{"id":22499,"date":"2025-06-21T18:58:38","date_gmt":"2025-06-21T21:58:38","guid":{"rendered":"https:\/\/www.ethicalhacker.com.br\/site\/?p=22499"},"modified":"2025-06-21T18:58:38","modified_gmt":"2025-06-21T21:58:38","slug":"novas-falhas-no-linux-permitem-privilegios","status":"publish","type":"post","link":"https:\/\/www.ethicalhacker.com.br\/site\/2025\/06\/basico\/novas-falhas-no-linux-permitem-privilegios\/","title":{"rendered":"Novas falhas no Linux permitem privil\u00e9gios"},"content":{"rendered":"\n<p data-start=\"127\" data-end=\"212\"><strong>Novas falhas no Linux permitem escalada de privil\u00e9gios at\u00e9 root via PAM e Udisks<\/strong><\/p>\n<p style=\"text-align: justify;\" data-start=\"214\" data-end=\"609\">Pesquisadores da Qualys revelaram recentemente duas vulnerabilidades cr\u00edticas de escalonamento local de privil\u00e9gios (LPE) que afetam amplamente distribui\u00e7\u00f5es Linux populares, permitindo que atacantes obtenham acesso root total em segundos. As falhas, quando exploradas em conjunto, representam uma amea\u00e7a grave para a seguran\u00e7a de sistemas Linux em ambientes corporativos e pessoais.<\/p>\n<p data-start=\"214\" data-end=\"609\">\u00a0<\/p>\n<p data-start=\"611\" data-end=\"650\"><strong>As Vulnerabilidades identificadas<\/strong><\/p>\n<p data-start=\"652\" data-end=\"701\">As falhas receberam os seguintes identificadores:<\/p>\n<ul data-start=\"703\" data-end=\"1111\">\n<li data-start=\"703\" data-end=\"903\">\n<p style=\"text-align: justify;\" data-start=\"705\" data-end=\"903\"><strong>CVE-2025-6018<\/strong> \u2013 Escalada de privil\u00e9gios de um usu\u00e1rio comum para <code data-start=\"774\" data-end=\"788\">allow_active<\/code> no m\u00f3dulo PAM (Pluggable Authentication Modules) em distribui\u00e7\u00f5es SUSE Linux Enterprise 15 e openSUSE Leap 15.<\/p>\n<\/li>\n<li data-start=\"904\" data-end=\"1111\">\n<p style=\"text-align: justify;\" data-start=\"906\" data-end=\"1111\"><strong>CVE-2025-6019<\/strong> \u2013 Escalada de privil\u00e9gios de <code data-start=\"953\" data-end=\"967\">allow_active<\/code> para root via o daemon udisks, utilizando falhas no componente libblockdev, presente por padr\u00e3o na maioria das distribui\u00e7\u00f5es Linux.<\/p>\n<\/li>\n<\/ul>\n<p>\u00a0<\/p>\n<p style=\"text-align: justify;\" data-start=\"1113\" data-end=\"1191\">Segundo Saeed Abbasi, gerente s\u00eanior da Qualys Threat Research Unit (TRU):<span style=\"font-size: revert; color: initial;\">&#8220;Esses modernos ataques &#8216;local-to-root&#8217; colapsaram a barreira entre um usu\u00e1rio comum autenticado e o controle total do sistema. Explorando servi\u00e7os leg\u00edtimos como os loop-mounts do udisks e inconsist\u00eancias do ambiente PAM, um invasor com sess\u00e3o ativa GUI ou SSH pode se tornar root em segundos.&#8221;<\/span><\/p>\n<p data-start=\"1113\" data-end=\"1191\">\u00a0<\/p>\n<p data-start=\"1497\" data-end=\"1525\"><strong>Como o ataque funciona<\/strong><\/p>\n<p data-start=\"1527\" data-end=\"1578\">O ataque \u00e9 realizado em duas etapas encadeadas:<\/p>\n<ul data-start=\"1580\" data-end=\"2004\">\n<li data-start=\"1580\" data-end=\"1779\">\n<p style=\"text-align: justify;\" data-start=\"1583\" data-end=\"1779\"><strong data-start=\"1583\" data-end=\"1600\">CVE-2025-6018<\/strong>: permite que um atacante local, n\u00e3o privilegiado, assuma a identidade <code data-start=\"1671\" data-end=\"1685\">allow_active<\/code>, que \u00e9 normalmente associada a usu\u00e1rios fisicamente presentes ou com sess\u00f5es gr\u00e1ficas ativas.