Q6: Which variable does the initial script try to return? Q8: The exploit kit contains a large block of hex encoded shellcode stored in a variable. This shellcode is also XOR encoded. What is the single byte xor key? (In the format 0xNN e.g. 0x11.)
So far I downloaded the HTTP objects via Wireshark, extracted the script to JSDetox then decoded base64 strings which resolves to other 2 scripts. With these steps I was able to answer other questions but I can't go any further, any guidance?
I was able to complete the lab however I think lab needs some improvement
For Q3, you need to look into the obfuscated code, before applying applying any deobfuscating steps For Q8, the data analyze tool in the lab does not work. Use CyberChef or something else, it is very misleading if you assume it works and you are missing something.
I think this tool is both overrated and abandoned, and at first I thought it would do some magic. I waited dozens of minutes for "Analyze" to do something, before I aborted these attempts. It's much easier to load the HTML file into the browser and then "Copy -> Inner HTML" to get the decoded scripts (JSDETOX has a nice formatter, but that's it). Not a single edit needed.
I couldn't understand Q4: "Which packet number corresponds to the site that is 302 redirected to (and which hosts the malware where you start analysis)?", it's not clear what you want. And since it's not a Wireshark lab, it might be just written as: "Identify the server where the malware is downloaded from, and as answer enter the number of the first frame with a http response code from that server."
Hey netcat we have discussed your feedback internally and are in agreement with many of your comments. This is an older lab that no longer meets our quality standards and we are therefore going to uplift this lab and change some of the wording to make it clearer.
Oh yeah...just the last question in "Practical Malware Analysis: Static Analysis" is a little bit confusing: "What native Microsoft service is this malware trying to masquerade as with a legitimate seeming name and a reference to a file path that can be used for persistence? (Hint: Review the briefing panel for information on how to override a function signature.)". "file path"...turns out to be a "file name"
"}},"componentScriptGroups({\"componentId\":\"custom.widget.Custom_Scripts\"})":{"__typename":"ComponentScriptGroups","scriptGroups":{"__typename":"ComponentScriptGroupsDefinition","afterInteractive":{"__typename":"PageScriptGroupDefinition","group":"AFTER_INTERACTIVE","scriptIds":[]},"lazyOnLoad":{"__typename":"PageScriptGroupDefinition","group":"LAZY_ON_LOAD","scriptIds":[]}},"componentScripts":[]},"cachedText({\"lastModified\":\"1740587331000\",\"locale\":\"en-US\",\"namespaces\":[\"components/community/NavbarDropdownToggle\"]})":[{"__ref":"CachedAsset:text:en_US-components/community/NavbarDropdownToggle-1740587331000"}],"cachedText({\"lastModified\":\"1740587331000\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/EscalatedMessageBanner\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/EscalatedMessageBanner-1740587331000"}],"cachedText({\"lastModified\":\"1740587331000\",\"locale\":\"en-US\",\"namespaces\":[\"components/users/UserLink\"]})":[{"__ref":"CachedAsset:text:en_US-components/users/UserLink-1740587331000"}],"cachedText({\"lastModified\":\"1740587331000\",\"locale\":\"en-US\",\"namespaces\":[\"shared/client/components/users/UserRank\"]})":[{"__ref":"CachedAsset:text:en_US-shared/client/components/users/UserRank-1740587331000"}],"cachedText({\"lastModified\":\"1740587331000\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageTime\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageTime-1740587331000"}],"cachedText({\"lastModified\":\"1740587331000\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageSolvedBadge\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageSolvedBadge-1740587331000"}],"cachedText({\"lastModified\":\"1740587331000\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageSubject\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageSubject-1740587331000"}],"cachedText({\"lastModified\":\"1740587331000\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageBody\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageBody-1740587331000"}],"cachedText({\"lastModified\":\"1740587331000\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageCustomFields\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageCustomFields-1740587331000"}],"cachedText({\"lastModified\":\"1740587331000\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageReplyButton\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageReplyButton-1740587331000"}],"cachedText({\"lastModified\":\"1740587331000\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageSolutionList\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageSolutionList-1740587331000"}],"cachedText({\"lastModified\":\"1740587331000\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/AcceptedSolutionButton\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/AcceptedSolutionButton-1740587331000"}],"cachedText({\"lastModified\":\"1740587331000\",\"locale\":\"en-US\",\"namespaces\":[\"shared/client/components/common/Pager/PagerLoadMore\"]})":[{"__ref":"CachedAsset:text:en_US-shared/client/components/common/Pager/PagerLoadMore-1740587331000"}],"cachedText({\"lastModified\":\"1740587331000\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageView/MessageViewInline\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageView/MessageViewInline-1740587331000"}],"message({\"id\":\"message:759\"})":{"__ref":"ForumReplyMessage:message:759"},"message({\"id\":\"message:781\"})":{"__ref":"ForumReplyMessage:message:781"},"message({\"id\":\"message:782\"})":{"__ref":"ForumReplyMessage:message:782"},"message({\"id\":\"message:1028\"})":{"__ref":"ForumReplyMessage:message:1028"},"message({\"id\":\"message:1027\"})":{"__ref":"ForumReplyMessage:message:1027"},"message({\"id\":\"message:1037\"})":{"__ref":"ForumReplyMessage:message:1037"},"message({\"id\":\"message:1041\"})":{"__ref":"ForumReplyMessage:message:1041"},"message({\"id\":\"message:1496\"})":{"__ref":"ForumReplyMessage:message:1496"},"messages({\"constraints\":{\"solution\":{\"eq\":true},\"topicId\":{\"eq\":\"message:758\"}},\"first\":10,\"sorts\":{\"postTime\":{\"direction\":\"ASC\"}}})":{"__typename":"MessageConnection","edges":[{"__typename":"MessageEdge","cursor":"MjUuMnwyLjF8aXwxMHwzOToxfGludCw3OTAsNzkw","node":{"__ref":"AcceptedSolutionMessage:message:790"}}],"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null},"totalCount":1},"cachedText({\"lastModified\":\"1740587331000\",\"locale\":\"en-US\",\"namespaces\":[\"shared/client/components/users/UserAvatar\"]})":[{"__ref":"CachedAsset:text:en_US-shared/client/components/users/UserAvatar-1740587331000"}],"cachedText({\"lastModified\":\"1740587331000\",\"locale\":\"en-US\",\"namespaces\":[\"shared/client/components/ranks/UserRankLabel\"]})":[{"__ref":"CachedAsset:text:en_US-shared/client/components/ranks/UserRankLabel-1740587331000"}],"message({\"id\":\"message:790\"})":{"__ref":"AcceptedSolutionMessage:message:790"},"cachedText({\"lastModified\":\"1740587331000\",\"locale\":\"en-US\",\"namespaces\":[\"components/tags/TagView/TagViewChip\"]})":[{"__ref":"CachedAsset:text:en_US-components/tags/TagView/TagViewChip-1740587331000"}]},"CachedAsset:pages-1742433965200":{"__typename":"CachedAsset","id":"pages-1742433965200","value":[{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"BlogViewAllPostsPage","type":"BLOG","urlPath":"/category/:categoryId/blog/:boardId/all-posts/(/:after|/:before)?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"CasePortalPage","type":"CASE_PORTAL","urlPath":"/caseportal","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"CreateGroupHubPage","type":"GROUP_HUB","urlPath":"/groups/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"CaseViewPage","type":"CASE_DETAILS","urlPath":"/case/:caseId/:caseNumber","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"InboxPage","type":"COMMUNITY","urlPath":"/inbox","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"HelpFAQPage","type":"COMMUNITY","urlPath":"/help","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"IdeaMessagePage","type":"IDEA_POST","urlPath":"/idea/:boardId/:messageSubject/:messageId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"IdeaViewAllIdeasPage","type":"IDEA","urlPath":"/category/:categoryId/ideas/:boardId/all-ideas/(/:after|/:before)?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"LoginPage","type":"USER","urlPath":"/signin","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"BlogPostPage","type":"BLOG","urlPath":"/category/:categoryId/blogs/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"ThemeEditorPage","type":"COMMUNITY","urlPath":"/designer/themes","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"TkbViewAllArticlesPage","type":"TKB","urlPath":"/category/:categoryId/kb/:boardId/all-articles/(/:after|/:before)?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"OccasionEditPage","type":"EVENT","urlPath":"/event/:boardId/:messageSubject/:messageId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"OAuthAuthorizationAllowPage","type":"USER","urlPath":"/auth/authorize/allow","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"PageEditorPage","type":"COMMUNITY","urlPath":"/designer/pages","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"PostPage","type":"COMMUNITY","urlPath":"/category/:categoryId/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"ForumBoardPage","type":"FORUM","urlPath":"/category/:categoryId/discussions/:boardId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"TkbBoardPage","type":"TKB","urlPath":"/category/:categoryId/kb/:boardId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"EventPostPage","type":"EVENT","urlPath":"/category/:categoryId/events/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"UserBadgesPage","type":"COMMUNITY","urlPath":"/users/:login/:userId/badges","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"GroupHubMembershipAction","type":"GROUP_HUB","urlPath":"/membership/join/:nodeId/:membershipType","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"MaintenancePage","type":"COMMUNITY","urlPath":"/maintenance","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"IdeaReplyPage","type":"IDEA_REPLY","urlPath":"/idea/:boardId/:messageSubject/:messageId/comments/:replyId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"UserSettingsPage","type":"USER","urlPath":"/mysettings/:userSettingsTab","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"GroupHubsPage","type":"GROUP_HUB","urlPath":"/groups","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"ForumPostPage","type":"FORUM","urlPath":"/category/:categoryId/discussions/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"OccasionRsvpActionPage","type":"OCCASION","urlPath":"/event/:boardId/:messageSubject/:messageId/rsvp/:responseType","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"VerifyUserEmailPage","type":"USER","urlPath":"/verifyemail/:userId/:verifyEmailToken","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"AllOccasionsPage","type":"OCCASION","urlPath":"/category/:categoryId/events/:boardId/all-events/(/:after|/:before)?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"EventBoardPage","type":"EVENT","urlPath":"/category/:categoryId/events/:boardId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"TkbReplyPage","type":"TKB_REPLY","urlPath":"/kb/:boardId/:messageSubject/:messageId/comments/:replyId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"IdeaBoardPage","type":"IDEA","urlPath":"/category/:categoryId/ideas/:boardId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"CommunityGuideLinesPage","type":"COMMUNITY","urlPath":"/communityguidelines","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"CaseCreatePage","type":"SALESFORCE_CASE_CREATION","urlPath":"/caseportal/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"TkbEditPage","type":"TKB","urlPath":"/kb/:boardId/:messageSubject/:messageId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"ForgotPasswordPage","type":"USER","urlPath":"/forgotpassword","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"IdeaEditPage","type":"IDEA","urlPath":"/idea/:boardId/:messageSubject/:messageId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"TagPage","type":"COMMUNITY","urlPath":"/tag/:tagName","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"BlogBoardPage","type":"BLOG","urlPath":"/category/:categoryId/blog/:boardId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"OccasionMessagePage","type":"OCCASION_TOPIC","urlPath":"/event/:boardId/:messageSubject/:messageId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"ManageContentPage","type":"COMMUNITY","urlPath":"/managecontent","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"ClosedMembershipNodeNonMembersPage","type":"GROUP_HUB","urlPath":"/closedgroup/:groupHubId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"CommunityPage","type":"COMMUNITY","urlPath":"/","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"ForumMessagePage","type":"FORUM_TOPIC","urlPath":"/discussions/:boardId/:messageSubject/:messageId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"IdeaPostPage","type":"IDEA","urlPath":"/category/:categoryId/ideas/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"BlogMessagePage","type":"BLOG_ARTICLE","urlPath":"/blog/:boardId/:messageSubject/:messageId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"RegistrationPage","type":"USER","urlPath":"/register","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"EditGroupHubPage","type":"GROUP_HUB","urlPath":"/group/:groupHubId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"ForumEditPage","type":"FORUM","urlPath":"/discussions/:boardId/:messageSubject/:messageId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"ResetPasswordPage","type":"USER","urlPath":"/resetpassword/:userId/:resetPasswordToken","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"TkbMessagePage","type":"TKB_ARTICLE","urlPath":"/kb/:boardId/:messageSubject/:messageId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"BlogEditPage","type":"BLOG","urlPath":"/blog/:boardId/:messageSubject/:messageId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"ManageUsersPage","type":"USER","urlPath":"/users/manage/:tab?