{"id":21870,"date":"2025-02-11T17:43:29","date_gmt":"2025-02-11T20:43:29","guid":{"rendered":"https:\/\/www.ethicalhacker.com.br\/site\/?p=21870"},"modified":"2025-02-17T12:14:07","modified_gmt":"2025-02-17T15:14:07","slug":"tecnica-clickfix-distribui-netsupport-rat","status":"publish","type":"post","link":"https:\/\/www.ethicalhacker.com.br\/site\/2025\/02\/exploits\/tecnica-clickfix-distribui-netsupport-rat\/","title":{"rendered":"T\u00e9cnica ClickFix distribui NetSupport RAT"},"content":{"rendered":"\n<p class=\"story-title\"><strong>Atores de amea\u00e7as exploram o ClickFix para implantar o NetSupport RAT nos \u00faltimos ataques cibern\u00e9ticos<\/strong><\/p>\n<p style=\"text-align: justify;\">Desde o in\u00edcio de 2025, atores de amea\u00e7as t\u00eam utilizado a t\u00e9cnica\u00a0<strong>ClickFix<\/strong>\u00a0para distribuir o\u00a0<strong>NetSupport RAT<\/strong>, um\u00a0<strong>Remote Access Trojan (RAT)<\/strong>\u00a0que concede controle total sobre o dispositivo da v\u00edtima. Essa t\u00e9cnica envolve a inje\u00e7\u00e3o de uma p\u00e1gina falsa de CAPTCHA em sites comprometidos, enganando os usu\u00e1rios para que executem comandos maliciosos no PowerShell. O NetSupport RAT, originalmente uma ferramenta leg\u00edtima de suporte remoto, foi adaptado por cibercriminosos para roubar informa\u00e7\u00f5es sens\u00edveis, como capturas de tela, \u00e1udio, v\u00eddeo e arquivos.<\/p>\n<p style=\"text-align: justify;\">Neste artigo, vamos explorar como o NetSupport RAT \u00e9 distribu\u00eddo, como ele funciona e, principalmente, como voc\u00ea pode usar\u00a0<strong>scripts em Python<\/strong>\u00a0para mitigar esse tipo de amea\u00e7a. Vamos fornecer exemplos pr\u00e1ticos de como detectar e bloquear atividades suspeitas relacionadas ao ClickFix e ao NetSupport RAT.<\/p>\n<p>\u00a0<\/p>\n<p><strong>Como o NetSupport RAT \u00e9 distribu\u00eddo?<\/strong><\/p>\n<p>O NetSupport RAT \u00e9 distribu\u00eddo por meio da t\u00e9cnica\u00a0<strong>ClickFix<\/strong>, que envolve as seguintes etapas:<\/p>\n<ul>\n<li>\n<p style=\"text-align: justify;\"><strong>Inje\u00e7\u00e3o de p\u00e1gina falsa<\/strong>: Os atores de amea\u00e7as injetam uma p\u00e1gina falsa de CAPTCHA em sites comprometidos.<\/p>\n<\/li>\n<li>\n<p><strong>Engenharia social<\/strong>: A p\u00e1gina falsa instrui os usu\u00e1rios a copiar e executar comandos no PowerShell.<\/p>\n<\/li>\n<li>\n<p style=\"text-align: justify;\"><strong>Execu\u00e7\u00e3o de comandos maliciosos<\/strong>: O comando PowerShell baixa e executa o cliente NetSupport RAT a partir de um servidor remoto.<\/p>\n<\/li>\n<li>\n<p style=\"text-align: justify;\"><strong>Controle remoto<\/strong>: O RAT concede controle total sobre o dispositivo da v\u00edtima, permitindo monitoramento em tempo real, transfer\u00eancia de arquivos e execu\u00e7\u00e3o de comandos maliciosos.<\/p>\n<\/li>\n<\/ul>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhmdt8iUWaT9sOjgJlSVmNQ8QV9R2nlGfc3R6Ed2myuH-NjOTMX4MXz_d7OtDlHnwPLuvE1qNB_FWA4HjGUVFzSR_uDVigRwyKIfvgIRVEpjJ-XW-jfRztWIztUPummYpijgqKpTKHuWds9hv94_-XFveVi9BsMyIa__Dg7-DlXIwDhVDMYRVk1ptbU6DtA\/s728-rw-e365\/clickfix.png\" width=\"608\" height=\"340\" \/><\/p>\n<p>\u00a0<\/p>\n<p><strong>Comportamento do NetSupport RAT<\/strong><\/p>\n<p>O NetSupport RAT possui as seguintes capacidades:<\/p>\n<ul>\n<li>\n<p><strong>Monitoramento de tela<\/strong>: Captura o conte\u00fado da tela em tempo real.<\/p>\n<\/li>\n<li>\n<p><strong>Controle de teclado e mouse<\/strong>: Permite o controle remoto do dispositivo.<\/p>\n<\/li>\n<li>\n<p><strong>Transfer\u00eancia de arquivos<\/strong>: Upload e download de arquivos.