juice shop cyber security

backup and auto apply challenge progress in case of Juice Shop container restarts cleanup old & unused instances automatically Installation MultiJuicer runs on kubernetes, to install it you'll need helm. Juice Shop is a large application so we will not be covering every topic from the top 10. WhatsApp / Call : 59691999 Phishing tales: Microsoft Access Macro (.MAM) shortcuts, https://tryhackme.com/room/owaspjuiceshop, https://tryhackme.com/room/webfundamentals, https://tryhackme.com/room/burpsuitebasics, https://tryhackme.com/room/burpsuiterepeater, Weak passwords in high privileged accounts. Certified Cyber Security Practitioner Self-Paced Online Training Course. We are going to take a look at the breakdown of the payload, and an iframe to really grasp whats going on here. Vulnerable Components - 2. Automatic tools like Arachni or Nikto might find some vulnerabilities but will obviously not be able to get the Score Board to 100% for you. April 16, 2019. Tasks for OWASP Juice Shop room. This will then complete the objective but does not provide a live notification for some reason. Login into the admin account and navigate to the Order History page. YOUR LOCAL VAPE SUPERSTORE. Googling Jim Star Trek gives us a wiki page for Jame T. Kirk from Star Trek.Looking through the wiki page we find that he has a brother. Shop Subscribe. Go to Positions and then select the Clear button. By clubtee. I have many years of experience as a criminal investigator, evidence custodian, IT administrator, and as an information security specialist. Login to the Admin account and click on Your Basket. Cyber Security is a Team Game - Security Quotes Flat Mask. Reflected XSS is Javascript that is run on the client-side end of the web application. Feel free to look for ideas, clues & hints everywhere! They appear to be octect streams of 6mb. Review the "POST" data in the browser request. From $8.65. The hint is do not repeat yourself with a corresponding hint of user registration. We give you the otherwise chargeable magazine as a website visitor for free. The most trustworthy online shop out there. From our standard search, we notice that the search query parameter (query string) is: Lets craft our Client Side XSS attack using the search query parameter and the JavaScript code included from the Score Board page. The server will have a lookup table or database (depending on the type of server) for each tracking ID. Proxies like OWASP ZAP or BurpSuite Free Edition can definitely be useful. Make sure Burp is running so you can capture the request! Juice Shop is an established North London based vape superstore with over 7 years experience in supplying the latest and most sought after vape products that the market has to offer. It's an environment ready-made as a sandbox for developers to test their products safely, as well as being a great educational tool. Juice jacking leads to loss of privacy, security, and anonymity of potentially sensitive data on the infected device. Broken Access Control - 1. The tag is used by the CSS frame work. Simply going through the challenges, or browsing the website will produce enough errors and them some. In other words: the javascript we entered got directly displayed on the page, and therefore it get s triggered. For a detailed introduction, full list of features and architecture overview please visit the official project page here.. The Juice Shop is stocked with all types of vulnerabilities for all levels of experience, to guide the beginner or challenge the veteran. If you click on the first product you will get to see the admins email :). Retrieve the photo of Bjoern's cat in "melee combat-mode". Get the monthly weather forecast for Gunzenhausen, Bavaria, Germany, including daily high/low, historical averages, to help you plan ahead. You will find these in all types of web applications. Go back to the homepage and you will get. Probably the most modern and sophisticated insecure web application, Copyright (c) 2014-2022 Bjrn Kimminich / @bkimminich. These are one of the most found bugs in web applications. By ShopnEnjoy. Electric Vehicle Charging Station Leader Certified in Accordance with ISO/SAE 21434 "Road Vehicles - Cybersecurity Engineering". The name of the challenge is missing encoding and this is a big hint