/:manageUsersTab?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"ForumReplyPage","type":"FORUM_REPLY","urlPath":"/discussions/:boardId/:messageSubject/:messageId/replies/:replyId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"PrivacyPolicyPage","type":"COMMUNITY","urlPath":"/privacypolicy","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"NotificationPage","type":"COMMUNITY","urlPath":"/notifications","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"UserPage","type":"USER","urlPath":"/users/:login/:userId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"HealthCheckPage","type":"COMMUNITY","urlPath":"/health","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"OccasionReplyPage","type":"OCCASION_REPLY","urlPath":"/event/:boardId/:messageSubject/:messageId/comments/:replyId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"ManageMembersPage","type":"GROUP_HUB","urlPath":"/group/:groupHubId/manage/:tab?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"SearchResultsPage","type":"COMMUNITY","urlPath":"/search","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"BlogReplyPage","type":"BLOG_REPLY","urlPath":"/blog/:boardId/:messageSubject/:messageId/replies/:replyId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"GroupHubPage","type":"GROUP_HUB","urlPath":"/group/:groupHubId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"TermsOfServicePage","type":"COMMUNITY","urlPath":"/termsofservice","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"CategoryPage","type":"CATEGORY","urlPath":"/category/:categoryId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"ForumViewAllTopicsPage","type":"FORUM","urlPath":"/category/:categoryId/discussions/:boardId/all-topics/(/:after|/:before)?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"TkbPostPage","type":"TKB","urlPath":"/category/:categoryId/kbs/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742433965200,"localOverride":null,"page":{"id":"GroupHubPostPage","type":"GROUP_HUB","urlPath":"/group/:groupHubId/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"}],"localOverride":false},"CachedAsset:text:en_US-components/context/AppContext/AppContextProvider-0":{"__typename":"CachedAsset","id":"text:en_US-components/context/AppContext/AppContextProvider-0","value":{"noCommunity":"Cannot find community","noUser":"Cannot find current user","noNode":"Cannot find node with id {nodeId}","noMessage":"Cannot find message with id {messageId}"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/common/Loading/LoadingDot-0":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/common/Loading/LoadingDot-0","value":{"title":"Loading..."},"localOverride":false},"User:user:-1":{"__typename":"User","id":"user:-1","uid":-1,"login":"Anonymous","email":"","avatar":null,"rank":null,"kudosWeight":1,"registrationData":{"__typename":"RegistrationData","status":"ANONYMOUS","registrationTime":null,"confirmEmailStatus":false,"registrationAccessLevel":"VIEW","ssoRegistrationFields":[]},"ssoId":null,"profileSettings":{"__typename":"ProfileSettings","dateDisplayStyle":{"__typename":"InheritableStringSettingWithPossibleValues","key":"layout.friendly_dates_enabled","value":"true","localValue":"true","possibleValues":["true","false"]},"dateDisplayFormat":{"__typename":"InheritableStringSetting","key":"layout.format_pattern_date","value":"MM-dd-yyyy","localValue":"MM-dd-yyyy"},"language":{"__typename":"InheritableStringSettingWithPossibleValues","key":"profile.language","value":"en-US","localValue":null,"possibleValues":["en-US"]}},"deleted":false},"Theme:customTheme1":{"__typename":"Theme","id":"customTheme1"},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bi00MS1jS0RtS1k\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bi00MS1jS0RtS1k","mimeType":"image/svg+xml"},"Category:category:help":{"__typename":"Category","id":"category:help","entityType":"CATEGORY","displayId":"help","nodeType":"category","depth":1,"title":"Help","shortTitle":"Help","parent":{"__ref":"Category:category:top"}},"Category:category:top":{"__typename":"Category","id":"category:top","displayId":"top","nodeType":"category","depth":0,"title":"Top","entityType":"CATEGORY","shortTitle":"Top"},"Forum:board:help":{"__typename":"Forum","id":"board:help","entityType":"FORUM","displayId":"help","nodeType":"board","depth":2,"conversationStyle":"FORUM","title":"Help & Support Forum","description":"Do you have a question about an Immersive product or feature? This is where the experts hang out, and they are always happy to help!","avatar":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bi00MS1jS0RtS1k\"}"},"profileSettings":{"__typename":"ProfileSettings","language":null},"parent":{"__ref":"Category:category:help"},"ancestors":{"__typename":"CoreNodeConnection","edges":[{"__typename":"CoreNodeEdge","node":{"__ref":"Community:community:dnvaw96485"}},{"__typename":"CoreNodeEdge","node":{"__ref":"Category:category:help"}}]},"userContext":{"__typename":"NodeUserContext","canAddAttachments":false,"canUpdateNode":false,"canPostMessages":false,"isSubscribed":false},"boardPolicies":{"__typename":"BoardPolicies","canPublishArticleOnCreate":{"__typename":"PolicyResult","failureReason":{"__typename":"FailureReason","message":"error.lithium.policies.forums.policy_can_publish_on_create_workflow_action.accessDenied","key":"error.lithium.policies.forums.policy_can_publish_on_create_workflow_action.accessDenied","args":[]}},"canReadNode":{"__typename":"PolicyResult","failureReason":null}},"shortTitle":"Help & Support Forum","repliesProperties":{"__typename":"RepliesProperties","sortOrder":"LIKES","repliesFormat":"threaded"},"forumPolicies":{"__typename":"ForumPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"eventPath":"category:help/community:dnvaw96485board:help/","tagProperties":{"__typename":"TagNodeProperties","tagsEnabled":{"__typename":"PolicyResult","failureReason":null}},"requireTags":true,"tagType":"PRESET_ONLY"},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstMTAtZkFjWTR6\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstMTAtZkFjWTR6","height":160,"width":141,"mimeType":"image/png"},"Rank:rank:10":{"__typename":"Rank","id":"rank:10","position":18,"name":"Bronze III","color":"C69A70","icon":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstMTAtZkFjWTR6\"}"},"rankStyle":"FILLED"},"User:user:256":{"__typename":"User","id":"user:256","uid":256,"login":"AtakanBal","deleted":false,"avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/m_assets/avatars/default/avatar-2.svg?time=0"},"rank":{"__ref":"Rank:rank:10"},"email":"","messagesCount":16,"biography":null,"topicsCount":4,"kudosReceivedCount":12,"kudosGivenCount":6,"kudosWeight":1,"registrationData":{"__typename":"RegistrationData","status":null,"registrationTime":"2024-09-30T04:46:25.652-07:00","confirmEmailStatus":null},"followersCount":null,"solutionsCount":2,"entityType":"USER","eventPath":"community:dnvaw96485/user:256"},"ForumTopicMessage:message:758":{"__typename":"ForumTopicMessage","uid":758,"subject":"Reverse Engineering (Offensive) JavaScript Analysis: JSDetox","id":"message:758","revisionNum":1,"repliesCount":10,"author":{"__ref":"User:user:256"},"depth":0,"hasGivenKudo":false,"board":{"__ref":"Forum:board:help"},"conversation":{"__ref":"Conversation:conversation:758"},"readOnly":false,"editFrozen":false,"moderationData":{"__ref":"ModerationData:moderation_data:758"},"body":"
I'm stuck at below two questions
Q6: Which variable does the initial script try to return? Q8: The exploit kit contains a large block of hex encoded shellcode stored in a variable. This shellcode is also XOR encoded. What is the single byte xor key? (In the format 0xNN e.g. 0x11.)
So far I downloaded the HTTP objects via Wireshark, extracted the script to JSDetox then decoded base64 strings which resolves to other 2 scripts. With these steps I was able to answer other questions but I can't go any further, any guidance?
Thanks in advance
","body@stringLength":"598","rawBody":"
I'm stuck at below two questions
Q6: Which variable does the initial script try to return? Q8: The exploit kit contains a large block of hex encoded shellcode stored in a variable. This shellcode is also XOR encoded. What is the single byte xor key? (In the format 0xNN e.g. 0x11.)
So far I downloaded the HTTP objects via Wireshark, extracted the script to JSDetox then decoded base64 strings which resolves to other 2 scripts. With these steps I was able to answer other questions but I can't go any further, any guidance?
Thanks in advance
","kudosSumWeight":1,"postTime":"2024-10-23T08:20:16.475-07:00","images":{"__typename":"AssociatedImageConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"attachments":{"__typename":"AttachmentConnection","pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null},"edges":[]},"tags":{"__typename":"TagConnection","pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null},"edges":[{"__typename":"TagEdge","cursor":"MjUuMnwyLjF8b3wxMHxfTlZffDE","node":{"__typename":"Tag","id":"tag:help & support","text":"help & support","time":"2024-05-28T08:30:37.542-07:00","lastActivityTime":null,"messagesCount":null,"followersCount":null}},{"__typename":"TagEdge","cursor":"MjUuMnwyLjF8b3wxMHxfTlZffDI","node":{"__typename":"Tag","id":"tag:offensive cyber","text":"offensive cyber","time":"2024-05-28T08:37:09.489-07:00","lastActivityTime":null,"messagesCount":null,"followersCount":null}}]},"timeToRead":1,"currentRevision":{"__ref":"Revision:revision:758_1"},"latestVersion":null,"metrics":{"__typename":"MessageMetrics","views":272},"visibilityScope":"PUBLIC","canonicalUrl":null,"seoTitle":null,"seoDescription":null,"isEscalated":null,"placeholder":false,"originalMessageForPlaceholder":null,"messagePolicies":{"__typename":"MessagePolicies","canModerateSpamMessage":{"__typename":"PolicyResult","failureReason":{"__typename":"FailureReason","message":"error.lithium.policies.feature.moderation_spam.action.moderate_entity.allowed.accessDenied","key":"error.lithium.policies.feature.moderation_spam.action.moderate_entity.allowed.accessDenied","args":[]}}},"archivalData":null,"searchSnippet":"I'm stuck at below two questions Q6: Which variable does the initial script try to return? Q8: The exploit kit contains a large block of hex encoded shellcode stored in a variable. This shellcode...","replies":{"__typename":"MessageConnection","edges":[{"__typename":"MessageEdge","cursor":"MjUuMnwyLjF8b3wxMHwxNDowLDM5OjF8MQ","node":{"__ref":"ForumReplyMessage:message:759"}},{"__typename":"MessageEdge","cursor":"MjUuMnwyLjF8b3wxMHwxNDowLDM5OjF8Mg","node":{"__ref":"ForumReplyMessage:message:1028"}},{"__typename":"MessageEdge","cursor":"MjUuMnwyLjF8b3wxMHwxNDowLDM5OjF8Mw","node":{"__ref":"ForumReplyMessage:message:1027"}},{"__typename":"MessageEdge","cursor":"MjUuMnwyLjF8b3wxMHwxNDowLDM5OjF8NA","node":{"__ref":"ForumReplyMessage:message:1041"}}],"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"customFields":[]},"Conversation:conversation:758":{"__typename":"Conversation","id":"conversation:758","solved":true,"topic":{"__ref":"ForumTopicMessage:message:758"},"lastPostingActivityTime":"2025-02-01T08:08:20.013-08:00","lastPostTime":"2025-02-01T08:08:20.013-08:00","unreadReplyCount":10,"isSubscribed":false},"ModerationData:moderation_data:758":{"__typename":"ModerationData","id":"moderation_data:758","status":"APPROVED","rejectReason":null,"isReportedAbuse":false,"rejectUser":null,"rejectTime":null,"rejectActorType":"member"},"Revision:revision:758_1":{"__typename":"Revision","id":"revision:758_1","lastEditTime":"2024-10-23T08:20:16.475-07:00"},"CachedAsset:theme:customTheme1-1742433964842":{"__typename":"CachedAsset","id":"theme:customTheme1-1742433964842","value":{"id":"customTheme1","animation":{"fast":"150ms","normal":"250ms","slow":"500ms","slowest":"750ms","function":"cubic-bezier(0.07, 0.91, 0.51, 1)","__typename":"AnimationThemeSettings"},"avatar":{"borderRadius":"50%","collections":["custom"],"__typename":"AvatarThemeSettings"},"basics":{"browserIcon":{"imageAssetName":"67445c86d118f03d29f3e02f_Immersive_Favicon-1739352646053.png","imageLastModified":"1739352647623","__typename":"ThemeAsset"},"customerLogo":{"imageAssetName":"Community_Logo_-_Light-1739352757482.png","imageLastModified":"1739352759022","__typename":"ThemeAsset"},"maximumWidthOfPageContent":"1300px","oneColumnNarrowWidth":"800px","gridGutterWidthMd":"30px","gridGutterWidthXs":"10px","pageWidthStyle":"WIDTH_OF_BROWSER","__typename":"BasicsThemeSettings"},"buttons":{"borderRadiusSm":"3px","borderRadius":"3px","borderRadiusLg":"5px","paddingY":"5px","paddingYLg":"7px","paddingYHero":"var(--lia-bs-btn-padding-y-lg)","paddingX":"12px","paddingXLg":"16px","paddingXHero":"60px","fontStyle":"NORMAL","fontWeight":"400","textTransform":"NONE","disabledOpacity":0.5,"primaryTextColor":"var(--lia-bs-body-bg)","primaryTextHoverColor":"var(--lia-bs-body-bg)","primaryTextActiveColor":"var(--lia-bs-body-bg)","primaryBgColor":"var(--lia-bs-primary)","primaryBgHoverColor":"hsl(var(--lia-bs-primary-h), var(--lia-bs-primary-s), calc(var(--lia-bs-primary-l) * 0.85))","primaryBgActiveColor":"hsl(var(--lia-bs-primary-h), var(--lia-bs-primary-s), calc(var(--lia-bs-primary-l) * 0.7))","primaryBorder":"1px solid transparent","primaryBorderHover":"1px solid transparent","primaryBorderActive":"1px solid transparent","primaryBorderFocus":"1px solid var(--lia-bs-white)","primaryBoxShadowFocus":"0 0 0 1px var(--lia-bs-primary), 0 0 0 4px hsla(var(--lia-bs-primary-h), var(--lia-bs-primary-s), var(--lia-bs-primary-l), 0.2)","secondaryTextColor":"var(--lia-bs-body-color)","secondaryTextHoverColor":"hsl(var(--lia-bs-body-color-h), var(--lia-bs-body-color-s), calc(var(--lia-bs-body-color-l) * 0.95))","secondaryTextActiveColor":"hsl(var(--lia-bs-body-color-h), var(--lia-bs-body-color-s), calc(var(--lia-bs-body-color-l) * 0.9))","secondaryBgColor":"var(--lia-bs-body-bg)","secondaryBgHoverColor":"hsl(var(--lia-bs-body-bg-h), var(--lia-bs-body-bg-s), calc(var(--lia-bs-body-bg-l) * 