<\/p>\n<\/li>\n<li>\n<p><strong>Execu\u00e7\u00e3o de comandos<\/strong>: Executa comandos maliciosos no sistema infectado.<\/p>\n<\/li>\n<\/ul>\n<p>\u00a0<\/p>\n<p><strong>Mitiga\u00e7\u00e3o com Python<\/strong><\/p>\n<p style=\"text-align: justify;\">Vamos criar scripts em Python para detectar e mitigar atividades suspeitas relacionadas ao NetSupport RAT e \u00e0 t\u00e9cnica ClickFix.<\/p>\n<p>\u00a0<\/p>\n<p>1.\u00a0<strong>Detec\u00e7\u00e3o de comandos PowerShell maliciosos<\/strong><\/p>\n<p style=\"text-align: justify;\">A t\u00e9cnica ClickFix envolve a execu\u00e7\u00e3o de comandos PowerShell maliciosos. Podemos criar um script para monitorar a execu\u00e7\u00e3o de comandos PowerShell suspeitos.<\/p>\n<p>\u00a0<\/p>\n<p><strong>Script de monitoramento de PowerShell<\/strong><\/p>\n<pre><strong><span class=\"token keyword\">import<\/span> subprocess\n<span class=\"token keyword\">import<\/span> re\n\n<span class=\"token comment\"># Lista de comandos PowerShell suspeitos<\/span>\ncomandos_suspeitos <span class=\"token operator\">=<\/span> <span class=\"token punctuation\">[<\/span>\n    <span class=\"token string\">r\"Invoke-WebRequest\"<\/span><span class=\"token punctuation\">,<\/span>\n    <span class=\"token string\">r\"Start-Process\"<\/span><span class=\"token punctuation\">,<\/span>\n    <span class=\"token string\">r\"NetSupport\"<\/span><span class=\"token punctuation\">,<\/span>\n    <span class=\"token string\">r\"DownloadFile\"<\/span><span class=\"token punctuation\">,<\/span>\n<span class=\"token punctuation\">]<\/span>\n\n<span class=\"token keyword\">def<\/span> <span class=\"token function\">monitorar_powershell<\/span><span class=\"token punctuation\">(<\/span><span class=\"token punctuation\">)<\/span><span class=\"token punctuation\">:<\/span>\n    <span class=\"token keyword\">try<\/span><span class=\"token punctuation\">:<\/span>\n        <span class=\"token comment\"># Executa o comando para listar processos PowerShell<\/span>\n        processos <span class=\"token operator\">=<\/span> subprocess<span class=\"token punctuation\">.<\/span>check_output<span class=\"token punctuation\">(<\/span><span class=\"token punctuation\">[<\/span><span class=\"token string\">\"ps\"<\/span><span class=\"token punctuation\">,<\/span> <span class=\"token string\">\"-e\"<\/span><span class=\"token punctuation\">,<\/span> <span class=\"token string\">\"-o\"<\/span><span class=\"token punctuation\">,<\/span> <span class=\"token string\">\"args\"<\/span><span class=\"token punctuation\">]<\/span><span class=\"token punctuation\">)<\/span><span class=\"token punctuation\">.<\/span>decode<span class=\"token punctuation\">(<\/span><span class=\"token string\">\"utf-8\"<\/span><span class=\"token punctuation\">)<\/span>\n        \n        <span class=\"token keyword\">for<\/span> linha <span class=\"token keyword\">in<\/span> processos<span class=\"token punctuation\">.<\/span>splitlines<span class=\"token punctuation\">(<\/span><span class=\"token punctuation\">)<\/span><span class=\"token punctuation\">:<\/span>\n            <span class=\"token keyword\">if<\/span> <span class=\"token string\">\"powershell\"<\/span> <span class=\"token keyword\">in<\/span> linha<span class=\"token punctuation\">.<\/span>lower<span class=\"token punctuation\">(<\/span><span class=\"token punctuation\">)<\/span><span class=\"token punctuation\">:<\/span>\n                <span class=\"token keyword\">for<\/span> comando <span class=\"token keyword\">in<\/span> comandos_suspeitos<span class=\"token punctuation\">:<\/span>\n                    <span class=\"token keyword\">if<\/span> re<span class=\"token punctuation\">.