<\/p>\n<\/li>\n<li data-start=\"1780\" data-end=\"2004\">\n<p style=\"text-align: justify;\" data-start=\"1783\" data-end=\"2004\"><strong data-start=\"1783\" data-end=\"1800\">CVE-2025-6019<\/strong>: permite que esse usu\u00e1rio <code data-start=\"1827\" data-end=\"1841\">allow_active<\/code> invoque a\u00e7\u00f5es privilegiadas do daemon <code data-start=\"1880\" data-end=\"1888\">udisks, <\/code>como montar dispositivos e, a partir da\u00ed, escalonar para root, utilizando permiss\u00f5es herdadas via <code data-start=\"1995\" data-end=\"2003\">polkit<\/code>.<\/p>\n<\/li>\n<\/ul>\n<p>\u00a0<\/p>\n<p><span style=\"font-size: revert; color: initial;\">Como o <\/span><code data-start=\"2015\" data-end=\"2023\">udisks<\/code><span style=\"font-size: revert; color: initial;\"> est\u00e1 presente por padr\u00e3o em quase todas as distribui\u00e7\u00f5es modernas, a cadeia de ataque afeta sistemas como <\/span>Ubuntu, Debian, Fedora<span style=\"font-size: revert; color: initial;\"> e <\/span>openSUSE Leap 15<span style=\"font-size: revert; color: initial;\">.<\/span><\/p>\n<p>\u00a0<\/p>\n<p data-start=\"2187\" data-end=\"2215\"><strong>Acesso root e impactos<\/strong><\/p>\n<p data-start=\"2217\" data-end=\"2264\">Ap\u00f3s obter acesso como <code data-start=\"2240\" data-end=\"2246\">root<\/code>, o atacante pode:<\/p>\n<ul data-start=\"2266\" data-end=\"2488\">\n<li data-start=\"2266\" data-end=\"2316\">\n<p data-start=\"2268\" data-end=\"2316\">Modificar configura\u00e7\u00f5es de seguran\u00e7a do sistema;<\/p>\n<\/li>\n<li data-start=\"2317\" data-end=\"2355\">\n<p data-start=\"2319\" data-end=\"2355\">Instalar backdoors persistentes;<\/p>\n<\/li>\n<li data-start=\"2356\" data-end=\"2401\">\n<p data-start=\"2358\" data-end=\"2401\">Esconder sua presen\u00e7a por meio de rootkits;<\/p>\n<\/li>\n<li data-start=\"2402\" data-end=\"2488\">\n<p data-start=\"2404\" data-end=\"2488\">Usar a m\u00e1quina como ponto de pivotamento para comprometer outros ativos da rede.<\/p>\n<\/li>\n<\/ul>\n<p>\u00a0<\/p>\n<p style=\"text-align: justify;\" data-start=\"2490\" data-end=\"2617\">A Qualys desenvolveu provas de conceito (PoC) confirmando a explora\u00e7\u00e3o bem-sucedida dessas falhas nas principais distribui\u00e7\u00f5es.<\/p>\n<p data-start=\"2490\" data-end=\"2617\">\u00a0<\/p>\n<p><strong>Mitiga\u00e7\u00e3o e Corre\u00e7\u00f5es<\/strong><\/p>\n<p><strong>Atualiza\u00e7\u00f5es oficiais e solu\u00e7\u00f5es tempor\u00e1rias<\/strong><\/p>\n<ul>\n<li>\n<p class=\"ds-markdown-paragraph\"><strong>SUSE<\/strong>: J\u00e1 liberou patches para ambas as falhas<span class=\"ds-markdown-cite\">2<\/span>.