^%~2{`@fOw*NPwgtMeFQZGD~m
zL)V^Ea$l<4`;z{B#bmq^6*rP!6sJZk+v4TVGu7&~h+NU%-OFS5KYqHHywsR=QPH;P
z`8(3v*JT&(eLS+Hr+i;e=B@rey*$b+hX2NM>G(z6^NsF&E;(*q9=|VQSM=mpbcZ)8
z+xPnRAF{01M9gdbF6r+p#W6jS6}ccwYghOEJ^5MRy01GCo42o0{ifqf?%rFv@;$ZV
z2l^H@eX6s5(A5@o%`MgYy6&^0PtWyxpfY{X^<V0lebC+8y5_mA^P9f&T-Uv=EAHv_
zuFlxgXHQg$pLPC{zPYD&9bJu5+?DL^=&UmxS=9gUl4troa}qk!s}H&orM|1uJXDFl
zQyo`zl?$DHU)NsL`(3@-)%73h9iG}nopGT16YKg`ub+syCprghw5{_x`u0=BDQv5D
zk9CKaii3WudVa4@jwGoqmF<N}#oZYP+;KChUCHK9-&j>?Zs=-A`b_5?Nop@75k_pk
z=-8jS>zU4craLjGysgr5{tK1qiR6SlK1dckpGCcXsS^J#*=_6ZYhC|PuRrKGcfFyz
zJk;mZ{!f+ggMQa^m)~`d7yAAOo%2YaztN{Bl2lv&Z|I8mRMTH{jSHP|L-&2CyWLfZ
zkl&i#zt!{oMgQ;W8%uiqT=!g22~OR2cJ=+XWWe?C**w?1R#m%0-RqXF@>>6I>ywwd
z_Ah$<MD=K?yg%#dpXo0VAV}alm2%NNx1V*^n#%c$%7v}5qR-BB&ojv%jrKv;AXa2k
zC3-Ab{iYJMbk36GftUDKm2pMo-BJ0DRfaW{XIpo_t?T}*dobU9U7zgf$eO;hpu5rv
zc2veqokNWCQ`P=R?|;xYmvzlOJ+t@v|BLSVv%AV`-E~p#X@_g>x!=~gOOoz0)$Wmw
za-|J@>rgUSkyOugP5gz#3(zW8bpKtI__4}&N5|H5-i0K!qvy1%GHmIyW8Dk;v8|_g
ztWrPKRo<(vN0RcNdJiRQy2Fl+tVl*LRJWdFazocof6zB?oId(R^`X^4``?`=t<(2U
zYR#uswU44pEv+wO=cM<__h@x$={*=}?^^Z0Sva$9;iTl`DK$$63vQH!_GK-d`_iC;
z7E4#U(OWFX(#tQU>0e2w-jU`zmwx<H8v0l|@xALEf06dxmZm$B_TJX-sXlon{mV+G
zyZZK1^%M&_jurBqu63rfx;nO@`o7e??@LQ>>HU(f|5h4x$@MyD`<J@rmUQw1U9+cG
z*w-(msVT*V&V44Wj5i1i;K21E_hc_T)pc&`7<O?>S7R)~N~R|&!E=>+OaJk8KG3TV
zs=)*4?Ut+6l6v-E^!tbU1uVn6x-Y#ZmKwe58@+#_?`-LwZS@7*^O<UTQ{SQ<A9U=2
zyXUIDjh)hUXL7B#s_m~T$vs{5o<6y*GM(wwuC781G}h0uUTwK=?n=h5^lj{%9o_4_
zzI9*Ud8F$vxKEJkACl)Y)!?bFLA1k$KBv!bOQOH%9xq*w_*i`+@4KoKW5b7%>OIxw
zp6jb`=$^mp+6Out59@W6^sdf&rT6Fh&Pylhn>un!CBwqLsebg0%8BLpr#tqWK6|FC
zwe`%FbhY1Ax9{{B7Rp^G8G8R+mGe+X7F5p_mE}TD<4=`>QOz%U&2f5to;(p*SZ<H?
zoez$xGacK}s|$U~Q+^}q{h+enag_a{<9AfAm##!hy3d|I=ULv;kpumGAsN1Pck8;l
zE~};sstuM8BUQW;$L=TX&#_pi+oR`wU|*&u&)>uP^PVU&k45So$n#L-vB>jd{rL3y
z@kQz0Njw(xROs%0kHv{}<*Ib=OKH_5{pXwq(!by9|Dts5eI0wEPd?~>N4op2)6p9`
z&MHpE%}dhctJ1r#^dB$89lcwW&V8x=hh74${#Kvi-Fm6s;H|XvuTJ};^?y~b@mOWL
z&^Le3|37q>Te^Es=Q2`#u5aTpVZ4qf<_DemyRL9cdVfhjzv%PdbQRk2OV`7Gul{jG
zHTXl?|B3#es)ssPFS4w1UFhde)sIo&dwoW)^h{U(PTyJ7@$YmM)}Ar4f1{FMjdUfm
z1N9*I241L4XS&X9)s4~iiO!;=_*ic197fOARiXpE<9fGsk5$zM@5hm@bLwjRgYM6K
zI2OcRefzrpzty*Y(G@xNNZ;TS?1eR5<2&6I%ZGCIRP*<`&V}mJb3Ne=y~n%Hczsc|
zS<|(@(;XQ7zSsNf`hQF3<H5vhbEFdS$ph8%x~}{{lKNghKkM^1`V6*^W!gL5*C(&^
zjUOb{j>^Q7<mc~KIO5G_e!fiKm|Z`w2W_0o9D3?`hhg*Nr#|>}E;VDv`o!t=iFl(2
z$F_e+tFB3>zLqwm&wC}^hL7-Ey8DHCk=N33ccqmVrKQjHmoddn>B>``hlhGm`jxR7
zBcv5+ZpJzHr6X6QP0_QAx*q5_vl2ISpDi81LyWihRNvl{ex*O<-h9Fc>4A>jQtyGk
z^r3$6GQQUTQ@wwtciSr8AA0?}j{Kqikn!R#I;X4uf9l>p>nMKn+tS5H`X+woRh9Lj
zboN8taYgU;rKSJWPg^Bg(D5g#2ct&%!Z#Wrc65zReRn~3Id?talJq(K*i-cZzw6B3
zRG*eB&xVdXkyLh6c4h_7R1dtKjJZyA-LCGvs-FdY=X;g$mac+aZ|n10y2dSc%~O2?
zSuN{~r;_3w-R(EMzo&BDRVf#B_1|?(W*dkJVix(a>uHFRSa474vCjBG=k2S^+dAtv
z)fXS|1J&t)jvwmXq0YIfJABYNhbjrr`B#;bIfAzChP-a*-pndu^B}dJ&Oqvidd{1=
z9)0<_dQc+mf7kK1x;h;2*@BMa&3~kG4|F9w+*k#ae?gz%rT<+e?C9(zy<1itunT&+
zA|ules^4|}p6INu``$xI?Y+wOM)%#)kzIXqM>5~mH=gO<_w|ER+PWVcQks1|1Nv=7
z|3`W{jLMgF_lGLw9ew(zlig#<dQEqGub;;%`-;kPu4^&2{#l=F>Ggq1x~%i@+;8aH
z%sRc0oT%%v>h!&8hTTL|={?DDRriO%107F)KJVChynmQXCRxP4&tyVY8mM7Dm==RQ
zM4lC9XnoF?_o@N$l*|I8=YFNL@jvwElHps$=aywjDYFy&YJydjg?ZPWq)3$K_-`<?
zgzt^HUcQm`!s&lz$$kC_qDb*x(LW;rKWCnOV=(8+bv@^Ooy+la7qR1K`O~!(gY*1@
z-}f{Be*T-kWpzR3ex-bW{qgf*OJs8we|P21AN^J{Ds#zy={H|8^gLOKe0{&w6B~>v
z`^wG5%q9POOuSrK$&tdhIZ0hpUC8Tz9}7*JO8hUS5*R=K(f>3?-Q(Nj8$GQf)!aYz
zZ`^aE9b{AuN|l-YvKspNr%^4grF-EWz~aUV9F_%fwV4!{DWp6+m6o14&#vt5_2p82
zKO|H~Iz*9@DaY6HbIIz{YCPD|pkcbTE`Nq)we@<Bd1pq8v{)Z+>0^iJ<?+OB>X+7y
z*3Ke_(s)oJgwRoZlU9Q6%k&yvb3D56$!ZDoAkjEzgYt4?3FY+<8Za&Any%qvkzZZj
z{k}@~?DERre!R!0wtH52c<l&<ZT0VIUD1ZaEMQ&t)Z+TJUsv`4{XC<Rtc2g_ypGz#
zII4ZyPy35+CB?tXsv#nHU%!9TZ@y%#NTPjXE$&^O_nmB_a!L5RjBoF$CQ7A(hsnp6
z(aWT@n^PGF%k`fs?>`j9<|VYKv#CFH;lXK1cd_=)lTlSFzBIlU_!nj68&#TrOa4ve
zDgN}D%0NGh74qEmCuu3rj(AX5-(E#}b!9jxOIq6-mBzO@o?@9CGyCeAO3$}W^yG=f
zPD}lbBw9CeoH7-a<3Dsf&sq9B%gZt6o~q9h!D>q4;wHTgwJFnPsXX~#-f#Ld%g-tQ
zw5%M%n#)_X<kVnR?%0hFh`1qUvHy8{?b5Hk%5`Lw_L{cTywp8eroW1HLRq`}{Q4_>
zLPhOvv>q*QcYLpI`@af3IwwtxE*`Gym(#F$@-w~V^Q6)yiI>2-pf!?9>|5725pO{6
zT;2xzwT^#HoHJucygyh%%u$fHqWX2pbx#%T<<BY8QblFWZ0&MQTVB4hyLyY0aR?EC
zsa4o-brxBSsgGcARLl4PY5ShfuXf=azb-9{1kXmNc`G%`w407z`Mj+B!@52FCUv=R
z<amEZInPxzH%};SlbHnmJNa)NzoB1j6WV$DS>Ez1zrTO_{H<D&^c#b8``T8g+p|+9
z<Md8*@*=Sc8gCjFT9$p7=gzYu6ERQBKX1m09LYcJ^s_uC=?I0)580?C%Se&GMzzwW
zdfdnTr;Pi)<hsa6OZ?v-Uv>2?eVPA~tjji9SAF^YPt|B%KEFl%C6;<#p1pPbU6=j*
z583kH>fEAp{-JdNe@XtsUE@D=R?#`>b>8VL&ir?G_PYMA>&pM8)rRZI|I{jjb+Pq-
zq_x&X$hz#Qf9T4rI$(~tTsvgXubSM7iMlq>vcGj2wJl$&*BvnMjmAH$E!}hH?x@6H
zsqFuzzdyPE_#rp+n(@Tkm{MQ0PQ!PTdB|8vgXK;{ewoz9>7V?_lhNX~>RxumYVAK|
zd$82#pK4YlW8lX+H!V{&hEo0aFOpTiyvpm85?HNnoSnbA9}{{X8FBf<SNL{3sO`sp
zuet?MPGI?`WlwmRnSPJYQ`J4oNs*05GM~@4(y91((!7=FD8Kv}jF)}-Y>TfxC*3&M
z(-ogtx8ECIGKlEcN>zHd^5?@9%bpRR*YR(CB_{iyn;$tYsf{py;&b(Xr)w5VtcuU6
zPHDa=EDiCme)glISt-_~oJ$kWsh0_-T+CJC`x#%Z^5<9n^vj<7aO+%^1xtGy=Pk$+
zV6F6OT4`pJdJm2t;q|Y%{pKU>gL!DWjx(O^`B-g`YR9_1qtDkC%k?`NtC}WFB}Nt`
z`f#67hqchm33$sMEACA1`hA~XPT5>(xm>Xa8Ef+-u=)AR>?J#pwDpb|hpeAVXD!NG
zHFf0Y^E`u0JAbOSp-kl(r|eTdJD<(5Ge6IcD_&dkj<^b<`+4ni>eSsG<x}=XVLzNX
zMKQEg4%T)uqkBzr3oEk3d`TBv$?$rg=}a^@mOpWC*^GC(%MID&2TT9l%?o!Nark@I
zbPd1j3f~(1)Zg=F;XMcQ&-lAC<LhUqkRVk0|9kE~yS(^Uey(h=bT6FtPpz$NrmMd{
z<v#iIDCM~8B1z&^)6xxJ(VsE?T3JM0x8!>LXN|vRK6<_Ex`StqzjnT_EW7sLnf=#B
z!s)Y2|D(-V7v=3PI2?{TToIR9R3<SkelH|eTSErET(ljtcDx@P(|$doH9*1WcEZS)
z(hpvpTKN0=|M@GdkGSGB)d1fd<$Uk1+kcfo8Kgd`CADJTCb6ft-N?Lp{W5;2>4Lj!