<\/span>search<span class=\"token punctuation\">(<\/span>comando<span class=\"token punctuation\">,<\/span> linha<span class=\"token punctuation\">,<\/span> re<span class=\"token punctuation\">.<\/span>IGNORECASE<span class=\"token punctuation\">)<\/span><span class=\"token punctuation\">:<\/span>\n                        <span class=\"token keyword\">print<\/span><span class=\"token punctuation\">(<\/span><span class=\"token string-interpolation\"><span class=\"token string\">f\"[ALERTA] Comando PowerShell suspeito detectado: <\/span><span class=\"token interpolation\"><span class=\"token punctuation\">{<\/span>linha<span class=\"token punctuation\">}<\/span><\/span><span class=\"token string\">\"<\/span><\/span><span class=\"token punctuation\">)<\/span>\n    <span class=\"token keyword\">except<\/span> Exception <span class=\"token keyword\">as<\/span> e<span class=\"token punctuation\">:<\/span>\n        <span class=\"token keyword\">print<\/span><span class=\"token punctuation\">(<\/span><span class=\"token string-interpolation\"><span class=\"token string\">f\"Erro ao monitorar processos: <\/span><span class=\"token interpolation\"><span class=\"token punctuation\">{<\/span>e<span class=\"token punctuation\">}<\/span><\/span><span class=\"token string\">\"<\/span><\/span><span class=\"token punctuation\">)<\/span>\n\n<span class=\"token keyword\">if<\/span> __name__ <span class=\"token operator\">==<\/span> <span class=\"token string\">\"__main__\"<\/span><span class=\"token punctuation\">:<\/span>\n    <span class=\"token keyword\">print<\/span><span class=\"token punctuation\">(<\/span><span class=\"token string\">\"[*] Iniciando monitoramento de comandos PowerShell...\"<\/span><span class=\"token punctuation\">)<\/span>\n    <span class=\"token keyword\">while<\/span> <span class=\"token boolean\">True<\/span><span class=\"token punctuation\">:<\/span>\n        monitorar_powershell<span class=\"token punctuation\">(<\/span><span class=\"token punctuation\">)<br \/><br \/><br \/><\/span><\/strong><\/pre>\n<p><strong>Como funciona?<\/strong><\/p>\n<ul>\n<li>\n<p>O script monitora processos PowerShell em execu\u00e7\u00e3o.<\/p>\n<\/li>\n<li>\n<p style=\"text-align: justify;\">Se um comando suspeito for detectado (por exemplo, &#8220;Invoke-WebRequest&#8221; ou &#8220;NetSupport&#8221;), um alerta \u00e9 gerado.<\/p>\n<\/li>\n<\/ul>\n<p>\u00a0<\/p>\n<p>2.\u00a0<strong>Bloqueio de conex\u00f5es com Servidores C2<\/strong><\/p>\n<p style=\"text-align: justify;\">O NetSupport RAT se comunica com um servidor C2 (Command and Control) para receber instru\u00e7\u00f5es. Podemos criar um script para bloquear conex\u00f5es suspeitas.<\/p>\n<p>\u00a0<\/p>\n<p><strong>Script de bloqueio de conex\u00f5es<\/strong><\/p>\n<pre><strong><span class=\"token keyword\">import<\/span> psutil\n<span class=\"token keyword\">import<\/span> os\n\n<span class=\"token comment\"># Lista de IPs suspeitos (exemplo)<\/span>\nips_suspeitos <span class=\"token operator\">=<\/span> <span class=\"token punctuation\">[<\/span><span class=\"token string\">\"192.168.1.100\"<\/span><span class=\"token punctuation\">,<\/span> <span class=\"token string\">\"10.0.0.1\"<\/span><span class=\"token punctuation\">]<\/span>\n\n<span class=\"token keyword\">def<\/span> <span class=\"token function\">bloquear_conexoes_suspeitas<\/span><span class=\"token punctuation\">(<\/span><span class=\"token punctuation\">)<\/span><span class=\"token punctuation\">:<\/span>\n    <span class=\"token keyword\">for<\/span> conexao <span class=\"token keyword\">in<\/span> psutil<span class=\"token punctuation\">.