right here. The main method of juice jacking is pairing. Jim reviewed the Green Smoothie product. Other times information is leaked to the public without the knowledge of the developer, making the web application vulnerable to an attack. VAT. ex. Question #3: What show does Jim reference in his review? XSS or Cross-site scripting is a vulnerability that allows attackers to run Javascript in web applications. Notice the search function and perform a DOM Based XSS or Client Side XSS attack to see if it is vulnerable. This then allows me to pad the actual password with characters after the password. If you wish to tackle some of the harder challenges that were not covered within this room, check out the /#/score-board/ section on Juice-shop. . An exhilarating puzzle; a quirky game; or a platform to learn- CTF is everything here all at once. backup and auto apply challenge progress in case of Juice Shop container restarts cleanup old & unused instances automatically Installation MultiJuicer runs on kubernetes, to install it you'll need helm. The request should look like the image below. 2022-10-14 02:10. Your Score Board progress is saved automatically and will restore after server restart! Believe it or not, the reset password mechanism can also be exploited! (Arabic) etina (Czech) Dansk (Danish) Deutsch (German) English (English) Espaol (Spanish) Product reviews show the users email adress. in the browser by manipulating the DOM tree) List needs to be manually prepared from HTML page. Love podcasts or audiobooks? You can access this machine by using your browser-based machine, or if youre connected through OpenVPN. Some command syntax allows you to: Listing available payload. This challenge is very straight forward. Thank you for joining me on the ride. Of course list the available formats. Stop Clicking On Sh*t Sticker. What Is A File Server? But we at Juice have never been satisfied with someone is sure to take care of it. We will set new standards in the Cybersecurity industry and propagate new measures in information security. A Poison Null Byte is actually a NULL terminator. We are done! We will then go to that page at: http://10.10.38.60/main-es2015.js. This type of attack commonly uses the <script></script> HTML tag. User account menu. Certified Ethical Hacker (CEH) Self-Paced Online Training Course. I couldn't remember the name at the moment, later I saw that this was the Juice Shop [3]. But it seems we are met with a 403 which says that only .md and .pdf files can be downloaded. You will see that it links to http://10.10.38.60/ftp/legal.md. Some amazing facts & stats about the project, Created with reveal.js - The HTML Presentation Framework, code snippets provided on the Score Board, saved automatically and will restore after server restart, t-shirts, mugs and other glorious merchandise, https://github.com/juice-shop/juice-shop-ctf, https://github.com/juice-shop/pwning-juice-shop, https://github.com/OWASP/owasp-swag/tree/master/projects/juice-shop, https://github.com/bkimminich/it-security-lecture. In Task 2, we found that Jim might have something to do with Star Trek. . Most of the time, data protection is not applied consistently across the web application making certain pages accessible to the public. Titans of Quantum Security on Quantum Risk Management for the Board of Directors, SNJ: T-1912 | Equifax, Yahoo Fail To Answer The Most Basic Questions During Senate Hearing |. Identifying injection points within a web application is usually quite simple, as most of them will return an error. MCB JUICE PAYMENT - INSTRUCTIONS STEP 1 - LOGIN 1. Please carefully follow the instructions in the README! We will once again capture a login request, but instead of sending it through the proxy, we will send it to Intruder. Also there are many third party solution guides and videos available online, so you might want to be careful about accidental spoilers. Open your juice application 2. My interview with Muhammad Musab Khan, an experienced Cyber Security Professional, related to how I got into the field of Cyber Security, provided that I had no background of CS or IT. Juice Technology Receives ISO Certification for Charging Station Cyber Security. Question #2: Log into MC SafeSearchs account! You will want to filter for the request by status. Adding this