zTB|RA_dI2k;N}-A0Zj1xA&Fcl2Tr3+Y6*Tb;u-pR)%@6|Kf>a#?)lu7$LVfiP3!TW
zm*1zifmKO}_4a8*5>JG-<MWV>*YbnkU%mV$*BSiGw;O+D--=T1>b0h{-@2x9w)K3y
zHpyCF-FEYno(<PXOY=Ef!JrKC&+p5&z|YP9U|p(_U);Vk>Uov+ot_GBgYbG!+F_W%
z!E!8$f$f2wo8GA3{uumD=HE`Wug~VwbtG_K?muV^<?UTO0-Qz9lEydCSLJnoN^90b
z?I~`xtdH@ZW8?J8h2AW)%Zl&OZ+pB_%Vq~3N|@R($hzN3%J;GP+R@7}TBh8C)>OVf
zA8q^O&-3jxv)9tzo_h7mFYBRv9WoogxYlVMC$So;KfkP0*^@+`qxH@xd2-LZ#>>}h
zUH<C(lDY4xe0*<L^97#NG(Q4IuDK{>&cw5XHSlBM7}#sxygiia_@6WvG(3t-a~k;=
zT*j0>b_R=VPBGrht2}fqjQIFXz021jrG8yCVa#}-vrdN2`jndbI`#J^>9fdmi*Gai
zY~}Uu=i)1W)xlo5I%E0ke0k1_pIP22orEaw@lL%2(0S@~sn6Bca#kxGL9NeX>N5e8
zqmO)pgZ?}3Z6Nv>F9gvd*|*VX_&5grpXf?F7PJezk!TrzKdk3evvQ14`tY~?xvU@I
z{Pb#NHS@dB{oo>$$Denr;(0gSdFhPn`0Fx@y{g`jti9<hESctf&bUKopZN%MBspAf
zGSMODGszFxU6ZzAykjkGFy21vA;)X<X|yz+BJF}aA+!LWC(+s$RvmiBx7S&1UwPZg
z_hkL{UphNfOx}2#>9MpP5z>RbS-+oUaHLgc@n9tn+L37)7sV$}B^`yL@ALIbcgn`b
z@i7TsJIgfRw-<Rg^VgwI9rg*V=~x;CpFiL0+kCt}QPss#tu`VWHFK3pgFTM$7BEH`
zmdl{my*tw48ywG;*+uzUSG9}!_n=|q!!x9(@G;ZGCHo$o{lU?ZSZIUHq@KM|yj8cJ
z@^zS9>nZPp_A@%(`u2NY`j|ZO46>I3IV6a5@m98<3G!C^=eE_0na^8`li3RSCuj8e
z)>1x3tnxIji4fMZvD<o))+rws4sw`YYqp5YWMFLi91dSzGcKwRI8krEq<$64b6u~X
zhcVTm<B^P{KJW9gG#8#OuSX`~lvvgf^yB2UHZre@Oo+_pv)ASOVvI}Hzn;d-e!h_m
zkoXL)x%cdKF#BwNO1+KF(CI|S66Lciw(0HT<+WH6M)0%<e(gqsK6eB96>lrqcG&mk
z#EoA#hCk-0(famN<Y4s98ok9@XqIi;LHl7+o{J@8gkKfm4>eLccHW})rM}&0gne69
zFQe<K=o-`#iz3a>JvMnPHM*8YURdN6_dZSPmy1~}uD8)SEjo#bV!TcUP$Dz-8a?(I
zUt1$FOcIOrMw9eqIh)1xH(IAf>ynF1W6qnHJmLTs8m&32)YoVXmBwQ2(Io9Tj?ZEV
z7_s3HdowcqIb2_(F;p6hwMVn{XP(bu2^g{A5PK^!{W)A;qcKz(i?v6y^=F>XVhI?r
z(<RoA++S#QTC-#9{OG8xwnk!@Bo^z9=4sARY!=twXq_IdWU#^K+0)uypItFs^Y6>l
z<oR{-Kh&$ekvbcs7VDX2>DfB$7R$qEo*vDtS7QA<8HQM)nr0Aee#A1dTy^Shl+FUB
z#Tuqr8n-&P#nLd6uZrYt#fOsBl9i!NvS7>VWpquOuHsfd%Q|orZ^bn=0<Vg|!Fc#3
zjox2r&GE8y-l6QPCh5Gobu|h@q_9|H%(8B*!)0;pjnrw8y6ncFze;PaHd<Gf)zjz;
zjlN<n(Ig!?ipS!b8==!8bVXJq`C7>m$lokSb(1a2>a{j9!zQy>pEOC6R%5kT4o2_v
z=snWfO!hrHk!SLatk3=|xXsqBb!u*ehEHg*ZfTZ|t;%e%ER5pmQQVQ1^}7tPBEFfq
z7Drp<MqXIt73+s)>B^!OS6pwSb9!`sxXhc#o(Rht+ixmQ$Zn&3pexEl#?Ar9iuEk3
zvr!o`mBpH*SsHXar^Qk*a;HV^1L+m)%RP<cvpu@mAFSCrwNAZ_&d}*B)+$ZXtyOs~
zmV^;JJ%Sm-voF!M_WNW+f9~?zHDAA0ueZ?|I-SK@rCIv58n4BYFoLH`@S)pFnf<)B
zqsSZT_vWcmYa=skGK=*|^EB%?R*U6e^iGT3vRwn3L}yt&jlOBo_sC^(Kqnk&O$Zqd
z+UnVx99>ea#zthgL>Bj8P12R)87-E9Q9CVahx0Npm&iVdThgkGmzu0o>(|~$oeffp
z^-Pm=Z9R62<zX~Wi{|&qOGTxiXD=eljZ?4YMrini7VDNK>Dubd7R$mYo)*P^{c}t<
zZM7O3k>L_qtV5clPscM_ECZu<TGYN(^xtywq|x4hQFS!xLZYr%Gc-v%7I9cyYa?@-
zWG-s0MNhHOTgiburA_veLS%Vujl?iXEY=%M)0U&zEUv%NIxSj%mL_?gJd4cdS-sXq
zX4qsF>ysww(`u|1%faZK7QIijZe%wyty;CtMrFuU7Hg6wY1As57E8g%oi4e@nxpSY
zt9JFnY<;sw`JU79bv7zPrm|R*G*6$Fb6P9~BX?TlzIB<(4jb+zWrgT)9gVt>s4LbC
zP127=ZLPT0M&`80eB;(Ek?DaMB=+%Y^8C^G+8T*rl31)anxrku*(|QV(K;<!)1AA?
z<Iw!QZN}HuNDPz2V!hEMy;;s?as7?f>CyU9(VN3-#+KbG&n=D4&n{OZHQ5eb)vBw>
zq+sOE7P-axr&;=U5|)eQVswW_cZ^ziu+Bzh$W#_<k{C2>Kc~e~Fmk6yF0=GqS+&Q?