<\/span>net_connections<span class=\"token punctuation\">(<\/span>kind<span class=\"token operator\">=<\/span><span class=\"token string\">'inet'<\/span><span class=\"token punctuation\">)<\/span><span class=\"token punctuation\">:<\/span>\n        <span class=\"token keyword\">if<\/span> conexao<span class=\"token punctuation\">.<\/span>status <span class=\"token operator\">==<\/span> <span class=\"token string\">'ESTABLISHED'<\/span><span class=\"token punctuation\">:<\/span>\n            ip_remoto <span class=\"token operator\">=<\/span> conexao<span class=\"token punctuation\">.<\/span>raddr<span class=\"token punctuation\">.<\/span>ip\n            <span class=\"token keyword\">if<\/span> ip_remoto <span class=\"token keyword\">in<\/span> ips_suspeitos<span class=\"token punctuation\">:<\/span>\n                <span class=\"token keyword\">print<\/span><span class=\"token punctuation\">(<\/span><span class=\"token string-interpolation\"><span class=\"token string\">f\"[ALERTA] Conex\u00e3o suspeita detectada com <\/span><span class=\"token interpolation\"><span class=\"token punctuation\">{<\/span>ip_remoto<span class=\"token punctuation\">}<\/span><\/span><span class=\"token string\">\"<\/span><\/span><span class=\"token punctuation\">)<\/span>\n                <span class=\"token comment\"># Bloqueia a conex\u00e3o (exemplo usando iptables no Linux)<\/span>\n                os<span class=\"token punctuation\">.<\/span>system<span class=\"token punctuation\">(<\/span><span class=\"token string-interpolation\"><span class=\"token string\">f\"iptables -A INPUT -s <\/span><span class=\"token interpolation\"><span class=\"token punctuation\">{<\/span>ip_remoto<span class=\"token punctuation\">}<\/span><\/span><span class=\"token string\"> -j DROP\"<\/span><\/span><span class=\"token punctuation\">)<\/span>\n                <span class=\"token keyword\">print<\/span><span class=\"token punctuation\">(<\/span><span class=\"token string-interpolation\"><span class=\"token string\">f\"[INFO] Conex\u00e3o com <\/span><span class=\"token interpolation\"><span class=\"token punctuation\">{<\/span>ip_remoto<span class=\"token punctuation\">}<\/span><\/span><span class=\"token string\"> bloqueada.\"<\/span><\/span><span class=\"token punctuation\">)<\/span>\n\n<span class=\"token keyword\">if<\/span> __name__ <span class=\"token operator\">==<\/span> <span class=\"token string\">\"__main__\"<\/span><span class=\"token punctuation\">:<\/span>\n    <span class=\"token keyword\">print<\/span><span class=\"token punctuation\">(<\/span><span class=\"token string\">\"[*] Iniciando monitoramento de conex\u00f5es...\"<\/span><span class=\"token punctuation\">)<\/span>\n    <span class=\"token keyword\">while<\/span> <span class=\"token boolean\">True<\/span><span class=\"token punctuation\">:<\/span>\n        bloquear_conexoes_suspeitas<span class=\"token punctuation\">(<\/span><span class=\"token punctuation\">)<br \/><br \/><br \/><br \/><\/span><\/strong><\/pre>\n<p><strong>Como funciona?<\/strong><\/p>\n<ul>\n<li>\n<p>O script monitora conex\u00f5es de rede ativas.<\/p>\n<\/li>\n<li>\n<p style=\"text-align: justify;\">Se uma conex\u00e3o for detectada com um IP suspeito, ele bloqueia a conex\u00e3o usando\u00a0<code>iptables<\/code>\u00a0(no Linux).<\/p>\n<\/li>\n<\/ul>\n<p>\u00a0<\/p>\n<p>3.\u00a0<strong>Detec\u00e7\u00e3o de processos do NetSupport RAT<\/strong><\/p>\n<p>Podemos criar um script para detectar processos suspeitos relacionados ao NetSupport RAT.