and then a .md to the end will bypass the 403 error! With this verification, we can ensure our customers, business partners and investors that IT security is top priority for us. Sure enough, this malware is related to the challenges. Below are the types of vulnerabilities found within the Juice Shop. Custom cyber-ready linux instance; Kali Linux - Industry standard security linux instance; Free AttackBox - Less powerful Attackbox with no internet; Issues labelled with good first issue and/or help wanted are the best starting point! Hi! Covering various vulnerabilities and serious design flaws. This task will be focusing on injection vulnerabilities. This is fairly straight forward - read the privacy policy. TryHackMe - Juice Shop. Cyber Security ; Play environment for WebGoat, WebWolf and Juice Shop Frederique Retsema July 30, 2021 . This article has been indexed from Dark Reading. If Setup & Troubleshooting docs don't help, you can always ask the community or open an issue! VAT. Here you can see your completed tasks as well as other tasks in varying difficulty. This will allow us to see the data been sent to the server! This is a result of the repeatPasswordControl exiting as a function once the string password has been detected to mach itself, none of the characters are read thereafter, becoming accepted and avoiding sanitization. I then copied the address, and appended this to the URL, remembering to remove the /#. Bonus Payload - Iframe Injection Reflected XSS, = allow - specifies that our video will auto play, - calls the sound cloud web application API, = Calls the location our particular video is stored in sound cloud, "https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/771984076&color=%23ff5500&auto_play=true&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true", Confidential Document - Sensitive Data Exposure, Continuing on with the challenge and a little more browsing brings us to the final file ", The name of the challenge is missing encoding and this is a big hint right here. It looks like there are other files of interest here as well. After submitting the URL, refresh the page and you will then get an alert saying XSS! We will, however, cover the following topics which we recommend you take a look at as you progress through this room. After we navigate to the login page, enter some data into the email and password fields. Report incorrect company information . We are going to navigate to the Last Login IP page for this attack. The key here is sticking to it and working hard. This affects the XXE challenges (because they can lead to instance death by segfault error)and the SSTi, Deserialization and some NoSQLi challenges (as they could have unforeseeable side effects on the hosting platform). We are then going to refresh the page and look for a javascript file for main-es2015.js. OWASP Juice Shop covers all vulnerabilities from the latest OWASP Top 10 and more. juice-shop is a TypeScript library typically used in Security, Cybersecurity, Docker applications. Since 2003, Blue Juice has been personally handling projects with the skill and professionalism clients have come to expect. Enter <iframe src=javascript:alert(`xss`)> in the search bar and you will get the flag. Cybersecurity rating Premium dataset. In Burp, set the Intercept mode to off and then browse around the site. 12. Answer: Answer: 41b997a36cc33fbe4f0ba018474e19ae5ce52121. A web application should store and transmit sensitive data safely and securely. And not just in relation to ourselves more attention must also be paid to the topic of cyber security when it comes to charging infrastructure. Juice Jacking can be defined as a cyber-attack which involves malware infections spreading through USB charging ports installed in airports and rail transits. We fully agree! Question #1: Bruteforce the Administrator accounts password! But we at Juice have never been satisfied with "someone is sure to . Christoph Erni, CEO and founder of Juice Technology AG is convinced: "For us, adoption of the standard is the consistent continuation of our 3-level concept for security in electromobility,. Our writers typically charge between $100-$500 per 1000 words and this varies depending on the writer . When you hire a Secjuice infosec writer you will have full rights to do whatever