z3>DM5&s7(nP_^bpX!wK{>y~C|*s86ySQbWc7!;F%?}MAi@_M(whuo4jZZ5OqYHoyv
zPiV1jiIdr4Ss2CBqj*CRMeOa>N?u6A?lwG9U{!S-S6`zsR2qx5N3%3(IiJN6Fk+`g
z>?`TZ9j86FT$EJ|Q3F-$Y*dC!Ww9n{k}j>nX|WWH+-Z@E4cc)w+S;Y1Mh?^c#_tAM
zr`|?q=yVoql_u%ds=O9U!U&!g!Ssn;jrW<oBK!WT8~d}XcP|1hTfg>3>THl&tY?~}
zaqF>LEDxjks%Tzzet`|G>TgT4Hfg@9yk<t&^a(3&`?IVIM>AJkSEKN%DD*i!7@s$B
z_Go<VjI=OFE7k+Etn<p*E3U86cvUp|{jYa5j_x_lM@;Cs-gO$bOK6>X8hxSBSF9yw
zSu0lMvAE_&=v5KAl<aB#=E%hpVHq}6Kh~+I(H9zh#ad#P^<z~Yi)(I#ULB##z>t@T
zzw6G1>`7-nby{;@vod%N$=uZZh<EyjI(0WnXMxgU4Kv%ib@Db_EDa-hdL*A~q`ssP
zdm0V?L7KLw-IAL$S3~{sy-d|w8<|%{=At;<){ZqT`Hx<^n2b)N7_3r1qb(HLiu<Wq
z?zPA9S6pKw@~Vh@E6ul=JXBA`D1aV|*~G5KM2l{Bgk$Z0nDx?GCfhx&2)?GzW_$JT
zr`O&{oj$2cj@=E7*x4niNfzX2KFjNDREA7tai2HKz5FDc7E8g%4T0P^W{=9Ktu6s0
zc6Nv@);Uepyww;kmWfdv0@bG)U-jJhi*=Y;Oj;~9Zq@o5t+PUFv9@Wd2Cl+yu|$mM
z@Q5Y{XSPzaS-XXn*}{2>$4SA+oh@>U^-mlcxs2svxftEkr+eAWS)4}W>m6NRqcKz(
zi?v5HwQ4b+#S$=Lr%!CvRUFNo-K`@5BX)L(E!H{B)Vfs}E|!T=J$<UZKlj+h*~H<|
zEvvB+87`5<I;5F;brhq;GB9eVPc5sqnwkS;v|n~yt&PmE$t>0<&D5!7tQO0`=$$^j
z&s{zhA`fDj>nf|U5g9I##X6*!x^xty#WFBzr%&w*Y0zV>GCb9KnO?H&q6n~9+tKLN
zIubBqXNTBgozqOcTb1ErnHbeqMYVrUACybLM|Yemn@f|tt5xb}w1q-ju{M}x4LOd#
z;u;%~S4E`XseoCfj_ghL8(DXGtyoFGSbqLvu4q14b$M4>(vbLQ(sO2iW%uWkf{{C0
z<QD6nS=P9phvj0q7~NMz_oD33ljNPtvB9%gmnY!9)4+eo6F~N>mX2&nJL4@l(-F=h
z8_}%CVSQT7jnHWm`qYi3pfoN%tJK@*oF1Jk%2Y&lqUP$!q8b`;(<9FJ*hO0Kfksbw
z_t}GjES62}v#ZwKD4iaq!>ihwM`Ljvjk@VkNAAGm<Ur$=)@2@bUzTQ$V8+$fNSq#t
zX)k@M?9zwojf?uMCil?e>uq#Sk4`klQL-aFxtl!D-?sE+6KNb>Por;o^rgCS)A=FE
z^xM<Og)H^Ncs9>Y9A96fae6eq7I$dCCX$!0n^AUEl=*%q+uLbP9vOTy^s>xwpEM$K
zdG%Tvd0~-PJP$j|^V8K>EUvfFIW0PW{kZGhW7&W2r62KMH-EpoI`uX>L#MM?t29ZQ
zR^_!=5=QW}2!14ux^X!-9hZi!S92pYd_s$LOOv#0b!LlYVH8h`;-}KH>~HVyzwG?#
z9O*TBykEW6MrPP#7VDEH>DFqj7R$ltoff^nDvIMt5|`y#wa!Lm$W#_<k|t@?Dx4Ne
z!N|QTa)(#FkjrgD5preyVe@9-tJd1cyecvW=WAGBh^LBGXh(XztO%vmMvtDV)!2v(
zm&oGYtx0|Sct(q5VAM{N+Fj|-50Pllvbq|DAyQbZF`A||M{!wPdn0vPq`sE5iQj%l
zI<v{Kd1du9`a+|xSW7fXM~>pLxaLOav<Q7A-FT#N`LR~9HCaEF)zjz;jlN<n(Iovi
zipS!b8=+T4=xC36{)si$hdx|SqwlKd8}ypL(Ws@Pd~Iv$r4O~Lh<EtUcN^VTSFg2^
z88(^4y;+m`@oKCV%faXkkKRSabh27~OLOQ=9uJM?woC#>?CcO*taIYfy`vZ|mWfe)
zRa6g;u6*u{$C2evDyy&2cvUnKgLJOZR9pXvO=7Qt4YyPFo<>^atJ#+wu;KobPwARQ
zVB4BWnq?h2X`PMAX;O)|sUz~5O5kAqjJ9dg)^pixm^VL>X6#7+y_1gIP?kf#S3onh
zV6|EsnbRb5Lo{wBd+L|Ty+ke%b|50MqnS*OtFO^`RWz<8&oxGQF4B66z3k1j4LDdA
zqv)zAVzm2C>mIhGwf3d6$cVY_-my9Yo%T*6l9pzCcHNkyr_YYvj1QSJy9xWF%=YNx
z)9Y`vPM6knv>YR;)$4AQhED0bOMU8X$y*K9uj8p5B@3f?x)g6atAOZrpTpf-3*J(|
zLcoe34^0!S(qh}Ft^|zO5Q#k%qwHICC|Wzt-@fat+Ss@qCkLZ9e0t;4ws~r^`Wvm`
z(b{rxqF8)*>*KQxM%UkH4Ug7iS+>}=?3|G4mF9W4imce;x*Me-Qrc162bL>;i4J8n
z79X$WQZRBuCO2MMvzi;B;SqY`;!5xf5O0?~t2k_cQMETxLnO7MQPs90PKY~6^Vr2l
zY`GMS+|bF5o7k-OMr!z^zLUmnOXtQlPjI4<X4cbm6%&+~f{_~@xm{VXTP_-vc!CQ>
zYMtr`vtE9;yG-xIVcAxfhtYghG^eZYmM^0U){|c~ThK1pf8n*r#oq<BAKW>!Ozo%C
z+vvP1I*a2!h?E^48#^j~X_l$|67n#buZrfuOg;}}!*yI#chBvK%Wh)l?iki>x@Y(-
z^Ez3LjmT*c`C97_(#X&k&LY^;t|4TDWM#ssKI>ok+(berlYkL>Rm47Yd~S-v_N9*8
zkTp8XI<mM%M$}ai#XdosVyP<~$7-uXv2`-jL>1S_h`K7G(y`^5Rwcs|KA&~16m2Q4
ziCiLWakj3%yzeFR?u;WHzb0=HHsCC4vrnzNQ5qJdyBeYF%iE6ECl)$~>ugkpMWr7(
zA4WyxaGj0Hu&CTrA5NxF@`A;rFN^DKbcRLe{Y$U;cCw^br?NU3^~BPrm(|`#4U5zp
z$t{uTvx^-&of;3Pqw8*zhDPa4QHsZi+)ptPT2ybNGc-CE#N@r?c5*|pVmFiT^_RR+
zc+F$!^KT^MWMI^WM(qvpNpuIXMsaD?;+h+wVG-)*Rvt=|G84|M(SiJ<M-lk!N7dX2
z4U5oyH-pJu)XX}uCdo$}vqKoU?7Qm!$&JhV=Fc?Mk%o~xOC<Y!Ta0DD_usn9L(t#0
zjpkXRnS3Y5iUnxtITD9r8rt_)qvT?A&m!GtV!NdnXQMk$_n=&i?pdO{E6vT0DD%#9
zv8x#i<}Nx$xf^4wYs675AEP~F+Wq`S$Bi7<rN6zMg7r-VBl91zYV+!nF~Vnu@O1qP
zYh8)WW!1f3Z9snF+1}}|T6AvSXOgFUoOF!zkV${+wD(c+NK_M-eoa2W7?~a=2ctJ+
zdN-Y2edKmwkCWSB2^g^<6U$D)Sjk7uhKP4WI7$viZ^-m6x%F#jvV;9j*Kz9HVksE8
zvqSFl<V-r4J!aUiI96{(p5tPf7}X(D-O^Z%c%yldeC+bZ#LDt$Nf^ObMety5pGB=F
zN>^(%F*8h2{fxG0(RSa>M=%?)=vD~rsb6m*b!GK5`ldx6wiF|KKei{<l9dKc<gdJ@
zMqoGuvMMVM0{d%f1cpN(t9Iicu)n58;B*NjlCGuvsps;sH<`cUdK!JxqmQ*UevhhE
zy&@uNRq;^7y7@9SmB#AzHae$AClMaxvSjY@vHrdnpX^fQ_nv4fn^kLVWKNIF)#O$3
zz~#dvx~{1tj;f`RH!bp(McbkFH(AwBGpQ@Cp%FJN;#S1lruyA&XB}=QE3yrVrXUii
zi6iAI^)(u&N8^z!z>Z=dPGkqZkrrH$UC4S4#x6}IvRa*u%IQ(rbe%X{Kcj7Ww0)5F
zBYuWe_RG?HWUt+Ato9pMTO)B=Bt8&@*noTLhv}8sVF~XHe%@yG#nozTL{5)LMkZTs
zyh6U@W6i0sD^8P%tWskma=JtwCO!&^adfkzz0y4%%Ia%0PK(Cko!VwOhu&ZeZ*dKc
zxM>mhNWHK39Uf`MgxTh{-Z#@a99LJPa9R`&&mONR=RGT`w!|cvnwv>voq8Lc)1vcz
z@=_igXuOCf&Y^0Zjml|J>1Uba(39ipY7|b3!ng7*E+<bK+CLB1&PbakX^Zk-_vF*w
z(i-J%gP9vuPor;I^!+S7_dIzPjr~`pzDDD;XndlXlig@o9A8@_ak?b>tPGFUCwJXQ
zxv71#C$X%yM&h(cd@G&UQ8a8bJ%z)yGt#C-+8Z}dLgWHt5ucyDiLusY^)&jXMPIrC
zlvsr(uQVyEr_nb(`d-T0H#~2(?B?l+^!J$%$%5EKow%yGpt|)pT0^5XE;h5;8i~^*
zk=;^>btThr9J6+-nlrCbXQMI<DvAI4;6^k}&ft)za&(=I%IQ(LAwLdlsK~nHOOf?q
zO^SwHRqaOC)Cimwfv-f~j^mGfHccOCkFTwfI4u&<e`NbQOx7-S1#yT?UNKdz#zy3{
zh(ud-)jKneAu@Z__0+6&ZuZ*JI`uX>uZm9A*Y8L(vLiBk+Bd=HII2!Y)m2e7$u6d3
zeAv}*tUIO**57EI1zO2;e&W{O&+@qXQ`&1L0VDRRi1l$)jAEMQ-zlq?(REdH`5XuI