0.96))","secondaryBgActiveColor":"hsl(var(--lia-bs-body-bg-h), var(--lia-bs-body-bg-s), calc(var(--lia-bs-body-bg-l) * 0.92))","secondaryBorder":"1px solid transparent","secondaryBorderHover":"1px solid transparent","secondaryBorderActive":"1px solid transparent","secondaryBorderFocus":"1px solid transparent","secondaryBoxShadowFocus":"0 0 0 1px var(--lia-bs-primary), 0 0 0 4px hsla(var(--lia-bs-primary-h), var(--lia-bs-primary-s), var(--lia-bs-primary-l), 0.2)","tertiaryTextColor":"var(--lia-bs-gray-900)","tertiaryTextHoverColor":"hsl(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), calc(var(--lia-bs-gray-900-l) * 0.95))","tertiaryTextActiveColor":"hsl(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), calc(var(--lia-bs-gray-900-l) * 0.9))","tertiaryBgColor":"transparent","tertiaryBgHoverColor":"transparent","tertiaryBgActiveColor":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.04)","tertiaryBorder":"1px solid transparent","tertiaryBorderHover":"1px solid hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.08)","tertiaryBorderActive":"1px solid transparent","tertiaryBorderFocus":"1px solid transparent","tertiaryBoxShadowFocus":"0 0 0 1px var(--lia-bs-primary), 0 0 0 4px hsla(var(--lia-bs-primary-h), var(--lia-bs-primary-s), var(--lia-bs-primary-l), 0.2)","destructiveTextColor":"var(--lia-bs-body-bg)","destructiveTextHoverColor":"var(--lia-bs-body-bg)","destructiveTextActiveColor":"var(--lia-bs-body-bg)","destructiveBgColor":"var(--lia-bs-danger)","destructiveBgHoverColor":"hsl(var(--lia-bs-danger-h), var(--lia-bs-danger-s), calc(var(--lia-bs-danger-l) * 0.85))","destructiveBgActiveColor":"hsl(var(--lia-bs-danger-h), var(--lia-bs-danger-s), calc(var(--lia-bs-danger-l) * 0.7))","destructiveBorder":"1px solid transparent","destructiveBorderHover":"1px solid transparent","destructiveBorderActive":"1px solid transparent","destructiveBorderFocus":"1px solid transparent","destructiveBoxShadowFocus":"0 0 0 1px var(--lia-bs-primary), 0 0 0 4px hsla(var(--lia-bs-primary-h), var(--lia-bs-primary-s), var(--lia-bs-primary-l), 0.2)","__typename":"ButtonsThemeSettings"},"border":{"color":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.08)","mainContent":"LIGHT","sideContent":"LIGHT","radiusSm":"6px","radius":"10px","radiusLg":"18px","radius50":"100vw","__typename":"BorderThemeSettings"},"boxShadow":{"xs":"0 0 0 1px hsla(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), var(--lia-bs-gray-900-l), 0.08), 0 3px 0 -1px hsla(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), var(--lia-bs-gray-900-l), 0.08)","sm":"0 2px 4px hsla(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), var(--lia-bs-gray-900-l), 0.06)","md":"0 5px 15px hsla(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), var(--lia-bs-gray-900-l), 0.15)","lg":"0 10px 30px hsla(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), var(--lia-bs-gray-900-l), 0.15)","__typename":"BoxShadowThemeSettings"},"cards":{"bgColor":"var(--lia-panel-bg-color)","borderRadius":"var(--lia-panel-border-radius)","boxShadow":"var(--lia-box-shadow-xs)","__typename":"CardsThemeSettings"},"chip":{"maxWidth":"300px","height":"30px","__typename":"ChipThemeSettings"},"coreTypes":{"defaultMessageLinkColor":"var(--lia-bs-primary)","defaultMessageLinkDecoration":"none","defaultMessageLinkFontStyle":"NORMAL","defaultMessageLinkFontWeight":"400","defaultMessageFontStyle":"NORMAL","defaultMessageFontWeight":"400","forumColor":"#26B5E6","forumFontFamily":"var(--lia-bs-font-family-base)","forumFontWeight":"var(--lia-default-message-font-weight)","forumLineHeight":"var(--lia-bs-line-height-base)","forumFontStyle":"var(--lia-default-message-font-style)","forumMessageLinkColor":"var(--lia-default-message-link-color)","forumMessageLinkDecoration":"var(--lia-default-message-link-decoration)","forumMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","forumMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","forumSolvedColor":"#3CA7A1","blogColor":"#3CA7A1","blogFontFamily":"var(--lia-bs-font-family-base)","blogFontWeight":"var(--lia-default-message-font-weight)","blogLineHeight":"1.75","blogFontStyle":"var(--lia-default-message-font-style)","blogMessageLinkColor":"var(--lia-default-message-link-color)","blogMessageLinkDecoration":"var(--lia-default-message-link-decoration)","blogMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","blogMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","tkbColor":"#6E6F7C","tkbFontFamily":"var(--lia-bs-font-family-base)","tkbFontWeight":"var(--lia-default-message-font-weight)","tkbLineHeight":"1.75","tkbFontStyle":"var(--lia-default-message-font-style)","tkbMessageLinkColor":"var(--lia-default-message-link-color)","tkbMessageLinkDecoration":"var(--lia-default-message-link-decoration)","tkbMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","tkbMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","qandaColor":"#4099E2","qandaFontFamily":"var(--lia-bs-font-family-base)","qandaFontWeight":"var(--lia-default-message-font-weight)","qandaLineHeight":"var(--lia-bs-line-height-base)","qandaFontStyle":"var(--lia-default-message-link-font-style)","qandaMessageLinkColor":"var(--lia-default-message-link-color)","qandaMessageLinkDecoration":"var(--lia-default-message-link-decoration)","qandaMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","qandaMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","qandaSolvedColor":"#3FA023","ideaColor":"#FF8000","ideaFontFamily":"var(--lia-bs-font-family-base)","ideaFontWeight":"var(--lia-default-message-font-weight)","ideaLineHeight":"var(--lia-bs-line-height-base)","ideaFontStyle":"var(--lia-default-message-font-style)","ideaMessageLinkColor":"var(--lia-default-message-link-color)","ideaMessageLinkDecoration":"var(--lia-default-message-link-decoration)","ideaMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","ideaMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","contestColor":"#FCC845","contestFontFamily":"var(--lia-bs-font-family-base)","contestFontWeight":"var(--lia-default-message-font-weight)","contestLineHeight":"var(--lia-bs-line-height-base)","contestFontStyle":"var(--lia-default-message-link-font-style)","contestMessageLinkColor":"var(--lia-default-message-link-color)","contestMessageLinkDecoration":"var(--lia-default-message-link-decoration)","contestMessageLinkFontStyle":"ITALIC","contestMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","occasionColor":"#E45C65","occasionFontFamily":"var(--lia-bs-font-family-base)","occasionFontWeight":"var(--lia-default-message-font-weight)","occasionLineHeight":"var(--lia-bs-line-height-base)","occasionFontStyle":"var(--lia-default-message-font-style)","occasionMessageLinkColor":"var(--lia-default-message-link-color)","occasionMessageLinkDecoration":"var(--lia-default-message-link-decoration)","occasionMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","occasionMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","grouphubColor":"#9AE8E8","categoryColor":"#949494","communityColor":"#FFFFFF","productColor":"#949494","__typename":"CoreTypesThemeSettings"},"colors":{"black":"#000000","white":"#FFFFFF","gray100":"#F7F7F7","gray200":"#F7F7F7","gray300":"#E8E8E8","gray400":"#D9D9D9","gray500":"#CCCCCC","gray600":"#949494","gray700":"#707070","gray800":"#545454","gray900":"#333333","dark":"#545454","light":"#F7F7F7","primary":"#4563FF","secondary":"#333333","bodyText":"#10122A","bodyBg":"#F9F9FA","info":"#26B5E6","success":"#3CA7A1","warning":"#FBDC55","danger":"#E45C65","alertSystem":"#FF6600","textMuted":"#707070","highlight":"#FFFCAD","outline":"var(--lia-bs-primary)","custom":["#26B5E6","#E45C65","#6E6F7C","#D7D5E2","#C69A70","#FBDC55","#9AE8E8","#3CA7A1"],"__typename":"ColorsThemeSettings"},"divider":{"size":"3px","marginLeft":"4px","marginRight":"4px","borderRadius":"50%","bgColor":"var(--lia-bs-gray-600)","bgColorActive":"var(--lia-bs-gray-600)","__typename":"DividerThemeSettings"},"dropdown":{"fontSize":"var(--lia-bs-font-size-sm)","borderColor":"var(--lia-bs-border-color)","borderRadius":"var(--lia-bs-border-radius-sm)","dividerBg":"var(--lia-bs-gray-300)","itemPaddingY":"5px","itemPaddingX":"20px","headerColor":"var(--lia-bs-gray-700)","__typename":"DropdownThemeSettings"},"email":{"link":{"color":"#0069D4","hoverColor":"#0061c2","decoration":"none","hoverDecoration":"underline","__typename":"EmailLinkSettings"},"border":{"color":"#e4e4e4","__typename":"EmailBorderSettings"},"buttons":{"borderRadiusLg":"5px","paddingXLg":"16px","paddingYLg":"7px","fontWeight":"700","primaryTextColor":"#ffffff","primaryTextHoverColor":"#ffffff","primaryBgColor":"#0069D4","primaryBgHoverColor":"#005cb8","primaryBorder":"1px solid transparent","primaryBorderHover":"1px solid transparent","__typename":"EmailButtonsSettings"},"panel":{"borderRadius":"5px","borderColor":"#e4e4e4","__typename":"EmailPanelSettings"},"__typename":"EmailThemeSettings"},"emoji":{"skinToneDefault":"#ffcd43","skinToneLight":"#fae3c5","skinToneMediumLight":"#e2cfa5","skinToneMedium":"#daa478","skinToneMediumDark":"#a78058","skinToneDark":"#5e4d43","__typename":"EmojiThemeSettings"},"heading":{"color":"var(--lia-bs-body-color)","fontFamily":"Inter","fontStyle":"NORMAL","fontWeight":"500","h1FontSize":"34px","h2FontSize":"32px","h3FontSize":"28px","h4FontSize":"24px","h5FontSize":"20px","h6FontSize":"16px","lineHeight":"1.3","subHeaderFontSize":"11px","subHeaderFontWeight":"500","h1LetterSpacing":"normal","h2LetterSpacing":"normal","h3LetterSpacing":"normal","h4LetterSpacing":"normal","h5LetterSpacing":"normal","h6LetterSpacing":"normal","subHeaderLetterSpacing":"2px","h1FontWeight":"var(--lia-bs-headings-font-weight)","h2FontWeight":"var(--lia-bs-headings-font-weight)","h3FontWeight":"var(--lia-bs-headings-font-weight)","h4FontWeight":"var(--lia-bs-headings-font-weight)","h5FontWeight":"var(--lia-bs-headings-font-weight)","h6FontWeight":"var(--lia-bs-headings-font-weight)","__typename":"HeadingThemeSettings"},"icons":{"size10":"10px","size12":"12px","size14":"14px","size16":"16px","size20":"20px","size24":"24px","size30":"30px","size40":"40px","size50":"50px","size60":"60px","size80":"80px","size120":"120px","size160":"160px","__typename":"IconsThemeSettings"},"imagePreview":{"bgColor":"var(--lia-bs-gray-900)","titleColor":"var(--lia-bs-white)","controlColor":"var(--lia-bs-white)","controlBgColor":"var(--lia-bs-gray-800)","__typename":"ImagePreviewThemeSettings"},"input":{"borderColor":"var(--lia-bs-gray-600)","disabledColor":"var(--lia-bs-gray-600)","focusBorderColor":"var(--lia-bs-primary)","labelMarginBottom":"10px","btnFontSize":"var(--lia-bs-font-size-sm)","focusBoxShadow":"0 0 0 3px hsla(var(--lia-bs-primary-h), var(--lia-bs-primary-s), var(--lia-bs-primary-l), 0.2)","checkLabelMarginBottom":"2px","checkboxBorderRadius":"3px","borderRadiusSm":"var(--lia-bs-border-radius-sm)","borderRadius":"var(--lia-bs-border-radius)","borderRadiusLg":"var(--lia-bs-border-radius-lg)","formTextMarginTop":"4px","textAreaBorderRadius":"var(--lia-bs-border-radius)","activeFillColor":"var(--lia-bs-primary)","__typename":"InputThemeSettings"},"loading":{"dotDarkColor":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.2)","dotLightColor":"hsla(var(--lia-bs-white-h), var(--lia-bs-white-s), var(--lia-bs-white-l), 0.5)","barDarkColor":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.06)","barLightColor":"hsla(var(--lia-bs-white-h), var(--lia-bs-white-s), var(--lia-bs-white-l), 0.4)","__typename":"LoadingThemeSettings"},"link":{"color":"var(--lia-bs-primary)","hoverColor":"hsl(var(--lia-bs-primary-h), var(--lia-bs-primary-s), calc(var(--lia-bs-primary-l) - 10%))","decoration":"none","hoverDecoration":"underline","__typename":"LinkThemeSettings"},"listGroup":{"itemPaddingY":"15px","itemPaddingX":"15px","borderColor":"var(--lia-bs-gray-300)","__typename":"ListGroupThemeSettings"},"modal":{"contentTextColor":"var(--lia-bs-body-color)","contentBg":"var(--lia-bs-white)","backgroundBg":"var(--lia-bs-black)","smSize":"440px","mdSize":"760px","lgSize":"1080px","backdropOpacity":0.3,"contentBoxShadowXs":"var(--lia-bs-box-shadow-sm)","contentBoxShadow":"var(--lia-bs-box-shadow)","headerFontWeight":"700","__typename":"ModalThemeSettings"},"navbar":{"position":"FIXED","background":{"attachment":null,"clip":null,"color":"var(--lia-bs-white)","imageAssetName":"","imageLastModified":"0","origin":null,"position":"CENTER_CENTER","repeat":"NO_REPEAT","size":"COVER","__typename":"BackgroundProps"},"backgroundOpacity":0.8,"paddingTop":"15px","paddingBottom":"15px","borderBottom":"1px solid var(--lia-bs-border-color)","boxShadow":"var(--lia-bs-box-shadow-sm)","brandMarginRight":"30px","brandMarginRightSm":"10px","brandLogoHeight":"30px","linkGap":"10px","linkJustifyContent":"flex-start","linkPaddingY":"5px","linkPaddingX":"10px","linkDropdownPaddingY":"9px","linkDropdownPaddingX":"var(--lia-nav-link-px)","linkColor":"var(--lia-bs-body-color)","linkHoverColor":"var(--lia-bs-primary)","linkFontSize":"var(--lia-bs-font-size-sm)","linkFontStyle":"NORMAL","linkFontWeight":"400","linkTextTransform":"NONE","linkLetterSpacing":"normal","linkBorderRadius":"var(--lia-bs-border-radius-sm)","linkBgColor":"transparent","linkBgHoverColor":"transparent","linkBorder":"none","linkBorderHover":"none","linkBoxShadow":"none","linkBoxShadowHover":"none","linkTextBorderBottom":"none","linkTextBorderBottomHover":"none","dropdownPaddingTop":"10px","dropdownPaddingBottom":"15px","dropdownPaddingX":"10px","dropdownMenuOffset":"2px","dropdownDividerMarginTop":"10px","dropdownDividerMarginBottom":"10px","dropdownBorderColor":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.08)","controllerBgHoverColor":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.1)","controllerIconColor":"var(--lia-bs-body-color)","controllerIconHoverColor":"var(--lia-bs-body-color)","controllerTextColor":"var(--lia-nav-controller-icon-color)","controllerTextHoverColor":"var(--lia-nav-controller-icon-hover-color)","controllerHighlightColor":"hsla(30, 100%, 