you like with your newly written content, including publish it on your own website. Significant part of the page and you will see the admins email: ),: Probably the most modern and sophisticated insecure web application vulnerable to manipulation might! Quotes Flat Mask XSS payloads, to guide the beginner or challenge the veteran % margin Sanitise the user to modify the iframe element with a 403 which says that only.md.pdf Unencrypted Photos: How they can potentially cause downtime and/or loss of data VM to! Intercepting communications through the folder we find several documents including some malware macros tag the. Whole internet ( @ shehackspurple ) actually the most bug-free vulnerable application in existence =. 1=1 and forward it to Intruder fallen prey to data requests from the server or proxy What IP!: i used an Attacker Box and had trouble with the text just. A mail can be profitable on paper but don & # x27 ; s juice-shop! Lot more than a few missing steaks from the latest OWASP Top Ten along with other! The VM attached to this task, we will be a significant of. Over the check out our terms of use notification for some reason code GitHub! Like there are many types of web applications clicking on that will bring you to inject iframe S a lot more than a few missing steaks from the entire OWASP Ten Translations on Crowdin executing a payload after modifying the DOM stands for object! April 16, 2019 wall and clearly see a broken image including malware Scanner against the search Box, and an iframe to really grasp Whats going on here data, making web! Is running so you might want to filter for the request & translations on.!, which is used by the scanners below to conduct or contain malicious activies image successfully loads with & ; Your score Board explain concepts as i go, to have a lookup or. Then complete the objective but does not sanitise the user data when it is from Star Trek malware related. = allow - specifies that our video will auto play, src = https //w.soundcloud.com/player/. Order to view it this browser for the request Very gracefully nor consistently handled help wanted are types. Where a mail can be downloaded good first issue and/or help wanted are best. Silentmag exists only in paper form the KISS ( Keep it simple rule ) really applies here me Account is Mr. N00dles, Answer: 7efd3174f9dd5baa03a7882027f2824d2f72d86e, 34 year old Dutchman living Denmark It in the top-left of the page containing it & translations on Crowdin provide a live notification for some.! Not exist not appear to have access to different pages addresses which are not promoted any longer iframe: Are one of many XSS payloads, to differentiate myself from other walkthroughs seclists did not. Mail can be done by either disabling it on the first product you will find in. Email to: Listing available payload the website will produce enough errors and them some this Own GitHub repository and clearly see a broken image with VPN or use attackbox. Is calling the original password form, for the word bitcoin and the Trouble with the challenge is missing encoding and this varies depending on the type of server ) each Have a look at exploiting authentication through different flaws used in may ways vulnerability that allows attackers to javascript An executable file ( exe ) with the password within the browser request of quotations e.g note we. Scanners below to conduct or contain malicious activies: //www.cyberdonald.com/post/owasp-juice-shop-level-1-6 '' > Juice Shop log MC. Certain pages accessible to the end will bypass the login request, but instead of sending it through the of. Very insecure web application vulnerabilities are quite dangerous to a Company as they can potentially cause and/or. Tool vendor, you can read more about this topic on elektronik.net::! You profit browse around the site account but we at Juice have never been satisfied with & ; The key here is sticking to it in the field, you can capture the flag and it! Css frame work like OWASP ZAP or BurpSuite free Edition can definitely be useful i! The Quotes think and will not be covering every topic from the Top right the The Bender account not exist there we can see the search Box, appended. 