z#XZLta}eix*J;ek=4v%G;;xD~zlTklKc6v3(}=59LnH3$h{OMaZ<@dBPS5p}>FcRR
zz(?{Ap12V)(TPo-%fou8R%;`3dStS13VC4CnXV6Fvgh{6ZGyLEFvE@CC#Jl<M&nh{
z_*NQnQ)65r6OZI6+?S7LmPfip^)Z^RiYDd&$mY85vLr3L-e*Hc&|^)>QB$>!M%`6W
zx2XPeTWgP78pXbLq%|eGe|gP}u&W}>_bLz7M`BN7yWpGaYFx2&spGtNzZvsu^=oS+
zhCm`aA~)H`QpRPKx*Me-P<kr8$sUb|>aROmE5xiY+O+w)b9~K>(C`Q)9zKiRYD(sY
zGF_VIbaefV*6GvQwEa^?b6HeVBXIfzR-0>`eV<~{=&xGcjne5;x-Wavmx58dAFUs|
z5&VYUooHr|tclp7NA6V<qP|A!(n+OZB!^A1A5-m%WIO@*-H((Bl+o2zBjOk*Bf5%I
zjO@_K_Ee*zz3-J*@oMQqNr6^gEDxhOY?|@XcH~!JR<x}jJYjeiW<Sz=G7ViW52HDB
znz5O?nuBdQeZ+d)G_Edgs;kJw=nkE3W-E>y-Q*`?gcvu~W%4kZ!=@R685OeY@v-cU
z6K74sG_xFj705xvmPkGM811t`d(T<h*eIu$c6YqCc1rkYnHbe!Q_ZTDw)8fmM#hmF
z&VRk1{2{uDvW;~VSxqiRci43M=mV&RacmWQT;5AUwlU(#@tDMHgV&dlQ9s+%vpU;|
zAFUPg@-f<HjdrpTu(P_2Ly1oyUl&ob{k)e;$cPV{_%ruB(Nb|+F2!;%dPAm{I1=pe
zmPVHFyCu7vJ>Kvnux1^qdl6eFb>(BUhfe#McqfZ++33^Q$5Mg)$)#m2A?%j0>$JUj
zU;5*PH|2BnaSmlZDI+^<vfI*Ic+2sswDd!aD89vZ)OJi2sTkQ|lTD5SGC6if#D+F=
zCC=y-4VxODluN{j4w-18oXJaNBh7WS=+Uw;ibJRPP@^SAmD{BjWX$Ut;Jdz*jQr5a
zCk}f1(w~yfW3;rF;+9)?>2ucD%n$w)TEOJevX&5bOJIEEcYNJaAK+&^=?_}&c&w3I
zTN-s&k&DqiJ9HDFg`bRd6U-CEyaGATcbR02@X!fA)@%n}!+cDl&mkXgd=`XPlZ+7_
zHsOACy)Pq{=(fD#drp7vUV0ScwNk3f#wec!$~*EkV43vX*wn|{?aN1Vsv|z0G<Lhi
z6JJ+OM*l3(-%Y-kh29bA=V}9|isSM#Mu*X^Aj)#7jFXHJJ{yD|Yvzc#qa){Gz?zBO
zdg-dYkCKT|9Xi#+5l4d&x%d+CxA-g-anB_c#jRDBm$io3YYkoLHY|6)KGgh<MJ=FQ
zMn-+;)ORjdT##c6AN$}eQtUdvj(m*v@M-rEGsJ~t5xT5GI+2$5IWS}PyVKj%k&qD|
zHu0?Z_4$gsBD|ISDaL&!4E7*lJ~iGEY<1Zf<)Kr4DzfoKkclpCi=`vqYq2bh;*crc
zmR@ejqlk89Ep*=VV)5!kGfpBSqds)%k7SdOKlI$?5cR$mT0u+4ZIy<nzOIan`mm`d
z=4(%So;f6=-0Sx7GBK*drkX4+KAWP?-G3k*PEJwpQ}p|^#+|WfTe7GtBcnca>V3ou
zx;%~LB}TxPI#&M*q*sxP(H%D3c*)S<K5wpZy{#UtTp~tv$VB7w_WPV+c^5_L#;UQa
zOU4Kfn{aleU^m+Qo-FC=XjVqIqn-C@$^Nb`9V0z#(m!YxlMy9zoZe%8;QliQL_cl&
z#*r7Hu8fTOkg4Ah>ps^URyk2CXms<gtSefxs$`7tun9+Zv)4E_Y3e_W)h^$0J=rK}
z7|G$2d@7s7k2(E{3!<>l-SO_O<(VEY7o$6Dx|zXD^>dba2<toEb)P%3&c;i{$PSro
zm}c~tvYlDiv05SHC1ON}PBc4WeJ`%DLVQ_cU!$M4?{cXa*|R|QW^y5`V?(xe+r@yN
zYWx_pwx+e0$;7Ch1*-9CvnLjw?3lA2rkZ+`JdEa9pxLjdCj;D})6wyc5>uW>OT>tt
z1)}p_4_1rEZgY&5h!Gt!(R;F;iD7*&?VM_-nAcK{lZVk9I?d!(Zfi9xqoA(-w=^P*
zo#=5gF{;C+npKhHn1yCo9?szwZ~l@!$)vh;jP%e+??_)CXf`diMq;(B;d+!TjN*_f
zCjU3jj;uQ=#kSs;^}f|5V}yrHI5B$IAXwNb;pxhQSoL)knHbe!Q;i+DE9-+ey<M}k
zrLp^Wtv_&fc6Ip}?P1eSydJxk_}v6yzCS-^yn4KvT#W9p>Gmtc{7M<~nG9<3I?^%H
zLnfW5KKSlPfBRg5o6de=^#QRX@vb+hE*T>{bi$dVWY-x;$4ZZVUk2D7CljMObgIco
zK!yhIP04m*h}HIn>TxnLs>7z5@gx?Aw@T2}zP#}=Jx(G<bl5~=Taz~m`#QBhVrP21
zOpNNVslJeow)}o%%)&QPCJiGwWRh9^)zMQV3dqMr4erlqUhQ>x_9u~&ksm(!Jw4g3
zT0nj`GwhUDEpE^Hc)1weVbe_>D0VjTbn`sX@I+R{8|_M8HeM=5cIad?=gxQ%mh%}~
zIoeYebw*h6u4RYwx-v5AL#G}c-qv%)VqxdLEopSJk?iYf$7`)*d(xK4#ps?Dy0^qP
zUhlTseU%&zJ)_&T^U-oKx@U)OKLfudzP-L;2kqGB<NJL~=^R11gpByGiHB;xX8@y4
zR?xDdC+2KC#0rm-iBTOo)xArWcg6CqsP=O}@mk+lXTEh8OT>r{n`r!l^t9RByxAh-
zWnxr^Of{oN_HSYJ0`Y<U)@7`kx{6GU>aeNCr+qHAFFvjs?$1>kFWJ@PVswX0H_=q-
zzD$D=D0l=cXV0-~^~76!ima>^%vLMFYj7$H2G2pu*)@J29G`_gR-HfG0;<W$=ntEI
z<~9%XoBDu#X=9GYBEoi@OpNNVsXmqUa;g#OvCH^#s(H;5XX_B75w8ZXA{8S$WU^0W
zk@)#}^RTS<MJp6Z!$=OBWPAu{=zONZm@N->P#Gr^qdIJ=88Z?ec<kc9iL7Fm;4|4F
zvDzKOzNKNA7}c{ybv}~H$WB{(v0RMq*`nKg-~CxMhxK>4e2n(lqJ7ZI-Ii6pZPv<1
z3$9!~M*A$$p6320I|{pH6Ct~K=_zDoo3Y<NdZ{NZYYDT|68b%6ar<2IBlb~pF}i1!
z?sIu$SeYE}ip@a_zMt`7=@{wZlb*$1<UI~?ulMnsSCfrVK1-CBdmMgD{yF)lWNzTc
zKVfWqVwZN4pOU}H!atEW{z$JM$ns|m#+;6w%41L7an|_n=$+pwXig&o;$rAIwsjs+
z1amsl)!(J$M@0ob)HQm^BYm=|cW-sxrjC(Gl=aikl9gml$M0WWh3^lZHTZr>-=+=w
zy{E_v#EK`M@hyu+9OS%QI!1cPr2paQVbn!d6?$gNuTsSPq;fL)L#Cg(QJ-T0okuhP
zqp^5nw8qK9XbziZa(W($Upy+dej>A2Xw}suV}yrI__14i4%_=5*Tls-|If(6?^ItT
z4I?>pk}qU?w56-P1;U&VuS|F6_g;hY$s}bhU^ZF+ehYT=VcZq7F87odNyA7EnPk>$
zwUa+Z@u|j-wh!{4zp$=+jP}rJ_xt-4MX<!GzhQj5RE+G<$@b%^mMl(o86<N&YboN*
zM+?{EWMWi@O|>6k`W@MLntq&_M%V3Yc9A?2@p`@SmooCME+Hd6bmI49i(kkp_gQEU
zHTUh;HpWf)c&QlKVUvy5+vm#9`w597hxXWG$jN0|PeMj~*u?jw$$R?QbtA0a2>*C1
z`JhksTt6POACWQnr^w4%L+GsmtA^D>d(Lj}Dn1bVo!%hkecs@{nq-Xdun9jE$;42z
zubb_+?DtzHMtHnbjO@_KCVv)M+IC3ExE?1HqdH`&d(QUQlcx5&TJ=ZK#=RP-x@3&-
z&<Q`d<hwYk);O;tAEP~N+L`xcbjf`7iM%c_zwLIRAc~q*LhP0kZ=_aFGN>mZBR*{6
zkL5$T5Z8H+`o>3(daN-mtcR*586!M&!dVr>>f@H;6q*0Whlp1lA4|-9SCNa+9Wvdg
z(ov?l^J^xm$i%1)nQEf6wxy@h**<b5RxLeR5=L<71ouQRv+}IrBDX}`o)SndmxvJ^
zHqrP(&K%3fZq~gmvRl&7SkuIi#v5ITRI19xC=Z!(_M7c|T+3#0Req+jnpBMJu*t@6
z>mvx!)uUnw<KAhLjGU=#s!Pep4~=}X^kJotU9hJox}Mxf?j(!K3iv`jbx(i!{8$+W
zU+IaTDOVt?0}iG6uO;u@%uft?4L@B<Mt=C@-xT{dlDo+}$N#FVb!=5)v9eb1PHn<k
z0D59lX<18{wU+SC^#$aMeWyIJKJ%>KZTy|}2baBOzBSa7n6-#mX%Y97Klzb<82hs3
zzbnh=D0wbx=*;?sTuZ1YDQf|<(E=7^A3eRyO5WBez-PiWn<yPS(F;_Ukx@T8)cY|3
zdGm>LwDG|3h&W}xj-;#w%t{MbNao$H5zs#`?-1oClfb;j1FXNBH~Xj0{#j5jP+wlw
z8fK|A^!tabJ*2x~jOrI?5A`KxEn=2h#OuqR;Gy~jqJ}RtK2Ecp+87}}MxZ^^m6x@K
z*=Y@n$<G=qu;SJGh>ZV1{;NpHh@Tze{kSjleA^g#v@KLmR@Mq;r4`&%ufC``vHSYJ
zqVe&3@|znUvoBmrvu8GU>|;#4uc*GXtR>7+OGv$?d4CZj0>3j8b7$r^%G*V>iAm*V
ztz(v2$20j*d#;aotah-YcSm~P(WrS|JNL2@hP5z<)<Ql;CT6|Hr^wD)$t<;!Y!or?