<\/p>\n<\/li>\n<li>\n<p class=\"ds-markdown-paragraph\"><strong>Ubuntu\/Debian\/Fedora<\/strong>: Verifique atualiza\u00e7\u00f5es de seguran\u00e7a via:<\/p>\n<div class=\"md-code-block md-code-block-light\">\n<div class=\"md-code-block-banner-wrap\">\n<div class=\"md-code-block-banner md-code-block-banner-lite\">\n<div class=\"_121d384\">\n<div class=\"d2a24f03\">\u00a0<\/div>\n<\/div>\n<\/div>\n<\/div>\n<pre><span class=\"token function\">sudo<\/span> <span class=\"token function\">apt<\/span> update <span class=\"token operator\">&amp;&amp;<\/span> <span class=\"token function\">sudo<\/span> <span class=\"token function\">apt<\/span> upgrade   <span class=\"token comment\"># Debian\/Ubuntu  <\/span>\n<span class=\"token function\">sudo<\/span> dnf update                      <span class=\"token comment\"># Fedora\/RHEL  <\/span><\/pre>\n<\/div>\n<\/li>\n<\/ul>\n<ul>\n<li>\n<p class=\"ds-markdown-paragraph\">Modificar regras do Polkit\u00a0para exigir autentica\u00e7\u00e3o administrativa:<\/p>\n<div class=\"md-code-block md-code-block-light\">\n<div class=\"md-code-block-banner-wrap\">\n<div class=\"md-code-block-banner md-code-block-banner-lite\">\n<div class=\"_121d384\">\n<div class=\"d2a24f03\">\u00a0<\/div>\n<\/div>\n<\/div>\n<\/div>\n<pre><span class=\"token function\">sudo<\/span> <span class=\"token function\">nano<\/span> \/etc\/polkit-1\/rules.d\/50-udisks.rules  <\/pre>\n<\/div>\n<p class=\"ds-markdown-paragraph\">Adicione:<\/p>\n<div class=\"md-code-block md-code-block-light\">\n<div class=\"md-code-block-banner-wrap\">\n<div class=\"md-code-block-banner md-code-block-banner-lite\">\n<div class=\"_121d384\">\n<div class=\"d2a24f03\">\u00a0<\/div>\n<\/div>\n<\/div>\n<\/div>\n<pre>polkit<span class=\"token punctuation\">.<\/span><span class=\"token function\">addRule<\/span><span class=\"token punctuation\">(<\/span><span class=\"token keyword\">function<\/span><span class=\"token punctuation\">(<\/span><span class=\"token parameter\">action<span class=\"token punctuation\">,<\/span> subject<\/span><span class=\"token punctuation\">)<\/span> <span class=\"token punctuation\">{<\/span>\n    <span class=\"token keyword\">if<\/span> <span class=\"token punctuation\">(<\/span>action<span class=\"token punctuation\">.<\/span>id <span class=\"token operator\">==<\/span> <span class=\"token string\">\"org.freedesktop.udisks2.modify-device\"<\/span><span class=\"token punctuation\">)<\/span> <span class=\"token punctuation\">{<\/span>\n        <span class=\"token keyword\">return<\/span> polkit<span class=\"token punctuation\">.<\/span>Result<span class=\"token punctuation\">.<\/span><span class=\"token constant\">AUTH_ADMIN<\/span><span class=\"token punctuation\">;<\/span>\n    <span class=\"token punctuation\">}<\/span>\n<span class=\"token punctuation\">}<\/span><span class=\"token punctuation\">)<\/span><span class=\"token punctuation\">;<\/span><\/pre>\n<\/div>\n<\/li>\n<li>\n<p class=\"ds-markdown-paragraph\">Desativar\u00a0<code>pam_namespace<\/code>\u00a0(se n\u00e3o for essencial).<\/p>\n<\/li>\n<\/ul>\n<p>\u00a0<\/p>\n<p><strong>Monitoramento recomendado<\/strong><\/p>\n<ul>\n<li>\n<p class=\"ds-markdown-paragraph\">Auditar montagens suspeitas em\u00a0<code>\/tmp<\/code><\/p>\n<\/li>\n<li>\n<p class=\"ds-markdown-paragraph\">Restringir a\u00e7\u00f5es do Polkit para usu\u00e1rios &#8220;allow_active&#8221;.<\/p>\n<\/li>\n<li>Monitorar sess\u00f5es de SSH e GUI ativas que possam estar vulner\u00e1veis \u00e0 eleva\u00e7\u00e3o de privil\u00e9gios.