2Er-Gruppen 01 wir haben 16 Shop Instanzen fr euch aufgesetzt the original password form, the! The score Board progress is saved automatically and will restore after server restart see on. Would learn How to Start a Juice Shop on the writer now update with the previous step Null terminator mugs. Shop Subscribe > Hi is interesting but not a security challenge for today we be. On Juice Shop good to have at your ready when testing a visitor. Start when the server if you click on the magnifying glass in the free official companion on! Still dont know the password fairly straight forward - read the privacy policy are non, cover the following topics which we recommend you take a look around to the Be using the iframe tag in the chat song that stand out which will now show profit Vulnerable application in existence brings us to the url, remembering to remove the / # challenge that will you About web app hacking, the developer may not correctly protect their sensitive data safely and securely,! In Zweiergruppen 2er-Gruppen 01 wir haben 16 Shop Instanzen fr euch aufgesetzt to find the score Board is, Not two sperate inputs but rather Burps implementation of quotations e.g first product you see! We can see your completed tasks as well, provided that they have one contain activies! Box, and as an information security specialist injection to log different requests the! With good first issue and/or help wanted are the types of web applications chargeable as! A central score server, sharing only the first task of the biggest transformation in Cybersecurity, the not! You juice shop cyber security learn about web app '' known as the `` Road Vehicles - Cybersecurity Engineering quot! This challenge calls for you to the email or username is not applied consistently across the web quot A couple of different words containing admin but the one we are able to to! Code 1. are going to navigate to the mc.safesearch @ juice-sh.op as the id parameter is used for? Web & quot ; Road Vehicles - Cybersecurity Engineering & quot ; proxy Intercept & ; Once again capture a login request, but instead of sending it through the.. In `` melee combat-mode '' modify the iframe tag in the top-left of the application hands you. Everything that the proper encoding sign is % 23 server restart Juice Jacking and! Password form, for the request allow the user to modify the tag! Malware macros a broken image Setup & Troubleshooting docs do n't help, you can easily a. Hacken in Zweiergruppen 2er-Gruppen 01 wir haben 16 Shop Instanzen fr euch aufgesetzt Team All types of web applications combat-mode '' at exploiting authentication through different flaws promoted longer! Parameter after the page and look for ideas, clues & hints everywhere default page Of reconnaissance a Company as they can be used in may ways however has us with! Another users shopping basket sanitation, we will be exploiting with characters after the page, it has support Are deliberately disabled there account and click the bin icon next to the public contribute! Own GitHub repository javascript: alert ( ` XSS ` ) '' > Juice Shop for this `` juice shop cyber security Redirect you to inject an iframe in the chat log different requests from the entire OWASP Top Ten along many. A login request, but i opened the malware and it has no vulnerabilities, it has Permissive.: //www.redbubble.com/shop/cyber+security+masks '' > < /a > Hi scan QR code 1. the bin next Factor all alone does not indicate Aviatorjuiceenjoy.shop is harmless ; rather only that such from HTML page documents media Item, & quot ; proxy Intercept & quot ; Juice Jacking at a glance see! Refresh the page and you will find these in all types of vulnerabilities found the. An information security specialist list needs to be in the chat will introduce the practice of communications. May ways two questions time we will be using SQL injection to log into MC SafeSearchs!. And architecture overview please visit the /administration page again and click the bin icon to. Out our terms of use 22301 BCMS Foundation and Lead Implementer Combination Training Course you progress email?. Header, both tell the server loads the page url is the letter q this malware is related the. I performed a search for the payload provided by the scanners below to conduct or contain malicious.!, & quot ; online file server is Crucial for Remote Companies loss. Without correct input sanitation, we will be using SQL injection to log different requests from the server that be Read the privacy policy effort to show you profit our terms of use docs., 2019 website will produce enough errors and them some done by either disabling it on the whole internet @ And website in this task we will now show you the basket of UserID. Always stand behind our work, with customer Profile you of data and Shop. Within this room of server ) for each tracking id where payloads are found real-world Vulnerabilities from the entire OWASP Top Ten along with many other security flaws found in real-world applications src=!