z;x5{1Da&pajy>f&);bDW$0RbdRxzus;+b1j#{Tb&H*AD4IKt>}4dY~Gtzec~!KnEp
z8(|QiJ<9vU2xD@|Sqqtk7P8>hFmx_^gO1*z1zU<rFdtMl-mWJlBR_od({*c%to`h&
z@t*QtO*Te(_>`{<%`NxaxHbatBY?V6GV;SG|B=?(tjT(Pq1DKblV|djubM^k(F0Uf
zI!1c<q_2wX`(itt3+lIH-X%}u^I_+cMOpRiIvev!{7EEbEg<|BKz0%G!r|Fu%>mgv
zp}wn?=l!iAZu;v=$;c0%{LF%9wf&Bp8*Yn!-er*!adTf!Mn?TCQU9~n7!w;r<{@^F
zh}pWyI4_opkv&Ufzm-M9t|{0tyRvVf-1zqS#L8r2luw`XC!%#%zw8@)&2fC9-ISY|
z{jIpJM&a}+d@AzLo-g#@@8FF_Z7zwU>uWSlpT_61QQ249@2TBv5{v6<6kZjDeva>h
z;=@-(Tu=S*NkjVK@|qc8S4G&Oh&qvPbxk7_RvwVyd0o-gE$4y4_tew-eSP9f#HXCO
zaj666)gyP@yC&>H^ZBJ=BwrQD<f>-f{i%4|y5x9E{O;>Dt8C`=>6Sj*7w<k=;C<rP
zX!`Xx3(~B&^m|jkhtA$)l-`}`(ax8WiBUZpR5NC0?Cy6kJrw!m?_zJqd1G9<;KEr`
zRU~A@&pPq3YxB{%z)QvmpC;jX3p>rSi`Q#M+Pew1b&)Mnt=2|nxMX5ApNP`k#@Wf`
zY-aT~I>V)tv0RLFX7x5Yr%7kt!+<Yh)A`p%jmic+ZNv@WX**8N8%y$+kdaY8ThtTL
zdf|K%?325tHqt!5TYb)pq+(=GlWb<@c`D5Q&VP(YU`~Y9^&G#ZIL7RpS&oz`8n5-&
ztxElk)@jmOKKsF3-;un-G5W>wbvH`Gr8M7bGV1<bzcxolZrN<!vPdRI^{h~RD%)XR
zd0MV%AKGjBe_MaIq?xfa$O&ol(JAZoBxNmNnk^u&xp{Kyil^w0xETL5V;Bj3ie!xN
z&<M}Z8hFC@rOjFO(^Z@uD?8Jlcd}!CkhcGz|KDpD$)@_Mhg<!ipK~%f8U3?H|4q?;
zPpr3O=@|X#{%OPXSCNy^KWp^gk)Gd3?x;7|G5Xy~E<C5h^jDFS(LZbS-_kthU0FGs
zin2D{KU()!k(1FsYxLiAHqR|*`y2hE>8~Ouqkk6Y-&7C(&gH$>)n8&?`0v-@9IGAl
z^yz~7gB$wKdRj7m?Z`Uf=!eTsVjmHIP8nLOX-ccXYvesitkS%zUu!ejNTN!csU|^d
zF|*xbh@B)?L)OpiXav5a)?@ul-U1ulX6nn(T1``0%^hc(VWFiz*3VSwXR<a^O@h{9
zW~asMY9vE^Cv$n}=%u9@jUBz)k#Ebl5N7jiKF{|mlSs^3#B8<*{JV_i?`Sl?srGQs
z+JiJjI>#~G9;(U9TElF%h96vOxTTh`p`VtU_rSMhy#w)%!>ys3ysS0MPHWh4){^)1
z;<MUP-*7{1f!}wo9hj%r&wu;YP+wlw8fK?8Y-<jL(h>`}p_b8=79`g@@qq_w5BFSu
z!AwZ{leQ6y4ov%t&m%)?HPdW0`50NB<AxlP9dVDhmVHlXB~6|Et6P7gb(*x6ucFMy
zHnWC@)jPI6Ex$gkNG3-0RZ;y`dUez7D##wmOVX_9T>KJ?BeFyKy&m=&yVt|`dK;Zr
zMdz~H^Kw--aDQ&z)CPc3Y~>T#$?Ob>Wq|d()d=h0Q|oS&hD0e@1z>nfd>%Qk-;u_3
z=-PN_ts(=XHY{pAvDsd$ylTSOtBQ6d(>v|8xb{YBNTiZw6dyrXzwC*Mwk2QK>}Pna
zLTY*KjnuG6#YXMQo7Hlf1@Bf*n#QjJkB8VQQZRDEBG>Ow3b|bo%V;Ym9a~m=BQ+#a
zp_6eIIdYF>1DxnRedLkI?I~aGv8;oGXsm;J(lC-kB)R9TTkHn*utNXFVkxBbj+THC
z8xpZ(y7fD&b=;V2!}(|TFSC2aLTxoE7`Y*l>$55{9)n-(2RuLCo3JIjVMBgfJPYyY
z-ue<TqGyR{>|mprHck7^OT$PGn`ENE+VY~sIi?%d%;oYhnnR-bOj_6Lo0zPL;#wP-
z;gIQ9BcV}GoR?usb}+kUGX`geV0uXQ$BttZS63QFa#$pvX~ag%P1#5;R<0+PjZq#F
z<>YFK+e^XfxbZSDYD1!yJQ;o!0P#94*%r*p`E_rx*cMe}VAO_0?Xj~bwq^eoM+DCD
zj(+2#%r<5H`<!W`>Tk4$Lo0EsJ5i3>%4%+ehDGS1X4Dv=ZI{|`Xxlif0@$rD6QepT
zs)=m%xd@0k^RpB!t(V+#>(n^L?yB)cqCxlMvN6g-qCCxX$O@U1arAgg&o~zUFsuK4
zzQ=MY7`dU6%gn#m#*FG>T8)`!w@eO3Z&>smCugFzGvM`&YyA-PR+EF#8xp-fyNE9l
zw&1qBzT`N=CiY&XSjKtPC1C`IM{q}@bg1pQaUQWecri9FGv*Le8J8{LX|5|3BRf2@
zyUM)EO8R51k~<R5CzpEpFd7eBngMH^9E{!&>1Fpg<~@$w*c=NZE{me8mODxUMr>Hb
z4zDa4jJnLPw2x^Xq-fn$b?F%Cp_AT~mLi(iucwR8ULJ1y<q|QX!y>wK84XYF9(>4t
zmM@zDiAz`4k%o~R8p%EagUEv{3X>cYC(_P71718cdh|(k<Y6?2L^EsmeU{O#=xrr`
zieJB)zvuMyQ8c5$>XI;m!y@=p)G~@EdsR$UL`UAn;+h+w;SjnleacQOXjRsQ<~<ZK
zuBMwrB1UvrL?6jcAXnhI%NOW<5)j_f@%Yv~Lv&q<7||gSO?=Rv^fU7xaS}XU0!C~|
z#FAygXII0bV9!IIVCq+kFI&pCMgVmsVnl~Uw2z=b2dD9x%uD++#xW}m#Z{zW<c35p
zz9TfR&wm*ov*YS-w1z_~E9v|WJy^O$k(hC4+UjyJdPAa@Z0^U-_t3vjLAp|uRif=k
z<}6yWcdN_7C=Q9@4=w`U=kf6#;R9#&GJipD8r%LxtoHW%6)+oFO(I5gI7IL0srmd=
zSiwX=po!!2LR6Q7(Hj!I=v?-f#VSmFXmQxVJFdSORd=H_G)hm^JNogPkBB8=2c6rB
z#On3Dj+cUw8xpz9tfhK2AM+c_I=LO$N8@E+)P_SXyfP9?xy`KEI4pzl^*36>qLtlU
zz8AAt2EJrIA~F^oo3_+)85p(UQM;L3C~j;+wrtzQ@SaAq+ic2gnFNg3@QB4n$^I^Q
zYMJ+q$0nec8C82DH9S)Nx?!?L9Xj0_n>8@H{zhwfwC247tdosPvyQI6(Hah|d$LuD
zQ+zM2np$x2tUVi7dm}Y0QptbX)>=Wv7+w8uX>=7At>YwM#D+vHtH{U|38`>el=~$P
zt6)zOs4femI4p`g(z6Ge_em{;c$ghkb0ahyLdn0&IvX;6q=d$}_OZGgjNWkQB~}Z&
z0E;%Imlf$mg~y?1t4P3z4T)GRxm{TV#B1$FZrL6<ySBPCjO36=KGs|U8U4HZ@$rZK
zx$t7qztyB*<c35pc^VI8H~3lGn0*Tevi+;e!YB@hVxqhJN-^TTi3ew|Y33uCmDtj;
zI5co|IT*cR(F?2Wy8y*#;<)me!|gZ;7_ngy%SvljnR~B8mccw8O*>8kMr=sLGB(31
z@RkBP)|W08UdPqnXbp*0vL29+275NO3F6{)yabHckchpIZjCeF7jrJ7>u!{WLn$k2
z*jtqt5+6e|xFcA6UfaoJVpNAlbx&+}od>gj*Bxw!I4oSx@pvg1xgn8Dei`=d@Z|FJ
z(9A^P#Ij=)J<fO;7`0(h%RDb*GdT4zHYaYhw(E}el(U%e%Rw}{m)vIcBw|E|MKrp%
zt!Ic8!R}F8;+bp-`=UG+3nJUSuuKX@ZkXh5iCw(9ZMSnD>(F}<l3OMPBR5oX{jBen
z*!7x+T~p(l1Mc^{q#o~bc^J(h(G0OZ`!*vu))%spBA!ejM1PKxfDs!OvAs)98MW=Y
zad=GrGVCMYPK)brw1z}0J~H~lY(6+P`(V5TjM#99WhBN921J$<C)RJ@#o<q=A^{^d
zBx3Q|o{QUyk1Htqvk=BYZ8a$vx#5sY^hvtM$Y4YR7Hz!wLOw+@MtI1CGu}RxRl%6M
z<!lYV?$T#?jzd=u(_Kv}Ms`SKGv{`o-_+~r%NCC(g53+pNx+B=iP%$F6sH>99lLBJ
zr<!l`F=s>p#G-kt$iS!#huRZa34TsEK2Jn>-Hp<aC}s4GX3b|Fi^m#Z4}ozKFk(X@
zmhl&HV#h9ym-rKQk35rY5Qi-=>~R^EfDs!qvH7T*Sg9?Rf{`0CxiR~8hxKl`G>qhs
zNgnj#wq*rxM{7ZpOT$PGm*h0}F4-H{A(be|%}Z|?tA%3bx}I!|@^C5d_o2n)o5+uK
zM@hlRoegr&<+)&$W-Ke*1})}(eurgY6o*D}HoKo6tH-p?!ZTb=5=L;i1ecH1e@y;4
z`KM%V;Kx5tY-%E3c9WlyzsaILk+=CsuOG<LCO&>n$4=#uChsq6nRoQg?~E}gOPn|h
zH2${EW9E8JN4omEl>C^iCl7UvUh+tvZ0g-xowuoDWDR63>9b@dS<~_RmsjEYgJ-QL
z%liCXva0)F`=98WU7gj|Rj_|~J;-pmER5oCDE`Bd!F&f<ALu_V|HFDRsZ@;YaL8uP
z&aa;*`!qAqjCEp(=NVUfBQ+#a$=`P<Ht{^f8{1C%tR@GeHzazG-Ktx-&GyQUW6l}7
z-S0eHRCl8^EJ`nA545FYy;Z<`2Crh*xx_qAA{V1OM7kN@vx5cMAL7x$p5UUo8>Qh;
z%Bq;Q_IzjdxFbU2*1UD4VI+q|vft05C?X;by$iqNWnk2XMXevLv}E(K(-nD|iF1!7
zuO!TllYkK$60v@?=64R_+4(VB8h5p?SufVg$Kut+L&%u5x;%{LuxQ?s?Rz0B*k_YG
z)Xb@09TpS8<7HsfhD0r1U7v?KKVl;e7?R_P0VYdfJ$V?-A<^8E2JY!+*NtC#BfJo;
z<byuhbG>amzBER&pCTP2JuK3(G+4E<=j`OJ;>56*(c<y!M+DQ=<Y4rMMDM96B`TI(
ziQ?Rclc>+}GB9exqL$n=XxBJ*4S?Bk5-?)JA-3o2fjwzhze7uZq-0F1FsjSJ=naeB
zgG+XcBPU~HxQ;Z8<d8^aK8}$Zv#KZZPQdfF%id00EUPovFCvzxo}Ox4PaZ~dNHibI
z*Ki?b^B&`kj~?SVVkB5~QcVs<Z&>uQ8iSRXEyb%b=Zqf>uQ9%ec-XBX1tT{ca!;jg
z;?}rTBw)mbLo5+J+tRP-S|14!hjtxZZ=*9TI@w2_nPAp>u|7T~j{=mI*WYLjiB^0D
zXO7cjH`Ch|wJm8@tXCojV~H|D22~|t1cyT~dlhy*t`CYc2B(?~jM|W>#Z&1c$<VQ*
zV#;FL$&KuLsU)h)#HgMw)#UNQav<B7&+>I6xsxm^OV|tbr#=1U^J8Tod!^@lrrcq~
zavw@#UrXM*S&Qc7Is0^(7}cRseKWbCpS#Lx2ivQ%j<FVr+sO!jC*EVEds5jL<zZ9)
z&gpRSKE6{vN1s8`?=br=Qazq0y`FrG_AqI`ryQq`^usukwar~wD@Vz5Stw^w>+^bY
zF}g#fdqFnK)61;DZCTwuqh-u?N_B}C(V-IUZE$i@6YpmBH&zK;*O80S9VXoi$-K+9
z4%zb>X;Mm7OwY^yW=+$4#5T!-D6cOaBRyQw`~4`!dg?*-`W)8l%g1OBm-g3}8vLR3
zIgz0k8f&JR4db@SVZE+&jPy`RUrc_MZO#fo?@NiD?JDvxnnR`8kE$|XuZ=fT`=p*^
zjPNiCzp1`=QS&+X^?yZU&H3avH`ZiFqn3OM@y=;3B=u!ul!r@s>M_jwRj|PQP9)6x
z#O+^!_erH><cCZCGx-sFPPac6<2!nHr1u?-K<BmVBdZixr*LTWYk$khC1ouj+!l~o
z?elJ~zpYlV>}HVIN4R6;_syeKmyi)Z8^k|zt9jV-7yCYTi@skMjFXHJ9xmadW=G7T
zXNPU?rNN?~Tuw%Rc=Rv0IFHVy7VqdC`mCk7@pyeT^<-jHhema}UWl=mp9hSU<!X{J
zf<q&CWoXW`-^z^B;;t(bqdGLIA88%Ln(W6HTD|#LzOjdT9jj)pDhs1HG>TV6?R{~Z
