Knowledge (XXG)

Polyglot (computing)

Source 📝

2138: 2069: 2463:-DICOM polyglot technique. The polyglot nature of the attack, combined with regulatory considerations, led to disinfection complications: because "the malware is essentially fused to legitimate imaging files", "incident response teams and A/V software cannot delete the malware file as it contains protected patient health information". 2487:
file format. This technique can be used to exploit security vulnerabilities, for example through uploading a GIFAR to a website that allows image uploading (as it is a valid GIF file), and then causing the Java portion of the GIFAR to be executed as though it were part of the website's intended code,
2448:
appears at byte offset zero, but many PDF interpreters waive this constraint and accept the file as valid PDF as long as the string appears within the first 1024 bytes. This creates a window of opportunity for polyglot PDF files to smuggle non-PDF content in the header of the file. The PDF format has
2426:
compose a malicious payload within an ostensibly benign and widely accepted wrapper format, such as a JPEG file that allows arbitrary data in its comment field. A vulnerable JPEG renderer could then be coerced into executing the payload, handing control to the attacker. The mismatch between what the
2612:
Bridges, Robert A.; Oesch, Sean; Verma, Miki E.; Iannacone, Michael D.; Huffer, Kelly M. T.; Jewell, Brian; Nichols, Jeff A.; Weber, Brian; Beaver, Justin M.; Smith, Jared M.; Scofield, Daniel; Miles, Craig; Plummer, Thomas; Daniell, Mark; Tall, Anne M. (2023). "Beyond the Hype: An Evaluation of
146:
archive. To maintain validity across interpreting programs, one must ensure that constructs specific to one interpreter are not interpreted by another, and vice versa. This is often accomplished by hiding language-specific constructs in segments interpreted as comments or plain text of the other
141:
A polyglot is composed by combining syntax from two or more different formats, leveraging various syntactic constructs that are either common between the formats, or constructs that are language specific but carrying different meaning in each language. A file is a valid polyglot if it can be
2440:
Highly flexible or extensible file formats have greater scope for polyglotting, and therefore more tightly constrained interpretation offers some mitigation against attacks using polyglot techniques. For example, the PDF file format requires that the
2449:
been described as "diverse and vague", and due to significantly varying behaviour between different PDF parsing engines, it is possible to create a PDF-PDF polyglot that renders as two entirely different documents in two different PDF readers.
2436:
Note that in a security context, there is no requirement for a polyglot file to be strictly valid in multiple formats; it is sufficient for the file to trigger unintended behaviour when being interpreted by its primary interpreter.
2766:
Koch, Luke; Oesch, Sean; Chaulagain, Amul; Dixon, Jared; Dixon, Matthew; Huettal, Mike; Sadovnik, Amir; Watson, Cory; Weber, Brian; Hartman, Jacob; Patulski, Richard (2024). "On the Abuse and Detection of Polyglot Files".
72:, though file formats and source code syntax are both fundamentally streams of bytes, and exploiting this commonality is key to the development of polyglots. Polyglot files have practical applications in 2056:
This allows creating Perl scripts that can be run on DOS systems with minimal effort. Note that there is no requirement for a file to perform exactly the same function in the different interpreters.
2414:
programming languages were not designed to be compatible with each other, but there is sufficient commonality of syntax that a polyglot Python program can be written than runs in both versions.
2433:
is a trivial form of polyglot, where a server naively expects user-controlled input to conform to a certain constraint, but the user supplies syntax which is interpreted as SQL code.
3177: 2847: 3122: 2495:
GIFARs are possible because GIF images store their header in the beginning of the file, and JAR files (as with any ZIP archive-based format) store their data at the end.
142:
successfully interpreted by multiple interpreting programs. For example, a PDF-Zip polyglot might be opened as both a valid PDF document and decompressed as a valid
2456:. In 2019, an evaluation of commercial anti-malware software determined that several such packages were unable to detect any of the polyglot malware under test. 3211: 114:
group rec.puzzles in 1991, supporting 8 languages, though this was inspired by even earlier programs. In 2000, a polyglot program was named a winner in the
3369: 2926: 3011: 2452:
Detecting malware concealed within polyglot files requires more sophisticated analysis than relying on file-type identification utilities such as
115: 2868: 2207:, and be written in well-formed XHTML. The same document can then be served as either HTML or XHTML, depending on browser support and MIME type. 3069: 2374:) cannot be self-closing even if they are empty, as this is not valid HTML. For example, to add an empty textarea to a page, one cannot use 3099: 2948:
Desjardins, Benoit; Mirsky, Yisroel; Ortiz, Markel Picado; Glozman, Zeev; Tarbox, Lawrence; Horn, Robert; Horii, Steven C. (April 2020).
3168: 2667:
Koch, Luke; Oesch, Sean; Adkisson, Mary; Erwin, Sam; Weber, Brian; Chaulagain, Amul (2022). "Toward the Detection of Polyglot Files".
3268: 3393: 3141: 2573: 3038: 3328: 2844: 2985: 2895: 3464: 165: 3406: 2587: 2398:
files, allowing efficient storage of the same image data in a file that can be interpreted by either DICOM or TIFF viewers.
2507:, referring to the practise of building systems using multiple programming languages, but not necessarily in the same file. 3449: 3340: 3292: 3126: 34: 3251: 2788: 2744: 2688: 771: 3430: 3203: 2442: 2823: 2204: 160:
Two commonly used techniques for constructing a polyglot program are to make use of languages that use different
85: 3366: 3381: 3336: 3300: 2718: 3280: 3239: 2918: 683: 61: 2427:
interpreting program expects, and what the file actually contains, is the root cause of the vulnerability.
3459: 130: 73: 3007: 2196: 161: 2459:
In 2019, the DICOM medical imaging file format was found to be vulnerable to malware injection using a
2864: 3454: 2510: 731: 38: 2460: 168:, and to redefine various tokens as others in different languages. These are demonstrated in this 2977: 2768: 2668: 2640: 2622: 2579: 2558:
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security - CCS '13
2489: 3418: 3091: 3061: 3352: 2969: 2569: 2527: 2484: 2411: 2407: 181: 143: 77: 3315: 2961: 2632: 2561: 30: 3434: 3422: 3416:
A PDF-MP3 polyglot, being a PDF document which is also an MP3 audio version of its content
3410: 3373: 3332: 3284: 3272: 3265: 3255: 3243: 2851: 81: 46: 3145: 2230:
Element syntax (i.e. End tags are not optional. Use self-closing tags for void elements.)