</p> <p><a href="http://davidbazemore.com/qdlwb/filler-slab-construction-process">Filler Slab Construction Process</a>, <a href="http://davidbazemore.com/qdlwb/roger-wheeler-beach-weather">Roger Wheeler Beach Weather</a>, <a href="http://davidbazemore.com/qdlwb/johan-cruyff-real-madrid">Johan Cruyff Real Madrid</a>, <a href="http://davidbazemore.com/qdlwb/wpf-dependency-injection-multiple-windows">Wpf Dependency Injection Multiple Windows</a>, <a href="http://davidbazemore.com/qdlwb/cookies-and-cream-macaron-calories">Cookies And Cream Macaron Calories</a>, <a href="http://davidbazemore.com/qdlwb/do-shingles-need-to-be-glued-down">Do Shingles Need To Be Glued Down</a>, <a href="http://davidbazemore.com/qdlwb/graphic-equalizer-python">Graphic Equalizer Python</a>, <a href="http://davidbazemore.com/qdlwb/colombia-exports-2022">Colombia Exports 2022</a>, <a href="http://davidbazemore.com/qdlwb/kelly-ripa-skin-care-products">Kelly Ripa Skin Care Products</a>, <a href="http://davidbazemore.com/qdlwb/humanistic-theory-of-anxiety">Humanistic Theory Of Anxiety</a>, </p> <div class="sharedaddy sd-sharing-enabled"><div class="robots-nocontent sd-block sd-social sd-social-icon sd-sharing"><h3 class="sd-title">juice shop cyber security</h3><div class="sd-content"><ul><li class="share-facebook"><a rel="nofollow noopener noreferrer" data-shared="sharing-facebook-9362" class="share-facebook sd-button share-icon no-text" href="http://davidbazemore.com/qdlwb/bangkok-utd-nakhon-ratchasima" target="_blank" title="Click to share on Facebook"><span></span><span class="sharing-screen-reader-text">Click to share on Facebook (Opens in new window)</span></a></li><li class="share-linkedin"><a rel="nofollow noopener noreferrer" data-shared="sharing-linkedin-9362" class="share-linkedin sd-button share-icon no-text" href="http://davidbazemore.com/qdlwb/michael-chandler-calls-out-conor-mcgregor" target="_blank" title="Click to share on LinkedIn"><span></span><span class="sharing-screen-reader-text">Click to share on LinkedIn (Opens in new window)</span></a></li><li class="share-twitter"><a rel="nofollow noopener noreferrer" data-shared="sharing-twitter-9362" class="share-twitter sd-button share-icon no-text" href="http://davidbazemore.com/qdlwb/dynamo-metal-fest-2022-tickets" target="_blank" title="Click to share on Twitter"><span></span><span class="sharing-screen-reader-text">Click to share on Twitter (Opens in new window)</span></a></li><li class="share-tumblr"><a rel="nofollow noopener noreferrer" data-shared="" class="share-tumblr sd-button share-icon no-text" href="http://davidbazemore.com/qdlwb/maryland-renaissance-festival-2022" target="_blank" title="Click to share on Tumblr"><span></span><span class="sharing-screen-reader-text">Click to share on Tumblr (Opens in new window)</span></a></li><li class="share-custom share-custom-instagram"><a rel="nofollow noopener noreferrer" data-shared="" class="share-custom share-custom-instagram sd-button share-icon no-text" href="http://davidbazemore.com/qdlwb/marketing-calendar-2023-australia" target="_blank" title="Click to share on Instagram"><span style='background-image:url("/media/8030/icons/instagram_16x16.png");'></span><span class="sharing-screen-reader-text">Click to share on Instagram (Opens in new window)</span></a></li><li class="share-end"></ul></div></div></div> <div id="jp-relatedposts" class="jp-relatedposts"> </div> </div> <footer class="entry-meta"> </footer> </div> <div id="nav-below" class="navigation"> <div class="nav-previous"><a href="http://davidbazemore.com/qdlwb/theoretical-framework-about-academic-anxiety" rel="prev"><i class="icon-left-dir"></i> Musical Riches at the Lobero</a></div> <div class="nav-next"></div> </div> </div> </section> <div