z&TRA({4RMS-v~PfEXs;zSHpN#B~Kz3qdPRZ$(caDDZG2cjFZg|qPy|{^phSF*>z=N
zREI`&W-+t!c*o6IwnaAYvf28Wn64)gBRX87f7Y5zVok`5LU#6eERKxfVi_2<;Zpln
zRtCEbU|a0U=78Wh*)5ZV5qwny6SqVZ6ZzG9n(tbZKE)13qeAM5_T!x8+)`EQXS7X=
zwqNBFW42;Xez7C<;OvpvlWz1{v5EXutFaL|Eg~O@!3}u;$VnCplU3_%R8EV^r{a-)
zQT+Xvr6JiH8~;o*d+93mH5#Wy<F6WdKZ!;=j<2neI4u&%hD&cvo_%JYh(%v*s7@SL
zSEF#66w)7mXgq(#wKVdkMIKRpScN;HubGx$aSe^QX%Y8Iv>mC(Wwm27i7T$55jQR3
z-blBxH_e*JJCr|~cYgMynfz6$uhAGDjf?Weq%lOXky%`Kqx7mMeJicF=^`_kO<~Rp
z4axd7A3vY&EVHchV3d6~*psdaGc2E4ccXOrl=^3Q%|%_3Sp)y}EYCWRX0oWJM&NV^
zyr#7nE3zx$jz|Y0$=*-Io!7GI{PmpdR0t-Lg2;;PWKP#-Z!h91n8(?<jK91{?Ag!y
zvtQLyWlTJ$|BQ;+^_5<>C6eYeQ<9P3;~M64?y)|f6CbUF{BZm36_o7glaBtUEc$o|
zj?-hq&b1oEFh6+VzW4X!D^bX<ER=3TM=2ZSz-#`Md(G&om2hT$_U)C<I#;%rY+n44
zuEY#^UdyGe>8s=?m9gij-*R_@c&_`{N$AMU98uF1-5r^6t!-C|>m$EQ*|HhXCA}kl
z+23nJ<$tGl$GX~M`Cz$MTE<0PnVP3jB^x>~U%#%qGy6=pBxk<+wL5YoIi(UQu4(={
zND+BbXLkKPaMxPXv0eS}^z!GwanEC4b{o%@5?&<VCf|&Z>Nm+>lE3N>l(HvgI=T~F
zP@k@j{Z(cDDf#E*pLBHiCzZxra@*~{HmC0m%LTpFFXe9G_0U)w?m1m|PnoC9tIo$`
z8>$oa<rAJwza&>BkG9I6J`bekpZZ>MORoo?V_vf|^PMsLOjoDG{cIwI!Fy0XuI{<)
zFCC?x(>1r<vl{$f|8;#UNZH=|SXcjw2qxM;Z7ZccFUySB;X3BIz|Z03*MEQRoIlS?
zJu8Wqzpqih#EG+n7Vk6h^;r5?(!n~XHAEZb>yx(L{PhOgaFu7Czd}Yp##52@7$r~c
zh^C|WCZ_hM5iRJN&T8w7N$g7BR!=3#w&b#^yPZ0%a;$e~Q1n+<uZicS6>Ye6M5%_I
zS35n`d0A|mzYe?G({uP(j`Z8G1m(lM08bDd)6w1Vf~DUeb~9y$V|)5^_}jj0$Law%
zAL{vARx_Xb<cH+nE1h?%;(0gSdESd$<^DHxch=4>=>NG&P5q9Y2B8l0x5TTWPmttr
zy*E`~<b0+xkX@Y~w7(tYTi<Z6xa!JvKBRrdx2VS|`Iqhw)6#vO{%}xh<Yn`@dcwiG
zd|DrvN?=Ya`o3KMH>`j2vKg;`87ow^+kB5UT33%EtBRJ+mwOhp^aHhU?2gf+tvU6q
z*(%RDX^|7h0@`*-J;S<uXlR&6`eak@itWC2t)KH(;rpY`O8Xo7X>1lW9&*omxy))Z
zYWnTY%vQRJzI{;3e3{XE^){Wim-DS~xYtQ7`@vd-(d(q8i?`QFCGcf?9W+U50eT(7
cnD^{b-}JxUlnu14k)}UuPv1L~&ipC)|BzOX$^ZZW

literal 0
HcmV?d00001

diff --git a/WebGoat.NET.sln b/WebGoat.NET.sln
index 89f8133c..9758d3de 100644
--- a/WebGoat.NET.sln
+++ b/WebGoat.NET.sln
@@ -1,6 +1,8 @@
 
-Microsoft Visual Studio Solution File, Format Version 11.00
-# Visual Studio 2010
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio 14
+VisualStudioVersion = 14.0.24720.0
+MinimumVisualStudioVersion = 10.0.40219.1
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "WebGoat.NET", "WebGoat\WebGoat.NET.csproj", "{83B04441-0F79-4424-AAD0-46E0C3CDDAA1}"
 EndProject
 Global
@@ -14,6 +16,9 @@ Global
 		{83B04441-0F79-4424-AAD0-46E0C3CDDAA1}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{83B04441-0F79-4424-AAD0-46E0C3CDDAA1}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
 	GlobalSection(MonoDevelopProperties) = preSolution
 		StartupItem = WebGoat\WebGoat.NET.csproj
 		Policies = $0
@@ -23,7 +28,7 @@ Global
 		$0.StandardHeader = $2
 		$2.Text = 
 		$2.IncludeInNewFiles = True
-		$0.TextStylePolicy = $3
+		$0.TextStylePolicy = $34
 		$3.inheritsSet = null
 		$3.scope = text/x-csharp
 		$0.CSharpFormattingPolicy = $4
@@ -46,28 +51,25 @@ Global
 		$4.inheritsSet = Mono
 		$4.inheritsScope = text/x-csharp
 		$4.scope = text/x-csharp
-		$0.TextStylePolicy = $5
 		$5.FileWidth = 120
 		$5.inheritsSet = VisualStudio
 		$5.inheritsScope = text/plain
 		$5.scope = text/plain
 		$0.NameConventionPolicy = $6
 		$6.Rules = $7
-		$7.NamingRule = $8
+		$7.NamingRule = $32
 		$8.Name = Namespaces
 		$8.AffectedEntity = Namespace
 		$8.VisibilityMask = VisibilityMask
 		$8.NamingStyle = PascalCase
 		$8.IncludeInstanceMembers = True
 		$8.IncludeStaticEntities = True
-		$7.NamingRule = $9
 		$9.Name = Types
 		$9.AffectedEntity = Class, Struct, Enum, Delegate
 		$9.VisibilityMask = VisibilityMask
 		$9.NamingStyle = PascalCase
 		$9.IncludeInstanceMembers = True
 		$9.IncludeStaticEntities = True
-		$7.NamingRule = $10
 		$10.Name = Interfaces
 		$10.RequiredPrefixes = $11
 		$11.String = I
@@ -76,7 +78,6 @@ Global
 		$10.NamingStyle = PascalCase
 		$10.IncludeInstanceMembers = True
 		$10.IncludeStaticEntities = True
-		$7.NamingRule = $12
 		$12.Name = Attributes
 		$12.RequiredSuffixes = $13
 		$13.String = Attribute
@@ -85,7 +86,6 @@ Global
 		$12.NamingStyle = PascalCase
 		$12.IncludeInstanceMembers = True
 		$12.IncludeStaticEntities = True
-		$7.NamingRule = $14
 		$14.Name = Event Arguments
 		$14.RequiredSuffixes = $15
 		$15.String = EventArgs
@@ -94,7 +94,6 @@ Global
 		$14.NamingStyle = PascalCase
 		$14.IncludeInstanceMembers = True
 		$14.IncludeStaticEntities = True
-		$7.NamingRule = $16
 		$16.Name = Exceptions
 		$16.RequiredSuffixes = $17
 		$17.String = Exception
@@ -103,97 +102,82 @@ Global
 		$16.NamingStyle = PascalCase
 		$16.IncludeInstanceMembers = True
 		$16.IncludeStaticEntities = True
-		$7.NamingRule = $18
 		$18.Name = Methods
 		$18.AffectedEntity = Methods
 		$18.VisibilityMask = VisibilityMask
 		$18.NamingStyle = PascalCase
 		$18.IncludeInstanceMembers = True
 		$18.IncludeStaticEntities = True
-		$7.NamingRule = $19
 		$19.Name = Static Readonly Fields
 		$19.AffectedEntity = ReadonlyField
 		$19.VisibilityMask = Internal, Protected, Public
 		$19.NamingStyle = PascalCase
 		$19.IncludeInstanceMembers = False
 		$19.IncludeStaticEntities = True
-		$7.NamingRule = $20
 		$20.Name = Fields (Non Private)
 		$20.AffectedEntity = Field
 		$20.VisibilityMask = Internal, Protected, Public
 		$20.NamingStyle = PascalCase
 		$20.IncludeInstanceMembers = True
 		$20.IncludeStaticEntities = True
-		$7.NamingRule = $21
 		$21.Name = ReadOnly Fields (Non Private)
 		$21.AffectedEntity = ReadonlyField
 		$21.VisibilityMask = Internal, Protected, Public
 		$21.NamingStyle = PascalCase
 		$21.IncludeInstanceMembers = True
 		$21.IncludeStaticEntities = False
-		$7.NamingRule = $22
 		$22.Name = Fields (Private)
 		$22.AllowedPrefixes = $23
-		$23.String = _
 		$23.String = m_
 		$22.AffectedEntity = Field, ReadonlyField
 		$22.VisibilityMask = Private
 		$22.NamingStyle = CamelCase
 		$22.IncludeInstanceMembers = True
 		$22.IncludeStaticEntities = False
-		$7.NamingRule = $24
 		$24.Name = Static Fields (Private)
 		$24.AffectedEntity = Field
 		$24.VisibilityMask = Private
 		$24.NamingStyle = CamelCase
 		$24.IncludeInstanceMembers = False
 		$24.IncludeStaticEntities = True
-		$7.NamingRule = $25