3034: 2453: 2124:, where a secondary file format is hidden within null-padded areas of the primary file. 735: 676: 122: 103: 3325: 2137: 2112:
where a secondary file format is hidden within comment fields in a primary file format
2068: 3443: 2981: 2949: 2644: 2430: 2423: 2218:
Processing instructions and the XML declaration are both forbidden in polyglot markup
2203:
document to meet these criteria, the two requirements are that it must have an HTML5
727: 722: 169: 97: 2583: 753:
function is defined but not called and in C there is no need to explicitly call the
2891: 2214:, to write a polyglot HTML5 document, the following key points should be observed: 669: 3403: 3248: 2792: 2692: 2553: 2252:
The most basic possible polyglot markup document would therefore look like this:
65: 42: 16:
Computer program or file valid in multiple programming languages or file formats
558:
echo "\010Hello, world!\n";// 2> /dev/null > /dev/null \ ;
3385: 3344: 3308: 3304: 3260: 2492:. Java was patched in JRE 6 Update 11, with a CVE published in December 2008. 739: 3008:"Ubiquitous Bug Allows HIPAA-Protected Malware to Hide Behind Medical Images" 2740: 3389: 3312: 2565: 775: 22: 2973: 3427: 2965: 2514: 704:" is valid in both PHP and bash; C #defines are used to convert it into " 57: 3397: 3360: 3296: 2819: 126: 121:
In the 21st century, polyglot programs and files gained attention as a
106:
since at least the early 1990s. A notable early example, named simply
3428:
PoC||GTFO, a security publication published as polyglot PDF documents
2552:
Jonas Magazinius; Billy K. Rios; Andrei Sabelfeld (4 November 2013).
767: 173: 111: 53:
is composed by combining syntax from two or more different formats.
2714: 2636: 2236:
Text (i.e. pre and textarea should not start with newline character)
3277: 2845:
Polyglot Markup: HTML-Compatible XHTML Documents: 6.4 Void Elements
2773: 2673: 2627: 3288: 2613:
Commercially Available Machine-Learning-Based Malware Detectors".
2391: 2200: 2181: 2177: 2118:
where two files are mutually arranged within each others' comments
779: 3236: 711:
Comment indicators can be combined to perform various operations.
3377: 3356: 3319: 2395: 2186: 1936: 102:
Polyglot programs have been crafted as challenges and curios in
2394:
medical imaging format was designed to allow polyglotting with
1778:;OneKeyInput Input('Char', 1, '')  ; Char 3348: 2480: 2192: 2132: 2063: 1932: 177: 2176:
has been proposed as a useful combination of the benefits of
1919:; Wishing to refine it with new language ? Go on ! 3237:
CSE HTML Validator for Windows with polyglot markup support
2820:"Polyglot Markup: A robust profile of the HTML5 vocabulary" 2242:
Named entity references (i.e. Only amp, lt, gt, apos, quot)
3415: 2362:
In a polyglot markup document non-void elements (such as
745:
The final three lines are only used by bash, to call the
3176:(M.Sc). Norwegian University of Science and Technology. 2184:. Such documents can be parsed as either HTML (which is 1868:"'Hello, World !' in 4 languages" 1608:"'Hello, World !' in 4 languages" 2149: 2106:, where multiple files are concatenated with each other 2080: 672:
statement in C, but is a comment in both bash and PHP.
2741:"15th International Obfuscated C Code Contest (2000)" 37:(or other file) written in a valid form of multiple 2479:) is a polyglot file that is simultaneously in the 2199:structure either way. For example, in order for an 2892:"Cheat Sheet: Writing Python 2-3 compatible code" 129:. Polyglot files have practical applications in 3123:"A photo that can steal your online credentials" 2607: 2605: 734:except for its omission of brackets (which the 3170:Polyglot Programming - A Business Perspective 762:SNOBOL4, Win32Forth, PureBasicv4.x, and REBOL 8: 718:" is a valid statement in both bash and PHP. 675:"//" is a comment in both PHP and C and the 1512:'Char', 1, '')  ; Char 766:The following is written simultaneously in 2950:"DICOM Images Have Been Hacked! Now What?" 2547: 2545: 2543: 2221:Specifying a document’s character encoding 415:// 2> /dev/null > /dev/null \ ; 3142:"Billy (BK) Rios » SUN Fixes GIFARs" 2772: 2672: 2626: 2473:Graphics Interchange Format Java Archives 2245:Comments (i.e. Use <!-- syntax -->) 1748:; .( Hello, world !) @ To Including? 686:is used to eliminate undesirable outputs. 