50%)","controllerHighlightTextColor":"var(--lia-yiq-light)","controllerBorderRadius":"var(--lia-border-radius-50)","hamburgerColor":"var(--lia-nav-controller-icon-color)","hamburgerHoverColor":"var(--lia-nav-controller-icon-color)","hamburgerBgColor":"transparent","hamburgerBgHoverColor":"transparent","hamburgerBorder":"none","hamburgerBorderHover":"none","collapseMenuMarginLeft":"20px","collapseMenuDividerBg":"var(--lia-nav-link-color)","collapseMenuDividerOpacity":0.16,"__typename":"NavbarThemeSettings"},"pager":{"textColor":"var(--lia-bs-link-color)","textFontWeight":"var(--lia-font-weight-md)","textFontSize":"var(--lia-bs-font-size-sm)","__typename":"PagerThemeSettings"},"panel":{"bgColor":"var(--lia-bs-white)","borderRadius":"var(--lia-bs-border-radius)","borderColor":"var(--lia-bs-border-color)","boxShadow":"none","__typename":"PanelThemeSettings"},"popover":{"arrowHeight":"8px","arrowWidth":"16px","maxWidth":"300px","minWidth":"100px","headerBg":"var(--lia-bs-white)","borderColor":"var(--lia-bs-border-color)","borderRadius":"var(--lia-bs-border-radius)","boxShadow":"0 0.5rem 1rem hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.15)","__typename":"PopoverThemeSettings"},"prism":{"color":"#000000","bgColor":"#f5f2f0","fontFamily":"var(--font-family-monospace)","fontSize":"var(--lia-bs-font-size-base)","fontWeightBold":"var(--lia-bs-font-weight-bold)","fontStyleItalic":"italic","tabSize":2,"highlightColor":"#b3d4fc","commentColor":"#62707e","punctuationColor":"#6f6f6f","namespaceOpacity":"0.7","propColor":"#990055","selectorColor":"#517a00","operatorColor":"#906736","operatorBgColor":"hsla(0, 0%, 100%, 0.5)","keywordColor":"#0076a9","functionColor":"#d3284b","variableColor":"#c14700","__typename":"PrismThemeSettings"},"rte":{"bgColor":"var(--lia-bs-white)","borderRadius":"var(--lia-panel-border-radius)","boxShadow":" var(--lia-panel-box-shadow)","customColor1":"#bfedd2","customColor2":"#fbeeb8","customColor3":"#f8cac6","customColor4":"#eccafa","customColor5":"#c2e0f4","customColor6":"#2dc26b","customColor7":"#f1c40f","customColor8":"#e03e2d","customColor9":"#b96ad9","customColor10":"#3598db","customColor11":"#169179","customColor12":"#e67e23","customColor13":"#ba372a","customColor14":"#843fa1","customColor15":"#236fa1","customColor16":"#ecf0f1","customColor17":"#ced4d9","customColor18":"#95a5a6","customColor19":"#7e8c8d","customColor20":"#34495e","customColor21":"#000000","customColor22":"#ffffff","defaultMessageHeaderMarginTop":"40px","defaultMessageHeaderMarginBottom":"20px","defaultMessageItemMarginTop":"0","defaultMessageItemMarginBottom":"30px","diffAddedColor":"hsla(170, 53%, 51%, 0.4)","diffChangedColor":"hsla(43, 97%, 63%, 0.4)","diffNoneColor":"hsla(0, 0%, 80%, 0.4)","diffRemovedColor":"hsla(9, 74%, 47%, 0.4)","specialMessageHeaderMarginTop":"40px","specialMessageHeaderMarginBottom":"20px","specialMessageItemMarginTop":"0","specialMessageItemMarginBottom":"30px","__typename":"RteThemeSettings"},"tags":{"bgColor":"var(--lia-bs-gray-200)","bgHoverColor":"var(--lia-bs-gray-400)","borderRadius":"var(--lia-bs-border-radius-sm)","color":"var(--lia-bs-body-color)","hoverColor":"var(--lia-bs-body-color)","fontWeight":"var(--lia-font-weight-md)","fontSize":"var(--lia-font-size-xxs)","textTransform":"UPPERCASE","letterSpacing":"0.5px","__typename":"TagsThemeSettings"},"toasts":{"borderRadius":"var(--lia-bs-border-radius)","paddingX":"12px","__typename":"ToastsThemeSettings"},"typography":{"fontFamilyBase":"Inter","fontStyleBase":"NORMAL","fontWeightBase":"300","fontWeightLight":"300","fontWeightNormal":"400","fontWeightMd":"500","fontWeightBold":"700","letterSpacingSm":"normal","letterSpacingXs":"normal","lineHeightBase":"1.5","fontSizeBase":"16px","fontSizeXxs":"11px","fontSizeXs":"12px","fontSizeSm":"14px","fontSizeLg":"20px","fontSizeXl":"24px","smallFontSize":"14px","customFonts":[{"source":"GOOGLE","name":"Geologica","styles":[{"style":"NORMAL","weight":"100","__typename":"FontStyleData"},{"style":"NORMAL","weight":"500","__typename":"FontStyleData"}],"assetNames":["Geologica-normal-100.woff2","Geologica-normal-500.woff2"],"__typename":"CustomFont"}],"__typename":"TypographyThemeSettings"},"unstyledListItem":{"marginBottomSm":"5px","marginBottomMd":"10px","marginBottomLg":"15px","marginBottomXl":"20px","marginBottomXxl":"25px","__typename":"UnstyledListItemThemeSettings"},"yiq":{"light":"#ffffff","dark":"#000000","__typename":"YiqThemeSettings"},"colorLightness":{"primaryDark":0.36,"primaryLight":0.74,"primaryLighter":0.89,"primaryLightest":0.95,"infoDark":0.39,"infoLight":0.72,"infoLighter":0.85,"infoLightest":0.93,"successDark":0.24,"successLight":0.62,"successLighter":0.8,"successLightest":0.91,"warningDark":0.39,"warningLight":0.68,"warningLighter":0.84,"warningLightest":0.93,"dangerDark":0.41,"dangerLight":0.72,"dangerLighter":0.89,"dangerLightest":0.95,"__typename":"ColorLightnessThemeSettings"},"localOverride":false,"__typename":"Theme"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/common/Loading/LoadingDot-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/common/Loading/LoadingDot-1740587331000","value":{"title":"Loading..."},"localOverride":false},"CachedAsset:quilt:immersivelabs.prod:pages/forums/ForumMessagePage:board:help-1743426078339":{"__typename":"CachedAsset","id":"quilt:immersivelabs.prod:pages/forums/ForumMessagePage:board:help-1743426078339","value":{"id":"ForumMessagePage","container":{"id":"Common","headerProps":{"backgroundImageProps":null,"backgroundColor":null,"addComponents":null,"removeComponents":["community.widget.bannerWidget"],"componentOrder":null,"__typename":"QuiltContainerSectionProps"},"headerComponentProps":{"community.widget.breadcrumbWidget":{"disableLastCrumbForDesktop":false}},"footerProps":null,"footerComponentProps":null,"items":[{"id":"message-list","layout":"MAIN_SIDE","bgColor":null,"showTitle":null,"showDescription":null,"textPosition":null,"textColor":null,"sectionEditLevel":null,"bgImage":null,"disableSpacing":null,"edgeToEdgeDisplay":null,"fullHeight":null,"showBorder":null,"__typename":"MainSideQuiltSection","columnMap":{"main":[{"id":"messages.widget.topicWithThreadedReplyListWidget","className":"lia-topic-with-replies","props":{"editLevel":"CONFIGURE"},"__typename":"QuiltComponent"}],"side":[{"id":"featuredWidgets.widget.featuredPlacesWidget","className":null,"props":{"instanceId":"featuredWidgets.widget.featuredPlacesWidget-1717580201341","layoutProps":{"layout":"card","cardSize":"xs","layoutOptions":{"useNodeDescription":false,"useUnreadMessagesCount":false,"useChildNodes":false,"useNodeTopicsCount":false,"useNodeAvatar":false,"useNodeLatestActivityTime":false},"textAlignment":"center","descriptionClampLines":1},"titleSrOnly":true,"showPager":false,"pageSize":1,"lazyLoad":false},"__typename":"QuiltComponent"},{"id":"messages.widget.relatedContentWidget","className":null,"props":{"hideIfEmpty":false,"enablePagination":true,"useTitle":true,"listVariant":{"type":"unstyled","props":{"listItemSpacing":"xxl"}},"pageSize":5,"style":"compact","pagerVariant":{"type":"loadMore"},"viewVariant":{"type":"inline","props":{"useRepliesCount":false,"useMedia":false,"useAuthorRank":false,"useNode":false,"boardIconSize":"24","useAuthorLoginLink":true,"useNodeLink":true,"usePreviewMedia":true,"timeStampType":"postTime","useTextBody":true,"useSolvedBadge":false,"subjectAs":"h6","renderPostTimeBeforeAuthor":true,"useAvatar":false,"useVideoPreview":false,"portraitClampBodyLines":3,"useCompactSpacing":true,"useTimeToRead":false,"useSpoilerFreeBody":true,"useKudosCount":false,"useViewCount":false,"useBody":false,"useTags":false,"clampSubjectLines":1,"useBoardIcon":false,"useMessageTimeLink":true,"useAuthorLogin":true}},"lazyLoad":false,"panelType":"standard"},"__typename":"QuiltComponent"},{"id":"messages.widget.messageListForNodeByRecentActivityWidget","className":null,"props":{"hideIfEmpty":true,"useTitle":true,"addTags":false,"titleContextVariant":"other","showTabs":false,"pageSize":5,"pagerVariant":{"type":"loadMore"},"style":"compact","viewVariant":{"type":"inline","props":{"useRepliesCount":false,"useMedia":false,"useAuthorRank":false,"useNode":false,"boardIconSize":"24","truncateBodyLength":-1,"useNodeLink":true,"usePreviewMedia":false,"timeStampType":"conversation.lastPostingActivityTime","avatarSize":"40","useTextBody":true,"useSolvedBadge":true,"subjectAs":"h6","renderPostTimeBeforeAuthor":true,"useAvatar":true,"useTimeToRead":false,"useSpoilerFreeBody":true,"useKudosCount":false,"useViewCount":false,"useBody":false,"useTags":false,"clampSubjectLines":1,"useBoardIcon":false,"useMessageTimeLink":true,"clampBodyLines":3,"useAuthorLogin":true,"useUnreadCount":false,"useNodeHoverCard":true,"useSearchSnippet":false}},"panelType":"divider","sorts":{"conversationLastPostingActivityTime":{"direction":"DESC"}},"lazyLoad":false},"__typename":"QuiltComponent"}],"__typename":"MainSideSectionColumns"}}],"__typename":"QuiltContainer"},"__typename":"Quilt","localOverride":false},"localOverride":false},"CachedAsset:text:en_US-components/common/EmailVerification-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/common/EmailVerification-1740587331000","value":{"email.verification.title":"Email Verification Required","email.verification.message.update.email":"To participate in the community, you must first verify your email address. The verification email was sent to {email}. To change your email, visit My Settings.","email.verification.message.resend.email":"To participate in the community, you must first verify your email address. The verification email was sent to {email}. Resend email."},"localOverride":false},"CachedAsset:text:en_US-pages/forums/ForumMessagePage-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-pages/forums/ForumMessagePage-1740587331000","value":{"title":"{contextMessageSubject} | {communityTitle}","errorMissing":"This message cannot be found","name":"Forum Message Page","section.message-list.title":"Forum Discussion","archivedMessageTitle":"This Content Has Been Archived"},"localOverride":false},"CachedAsset:quiltWrapper:immersivelabs.prod:Common:1742433894386":{"__typename":"CachedAsset","id":"quiltWrapper:immersivelabs.prod:Common:1742433894386","value":{"id":"Common","header":{"backgroundImageProps":{"assetName":null,"backgroundSize":"COVER","backgroundRepeat":"NO_REPEAT","backgroundPosition":"CENTER_CENTER","lastModified":null,"__typename":"BackgroundImageProps"},"backgroundColor":"var(--lia-bs-body-color)","items":[{"id":"community.widget.navbarWidget","props":{"showUserName":false,"showRegisterLink":false,"useIconLanguagePicker":true,"useLabelLanguagePicker":true,"className":"QuiltComponent_lia-component-edit-mode__0nCcm","links":{"sideLinks":[],"mainLinks":[{"children":[{"linkType":"INTERNAL","id":"get-started-link","params":{"boardId":"get-started","categoryId":"welcome"},"routeName":"TkbBoardPage"},{"linkType":"INTERNAL","id":"migrated-link-2","params":{"boardId":"community-forum","categoryId":"welcome"},"routeName":"ForumBoardPage"},{"linkType":"INTERNAL","id":"migrated-link-1","params":{"boardId":"community-blog","categoryId":"welcome"},"routeName":"BlogBoardPage"},{"linkType":"EXTERNAL","id":"Common-external-link","url":"https://community.immersivelabs.com/tag/community%20challenge","target":"SELF"}],"linkType":"INTERNAL","id":"migrated-link-0","params":{"categoryId":"welcome"},"routeName":"CategoryPage"},{"children":[{"linkType":"INTERNAL","id":"help","params":{"boardId":"help","categoryId":"help"},"routeName":"ForumBoardPage"},{"linkType":"EXTERNAL","id":"external-2","url":"https://community.immersivelabs.com/category/help/discussions/help?messages.widget.messagelistfornodebyrecentactivitywidget-tab-main-ochszs-0=noSolutions","target":"SELF"},{"linkType":"INTERNAL","id":"cybertrust-massachusetts-link","params":{"groupHubId":"cybertrust-massachusetts"},"routeName":"GroupHubPage"},{"linkType":"EXTERNAL","id":"external-1","url":"https://immersivelabs.zendesk.com/hc/en-us","target":"BLANK"}],"linkType":"INTERNAL","id":"migrated-link-3","params":{"boardId":"help","categoryId":"discuss"},"routeName":"ForumBoardPage"},{"children":[{"linkType":"INTERNAL","id":"customer-blog","params":{"boardId":"customer-blog","categoryId":"blogs"},"routeName":"BlogBoardPage"},{"linkType":"INTERNAL","id":"the-human-connection-blog","params":{"boardId":"the-human-connection-blog","categoryId":"blogs"},"routeName":"BlogBoardPage"},{"linkType":"EXTERNAL","id":"external","url":"https://www.immersivelabs.com/resources/blog","target":"BLANK"}],"linkType":"INTERNAL","id":"migrated-link-4","params":{"categoryId":"blogs"},"routeName":"CategoryPage"},{"children":[{"linkType":"INTERNAL","id":"migrated-link-10","params":{"boardId":"customer-events","categoryId":"events"},"routeName":"EventBoardPage"},{"linkType":"INTERNAL","id":"migrated-link-11","params":{"boardId":"community-events","categoryId":"events"},"routeName":"EventBoardPage"}],"linkType":"INTERNAL","id":"migrated-link-9","params":{"categoryId":"events"},"routeName":"CategoryPage"},{"children":[{"linkType":"INTERNAL","id":"migrated-link-13","params":{"boardId":"cyber-million","categoryId":"cyber-million"},"routeName":"ForumBoardPage"},{"linkType":"EXTERNAL","id":"external-3","url":"https://community.immersivelabs.com/category/cyber-million/discussions/cyber-million?messages.widget.messagelistfornodebyrecentactivitywidget-tab-main-ouwewl-0=noSolutions","target":"SELF"},{"linkType":"INTERNAL","id":"migrated-link-14","params":{"boardId":"cyber-million-blog","categoryId":"cyber-million"},"routeName":"BlogBoardPage"},{"linkType":"EXTERNAL","id":"migrated-link-15","url":"https://www.immersivelabs.com/resources/cybermillion","target":"BLANK"}],"linkType":"INTERNAL","id":"migrated-link-12","params":{"categoryId":"cyber-million"},"routeName":"CategoryPage"}]},"style":{"boxShadow":"0","linkFontWeight":"500","controllerHighlightColor":"#E45C65","dropdownDividerMarginBottom":"10px","hamburgerBorderHover":"none","linkFontSize":"16px","linkBoxShadowHover":"none","backgroundOpacity":1,"controllerBorderRadius":"var(--lia-border-radius-50)","hamburgerBgColor":"transparent","linkTextBorderBottom":"none","hamburgerColor":"var(--lia-nav-controller-icon-color)","brandLogoHeight":"80px","linkLetterSpacing":"normal","linkBgHoverColor":"transparent","collapseMenuDividerOpacity":0.16,"paddingBottom":"0px","dropdownPaddingBottom":"15px","dropdownMenuOffset":"2px","hamburgerBgHoverColor":"transparent","borderBottom":"0","hamburgerBorder":"none","dropdownPaddingX":"10px","brandMarginRightSm":"10px","linkBoxShadow":"none","linkJustifyContent":"flex-end","linkColor":"var(--lia-bs-body-bg)","collapseMenuDividerBg":"var(--lia-nav-link-color)","dropdownPaddingTop":"10px","controllerHighlightTextColor":"var(--lia-yiq-dark)","controllerTextColor":"var(--lia-nav-controller-icon-color)","background":{"imageAssetName":"","color":"var(--lia-bs-body-color)","size":"COVER","repeat":"NO_REPEAT","position":"CENTER_CENTER","imageLastModified":""},"linkBorderRadius":"var(--lia-bs-border-radius-sm)","linkHoverColor":"var(--lia-bs-primary)","position":"FIXED","linkBorder":"none","linkTextBorderBottomHover":"0","brandMarginRight":"30px","hamburgerHoverColor":"var(--lia-nav-controller-icon-color)","linkBorderHover":"none","collapseMenuMarginLeft":"20px","linkFontStyle":"NORMAL","linkPaddingX":"10px","controllerTextHoverColor":"var(--lia-nav-controller-icon-hover-color)","paddingTop":"0px","linkPaddingY":"5px","linkTextTransform":"NONE","dropdownBorderColor":"hsla(var(--lia-bs-white-h), var(--lia-bs-white-s), var(--lia-bs-white-l), 