<\/p>\n<p>\u00a0<\/p>\n<p><strong>Script de detec\u00e7\u00e3o de processos<\/strong><\/p>\n<pre><strong><span class=\"token keyword\">import<\/span> psutil\n\n<span class=\"token comment\"># Lista de processos suspeitos<\/span>\nprocessos_suspeitos <span class=\"token operator\">=<\/span> <span class=\"token punctuation\">[<\/span><span class=\"token string\">\"NetSupport\"<\/span><span class=\"token punctuation\">,<\/span> <span class=\"token string\">\"nsclient\"<\/span><span class=\"token punctuation\">]<\/span>\n\n<span class=\"token keyword\">def<\/span> <span class=\"token function\">detectar_processos_suspeitos<\/span><span class=\"token punctuation\">(<\/span><span class=\"token punctuation\">)<\/span><span class=\"token punctuation\">:<\/span>\n    <span class=\"token keyword\">for<\/span> processo <span class=\"token keyword\">in<\/span> psutil<span class=\"token punctuation\">.<\/span>process_iter<span class=\"token punctuation\">(<\/span><span class=\"token punctuation\">[<\/span><span class=\"token string\">'pid'<\/span><span class=\"token punctuation\">,<\/span> <span class=\"token string\">'name'<\/span><span class=\"token punctuation\">]<\/span><span class=\"token punctuation\">)<\/span><span class=\"token punctuation\">:<\/span>\n        <span class=\"token keyword\">try<\/span><span class=\"token punctuation\">:<\/span>\n            nome_processo <span class=\"token operator\">=<\/span> processo<span class=\"token punctuation\">.<\/span>info<span class=\"token punctuation\">[<\/span><span class=\"token string\">'name'<\/span><span class=\"token punctuation\">]<\/span><span class=\"token punctuation\">.<\/span>lower<span class=\"token punctuation\">(<\/span><span class=\"token punctuation\">)<\/span>\n            <span class=\"token keyword\">for<\/span> suspeito <span class=\"token keyword\">in<\/span> processos_suspeitos<span class=\"token punctuation\">:<\/span>\n                <span class=\"token keyword\">if<\/span> suspeito<span class=\"token punctuation\">.<\/span>lower<span class=\"token punctuation\">(<\/span><span class=\"token punctuation\">)<\/span> <span class=\"token keyword\">in<\/span> nome_processo<span class=\"token punctuation\">:<\/span>\n                    <span class=\"token keyword\">print<\/span><span class=\"token punctuation\">(<\/span><span class=\"token string-interpolation\"><span class=\"token string\">f\"[ALERTA] Processo suspeito detectado: <\/span><span class=\"token interpolation\"><span class=\"token punctuation\">{<\/span>nome_processo<span class=\"token punctuation\">}<\/span><\/span><span class=\"token string\"> <br \/>(PID: <\/span><span class=\"token interpolation\"><span class=\"token punctuation\">{<\/span>processo<span class=\"token punctuation\">.<\/span>info<span class=\"token punctuation\">[<\/span><span class=\"token string\">'pid'<\/span><span class=\"token punctuation\">]<\/span><span class=\"token punctuation\">}<\/span><\/span><span class=\"token string\">)\"<\/span><\/span><span class=\"token punctuation\">)<\/span>\n        <span class=\"token keyword\">except<\/span> <span class=\"token punctuation\">(<\/span>psutil<span class=\"token punctuation\">.<\/span>NoSuchProcess<span class=\"token punctuation\">,<\/span> psutil<span class=\"token punctuation\">.<\/span>AccessDenied<span class=\"token punctuation\">,<\/span> psutil<span class=\"token punctuation\">.