2715:"Polyglot: A program in eight languages" 2488:being delivered to the browser from the 2272:"http://www.w3.org/1999/xhtml" 1874:"Developed in 2010 by Society" 1614:"Developed in 2010 by Society" 2539: 2239:Attributes (i.e. Values must be quoted) 116:International Obfuscated C Code Contest 2662: 2660: 2658: 2656: 2654: 2615:Digital Threats: Research and Practice 3261:A polyglot in 451 different languages 3014:from the original on 5 September 2022 2988:from the original on 5 September 2022 2898:from the original on 6 September 2022 2871:from the original on 5 September 2022 2814: 2812: 2810: 2747:from the original on 6 September 2022 2721:from the original on 6 September 2022 2590:from the original on 5 September 2022 2248:Scripting and styling polyglot markup 7: 3266:A polyglot in 16 different languages 2313:The title element must not be empty. 45:. The name was coined by analogy to 3367:A polyglot in 6 different languages 3326:A polyglot in 7 different languages 3278:A polyglot in 8 different languages 2929:from the original on 9 October 2022 2865:"DICOM-TIFF dual personality files" 1935:batch file, then re-runs itself in 697:" PHP indicators still have effect. 630:/* 2> /dev/null | grep -v true*/ 511:/* 2> /dev/null | grep -v true*/ 3214:from the original on 5 August 2019 3204:"Analyzing Polyglot Microservices" 3202:Gupta, Tripta (19 December 2018). 3121:McMillan, Robert (1 August 2008). 3102:from the original on 20 April 2021 2826:from the original on 9 August 2022 689:Even on commented out lines, the " 564:$ x=5; // 2> /dev/null \ ; 14: 3183:from the original on 4 March 2016 3072:from the original on 6 March 2023 3060:Eckel, Benjamin (5 August 2008). 3041:from the original on 6 March 2023 2954:American Journal of Roentgenology 2923:27th Chaos Communication Congress 2854:. W3C Editor's Draft 9 July 2012. 2380:<textarea></textarea> 3140:Rios, Billy (17 December 2008). 2136: 2067: 2022:perl "%~dpnx0" %* 738:adds if this is compiled with a 56:When the file formats are to be 3125:. Infoworld.com. Archived from 3062:"The GIFAR Image Vulnerability" 2917:Wolf, Julia (9 February 2011). 1883:"Hello, world !" 1829:"Hello, world !" 1775:"Hello, World !" 1623:"Hello, world !" 1569:"Hello, world !" 1497:"Hello, World !" 1037:"Hello, world !" 857:"Hello, World !" 205:"\010Hello, world!\n" 68:, the file can be said to be a 2422:A polyglot of two formats may 1: 2789:"Benefits of polyglot XHTML5" 2689:"Benefits of polyglot XHTML5" 1931:The following file runs as a 591:#define main() int main(void) 472:#define main() int main(void) 315:#define main() int main(void) 125:mechanism for propagation of 2212:html-polyglot recommendation 2195:, and will produce the same 3249:Benefits of polyglot XHTML5 2040:"Hello, world!\n" 1989:"Hello, world!\n" 433:// 2> /dev/null \ ; 340:"Hello, world!\n" 3481: 730:which is identical to the 214:>/dev/null>/dev/null 95: 3404:List of generic polyglots 3242:18 September 2022 at the 1945:Highlighted for DOS batch 80:risk when used to bypass 76:, but can also present a 3167:Fjeldberg, Hans (2008). 2254: 2099:Polyglot types include: 2007: 1948: 1736: 1413: 1138: 791: 570:// 2> /dev/null; then 561:// 2> /dev/null; x=a; 546: 469:#include <stdio.h> 448:// 2> /dev/null; then 418:// 2> /dev/null; x=a; 382: 312:#include <stdio.h> 193: 98:History of steganography 3372:2 November 2008 at the 3254:12 October 2011 at the 3035:"How to Create a GIFAR" 2566:10.1145/2508859.2516685 1927:DOS batch file and Perl 3409:13 August 2003 at the 2850:2 October 2012 at the 2513:is similar, but about 1156:( Hello, world !) 788:Highlighted for SNOBOL 594:#define printf printf( 576:// 2> /dev/null; fi 475:#define printf printf( 460:// 2> /dev/null; fi 318:#define printf printf( 3465:Computer file formats 3331:26 April 2012 at the 3283:3 August 2003 at the 3129:on 18 September 2020. 2418:Security implications 2257:<!DOCTYPE html> 1733:Highlighted for REBOL 1410:Highlighted for BASIC 1195:Input('Char', 1135:Highlighted for Forth 749:function. In PHP the 110:was published on the 39:programming languages 3450:Computer programming 3433:24 June 2018 at the 3421:30 June 2022 at the 2966:10.2214/AJR.19.21958 2560:. pp. 753–764. 2511:Polyglot persistence 2505:Polyglot programming 2210:As expressed by the 2004:Highlighted for Perl 1954:rem = ' --PERL-- 668:A hash sign marks a 664:Note the following: 579:#define e ?> 463:#define e ?> 306:#define e ?> 190:Highlighted for Bash 172:polyglot written in 3271:14 May 2013 at the 3098:. 4 December 2008. 3033:Byrd, Christopher. 2499:Related terminology 1252:PrintN("Hello, 944:PrintN("Hello, 618:"Hello, world! 499:"Hello, world! 