0.08)","controllerBgHoverColor":"hsla(var(--lia-bs-white-h), var(--lia-bs-white-s), var(--lia-bs-white-l), 0.1)","linkDropdownPaddingX":"var(--lia-nav-link-px)","linkBgColor":"transparent","linkDropdownPaddingY":"9px","controllerIconColor":"var(--lia-bs-body-bg)","dropdownDividerMarginTop":"10px","linkGap":"10px","controllerIconHoverColor":"var(--lia-bs-body-bg)"},"showSearchIcon":true,"languagePickerStyle":"iconAndLabel"},"__typename":"QuiltComponent"},{"id":"community.widget.bannerWidget","props":{"backgroundColor":"transparent","visualEffects":{"showBottomBorder":true},"backgroundOpacity":50,"backgroundImageProps":{"backgroundSize":"COVER","backgroundPosition":"CENTER_CENTER","backgroundRepeat":"NO_REPEAT"},"fontColor":"var(--lia-bs-body-bg)"},"__typename":"QuiltComponent"},{"id":"community.widget.breadcrumbWidget","props":{"backgroundColor":"var(--lia-bs-body-color)","linkHighlightColor":"var(--lia-bs-body-bg)","visualEffects":{"showBottomBorder":false},"backgroundOpacity":100,"linkTextColor":"var(--lia-bs-body-bg)"},"__typename":"QuiltComponent"}],"__typename":"QuiltWrapperSection"},"footer":{"backgroundImageProps":{"assetName":null,"backgroundSize":"COVER","backgroundRepeat":"NO_REPEAT","backgroundPosition":"CENTER_CENTER","lastModified":null,"__typename":"BackgroundImageProps"},"backgroundColor":"var(--lia-bs-gray-200)","items":[{"id":"community.widget.footerWidget","props":null,"__typename":"QuiltComponent"},{"id":"custom.widget.Custom_Scripts","props":{"widgetVisibility":"signedInOrAnonymous","customComponentId":"custom.widget.Custom_Scripts","useBackground":false},"__typename":"QuiltComponent"}],"__typename":"QuiltWrapperSection"},"__typename":"QuiltWrapper","localOverride":false},"localOverride":false},"CachedAsset:text:en_US-components/common/ActionFeedback-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/common/ActionFeedback-1740587331000","value":{"joinedGroupHub.title":"Welcome","joinedGroupHub.message":"You are now a member of this group and are subscribed to updates.","groupHubInviteNotFound.title":"Invitation Not Found","groupHubInviteNotFound.message":"Sorry, we could not find your invitation to the group. The owner may have canceled the invite.","groupHubNotFound.title":"Group Not Found","groupHubNotFound.message":"The grouphub you tried to join does not exist. It may have been deleted.","existingGroupHubMember.title":"Already Joined","existingGroupHubMember.message":"You are already a member of this group.","accountLocked.title":"Account Locked","accountLocked.message":"Your account has been locked due to multiple failed attempts. Try again in {lockoutTime} minutes.","editedGroupHub.title":"Changes Saved","editedGroupHub.message":"Your group has been updated.","leftGroupHub.title":"Goodbye","leftGroupHub.message":"You are no longer a member of this group and will not receive future updates.","deletedGroupHub.title":"Deleted","deletedGroupHub.message":"The group has been deleted.","groupHubCreated.title":"Group Created","groupHubCreated.message":"{groupHubName} is ready to use","accountClosed.title":"Account Closed","accountClosed.message":"The account has been closed and you will now be redirected to the homepage","resetTokenExpired.title":"Reset Password Link has Expired","resetTokenExpired.message":"Try resetting your password again","invalidUrl.title":"Invalid URL","invalidUrl.message":"The URL you're using is not recognized. Verify your URL and try again.","accountClosedForUser.title":"Account Closed","accountClosedForUser.message":"{userName}'s account is closed","inviteTokenInvalid.title":"Invitation Invalid","inviteTokenInvalid.message":"Your invitation to the community has been canceled or expired.","inviteTokenError.title":"Invitation Verification Failed","inviteTokenError.message":"The url you are utilizing is not recognized. Verify your URL and try again","pageNotFound.title":"Access Denied","pageNotFound.message":"You do not have access to this area of the community or it doesn't exist","eventAttending.title":"Responded as Attending","eventAttending.message":"You'll be notified when there's new activity and reminded as the event approaches","eventInterested.title":"Responded as Interested","eventInterested.message":"You'll be notified when there's new activity and reminded as the event approaches","eventNotFound.title":"Event Not Found","eventNotFound.message":"The event you tried to respond to does not exist.","redirectToRelatedPage.title":"Showing Related Content","redirectToRelatedPageForBaseUsers.title":"Showing Related Content","redirectToRelatedPageForBaseUsers.message":"The content you are trying to access is archived","redirectToRelatedPage.message":"The content you are trying to access is archived","relatedUrl.archivalLink.flyoutMessage":"The content you are trying to access is archived View Archived Content"},"localOverride":false},"CachedAsset:component:custom.widget.Custom_Scripts-en-1743423784688":{"__typename":"CachedAsset","id":"component:custom.widget.Custom_Scripts-en-1743423784688","value":{"component":{"id":"custom.widget.Custom_Scripts","template":{"id":"Custom_Scripts","markupLanguage":"HANDLEBARS","style":null,"texts":null,"defaults":{"config":{"applicablePages":[],"description":"","fetchedContent":null,"__typename":"ComponentConfiguration"},"props":[],"__typename":"ComponentProperties"},"components":[{"id":"custom.widget.Custom_Scripts","form":null,"config":null,"props":[],"__typename":"Component"}],"grouping":"CUSTOM","__typename":"ComponentTemplate"},"properties":{"config":{"applicablePages":[],"description":"","fetchedContent":null,"__typename":"ComponentConfiguration"},"props":[],"__typename":"ComponentProperties"},"form":null,"__typename":"Component","localOverride":false},"globalCss":null,"form":null},"localOverride":false},"CachedAsset:text:en_US-components/community/Breadcrumb-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/community/Breadcrumb-1740587331000","value":{"navLabel":"Breadcrumbs","dropdown":"Additional parent page navigation"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageBanner-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageBanner-1740587331000","value":{"messageMarkedAsSpam":"This post has been marked as spam","messageMarkedAsSpam@board:TKB":"This article has been marked as spam","messageMarkedAsSpam@board:BLOG":"This post has been marked as spam","messageMarkedAsSpam@board:FORUM":"This discussion has been marked as spam","messageMarkedAsSpam@board:OCCASION":"This event has been marked as spam","messageMarkedAsSpam@board:IDEA":"This idea has been marked as spam","manageSpam":"Manage Spam","messageMarkedAsAbuse":"This post has been marked as abuse","messageMarkedAsAbuse@board:TKB":"This article has been marked as abuse","messageMarkedAsAbuse@board:BLOG":"This post has been marked as abuse","messageMarkedAsAbuse@board:FORUM":"This discussion has been marked as abuse","messageMarkedAsAbuse@board:OCCASION":"This event has been marked as abuse","messageMarkedAsAbuse@board:IDEA":"This idea has been marked as abuse","preModCommentAuthorText":"This comment will be published as soon as it is approved","preModCommentModeratorText":"This comment is awaiting moderation","messageMarkedAsOther":"This post has been rejected due to other reasons","messageMarkedAsOther@board:TKB":"This article has been rejected due to other reasons","messageMarkedAsOther@board:BLOG":"This post has been rejected due to other reasons","messageMarkedAsOther@board:FORUM":"This discussion has been rejected due to other reasons","messageMarkedAsOther@board:OCCASION":"This event has been rejected due to other reasons","messageMarkedAsOther@board:IDEA":"This idea has been rejected due to other reasons","messageArchived":"This post was archived on {date}","relatedUrl":"View Related Content","relatedContentText":"Showing related content","archivedContentLink":"View Archived Content"},"localOverride":false},"CachedAsset:text:en_US-components/featured/places/FeaturedPlacesWidget-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/featured/places/FeaturedPlacesWidget-1740587331000","value":{"title":"Featured Places","description":"Custom list of categories, boards, and groups that you define","title@instance:featuredWidgets.widget.featuredPlacesWidget-1723716011813":"Cybersecurity Awareness Month","title@instance:featuredWidgets.widget.featuredPlacesWidget-1714054236434":"Explore The Community","title@instance:featuredWidgets.widget.featuredPlacesWidget-1717485561171":"Places","title@instance:featuredWidgets.widget.featuredPlacesWidget-1733305579381":"Cyber Countdown","title@instance:featuredWidgets.widget.featuredPlacesWidget-1714132737520":"First Time? Start Here ","title@instance:featuredWidgets.widget.featuredPlacesWidget-1717595852814":"","title@instance:featuredWidgets.widget.featuredPlacesWidget-1725897163378":"Explore Other Forums","title@instance:featuredWidgets.widget.featuredPlacesWidget-1716895063919":"Upcoming Events","title@instance:featuredWidgets.widget.featuredPlacesWidget-1725897102867":"Explore Other Forums","title@instance:featuredWidgets.widget.featuredPlacesWidget-1725896893799":"Explore Other Forums"},"localOverride":false},"CachedAsset:text:en_US-components/messages/RelatedContentWidget-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/RelatedContentWidget-1740587331000","value":{"title":"Related Content","emptyDescription":"No content to show"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageListForNodeByRecentActivityWidget-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageListForNodeByRecentActivityWidget-1740587331000","value":{"title@userScope:other":"Recent Content","title@userScope:self":"Contributions","title@board:FORUM@userScope:other":"Recent Discussions","title@board:BLOG@userScope:other":"Recent Blogs","emptyDescription":"No content to show","MessageListForNodeByRecentActivityWidgetEditor.nodeScope.label":"Scope","title@instance:1714564690968":"Recent Blog Posts","title@instance:1715289331950":"Recent Discussions","title@instance:1711748122224":"Feed","title@instance:1714134050806":"What's New?"},"localOverride":false},"CachedAsset:text:en_US-components/community/FooterWidget-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/community/FooterWidget-1740587331000","value":{"homeLink":"Community Home","topOfPage":"Top of Page","buildHash":"Build Hash:","buildNumber":"Build Number:","buildTime":"Build Time:","privacyPolicy":"Privacy Policy","helpLink":"Help"},"localOverride":false},"Category:category:welcome":{"__typename":"Category","id":"category:welcome","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"entityType":"CATEGORY","displayId":"welcome","nodeType":"category","depth":1,"title":"Welcome","shortTitle":"Welcome"},"Blog:board:community-blog":{"__typename":"Blog","id":"board:community-blog","blogPolicies":{"__typename":"BlogPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:events":{"__typename":"Category","id":"category:events","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:cyber-million":{"__typename":"Category","id":"category:cyber-million","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Forum:board:cyber-million":{"__typename":"Forum","id":"board:cyber-million","forumPolicies":{"__typename":"ForumPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Blog:board:cyber-million-blog":{"__typename":"Blog","id":"board:cyber-million-blog","blogPolicies":{"__typename":"BlogPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Occasion:board:community-events":{"__typename":"Occasion","id":"board:community-events","boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"occasionPolicies":{"__typename":"OccasionPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Forum:board:community-forum":{"__typename":"Forum","id":"board:community-forum","forumPolicies":{"__typename":"ForumPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"entityType":"FORUM","displayId":"community-forum","nodeType":"board","depth":2,"conversationStyle":"FORUM","title":"Community Forum","shortTitle":"Community Forum","parent":{"__ref":"Category:category:welcome"},"userContext":{"__typename":"NodeUserContext","canAddAttachments":false,"canUpdateNode":false,"canPostMessages":false,"isSubscribed":false},"avatar":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bi00MC1OTnpYNjc\"}"},"description":"If you have questions about the community itself or want to chat with the community, come and introduce yourself here.","eventPath":"category:welcome/community:dnvaw96485board:community-forum/"},"Category:category:blogs":{"__typename":"Category","id":"category:blogs","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"entityType":"CATEGORY","displayId":"blogs","nodeType":"category","depth":1,"title":"Blogs","shortTitle":"Blogs"},"Blog:board:the-human-connection-blog":{"__typename":"Blog","id":"board:the-human-connection-blog","blogPolicies":{"__typename":"BlogPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"entityType":"BLOG","displayId":"the-human-connection-blog","nodeType":"board","depth":2,"conversationStyle":"BLOG","title":"The Human Connection Blog","shortTitle":"The Human Connection