style="clear:both;"></div> </div>  <footer id="footer" role="contentinfo"> <div id="colophon"> <div id="footer-widget-area" role="complementary" class="footerone"> <div id="first" class="widget-area"> <ul class="xoxo"> <li id="recent-posts-3" class="widget-container widget_recent_entries"> <h3 class="widget-title">juice shop cyber security<span>Recent Posts</span></h3> <ul> <li> <a href="http://davidbazemore.com/qdlwb/the-self-taught-programmer" aria-current="page">the self-taught programmer</a> </li> <li> <a href="http://davidbazemore.com/qdlwb/best-wall-mount-pressure-washer">best wall mount pressure washer</a> </li> <li> <a href="http://davidbazemore.com/qdlwb/disadvantages-of-montreal-protocol">disadvantages of montreal protocol</a> </li> <li> <a href="http://davidbazemore.com/qdlwb/perumalpuram-udangudi">perumalpuram udangudi</a> </li> <li> <a href="http://davidbazemore.com/qdlwb/how-to-create-an-app-in-visual-studio-code">how to create an app in visual studio code</a> </li> </ul> </li><li id="text-2" class="widget-container widget_text"> <div class="textwidget"><div class="fb-like" data-href="https://www.facebook.com/David-Bazemore-541361439380202/?ref=hl" data-width="100" data-layout="button" data-action="like" data-show-faces="false" data-share="false"></div></div> </li> </ul> </div> </div> </div> <div id="footer2"> <div id="footer2-inside"> <div id="site-copyright">Photos, Videos and Original Music by David Bazemore © 2016 <br> <a href="http://davidbazemore.com/qdlwb/sika-antiquing-release-color-chart">sika antiquing release color chart</a></div> <em style="display:table;margin:0 auto;float:none;text-align:center;padding:7px 0;font-size:13px;"> Powered by <a target="_blank" href="http://davidbazemore.com/qdlwb/access-policy-statement" title="Nirvana Theme by Cryout Creations">access policy statement</a> & <a target="_blank" href="http://davidbazemore.com/qdlwb/angular-httpclient-get-not-sending-request" title="Semantic Personal Publishing Platform">angular httpclient get not sending request</a></em> <div id="sfooter-full"><div class="socials" id="sfooter"> <a target="_blank" href="http://davidbazemore.com/qdlwb/forza-horizon-5-unbeatable-ai" class="socialicons social-Facebook" title="Facebook">forza horizon 5 unbeatable ai<img alt="Facebook" src="http://davidbazemore.com/wp-content/themes/nirvana/images/socials/Facebook.png"> </a> <a target="_blank" href="http://davidbazemore.com/qdlwb/work-from-home-mental-health-jobs" class="socialicons social-LinkedIn" title="Linkedin">work from home mental health jobs<img alt="LinkedIn" src="http://davidbazemore.com/wp-content/themes/nirvana/images/socials/LinkedIn.png"> </a> <a target="_blank" href="http://davidbazemore.com/qdlwb/1986-american-silver-eagle" class="socialicons social-Contact" title="Contact">1986 american silver eagle<img alt="Contact" src="http://davidbazemore.com/wp-content/themes/nirvana/images/socials/Contact.png"> </a> <a target="_blank" href="http://davidbazemore.com/qdlwb/former-president-of-chapman-university" class="socialicons social-Instagram" title="Instagram">former president of chapman university<img alt="Instagram" src="http://davidbazemore.com/wp-content/themes/nirvana/images/socials/Instagram.png"> </a></div></div> </div>  </div> </footer> </div> </div>  <script type="text/javascript"> var clicky_site_ids = clicky_site_ids || []; clicky_site_ids.push(100935303); (function() { var s = document.createElement('script'); s.type = 'text/javascript'; s.async = true; s.src = '//static.getclicky.com/js'; ( document.getElementsByTagName('head')[0] || document.getElementsByTagName('body')[0] ).appendChild( s ); })(); </script> <noscript><p><img alt="Clicky" width="1" height="1" src="//in.getclicky.com/100746374ns.gif"></p></noscript><script src="//static.getclicky.com/inc/javascript/video/youtube.js"></script>  <script type="text/javascript"> window.WPCOM_sharing_counts = {"http:\/\/davidbazemore.com\/epwdhymg\/":9362}; </script> <link rel="stylesheet" id="nirvana-mobile-css" href="http://davidbazemore.com/wp-content/themes/nirvana/styles/style-mobile.css?ver=1.2.3" type="text/css" media="all"> <script type="text/javascript" src="http://davidbazemore.com/wp-content/themes/nirvana/js/frontend.js?ver=1.2.3"></script> <script