379:Highlighted for PHP 2795:on 12 October 2011 2695:on 12 October 2011 2424:steganographically 2148:. You can help by 2079:. You can help by 1856:SomeDummyMacroHere 1596:SomeDummyMacroHere 1360:system/ports/input 1351:system/ports/input 1279:SomeDummyMacroHere 708:" at compile time. 3010:. 17 April 2019. 2528:Quine (computing) 2386:Composing formats 2378:, but has to use 2376:<textarea/> 2166: 2165: 2097: 2096: 1291:"'Hello, 989:"'Hello, 974:omeDummyMacroHere 543:Highlighted for C 3472: 3316:machine language 3224: 3223: 3221: 3219: 3199: 3193: 3192: 3190: 3188: 3182: 3175: 3164: 3158: 3157: 3155: 3153: 3148:on 14 March 2016 3144:. Archived from 3137: 3131: 3130: 3118: 3112: 3111: 3109: 3107: 3088: 3082: 3081: 3079: 3077: 3057: 3051: 3050: 3048: 3046: 3030: 3024: 3023: 3021: 3019: 3004: 2998: 2997: 2995: 2993: 2945: 2939: 2938: 2936: 2934: 2914: 2908: 2907: 2905: 2903: 2887: 2881: 2880: 2878: 2876: 2861: 2855: 2842: 2836: 2835: 2833: 2831: 2816: 2805: 2804: 2802: 2800: 2791:. Archived from 2785: 2779: 2778: 2776: 2763: 2757: 2756: 2754: 2752: 2737: 2731: 2730: 2728: 2726: 2711: 2705: 2704: 2702: 2700: 2691:. Archived from 2685: 2679: 2678: 2676: 2664: 2649: 2648: 2630: 2609: 2600: 2599: 2597: 2595: 2549: 2447: 2381: 2377: 2373: 2369: 2365: 2358: 2355: 2352: 2349: 2346: 2343: 2340: 2337: 2334: 2331: 2328: 2325: 2322: 2319: 2316: 2312: 2309: 2306: 2303: 2300: 2297: 2294: 2291: 2288: 2285: 2282: 2279: 2276: 2273: 2270: 2267: 2264: 2261: 2258: 2190: 2161: 2158: 2140: 2133: 2092: 2089: 2071: 2064: 2050: 2047: 2044: 2041: 2038: 2035: 2032: 2029: 2026: 2023: 2020: 2017: 2014: 2011: 1997: 1994: 1990: 1986: 1983: 1980: 1977: 1974: 1971: 1968: 1965: 1961: 1958: 1955: 1952: 1920: 1917: 1914: 1911: 1908: 1905: 1902: 1899: 1896: 1893: 1890: 1887: 1884: 1881: 1878: 1875: 1872: 1869: 1866: 1863: 1860: 1857: 1854: 1851: 1848: 1845: 1842: 1839: 1836: 1833: 1830: 1827: 1824: 1821: 1818: 1815: 1812: 1809: 1806: 1803: 1800: 1797: 1794: 1791: 1788: 1785: 1782: 1779: 1776: 1773: 1770: 1767: 1764: 1761: 1758: 1755: 1752: 1749: 1746: 1743: 1740: 1726: 1723: 1720: 1717: 1714: 1711: 1708: 1705: 1702: 1699: 1696: 1693: 1690: 1687: 1684: 1681: 1678: 1675: 1672: 1669: 1666: 1663: 1660: 1657: 1654: 1651: 1648: 1645: 1642: 1639: 1636: 1633: 1630: 1627: 1624: 1621: 1618: 1615: 1612: 1609: 1606: 1603: 1600: 1597: 1594: 1591: 1588: 1585: 1582: 1579: 1576: 1573: 1570: 1567: 1564: 1561: 1558: 1555: 1552: 1549: 1546: 1543: 1540: 1537: 1534: 1531: 1528: 1525: 1522: 1519: 1516: 1513: 1510: 1507: 1504: 1501: 1498: 1495: 1492: 1489: 1486: 1483: 1480: 1477: 1474: 1471: 1468: 1465: 1462: 1459: 1456: 1453: 1450: 1447: 1444: 1441: 1438: 1435: 1432: 1429: 1426: 1423: 1420: 1417: 1403: 1400: 1397: 1394: 1391: 1388: 1385: 1382: 1379: 1376: 1373: 1370: 1367: 1364: 1361: 1358: 1355: 1352: 1349: 1346: 1343: 1340: 1337: 1334: 1331: 1328: 1325: 1322: 1319: 1316: 1313: 1310: 1307: 1304: 1301: 1298: 1295: 1292: 1289: 1286: 1283: 1280: 1277: 1274: 1271: 1268: 1265: 1262: 1259: 1256: 1253: 1250: 1247: 1244: 1241: 1238: 1235: 1232: 1229: 1226: 1223: 1220: 1217: 1214: 1211: 1208: 1205: 1202: 1199: 1196: 1193: 1190: 1187: 1184: 1181: 1178: 1175: 1172: 1169: 1166: 1163: 1160: 1157: 1154: 1151: 1148: 1145: 1142: 1128: 1125: 1122: 1119: 1116: 1113: 1110: 1107: 1104: 1101: 1098: 1095: 1092: 1089: 1086: 1083: 1080: 1077: 1074: 1071: 1068: 1065: 1062: 1059: 1056: 1053: 1050: 1047: 1044: 1041: 1038: 1035: 1032: 1029: 1026: 1023: 1020: 1017: 1014: 1011: 1008: 1005: 1002: 999: 996: 993: 990: 987: 984: 981: 978: 975: 972: 969: 966: 963: 960: 957: 954: 951: 948: 945: 942: 939: 936: 933: 930: 927: 924: 921: 918: 915: 912: 909: 906: 903: 900: 897: 894: 891: 888: 885: 882: 879: 876: 873: 870: 867: 864: 861: 858: 855: 852: 849: 846: 843: 840: 837: 834: 831: 828: 825: 822: 819: 816: 813: 810: 807: 804: 801: 798: 795: 756: 752: 748: 725: 717: 707: 703: 696: 692: 658: 655: 652: 649: 646: 643: 640: 637: 634: 631: 628: 625: 622: 619: 616: 613: 610: 607: 604: 601: 600:#define function 598: 595: 592: 589: 586: 583: 580: 577: 574: 571: 568: 565: 562: 559: 556: 553: 550: 536: 533: 530: 527: 524: 521: 518: 515: 512: 509: 506: 503: 500: 497: 494: 491: 488: 485: 482: 481:#define function 479: 476: 473: 470: 467: 464: 461: 458: 455: 452: 449: 446: 443: 440: 437: 434: 431: 428: 425: 422: 419: 416: 413: 410: 407: 404: 401: 398: 395: 392: 389: 386: 372: 368: 365: 362: 359: 356: 353: 349: 345: 341: 338: 335: 332: 328: 325: 324:#define function 322: 319: 316: 313: 310: 307: 304: 301: 297: 293: 290: 287: 284: 281: 277: 273: 270: 267: 264: 261: 258: 254: 250: 247: 244: 241: 238: 234: 