Blog","parent":{"__ref":"Category:category:blogs"},"userContext":{"__typename":"NodeUserContext","canAddAttachments":false,"canUpdateNode":false,"canPostMessages":false,"isSubscribed":false},"avatar":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bi00OS1vdVVFbDU\"}"},"description":"Learn from our passionate experts on a wide range of subjects from Cyber Threat Research to maximizing value with Immersive, plus, hear from our outstanding customers who are keen to share their experiences.","eventPath":"category:blogs/community:dnvaw96485board:the-human-connection-blog/"},"Tkb:board:get-started":{"__typename":"Tkb","id":"board:get-started","tkbPolicies":{"__typename":"TkbPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Conversation:conversation:1925":{"__typename":"Conversation","id":"conversation:1925","topic":{"__typename":"ForumTopicMessage","uid":1925},"lastPostingActivityTime":"2025-04-02T16:28:33.173-07:00","solved":false},"ForumTopicMessage:message:1925":{"__typename":"ForumTopicMessage","subject":"AWS Security Hub: Integrations and Custom Actions","conversation":{"__ref":"Conversation:conversation:1925"},"id":"message:1925","revisionNum":1,"uid":1925,"depth":0,"board":{"__ref":"Forum:board:help"},"author":{"__typename":"User","uid":448,"login":"T3S0r0","registrationData":{"__typename":"RegistrationData","status":null},"deleted":false,"avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/dS00NDgtWmN2UW01?image-coordinates=124%2C0%2C834%2C710"}},"metrics":{"__typename":"MessageMetrics","views":7},"postTime":"2025-04-02T10:11:21.008-07:00","lastPublishTime":"2025-04-02T10:11:21.008-07:00","readOnly":false},"Conversation:conversation:1923":{"__typename":"Conversation","id":"conversation:1923","topic":{"__typename":"ForumTopicMessage","uid":1923},"lastPostingActivityTime":"2025-04-02T09:03:28.252-07:00","solved":false},"ForumTopicMessage:message:1923":{"__typename":"ForumTopicMessage","subject":"Need help on question 10 in \"Wizard Spider DFIR: Ep.2 – Ransomware Analysis\" lab","conversation":{"__ref":"Conversation:conversation:1923"},"id":"message:1923","revisionNum":1,"uid":1923,"depth":0,"board":{"__ref":"Forum:board:help"},"author":{"__typename":"User","uid":1319,"login":"ba20","registrationData":{"__typename":"RegistrationData","status":null},"deleted":false,"avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/m_assets/avatars/default/avatar-8.svg?time=0"}},"metrics":{"__typename":"MessageMetrics","views":3},"postTime":"2025-04-02T09:03:28.252-07:00","lastPublishTime":"2025-04-02T09:03:28.252-07:00","readOnly":false},"Conversation:conversation:1657":{"__typename":"Conversation","id":"conversation:1657","topic":{"__typename":"ForumTopicMessage","uid":1657},"lastPostingActivityTime":"2025-04-01T16:01:07.239-07:00","solved":false},"ForumTopicMessage:message:1657":{"__typename":"ForumTopicMessage","subject":"Need Help for Pwntools: Ep. 6 — Demonstrate Your Skills","conversation":{"__ref":"Conversation:conversation:1657"},"id":"message:1657","revisionNum":1,"uid":1657,"depth":0,"board":{"__ref":"Forum:board:help"},"author":{"__typename":"User","uid":1086,"login":"kdkstudies","registrationData":{"__typename":"RegistrationData","status":null},"deleted":false,"avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/m_assets/avatars/default/avatar-2.svg?time=0"}},"metrics":{"__typename":"MessageMetrics","views":99},"postTime":"2025-02-24T05:54:59.541-08:00","lastPublishTime":"2025-02-24T05:54:59.541-08:00","readOnly":false},"Conversation:conversation:1735":{"__typename":"Conversation","id":"conversation:1735","topic":{"__typename":"ForumTopicMessage","uid":1735},"lastPostingActivityTime":"2025-04-01T15:44:32.770-07:00","solved":false},"ForumTopicMessage:message:1735":{"__typename":"ForumTopicMessage","subject":"Anyone finished the \"Etherium Smart Contracts\"?","conversation":{"__ref":"Conversation:conversation:1735"},"id":"message:1735","revisionNum":1,"uid":1735,"depth":0,"board":{"__ref":"Forum:board:help"},"author":{"__typename":"User","uid":507,"login":"IotS2024","registrationData":{"__typename":"RegistrationData","status":null},"deleted":false,"avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/m_assets/avatars/default/avatar-11.svg?time=0"}},"metrics":{"__typename":"MessageMetrics","views":132},"postTime":"2025-03-04T08:57:35.254-08:00","lastPublishTime":"2025-03-04T08:57:35.254-08:00","readOnly":false},"Conversation:conversation:1889":{"__typename":"Conversation","id":"conversation:1889","topic":{"__typename":"ForumTopicMessage","uid":1889},"lastPostingActivityTime":"2025-04-01T15:01:12.359-07:00","solved":false},"ForumTopicMessage:message:1889":{"__typename":"ForumTopicMessage","subject":"Foundational Static Analysis: API Analysis","conversation":{"__ref":"Conversation:conversation:1889"},"id":"message:1889","revisionNum":1,"uid":1889,"depth":0,"board":{"__ref":"Forum:board:help"},"author":{"__typename":"User","uid":880,"login":"MrReaper","registrationData":{"__typename":"RegistrationData","status":null},"deleted":false,"avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/dS04ODAtYWZObDht?image-coordinates=192%2C0%2C721%2C529"}},"metrics":{"__typename":"MessageMetrics","views":33},"postTime":"2025-03-28T06:55:48.761-07:00","lastPublishTime":"2025-03-28T06:55:48.761-07:00","readOnly":false},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstOS1zNm9LWmk\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstOS1zNm9LWmk","height":160,"width":141,"mimeType":"image/png"},"Rank:rank:9":{"__typename":"Rank","id":"rank:9","position":19,"name":"Bronze II","color":"C69A70","icon":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstOS1zNm9LWmk\"}"},"rankStyle":"FILLED"},"User:user:189":{"__typename":"User","id":"user:189","uid":189,"login":"LN1","biography":null,"registrationData":{"__typename":"RegistrationData","status":null,"registrationTime":"2024-09-21T02:14:41.231-07:00","confirmEmailStatus":null,"registrationAccessLevel":null,"ssoRegistrationFields":[]},"deleted":false,"email":"","avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/m_assets/avatars/default/avatar-1.svg?time=0"},"rank":{"__ref":"Rank:rank:9"},"messagesCount":4,"kudosGivenCount":1,"kudosReceivedCount":5,"kudosWeight":1,"ssoId":null,"followersCount":null,"solutionsCount":1,"entityType":"USER","eventPath":"community:dnvaw96485/user:189"},"ForumTopicMessage:message:520":{"__typename":"ForumTopicMessage","uid":520,"subject":"Reverse Engineering","id":"message:520","revisionNum":1,"repliesCount":6,"author":{"__ref":"User:user:189"},"depth":0,"hasGivenKudo":false,"board":{"__ref":"Forum:board:help"},"conversation":{"__ref":"Conversation:conversation:520"},"moderationData":{"__ref":"ModerationData:moderation_data:520"},"postTime":"2024-09-21T02:20:28.589-07:00","lastPublishTime":"2024-09-21T02:20:28.589-07:00","readOnly":false,"metrics":{"__typename":"MessageMetrics","views":209},"placeholder":false,"originalMessageForPlaceholder":null,"isEscalated":null,"entityType":"FORUM_TOPIC","eventPath":"category:help/community:dnvaw96485board:help/message:520"},"Conversation:conversation:520":{"__typename":"Conversation","id":"conversation:520","solved":true,"topic":{"__ref":"ForumTopicMessage:message:520"},"lastPostingActivityTime":"2024-09-25T08:35:54.429-07:00","lastPostTime":"2024-09-25T08:35:54.429-07:00"},"ModerationData:moderation_data:520":{"__typename":"ModerationData","id":"moderation_data:520","status":"APPROVED","rejectReason":null},"RelatedContentMessage:RelatedContentMessage:520":{"__typename":"RelatedContentMessage","id":"RelatedContentMessage:520","relatedMessage":{"__ref":"ForumTopicMessage:message:520"}},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstOC1DNldCZUw\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstOC1DNldCZUw","height":160,"width":141,"mimeType":"image/png"},"Rank:rank:8":{"__typename":"Rank","id":"rank:8","position":20,"name":"Bronze I","color":"C69A70","icon":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstOC1DNldCZUw\"}"},"rankStyle":"FILLED"},"User:user:219":{"__typename":"User","id":"user:219","uid":219,"login":"f_alharthi94","biography":null,"registrationData":{"__typename":"RegistrationData","status":null,"registrationTime":"2024-09-24T14:02:03.589-07:00","confirmEmailStatus":null,"registrationAccessLevel":null,"ssoRegistrationFields":[]},"deleted":false,"email":"","avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/m_assets/avatars/default/avatar-2.svg?time=0"},"rank":{"__ref":"Rank:rank:8"},"messagesCount":1,"kudosGivenCount":0,"kudosReceivedCount":1,"kudosWeight":1,"ssoId":null,"followersCount":null,"solutionsCount":0,"entityType":"USER","eventPath":"community:dnvaw96485/user:219"},"ForumTopicMessage:message:556":{"__typename":"ForumTopicMessage","uid":556,"subject":"Introduction to Detection Engineering: Ep.5 – Custom Alerting","id":"message:556","revisionNum":1,"repliesCount":6,"author":{"__ref":"User:user:219"},"depth":0,"hasGivenKudo":false,"board":{"__ref":"Forum:board:help"},"conversation":{"__ref":"Conversation:conversation:556"},"moderationData":{"__ref":"ModerationData:moderation_data:556"},"postTime":"2024-09-24T14:05:57.346-07:00","lastPublishTime":"2024-09-24T14:05:57.346-07:00","readOnly":false,"metrics":{"__typename":"MessageMetrics","views":277},"placeholder":false,"originalMessageForPlaceholder":null,"isEscalated":null,"entityType":"FORUM_TOPIC","eventPath":"category:help/community:dnvaw96485board:help/message:556"},"Conversation:conversation:556":{"__typename":"Conversation","id":"conversation:556","solved":true,"topic":{"__ref":"ForumTopicMessage:message:556"},"lastPostingActivityTime":"2025-02-19T05:39:13.552-08:00","lastPostTime":"2025-02-19T05:39:13.552-08:00"},"ModerationData:moderation_data:556":{"__typename":"ModerationData","id":"moderation_data:556","status":"APPROVED","rejectReason":null},"RelatedContentMessage:RelatedContentMessage:556":{"__typename":"RelatedContentMessage","id":"RelatedContentMessage:556","relatedMessage":{"__ref":"ForumTopicMessage:message:556"}},"User:user:681":{"__typename":"User","id":"user:681","uid":681,"login":"AzurePineapple","biography":null,"registrationData":{"__typename":"RegistrationData","status":null,"registrationTime":"2024-12-01T06:46:52.601-08:00","confirmEmailStatus":null,"registrationAccessLevel":null,"ssoRegistrationFields":[]},"deleted":false,"email":"","avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/m_assets/avatars/custom/Avatar_-_12-1718372257064.png?time=1718372314000"},"rank":{"__ref":"Rank:rank:8"},"messagesCount":2,"kudosGivenCount":1,"kudosReceivedCount":3,"kudosWeight":1,"ssoId":null,"followersCount":null,"solutionsCount":1,"entityType":"USER","eventPath":"community:dnvaw96485/user:681"},"ForumTopicMessage:message:1169":{"__typename":"ForumTopicMessage","uid":1169,"subject":"Introduction to Detection Engineering: Ep.5 – Custom Alerting","id":"message:1169","revisionNum":1,"repliesCount":2,"author":{"__ref":"User:user:681"},"depth":0,"hasGivenKudo":false,"board":{"__ref":"Forum:board:help"},"conversation":{"__ref":"Conversation:conversation:1169"},"moderationData":{"__ref":"ModerationData:moderation_data:1169"},"postTime":"2024-12-01T08:07:02.036-08:00","lastPublishTime":"2024-12-01T08:07:02.036-08:00","readOnly":false,"metrics":{"__typename":"MessageMetrics","views":143},"placeholder":false,"originalMessageForPlaceholder":null,"isEscalated":null,"entityType":"FORUM_TOPIC","eventPath":"category:help/community:dnvaw96485board:help/message:1169"},"Conversation:conversation:1169":{"__typename":"Conversation","id":"conversation:1169","solved":true,"topic":{"__ref":"ForumTopicMessage:message:1169"},"lastPostingActivityTime":"2024-12-03T02:02:30.175-08:00","lastPostTime":"2024-12-03T02:02:30.175-08:00"},"ModerationData:moderation_data:1169":{"__typename":"ModerationData","id":"moderation_data:1169","status":"APPROVED","rejectReason":null},"RelatedContentMessage:RelatedContentMessage:1169":{"__typename":"RelatedContentMessage","id":"RelatedContentMessage:1169","relatedMessage":{"__ref":"ForumTopicMessage:message:1169"}},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstMS15alk5UjU\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstMS15alk5UjU","height":32,"width":32,"mimeType":"image/png"},"Rank:rank:1":{"__typename":"Rank","id":"rank:1","position":0,"name":"Community Manager","color":"4563FF","icon":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstMS15alk5UjU\"}"},"rankStyle":"FILLED"},"User:user:2":{"__typename":"User","id":"user:2","uid":2,"login":"TillyCorless","biography":null,"registrationData":{"__typename":"RegistrationData","status":null,"registrationTime":"2024-05-24T05:46:29.664-07:00","confirmEmailStatus":null,"registrationAccessLevel":null,"ssoRegistrationFields":[]},"deleted":false,"email":"","avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/dS0yLUVFRzh2WA?image-coordinates=867%2C1707%2C2734%2C3574"},"rank":{"__ref":"Rank:rank:1"},"messagesCount":266,"kudosGivenCount":637,"kudosReceivedCount":314,"kudosWeight":1,"ssoId":null,"followersCount":null,"solutionsCount":4,"entityType":"USER","eventPath":"community:dnvaw96485/user:2"},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bi00MC1OTnpYNjc\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bi00MC1OTnpYNjc","mimeType":"image/svg+xml"},"ForumTopicMessage:message:1525":{"__typename":"ForumTopicMessage","uid":1525,"subject":"💻🔐 Study Group Announcement - Offensive Cybersecurity Lab Chosen! 