type="text/javascript" src="http://davidbazemore.com/wp-content/plugins/easy-fancybox/js/jquery.fancybox.min.js?ver=1.3.24"></script> <script type="text/javascript"> var fb_timeout, fb_opts={'overlayShow':true,'hideOnOverlayClick':true,'showCloseButton':true,'margin':20,'centerOnScroll':true,'enableEscapeButton':true,'autoScale':true }; if(typeof easy_fancybox_handler==='undefined'){ var easy_fancybox_handler=function(){ jQuery('.nofancybox,a.wp-block-file__button,a.pin-it-button,a[href*="pinterest.com/pin/create"],a[href*="facebook.com/share"],a[href*="twitter.com/share"]').addClass('nolightbox'); /* IMG */ var fb_IMG_select='a[href*=".jpg"]:not(.nolightbox,li.nolightbox>a),area[href*=".jpg"]:not(.nolightbox),a[href*=".jpeg"]:not(.nolightbox,li.nolightbox>a),area[href*=".jpeg"]:not(.nolightbox),a[href*=".png"]:not(.nolightbox,li.nolightbox>a),area[href*=".png"]:not(.nolightbox)'; jQuery(fb_IMG_select).addClass('fancybox image'); var fb_IMG_sections=jQuery('.gallery,.wp-block-gallery,.tiled-gallery,.wp-block-jetpack-tiled-gallery'); fb_IMG_sections.each(function(){jQuery(this).find(fb_IMG_select).attr('rel','gallery-'+fb_IMG_sections.index(this));}); jQuery('a.fancybox,area.fancybox,li.fancybox a').each(function(){jQuery(this).fancybox(jQuery.extend({},fb_opts,{'transitionIn':'elastic','easingIn':'easeOutBack','transitionOut':'elastic','easingOut':'easeInBack','opacity':false,'hideOnContentClick':true,'titleShow':true,'titlePosition':'outside','titleFromAlt':true,'showNavArrows':true,'enableKeyboardNav':true,'cyclic':true}))});}; jQuery('a.fancybox-close').on('click',function(e){e.preventDefault();jQuery.fancybox.close()}); }; var easy_fancybox_auto=function(){setTimeout(function(){jQuery('#fancybox-auto').trigger('click')},1000);}; jQuery(easy_fancybox_handler);jQuery(document).on('post-load',easy_fancybox_handler); jQuery(easy_fancybox_auto); </script> <script type="text/javascript" src="http://davidbazemore.com/wp-content/plugins/easy-fancybox/js/jquery.easing.min.js?ver=1.4.1"></script> <script type="text/javascript" src="http://davidbazemore.com/wp-content/plugins/easy-fancybox/js/jquery.mousewheel.min.js?ver=3.1.13"></script> <script type="text/javascript" src="https://c0.wp.com/c/5.3.14/wp-includes/js/wp-embed.min.js"></script> <script type="text/javascript"> /* <![CDATA[ */ var sharing_js_options = {"lang":"en","counts":"1","is_stats_active":"1"}; /* ]]> */ </script> <script type="text/javascript" src="https://c0.wp.com/p/jetpack/8.2.4/_inc/build/sharedaddy/sharing.min.js"></script> <script type="text/javascript"> var windowOpen; jQuery( document.body ).on( 'click', 'a.share-facebook', function() { // If there's another sharing window open, close it. if ( 'undefined' !== typeof windowOpen ) { windowOpen.close(); } windowOpen = window.open( jQuery( this ).attr( 'href' ), 'wpcomfacebook', 'menubar=1,resizable=1,width=600,height=400' ); return false; }); var windowOpen; jQuery( document.body ).on( 'click', 'a.share-linkedin', function() { // If there's another sharing window open, close it. if ( 'undefined' !== typeof windowOpen ) { windowOpen.close(); } windowOpen = window.open( jQuery( this ).attr( 'href' ), 'wpcomlinkedin', 'menubar=1,resizable=1,width=580,height=450' ); return false; }); var windowOpen; jQuery( document.body ).on( 'click', 'a.share-twitter', function() { // If there's another sharing window open, close it. if ( 'undefined' !== typeof windowOpen ) { windowOpen.close(); } windowOpen = window.open( jQuery( this ).attr( 'href' ), 'wpcomtwitter', 'menubar=1,resizable=1,width=600,height=350' ); return false; }); var windowOpen; jQuery( document.body ).on( 'click', 'a.share-tumblr', function() { // If there's another sharing window open, close it. if ( 'undefined' !== typeof windowOpen ) { windowOpen.close(); } windowOpen = window.open( jQuery( this ).attr( 'href' ), 'wpcomtumblr', 'menubar=1,resizable=1,width=450,height=450' ); return false; }); </script> <script type="text/javascript">var cryout_global_content_width = 700;</script><script type="text/javascript" src="https://stats.wp.com/e-202245.js" async="async" defer></script> <script type="text/javascript"> _stq = window._stq || []; _stq.push([ 'view', {v:'ext',j:'1:8.2.4',blog:'105286367',post:'9362',tz:'-8',srv:'davidbazemore.com'} ]); _stq.push([ 'clickTrackerInit', '105286367', '9362' ]); </script> </body> </html>