<\/span>ZombieProcess<span class=\"token punctuation\">)<\/span><span class=\"token punctuation\">:<\/span>\n            <span class=\"token keyword\">continue<\/span>\n\n<span class=\"token keyword\">if<\/span> __name__ <span class=\"token operator\">==<\/span> <span class=\"token string\">\"__main__\"<\/span><span class=\"token punctuation\">:<\/span>\n    <span class=\"token keyword\">print<\/span><span class=\"token punctuation\">(<\/span><span class=\"token string\">\"[*] Iniciando detec\u00e7\u00e3o de processos suspeitos...\"<\/span><span class=\"token punctuation\">)<\/span>\n    <span class=\"token keyword\">while<\/span> <span class=\"token boolean\">True<\/span><span class=\"token punctuation\">:<br \/><br \/><br \/><\/span><\/strong><\/pre>\n<p><strong>Como Funciona?<\/strong><\/p>\n<ul>\n<li>\n<p>O script verifica se h\u00e1 processos com nomes suspeitos, como &#8220;NetSupport&#8221; ou &#8220;nsclient&#8221;.<\/p>\n<\/li>\n<li>\n<p>Se um processo suspeito for detectado, um alerta \u00e9 gerado.<\/p>\n<\/li>\n<\/ul>\n<p>\u00a0<\/p>\n<p><strong>Conclus\u00e3o<\/strong><\/p>\n<p style=\"text-align: justify;\">O NetSupport RAT \u00e9 uma amea\u00e7a s\u00e9ria que usa t\u00e9cnicas como\u00a0<strong>ClickFix<\/strong>\u00a0para enganar os usu\u00e1rios e ganhar controle total sobre seus dispositivos. No entanto, com scripts de monitoramento e mitiga\u00e7\u00e3o em Python, \u00e9 poss\u00edvel detectar e bloquear atividades suspeitas antes que causem danos.<\/p>\n<p style=\"text-align: justify;\">Lembre-se de que a seguran\u00e7a cibern\u00e9tica \u00e9 um processo cont\u00ednuo. Mantenha seus sistemas atualizados, eduque os usu\u00e1rios sobre os riscos de engenharia social e use ferramentas de detec\u00e7\u00e3o e resposta para proteger sua infraestrutura.<\/p>\n<p>\u00a0<\/p>\n<p>Fonte e imagens: <a href=\"https:\/\/thehackernews.com\/2025\/02\/threat-actors-exploit-clickfix-to.html\" target=\"_blank\" rel=\"noopener\">https:\/\/thehackernews.com\/2025\/02\/threat-actors-exploit-clickfix-to.html<\/a><\/p>\n<pre><strong><span class=\"token punctuation\">\u00a0<\/span><\/strong><\/pre>\n<pre><strong><span class=\"token punctuation\">\u00a0<\/span><\/strong><\/pre>\n<pre><strong><span class=\"token punctuation\">\u00a0<\/span><\/strong><\/pre>\n\n\n","protected":false},"excerpt":{"rendered":"<p>Atores de amea\u00e7as exploram o ClickFix para implantar o NetSupport RAT nos \u00faltimos ataques cibern\u00e9ticos Desde o in\u00edcio de 2025, atores de amea\u00e7as t\u00eam utilizado a t\u00e9cnica\u00a0ClickFix\u00a0para distribuir o\u00a0NetSupport RAT, um\u00a0Remote Access Trojan (RAT)\u00a0que concede controle total sobre o dispositivo da v\u00edtima. Essa t\u00e9cnica envolve a inje\u00e7\u00e3o de uma p\u00e1gina falsa de CAPTCHA em sites [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":21876,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[89,100,21,105],"tags":[],"class_list":["post-21870","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-basico","category-diversos","category-exploits","category-noticias"],"_links":{"self":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/21870","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/comments?post=21870"}],"version-history":[{"count":6,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/21870\/revisions"}],"predecessor-version":[{"id":21877,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/21870\/revisions\/21877"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/media\/21876"}],"wp:attachment":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/media?parent=21870"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/categories?post=21870"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/tags?post=21870"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}