💻🔐","id":"message:1525","revisionNum":1,"repliesCount":9,"author":{"__ref":"User:user:2"},"depth":0,"hasGivenKudo":false,"board":{"__ref":"Forum:board:community-forum"},"conversation":{"__ref":"Conversation:conversation:1525"},"moderationData":{"__ref":"ModerationData:moderation_data:1525"},"postTime":"2025-02-03T04:55:35.135-08:00","lastPublishTime":"2025-02-03T04:55:35.135-08:00","readOnly":false,"metrics":{"__typename":"MessageMetrics","views":226},"placeholder":false,"originalMessageForPlaceholder":null,"isEscalated":null,"entityType":"FORUM_TOPIC","eventPath":"category:welcome/community:dnvaw96485board:community-forum/message:1525"},"Conversation:conversation:1525":{"__typename":"Conversation","id":"conversation:1525","solved":false,"topic":{"__ref":"ForumTopicMessage:message:1525"},"lastPostingActivityTime":"2025-02-07T01:43:59.403-08:00","lastPostTime":"2025-02-07T01:43:59.403-08:00"},"ModerationData:moderation_data:1525":{"__typename":"ModerationData","id":"moderation_data:1525","status":"APPROVED","rejectReason":null},"RelatedContentMessage:RelatedContentMessage:1525":{"__typename":"RelatedContentMessage","id":"RelatedContentMessage:1525","relatedMessage":{"__ref":"ForumTopicMessage:message:1525"}},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstMjUteWJYNnRZ\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstMjUteWJYNnRZ","height":32,"width":32,"mimeType":"image/png"},"Rank:rank:25":{"__typename":"Rank","id":"rank:25","position":3,"name":"Immerser","color":"4563FF","icon":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstMjUteWJYNnRZ\"}"},"rankStyle":"FILLED"},"User:user:17":{"__typename":"User","id":"user:17","uid":17,"login":"BenMcCarthy","biography":null,"registrationData":{"__typename":"RegistrationData","status":null,"registrationTime":"2024-05-30T02:13:48.904-07:00","confirmEmailStatus":null,"registrationAccessLevel":null,"ssoRegistrationFields":[]},"deleted":false,"email":"","avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/dS0xNy1CUjc1Znk?image-coordinates=0%2C333%2C3024%2C3357"},"rank":{"__ref":"Rank:rank:25"},"messagesCount":40,"kudosGivenCount":10,"kudosReceivedCount":67,"kudosWeight":1,"ssoId":null,"followersCount":null,"solutionsCount":1,"entityType":"USER","eventPath":"community:dnvaw96485/user:17"},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bi00OS1vdVVFbDU\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bi00OS1vdVVFbDU","mimeType":"image/svg+xml"},"BlogTopicMessage:message:1768":{"__typename":"BlogTopicMessage","uid":1768,"subject":"Reverse Engineering SmokeLoader: An In-Depth Analysis (Stage 1)","id":"message:1768","revisionNum":4,"repliesCount":0,"author":{"__ref":"User:user:17"},"depth":0,"hasGivenKudo":false,"board":{"__ref":"Blog:board:the-human-connection-blog"},"conversation":{"__ref":"Conversation:conversation:1768"},"coverImage":{"__typename":"UploadedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNzY4LVBsY2NXSQ?revision=4"},"coverImageProperties":{"__typename":"CoverImageProperties","style":"STANDARD","titlePosition":"BOTTOM","altText":""},"contentWorkflow":{"__typename":"ContentWorkflow","state":"PUBLISH","scheduledPublishTime":null,"scheduledTimezone":null,"shortScheduledTimezone":null,"userContext":{"__typename":"MessageWorkflowContext","canSubmitForReview":null,"canEdit":false,"canRecall":null,"canSubmitForPublication":null,"canReturnToAuthor":null,"canPublish":null,"canReturnToReview":null,"canSchedule":false}},"moderationData":{"__ref":"ModerationData:moderation_data:1768"},"teaser@stripHtml({\"removeProcessingText\":false,\"truncateLength\":200})":"","postTime":"2025-03-07T07:05:42.572-08:00","lastPublishTime":"2025-03-07T07:05:42.572-08:00","readOnly":false,"introduction":"","metrics":{"__typename":"MessageMetrics","views":63},"placeholder":false,"originalMessageForPlaceholder":null,"entityType":"BLOG_ARTICLE","eventPath":"category:blogs/community:dnvaw96485board:the-human-connection-blog/message:1768"},"Conversation:conversation:1768":{"__typename":"Conversation","id":"conversation:1768","solved":false,"topic":{"__ref":"BlogTopicMessage:message:1768"},"lastPostingActivityTime":"2025-03-07T07:05:42.572-08:00","lastPostTime":"2025-03-07T07:05:42.572-08:00"},"ModerationData:moderation_data:1768":{"__typename":"ModerationData","id":"moderation_data:1768","status":"APPROVED","rejectReason":null},"RelatedContentMessage:RelatedContentMessage:1768":{"__typename":"RelatedContentMessage","id":"RelatedContentMessage:1768","relatedMessage":{"__ref":"BlogTopicMessage:message:1768"}},"QueryVariables:TopicReplyList:message:758:1":{"__typename":"QueryVariables","id":"TopicReplyList:message:758:1","value":{"id":"message:758","first":10,"sorts":{"kudosSumWeight":{"direction":"DESC","order":0},"postTime":{"direction":"ASC","order":1}},"repliesFirst":3,"repliesFirstDepthThree":1,"repliesSorts":{"kudosSumWeight":{"direction":"DESC","order":0},"postTime":{"direction":"ASC","order":1}},"useAvatar":true,"useAuthorLogin":true,"useAuthorRank":true,"useBody":true,"useKudosCount":true,"useTimeToRead":false,"useMedia":false,"useReadOnlyIcon":false,"useRepliesCount":true,"useSearchSnippet":false,"useAcceptedSolutionButton":true,"useSolvedBadge":false,"useAttachments":false,"attachmentsFirst":5,"useTags":true,"useNodeAncestors":false,"useUserHoverCard":false,"useNodeHoverCard":false,"useModerationStatus":true,"usePreviewSubjectModal":false,"useMessageStatus":true}},"ROOT_MUTATION":{"__typename":"Mutation"},"CachedAsset:text:en_US-components/community/Navbar-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/community/Navbar-1740587331000","value":{"community":"Community Home","inbox":"Inbox","manageContent":"Manage Content","tos":"Terms of Service","forgotPassword":"Forgot Password","themeEditor":"Theme Editor","edit":"Edit Navigation Bar","skipContent":"Skip to content","migrated-link-9":"Events","external-1":"Help Centre","migrated-link-7":"Customer Stories Blog","migrated-link-8":"SME Blog","customer-blog":"Product Updates","migrated-link-1":"Community Blog","the-human-connection-blog":"Human Connection Blog","migrated-link-2":"Community Forum","Common-external-link":"Community Challenge","migrated-link-0":"Community","migrated-link-5":"Customer Blog","migrated-link-6":"Cyber Threat Research Blog","migrated-link-3":"Help","migrated-link-4":"Learn","cyber-countdown-link":"Cyber Countdown","migrated-link-14":"Cyber Million Blog","migrated-link-15":"Cyber Million Website","migrated-link-12":"Cyber Million","migrated-link-13":"Ask a Question","welcome":"Get Started","external-3":"Answer Questions","external-2":"Answer Questions","migrated-link-10":"Customer Events","migrated-link-11":"Community Events","cybertrust-massachusetts-link":"CyberTrust Massachusetts","get-started-link":"Get Started","help":"Ask a Question","external":"Immersive Blog"},"localOverride":false},"CachedAsset:text:en_US-components/community/NavbarHamburgerDropdown-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/community/NavbarHamburgerDropdown-1740587331000","value":{"hamburgerLabel":"Side Menu"},"localOverride":false},"CachedAsset:text:en_US-components/community/BrandLogo-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/community/BrandLogo-1740587331000","value":{"logoAlt":"Khoros","themeLogoAlt":"Brand Logo"},"localOverride":false},"CachedAsset:text:en_US-components/community/NavbarTextLinks-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/community/NavbarTextLinks-1740587331000","value":{"more":"More"},"localOverride":false},"CachedAsset:text:en_US-components/search/SpotlightSearchIcon-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/search/SpotlightSearchIcon-1740587331000","value":{"search":"Search"},"localOverride":false},"CachedAsset:text:en_US-components/authentication/AuthenticationLink-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/authentication/AuthenticationLink-1740587331000","value":{"title.login":"Sign In","title.registration":"Register","title.forgotPassword":"Forgot Password","title.multiAuthLogin":"Sign In"},"localOverride":false},"CachedAsset:text:en_US-components/nodes/NodeLink-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/nodes/NodeLink-1740587331000","value":{"place":"Place {name}"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageView/MessageViewStandard-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageView/MessageViewStandard-1740587331000","value":{"anonymous":"Anonymous","author":"{messageAuthorLogin}","authorBy":"{messageAuthorLogin}","board":"{messageBoardTitle}","replyToUser":" to {parentAuthor}","showMoreReplies":"Show More","replyText":"Reply","repliesText":"Replies","markedAsSolved":"Marked as Solved","movedMessagePlaceholder.BLOG":"{count, plural, =0 {This comment has been} other {These comments have been} }","movedMessagePlaceholder.TKB":"{count, plural, =0 {This comment has been} other {These comments have been} }","movedMessagePlaceholder.FORUM":"{count, plural, =0 {This reply has been} other {These replies have been} }","movedMessagePlaceholder.IDEA":"{count, plural, =0 {This comment has been} other {These comments have been} }","movedMessagePlaceholder.OCCASION":"{count, plural, =0 {This comment has been} other {These comments have been} }","movedMessagePlaceholderUrlText":"moved.","messageStatus":"Status: ","statusChanged":"Status changed: {previousStatus} to {currentStatus}","statusAdded":"Status added: {status}","statusRemoved":"Status removed: {status}","labelExpand":"expand replies","labelCollapse":"collapse replies","unhelpfulReason.reason1":"Content is outdated","unhelpfulReason.reason2":"Article is missing information","unhelpfulReason.reason3":"Content is for a different Product","unhelpfulReason.reason4":"Doesn't match what I was searching for"},"localOverride":false},"CachedAsset:text:en_US-components/messages/ThreadedReplyList-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/ThreadedReplyList-1740587331000","value":{"title":"{count, plural, one{# Reply} other{# Replies}}","title@board:BLOG":"{count, plural, one{# Comment} other{# Comments}}","title@board:TKB":"{count, plural, one{# Comment} other{# Comments}}","title@board:IDEA":"{count, plural, one{# Comment} other{# Comments}}","title@board:OCCASION":"{count, plural, one{# Comment} other{# Comments}}","noRepliesTitle":"No Replies","noRepliesTitle@board:BLOG":"No Comments","noRepliesTitle@board:TKB":"No Comments","noRepliesTitle@board:IDEA":"No Comments","noRepliesTitle@board:OCCASION":"No Comments","noRepliesDescription":"Be the first to reply","noRepliesDescription@board:BLOG":"Be the first to comment","noRepliesDescription@board:TKB":"Be the first to comment","noRepliesDescription@board:IDEA":"Be the first to comment","noRepliesDescription@board:OCCASION":"Be the first to comment","messageReadOnlyAlert:BLOG":"Comments have been turned off for this post","messageReadOnlyAlert:TKB":"Comments have been turned off for this article","messageReadOnlyAlert:IDEA":"Comments have been turned off for this idea","messageReadOnlyAlert:FORUM":"Replies have been turned off for this discussion","messageReadOnlyAlert:OCCASION":"Comments have been turned off for this event"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageReplyCallToAction-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageReplyCallToAction-1740587331000","value":{"leaveReply":"Leave a reply...","leaveReply@board:BLOG@message:root":"Leave a comment...","leaveReply@board:TKB@message:root":"Leave a comment...","leaveReply@board:IDEA@message:root":"Leave a comment...","leaveReply@board:OCCASION@message:root":"Leave a comment...","repliesTurnedOff.FORUM":"Replies are turned off for this topic","repliesTurnedOff.BLOG":"Comments are turned off for this topic","repliesTurnedOff.TKB":"Comments are turned off for this topic","repliesTurnedOff.IDEA":"Comments are turned off for this topic","repliesTurnedOff.OCCASION":"Comments are turned off for this topic","infoText":"Stop poking me!"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/common/QueryHandler-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/common/QueryHandler-1740587331000","value":{"title":"Query Handler"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/common/BuildInformation-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/common/BuildInformation-1740587331000","value":{"buildHash":"Build Hash: {buildHash}","buildNumber":"Build Number: {buildNumber}","buildTime":"Build Time: {buildTime}"},"localOverride":false},"CachedAsset:text:en_US-components/community/KhorosLogo-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/community/KhorosLogo-1740587331000","value":{"alt":"Powered By Khoros"},"localOverride":false},"User:user:5":{"__typename":"User","id":"user:5","uid":5,"login":"KieranRowley","biography":null,"registrationData":{"__typename":"RegistrationData","status":null,"registrationTime":"2024-05-24T06:50:29.451-07:00"},"deleted":false,"email":"","avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/dS01LWhuekFHMw?image-coordinates=0%2C0%2C656%2C656"},"rank":{"__ref":"Rank:rank:1"},"entityType":"USER","eventPath":"community:dnvaw96485/user:5"},"ModerationData:moderation_data:759":{"__typename":"ModerationData","id":"moderation_data:759","status":"APPROVED","rejectReason":null,"isReportedAbuse":false,"rejectUser":null,"rejectTime":null,"rejectActorType":null},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstMjYtcGI5djVV\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstMjYtcGI5djVV","height":32,"width":32,"mimeType":"image/png"},"Rank:rank:26":{"__typename":"Rank","id":"rank:26","position":2,"name":"Community Support","color":"4563FF","icon":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/cmstMjYtcGI5djVV\"}"},"rankStyle":"FILLED"},"User:user:24":{"__typename":"User","id":"user:24","uid":24,"login":"ChrisKershaw","biography":null,"registrationData":{"__typename":"RegistrationData","status":null,"registrationTime":"2024-05-30T07:54:11.369-07:00"},"deleted":false,"email":"","avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/dS0yNC1nR21GY0w?image-coordinates=0%2C77%2C240%2C317"},"rank":{"__ref":"Rank:rank:26"},"entityType":"USER","eventPath":"community:dnvaw96485/user:24"},"ForumReplyMessage:message:759":{"__typename":"ForumReplyMessage","uid":759,"id":"message:759","revisionNum":1,"author":{"__ref":"User:user:5"},"readOnly":false,"repliesCount":4,"depth":1,"hasGivenKudo":false,"subscribed":false,"board":{"__ref":"Forum:board:help"},"parent":{"__ref":"ForumTopicMessage:message:758"},"conversation":{"__ref":"Conversation:conversation:758"},"subject":"Re: Reverse Engineering (Offensive) JavaScript Analysis: JSDetox","moderationData":{"__ref":"ModerationData:moderation_data:759"},"body":"
I think this tool is both overrated and abandoned, and at first I thought it would do some magic. I waited dozens of minutes for \"Analyze\" to do something, before I aborted these attempts. It's much easier to load the HTML file into the browser and then \"Copy -> Inner HTML\" to get the decoded scripts (JSDETOX has a nice formatter, but that's it). Not a single edit needed.