231: 228: 224: 220: 217: 213: 209: 206: 203: 200: 197: 156:C, PHP, and Bash 109: 84:or to exploit a 70:polyglot program 31:computer program 3480: 3479: 3475: 3474: 3473: 3471: 3470: 3469: 3440: 3439: 3435:Wayback Machine 3423:Wayback Machine 3411:Wayback Machine 3374:Wayback Machine 3333:Wayback Machine 3285:Wayback Machine 3273:Wayback Machine 3256:Wayback Machine 3244:Wayback Machine 3233: 3228: 3227: 3217: 3215: 3201: 3200: 3196: 3186: 3184: 3180: 3173: 3166: 3165: 3161: 3151: 3149: 3139: 3138: 3134: 3120: 3119: 3115: 3105: 3103: 3092:"CVE-2008-5343" 3090: 3089: 3085: 3075: 3073: 3059: 3058: 3054: 3044: 3042: 3032: 3031: 3027: 3017: 3015: 3006: 3005: 3001: 2991: 2989: 2947: 2946: 2942: 2932: 2930: 2916: 2915: 2911: 2901: 2899: 2890:Schofield, Ed. 2889: 2888: 2884: 2874: 2872: 2863: 2862: 2858: 2852:Wayback Machine 2843: 2839: 2829: 2827: 2818: 2817: 2808: 2798: 2796: 2787: 2786: 2782: 2765: 2764: 2760: 2750: 2748: 2739: 2738: 2734: 2724: 2722: 2713: 2712: 2708: 2698: 2696: 2687: 2686: 2682: 2666: 2665: 2652: 2637:10.1145/3567432 2611: 2610: 2603: 2593: 2591: 2576: 2551: 2550: 2541: 2536: 2524: 2501: 2469: 2445: 2420: 2404: 2388: 2379: 2375: 2371: 2367: 2363: 2360: 2359: 2356: 2353: 2350: 2347: 2344: 2341: 2338: 2335: 2332: 2329: 2326: 2323: 2320: 2317: 2314: 2310: 2307: 2304: 2301: 2298: 2295: 2292: 2289: 2286: 2283: 2280: 2277: 2274: 2271: 2268: 2265: 2262: 2259: 2256: 2233:Element content 2185: 2174:Polyglot markup 2171: 2169:Polyglot markup 2162: 2156: 2153: 2146:needs expansion 2131: 2093: 2087: 2084: 2077:needs expansion 2062: 2054: 2053: 2052: 2051: 2048: 2045: 2042: 2039: 2036: 2033: 2030: 2027: 2024: 2021: 2018: 2015: 2012: 2009: 2000: 1999: 1998: 1995: 1992: 1988: 1984: 1981: 1978: 1975: 1972: 1969: 1966: 1963: 1959: 1956: 1953: 1950: 1929: 1924: 1923: 1922: 1921: 1918: 1915: 1912: 1909: 1906: 1903: 1900: 1897: 1894: 1891: 1888: 1885: 1882: 1879: 1876: 1873: 1870: 1867: 1864: 1861: 1858: 1855: 1852: 1849: 1846: 1843: 1840: 1837: 1834: 1831: 1828: 1825: 1822: 1819: 1816: 1813: 1810: 1807: 1804: 1801: 1798: 1795: 1792: 1789: 1786: 1783: 1780: 1777: 1774: 1771: 1768: 1765: 1762: 1759: 1756: 1753: 1750: 1747: 1744: 1741: 1738: 1729: 1728: 1727: 1724: 1721: 1718: 1715: 1712: 1709: 1706: 1703: 1700: 1697: 1694: 1691: 1688: 1685: 1682: 1679: 1676: 1673: 1670: 1667: 1664: 1661: 1658: 1655: 1652: 1649: 1646: 1643: 1640: 1637: 1634: 1631: 1628: 1625: 1622: 1619: 1616: 1613: 1610: 1607: 1604: 1601: 1598: 1595: 1592: 1589: 1586: 1583: 1580: 1577: 1574: 1571: 1568: 1565: 1562: 1559: 1556: 1553: 1550: 1547: 1544: 1541: 1538: 1535: 1532: 1529: 1526: 1523: 1520: 1517: 1514: 1511: 1508: 1505: 1502: 1499: 1496: 1493: 1490: 1487: 1484: 1481: 1478: 1475: 1472: 1469: 1466: 1463: 1460: 1457: 1454: 1451: 1448: 1445: 1442: 1439: 1436: 1433: 1430: 1427: 1424: 1421: 1418: 1415: 1406: 1405: 1404: 1401: 1398: 1395: 1392: 1389: 1386: 1383: 1380: 1377: 1374: 1371: 1368: 1365: 1362: 1359: 1356: 1353: 1350: 1347: 1344: 1341: 1338: 1335: 1332: 1329: 1326: 1323: 1320: 1317: 1314: 1312:"Developed 1311: 1308: 1306:languages" 1305: 1302: 1299: 1296: 1293: 1290: 1287: 1284: 1281: 1278: 1275: 1272: 1269: 1266: 1263: 1260: 1257: 1254: 1251: 1248: 1245: 1242: 1239: 1236: 1233: 1230: 1227: 1224: 1221: 1218: 1215: 1212: 1209: 1206: 1203: 1200: 1197: 1194: 1191: 1188: 1185: 1182: 1179: 1176: 1173: 1170: 1167: 1164: 1161: 1158: 1155: 1152: 1149: 1146: 1143: 1140: 1131: 1130: 1129: 1126: 1123: 1120: 1117: 1114: 1111: 1108: 1105: 1102: 1099: 1096: 1093: 1090: 1087: 1084: 1081: 1078: 1075: 1072: 1069: 1066: 1063: 1060: 1057: 1054: 1051: 1048: 1045: 1042: 1039: 1036: 1033: 1030: 1027: 1024: 1021: 1018: 1015: 1013:"Developed 1012: 1009: 1006: 1004:languages" 1003: 1000: 997: 994: 991: 988: 985: 982: 979: 976: 973: 970: 967: 964: 961: 958: 955: 952: 949: 946: 943: 940: 937: 934: 931: 928: 925: 922: 919: 916: 913: 910: 907: 904: 901: 898: 895: 892: 889: 886: 883: 880: 877: 874: 871: 868: 865: 862: 859: 856: 853: 850: 847: 844: 841: 838: 835: 832: 829: 826: 823: 820: 817: 814: 811: 808: 805: 802: 799: 796: 793: 764: 754: 750: 746: 721: 715: 705: 702:function main() 701: 700:The statement " 694: 690: 662: 661: 660: 659: 656: 653: 650: 647: 644: 641: 638: 635: 632: 629: 626: 623: 620: 617: 614: 611: 608: 605: 602: 599: 596: 593: 590: 588:<stdio.h> 587: 584: 581: 578: 575: 572: 569: 566: 563: 560: 557: 554: 551: 548: 539: 538: 537: 534: 531: 528: 525: 522: 519: 516: 513: 510: 507: 504: 501: 498: 495: 492: 489: 486: 483: 480: 477: 474: 471: 468: 465: 462: 459: 456: 