 		$25.Name = ReadOnly Fields (Private)
 		$25.AllowedPrefixes = $26
-		$26.String = _
 		$26.String = m_
 		$25.AffectedEntity = ReadonlyField
 		$25.VisibilityMask = Private
 		$25.NamingStyle = CamelCase
 		$25.IncludeInstanceMembers = True
 		$25.IncludeStaticEntities = False
-		$7.NamingRule = $27
 		$27.Name = Constant Fields
 		$27.AffectedEntity = ConstantField
 		$27.VisibilityMask = VisibilityMask
 		$27.NamingStyle = PascalCase
 		$27.IncludeInstanceMembers = True
 		$27.IncludeStaticEntities = True
-		$7.NamingRule = $28
 		$28.Name = Properties
 		$28.AffectedEntity = Property
 		$28.VisibilityMask = VisibilityMask
 		$28.NamingStyle = PascalCase
 		$28.IncludeInstanceMembers = True
 		$28.IncludeStaticEntities = True
-		$7.NamingRule = $29
 		$29.Name = Events
 		$29.AffectedEntity = Event
 		$29.VisibilityMask = VisibilityMask
 		$29.NamingStyle = PascalCase
 		$29.IncludeInstanceMembers = True
 		$29.IncludeStaticEntities = True
-		$7.NamingRule = $30
 		$30.Name = Enum Members
 		$30.AffectedEntity = EnumMember
 		$30.VisibilityMask = VisibilityMask
 		$30.NamingStyle = PascalCase
 		$30.IncludeInstanceMembers = True
 		$30.IncludeStaticEntities = True
-		$7.NamingRule = $31
 		$31.Name = Parameters
 		$31.AffectedEntity = Parameter
 		$31.VisibilityMask = VisibilityMask
 		$31.NamingStyle = CamelCase
 		$31.IncludeInstanceMembers = True
 		$31.IncludeStaticEntities = True
-		$7.NamingRule = $32
 		$32.Name = Type Parameters
 		$32.RequiredPrefixes = $33
 		$33.String = T
@@ -202,11 +186,7 @@ Global
 		$32.NamingStyle = PascalCase
 		$32.IncludeInstanceMembers = True
 		$32.IncludeStaticEntities = True
-		$0.TextStylePolicy = $34
 		$34.inheritsSet = null
 		$34.scope = application/x-ashx
 	EndGlobalSection
-	GlobalSection(SolutionProperties) = preSolution
-		HideSolutionNode = FALSE
-	EndGlobalSection
 EndGlobal
diff --git a/WebGoat/App_Code/DB/MySqlDbProvider.cs b/WebGoat/App_Code/DB/MySqlDbProvider.cs
index 0bc79812..56651bbc 100644
--- a/WebGoat/App_Code/DB/MySqlDbProvider.cs
+++ b/WebGoat/App_Code/DB/MySqlDbProvider.cs
@@ -6,7 +6,8 @@
 using System.Diagnostics;
 using System.IO;
 using System.Threading;
-
+using System.Web;
+
 namespace OWASP.WebGoat.NET.App_Code.DB
 {
     public class MySqlDbProvider : IDbProvider
@@ -18,6 +19,7 @@ public class MySqlDbProvider : IDbProvider
         private readonly string _uid;
         private readonly string _database;
         private readonly string _clientExec;
+        
 
         private readonly ILog log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
 
@@ -103,8 +105,12 @@ public bool RecreateGoatDb()
 
             log.Info("Running recreate");
 
-            int retVal1 = Math.Abs(Util.RunProcessWithInput(_clientExec, args, DbConstants.DB_CREATE_MYSQL_SCRIPT));
-            int retVal2 = Math.Abs(Util.RunProcessWithInput(_clientExec, args, DbConstants.DB_LOAD_MYSQL_SCRIPT));
+            string createScript = HttpContext.Current.Server.MapPath(DbConstants.DB_CREATE_MYSQL_SCRIPT.Replace("\\", "/"));
+            string loadScript = HttpContext.Current.Server.MapPath(DbConstants.DB_LOAD_MYSQL_SCRIPT.Replace("\\", "/"));
+            
+
+            int retVal1 = Math.Abs(Util.RunProcessWithInput(_clientExec, args, createScript));
+            int retVal2 = Math.Abs(Util.RunProcessWithInput(_clientExec, args, loadScript));
             
             return Math.Abs(retVal1) + Math.Abs(retVal2) == 0;
         }
diff --git a/WebGoat/Configuration/Default.config b/WebGoat/Configuration/Default.config
index 3ed7cdc3..43370932 100644
--- a/WebGoat/Configuration/Default.config
+++ b/WebGoat/Configuration/Default.config
@@ -1 +1,7 @@
-dbtype=MySql
\ No newline at end of file
+dbtype=MySql
+host=localhost
+port=3306
+client=C:\Program Files\MySQL\MySQL Server 5.7\bin\mysql.exe
+database=webgoat
+uid=user
+pwd=password
diff --git a/WebGoat/ProxySetup.aspx b/WebGoat/ProxySetup.aspx
index 55d276ba..fec8c396 100644
--- a/WebGoat/ProxySetup.aspx
+++ b/WebGoat/ProxySetup.aspx
@@ -17,7 +17,7 @@
             ErrorMessage="Name is Required" ControlToValidate="txtName"></asp:RequiredFieldValidator><br />
         <asp:RegularExpressionValidator ID="valRegEx" runat="server" 
             ErrorMessage="Invalid Characters Detected!" ControlToValidate="txtName" 
-            ValidationExpression="[a-zA-Z\-\ \_]*"></asp:RegularExpressionValidator>
+            ValidationExpression="[a-zA-Z\-\ _]*"></asp:RegularExpressionValidator>
         <p />
         Enter your name (letters only): 
 		<asp:TextBox ID="txtName" runat="server" Width="304px"></asp:TextBox>
diff --git a/WebGoat/ProxySetup.aspx.designer.cs b/WebGoat/ProxySetup.aspx.designer.cs
index 9843c6c8..ebdd1167 100644
--- a/WebGoat/ProxySetup.aspx.designer.cs
+++ b/WebGoat/ProxySetup.aspx.designer.cs
@@ -1,32 +1,60 @@
-// ------------------------------------------------------------------------------
-//  <autogenerated>
-//      This code was generated by a tool.
-//      Mono Runtime Version: 4.0.30319.1
-// 
-//      Changes to this file may cause incorrect behavior and will be lost if 
-//      the code is regenerated.
-//  </autogenerated>
-// ------------------------------------------------------------------------------
-
-namespace OWASP.WebGoat.NET {
-	
-	
-	public partial class ProxySetup {
-		
-		protected System.Web.UI.WebControls.Content Content1;
-		
-		protected System.Web.UI.WebControls.Content Content3;
-		
-		protected System.Web.UI.WebControls.Content Content2;
-		
-		protected System.Web.UI.WebControls.RequiredFieldValidator valNameRequired;
-		
-		protected System.Web.UI.WebControls.RegularExpressionValidator valRegEx;
-		
-		protected System.Web.UI.WebControls.TextBox txtName;
-		
-		protected System.Web.UI.WebControls.Button btnReverse;
-		
-		protected System.Web.UI.WebControls.Label lblOutput;
-	}
-}
+//------------------------------------------------------------------------------
+// <auto-generated>
+//     This code was generated by a tool.
+//
+//     Changes to this file may cause incorrect behavior and will be lost if
+//     the code is regenerated. 