I couldn't understand Q4: \"Which packet number corresponds to the site that is 302 redirected to (and which hosts the malware where you start analysis)?\", it's not clear what you want. And since it's not a Wireshark lab, it might be just written as: \"Identify the server where the malware is downloaded from, and as answer enter the number of the first frame with a http response code from that server.\"
I think this tool is both overrated and abandoned, and at first I thought it would do some magic. I waited dozens of minutes for \"Analyze\" to do something, before I aborted these attempts. It's much easier to load the HTML file into the browser and then \"Copy -> Inner HTML\" to get the decoded scripts (JSDETOX has a nice formatter, but that's it). Not a single edit needed.
I couldn't understand Q4: \"Which packet number corresponds to the site that is 302 redirected to (and which hosts the malware where you start analysis)?\", it's not clear what you want. And since it's not a Wireshark lab, it might be just written as: \"Identify the server where the malware is downloaded from, and as answer enter the number of the first frame with a http response code from that server.\"
Hey netcat we have discussed your feedback internally and are in agreement with many of your comments. This is an older lab that no longer meets our quality standards and we are therefore going to uplift this lab and change some of the wording to make it clearer.
Hey we have discussed your feedback internally and are in agreement with many of your comments. This is an older lab that no longer meets our quality standards and we are therefore going to uplift this lab and change some of the wording to make it clearer.
Oh yeah...just the last question in \"Practical Malware Analysis: Static Analysis\" is a little bit confusing: \"What native Microsoft service is this malware trying to masquerade as with a legitimate seeming name and a reference to a file path that can be used for persistence? (Hint: Review the briefing panel for information on how to override a function signature.)\". \"file path\"...turns out to be a \"file name\"
Oh yeah...just the last question in \"Practical Malware Analysis: Static Analysis\" is a little bit confusing: \"What native Microsoft service is this malware trying to masquerade as with a legitimate seeming name and a reference to a file path that can be used for persistence? (Hint: Review the briefing panel for information on how to override a function signature.)\". \"file path\"...turns out to be a \"file name\"
What is the answer for this I am stuck with this question and question 12th of this lab.
","images":{"__typename":"AssociatedImageConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"timeToRead":1,"currentRevision":{"__ref":"Revision:revision:1496_1"},"latestVersion":null,"messagePolicies":{"__typename":"MessagePolicies","canModerateSpamMessage":{"__typename":"PolicyResult","failureReason":{"__typename":"FailureReason","message":"error.lithium.policies.feature.moderation_spam.action.moderate_entity.allowed.accessDenied","key":"error.lithium.policies.feature.moderation_spam.action.moderate_entity.allowed.accessDenied","args":[]}}}},"QueryVariables:MessageSolutions":{"__typename":"QueryVariables","id":"MessageSolutions","value":{"first":10,"constraints":{"topicId":{"eq":"message:758"},"solution":{"eq":true}},"sorts":{"postTime":{"direction":"ASC"}},"useAvatar":true,"useAuthorLogin":true,"useAuthorRank":false,"useBody":true,"useKudosCount":false,"useTimeToRead":false,"useMedia":true,"useRepliesCount":false,"useSearchSnippet":false,"useAcceptedSolutionButton":true,"useSolvedBadge":false,"useAttachments":true,"useTags":false,"useUserHoverCard":false,"useNodeHoverCard":false,"usePreviewSubjectModal":false,"useMessageStatus":false}},"CachedAsset:text:en_US-components/community/NavbarDropdownToggle-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/community/NavbarDropdownToggle-1740587331000","value":{"ariaLabelClosed":"Press the down arrow to open the menu"},"localOverride":false},"CachedAsset:text:en_US-components/messages/EscalatedMessageBanner-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/EscalatedMessageBanner-1740587331000","value":{"escalationMessage":"Escalated to Salesforce by {username} on {date}","viewDetails":"View Details","modalTitle":"Case Details","escalatedBy":"Escalated by: ","escalatedOn":"Escalated on: ","caseNumber":"Case Number: ","status":"Status: ","lastUpdateDate":"Last Update: ","automaticEscalation":"automatic escalation","anonymous":"Anonymous"},"localOverride":false},"CachedAsset:text:en_US-components/users/UserLink-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/users/UserLink-1740587331000","value":{"authorName":"View Profile: {author}","anonymous":"Anonymous"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/users/UserRank-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/users/UserRank-1740587331000","value":{"rankName":"{rankName}","userRank":"Author rank {rankName}"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageTime-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageTime-1740587331000","value":{"postTime":"Published: {time}","lastPublishTime":"Last Update: {time}","conversation.lastPostingActivityTime":"Last posting activity time: {time}","conversation.lastPostTime":"Last post time: {time}","moderationData.rejectTime":"Rejected time: {time}"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageSolvedBadge-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageSolvedBadge-1740587331000","value":{"solved":"Solved"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageSubject-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageSubject-1740587331000","value":{"noSubject":"(no subject)"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageBody-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageBody-1740587331000","value":{"showMessageBody":"Show More","mentionsErrorTitle":"{mentionsType, select, board {Board} user {User} message {Message} other {}} No Longer Available","mentionsErrorMessage":"The {mentionsType} you are trying to view has been removed from the community.","videoProcessing":"Video is being processed. Please try again in a few minutes.","bannerTitle":"Video provider requires cookies to play the video. Accept to continue or {url} it directly on the provider's site.","buttonTitle":"Accept","urlText":"watch"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageCustomFields-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageCustomFields-1740587331000","value":{"CustomField.default.label":"Value of {name}"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageReplyButton-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageReplyButton-1740587331000","value":{"repliesCount":"{count}","title":"Reply","title@board:BLOG@message:root":"Comment","title@board:TKB@message:root":"Comment","title@board:IDEA@message:root":"Comment","title@board:OCCASION@message:root":"Comment"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageSolutionList-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageSolutionList-1740587331000","value":{"emptyDescription":"No has been message solutions yet"},"localOverride":false},"CachedAsset:text:en_US-components/messages/AcceptedSolutionButton-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/AcceptedSolutionButton-1740587331000","value":{"accept":"Mark as Solution","accepted":"Marked as Solution","errorHeader":"Error!","errorAdd":"There was an error marking as solution.","errorRemove":"There was an error unmarking as solution.","solved":"Solved","topicAlreadySolvedErrorTitle":"Solution Already Exists","topicAlreadySolvedErrorDesc":"Refresh the browser to view the existing solution"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/common/Pager/PagerLoadMore-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/common/Pager/PagerLoadMore-1740587331000","value":{"loadMore":"Show More"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageView/MessageViewInline-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageView/MessageViewInline-1740587331000","value":{"bylineAuthor":"{bylineAuthor}","bylineBoard":"{bylineBoard}","anonymous":"Anonymous","place":"Place {bylineBoard}","gotoParent":"Go to parent {name}"},"localOverride":false},"Revision:revision:1028_1":{"__typename":"Revision","id":"revision:1028_1","lastEditTime":"2024-11-12T09:11:02.763-08:00"},"Revision:revision:782_3":{"__typename":"Revision","id":"revision:782_3","lastEditTime":"2024-10-25T04:16:39.081-07:00"},"Revision:revision:781_1":{"__typename":"Revision","id":"revision:781_1","lastEditTime":"2024-10-25T03:34:22.125-07:00"},"Revision:revision:759_1":{"__typename":"Revision","id":"revision:759_1","lastEditTime":"2024-10-23T09:29:16.843-07:00"},"Revision:revision:1496_1":{"__typename":"Revision","id":"revision:1496_1","lastEditTime":"2025-02-01T08:08:20.013-08:00"},"Revision:revision:1041_1":{"__typename":"Revision","id":"revision:1041_1","lastEditTime":"2024-11-13T10:34:12.839-08:00"},"Revision:revision:1027_1":{"__typename":"Revision","id":"revision:1027_1","lastEditTime":"2024-11-12T07:52:57.429-08:00"},"Revision:revision:1037_1":{"__typename":"Revision","id":"revision:1037_1","lastEditTime":"2024-11-13T03:31:33.043-08:00"},"ForumReplyMessage:message:786":{"__typename":"ForumReplyMessage","uid":786,"id":"message:786","revisionNum":1,"author":{"__ref":"User:user:24"},"readOnly":false},"ModerationData:moderation_data:790":{"__typename":"ModerationData","id":"moderation_data:790","status":"APPROVED","rejectReason":null,"isReportedAbuse":false,"rejectUser":null,"rejectTime":null,"rejectActorType":"member"},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS03OTAtWkZaczZV?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS03OTAtWkZaczZV?revision=3","title":"Screenshot 2024-10-27 at 12.18.19.png","associationType":"BODY","width":2646,"height":854,"altText":""},"AcceptedSolutionMessage:message:790":{"__typename":"AcceptedSolutionMessage","author":{"__ref":"User:user:256"},"id":"message:790","revisionNum":3,"uid":790,"depth":5,"hasGivenKudo":false,"subscribed":false,"board":{"__ref":"Forum:board:help"},"parent":{"__ref":"ForumReplyMessage:message:786"},"conversation":{"__ref":"Conversation:conversation:758"},"subject":"Re: Reverse Engineering (Offensive) JavaScript Analysis: JSDetox","moderationData":{"__ref":"ModerationData:moderation_data:790"},"body":"
I was able to complete the lab however I think lab needs some improvement
For Q3, you need to look into the obfuscated code, before applying applying any deobfuscating steps For Q8, the data analyze tool in the lab does not work. Use CyberChef or something else, it is very misleading if you assume it works and you are missing something.
I was able to complete the lab however I think lab needs some improvement
For Q3, you need to look into the obfuscated code, before applying applying any deobfuscating steps For Q8, the data analyze tool in the lab does not work. Use CyberChef or something else, it is very misleading if you assume it works and you are missing something.
JSDetox error
","kudosSumWeight":1,"repliesCount":0,"timeToRead":1,"currentRevision":{"__ref":"Revision:revision:790_3"},"latestVersion":null,"visibilityScope":"PUBLIC","messagePolicies":{"__typename":"MessagePolicies","canModerateSpamMessage":{"__typename":"PolicyResult","failureReason":{"__typename":"FailureReason","message":"error.lithium.policies.feature.moderation_spam.action.moderate_entity.allowed.accessDenied","key":"error.lithium.policies.feature.moderation_spam.action.moderate_entity.allowed.accessDenied","args":[]}}}},"CachedAsset:text:en_US-shared/client/components/users/UserAvatar-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/users/UserAvatar-1740587331000","value":{"altText":"{login}'s avatar","altTextGeneric":"User's avatar"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/ranks/UserRankLabel-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/ranks/UserRankLabel-1740587331000","value":{"altTitle":"Icon for {rankName} rank"},"localOverride":false},"Revision:revision:790_3":{"__typename":"Revision","id":"revision:790_3","lastEditTime":"2024-10-27T02:28:44.042-07:00"},"CachedAsset:text:en_US-components/tags/TagView/TagViewChip-1740587331000":{"__typename":"CachedAsset","id":"text:en_US-components/tags/TagView/TagViewChip-1740587331000","value":{"tagLabelName":"Tag name {tagName}"},"localOverride":false}}}},"page":"/forums/ForumMessagePage/ForumMessagePage","query":{"boardId":"help","messageSubject":"reverse-engineering-offensive-javascript-analysis-jsdetox","messageId":"758"},"buildId":"q_bLpq2mflH0BeZigxpj6","runtimeConfig":{"buildInformationVisible":false,"logLevelApp":"info","logLevelMetrics":"info","openTelemetryClientEnabled":false,"openTelemetryConfigName":"immersivelabs","openTelemetryServiceVersion":"25.2.0","openTelemetryUniverse":"prod","openTelemetryCollector":"http://localhost:4318","openTelemetryRouteChangeAllowedTime":"5000","apolloDevToolsEnabled":false,"inboxMuteWipFeatureEnabled":false},"isFallback":false,"isExperimentalCompile":false,"dynamicIds":["./components/seo/QAPageSchema/QAPageSchema.tsx","./components/community/Navbar/NavbarWidget.tsx","./components/community/Breadcrumb/BreadcrumbWidget.tsx","./components/messages/TopicWithThreadedReplyListWidget/TopicWithThreadedReplyListWidget.tsx","./components/featured/places/FeaturedPlacesWidget/FeaturedPlacesWidget.tsx","./components/messages/RelatedContentWidget/RelatedContentWidget.tsx","./components/messages/MessageListForNodeByRecentActivityWidget/MessageListForNodeByRecentActivityWidget.tsx","./components/community/FooterWidget/FooterWidget.tsx","./components/customComponent/CustomComponent/CustomComponent.tsx","./components/messages/MessageView/MessageViewStandard/MessageViewStandard.tsx","./components/messages/ThreadedReplyList/ThreadedReplyList.tsx","./components/community/FooterWidgetHelpLink/FooterWidgetHelpLink.tsx","./components/community/KhorosLogo/KhorosLogo.tsx","../shared/client/components/common/List/UnstyledList/UnstyledList.tsx","./components/messages/MessageView/MessageView.tsx","../shared/client/components/common/Pager/PagerLoadMore/PagerLoadMore.tsx","./components/messages/MessageView/MessageViewInline/MessageViewInline.tsx","../shared/client/components/common/List/ListGroup/ListGroup.tsx","./components/customComponent/CustomComponentContent/TemplateContent.tsx","../shared/client/components/common/List/UnwrappedList/UnwrappedList.tsx","./components/tags/TagView/TagView.tsx","./components/tags/TagView/TagViewChip/TagViewChip.tsx"],"appGip":true,"scriptLoader":[]}
Bronze III