453: 450: 447: 444: 441: 438: 435: 432: 429: 426: 423: 420: 417: 414: 411: 408: 405: 402: 399: 396: 393: 390: 387: 384: 375: 374: 373: 370: 366: 363: 360: 357: 354: 351: 347: 343: 339: 336: 333: 330: 326: 323: 320: 317: 314: 311: 308: 305: 302: 299: 295: 291: 288: 285: 282: 279: 275: 271: 268: 265: 262: 259: 256: 252: 248: 245: 242: 239: 236: 232: 229: 226: 222: 218: 215: 211: 207: 204: 201: 198: 195: 158: 153: 139: 107: 100: 94: 47:multilingualism 17: 12: 11: 5: 3478: 3476: 3468: 3467: 3462: 3457: 3452: 3442: 3441: 3438: 3437: 3425: 3413: 3401: 3364: 3323: 3275: 3263: 3258: 3246: 3232: 3231:External links 3229: 3226: 3225: 3194: 3159: 3132: 3113: 3083: 3052: 3025: 2999: 2960:(4): 727–735. 2940: 2909: 2882: 2856: 2837: 2806: 2780: 2758: 2732: 2706: 2680: 2650: 2601: 2574: 2538: 2537: 2535: 2532: 2531: 2530: 2523: 2520: 2519: 2518: 2508: 2500: 2497: 2468: 2465: 2419: 2416: 2403: 2400: 2387: 2384: 2255: 2250: 2249: 2246: 2243: 2240: 2237: 2234: 2231: 2228: 2225: 2222: 2219: 2170: 2167: 2164: 2163: 2157:September 2022 2143: 2141: 2130: 2127: 2126: 2125: 2119: 2113: 2107: 2095: 2094: 2088:September 2022 2074: 2072: 2061: 2058: 2025:goto endofperl 2016:' --PERL-- 2008: 2001: 1987:#!perl print 1949: 1942: 1941: 1928: 1925: 1737: 1730: 1414: 1407: 1139: 1132: 872:'Char' 792: 785: 784: 763: 760: 759: 758: 743: 736:C preprocessor 719: 712: 709: 706:int main(void) 698: 687: 680: 677:root directory 673: 597:#define true ) 547: 540: 478:#define true ) 383: 376: 321:#define true ) 194: 187: 186: 157: 154: 152: 149: 138: 135: 123:covert channel 104:hacker culture 93: 90: 15: 13: 10: 9: 6: 4: 3: 2: 3477: 3466: 3463: 3461: 3460:Steganography 3458: 3456: 3453: 3451: 3448: 3447: 3445: 3436: 3432: 3429: 3426: 3424: 3420: 3417: 3414: 3412: 3408: 3405: 3402: 3399: 3395: 3391: 3387: 3383: 3379: 3375: 3371: 3368: 3365: 3362: 3358: 3354: 3350: 3346: 3342: 3338: 3334: 3330: 3327: 3324: 3321: 3317: 3314: 3310: 3306: 3302: 3298: 3294: 3290: 3286: 3282: 3279: 3276: 3274: 3270: 3267: 3264: 3262: 3259: 3257: 3253: 3250: 3247: 3245: 3241: 3238: 3235: 3234: 3230: 3213: 3209: 3205: 3198: 3195: 3179: 3172: 3171: 3163: 3160: 3147: 3143: 3136: 3133: 3128: 3124: 3117: 3114: 3101: 3097: 3096:cve.mitre.org 3093: 3087: 3084: 3071: 3067: 3063: 3056: 3053: 3040: 3036: 3029: 3026: 3013: 3009: 3003: 3000: 2987: 2983: 2979: 2975: 2971: 2967: 2963: 2959: 2955: 2951: 2944: 2941: 2928: 2924: 2920: 2919:"OMG WTF PDF" 2913: 2910: 2897: 2893: 2886: 2883: 2870: 2866: 2860: 2857: 2853: 2849: 2846: 2841: 2838: 2825: 2821: 2815: 2813: 2811: 2807: 2794: 2790: 2784: 2781: 2775: 2770: 2762: 2759: 2746: 2742: 2736: 2733: 2720: 2716: 2710: 2707: 2694: 2690: 2684: 2681: 2675: 2670: 2663: 2661: 2659: 2657: 2655: 2651: 2646: 2642: 2638: 2634: 2629: 2624: 2620: 2616: 2608: 2606: 2602: 2589: 2585: 2581: 2577: 2575:9781450324779 2571: 2567: 2563: 2559: 2555: 2548: 2546: 2544: 2540: 2533: 2529: 2526: 2525: 2521: 2516: 2512: 2509: 2506: 2503: 2502: 2498: 2496: 2493: 2491: 2486: 2482: 2478: 2474: 2466: 2464: 2462: 2457: 2455: 2450: 2444: 2438: 2434: 2432: 2431:SQL Injection 2428: 2425: 2417: 2415: 2413: 2409: 2402:Compatibility 2401: 2399: 2397: 2393: 2385: 2383: 2253: 2247: 2244: 2241: 2238: 2235: 2232: 2229: 2226: 2223: 2220: 2217: 2216: 2215: 2213: 2208: 2206: 2202: 2198: 2194: 2188: 2183: 2179: 2175: 2168: 2160: 2151: 2147: 2144:This section 2142: 2139: 2135: 2134: 2128: 2123: 2120: 2117: 2114: 2111: 2108: 2105: 2102: 2101: 2100: 2091: 2082: 2078: 2075:This section 2073: 2070: 2066: 2065: 2059: 2057: 2006: 2005: 1947: 1946: 1940: 1938: 1934: 1926: 1735: 1734: 1412: 1411: 1324:Society" 1246:OpenConsole() 1137: 1136: 938:OpenConsole() 790: 789: 783: 781: 777: 773: 769: 761: 744: 741: 737: 733: 729: 728:shell builtin 724: 720: 713: 710: 699: 688: 685: 681: 678: 674: 671: 667: 666: 665: 545: 544: 403:Hello, world! 381: 380: 346:>/dev/null 298:>/dev/null 278:>/dev/null 255:>/dev/null 225:>/dev/null 192: 191: 185: 183: 179: 175: 171: 170:public domain 167: 163: 155: 150: 148: 145: 136: 134: 132: 131:compatibility 128: 124: 119: 117: 113: 105: 99: 91: 89: 87: 86:vulnerability 83: 79: 75: 74:compatibility 71: 67: 63: 59: 54: 52: 51:polyglot file 48: 44: 40: 36: 32: 28: 24: 19: 3376:(written in 3335:(written in 3287:(written in 3216:. Retrieved 3207: 3197: 3185:. Retrieved 3169: 3162: 3150:. Retrieved 3146:the original 3135: 3127:the original 3116: 3104:. Retrieved 3095: 3086: 3074:. Retrieved 3065: 3055: 3043:. Retrieved 3028: 3016:. Retrieved 3002: 2990:. Retrieved 2957: 2953: 2943: 