<\/li>\n<\/ul>\n<p>\u00a0<\/p>\n<div class=\"flex basis-auto flex-col -mb-(--composer-overlap-px) [--composer-overlap-px:24px] grow overflow-hidden\">\n<div class=\"relative h-full\">\n<div class=\"flex h-full flex-col overflow-y-auto [scrollbar-gutter:stable_both-edges] @[84rem]\/thread:pt-(--header-height)\">\n<div class=\"@thread-xl\/thread:pt-header-height mt-1.5 flex flex-col text-sm pb-25\">\n<article class=\"text-token-text-primary w-full\" dir=\"auto\" data-testid=\"conversation-turn-8\" data-scroll-anchor=\"false\">\n<div class=\"text-base my-auto mx-auto py-5 [--thread-content-margin:--spacing(4)] @[37rem]:[--thread-content-margin:--spacing(6)] @[72rem]:[--thread-content-margin:--spacing(16)] px-(--thread-content-margin)\">\n<div class=\"[--thread-content-max-width:32rem] @[34rem]:[--thread-content-max-width:40rem] @[64rem]:[--thread-content-max-width:48rem] mx-auto flex max-w-(--thread-content-max-width) flex-1 text-base gap-4 md:gap-5 lg:gap-6 group\/turn-messages focus-visible:outline-hidden\" tabindex=\"-1\">\n<div class=\"group\/conversation-turn relative flex w-full min-w-0 flex-col agent-turn\">\n<div class=\"relative flex-col gap-1 md:gap-3\">\n<div class=\"flex max-w-full flex-col grow\">\n<div class=\"min-h-8 text-message relative flex w-full flex-col items-end gap-2 text-start break-words whitespace-normal [.text-message+&amp;]:mt-5\" dir=\"auto\" data-message-author-role=\"assistant\" data-message-id=\"c62a5671-95ab-4399-adec-08fdd5e7d44d\" data-message-model-slug=\"gpt-4o\">\n<div class=\"flex w-full flex-col gap-1 empty:hidden first:pt-[3px]\">\n<div class=\"markdown prose dark:prose-invert w-full break-words light\">\n<p data-start=\"3249\" data-end=\"3303\"><strong>Terceira falha descoberta no PAM: CVE-2025-6020<\/strong><\/p>\n<p style=\"text-align: justify;\" data-start=\"3305\" data-end=\"3441\">Al\u00e9m das falhas acima, foi revelada tamb\u00e9m uma vulnerabilidade cr\u00edtica de path traversal no m\u00f3dulo <code data-start=\"3408\" data-end=\"3423\">pam_namespace<\/code> do Linux PAM:<\/p>\n<ul data-start=\"3443\" data-end=\"3686\">\n<li data-start=\"3443\" data-end=\"3616\">\n<p data-start=\"3445\" data-end=\"3616\"><strong data-start=\"3445\" data-end=\"3462\">CVE-2025-6020<\/strong> \u2013 permite a eleva\u00e7\u00e3o de privil\u00e9gios a partir de caminhos controlados pelo usu\u00e1rio, via ataques com symlinks e condi\u00e7\u00f5es de corrida (race conditions).<\/p>\n<\/li>\n<li data-start=\"3617\" data-end=\"3649\">\n<p data-start=\"3619\" data-end=\"3649\"><strong data-start=\"3619\" data-end=\"3638\">Pontua\u00e7\u00e3o CVSS:<\/strong> 7.8 (Alta)<\/p>\n<\/li>\n<li data-start=\"3650\" data-end=\"3686\">\n<p data-start=\"3652\" data-end=\"3686\"><strong data-start=\"3652\" data-end=\"3686\">Afeta vers\u00f5es do PAM at\u00e9 1.7.0<\/strong><\/p>\n<\/li>\n<\/ul>\n<p>\u00a0<\/p>\n<p data-start=\"3688\" data-end=\"3725\">Segundo o mantenedor Dmitry V. Levin:<span style=\"font-size: revert; color: initial;\">&#8220;O pam_namespace acessava caminhos controlados por usu\u00e1rios sem as devidas prote\u00e7\u00f5es, o que permitia eleva\u00e7\u00e3o de privil\u00e9gios por meio de m\u00faltiplos vetores.