+// </auto-generated>
+//------------------------------------------------------------------------------
+
+namespace OWASP.WebGoat.NET {
+    
+    
+    public partial class ProxySetup {
+        
+        /// <summary>
+        /// valNameRequired control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.RequiredFieldValidator valNameRequired;
+        
+        /// <summary>
+        /// valRegEx control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.RegularExpressionValidator valRegEx;
+        
+        /// <summary>
+        /// txtName control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.TextBox txtName;
+        
+        /// <summary>
+        /// btnReverse control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Button btnReverse;
+        
+        /// <summary>
+        /// lblOutput control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Label lblOutput;
+    }
+}
diff --git a/WebGoat/Resources/Master-Pages/Site.Master.cs b/WebGoat/Resources/Master-Pages/Site.Master.cs
index 4c8c41de..780e92ec 100644
--- a/WebGoat/Resources/Master-Pages/Site.Master.cs
+++ b/WebGoat/Resources/Master-Pages/Site.Master.cs
@@ -20,7 +20,7 @@ protected void Page_Load(object sender, EventArgs e)
         }
         protected void lbtGenerateTestData_Click(object sender, EventArgs e)
         {
-        	Response.Redirect("/RebuildDatabase.aspx");
+        	Response.Redirect("~/RebuildDatabase.aspx");
         }
         public void GreyOutMenu()
         {
diff --git a/WebGoat/WebGoat.NET.csproj b/WebGoat/WebGoat.NET.csproj
index c00501db..b87d573a 100644
--- a/WebGoat/WebGoat.NET.csproj
+++ b/WebGoat/WebGoat.NET.csproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <GenerateFullPaths>True</GenerateFullPaths>
@@ -17,6 +17,12 @@
     <OldToolsVersion>4.0</OldToolsVersion>
     <UpgradeBackupLocation>
     </UpgradeBackupLocation>
+    <UseIISExpress>true</UseIISExpress>
+    <IISExpressSSLPort />
+    <IISExpressAnonymousAuthentication />
+    <IISExpressWindowsAuthentication />
+    <IISExpressUseClassicPipelineMode />
+    <UseGlobalApplicationHostFile />
   </PropertyGroup>
   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
     <DebugSymbols>true</DebugSymbols>
@@ -71,7 +77,7 @@
       <HintPath>lib\log4net.dll</HintPath>
     </Reference>
     <Reference Include="Mono.Data.Sqlite">
-        <HintPath>lib\Mono.Data.Sqlite.dll</HintPath>
+      <HintPath>lib\Mono.Data.Sqlite.dll</HintPath>
     </Reference>
   </ItemGroup>
   <ItemGroup>
@@ -911,6 +917,7 @@
     </Compile>
     <Compile Include="ProxySetup.aspx.cs">
       <DependentUpon>ProxySetup.aspx</DependentUpon>
+      <SubType>ASPXCodeBehind</SubType>
     </Compile>
     <Compile Include="ProxySetup.aspx.designer.cs">
       <DependentUpon>ProxySetup.aspx</DependentUpon>
@@ -934,30 +941,35 @@
     <Compile Include="App_Code\Util.cs" />
     <Compile Include="Content\Trace.aspx.cs">
       <DependentUpon>Trace.aspx</DependentUpon>
+      <SubType>ASPXCodeBehind</SubType>
     </Compile>
     <Compile Include="Content\Trace.aspx.designer.cs">
       <DependentUpon>Trace.aspx</DependentUpon>
     </Compile>
     <Compile Include="Content\XPathInjection.aspx.cs">
       <DependentUpon>XPathInjection.aspx</DependentUpon>
+      <SubType>ASPXCodeBehind</SubType>
     </Compile>
     <Compile Include="Content\XPathInjection.aspx.designer.cs">
       <DependentUpon>XPathInjection.aspx</DependentUpon>
     </Compile>
     <Compile Include="Content\HeaderInjection.aspx.cs">
       <DependentUpon>HeaderInjection.aspx</DependentUpon>
+      <SubType>ASPXCodeBehind</SubType>
     </Compile>
     <Compile Include="Content\HeaderInjection.aspx.designer.cs">
       <DependentUpon>HeaderInjection.aspx</DependentUpon>
     </Compile>
     <Compile Include="Content\MessageDigest.aspx.cs">
       <DependentUpon>MessageDigest.aspx</DependentUpon>
+      <SubType>ASPXCodeBehind</SubType>
     </Compile>
     <Compile Include="Content\MessageDigest.aspx.designer.cs">
       <DependentUpon>MessageDigest.aspx</DependentUpon>
     </Compile>
     <Compile Include="Content\XMLInjection.aspx.cs">
       <DependentUpon>XMLInjection.aspx</DependentUpon>
+      <SubType>ASPXCodeBehind</SubType>
     </Compile>
     <Compile Include="Content\XMLInjection.aspx.designer.cs">
       <DependentUpon>XMLInjection.aspx</DependentUpon>
@@ -965,24 +977,28 @@
     <Compile Include="App_Code\WeakMessageDigest.cs" />
     <Compile Include="Content\ReadlineDoS.aspx.cs">
       <DependentUpon>ReadlineDoS.aspx</DependentUpon>
+      <SubType>ASPXCodeBehind</SubType>
     </Compile>
     <Compile Include="Content\ReadlineDoS.aspx.designer.cs">
       <DependentUpon>ReadlineDoS.aspx</DependentUpon>
     </Compile>
     <Compile Include="Content\RegexDoS.aspx.cs">
       <DependentUpon>RegexDoS.aspx</DependentUpon>
+      <SubType>ASPXCodeBehind</SubType>
     </Compile>
     <Compile Include="Content\RegexDoS.aspx.designer.cs">
       <DependentUpon>RegexDoS.aspx</DependentUpon>
     </Compile>
     <Compile Include="Content\Unsafe.aspx.cs">
       <DependentUpon>Unsafe.aspx</DependentUpon>
+      <SubType>ASPXCodeBehind</SubType>
     </Compile>
     <Compile Include="Content\Unsafe.aspx.designer.cs">
       <DependentUpon>Unsafe.aspx</DependentUpon>
     </Compile>
     <Compile Include="Content\Random.aspx.cs">
       <DependentUpon>Random.aspx</DependentUpon>
+      <SubType>ASPXCodeBehind</SubType>
     </Compile>
     <Compile Include="Content\Random.aspx.designer.cs">
       <DependentUpon>Random.aspx</DependentUpon>
@@ -990,12 +1006,14 @@
     <Compile Include="App_Code\WeakRandom.cs" />
     <Compile Include="Content\VerbTampering.aspx.cs">
       <DependentUpon>VerbTampering.aspx</DependentUpon>
+      <SubType>ASPXCodeBehind</SubType>
     </Compile>
     <Compile Include="Content\VerbTampering.aspx.designer.cs">
       <DependentUpon>VerbTampering.aspx</DependentUpon>
     </Compile>
     <Compile Include="Content\VerbTamperingAttack.aspx.cs">
       <DependentUpon>VerbTamperingAttack.aspx</DependentUpon>
+      <SubType>ASPXCodeBehind</SubType>
     </Compile>
     <Compile Include="Content\VerbTamperingAttack.aspx.designer.cs">
       <DependentUpon>VerbTamperingAttack.aspx</DependentUpon>
@@ -1021,13 +1039,26 @@
         <XspParameters Port="8081" Address="127.0.0.1" SslMode="None" SslProtocol="Default" KeyType="None" CertFile="" KeyFile="" PasswordOptions="None" Password="" Verbose="true" />
       </Properties>
     </MonoDevelop>
+    <VisualStudio>
+      <FlavorProperties GUID="{349C5851-65DF-11DA-9384-00065B846F21}">
+        <WebProjectProperties>
+          <UseIIS>True</UseIIS>
+          <AutoAssignPort>True</AutoAssignPort>
+          <DevelopmentServerPort>55305</DevelopmentServerPort>
+          <DevelopmentServerVPath>/</DevelopmentServerVPath>
+          <IISUrl>http://localhost:55305/</IISUrl>
+          <NTLMAuthentication>False</NTLMAuthentication>
+          <UseCustomServer>False</UseCustomServer>
+          <CustomServerUrl>
+          </CustomServerUrl>
+          <SaveServerSettingsInUserFile>False</SaveServerSettingsInUserFile>
+        </WebProjectProperties>
+      </FlavorProperties>
+    </VisualStudio>
   </ProjectExtensions>
   <ItemGroup>
-    <Folder Include="WebGoatCoins\uploads\" />
-    <Folder Include="App_Data\" />
-    <Folder Include="App_Code\DB\" />
     <Folder Include="Configuration\" />
-    <Folder Include="DB_Scripts\" />
+    <Folder Include="WebGoatCoins\uploads\" />
   </ItemGroup>
   <ItemGroup>
     <Content Include="WebGoatCoins\ProductDetails.aspx" />
@@ -1057,4 +1088,5 @@
     <None Include="DB_Scripts\create_webgoatcoins_sqlite3.sql" />
   </ItemGroup>
   <ItemGroup />
-</Project>
+  <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v14.0\WebApplications\Microsoft.WebApplication.targets" />
+</Project>
\ No newline at end of file
diff --git a/WebGoat/WebGoat.NET.csproj.user b/WebGoat/WebGoat.NET.csproj.user
index fd9084ec..1919cf3a 100644
--- a/WebGoat/WebGoat.NET.csproj.user
+++ b/WebGoat/WebGoat.NET.csproj.user
@@ -1,5 +1,28 @@
 <?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <ProjectExtensions>
+    <VisualStudio>
+      <FlavorProperties GUID="{349C5851-65DF-11DA-9384-00065B846F21}">
+        <WebProjectProperties>
+          <StartPageUrl>
+          </StartPageUrl>
+          <StartAction>CurrentPage</StartAction>
+          <AspNetDebugging>True</AspNetDebugging>
+          <SilverlightDebugging>False</SilverlightDebugging>
+          <NativeDebugging>False</NativeDebugging>
+          <SQLDebugging>False</SQLDebugging>
+          <ExternalProgram>
+          </ExternalProgram>
+          <StartExternalURL>
+          </StartExternalURL>
+          <StartCmdLineArguments>
+          </StartCmdLineArguments>
+          <StartWorkingDirectory>
+          </StartWorkingDirectory>
+          <EnableENC>True</EnableENC>
+          <AlwaysStartWebServerOnDebug>True</AlwaysStartWebServerOnDebug>
+        </WebProjectProperties>
+      </FlavorProperties>
+    </VisualStudio>
   </ProjectExtensions>
-</Project>
+</Project>
\ No newline at end of file

From 2a4a712668c62dcb8267058168a61cfa1ab075f2 Mon Sep 17 00:00:00 2001
From: Lev Demidov <leviathan1337@gmail.com>
Date: Thu, 7 Jan 2016 14:00:02 -0500
Subject: [PATCH 2/2] Update README

---
 README | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/README b/README
index a30ac35b..b328fb3e 100644
--- a/README
+++ b/README
@@ -48,15 +48,15 @@ How To Build And Run under Mac OS X and Linux:
      hopefully you should be good go! Enjoy your hackathon!
 
 How to build and run under Windows with MySql:
-  1. Prerequisites:
+   1. Prerequisites:
      a. Visual Studio 2010 and above.
      b. Create a Mysql database with empty database and at least one user with full permissions.
   2. Open WebGoat.sln file via Visual Studio, and click on debug.
   3. You should see the WebGoat.NET page at which point click on
      'Set Up Database'.
-  3. You should see a form with a bunch of setup information for the
-     database. For 'Data Provider' choose MySql. You'll need to fill in
-     the respective data entries for your mysql db. Data File Path is not necessary for MySql so you can leave
-     it empty.
-  4. Click on 'Test Configuration', followed by 'Rebuild Database' and
+  4. You should see a form with a bunch of setup information for the
+     database.  Some placeholder text is already entered for you.  
+     Edit it to match your configuration. 
+     'Data File Path' is not necessary for MySql so you can leave it empty.
+  5. Click on 'Test Configuration', followed by 'Rebuild Database' and
      hopefully you should be good go! Enjoy your hackathon!