2931:. Retrieved 2922: 2912: 2900:. Retrieved 2885: 2873:. Retrieved 2859: 2840: 2828:. Retrieved 2797:. Retrieved 2793:the original 2783: 2761: 2749:. Retrieved 2735: 2723:. Retrieved 2709: 2697:. Retrieved 2693:the original 2683: 2618: 2614: 2592:. Retrieved 2557: 2504: 2494: 2476: 2472: 2470: 2467:GIFAR attack 2458: 2451: 2443:magic number 2439: 2435: 2429: 2421: 2405: 2389: 2361: 2290:"" 2281:"" 2251: 2211: 2209: 2173: 2172: 2154: 2150:adding to it 2145: 2121: 2115: 2109: 2103: 2098: 2085: 2081:adding to it 2076: 2055: 2003: 2002: 1991:; __END__ 1944: 1943: 1930: 1910:/ports/input 1898:/ports/input 1732: 1731: 1409: 1408: 1333:"Hello, 1192:;OneKeyInput 1183:"Hello, 1134: 1133: 1028:ociety" 787: 786: 765: 670:preprocessor 663: 582:#define b */ 542: 541: 529:#define c /* 466:#define b */ 385:#define a /* 378: 377: 367:#define c /* 350:grep-vtrue*/ 309:#define b */ 196:#define a /* 189: 188: 159: 140: 137:Construction 120: 101: 69: 55: 50: 43:file formats 26: 20: 18: 3455:Source code 3018:5 September 2992:5 September 2933:6 September 2902:6 September 2875:5 September 2830:4 September 2799:4 September 2751:6 September 2725:6 September 2699:4 September 2621:(2): 1–22. 2594:5 September 2554:"Polyglots" 2490:same origin 2224:The DOCTYPE 2189:-compatible 1814:OpenConsole 1554:OpenConsole 1503:OneKeyInput 1204:'') 863:OneKeyInput 684:redirection 66:source code 62:interpreted 3444:Categories 3394:Whitespace 3386:Unix shell 3345:PostScript 3309:Unix shell 3305:PostScript 2774:2407.01529 2674:2203.07561 2628:2012.09214 2534:References 2227:Namespaces 2049::endofperl 2028:@rem ' 1985:rem '; 1962:off perl 1796:Win32Forth 1533:Win32Forth 1228:Win32Forth 1165:Including? 914:Win32Forth 884:'' 827:Including? 776:PureBasicv 772:Win32Forth 740:C compiler 726:is a bash 716:if (($ x)) 648:#define c 567:if (($ x)) 549:#define a 162:characters 96:See also: 82:validation 3390:Brainfuck 3361:Befunge98 3313:Intel x86 2982:208318324 2645:247218744 2515:databases 2382:instead. 2110:parasites 2019:@echo off 1996:endofperl 1979:endofperl 1904:set-modes 1892:set-modes 1886:EndMacro: 1871:CopyLeft: 1811:EndMacro: 1790:PureBASIC 1754:SkipThis; 1626:EndMacro: 1611:CopyLeft: 1551:EndMacro: 1527:PureBASIC 1464:Including 1357:set-modes 1348:set-modes 1342:EndMacro: 1309:CopyLeft: 1243:EndMacro: 1222:PureBASIC 1171:SkipThis; 1070:set-modes 1049:set-modes 908:PureBASIC 778:4.x, and 757:function. 573:return 0; 555:#<?php 199:#<?php 23:computing 3431:Archived 3419:Archived 3407:Archived 3370:Archived 3329:Archived 3281:Archived 3269:Archived 3252:Archived 3240:Archived 3218:5 August 3212:Archived 3178:Archived 3152:20 April 3106:20 April 3100:Archived 3070:Archived 3066:Hackaday 3039:Archived 3012:Archived 2986:Archived 2974:31770023 2927:Archived 2896:Archived 2869:Archived 2848:Archived 2824:Archived 2745:Archived 2719:Archived 2588:Archived 2584:16516484 2522:See also 2412:Python 3 2408:Python 2 2284:xml:lang 2129:Benefits 2122:cavities 1916:EndMacro 1713:language 1689:EndMacro 1473:SkipThis 1390:language 1366:EndMacro 1258:!") 1180:Char(10) 1115:language 1091:EndMacro 1040:EndMacro 1007:CopyLeft 950:!") 932:EndMacro 833:SkipThis 732:C printf 691:<?php 679:in bash. 603:function 585:#include 484:function 391:<?php 327:function 166:comments 151:Examples 147:format. 108:polyglot 78:security 58:compiled 27:polyglot 3398:Befunge 3297:Fortran 3076:6 March 3045:6 March 2205:doctype 2116:zippers 2046:__END__ 1967:%~dpnx0 1784:SNOBOL4 1739:*BUFFER 1695:Wishing 1521:SNOBOL4 1372:Wishing 1339:!" 1270:Inkey() 1216:SNOBOL4 1189:!" 1141:*BUFFER 1097:Wishing 962:Inkey() 902:SNOBOL4 693:" and " 127:malware 92:History 3341:Pascal 3293:Pascal 3208:Medium 3187:28 May 2980:  2972:  2643:  2582:  2572:  2364:script 2104:stacks 2034:#!perl 1970:" 1964:" 1907:system 1895:system 1865:Title: 1835:Repeat 1823:PrintN 1757:OUTPUT 1701:refine 1668:system 1641:system 1605:Title: 1575:Repeat 1563:PrintN 1479:OUTPUT 1419:BUFFER 1378:refine 1297:!' 1288:Title: 1261:Repeat 1174:OUTPUT 1103:refine 1073:system 1052:system 995:!' 