&#8221;<\/span><\/p>\n<p data-start=\"3688\" data-end=\"3725\">\u00a0<\/p>\n<p data-start=\"3887\" data-end=\"3923\"><strong>Mitiga\u00e7\u00f5es para CVE-2025-6020:<\/strong><\/p>\n<ul data-start=\"3925\" data-end=\"4223\">\n<li data-start=\"3925\" data-end=\"3984\">\n<p data-start=\"3927\" data-end=\"3984\">Atualizar o Linux-PAM para a vers\u00e3o 1.7.1 ou superior<\/p>\n<\/li>\n<li data-start=\"3985\" data-end=\"4034\">\n<p data-start=\"3987\" data-end=\"4034\">Desativar <code data-start=\"3997\" data-end=\"4012\">pam_namespace<\/code> se n\u00e3o for necess\u00e1rio<\/p>\n<\/li>\n<li data-start=\"4035\" data-end=\"4136\">\n<p data-start=\"4037\" data-end=\"4136\">Certificar-se de que nenhum diret\u00f3rio polinstanciado est\u00e1 em um caminho sob controle do usu\u00e1rio<\/p>\n<\/li>\n<li data-start=\"4137\" data-end=\"4223\">\n<p data-start=\"4139\" data-end=\"4223\">Atualizar o script <code data-start=\"4158\" data-end=\"4174\">namespace.init<\/code>, caso esteja utilizando uma vers\u00e3o personalizada<\/p>\n<\/li>\n<\/ul>\n<p>\u00a0<\/p>\n<p data-start=\"4230\" data-end=\"4245\"><strong>Conclus\u00e3o<\/strong><\/p>\n<p style=\"text-align: justify;\" data-start=\"4247\" data-end=\"4530\">Essas falhas ressaltam a import\u00e2ncia cr\u00edtica da seguran\u00e7a em camadas no Linux. Embora o modelo de permiss\u00f5es do sistema operacional seja robusto, a combina\u00e7\u00e3o de pequenas permiss\u00f5es e servi\u00e7os padr\u00e3o mal configurados pode criar vetores perigosos para escalada de privil\u00e9gios.<\/p>\n<p style=\"text-align: justify;\" data-start=\"4532\" data-end=\"4713\">Administradores de sistemas Linux devem aplicar imediatamente as atualiza\u00e7\u00f5es dispon\u00edveis e rever configura\u00e7\u00f5es de seguran\u00e7a relacionadas a PAM, Polkit e servi\u00e7os como <code data-start=\"4704\" data-end=\"4712\">udisks<\/code>.<\/p>\n<\/div>\n<p style=\"text-align: justify;\" data-start=\"4532\" data-end=\"4713\">Resumindo essas vulnerabilidades representam uma amea\u00e7a cr\u00edtica\u00a0devido \u00e0 facilidade de explora\u00e7\u00e3o e \u00e0 ubiquidade dos componentes afetados. Organiza\u00e7\u00f5es devem:<\/p>\n<ul>\n<li style=\"text-align: justify;\" data-start=\"4532\" data-end=\"4713\"><strong>Aplicar patches imediatamente<\/strong><\/li>\n<li style=\"text-align: justify;\" data-start=\"4532\" data-end=\"4713\"><strong>Revisar pol\u00edticas de autentica\u00e7\u00e3o PAM e Polkit<\/strong><\/li>\n<li style=\"text-align: justify;\" data-start=\"4532\" data-end=\"4713\"><strong>Monitorar atividades suspeitas em sistemas Linux<\/strong>.<\/li>\n<\/ul>\n<p>\u00a0<\/p>\n<\/div>\n<p>Fonte e imagens: <a href=\"https:\/\/thehackernews.com\/2025\/06\/new-linux-flaws-enable-full-root-access.html\" target=\"_blank\" rel=\"noopener\">https:\/\/thehackernews.com\/2025\/06\/new-linux-flaws-enable-full-root-access.html<\/a><\/p>\n<p data-start=\"4532\" data-end=\"4713\">\u00a0<\/p>\n<p data-start=\"4532\" data-end=\"4713\">\u00a0<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/article>\n<div class=\"pointer-events-none h-px w-px\" aria-hidden=\"true\" data-edge=\"true\">\u00a0<\/div>\n<div>\u00a0<\/div>\n<div>\u00a0<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div id=\"thread-bottom-container\" class=\"isolate z-3 w-full basis-auto has-data-has-thread-error:pt-2 has-data-has-thread-error:[box-shadow:var(--sharp-edge-bottom-shadow)] md:border-transparent md:pt-0 dark:border-white\/20 md:dark:border-transparent flex flex-col\">\n<div id=\"thread-bottom\">\n<div class=\"text-base mx-auto [--thread-content-margin:--spacing(4)] @[37rem]:[--thread-content-margin:--spacing(6)] @[72rem]:[--thread-content-margin:--spacing(16)] px-(--thread-content-margin)\">\n<div class=\"[--thread-content-max-width:32rem] @[34rem]:[--thread-content-max-width:40rem] @[64rem]:[--thread-content-max-width:48rem] mx-auto flex max-w-(--thread-content-max-width) flex-1 text-base gap-4 md:gap-5 lg:gap-6\">\n<div class=\"flex justify-center empty:hidden\">\u00a0<\/div>\n<div class=\"max-xs:[--force-hide-label:none] relative z-1 flex h-full max-w-full flex-1 flex-col\" aria-haspopup=\"dialog\" aria-expanded=\"false\" aria-controls=\"radix-\u00abR695ij59jm595j5\u00bb\" data-state=\"closed\">\n<div class=\"absolute start-0 end-0 bottom-full z-20\">\u00a0<\/div>\n<form class=\"w-full [view-transition-name:var(--vt-composer)]\" data-type=\"unified-composer\">\n<div class=\"bg-token-bg-primary flex w-full cursor-text flex-col items-center justify-center overflow-clip bg-clip-padding contain-inline-size dark:bg-[#303030] shadow-short rounded-[28px]\">\n<div class=\"relative flex w-full items-end px-2.5 py-2.5\">\n<div class=\"relative flex w-full flex-auto flex-col\">\n<div class=\"relative mx-2.5 grid grid-cols-[auto_minmax(0,1fr)]\">\n<div class=\"items-top flex justify-center\">\n<div>\u00a0<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/form><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<p>\u00a0<\/p>\n<p>\u00a0<\/p>\n<p data-start=\"1113\" data-end=\"1191\">\u00a0<\/p>\n<p data-start=\"1113\" data-end=\"1191\">\u00a0<\/p>\n\n\n\n\n\n\n\n\n\n\n","protected":false},"excerpt":{"rendered":"<p>Novas falhas no Linux permitem escalada de privil\u00e9gios at\u00e9 root via PAM e Udisks Pesquisadores da Qualys revelaram recentemente duas vulnerabilidades cr\u00edticas de escalonamento local de privil\u00e9gios (LPE) que afetam amplamente distribui\u00e7\u00f5es Linux populares, permitindo que atacantes obtenham acesso root total em segundos. As falhas, quando exploradas em conjunto, representam uma amea\u00e7a grave para a [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":22503,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[89,100,105],"tags":[],"class_list":["post-22499","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-basico","category-diversos","category-noticias"],"_links":{"self":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/22499","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/comments?post=22499"}],"version-history":[{"count":12,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/22499\/revisions"}],"predecessor-version":[{"id":22512,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/22499\/revisions\/22512"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/media\/22503"}],"wp:attachment":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/media?parent=22499"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/categories?post=22499"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/tags?post=22499"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}