953:Repeat 839:OUTPUT 812:Hello, 797:BUFFER 768:SNOBOL 723:printf 682:Shell 636:return 624:" 615:printf 517:return 505:" 496:printf 451:return 409:" 397:" 355:return 342:true/* 337:printf 286:return 174:ANSI C 112:Usenet 35:script 3289:COBOL 3181:(PDF) 3174:(PDF) 2978:S2CID 2769:arXiv 2669:arXiv 2641:S2CID 2623:arXiv 2580:S2CID 2477:GIFAR 2392:DICOM 2351:</ 2342:</ 2324:</ 2318:title 2315:</ 2308:title 2266:xmlns 2201:HTML5 2191:) or 2182:XHTML 2178:HTML5 2060:Types 2037:print 1913:NOP:: 1901:Input 1880:Print 1859:REBOL 1853:Macro 1844:Inkey 1841:Until 1808:<3 1802:REBOL 1751:Macro 1680:input 1674:ports 1665:modes 1656:Input 1653:input 1647:ports 1638:modes 1620:Print 1599:REBOL 1593:Macro 1584:Inkey 1581:Until 1539:REBOL 1506:Input 1470:Macro 1449:world 1443:Hello 1363:NOP:: 1354:Input 1336:world 1330:Print 1294:World 1282:REBOL 1276:Macro 1267:Until 1255:world 1240:<3 1234:REBOL 1186:World 1168:Macro 1088:NOP:: 1085:input 1079:ports 1067:Input 1064:input 1058:ports 1034:Print 992:World 983:Title 977:REBOL 968:Macro 959:Until 947:world 920:REBOL 866:Input 830:Macro 815:world 780:REBOL 695:?> 369:main 29:is a 3396:and 3378:Perl 3359:and 3357:Perl 3353:Bash 3320:Perl 3318:and 3220:2019 3189:2015 3154:2021 3108:2021 3078:2023 3047:2023 3020:2022 2994:2022 2970:PMID 2935:2022 2904:2022 2877:2022 2832:2022 2801:2022 2753:2022 2727:2022 2701:2022 2596:2022 2570:ISBN 2483:and 2454:file 2446:%PDF 2410:and 2406:The 2396:TIFF 2390:The 2357:> 2354:html 2348:> 2345:body 2339:> 2336:body 2333:< 2330:> 2327:head 2321:> 2311:> 2305:< 2302:> 2299:head 2296:< 2293:> 2275:lang 2263:html 2260:< 2187:SGML 2180:and 2010:@rem 1976:goto 1960:echo 1937:Perl 1889:func 1781:End; 1763:Char 1707:with 1683:NOP: 1629:func 1545:< 1485:Char 1384:with 1345:func 1318:2010 1213:End; 1210:Char 1109:with 1046:func 1019:2010 926:< 893:Char 845:Char 755:main 751:main 747:main 654:main 627:true 606:main 532:main 508:true 487:main 400:\010 394:echo 329:main 283:then 202:echo 182:bash 180:and 164:for 49:. A 25:, a 3349:TeX 2962:doi 2958:214 2633:doi 2562:doi 2485:JAR 2481:GIF 2372:div 2197:DOM 2193:XML 2152:. 2083:. 1933:DOS 1745:A.A 1710:new 1659:set 1632:set 1515:End 1387:new 1147:A.A 1112:new 896:End 803:A.A 770:4, 657:#*/ 535:#*/ 442:$ x 421:$ x 371:#*/ 269:$ x 240:$ x 178:PHP 144:zip 64:as 60:or 41:or 33:or 21:In 3446:: 3392:, 3388:, 3384:, 3380:, 3355:, 3351:, 3347:, 3343:, 3339:, 3322:5) 3311:, 3307:, 3303:, 3299:, 3295:, 3291:, 3210:. 3206:. 3094:. 3068:. 3064:. 3037:. 2984:. 2976:. 2968:. 2956:. 2952:. 2925:. 2921:. 2894:. 2867:. 2822:. 2809:^ 2743:. 2717:. 2653:^ 2639:. 2631:. 2617:. 2604:^ 2586:. 2578:. 2568:. 2556:. 2542:^ 2471:A 2461:PE 2370:, 2366:, 1973:%* 1939:: 1847:() 1817:() 1769:10 1722:on 1719:Go 1704:it 1698:to 1587:() 1557:() 1491:10 1461:To 1399:on 1396:Go 1381:it 1375:to 1321:by 1315:in 1300:in 1162:To 1124:on 1121:Go 1106:it 1100:to 1022:by 1016:in 998:in 851:10 824:To 818:!) 809:.( 782:: 774:, 742:). 651:/* 621:\n 609:() 552:/* 502:\n 490:() 445:)) 439:(( 436:if 406:\n 331:() 303:fi 294:// 274:// 272:)) 266:(( 263:if 257:\ 251:// 221:// 216:\ 210:// 184:: 176:, 133:, 118:. 88:. 3400:) 3382:C 3363:) 3337:C 3301:C 3222:. 3191:. 3156:. 3110:. 3080:. 3049:. 3022:. 2996:. 2964:: 2937:. 2906:. 2879:. 2834:. 2803:. 2777:. 2771:: 2755:. 2729:. 2703:. 2677:. 2671:: 2647:. 2635:: 2625:: 2619:4 2598:. 2564:: 2517:. 2475:( 2368:p 2287:= 2278:= 2269:= 2159:) 2155:( 2090:) 2086:( 2043:; 2031:; 2013:= 1993:: 1982:@ 1957:@ 1951:@ 1877:] 1862:[ 1850:: 1838:: 1832:) 1826:( 1820:: 1805:= 1799:+ 1793:+ 1787:+ 1772:) 1766:( 1760:= 1742:: 1725:! 1716:? 1692:; 1686:: 1677:/ 1671:/ 1662:- 1650:/ 1644:/ 1635:- 1617:] 1602:[ 1590:: 1578:: 1572:) 1566:( 1560:: 1548:3 1542:= 1536:+ 1530:+ 1524:+ 1518:; 1509:( 1500:; 1494:) 1488:( 1482:= 1476:; 1467:? 1458:@ 1455:) 1452:! 1446:, 1440:( 1437:. 1434:; 1431:A 1428:. 1425:A 1422:: 1416:* 1402:! 1393:? 1369:; 1327:] 1303:4 1285:[ 1273:: 1264:: 1249:: 1237:= 1231:+ 1225:+ 1219:+ 1207:; 1201:, 1198:1 1177:= 1159:@ 1153:. 1150:; 1144:: 1127:! 1118:? 1094:; 1082:/ 1076:/ 1061:/ 1055:/ 1043:: 1031:] 1025:S 1010:: 1001:4 986:: 980:[ 971:S 965:: 956:: 941:: 935:: 929:3 923:= 917:+ 911:+ 905:+ 899:; 890:; 887:) 881:, 878:1 875:, 869:( 860:; 854:) 848:( 842:= 836:; 821:@ 806:; 800:: 794:* 714:" 645:} 642:; 639:0 633:; 612:{ 526:} 523:; 520:0 514:; 493:{ 457:; 454:0 430:; 427:5 424:= 412:; 388:# 364:} 361:; 358:0 352:; 348:| 344:2 334:{ 300:; 296:2 292:; 289:0 280:; 276:2 260:; 253:2 249:; 246:5 243:= 237:; 235:a 233:= 230:x 227:; 223:2 219:; 212:2 208:;

Index

computing
computer program
script
programming languages
file formats
multilingualism
compiled
interpreted
source code
compatibility
security
validation
vulnerability
History of steganography
hacker culture
Usenet
International Obfuscated C Code Contest
covert channel
malware
compatibility
zip
characters
comments
public domain
ANSI C
PHP
bash
preprocessor
root directory
redirection

Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.